From c5c48fa22d1fbc2a64ace452084290a928208dfc Mon Sep 17 00:00:00 2001 From: Ivan Californias Date: Wed, 11 Dec 2024 22:29:25 -0600 Subject: [PATCH 01/16] hub-api: add org management api specs --- content/reference/api/hub/latest.yaml | 2381 +++++++++++++++---------- 1 file changed, 1440 insertions(+), 941 deletions(-) diff --git a/content/reference/api/hub/latest.yaml b/content/reference/api/hub/latest.yaml index 94f3366a5447..c1b35f17cde3 100644 --- a/content/reference/api/hub/latest.yaml +++ b/content/reference/api/hub/latest.yaml @@ -6,112 +6,104 @@ info: url: https://docs.docker.com/assets/images/logo-docker-main.png href: /reference description: | - Docker Hub is a service provided by Docker for finding and sharing container - images with your team. + Docker Hub is a service provided by Docker for finding and sharing container images with your team. It is the world's largest library and community for container images. - In addition to the [Docker Hub UI](https://docs.docker.com/docker-hub/) and [Docker Hub CLI tool](https://github.com/docker/hub-tool#readme) (currently experimental), - - Docker provides an API that allows you to interact with Docker Hub. + In addition to the [Docker Hub UI](https://docs.docker.com/docker-hub/) and [Docker Hub CLI tool](https://github.com/docker/hub-tool#readme) (currently experimental), Docker provides an API that allows you to interact with Docker Hub. Browse through the Docker Hub API documentation to explore the supported endpoints. - +servers: + - description: Docker HUB API + x-audience: public + url: https://hub.docker.com tags: - name: resources x-displayName: Resources description: | The following resources are available to interact with the documented API: - - - Docker Hub CLI tool (currently experimental) + - [Docker Hub CLI tool]("https://github.com/docker/hub-tool#readme) (currently experimental) - name: rate-limiting x-displayName: Rate Limiting description: | The Docker Hub API is limited on the amount of requests you can perform per minute against it. - If you haven't hit the limit, each request to the API will return the - - following headers in the response. + If you haven't hit the limit, each request to the API will return the following headers in the response. - `X-RateLimit-Limit` - The limit of requests per minute. - `X-RateLimit-Remaining` - The remaining amount of calls within the limit period. - `X-RateLimit-Reset` - The unix timestamp of when the remaining resets. - If you have hit the limit, you will receive a response status of `429` and the `X-Retry-After` - header in the response. + If you have hit the limit, you will receive a response status of `429` and the `X-Retry-After` header in the response. The `X-Retry-After` header is a unix timestamp of when you can call the API again. - **Note**: These rate limits are separate from anti-abuse and Docker Hub - - download, or pull rate limiting. To learn more about Docker Hub pull rate - - limiting, see [Docker Hub download rate limit](https://docs.docker.com/docker-hub/download-rate-limit/). + **Note**: These rate limits are separate from anti-abuse and Docker Hub download, or pull rate limiting. + To learn more about Docker Hub pull rate limiting, see [Docker Hub download rate limit](https://docs.docker.com/docker-hub/download-rate-limit/). - name: authentication x-displayName: Authentication description: | - Most Docker Hub API endpoints require you to authenticate using your - Docker credentials before using them. + Most Docker Hub API endpoints require you to authenticate using your Docker credentials before using them. - Additionally, similar to the Docker Hub UI features, API endpoint responses may vary depending - on your plan (Personal, Pro, or Team) and your account's permissions. + Additionally, similar to the Docker Hub UI features, API endpoint responses may vary depending on your plan (Personal, Pro, or Team) and your account's permissions. To learn more about the features available in each plan and to upgrade your existing plan, see [Docker Pricing](https://www.docker.com/pricing). - name: access-tokens x-displayName: Personal Access Tokens description: | - The Personal Access Token endpoints lets you manage personal access tokens. For more - information, see [Access Tokens](https://docs.docker.com/security/for-developers/access-tokens/). + The Personal Access Token endpoints lets you manage personal access tokens. For more information, see [Access Tokens](https://docs.docker.com/security/for-developers/access-tokens/). - You can use a personal access token instead of a password in the [Docker CLI](https://docs.docker.com/engine/reference/commandline/cli/) - or in the [Create an authentication token](#operation/PostUsersLogin) route to obtain a bearer - token. + You can use a personal access token instead of a password in the [Docker CLI](https://docs.docker.com/engine/reference/commandline/cli/) or in the [Create an authentication token](#operation/PostUsersLogin) route to obtain a bearer token. ### Scopes - For each scope grouping (in this case "repo"), you only need to define 1 scope as any lower - scopes are assumed. For example: If you define `repo:write`, the API assumes the scope of both - `repo:read` *and* `repo:public_read` as well. If you were to define both `repo:write` *and* - `repo:read`, then `repo:read` is assumed by `repo:write` and ignored. + For each scope grouping (in this case "repo"), you only need to define 1 scope as any lower scopes are assumed. + For example: If you define `repo:write`, the API assumes the scope of both `repo:read` *and* `repo:public_read` as well. + If you were to define both `repo:write` *and* `repo:read`, then `repo:read` is assumed by `repo:write` and ignored. - ***Treat your personal access token like your password and keep it secret. You cannot retrieve - your token after it is generated.*** + ***Treat your personal access token like your password and keep it secret. You cannot retrieve your token after it is generated.*** - name: audit-logs x-displayName: Audit Logs description: | - The Audit Logs API endpoints allow you to query audit log events across a - namespace. + The Audit Logs API endpoints allow you to query audit log events across a namespace. For more information, see [Audit Log](https://docs.docker.com/admin/organization/activity-logs/). - name: org-settings x-displayName: Org Settings description: | - The Org Settings API endpoints allow you to manage your organization's - settings. + The Org Settings API endpoints allow you to manage your organization's settings. - name: repositories x-displayName: Repositories description: | - The repository endpoints allow you to access your repository's - tags. + The repository endpoints allow you to access your repository's tags. + - name: orgs + x-displayName: Organizations + x-audience: public + description: | + The organization endpoints allow you to interact with and manage your organizations. + + For more information, see [Organization administration overview](https://docs.docker.com/admin/organization/). + - name: groups + x-displayName: Groups (Teams) + x-audience: public + description: | + The groups endpoints allow you to manage your organization's teams and their members. + + For more information, seee [Create and manage a team](https://docs.docker.com/admin/organization/manage-a-team/). + - name: invites + x-displayName: Invites + x-audience: public + description: | + The invites endpoints allow you to manage invites for users to join your Docker organization. + + For more information, see [Invite members](https://docs.docker.com/admin/organization/members/#invite-members). - name: scim x-displayName: SCIM + x-audience: public description: | SCIM is a provisioning system that lets you manage users within your identity provider (IdP). + For more information, see [System for Cross-domain Identity management](https://docs.docker.com/security/for-admins/provisioning/scim/). -x-tagGroups: - - name: General - tags: - - resources - - rate-limiting - - name: API - tags: - - authentication - - access-tokens - - images - - audit-logs - - org-settings - - repositories - - scim paths: /v2/users/login: post: @@ -120,36 +112,33 @@ paths: summary: Create an authentication token operationId: PostUsersLogin description: | - Creates and returns a bearer token in JWT format that you can use to - authenticate with Docker Hub APIs. + Creates and returns a bearer token in JWT format that you can use to authenticate with Docker Hub APIs. The returned token is used in the HTTP Authorization header like `Authorization: Bearer {TOKEN}`. - Most Docker Hub APIs require this token either to consume or to get detailed information. For example, to list - images in a private repository. - - _**As of Monday, September 16, 2024, this route requires a PAT instead of a password if your organization has - SSO enforced.**_ + Most Docker Hub APIs require this token either to consume or to get detailed information. For example, to list images in a private repository. + + _**As of Monday, September 16, 2024, this route requires a PAT instead of a password if your organization has SSO enforced.**_ requestBody: content: application/json: schema: - $ref: "#/components/schemas/UsersLoginRequest" + $ref: '#/components/schemas/UsersLoginRequest' description: Login details. required: true responses: - 200: + '200': description: Authentication successful content: application/json: schema: - $ref: "#/components/schemas/PostUsersLoginSuccessResponse" - 401: + $ref: '#/components/schemas/PostUsersLoginSuccessResponse' + '401': description: Authentication failed or second factor required content: application/json: schema: - $ref: "#/components/schemas/PostUsersLoginErrorResponse" + $ref: '#/components/schemas/PostUsersLoginErrorResponse' /v2/users/2fa-login: post: tags: @@ -157,8 +146,7 @@ paths: summary: Second factor authentication operationId: PostUsers2FALogin description: | - When a user has two-factor authentication (2FA) enabled, this is the second call to perform after - `/v2/users/login` call. + When a user has two-factor authentication (2FA) enabled, this is the second call to perform after `/v2/users/login` call. Creates and returns a bearer token in JWT format that you can use to authenticate with Docker Hub APIs. @@ -169,22 +157,22 @@ paths: content: application/json: schema: - $ref: "#/components/schemas/Users2FALoginRequest" + $ref: '#/components/schemas/Users2FALoginRequest' description: Login details. required: true responses: - 200: + '200': description: Authentication successful content: application/json: schema: - $ref: "#/components/schemas/PostUsersLoginSuccessResponse" - 401: + $ref: '#/components/schemas/PostUsersLoginSuccessResponse' + '401': description: Authentication failed or second factor required content: application/json: schema: - $ref: "#/components/schemas/PostUsers2FALoginErrorResponse" + $ref: '#/components/schemas/PostUsers2FALoginErrorResponse' /v2/access-tokens: post: summary: Create a personal access token @@ -195,19 +183,19 @@ paths: content: application/json: schema: - $ref: "#/components/schemas/createAccessTokenRequest" + $ref: '#/components/schemas/createAccessTokenRequest' required: true responses: - 201: + '201': description: Created content: application/json: schema: - $ref: "#/components/schemas/createAccessTokensResponse" - 400: - $ref: "#/components/responses/BadRequest" - 401: - $ref: "#/components/responses/Unauthorized" + $ref: '#/components/schemas/createAccessTokensResponse' + '400': + $ref: '#/components/responses/BadRequest' + '401': + $ref: '#/components/responses/Unauthorized' get: summary: Get a list of personal access tokens description: Returns a paginated list of personal access tokens. @@ -225,16 +213,16 @@ paths: type: number default: 10 responses: - 200: + '200': description: OK content: application/json: schema: - $ref: "#/components/schemas/getAccessTokensResponse" - 400: - $ref: "#/components/responses/BadRequest" - 401: - $ref: "#/components/responses/Unauthorized" + $ref: '#/components/schemas/getAccessTokensResponse' + '400': + $ref: '#/components/responses/BadRequest' + '401': + $ref: '#/components/responses/Unauthorized' /v2/access-tokens/{uuid}: parameters: - in: path @@ -245,49 +233,48 @@ paths: patch: summary: Update a personal access token description: | - Updates a personal access token partially. You can either update the - token's label or enable/disable it. + Updates a personal access token partially. You can either update the token's label or enable/disable it. tags: - access-tokens requestBody: content: application/json: schema: - $ref: "#/components/schemas/patchAccessTokenRequest" + $ref: '#/components/schemas/patchAccessTokenRequest' required: true responses: - 200: + '200': description: OK content: application/json: schema: - $ref: "#/components/schemas/patchAccessTokenResponse" - 400: - $ref: "#/components/responses/BadRequest" - 401: - $ref: "#/components/responses/Unauthorized" + $ref: '#/components/schemas/patchAccessTokenResponse' + '400': + $ref: '#/components/responses/BadRequest' + '401': + $ref: '#/components/responses/Unauthorized' get: summary: Get a personal access token description: Returns a personal access token by UUID. tags: - access-tokens responses: - 200: + '200': description: OK content: application/json: schema: allOf: - - $ref: "#/components/schemas/accessToken" + - $ref: '#/components/schemas/accessToken' - type: object properties: token: type: string - example: "" - 401: - $ref: "#/components/responses/Unauthorized" - 404: - $ref: "#/components/responses/NotFound" + example: '' + '401': + $ref: '#/components/responses/Unauthorized' + '404': + $ref: '#/components/responses/NotFound' delete: summary: Delete a personal access token description: | @@ -295,24 +282,24 @@ paths: tags: - access-tokens responses: - 204: + '204': description: A successful response. - 401: - $ref: "#/components/responses/Unauthorized" - 404: - $ref: "#/components/responses/NotFound" + '401': + $ref: '#/components/responses/Unauthorized' + '404': + $ref: '#/components/responses/NotFound' /v2/auditlogs/{account}: get: summary: Returns list of audit log events description: Get audit log events for a given namespace. operationId: AuditLogs_GetAuditLogs responses: - 200: + '200': description: A successful response. content: application/json: schema: - $ref: "#/components/schemas/GetAuditLogsResponse" + $ref: '#/components/schemas/GetAuditLogsResponse' examples: response: value: @@ -324,12 +311,11 @@ paths: data: digest: sha256:c1ae9c435032a276f80220c7d9b40f76266bbe79243d34f9cda30b76fe114dfa tag: latest - timestamp: 2021-02-19T01:34:35Z - action_description: - pushed the tag latest with the digest - sha256:c1ae9c435032a to the repository docker/example - 429: - description: "" + timestamp: '2021-02-19T01:34:35Z' + action_description: | + pushed the tag latest with the digest sha256:c1ae9c435032a to the repository docker/example + '429': + description: '' content: application/json: schema: {} @@ -338,8 +324,8 @@ paths: value: detail: Rate limit exceeded error: false - 500: - description: "" + '500': + description: '' content: application/json: schema: {} @@ -348,7 +334,7 @@ paths: content: application/json: schema: - $ref: "#/components/schemas/rpcStatus" + $ref: '#/components/schemas/rpcStatus' parameters: - name: account description: Namespace to query audit logs for. @@ -357,27 +343,22 @@ paths: schema: type: string - name: action - description: - action name one of ["repo.tag.push", ...]. Optional parameter to - filter specific audit log actions. + description: | + action name one of ["repo.tag.push", ...]. Optional parameter to filter specific audit log actions. in: query required: false schema: type: string - name: name - description: - name. Optional parameter to filter audit log events to a specific - name. For repository events, this is the name of the repository. For - organization events, this is the name of the organization. For team - member events, this is the username of the team member. + description: | + name. Optional parameter to filter audit log events to a specific name. For repository events, this is the name of the repository. For organization events, this is the name of the organization. For team member events, this is the username of the team member. in: query required: false schema: type: string - name: actor - description: - actor name. Optional parameter to filter audit log events to the - specific user who triggered the event. + description: | + actor name. Optional parameter to filter audit log events to the specific user who triggered the event. in: query required: false schema: @@ -417,17 +398,16 @@ paths: /v2/auditlogs/{account}/actions: get: summary: Returns list of audit log actions - description: - Get audit log actions for a namespace to be used as a filter for - querying audit events. + description: | + Get audit log actions for a namespace to be used as a filter for querying audit events. operationId: AuditLogs_GetAuditActions responses: - 200: + '200': description: A successful response. content: application/json: schema: - $ref: "#/components/schemas/GetAuditActionsResponse" + $ref: '#/components/schemas/GetAuditActionsResponse' examples: response: value: @@ -474,8 +454,8 @@ paths: description: contains image tag delete events label: Tag Deleted label: Repository - 429: - description: "" + '429': + description: '' content: application/json: schema: {} @@ -484,8 +464,8 @@ paths: value: detail: Rate limit exceeded error: false - 500: - description: "" + '500': + description: '' content: application/json: schema: {} @@ -494,7 +474,7 @@ paths: content: application/json: schema: - $ref: "#/components/schemas/rpcStatus" + $ref: '#/components/schemas/rpcStatus' parameters: - name: account description: Namespace to query audit log actions for. @@ -519,23 +499,22 @@ paths: tags: - org-settings responses: - 200: + '200': description: OK content: application/json: schema: - $ref: "#/components/schemas/orgSettings" - 401: - $ref: "#/components/responses/Unauthorized" - 403: - $ref: "#/components/responses/Forbidden" - 404: - $ref: "#/components/responses/NotFound" + $ref: '#/components/schemas/orgSettings' + '401': + $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' + '404': + $ref: '#/components/responses/NotFound' put: summary: Update organization settings description: | - Updates an organization's settings. Some settings are only used when the - organization is on a business plan. + Updates an organization's settings. Some settings are only used when the organization is on a business plan. ***Only users with administrative privileges for the organization (owner role) can modify these settings.*** @@ -552,7 +531,7 @@ paths: properties: restricted_images: allOf: - - $ref: "#/components/schemas/restricted_images" + - $ref: '#/components/schemas/restricted_images' - type: object required: - enabled @@ -560,194 +539,714 @@ paths: - allow_verified_publishers required: true responses: - 200: + '200': description: OK content: application/json: schema: - $ref: "#/components/schemas/orgSettings" - 401: - $ref: "#/components/responses/Unauthorized" - 403: - $ref: "#/components/responses/Forbidden" - 404: - $ref: "#/components/responses/NotFound" - - + $ref: '#/components/schemas/orgSettings' + '401': + $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' + '404': + $ref: '#/components/responses/NotFound' /v2/namespaces/{namespace}/repositories/{repository}/tags: parameters: - - $ref: "#/components/parameters/namespace" - - $ref: "#/components/parameters/repository" + - $ref: '#/components/parameters/namespace' + - $ref: '#/components/parameters/repository' get: - summary: "List repository tags" - tags: [ repositories ] + summary: List repository tags + tags: + - repositories parameters: - - $ref: "#/components/parameters/page" - - $ref: "#/components/parameters/page_size" + - in: query + name: page + required: false + schema: + type: integer + description: Page number to get. Defaults to 1. + - in: query + name: page_size + required: false + schema: + type: integer + description: Number of items to get per page. Defaults to 10. Max of 100. responses: - 200: - $ref: "#/components/responses/list_tags" - 403: - $ref: "#/components/responses/Forbidden" - 404: - $ref: "#/components/responses/NotFound" + '200': + $ref: '#/components/responses/list_tags' + '403': + $ref: '#/components/responses/Forbidden' + '404': + $ref: '#/components/responses/NotFound' head: - summary: "Check repository tags" - tags: [ repositories ] + summary: Check repository tags + tags: + - repositories responses: - 200: - description: "Repository contains tags" - 403: - $ref: "#/components/responses/Forbidden" - 404: - $ref: "#/components/responses/NotFound" - + '200': + description: Repository contains tags + '403': + $ref: '#/components/responses/Forbidden' + '404': + $ref: '#/components/responses/NotFound' /v2/namespaces/{namespace}/repositories/{repository}/tags/{tag}: parameters: - - $ref: "#/components/parameters/namespace" - - $ref: "#/components/parameters/repository" - - $ref: "#/components/parameters/tag" + - $ref: '#/components/parameters/namespace' + - $ref: '#/components/parameters/repository' + - $ref: '#/components/parameters/tag' get: - summary: "Read repository tag" - tags: [ repositories ] + summary: Read repository tag + tags: + - repositories responses: - 200: - $ref: "#/components/responses/get_tag" - 403: - $ref: "#/components/responses/Forbidden" - 404: - $ref: "#/components/responses/NotFound" + '200': + $ref: '#/components/responses/get_tag' + '403': + $ref: '#/components/responses/Forbidden' + '404': + $ref: '#/components/responses/NotFound' head: - summary: "Check repository tag" - tags: [ repositories ] + summary: Check repository tag + tags: + - repositories responses: - 200: - description: "Repository tag exists" - 403: - $ref: "#/components/responses/Forbidden" - 404: - $ref: "#/components/responses/NotFound" - - + '200': + description: Repository tag exists + '403': + $ref: '#/components/responses/Forbidden' + '404': + $ref: '#/components/responses/NotFound' + /v2/orgs/{org_name}/members: + x-audience: public + parameters: + - $ref: '#/components/parameters/org_name' + - $ref: '#/components/parameters/search' + - $ref: '#/components/parameters/page' + - $ref: '#/components/parameters/page_size' + - $ref: '#/components/parameters/invites' + - $ref: '#/components/parameters/type' + - $ref: '#/components/parameters/role' + get: + summary: List org members + description: | + Returns a list of members for an organization" + tags: + - orgs + responses: + '200': + description: List of members + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/org_member_paginated' + '400': + $ref: '#/components/responses/bad_request' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + /v2/orgs/{org_name}/members/export: + x-audience: public + parameters: + - $ref: '#/components/parameters/org_name' + get: + summary: Export org members CSV + description: | + Export members of an organization as a CSV + tags: + - orgs + responses: + '200': + description: Exported members + content: + text/csv: + schema: + type: array + items: + type: object + required: + - Name + - Username + - Email + - Type + - Role + - Date Joined + properties: + Name: + type: string + description: First and last name of the member + Username: + type: string + description: Username of the member + Email: + type: string + description: Email address of the member + Type: + type: string + description: Type of the member + enum: + - Invitee + - User + Permission: + type: string + description: Permission of the member + enum: + - Owner + - Member + Teams: + type: string + description: Comma-separated list of teams the member is part of + example: team-1, team-2 + Date Joined: + type: string + description: Date the member joined the organization + example: 2020-01-01 15:00:51.193355 +0000 UTC + headers: + Content-Disposition: + schema: + type: string + example: attachment;filename="{org_name}-members-{timestamp}.csv" + '400': + $ref: '#/components/responses/bad_request' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + /v2/orgs/{org_name}/members/{username}: + x-audience: public + parameters: + - $ref: '#/components/parameters/org_name' + - $ref: '#/components/parameters/username' + put: + summary: Update org member (role) + description: | + Updates the role of a member in the organization. + ***Only users in the "owners" group of the organization can use this endpoint.*** + tags: + - orgs + requestBody: + required: true + content: + application/json: + schema: + required: + - role + properties: + role: + type: string + description: Role of the member + enum: + - owner + - editor + - member + responses: + '200': + description: Member role updated + content: + application/json: + schema: + $ref: '#/components/schemas/org_member' + '400': + $ref: '#/components/responses/bad_request' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + delete: + summary: Remove member from org + description: | + Removes the member from the org, ie. all groups in the org, unless they're the last owner + tags: + - orgs + responses: + '204': + description: Member removed successfully + '400': + $ref: '#/components/responses/bad_request' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + /v2/orgs/{org_name}/invites: + x-audience: public + parameters: + - $ref: '#/components/parameters/org_name' + get: + summary: List org invites + description: | + Return all pending invites for a given org, only team owners can call this endpoint + tags: + - orgs + - invites + responses: + '200': + description: '' + content: + application/json: + schema: + type: object + properties: + data: + type: array + items: + $ref: '#/components/schemas/invite' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + /v2/orgs/{org_name}/groups: + x-audience: public + parameters: + - $ref: '#/components/parameters/org_name' + get: + summary: Get groups of an organization + tags: + - groups + parameters: + - $ref: '#/components/parameters/page' + - $ref: '#/components/parameters/page_size' + - in: query + name: username + schema: + type: string + description: Get groups for the specified username in the organization. + - in: query + name: search + schema: + type: string + description: Get groups for the specified group in the organization. + responses: + '200': + description: '' + content: + application/json: + schema: + properties: + count: + type: number + example: 1 + next: + type: string + example: null + previous: + type: string + example: null + results: + type: array + items: + $ref: '#/components/schemas/org_group' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + post: + summary: Create a new group + description: Create a new group within an organization. + tags: + - groups + requestBody: + content: + application/json: + schema: + required: + - name + properties: + name: + type: string + description: + type: string + responses: + '201': + description: Group created successfully + content: + application/json: + schema: + $ref: '#/components/schemas/org_group' + '400': + $ref: '#/components/responses/bad_request' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + /v2/orgs/{org_name}/groups/{group_name}: + x-audience: public + parameters: + - $ref: '#/components/parameters/org_name' + - $ref: '#/components/parameters/group_name' + get: + summary: Get a group of an organization + tags: + - groups + responses: + '200': + description: '' + content: + application/json: + schema: + $ref: '#/components/schemas/org_group' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + put: + summary: Update the details for an organization group + tags: + - groups + requestBody: + content: + application/json: + schema: + required: + - name + properties: + name: + type: string + description: + type: string + responses: + '200': + description: '' + content: + application/json: + schema: + $ref: '#/components/schemas/org_group' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + patch: + summary: Update some details for an organization group + tags: + - groups + requestBody: + content: + application/json: + schema: + properties: + name: + type: string + description: + type: string + responses: + '200': + description: '' + content: + application/json: + schema: + $ref: '#/components/schemas/org_group' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + delete: + summary: Delete an organization group + tags: + - groups + responses: + '204': + description: Group deleted successfully + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + /v2/orgs/{org_name}/groups/{group_name}/members: + x-audience: public + get: + parameters: + - $ref: '#/components/parameters/org_name' + - $ref: '#/components/parameters/group_name' + - $ref: '#/components/parameters/page' + - $ref: '#/components/parameters/page_size' + - in: query + name: search + schema: + type: string + description: Search members by username, full_name or email. + summary: List members of a group + description: | + List the members (users) that are in a group. + If user is owner of the org or has otherwise elevated permissions, they can search by email and the result will also contain emails. + tags: + - groups + responses: + '200': + description: '' + content: + application/json: + schema: + properties: + count: + type: number + example: 1 + next: + type: string + example: null + previous: + type: string + example: null + results: + type: array + items: + $ref: '#/components/schemas/group_member' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + post: + parameters: + - $ref: '#/components/parameters/org_name' + - $ref: '#/components/parameters/group_name' + summary: Adds a member to a group + tags: + - groups + requestBody: + $ref: '#/components/requestBodies/add_member_to_org_group' + responses: + '200': + description: OK + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + '500': + $ref: '#/components/responses/internal_error' + /v2/orgs/{org_name}/groups/{group_name}/members/{username}: + x-audience: public + parameters: + - $ref: '#/components/parameters/org_name' + - $ref: '#/components/parameters/group_name' + - $ref: '#/components/parameters/username' + delete: + summary: Removes a user from a group + tags: + - groups + responses: + '204': + description: User removed successfully + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + /v2/invites/{id}: + x-audience: public + parameters: + - in: path + name: id + required: true + schema: + type: string + delete: + summary: Cancel an invite + description: | + Mark the invite as cancelled so it doesn't show up on the list of pending invites + tags: + - invites + responses: + '204': + description: '' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + /v2/invites/{id}/resend: + x-audience: public + parameters: + - in: path + name: id + schema: + type: string + required: true + patch: + summary: Resend an invite + description: | + Resend a pending invite to the user, any org owner can resend an invite + tags: + - invites + responses: + '204': + description: '' + '401': + $ref: '#/components/responses/unauthorized' + '403': + $ref: '#/components/responses/forbidden' + '404': + $ref: '#/components/responses/not_found' + /v2/invites/bulk: + x-audience: public + parameters: + - $ref: '#/components/parameters/bulk_invite' + post: + summary: Bulk create invites + description: | + Create multiple invites by emails or DockerIDs. Only a team owner can create invites. + tags: + - invites + requestBody: + $ref: '#/components/requestBodies/bulk_invite_request' + responses: + '202': + description: Accepted + content: + application/json: + schema: + type: object + properties: + invitees: + $ref: '#/components/schemas/bulk_invite' + '400': + $ref: '#/components/responses/bad_request' + '409': + $ref: '#/components/responses/conflict' /v2/scim/2.0/ServiceProviderConfig: + x-audience: public get: summary: Get service provider config description: | Returns a service provider config for Docker's configuration. - tags: [ scim ] + tags: + - scim security: - - bearerSCIMAuth: [ ] + - bearerSCIMAuth: [] responses: - 200: + '200': $ref: '#/components/responses/scim_get_service_provider_config_resp' - 401: - $ref: "#/components/responses/scim_unauthorized" - 500: - $ref: "#/components/responses/scim_error" - + '401': + $ref: '#/components/responses/scim_unauthorized' + '500': + $ref: '#/components/responses/scim_error' /v2/scim/2.0/ResourceTypes: + x-audience: public get: summary: List resource types description: | Returns all resource types supported for the SCIM configuration. - tags: [ scim ] + tags: + - scim security: - - bearerSCIMAuth: [ ] + - bearerSCIMAuth: [] responses: - 200: - $ref: "#/components/responses/scim_get_resource_types_resp" - 401: - $ref: "#/components/responses/scim_unauthorized" - 500: - $ref: "#/components/responses/scim_error" - + '200': + $ref: '#/components/responses/scim_get_resource_types_resp' + '401': + $ref: '#/components/responses/scim_unauthorized' + '500': + $ref: '#/components/responses/scim_error' /v2/scim/2.0/ResourceTypes/{name}: + x-audience: public get: summary: Get a resource type description: | Returns a resource type by name. - tags: [ scim ] + tags: + - scim parameters: - name: name in: path schema: type: string example: User + required: true security: - - bearerSCIMAuth: [ ] + - bearerSCIMAuth: [] responses: - 200: - $ref: "#/components/responses/scim_get_resource_type_resp" - 401: - $ref: "#/components/responses/scim_unauthorized" - 404: - $ref: "#/components/responses/scim_not_found" - 500: - $ref: "#/components/responses/scim_error" - + '200': + $ref: '#/components/responses/scim_get_resource_type_resp' + '401': + $ref: '#/components/responses/scim_unauthorized' + '404': + $ref: '#/components/responses/scim_not_found' + '500': + $ref: '#/components/responses/scim_error' /v2/scim/2.0/Schemas: + x-audience: public get: summary: List schemas description: | Returns all schemas supported for the SCIM configuration. - tags: [ scim ] + tags: + - scim security: - - bearerSCIMAuth: [ ] + - bearerSCIMAuth: [] responses: - 200: - $ref: "#/components/responses/scim_get_schemas_resp" - 401: - $ref: "#/components/responses/scim_unauthorized" - 500: - $ref: "#/components/responses/scim_error" - + '200': + $ref: '#/components/responses/scim_get_schemas_resp' + '401': + $ref: '#/components/responses/scim_unauthorized' + '500': + $ref: '#/components/responses/scim_error' /v2/scim/2.0/Schemas/{id}: + x-audience: public get: summary: Get a schema description: | Returns a schema by ID. - tags: [ scim ] + tags: + - scim parameters: - name: id in: path schema: type: string example: urn:ietf:params:scim:schemas:core:2.0:User + required: true security: - - bearerSCIMAuth: [ ] + - bearerSCIMAuth: [] responses: - 200: - $ref: "#/components/responses/scim_get_schema_resp" - 401: - $ref: "#/components/responses/scim_unauthorized" - 404: - $ref: "#/components/responses/scim_not_found" - 500: - $ref: "#/components/responses/scim_error" - + '200': + $ref: '#/components/responses/scim_get_schema_resp' + '401': + $ref: '#/components/responses/scim_unauthorized' + '404': + $ref: '#/components/responses/scim_not_found' + '500': + $ref: '#/components/responses/scim_error' /v2/scim/2.0/Users: + x-audience: public get: summary: List users description: | - List users, returns paginated users for an organization. Use `startIndex` - and `count` query parameters to receive paginated results. + Returns paginated users for an organization. Use `startIndex` and `count` query parameters to receive paginated results. + + **Sorting:** - **Sorting:**
- Sorting lets you specify the order of returned resources by specifying - a combination of `sortBy` and `sortOrder` query parameters. + Sorting allows you to specify the order in which resources are returned by specifying a combination of `sortBy` and `sortOrder` query parameters. - The `sortBy` parameter specifies the attribute whose value will be used - to order the returned responses. The `sortOrder` parameter defines the - order in which the `sortBy` parameter is applied. Allowed values are - "ascending" and "descending". + The `sortBy` parameter specifies the attribute whose value will be used to order the returned responses. The `sortOrder` parameter defines the order in which the `sortBy` parameter is applied. Allowed values are "ascending" and "descending". - **Filtering:**
- You can request a subset of resources by specifying the `filter` query - parameter containing a filter expression. Attribute names and attribute - operators used in filters are case insensitive. The filter parameter - must contain at least one valid expression. Each expression must contain - an attribute name followed by an attribute operator and an optional - value. + **Filtering:** + + You can request a subset of resources by specifying the `filter` query parameter containing a filter expression. Attribute names and attribute operators used in filters are case insensitive. The filter parameter must contain at least one valid expression. Each expression must contain an attribute name followed by an attribute operator and an optional value. Supported operators are listed below. @@ -759,16 +1258,17 @@ paths: - `or` Logical "or" - `not` "Not" function - `()` Precedence grouping - tags: [ scim ] + tags: + - scim security: - - bearerSCIMAuth: [ ] + - bearerSCIMAuth: [] parameters: - name: startIndex in: query schema: type: integer minimum: 1 - description: "" + description: '' example: 1 - name: count in: query @@ -776,15 +1276,15 @@ paths: type: integer minimum: 1 maximum: 200 - description: "" + description: '' example: 10 - name: filter in: query schema: type: string - description: "" + description: '' example: userName eq "jon.snow@docker.com" - - $ref: "#/components/parameters/scim_attributes" + - $ref: '#/components/parameters/scim_attributes' - name: sortOrder in: query schema: @@ -796,100 +1296,96 @@ paths: in: query schema: type: string - description: "User attribute to sort by." + description: User attribute to sort by. example: userName responses: - 200: - $ref: "#/components/responses/scim_get_users_resp" - 400: - $ref: "#/components/responses/scim_bad_request" - 401: - $ref: "#/components/responses/scim_unauthorized" - 403: - $ref: "#/components/responses/scim_forbidden" - 404: - $ref: "#/components/responses/scim_not_found" - 500: - $ref: "#/components/responses/scim_error" - + '200': + $ref: '#/components/responses/scim_get_users_resp' + '400': + $ref: '#/components/responses/scim_bad_request' + '401': + $ref: '#/components/responses/scim_unauthorized' + '403': + $ref: '#/components/responses/scim_forbidden' + '404': + $ref: '#/components/responses/scim_not_found' + '500': + $ref: '#/components/responses/scim_error' post: summary: Create user description: | - Creates a user. If the user already exists by email, they are assigned - to the organization on the "company" team. - tags: [ scim ] + Creates a user. If the user already exists by email, they are assigned to the organization on the "company" team. + tags: + - scim security: - - bearerSCIMAuth: [ ] + - bearerSCIMAuth: [] requestBody: - $ref: "#/components/requestBodies/scim_create_user_request" + $ref: '#/components/requestBodies/scim_create_user_request' responses: - 201: - $ref: "#/components/responses/scim_create_user_resp" - 400: - $ref: "#/components/responses/scim_bad_request" - 401: - $ref: "#/components/responses/scim_unauthorized" - 403: - $ref: "#/components/responses/scim_forbidden" - 404: - $ref: "#/components/responses/scim_not_found" - 409: - $ref: "#/components/responses/scim_conflict" - 500: - $ref: "#/components/responses/scim_error" - + '201': + $ref: '#/components/responses/scim_create_user_resp' + '400': + $ref: '#/components/responses/scim_bad_request' + '401': + $ref: '#/components/responses/scim_unauthorized' + '403': + $ref: '#/components/responses/scim_forbidden' + '404': + $ref: '#/components/responses/scim_not_found' + '409': + $ref: '#/components/responses/scim_conflict' + '500': + $ref: '#/components/responses/scim_error' /v2/scim/2.0/Users/{id}: + x-audience: public parameters: - - $ref: "#/components/parameters/scim_user_id" + - $ref: '#/components/parameters/scim_user_id' get: summary: Get a user description: | Returns a user by ID. - tags: [ scim ] + tags: + - scim security: - - bearerSCIMAuth: [ ] + - bearerSCIMAuth: [] responses: - 200: - $ref: "#/components/responses/scim_get_user_resp" - 400: - $ref: "#/components/responses/scim_bad_request" - 401: - $ref: "#/components/responses/scim_unauthorized" - 403: - $ref: "#/components/responses/scim_forbidden" - 404: - $ref: "#/components/responses/scim_not_found" - 500: - $ref: "#/components/responses/scim_error" + '200': + $ref: '#/components/responses/scim_get_user_resp' + '400': + $ref: '#/components/responses/scim_bad_request' + '401': + $ref: '#/components/responses/scim_unauthorized' + '403': + $ref: '#/components/responses/scim_forbidden' + '404': + $ref: '#/components/responses/scim_not_found' + '500': + $ref: '#/components/responses/scim_error' put: summary: Update a user description: | - Updates a user. Use this route to change the user's name, activate, - and deactivate the user. - tags: [ scim ] + Updates a user. This route is used to change the user's name, activate, and deactivate the user. + tags: + - scim security: - - bearerSCIMAuth: [ ] + - bearerSCIMAuth: [] requestBody: - $ref: "#/components/requestBodies/scim_update_user_request" + $ref: '#/components/requestBodies/scim_update_user_request' responses: - 200: - $ref: "#/components/responses/scim_update_user_resp" - 400: - $ref: "#/components/responses/scim_bad_request" - 401: - $ref: "#/components/responses/scim_unauthorized" - 403: - $ref: "#/components/responses/scim_forbidden" - 404: - $ref: "#/components/responses/scim_not_found" - 409: - $ref: "#/components/responses/scim_conflict" - 500: - $ref: "#/components/responses/scim_error" - - -servers: - - url: https://hub.docker.com/ + '200': + $ref: '#/components/responses/scim_update_user_resp' + '400': + $ref: '#/components/responses/scim_bad_request' + '401': + $ref: '#/components/responses/scim_unauthorized' + '403': + $ref: '#/components/responses/scim_forbidden' + '404': + $ref: '#/components/responses/scim_not_found' + '409': + $ref: '#/components/responses/scim_conflict' + '500': + $ref: '#/components/responses/scim_error' components: responses: BadRequest: @@ -897,100 +1393,144 @@ components: content: application/json: schema: - $ref: "#/components/schemas/ValueError" + $ref: '#/components/schemas/ValueError' Unauthorized: description: Unauthorized content: application/json: schema: - $ref: "#/components/schemas/Error" + $ref: '#/components/schemas/Error' Forbidden: description: Forbidden content: application/json: schema: - $ref: "#/components/schemas/Error" + $ref: '#/components/schemas/Error' NotFound: description: Not Found content: application/json: schema: - $ref: "#/components/schemas/Error" - + $ref: '#/components/schemas/Error' + list_tags: + description: list repository tags + content: + application/json: + schema: + $ref: '#/components/schemas/paginated_tags' + get_tag: + description: repository tag + content: + application/json: + schema: + $ref: '#/components/schemas/tag' + bad_request: + description: Bad Request + content: + application/json: + schema: + $ref: '#/components/schemas/error' + unauthorized: + description: Unauthorized + content: + application/json: + schema: + $ref: '#/components/schemas/error' + forbidden: + description: Forbidden + content: + application/json: + schema: + $ref: '#/components/schemas/error' + not_found: + description: Not Found + content: + application/json: + schema: + $ref: '#/components/schemas/error' + conflict: + description: Conflict + content: + application/json: + schema: + $ref: '#/components/schemas/error' + internal_error: + description: Internal + content: + application/json: + schema: + $ref: '#/components/schemas/error' scim_bad_request: description: Bad Request content: application/scim+json: schema: allOf: - - $ref: "#/components/schemas/scim_error" + - $ref: '#/components/schemas/scim_error' - properties: status: - example: "400" + example: '400' scimType: type: string - description: Some types of errors will return this per the - specification. + description: Some types of errors will return this per the specification. scim_unauthorized: description: Unauthorized content: application/scim+json: schema: allOf: - - $ref: "#/components/schemas/scim_error" + - $ref: '#/components/schemas/scim_error' - properties: status: - example: "401" + example: '401' scim_forbidden: description: Forbidden content: application/scim+json: schema: allOf: - - $ref: "#/components/schemas/scim_error" + - $ref: '#/components/schemas/scim_error' - properties: status: - example: "403" + example: '403' scim_not_found: description: Not Found content: application/scim+json: schema: allOf: - - $ref: "#/components/schemas/scim_error" + - $ref: '#/components/schemas/scim_error' - properties: status: - example: "404" + example: '404' scim_conflict: description: Conflict content: application/scim+json: schema: allOf: - - $ref: "#/components/schemas/scim_error" + - $ref: '#/components/schemas/scim_error' - properties: status: - example: "409" + example: '409' scim_error: description: Internal Error content: application/scim+json: schema: allOf: - - $ref: "#/components/schemas/scim_error" + - $ref: '#/components/schemas/scim_error' - properties: status: - example: "500" - + example: '500' scim_get_service_provider_config_resp: - description: "" + description: '' content: application/scim+json: schema: - $ref: "#/components/schemas/scim_service_provider_config" - + $ref: '#/components/schemas/scim_service_provider_config' scim_get_resource_types_resp: - description: "" + description: '' content: application/scim+json: schema: @@ -1000,24 +1540,22 @@ components: type: array items: type: string - example: [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ] + example: urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: type: integer example: 1 resources: type: array items: - $ref: "#/components/schemas/scim_resource_type" - + $ref: '#/components/schemas/scim_resource_type' scim_get_resource_type_resp: - description: "" + description: '' content: application/scim+json: schema: - $ref: "#/components/schemas/scim_resource_type" - + $ref: '#/components/schemas/scim_resource_type' scim_get_schemas_resp: - description: "" + description: '' content: application/scim+json: schema: @@ -1027,24 +1565,22 @@ components: type: array items: type: string - example: [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ] + example: urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: type: integer example: 1 resources: type: array items: - $ref: "#/components/schemas/scim_schema" - + $ref: '#/components/schemas/scim_schema' scim_get_schema_resp: - description: "" + description: '' content: application/scim+json: schema: - $ref: "#/components/schemas/scim_schema" - + $ref: '#/components/schemas/scim_schema' scim_get_users_resp: - description: "" + description: '' content: application/scim+json: schema: @@ -1054,7 +1590,8 @@ components: type: array items: type: string - example: [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ] + example: + - urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: type: integer example: 1 @@ -1067,43 +1604,25 @@ components: resources: type: array items: - $ref: "#/components/schemas/scim_user" - + $ref: '#/components/schemas/scim_user' scim_create_user_resp: - description: "" + description: '' content: application/scim+json: schema: - $ref: "#/components/schemas/scim_user" - + $ref: '#/components/schemas/scim_user' scim_get_user_resp: - description: "" + description: '' content: application/scim+json: schema: - $ref: "#/components/schemas/scim_user" - + $ref: '#/components/schemas/scim_user' scim_update_user_resp: - description: "" + description: '' content: application/scim+json: schema: - $ref: "#/components/schemas/scim_user" - - list_tags: - description: "list repository tags" - content: - application/json: - schema: - $ref: "#/components/schemas/paginated_tags" - - get_tag: - description: "repository tag" - content: - application/json: - schema: - $ref: "#/components/schemas/tag" - + $ref: '#/components/schemas/scim_user' schemas: UsersLoginRequest: description: User login details @@ -1117,11 +1636,10 @@ components: type: string example: myusername password: - description: - The password or personal access token (PAT) of the Docker Hub - account to authenticate with. + description: | + The password or personal access token (PAT) of the Docker Hub account to authenticate with. type: string - example: hunter2 + example: p@ssw0rd PostUsersLoginSuccessResponse: description: successful user login response type: object @@ -1129,7 +1647,6 @@ components: token: description: | Created authentication token. - This token can be used in the HTTP Authorization header as a JWT to authenticate with the Docker Hub APIs. type: string example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c @@ -1146,10 +1663,8 @@ components: example: Incorrect authentication credentials nullable: false login_2fa_token: - description: - Short time lived token to be used on `/v2/users/2fa-login` to - complete the authentication. This field is present only if 2FA is - enabled. + description: | + Short time lived token to be used on `/v2/users/2fa-login` to complete the authentication. This field is present only if 2FA is enabled. type: string example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c nullable: true @@ -1165,9 +1680,8 @@ components: type: string example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c code: - description: - The Time-based One-Time Password of the Docker Hub account to - authenticate with. + description: | + The Time-based One-Time Password of the Docker Hub account to authenticate with. type: string example: 123456 PostUsers2FALoginErrorResponse: @@ -1179,369 +1693,6 @@ components: type: string example: Incorrect authentication credentials nullable: false - ErrorInfo: - description: Context information for an error used for diagnostics. - type: object - properties: - api_call_docker_id: - description: ID of docker user. - type: string - api_call_name: - description: Name of the API operation called. - type: string - api_call_start: - description: Date/time of call start. - type: string - api_call_txnid: - description: Unique ID for this call. - type: string - ErrorResponse: - description: Represents an error. - type: object - properties: - txnid: - description: Unique ID for this call. - type: string - message: - description: The error message. - type: string - errinfo: - $ref: "#/components/schemas/ErrorInfo" - ErrorDetail: - description: Error with a detail field. - type: object - properties: - detail: - description: The error message. - type: string - GetNamespaceRepositoryImagesSummaryResponse: - description: Summary information for images in a repository. - type: object - properties: - active_from: - description: - Time from which an image must have been pushed or pulled to be - counted as active. - type: string - example: 2021-01-25T14:25:37.076343059Z - statistics: - type: object - properties: - total: - description: Number of images in this repository. - type: integer - example: 3 - active: - description: Number of images counted as active in this repository. - type: integer - example: 2 - inactive: - description: Number of images counted as inactive in this repository. - type: integer - example: 1 - GetNamespaceRepositoryImagesResponse: - description: Paginated list of images in a repository. - type: object - properties: - count: - description: Total count of images in the repository. - type: integer - example: 100 - next: - description: - Link to the next page with the same query parameters if there are - more images. - type: string - example: https://hub.docker.com/v2/namespaces/mynamespace/repositories/myrepo/images?&page=4&page_size=20 - nullable: true - previous: - description: - Link to the previous page with the same query parameters if not on - first page. - type: string - example: https://hub.docker.com/v2/namespaces/mynamespace/repositories/myrepo/images?&page=2&page_size=20 - nullable: true - results: - type: array - description: Image details. - items: - type: object - properties: - namespace: - description: The repository namespace. - type: string - example: mynamespace - repository: - description: The repository name. - type: string - example: myrepo - digest: - description: The image's digest. - type: string - example: sha256:1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr - tags: - description: The current and historical tags for this image. - type: array - items: - type: object - properties: - tag: - description: The tag. - type: string - example: latest - is_current: - description: | - `true` if the tag currently points to this image. - - `false` if it has been overwritten to point at a different image. - type: boolean - example: true - last_pushed: - description: Time when this image was last pushed. - type: string - example: 2021-02-24T22:05:27.526308Z - nullable: true - last_pulled: - description: - Time when this image was last pulled. Note this is updated at - most once per hour. - type: string - example: 2021-02-24T23:16:10.200008Z - nullable: true - status: - description: - The status of the image based on its last activity against the - `active_from` time. - type: string - enum: - - active - - inactive - example: active - GetNamespaceRepositoryImagesTagsResponse: - description: Paginated list of tags for this repository. - type: object - properties: - count: - description: Total count of tags for this image. - type: integer - example: 100 - next: - description: Link to the next page if there are more tags. - type: string - example: https://hub.docker.com/v2/namespaces/mynamespace/repositories/myrepo/images/sha256:mydigest/tags?&page=4&page_size=20 - nullable: true - previous: - description: Link to the previous page if not on first page. - type: string - example: https://hub.docker.com/v2/namespaces/mynamespace/repositories/myrepo/images/sha256:mydigest/tags?&page=2&page_size=20 - nullable: true - results: - description: The current and historical tags for this image. - type: array - items: - type: object - properties: - tag: - description: The tag. - type: string - example: latest - is_current: - description: | - `true` if the tag currently points to this image. - - `false` if it has been overwritten to point at a different image. - type: boolean - example: true - PostNamespacesDeleteImagesRequest: - description: Delete images request. - type: object - properties: - dry_run: - description: - If `true` then will check and return errors and unignored warnings - for the deletion request but will not delete any images. - type: boolean - example: false - active_from: - description: | - Sets the time from which an image must have been pushed or pulled to - be counted as active. - - Defaults to 1 month before the current time. - type: string - example: 2020-12-01T12:00:00Z - manifests: - description: Image manifests to delete. - type: array - items: - type: object - required: - - repository - - digest - properties: - repository: - description: Name of the repository to delete the image from. - type: string - example: myrepo - digest: - description: Digest of the image to delete. - type: string - example: sha256:1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr - ignore_warnings: - description: | - Warnings to ignore. If a warning is not ignored then no deletions will happen and the - warning is returned in the response. - - These warnings include: - - - is_active: warning when attempting to delete an image that is marked as active. - - current_tag: warning when attempting to delete an image that has one or more current - tags in the repository. - - Warnings can be copied from the response to the request. - type: array - items: - type: object - required: - - repository - - digest - - warning - properties: - repository: - description: Name of the repository of the image to ignore the warning for. - type: string - example: myrepo - digest: - description: Digest of the image to ignore the warning for. - type: string - example: sha256:1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr - warning: - description: Warning to ignore. - type: string - enum: - - is_active - - current_tag - example: current_tag - tags: - description: Current tags to ignore. - type: array - items: - type: string - example: latest - PostNamespacesDeleteImagesResponseSuccess: - description: Successful delete images response. - type: object - properties: - dry_run: - description: Whether the request was a dry run or not. - type: boolean - example: false - metrics: - type: object - properties: - manifest_deletes: - description: Number of manifests deleted. - type: integer - example: 3 - manifest_errors: - description: Number of manifests that failed to delete. - type: integer - example: 0 - tag_deletes: - description: Number of tags deleted. - type: integer - example: 1 - tag_errors: - description: Number of tags that failed to delete. - type: integer - example: 0 - PostNamespacesDeleteImagesResponseError: - description: Deletion not possible. - type: object - properties: - txnid: - description: Unique ID for this call. - type: string - message: - description: The error message. - type: string - errinfo: - allOf: - - $ref: "#/components/schemas/ErrorInfo" - - type: object - properties: - type: - description: Type of error. - type: string - example: validation - details: - type: object - properties: - errors: - description: - Errors from validating delete request. These cannot be - ignored. - type: array - items: - type: object - properties: - repository: - description: - Name of the repository of the image that caused - the error. - type: string - example: myrepo - digest: - description: Digest of the image that caused the error. - type: string - example: sha256:1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr - error: - description: Error type. - type: string - enum: - - not_found - - unauthorized - - child_manifest - example: not_found - warnings: - description: | - Warnings that can be ignored. - - These warnings include: - - - is_active: warning when attempting to delete an image that is marked as - active. - - current_tag: warning when attempting to delete an image that has one or - more current tags in the repository. - - Warnings can be copied from the response to the request. - type: array - items: - type: object - properties: - repository: - description: - Name of the repository of the image that caused - the warning. - type: string - example: myrepo - digest: - description: Digest of the image that caused the warning. - type: string - example: sha256:1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqr - warning: - description: Warning type. - type: string - enum: - - is_active - - current_tag - example: current_tag - tags: - description: Current tags if warning is `current_tag`. - type: array - items: - type: string - example: latest protobufAny: type: object properties: @@ -1561,7 +1712,7 @@ components: details: type: array items: - $ref: "#/components/schemas/protobufAny" + $ref: '#/components/schemas/protobufAny' AuditLogAction: type: object properties: @@ -1581,7 +1732,7 @@ components: actions: type: array items: - $ref: "#/components/schemas/AuditLogAction" + $ref: '#/components/schemas/AuditLogAction' description: List of audit log actions. label: type: string @@ -1592,7 +1743,7 @@ components: actions: type: object additionalProperties: - $ref: "#/components/schemas/AuditLogActions" + $ref: '#/components/schemas/AuditLogActions' description: Map of audit log actions. description: GetAuditActions response. GetAuditLogsResponse: @@ -1601,7 +1752,7 @@ components: logs: type: array items: - $ref: "#/components/schemas/AuditLog" + $ref: '#/components/schemas/AuditLog' description: List of audit log events. description: GetAuditLogs response. AuditLog: @@ -1659,7 +1810,7 @@ components: example: some user agent created_at: type: string - example: 2021-07-20T12:00:00.000000Z + example: '2021-07-20T12:00:00.000000Z' last_used: type: string example: null @@ -1703,7 +1854,7 @@ components: items: type: string createAccessTokensResponse: - $ref: "#/components/schemas/accessToken" + $ref: '#/components/schemas/accessToken' getAccessTokensResponse: type: object properties: @@ -1723,12 +1874,12 @@ components: type: array items: allOf: - - $ref: "#/components/schemas/accessToken" + - $ref: '#/components/schemas/accessToken' - type: object properties: token: type: string - example: "" + example: '' patchAccessTokenRequest: type: object properties: @@ -1741,12 +1892,12 @@ components: type: boolean example: false patchAccessTokenResponse: - $ref: "#/components/schemas/accessToken" + $ref: '#/components/schemas/accessToken' orgSettings: type: object properties: restricted_images: - $ref: "#/components/schemas/restricted_images" + $ref: '#/components/schemas/restricted_images' restricted_images: type: object properties: @@ -1767,29 +1918,29 @@ components: properties: digest: type: string - description: "image layer digest" + description: image layer digest nullable: true size: type: integer - description: "size of the layer" + description: size of the layer instruction: type: string - description: "Dockerfile instruction" + description: Dockerfile instruction image: type: object properties: architecture: type: string - description: "CPU architecture" + description: CPU architecture features: type: string - description: "CPU features" + description: CPU features variant: type: string - description: "CPU variant" + description: CPU variant digest: type: string - description: "image digest" + description: image digest nullable: true layers: type: array @@ -1797,80 +1948,83 @@ components: $ref: '#/components/schemas/layer' os: type: string - description: "operating system" + description: operating system os_features: type: string - description: "OS features" + description: OS features os_version: type: string - description: "OS version" + description: OS version size: type: integer - description: "size of the image" + description: size of the image status: type: string - enum: ["active", "inactive"] - description: "Status of the image" + enum: + - active + - inactive + description: Status of the image last_pulled: type: string - example: "2021-01-05T21:06:53.506400Z" - description: "datetime of last pull" + example: '2021-01-05T21:06:53.506400Z' + description: datetime of last pull nullable: true last_pushed: type: string - example: "2021-01-05T21:06:53.506400Z" - description: "datetime of last push" + example: '2021-01-05T21:06:53.506400Z' + description: datetime of last push nullable: true tag: type: object properties: id: type: integer - description: "tag ID" + description: tag ID images: type: object $ref: '#/components/schemas/image' creator: type: integer - description: "ID of the user that pushed the tag" + description: ID of the user that pushed the tag last_updated: type: string - example: "2021-01-05T21:06:53.506400Z" - description: "datetime of last update" + example: '2021-01-05T21:06:53.506400Z' + description: datetime of last update nullable: true last_updater: type: integer - description: "ID of the last user that updated the tag" + description: ID of the last user that updated the tag last_updater_username: type: string - description: "Hub username of the user that updated the tag" + description: Hub username of the user that updated the tag name: type: string - description: "name of the tag" + description: name of the tag repository: type: integer - description: "repository ID" + description: repository ID full_size: type: integer - description: "compressed size (sum of all layers) of the tagged image" + description: compressed size (sum of all layers) of the tagged image v2: type: string - description: "repository API version" + description: repository API version status: type: string - enum: ["active", "inactive"] - description: "whether a tag has been pushed to or pulled in the past month" + enum: + - active + - inactive + description: whether a tag has been pushed to or pulled in the past month tag_last_pulled: type: string - example: "2021-01-05T21:06:53.506400Z" - description: "datetime of last pull" + example: '2021-01-05T21:06:53.506400Z' + description: datetime of last pull nullable: true tag_last_pushed: type: string - example: "2021-01-05T21:06:53.506400Z" - description: "datetime of last push" + example: '2021-01-05T21:06:53.506400Z' + description: datetime of last push nullable: true - paginated_tags: allOf: - $ref: '#/components/schemas/page' @@ -1894,7 +2048,118 @@ components: type: string description: link to previous page of results if any nullable: true - + scim_schema_attribute: + type: object + properties: + name: + type: string + example: userName + type: + enum: + - string + - boolean + - complex + type: string + example: string + multiValued: + type: boolean + example: false + description: + type: string + example: Unique identifier for the User, typically used by the user to directly authenticate to the service provider. Each User MUST include a non-empty userName value. This identifier MUST be unique across the service provider's entire set of Users. + required: + type: boolean + example: true + caseExact: + type: boolean + example: false + mutability: + type: string + example: readWrite + returned: + type: string + example: default + uniqueness: + type: string + example: server + scim_schema_parent_attribute: + allOf: + - $ref: '#/components/schemas/scim_schema_attribute' + - type: object + properties: + subAttributes: + type: array + items: + $ref: '#/components/schemas/scim_schema_attribute' + invite: + type: object + properties: + id: + type: string + description: uuid representing the invite id + example: e36eca69-4cc8-4f17-9845-ae8c2b832691 + inviter_username: + type: string + example: moby + invitee: + type: string + description: can either be a dockerID for registred users or an email for non-registred users + example: invitee@docker.com + org: + type: string + description: name of the org to join + example: docker + team: + type: string + description: name of the team (user group) to join + example: owners + created_at: + type: string + example: '2021-10-28T18:30:19.520861Z' + bulk_invite: + type: object + properties: + invitees: + type: array + description: A list of invitees + items: + type: object + properties: + invitee: + type: string + description: invitee email or Docker ID + status: + type: string + description: status of the invite or validation error + invite: + description: Invite data if successfully invited + $ref: '#/components/schemas/invite' + example: + invitees: + - invitee: invitee@docker.com + status: invited + invite: + id: e36eca69-4cc8-4f17-9845-ae8c2b832691 + inviter_username: moby + invitee: invitee@docker.com + org: docker + team: owners + created_at: '2021-10-28T18:30:19.520861Z' + - invitee: invitee2@docker.com + status: existing_org_member + - invitee: invitee3@docker.com + status: invalid_email_or_docker_id + error: + type: object + properties: + errinfo: + type: object + items: + type: string + detail: + type: string + message: + type: string scim_error: type: object properties: @@ -1909,7 +2174,180 @@ components: detail: type: string description: Details about why the request failed. - + user: + type: object + properties: + id: + type: string + example: 0ab70deb065a43fcacd55d48caa945d8 + description: The UUID trimmed + company: + type: string + example: Docker Inc + date_joined: + type: string + example: '2021-01-05T21:06:53.506400Z' + full_name: + type: string + example: Jon Snow + gravatar_email: + type: string + gravatar_url: + type: string + location: + type: string + profile_url: + type: string + type: + type: string + enum: + - User + - Org + example: User + username: + type: string + example: dockeruser + org_member: + allOf: + - $ref: '#/components/schemas/user' + properties: + email: + type: string + description: User's email address + example: example@docker.com + role: + type: string + description: User's role in the Organization + enum: + - Owner + - Member + - Invitee + example: Owner + groups: + type: array + description: Groups (Teams) that the user is member of + items: + type: string + example: + - developers + - owners + is_guest: + type: boolean + description: If the organization has verfied domains, members that have email addresses outside of those domains will be flagged as Guest member + example: false + primary_email: + type: string + description: User's email primary address + example: example@docker.com + deprecated: true + org_member_paginated: + type: object + properties: + count: + type: number + description: The total number of items that match with the search. + example: 120 + previous: + type: string + description: The URL or link for the previous page of items. + example: https://hub.docker.com/v2/some/resources/items?page=1&page_size=20 + next: + type: string + description: The URL or link for the next page of items. + example: https://hub.docker.com/v2/some/resources/items?page=3&page_size=20 + results: + type: array + description: List of accounts. + items: + $ref: '#/components/schemas/org_member' + org_group: + type: object + properties: + id: + type: number + example: 10 + description: Group ID + uuid: + type: string + description: UUID for the group + name: + type: string + example: mygroup + description: Name of the group + description: + type: string + example: Groups description + description: Description of the group + member_count: + type: number + example: 10 + description: Member count of the group + group_member: + type: object + properties: + id: + type: string + example: 0ab70deb065a43fcacd55d48caa945d8 + description: The UUID trimmed + company: + type: string + example: Docker Inc + date_joined: + type: string + example: '2021-01-05T21:06:53.506400Z' + full_name: + type: string + example: John Snow + gravatar_email: + type: string + gravatar_url: + type: string + location: + type: string + profile_url: + type: string + type: + type: string + enum: + - User + - Org + example: User + username: + type: string + example: dockeruser + email: + type: string + example: dockeruser@docker.com + email_address: + type: object + properties: + id: + type: number + user_id: + type: number + email: + type: string + example: dockeruser@docker.com + verified: + type: boolean + primary: + type: boolean + legacy_email_address: + allOf: + - $ref: '#/components/schemas/email_address' + - type: object + properties: + user: + type: string + example: dockeruser + email_with_username: + allOf: + - $ref: '#/components/schemas/email_address' + - type: object + properties: + username: + type: string + example: dockeruser scim_service_provider_config: type: object properties: @@ -1917,10 +2355,11 @@ components: type: array items: type: string - example: [ "urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig" ] + example: + - urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig documentationUri: type: string - example: "" + example: '' patch: properties: supported: @@ -1974,11 +2413,10 @@ components: example: The OAuth 2.0 Bearer Token Authentication scheme. OAuth enables clients to access protected resources by obtaining an access token, which is defined in RFC 6750 as "a string representing an access authorization issued to the client", rather than using the resource owner's credentials directly. specUri: type: string - example: "http://tools.ietf.org/html/rfc6750" + example: http://tools.ietf.org/html/rfc6750 type: type: string example: oauthbearertoken - scim_resource_type: type: object properties: @@ -1986,7 +2424,8 @@ components: type: array items: type: string - example: "urn:ietf:params:scim:schemas:core:2.0:ResourceType" + example: + - urn:ietf:params:scim:schemas:core:2.0:ResourceType id: type: string example: User @@ -1998,57 +2437,10 @@ components: example: User endpoint: type: string - example: "/Users" + example: /Users schema: type: string - example: "urn:ietf:params:scim:schemas:core:2.0:User" - - scim_schema_attribute: - type: object - properties: - name: - type: string - example: userName - type: - enum: - - string - - boolean - - complex - type: string - example: string - multiValued: - type: boolean - example: false - description: - type: string - example: Unique identifier for the User, typically used by the user to directly authenticate to the service provider. Each User MUST include a non-empty userName value. This identifier MUST be unique across the service provider's entire set of Users. - required: - type: boolean - example: true - caseExact: - type: boolean - example: false - mutability: - type: string - example: readWrite - returned: - type: string - example: default - uniqueness: - type: string - example: server - - - scim_schema_parent_attribute: - allOf: - - $ref: "#/components/schemas/scim_schema_attribute" - - type: object - properties: - subAttributes: - type: array - items: - $ref: "#/components/schemas/scim_schema_attribute" - + example: urn:ietf:params:scim:schemas:core:2.0:User scim_schema: type: object properties: @@ -2056,7 +2448,8 @@ components: type: array items: type: string - example: [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ] + example: + - urn:ietf:params:scim:schemas:core:2.0:Schema id: type: string example: urn:ietf:params:scim:schemas:core:2.0:User @@ -2068,10 +2461,9 @@ components: example: User Account attributes: type: array - example: [ ] + example: [] items: - $ref: "#/components/schemas/scim_schema_parent_attribute" - + $ref: '#/components/schemas/scim_schema_parent_attribute' scim_email: type: object properties: @@ -2084,22 +2476,19 @@ components: primary: type: boolean example: true - scim_group: type: object properties: value: type: string - example: "nightswatch" + example: nightswatch display: type: string - example: "nightswatch" - + example: nightswatch scim_user_username: type: string description: The user's email address. This must be reachable via email. example: jon.snow@docker.com - scim_user_name: type: object properties: @@ -2109,48 +2498,44 @@ components: familyName: type: string example: Snow - scim_user_display_name: type: string description: The username in Docker. Also known as the "Docker ID". example: jonsnow - scim_user_schemas: type: array items: type: string - example: "urn:ietf:params:scim:schemas:core:2.0:User" + example: urn:ietf:params:scim:schemas:core:2.0:User minItems: 1 - scim_user_id: type: string example: d80f7c79-7730-49d8-9a41-7c42fb622d9c description: The unique identifier for the user. A v4 UUID. - scim_user: type: object properties: schemas: - $ref: "#/components/schemas/scim_user_schemas" + $ref: '#/components/schemas/scim_user_schemas' id: - $ref: "#/components/schemas/scim_user_id" + $ref: '#/components/schemas/scim_user_id' userName: - $ref: "#/components/schemas/scim_user_username" + $ref: '#/components/schemas/scim_user_username' name: - $ref: "#/components/schemas/scim_user_name" + $ref: '#/components/schemas/scim_user_name' displayName: - $ref: "#/components/schemas/scim_user_display_name" + $ref: '#/components/schemas/scim_user_display_name' active: type: boolean example: true emails: type: array items: - $ref: "#/components/schemas/scim_email" + $ref: '#/components/schemas/scim_email' groups: type: array items: - $ref: "#/components/schemas/scim_group" + $ref: '#/components/schemas/scim_group' meta: type: object properties: @@ -2162,31 +2547,13 @@ components: example: https://hub.docker.com/v2/scim/2.0/Users/d80f7c79-7730-49d8-9a41-7c42fb622d9c created: type: string - description: The creation date for the user as a RFC3339 formatted - string. - example: 2022-05-20T00:54:18Z + description: The creation date for the user as a RFC3339 formatted string. + example: '2022-05-20T00:54:18Z' lastModified: type: string - description: The date the user was last modified as a RFC3339 - formatted string. - example: 2022-05-20T00:54:18Z - + description: The date the user was last modified as a RFC3339 formatted string. + example: '2022-05-20T00:54:18Z' parameters: - scim_attributes: - in: query - name: attributes - schema: - type: string - description: Comma delimited list of attributes to limit to in the - response. - example: userName,displayName - scim_user_id: - name: id - in: path - schema: - type: string - description: The user ID. - example: "d80f7c79-7730-49d8-9a41-7c42fb622d9c" namespace: in: path name: namespace @@ -2205,22 +2572,132 @@ components: required: true schema: type: string + org_name: + in: path + name: org_name + description: Name of the organization (namespace). + schema: + type: string + example: myorganization + required: true + group_name: + in: path + name: group_name + description: Name of the group (team) in the organization. + schema: + type: string + example: developers + required: true + username: + in: path + name: username + description: Username, identifier for the user (namespace, DockerID). + schema: + type: string + example: jonsnow + required: true page: in: query name: page - required: false + description: Page number (starts on 1). schema: type: integer - description: "Page number to get. Defaults to 1." page_size: in: query name: page_size - required: false + description: Number of items (rows) per page. schema: type: integer - description: "Number of items to get per page. Defaults to 10. Max of 100." - + invites: + in: query + name: invites + description: Include invites in the response. + schema: + type: boolean + search: + in: query + name: search + schema: + type: integer + description: Search term. + scim_attributes: + in: query + name: attributes + schema: + type: string + description: Comma delimited list of attributes to limit to in the response. + example: userName,displayName + scim_user_id: + name: id + in: path + schema: + type: string + description: The user ID. + example: d80f7c79-7730-49d8-9a41-7c42fb622d9c + required: true + type: + in: query + name: type + schema: + type: string + enum: + - all + - invitee + - member + example: all + role: + in: query + name: role + schema: + type: string + enum: + - owner + - editor + - member + example: owner + bulk_invite: + in: header + name: X-Analytics-Client-Feature + description: Optional string that indicates the feature used to submit the bulk invites (e.g.'file', 'web') + schema: + type: string requestBodies: + bulk_invite_request: + required: true + content: + application/json: + schema: + type: object + required: + - org + - invitees + properties: + org: + type: string + description: organization name + example: docker + team: + type: string + description: team name + example: owners + role: + type: string + description: role for invitees + example: member + invitees: + type: array + description: list of invitees emails or Docker Ids + items: + type: string + description: invitee email or Docker ID + example: + - invitee1DockerId + - invitee2@docker.com + - invitee3@docker.com + dry_run: + type: boolean + description: Optional, run through validation but don't actually change data. + example: true scim_create_user_request: required: true content: @@ -2232,12 +2709,11 @@ components: - userName properties: schemas: - $ref: "#/components/schemas/scim_user_schemas" + $ref: '#/components/schemas/scim_user_schemas' userName: - $ref: "#/components/schemas/scim_user_username" + $ref: '#/components/schemas/scim_user_username' name: - $ref: "#/components/schemas/scim_user_name" - + $ref: '#/components/schemas/scim_user_name' scim_update_user_request: required: true content: @@ -2248,15 +2724,38 @@ components: - schemas properties: schemas: - $ref: "#/components/schemas/scim_user_schemas" + $ref: '#/components/schemas/scim_user_schemas' name: allOf: - - $ref: "#/components/schemas/scim_user_name" - - description: If this is omitted from the request, the - update will skip the update on it. We will only ever - change the name, but not clear it. + - $ref: '#/components/schemas/scim_user_name' + - description: If this is omitted from the request, the update will skip the update on it. We will only ever change the name, but not clear it. enabled: type: boolean default: false - description: If this is omitted from the request, it will - default to false resulting in a deactivated user. + description: If this is omitted from the request, it will default to false resulting in a deactivated user. + add_member_to_org_group: + required: true + content: + application/json: + schema: + type: object + required: + - member + properties: + member: + type: string + example: jonsnow +x-tagGroups: + - name: General + tags: + - resources + - rate-limiting + - name: API + tags: + - authentication + - access-tokens + - images + - audit-logs + - org-settings + - repositories + - scim From 750179cad2ab1dafced1411c01c1f90e88063608 Mon Sep 17 00:00:00 2001 From: Josh Newman Date: Thu, 12 Dec 2024 11:52:30 -0700 Subject: [PATCH 02/16] Add missing tags --- content/reference/api/hub/latest.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/content/reference/api/hub/latest.yaml b/content/reference/api/hub/latest.yaml index c1b35f17cde3..605e1fbf5b08 100644 --- a/content/reference/api/hub/latest.yaml +++ b/content/reference/api/hub/latest.yaml @@ -2759,3 +2759,5 @@ x-tagGroups: - org-settings - repositories - scim + - orgs + - invites From 764b0112e7eb86c54dca5cb611c8d4abd4ebe834 Mon Sep 17 00:00:00 2001 From: Josh Newman Date: Thu, 12 Dec 2024 11:57:06 -0700 Subject: [PATCH 03/16] Remove duplicate tag --- content/reference/api/hub/latest.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/content/reference/api/hub/latest.yaml b/content/reference/api/hub/latest.yaml index 605e1fbf5b08..a53f9e4faae2 100644 --- a/content/reference/api/hub/latest.yaml +++ b/content/reference/api/hub/latest.yaml @@ -787,7 +787,6 @@ paths: description: | Return all pending invites for a given org, only team owners can call this endpoint tags: - - orgs - invites responses: '200': From 9d2a4e47e008d1bf5f3128f7b04196623cc7f4a7 Mon Sep 17 00:00:00 2001 From: Josh Newman Date: Thu, 12 Dec 2024 12:00:40 -0700 Subject: [PATCH 04/16] Fix link --- content/reference/api/hub/latest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/reference/api/hub/latest.yaml b/content/reference/api/hub/latest.yaml index a53f9e4faae2..19ba3464fdb5 100644 --- a/content/reference/api/hub/latest.yaml +++ b/content/reference/api/hub/latest.yaml @@ -22,7 +22,7 @@ tags: x-displayName: Resources description: | The following resources are available to interact with the documented API: - - [Docker Hub CLI tool]("https://github.com/docker/hub-tool#readme) (currently experimental) + - [Docker Hub CLI tool](https://github.com/docker/hub-tool#readme) (currently experimental) - name: rate-limiting x-displayName: Rate Limiting description: | From 8a90175c10046c3db09e26cb9247cfab0fa6010f Mon Sep 17 00:00:00 2001 From: Josh Newman Date: Thu, 12 Dec 2024 12:01:45 -0700 Subject: [PATCH 05/16] Fix wording --- content/reference/api/hub/latest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/reference/api/hub/latest.yaml b/content/reference/api/hub/latest.yaml index 19ba3464fdb5..54ab26ff927a 100644 --- a/content/reference/api/hub/latest.yaml +++ b/content/reference/api/hub/latest.yaml @@ -118,7 +118,7 @@ paths: Most Docker Hub APIs require this token either to consume or to get detailed information. For example, to list images in a private repository. - _**As of Monday, September 16, 2024, this route requires a PAT instead of a password if your organization has SSO enforced.**_ + _**As of September 16, 2024, this route requires a PAT instead of a password if your organization has SSO enforced.**_ requestBody: content: application/json: From b8aaf24f2c51368372994f9c6ee319cef52498fd Mon Sep 17 00:00:00 2001 From: Artfaith <25136754+serious-angel@users.noreply.github.com> Date: Fri, 13 Dec 2024 18:17:38 +0200 Subject: [PATCH 06/16] Update envvars.md (#21627) Dear Community and Developers, Thank you heartfelt for the marvel you do... --- Fixed a tiny typo, ~~making the strict "Director" to not watch closely the directory but having their own business~~. --- Best and kind regards :sparkles: --- .../manuals/compose/how-tos/environment-variables/envvars.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/manuals/compose/how-tos/environment-variables/envvars.md b/content/manuals/compose/how-tos/environment-variables/envvars.md index a0fa287780ea..54a2a5e446a0 100644 --- a/content/manuals/compose/how-tos/environment-variables/envvars.md +++ b/content/manuals/compose/how-tos/environment-variables/envvars.md @@ -30,7 +30,7 @@ This page contains information on how you can set or change the following pre-de ## Methods to override You can set or change the pre-defined environment variables: -- With an [`.env` file located in your working director](/manuals/compose/how-tos/environment-variables/variable-interpolation.md) +- With an [`.env` file located in your working directory](/manuals/compose/how-tos/environment-variables/variable-interpolation.md) - From the command line - From your [shell](variable-interpolation.md#substitute-from-the-shell) From a5b2315656d3616073931488edddf9c79e87179b Mon Sep 17 00:00:00 2001 From: Josh Newman Date: Fri, 13 Dec 2024 11:58:19 -0700 Subject: [PATCH 07/16] Add missing groups --- content/reference/api/hub/latest.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/content/reference/api/hub/latest.yaml b/content/reference/api/hub/latest.yaml index 54ab26ff927a..bf7fd61ce260 100644 --- a/content/reference/api/hub/latest.yaml +++ b/content/reference/api/hub/latest.yaml @@ -2760,3 +2760,4 @@ x-tagGroups: - scim - orgs - invites + - groups From ac47c3f3fa88a642ff991b47c073faf729bc7609 Mon Sep 17 00:00:00 2001 From: Shariq Ahmed Khan Date: Sat, 14 Dec 2024 09:15:47 +0100 Subject: [PATCH 08/16] Update 02_our_app.md add 'useful' missing info about detached mode --- content/get-started/workshop/02_our_app.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/get-started/workshop/02_our_app.md b/content/get-started/workshop/02_our_app.md index 0e2ee0bbc5ad..9d05ba5fc112 100644 --- a/content/get-started/workshop/02_our_app.md +++ b/content/get-started/workshop/02_our_app.md @@ -104,7 +104,7 @@ Now that you have an image, you can run the application in a container using the The `-d` flag (short for `--detach`) runs the container in the background. This means that Docker starts your container and returns you to the terminal - prompt. + prompt. Also, it does not display logs in the terminal. The `-p` flag (short for `--publish`) creates a port mapping between the host and the container. The `-p` flag takes a string value in the format of From 9d9bad97db9edf29f5125979c26a1a71481a4709 Mon Sep 17 00:00:00 2001 From: Josh Newman Date: Sat, 14 Dec 2024 10:56:30 -0700 Subject: [PATCH 09/16] Put groups above invites --- content/reference/api/hub/latest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/reference/api/hub/latest.yaml b/content/reference/api/hub/latest.yaml index bf7fd61ce260..7d0099ab8a62 100644 --- a/content/reference/api/hub/latest.yaml +++ b/content/reference/api/hub/latest.yaml @@ -2759,5 +2759,5 @@ x-tagGroups: - repositories - scim - orgs - - invites - groups + - invites From 5733f792f2ec69a5d6e90d1795c9221e058c5b7b Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:50:25 +0100 Subject: [PATCH 10/16] fix: broken link to latest engine api version Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/reference/api/engine/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/reference/api/engine/_index.md b/content/reference/api/engine/_index.md index b226065c7e91..2511ce1ba3c3 100644 --- a/content/reference/api/engine/_index.md +++ b/content/reference/api/engine/_index.md @@ -40,7 +40,7 @@ The Docker Engine API is a RESTful API accessed by an HTTP client such as `wget` ## View the API reference You can -[view the reference for the latest version of the API](latest/index.html) +[view the reference for the latest version of the API](/reference/api/engine/version/v{{% param latest_engine_api_version %}}.md) or [choose a specific version](/reference/api/engine/version-history/). ## Versioned API and SDK From 9736a4bb9526ffbd7b49ce725f4fb7384d99a47c Mon Sep 17 00:00:00 2001 From: Nicolas De loof Date: Mon, 16 Dec 2024 09:58:26 +0100 Subject: [PATCH 11/16] Bump compose to v2.32.0 (#21626) ## Description Bump compose to v2.32.0 ## Related issues or tickets ## Reviews - [ ] Technical review - [ ] Editorial review - [ ] Product review --------- Signed-off-by: Nicolas De Loof Co-authored-by: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> --- _vendor/modules.txt | 2 +- .../manuals/compose/releases/release-notes.md | 25 +++++++++++++++++++ go.mod | 2 +- hugo.yaml | 2 +- 4 files changed, 28 insertions(+), 3 deletions(-) diff --git a/_vendor/modules.txt b/_vendor/modules.txt index e0b9fdce71ac..77efffc0e102 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -2,5 +2,5 @@ # github.com/moby/buildkit v0.18.0 # github.com/docker/buildx v0.19.2 # github.com/docker/cli v27.4.0+incompatible -# github.com/docker/compose/v2 v2.31.0 +# github.com/docker/compose/v2 v2.32.0 # github.com/docker/scout-cli v1.15.0 diff --git a/content/manuals/compose/releases/release-notes.md b/content/manuals/compose/releases/release-notes.md index ff14e92aca6d..2b4729c9fcd2 100644 --- a/content/manuals/compose/releases/release-notes.md +++ b/content/manuals/compose/releases/release-notes.md @@ -13,6 +13,31 @@ aliases: For more detailed information, see the [release notes in the Compose repo](https://github.com/docker/compose/releases/). +## 2.32.0 + +{{< release-date date="2024-12-13" >}} + +### Update + +- Dependencies upgrade: bump docker + buildx to latest release +- Dependencies upgrade: bump otel dependencies to v1.28.0 and v0.53.0 +- Dependencies upgrade: bump golang.org/x/sys 0.28.0 +- Dependencies upgrade: bump golang.org/x/crypto to 0.31.0 +- Dependencies upgrade: bump google.golang.org/grpc to 1.68.1 +- Dependencies upgrade: bump golang.org/x/sync 0.10.0 +- Dependencies upgrade: bump xx to v1.6.1 + +### Bug fixes and enhancements + +- Improved support when building with [Bake](/manuals/build/bake.md) +- Added `restart` and `sync+exec` watch actions +- Compose now recreates containers when the volume or network configuration changes +- Fixed support for `mac_address` +- Fixed `pull --quiet` to only hide progress, not global status +- Fixed an issue where only the `rebuild` watch action now requires a build declaration +- Compose now logs `watch` configuration error when enabled through the Compose menu + + ## 2.31.0 {{< release-date date="2024-11-28" >}} diff --git a/go.mod b/go.mod index 9f2ade109a47..752e39197d32 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.23.1 require ( github.com/docker/buildx v0.19.2 // indirect github.com/docker/cli v27.4.0+incompatible // indirect - github.com/docker/compose/v2 v2.31.0 // indirect + github.com/docker/compose/v2 v2.32.0 // indirect github.com/docker/scout-cli v1.15.0 // indirect github.com/moby/buildkit v0.18.0 // indirect github.com/moby/moby v27.4.0+incompatible // indirect diff --git a/hugo.yaml b/hugo.yaml index 9ef72604c382..56a269f10a18 100644 --- a/hugo.yaml +++ b/hugo.yaml @@ -109,7 +109,7 @@ params: latest_engine_api_version: "1.47" docker_ce_version: "27.4.0" docker_ce_version_prev: "27.3.1" - compose_version: "v2.30.3" + compose_version: "v2.32.0" compose_file_v3: "3.8" compose_file_v2: "2.4" buildkit_version: "0.16.0" From 5b52f10e77b846dfc8043e68f833de17d0396c44 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Thu, 12 Dec 2024 14:51:53 +0100 Subject: [PATCH 12/16] build(cloud): setup-buildx-action picks private buildx automatically No need to specify custom "version" input Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/manuals/build-cloud/ci.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/manuals/build-cloud/ci.md b/content/manuals/build-cloud/ci.md index 03b2064cc854..bd66ec53f422 100644 --- a/content/manuals/build-cloud/ci.md +++ b/content/manuals/build-cloud/ci.md @@ -74,7 +74,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: - version: "lab:latest" driver: cloud endpoint: "/default" install: true From 863869088429da477efd07520bccfd1479b67774 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Mon, 16 Dec 2024 16:00:56 +0100 Subject: [PATCH 13/16] build: mention docker buildx install Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/manuals/build/builders/_index.md | 42 ++++++++++++++++++++++ content/manuals/build/concepts/overview.md | 5 +++ 2 files changed, 47 insertions(+) diff --git a/content/manuals/build/builders/_index.md b/content/manuals/build/builders/_index.md index e1a9334eabe9..c926822df0e2 100644 --- a/content/manuals/build/builders/_index.md +++ b/content/manuals/build/builders/_index.md @@ -65,6 +65,48 @@ To switch between builders, use the `docker buildx use ` command. After running this command, the builder you specify is automatically selected when you invoke builds. +### Difference between `docker build` and `docker buildx build` + +Even though `docker build` is an alias for `docker buildx build`, there are +subtle differences between the two commands. With Buildx, the build client and +the and daemon (BuildKit) are decoupled. This means you can use multiple +builders from a single client, even remote ones. + +The `docker build` command always defaults to using the default builder that +comes bundled with the Docker Engine, for ensuring backwards compatibility with +older versions of the Docker CLI. The `docker buildx build` command, on the +other hand, checks whether you've set a different builder as the default +builder before it sends your build to BuildKit. + +To use the `docker build` command with a non-default builder, you must either: + +- Specify the builder explicitly, using the `--builder` flag or the `BUILDX_BUILDER` environment variable: + + ```console + $ BUILDX_BUILDER=my_builder docker build . + $ docker build --builder my_builder . + ``` + +- Configure Buildx as the default client by running the following command: + + ```console + $ docker buildx install + ``` + + This updates your [Docker CLI configuration file](/reference/cli/docker/_index.md#configuration-files) + to ensure all of your build-related commands are routed via Buildx. + + > [!TIP] + > To undo this change, run `docker buildx uninstall`. + + + +In general, we recommend that you use the `docker buildx build` command when +you want to use custom builders. This ensures that your [selected +builder](#selected-builder) configuration is interpreted correctly. + + + ## Additional information - For information about how to interact with and manage builders, diff --git a/content/manuals/build/concepts/overview.md b/content/manuals/build/concepts/overview.md index 8b30d3854058..e8a101e649f2 100644 --- a/content/manuals/build/concepts/overview.md +++ b/content/manuals/build/concepts/overview.md @@ -38,6 +38,11 @@ the CLI plugin from source, or grab a binary from the GitHub repository and install it manually. See [Buildx README](https://github.com/docker/buildx#manual-download) on GitHub for more information. +> [!NOTE] +> While `docker build` invokes Buildx under the hood, there are subtle +> differences between this command and the canonical `docker buildx build`. +> For details, see [Difference between `docker build` and `docker buildx build`](../builders/_index.md#difference-between-docker-build-and-docker-buildx-build). + ## BuildKit BuildKit is the daemon process that executes the build workloads. From de764a8138bbfbefef499bac84a0c879856f1739 Mon Sep 17 00:00:00 2001 From: Sarah Sanders Date: Mon, 16 Dec 2024 08:42:08 -0800 Subject: [PATCH 14/16] docs freshness: updates for organization section (#21630) ## Description - Docs freshness updates: - Style guide updates/consistency - Improved UI flow steps, some did not link to DH or Admin Console, and were vague - Added Admin Console steps where missing - Fixed a few incorrect UI flows - ENGDOCS-2357 updates: Updated Insights DD table for new fields ## Related issues or tickets - [ENGDOCS-2348](https://docker.atlassian.net/browse/ENGDOCS-2348) - [ENGDOCS-2357](https://docker.atlassian.net/browse/ENGDOCS-2357) ## Reviews - [ ] Editorial review [ENGDOCS-2348]: https://docker.atlassian.net/browse/ENGDOCS-2348?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ [ENGDOCS-2357]: https://docker.atlassian.net/browse/ENGDOCS-2357?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ --------- Co-authored-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- .../admin/images/team-repo-permission.png | Bin 20144 -> 0 bytes .../admin/organization/general-settings.md | 2 +- .../manuals/admin/organization/insights.md | 34 ++--- .../admin/organization/manage-a-team.md | 67 +++++----- content/manuals/admin/organization/members.md | 22 +++- content/manuals/admin/organization/onboard.md | 23 ++-- content/manuals/admin/organization/orgs.md | 119 +++++++++++++----- 7 files changed, 174 insertions(+), 93 deletions(-) delete mode 100644 content/manuals/admin/images/team-repo-permission.png diff --git a/content/manuals/admin/images/team-repo-permission.png b/content/manuals/admin/images/team-repo-permission.png deleted file mode 100644 index e5fab7466713c439bc63783b297db36fa6581d8c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 20144 zcmdS91yEei^Djzp2=1^*aCdhSf?I$D_r+P<9TFTC2yTG@0fGc~*To@7a9`ZrFMd|?(>=MiTt1{hlx&x4hIK^sUZJe0}c)e4G!*A zKPo)zNg}s`I~<&!Sz#Ji;y&Z@v9uy|^o^vR}Mz>#ql=QCuzV{89eZ zO6NK=%*A@pFe~H!?YQJ3_uTXbTer#H*yhtWX1eiXp1?$25QB6wyIi)@P4Mge?Sib;#-`5t|bz^1<{-gOp@|U#Yz`( z1}r#&?7~Bxxk!ds*yzKSMxXSrsTRFAFHZ~?zLkGq`frD0Ko_+7GeZyX+*9a9Fg2>P z53B{u3J5qZ`I>Ldw1sYc@^N_?ybuV-w=oShlv7RovG3H>Kqb=THg%jAW&4Yx@vLd2 zwT86m_3X(~?G2M&p7tpqcq+9<{S1MTQ)rozKmF4O4I@qCso$;EPpVtIKPK?DfW!g8 zpC^X`m%)KTYagLmGjANk?rY@?XBK**Yy6(#nzgp?*;gvB7j1}J*CU!3##f>7rQKv^ zmitJYc%lah4L7EQ%osigoj&952phJ3rfwZkHd5%@L4aVU*IOTreIc$s2Xg$G_;m7x zOm9Ib-TvFmpT!&eRF3kWky;K!29*vd59gZC27{~`IY?N-iGUk&8<344(!cdg9zihR zYVnoDANP}IG3D@y_&;5m#77c7vMt;qLzrm@iBwmV?i=q4Q&yWzL@HPlvVYC|6)V-fw3ja_|Tc>*}5pvN^*J2&+ivl z$xmnJV}7yi*#VKB#45B?TXK2%iZf9(3R9y6h1@kxO*?7Uc!#?ur;Yszm&7$fLMFian6aSp&#uAFSoIss>@5qHmnAiEH zjGedKl-&|&Yka5Xyn|BAdFk^rXRV` zwV(2K#d54XaKewMoR4N<}Ebcp?Hx1ks*lcvo%vZ{HOzWh$tmU0N0L7k{%~;)S(B3*bPpwf8al z%cjY8Pp2%4slHi0TXNcq(-m&b9GzP$E`f)#%vz4hySIIu4=$S}`(#&-BU_m`K*NuZ zkHl@CR`^dm-SFH;EMfqz4rs)scQCEG%oI`sOP)xo&eGK|1GwLqiP>JeX#R(AYTckm zC~7fTbuq6@x!<+__+%&O(Ih_5(`<;+6fSAap33q<+Vv)*AFfqG@}k+{PDAw-x8M== zLV7UVazwh)pYJNKKAMzN zTs9I2ctyT(nfPsNYRrP!HMXuJf;U;?BeV}>jyu^fPq@0e-a1K6Cq#~siLMyvXaw^2 zY4aZ;jeD-ipZ?8I_S*AmWUJ7mbrim7=F9;j38iM6U8xK)rGbdFSs=~NhNpBemBSia zrUFtClB20wc0+NtO63iYTX&u{Y-AWvwk*^oTP)|Q&xkehKn&R=h>xf8kJ_!yP68xW zRqT}JFWtI0;6|(IG=?do8*SWTN>jN@P`pp>00=Y{^Mm)n|KYQiNMuL!>aRMT&CK|^ zCLPLLbkWMz(Ja{%8oAXao(SFo3s$X1)M$&+oqJoV!uUXLNS{eZYbEJBsJY2tATw9j|3(FGenbK^T@)ZZS3PGAwW3yPvIJc35a2aHykN|QxsNTruH=wVIfc-)1{d|y}6{-By& zAgNDd^GfsX?-94Xa@ZRK<2xpyo8*oM%p8DEP}-iCr9_lULu`>4qiVXS*Iy6f7)DKg z+Ty}2NH3BQey;WvoUuw%Lus0NTtA&c%*2K_EE6s_#v&g#Efj1y&Sd`w@w`EOx8HJR zj1XL{TDpviI3kHo(TZ0nt=XomZ5uE>Iy3$5pwcu-+KzQO;hr;O!Lpr4@v3X)_A~Cn z2hY`>OcaqeYnO9C0g1e0cppTcgcp~N!mG9Y7C-to#Nau{)D}^PQ{GdgB>GN*5mMGE z5 zEk`?V6<)Ml!i9sY<&F>E0EH`3T2;(7f=IV>X4+%{KCs3MBm<~7&PKWx1|41h{Dnc| zT5ecn4TM#{|AOSlECFQLk39@J!D~1MSQH z5-_?xkV23mLGRgpkTi|4h^Qp(gtvu5LyYt-hr&O?wa?lc)KkFP=QY)xk-%_0-242$ z-Ml9MviSdsh5!AN`oB~BT<2^rzE%B$5XN8t{g#IQOCES<^0BC8t^(mToCzGV$;+w% z$U;*2s~>EI;2^EF&yCKs0SteoIVIxsSN{J$s-QLs9KJhiAf;-zvlmNH=Ir0y&cCnK zhiJz>?UUBF6SvFVku2f^VhYicYF}+_t8gtV%RgD6(byEi*XJ+XvyMwy5>_jJ>}HLh z(PkVMs(qdysSpxi3^%N@XDgYpPhwW1jveuSo%&Pfm(0W1l;x=Z*+ySS*TimvpyY#q zez4igt@0*41(K5X&*h(YBTcWf#RIeNdG{8q;3RCOnjWYq*N@wLPXg|G7IOkUkM6<$ zMIWOnD(Rh_|FbKkV#*>nH~$^D`Q~`_rJut8=>7_w{{T!T$*fa2lJx}KHYk?F_ud;e z<_S#Y_C3`&L;s{{OzF5>RpXYN0T6I};{C#BH(UHRTHxghsrTRfmw~l^8LDMUZES3@ zqOq8zcX;h}{Jt7c-%hbsapxR0s@z@XZ0~;;Loxh<^rNgzN9Z4}| zT)UMG^O?S7uFlH1;+1q%N@*5{TzlSD=_P=N{D~CVaj^j9NWa0+^Jw|y+l%H8L{*D8 z-sc*t@kX!T5fdLdZz#mXe7iR8l#&3v&ghWbe8?VImB}DajG@m}G_-)loy^Q;rQEgh zaIUS$zrjfOb?O?fR~D;wMX2USRNnKx;nZ{z?z^1o&26JOQMZFnrRp_uaa6A2__V&Q z&ZXC>nVv&;055dym_+c~wkeKL z#5v=X$?91ews2zm<8pdE*Mdy*nOq!}i}hz7Wfa&d7HhW#r>ukk{NUQ?znTM6pM^%* zFNHcHZYRGuYYZzstm3~%#EkAx!h%S{zN*gY*EF6#2LnSHH$^Y1)s-%TQ`3lCjz>?J%l z=z`5`Tx@`aiZQ9j^B2StPt@WmY60^7y-rAi?>d3${Env80`0Cl97i|p_g}-t@XBVa zke(?G7*APpgcItV{ZNRQ^%Xwt7L8^7F+R0|&6emtXIl|4`YuVMOS<-~ast|oWPWXC z(C%YjiNlsGbN;Cr6-h>WBWi-H`YEATz&@|57QtE|CWO_dW}4^-qv>@C>xM0q1d3u) zB(~W(;Ec~b1DaDdoQ&J6hI0=|jmSx~RkbESDvd9jOc1nRRu%M|n5^v!jZXbckE+K5 zac@IiXuSEJ+oe&h;m)>II*XRFf0fC!omB?L9cR*MW;0?pBzuFYzi#YOd1d>)S|IkM zGpYD|a~w$hAZ|uxgYhp17*ogHokpWUQ(7yhmi1X2)o`yfr+S+~qePlpqnLkC`&mi! zJ2^AoyhG0*|lCUkq=?=Y*yd(eK zYm!jj6lR!D(@KEVEBR+EiVMXMoWDs$aX%E~fbls+cS3ar5{32}udfP&T!KaC=X2k? zw=UHJ$V+|UXlzveH>{@nygOsz#Qhlji&Q*2y-GeK=Jw>P!6rJtW#-kdgHQQ%ZZBm5HaNUlbwA4N=e zC19b(gbb+-)axt=L2lnJEO)%TS)czjBWiywmJm`vovsj)3Q@_1Bmf6<)h|oB2fBpU z<%_}UO%;D2rL*?(zai%Q{nL;joGov{iyhCt4EOcv`fn}sh|vblfADf7Tm^Ii{hn`_ zX9gF9Y{_g0{w?eS@I)utFem_(XLYll;PMdb$}NLFMmlDkGBZ zW;I937W<|l6HqxjU^^01u=nWzH{XZIv(_Y3H5Pki(ew^|K=gs2L$$@3U6J$UEn40N zUMFm@c7!GgU4WblE!gaz4_r)@fMpJ4iZ0D0Nl75?M}y8WX*~&+-bDH^dSlJw%NDDb zS4XwILmGO994o$S-#Na&O(if0<*sYh{BAm2AN8BT4(RfWFh$IHzm|;~5;qCa z`+AV?7-*Wz%pnwTK20?RDHAQw$0<^=3B28%SStc&pAwYfb;sG{~qWjyXnFXf*q~DoDTM=Q;Ycpi`mL_zMaw=0eajT>N^@aUWj-TK zvlTwl)HYkeg_7HYrrZRjFhaMV|Nk{mNN+pJIhS^z9m@_+z0h4gzr1 z1p)QUv6Par0y9wt3HgDt0Hs)-PwWbPT`Ap4+U3vsb=;XG#7w$ITfO9nk9UnhpZ^35 zvqiJ}o+^aQfIUoV1!B{}{`D1NsH+lCMdC1OA9;qny+OWH6fS+w|8Qx0RlGVRE^EoS zc=vk3hNu_4xM_k5rJh!{wU1m9zLuM`4;Hn!tCGZyllm>n-@x?qt75JRAr84)D7GiiONtr}4-QQVhgxeyk$_NP-NhvY(Zhqn?(ABrRmc?m zaQWiaq~$~KwfpRASV+AFTw~mDHZ<5^Dp+5SU#SHLR|&R<3XQT-2FC&+8wzWUHsm)w z_%J+Lf2L;-&4;Q#&Pk%gY~eS-plT)fh2~lM%FWNi-9J-nsMfxJhuHH5`{GUx7I5$U zXG5^~chdm+i)SnULiYcMha9lTK3x6Zt;gJ7NN@7bhT@-1$Nz_iV)j;_mU{(R7!(pp zn$zoRYUyCZm+u!I-1lwNq|qttH@BB$BEm)-eqoS!mz+ws_Yx@m3T{y+feyxXC752J z8piVffxqFSD-ZoeJ7-%e1e_c8T~zgS3b1LL0I;>s)(6d9Jsm$7uz64`CBVekDKOU7 z+J1CM<;S@`L1(lReI~#GNj;ZQNQhd1z;zP0%&bB6vERRBj<42?uFbPv%TAX~)L?ktnvemT^y||{946v74#{KB_ z2La#0f+$ao>qJ^;LRN-E7h$9Og;dsZ+hNvnn!4JG9|&Zd9i}pPv7uk->6~*b;xy)o zl)PFJDkIx*d%86-?0Fa3H<^Lwm}Pz+(#Rbw^#%tOaRY*rLQaGS9AA@kf&RCt-K@K*USkYphPh-J}JB(xC zx1yxO8KD~Lx}#)~%r>6ct>pdaHS^7-HSxV{|XE~xY60ifm)4B2~~+g+M8x6ZAvCvi=VHin`!p_ zmc6Yk5ft*Enk5~eF*|TrnpGY6;pgqkcI)FiSAg%^m5MRQ#8!`|E)xH**3UF6<9y+0ms_02HoIbAE3inxSOf7 zMq*;^C=tlX!3?mZK-aCi1Xsx@`{h+mb&i}bYm=(@)26YNW6EwEkET)?TO=p(xxJC^ ziWD>>Jmey>U3m^>XSdISFZf~6snICE*ctK(a(#KZAl$?;UrBM@{qu4Jv>v-rAln0` z?}l5Hf%G!l?FT$kW9zSR?6pWA6X$+zJ4KUSkhIuJekorG>1f^AECBdGwyouTDHqqp z<|4owULYd;EEY^gVi4j}XS@>u+HkS8Y(IVV)OpO$_F|-1l)SNnk@Pkv&d(uNwRLqZ zz7Jgm@@}r!oedJtZ=KkB|4gBfYmi5oIXvphzN#A%!XTIvR)>Bs{1wL@GEKaQnHddT zr#G|6qUPd*U(%uBIqN*TLR_uKq5fHBxgx;R06Ct)8hcb(kHS^*qX?ntmb!%i0GSp^ ze~5prhPl7FRd|g5m(hgHwV+tq1hBH9qCfx9%Hi0cY`l2- zqokoF%l`k6v zpw^{~1IN0H?3IDGsp#<#K?H&Fx-H{?%$oiCOiHKTs(9=WjFg9=roHPHP~%msQJrJk zfsyuF`eQh`D?Ge9vjlVKu=jLi5j8i<#$@R)geE8}T;;%d={N7^KE3J<5kPRr8!CGz z+?+S$7`mu95~0>*%5&Fi`D%!5joRQL$4bf*QGUsIsH8}u`o|n~kS;|%mfEpeo zwtXs{`y~ry%x6AgkEwMMUhwP~xRDl7xSo>^m$f@6+9DOf1=1#c; zKV0^MTwz+_+_c(R@1L^JkpWHwJ2vj%+RV()0a~GkH=-oQBz-CeDUD|7aR_wp^wCX|*@lo%?6 zf@wV(Vv8jjx@o z%`*B}=EzBYUu#?vXj;;2Tyc4H1{&bRdCgSDk!oi?U6~s~uC||J!dphte@nF$yXVcc zD;&0K+uVEao%d7o=ivA^GVUU&OwE33YEO5R#m5zfl9J!%)3 zLu>yj=FphpMPcH#OmYr7iuiOmP4`wOrx_<9cf&Hx3xnL}P3tY7bMvoLWi=I?RE0ydb7QyLE^URJNDx^qbw0T5re|R{FGNLgF?~o0 zLbDktsuY;B>2JHPcoq3PZwggapRxqLntT&qW}9N3WhDpZoWFnm+Pg~@zm8shjo5$L zxrKF29yRQ_H1j?jLs#|00v*z~;+47@a;nT9fsulltOPLOa(8 z%}D_}*G1UjPKP*WbO?Wb`5-Ws1jxB^TmKcVEkzygvgD2osfSw+s3b-FCQ@Ar^x)=F+<#!C>Fm3Yg8xlx516{x zCX0cbw7)oyBVhOY+EQ2c7>+^)zp%Vdla`oc+o9JsB+l0x%=%)9k{N8@Hf;1|@oJ&7 z6!2kYrQ>Ct5rx8CtiA1a$nIOcbd?2gBT%^R)N6%41zTppoq8!2GY!Z6;76ue=J4Ls zct-?S^qI7>3J1AEf*LMBWuxuMNw)gzg0mw7l*K$R#QwJ&1?GS+B(sKmpl|UK(eiA~ z!8j^@ctVC7GT*x6UsJ+MjW8)!t*oe39<_Gf1vweWW z`uE1Ra8lGngK$M-zxIH)~Sx=6w2!f z5S^b^NL45gLTvt31|ifG#$G)XR)*fg1Is0bm&q8_qapy`;FLEZf-al1ziTal22tYg z!IS+?+E$z#UA0DKv>YF08f(WPy{34i#Vl^T=sM&~OD(>SPdxm1?jhNGXpr)c)!rRN z<{Rk!yM`>^=_5S91MuH`z_V%1a|)fm>**>sp4MdYQ9kt&UlL{7lSNwXG)a0mxh?FHPJ{Wh=KN4AxL^1W1hqAto+4qxr zC{MsZrO3esXUEtX^QJ!9#;G)K!yxYobN%jh^{bDPRWKuN=I)O|&~A^_3HzXiVABx~ zs%tQ+ZWBn5yA`uB{1OXl+kv205P0whil(@k&%-Dhlu-xwzKohyv~nOPc!FSCiU-Z$Q+=)$UenQnWU-z58pPjF1yqZg_K7&C8McPmN)1C{QCF77M zQ@F~juT*|pBvjWqhNdtf?9(k6AX8GVUT~9eW#a_F|J3p{o({6G?(5`{Oz`-fY>KB=7D#;Obi5o;_kIa+$hh@8^-WZ|3+8A7`o$0gOe7CZv{Z5vy@i%fCqPzE-4(u54A7oJzSu)3l{uuf2pSWFS_Kq%XTN@ ze}fiAU)=)`;k=*+0W=4MC)^4N1iG_N%+p=W#IDG3*ol~6)oogNMRO)EYDGPkSNjLgSty7AzCqBlPFO81->0I@y!7+DrQ(nDr+5%?`xTa zERY1f$N~@+NNTHKp)Y$3Yv6C#Gg!v_JNPZY4hSOy%aQ+0c*FAL|AR)l+uqmHQh=9h z0?=YTo6*d`S~(Mqc{<`PE>9hQ zEmYcRENQ#W33zsV8Cou~SlPb$Wy4Xhr|$!#4#9c1a(j4qIE&Ho^6V=kBeShMGEX++Ufp-qEu(0T`U}9#rad22!T=YHoa4M*)ug}WKDfl(C)p;jD z7^pA&pbP?FI2Q5^0s?_B(gT21i@D`xdpo<*l9FmqYUSJK=Kx>d7PPajc)^vWrOgRK z*4mDaj_=>$P#&~$*O<8qN=sSsbq4^BIb;T_^L?1Y=HAdE+JBK+U47V_n7}O}CMM3+ z-Pzd*4-3=M)}DYxky%lvwzjr{gM%X@(eCN&DE1Uy($mwYrlx*e8yXnAH;Rjm-RNxU zrs(hQ-&1RtnbE=!E~=@inFusBHFa`wvayM*O)#cw7+K4jOw1jipk8WYMouy#s)%lN zW;@EuqnUwX)Am3h$iuF7cG2|0;^O|UuDrs+3S~OFy1CeOzsoc?WP8I=k;qq9R>~_X zc-elh%8kWRhJ0>nYD!}Sy3k5=TLF14so$Gy_d_7Eva(`(Pjz1fpZ(`dUb334zw8%V zSFeWI`^*Zcftzlw`- z+!_S(tA!}s$x5AmfEIyF7}mtlkwQa5CtkV8#QhN57S>BM3Nss{E2lMh-%J9CQ)(c% zY`K42xn1l24qAE^H4!`M+kI|{JD90Aaqb-(X*NaZGEx+9VIjZ5i;84i(u5Ky>g5avPHFqx?Psc|mz(_A%h7rYl457vw| zbfWc0|3cr%%PT#59Qb&K;>kzd{u8`@`D9n}n#V+!8O?b%gOaqn5JFZ|FO0!n47Dym z%!oK+A~^MmmY@rNBB;)n^MZQCX}dfi7k+!&ip`6yIl6gA#GnzNowEc0I;`){R5pg@ z*ZW%j=Cb1hJCLy*TiLUW{h@PYgPGgU!VEn*7P@@2!D#qw<)C&qB=V*=CU)G+Z?Hr} zL}*+A)ycnxIh@qTbqqo{b-%eej`-6GWBC2HE0V@Ru{PV}l>QoI=7hfyy+DF>UcH)j z)LX`>lt4!M({HRC6HPk0Peo#G=o<2TljYSL76;yOo1dV4_evDZyjUoGu1*okI4GfZ z3b{A*w{(oj9ksmcw9Z%(=)7T2tk}zGQCQJIr4ES~+;$iGxqjLP+X3xr55ps6U3N~J zza?V{5-u7K%#rBkdkXK{#|61h%fG>ln_eORg&5ZUwwk-DI|Iw4d|SfP9u zH@7n%g?|o_yc=uzc2OPH-C0qm^R%D!UXtP*(yo?P=6Jp_P}l{ja$ah;7P1l&+7ZHV z@=0v1!g+^!w$*kv^|n6D+zm;&aJFJ+|HS)8kS0e$tZGNJuMHzaE&MC))LFePXHCq! zOMm5)BH3&2G(j*%1w2Ca#~dUb1A4>sumd(MwIiG3(Ie;;guxBjv8S(z0f%=*W>=*IKm z_4W0Ig$3T>H!tSnSbPMi8$z)iFT9AqTgc<3gu)H=etnI9r^I`M9TXevkoM#k;~Vs7 zxjg$ng#`ZFMm~-}SUzmQD{I?o3`r-r@z8k-;73}?YH#4b07D{KW2py6Mp|$Y!<5?X zU8%2HN-CGpptEtmk^jP<>X<3=m-)*lSwy4jjf{SaIM$P4sV|0~ZpmuT4&>m1)P6(i zykR7qGs2;R&RHC42B(eN&h!4HSt%_g1JEOfHcm)4Nl@JH|3!rM_cYr-a1(}y{&ycD z{O>7t0(B?vcvLT(#M;DT@h>92_I^Z%`%Q0;feIbSJ~(5i#QVYwCuLR3-6=F`6m#G$9@|9#_nmiv#6&0?odn}AAT35fMu44Fl-dvK z`g;m8Uc`j!?{UW;SpVbKW0LbAfrqE|)-+DwseLNZ=xBBwo4#LDH3l&zn)`?>D+DG!+duaZSG)*LC#8HX zNdGQNhABL)TWvm=#tnqTQnWa&cYi^_E-WZ`iq}3_YMNSJHq<>iI1mLwVhWT}$FhWZ zMMQi$+le`i{O-;R*zO-5XieX~4K8c)zSxF!Orprl%zSxRebLg=>b|+TAtodQ!>Cj` z`=|!1S=TBeoWwIN#0*7x-92l%*or92YF#JJo&<~nG$#X>n-Yo~gT5smq}CqpACHYv zjS^$rh00J+e9OR)3^5S*CpQ$AefGp?vw6^=WDD00KmZzhDn&ZhQ0kSlgX*6@oaHXmmSp} zh}7y1@=PZ%x#%(Q*6!-@YB7*fbc+*O82e2)@M^};7_X&bp?a!kmWtsG9q4Rfv_ndM zWp|7CblC0u@u+{e;UrK&X|;1rczC8WMoX{VITMlE8!1$pxo4mVW!!kx?{xE_pR}Zj zsp2OLX_I5M2QfH``;|;e8HzQ1_GgBhkne$z3540&9<=ACW=A#^Cm&%GNYjG(K;*c% z)LuB}t=<=6Vq)*BN=u{dR*KYeU|(PtdL?jU9FkIp@6GXOreI`bB*E4PZfbQ>1!$~+Lm{P6r)N~n(rNKvmtkdPov11=$C@792`UYpBg3=;m4)=v z;*z`uJzkFbrgd-N!7__Z)y5_fVc-rN0JOyY3X>~8c^^Qg>(zJux|T$bln;b~xo&VM z8o(ebsJ2WT#x6j#0VV;JeGLQaFD_iFu$Nz97hhRlz8=)z+IDP#a{qq3)7YpY^*ps)-TQ*c!|vCd<+uK>-*p`ic1;2iBN)A zwXj0Y75|O4)qEN--(;mTOo670HKpIZ>ym&BT=%sO%b8ijsq*2zchSN_kzo&4=a(Yg1kRWJEP}O`X$u9*Giq+W=YU5*Fvp zG)nP^B|up`8yuBII9~v3pUP+mzbi;U#$ZPrRC_~{M>%THc2QZD_jzcnoFmEgWKW5P z30ZrhRnMGX9;Z)xs z8ArC(pXpu2Q2AX=qSsMT>72|6BSBQr+)nJ&zF%*HK7KwqI+9s`pLVLKA)COW`9=c0 z&LqWS%mG|>{RJET>$`~14_~-2@?ya#(K0d?=E~%hitz>p8j9+|#7y9ZH`F(s_mXA3$uByiE4wm)}&a=U;vkvPyW^JN=_wf8> znTOIG*()Dc8eeV)(xXqi)oqH!tn?cEPs)23t)*@Pl{0Wj@mZfXyTPK1*yMeG=HD$W zEDjb!7@bQB4jT5Kkcg)qT#z?Wv&Cl02!EQ?p zjyZ6XuG=HIO#9K%(Oo|g%%HH?9L!AO0D`JdoTJUIJ7duPIMYV%uyA3gwIGty^R3}d z$4Kza@iOZyO(b}IunU>;01K6iNX&EWN31r^)pPb5cQWnaiq5MzIT|i4GiZ&r1Kvb; z5``VCPRsjbqfW?aiD~ei_VEJ4vbOYRi_?wZ# zAYIJS#?Zgb=b6qwxc}rb=2_IfJYsl$UV&n@_5qF-=Z2Of##-%C%<{gqzhVVf#}zUv z_k;|fU0h{Q-YMXziJ_^^4W>V+|G+yJtJWAtm)GU%Ps{hFX2z3TOqJjjtxf0ecL}#4 z9V%JQ+e4T%M8MZ}Yd9sMPUmbBuWc5Bp~N7G2dh!u1ebj3VK1C^#b&!fIrX2NNh_+YLtnB7mC zt;q-KY)n2EE7DBY(Un#2+^3xyzmQ;H(Z~$yRJ(9+bzh0zM-> zbbN+6-Kxj}%tE$NEaT)tVb8ml`Igs4gJ8NK=<1FJNB6E7?3MW@4ppn1=kLA3;KrA^H>ZUUK1Uvt4+qndu+5& zdiC0I^bew0W#`PsgAVHsu5bkyU5*R1)2%OpYzQUx4quzyl|^$nvfGDc7 z!Rp)_!0eR6C`7)8Z-EyfdHG#QM_%)GYgeg5D_D}<$^#DnV4buRRpv7usK)K%*_$coG` zamJ^L_jLyMzfJ-i50O2)0bYte96pXXI7!NdrN(1~a;MVe z>)a>3Y|@?0!|`H`z9v9EL=j5>3|7T zn*FGHHCG%U_m(r44I|*$bt^y? z^>;kAG!eKsOzl+X(7CK*JHxKgJjedMUd7e8lPc3lhNSR+j zKz0I#gR^~)nR!~@E2x--`Rs%pR57*FTUhpM>c^HDYYy7Wb&1;!wKwfeC9 zvLZ1sYMg5!AT}%&*IqwjIk$bZ6YqF5{Ry!8tm=S(&`lKzq%{|D&a(nuZt<9<<7YPi zqcQmm83=|{ENi64Dghu7@lm?DHx`O@yYoW&4Bt~3mq?+KNlb^W)_3n}_LF`_fxpQ_ zynViu5+-c2e+VzYb^C?-vMsZTmgQrP6MA2y0R3F!zd;t2>HhQzOdxO|oYMm~g?cHs zU1pd+p&EQi+4Ef+`Ql{LJld+-NmZDY0e&dNr#On-bmkL^J60Az?z!V#APtpm;A>ta z4{643?8YekIWN>=HV(;4T5Y~k<-vlV2J<9Cz8ra{v4u#IN6d^S|C)$CXx%M2SPYwN zBesCTOEs@o8j$kL-9ECG<5DF^ra$G`4K3n6Plw$Ob2P5U`m$A0@uFOZCm2GPO+$L^ zCR)dSA4t0Mo3ZsR@(#|&SSUL5D~v-%Qa)QLuhXb0S5*bS$uqycwqgD44x~X|&cjA%Y|GR2;uhWx8Cs9npQCGjz-!#`z-nzjV%wU8iUdUH zpBn%QDi7KF#-=boj6f$2^b*i)wnr@>^!T)bmAlEbDa zTKNH$^?5ei{?RE{?-I16B{un9%<@Qq;=fkD&gu8Z1B`gdtmS;qWl_;^Kl3b=$P465 z>KyZl#;^^`f={$G%V=7`P6{=0SzaQZOxWhH1b#8-N`B5m850}0_NDlKws?T?qinv> zQN(-~egW!qeLbE>6=s&5Zc-aW9wKr7eHY=0a0XPydJR&pjkFr29%;zoo|F~$MY(CA zjtr+4nElskk4VMI17nYuYpSd-K7$$I%!xGFG{Z0i1Q^!s?6P9ZZ8o@ldKL)aRcOf+ zX?hE0SNPne&~D&!AI8fpe#+#+=e=%O$3C)DU4;r(9>)gm5!Ksj3=F=k`HC|q0XL$-LtT*fX?&8uoa`1a z7$0by$05YVerGUizS)s{5yp$NKe5iMdyyFafn-5gw_P~Kuc)kl0doW+J&<>WhWb8f z^hytVsz8sMx=kIDYL+|5GsrbgTX3}z{2DV{=QE;Sb`JQ!CiQ`jaUOAariE~YF#y!m z5?x)zrlsh&jhtVW0j5RMlCV0k+n-NcLn-tab-ysYsT2D!e(N-hB>#k27rY-wWKBSD zwp6IajxONA*EQl=?^mF!!lcd)aE03zh{*fY;{~nrPSf`JfxF5YK}`5iGqy;O!RVRf z+?(@u!5g!0)aRl`OPjL(Yv^e>4v~;xi_K8-PBr|$db##!sM9b!VMxTHq@CKx zrCi6DW-^6}A#&NqB}=4LXpCeEL&`XcOpMWt+nQG8p37t~Axg@9SeM*sqcOs)nPptV z%>HWkoc(+EoZbJv^PcaI=R4;;@AsVNdCnWo9MPnhEmDY^R;nkF3|^MOmbn=|;jGvau324c0_Z@6a#-=!NXE2h7*aa_Ai4Iv z<(^hO1ms3p5$w3Qiru`rB=;<{(IcU#x4q^1pSLWGFwOJJ0g2Mhw*|abl3IIaF-j z*ploIO}qQ1kq`>Dfha6mz;RW_R{O_1?sk)98L@5MhRfaU$R$p+==KJsw zheLMRR~yQ(XU&?UPw#6*@7~FMV9m!{B*u~ls)T2y&`o!op0apZWR|h}idj%6s??Ic z@MgJq?9=Ohg9=$=V$(1!r#29|!b1HnFnqFi1dWDWM&A)X?B^s<`W%_~ZR!XY`Mp8) z@~~4`1g?F=PSPbiq(4%%TipcRE;DVTsYmEd8(>x1_opvO!@Pfrsy{s}=V#Kn&;HkD zgQwC@R^$BMKJ(}7Q=87b<#QL&8*<&w_gd=sS!MOYliP-uWCazOqkav>0@6Z=o6^LQ z%WWxQ&AE`doUSG7rW($HWQ4AV#IeoJxEN=n8Sbw9(46{gFG)J@rOmy_x3PFiYYDq$ z$v-aPRKa>8jYh8Vzx0j?8d@*(rkNf=TpGm~Q6u5QYOPsDSf&nv9p->QydadK;`ZzA zKC*)q=jK{GVrquvJ5lozA2i?3y@^yH=?$7I_QPL|DGGeQlR7-z?a2b>8OSyIT0ovI zO6l9Dp3%T}omP}BTU+OyJ@&~iu``5F{9u0vIm#If5&qVjTVbJcC178>eV}zrcGT1i ze>h^%pY*x2Yx_3>mm7yR3GIEXkmUo$Q&)yi45O*zL*+& z)f-GlWihzOjey=t{JE*QI((V;P|zl0mDnTKSX&b(hg|sqoL}d8n`CkA)VXlihIhqI zg<>97L=wEX!pI`uuCX^at1EXzuR4{Gg*R1$Kd6P$U4pzowq3h`=?k?BGueCQ}buo|V|rZfBbPR=a;qbTch(?U)&)bZVNm#TC38pPc&P15YNbiY*ADy-@5VYEMF-=wKAi75R7`?7KNP)Zmwk#Svy7iAv}t>1xyP zy6O$z(h>ETsSq`j;fQ5`AOra2`}dk0>ui~dIw3-V7?bN!^sc22ftC+`{T+iA&&IVu zJSKnCo$%n+;N-dt<|R?3l9-ApjK^%WzSqINvJ9xD@fulJDARRM{8AuJfeuyLswf9U zuhBkCnOrVk$kdCM2Y69L+l;YQOVx4DY=S%HDE1-dzF(U%`u;1aXboQ9&7k!3_iW&tI@pVDri88P&Q> z7smoj1QDB)_fP;oZTP}bd;E<>Sb^yW_g5lv($(a{ejei{14I$qXN&Ukc#o@^!duf@ z;_4g0)5d2soZ)#rZA1FoOeFQi<`k60#A~?|`n!Sc1yApMRq9X90ZRSrZ^zWW9stQc z<=9urUVLFNyzV_8yYY4bCOE34;nIF_2k1%?5-5(Y^($uZ%KT#-v;kk>G0ehcXUKup zdRYgdLxXt>gp;K8=VdBVdJ2C*S|@7J&6)CvLyNqu^=7T^|Fb&)KjrT&4gVlC^M6`0 z{|;mMSqOpdEgGZ%P-6&HMm;T`qT7g{1<$)zc$wQlASvHW;?QP1NL8UPkt6{sl>m(l zIPf;VWSb_W{)6n(IPi=wF|S!1RjVDyd1={ET_-%6Z+pA+08Iu0*;zZG8I~7g{{Si+ B@$mov diff --git a/content/manuals/admin/organization/general-settings.md b/content/manuals/admin/organization/general-settings.md index 9b5eb7d31e08..ada92c672a61 100644 --- a/content/manuals/admin/organization/general-settings.md +++ b/content/manuals/admin/organization/general-settings.md @@ -11,7 +11,7 @@ This section describes how to manage organization settings in the Docker Admin C ## Configure general information -General organization information appears on your organization landing page in Docker Hub. +General organization information appears on your organization landing page in the Admin Console. This information includes: - Organization Name diff --git a/content/manuals/admin/organization/insights.md b/content/manuals/admin/organization/insights.md index 159a5020ea04..478f8101b471 100644 --- a/content/manuals/admin/organization/insights.md +++ b/content/manuals/admin/organization/insights.md @@ -15,17 +15,19 @@ productivity and efficiency across the organization. Key benefits include: -* Uniform working environment. Establish and maintain standardized +- Uniform working environment. Establish and maintain standardized configurations across teams. -* Best practices. Promote and enforce usage guidelines to ensure optimal +- Best practices. Promote and enforce usage guidelines to ensure optimal performance. -* Increased visibility. Monitor and drive adoption of organizational +- Increased visibility. Monitor and drive adoption of organizational configurations and policies. -* Optimized license use. Ensure that developers have access to advanced +- Optimized license use. Ensure that developers have access to advanced features provided by a Docker subscription. ## View Insights for organization users +{{< include "admin-early-access.md" >}} + 1. Go to the [Admin Console](https://app.docker.com/admin/) and sign in to an account that is an organization owner. 2. Select your company on the **Choose profile** page. @@ -33,18 +35,19 @@ Key benefits include: 4. On the **Insights** page, select the period of time for the data. > [!NOTE] +> > Insights data is not real-time and is updated daily. At the top-right of the > Insights page, view the **Last updated** date to understand when the data was > last updated. You can view data in the following charts: - * [Docker Desktop users](#docker-desktop-users) - * [Builds](#builds) - * [Containers](#containers) - * [Docker Desktop usage](#docker-desktop-usage) - * [Docker Hub images](#docker-hub-images) - * [Extensions](#extensions) + - [Docker Desktop users](#docker-desktop-users) + - [Builds](#builds) + - [Containers](#containers) + - [Docker Desktop usage](#docker-desktop-usage) + - [Docker Hub images](#docker-hub-images) + - [Extensions](#extensions) ### Docker Desktop users @@ -56,13 +59,12 @@ counts. The chart contains the following data. -| Data | Description | +| Data | Description | |:-----------------------------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Total active users | The number of users that have actively used Docker Desktop and either signed in with a Docker account that has a license in your organization or signed in to a Docker account with an email address from a domain associated with your organization.

Users who don’t sign in to an account associated with your organization are not represented in the data. To ensure users sign in with an account associated with your organization, you can [enforce sign-in](/security/for-admins/enforce-sign-in/). | -| Active with license | The number of users that have actively used Docker Desktop and have signed in to a Docker account with a license in your organization. | -| Active without license | The number of users that have actively used Docker Desktop, are linked to a Docker account with an email address from a domain associated with your organization, and don’t have a license assigned to their account.

Users without a license don’t receive the benefits of your subscription. You can use [domain audit](/security/for-admins/domain-audit/) to identify users without a license. You can also use [Just-in-Time provisioning](/security/for-admins/provisioning/just-in-time/) or [SCIM](/security/for-admins/provisioning/scim/) to help automatically provision users with a license. Note that when SSO is configured and enforced, active without license will be 0. | -| Users opted out of analytics | The number of users that are a member of your organization that have opted out of sending analytics.

When users opt out of sending analytics, you won't see any of their data in Insights. To ensure that the data includes all users, you can use [Settings Management](/desktop/hardened-desktop/settings-management/) to set `analyticsEnabled` for all your users. | -| Active users (graph) | The view over time for total active users. | +| Active user | The number of users that have actively used Docker Desktop and either signed in with a Docker account that has a license in your organization or signed in to a Docker account with an email address from a domain associated with your organization.

Users who don’t sign in to an account associated with your organization are not represented in the data. To ensure users sign in with an account associated with your organization, you can [enforce sign-in](/security/for-admins/enforce-sign-in/). | +| Total organization members | The number of users that have used Docker Desktop, regardless of their Insights activity. | +| Users opted out of analytics | The number of users that are a member of your organization that have opted out of sending analytics.

When users opt out of sending analytics, you won't see any of their data in Insights. To ensure that the data includes all users, you can use [Settings Management](/desktop/hardened-desktop/settings-management/) to set `analyticsEnabled` for all your users. | +| Active users (graph) | The view over time for total active users. | ### Builds diff --git a/content/manuals/admin/organization/manage-a-team.md b/content/manuals/admin/organization/manage-a-team.md index 55fad01c3a61..efc865e0690a 100644 --- a/content/manuals/admin/organization/manage-a-team.md +++ b/content/manuals/admin/organization/manage-a-team.md @@ -10,37 +10,36 @@ aliases: You can create teams for your organization in Docker Hub and the Docker Admin Console. You can [configure repository access for a team](#configure-repository-permissions-for-a-team) in Docker Hub. -A team is a group of Docker users that belong to an organization. An -organization can have multiple teams. An -organization owner can then create new teams and add members to an existing team -using their Docker ID or email address and by selecting a team the user should be part of. Members aren't required to be part of a team to be associated with an organization. +A team is a group of Docker users that belong to an organization. An organization can have multiple teams. An organization owner can then create new teams and add members to an existing team using their Docker ID or email address and by selecting a team the user should be part of. Members aren't required to be part of a team to be associated with an organization. The organization owner can add additional organization owners to help them manage users, teams, and repositories in the organization by assigning them the owner role. ## Organization owner -An organization owner is an administrator who is responsible to manage -repositories and add team members to the organization. They have full access to -private repositories, all teams, billing information, and org settings. An org -owner can also specify [permissions](#permissions-reference) for each team in -the organization. Only an org owner can enable [SSO](../../security/for-admins/single-sign-on/_index.md) -for -the organization. When SSO is enabled for your organization, the org owner can +An organization owner is an administrator who has the following permissions: + +- Manage repositories and add team members to the organization. +- Access private repositories, all teams, billing information, and organization settings. +- Specify [permissions](#permissions-reference) for each team in the organization. +- Enable [SSO](../../security/for-admins/single-sign-on/_index.md) for the organization. + +When SSO is enabled for your organization, the organization owner can also manage users. Docker can auto-provision Docker IDs for new end-users or users who'd like to have a separate Docker ID for company use through SSO enforcement. -The org owner can also add additional org owners to help them manage users, teams, and repositories in the organization. +The organization owner can also add additional organization owners to help them manage users, teams, and repositories in the organization. ## Create a team {{< tabs >}} {{< tab name="Docker Hub" >}} -1. Go to **Organizations** in Docker Hub, and select your organization. -2. Select the **Teams** tab and then select **Create Team**. -3. Fill out your team's information and select **Create**. -4. [Add members to your team](members.md#add-a-member-to-a-team). +1. Sign in to [Docker Hub](https://hub.docker.com). +2. Select **Organizations** and choose your organization. +3. Select the **Teams** tab and then select **Create Team**. +4. Fill out your team's information and select **Create**. +5. [Add members to your team](members.md#add-a-member-to-a-team). {{< /tab >}} {{< tab name="Admin Console" >}} @@ -61,19 +60,18 @@ The org owner can also add additional org owners to help them manage users, team Organization owners can configure repository permissions on a per-team basis. For example, you can specify that all teams within an organization have "Read and Write" access to repositories A and B, whereas only specific teams have "Admin" -access. Note that org owners have full administrative access to all repositories within the organization. +access. Note that organization owners have full administrative access to all repositories within the organization. -To give a team access to a repository +To give a team access to a repository: -1. Navigate to **Organizations** in Docker Hub, and select your organization. -2. Select the **Teams** tab and select the team that you'd like to configure repository access to. -3. Select the **Permissions** tab and select a repository from the +1. Sign in to [Docker Hub](https://hub.docker.com). +2. Select **Organizations** and choose your organization. +3. Select the **Teams** tab and select the team that you'd like to configure repository access to. +4. Select the **Permissions** tab and select a repository from the **Repository** drop-down. -4. Choose a permission from the **Permissions** drop-down list and select +5. Choose a permission from the **Permissions** drop-down list and select **Add**. - ![Team Repo Permissions](../images/team-repo-permission.png) - Organization owners can also assign members the editor role to grant partial administrative access. See [Roles and permissions](../../security/for-admins/roles-and-permissions.md) for more about the editor role. ### Permissions reference @@ -110,8 +108,10 @@ you automatically have "Read-only" permissions: To view a team's permissions across all repositories: -1. Open **Organizations** > **_Your Organization_** > **Teams** > **_Team Name_**. -2. Select the **Permissions** tab, where you can view the repositories this team can access. +1. Sign in to [Docker Hub](https://hub.docker.com). +2. Select **Organizations** and choose your organization. +3. Select **Teams** and choose your team name. +4. Select the **Permissions** tab, where you can view the repositories this team can access. ## Delete a team @@ -120,19 +120,20 @@ Organization owners can delete a team in Docker Hub or Admin Console. When you r {{< tabs >}} {{< tab name="Docker Hub" >}} -1. Go to **Organizations** in Docker Hub, and select your organization. -2. Select the **Teams** tab. -3. Select the name of the team that you want to delete. -4. Select **Settings**. -5. Select **Delete Team**. -6. Review the confirmation message, then select **Delete**. +1. Sign in to [Docker Hub](https://hub.docker.com). +2. Select **Organizations** and choose your organization. +3. Select the **Teams** tab. +4. Select the name of the team that you want to delete. +5. Select **Settings**. +6. Select **Delete Team**. +7. Review the confirmation message, then select **Delete**. {{< /tab >}} {{< tab name="Admin Console" >}} {{< include "admin-early-access.md" >}} -1. In Admin Console, select your organization. +1. In the [Admin Console](https://app.docker.com/admin), select your organization. 2. In the **User management** section, select **Teams**. 3. Select the **Actions** icon next to the name of the team you want to delete. 4. Select **Delete team**. diff --git a/content/manuals/admin/organization/members.md b/content/manuals/admin/organization/members.md index 6042f7d34374..fdb1e19e14cd 100644 --- a/content/manuals/admin/organization/members.md +++ b/content/manuals/admin/organization/members.md @@ -205,7 +205,25 @@ Owners can export a CSV file containing all members. The CSV file for a company - Invited to Organizations: All organizations the user is an invitee of within a company - Account Created: The time and date when the user account was created -To export a CSV file of the members: +{{< tabs >}} +{{< tab name="Docker Hub" >}} + +To export a CSV file of your members: + 1. Sign in to [Docker Hub](https://hub.docker.com). 2. Select **Organizations**, your organization, and then **Members**. -3. Select the **Action** icon and then select **Export users as CSV**. \ No newline at end of file +3. Select the **Action** icon and then select **Export users as CSV**. + +{{< /tab >}} +{{< tab name="Admin Console" >}} + +{{< include "admin-early-access.md" >}} + +To export a CSV file of your members: + +1. In the [Admin Console](https://app.docker.com/admin), select your organization. +2. Select **Members**. +3. Select the **download** icon to export a CSV file of all members. + +{{< /tab >}} +{{< /tabs >}} \ No newline at end of file diff --git a/content/manuals/admin/organization/onboard.md b/content/manuals/admin/organization/onboard.md index 6d39acb96dfa..74a31e69beae 100644 --- a/content/manuals/admin/organization/onboard.md +++ b/content/manuals/admin/organization/onboard.md @@ -15,9 +15,9 @@ aliases: Learn how to onboard your organization using Docker Hub or the Docker Admin Console. -Onboarding your organization lets administrators gain visibility into the activity of your users and enforce security settings. In addition, members of your organization receive increased pull limits and other organization wide benefits. For more details, see [Docker subscriptions and features](../../subscription/details.md). +Onboarding your organization lets administrators gain visibility into user activity and enforce security settings. In addition, members of your organization receive increased pull limits and other organization wide benefits. For more details, see [Docker subscriptions and features](../../subscription/details.md). -In this guide, you'll learn how to get started with the following: +In this guide, you'll learn how to do the following: - Identify your users to help you efficiently allocate your subscription seats - Invite members and owners to your organization @@ -27,7 +27,8 @@ In this guide, you'll learn how to get started with the following: ## Prerequisites Before you start to onboard your organization, ensure that you: -- Have a Docker Team or Business subscription. See [Pricing & Subscriptions](https://www.docker.com/pricing/) for details. + +- Have a Docker Team or Business subscription. See [Docker Pricing](https://www.docker.com/pricing/) for details. > [!NOTE] > @@ -35,24 +36,24 @@ Before you start to onboard your organization, ensure that you: - Familiarize yourself with Docker concepts and terminology in the [glossary](/glossary/) and [FAQs](/faq/admin/general-faqs/). -## Step 1: Identify your Docker users and their Docker accounts +## Step 1: Identify your Docker users Identifying your users will ensure that you allocate your subscription seats efficiently and that all your Docker users receive the benefits of your subscription. 1. Identify the Docker users in your organization. - - If your organization uses device management software, like MDM or JAMF, you may use the device management software to help identify Docker users. See your device management software's documentation for details. You can identify Docker users by checking if Docker Desktop is installed at the following location on each user's machine: + - If your organization uses device management software, like MDM or Jamf, you may use the device management software to help identify Docker users. See your device management software's documentation for details. You can identify Docker users by checking if Docker Desktop is installed at the following location on each user's machine: - Mac: `/Applications/Docker.app` - Windows: `C:\Program Files\Docker\Docker` - Linux: `/opt/docker-desktop` - If your organization doesn't use device management software or your users haven't installed Docker Desktop yet, you may survey your users. -2. Instruct all your Docker users in your organization to update their existing Docker account's email address to an address that's in your organization's domain, or to create a new account using an email address in your organization's domain. +2. Instruct all your organization's Docker users to update their existing Docker account's email address to an address that's in your organization's domain, or to create a new account using an email address in your organization's domain. - To update an account's email address, instruct your users to sign in to [Docker Hub](https://hub.docker.com), and update the email address to their email address in your organization's domain. - To create a new account, instruct your users to go [sign up](https://hub.docker.com/signup) using their email address in your organization's domain. 3. Ask your Docker sales representative or [contact sales](https://www.docker.com/pricing/contact-sales/) to get a list of Docker accounts that use an email address in your organization's domain. ## Step 2: Invite owners -When you create an organization, you are the only owner. You may optionally add additional owners. Owners can help you onboard and manage your organization. +When you create an organization, you are the only owner. It is optional to add additional owners. Owners can help you onboard and manage your organization. To add an owner, invite a user and assign them the owner role. For more details, see [Invite members](/admin/organization/members/). @@ -68,22 +69,22 @@ Configuring SSO and SCIM is optional and only available to Docker Business subsc You can manage your members in your identity provider and automatically provision them to your Docker organization with SSO and SCIM. See the following for more details. - [Configure SSO](/manuals/security/for-admins/single-sign-on/configure.md) to authenticate and add members when they sign in to Docker through your identity provider. - - Optional: [Enforce SSO](/manuals/security/for-admins/single-sign-on/connect.md) to ensure that when users sign in to Docker, they must use SSO. + - Optional. [Enforce SSO](/manuals/security/for-admins/single-sign-on/connect.md) to ensure that when users sign in to Docker, they must use SSO. + > [!NOTE] > > Enforcing single sign-on (SSO) and [Step 5: Enforce sign-in for Docker > Desktop](#step-5-enforce-sign-in-for-docker-desktop) are different > features. For more details, see > [Enforcing sign-in versus enforcing single sign-on (SSO)](/security/for-admins/enforce-sign-in/#enforcing-sign-in-versus-enforcing-single-sign-on-sso). + - [Configure SCIM](/security/for-admins/provisioning/scim/) to automatically provision, add, and de-provision members to Docker through your identity provider. ## Step 5: Enforce sign-in for Docker Desktop By default, members of your organization can use Docker Desktop without signing in. When users don’t sign in as a member of your organization, they don’t -receive the [benefits of your organization’s subscription](../../subscription/details.md) and they can circumvent -[Docker’s security features](/security/for-admins/hardened-desktop/) for your -organization. +receive the [benefits of your organization’s subscription](../../subscription/details.md) and they can circumvent [Docker’s security features](/security/for-admins/hardened-desktop/). There are multiple ways you can enforce sign-in, depending on your company's set up and preferences: diff --git a/content/manuals/admin/organization/orgs.md b/content/manuals/admin/organization/orgs.md index 5cab7b539d36..c95e6db44c2a 100644 --- a/content/manuals/admin/organization/orgs.md +++ b/content/manuals/admin/organization/orgs.md @@ -10,33 +10,57 @@ aliases: This section describes how to create an organization. Before you begin: -- You need a [Docker ID](/accounts/create-account/). -- Review the [Docker subscriptions and features](../../subscription/details.md) to determine what plan to choose for your organization. +- You need a [Docker ID](/accounts/create-account/) +- Review the [Docker subscriptions and features](../../subscription/details.md) to determine what plan to choose for your organization ## Create an organization -There are multiple ways to create an organization. You can create a brand new -organization using the **Create Organization** option in Docker Hub, or you can -convert an existing user account to an organization. The following section -contains instructions on how to create a new organization. For prerequisites and +There are multiple ways to create an organization. You can either: +- Create a new organization using the **Create Organization** option in Docker Hub +- Convert an existing user account to an organization + +The following section contains instructions on how to create a new organization. For prerequisites and detailed instructions on converting an existing user account to an organization, see [Convert an account into an organization](../convert-account.md). -To create an organization: +{{< tabs >}} +{{< tab name="Docker Hub" >}} 1. Sign in to [Docker Hub](https://hub.docker.com/) using your Docker ID, your email address, or your social provider. -2. Select **Organizations** and then **Create Organization** to create a new - organization. -3. Choose a plan for your organization and select **Buy Now**. See -[Docker Pricing](https://www.docker.com/pricing/) -for details on the features offered in the Team and Business plan. +2. Select **Organizations** and then **Create Organization** to create a new organization. +3. Choose a plan for your organization, a billing cycle, and specify how many seats you need. See [Docker Pricing](https://www.docker.com/pricing/) for details on the features offered in the Team and Business plan. +4. Select **Continue to profile**. +5. Enter an **Organization namespace**. This is the official, unique name for +your organization in Docker Hub. It's not possible to change the name of the +organization after you've created it. > [!NOTE] > - > Selecting **Buy Now** isn't an obligation to pay. You can complete - > this step without incurring a payment. + > You can't use the same name for the organization and your Docker ID. If you want to use your Docker ID as the organization name, then you must first [convert your account into an organization](../convert-account.md). + +6. Enter your **Company name**. This is the full name of your company. Docker +displays the company name on your organization page and in the details of any +public images you publish. You can update the company name anytime by navigating +to your organization's **Settings** page. +7. Select **Continue to billing** to continue. +8. Enter your organization's billing information and select **Continue to payment** to continue to the billing portal. +9. Provide your card details and select **Purchase**. -4. Enter a name for your organization. This is the official, unique name for +You've now created an organization. + +{{< /tab >}} +{{< tab name="Admin Console" >}} + +{{< include "admin-early-access.md" >}} + +To create an organization: + +1. Sign in to [Docker Home](https://app.docker.com/). +2. Under Settings and administration, select **Go to Admin Console**. +3. Select the **Organization** drop-down in the left-hand navigation and then **Create Organization**. +4. Choose a plan for your organization, a billing cycle, and specify how many seats you need. See [Docker Pricing](https://www.docker.com/pricing/) for details on the features offered in the Team and Business plan. +5. Select **Continue to profile**. +6. Enter an **Organization namespace**. This is the official, unique name for your organization in Docker Hub. It's not possible to change the name of the organization after you've created it. @@ -44,34 +68,37 @@ organization after you've created it. > > You can't use the same name for the organization and your Docker ID. If you want to use your Docker ID as the organization name, then you must first [convert your account into an organization](../convert-account.md). -5. Enter the name of your company. This is the full name of your company. Docker +7. Enter your **Company name**. This is the full name of your company. Docker displays the company name on your organization page and in the details of any public images you publish. You can update the company name anytime by navigating to your organization's **Settings** page. -6. Select **Purchase** to continue. -7. Enter the billing information for your organization. -8. Select **Submit** to continue to the billing portal. -9. In the billing portal, select **Qty** to update the number of seats you require, then select **Update**. -10. (Optional) Select annual or monthly billing cycle. -11. Follow the on-screen instructions to pay for your subscription. +8. Select **Continue to billing** to continue. +9. Enter your organization's billing information and select **Continue to payment** to continue to the billing portal. +10. Provide your card details and select **Purchase**. You've now created an organization. +{{< /tab >}} +{{< /tabs >}} + ## View an organization +{{< tabs >}} +{{< tab name="Docker Hub" >}} + To view an organization: -1. Sign in to Docker Hub with a user account that is a member of any team in the - organization. +1. Sign in to [Docker Hub](https://hub.docker.com) with a user account that is a member of any team in the + organization. > [!NOTE] > - > You can't _directly_ log in to an organization. This is especially + > You can't *directly* sign in to an organization. This is especially > important to note if you create an organization by [converting a user account](../convert-account.md), as conversion means you lose the ability to log into that - > "account", since it no longer exists. To view the organization you - > need to log in with the new owner account assigned during the - > conversion or another account that was added as a member. If you + > "account", since it no longer exists. To view the organization you + > need to sign in with the new owner account assigned during the + > conversion or another account that was added as a member. If you > don't see the organization after logging in, > then you are neither a member or an owner of it. An organization > administrator needs to add you as a member of the organization. @@ -79,7 +106,7 @@ To view an organization: 2. Select **Organizations** in the top navigation bar, then choose your organization from the list. -The organization landing page displays various options that allow you to +The organization landing page displays various options that let you to configure your organization. - **Members**: Displays a list of team members. You @@ -98,7 +125,7 @@ configure your organization. details. - **Settings**: Displays information about your - organization, and allows you to view and change your repository privacy + organization, and you to view and change your repository privacy settings, configure org permissions such as [Image Access Management](/manuals/security/for-admins/hardened-desktop/image-access-management.md), configure notification settings, and [deactivate](../deactivate-account.md#deactivate-an-organization) You can also update your organization name and company name that appear on your organization landing page. You must be an owner to access the organization's **Settings** page. @@ -106,6 +133,38 @@ configure your organization. - **Billing**: Displays information about your existing [Docker subscription (plan)](../../subscription/_index.md), including the number of seats and next payment due date. For how to access the billing history and payment methods for your organization, see [View billing history](../../billing/history.md). +{{< /tab >}} +{{< tab name="Admin Console" >}} + +{{< include "admin-early-access.md" >}} + +To view an organization in the Admin Console: + +1. Sign in to [Docker Home](https://app.docker.com). +2. Under Settings and administration, select **Go to Admin Console**. +3. Select your organization from the **Organization** drop-down in the left-hand navigation. + +The Admin Console displays various options that let you to +configure your organization. + +- **Members**: Displays a list of team members. You + can invite new members using the **Invite members** button. See [Manage members](./members.md) for details. + +- **Teams**: Displays a list of existing teams and the number of + members in each team. See [Create a team](./manage-a-team.md) for details. + +- **Activity** Displays the audit logs, a chronological list of activities that + occur at organization and repository levels. It provides the org owners a + report of all their team member activities. See [Audit logs](./activity-logs.md) for + details. + +- **Security and access**: Manage security settings. For more information, see [Security](/manuals/security/_index.md). + +- **Organization settings**: Update general settings, manage your company settings, or [deactivate your organization](/manuals/admin/deactivate-account.md). + +{{< /tab >}} +{{< /tabs >}} + ## Merge organizations > [!WARNING] From 948b9cac9b981fd6a851d609861741b02e323af5 Mon Sep 17 00:00:00 2001 From: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> Date: Mon, 16 Dec 2024 16:43:36 +0000 Subject: [PATCH 15/16] ENGDOCS-2332 (#21639) ## Description Adds new attributes to the spec from the recent 2.32.0 release ## Related issues or tickets ## Reviews - [ ] Technical review - [ ] Editorial review - [ ] Product review --- _vale/config/vocabularies/Docker/accept.txt | 1 + content/reference/compose-file/develop.md | 30 +++++++++++++++++++-- content/reference/compose-file/services.md | 21 +++++++++++++++ 3 files changed, 50 insertions(+), 2 deletions(-) diff --git a/_vale/config/vocabularies/Docker/accept.txt b/_vale/config/vocabularies/Docker/accept.txt index 97b29fc63320..2dceba9aace4 100644 --- a/_vale/config/vocabularies/Docker/accept.txt +++ b/_vale/config/vocabularies/Docker/accept.txt @@ -153,6 +153,7 @@ kubectl kubefwd kubelet lookup +label_file macOS macvlan mfsymlinks diff --git a/content/reference/compose-file/develop.md b/content/reference/compose-file/develop.md index 1e48a00ff290..d08ad90a31d7 100644 --- a/content/reference/compose-file/develop.md +++ b/content/reference/compose-file/develop.md @@ -56,10 +56,36 @@ Compose to monitor source code for changes. For more information, see [Use Compo `action` defines the action to take when changes are detected. If `action` is set to: - `rebuild`, Compose rebuilds the service image based on the `build` section and recreates the service with the updated image. +- `restart`, Compose restarts the service container. Available with Docker Compose version 2.32.0 and later. - `sync`, Compose keeps the existing service container(s) running, but synchronizes source files with container content according to the `target` attribute. -- `sync+restart`, Compose synchronizes source files with container content according to the `target` attribute, and then restarts the container. +- `sync+restart`, Compose synchronizes source files with container content according to the `target` attribute, and then restarts the container. Available with Docker Compose version 2.23.0 and later. +- `sync+exec`, Compose synchronizes source files with container content according to the `target` attribute, and then executes a command inside the container. Available with Docker Compose version 2.32.0 and later. -> `sync+restart` attribute is available with Docker Compose version 2.23.0 and later. +#### exec + +{{< introduced compose 2.23.2 "/manuals/compose/releases/release-notes.md#2232" >}} + +`exec` is only relevant when `action` is set to `sync+exec`. Like [service hooks](services.md#post_start), `exec` is used to define the command to be run inside the container once it has started. + +- `command`: Specifies the command to run once the container starts. This attribute is required, and you can choose to use either the shell form or the exec form. +- `user`: The user to run the command. If not set, the command is run with the same user as the main service command. +- `privileged`: Lets the command run with privileged access. +- `working_dir`: The working directory in which to run the command. If not set, it is run in the same working directory as the main service command. +- `environment`: Sets the environment variables to run the command. While the command inherits the environment variables defined for the service’s main command, this section lets you add new variables or override existing ones. + +```yaml +services: + frontend: + image: ... + develop: + watch: + # sync content then run command to reload service without interruption + - path: ./etc/config + action: sync+exec + target: /etc/config/ + exec: + command: app reload +``` #### ignore diff --git a/content/reference/compose-file/services.md b/content/reference/compose-file/services.md index 90999a93bf90..73ec17d5ce9f 100644 --- a/content/reference/compose-file/services.md +++ b/content/reference/compose-file/services.md @@ -1152,6 +1152,27 @@ Compose creates containers with canonical labels: The `com.docker.compose` label prefix is reserved. Specifying labels with this prefix in the Compose file results in a runtime error. +### label_file + +{{< introduced compose 2.23.2 "/manuals/compose/releases/release-notes.md#2232" >}} + +The `label_file` attribute lets you load labels for a service from an external file or a list of files. This provides a convenient way to manage multiple labels without cluttering the Compose file. + +The file uses a key-value format, similar to `env_file`. You can specify multiple files as a list. When using multiple files, they are processed in the order they appear in the list. If the same label is defined in multiple files, the value from the last file in the list overrides earlier ones. + +```yaml +services: + one: + label_file: ./app.labels + + two: + label_file: + - ./app.labels + - ./additional.labels +``` + +If a label is defined in both the `label_file` and the `labels` attribute, the value in [`labels](#labels) takes precedence. + ### links `links` defines a network link to containers in another service. Either specify both the service name and From 44cce4906f5d743f899b3c8f634c66976b85a6b9 Mon Sep 17 00:00:00 2001 From: Craig Osterhout <103533812+craig-osterhout@users.noreply.github.com> Date: Mon, 16 Dec 2024 08:50:11 -0800 Subject: [PATCH 16/16] hub: add image library section (#21485) ## Description - Added "Container image library" section in Docker Hub manual and started adding concepts. - Added section about search and all the filters - Added section about catalogs - Moved mirroring topic inside - Updated Hub landing page - Moved "Trusted content" into Repositories>Manage (for publishers) and Library (for consumers). https://deploy-preview-21485--docsdocker.netlify.app/docker-hub/ https://deploy-preview-21485--docsdocker.netlify.app/docker-hub/image-library/ https://deploy-preview-21485--docsdocker.netlify.app/docker-hub/image-library/search/ https://deploy-preview-21485--docsdocker.netlify.app/docker-hub/image-library/catalogs/ https://deploy-preview-21485--docsdocker.netlify.app/docker-hub/image-library/trusted-content/ https://deploy-preview-21485--docsdocker.netlify.app/docker-hub/repos/manage/trusted-content/ ## Related issues or tickets ENGDOCS-2352 ## Reviews - [ ] Editorial review - [ ] Product review --------- Signed-off-by: Craig --- _vale/Docker/Acronyms.yml | 2 + _vale/config/vocabularies/Docker/accept.txt | 1 + content/_index.md | 11 -- .../the-basics/what-is-an-image.md | 5 +- .../build-and-push-first-image.md | 2 +- content/includes/hub-categories.md | 34 ++++ content/manuals/_index.md | 4 - content/manuals/build/building/base-images.md | 8 +- .../manuals/build/building/best-practices.md | 2 +- content/manuals/docker-hub/_index.md | 4 + .../docker-hub/image-library/_index.md | 22 +++ .../docker-hub/image-library/catalogs.md | 59 +++++++ .../docker-hub/{ => image-library}/mirror.md | 7 +- .../docker-hub/image-library/search.md | 167 ++++++++++++++++++ .../image-library/trusted-content.md} | 104 +++++++++-- .../images/chart-share-icon.png | Bin .../images/chart.png | Bin .../images/clear_logo_sm.png | Bin .../images/default_logo_sm.png | Bin .../images/download-analytics-data.png | Bin .../images/official-image-badge-iso.png | Bin .../images/organization-tabs.png | Bin .../images/sponsored-badge-iso.png | Bin .../images/sponsored-badge.png | Bin .../images/supported_tags.webp | Bin .../images/upload_logo_sm.png | Bin .../images/verified-publisher-badge-iso.png | Bin .../images/verified-publisher-badge.png | Bin content/manuals/docker-hub/repos/_index.md | 5 + .../docker-hub/repos/manage/information.md | 36 +--- .../repos/manage/trusted-content/_index.md | 30 ++++ .../manage}/trusted-content/dsos-program.md | 17 +- .../manage}/trusted-content/dvp-program.md | 17 +- .../trusted-content/insights-analytics.md | 9 +- .../trusted-content/official-images.md} | 6 +- .../manuals/docker-hub/service-accounts.md | 2 +- .../security/security-announcements.md | 6 +- content/manuals/subscription/faq.md | 4 +- content/manuals/trusted-content/_index.md | 28 --- .../trusted-content/images/doi-icon.svg | 2 - .../trusted-content/images/dsos-icon.svg | 2 - .../trusted-content/images/dvp-icon.svg | 2 - .../images/insights-and-analytics-tab.png | Bin 199176 -> 0 bytes .../trusted-content/official-images/_index.md | 44 ----- 44 files changed, 455 insertions(+), 187 deletions(-) create mode 100644 content/includes/hub-categories.md create mode 100644 content/manuals/docker-hub/image-library/_index.md create mode 100644 content/manuals/docker-hub/image-library/catalogs.md rename content/manuals/docker-hub/{ => image-library}/mirror.md (97%) create mode 100644 content/manuals/docker-hub/image-library/search.md rename content/manuals/{trusted-content/official-images/using.md => docker-hub/image-library/trusted-content.md} (53%) rename content/manuals/{trusted-content => docker-hub}/images/chart-share-icon.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/chart.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/clear_logo_sm.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/default_logo_sm.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/download-analytics-data.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/official-image-badge-iso.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/organization-tabs.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/sponsored-badge-iso.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/sponsored-badge.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/supported_tags.webp (100%) rename content/manuals/{trusted-content => docker-hub}/images/upload_logo_sm.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/verified-publisher-badge-iso.png (100%) rename content/manuals/{trusted-content => docker-hub}/images/verified-publisher-badge.png (100%) create mode 100644 content/manuals/docker-hub/repos/manage/trusted-content/_index.md rename content/manuals/{ => docker-hub/repos/manage}/trusted-content/dsos-program.md (87%) rename content/manuals/{ => docker-hub/repos/manage}/trusted-content/dvp-program.md (86%) rename content/manuals/{ => docker-hub/repos/manage}/trusted-content/insights-analytics.md (98%) rename content/manuals/{trusted-content/official-images/contributing.md => docker-hub/repos/manage/trusted-content/official-images.md} (95%) delete mode 100644 content/manuals/trusted-content/_index.md delete mode 100644 content/manuals/trusted-content/images/doi-icon.svg delete mode 100644 content/manuals/trusted-content/images/dsos-icon.svg delete mode 100644 content/manuals/trusted-content/images/dvp-icon.svg delete mode 100644 content/manuals/trusted-content/images/insights-and-analytics-tab.png delete mode 100644 content/manuals/trusted-content/official-images/_index.md diff --git a/_vale/Docker/Acronyms.yml b/_vale/Docker/Acronyms.yml index 0649318e254b..8bad91e72b83 100644 --- a/_vale/Docker/Acronyms.yml +++ b/_vale/Docker/Acronyms.yml @@ -9,6 +9,7 @@ second: '(?:\b[A-Z][a-z]+ )+\(([A-Z]{2,5})\)' # ... with the exception of these: exceptions: - AGPL + - AI - API - ARM - ASP @@ -54,6 +55,7 @@ exceptions: - HTTP - HTTPS - IAM + - IBM - ID - IDE - IP diff --git a/_vale/config/vocabularies/Docker/accept.txt b/_vale/config/vocabularies/Docker/accept.txt index 2dceba9aace4..b5ec8d271386 100644 --- a/_vale/config/vocabularies/Docker/accept.txt +++ b/_vale/config/vocabularies/Docker/accept.txt @@ -110,6 +110,7 @@ Zsh [Ii]nfosec [Kk]eyrings? [Ll]oopback +[Mm]emcached [Mm]oby [Nn]amespace [Oo]nboarding diff --git a/content/_index.md b/content/_index.md index 5d5ecb947b28..5561dc158f35 100644 --- a/content/_index.md +++ b/content/_index.md @@ -80,17 +80,6 @@ grid: url: "/scout/quickstart/" - text: "Image analysis" url: "/scout/image-analysis/" - - title: Trusted content - icon: verified - description: | - High-quality, secure images from Docker and verified partners. - links: - - text: "Overview" - url: "/trusted-content/" - - text: "Official images" - url: "/trusted-content/official-images/" - - text: "Verified publisher program" - url: "/trusted-content/dvp-program/" - title: Subscription icon: card_membership description: | diff --git a/content/get-started/docker-concepts/the-basics/what-is-an-image.md b/content/get-started/docker-concepts/the-basics/what-is-an-image.md index d818f1797ad7..c3702a4c5fe2 100644 --- a/content/get-started/docker-concepts/the-basics/what-is-an-image.md +++ b/content/get-started/docker-concepts/the-basics/what-is-an-image.md @@ -188,10 +188,7 @@ In this walkthrough, you searched and pulled a Docker image. In addition to pull The following resources will help you learn more about exploring, finding, and building images: -- [Docker Trusted Content](/manuals/trusted-content/_index.md) - - [Docker Official Images docs](/manuals/trusted-content/official-images/_index.md) - - [Docker Verified Publisher docs](/manuals/trusted-content/dvp-program.md) - - [Docker-Sponsored Open Source Program docs](/manuals/trusted-content/dsos-program.md) +- [Docker trusted content](/manuals/docker-hub/image-library/trusted-content.md) - [Explore the Image view in Docker Desktop](/manuals/desktop/use-desktop/images.md) - [Docker Build overview](/manuals/build/concepts/overview.md) - [Docker Hub](https://hub.docker.com) diff --git a/content/get-started/introduction/build-and-push-first-image.md b/content/get-started/introduction/build-and-push-first-image.md index ce507efa7168..69af604c8050 100644 --- a/content/get-started/introduction/build-and-push-first-image.md +++ b/content/get-started/introduction/build-and-push-first-image.md @@ -33,7 +33,7 @@ If you’re new to container images, think of them as a standardized package tha To share your Docker images, you need a place to store them. This is where registries come in. While there are many registries, Docker Hub is the default and go-to registry for images. Docker Hub provides both a place for you to store your own images and to find images from others to either run or use as the bases for your own images. -In [Develop with containers](develop-with-containers.md), you used the following images that came from Docker Hub, each of which are [Docker Official Images](/trusted-content/official-images/): +In [Develop with containers](develop-with-containers.md), you used the following images that came from Docker Hub, each of which are [Docker Official Images](/manuals/docker-hub/image-library/trusted-content.md#docker-official-images): - [node](https://hub.docker.com/_/node) - provides a Node environment and is used as the base of your development efforts. This image is also used as the base for the final application image. - [mysql](https://hub.docker.com/_/mysql) - provides a MySQL database to store the to-do list items diff --git a/content/includes/hub-categories.md b/content/includes/hub-categories.md new file mode 100644 index 000000000000..5b2b747b0c4f --- /dev/null +++ b/content/includes/hub-categories.md @@ -0,0 +1,34 @@ +The categories include: + +- **API Management**: Tools for creating, publishing, analyzing, and securing + APIs. +- **Content Management System:** Software applications to create and manage + digital content through templates, procedures, and standard formats. +- **Data Science:** Tools and software to support analyzing data and generating + actionable insights. +- **Databases & Storage:** Systems for storing, retrieving, and managing data. +- **Languages & Frameworks:** Programming language runtimes and frameworks. +- **Integrations & Delivery:** Tools for Continuous Integration (CI) and + Continuous Delivery (CD). +- **Internet of Things:** Tools supporting Internet of Things (IoT) + applications. +- **Machine Learning & AI:** Tools and frameworks optimized for artificial + intelligence and machine learning projects, such as pre-installed libraries + and frameworks for data analysis, model training, and deployment. +- **Message Queues:** Message queuing systems optimized for reliable, scalable, + and efficient message handling. +- **Monitoring & Observability:** Tools to track software and system performance + through metrics, logs, and traces, as well as observability to explore the + system’s state and diagnose issues. +- **Networking:** Repositories that support data exchange and connecting + computers and other devices to share resources. +- **Operating Systems:** Software that manages all other programs on a computer + and serves as an intermediary between users and the computer hardware, while + overseeing applications and system resources. +- **Security:** Tools to protect a computer system or network from theft, + unauthorized access, or damage to their hardware, software, or electronic + data, as well as from service disruption. +- **Web Servers:** Software to serve web pages, HTML files, and other assets to + users or other systems. +- **Web Analytics:** Tools to collect, measure, analyze, and report on web data + and website visitor engagement. \ No newline at end of file diff --git a/content/manuals/_index.md b/content/manuals/_index.md index 7ef904dfb118..31252a51cae6 100644 --- a/content/manuals/_index.md +++ b/content/manuals/_index.md @@ -76,10 +76,6 @@ params: description: Commercial use licenses for Docker products. icon: card_membership link: /subscription/ - - title: Trusted content - description: Curated, high-quality content from trusted sources. - icon: verified - link: /trusted-content/ --- This section contains user guides on how to install, set up, configure, and use diff --git a/content/manuals/build/building/base-images.md b/content/manuals/build/building/base-images.md index 96174bd03d1f..32ae78d8c469 100644 --- a/content/manuals/build/building/base-images.md +++ b/content/manuals/build/building/base-images.md @@ -20,10 +20,12 @@ FROM debian For most cases, you don't need to create your own base image. Docker Hub contains a vast library of Docker images that are suitable for use as a base -image in your build. [Docker Official Images](../../trusted-content/official-images/_index.md) +image in your build. [Docker Official +Images](../../docker-hub/image-library/trusted-content.md#docker-official-images) are specifically designed as a set of hardened, battle-tested images that support a wide variety of platforms, languages, and frameworks. There are also -[Docker Verified Publisher](https://hub.docker.com/search?q=&image_filter=store) +[Docker Verified +Publisher](../../docker-hub/image-library/trusted-content.md#verified-publisher-images) images, created by trusted publishing partners, verified by Docker. ## Create a base image @@ -123,4 +125,4 @@ For more information about building images and writing Dockerfiles, see: * [Dockerfile reference](/reference/dockerfile.md) * [Dockerfile best practices](/manuals/build/building/best-practices.md) -* [Docker Official Images](../../trusted-content/official-images/_index.md) +* [Docker Official Images](../../docker-hub/image-library/trusted-content.md#docker-official-images) diff --git a/content/manuals/build/building/best-practices.md b/content/manuals/build/building/best-practices.md index 7661677ebb41..343c42b62c54 100644 --- a/content/manuals/build/building/best-practices.md +++ b/content/manuals/build/building/best-practices.md @@ -57,7 +57,7 @@ it small. - [Docker-Sponsored Open Source](https://hub.docker.com/search?image_filter=open_source) are published and maintained by open source projects sponsored by Docker - through an [open source program](../../trusted-content/dsos-program). + through an [open source program](../../docker-hub/image-library/trusted-content.md#docker-sponsored-open-source-software-images). When you pick your base image, look out for the badges indicating that the image is part of these programs. diff --git a/content/manuals/docker-hub/_index.md b/content/manuals/docker-hub/_index.md index c6ab1a08381d..c47f97f76dcf 100644 --- a/content/manuals/docker-hub/_index.md +++ b/content/manuals/docker-hub/_index.md @@ -11,6 +11,10 @@ grid: description: Step-by-step instructions on getting started on Docker Hub. icon: explore link: /docker-hub/quickstart +- title: Library + description: Explore the content library, featuring millions of images for operating systems, frameworks, databases, and more. + icon: book + link: /docker-hub/image-library/ - title: Repositories description: Create a repository to share your images with your team, customers, or the Docker community. diff --git a/content/manuals/docker-hub/image-library/_index.md b/content/manuals/docker-hub/image-library/_index.md new file mode 100644 index 000000000000..3d41410ff1f3 --- /dev/null +++ b/content/manuals/docker-hub/image-library/_index.md @@ -0,0 +1,22 @@ +--- +description: Learn about Docker Hub's library of images, extensions, and plugins. +keywords: Docker Hub, Hub, content library +title: Content library +linkTitle: Library +weight: 20 +--- + +Docker Hub's content library is the world's largest collection of +container images, extensions, and plugins. It provides a central location to +discover pre-built images and tools designed to streamline your container +workflows, making it easier to share and collaborate. + +In this section, learn about: + +- [Search](./search.md): Discover how to browse and search Docker Hub's extensive resources. +- [Trusted content](./trusted-content.md): Dive into Docker Official Images, + Verified Publisher content, and Sponsored Open Source images, all vetted for + security and reliability to streamline your workflows. +- [Catalogs](./catalogs.md): Explore specialized collections like the generative AI catalog. +- [Mirroring](./mirror.md): Learn how to create a mirror of Docker Hub's + container image library as a pull-through cache. \ No newline at end of file diff --git a/content/manuals/docker-hub/image-library/catalogs.md b/content/manuals/docker-hub/image-library/catalogs.md new file mode 100644 index 000000000000..066ce8c56476 --- /dev/null +++ b/content/manuals/docker-hub/image-library/catalogs.md @@ -0,0 +1,59 @@ +--- +description: Explore specialized Docker Hub collections like the Generative AI catalog. +keywords: Docker Hub, Hub, catalog +title: Docker Hub catalogs +linkTitle: Catalogs +weight: 60 +--- + +Docker Hub catalogs are your go-to collections of trusted, ready-to-use +container images and resources, tailored to meet specific development needs. +They make it easier to find high-quality, pre-verified content so you can +quickly build, deploy, and manage your applications with confidence. Catalogs in +Docker Hub: + +- Simplify content discovery: Organized and curated content makes it easy to + discover tools and resources tailored to your specific domain or technology. +- Reduce complexity: Trusted resources, vetted by Docker and its partners, + ensure security, reliability, and adherence to best practices. +- Accelerate development: Quickly integrate advanced capabilities into your + applications without the hassle of extensive research or setup. + +The generative AI catalog is the first catalog in Docker Hub, offering +specialized content for AI development. + +## Generative AI catalog + +The [generative AI catalog](https://hub.docker.com/catalogs/gen-ai) makes it +easy to explore and add AI capabilities to your applications. With trusted, +ready-to-use content and comprehensive documentation, you can skip the hassle of +sorting through countless tools and configurations. Instead, focus your time and +energy on creating innovative AI-powered applications. + +The generative AI catalog provides a wide range of trusted content, organized +into key areas to support diverse AI development needs: + +- Demos: Ready-to-deploy examples showcasing generative AI capabilities. These + demos provide a hands-on way to explore AI tools and frameworks, making it + easier to understand how they can be integrated into real-world applications. +- Models: Pre-trained AI models for tasks like text generation, + Natural Language Processing (NLP), and conversational AI. These models + provide a foundation for + AI applications without requiring developers to train models from scratch. +- Applications and end-to-end platforms: Comprehensive platforms and tools that + simplify AI application development, including low-code solutions and + frameworks for building multi-agent and Retrieval-Augmented Generation (RAG) + applications. +- Model deployment and serving: Tools and frameworks that enable developers to + efficiently deploy and serve AI models in production environments. These + resources include pre-configured stacks for GPUs and other specialized + hardware, ensuring performance at scale. +- Orchestration: Solutions for managing complex AI workflows, such as workflow + engines, Large Language Model (LLM) application frameworks, and lifecycle management + tools, to help streamline development and operations. +- Machine learning frameworks: Popular frameworks like TensorFlow and PyTorch + that provide the building blocks for creating, training, and fine-tuning + machine learning models. +- Databases: Databases optimized for AI workloads, including vector databases + for similarity search, time-series databases for analytics, and NoSQL + solutions for handling unstructured data. \ No newline at end of file diff --git a/content/manuals/docker-hub/mirror.md b/content/manuals/docker-hub/image-library/mirror.md similarity index 97% rename from content/manuals/docker-hub/mirror.md rename to content/manuals/docker-hub/image-library/mirror.md index 71cd160db956..7b993055cc9a 100644 --- a/content/manuals/docker-hub/mirror.md +++ b/content/manuals/docker-hub/image-library/mirror.md @@ -2,12 +2,13 @@ description: Setting-up a local mirror for Docker Hub images keywords: registry, on-prem, images, tags, repository, distribution, mirror, Hub, recipe, advanced -title: Registry as a pull through cache -linkTitle: Mirroring +title: Mirror the Docker Hub library +linkTitle: Mirror weight: 80 aliases: - /engine/admin/registry_mirror/ - /registry/recipes/mirror/ +- /docker-hub/mirror/ --- ## Use-case @@ -37,7 +38,7 @@ Hub can be mirrored. > [!NOTE] > -> Mirrors of Docker Hub are still subject to Docker's [fair use policy](./download-rate-limit.md#fair-use). +> Mirrors of Docker Hub are still subject to Docker's [fair use policy](/manuals/docker-hub/download-rate-limit.md#fair-use). ### Solution diff --git a/content/manuals/docker-hub/image-library/search.md b/content/manuals/docker-hub/image-library/search.md new file mode 100644 index 000000000000..fff381ae49da --- /dev/null +++ b/content/manuals/docker-hub/image-library/search.md @@ -0,0 +1,167 @@ +--- +description: Discover how to browse and search Docker Hub's extensive resources. +keywords: Docker Hub, Hub, explore, search, image library +title: Docker Hub search +linkTitle: Search +weight: 10 +--- + +The [Docker Hub search interface](https://hub.docker.com/search) lets you +explore millions of resources. To help you find exactly what you need, it offers +a variety of filters that let you narrow your results or discover different +types of content. + +## Filters + +The search functionality includes filters to narrow down +results based on your requirements, such as products, categories, and trusted +content. This ensures that you can quickly find and access the resources best +suited to your project. + +### Products + +Docker Hub's content library features three products, each designed to meet +specific needs of developers and organizations. These products include images, +plugins, and extensions. + +#### Images + +Docker Hub hosts millions of container images, making it the go-to repository +for containerized applications and solutions. These images include: + +- Operating system images: Foundational images for Linux distributions like + Ubuntu, Debian, and Alpine, or Windows Server images. +- Database and storage images: Pre-configured databases such as MySQL, + PostgreSQL, and MongoDB to simplify application development. +- Languages and frameworks-based images: Popular images for Java, Python, + Node.js, Ruby, .NET, and more, offering pre-built environments for faster + development. + +Images in Docker Hub simplify the development process by providing pre-built, +reusable building blocks, reducing the need to start from scratch. Whether +you're a beginner building your first container or an enterprise managing +complex architectures, Docker Hub images provide a reliable foundation. + +#### Plugins + +Plugins in Docker Hub let you extend and customize Docker Engine to suit +specialized requirements. Plugins integrate directly with the Docker Engine and +provide capabilities such as: + +- Network plugins: Enhance networking functionality, enabling integration with + complex network infrastructures. +- Volume plugins: Provide advanced storage options, supporting persistent and + distributed storage across various backends. +- Authorization plugins: Offer fine-grained access control to secure Docker + environments. + +By leveraging Docker plugins, teams can tailor Docker Engine to meet their +specific operational needs, ensuring compatibility with existing infrastructures +and workflows. + +To learn more about plugins, see [Docker Engine managed plugin +system](/manuals/engine/extend/_index.md). + +#### Extensions + +Docker Hub offers extensions for Docker Desktop, which enhance its core +functionality. These extensions are purpose-built to streamline the software +development lifecycle. Extensions provide tools for: + +- System optimization and monitoring: Manage resources and optimize Docker + Desktop’s performance. +- Container management: Simplify container deployment and monitoring. +- Database management: Facilitate efficient database operations within + containers. +- Kubernetes and cloud integration: Bridge local environments with cloud-native + and Kubernetes workflows. +- Visualization tools: Gain insights into container resource usage through + graphical representations. + +Extensions help developers and teams create a more efficient and unified +workflow by reducing context switching and bringing essential tools into Docker +Desktop's interface. + +To learn more about extensions, see [Docker +Extensions](/manuals/extensions/_index.md). + +### Trusted content + +Docker Hub's trusted content provides a curated selection of high-quality, +secure images designed to give developers confidence in the reliability and +security of the resources they use. These images are stable, regularly updated, +and adhere to industry best practices, making them a strong foundation for +building and deploying applications. Docker Hub's trusted content includes, +Docker Official Images, Verified Publisher images, and Docker-Sponsored Open +Source Software images. + +For more details, see [Trusted content](./trusted-content.md). + +### Categories + +Docker Hub makes it easy to find and explore container images with categories. +Categories group images based on their primary use case, helping you quickly +locate the tools and resources you need to build, deploy, and run your +applications. + +{{< include "hub-categories.md" >}} + +### Operating systems + +The **Operating systems** filter lets you narrow your search to container +images compatible with specific host operating systems. This filter ensures that +the images you use align with your target environment, whether you're developing +for Linux-based systems, Windows, or both. + +- **Linux**: Access a wide range of images tailored for Linux environments. + These images provide foundational environments for building and running + Linux-based applications in containers. +- **Windows**: Explore Windows container images. + +> [!NOTE] +> +> The **Operating systems** filter is only available for images. If you select +> the **Extensions** or **Plugins** filter, then the **Operating systems** +> filter isn't available. + +### Architectures + +The **Architectures** filter lets you find images built to support specific CPU +architectures. This ensures compatibility with your hardware environment, from +development machines to production servers. + +- **ARM**: Select images compatible with ARM processors, commonly used in IoT + devices and embedded systems. +- **ARM 64**: Locate 64-bit ARM-compatible images for modern ARM processors, + such as those in AWS Graviton or Apple Silicon. +- **IBM POWER**: Find images optimized for IBM Power Systems, offering + performance and reliability for enterprise workloads. +- **PowerPC 64 LE**: Access images designed for the little-endian PowerPC 64-bit + architecture. +- **IBM Z**: Discover images tailored for IBM Z mainframes, ensuring + compatibility with enterprise-grade hardware. +- **x86**: Choose images compatible with 32-bit x86 architectures, suitable for + older systems or lightweight environments. +- **x86-64**: Filter images for modern 64-bit x86 systems, widely used in + desktops, servers, and cloud infrastructures. + +> [!NOTE] +> +> The **Architectures** filter is only available for images. If you select the +> **Extensions** or **Plugins** filter, then the **Architectures** filter isn't +> available. + +### Reviewed by Docker + +The **Reviewed by Docker** filter provides an extra layer of assurance when +selecting extensions. This filter helps you identify whether a Docker Desktop +extension has been reviewed by Docker for quality and reliability. + +- **Reviewed**: Extensions that have undergone Docker's review process, ensuring + they meet high standards. +- **Not Reviewed**: Extensions that have not been reviewed by Docker. + +> [!NOTE] +> +> The **Reviewed by Docker** filter is only available for extensions. To make +> the filter available, you must select only the **Extensions** filter in **Products**. \ No newline at end of file diff --git a/content/manuals/trusted-content/official-images/using.md b/content/manuals/docker-hub/image-library/trusted-content.md similarity index 53% rename from content/manuals/trusted-content/official-images/using.md rename to content/manuals/docker-hub/image-library/trusted-content.md index 21d0a2689ba4..518ccfce6dbb 100644 --- a/content/manuals/trusted-content/official-images/using.md +++ b/content/manuals/docker-hub/image-library/trusted-content.md @@ -1,18 +1,62 @@ --- -title: Using Docker Official Images -description: | - Learn about building applications with Docker Official images - and how to interpret the tag names they use. -keywords: docker official images, doi, tags, slim, feedback, troubleshooting -weight: 10 +description: Learn about Docker Hub's trusted content. +keywords: Docker Hub, Hub, trusted content +title: Trusted content +weight: 15 +aliases: +- /trusted-content/official-images/using/ +- /trusted-content/official-images/ --- -Docker recommends you use the Docker Official Images in your projects. -These images have clear documentation, promote best practices, and are regularly updated. -Docker Official Images support most common use cases, making them perfect for new Docker users. -Advanced users can benefit from more specialized image variants as well as review Docker Official Images as part of your `Dockerfile` learning process. +Docker Hub's trusted content provides a curated selection of high-quality, +secure images designed to give developers confidence in the reliability and +security of the resources they use. These images are stable, regularly updated, +and adhere to industry best practices, making them a strong foundation for +building and deploying applications. Docker Hub's trusted content includes, +Docker Official Images, Verified Publisher images, and Docker-Sponsored Open +Source Software images. -## Tags +## Docker Official Images + +The Docker Official Images are a curated set of Docker repositories hosted on +Docker Hub. + +Docker recommends you use the Docker Official Images in your projects. These +images have clear documentation, promote best practices, and are regularly +updated. Docker Official Images support most common use cases, making them +perfect for new Docker users. Advanced users can benefit from more specialized +image variants as well as review Docker Official Images as part of your +`Dockerfile` learning process. + +> [!NOTE] +> +> Use of Docker Official Images is subject to [Docker's Terms of Service](https://www.docker.com/legal/docker-terms-service/). + +These images provide essential base repositories that serve as the starting +point for the majority of users. + +These include operating systems such as +[Ubuntu](https://hub.docker.com/_/ubuntu/) and +[Alpine](https://hub.docker.com/_/alpine/), programming language runtimes such as +[Python](https://hub.docker.com/_/python) and +[Node](https://hub.docker.com/_/node), and other essential tools such as +[memcached](https://hub.docker.com/_/memcached) and +[MySQL](https://hub.docker.com/_/mysql). + +The images are some of the [most secure images](https://www.docker.com/blog/enhancing-security-and-transparency-with-docker-official-images/) +on Docker Hub. This is particularly important as Docker Official Images are +some of the most popular on Docker Hub. Typically, Docker Official images have +few or no packages containing CVEs. + +The images exemplify [Dockerfile best practices](/manuals/build/building/best-practices.md) +and provide clear documentation to serve as a reference for other Dockerfile authors. + +Images that are part of this program have a special badge on Docker Hub making +it easier for you to identify projects that are part of Docker Official Images. + +![Docker official image badge](../images/official-image-badge-iso.png) + +### Supported tags and respective Dockerfile links The repository description for each Docker Official Image contains a **Supported tags and respective Dockerfile links** section that lists all the @@ -34,7 +78,7 @@ use or are unfamiliar with the underlying software, you should probably start wi the `latest` image. As your understanding of the software and image variants advances, you may find other image variants better suit your needs. -## Slim images +### Slim images A number of language stacks such as [Node.js](https://hub.docker.com/_/node/), @@ -62,7 +106,7 @@ COPY --from=build /app /app CMD ["node", "app.js"] ``` -## Alpine images +### Alpine images Many Docker Official Images repositories also offer `alpine` variants. These images are built on top of the [Alpine Linux](https://www.alpinelinux.org/) @@ -90,7 +134,7 @@ to make your program compatible with Alpine Linux and musl: Refer to the `alpine` image [description](https://hub.docker.com/_/alpine) on Docker Hub for examples on how to install packages if you are unfamiliar. -## Codenames +### Codenames Tags with words that look like Toy Story characters (for example, `bookworm`, `bullseye`, and `trixie`) or adjectives (such as `focal`, `jammy`, and @@ -103,11 +147,37 @@ Linux distribution indicators are helpful because many Docker Official Images provide variants built upon multiple underlying distribution versions (for example, `postgres:bookworm` and `postgres:bullseye`). -## Other tags +### Other tags Docker Official Images tags may contain other hints to the purpose of their image variant in addition to those described here. Often these tag variants are explained in the Docker Official Images repository -documentation. Reading through the “How to use this image” and -“Image Variants” sections will help you to understand how to use these +documentation. Reading through the "How to use this image" and +"Image Variants" sections will help you to understand how to use these variants. + +## Verified Publisher images + +The Docker Verified Publisher program provides high-quality images from +commercial publishers verified by Docker. + +These images help development teams build secure software supply chains, +minimizing exposure to malicious content early in the process to save time and +money later. + +Images that are part of this program have a special badge on Docker Hub making +it easier for users to identify projects that Docker has verified as +high-quality commercial publishers. + +![Docker-Sponsored Open Source badge](../images/verified-publisher-badge-iso.png) + +## Docker-Sponsored Open Source Software images + +The Docker-Sponsored Open Source Software (OSS) program provides images that are +published and maintained by open-source projects sponsored by Docker. + +Images that are part of this program have a special badge on Docker Hub making +it easier for users to identify projects that Docker has verified as trusted, +secure, and active open-source projects. + +![Docker-Sponsored Open Source badge](../images/sponsored-badge-iso.png) \ No newline at end of file diff --git a/content/manuals/trusted-content/images/chart-share-icon.png b/content/manuals/docker-hub/images/chart-share-icon.png similarity index 100% rename from content/manuals/trusted-content/images/chart-share-icon.png rename to content/manuals/docker-hub/images/chart-share-icon.png diff --git a/content/manuals/trusted-content/images/chart.png b/content/manuals/docker-hub/images/chart.png similarity index 100% rename from content/manuals/trusted-content/images/chart.png rename to content/manuals/docker-hub/images/chart.png diff --git a/content/manuals/trusted-content/images/clear_logo_sm.png b/content/manuals/docker-hub/images/clear_logo_sm.png similarity index 100% rename from content/manuals/trusted-content/images/clear_logo_sm.png rename to content/manuals/docker-hub/images/clear_logo_sm.png diff --git a/content/manuals/trusted-content/images/default_logo_sm.png b/content/manuals/docker-hub/images/default_logo_sm.png similarity index 100% rename from content/manuals/trusted-content/images/default_logo_sm.png rename to content/manuals/docker-hub/images/default_logo_sm.png diff --git a/content/manuals/trusted-content/images/download-analytics-data.png b/content/manuals/docker-hub/images/download-analytics-data.png similarity index 100% rename from content/manuals/trusted-content/images/download-analytics-data.png rename to content/manuals/docker-hub/images/download-analytics-data.png diff --git a/content/manuals/trusted-content/images/official-image-badge-iso.png b/content/manuals/docker-hub/images/official-image-badge-iso.png similarity index 100% rename from content/manuals/trusted-content/images/official-image-badge-iso.png rename to content/manuals/docker-hub/images/official-image-badge-iso.png diff --git a/content/manuals/trusted-content/images/organization-tabs.png b/content/manuals/docker-hub/images/organization-tabs.png similarity index 100% rename from content/manuals/trusted-content/images/organization-tabs.png rename to content/manuals/docker-hub/images/organization-tabs.png diff --git a/content/manuals/trusted-content/images/sponsored-badge-iso.png b/content/manuals/docker-hub/images/sponsored-badge-iso.png similarity index 100% rename from content/manuals/trusted-content/images/sponsored-badge-iso.png rename to content/manuals/docker-hub/images/sponsored-badge-iso.png diff --git a/content/manuals/trusted-content/images/sponsored-badge.png b/content/manuals/docker-hub/images/sponsored-badge.png similarity index 100% rename from content/manuals/trusted-content/images/sponsored-badge.png rename to content/manuals/docker-hub/images/sponsored-badge.png diff --git a/content/manuals/trusted-content/images/supported_tags.webp b/content/manuals/docker-hub/images/supported_tags.webp similarity index 100% rename from content/manuals/trusted-content/images/supported_tags.webp rename to content/manuals/docker-hub/images/supported_tags.webp diff --git a/content/manuals/trusted-content/images/upload_logo_sm.png b/content/manuals/docker-hub/images/upload_logo_sm.png similarity index 100% rename from content/manuals/trusted-content/images/upload_logo_sm.png rename to content/manuals/docker-hub/images/upload_logo_sm.png diff --git a/content/manuals/trusted-content/images/verified-publisher-badge-iso.png b/content/manuals/docker-hub/images/verified-publisher-badge-iso.png similarity index 100% rename from content/manuals/trusted-content/images/verified-publisher-badge-iso.png rename to content/manuals/docker-hub/images/verified-publisher-badge-iso.png diff --git a/content/manuals/trusted-content/images/verified-publisher-badge.png b/content/manuals/docker-hub/images/verified-publisher-badge.png similarity index 100% rename from content/manuals/trusted-content/images/verified-publisher-badge.png rename to content/manuals/docker-hub/images/verified-publisher-badge.png diff --git a/content/manuals/docker-hub/repos/_index.md b/content/manuals/docker-hub/repos/_index.md index 5ead03bebe34..7554387ac2f5 100644 --- a/content/manuals/docker-hub/repos/_index.md +++ b/content/manuals/docker-hub/repos/_index.md @@ -47,6 +47,11 @@ In this section, learn how to: Bitbucket for automated builds. Every code change triggers an image rebuild, supporting continuous integration and delivery. + - [Trusted content](./manage/trusted-content/_index.md): Contribute to Docker + Official Images or manage repositories in the Verified Publisher and + Sponsored Open Source programs, including tasks like setting logos, + accessing analytics, and enabling vulnerability scanning. + - [Archive](./archive.md) an outdated or unsupported repository. - [Delete](./delete.md) a repository. - [Manage personal settings](./settings.md): For your account, you can set personal diff --git a/content/manuals/docker-hub/repos/manage/information.md b/content/manuals/docker-hub/repos/manage/information.md index 0edff44ca97d..06f494da5a41 100644 --- a/content/manuals/docker-hub/repos/manage/information.md +++ b/content/manuals/docker-hub/repos/manage/information.md @@ -113,40 +113,8 @@ explore content for the problem domain that they're interested in. ### Available categories The Docker Hub content team maintains a curated list of categories. -The available categories are: - -- **API Management**: Tools for creating, publishing, analyzing, and securing - APIs. -- **Content Management System:** Software applications to create and manage - digital content through templates, procedures, and standard formats. -- **Data Science:** Tools and software to support analyzing data and generating - actionable insights. -- **Databases & Storage:** Systems for storing, retrieving, and managing data. -- **Languages & Frameworks:** Programming language runtimes and frameworks. -- **Integrations & Delivery:** Tools for Continuous Integration (CI) and - Continuous Delivery (CD). -- **Internet of Things:** Tools supporting Internet of Things (IoT) - applications. -- **Machine Learning & AI:** Tools and frameworks optimized for artificial - intelligence and machine learning projects, such as pre-installed libraries - and frameworks for data analysis, model training, and deployment. -- **Message Queues:** Message queuing systems optimized for reliable, scalable, - and efficient message handling. -- **Monitoring & Observability:** Tools to track software and system performance - through metrics, logs, and traces, as well as observability to explore the - system’s state and diagnose issues. -- **Networking:** Repositories that support data exchange and connecting - computers and other devices to share resources. -- **Operating Systems:** Software that manages all other programs on a computer - and serves as an intermediary between users and the computer hardware, while - overseeing applications and system resources. -- **Security:** Tools to protect a computer system or network from theft, - unauthorized access, or damage to their hardware, software, or electronic - data, as well as from service disruption. -- **Web Servers:** Software to serve web pages, HTML files, and other assets to - users or other systems. -- **Web Analytics:** Tools to collect, measure, analyze, and report on web data - and website visitor engagement. + +{{< include "hub-categories.md" >}} ### Auto-generated categories diff --git a/content/manuals/docker-hub/repos/manage/trusted-content/_index.md b/content/manuals/docker-hub/repos/manage/trusted-content/_index.md new file mode 100644 index 000000000000..3b29c8873da4 --- /dev/null +++ b/content/manuals/docker-hub/repos/manage/trusted-content/_index.md @@ -0,0 +1,30 @@ +--- +description: Learn how to manage and contribute to trusted content. +keywords: Docker Hub, Hub, trusted content +title: Trusted content +weight: 100 +--- + +Docker's trusted content programs ensure that container images meet the highest +standards for security, quality, and reliability. These programs provide +opportunities for publishers and contributors to share their images with +millions of developers worldwide while gaining valuable insights into their +content's usage. By participating, you can enhance your content's visibility, +build credibility, and access tools to optimize its impact within the container +ecosystem. + +In this section, learn about: + +- [Docker Official Images](./official-images.md): Learn how to contribute, + propose, and maintain Docker Official Images to serve as reliable foundations + for containerized applications. +- [Docker-Sponsored Open Source (DSOS) Program](dsos-program.md): Discover how + open source projects can gain perks like verified badges, insights, and access + to Docker Scout, enhancing visibility and trust on Docker Hub. +- [Docker Verified Publisher (DVP) Program](./dvp-program.md): Explore how to + join the DVP program to showcase trusted, high-quality images with a verified + badge, gain priority in search results, access insights, and enhance security + through vulnerability analysis. +- [Insights and analytics](./insights-analytics.md): Access detailed metrics on + image and extension usage, including pull counts, geolocation, and client + data, to understand user behavior and optimize your content. \ No newline at end of file diff --git a/content/manuals/trusted-content/dsos-program.md b/content/manuals/docker-hub/repos/manage/trusted-content/dsos-program.md similarity index 87% rename from content/manuals/trusted-content/dsos-program.md rename to content/manuals/docker-hub/repos/manage/trusted-content/dsos-program.md index 8b686508a410..ee404d7db33c 100644 --- a/content/manuals/trusted-content/dsos-program.md +++ b/content/manuals/docker-hub/repos/manage/trusted-content/dsos-program.md @@ -4,15 +4,14 @@ title: Docker-Sponsored Open Source Program keywords: docker hub, hub, insights, analytics, open source, Docker sponsored, program aliases: - /docker-hub/dsos-program/ + - /trusted-content/dsos-program/ --- -[Docker Sponsored Open Source images](https://hub.docker.com/search?q=&image_filter=open_source) are published and maintained by open-source projects sponsored by Docker through the program. +[Docker-Sponsored Open Source images](https://hub.docker.com/search?q=&image_filter=open_source) are published and maintained by open-source projects sponsored by Docker through the program. Images that are part of this program have a special badge on Docker Hub making it easier for users to identify projects that Docker has verified as trusted, secure, and active open-source projects. -![Docker-Sponsored Open Source badge](images/sponsored-badge-iso.png) - -## For content publishers +![Docker-Sponsored Open Source badge](../../../images/sponsored-badge-iso.png) The Docker-Sponsored Open Source (DSOS) Program provides several features and benefits to non-commercial open source developers. @@ -47,25 +46,25 @@ over the repository can change the repository logo. 1. Sign in to [Docker Hub](https://hub.docker.com). 2. Go to the page of the repository that you want to change the logo for. 3. Select the upload logo button, represented by a camera icon - ({{< inline-image src="images/upload_logo_sm.png" alt="camera icon" >}}) + ({{< inline-image src="../../../images/upload_logo_sm.png" alt="camera icon" >}}) overlaying the current repository logo. 4. In the dialog that opens, select the PNG image that you want to upload to set it as the logo for the repository. #### Remove the logo -Select the **Clear** button ({{< inline-image src="images/clear_logo_sm.png" +Select the **Clear** button ({{< inline-image src="../../../images/clear_logo_sm.png" alt="clear button" >}}) to remove a logo. Removing the logo makes the repository default to using the organization logo, if set, or the following default logo if not. -![Default logo which is a 3D grey cube](images/default_logo_sm.png) +![Default logo which is a 3D grey cube](../../../images/default_logo_sm.png) ### Verified Docker-Sponsored Open Source badge Docker verifies that developers can trust images with this badge on Docker Hub as an active open source project. -![Fluent org with a Docker-Sponsored Open Source badge](images/sponsored-badge.png) +![Fluent org with a Docker-Sponsored Open Source badge](../../../images/sponsored-badge.png) ### Insights and analytics @@ -75,8 +74,6 @@ the community uses Docker images, granting insight into user behavior. The usage metrics show the number of image pulls by tag or by digest, and breakdowns by geolocation, cloud provider, client, and more. -![The insights and analytics tab on the Docker Hub website](images/insights-and-analytics-tab.png) - You can select the time span for which you want to view analytics data. You can also export the data in either a summary or raw format. ### Docker Scout diff --git a/content/manuals/trusted-content/dvp-program.md b/content/manuals/docker-hub/repos/manage/trusted-content/dvp-program.md similarity index 86% rename from content/manuals/trusted-content/dvp-program.md rename to content/manuals/docker-hub/repos/manage/trusted-content/dvp-program.md index ed92b9259579..39f75d10d30d 100644 --- a/content/manuals/trusted-content/dvp-program.md +++ b/content/manuals/docker-hub/repos/manage/trusted-content/dvp-program.md @@ -13,6 +13,7 @@ aliases: - /docker-hub/publish/ - /docker-hub/publish/repository-logos/ - /docker-hub/dvp-program/ +- /trusted-content/dvp-program/ --- [The Docker Verified Publisher Program](https://hub.docker.com/search?q=&image_filter=store) provides high-quality images from commercial publishers verified by Docker. @@ -21,9 +22,7 @@ These images help development teams build secure software supply chains, minimiz Images that are part of this program have a special badge on Docker Hub making it easier for users to identify projects that Docker has verified as high-quality commercial publishers. -![Docker-Sponsored Open Source badge](./images/verified-publisher-badge-iso.png) - -## For content publishers +![Docker-Sponsored Open Source badge](../../../images/verified-publisher-badge-iso.png) The Docker Verified Publisher Program (DVP) provides several features and benefits to Docker Hub publishers. The program grants the following perks based on participation tier: @@ -57,37 +56,35 @@ over the repository can change the repository logo. 1. Sign in to [Docker Hub](https://hub.docker.com). 2. Go to the page of the repository that you want to change the logo for. 3. Select the upload logo button, represented by a camera icon ({{< inline-image - src="./images/upload_logo_sm.png" alt="camera icon" >}}) overlaying the + src="../../../images/upload_logo_sm.png" alt="camera icon" >}}) overlaying the current repository logo. 4. In the dialog that opens, select the PNG image that you want to upload to set it as the logo for the repository. #### Remove the logo -Select the **Clear** button ({{< inline-image src="images/clear_logo_sm.png" +Select the **Clear** button ({{< inline-image src="../../../images/clear_logo_sm.png" alt="clear button" >}}) to remove a logo. Removing the logo makes the repository default to using the organization logo, if set, or the following default logo if not. -![Default logo which is a 3D grey cube](images/default_logo_sm.png) +![Default logo which is a 3D grey cube](../../../images/default_logo_sm.png) ### Verified publisher badge Images that are part of this program have a badge on Docker Hub making it easier for developers to identify projects that Docker has verified as high quality publishers and with content they can trust. -![Docker, Inc. org with a verified publisher badge](./images/verified-publisher-badge.png) +![Docker, Inc. org with a verified publisher badge](../../../images/verified-publisher-badge.png) ### Insights and analytics -The [insights and analytics](/docker-hub/publish/insights-analytics) service provides usage metrics for how +The [insights and analytics](./insights-analytics.md) service provides usage metrics for how the community uses Docker images, granting insight into user behavior. The usage metrics show the number of image pulls by tag or by digest, and breakdowns by geolocation, cloud provider, client, and more. -![The insights and analytics tab on the Docker Hub website](./images/insights-and-analytics-tab.png) - You can select the time span for which you want to view analytics data. You can also export the data in either a summary or raw format. ### Vulnerability analysis diff --git a/content/manuals/trusted-content/insights-analytics.md b/content/manuals/docker-hub/repos/manage/trusted-content/insights-analytics.md similarity index 98% rename from content/manuals/trusted-content/insights-analytics.md rename to content/manuals/docker-hub/repos/manage/trusted-content/insights-analytics.md index c2dead2bbdc9..0ffd17abcb5c 100644 --- a/content/manuals/trusted-content/insights-analytics.md +++ b/content/manuals/docker-hub/repos/manage/trusted-content/insights-analytics.md @@ -5,6 +5,7 @@ keywords: docker hub, hub, insights, analytics, api, verified publisher aliases: - /docker-hub/publish/insights-analytics/ - /docker-hub/insights-analytics/ +- /trusted-content/insights-analytics/ --- Insights and analytics provides usage analytics for Docker Verified @@ -31,7 +32,7 @@ To view data in the chart: - Select the time interval: 3, 6, or 12 months - Select one or more repositories in the list -![Insights and analytics chart visualization](./images/chart.png) +![Insights and analytics chart visualization](../../../images/chart.png) > [!TIP] @@ -44,7 +45,7 @@ To view data in the chart: You can share the visualization with others using the **Share** icon above the chart. This is a convenient way to share statistics with others in your organization. -![Chart share icon](./images/chart-share-icon.png) +![Chart share icon](../../../images/chart-share-icon.png) Selecting the icon generates a link that's copied to your clipboard. The link preserves the display selections you made. When someone follows the link, the @@ -75,14 +76,14 @@ Export usage data for your organization's images using the Docker Hub website by 2. Choose your organization and select **Insights and analytics**. - ![Organization overview page, with the Insights and Analytics tab](./images/organization-tabs.png) + ![Organization overview page, with the Insights and Analytics tab](../../../images/organization-tabs.png) 3. Set the time span for which you want to export analytics data. The downloadable CSV files for summary and raw data appear on the right-hand side. - ![Filtering options and download links for analytics data](./images/download-analytics-data.png) + ![Filtering options and download links for analytics data](../../../images/download-analytics-data.png) ### Export data using the API diff --git a/content/manuals/trusted-content/official-images/contributing.md b/content/manuals/docker-hub/repos/manage/trusted-content/official-images.md similarity index 95% rename from content/manuals/trusted-content/official-images/contributing.md rename to content/manuals/docker-hub/repos/manage/trusted-content/official-images.md index 48189a442184..206ee0eaa551 100644 --- a/content/manuals/trusted-content/official-images/contributing.md +++ b/content/manuals/docker-hub/repos/manage/trusted-content/official-images.md @@ -1,9 +1,13 @@ --- -title: Contributing to Docker Official Images +title: Docker Official Images description: | This article describes how Docker Official Images are created, and how you can contribute or leave feedback. keywords: docker official images, doi, contributing, upstream, open source +aliases: +- /trusted-content/official-images/contributing/ +- /docker-hub/official_repos/ +- /docker-hub/official_images/ --- Docker, Inc. sponsors a dedicated team that's responsible for reviewing and diff --git a/content/manuals/docker-hub/service-accounts.md b/content/manuals/docker-hub/service-accounts.md index ea412ccf9e13..845ebd966709 100644 --- a/content/manuals/docker-hub/service-accounts.md +++ b/content/manuals/docker-hub/service-accounts.md @@ -32,4 +32,4 @@ Refer to the following table for details on the Enhanced Service Account add-ons | 4 | 50,000-100,000 | | 5 | 100,000+ | -*The service account may exceed Pulls by up to 25% for up to 20 days during the year without incurring additional fees. Reports on consumption are available upon request. +*The service account may exceed Pulls by up to 25% for up to 20 days during the year without incurring additional fees. Reports on consumption are available upon request. \ No newline at end of file diff --git a/content/manuals/security/security-announcements.md b/content/manuals/security/security-announcements.md index 9c1cbddd0604..bc1bb163d827 100644 --- a/content/manuals/security/security-announcements.md +++ b/content/manuals/security/security-announcements.md @@ -59,7 +59,7 @@ If you are using affected versions of runc, BuildKit, Moby, or Docker Desktop, m If you are unable to update to an unaffected version promptly, follow these best practices to mitigate risk: -* Only use trusted Docker images (such as [Docker Official Images](../trusted-content/official-images/_index.md)). +* Only use trusted Docker images (such as [Docker Official Images](../docker-hub/image-library/trusted-content.md#docker-official-images)). * Don’t build Docker images from untrusted sources or untrusted Dockerfiles. * If you are a Docker Business customer using Docker Desktop and unable to update to v4.27.1, make sure to enable [Hardened Docker Desktop](/manuals/security/for-admins/hardened-desktop/_index.md) features such as: * [Enhanced Container Isolation](/manuals/security/for-admins/hardened-desktop/enhanced-container-isolation/_index.md), which mitigates the impact of CVE-2024-21626 in the case of running containers from malicious images. @@ -149,7 +149,7 @@ the Text4Shell CVE in the vulnerability report. For detailed instructions, see [ ### Docker Official Images impacted by CVE-2022-42889 -A number of [Docker Official Images](../trusted-content/official-images/_index.md) contain the vulnerable versions of +A number of [Docker Official Images](../docker-hub/image-library/trusted-content.md#docker-official-images) contain the vulnerable versions of Apache Commons Text. The following lists Docker Official Images that may contain the vulnerable versions of Apache Commons Text: @@ -201,7 +201,7 @@ Log4j 2 CVE in the vulnerability report. For detailed instructions, see [Scan im _Last updated December 2021_ -A number of [Docker Official Images](../trusted-content/official-images/_index.md) contain the vulnerable versions of +A number of [Docker Official Images](../docker-hub/image-library/trusted-content.md#docker-official-images) contain the vulnerable versions of Log4j 2 CVE-2021-44228. The following table lists Docker Official Images that may contained the vulnerable versions of Log4j 2. We updated Log4j 2 in these images to the latest version. Some of these images may not be vulnerable for other reasons. We recommend that you also review the guidelines published on the upstream websites. diff --git a/content/manuals/subscription/faq.md b/content/manuals/subscription/faq.md index ee89aeeb0b9c..b4713d9b6326 100644 --- a/content/manuals/subscription/faq.md +++ b/content/manuals/subscription/faq.md @@ -24,7 +24,7 @@ Contact the [Docker Sales Team](https://www.docker.com/company/contact). ### What ways can I contribute to Docker content? Docker offers two programs: -- [Docker-Sponsored Open Source Program (DSOS)](../trusted-content/dsos-program.md) -- [Docker Verified Publisher (DVP)](../trusted-content/dvp-program.md) +- [Docker-Sponsored Open Source Program (DSOS)](../docker-hub/repos/manage/trusted-content/dsos-program.md) +- [Docker Verified Publisher (DVP)](../docker-hub/repos/manage/trusted-content/dvp-program.md) You can also join the [Developer Preview Program](https://www.docker.com/community/get-involved/developer-preview/) or sign up for early access programs for specific products to participate in research and try out new features. diff --git a/content/manuals/trusted-content/_index.md b/content/manuals/trusted-content/_index.md deleted file mode 100644 index 4fa05af44256..000000000000 --- a/content/manuals/trusted-content/_index.md +++ /dev/null @@ -1,28 +0,0 @@ ---- -title: Trusted content -description: Optimize your development workflow with secure base images from our selection of trusted content -keywords: doi, dvp, dsos, open source, security, base images -params: - sidebar: - group: Platform -grid: -- title: Docker Official Images - description: A curated set of Docker repositories hosted on Docker Hub. - icon: /trusted-content/images/doi-icon.svg - link: /trusted-content/official-images/ -- title: Docker Verified Publisher - description: High-quality images from verified vendors. - icon: /trusted-content/images/dvp-icon.svg - link: /trusted-content/dvp-program/ -- title: Docker-Sponsored Open Source - description: High-quality images from non-commercial open source projects. - icon: /trusted-content/images/dsos-icon.svg - link: /trusted-content/dsos-program/ ---- - -Trusted content is a selection of high-quality, secure images, curated by -Docker and verified publishing partners. These images are stable, up-to-date, -and follow industry best-practices. They provide a strong foundation for -developing applications. - -{{< grid >}} diff --git a/content/manuals/trusted-content/images/doi-icon.svg b/content/manuals/trusted-content/images/doi-icon.svg deleted file mode 100644 index ccba28f803b0..000000000000 --- a/content/manuals/trusted-content/images/doi-icon.svg +++ /dev/null @@ -1,2 +0,0 @@ - - \ No newline at end of file diff --git a/content/manuals/trusted-content/images/dsos-icon.svg b/content/manuals/trusted-content/images/dsos-icon.svg deleted file mode 100644 index f62ff75981a6..000000000000 --- a/content/manuals/trusted-content/images/dsos-icon.svg +++ /dev/null @@ -1,2 +0,0 @@ - - \ No newline at end of file diff --git a/content/manuals/trusted-content/images/dvp-icon.svg b/content/manuals/trusted-content/images/dvp-icon.svg deleted file mode 100644 index 17acbd499764..000000000000 --- a/content/manuals/trusted-content/images/dvp-icon.svg +++ /dev/null @@ -1,2 +0,0 @@ - - \ No newline at end of file diff --git a/content/manuals/trusted-content/images/insights-and-analytics-tab.png b/content/manuals/trusted-content/images/insights-and-analytics-tab.png deleted file mode 100644 index a1f52fc832e97815d3972924a28d3a439b0442b9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 199176 zcmeFZcQ{;K+cqu)LByScgfJ4RdKX=)=n~yvh)!noGKLWmr089giHNA9_t8S4GkTlR zyJ2*LVf@B@KhOKV$M5@|-0#2NaolqpGke>6uXe3@PXUe$Ls)_ipVLW#rlEBJWxeQC9jtt}dkz?Bx-a7;#rI?sI3?HB5@wix4>9Ji#*3 zOctKpf90WYbSL`NU5(;5i>zObc`q=f%w2gwp_Hi9{UO!TJkD?6RtL*79)e0_kzsUa zwE9|Z>-!gn{qL?@k&;W7DwVrgeg$c|=snYE)j1Dbj=z61c9-F{f1Ngw<{k{)d8k@{ zGt31k%P;+WRK_s}p7u^WR+QJ&FiCM~QGxk#dPsb`Z!Aptm$6li*7d9%8!M&z!|jm_ zQe|nFAD(?rLuV#G6(ANtXK5yEaAD|;tQJN28;&n$ zV*+ZYxE@f3`FlIj7*psg@-9($HazZOJZw-EIw$|;;<>j@e_Z>jC>?RblE(1yg+DHD zy**0Px_3$CP1F~i=al!q%=buVQSiJ|`9hyXe|Sxr+T>0C!;~K1ELyfV6ORz)SJd8S z7s|iBfPR-K#BjkseH!Y-Q**A{-*sBuN!XYU5QLjzaN_l$#Rq{JAK!cP@?o#mvwQ4U zF8_M=^vk6e_wQY^zs&>CeV6lO@C(}u{w!b?WPo?zt{98@!~R|gTPC+Zq-na81RoVV zaeNa0h3PAA^+Kl@<>YywrHCh3_zFzZ(sg`cM^86|mgo)9|WD zjE@TUk+JcPS$|PSA$t+3sBGlU>$~NwGVhwE-JFIVXd0gl3yz-MazZ%;J1;s*I{Q|J zdokDCm^cG?qxn;H!(sF3{^Nbu{iOZH{flpv12Zdw{<4s}khj;bzB$1$f)k2@9`Mz?;9^>2cF~L3h-UFnxO(#U zs_*sR6-D)33l^SsnbLoJ^~hX%KgK=AH>M*-o+qyTi%Zt>0OiU>dl`2vRqYOCUOk5o zdf7vUNC?|UYmM2SpQT-;7Nw|CbpK9f(RaE`aDtxb+Cr)M+VYtE*rPR{HKR3|F@*b) zG)elJG|+v;ofG%f9qDF+6Brs#hZzzE-B#SfmyebY`oq=zzR=`TXqF*|O%c=5Y1*chsV`$*!c_G!7sYJEFYF{lp9#Suye*-a%d~zzoA!qw&HZ zq)Fb>Arw-^#>~31E21+i*%=*V*;L$Co?X6Nlrb7KmS2Xf@RjR#v!3ZhiUO_SC9dU{ zF>56-+X6el>-wR(UJ^1OmTEF>V7i=pRJg%8)*@h*{jS5^w0_P^0h^Dm3ESR_){6xK z`2r&GZ1HFGwTEvFiwwimc%nP7tu-q_&fD(5d5`9`Xw)YZ_BeqE;FRFJ#u+SoXd`S* zXS0?xh_hR5+s@lq-TMl=4Lx2OTm#Q_ZRhX6S1e|@H%8aDldalRY&fiI_sX_o4^nqH ztWhQUg-J(RaDVs#e2w&(Buu(Z(xeQbdP$W-MMITB6;CZeZT|Mr+j5%m*(KNgWS(xb zLWhlyQ>r(g`|KXaOx?1JFs9F8WHm z+r4E5!MFNt>?#Yl;%_r;jUJ^O#Zv-)c>H+Nqit}{Cv_(AWkMffC9#^{ovTX*d2cQD zJwMOIT4g2`K}|sS`_=~$!aQM@hplHsqeV28#cp4VQe|Ld5ilINUlzBZjAE@494oTb zV!4SyP+N6%*hgqbre&#{r|oO>Mz6)1d_Hz|UY(g$6^nZwSIS>zRBgVzo%|*l5tkOf z880pi`5Yo%pH~J1R_+~FSGtE*9aiPK z!s;20@})J!HRC)TYg-Pt)_W&E)j3X1Rhkb6IUc+{!clurKcxmqY)P7){2&F-0G>%^ zytbcQErz05R$1EOP{7&>PQHPAo%dJAS;~1K=kE)CL7K^>V%a7#m=f!AA)Bp>K3!Df!@%h7f>Uo6UmE#fJiv}Gy+FKzoa}n&}y5jn2H0uKV-#o(20#qZe{cUij%SZnzSg{cC$3 zd%H4fr5`VT^|C75J@z3Ov=%MQcFv05?bL`#`Ig*S5U>(A#5j~W=qY(i%q^8(eh|CV z>$O$7woGLc(jAjJD2+O}zG;lF>fM%F4F3F0y+Gib=@Qtq=V;^A(JxHAHORjHy34^z z>>FNIpaK74fw!rgYuE8uHm(!5ixfb*gS)|Z{hUejmMB%&IO8xoBL{>dG^IouJ-$;1 zosOGC@>WPy0N3A5F4wTTR^TSEuyK>O`6S{D(UH?q;VQK9@Z!P?lErSzQ_Y=J9g_Wl z1Gqw!Fv?km}OXhwwouFMYN+PSMsUc!q{Csmg_BK4v5 z4o9YYV>7!S6nsdw>>+?v7&lDx&|_96#gleIrq+>j=7QWo#DTfxgOl{`mH zc7CDy_c>J|`5whX?Z?W>epQs@&!7l=Z3Bn6fCz-zh{(R-r6AN zKWwLC;AWt%CT-ye7BIJTd}Srz1$H{kheFm%ntTejax>@h0>6g1N_)xO{PPKE^7-jy z!JAxvKH}yechf*!i|etYixroIfRKRDO?i4QE-qOYOKa(uPoDiNIr%TSo3?IlPSS#c zo}Qipo}vPdE;fR~Qc_ZaLL!19BK+hh_+6n8H*+t3h%5JBnfyDSCswW&E_P0Cc8(CP z(|pZeIl8;a-Mo2P(0_gYs;8Bg-G7$^as5}b$PE-cy(1_rASC!-d6SdMo?eyKvh%Wf zZTQ3vOtu-h40$OrG1)(#|3B{hcZvTarNMuvBsWOne(GTQU(1U9;?#a$O;+Ma;{fw{u%@x75yYy`iA|o1d6OMQVR&qMS2?^~~8n6e)iD z({PbXXz|nEXUe4&M|pO^>R_bG?r-y?I78`LNA)+gJZ*^8eMK|VxbT#uXTPuH>0NR) zW&Ww=?=0|-HUAl#zxAVkT_t<3j(q z(0{VP|69<**IP0Ly?8sROXW_q`vh1%9<3~pD|pNo-?2=$DhG1A8J_tlp7-bM=KIV? zleK&Jiv`2D8lSo}0{w9a-ERr$>Ee?BK0~=Z$}+(ehS0FNm7<|4oi3PywiGGx)|W?U z9>IMNjt(J$lXetL|i5KUF6KO{QTId!-Q4d&YkDTjITjAdROqAi_~y?#OY!IjT_yCuSZrwnkB z>2}cMncO>oke1u>R}nfWcZQ!$X@!>~V6~=<&2l9cSKB=p4 znlfql*A3Zk;IZ`BNT{E}_ULDa$NzU6^Y1Cz%#VdjXfhlDkw}X6_xE=WuyUv{We&AR z?KYSe+(N9R7q+{y!)g^+*ek%O<3GL>7rz9Sp&`5n*`^AZzpHP<1T#5v6sg2x@5hga zNFG3hv4Fyg)T19?o}|YT)pyIZp90t;o`^`T9DB<$8-Y!;nRg;zDA?ToyDp4DQ1~Cf z_d5HROLqt@w=&k#)y^Sp{? zbpTnSn{>MF{BgQoEKHU&yC8Sm(WpRk*V!<4FCWhdR!6WG;k3%2v3g0wXFkpJ|L&Im z)M+Cp)aN=0n>Mmp$QI(^p;GOq&nrAdEURiWrMBxFP1!~%Hy><@Km1S0|MKcDt7PXT zOe;YiR#7ixMC)n{4-BkU%*Mn|tXsx|eYPhiCSLGv@(Wc=CI9U#)volW!3W?oq_Ke+ zzMHLM|8r1VSN^T#&ySU)RdH+U*8&NoIThXHZY%Iav0Ak@9 zuMx_)YbB!x&HnYIV_~>=RQ#1F0=@WdA;dxcZ4mRe@zfq_y&ur~Z9G@@c#ic0s2=?{ z(x3&|f5O3{>+;Iv-qqABnA<-1>cBt~@Dixa&&5uyJL9*DjwEPsN>P?Rq;%`_S^3Ak0fh_-0BPSYz*!waX!J6oUbpk z^Fm_st)cXkR8#?dfKQ<#>D`Z9kA*4w>uzkcVAkU%$GwLWSlQ3-XXKX~t?UkJfq0dW zG6s4AAlZdI;u!7Oh06*>>S)JUoZp74XVX*u(5(-I+9nfgn%^uZ?V6{3ibMRmA}T>w<91=(M*!i$LhW+K#rliR+1lo+mSXbRH5dj^?c^;zl+`$<(U z3ik6%wiw`{h@k$evYBaRB(*x@RxiQ$UT~hFp+OnC_Hu&eQ7gGniB}B&*}U!Q~ z?FldK!R8#|>>YmLc02KHQiq&$YPW?1lg(yJ&>i~uM1MCA0*juqg)dSx-`(ogYJO6u zn$byJGYw6~cOD*2bf=HfDy?X(uQ1*6{z{se8MY%Kw*iZHHRBQxAAC^+i0T}$B#iZA z*0H$Pp?4Mf{j200i5Jy{gh(Zcd669G@3vN!#i&A#-%Q?W+T?Eg{HCM`7GG|zX-8a| zzHAZ4G@Ouh(AzA=WGkdsur`{wfM`fPyWqjf^3`;29%tnx8B8`_T{59BJ_Hu6mq;Q6 z4|O0&E(Nl+cAs{3TaqnCn0VNBWL#D+2DeJtB;TUt1Ipr^RTO--mepN|CWMaTaM`qn z@bD2P+tup5uf$eeSIs}@)=YkE)JmG~P~ak& zG^t=umZG)CKZ_Hvk7O|26_Hw<(v7a0;{bCU=B-DgNTkBm zfdfmPwN>(5k+ReUI7LetqiJ z1!~Xgn6My|Z5TdtD{Gvz&hJ<;XeZaC(r?=9;?J|>X>8Izo0N@wZa;{_uUKGsE?rP{ zcOP7mDfB3yTeUNTupXrVPEgpRMHJRS!RgnfgCSOhX@U6e*OQ|HAkt81u@$DfFZ>xF z0=A&Mm0wY(kvC5CiVplGd9<|XvRKO$T9LS&sLOS-8YEbiR)S1^ZAR)jWOT_0`jObF z#p}&bsIW<@=x7s^w*LuT`<#D(*PJH>0|1+&8_XV#>(v`RQiPD`-~x}u3cPKss{E#v z=K%(E5W@$=-kdxc^=n;+9Ot6ygk0BH>Y3O5VtkIGDnc<<4Q~mc<8{Q`_mjgEV!->&u!AmM1%ccP_elOfy)fI?emB%j z$wPfhucR)6dY&bL32{34V`;~>J@)R-9SoU5y_Ld8jw~}D>8?-nvdwQWtG~Rq<#2nx zv$Q02Ra~uf{7tzsKK$25iIN8FTi5Rg+(Ic0M;}6y=AuDIdc9p(r@{GRM+>#f%UgcVZsRgE#OjLl(j9=f*V6ZG>X#Iy2qVmW z1{`q>XJad2O!%_cEg6Q#?#Fg!N@_DNr#`!jFY`%cbEz$vkDlu%FuAjcK%Vx`oeKL zIndR+7>&Jh$(om@o)fB{x`76T_5=m2ho<=ps#R&|x{Rry()DURUQF%Q(GbU&%F&I3 zUj-*q5R2G_$(pT~hDC0XsBUW&Dpvd3 z2?5}uEq1y4v*A)|dbYW~xU8b-#KpPAlU?FhfYt~TJ$xe+t?I73$;7hyKyuO}-e*zi zME)qE_)GS~F!>{{774ZwtzqR7a``ig+wORd-i`!Cn`80Pt z+d4E2xgBM#kfj6qDm@Bt+)C}V*$-0(Agni=4DbgW-nWV={Mm&ZKE}D(NJ^BD$x+;J zyF>T={7a<46VeO#UdJShL?qjq*hZl0BsXoo!Ad@F=TTBQhV;vC(%8U_B;ZF_>9A^R zq{d4p6|qbrDvK+tkC|;!ZmvTy)K4+YEO}cpmo6}~j1x9_Iz7wXSETChkJtL*_ZAVJ z-)Z&>JmQ1VvgxxQ{GRYmFhqwUNVNsNMk_nCXEOSk91k52cGn$U^%2mOPxDRdKA%vp zMKk=N(@oW5_RvM(iTO{a%k&8J4$+Njd$@ijV{2$QMREqwv1jp)34Ul#pr!B_*N1QU zy2OM@D)oA1@PM!fc87b7HnJ%>1Zeeb!&b@%Nov;5inY4 zDfPMl3wy*!gJN$!8Do#tjp~;|aNk69eEZ>T4KqlZS75ow&@JT? z$KjfZ=cbRj7}EMT<(C~NZ!V_Rs7&lc1td4fiZM~SmY{889hGdHS>M=NWjs+GGes{h zmMVZSbscG$$?$?Z9 zI+{(w&i5tu{c$u?QS;1CR;YNedd)_6$I%;|iKTa7*gn}sf$r14QDW#sikut@`l+y# ziN&VEhvG6XCrC;TISlSEK6^JG`004dUBQW`k)dN9N~GTUD5`m%PkNmU5h9G;kHg2^ zt#^@vzK{My2noL-TK-jJ?u!7fU$jwm(1m8|#WNxD?8R%sL&Mk3F5oKK*TUB#x)b#6 zjr3$58p$WIIC8C?of~yi@$rwi9Anc@$Jpl^#kLxoy2d`2e3>bkKt@~Xm0_ZjK#^{r z0KG(F*;umOI=z~tQ2idl?@q;}dp+#3pv;=rLBlUck9hJb7)@RUZ+nhXP9nxP=3nI2 zGO&;Po^Wps;@}1bF@X$h^PoC-;OSU=NXV4m4|nNvR$>8*CI{tzCM4Fh`sew%%~Sm>fl-Re>#dK(G&CMYE&t>95$$z}Zn^W}RD#!BvxlQ)*D` z)7IEHlf}GX5$cJ@i!q4y({)a|kgB$thm&O%bjQDOP{ZZ((i?0QD)+}c;e4JG#0Xf( zwyF2W8sgVp8M;b#;eg+;>k=MCGx^+_%Yd3vW@6pg0?g8^?pYMoc$CKZ=ieY{mM@)^ zo2zfVEKv;D$-8wpcKa%_KW;VKmq)1LZgstE$%pzB;t)$eW2Yc-YquEQB#KuDeOapz zte%R+Z%uOgsMYOsv5(KkcEq>38*#`^SR$(xoDOvHcgO^B3#32_l98_{TYw+S2)Zj& zB(mpM8^;Mk?i)!a22T4|waiAI3~d`j*9i0eN(eX43YKYopH;cB+E=UQOezI!xZTzk zfhw}jMNfE;Au2iPU2(cX;#c}S=F)W&PCCl;JE2y)Zj{?--y^wGL|aKPklqd^GedUx zK7;4(DZX8YwXkEYk`6X(3L!8Y*~PTOAch%du{=5+xd& zrFJcRt4&W|x~QxF^!B9>SCAIw5bE#j3H8STh}dqtDdFp+Z|{N2gequ8VA2O;vXufj zMxlIGBZJ!)<@X?-(9%Rpp4+TP{TUkifsKm_b$AuKyaIO?&r*+8lsw#OnmcoasNm-Y zej(#ZXri+YqFor&josQ3)r@>`&HYiLzvHq(Hsl4&^_hv!O$HMglyupc^g6syu>6&vv5yq>f(JSSIf^_iPpdOW z92GsDzJ|xGlgE2>b}0=8AV^;>NbLFLGE<~f$ya|ksnCvw9{@cMI<-N30Qe#hJ6~iy zu{F`L6D&-HZ_$f|3@%H6y{t=&4+9-55#si+699-n?Fr=(ZK85T4D(6^dCS)m5rQ6h zzxcbh)EVJTX;TTo0=3_TC9f|Agx4)TBD2_8EWZlX_HBlwc^HToLOd|;QoAd3(zXkV z399}qEa)!cf8a2=d9ls17%vQ|*>mmd!%hi^{?6lE1<4*qSm?e+bi2O#kb?;&WXLeT z@V&WlMxI~_APs(ic zm1q3%4Iuyti)Ck**v^!}N8%ihs!-OY^xKkk#Ap$rN+N;?I>9Pgol`&Bbbeuh?RZ_O&`lvnL+%d-6_%HTKMV*)skvyi2(8CBsecLz zmI4n?<1TK`xR-8waeDlN=GAguS+>>w@{Eq-jY7!LHC`2VK4lGjb_m(_|m@2OKM({dWQc&#yTu1+51Sin^ce5)i{{Y zgwJz!@Ql`z4#L|$W_-fBH`(OL`QA))(KjTzIi%P9X#?y$sLGTRwskFj^Ju#}rlNlO zv}V7Fr)*mE|=z2d47#Ny2Y_sW~*&H2dgJu@jJfc!!=tWh?-Cj&}`%<%fn^sxXH{;z= ziG?sb0nufhQJY?})Wf*DJ40AUjZ=PvSObhkq8pA#N{ARo-xE-Ve(>{qY7$}lp83_C zc2=ea`d;<>+=%${uyH>>g`IB64#UhalN&yR6@IrokB_Gt@gifDi-?02#;w-N?Bie! zx#_D_JGB-SYMzpOiR97b_!l)?hU~`T;9LakNfzq$nSIIp>%Owv4s}HBs@YUpEEsf9 z9N&r(kexJ1T{%x4NF((pXuurkWcI|k?kU6PIiU3SV=s$#6#H+dmXe#~sf9Ps0#I5} zpgGgjeE9;da#*}X4DYT1RL>OWo1Ews#8khs01adz$S;dI6cP9P_wvseo)`z`O=9_r z-s$t;SXBdUj(Q$sntSt1@D}Z{&S9hV*P{KavJFPq01}+O1}!1^+27lJjvPBX{iI_X zYD!T0kfY%fKKhcik9o)YgNWlogWLPI{QyWk5VAilhz;jks+rD>4;_1SOqQ6V9qKD! zo#aiMdQt}>W?q%0nut-e+pR#dBOAwuSnn{bsbb1CuOzh4(9BcCgZMd2#siyL?e22$ z0$}K;co*}9Gsic6EEXJ?n!oVtnT>SF-_IgzPn{-`Luw+iQD$6PJDX&XOjdI^(MDag zdmFU(|4VOeDYh|3JC zA;#5xZ5_KzjN^Aj4XI($DX}^{xr1}eM#^|ZCnTz$e$DvKZ9#?IFTN5&74)RNu&}Sh zl&<_UPw&3^!Aw?LhdD}B$m7a(aog<f-=Wvr4}|GTlKzu23;BLayjAFY;`>G3O;{<=-dev zlzTei+e;ldj`hSeKhj~?WQeA2TugQ@zD{0=hmmqx!A{TH!^$s=mRjW=O`|G6 z{88l(6REbuT8;#amC+}-!=QqX^uaGByNz0nFeA?hkIan@4c{Sa4-9BM`mO{d%I_q; zpeo5`2a&kvJK9@KL`bE}J@%xv{>^TQnK4)HIWR|Xi7y2g#z7Hx5f;wqhw>r zuO9h5f*)q?ZlPolaf()<l`2|c*)U~^jtpk{q5wf*^nspvN}VEOfp_JhVi zwUb(<77@+!>>V}5B45*9xgF9joQq~5_x;`4bcii@L}7=#qC^Jgr#MxFCZ)z}!Z(3Y zz4f4s=)m^n7em9#m3x!5hb|vh2(L<)({?r6$oiX2Y4|e}PwWfa-aVm;fLQ5KuZ3aw z^ei{eBza3_J^)c=R1G_PW*p%DD+?JWeWPAih6y1+CTXH<3GsR;K#l@e<%%eP4c@Md zMh7?4pei&c2-yWHey`154ueh3!=ba{_;R!(=KlK0fIb;QOOZyJ=KBGMnP1)ceun_& z$opk?7sa@NWo2cb%9I7w$PmEjwiFz*)mRSOGCkMn_tpQP%hNF`r`hV#dxHq%;y`(G zx8<<52x6GN*`G%(@xjx*Rz65JDVF7JNf%; ze~MSRXMk0ytt|m!+E4OqF^%#TwP-gp(q#Qf$|KiE&7t0~clrPAl)KlBpeA7zj+NZMvHhR2>SxS()6 zH#?WUURPN7fe7&fIihg#nR5Hwny=kRq-p^E^QIl`NA3$I+?lovN0-B-Ui}Pb`raRP z{CShX)uDuff8wXoMR#(H^eAZ)N$_xl#z|(e{q5tkjJ9te zYeQxBSf1vTQlERm748xjpwbun_g2Q)@@c<)w+byu?p2i68JsG$uTYe`iuBx5zu@*k z!T9#I+PJ^;78?nn_3%u~*>cWEy zD54x+zPIQuF5agF;wBlcstEUT7jF(>cB)_3?B96NzBN-490`^I&R22|D_cF0 zc_Vb=KZgc2aMJyeuznFU;L&b>+a9K5)2qQyYC=fWD`(-bO%9xC@F}^R0NnMmF9bFY zGPt2@&hM@E99U=0A1V&(almTysPJRv{?Gxsaxm64SFvDYKcz>uz&vryF3Ho@Ht-v2ey0YrE8C@kA&j2uL^2Z#)_tGhVL9sM zWfyF%U?T@--dNJktz=|1qkhpF zZyI!{^C(HD3`ei5p1g%|x<&V3u&Ge)H+l${(04MKNe~ky{CE>2e_WIRYk2;EZ_p@K z3Zw08Ca+@-8JrU3NPv}kqk3G%kwTN7{141TxWnZpZzxnB2#@wA#Ty6ebvcL=wJ`e- zBp<8P>!-+?nMx`vL+w~?J9%yN*Mb62%a<@zaPG%v8O0(qf3oao*2?wimicyv`t?<_ z*kOe#(kJQ8AFCb<2}grPzl(fXWjZAt8&^=()wg3cP&W3jvsfpum+A@(H~2Ux)niMX zGmmh9A=R<;+4sW&y%O6O+w3v>G36l@Dulxvda2!wr!F%OKg~sC9LkpV`7i|+dmwVV zEK9{bm2Bcs0#gK4U*D8JB_uV|sm%JL(4&@2P}H%> z41*nU%glD<>Vod29<i6>nN z-3FOqMRg{oHITGq=+8@1kljbw^u%Cr#bQYYcocbDC+B(RKZig3g$)xxST7>9qSJXBkC# zglm3F{{76BQi6{FZ-AUkGI{8nSLHIs(X3je47??{ebuDePVf?U3m@S3=#CtQ5xh!o znoN44nNsvMzY%v-^Jb}~Rw4qWzwckl{uFd;s$UEKwrz1&r51wG;us>NZGikVrwl+R z^-S$xCI~B?gf#P-e`{;u82oy~(t6D6uaDy-yyj{PWR3Lr^J1U(Nd8E?OB%tK=pta| z#edWpB4jTAZiYLZ`#S~6WWmsfbJ^_~Zzu{Yy6+=z_xfJ8hlfInm-XzB0Q893mpr9? zD5Y7re0E(*JwiJ%M7F*bNJSn?wWgUrJR9uN%LT}#FY=I+?#Tx+}qqMp@%Y*4+|jU zAMd*NMBUKNZP0YMO_U@N;RhW}GPiX~TIo7{f3&`DnlIauOHYI5xt0tBU2^H|7;1~8 z6>IzIef;ppc{Prdl&D_%lg0rpP(cdycR(|1Sc}ZxSwIa$-a|eNvfwm#(rOW0pOk|` zb;WpMW4W6!!c1CQKR9rp2n;9mA?dJ{Mfr9an=$aSrmUS+1pJ$66n=;a?55a+v=XJA>eV-vG7QTqb*GtX!)5KwyBZq4?6kZJe43r#=iJF1Vu61v^gHdA ztYS6DlHVIe{0iuM<{MB$lc|e!_rdA5ltV zP341v&f3|<*)`kQFreyQ4Ial}pt{G#n9{-oL;iyD^ycyp(I(sPJYT!%3sC5(n9ZE= z73rz!x^`F2csy%-ri>E)w*BBq-eVq-W0%#3T`tWRKYgOye#qEazX>9=fdJtC2A^N~ z4L(^`L|X!OvfR*RD6UrOCIkD;m-@_Zk31cq1<>k!_mG_ky%PN(%9r}rVirCZ^4VoY zJp)q%7{g86LDFH+2iK!MuS6oJl~8wveuH%W+)Zl0o=yp0UCFCm`FwY!jV;7JxpKS` zwcDDQ*5HG}5-oH0d0C~-cu7RF<#-J_H@QkXMk_tGafpP(ju@5mAFrX6YckdCS&@Sj zqmO{dh#`B|q}MVwrWGAluO}Wsa%|Euli?8@#GK4UpT2#n(LwFVl@G zlA!bIzqA4Sl?m?eAHz>v<2Kb?(hYwz$!*TqmCJpGLsagbDqDJS-hCcb_S}q&{Fh&E z)O#V1d`2v1hcNrQfp*nv`wT79zY~K0T!E}L$d0wZ_bJSBa2(l0sZA`jdPs))+9p>y z6KKDFx@BCVnA?I8)4E_^22J@%lumvel*5+HHP*QEChRsR4m)#pL7ZV&dfNSt)KrKK zWH@0ULgp%xOopHMq4d5e?K0n|?_9gel4Ijmv-t?<=}?QmHR9b&<3Q87E_HK$=# z=M?&lhUjKuTu`E%OuzHPly0TW&RgIENn>&Bb?5dYGtO+_-1R1WOEX7>&^YCZlY1>> z5_!hES!&3PpmB{H<0{;#otP%vx$b2d9A;kU)kzlX_cl{gyjMLq(6acWgddGinM~k( z{;1qHl(_+DabLyck622umFTDm& zGazP$QT&P@d*u6$QiGN2&N8dRXqxD z4G&9!3@!vVU?1%ym+M!cgJ~B&z>$TTKTG>yMKsd^Y~7yrQ{yvddxq}FUjaMiw2n8_ zc%%ib*3R@g&@D+__Fe0SHkEaCGg0xyRFrQ8$RX2d7Cy&+()I9LJmHK|P^dIs3*zVeHwEAcl%*q@q#8T{0*`&^&jit6jf z;5g-su0`64tq82QsgdP|97vQwOI%umag()!AcQPFZBBT!eMeRUAMfTP$)@yoBGa4P za{j3<8H?E9+@uuYc3L--;z;we0)D#A+~hx`qS*!%N7vttuyA5X5{70F{$c(v0M3LK zn2ej+HvEHqt~)yh%TtB?Xe>Fj4H@1R!@ail41|I^@{b?0^$nlbMLRqIWP`HI>-1tB zv^c=V($;2>;aB=QB?{#KHs$S<>&9d&vuj(@|8hc}U6^dJ*!fYlm(hFU1kqP0bKX^X zFaU)%&e05$_lit*o)eK$;_Xt+G@vWKR3uNA?O8G>0?3`^BR4~p`hW8%Q5xxRgdAYVNng>-t+NS z$S+J%Sbvks7h3T+)VU4u|co-ukoBbN=Rca@rxY98cQB< z2Y@a(qq;iBl9%Og!J{LY7^9sw4o)7z zp<09-BfUVu{Ws-|+UaOWvbdtJtJVzxmK|8$$*h*WrjOAx?713~t}of<5Dwz!1wI3C%O!Ow!<2$ywhk?j6q^6N z{a04vbfnifeIL3;dr%A7G2r3SRf*(ShI*ICFx@&W5w#oMuGQ*VlfUQ&!60^wY_!_@mPOX^%vYx@N@L`8i(BLT$LX|_ zo~sKUAP@Y2A{rmJ%AZ@dVvI?(>F?fO3j7FJeBk{GRYxDL*|%xxd45}k1BY$I(HEEo zm{yd8a$<6tO2(wetMFz9yvr4;0uww+1>hLb3!qz>$o^wD6)P8!i02)mGTw9kHo$o% zf;@N8J3M(I&S{>XVbERCWA^?S!k!>=4%Ph1^MXh-nSd>jcPH6?eY?pTe|d;MN+03$ z<#L>Uu##Rp#{4y6sN93_{!Be+1&700{Z5DfYx-FyzgvZl@*~3v166#Z*l2@nQb&iG z2!Dz%-SVnnsT+WP3;@kn=Nuilp$Qo(s%i?olmqd2G?&ITQGSiSkpD_Klp%qCjYiP$$N>_#)hUwbC>Wpocdo86das~bgit&y@SU<&h&Wvj| z#IW|;vkRcnd%^sU5tc^l+D%&%KVn|5EyeS%Q58d#>c6?dYxlCs^FUdIOD_4oSg3o^P2e!l z0si+K7I4a8cdn0($t2U`8mECQVyxCJzM8fh#797c_Ko9)=9KC+yij?rpupbBVB9RH z-xI2-*27I;UepwgF+k#$x>oVy^fx z+5akE53W4^akOE-6N$oX^4FB}xH_6G!DXup?(B0*a+cpoxf|nV-9r+DD;|zr>Y=~iSN;nac#_|Pv1zME)|yal zj}LZ4GjHT2Pm5!lc6J+o}BvQ}SbU#yc;;U{O#O1Y5C ztj=d3YL_0IZJKotfEz-JjO`UQjCbQ|J{lE;V_ma8kMoR)zbltmF;bV4T?JGHBYU@( z_Vkv);Q2MUhki$RT`;oDNgjcIKe^6~pgGX1LN*2BR58d;<(UNPLH;c8%3}=~&w`1H zR7K5rcRX+I+AMM$CXsH@iIW?1ACbd!JaWtBK^tN`z;_*ozo!gjq>Tv%=i5eb>r1qm z^Ri{6@$lV{J9$Eu*-X>?q5V%#8&ZEq;yNSAVjbT@CMK1&D`bnHXrs2`TTCMq6pD2@ z#|yP{8*@{phG%u214rcGgL{1A-A8hHLECy&a$@)@zk9cadA!5J0w6z*@yb-r#}^y4 zwDS3fv;&NuPG$nuNiPC^t+BOyQUWnYF*`ohYkXKBHu$Xc7?x7w)%8fq&9JEwJmQIP zw1sHa(`K}oU;B?ctpB=UeH#3|pq|2wx6>NSUK?_R?nB7}BH8~};-0Jb=j*MQ^GB7d zY){|V;4?Xr_b{kkj+1R@uUjdb(d)CjX+za zM9A9sLnV*}d8fiS{Z`)f+UghG@(UDFhYi+@?Z{Bnw%;tLV-5hnOfbt?G>84IpjS;E z;{#oH%9MaG)SL^{6B9?>g+KBV9WVNZC5^CDt@W-IlM*jv=K*h#oXRdI5Gh#_Xqz!9 z=#QsX(T&CNCiNC#C&V9UHjh~;YikKSa1Xs+Uh^VOOpkd@Jeq+VMHc@5G4`HeO|9G7 zu&9WFh-)dJR22oJ2&kb4EK5NYLl3=36GD?t0t75z1C-u_N=*nQ5JC$@lt>Ld^dg-E z0)!;Az?Zf5Ip=$Syl3zCNB+-iWkwap991o+A^lZr+NGI559UxIxVQ zQz)Jgy^!!KUT^EsgTOnn=7X2SL%Ni@x97q|aiLZDznjLtMTX3JWWArg^1rJT|N48* zvuk3(N#&6)4fVRK32oIG3T!^Fyxj9OWuw4cQ=ZS$J!xv{uznoqQdwv&np>DNju8G^W`6jjA`P|Ba(C|HuR&Z+4n*f7PO9K3o4!&&sCy zR<=z`gq9}mHiqwHIX-OJuvV6^K;IzF-;5`Lm9y9cG8psDOKopE$#-<-@%&qU{ok~1 z+kg=E470wM*U;c~sJL+BKY;3CzQ1S6<;#pMcYxoOWidQ^8*P2UNmt{vVhTkp(QX23 z7#>DW5K2|}oO5D9tdv-!$lMJ$P2(xc%$T1-eQXfuvj)aBaNXOG~o zL)yI2J3Pi$MUq!mkl(LR|Ba{XU%fZw@7}x2ar*RWJ-FP0*o4dn^!MPeZJW!PQ43}c z2NfCO3H7Cx^^t|gzniLuhuo=GkE+2FUEC^7ZT3R>cl%!S12RabEpLw0=k|}TST6!n zvQvz;QUWZ?7yCxv+n_o<+jD=%KWe?2u=H8N4A4#n*~oI;DE_?r{P_^IS^czmLF9K6 z{un)H=iIVi|B>0GIRE|WL677)xS71_D?E{(kR}(`uoKBnb>KWd-RK(k<99e^I!IPs z2$zy$a^9w(Q}N|Ec{#grN=j19uKW5UxwI5{;6;nWdq%%EGM#SH6qSN3OChp>yubXO zA`$)e+6ryvDNYG^OpcaxfoP4%4OO?8*T*I;MCgHIZwiHNnN@AnZ?mIv}{WB~;&aW}nS?tAv zR9M+{j|(SFbWQVgVl643lkYsK-?-uS+*Z2$eWB)PdQyx=f8StM+V?*e?TvX`{f1rw z9UW7~s^>@3ZBSkPZFkW(s0lezmlf39i*9-Cl%oVXU0#Iub_MwnEKy!wo)86fXvfQiuk#xM${wrnb=l)L;Pvnde>zyV(&60+e6~Ym z4MPt%xqM4=&;;h}_6q#es(3aW=M}#v7OeXexO3d1a{tb9m(H9@9AW<5;-9xdhulQE zzi)(^$#$F*N-oGe*lgYZQV##S@$0{kfTTRzZ0Ck7@*eIT$y@CR0z0ax0NxXB)tIfUhP@c6Mn4YE znN4jhyLJ8ZsKCZ&+)RrgQQq1bGy4V)0XSM=a zj^yen6$7=k5U(x}R2PIkj+xJ^@wTr5z0t$h8X@DG;huy^2`+STNeby-i~ zvCY*f&8uVt`7<{hyM5nq_M$SIw`>GiTo6fKtNQP(1;6 z=l$=_T)!}Y=#E1V-44f$g}e48j>(ID7tt~#Wy-RR=P%II8o$Fh!m zLPebAWuBEQ>VZ3*hfVf!W0h6UsBE*so9pZ)6#4-H4xfYmV{7I5`y6baJ;62GN1CE$ ze~}SNYHxpAr#bn=R$D|jcRm^(YO)scRbL%;>(7tMx|fQ-psMH$&hM5l#L_paC^Kc? zmU-@wdCSt*v*^tMW8oh%v#i0cn`dpMgFN&){KhKjJGNO-t%I= zLVaY*N>8xzK}M)fZy1G>4O2WfnS`oGg|&}fepVMHjFVr_4}G0*>(F{N`wWKX|MLuN zF6WJ{+ZoAgiK_|qDp&Do5gzY2on1j@&&rEoAU~~dN%QyFub#gS>p*fQ^LcxY^tW+5 zI{5GHCP9t`b@CdF<+i`Htigc=Jdp>g70na-hApSK{w}}XKEYMKaKdat$Fq@*8H&H zY9j|=&j>e;emCf$mEEOoVjqb7f@yU0&HD&(P6h19bwql@hwqt4h(Bea~hSHK68H%EUD zno<0KNwIcf+;4KLqBc4fch!8f{=>PDWbfcW=sr(J@U;er&>ALYQ+2*O6qS^u_Zg~q zk%wex^1h^54W|OLkZ3HRF2;^+P`jVBAe2qs|I7HYe|LVuvst*S(JRX&pmeXLCtVEP zuNRD1nDG-=jDtoU&lZn#bnlcy(_jFy7WO9 z#Td;Rrd2K4rcy%2{9Nz-@5Z!$%4+1!wZFe3q6B*l(BB>!3rjYIArGqT5d^ixmZa`) z$C2lo3r5)vp%}9_Y)zvta7B!_^5@6x zy?yk+%OF-wcdSgj%Dh|EBW*iu^19$SaZYsA!&6q>+Su`x*$UNRZ2zl7`TyYU&W1ZW z;JB;CZWiO;Ki#Y-?Yj7X!aELfje>6MgueNCYURK^2ZtBZQ$+bqcm=+L0*mal1au`@WRl&31pkReN~PcDrvY|HmeUwExqe)K@-rhoJH_L=(r9^K-!j88!+51)Ek>N7}$ATV-(XH$VD`3&dN+dozOw!1&9Ql>|i}PIdLt(5UKqx3e5hU`DA}5n&a8MBas-v?Y;ZtJax;WLl4y)iadL{ zab%5P863>^6K7mac(gcWMVSIo8Y@P$Q_h%IrNZsf_H@2q{BKSZ%Usyj-vnN3>sQ!BWqg<^AF!aMJ+@1>KEvZbnrYKEu|l3Yp334AFYm{jFh`i~_E zgH!lGLq(XjvshmU3^Z|{@b=f?+Xfk)o4%jd^y_J=cT-HkxiA;JSP-_Z2uPhZ}? zeuI~`Kiu0UPfe*`kygOx%CO>k*y-}~=spqap z%bYAc{yFo0KSwpy8{lnaW20eK@Y1{M*Cam3bafPg#3SAD5IkfhF;xqnJcumVks=4Z zo&p{knqvd4hOv-R&Yye%jQXlXa(a{{k^Tp7O!)&(YNsKZ{GT1Q`Eu4iJyW5RYkj+iJbfZ#unZR+AmFB?NIS{E!`eQSzjLpn1wtu z;@dexHk`x+!7eE0N<7IPKEKwmQt8uHzdU3d9!g^B%Joq}gL`4LWb}kqia%vS^#p~F z6C)P3`_n5;tWpVV1HG%t{MdiOqi);&_*vD!)g*DK@^P($>hPF7xzZby!k0S`dtHJ)#5tTUq2s_7f|ZbvXZTHce6#OpAeM) z2~6E=VWi`qbHK=^Ud=SsHK^6&3qqqU+r2H{FEVV12#sr*N+`7_xYi?%=_hoc26@NE zY9K)=t-n4?v|L3!c_tJbId!=Du8epS=%jzV1Y;7+%W>SDU-v{OwT8Z1UCq@~T03|2 z@j122^$f;d@=s@Q&Ule&%FdqNon~Lr1nd*;bT~8HY6)w~BSgDm;1lUI+pm_qwjG61 z_|RM=Xd9-He7P-WCqB;XwThrTR?dZYW~u@1-Q1{_5qIS1G5Jq&@Je~wV%Mp~tePCB zR$=-*IN@f;4hxP6668z1{dqi@i?Sc~Vcx%da$x9U_#1L=}q2wP*u;IsbXE&;DDwWZW#8 zutm-ScJZrfJ2m@)nkQBFeV&VH-;_%QUbhb1JvFm$oNsymNSI0(s#(c%tYM-Ru2TA~ ze|uxLc;nyH8$3*Tu6Cp!vMQ*p^9Mxl!#~CO z?~u-(jk6qu&_gfV+X7^7F}^f$iI<)(Z5;Ev5cx-o&g<(5QpW-NV^v|U;5UB0#wHf% zh>L93l*ryuMCrs?+tAh3)OWu{Iy(Ka&d;IE2ieYeb&!^uS?BNEC>5cS8L_(j1E+b{ zEa_C zwD9o&D>)nH%mwyRm!7t+glEWFOXbT^8J?nJjLO%b#_>PILL38zt389BlsBx`r_ETC z!+>G?g{oCM20Zb6;x71Z`R65iARq}cFG;^W)sM_xK+j|W&<;DJukfka6EA0?2VRXs z6U0}RPRCpISVz*jODNpA;%B0ZRYG9ohMpk|5t5mLDl-z(W(XgBQ$2omEtL)FRAYd-UqgP5bbT z9aq9NK?|yY{>sSBKuT)av%$r3oypTY*+fkT%TNU}B5mlC4hQ4P(>ewvCg$iumZpaC zxa{vBRof~x*}eBn5zjJ+4r0<~)6m>$_Dz0)IGp?xnpR-AEgb3i`~$aKx(4#BGq1ySYrrW|P0wrkf!~eL7@YmQC4R;k~PP7#UyTPx>SN09) zmkm(pPgVs+Cd*5&$=Tws$+0{ho7aTb<;jZw;i4SJ&ExX)q?AP|?YeS!4HUyyaVO+- zGGyErR&p41=AzK6#rx>!z*eA*TxtMZ&gflR0`j)dH~ z-~^<>pSJ?iuk=mFDnvtmDYW=RGz*vq*H|W!E_Ct^t@|s29^425EELB^dujx> zDm~Behu`+HPStQtj?o{hpcv&a5|U6Y7Yn*jYCiFk(H&;Ru?ksuc6=ON(l`|kw>V8% zhF($|go-d10;O=@6cDhSwqvHd#X5*^CC1j1@R9-z#!k{ar4^#UN0n!(hSFk%6DrK; z<3tJVYAQp~VSidJ&IG&R?9zvC{_Wh+Vh!YsmX8wG&BiZ0dptt!dDf$I^N%mh zFBgQSteanO_C)iEi@gfUYW90P=+*3JT3kSu4ieK88KPpgs3^^4cb*eh=`G3eECbkw7;t#c%Xu#Oy!}sX zoak6RUFkOSvL@>g@Z5uOH!*yIbE}YtfgY>6W`{A!?<#k=hZEd!ymLGox`7>@%^Qz~ z?aukq1~w;CgmFIxl7v+BBT0|W5u(lNK9AHuK+ka=$Jw7t)m?sF7Ug zK$(A;X?CZdwZJ(TtKws)pX7NmxNW;g9((Rvg_6Q?enFI^n|UG6o+zmIMb%38ZB0vn ztkiBRjR$wlhgFRrU#k*j0{b~i4z?*;dq!$z6#hWVH%BMa>%nWGkL`fn>{|hGVhb{Y zi6hVQ^Dz1#VP($}4d*=qB3!^W-0w4IdTXm6UdB0)I^kL{CLut9oLtNfN%thBEyq#l zjldqI;iC&H<=X|(2=0}g!uQD8u=e%_qZ>y`?4PPP*+N>*h<@-Mu5J}KZ{gHdsj_-M zm{rGURMxj zJ!3vt6)XJ|LydcLYws?I0)@~!YOu&86p!B-p7ovtBH`wyRnVk~FY{n(iUr72gL`ea z&I|qwSpmkv{OTTic_`q&9C^jO0=}O<=3TAsQ3kOBWExt|6+hzTuGBWEdS1xI*+s2i z9#sr;Uyb>TrD^2ZR6h>*oiDHKlRv)m%%?~7GBFtn%^l})+W}~)d;H-N%%jSlCNt6YA zdr$j!kZce-;b2qdkf^$v=(EZ%STKcLp%%kNkph(YG$e28AwwZ9`k1`@M)-CebKKHb zb_kAD)7+pm{@w%I_};B2NUQlNG?u^Us9GQI@E+~?%;ovE3VnXBZY3Dxh=RM~5=)3HGeIk2K$ z^BL2#XUZcgq1izvh|$N%24Zp=ux;NU9rGGAP!2n}kP&D;9SUDmonZ7T9q~FG=FED~ zyUGctgzDc~npbsP+!MG&UD2Nm?>Ra@gc?5(9#OpgQT*1;&J2K3tZ{?=!Vg7fYsXZ@ z{N9%b60^$r$97-LznVr&n4Ow>rXrvP002g{L>J+ks!d1ROyVsvj7oHDhW3+e_rCWT zYI)w>eWx77>LS_p$`4LohTQooj6CpqW8;>=HM=J>79VL&Kf32n7Yv}A$S_%&gX<3j zrZpG0LWbVgl|urtl<EgcH-_({#bRFV z?pAQg)`5rJ_Uiw5igrxh+c1Y*GD0lhZKPUorU)%RH|hyR(MR`x$OM`VQ+0SnO6s@k zw{7iMvyo?xE`(hh*C5j!Zle*H0ajtgxLznfHy(R_3LU!Ny9E=o1%id5YfzOqm zTvAG%i~L|9Tc(5Izx*=VE%`AR)KejMm@&|vhLHm^?B@ML4i zdb!URPU!A82P+((c!c)JRK6q7v^W!=r;StuoH{u?jp;0A?V8>EWrGZ=QT|ohC~MOa zECB^P!+&XSH48bmFxs#MMB9?7MadC6!%E-2yVOY<-^ch%o}TjJEM^X?-J{Winyi^Q z?w>;6Ob~+|9}bpl?rjRs@N~!(Mg>}oxP^|fHoQTa!Vk?~Z5#0_g*I%>lBqY|ktExT ze<$1=1a8gwl{Y`al-H`rRnMe%eBZC}`%S5>3R(XQkE$r1yc}X{bRR2d3zH3XvrroF zdB9tYJe5ig-H8HdW-5k1p~O6G8fS9H{cH3dP++6f@VeS$4{z$pv7k`k5Z0_u82>ro zbG28;Pt2igMCIthln(eL$CeFUJ(7#42_TT68Y1(4TN3I7|~SDycrgndMh9_ z)tTd9M(?t=E-Y!Uo7gVYqv>W;zs(2<7BT0T2wjpiRFSeU&dVSdJL}=|J&ti-kpYe{ z(Sjjns2QUUnKJCiO@oivfy(9NHp_=9V|$cV6SoO|-ARX*Ba{kTb7ZE7bIk3~mA7ef zfunrY6}Ug=O0ySn=Y@ zNvj}Z$NRqYjhabFnSXrtcjcY5^t(yr?yKkl_&IrJfAz94-*x-bTW-RDwgoocjTs9g z)4@MUiI?vubXL@FO=jcw98d7kFA&oQKCrG^m3rwVsNmW{@P96R_amN8vGEBcSs{P) z1|^opDgj>iFb&jI5hhxN1+}rji5_zPxYWci!igt3c0HOaymGF9D&2zF;z5HkDG6<5 zlZ&t(BO_OR3Hd>vP1>{ja%0K(y)!>Z*tpxp(ID>5ddKVTf>tY`*jOgB-uDV?q#;ub zOEJ?}aLRL3!BYWoj7CX-?OQ@cSE=9PUynOh2!CZdd}7TK-Yb){tpr=q#(Y41q1gaT z-ZYGr^>bsJ8Brb1qaNOBF`w9w!KK7vRr@3znsD#pcNs8;k>wAhj^S7(yVef(XM{9HmVeHNb13!Whu zZ_C2>S)sfWwJ(6Wy_2jjCN?iex zvf#_;uxWfn=onFLw(`PhTB9sb2D|*5PwUJfgSA(iq&A=2U!%)=E@1y7&i9thiMf&J zgPNpp4J|tW!69$cnA~pM`qR;$IcZ)6q1btwn<2+d(@?$-TTU!%=F%Py&C!;FfZgq1 zjoiv0*CjAo1Uut5OvLKw6MQ_YevO(0+y5m*WWR&o>nxb}2a?qa9X&Zke@Z{zNmh%6 z!RpAYhNR@jwztU4ur~Ji{PB_dY0K5zsU=UI(%1^^&4CZ)TnM8}1@OB0p~b~N_)^K1 zdX2(K9pN^!9VxXBP11^KBM5O;L0($6XHg?4?!z_!v{|dyI3~)t$VCy!`|?Edk3;S&ImR{0_JR=MQmN@a(bz}nR zx8-7>tU`dMlg+olEN>4rn^FiI6`B-t)5J6#S>x5CIlsn5znHanr7jsmR`6^&BMTx} zl@84*s^0uas0;&(_UDxt-bQqA4_9UqQhO;{; z+uDs6H@RVN+w}rD70YnL>_1-9KJ+Z?f4_#qtf9hSTN%dofm?;G7!HT9?AVU`W{3G? zKi0yau^m1`HqQyn=a&T1yIkVie+#v(ykzM7omxCI>O8c*!OJ7&%Gudr!?QdYcE~Z| z$fy_Z*&S?pGN0Ohhj+|)b*_1tTvC74g;N?go+7LgO+f5`HNkn&R@ZUXHOzraCINga za=9HHFUh=m}Aty?B=8m{y?jwdKYgE4i|==kxjN-S71s z+K@4UGl7be$3eJDTaSzhQ8mfPFgDMp7!dl3vs-8M&C(~uViTt4gKp2hR}-K&t6XQ^ zC;&t)gC;E0T$YAGbn+DR2(H zdwJRx{7-8Qm(gvq^@;IDMfXr?CTa!3SLlgGdPe%SMGfO#_dxm|B?^Sgw6(V4d`MlS z);oDdj=Q%Pe_WiYBA1>KH>XD61j2f-Vy5;J+c6z2k1C$7TgYGA5=_?fc)=d4-`vG} z`G3oM#1Bca6sn*R)5UFr>8q--Ulnq>n>D=Z^T)bsWX^W0%?<=7P-x4B{GS@3(_hTn zR`5>yw;IEk`ZE@LPfSC1a}yVF) zAdroI*2r9pPXIr$^+>{}BTFe}GFdJqQAjH$#x8c7g1XY61RB#&2!KEUl#S*9YzGtN9KC zyZ)!UG37i-*CbeD2A`~p91{o;GQDv3Mlk0Y&7RMvQ*l+;pD(-vL|;%ndFo^+fY3Ka z!tOS^Xz6VglFZV116?x)co$!Dw}wz0QImo~IW#p{<!~3hh1WJ1{6wqd_d~evl$v8DvkAXHGKic*g$uqA>se!Y=hq6x zYa2V@DQ=X4YCYD1)!`I z0%C&mZSF5Yl`Wn^MBAnPmv>x$`VGo@H@MFCc5Oh-c@4u>o+!ZG_D{q0XFs5t<4PO? zVoe+alJskBN!7FIViiX^Pw@O$N*xH4l;YIYD*MQ-eRu!_cBA5ktJf`4qTmK2%(_Oc zNeOIOcS7xfkn_lLpQA5Xb;!RYCJ2>{Se}vJ7c!VNCfBbe2wh?AM(TVIaaDNBtU#35 zo(p#%{b;*{Su->n3j$A5iaBYay{b>*!(Zv$wRSId%Q-6c*QgzwB=x<$sy0af;feU3!gB&o)Ke5G}%3)g=ly+RbjHLWx+wSjP0KTqTy!s z$z?2(OJn1;K$~35UkTwsDdw{t-s9}O(==PmM^RMc_RYz-6hcDM z?=2Eq-c_hmZ-wFy3Sp;XY!IeqyP6hp?mu>!a7{tsX0VXu9cPjk%Boi}#P);}x+0mB z9XgX#))94Kcc!=Yi2NR+@zAQeNob;ge8t~(P*Dd-N&|lLD`uzF4bqAqo*T83>F8j; zW9y~y-skihoI<^1co4w;ioI=zt)uO~j2alulc}zCTgxbSj)pF%mt+B3y(s>IXHMVwsKm%`70)z(u}v8UxKiGAVSholw5zx;fBTtFoz!E#5?p z$?L8r8Q4Dh#(i(%cs2wGH*qW0lQxx$w~N-4WS*b|)r-%14rkjGW&iRWgaCKe@? zF5F8}-fQtmJfq=iz@2^Ba;g0ZoV9q0>8wyqk&z+)>*d@1RJk4Lde`OAcDlQf`xAQY zP}lRCWqBTUTA=C*8}Kxan7%7)KV$l&h#6({y~wr3t9tNcOPq?ST)QEM4!yf?``NO| z59ENQo664ui%$mR{;5){^ik~49`K^cCd&-%pdS3S{ldgsse%WOQ{FfuiqA~dlJiTZ zlb{nQ!S#1lApd^+-<(k&g!&^a=MpMb0=sYLl+^lI+wu=#K=6b2OpG49O3Ro(M^@WP zu%vF~x1#INNAq{gv^)<};_=dYhG+l5VQ5#BIfqY7j0#$BFKlRx)iN(TyAeKrZ84hW zf#9oZW5NJq^O3CwXHvD9?HNkCc`r`kRR#(W=yI{w)E`GiMglvL%=A_gY~<*vgbX&t zoaXH>%0y0wP!I|~Psj*baDHmdkHI@q0st;Oa|9$;r|Hf&Tak1Sf6ZjVy~x<;gN@MQ z%7)E&9!k(nxnh>@HvlrEU&tu44-I}?Gi3#sOxHoAh_#G&m?lLRm|HIK5Y_tI2cx$4 zVEyf;EEkigV2~fZA#^`2Qoz1gLN_Pp zTQVK2rRgAf4w}(?gPDc?PSK9L{H&SzS@Hu}L6A1Pjd^zRBv3@qvlfl$w0@0>^xO`c ztV3d~7ZBmHff0~dvqF-=qb!;jn?vO=@UcCTeTOQiTsg`DQ zi+?0_Em|oCWv_Yzw6@3(8ztp~VhSI^cVqU6uj0%@dPl5m$IjkLwUAIaJPnBL!;TaM zisnbe3o)*LDw%ras%@ZPNUtAQT!9)l%W&QeD9OD2!kV&E5+JKu49W5y3oxw}tPcMs zq!aeVhAJgx!@Rzf=;49tG

BJyHvDFWmUT`5Y_X7Ev!mD8yBDx49z1-9<2WNTzK^ zx@MJ!))}I8vudkT;Xd9ZHJe3i8#|PoHaRRkIwE!yD7F(+tM)KzG5gU7ZkyRd+B$n6LaNY*qRa1Zx_XS( z%8Plse@uJ&rsM=s{h@a)W79lpX?GPM3sLqO6GykN}Sn zkgEFtN?Dd}ucqN~Pk%LLsNLm%6d%8`R$6YqKgzyJ< z;#igR-shL|wH#ZM^Fu-7P;E>1=fKf~WQK%8BPTIPe5uU#dh}|3zs%(*vGRnIcIO+&eM8%8-25KX|26kbJ7@OB@Weil3SK=HzQ3wbC)2;x zAd{GstugW~FFT^<=&$7guQ-c!H(IjjjJDi`Rb#XHmon8`u*b}+um!tPt{AD^1nT&N z=|&#?*I!8wmtS0A-Et~!x1Sh>zA0=>3E#?ATX9(9J?C_-qRvx9&on|(Du%N#=jm>g z4e-@gP14b=$uWsEqi&`ZHfprNiH|nNSl-E(ADcD*&b|jdxbYr0R}EV!&)wi2 zyl;9ps<)73BS zKQsgV6tsh>Fv9y@1Wl&#)V^%c0u>Q1?Cxo_{P^aO zi(gz{KO!1KE`GMvB7380jR)&YRjokGW!s_pHj+tm!)66mN7&th&rU;Xe}Nch5ka04 z8}W+oNP^jdnyksFdDXQKt2dZgP%=;(K5t=%cg{oTV4!O&wJ!?jzaQHsB-cJ1D9V>fk|!xK=v zlgEkYZ`#9h5|RRRf$M;sfF|dm9GA~od~mN8x8U?(PFEp$-EY3vA$`D3>f!ERsal@C zagY~{Lyt~$LhxqA`PP(r#M0?h*3}KG?th`hux)$X z_>wy;@5BA)`(f6;{s=O?`R2|GqoT+hKt^rmg=gkKD2)hFCZV9{mqX}+9Kr{o< zO{|?_Jj@+E190yN`_37pzo^KjRkqcMY`HW$}FeLnGa?p#J`cLMn^C%!#uDV4s^vS4EfG*Jp?X74ka`Q z2q)A7D8L>81}@P2!w%!Z6H-h?GL~GUYH^=+;UwwJ{I5TDy@N%#Y#hI!qPMFJB^={6 zE?mM*Z~y33Zs;rgQAQ+ z*h?U;l?0$pyb}=_f$>6gjI&wC|Vfh!C^(XCTjXk7a~ujRErJ zfNbPII<%W|@r57~w zU8cfl0oRTxS~gmCqKxkHo?EM9MO8n=ukniy9`8)C5ICMU@pR1*eLn$QFKv*QZIxbm z$gg-9Ck{vHlwJeq8D4W3@|L`z8F3i=CQ-Rr_P6Hrbkf{0QN!<-7PBCT$5%9g*Bn(*qP{ z%2+>n51%v|yG5Qqx?s_KUO^|`IS;yAc&|bwdQ;ci6@IWf8!|*o!^YZW@1M>SF{@c; zqm~)*^T%r^G2fm)S@TV3zu~NEpkR<>lfFN0zN*z}*~rydG5NRvs9?J0DsP3{FV6c& zn=DWVU4umxXe-z(!0sz>iVV_BNb1XN(VusERj8Dq)N5*XXy?CtM~sL8@C`foKFoB{ z&Q8bG$J!B<{d~Un!GUk5?bnB&wM|FO>j;GbNEQ1MV$p)?8fvwK4ja1Fh-h4~7)sgj zLmb+yenaToc8ZH~(0v--mC(6hvLaNT9#ygj-=bHw9`HV3spQ%w%Lv!&d_CG;^?tZX zf2@dNP}|s3_C&_9{_-~{3AGqf^HF*D_1MF+m@+L016thv$=(ZRBoU|i}+Hm)+nWMRv2)oya57c56 zwru)%zfR&{0B2EJlvsnPyASfA-f|8~d~x|iL&NwTZK&fh(Qg)wS?ty>WF2Y7GIKFs z;0GL8huI+%Mj|Fl`&oFSxW6GVp=hYc(FYGO@1YWy|Z!-Cb>b8^2jJDFsgsHuJc`>9zJ3i{08Qa6=w9x%e@tWJOR|t2e&3at zIb@m)xp;KJ$o^mHjhvw4CsUcRjy4cApXrE+;DA_hifro55MRUzn}EwDO*Kbn_s&#V zfM|@KXGA{pvjv0DOxy^kxm9%D8ukdx6&mDe;rhc`Wd z^XbComrMErn%?dgT&_s^KHn=?skDBbMsttvhHPu_*_p~dDsEIX>dBw!T zyqA$jHmGG2Mi2$7av8=b_|-Yi!q9(?sug_)it?$S0uR!ccm?BU=iLuwbq_y?kCOlh z?U0q9;FfG4FfITNza-8!1?r8>@c&vqQp?QWV9KJUb{fFQyj%KL7dNIb1uzqDebWUb zrX6M|wFq|3lzB%N-q?yur?6%KRIsIzHKzN|Nd)n1!zN&h*z zzN_*0*=*+?)qFT<)I6yWF}hJ?A6JsZpE&?1mIREle(idaYj7GyRAzpV8E4p02fk4|wX@$lb=~$bR(+YXe z5|YuwtGI$b8W#nZ>t8+TSJAi6KD^eSDW40tVJtJ?C$JlEnMpg|8D=vdJKHeobx3Il z6*{1O>1Q5(0(khKqf|{}8%i8|pvqDhg4sJYwNC9B?`tJ3XM9 zAM}mhB&V{ht^>Racv{UIXY2rT;=9dqH$nJpA`lWz2`hY<>V0GPl5|$>OH4*}aC>{I#))$~%x1L2 zC_(7R%J?+%S<=zhZFCdA34;z+&JcRj*7?g6b9+&KXUSOOY4Yp8eH&i*DOS)Yv7?Vj zIqGPn;jDe8CeQmSd6e9*Q5PE>1pt=~X-R!crp}u&KvowU@bQmzepd~gJ&=cl{a1M_ zAa-)6x~^(>l{QtqEDSF#q*ay}veo4e19z-QkJMumFaN&TA^ADmUnI7|u{v37p*Ck9Vt|Hv(V39tCcr%ha`$iUk+W9c=nu zw_r|pkW&pp7@p*=?Bc~s_G|Yv|FtCHlU+naNI2UeI$ZAPii^lLdZeE|peFF5gulWE zajJ~C`>_gaR(vD^Di!W5-v!Cq+UxI1Ho}r_g`jA9{9_GkT$EO`X2H^JCW*dX6GJW5 zyHUEnnNd>wqKs|AIh<}7t9yCmpeBohRtihlCF|X)8g4Bvk+d(#u%X}6&kv^SwG|UP zk=va}YiZMqNKX^*Zx5*O^RUz+qd66L_&D@x7v;t5$`nD|)Uc#7TknB|m(i!d)!mqK zLIu;lpBLYH$0Xt!WK+yQ&uY9!@rs#@v`_Hgf{go<%d(!Y@*fx9e1_z_Z?f^_;X}3_ zH`6J$Fev203EEQ2t~DN;abyQ0^|@CLXGg%_D~l53_@|f4pP2yX0*p)AM>IKT{HUSV zhx7z*`pNdfn-3km^N%eox94@spN@>EdAt?6m19@K?UBT9=QZpR^Jpz*#7;ByoBy(u z`RKq_?vvv}D#{lXLCSNw#L`9$JkFn;}T^Q4}Na(}CMwxo-F>}7Z zG>IqGH3?tYA+)IUtJxt zsIR)8l((C)0E}bwZ18@Ma4BpCf|#<^%`s#jfVnw{pa1bl`l7+2wpzP+@A84-a+?8c z+4K<$8g?+%JhSu5&?dOv+=(}==jAkf;!g?4ZAI9{1h^{}sUYiu+l-rUO7tZg=Idmk zemEeX_o&$mni${FGb|cVYZFRD3L2NYnXulu8zPv~uYBU{jIIfnCn}j3SwXV=U+qbA zBSMt`6Hd9^lU*SFT7{trZB%Bw11_~qa z)BWV>9@BMgsy?K_;K9_WEs+WHz?ju_P%rNw%FEE&@do9BDpvpy8G{CE5ypoyfFp(T zJ6(GI(#|QJ%)C!Zv>vO=MbOnV(1&n}P}nw$8bPv=-#%|a&tAFl`TiBQM6DZuHWw-pj3My#`1ERyUquNIKC9|<+0RB*$!Q{ zR?e4(*q7!A#}Oy%)Vvh^(X436%o^0>^D|mc0&-f94I%?C9@w8X;YXo1qbL zx(xc!S^|saYz6*$$@As{b(AAMBnNFH^}acjNeI9#k{7}o1o(Dk<4Cif_$jbpIU z4DIo$g(8;q+7W&y(3Y#&ha`=K%1O;>n(I8X=>FYjpYWc~6dijy#(&+^C5y1z80P?pUW~#JpDKmTPFiK z3rR;!#u;W*sQee*V3I+o4xPr|cZhVhB$~gO(la&`;0=|97kP5O_oknP}zx=6#CD zi}}{lp7msjIVEWY0^OKe8kZVX->9|<(g#)Ri3=NBg2jusqW1{Wj(;?OPzd>zH{^>S z&D$OSdelljY%cTlA>MW!2en{akM37evM1X~Jikd#o+unhTU^J(9sa-J24!UjVnV+Ah;@i(I$KY*LYAG^D*y+0|zV zzfza`Jj|ntfr=Cwnm8uW!u!atWJlNgiMK_r_PsdAWhj(ACk#n%}r0Ek!kuT!2 z3OK%5>WuBYUVY1VrEYEcJ_=s-P;!^U?uW<(asrL3^UoW`tG$ek{z1^|r_xl-p~9it?>hVxzTkvO#^s5t5Ve~n zVzDll{78c6fSpN0s;!p^`BmK_=L$uvqGW=%ws@0QjFDf$qktfe0G;&#X{Hz4J_#*b zPU% zNlzZB(8k%ygsmEsh-OhTPb4Qpul0aW?4%G#E3tW*w9`<~u!E~TvG9;RFzr2S!CdH_ z!1|V3?{$8IG6 zxkRm2hkw#O^{7M1ets|60;;cyNRx}kkFReBvVChKAHlKVek|JMM;pFY5O(`20@-DN(5 zJUc!H*5aW2+BQN=t2`NqH1Kc^FP;E?m?H>(i2Fx>Ao+yP0E@nI5A9`mJ~P4fRPvGK z=^b-W=gBkDC20qPbeyds?H(a>!d=y2NF~t-aB2o)c6nu80(h~QFCte^ngKh;lo-< z1uc>QX@7gE(>#|g2Y;YE?`9ZqSUpj~pX`Bkx(9N@z1`V{@t#=EW-boZvIQad~~Z zT74!w>M^z|CAU;4$Wth;`SWT~g(^rmEcU9mrNOBi$9Q51b=2gjz^Q$rYYI1_9@x;t3Rpqf=F9thE?}&8&dYC-=E@> zR_^Md%6mUm2lc#8yq6}V0cQu;@PT<=t6qS-Z!onT#pw9ZyD$WNP~>ZC{~nTtaK)6{P_Ba} z%q%mq-rY9%##>j!w+TPi?znHzZkr>?Ul{LvuN#6W7ZQ2eQmRAJZ6 z;>&mrnPaQNi+^_Y;985X84fw?A-seB9hKOU0FY@lH?f#A$^U}ZYt#C%ib^)>y zYOu@h=Kg*e;;(M*y}7@cWN;p9fV!q(ADOUoe!yq3>-a(vl*LG6-^7)r09VNRI_-fg z}lKV+* zhj@njm5CR;^3VmAEh0Mfk2Opk_BL!ltk3fjhjHgGxu`Et1*`@3sMOd#*_Y@&-Wi|R zndW!B;n%xkq{L=b|7q4Z>iNpJ$4O+zhH>t5aHH#Qp~f%It|8gV8%N4J?;w4Y(Xy~| z-Q=A3CO}puDLQm#3Bd1a<=JhQ0~ey9j1p?xf2J>}Eaygg|LDO~Mj+}%IUbU?YZ#+U zRS7qE+7bJeGx%A@I`rAgx;a?LYI5QX=w-MpuQ+dsnwePyl|)K2)efj8wpZFMDLSssYWiP_}eJ$H^@lhaSTlI;XiJYzH4CTUrtC1|6=Ly`Md7T2Jv<1ZTv5 ze7IcbFQhJUXAo?TY<@An@^PIaH?UNB1*#_hZoYRppyJ+dhPl|ojIpFX=qjmrO9YHq zpLY`fJ@LYR4Gn})=;f7p^ltLYB=oNhmnIg6-_}KOrbXyqT>3$9JPOtW_$Xd8{iLMP zqi`Okjk{@q#fxiFbxsi@?K8aZ#0I&?CWi(>+eFby5$@x$9Fm*r5KH%sGHOgurPnQQV8k zZfFZj4?gV^X4k!3*Gb=jB+dwbQxDRMCe0p~r}Oxm*6UaP?hv|n4`6mQT?k|W-(F3K zG6~yDXLu9j{RItTg$n#eOTJS%Y`Wi2UmtMTvY-+-^VRcjMWnE^~5u3CwU|NE6KhSlTsFp>ae&^Jk~-yQ91cH>hDld zjPT1!6*c^3i4V&}O>}c$y1~`y{9dGkW`bEJq?zhaX81};U}2XkVv>(o-IXuE+&=7G zc>Z*rhvAC#lsdoSYrfO^HgT&|1sq=qW(Q=&2>P!YdN=&14H934Ca?7^4?_g4%hR`j z&a9HIThzBiVABR{wEZtcC)y@F43y0Mm#L;D>E)Q#TX&i~khy%1#Oo0QCHEN^U-24T z&b{wv;5`Y{@=RV><1)EBn4DV8mv}_Z2HdVtd`KU|J<@>w*ORMkM*hX@NWGL4+e*_4 zdyVr!B`?gwL^ND3)wfd`xJ>4>oA?avl~s%rp3G90^bO^D%a7t)^xMse0yU>zb%8Vt zbxW!>7_Ew1KtbErOHMuK+lcF=jz2_z?+K6NpJXJaL%6KV{fm)D{JV$x6(RBoqYPh> zRXgv#&ymzUd##UT#^3Y19>#a+gTf3^cH!jEPyD> zqd2+Hi4m1)U^TnC{JQr`q@oe##rDmJFuSc9>Mig`%DXlx*FTzrcl7|XfYmm zyf+wk-z!!&!x?PB!)M^x`26jHp2Icwf^zaOTD7TMZ`M5Ru$oeV-gx(#_+8>p1gbz~ zu@X12H_fM1O}Q^E?27S=N?0csD&<#?_YbT3Ib zJ7I6KlK)92G+s9jX4{0+J$+5%d;-2xsdY#T|t5XdX7@n9K%hN9Qy{{CwDX8@0ceR&UMtghtM~8Zs7mO%I^Yg7+H5Xx($>EPZ5X$`h}IF=DYSm&^RggQd(f7)$~w%@sHENHuYZw< z7UM^g;V&gZQBilRu_Zg=JJI^WGhJOD@88hz02_R3@^0Lx?uFLHXY9Du@Z}hUudvn* zeXddE#XdusI+W7g)GtCORHqhFR8Rt5GC?DyyWh5f?1pcUg>*Edb@8rDvFs1hQ2mN& zwz>3(D&G8LG=Jl_8eyc8|8f@vJi%ZeNKiyygXfz@&#K~CBMBsczIC3Tcec|jQEPO4 z%x-ml^`Ld<`96t&5KKT%kfd9C(@w-pnw=1k z8@036Orf!C zaYcA!I5cxtCG^@B%kQu06`$NB`K8ADSX z3#5Ah(q-3VDOc9^Us2@@&z|g%m<}}BjN0?%tw40B(nG$Z85&X^ZpQP>r9wr8qND;b zt;+OV=8-C~_qkNDh|j<#K)o-)+NcJz%W@o2p4XS%?CX_4?OBM^e1hmHBhI%Olk)5l zg`s=Tv6CDq@ds2x6vU23xEmwo+1pejKYy~bi4+c95;0Xu_AYN+ebK~rh;UWpb8^aS z_H4w4Ur7Emc_E#Y{X86^`y4URCx+PjVNs$hy=Mj5@cO*pw60j`_r0Cr@6wD9%7IWh z{g)|(?V^zD^szsyqx($mTL#;b)rX%Ok*jx#5<8;PWST?dqugb?bs_hG-kU!!YgcR_ z-36X%oVIvaUc~};(6u$SbVjVk#tqGZ9G&O2s;aWj$#L5UMFZ7qtfGEE>Ww{=3e~nd z>#HKZy4mBj)7L~oy+-n!!8P5Xu)jOzP8S*?JNk)f{cEy+xqGcmS-ut-vN~^R4l0pW z0>;P5B@kUFZFs?*;mnB_gY()mhH{a^#WnNF8|Mvx|RBgCS7*K>r0) zaYfxp#3u`${z#oY3I2L*CWmBaXmRd6KuZqLAZ>mug`wbWO>8!M~RWwfaY^~2e zN;GAz_@&`>`etV4e*IeW3M%ahKN-I*zoI8uR*d9c6kPnDN6hkpGUa?%k@`A2UB?K~g@j4$f| zDiL+F5c{1KdROYQn3l`-cVek^qeuKmZ|HAtrbCEXrHsIrGHDAx_h*xM{Z``fm$x;V z*Ys^)@V;rYA)>t6yZT0q6Imld(f`h7cd41w!ce3L>mAC zW-o&V>P<~|(@-lSAYhE|x3M^r4xh4+>^vLKO21Y0KZNG~W=sCf53g0gyl~DPR@c>y z4%HCWtKgB&*q66Sv?jI*u6YbRk@R#DOt=291J+r_cXgjPqyG6<`l!P8Hq%9%usDK-J?CZrpnWyW%zn-sN4TF*SvJQeiQdU-u5zLsB<-Ncu*Mh{i z4C*PsF!h9`&G4hH7&d05$o49li^BhLx_kl&Kmg-;D8F~n^#*yPyY z$Vfaaxs8ERP*8B8L2^@darh%D$Gl_9rZapuD2Dmp>5l&M?|zN}UMI_+Ax+2^tuz9A zDd|el*DiO(aBBUOq+(!WUB$9bOknf~ukQ7*vP9N&QUCcKIRf^G@LsE7JD`|W`WCxj zRT95qP%d@#u2Fj`pk(>aU;eiY%76J04fNGqK(-&FJ}*E?>)%(UfX5xY=REUjHo(m{ z%AnPDvD|BKW10hM3fe?Qv-bwggY1I-M4~%vRuM>mzh9d{TElSeuHiEFqgYv4zkIH; z70@`W>?6h0G1Ie4U)^1uVm3816K$JF`jOL_bU#NFH~ZvIhI{FO+%Mp?J#3unTEx1B z&6IjK?HHs8?0kOlwKJR!)YS@JME`g&?;@6Yb=5@Av102!swDU^3eyt)Z;sdh$jAO# zapXq;R&4zoIUji4ppK^Jl#AV`V=F^8LX3gevP5z=qHqMiViQ{VIA$wLG2*vy${eLA zz6m2+=pUk~|7or>V}9jrU0$^|E`yj68n7rD)$Mwe#6?ayfk<}IJCWC=L@uz1*xhpr z7{z$aefv0wLNV>GW0<9-FT%||;&+NULoSeth4;ULe=jijPu~M9Y|nXMFZBAlwXi^~ z2=bRMa>yF*((+cyy66vQ68y^vzCRVz#=}n?WJg6s0TVNlc_L>Yc;55R8doS}0B3<9 zI?>TEvl~Dw)^NRY6VXf4UpId~T~b`U%bKVF#K*LJsJiQ><{`b!pX;Ie!*|&Vj>eu! z5^(R8|7=m0fZh`e2)xOgI(BKlyVU7srHQ*Xv`R*w;_HFl58XrcF=so0K8RT%sZACb zzi*Ut?(S<@^VVwPe)!h4iTpcw_6miQN}J9jdyYR_i&J5-09L3CUFY(sfFBj3!X(>I)IqFhl7zd)xL5fB|_S)|+qiFB0?-h2AMXU^-wn-UtJLuDBPk?{Qu zCX-`cBLVhHDfa(9UzZA>0EsSwrpS$!6@S=WU0?Akot_8o#} zupIsW{hz{YpZ@Jki9+!ucZ0CSSZu--#COW2(Oh>z*+9Q(%urcO?WsoHFOrehRX)hl zzD57ZxD+xSfJqmRV-KaRZ3ui7pa#ccZBE90^Rx)PD$ZEt$jX!Om`Y``WQ(wTwEsVZ zIsZLswtMp_0HSA8o8Z>^t{XqvZ7~{DJ`ti_R>~v>@`wnFFddZ}GiEkwF zrUa@nD$oPb6>)KRc5uu#c&yUKTfh%w$a;DTjpX{n)c?x?{bwWaK^d4;4p73Ae*v?9 z`^bM2ul%wuEdel_fBS}iGFmrc01S|Y2)zF@umDsfje+TVJ>~EA;7LS z>CZ=yS^3M9HRH#;{&cXX!eoK>5|^q3{)-XV07Q^E09`fx&$IX+rWXvr)#49ZlmB7_ zUw+}uYPoIapPoC4Gh2Y28puIb{}&^8%?Q}YF$-k)pY1zfo#p^unXVjT|6h#YJU>8V zDx0I}{w~D#e=Wy1E`@g47>?dQgGOKkR}F#9XcNfJ_PbBu|J*x&ZCv0C{kPf02b>n*Vr%O@|SDuFW1=buI0a|!vEi> zLi>p$LGEWxVf};X3_l1#WBCQ;i?h#!t>?#^GYbo!-+iM?^;n_lmWIw{{l`@{9YTEX zs07585nPDG?ZAG4nsGM?_y>&{PdTmX@#M6vwDIv4G7c*AFK&D<5ump&PY%-czwm2s zm7WR%r-S@g|BF~ed-vH(Ng0tG75@mG>bM*M||ig;>;C>CrvFa zx(nZNDT^^p;5c28d|Qii=emgzUnl^|aOuovPHKuYjsN9iPxS$s^6F{!QU4=cvsK+b zD?A@lISHa+`V_OKk0!%2evyuFs?VGbN$;rs*CcIy049V(+GLgQf96!7|Ge?|^vyWb z+^UkVwQI-(I$IWc@j=bGGh1=MBOUokNHP8EBT-mUQ2JWYar{#Z;wRVO@oW37f$Gz8 z19LGEbSun>DpMumj3fL)y&L{J$fCaTlJ_h&RlP|x98Af2%~!Cd$Q z=fM8gw381@vw(=dT#d{%gB$8F4xB)Zu^y=YQtuZ_x_{k4rc1 z4g55@2J(nq9l3N%RzUq=7h;}$Yxp?Z4tIQ7b8!+VAll zt?RrWKVE)_%Q&h&9eRv-x^Q$5;Wqa9Nx=F9*VlK9ABXZ(RbSThe|RtKBxJy6bao5lK8RD=I6Hb*)rYv@Bn1=D z`6PKB{;(mRe8MS8%j$oEm*41s!_Fd0 z8zV2SQ15<-HaVz@UYm=3->*i5bB6BLsiz#jtx?aR-pREh2ssO742z!Y^EEwcs{+yX zLATjsSFLAf8Rl@IfvWoYx$(SueB&+DJ9yQ@LxSq=^|l*c)sz*QFy+>?of`c?OB5CD zW0gnGvaibqJ-vAS!R>SB&gs^4IdAEsm2*pRJ3-Z$?{pQR&;#VwJX-!+8L8! zqMEc&yDU1FF5?-1eUD`+*n3ED43}A-P3OF8W0O@7y$ zZ{mVIkTjT;kAh*j+!A>z#H-hUG0!Q>%cPB*bR-toaOgJ}y3o*m4Pdh0Xw#Aax|r&RKaPv>~)nS~7D$hbB%&r?ad^7l*+#5;Bt5a)(= zc8sO`?%n??ZeIHMP0P?tT~%f|ag1hF$92dT5YPDKq=LZcYCN!FV$M_aonId1uI(7K zq)gS$CLL{<^&DCd@8soTonO~cYGkXYG=6OkuH>9+IJBt*jm!PZS^9uJbGA=3s7v5p z%n;VwOkAwOqNGU{(_r?gVs)~t?W&NuwuIZ*EyvLcMeFo@CQ)Kd`|)X-ybvUZ?n&f? zNaab~{=T+Uz4@)5)C&QKasNe48hUmn+5-W%TI|AXdMGLlUI8;T+1=Qvv_p!8c3fc* z@o7rsCh2Om!8ZK8@OD2kDz@usrTuDn*fkawK3_|hbqoI%*fH*4_11X(P7+B9Iyig$ z$)}fUe$L77h57DMiyiUBz8b8VlX^JT{hzS>SJ*}8dAsaO$M5I*>LT12$+r#?amVqS zIW#K!KK7KYknwk;L!m#3nvFzWPlPbbvWGL!L5!2=f;B!}$D^yRq=VJwZ=Sr)rMw?Z+2x$4O@Nx>%==yYkocrZ_+)Q{sawXLd4)*Oh^{oa}`;=+G ze4B#zzpq}PSxBDZA??l1&Zf<3t<@kc`cE7k>J#C!B%GxsIpiQhbiR|t>Kj8$T_UZi z*!LluTt^ULfJ($?n}5qLG2%4!!t(clK27^wvd>Xa?QZFSF|VDBW{L<@kb2^zmh#p~ z`=q7(LY&4{|Dsu3*}HaG79{T>cTL!S$E<1Cwa8fDbgac844mT445!7BBsuQBBjOp4J>WCbjT~!WFho1@&tNCwHDMp1a?lKTO-F zwGhOSc7>}1?cDjCHA`grICqHH5dALUCC!!jSl`aMWqb{`6MOMz5=U3L;yD*~KB_p0 zkE|sm@OLNs=5@u(2!pG_*T&Gz8*gb2WA5}!&)#C(PTi}MBnqvh$Hme0iTXyjuxZVQ z9b4TQueU-r3CA{l1h0kM|)~j?U)`~qcUBc z{t=E<5;mk{ILGVw3-{JeLrvZFCF!-Pt0l8ZhJL#>-Q$kj7$eDhp}Ay`=}_IL;4JQ7 z_t1;Z^nEU)e7*CDslsJKZFk3AC#|B{<%Mcsdrz3iHRg&1qngQU)Q+gpdEtcN?Yh=s z9PRPPB0~QMORaz*k#?PDS>I>4`GL%{oSB6B2I0Ck^08y`&TNI|_+e6#F|TfJrT%D$ zC$_ZeURP6v6Be49+%79hIM;kJbhL}V?R$zakX$*qDN2$-@VOewYpges53c6D5_GD@ zj}|KilRB>_@6VGoi}r@{)KuBaSbr>(r=(q(0zMQ^k~``H)2|JSAnkkO6G}`iX3Qgw zA1>VrA;1p4HdK3%???sjy}2r2tkC1E_{n#h96EZ z&%>-8${#ih8O_s) z_G9PmULlW8`>IVofXX*s~%1D>(a z2ag$TkIpOQAgT#p3}9-okLHlcw=E`Zgf<>E+a@0E5j~$F>%E7WV!~hvwXOMiS4Rg< z;kt{Pjr~s@w#a50@PF~Y0O5b)kpV(m`h%;th^-a9o-sTcV58RKb)MxPWjSK56L&i! z5On=M!%3>^lNc~I{s*P{ZoYKlzZszaO8_0Ii--95$r>ahOCkc$_BJZdMsdrxvb z(movo_AzfEt=^~lnzRJz6d5%nTx9l&)4!XcKQU>Nd`v_iecc+Bl<#SxOG#_fDZPq7 zAcIddSvSo+*7Ery4 zsm$eENAGh#23u6~E;Z(>Buzp*bSalTX0yAphD!W(t*@6A*zYaguXgf(RxPqHJ>A_P zUgi5rpTF$T``HEJ*1V$Kx2elpUzokC{puVKr!U{k4n0;QuyN%=Otel5(mq)mbL@MI zc5SbTt53x+k(!8#dBcq9N|YgKCGLESl%KV$l4c*igh_Lg3ADVPkc~c&X+w6`nrsfOmR>42Lr(I1 zHjjS&_DV%wt20-h-KK{k)=u^v!&Q;JT-8_8 z3jnmG>zg{vawk@u3w?<~ zX56PEqP<%;8e$7}=TEXj6S^nr*z$Jjj2=|f?KBSOXl)P2ZhX{z)Mkur@ox@4e^L6;jF{y;6EEPk{EEmKlineCCry1tUy9o!xqbU~uG;H|u9Q}%8$WIHleV&b zXooH+T$^RfZNSbdsJWvhidohKia~z;Ds2_1yi!%$x^Ui6V7l8AQDD1%Tu9-_SY%aE zA1|O|9?MBhqZo;q$}a90*`Sz6R$?)A zf_=LLV%x<)-11^U8GL5f@jN&E?lG+V8T~9#%(vv{XVqYQXoeXE9|0 zZC0N!ErF`7J6>$5X9)F&^iPG8&9g}-i{UZ;U77XX*=ww(Ss<)Yg+)b_+&gKK4sLT) z)VHh=y-(~skfKXUwLT`v&&RYe%TPS)?G^g)l-=^T{F?sKMLG-8avf$d`LbqboUfRE zEvd6h!%Te8YF?~$C2zjX-717f=2(QaIDM+JH9F?_?MN}WY4}ZVbXJ+ft;+6%s;=9f zt-CJ>YW5itSMZ~rg`$L5+7y}TQaFQEi(O+)I)#?}bjXQurHB2uvXP^4I=obd405|B zpf_Pnv$L#YKo)a1reMXi+vflnas-(Ny5ThZ93yRVoToh`` zY-A9UC$FA0DLBL_5W068FXi(VTFCFhS~f$C?zrBVnR-gik;`~#pL&6zZSod-c^QzC zztCbKvR5aLtt((kVjlK#)Qzc`tMy6mI=4=X!jHAl#~2qQ{B85RK6>rLwi`9~_J`#U z^N>mN{m<-sl)9M}<9Zh4LH1F72mXno16}F_Z_IN4Y=o7$(EEhdK#s$cI2>hmEhQ08 z{Y1@8JzGqQU!O@p?Ze~mIDyK5)53SA&-(Pm+*j86&i^LgWMJk3hp6Y`;-PDsPr=rH2aDfOY)jJBi-H22_d17-J75jn z<-E-a?oB66UXAz`FR5HO14j_A(#2Kcb*<@JHxC-BmJo&!Dmu)~{RMI>&PzYR_FX3$ zc-RtKQrqs1A^2yHDunamN5N*0qQP%p!2x1*?Xvob>?1|dwXzt7H_cG{JdDgzh}-y0!SFw@K63aitLbrrBW z1IrVqxaJi*c_M~g2g~vmFjHmwB+%JHd@d6rY+3tmraw1!1iRCHVzBL$o&kiavK=8vr;e% zazva~z8ErbZeVSHDe2nsl;>x+iI!0q9ENCm%0+i|av4u>=*{IFPCM0h$Pn{c3wqiY zn*H5Ea+$f?2)t;rB>xynRX)h^;pKrm_fG9%vy91GFg^p<^>LS43QdzV2&x>jlrhtL0(jbZj<#E$(||Q^aD{;l zu?*BUpx!mmv`mO7o(Jr{)vWo!hqNXc(r0DlFo2%XYI$1IPP;Eb^NgJdYcyMy9&U3$Ww}*CpLA=Z4kru2bD#)?m`9 z5j)lXa%`HD{AI-|N)_TH(}2^yfm1IdqWm9qDcB}q7N2rX@rVXBA#F7~xk>&JVym!f zv~}5epWpUnE7LdD?U0@ZDy6D#rZ6cI&P)AU#}}@qcda-&%e${u!#eL&k!!uMX{*Gq za*n1hw&fSsFb}lM4B*S0!3$-oGeWNNC$0o>SFsH{!b43h*r8i1zMd^MP1uT!hV&5x z-RJ0Jv>JLO4f4roE+h`Kg1DWs=UQ=b-}~Byov9wThV6ep z&D7&dk4k_TfEce#T(HQdv$-f`cJ^u#Gv9TgI7k||I6qUoF`Z_cS*7x>EBz*0KR^F# z+E?8N?8v;b=o7XQ5WiK(fq=6Tu4kZK^E2;9=AYc7H|f!+BD#7Ot^- z=J9~Mj+T&Y&8zEZOM)QhiRjm)m35oNhUa&=!W!8Rmq#Dv;snzx!PEI?!26g7CKZSj z_mwhGlW@u6IV0uZ%ltJ9T{0a9B{9o`>Ju{PJG8gm`_>&yV<#zH1J7Ue>o;K(ewh#X zVvqY7Fu!{Stgfh$vW~c8K9QO+LJI(;yQO~ErDd4wXAge$0M|^J`9Dgpjt%ZXZWX8Bg6Z3!O(Onqz`#%v39Y_8Gr(#o^7sC(_*OdQc0~0m8`a zp&KmK9Cv$C=C~>99BvW6#g&_L6mn!p96u_^l4Gbq9Hq|K`l zVKO9D8@tuu#6|6T)jL{Z=o%!VfZ{bljz(I!zDxoA5k$ab{(NyK%O}QCRJ=E$r_J;Q ztiLCyvG`#U!$fGCfMs|ae!POmgErB11PBPbjuO|A5q5 z-+BB|FeRqvWrKcPL`Bi+>e`fI!nXg@is}AC+8Q>3d=Omcp+9!KZauanKqJTnsKRqO|iUyR% z;j3)lvirCJYq}=0`}9ZW5hBK+hlVrcCdruvb7FxJ8OIA&E|uQ=?d!zs`lcocy4cvE zjE1 zG@_w4YvWGnddz9GMZOw|LQ_Hf$!XsP{q0jBp{0YCU*jxUHJAOF0SOhq)4t8}W)+Sp zZfD;|rAYMhWP~p2S5{&h144ZZO3h!chm7+%8GofaDI$q>rtxv26gufX3GUUMdQf-I z=TpLO$9uySaq!9hzPbg=#pH8+iB975{D~oT7eRx^$IVCdoxI6%PGi>`jb8vkl_?n< z2$0!uFYA0=yDLXHyrCVm(u(_(K0L@$-Wdo6I`!Hj#9uKNsJ_X;h2#AqT91jxdmb4 z>`~V)SH%wBy3N;%gklR*T|^G`LY=EoVwNeQEAZe+#B7lF5#DEQG_m_M2|L|aJ$?1S z^<^C1tYOH;#beXrD3`O~Z!9qI;;}NDSa?qgNOtsEf)nrb?m;S*w`jQJ$DX{Lxx?4c zyn#Jb{$b-{sKMMOTe0*& z9ee#_!!oJcA)LkBC$5%;`6soC>n*u0Zllka9O&NMsuegQ*$(*kbPiayXhEVardxyt z<@W_|^gOlpK!g?e$HWdzyc|z+sCbijb6A!l$MY;`uEsc-TtK~GiVgNbKP}4SZXNza zNtGrHW8k+so;f$=xcxSkQf0q>@}MPpzYGBz81mT=uH8ISTo02>twUOf3AB~#=w5QQ zA(yfKW?C^*gOBJrOIJ9>i?}CIgPbjw9MrGvsHLMZQKp3=~J*;y?h<^#%$;zE?8;K zJY4s6IPHr`*qNy?{aPa!_<;K4^q~@)uk1=juwdK~fwrqVwvF}#7=vll_$NVDa`$R*FV?WmGRMOi3DqZl4l>Jq9|Bo>8jSo#g{B%X4dtr}yL89}^oPp_j z@K7&T?#5fo=cwLhvw?^Gd)+9-9=h`YZ=;7EbDLCp6{%mB)bD-DtWwX8r}oAvPSrm4 zRADLM&YS9{yJI=*)vuaxs3{Rpy3^mZA6`=DwjI@4lZxCmWsC9a;m>IyPTn{idOr}? z&prXpAcc6LL(=LlxHx-5BP-CGip?Z&|Ne`ER;UNjVg!6No`~zN4U}iXaagg8_b++J z&7pB8vEinVc7)b0n>QQoT*WWEZQ=jfN)OzrJ+;hmTs=L|FQlDyTi53{=!2K+O)_Y` z6FG}1lNsu_OxdQDb25z`k#uI4oJ#FUb%3X9b}jk1Y}YQ-09u`h#}`6kJlHba$#ss)Ria&g7ZLU8=e6-g*S9lYQ?HN=W2e3t(k@nf z-hN>RSDi$Y(J<2|lr^HI774JldOYdn~x2Bf|g>)*&ET;~HY$4B$Y3Pcyu4yuq{0e01v>U4I48Q*ztF zNQvWjKue3#;AG`b(WYHUtC@=>ugQHt@UV7rC zrb=}RFSLsD?gez3V7hq7=bvWfn)Ewx4*JZP)uskf36_x)w4B$rzl`;9Xl2^gTJ~sZ zy#JV2vK^+$q=dQl6E%GF){JY;Wo>>{Q_-=jCnoea8SZ`@fra-;T|=IXh4=rl_uf%W zZd>2zmLe)5A_^)}EHtSi9YPTsU3zZmLX?+m}=mB=fw3d~j$tY=M8r19(HXYKZA#z!A&NGUr<-dMJl-t@D=!#x4=2SYLLjdt6=DKP;(C}vmxwedH1e@{*=E< zg%=04mmVHH(&9wbju_u8=j44f86_0h* zgojVCwOCpSwe7bUJzB2$ZgY8k%PMd-^;K!}@)k4(gAXTnb`t(Bp@3APBT)VV%#F!h z=1f6c-cn&i6o zEeq0;B;$f)rz~mhV8u$@J4kLYw>xXYq6ooGS<8l4S=;oTW$#3NepD~g3?TOU7+DFk zF8LLh2xTuJf;s4n+990z=TaQzKsHB)tTrgI+4K9tX7%DEH(cc7xm0xbMQfT9eFvT8 z4Rgd5bmh$Qw%QHv5JZKMRd!*AP+u%-otjF0Ng}G~)3ZKU5wzs;fsRnM1q#k;UaYLy z6DB&HyvjvKgKBRE!lr(u7JzH4IWRUbyqDHnU@?_%IgH2K%^gPe(7m`;7orQLyG4pL zP2u=jaa(ix3Fq_cC&QRj@B>FnDVYnF-d-L(qvd9waXqE^H z)ajnBo;C1NNd#~Ln?~oD{FdR35#Or8*uY3+{En~zuvGTZcI&i zd-lUJ!Qg-zqV+`M6Lo+u9@^SwzCI>U{~;WDl`)V4RKL`WtbUw!h#XMR!)yp;9@WRo z)~??yf7&G_3JwfS7G~zoeyrVnAIAhIS(l+u4k68x8yYey>h+|f^Ll$y345dRb5nX# zm5lY_^IcL%Qx;yUXvgc^C+>9-E?#2@bjS>neOI025uI4tw9hT#q%@st`DBqi=~S#! zoa5bG@w&EWIba|ejfhiVJAfU=$llP*ONQ-MG0#;)Ko$OylgG~=baKOg*A_oc5sZB$~zT*F5X86UILntysQq#*h~(rBlWA)WeoHyBNNE zs*mJb&bmpPyOs<^1daYkLA(kMMwP^IhUshOG>t6|NghdCt9H= z!Iqlr&g5404qb6U53IwigDFu3aDH$MZp0t3Y}ae`o2_>7i4WRJO!(oI_S{8daJCfi z;Ddd#p(@mtZZf%i(ro_`PQood(kIv+0LRRWq!Jz-JgALDKIQx1sO0@BDr9=@v(q{` zgMA&B9cZU3rA?iypoi=tw&73IIbq>|$)mBQlp6B0$#ePv;D~Xl_wXK2do43;S%-7z z!ae;jD7=G>P**~VIJ9=Hh`rWQe4C64lM3Ub$1mZVaC-@C>;Cgg0wP;vmIeC9;6gSv zm^-*=r}cAYHjomFj%`G$-an~F<* zqgKHic`jq$rhDLuB{Nvd!Q5hs(+(&c5E`iK7sq`Z;%Pm#w}Q0-XI;Uct6*U=t$L3t zl>^Js$za0tRiqh;Ar>;W7-c(smryH})i^L&#X@`HwxhMe2e1xdCX|k`mzq5*PPX2; zE5;$vFB?X80gkLWlfuX@qfEA3jeY|mn=tf&S}fvSjiHN^2PP9uI4j;u(JxmwooZ)b zH~KJX;*-!P1VV@cqD+cn1r_lPh+q}^VP*e`q$>kkoS57xdrmygw!EheL9+tCHbkOZ zpSNi#8sQOG7Hl>6J!K)(A1a&>o5$N@GN~S@gmH_yWvBofq5n9N&bg3*Adb&tv&s`` zW%H#~kjD6^hKngAgDWQW0h!}l4+-=nL~alq5P-r%#1Bs#%k3AY76&Cm3hS38mweVk z_a%w$2P8qQe%acJ@xkNdjt?{et~uD@6ECR%3P<@$8El0i<69@LW4{XXL^_|3><%7qKcaJ&%8OE6YypfV@Jesf43uq?;nkY& z)AsnB-+;YxMJ1nt{yvNjzIXkX1u&YoTm1OJAwkZC( z%HGwJ+KX}n0rJ{%-;6)j=gNKo!~qV(YfsG}Lvy($d34xL2dE{P*+%6}a^x(h57pSj z3%}Kt_k=VW58%cWiQ>l=rg&}%SEM%+VF)c^QQ{}gk{LI%;@w-5q5DCu2@lFOUM76) z^fKz~t#oqNa|+q5!cvUD6xI*oTu!-z{9Zs_oTt?Zic4 zKARaFSLu^@{H$)y5TsLgUSY?raA#7>Z0;CRZ*T^EHX3+YgiFp$CeDBAacJZ2itXUV ziv$GYT`n93xdIq{0$rW-Oo<&zA@K5|x6{#>l0xz$t&7Bq6JU_Z>SYlRZvt($*o|-S{#S+vV%0lN#Iv z-kX&>*bkqPw~-Ys-zELGAAM$%FvpbVakvO{ozWg9`&|VkBzEa>@tr zy~vr}f*T>~acz0Tstegc+}h63lbXL>&l37f_>GL}`pN1F;G zo=e_OmG*r}s`J`6Io{`b63o_%hS9;n1s8&KG35Wg`n^L- zMT&&-uH?n^h%Cw!u)ZvkQXIqx;6akLA#mI>0E)-W*}rq^VupVh^GAb08&P5D%Hpr( zdN*5ChVDY?=E@y8dorvjgD0+pbnJN><=;w7G*DC!%! zaQ*cgeS|i6iFYG%#1FfcY}nJx{NB%rNCoDdxz+xdnu2w%juKwZJEdHsi4j+D~$Ku{bkB(M;)q<{J^2LE>4v3@p;VSO3!o@>HC2CwmOkD*?DI4K`N*T^0wvS3cld|e&9>#)4($Mcsf2zt>#WI?FG#sk2h7{y z^&0y84i(o-O_R#K21f7Etmx6qs%~_!sUjNEt6`0=a34+p&n**zHw;}&34jy=8S9Ocg2D~FDYOxl&^R`?h@3(ps*9i4V!|Omh<8z61o>o0NPiVzRwk%oNaYCOyOIx=XbYW*fr9G zLt>0kQvjYC$-Mq4TCzL0fUYh!=l+Y=w6i^r?Cq8u%96nhwC$6XKE`4S_pjac|48 z4p9xm&h$y;Z<@D0_iHeEEh8YE z3y&w-q;%Yx1T_@W&5Jl?UY5poF8e2X;FF6lk5Gp6Hhjy2q$?sV1BikD^pUhY~ zzMT!1x+VNBlU%>hHVs@nN80(h9@dy>x-8rqZhXavlxQ^2s-n0A64dDARrJ;nP;Eh2 zmY!HiOqp5Jt?|w`|Js-!Xzc$$oxLBYN{#4UjZ$PJ+g}YBY zB%uSCqx@`gqZnJHO``qNrR+ZXrM7vz@_r1Bu4~@E5_o-Lwhe=C1!R0@=dzTZ?28xN z?4^hg4&s~U4MFwWqMZDnUKdz4j9Fx5!}b2hrQZgv6>gueTMIY{OfogWI2;9u2zWQo zeElpsP!YE>G<2iixQDz%fNsLaq3CSCj~AHHP=&VafDqt*TgW0IV|eO1tl9H7fi^jf zL`Y;4UXQT~bneo&&L&~Zwo{DgB(f{@;%e`KNq zxCmMg+tZVM!{PqBkXf zks#iXfRw3LO|pz(A(WMn5D&O}X=b(|i~)DlY(S?l{4HK~y+@m(R(7WepSm#W@+1c= z(Gq8GX~}l=((s9+Z53LBRVF}Ti_OECOv2D$oBe?Yzu%9B#}0P;;A*iAhnA;4$~cTEB4$ zjd(nCf;vn1FD&J6)w99%lbqkV>5WNB%vPw!how5+^nO)l8MyFKfSS_fPV8vE*IoNd z@UQqdpq_bVh(U*bMA}ytn8?HO=Wsc=@>{62+lG*aKae@QNW(g68HJVm4u?!20tYNj z8Xu>Mj|{(sp*$iH*LhQ_p0r?saI^$3JoTRnds@GjAWU|En|qDgPnx|=yEOX8%ov7z zcDZ1gQh;zB_&f;lU5Ka&*a|3uB}dXb%|TqtHZ;>4diL+A+pT}p!B@OOxC2HC%jqq= zqIqv=*40t(vh{WQ-k!CEnHuXM-PElP5&i)20HeN8`Kv&3V)#TK&RT3EtI86A3>;It z4Qu*wrP!jjX$1v0Yu$5e*q#+yd{b|3qS8l(GzDbp(w}iXBGuQep}O5aiDg(V2Vp?067MSzIwDeNrJ7wZ>4 z1InH6mt-3nw0*M>k~~^3(H@|$;)=;?NrfYI5&hWZ#sQVPQORN#8yb*L+Hh%+gVxiy zxz+~+ct`zP{rAswhRr)qDb@yCI5ZO#DVEpRwx*}o*Xe=Zv0*y8JgwaXs>7&}9xDq& zGyM+MJ`j-?&K<=d(su9bbIuu-?T`S!fXL`T|JTM3f_yvnnlN+q2@vIpR@?Bt{q;b0 zmEg)GUqaH`byT;nLNs}}*x3r(RAL27%Ib~NZT7p-X}vYcpd~>~V#^=X%gi^Q7@oe` zw}NdrC?B#61oYdw=T>6!Qp$o)eIJPlzVPf(zwAhQc4i1Xahh`#_1J-=v!_rSSgMJP zXpOV%Xn<<=EA;x~NfT`g2ShoUN)y}SGD3MAw|W=QM>I>vF55{i?7lyG)Zxw%vZ?@= znuutnMeVz0^i*whgA>r`k%cf+$z+Yf9-4`r&HOLhwqFYrm zraQs{h>14C_}qL^>G~Y66A(qHn1rE#idA~N;qdX*QL4A1=My)0t z)&eiw^p3E{Pf>Lqt-obASRNZUG4sUm2XSDZVNL8?rnI)BJ2-1DRW-TT_?@|KD9Xn$ z%Yt{=2fem_jTfuh2K@}TsZii73~}^77+J!wztVEwe#D?M7yT*AC)35+EgiBj`go#I zru&`ojo8d4AvxB_I^|G;-z?s(345)+J*YBl799P?cYDloL}OslT7sB8EO)OV$Z0Hg zYn33+Z7R8Zei?tZI3(yzQYvimkq7JO3)W!XH4=91bvpQth7zk9;)s^+Y1jJyTY=mvIhjBtP@Up&s#6z~rQYQ>zabvpg~$;ScjUv7k<;3iv2bl@%n@6&7&mZ}K* zeH#jvwYp~Pu1Y^Vh4PON?k>dC?P%VsgCWIn<&RrPE-Svo-tgRu8L&Z-63*aN4uSv* zqAnz=7&QCN_|-$_Yp07q7tq~Ep9yZEOLUm5ZG2GhJo{l_(bC%OUP3DId88_7FP$Kx z{JI4hFxN2rpfWP)7AJA|Y?0CT;*)(CKN59OUBioec)Jj-j@qT}tEM4upC2{Rc+YfS zL^L`w@*JYbY2iCsn#V`qxxyvTY;NJiY>vSIaV4uDs`wo29wP;AM<)#z7 zRBL-9x{c-4R@MRWBV_DD_lSfvjO2$i9gP=CPjwcmZ$}yKboaT>wlF%Vxs+io0}CW2 z*IKOHr)w-MGvzf69YgtGd-vd;_Or8lC8NXBapR6c1P`4H7z5|>dJS;jFmkWLwnVRvuYh#fiY+7|T% zr?m}M@ds%mb8>JX7|n`(W-8F@Q7NGo5WM0%O)5RG5Z&H&Kx-Dt9L5ve^76laW`Zqo zf$MPBTCBslhbr9~0bWgICbjQL z;8zm~$jiqLL&|oM51Q%X-qQg!YZuJ#gt5@m)5q!-|$jp95;i z5Y!usra$)ctTxl8vd`9;95c}k%*0^C%qwIC{9oiNDP#LpUaj{KtHm5zkG3|Yd9Y7S z@hl%?FLXc6#E7_Eybf_+eVzjJ2u=W0t_w1Iwizg8cxrE@R&LtwQFP}-^&b?MiDbU3 zKrS<^{FSFhUem)!=n#l7ujO=LPM!_Y+|0b)uuo!LjOUjC3N zwhXO^PCkAy#eFJC9Frtqe(iRJG_Ss_#djG+yz|YCn??BW2JM30+cIMxzN=I(8uoVe z-Nr>{I>C($W;yTsp^Eg-vT(P% zy!7}HDP4W!r zo6nEKVM9X0Gc4aDXR5u6&zJ-=&dvtcmTv+*f(!vvGgsG<*Rhm!oAlt=Lgie~W^0~~U%aqyR1_M1s#m#%I1aCII)c1^HBax60u224 zDlMYTH1WAo9g zt!;(65~*$Cn-*5;L`QJ)mxY0d`mu*~QF-YY9=4l1*tM*lBfGfq8j@d`_>QH}6W2A{ z`r)@{n55}6t4)@ff~H2$g@tcZBv55%@ z9P$92X9L;&G1*}p>VV-d?VLfJBCZLeKP%uYER+MqSVugUc;!r#Uu+@H)Ft@6)E|T} zf_4oGo74?Uf=9Aw_$~C=#_Zn8!zr)P)yRnAPjuQmoES9Jgaj)0I{Vn4g56&9fiLGo z!74~r*W1aQLs?kEG;~GB^~q&Sn|w26Pi$R|*ztz1`s6Qy-tsKaupi+N3AuaNRDP^U z>282A9fWrRz*5Y4Dv<>Y`V0Rm-BNOLVM^#5)3s~YxiDF;LrAn3mr@Q@66of7u5O;Q! zV)4DsdF;~YTPu9vyY!p#?}1DWjePF^WKCo{VDfuikR!?66}*a>2=y=x(|C*0UWw(! zk=7)Xhvmdy%R`-6GyDuO@4R2EciG?mB)tiu?cCKsUtYDDn=1A@nHMTqVmVvZmu{G7 zd*N3qKyxPs@NL9X5gJaZHDOH?H$54k8^~;;&G7FJCk_-aD}~U*s3C zUyvx~PM+3lPRuZa0Bz%TE=5f;Fd#dW)Ua@Vgx&J>6SbOqj!#W%O<#U3Ie#TQ>eb5N zjn779nlUux+wR=Wyz*!H=jwT7^`@B?HiF-{OvUrbfnS4BTj3Rq$y5Db#;XMVvG?N% z{KSq~j{RTe9K%G^wka86za= ziIWEfIZ;Bvj`0uR*nJQFqL~Lb=Y&G&tX?I3F>?_Qh&{&c)iSbW<7tt%&z>|@?WrhE z3yd22lPUh^pOAeXpic|a&(|4xC<0@yQUN2EksS65 zAI=M9s6P73LQz+Ng$DN120r^)Rs$6vzxaf}HbMc8mwEZ6@Ta~098db!9r26?YTWQL ztSiU=_j7)Iw$iB+r&F+8lIgep_3i)r3%Wpuw+?Gw#rwaO_v>T-ppxMOHWxbXa^m-E z{QFzDh(JUdo8|RB>u-g6|NDu5y>vDQ*xadywfsL5^LK9v`7eS0x)c8;@c%H&|5pwU zp~ST(9z;=+PbJ$PLLLpD-SK@8B96Vu{4@V?Ndq_K{S$}Mzg?8sK)`(pg1(kf0??_S z15C_QWei{-{p})jDFc6T>Ek24zkO>z84$S?b%%7|eIc8`&m+taf5rqkeJLach#B)9 zbr^90hE)CSd4HFR|NceDHz2@7H;^UtGknG0-udraNOOp3@p8xI;=jNCfBT8c?{Let z4!ys9(7zvf_>(eVUoc)#NdMEk`28yX^_pW@0Hsz}CdB@MC_7DitS|KCK;bX>uHRAQ z8LyHxhkRheo8O4qUnI}z+rX)C{it>PFKPcv+W&Ixe+9yS1;QcP9<8UisJ6yg8PCm> zOQV#O-wD}YKU-zx(|?z97D>5vYaeSzA;_?#m>IW%F-HJUn4GgBhT^2?=Mulb_x-Fm z{?aY8{vp(KjNRWmI`j3re-z1!4^+4Bug2P*VPfLBbAmOls;WvJ8Ylh7KM>d}tS_UZ zlRNH3skyi`&-c>SLa7y;`>NZ6uoW%3M>>t`u+nY&qV?(h1!8QiNn#7|KZuQ zmw`3Nd)JH`{1bXH1Cap*b>#E^_*kx(@Iz;Du=}CWKhVcD+Q8;Wf+qiQ`Xs=59A~;- zweM5@_~Q=>rKw7^>R&kOE9m1Hnsc0;YnZt1kiQW^t$`{ z*NX)&0{|BH?-cOWsn38=WdIe}fXyJL_P6vC zAt04q+pYTrB-%8^8PSEEM43eds9}s(--4mkzzn zKOznO!PeH>fTJKQhF?1JpKcMrm!|-J_j>yI`ajs(t`%?;lx&r#|Lk-tanS)ZlTorg z_YbzVF9I9|W#IC?-?8H_pT$rEG`o~jec~T%jm!!h1qB;(^*6`=D;c|f%f8YH?bwLq z?xgam{H-}5#(KVu-${k_Lm3zSt@zK`cHg?roWBw9>@2^zu^W81F!a>^$Us{hc-o2& zz=$aVZt;H3uEw7Wk~aQUYTr9opX!w#P~YQ;LBlwj+e7%NIiXq&gmG?AQ+;w6!;(GR z{Mw^t@imEEQnt_f_|w3v)&32yej~_Y=mCnupLX&5wKZVr>jb0j8STh~A`XOA6sWKP zx|W}RZP91!4;f;{NWLw}d4I(JPl0gS)Ov_F!hTqw){ZdUBDS)4FMnQV^pvU1sCHWq zv&ud7TeqIc55kf&CL4#8duKmCM+a{A|LCdd-!QliKj5w;7QM*) zGfKnvl8U9!xH@Up%^yhdu76%3+HbCQhBgRmtE*Qy!E=OzuZ+?oo~^KWB1$0+C3eNo3Zg1C1P5DB)2Ps zBTmxDGQ%clDpL;ZEY(qKzssoDO+Gk2{O`9Jg56hLeA6H)1(5wmjyZaC9p=wzgl|z*JIBdpRN==FR556srB|)hpfB zAQ=aAX~koHR;e~6K~byPZ7cXn+#@kalKVkV;`RH?ID^?e=Ze*_4*LI1w?9If50$7~ zpwpl3uQU~H7>E)F0M4q0$!|Xm6Y-jjA83ukW(Vs3pg-p+9v2t?>GM=%L}WbjVx#`x z>f9F@LN6!u;HtL5q_$e3;CDgdBCC~*O;coNdPc?-_ZE=0;B8J&P*s9}*`&#Qe`{#| z!%yoqKFhvv{8Dc|&;+1cuy4CJm-qR-0?9{)^OLR)ZNl%0U4 za0>3+o=&G!%PUk>dbjT4PloKaT?|qbUv+f!+@|E4jCf@(FMfztNG5piyx~2H<^`Z} zy&G&ph`KEeNg_suvgXjl1R=A#7?I=)7Y8xp6_MutCiJ`RGmlb9WU5`yMeuMNhP^*v z&KnLO`N@Xt#@S2|q1; zi&k|QcMP<3#}-9-rT5C5u4UzwoS?r$vV`(T9eMVfWDL5{{#m4LVk*%t(GQ$?aU zu3Wv_w(@-X01qF9-bd!$i?7v=k4Tf0;S+`We)QXQzy(}T*kq!tOS*hg2@O*-VCW@n zF3oGe+JmOUv!xjYN97u#pcCPokh`zX^5-7$cXya%+p`{db|;$-7Y89f)6QJ>uok)8 z&}uP5XsIoNrZ@ji?sl;O0=)T2k>Meag7gQqgk-4 z=5#fB^ulw?GLF!Y2~=S@ZB zCa_y_h%M5L(A}9W6st425q^%o4|g!j8g9RUhfKbiSVylXuJ^?sWX|29ok!*dp*FN- zd*O;=l>{xU)NeG=Qz9UXr_=TRoZ{NfBwS^`EV<}UqV^;SW#%vLIyemat;QD3VYVo$ zFHW>R@t}5)lqE|q=349&E?Ogy3~O}sit#n}Y7vp)Wgc|EkincX6>}b`8E9Qy{YB^)RFW-Z*9uzc)AWL|KKPrwDUOfzUM*XVCc`D==*Wxpu z3d~dEbj$9eY+U$djnHk1%5E!@or|xDWjD3DtKyO6RX&yEueL;o6po$wOd?CyY;mof zH3d?o+ZJK7X!`_7<0@D2zHyVVT{eX4C9K z2?&e|GE;=lAcgx+pG&3oGHZyBat!uaRzFnVxbn8?sYkLISyURKBSJKqe0-e#oG|+LSvmO1Mrp zn>4si@yPkE9D|qhXr?{S;FP|pZ><2HzLF|!U)U_Ve!N(}I_R4dc}yidGO>KhSK4-| ziMiZhc0)wNv&m{;@Pm9``+kH-tA|v#J1~HUi^{$y0Z3D{E8 zXOnVGvIHv#CR9BZvo#w+CAc7hZ@xn{Fy$M-AEq&(9cCRHaHZN#m zI4gYKtidH#!WnsA6=(4_Xm@?`PQVLuX)z2BaOLE{xTHhD!+DlZB-6b~tHhvO5cn*1 zv~6Gb-srnRO65{rZpKDGotU4smBS=h!0>e>!r1~&{CcCGkymt}KGaU-7}seDDqql4 zlTYc&bc>nOXh~w}SnUdj-L;BhfK{fFL!uRV1&j`^xYlj?g;RIv&;a}~MSylwQ-^f{ zt;0M*X_?qdpZ6IRpWJd^4sMyQ_Q`OZU}!GaDkW7+qYJtxiWaG@RQH~`G>;U>3H7n7 z1#>;Hrpf&d0NIGjoc>9ra;X7UH%OL=Wq+TDf$BDSJMtTrr7$N2>Pw7rd5i;e4A<;B z>d6TCuR!+!u9-3ZI5C zqEQ#16JG{|G`AMs1)Y|A`I99(s{+g$h}N3aVhAjA{$69>tM>NR3;B{nr_){RfZ9Mk zu@jJCzOSW~lquKXY;0*%~d0RLO8lNUDfqWZ<0zd>2SLE#s(dWX0l zy19PUp}rj-HV=-!($zBi*7@<{CGqUzfWM=Z^Yq2MEx*icn4#A6Aw<&2#Qa;m-m5j341;zbJq0V%O5JoF}$@wv#|2( zUTaP?IZRl*^gKde<=O~9Nkqso9=#I)h8Ny7O~GA#s$_Y>52E>{*S5gzCtk|o0=(%! zZ(j1jq%9lixsX**VKF?>KzHcS5-VOPu$(xS}xGZyUSGCi54BxH+qHvw9IK*;G|e?t3>@g=l$i;!;|W# z3W47n)MsV_-uAMpW=NE_`9xpa&JTLW;e6GUz|J3sR3@KUT{6WQfOgfhTYz-XGoJSP zikwWHD7wE(k0|j!pC|q6^N#g((AYi!Hq7<>snPc+qpj!C`i~CdLrkpSOj(~iy#BL| zapgMTa_CHNMlz=qnXO)@07)Zko0s8fVoG~6SC+xyCf3#3OFcSE1J-+D0}j18=5MB* zn4dl6m^Q#k0LelDai*-Nc^kN^S3mUJ?KsT;Fu(b9Xj7f0vV0+DIm-OwLFx;DgKwKZ zb+-8Us`zKe_~kpm55Mg{BBf=W<@UaGAIRQhQTk1kQMObY&-@H!fD(W%fg_b4*ejR1 z1@0{!nu8ioo!OyuKl$QHWEL(_;=(>tN+6A<1QTF8MjsPkW6%S*N<)<8ko|5Q^E-$4 zGthpiV$T8?2B)7KsqkUqE&MsEz?BO~6{a~&jC6>96K&;s_F;@b&Vlwx^zlCWA0~4^ zER?H~ruhW8xrDd!QZXxVIHJIF_St`S>~{ZR@O##HCh^hRw}C}mDRU9m0M1|Zz476A z`D2&A88prqfG(d(G&wx|kF<@*I~ge_esZ`&UIO|1dkIpI8K4o9rMU+RtZkQ&aqc6C zM^xmcL!#|1z~4BtdL6Y^lGW^)ZwZ`#J53{U4g9k@o^}6|X*mDOH2;4v&5IVGW}Rq9 zAs_UAWDzpG4+woR;dVq7ZIX}~4`qJ?m~b-lIkLbF-DKl_we%d2^tErmX~nO9l~%0$Q(nB@(ZKLtz~aT*vvVbpI#;*69dO*&V0gE0{7iYcImXIE+m`s>kss@ARk zMrm&>zR@S4*7L_WifYq4u8`1?CnzkE(UdEIaHz)IdnS zyX$$3`@PL1au6Kao;OUuD|qT58h$wj{FqQ@p9~P6~sNQ86kg1!7TB*nQwl#TMMVvy9aM1wayk>-niTEdRl;0;!V8R zr(wc-M!%~%NrKvmMNOZ2i|f5A-|D?YpOkU_`s|uNDgG>f8N-N{amKP?8 z>vO&8$-)--YKhlPgw7y0KYqNODhIBpje1cLd!1(fdoRZl>b4nxt2{3bC)}~B$`~C& zma_{SOnp>8j;R+f{Zs>j43(TUSp%137>F45Bb5}+yl9uNyB^~IIJ?hFY9FR!YUv-D zUs%`!n418k^q|zn6*91p;1fW!NJ;oFDIXo{p~*mCoGDP%n?rf^Cmih@m3w@LY9sW1 z%2TELM?@-pE`y(^{*C>gx1-K=iv?)CzQ(&t)u&rvJ3F3sqsGd;(|t0FCw*(Wd4Up! z)-~387t4`rTDr)Xl;5+OwdQF)y1D2dl2jI%C<1k9J3DsQQI8;akxy?@7c~jl}%h7z|$sT$}q5ru9I9$%y|}o0Qw+ z^?E16h(RQydo7#^06aI*1@L3+iFmYD;}3jny)X{cEj~tN*t7;`L zIb>`rnrw{>tgki03LX!A(~begc_C*&RL3qw{bhTk(2jjwq1;)SY`NF(8eDvmeg9pZ z3vx5(-0?ofD>hVAmuZ`ukuOk8kN%wwJnI*tn$6o=x)IN9I2Ga3S{IXHrKnZH`S=Kq zWB;zJYwITQEWCN`J+Z6YYNb4^XV~jQ!X5_|$v1jsfCSJC7{| z*2<-YvX+Oqtr{^7s3lYyKIZby0nUT#Sl{SnDXI-Qe4|Q~>=Ivf(q~D-t!K3Kvw(vE zPM~KM76b)s9=n+4K3S)l%{RH?9pa{}0St;NxEpzqj;t{PHKFf(GV{4R8%kcJnQsXs zZV!|hmZyFERA63 z4cJ<`VA^L!Phywzl{Tw}R6&jlc6WEz*mNAFuz1^{4p>1rye;bJz7fT+sggRH?z^lE^ZX8JFIs9vI!FXNi3z zYwSj}BH1J044+X&#>{!n>}s~ zhO?!xzK)J{B&<98Lgab5zh_nA^0h*1 zdpT6qpy%WLgOVG%ce7=C&6Ae=t_<|Af?B-iyQ@7NZ84Zq9~nIh7^ksdAFSF`(htKJ@-1E8H3@Rtn*JY*ABGP|*FUyfPk` z3f3cpMs#HoL42Wf3WDV#h--YxmOvX$+qS5IuXp0;;w@a1I#}p`_2TKHA&@< zkWj#`KQs(YD*y-4aqke>TQOCaahmjK>=uHEumeG?Tq7sVFkQ1{D`~jQtBC0bQJK7T<;4IZ}xO66?9@+aA=b{Y3q_B zH0RBn*vDqiw^kt+#;l+%`X&0^sdn#I`%-UaDot4MtP-gi<-a|zV2NoX?=5R}xk&L) zN4%IvMv~S#IXR_e7M9!F_W>=Rv^Y}aun<80$gG{f=GLezDBW;6;Oje`eqX_|MNC^8 zvoC^;OePWRm%bMFo3TwDyr<*rTR-~NjKE)%am6s4y_R;yty*+?yYm(fxEa#l!QYzu zGv(w?;l)X=Jcex-Ccmh{Qpztlxb1Q_GV*2z)r{mqF|821lU9m*XK>$*PU(@Fz(d*S zTmiqEBy6!HZ~WbD{8r&MZc45br`3xm9FjtoGM;ihT0=AGBel)C&)$1K++r&o`^pc> zrkv_}$C9|JR{sw8(RUKJLuZesW>D`WDp^4-=}xciHG}M^UUMzbWy3v-MN)hH1IX|P zyNQPu!*VJFsh zam@k6I`t^>;*Is&h!48r2M=64yL1PsHbmM?d89DGMVqY!;oePaN8vehbDlv5Gj_u} zL(1%@ctzVvt)RObgf{yRDY3e5gW#bJ**T1O)OdMO0-xnAo+!vP=Nn3`Z)RUG5oFSA zS6oKkGIAWx3CZx^qhzcN_b!Fr3;9$5&4yIpo(?8Jc6XDlfM73MzVXl%UD5(DwrD1D zc>e=E6>GA#f|=kzC%O)crx){~qd!^%Xf#n5uq;nkg^o~jX#hFftG{f_DKu1&^D zuAoe4OMqZc^EKBxs1_ibiT>v!U$VkKFnkRf?s;9$E?XGR+k&HjGI6h-F22HNjT*|X}mi?C4IhAd}r_zWM=EMh^z*cQpc)E?6M39k?q1+q8Ia+T}(={>8 zRa_>m$fnRp8@KWwB&Q@%!`d(d=b&Z7!9Yq82b%y4_A>cO>(naVO~!^;RH`@I0vPs@ z)4iAq^!$|HMxwy$x{)kTvy7PFK62vb3yI;{CreNyhRqvfc8_vFBr}aAj=s*}h=2+0 zye}S~oyBKX4-295F-FbQzc<%X2SNkZ#tNpC3dTsbTs4hFF`&ay{2H71TL1 z3!XA!*^;`zq4#aSkCEHBm&j`Ar`)ilIb!|E&C~1;cMx?Ww;aj({h`QYA6Ur(tOa=i zJ!eNd5FO33O*^{Hy6q}ciWz92Uo)-%L!v_Gi7P=GZ1=+P%oi&v1{vK2SZJn-Jv$Lq zjvzDExQL6NRddOU=*>FGI|I2iN9VPq*7j(!A~6pwkmEaih%M?4p>qPCy6zu*i>6Ii~Xit+Ig6fl9BdV3#SS0pE&UAz}e?1Xv7V)ZeP|PG+fn2pBE{( zxyAQw10>Sk zc4Q~Fg13{j*xfv&7AYX;`zvs4NO(cV*4QCB_M!%+*}fDtSe(8x$ZW+yyoKEyq zyMi0a)K1<)(Fp;&`I~PrEci3-XqRW@eC%Go2+8;Am9g5`i9m(nU;W>sRmI+fBcDNb zm$^z-qg7iAdM(l%t7}BODoeWn#>u;>?&zggwNiygCRxeueY)zU@0BeKUC%k!z0Jf| z%6*n~j%I$(ZI`?bwiR1ij24(JWJ>d^df|JHcK2z>t^7(a_*wNdq1%rvZi&FkWqLTKqirhVR5uHq(CA$~74*oRGqo>+Al%K1`7ltl{)KcT-+ ziLslMvtARJtT*=eyhhY!2leRY3@@Zz*qf@}DST@ILgaesM|?Fa0eSeKzv26cJfrTl zVz8H-$3gc2=cK~MS)Y?Dvd+C?c-_K&Ssl$9Q7LEXpQ`Dy%?7ap)7E}C4rM?xC*LQ| zz0oigzR<_^d1oUnXJ{qyxzl(jLE2DA^gPYg!`<(D+m28IwEUhu()Mck$hPkOQG#Ffr{q)Y{~z znM8UM+-BuD@78)ctST)k<9yA|%CfPvJiHI1Oub$hq}bp{9?3^gDz7xZ_4+U%Ma6UkgBTPTgEEkwWyZ#UC<($>4RnCIE5T zux(GETzq9*OO64uGF;&ZxXy;623$kost9Xe+}Ux7_py^jEG>4nF%Z@IZocKSDVqK=~96%y{8DgrXP*RbZPyjiRt8RdRABVCG=EX1C8duM>fl2U-|%D#a!c?ycvywu$&vxqBVGpF2RF z%#FX6ege&NfOkX;AjZ0h@i+as^0~hI9!J0PJMx{QbaXmTs3ZB>L}eW}07jyA5W=16 z+G(lc#qXh{Vj#(LmP~?)KzJJgnjB>y4HSy44*aJ}gQ+Tc& zxT&ppSp6_!l){P18G3Mx7l#fjV@62U4k#$15ZP^_sIf!Dk7-5Y?gQL}-Fe~3Qmdkd z>w1CePhIUTf37(+VX!jnK4u3f>VGCO&8nBGJ?Nt7+`(km?dmIn3Z*?Yycn==qk8GD zv+=^TK2R7==&20f9V6m{GMlWV)@DLhk{0_6>umHHdgt($wPxh<^^}x-JS_UY=J+SM z8qWA0`s{357!42st|XFa!DDN>#Zio+jv7EP@mvUeP0&=nTu zEU(;HJ~-J?;)%_sqc!G9*;z62Q<@AnNGYmTZ@s;<-a?T=@YD8}WYPFxy8lyb^YxPt zLk1^5qOfynNh^jFAbpqgJD!{O04mTq{RJtDYK+NG!*5EUiUG%Vf{A$*M`W=u$;^y) zLH#oO%$;*9WT%aoOO)URbaVr&LsYA}*AKA*Oca-mzNs0MfOwdIuD{=r*(zNF;+-4z zwOoOz52H+sD&L=4dCo;PM0zRjhs0U`vviT6HVYzB!=`;(oZ3k7wTPran=ChYr%bD2 zcJu>A#MoaN4t*1LUK4yHt6du>p@jv3n2KHyg+Q!3&afu}l=}9y%y1mH5#5bmmagNEKgK@}|k;t?YNKyd>nYAX*z&`Efs2kEt6I zK-Xvz&yS^P!SKyQKg5R5x1C^k!nY05cn;M}pc`ym{yq!@AVf=F{n2$K2a{j~@Hk!A z2TcN3ch1PcuFphB?1b>6nuu)_Qc)$AgNzBn_Nk?n<+uv1*>pu?OYi+r?QUI*lqI97 z=Mch!e4TI8m5yfF*Q?7@VIQUr(CNW+_ich|0ZDiEh6@N0fNgL@+UYId*Rc;J=W4;( zw^qYQyr0cxgmOnIaaXk@SeTWAlzd=!9`ZIwOI3L$B$ZE9>>6`n^2a>+q^U2azDz!! zF|;Tr5$azrK7r~S9$2LLRP2h0udo2gWP1^9-^gWOcl?V}x1`0>1~mw?S+S8^?2{h3 z%xK+vx3Vo{shHkvTfzAE>dzDEs@ElGv%a>JPwioku!!6wWn*tel7P0wsE^u=|by9`?*-D@6e zW{{Hu$f7qIZv|vjOTIHR#JS;m#ZhCuIDeQUQ-}6>ql94 zZO^_37kr63)XMBwJlv!H8cV1W5j~lBT7h!Z$#}dv9Kv@pFdc6glvRUCBZDxcFO;5q z%)k}o8%*9=o1JWTh$FevqdLrrr#e7DI(7aem#d3@xTq#p>h-s1^>28)+J;GNvZ>T_ z_>6G|Lql^8?K9=E2*PQfjUUC;02c#x`$SSg9wh3^Fw9!NSoYARzp(;MK5fL-j>re9 zfkHmx!ZQkSATW|Va;0l`!rW_l=xj$wrT;eJ$_d@OE(z(~Q!QxE z1bKY@A>s~gckOq-)Y_r}TyiLPtXV`3N1?LU;Eb~Ory!5OXHuj(wO-}BwXJpiAK4>` zyYs<30k%NhHPj{-AiFewPvi0Ew{oQQP!T_@F@V3lP@(@&tx5l}n$ID2xNFL5-x7JC z=lL6Jfb&f8+H=zL0rfL!vY&oZcCwhTc+s9@zq`LzY?*qIxMrxdK@0i1`ym=$b9$O^ z@2C0Dh;|A=@}>+c44_5O5y{QBxwL!sQv$r;-KMUhcWz%Jm9fSQdEn zk+dK3bdR)5dpL1vI1cq&vUFNRpz)S7>)sv;<{mgq8Xg*BB1~IDf?VA>>DTt$y?c0^ zZ+Pet0Fc_0Pc|boG6RK(H(bDNkY(~;?)0fo{E2})BQ!A&DLmLb>8h2>EU7Rh;Y8@w z2GWL3SCat#mbLrZ`wuxRnJODfK*4FXxV0Cx5o|ju7mSom+YL*2Mn=+{GP^vHq9mCX zObgN~QM!a0i$Zn^zN0ym5z-C@5Ok^rK()L2>1yfyr98468TuC;HDI?HcwIhENVH)u zztm0R$qshTe$2s7bJ0u2!HdgG!a(P<_vYe_j_@?5a*=!jx7AG22Y9wQ*ksuXTjmQ^ zp&i(&uFKA1kAJCF_191a(Sd8rob`<~+QxZ+?0+jFfso?$j}>Sj<^u z`1X(*T(MaBaDV}&_W@L_wb{NJtPNWsJvT@vaLdAQeqU?Pb!*Z+>2z?jFh3upp_^WaQ&%Y|CIDDka%l%`^-J_ z_kr77EI=&kAmpj#{Fw^TOH4(!q->r^0gmZ*jnfB-LQiLLkn>4j^uDn9)^LB<`Qg+W zJ*jtB9{=K+2~%speZpRT3Y$n=f?GN6GsZ7yM_1a_B25-j9<A0SWo_kZReU&aKC+)6C67uGvlE3VA3B!*|H?)DgS5x_` z+W&Y^OyVOoP*9PnZnmuvv93(^Szhxmb(ty-GbN!bw{?rG*z)a3uvqX*b2TAEFD-~9 z?99jC>4w|C41*}N)d{?Tuu!HWTZfZ7G35dd@b-|w?6^3pK2p0gk9FTrPt#(r8&>1q!Vl^(gG;xZqryH-;!A6{L{yPp$mTsGnnr< zBCAbDqc_bf(I_pE4c}n3(O#CF%$kvPZyp6u?3AU>oipmrp_d@J8L9zxuXziFoe2WA zp@pvJP5?|ifUt|PJ51uaJ+!*XO-p)iffhO+^_6RBI#FW=o_HpY72vXIxh8H^ugx+h z&o?*-SS=Ui>^>md-HiZ`?TKO@cP{~vQEjN zQ&Mbid5=hiv0u8n~5k@>}$MFRaH+B#e}pD_Kp~ zRPBn5NcAKNDqW)ZobCWHw+u#deT4B&D+*j+jxHbFgAnK`Yv)rjF;yQ))kuR<7=M=K zISRM9H5r^c41PK*k%ey+-3L5NQ6*D_29eO=Vwow^1^2iokLqUirIVo_N&i+0`{g%R zv=8|@I!8pjxgd#b@1}Hh%`V4x^PEbeX zlhhzNW~TxL0B_EcVf%y=*YcflG6rgRyIAdlr~?BqV!M(@_Zqb8)ii=yhK8n6g5CE4Y zyIGrEm@hV6}hsUfTp!OUV20&|I@18wr= zw3a0Fy96iu8wp9ShiBU421DOovd{ixXx%l(GdfG07x>-9zG(1+sMXD;KSN6h{W=<1 z9^~YPw|njdA8SKaoG$WX6iNK;Y0R(Ibo87K!(aHV?!UPBmXq#5hc!KH-T&kga-W^I z{$vf`?`IjOaQemDlncu@*<|jOr~AY8VihnUPVuFWI+RYbTch;S`zdMd-jPLA6?aIX6azASkuvzA$k1tFI2SA~~y*sRS(ZDXt z_xC*TJlGHz_KH4Rc0^@WLnk**@@Qr!ctT5SxAb-o30dsq!Ob52-23r)uQKs=JEK{< zfy(b{2)%O;-%zQA>Pq?bK5_|AvD&1bqjsSo%2V2E=&^3Oby z^h5z%IT@`J0ye3Rak#d-Q2IE$6U7^c$OtNW}5eTR}c2)RIG_iERCr}oxumAHjGWOmmF zg}MgesRr*p7~4*6xPoccH($#;H96l##0O}5o5i%gNbZ|61Ak8}{jdC~JR2K#4)~sI zUv;2k=yl{Mu{W>XC|Dmn%-5Pv9rq>1bg@OOcxO-@eWBk?#I=ywd*R)VDWKjwBz2B@ z*UCQQ>sAN-_Bt_Xlct-4YGSh17IwN99!Kuf7FujKro$dsup2Z2vZXK6gp(1X2v9om z^8r)%uwz88H&7n-O1QS$rD>W>aR0#SP)JLxoc(dW3h}vlr!H?tM8JKZ_0t!krMpla zds=dCo@8+lyOz9tZ3-YQShN~8U)@>}{7RXb{@U3>AGEupkF)JPlOglBY$Urj=cdkY={;^L(}36VKkh`i;V$S;x3;J$tmTawVbt35mWv zE+AqtmEfeiH$_}A&9Dx81~#S}Q<9$*GvYp*&!CObJ}jCo`P64cRA{XDwdMY zXDY5iS0=sE@pilElpLt~%i&MyVw1<^63fzKo+k#2of`dkkwvD z>(SG7SbIC+IZOZC4QSA(bP@*+!aPE9&Tm146es1V?K-S|_Gpr)sdn*nd z=9&V|AIR6NhyhB=dONzv1uZ;Ko;c}VuqzhV#Zf3?&-J=OZJY}rA4bpkU7$Rvft3+i zu0qGThGE>WV6&*nu|;sPS&3PxdY%?nvDS*#Q};s5>pMG4Z*^#aBl2{t-p?;vuwK*k z6b%zUeOH*Dbpjx-XcuRD?6nA{5vg}%@$~CcI<)=(eL5uh_CXfIl=@w~T|oUP zntwa*Z2>2?24}5?=gv6|hs>}Th`Vj^L<76njW%&1Lo2^r^N8&!?%3q1Thn7o!2>x; z{xeF^`p$7&b(?ZLXMY4O4`8@`O3|^`R1K=fv~fFm2QDneP#As7kQ;{IEs+Dk&+jfTjy&M$$~bl>H1|*6|v)W4Uq+nt(cds_X?3d}D{&-||5bR!gYn z>;8AM8S_gFeH={wu|a~TFsF((9t+fz`)Ym!(HLEbc>1ij{O}{dlphygB~eV`;C7C6 zEX*2w5Dypc7o3clg=yoxY7!jfP+I?|_B%wy|A2|~-R>^|Pc3X#nhyU4#B}b)GKau3 zOkQoA&?sh_egrd}HVj#FqnC14+IFO8?xYSSPE94v2ecPqdAQ*4PTVw;TzMlh9Y%-o zwHr#+6}RL#@R}gpT)kF1{k|ZpJ@nQNGI7?RM0;@B$!LvCqNmQR#7)WWeQ(X*y#NZU z+LLi|t`9XMH762LpA^a=OABD`49V8_(9XU!M84Hid*hSykyIY$t~9SRdx^I%6s>rw z(!Ws0gNO%o+aZ2CDUVrMtsLEw_v~VFO4O)t^YH*sVE$fkuX2=y3+E}c$!YSjzvoLG zJm>w6u!b6d@C6(|lNENu;4Gw7o-*x+<7dT)Zp4>yE`P2%yVuUt(UVQ9{n8gx(#tR| zYM_L9`bhRuNLa63YXFv1RpJd)irQkb`Y}D9=|}#4ye}A3`I5E1OGBeeFrmZYvHCxZ*lHLtw07wbRuK&N4{#b=-Hh>?f51@RhcFv1-L0Mm@Qu3Ndza+{&)MRz_(BrS)o52OcFT=@ zlM}hjj&$l#@ou>E?dJgdc+%Ot!A!N|lEl#`T;WW@)of1)^g}EwANg&lJe{(i=w}GV zU#=)VJt6siOwavY4qMNK0>fq9EPW7(lDr;<0Ka8#)hBLm6ERLHK2=YuTN5v}q3r41 zQR>uBTbtRfjOOQz`F$~$HeMFA%kWkO6mK#1qpr9b+DECu(s8R@xI-f8@a7`NRYDJd zI=f`01Acb>5pRFDjWw8H*-hn=^J+WlJ1*sAAC6Q0UZy~)SO`DqVol?TMY7aBVND$v zNQfJ5@E#gj+vy2eS?ZLzR;K+elz+s`ev_Xyo2!T4{;Q4K`+L)`)PMXi(qOV`ueg+T z{CTow7#T-}bKr8rISds+tP!KBs-;v+;s906Bt- z_$1dEnb=D=EcrM*J0-^YcY}8efkK}TMkZx`Y13?&I?%j4-{G(uGixODLYrmSl_Dl(GOm6naOH{Y#Hx2w4xr% z{us0oD2kJ`JbR2A1vpr2)1T-aXysC zO^>yz8){TPeG7()oxr%9+U3Vh754(lKt$`Y@QgQUW##Tf_097A8zgkekAAyTl&OvB zL9*BU#^=g-VMSAT+dgj0eQ!Az?Exy=uN+3;F}3=#>?d7oHT-KRSCiucfOMV*jf&pt z$#2DVL^7HGbfchw;%^uVj!1pH-6NZl1PH8Nx*F5^~`R+$hdAs z3~nOZmiuVp3r87n)7ukERXl|Ug;r+OcSg1P4w%y~S~3HdCj$hnTaMa=F5zRo0aDT- z;)!3h$h)-Jt>|17igL1??nGd`54|StiF6HGgxY$q!Y5bx`QEgDQZbTtNZ#x5uem;K zR<;q>5cQirKCnC~F3oQ@22Mk)868!-uE; z=z3$qz4=!%H+#fg&}>3|hZ%?Om4ZH)&_AU=s3jr(=1FC(I*6Fa7Lw{rNCEjDBWJkd z`XnI=5d|scXWh{*J(Ed`1(WujMTGG3xUWD9l3fG%VMke9yTZ9w`}=r%`_0CzBaa!; zv&GWZp$$ykeW=a+N~)iXVd~S-wf9oV4HBZd7nWr@-IG08-CVUxN!Zx#b}@3uv6DG} z|1v;Lekc2b0e{)kQ#tH~v6ND~1pRNbG^3%6Du7D$HRs08S3{5_j>q3J zU@ma0hbP#2D|JnfXvD}%1@q7iqTScbtp3N{X)K+4BpS(&1X*pcMM5kG`4r|gesB;r zXeLuOip7$te8sCpDbSig_@bggNXn&cW7F<;!0tC$N$a2(yr;vH00a!6`#X z9a16N2H6KI;d;#C{cuWOBu*5gz7PKJeO@@gRSCqoR<`Sm-$wl7Y|tr1nGEU;!Kd%# zo}z4kKgk=yI%5B->P0PM@Kxu|DCVr!2~XAQeSIu8F@;7eCVSA}I{bJ!sk}SH8qiOwCOnnHovJ3?v?)F> z=AJ36*-C8UDVhZWD$r_owjygy!8V-sF?=qcVs&_+FEMa48icmYN z13ob%0XR%_j}depRk5A;qY2Hq^ns0r6&={`$j&P#JE_^zS||4~@>PMBA-0?0VO!X|exQmi_`Z4+ zjV>*zMw!=18N6>@hv=rgY$S^`#^8m`~G1$4oa4=~)#w>c6kkC3ud zwe{oDfeoCkBeX?O`0X|xwQr;e>I~|hU*Puq@1VO-T?Gd4tm7rSmg*Thh%&Y4>DS?8 zt6eF5hI$+>7+hb$d47^q)W&;ZffloxS$bbp>B&!d-2)p1ejjf44V(QQ`I`Jz`sMoiR@&0O6ePe6Y~7rW`)%+U z6gNFi+dP#!3EglVKnw?!TMXk9wXs@l?5q>$X%S%hu+$n$m|F^cPgkt5Swy+*VrJ&{ zBM2nN#Q`dwZk)}Gm!`7r6u@D@-8C0JC3liyI9vDqKZL4;#Y|A8Vv!4{s=?IfFR24l zelEBkS|-x12E&cqYEWgu+8cuhwvyq)8z*`eJlZgGj^WH-(<{Qw#{S2Am26nBcfN}TpQ&9h$Y%%S z&W^VG7=`Mp!bs@2%(JJx%eDb#83#qNf!IjZ=NGLrg@(~4oX7Gb_iU36u2#wfuHK&D zu*$Lhx{U^#1^Qa*g)V=|68J%~GhTyxMu_d2a8-6|d*%qEUOyB%FB&4I&wTxj^#l(I zQ3zZoso!I6)4e|7-~H;uH3QQnW|v~5F6$2QNLTYxp(|Sl>b%vFG%7t<|KowVpYL|c zkni@KWtReW`)=hJr(dcG?g4Uiy*F_K1gTE^yzcOM$>WxnDug>wx8*n^zqoDE><&PP z-{D6sd`yw2x%*^o4ChrfH<5QftaWjcG<>q%UynObEp;5E--N)tPg>)iE>_($0mS~U zW0Ao(q`1>;IOO4&sx1BSr%t0}aox1A>13NUX-vg&SVQDvKnh5jc$zYc##jnyD(BXBC)O){zai#)em(9|t^d_kOobOQ7>m-40aQFGpA71)dF^W(tFw}cgS=wG zQ&1RaAmpn{oTDGyA6!%bbTyIENnpf!r!e|i%5M_Su_q!CBX=t;LZ1WeP4~=7T>KiO(bnHbn`Cn`1adIi@Y8Dc&Sq@B+S5c&j^L$(YHYa1u35h4X9 zsE1V>Lq~ztT^G8wH+o<19M)N%PR#0{{rA5--&tFKn~>4yVH~$9H1oxErOsIH3lxOS zYyPDx=?-ICyi;n8MLDm#b%KYdc8-!?9Pe$swQ_r(yhm6H({`uEV3S@lTgp!CIipqj z`|PQoAC%XngSsp%#3KzqHAoCK5mcnb0ixXCRRuxv#IMxCeQP)ryX|B}{%{j2x+`K< zafh9k$8zyv{o&ks8OUR!4W;Kyf;QB#*1C!P3=MdHzi)f-ut6f(ENri2_es(AB&m7j%gA@^KQ7VSoFC$2>qnehJ*7#|54!(}ghStmB_!_L6ZG8#sVMnOy7w zAQ_L%Nw(EARW?i{@d1_jA98E9kQMvkWv;&FOu#)Non%Q4bJ{fFdhtcFQg8P+Rq#2( zedK1qQCtU~`71!!?e<;g#y_;`4EOPbzz3huIi`SP5aLG-G(64VdGMY6T<9od`j&!~ z%0l^569F$miwh{hh_rB)Sbio)41me%S{&ngKb0CCTxl{&(nv9T;vRCt5qF!o#)0Y_ z4X`CS+Vo=SO90#Z!Tca^BDBA7vh%x@BOXcIQ>s{P#LIwtHFDpUa3H1Qw2NM^cqFIx z2ql70#tMxVo*)FK+9Cunll(!!rT198EGw&=8wQ@s2in{iob0VFxDa}KfGp6mfEb=$ z@yW(9V#sGNm?~-mt687j>3gnL=7hO0&2sPF<2Eaq#&gyOMAh2!TYfMra-zWw!MbLO{?CUYW^eX&&xef9}*c4Uaj+xSJ5Bxos))v}vDb$}rq;78PK*Krc z)NH4|$sk*UM|-^+)?aNZ0bT~8`}CY=I+(hPM{7tZ2`Bzos>Vtd5dt; z24cV_!T`D`U@QVJCBhe;E}=HnJ|>*(jmjegGWHfGr?-u*i>iNLi{+Cn-X*Gfs@etgJb zKK7g9QrGd+VmVK}PJcYv{=4A4XADM!e`@mUq$oEf@NNP&+6Au1xCc&G{ytBabsL9| zm(~q?1c0Z`|E;FSBd@PB6F%O~PD^1M&C`r7W=f3&R2T%DjY{};MTY*A>aWO)`_b?K z1_W_ekkzYV^qWL~F9-cW^SxUDsQfEUMfFpGmIn?{axy??|HhFj{3r$R{5Vc)p!dTu zUqDZ_t&zEGuQo2&fWiGanGP>6T@Gp<%<9F(os5M2qsVmmt~7O5{Ez3T-`f!4FOQp= zravJAED454oj;<<{g3atHHqp2E*8K4e4iH&Lc=Z@$H8}J^#FbL`+u^JFN;=hxPiZX z@D?NQ;mt&AMn=H8;hvTd)h}So@y49tz_0pv_s?j%8{EYSWMzhVAlevJUSI#$N&N8a z1>n}e)Rk1{2#{|H4VR>WRXlU=yFE__)Hqv8yZ9af-Wj+4Tn6Rk2WHG9pjZU>p}WujG>&*q!(MvnT@^y;kRK|- zNA_2PgnO5>@x=b5?N-k)mq*OSrJd-EC`Sn7wXxyde)e|2gVghHI(E+``P$1FzvYm> zfc-mS@h91^V+Q!WbScsR%Q!i3V11j6`m#=R_on8a|BDDYX z)ri&(9|;B4KmH0*3`hJ={^jMgpK)CV%`wye2$~Pt{>NQ099eqh*6IcNqMyUUh@5$J zFC8gD!2Tm6Z^tX_k^mIMkV??{!FI}0BGn(>A^s8%woVcggM$@E{~A;Nf0%CUU3%>( z0_fzWGz;)3jIhq4!gqQF4BVY&T(J*-XlUr&MV(KH4N@h?C|j>j=zg0XK+lc_p=}U=6%H3Al?=p9)h~!0- zP^SU<7^i^8Hs*Bn^z>~LoL_+Hd{OvJT|H{Jdg}QmP~r62QM-#ASv`js_XCN23x8)m z(aQtUGx3*+xPqq(q-G1|=cQYAv1(NiVnp*sBxG3=UAPtChT(nV3F!BW~ifCbDdSrK<2*BH>sB-j>^ zBj;-6vjbw^E!*I#UtTYjo)vfET%XGvLS9H zs#i3ZE?c{_yFlY*uWo!o(FrKZkMTebHzRkT8Th%dhktJ!~gLrqeGo4SjpP)r3m1^D$qGOs6m(JUxfPhE2Hm$?Dzi$MDJe#t2S zD2m_@xb?><#fRD=G8yh(Hu@R#{d9X8haR?B0xZB%(mB~RpR9Q5V7};SHzf(%yH)d6 z#3nqr++EVQbyO*ZT3!G#Cb{-Wk^}g)x}ChVz{wWzuM$*eeCyN>~{XL zr2wPN%aHc^&w9GdrUOA4JoYclgMXx(e-81_f8D)oy)x*`Jx2PMeDc>+_xBYhx%Av= z`NjVK{jL71mnJy>VdoVOprZ@sk&xzp;3@s$vIEUtGT{OKKW=;feyG3@8!nxyNQ(c3 zVDD6G8{1>DB+N56_2SV1emOHOT%oJpcW8pY2_q8~s(rs{bSQ{@te%fYs9B z-K5-q_kaK6YyS=1%Xs*2=w5EW|Ay}6Iq~1Ddzrrfn{_X9@_)1LCT5aiv zxLnJNBj@NFq|A>Wzu=@Ie2^)__U6qd#ykJQrq0csgC&E3@ewmSgZ%9$Kjh;W7|0zV z7yb6JkVwy<|4#I&y`8QYUkDqf$kG9FlzKz8ffmH+JZZ0*sr#+tp6>q^h@ z9zXlvUXYK^-fLAr_24pE1-ceesMnVe-TuZ%R5LX#JHaL_0`g_@&v$rpv&bk6@7Eog zU&e+v*gwlXzIvbGe|h=OGx9=kjJlN`Iq%FZ+LcR|8%MJYCdnW4Ekv2(-)HdmsEkInXHpNSXD%e^VI|*UVUBxMuOwQA1lO2 z3Mw~xV{^I(QlL7uD$6`4Y-JH)J4?gnX}OwvewsO+TmB_8Qlm|MW-EpDuzBmo|6UaAv1>X#pBLw-L8j$lC6!25Q zIu2;XnOTLk3kw-eF&c8j_8z|l1~xR*qkMP{ms5ZTO3hK2O1ZVBdA+q}X6nh9!l0Q@ zPdvQn89yuBRYZneJJ*tDh4tTu#`jxz{?DHI9yumJXO8mjwYgz>z5&D!`BC;Q1^vmd zNaM2`kHlGDNl{S)F@)5i~R<5e8ZP{r2mpCtC2Vbmi;a>s7dhb1z*CF$BL z(SQTI3!HlU81Uom(jK-54yQ-_NTqT0_&HGL{&jtzx;(4(O>l7Esom=&K~-N=371Q* z{h>xiINSNo2Kn)Nk}-~qBbK5ijJ(ENrUpO*XwC9CPgfs4XzQ{@iac=02Vft?*Vt zaW_mG%lE$!nxex(R3mvmak(2wE+`jY{fe%yGjlrqDrly@g(Kn8 z6(FQQy&}d~FzsVO=Ig=DO=Y?>Rq9=VsmM*|^!-nw7f3 z49O`P9^t9|_(a0oe5Hfcj77oFFjZl_tbp}YDl|>`NU=l^%y<{l48(=5BoH`x!xtneRl?m7PVa zt#BmwT3RDw(wW-j;5{^jjsyNfg|BcCA;MA*)0bIFG7L)#aSja>vp$D8ROAHGQw+vD zTQ^TlB3&%}eE1I6r>3Pv4yD(9#qD@IyDRqBF1`4bR~-yX!4U4 zC4HRtY}aS7q;u2>9Pq@p?TPNXzP7Ylbtq*@`rR%=w9!|=$ zIr&aP{2;2wF2_~Z-j0PouyX|OlqKv8?~INKq!)&}j*js0)X#E-8qtLGpd)O^?tiXN zI8QnGgd2Z>MwUj8{Pum;Vs2zf8EZ{hG_bhoE7|irE<_$q(n7riG zARc~(g2sDAupzkYi8{BWLG_xBA)0Db))8Sp1&wB}6F7Zn(~L(UytpPZlO*=i(gy$p zoT5hZHJig29};>m1gZ+E#3tAdR-HR8*NE4}rN(jxs$fkp%$ugDW5_A7r~8$bz&^D7rx&)+}7GsK-j--<}RD|d6}%b!Gg&UH6QgNRrVn7*kQbI zxzqtRR#+{dcqnvzcgR3Gh&^R;9A@WOmQa4{%_&fIj5X&#<}{>O4ejGR9R02cNR<^7 zyy(9$wIvLo{IO4*W97ad3RdF{7V*jK!y{U~Q-T&-@aU~3df)bhah`BwE!*uD2#v<^ zvd0;!tkXFajpXRcT9j&O&EZINi{Ga}FPKI6Df4Ow*5d$om=U$Qu_8}xX=CYV;rE3m z6}u;4Nj+a&TN+7nfxjV4S+~^pr>>m6+a8HlX@7ia!zKcuTN%85$3|EHG2Xl6@{;!2 z|0BtWo_~5GZ8$jziIL6rh7&Hu zk4DT6m2IaF&3zQAY&o2^N9LIS%b0wNc$JxkT=Bv;s|%!ZnGX8`mUlSnB9BL^9pI4fYl=+ z?7JID7IFI%B_C_OTE?RD) zi|_|m0AyN^}Weo`BbklSBKr=i9fo}F}AX) zAvj4K`lGn1zEJ=U(!Ne<;afF5mo?PhrL1e|IN#xciN zXlH^oLoMetQoj28;yZ5FXbn5!WU>#xgoOLvAQ!RyK>k6B=IVL64J8Fa!q&)SVS#_J zX3C~!5>RUyk+Fq;mfzH_&F8G__Z>}BvXW42tPwyc-s@g;JDApuIZ_vJS@bAnuc=Ff ztUD^g)xa2%E8cG+-Uo01o{nR2*3Bou^2lga2UW^py@ODp*L=FWZ+ScUZ1-O5%1H?_ zkDkfz7A&@r+;Ay!6DpXYKojk?zE)LYcE4!w7HVu5>%vW<6)w*BRrs3Zr%T5&T`D&)#)M{}^RGb2L_}p`Xfkb~7=l*nUp*|7Z;`V)R z>T2y*h^(+G)(u)L)zaEE!bh6@P=?wy^lYm0di>+9M%J|M@D!Qi2LWYi@u9b_kk+M| zv~3bk`57^N8?V6Q@6wqnxu_dmgi4{Bzlhl27!%;ekvaD9ET2Ff&L@X=LU+%j(ncAV z-IvEauc-)TP`Pa$(G?t<9WGwu;c4MeX{@PiV|l}kU-l?|xGjLDGPK3xNd?3mefR6^ zF=*su?{VBffw;*d#C6sRyY$esgBbe}FDnV@6$j>lVMS4!3ZbRa25z!=OQQ5idz(IiZn!@snerSN^_9?i zqG$-NE?y_!9xGf1@f}#d=6(h5^&O20IeS-6)tOmFmkwwyZGPQc`hpyfNRiO=89g(t z>o9UssaI1e_Pz3v(NoB@_O0+*#PuUCnP=G!U;DV_8onBd+i*@$xU@7YQ7&6=$x%x) zsA(b7JfSs%GJX=)cu}{yCuzpcg9ECR0{?c0{~yl+kZbWE0hie6hyUD%$+2NusLl#a%fG8`JlE ztMfeqG>6;s2%opeg|Ng&ye+1~AsPudQfAZ*b;xFxG8eK2(_I<60JWyAKlfOC0ip2S zDLHCU(W;&4Exz~6wc?(Qw58VhETNM}@tgN}67O9-g(I z11ch-y!vcCYtjymcS(EhQRGd(vVpuz`|RLV$Sp=`BVCHd6~`)f#mP#eUJbC?PFMF< zE{6yWb{ZO~HP$@w9GBRpECk;RKDXZTNenUW^Cjc@<^sja_I1QUHrC3fv;ofqiK>W)cxmQ_tjl{`KkhrC+U6Ozu4L<6R2`g^AoNLu{*_U z`K$p?=8V_0m4(&_+i4a1+Nwd@DKO0=7vaKcyodMar2gHp_Dq-6Sb4N5;^{{@=!0-F zAUy0d7I-xC-tw``nXFT@c%!ZydhiAlYb;shTr9k)W~cf!Zgy+=nx+V?kaZMaItF$! zP_X#viXqHR*=+l+=gF<*0{VkK)-`q;L2YTh_Rb=9++A8{G3EBunn%+f2^+x4I7tQ zC@bKb#P4xvrV$R<7{+M}_Dgv8yl|!==P;?de-*dz=wY+d)uB(k#Ez42su`8VExp@C z3lM|RWFI%TaBoqc3I*iGMWx8~-ODJDX(aQ$r*=U$vhtM0#29c8P6g5VREnL%x?+B&`JxVsc57PCE#US2RZMpXGUw2OM zo&2uMc60c?^SI{wuFB}ltoChop5NB>P~WEt$-h`ah~H?uh_^eQfHe2=xx3{H)5GhX zdcAh#s80)4!_O@}7YI*U*!Z89nh@+`nMZTA+L%rJ13VuRWBx7juz4MSs`$atTd9+f zwzhSntS@BV*aDI3&PUte;rSN5ok{$@>?ptp(UPm_J=4c00%6Fd($pnSSNS+!i5W-N6G5sa3?Ld?9*83ogbizgB- zgF7}YUQW~U?0#uT&>d%AR^@$u?{$xn!?Kl$dG|11E=jpJuV6S|xtkrRE2KZLuCCT9 z$Y6E+vmj#S<+)<(`whB516pEahz|PmYD0Yi z^JAM(?fX+QK`nz;Dhrsf?!U%MG5-Hy?=7R^+?uUXG+6KeA!zUf4FtCkECfw(Z3ync zAwUz{>EI3t65QQg8+UJ zeUysN^@o;`(K}0K=!|Z2`g;k`e`aqalZB;N^woPfaO)Kj$$tGm*u317Ji$>&twqIY)zR|dVdD)vyD2XFwTf1H&Z7^?kcIHa8Nx{-Tx zno|9XPT9fsbj)WNvRe+>9XbKR<#qAt_bmQ8>MIjeJl5FpAflsfii${Vm#I5-qOR6L zFX2TNvpAZw#s4xLcIWf}um6YX_{PGS)o*^JO_eK0hH1_tgW6lFSK3_So9Co@f_SM0 z-3su}(P52n6r+STkp{xlZ_XVndZe6_<$X@tJfU=Xrfx~q_*Lg2fRcJnP+abehgR*o zF0mJsw57%zE@b<>%RHb?)`?2t#HXyx!^y5}yp_OQb<)TDfsw45?G(69=f+mLAsU2+#ZDewkVVO-E9 zmywh@$bA)-n(0fS79u!+@Hqf0+C^7VI+4f-DiRrKH-7jl>>R)KkRxi5L8KHE6a@F) z60p|3x%w^=(D;OSF#=CA+ActWw9u5#Pb^Zq>Bb$-S4;2hR4eH&SsVWRczB8PJsJx^>LxvSA?& z-~G80-f!cTBg@7PCKw;Uw7eFGguQ3YjFv&(dV}C00Tbi}W8?GJEwfzB(6Cq`$NQ>G zo-HMLF74I(rXw)6LZ=e0Pw%RB`sQf}sajHhOJm0xq)2@?4+@8e9BrR+}^O%TVH6Yvs8c_ zJzAf3|Kxu|7>i|Yl|P5SELY`VMKU8v<*MYc-N-%az`%uj>~=lfR)M^@8f+XMMC-V| zucw*O2|uteR-S1yx&nY}D5g%GzmE|sRW8XJ5nD!wKdcn#VxFdHg{rzYz6(pY z<#UMC_ZsX`5`$*{%P2;dk%JIQjo1BMxd%8V_Bojw5g3-fqo`(i{yS>XvtlPPK;sF1K#~A*+xD(jH2cnaFofWhzR*mcYl_Gu|-Ja}HINk4b#q9*KzSG7IiAgpbpyn#+n~UlkN{OzNin3yx?m ztMVu9V5(>y;D&D7=mJ$-RXlzr&EdBUKt(sq@^vL+tu-*A*1%lRY6ha|Ox;^w}r46FT!`GCUR91xc4; z%zw5dw9?G)G606mykkZQ*QiE)hz!~Pv=l>jyfu%YW0#zKM-W^$xe|$i`zY-e>$il6 zlU?gldo|&}X3ML?=F+?8Mrl}b@9J_*dVHF)-8$aaZ}N>dM2 zj$;zts033rFWkxaaCc+En~>{DqJ?xWKS>!9f9v5+uOH0zbDXbYH6$)IRXc5qUQg;X zG!AfLE)7^i&P^f?**K&M_*knp6>!%-s&C%Az^!z>rukD5Xk;zpl3|w%+|d^W?zHV> zinx@+jtm_L;NjY&Zv6YahMEy#JiGO-cL!nNiAsV|c9 z?a__8sAKzm-t;v->#QRhI!2Ib@^HsgDS&az1N+cAD(!YeOqbf*alv2FjRTiea+Qt4 zG_wUV1Ar{mHm&sCDmO95t_<(W0?2cf`aoLRXZ?$jQxYhJjoCF;6UP@6iac~k?n<|S zoRr7_Ojdb6)1tJ`Kw=XeSzun61us{5Yx*Fi7 z5MBwu-`hB;0=QWxoY*6+paqDl*{qY7)6pw|W7 zvk^q$>GOZeT07T1u5W!Jjk@Y;4xRa7l&ONdy1T&r8&~V6^txCJz+>xB#Pze_x$9HQ z+6b0Iw?q${j}ZpnPWE320;sP^M-2VZ@4Avj?pNQ|(f*effP0T$13og|Anu}`SIQJt z?OQSLN88xt?4Wu>qV??fz`;XlgluHs529=m9=Lymr&+1G$QiQiygq%Ueh3o+@f(F; zz9hmSQn6cpA7j0=V24ca6uPKcG6wwk4S|mr-0^kVf5v8IU(prz$(QohZ@NSu#Nz2p zJeeRT%1MoBU?658*C^MJsxRI_g$_GK-F1P4?^Am&B}d}vO7BcQ`wK1zth1&(UfmFw z&b=`8A=<8-BKuVs;Pq*MrOTzVyjBn?P;a6-t62r?g5eLi1P8w(8^&U_X*`}$I<7uzHbdsKx4eFSw>pUT$*)dZ-mce{ z|DqE@MxY~O_8J{3GL%y@QQrLgHD=PK$;HuIH^N>^9Cy}tuU!s05jTnb_y-D^X;_M~ znW?zhA8iHg-U6Nyp-Nhe(M*7SnyveWz3bDQvulzb3l3I~lY6O!JBG3v8q{)z_)B3KV6r zz;w}WbS(b8E?TJI*?|H$`3r~Q>Kx?Ttuc|K>Z0Lx(N0-@dsK|jFb^JjG6!l9ca)4& zM6x1=$l2#ZgM++Wgnp~AbV_OI)t8>SOZR?LiR;uaEty#l4a<`w2_D@Ta|GI2#ayZST5hkhC%iWv*OL4uW6)>(oazP=|nC#H#wv)L+ z^e-D@i$vO(miYCZs0?d;#=`HW?H$Y!_~wn|qt+pDiPmRk7vKYqA9ePQN_uu;@0fYwfglz z;xE{e*M6?`2ipm0AN5j$p5|W^aCOH6%6W*6*Iw~s*~{#hX>N+;Q4mUsMd<0t6Wm=c ze24gds@+I%Lo08zg<`Ttl%+(N>Kw1iB9eO&GpTk9A=WK%6XGWhJ(sQnq|0(Cv>=w0 zmXdmemdA1xO~v5hS}6aJ1NdxgAlD2YlWB3|Np_u1x7eG7OZu+VxZU{dbE<@BBW|@v zL(JzExhpjvXh<6&c9%|g%+M1DUF0s77E_5hx0ZL0lZL4jxCt+&mo9R1b*%_GiH9XV zBGYVg5_80+Z$-(4<%p4SDK9K@pz5;LwQOsyJyP|Ee=bP!+LqS95atfGQVo_^Z64^d zI2G2+kLzXg~T2z;lw-nLG)A8r1oj4xT?!oh<6iNI( z7m=pmdf8~&AW(k87Yn;IivI&-Kw^mbSB^Y=4p2y0iOj%a zev=FvrT>kLRTBR>RvCVcTIv}TzA|g`uo6?VZbXk_TAJ^#M{1X^g_(<4x}NpM(%)_o z=KVnnm|prX}1Ixs&qZ6+86imzoA5-eGITKAH)q<;3TV6Rz6;=a3G0e!%oD<>pC zRx;H&!>`}EA5=d&PD5G~a3`M~Eojlhu2o1+k>Qo*cz1lou2rEuy$eY(WM6OIGDmtP zhGkw8(WQtjBnwxS)AqUV+(x1$Zl*$A|HVuhO+T9X8D1luQq)3mz&yal3kB6JLNkY_ z$S0#&rqrM)2a^BGbnY2HL9M-4tz&w3-V-H_56BbTq)h5aGaDJ){8qAjk38gMCTw{H&0$KaeRe| z;24ScP|5*aY|5OOQXqLuLgq9KTSva$t_j4ZtQ1AQI`#jzRn!bjQgphZl&W<`qrqHf z8X6$k0*9iRx5TwN0l_vpm*kv{S`w{LYy(nN9`3Q$72akyTM)%H(lBgro=7fMgj|Hx z-8dd;o1Wbkj3ce0!1nuHDE9ge&V@D-295E=31x5!{AUL413edNRE=3-qh;@ejV8m$ zdcPt{fMr(siJLZAe@n<7nB2egh}y8ML%LY2oTKO<y=J&h?e{gch!uEVsXaEW8pq@X!B$t85bgXuOk# zU+s*f$y;E_%2M&&mAq=2WfatUdql#u4xG3<-nDWmlsG?-=zb@#&Tft#^P*bUk%RxA zVyS;}T0h<9Gsj_l%W5EYy58&o!76?+z#hB6K|xu zS~axr@MQn@9%KpwiABCO`K|iDU-J4dr;|9_{XX^|{n$S}On8fmyUVPcvj4yLQwbl@ zkhzO_U8UOp;F&XI)N?Xa9Rgtw8$I*k~#!^&i>Y ze|r5N?~0g^rNjT;ntyN2zfaBoZ%@rRlzpa_l5Zzi+bB75jEc!n)a_Ot#pmLfsWFoe87xW8OAgr#O58}rS*$iT&k~bhGbAYOuKLX*w1Qm5_6e;5n8*ovNMOCm z$YQx7RN|U!#Z9{nl5INQsHJZDDP5eg!j%6rneRWo$6jV60mzk8O=<#

bZU6a09b z#=ldAb#ldd8^qln=Mmz=#+l9^pI*`O`eOz+|CpL^E`V--x+K&wV^c!NVg;iKaRT3Y zbZFCkLhwg>WoSUzu{mN#8{%5>?%CnQgA8K|-RG8i1HW1GPZgtMV@WUR{1~!*1oY<0 zAjr07t%O{V-RpTHr&Q{-Jf{UWLNQn#hi>!RqZEir?i2j&_Q#e{sK$(`bSUV@O(;RU zlqLR;8WqUJQ4aZt%a^OPy7P@nVqTYP>cvW@ce+81elI0wlyS{0enSibc_AO9hTPbEXoX4k|(viUcIKyEaHzhHp{ z_>%6T`?G?gLL8zvY-UMPL4+=rA#|4Q7TRBlp*T54scIfUKslK5n8Yrdk4wHYM_6Ol z6(>gN<04#Cr`m;aL44tCHnL){zs4Z@q*jIVvaM_>jx~30Z#Y63Rrk@hv$D8U8rgD^ z&cymwA&GV%ZxEPx4i@lIC|A0d(4Mopmwdqf&=;Xlt*RMofghJ&&~L9Mu50wD7u=Zd zY*(3R{_ z;E(wB!Ce{_vqFt@{PtA*6w_=0HW)Y>Ki&>blr6b118cX4Q6SoA^RYF3-Q(@4+`FDm|Muy&i*!PaXWNa?qqMe&;-< z=yP4Gi~1z*?3UjN?qD?3LP6SB3o1717iDo7Kz-+`RZd-G;P|;68#wM4e92U#r9f$w zxpgPmYT+r~`i7aURN|{v^Gsoq&YhBl`O$dPPSbh+c1GoA+j+Lx*Q^R|ZBSA|#UxXz zJee8m1x$0Ry)|N8Ug_nH8tvcmGk21{RCHq_v0bJv+r{lgQw6eJum#g#XE!lu|NaAa%fAM7 zSY`hxs91Upb0{+uS5Oh=)m5=hd%Zt)%ruq#AP*s3e!v~9p~zF*ajpWpv|Zzf@}Zrt zVD99-zt_LX32S~#yWZ!kQ}tUPaV=_s8`e3yWci4RYHRJcIjm40dE6{(=V@-4H5K|6 zYn<(aahCuvGAl3ywQ1v+V`!M%>#o{W_+9q64BDC-oweU>o62YSmPhPIJ?<-8CIxL@ z$IPjjJ?4#gwl%4gpa!Ysp~O}7{H=|%iW*=3xRR3N^{nQ>zLV{=3Zz-)ss@>20@TI<6m zpUII!%b^5gv#jFt?$h4@LB-{{vhC62tZ4Gl8_)3v%b~Qo!#rSHGw-(rB8brAWtZR@ zP&Ig9KAO#2CpW}7h1aOcIdLPndevuj*17Aazeyhl+g9D-95}iGk&C|UOud*H2d zlDsB$11X8X>w(DZp}2k#)QwaZ#tUAGV@$vPeVLGg(47zF_Jk=I0hNZV%f?^A_SxJz ziX(y>io=$7CvM-TD*Sx*xJZTRf_)5)8hRHDlDBXto)n` zv_jmPdNW{X0WEDNC%_u+^BJ-)PeUT{>UGL+2Naq`G$I?E*O_(OVR6h|T!m=q2?R;f z2<6P4`E$3Yk)SfLv$Ib$BVPHFs_Z*#j%0`nGN>3C8T~ZeqxIK17I~s!6)6Pxj3wtM zv6i5qZI`S;{$^Ud+;qNkXjLVeazI?zVns%M4P4&zrqX4ve4;2DXhd%1zM|kCBmRvd z4B|}(w3~vvUM{HVh1-oF9Q>P9F#Rs>R*~Z7O?IGx$;2Jh%FnSp9FCc0#!D}jj&?cq zd&bBT&H#Rngc)9Ieg1@@z9fUAqj>rGC7$Snl4nsHF5`iqkQmcko*i7p&c(ZLORn() z^^nJ}F-apVODkoMZS&g&Nt7clzH9l~vZF^=UC<{pxKi|deC!-!kmUwj{bSQ9sXM$E zT+Qdr??6Dyv}@py<~+saxj0D&&oLT;{siy%v-WQ2Fb>dTtIAI&Ep`IrX3A)t4rR8_dm*9|M3P26S}B9J=vua5;?w%OUw z9^jI5S0_yalH$Rc0XaL0XHF6?Hc?6XjrE%7d%j5035i%Eh&&$}$&^lLmfN! z*9S#P|CbO8tc;CP6wiGo?D!jBy^8Q4PQSg>+vE;nO23D+m3KGZd}vniu)Pqgamh`e z3OAqK>81ACmB4}!KF=Mn@m>ET(W2JMCHVY$4=?cQaccY2`%(SSzP~yHWeIa({Z8Gf zjRR8rN;HddWjqdlV_eF*@r@WGTRQxx|Mk3z@6(f8Hc!dN8z+mOa9>J)ML^^#)UQDg z{*k^-bV>0t#d4D667JHH#kluqdVkJUlYjZm5w5|F3J-J=$GP73 zO11)Hc`yfdq0Mf?rKX30)wC=ViA=Oy{UwPEsiV{MpUC{0w8`;G}dHZ6iOIUf~-Q zjQoHg&ojl3JfLLm6De)FbnlR#=~hBFaqOe~HpRl5Bw^J=OA^^UuQoFvsMyV!s>c*U zMYa_vEd0-y-nEK0kB0k`v1_M}Kej--0t}4S8;Np|kwZ4U+B$|0*Spj%#j>YCnVc&9 zM7tn6-}gVgA$;BEVRfWs29xDg@tR0V-0+j6UfN`gbfLt@Lz?$OXe`!9j#)X6&CiJL zK5OIgNU=gTe8cZ~JYDByENeFY`dStK7&GNeFR+S*uFTL!RCGZbb`?kkTzoFHyKs$K zcl1L|cLK}p*tglFREvqEnMJROq&X$_?^Q%Ui7>w4SbX489Js9T6BMEs`+)UmXu_@M z9^M=7ZvP2102ck!C1xZ7+~HUV)1?nEm%?y)>YfcVR{N7#{3V#!+f}WVC*ZDHxyhf) z1B!bI6k;s@U<`!^uWnu}V1|dk(P|B6=2*J~R%VXs#d0$(-nV8GLdg>()5x+OmFS<&+W>skpy3!zXC4N%kgh4Rp(w8oOtj_43~x@qKZze zc)>XYc}MiK-vFlz_F?zdR#LK&Er_|yhHOy|pOiL>Ex+ajpa`JuM5kE?{Ga9a-gY-AX;}LEBF5k} zHSuWRuV2uyCR#efUC+jw2VV`EwSr(aHKWG>N~cojETaPZW7L>#hpj?&;Wyq$(-@OmD8S+ z_Usk=t@##f;zdT%+=3p=wymNi6?ew~Z2Y#=9QOKk38=o_id%B{-J1ivLk}|-+~5Sq z-{9cAtjr&(S5Z+6R@}yncCy$g}yD$%EdQsYWMh${b*Nn@Mom3#jid{f@UbQr6elDBgfgtAVdXz5PFDe$AdQfV;?-YL2-x`wDdF-ens3Z=eyx)S zi1aW#ji=_QZ|FJZ!AwcT{nZVG_wZ2R_wfL`S*^2IMIasqS$g8Q##LydZB|=C!cXh? z_JZrDEv#hv(SBFLHn<3^t4MshO?$oiALW@M9}km8+Z5zikuC4-oliZHug&iiW4)}B zM&nXjp>SOoek5@=WNC^V^hBGKUf%YRO9YzXIVrv8G+sdnlwb2jn7bUcDpn-0b2oh` zZ@=GEqi(6%9>{kdXnTxTZ}CV}Qz6! zwfFXOyAOTm0Pvrw7M0xqVC-7WY5SIDjE_V-;t0CP<_j? zz{uc9@TZr2QbFo`vc>U*Hfq*%dkb*qJbEzj@94eSQ;brDT`ca8kq3YmyXxHD;_3p0 zO;e9l2`sEMNse>VAKa1%Hkc~ zZcRVJEz|q`Ld}PqM@>7!UrhlJ;w`8TLD^LCjBQJKgFm;_F(t$S=_!n$B85MaGd}l+ zfa3ARI#m7=njghB5A|hfvF)wWd5{?$mc@BTyh6G|>N}v@yEz-->qYtPLD=bI>XEIp zuC`&x|V71j-&8IGM!~%)w9Du36!)yT)=Azy0D0 zia4hb=Di8+^-Up6k7u;6^>HKokmOb3vO~bnZuC6$=op`isz_ghhy?lc=jtAy8=Bqv4J$lw`w41& zr3xHH(1A5PtQn*oIVg7HsU?~u(-PPPvr}0NK~EhEE@t1t>>bS%_O?E6ONs}u*xTR3 zxj*nd6t*=f>t(QmN)|8KXYQRkp6`O%=DlttQ_~qMfJuy&#YK?F<-PRjtA3XoxMWsQ zr1(<@*C4U*`)l10fN!x)L zd1|3=@8+ymj+{V#QrfPBT=w$xOogwwue-gcMF1>V%WvKzJC;RR9Jm$glg^ks196`I zrr_+6efq7l#$}&fcj~8BoR|>(YHjf0+Hl-O?W66l-6{Z_SAQ4r?6S}BlOf*Q;u3`N zp2oD}LhBhNm`PMA%I__^Jo$k*$FzimW=nWa9mHmuXK}tjNa=kKe&^nWi+Ncy^><46 zjK&oL_e(Z?qWv{U*F=AOULY9Dp zXFW9My?OJ>n@z(k;%M4yq27Y}&D7Zp4X&z3ceUp3k{-pPf&QwSP56U&2N$hpU3XW9 z{TB`twUTv+q{EnQ<%{%emz{^3>ipSHL+2BecgL8(ek|3|SXuUfn#piRK=fG%aBtqj4b%JqqYK)JR|tbmJ!1m_H<=)>A{o2cYg@anuC znC$sgBWc7aCAm`JTF1Q73pt+%=tMVl1F609IzQU6uC|iSYUSmX$F+%T^DQwe`aQn& zr$|rx)0(8`JpRPBhI0OMF+q@T3g@I!b&GFD!^mk3fgm%;D2{7%wl4;sy;j`d&L_#K z?JanER zR^Ay+&W?B9zava2FHR_NXq0Wgb5C+TS&-_x>aR8kMo##%eBQB7WPeEgSu_Fow(Gu6 z83Q)x27r0m#^W_^W)M*nEAFKSswR~!}8V{ zgBZm8Y=ir6py|EYHXGxg?3MOR;n4Hz{n;KtDnlubE=Dd7qgG1hyQ-Zga< z356`*`(I%fYv={pF8-xPEh_EL`MNze{RP`sAOFP1o_EO8Cd;36=pW{l_z1YS!ahA@ zufY8p!27-`b(8P2DN24y*p3;bN_b^d_<7&zA_1c>GU*eEbLXil2|}>J-_ACmlVNs6 ziEN=y^Z|21xAek?mp~EJ9Fq^N_~t3=A@-4h0I!!!FDL{}YxR|wtY>qYS`i0$IEf<_ z20)52z-?eu`di)h&t25rj*k)r3Qf*Z0HG9m=i#9)f#B;9OP7lzPUop`*1^B9`Eijm zj7{N`_R|^DU<)0cF6#09o%vO}EYQn9fS}uv2WZW-ks!d~?tEu7k1ErbrTH5Gk+L(` z`-$;#z~)wU$xFm!_a0mxS2Ipc@3H0_C@8$Or>~r(*f5s49UgjumpPCZ45#&xA((S_ zw*fg=Fbw1k0ftEYojd!f*TAhHC~RGL!eiYlAe=0vG&YO&5zhm8FURe0{hcy?M&<7rkUEOZ03EDw z$-kN$l1r!>II~80o)iETK{Nh08Z<$GLJ3(vb*DmqT!HbT$C=ty*x+im+0Y24*LezT z)J}`lZ=F169OVjt@0Z@VYYw8bVE-uo)g+C$LVk2SmO^g(d92M;sTgC(Ta91e(qTsi zKR4B4aQE;v6Ta=|+`nN@;7>Ddm#t{|jJbLYThze1J}j!(BTGlCR_eQ0G00^5>aO>} zM@j@+E3drlz2?@^P_-j-Y!mq0Y!voW=yDE!-?=j4MxYaNo9JjZ{EckOw$N(Mz!&^w z-LDF_No1SJ?Q-Gsj==5it%S0D+Vyl&{?7nmjQgw`%RioSaX!Vs9`*B*UY29HutDE9 zY@N^&I{n)nm8U3(7!x?A}UUD-hM*SF$1_TBa3TLW(Hg}29SI%WH9xkQtp4gHtV6EL?pUwfrJyo)mCt?Y&t~6IXHDzNwyVz5;2nux9Nx*Bn#qIuLKj&hGk?hXlIfDA5U-YX9gBYRMp%s*cF$SNhGZD*vgi#z=1J&ubOjT6al=C3CZ^_2mnJw6@W%DLz^N$ON_8SZeSXtrR&F7 zMHO62-(L}dDU}$2-t0A9m0{rvJr?evM0w2*HEu!SBzya2cwzZqWdPHZhV1z>nws=B zCRKOiFQ8pS`L*ix-MfcLj0*!dLfHg&V3lBraq=j*|3Ncm%+ zmN04u{KD4?63XYMqyx9joJp|qlx4MxQuEsY9xri6%fP?|Zq7ruluhSB*U@Y>#OH3+ zx;YXfi1WIEBhfD4eC5C~D@%abDX@NF2)F(O7ulsZ!Jx}!m;E|fES_bLFHo{@sdXZAym(7y~dL}GOCgBJflI(8~%XA z=d9y=372_29}?%I?;uX39oRdqDjmT+M^}%uUftAii+-gV$=kMs3~k&+|t((a?#0nvhid5k4ZL=-2FbZPciDwszMSV8Gi)z;h9Mw zZuckU2lzH5q2KJUQQ)G~4DwV&xx9WGnz-L!-;urr+)eIbI9bze-DV|)jOVpQL$342 z{DJ7>H7%bc%Tn**9`lMbVG^uQGQ3St?sQ1^Pi^t(uF$z#XIS0oQTWyx{ZfA3;LWjK z4{Mf47nrb8t!blk_OA!y*H^4~eE~hMh_^^sXT5DPO$~Gf??@h&_WgN|}=J+ScEFS0q zKh{GF%q%$DE~P$r{IjD@lkoZT`&D>Rt-F5C;T;$7lSwZXAjo+*`#97G^ZQzG<3oJ%8)?)?s{$W zuGnpw=jP{5ggeN=z^=u@Ych*l4p+i!+$>E*-Lw-ky2m)Q$H$`G0u zFZ2__qjh}`$EWob=P;g|HFlqw+&2GUFittagyn|tVxdII>USW{6*}G7DPNTF;c0P0 z_o(5PULL5O*vs>9rdjm+zAXkRVCyBcze&V!VL+KBx4+Zc$8=X?hq>^5l#CW@*pGVCO zYsoTmbs)jfktET|Xvgh*KhdIGxe(GQlN z*aE4<+N8?zd-3^_u^?~Gd23Ux4JO-6 zXztn>^#;P!r*$M5DvZl5a+EV{9oxlG=pf-3E2KVn+3x+q?UOH~;5ds&SgGUICgRmH zm1Dn6vKqG!sG{f#OH_}41xffBz-nHhvtT!FjCs@X3?x_R?9&P? z2NRFT$2_d$73>x&u~#uH4Ct3e#tkT|0LCukw5Ap&Ya>L#k!lwFa>ZbL>4#d{3?o=~c4oGRSed z!=s~&GxCpZuv42~rlaIIJRNBY&A~n;#yk}!Dls&6mX6#~y>5E#Ik@|H@&lC9--V;Z zA$-vqi9QOFeD$UJQ!SopBKs1**ncaDmSr}^f`!~}RHeoQFITz6&b+=7J%2D; zMRs{1$N6DT%+@>1Ob9%Qb0P#4LXKq6o*Wa?LfO6O#(IiJIH)nT6v4_uXPa5bt^`4;%mO}F=eJKzr68tX4dBd*) zix-WErw#QB>6mn5(BM{xroMCZpO}jVV2Ti3nByr`jC+hNx2JFqHig4dRs9Ax&3pD? z48TS>20UurtCoQ!h@1yRc60%9{`M%{>rZsBv-umVd`+TD9FWvd_Kr-IXFxosywkC+ zo|1|_Z8N1@qan0gB0H5x3?woBMAT^@)93Ob>L+$&INcvcdgB(<0I`Fvh+Him`HrK# zttA!UxeD4D>BuL7JoJ~#-0u>k^_4FdWnZL>U_354bTZ}Wlt%eEnd^Q=Zu$IA8p%Q^ z$_h7&|98GD)&#sLQsU9FcSo!rTW$^;3@09DRCc>C7z7vG4}AfPIErgH6eo36^%r!S+x#MP!GFme>>hj;~wZslOdP zARDq|Bgc81&^%J5wNBBI_H_F;IpjYo2z)#<1dA4Rw>8}S#yTXsIdddL=7!zmC|xhU zG`76HJ-2myi}u4XI%+xO59Y7Yav?3rS-GHq4+l?L(wvb60#s)&(CXoj5r+=E^Y(~i zL6^n2?4*!h4#BL|kcp=+M+|9fFfTyzKIAF)R~qVErNCh9EUV4~w>lf@{_H2d562Pfsmh3L5uT^~5t(bl1qFgITXoFhKZ=EHx#PJ^F^0sOei`IMCpv2;= zhbx8OGE2Dp;h-nRv;c{5-zvl_f3wLEVQ5Q-Hi9$Mv#*KwNQ6)Cf)wOjuk;rI22oWu zG&wvhpM4tWGc;>?`(JC<+I|&7%G+g^Ia-dNDWi>ZWc5i=05-fO*1C{g=9WgD%-E&~k~ymI!;M&3(`*9<+@-4rbk9C5h^jBW4Kl_??QD5H6>Zw^l1J+Ho!4rj=kxpi zDjn;Ln=fh^i}3+XJAcSFju1@e;j`5#r^d1**s7CSB~oDlKUz0DlnSt)l&)h?L20IAmE zmZXfNl1f)ifb&WYsbnQ=np;w#5ngWjCY9JeYQ#jDBZT-L$Bcr{T_J@-!)C=Jv z<;)SR1DJ4z`7h{NB&KLjp65Px;%e(tr4$DFtPTkykE!=H-XBLNe676ZE>)gKp#9hP zLoTGbplN9hIV$<)Dl{4OR{04QVhBExKnS)frSHudVP;N|zLbARxm`c@8z@{q8~}56 zto9e1^t!S7EV_gPS(dT`nAZ}~YXL4jSFod;r;?>$$4DV$`*72)SASd1c;6K!PJMPz z=L=5b9F*tlhB0KYKao6VyX~rczS?SxnE{u{f5txnbvnOFJ7Mn`Sk7P}J1Z#Y6)t5k9G~XZ4?%%vL+swI#8aqfd($yx* zz=Us_+nmw^?$&flzNu>UhBVoQZR>F2NR8w3Bon-`9BB;S{rbS4zG{Wq!a(h0ifH)# zI}}7s!YyJ1di#?1Jw`D0VF>b&q$v3# zMVAswfr-*XQg4I3oJv>RL7@!2iz(-$PZ_@uwywv0w~bge(xQ%fvxs&Rb>0%sXGaUn zJ{#Wgh!!VD_LLSm)wbv)VeoWeDpkF1`uXxx*Gl?HL}CeAicCN?^Xr2p9B#z8gk zM#-cO24Qz>Ef6zOr1w(EGZ5gC{JY-6&qf@bE{-f?hhWk$F998wH65DgoH|v@G~2=N zf>8C?)s{8K+%;*Rl)hne=p$u+Xetpbn~0S1>G)n7E6)%h-0RgFU5AVJh5bpEp$XBl z4h^mo3Omo6Khds7en`oUR8wjXRy0qry;6Y4~u6pP3Q>ES$P$ z*s7))Ad7`v1}L^Rb?nT;`ug>7RO#7-?S1Jp&x(O|UHjs*;~+f2u`fGO^?@+G^4(qg zl;WH4*%-Fu>=eRS>Tafk=M2w!X-l8hGstpuP3#gMlkQZqYeFW5C@0Za^o{xHWvI6G ze;8xBgxzbg)pS!HFzJO|-Al&>9AeB+3_~f7wu5D~ATUEf8fdXuRpvwWcsu(G=>@s; zNb*u<+<6R97T50$_KuZbYYLbU}7I>j&p)Y&f zUI{z+U?+XR3NZg9&475t@{zs+vt{(m^b0vm2>TI;y2;Mcz5b$h5w1Dt4p-=~J$hpc zgH$}$I<;oAf$ZrfgRG$ZlQ2cN*b)@y#0_~lzUd-ZIimyL4SvSv?7KG;D?tTCR z2b>Pkw5V3T)!smX$=!AJ&;dA@yYn+{d-i(jMTzJovlSs`>a*SC@wKmZs@S^A2j`0=0fsEP!VEB=Gncjl1N5PiD@%GOHtcZxO zK{`+VOAEmKd|`SViN_l5q~yl9<_6i*E!KupyUD1#*o`#eIKx+O6rG)`YwcG*l5-lB zF2CZv4{XTq@4^Z;q_E#Rz6l*B9hcztfH;+8Oja~Fz9p+L`*TWszJx5fI~%Bf{d9{hi?_g+y= zwqMt;1w=tbM4B`O0qIS8i3kWtlP)zNO{7T;EkWthdxr?pTcmdaBE9!cq=w!@AR%Pu z`N}?c{_i)&-Y5HDkM|7j1Gui-CF@>m&fhGPaI?m&yJ(kxo*H#&cA3}*_5JAs_HS9p z|05yBL@@3neXyZ_rl?TFn^l^CM@&- z2Rn4zF-!Q=xM<&?{vWDCmDfYD1Cx#3Cw~>~#+xATCiDJRlT^9%XZ%KvZ~)wt#<@3v z9@rO8t;9aSYKy^V6H4+5X_QOdnL`T83`j+Id&D$}8`PHMzgMwhC}gXZ?dNVRQLO)5 zMK(Q&)j7H^&UaWff%0j-GQLMxF*Mw2R(<2mM)igS%(vveq^yYhqSN4qY;JU00&lD4 zySP#*;?u51;q3k=I6F?u>kQ~L>d>YyX5eIfYIi*U`dgpq_g^E`(1FBqVaXZ#_KE|!!|BWe*n8mGi!YQbX%Y6YimI`v9m9$>eFe>#;D(lLi;pyn`^&_`IL+B-y_u>z@H(v{?1Vt5$@4CN>JRRKn}+dg*2upPu}} z@_>t@k9c5O>{2DdZR0p+&h=BPmG{Q#kuMHx`}&S-GA9W`?2AL7j)ueagT$$UX2VPN z9R_K1m)e-e8=>>;llV=$s+5*wPI}Ss78kG&Q6~ycvK~%TotLSPQ;#HYd#-I9WMQM@p1J^n^^>zRPuAfDusm=>%xNm z?Q+%y_cES3C-UC87@H75yu2as>`k)6j2npjT>>S&QZgV8i7&GivR-h$dHHwR)zv)d z=#J|KVV3*RBiqkUNn)<><3;0#4PG*&`|luW86G8!r*a&()F%4*a+NcN`x(-XS(##Ii5!|oAUbVIk4vV0BxoGKb4Y~8?7LP zXYJuBnLH}%D7lTYVkd(OY;=**c_`^y zR=VtLy0NzmlL^&4J4{O(!xCdNrF~SIUcq+p(XS<$M~36X-XfI~Li$b?FXQ$o3V%G; z_m?Di0HiS%b?y!sEcNJjWE%*$Ww^<52YhI=*a*E5(LqN1I?jINhBtK%(1f(Sn{9(b7`VN*WGnJRtNv_)RRhOg`gD|U1z6okZlDi&lRef z^r?*u$b)(!^EG4q<}cd6cbb1M+Vd@R%NgIuNGjD|kl&=_&W=mgsJLt5GxXpay%P?8 zLw{sdmh9_YyuB1`Si?ndC%B(^u-Jb}Gou zLL{uyktKimXgd?V3(dgbkshfJvs9a+OMHbWv5g4i8h99Vs@{TSf-IUnJ-%l^-Y|1W z!}~C+ntSkPdEFfvlfa~l<)eAyLt5s)0!uMTh$G|dB5$x*c|c7>Jpw z1og$JvTBe+oWmqY?8(1>AbY9Y$Rf1%pY9m;TZE;}^Za6=;C8Ac?L+yK3J-~gxQ+eh z2Hr7P1Ph7zN0PATR+7?|HpYtTGdGp;M5S4nT9W~b1zh&(F?|&RF*Z!o6_aNe5K6eu z374#KZb%V@eM47?85B_>Kb?ncyz#q0bxEMJ%gDXZw5v@W6>pXkxCi6#+n+0_HoC$` zS4jm14ou^mC+fJjE7ONDQyvSUQ8fD#sZG--J`xrl{5yTkuG8v06$4`StYiJug`|1``hz>WA6E`vZtj)qh2iO`+k~EQcWT*wa{ENH#cc}R{FQAE z4*#k7hOwceLLhX541Qx`t4I?zb%QWx`1SZ(!xrn$VD9Dnb>#N!^!iL+9vmP{U7TS` zbFGedxb0ljnvD=&Aq;lOlca8EDqFDJ4QJdCzY%kDOi<~)L`ptd^UuuN4R#kZRSo>Hqne&FQ)J!z}~rhspzR{OX? zGDA`X`oP=ayTJd|CHIoW?A5?SQO5;?PWM)Nb0cQlt8C4z9~PJ!^&@pSEjfc!R`LdZ zxw$Ko-?Q!(>gx!m^FO3+bCe$?PJWnYBQiab3Q1RFZa5ZawB+J{SgohY-T4~f zf?kVw#2xMvb*RKbcK_8RV?}|+UnJGwn3(xEv&}4C{p-btRvQ`1I;r#z(XOtYwCJ01 z%#nYQlF6|XKExYy-f%kSTBcau{@HubG+ByuH{W9zJY#oR@!^~hsra!okz48k;4psP zhC=@Jd0OEVX;3i-^(+x_^Ot-q8Ncn@N=wS?b=+@bd4$-d5Ai8M<&b`=Q>czsr9N%U zJSUSv${ahyI9Lv)n}3sXpJ~ zaOWdB=!ALK%cGEcOaAnGEO*zDG<#$|VNV~~x3ekho~b&kU-_uN4&)vzR(i}6`Q_*D zS672dWOcv>oV=1Mr90z(M3Y>q3rQpgtFnF8+rd5~-PLHyfl4ZitHBea>YWc|E3Lbq z)|ii<_r4iK@6tbV6C`=kZH~2j(ZO)~bW^aVd?vq>k}Jq^`A9hMzL}>PDt+7E`R%7+ ztp1Qf;9)0I3QhO^w@v#VX}{rSc{9RL+02C;LTD}pJ$vXvyICT5KvA|pe79`*#tQRq z@zloK-8}urvK$VXzG&>maMXtg>G#>7Z(oP#2}J+*vTANv;s&vH=?(DpWmhd3^p|;u z)biD;k`#@jY^^2j$5#iZqA~n?pDr^R<$J`kr{aEJ1m{4usT^4ID`z5OVb(<7$3?So zXTvE)tlgHQKoZnc)OjG;%|FM&<<6&dP+GuNecT_{Kg9SSt}aa1b6TR*!+(8Wp+!9_ z&Pg{tvqQKaHN1Qcbt74ia&5VCgh1Tj>Hv!CIgxTuMZ3pEb&rVj;X@R`_WlU{m4x}w zDM;X=IpkuGh8ov0dso`ysi@$sql%^GYQ=?OQQt3&Qi1-!CY}Y4%p=S|x6}K(N^-K0 z)?*xz+r?S%QH0+|s=+egmkVL^oxN~Hv)iHfA2cV@clce|Ca9Td%A!AhFniS5(LA5; z!3anWyP6)gV0SE&{kcSZwhidb!|m+a9ZbwcKc`+ZvtVowK`TYRLSA{2SZdu`T^r#} zm0xc;J9#_Yt)AhiFL50-;4%&<%!S z{&W#V2M{!Va%L^!>(u=dbblos3OjH}QxK<6A+UNe&q{CgR-t!ud^&gJ^1il3L83$> zpNu|C<^PLdim-KP$TO3l5M2(Yc{IUaG1LC*lytKd(`qp+-#+Zvs}64uczTftK>kj* zn11=5?MX<-74JfpQ5TUYaQn<>ez`xhvMq(1k zuhsHC8@Af^U{*ccZQ0cOk?u3Tm2_hPr6wAVpm8r^Arq{*ei-XGRgL+>v4MllPA4sZ z#S;(rP-TxAbO07b_LBU~Git@xVW?dx$o8HDx6@_oUnSg_0gj0Bf~Y%yIP7ffHy42! zDY-hbYs`3yG)M~Vq$03Ta9t31%kSw=$E5(`laAKFn?c$Blq}!bUy^*3=trNoDz7nb z-%-0a)x6ZcH&`}B1V6?(A8fo)4RYWgzq=jx2sg|qz+oBrY~FL@`4KE8C$(HT@O1mx#aq(p84>CLuRu^`7*>+{`Bxx) z3S0W(V9J4XYfoK_(;~&P_h?Fso5=XbN~+ECPahlW8Q_QBE1e9N>4e6{QREw6FPeMv zmoEzgBsSBjvE{v9NYX@mVt@1@eJ0?EyxiT*GmC8K`2p*?jLntp$)uZ%TI4sdugZ`r zUq7|6nDV=&x9SRtY7&~@XK;X(d7Zd;4ogW*^UsLA#aiQZ;DSO)rj|sClm*sbY84caks6y!i@m53vJZb3QZKHE;R-+2!jyJ zeb}?k(1*z%zv$Kg)+a+H;)`e5K+A6M!E7<$aG7h!E2r7l(%FW~f~t`>txNixzQt@6L!%NDHkhA`YIx9##>KP6 zh(JBUA@jj59Ep2nHb%R)-H0Pdyf zfXqo)r+Q;A%&ITGfVsxmHz5-;Uo59L)>f-t;RFfXx^-)UX^TWIXTdaUJ!rfqV?e^X z>^H1Mc<(l6KH6`Ecq%YlpzYVf;;7IJinO0rwtuDc>JQ~RRl?*p*428TBqsO8Hv}k% zt{VAnhJ-1ulboLqwKJLgbZXcD&Q+=~6gMz#Juo$b5t(;pde|?!dZ{csh~&MHn@nso z@zHu9(Y#}*z4?c7O35d_NX0+x3MFO}X_nXW_f%Hf|7t5iFqeI5BMy5=brkUg^UzCY z*$0%`GK#y`Sm(k@sYmR6`S)j>t4VRZt6m`YMj2Pq2C@qt&KIHuMHcqEZy-??Z3>Nx zp2#K10?%HHP^tljdZiKs_GCjNnVz6GH%c*MDCUZvfLI7;$T)wCKE|&9`q-6sz2Tt_ zgi3GNUz#DC`;)l(W5qE2T3^zC%9V?T8PUcD1rar#ocQb@WEMxFhN=m1@#DBLlA)Q! z>4D8I&3`}IdR1>ti*a8qC2KQRb6xaz`zweRk64?A@n)4E*z)^JwuU8=AuhzM}l#)SoSf$pxx06n5RnFST4Q+UnrA>&m$}3Ak-9 zJ1PadeR(|IYM6XDGPlFp+Kf>S)!gCc4@;@;?;en}7PT;IVkl)0D}tYnv#kjc{@DGC zr;f1eP;`m2-35Q^-x{wqGMo~MRSHj|q`^mN>(@`6NA5OBcC+mdvkyS8t`zEgQ6rP% zo|*X*B_#)b)H!nk^#S;ABSJx;^Tqj?fEfc%ZA09%6n+0)wwO`h>z+8ov}DyAToW_M zFSBK_AS_X)8;|ePjM9jc0DMM{A8kdcXxG2nlXWpDVn%B8SMJaqj~fqsA*mTSosY&K z+#4~gUd3f#&mJ?SHY~3^HUG?YSv|TJ^<8^6vg~BDgxq-1@*c{x*$}+JH|?8R+?F{8 zI<(JDEq6NAFBqVd*Fk0F_x6y}h{!s}_2_hJZ``-mSH#-WS!*jyIFAaREy3uj^iPAJ z=P4*N)hA?v+cKPb>_ci|;H|-lD~Xlmk|Mxj2LA&HO_=!D)$FPd3CgzOt$2PRCJBIC zAN8tP!~5IrTp$ji43<6-m<_XPIpht;iTEAow$N$pc$WlP-XmwH9;ap;dZ)d^O6Yar%u40F2WrU=N(`>s)OekP*YG_PW9jGSim=^np!;+bstIMP! z^mIH_V*dW62UFhZv{_t{4klY)UoyH_R=`7Sh z5f!`mwCqi~0r8p7cSR*!2@<=F9q0M|PKJ#lZeqjQZiK?W$vm#Pb4LC!IaWbP)@|C(rh9O>$~exd z*Vq{npTnL*XwR1==ZbC!@@UVwZdyO=Yau778)H_fE`8ua>S2S2QpTnp;U}w z!R&hZ@Y+brGpNRui6qE@Kg$_Duq&@9!gzQ!Y zIhiarx}~&;n#cO#JKs>{tpg_{i(yRrJ)H)RESic| z&IV5 zdA@=5*a&=Inpa;d*B=HDv@^y5-u&WCTZ5b?M-mRzE=_gmaHT03s5sYT)q zun%L8q2LNKqqCH>JCiFI>Y+S)q?7{4Jws6ncJ9?}(i!l5462bRc86Rr;#Ge#=TE%h zOp0i~;{w8;tpD}a<&`j3JJ2E;cim?P|APFc_>dp9!&<5j6D(BSx|Q;Ds&t@QQ?h8xUf>6P-dvM?@ILQT=G9@OxOa}V^51QgVu@e<%hFbL zlYJ?r(%07jD)j^B#6->?ji;48o*i<6RK-0-TbZ;u{&TMmM(D9@5p687W0-h&gQ}WB zW)fEsTu4xTx@0z~>;Ij%4)ai@tQ_-s4JG`z^1nq#gTe;uS$((Vz@=TlU~ zGV56Tc;idd?t`pz{zPy5w_I(bHJUneVlFf|huOkO+6?QhPE}Y@mj0JpqiI4->)5^5 z3S5{^_W1|j$GFk&lJ(2J9`TvRe5!w43%zX|!Uw01J@ggvbv*$I-dvCLN6!xsd@Ze~ zMgmH$0%9%F&-JKzT_Q)r+-RF?-B(6rPzi&y?Gp6A{%)tm6<6ue%+0_g17S&C3rNXDs+_zks>t+Q!%2^b`25jdZgJ82}jH5Xq7f-TlZ} zLq)BiJE|y$ex){8XZ~l|V3cDshumE@>og(38z9QpJyVW)Qm)J57*`&i8^xL*L`PU+_c#mpeK+Rrxff_TSk$)xbHW47`-hHlXABlf<0ShE6nSKa)~pQ-nyvlAv(Np@-ww(y?#hH zs`N|XH)DG}g5aXlSY2?o=RmvfY_(+;_K;9o-fi8nH>0t6LJ_v|L3!mtadB~hGZSdh z#b%}r?E~>s^0i=a(y@R1OXK}{UIM8V17?ZLv)=OhrQ7Pg$2B+Jnv(Q35Sn>i4{G_F zUl@x%s;;~(9d8}!@ZHt>qiHc;svRc5kNtSZSoBY) z?$SMz^I5NZxtRryHzP=VJ;;eXle)(@XXE_yNJH`yBcxt$E>x)1y`YyEk&uq2mnb5qy;AKBvrX=_S zK3lK6Fg5>MzxA7*8KHG&6Or4rMM};0TPYP7-U0|+YRqsycnQ;|x^}#5fR;CvdRK3T znqDZCeqnfpr1|3)F4}Pwbjbh~d|t)GaK}JBZGe^Qmsu_uTeefSX{r))&*?Km8bIQV z>E0N|TW&B#&dp;siZK^xHcI>mv2!a7IoZ@6Txd%(NiM?kWRSd;8i|X49Z56^udlK5 zFLZDG8R)+ArPP^=9_drdceLJ##&)l$JnrTE2Iea0%zvHKpR|$n4d<88DbhhK!k?0$ z!Nt0!1lghw<@mQ?=PMBlC9MR%6^_T1$BgaU?U>i4Prp}bcI{^XHAM?-0DDH0sggEO zzSO!~cn(>WxXY%_M)bboI**9K!*g-qhg(=}3pQI_e!syN8nb1+43IG0*`yZIp z;Eb;#yUS%x0q)v}virpH<~bNP$i@B>yF8n~=HeLO9YTt{d}zDAN3*Lv;t3}qRVH8& zz##eR;j&aP{7lcDk#4?LS#6qy@OxD2=9587+pg3XUz91nl4Awe~ok^??0of&KpZYRBh{RbQUEij^ei`cH42vc4g ze_gx19=JPb(E@$K2Iz8m>w;Ehw21Y-92rIoNw@|03~kyzt}8hzlN^5{Yg@gau{hP&x7LotzQv5Hs z_syKJu)w(^(tn$0{>yFrbMU`U%YUDi|4;6gA{PUgndxh`O4|RYSF`x9yP2;2oFw|e z=QAMzmpA8l%Kl%Fn;`^pb2cI<4eg$CRdusk=pbYG>Zx~NCI5ERtnt8n=yjcISitC*6OjFvB4Cl3=q zp;M(<9ORy@rLV(17?f65S4s2A0*fEH_Ti^l)~;*^AOE`s`tjqQ8Ze&k&@YRfmtQ5e z6rb{8v`dM{d0$j1`$Amtvu=3Ga0-WFP>)%5N=V3im zTz6cKNhTkF359j!1)uu-lzO6M66M39rb;0~0TmobsEmG(MQ`$X?l1G!BbL+&?K@T( zsQ)~AxGnP}szuB%NLLC?5FBO?-*jo47H3u|-Bi!FTPyWjTSxVM2l{cwNTbT6uSap? zP1dI^!?K?t!g@T1t_b;Ca^+6t1Cizs*SV_k+SC0uyNQVj>%E{6tKpVI>$#JSD$gaL zcGY^N>ken3GS+xrIcf)qEvV+GcUoW{X`NIRb)4g2zVEHGx@L**lie;Y7IOI0Gj2vh zV`5gAJS1cQr5AIIAAmWrqdw2X6C!bGb(l`6ub#2?_;CUF&3OK)u1^XR6NF23lk3Wj zRk}zEv743dbEMwjQS-~~l&&gpkA_6?;P>$|70brUZhh?<+F98Zjo6Pa|YUzq4$9f$5MS1Sz{eb5>%_DNoxYs+HrUZ#?oKVz3oN$n^?R=C zU79)sCayU3rTyuJ#G_Lb3RJ?&R^D{{tDq#loFViai6JHH%ikI6zJfh1cE-)o(?-CzLY&VD(yVW_P2%I&hF;xev3Ad6k+nGVDMzR)$SG~=dW%XIb2ba$q{gzV44zI<$v_Kd>c zin<3V=$mca)_C&A>GcQA`1aO6w?JLe zhxdM0vUV7ie8XIJp_`>o|VD&ZsPRk2-^W>(`xy(3z z17s%eO=>%&#r!h(8ZzJb6k(aRK;b-pxGl7|FlyqyPkhg{-2Q&U zsk{l%pw7h-sHUF<&rQRRDhp+Y0Td9mhC}l@Lc;&hb(=ZoLnCbV*71% zwR6x?b2-1g%Ln-4u3OEfu_HdQ54_P}su_e3@)7>NV+<8HK2{Nc|9H}h&*meftM3j9 zz4xpSWlmumNG2G7l7xQy+}p<@AYwYtAlZ=5-rlFE8G={?1J9)WyOw%y(0tcNmzKywvhQsl5d?RODoH}i3HW*;k&eZy!@q9Km z5yeBicw?nr1nq&4bpI5ulK}2=@}#ggNUO7xpXnLGb)NtIex^`Jend|bfZN<}zIY=) z{Cuj_7u^>*SIzc6^eZjdEoXZ=+Ih;;F=307yEo+eKmY6H{E7B0uX{dg1AXy%0S0zd zR21<#igiv?G$_o;)8~RJUCnpyxpoFuwk|%%mlVMBMh0B|)7}q`v#T;*cx*9V-Q~*G z`y86$F4z(6&j2Q&Ej)ay@UHYmlU{K0gAB#<;-k@>aH8$^QfK%@Hm*fkL211@`zuS; zZaO)VfS%<2=Q zl?%l8$2vI|^cqsF<%2Tz`X3TiquKM*ASP`lnfDJqyb@?8x5@AO#jk7fe(cA%-LbZ= zv&(VS{e)@oi0Ew|r-s9QT~jZ9BS>bVw2($}*-$L}+BI*n&*h|K8u^Ke`QyD2|8$lK z8Y^W^Q>!n@eD5!ny6O-HlDSx!^=S5c79SCotU6YWqyV{_SD??nSrwP}9iUm?rLq{Y zg?5W_vMv@;E5we7HN7HVd6@BW|8%`ovABc-U>wXvx<5~~!}@Z~zv;uOHC504?>@UWSH=@=;Ts(Um&>B)g%Z{jH^ibSgCgGASgW*}eP7uU4L-*ho~>{+At2c7Ks( zz$EHy*L@LiWESqQw0d`Q;1p$8Yl!WFalb(m%)Ne-!6v;u!&Bnj!k@RmiW@JW#2+^? z*Zv3Nw%gj^WR{v1X*tQAH+=LCkOKsmZa&9z*QD0XcB`Hlf|fyuY7O&4MKoK*pX;@a zUC*gPN0z%xL=WZntDh0M-F>JbcU5k7nzF+h>glzTG?Q6f0$f$Q++1*Yrmd}=N%q2h|kv7+r=HuhVH22tB<39a$r3#u*7|9s8UVC(QN3p}25B*;h{2`Y)u9=X>&JLS4|6bL^ z?ARxa=ncWhrO0K)LuDoGhg$~i`}#PCe-fykNDmJ0O>c(3*nN#qI7=!c!e~ zLVTC1ZJli(aDLOxOkWqr!ezY~Omv6T!GX+!VI!-Hc)2r=O5)5(M)>*i@Fvp=TZ za8ngSsN!^43L^y}8TC%P1eqRSk7*RK?}c+1H?Wv-)q(xGe-Zrej_yfn`(_rM29D!g z5_DhX;edo8@RY|W;h+U;S~9V<4QAJfIp(x*dDzVly^j5Su+d6KjAr82*BB7Z%V?6h zRPi!ac!wW8dxGpQJePFD9J)EtKlxn9&?YG~r)ikEIqB~T>)S22q*uEE zr+tf?5$d8SoR^blvazSN_^G~4YiPq^;QPfxe6J+3l|QeewPvq%#FujcG+DTRqZL?w z8jsqxm_fg6Qvy6pLSOV+6^;pGGou3oPfgIEqD6b)BGO?t+r!`gaQKT6`ax2q?m~A+ ztK|LkwwjSfOe1)%AL4IQ3YxZQ8s$^6seVwu}zc+}kKZ)pL9 zNa5;bWLuE;m!HEl2Vbuqfl7yq@51p^;S1aQy(82MfFAzHsI=z6A8S7vpN>!_)~h28 zLCO=xaD3-`xDV>|$R)_jzOF#Zoai7`tm7{VR@EbK^2Pg;Le*L}+=b~T+%fh%Su6nh zASX4)-%Z%yr`gNfaH++cXs^QS&EK`Pn5*y9dnS(1p=VO=6~C{7n?xWGXkgR)SMR-aCTylCEEHNlL*7LIbzlAi>gI3HMxp8vbYr`h z*{#({lJ*CFZsj9i#fFdrtyt@bYWF!;w{o2sY_+Ky^oX?Uz#h^wwu($KXDTpXU5F-z&4QJ zfxh{h^}_|K(8IqRbPdwtRRW1EY-s_Q{Wpmdphhpkp3+b}tFpW)|I?=YV>o>O&|mE; z^X{gEBfvN=L&{wUoolnRUp%OJ_v-KYWeU(byYpt-LfcbS#6wkvBVsa|;bNDx>W>@D zo0O5K!saUvuTO-CP!Wp)4@+hmz5{8`HD&PH?-L!6fjddOESmqSBVu1OJq|ltous~< z(-Xc4?0)9CLVW2@m7By^YMz~8+^hZ+1a{*}C11pA)34t8lRbPGWY*q%8kx`dOMF$5 z%I_$E(UDR0>!?^07`Nj3NrVSS#y`6{Zu zLV{|La69Df&~_5?s4~b{c!>HTwsRwqnKbFP&puhoMzftE_`4wmZn``-J-Py3@N^%O z{Us56V)neCvp!`ob#-0Yxsqon3mH|SX6`7r7w7vTN= zT0F*^x=lq0EqONN&%QH74YEYv0$d%j&8Q-?^ru#aGb!g1xhl2*B?Aj@9&%q5q_djAKa*yVoi(L<3V9bUKC4gp$ zvuqQV(wCORO@F!|R(iPebLHi4%D+lJXASqB`d9G07hbp4ke1`qJssoCFy&6-%4VXL zidQ*bhLI;a+YTlgJGTk4LwB&}`@*ty9>_Amgomen0>t4bTOH^&9`21we7wMlhLs*w|=a@Xjn1 z-!gOgoRKGwtPrxjzSYN_ut)HF5zpJ_P(?KzQv_S@zQxx_yja%7CJq zNnyEU%w&p1!+p8*Ukwb>%)78- zYR@b8KcC~S+(yPK-PGi_p65kom3h_-{~oaP^4_#h7w+Y$9-=8w2QtNRS@-|xYtE{=9~kv#m^Ik=MoaY@n;J(MRM-o*u9e+LDGiLV8WP8cmILx$v6;D|&YX zM`7Xv0-r_rNHu9;wkJa6_{fRl)7s`v)sG;|Bc^FKcWClV^?rO6ia!xQwd(G@@l&@^ zXNXxW#{8PrTMWWy*uS&8{mkvy5yP>&DHJzG{?=An3m1i^C-hHu*m@Z~ss|5qH6R_% zd(Q8LyG$nsTYZcY&Gr-4@Bc&6p5{3wt7o%=4hhZJui**`PMRO8#f5*KhqRZkyk`C% zvNwJB35Y5#Jii+0cq;w@KtO8Scu>BGha$3}`TdC!+v7*$L23k~wlCk-1&-dNP{9OFh1mS#rB(w8-c)11K^{Bh1mH zML<@sZ3+u1@`yKau{n3y;=A4BxlBN6Yt5UbFY#a_^S4j-u*KTAJ+JLCF8jsbBNwCF zb|(?(6rs-NL>`_GpgXqP)s?8O?^?U`b`|H-V-R4qh`eMGS!h3IZy%(pZ~6s1dG)F| zXXKqUYugNhF{Z>m@>#;3DE!9=H7saz=DQ~KkUR4Vjaa>#2;}Egh0U1KmN0C6#p|6d z@r66ys$?49{i4{I%@sS>_>_GyX8c&(qNz@={gmYQXVra8rDC!tR}Z&~;R^w3RZ5s8 z5Q2pBWFY>&x1stp6!cCXYLbJ?nb_s*-tXov?_6NtJ$RV)GvFVLV9Qr5rGm(X-1Ygu zJ?)cOOJP-Kg47JvnZN~vV7{Mu)y9N({fvZvyx^@{Aprc7VDK!yHCZ1ZS0*G~hS#{x zDS_U}j-TL>iS3ShS~9Y}X1$UNRRERKYhCPr!{rsJUIjdxHpKajq{1uH+tLxJ)*b{Uv#2osS%)9Nv^voK{7|`+dT6~^iK#b|+5N}n_{IU2IeA;ymdr0g z{@3z3A*aCiKzdF1>U?3oPbNz;ef{Y9buwl^V;UIwvnNU{0Fq@SG9)rdbIVL4aOLOq z4;`HetL`WM%*Uc5E!2Yxr8fWu#20Bg@FNruf0Qs%WDbxh8#>h%aGq`|FEeWGzB@79 zQ++U*93xA|3XQr}*5CwHwW0goDu>$$_>3g}(=Qoy z-hL~72MOgkY?}k@28?LIzd08(ABuD<`4SrE_SZ<;ZlCuwn(Z+0TYmazI)PrEci)t= zQ)8bsB`n|VxR5P6EKPF}7CvIw((o+y*q9cJ8OEiyZn|533Rnqm*(x+}aoR3FM)NoS&4op_80|s0VamlNi8VX*-j#`d4 zTKaDLVIAXgZOl$f4K@{-{-dmurTE4Fk+oG^ajbYpzqZc}8>xwWj;4-tWve#(F>D&g zr|BPCfQM5_7~>?E3n9AxhFQ=3E8K`as^X=>tuPBg4T7)1;h4+dHjnpJWfQNCvLwzc zbG0W?8VJ&J_1zcB$N_mg(rHS{5W)YQp|DNbpk&mj_DyffSwKErl_B_(y!5t%(^dOy!Yy~85z~Mv_;w7JMwY)#=Ad!nbDAuA z{*k)g%ZRN-(#?8!5>M&0_;|ezMe(ZPpTBLuLzmO+zMcB{xRfb)EjGAGEE{({I2$`M z*W>gqUNWhZ_!f6;;uJB(;Ub+OL&(MQUY8XLNuLqRpe_Kf1S-FxE6oi7zJ@QhC|a#j z=InOI?6$aX=LA$XJI~b|?L*M?oZ|}E!KG|j%eB9!%&3`#cZaO;@MA1MEe@(zb5Z6i zs6wi=Io!{HkbXw6%Y@(e7ZAm7FIU1%iJLWc;1^K1Vs3ksvs1OTxQi_OaI}p#_RyC{D(aarA`0rmlfmvvIT*oIpw5&SEG0Q=;O9)mTKjP zEj6k>O84w^w0%h0ZSsjmztmxz5@Ryk74f}IVi9PYw4h$W4h#1MRu&)W#p#mT>uMTC z6jznbcf;tY`t!pb{$=M5otic($K_v;j=;@tpDq`6KOJ%))RRh#@XL-Lp=f~C3N6{K z65YrYGcl@T(;%yX_CmWgg9N>aBjDNjpQ0yeXq^ygZ@2i#vM1>d`p#pG4qr-&f>`u4 zViMjpnLEYs6&U7^%&>7YZWp_mzW`24WR*ICNwx!`1QB`IYmHwnN0-h-r^Nnw1D1z* z-Rm%!dN)+Bx1EpzZUN{6X^}3DxUm9YT;Vr00gc2yS$a`GR_Xq2mO`<*TleML3%F;+ zTiN>QcZm<1ejVImEcHD8A$4B1f$`mI)oomxSCB9{?efde>0lsRb(*|@-Kc^D+h)~_@+^O+cKy0=^ z=Z=1bQM5VCHBF_7f(vxuDrA;6i~BICmxfpkbgHXmt5}9+tjhVqITDGKVzld^K*OZ` z9Q8Fcz^S(EXAD1p?Pc|Rx9&FQMzE`;nL&}F@s4Yp2(|jcTLAQdP6F3VjR07;oQ9~| z4fxu4EgRv7HAQc?uPFj>A6H4ztm<)3Y*2!Hi*mv43FqH>nwmASO#Ig<5arAWZ-Dw2 zi+xNtv<~Og!{gWcb7Uvlkp$9XT)+Fbg^*rzniajB8Iml9*!hv!+O$q_vu%>U$fI!r zGacP#xKR*8FinpwmL6!34@@-qj|NLyAl)!*MgQ|*H&(HwN*F0T;WXN;{o!N%_V3Mq z%XHQ$zkN`1o6n6J`6MzXv5$V`+y9NuC6ziPZ3D%J9|^nRKP3PntzJ5c_-_7xvG<-) zO-0+nwt$F&6bm4|s309dKnO)eL`CUH?@j3tNC+h~5tJq%T|lW)L+=oJZ_*)z-a`)% zAcZfUcJDdo-glhe-?)D=7};}>wb!0=ueD}*W?#^m3;2lvk>31SJ&^>zR$VAYH+23k zIPV?Hf+>@$v!-A2zTXbbenEu2NqW)5^?YK@=cwhg)mGjb0O#b(raE1x*F!c=^zxOi z^CrMDQ4%WPwCHcji}Kw|<+-BbVKVFOA+>-g!1#CKuJ!G$`sGu$Ox0h`f;J7vO(B&; zn~gorX&T_&D`At!)cp%_|V1%=Pjm0<6X z;F?xeQBqvcvb;&k?KxeCbG5aQ;?ea*x$+BrL&4@HYr`rM=SA5w$+12iz&^HNiifmI`U_C#6og5(v1KUYqm-)Z zn%yjITB;}@(!169GFahgEn-hJIQ7Tgvdxui=oxC$z+vZQc)WSDN8 zId<85G~pykVb)o&WpG?Af<{j3E92H4X4XIDX2t!Pu0iFeJkuVfMr*8*ppYT&#M%(U z8{tKqI10N?=FHppu6l2*b0nTtEsD~EOhx&GhXz{1BVfKIoUyMPp1*)y{Ty0L z-_I2@S?CuB)JQ#FgSx2MMIuiJPKx~3t;}!qd+5S}zKD}SNWz#Tv;# z2?H|2)ONelpmX0%n=GuW3f=A|B5<6i-ekKs9GN2$q*AeeIg46?n|7CBaQxudt!2Oj zoiy7Z zNu6)yvj+FUZAk)yBGs@UE8`tCY7i7(b9Y6yWJV&VNc5$uR8KJk)q+37)K0WEKe-9_o@{ z(D+e2r^E>jgghO{1#MrJ^Cn`Mi^}JxzD!8guz#3q_6P?aS@tU~d{W}{bTXF>pkJ%d zdkz$!!+sulz^mE(tW;PAJncI5f{|dRN^>)L$AbM-0Zf5#Hch63&YibLR)uz^CSV`O z*Ph1>Y4w-iY;fi9v}qIZ79@-i-Dd|ZEvL4VXVj$59Rl(1WbKe7x z4M(5BgB$>rEQyt&qQ7J@5P+^>%dGHBs}YLEGtHbN1y5~`ka#IteS83IHTBN2{an}l zkQE6hM;<@^7Ri^$*gB!AVf%`%jYYyf4gvMOVo$J;7Ug_+S5kk>dL>pD3Lq0!0lQps$6NxZTYu}$YQSrJuaIJ5}dZE&KAxq$xC z_LC5u%b^Gb+-Yp?*aD1Lz^F&syo(}wcPaau4Z!NUZOEpwP*jPm79GQimU6#&gc zn|Wqt;fhQVi{GR(<^&9tV@zoJ5N6wPslYzC#1pvg=RAn<**PvjpT@AX;HL5T69vtMgyZ|scT)r>c`@#q8 zsnK!uTaXe7wB?KDiFLK<_m}H#PWq6_^3pn2D;Ml#D@)-mPE}pxwe(oCF8PsX50vq);Y}>} zYPkG}2pHK8VQ-wdQ?sg1_^VJ2+6}!9CpY*du3H$C32upT&rH^qJYVlJFf?T$f(<5# z(?#bI=}hT((lxm;dVnU9I0r-r$Zd}fqgzMY0d!$9*lXW+y|2ndK62)a(0`D%YPr}p z18>8gKd1M>d!EIS-?;6{D;Vx5kM1J_j^a6ZQe1-@I9IScgbpL>rm>=XORoAgeh+5_)NhqQ@@cNo+1-0HXWQQGF#R^yZW1c=yG>R^P zab)0rSQlQ21CvGQ}z6~(6*DgFdHeNU4$nEt^YwXxT74--}RQRdW!o}me*Y8m}LY-X@qfyC}$p+?)edIIQUiLCspK& zNh_0TDua^DS&=CM?QeO5=1A`vQ-8gPgB?Q9CLy2E$gYsr>>vWL@pJ8gAELw zf0J%LsBGZBAdK*4Eh27ZORK{xQG}6H+$6I-6WyTYwclIxD(vBk|5~te@#)XH7iQ)J z{s~2i_0X6j>cbGm=@Ecufmw*l^%5M8StTBY4w^%V|^0m;9`f9 z`o<3t=z+xy8}2gD{^n%8VPEQC@|{n$nqdFOmw#Vf+d9x>U7c2F_zDhj+6#I9nVzIR znCl&9(dvRKOP{OLW#IM|iDR8b-Wd!3_a6S2WR!%iO{J#NO*U9eXi6+b9nJ#kib{fw zgG(>h-|vEH-zzt|dbc?2nW2l2~Z@Gt8g9cPQc1G5{n zTi;Csr90&gF)2g8%MXk`PHk7abQ{}Vjqj!iT!mBXT?#G@3%>jSYcD~+N3G}i>5!BA zu2~Dy(z8NcANQt$;6kT>jt>vTA#H)x`1(bKs&W zO3JG9GsquV_bYc&xfYO$q?QAo%=V8$_!94qmfn&VKfZcX(y@hHC=u*^dQA(~Km$i`5ElYaH-jU;4zeA|L+a*kRB+t13-`Lb^X=$YjBiSDX z?)@rV#+QYA3dfi^88b9r_fjvZPsSc`+`irM{Q{frCpLYi)b8u=7{=n<)8K%n5qkxP z^t}Vlv+dPMiN76gX%}gFbf$QxD-lgtlwcesU2v=P9GhF=m`N)l2L%TgAmMOXS;2W%GpfFJU7 z*g#UyYpzs4T)LUOJG|uPE79uuaHL37(V5kD;it#MXF?}bYB{r;;W0Tt89av!m83E8 z$!sF$OU!hr;OIR**Qq}4-Q?{rLZtqNX7Gb1mXu`suPKHGnFX+gJ1vT8CQXby9ai;q zo_QZAJww^5q+Wu5@KQVAG!R?Tazcej-#OEhe<1{?@X<-et$bz&*-rD09aP~czB|*GjDv>hI+M8ku zm&K={^u|8gmv{!6^6Zwt5TS!cHUj%0`+c@lm%`6iCF%RWrM=ZK6b6ty^WE=~x zle*4)Sp3Qv{M8%g4flh)M1S6!d%7F3jCUeO7t_ky_16%idl5aE$3<*xSDlD2FiZL- zVwV>Byi(xUC!*(>>rnCfbL3reL&n6M!B_rp=ane7j$N~ken-EHW%*P{c-4!#2D<)` zCWYA*YeqvWh9&6|Dyd;!T;Q?u4)4nhxK4dx8gS>>F+3dtKiUOu@M2{5f8B^s4rktJ zx{Y?d*Wxp|i(E@&LwXT11>_B5E76Ch>%6j$9sd13|FO~I|*uPO4Mjy7VaglN-G*kr&GfSJvU6S{k|MpaLq$I^ zVqxRy5+e%){6~{9HjzGL%Xur!P4%^HDO1zoz*=P9N!9N5P=OhE!o0dvO7AIkAj4%3 zm!lI}XJ!m|?A8Yh`c|UBPw7w}2yMi%JeNKi(j)75u1m;;o%{eX z5%$NLmSFD_h2A+u#pjDNoV@6d^=vMzj&uGj6oNQP{`tCe|F2AZX1}Snu8A*-R;KEb zggsPO*lYL{{8;b(r{LE$pUx;(5w?aEhvqrRlhKzs6VYm_>vqIQW9{t<7Yf&%Jt{%X z-nS(a_S^%dr7I{YT|*TavYgA4)Q-15{0Df$sZg_#D&d7<}U6>X%9l+o$PZ?u>=s6YLR@c z`BNxnS3RVeW)wH2A9?bb!Nm_Fe{>2h^?6gV5inUq>{4rbFMmF(_QnBtdulU9c^%KQ zft9&2gTvPJ3>hb0%3d4hd`ricm_r<*Vr zR?w^|ehVl^vpTUkbid_LoOvfTZ?naQT4FRz!-(hNiCJYD?4T`EZJ$$h4pRT;?L^0%;wlE?)ik( z1w9lfSe<5EqPx<_1tX>ilG9zsnOx6&b9ISMyaYS?g|^K$WNVLCOz|}2Yf!@Et{J}8 zOMi;k@h{Blb_KCxhF56k#2Z+VmXkurj(5VXDM-Ull#x$`wvvUK96*~#hroK1Nm)nfx2|zJc)OkBv?5N3t^i_; z?9XWfP0?xd)%tp3OXsm3(khIn^XS6>(GETbZ8oSdECG1?*aWs;@V<#f^TmtUs=$sfuKI6|YL zm}#~(D79|Y(U8|b%J8!_v#-(&j( z@4G3sXN^Ygq}<_^@o1c1VOdF;VVPGG4H2;m1^qJp+T-MG&AG(g1ja}#$)T47)@GWy z6b~fCSF}aDc1^d}j;U&3Rdr9e;$_w=&1hn=4;V3<)Ozmz_NQ1WK!4HD0TJmrMnZL~ zM2oSt#9LRPxP_EtYuPxIXQHL(P{LEcC@{@p_JUPpwsf?oK9eB_!L_m2A=fSk)~lLNI3~m5 z^Ok~P0KM4siM?usb6rFN@g;s(4*h{Aw&Qd)|IuVrO|n*1)NDR9t(N$*L*kDUt%I(o zB-0_Ki&diEcNzM%_y;*~?BM4OF4t@IG)Q?3@v?k-OQcRcXX~2%Te=|whB<{D4-D@)pxq4TIK@6U zA1%_UnT3qmZE#3O?>+%_1zZgz5OF7MY?FJBN2Zj0x#F>_&ZxEOHrCCO%$u7t)cwK} zKb;qt`^y+RiFh3%=W{t5R+rSwdg)3@>jL$~xKDCIp!9AY=bD!N@n!Cx;8_dCNBy6I zfY57e^(WSewk&Hhd$J+H$`2G`I5(ZVx7RvYKb~7u10TWHU$U&skWI=b(%*bkH0|*n zNO5{!S^rMv>BmZ1I9!%I6?#rJmqy65qXf7-8{ zMzoH?N>-dIVC)aJ)72ZZ3(UIInlpeP=DG7SJb6W-e8aNSk4H^zvP~OgHgBSdjtMK% zF_Owq`3u9-QhLvCy&J1|#U?E17Ju36dO%$_(TcLqD&J=HGR58Fd#EAlI47upt9eN* z&RdC)huP#H%fT@BjS(H_Iiz%~z*xmjTfsC^`uzQGWJ;O)nOo9B`>HqTIDH$R<2=DF zDnoX^4d@4C8D#BD!mpSfnaY1~?Lce`|Ip>j(;pi;Wjb-cXt897i`9v_g z0&4PyKaA!xKCD?I^8||!9^cpi;NIZzf>&(B^aM&(1P9M15E3H$|Yb4~{`fJh6 z?o8{A%zhni%O)q{yz$(^#so@H2Q+r4sJwUYUUyu=Bvm2sV5uV;n@MY9^U!;aRAY3` zO|R5K^Wv~BXYWngVWkfYpF=E>5nG99a?}2NlZP78^_5@6F9&g|sgQ z9%RV3Qg{8yTp%KUo<~Zry&tV^BAfvD46;HSur_{qdW-HU#tXTW_}*1$lALqXcm37t zA7)De3i0-hJ_oB-(@mDSviQ@xBe>*(wh@#OfA#EdeRrwaKSh7U>N<~Cs;cpyP2Vuk zJ7sHyAhP<{cG^a2;6M5Wn59Os-CzIkQrp{~V^&Kn!;gvSXfI!_%6yo8Al~^W0c}%j z2!78}KJ|w$kBKz9`8iFmurKZ)XJDrCLlL@7!+f8r|QiNg^ip3<2X~Q@1i!SF7(v>i6eXnk=L4qN=6O3Cj2MO-DO6 zHw#2mz78J8+Sn&`NhErH$JNY4pTVuW*#`>Hm7m>q&ZaNa zrW%#|1cT(JL_xbt>hnVFJyTs@UYBMSq8{7*$!S;)ed8&M zYK#E92x;lb_%yoGxBlg`@3I)wJo$(tmdBBq=QTp5e5=AdWCE!Er3YqrzcGsPpo~|^ zYIo$iewCPFqzD_Y;%;|-8%>ceN>}rF#MGrDh{#R*5ZmCM$pK02R# z&fYu($7Nl7(`LFLcFgd7^ZijBr%5k6iwOTzZx%U|TSm^AqyDGAmMgZB-xUm55J{bT z6;1E=-eia&_9`sVM|`-0=CC_dTfdCE%}8Nu~WsUvyG;Si=FO0dsfJ1&OPa! zQ%{nvr^}<+8J&Cu$MTE69zRVfnv3C@zgSBI*?T|&D`2Z1D)8A+SgyBocT#Mc#^H~j zvN!Z9q?uZ4r~-G&&+DEM$&T7b5@zkgKd|!B*$%||osD_5uTv+BcU9V7?Ob%IXcP@f zg^5`q-gQ-UiO;ZC(Q*-H={L*XVx2y>Em@&el^I|jR%@--UkwX;n4+H(v!;B0^cyA# zt6hIP4vy#MP%zSt9C5!|ldxDmy0Q}E8j~zsrrL!ZQ`#&u54x)}6q>+jK!1&ektdoE zo3UZgm@LRQqpaZdEA-ogwc^wW`m@nU{Ah1i-;a}NEK4zXBi&-AEZ2lc45fQ7ffpF9 zgcJ7qJ^8ZHS4ej)!yf;10$YKu^rCESsq#o=%L1xeMG)o^kvQ?Kz2Jeax%K zA5S}w`==sOD}7z9!i2uBApqjiT=Pi!^*X#x#yMfswZW?KuGX4Ow|R$>$)4Wx-VGyW zmBe%Vx}%Y%Ao-ZDcX(Gl24yf6kNNVERtTr)RX=IX*QOyewu&mg1oPd3LPt%5z6X%! z-yMcaF)4#eo;0j~hs2KCMo7J{{`TJppsO28)5~%X`IRJ{iLnDN)!w)-33uHojWdBu zQ~H}_ir6<%pjU3tv;EpZ<9EYG5r2h#e)}AYKAMJPOmM7P3gbU`d=kV-D8Ak>n$3J0 zLrCl1(%o%v#o_baA;eP9+8j{etcTKx?bY)x$s#|ARF#Ka>@bMae1VUoj2NC`XUrhl z+r7!j6Eq>WvTB4sInqA!{6df%DN8Z=X13*DW=lxp@+<85nt9x0+Iat!>cl)rbYNk&SZg?2FW6;BmH)uE}U? zXq$Kr^ajt(dM!CZKh@!8`%pHp>ty8Y1TmY?8krz$$Q2Yq6B``H@cI07pyA!_O4-Os z=RXjkdC!*Z$*%NZ6a>E!ySV%X5&GgzeTE5ARD&2BQ^vhAeH%w?7Wz6rO~2#n`Kwp@ zu_VRbWS5s2y-wnZy%|E!UrHu$bsCSJ@^8*;((q~Cll4_42MUsUuH$KSj?(YejmnmL ze$yy@Mqc}_ul8i?Q_^}64WYNTZEtEkEy-(V0gdZ@3okia`RKZHMNjs&omR@+9-4^MmIxCeyluoCu1fz~ zay1p{Nk<+)q@hs3=mG$8zZOl!-8~g^xLYug^+|{x@k4-MciCL z?8>Yg;X^u83U|5AH(8aw{aYW>m{YmY+Wy5qEM8uK7DYa5BoImc(HtgO@W1jP?@8Q0 zGRaS*OsPD&e@sL|W`!yf+ZqNZ*}ll>oe=t2)16sHxkD@Y>f5G@nAKEPg#*z|9iE)d z!=d^%L5{zM+aI$k@yyx?#@#v1ud1if{yg*`-S2K<=GBI)9OayEJBO&QRqa}E<$u$< zQKF3E)_fhD)PWMq!aPUPWh|+GqHL7BNB=qYmP(j=jjV>SjGW5HlF1!jlm2QSzKVq( zQC}Qw>)It*ct>ob4)Vktp>?vE7Hu8$fqhTeORt)SVs^tHF%^X|mAt%6vUHZs-|At1 zNBGXd49YaS_v5C%6wTt#GD>$O^Zg!ItddoGx%qVGbt2gl7@grN_Cg7YNN8?Y)WSME zLKf2TcCqn}JY&3J1We0qv+lfk_8dFBK(_;K~h&p@SukIfUfbX#HDBme-jYdnSY*7sXS zAMPUa#L=nZ>&58ro(1YO2nFS0r&|}hVkP<`QM=P>w?(T{m4_b0%mq=lGpk?UHc=$A z(O)86TMSCk^`#z>_{}*bEd;byL`r_giRDwjN~>?kamYjHRwpJ9W#8JKGv zezxS@1^0cvu6hNNw{>2TLAC}G($Pp?vu}%*-(%=rXRZ(t43(=!*)LRTp;)JLHL8q; zrA+z7&73Bs7uUHVPgnx_(_v?*i^8YvG|cV0KO@Rosb4r?tu}KZ9f!DI&zQug1!~!= z8|6%S*%P%!hWp@7c!K-|L*rM_jMoWxb63M#|pt~gi_ySY_j4DOGo805#}?GO!l z)G29`oh}#egJ=`B>&;Yr2Vsx7)Ij!hc;s$XW%}o>ttNwz$cbjpee5W~sbt|0WDuff zY+xAF+@q;a0<<3%^?4SJ%b;H0o~x-Sm2@eo%U3CwjrsJ%$yjM}e1gtmm^XMPS{q>h z!SbpK%NBTJaAs;de;NInS*;eA39YM>;Wyje`kqPK8{KzQ&!0G3_nZX1P<1lh=y(3`-2wYW&z8gsb)%kej#5F&R0=G8b?qvdD`0TAP`S_-S?=w= zE8M07-|#^nZc_y<2PQ7=2>v=p!QgqAwXM{e1du1ZmtY*y5TC7*@H+Do;#4kP006I) zZi=WYQ6H){X)Ln3>s>$>?a+RirRB#{{JFhO4%*`*DHZ!Uevt{wHPZXhuw3FUN<)&rsSk1o=DN zjV_6Y#lyE2%&v0!Un2ecN3#rni8k5KiM}H9o$Z((3w0pAlh@u=C*S6tkU=$ChW3y3 z%--)Rq>W8JQPTb@+R%vgO*_dk%xTd_88eIn=N%Iw(*-D>6L9r<@9duRdTAK$DWNv+ zs0K5OPnermf*ZSen1AKN0><-S-m0`+9G@xQf8yBhqV=l_IkVzSvORynKM^ffIq4JQ zUu=wVU}G|?mC=Wd81NnK6ClviF-;YF7rHl8m5U$c#3#IgEWS?p_EB;uxfu=bj)ZZ9 z!h5vo#T#Gdi^6;SwC`*Y8w?U?i%jFJD&36CqG>n#%a7E&jin|u=qDuo>eGT{THAc& z(#RX7#+wgpZpbz7ytx?BFk;v$*ZJkU$ov6+gEh~3pg8Nu3n^grXg7~Wl+ck}rh9VfA0M0&0lJ-= zhE_L8Q9qtw@oua635TopY$q4yJ3pP;PBhcRF)wEDb%aVECfMBUI}@M#zGtCtnjUL6v1Ybi!N~GM zrxrYxNFTqtOs8i_vb80V)Ax(bvFXSZindy~FQLio%bTg%6r=jdA9BCNP46=QYqQpN zST>p*iEkVK&9zVK?D5M8tfc0*yY;0vXqi);iFDovphN&e!Ffem58dB`^S4V8!ccXe z!3Ky-IvysrU(0AUv2D6KJ80XJjT9*i*IG#YySe+%-Xyvghl)CR~P28r8jr_wHWif3`3>q})S>XOCqP_v81dL4v0B zRh_|Q-^bRbG*Np0&5r*uuz!4~9ejxdov+SAOVpMH1>t=xhhOh31Z~~%gPyl6|9S#{mlgUW z+p3!LZ@T#JL)v8EG)vnBJR$rCvL9{`Wf?$XO8?`8{?k3YtR||I`#i~^@_!&3MwG26 ziRJspQuDt)=qGjLR}*uI0Dgu4K-SOxs8s7s#VbcI<f^gqY7%sKgV6We|G`{a6O9SxU>^CO*l09SJH-#HTr~d!m5U=jn1-@o zY5D(P3@<3@M2ET&t*^NLUCsaXr?jhxI@imvcKWXu{s&uS;v>GR?mAQP2LFAI{s*DI z{U7yd;>`&dCNBR6)^C+X9K-)j@Fmj!o8Z4H?34e~;J;ed*T20Ya2VAsw1(wMG(oLf zI#s4uL%HHLRWoB|S8qz&d|ckVpGa+Oty?n`+bfY^nj8{V;cdDHUm zEPzMORnu_`KV%Dr?*i#eRz2f@ps*u2LiYP33O&P|6-rmnWV(fOG~qqlR{C3^RG)=g)%n8yluF|#18 zmAHu0eM`tmN6UxWEhJ|BNms*&R)1C$y(>*$~`}i!Ky1O?zT%hOUeU_JF4!3P4fol<9_u^$;VKjkYk zQO@f^|9NXNp}mkdM7h$p7q$!~zSh(iFl^hATOYsCjW1X;M=r?>nu zNkG{%$KrKE$1K>pEr>5(Gz~_qv=l4L3x5499=5uaiMHB%(bH#K`a-1`%4bR$ z_Iwvm{>cg^F9dOQ|LK$00-rx-K9UF@Lx`!I%m}Lt0`94~k>$Ez4avpOL#Kxv!ISU9 z1UHdYN8W|M9JK}zI{;s&(gx|$mpM31K{R8iLuK&Ga<;NnoZ|A(xFg3gI(;?mi1nKY zV58h?=Nd#KrMm=1wR&8tRF+a_lG7BQk#=!xZ`H%YvIW_Yt6uk8_d38V_NZ9~j3ZQG zT!zj!pG5V0AdMf}y@-~TE)(4)t+4y{Rix4=E#@>x=y`q@H$LK8(XW6c1a`!b9<|P+bZY!u%8YIq}eH$>H;rePr3{ zzOh^Oiv>5$JT=(x-e;vSImj;{_4F^BLv-zP)JH#E&yi~2TYdPpirSf^Lb1pBouW}^ zK+&f$!(-#)(FO~MwNW&#aPoY;L9em?%!Ye_==K5{ti3Ke&KMdmJ|lO${u5T$p_MLF zK>*+vjHJCVPn6gmmn(TGu#c|0jZ|3Zm$k=IA7kGS@#v52gf_TIJSsQC7A#X*HxLuV zu^q9pMK`O9((k7}+Cx@D5IPE`T>f>XJyH7hYXmM42{RSN`nh z%PYRj1!1bQQp&2=WyxBWYkdmS@~!7P&XJA8v*m|I!(s=znu~XxFzCbii?mHIy(3I8 zV8U;cm-vnXRja-C%h4-2K-12}zm=STzfs(b5h#v}PWR!jl$=qohIG+h50Q-SgEju9 zm6u0*Dtu_dm@JOR9eUT1t=XD-mWE&0Wi*_$ijTN=@w|e$cJ#)%A>UT_gwiU+L`cr6 zgOJv?(>YIlnWPp4lJF?!rkxz=11({?KOoVQ$!3WvAgi_fhi-Obi#b-Yi8 zlJN!eo{%OZsLUVQY#HPtd@~58NWKYbo#3u)l=*q?_ zT!Bco@yt6i2Pr#P+u;>gBq8ajypFtIcMEV-|7o=^;g;po`CBwS(P58VN_aNuso7=G zPSLj+yfn3fSg5N8VZh=1kDM3i&S2Jof~AKk;`pe^Nfr{>rrBP0J$cpKgP)S_-Np|8pFl%rgwuN zWWi6uYFVcx#on|hfeBtDj9T;&oN9U=q=k?gjPI(uCl5xz8XyRH@ke^lX)SV1b8#IpKo!3m)ts$0@eVzA;OLI5154$Myf}5;_gRn zc`-InDqO@5eesFTRyoeSvM97ut5P*v)Z#kHxv1u`eQ4IS{fnB8T~?s>v!B1m(ZyV< z(F58Bg9j{|a-}ag3%!Mb}|b#Xa?0_9d$uJ`W2pBxiIy(o@n?3KaHWx z)=OXRq%L1MK*vaZ^V&mjL)`U#78-57(sDc+eFA5cGEhT35keyk*I%(Y3P!&+_&J2e z8z?}&FMQMn%7zPCrxkUH#^S66CSL0ggGStP<*mIc*@E z9b&ktzo8nZR8SZ`1@FVCWT(Oiy>nB&yQ|(STTL<^+oaeG!E$Dk+q9CJ~? zZ6@580Nc-BnlGI8dw=~9p6Ue0kT_4SQFw7caUb|XaX266`S=iT3N~msd?3;F)@w&C zBctug_r8Ub4ISntPoF-`JC3U~n*!{etsgB3DDn%0Wp&9dlw>w2M#;->O18x5n)tmJoidG7^9;ZToHRz{cNmGOtIeK1J<9=HVD(jkZUT^mf{sMOE14l?nXo+o5a znut^uH&Cthr=mDeOD4Lx74{GqqBmAwFNsyc#^@EhfbN?2h)q zSr@ThMN0Qkg@TDHFngy5`tjRj*1z2P)Wy6f{`owe^uPthBG5Q7DT3+5Yu^ET`4P0X zeIHj2qfXo%d{YqbJmLMO`1wp%7MLQu0#)7$*qxwff^_OO+$ksQz)msbpH)F8t=xNs z%I`djob`5*hh7fzAqw4U6_AltOjGP$LeQ;Uy+vP~uaABSTSC#%QoNsdefNBm7My-= zw&P&k9`?S|9%4}QsH#CdEP@R)Wq2g#8Z+wc_xh(_f66C28|!-l>7a%xFl_(bWfRND zv>SjIdt3sIr{#yT<)y^^fNlU=Z@29*BRN4{k@s7p8U!sF7Q6c;u8ZR$+^;GPD;7^o zb-hnQ^&N}5-$8(w>|1@Pe^vga!P3cKQGdF6Cy?(q+8Oa?!rNzt%%Ew^VZrub{r5#? z;;Q$2ys$vaGORCs{)`7i%g)B+w{syVa`NIWu`B0XVuYL@vyo|n$hZR7+h*IV2`kqm zXww?p_*e!cqUj5|81Gt0POzK=A_W8*EuBmjQ!$>0UVcj=2DzJ!va3z>bA{ygPG-lZ z>s=N@5#vMR>+$jvtVQs`NcTM1<4sz>_N}>MwK(Vm@?bkxAl>;bfBi1yZo+oCamx7F z+U>$}`HP1qvVsN-rf@yvJSup~w?++a8Mq0?rvVN-SLZ&1i}(B6vf)Q}*x0|UK6F%V zNcEM{WAc5DI(+h=+55wrLLVdP$F-mPmZx=&>wKNBM2V}x`vy1aTLA{Bz6I%8e4s)u z?%fL8xOeU3^7NE6waV}5@$vPesJLh-M`!(Ibjgq(uE?X_tA2;$;xW`4-0-W;uXIA^ zonKNCp4t}EcE6x&+q-tT?Vt~NezBw$_D~ljnBotik1vdp$IsG!M}mg%*=}qSpa%GE z3zQ6(4xXQ{9+M=tJKdl3AfB4?JX**XIZa)R$JWcLV1@n={j-@`1ND)>2!Z;x&M~2dIpMJPWatgM(^kzv4(Kx%ulFs zSyfu@x4DWCe0L4uE5H{0W328MIfGU80{WpNLb*t|@=XW;Q!S#_EPE$Q#G_fl$jth; zv(=BGLY0ZfnbR#HXVeDqBBr|xScM(dneQ_#2t^h%y}O}hnlfZ-p9hQTzWsbY+2!_6 zZfMR}@)+{|?FRI5D&c;Rg~&(1R^P=!-|F+pxL(Q6C&q|X>(x}d=7z%M=c(&kx&#e- z6%nd+jWqw-#%+1RiC)REIQ6^J7It60CLR*>Ci6F!04l0GSuuiU<|2#p1er>+aH_d` zRDvcaK84>SQfpv`!$72}W=Yi-S18zzz6*Vge_giF%7-c5CzCm0 z{TA1oQcd39@ABlqrKQ8tC*kBy+YNoMKL_#<*JRt(_CU>vX72C3UIZaghxI9Rt*5ws zmf6$pQI0q4AFr=h3**xsn6Wopp)yH|l9)U7FrUWo;rc0}bf(k$dI979kZE20^Vhxg zYNtkhETV9AmPoy?zsVVeN|FT4OnwYilfQOMzowA8Uy{(&9&;ZS9!Bmg^rKO%$%}uQ z2lun#I4`weeERd2J-XcNmt5wACnrC7P_70lGrso4TiwQQ3qNiE^n=*EU({U>g$bND zad?B$&L7ENatOIoJTFicMP6ZSP?j;}d}=vK@8oGcY3~u8q-U95786HH#c8Nm;&Og6 zIdx`7d$gY)GcV-VH$>p^0$ObUWvt$wP2fX0fd;M0fEQ)rAmYN~*%$W#EcST|T0I9% zD>zv@Ym}_I$}_p&vn3O=uA|f}+sA#V^ZS+G98O8*&A^0Cv`*)mIXcmv*3D0TN6Hi` zzbm^3SukhH0>;9{kF0BdbXm*DzKFk&uKA4?Y2*hV6XEFF(~2^wt_Ch~xO2qbVdp;h zxi=+he{$41A?GdLylZGgx?YMH1+H=2VN6l>>Sk$k$Ciqjk4RZ4zSx^@NUE^+&e)!^ z!q)7>QujbF+M;@LiA^kst=uV4J1NXKlXDB`xP=$M0l7-*Olz*f|qSM;fgVhd#q;qZ!nfR#u;?ouQpVFym=h zx6bMHE*}%mcTSC1c?fC;Z0#6g1z(&1;H6vB{p|b|1brTxuAgp@Vb0t95$A{3d)Vbo zPBFhw(5>n9)c|GoSQ202`amI;K7(bVphB^X_5W5D7D!6=oZT&V3Qpb3ZX_ z88zn9iYXmnI*(yn`%}rv^+CXuZ)*pNDKkE;z9EdSQ}AwC z%K^0(KreX$^yh4*;xmMLzM4-KaB%R%{k=U~vQ7vbX&MsU^h0M8qD52#LJAG~e69Ui zQXx8NZ~{H$t`&`}sytIDzZ+sSk+5?ZIXI8+`DT$+-aKkvXbD70<|o`|WRGT%rY#w$ z#&2|!G8HI(5*hY&(3{Ia5J8MGaEv7fL+?jtt@JkB_(5=4dYWmb%=F>7h>}|b%}yha zVj0F$(iA%E4OUGtlJ>pu1cRMh6&!c>)I1(f3IJAmZq$Dhrd`}|WMAy#7)n68&)G_a zJG-RZKc}q4BhO?g>bmW9$0}}k-Qw|{_UV-q@OZ5do!~VQo)SB|wgNp1;@j>(~C5aT#c1H_D8p~xlW`q~M!LVsQ$YqVsw9eb!=}W2p)1L-HFq&FKpPJc4 z&tf$LjD9JKq<^>Cutp3~_pz|X_(sy)pEnLsonYe0R!fkbezh(|n_HH4vFCBRs>0rv zz$0Vi1}|R@@o0Lz9+mz`XFa6p*QZC*Wk;oLkRp3{J=Zj%syEsSjhjP*0(>6lyo{88 zkZa|1x=?9n$pA4$h2{}hkBO-iKWi~#>n9(5-LgvM>xJbWKU)u;I4gE`NawBpxEA3@ z^zSreqlflJ9;-OX@)6{x$}QWpondH^`MKgxrVL)PsUoQr1cY)(G8C6ddbSlZWi-pO zu}^r*{K0orW)dc4Gs^Q@mq%$=x|zG zp?Xe#cw7i;>h{c<_PoxXbqJYTpR8$0t3_b^DhcD{S4UJ1$g!M}p|4gZSW!zzz}G|O zdV+A3d8eOn{3Og!#0g5|D6OtrrCL~6%1L1jTVhx&2*lf37|DD+f7km(8YEY}SpKfa zrqL2;Te71zD(A;R6Ud~imU3n|L%2F0>!hcuy- z4fNw}@kZTiO=R2k#i{YRZ{3C6yq$KLjJ~?OJTXIZ$lIpaB6Ij^v9ru&)vBe-BX5Lg zjX4G}xyYL8wk_}FiHk|-yN<8h#O$M*|Bt=*3~Ta>(tiJ-fQo<>q}vdcD$=_Z1O<^^ zgHi(fR^9fZ zwrh<|Cn#D+At#>_J#1GS}C5~oI~ ztJ5fiO#73TMX;g=UptLZKU<-RgKYv5@=|py{5(gbv@b#`dMi?9H*w%m^T4-igL5;X zp!+zKO)2OOXTYL_##fLtikqgaGM6+ZkaaVw0EPAay)<~ugUNy&9W{C^Za2*-7i91! zH%%zo0RwzG`?twK#7dv`7G1dRA*BK#KyhC>BuRqj)hc_!0>*q?^??Da^?BRm__P9p zPT=C^H`wMoCNwu0@jT-2&iYh-oH0#najJWy~@F? zd!SB!KX6MO3(jgoa$@mYd$-JkKFH_xprU7Vv+RyKLXVCf-{QVL*pEEB{zOWHaZwYN zCDMmNM6js>Uj>8@oe0UJBy)*mDfQrPkd52kS>aIeR%oM5ARs73URfz`?5u{c+~Yb? zgw+iG#j1Z`^S=ZOmcCmL?iEhpwv+Qlf@+WdRZlllINp0Iy|KLNGLavA0ofL0Prb(r zpAKybP*uPL==zQF5E~E9(fD&byz^M!12=GO${?57vi+Wz2ipz|XS7$`Kvtt^=eU%+ z#P3l(TqTSmpT83Ad#@BbfF3xj4A`_xI<=gT_aQWXEu#8osI)yBhmq8Xk_rMn|2&U% zz;Ed5SU#>I)X4#tdDB)Mu!k>WnkhW+<_W2uGs6YuDs?BV@~L7nhL@B>P7=eVd5%!W0xY{oS^d>E_95UIqsEGU(Gd{TM4G>DNk z^I)pT@e#tRJE1?aTWD>3W!Dd~E%a62Tv{%7>Aiuk^sQcxdU`XN$%DK14&Uij-m|Aq z3XQU~?Tyy>XR)4$cs-Tz*D**?7|DakU4K zF&XjgUl&XJui4DD94Xm%UqlK{nH5rCg~vW>(9FeoG%}^S;e83wKC~tKTLRMX#?a=q z!=E6!h!>vjRcLOzF*W~&aVjQ;6l)BA&3bBT875(0!m7|%sTSAw@`Cb5UelYuv zU!j#eI%CuQPJ3~3W;Kl;0SH*p*y%b~UW#?XG~}JEUtC4r!{Q**gN_m2Q0wb8(X2@C zx91MtFiICPt`qqITq6faHQ`jyx3GW&y`1TtMzegrEVf`#2!lcLSjSM}cUiYf{&KBW zNw6fQeXEpjb6OMskg8V#H%~qMia9(wopo(0+RfQ}Z5Tv39^;M*7}@6;$cb$*3LGj~NXeG9^+a!W@EM#6rJ`AB`Vi?KZYQbPf>@|f45 z88~E|Mu1lw`T=sK2BuuMo+DPDVERkbYm7v~u<}39ki2aS9sJGDu7iNiu^AwH4}&3~ zD1fjfaV^U`ZZL&Bbw(>(5r&+UDhxfhm<~fG^&9kAiArxIyV5^WIXaZg!o@!b5A?#Q6NFWbs-q`MKRy zx(WtsN9UgH1Bb#Mi99*xL3`uozHIB|t%W!^$m;kx3pYgUkd^1pfNb#dpG&SxfeSHlpLI=3KxrLoc2CdhzZbo7*!!mgjw|!B$p!a0)zJrmLly-x)=Z6{B<~AmM2$>Vg1)@1_ zUjR`bKB#H-3S3RWPzE1)f;bAORGUyBasF4bhLl;u5Ot|msukT0{>5c1oV_!{$q?st z(6)e6A4+y-xHJy%>yu()B7BKCGDa5A7Kf7Evu5Fc)qU;TG|eB#G>cUQK!DnVbTvMW ziZcG#v6WjKTpH9LqSaSSBRb(tFJn79pJP?aeS@>2Mk9^uuXINsBfr+aj066*(v<{Y zyH}(*Zt#c0j*hCYXd_N>RPxJRZ|0~BEE-sRy`vfxbqr210_M8$PoY=DIf}t6DK_%{ z?a<@HS4O9i;~W--5oyy}-Gpm!c8z^(h#Ks5if!u})&z^xPcSVX0b1LEd=7CXHN zSgZPF;turRF~aTChY*4Zl$-ju^=EzEQ@f859|5{u7wzzdy!X`=#Vb>AwLYO%L9yRf z^0{o{f@teBbEP^E48bAgJ~;jc4&7XLGgp)tzmm9q2y~xWOSiJVnA@ou43RggOHrsj zp*(5CX5uvIeNO1c)S5`MhP+lw|6MoaOsBhkcbXCw6YJrVzkIf>*uCi(|G`uuqSf6A zJ9Rh%9jNp11yznaz$6b38o4Tz87u!7Q*-&{vJDhXZr;)<)qVP8$_S0kAPTe)s^C?9%A*y7vZZZC**rXA^ z{8NNlvjH+v2i_8zAxuAV_pZw-w~oW^j2l1LO!Lzw^GE&2^%hGb!?ng5C+754?Dx9I zwLV4KV+_J{);ybuWPwQ|37P=@z)ghD_b3-`2L(Kh_Kn#tg`&z{Y5Ov-7+VF3-*mnA zeHK1vow&m;g;Y$SM5jBK>EDjJe>7plOIMZvGS8{d(s%5z4G+O0)tAbn|EQ3Tud#}1TvLG$%)X`ML z14}A(vQ1f_*~z;yYE*DfecofIA8y!LemIBg2h3OM7j8W$V(BY4DB>wO(VWNyx zJ4;{JYH%;3@Sox$6))j0@RVGGu~8lTl&&ylbJNoH2f0@By$HJ|h-EIl_O zN~_bhJJJRv2y#-FEtYLYfvsY)Bqth#Irra*2V1TJL|5F z@wEN1uHt&{t>^6Ch|I77zeGVI!Ab(L*Y?cHaXr@}Y#LSzk_SLoqz#{OpQ-lZ<9u9L z11bx^Rpa{lObYlNE#h^N@ zTJBes@^|Km4tu76W-dv^HRcr)DXsoD>wFp?_+LF_VbC22irhW1I^4;%kC{rhIlJKM=IVxW;JqP3DTKNZr*Fao%A5VQ_DCp7c0G z(j#PzZ_Mo2H(Re|`NNQ9KJgFyR>$|AktYfL-@lwI3?c<#HXu~VT4D>_M}2!Uc$K^t zCWya!MAJ@oM^jKheoWY+9>;qu5m4!J>D=t#QOw9rUUYx^>M>bxr7deF`KpN~cb1yY(iFTgpfe>G{HxX*{*6mg}p}ohU+ZiAm>$>hbmJY*b z=%5+q*bw0$)dflJ&AQxewB=;s=TqsH#1Iq!x9%GiOMT73B5o_p841NR?bu^N?l<3U z39%Fs!ksx>Zsk(n?(bb=q78iHI?Sb%#xmQg4FQdgv%Bjb26{=O3cyJ$eZb^n&8f8m z>zSLE+~2b0lwDqs@3@Hm`0K!OV>4puPho#9VzxJ44?I74^GwH5HsqzQk=L@~@Nd?R z5E%*E4XDK0q&cSd`B28-U+T*CrmOSJjt(q+5T1h8kM+5xlICGu;a)hG=c)!?_pY&% z8^3 z1&p>t^Qksm{=|}dj$~4+nauJHM0fScXTo>9wpkFW__XbN@8DtUFr*m5GC>HgP=KT; zsI;-Hg)d7FZz1T{xO>{J4{2T-hAk{F_hVze+rE22b-Q<-J>Kk}u|PI#0QRnh31c_F z&gMSBl(a+D434p?6a~>F{9V*$*1;@C6>mPPiE*p8Sn-FNd2E*~Wm{LtyJY$JWUxOk zJSPqBy6UJAw6OM1)|}@(RNyyOHfWxn=k?F(#ICh(^B+0TNfY639o@olD6&+w{M$=xKhpH#%viALO)k9i2ES&G3vyI(>;eEG@${R$ntDG=tpk>Q241Y z)I{ofO^s$nj<-?RUH|NdUp&IDPZZ#$HK+4dK#8dIxdlVK)r7Vg#A1urd>L z=D=4hyi)_frs=sOEfF!-t&V*-n-^)}$}bH^1oR;vE1kH()8mU_G#Yxy9*3q$hetL+c4i~%({~QkXhu)eC2ePmiTR;b zbFctnM1lz3kg_@AT1ll?45=B^>tmUp#5%exP)6$t-(5msAi0WH}rH2Lso}MhczcECyl1j;& zfFyk2kZ5a`XFVz3dqU{$FwUOIo4XMVP$9&xsblzKTgz9CfcLF??ODmF}Fzu|FME2G=sr{uZiT}hbX=}o`iLvM@YrqZ) zq5K2bKvxkR$qB(=BtFoy@t=D9G9hr;{43ICt$F?vJB=mCqe-)}^+%kJuUpW`Y@PP$ z@EsVi#>R}>t)6GFqy1|LY&MTuph_s6Jc5l~q_F^|Ev1w!h1^b@QTG7-Hk!F1P<7IS zheXZfMA9g6cZzF|?a8g}mx@ytiLVBUla=p8+53Vo+<6O?3zUwU582^A^;_K_|H8v% z{GR;yx^+bKyu3W)geuq!=$L&6W+Zk!v{Wh|b_DwgunS?8SR+#1t!u!pnQ#`Q#7&oF z6tgY2bBzsBQZrH9Y;~ZUrB7mLgV{mS({b;*fe!i5@;SOlPdfTx$778Dl}lzi$(SbC zG^O~Qw%1^&w6ohgpqTfkME*}#6^}P(oob))=1=Gh4>V!32=p>u6jC^3!1aAW;jIs> z+f@yS*5zwM!xU`*y6!S)F7z|7HMwMZ9cDY+kA7J z@B4(hiKEA`rf*g5m#JB~tLI3^R!`3< zb_Bi5mp@L-FOLfc=}xvmH{ith68li{-X}G0gS~;ZbIqYt$$yP~b;nhAg5BB{8Fj8f zDgiYddbxjvpX&xc^E9(3w{7i}1jrs?YwDU}w%bi#?8dNYF4?VTmjN)69*1f*u}qx@ zx}rq&&DHAa*wZcJccwSe4jvc@`%etd3WEktg7v=7%?J!GDD_6DG~`wQVudVg{DH?- z^iO~3w+23Vjjftquz%nn>^WgD`>EJxH;BV>aA95pZ|>HH_UvHDJ-$Z8!HYTua!sv? zI70*P^faFt-&y#KHv)`fV8w;nPSf|IghHkP9{Hyp7T#IB;or~cvYhkw!2A}6x6SkC z^FG9Y4{&T7TR>$S&1CFKlB6!Tw4WjO^{o79QaWfef%atQmg_RUbCzr!Xzgu>EF#7o zP5@G!wFB|v?#sWS>Rc&=q~FIJZYF%eL4dqE!S?9C9RwL-@#41Js;)d=IorOFaXI5W zkPgPvQYW0)4<}J({Gk(tTgrz)o*Aumu(U(6*GwY&NJCmP+PgO}ge6G@{IGS#YW|k0 z70`&wo2NvNTN=(YfIc?N@>D$CgXv8(C%Zfr6^t)+U^>YzFu85pKHZue8@R9mMX_v@ z%h+y2vcPRMtL}uU6w6Uwt4$IP@@?j^0#&}1)C6IAwNa zEnZqv$%HUjLs93xCx8+9F0hN6#aFhx2JXOw8ajgJA3JGZxO^%XU^Mh29D>Hq^+M#n zeAFpbrMow5l`OOZ8vxCiR8t>aNloKFdrwK{gHi0=6!8;;z#pu*F!FS|@a1#|@o`?jL-te-ch>d-kO8AieJ~%-?aYdXD^@oKbMGK_YU^ z5HryiQ}=6|YfxXfZ*c9B>u(2+8w4vzXjMQ(gpa;w(B3460=W04pu6ziXz#n_i*E6@ z%a=16$BSWc_>;uI`6SD(HlhcDY3N_R{4({`=xORFptt z#{!M!_MU5K#LK&qD+{6IvAZfk5^-*e&nO!~pe(G0_n|# z(CtdcO=dF%gVX1R+BXc$k<2-2l87#@RIX4TZSyQGs6Mwepvf%*1YJqL+34i(+p@I3 zHutw8`uUHIloU`}Ur(yJkO8vjMHR`>#^l@SN9@KAc|WVm=>BEjde_J8`7X>}t#AEN z6DhDh4I}AkXX?-?i!K9LyVVbpq*g#>{AoGLH(|FzBEV1!O zMcC20YDDSPV=LU^RjQ94?|y`-t_w)?@CP^2`^sMa=)^f-n>EcgGp7&BIvij?Y4d+j z1J`a(@J~yw)dnrNzbo4=GBoW^0jk{>W9-I5%%=_RUBYN~1df_Z%UG%RDzkw~@Fzs^ zGp>8LroH9;RWU)Tif?^ATiHXC{j`@q_o(;_ktg{CCP?DZQU?qDhjZ3vZcJ-;^nPFg ziF>+Y-y7Z@L~y`8_HN#O?x=QWU7*~~>tF6+P#lDVU+Ag(=MVGG$2v$G8TDWNq|FCC zo1J{;fCKjBVi8Pg{AwM{EvXfHH9=>dUgVXA8(byKS_)>|G`Hiyu3$b?Z#!I*m>~Kd zbqMXbgH-lBGpZl+!YbaLj9GW!029*xT*8!*Yvm6q&6E|?sYr_meii+!ZfxWfv?RGi zy?!1VbNi**JOo;g)9{z-?VXE!?YAszuz1(+w1N*ZbNU!2LV3co`*C|!B@ntEhY zn&nNIWfR_t0CKV{Da_A2yYg6H9^>s9L?tkWf)+$w?p^JDyL``f=cHE zt`A}bH!?h!$SV?@J3*<%=fvUo=G|Vr2@5JJvQ~%Uhly5Q3tqnriPMq`}XPOt><5Pf~BSQzNt^R4sm?ozi2OX_Zs=T+C=B{+dgDC zKQt{+nk(oQF;W7$7S_oAI0KGf7FLCChr&!fd?kEaN|tPfEQw0&=yct0Utf*U+&|8F zdgy!C|MRpa?1ON_aMvaI!C*ymUYJb>cedAqtw{KjUFy_|pgL46siU#96MG!wcQ4(u zeH!+rv&_;iX45#0bciLp`~NDbdC4SEeyq&SYgyKuvAN5YcUMe*&?>1)xGUbnO$ZQt z>qRQ#s1 zN<2p;&BEle#Wy|Py}8SNBgjz#yt(%tyE0EX&_tBS#8zA@JEYji*^cHtY0UurPhuY3H5gW%=Rhv4!<~<`sD!QmLR_>$me9 zlY;8J>^9Bw-u^TFezW+>AOiB;n{xDZ+l`f3Nij2_G=p%!v=a6VrL^E-haSJz9CQYH zH@jl^9i$fIdR|(J=wsP=oPE<`@)VmF@Hn#y*z>{ZEI=qCRjWWi9KL#-ak`2S7Kc4% zb4_xC`nVEazS}CXU!ELLQZ#D94)Cc=C}(N3R_rqT>w%24A!wm7gfRKLAjXPdw&3OQ zF4)q2P*>XABiJ(6<=VyG=g;-&zf0R?E`aPqAN-XJL~}6h)u^qBRFYDggU1C*8KJ^P zXJNOuVFHCNX>6Qfx8a8=F(`9CHQL&iU} z?rdZ`HgG3BF(<#7Tj8mvrv}xHV*YiU@6m*3yMcpfi~gn`&-CZO4iB7%gPh`SB^DD2 zfw8i47sTmsf7E^p3ddUh^OM=HV>S^M3f$%tqVwc6vYjST_RI;2MV0E>RH7Ok z20(Dx-N^Bg{pjhHf8(Lr+yW5ubI$tcA|n#WxN*2u3`k?<1%7Q<0FSe~JzyPakr?JqfO_ISagE&8)Y)MybcLm5tx#K5`J?#?a z16|+ShRUZrmNvIL?OhY;zYw$$87(ZQ*5+mzKMB1fVDE?VbT4767gQ*Na^`An)`|@- z3||e$zSl7QA+X~6l-_78N{y{?J*{x=?Y|tzOfY61Au5gy(5hhTc8&eL7zw&mQQ3)f zCka5?_oUm}J1bI&kytlt79|M3`RNcmu#wU6{xB(okf%QKtDP?9^K0s?wS}N}i}R2f zdDfdNU<28$1GHn8?YW&J^;=RmRWd0_U)9EU_O%ug)t?fugG2qOL?l#HhzIO;P<6;h zeiSbyI8{W3f-Uu$xFX?zSfTbfX1U*EvnjAotUb;iRX)g(d_YQ^n`_)zLGm)%A%TvL-~vFVjl3Iy!GOw7r- zICYhbXXSUh+*;Xq)yvv5Z-6A}!N^Jn?+#?uJepDNFirr=NlW_8(c`B*Nf*7QZi%M2 zo4&sR+P@PJIJEPkn7mR$Z|gq~lx!w8MZZ;T zwf;_W|M@znsb`D`inoh%k?1bTBfmEVbH8xS=lGeMwjFJf7j-`JU=uFuU7=&%V^AyOxgIUJgvUrriqizkikAw#*41JC@v^xbWU zm$@)nQXzApZsqP@X`Cv_6TgSR+mr8KO}4&xoS|N3mBD0hBY7%AuBOvTj-C!?MzhoJR&mGP`(SvG(B?D>}O}3~5 zHfG{D^>l{cq2c9`c)+j2aiXhuk}yp?RVZ#H`geI+7uFuRi2GRya($7fDpU7dSujaV zkZbJe{nuk(t~N5t-%4BY0;{19ZIDw8^JFrJevvnn0sT}5n_TxhEqUQ+Fz7YRJ5?4d zZyB0PM5YUWc9^x&=bRF?41|xTl#e*8g?gybSOXzi8(9*~3^mEzxZ6a-)k!NsocN|a zYU*HskUdTnH(Ps>7PaF*LF5Wl`N0Uy*02i~J_W0ln|0}L*=GfsGvLKS6Xiu?bFv3H zNhpoOopQkErOe_}OUGMhqnR=Mvy#I^jX|kYF|b%Xh&IAsX6{k%kV?qI!N+fy*Ena0 zBGyQUd32iw#TB%kASoqB7MLz#xz>oD)vly?=(o}PlQJ}TbY~=LmNsJL3OXEzF>e;* zgL!xAxh0=rvJ*rhz5`F*x)i1kW}AvzGfJpA3{y`3wRA$;bkUvxUuPu0NrjxvMPEY8h%;_+$wT!N52egr9yI zAq#t+E0nv>TNjL3E_mk>Fh73(^;eQ%(!pft1-fzO_q zYk2Ce)3V>t2Ith#0D@0z$aiPSkg zEJNhY5ra2EOvU-}e!m0-b?Jihxp5Xvw0O1J!lKm0IK-{gM}ao<;=OrC(n%YnmD(WG zf_r_^xhz2N>m1Yh`qQB*{Yh5!t-6&jO+!qqb&O20^(~4`&tbzsZgU;v8MW=Ks~Pz| zxgnK|!2WppE-sdbv{S$JVSC^5!^mQ?)$3Z*RVSsExbpIKkFYHLSdh9@;0-`gzc`r= zz4UEwxXsSmi)7H;>AlqQz*J*%!=L~4Q7ZzyDEa!DU`8bfbtKz7QQ15tlzELuD3u4t z+fwY|td?|nY?;%1oxc~9@b4@D&;X63A2STJDaAZ#Z+Q`LUf2qEFZG(f;!iG4(4Fm> zhRbg}EAj4a*0Tb%*taT`(Qj4g+4E%$gA9*JayJ`i;*+`HYupXqr3>;L1*5#h$kk#f z=UZ%(2%mHCR{)6O^6NTfHO>6sxyAS`KE=6*v5FPOR?Kiwt9>=9LAE@3$^kuGtN4x6fM;>43UryzRrpCCAZ>LStk1Cdz_I;g_ z4|55fLp*G+k9}OPciTnFY`?5|cI2Z~r~FW;1s5v=ueJ4I5C@VO7}0&~ioFwx+8NoC zYU#E>hjw1!Hj<&l4`awi2LNu%0e@@^EfA*rw~>GJktv3eFB;k0 z{>IqYCx)@7r(`F!<=E&)Xz~NEkC;WMKz#cX9%QX(+x*)5{YuIjykDR>JKp{sac~v; z!rdlScKn}?anThdcRBMLk${Q=&w~iDWe<*?oJnQV0p*h2Xh(K;Z1kbw?jsLI$HsM= zVJ2^tmEFdlUPOj#p6aLnnIzIw_-uC>#MVz=ax5J5*vA}vJIuLip2uXa%Uz*ZU>>`x zs;n=rxJ5k0kIU(9U(KQ57~8Hd+YuawuX=$`vq4PYr9#!D<8wN`1MV z%!Rm}S{RtyVU+KfN@z4pot~8>ha(1?S+*Nl<)@Fx@bQ}3Qr4cmG0n%7cH6(g{X6U? zoiOvZY8;@hMV2HH2(kisW=`L^CyL`TP-wbA3glS(jBSTbK@>IRkpW{wX&+q9Z?;*ovAz*epY@7!Yv%@CSsjb!bsDHz*9tc7v6msQ3H zWjdcBWT!UPlzJV`Le%^{M*Jz0ebt5+CoE3c5U*h zH9-y>SAB;fS=3?&B*txjSet$WoA9Vsl2+4^Hb@e~Z$nYuY8P0oTMP04G6d{#geE(f zs;5bCfM-CPQuT8N1d~5Bzr>iGq3if}2#_1~Ma{obaPPp;}>v|(1O>EcVR zxOcx5@=#JkT?(2P1<_^f$aCUab0vVG@)uB{e0S>vL(ZOr^JGq=-|i9DHD>&@9v$zq z&hg&8r{tAk1Cnm^VW_-2fa|r^NgrhS){fM?_5_styT|uXKs?{n2ma$tBzisgcpu%> zuO%F68kL-y!uPuz(i&(@oVSnqV{~T_INIFWD2_E0$E=^E%xAEB z9EYoS$(JcpTvnPB;F7q$+LURKkwUa8JZ0(v83O% z(h#F@`<{qnJvs_zz{9;pL63T18889qZGZV!;W4&DUqg@NZjUNoXfTV2LF|G_MpF7p z^}|9dt0$PSvd+)T&T20qS-D?CGG7Y*TLE;Y#FGhcT=W3pG6*5~z~G4_#jN_TX0Wl` z$oj-xSq75Rbw~qnOqHa7lDw$sg?$gQ5JET$q09YhKhB0Ntd}47;YD23x_oS(Xk2zy z>&XuU9~HLR^Q@^!jZHkd){5)Mtx5?PIHoQce?|Br^3fE#ig{RPc$BhmqwIvLip+jZ z5zhHumIa@5MZV;x7quu_s%JS4jJ05dqgwA&C)Jl`xAPk-b>xEL;-&LAaE5Xu&HhJlfE^p7O!l-TxuZE=| zzxCt^o=;$DxYkd4-E8Ad-G*~T{_P4N%~y@x=Y13^hZAxOOgn+tSGJbnb%weY19`Au+Jp*<*_R+H5iAKYwah8Z; z;mS}3^iq&`8)F1y5kKSJ3AH5RhJ|C|Ev5{!-fIRNzxiN!_?6{fZpp8K>@6~SbIwU; z%-C3_h-qSCvhBg>PO+mrM?gbCk;d2^hb9;IA_{h{=l4OQR*FaBk<5J^d5x#s=yvN0w`|D{4$}i6QZ_>;k@7F_S zce6bh#H*lupkJqq@7)t+sV!suWz-#IH_yR*&q_WYuX~s89Y;Ouf$=8zwIOX8XsW?u0sh6OK2Ea-z<biOoNh~)XWCZ&uD*W}I{3{Q4MmvoGOL~h; zlKShi``^;tG%fy+0aL(zf0c{=%QOCq18+ox0d%w8UW)!p0Q`4J_TQ9C@g{$OlFOpr z{~x3LH(2Srw>V+@aHx%E!{*Ol{s2KsNG{k4X%^O(Y?N{LKHp;D4L2|2u>Kbw~L3En*qr_W~TpcP(xgbbnxV%pg|z zo3X_|ZI{$c7>OR}(<53CvcEs&7#V8{Z9E*Q%hok^X!0BejI58K3Il3emp|)DmLR3M+axp=;b_`U4~4yDzj=I6`-t?d-=*( zF-|Tmd>213I-ejZJbTHkq&1`(eC9%c!!`9ov)qt3RkB!Dsnzj(%W$Cj2+$^xEDF9Z zTCXJUmG#+1@o?s>7bynb<6}xrEIdTg`aN_h`kPN zUfF$z)o(HEoEmiw(@onn8NXRorNai;pTbokF~qN^j@oeY{Bla3M=#v4xHp`Iz3@$b zWKFbiyk5G%X^`D*9#qEM(A%2P!*Fh z`{Q{sj??~>qd}!VC7d?=8!h2d+|)NCAz!Y(<(QYmo<1-r)qzeEQ;~apHHZK!x0)!d z9V@FhC=HQ$c`rbMN6P%FRLf!J(~N_hr(jBwxK)ETY&KAAG6Z8?fDOR)$aAa}zco+J zTVrILnikyN|8?R@zOp&y#In7-_w$YA^0Ga0rT*a>W*`yWywam*>148beZw9_(WO#N zKes8zFJLg@xZD&3B_(2K8BhG|U|X5_0yMh)fg>{1_-3c*1>_y-l6G^5H)h`+lnW5= zym1lPr<8jrkJ*99kC=-2$fFV?G96LXK`T8g{7`jx!rVn9H7VLY)t$aKm+Mw_FV(H7 zy2l3VgnHAoPPVj1od-K#-spa{8fXtCGy}J7G1r8-dwyj6^x7H@sPW5RT85hCi$;S_J@&wSWOd$ZG9+uHyY6T%!|Enc?{+HP zgZOmbr({-(DH6>(*5# z@GUQcE&qTPi*FZhCHu4vw+~oCR8z&c9N@s_2?u<+MB@XZZqD|nJmst4fh0qR^_9&w zTnas)xcf=>)Z|>A(&&bg?Gtq=^5 z^si-5;koY{ug!kt6Hw*nnPmV}&B_&)nwg!Jwq!1zB4pLzNWr7^hmE+*>=+LXU~haI zpa|Jm{Hd<;Vx#Z^gE0uVUz(O(&q{SeZ_R^2;|7c2WPRZrnf!s-qqtc)iaqfSmuM3Sz7$Ly4`GpUje2T;2Q#akyn>dKTy|< z&n-U$zqx=pe5V&V(e&)c3-w~Kq!&1L91akonBRHUJ?UXugnBID+8z6KC{*`nMYTj~ zG%usM&&ulc1P#*c*ET2cSy5B#Goo=O&k`TT{kk&{I}U3g`02_YzD7O~UG@Got@zqp z?TMa`D$lhPV3$k5CkHpJCiB3YYffz4-z+dUv?a8JJy)XYq`w%7{xYu^+z`|Kp-V!Y zTUP8o(&G0}xN&(|@=Myvcng@PBb#PPe<7{Wwc*!)z;)tBmj~kD>1Xa?K#^on)4HyV zH`+~U>;0l!KMp2M(78I;I@ZB09L2RJwp`iP8?yf~c+j=ua6vRTk#SwWr%thLu(B$8 z+lM*P(dg4m-X7h)NLG44C8d7Gq@sLj?3FE!(LX0S?KiZaJxh@|cv#{O4B(xrOasUS z(Mz~AQlV;rNU`-PortErhfn#}ZS{`t*dKuzAUNMdDW_lwQ2|hkl?C~n-;2jkktzi+QjZD9|WpqSp%CkT4b#IdZgs#?~&)ecpjV7Ig`qSQGGE-cKoBd^+B3% z?qRD_T(UBv;B+w2T50EW$Viv%sMA1=sGh(ReKxkvZT#e%4i%$H8yXtc;+0cK;t4q1crV=n?2JAAT0`Er zaxihx_=H4&Z+7-`GyBQgx{1aD_k?DIKTDo2E}Iw$G}1IF)dpxjs;DXawIqAd7~|UJ zs$j1jDTJ^R6?kjjaKaRy}^kdkEb>l^{{06 zhG|($M-14#F#hs6DKv2UqiJNyD!u2f(&ZWuB6N+^2^Hs;vNje_IDbx_SY7aXFf7^N zWhpKq0q@}CnM~XHp!dz+&nh$f>#UIU$>T79DAxAXN44i`dslCBt5;ri|G=&~CP)2} zj|1BoNJkB+zp}`jq3fi6Ou85MIQJ&YS=d~%Y>uoQ@~84@af3RK{>=irudslR-+sRR z^6_V);iJIc`-*s#^&c*xYZLytvBg!8W{FAY{opHtb{c__HyP3r)%80P#zp;ZSi-l2v58l1}Hk#})I$m4R z^Ff*QWzCFG2yuT>>;<)~Yz zqt{(7K?s|@DyMw?_#iL;&B<`@wVCY8akJ?^e=bGgHhGnA9gjrX(|?=Qdw}&uhHj*% zUl7gV6YZ4~sqHFNC@$z#m{M=X-<@&2YA#(&MgzVc_@X|^}Pdi&8N1x(ebxK+z_%girdPM3R;R4TSp%FS>8a#RT|@O?@N zX7nq+BOIsk;?cvty(Sm9xx#Fy-w)Z1h#ekDn0rHEq;cugx=9v~%D#*b7)P>Zc}hL} zWT?KQECBOZN{=Jd*=b~4g3)c;+=l5VzqYE57g;|o)|jIimq){@L#TUEg<$eH##h~M z?DZL#@cK#Wb5?&|-6to_qa}46b1-VUxyf0_hKuso)hG zso*BE#m$Z1nzTTusfqUw?-$za+2aQk5_cTNv9Tv>Xm);Rm00bIGYxlV0;}|EjE_=| zq4DPRJ>J3ZFy+{mCrE}XT zxy~Ep3Cfh`Ukd8RALJ_DCl%4N9dVSk;}YVZ^Fpp7rmT}7_T8?1XT1&ARogqa%6g`X zd|D8GH9pjGB$`_dGckLN7yaNU5psw9MdwKVfb!Xn0lZwl7&rg!vvxi?sd1e*V{Eu} z-GM6nr_hz3XenYs21e%PC$R@{=V3%t75-p9p5SBMbY-S24-*56d#ksDr)%#d%`UPM zU8p00Tv_Ks7g>V^?e78u$gp31bmv(b1EncJ%Hj=O531|$1LQdRWC+-Y(TaZ^3-(PzcXu2lL#{6Fij(TDLo1!GZsz`xf%Wz1{P5+_g9nO(B8cKi#4RCz zhT+V{#^DsYyU;*)qr{sn=?ZC3zcNsXcsI(}X1jbCn;rJC70yp^wknD?>a#1mL zvjay1Ep%7xPaz}29?KNy{rV5JdLDZ{CToX}<|exX$%4)x-}PY?%S_{P%tUvl z#>@@u9USM0Jf&*q)wpC^A&8Y#1oS?vlJ_dGq6k_CL5WSL*yf2J|yeA3M{({erMt&aXIUg15bFkA>VeO9Oy3&mHquUh7%F}($9KM+ zi9JajIwW6Oj=3gMA6Ly`ToY@=|M?X7E$&j>CAbtRR;0KF3dOa!Lve@VlAr-nEEEC+2y*g&=bV}Md7haw=lgjx z`yrD%J4x>BUc38~>*_!YE_=Kf-TJztczeFd{`S^XgUjJ=T6*Drc05s+FDWBQU)t+x zcyfGLfHhp)%x805ob6#oyS|?^@S^0p4{N_lH;u0!Gjh+MTC=qL?`qQaPS|FQ4pHfe@?QorHwfsn@sj{HG=V)9OD1){g z<$OeygMXr+$i%a;boNG}Pf8a_&a$vYjrBd+ijEgQ4oTRwo@#e@K6T(1*I_kzMOD{F zV8wRJ#zNq?+80x7`(Yl}I#}S64U5?4w^9y19vx@EkwMJ8yqz5#aoM34<_O=}n1kPj zMW`ytl-F8m-i`Moqk#wuN81!>c{83`8($PZd1?(`*zXCxLafWUiy%R0c74au!e?FR z$)_VT;CG?}qxdZs7OiZNlWCNIS=1qiJ#gVvALzU-BzT5xO*7TtDbJS_!B{|ri)eM( zWM)QHCJ>DqZ?&OMY_Fwng}e{Fo&EDOpywVIDDc5LHB@Gs$-ir{@sO5jdc%i>Qrai4 zYq7gbYO^C}LoqM0pp={1|)fA|p4oYsA91-ieApzORYE_ydGw}ZQ*j7n+u zZk{)VSv7NPmC~u*>c;a!oewwr#||BXTV znn3wWO9~0AG%0s;Y4KWjOA0aXNSYs@8Rkx85EL;}8qCbwbza%z_>d)aH7Y+XpAQOw zHJSTE)Ilf6KZQ?S5Px8)FGfO6eHyJ}AbuJq4V`eW&}9-x5i#BFk7Rjy*S_dP@|v@C zD}8Sjt{yj=)4uAO@8dY7H*)*8R%x!v4$0#ATjKAzVE>^`U!%AjtEb@A;KX*TOpmUeN-0Ji)r!F~OM-3SU zTiL(4s;Yt}bK^#tNaaecC4D4YJcKoEyukjT50RF9aTXb<5MQ20b0oxunfBX;;VBna82W4ZHJnbGxhwf!+LqG6yzL zrU$#OvI(0u`+F0J@64^CwfX7Kg#-ZK(ux1!5;E5Kr8MLTlbKI%c144-X&>yj*H#9? z3c!vm9!9`qnbb45lBA<<+D_++!?^6`Rj>4z&>KFSt~2>Ej|YT)7wpL z!Q3ufUjEzA4g;~@;wyY|J_;{1XmpnkT&7|_d~X(H$}4)9T7=uBFziH8Z?Nv#cToU{ zF)6e6PcTnmc`B=(`fQQ7*dd+Ew<82vD0@j;zyhdZwwFxI-)P$dbbQ(@f`N@Ik3J24 zI^7Ub;hDSMcm2Bb7^;hy&_oa@I{-4lh;8@QXk>{OnTu4+;tPsZxKAdaDOi+e z)oC-0kbn9VR8TS=|K-3Fd5K-P@^{*4ag0mAbR>r4NKk>sZe08@2l@V_Ram$-SmmU1 zI3T3LqfmGQ5PhriVTnYPwmyT^>F%b18B#nTy^TN%hR&j)u>&;nyleG;CHAc!-hUQa zIyEPNHnpB$A=Tyk5oVf}1)b4;Svd83GAPVPx? z`|4C|gGU*21j`8RK+su-w;ZtQlT4NCQ5F}pBG*MW^BAsIHsQqdac}88_PI&IpZlq? zsrLK2C_(!b8tW+LV4;2gY{5oYoggq!vJ7(YTfE|YR{vnNUpp%ZTKhh8S*hgx%><-G z^}hNlTnsX>UpzMB6mh~J7h%d&dRr2}OI67Ux4(Qx9?QIz@mxmt&9p3cixa3#P(H^2 zEBb45&4r#QbT~ge_iR(})6T?~{v9WX*qSEI3w~{dqo_@s;T(LmWNyl%pcO&PUGEp^ z?mum>n;pKrZZ##{AkB2dN+65ED82<2e!%8ll=R=SK^mxAK#X2 z0^H>93FIq-ZVp)I_JH{uq)Dmlkm1oA<{8`)hfDC+^UGs#0f%F@_MZ!wh4+#^uoNV% zBS+vBEWOha%wy*u^`~SaYue0ezMH0f(W(*`$|%Zy#fY*$E5D^28`* zg8cnS*NqR@JEntqnwxffQh>#=m>(-`gO`4+CdReXmJU zT^}89!(QQt(dY{acFWHi z8Zoxc@{nESrb2tLf8M_UDX4weIcJ!Ccy@)T!iGxY+};}Jj*Is2@d$LwutLDqwj-~| zLzNem+cEa`Wk~k0=SIa2;SMii>AFHC`!rlKo?x_}PH@*HA=h6wwwkP!F!<2n&T$ZQ z5x45BP@zF^w1XO_QvMD(7unxzzv`HCkN+I{hO1k?QNk}7s^h_?{soS!n|6p$UXtWo zSk&a(tc42e%lY<(WGs>)nT40&Yup*tdS_D7>nWM1nmDn%qt9&>4tF?o(%ETwS?PEi z6d-l3zuOiFqc@f_Z|y4m-0;qZa|u+EWp(0ZRo^vM3Ab>uFjfC1yNIDOe~Y*;1xGc< z(#|jJI>@M--kJT$^@eF;UHkUrb72a@t`rie^1lI8!72kip+#2G7}csmiQGG$thS-c zbQ!eflwG++UkSKw{(K4l(Bw`^MlBfb`2xr_d)u-VNPdhEV6xZw-Lj&B`PMqr$r*I( zR_fP6ms&dY9L=ycl|<&qfNgz|vD(;izDT1gAPk z-^|*k=mGhYvyK@E<}P)@0A7Rv*w-q@Z^$*o?~Qx^ODiJHpo;IWyeFNqZ&W+Hbs46> zOloQN)x^^D8MXBzjL8igDXfDdV>{*oyL4*Dvkgjz*Sp8jA*kZ)(yg>4c{&kdTVw|Y zt;VeEHJ|@f`mgIU%NaQYxs}mqZC{&_NF~kl6U{_6Y9^+p2Tb)k#@hqh4#j6nj}~;Y zD^k%3Pmz>BgO9~OM{}k!su%d{!6j!`pNdE+c{fzQ`(~Up)2Q=_dh~Vv8LU5tj__sq zlN2G{d(A2G4<-3Wp+aK^evX?E-w!(TF{#^A10d@0U%QP%vNoff1S~3h0)0oTKbhq7 zDbp%v1cAp|?+XlXyYBQ^=c|{+z`Zq%yDr^V%JtPmOkFLBbzg)^1FMM>wKCBpEUo)R z4_4PM@4F*XlUWYozb1a~w;qv;H3$E_4gr4G(|>n>d*LhpSo&O+_D8j@u|RRUhJg4- z$T!5?CTl6(7A2^>t;>its;i`zX3{O~K(=f`lCI=E4NwZM(EPW>^)SR2`bzwxbqqns zBr-rvLQu~*Nvm;(0xevolq$kL*0%jkiX8oMlS6#_fL{N@qT3zHp1RyIy29h<;tE|QJo zAPJuUPUqfO8fn*^GD~D;-Stq%VMnEpi4zo!H}jZOH<5j@t zul~GGl}vhZItvHH6D(;ZW}Cx&(0sS1jHGCM6j;?)Y&xv-a~1Y!XRd7%SND+q^oHw` z3)N1o+LvZqxzqkn5R}VO?tk2&t|%v@?7edt!fVWR?Lcs**BOCpr^rzZg32I1C_!P= zZpeCXyGW6QkOYIPJ=b#E^&qG;Da?**Sj4*uP`swab(bCWA5oJk%$_G(J(wtvf=8O@ zbk!jS8han}@z6)s39Kc#-byJt^3>ErjL44U=2s1y$yEPd+x%8IscX`<1exvlkhnEj zR44Hl+_l?7MXHe=-}dE8&#}a|wHVnru^Ct2t(dYnu~l~$B%E#=rly?)05zNbh z)?uyDp;X{ajrCOtQ+#VsoBXhU{V<=>&G42YIdp%4S#sxSr_25(eIjZHE{)WZ&Zlu<8^2XnqB2JTzWtJxW z_j2)mgA`HOfq#6E@m|TYFz#{p&5y*eC$)8!J^|{{O);A;!)nw6_rWTN?W|7IT>eoS zR0?i&`Ca(HD@hReU&eaK-MW`m|H3MjLZqo z%cN>v%eI&w{~q%Om5?z?7@jGFyUkA+N^Qv)bMhQ1&#ap1XNe$Lfa$g{#1 zJN{qz@Y*(qs=kaD8*WWP9}f7}6N=Z=;RhbC<-YwV$8%i4iJiB1f(YW*1sa zx}goKD4Ai6go&WH9$NhUIs8>g97{cgxN*eS#Vf{8)>5VNiw9Y++g89j4PqUCrqJdG z(2t_u^tyz!v$$mFh_x^i+NOFOy&n5aR$^nnfKCGDnJ*K9l zL%?mjX(+OBOFE~M!|txg6gulCC2G>}k#A-%<7}Nk)n&WZ8d_VJB76OZIB>Jt4Z4b? z56`SKnF{zbOIj$z8Di*AHk&?L7`*bP%QYrZQwABd5(3A3YuYRc<2OGM0}~Fpp+HLV*q3f9&@uQt3CWLNY>P}!m$OLq~pU{N9kNbPv(!>sS{+pQ=F}7 z;6=-Pk;|Y}ZmV>D;K@<@7dAHjV)j3K7*wvOd$s^ca|();1$1 z@uoK!bR^7luQkT{>fLj|^e0JiF!DG0e)8l+=)lkoHqrBmBi=#|wK_3us;p+UzUj-3}$T*XWIDpua|nhO7Uf5pEUz*Z)@l{C3{d6eth;J zt*8|{+CI()Y*>KSW~PRYW_Q5~mgiHX`)aF5fAzBD2QYX3>>~9v`~;miCeL=Q2I+6Z z!qv`dA~uuIl)z8I^=ovdW-ir)<(0o^aHI=izq}-|W!Dv4FS9@F&JH%kX?@+oKzp&xx8{ z%anl&hF8ob8%X*9BVJ1s?ks{pZAL|xw;l%FYLsVEwBg}jMNcyfFgc{!D-gm3E`Zksfwc9e+dSP}EP0Hr~tq}HFqV6s4|XY_a>2ZYnupk!*18Dm@jfw-#;e03Yz@6WWBq8dFryqU-bKA-MC-f+7Nvu% zqvb!vA7-o34h#Aj9QcJwmdV@kIJoFa|?Y10o$ZVnn`YUq5s|!Ri#eYNi*awZ&F$|{uq)1f)DPoG!DZqJR=o+U{s`DenqDstEM4mjurv+-g&N2Niy*1cfWMp! zT_bl+>IO8#7Rc!+QoZR(#w%jaXR=RKJ{4LZfrQg>#uS$~E-R4R$%KH|2re%KV;V0lZ%|VEeKdy>^GH&oUSleYem=r8@aiF zhD3=?$qzlqkc!|9*3?o3HM{dalJ@rH)J$2vr|UCjH;F>?JvkH-v=h%vK0>5oU?I$*^s*`Hz0vQDSIl4M2C>d4Uq0V+#9a7Fh0 zif1AKW3FIuf6YlDrJfCl6RGPL&IfPq5b>d6k^US3?^z|ryrAag#e~7n*3Dch52hk< zeJNwkPDU^>&C@W$h=|eYb>94n;@f9swC;bZx6AMXBW}RbV9Hgm5`T7#A{nn=_>j8l zkM+3#Bc7fzW#J^2T^nl%X~m;_+Pgm(3nQA&LaAh05B0W+-{amX3j}YnQ~p@D)U7O_ z(0rvqc1(Eq3xu`scN8s*(3&3a?Ch>*We0o_uz+_-5++b zTyXC~uZlj~JyY2e`4(e%#h;AQ%?Py?+CXHi)ZkQJ zlj4M2$pjb^^34XrAJx*{_{-XMKt=|+7KrH%CI89O89-TKP|QL|6qMueCeZd8Pq2RKl)`b%kqh=${|}tJm;bMcubC{kBRB8_ z03@7ZNVGB!hJYW?7Jg(K^ssCwf`EJDw}INmEHPlL$S-F%w@f0eSyfqt<_JnDas2&59mUSwKIh#-+P?)|;d zlN8Mvb+cvJm$iN((d9Z4gQyHGYYkknVO(m-ygU>gmBFt=H;c;pOBjCIek#XFDhjQr zs36rlHupKXTxyF=?QV!~<4v(}eM_nkr|qgYi8vOdw-Sd%)c^D@fIK|RRRNtdvcz6a ztwh~n(>PL{&txn82h;fY57Q{_N4T`D3{4nRcL-krJ3@V7 z5pA)VcYf{og1kLb6Q^T2^Q%5bm3yP zPpt$oXsQ>&>Cv{akihVEe|DEhUTAZc3lkVxYLV!qXv$zF#`-i%f@YFcuYp0cj_kTq z=gDBVNR_$zO$?l-YPHJ$(ku&`BzfAaqeU?w<{9DNEPqVB%iObL}sL@sz0#dZg3zd75Ab;Yw5pc2ul`K7-cmuN`~Yh zBv-d(n*6VQ9iiKl45W6oZB`^TZPM?yArWY=PpF@eef!4!LZJF$SRAH8XvR4iZG*Fz zjN#SzawUG5ZQhTx0>s@$Nk&|TlKITwHC8SgidLr$a~Q}X`2DMbpHZos3`9=mV?yMMPs~-MH-K8Q2d0$ivwmo$*uo^**#Ud(%3L@XTBk zXMe;V_u6HV(pYLB?$9^jvbnVzEWC+)LtHgp<7+7UcwPl8ZS2tY1^oj}Sl8D^K7pl+1TD&hDAN)zAehh9#y3LrlyZyGweDZ|0Qbj>dr_SRfTAq(i#4#S2neDu7 z_#GxhEc%D8+#c(}G^8I49CwH4ZU)uUrr(^jGmyU?a<%N?V7^CtS*fpKX9dE0dAI^92y_orl7B3D)?cwDnnWfZe_tI z5xJRKQ6$JeR3k+cVH`OYu6i3CLjuHBeFt%CV`CSFF&i2K_Gz<77N%n*v+^)zDKD=C)V}{Z#jrMGY!HvqjISc^O?G=NpQ~W(6=>j| zZ!HxpCeJ07)Y&@aHR&G=6WZ^jr~-zIC-yZ<4m+sX_q~1Aq>>&Ey9_+b$e-|`uy;UeijZK8)s7khNN^_JyB({r*W)&s8UheTqgT?ZVUv1*d7 zA|z+RaQy~#5?>vyX48Tc`9{XQtZf0FuhGE8L#zt!3ys?Ita+XCpcrGb_FI~(_W^@H zL^43(Hyho^V+oy3NPZS7ymjo%YaR>j2uk6!y>RU$3PrkO?GH!15vr#K@VPwaZ(VQk z-3$Sx{;Cl^vNbNm59D@!iX6}Z0RqSO!T3GMwA@0qET2bJCJMq(p{fK$P z6`pNqgQfkH*9#bxZcRveWiO@6E4cGVAd?)I0gE>>A?CoW4@_LlF^aj-RlXflBu zbHg^h7k=y2k)ZF^M!E~N*~gUDn~|$VBa_vhJqm*Ch^{$mLfZ*d)TGYRIbMpta9Jb$ zqU+rEeu>Glt(P$RXXV_)@6ex&6#e9b$h;gPOK`aOIlt>7zu~~T>W|CNVo}%Q?zLwa z-0^55McF=-DtsetQ66}RrISMRd_g{ZF?};h@obO9lhV*Z@D|73D(Ad&-|v&Y0sO%4 zH#ss%v7{Q3dExD6@mtJIg=!a^F#{R|BrM117<#R8*U<*pwi*Mk(SCZ$va03S2|zsQ z;tjq^Y2^pL>mH*jApffMz-0roA++SzXfFsgbC?=rt^Vta5UsnIy?RHbsZJMV@byS& z1G{L?DG_8Hofzz=r_?ZZ$owQ8jM71QP4XL$E(`EwPiAFDezt1|Z6!Rh5tnZGUbB63 z03BYJDr2gtRTB4mDC)ia!u5vIcx(9<=Dt9N?8YPR{Vl@hKXkMTlNpI$bnOGj&l{*D zk-%KHH{+FDA6R7T>NnF|^s+ifaHy4}0)Gylet+!H=97&weqzOKZdy?ZSXXZ~A}r{3 zUOgvi8I4*QaVJXDZE^**hW64>QB(!%*BYJ3IENBo^wWh*6}VbMkH~V@fE%iOO4OEZ zT+vv6pba2X3Su(w1ox$rn@=PBQ1+9-ibFeh7E_OKt;3&~S>sr@! z9Ct?Gx^Egu6~mGQOW+%Fgg}$sLi^NLng$xhE^li2y9)!ZGOlH}l`I#lFm^k5M$OWT z)`g#tmPeG_di4Yq>0c%8ySEhn&AUnX_eh_JkG^lyiQ2eSX9V&HDsq@%S*NFfWX!08 zRu4(^7rM5-fNWbSw1=k6&D9_!b@R7&wNfJe5_*l2Cn$oG&|~YIhIh7pXWBt5%Am-v z5O29;_-D>5B)ICFzMNdY0ksT3`&@XYJ#asXi3EgvV@ia!pn$Ue>X2baZC=Y)0B@sW zi5w?>*Ki=zl4?)R{>$Gmk}xxuk>EslCsC{CdH80N7lOkgM!SVGsOI@wv_UJe=lwu0 zVTP=}^{xVjQhr!XrbU<+efV|ri(V-pk|~y@oOjT(?(PLy-9r-mb{cD`DmEa(J@+hU zYq59TA!+#3_U`=U0oXLLl;`4zuJDBZCk6^hA$(~ZrHKa!WCh>7un!J z15*jNl^UfWw%7(J(cJ^14^o^utU6K11`7poL)^n zJza7E?LI`)rLKoQa*OKKa-~1$%XtrV2374%nYS5?r}bzJ<59i-f>Ax(G(%c^mt>{ex)?M|6sL#WJbEY(%FeC}D} zlBP(e;Eb4Q07~h$K__k$2Mma7;62SW;puIv7V4AIFokZZ-hVW}4@NbB2h zvZK7l5}4&*VRzIb9QL{6Ax&IWVE6nhq{JXuOuJ9N<$=4wC6if#*SH!l*{W<>@^vwUN`*`)l7nUg~veNJ)YQ9Pw2?RDTv#! zO+dcIrFr+(X{W^6MLNp?SLiV@=g}jerqzs!H18k_AQ zXza&gB_mBb*&@8_JxMmae``6$!)VQ(rUnhVUjfcM); z8~paJWwr%&n!`wz7N3cxPD7UEkDe%cL`(?iXLma~Xv8tj+Cf)&=kBsx^ER|cV3if z2+WL;=uQg{;57yV>4j@YWu9$IAg9#QQGytkC=x(Cx0h|+m9J_KQdoY3LDgvCeVWno zC)w6%l#I`HxnZ+U!>``L09EO`9Xj<2X~yz;aBMIW=Y3%{gGS4rZYMDJ5bb=Y?6+?2 zKTZl2v;2nd9XA1qRdpIzqjx0~b5;Im?SuSFOueK}y}=Unp4o|~B)svNq0KcsM(GSy z%QmA25_)+4QdRhY%?ZNCq(5)K1~PISX>pms9j8Zo6z5P8)#-(+CdC3W^Bz66YW8wv zjw4YcAF5g(|E^cFA+cU)!UOA>#%HPQoZwMVJ= z?u*BVB7?5H@A5apzzns#0-nH2T3?5h*UM=abkVc0!$0Jyg(r4ao#9v4NkQ5VE_JUb zR&Vb*j7~2NC9VqZPLNzTDg}0`fIH5jnL(a}hDUt9dx(Ox+2yz&d-=(At_?+l>d~ca z_wzb-I%qoeZ=W(^?@x^zndfVY<4*qU6^w%3@teig)kyzSVZ9&Iej&bd(C+s%o>0J< zXMGEz`?+`ZQb@a1!UJsftK%}gcBM($(9>SS4Es)L`J)acBrG79Hl(B%_&do-SLGY2 zsH6k~&KbX;9z^t)6QCanO&xgJ;OG){FGX30Aeu3-ww0>%^$M2?u+}qV=_U5Qt1XAL z@dJyQK$orHjs%LU%Y`0(x%~2sSHtuEnyd$65T=_fuB4lpgj|t{gEF9}LS1V34bjk1 z!3_#;D;G0fCXI$p-!ZDa_Q}6IcLMIsR}`pzRmy$;b%fS~76)Y398iNtDe@tM$C$;q z)rEkD)5F!nAt>}|`{@Q(A=Pt4#qVoWp`!D90#%#!+ZSu>{N8am(08ajY@%OcD^UWT zIZdQvsTAVF^Y-dv=9cdTX=%dbTWuhEa^H~7=*b*G{fEBCkOeK5CX0HqzGN>mflxUsuM8r-^N>GS)XHuo)9hP7vr`l>BJjd$WZ7nF4Um$^nrXDE z%98>$ZcTYX_4q9jxFKcVcZX7l>?X8!d`X91mMA9^+dNDyca|Sm_B?!u5gR$rsuo) z#^z|~JE>0C6=eQnnQ$Q9f!N%popERtxP~sfKNs*@VWWVbu}aJ;gi=(I@R%sqR%ywt z_5N0TzF>9Lqx?vXr+Sg>LCos(h*Swp!#L$07eiJHmUvg-?#9{@fKt&J)14CQUtp?G zSBQKPgQxz-zMB+Xkq>uKe^Z0(1JNH0Ak_TB5HOcV{Tmgp#<${X#BgD;?NeUU=QHoq zd36k~_21DNSbfMdsYaLUG*a;lC?&L;%bh_6l#Xt4j7n=s^S@TivA&LMOCY-eT)wM= zWAZ1`xb{)|*KXu6th1Dj56f}`^Ae>Q-(Bv7%5(Q>v>z8OEzr$>`VBouspeg?B;>5j zQ2n;l%DTEU*gM9NC63`$yjsfGe+2pH(l?ss5rv~M15Rgi(p94rVCL4u@LF(5G8=gg zpZ_$BplC2ZI%q=2gzS!g-6{6!-okx=nHP_@ayVxpUCI_)yi#y>^($j$OBFw4#Xu)< zLAL#J3?xG=<$vSZ2XWQD-1|}pR+cpKGoq8?lDHWQ0l66$npt2Kt&m5hqEcz1|PN*-%`&TvtF)XNYtFOs^0qvVM*UK$D$d2zdxFrGd!8j zW@X9a(nGs_3#6Ydi~aG`zGwiIlFTIjg(=FN*RaW@@&aSz*~K~s$8B?E{wD;Q-96v- zL37eao3gmLVIIB0?vwRcl*bg0LY$jB*CH{N>8h=$DA>sHZ&yD@mq=|s{qmnr)gyt= z6U$LNJkO1^>Bgc8JqXb73P!@BU{X$uYqXx9<EexeEgZ$aa$#MUna9?j;KnXzi&toistnL*tlWl_EgQHTen!r# zpI*{&^yD_o_VRn2tV$9$s-FwaaCynBDSDiYaJ#CfO$f5mXIm%BOc|UoXXWxkua1a! z4ZB0ivaLhH+XcB>rW(s48&Fl&Fxm^%mhJ@{rW7O*k#D^2daqRa?s|Pj2<9&zZkBCT zR8(fsPSbuLZYdjDGaoP2fcDZpYGi!WkXiKwcos`}2H>Gf>zR`Am>6hq`Z#K6&a@r~ zZ*;|9ZwsNquqK1CrgU}NmPQoiv6Jc4KL{736tS+*kxKhn zP{y&LU%KlZAgOgT$vh}BVR2e0>r+bQ#*?^$ozPzGjew$7*b9~gTgeOMCN5tR!iHuV>bLw)76Pk;gBRv>#z)haQ57$`s7xu%k!?hc4G76@;z2_e~+gaHdMo` zEh$U+cb6Oe?$C|_)c`@%YfN}V;jou7JsEbjS)(3H=tIfLd)oSy(3?xq3V*v72SsO< z4zCGu(OL=(*!cg$-1_Ya_P1ZNioe=MYl1(93oWlyH-Q;`>Ofxh@(IxkFSxiLfkvf$ z%Nt+49Hqn9>Vs^Xp@|#I$Ku%^o;*m0E~GWbC_FivTXq5?EH%l*So9{8I+hHQwE2?K zU(F}Kp(QdnA4r@j>eTB#m_Em1?z-*(f=_8 zQ0({CPa^W(*Hb=W5AGzVey!0p^tP`U|L)BkG??kLid5u%syim2*?NZh38CS?`kN2V z2X65y%=!6^4dNa#KL5C5+`fGrKpkmpV*T2CgiPymK`MRVZ(FR`yVmF^*YLc->X_&7 zLD?R}sKN0j`w2)Zq(`!v>ffDE|J4y3;M3T+`y4 t$!z_S&iLOh|6h8dE{V-ypnScLvcd!;Pv7a}RX#yIRNiSQ)V{R{|6k-B+Kd1I diff --git a/content/manuals/trusted-content/official-images/_index.md b/content/manuals/trusted-content/official-images/_index.md deleted file mode 100644 index c9b05edf0d28..000000000000 --- a/content/manuals/trusted-content/official-images/_index.md +++ /dev/null @@ -1,44 +0,0 @@ ---- -description: Get an overview on Docker Official Images, what they are, and how they differ from other images available on Docker Hub -keywords: Docker, docker, registry, accounts, plans, Dockerfile, Docker Hub, docs, - official,image, documentation -title: Docker Official Images -aliases: -- /docker-hub/official_repos/ -- /docker-hub/official_images/ ---- - -The [Docker Official Images](https://hub.docker.com/search?q=&type=image&image_filter=official) -are a curated set of Docker repositories hosted on Docker Hub. - -> [!NOTE] -> -> Use of Docker Official Images is subject to [Docker's Terms of Service](https://www.docker.com/legal/docker-terms-service/). - -These images provide essential base repositories that serve as the starting -point for the majority of users. - -These include operating systems such as -[Ubuntu](https://hub.docker.com/_/ubuntu/) and -[Alpine](https://hub.docker.com/_/alpine/), programming language runtimes such as -[Python](https://hub.docker.com/_/python) and -[Node](https://hub.docker.com/_/node), and other essential tools such as -[memcached](https://hub.docker.com/_/memcached) and -[MySQL](https://hub.docker.com/_/mysql). - -The images are some of the [most secure images](https://www.docker.com/blog/enhancing-security-and-transparency-with-docker-official-images/) -on Docker Hub. This is particularly important as Docker Official Images are -some of the most popular on Docker Hub. Typically, Docker Official images have -few or no packages containing CVEs. - -The images exemplify [`Dockerfile` best practices](/manuals/build/building/best-practices.md) -and provide clear documentation to serve as a reference for other `Dockerfile` authors. - -Images that are part of this program have a special badge on Docker Hub making -it easier for you to identify projects that are part of Docker Official Images. - -![Docker official image badge](../images/official-image-badge-iso.png) - -## In this section - -{{% sectionlinks %}}