From 8143991b9476bbc3a1e92636f01a9ba9c4a80a65 Mon Sep 17 00:00:00 2001
From: kay delaney <45561153+kaydelaney@users.noreply.github.com>
Date: Fri, 28 May 2021 16:01:10 +0100
Subject: [PATCH] Security: Update default CSP template and fix firefox CSP
 issues (#34836)

* Security: Update default content_security_policy_template
- Add 'strict-dynamic' back to script-src
- Add ws(s)://$ROOT_PATH to connect-src
- Change onEvent to on-event in angular templates to fix CSP issues in firefox.
- Add blob: to style-src
---
 conf/defaults.ini                               |   3 ++-
 conf/sample.ini                                 |   3 ++-
 pkg/middleware/csp.go                           |   5 +++++
 pkg/setting/setting_test.go                     |   2 +-
 pkg/tests/web/index_view_test.go                |   3 +--
 .../components/colorpicker/spectrum_picker.ts   |   2 +-
 public/app/plugins/panel/graph/axes_editor.html |   2 +-
 public/app/plugins/panel/graph/template.ts      |   2 +-
 .../plugins/panel/graph/thresholds_form.html    |   4 ++--
 .../plugins/panel/graph/time_regions_form.html  |   4 ++--
 .../panel/heatmap/partials/axes_editor.html     |   2 +-
 .../panel/heatmap/partials/display_editor.html  |   2 +-
 .../plugins/panel/table-old/column_options.html |   8 ++++----
 ...g45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2 | Bin 0 -> 22196 bytes
 public/sass/base/_fonts.scss                    |   6 ++----
 15 files changed, 26 insertions(+), 22 deletions(-)
 create mode 100644 public/fonts/roboto/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2

diff --git a/conf/defaults.ini b/conf/defaults.ini
index 6e0a7a6c41a..8699ea11e90 100644
--- a/conf/defaults.ini
+++ b/conf/defaults.ini
@@ -255,7 +255,8 @@ content_security_policy = false
 
 # Set Content Security Policy template used when adding the Content-Security-Policy header to your requests.
 # $NONCE in the template includes a random nonce.
-content_security_policy_template = """script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';img-src * data:;base-uri 'self';connect-src 'self' grafana.com;manifest-src 'self';media-src 'none';form-action 'self';"""
+# $ROOT_PATH is server.root_url without the protocol.
+content_security_policy_template = """script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline' blob:;img-src * data:;base-uri 'self';connect-src 'self' grafana.com ws://$ROOT_PATH wss://$ROOT_PATH;manifest-src 'self';media-src 'none';form-action 'self';"""
 
 #################################### Snapshots ###########################
 [snapshots]
diff --git a/conf/sample.ini b/conf/sample.ini
index 78e4db378de..7b66c7f141e 100644
--- a/conf/sample.ini
+++ b/conf/sample.ini
@@ -261,7 +261,8 @@
 
 # Set Content Security Policy template used when adding the Content-Security-Policy header to your requests.
 # $NONCE in the template includes a random nonce.
-;content_security_policy_template = """script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';img-src * data:;base-uri 'self';connect-src 'self' grafana.com;manifest-src 'self';media-src 'none';form-action 'self';"""
+# $ROOT_PATH is server.root_url without the protocol.
+;content_security_policy_template = """script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline' blob:;img-src * data:;base-uri 'self';connect-src 'self' grafana.com ws://$ROOT_PATH wss://$ROOT_PATH;manifest-src 'self';media-src 'none';form-action 'self';"""
 
 #################################### Snapshots ###########################
 [snapshots]
diff --git a/pkg/middleware/csp.go b/pkg/middleware/csp.go
index 46acb5a8ce5..3fff0cbe04f 100644
--- a/pkg/middleware/csp.go
+++ b/pkg/middleware/csp.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"regexp"
 	"strings"
 
 	"github.com/grafana/grafana/pkg/infra/log"
@@ -42,6 +43,10 @@ func AddCSPHeader(cfg *setting.Cfg, logger log.Logger) macaron.Handler {
 
 		nonce := base64.RawStdEncoding.EncodeToString(buf[:])
 		val := strings.ReplaceAll(cfg.CSPTemplate, "$NONCE", fmt.Sprintf("'nonce-%s'", nonce))
+
+		re := regexp.MustCompile(`^\w+:(//)?`)
+		rootPath := re.ReplaceAllString(cfg.AppURL, "")
+		val = strings.ReplaceAll(val, "$ROOT_PATH", rootPath)
 		w.Header().Set("Content-Security-Policy", val)
 		ctx.RequestNonce = nonce
 		logger.Debug("Successfully generated CSP nonce", "nonce", nonce)
diff --git a/pkg/setting/setting_test.go b/pkg/setting/setting_test.go
index aa52cb60a14..9a3d5ae6d35 100644
--- a/pkg/setting/setting_test.go
+++ b/pkg/setting/setting_test.go
@@ -28,7 +28,7 @@ func TestLoadingSettings(t *testing.T) {
 
 		Convey("Given the default ini files", func() {
 			cfg := NewCfg()
-			err := cfg.Load(&CommandLineArgs{HomePath: "../../"})
+			err := cfg.Load(&CommandLineArgs{HomePath: "../../", Config: "../../conf/defaults.ini"})
 			So(err, ShouldBeNil)
 
 			So(cfg.AdminUser, ShouldEqual, "admin")
diff --git a/pkg/tests/web/index_view_test.go b/pkg/tests/web/index_view_test.go
index 0f6086016aa..8c4af6aa641 100644
--- a/pkg/tests/web/index_view_test.go
+++ b/pkg/tests/web/index_view_test.go
@@ -23,8 +23,7 @@ func TestIndexView(t *testing.T) {
 
 		// nolint:bodyclose
 		resp, html := makeRequest(t, addr)
-
-		assert.Regexp(t, `script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline';img-src \* data:;base-uri 'self';connect-src 'self' grafana.com;manifest-src 'self';media-src 'none';form-action 'self';`, resp.Header.Get("Content-Security-Policy"))
+		assert.Regexp(t, `script-src 'self' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' 'nonce-[^']+';object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline' blob:;img-src \* data:;base-uri 'self';connect-src 'self' grafana.com ws://localhost:3000/ wss://localhost:3000/;manifest-src 'self';media-src 'none';form-action 'self';`, resp.Header.Get("Content-Security-Policy"))
 		assert.Regexp(t, `<script nonce="[^"]+"`, html)
 	})
 
diff --git a/public/app/core/components/colorpicker/spectrum_picker.ts b/public/app/core/components/colorpicker/spectrum_picker.ts
index d9831aa9644..effdc932fa7 100644
--- a/public/app/core/components/colorpicker/spectrum_picker.ts
+++ b/public/app/core/components/colorpicker/spectrum_picker.ts
@@ -12,7 +12,7 @@ export function spectrumPicker() {
     require: 'ngModel',
     scope: true,
     replace: true,
-    template: '<color-picker color="ngModel.$viewValue" onChange="onColorChange"></color-picker>',
+    template: '<color-picker color="ngModel.$viewValue" on-change="onColorChange"></color-picker>',
     link: (scope: any, element: any, attrs: any, ngModel: any) => {
       scope.ngModel = ngModel;
       scope.onColorChange = (color: string) => {
diff --git a/public/app/plugins/panel/graph/axes_editor.html b/public/app/plugins/panel/graph/axes_editor.html
index fe2541eb627..0482e608db7 100644
--- a/public/app/plugins/panel/graph/axes_editor.html
+++ b/public/app/plugins/panel/graph/axes_editor.html
@@ -17,7 +17,7 @@
           Unit
 				  <info-popover mode="right-normal">The default unit used when not defined by the datasource or in the Fields or Overrides configuration.</info-popover>
         </label>
-        <unit-picker onChange="ctrl.setUnitFormat(yaxis)" value="yaxis.format" class="flex-grow-1" />
+        <unit-picker on-change="ctrl.setUnitFormat(yaxis)" value="yaxis.format" class="flex-grow-1" />
       </div>
     </div>
 
diff --git a/public/app/plugins/panel/graph/template.ts b/public/app/plugins/panel/graph/template.ts
index f737f10fb8d..a49ee4bec40 100644
--- a/public/app/plugins/panel/graph/template.ts
+++ b/public/app/plugins/panel/graph/template.ts
@@ -9,7 +9,7 @@ const template = `
   <div ng-if="ctrl.contextMenuCtrl.isVisible">
     <graph-context-menu
       itemsGroup="ctrl.contextMenuCtrl.menuItemsSupplier()"
-      onClose="ctrl.onContextMenuClose"
+      on-close="ctrl.onContextMenuClose"
       getContextMenuSource="ctrl.contextMenuCtrl.getSource"
       timeZone="ctrl.getTimeZone()"
       x="ctrl.contextMenuCtrl.position.x"
diff --git a/public/app/plugins/panel/graph/thresholds_form.html b/public/app/plugins/panel/graph/thresholds_form.html
index a19c0211f8e..4043afbff9e 100644
--- a/public/app/plugins/panel/graph/thresholds_form.html
+++ b/public/app/plugins/panel/graph/thresholds_form.html
@@ -54,7 +54,7 @@
       <div class="gf-form" ng-if="threshold.fill && threshold.colorMode === 'custom'">
         <label class="gf-form-label">Fill color</label>
         <span class="gf-form-label">
-          <color-picker color="threshold.fillColor" onChange="ctrl.onFillColorChange($index)"></color-picker>
+          <color-picker color="threshold.fillColor" on-change="ctrl.onFillColorChange($index)"></color-picker>
         </span>
       </div>
 
@@ -69,7 +69,7 @@
       <div class="gf-form" ng-if="threshold.line && threshold.colorMode === 'custom'">
         <label class="gf-form-label">Line color</label>
         <span class="gf-form-label">
-          <color-picker color="threshold.lineColor" onChange="ctrl.onLineColorChange($index)"></color-picker>
+          <color-picker color="threshold.lineColor" on-change="ctrl.onLineColorChange($index)"></color-picker>
         </span>
       </div>
 
diff --git a/public/app/plugins/panel/graph/time_regions_form.html b/public/app/plugins/panel/graph/time_regions_form.html
index 40eecb8e724..994a8ddeba3 100644
--- a/public/app/plugins/panel/graph/time_regions_form.html
+++ b/public/app/plugins/panel/graph/time_regions_form.html
@@ -59,7 +59,7 @@
     <div class="gf-form" ng-if="timeRegion.fill && timeRegion.colorMode === 'custom'">
       <label class="gf-form-label">Fill color</label>
       <span class="gf-form-label">
-        <color-picker color="timeRegion.fillColor" onChange="ctrl.onFillColorChange($index)"></color-picker>
+        <color-picker color="timeRegion.fillColor" on-change="ctrl.onFillColorChange($index)"></color-picker>
       </span>
     </div>
 
@@ -68,7 +68,7 @@
     <div class="gf-form" ng-if="timeRegion.line && timeRegion.colorMode === 'custom'">
       <label class="gf-form-label">Line color</label>
       <span class="gf-form-label">
-        <color-picker color="timeRegion.lineColor" onChange="ctrl.onLineColorChange($index)"></color-picker>
+        <color-picker color="timeRegion.lineColor" on-change="ctrl.onLineColorChange($index)"></color-picker>
       </span>
     </div>
 
diff --git a/public/app/plugins/panel/heatmap/partials/axes_editor.html b/public/app/plugins/panel/heatmap/partials/axes_editor.html
index aacb122ec77..9d711078718 100644
--- a/public/app/plugins/panel/heatmap/partials/axes_editor.html
+++ b/public/app/plugins/panel/heatmap/partials/axes_editor.html
@@ -3,7 +3,7 @@
     <h5 class="section-heading">Y Axis</h5>
     <div class="gf-form">
       <label class="gf-form-label width-8">Unit</label>
-      <unit-picker onChange="editor.setUnitFormat" value="ctrl.panel.yAxis.format" class="width-12"></unit-picker>
+      <unit-picker on-change="editor.setUnitFormat" value="ctrl.panel.yAxis.format" class="width-12"></unit-picker>
     </div>
     <div ng-if="ctrl.panel.dataFormat == 'timeseries'">
       <div class="gf-form">
diff --git a/public/app/plugins/panel/heatmap/partials/display_editor.html b/public/app/plugins/panel/heatmap/partials/display_editor.html
index 7b38061e2ff..6343eebf144 100644
--- a/public/app/plugins/panel/heatmap/partials/display_editor.html
+++ b/public/app/plugins/panel/heatmap/partials/display_editor.html
@@ -12,7 +12,7 @@
       <div class="gf-form">
         <label class="gf-form-label width-9">Color</label>
         <span class="gf-form-label">
-          <color-picker color="ctrl.panel.color.cardColor" onChange="ctrl.onCardColorChange"></color-picker>
+          <color-picker color="ctrl.panel.color.cardColor" on-change="ctrl.onCardColorChange"></color-picker>
         </span>
       </div>
       <div class="gf-form">
diff --git a/public/app/plugins/panel/table-old/column_options.html b/public/app/plugins/panel/table-old/column_options.html
index 08e8045bc12..efceff11e7f 100644
--- a/public/app/plugins/panel/table-old/column_options.html
+++ b/public/app/plugins/panel/table-old/column_options.html
@@ -106,7 +106,7 @@
     <div ng-if="style.type === 'number'">
       <div class="gf-form">
         <label class="gf-form-label width-8">Unit</label>
-        <unit-picker onChange="editor.setUnitFormat(style)" value="style.unit" width="16"></unit-picker>
+        <unit-picker on-change="editor.setUnitFormat(style)" value="style.unit" width="16"></unit-picker>
       </div>
       <div class="gf-form">
         <label class="gf-form-label width-8">Decimals</label>
@@ -220,13 +220,13 @@
     <div class="gf-form">
       <label class="gf-form-label width-8">Colors</label>
       <span class="gf-form-label">
-        <color-picker color="style.colors[0]" onChange="editor.onColorChange(style, 0)"></color-picker>
+        <color-picker color="style.colors[0]" on-change="editor.onColorChange(style, 0)"></color-picker>
       </span>
       <span class="gf-form-label">
-        <color-picker color="style.colors[1]" onChange="editor.onColorChange(style, 1)"></color-picker>
+        <color-picker color="style.colors[1]" on-change="editor.onColorChange(style, 1)"></color-picker>
       </span>
       <span class="gf-form-label">
-        <color-picker color="style.colors[2]" onChange="editor.onColorChange(style, 2)"></color-picker>
+        <color-picker color="style.colors[2]" on-change="editor.onColorChange(style, 2)"></color-picker>
       </span>
       <div class="gf-form-label">
         <a class="pointer" ng-click="editor.invertColorOrder($index)">Invert</a>
diff --git a/public/fonts/roboto/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2 b/public/fonts/roboto/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2
new file mode 100644
index 0000000000000000000000000000000000000000..b562906c17b7a4714a9d7af312a6b5309d7481ce
GIT binary patch
literal 22196
zcmV({K+?Z=Pew8T0RR9109LdB5&!@I0FWpE09H-_0RR9100000000000000000000
z0000SHa|#KK~gFPU_Vn-K~!WX8UTbgFG3Lr3W1qm`4tO;LI5!BZUHs|Bm;v&1Rw>5
zI0qmM2OHabHL8~m{LT}Y@pe`AbBm&+YylWW$tG2@|Nm=pV+`z3wYr834-Xkx?V+5g
zT2NJ0CbqoNjZac9oyLh<fxs@0^q8U$7r8t6PoI#+gfQ1Er<+`mvE+~kWSsZrht1A8
zm@jBcBOA#LAKCASpO=QkvM>KEKF`!KR?o0PkG0I3Zh18V*;6^PWH?>Xx!3BZg~qWL
zNmg2C;5Z*O_b0sk|2YFCUUtii2Y|oXv|nOB)cXWfSSFjy5X`L`5-qhsZ^Xu6Yt}GU
z#prF&+h9bF7L*p7P^1(POhO5Ji0`YPh?)Pd{bA(mzcQrPf3xckveRAn*&XOw*u1=x
zmq@&rMKU2iUER4u2`%ZYBtx8)W&(GQP!bm<wT9pVpdB?c?QVOBocYhGCC4(!vIY3X
zWR#4t15KL+<n!)%^1O7#<6ei53n^{7GnpbML?8R<UI1m3&18Hmst83z3+!9P&Q_{U
zZQXy+_rK?6?(V(^k<))mDy2zHs0}~P#ha8q5zjJ8vuj6oe#Rgvq)&K&ZHQj-v)}CT
ztJkqL$|`UX4PN%5ub5ohRv)pszqLl@Xk_9CfC6hP<O(GoDmr-?%xTpQQ)hPfi0S#;
zo)5qGzV|W}Ltw{o%rZ!pWywHss5tYky#l~pJ0Ml!1Il5N<IiOl`o9=IRI{5<sQao%
zWmbc~H`Q$aXSe}yNy_U?$q96XbA50ug>lh%+*BVAyWGFKgt%D1(gILeg3!#8poYt3
zxCNYuix3<`6%y4shQA<rT2RNCPwE2b2!|M}6e^7?k1MzC?7mdzn2Nseefza~Ye-yd
zA=-k+3;o9^It+vOiMD%}2u*BH5}6h}Y6JK$(b@Z27w8MZC^;iHMP}xFeyA%yG<7Uo
z1M?ye5h>+piX1i==(=H}wj9>Ny1)v!sAuFdHXq%JMdS$iFBSp-kOpKF=E6s<2VT3s
z*#Lr0X0Lq+x_n%WAc#2t2$}y8)u8Sv*0(kLw%6C*Ig6&|Puhirz_v|T4&e8b<T5!e
z8KeL=83i^89RZI7qeC{$B5*k@fz*GmgYGoJ91vv3QvfJyW<)f|Wzia#8G_B->zUQO
zKNgeJUN2c>#~bV+2+^`UhPd~`0M8pcg<v@}o;9Z~QiCBQfkkO}G|j)~fk9MhYlSZW
z0vZ+t%^(5yTg}bZDhF;+i*XQe00hjBTneo^4VEG;6EdHlawqo=j5s5%h`T0eie_kz
z*3pLA4nw73zit?$!EB`jF8|qb00I#UPb!_2MnW=P!L4r^uSpNCtqrR00Eh!%?5L@|
zxmhAN`MOxS%p{PzG87;W|FY?Ax|`y`-ofF)QF8ohv+cmIemyFSnfKQ2*rqH+{A2vv
z7jah_tLdMA5N6mA+p;mcq;!3CvM!}DHEq?(dd((dQ(33>*YehiuKVh^_{4<O?HAev
zR~jCyIlpcNkH2uWBjXZRcug#lByHWirMJ6B+PA%bVB5&h@Q%UJJv(>p+g-bNa%_BJ
zzcRqvV6Q(K3~v~ti6E+ytlX?wy5X2_*n#W$;jKr)qZp*eXcu2aT|+(zO-{xNz(Ig_
zmO+Bz8K9dnle`+gvlYQTv2&o*35L#O$gy>3y+ntxKR+epNq;V{OTLvK>&4?cT#(UU
z;<QqzQQwQ#vb@Zd+nS+rx2$joPYLs|^*UwX5q0DAE33L(`jl`RlPirYE^*oJRUvS#
zAu856!~{Qtjh7{1*aFL<$PUz&YDElj90Kzl2K#(@s6wF?B%>{@%hP6E&jbx26|{zo
zG(k`vqwMD`xx5|;5eT9beyK`Z9w;?=-UpeU(r5B!!=)+=SK%+ge*U{)r-$C5k&#4U
zjqlgL%5?>chfx@9KgJOh6<|ljp4t+gS1yOWQVE4Y+EKVtDV7w$FdXjkRvoRChxK6+
z+@rxyxIgGbrA^ZgT{r7Qt>Ww<g(^u!s&F5UE`hC#Qsow<Tu-{1tlQR~9Na2lsDO{{
z9@u<Y{2e?h({~xyX~-a^A*Xzob3u~{Au1Jw-gFt#vQ(6*ErizHaniKBa_D6IPMudO
zIZ%6o-kYZYZ^_L1Q>yIlYiotNi16K~(MO6>5x=DtVkZT70}s5DL4pOhh^4HY_WRG2
zyOx~_bma&F6NE19umrkq#Fy2)-;88+wyj_G_M7Ate9G7_dICDHpp2?RqvUpAc6{br
zwqKUHg&r)8aBGZ)!(U9dPpU#0C9$Kk$<pv-3pG|}($@TtWP(?=@hto1FNlzBJ}3Rj
zumgrBDHBbR-DP8oeQG@nS=Jn4-yimYn2%J|##U1*_#*ogN&I?#g*gXJ*Ut!lIQsZ@
z;rzMK=eJ#u0||k_DIXXtDBvmXDWb@PIjZskMoGZH0MjwpLy7VTTm?E~agFIz=dE!a
z!c39(DWTzFmT$k#u0mgZliILlltzYmY=lS0XlYn?*5odsK8Z_EOrtWE8IK9M_AyAJ
z;4;jzTf!F#BzgqOlc`_56%?06YU%H?R8GhaEYmW>h8L9}7{tto7${1VxnUuwBnRhN
zPU1Li{j@pdanjslKuSFMam9{*^FfN`t#NE*Gq)&yFngOUY0Ecgid{+E4BA5Ck^B33
zdc;EBcOwje&YX!RAytM4496Ff*Tk{Ri+Z%07?%JFZT>E?%7I3O*3lBq3EsEwU=xLC
z5r6`nb2&;cXWo+>csnO?_f3``mh*K+9TXl~6s25`tgvfm^vDV`rBemPP8%Hl64mm3
zI$46pKK5W#W-u=S+S5dKP&03N<%?{B<Oe+3L)n;}&Pknluu<E2ckk_Ia-aFoxAYUY
zc)bts=n(aXfu73B%@UzJ2kWbpJ|6WQ_i-r=k{sAD+}xyv>D_8daFWgd6EjwB6s}Zy
zib*|QV5m-AbITpjXLj6690Ie3?PX6NIen7=2B{l#IC9Cp=+yr(ml8L8FD-lqLbQFO
zCd3r#_+dPW*||b=e~7mdKk`cMoBK&jdG=4MrI}Cm897sX3;KF|reXahIH^cspg6Ns
zt^;j%1Ql;&P0E1*)TBz=iR~!R-a?D3ktd97zjx2hvK^LGX-QwBDsu<rwydz}$hi8-
zVe$+}jp#Z)NOM;bHEClq+_^E923wJ#0b^iAZmAn|*z}H47H(K!=JrIupu}fEwMXzI
z;!1v_!<*vBhV`%i`V^}gqzuohb0!292#rHuel-?`UQ_akkTtGHfh|}97(SY#i{3B@
z+{h62Oo)v0Fp$Mn<!<(hq;)`%6aI`zKq(X*b{R`!zj<BJ;bo<r`UrPTNSBe#pbr(X
zAQj&C2Vj9{l_cQH-#?4Ym9_*+>T$UM0zOwcWhtZE(AlGQ1lMMO(`z$S+5aS_Zz{f!
zLg-Gz&%!PRu!m-)$7h0qo%pXU3q;#izXZIQ=U?FZG$}n<i_{}ntoRd9Hzb~*O0H8i
z5>di24J1~*YPFt=)2v!6&f3#VQk5GkhKLhxda>mjIZe(kiBoh2cL~u`$#>I=P$?3n
zH`!asItX<^c$;GZT*VK@4ENY3wBWI-+Yu^-6qcTkO?oLc$9ws(mygi)X65J25^)ls
zGT?O6hzu|QU6%C@paWVdWy<z_ynC`I`I3S{^H!Uab0HjK^B#v@iPHqtF7-zm82Qxv
zr_Q+9L~e5}sAh^ty}S64E%`~gZ!}jJ=9_BfdsCL#t5J1oLA4fzl<T_M+11QU#NH{r
zcg+ajaWq6Z1CbT`{}K)1)QFWAg`fSAG3Jzz4NyAnxSe0Z&bv%Tm!1yh$*v8634v@0
z5xu`co0XO3%pdhk&BAI_MoDp{`8`9CEA|4E<_av(qLALRgWmJgH-VRu`KI<EJ>w8s
zp4_5i%Idpy;jDp4*Dh56J!|gHQks_tLBl|?)v_b|;p*#0Rh2=isH}!bVR$5Q_)79^
zJWK8FsP84&D^*dO;Rgs#?(bLoWUCV~fpG#k10L%ESF0_k_OmF^5b&f*oKVU~K6vo%
zqMC4*bn)S>zS^-zBB*Uzthm}rTp@rvQDzG^>SCe~1O+*V4h&PokSvY_HVt_%Q#Pa)
z14hUNH~70bLSZrha8dwjC-5l{yeZ@``~sot6$!oIUi?({k;E*3n#1M*OzjITly1mt
zJb}&PhN=V{8JtvCmYJ|RDQs@ahR+HDrJz8}P)+eDjVRE7F^Q7cqR>n;9NJL=En*{0
zLrda=#+lDh*I7IdC|3z{Tt7Ju>UOHZ6XTtQ`&qZdbXgDsC6SH>FH)1njAuQm0?}(A
zlVZhI)5s=CRRe*J#3$-Dj+{3fazPIE7zqqdL~TEtB;u3CKI*i9LA0Xr5EoWCKsx;o
zOCVT~{#9jy3iq=^$$4d9wASM*@IZ)cUSZemAA3B$#Ix4tD-4U}<Qm7dcY*-5(edLZ
z_ddA$FcgI!hLuWqk?F6C0Orm34bXcY1BM$Bs4|Tt0-O<O$&!2ZgH%+T^5!5z@W!>2
zOqq}%kYp?S7$t`Hp`<yE%S!Z5LYCfQ8t%(_hhNpC4>C9bKJzPJeA=HO>W2Xq8tCUC
z6gSvX9T@{>U3ZPsmi1_8AQ>Er`v=2;ca1|#X#73HbCL9($^ZVJ!W0s>u@+4H`_H(z
zB`7*QLaAij>a!46)JlQS(JO@WVJQtV1h(}>eN@i;z7PCJoX!Yk0~}D|lh+Tu0NG1{
zI{bnZP{RXi-!+KYh_aO#*{=i$d!+qRYehvN{_664B4F%ebN{RvL(%gBb!I$s#I?4B
z50J+$u674gLfKw=(_x<~wI`k`526Bgx<;WueFy9ro|Zb>27$OXavo>eIQpY{HL3N*
z-F2$=hI19JGtzn+Ra6+X!j_)YyZv=dbyfF2$vrH65VdH7UQu0Upwr8p_L%<r2^<z)
zo!c5VyEokYZs5SpBH`cPK<9MZbD($cpE@gNjy6T;4;O#gTQ7eLx{}@#yh<qskSa-z
z-WxdJ3v&x3pRo@eb9}@AkS0#MdPC(pX3qrA4cg%9&Exyu+fYNyDXg7{vV>LR5X3tR
z=M)kzwzd)dS&+=I><7$rmgb$f;VRNL4DDzg6~gK|OEMC&S$iJ5Zs!(b`s^-)<k@=U
zwQK=qP61J&V~Sjou+0w(+?*vU6b4eexQpva^k1zYvHAQpN_!4AYB7`$bVp=uW%903
zPLl;d{u3q*Eaef*N0D4kd*1@snB+@L_Dt0&JoJe0R_uYHx5adYlc&<E{)3oU>uW*I
z`)ivzqONgr?M8)jZ=S3*((vg1iwFT!J)gvV6h@AD>+`oxm8=fO!S>R@Hm_0Cs45j6
zlK5}~_-{lhHZ|n2EHL6@5N$V}+Bh-?DM~^5LSxhTcy1KdpsoX6wCF*KVR|Ur3k}F~
z-Y7g9d>@Zi96cVcYqqdP3<691a=s_de2@*b1%DQfiBH3R?qp%;Cr50wjQ7EO;s=fa
z0k36$@L>EPPI5__NjI4<Yq=MimDPo|W4mT<X4^^8l!KnOE1WH%YzzRx3>aH-?(VxQ
zEv~kF#c`h}GuwR)Gp5QFq>(c<r)t3dD`{Yg&ZqFhVzvVV4^@h_HVBHAiREEWt_7r9
z14GPaKAw-C#3qATyIoenqlUoPxX?@oHa^p6%nj=D-FxwCY>sDLAzsC15>!RSS$;$y
zx_s1R&BGX_vI3k;kQFKt5_Hd=+LzPL)9lNiJ|*gel<ZKxtbiz&W6G>~Cc9ku<o$b-
z{NmKj<V}O|bzTy0iPsQ_JqKdFhWdZiNaAY;H*F!O<WKPbzN;Jq+vD=UVS)rJ2raG+
zlm|$HCbfki3pE`iL#x-VPC|d}MI?f_6Ma2GP~r1}7m#A~5{cYa0YNd~yVg-)+~~Z7
zfEHv7=m8OLM~Af6=7+0*1#B4l(HyW_T8A>;o*ixg7VtzX5Pg5j40>x24H0Vv=)%Hy
zt5_b$#Tu&US?=ymm6nq<hl)?1NZBft0m~QVhN?ukf~jNH2IcNApC==8(z>ZbQwa^;
zGH;pJ2#6gAaegCyQeRne{mJioDajxSjG{#$YZY9;0Tyt&Tva{=Ea23rY82T1G&8Cy
zRgD-&(o54v0kvo5gD<LtDa$4Dxj7+XQD`o9-a1>h^VY9>**S&@;Xi*%$06At0Ma?O
z>kt2TVgIlCV*<8m`sb6t0-pREGz<cZMJ8YYn}>jV&&(5G0S}8D<sZKkI9+ve%oH64
z7VzoP<+Vs)0Z#x*WME?Cd;@Vi-~zGB>b*eevBOj5C5vrpY}`ysN$H|B8Uwh~J%;Th
z>z+d)$(1<j>)O&7+lW28apc3;GTX8n&+yqunjXjF>2NeE!SL*<eVN&qnZ5DZ4MO&e
zD3q(3SSoD@czV;$2x=s79hhSBXd745NPd3Q=!8tWt%KYG7SQxN1OB=wxH21?&*x)v
zDk=(5uffiTeN7<7bGN6$OA)`iscS1EJzd6|Hpi{@%5~3OHVnf%y#^9icQtkU2Jx+*
z!{0Tm_;RT${s8P5c=Sq(rET@?7ld4~BnK}N3QHm(=Dv7gUrlSF1^SEUqiTuRfES8#
zaANh7{rPR%YS0<y8+X=@Qf$hSaX9EINlDaBK2<<HL^VJrfdxDs-;aOC2gbmbR$QK#
zPsncBQXF&%u$qk#Vd{;W^1Num@}R?q=y}$HlV<5r{XB+@_lqb`bATw^beW*utk=bM
z^T>SKs5sWcu_XAPuWYp=3$Lj!&i1A9^U#TjxSWRXAX#yv0)`he9hs>fr|`*}kMGXN
zh~K~?b4kPEC=YIV$hW0&Dv*j?h8e?WfW^YYa*hE)i<v_p><)yBtYJqN(j<~1I$MdV
z0bC%sGXnze0E6fto5$uKP!!}Hh>GM#@+7l4z;)E;$jpy!L2RhhP3&gQ`3Zb6?1JnL
z4BENbpR|L{Oj~yUnL1(T`q!x4vOg!2ExZ4o0l}_SRMzdimuK(a<%@WtTQm3fUcLiT
zuF3CQ^-0)l=C|L>ulYyz6(AhMRjz?-+CKaXF0lpDd3Fd?op$nZT|xVl%3Iq$ID}0z
z4AYD1S!K3!0gg9rsJ-do8NRl5fl88Uq3kGzi{WC$ZOKAPrOlTOBsDc1x}`-(I^lmI
zyoMI%J+{wFfDZNJ-Q3)P(C)vx^oBYo-5UtW&QO(i|5TqKW%^AOQq0JNR=#d1Vwr#?
zn6R#cRb~EG?k{HN`Of{MuJ)2M+**#OLWy>%KfkA{R$f=Y@WdF8k00$_Z!fd|_$0=I
zh?TgW?q_P;7VNd4u31wl45s;Qkc5i;*3)T~LN!B+L?F;=Fdfh9+`4NdLc8*qCPK!R
zv(FZW7O~H;WfAgYnw9Dy*6Hu1EkH7DkBw49Wx&A(B(#$K3tdK+4JYWcdjwRTRoMiv
z1SXQQi>u4p5l5FYq!A0p+o3W39W-PKCpxt@F_8B$P+Xgkt}Kp3QvKV(M%UpR4b(WJ
zhRhp?$x^JO&m17uSVmh}B$P2uGbK#%RBToHj6x_DNfIu!hL$N#2}A<XcS?(03zD2L
zPfuhy*+y(Dr<K=KXQ9EFxyjMa(I{bn0sc+v$B8U*YlrstdaYI~t<l=;)a=TL!Mv!@
z&QP!s39StOg)XDXb|hql8$5cao=MWh!G(gvd?X(!bL4U*43EqbVUDEIQ0NkxvoHKt
z6Ms)(;Fxt)@V<umB43^XH{vu_vk!4PyaM*<@h9ikE}ySGj)D>KLx>WrVj!1qpBg3?
zPSDllWN-5K=>ZQf`f9n8rtxCR@Umqah$=294}5z~4eTeZQR8Rh$c7Q!woBf)LI!;$
z&hzuv#Rf00j>T^;fXlva=8q^*d2o2D7sU~59-)}o_qE>8&2ENg4>EF8j2(HrD?Ye1
z24fWt*HFEc8Q{$yoBsXl-|8c0{?KQwXx={uEWunguouCo@l+;X_Q2wC;6!2VWzD2#
zVip`6{rxVydi^K>GZSiQV}bTq%1eLvtEF$NfY2FqbYQvbt7HVDN$5J0p}8^k47XY6
zf>D41jy0GvSqFq%muh^%!c)Azy@Y2;Cr#5ultDAI4FuKi#(<^9f6DB4>;<(bSe4*s
zjx17kG@+vWNWzg!l`2K}B~r%0iE3htP{8pGuoz@lj=GGiRF-oy8`Tv9i%mW1oN`W-
zvVsFL1cUuMOxDzE!}|(6BXfomsIpBg{g+B;Eq#G1eGl)5%L~u(==&`q)w*i@mMb(S
zpp!-`<tmBM?(b(0IoSBSzda*$#YC5KM6`eonZPW9w`L?EmzwIT|3|XI%mgg1O;{C3
zK27yyyR-6kG95Dk5t0P)lo+Yo!z*TZ7!mgNlEf2~C0yF?vYmiViLO4L!%MQY>Y8EA
z9d)L~Dmsf1LaNp_)#LDq5(hxP4EJIOyetlo6Ea<MYbZ*FNfg<5YGjgCq8-Hz3~;NY
z0)|1Y8lq*nDIE3ivscRy@Y~maO!5q8rocac4&(=#BoTG>^*h3{)3=f8>e%IcL3nny
zs-K$XqHr_>J$bSfphVm`OP@}ksBFrnyZ2V1r5LqUZVu0_*t2Ds{MzG>ej!rV<Hz7}
zoT$OhK~OWsnzMemaE+<+iKNDQADs2BNNO{+)>8IcS*@q23PzKtF#z7~y_I#+<sH$P
z@5Fb_B7O&8TlV&P?epF@*1N?qo3*=U)@$5nd~&vC|E$+G=(hUV-Jod9x9i3h*igW&
z(CtKTG-UXsx(&=HvQlbaA1gg1An}iju#@BlLJQh-(KpCS*4d3)wdn=Q(X83G*HvT(
zHuj>gB3g|D_2?|mbwhnXXogd5<lG3CMaZV2jHLn-GF3M|U_?kG<kRv};{k;i3YY#*
z>-%Xhvgi98^tLWkHk!}VBcVa)5-Z8FZ-t>lmt1v7PDEyavjA6OEv3%*sFnjuU;&q-
zu8yzj`T=12?ylKas9%w;#5C|U5#4QVyCZUqQ<C{b&d#(sVL&krSr8(N$UwW81!T~$
z(D<QYRWV0=&$$hFWRZGTi^}0mMyy^aLS>Uk1_Xzb6G$YY(wQc$wCC#8F{)NS#<+1^
zG?YVz8BU(hkcnYqiSmhY&*V@8XP~=#l%hB6j@+}CyCq?ciA+T}X#>L98GhfE`)hf0
zWGazcfD{Af=@&o$h(7zKxIf+$f37cPfB((P;MMJJWZNH;lYD!;xR4}QpsIw5fLbq%
z0ne}6+UT@$#wI(u@ABy(QgY>_l)-JJ&*qhcA8KsaAu`0&Aji<HF^B&G)V5it!4GPc
zYSk)L=21-n=L$EPDH%^TmX0YI0tTOPC?}aPNfwX=L-EDr6qvq3KpD2k<Q|FSeRoX0
z+Ud;;K^EQ75x#;e4XE?RWRZ9b14XaLZPi9PFcm2&8ebr6ljhyp>4xlaJOlWTDVe;j
zTeb{Q)6xg2<t?18nKWPB*tnAasU}(S|5yJacD7{T(X}zEUb~O>_^Nauiyct-)geV(
zvs9C_L~ZCz=b-f@o*|IU%?TutP<jp<WuSx^f;sG*V1W>A@XuicrY?bM0F{;$@OpVb
z3X>U-_WHFZfJRFW0&g~_g34X4dt48H(TiiMS|y3&f*RgSUJPBZJKks<i=_(~LdMbD
zB*Fo*kSrWbEMjE9va+t#o0+E)CWZ1%bNtx50zGTVQ|q|Wz*RV(tS}xko1T@3?bAg#
zvZ54eNq*o%5$d9=Y`Vcn1}y#drp~FZy<+i}W-l?C9;}Xz&PVV?C1`zCNG5IA*U8B_
z3+emn+qX|1P`u*GhCaAs5kNdPR3_qtuGIOn9v&aR!kdEvn+acCp~GylX8WcBFDAFt
zZ*UV{#Xv@g-Ab9`CtlZV@TZ3+6crZwa3ga4Qj4&0VMES~<B+mIgoC{U%-yH3*b4&(
z#51S&+_TdVS;CN9eq2ESPgLgL(1BH%jo7)n{ZE)i!Y?iTUV(1Avd(Awew>C$fye*-
zH60Q0TIqfzJ>Yc6$S>J}gl}`F++a{Yo)C)NR9u$TK0E@P&8w=Ugt~L{4W!tZdeZy}
ze4VsPhOe7Hm*N=x#NrO-&XZLkP;o&r-xr4yXMPGy98wh;D9O%&#S46s^IeCa{Li19
zBJ(OvlYPU@{;J3wY|$^3lr#pB0;6rcGgj}<$gChdF-S$~u>B8g0nMxZ?mzEg&exut
zSvh9*P8W0!5ja=IL%7a?hL<RAWZ39K)8_cg=Be@h?fu%SqozNfo7)pUdiKK04zIp|
z@nI|S6aht8JD4~0(LLYghyc>^JHNSf&~ed8EUkMOE6Y1s7NR5v$rG1uYwPm9QM3I>
zC`AZb>&c>}d80#uW%zdIyL114^@YFu=iDV%cchQ)-*DTj<5~V+Vki3yzy;rjhunzk
z7Y16){8Xo<0qtkUkEbE00Ry;&r@3H#?){2e`$dyqcK|h`M$8FzBo}rDsXzaj7`m=&
zM;#@O5C?^Z$Gm;7PYq0TAxo=5*YsgaL<g;qA+A9p1pLYyq%$vcE5|TE#MzUY;zTH;
zSW<|Q5M$hzEepchPBw4P_gU--%5@7w!7+YO=NA(KsB9kKaWKKoi#I>BhRVLmM1JdQ
zhZeIPm-`}z8BAAhAlTd2=aAH&bg#XC=gl@dk#3uS%A@j_XPVA7vChzVRNgkePSk3D
z!?J~`3A%H~w<G_@eBVtA3z{INmvi&ZCJ4Ya{FIL!KXIawmq1DKltvpqJ`Q82YQ336
z#qxXiPD5z*U+MYz+XH>CxCGwsZ!i}Ja~F=JBDd$QSiwoa#CUjQ<XSzUDCMa>^!P^J
z{(0=U3ICJ8xg6~=6&iXT-FitLZq5z-32Pk_7j>cbw}W1olW4S4`5G=V$l;r#GF0Vk
z9+1H*@>7al`T@#y%PT9SSx;IYc1UBOjN#wZ=nXH|N%b~;50dx6ir4lFlJXBqxqKd9
zdZHpnGRxy}d57gilEwh-Q(cX}Vv|=_eB^~nsrwI(@^V&bL&%CqSxB={TgnjC?@&P<
ztQ@$J&ZXaE5vl^KXb%8`&X|A&G%=x7ha;cg<Ze$-=Wf6C>~Lfiv>zH>junXm^)zar
zPN*uwMni$%tuwTix<HXqq(gCetZZ2CZ}NgD6R;9ZcKOl=dknDfob3rz8AV3@<@h>i
zjDIHzRm_bd$9a4>c+l4p{^ZKzXc$3R%%P(EJAjS@wpH)SLcCa4>nkUtBLDtM`}?aa
zFIb4n@$ifhJG)?`2&fp1M&LyV5IX+#MeY@{jU(_}SF5oNiE0SBeVbgb;$gEqJYqyH
zE?60!jEbtQ4K9dL(;IATn$ZeXXJoj7HErYo#%v88rDjLw!g*m?-dZE6B+*pH8_hO!
z(3MuFdcId%cZ54T(bj8{X>DY3k0RYK%Cm?DC%~2DFrWC7mofsm;i<S!&k;t!aZnyU
zvvIzLA+@>Jb1&9rHT&{I^4i2?=Gp{dk0Q-S=3dBfa`KA;4fUSQ$SBQk-?j>4>>ijN
zW;%E231WhTIF%WiNu2Jfct(^{{$+YDwQJ!mcVt#BkAFUyFO-G%bFIt;K?U#MC85HI
zYA<hlR1#-SLvJVZ`{-KjuJC<h{Lvh1^O62NR(~L@Vt4J9>{awxg5HN`FuA*J<3oX^
zEN)xTHr`enx%=WZUNkPz45#8LuZ=p1s9iO_YQ-wRA|@7;w63kFW(Rl0sxW<xD;tAO
zYF5p65@TaK2q!9QTh`R94B=u1)N#REGD^#Xj&cis+e%fbdZ>io<)qfxk!q$$RK=Vb
zCAP}tVvWpJu~Ms=H9BK=3TAKIp1bW_g>Ppv58#Q@OlBvrdGe;|rdu76#bvl(D_kOe
zn8}y|-%6(7h`PFE_g-jqdAXzpX$o_rRy#~Kqz)3>hXrjQ!9)p>qurBW1a><7<q4ly
z3K^OF^DVK=#W$S)?!8SKv?+tP_Uec!7?WT3W^o}!PnY5wr75(HTw*_2r`bv@DUL+d
z1*H7hzp*e3L+y8R(kqS{7La^=j3<9+&*DFNWSx4w89(fyVV%hhh`hT%OX$q6hg88s
z1W|cpj5z%wcvZua#!4lMnD7XByi_Jh0H3Z9D#Aq|PBWN0fafk43*#dh-zN7V5MWOX
zcuO#|LEh4VafNROz5@e3QXl|*eLa1ET~6x%+7G1V8~fOOtKKskMPJ`sI@|~{Hvo7~
zcX4k$(6!W-fujD|X$F2jjBYv7qsDjR#o3Z>PHLPUmJ9F}t=&g@AB6RB6IT>HroPS=
zQJyrErh8~PKqTM#>~sC`opT?^j<)T@{)a3GD%8)=gj7+9)*EGPicL$677Tl)xu<&H
zu6Jzl{lhEWJ2znp$9=&Sd_vWF7wf1(novKBEI<}w{{yLu$aVn#J}@t+NOyoPrV2}S
z-YBE3D9S998#m=s>>7o*yVkMB;}R?xsuk`G;+Cp(!ziP7iIyg!3iUI{LSzB<KhQBe
z@81Nhq)q+zf#rw5Q{B}6z*8;%pugSzU;%9Z61Vcpv7E9d*Sg4YP+feu0#|`AIlN+m
zZMQOxo5+zs+{&}f+G9`Q`JrQR6PwpHwQt@8)-`vH$KrNkd3a%a0^omfE7w8VRd_y*
zkJ%YJE`}Q*E(Hh)*c@LO>ZpaKL`)=NC&|La4GOK9Yq<oHz=`GAuVha|<5s`fz{fO}
zazh3HzAa`v(yh+e9LE7{B&4Gqwb~Wc+7A489qE8{K-xQyt6c#$%VFF!-g~_Ftm$mu
zaS(ZCW1pZ8U=uWhV}s58&BJ5Eh5cr`)K$%4X?2}ERuOw1k|+gfv?Q8GtOTMhNynca
zU;7$YNTaR9;p%Y|gTORwQOd2tGTq?svLCG<rC;7LQa=JXBR~9*^%swu_38&Iq;3nC
z{eezexg~D4?$nxB2WQs21Jl`>@yO9OYcRSB`4P7VWr+ihFV7s+eNP9sUrQW<&AbUE
zGr$0aWn+1~EG*1oRG5=+jwR;nmM{gaZ&SkWe0*XX7-ak5>7Vd++w&(+=Y0Hd>%w2r
zl3VyZJ%$1)!eCiIutA3PYog(|w*&=xWp2YQ1wXH+A6_(}11lX$*stkerX5)A?}?uT
z;M*LNyXpAMN7F};{&Aut@a^k2u}D;VNQkp2Bnj;-4neo0kg<^0Zv#qbz6mE^YyCNq
znHWpUz=B8(Cotc_(rDx)5V7>chgACqbb^Ufr*=v+GXhCuWb5>T$y4Fno$`##oidRb
z*M7CGDsEAt5J#QSl$D*<NTS4wj#gdiIWr~l(`s3GI$k1^%2XGC+FOXq*CcFLh~;?E
zRGe0uaYp?}WT-1O41cE)eHWV4g8{1S7|=y!XnoE9C0qP>P?3_MYso0Sy0S21K2LUn
z4ki5c<%AKiulsLE@icaJ_!pniGiCjTb(Gwn<67dne@XoXz_xx*L#O$>qy<yLQi5Ha
zgVU+h;0#xn6m%FR4eb($&R9wD;W|U!d3#@Vh9G>r@xb|txA$9!Q#A1J?lu>1&cCX=
zUa+}%Nl>3ooh|6`nK<aNyQr5s1<nk_40QIa|JOeh>Yi^rAGf0u&HBjn-Dox~+N^)Y
z(>>QU)cW|heNa%Tj_9hW*ul(VmwQUT{d_FG`2OL)MH=ayrhPyY+(#g9NspOP2#)OW
zQ&S@`rFH8oNRs$g++Tl_TU2N##bYcpjmI>PRlFbtmrYaIsmR}dhik%I$IRZal^)0V
zQx%9wZj7_-vZrXMI7QBdWBge`P_&<W=iYtwk1Nw!k%F22EkIfUUDnI_$kA{$Co}5m
zFO(^=V)8QJ7CX%QS%9C$OS_WOjgVM}p#N)uS7vB#-n!*y+#N-cQKW>c=4+RA$=>o+
zkuk$+owi37CL)VSzb<P4QrBhzVja@S)G@RLjrr8Ap$H^Z{F4{x2dzsilupeh8Imwk
zz}3;r{C{)RFNHlpa)SyXfD7Pz4+L1nAy!Wvh$d5)|9As=&}QG(`-Ut(5A5WGRV<M3
zrZc#!FFuo@M@O~rjK8DZ?bzF+H~LE`IHa;D)re5Y$}!mnbPmguCmebD;RvI=_z-!?
z6xJm2d=0<6&(S^*P&DXlb|$awd)s)-!+jf3haRT~e;7oHh=dSj;mT6DIHJbq&Fk=j
z=;M$T$-AW_DR~a7FFr`*;=hU4Cb2xyEA3vMUG(R##pL=5IclHCyPoU=!BV1?H@`ou
z$XXfWK7T0-9-9~>)W||S1p@(cD`l()fXx95=v;kN{Lf47gdvAJ`OiN`Mb#Scboc%<
zPaFk~f*+quy1uh(1hO-a+niCJqU3^$ftMPl3g7mW%ENTJco)2&m{PO~Q^Rj_k}p3=
zvl!^UPkQ$k+cJc>SZ4w+y`ce93nt?Fz)O96Qk+Kp5&WkR^t`ROq<GD=vpz^%<CDH8
z{eAbI^;AJ7W9UM<h&~TWia`nO<i9oy(PV5D=vf9tEvvzv^KbG;^o)_^9r}GWd9RM-
zdPKCGFtRlK^oV~UwR_piSK0kXDs|f7(2+ac*-lGcbu2$3QIyI1p8{5m#RklwqheO1
zq=t%IP7n86!vhuL)~Q3*>FckIK{A3agvTcoag_WlywvYdB+ju3)S_Tp^Z(IHvlmy&
zdPg!`Xqn2YD4z`zmEx3x>o2FY`)sxwvs`&96xZp3>d3!@L4)z=YbaoGK4AuWX!6T)
zEg)YzHD&YLCmVo7{(8)2lbsD9J^uRXmGS*cul}vQJ-ypN*q*C7zV6l+9>hU|xxRnA
z=KF@?<;baNzj$1(y90xZ^*+fAO-h!t{c(!GsRMp-AmWIB=RzlN{*d~egH}CD(E<FV
z1J6AO3_@~zT<#qjD)lyv!6g_BTsmQr`sTky<-X%{2&q2Q)8pm63@9x6{)2x#+&|pE
z9|MDBKKRE1RJZxHm7kEYNS@xiQw!$;EDPA#P`(#c#lQ>-5^{e4?ujfDu()Qr-dYwU
zqp00!P4l7F75i9o@X4?7_BuZvG1mKsYw*VGGWVAbV7Qhhj{j0&mcD4(W$J54T$Y-;
z4$vOL>smIntZad(sk^@azMd2vQR2dJ-gdsyiBow>BoYb*>iacjhgKfiaH#H(MU(2T
zKp+yIkyLSNmNz&L5R09{V;aNGj?hNaEdUA?j|{u`{9p%Nz4+wI0<mo8mf*94dygG8
z^P((m<k1N`2SlOST#nY4!8M=)-GXwsA*J3vKV?kYXJo1?Cl)3w9wnNan@e4PF#t9O
zDP$z30rISF7ZIFr2+8**TMgvO6Jdi$WLqxSo>S@DbL`xnTiPwT_K#splzoZ~MHFV8
zQw!RnVQzoU+NAD#!SdVxS|v!i{Y8$DpWn|f>W+??cR08-Ln2GnVx_Va^~zFMC`<7L
z*~$osvMtCmVlLFV5aJ<PZiFZzCk1+aij-4hV~oUH;2NS<gHnXheW_Nk#;zz}&)Jih
z5QIYvjUbx5WOP~7<by^tD6!|X^31uM@w55$o1eTm(#PiLPVgN+_wofIYP0ajnsd*B
z=R!~a`UdE_5qbhp*Y$qp@;XfsV*DpBLiFN;ilHzI*Ni!L3p^K0{`$(tMvK*g*jTvA
z!JNA(crMVtzQDVb{yPL=Vu5ET3<RqzX}XV98rRniR#gVEN|o=t8zHwsSIE6g=LQs+
z{lx!Q^Na6BTghzgKP_=r`1IE*cFJw?KMqPOIINeGpDbT-ZACu6V7_esv@ZbBYpgPh
zz;OWW+K7Hqs6e&xrFaS(B~70nI7*GO5$Gp{4rGe?#pox6Ut*mfMecYC>hIQVYTYlr
zRt%lX#u|USp<e`Ea)%Aj+6`xrDs3L%Y*``({n14-yyQe@^CAuFXx6GKn%{7?tk@XE
z4><==)%@D;4RFz>PRMeiuC^LK56IcFBr)V4K@B@xgU<r`y(O#9BWx73EyI`BRJU)|
z7Ty%w-|7hTv)5Xrx|v@+-&XjY1>0X9APwEvGnw5A35ow0@x|)%t6QFiB-a?rTy2ND
zJQ#Dlc^WgGvXkVTY@XjOe^PdKc18AT^1``6_>`P=bOZh9{GNsLbJw$fv&YWAa-mw>
zt9VP^A-;G~i!<`u#IMAJc=F=gmq7aE;|nqhI^{c;n#;DR+)&u0KD@FOvIlZS(Y&Rt
zJ*&4C4_LjGCG>~(i`S1W9dRDMLEW><j=0S=+hE6(Z}xueP5Q)Ntw^pYs;H`{uUPAU
z*Z;5o0RATa5q=OqPC)Bu!Xw7Sa;3bou=(9!Tkt6H0da_=$gfppRuxyRs%i_r75+AS
zlH5&hl9xBY1++j@D)o=TcMHEP`t(m~YHOy857HaVS85m7AJ-Y{8taai?_pnN-)28%
z53--Kr#4^O0&OW*aBjlwq@pPml};I`VycR&r`jqna_ig??l^aT%k`~=YOTufGH>%S
zpYrqk3azA7bUJOIi|H!5o^Gptq56&L530YYF7Ow&Zfz^})%#eW00*?d7<{pQMSXMM
zkNaK*SGbq$xtb+}!eE~-H*B1-uM8j=nXe-<GyGxp?rYx{6ZlmQ92<}Qll_9lJba5i
z_<(IKS$DYb(F*p)JWnF}y+xoH8fbEO@mn+vcU#N0<0@YhrbLy?G?Lu^U@V#I!*R6C
zKtxnzg7d{}Wnz!ibkTAl;%M;I-6kZ-snr*E#w(^-WMWA)mQOnAx{zAOy75^1DR^Wu
z7)oRrw8yJq#I>|JQ#ZYc+3>lw6n=ke<saE8aunRnCC?|mkNZH%;yf+2MnPFpXZx&|
zU^mBK4(_vvBjV6I+pBOF#7KM-mMiEi3@eBTXm5pN6;aa5Tl1_?&L<8dtQ>*QV1@5J
z#EUFf1`2hBW!mra)H>=2$a_C4`uB#o!xF7Vz20cHJAywst}c>jf#JR7=p>nSE33pq
z!}}#frHKhawK_1H1MgZa!k|0(ylq>H+)|MN24ze7a6Qh<4LuS?4*tnO_W1?sp@;Mm
zKTLDO-F9#bq0jR|Q=B|>=mj2~0l`7Oe9#(vJ(Y~c{F5vmjSnX9({JLQHuykX;FUSP
z)+r>j70npu%weho?=hLLw&yFe&1NZTef_ECk^xP_V8gWI?+%U9tzd+%j^r(3LP0N6
zAMwv~y{w&bob~Mb^5q@PHE{kInauNPjBJTzKRo3x`EnHaK8BabvW54k<H_;D<o*tS
zSE1dz1&O<N102unAtPM~=a)(?2v=oA4;!6cmd-{OP;aBgU?p4!o*LjKkt*YAY7&x;
z$>RYgy7``6i^<K#cKd@5;>t60Fan=@uyr&;rwv3RlE*W)dz)HA;x<~d38;3#$;tNy
z<5TONd$E0w{_hxmunNe5BNiVM8FPgGLZ$Xlg|T1$`ljF0Kce^X)Io)+Y~dKt_dcnh
zsUV0LhpytxBn(Eg1qlMe!fcg5&<h%t)DFe_Cj>!~WyOU{d$aanvSc}~>p)Ef#hfm2
z>2B>kQF?Y?z|+$k(RkcZXteG*Wwn`RKDW7UI5th^^(~hkfXR4dY;1lq$F!&<JG$Tw
zf3`&1qi{naVAhzZ+sr;sO2A&f@pylanw=`kJYW<9c($-~S^f6pskz2Cz98>|q=@aO
z1YWZ}3Sm^Xv)HZOKOrF1JPQ|gzyhJcKl#v3S(X!3sgxQWOUVsqQfaM}kRf55A+F7(
zX~Yr~d(U4+V<aKj!6%i`F68)$;m{^t7G-HV>%KMY?x9J!dwBY{8?UQo%R;hR_pFfR
zDaChg{p$&UlCoWI1JK;%2q)fazqa7|_jd~uh!#6ry>TcEKKN?-;N^ZC;fe0_3`{SD
zYJd-CnTJ03$z(X}W!<LVO}m*W)u)87L{;%D0^(ahW=4w`UFgk*xirm-b_@^`j=iTW
zzfV2j?eHiBpy%8CZ@q=H153G8)$R=ccQC3tg<8`{VpAQ|lVZriyo#1)nIlmJNt$h-
zjX&kaL~FI?1LXQVm!D|vTwJf=x#d5(>+LnY@sb9M3yTd+tK~LeJWN`yU2D!ynTp|<
zD$=+&?9_JECJ>Zp)ltSn?e*NxN|mDd$OW>h7serNz{Jm&AX~ll@|SPG|3;=Rv^OUt
z*M9T6u4o($4#VD(lS&O;b4FvZa!Y)IK<zl1UBde9){0-BHh->GTBD_0Q<<8!mBc00
zsCeC=@&i9>|4tI~%qs*x>;qH`J{;%Ztv5%0>YXC=JLLJ|>jVDW8;?Z6cxQ$kE-SNP
zyQ(!6WQruuFfZxvWN`5(S~U;7^ho&K?Vsoh^UDm7{)`si)fd#avbzoci2YLnBG%B8
zXZkj9m8)`jEdJw%Ov&#tfrIzc(SQGYb@2jmEB@xR>Eopmi90VUNQX_KZR*CiQX62M
zg)esZ#zcJ&44`Ux6WANN#4mUiP5(=cxJfrSTFuJ3Q-A-VL*xs3#$jp5)Rt4+d8h}$
zL@|wsDh^wU>I*U{*f>{;l2y)F*D`NdH#0kDu_YtMX*KmU=d3&8CYfnHpP@j!WW_ED
zk}Mlx(w!`V-Q92YduiI-<Fy+tSLAr`xIQd)dkFmGnCXh*j}`&zR~3ZiWQxx|(W-6Z
zX#jVPE0i&=Qvhm*GupAU$gwfAL_(OuAWD+e8BBMGC5LxZ`m^0TV@YMUVd@tkI|v(m
z#q`eUa$Ve8(s~)Z2`>%A?*5xFr38hJV2g+abR5QM)q+ZDE&lvByFX#v@<SnuH*2g*
zZ;0)8S+C&_f$vYV1oaBW1a(W}eMl^WX&}p1XRrYE;ZybSh|UZ_$Fk*aYw(ox<fJ{e
zf#V`#fNfV=_uKOg2WTPJ$Gs)OOah3h4%jrH>4)nWWQ&_pcgqLPJ0EVW9Aoe%;$nPZ
zaI@|Vh&f72&VuQL7{8E@z+ghG_Aw4&BxNgStGBfAfPmjYmSEN6XkjYOXRC1b1hK~t
z0B}kLqxEW{rH+WQaV_-Ee;(7x6+chr#m*kmgb#9RAE&7xq=73mHQfspk;8B=_nG2C
z;OYbhfzDx(`|6uZ7x&h-RE-#aaLv++;|UWi>)sF@gMW&rtbm45;%kz~4+F1a<E&bd
zHdM}18#0zurYIT#-VffB_@3w`@q$UoFT|4QO%86|yZNdz`r=fg=>{uWPSW}1U!QLw
zb5`>8dODgeho3%>so`ncLy$TJOq3l_&nJjVebBkzhG3+T__i2#$1cYE+v<3H;6P;c
zBS(PvP!<K=(C541Sca-Pt*k$qA^X@)$t|U~r79jjfx%|{qaq3Mz8Hv*+JSb>wx1EL
z8x3)``TqNFeRZfxO}W+k&To>_y%y;NSu&T2O->%3rzIR2e^yqf|G&d!Fj1yTj=k|w
zD+8(yH9pz$%kt0Sm7TsD=gTxn$7VgF=zNa3<rDSLKd-REzO}B5)pzmC+{wvbFK&@7
z;wqE|Rvff>7iDW^ARzcFdt@km#C=S3`;V6vo!``WeDGlWcFxdGZ$<_tGjy#<?_9mV
zj@h<wGSmm~Ey2Uyi4#8<4LgZP!L0!Ty7zpDrHVAx8ELKkZ5fp8OlaknI6;y%&G3Sx
zHy-wfvv~HC{bp@frJda#>R@wT!=+xU@~v6K=>*5$VAB@#H~<0+5TR=s!_ot@)P4Jm
zbzpwJ?<&+59~+%G;qyE<h@&uUWP|j;44d7Zt9)BOA=Mj5INprS&a+f!fbzukIEo$0
zalePW>>}a$q!X_T)S=x9{k?poFdsuJSBAB>2($)jiQLUPlh2dU1z;j5!EGK8Xj^>{
zqR{G9q4_S$6Z8s!vq^irN?9PgHN){W?Rp!FKoOX!Ez6Q53PR!@S#f*wTgDqtFpfyp
zfmQa~*?d(80x7iVYUjqdvx8&tmUbTA6b1!T>7;&SD`nYHAI9z`t<kDjG9wM$!~29@
zeT(u@*<I@FxtbnPTZ~)_sC=(g-!s<?zWWNZc@0?5!;#Blm6{7z8#fDXe*#c87m>9<
zqS&0WYia<zYe<#=4-bzC!BM4kYaBfpUQYp^iiXo==*M`HgZdfXvOA0!#c||+_~F;v
zoov{V>dvs%3>&j3ntRh&FNlpD*w*4^<9~QFdEtNc)z+Se=Iu;+HSx9Acu~grsn3e4
z7!=A<D1Dlj;ALtu<%&!|ulH$37ioz1C!;|RqF8=3QDkw%_Z`~uLcJwcBXl@KJ6cc!
zGoxIoqN?c<M@~IFldWqgBl(OaBb_&GOvc(-)ny6wk>j{5t1xoP=5Swotyuas=z?5Z
zeG1AgsJ3M&T9pM!HQZoTb!R|Gr0%PKT*Ndp`1Jx{@<2^D3=_-Hfw(UDBHkld`Z$W-
zdTVT==zK-=8rd|U!@)iY7&W8`htCd#ur*wv72v`^K2iis^1)n2`WOd{@<Tt?9?K9u
ze8095-6=}{(up^HUy(2Q=gI8-Rqgj57=t@+mAvZ83BkbRzEy_!IJ)B>yPEMfzi2lF
z*LbSl0q5W1pO)PD>bKkO%>ZW&nFr;kp>cd{^q%ibK8I}t;ckvQ^0mwHbSaZwzorO=
z(zIt$923e}g!hjtX*=CW_UD%(cP8hX<k43M0fJ>O7VqA9>Fb3<e`I{NzQVWbC2$`T
zA;caxF<_<oCV4iNkf&q)m?IEdqs}(!(VdQPOwLZlpxgU${2fd@krkXXQs17iG(j`(
z!!JvRaAv#`*9P<7{$ATb#&U*2clWR2Xs3xFU(JnT?ZaPwQF<DCdU4xus`YhI<ffvF
z&y=PU0Y)GQf68<=oFEi$6os}7DmbO|B@d}QlFrX!Ak!5^H~q9)ZANDw3O}y{+r`l|
zg;cL*R?dRJ9yGQf-;y2(C@Awnm-RsqcvQ9R)OpUu3#C0^cfSxxjg4iQ*#*H+{n4W3
z6O9q_2O=)=xuGhAYC51XAugC2N%;Nt8%qdD8L>$hz4okc%>f39OQeST3kIZnfFp~j
zje7uZag4RC1w=eC+CWTW6(*FXboB~ff0vaMs|^<r0!i0_N_j+q5Jqs_)Zojf((gZX
z_2P3+Z>F~R44Pi-{(V#kT@VB{Z)?sW+mQI?8$40ghA60<1@n^h=-*^B&@4YIo4Vpr
zbTRD|Ib)y1t5)w@nyRSOcu^%oBOAvTy~9=Q>YCR*CbYytNy#{5KhpJd{K={*H#a?K
z`j!~jk54dhi-HZep=+k+22qj?#tULZ%yH+36QS3EF_et-g!LI=pV-vm>ZsR9i*s5g
zA9krVz*)Vmi4jq^#Lzehi!K2A%mDP6gMmr%bE=$VlU=OD5zJz1d2&~m1`b00nozM9
z{#X95uaD9BUSz|D;KBE>r>AKfQ(G0=^<5>@$TAuYMo3Px7^c$}Rhvd>E>3GWNgm4r
zQ&@TLD;1&_s`QK%0(kM#@YX=>y-HQT%I90$<b;L~uvKQ=2(<61{WrN*9*=h+A?pDk
z1D1S9D0gAX@c2F{?&_?Zw6!8)Wlbs;^>nnj8u8MbDqUHfVZ#_WuGHd@TNHH|B3<v1
z2cym&;+WMHef#jI^yx<$WCZKQOBI7jw75vIr4HepsJfvDwXHErQLSu;Q2*q8svW{G
z1@h|5?d}RJtiHpqzf#2RZiDmiEnAPg>KyT9;+w5=uxjKHR>C_AT%lFtR~2W_Xy{z6
zL+<vQyE4liRpib)Q#f|KQFa<}5Ql3QYXT_CCDIfVt;N;;p_%xUs<n3V3{*me*nng5
ztCVyZ^AVtN6m|H7Ae;3d62wWGa+%q~>e0L)l&P8kQ}Z!6EoDnEf?5{Sc&cNmwC&cS
z0{#x20f!cN>6RRJs!AFN)V*?5I#kMX-S<2ir6o}jQ=tN-<j$0WYrO=FrgRZ8-@k>^
zJTqrE*fc<Uy&jF{wgJoAVqn{Ktq_QchQBOu1Zs0YrYQq6nBWYeM43c&{6|I=>IJXF
z6xvJh{Co*zNwepxxn)2ocwTFbv998f2j`tpf>A2D07+A6^>TESL<Q9z8!*Aqlrxz~
zO8K_0Y1SepMG%Z*lPo@ZU9TE)$VL<y5GZKbDW<Me4pxdn(1}F|>baE>#%~J?oO&k-
z5T{9-{7xaJV%ZG%C0MSiDM5K~)+jTKRpla-@i_Wyb?m0_Ma1yH9#%*Z0+cZ!M0g?!
zNm$#IQqmB&osa3OwTk2VeuhyTsSHID1djKzX5cCUPhxWByGym_<8><u4P9bvhUR%R
zFmSx2jB#zOi?tksH%cvhh_EJnOiS|(WlN_DxoOzbiFf4#YjlkuuKJDiDa>c%dvuYH
zoD|;%ooDfAG6Q!{Su004ykvSvtZZiYP9D5lLk<4FXS&YZ_L(d0Z81z^t2I{I83R3+
z9_s?O+>&aT%&Q(@uB21q1(}Qh%oYI<Bn1FYW$H>X0vQ~#tEOvoRb<ZWy#|k{<$E^G
z&b0R{dZl9w#U<802PBy#07ca;i@~_?JH!V^+yw7@kLb+6&;`SC2T@#^P<+i6c?S7$
zD#Ejnk@;)unmvs!$#?#R*74DwPLFl%sUz%-jStE9PvD99bnVRAHa15<ac=C@EtoIn
zSwLA@I@=A0{WR@4%5@`y5KA30B<4DvPx3O0*;>le2Ypi__+k+ylIVw9{1q8;i)*J+
z46I6u3=*>TCp#m_ktx|jagQg}r~=WjrfQ`3?D7$8hPFV}651a&&iv;uLmXR`7^T9+
zY`mZ&gu4Sk8CthRMS<a>3q1uYWF$?fTWpDN2}&Leo4+d^c25clCv;9auCNuwP~S1t
zd`iN+>Y`nG4d0|t(r6ii^Rc(XFhq-n-{|E@%I>I=(Aq^z2BMi(?!y;3*0$cRm4oQm
zPD?n&jRASUwE;vprd(iejT<$cJ8}&So8TP0Ihr~y+}-_@{nUo3Er6d;mL(FUj7zM7
zUa<y8z>+1co0I;2h5jmP!n)`6X-7OEfpQh(F+jqEVdL!HwnB7SWm6#FbBG5FCv=*7
z8hAGJ!X%q=u3e~HwNozlh6|75&r=eiP8OMO17N`8B0T5Pb%)aNba`|AgK?h)Ewd;R
zODj4@Tmp=DKGd?yS^`N{cI$qVz^Ie0;dB{kH8;Rr2zFasR*!%Z?EW(dSTisfqEg=s
zQ$|hJzBx{5>x+6k?;>oL4g1NisJqkZf>XK0@94Ne4(qZ^RcPafZ5iPuIsS~swvJpA
z?vCLxOl!40M@G7$8MgaF9F$$3F?UGQO`_w=OGmusfRR|jR%dtH?G`~7AMEoJ%cIkH
zpPBdIqL%HxZ}dl4ZH$j<XiIyvbrFY=;Y2DQv!#pXpMea{sKC-?zVQKTU12CH7BA-8
ztmbslfCL}J)F%fI{&<2`{iM^^cqj3B^wY+Rp=ZkS!UD^h#cQU-Nb+flsN;n!=uL)V
z`E#WEb+3tNDZW<k32FfV&jT}?pDg6}NG$OfU3pDR6~?BqV{^_6Ub8!9NUTAFEv{Z0
zwMi#Nq(2GHwCx3_X^%F1!O2+v0WP7Fd!>hkq8|Q!^UBYX4S14kAGKQb`M~boQ`2W}
z{^b!&=Y*4eJR0WWVD|0vd)|*<mY85v2$n!&U~wU+AU_|1NFEbMv^q7jptNGefOC0i
zK`tXBIYGoDLhYA*rfaQDkT-+8rSzo+^zhBsww&~m@&c8BNB8=F2`<_!cY(r@A!G(e
z%DYC$Wz#4`pAptWJuK`%F*MyUOkJTXK1z}a%T_%^DHBNL3clwT9lig)mo2RVaO2Ks
zw7yP~Dbcz}i<TEPRO9Lb%DlC{H+VY@pDA~T(5VRg!FUmZMi0K`U~hTq+kpeK^n@iN
zWXjwE(bw#ar&yz2+q%>cWk#YsQtuU9gbTOC3#wyDEWRzqn$+75XHRm&!wg!-Nlr{J
zV2pAwx{Jb)I53%Zig+XHv|_El<Rry*HO8}$3~Z&_dP>1h20UL;91M6YNWe2P`#wvW
zuB*}uFRLy)iE9N@BR^O@3y}kmrKV^~{p8ZM1(?agnOth=`p;sq(UFk|l7pDa>eSQq
zFNB_@ktKpmOa?M+LP(g}9zYHJXms2I#>PnL<&U0{a?Ahs_unE|b9#W%beTZy111=j
znIC<0hjto+&)ard#90W4R7)jz7Z=z)7;GoBd3<obq14c~f57eNG+r|>IV_co3mj%d
z2Dho0!xV@pi|=rbK16YzMjn{vF(M>P@`|fDOHyb&SPRC;ha))hR;#;BJ?J_X>_U$w
zh0@kHszZuE!6Unrm0D2QLeX)0TGa+j6-q+Q2dmqV{2<GO+25^PSb>$Rf~5NKdKR|B
z@@8?{Ia)nD7F(^Sw>hwJWN+*;*AO<jgRiC85W?$NSZ74VAB7md1CB0<W94x3D}+6_
z>inayzb8Ld8ZRQ1YVl}({@f+0-EUAcOFQC?J%cD2Hm3;vWTBtnlBLc)pveU4rscX`
zloqRZ;fb$Lsnzl8ce#Bdnm!2CNvbWQmh?#;3o<v+v~jmt+cBP_vdOYTY5NQ?EJKq6
zej8zHF#gsv39ZNo_HwovrHoT-B1D~0A)P+m>x~y7IytVAtSBYBHp^Lqsbu2J@NB3*
z@)eT>HLP1{^Ok4sTaN9KFwe7jl9a`xEe$>qk<c`QbTFymVF(^o%vcvwVi~|f(y%UJ
zAOZTsCbyBsJU}nd+P!My<}y*U5BWnc_c|ZAHt>M6`j3BH43<U3UK+~p;IlSkw}s9A
z=<8`-0L!_#H!Lm#F0^`tX+Od>V&uSjV(yoJ4!NOfomxjrt<#%dbgRRkxFGWbc}K!I
zf3DN3z`N@90+7fRF$;KgEp$>mokpkuqKI?XfDqK25rjopviPtwCt!e%F+>eZBW}(C
zTq_Ox1~l2~ldpBZF|e=Wkif~sv$*yqF0y8j|6M_aklbT}t1)_aGrIEqz8zc(**hZo
z`IF|cB>m6~K}77QM?(mE67Wy~HEG!WQ!>kz;?y)K`H-yJj&MECv4x1askh~xP!3Cq
zW_tS8rq1A5==io}JFZ`uyA3MxSjA@4Xmti!xp^|WFiVPQ$fBgIFk6(%SI6T_IN2n-
z*4#NO8B2xTR;%5~emK&K$8Uc#jK-70`qsrtyETi8DPvJmypVuSG$FTPVMcwKft9Wo
z(6a6aFg?qlYL0DZh7w4jA{rMrcShl)LOa_xqS%r7t5V`zbXe^6gURBef|}w9NiiL<
z)lFTKB|soOOXdkBfm5-eja)Jh%L74Db*QFa+7d5Q))j3Uvu0OzP!PfbH@PsrvZ`^r
zrj-<o;B>?6>(=-GM_<eqo1fj=b&u&!N2l|ze|GZ;bovY^c#T$NCSqKm(E@NkvdUIQ
zrUQ|sQSzs(fB(LhHAUxkR@=pvDq;cvQzixK&M7w4HKKhSMj}v@PuKzr$q6UspzCX(
zOqDr-=RWx1%PqoVtU{LY(>+&X%h}9#RIe4<-I3OKwdWlFs@XU?X|i)gN*GlFW=1`e
z(GM$t!m9#xx@483mrP8P10;Mwph_gU)fbX=;q|LlJVPaf=uNnj$D!MJY12^@hLm;>
z9ys5h?<5F4WZhF@Y?qU7z4SuTx_|8H`0(zvS3eR&7qK}MmdgS#{RxQ5tIJ<DF5;<+
z!I%Gie(NRse>m|@J=hxD_1RBPHyoL8vo_C7uWwH0HedKj7lHR=i3RGiy{wivjO@9{
z-16mTFSlxN3qP_N%M#dXX-z2iX1Wj`uN-b(^#Oh3)8|S~@11=BRCYq;3ilnDyth2V
zn(`AHhgtC@?1j9<V?of#&BS8<3`PFNy*{=(kNka#`VaTZom^fL^jOBy6d7Mqey{DH
z9OOP=Z=oLh%&&XwmuSK)<znODp4VyH@6kAqrB`BkC(B?Gr*?@RlaH;-co{XwoWe>9
zfn*@*w*MKe;xwE4Oj-68)rz4NPGy_M(Np;F6h>1%^c)lF?Fm@=s=xw?sIHiX$b<-@
zh`{qS3}gFX++>rf_puy5I?S-HDpq8BErmynhKBYMLODcY8fcFYnArFBBD%~9yew@L
zeeH(CmNZZ&_L5tNm*0RI4Qkg3y7{O)4QPabADg&=TkBVyhY_K4FG0Dt`G!nuDb1-P
z6=hbk(Kd4en{kOFm&y#LQh3D_6tYHKgJL-mJdcLhaH}er_oWD+93sZZqz^Nq>0FB0
z9^j;Nxf%mt5C$ZWO-M9@;6K7^4Q)QtU}Ktwmi;+(k_8uf7k@)T29^dv>Wz9d>ni$e
z3mD@rP?UKTkS_wFnW0?nLkQH;!pKDnya`A#3~TH%HF+d0EWDxF9K{gfO7en7%9Sz<
zGFrKMv2-Qi$RcU;;sA+5u~4(oa7Vl*epc+tfcK_sUu`KUY>mEjg!)l>^~j^C({Tx$
z-ROmgh_t;D2Sm95$6&V1XF=A<jn{0g1h1on(zfHr5;LE55hd6~Xp~Lm2!$nrx02B=
z&r;Fs4MnKDkSZLKf|-WazT;3`b+++L>JMToDfq>tseDXTTc!a%)9lT)$~cC1vek$9
za%#-XP7-LmrTxwS(z1|Df)TsMRQvN+x#`%5b`btI7D-Bu$+xHlKS8IN>J}Mm0vDL3
z)&IiMKXD|8v(K;NRK<`gF=SPI5h?TFe97-hJ_Nvq#gg@LHi3U=b`t?!cmuh8DfoO~
zYZ4~1mSKn1G%1W(D}{|XnAr;s@M+TJWI{F<<*MJZlF7;ibfAX=Kbo0P&s#x8fvMhn
z&v&z<#Apl8K#3NEx?jxXP_8{;cKQo&_xqq#l380bT|vgvtF(`)Ql5t%b_bs8bZS{j
z3Spsn>idL*ah7KV6UsVgmE<4x@p3mH&5J;qXwK#|e9(|jqgAc~is3nyNDHZAl#(_n
zq+eB~QAHB%F(H|<m<nq|l?ASf4H>CjSgN?$wscKXXa0V6n-ZO7#==T=rL^x%*E7J0
z3<4o-IZ?#1A_lEeS!76(Vu`^kWT}6oTK81BWnm@D%Ww<MT5P#KO{P1~Fb!FeEG-gS
zRIF?Y10_gTd6^37SR8>NjzL*fLB8Ra7weW?YxNh9mXf+5UFzOZ`FcI~?5+tT=pu$Y
z3d5ulCdAkwE18BpRggIh#^Pls%ZjunvV$Go@bLeojH`f_950ONMihjtwCNa{e2w>Q
z%g{#6W=jPAsT%-gZgoZH<ago10!6|s9IxBb_xwh0m?dGfuhx@!5@LO!z2M3&ug!wE
zMSY(vIKe3C2+BC~qM;O>(kM=*d1Vj9OH(VWYxqqiofc0)P&C8g{qDL!)J*%`W}{(6
zVHj<Ek`zmfn`I@fm5vq^DSWW(#bKj$GK9A6K+nMa3_Lfi7AT>VNujC2ApTT5(l>l+
zm$1NvkE0<!w{!3KEUER(;mk_{zLdYU??#I2kFBm~A>`p8O47VoOybDjEf0By!V6g<
zJa2u^wJlvyO#m!zm+cf)!wG`WN&iS|avU323|Tj1<^w}h@EHrD=^;!4#^E?UF&9xS
zcXA?T<C%CL#CtxGqT>=1lqF_}B^DtYFO1hd?;~`=TMD^{`6>orlrlgj*YA0^iNmW9
zfTBNZ?{K?1Ta4h8hh%HaGNS`>GYF2>K^4xY!|(#1m=J@peQ+K{{a$)_k|Uz0*^piP
z2Ux^ThW;`N%mm{tHFK<PHp^=^P2xS(|9`Q_$mO{Xi_F%b11xXB6iyuF9?VD=1>v27
zP?T3R&HFx|B)-b}6dE@t!$$2(*$R#fe)`ntv;1OOc<aLVU#WAmrZ?JYG>5kjWv*8D
z0$TF9&5a-~4bNjcs|QUvHOjVjwQp{VFA%k`+Bf5q@b0mocWKM!$<MB+I>$xE3+q>i
z>=l=U#8=UZW-qhx{ul3ei5?<}@1QK+Tk-CX_t(S^(5s2BB1oJ<WwROCW>bjwWW4_+
z<|uF0)79)9#Cs-Qrx`&!X!a4#dl7xwfTr6rU8-8yNMK@nrf&nLwHMH5gz{T8&0D=K
zKiT?xbK|^C+y7r5_0~5`;F*<R0yrn_&P`12235!_u2_BTapBRF)&85_(7fRRyZcvz
zi5GLuNaP5bQ8wOGyjSAs{&{hHAROoaSt%?5kOdvW$NpCbq$5|c7Dq6#M?U`N>HT%4
zjx+%F(pqtPua#<ijBXEo20;SK1;r>!J)@O(vK^cl?Y}h&95yYByeKQmY-l6H$(n9a
z)HStO{WF1Si!De_e8Cq1RjU)O-C`mi8o_&K(T;A2n~Bz#{^8|iX8M%W>dk-6Vx?YF
znpGSd2~&riEcBkkA#23DimHvI-5nAT&IN(Z$gttlZI?=h0S4%*e;b->z?2ExWW3Fv
z{ye0&frEapJGj>$bZL?rrx~s{IO}6k%H&cvs`Mlq8`uT999mgkct}WpHlIb687B>0
zKgRNifhafRfTSp!n{%La<8NKr<-*wwycdu1rAzXni#mNdye@O6Uyt6K*FjzjT9akC
z>LBrqkETX!ujw6`n?2;T`-?U&LF38nT&ymX?YeS1FE%UhtiobROx+Ue%r2WeT&j!$
zFa-EIyXQDx3nTr82LqL*wp@wQP19ED5;rJ0#~3)6P1G&0icSf3n66+qR1EQ_^Q5iU
z47|19*qV3+G`#^+uEUvcTjyjtjHYb|SOPjsX4f(y()C%$0f?`zg3t>i<NH4;k2t^7
zk_daACqV+S_gwwSZ9SI#e_=*RPI|bB0%iat#Q$ll)ANPUw-2=HX%Wny#CndiU!m=e
zIwf1XDSD>=WUEdE{rWQ;Q7y_w5;7WW<pxdb)c9KcHdT+GbJfhCq>pBu1M^H|#jo5B
zhv^ZO5E`-BB`O&dPH1N|t0yf+D9}eIf)Jq~V8p<a8FRq6ow}9rmz$@)#k3f`uM^-?
zZJ^^ew!1?vCNI_dx96Q#CQbrdZIJ7PJqjLZ)4P}&;|3j3;eZJTo%H`N!GLY~xP)pn
za+A*pwnE&?OTOwEqB!g*bo3VGGX?Gup-5tSBlcw*+}UYu|2c5b0`wn7LS}Zjjng&+
z0>i(my)*X(^WGd^U|W}?M%7#Bq#*qd<d<a@%vu(`EB~)x_2Xm4T#Y*?fQ5wsn8Vf#
zID!Sc46xj?<^UBJYXQ8%u$CYw@k@>%G1XfD0UPp|!_>JTdH|xVUa}Ge<e^o_+KgI_
z{95+bLiT2xyKe1zDqLR<g4+M@j6f-)TIKTP%5!j)00GE=2uOem5Fl~J3=m%d`p7E%
zj483?u@no+J18h)mQ;xcsswp`sT@?~h*swJV9ZJ^KzLMgK|c3l70?4b$TBSMfKvHG
zw+I+Oj$){+-X<W^NyXD)LJTRz1A}#{KoQV=17Skq<$O4hfS6qJdqpan_QBy+c3vj{
z>MXPm^LY+J*WJ}84oRk1a|!rWFh<OBH{#vrS2F_S&r1eS642m~m!g0S2!IGggM^`i
z17y9qrjYd?C`ZW7o=^pfO}WZtd?*Sx3uPRTt&z?Uj5Z95*`sBE9+}Zq>0<zp|LfEq
HZ<)6PwTKd9

literal 0
HcmV?d00001

diff --git a/public/sass/base/_fonts.scss b/public/sass/base/_fonts.scss
index 09563033a70..35399de4718 100644
--- a/public/sass/base/_fonts.scss
+++ b/public/sass/base/_fonts.scss
@@ -262,8 +262,7 @@
   font-style: normal;
   font-weight: 400;
   font-display: swap;
-  src: url(https://fonts.gstatic.com/s/robotomono/v13/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2)
-    format('woff2');
+  src: url(../fonts/roboto/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2) format('woff2');
   unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC,
     U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
 }
@@ -274,8 +273,7 @@
   font-style: normal;
   font-weight: 500;
   font-display: swap;
-  src: url(https://fonts.gstatic.com/s/robotomono/v13/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2)
-    format('woff2');
+  src: url(../fonts/roboto/L0xTDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vrtSM1J-gEPT5Ese6hmHSh0mQ.woff2) format('woff2');
   unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC,
     U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
 }