From a7a5d86e76358ca99c3d9a5a3f5cae24e94bba4c Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Mon, 1 Sep 2025 21:20:12 -0700
Subject: [PATCH 01/16] chore: install workos as dependency

---
 bun.lockb          | Bin 396079 -> 415774 bytes
 package.json       |   1 +
 surface.app.ctx.ts |  22 ++++++++++++++++++++--
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/bun.lockb b/bun.lockb
index a1acdf47cde23d3367cc2ddbca688f7ffbe34286..4a1a257df49be51d749870e20e0dfc8d8ce0c337 100755
GIT binary patch
delta 90582
zcmeFacUV-(`YpVBODkJN#RQm9K?PC4&}c&=7%@94ikT=NIjEQ#Ma*N`YMFBY6cr<;
zF=rj~j5#|hMvR!h_3qlu^vpBo+;i_ezx&T;KhvyQt7=zx>#ex^cs9<pU9!n;M!h;Y
zy`&{Rv!?mB+k30Z@G5QlZy%nh-E-nbV9{4^K1O|Www%_put1;hGkaFmr@kqq5J5;t
ziVqD43K51UB_sw!2MZGrVIv4B@gV_0iAdAZLJ*3BF9S-z)-$theDz3F48#Rk0$3AB
zkzOc*&=#B?3Xevnk&!}il?N9QgwoK1B4eUMkoiQ}T4N)1!Xu=5$*!7OQXw_3xpDyF
zZljozh}$fW(bzP7Dhh%vSYT3gazL~oM8!mfM5C4^QHe6pqlWNS#fL}52ZRd3pvag&
zQVjBWjg4JnWJI-VREp<04_Fj@vaAv78>t~wQZ!|Z&vlfA1SxR|3Kbfn0BX|?U|HZ=
zAjMAv;?Wcbh*rSf<#;|}0SPffkyTT0(mMmmW`km4gDJ<>;8YtYp5B;ZL`Ec>DbEYi
zAcA_r7D(o)hytj(bCJ#(_!T0hj|@@TC`800kWGa==v2|)?YL2TR}chbk&>7Y8BQr%
zsk|PLo)1Wfc8y3d3PS9Vq{Q&Z1VM)gYS9T~Kp2=58X6KW2;m_iA-cwmgjtpNgS*xE
zVU-1;8q#U2@B%-9Q%hGOp71(!st^MbZ-;m)I0T5cq+G9x2BQ3wZV;%Y!;l*lya5@I
z=}Z~T2PX^cu@?l?F(ng7>F2398A#8KR54n`pqQA!;jqnNbSYW%b4~vIaUhCJiH#3Q
zG$w|J#3v>UgMkDgG$CXN94ldnBd_^qAoX=fLSRyOWUw%-4lg(aNG<3JB%kn7b!U~A
z1EM!mL?ESmUYmEtbs$yz7?7UJt}Pgqgo{;SJdkP{3#1JC0VxAtHC_j#3~H#{3P|Zb
z)#B+M0;$i>1F3-BK#E_h@;N|y{vj+tdT_Wg6yrq@0-_Vb6M)Yf@D@iTgd_xk?{pOe
zSU)AfO%N&q`vR$gE1(l5HRJ_$LWb1W4vhq%I<P2^(%(UT)RkKhPZitSm^<-CAa&U?
zYXoTcB}K<ZCJhRYKHfymEmXy5>CS!SppK^tPjFEN^%3ag3R_jZb5ovQ1~~axU_2%@
zG^A29o-Pnb<!l8?z<}uFsDQ+vuz9Et)z1q^#Z%@17y}JBH>Uim=NT{b;2FKB!3!AS
zDF|?{l!TC|Av8EV3_Rmx%y;1li9!Q#GDMsgx3KAXm@^<UAUGr#IvJ!3kb0;kkkXgN
za~LNn0<bi^BBd`1stUo~2dx3N0VfMK22vN+0#eHcg+wPLM+XTJ2{F;Ir7#vPpstNn
z(bO}iTk_}rRS)$>ddgRM-iW~9*1U_Y5kVC(w&A1aBP>Ca@kWd)s?d<|L}mVojY&uh
zN=OhA+wm4+LX8Oz7KHei$jGEvL0H(4k2)ie8WaMg(cD(m>jTNvtbs-{#q$n=fU;9g
z1Igs;fz^N$RXqYo>DmBMrxXVu`CeflRrpbRjwgVWE(=HnPgC`HmG=aaFSG+%0hjm+
zZIqfV?!hA}_;D-&ERF<IfaFX`(Lsqcadhm-b<-ee4o(@hYcHQHTtz%#C+8M+6l?UB
zOBZSFw6ZUMI3_d%eu$d)=8k4^q%e#q`dsKQk1gU@ogq1unGk|S8XqjIiAflo^9FML
z=YjIcB2`L{1uceT%>ubxH&Fgmq)O4&s_Z#Xu5RgQ9FNRs35gF$h>08$BD6%uk)@ge
zX;jq(l1~joI>H#Wu3rZ6_#UV)b-53)3@|w+iJBmoCR*Qc9^Vv5^QLPA&&M7JUMR&n
zLcV5M#piev?pg~6^U)U&6cZnfeCD7WGHg_2WHP9b6dFSyY>DKpGU;;$$;~8#@h*~6
zHBFO6QgnD!Y)pKj6}*j_6B-<j5sD8u^~W*`p1rA<kYU^mK{3&xfic5`4=9a_k4wUI
zh%pt0{Ar9PMTbNWK{hd1+o`#yc{PnG35mfj6m<{+6=>=#&w)H6Q>U5iZkjYQk)DQ7
zazOkbOjg3!B;LMcS9dalFhu16D3$VEt71E#4Y(Ju7)=r(NJt&(2c&7tG|L1<h9{v9
zgb{F0YSAx1a*rY~D_O!1NEye(hA0JMdL5boBj12d=}!Zx1DBwp<b7#C;!)vIa1m_4
z0tST#$?u9*G?pF7b1DL)oIAi}s3u=Wa6LSsNu$8<MB%_F?lPv5{6=$bDlueONKgQB
z4#m_%uGI%fHO7W9kqSl0;Xy8;(Vd}FjbZ~5!(0Z37?WG5LNg#$-33S$sR5)WK0!sO
z6GKoj;?84vx@*v>qF&?p;I0m=3|<IW6?i|D&o&2vH2bUq(kzk&r1-(W3e*Q(5U2=2
z2eboL1XcoSlmtS`8x%-h`WQ$p8jMXawKO~?J|q~6?t@9Zf){`^0UrQTpJoHe<|}|y
z(YZis`D7J?L!#r7jOdQA#KhQP=&&$scLD+<Lq?*rBqR(@ij9O><7sURM0}^8xn&X}
zxf{0vr*z?iqEQt=XaNfmH(BcMYiSg+3UL#J3DbDRLIV;K{o>G)_>iQ8@X%yo`*hxS
zLuc@s9s*L$hpG=ap+K@!a7?00Y<x`Y?U`yt0~;V0Oe68=ZH(9{esZ8yYvYC4yvJ<k
z@ba?2DZ2~cWYC&(xj~T?*8Bv4@7)C9pqk#EaYM#}li`BmgIpS-{w7b6kssv~8567+
zWc)l{o?4DEC2T%V@b?0{LnoICPY8&Q4@ef;f>Qw_kOB3u>G-i`AzzB;0;wmb04Y8y
zJUTo!AR*!J2a~agrw-V(n9{?wRw6*YY#PRYpASs)1fLItl=(|}g-yf#xN5<KL>%j)
zh6&G?@e14r(pXptqyhsQkwXf?9;By+C>6u_Nm;H60m>Fb5c<Kjs0IC2@`Rm%WJ1%5
z7Z@HL93DL=A!8M9aVx}ALG^$%aa9D;=r%32MZn3Di2>+#d`!EjsKLSE@}81qjd#}Y
z2clzQ6DdJJU|@U*X1{dklyOLOPz;q=DueS-AhqC3I_EFIOH%>yjhfK&4A0TvI-1Gj
zO@p#68deVa-!>~aopt1+`JZ+vG#!{WDW=VdX;bpQ+Kl|GO-N!$d;*PuquEq(_<(6`
zaoEgFzZVhIXKR7wfeBIktUG%hH)Ylqp3V&|qIi?ZyP@?J!QXG?&p%i3Hc;t8#8cN)
zRxP1yYRCs*7Nzg<wsX@y22uqiBrFU35Xwz#m%}H@>)<s1^-(9>Haod5Gy{?|yQo+&
z-Ta%wm5~bg`{~Mbs``i1l+xn=;$h0DIK}_!G}Q<#rHLsxV3-SS5XK!)=e@9SWqTB!
zfN2<3yab&ZguRBc?7lk4yUH{VJ_0Ap289Jg4o3Q02Qh1qa0wCQ?T&rrd!-$XrUN?W
z%Y=lX379W=GSgC54)q}?&pyg6KHQgYq{ki;gxb&pfcC(V$GL9W!JCe`rc<ct7>i@7
zVp#Q5YD_U5J59$+)A`nP{4|}5P3K|LdDql4rsJ&X7;7@H>6mIdUz>W`bPVRlTnq}+
zLEPjTCRZ?>k4@)XoVS#VqMu*^YPmD87SKY)+ieBG0sIh<e0ILbTUy~FpAJm7Vr$j-
zftQeu21Q2%XtX$Jc$Y4|%nKL_bc7xOBxj$ZJ~$B>Q<tRw&Iik&t2|vxU=8T@Dt^Dh
z&oH-u)J1z$TnwxRJ_=~0Kz{_P0-FPA9!k8)Yup7$YmGOMe6lf+Cd7e2^1bS6dM&Ur
zI75Y~V!Lkh=Mn>AX%8VdwByeWyUPpi1ElnZyO@+HP#pr9tO$_im1lQ2UI5auZYR(V
zxEyE;oD8HTAP$xwoc;&5K-44N(vHAt(4(Q-15ZEZmRJuYy&-feufiX&KV{qx8BvSY
zKjdA}841WDB9IDv3Y`kN45W#0pNc!5@%ZH`h5=~;oC2hDFP?Ktw0pt3swt2xGz9VG
zfD4Ssh}M*rr~p-@7LY7b>=m!j3n0~WF_0`V4oK-PsQL~dSu74nKGft5p9Z!8sUnWR
zQb21U6}bE@AKsr{^9G5bujHaORm8yevXe~{<KIs^rX}o4J~!O|&bgaB=@y<N{11=a
z#{b&6dxeJ2a<hSChh(7QSsIOEZ__5jw7ufnDa;0@{gmklZQ56v_EY`Uj6!e|O4r6`
zwHjqQJ)+|1!WzZkks(8(1$+|0X}ayIVjm!NU~ouCtP6JR+wmNYtxRBXcw<T$0uI2T
zK&p8pkhV#toplhn1a7)zGEMlVTdPoPn_O^5a-}GL?u?4DE|D=o0f{Iz633rJ;Y=|e
z-wpYZhx9M55sXyRzh8V?TJeN~Lz0J3i^ixtG%_GDF(g=Mi43R(Aqo8IHzXl0DI`8w
z*j$3QJR|{kqalLeigaa=u5L-*00;2m;5MZ=#|ha+8HB+xL5cC<(IKX#%QZrNZRcpb
zYOPVC_W@}rl)&>eCSO@-6d$_`q%QtcMxzXwQ{dE|-9T#K<FdT`8$c@8wC|i$PNPh(
zw&i&}Rv<m~&^RFZZY%USxDgHHU2bkMD&X%8G~Ga$8aNl-M?F~ImN%d}kmmCt6*!vo
zQqXBGumDm8|Jnffrm4$c*l3j5<r<J?tv!`A%HTHDyeVo-8T|bg&2)cgx=p)TnLqz4
zkb3YCkSc1rNBqnEBl%{q7hj1?7mf}nh$>)O^i3<3X$3P~bee8PJJrxAE1D~iX1Ve}
z>N54FwBVw&0y3s9`_ltpe;N$9G;x974Km%Pm<}g@zl(TRU879=f4_n@U38i*L>JfQ
z6);_lnr>wOdV{LmS9&Q<XIhgnSQIC@>a0-~ip4-$D7FD>0-x9AeQ3I+@i532Dml8D
zj>)C#aZ8Uv@@h!_4C9LMXnmedjRxE`GV04tm8%%tT{X(GaTv*{W50pZ9Iy+VJTT6U
z^KB}cUUsZOJoS(1WySEAU?{l5!pjPJS1|!$TIS|9;;xP>tngr$h=jI{xkKRe5Hlno
zQa)SR&Um5;uR~28kE@GkDenW|w4`BmQHCQxamFL=yiTTjy=Cx9a;_&ps&j*8+}qKk
ziL^^N22S}!(M!ajun_D;mCw+a_`xCZ!A2p;gICfYNK0ZfAXUCHkeunOp4&1B$Ht&=
zL0D<v74=7fWUTf;@*y9U2L;4N$GRjYnBHl*s}-vVr2I^;E7qf{t%WTwsvOi9f0`IG
zd5znqYBs}CL!%bIIb&5mzxS)DcSb$23aSx*b>J7r{P>B!h5ZY+O7>Z>`#>wJXB$12
zm)+K*_FRYKAxWjX9ct?}MVi#^&bfv2PgaPF$|+W4(ah5|QvX=-)vN1?oG>;&Hnv3h
zTOJL+)$=$M@_2GLKZlO?%MN?pD6@HEVfm74YvUAqtGpE-3s;_JyL80-pVPa$ZJnD@
z>BfZtX+zG=Sl*%YrHfMgkvre6)@{lNTkqi=ZTBqv&{2<-oip5KRoRnYBKUpZSqHxk
zx!p3Qr+@JCv7L)19B94tX66c;-T94c&TLz{63gpTzWR-$6E8K0xKLB<K0Rap`wo55
zH#XSX|77yw_cx9eEuXPEdHRH}k=@J6UFzBz_Z>>_bA0o)Th48!&92nGN#5XVZ>~)F
zI%xWP-)8APXY^BN*6;nZ<2KKxQjEvZ+^!3DFL;@9Xi5C;Ep{8nS3TctV!s^c#IeOU
zRvVD9rF71Lv(-a8uk<K;qtb=48NItsvVOQO?x|t_(psZ;J~QR>SXyyEc4z;&x59Ka
z``oGRy2UnbM5VLW8Z@iB!FgxJs=rR3E%+}OSyFTG-j1E8lN=_yu3P*rW5hz^Zu#P>
z2d>?oYqxBw)}Zi~SB?X<Tf*w5TWqm)O%b;&YuLq7&exxl&v{(Ybd@tay);YYC!SuC
zwS^!wgeR1i^E`E$E^@fROUi)O44Q?UH(jT>FF!GOY3$`XUS1TBzhmVLFE44o7H_?g
zst`RXSriroeL+5L<?!ZSnp8Ohf1k@w@VBO1$J<NmVJQe5<mc1%nssu9x0iGiJP=P6
zljFQ}QZ!t+36;y@3TfQsa33$t4LJjUtIJRDx365Mg_mZk9FD&S<ct<x+BX<vb>%E?
zJ;k;3(k{o~GsrG2^`d2QIkTlf+YB>_8<nSxM5r}|q<ska@On?zNgAwD?wmb!w*+Yb
zBFfpVbeeFvPHQjCDLEW}tIHX!y|g_swmQkrJ@wLRgfKhsl+t;yMhc5-p%b+w<;*q)
zsS}o)wh%QePOEXZ0Baye8T8Uogeb8_&TgrbK7o;~3(48uI!z1tNn0;z1=a-*Xo4K)
zqmyodk)3(^>X?V9zNlgwou;?^#Meu^5L!LOsu$((c3xtU(sE`ygT_mK(#}hhCf8~2
zWwjNHt|uNVg88PE?CRqz5A?Q_3S+P00=2N5H(4infi<UsSe!j74Aw<{KH9?)GnUd0
zId6x1agbJ&2KiXYaR%hGQ=$}PQH`9}TPKBMmTavsS09~rBUmFjtEFDLj}T9VmP!sd
zIv5I41%WkC3@al<_Rz?#>)kCucvk2SsVa6tJc^3(2UBV*=k0X21o2azBAdPh>!2{Q
zpB`%#Srhhaqmzb$wNn^;TRH$nSz3~(OP|5&6~xuShKQU&E5{j892gZ>SkCs>X>-9^
z$}TZ_DW-xT_|h{huZBh^<$$_@igI4EPRa!%(}}Q@PIALGfC@uJ_UoibFmeM7A77oc
z46KO~mj|Q$2G&x3o~)NDU=^Uw7v$`AI;lSxJyTeAZK=~P1ZyI@`02&-mE_!XgH<t1
z>DaxbSfF#P<+$cbCtJ;f8mOveWLJMh)!Jg)*G6_R>a7MK<c@eegr{6%l=wm`stC;4
zLE|YsLbNxcwX$odPO6R7NC$?l?xB+gfbsgkf2?FM#Ziz^NjYw-GrJ>dBul8|F>u%z
zot0ZPwMUVrpfb{UsN@WVSaum0@i3?!6pc>MS$_v>3I-=vJ}z>AXD!8j-R-&2MA<b_
zXZ0Ic4|)n8RCb8c4#~MXFCOCy28>miMviNz({2Ovl%M<RrPmaqXIXXwO?@Tv`nYBw
z38SGb>J$k|O%-4vow%%q9MRsOZRH>c-Q}qEdhL9KdQ(U&<S09JFo<m&<p{u7M>!L)
z%TdnlV33N{Di})Bbz=Woazsaic5)r+?5K`<?XL*6RzhW+kWdNrMF^hO#Y5vHM|APB
z0PUbeG;%g29*$5uMLUcT&&m>$6VIRvLYQ*9dRP=l4-o34Jm7}W-$8ci>|ucbFZwV-
zZRIRT7z#YIE(k&DrbxW>2atGrr~0PS6A|KN?m>vBv&0Be>wyr@ZZ<-QZLgQUB82}^
ziqP;AU0mge?gnw7tDM>0AYFImBMBYXQYTuu$xb~C;xsooqK84ciy=mXSeZ0M=Z11F
z;wCqgo%{^ia}6=d<gD&`u}vd66G9fct(TnTr`J|!jF~`=>hEEJ04#=n`xPM{`T2DZ
zON_pj)ZKD+2c6ixiR{$NAkJtaM*wa&kuw1Xotz7Z)5%W$2JsvRYj-)*-ypTe2%^U^
znlX_~2cyw!A!nz$)7w^>f0RW<Dh5}kgz#A(oj9<moZH(VWkMwX*U};&Jq9CJQ(7)L
zV#=V$iztghEEqiw2jAgt2|^Q!Vm|2uf;5g%1>{^`FK6~OXs2NuHHS4kG<w;opFwMb
ztcdHyo*r^$KZCRy0%ec+7Ej&vke&J)w2R>Q!IVn+3Dx2w9MhgO9*hb^JzMFt`@x#X
zS*`TqdxIP?z#vWV!f;UXLJgz`U_57<ysI@YsGX-y?A2V37-$d|HkUI2&zsA+0}a|n
zm}dG@M~Sn%<%j@-c*R@J3@~WB`_R~;4%~nc7V+MC?OTMDjfA#&3tIE3MWb8Dxq$}p
zNDJ91$RK`bAx8jOwUjdfvs%izK?dzD*iLy&bZR9>1RKPet>nyLgY*P56x9_*9-tE)
zTFXu$2JKiZJ)LBi5WRS=wVVl|Y8ycqs8n!%8`&w;pnVD9Cq?jXD`$op#NU18+)#sL
zfOAs+Tgt8-blNdsK75{TCua^ah~?VLxq}SaoQ{IfM}9s?uPxI_5d4);Btkuu&;f*a
zY^BbE&`r@|5bCFdP9qd9KacRR=z{lviZl<Q06A)~A|Vd>26i>2--pm3MRWW~5JHsD
z6odvSq1=LyZ#UBuYY^gf`i>A!*B`yhwH*lclwBe{G(BXeD1+7)GjDe}D^#z|LC8-D
zHTF|O(rkp#|Kwy?o-cus7hw|ar4vi^lry6ZqJK|07qGCW>=a{=p7-Q?g+lazSihH?
z2{EFVX+|JdUDQi<iZw`QA!5ctW_itZ+M@m#9%O2%6GAi^1R4#}crfY^tSBvX(jG8!
zYK(OZw^v}8Gbjg){6@Xy+&F_cy0`2UZ;-b3=0)<9e}K_+r3`Yhd>=VC-k@#W2TA0t
zmmZcBKrBW!>YUj}&P*^!_f-+g1~OmYS9VG?NYDBelpn1VtM!*N6AfZSe>oShy1(p{
zWRULk=i?le!hBM50B?+iV!yrx4AmEB50IUP7^I^RsfDmukWTvr%v*Lz)QepQ%DF=f
z;;MmigpWacV;~KG*hgC_Kp8gCdZ{-;WGS=}<8&4nmIt(g?Dh*7wHO_TUC#^U8QM*^
z4y1gZxACw*06P^=z4jzR*ur6h{Rts51dNTLUN=b2O*Tk<gZLE3U0?wicL7Z9+Dl+f
zC=;=0u$(*Gp!Eo*eLdwBhLBo0jHG2?n74iO;yWZ9VUX~HTp?7cAIzjZ0p=mQMCnCs
zsGK>{AhknWOGFn|JZ%}oQ3kPan4CMxpp6Jq#%_#Wy9Xh~X+#XE%+Us^e|SOvpeJXA
z%T7jvcrjd#Fd8JU2)>^vs&vdaFlq;%oPPnsoJi-Uc=Q1n9K%a5)*CEmrWnM)!E!Dj
zbFl0*#vloin9Gn@=`gW%q?`#c86vj}4U~Ogs`bZUR||$!m-?cEPO2QmhZG+7(~13}
z<lM0a>1T+lS^ah5u_!qr)gXO^Sm2l1`q40`(qV%Tg4JQ<#RyRfI2$(Bx521X_;I{W
zDj8$yOxFaR<PAm!#i+uDHVur5!!k#;1*5J)>oGiSV&&X4gVa5iXND6-qD~qI=7S`B
zl{^YYk4tj)G<VB5PLy>~Y6eE$44=fFJyvBn5B1VXYt)pAzlwL_<lG4c$u1tJ6+EC-
zb`s(7a>PV~xIA9YoM@0PAx<?a*02%@1p{S>PHG886F(X>Rwt$;$eEK2+5-@qDVF(+
zkgF2y+Fqxvn@H|QXPF@g(F{^Vc5ST_cP7fYlMP~xB-v?-L7JAtH_YW|Jc(zM<V=X)
zA<_(p5geqG1`pw-!Y?t%vQ?&KdBrvEmSBEJ$!*kPD0eA-Kp6wp4sm=daSDt)NZDCS
z*2B2@l|7N<3r1av6)4l)5`+xE_X#J!R4?tV)0R!9#R)@78i<g(6G(Bl1ZlvZhZ8&m
zqvm2#z)|0BctKae^|}q0bEg}mg%GKMI3Hmaxelfr1(Z?ZGJ<D@#z*P2{lMUXJ@ndD
z2;l%TL@!kt$$cAB24-Y`FseMCyQhHhdeIi-7#O*bvUo_+DAORK=Q@K?O6A@{I|YpU
z_a%fnDfzj=+|@_(#$e=tg@aKXpJ;c0k)^ot^T4<fshg6GJf#w+JqCuW2G~uT!W{}O
zKHc3C#NAW{DFKX(0<Xlt+F~B3eM)hPlR1wuFEj*<8mM@(v=)q-WJ#W)y$^<sI412z
zV@*ws+u&{qLbb-skmGIvg8fjmUfX+|vi>5p2_fvD5GtCc?6IOfED*q62GVha0+o={
zctPl^gvKL;tr%h-AcTb-A@>QU?4}`vZ4b0N2w`tcu@lvF(o}?6qBa;Cu-XGK1FswA
zi0YHLMd3&|^mYepf;enu(X;trG=%vK&~`F*YGBk$?iL{4%Jslygt%i-hgY7$yB{46
zzYGE+Yx53TNlba>K0@4kQ6bT0s+_wR8}_NZqfj<x(^N3BARi%n)i~~r@4y-(u7vD*
z$lda1-aBwj^yp$Rau8&Krk(|(Ovn**T4@?erMoD}6Cv(Y*(i#EaVO25qLVICDm;T`
z!aPN$^SC0)AZh_dahT|ax?6yF$yx36;)&^U=5mAd1p*n5Pmyjj3QpNxI&CT#Z~Fy=
zXpVquVBWEv$u9_$8AIC>3^zQz_0n2|$ZI8K_Ix~3&Rl7bYRoDaljxnPU{o0;iFQAj
zGDC`=W+{tI1DPjQ+M(@FjPB*MQxQ@w;G|y=YJd!|6QZpI7$$*HdeL#V?6k%p^_k79
zz*o{6U}PjdLDrtbI~{Wij5HFAnuOT|tHB*G@;1J9)t}3~4IP51DQd2qyB0?rh*Wj>
z1^VnN7<mvM;%<!3sJP@=<8BE;4y1ITbOMYXQ)U|NSFmQvJgJ+<OT-}vyMr0?<jhQL
zzaUbDkr+NE&X=9m8KfceO?9Js@A{KrhWrLb;{ua@SzNX)pst`<cq&4?TWRBW5R7W1
z?3zSzp`5$kAaz~H7p0;yZX2aNVBJk6YfCLsW(b_gdM%Q3vkX!;1nOG2)X(mgAmoWy
zabtAa8jE2_rO<GMNQX@lb>jZTveQO`Brf5irDFB91&mz%E*LeJkMYV&&3nrqjOxq}
zvunYqoszP4KLn%R!tlX>t+R~B;X2DtCk+ClJW+|o*eWlRGqVlad`com_0mgCmYZ2v
ziU*?_quWR6wClle0UD>5t|3H)Lq|0$tl+8O4%obO2UFu<+Sy<<c2QiYPCU0l&fQ{=
z!dIH=4(p3gSIQAv4chvvXo<wKuZ=^<UAgw#i4dQMXsl~iqi%E(mOK&iQ_6Qm-^gI(
zs+h~MA<PHU({+>Bd5yAWZeGI&4Q3r|j^2P#&-01jW39<);ZRa681*75JJQ{<Ac|b%
z1{fa>l+Y!;VBN-g(GRSV{9N|1M1X9IxfMsQ-_zyX9D}w(2Gu&ssMp3Lgj)e`y|kIM
zf=URPrb(Fc?f|BaU>b&C?T`|c_tk07fqBT!;lRb$@lHiiNYxIEQei5^{PPPKO{JKx
zF?8R6^(kPT*5hnhz}ABO87F25Lbrmr9$@_n*k-Ws0#<PY4#5R%B-o!RuY!dX#2Gf?
zR9nCn|Al=4`|~;fP39?c!2YbKbvDkyrd-7MY&l{d?k%$A%zXxJgUw_Umoa$xfDkqd
zxgMI$a>Rav_;9nFx!<65*#d(q?$i&VF35(@a5-Q!X820@9;`z_oX=L1OSz&;CW2A%
zrId|i`E3P*0*=u|W!Rnfch_u_a}OG%<Iu=iFyioZiS4Gz57U9zYrC9z$RN#!*cnMG
zQU7Vn?jX;g19f+V_=qE4m<C4vuiOMlzk#&?!``!vPHdJVI~_4di*oqHgk8HqC%(#&
zGmjX=o;&4S#4X!t+QpFz-&2{gKa^_j;swFiN8!pFOoyy7V;s~;bHG{_u&ZFy8Xi}5
zH?I<BgTVewx$ZA<Z@~V1uIV20l%v3?VLX>3U}SsFtoNG7`Ga*Th+7NxXUaEVW+nV$
z{@fU_KWld6FL74;%yaPv`!koNV0<W%C7yu&Sx?vf=Fg1+`!ntcSV4JO=>YO1pA$PD
zke$vLMEQUmamFCMg-+8U-#a@Vq-C2Xv|b4DQgQDstsot#_y*-O82PD%vN>&fh^99e
zT<azx)C@X$5WTwrjGp0};5%v@U*{_v=F?3f#ee<4JdqNMDDLWIFq#jsrNEqZ>9Cx8
z&Y;yE!F7-PJWDURAw=2onLZed8i|Dx-kA<YkD}XfOnnAM)luTKjz?h}W!DppPz&g2
zGB%^Xfa$>$AJ%>Z3sY{fGLPZ61WKsFaoQ-;t?@F1!j#*7%M)}7B)Ok3d8sSjW5$4S
z&j8cz1;cgsB@fG!rcR<nJ<OSQIWalw%HI+-Jyl?RJd*ksb_R_1GG$lpv^nc%&a|tE
zDVdwgQsXn`kBs^YJMtH1^{dGdsi<y$Ve|jOZvTZjoHe-~Js18Lmh~5wXU?>Z&*3@Q
z<*J7z0(=jKUAlHZ81IS(=LI2J>69f(h&rYC1wn{Vx@QPNIF;Zs@>hhER}I?w7s&=L
zz4Y3p2>H<n(7r>6ryF^RLX^uTgmCHWqt{lytXQpuUV9s%c;y1R>u*ZAxT4<oo1A&e
zpcQ{NWzicUPrB~W9z_USb%cJtO1G|A_dP5S2vDRR*G!@92n|rQa@Xn7l^%#M2%SZ!
zkD@u<Fon_(@>jH52=%0pIO(SBbk87NxXCXau)D^sMwwfDU}9`wW6>3iHV>Rl0wcG<
zxdHS0c`zj-ZSC81^GuZ(g^<z`=_EqFNQ+ti2y(r{M-`SOY}b6jym_u$bke-Ld=*9+
zTd*Ixr(8-u@UWynL84<|0R^n~eZH(Jk4O{#!u|m3SCF#B1HKvHDVKox7sP!4>uF+Q
zr-yRpBiy?F0asAOIP5c~J;G5}VRSX|0<1q6b|l!ocX%vkJ~l`%9`kpk%AJzb<q1#1
z*#<B_{<ybJYmrMkb=oR*N2ql{Aq&7-no>!(!1@-%HG9hE1JoavDHFju6r{Wa){du4
z)oH6d1Cz5J>80}sb>gW|>8j7oSrizb(9j_5TCg@sjlLnISDwL)sqOoM+|cEoURsC{
zpI1r00)~;0pqHw>G_AsvPas$q(#6d$Wv3T--SJ9!Mf?J{26@WS|FK>>5TT!xhc_eC
zrJ#c1YjY#@0_(1%T8|Jl18=~Mc=`UOz%MaN9|GehqdB|C+XBDDQ11+ea)R_yCPKWi
z*mr0jfMM{i(@V|X7376Eei&GLr8apvI`Pmu+3B@GYx`cY=3~7y1|jMX3=b4_6O7NC
zblh?HAUnM=NIgCjob1zeBKsg`Lc9U70iMGO2S+NN&l%2#J#?Z+z8vuuSGFdRxz^RV
zYx3pXw+3yck2K1kzr|oe2(NJvx`Gg1o*?A<NqNbG(0GJ+>|KQLk_TF&&omoQXl6m^
z1wwes1Fh>9Q_h<a!fPIA6~CIE7={pD^FX_e5MJ|q@UZws(+o)~3qs;|(*pw#;+4ul
zh^Mm=G^!ShP)~YRI))H;ExNTRq0y+P1lrZN15^9)9!47&jW0O+C|#j%8jU>ov!}M5
zsG)aYWAufliW>RpXU{^v0G+>hN?#E}vlF%yxaw_Oh?i58xmw^Z6pZ>_QqB^YD#Pu?
zes}^{f7!)bU#PQ%Mqc;TQ@V;D%X%O+R(%{U%i%}JoW)`7nFdB(&M%&R1EX%m91yLO
z3KuCzY0znXh$*i~MkB-r<8g$V@SJgu`v!({Gk(g`(o!QdhmI{a++!SAJeYC^AiW18
ztMHqhW|BtPDxq$e0)~M#LLBB*+=Z+M!_@-v`vW1eg_WEKyH>%kn#tyT^XU&}0OLml
z21YgFhsFD9oU(b7?2DOF()Mcr80E=RGBA1$wZcHSqNe1-qC9@^NjBn_E@5C~KWyS)
z%~fDjWByM13K-cB$A8qb41O$4HA9c1yslt;$l%8t(o{8$Z}3in@zUukSHO>_X#zzF
zs7q@wic`*w+L6SRqtPCOs2(`O2fAB=P&MEXcq7snzp|#u1sPzOO9dlmK|^tF_#KS8
z2K!8OO*Q=fn&My}Tmkh4>%ti-oC!t-;=9#*U~WnrT`-o#@35&8ama-cdVx_&#mwRi
zYZf7C@U9Xn)d@}zt<&0<MjAQGUoZJ1M5S;i%K+;Orkv@tTKs;yvvN7v9ibl3`NdI2
z8Rk?Bd6viTx4ZJxEp>$kmE{h;2r9J+P7F8v4Ax26qx<65-K3)hXx&_uacB4q%*T|!
zWRKr}lO53ghukedeC6jI^wKJXeu9i?4s)rsjYjCLFx=FMt8JK52~?>Cez8s7!QVto
z0i#|~w*JyFu*P7xk;3y|z^Gerocr!>X{S-%uHr=m`e+mw)fCs+NVpe_97nlAkUoRa
zh63)6S=plkizuZrh^ZAAI>;dH#Sh7OEDf1&V0i7=LofPNWD(X#H=-i1=BA1!Tab&r
z0@ESS5{hfqs-#iRXcU(KMw=UycTOjr2cvZu{ga>*D^_MsWsqxPWfno0SD9r3wY96z
zG)6xFj6jGCpg6s_rV5KFi&|cTs(Kdu#i=THaCiWGDHe=cYoYw0NZe4BMU=xM?;umd
zV9Dk>u|+kO3ssy~jX9MEUa!U?fRc+nw?1r&y;m9-jWNt0I4B(lYXOFaOx9_ORmUtO
zX9eq}Q3#Q{Vh9YNA3MP?q>G6)n3FB?zE^`q03}0BjnIpy!z=W;V7NQR%KIBaEft-1
z?@su=Iyn-?JXj<c4HK9P^Vt$GN{KNVgX26{!GO|MaD++ZEc{e10wFR0oDXeC2U8sr
z`Q?JC=EN%RSWAP&D++Cxf)FniZII4@@lvy4-tS=CedtFUp0!y-C3H~^e(v6jMcHcf
zVyQYT7m^rJhdEUS{#u7c0HwN4ykEFs;=%l=!P?^p;Z%WQn>cImZ(1mgMT7Fex)reY
zbv4Ql+F%I8%>e6H5cd&`{2N|@k=WFQ&kRTje~SX6vBz(h*MiY>$4BW+Fd9I`lxewg
zJ>E<{BXtJj=EMd_ngFKGWSF}SfRPE5Sw;E|Mso?TS@-(p>=sxnQ=HhK0gI>(OAKy+
zd8k0$)qv$f6~8uMPBjqg>uQ>=F+qz)SC$D?JnYJH35&Qfr<y>$8;c+u?#40+e{o~E
zgs-7H0Cf#nCQv)NA*{%<9MCc68!{(H6d>R?`KqUc>a^}){gp%5R)qR0zskao^eF+3
z?k#kMdN#(E!Ov5>7%CPAoWd?PX1TSHk!2I!L$Dtfop>-h6O>ezr)yv|vK6<}Hq_DL
z?UL?ci2%)Kka16W0gP|MX-8AZotveSax*X(tRqrleBn17*W8(t6N-#(YU(6<tFsP_
zcSKw&ZZ^R@@r20YYHF~hz|a11xW~_ur!`{{&alb#W-JpZx#Rcz)IJMkyQ9&wh`Lbs
zL#4+x%+*PQixB+yf54ygHE5qdX-7|upd6}r;tinWkLt6<3>tm_Q)0zv19Pf}5;j9t
zDyY0@dI?58#V=3lc=5r^*R3cpii3yw;j96M3vgV=-$qCsidbK*oAcp|#Q|$?M=-KK
z43@0Zt^&h4m7*74H)oj*G|lXgALS`n;0vQ+YpJ}J5;V-pRbyi$iZQQz{v8%V3b?fL
zIQ9_=V$dod!jky<;Va_X3t##W(sMANk{(O4@-f4re+n!M^|2!klPc-^1L=8K9Mye}
zXe=Sh8JB=et$YZn8Nv8cE5q=mk2z8{gYl(wk@#wvr<=yc6(QP1DslplYM+EJef|kW
zmgc6Zsu(SqrxFOY_>RVxayP1coQjixRI8uyr4J#sni0W=ke-`I1fPFGs@4L0DcwR|
zgc4A!vjid~ScWfsmf=f$g^H_y^!X>Gifq7_8n6XlDqt(V^dTg(?ZB7x9F^}@nh3HR
zUwUvqzLekqzEtobeCcD3WPxM&5}v}BK7^G148HXIulUmEpO7kYUWo;giRr<M_|k)y
z@THGAT7utDRF0JHrpnEcDs&fLiod7E6PCv}A75(VSA6MXLL&vJM#@tvQU*AUDIY@e
zWNe(2&wm+>|5F+N+kDAV*m2<l`||)tGEoh+rG(Tq*p(<Bb0mvlzo2{wDIGQe%Euf@
z!X`kmFcw+m^B1K4CxJ4+nyP%vk@_CXh|)V)9F&hal7v-4`4CbNtAO$$q#)*f1u?@b
zh*?`f%*1q9z#NJIRlplarfCH%0_*^!4<WU<vx+~dIw4J#0YI``DCx{fr?CmAYzBkU
zW6>o4A0p)wkLRg+i7F0J^CJ{l6pG`sm>N9-NX3p;ll?oSTBjl%B^{??8jy;cK%$Do
zCxI6S&H+-ZR{^P<wfNr#1C&4k(wN(;X7E3cy!`*G0;whYQDJhp<3KX}X|)07NcuVG
z6m?#WKTr0j@C8-)C#3oLh8k~<B;8bXLh6!xD*sQ>_)iI|BO?oRTm@hiAhpn*I`VHQ
zfjg->A(ic{azd(51C<k!1sVaZfZklMX9_4t8ThCV{1a-~sHPelHnpk7@?ZW@Ji4u#
zi8)f{zR;;P9n^Spr1*}iPS_TF4v-|K>gGtTS*Yq}XjBSVqDGh_6|hv*2@8X-22w^D
zs{T(%6<)8V+oYy5M|yrMbV|2FR6Tl!n$R4nKlZ4)Ia0;;LZ_&GYCK^H@H47@7D(yN
zsdyepA3`ellFBa`O#wCHca@tXRpf@M|2w3X-BHsKlH)uFQbk^<Iw4u|Es&;O<7YL(
z9I1xipwolj)%gD%q~}HaA=Kgz<x^P2A|&ENi2sa2Q8l8N8u6bXB`twJrGeGd=LjiS
zL*@U36y=CNRH0f*I`lsUNT{u19VJ2#2x-i^soWeXeM40zB;H8n{|Qo39sVf(*HnFw
zuoNPERsR1175_Ich+6!UT7mxrspZ|&^#2YiU3WDdAvt01LUcsqfq#kQ{R8j-`C$N1
z!(6<u5)%y}3Je9(hmiCzRS#G7e?odLLX9V+`oyaIpO6OAD8y6##zOF0dLRt~)o-%;
zpgGd$nhBkvW~=GutGEP66<A7<{{ks~nHo<>1+P%~ibCqVMFJI+p+*qWgPE$Ht?GoN
zZ&vw#g4DnqH9a9!V3&$}U;^c{2S^$3Rq+=!!G1NKkTN<7B<TeHQ2LWZRHWb;mH!h`
z)H(biyr`x#ngaiXRKO)9B)qIXV2-rAx~uB{g!J4!HQpRazYiS~tx<TSCLp9PcmbrA
zzEyQ|qzB)rIwA4*Dt=IPLNf73RsW>oXEmOX;=d{!{m%m&DdM}D&>U$=D1<-Oz_LXC
zTS)%*zmp-AZHqrt(F$rs{s}3*k{VA)ma42`6(F_I9%#f@aKIljxigV}fs~;O;wgzM
z{!oT)K-zycQ@NfZ@gbym4;4LCose_`kSgG9q3*;HP(J2J^FeFqHo$&r{C^+S@&Dh?
zm^a8gU$Wo;G=wk!NR|jR^--YOLP9cW1SMc+T4-u1JIhE=^1V@NGIOMj`UF)sN6LSq
zsuPmMrvOQxs_KMf=$SyOmkcZhTmq!gok=}Jho_wo=vv_dkUszKQ0<}ri2}(I7ttVU
z)9?607PzY7bs$;n7L5=xMJ|wf<~0!i3GeZTGWY-_3l)YP$#m9aPZeoU*??2Vb}Cj>
z;|Zzj9DtNx9Uzs{SdBNK(G>VUL8^cr8B$9OK&r5pip_ykF&~w;0Mf@CQ8A;?Mos9e
zCLpAic31g-6KUTTjC{!=VL*{)hzJCz1yMlSR}E2lvXTJ*nzM?dfcQ@si$9b;jfjdA
zoQywYkr_a0`7D*s1JbEu4UnG8P;os_nV~2^5gUQ@U^YdlNG9D3PSOtip>(@cz7I&2
zItip3hC4vzGyx=EdIzNZKB)K+NNXU~lCTI+nW2kOwecaO0!jeMM5R@oka&3@RmcWN
zoBBFH#i@W~IRlWM_XbkIEr9ePq~}_y*h<xbMkS-35a<DaH9>D6&CGFX!v8r`$N&Fa
z0lZ-eYQqxM1`(n+gk&QE)bbH(ggKJQMym0nfy61jBXBj4K7<rpr*cBdFAGTNH>mo*
zLgT-R_;)&Gyiv`VkoYDb6}(y12}$3g;#L*6squt}HwxPkAg9@>CfEhUf5LwHqatN=
zK;{1qDcwOe9U<j=MCF7Oe-ua+J+5%{{|Pk#AtgAeCOEC~Gip2`je_&4enHj$6Qqh<
zR@0lKME-Y6jUc3&-BCFqRp_qD&5_dGSK}W5Yl2&1P*ZvdNb$vhRB#Cz?0-XwF9qG3
z5|mLB5K=@rm762!Hqfa6TQ#0gVmCYBphwx%RAqA{$r*nrzMdNYe}ZIqH#MKeYCdMj
z4|;k;(1h4pO+ZNXZVRMEv?q`j#Q-3+BT&U4Af*cdQbog59s#6+qg6c)NYBLs>GLO|
z8z~||O^~Q2Fh|O0n5q*}K_h_FxnqFz{8$xJfiyi#1k&f9kSaVG@$~!*BLXDMQXe3s
zC13%NGG3_SA{7?{=|e~vtW-H6rC+6TbEN#&K&K^U3y|{Pt)??lfNH!SNEsXe(gTOo
z1m;NbhgF@B_z^YzF_j-z@dS`8by|)86-Xa*M7c)cA|j|ISJek@04d{}>H~ztZvm;I
z_kk3ZtLjgQ;6q3SzEC+Kwe&rZy6_W_*1W<HDV+pVwh_gY0L(+F@gbxFOQ_r&$ugy&
zQ$@<D@&5@@e&yBlf5BdVi=YB*)r96q8Q4Lm_=;*gg35dJAMetsKL_JWR*J;;$Gddp
z-8xN~8^|2^{&<&u4_2TL;g5IeWC`;h0nil5U!h}3<bfaW(y`6LltQNY@h+WKo*(bh
z&EKKJAj-RS@{b?y(to^5Cx1}hsnd4$$Gh|&@6zdAJ8eyWyi4~bGvM=ogLLEamkfTq
zOaJG0>ObD4(_ZDryYwIL(v?@}G;jQPmu~(JohDM^bT9DZUHXrA>B`FbKlAdQZsdNv
zOaJjM{l~lXAMetCyi5P_F5UbcI&DLU|9F=UL)24WTmCzwi$*u3qr<e>J9IFG|9F@F
z<6ZjypWmh9Ur_kVOLn>iFn@<m!-V)>-=*)^6{YD@#<-v#{vXNiclECqy}@G9*y5L-
z5B&HbG5*5Z)#oocj%fY8+Y7&2Inu}Hj+@F(`PScHF>GkRamgdrR;~SOhYcU)M_>CO
zQ;qPg<TqebDoFiU1cb=b1Wntu^|yTdt#JL$CyshK);N)VC%<Ni^mnyZUMUvSHgw&9
z(qrvzJSZ(sZXU7yrq53)6K3R>ty#0?)$;iRYu#p9V>GtL5aXy3>$)DuE!%(9=<XGs
z&9&+Ms9V5;!{-i8*||Nb(3suv4cmB+4QpBA@_4T=eVj%w&v<jb%HvDA;vbFmUq$5%
z!vDCjpn7^!-GCOo-tMcCcdp~4W0Ma)etXQxB4Lso5M1fy^SKKj4t07oJi0=1(P3%n
zJM2=O1GZQ;TiY?L-MEL3PTp8!-+XGng&POfyu$j8MfJMZKG-<Fc=nzh+jL<U!>>=f
z=ry9~wcLis7R<goJh@C@)jAcgFB<f<bDop??lG;kPrM2@>*TlppxfB}-<-$P9@Dd>
zS@k^4tJi14y?XtnE3FROHMu=3cIoJxL!+Hz>J}P!-nZv%P4})f^F9Q!mOYo*HApHq
z#%bK=Vs|w;Ila@5rvBdW<l)O#+VvU1tWr_EcW+nvX4d`swr%&xqmNV%DU&hapmphI
zTcYYL8)Kg_VRN(hi?h5Z3ciM)9h<qoc@@~AYx#BaY8=f-pOZR&>CgK{;-6(Iu%4HB
z^}eJ%kI~e8ka+fZ2e&$-mse<QbNK9_XhTks$E&-~KlruEm<uyMR!kde7t^js<S&N`
z8(e0UYQARfxu1G|vRVD`ZT5@b*j`kRIULcn*LbtIBbuH@AM^Y#?>{qC9O95^KY#DD
z)YLU~R%#C3$$5RW)|8o-4h?*{seZAk!Ka+Bj85L$^GT%*?n86ZJj>Q~*!9}UaeU+2
zb=s}=G^=+D^L#^mW=`1npi6IIQUjNcsaI<ai~Ue2?%18S7LSc9mvr507=B_?t<uxZ
z#Gb15Y0rY*fmdpsZgw)DY^E_`+7p{=A4W#DHp{rBdB)j|mKJViQ+TPT<LjdKk8%%f
zYhqbzVfL^2vmBcZwj94g%vx^0aBLHcFEQWPb?uEKX&%3O+Mg^@EH!oH^4o{~GcIUw
z6g3T_R^}O(4J&f3YQx%B*1Yd^|M_ogXLP$!t$NY7PRY?Ri>_Ie4!D1J_41t`pE}pQ
zb8p;a=cV^=J?=W`Oju8!DV_K2z27mTUthBdw>Hl=<Xf97>!YsQUfjDm#w*mXuF*$4
zTw>*?QjQJX98NCEIkJD?Z?ESpt?JpwrEpaJRYul8>e}kexwHu(7c9GVcd55%i&@5P
z%rmZ?YFy;z?QLUos6{cq@-5%jEHW>8Pr9~k;gUX?A-2<kEyr7~eAlT%`A@kseLj}k
z9e=7xbkqA;7md39tzMK3+ToIKmT_D2jN2{l9sN_{<W~>cyWa?7aiyP}dGzk(tOLH+
z4r$7L+I6hm>ol$L>b{fvdv3pcsLs3*otxHP`D){+?-om!wU?Xj+<<@6rNF|z=J}3D
zK0mt1CF7vUXKeTGxTdW(pwkRp-6dx`6&>O_*yi5F)~Rg4mSts^-MLe0@#e;RN+*7L
zm%Dgi_{>#{s(bobt#_Pz%Piw|<{5u>_WZETGk1ZzbJhKYXZU26@+|$#H(Z<QQ{w%H
znfc=?1ni5qOKttwV%?^|g~N;i!-u;rX+D2;t!|&=U7L1Yy=uucvy9uDXI!@Wv2CTk
zj~(ta(f;tnS-&2*n&$PaVbOtyXP%9JcHQ>K-C?^oMQtACzuU4w&B(U%CQX=hu=)Be
z`E5F|yJsdB-QrCDb9j@lbui^iS0NUS&m8Z(Xu_F~-A3iy$rvOW7U->3Y`)|Fq=>Ka
zbhYy5b^7V0s_$BrU3p!tt(6bGJgawc+W#TBP^}9#E57&!RhnXHmT^Z@#*}Z+P@Ok>
zStsE4r_FmbEp)f8^W_Qyuk@+ja$;)Bo7a9_QDSnj8pa{Qv-&$N8qRTf;b`UiW`4s}
zV}G~rVBOE>w}||8pUpDvWS;S*dB$(n7W<EP9Qf)`eeJQqgQoY^t|)u4d-&zhv3G<+
zfl}`Auk&v7_~SgQd2O|uPxBMm!|N4qJa1g;5#4mJuOnalnXi%lJ)nY*#Z8|Prv^Xx
z8sR9OcWW1Pr(tH+z<zxPjp(^E<YR>+J@35ksX5j3)aP<<N6Z>M?_~Ss4?67oHI0?A
z3hd~z<W+vVJo+Dqn@rrLAXivITd`@s<_)G)OKpCtT%ikv_B7eurR=DbVrQ!ui!Ez<
zcWvqrtK8S4946N~u4^>=_lBi&T%^I#@r{yo+oB>SU0>#P>sPakm4Ev{&D<hBt?I7S
zD%GkSc=M*i@D9C8y4?+*lyPoIM~}8wTE`4rUZGxI>$b&4zW?n^-TLRsFRSZbDn|dL
z__SNCofESB8V&INZe^D7PxxP2cNP7N-OOvgEA-a<oa4Q6&$fMb*fu)m@J|nhovnF#
zV*6Q^%eEg{H*)jZ-5!2N9`BE9^=;kT^x#_k7j#Q)dh%m$#|keWwJp=2XNXz;-Ocm$
z$SKvY#Dpt7#)d!WEuVTRcb$7bYjwj?$y?%$p-=aoc@ug3-lwb{EnbBDemiOI+2Y;9
zx}6ZlP4O##@nG*7Pu5O9T*544{3B2WAB!$`#(R!`c;Wh&&mEg(w)aYMFZV9}*@tcK
z*LpXPskwbhwV4|NFSMT2B5Y{*r|$>rNpC8jx!t|$*aH)1&wspo@%g?f=2Nm?LAL0_
zRVN1(YBw{n_t2|*BOUw2y329FTbsmfb^X*SYwC6XS57g0Wg<$w9XR>@kX{d~><cX(
zp<9$V`o^{vhxWAD^J2(4`ga&izR}Y>U$19LZXY{J$?YPyP79h~n`OLqD?M*#+MWmV
z*H?^-KdJk;^l=lv^R+rQX+3(gN8Jp6%R42Ct{hx4G~8}$^?8p@dzd>N{k+oju^9Nl
z=NH!w?zX>&Pf4A=FtEz0WJ}*>14_C(PPe`O_|3RuRpPtUiZO0%^ya&y@AL4@_Tcu+
zdS#BT{Ih0Pdp=nC%Lw`xLQFOG7v|)Oek^CI#)@^+i0#Eb0$ZSg685vk%2;&QaR2GO
zJEnd}&)>d(;N$lWRle=0GN5C3H@hRhHQi)&aBSIM7aiMfZ~Oi9n!T^z3Z+-)-8(#H
zYne4$q=O%u?mw1oR!~1v^???;u~)BK@3vakBeT@}({~qMp15=N(cgWUW8$V;Z#!IA
zeDU&?;eG*;=k21_u4CcvUpPHoc+0}DU~tC9qH9i+?A*C&KC_yJ?a;VP=XrA<IIcfe
zq0+s<RXSHccd5hv;_vS^>6hr(aP-X+x9q#0-5KsbVtL;VJ=)Ik8I>++I)2$aHstz+
zhV5FlUUOl-S@i~(SMTidAti^FX!l#pu8y<9zRlYxS?M<fc4Q3-g$B13`j5FPO!zn;
zzwkc00O@8(&p)gaKmH=rd8&W=q`Pi-qd8Nh*Z0|8RF92X4|@g(%&9T#Icz%Y`EAjd
zkl-mL!`~(yIDD(Zo-IdXVp|^D+CJ@boW5V5#OhXSe>u{n-xd4HJuPOWtvq$E(f+j;
zm)^Se<!x%<#CFyF&we+naFBV0hdo{ExNfWSfFU=RyE?Dmvv%#X$>lAUzUsBJM748u
zn~R#hclTYbdrP$2aM=IRLg$Xx(kJe@bfxl=J@pr?@^M|0-EbzWJOlRJFk!{{*1CEX
zIyvTFul8+zu>YOon^!-)UbES`yGN#Vt6Vli|3}+TBTsyaj_-2%=!T`90p)kk{aDMX
zh3&Le+KPg{omurl%&WKY@U@eji#R5|wbAzpzV+B|`J%Y61|JT8zc6&tnlgJYWjN~f
z%PwWqwi`9ax@1~~k_#uiD!Qobj+-9s9u=ODxO=ZLlbxaJRm$!!O>Fq)`l{<e$v##$
z_Y8ivZ`znwfiG)kHa@*PN9VXduVd=O7CR1Iji_L?cgN=eE~Ue3rO!B;6np2%foCU+
zzc;JiAoJ=uubbKQYx|OC>sb|@RJ48b`*lxU9xphr960)5qkSLc)EXyyA9+_aKGCl4
z+tjpPOQ!AKW_LK)CG<<{zDEYmj<9QeZ5JCg6V-d^b*s(FJ&&%q^-8I+>y@8P!|tsI
zy<he!)UoH~-W{r>bsBVf>dO5U%S_ldb)I**J2MAWd7v9nrS=K^ZD*aELze^ix8e#$
zWw?3u4n1w_cIN52(52qjOFDK-9iL|5?ArPA`UNZNBuOV;ZJiX^<HgD6n;P3S3eVY+
z@HAr8sX58ltKD}0^-jp)a_PUl^sdibW}$k|HIb)^T0CsoXQ%(sTfM7XOti@fUAbYn
z%f?})W)8K`*6!3Qefy1L(?|MMp5T>Ow!L@Z`EK^(Dt7l;vS(e$vf4K0+amgjvgu>-
z`VX5Lahq<-_LKbVD~@RLVL|ord%B)-?%Q(Mg=rbNAzcog`qJ07>>#^S``Gjz%SKoH
z*rHLCF3kJt<*wRRU;9N}ieopadUu}meVW)S|KP^Mr_0TXon4}AmjS(7`K0)N>v5yy
zmQQcr)-1i~*7r8fueL-u6xrFx?|aOE7QI~-JluNkY8QtV?!Gx@){8RL4QSEPwZVcb
zcY16W&de=;;_lfEyZsiw3to7t%Z%?OulJcT>CGKi+Zr3D>g@Wu+GakgSM2cQ;Mt#7
z``+#LI(|X^ozyaW_pzU4RBz70pEc9thAkXXq>9Vk8;Mydsp&z#<(0eZJ!{*xTQ~2F
z9`~V1#d@h(Q!Cy+aOvcl)7j0Zzn}Jf!G^Hkzn1$Y_*zf;H<C<KZj5>L%Dg(8>b|t<
zl;W3LR7jM|56zf%t>NN(RxPI&&wKNEre!nV$!FSb=sUyC`asISc8*(%&I}y*v1$1;
zeUD9i*U@@X*ZI-RbGF8|qv!g)qp{3J+IWUOA6C&?2%B3qEHHI^%d6{(ehS|`v%|w9
zWpCHNwQYl!XN~ojzjQnsJE_n*=P}lYT+11r#+_Q0Y*xKEftB8l2`hg#mV|O+aH30K
z0b?{hS^69ZM@UFw)?*>`nhPOmEQF!#011{1f<r2VWEPhSA%}#^B#dD8<1{@rBUv)R
zD0ZG;G^>*aFtRZODeNl280I=2FqTasNM&~k#<8Xo0BLL{!FcwBU;^`=2$;y`6HH=x
z1e2NXB)}B5oM0;ZNboc3IvFsHWe`kfnkj%8%%5N;%O;q`q^SUz1prw3GHUBoRD2Gz
z{+ZgkoZ9*`1jY`KV7Y?YIt{{n7B`LBO2TCl7Bc(k5W-eMNSh8}F*{F!?J5Y3XFyoW
z#>{|loP>uYEN8AWAq-m$Va`klE7@HVYOjINY8HgmZ00NoS4enA!dm7nLzuW0!fF{p
z2FoMCJsm=i*$~#T<+IVG_3R@-7VA0(uz_U|Y-F0bfKAMwAe&_qY-SPzY+(TeTiH&6
zZOnQeU^@#Z*uf4E<S@JWfSoLkU>7?<u$$R00PJDO1bf+ef?rsjg@Ao*41gWqh{`=&
zh{_#cu8SZH+XP|GA_#}rT@q?%Luj=a!VxxeF@!55yd&Wl^IigB;${e|mq0kd@<?#s
z0-?uJ2&dTcr4SyIpj`&x4C}fK!n~~zwvlj_X_iB1yA49fatP;HHVOG8lv@GeA`4gn
zA$>c9BP3kL?g>J#9T1XMLin8>Ai**Rg2O5ZS6SRD2stENCgD1>UkxE_Cxo=s5N@*b
zB-rkP(0C1m+ic7l2**iyNWxv_x)#E)-4N!ig>awUC872n2(8i~JY+M|VaY$(6M{#~
zI|J~T%_n%m@(6O7ZzkX=TTbwdeI$6!x~>DfU>O82nPxrU74s*^W7!0+nUn>1!vYB2
zvYiC)nDqw0dlpXcfgK>oXLcI_A6XoL<s3rgE^kETJ~R7G5W)^aNZSPAD?3ku?GXr#
zvmtzEW3nL}C*dIkQKMmQn>E-O9fdMyGn7Iac8`?W$Dp*@0!6D~v$jCFLdrW*ifEY6
zRwxsXLs`8Qilkw$NpU{`rN=fX#WZZiHYkrt(Qb!grC~p9hcfRZlx?Jx)G%=el(wg!
zgzSJ~tznx<$tR^;4wNz)7MKGi{WO##q?FUJ(mSE_Is+wXClnhEJ4lM<uTUIzL9x@Y
z_+3zPNV!Z(MGdRI8%o$&C~3Q)RMxNyq}ZN=(s&P)sv0(S50vAiJS4>)_Sp+%*m)>(
z_Cl!v`;b!m0+d$2KyiS5et~j@ly{`mf_?TunRpS(>U~h^z&@n7UxLzOKNM%!XFrt3
zq-YO7ae;jfK$&+L$~IE!!#)S0wEYcA$U!Ksun#Huq?9`Zr6KHd2uk|zP>zt&81^{~
zrPmcGNr$26U>{N}uR^&@7lcij{ZaBA64H)B(6jR-gk6Ks_!tCFHs%=l&UFY6N$_H>
z$H{j{m~$M0H@i#1up1Csoq*7S%{&32_Du-yNNB~pPeQmt!s?R{+ORwlCf<V3;}is6
zw)_+X_uCM(ry;awT~9-JOu{x2Ix@`}2=neh2ss0xGs`BS?Oh1veudDL1^fyjpM)bM
zbYs?MA*A1fkaQM84|afrUiTq5oP*Gl#ht?+%LfoHli<(n&qK%|A?-YbKI}XRVGkiR
zz5t;g8*>4I?H>>xk}!a|UW9O*ggF->1hBg#40{Bj)g=f)Z002hwI4%xM?whmz6{|C
z39Bzd7{u~OnD_)jkKZ7Kv*o{GXh*P*1cO=E-vN;<gCL4&t^lH$KS2!3CWvLyRX`jI
zAc$u>2@;s~H9#T@CrDxk0Ib&w6yk6lg$!kJ*CANGgm9UJWM+Q@LJkROHz15)=Sc{A
z1)=dx2&34Tn-FaCAUq_&$XsthI8MTxTM)*uyCe*I4WZR-2&ru5Z3wmBKzK(&8uPvb
z;R*?>??9Nq@<^EY7DA7^5GJwZcOkgHgP^?!VG8Sd55i*-wvq5N)7*zJ?>&T&`w*tH
zY!cdjfKcuMgqbYh0fc-Kj*uWT>xU51^C2WXgfNF4AfeYs2o8ThU@Yzr2$r89Tqa>Y
zvws93hlI385EioYB!qp2(D*Tg#ca%D2)17!JS1T$bA1BgI0<u}Kv>T1LeQ*WO>+S&
z*-U~}><PhY=KU0~hRr8f%kl`)neQ_|23t;$$vzUSV_lyE*0T(PET(yZLgr~iwEhJO
z*~qd<Xe&Y}_Yy)j3wQ}3pM)bMY+=@~Afy+9kn{?|Hg<r7UKS7>@*wPBad{9dwGb|o
zu#?%phLA%-+G_~A*?AJe3PWi82Etx8<_!efA`l*uu#dUEg>amNId35xV0TFvW(lFy
zI|zr^%y$rKOAy|XaD;ikhj4|2)$bu3V|gS@EDE8=2M8zF@(&Q)i$T!lLpa5{=0kW)
z!Zs4lFwI8@^NK?V`3T`G%O;_%6@+r1Ae?6bpCIIuaD;@5%=$Bg^b!z~K0~<74v^5R
zBm{>q5PoNIUm#ePf^eCHtIYl@gd7smzCyUp&XW*k4WaQj2shc7ZxC!tLwHESZRYwN
z!f_Jje1~wC-6dgI8PRG^D-j!uIWt9Aqb%aT;>HL23SSYz6%w*U2#?rD5+;^|(611L
zCoH271o!d~tSlfrW&Rcr9+R+_gy&4sLYQX*AxaD3CEH0tTU!W~3q#0b;e{dOlW>NF
zH_WaGgmgOyql!Ry$4-#Ys{#ZUO9&rWvLyt|iV$v+@R8M##GaZ@Yz)C?c9q}@b1e$^
z$|ezfV|NL@v!=zwo+AD|)>*|wKT#vHTtZP~KE;8BM7Ds?LS(NAwIXY01uQJG6@*1Z
z_6f))RzuPKO5hqt5?N*mDDL)9tV%*DCbHfop*$vKFDX_cD_RQ5yy{S*N<k?pvR$OK
ztpTO7H56+R|342<@<};EN*R$=C=DgOCX`X7p_CKZNm6<_KyfJp#YSYq%RsSogmRM<
zJCQk+g_1+c&t;)h6xlUW!fHYBEC;2s$R?MAVp|)^b5g2`tXX*|$4OaS9*R9IL&~r^
zP&(Q`sR7&AK&kBn<tr%;u#PR1E2L!ELa7D&KoM(;>?b>59ax9ZNn~OLpfhYkSXX45
z30+{Biokjz3nZ)$yAU=IS?NkZS6GG6O=JfN8^R`)fsI5K57abfCn}>?n=tz-03Ayv
zaA)TUnzA}o0nOML0zJD*;K5w00X*3x0JCj~ia)Og5AtG7?I9c|VX-{~Z}x<QVT~Yk
ztPY_Cn_nG5?ZyzklF*9z)_`z@gsd76+OUr#Ol$(7Urh+UETbj_cO3*P2MFz%zXOEF
z{~vE}0bj+@#%(7jCs^?!2?TcwBtUR?2rk759^73L++7BDcUrWR;uI)QpoKz<7q>!b
zDNy9Q{=0h!<q3WIeDCjl&yS0H_CNQ`&dkov&d#2km9SevRTDci!mNS_oiZa-H#;R%
zEQF9M3qnoPE(^kQ2`41fHvU-=Rux7Vlog?_IVz!k5rkaX5I!^gvLVDOif~Cn1CuQ~
z!VU=&vLiGy7ZAJ~o1h$+CT5IGQ*%wGnJJVL6K1B!G&gr;T9{I~FfGk&nO5eBOlwmq
z5YxsimT7BV$b_4kxiRg`YMJ)NI}fIVX&}?lY?kR{Vh3S5o8~fI%uboECQ&e^n`tN0
z-RzU;Vf^!AdYW!Bz06UJsb5|d%||u*n11<G(F&@lgnnj7epOV$&HM-hOi&0yctwO6
zAqa!aH3@!|5O{mN<_uE`ARLkKhlC-fR6&Hkl@XQ~L>OkCNXW{0Z0Z(57-1F{LO3tM
zw=lveQ?oF_=um{M62=%_0-+^`1~TK!W|{FOc2Ud((_Chv*(o#0Br1lPY}(08G5chu
z8h_p-$|Rwi%ye^9W`;>u0yER}lQHJB%q)|wBxbf5A~VNakeO?ON@3=iF*5VbHJJsb
zP-)CUGeu^Rxhu2Slq!Q+VrI)MHBV%gnM!3b%gth$73PJ^N>j5OW|dhjv)Xu<r@{s6
zQ{mR-sqk8}S;8F&Nh=_%H_a;`%xZveNWw;ws3Jneh6ueXB5XGMBs`apsS?5$rduV1
zRgDnNO4w@BRYs`a7-2+Zgze_Egjh`w@>fCFX@*om*dgJjgk2^m6d}AR!i-Ra-R2qs
ziw%XUV)mFRGJDNknSG{IHOzi9TjqdyB6HAGs*X8i7RwwqFJ!(kHEWRV=oVzVwFcQ9
zH4SPa6l{sGyC%Z7CUz|xkDKN)C(KTanbnHuRJDoz&a|tIP_Z?_2??i-e;pjpm~JxP
zo1-#6m~?e9XH7qubLO<nk0x6^%y~0J=7PB(^OFhs4D+)YgE8Ul$oAo9WP8aJs*m8;
z9$|icge&GQg7;NZssZMjnJshOJdyduRBDL1VHV5WG%sXsnVO9-x6NvqJI1>)=B{ZV
zbI)v+xo=`O!8|a{WgeQHGLKB6rkGz%JDJC3pUe~E-wgAc=_d2k9L1Pb-6&kHFbemF
z=@*7jzdOPu34fYw%@JbtK$y@R;f1*%VTXibEfD@PV_G1D_e6Lo;k7B$62Y$*!u*y9
zZ_Ql^M<i5j#Wl&>$INM^D_L)p*HV0ZOy$<PlJ!AZ-x|f&$GntsUP_ZTC^3D^nl>n-
z`=Z2aixS(%G;E7fupi29DWCY5IN>OFq;v{LiRWX!lrpP7N~(4!34BcZb|@7Gpq!AB
z$j78;&owNukLfP^sgF4(o5aVY?|@C}WBSV`^D$>+llz$L9kG5sW~i*ckNHV9g^vmD
zgiYyV#>xixnCr5sd`#ia*wj8|s%#n`b5Ay{k15>+n~wI7P48oVlg&VDbj4=$F-v4K
z(H63qeN3%x*etXJ){GuT4dQjD2H9wd?kEL^qwJQFgO=!laz{$19w@nJ2`RHiprq=F
zlAD(3iBfSS$_Xh!v_vnI=TZjs;^5^qM|*MbR*gc))f*wd>DL>f{%C|t5(=1XeGp=e
zL7317p^&*CVTXibeG!V7F?|uj$09tGP|OtShu}93VSYb^66UUiBND3iM<``x_ebbE
z9^tiwGN#f1gsc+~)(=1^XI@A+FQLgmgbHT$K!ni~5#kL(sAL)pLMS*1VYh@TCiY;2
zI}$n#MyP6bN|-enAyouIb<-{aq2d&T6B23~|44-A5(Y&g)HX*YteT3DYY0MJ({Bhu
z{b>l7Bz$JF4Mm7G9bv*yga+n<gdGx!4MS*T#tcIUpMmgDLK9PHID+3yg!#h}nwh&2
zj!39F0-?E?Jp!SxL3k~prKvO$A?qxJ^&=5ln->z!OK36*p{-dx3SsnYgm|M7+L;EU
z5em*h*e#)hi9H74j)YEQ5IUKi5@yXsNHrFri)l9&q2fG*6B4=^|8WS<B@7ye(8C;+
zuxdU+uJH)HOuz96^%o#qlF-Lwn}85&A;N?S2>r|j2|FYdn}{&LjG2fKz6jx=gh8gz
zBm}?32=gZ)M3}o0j!39F8DWT-JsF|z5`@<hhM7uJ5V9^sSU&|}gn1$1yo4rG5k{HS
zQxQflLx?vGVT@@o4WZz2gxwOxnb^}2?nvk~9btmmDPh(Mgj6#SCYg3K5Gt-jI3Zz*
z@t=wCT*9E42-D0_39D8i<T3~|Oh1EAe>K7-3C3ibg%E2E!h~4}v&{twJ0ujFjWE}Y
znT-&>7U7|U`KHhu1iy6%^XDKeG<PK&kx+Fm!eTRfE<)e+2(Kk9HI?QeWZi(UejdVd
z^FqRT2~FlBtTe0VBaGgN5N`p(YSUl=LcvW4yCtkOu@@rTk<e)&!g{k)!mP~*sTLt@
zH0>54RQw#_goMq;e=)*y34<0Rd|{4CSoH-$t|bUtO}`}w^|v5glCa%mTZ#~CE5d}O
z2s_OM2|FYdTZXX9j9G>dz764_gx#jlaxPzAn<+AT%w3tirql||J~LZpzj-2az*JgE
z(yTj4x_%`|51AJd&P!;r3gH{GdKJRxFA?IcMmTC3tVSrf3t_i}Z%ynq2zMlOT7z)H
z>_qTBX%el)d}rFpoHF}lP8<Jqm^0?6%=aeUddv@|pUhcvTIQU|wgK~_86tDuT#&h7
zf;M7)GGk<ZHrHe>nnIf}m&_EI%jT}k6;o<6=Bk-3bIm-Fxo#?bj`_tbmbqbG$lNqF
zzrfrwt7UE*?=6@+rh&{|vsvbziM<tb-!zwbV0OwpH0`!w9+`bIzZ(DTn8&7@%oB4|
z<~NgW2j;2iC-b{GE%S%TwiENr43YWMT#$Kgg1*GOFk@t1nrkwDnL@iTugnyg*XFLw
z8&m2l*HYiI{LMk!?Tde84SiZzDYr@ZwJVly7=L*m-z?tenq>A~bGgl?uU%PVKjH`c
z_`#{j=jPhiu5sS`ws+d&%Hi!lmER}EJyKuB?$n`GyY5~2;YPGL+fUzj`S@Cy=Go_p
zmF#II>*x6`$DTd<S`T}RWH#0IxvIHpXW71BAJ<ynGeP>{LiW5=-^umz<tyJwwK>en
zC+8swm%jim+tGGeC63plb*J8~yYmY^ylO0->2}?f+dmIMehMzKWyf}b?R(gNG|-JN
z_9jzB6WA3EJK~Dv+EvDE*y|b`!`_#9bi}p7_c-60{KU#9UFYVVyR>V?Z{_iQM}8>Q
zDth-W9Xs}-jxqSEVgl8%i_0q8g9DW9UGcxQw1OvG9bM-escsGJy`qGfy{BAT%%(jq
zUz6&TE2i%~_V9_>yw_FRYVGZ-PPr<2+tpOnw_90lIz#qFGE*<pZI3ItrLDV%_FZS1
zRn768wTE<nYYwN(Yxr7+AK^7URc3rUSiZg&d6QV|8Kr!x#Oc(oll9G%3<FH(J+2h?
zVc&bsmB%-9pqiC5leEud^?2#nryn%!#eUlt{OBs}ig#xyH6ilUX#OHwZIi)AiPE)g
z*S0mg_Oi<Fl&N#SuGaSvEKOyKX}8e8%T($s<LvaQRnf>RXr*`!nN`tG>;|8AjRSai
z$-D9{i<5VSeb`H^FrBZv3j1bTNm<R1x303WyL8q5z0$8T9E)dm<3Id^^{g0Gw!its
zRovSZzIl7`n{+{^FUGfa63^4=@9a~{Q_Afo@*c}CM-N&VS*6=_pWbct8mDTld$j1)
zu45}NdiBZsu4A#^dA--S%!5Culii8Pc9*x^<U9U!b+l`$4iRBay~eAw+uJLinuw(}
zx=q~e$6vbQ`q;8L{g%;ECx$D3f$hcLs4A^enZa*4s}58)C*QgnCX4=bm{HuPp6hre
zb<Ux7(?@k-?JT7w{{8fl?woc#dvMP2$;oRU?bF5RG<QACWIFr$-16PW8y6E9&bPd(
ze!N4x9ZSQ+No-uZZUHfUV)^Fe?N?D<`jb9gx_4;Zy_MJ2BHr5<?sN6>-hMuoPw_9e
zbIN4&{`dczQ+r*dJ~{H#{#BA2vE3%!0iPoJn)REv_D4nklQBzYzUSlF)=(z&dG7cq
zCp$M@F<=%S@cFdZODD>gD4~yD1EVbYt2gUiB+_1?@z45E%On!`yfIJ6B0_J4kvlEp
z#kp;N*p1xv<9<0D$%Q6APA;!MW7?vRqcPCE`%O%@qv;nyeslbM9gP9Z`VCFx9Rm$(
z|Hiw1{-15HShi@DTR*~yY`tAZ2^i4d{Xl12$4@^rtzQAvN56oh0x~psed}lm98Gmz
z<7f#TEh$?5nEEm{pG1h-nSQjdpyQYnO*>8w`Wan)k~@hR%DiqlnxCWTN9yl7n!lsz
zjZzOBErp|{M0@UNDfQ#HDs=$3*|GEhM@vQ6^P|wI94$3kUng;DM@xg&-O<uGT3WP<
zXtA(q(fH?;4hlGa863Ze^oaU_d3`cEVg|xvRVqH2(D-Nli12l+`ib7NqekL#>h%lg
zlN(J*GQ$lCeDXM27Q#0zg*P~$sa3PWEggS-@*=7X+2F1OK6<&1GRzM5CGaWeBvz+<
zXes<WspFTE?I(^_#PQ3;_HUp<7jygq33Ji0KE?GG7VRWAympRz3CA%Hn&$<3B^`~q
zffp}(wLbcJWCerau#>j5qvb`b=xAjeEgxECM=OiQKd=0%e-%fpfTE@eflx=&uNi44
z%s9NNI$C8XaY3{iXzIyT9Y6hHSWQQ(=H#azZ`HdT)VXUon*Ks763uFVy(LIHDGC`#
ztlnMQ(e$@cY0%WW>o^*78|%l%F<y1i_~%su(l}#KeMc*ark50Cz&1kDAua_k6yVcL
zZ{bNupfvpDICjBNtxyKuI$Ae06|gLLJ3Hx)#y_ue;Nxh$5R|q&Tyb{N$MLIxcHPnX
zJAM^afBjuuMj{6~VkN@*V;*UP(X?Y`UtY}|&2!3DK?`%VNc@zy{>Vdr^pOQS+(}!N
zuzuT7J${6vRU@pwaLTIoABm_^>(3(kBkC*|?PxU!>jxrr7U<nXI(=(GN;LKO$&Ozw
z!plLQsc1y&h0<Q_CGeT%XmtpC{$O!Bn)QwkeVKnD$5@{kj$=K-dX1t!GtpGQ&!88Y
zdiN~HuRh^$C#_zNB)<lrpSM<zpX+E13HNri`A*tK>VG2<nPYn`aKy%h2Ra!pbToZK
zeUPIqa<rysgB@+Lqcub8ho-Y-iKB%P?(b+z(Nw_Z(9lXt`!9FI7Kn|U3|BgdTcQo8
z#yVYAIex7O?<K6WKyPVMBejP8j<(j(+MpeDv~`Zw7ENy;EP-8*W?g^6*|?=#_-sK`
zXKn|#9c?EX|Ey#AtCLu7ZPJCQ1N`CmeUGMKN3g1i`N7dT5%yNq`J6>lXJy*%72!fu
zX)Yl0&r4r{)r&+*VlN`7LAclOO5$k0plK)FAgQC>aJ24do;M2KbhI95HP}Zf>@75v
zp(oT-K*#@%Blcpew&QruN!%N)j_v4m-_iP@)pN85X#Df)3-ulCS4Yzr-@wW5Hz#d>
zv{sJaQ%mFc4?t|^IR1{Prs0mmtAnFGM^l<X(A`P=5{-Y>`;U7%n%?H5AX$3#cC@#S
zUnJTfM{}_Qwcrql)LYQhG<wC;r`Vw|!qJkUDa|mLpa37efl2*iI81c3RA|a@1Wa)>
zy=h6okua5j_L0`{8%0>JCM}JPNQbB$j|St2`Os9mF`$>rl*JZs5|1Su)6oi|X+RnW
z2^`JyhNbandZ$l0Y$+%01j5rDt+bss!fPVpd^Yr{h}DiK!8r<39$UrHCKEn^RsmZL
zjiA>QNJpR|wz{KDCEOBC!*dNZ{&`J<R*qK3@tcm8PJel%vAC`y&LFJofrj0BXllZl
zpzDFO`i`F=tm}ca297q1aG0YtMB|^=Y)}C;WH)vE<`6y$`ZUu!R*2UNuD#Al;S=U)
z^9Ucbl&IG>&1d_NqqT7S7O;KT(ONp%Lbf$F)P`1$wuo??Sp3JQwWCEWW}^cqxyJD}
zh-&^Npw|s(DAxOV)e1{NuOiS;+`-Y75pIsAp}3QyEhpRxtvR-fqpcvU_bIf%c5}3q
zglXvrueJnwIN~b8YHDe{(9|-kK}{{Kx1+5gtfrRM2aSJTYe6ro(r19<w~ny#4#y6}
zDtbLAA8C<pj=y%Y0aSYpyF;+5@kR(&3O>WI^4kPz5%~>w{5BKTvDIg!<M%n?yvl@+
z-i)PI{Q`W^G!&0@{I+PYi0O!)S7dEP)A_0KS+B{`>A4MbdP-a9WVoHMI;)24C1~2;
z4p0k9TjuO!Ct<aqwB?TWC1JH-gv1qy{IlL|9!#JI;Wb!g_!a2wYZ|lHIofW*xgBi-
zmVCUv2EENq!}vzWZx3M&L>k67JKA2tx&Z0(h2HU{o$Lc$Y&5oS#gTtr`$01vee@16
z?c@MVbhIxW?I2oLG+hIBIhxK8%?0)O3Qa+sA$198xZi`O{eGjtIvJwI_I*y`BZNOE
zR)=Q4qa7vec>(JIM>~e5AD|tIJ&49X>+SCQ(1sB{;`kjWd=yQeqmFih@G<#mC&wJ|
zB;loqBe35(+INJPIofeYJB4PP3{N=PX*Bf(4bLah6nzGC+@+mz{Jtlw<1Xzqn#LdN
z74kaX8pqFK)!{Tkt#!0JSbw%PK&cPNPt$NU>yMxvYixI;X~*Y5JC>&F2SKk3pdCxo
z^@D7@eo`YZAT*JUPaMae39E-oi;ETmdl6PST4FTq_!6`yLyh;Eh-k-`LBs6~Y;q^R
zD};4Dn1%I2(~hr#t_QPpkOLgYYlzA~pHz-^ov;ppKB*n;7sA$Qh}9hr`B-<nonv}=
zEhe1S(QXp%>S*a4?G~B}xDuOQnvVZ%Pzl#yGa#yjcR(eSmc>bYSMjPkpR8!A@jW<>
zwgH>n@w-pBJ(+C8=5YKT5I%yR2C!U?-$TL?VK{083v|Rsg!Mby8o_cq+OLFFY7IDf
z9PKe-6<PyH5Sj}81XO5gdS@I#>-O98)0iQS_7pw266p9BaKzu)dg#=yAew@Iz*YkL
zuzH!CGJFP_+waE~MN>Y1f~N8Mlyv-_6CUPhrO?z`FQ6%!#sa-;&U!h^OEzv0dkkC7
zN&FY#HE1WX<sI!6VYPxzwF-{*ny^|yr&UEX73K}76{Lkaes2jYt<ILJj;7kQjNm_=
z8r7V{-fSzev|5g%i*21^Ix}jcsU|*b>lBk#*YR_+9p-5Docw&*)~T&Cs3Dq8?HFh}
zwWUSq&366-Vj}9?mN*hkEvH`@&?%-<XbhTmtcN1q>D4y~k3(bAD~{u*jy&G+`vfh}
zY5s|hUtF{-jyB2GBE0nH@an<pwR$}sn_l`$bM082Y>Ja%0=839z~9iOIerPz9yu9K
zceF%kPaJKAqa{XDKT_YB>1dy#t=9UFI*&nA?UEp}Dq(e$*^XmUG!;h2dXD3l%+XZZ
zd5)Hxu#T|~*8(T4A7S+m9h!w`l;6vrunw`brFsV=)_PBdcA^B!oD37jkvk(_TGRiL
zPiAxcywBB$LI_%aeGYp6(68_qo`BX{pTh6(0B*odxCOW24xEJVK+C4bKue{1(b56X
zi<$Pr3RnrNU^QszbRDdZ$@#j0z(&{v<6u1Km%>7z0BHHN5M+c*kQuT-R>%g~LCdLH
zKD`ZhK+C50;67-%^dUTgU*R!4f#2Y1435_y1fId4pmo$2@Dl!lSMVC%fNovA!391L
z1GJpl3;KYTQ5!*HXaY^48H7P|XaOyu6|{yn&{pr*3x{^l9y&lr=medi3v>mo$5w#K
zkRL)oYp(^N5M+bwkP`wS4<v^a5CCZ*J!F7=^oP%&2}ES(KV1;+(KqhH19%9J;8)OZ
z9*l)?FdinrM3@AVVG8_0<J^Foa0_mOE-t#5=rq)YL8qR^^M24D2Eag#*P1G|g4WOm
z+CpQf041Od6b8Kv>o0f(T3USrZ$V4a-rxcsaD(1#sMlNEBfb*nVP&WSKe7EY`~X^t
z4bt_Jr#)WzLF=%;<ManS13f#@vyvB}2P4Nxq*sR>hOICcW<W)#1eHNcuc4r&)oM@+
z>Ofr>4Uz04H#QFhK@Po4Ef=JNl#mKiLt01%N#G>4`A#*0WAH5`L{9{XAwDF4xDX3A
z5x*Jqm&kf&;|f>_t6&Xi{YUS590U=%Kxl-~1wbQ+26zqV8oxDOYkZCa8h<t3YIxOf
zs^L?^rG`fhhZ_Dg+G%vtXr|FigO4>j(Z7<hGtIrc!3W&X&6nf<J&|YO0_Z1KHB4$)
z)G#<7bY0bDRF}<cpjnA#Avr-a4^1>QvCu?96Ng~P3;EzF9awLt)wD`ersr&HvG^r;
zv+d){@xQ{xRk#kf;XLSfGqOQ$2!K?e3BWQ~4l7|5tOiY~218#6hj!2&>cMAF60}6B
zm#*nWY>6N-d<sb-_%9~Jg54aKP&!&sc2*d4&GZI6fzuPWBOF`3RBt{k04=dDh9#h-
z)o|=E7!CtKtDair)T*XdCmU%SKfU|$3N&ID5qiU<FFQGoZH~|aV&fPGK1b7i+CJhB
zz#&M078BOde3hUwQ~}LQG!xOpqdL@pnxILCCK;OHXhx$so2F=*k`>bNFHGPjrMd-L
zp}Y(C;66NnhwuoVz*G1g{(wK>IlO?E@Csgoe$GzUUad}Q@vs_H2Q3h4?XNCqz3(%q
z@8bA3BG4F`L33yct)MN0Lwo21ouMmq1FhR>ovs&XZLTl$hk>AVxxp|5hQde~1!G_=
zXz5K$ZIfY&*6XIhTsoartu)!wt&(nyG`Twun!Ei3nwuSfgK!8A!(Pz5T=Q^EyEV<G
zPF|5P1ct&e=mYgZFXYo}1hsBs*pAQ-uDziEOF7<JS1S#f(5`ZfV{p9pV)b6tV}v(y
zs5Zekd^&>GXtXBN6SQoiWfComv;Zv}X;G*xXw^e28pWXml!QF&Gf4C0U;<j&D2k}%
zO)soBoF#l7w2=H0Tn630kAv|r0d(&^3G~#W7Yu+p&;aznsWMc7P|y>tYET{Y)T$<I
z)A+CZ@cp2BYTX9Uf*CLqG?&snobK5)pWg@jVK<Bc-MMyzPS6Fqf?md`7c>?pZA*62
z3iK<wMX`ElSR6_~NhlS;f2E-el!bCo9`x+4B8;XbGGH@8CTPZXehL->g`o%(hZ0Z{
z0*Ke`k=A;3OLUhs_du)Nx*NI%+hG|jhlmyYHyiX^Wgh5R$_Y3L-+><V41<^u3(m2V
z)vyxg!aVqvTJMBKFcBt$ZlkAxmPKbmZ)i*U){q@?KrTJ63nY*m^dL72WQMY2S{_P)
zR-^qu%i({5md~HTBls0GH(v;+;S5X%JzyFG3rIhU9fuPRhQHtyynr>ZPV@Ek1U7-z
z;PvLs`;dbj{(`*>H#v50Y(uObfnO&>-83`-Uyk!Hq$`YnI>_)3Hkkf!f_$bxb*KR~
zb^Wggx^Ei_*VsV@w$s3;@CkHhM?2U_KjQR*)XVT&4lAHI+j@`tpYRvFg*xb;L4DAD
zp4RVlZx;rmU<8ChRfs6Zf90V9Q~^COECr<@5K=%&ctIgnKyqqalI?=<4TbB4?TPIT
zePASv0#!_}p4H>C{tyNO@Er&qJ6!9vs-4(N4fV+DAY8}kSJ1<xL<~4uqtOGSq@agC
zdak2qF-@Q;w1IY@M=X6{07Swt7!G;@G9L8gVg~sdP=#XX`X7@_6Tmc@ZaSPLQV$D$
zhU0JobRU);YCsog4lO|UVy!^B@c4OZs6!FmVet6<ps~6Gq@Y>Lu=C6$$O0LmJx$i(
zy=Ifv28N;yf#&djv$kZr6|?|P0luX*kHTSyu3yyibPO$PYl&P-+5MnDXrbR)#m1J0
z3Q!R$L1m}{p->g{2&Fpc5lKzA8GPR-Frpwk%|(-Il{zNGg4m!#FcWkbqAQfAO#U2|
z<WP(}wT_%0azSp;+OXDwe`Ft8>b(kDw(S9ZA-k?E?FiI`dhi+4hjbJm6C@y<7_?mb
z3B-d<=$k>ywco>P3b+Q=!a7(F8(<@Bg3a(bd;wcvD{O}yuv6ETFA3~|uizpXUWPre
z7xuv+I0m~xOSQ{jHvFIM*x9ef6zzB!c*YBL(hr;5)7)CuSqoaW`6oZEur36xpz61x
zuEI4q4eFz9Asiyw@n3sTr&WZf*DLer&La6-<7Bu5S{2i3*%9araXCRc)3Lii*Y`TO
zr=v$>Bdo#ZzwNXT$9)hr84N>UC~V*m=*-bNQhT;__Gq;;jIb6ni$XD=lUaQ!`oqQX
z|92hb@BQTc!}Z?^|KT+!hyuRTBG}Lc={6;Q0H4Dbum!YwrB%=GLA8j)4u#>+7__RX
zvt%2@CVUn93*3M^pksXsdji(LDwq$R0_*TbH0QtfN6F}$>Hl9V=@E_|+3W&6lGzPk
z!yecR``lipz-6DH2tB>{4)nxAPbi{m-sn2xKb-;ZpD7)vWJgfv_4NGrIzBhJ^j<x)
zu`YD<+-~p@XRmBDbxzQb?dgCDH>cngXx@*dOG&&xJjVAocnZ7Vb4_sGKjy0uN5Uv*
z24SF#H~vHBAKU5s$NHm(T7%I4K6L*5jQAJF+Iq5ffELh`vqNwgz5!F?vX9?Cb^^}<
z?7?yIg!9rYSwU^@(bNoou&wWOsBJgEMraNmACLW@$x^->20aev(^57*WlLFWu@N`O
zL=#EP&$R}iyPZp*%bU*8??BV?W1vDEg6%L1#zAk;9gqsnwA%Uts;1f5KoyA(aY0wQ
z*boz9fG<3Ad8M#cy>7B&U8Qz`E`?XrYq#hB)rUVi%J{@5p|x17wYc(745~m;C<2v1
zdT~&k^bfU)Xq7;I<)9Rlg)&eYN<s;cUIFAIU!}uFSdJ3pAW=KhwszPJwC<wymvGP`
zqHcL>fb$h;%hY1K4rpzrHq-=ZqAn=T<D)ekg>661rS}~g5TP}chR_n)Kr3kCY=>c+
zK~rb}VbI*M(px*>wvG+M>IPCblDg#Srcyq-!PFeFy=oH%N}$@wDGYXl?ouzpm#_mC
zzy;9ga|X7<YFGhubgw0#wH@7`_29=^e3J7!&h#Nrw4&5n{jq&P>j(W{8cc;LpxeAj
zFcBueco+v`K{v;vVHAvn5ilHv!B7|ikwBALi)Vur9LUB1SPWX6(0$_!XIu4|2eV-o
z%!N5H-?7pc!9tMla##jSVHK=|ZSXm4hK;Zu*1;O+qoS-OumLuKBENtwuodK}cr~^P
z=xO9#gjHB+YJBb7A9jM`q)YRKuRsM<{At(&r$F(G*}t{U;5mZIR2iIv6Ywp34aeXp
z?1#OeO!mPM_y!Kc0XPH)L4GRianR0H0qszlr$x2T2#Ml6`~W|~IXDX*?PtR3Qa^!w
z#3fLs9{Z(>mIGZ=G?Q8n>tHR6gO~XFz$b7OZa{x64qqeC#{|W2=T7wtK^6WwypRmf
z;ZJyGPW(Z4eN6CIcmxmO0o;dsa2M{tZMX$DA&ED)$k-+D8e*{R3vPJp=;|%6;0>tv
z$WQ+2K`#8X9<)M6cdlA8*Rpp)&=Pne_yn|E9vifLu8d+jVfiHhEuY7OxS)2s3>RSx
zZKJ!^exOse9`UI`d1<jx>3d)sK|@yu`+1CNp*xIvhzqe=^iK}DKi7^_n0$~I(trxA
z+G<5RDO@ES6LfB*WLp){n!O*WfLhD{)GU7KlhTy@!zWLK;+4PhQRP%PPXnl;S})K(
z6|V*e09C?Md8Jjk0wEU!Lt4lK*&#Q0;&Kws0a+k3WKyeVAdnt3`_N@piGnCdHb>La
zeGq7e1t0|SLrHwJ_N%pnTA(%Is-UZFMbLUvPDlV3@jnM@5FLfH5C-vdPxk|X??E*`
z1D@KSB1|{7)&x{?-Bx`Kx&>2<>L}@ca5L0}O;8I)f%?@*7y;ElEw7eT>$irQFdUj{
zIyDT`#5!*}V|72*2|7YM(7jh%&>?68It)7Gt*{N?Gti;04dp;fz=c8MeNk)?C<!H?
zI4G_Rl!k~>{8tuKa+O-8jSrQfJX8X8-ip`?P!+0xd=%&L4JE9zN;RtvDy;I-b`4Oo
zt7X+v+LtOxKZ>v%w4|cMEwMT+HT(1wMj0r+DJW56Xb3uORr5xmc-6KEHVkyAluiXu
zx)z|FOZPOt3fMu%KbSy!Q18tI>VP`l>Y;f+JyyL~9W)T+rylI-xXM_Eu?wgmI$SD@
zKK%*zgTBxQx<fbU3caD1683<eph$%Wz`*ym2N50&LtzL+I(9KFumG;ZVzdRIW}X1?
zKpk3z8xQKR<3P=?Rv8QNA;QzK#;`FOltF4x<TRKJ6JZiefvFI{4(DU%!CaUFvtTC7
zfazdhHY@^NdKY4KtzHWoqcpxRpbc0DYhewnhE=c<R={#t21{WHSl46h4%iOcU@L5a
zFW_@f+-~>|4#0lc2YX=;oP;CZ1?<_wH*6e)L!c5K#%iMQE%qoJ10^^PC*ZU-f<~ky
zsQ#u_{u!FVc~C2R`q^;8>VrRmx`ccagBn^#N!xMZ0;tb=bcL1fC%6mo8OP$m6~doj
zeYGHV$%&MB8E(TJxCNTvNWTFM2>*h;4p-qC+ywc{=XZDtN_!vffhYX~!oPtA<tNz3
z@GCsh$@9?Jc#i!GUcjI54E_Lh6?F;4`@u`dgZ3Kx3cRUFckEkG-+u!Gz>Tgr>0VeL
z(CV?a<6yPy7()-+6wo?kOo$8Gfj>4mXh=zhO$whvV(`>75#jpyCd4KI`TAkyBVC6|
zhbITy*&scng-&QGuxX%PYW`ErQeguirL!$f>ynuv17w6ukQK6kR%q0R%VNub)}C^K
z59#`NnbdE5it`pAdw?y4Ee<6?Ple`@ZZ?!7tixCV>xET;m0lH47gm0Xs{)mw66ACI
zq<iA!U(MN`LpsIPbaA_;h(;u+fz=K?t)iW1XLZmM5Z1zdeb56~`=p9Grxx-9wr_nJ
zMl>d_Iob5W>e*^<(89is;9wX813`yei~V}`s;;1Ibq@`1qY3Nem;k9kC(d{nhOVJ)
zD7FgLGqeq1JCtokwg_uz8-*|uJZInt!owjBPI8O|sX&!mg!K$tWAV}CaRT-gR+G;0
zgqL8otx5g+^S&?H)?{2`^LAL{s$gd@kwpL9+4h};?{pGtQZSkDHLN|CcCF?I1YPdz
z5etyDMmG=U!W__IvmSUFm<cmrI!uG9Fa=aU)n^HK>Z7`;PM&(oCZP@F6W!#R<%9?;
zv1ZtEQlofo0<`4rCb2T{%(&&}iT|8<-OqWpWw)Vig+ioD23OHk0L^8WKo95+Tku&6
z6ZELxlfi#$R29V2pgK}J$>0KZ2X;GLC431K=dqd$zh4OzhFV*dUP7E!;;dVq*w~Xq
zeC1?x0(%?|!yz~b2Vg(!gT1f^zJ}dUi}c5^N8t#33*W%|ntX)fJmIRk%4p}O5x)Zs
z;HR)T;Ai*=F2H&C5zfI`_yN9$Gw?gy0)C-9hWpb*HwgX$x8W-A6QwTqr}?iCybS6&
zYIBc$UsEog<ktybvy$>dB$r(7l>GFFGK#0XJ&A8vlCPx8CdkK~(pSkZTWY391fRmM
za2FoJ19*QAwrkM)g-|k2{*MWJI>>K?pE%h2jrV>sTk`ib#-Dg<r=FeJt&qq~ZXTD{
zMB8na?xo}T0{aS7p}*ics3EReHA?46sf^!GB6qpjJBfFb;JbZW&0?;)-LYbO%5vSx
zEy9Pgc!N5FYWap_o{GOEEZwvHVc3PgC(e_HXIsAiQBU%_=M?J>mZBv7TTP>SN~-s3
z>G)a=qSkhr(Nnuv6hjra4`Y4}3Z7ELAxbB{te)c~ghZg*v1_19k)HS217d`tJy$1v
z<v@!InX#E5BV>T|kPgy98b}SPAOKQA3h)O%NDg|8m=u!0r=UlRxhP@|tXA|j!3oCl
zHHQf6`wsfvLmtQtnuK^}IQiJ_2|b__bcFWM4vyd#j%^8H5J15-FVIT9p4jNgO+#n^
zdfut$o^_!rRDkkORs&HP0;Qo8=(1H3`zf{rwjdOTTx=J^hJdD8`LTteC=>xbIFoMy
zkgjdna-cjbVJkvqr~;u-4eF@*Ye99W0X5CTnC|2ewF%aTO6;o<RuxgWiK8n{71FIv
zb8HJx<=R3UXa%jI1E^6{el?WBYLK#^I(GrpRq>q(cZ04vD%}Zar#b?jqcE26Xcz^<
zU<3?@p%4K&Dudw#nI#3!kr{-h9qXtJg#OSE-ajgR*!CQi(mE=hqoJel;So?*?~AU6
zs{;c-t)z@SEtHBKrh_yv1U(W|XdNX_;Z!IUWF-8pHFSAWbBqBwsd=Uoo(5B43QUB_
zFdim3+Y_+zF)$NmKtB$Ve3gD4Y=gOQfjsA6XG0@S4&|ehL?@uh7sDM8u@yxrPM|Eo
zu7l5EBWwVzLoUY72dzD7aa5(%DynBi)st>5K8s)>ECA0Mru=t;(hKD$OS*`6PD>G0
z1ucLs!)p0f+pAzDEQb}a8rFa^m<O|AJ=^aWQU%!zn?MCoo~op$09y!u0n^n9_7b@V
zJS}mMh@J2y>;RQMpQAN&tViF&_IlzOWW2tDU62)a!`E;C_CZ71TnGOfj?-T3e$YO4
zs7v<%?eqv722bW?2rE%B@MON7unN-?)Wg2PzF%PZDPDzFUMjo_CG8j-hi~B|oPvlm
z{C66{aBL1*O6o!>e?U72XW;^z2mV<TD$TOe6TXO`(?qj3`7FUI^Pk}-$7)-5EV{E%
z&y&AeNLm%mQ7aR;f>7x_r>l;`b*vI3C$1(WhJ<J}u<zgTyg|DOIt=mP6=)>;3;P0|
z!=LaBeuqc!5N`Rjwrkjp{2n0OhI?=a?m`K6bRVli=<}5DZ}0>j!>{lMsF`14U&CC&
zx=-s{%FX`_=Sh6GN5pfdai`FnFCn8ut<hb^t_a?g)}?A#AG08lI|V=Lwlk4CuYOzg
zQ6hI6exJ$IOY9EjZFgf5yYqTyG`kbK{Zr;*7xBqtLu(WN^@KC&T;5Id1_lRm&tAkl
zN$jrbUEY-V6!%f4$EWUou~l7$smQWsN)osKr;8{PQ_{#gtHvfccP>U(7r&dFE{Qvx
zw;j*#dNxTyVrwf$hC?yv&UoufPKmK`?oavhhc|IAvrqP@efBn2$Tt539FpOXA;X-?
zn-_IWp2WLpkX@)Rh)GUNtQ+Ol9?14&b`tNUC~AdcCRb8+b<H$SO2OVbexn-<>KWKQ
zJR}LfST}(P?__3WQg;#W^yZhO?i}8^O@d^Uw!8^SM%-vqB^g<iFcI3SW@aaIx8>)Z
zy^|weG5M3z8lRhCY`OR?x*f^g!L9`H&4c9bll&;^E<c=#n_n?0^HH7z6sf_UN51ne
zKg>$~f&zmA3vjP$iusfEEc2Padq~6+8X+!zQ&WHSJbtTZja}Y@Ljv;#vhdQrOAopd
zm!|`Vi!QCcI+&RJfy6PLXx+j(#H+*C6)n}-|ACda)poDRO~)d3m4Q2dUtVC7%e$c6
zs9xQ4GsP!)-(hV!&3}5r<sA|jlrJ!X2G7ftR7HrF?0Lh-<F5{Kib_lbG0HAe)pUyv
zmbmz-6_Zy7X*4nFGUfV}p0jITxp;P(yp(PxF^P!j{oUlnq1Au*KB{mliJ?^@Ge7S>
zx>Ae=F%%O)@u=%|qLL7GH(tvO-7kc_auNkIPeYDF%$Av}11_FvHX<tK<Auvans}sn
zu(8<UBwOp+Z66$%Kbm4kScgUBj;?fe;r?$HA>#d}^Je%}$4(dT$&wc_Qq790s~<5s
zTl^Ldm_1=t9r^;j$!fWew?cN(s0RiXJ<$5j*xI~S!Rmpub|GTaK67Uui%8L}(~eJ^
zD4M%GQ99yXyT(s;xoF-uQ9EkerE4p7pw}g89^DacW?M1VAW@w(pO7ZzyeY>s47;_&
z$&FqT-n>VbKAo9DmKYa%Oy#Smh|x*Tei}N3i<p_|Nb6pSYafV8^j_&cDBKCg19jBT
zH^!LuLs0o~RvN1nqOGfSMtr<|tk&jY{b6&{Kp#)^@mBbFnvYk=J1P5*{)k80hpkiZ
z<2(BJN!hYXmk#Y1O{RUn>_$-ShrYC2p1}N^$Pr$%xzOkYyAylKFI{&wooOATpuC(d
zONr5OoszrZgv?uu6;g8-;PB-O+CYpt(EZ|j7iJl}Qv;B)qvduHqj6!+fmMx;eEyS$
z^?ZS(3d(!biCNxn(x}%R>m;$#1h>;!`6E#b0FhJozwUjdY~*L!QD8m|Gab5U0>Mqv
z!!>CF67^%KFJ6q^!>4oWzCC4!9R2-5iCRtPD<+5(+&}c~+P!s;9$vXBA1>D|uuE#i
z<YR6+Wvtt;V~9FmU<$jFH%gZN;^EOh<gxar8haHWM#VqYZ~n83-y~aY#V~|&M??&L
zHZp(4DHRh3m?y*pGfo$zD?2d_T0I<EJx-5(RvO0oVB@{Wozl1#xsw(ssJ3a|qjQjc
z_p|+(jIKJ9R_hGnfCh$qv_K&<7rB$$X+KhA(su3Lt7p58J-nWUHd?hY&z7dn?(-^b
z2W!6{DSA-ej~D%8Wu=KeQj+}IpLYSXAk6LgEvcyiCUbLla71M$3mQ}WH;znmy7uTM
zF7NC*PJC(;lbD$5ON%DC7;uI@;fZNYjJm{*96g7|-I%snR7_uD(h`%S!o=wTRYG(i
ztR9v(???8-DHcsv_Uz~-*{PF1t5kSZ=@Ui9NA1WrwOxb`KRrD^?seNqQ89)XrJ3_<
z<beg<cYUEIS9PM_Pb@p?=hSAw3AbOwf1XwUy(mAYvD<0&7m0W5`!0Q(sG@v4x4voZ
zuDrTo%`u5?uI=We`RCU7cy^uB+1ag~|HtY9b0c;|6=9$gbA9{H<GnJC4T_2x>%>g=
zYA|PD0`L8b(f;|&B1%U-=Y||RQ>HojUgLheu4|k$e%%HHeD_nH!cjZ=iWttq$jjjc
zGB&!Jl>_2w)BhOVBHl%PysjT<I*R?D!<%PE(bd(e=?8r;zQ$2cqDL7_WCnK<Q=`Az
z9q=LpD^XP9&(KM~2HnUIPOmBu7@R+_kXNFNrfYw<pDRyB^Ei_`S?YpbB{JIA_7u-M
zJzQNS{aD*KgyE=KMpGjrS$0i9mJM-JE03&HyvowwN58h+7^=NGW;Byixcvf#;-Oh~
zvBR;l){gbfR*y%B*Q|`@U<z&-zQA)Ro=5QHT!|c=WXw0GN*}c6f<ZxCL~dp@VJY$W
z3lANICao&{xYFxIcJg8vlt<D`W_n6@_BiP?+2zTX$s9@Pp5r=_(X<M1hq`)aHlGK$
zg9HA`Y|ju==Plp-PX8I{tsJb&_>3$wQ@Q;@R%Ws1iAQ4AFy-%b+VA#eHj!Ur`YvKr
zky^!1<p@ZXXk}E)=`5z2(%!^FBlv=pdA|JqZp(&I9xsW}V3VixoMzi&BydH=#LH^t
zkv1R$w=7I5Blmkfs*w4vt7Mc%fvo0~a<Alg{5-5p`JkCU?ThkgLX2`>vU+g)N3k-U
ziHhl()uc{M+L3r@7I1oT!c+&d-mM<xG2h8Gd*ZBly~q8sI4WjyR@0HR0pB<tEt0*8
zoght;XHgzMXElqI`$Ifb@0=Zy$9#IAefcO4S2nw3quuMmn<XmTH!3D+HuFenbKs$R
zPb=~uL;DGHMn`#+AVytl-_0qjK22WX&#0K1*-X(il&rOrd#psobL{Y*emu&fZ#L5v
z57*T^Chb0Vk{If@5A&F1Y3K@$X7XfoyIpo?_H!)>G8?jzU}uminU;Rim;<f`3#-)f
zlk{Wi{zO0FmPwcC9>Hc}T6W$muU+YDZ%%B;nlGL`l@8Wb*!D=~&f{h0mMnEXuQ<#P
zQj%Y$Ln~@$N!i|Qp9MPgGUYP~)3Il#Bms-K0%}s7X~mV~apv?|iD#ZbCPl1n<u^5g
z@Z6o>^i9WY;gJxNu%bJu*_X~;AYgR?`--t(<gPNSUdLZy-OF)1%d@QlCP{kS_ZKh~
z)4M|hVlktL%?|2@J$U<aa`R{GAeh@;3Vx`d*_56gR4-(XDMdhG^M>t^7KQDR*<C-l
z&WRXn4v~UWPARq!qr9@`uK4PCqa?ps)v`_}_7<9fW{P%i%<x#xu!g30$0%)H<|)yS
zI(fONbw-^S@;X_>EXYXS4{4Ny?EQZG0V87<4q0gJJy>n^w_|J%YDr=!!p<ht<zx|U
zXW%VK_cOZvU2}_?%Lix<j!@c6?!IwS6tm}~o}zGjo5!=GQ<)eHv*4h)U4`o%%VpoU
zeWzU>x!FbV3yHpd@`%1JigAh>lAqjlKHR@EXHM<h2SUl+S<k3IjLtu=HeVlnIJw(J
zE5^EUYFx~W&rC}Vz=JDTWWIqDX8ktsb4{8V`9m}zEpGPW5t6t#PcM}F+Sbb#oLRWd
z_D~1){EBv$S>GiXJUY}6lP@q>ljowv&8frgU{f-SJ4Hy@685cA-l;A7@0-7fd;9_@
zn#0$?>J-0Uq<QnB!PR1uK@fBK0(re!l`xaD(8AqHm^E4GaB6Y3Lq6PPLhql+Lme&p
z22?Q%mNq$c27AsYx>uOCouidjJ|9p0_wzrQJD=Bo_L_HjnXB0tIym%sve`SRmYp_^
z{uIwkSGS9lBrT^|p5tZhqgX1*+IA^6)*C=$I7iXxN-;RwJ-yx9Q9y_C_E?l^O6ATi
z7ftIEb#?EUai;eCpO;wA<=?5iU0^m;P*+3+Q)90?iP@B$TG-8$%$+OGN91u8%_&la
ztgL7~Ns6o$=o<8Ut<BEuG}qps15Qk$z@F6y{&>?~K+#n>=t@PCItOXpmH37VM=zwl
zUzHuj6KFEwT(@&LF)tFGnbo^y7u`16F+sH|nU16l=#K}N{m4`ICk$BjbOy^x9*+f;
z%%U9b>;XIQQ2)xvs$p#G0KXzH+l{KzCZYF^O51PcaM$+^_;4nc#5-nXyT51Rx8nEE
zC_$CY<CShdGd`C)g{L0|^u$R$ILFzg-A{M;oTW4NZ4H%`tC)+q=&_$wF$n{yVfQL_
z>ui1d;I}v_j%9Lt=L^hRNTc>dV$zUD%{h-Am0WcCO;pVKDyFH@9>qhaUW}e+T6H}6
zl*xf7?QJLR7n$5m^4uBmX;e&%P_vG-0hvOrRqe=elU~o;o*~h_D31!E=BjdUkB4%<
zRVq`gKgyIn809gV7`1GZqut7ttvrZngJ-|%LQP<9(jLb{!$zhy!<!EK`PXlvJRUk}
zrw$2dFu3<0S)*bSRW$=i8<4xIwZa@(B4*7t-A5m773EQ}s@bI6TjQbG+|ViuJKSF#
zCp5|<f*77!Mkcs^Iw<F>Z(l{l%&ltP<fh%{*ENqLIc(0{(G|a***nA?>Ddn0&B&IB
z9EN|Ie)OipC+@!MHF;9hGmH9>a$G%AvM|<jRkd??m!p{%<W3P#@-w>w?2o8+t;>~N
zy7ko!HJARXpP7;s+{w(HAa_7O4=%I1y1z)&y2G1%Cv@Mf5ssrzKS>+xKJ0o`-`ojy
zr+v5Aqy8piUgoD68k)U%DTOmnXNU+2ihi1|)kS-nu7M=KSJK9I4IiYqb!KOSlV7q=
z#$;XaGdDJ+^SMvD@-;Sz^D~zzgQw1mpc2b64IGvzg;fb_0XVd=3Cquvs8M6HAwQ*P
z-PpXThwakX3?7c9bg!iMZETW-FjF6i9>TV1Y-VYDY2%p%+*<;Qa_!I#9v>Xkb>5H1
ztp!;w@iY?|oGQQ$ZZ|fm3v$TcQWTv~)9ao8X351qYguyVTB3%E+r%Ch1NP0>RC#)m
z16qt{(UhpvO-x792IRs+Q?jfbA6Kf7Jy{zot#yi(ZDJPT;rgtJ`LdupxW*_vbsaWM
z$92h2<M{L>-kng?)n;IIrHpLWcv8%zr!rYf{z1xQjg#hE|AHx>pAXDv#pG2Tb~G_X
z3$g!$c*G%X+dh$HV;73s*7C4sK_{D-u7&87KQ=MTWUn<b=VhIPYcdvQOtJf0n}BFm
zshlz8OjDDm3`5XQh27hnv`Nj%BJNbKVqs=-H7Zy>%v>!(ulf77pV?5<ozFEi%-kqS
zTTcixm*qSw%!C%>l*rk_oGeCZ3b!z>;>71{ZE6&!K80DWQ+<YQYW-dILe(`}(TXqg
z$g-`?@ZxlwpWE1{;q#Mmvd^xz?HnFDtQ@UB+n5LB;fmeX#3(`DsoI*tCETGQ!ENn(
zq(&*KjoY^FMln)^*qyQ>F>3h)!)9CziZwjI$%}blleXro5_DG@XnaX*cv}-$nP%u&
z%3aMhu&p^*%6-S>Io%GHcGpnb(5w7hc7wGE8A09&$@{C%eml{sW!tt+O(^FKV$?HR
zC0X~$w$QR~h~W%V4HmRD$IH+fYucI=Whwbc=X6Sbp+x$5>yl}WP1j{kCqqnJ@|Zg?
zr|-=Je_pe457IK<{<dZwX<f(LntNs4O<iZ(n#$!k$*;9F9m`QZ>-0!s=9F_+j`J%e
zQO|$X);ual+m;Tu?~K+Ye>U;Y^t;AbxmssJ-EdR1JjbU{JG)j->R+jR@a=&Gc(9bG
zv8Pfy)3rQ#ydqB>!NV8ZteDpAu;zV?O`4Y{YHz+)9_iZKd9*EDyxI>vURA_H>#KMK
zwKu<&r|fpahPr07H4`hi+XT$*VBdbMZ2fRb*$XclkU~%D*sFcJ!2sFOWUolSvQzk*
zLlxas+1Q?>k~_rP6|0~LtIpADRhd5T9LkW752Jr}u@6wZMBc-DBp<Sc-EsX_0X;|j
zMrC)1Cs*w=qzX0HU%;s~Hyl`Ud1;9U8>~`V_Z{)Nn&EhOj)6H<g>pEBk}bZ<?Z*T^
zO{jZ_ay!+O8>sD}?(cO@jjzf<v(GU<^L17CsSi)IfT3abT~^iEUl;f#&Up6gOy0cy
ze%AS!gw^T2p8eV##m`Kw?oRAV+{>(}?ylpi*UP-3r2<;_vIp`Tmuh~~?qMojW7J1!
zg5JGMo*LA4C?4v8#oC@~HE>k>jPkHssYGuxxCVJt?ro2a>$(JO>G-In`iibo^z-Ju
zXV#=vD|?&cIJ)dClls1k2^rAWJ_2>We~__%mxMat>LNINP0T0kwp#A}OZ<-=(0aPA
zFvO5cHRWn$o-_?g%zpL(Y0)iXv67!8D5xUZ9j#tJGY{W@<9H+_xBh#QTuqWF=?lk$
zv={rCQ#Glk^;RZ4`rcVOJ<Xe^d80f$Q{((hrlaQb`Mf?dKO@hd2AGbuDB;}!W@Ih8
z!|MU&%UbTTT!&}Y<_xtjd`Wq=q}$)rsLeb$=0NkRw>yU!Qrn%*m1Ll)+{fMA_||cs
zb?qBuF4my}o;N_1o6>4mza9m23$O9gu0X=NbSvv2Zn89-D;Xl}Gc)Ux%fI$W{&+jS
zdQ8eO%@tvq;u}&J4~<Ocs+C`Pf6}#lcsNI_3^6*|-^RL|xpK8*$D^8|dW2b5m&!DX
zFjvXL)h5Ectjjr^W2mWE58b(Zo9XrJKEFxV@;gJ#vG*cFo({Dyj(&IE1Xh{U>oD0n
z$J=|DeUZ#j_3rh-n|?UzrgO9K%^G9MVJ7r5nxFt4{uC|k!N)%5gUZ#6@~AP)MB)+B
z!O3H2{HLofT|e_>l*b5SG!MQ~xLQb^CuO=s#Vi|UPActwJT%+PUFTAv(?6Fk73J{@
zF=>fu@cF$l%@XVy5f$Sz+yvC8Wa)?7Ylpv-nK<Uq$*MD=JW32VHR{tyW5<{Uc!taz
zV>fTgbU(kSn!5gssD@ucj8<L-#C=;Vb@d%Oz|Q1k^BD6$d)bFaB0Mhm=M9Pzdr}2F
zoYCsc7?ZXE9yjpNy~vTy>EfUMew$W1oeK{8uhW2Do_&HnSL~hc#Gvsv(>#pwDAU+1
z!NXN<f;lJ8YItgpYkVl@9sfaDs^O{OoetM$qB+@(V>@c1Dc%sfx`3(Q(Cz@^Wf^yL
z>_Y-rp3w!O*wek6k0s1+FZfzR%g2{=woNke8_{0uqj4i@)Mv8YUZY}WTTpfB=UR_a
zoeS|jp~+@49<D1>%o<XJ)SPOM7n3qC9yn$}%`cO9XSdg<y&4mv30e9Y$$x+SwX11V
zO#7)OXJhi{J9T^c#<Y0AKV8dBt0v43oU6YHZR#HC4B^49Y156n8Ev+Bx?S3@j{ea4
zTH8D&tkPO1>H6uWD^HGGUrje1n^CVLc&crx%ous`g!fr3YB?w1ndxScJf`8HQt!%M
zxOl4KRkXaMWiQ&_lb7EN^N78=3P+fW&B?p#3{zD5a2CH@9>4uF%-Aq4u4iUAIi9)I
zVpWeVqpZ?dM>OM16IVH;Go~R=v^*)zissyf447p%Y{AOM9tF=$(U)XS$Mo!Y<Sg?{
z$v)gM1!&rWY%9(-eOs{hS7)}}J-;ndzK9vHygI9d&IODDT*WiwKZ`in>Ehv}RdX!K
zd#>8T<u3}5R^uPzgPk_1Dbv!OD&<hVN)#Kny(u!q*wrlTs@1O6LS%lEd#yWJntc3W
z1wOj6j7ZqHW5?m%^Q?9VQpcP**KBI(_Di_}4=uK@iF@wN+cIZ0JUWA|J;>?;#xVG%
zC2Rg>o;_}{95r|?!*D*cc`aXmvA+f5S~}lEw&G}Rnr~l!R`q++CGVn?j4qr_>@$z9
zW|Mp2QG0>y@%-h0@cs3tFL!wtMbRxs^WNq`Ydre0ttM#I;K2R`2^O(h(Go?|+5vsd
zW#uu4ZJo10ah}}IUOovudL&8`l&|}m8p@-$b1{G2(R)+Z^kucO>@21_d(pLe0iGeV
z7utJka5$vay~;1_XW-Tpu>_ZUwcmqQ4eMSiy0<KO6k?LbWYx|i*tK+#N!y0=Vd*0K
zXbd}7FY_<G$|kZ~T7CGJMW%BbTKXX#%BywH1ra~5dRu^Y(Q+^z`OV@sw4>de0Wp`_
z^%$5h*NyO!g*+2v{8BD8kF~ErJk(m}iiGEj+3gvfi(^(uYmDWVn&NHgo+Ups-LW6*
z(2Ob7mzuq8>9EesDWC~?>SFldd5cTUK8>Y*;GBc2mzntC<Z0hw`zi0MU7}K&iQ(?V
zu`VpPFFK}cNq5q8)-?7G*FV)a{KddXcZsbU!<|#WtT30u$zjzB^E{lp+p8-~SUc`L
zPOLJO+q0*HtIgo{ZoedLR@-HI5ikALq$L+Uc6rxZZPv7BTJdPLIgW?x@EUVVDW<PA
zDLS~D##y!2?#+~SXb0;5Srz*luq#Qj#7!p69;)>XzADA3)V+#1)q!Il-Kvr85#4H$
z9do;iN!^jOF+%N17koURdi;c=PDkY)-D;7YwtcASNZNpPq}7$SK$i6dga10kqa07k
z9)_Al$~{q4dp)Vn<voi>{XQf`lt*+cK6dV`_&ieD=+<>?kGbTUiv5o6J~zvy(Usyw
z<+^gSDcXs)+`ZX!?L;1jH`@yZGZRLZ%G+c^Iffy9GbA{VSEkSHBRl-<)&+n0CGBkW
zKWn^Z{{1y+KX}UH=UV@TiQAc4XPjxLO!sr{rdgV%yKVI{4GrqsCGmK7|Jk*(J4qZ*
zuZpJY>9T8n>g-PZ&dHO*l`STr`sc$fX7VZQvn{4<7kAk>Z@1WIjeQnz!{5c7^gj}N
zI=APh=x@c~c~f9la&-0-aA%t{qaWEke*0}-40GCn-sNOt4xeU%_+*>eq-0K>?z~>k
zNoSopabA;)&Som<*NsuuQ)&MlCbS#JBiBw7$s8o4@J@TgTeA6WoWJ^?s}j}f6^Kbl
z4k^?7EUdXG-_59)kIY{JT63$dYx4b02j|wmUGrN~=#GOc#*8ecMtAlW?c-VNHa*(M
zvsMg`XBQ}Kw2x;kk7ysyS}{DHeL&jiAJ1AIJf2P4gWRKiJZpJG`*_xh;qh!|rH%IS
ztmP5y<5??)$FpCNHu}f2mIse#A1n80AHrH5(LQ{&VoGE)#e0&rW;SO&`z$iez-4u(
zS&vvPk7yshS}{C)9Z%YTpHti8Wb7_Q58tafhc9$6b_a(rCmg=d?8U?N!#?v<Po^b5
z?6;5mu0ngtHt)7e&-FDIqsLy}Z%X%K#Jr7%W)(q2XTNcsn9kqxduD6S)jQ<M6x(B8
z;v#=E3!SRI!^~TgtH-3(i0}K;U*$S&I>A>~tzJd$o~!o9ugRV}UG67y_NK(#PnPdZ
z@8^E9e{W{V@7+kIa_%8Ro!iGbTG6`IhYJadz18}<=LB3nWM9xb9jl(K>MxORqo%<h
z+`$EGK5U;<uXgPmHO{|R!>C6-&T@4?^Ka~%rA`a47uq;(#%?Ob{7GMh@GNjUOXLAV
z@ytr~&nyX9@T}#jz;~WOp2c%d3Z68U96%+V#pwTAUm9`o#gFs-X+%$51|G2=L<Dyz
z(yY<=blhS%Rne2)|5qh?Hoz{?qLEnV3n$xq4|Es&AD$k$7^dC~;<PD1gD0lV+wCm6
zDqoCFx2)5KIXi!5;KbaX+4Hx>C7$hyis6(C9n5Ldms3t@Lqd;lTRe43|0s`_Sxh7z
zA<+&fR_@WB>Q+qaZ04lWMmvC79;dU|r@G(EmqE3Tg|v>^Z-%TUAcB%bJH%OO=VvuF
z@Cb?ayCRlHv_p**!?!sWC~dUEv*i)(_e-ppU0KWnl`I~unv6D!m%QxV1si(vpo)>m
z@?eNf%Y&kj&5lRMuqAKLP1(ux-{X;#_Ey^9M1$&G`?6MxsF;xq&!i1lf688~o%i{;
z@j-EY6S4B|d>O>^@aV%c$vO8zK7N*d{H*kx6(3KF2fZ|f89#)R)w65+`PCekb29(K
z6EIH-r;uhx4tL^=|MU>m?iVS(H_wMgowd#*H>&_)!zc(}OX)w%oxS*f&uNs8J+=6v
zZ0anl&P3=I$oV$zqWtDMc|`R2-X635^O3G6rhDt=Eqih)nSA^FW&g<srziCG#ANce
z%Nu8A{?P+-wW?|j_j(NPRrLq^IIeyA=aM{Ue?4NwSkt^NOgwaXsnPR7(YQZ{nsLM3
zJ>IqKUl~n`5mY?v2UBeX6?L9WyPAJvhK_J&{})a7|7aKsn8o8<J%`Nls8&FlYbTak
z4a;>jkG?zf{=nuL;`w4!9<TOi&6}_J(qFLG$G^?j=d9WEHQyPiF^aX)`DabNQA`OB
zowaYgKl06ikI43eFh3J#G?P%z2}JKLIhyOK=ThYKQL}fnJ8_2p-lK|`l;iovj``6f
z9K#V>^`pr?h5~;1qdf!hJ#U(#honDm-@BZ=dv^VZC4Wq??lN?P>Q&N-3141s+msqB
zx<<t`J#W^LHee7Qx-*)xbJ|xYdQ^xR<uU)fxvJcE<B<-Jvvubm3$J>Q^;7PhtlTd<
zF|*^<^WRtTY2v7ux93gZSkk7uz@jl}?}qx;c<9}JZ<I$_C+298L1B4%jjA0L)AoWH
zIF^2y|B~6HJW5@%*Du>GT@rss;>6q;S*I1t(KU$COuS6OPDQWY8J32aJlvUce-n1e
zydiBsPdt+1k@U=soG-uYr*%ulN3HVNxm!;RN?kIc<7nO*mrR>+94r!V8Ru@}ZMS|v
zrpk6}58lzM$B}|(`4bYBeOQ;^5Bsi|8skYgV3uh=o)WVry@2hIu~+SZpg@CmZJsO+
z40OLsv6vV?%F{ah!o4v!F8>e}v-7HXK-z#ac<7OCgu7OT=Tk;=m+RTvgR3U(1agmg
z%|09E5B4hEWXYoTQ6A}u2_Wr;+$|5B9o@+*DyH}~(^+X7;i3D{!DGI@abw5xeo-EM
ziBUiB&vmBusxRlV!tL4boSUZUQfj&Grinj~+rUQ?Si9SE)4sZ_tFWc)oh+X)=HRYx
z<a?dHY2q%y{r*i8HXrM{WlCy0#Vr#y8JqW(nM^hT)o<Ci^Xsej9P>E;H<#=jXjQMy
zx6Iy&cuu-yE-rC5&A1iMK#KOCqoyaO>TT0_5-B>}HVJ3)IArTB6Mum_IF2XY(cf)5
zRr#<?u61`zo+;#W{Epc$`CskXPVsJ!o;}N6p5kuvFUsz;hl!l(&iSr@PGgxc<1YX2
z^Kj}PY_3jr=M3;vKDuW6d-He>jonOk@_(_{@CT;pOj@h=1M~HCj_9}tcAxMcQNK(o
z-=;rsvN=mop1!d7fr&c<&z*ScG<daR%Ib5OI?T0Z#=0-^@)X5sm3K$ve=ORE2iz`d
z*>~;x=%HCRlRxLoXs*n3`v(+yWIq5|T|L$5c~j5mmX5zT)Id`CkqI=^(PRI|1M^`y
z{>S7WoO-TL9-EW1D2=B*KWr`Mj4A$4hu%Jy+B~*z9=}cTIAa%9XRI3YT#P@L{rl<e
z>h{>2U(BuQ|9r*=3}+wy9OeFX+r*sGED?Vp;w-s)j&i_!JT%zd9-FeUceBh%Z4Zqi
z+aH_9bEv6jv^ayOhPIVkTb4W!|0I83q`Wj*JbG-3&&AVo?mDA~89Vo1ojM;@*J;}S
zqr!jKd7Z=Z&u1jVMcR)YSPc#-{^eQi8G_#R^$$CV-B9*f{x5pU%irva*}=Ja4m}?l
zE0c9r>#NINiJqEj3+Wk|pW2t<0=r{w-xW~(8>=trFGIaTo|<_JSqv<N2S+t>>r-=Y
zA>Sw|_0&{e#Ff^zX<dtdH(xG#&ySpAEp|8cwdTI2>LPclfd9F}y8hdR=-+p-|NVmW
zkzVz&i=i`c|1X!k4~Bq%7SHU<={H{$YxTqCaK6;U1X&}Pm*>QIe+bR+-$#g1CStj}
zoO;vY<?eHyCl{`GUAOO8p(mRE_PeLnV_SW9Mp@`<Dtfe0e-+auzGOO{?SSaMWSZYv
z;GS5;?8PHwJr5Ri_MZ#h^>)H<pLuJtXnREW*uakAu|fRRq>b*ef$b69V*@*eFPSzb
zZ9sHiGPOPU!uVw69^Hcl+atO!nc6XzpPS1{8{H!Z+atP14t5NW9CEIqWYK-e)b@y|
zYQp3Z-J=KF<JEIBeT_Rf<bk)hwIZ{z+s#MM%RYRSP}l2%8dRhCVw1k3#Rb~)ATyfB
zq57*%PIBvUXx@P6pM`26)qb9tJ+|lhru`t!^FY(JX}-C&)*b9K-0f|eY;z}1wS*rQ
z(`Dq^=%0ITu68UI!%IH9Fsw3}>g)JR&u?+j0(&yw2C1s08g^8Fy`SH@exD^qw~ocC
zb?ujG#QvfrwjPfL<$Fxx`6Ny?YN9=S?a4X!ry_OzDqF)B4Z)(OueUk9&Rxa%28_wO
z-d#Xn{_42i?UyQ(uebgEx!D=Nt~zby?<C`I57c@=BwM`R-8xlST=dNg|07dkUmCG#
zEiPJMVPLF{ONI^ZAim--b0>4^&Kuk*d|D!|KjsdM!CBjp@E#m|`Ve@kzz70aHoAjS
zu5otU`9-1URomA}Nv>)ScAVer`^xR_vklK{$K1(%4iPxL)1BP@LX)4*cWhtUNJPyT
z-sVs8O4TTa-L^YQE<9Pq>#IMUx>LfQxRl%E4k|DhmxNTJ@6JC8_!h3DN@!NcktP?b
z)xS6zF|~Btb-FU>CV*a|#OpV?lLvg<g>P3}-Q*5Vb%Gxh)GBtpn%`Dyo^XpU9{OtK
z|JT~JM@Ly)@$BaNLdq)%c_*6}Av_YkWH(_$5+Hyas|ZD?1hnM<$!39tWOuW>0Rv)!
z6$NQIa0ISesiLQ#sMG{-BLo4F_ag)ZL{KP}`U(nGTMMH7-S4rFBplmwnm_V=GjnI=
z-aGfs%r|rIU9jMT?mEhA6vl-f@1di`jX-;PPaRRCP#+rJOGk-K7#Nx2I9k*sq$u$t
z5>u8S5G6NQJt(ze^O_1=*Q#gkAx*t?)Y=4A4vx@K^$s+sj#Lbpw&Heb7Xmc$ZX`aE
zCT_(D174<Y-iS5JYEEBd)Ns(xsBue6w+bdhm$qc`v<pMTQ(Lh(-a!Vyq}@@Jz75mi
z`6w#chQ;t^G%eePJ*iAn47F|(p44BAp$E5Xd5MP45LYi67~cOz+k$K763xJf1qzKV
zkEK1^g@mD9Tr8``Z3zez$Y()c_DoOg@mLl|LSV*#8s<X8Tf(5Me*%P+#p<rI*>MW>
z_T+{|e~EnM`$*lqcpd)^X@jPehAx%T#Do7~Jgs^Qn0$pQaj3GOZ1?81-CAEqf2tKH
zY#C(DNer9XFL~hnHF61#`1A35COWzVoiFUH(8am1S_ZO_sN4t5y2sBen>psOrE0S{
z?C6_7gS|pRsHWKZyabww4D~8KR)EM(pyfM-0y^MDgqL;nS1+QGsQMfVeI`@0Diq_I
ze^z~uH*4yfAF64q8A=+G1?;9I-P@LSV=E>isDymu^FM2?Nfvi;hhX)|s{tb=kN>Az
z>Q+y^Qu8k~kJDfte^q8fSu%I-5XKc=f)4Q9Gb;AdGbOvj;kTrHjOBrYF(~==!_3$X
zuYSU|M5_JO{3IH_6AZ(IG-W5GPUhAh|9c^9G0@5upS0?YrF5|cD^X_`s<#k1l+8)@
zrBLK9K%79DkzJghoAz#WD7&xn?gdkt=B)Nn3QgYyB~jB8?`$I3xwpb}rME5}wlH-T
z7AX!}>>dS|t=xC8H&OdB+}UMIxlM`_%puAlVnX5iGs@|1|Ma+_X^)iQM1xlZ-U#3M
z08%-m%+}XtQ1))Y9@BYOwLODg-;GZL#iOS|b#sz$v)~98mns?W>?g-Qc6+eX=-LZ!
z2tN0^_Mqd196omKsCx(RKd!5ouWH`aF=4EqBm2>#`yoOwXWjEIp5_s>Y%fk^l19*p
zy+VoXptuKEo8Y&qEW5#8j%+RRU0*6i-NLv`WjZ<%cQdwo#Eml=KaC+Kl<+ZD$=fR?
z--@klQcBo;WJ2b;1L#&kElx18T`dq9uldV`$v}#$xBRa8!$FJ8stqnV_rdG&#4zPd
z;J)oYUH*95<ua{zGt<3lpPxoUQkJqp?yebdp}qdT7zL8AX*B6oJ>{t9dqQeQH%u5%
z&3q4ho&&3QR?C$en#yi3Zsq=X>cGT?rDV-}*spbAjLe2e;Nz4!<)XRm!ObVfe*3~z
z<?9%$xJrJIiHLDO<Xa=Vt1(mguZQd5F^r{Q{Xk_L9FIPI_xVlP?5YO24&b&*9{8DW
zR2=VoK7|^;Wnoa9GGpNEY7XgBO3!1YIw=?$2j_SnrMh8u6nMDwEzY4gk75AU=g`H&
zcy7<3s)Kl*&!LBpz;UzrAdcYGLf;xMVwTh@Xn>Os2}7{nE<c2I;M!nnIEI<;>>*S}
z-`^YpoBHHZ|HF8~hV?gxVd;4HACwD~Ef;sTXSfHm&yl*ks!gYy&(X>D!1{|%Jo3!)
z0$A$|Ra~Y*uw+scwq^Ro3i^gu^Assw?cKM}*4MPm4|*VvrXTSWr0on%+SbnG!*=jd
zVMsDoW!V?b-BR}27JY;g*+X6}C(xp!IN!=NDl_1p=C??;Q=&^ALENb$mUP#wq#w|(
zkFP2^RKl!L_%vQ$WTF$tu)+D!r0gs1c1=#(_~5X|{CD~_`D8ebA?`S*v2~`r2`|{5
zPZPU_$cF6lpA!6IydIZT?Z;trux<!VKJhcok@VaN!OmAO-CHqqxN<3N#RPD#nSRet
z%^>OPRv}OS+d@h|iD~H$)=Y-Og*w?X`hhRw3a8ZBz60afZ3LpE+Bx;p?40@yRhF=Q
z=kGT~^>($&kZh*mv$fhglz!P3U~%++wQCxo*)_ecQ>Lx<oX9KZr+=r|pvoV0`-_x;
zy1YMR$*-O*UZvMHBZrq^#e$WdJ_Vnw<YH<%1-2Cx)8FwdybCd=dE5BPQcvvQ#)p3m
zy4a2q92kcZwi+Gzy)$P=w`&kzEZRJOhdfkF6Ha5&uPCN9r-fzu7mF$NeTd5EsKK9U
zS4Lj>w0Z1Co=Esp!jvCkETO9RAu8`;5@d+KweLvUlYYBRZd3m7JXk_60-}EXFr|$-
z?kzvvjCjq4OKa9Z^tuTpjL%7P%;bkIe%p=17qL-ge#mW<q@!fS;jD9GURZ4rbQQp)
zCvsATD=K*6%CH%~bM61cUs8e+w(D<hOB!!k;+mnB;O3~|Ar$dxM93K1vq|P9a1zy;
zt3?T{gBlu3^^-mu8~UQZ<mFOwo`LisbizAlKxmhN7_bfVg<0rj3~AtBeZ^mToJbk_
zLZfNmSz)j#6t~PgAO}M$H>b5sHKbvq$LoeZXX%V}n|ihvs2jhC^UpkaYu(XZchT~*
zLR#OIvlR1-X<4a{H$5`x`wmybmsZZABWHzF{n|zJ1)hD@E>iZ78~?np;oO0*zk&s8
z(m5eD|5aG7vi;mk=e9>So;EzX2WkG?T7BW|=M2v;k2#7of1+G_Exb=n_0?M+zf5yc
zPivQ-o6iZQ1N1n2;1PJd$b3xqaPJ={#wo-;F*Qsky8H0jqSAB|t?DHtdIx?WT+m03
zTHtWabGRj&-I8Z_R9flzt3rY|`GRmf!rY-KPm&>|p}B>{*hqS2FSNNFcFB$KRyK#-
zSyk&Qud*$qNjlMxTH^+Eja!14u_OW3ZL73OmO15iyS0i&-y<6812O;{ST6B7v|P*T
zmaHz9!{v5V%(YrPK-2BSGYGiK<_^xNE_Vh2EU=c(L*5*Z$LTJ~%X3+0qlSwn-Xr!J
z8-RqQ!gWMO%?46@%?VO0<yBQug`?J9Iorx8d0aq?GRnl1%%FbJXUDdXMSBN{S^a|P
z0a$PbbD)4`{zJ^D59q^Y0bo!XaQwmPL&|2al**mXsyb<owaRIAVQ{2M>nxkyDmh&a
zWO(Y3qxMzqaa6l!)!Ho{jGt72y4*J4JPyRlliYRH6^^P1cXhdEjz*=;LMEeVNDt2A
z!4A%$>n&n`+AN8Qv@<j;nZA_7yAu43as_`%2JXSZ?3g?}Xu|_yR*nxDm1r3;c@$*f
zs|5e8E(KlMkS(U92GNB|!IaYIZsNdrRh*PkMYNcQw7N{pNDgcg5P?Z~)W~>A6eO8b
z!CVHgA{3qYPsY!MtO1=zK|!Fy(D*xvR^-dqE(;r7pDJc$1xXl-K43cK(W+0ytawc&
ztpM@8OGOlQRml7W!geAX|7F++j_-*yKO_Y9q#I_4UZ8%XFfa+t=2H>~-Y8F<)9TJc
za6I*mrxEp4iS(x?)KGYGD+{a@7FV6q;}`{XuC20_yYhTlK0T#{?Lu@#X8@q$1IFO-
zdIUV2^F3}k_?*AY;&5609dN`u$!(cqtuFUx&UHKN^v+c=v%jw&&Qjr+BmNZnGEw7A
zu`gZUC>HedRS0Mp6#`OHJ{jA@%y=JaDE7TeCOUac%#2b3@u?N(x}^eIr3=f9QX}cf
zHDt0V^17In8B82XgEN3)(OMHQoR==9>5O#$7eXerOc&pvnFcZ3rUWBIEp;p;Y%S!^
zY5zFZxYgmRa8%Yw&T>p4E;R>l^R1HGQ|_@@g2xn#fWJrr+vQb2?sJmTXD0}jHVuo8
zwXKX-G0tE8Xt}NSO0`e=Xn;6?+wMlg2a4&m&Ln2gsDF#$sdk<~7*fLKg+CGe^{Z{w
zKAgHy_zz-ycc_%jVv``gWHgE?RJuYOEjJqhU`CH0^5hWpvY1JudWd3=fOU;bZQ!$v
z#<T%qMqE)qZ!E&fOhb*gP<O&0F_qpQ31k^QFMze^CLqNU7EHIrVYgHLn_?P8UJ=3)
zIEnQSwbVBW)@r#0MKszV_K#N7O)lgJo8W?(*O0z)T_(C`7}$ahB{jZ;T&AcVdW#D9
zFY(v9qDm^G%PkhG)1%3Q(zuqIXRVv<vN=^qnci|Y#?hnZaDx^{wG;D+ngfJAR=Y>4
zw7HRM<247>$hulgk}+Y5IszzkcFbkEa*Jh>lLPuu$xwTR9?8Pb3{MHb4^ROqFdWuy
z%_@tcRjRlpg+3@Lw6UMez*v<7GE&T6HxMbNnp(AXyvi?>t8XkkxkKs3Wg(54g|H#i
za9ix*{pJf{Mt|?LDDi4<D)5NO-nr@Gs9tp0EDByzuDHVJwapM$WmDNxVuUy5DKT5;
htzRM5B-6}IVz@VZllawS@1!5Z+2P)HA#6<8e*lhzn}YxV

delta 78218
zcmeFadz@BN|Nnnod%Bpbgi0qw=`2a9W}0cPn$A;_=t#vhO*N{SnnRk%%%Bu^$d*;;
zCZysHA=MCatOy|rA;&@pQA7Nmuf5h)laG(j`TNK3VLxWiYrUWAeB5jAJ?;MaaQ%mF
zt#{LzEt~Y}c;k6DZQl0V%?G|;{A2XwfzM2<m-zNk&&(T9YfEa*)sZ`^9u?B@>b#++
zrq+2bAuvLrf};GfnOWJP=|u&FnYm*^m*G)26e`Wn&de$#O#3RK&@tFIp;5Hsyp?q`
zS`nxkMg#O%^aNC%ZOB5Jh^<IDxg<JqV(3@T+JlY`g=)gHCg$a4llU~hM!0S?MikLD
ze%o;K=nsTd8ngUN{9YrQ<FM}b%ffX#y@y{ttkFfe#hJOG(4@Rc*}0VR_v)cgE%>CV
zwpRH$lkzjihC<^e=8YCP)87)VTfZp@Ddi@|+camRRk5f0VXsZecch`5a+NU0^W>$5
z_??7LL|;K0pp)~n3k!3y^9u{61>wdPWKX3K1=DNWI{uE5aA|hI=%Sp7V?tL@VAU=M
zRT&4PC!pOOZ)5F}()u{+;BgeHfP2ZEv`RljmB7oWBCbLeZn3kkL-{E!bUYJP{QjuI
zr=p7A+}Sly#s7_83bz}r9V!WxZpEPpPow;lKH%(ys1n#sXz?*QV`<w^C^NSprvTl1
zs;%**1=$5z*y|dGLiGuES))+sB=i!LJWKC`ON&pl6+55wG)h`F4uwuj!*MJQMfj8i
z>5bCW1W*gCZxRaCKp#al-0nryRYkdzCl-y%$$h1%UmiK7<e28Re_w27gXI*o4hFzR
zxcYgG;}^8B$*sWFC?1{91fU`fTiS4AQDw6R)p*IwEuNHFm^J<milgFnN0q%2&zx8g
zYH#h5(l<`G3E$buCiFe6rVL8X2!&{a(t_+sQ?v6!p{}iM!o|#uoPxqodu%mC(V4b^
z<MC<E%!!#}vd6>K9)nPIP#;v`>k#i0v<g~NJ$MNj(RQVs+lE3Xqy4befSpkFU@P=k
zbX<0BL2+(Y=+c6`+z#~EENY;ho$NH;Gq0a*;{`p0{~tSO6ycR_5WfUR9;vB|YvZAU
zT;0)5o`Zy9SeHJ;q*8&V<`ioFhbHG06lN6^gs$#nYslow%NY|2<>yVDSTs2ly1%oX
zbT^=?P$8<xIMneNs-e~pEm2eani>i*I!fO|)#Oj047*a}crmJQLr_LrX?v96SXvuZ
zfqzP|x(!vhC()D9MUIy_dn|eqd^oDExjQ-3J1E(|dRUK^J*_rCk0HQqs0LF}ZdTzm
zYCfWu<?%@}09y$SPw{U{JjJWu$1hK8=5@{RKThm*`ZN7(<h-%jj6()ch8<|}fi#|e
z((!G7|NLmP(;g$Z@+`<^LFZr*E-Yelt{PzZ{R8~lqNmin6H~);=s=4z2Kt+#r&P^y
z_`(7H_t9o0_mG$-Uw(E$-o&Zdq0B+Hg@&S<RT-$p)cDMTyvuS!q1y-Bip(dT_&-op
z{EneE{617e;A50gQd*o>q$-87^71C+Fer8pv;Nyr*3nv}TZY?&)}vZjR}S}Yt9nYe
zSDM<PmU@w$jhR__`D7pJK)T9r(!`0ys(jJdJW1$+5w@0b-eIU;Q8iXlMsO7~zIYVn
z=1iKLmtVNzVz(HK$zjHZLU&=Sf8y7{csAM7Y_nwL<&GVlH!Wlcr|hQ`u{<)z5=mck
zwkS6{cPi=R(N3!FL|e>~(t^S<t>rZup!SS+-i3675{h?XydUC=NMFKhN)>13k1HU-
z(`Y+&dU4xiHAAS5v%_O;y1ku#39n1I57BB`G$J_E!9Oupjzi<CPS(Vnq8t)BiQ=jt
zqfiZ(rKnosCsYN_o17hF$Z~sG!NgGL3L+`|L{$A1qo68SQ&je(oJr)!#XECcPL{vw
zn3GB#n_yE~iYnzChKx$G$nl(lj_pV16oxV<*&!3p=_hB$bIhKWos~(-N73UNTE9@P
zYABnHLS;(MIa#g8=6(xTi6&<jj&D67yQKIN2i`?h^v$RW@*Juv&Y>Xc#H%Qn?3bt5
zaMR%`=!bNGR)c3z?Gf%lwVGUwHbh6GT8(<3T2-1l|7z%o>VxkXV@lv1RO{IjsFt0@
z=!vM09*fRKRig=Ppj6YGy!`AjT!gP-sH=eaXiYQ|Ri6$-)#lw$6|^I&nxF1;Om^;+
zq7u4ed|~0_X~6N!!pzYVvrne8)DmNgCQqbU^L4EojsG`S*p?}nXovA<*b0|3E|;Q&
zLYL4&vg0lF$7|~(lFDuu3N^pd7Hn*0LE#WuGnAiQRFE^aI5ech_FdglThc64C9mru
zY$8Lo)R?@&)|2z|CYO}Cf{s3mR9Hsx>1|r+wx0fJ$Mq`7zsC018dMF@A60VsGi`%D
zkE%gQiakI<$nNDrq0vQS$10he?Ck8M4(&rLX4z~;6JF`$UTYipcx*LjR(@9Nv#D2n
z1f5MjbXZC0#Jn*<OT9VU79?JPRdZ|s{#cO3aP?$PL1unF-8dgx8EhcF3L4+i{&2m$
zWPgIHK-*CHPs+*7nVeZrU^lxAt@v*DH3Fz-4$id^zC$&}<J0?(>qLD0u<Jyq^z$2S
zf#b`-c-OK8h1@Dknifi#XA5u^syXuAP2@*smX2<(k;)a12&zeZ8=mg$%wQ`L3LP9`
z6S&{E;qE{+=Hpk!(K)$ea&pHN{B(=0z|Ht8qsvh(XyegZX#A2q2-`oW#u+88jrGXQ
zn_Q@ZWR4!4pUqml?^c^Yc5YUlQXaX`+K-|t=!wowz0FRl!u<9f75`J>X>!%N-G+}(
z%3VY3mFo|imy*)>?&Z&REm{uZo0j-yCB8}dk2WX&-ln85JHJ4Kx7OV%IAb7wZOI2{
zkW@uA7Jgi82T{Q!d!MwE8foxV++)MNL5=EQ$D8&7YOl%HeTj{q;`9tuUDXwTb-_B<
z62T@%V}J{O&_}VQwrM+{D!_6ADno<TM8__(3+3h5TK}f?vrT-<a@*(Eq8hZ*oyM1&
zzq;8fQ3ijw+d6cU_5a}JswCL%{6{xe1F5MNrZJh*T5E%_W2Ln(8=n(wk8%oFhH1st
zkJuL5g1-hSdye4pd)=e9%i`-{8MazDYka-Ti4%x8&4FB0)24er|Ed$3mDKNJyN-3U
zpy09s)=e8Pe#vV`xir}Ot+p+HWwPC1pS&g%Y61TR-UzL;*7EqyKHekoyVLmHZT#-l
z-L00C#&1XCcb)OuUVB@5_<q^lCm*^Ej^F;qZ*$|fxABIK-@V4~yW_Xj@!Mm2`^)5r
z-=N2bNPI}d@0;VdzhknwTC#u)p#@a)HfVD+(dj2ip-@xomr#w}g`S-}k3DCXh4_<|
z2b_P!^Mupn_yR{Qv}xFOZPJT2gBoZvcokHG{zeyZHVLasx^1wNCcMdp`(UHJr+LEZ
zLi9AkO+(d1L!Bm}4YBK@C35U1p;OU!QLRVEzG_SS<z_qU3JWIYjAjVEhpjRC8mh5Z
zfogI+>EhjqYWvd`RRL$c?&4=o)}A8NzLSmD;|*JY=5Me#DMD3%^qVcV>E1-O&a83z
zPgL8WnP`1<5?T)(g4RW+&?3@{-mxvwX`8KaeN+`pfvW`;Y<De!ivRvL?XSN2{B4`?
zND@+wreUi~P9maO=2dKExEfVPi_tph^-gE*u>O;rwnw!f4n-BN`~%w(bw0FR7C~#k
zyOj_?cSB=INDE*O3ZNP`M;oB;d}Iq$zS9;o2USa)hbr7Z9lsh?i>09|xc8}D4$4p!
z<oi!-0d}CuZ_;OWnxFn6Ks9Pd#A;{_GFFLy3flxfLS>)%h5u~5jwOG*Es9_3Hte=7
z`d_(W*HF8kc+&sm{d)KRg&TIiy#6UAYrePb9p7BUw^e`KM#b;2<C~WFE^3r(o@}Ou
z7KPh?va9Mmr+t66?L9GjYA!P;)D>H+ZUd_&rOk1u1IJ`%Pj1Z){wgABZcRlsw+5nG
zO}eA%z+_bY6W?gJ!H#0bA40{~{rE$zvFw&w^9beMUu?XEPA9jXn3t7VQb?{7xg9DD
zE&SC6IF$sokv#pNE$JVhp}qxI0VZS@PgRZj|7Pv66Eh17v&V#vC%!6>T~Jh*!&9;B
zf+<DW+>c!OyG<{<fG4NfZ1eUpLOT#}KOU;VUVv)+NhloH@jK=*d0B<|Il0+c<Lw1(
z%W(g?lbV$*@xs9ry&ly}c$esP(I-)jq{XOa!i!bH!PGX`YWZtX)$g%LIG7>JP-Pq6
zZVo;w9IUdRqAFG{;nhLsp-Q(WJ&s*M1#OrAvB8e0AQ9pZB;xg(MeC^ne@V0z_y(<x
z-L0C{IDa3mrQmf`1w66>T(II@UQU2I1h@~?qBXmEIGEe<l6RuSO5l$V+2W5E;}6@G
zA8X^^hN=f|L{-rEW5y#MPnO{E$LEpp3s?NwAHQJ5FJ$rOpz#N%C!P=vE^G&Dg@Z-z
zV^m${9;6<6j{14+aL{FkM*!`w$-py|){MJx@u3pGC;8)}iS;Dhi12@WLLGk&8h>7z
zQ{NUK{@gVF!1l-otij{VF2SISUz(4xgQ9fF$>HESk%Q_wQHC}_*EX<y7=LKfwY7ig
zDa}gacg-K1Vp}?c;0+1>HS<b(b3>cVx2T3l5vr@f`}k`NzmBSBd30J>JUKg5<+N~c
zIbkCa@J-kn!{yi-`)Q4>U1qgkY0FM_EXMUd0%{1wUv^B-8w26_tb5tP-EL67+v#de
z2A+B4jA?yoLH}m{`KLB3d9}ICzhw(Mg3chgl6w(bm$};5nxjZCLN~Rv<%vK0TXMQ>
zhi_1ow?ivC1?c8N?HpdgR(g~4k}7L_cKlf(`&At!q092}CuHZ32|d`_mhWa%*YyJQ
zRCEZc2JDD7M2onU%*qLc-fv?IJc^9fVCSJ4V7;B4l{q<ga_ho^_zoz|6|f<y^wyDB
z{m`Si4L5}!O>A=3QOEb`a(#48-;Z9uec`4Pr%YN??a}1ZFNyeF8`pbuL7Qb&5~F#Y
zU;J|5ZBIPfwSB3V*z3+6_upOjiT#g0)A77SKe5ZUME}iuKW%%#o{0ZZmu=y6e{I(;
z;T!w|UAsiXRYIY&$*`s$PEQJV^^4QHL>IzRU{(C}bCbev`UldxglqVnx^<C1zw`aI
z-MT~{j)X!z2$i6i(I2r=52cgr7kBRxF7Vg#dxw93-zWH;dUT1Nkr)b{Lntpu`F4LT
zY%^>$teRieEh##R*6N5=#ZO;BDm}Y|U-8%SyQY7D-{<(9dUXk3;TQ9JrN6dUm&hk{
z>lyyK9;x!{-6b-Q1t#XF^-lHnSM$qz$D*e*p4-K<jE=zSb;x=Ms~c8=isS7)#xL&^
zi?(E9oMnUbNeU15J7shUKj9biyQaT3qf4YW{dlf_uxn~`KCUz3A*1WD+6PuyuOx5Z
zv3_~qSR}@}*T<i6UFRw|&hlrZr$!&grEp<?eea~`mso0RiqIn|e71j}Uzh03OvTQy
zkYCm_Df%jw+S!J$$*@nxq6PaVh5Pyk&gl}p9(JZ>^w)EKasMvf&o%t={;_Zy|3LpP
z;Ud4&xm~<_Yx)%<Vv!66{2>3}h}6g;To=ma9bMZm9~txd)%GipS+)I?Q8DkS+Wz!W
zvB+^;3i|l#=B9e1>-ZIb8(4^X_y<R&M&7{HD{$503f3oZU4qN{-g}6Bjq9AiH<>GI
zFMr19&Q);q4bTQ$L;$f=+cXB@BK*aj!zcMEmvoT_El!3VnR_;&t8m$@H{i0-j%ViB
ztOwzu%$c35;5f%myCiVf@Mp5l*qo=~vN4~*MY@!MN$tvjtA{@$D?s>-NR5V>lo}aF
z2g9XpL%$+B78wKV=FiCOoQOjMjh^hC<ke{8myeBkH#hPt#>S$bH6l;z*CQ#~<}_=C
z{P6Ik$PHMOY)ES4EnF#n+SpXDUt>RId@QoEaVRv*PaB^aIi(3hLSB&zaZ!A_?+skt
zf`XmUl(Le1*iRpo<PGDkWlqeyrKw+meA3iUxisc=YvxZ!ikkW5$XkI#Yjc~a!RPtu
zgOZ{Hu#`$L8=^jzn}`h4H?cG%8Fqb=qQ|wcA&JKT9fPIHd4Bl3r09cKF|3FNbo6U1
z4fdc>qNlgCsT>^)>_RN%7YVHOSSriWe)#s}L=25`))wZ{*{Ay{xv|L2r?cG+n&*?#
z{c^xbt>WOKR(?ueEV>+^Qqm4Rlf2Jb`Q>@B$X!g)G5)&oofBKzvK-}y-%OUF>?mfR
zq{#DF9sPBEQoV}Se#PWi^m^vgpdcj*5Z#4k(^c)8v^i9`^dxUY8^2;o%)7IVpOPQ*
z_O|h-=f@(+43kmnIPcc8{0jK{XZa}wvB<EtnsM;xBe;Tv$duIyCnsW^Lw3Qs80o<<
zVhv*)T-DB>UKsN>w)4x8U)uQ<NXFTIN>R+a^=yB7Q7rl~tM{R(-kI(F3jF4`_fw|E
zqI+n1m76x5lH|4Q;FnL0MP_x-Y+5%p)qAUhpK@6&(wJ_(Bq-D(TtkBJ>xU&pe!x0E
zs6@{sKV@3XdoS6aJ}nmQ-^q@QM1TFrq{vNJjKU$Q-bbDMl;W7zB*mXz9E-d}#uxcB
zic=$c1wTA+U5;yT;CdaG^=-vqxgcOy;u;ya-oup>xO#Nq$$Q{hiYqg4C3cPbPQhhk
zyozg_pLTiYD(Rt6b`b0~To?Q6EV?*A!&vNX_*J+l)0Lg8bXO=9a}q9F%olMD74sVO
z@XN2H+Zd*U{IqGQk(Y1{30ysTI#=`_Tx73N$4vPIO9LzHhc8WvG@y^$`7@Sx4)^k>
zm&PLZW1sKO7?c|Q6&HnIh$~jCx4nF_$PZ777Gv3^MC15@-hO#mEcyYEVXB0CBt@F{
zVe+WiqZ4pxuCSUgRPVu}->}wWZO78|BUvV6^$dHh5Bp^-69Y5+=~u_R+cW&~t7FkE
z_$f;pGJ*N5l`dEcytDiI)31qnS$+NTYhuy)_$eflpMt-HrE3pqUYHaO^|OBDJ~An~
z5ledlN_<gLG}=F2mh{pjFRj0yGArg?+uxs#Jlo$dpB0N7BuEckYNF}q+DfqvAd})l
z7S-@pp6i!i8;gDdR81*kVN$gIfKZ4Iw|RNF1N`Z;W8QkCXDo66zpg=Bbvn;3PL%zT
z<U|ZL993pkKZM0fp;e5Adk^a@>vw5VwA#RUH1-M6EG*mKT%IHMV9^n52fo0iIKd>2
z);<4FQ*=#=W?<R$!h@*~7DJqzRlC(#cEqgjofO%N)lunr%`fn$|05P1enGro%6ul4
zEi_AgWF1yte@4$#ujU|s`rMdTI>;}d8;g9-+SS=#cV((~+F(EBhFEmmVB7eV?WN>I
z3=KWo*I!~Ws!LfGFHQ2g4)M!xh<W$%5}RmMhcR4jNUl^Pu!1q?-8IZFzcCj14ba|C
z8_>DRa9ZC#I5ag{fJ;?lG;&G#5R3UxT2)ufXp;-$OFRu19fhTkRs8T>$yG4g`Rlr+
zdaqvSm(PoN-bH=|()S`i<>pxQu8Zty8T7UH`9*#?u>Od6yQvi~#<DG(esfavMl3rl
zH4xWfsmHjS3{CP5j_@n|ShV%XL(vB%dE-X<({G7I7XjN5l6IPqTm>UJ=-Q)4*|BEV
z=QON#{=osM(Gpy)%dch#i4&R8e@#+!CzjfkmSA7o^kSPEdukOHOT9?lxxTHw*sr)X
z7X1;Z#E$aIX3<!e#McKk-B>J*k!WzOyvtek`ui@HCIa2rHz|62rnShHk=qMP@q#h#
zm1g=C3u4i=!1I7y``GqINBh$k#=P{=e)+;!v~cvH2t<Dn%gwQClcJwubtWE3-;(4t
z%<{``i$ycDYy>;%Z^vpI1W7+PDe?+dUw>Wi)M%YCcKjXfr)MNZhhs4^RDg4nyywRF
zDR;!8XJ*?OTwBx8%ggr5fp-GC5|U<Pl2;pR3qT7ofCf6t?jPo24IyN(WJN#0ieV+1
zvYK38$HjLjy4X*^>gBH+o*G?=OWly*mpv5(Qtu@Oi8mQ<s}=0^qB&Sfj{ahc^B7h)
zEUIjh6LV~tSODqt&RFV0u8j<cnOItWSyQ-0T8pK=z#5tq{Q-;BS&7iUsh8S%9u;gy
zF2@SC+|kXrlpgiJGAVixOXZ~ln2tRr&^i9PYg407;nHYl;IYgfz_P<oD_N_F@$zYp
zHx5fh53Wwp<ygJ2Xfxt{>p}*%ebH8vY}ecJ6=Jd8k^@(y=(AX=7uPOUz-Vr;p<vY>
zic2-LeJ~H}aD&#*vnd3Ak#SgTaeAgkm*CP6qvo{3dsud2$f`Bjwn`*u_6x8M`(5w+
zZ24ZsI-GN4imhcZz@xpfG;D*8ja-e@$4@IwjlShL_2rs-e7;Q~*gHo0Vo|=*)JR1^
zaGl3>USY6#!*xF{ws*J^i?ny*`d$Uc=m2fPH6m~|n;H*x4K6kiMA(Ll4Fs+;FAKI;
zxJq%c&6h8(AYAl}X?FEs!qDK?U}^l>3&yipYFGwRf9|}o)PPi$8M~m^&TYFi?7}(+
zKig65rw6Mvm#QLM8hrK&untSZfYHq`O}IS1SkeWN?y`b4@M>IkFjFFL_2quWgR$sW
zz+{^_>ulpIY#Z81GZIUFc2v&C>VS1@P@!M2G!7ZbOsKROwnCA>FAqz78H|X?axAVf
ztRXubr!u3GqDfcUUZwZ$NQxF<xe>|oy43km4zBE<I6oS%G$~TIBoyl6uj`-c<&^m4
zkHn&P0MveV`FsOQS1g8Ax1>np(s=FjajA_6RhSf6gGC}NAwT0fF9@%S^e(eijs`31
z>@vUnu~_su;F$zr?l1$-xXP9^2ok*nOLYxKv3J{5!A0nGpdtiY!^m&4^n@dN#?|qD
z*W?(5bykop{T{gii)+;lsoslM`zfnq(O(4crVZ96CthP4%PyQ7u+;lBFpYKc%y{pw
z&q<1uVsVY<+V&c*7@?SaTr{iC@+;QFB0XnOdNU(A+&NLMAQ7&<-s5-=iFseo@>7P!
zqRp<g8Q6881gme5P#HscBUV?NIhCk0+oodIqrO<SHNtl$Ct~ynqESk3$85i%JQl4r
zC%&4ImN#IIKm7?B7^sl+4fQ$tx<eM7-w(^yLQC8nEZbXU1Cy&@uzs>`9e2GgQ!u@}
z0oVH}>tfM=0^5>mRlkg7H2RPD4IvpvMq;r*bHBLcAAZVHvFL9A*V<&$ajvaL)K6cQ
zTm^$i9xQc_JIv)~7A<;%KmF-gbifTZELRK)|KlNxNftfxMq69E2wdtc+llvKsU4a2
z<oF|&su>Ng`t5GAO~CA8LQln#9~(TbJC9*?#$qq@P?C4xCck1m-8zpT{=uBo=+(I7
z&E<>&JdLFep?hvjiX6Z?)1Ps5YP9*y@dnc+W*nA6QIu<vB8%l0H0w@W?SibzrX_g|
zd_U#+SoCrKP`TNBB;VqfKOc)+aSO|VHVToaa3$*oDRR{OppECIM$W~>ZnjTq^g3Ka
zg7T!3??+gglWYLUx96?gZTJVzNsZotOXJ&K8h*#pY~rEAtfXjHb7-|>_|3tx%SPFx
z<U|bhA)}U_*muZFlda`~_#`PCkerBd76G}SEDH>qgu;D*mzs~PbCSF!3;mRhY`zy-
zNOufMiad=)`!Jt>cidj4`rmeFtv)|F5kpz9W>A)mSbed$kMGYt<?U*YgAAzQxYV=u
zR?J{26mg2!E8St&+bVt;mxZoa7vX2E+p&fpvVJ_mZ@{8Zh`S0G@@}k=hpgYR*tR&o
z@&DwG{E)Q~>u|_scXAtk$nScriw{{}9${tNRXN^$ScgMK7FRCkD6FCJRJ^Ab`{l32
zyry^i6|co2GwxQKq}`kvU5iU?5?tE6pYQg|UynuG-D5`tPgDmdMW$o%ES8(_`*EE|
zV7n4V?mg6;jQ#Fd=N$685zCG>P0X!WD$4PiC6TNpjQ?Q7FOmz+Z7cT_?=10C-i$?S
z-)EyT{~k_G#84;E=fjh{CHMIig!mjd0C=)`JCeCn14Os>i*YGAI~m`@(y%5f3tQu5
zp-^`$Mr+?B@7iVl^sTYzZr~sw_2ki1+H${QYs|ZMxu5cOEV5^LFvnQ#+T3q1zIIbN
z1xuN*Al#S~eE=&dNFn{rr0B<3Jq}sT9<UW*fZ;b0OU1F)V_1hn?mxn>>%S_;n}u~a
z<R+}csnlFy+uWu(3hS`neOTun%J0V`LUw)dh#asE$9om)aDFu(s_b_mmipM{cORDe
z*jis>^*v;De7JJFE3pp8+jN9q&6Sn%iwwbH^&gb#-LcZ2zJp8TO22#u578d6Yh$q4
zj+Dp>R=Ab8Y_4UDpkE&G%ZJ6HogcM<?S5uHmPR;pnZfraR;r(NZff+{$KoBSm8cJv
z7GJw}p6>kYlh?<vI^)NMh{60FRvH$gtbbCp^(wnSGOk#`a##5kAH^bf0$clOPo+j*
z!KGxmBCrDghNZR*HqFs)kK3rMbKLRH!m@)`Gv*mA^$B}c_DPAW?cim{NtVN~Qt=Ch
za>U0PZy&L(;YDHKdJNa-;GuWQTKVdo#ocT5R4VcYAjv=YY3Ic9L*s+ohhn)N!n)@O
z>)Ru&)F&#3y!Hs|O)NJCNTtD(m924DZj|Bo&=J<pM_66fRStRW5!P!*SaqMO9P;AI
zR%9s_x2>ObPLzY@Vwkc;J^SeZf7v-vjyR4!jisIm0!0&^sciK=!n*zl>$M}STI=K6
zGd=3P5X<(*CS18e&m=!9mtIHQhwD;5EvIvp=YrcAo|cZs6}&o$Y{bQeDJM13>3Q7%
z=>mTvE^d1WSLX$}lt?bFb9G-Bc@h^fdZk8+U*xa2^&C3#6)v*nvHI|r{PJ&Nkvm?B
zC-Eb$G(A9yT(Tk9o8xM}Ne_j^ZoripxV}B)I`8G+`7pi@;TjqE9`j1vm4oY|fIWZ6
zb?Rn4Ay#_Ra1E8qYy7I8@_j5i@m2fqf_t57le`tL`W1s>(GP(!`hbbW&ZEI=c6(v1
z!B`qS!Jaj;2#fT-?OX-N;2?{P*Ik98x8lkmC^PwO9;sn<#0s7wL~3u*EnV8a&WUf>
zOEWX^`K0J(tgIk)S!caj+48Y65BdFwr3<c&cfnhgtw*p%9`ZYGtKCA_ke6a<3t_G2
zu!hDh@5HzL=|9J!552>H2%w%sUAT=q<-pR_s~l?-7VX96zTS3!`u<q7e7k)UOq&qo
z<acclYfZ-*Vx#l)`*p1If<08j_w1+-ZXhCKv3P0sdgnwOBM#+#)cba6py{tkiVnik
z(h%$rqIY5S4Xm<Tk|JNq@@M><8eOy_9!G`ws*;tQ_(6PS!z)sN)jKH5CS0jDVeX__
ze5i4l_I+w}9ImuO{9Y^u_BE-|uW@y=oOI6oD5%plsos?z`4tCak*@%~{euTnBX92v
z=FI-o$Qd8&p@AY_iR-+0<mjtdhnuI#Cwh#q?wZbtIL;*ygN0kq?w`iTqt@;lv3djv
zXnlSY%Z^7qS3c>pAe+L}=u})OK`32p9>!wwK9L$d>hnWsvHJDE>Sxp1nB?8~xv2<;
zW06mxH0J))X#X#4cd#0f*K#boa_T;4?-!=R3&*03cG=b-4ELK^yUg?i=rZV8q|B9q
zLA1?TY^B&eCGIvURS45_w++LM5!cM3-KHEG*#*rs>#BrPBN<;ZbglDVoWrg2AkM+o
zdHz?20<6G!fu*6Z8UNNf^02cUXO^W6_8iLMN}M^Cet~nONlOfOuJR2FkcAK6%(l+s
zzh#nHXWn7wt2kX|t-d={#%pl8u%8^Jo%b@`f)t`YPB-Rw4Dv2kXIhH~Dcl0o`TkH3
zf6oNO(v%DC<q|f1A2O-c!fBB@KWJOX&N*S&4<YjeDB(IBzu<^&#4njB>^u4<MZ-VZ
ztf~fgm7TFPFu2F%4rQvdykLX<Fc#0pdZZ?tv@c{XuTD}+ezGOAx1>7{S!Il#3xBrb
z!9LHr8%sUTI4DhuzJaA01v}d4vHPtRHsMpl$yKoIWW5DfM;nSe!A)4~x%gX);}6)I
zP4?rAp7XHs3B@wND0~)6<3D)H5<RNIj%V^=iRgjV9zWWVJGN<9DM5OV;7W#9_seMC
zFR|42l$8B&(_d@~_Ff_jOC_@Rb`LqfV7C|Db2ua$wN}5{G;PQ%EXC6kyW~WSn9YC!
ze~hJRWAFdlAGA%8V9Ji+2{)DsZ0}v~#ZnW}Z#=B}5Gxkko;3I^KAH5gZWxwQXXD>5
zIT6F<%S!PIRxj(tN>TH7>lfT+M*7GK?w)4j>P#rR#e5!1MPNYi0wx>^2P;qTtRp%A
zE5(N79^)RYu2|g8(kov(Kl^OGSvVXlYqq7PVyV5U7A^H4Ry!>GdT{rTrT!xo9&$9{
zuQnAji06&)OiF!LhP6<YiT-CS?QvnK2X$<kU~{tLtO#oaA%o|pku6vQf~TGh`D@R?
z@L<e%MO942iKP26bf68*<?HN-nO+?_K4R;|Bw!T2gvEPyo?6uAFF#dZ8k)WDXlL0P
z-i_7GroSjT5kt+S&gT{H(cw^rKVwvCbTY2<;q3US>JF?618Y4m?4~4|iUwqU98Ip#
z!E+><YABYvCb&n4`dA&Xc$7u_4OqG;(BM1|s#7%_`~g^E@RBwIOGV|;1|jEQX@msN
z9ilH`rDHKgShf?ZnUsd%m^YxBnT|&1@Ykl+SB<*~OP#}XXQ4j!7?aY7u)UA5Wxaww
zZ?p}fuuozo5%$=i<Ue4Y6U3BXm+G{EO=o9PbP<-W)jVCfCdvDvx~VvgRJ$H)QW{f&
zb^Lj$(n<8wFHDO3h{fL}bmfnRj-xGt@t=>&&XTebNzwbT&LceSKwW>r(vW93Jeiz$
zysbFRHzLWKe!NL(N(Sqpsv@*|l6PDUQx5gU)G!s&r8P`SGeRAxVLQS$@4%YjU@9`Z
zxzo7?t9y_MFTNu0V6m~Cni|dE?@2X!Y3M0Qkuog)(1pLy=z4;wXinM>o?ud1kaku6
zaCKM^juJ#hV|Dds6s1P*#---wK_TnuPgojL)=I8pXAO<UE2&Gd6q09VH1C60hv(Pl
zSZWY9M!XQ|Sl6}zqn2S(h~>s9IXsS~;T7BkM!v_&_775yq4nZ9Q;+CEEX`MP<`wwM
zSZ*-!$0*VICglvS(%0}8vcpVTi*Ty<etlC8@;aVqDx|laXi{2J>HR0#p0SM+J1ML!
zNKtC!7F^s7(0m?$=GvQ#xVxoN&tqM1$g0a<%Jw{Djldciw<0fK@uY=^-4Xs^RwIKI
zlO?GWmgXT#IdiE1OG~4ju*<PDm#PI@ncY~bqFta)IyK&$y1-n3rBrOZxmc<`7df6F
zVrW&d1#Z}|vUNY!p#poqHZ&>iXoRFjtVr<~-mFHZ9O`XsWGdua`!rib`il3-{Z2E}
z&xYOvbp>Ew^yX=%0_q*z*rc>ado?!GrPnn!<!HiFjl=%s!_vH;8=DI8&P_~82YTr0
zCN!r>>p%~^-NclGq7nXD*A5#V>_*bCMg@0oYjKT`D_Xmm4Z-a}FaB@<EBF()gu9!C
z{a=QpdE1(q=}Dwiy}9kHYQZb>%dm!0$>V~zy&qy}w%Y-i%%A+aOA?Fdl~`Ks?8W;X
zEQKUDF3XKt+NL@=c(^bbt3Q6MTKv(=hb>KcC-N;gJ>GA6m-H}}?Hld^qWiJZh~b&^
z_Ti*RZ~jL396g)%{8pwSg_ilKl}Sk@k+d^xCG7%Igry-AGG$f5$>B3hxxyTPDzUIx
z-zm(6mA@0d_^{dP%y95n*7?rD%slM-1*Qh8^X<_lY;Wp<q`akV%=9#J_zD~pH@ItR
zahC0Knt~xX8cVa?UgPd_e)iV!BdlcIl1J;cjn7l<lKNt4ZgWB4T0IL(UBW`nlhYko
zT+`;Idac@-iZ0=l8l6I+kj^Tclp+*1X<fst2c|z#0?>*X9F;WzLb<r|2XET~rE`Nr
zdK@S7Bjj<CdvHh<k4s+={-S^e_oRXAPi&%_b(e(enqRwy6Kg2)C7jAMlQU$h^CcjP
z+8~`z0I34wL^&#}VqMCqSQ9uSoRc|qNW*3Z(c7w|g<>3krt+T}_*xB{b(!H)OX`4b
z;8d!<^RBGQ{Z_}NDur>jv_9v<&i-#`&_Vx`1cI#p8yUNJHvc0EpniDF)u^(nh1NPQ
zRf9g^?8>SZd&+UC!ad{c%Bq%JulyC^c}^XFrb^(&!1qW^guTkCgkE$0l~w$8$EC8j
zI9n>a<PGO|)9G7Ix1u_vD!@COYMJ*qkLLWCQ-@R)_{`}pREJcP=x0u~+^?KEq{{f9
z4E+NKIg~J)=^!CCw!!h=QKgeed=;3zVxa8if<r3Kt}HmL(*AOYvHc1H)Ie1u{wYsz
z{FSO^>>q;oY!U)xQxK%Xr9C*L%9tyz{s~Kn)jVjK6f{BopN2z6W!1F2!14b}4aWcf
zMh0rJArx4Haulkr80{)hS;fb~<u#6_FSS=VnjvGn3;btV75{waUs;6;9G6DSie4<X
zPxcBY{=2_QP9xH71U?ac3{}ZjyF@B$6#k6kQaRT<TdKZ)(b-bfY!g}?eaG?2Dzq)k
zh}VJR->4GY;rRbVmBa@woyscoVVLSBn7MtpHp>2lU(!$Y>krxo`wT{|2Je~r^#@gj
z+c{oY)u0_5udK?VqvL41&{2TS043DbdHk6w!R`uYCS_1=1@DI`e6EZ3XR7wR!1-5J
zm17WGUPGL}^jPdMj*mqZZk*Hcs1CFw$asPSl~o1Gb-c2wAO(*9m8xQwxo}dAq-#(W
zWTxXYJqC~(?s|Y0;+vgEWmQ4uyNI_s|Nn|AzW$NF^bVKKBB%c>aS8s@1z7An?soh?
zqe^%Q;cKF+T|B9HxwHRF<zKRn0BVw_TtKPpr=33IxKxvPqq8fk!f$e1D*I(;{|8zU
z1XM|0C4%C-?jlN$$NtFK|2Ini|5d`O@orau|BR~UU%K#rr3&|z!f64MLxXUyi}+Wn
z(f<?S6m&nol+XdE6@na6IrTYB`5$y#D(CNxYk=4VRPC>$k}9H>Hyu(H@MvfMnQD6J
z`<}|6jthS>sscB1@hYokTZ;rY|Mj6z1w6}X2UG><=pz1^Dx+lQUs)BeljBl_OLcZ-
zRROvMTZX`4Gwe=4dGvJ=q)M=#v;Q-ymKx~7OI3gioDOzes&t1magL!bz;G8ps)Q~^
z6U@kSS*hhS)_MP#$}2~~(TOhHU#aq+L^x@#3tw5ay_)VgYDY>X5JbG(1*oh_@CvwA
z;8N!=Rl{D3s$O#)udIr9gX2=!H#)s3-cvUL)S@>#58vr6s1B+8Z*_KM6<^?ZWmQ4%
zfY(4*IRAg6LHqwzfPXLIe}StYD+#ZHKI-DdwIuG4D!?iiK&qyC-05mmUgi8!f={7p
z^5+Hr9aVZSy6~G&rS~$b4d|QJE(yJbLx)rWwmN;=ajEz_sL;EP|CwsGe~5ow^d}eY
zua)ul*8%>I{agG8B~=sdrzW21KhQlZ`NdUCs+LTkJJdi`)GhykDqMtc8k2Qg_{yqX
zd_%`8tKv1PqUUGU5%fe80?MPQiy&1GoQ|s8XQ0*4BvjMBJF5H5^U?a|U_rRKIi@gN
z?=OEf47QS!iJ=tpofe{Mh09Q-d^M`3xE|#vbR)l1GJP*oIo^q?B=^hHsRr-E*h=>i
zr;j;*shZ-cDlAZ9&+<zdz3Kw|Z>S3J7U`)X@1QF1HkZCs_Vy|aP?hjK2i|u9Dyz^(
z{8G4&oxfBy-s9~5wg&D0hlI3&I!MAwJ4}x&;{;SSISSSO<~V29bp9tet%LFtI*DHj
ze~JvJayI6dTBaqcbW2(}&=%G9zYD5}-JJGBbx6hgpo-YnajBZJA1ZVnzZC8QXAeWw
zQdy{O>5EZqJ7%GbsglqQIF#T`PH#qa(OKy9E>taXFRDYT43;|nfa6kydk9s5^lb!f
zuAfDNv4yJT-a!@rT~xO+q4#m<kSgL1ryn>jRYKpPD(Lsl{|8hnq5Jmwe@}IR{vRdq
zKa8*Zg94~#$1pO~0@XD_oKne9O>Fs};CN+K_}b3DE-Jeo+6;}MI;3*;aJE$G^*W07
zSA^cq<9}0?ZXcJfRCb2TxS!+wj-vkZIL8I(@AO<3Kq~(Ms0PjX&b|QUCp28YoGRRf
z&i*S^xQkr4i%M`P;ZY7q72sl2O_b^E(av8g|19U9?d-A6U#eMfspAtI|M#?{vWE(i
z>mpQEO`FRcm#SdJ&X%e`)16&e748b>KLc%oz1Z1zqxg3W-HSsRFGY1!Rwc09`TxuL
zOFeUNIG1aAKa8pTS2}O0%3JR2%BpPEIbK<{+&mAL|4YvQKcT_gIU<5u{$-cYt1h9+
zD)bh=v><-y{H3bMPE;4u?@(PFD^OMJ7pK3X3ilhTf`*SKe}M#wuZ)jI<xv$?#A>S6
zA5{Dp=U?6VS5~D{!*Qw7I{_un(21zxpXBu9DmWr$<OrTOP8<<V47#JS3)~V_;aZ_O
zq}oE9jVh7$PCGd5i0Y6kv(C<zDtwx=E34A)0@vl_oTGUur401nQ0S0q?HZ0MfeTSZ
z7~%XYtNcegE|opXg}+3$X)rQ=FX!-hR7Yi1c9Y;Le*vn-n~EyA%UpP=>}jaN&p_pM
zjpH+Aa7Yz@wzJWapnf+2)JwOZx~$#h0^WnFeoLG#MRiD(;WB6cnJV7>_^Ut<xp4nh
z?QlOLfD(S#MffXK29LOKl~wT{h0A}H^T!#y%{=0bCM;&syM}B1{Z>=$Q~B+t+HR^K
zhxG5anv6;9>vTM9B~Z<p%5O8}C0nEZ@3)$Nztyb#mQ!Qm@3)$IE2@jo-)}Yleyho4
zMnj?U+f2;B)>XWtE<;xTeygd5sQi{wSDwG$YW~^VOtqA_hSuM2HUECAX-9%ag+_!9
zRO`#%Z#DmZs~L<3z1_5%dmO<b)ex!tHd7w5#s7Y*`EOo}x|aJZu4~rcZ#Dn?<t5|q
z&prMh@fP&WUll-mvA^GH{{2?-@3)$Nzt#Nvt>)ivHUECAS@~@y7suc&=ihHN|MYFA
z-CS3G{i&_s-)}YbR`2h(n)b&0|3_~%FQHpGD!=a3P2*p^%~W{#Ynxs9ZKk+v#XtO3
zbM=X(;frdS?4{v;;ZA1d((q7I@0M_NQ+pX8)nqOMY!G-sAkEZR4wyC{P_!J-#jF=-
zaVwzd{eW~c<^J%{a5uA2(%m$A0O?_hB|Xg+NiWm#Ur29LCh23gOEOH`6-Zw*N7B#i
zl$>KaJ&5!-^Cah*-I4(&{UPK$vrsb7?3J8vG9E@QFpDLF%mK+@GjJs`#4MK#HQ`5)
zVP?2wxLJvqdUvX>k5cf9Oy;A24FWF+j5IYK15CS1b$twQu~{$BVzKJF3Xo~0tO9Hk
z*eZ}^8a)n}eK%m{<A7|lMIiYeK!??Uai(lFV3)vW0y(Db8o+{k0rS@YCYYT9eU<=v
zt_4go^VS0P3+xlfGwJ1kW%mJ=lmn)iy#m9Q0tP<;C@_nk03<F0M4ki`nSoCN)(ET;
zxXgst0md%}WUm7ho0S6f?g!L<3UIl}e2R9u!mO3dFg2b=t~5E460=@XYU)3Ol$j}#
ztIS5p)uz#U<Qh{fnQ692W|@}HBG;NS$!xP-GRL%i4!O?Ekz8+fO8#LwJ&(*a^CUNz
z-I5zk`U}WSW}#%B*(<r(WW0#@W-($CA5~pnqTut*z?W24fmH&=gg2<JkEyO301M4Z
zfqJV{*NuSNP3A_x27wm@7MU8G0Mi}^6m0_BY1Rw0SPf|UGGMWp@-kqXz*d2KOruu-
zv)2G-z5-Zcwg@Dz1$5X9SZc~P19k~~Ca~PJeHE~v95DY?zyoF{Ap9@W={019nJ0PB
z?3O%a(qBg&HVY*y&0fhPCSwcos97v|%p8!cG6Ua09yiM+t4;V#WQ`dvS!-5G%1!hw
z<O!20dD5(vtTQ#XB2Sqd$<t;%Vp=>);hMfp;ntfeZv(aoY!!IUG<pXx`#HeOcK|P#
zEdt5U13GLA_w!x~nX9%j|8|LdCbBVP+HHp{cmXnhJLKh%`B<dSi;$l0LN<rY&F@0?
zi|iA5Eo8dA2U+$KWXXGwEg|#0$gmBN!S6%f44J#%ha_%<M0P;7hRpdpAZtWciM$gs
z-UpEJn;_XAK(>d>BO>))hSdHL@?OY{{t&W3<OPu(Aye}s$h21=MIS*v44G#|T5N_i
z-3i$lGWk0p+eEgCd=fIJeGHlXDrDxzkk3Nq4T$%7$ejKO`UR~c-4!zLN_W#XpQ2xe
z%yrVQXc_6(A(QeMx`%d=eiJfZO24I5K1aU`ncJj$X%i{mZR-04$~T(smi`zr6;eL5
zbp9^%r;xc{`ZKMu8{Ho=7fKJ%7O1KBHYKk8B_;law)hgVLF5IIgS5q0kZJEgI^0U9
z|8B}|)i~J(DEbP(w+Oz{I1y<2H6X!E`C8*-J7B9o#5CHYaq=!;<{rS&W{bcsfezmQ
zqNeN{z=HPxp9xemZNCNdc^@$UTR?TQQ((V9&+h=onR(v<mhAxS6R2U*_X37}09djY
zP|NHUNc<2m_<KNYv-o?!8iB|UfVyVj4}kF>0agjrH{l-v^>zZXe*~OlRtjtosJ#!+
zz+~<NO#2w{g21V!#!rA2p8$$}0yHw~1-1z^{Ta~MO!*lw`%}PHfu^R>en9ePfSLON
z&CM2pT>>2r09u-|1Aqme13nXIW!hE%`g{SHUjb-sb_(nl==lqvjhXigVA(FfK7qC-
z{a3)S-GC*(0?syj1romm3_b|xU=|+)tPzO(21qgke*=vF3b0C`lL`M0sP{D>`*%R9
zSt+mqFu%6P24Q}tM{DfCd;znIsS(C*@eSdN!hm$MUSOL*QxDMHOz{A-zXfa+=xG`y
z0Fu80%uE3EHd_RC33R9e$l&uCfCYO2p9%CcZ6km_-vj1H0R7EQf&BtKj{*!Z^Ns>6
z`vI^|V4z7q8Zhifz>=c@7nr>QiTeP969I$G;zYn2fk+fE)C`OQ#{UFZB{1BCs{-o%
z49KnuxX7#&*dS258epW!tOl62AMk>}#iqtFfEEV;MaKX#&3b`t0!^y}vdom~fY}v*
ztpeGm(XoK!UjQ?Y1&lLW1a=8@I1Z3w%8v7fhA%bSB@;~B<B^GGj%1SADakdRY9M)L
zo@BDwEtz7{Ya;n(p`^g<l@ywcT1b&ujLcu-QTY?d<1#bw1Tq~T2CNb&HsRWUdLAHK
zJ%71bDX>AHb{)VBlUWBaEdlU?K#8eQ7to>#pr|gO%&ZsKCeXAV;A%6a9$<C^uvK8D
zX;dGOd=y}2eZaM5i@+{{4krTUn6eWA3yubSCUCuJdlH~eB4GYWfVpO;z<z<ACj)LY
z^G*gVivsou%rof?0K=*RmNWqPX0JeEHNfCg0Q1e_QvhoOBBuh38F(sS{4s!40t-#J
zA)sD$Kz2jG?PjIG27%g*0E<j!Bfzv{0WS#LX=<DXXmK2%=rq7$vmOw>+thE2++(Il
z?ll`FOH89C$bF_*veaymEHf>eBFjyg<bJbV@_=dE%p2<cD{P+qC#(93usQKgR_y(?
z$Y#c!%-M&`90HhSCjj;|Bj1&#Q**$u+JHsP0gsy90*Q41{aXN5nT0I?YXlAotTq`f
z0psfeR<s1HH3tOh)dP$?9q@!%emY=-K=oFDb!K=gz_j{+bplVD=ox?(Cjus&0a$O=
z3TzW-&>HZZ$!QIkeG*`^zze4SnSkVz0W;17yks^C>=J0*2C&f-w*f3@0N4TWUJjen
z&+^z`oC2A97G!hSyeqO_B&{vvwXnIaEo9lLkUb(>!hBQ-GOQtFQ9H<+Ve_R(Vk1cZ
zvmsl<=C-pTYeWu;yc0Hk+e5~m23gS_vOUbFk|6aOLq>Lhycah2cYtgVsooK?BWy10
z2$|LdvQFf~u&J5^Y0(riiO)58JHw`2WSdBXWXLCBb7?YUb~DIkk<aMqPLSm0kQtpI
zUxdvjkzFFKQy{y;W_k)_K?}$Zk*{c<R7jte5dI6te%>D1M`XW9T4%_&v`=TqveO}Z
zME24?X^>&9AdAu<KhQoRiDy9i^FKv;`)HpSWR1u{k)LUwE|Br9AuGB-4$wXjuOe*D
z?~49H>qvhM8!sI_NZUw%3!6uzztb|^JpSU#WOie$hs|1vXKHju5=@Syidip-nEE}C
zqs$b^(PkrJcC{nt);$?0QB&Mg1LbVM4uNW>WiLRV_JFy)0M*TQf&Bt$y#dFWIlTeP
zIso<v)G(d;0ETr0Eb0TOWp)cB@_#p&{uzMUW?=?kjle;Hx+bG9V0<!QMPERDb3mY8
zC&0*lfRoJfet-=E)z1MmFvHIQOiKZ*6FAjG`vY2}0w(nbG%{-iwh1&i7tq+`oC}!U
z8L(NPsi{8zkemjXF#yoqYy^Z`m`3LzElsiHbhAa$%CsDaoMFl&t<84HnWpXeNE<Up
za+cXCX=^%NfV4C7Bxjr5lJ+Kj5YoXclyo$EB}pb@Fp_K*OFEeYk`yy=2$E`+OFEnI
zP$bO^N6fUI6m{KDirU3QhXGpj0!$hPNH=Q*wh1&C4(M)jh685z2FzW|64%qL7f9{{
zXnG+bdYdU10(J>(7057+E&?pb0L;7y(9diU=+hU_VFaMRDH{RUFYuYb0Mm9PU|B!F
z{E>ixW~acga{xU@0WL7}MgbE01NI3FHt81w)(9-Q7%<fA6&QamVDKe?;b!qAfO-P}
zkxalvW?&|*Fv2XCj5OiV$S5;ha<N${xx_@XkW7;)8Ew`|vP_LJ$QY9&$u{dHV@>^R
zWSp5I8E-a9a!jMK$fc%OGQn(-Of)UWA(Kp*B-d=0<e9ePk;!I`WQy4-$v2&HkODJL
zQfPKdicI>Ys^~CP^iryEnb|8aez+<+0Z?ofPf$fKR7EEOE;j=w0yYS&5}0AalK|5$
z0%T7Dl$ezQEk*!p=K{)1W-efxzzYIbn;Ln5*&_i(d4QQ_y+HCPK-0;9Yt59&fL#Jx
z1?HGWQz-CtrdV>l*&_LeX_=4AHD!_;%y!9*rfmUolbIu#XLd?%Hk}F)-^`QTVs<0m
ze9v5XM|ep1R+C-?HD;k?f!QlrXfmcEx0%I~+sy&V9cJKV$Re{`@=p_<hTLg}OYSl&
zC5uh87`fYIO71ahCHI;d(~%`6M{=K8FIj5pUydv@QzXmHM#L<*lp43bf*L<yimw3l
znE==!u)?&Q0oX4vcLv}gvt3}>L_pe=fR$#>m4IQB0DA-;HJwTTiMfD9C4g0Cx4;^K
z{-uD`W??B{d>-JSz*>`02B<d~u%Zm`ggGFvL15%nfOTg1RTTIs6TTXG+6<RGV^&Jm
zo9H#jvnEsWoLMV*-qe_hykK%9FPim|mrVUxB)hASWM|AG*^OqSz=9$`>uUioo8oH;
z_=?$rc$+<Q`fM&j`={bRcQzNH*F5vC$g;~IX>%Z3JagR~E;ny@=40ubd@c4m^exZa
zEZypvFQspLrrY)CJD#~sy3I4+OSgNb??2FYJ#)A8J<n92X2a#=Fmf(A?C{L}b0O2N
zfK<N$@*#uh2Eu;inMb5MJyZ2Y^kdJAmVV-ya_Og@sd*FnnP)DQe(srPrC)gF#Chm0
z&*V#YduEgLOV6BkGy0Whrc1x}%p1}@w1ba+<C&|Z-_i=w?>y7)7IZIdApM>;kp4g$
z%%{YO*HGd`^C|H@T0vxuNdH?QKhqAkLdMU8927Y~OBhJKS&$V5@(XPtvO#3z0?0wy
zVgY2@wUFuyA-~fW3n49LL)JmK(noKjQ@06Bx($$E)(Xs?188tNAYyWE2P9ty*er0g
zsecDxm%xlW08z71V8Qi(){6kuOz|Q>pML;$2vj#M{|VSHF!!H;<IHw}Wpe>(cLHjd
zId?LaYMPyrTBg%o$O&eiq_){DsbkU?BX!L}Nj<YyQr~3Ujhtu}OHMKeBqy7J_aF_-
za>*$sd@pjU87^sPR!SO~=n~{KlPPIz)=HX~8uuYhO^&3QSubgB>My0JyXI5W8A~Z@
zOS4g6!L5MS%K)uR@iIUk1K1(Z+O%8_*e@`5IiQW%F0gC?AnkrYTQlc=z_5jYJpyN&
zP7eSQZv!lP0MNng7FZ+D|6hP4v+!Sl@wWpG3Uo3VD**NG0IXO6NHqrpHVBM-5Rhh;
zKM0t%2vGeYKo>LoAwY|N0@ewno9M%UZ32@X26Q)T1!ms~Xs{B{)8woKB;N(tEYRE3
ze*~~gV8$bW46{*S!D2w`M*;mz@uPq~cLR0^^fxUZ1MC-=`xsz=*)Fi`9zfbEz(6x+
z6=2xCfIR{im`;xa5|;oLJq{Rbb_=W#=)W2;)GS;L7=It&puljGu?A3YDPYAKz(wYO
zzy^VlYXKw8^0k0z%K+8O0T-L$<$xB;0qX=ZP4o%CHi1b`0J6+lf!X&18axTeHaSlM
zk{<wU78qyhuLJB7n6VC!V>Svb_!pq{Q-BGk_$ff26@VQAlT6E}0s95!J`Kn-+Xa?A
z2uOPdFvZMy1~BX)z#f4D(`h{*@nOKC^?)L?TVRbq|7QW0nT5{+#;*h%6eu<s&jIQ^
z0$A}J;Bs?7V1vNO=K(X!^5+559tBj_bEOh9`~^UZ#{laD%1rb{z&3$NF9NPMYXxSn
z0yKCDFw^9`1W0}yuvy?*Q-1?sm%xk-fH`KPz=G9))*AuWo8patK5GCw1m>ESn*jR-
z=57MqXtoP1TMI~g88FYxc^NRQ9I!{gH=SMqBt8LH^a^0U*)6a}p#NroF$*^X#y<%-
zD6r6Eyb7qd4zS`?!0qOMzy^VluK^aB<*xyzJq4)#I_u?~3Fh?0+~l`-8j=lR_ptJH
zf@~A0y#;WO$=m{%{S4p*fhDHK8-V2XfTA}5OU-(LT>?$t1S~gG-UKXo7O+*|0n_L$
zK%eITGv5NNFk1xn3v}2Dc*vA(1uT0W@R`6$)Ant^uonRH-v&Htb_yiE2<Z6^V3nEo
z4q%PIK7rLHeH&o>OMoTY0Bg-&fqEMNgSS)NClZXeRL`YFRzTQF9N5kp_>>v=F7mWl
zE_ud;-$T}$;gV;~O38C3`aX%xewnC~-Y4n{X01T-D}V+&056%G9e`Z|n*}zS`X2xm
zYzEBu0PwQeDA4CsK<f_yn@#bD-aX;=s~ddeogL=g<iMTY)73xVA5!ygrAv3A$D7RE
z-sS$oU8|ToKK2qLEBR-^RZWfEUU&2L$KI#BJ=^k$S1YoXZ?jZA9Q3<gUSge}PYAwR
zR;m}eg$2{}9yipbwmEjUcdj?I&gxOSxj0AOZpc3@SHyexc00}{eD^@+)j^h}2gtHh
zGx%!Q6X5`!_bV`?HUC1{>^(W5P5t&b`8T_zSrc>4ytKf+KrT9y?_#WO^pSU*jnnWu
z;ym3hUdW?tUgp8?y!*V@lg&3LC$wvno0*%JGbR*zgMTB-H#>rI=jTnFSTvb3@wMsW
zREFN3U)r^WEl10Q#KYx(Ibdh~<|W>`&l}_I>#GW0XmfXTnCTi#xWY8t=XEyk|Li4t
zM-MUtx^i{r{oXlYTTj(}wUVk@lv`LlIeUz2vJ->kCs$C7yiv5P%JSOb_NWuIhbwg7
zp?oX?ci%CqbAR>n!;vd;)X20(??Z)*Ja?(<$hv0GZ(jSz*AvvBq<W*m)c<KxC{*hY
zjT$7QMr|CnHBoi^*XK5=K0808e|=v%nO;7@Hq)UHmjrqKt4cy*{Vug_PiaKt7EdM%
zjR=^cbPsA%Ju5%!Z2Bn_ovreOYbN|`&O4QczTtXT>uR17te!j8{&U@0d{j6Xkaf+;
z(S&=em)>gg_y>A?FhI<&QQ}WERLBn8bE+mJdU*@XZ#5Ds%z4%DJk-5yY?Iz}3~<$A
zQdY_Oc~!FuMi=Ew922tR_E=kl_&iB}ge=u`FPjZD654xNt5%b=7q0U<pAuKIsJ=(0
z(APWEK3Dv&xXue&`I+X_%#P=j!<Bj>Y<8WJFxfVt%4z5G`)bx>_tDI%q-|DB>cq!S
zOE@MW0UvW*(}c{!^UpR;^-fG4&9}4o!0quti&j5k>X;f$6Ndi#v-0pbbfwiqxylXY
zLsLpcI_dEEw)0)k4*F_^1q?ZkwoSt3+mjR88Z9~A&nK80&Pez?@*<y2uc3_24#vtR
zzLd`2rIo&k1|4M^p!1nDKwCazeoQb<s$Q0tKOsAROz4|4R_C6X@Yoa8hCOHhq<_J-
z1e1P3q?TFyLqdz5zx{3xWxs*0)mjoi;<kERrw)A{Qel*q`zHdSO{T_=3AMQNS}*;>
zSe-gvaZG<1rEeDL*bL(*_@)7?YH++}GD)ID--cA``nx+8%HY`Ig6o49r#tqh3&(g2
z&2t|Gc*`+;@gV+5gsqNMhyBBad)qO6$w;42zzn^^FMdjbuWRUgYO30H3xjg&8w~mz
zxAz>=*Sq51XV~FbO<0!8<U^P$!m1O>cI+d^ROjxF?R1QFBlN1iG^68Vpfan&xkW9<
z@i~m2;A=wqPKu6QE;7qwNFRyOp^sTA<NBOeIi?R*is@UvGab{nDaB6Woaflr`aFl=
z$()OT;(HuxfII%tpKlyH1y;jF{?@TmVbvV_&asBDoeT+md_y0>RO>e4eBBL`A6>ZM
ztHb(|n2vo8HpbmhrQ*;RG8MTAC#!QXPV|*bwPsV!V$R?okfJo>oNh_*&%?x;b6)P4
zM>wK~^sgnZQ2*<w0#q4Va=IP~CAtJP0LwUaL|x=oxUUWfHFx38z`oY8V_Z0{>>;iL
zL7|Uz;kdGgj2jEb=~IX*VH?gDIdvTG0-lBYm4MLXj<v<U*hQ}Cn65VZOpK0Nj-8GB
z6UR<~@uU9&A@r$ZbpdLH4yx^E4%T;(JHkG9>_iti3AP)iQQN?U<LVIl(y>!qg6us)
z{3j>DKyK(5dyf$Rfk|+j=HjMeJxSaWjpW7-cE-I1sFB>nG5yyC`jV86rZ9f=KSG4o
zxG}?rM+4RcrZ3MmMq9z;-IeoZ7p@IV%TYS#EiPOa{i888LpRO^4yF@Oh3(FHn~U5H
z#!v7+Bi!LwPk`d~<ecVMZ^wGUE_W=$vEHz~oJ~0O?NP<;qtW)ggZ+WZID?a`S`hGD
z$NFOb<k$e1((cFkF=unm3tYH!aO;~58r_2&>yP_=#|Fcc@wuGGlUYmkfBb``18~2?
zsSzLlXz6*lS8{4}U+f|e#GS*bBhzJaKJNHmJ&tzl0$8#etXYl?g6RwNI>x|)&jSs{
z;J+o(|JM?H7FGU3IKwXTI0CBF><dHsE|EsJK94FkjPp3hCb&$7!%l^1#Ot%EO7B9>
z+Ah6Gj$NeLUdO>)2S*UFu48$QjfB;NX=Y4zj9qM~mSa<3D$K>4Ke)kK;MgUw9~~=l
zaWi51EPjgmf2s>O8mMO1h@a*HX5qfbv0}%@z(zV2|5uLLibH~$8TuEFD*sr{D^zuk
zt6*Ar$8pYZOy6$}KE*m7IMYSG4p<jk{d>I&xELnqrJT1qcDG{_V8*d~U>cYcITyfG
zn58g&LfR|qLy%ph02MHovt)&X`d5WYCy(<%#~yKPGA#Zf_D3C?0{empUD3y2YW{rA
zU9K>XJ5~Vu(uG^&;ugZbvf)ZXYaJ{C?s1XJVf+MN&iU4{b&g#I|IQ`&jEk!a(=RUE
zddGqb6Q$~k-?K2aj4n)`WBNvG@YQ==nW8E_$4fwdbY%)vb4(v`m2(DXb;n+D;jV<8
z;Mi+0l|fUwF03p1I;<92%6YP5pSbkOU`>MghvPG#2FO*MO$n&uOPAo)xLY{(m5Y20
ztffnEj|(>wrvJnt9sLHTjAwE3KkEc6OcQ{EtE4^-+8uX^KA?(!aGAWzL47P$GiDCw
zGRLZ+ihLcXzH!<EJr-5m>p5FHb{wj>|KRM1TSskFap!VQBtlQLo@IP#5+e)P3q1*_
z1aIVA&DoptWXEp8eSlL-aRV4Xp?RDYjx}=OZpKzzExV^V=HuSWsTH;{OpSR9=lAL?
zL4Czl8PDg`+Ar43v0HI#?H6kf<0tr^W|WDR=T<J<0^FLSTAtNHN^c?Oy_#zrY9X=P
zIIF<4!k(!wjjCyG=hP?Mv`n^zsf2fM>ho?alcBR6TZCKRpwlYZ!LfhhJ_x%Q)n{iF
z_fAfIqwW$^|AUX%U7Tu#Y|d22N)}^$?_e5GCA^zct)PH0$L_(cRuJm~<0o`4r^bp7
zedktjmvA0~do0=mmG^y|8W&=HP=#B{`Ma+F<8WjERl;SQ8l^h=xq!=Yd$<+u92f3>
z+&`<?IL>w99>Bd(DRT^f$@^cNx5Knb>I1y;UcsqZqE+$&eQ8$H<UvkN6Tz`A@<X`Q
zTv|GFU@G9loN6tx2`<5vxYb%>6CHa5w^~bV5{#eFqns~OswwCcfYN)6{DZGW=c5G<
zuEM>6fMP{3mHKf`eSNwBo$A7A0Ir5<In@qG39jMPl~l)c$JXN3m9GfB0>)3MoU;*3
z`STyK*-W0mtv#NOGRL08eKc$;dX;1AaBGXLL-!7HKE?SpCD5`v3#P(6&6$BiE9Yz%
z_Zi&r|1)BazBH`bt>@IISxV9C2*^+9S<YdwGV}%)`8nK|z;xW`*z>qET{vw(mEH@S
zDX^>2d5*n^JJm65N)_%U)&ESFpzq)YJk;;AIki)j_eM_jvDmFH+$P-WV=)8cC-gF>
zW`b7E+fj|JS2#5j#B^n?k8bAdDW>*+35S~SRZeBB<#ZEF8NbG<jKyAosnoA?Dr2$D
zFn)snKS^`{A9A~JZ{SXL><#oN>^C{n9ovSMDC4&{m9m!D_khZHE2jpS&$$DpjNj%w
zz<Dd@2QYqu4Xc)5v5#H2ZMZe^wIY7v*mm6d7N%CePaS(#<1gyqXAZtc0A+j^=jV>S
zk6Rhv!}$e_pU@6YWi0lU3-<x;_y=vihN&VSa%NM@rRX;<+()<*a4%E;f9nG71Zq32
z1!u1d_%ZGSFfBOWJN5}~eR=8u^asa2#jQeX&G^x=&v2{IS_}5U_z8W^sX~h#P&oDf
z7o72rK2*5KyI>EKv5sFH+l_mcW52@W{E|~QDQnT+UAV7sr^3onZ7RU}51T_V7q<#b
z-MNReL^qf^B0x3QH=KG7p!s~XW8dPw9JU^f{(rsw1$b3Q+kguvo3(KXBt&2bf|mdx
zM)2Ssw0LQ7hv3CYaCaHp-HJ98C=SKl-3x`{R`lG@5|YwQ+xPqbbGW!Ovu2)gm$kO(
z_zC(FnC(SPYMM#qm0Z{l$xO3n=p`4VwIs((BJ&(17ch%<aWe&9U?7gA6{I%Jq~?ob
zsqyknZE-9$UmS~>d{<ji@){&?sqtQzNkZO$xEC`YQ%?L6_hOb#_mBJ+&!o*t(~u8y
zyQ97XX|rM`Z>#&Dz6WWuVkY0$mW=xV5`(iSl`)fmKZ1Pa^#W>D%p`)JKr~X3tC@20
zyw{rl)i4F+*T$^hkCBgci(?yqqy}F{U(+;8AQo^3r50uqu*S1Y#ic&gG3D%-$wEW^
z$w$A%nVeq8Iz#?N*E0<hVJH<zDo=gWEHP#!F_X&k9cB`U9J9!tkkpg!O*wr*iMf<@
zq$!t-X9-P;ppj`NKXoQWEXCEta9iFb1%^^Cf_#o#%2<B-Oo~O!S{j1-&!CBiBHzmN
zaQ}HD866)bP>+*n*_2yS?RK<mPfh^Yk{k{rU?j+P<Y*WJL!ci-Lk#qX0niFsLsMu5
zvXdwupOp{O%ExNI1NpjbaVP;Lp%j#XvQSRG2wNUa1;`57Kt48n432~BE}jJW((yLf
z4m)5c?1J4OyN$BD7z6!5b`=N0Adua}Autq%!EhJ>BViPbkuA-!XvTqTGfsesFbO8Z
z6i_e?ro#-F33EVp8&iTC$S&gx^7$pag4gf{{)D&i4&K8D_z0gsh8S0gxeXG426jjY
zi6Ai~0oks+j)Plp6pn#xO`d?0AfJcd4SV5NH~?#4J#2)ZVGC>psjW|_HLqYhgzw<b
zKo|srL8c=^L8c(`V|RX#2{J<#$O`;Et4nss;i@82Xr9s1FULTC7zjgPC^Us;&>UKT
z%+1R}IFy8fARhsq3{yaM8mGcEm<}^wCd`7_ARldSLAZm^UqihPH)L7b6@zXN1^e*y
zS2zHNKxPypX@jF+G>n0<Fb>8;3*5+;l4Yl|3WP!c$S&ngxCOUCHXdc8@i%w?f50Qi
zBp<Ps9mD-R9Dswc2ljz{x_bls1hMcl{0OU{CA5Op&=i`%GFT2PU<oXRMKBL4Kt+&Q
zPB>~YC=Mm04wZr$v~Ssc^aO>F%qXV8beI7%VHV7WIWQOI!F*T%3t<r~h9$5RWPF$L
zT*mK}unJa#jNS4B5Ast5MW^v+I?RMwAVXX`h=R@_gF-NbKt2eA%Q%*4(KU6#R||<A
zg?0mMg3TZkQJHwkJX1C{XM#-IdqQuBfleSJ?{?S=>tH>Mf$q=}T0v{51+}3V$kv~{
zEG^%QUI8nm8(M{CHOz&1Fdu4@p*Ja683APkRaBR$AivT!5t<;A55gcn$o^p=C=Alg
z%a))6e8B@`OHX$2WXDc+-ejkZ&q4EHda6(l9_kZF8&vtZw&tjfcy0{y(Jz2X(1qvv
zM63Zs!csDGE|dY8Q{DoZGs+ZEri3yDya)H;caZ6yO!uzC4LAnJWo0chVVU`!g5JbR
zw&P^`O@3l92KvJQ7zl%4C=7=YFcL<?7#IuVU;<2pNgz9Mvh#Ku?!aA;&94XW5Q6^T
z&m)ixtY`2XUcno93$kJL5k7${xudDZKAL;9Y&#_f*=kA!slgp&n<*`LgAe#Z2JnMS
zkQHR-C<n-Hkw1izZrOzCL=dvy@dMNWc@KU8EQDLw$&_X?@<pWDT%-gp!4?eVcLZi(
zQ4ci&WE)w2Yor2X#bY}pgv5{n+`t25$LAfg@8Ki3@GJ{^S+t)68MiOMJ_7$0_Jb_m
z&&Y=8R4k^!bda^I?Cy33+0pF|vTn@`SwM~{vO#vp0kSNWgBdw&ld~{6h`RxDz;_F7
z!yS;rz286%^dbmYmZbHdkxa;BMVJ?ILmrqy0@^}5h=LBVgsfWxvUYll%sZ$|4#_#G
zoQs|TIro%v&hsEgn-@WjGcSW2VP1u6kcpg;Wy=<b-pZdhq~H*-It<6*1e}I5a27UV
zFDr&0K~@O^U?2<vSt0a-YETqp*3UtU{)2EqsKF2dq0j<aLM!lxbh05cn+VK-_D~$c
zAs9lS8>#(>`W|+|F4zNmVIS;=ZSV_RB%+r=err^AgJp+#3XFsCFcxHLIt*kwS^&bN
z{PUw}19F^@3-W*;<ipcXZ~!LpJQ*fHDJTPFK~8%n!Z?a%Fzi7uC&_Yh+)pYq$WO$`
z*=P?EGYlHQ9PH(jgr{UdycxFsgDUHrmN@W-dw6&seuu{(hi~4{3%wk$$$6UmIL1Qg
zguCkaE5F<#-#;pZTwy2z=ZMfq>Or*ZVN8OlAgeoBrO9Ml);BW2mI?JM@WoMjxQYH2
zTmo5M$h!Cj$nnxS)bp?h*1%dAD=HB`i+U6qp_j?J9PDtA!-5P=M(_h~kYAjT!xuSh
z`IA`7?+~W}OHGGfQYO?Rb>D%UkH~q*V34B-IeJ(Dt3dWZe#7i{kd6Eo@De_Ni~NeH
z?9iu#G$0%4=^#BgAPdO8cP@nUfTU&)9?pfOkQ?$qTkP6F6KD#t$ZdkVVCVTY>Kl+1
zhO9KiT!<xnUC>IM6oIqsw>)fv{RVR8GAZ7Q{ukH`2{6;Z@<+_xgKYB3rmk$_#?MXp
zAraZcjh0<o%TY5tZ2}G9pXx$#Qk)V}K^ky}54iaRvUhq7^*Y>un{W$m!yUK_zrj7Y
zFYW(#G;+-F5aej#5j=(`@D!fGb9ezS;TXlSn=G9HvtTyN0V$%~AjR}gkzYpy*T7l)
zIwbA?D4KmBd!XAO7CM6LVfKVXkQ7qE4m@{3m957=;1N8ASj-orE`wDt9~MG6C=aqN
z*#?RsR~$+}Nhl>#gVIn2%0f9P4;7#yRD#M-1*$?ds17xt3m$fZ+E52%`?3KvhMG_a
z3PT|LEnwVBxY7TYfa7;0cgc`1v)k%3WSc{_HOjzO<f8S?MYa+PfNT|ZC00K`cW4Px
zlV#sS_BlR*3uaQY#oTHY;<>YCCNi=!xR@4@2oi&A09qA3wQPvR?_A<64D){r;5b?9
zNu<3X9i)dcm`O`&4heXc)+8H!f5Jf`e-ciC)TLrl{(q?uJpW(oL;Pa-w}@L~P9{rp
zkl0yzOO3&dSH0YsCdvk1JCI0wq5432curzpLS>i>-Juus2ASJP3ARLS1|^^vgn|`6
zXQk$(uIB$gW{L{%(E_5srxYTkB%l#Ah9=Mynn81D0WF~w$ni@XaF(IYBK(!QtygW@
zK=kKE;7V@T;A?eS#x&W>OA23;*+K5@2I;7+Y9{)(aK)+L>5T>>dv)tzIE;i*P}3;g
zl4yM)1ITXMYY@N6qJAwNUo-z7OI8Xt<p0q9{r|6ItwKpord#@hBz!wa##&~Q;4wUp
zhMG_=flDcu@@U>5XbD;B*K)_QpDV*0|GK77kCJHFqorVE#wt^6nS`uFT>*<=9?XR4
zpg?A|G7%jF(#g~XnUqQ?%HZ@C_g6tmQA$(V=OvIefvgQ=ogixlSv#BrYLllvwO+@A
zj9^2d4=jr9lu6^Qpn>?i5avS+^n+$F2V{F>D)a?esK}y)jMTRc3Zd4Af@)q?%`3VH
z+QJ~#VkP%di=&1^Q78uWpf1#b+910QHQ`&R0o9=zRD~)~86uz(RD=pp9?C&kC<CRT
z6y1?aNi-#(C43JJ;5+kK($fSQLL@YXM$pt$#k>VH2a%NpS{sn9ktmR1rVsRh?jTDS
z*=Xnt9ib@U>vPtwJp2G+*%Nv}ZxBIg|B~4fK`WE{qnF5vSqw<vK7e;FVkhQe#)RHw
z07wMIUcq3P0%G4%988875YNR^@jzDU6Jb0If^i`8Tv@9O0r6xgjDgWG3Wmc-7y%+D
z{!IW0ToNDwikX$8G3cYkP?!zVVHV7U8DN>sLq84Xg2)I9Ks>e7AvR-dkugTbnx4=D
zWbCN}JCIEP$zU-ohvKqXyaY{Ab)u-2QMqN-+@hE9EGbwD+r<vH!7s2Cw!mii88(4*
zZ9l<A*Z}Kc9jpae@B9d>VHK=|6>t%DLMzw}hv5($loH&FMl7Tf?Sehf21HQIrDE-e
zeb5emg#&N_&cb;(2Pfb-9D}1E{v0v&B6kK(!znlk17V@mp!sNOk!2Ae^Og=gXK-b<
zjw+tXa4jClqC7ifgPPb&Dh8rv;#r1x>DI1bCX+J>NFwtV{)9Uq5thW>f=eL9lE{xg
z(qwLcq~sc01&QHhxL_2OUrsG|wAf1k;*q3IB4_1*r1UySpkgmMa1$gER_evAMC=7T
zhc|E+UcnQ136|Y6^iSarcnA-qsP3b=2fxAZAdZ6IF^JhCcnuQZ2Y3(f;3IqjKXNJq
z$Ua&+@CNDV-9h%;UXybdVIjzp<_2!0BxH&6jZ9Oe>}K*H>mEt{bW|$`WX)R~Gg$*k
z>~o+Ffk7a-Dn&H_dV(*=S~(raibCp^tS)4g;R%xa*Fj1^)>85dSP?Q!%?`30k!)TL
zVdx!@4?-ab0wFI*F$ADWQAoMV!YmVH1Sx;nNk{=Qo018U3<Vl$0+3_CM34}~E*V58
z<&T^NCI^YR#9Cr2WhxW+lpvG$4m`_NL@JQI5!oCT8L_iuJ<vyCCMoj*iLCe~&)y)}
zE;%bXC1H`sXuUFtfFFos$!ckuIZ>_1SoV@rk~3K$Gf2~wlxG2PFR9Ij`VB}?i93ma
zxbp`IT+FTPzaULD1OutH!KhM$sg-&ql=7BZ`U<4hN==puY1L+_#a87NkIUgcKS)HR
zxFj<2uO#{sP#k0iUI+?80SK4!FA9aB2#BTVOF`*)&t=e;1zEbv64qMEwj|(YuoPNj
z-U1|>Yk^d3t2s;GA{F*qRLOqHl^PH&WoK2a>KMp6SUiw6E_UCcuM4%I4%CDC;J~gq
zYBOjGO`s7(!uQYs8bV`e1znJDiP{6T6LdGsxHpF82j~V}#Sl6}C+G+rAPU-p>;$!i
zHsFIN{ZV5;a<L!ug+9<5dV$yt1_dKw1Pq5^FchY^h8qV0-SKQJ2BTm!NDRlI_ClSA
zIvys#6qp2)VHzmc%$j%f4Wy*XNiA4_ngiy7WVBV)BG5}UoC8uTL{|D<$!jSnd6phx
z9?w#3EpyR}yZNvIF2H$M0%zg4w4p_4#8M0w!#Y?GYoRlqiusSQ5>~)+SPIKvHLQX)
zAnrtVJ8T2-<0se%mOruRe*x*Ex1w&5K6EphpJ5Y-emCrcJ+KRQ!VZvHBeg^9WklMG
z8i=|d^;b9yh2S7aGdKXH;24OVm>+_paKwB*Bc*>DPMGQ`)RS-yB!Js+6Qp;!fqEUT
z!WFPmdKtYRT!L#LvbRu0M$Dziq?lfze*u5M1IP!_clh%=+y_b7J@^gon$KeP5T3##
zcnnYAIXr`xAk|rpiDbhxF}%S{W+X)+5zh(14jLo?*<5u67x|U-PY8d65AYt|!CUwf
zQXrHXRnDT4fSgMug(kRd2yW=59>^}O^tX~y30P7t%|Id|cAk(HJV0h3A}8i=Tw56e
z;=o5YFedn7DO<f_o(0mQmjJBnlt9FjjF`(jDl2Lh$PCiX#(~u?TcR(@=Q;wl@aR0)
z%ZW}d@Q0l64dj5*P#j8u?243xN>CAGt5CKKr5=?-Eele=tUA{kz3lEu%c}*}ET<;=
zs+fO^T19f(9Ze08?oqa9JkVE%YVa-3HNa}#)zMc28QVqfD5}iWB;l=iwz|dI$jAh>
z9_lXColqA&d8<G7M>Qswl-Yb9VxS*L=ie88Kv+Dej~XZZ&$8bkTOT(v>5%=+C8+VH
z@kzU3))l(g)T1D+ezZhd!muJGk(3BaM6Jk+deM~GjVcpbb6T!XSY-LT3$xayjQEiN
zl0jeW4x)-5;#R^DInzGcr5^%q;|z3*0hsj%S65?dwHSMeKq3$i3PJ&hK}Hrb5@9RA
zf6FL|h?PkLWv(z7$8#_oggOu;umvzMp1KEp{8UI}tW-;ctiY3?pMf94On;`MPJ;;`
zw?D?gSQrDNVN_%OjD!&|943Q;DKH79!bFH~CNhH9S$bb`N&=sa*-Vh0eirI0SG6rf
z^Ut#r{d!mjn;;f`f{m~i*1!f>1<TdE{F=LcCE68gZJ6fny8^9L6iKG|V!8Mc{c2sB
zuPh*$p07WP+Z5uR<zTJhofxgqwQ6Mnjjs)Se$KW9?GD%q5~<DbGsF+Za2gapCgRKr
zL=H8rLXf?vZ6-$GDdIabjC`yd*@L76Y6WJbzRU@XERlogon_pwrn7yh2SAdzANGP|
z%_=>)nJjN4l=x0WT*QnJ)$xLwmgI9xKIfEM5-Vmu>Sp>|!AEf>MSlbift3x1O>^s6
zWa8_O#e25=h;Q#K)n8PVG=E8ITz&D4pUn8xO7h-FVrnaOXE2hK8-<!rx&SK{=g><t
z7xf}sfvZp)GwI7@q`Ay<ygn^RWULYBh1enY9Q7GIg(vVB9>E{*Pz6z|qkltt7w*7q
zxCJ-i23&`0AS2}))IUKcJfBcM!h3iJA56W>NvsKvD;2Q>6o*1k5airE3}gVzhZ-oS
zd2)CzvnQD+<VG(C>Nz0?WQVMf1u{cA@Bnv64Q?QZY$-tooD`_;sL4_7kPPzhEQfIk
zKxSSx)I^X35+|s{1O$x;YakZ#ENU7MPd!o7f*fLagLROR34KOzfW8&3b{1yO(vQb%
zAXAfXP$eCr_czVOPSR5vvjEh*AZZH)x%LnQ!63H{Bu^y%WR$L#{E&1@nu~y>RqW-g
zMXpg4l?*M0Mgo-*uu7p0`dT2n(AA&@REMe%0a7ZJU^||rH3O7_sR$AYDU=FO4$4CO
zLMhF&RVe!V%2sJeDSTN1Qp3w&E*U2oD7)d3OX9JWL%sx<2{J+z%qxRLS_;XEoJ2|@
z@-6%&HyF$G?5K@}m3@uTH-d%`3DyOGdgvRN&-GD7rWrJaCQyPR5?OKI8U{iukb$x#
zY759t-4}nPjYyMIr;BQi=mD6Bi;0+YK<x?9&<A?MY|Nuj+rV`6lR#oS1r!Vh%Uus-
z+Cw{N3*uJXh`gj$^n&;&D(<)=V;XkEP?9i{=T4}0RC$)8>aNfky1)<69mIns&=7j@
z96yp0k$%t@BqHLcB+`mNfAlfXSkB0YU@57va$-CdLtrQj28q3^X_muOE%Q-4OUsi!
zW;ps`@Dlw9)R8a_#y~dAr0`{dJ6cqbFa}Fj7Y7M+GE4-^b2s$jC@EN;4?-`IDFIT$
zCZWcUu*iwML|*)o$V;TeOu;mm3Nv69M9<~VY?uQwbr)o#DL*ltkJ&<4083yo@L!)O
z_CYQ)`sEl%Q;~U^$jJ0c0$2u1O;w)LApaISseK|Zxr7-nEu%>bs}S;tC$!phv<6ii
z$nw#Fy{u(q1W6C^*D^<tTMtqcG7=p^FTL48)cx=)?1R0q8-9VU37Fe%KqD#K0-IqY
zY=WO47LwxG&!`d!`L_%GPS^q4VH@lL$?5~BhoLe0MzB<F^6@X}SuM6|2`!_RzDc*J
zo{d@BX0GV-Y|ZIycWthbK>-B<g7UdsQVYsxA@Y&L^JTOaw)cFOrmPn1npkxytA(VO
zev27nOmFYPZ(9$o*+SeE2nY@cbn#U?%W6J+n(tCst+H#F%2`ee;S*`!m(zMCxs5A2
zshCi8t(@lLE*GN2lY2`?q&j;xVMiN3z>=)ImWdDUiaj6iD_0)J#*>;<UQ3f?V?w$;
zoYYi5me+i$%6(`r9#cMYc^9(xN9ExfNgRlUel^S!n=DzTS6n-{qZc+odi?b3k>V!t
z?J_HN=X^TN!*wFQxM8wcc~v016RJ`L%_q-e)9+#R`gRTI+$zk&^(H1MkZatzt$cyW
zrOeJsEi2zWmBWK?GLNsI73L#~M=EH!_~7B66-Y&xN?(yw^icUKl4E&EX(}A|ZqeaQ
zk#0R|l4JP;f&xMqfYi<;b}u!(qE?OHm3e@$>oJwF61g{DwXZ}OJV~MESJHxQpHir^
zm9(R-+0>#4gaXvHCz_AyT3JiynpLH!Ojy0tiuowRREf%3f7`P(YVOaPx9vk3HFJ~Z
z?MTb8mysy6ef?8t__LBj^(X}A3n=Ik>aLC>VJqdXW;fG3wE`|R+|`r1ns-<vZqndp
zNQLl93tkNSV7Lhk$mh}#8_D716Ux*~J?MNn-6k|3l&-{Gh1bKkneM8{X3bl5tfy76
z#k#8<7=|6jnbd({9>ae<UUH8+&VmAhg7O6f-Zwq;J>FHd8S~4MIGa!Is?lyd^zl&N
z)YtrzX7?~6Rlq|vsIN`89d=i5>T40UUTIa?@3i2sPxM7npcz8SHon(ua%SBpy;@8o
z#*&<?SGUhv5&TO*%{4H990+DM>8VzKNBp)UA<3!{ems}MH}#S@i8B}zaE$lcw?Q=y
zhBc3~x$mjo<JR#J2@(+#SaN#9*o3KUaT2M$RA2*q&q2)-KX$o1DwqAft$3V7VQeI3
zt$!}EG&EuRyKy#^y;MJO+ZYM)eg3k3Z5}1gb}~+)D>f466=hq0-?><hnQ=BFywqXb
zI_8<-`ltCO#C7DYd2tdOy{3GR=Z8#zCZ6w;q{`^=Do)@UHWIPlrgVKauh^?CaW+rA
zR26ZX(A$XEFl}Y4hN%nnh?DTaMj{rRx^L|pn`<<Qv&rkNX5!XS3JLLj=biCO-Mz}a
zj+3b6t&WTDtxew(rw-4x$#v4<IEg-{+pvhkKh2x4p;w&E?To6LQIDTy<lD(q4NTTF
zp$bv2=SHF~_EQ;FqW<EiIyTfi)u;sawCYo&mdMd4lhLO%s?ao9=Haz2Qh7pXsPrk_
zGpP(7c26zTrDtYUq#>>i6U!HGN6IXW1f(Y0-o@YMNZ&@oZGNd=1zmDxQH?aaM?%q?
zad0fmYIF(N7GLv9I=!1z_`rbt64Lstsv|AOwlk~Rv6B{*wUL(2b~u|V-iV~E%C5#V
z!g5n~wX_l4!oKY4GUj2)a~R!etws+&y&c#172XBY<*_Y$0Gp&lE9tBo7Y8M}6{6eF
z>X-(8qaqt?!4AKihD6clJJud_%hyVec%VqM$f=^HQBa$ZpbLxf&s+Zeo9{fHnG!^n
z@UJ&U!fE({(jgcfkw?Oifc!2-L3sFu1cbSiqB={TnC?ycKbBR>JVN&~Sfq^ZM_h!t
zob;bu&F-PbHPJN3Q~EDy*$>+E9+IR`*c`)!<e62#Mpx#MP|VDXR_~i=p|*J5d|4a#
zBz7m8-N!a3ml|cWd)v&yQu~`~&5~xwZS?v^lsvVdK%;hfJ91%@lE{?1*{+QL&e)%g
z$b<z11saj?)C!VB=~2DE5^<4@AFqPB)zME#SHfrduo#yX+xGl1uG3|FmZBuH8|7Ah
z&1n_UNKjE@Li>!K`mE2ot5(?gTr?Io(xUb`+&|8`pUT^^Dd6InM@8Y*VSN{|!_;G`
z`VEUvNQ4FihvI$lJj&B<4_2p}Yw4<$4`4xvM<ElM_S!jXZeN>gVN7HItcfbU*n`52
z8y^U+k^~Qe0`djq4{>Q_O2m5ay?p%m$J^M*fE-lNrCWdsZ$WJ(kBhV;0bfSK&Gi~?
zrG`1L71D5u1gRY@sQK|56Lo9NM}{ocX8Mrj;U|(`_v5b(-`nP-zDOt0s1+G?o7yJn
zO;xJwrBp@#D4=Jh-W4EmwIveH8+-_r-iV{O?RbdFjbCP!^GHYwmzawGVIA@rU5)Sf
zicwAHPV8=T_1EWToO79DVcg(q*)X`S7XM5?M3tD>28OA?)~H5){O#E>Hov}I5aa#b
z=yEaBdcD`nOvc@y75P;^T!#H>N~8|xTD8x)JA>mSZef#+d^q;U-BE72?-=E+kJ*U}
zsKdB*<SoG38HqnrpPc$b^$zwpx3vpQX@fvN1nBN!jz1XPd*SoRN8$wL7f_*XG=Ild
zB&1S(Ikj|i-C7{FR~xOat0QMYeYPJnK5zZe**6v~=;4|SlMFZtEvVeKlKSEWRpNGW
zwahUPdnv(OXBKom(RN(}Jy^X@tXD{NMAFfskkMst@$gLZ{n%*(G}q98kb=_G`WI5$
zq^8b7LZ(gCr$2gBeC~;laS~gxVGAbaZ19#(qo46Z9iQEvFQk&UC)uw|x9hWM-v{0s
z>>ekPwy-LWL|ABHedQ7}a_onhu~}089w$*78^)8EH<8o&h0Z+4sl64mo`uyIajTG!
zO#S{qr!u80_GLz3No>K!51afsRuu?-cf4$z&85QXvc&AY>2^YYN4<VOy!<9k!mo&O
zi^BKtBKj&KrdXotEjkZ7&@4`(4mL7}^X*mD^-iBNF>y9si>OH4I>sO&Ig{$<iJ;u?
z5513*SYAX;h@ym6mYyOrPIFpl^DU!3c3`B-utRJ0*^uFH>kfo+mQic4v`sIgW_Loh
zhDXzpC9eWIGE7!2t0Fog)S#@IyONQ;Pe;w+=uTgmp7{Kkx_R4=p+~0a^?*4idk}@x
zj+a_mb)ciRHgU4@MvtzJcfuztIG^&WNKfL1;Q(9l3Tkc-yf??RLR6-p5A?U*`2IR#
z?Bk%@S&Y#$IG9PY^C`F31Xog9JL6BOO6qK9?WnDKCAGK<^|28<Ytjn_6<e6C&%o5_
zh-pXw6A-oxDybJ;v<OEJBxE$-a6d!DlOF4L8cm5so6CSos$VR*Kg#r@TGtCjl3$9r
zh6K@+p_tf@>q@ATE2-sOwHA&ANT$XwuM5R8&s^y#e(C)+>(ELncQ+P(J1R{Xq<N^N
z-L$!m;tVYkw<ml0cAR<c@F@uyUs=S6zx~OgK0j!o4lTmSj-)yIRJ-rJ_?f=;Dj=Ed
zh){=rAc8rOkTJ@!bMl&slRS2dgrqXirEtWQ?$o`C2r%!A`KH~I3g!GgTObe`pts7#
z*vKsS)S%h*mOd!*M4U1<h6Mz6jZjs(lY<M9NQs1s9N8gDwZoG<Tt{G%4wH2eY9_ur
zel;Zy`4mY1=6pa_J%S;Ujx!PJxJcYULh`s}_n6X23MOx<OX%~V2N6o^LH&IZp$drl
zF+#Ny)u<Q2R;5u7d$8y+YmV)4WmUT;g=`3=RfT(LzP9>Rm0NGhqG?s-H;TL))r;!&
zrD4h5OkL(wRpFzN7{`NSc~zqmEKsKT{3Z#!zO%UoQv}oxmyK1`_1;>HtwMFxqz_T5
zQ(aBzLxrhO)5wqoZGPz1^W%5EMs<+fu2WNe>_Ze9*HqqpaWSKoI$n+E-nCUkU$Q~f
zHp=Nu*qv)rf4nsrmpGH<(z4nrMqK<-TW#n|7$=dGnf`a_s*L<;<?W(KQY0dIueNgZ
z!_N=3RaigrfL4_-8Z~hpbvBv`=BT5>W3+pp+iQ4#t(s(%)F;Wf<^8Fr+3FbczO8kh
z9ck9IWlO1f#zH?|9kpgSlHqk!*#XRsE7nnyP`_5Qi4ZmW{Qz7vsiQmx;-Xz0)oh>^
zY3o);?HQ=~Ir<Zp)SoV~b<Y2I>q0TYA|W!5)!Ra3(y<80pfZzhdJiHGZq`vV2a#JZ
zF_&4}<iSOfu6vRHp&3aA`3rT`aU^W_>#E<y1uioTrkby<XC!M&=>(UGw0O`I7Zjxg
zwbQg|Stz{9=`QcfW5bMAiupu6)ow7+w)(f@gS9XlxsZ4WnOXQd)o};`8Eb{KcI3Zp
zpcW3HRv?mnC?fgl#Eu!Ng}K_2=TLr&sa02pY3Uq^iMx!xW9F@^^`Y;vT7*aUC~em2
zPgO$|AQ^3i8#$bCO+UnQN+H-Wx1o_Wt9Q@8x}ey@)p#Qn25(k1R3DMB^{=CXN1$3R
zQDa7E-tt?xBiOURBgaVXo})gsT)LVKOK<i{m4EdMn`=LFXUAwR_r7c?RwMb>_TjBY
zjHYQ?;ZqA<jMn^Z>zXOQF<MQ>t7gWU<j2-4&K!2%=1B@9U<%RRT#Xw;26#4Cjm9!!
zY#&1-&fHvG#W3tzbE8#0Y*xS4l_EPz<BT3p68<|jUZiAYhoBAZ9yOgEmnHm~QSPzS
zn{q9T&ZfTW%u8io&tV@-&wI+w2#P7ZDVd)AOv#m6rygeQ)xoVEl2R)OC9;)TjbCA&
zgq9qM5A9snbj(~@R<BZ{kZ?6a@y&cA%Z?<OWwjzL6q_Zj)O(4?D}0wu??m0@$1A*;
zbB8=<ktnsXU27FMj->Z#ttyVA@KF27v$>dKRU2wezjgh<g6c5#j$Unz%<S-_duh)R
zHTm>4nW=YH!`n_7k4LlGsvR4&U{$+|md2K>yy`Vx^RqF~rQE0mBqZNmmb6vJ$5Y!k
zv{mCaYK>L&1nrEYaeHG7sFM7SdhI``Io{GVBq^`jtBw=N2K|fVB&El_1(Py<d@d_q
zvmOpfW)xJle(kniUb}uJHj;%QY{N#WZQ}Mwlu?HlO_}}B?$@XU5@u7lh>c|b*(zn1
zJQ#Z;G|tysQ7ZW)GURcT%07v9@D51=irH49^={k8Q{#{{iy>hL)pZgHI@C#3j3o!m
zF<YgaOe=J{gw_ZDVVza!$#LS2iJgs3%KP5OfJ$S#?K6`>7R>9cR!%1Gw;&-?u#I=_
z)xGs`1=Ch*oH*B6T}LA92@*0XnzDNGksltM7!)Uwtcx*V4oLZY>6M!&H^<pz>!Jdt
z;I=dpGV$J@_3F}1ix2jTlW2mCtW5LPyi)MQrIID$YzB5weQ@hofP_q_d(WR$u}7T?
z@g#P2QEQN}UF)I_PGL*Kzo$`~lcmf&rhbWUQ<6$^7dOnbNuTM`pOrJzwMHh=U$UoS
zi1v0=N5YLzw$vDTyh~_lb4enVq;XFbgG5+oB+?+^IQ#xm{yH0F2h-f?8HA1WhWn#3
zr95%!r;XS!ffBd=J=IY~0UzvR<lPUMj`SUMC*vP+5{)V;$5cw{P9Ieb)$s^P87&&@
z&3(_OZ;mQRQr*NauYPLwR8pIxp9)xm%EnIlHAWdHoW?fh*K32*?HYYU$K0;5)s9xf
zrZEh9^)qr|WV1<Yw_ZHJRM70rT)bk`6WQ2l8e_E4!Wqj)_L@+!67iEf4(2qbzsfot
zKc4nCD)ZRv^ZE>*U4661=Vj{q{%X{8{75>$sEtow=3YKToA+m&g!h2h9n;wd`}YxC
zy_%u@WDWdk-%KV$3<ecvks%?2R6kTli9tqn*m~e}^BXM#Wn?yI0hI@-Dzk}515+Y%
zgLLg?%*~NemmoQu1Pz*kKv-u4q>rl~^xV;~Q^H0FNH0iV8-k4t`&;}Ah5LqAnuCqm
z>`l*Yn+B;?vx&~dC^b_8a~o_#XXP&mH`YtH%kqnoHMhiUmdhrCl{Sa5xAS1tZVoQ@
z;8MDWOqcRT=7`Mn8$B(X&{8K>4N)Go2qS8!nmY&8^g%tG!-8c0Ftz5Ome!7(83)^`
zVXDYn<h}^eQJK`p*4m*z>~%|I-yTM4%z~dhTy2|62Q+WEN<Qyvanb7%u`MnV8;2V?
zGe6{Pl{t(4%&(6NdY<hWth&zAg3})xX>^P`(q&7yrD3D%geEPCY|o~4&eMEs=SQl`
z;?*q#-H4V?nl$ZdW=VD06eK~<M=H1ZNPMM#M&ezRDm`EG&vJW|(K$I^jYuwLRpaFt
z#5fIcJQ-~?z}d?uJn&3=axh`a&`jh$j8@kP)7hZOzKBT79b?4z&D-9scGaD<$mTj6
z6B*7Kk^>fK-fi~sEY+r2z1_QJr<zMQvj!8H209t6S)@rJ|AvHg2|-DpKJYK=LGw6;
ziF7!T48c+{s^r}@-{;_N58}!mp}1ixu!ittDj?xHn>3ge`R-WtQ6!v9NeUVb+w?<K
zTu7yQGETKvNN@9GoKc1Y&(_X<t6S;R1TCXKK?jaE+Dy+QzdrQrT|Gv((aXQkcy)B4
z=AAwpRZRxQjJBJR)gL`FW-z*2qbO`OCo0DxV&7__3R^@=?mf}S#j}N5g(m9ss;cf~
zL78Pun5YIJA<OtpqMCI+V?oZ%aU@xt<?M)^^A`4DyNp3q@2SkmoMSl>GW&V>rpc9t
z?uli9Hrw#4Nvh^zyfc^k(u4@%ksJY-j#Yg(dz!@Arx;_C8po_S%=-C~R)6-1(TeFK
zgtQ_Y-$pJqAuVjyu<!hc4&M@zOe09Z%PA^+32i-(Qj3?cu1Pmdja#Y(2Yf%x$i)Lc
zhHq|Gvxpxq0t3RNlC8%^V*O`|%p21dpZmn-x?q}mvXrGr;pxT*wb1|S$Zi#KR>X}t
zjd7o$axWu2H)g0t%e2U(FJ~C*FJoKFLtS2`Ww5m<q~0&1CiFM=sWyIk_$+C<gV|&^
zCP<%#%_^h<m(v2yBO$|i!mcNqwLAKplPgQY*$$TBmL05q;?~&?mLbuzu;J_764?^J
zELD0>oUdC7tHZc;x(j8v^(!)E1)e+Ggfax2Z9*9~V~VIMxOFTqVjeYio{{6qunH;S
zf`2hj4Ol@nOgi73(4{OGl_qVa3gj>KNeb9~zB(@9cSb@Q<e*O*XTS62M>{_cIZaqG
z$w+eh;pTKZ{63s8%agkC*DYqx4EbE%E--vKJ-68JC2qWzZAf!IK@ZwaDj^MH%xY9)
zb;S{<Sr47p*Tk#j6x0+kojP(aGMY!oPnjmKu`POMbEON@`?*4kRL50#UTTqglG0u}
zX#|qehvD+P6Q88*=`G{S$XEwp`CP2%=3An6q~gTHbfGS;rbh{1qEfnHXgL3C14~+Q
zi4isli~KQODq1X66Mm#fdMz{h#wEl5Xr8_CH!>;XWI~$U&}HiSj}+@9B;1I7`pgOD
zRG%AqC$32TVM5i136{g@>93wcoc^vs!ujd1F5&d_SGVEx_oKLVditwNq$aaHiE#?A
z()VYt{^3{spi;NV;iV$h5;Lc#zq$mczcENSKmFAuoSy#bHk|$*6}L`Le|3qCX3W|(
zn*ZtS_@9}IW31a8;%AfA5i_U9zq&+1Z&eM6u)J)2%Gfor@WU)^Mo%9W=ZDk7UEM8*
zyR*fu)5Bd|!s+3zZgXO-dMGiwveua5oLPSHz_2FOIiKpspd_1wdDbbv^-OW1)~l%X
z)cYRm)v)z+mi^bOtvoxNERxOfo+<AWB*I3lHyW({;=3~K*Bn`6)<UL<Umw-Y5!%^o
z!d&|~T@LF@f#Ge{DAvK|dN{&d0tefS<!>(4exsJjTmw&+9kkp(F~YFBIO!*@KlJ!X
z1;&!hFP4;!O0h;$dcWo8p(A~|)sH(~vNq7)#j0xCacOO^8=LYD$0p;J&B^&;vtKnm
z9-y}{{jA8^t~VVxPWl_eV8xA}u3v3%ooyq|yY)fM*dPD@>GFwOAj$AExnf1v^JmrW
zXUgyY^-#ICVuc!PyYC*ma5Hyv{{8qVtT?k2nb>(v$=&nHst>=%t%IC)J<MLXbm^rc
zIl2mS+R$_fr_D&W>Eo?d;@0`a6J4UQm%1*#JH4Z!OE_(Ux(%ITz%RIU+V$xYPOr1*
zHgsEkaO?cyi7r70vqpS(+I{E}wakuX|ErjceHPZ5sCO*7jdZ!<_9@+$Oto{j^-A=7
zcN>nm=pl3or`LFN8?NF+Y$Ik)yG>nUBV8^MVNP$a=n^9cm;W&*=DGRq`R0DrxNytu
zR7Y|9xypXgV60;=tKm5|sdSq(hw8jp^R!upMs-i8PD<0XJcxHdHsEu6-Dw_>SwbsI
zt0y}&|E&LXmTGj?8+NPkou4bYw{`yJh;=t|v{#y>wJVR~r(l^x=qJ4{gvDJH|1AIR
zcXyRy7i+$SS=BeYIM_|S$LLM|ez2Q*kBZtw8c~PsV!Hbql7t_#;`!_OfoC4?*Lz)k
z88NDo+OvyIY%8J0jj&+HTU^K{SIr!ckFOt=+_>qb$JaP_w(?Y6->szy|M#f>f6=p8
zl_S{k^&4+S@9C)px@h}UmAzEPuV2JVy^q_}<iVl!87mfRQ(+*vW?nkVzfZY+;P7tE
zUd=OUL&W3|>|ZVld_KUcwvVZt)$>}lZ}vWpqpZ=wEDSX@xjoH)s1~_Y<Aa)yBWS-d
zWVFlqJV~zX@0CrK8nSS5DY;*D{FT~U6A4)l%|Vr8=6pr+d6&93Zh=03*Cn^^SKEFi
zQ!XMQ%a&G)YX3C8+TxCJ5^u1PJ;ow_*&@r{o1ZVv#_NDezMuA=|A28sKI}ow#Tyn!
za23yrN1X$zI1*t!kdU3sX(?*^>@5F0O`OCuY%*h$HK=+(srsA8#@TE+pvH*rSCNpz
z`vZmhHVW)E^xHTI*Mn-;ekQudju@%D`f2=?mf4Q^>w~PELAqQzqTCM9EPg+tR-!uI
zA}JHB(VuSTzEiAmur8@jg;E|>ks|RGznC-|e(76AhIbLRw@1|516m8N=t_CmxH{42
zAbt!vZcM9NJ>KxRMrhZZgu<jqj+Koic(CIut6^eX`-J+4A7SlJ7$?8YTV42l`0cBw
zHCckN>A)>=Y<wg?66PA5Ean(XP|Ifa2^DdO@HZhLyU~45d^**=)3H`@5~oh67$m|T
zAt8-@b>61C&kSqt5+{-Lq)}7yw8~+xH`;zK&L+o6byR#Wjf7l?@X2%X+ohXlu%m5-
z-{P#gewN(saaL`+!EspVVe0+Jv#Q!*oXtCH%-qi{%XsUT&=qg>?l7PLl{NOP3OI+e
zqi5A@ByD%ksvVb5KcOB)O@B^36dwwmGb+*ih0Qwd+tMSA;REvom+#Igzav^?cz+}U
zh}z%#N6W_Nyb<{tbrOVC>hx_p8^fGl{w@X2E4Q;+X<Pqu>d7%JIH~2rH2?f;Chl*s
z>~TRoxkzlMUQjQNYLQtj_g{~T=|Z_((bB1oM>)1J!;Y_JJ+8I*4}O_>rS=`ya(|Ah
znUQMo8LjMp_rqqSI9TmCqvdw|Q!@UVQC6|VcV73OoEv2odc|04FPNRN$DCPndl;n}
zB%K&GG9^i#w0XFrRmRtbO&B(HuBZ&B$ZNCaINBr03@2vm>qUR|yjX8loF9X)sCFW0
zMb4^IR%ykL?0?9jFDpan6}9lRR{C>}Z@#LYou)_nd!dIH4GQCRfI#~-Rs0Ms(DRzH
zA9W$o=-=uL9lex3f_lh(JD0E9{Ey}NWn}+H=Pmx)njPn^8-3^2JkLvn&DuRo&OeyZ
zgvK@CFEiO}mj5ANgKwzg*C?hh!n75=p)y=&ZuLKRB93Y|j9#)=trm&KH%vV$u1Z+3
zY<)vHF3_zEL{fUoL3iE!CMQa5i>qc<Wtn|LJ-UwMW+bK8+@ZPdyWXwEc|%e<AgekR
zI;S>W_)m@h%amGG`9H_|bN6V4ZRYkrw^+IpKdae%*(mgW;-8&M&uH~dpDVqUp;mUq
z>(|Quhc0>FEn@|+XGY-OHv<x9qa_4$s+XU)fo`cuS7=SokdSSv{J$iM-QuYFt3GOT
z$%!{9Z>yVEXn!eg^8z6f{co$lt6V@yaa)bM%C?1}`q|pwnQ|?j7#>%-rbXKI`Lw!m
zmD>mZQUm|@;p=~>SN}S&{f8FxmHPD6LDlFSylwxzjatLBRonr;DYsj+S*!lV?@F`$
zd%xdZ?Y*Uyk;;_(wszJ!I<T#382j<IoO1rB8>(S<sgKtE6I8kXA_o)PNA*za?rIsF
zUP{fUZ-R0u_2FGwwX;j9hQ!uF%I`P&YG+&ehJ>>%eZz(={U~wkY)jveaCRxxu;Ehb
zR@^$AT}m}1*z|uQzF*>4AQSaITZ=)F11~*hJ2W)FkXU}-n9ol;a5c8yob46kY`Byf
zeh;_K&I1g$&dvi28!n}e!mZOwsb;uE)D9$U`|qoZ_q5;yo1XC#=l3<Qu&QN^4V_)l
zRc>^+wk1*@@Hmm<eebWHWF8x-8r<hblYaE+sYc${d>!YJmScp$ZVlSC8{|4u?+my*
z87x=s_uSX~lUS#k#(~+tA6lx?zia6dRO7eU8~?6(<&S!4j2t(HUFy2F%E8105X$Ki
z5gm$+^h3@2-S6JH-i;;L$PmZ~sBruvj(z7LB7;fMDjj?J4&GHnPi2q{lUorP{ZjLi
zI|}cA*Sr&4#K7wTpQ;?9nm*7f%PqbJuP}d#`H=^jSAq{{etV!bPvG{-MOA%>Nk%lS
zA8J8zzhUM>ayKsqCoo7*08Q`LXiA|e_y?NmXnuUHd8t8vkh&jun)iq1MOL18uK6Sw
z!1D)e6O2dm7z^uSl<$mJ#$imY3paA5$ylkEo&x<q-S@SND*6bobD-(;2*<_Ij1-fK
zXts-qDdXjfm42pEU`n1znRcf+pl>P5ixDoCh>acM?2olz-)ZlR60KeRP?g4R8>D+T
zuTw32=c2kj)++f<dvA#3T@t?I?%*bDP%~T7w=?`dxTq_Swde$=(KLKQcIqkgR6Cz&
zzUGU4zLh^3&fDkA&}8|fCY+JV*`LfY`+agzX`gCAzHdGm=T}oF72k7uQ(aDnS+j-6
zdP|C-=~FFdw&5<W`m+BPY7)x0@vcmJ%T4upi71OrNt*b!_9@w5X;kn-mO$Jn`}mYL
z!F@yTXOx<hXXR&_mt&;O@NrPF)9EW7-!CUL=Aq~!n~HhH0Jcw4M{z=;T%T(*Y)kEG
z_H+GFO3}8#t{y(8Io3+(s&AIA$W(X!+rgi*;t!c4F<L%R`MuD*eQzTnaek28&nMY{
zY_jk*k3S`OwO(jBZMzbw7(|ohPwXmRI*qX!L;@Ow`sD@DU5t&ap08%|Nt3i_N@hwj
zXO&{uoLD`<t?hVXHS<q`bJ9}GtJl&}ioK+nUB<ICc-AGNZLLP71`O6c3z0pEN7%^L
zZ~dW}dKKLGYOij?>^aQEYD129W=vjO%#wEAvRiU}MQ%@1TE;1#x2yRo=#!V+&m5w1
zyyE3gvw`{2!1PU#8Pl?Et2}YZ3mg}~F}WpqG5*z;EzX^GWwtnP75SRh^trWJjqKms
zmkM};L#eHm-e}GLrMeLZFW-NzX0Cry)%BNKeZrjPhF&2{CNr|~WU{+WdQar*GkUuz
zNYyt=DmY#~IaKI#Esx6kRxA9KdS)AzLY;p5x%yT6^2H;3rwk<EzrXM_Af*wLv8d90
zm)jAkdZ*3RS$Ct)_NJ#)9p6!htXIdDrBn;w(FCk#>n7yi{kHKsxKx;$0jl_Wn#0##
zoeGs#r@Fpp%3%8WxA(W=UY#;uN>ESU^RArpeL<Ol8vBCYj<4@28oQ33sy^F?wi0Pn
z#}8Um*xx5N{nNPW8@BD5cj-dE<TAa;$$JM=B;Zm$=R*2F^TiyM`y=ml7+a4X38mT+
zRo>hBr&rzd7vns&U>Dxu{3xQ%-+7Z)1dX@i<aNOimt473#3xF`x|=GmB=eG23}z1J
zuZ6Mir{7+6<;>c61Fy6#L+;5Q_Cm%>gWfhH2A&y$Tz2xUFPXc%o|)>#kWB|iQxn*1
zl}iIR-6zksdxw2MKsGH4{XDYfyR^;LSpxZ7(($=3*{4ml;^WG0)3eHDM%`(c^-kmz
zSGy+fb3Gv<Dub&%RDY<ed2kap-{<?aqPJdJV<68b4n#(3u=y_Gaq%cF{rZcL;;G|q
zT33B8u)R}`OAn(f%Jm|mAYG7EU(MInRBf9*-50M#I-FciVyux7iB4*Vyg12NanWYy
z*s_&MnSk*Aexq2f6tM*QoZnyEm5}#v9r8}ze=9D>*Nek=S5UGpC|_$Im0Ke^UoQdc
zZ9St_#(SIabJml6Va{Kzl<wa%k1=t5u%h{**(c|4Y$6#eHlcacd&0JvuU0y11GWkd
z)iE(LtsVT%A@S_*aMj=ITIPFY|Cx1VUdgE{_n64GMGmzsF)wI-wA<5t7H0s^Tj6i3
zdycPjvlClR43ko+T}%&cmb2*z?V*gy#}e8@Y(M)dEfHl!#0rRdHG^s=D)(3CCbGA1
z-05S?EmmLN@-S1E-0ASuyom8vU%eep=br2xySSJM3+v`*G>Y-DyLY$F9K<e+m7odO
z$R=2#D!sdR%=xHfoQ)Z0Yql7WkQu8r0aW2hNIxm4pTr)Ko-toP1?aN1){51(R8RGo
z>O-SGp8D7x`>D%G$X_!$R>s--JCuJ?d&EEF_XIyRAt{+cQ2UUyX_=KrGJ9~?!OX_Y
zq)g|U85h?rJRt69y(nKclsQZ9hb@l`OY<PJY`1XVmvw$lHrkU(>6#J?4o&Sjr_IUM
zOfm~lyg`8?u?7hnHyk2r%hbzI)y-t|1sr*KC%3n-&B&%=lH33JeMz-1xjjk_Z^BX#
zdCqCtq#*K@v#U*_a(O2q*MRJea=5y9$wq>^YLe2P)w+Z9?-z+2M{${&M1K3gGpu&c
z)-stidx9^o80Gv%h06sY>%!2!Z&c@0_P<?Tvi;8&iEI^@s3<qPU;2YNjSRoO*QI~u
zX$84z{|hEEvYHF9?QV8oo1eeB>PB7^^;c<9+k+kD{0&!22X{@Idu@*zq<~Ib>TETC
z)hIPFj`UZ(Qrk=0TKcOUsqMpTi~Lo^H2CnyU-e5vXOJ(KF%`_ebL3A`O5Hf7`=C!>
zzj8ASzYph9hjHsTo7+`iXSC|F`qSG~D_ZNXx9M~H>$#`6+r6X1_)4rFNho?C+qqJ6
z#y8bmTM}V86swJmj4wxT7H&AOGrJL=ZMtA1M_!vwq>E_UzjMPln+e#+7NAS1*3;7E
z>(9HMmT#-Ekpr}~;kN4cDkPX|+SoC=oL9|sw?~BiLOkT;rsva*=Pwo8+D{H2LS)O=
zr4a+67dC(SQiA>}h522CWOdJK$nlw-bDApQVK2r!+4#7cw2)sDG+Ul=YaK@_W>zvm
zx8)k#aLSV853}$rSC>;=m^$>`ltaG+tF<2XjL`wLjlJgv*)j}T*QffMFJE%}(!O2m
zE?t{PQJy*Wwm+3}_4<5m4R04O>J@Wt-{VJO-wJ^OHxE2%Qrj!?OZzWwn?`qU(mE=j
z4bz-lYcF2Pe$I9BtBFSP=bzi?w)T{xUy4b_dTsorpQk%!4)^fp*`0L!u_AGrPVMi!
z%f+))%in4o{I$)cB;EhF2x<~Tbuz6zJl)Z!#!_HVfqaKud!+pM&3Pl2Rnl00PrEC>
zn487!9s8}1{Ya`Q<?L>;jzac&*^?EQZ`O3l8`Ys%^Vn{U>~~VyTX*gdl}7~y+Ow)-
zm+YBiRR?>96e?YAyHAQ1-J+UyZH+aFZl>n>*wd>jx$PxmH}<iQ4OH7V*%PW`!S*Gw
zrB~U<`6urd)vR^X)_L>*Vo#s57j#uM^4Uwornq45lwMV=ozP8%1lhC1M!&GXtf~4}
mOqg{_nB5-RtU|)>iB+-o;#ssksrs#;J!|Zx>Iq9F{C@ym@e!o}

diff --git a/package.json b/package.json
index 5ced963..1592687 100644
--- a/package.json
+++ b/package.json
@@ -28,6 +28,7 @@
     "@tanstack/react-router": "^1.115.0",
     "@tanstack/react-start": "^1.115.1",
     "@tanstack/router-plugin": "^1.115.0",
+    "@workos-inc/node": "^7.69.1",
     "bunyan": "^1.8.15",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
diff --git a/surface.app.ctx.ts b/surface.app.ctx.ts
index 6dd087c..a729a55 100644
--- a/surface.app.ctx.ts
+++ b/surface.app.ctx.ts
@@ -5,7 +5,8 @@ import * as jwt from "hono/jwt";
 import { getCookie, setCookie } from "hono/cookie";
 import { CookieOptions } from "hono/utils/cookie";
 import { logger } from "./logger/logger";
-
+import { WorkOS } from "@workos-inc/node";
+import { env } from "./env";
 import { memberServiceClient } from "./service/members/member.service.client";
 
 /**
@@ -26,12 +27,24 @@ export function cookies(c: SurfaceContext) {
   return { get, set };
 }
 
+// works as singleton
+const workos: WorkOS | undefined = undefined;
+export const getWorkOS = () => {
+  if (workos !== undefined) {
+    return workos;
+  }
+  return new WorkOS(env("WORKOS_API_KEY"));
+};
+
 export type Dependencies = {
   // utils
   logger: typeof logger;
   cookies: ReturnType<typeof cookies>;
   jwt: typeof jwt;
 
+  // auth via workos
+  workos: WorkOS;
+
   // specifically for testing, allows overwriting the rpc client
   rpcClientMock?: typeof hc;
 
@@ -52,10 +65,15 @@ export const applyContext = (injections: Partial<Dependencies>) =>
     c.set("logger", injections.logger ?? logger);
     c.set("cookies", injections.cookies ?? cookies(c));
     c.set("jwt", jwt);
+    c.set("workos", injections.workos ?? getWorkOS());
+
+    // For demo only, remove as this gets cooler.
     c.set(
       "memberServiceClient",
-      injections.memberServiceClient ?? memberServiceClient
+      injections.memberServiceClient ?? memberServiceClient,
     );
+
+    // for testing only
     c.set("rpcClientMock", injections.rpcClientMock);
     await next();
   });

From 604841c00be4d8d30770c6a442125dba4c7f8540 Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Mon, 1 Sep 2025 21:31:17 -0700
Subject: [PATCH 02/16] feat: decent start to workos install

---
 handlers/error.handler.ts                 |  24 +-
 service/auth/README.md                    | 157 ++++++++++++
 service/auth/auth.endpoint.test.ts        | 297 ++++++++++++++++++++++
 service/auth/auth.endpoints.ts            | 220 ++++++++++++++--
 service/auth/auth.helpers.test.ts         | 203 +++++++++++++++
 service/auth/auth.helpers.ts              | 107 ++++++--
 service/members/member.service.client.ts  |  10 +-
 service/members/members.endpoints.test.ts |  22 +-
 surface.app.ctx.ts                        |   2 +-
 9 files changed, 981 insertions(+), 61 deletions(-)
 create mode 100644 service/auth/README.md
 create mode 100644 service/auth/auth.endpoint.test.ts
 create mode 100644 service/auth/auth.helpers.test.ts

diff --git a/handlers/error.handler.ts b/handlers/error.handler.ts
index d436510..96e4d32 100644
--- a/handlers/error.handler.ts
+++ b/handlers/error.handler.ts
@@ -2,6 +2,15 @@ import { SurfaceContext } from "../surface.app.ctx";
 
 export class PingError extends Error {}
 
+export class AuthError extends Error {
+  constructor(
+    message: string,
+    public readonly code: string = "AUTH_FAILED",
+  ) {
+    super(message);
+  }
+}
+
 export const errorHandler = (err: unknown, c: SurfaceContext): Response => {
   const { error } = c.var.logger;
   const { text, json } = c;
@@ -10,7 +19,20 @@ export const errorHandler = (err: unknown, c: SurfaceContext): Response => {
     error(`some kind of error happened: ${err}`);
     return text("oh noes", 418);
   }
+
+  if (err instanceof AuthError) {
+    error(`Authentication error: ${err.message}`, err);
+    return json(
+      {
+        error: "Authentication failed",
+        code: err.code,
+        message: err.message,
+      },
+      401,
+    );
+  }
+
   // unknown error
   error(`unhandled service error type: ${err}`, err);
-  return json({}, 500);
+  return json({ error: "Internal server error" }, 500);
 };
diff --git a/service/auth/README.md b/service/auth/README.md
new file mode 100644
index 0000000..30d792c
--- /dev/null
+++ b/service/auth/README.md
@@ -0,0 +1,157 @@
+# Authentication Service
+
+This authentication service has been updated to use WorkOS for OAuth authentication, replacing the previous fake user implementation.
+
+## Overview
+
+The authentication flow uses WorkOS AuthKit to handle user authentication via OAuth providers. Users are redirected to WorkOS for authentication, and upon successful authentication, a JWT session token is created and stored as an HTTP-only cookie.
+
+## Flow
+
+1. **Login (`/auth/login`)**: Redirects user to WorkOS authorization URL
+2. **Callback (`/auth/callback`)**: Handles OAuth callback, exchanges code for user info, creates session
+3. **Logout (`/auth/logout`)**: Clears session cookies and redirects
+
+## Files
+
+- `auth.endpoints.ts` - Main authentication endpoints
+- `auth.helpers.ts` - Helper functions for session management and authentication middleware
+- `auth.endpoint.test.ts` - Comprehensive tests for auth endpoints
+- `auth.helpers.test.ts` - Tests for auth helper functions
+
+## Environment Variables
+
+Required environment variables for WorkOS integration:
+
+```bash
+WORKOS_API_KEY=sk_test_...
+WORKOS_CLIENT_ID=client_...
+WORKOS_REDIRECT_URI=http://localhost:4000/api/auth/callback
+JWT_SECRET=your_jwt_secret_here
+```
+
+## Usage
+
+### Authentication Endpoints
+
+#### `GET /auth/login`
+Initiates WorkOS OAuth flow. Optionally accepts a `return` query parameter to specify redirect destination after successful authentication.
+
+**Query Parameters:**
+- `return` (optional): URL to redirect to after successful authentication
+- `test` (optional): When set to "true", returns JSON with authorization URL instead of redirecting
+
+**Response:**
+- `302` - Redirects to WorkOS authorization URL
+- `200` - Returns JSON with authorization URL (when `test=true`)
+
+#### `GET /auth/callback`
+Handles OAuth callback from WorkOS. Exchanges authorization code for user information and creates session.
+
+**Query Parameters:**
+- `code` (required): Authorization code from WorkOS
+- `state` (optional): Original redirect destination
+
+**Response:**
+- `302` - Redirects to original destination or home page
+- `401` - Authentication failed
+
+#### `GET /auth/logout`
+Clears user session and redirects.
+
+**Query Parameters:**
+- `return` (optional): URL to redirect to after logout
+- `test` (optional): When set to "true", returns JSON confirmation instead of redirecting
+
+**Response:**
+- `302` - Redirects to specified location or home page
+- `200` - Returns JSON confirmation (when `test=true`)
+
+### Helper Functions
+
+#### `getUser(c: SurfaceContext): Promise<User | undefined>`
+Extracts user information from the current session JWT token.
+
+#### `hasSession(c: SurfaceContext): Promise<boolean | JWTPayload>`
+Checks if the current request has a valid session (via cookie or Authorization header).
+
+#### `requireAuth(c: SurfaceContext, next: Function): Promise<void>`
+Middleware to require authentication for protected routes. Returns 401 if no valid session exists.
+
+### Usage Examples
+
+#### Protecting a Route
+```typescript
+export const protectedRoute = new Hono<SurfaceEnv>()
+  .use(requireAuth)
+  .get("/protected", async (c) => {
+    const user = await getUser(c);
+    return c.json({ message: `Hello ${user?.name}` });
+  });
+```
+
+#### Manual Session Check
+```typescript
+export const optionalAuth = new Hono<SurfaceEnv>()
+  .get("/optional", async (c) => {
+    const session = await hasSession(c);
+    if (session) {
+      const user = await getUser(c);
+      return c.json({ message: `Welcome back ${user?.name}` });
+    } else {
+      return c.json({ message: "Hello anonymous user" });
+    }
+  });
+```
+
+## User Type
+
+```typescript
+export type User = {
+  id: string;
+  name: string;
+  email: string;
+  roles: string[];
+  profilePicture?: string;
+};
+```
+
+## JWT Payload
+
+Session tokens contain the following claims:
+- `sub`: User ID
+- `email`: User email address
+- `name`: User display name
+- `iat`: Issued at timestamp
+- `exp`: Expiration timestamp (24 hours from issue)
+
+## Testing
+
+The authentication system includes comprehensive tests covering:
+- All authentication endpoints (login, callback, logout)
+- Error handling for various failure scenarios
+- Helper functions for session management
+- Mock WorkOS integration
+
+Run tests with:
+```bash
+bun test ./service/auth/
+```
+
+## Security Considerations
+
+- JWT tokens are stored as HTTP-only cookies to prevent XSS attacks
+- Cookies use `sameSite: "lax"` and `secure` flag in production
+- Session tokens expire after 24 hours
+- All authentication errors are properly handled and logged
+- WorkOS handles the actual OAuth flow, reducing attack surface
+
+## Migration from Fake User
+
+The following changes were made during the WorkOS migration:
+1. Removed `fakeUser` from auth helpers
+2. Updated authentication flow to use WorkOS OAuth
+3. Added proper JWT session management
+4. Updated error handling with `AuthError` class
+5. Fixed dependency injection to support JWT mocking in tests
+6. Updated member service client and tests to work with real authentication
\ No newline at end of file
diff --git a/service/auth/auth.endpoint.test.ts b/service/auth/auth.endpoint.test.ts
new file mode 100644
index 0000000..1f37669
--- /dev/null
+++ b/service/auth/auth.endpoint.test.ts
@@ -0,0 +1,297 @@
+import { expect, it, mock, describe, beforeEach } from "bun:test";
+import { Hono } from "hono";
+import { sessions } from "./auth.endpoints";
+import { applyContext, SurfaceEnv } from "../../surface.app.ctx";
+import { logger } from "../../logger/logger";
+import { WorkOS } from "@workos-inc/node";
+import { errorHandler } from "../../handlers/error.handler";
+
+describe("auth endpoints", () => {
+  // Mock logger
+  const mockLogger = {
+    ...logger,
+    info: mock().mockImplementation(() => null),
+    error: mock().mockImplementation(() => null),
+  } as unknown as typeof logger;
+
+  // Mock WorkOS
+  const mockWorkOS = {
+    userManagement: {
+      getAuthorizationUrl: mock(),
+      authenticateWithCode: mock(),
+    },
+  } as unknown as WorkOS;
+
+  // Mock cookies
+  const mockCookies = {
+    get: mock(),
+    set: mock(),
+  };
+
+  // Mock JWT
+  const mockJwt = {
+    sign: mock(),
+    verify: mock(),
+  };
+
+  let testApp: Hono<SurfaceEnv>;
+
+  beforeEach(() => {
+    // Reset all mocks without restoring them
+    mockLogger.info.mockClear();
+    mockLogger.error.mockClear();
+    mockCookies.get.mockClear();
+    mockCookies.set.mockClear();
+    mockWorkOS.userManagement.getAuthorizationUrl.mockClear();
+    mockWorkOS.userManagement.authenticateWithCode.mockClear();
+    mockJwt.sign.mockClear();
+    mockJwt.verify.mockClear();
+
+    testApp = new Hono<SurfaceEnv>()
+      .use(
+        applyContext({
+          logger: mockLogger,
+          cookies: mockCookies,
+          workos: mockWorkOS,
+          jwt: mockJwt,
+        }),
+      )
+      .route("/", sessions)
+      .onError(errorHandler);
+  });
+
+  describe("GET /login", () => {
+    it("should redirect to WorkOS authorization URL", async () => {
+      const mockAuthUrl =
+        "https://api.workos.com/sso/authorize?response_type=code&client_id=test&redirect_uri=http://localhost:4000/api/auth/callback";
+
+      mockWorkOS.userManagement.getAuthorizationUrl.mockReturnValue(
+        mockAuthUrl,
+      );
+
+      const response = await testApp.request("/login");
+
+      expect(response.status).toBe(302);
+      expect(response.headers.get("Location")).toBe(mockAuthUrl);
+      expect(
+        mockWorkOS.userManagement.getAuthorizationUrl,
+      ).toHaveBeenCalledWith({
+        provider: "authkit",
+        redirectUri: "http://localhost:4000/api/auth/callback",
+        clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
+        state: "/",
+      });
+      expect(mockLogger.info).toHaveBeenCalledWith(
+        "Redirecting to WorkOS authorization URL",
+      );
+    });
+
+    it("should use return query parameter as state", async () => {
+      const mockAuthUrl = "https://api.workos.com/sso/authorize";
+      mockWorkOS.userManagement.getAuthorizationUrl.mockReturnValue(
+        mockAuthUrl,
+      );
+
+      await testApp.request("/login?return=/dashboard");
+
+      expect(
+        mockWorkOS.userManagement.getAuthorizationUrl,
+      ).toHaveBeenCalledWith({
+        provider: "authkit",
+        redirectUri: "http://localhost:4000/api/auth/callback",
+        clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
+        state: "/dashboard",
+      });
+    });
+
+    it("should return JSON for test requests", async () => {
+      const mockAuthUrl = "https://api.workos.com/sso/authorize";
+      mockWorkOS.userManagement.getAuthorizationUrl.mockReturnValue(
+        mockAuthUrl,
+      );
+
+      const response = await testApp.request("/login?test=true");
+      const body = await response.json();
+
+      expect(response.status).toBe(200);
+      expect(body).toEqual({ redirectUrl: mockAuthUrl });
+    });
+
+    it("should handle WorkOS errors", async () => {
+      mockWorkOS.userManagement.getAuthorizationUrl.mockImplementation(() => {
+        throw new Error("WorkOS error");
+      });
+
+      const response = await testApp.request("/login");
+
+      expect(response.status).toBe(401);
+      expect(mockLogger.error).toHaveBeenCalledWith(
+        "Failed to create WorkOS authorization URL",
+        expect.any(Error),
+      );
+      expect(mockLogger.error).toHaveBeenCalledWith(
+        "Authentication error: Authentication initialization failed",
+        expect.any(Error),
+      );
+    });
+  });
+
+  describe("GET /callback", () => {
+    const mockUser = {
+      id: "user_123",
+      firstName: "John",
+      lastName: "Doe",
+      email: "john.doe@example.com",
+      profilePictureUrl: "https://example.com/avatar.jpg",
+    };
+
+    beforeEach(() => {
+      mockWorkOS.userManagement.authenticateWithCode.mockResolvedValue({
+        user: mockUser,
+      });
+      mockJwt.sign.mockResolvedValue("mock.jwt.token");
+    });
+
+    it("should authenticate user and create session", async () => {
+      const response = await testApp.request(
+        "/callback?code=auth_code_123&state=/dashboard",
+      );
+
+      expect(response.status).toBe(302);
+      expect(response.headers.get("Location")).toBe("/dashboard");
+
+      expect(
+        mockWorkOS.userManagement.authenticateWithCode,
+      ).toHaveBeenCalledWith({
+        code: "auth_code_123",
+        clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
+      });
+
+      expect(mockCookies.set).toHaveBeenCalledWith("user_id", "user_123", {
+        path: "/",
+        httpOnly: true,
+        secure: false, // development mode
+        sameSite: "lax",
+      });
+
+      expect(mockJwt.sign).toHaveBeenCalledWith(
+        expect.objectContaining({
+          sub: "user_123",
+          email: "john.doe@example.com",
+          name: "John Doe",
+        }),
+        "sup4h.secr1t.jwt.🔑",
+      );
+
+      expect(mockCookies.set).toHaveBeenCalledWith(
+        "session",
+        "mock.jwt.token",
+        {
+          path: "/",
+          httpOnly: true,
+          secure: false,
+          sameSite: "lax",
+        },
+      );
+
+      expect(mockLogger.info).toHaveBeenCalledWith(
+        "User john.doe@example.com authenticated successfully",
+      );
+    });
+
+    it("should redirect to home page when no state provided", async () => {
+      const response = await testApp.request("/callback?code=auth_code_123");
+
+      expect(response.status).toBe(302);
+      expect(response.headers.get("Location")).toBe("/");
+    });
+
+    it("should handle missing authorization code", async () => {
+      const response = await testApp.request("/callback");
+
+      expect(response.status).toBe(401);
+      const body = await response.json();
+      expect(body.error).toBe("Authentication failed");
+      expect(body.code).toBe("MISSING_CODE");
+      expect(mockLogger.error).toHaveBeenCalledWith(
+        "No authorization code provided in callback",
+      );
+    });
+
+    it("should handle WorkOS authentication failure", async () => {
+      mockWorkOS.userManagement.authenticateWithCode.mockRejectedValue(
+        new Error("Invalid code"),
+      );
+
+      const response = await testApp.request("/callback?code=invalid_code");
+
+      expect(response.status).toBe(401);
+      const body = await response.json();
+      expect(body.error).toBe("Authentication failed");
+      expect(body.code).toBe("AUTH_FAILED");
+      expect(mockLogger.error).toHaveBeenCalledWith(
+        "WorkOS authentication failed",
+        expect.any(Error),
+      );
+    });
+
+    it("should handle user with only email (no first/last name)", async () => {
+      const userWithoutName = {
+        ...mockUser,
+        firstName: null,
+        lastName: null,
+      };
+
+      mockWorkOS.userManagement.authenticateWithCode.mockResolvedValue({
+        user: userWithoutName,
+      });
+
+      const response = await testApp.request("/callback?code=auth_code_123");
+
+      expect(mockJwt.sign).toHaveBeenCalledWith(
+        expect.objectContaining({
+          name: "john.doe@example.com", // Should fallback to email
+        }),
+        expect.any(String),
+      );
+    });
+  });
+
+  describe("GET /logout", () => {
+    it("should clear cookies and redirect", async () => {
+      const response = await testApp.request("/logout?return=/login");
+
+      expect(response.status).toBe(302);
+      expect(response.headers.get("Location")).toBe("/login");
+
+      expect(mockCookies.set).toHaveBeenCalledWith("user_id", "", {
+        path: "/",
+        httpOnly: true,
+        expires: new Date(0),
+      });
+
+      expect(mockCookies.set).toHaveBeenCalledWith("session", "", {
+        path: "/",
+        httpOnly: true,
+        expires: new Date(0),
+      });
+
+      expect(mockLogger.info).toHaveBeenCalledWith("User logging out");
+    });
+
+    it("should redirect to home page by default", async () => {
+      const response = await testApp.request("/logout");
+
+      expect(response.status).toBe(302);
+      expect(response.headers.get("Location")).toBe("/");
+    });
+
+    it("should return JSON for test requests", async () => {
+      const response = await testApp.request("/logout?test=true");
+      const body = await response.json();
+
+      expect(response.status).toBe(200);
+      expect(body).toEqual({ message: "Logged out successfully" });
+    });
+  });
+});
diff --git a/service/auth/auth.endpoints.ts b/service/auth/auth.endpoints.ts
index a709b7b..c5719a9 100644
--- a/service/auth/auth.endpoints.ts
+++ b/service/auth/auth.endpoints.ts
@@ -1,38 +1,204 @@
 import { Hono } from "hono";
 import { SurfaceEnv } from "../../surface.app.ctx";
-import { fakeUser } from "./auth.helpers";
+import { env } from "../../env";
+import { describeRoute } from "hono-openapi";
+import { resolver } from "hono-openapi/zod";
+import { z } from "zod";
+import { AuthError } from "../../handlers/error.handler";
 
 export type User = {
   id: string;
   name: string;
   email: string;
   roles: string[];
-  profilePicture: string;
+  profilePicture?: string;
 };
 
+// Zod schemas for OpenAPI documentation
+const loginRedirectResponse = z.object({
+  redirectUrl: z.string().url(),
+});
+
+const logoutResponse = z.object({
+  message: z.string(),
+});
+
 export const sessions = new Hono<SurfaceEnv>()
-  .get("/login", async (c) => {
-    const { cookies, jwt } = c.var;
-    cookies.set("user_id", fakeUser.id, { path: "/", httpOnly: true });
-
-    // generate a jwt for session calls
-    const now = Math.floor(Date.now() / 1000);
-    const payload = {
-      sub: fakeUser.id,
-      iat: now,
-      exp: now + 60 * 60 * 24,
-    };
-
-    // this will throw if JWT_SECRET is empty
-    const token = await jwt.sign(payload, process.env.JWT_SECRET ?? "");
-    cookies.set("session", token, { path: "/", httpOnly: true });
-
-    // redirect to location (if passed)
-    const redirectTo = c.req.query("return") ?? "/";
-    return c.redirect(redirectTo);
-  })
-  .get("/logout", async (c) => {
-    c.var.cookies.set("user_id", "", { path: "/", httpOnly: true });
-    const redirectTo = c.req.query("return") ?? "/";
-    return c.redirect(redirectTo);
-  });
+  .get(
+    "/login",
+    describeRoute({
+      description: "Initiate WorkOS OAuth login flow",
+      responses: {
+        302: {
+          description: "Redirect to WorkOS authorization URL",
+        },
+        200: {
+          description: "Authorization URL (for testing)",
+          content: {
+            "application/json": { schema: resolver(loginRedirectResponse) },
+          },
+        },
+      },
+    }),
+    async (c) => {
+      const { workos, logger } = c.var;
+
+      try {
+        const redirectTo = c.req.query("return") ?? "/";
+
+        // Create authorization URL with WorkOS
+        const authorizationUrl = workos.userManagement.getAuthorizationUrl({
+          provider: "authkit",
+          redirectUri: env("WORKOS_REDIRECT_URI"),
+          clientId: env("WORKOS_CLIENT_ID"),
+          state: redirectTo, // Pass the return URL in state
+        });
+
+        logger.info("Redirecting to WorkOS authorization URL");
+
+        // For testing purposes, if test=true query param is present, return JSON instead of redirecting
+        if (c.req.query("test") === "true") {
+          return c.json({ redirectUrl: authorizationUrl });
+        }
+
+        return c.redirect(authorizationUrl);
+      } catch (error) {
+        logger.error("Failed to create WorkOS authorization URL", error);
+        throw new AuthError(
+          "Authentication initialization failed",
+          "INIT_FAILED",
+        );
+      }
+    },
+  )
+  .get(
+    "/callback",
+    describeRoute({
+      description: "Handle WorkOS OAuth callback and create user session",
+      responses: {
+        302: {
+          description: "Redirect to original destination or home page",
+        },
+        400: {
+          description: "Missing or invalid authorization code",
+        },
+      },
+    }),
+    async (c) => {
+      const { workos, cookies, jwt, logger } = c.var;
+
+      try {
+        const code = c.req.query("code");
+        const state = c.req.query("state");
+
+        if (!code) {
+          logger.error("No authorization code provided in callback");
+          throw new AuthError("Missing authorization code", "MISSING_CODE");
+        }
+
+        logger.info("Processing WorkOS callback with authorization code");
+
+        // Exchange code for user information
+        const { user } = await workos.userManagement.authenticateWithCode({
+          code,
+          clientId: env("WORKOS_CLIENT_ID"),
+        });
+
+        // Create our user object from WorkOS user
+        const surfaceUser: User = {
+          id: user.id,
+          name:
+            `${user.firstName || ""} ${user.lastName || ""}`.trim() ||
+            user.email,
+          email: user.email,
+          roles: [], // You might want to fetch roles from WorkOS organizations
+          profilePicture: user.profilePictureUrl ?? undefined,
+        };
+
+        // Store user ID in cookie
+        cookies.set("user_id", surfaceUser.id, {
+          path: "/",
+          httpOnly: true,
+          secure: env("NODE_ENV") === "production",
+          sameSite: "lax",
+        });
+
+        // Generate JWT session token
+        const now = Math.floor(Date.now() / 1000);
+        const payload = {
+          sub: surfaceUser.id,
+          email: surfaceUser.email,
+          name: surfaceUser.name,
+          iat: now,
+          exp: now + 60 * 60 * 24, // 24 hours
+        };
+
+        const token = await jwt.sign(payload, env("JWT_SECRET"));
+        cookies.set("session", token, {
+          path: "/",
+          httpOnly: true,
+          secure: env("NODE_ENV") === "production",
+          sameSite: "lax",
+        });
+
+        logger.info(`User ${surfaceUser.email} authenticated successfully`);
+
+        // Redirect to original destination or home page
+        const redirectTo = state || "/";
+        return c.redirect(redirectTo);
+      } catch (error) {
+        logger.error("WorkOS authentication failed", error);
+
+        if (error instanceof AuthError) {
+          throw error; // Re-throw AuthError to be handled by error handler
+        }
+
+        // Wrap other errors as AuthError
+        throw new AuthError("Authentication failed", "AUTH_FAILED");
+      }
+    },
+  )
+  .get(
+    "/logout",
+    describeRoute({
+      description: "Clear user session and logout",
+      responses: {
+        302: {
+          description: "Redirect to specified location or home page",
+        },
+        200: {
+          description: "Logout confirmation (for testing)",
+          content: {
+            "application/json": { schema: resolver(logoutResponse) },
+          },
+        },
+      },
+    }),
+    async (c) => {
+      const { cookies, logger } = c.var;
+
+      logger.info("User logging out");
+
+      // Clear all auth cookies
+      cookies.set("user_id", "", {
+        path: "/",
+        httpOnly: true,
+        expires: new Date(0),
+      });
+
+      cookies.set("session", "", {
+        path: "/",
+        httpOnly: true,
+        expires: new Date(0),
+      });
+
+      const redirectTo = c.req.query("return") ?? "/";
+
+      // For testing purposes, if test=true query param is present, return JSON
+      if (c.req.query("test") === "true") {
+        return c.json({ message: "Logged out successfully" });
+      }
+
+      return c.redirect(redirectTo);
+    },
+  );
diff --git a/service/auth/auth.helpers.test.ts b/service/auth/auth.helpers.test.ts
new file mode 100644
index 0000000..889a8ae
--- /dev/null
+++ b/service/auth/auth.helpers.test.ts
@@ -0,0 +1,203 @@
+import { expect, it, mock, describe, beforeEach } from "bun:test";
+import { getUser, hasSession, requireAuth } from "./auth.helpers";
+import { SurfaceContext } from "../../surface.app.ctx";
+
+describe("auth helpers", () => {
+  const mockLogger = {
+    error: mock(),
+    info: mock(),
+  };
+
+  const mockCookies = {
+    get: mock(),
+    set: mock(),
+  };
+
+  const mockJwt = {
+    verify: mock(),
+    sign: mock(),
+  };
+
+  const createMockContext = (overrides = {}): SurfaceContext => {
+    return {
+      var: {
+        logger: mockLogger,
+        cookies: mockCookies,
+        jwt: mockJwt,
+        ...overrides,
+      },
+      req: {
+        header: mock(),
+      },
+      json: mock(),
+      set: mock(),
+    } as unknown as SurfaceContext;
+  };
+
+  beforeEach(() => {
+    // Reset all mocks without restoring them
+    mockLogger.error.mockClear();
+    mockLogger.info.mockClear();
+    mockCookies.get.mockClear();
+    mockCookies.set.mockClear();
+    mockJwt.verify.mockClear();
+    mockJwt.sign.mockClear();
+  });
+
+  describe("getUser", () => {
+    it("should return user from valid session token", async () => {
+      const mockPayload = {
+        sub: "user_123",
+        email: "john@example.com",
+        name: "John Doe",
+        iat: 1234567890,
+        exp: 1234567990,
+      };
+
+      mockCookies.get.mockReturnValue("valid.jwt.token");
+      mockJwt.verify.mockResolvedValue(mockPayload);
+
+      const context = createMockContext();
+      const user = await getUser(context);
+
+      expect(user).toEqual({
+        id: "user_123",
+        name: "John Doe",
+        email: "john@example.com",
+        roles: [],
+        profilePicture: undefined,
+      });
+
+      expect(mockCookies.get).toHaveBeenCalledWith("session");
+      expect(mockJwt.verify).toHaveBeenCalledWith(
+        "valid.jwt.token",
+        "sup4h.secr1t.jwt.🔑",
+      );
+    });
+
+    it("should return undefined when no session token", async () => {
+      mockCookies.get.mockReturnValue(undefined);
+
+      const context = createMockContext();
+      const user = await getUser(context);
+
+      expect(user).toBeUndefined();
+      expect(mockJwt.verify).not.toHaveBeenCalled();
+    });
+
+    it("should return undefined when JWT verification fails", async () => {
+      mockCookies.get.mockReturnValue("invalid.jwt.token");
+      mockJwt.verify.mockRejectedValue(new Error("Invalid token"));
+
+      const context = createMockContext();
+      const user = await getUser(context);
+
+      expect(user).toBeUndefined();
+      expect(mockLogger.error).toHaveBeenCalledWith(
+        "Failed to get user from session",
+        expect.any(Error),
+      );
+    });
+  });
+
+  describe("hasSession", () => {
+    it("should return JWT payload for valid session cookie", async () => {
+      const mockPayload = {
+        sub: "user_123",
+        email: "john@example.com",
+        name: "John Doe",
+        iat: 1234567890,
+        exp: 1234567990,
+      };
+
+      mockCookies.get.mockReturnValue("valid.jwt.token");
+      mockJwt.verify.mockResolvedValue(mockPayload);
+
+      const context = createMockContext();
+      const session = await hasSession(context);
+
+      expect(session).toEqual(mockPayload);
+    });
+
+    it("should return JWT payload for valid Bearer token", async () => {
+      const mockPayload = {
+        sub: "user_123",
+        email: "john@example.com",
+        name: "John Doe",
+        iat: 1234567890,
+        exp: 1234567990,
+      };
+
+      mockCookies.get.mockReturnValue(undefined);
+
+      const context = createMockContext();
+      context.req.header = mock().mockReturnValue("Bearer valid.jwt.token");
+
+      mockJwt.verify.mockResolvedValue(mockPayload);
+
+      const session = await hasSession(context);
+
+      expect(session).toEqual(mockPayload);
+      expect(context.req.header).toHaveBeenCalledWith("Authorization");
+    });
+
+    it("should return false when no token available", async () => {
+      mockCookies.get.mockReturnValue(undefined);
+
+      const context = createMockContext();
+      context.req.header = mock().mockReturnValue(undefined);
+
+      const session = await hasSession(context);
+
+      expect(session).toBe(false);
+    });
+
+    it("should return false when JWT verification fails", async () => {
+      mockCookies.get.mockReturnValue("invalid.token");
+      mockJwt.verify.mockRejectedValue(new Error("Invalid token"));
+
+      const context = createMockContext();
+      const session = await hasSession(context);
+
+      expect(session).toBe(false);
+      expect(mockLogger.error).toHaveBeenCalledWith(
+        "No valid session was found",
+        expect.any(Error),
+      );
+    });
+  });
+
+  describe("requireAuth", () => {
+    it("should call next() for authenticated requests", async () => {
+      const mockPayload = { sub: "user_123" };
+      mockCookies.get.mockReturnValue("valid.token");
+      mockJwt.verify.mockResolvedValue(mockPayload);
+
+      const context = createMockContext();
+      const next = mock();
+
+      await requireAuth(context, next);
+
+      expect(next).toHaveBeenCalled();
+      expect((context as any).session).toEqual(mockPayload);
+    });
+
+    it("should return 401 for unauthenticated requests", async () => {
+      mockCookies.get.mockReturnValue(undefined);
+
+      const context = createMockContext();
+      context.req.header = mock().mockReturnValue(undefined);
+      context.json = mock().mockReturnValue(new Response());
+
+      const next = mock();
+
+      await requireAuth(context, next);
+
+      expect(next).not.toHaveBeenCalled();
+      expect(context.json).toHaveBeenCalledWith(
+        { error: "Authentication required" },
+        401,
+      );
+    });
+  });
+});
diff --git a/service/auth/auth.helpers.ts b/service/auth/auth.helpers.ts
index cf2c9e5..099d4d2 100644
--- a/service/auth/auth.helpers.ts
+++ b/service/auth/auth.helpers.ts
@@ -1,40 +1,93 @@
 import { JWTPayload } from "hono/utils/jwt/types";
 import { SurfaceContext } from "../../surface.app.ctx";
 import { User } from "./auth.endpoints";
+import { env } from "../../env";
 
-export const fakeUser = {
-  id: "123",
-  name: "Alice",
-  email: "alice@domain.com",
-  roles: ["admin"],
-  profilePicture:
-    "https://plus.unsplash.com/premium_photo-1672201106204-58e9af7a2888?q=80&w=80",
-};
-
+/**
+ * Get the current user from session or JWT token
+ * @param c Surface context
+ * @returns User object or undefined if not authenticated
+ */
 export async function getUser(c: SurfaceContext): Promise<User | undefined> {
-  const userId = c.var.cookies.get("user_id");
-  if (!userId || userId === "") return undefined;
-  return fakeUser;
+  try {
+    const sessionToken = c.var.cookies.get("session");
+
+    if (!sessionToken) {
+      return undefined;
+    }
+
+    const decoded = (await c.var.jwt.verify(
+      sessionToken,
+      env("JWT_SECRET"),
+    )) as JWTPayload & {
+      email: string;
+      name: string;
+    };
+
+    // Construct user from JWT payload
+    const user: User = {
+      id: decoded.sub as string,
+      name: decoded.name,
+      email: decoded.email,
+      roles: [], // TODO: Add role management
+      profilePicture: undefined, // Could be added to JWT payload if needed
+    };
+
+    return user;
+  } catch (error) {
+    c.var.logger.error("Failed to get user from session", error);
+    return undefined;
+  }
 }
 
+/**
+ * Check if the current request has a valid session
+ * @param c Surface context
+ * @returns JWT payload if valid session exists, false otherwise
+ */
 export const hasSession = async (
-  c: SurfaceContext
+  c: SurfaceContext,
 ): Promise<boolean | JWTPayload> => {
-  // we can simply check for cookie presence client side
-  // but for service calls we need to check the jwt as Bearer token
-  // plenty more to do here obviously but a good starting point for "real" auth.
-  const authHeader = c.req.header("Authorization") ?? "";
-  const userId = c.var.cookies.get("user_id") || authHeader > "Bearer ";
-  const hasUserId = userId !== undefined && userId > "";
-  if (hasUserId) {
-    return true;
-  }
-  const token = authHeader.replace("Bearer ", "");
   try {
-    const decoded = await c.var.jwt.verify(token, process.env.JWT_SECRET ?? "");
-    return decoded;
-  } catch (e) {
-    c.var.logger.error(`No valid session was found.`);
+    // Check for session cookie first
+    const sessionToken = c.var.cookies.get("session");
+    if (sessionToken) {
+      const decoded = await c.var.jwt.verify(sessionToken, env("JWT_SECRET"));
+      return decoded;
+    }
+
+    // Fallback to Authorization header for API calls
+    const authHeader = c.req.header("Authorization");
+    if (authHeader?.startsWith("Bearer ")) {
+      const token = authHeader.replace("Bearer ", "");
+      const decoded = await c.var.jwt.verify(token, env("JWT_SECRET"));
+      return decoded;
+    }
+
     return false;
+  } catch (error) {
+    c.var.logger.error("No valid session was found", error);
+    return false;
+  }
+};
+
+/**
+ * Middleware to require authentication for protected routes
+ * @param c Surface context
+ * @param next Next function
+ */
+export const requireAuth = async (
+  c: SurfaceContext,
+  next: () => Promise<void>,
+) => {
+  const session = await hasSession(c);
+
+  if (!session) {
+    return c.json({ error: "Authentication required" }, 401);
   }
+
+  // Store the session data in context for use in handlers
+  // Note: Using a custom context extension since "session" is not in Dependencies
+  (c as any).session = session;
+  await next();
 };
diff --git a/service/members/member.service.client.ts b/service/members/member.service.client.ts
index 29a43e7..9c9e22b 100644
--- a/service/members/member.service.client.ts
+++ b/service/members/member.service.client.ts
@@ -1,8 +1,14 @@
 import { User } from "../auth/auth.endpoints";
-import { fakeUser } from "../auth/auth.helpers";
 
 const fakeMembers: User[] = [
-  fakeUser,
+  {
+    id: "123",
+    name: "Alice",
+    email: "alice@domain.com",
+    roles: ["admin"],
+    profilePicture:
+      "https://plus.unsplash.com/premium_photo-1672201106204-58e9af7a2888?q=80&w=80",
+  },
   {
     name: "Bob",
     email: "bob@member.net",
diff --git a/service/members/members.endpoints.test.ts b/service/members/members.endpoints.test.ts
index 7109823..dd5ef1c 100644
--- a/service/members/members.endpoints.test.ts
+++ b/service/members/members.endpoints.test.ts
@@ -9,7 +9,6 @@ import { logger } from "../../logger/logger";
 import { members } from "./members.endpoints";
 import { Hono } from "hono";
 import { User } from "../auth/auth.endpoints";
-import { fakeUser } from "../auth/auth.helpers";
 
 describe("members endpoint tests", () => {
   const mockLogger = {
@@ -19,13 +18,29 @@ describe("members endpoint tests", () => {
   } as unknown as typeof logger;
 
   const mockCookies = {
-    get: mock(() => "fake-session"),
+    get: mock(() => "valid.jwt.token"),
   } as unknown as ReturnType<typeof cookies>;
 
+  const mockJwt = {
+    verify: mock(() =>
+      Promise.resolve({ sub: "user_123", email: "test@example.com" }),
+    ),
+    sign: mock(() => Promise.resolve("token")),
+  };
+
   // Create mocks with correct return types to avoid type errors
   const getMembersMock = mock<() => Promise<User[] | Response>>();
   const getMemberMock = mock<() => Promise<User | null>>();
 
+  const fakeUser: User = {
+    id: "123",
+    name: "Alice",
+    email: "alice@domain.com",
+    roles: ["admin"],
+    profilePicture:
+      "https://plus.unsplash.com/premium_photo-1672201106204-58e9af7a2888?q=80&w=80",
+  };
+
   // Set default implementation
   getMembersMock.mockImplementation(() => Promise.resolve([fakeUser]));
   getMemberMock.mockImplementation(() => Promise.resolve(fakeUser));
@@ -41,7 +56,8 @@ describe("members endpoint tests", () => {
         logger: mockLogger,
         memberServiceClient: mockMemberServiceClient,
         cookies: mockCookies,
-      })
+        jwt: mockJwt,
+      }),
     )
     .route("/api/members", members);
 
diff --git a/surface.app.ctx.ts b/surface.app.ctx.ts
index a729a55..fe322e5 100644
--- a/surface.app.ctx.ts
+++ b/surface.app.ctx.ts
@@ -64,7 +64,7 @@ export const applyContext = (injections: Partial<Dependencies>) =>
   createMiddleware(async (c, next) => {
     c.set("logger", injections.logger ?? logger);
     c.set("cookies", injections.cookies ?? cookies(c));
-    c.set("jwt", jwt);
+    c.set("jwt", injections.jwt ?? jwt);
     c.set("workos", injections.workos ?? getWorkOS());
 
     // For demo only, remove as this gets cooler.

From 9ee648189c0d4e31b39f0370f92d92b308b0a566 Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Mon, 1 Sep 2025 22:28:48 -0700
Subject: [PATCH 03/16] feat: tap into workos session management

---
 .env.example                              |   5 +-
 bun.lockb                                 | Bin 415774 -> 416134 bytes
 package.json                              |   1 +
 service/auth/README.md                    | 262 +++++++++++++++------
 service/auth/auth.endpoint.test.ts        | 225 +++++++++++++-----
 service/auth/auth.endpoints.ts            | 267 ++++++++++++++++++----
 service/auth/auth.helpers.test.ts         | 120 +++++++---
 service/auth/auth.helpers.ts              | 255 ++++++++++++++++++---
 service/members/members.endpoints.test.ts |  30 ++-
 state/user.store.ts                       |  20 +-
 views/components/app-sidebar.tsx          |  25 +-
 views/components/nav-user.tsx             |   6 +-
 views/home.tsx                            |   2 +-
 views/hooks/use-app-state.ts              |  11 +
 views/ssr.ts                              |   3 +-
 15 files changed, 964 insertions(+), 268 deletions(-)

diff --git a/.env.example b/.env.example
index dc9fb26..b0f08b2 100644
--- a/.env.example
+++ b/.env.example
@@ -1,3 +1,6 @@
 DEBUG=surface:*
 SELF_RPC_HOST=http://localhost:4000
-JWT_SECRET=sup4h.secr1t.jwt.🔑
+
+WORKOS_API_KEY=your-work-os-api-key
+WORKOS_CLIENT_ID=your-workos-client-id
+WORKOS_REDIRECT_URI=http://localhost:4000/auth/callback
diff --git a/bun.lockb b/bun.lockb
index 4a1a257df49be51d749870e20e0dfc8d8ce0c337..27e495a4e77012f843d0002d718400ef93c91154 100755
GIT binary patch
delta 76784
zcmeFadt6lI-uFLiaFV5>nHo^xAuFXMHMIdbjF_gVR9Y&isHh~P98|Cvi@>s!49iyb
zh04+n1{Jl<O3|q7BxF=(rBqaQgwo26j79xEpLJbB)ZO0u-uH7q&+i}Ci#4C?`@YV{
zb*(ky^6r0x->@zGmUGWOyt>PZf~u=?Vy{hzZtC*vfnV3BJLgTh_T=IBZ=B<MqG#<-
zDJMAWqr>`?-p=A5))y2+F3QczAoJ$r<)>$5Il2Tn99<la;@dhp94A5NXXWNFzz(as
z5o%szDw=BzH3l0mTj^lk5WE{ger&A-^H^JrK1PnU&j=0A07iu31t+Qywa`wmcUp#X
zurb6M>g-cAzlX~23usUH9e^TO@eXKL=v2TE=#9Np8ky;NxmV_(ys*iOpq-%$bC)b&
zJ+6SwJZI?ek0Bk}ttYE|hJuH}9uGzRrW8*^1}xOe2-qDOr6Xiz%wu|vKm+vyXTx+n
z#o>Un_(mwwD9+Ez@-pOdZO^v)1%;XmVX^prD={dv==sxBA-)P%v?9Xc=nLNwy;WLg
zLs^Oa@TYd}qw?CL`3i(*B{o2rcV|Rq=UfMyS^=B6eSr9Elt4Oluu-?Oix2m6I8dVE
zccF|>t92)o5g*Zdw`Ft)HP1Oyg>JF>b?8&H<t$a0a|WoM$;g|x+?%z)Q4y)q+5lyt
zRzlf>xth<^_E;zyzxX^T!$m;ZaGjwn%g+N<yhBiitJn5ZQ1nz$@h0t23S|O59bh4p
z30$h}cqkJ%8_ICKpv=h7{$HU2^gjS)L0^J0elJv)e1Z4!%h8dJ^qf3z9yDSoD_rC#
zUX+)SHy@xG04-X4-+2zlsnDCC97}J4Qy&<nGQ8#t)nZeJI~=EjkAyP(i3rE;`2_wf
z*pU%x$bAT9FT4TeOj@3^By0IXZ%)hkNY|=yomvzftp>n%ZWYp-7qu`ecb?-%a1P#2
zH7|-$DK^07K$^EKeSQY&GHIj=cPo@ReF`<9={dga^!)jmwI~rwm<weIn0R_to@1`E
zi;91XRSEBnQwjBk2Qzp$-r>O5DbCBtz9M6p!;zJs682#&@#f__=ECNz+3Znm9Egtw
zP0vbSkZ~J0o1_@ZKFNnN{Ak3(;4dBmJ&ApA6Ef-pkU84nz-%hM5;of~1IkXE4rR?2
zX5{4ga^^c0<>ls}IUSFqpzPecv<CX-*D)&IKkK6#5uWMV@lomGJ1<n7oCpsV<gsyT
zl0?D|qwQ1$y26`pFQ`j$^YZ8C<vH%R)^`jo+MA5=#86Nce*=^gvOx1WP!6p`DC->o
zMZ(3uPEzgrKD00F9Z>Q+pbU2<v_Etzltb-&C`%Wr)j!b=S5({x2Qz*K$^iFjdo`3j
zzXBQpeJx29tbVHE6Q(ImfOdiZE+|LN@|^kk1!&*G>52#D#1hy{Cy<_+JJy!qlMKIA
z9X!Ce)H)PA?(F@uR5H1jXJGg_9GA{e<0~+JGBK5SIOkYX%(MFKL2%}tmyxr87}u)&
z<(QSVa}}?#%FRCAABWW$p%%?kbe2_T_A#%}G}}6A4oG?mDRoDfWf^(7SyyB@*ja3k
zMNrP9Sx}Cn3WTHHqYF9+g{1%WP>#E0R(hw<em<|Vyii`X(if>%lcBT|t@2KN!tHqs
zYwuz;yVB?9F3UkJUb6Oe3hn+$mMU#_R+bMC)ZfVy(;fLR|G>;&p5x74lDjNFeu*l_
z<qN!+ZVtx~*lh1j9aMw9WG(F+S~LKZy|i>W7BftTvW04TEzilwxdO3raT!Ghj$gqU
zE-!yU6n(yf%~}T9JA1D7*X<r?y})#T7vVYhed)^<a>;yrxm}l$#lE4@tf6Cz0>$f*
zD-%ATbp<pOb}p1%wgKVTEjL(+T|&bj#>ir^zJ}7*jfP<*Z?Klax62CU`zt6L`85=R
zgX2kSbC<zIW3E;?xuJ}6H9C+>T9oGAyz__8^X5B_7OJZRmeMQp&;>VKqwGNH83h^h
z(@}%lixgiAWm&Kt%J*hxII_Lj-uY3N=M;f6_a*81nNf=~ihOw*EP}EUX;2pAQYf1s
z90lQ0w*dvCJ@Z->t`j&5n!8HPxG7LB8N;A`pgo{{q2FDnmV~#UTmqhi(*I8ADO@Ux
z;oy{B2<4hG5qcVQs2#vj+#kxJ6$WLE7GsOYntF4WWh}szujh@bfKDivz@sIqZw^7(
z-fu!#(3hdC`A)41GIEwKx01W|FdnheyM`uRQ>rSSm!$^Va@Z!qdl%*)Crn~A0PR3S
z{Pkj$ow00T#(56Mc563M`}}6r4-ej=a{V64Qard$m1+i3XRR0H=0`1Amb;|ett#~e
z^M;^q4#)gu=s8T8T~@zt<BFUcRO63_vQCY+snndetG2le%C<pDxPaz4GOozT$;Sx)
zPKTc?s!cY*W*f|3Ha}_@${OhO7myy?I4gI7UHPZVRDL?2qT;f072vNKt^()i@aCm2
zTbAx~6u@Q%4<i8<$iD2OI`7=6u4^wtS%F<p`e%D{yi3ya^8UK_ejNU6?2k4wJVwcW
zI5;c=bM3D)G%#}mGqmm=Rp7v!Y(Wh<eDm^`Wu#{pI3hNy0`!2A@86^{oHv|f%i%bT
z@T`bkumy1J(;(fxUOOD6n8vI@>3u3-5tL0BxT4JS<}C2$EX-@TU)6Xy{F%{gD3_9n
z&>qmhmB(!*bst=G;)9Cj<Sxl)G1BMFTb6-E=in9<J0oX)E|VQqsqEXKEM{wkvU@+I
zCPDtP;pa2{9>n89^%FRA4@{y0l)e}2Ww}{d%a=GD`hs87cE$g9SNgyeK5%9KH&^t3
zdLhrxSeD0e{?k?#93354)2BYJ+V==NI1&y(Plo1YV<U;<#fR0%Yuu*7%|ngoA86N0
z5$06bXFaLnM`-N^Wj~FAKifZ9w}ibjz?xT#X0bb{-*(lsVNezz1_66Q2S87PChbrQ
zTW8o@uhwFHU=v?itvY-Wlp{7xYheBOS2rX@%;2wgB!N4T|K=UY|H%zVkv%B>-5tmR
z)Rb%4g7ktYUYDQPt?Vl^z1$o*ym`19K|4IJT5Mi!K}HVjzAvb*3aoXZu-UTnGt;vc
z!@uhbNR^-iJlK@etd%_nB>BTtk6}s7%eykq5!llOu1sT59FFlrFRKQBC`oNPAK&9}
z3<O^f?FW6tI@&X|NZ+Rw2k!F@AqdA!;I=JrTNb$e3f%t%ZqHUms!9d!7X$Z$f&0L~
z?OxzEFVL9!Hm;~Ra043X*1&yY;65;LqZ$|nfo>1nKL+jt7i8cHhDG99RF~D92^|0(
zuC*KVOxWL#SL3tX$%<lzP1vvI{^}q#&=2SUx4fkS7D72Q&NNg_>)%!xJP17t{0=Aw
z_AVW74H9PiA3UHYhBT;f`OyC0leG?pp3WK86%KaDk%LO>p?zUjX<Y~97GVjLTZa1^
zRe_74ym%~ya{OgLx%k}z<;0ny!;gSQz}|xbv0z_*sN&_PFG(+&mzCj|IzdIOIHWRO
z3uS~Hty7?!(rzf%kkhm}p}Y-h{zz?A_Cdp7?}Uazm!c)8&wj32VB;66f`w34@b1si
z{{7(iwMpIoybq<vd_-V|6QJSHG$h0tz5ki&iXw2f$azp^cq)_`xu6`p-yj^d`LOce
zr?m{q#cmgr{=L6ODr~|PU#q_ILfJ%H5C98b@heupuuyO8w<`PIM^&-vVYA*(Kv_Je
z=3l^O`)r1C#9aQpn&6*7ne8;_iO@tSQ{VT4n%`%`X7O*gHiz{wZnbuYxr_dKrx3U@
z4f3ld`cH33yCNP3&wullbo9TwC;j)gq*ir!pP18}hJAGiYy$!tpucW-0(XvqjnCs&
z_ftZPes>x6!uO-rM^7;92F%L1BFBN_e%M?XS881gWrr-t$XF7Ez3}IV$C>div<vh}
zDA#}oq3n>mpxm?s_Oupk6SjVUGQkm8ngdT{F2^n=3LAvr&MIPSC#6fGvU2CA=OfoF
z+*ss0TDAXmNRU0g&N_NZs5d%9g<hQDyMo2vs_o0O()05(7C7<|+MdXH%k#Z>ev^^6
zba}=ypX1}Ms+t*jOO|D1U>AgNJ&@|GZmPIbVY7PUPE>Z8we-|bBi$-FbwH7Ml3`Ds
zZ@L@ym`y-fj<vo}jt3W%WA^NxhCSte>7erZ3d)j)^-_6tfijQ4{;nD}SH1Bkt32OC
zcsBhLP^LT9u;+#~_%ySqtrfcbeLVtq)PZ`uj6Pwv%n4Ivp8{oGTTW3L;G@8~^%xFi
z+5TE~-HoR>dLsbmdnYK@k;A7M_5^&>+IL!L(fwHdn0(;rR!(|Ot`~dUklrfvZxO0n
zzK60{fu~%5eLD8nr(tKJ37A{pnNr|F5x9W#KEtkNQQLF7Yx*1Z6(t?Y_4h(3`$j*<
zYkQ100V%U@0vm<Ea|=8ch{9M}7<gU~*zC96fcw-w;!LE=W%s{4A`Lu-3p}o?AE*it
zcx)GVUijzddw)Dl3tSS>&-P$22O0J{U4M>YuhXAFQR(7{DAi&1gNP2;?q*ru-UEgP
zZZSuns~Wlr!TTckVayfkPlHu5mkv?mpuyVRyH8Q(P{UrcUqmR5f^*MPBXTEfE)JWu
z{h8Ll<Ml1@XZHl2m#@f0pX0zB%g^^_EL#mXFETF=S0frvoV*L77UdO;P{RTH^xP}b
zv#dFN!o&UNt1?{XR(^vJmuVlh*7pe=`eU>zkuP_-y&-%fM%6ETq?!+Np&ZBPzWj7t
zkbkxs`t(V9AWr350_DYU5tQXghH`X7LHk0N<Hl;f*WuWopz<z3>RiOGf^v~tW+nCw
z?VbsXtuYbG*v*!=Z&9%Kg_q;*ySVbaZB2c9_IC{dKfy|TF52j59lIdGxXg+f<1w>>
z@dO$^PHT6m+j!5a1`9z3^T0Y=D@VJHyRDe99^);`H`e3q(#hI6Ho=%;`GIb-VlMO;
zPg_2G9<{13^tk$C0u8d_pNg|$#(7-(U?o`b<6@0yt9qQrT!j8RFOZda7px20tZ!hA
zh84tOm_spPqixGbinR-l;*ED3<yK6R$N0ta;d6>ro#b(?MjKpY6;{Os!!bxDH{NX;
zSZIga*2)Xr#t5r=g2%iD44b%O!&*7k?Rpv35UVgT*8E9_HLTs^+~(PsdL!+ucaL!!
zd6s{o$9xkk4$Q%rW>;(>#@OjF{1jL$DhfEkZQN-2Cwa`hVCO1U>UIX5WUWX}Fx*yk
zvd74^{P=v*in+*Rd}{gddA?PBk;lx%ia*LuG!a?+0_&2tEaqXXwH4fW$f~~BV|-)z
zFZP(_*k`Z}4GXbcAHo`L)r^ZZdtf<aYobbH+~!nR32mV)SVOGVQL*L=aIva(gP10+
z8!9cdwCiG6BdykpW6ct{RLNNRI#|<G%BXxFY|kdOrLY(ln+ds2aJwFaHNmPWjWv(L
z#e9O<x2|(=9XXfWNVWWzdW;e)<}#1-lvAt~mn9hYSk;$#%%)QU10``<bTHOP*4}BY
zOmrLbEZ<a*c^4SF7o+7BJHYvNw#J2S^8`#L)jP&iw>d#u4r_O^+gt~W(J%|fxsAP+
zf11Z>L|7xICm6AoZ@R~*wW{$s-tyz~W-BJeW4vkkQasMkKGx2Z1S7@rr+8d9W16Cw
zFN!r@uzaZ=XGC9XXKI2u53^Ob-*mU}lod0>WBg$GW_X-~`&m0@Bp8{NAI1r%TO(&C
zm@`jzIL4|PpkSM{g`P-uyFP;zZ?#T}b)Mee8aXS$m}B{7q0+d$VCgXmu@Jps`Db}t
z%dy|N%xaw#>#Bom23^K5t2)hNTxt37`M4D`+hcrb`DS}uvAACvZ#Vop%MW{JBwEU9
zogM4?4Xz7q*O;>zhU_M|l<ymDEbJU~x9z(CE*0Y;xF*=_2e?#>XiP+vN-<n2#;Z0f
zoD<g}iZhm3%!5mLJ_?sg?gzM3)Huu_m0U4giq*n3$zmdd0}*DxrSiWYE*0!BTq@yc
zEPA>ma3Q(5aUI}*=d4&WYA9v`8nmOm^rcz;43BY(6?3`A?2KiKD;35U21>kDeYwYY
z#`43b`!Hmud@!?SYRh36sczR!SQlD_H^+5AH;uI7FONkp#AJG0jj&U!_{><>gb|n`
z^l{w)7s`#E`wgzqc7aA=7^|_HINNQkvZ}ov<2lRk^*Fn^t&xio@YTI<k;m9<RWI^5
z9nsd#MG0nNw3=K_EAcY7c@-?Cpq9~RVR2@3;CMHGhsEh>FQsN|j0%Z(nAW$zVzr!>
zaf#b}7Zw)`m%V(1VeWF=*^OaNgT+)j+N<a$SYxchjd8(n;7_%sIUu%e{l@Y;$BN1E
zxSjzU#i~2I#aTOZ5?teuj17#{R!pwPd>b}Xwih#J_jqe(Zi4I8c!y(w-C)<EM8mE4
z%VN!^;9_1V9#*PvVV!T)jE{Am<*|+}Nies2FemJEupYR2V(p5vYFgrg;Xn(Z8V1&p
zHI{#=2TMTAGECq^YsInz*MdZcV>Wxqc;4~@2amQ!<|VjRjpoDxHa~z%U9s3mXIy}B
zg!JqSr)vo;T<g%~k6ONbkMW~bo$qlD7-JpFPcW8SG0Qzj)wkSZcEzl3i)PHQ{P5Xr
z#a!Vr!;!XXS!1c&m}*sD;c-0<c9B(cMXb{?&Kh}Tg6raO4#!-(G<9%IL;e`ODQ;IE
zERj>}!Y{RA3Ovq^6RZ^l31$vDl_LO4Z<^b+6&6O?v{<Jx(HiMXFveOwpU2gd>~PGq
z3VpGz3oddvQf=2=a80#cN8wVwlP<=0fi}Abt~A^AD_maNm2nB4<J+!UxYBJ`<m7<w
zt#GLr-@vud_MJAx;mELEyWpB*yH2?@;PSzxV!Q*FD%D{0s|vRcF2%lpYdYf^30Czr
z9+z(_m&EvjSXUEV(`;7;8p?K=FT$m+W}FformK-;SjHkZ;>Q&8dgLqixc0(lidBfw
z7LgLznJ~s2SQyB>#-+N=J7B4G0+Yyi)v8|UF@FccB8Cvg7`JO=Dkg}ub~WOH;fe;w
zT7k>dQ?S@ExG=#w3~RVb6{||$84d@Q5~Q#a%fJH5cbx~Ls`@&Q`6+yupSrG}JX5V-
z_GC9Mw0x^P#uZleDvwzKABMx^Mw#D*g@u#p&2XDNW+^}9oaQ#)ho$Oc%ygTl%?^|!
zvDj@~V#VCxG48N@_<Y-{zQN-<aSo?Duj!Y;#oDN)<)$`^o2D17>eU|eCot9!rOS7l
zgXTIMm|tv_nQmjH<y+%%zBSicF*d=~C7tU4Mx|>KT$n_~vF43%F?m!JySe9K;qt-N
z361qNEH2ydTjVx-&r@raJq^t(V5#oKX2tasEUfw1>KucMaa5?Y=eIS%D7QHamP(I1
zhMQnvMM3Ipx>sOvsX<=j+^!A_xYQs$W2EJ~343SQs$AT(mcdeG#_H{Q1J(qqaBQse
z%nWNqX@X%{)ukSnKf_**u8GB_G-jR0TyZ&yhzw4!N8lS)^*Zhd{qVUX6C+S%jcdzc
zSg6XhSo}1r`eu*0&Ku|{7VLRgiB{|MSTksmDn3RTE(f`=u-+7RvUk-_z+z?WrQ7^k
zhwNajT;+BRT8t*KYDUKzv#sj&9z3S<<MUlB=2nk6BulM(c29DIfmMR3hG8>(14}hw
z;;q;fW(UR_M_4i}b_v#9?2Ae*zvVG&z;tYEWq!7Nw|UH{oOWZ@H3wF--E{&N$B|lR
z>lw=4mv+l->(cAorUw>BJVx~@x49G+TNSM^+HF1wi@BkuQ=)@msDX>IWQ?=?w|mT0
zOH@)PSSxREn@_+Rjo|jQGJk@_$fmvbAF@<g>Z-X27K?__F#(%6Z6Q;P%Xf50djvaA
zTxK0BOE8m`seL`JT)5dPw|wOuW1m%B?lC*$1zLoIIsulRJFDF$zuV-60SVvcHvVB%
z-{CQj>hNknpOf!!47EcfUgUPof`y$o?gO^K#dW2lm6+r<n_*$0;dS#OH-768bC<__
zX1SV|z3ls|->qt}!B?mr>tN5^J7F<*G!8ZjhqUFgt%xhtHApp89xP5Bd!KJ^g*5>d
zO87x^2N)MxHL0;?Vu5OZM8Q($gT-zOwv&4T7Ten1kePm1Os)g>B(5<&Ub`@#%v<1M
zfv}vRt6zo1p@&Q{40^3l6~;=D=r)sJF+Et*-R5<$)QtpZ>t0wKmY8^1(H*YhHj(RE
z8eB{cb-%`KmcojLg_g%0d<zzK8mnW?i>_899HR}DD1oKM9+#(GuvGE5A^RB?2a|n;
zF=GnbW)k8R!D2|{g#zt@#XeU(+Tj{p`0bpzJ(~iH{TO85=atjXF6|d^v4TOe@+2cV
zxJWmq>^?<VOu_CO*U#|7(u(FAQLOSg!OnFtEY?t!;XYVw6qmgX{Nzu5r><0fs(dqH
z**V*(Y=FgD+T+?h0E_jqJJr?WTDC10^#yS0`r_KT2^LdO_pa~4vX_3>jjQZy^}}%;
z;K0VKIMy}tdV6OER~cN`{=n4&*E}n}B(B2^4#zATJq6cn+tqV5_W*^JaUI~mg&*Oc
zfeRZXxK3Qd-8enrz)k@rdm64WC=2EZTDxb78hGjwFa;KS7lR0QYO7$emrzs8(}6dt
z`K*?M0$7var+Vo{SXh&B@o}wH0}o39dOaByc6Dg+#L3aYFxcR#llIfHqx85bFpg0m
zu2PSB%&WlIRmd94>NZ$xJ~da4Xg>_dOQM5I9S+=66nC|2vliB9SQx|DwbsL8ZCsK#
z6k`My6S2pFD`p)s<?|Xd8!pwmxRjZDVCjCl%WVeT+%^`m^1ETt55>TRI#2td<%;nH
z0G7w9Nsi^O%O3ZbgKkl6r<Tikuy}34cpB|?ZG)w%?p&|h2ch!auJN#t1{RLha9v`D
zXFU$UVq=&bf6lO5t({LKn3vufn3kM+Ps8G*v4fc3!eW)|;p;rxvR2%dV9vEv1oRlL
zqU&f`HDfRy;9@JOvHmrzA+XT6i`=f>w;^Y%bzQ76&5GIXG1t<Duez#s*`V4(t(GaU
zxa6RH(N>SZQa!)h>vo-ZyM0B+6P7t}B_Nbb3^yK?`FG%62uMwMR@M}ij9O;r!Q#TI
zmf%NVaRjO9?1#m8_HyHjDnp&^HFF_c9N-u`xS_>8<xXtSz}R(IM={3EvwXWe=9Y35
z4vmijfBA=n&OP@IT}%#RR~D>Gn6~R_xUei@@%#=hmc^bpNHM0yW3IeYU79*sE4k5y
zby*-!*QmR=G~m_^w_`ESc+5kvRa0`Jgl|+mhW^8HaVab|9;O;D;@T^S7i{BO%lE9u
zJnwE592Wu<{Xm<=8QuM!z$m4atS!|?C9qg%Gz~I60E>NL+86O&n^bdP?%;Bg3X6WY
zWZ-flu-JUq*F5Gn-naa_J+6V95yEQq#+sMIMPIvd&3j>uv@PRix9fda=URo=#hRV&
z4Kx_991~zM6iR{}*(&<k&H5r-9F3@Lf!pc0&l>q+f?0lFTd^?#PQBmS`C@`=&i%Yd
z;>z#Z3|BPoUtG;_scYNN2LdJD{Y!K(jA?d}5|Q-_u-Lj7Q^<PY7Tgr@0hCz;7YDGK
z2p_{b7Z!&44Q{jlgKbM8E?-%&)QH7sa&3YYE%7~Z+tbE*k?T?sm;wl8rorOG3bq%j
zQdlYlhTIK{4Tzk*ZfD0zYh+!5IiXTP^v7jx*S)aNLYS`~YmSyf)FBTA*5TdN(ZMj(
z<W1xhgvGhjk&C&@@i3CJT5(Z~gNt3OZkSfUVkn1|xE%Kzu(+IJ`-mmK|0B2^ZnLg|
zmD*+<_><pxRSw6cZGP9oN^7$|hUIOuCO(QA<~HjQSbu~xAHz*@n_mvBIc-+`pR7Uu
zXdkZx)*m68VEs|f#I3kx4y0n-YgNCFryY-5$6ilx&3&9r5`Sx~c^6!468ox!JAvvq
zJZ7(LYB=B#<W#pS4Hh1u;~u#bu1gSBt#eJVbYp%T9sGpq4CS>9mKtZAh&y1h94B%G
za$Wc&hQB@Fi|Mk<hjrZ8X~pdKm@Qz8iD$QnnebF#4aC~OhdBsQ2X-++oMtcPW43c}
z;D*Uu1(%+D>!X8Vj7K1h6f9{c>~J_PfQ5w>5APRQzPCN*t6-Obp^k}eXWwe;*xLzw
zLiLWv^+vTly|B`qv{PMF)i&`mSj+)S0jBplSZ*u6Ar2)!_P!^0mnt|0(|)&kF)Ze<
zEP*wq&3f-oe*K?rAI}TxkC0Wc{z&CVSd-dPNvvt_R|4yzHopU~{s`IsnLp(K>yI?I
z!ulh>AOGYR|7`nIN?@^LRE=JTrKb*R8~$ATG}B@Ik$Y8pKi7}2@MPg&T!-CAj)Tf5
zvV4smJY%nJ^q6Nnua-c2o9dcIi`NZv4O}X_mAK-+sY9vF$T=^lVTk*OXQTNet5_@k
zqFD2OxKw9xt@r>I*H*RTJ@G~5r>^A_V8y`?>+X%w!7$=sU_npDdI{@%+l#AHhnK8l
zA0@a(yo4t|R{S%u<~+EVDlWrVTyKLlhL$Auz@7^hqhbxiz3FK$2L>mH^)y)Q1MD?%
z*}ogs1+Y*7Wcf9$SXlO0bw%!RI5O>LTkpcP#CA=n<(8O_l;40WlP+g;owZ_Bf|*%|
zF==O-h|ShLuy6zMS)5U49sA4^{7PHDphVaI$=cW6az*S#NUNqfE*K8g?nuwv_9v?q
zmL5p(8~bW|tMpIS+kdhm>f42MWze!(kyU$a{@C7f#lObE690KzFdc#VnRV?gSGU*g
zK%d2RfCJA^n&N`#Xbau=C#&BZ?fo+TWL3f%j(AuS@ig^YSgPUY?sGVDtoXxm9c%}C
zAnr~4-q`MoEpXxCKb}Ya2ABQKgKN%yR<6by>v|ooY4&yc%(nvJ9<g0arNi6oDBQKV
zroe?57sk4}z2k5!<C9+3O1O|M9$0^4Re$Yqop&IR!i{jn^J$LjC%CYGhO4H5&t2&{
z<6Zmt?9sRmwu9(%xaQcNW8dRrSF(HCT))FL(`GZ?54fI$E7fLQ8~FehF^p;}<~xt+
z{6IZYz;=1H+q?i)g574^GpvNg9Uf*8tZG;sDfVvDWqhd9aizdD)lRz#F1sS;F}RWt
z78CUyr23JXMC#7o2P@G|C-FtMS$jxbTd@m;HS}XVmJay2Zlh(j{uCDs2QRrQP|7Fj
zVyUd{f3i;gR9#k;UmmQPZSh`%#mlPl8}OOBoY|Ifjph5<WA^w0<G>DKVDs<{thu(u
zt55GH+^@pIO0Xl^^0j!(-p%TZcQgq6i(%1USs%cfrYvl~hkwcKH}^iP;Ns9%PZ(Z-
zH6{?s?D`e%jobVd!Q!<5jgL*<4p@_{cz;~*VKtY5Z*#jYqGc8S9BUd!0>N3Bi~nS8
zgvCYFE}H8AtZ{Z>&iy*@IGMLNH^K5)@!!Rod*M>6CwcHU_F!HW>$(IkJk`NnJRGRc
zs#xP=%irp8UHmPRY;DEO|51B}w8Xk@folrGm><J+Ng#Xkyzkn#%o<pi*`eNti}l4I
z!NuXh?*jvoYx4K7R6B9qb^j0;h`iq|f;ENl#E8av4NFy(o0OhE+NIeQYc7H-!7c;W
z@d{WIZ7Z?PZG10&!|=Gq|75piORTvSE_MVilE^OPXO$hc7`T0zDt@QoF|P+4t%Be=
z=^pU~0d{FoyH{KSFnr>)g&Pp;da@*@1A<hxL0kfj2B`*gP4Z)SOHBtO)>Q@POyvwd
zhT*E5>2OX}&Zpqi0lNQ!Evupn;7n7_-G4ZH|BCse=t?+s79YduRdix&TeJ!|7b@EA
zH*8{+Gat@5%DMj!=Xt-kMY|bJUC1Ulb=YwZBS1I7Io(dd{29(zyVZB&$wY!-*w<^9
zy=`9sOZV`1n0c^f+aa+<bDryzk)4eM*9!c8aWr?k#?w;W+3*-&iyvY}1sQ=G(Ftxd
z0~T}XWZwmDg2nM*s_#~`<+OLiJ@NB6Jb@a6&5QU#kdTR=EXE<Qx`7<qX061Kc?K3&
zKlNbggpNkwKBd@go)1gK!zR?VjF$Zk$)j+o+1Ucu`F6^j%;yFh+%@6XEctMa0>|Se
zjF=~2ErW%*jd6FDshY%o++i+)l@Lh5tbjEf78(z?R`0{YlLMr8GJXTe6+6UQiF=`o
zV6iFGX0HSmQ&4;RJ+N3JbraSDzmcS$dayWITk0vr&9IoJ3b_Xs<JphR%wYVwOqGf=
z<w96&BXz4@28*qNeKu~#--5*wV?%^HyI}m<atJK!{qWf60$2(5y~Ik*arcHVzn&(y
z<FGxB!O}Tnff$0{VR9iw>R2GIfJHz1j?nc8E&EpIFkCEy+At36rpkc9fG<8WU~$30
zh7nh{ZLl~{5b|cX*%80qWWV6f6a8`tEc)5cw#^%1aXC|M^)4*7j(Xa25`Nivp7O)v
zi7~J^sF4a<U=1vWwBs4iNlZ9~Tm*g+%4Wd;z(AS|i$PEgRIvmWGeY;luL0I9<%gAR
zL=VGpF&{p<R>6huekaF?{}d#6A$~hLSp^&Cc1llK5n?2muY$5Z82A`}=iv9E*im9f
z?t_aQt%xn`%i2;kI|08Y9SuJ<8YjbI8>q*nYhfi>g|lPLx8UOPiylKA6GIKh4BOg`
zuV~*Ee*}t@hhKVfSg3CrcEMtoAObq|XILX(;eivP4+>XZf`-O3n-#Ez+41;oXB8|K
z70;;=@(3&r4g1l6c@BPz$}NRjqOsKW#p<w4d=T?Un;+Zs+*4JTV2Wc=UM4a943G2S
zQ{`9$TInNrs@7o8zNZ=XF1)M#m|{AtNp=?WyAKxkH%R6Xe!qqvqfUT@ryr}_#zgU-
zj_mK3nEuGVAAY#%h991q%y7F>VBtG`blV+p;g=4$JADT(H8WPua+{s{1V$If%nVp+
zr_9G)n_#I~ijc+!5_2XpIJ2*+JKFOC`~*&_0gYPmL!6!a$;h)%v9x}w2UNR035$~t
z6B>6aEwC=ItAg*DT(PHP39{m^h&8L=;#forFXgYC&@|+zmwy0~KIse@IS@(boMAXp
z>|n^=^)jqcR^jqk^91}ZR*ik$bIgFnv4ltVu<nAzS%UV$w?MDyka(JfmObgL_VZ~1
zEKULJT=)e(EVUkRcpQYK$0yP}Wq=x1_D!5?8mtVf73J6km&zH{Fk4~iobg@qVEm+3
z4<h`ABU@qy;bPnbm?H55jaXxpRD&3Ih@bMC#6+RJXPvFOM77Jkuy9AP9A9z3h5bER
z?(%aC$2ip_sL;SchW%g(cd4+hf;G0y?>Sg$0m~H`#l~yBI4&3tjtH!dSba9a;>=U4
z@c~#|>C_wzIaf`e&h}0v85V1&)}kU<>_Dt<m}uK!sWpr@(nn#j=2&RpH+V3X5Ll{+
ztNvtl9n!AA#$1Ux4{dNK;KhLm#+OnJ=!_aF$Iiou@C^;D(^#2}$HX@bF@6Bl*<;`1
z7C)e|SYn1l9ugnrYpI4fPah`7h8qdSLWvoH?s#+<nor_K82A~?aM?Km84SUXfOW+R
z+^$Smv+aAgPvM$HmpKYQ3uXxH?eU|c)v)k;wP~?I^&<@Hmud0Npz~z~enDbJpRf9+
zv;95vy|AVuRyX^b)K2*MFef#ZMhv$3u=M2y3uPrNu4wS9i4MjuiWv}@;hH-M7MtcY
zJO;46l3`$7n(cOWijkc$$o1}+KsRy!`W`IR71+?5{qgf-ZoQq7INZQq0w!+Z@uS>l
z#6OZVI#x#Fw=*VgBkdYuMkl(BO;R0;M*bF%kqy}$W8kp|ev~}t5A*bRL){E1-$I!7
zJ(V&)fXSh#<HjZ!>PF1=HSQK)JTmwg)GnR18{dX`RF|UO7(=PBIN#O9YNPhE@AzB?
zU`6u=+UzzeF#ovUNrc5qL9l(zEriA9$C`@Am2bhqHEKP6R+%WrJjO^9I~nd~933Qn
zt`RB=Mj0o14cJ(`?Bic)5JI5)91M@CX)8L=KH6(H5R}2;#EDx)`=AEN5#-sOHX6x3
zY?ang8qWq~>S%C;j=<}DWKyCLjEe+*62}i5?Ui9OaCX4y#mS?+vcy?987>>AOG*=s
z(4lZS@^BL8<77dvz{%t9)G77pMxP=EUttGQ>VmrnCwVbW+ShBn5z11n!^wl%31=A%
z98|_Dr-9?|l*PIeC&S&Pva%fxR_h*|46qp|4=U~Zv_1gk@psCCJcg46egY>mcoHWM
zD%0PAle}8nPuo?6@ib0G+>Mg~p2x|IU&P6yy|M*raZ+E!$%D%9ui<3;*KzXrJ7q!M
zw0)s$YDRnuCnLU%lSg|EhTUjWr409hw%aQU^f6BQf1>@VC*$<vWCef2$s?debg)FY
zud)v+olb32!(n3sWFP;_TJ(P_;eVMfTdI#;A+*18C}k62qhcRab`3TY_R(J1Vv(9t
z84lNW`)IF3xRTo~jEkpz{7L%)5ikK<2<@Z221{uM7L5DH8hs6i)Qr_Lc9afEWz^A7
zR_a1%M`*J4r?RY<XuVW(Dp$05P}X^&=2SW}wM}KZSx}~vYv>sRhkg7f%7pR|j|E<?
z^-7%%mE5Q8_DZxu`(JIK$5;}3;rchqnyo@aCUCvh8+1Zz2ysxE@r}?f(A%MGnFpZE
zrvl2OO_?!g)HB-S|Fx$5PcmdpcB8;tO6s8Oih5mv_KGX$cq7zq+x^=6@04q8qxNsF
zL?38QWe0qs?f*czDE>L(>9Aesrc<DOpsdg7?6$wC3Huz)smyzjwy7-8P;FD$4kMr;
z(9xQYcFK$-qZ4j^u!GR-@6;t#UQErWy+-gq`#90ANs>;4%0wqXS%GBD+bjJq(wxdI
z$n8*~GR@m7D{z<Q?Um`@<J6NC4*Q@ogH76|o&b9blnFhg`QIrMtkU7O>TvCq@t*`|
zxE<Pmhg0=rJD|FtMh9rGEZ8&P^m<PFQ@g@`P4hRP47X3~n@}E9X8g9c+q6h~9Mm4|
zm1Ch%^M9qR*&!W{%CYh_lm+=lb1GZ%M=00dUo|fZIH)Y)?@&gxjsH*?KL{Vx6Y#-w
zI%*9j#6hLAv*JbeyC&(ucTWC0Wsq+8I0@QMho{nchPMAs=`{c!EYLt5j%xo)$VlyR
zw)UWMnhv8ajamANHbQ&<ca%Y+@xewOspC;kggrsq|A9_GwEt1W{}RuXBgw`9`863!
zLYEvvP5;YuiP|e$YO3Z`j-8p>{#VK|I~U<t^LbFFGhgch9iK}7%Y)F746smpP@PhB
z5f*q*$0CiX47OO?RF-F{w*O8!2d;rX^C{NhZ-BCVYjwQ#$~kc>IK4Im;iiEB?_dN;
zzF3!Mla5Dac{XdC%6#tAc6(*I4{1(iyoaIWk84gP-=^)qQMF99_h185>j+d9V3*b!
z&8bZI8LiK1|J~Z3%5?TXiC)16!|$b`mCo0K7TY!)|5b_h;e+~?_WxJP4BkdK>N`4o
zd+j3im*A@P{w2nVF$m)LM2Dd=&ZkhWcuks9*_z)#S(zWnC1SD>nhJ;GCzy=(v(^@R
z<Djz5j%ogj)?c+hmHxkJyS+N)qeIS~MJNRe(g7d5z3xTh|DhJO&yabC<AX&$RTt#%
zl>QOgpUS4`t+fx7wLKk*KgU`4V2ci-@n5yb_F#hN>ImmSncy%eH*&Gsj)U@`(m!5n
zg633m50nKMt@+<6=jAx~hjQyMTL=9AML8$`H!@}m&P7G2^Pp^r`MP55l`Xnh`)5Jz
zHGvKuf2T|+8~z-e*XVHVm7C->nzvWRE76?FF1ZOxUaC2?$X+9F1z^c<gLa1A1LbYX
z!%*I)?1b|6d_R=O|DLKf@qaPF|9%145^n|O|3TD@E%2_^_n~aE520*{ub}L^@1gi}
z{EQDK&;n%(b;OWn%bmobt(DU*3^vm}MeAwWpUSQ)Itvaacs7(7ov#D@Zzu~8hxAwx
z50nKSr8N<Xf)zO~&|nOdM|)+##;bsi3EH2^noiaB|Cyry+b6)iRR$7f#$G6!ZZVWK
z$boW8ccr#hX#cCVUIWFS<2rmW{0%g;(zzBNY?1X)rfbpW_$!Bl`~L@_jQEh&Dku*s
z`9GkH__*d&Ht9Af(GGkt+%9cD2W3m`h4Nnh5Y*n*Lphdyg7VhE(E<nc7?f8*1I45U
zL)j8tSZuA#pqu7BG^a9LD3k>XgK~F$Hq;(dP_~>0%J`$9%x}yIYW<<ZjyP89g-{+;
zCX@nYgc;g@CNvcGGANJ#x$61<KTqKQumDB6X8F2i%XN*Y=ncmT?SHlA?UhYksQsA^
z?PBOz&@E6NR5~BgHkB>;D3swPWroqk-XcAwL;Oc7$t&=7ex&30hfZ*-&R`pplfoHB
zsQm=-DV;i%`EG}DDD2esF6ar;I0N@dppNHZ{#6<61<k39{<5~I^xp$z_3E_!iuR|{
zf3Nnh*Y<1LpUM&ZCPyR#?$;jw9c4k@(c#-Ghx~_{Q(3S>+NLs}kG1`WqW%o{sSfZN
z^bFW0CL|+tg3`YWlo@y9ME#4>zq|JDsr{+sCu_UCl81pa{qQ0kARNjXoUZNm%8bv{
zyuA_)!Uz2aYybaLix`1@F-#|PzD}sUven|ixx9_j{#4c^3Cc@i3Y3?)c~I7DzSad$
zhPxcff_k;R7>az09J$(K8I%$8pgh_udA{~vuKn99E8x?d%8agtvf$T38UH%1tDv0g
zB~S-{ETJ5KR+e}z0x*H~P}-IqL20mr%+}8|@79>g;P-2r%6uQtc6()V4}$ah@C20C
zho^NoD$BPU%J|Pi8U97>-%jP>*@kJ);FomZmv!J;ZP#gi1<FRL*Z!|Vd9+t%`W84V
z@vaWv2xTEY(BY}HKZG*;rybFQ^!rMC9HxPT$_&5JHkGyf8Oq-J1<H$6M?i+_1Z6F|
zXzj|tIH=69o3`64!*>rxY?ss*;StH<IYw|g1BdFs|4JD-T!(9~jDHF^{ZG^WaN6Gm
zAOAiW4RQSYU^VoQe;@n_=LHVx@$ZA#679dp<|?PY2F41l9LK*8W+NT{KKS_e!N<Q3
zKK^|$*MdKPKg^Bb@$Z9=e;<7O`(Vxl925RVkAEMGhH3vjFdK?C?=+8pAB=|JE$s2{
zgYknIv;}YD+kX!X)3%R)AIz3G{(bQA?}M>u;#QUO<oNf&$G;Cg{(bQA?}IPoHvl-O
z$G;Ee%GmyUV73fx?y`=5AI#RUzZYh69REJJ8*V~4V2*zueEj=h3<WNv{2rJGm6N3X
z_rT<|Ib@E1AN+sg`(XPYt^KR-f!PK0XBV{p9+;dqyR7Z|;O*hX#^DZ=l82kGtQ;8m
z+>^KOiM(vcty@#V>PLO_`>5>3bWdxh75C_)(PuahZkh7YD>*B-oxJ_m@77I-TzN<6
z^><#oHo5P)U(De@oHHE1b^8t4P5i5j=~8jM5h7{V8xxK0Qh7Z<$_)S^HvsgI)EfYT
zR|C`#^b&J5zz%}!)c~PVO^~?;AYu(bxOmq9gp~l)6PzmHB>=Sqg(UzHQb$m5BS6%R
z0DZ)FBf!A50F4CwByuglL4wk?0R5$bV9iYc@izgSDJ3@nM3({_As8Srr2tI?8%qHq
zrJ0~?9YFFrfODjL9l-dT0a^*7B<W^=7J{mq0S1eopyC#Qv|9j%O64s8DeH}{(sjKt
z!5Ai~>j8pqMTna92r)v;TLE?uWZw$lmTH1b3n0P*h!HRTS-pha22f8BE8({R)Djfl
z1`scG1O*!aqBa0{#J2%p;Ozj71c?%PJHSDL(%S(pkOqP^0uV0%W2Hm@qRRk|5R8+U
zGJqz6jb#8y(o9fR4v<_9Fj30O0mk0}&`OXjNp}FW5LDd(aIyFaD((bGyAxotRNe`Y
zau-0zT>zI#>RkZA8v$wvri!@{U<X0=Mu6#3O^|svK*Zeusp7pGAnYE1dV-k}eh)w`
zLE$|BX;Mc}un8b)6TlqtZ2}m$8K99MT_QIF93&{+3@~3B2-e&S5PvT~hLqe35PcuO
z5dyqp;XZ&Sf{ph9c%_-3?0$gc`vDe9`TYRn9{^}2$d;rB09pvD9stM{KS9M7fV3?D
zOQmuPK+1yvArAuNN$P_D!4&{C1k1&&0N6p0T>)^VR09|V(!CPm6E8%<9)fp$CA_ba
z@Q1*!mZg+JsiRyY{T_zk)lHOQ*+*F^k&i&Gm6eq1q=B+ZhE_qYmlDbia)`28Vje{%
zO^+gzjgKOe5@`l7Zj{8wAZw+Za+4gTluFV+AnRl^<!13yZjs4bA?u}*a;q4RLo7+9
z+$LKo8^qkkif&^?w;>aeYJ$us03x0MC>QS&tm~7kE5V%-{v<#xLE)1C8>Nn*;3<Hp
zrvUB|-%|hsw*xd1Y?jFF00#+5w*%ZK4Fqd;0L1SActA>a07O><93gm6VyXd}2sTy&
zR7x{J*-n7uod6F@`A&fGy8v1Vsw8O_Knp?DE`Z0xPf+nRK-$v)Tcz@8fRq}5kQ#t(
zl3D{0{0u-1!IOeld!aoDvY!FiF4Y8?&jLg|3s5cIX92>V1E?q1CE?Ej)Djdv2T&t*
z1O>YRqILs3E56+T1D^+IB-kyH&jTDJD19E_1!*8y^8!Hp3ji-k$qN9{F9IAP*dsA7
z0yGh9d=a2dnhDBY0!V%dV6T+F1Tg+(fL4NfNqQNeg`nzXfY-%OP_YLfZ4bacsoVpQ
zQVS4L3$R~OYXO4m0BQ){7PAgu2SIinzyYZy$b1DL;uU}f@xB5OwilqD;5`Z73s6f?
zxEG*N>Ie#61&DeT;6w4f3NWx9ppoE^MAicwBq*&1_(U2A*1QG~{~Ew&Qt}!=^y>ge
z2)>Y**D-#ZWId%>nkipO;v0~!q?~eCj#7?D(mq6O*@viA`w;aT@dFs&%H%g8N2QYT
zof!Ke-%Bb)g5N^mn*9j;qnK}j|0L;@pQW18BHiDH_{9s6uy+u+{%r*QMZ(_!s3j<T
z2cT8z2nr4WL>&P5U3>=s1|9@xBrqiMAizO_(t`j&(m=4L0T-`?23)*cQqlkr{VqZr
zX+VgM67w!V6T!xJ0ZeHoD0>ee`8|NnQvM#m`1b)?2|^_4eSj8%s`ml9iJzdN5g@G*
zpu1Ey0;GHZ5b^;)4@vz1AoxRo8iHP8eh9FGAp1jrP^l)!{0Jc8BY<%6egqJ92%w(e
zR0%%>P)ksF2p~f02ns$1i24|ykN7?Y82AZ5BSAlj`~=`2LFp#|{iT6m&8GnIp8}jI
zC7%LBe+F=bV1UGY2GB&X@iTx(X(lN993c5~fODk$bAa(*0JIWBNzxYpEd*6x01OsC
zK}8clS`)xfscZsBX$A;s1{fx(%>cn)0@M(U5c5lb9R%550=T7`AoDALh_3)*#QPOM
z*kOQrf>;SZ3{Xo@co-mF>Ie#s07M-D@QCjSz`(Bo8VM35@@s&D1f^dCTp$euYrX-9
z{{~>Jlzama{Vl)|f^ib_EkF~&#%}?Vq?w@XC_wU2fQeFm6kz;!0IdYclJp%w3qjR)
z02hm&pyGRgwC@2XOXc?fDL(*&`~YyNr2YU9{3AdO!BjDS1lU24{UgA1sV2z$2_WJp
zfK>7R1Q7N!Ks~`s3I7?OmZ0!wfHbKiC};tQY5|xdz7~Liet<@Tbcyr>93&|91I(8O
zf;Gng;*SAjNXapP=wASi5G<6KUjUj2HvR(Om1csnUjdST1z0TQzXFVJ1!yJ6mZVmI
z7J{l)fL!qtRQv{z_8Y)bsr(Hf<#&LP-vRO@^><_XhF~X}gZA<brgQp+9nO#q*-q>q
zHdH&&6b5`F4A?&L8USHVfO>+fB-{y5OHk+pD3m&af*^pXAb=vg!V_R%2Y^O`l@i$j
z;2=S12Y~COfnbdbAl?OVy_C2BqE7%gLa<t5P5@{k*mwd!i8K?Gbp%N62(VVlI|7Vn
zJz5D$B`Fx7g`g@J;AZg?RG0v1Cct{BL{%lF6F^8O083Ik0R(pjs3F)OW@msM1lgSd
z1h2;g$m{|T(FLGfyj=joLICOs?v(HlfLemW5P*$RM^MleAgU|CJ>u&MFt8gyBf(~g
z?B<+q+$$?7_elfgei?cq<N+yxNOX4uK5`-gKPWNX0h$Olb_b}GW&phEEAb@A!%|Lp
zM2=FbB&i4FQQ1s+O#Be3=!vLlJrQ-QRQ3c&=>-td3t*e1_5uh#8K8#XNik0b*g=qe
zGQf7JCddp0hzJF!7H=p(SQtP(!7d381E?h^3<Ic<I)Z|5fT(bQXT=u|Fz^(BMuOcE
zc?!Tmg3?m}UXTWYHKzi^p9=7jl$;6>eHy?Kf<1!&bREq=u<<m2I%y^-ivUQD0N5+#
z5dh<R1GEy<OHyxu7J{nY0I!RmprQ{zS|5OYQrQO}r7u88Ux59R+7}?WA3zPk+hX<u
z*g=rp58!}Q6J(wa5OF#{gLqE|2<s0}Pw<|E_XnsYDC`f=D0Kt{X8=T<0q~*t&HxyA
zCO{*>A&EQ_;2=TinE;<i1HqcJ0OHRA_)JR90*D>}aD?Csi5URUM6huHK(jOxlnn$(
z9tiN2ln(?L9|_P(a72<K0a^&EA_2Y;KS9OW0BL6f9F@wm0aDHZ2ssDfdr3V9Ab1c!
z4Z)9M4g%OgkUa?CXS~=CATtUeA_~AS-Y9^ua{=lJev$BV0cr^f&jo0eI)Z}108xVh
zeiz?hfPq5*8VL-E90G8VpmYd8kTeji843_T6u>1VLjj`C12{s^5wFt&Xd>8n9)Ky$
z1ZBejl7|6wmhxc$<A(#Z5`;+7aDWzqs^I|L#7|H$0w8S!KzFGe0g!S&K*;$3JtXyf
zfM7R34M8t4-2giXvfTioQcaK<4G<9x5H8+mfUp>VdV*6WJO-eapfCm?Lh1+#Mgl~Q
z1n48akpKf@0U8PVNn|X*L4wj)fd0}zuqF;5J`UhaDTxD!jt4kGFhFAB0h$Ol#sfr3
zGeKDbKym`WIZ~bgFx~^uN)RPU9;_PY%4W)7@l%G#<WZ2JQb{>aj6}#VNrg!8Xhf|^
zMAQ*tjs`zp(kX7KrbJ8k3m`G#rHqu_lvoKL1BsKRlz6FwNWoYn6g3tJdBissVBm!S
zjRc7jc_F|-g3=2CE|3O-HRAx{#{rC$l5qgh;{lEkjFXu008IoN#{(ouGeKDrKynhm
zL@7@K7(W4^l^|J?CIGY$R80W5So{PP69LjD0!)_5i2x~+0751KTq>!P0D_YNY6zx^
znGCRlAUhdgx>OTnUIY+v5kRVVF9Ha=7@(eDri5RNR+uGADQQwinJxV;fy@yfWv=X_
zq)X&v$UIp|nJ*2L1u}FBBtuFlm&+l_LW#K)k}2ycUTLN*lElj(i=~{BB}XaQk~9^P
zBbzC?;-@T;$<rW9rINBtjOma(Nrgyo3JP8`9R*)5W(w;{kevc>rBoASrUFEy0{Fz6
z%DT<~s3*8e!e;=~5){q=D3m&af|&qOGXaXkHxppsEPzIWl@d7%;2=TiEP(5zfnZG<
zKztg&^-_`s5Iq~<2*GNJnGMiHuyHm(i8K?G%>hWB1F%-g=KzeK3(!hXDoJwzS_rD<
z0^BTqf{Jv2v~+;=Qkjlcz;lUt5KB@a5<DN?HS^%TLCpE!w@W%jq?%GD-4{U0#Y?$E
zc2n+@@C?XZvXrt>>L_<hzsn)_h>x;K_E9!V<U$Cx2$cJzfr2eUCgcGrp=^;ulm{io
z3#pLxluBu)U~{kt^01UcWc*^*brFhMB}t1}SAwd=0FQ~EpdyQP%>vjem018O*#IHg
z0NW%r8z49bpoZW{F>?TR5M<{7Y?o?+%v^woT!3ov<^qH*0jMX~CE-f|Y6%LL0Mtkw
z0N%veZz<$i@j+zZGI%#Gh4*fWTn7HUtfagk4U`vUXddJxDWSY9hbVg_CLd9o@)31o
zKBCr1GeOyMfaK)>d!>9i0=_CoDfN<c1>`l^OnF`W5UIElfzz%;;C)hgCHR|S6hQV%
zD&;NNN_ksMALJcLryP)Kh-9un)QA;`+92K);P1+A%6k%i736(cN@<ijh!k9nz)@Et
z@Q32N8em`{KqJ8+i7W&-NKje`@QE}Kthojt{u+SKq~sca=puk41Ybx@5kM2c#v*`b
zX(lKu21qUj_)5x)0miQcXeBrzNh<+b2&z^Bd?S8>ifaMVt_3(MmDd8KTn7+x9l-aJ
zdL2OUDu5b-AH`e+u!A6b6~NC@O^|s#K*aR`e(_!p5OxDVJ;5&$egi-)LE#Mmtx`u&
zuo@t0HNfxUTMaO94L~D-A(3kU4ic2E0SJ-?f;A-o@g)E*DJcPnz7gOEK}U(X5uk}+
z<Bb5OG!vAq1xQ{C&{@jY0*t>2pp_s*l5PTMA*i|upquy!DoO#;N&&h{WhpxFBr(=O
zdPpinf^UX*%{qAZ67y#8lO>%JD%F%Q>3$0&T)dQ1WH;qh315$>wd)bJa6O_%NF9LD
zTl(D!=_5W$U)e|LCy^EcAG8p-)I#9?(g0wbAwzG2oGB%gv*ZwEfW&M-;HC`-ym12p
zM@ln6+3f(yw*#Cb<+lTj7l2lRC`l547J@1P7%YB*iZXz-GJv5{Sq6|&4iHifFicX*
z0fO%Us3903<{bb#2(s@0a7#5o=A8f$cLKzS_fCMYy8!A5VkP`8fLemWy8z;)j-X&8
zK-5M6kN7qM47?klkswhb?*=$XP<l7O1=2vU<{p6fdjQ5t$vptkn*fdwjFXs608IoN
zHvuF`GeOyAfaJ{p6Qz7J!1#LsS_zUR>0W>qf~tD~E*3vQ#eD#2_W?|n%KHFP?gt3D
zAK+3+y&oX>0e~8UsbW3=u!A7`0f6aJO^~?-AYuzZs(7~mggppQPcT!$9|Wi+D0~ng
zP3i~=DgdG?0Op9V0$^YzKqEoAL{<VEBq*%}m@f?kYaRlKe+VE$N*)4;ei+~g!9t07
z7@&z@<HG=6X(lLp1R(hlfW=b&2*CI%fL4NRNvZ;9A*iYX$Q3_9#iIaej{+=}%0~fG
z9s>w@3?NTZ9|H*f2S5$Maxwn_u!A7`9{^WMH9_W9fQYRCKJjh^2zwl$p5Q78e;lBe
zpzv{kLa8Gt*ai@_4WLMT+W-bW0nkXWQX-!KI7m?X1i*FDK(OXXfcPf?u9uQ00ivG*
zI6|;mVx9tMBG~v8K#4RHlx+t{-VU%<%C`fI-vQ7{P%23~09pvDb^zQgeu9c>fV66W
z^-@_4kg^jXWG8?nsXGCJcLCH8Y!Gu7zz%}!T>v801es3*L_7^pF5agB!fF8O3GS5e
z8h~1Y!Ww{$Qb$nm3_#Q~0QZRR8GwP$0yGkAmdIxT4ic0;3viz_5UhC)ApSXk2c+aV
zfau)-M+hF2nB4$P1RHk)R7x{J+4BI&&jUOx<<A3*e*vJCph}Wn0B9kodI8`u@e@?M
z2$1$7z*ebz5g_FyfRL8}wn^$s0KqQ<)DS!==F0#(2(n)W*e=xsnR@^t_5f6icMm{V
zEkHfNE(xy%s3j<@1*nlaf`U4Ls5*dW#a9O~@D+eYg547N3cx{v(pLapkOqP^djaD2
z0=y(8djX<f1vo;mM`B(DXd>A7DnOky6O`2hB-aD%mGXLk@vi~264Xo5YXB_-Rj&cO
zE`EZF*8$RA2iPZ-uLGpK0TA*Az<x=610Z-GKn=m$V(tUjL6E%<;DA&UWWEUy@g_in
zc;5sF+YeAr@ScS42dE_|+z-$wbp!=(0Ytq8@S*tL0vPx<KqJ8+iF_O2AVKNd0G~($
z!J2mf;@<)IOiJDXh&}*tgy0K_IRMZ^u<-yuvosTw9Rx@|2=JAZ9|RcR0MJTsM3Nc+
zS_rBd0KO4F0Kdt27jjf8Dc_0l9^`vTrTidUDL;z&KBDe;A5pX4N7SFCnjo_gAfge#
zFWyFgunz$034W3A4*+Tj3O@j7l{$ig4*{Y+1o(Zs??dNa!zv!t)B4A#4(6h~C|`PZ
zmg5$ge8~B1NN@Z&1Fv@|9tb^A(wm)EF_hf(u`}3p6t6MpB;A{x7s%m{ou6V)y6+Qb
z50@V=vFfxPLB}~|lo@pOKl`}EPU+hwXK=6nXW1`YEas0f^79J#8w|%{nS9K7D#|s`
zE>}k0yyf1k1&-^sAMF~{%}zPaPT-QrpkSBtJiJDO#k<eNA8w40^utce$k@L0%%EY0
zT>z`^*q(C9ug+kszPrD64(l~H!G04#@%$|Bxr^|R+nM)fSvnwSVq1YH*%|cx7IppV
z0@juF|09Fdfku<(1_T8gzsix*f`*wn={dRH1$c*)tUrp@IDaC3?4epCP#5`gk@woU
z4EfC&eEW~i1<v4E+h;dBXBh2iiYijyADwaX{?E=}=P4P2K-0FzwKyjkxUQj|yBNV-
zo|ErelCeOw-T>F{IcQks{<=z!4bW>jYL2e6Tl?LGcqs|o?{3fj)tP6wy5Rloru6&B
zIj${#*QHnKeh!t(esd0YU41p;vn_6B7<|>;?{`$xj=3E%`>O_5t^P*o86jcUIrs{Z
zVn>O?(Ni@=TNBT<vw5ULP;jrs7z7w)cCm7NOS1nM1Z|=7?K;k1Hh&oU+i`gNAy-h4
z;aZA!z}uDV?6m!JF6TSz@#ZBl%%EpO=5JBy=0Z=Dqo)N8mS0VbnbZdzjvi|GPU;jC
z?3_{|zjY5fCYN-EXIr-oRt<Mc7r?TudSp*@ntvLPJ)E5a6D90<>DoQ$Ys0_2wL1!j
zQDO85>S44Sw*PcO{O2A8cI*8y`eOem_bx-4dIv30jl<4T6Zic-sK>Gnh9iU>p&E>{
zH~6X3gSrIap+?A=LG#tb@fiGp!C65UV;M3A1kL>CGiJK;*CY<wYxN*&n~}`p)IUa^
zntFrVx>Hpc)8aI{-}3X8+5I+4CJzdVb@o3?)(r~!+;tTH4Mukk$zco?@+1E13%oI>
z_%~>mKPnb?ZcuR0tXM<3H9N!Y<gUzJwm4(i0>@|Dv(F7W`6a>Z8QQt_2mIq894(zX
zNMcV{583>E&^c1~ebC<c0k#Jg0)*fq!nfX>qgjw<{Ha<Cez?b@gJyi0%Qv#`hoBxs
z-)pbH8+G}D9KI2SYfDE2r}E`zgYYjeU^-0A_}V|bQpEvmzipS{_zUd7>sCT^xE^49
zr3(+fT$jb{iSt#(W;;&QuovLNI$(Fr_^O7$+kH*~V`hB4SBwsKG8i+)a^T?mka&dY
zxP1B47qa_D)bUI0b&B>n6<$X)J5{sO!2Ft>rdb4-3t16IXx1C<z`MA5Yt{$Mr{ng~
ztS?xeVv8JoHS7nN1jv`Q^aI16<8++SIx_z?DI2IiPQKWW$C;X)0ry&Z;y4Qoe~vS8
zeu9&)W8#a3J4($@K?Cgfmk$K`94C+S;KgQ&#Q6mQj^SX;;cT2=65!xVg_#3~&|v}`
zF*@!bxWBduUNED>MZx|~vp5~@T>f{0-vhEt2|D0lxC8&ohDWm@V87{p9HrS%u%WW~
z=b#>Gm_hb2T6+zHwMPfPK(pasNt%t(Yy{Xu&BlV^kN+)@W0Gd$0i4pkC8$R>bBM-y
zk@lLXgY&ItlfgLpE&^k?kvOMlb}^HH&3Eh+!;>R&vSx8`uhd1qRL6}6J44nZ%c8zW
zf-iCBOOF}KgOk6^=P?Zoe~wW&`|^!NI8rrBgqv@4<RF*@#-1CE^B5gC=7MpSUV!sg
z9c~F2i#Y}--+*)m{}J6XKxRA^r&DK=2Zle#g*ZECc7={S4(ubHNr4VG9_$m%uF~O>
zz-A%gGogi=O@KR1vm!9VfpIVqaIS{MHbmcm@oh+qyb_FQC-anj{-Dqz4qLum86o&T
z2sy^VLADx<6}$xJRbU*-C7Ml!oBt~Whcf@gE!%hsPW<;|4i4M(I^3mjZ^6mK0)sdI
z+ib^T0vxvmq0tDZ;tc%g7O!x&*)*_C=usZGYc?Hj{_hSvL}!u$_Z46qujM*iD%@Tj
zmv4e*MP}gSyTUkz@6v3h1FO}Q8s4oV&q9FJVCReROOU%L@MgAqwf9_juYflP_kEhB
z!+n)z_v^Ihfz1Ttu|>1_aL>}LLdRVI#{WQqgS%3P%Yd72c*Y1Wvfnw)I$w_S1qB_C
z=*SDfUec^evrI7lhX|vfkAg8jFU~KR2#zPgI1m@%Y|?Be82;>@`Bul}E2u-cnr6Y{
zCqoi`4eD*Le%M1goNQ7Y?;sFIR4&dSuu;%=bz)24=9^Iyp^acH$WolWH2V~c`SU7&
zvSy!YmIoI2zY0FrET6408JUcR=NEu*I+o*{LI;j!&8~p^G9B(K9r;SIsXE+Y%?iM#
zYjy+-e-0ncRL#ECjH~MmJ3YL@=X)LbD!>dKkedkB<Z7IY?11WJ)@+$VoLQRr5sp!=
z!I`Jy^6l05L)B0j&G;{s=`6;1rDkmAAO>2A^BN6<0GaW%<Y1$re5rL0=yf=6&@2=T
zPRA;o>*&D2cTRI0T#xf+&3c0|y&G`es#zZ$cQsg%1vnaxemdY9xcM5J3!tZiG2;@P
zWtxouW9@Fl$+zW>g+}YRYvB&oEC!6r$W1s;)XbyfmV)u$q+W;@A=odNW(n8f+@PT2
z0v-8gu)E>rkpyMNx8OX02;-oWG+Ph%Yq(3nHRE)6CBeJ|UQE`)xd0BXnv=os=eP}L
zhGtWBxD8;8%O!J~X1Bx5Wtz+5bTGD`;N&t*ma4;*!97>8vm7%tEC=K=&44q(@aMP#
zCo`EM4ZjEV$5W2h--BX{_JHzOpkr==n^Tl4Yldc<;qHv7%j0s*?u9!GbC8SULNK<@
zeg9u;X9DL__5c6*jQhdZ$ILL}GnTQWEW^wgOOh0oJ!?gbeT(d}&j=w2g=5LSr?M16
z_Uze`gzOR7X(8MH`MURh%<vt3zrV-hKMzmm+;iS%U+y{Yb3gZjUWnKPvjc9*@*L31
z5}RV`-PCfM3oUR<P(OXgb)1J|YaCl(c5&V2W7jJmTVi%|-4<Y1y|lyZ;kqrvu6mJM
zFWj&Od<Lo)xxMSUEyAv9ky~%v^zQ0_&$-asvGv#A75oCbBG*hez!qfo!>)+rHprD*
zj9sPI?Drm~O1A{sW7pphS8geG)rjPVx^l~~C+OYL`Wxm7eucf1V&PA(;#ReO4QX-H
zOgYk(TaG=w>*jwY_X^xJdNh0L_1qdgD?y`2ZZq8YzQL{<)Qp-q8%L$L3RH!1oa-jC
z8oR1cZu4BXHP}^!a+{AE|Lkv)=~eGcsrKu>72jIW>)<t`et{{sbx_iETZ~CGi2>_z
z)C=Y{%`R~TH(=L9p=oxR>$VZQ?hpF=+I8E6UH1Y_y(@6zU%+P2GD3f=aUhX^?_jj+
zw#Ieaf?HQjftsVgbse{2*Lq5SYjKlx8#KhC>39QfD#>=piJPY0O>Wp7*uTOv33IdS
zwiCPm%PZfxZo6>PS6l{TZpnrt|Lo7QZNhPg*_g%(Ay;h0T=_lNcgahp>$VsB9NgZ=
z{N8ojhkdT=w%c{vkDLD^JbPTXA8=FiYr@=%8$kjNfLdB^`!y<5Yd?aTT8=*;$UpmQ
zZ;P;KX8j3Mee5Ur+;zKv8Nu}-P_s);i&s_T&!B`g*?MtP!iPZ#%S|)7(mkS4sf6XI
zDV=x%j>2>-qcJnNg1=y&;ksqUEiKo_V4>?4f}0XP4sR3RCzx6qDB%;J*-+E0Ua+o&
zPlBfFNvi({9F_1X(0n}!Gq)>v8oMIUUmn-(40bhv{_?tRzhbvX9%eq*?X29G(`I2t
zxo+pMcXi$J<7O|6e#22YT!2}?6+Dk!Ib4KU5I1G;0w{xWd)k%zUH&RMf6w5i5?_Sf
zxGlyk>dIZh{x*>;!7S#=UDl}FfuJU>XjkwG_T~s`(kkJ)UBw<x%wJ)ablt9DSEe<`
z#JFzPu`AP>I%08Crf+~UEjPWU9;>|-bv|W5{g-ha|G*<$A^0ony8Vg$id(vJxXJn#
ztiZAfQ}3%+gnxq;)tfOZ;HGG9ffmsEtK`bv#y-S#dl5JLV^II#n1JIpOufHARd@%^
zV%dfHvK#m=_C>hu#eBteyN6x1prNLB-zzisLA9V!RTVd7<^iY{<W|#_ld!#z&~T~c
zI(l$a;3K%zb^`};t-x}t=gOtwT0=}DqdsoRw8eEZ*R7!|=jB=>OmeTg@ulTjLz@wl
z7|<9;jqP+eYHVv*>E-zv+v#!B*p}Nc+*ETxxM_%;#Qp(pN;m`8df)O{>>uLBWk5z(
zP91raE0+nk5^nX6w&h+&1&rg<uHzUta2DLugVk&G27WFBvhtr2Rww(|jW8S6k!0{D
zZsT0JVBD^ns30cS8*a1{T(1zk)OFNdjO)g?#_iAbsJl#bqYcBY8FK0wlU=zSxG8zH
z?i5!pr|YIho9eoSV^@!$foca#cLPV@pjK6D%)pH-2k@nDyH({j$Cc9yK$VE(=eiL-
zol(-<+M>*rAnPfUErWGF=vf@3K)h`{87-gpPpp?sR7NYL{ROOhVIN4xw+p1#+XCN#
z-Uq!I^n2k2un;~2srkNuFJUn(fu-;vi~_0r%0O9=s_$7dRVf$6de*GXXqDl3>CcQ-
z;X)6XoISV(LK?6j9Y{gf3wlEzQz?`6dSX|s(#O3D)uA+$0jb`~!Lv{Vib8QH0WlB`
zKFAGGPyh<TCaUZWXbOcvljKEe?-E>wD{vLA0UuX1IWt?iTYOAi|4Mb9g>&#5sMBg@
z)l8~Bs7X=%PLo+*=nn%xtAf_h2HHY9XacXo3s4!#2bjs3ts>8Q(-V$N?kByA)Q3K~
zR~>4=QLcZ1gP>1s#sc4m4k!&}Jm!98D_6uF<n;b+y`y^@tbk8pf{Dpu`4Vemtp^RD
zA&h`Q1TTph1F=vHq9H#-LLSHqQIHeDU@uwRr)+{=!2dl2<DMNtAS+~p%n$_ngut@2
zXh-?@v;6^s`8X_qg|G;uBak|6U|Mq}i`Am4-S24_`}-5P2Z9A&=!W}`@Dm&XeQZMm
zPy<c_Y#L~a)|C8;nUvKkkr<El586}TNYR~Fch%cmOAB`g0=c%}B=%Eq2F}A_(8msn
zsE!~v<N@6x=E6K!01M$W&`npXg+8E-K?itSPE29?rhGspkTNO<1VeTRflvs8^biE=
zs1JQ!u>y&e2M^bQpwIE$gB?`rRG0?SVFt{C*&roWd(0s)6#A!2pmMPc1ZkY4Ig+Mm
zAcFde!AW?FjPa?2fV3o{PbswEx+P>lE+c$}n-=ez@c$0BLN?s=L6I*^p<t_MqV6!d
zz3FzQ`?c=Rx*tCa<>4I3Nlzrb(C=^&F2QBE0$1S%`~iQ$UvLX<!#{8b?ty;N{s27G
zLm)_%Q(K>md<~1#HB!Yi1gT%%0I6Kwf+o-mT0kq1hNT^}hqvJ!=nP$<8%T>Htw}GC
zrlb$_g8?8ViN3V*9t?(IfkoM(Vfg??f;1u0e2fKYJI2AMbSLQ$9+*Da8I8K#eg|7%
zD{O;}pyiiVTUuRdHI)Q|;5`@&L!dXj33_dS-fOQ7`9!XtSLKk@9NO$fl9Kx3DctmR
z3Y`jV#QYj|Nj<91&n$%x5$Xime0PDKpbfG1zuND%gjUc7+JW}72~ZJUfJzWUqOlMM
z+Oq0nUb=;OAP{~c@xvem-cdM_#(W%N<qDHNw-@vWDc2i8eX}vd%9~gh>q_#jEz@S$
z3EI9)0)1Q5fbOa%NJ(q$U9br@!#el?wBzUm??4ym3VPqaz5!5?u&qd=H7uu2Dq!m1
zLkAr%qzNzyp;lC4RW3%5|ALr>;3;Uvb!ieW1Lfg4s0c4WCCH7xmafu_X|?)0VWcaR
zZcr=L)9?+<g?TU^CWBPRQ$gC|J+N1ev=0l)Y<o$n4-o{xArkov7Qm-46~3ort6?UL
zhOzJojDzuD;9Y1(_%=`!ia|7Jy;Tx)-lSz#VW>i!uW0T2A{OcHB0$Q+TOehlKAm?J
zq{-AGY6koO2SAE;DbYWG>4cv|!tJrg!Cklq|G*-UZuv`C3Q}0=^9`4v80r10`RW9m
zqkVLur|$&mAnptiYC+cznnGII^H&1v+j9A#;J=u0wEG_7`WRk=I-nz>*C7eN!El;1
z3UX~9{OC(7nV>rfts)V9!bhL?nTy~&m=6`X)~CE~!CeSoTs6S`4R{l@4wpuy8ECCN
z9Nq`LJfs%946neePy=)>@}j<4{SuZEpk-eqXuUZf!YOejuFHWw#nB71C+54*8-~Gf
zNP<3~a|N9vG>87k4gkM76uSy1bT*))fGu!FU#*tTJ`HUsb-VV^QnBX%Y0ISvm-f0T
zBtTo}08&c#hW;Sk@emja(ix8esd^_6uar?LP&(pE4^q#LqxQzbPxu|u-uD;S4SPVV
z<^oU$x<CtP30gR}2DuBroWF!>iqx9HFL#hkbOax@TA9QPBmXoc7UI9Rsj`kKs!eWf
zVK8p*K?_J(t*y9j4K2Z+f$ynKeMoZ~{9C_}o>59m=@$E1d_}Au7O7rs#iH><Sd9~#
za9NIcqNzox0;T#3f()QqHK3aPw{&t*)8X(uaY<WO8l<5s2~xmG;r26WNTGHLx<U`=
zlLmc!Q4;FFMMHQU-hekDKkiRKHtZoFrC27&0!wjU22zUs7-;h3vSK|eOr2a-&giw|
z^%%}4U;}J~O|TVqfj+M+{nlKV{7BG51)U52VW_r$yx9IBr|qnEuiCBto17F&GeC-?
z6U284PQwqNrf&!Bp@W8}c4F!a^6+;iMV?ycl+0;5*>R9EKuQAX2|Gh(I$me`OBd*x
zqTl%YPwHl?|DNcx)crt8k_hj?U|38=szYk~{5IF>l+y7?rz0Is1$Z9R&QJY&h5xrQ
zKRy}9lEmX~=Sli9d<9>FP7$>Qm$v3dP&Ni(4o<^K>rgCBK-w7fwUv+o`zg#{;VfJL
zwbp*jJ+KHC!Zh$__&*xRREo6X+%6fo)?>EjwOS-f)0wh=Jux(?{ac?(+4njk+X)`)
zOAot}^gp|S**MWwnRKH+JW03+MK2DTTl`HbdkZrDD#d+LIB7(3!F6PB!XNN0JlY0r
z9lggeJcdIvXby^a$-hMYq(q-sd;e42`|C|#>GIo4k(*~gMfSTX^}o3O6I7(dumoCw
zU&e1fDW~{nwHxVL6qUqZvlpdV$)9+ZNVL$<8csX36PU+AbEW#~KG52Y1-6~3t(f1y
zB=`{C1+90LaV@>FgO*}yM-?P1WCl%}86Z8RgS7B>Adl$$MWW|G6Xv&|dG#b2)V;eL
z6oP_K03sn5L_j!XGh?Hymi(G#e+4VA$(G-WObo#}JLH5M5DH=7gWQlG@<ATR3sIn`
z%fQo67@mT7C<V_z5r~6Wh=yXo_Q-yIqXcFQlmy%pZO77Fl!e!zHq?Te@GO*vSKxW5
z0Ttjms19<k2=bHr<8D=Ps|J#L8D4}cP#Io=N~9m~0v36^3KEjA0?L%2O!>=AiRoGi
zc7wM;oBZ}5osPC-b>KmYzj|CZfH$B%)CIYThNN$M`h{M1J^X?VQ}{Q+u6=rAXa#Md
zH8gdvn`1VE1ZWAmZsD5EFx$BHcCIP^L~V$)G15Iqn<NQo!=%NKN+%%&Q0XM2>veDf
zj=>sO1=HaO{0Il&8~6<7LpqoZJz+fb0Jnn7qJmcDLfV(~0tre;p8YWUKyT;^<ILfL
zR?Ea$SSNyk37~7GJryRyB={7jz%<vC`%IVtlAQ;0VGb;W1+Wsnf@QD-zJxDe5hx3v
z!(#Q<rC8+oH7th}AVCSJVw53&g?x)$nU$L=N{Q!!)gV8A=Dpb0!VHlA53m9DgThE|
zAFNS-Rpg3P5$uIM@I9=DU9b~2!$#Nun_vfQhi&j3Y=tc#ImNddW`GKy1m)(hQGdqe
ze)v`XI|x6+A@~UngWP@rHUClfT5iWdk^0Rwfz%u<;W1w;B<e$~ckoUF8Q~P1g??}v
zdOw`0vW5N1weoxh{*fQtHhl_PwG+cUY`VCd4fi1(*J;5E0U&oZ_C0t2b3t-)R|iOg
zj0e<N12J_-BAtIQ=sX}hWP*&40d&5hc+xxeL|ZT$7dn5?xkP4Au}{D;_<(Y1AJi8#
zDqhDwFDNppn3PZt%(tL1jN)2__!eI0dIqL+r{SOtpVCog;-Qr1d8TMA%CSl-4P_2E
z#id4+x^^VjDv1=U5ugm}WI|y~@H19L-3@{gC89LstO6>3{z_0`wFy<a@>eC~29-lH
zD!;-iZ`!a%gSOgH5CcV_B>4S`V=o5UW)+5~w45%8r2uH9pnJ0d#gdUCuA8*6v7iLY
zLK!Fxm5^yjMQKA?52OpM1-eC7g;$_BWP@YK9|F~h8bTY*=8#3Z-Gf+u1eN>%_)EVZ
zyLzQIn#y@ISP$BOs8ZEZYhW2Pgr!gqhJ(7+FnAwogDPJ&sRn2RbzvwZB=X-7P!($!
zbjH+f<{jt+9Y8yecAzF`3u*?ndTVF|Z-83AKD-Rl2$l!UsTDAvgG%rMR0R1|hL<4m
zMgFS-%DHl_+-8O9@CsA|_1~(PuR<-T0g{oQU$!Q84J?)HHBe?1m#*u8s$Dg!no?RS
zB>gDS7SKLjfmPKSnJvJd8ATxf1W=$R&=@pwRr0q${wi%#%;un`QaEKm;aY+cm%G3E
zmBEf`|2QmfgL>~%pbn_^Ru7E<^;q>{b<h$ZIrZRzppL7Elb{PIBWf;XMt}XV_k}*t
z8@fX`=nC&buSEXq0X;#UviFApDXs@%m)u}@4+gpBENWmnXnLH5+jLMhe*{@T9a@<i
z1?sRLf~sG&G7_>vqQ7H(z{Lnq1bIQ8<6ta|hB5Fld;+;ia2n=R_!OqVBrq@m#=}II
z3^PGD&l#Ay+v=vdB-t%6V6oX!+=@$U-y}KHDsJUzwhI4sun)e2&9DhJ!Uot2J3x2t
z?U-9&D=6-5n7T=SkGT_ef#i3?9{2%_C%+Y*7>P}tMOE|*sB;_!Rgu4w*khFIpF!;@
z*$_}Isfu--8IFKDoZnsc1UL%6LsllCEN~KgCd{-ty*TcA%JBr8hYRo<Xni5~v(O0p
zub5}x6r6^0AbH9B34egXUV@9@4}Tf^P0);b1M@mugRAQKSKN!+n0MhHxCMX1U!ZnY
zd&)lo?m!G~_c8B5ASF?!4Zu{#eE|Kz%eDOE?g0y=Pt<irkk%?)qHB>FOX{r5pagPZ
zhJ)sVoR~Qv6hgpX((KsZL^c>R3?v(YDH*w|snk5hxGn+(APU~W&4-x}8s+6bl`Ict
zZisZR<(40NVJHZNKx&6);AxO<LcO&LW@V7tM0z=ka9W{M2sFQ!w4P0T3Abvvy@**6
zD!~gd6`9HKGIlkkw$>g@Wm<8l5bDW_Q+_p|I#h#rS5EGJf63Q&ucr`Besu%c8Oh@<
z0@T4&0{)s&B1)_Q?%A+QovRZwot!;Bv}WMnJ<wc<u^J_|Ao5<w=v3@okh(Vs)RF^X
z0I1pfLqAY=(6zdV=BE+ZH9$Usyr99OxoHUQnwth=*1+`7P497ClWTWsO0-YghT-TR
zh3{h@3K<cSU=ZX16>cV`f8H61j23_&Vcx^k!f_OKEe3V1b#=<M+ZwL59@gag4J@+5
zzvLY6{cpldm;@S6VBOWnVn2<UVsUGIhMV~|&T5vZ>?(Wy>?nK6s<P<Mw#+b!BpIz^
z(_v2wUI+l`1XL8Qc_pJb(twuO(!okjaVV_(CFlAl+6r3jko*B;t|ZV3c$R=U;S_Gl
zfR>kvKs&nbupF7sK^gXk|8G^KjQFc(oi??r348>{RhZv^5<3oR6u<cZd&*KMGyYO5
zL;l2ru<s>~wQf9nFn7Z?Gbr9F+@K!bySUs5JK%fR4k_IvBjo3|>#m@vf52@YXu{o(
zSqy$L_lWwLKe7G>=im}tgx}!;oP}TEJe)F~GFDFSNvtQ#($ZE)_7hmu3seTha5m7a
zE^Fm6CrewI%(tbjY@TywW*I9av!d_|p0%C4aynsK&F5vU^j@XpTo<~E^$)lP%E%SC
z4F1fV!S0C0q|AYW`4hR0-CwgevEOiU63?76nBx@YuZ3GkDp5NzyTnzz#N_wBk5_6H
zb;k|z59U2k@$SNHP<~I@Ma|`pMk%BW@@t^EU)stQq^RxG%~a}IHIt1W*pDr1`6iUL
zti(WaqL%ewK0wr8T$NSs{_Dr>X(Z1dhW&KL<Nm3Y@bPXysWLn)meUs^QWhs=cR68K
zT(G|$gGe{I(c-^Kk@JjrX>7{W;Y%<`)9Bw<Yx372O^PWfhh+RW1swwG?o~LAdHGqZ
zZelcX7sE}OW~~R}Fk_)4=<qnkwd<DcUk}9N))RWbJJ1Q<h7O?hT6;_#ze}N<o3wNn
zZH8TneJS`GgPsQ9aES+Ku;{d@7Q70tKozJAFTsnT3BD3$DCP^8IwGqG(Om0XzYJ($
zQW~>7RDkC|CnS<B3v$=B%$GrNR?~CgRk^4RHJ~Qch6Yd%UV}PN7vcz@<&_dG21TJh
z?m8aR{r@dYl}z@guDkqHKrQoIV73GmwjH#E)`|Sr20DVONs+7SWLFibCR7VuK&6*|
zXYAdeD|81XswVL_%Sh}aU^onc_hBduh9pokDcygFD=`QE`P*tBj!IbVGywWRU!a{H
zHdAlx{$@(qJZhH5n?xh15ALc-)o6cEEh%2Nh7xV{bAA%d2k+rA2$XBJn?G~Plrl05
zQmc&*aF>i~XFT?C@CkejqhTzJf-&y(N0^eCn5H~8XDkz-FKr}YMKBds!l!VANT*;<
zhPN0kib$iz8DWVlxRm%F#AaiD0bjuqSPask&BB}p(wj-Kr@Tr7_ycSJf4I+)nF%vs
zI{5W(l3xu9FBG3l!X-WwnuDYAFXi1_OfROc7s3LV2lL@GSOkh-DolnixlWl$Wn>vF
z1!Y8Ws*wH+EXV#ejMo6#i020I*Tfb)R>K-t1<HNA>(<yc{q7sM{u2LK%(d_>JOk@s
zJ$wh7pfMG$me)3LBj#pM8mkiduLmg69k31jkypm9K+l6e@^7#!Gd)4wYddDj3`<V_
z%Dm!I=9MYA?SkF#J?w@3ka&Rqet_l(wg4$nx{%9*xE+F@;0PQB{@E)vt!D~gKZb(_
zi55zdnT@H)e}SW}scS9uwIxuule}t3ZZ)*Mtd8X*4%Jc!opJ@vU@Aa3e(V+OtwJzv
zb+D)0Dm=jL9H<$xz&+4Bb{F#>xDB`9Z}=0g!WH-}O)IB_-N^Z69L~c<xB$Py3nX+2
zQ<>1;AJ}ig4Y&^1;4e@$-@&{OpJLYrXUvNh|1(*JnOc>sA}jk>veH=TJx$9*mo66_
zV}@0+E=F|d+`YAA+Hc<a-0a#5W3>;l|5kQ=*{Tr8yC)XEYDLtZ$1O7_vtO1g0e9lI
zEH<H@rm@i_qf62+@Sz_h6(}&d+R_<aa^e#cjUP8)H%$6pt1R05%=Jm3o&&gKL-rq&
zv#J#r7@XeJsA`25FOlAfeE6FKdPH|?S31;_AD7GsHt+VfUZfIGWn=ZWHP0O=9O`-5
zjIC;w_tZ7Jt6D{Q``B$=ePiOQS#iG3tUI$3s$ZMVx1Q_SyMCaG8WYWZXQ0^_<jrX&
zSF>K@y^I$T4$PX#<g0Gg@SHZCs&lwq(#(`m(HyL9?d4T2b8B$*jyZA7iZDHDTDd%}
zOy-(aglDx`Gz(+9sZ`S%6c`m^zN=}~2rM3Ave&X=eJw*!TabgyIc_z&_Tk9^<RFF|
zP#KF&ojQd3#w@LEMfkQN7mQr5y<=w9sQu#sTh6Y|L*|QG2>gZsx2vQJnOhd<cDUJH
zSAg4Rb#n><-e;xwd<_s%MO|84VP@#^22a~^vC;8t5A2lq^`heAg>wI=P%&ngviWM5
zeFB;kKE2<hQ48wFy178L;U?b*0o8c)bDLYA|Daw&TYwVNpUmFZNVk`%`5G0OXa-^U
zK5)e+6x!apXZCuVU2&?%5s$w|Pg4CYTb%ZjA7fq~nVev%DcLpVW+jHW)kC8)U!Qe5
zZSIN5L2ZFJx5jw4oSiYZgsIkF+<!Ef$yb*yu)~zEORXG;uqUCUu_YRfdTM!va!RQT
zgP~N+anl)r(iaiPLRQvqUeI{^vLnY4C>4!JOx$hPXKtU-!|rvgABs;&21`6k(p+X;
zT`P%q>sG91MZ~vdJS&QweWw2P%eEW~?b4K0zIx(AQIp~ej(s(Iq`8hyY;;_7S+@UX
zY<+s`yn0qGCz>24V|^>P-(Io4RmS&(&@pjN=r}ihbG*J)iZ@AxG@$YNn#B!h%E6|&
zjPa%)hHnAu(tKp2=qn$Mi>zK+*|5tP7w3u}Ffk3Sh`=IwOj1KDoR=})Q?PA$oVuHQ
zHEHv-Zfm|$xt#gNmCu;h)R6q6!F?G?D?7<8{3`o58~5gK6X+@81PgEkdAsaxl5>Ok
zjcLaBI*EQB<y7YBm8-t*S?Gh9<iM*<Z3N=CBcRxeeOYvsFYlhw$pTMK_lTLQxGxcu
z7D+nZu1vwkC!eN3{*3J~`w{SG#m(PEllKiAopk+$%u~?JSY?F=K2y+q`VD2TWM)dJ
znc4ddMrSj%m6bD1*?@s2YBibtprDi4_p3f%efA&2?@@(iqGL<ai9W?gQ*ow`tJDu3
z^7AXUPpRlqEJaL(H;HPyDNhWh%bWC&Gsd%?zIux=G-cB8&=K4Az4%>-8YDU<CO*1k
zSRp62-1~Z%4j-+ZpX^h#kZHD=d{!}q8(Bqz>LRGxYh@ZYvZnAwm%kfXHF^1OmBv<F
ze9^+rl%FT=<>u%6j?Zt$VvpM`_$b)%<Ljp`id|dI@-P(Qqhq=2n=cxZ+lwY<ofR5o
zJ9(aV=ELxR{)wr(vvliZ;jpL8-Nsh9uLu%Mnn@*JoSd*SZPvhKi3%oWsTG>mj;Ee!
zzSauOXWQEnLK$ek>bV7_(snwR9HNgI@D^=5%8hc?!hs#Gq%ZVCvcL?p6ak)y+9kQ&
zZsv+)e>%=H^32R+Id-kftkCjya(}y0Epprq%9=OyuVkr=&o~+RZ9<P5Gb{eJCfO(V
zGp1G(3Kxrn3OC&Pyj?=@v%Qlgs+d7d$Vp=}MMh^c_FI2Z2bsM%`Nq3J(+59a^c&B(
z?~{WrF#E||Iy-aOV$5r;tQ=O^fZQ>>teRUIE=yX_$OBFD7FL*-2`=CVQ>iV9Triyz
zP!)Wb#v5iHG_}(CKBUbw^){>8GGqP`4UW*pan4<Dwuwq0#9UKehJBSYP00W|h6vxY
z^h_V&3T>HJuduI!ML2qLd~~^h1}3;2iOTAvpI7PcW1iIArqH|-IWtV|sUBG}S{^88
zt}B7dX8lI`cfn>%*0)T>W^}{DW>hnLel_!(F_qmgM{$fV%WTP7A*n&LOAr1T)BG<Y
zie(yRCi)Yf4ESW2dg{oKbZ6phANz)u$eXr_p@tdTocKOAohDJazdq|kRHVeKcW*Tg
zy<wNY?%g-c3FIPEO^I6t`d53<ho+5-E)(F?b!gtW=+Xh58IUSuu3MchFRY&b13SuC
zN!c|K;kj>OS`u?^a+?jgiyivCAM|YL>5iOg!{2iD{Nc2mQ;FtQ3#+Uf{;~EoeOp?2
zcx~kMI~2~TeY3r#)hei31!sX_Pd+)Vn37IU3HQB@hwf0XobFhq$i|hcob*da$CR|w
z&6%cLfIV|X_)^cQB%PwL+S>hq%6yj?b!Q7`v+ldgW4iuAjA|8{_d^r&zzQo@8v7!I
zm~xX!^&d6yM*n5Hx6)@yGy9c%-Wf$(BSY>_y^uBB?^8D5MRUsXI=!ixiMm6_Dn(2k
z&CJ$T&DuRGI!lhYk6ZTLICTa~wzjxvO_hYn@+#?K`R2`c#MTNT!kFmz=rVBu<6McA
z;ah&$x9|S1c1}x1$CTsMg%#S+OLm#AZJ4T?ktHo>I#1l2b>Q$CCYvYY3r>egy_MD9
z+nHd0W}S9m;wq=!vgE#%gT?(ovviD=GdH!HYDbZ9%5m!6MpAYIdn~)dit$5#amt(Z
zrI(Lpt#G-lU2*oJbs#Trr(sebr*ZURJBJaxU9Tu|ZkG!6DpDu@a<Wc&*_j@4kFEAj
z%Nd`%n|zD>&l{Hi=DEy#L5%*%$B9sRVHH=RJxMwB5&qbvZ_TUrlYL3yjYqwbG^ww%
zY}VZ@=8zdcxcHl{KyY-A+Wilm9cs6!Es(XU{eWQ7-pl7c%vS8I)7tipu$0+FP+wyN
zxMd~X4*p?cuR5K*$wA*U4<zsz0<=lezKf&!&AB;#ce2196W4*=%6XH}fg+q=*{6f`
zrsqG_k)fV4)tDEEp@GTzErQKWx{eP!lWz{5>Xt<h&hEDV?PYJ-(c6<&U(;D~!_5A3
zR!F+IavCzT%-W9RX<c=WkO)*~@|7zu%-Db5@|22p1df^O2=K1bjGd6nS;LY0s*u&B
z<oTf?$#SJlMF})OAU_d}9DVQ8l?8%-PZoIB%>3<PvXjly&#VwLqmz}^_YFZ*A5C_2
ztx~z#0B)cDw0|)hiIZ+~R8i-y>BxONDDusLz5aYUS+0`F`VImK2(WNYs+g`$n{LB*
zv`QA}ZMvR+nD%(nMAD0qjzl`^>HRUq?(VvqEWOK&eTRD5Z62&7b!P$OdEVUX%snH|
z2CJRl>9Sd~0fA~}ri?XaYF7;R7UPJ!lBQ%A?lfIY^)3huFw;Nhw%EUm73tjRwB(>A
z`kM8BS~>WffVDJzu{WJb)9mX?KsV;wrhFfAfYW=tw0nAQr+c#^49!dP#ymqEhEtxu
zYmB}c^J{^2v^z7NHVv#3yOD4evqnZkbFdp**H&h3ceYyH-*P6Jn2K`>^&cFZi%@ZF
z6Bz3K&CTxI7)P2)JqR`444^W6(_Qh`dK`W()6p6y5GQTjsOp)~l3QRF_ORNr;tB4_
z)izVKCszl|gTYpqS<us(;p@m;7eqF%eK(-Xr-!~jpzcX{cHhJ>i1PLCWtED|*~BSK
zhQj?{yAVF_hOI5I_cbM&nD2YB)OijGt;!-dj$cx3T<B&=DCZ>uYMBSU7{W~u&}!r9
zj@PQbQY1$k1WHBQeZB`iS|uGAGVRR;7oWSPpxi;YZ45It-=$JkBA|PgX*#lVf!Dqt
z7wVaci<a+O%#?Sjh9j=Pu86X}TR%q^w6hndLYy~yCGZCVS|7B1H>q+^xlC<s0cL&_
zFD6ZI)C%dEnzFsE*udbXrX!})pmA<fn@hb}c{}YL7?@xh_ObRj5;;uyzHHSxnXLV&
z-d-l}ht$}Ied!U8I=$GBeHp9yQFxER?pxc;*-(|O(t1{lG&vgwdSa<`@)NM#bd}Vt
zest`&O!NNq{0?S(f2*eNEi^u=hS?o@_3U%Mac-xvRmC05z5b-%!{i)5Su(aYH3rZm
zh1)t!a;x;&6B8Go8E^L`7VGGkO(KH4o&Ku<bg34`Gmy}|jZelX6F-ptxW;%BF(#UW
ziS(GyO@$=uf`6<$KL~w{(>+ujpAE9w@Ye0%_XxekEFOWe$5eTbn2(rGWUMf!<hRY-
zk#WN;&F&2~&kVN8F_p9&Y$XJG+nMhMTlsv!?VJ*JU-|mai_aXcNRGA7X4z$T*@O&v
z5zu5>tet5$gl6hyrVOEZhvKXy$oQepWmxt{nM>-#?Ce>0qBcN)H^N^SLd_5?&roWn
zQU_-dwx)8LqtCUu*b;dvU+L5_b%r9}+`K)MjJtEgzM)oWN|x?@YGRk^{5}HqGBt-q
zgPk$6-?s+gU1%8ITUL%5W|i^qiK0r`yb<R3a4VN@BJH3B$wxDnHMlomZv#?ehS413
zOhJK#yO`(^tl8b<nvNhjCjzHF<9sE%IOYCw^Q_~uD_;7NC}?*@QNi3BLCJ#Knb;4g
z5I0y^llTF9x-G^x(z@X5L}$|&|9ZjczFEtB`A48<psNM6d+dcrJFDAI|63Pr>rcyV
z&vYMIIXy3$ydPN&eDC*k7Q>6%FFN>r$hsV4R|(P{<IU)gsJ?k7VKkHL`i~eq%giyH
ze4TqaBjQr4Mh%WVx1lm&m|#@Iz9x7yVaA$MgvmpdA3{{4xsm77qc8tGy^C9+_}KBL
z6kXKYDSCqgmkRdnob63SS!*lSD||YeWap7pt@ZA8^epL;zp^$#>Iw+h=|y<Tm^+et
zzmJpV{x?3`SM`tSXQ@M}2<b9+O^Gqg{h9ijYGar|Fb9r7E8uPp*bJ3&7Jm_*Ic67<
zks10swbS|9yOnc%P(KYxx`RKW|AetbQM|v|@U<0d8g{p`2NrwN^c`#E<IBpKms=&g
zT3DAcm6lt@%$>1Tl&7*8z1(VH5<j*M`mPUfCem7&&YHiA3~5co%yBBq`=;|J%)$0s
zrYUUi^Rvh0y?;~NB)1!F<v|MmCA~JV<F~&o{pxdkR8MgnVwtrB^)*R!df?m%(=K`Q
zHLHYx+lf1v>j?0jhK%Dd5>26TOxYt5SA6U0w%;6h|G*f;-D;g+x{qUMH8vZObMIp&
z%XlkS>YFb6-WNXDR31<7cJF!x20PP4`1$+M)kpW->SmU5#+XIp$!v85w3b+Y_WT=X
z?k{5b<ey#JniB}bCn2CM?1V4J@9uSR|Bz&XDfsBl@?Msk3yz)sVRf?4a#MT)asP;b
z7JJ(Z9$)ayyqyD+1#Xz;2n2=<G5sen$;1tD)@J=?O|91Z^~05t1?!r{2(s(nF@b4)
z^$4d2X3UcRqehkLWuY{#CVs1lG06R3s$=+0A(xGW*VG-kuY0M=?m||rd)*`=5Fhw~
zdkg;Q?$I)@FP9$4-Oq>OqZw%XJ5gEoA6T&*AC?IUy4vhEG(#ifnP|76Zz5McO>GR{
zz)?<<zqO^<`G^69YY~bbp-}VrGCSfcP4Oidhs}P48gIOl2$kyA*=|L94<4G<-j+KX
zaUS~^Hi;^j|B+L)k*&rp{r1QXmND*hK}uKIut(k;;|!Vdd0%bX_v32S-8$k{mi1#(
za5CosgG|@S<mE#%62mw7W2c8)|FhU<?^`o(hdxyAEm*mJvX#d3=>5w4HN{%t-qFm~
zPq}?>F;%Bhrp;!6jQwWmR3blSYEC2aOXHjd%l}rcj#Fk7&TD6eCgZ5cJU}i!aJ)M|
z#oUZc=$f_}0xV{9ci&7<-NM%tdG`6-&sU$0k2{K-xIM3$w$n(kgNd3!N;8N^lhfyG
z(=LBA*Cu~Nw1A_haC5{hHO+LZZD8O8({VaIul@vQ@I@Uh(X?>WsNa~Y&=#rT>X_-%
ziQY-fT$;{mc9B`U6AcocPNLkc%g;dOkraH#$hg!SyDod*sPxqO(q!CiqTXih494>i
zlW`^um1@#<i<7w*W|FyylbkA;757uE>2q(Fu_scya_XDzGwDFfI0Mt&YD2C<Y1bq)
zJ4sUN##C=>vyn7dnjDp})l|BG@sr8Q$&T*{6BxxBX<nLT6)mvsQ)ghOzTj2uv@&Cf
z$$wOIz_442@SHR!aEwpoHo@*xnHoIJ>ASc7>DO-48{_5%dOG5wmF`#*Gl!fl;8Jbg
z>dnoYre&SMxcvl|FkBXy=Cg@=Czo2(#ALXBvB=Az=+jo<qVal#yO(CsS|v8kirBeX
z=MLy!)R6PcVuEr{w3A5XhUj*<9p)Z#soh-5(Id#d9YY*jg4T1axY7q^ICVexr-o0R
z=~+3L1a+4q!H}6wpYF4J+oc@+>Ll4dcC+Q4Y4*&aVO!Hb)NXkLPdBY|<%)Axw!^v=
zTgLe2lIQ9selE@2bhcAVKb3D+DqYvVYTFT((;A_t8H@n?vz0QO{+Xv7N6v&$MHcw!
zgN-xi^hY7VJ;g4Bv+D7ULO{di(ybQ95<=3KLckqehfTeC#O3Vi)YrS1ne)ht9k6Kn
zAf67?cH4|$y%rzN46j;mce{U*RneYD)z=BN4Y^=^=Cn!}FsnxAdL*E`BzgYXRG7~Q
z%r@W5n{S=xLm{IVSaHQ)Sm;#Rj>XTfZdL!ee8`uKF0E>xfRD0zJ9GZ!VK2<M7RZMn
zt}d{me0e@|Ch<8%j*skF^_gk}ac|LonW76R!*?cOp_LHy^CCyhZz~bP%r6Vk13H=n
zljSpZ@w2MCx4;LNZe+-{vyisaG5q5Z15@HNdfjaV@{ohHJ$`7_anDT@?|y;QlnPGJ
z(q;fbQ&lQB0=6C@g0It|C<rmfm66oc1debe^FXnsrY3L%Ts47nvDnmHM2p$VfRJ>K
z+aWV(5nbu>Qm5zrl%?D|*~6+=rOxOUYO%k}UIO_VEOT0P$b;q6?u3WEg8&^<Eov`b
z?b$D-_AO_c_<&=k&gZ08-@GlOx*7E)hP^^B8szUUsr09GUvRYI_jf`?W?k-d+_)7{
z<Cg@^y%XqR=CC(nxtE(RU$9twYPq?V#alV31d^IMs+&Xq84n}E?zE3(!d1`5bHuDX
z28ORR8?t)Ck>2<vJA<f|CQCLh?NI(6A5?s$lTcsNWO0fNS2bf7Q=v^(IWyAy5tmy(
z)%<C#Bv8GozB-r_i>c6e5y(b9efiT&uQQ|6+2jg+!qT803k6@QM@M!&95Rcwl5mfX
zY^PL@j%*)}j_xmE!b$b$$d<5=jv~0B>(t03EVaD8R8Ng;;XWpDDVa<4)W{aFPmMy;
z+V&NEPz>QzkB)2s`{*cwj|=&hA(!eAku4W%YD=K;GtNx^N%>0!I*gh;+&<>91>7?s
z+djxlm2j$OLbiZ?CKM6KDeR?XR(Rys8=brL!OxED7~Y}|%JG3r)l#-tn@qm1I3}_-
zn|HpV<7L@whJVGDBj;xGE!UAxzR$7Hx`u==-)3hld5_$w(rL-=C2rqfVsUO~?Co@G
zDxFG9?hYW;{g1t_jOcGZWaHy*fND5<o;bE(?00H9Tb(J~{)?_)r+wRevcj4Ym}RRe
zxstu}Bl`*8sjW^2zPo1Cu#pix8zt+mU47tKQ+quf&eat<szu+jZT2s~lYW?0dfHzt
z_eI;i+SW3=N=HXL@_u>eHc)N(gOkVKI?0CKKFeTQ|34iGbFQ0v6*Ib<rO(aVt5`w(
z|BIYMV}Io4{&!Zcz_3Cq=d4C`^Iuii@y)9_^_O!(u|CJXxc7VV`Z?7x%x#$GI!zO_
z->G+bTfpwoQc3Fk(yafMQJLxxwuMKT6T}vu>IteXkm_KteGZx8YspBe6NoKf&kIrt
z^^;txW7(Gb+bl+)bgE<278vA?-tB)S<?TPG!6)|UwS6>4t!1?2Mk0)fve?@>)7{+M
z;pJord#;P%OO-n1HVNx2FQ4e;csew#9f5NM?bz+Z;?R7y`--QXiF^OdY`MRC`a<pG
z2#=ZF>*&&MZ+fK1`gP|{um6{R{^;m%uFSsmY!m)N?f#yB@VIJsS75ify5ZrONznPK
z&h%EzRM_~iGrGEa-x)OIs++#qGc>F@hHocwTeMGZc&R4`!v2F7uN{fmc*Y8+I=Bbz
zGle%<MZNP6Fj~#^gH{+{8tk-*qR%(OHnD^n@S~#!S#<O7StSo%-EPlN_Cj>J*}Mr|
zos-o-=Xr=&-x%bjEvR4k>b|drXL6o(uruPE5V6YEWMNKjwz9j2K?VH<`~Nyx{f%dj
z*2pJ6$l=T~IXID@Y-(<y3qSeUlKEy30<?eDduaTZY_W0#{dv&Y2>t7koL}?(+E&`$
z?G^5k%e1ZNvfYW(sYx?2lh<D}>HRfhn(ajQx$TfMRd#&lW>C?m?wUZYGPPi4#oT!t
z+p^yg&_X!=XXk;I_~+uoUphZ#w!Iv+1?!r%+bClf1higlH@D%6v9HbRk}U9%xsCwe
zj?B1S!x_1J$PK?(f8N*gYP^svciB`#AU?}s=O}to=7td)U%i<<S)c?yIxH&~Qz!bR
zMyp3B`_wU`6n75<3Lvnf{D5X9dk(9YEMUyW?JS&HA9G4`{K42`Z42!!V&6e@4iV7R
zjNQRD8(WfDw1c?DAgVpys0Y6mJ6o~2{~<jl(mAGy1fCEV1Hg_e!ed8N(=*20-a)5s
zVEXMO)bA&pm07#1Utg_Ts>d_rfQ@Qd7XJ1|D$e(W-3=LAZSE<C{U@EXp4ROS|32c^
z<3Czjt+HF>;Z_r~iv?!jDN|z?b6eyoM~OCI|APbXcHP@9S+I;rL@>TC0vcFfmT0;8
z;P6iTg3uq+JNV?rr+B-<-Zw{i4<-AIG`k7vTY!LCF{1bn^%kt2f*Q^rbf@urPiy~T
zVt!^!minIldDYa$Dbjn+*%BREnD@-uQj7kv=Mz0)7vMW*q7Si1h&9(w5w@D~9L8vA
z_A91Da}mQgjnGk~IBQO;E?d|1&hCURN9gq?>Xenh&uaz|IOr^L(Z~%jGj|hus>%A3
zRRvGa9xLvlr{ntY(#h;&>HcD_9wCCe=H{ONjNS1x*^XJcOqV^(J5B=0MuB~-fga0}
zQy{Z-pH=K((oR{;yo1)usf#-$h%*}wTE$!mH<d@@$fbflB38j)6%#Kx`<vO*^7fuS
zbw+Qe>R1s5%)>`he5MSopO0*p_ix9iG(Kxg?gR8Cf6MGQb-3girMG1~+CXka*>(Cz
z1|DYcvFe^^X8&ka$>7gko-5|YkEjUSn~DeNm3^-`JM6>hM*a5suu%&bA*`W!{vzPX
zKL1jSkEQ)Dk~>rO+{p6Robmr{@tc)OPu)CRI#2F@rILH=qqUHFFPvcZo}j`WiJEWq
z=03^Y_Ww96d|#8J2pX$zgEr~LCIo+&+>CBcb{ik##`ha?Ql1Yvmo4A;biskijp}s3
zz`*O~%1I`OJlCD^zrpfsJ=wF(&yJvml-s1!%*w<6+4mnQjK7EcuetM&YBz;PYK?x)
zu!-_V`DiywIYit6km@*iIBz5mQUAy);O}uoZaRy!@1~U8a_hbHh3H~>*tbjoXaAoZ
z<37<4foxP^nYHOwu8FL@&Av}?T+WZ8%&B8mm7uN&Fieupni9vUp{{21adtqq5rsPX
z!SNI_l}ybOR)V`8I(3{QwSVaq|JPaae{b#o>jau=Gp9a9+hZ((k1(g0h#wAb{}keO
z(vMBnGmMBQP8u}o+B4MUS(EWs>yZBtv%<=Izj7?_Uw1~F49A~iY^6MBjX<x+lRRN&
z**U)wF2Xa*Ts+5EN$o+Ncw3WVKgbhO-nmFk8Rz(<ri^oZN}Eo<kwR)u_&5Ug6Fw0h
z_t~C3zdhmE9!J<w*}2)dTf?~*7HTu3>ENSRw`rZ@h-JC$timSkIKFb=^!3$}eJYs>
z=gCfL+B_$yt<BSuD<dVB+T%WsoTK4O?_3nSZH}BrBM=#AvRq(F>GHa>G2N6{>s03x
zYns}VH#%`%kl`E$EHjODDqtTK<S-*ISh;;`I8cy2cWAb^I(8i5`P3e4JmeC~vxJ*3
zp#Ab64Y+#hM>PMY^6#uLzBV)e;MT#jQ1%RYYWUF}OKa^+PfVrI=aTwGd^Dh254`Yh
zw>MAC$4ApSv-utK#qV02@Y`-pniXnw>63ftrswR8$7sUO=QSVx$>L<Cxq~2^qp*u~
z&#k7VjEQFHMI0NLT{4=R=GQqkzjM*5!^0jmFX1%Uw7o=sJZz@O_{3aK?=2|>_ot@M
z-#E-SWiDeZH(&hCYH7%2%5ua^zf8c^X8%o$bLI{{d>#9;9Gx?EJ=XBRL|wsQkSTwK
z@FPuUUCl8gboHfK`_NC0*ORXTQ4>9N)ryV0m%(FKdc!)qYBkUHwPrXSNszPj8BLF?
z+>Y;=jaP~DBXjgB%h$4|$u-Jr=PHNUc#T=i`5BLIX=W#;PS50N@!7Z*927_)P8I`B
zn~>{d=Pk4J77^K%Q?$V4tRDLS_Z43K5JZJH-xRgwm5KZUS#4!&nNFL<*O7M&6MKm|
zxnl0gskzB{g9v+=>NjYztGtInN5MlX{^+Z=Z@aXh?m0kEc9V1iEn1OKv*!lq(yfi>
zCc3ChVP@J*`%+aK7#?OW-K5X1;-~yN-&qv(#;kvaJ}5{$uJ(D9$xFBLy_&<x>cvd?
zA~L>LNLv9{=WmxO)U^G>${F}nPLuS96&^H&*A?*ma+1?0IUQa@9FZBqJ@$6ucvM98
z3>C6)Q`V|RyWTwE<{IHVrOcGuB$i4~b)PW1V=DZKzzf8bo%p-gc)LNfm);v{#}ucn
zSY6W<fk3yz`V!nE|2R@0Z05o<&eJ-!lET)D>oHLK=UdnQ<aw5@rtn`>t<#@<4HymD
z^-Y;na9zz$=JP}f4|~{~`{ri!U#x5&_U>TyV!L-on5KWzRBp$1di1|_W)po2@sCW^
zTg3OUj}Uu=@89~ygIiWj_g7}&sTa}iMDxrbYSXFIxD+LgG^K7@#Z8HStnyFj51vcr
zz&{kq9f0<u%@Ohc`8@Nv+)lT-iK*%9l?_czzp$d+s4I1378CbPXFd1rJpLV+Iggoh
zhjHaT4emT_;``5d+vIcNO)?elQWsBpD7q96MR&hTKArd?pZrj?qmBqQ*X~*t6AlW8
zFt64!w$kC>loPi0BByC|&kE(Y2A%I&okJe~kya@8>Ff7+&c%7Q))c$XV{x|TBFt6>
zxepZo%R}h)!|D=_)o&#3-)BIk{xG_p;<ukzkMO*1s`F&~!$)}ZTbyPl5hq{jPjBm7
zZJ?=?#;a+ShvKVvs*MlvmUo`nSK2Xd+BtZrzEA;=z0v&p)2yf7|7PbX+S7h8G`8f+
z<EMHfe9iIK-uT&7BkSJ@YqiYpA0IGq{C@AlTutzJE&81jHF-SVQrPWZeCP?&6jt}w
z1l)|`2b!54a_Cfu*+=*kB`oO{z*nu1b0=HhweZnPiPd!GO!icLZpU&S9ybjGNz-xi
zrE*Rk$CipYdZJk$NSe*f;Xtnx`I*UXD$i2skeS7=zY-rgi_<SwBKcL-|5X3JC)ck1
zguYZ^MJ;k<*CoA*AFTKvOLrdAPf>}gTVLwGPtbg5|2{zv>g%@&CYzV`uz#GO-z@U9
z`y(9`?NsOVB)i*0$vA74dTGj_VrE@>Z>+iR_2%+>*;Bq>@S()ywA6NMvp20bE--g-
zW2N)Pl31B^RO*Z7Z5iFo^mN{~zMed^qubt>zpS|w)xDS=Aa;-LoTS|t!+oi)Wl$CI
zOMW}6zQZM)emHjJ=FRQ%$FM;y!_O$Vfpe-lHbZjmokd5SyOJ=^2YGWTi;aT3HJo*m
zG};8S?*=-QI~qg{q*fp1#SE0vsT+@-h+WvN8HlN!3CZY<^F_xxx5_Hr>gS#JM)~)W
z4|Zmn<{63ifa!<fJL}5L-Zin$^bS9?=LD=QxsNI7{_s#oW%|LQIi1m4N}AyCOx`x!
zq!KfE{d#9qy<0MQJEQ%K&rJQEG3_&ZYx0!rN*UFSH;cE5cVuZ#Ku*J+E5x+O;w|VN
z6aV)E-^kkp45pdtUCdFsVW0L|owy_BsmG3j>zfK$DVKWyecg1;>V5ox`F}d{4J^LW
zypzqF&-Z6prwUJQ2^ds!QaK*YJCBPNDDI+peKv1y(mR%oQZs0RsrGK=oG=T9_6RGs
zw0B*y%L%(WOFxqkO!h{YKEd89{Jv^^uy=%KpQ)OijvDc-8JOK0?rX+Nmb9WMvvK5#
z2``=6Ylluge%EQ~uIx10?(!b{xz2XozkKjd)<x}kN?U!GR1TR32qYGN&SPr@E9@wA
z=%wjnTUwrv$(R-rHSy7;x#x8Ggu&gmoJscSfRCQ-_-22u8Z8HPOGx$^fsfRa0WY<m
zlq-G^KVb03HWwf1nwLHwSm%7zG&5Wu3#S8SN{F{+`~@;4T}hwo%YQyv@!Nrc{0cHo
zI;4P9e^qBcN$DKaXDS)+jXpTR-y1p23!&Z@xRdKIO&Vw9ZcEeZv%KHF9$A~4z7)iP
zMTaI#n4jrVORn_@R@TE4huxX5Yi&2PG}N0nYF!&go%L3sJVTcCuXF41p9HKk*Ae4^
zw%{;t-rz0$oJi))?VEIH>(wiXrV`F|4$pQJ7PAg5&$jeH<iKlOYt1qC=&H$)pN<H<
z!*vMPmlvha-nG-&J6Yy9+pyp2?%dYlXwbVI+jsBL`W@aIQ+P|K16jWO%1Mnx_lJ2a
z=8E+=jWnce{P&*TS?&+d>6HJ<8!L<C@J6T0thX7IC|*KF@zSPigR}*Py^-6y@{QbS
Iw?6y-0J#|FWdHyG

delta 76722
zcmeFa33L?I-ml%2(2@e9Mn#CoBqE?j1i=o3qy?E84agCNfI$NU5+qCkOjHaGC_$rQ
ziJPcVae|<zI6>5iI1)7~jzmSA1r=wHpa;FruWEOU=kuI<-uu4y`_}pvwNm}t|7Xu*
z?W$^;%N|U<`To>vjy-DqSoh|E*IpGHUi*Ig^V$!a@W^>{!;ja!H?hUHKkP30?dYVd
z#_SW)@q6OZvF#Hs`C(~E$$-Kc#dGtfPY>;z7z*th3N4)6JQO+*oiu&sjC{f_P6~xO
zV^1qiE6ppK9?F|DbynV-;`|YA5H9NVb$WEVzGW!H-@<bX3MUm1tFSn~M6tI4_lG~=
zl{-D0{k<BeL(eS00kD}fCMihh+&Ou(W|f9Qec&Xzus5EHvm9-KF7e!i9!|*Xo6w=`
z_=AE{u0s#TZzZa<7Nh&2U4Y5xxK=?L1$o6Y&z%tp^~Dw+iK?7aXU>|eyoX>b&!cSk
zGSZP<e@Kvz18<Gp2BlTX7Pch=73z8drl5PEiZDHYqS6aZn_28v>N~ia^X=47h@cC{
z9U2Oe#=^P9(+d@Hu(gjx6+f?dM$c)*q0p@P^X3*#FAhcEs!$#Ar4#2(nUX)JjF!#M
z&yV!!9lG|gAmU>-KuNn$s3QTx?Sl+|!B$Og$6xv`Tm>?y?BVz;<9t*Fe78f;pQmA~
z|4T?r8Q)8MwVa>MXdIOQwZP+@LLmyda5bt3%dIX!74ZVAGptUUIrE%C+UA*rph<r{
zB8b1q>)xzG+597e;{A%ML-UI#&MTZgIaJa;NIf4_F-M{5_^9PaTe}rXpDj#46>ev@
zpuOKkRl4U<#aoLiT$QyiL+RkMg|n<jE~*4#Hb4Yb0-dd$j4FX&x(4AsMb)vJQDyKL
zD*u(%UWO|Er&L#ba^aLI^nWOCMsZ;=y7M?yxJ(l)zjzX$re`Qb6E7_86$-UQ&qOr@
zZ-Yzc9Uo*kf&|r}U3!N?hodb}h5vvA)nO0fuY%R~2}bIDsQTqrRMTtTj9Js?O)Z?U
z=>*dCo(;DxOG*!h#8Z(VWMOgI)af%PhMtA1#~-qMWZxjgYHSUqiF5KM<x`i#`UT-8
zqRQzZ)J5}VlosX9om8-#5~+kyR3%X2d5rbr0=sPC%Naq!H}($_`kIAD8JwRP3NeZn
z7Uvhu&z}<t_0I|tE@j~=ES?)W4qHtzI~ufcJU$JYH$881{$#kC<Wy9BGzeAr1Bu6U
zSQtVNWR+WZCK+`Aqz|Mv=um96VINeT*wu5Ix1M-0<yBWsw;Jz>mj(r){#B2RBfL_H
z$3JIC(4#4E<ytm0m=U`>d*?N8Up9AmQ0f_ZGiDY}4u$5-oIZWttWfC2>`<tkf}<*A
zKB|d0%<>+n22cvB+U-0g6e5R(FQID1d(e*PV#}wY3O5whO5X)#K$R`r2Zze_`N@IS
zp$fPLRmN9YKF8W)Q1$O{G#R})78I=N^nf3FMxgtl`{I8Es_`*z#-zC=jQs2|0S`ug
z%h19T0ZM4Nw<4*7Q|E0=>gsg%b|eiw>h?2(s57VJGq5Q4xM1YOM@9jYM8|6rym9W4
zj`1#XTf5884$`miR=6EfF2-s};{7HD^cZim+rb@TX{NW^?OJvj*=UuYlV3b@`uzOR
zAl5InNIz6F;uusTy@YVmnYLK}m>T$>PSG@e2BHU{r8DRGm&f>87%L3?`=VO)dQJ<{
z>4ah@EKKoMwCFIvpQ3o*cup{J@+QrkGlSYKBO5hf(e&x1n4x)7W=cX2P7kUS=gT~&
zWi;<YLaUJRX+Cd8VbQFabLJ*9rc{|JlM9(!9N230Tbl)`$8*Uq2^wM2%o$TA&MXQ2
zOlHb`_B__I(ixKqycI25m%U`mR6KWbTK<grp{Hz97@9_%o_Tf<t2loKV>%RyH*tJ!
zuO@sO!j-boU`+{KJTHh>+B02M4$ZfA-u$4{E3FPkTWi!taj0MO38=n11J!C1UkoNq
zFPuknht6lnsrXNz3g4V2RJG4Q)f_Wt<@*`33Z7d`gT4n>_?J-i)y))C6<UPKE-EZy
zG<c8fdw9;l7X(Q(N0sC$)Lli`bAG@Ji%;l1v2bo^<APvV#Irc#!oZGa#U5%>9z~r}
z7Vz<2&*au+Be9h6th~7eY3JmZo@DKQs0x^dD%Z}aDzbxIwd&<l3fV_r9E5uZu2MxW
z4W{McsMeK4v;+F_CBZuJ6smRO4wUI%wr~*+1vm%Q!gDIx7LA~(Xj}9!)Up0Qkf8?N
zc2q5W4qHoAt8nI={K;GdKPe9i_!_G9aU-gpTZ^h?Z$nkk>(PBfiP{my_Ulk~0S)hh
zC(oNTotB!T%gIDKXGBF%|KjO+#mu|VU~GjeoH~OHL!pys2ifuV_~*-45lQ9u3WYAe
zD#(6HUh&-7q%$XfUUA`+($FJU`@J!6;knlY9q}}(@||lV97Tp|kI6IVrp=l&bJn({
zwxAP_BbiWW(j2zdOtmY#?)wkz^xAbnx3pOnWVZ%eslA4+Ry)F5x_|4kr>t)$6SU1N
zYz=}*b0(!7PhsPo?-5(Erq7)0*Z#8QLF(~T3n~Nu#?-G5`eZa*gQT!HZ_b>&($Fw$
zrGGy0>9aEbVy(j8bz^YxyB<~NT!E@niwb8H&dMt;{^wo%#rUhW@2?8N-;Qc@#;4yu
z&*S*~j!)ytTU227NAY>O$+lPV+&TGqMJ1t~w+03H7}fB;9aV-Cduxn^LXQ((HHjB&
zg|+jvX5pX9Fj56_Zx6zaMAd@vi_gTu8Iuc-nK8Av`i`Img9)IFjzw8<7PdvTxW_Mh
z&Am}6J<2|~E1)xG&YG)Y<V~D7C!eKh6<o3NXH1$oxp2nR1F8di3aVn(uL|t1u{9ay
z&gp%E;v3>=Qarah@Q+WXVHCd={GWCQWsTc||J}AAz8#2f1MKDhUtazH)m49PK6izT
z>gU#~;B;7g<?r%9(7?5LsAE>5hoHqp>@7L2yE_<qYaR^3^`b`dkGJb-glUWY_lJV`
zJFRX*{f@$4?cdI}gujho?ORB*_#O1!BSF({M^ylqfCr;LPYIehb$zhFy^F1NYrI`3
zht>og-VfD~O|#m#fc%?#lrm-T&o?RYo0I?WrsThKPjZ4kDE@ahCB3Ps)|$zAC23kK
zFZFsJ+<L$p8-w=YBJW=UzkMp`nD{#OIkwtyQbFGIb7<rDt^Ee7p?#!ResI^a_?;`O
zU2*Zb#i96aFMc^{Mcx|FYo7~R_q<rJO}+T}P^cR`57lMof=vORUpSY=I~0oF8QMFy
zh4DMT_??}-kt<smzf+6fk;QKb<9BTFTgmt>Wc(H}erp)N1B~DK#TzqzXBWREjrVH&
z&M~+%WCFzRUE{+b-tF;Q%J{7zHz@ft=7vIlqXks+qtUKtGppN%g+g7hpGGx4D-(hV
za_H;9)W1A280Rak|JiR4P7@#-hh|0>C+N_sH-ik$MUR9}Lp89kun`xNu)1W`+rh+`
z+7N^rgm#8^vikd$;Fj}!R9#eSwF>Qsy#OtfV*(EC6i!6hIxL*KH7N0^s4gA@P>sJn
zs20DoQB9n~ZTK+S4%<*573|S%LA<$nv+^cR&kuDO9>gp8Fvxg3s_<DKvH;0(I6zI-
z9Mu}~)dzvThHC3lgQlV@&^G82RBQTdT0(mDXF&@TeIC>_8|?_60q=yqv^{8vdr<M?
z;mYsO&uD)ooJ&Hg(LJ9AT``gXYLNs~8GZ>@MsK28^fp+n`6}>VVYL9&Vs{0qa9{5X
zT4MOuL09!f)k5>}Z-w4aMnbxN459!kNLN%X((>D&KwqOOX%(uLxD-{m*DPO$s>Nob
z8bc@i5G(=@qbkUe=mBU7sti~B7%U3Ed>>TEnc`Kq>EKNC>e@t{WY0-$UG|S%K_mTF
zZ(!dio<`4q@doyvuV6<l{Eu&7y^X0I%D!?OzXjtP0smP@h;17?8f_TjJD&JGXMBSZ
z-|<Xvf)>o@k)NjbD`Cf99-p;(;XaPvg46To&mh^*Tx>0$qXI2kI39<(WO9D~tTgt?
zj}TF_Wi`4lx(Mxpo{OqWrlTrYe4{%F+r^GQXNj-h@#i*E*x97<L}5#dAYQ%IS!vT}
zPRjG%KeR=xzGdKb8cC_QC+r)PaZX{;oV+QaP`pi&l7n#Ej?7nGF0%HN>3MVK=1&d{
z@_M#y9eZHEAa;K7tU3Alp-@j!J&06~**_>~7i?9m^#OrhFf|yflV?tvJEw3)e*A*d
z(_7lMYgt2z<4>&(s7CO9#MV^$wwdD(mp4(3;9m}M{E_}5w%YeGRCU>YaFF|ZsB(>O
z0LxoB{;JsKkf0Q|5nkPJDXL*On101B<Bl@u*ne)Ef39Bqc0FFb_`~uZZGs9Mj%pd6
ze`ug_egIrkxEZPf{<#8NVB#J7b!*386y8C#*gSri<Il->$@@}bB`|Ad@!Uzp#i96<
zrTBBQ_!FkB?Sl9(qZ(*WqZ&~0=VgC-&ZYz>M}rH<sosEgt;^z<llWyO{`fBbyl+Hj
z$G`0KM70zhf~te;^S{Q&e}{GnI;gR`rv*z65A)L)P*dZ>B7R3;@7&88Z{2@7-0@fE
z;MwXQk5;>81_{L<^Hp^V3J`zX7k|$9=jVcdJeZ4LH<<+fh-f(4@fY(dv<+2R_%Mzm
zsL{@2f*y-M)adWcZr`<M{6_S^V}oX0K<JKy{)!1BeU7&rx+Zi!E*J;ZUS0bR1Jipt
z{>uIgq15KTVQW@Diml;1yH{X8Y&HJC|1SJB7=As%JE}wbl<Rv3qnBqmg_F~!6%X@r
zI&{seJ0VE?h)B@m$Jj_4v2{6NW%uV4;*Y3j(}T?753+7$XlaD(KvkII`UOLlo|>yG
z^z+__9XgcF>mTHugX)^o57kAm9jbw_CnIQxdE9ADDh!2g&k9PDL#nFk$*2~%f!3as
zH*3bMw7JFcmnrEs_qM3gi$6lYhkl|KURlT45AN!CaA)t7LH(U0yz)WOaQ~!G=oGIa
zJHxr#a|cJ=t=JQZ+R|G(FyhW2*AuXsc`1V;&K+Le;Ap~ouGeBnmUFll8xnQS^ve0X
z(yQZhqvsBdhJT>?$9TzuGvtT8f@aC`Du!k_NuE0_8tzBm^-_l6>9~f-<!-<=kZcmY
zrP&e3@!VL{?aNAV94x_0iDh_K#`-%idUdfV`MSfS;W0GB2rqd+hI=P2ddm+NaW`Z2
z_N~oBB2L(IPma1Hn8L$gj<<PmBz!&Aab5*6pTniFj+Zhl;{Jlw4=d42860s=@?xh%
z-P>3m`@=$t>AsIOs4@KEG-x^&<vTgzj<c3ymiBehz4Gj6!s{vC3)xvtbI%<Sb)sI3
z&qZE2pAUI;eD349BcpDVW&gw=%|Q|OMXXaBbLhpWZ7jEQp68w#4R3%AG!;FZ{z(kU
zA@P{u`>=X@$-^?-k8!Cjsnz}INo<j_;(^>rSZY$o8+C7bGmL&Fxh*N-@>4P?Sx$O0
zE*<^6>{Bz`99%)!Mr}w>!Z^c^yZL(GI3+M>mkj2rT8SKKiF2`r`xbraZp2cnCaGuL
zU$Ksj`#Igc*yyN}<CTw&CVY|Vy)Zh<nd!NwN1gRv?DVMn1=liFKfzl%Ama4$>R{7Z
zCe>w$-YAm073%~)xluzR?ps(v_l!C{J&EZhBjlxwh`1B56m1`G>ClLCqZb<!P1t;x
zw`5F~)6%OO6Lpq*?%1f)#*6WJmRHW_ZC>5jXu{|1y%srHPB$->6AhomRHcnaW;mW#
zmlI9c*}-cuF3auJv9Tk@Mx4vM@^Mk;8Lw_!G~xG-UW@TGsTUg`O?a!5w`6>ld-UNv
zi1TZpg3YoPLo+)Pei$p$%g)Y7`2KKj$(dPB53lY_D$Om2O3x@99dT~;V!6@qVD>ws
zz3kkKa3!vBayf~fJ0a=}^<sQp?3MHRs8=^3>bB$_Di}xffiuC2ofQo)=}!B2*=J>h
zU&b}W%bwW3*--@Z(V4gc&s!VWc3h|UzP*q3BM|jGT*JMJ{Qk{w1QC*$ia{c$;tC?%
z)W|-;HNsD%S6bZnLR_o@B!VM|x-VlSNbXcz0b7nMNbVC{6qx*v>Y@DQnu{w4_c*Q~
zToOaw76n(3-gUU}&CPK4;Nov#bAQQ6^I}t?&e>l1l&Je|PZp@4hlXj#?oN$5S9!6i
zQTIde@W6**fAsNz74k;qM8Zq3DAkyZ@T<7`c@<MK=!)`!Xm|~MH`c2t$Os?WhlwJe
z@EN!$Io<a%u7Q4u4qzw;<9F$Vh%?%Ar$wD>yx6p8!nPB<CDXE;EUykU+jGx}I<M-}
zO-T=C7gJ<(#61~H3HYn1do`9OM>CCi_Z2M7Q9`arPwE>4Wa(njIU7s0O7KRV8gW-+
zX~hU@8FaT}1@lcy<dMu|CDPnq4rgI0yRdK7V(}NWr~5Nba@0I!8Sdeg&xnSv%3wKB
z?Gv_Tcr9jTg<F%B51cVx`OK($C$^Gj9T^l!_^`j%Vpdl8CblY*{Wkj>#p>-<jLvW`
z!==0^V=NMW66*vnIhK*|_bhMt>@4?kHe;jxbhIpdf@M>UMcj@oXhFeJSX9P(u{lxJ
zgYr4d<`caa=46F?4+w=OsJEPJy;yNHVaot-NpV(q^gzuruzN2qt(Jasg@45IFQ4HP
zPx7yGbo+%~-Q1}2tmn>)Cj5MoH+)`}GuSJi7bV5IdC~CuG+J=QJ<5yCk2*`e^7&DB
z2aAG=$wSlG5vPmio*NBcOg>!X&do@8b%?j*+^leip`p;(ekm$(X*q80r7-xu!TOtD
z=mB1NNi^Z@nD;_SmYYSlY6v8GDH9^$i?A4JV=@vp5BHXoW;w0Ay3%NPeRe1`-m5Ro
z2p=>e6w2{k({Y{dyEftqd=DEL3Z3S&nYeO&*GsqxeOI4Td7SUNmgCCvUAu7wz7t2q
zV{E`R)%QK}Z#=^CU02{b%XfXz=!%^dk8u~Spj5x(3c^jGdjqx(*BHfh_Ve7bXgGGd
z*2RjFjPQC~XZWr@G?edhufr8w(KILCz|t_{ayTtQ{PKmm8r3a~hHo6B_N-^9?ZibF
zYfcfP$JkJaQLGU<F5*tZVnx7Do1>dN_u{Dg3XFA3X%32nTjVfB)a336TpD*Q7L3Wu
zu+%YJok;a@EKM>}Wy*bv#R`J8nPs52S9eL25#?SQbsriR<QIhd3`+}GuxC2NtGhJn
z4DsAWQMY7#5RSP{>Z`F>F_j)={@D7F^Mr_d&zbT1j2a(tzsil5W9h<()6pxxEb2`2
z>iE3VV^X;vOb8~t<6p~<I4h`8u)dtxXleI!o#!r&y3fH>OWJ2%#Qg^rb4x8VKH`k>
z>J~>6?l{|fVQ^OXy|c9tXze^KPm?Hnb^m5K(!KgU{gZHT)zEaK;hw-!rD=k5BH^$7
z(Aq!_nb_E|AEY<K7^J;n_yt_-^$73_F7*}H&=Vu>F_YrSj5<Byo{7a8LZWJ~8?b^=
z!IBq#1B=CFK!(%8tGklz@?`C9m0|%d^(e8JT(@Ek_v!~{B>Xhld!ZuB)mOTv1m0ZP
z>#+KJ$z>UANz1Q_y2J4rgzrB7(7V-huhxbzc6HR9R>08n<1xg-k7H4lg8rU+P1K!G
z81Enz?OLn>UiR1w_jO#V0E3ImKy+HL!)W1m)1_Fd4hzMb=}8z0*v#8}X(ap)tX^LI
zzzpYD&%HLvBdQpmtG)7Tqi$$=u*&&;r*Y*)-BMW4GHRy{SV31Ty*A>0gB6T2jjMJ=
zL3gnHkBK<BUhKN4TLH7N*~L8X)xq|_)GPi-4fmL#K3Bg@#dU&zk5GlHm%kg`hD-Tz
z(YiF^?msi$pDBwX?f@(`C!?C1mPJ^~iJKNKS{ty`PtE*GQEM+|qVDKfL0bEGn=gyF
zmtqYhL~z}F4ok6J|FRaE9azDovLBX4G{cXb?ksE3?9(FdT{a|su}H!Pv%TS!S#Ii_
zU_&4FcNv9VU1ii+;kh?N-8b+FnuC$-?pNG6RTf9wL0GyLknnX8XQAib7!7ZPv8!O<
z{feun@4IwFBz(+V4Loi9=i|~c!j6UuT@4m1iLQ|&BTi?p{HCaT)x2N|wo(zDS3I{W
z>i!PXl1O7QNza)d<V?eGtF%^@S6|dW3C9@(3R>u-bAwS7?CCGU8jc?=#KrhUtRY_V
zxC}R?Bxra4e#(tusi%|tR=pHUmG?JaZXH%ID%pU94=&YZikak|jVrivGg{r7u+;xt
z%&<PiQf0|?K*UWwFWyUxxA19L!~CYY5tk~rkILr0D~=VcUuowD=~3~rh?|R*jvr0V
z_4E!bX8qy}xBUgdxMpOrHs@fe7KCCkx&kXGpLSo*V`&umR}<G=&^UjHHxf%BSu0r#
zuE6p~xBCXJ5q^5wh#h`mP$&O-;ud1bFDUIgtbSNQ4}6F9M{Aar1t9~!=drT<yp(2m
zVKA_`^Wlam1535^%i$Jdsdd8s#_z$Ve&H|W=eOa}7d6c}A4|3L2ei8qOZD=5HT*Fa
z?Y=O>?R{~)zPe7%!cy6p8C(-rV+Bk6rT%4kVMh3VTx_mzwOFLxSMuHco8e%m1KNaZ
zqVGEDvQX$u-*p)-Hfi{Nf{W`tuJp^}$z6r(Z(eqF|7JMYdCPOL4dz~nYY>HDJ*0U)
z!BS%dOaI~JL9=qLp|M6|oq!)Rh#9&I>r|{@AsDuVJsg(bRpINfSc!-CPr?z5FpZXW
zR|I2#5ylvugr(N@dntUoEdTk%$GGfBW*5QwbYIjx`O2W5$ePvk5-hb}Fk5P^Uoawn
z!s>(HetvbvR|LJo_+%?zg{4tKDpd6qET!U)gs^)Rx$3Emn~BSgEb=l~!AMQ1iny;U
z6mcjsD}M8<13#LM*>n<?{Ajv`k?^@#Q7?H!2H#F|AB?*Hz*gf0D`l^1f=g0@w|QVB
zd<j-i_t$U@2|~?_gxf6j(_rlwgDYrk)ng@=My;zcoUnbV*W%$UxAV2}iK)qVC6)@~
z2MIrk<*$_qzg+9Ra9x&roEHT4>k*zH%gY|xzZnkyQIz`xuH%SLqiSD)mF{I<o#F5X
zcU{ySe_c?3;J)WQEH#n8M!MaW1zk?F?n+O>P<`m}X_4>;SnU3IlG5Y)V3;w}xE>aH
zu^R4nU@9`#Nb1;trI8cN;a(<KQ<-Hiq$go$-~>~+4olJeWhT4_tDnDEMwSQTn$G5~
zmHWoW*nq)QQvbo1li=0C=2r&c=ol`JkN#oNrN3cmHjoCZfBzfk1V8O7aRr^JMdT?g
zmB%qD{-dtis5|P$;F8qB+swN7IM(QRw&4SA(yGAi8FyRdPek3d*y>G25p!e*mPViJ
z@2ERh1?|TK+?Jk%A+JPTq@5?dx(!h`;pTvG5uo%d|F9U~A7ZJtn%U_|w>0gf94r;t
zub8_MOVxD!>-MKuS`g@ZW@-0Z13xxqV<PTUEG0=F-4}80@nTO!!@Cs1%bu3up0J`x
z^SX1eR9rgd>PYw=tYf|UOETPda4By%ZFA^tK`2VHh$RLq@KeKHho$*Sg-ap{uioY@
zc_zy(yggoY4gN20_gXxg74C6|u8~~y!?SU*Pv%ag23N555HRfAN!iruZYHiX{QQ@a
zzlWs}%1t{vz+G4wdf*fud6#-g+lvQq9ZLuX`(+XL2P}1cu-^Ay86UHo>AP82>PZ$s
zI%8F%pX%}+mhxezNyxNSjn{5EDi<pl`3kudOKr@;IxUj$_9|~lU6y-jbpTn&Mn}SP
zuvjqI5<FmeP@K@}_$sVSPQeQ1uokNeu!fT?qv4G7W*Ggw>>(NMzIO-x8{8WW$5Nn>
zx0KD#6IfbHDKq=IAF#$ZS|jcWwo`%MN~}Np64r!5r!|H=9V@rddH}1i(Q11y_r{IZ
z1z3NCY{1HI^vk-Bd)-E>>QB}`u>OdbbAQv2>#=eg<E5<S?l^8ab3FG|9%!ufhQFE>
zKJEcENyW7p?sQz54y*{=x~=xy%~AJLm<AKKOQ%P|X%Et}{vgZ6bt;?<6<xj_OEH6M
z;@`1OY4jWTP<){2;<Fe_1v$VU4u?D(pDG#vr&^0m2{#5yyz<wh;Y~2Mk%Kba{T_)g
zg={7Cz~+spTL~LUYKQ5v6h3&JMu%>)N8<{npvJ>hSgHe4jkWD9tdp=9tS3jDeqP<1
zQTL|x!9qp%4~QguyWSiAR+gScy%lwDt%>jERK$<073>v{cr?g{RpDx$En`JUm_%NW
zxXZ8xHChc=ngxMhhsWZLs*qE${s?(@Q@`*JSUgPJ+CS;>CV|2Wu$ZK8`&dmKq?=OP
zG~FDm5siK;u^K~$f4~aTeWFQ}@I_dI{B)aQH+e&oxNZ*CA9c9}%g!9?vI8p^E~;72
zC!53zFTnB(%@Y2?+tFqlRRk6+XQWrRHOixO_x-5*BUDRYut7fZDP5Pfc#XvsWV4y8
z{B7cdVk2~OdJ={PpTEL{`#!CetYSolI~P|!cyJ}X7fVrsJ?;nAFSw8&`b@CMu--CU
z&cMnfr2i=1^{}+=F<e-c-gw3v{$W-){45W5yox6>++MhpY_O<L#v0^X8tbdD6qO4K
zH=|!+sW{B8*V2=o3);zlcIeK)ItefCOc`TOU}a$W12nuFtH6JHwfcF!i0-=%-K3qc
z9va_@t3a-Vq&n|~OS9bcy7(X*MV>RUf*~NQ7AqJ6SYh`CEU$h?|0Fs5VhXSDaq_4A
zofo{}pGKR#NV|K<gpwm3%B{x=`dJCLda0?E+tdo*Da#|hq^8*IQ{Obof<IZ${>e&y
zIX>J}ywhZP$zSwOYKq-$O|5X3S2T>XKkMHtaBT0NBu8WEzx$Kb=hdcurC7Qq(M>$f
zc@isV^W!#$LNol<zu9-G_4j>^f8OTz!+cz0z4|ZvH^bq-R|xlb-LLqxjPNbE&d^8?
z|AdSC5FSci@P=F@;=X}v1R1iVa8q>nn|`dJ8R2cX=IBvwc+^{d);x*c;JM#K!wGN4
zQyGUVQx9&!&*6&tu8Ic#!7A)WTs(lqb^1GT*CV)ibP8+ruK!>a*PKSzE4X;b3p?sP
zxw60Q-wX#&SV8aO;t4BHiORk5@1yQ(TZ4xP4DZDe_n`OV7Z2?gMqz13z#PIV$I@u=
zx0>P2SbjR;Zrl8)%cQ*kmtPV01za)0GEd(k)enLx#5`da7Q-6gr?d2#h`ap5;EKw9
z2bS{@&z&3nCjZHL9xJcWuiMALbux%|`Jb%MuyPwip7cp@b@xMtZ^oh}e(IluV@y1d
zGs3I;IqH7=8AHKmqu4TB^*J}KzNIV9*H{y<Xef5%r+9U{qT#Q%YYNxT?w_<H@T6^c
zYH}~u8D8?Q{hNKEJ-2o`qj3#sO!)?^K|#taRqtb++345r%U~qY=$CS(#X6-i<QrJS
zeQWb|k#PI3G^^`>&Tu#5(&%Fk&-=-wo$(Y>p7Ra6U{SJ_cn$Rn^c${>AYtxp&iq;f
zuj2a*_eNa7y2(lz-h#!vUzFi?{3d<{RShR%QL#lC&I4ZTw`jP-w@NqrH*WdA^QXzK
zjPTjG{^rMh0N1HOUNmIF_wgMp8<g-^tkHg`dvK`|j1n#m=l&2MiP~pBjb$5*CAs;J
z@sX%!wIi{}XI_T88dp$Pt^naru$ZuqWw`x*il>#rI#+^qvR|5|brI)j6H9QS;WmHw
z+j3Widl4@62K`J{Td{&AQg<y~Of1ofx~Kmfzb{|P{hu*)g6{#3BOc2?V`tx8fyIqS
zPQ>YN%9|0Sv=MUobE=ISCg;O;GptQ=*kS(Q93MEh;LHh}J%3?-1<uQG+5jKoJT0KT
ze`UA_&ZU1izs5N!priiLn8gD)3j^AAPh+$aoKpk34QGDf9P}GgEO6fbhcn^##%O2Z
zw1r%c(}rywa^iFr&M|%p?(;b9c;iXLevaecC9v^lr#>7j=-s8?GwrZ6(fm8Fgx?&q
zq@|M;9-iQEkHiMoxzf1%I#K5d6GPlRaII0?81M|YPhyZu3;*tK7M8{Xj}f?qSZyty
zTCfTJ1dC@*gV?y3x?~b+;A?jM2~59p<JgMtC<fM2hRju18U+kZF70n&si)blEsVJP
zG;a(!AQB!Z%d5D!e={7x<lKbo1V6a$(SF0?{W#xO8I<INPK2{bV!&LAH3!STxp)7L
zr4|XE)bw*5e{aP0oh6|Jt2chM9XC_=VDWH-^ghF-mPqzC)28kD(xcit*i+_UWnl#y
zeS@VE1-D%vTfg8bVyBkzklHDqg{3rukOoWf*wcKJo@4_C^W+e|JEj&2o}v_Bsr3j*
zo7{oL7cDmRPr{*wqpv98L421|Wnx_>r%_nJ^wE2*E3IF!mwN##$d?+sA--*?rIh_T
zE5i^h`33JBE|BHl+B}X+MF@6^yRg(|j0E0p^x=D%T50@85$+{e8YP5e|Nl0YdW9Fa
z^h!s*u_-?$HBWWMVV&w*D)DM8wN0=y{Rpd<@5id<9?W+))qm8K!88_2A^jG1t}*4Q
zjJKUY6$!{F>U3ZbglbU594uuNjIe5~GqL>pvT&HMeU9`WHIBx0I-CZ)Gu_16lIS6P
z=W~=Flo6jW^<YEOWw|#&RVPM1Bk)%&UPH4TkMWIA@!*-&_0|f;!CP1Z{lvAK?!<RS
z)edwh+ne!NF|U3?hI<FDzrl$^JyZCe<~ZNtv72+JiM6LlC-E&$jf~*+!WCHRmf%6c
z^H_bbc(+CLe_*LwXl%9#!&4pq#c7gWFuDt{R8&$SWG$A44xL0t{EDRw1=E8ynzgng
z%flt64smPw?rGqscKr=Y-QvF%a0Z(4PEIu8{I+Izds^xKw(-_b&~LFK1l`Xcom~%e
z;`d$n6=P|4Loy%o9W^Xnl<A&D5vQ$*bte0{rW|p<<C~^Rg<|viuUmVqVZ0G@r{PjF
z1Y`d$EDZ(5<Czin9jsuKY3v-;AsFpUGx}i`mMTv3of&cNHRWB%<R_r&NGF`cSKSQ%
zFqp4EnHZArZb!4^NGg}sDd>fuZ5Lr_vT-lXx0W_xorFaeBO~FKhqDlQ74tLP1-LY9
z{qHdFZ6=yWoVvxjk@QEM&5~{;oppp08tVrm`|$NxCwlc<jo-qh#wI#T=uv$6RpTkJ
zrekTg&}OV?H)AOzPqAp-kFfrjSBD-Mv<5pXy`#rc{TZ<gkyTj17}X;E1y<0etP9~I
zyE=RyA)9Jkfy?GRJL1-31v%@@@$Xo6An`SgOjCXgSLF44eRiy==;mZN2N*Yv#++ti
zl9x?6;vREU&?P~;%)w%tF^^XpxVX6>%M*@vLPPz^szST4PHVJIKF0CCF~&_Re%D~-
z#{I&(v3T~uBj&zo!H{49;cZ0`mZo3u%y=c1mb_r1ZpG3ZYUw{GJvOLauqKVf3R+Tg
z_;RdZEz|0?5lb~^P2hWl7+Oh!GL7!h)OsIlaNN&1&Xo6}3C=l=MW_)zYTV-)5POa@
z!;fb`#P}v}uw2s-PMN90(|raQ<eqYR#A$9~y=l-4Q!Y8r)JdK&ZXc5QzLy!^$H{Uc
zrW`YT;qkPdsp#YIMVI4EixbEo#CLvey-FhCbgT*f{o6yh&h&4`4(JnvV199p7=smT
zzEf(_6Z$yb$zw7TUhiXGh>%#)2|@4Bev2aR9IP=^Y=4vDu#?8p)DDK*@qBsMUU;||
zlwxUJ3og;GVFf#LZD<Zl51QvNe|<U!E1Qt4PZJ^u@1&a+{m6Gl-^Q-uMa|t<wmYul
zVI@{3F%rzu-VU1zzI}X(o)0@$86LbdtNWQH8KjZU7mU>q{wpbGmT~*j(oX^v*)b{o
z93Bz#W#qH|Fu%tf|A(2K>4f~7svz*am>P~YZp$nuxE=F-of)PslMEh!`la)q#C?OM
zj%9+fU+x}_uduqR6=BKGzwryN#NrD9JZj&DE0~1Z`lOr~Ok7raF2LDX>H!v4wrO`@
zak09V?@*p-hM(y4OCdd_8EVE!i-jChaiYV8$5bI@08MuPXsU@2MlqXE|31uDW~hHi
z_vbu=Gl6p~rw*y&(OiCbuEGBCZ<Oe!-2kUGS0w+2(2r01`tc_!wkg8fFXkkf98v|J
z%&AHhaO!BPD#kgS3OAiI%sHD=hg5uy3=XO6Vop_O9;c2bdT1k1fOCB-P{*_z=yWJk
z`WJF49TisgrB=&Pm9v6VhqMK!k-;HVyyY@D{z{eY4V(&hBc~3j>Up!WRDfGKb==A+
z`!=h0pgR6aRgil*Rp19XmBB-tI;6^A9jEwuYd?nSkSgAjs<HxX<W$B_bLwcSYJulD
zr7v>okScsVr{cfNspGFy1=;NT2C8_kb1L2&{`ioCQ-?H(^F0|HQU%;9gQKacKp%3-
z|07Nv(nC0RajJ%UICV5t708c-l*yq4xE1pcX(}%EPyX?LS<C)k$w)25Udun4YFPc>
z*?LITH*8A$qp7ON*em#lRN>eI_(xL}Vh`XCKCZO>@mH$&Tv+`l2Z6%^^*t96ze~6@
z_(xN9%%_8$uIAt&P8)ydu)O+(8Gx#mgVE;bDK@TDg&%44Z<b5766T>ACsQn!$~o2A
zQl)zis&r;pjs`=w3BdbL0sbGh5}HE-s{LH6^KF7s@e*q{RiRSre?F>$T<F-TbD@p!
zSE`y_g1>@XYIPB+j4l_nD!UweUvwF&mbn8}Mk{T&rm7iMTV_3K|3A{Q|4PQH$&(aR
z<7*SDu6W57ys3)63YXVr>o1k_HEUZf`xDS|{GJWaRE4%$E>)L&WbOZs9<K4%jE>V4
zu05(6c2Y<Fle*YPSuR!HM_XH}0v%^<sal{nnv4#xys0YwKykAy=In27iaAL!r7_fo
z{qLw_>SIo8v+r;xsZ8}b#irR*m4CM7(qY)kP$6S^Q&oL#w7jV*{hKXss!IQs1UtKN
zg!Td4i7KIL8{w~13EpGF-EYG+RmFb@u5jzD|6i#Z^YH{byC1g!r7Br1Dzw3J>3-Pt
zmcN23+^beMqdKI@_zi0}Rq?kiZ`3k?O7fod_;;$BePF{$HFS2OD#+KCOVyG;qFSJT
zwY;gSAiu#Cuk3dl;J>0uAb}5Qm=7hikJaXa98x)3Sl-g|f6}thKLOuX*!}o85bbCq
zO6BZq?Y~la9m$6Z)YXQQ%I;>hyX8_>|7Nq71x?j4Y1!;ri5BW@z5hz(72!i|*w==W
z9)KOQ_J2dCk<9;DLRyXfW()A2D7*9#PNYmDXPk}p?^Gl9EW)YYd8pcVqSZ+@zEuAC
zmQS%<DqdiDq2*{W8Jhq<;b}I2R0W)6?Y~k@i3Rv811)U|zX(-<m)LksRa0asTwd2D
zlD`60+6XtJs@W~_{TC|#TdluT8Q*5@rmBppEte|ZYE*o!<!e=9c|2gjf1;}4dK+G<
z0z7K<am%Gjx7O+t*8fTCFI75a&*2cO<3kZ%kYQEMdTalc%Ij4=q_5j>|4x<u8-$a-
z8H7JJ?(kK+qz`REf2EE|9>pBhs`$ALCRK}mjjBRFTHaKZ-%plHW&hpk&z4Kokh?Aa
z#p<utUn>7S@iB|TKcw>b-P%o61x@551wB~C|A^WP*ncHK<=uu474%SBkiSy-A7=ff
zYN>Ws+oP&uC$&F+p)P!=$&Z%tFH{Mp+3-D4CD;qqZn2-WGf*8;`S-V)X}MH93snKi
z23U{3QqATe__NA~a&5T(VJ-W=mGEDts}?+qib(TN|MqC2tyxo5lTPyka8qUd|DCEy
zrxQ+tbAb)tRJHHE-14UC-ySWt9#Zwm6{r%t(sHS~VkxSUduU7aW>m9$HL81|8dMJj
zUPE>KC+d&?|0Ljln&5viTrmIsT>;b*uTvvc>TN#M0u5H*Mb%>OqiTsSP<7q+D1V{9
z^P%`ZqiUgjXhyYMikj0`^4GL$4N$_VR@>SDQuSRIR0(!Rl~Et-|KC<U*;4^BP}L+0
zRf(fkPefI)f!00=)zMT{u%R}bf0KhPRZU0R@c&B7{*}kS<JzB1CShe<U^AYEsscr*
zwomh|U26T$x4Ho3FLW^<gf9y%lEopFa|s`6k!w)Z{90=-M|BTz7pjb^t=@y`kc!`j
zD&AVlrE1X!P@#2vDBPpIP5*Dep{9BP)gyxsQ2*Wl)nNJwRf0cT-HqxhsZvUtqiTtk
zDz#N*u%G1zS}s+%Lr@i{HF}`Ne|H@IphDGjS*Q{ifGXpYP#sc59AtH{<x*|+$Dj(I
zWBtdWTDoVWI{r%i`S({I|0=@&F!%HS%aZ+bMygq{t=U{#BPqQRDn;dgzU56-Ep~zR
zzYvwJo%)gJo%;m&;|K=b-KY+!5?q5S!o8ONPpZ<r&*Y4ATAF*tIY}wX?*W^Sl*bI?
zoYpaD=wVxoM^KH78f!m_@)vqiA6Av@Mr;2`P4am5dy4+7^_D95bEtCPWbHcZFO~lb
z*8e4I*IR$7M)YROU$gw*XwcpYpn|+<BQ#abfcGtzs$d^jTdD$mXziw|a35R$PtYT<
zlbD|h@1pW=*_`~9@qYdU{<A8;0dV;rWc{V$t*qTt#aqLbK^yBYRRua(yQwPOBg(AD
z5lvLiqxn#PV=ezbQFTQxn@%5_PE%E*m1W?e)ozFlAXQC<p}ItlL3PE;LshehRwtnf
zmyfET1=gO1D&rZJ&qft*4yvQ6!plO%Ho#mPps6aM63eB^=zLTqzX(;r7hAmq)!bi<
z>i8>FftTQ~_}8EbS`V+a5u{q*Z$KTBJHfsNtin|I+iftZ^1Z{_O;zdN1=r=`K~%{-
zX2VHUz9&(|--s&w)7HPK%Kw?>_68n@AK_UW;dyIsvRa3#VP3NSFQYn|sxp2Zu8K6+
z@b96@XsZn`mHj@d@E>b($nOj5@udt7sWSZ9+EUf@@2Gn07gX1;eSiw*qN-_2tH}z?
zAytO^S-Yt!`~ki3P)S<Z0RM?PX3tqpSO3v(8yl^uD!){?(r;`1ar$qp_rA5JA@sId
zhg6NV_pLRJpat+=P7TJrZ>>L~6?91VzO`0MG=1H!6|m{sYWd6F`__8zTWh_&)|F@P
zTWh_&)=b&^*19(XLi@$0Z>uqVTNmKHZ>=?BIGVn_*0yr*Tk8+((AoRey6M|%jg7r;
zt!V{4c=%7=Rujw*xA(2}-nZ5~k=gs!S`&ij`%EESdiK7x-uu@2fAf}m?^|o0w`x1j
zvG=X@U%kE7PJZuO>%DKS_rA5>`__8zTkGJx(B8M!{sr?-Z?CoC-22wL7jF=C8{hP8
zwc1LyUSaNiYrXfaHA6wi|DWDkchT%``nFmXl&#%k<6G->r3;;}nwi=~&dK~sCigOD
zj7hr8Nj6270a8qjz<Pmpmjezmg_i>gE(g>Lv@)rS0c{oo7Ayv|Hgy7<1k%a@siw3X
zP*M)qD$v$+Ujpd11W>UA(9SdnY!S%30?@&fUjbNr1z@K@C)4*zK>C${sw)AV%?^R>
z0@)RSE~c^qu)G4WN1&^TT?H6+6=2O(fbM3uz%GH@s{u!w>Z<{(t_CDu14uJD*8s*|
z1E>|~VceyFq@{qOrGTEMMqvF?XFt>aT4%U(yeYgEP;f0F>aQh4ACu|<+IWBk9w1`s
z1U3nzT?goEO0NTyTnE@HkYTzn19V#ks8|NbGz|h<1TwD&L{0hifW_AXb_xtIeGMSp
z0ICe&B(p<cyFm7Gz+h9k9I$*jV2{916RQLas|2j61jNj4fn5T*HvmpH)i(fE-2h0w
z5s+<iZUl_I5l|~I(zrJPl5PSN-2@nAY6R8`w5tM~W(unS1yz80fzwUu&44yH0~Xv2
z7-Q-LHVLHN0?09?w*X3R0c;f*Z@S+K=yofh;#NSeX%N^VkhubImMLEWSiAzTQy|au
zy$z6l8=&eoz$CLnV7ox}?SOn!c{^bF?SMT3Q%&p+z_2?2YwiFPn%x4s1aj{LoMWo*
z1gyFfkbD=Q$mHAw7<(6>R$!)aR|1k&0*Y1wW}6y;^#biy0g6rGDnP+1K)t{`lUfaE
zQw>;94LH}-0h|)kX*E)6N)c1C8t<*E@jl;lzZ-smxk$3WG)OKqJ?}xvOu1yC`A~9^
z>AMEG*esP?Vs=O_H3RNN7MV)PW#&7{<tBC?nGCy+OxD~-Cgo-~z*%BO-H%*hswGz%
zXDw1;awJ!owUVoi`v7u{$&)NKHIi#h%7ch!3MJQ>jgn<1^&wUCAyxDtGBKu3V3R=F
z!+=Ut`mpNyu<9ysqv`$#pxYyWibnudra@qfK;}BYEv9@OVDUP@PJtDs?|MM`dO+2B
z!0l#-z;=P`8o-^VvIelc2Czq9rHMTX81^V&&7**7vs+-7K<;CJyG`|DfK`tHk{<`G
zF*%O|#y$?H6}Zp1wSc5rKv6AVt*H@MFVOA@z=Njn2|&RUfO>(4P3i_fn+<>k8vyG}
zoxmo6v?l>Iru0cb$&-Ms0*{&Q8v)%m0xC8FYE6T{7J<yC02@sCQ-H-!0d@*(G<}~2
zq(2R)dK&Pw*&(o9Ap04>v!?PH!18ARdjy_0v1b9po&~IV7Eot)3+xieeGc%VseTTy
z>N!C2^MHDj^E_be^MG1`SB$#}khBR<v<a};)CjB>Xjcb#-4xaV3hDs$0&kks7XWQu
z04#U`@V2QF*d&nlBA~&Pz6dCJ5wKO@UDN#~K)06w6)yp{ng)R_0-5!IZKk{)u(%$u
zQ{Y3>_hmr(%Ydqv0Uw(k0^0?$Ujck-DqjICe+95d;BymumGQgXtdQ(5yCq+kQJax3
zO||4J<GhCKG&zVF`x;SeUnA-_#(f?Bt;v&oXKEzho0K<@A50-)3f>@a{Tl@S$)vss
z|GSwj`PtM-c9~9ZA-hc}VoKg3@Yc5o{Hy8yHlW+vfQq*PdrX7C7J<wy&dK~vpINfS
zIm0a80@(?19MiXfAn6T&ss=!!*&(pKfveYucer|mP31d)<?j$;&pU)@Zes5OhP?||
z^De+Oy9IU$<h}=JX{z4?ta=ZSycLjaa<&4-ZpBqAu)lHN2PC}@D0&}|Vrm4|3$)t?
zILH)k0~Bln)C;sSsUHB^d;nPR0id<16WAn>_8}nElzs>(`4F&Gpsnft5un>gfQpX*
z?M#Ef7J<x<0Ub>F$AHBj19l2@GJQV*q<;da`UKF~>=4*4ko_s3i>dq+u>4cN9)YeV
z_8DN<XMi=I0lJ&r0=ooqKL;Fbsy_#;`W%qF9gt>nwgbj)2h<AmFzyaO(hfk;4nR*+
zBd}he-4}r4P2m@Sf-eB|0)0&Cmw+~30v3D;h?qKoO#*3O0s5NKuK*=q0k#TcnC?3P
z-F5;hb^<a@gTNMn%&!4aQ~otz@z;Qz0s~CnZvg4v0II$LoMd(gY!}G>7BJXUehXOs
zEnttpP!szOFzh?Pn(qKHvs+-7K<@W|lTG#afK}fEl79eXo17m2V}AhD3XC-FkAS2f
z0YyIoMwuFc^#bjF0-R<Fe*zTz1gIA{-K72<(B|)e1%C&OF?9l)1k!#6<e1W*0VO{J
zwhD|l-FE@H?E+Nn0_2(ofh_`=y8&mJ^4);Ny8$}|@=V`f0O`K~s(t}XGCKse3uONa
z$TyY00+#;@*ds92#Qp&o_7A|Ce*g;2Zh>6_xqATTnCd-%ReJ!*zX6I&&ToLRzX56m
zW*YZ*K+^AkqTd0tO^v{Mz_NA;>>-vFCX88DkdVBr9&4USbrNU`CxNzb0Oy)IflUHw
z34l^lngA$C0BjXF-*is|bV~$OBmx$g27xUCnau!Y{9-9!aWlY9fs0JvFd#h)s0srv
zF*^jd3uNyDSY#^q0W9AKut(r>6Kf6_)*P^=IiTF^7T6__n*_MRR3`yeB>|FMK!wS1
z0b^Z2t-#gBZ2?GX0Vrw#SZZnn)(f<23Ghr|OF%(OK)t{+le#aU&AxyI`vQ!q6WAn>
zmJFygrOAMjWWZK|8%_890NwTjRO|<+G7SP-1Tyyr++xc22Q1znuv1`#>3cxJ80R*#
zRC2r7A-Tg0NI~v2m55oMLf}0q1YT)k2Lgs22v~C<pxW#PIIGR5gOIyTwd5Y-9E_|n
zIg)$LTFHIJZAH|iRzxjoMbx#XMqs@_yF&mEn!-Z>1&09Y1s*o3tpROX0~WLftTS~2
zn*`F@0BTHW8$d}Lz*d3BO!rhkw^TqyDxlUh2y79^JQT3OlphLMd?;Y2z(&)zEg-!u
zpsFq4X|qFMyFm6~fM-qRVSwd_0rm(yZ({8L!`cDXXdu^_-2%G=a@zx5G}Y|^tJ(vS
zI{@lUP6xo)4uD#LSB%>ckkk=S)Df`R)CjB>Xx9nwx+&}gDCh*J7kJa89u8=8IAFoy
zfVWMZz$SsT&VU9}+8I#N8L(C0UDN#tK(`|R6-NNJng)R_0-0R^+xYE8z~U}|odO@4
zzDEMmj|5a53HaFT5ZEq|-4*busq6|^-W9M%;B$UR5iqP9U`;o`4zpWemq2cJz?Y`F
zJ786JK=M(5ohIifz}TYzwF2K5_h>-U(SV|(0pFP#f%O9Ijsg5&3XcI490RBq_{pTE
z0otSi7Nh}wHgy7<1k#QL>^7yx0!oerY!&#`bngM^)&o${1F*+52y79^JT8IV2EWsL
zTmrj|;~+aB+HLeCNP15|RZl>o*&(o9AiEbJY$|&JmiGee5om5=#{-5P4_I?Nz%{!C
zb_wM62DCKQy#cFw1Csjyl1)w@z}P;3T7mtIdjcTo1VGUVfD}_BuwI~D1aOcki~tHE
zfO>&eCN&+<CLORK9njj;32YKb>kCLVrF{V<eF0kq+M4eD0NwflD*6H1nFfI^0+|_r
z4yHT<us8#-Q=pUS+aHkLA5hgF(An$|*e;Nr3Fu-fGXcvp0eb|xnphTKSQcPS7NEP?
zEwD=<Hwrk~R7U};qJZQR0cj@ZM3#+X&00wh;|@TMGkKDprbg1sqzpukH-(5P7)aFm
zfkf?NQcr@PU}j4qrcRP>It@blno>zWvssd1x(`PBn~NlwrU5Zq29r?c5E6=-@*#l5
zLjXGk2AIA>0qH{lRYL(MnH>V#1+s?$2Aj%ZfaSvgdjy7>SPU>M23QjV#LRAiT>`no
z0VkX4;eb`c0m&x=vQ5s(fUze7Y6V6b_Y^?VDS)C=0HaKez<Pmp*?`kbVK$&38&EHB
zx=9@YXfpz^U<6={sT0^FkTw#KV@gK?N=5><3XC`1Po)*kG#5#7O@m~D={X8H%alvb
zHXlmzOy9pD6U|b|B(p;@*$g-h$v2gfDds!LR1+JG6qpr~LbF>k&5Sx7Imc8>rW@xB
zq{!q*W|*~-nZ_N1%rbeB*``J^$E1u!icKM63dU0K`mq#zo=MG7U2^~nascO=I)P0B
zY2yH;rgWU@Iu5W^;C$14JfPcnK*e~#0@EO{MIiG`K$$5&6R`M9z)pdSOy68UdM=<U
z7jTK$A+TK_djepQshj{<J^`>t;Bpf?3oz^~z?!oF<z~0QE`i*$0auvnvjMBl1|;VJ
zDojouU~C?sR^V#mP6Q-P1QbmKEHyO%J(`$=c%~3B1(WcupM>`^lR6oGy_qdBrcScl
zbjn96O{wGtvsrSZ={^Oy$y_9<G7XZOP0y*wEv8&@tNBo}!t^ab*ds`8H#;Qk5ektz
zO{L^6^POa+iA_URnH7?1vs=RM;2h*`Q;nEa=cumJDe4-NGhKC^uDS}`XWSyywMca>
z0<1MP0_z3Z%>X=T3TFTcW&r919yX~n0c~ai7R&^!Gj#%+1kz>!YE0=YK*=n?R)NP%
z_t}7MvjG*e0kx(9z|Xe!oP%sI<%n542k)J8@ZM<p7Q>%1OC?X69g=6vfVs%Crc&~p
z`A+h@iOnPGuz5sXGmofsX1BmDf!z6k7ftni0={INbCG(JBYD}ZmAqoy5&|cc5V)v>
zz?)4Cz<JH2lp?R2LdhFuqvTDKdLHtYnJszS)FEcmc|=V+pQsI{^nCa`X0zm7)BOVE
zJ#&#{t7$;YmJ0}+xq!giO!)%9;st=60w0>b7Xs2R1XNuJ_}J_a*e;M=2KdxemI0QR
z0rm)dZej}o!xjS8EClQ@y9IU$<X!~$(o|mrSalH~`C`CMlXEd(?8Sgufp3g^2_Web
zK+z?D?@W!rdVzMA0)8-smjVhd1=I`tWKtIa+AIPrSOoal)Cp`7NV^QM+mv1gD7g%<
zRp3|C{c=FJ%K;Ua1NN8(fh_`=i?szvFiRF|3$Pfn6QV6ZIYH9P0afLIM6*L+yFm65
zK-g3+0W4nv*dx%~#I67gy8^K03V>^N3+xiey%NyUR9^{LbtNFV0+4KSDga|E0JQ@9
z8}}+e(p7+>s{kpc2H+fMQm#f0GKGjKxEk;JtMP7SQm=s@VrENPn>tAw(`hM^YDy)C
zn$427ru(%-?RG6uE3PGKJJSGg+MAvp(!rEVI+_n9olM{B2%LT$fvc_~aA&gv;2dEF
zEJM1OO39JtJ4sg)yPm+qt|#!C>j~W5>=xK1kZS-(n`#4CWdO;`0cj>@IbiH^K&?Oz
z<5mKaDgi~6fS#sCV7)-Q8vw_f!W#euHvsAd`k2%k0c~ysEVvO6F?9l)1k!E-^fje7
z0ZMKHY!%2b-KzlIssI&LfK1aMutgyAW<b=G-warMGhnB{0MqvtK>96!s#^djnH>V#
z1+s4i3^tXw0+!zj*ds91#8v=?tpKc90f?F10=ooqZv&ics&50Vx($$gJ0RQS+zuFf
zJD^rzq;c;6B;5fhx&tuE)CjB>Xm=;zG*fsdpx{nGy};=v^)5i0y8sLB0*o<r0-FTV
zRswQN=}JJ!O2Afu@uvGKK(|$ZidBGI(;%=#AhQ~9mMO0WEUpIZ6v#7uR|C>l1FBX7
zCYc=q+Xb@k2IQN{y8+AZ2J8`-YGU^QhTQ{La}S`<>=xK1kh=zOj;US)ShWU_d@rEL
z<lGAwdoQ3?V5V{J10>xCD7p_Y+tdiG7if1spx6}N4=A`FP%kjgq^<?DSqoUO7I3bq
z6WAn>_5h&Nls*6`c>u6g;C$2lK|r?$0TmAd7MKQsEdrSj0m@AILx9B(0d@*pWcoe~
zNPiem^)TQPvqNCJK=vbmMW*r*!16}`dju{wv2}o9>i}!k0m{v8fn5T*>j77o>h*wC
z>jB9%fC`gS0~lKas1>-{xQ_yo9t9LV3Rr4t1l9|*dko;2!p8swj{)ihmYLMY0c{=!
zEO;DXOr5|cfwWpcr75iil+*&Y3fySAKLP0W1fb#xK$U3_*dma*0dR{c-vC&=0kBhG
zh3WewApJ=|)sukR%?^R>0@)h@cbdwLfaMzjdjwXR*i(REPXX3E1*kT=1$GJKJ`K3r
zR6h+^^)w*)8NeEo^9*3@Gk{uw`;7Z6An92^(X)WHrbb}BK)dGv51PW~00qwh>IEJ)
zsm}x2JP%m#JYb!v6WAn>wh2&UN;d&YHUYK@JZ8Gr0lL)zD(V2Wra@qfK;{d84W|4B
zz~UDGI|VkHzApmOUj$UW2zc7;5ZEq|{Sx3=Q~45L`AdL30?(URJz!WpU`;)s&g>T0
zC6N0v;6+pYGGNuqfaF&I^(N;Pz}Qy+wF0jg_f<gBtAL_c0h>*Yz<Pmpn*pzz!p(q!
z&47A=H%;nmfHtoI7Q6;{+tdkc5=eU;&|pem2b8=H*edX@>HY?w+Z%w2Hvn5rgTNMn
z%r^nsO!=FD#cu+33Vdk#z6D5s3sChI;A68xV7ox}+kj6^<=cSeZv*xSd~RY}0K>Kb
z)@%XnFuMhI3FI~azBJVhfK?5E<aYo&P0l-jvF`wC1->!vyIiVxn<4qm)JVQJDeoaa
zm_o^qW~1aMle(3tZMG71!B(RFZ0ZCy38cLb*lkMR2b8=I*edX=>AnrnZ5yCs8(@!V
z5ZD4(m-#`$2FD!mQNq65OSStbVMFrQ{HO%~Y<l4?^Z?W8qlELlCr@nVPMkNRG;apK
zez0!##|cL}t*+%4viNr@3-!&1qH`t}&Y8u}<*i%$Ny0(l)E~O|KmF+Y%`Gm`mmxwK
zNAlYO=Ay2NCz+04BqTYft^4qx#FG=0^**NkQHlG6U+YPVW>iAr?dJaD5}UDuN!yv=
zIepe`+?nvA!-Z_r(TP1&7Vf$?enUR9qx>^wv-Y=yq2|?n5;p}&ef@31KH<ksq7Hu9
z{iMQS{vU@{O4=yCxxZav5?kI*-zQ|WdU`m&V_@qsXXf<j^Qgx@>t=tSP?qpViC*-h
zUGsCo*>WV$FPu?QNS(Hf4~1H;BUx^H;Ohv`(FuPs8LG@rGxvX#&}`klyAy^v><6gE
zV+!WZn=!X^R{rErhH3X}Lf7yswCVv$<rO~_bJ(7Qq}0Lu0zdz_&~L)kQ~5Fp?$vYo
zWe){B#}AnBUa7hFw}dkiI-hS|b`#s1BYsafE_})bL{#oqE3ZS&;K$|<BJQN=g~v`S
z4*p$45O4UpS34$t>v-3k*i0c?Y`>Ud6Y|x?>qaCb_DW<sa#1+(ps?R@%C)(lt2=4V
zq~m*0`N!9-*(Wj4aR#hg+dQ#t0=FFXZsLaI<L~l+Lt<eRJ-{seCZUHLA0FM!<`#(~
zox|64YN?2RD<2=!`OM_Rq;SDndQCYEO;CxNjFbI+&^R==Z`4>K;5xsB&GG{ij|<m5
zqh?>bPvXyh|F(K57Su-rG{1P_yu#^|L;j$9+YS2ucyrjkj03+I%mMY4S>GXXI-4qL
zROT1q)h>h>xNdF7#I9lfTN`wY&rkV<A?%OLpaQObG@PH#SUA}%=t>=*HuYT-$J>F*
zZXmN8W5geEJ=E-@{VCUU+^gDc|LA{b@H$32qy8AvE-f)5?9V9Gc$>0k*&c9gVn*__
z{B*hI;LGT~e@xY)dBt<{CKco#V^Vrh?uYqrEBsMf?5tyA-STvcO+V;6dZExKu37S9
zV${6!W8$XFqkY5(!B1aXVl0Gyw%^rCv`jw^694g#W|rxnz<zHw|CD%8nSNhH&Aks^
zQvD2#eg_dVlw_HHa_nQm=^q`mu#Bao@yAQ{wM@T*r5{Mqp`XB2kr>FK7cJZ0vV&o(
z12!RafQ7Aq@vk7Jz?7MO@F3krZUs{T^`lz)i6I@WZCqwr=rhaOSf(H2+hI2TojQJH
zy$-crZSmS=SzF5vgEb>7;lnIzhdcgjSM4lo4=b^8+gsKFHpj9KmUV;;gYkv3Y5wm3
z!$X}oBQ~J^6{Q;Ja8CVno{l3d>x_GeJUP0+`15~K=_8cE<NqG8nuRqx^f9N79t3hs
z?azr_^}EcWZk(Tqa~zMCa_G*vLx3Zq;OJ4DUkY%f!xUG;YNr54KO62C+~4_x>w*oJ
zhW$OKij--?9jpI{q|^q?vakpC9@~#m%Z`KjzweKpXc<?N&<SS6uEc|KpR>USTCd~r
z8fMu^mi2}Ww`>rMKmG4Np_45e3Q&Dc;5@~$nBtn0-H8VkDR?^Psd#DhWy=fg%Q?!j
z5jF|^T#bIsUL*2U%QA2;w7sN%`YC6B&d$Wuh&;`*OxzvJQnD=5Z=vZp9WVYuTn$4V
z^g|~cV=X%ow|+CRGddooo*Tfq+YXYmV49HwIe)d`X2Mj{lQ@63Y&J|q8pP=Yd6b3b
z0QvL(`<FzU@jQSc58>QqGdb6W8w&f#vh!@XVX*O}d<1%dWii}mT6Q5!8FQ5mon@JR
z`pgM24o(K1ZQ(+o(mq8etSfq{jhu~pu-W`eV(T&u<;%b-<4Df)2&$pH*s@b`>pyqU
zP}UD5tBpr-wuNcfUSq@k4fma#I<AG`t^bNj|H-L;c$SUEihnWmI{iwn0-nx!3mvOt
znGJXbZv7_>I<B{wjKMt*rt!Mmh8v5!z{b@NG^-*xoci@Gjo}+D8;5(oWmPur_z<hr
zWk3z=n=L#O_XSGOIR8kDl$GL)VChGjRh+Xq&$H}ynDWcx9H%H8cUm?P_jt=z+PITo
z`hOraxL4V5lW{+ZoBfUd!_UeipYy4Jm4)ucAvlHe85{5(%cjEgzZht!uYoDQ0?yAA
zf#V^V24W%S=a$vL`15<_8yi<Y1g*9I9L}F?xYuEhme}dQP=d+Ylh|HA>KkHv7D}Mn
z%Cx~IHWRmgd-O!~J(vnIi}PU1KK2s}evGM=WuI6!hj99z1ay3ASuyTYVFS?5VDg@;
zA6Xk^18%o)9v-LJfM3|i^I@ZHxGya`7j}kaU%~hbm2i%=>>JCpy5`vQzPEADgH86s
zm4!k-Sa?3L&<51cNULSoYKG3SY!^&%7I4n-BlCM=F#i1i@Mx}O@n41}>Ck-3ez)Nk
z!WLMTKnDJg>Rtp~2vpPPXQK~7FXmii*&#5+xrDPq4i5dQv&O-toL5=a4yLYN#JSWm
z{d%*UmvLT;LwR(x;V#ErrvIH}AdXHzWxSZvSk@b++Ld$a_h<*95gU04?&g-I!?cWC
z!MVR>@n3De5~g1P9*hpKaVv0N7qH=>fj070z$)B2hM~&%YR<PP%n<Zs%dWv)4;zY(
zfZ+@+<?OVqQ?rB0CShvPJQW}QLLTR2%SPMK*C{k?1bVt<%W!Lz*6Mf$Ol@{Or&ejP
zu{NB+tyNkq$Fk+P&kop;p>aU|LY17#L`&-g8}J6)Z*qo~H8kt&JhN<1vy3uL(9<|4
z+c3A{ZowSYk#E@w+~+U>wK7hDscCNG)b9&waVvzWz_)Yiw+C}k{RFhw9h`Zv322dJ
zcjBH5%hUXuY2jT!{et2|bhc$HajR9PqQ#c2!mU;jn+L-gs{UWKy$5&|#rwaV6E^gg
z5CY+Z5{f7#B!tkbfJiS=1f*B7(0fThnjj(y3`hqlQl)okg3^nkA_|0}ARSaXy!U5!
z4+$9j{;unPy}7uV*_mg0*_mhd?1E}VZhc(0#n@FVa_fs5|NNGK-aW0qfwmljWGNSl
zyffw?O!+SZMI^U4OeL}$RC-N)Lorpl70?;G{yuQ!zQV2=k=$@sZY6fLg8oLja;vaM
z+p9k;degP4bu|PK^Lv<MT){QiQ@C!v7hbQ$O+!ahr(Sxkp|cJ&bmTV6jc+}6)u5)+
zxwt9Q8$dNEx7aV-L^g7vDwN}V*KHGaRiWG#;Ko1uOJhZ`^u(^WX)D4lptr3vpZYCz
z-L_&c;<_!zBpSc3L2qx@6uZKai}l;ag=PuOu`3-%zwOwMt2+2w?Yiy2t{Z{o-L<&!
z&u=Ga4WU21(p!n_f{$IdO|IKFxOKx#^YdocZ8!Gb`VfQuw&18RdqAr_&BfbrQ|Z2i
z5ZpBH?r;NthkX^E3ck~I+l$@zag<%I+dka%p_O5n-{8hS`%`N>aQguJcNty516=II
z(a-F#m`3Ec&-FTleI8yTF!#G|hp~U*x*c%cj^Jh#1%C%!x1-qA{F*Hf;U@26pq7@~
z5m)Ye>}qMb9knPH?)InK)Wn)rk7KHjY5G{=x?RK!<@!fZvrA4(SL({|Cs4wgYAxK9
z@Xw%x<)-NztKSJw!gAAePBebMs9I-Y`<RO~uHZ@R>eO;ei(7KcUty8!7KED;{tdbi
z;is5d7bxLVpt*1ore0sJginJe>nWI7aZ|!)K$G<pHEWnF7>`{M=r6nLb{4yuKz})0
zw{zI-k%y^Gf)Y6|w-kPUb1-wcZWpk3bKSySx8HG71{Y%H#w}KX{{ZE1F=iedmBWjm
z9Lg=f8~Bp^RdoJd#!V&u6As|E9J7EccNu#ZB3Xf1(3QJ_{X66|XBBqkuBuzNMo^Ph
zgzI<>yI#koNvnwKb{)HNtvM#rb-RIGnby=1g_|;c6O?JW=`HYB?Tx7KOA^Ihx7)a9
zQ2@1n3D@y2F0Z<!D~X$|f5TcVJ23S&ct!XRXhppfvn+0k=MHG~tiOt`++FM+xNenj
zQ*GUYmbhv3>uvG&x0>#AaUS1&m{r}t53n!B?GWZ`uG>TGss#--y;@$Gc?7Bj4Xf92
zQ)V86YC&$bT)8LM6;`9Aw(F({>}7<8Mjbb>2S){#TLV|npKA><jf^*NQ%RC>tsy42
zMy{O2b!*qHu^V3i*BaUyLCtW}&`yq<hBj`o_PgmraZG`u#<m1UBB+{6iJOL)hR}z&
zDPca~Zoj|yJod4;ap{-Zl~YIl$dyZjTZCKvAG>mCam(+zjkn#Jpkc*PJy^X~@3-et
zUr)CaRwtX_MwkINFB!ar+h?v^M%=Es5l(d70&%-(!c#N3s_Uq`Om@Ba7P<Y!9Ca7t
zMjMQqw(ja0Q(d{txT)M~-OpXQ5Z6ulo9?>tMOV93)j%`duvxLIN6;8${AS@umi<C;
zP^+qi=DC7;U#1dKfG^w#Gp3d_b6qZTDBQ|zUQT0OOeM|XUAV?G!<M()6|Cps0{jkt
zz(qI&he4XYeIV_gUYooN^q%FNu)uUrYh}v56zeir4lCd*7z-akjG2Q-cwVge;3dcp
zFT*QP0Ho&o-5gJAmEa5|T{<g&K5g1O;19_lIY>j-8~TDYbIncDbXJpCDdeg_4Tyo_
zAl+L@C<S`)e*q{25fBMkARB~1F31geU<cLK1X{pLpo#KNYVa~#fva#0u7h4TIfgIr
z7D;bq?|6<nJ`We*clZM|yJ|L7KV)X~Q{U5s)*lAIKo|sC9khoI&=ESpTTl%uKxHTm
z_fweV>8%2>dhfp8@c1WnQk@Z018TxAT%Uv=Kngd$J?+P5r2S%`IQ)go-|!FIfxB=I
z?!y7X=vCNzU@c68Ngz#Jb&&Q=+O}GHe|Bvwb)W$>ghntL;z*<jW+X&GK`0F2;Dzjv
z19CwK1j8W;b65oey#aqeWW+rXf*?I)fV7YjzDiz*+Y3Tc>g$673t%BEg2f<}g0ydg
zfk$!tGg@t{x2GBPK?vRYJ&+76=#KmMa2!s6-Xo$Rt0Af(IRiASYZBL_{fb$Z(JB&q
zo7UGiOLVW+efTcdQrg`I57)`yH1;!a7XE;rL0?OKMRf#WkR5bW`2yy{LRbV}f^O48
zpdV-}@iugU#+qW8<oqgvlvjFvcSZ<=Ajky4kOES|R_db`EnJqwN`vNM59nii58*p1
zbvn#|nIPTQ9GDBzd3DD80EWXr7?h$Fm5XHvNYT_B1|z7?2%LuIq@iyW1dxcnWzdG}
zwvY<B)UXOSE%$fezYBIl2HaABJ}*+;lnSy6zM>nVZh*SQ>yEBFcqu3i7f4QOC8?1v
znQ=i@me`wEZ^K{kH{5}{a1ZXoLwE#_LAM<bNYPUV>VkAR($h2o>1LXM^fArhEocR8
zpdGY_PS6>;z<d5Q&HGroL3fajMLLz<AU#Sy7yyGnI+P(W6o$b_7zH1~7?7GoYLQPs
zs*ulM8l6W91}y}Rn{k;eZ|p9t-@tCz1KUB%GcCuo`qFAE7UEzi41*7#FT4r*;k#ZT
zuMNB5x}55Uq~_5=Qg%qUkq@^sw2F?5wqve_ec1W<ORV2lw8L10-UaQ>wHfaP+AwQ_
zto?9XXa^mj6KKDyy=-}?02LvUM5CZ6L_=BJq;vAa^nf;VKZCS;zrZONldK4dWBCZi
zfp%@<K^oxRFc2C-Q;>GPhB+Q=<&0fNfwa%s3EDDg&oc!k!DP^_SPS;UpvBt`*a=(V
zL(n$mU3d?=LO0O+_Vo__@`P<iQte?46;&2fXC>vK0#r=qXL@F~!ed8MC@s44LOy84
zbqt9Yhtg06%0mUH2x0hZy(?Xs*0`4lBkiKJiCW&q!+Q7vv}9cXQ$fn+=^zF3K{y15
zrRA3TTkF^qkP?0*kuPB(OoQpLpOS5a+3+!Z0@@dS1`}a2^np%<?*Ij$AQT2I(uzP7
zXmR!uR3XmSppq8I()MKqsT=Qr)RX$Uofclwecpswa1@RKx_Mje{vqZ}BAG(Mov{~%
z2k;Q?!D3hn%it@Jic_CYxC{kJ?;PeSeH-Kg?PFm!!_?W`St8UbumuFrmgfklZ@q;>
zp8qh5(&h(=X9CoPdY}WP#-NSZFwoai@^GCK^r4g3H2l|tgf@_fKB=P@7kz=?d{_YG
zxz?w(?!W_h0u6C*0&jvA?$W_%vECZ=`s)#(gO%D)6<&jCP!n{DQVCv#2z`r9>qIYT
zfw};)P~wVQmxOQ0TyIRBSm=bJFN}mypqkV7LUanDQ-{_t5ZOWCGlyeW;ly?dsFQ<l
z;4JP^@cXO%rJUEMTMBt?w542^-dwuw7SIwp!rLGfc3&6>aqs~Q2Wgl;0%?XP5wWya
zDo}FbO94{men!nrgyZ;07kd&8s9mIl)#fQT)Pt_j2HJv_+U-H^!YAh|p_(G8X7I`V
zKqlUSY}9IH5`PK#{E!#AP-C(0B&s$!c7$QL4TUz4xLVtB-5%P4F9Z9jPJR1w5ByiZ
zkYZ9=PAMb%!vH{4o7&Mta`Bo8&1N-^ElE6usYU4yQ$R{c1*+A_pql-!bV8}=EKrUp
zrQVAHsr016lgdsSx}Qix8n`ncZCX$02L=4m;J=Nf5j2J-@Fs+lfqakwdk{#AmIl(n
zSGcbPY0<uiFU^EpRy5Dx#e1zRg@4866l{a-umg6(KF}AFr4Rc8rouBJW51xFzCoy#
zf4<PZ0jJ%scDvf#{+FEeP_saKrc=as2I4{A5Ld%@g3j<Zuy2dCdxAWCT}hEA)ios(
zPZ#?Qq&tvK;X8OA($ekTr?+&4Zi#x0ulKyj4EMDA@9|KInjcI_hQLr52Fs~Kbw};C
zyKt>8DV<Pj>{9uZg>pbM+pYQH`u<-<etss7B8BJO{vhQmunJa#4ji>%mu}~KP%h#y
zhr#e<e$D*e!Xo93I@&r&h5ZcXIXDj&L5+0;^B^pSMKA+=8BVHwo++mPM$4SaWwm{#
zd;M4F|LRhSyWTtG>|IErE7?6s+9K(O?de$Cw(fL?7YV;Y(F=hl7GI0X-iCUvMsZ&h
zPWqEjxPj~~xDA`(`8N16Sto8Jc#HyRM_Pj-UhyB1zbMiFs=fbR_r7}5C$fC@Xmay1
zsK`DyrT#b9I#5-Smct5Y13np_`J$Y<{%QPv&P65hSEZ7zhtbO1?>rG{rJ)6!c4%7J
z{sx*X)n5;T7H(Q{D`VOyt%oTv7W#k|yUM)QU4fu=*ejsIq=&Sic{3HHfaDO6j066E
zNbqmC0Gcv4gC^F~WK2D#B;<uWkQ=-Z3RxkGS(e*s=gDXS^Kc9pgi9cVKxU9aFc`8y
z7=%Mk$PPIm7bwQ!kRM)xd{7Lc;bnLQib50=hJsK4*!%lMKqRmQkbA7{7{f&gs0($V
zHq?SrAl=DpP!4KBSttWFK<?#1esX`_?RDI$gXF40C8z?G;Z>+e`nHlr9@RiX5>`N&
z5|k-_xhXMSE5Yv21+=&C3{v`NZ&nYUB>HQ>bwkj${|%@QaubczmE`FYYV6v5f{haS
zH^r{)c{6AS9ict6aIafqwt|+>7Ft6a*OYq)*UnhB{aRzjY7?Z*knTR(7)eN*BrSqe
zy4IioDxG9n!&W#2zrrTi05jnPd=JN9J$wlZAO*~YUN8}Qf?Gkxo5xBQuDwWakf4O*
zIRLXC^o9QBUOuZ`>_Dt@z`$gf<X$W7=`a<hz%=+AX1J!@XTvOz?0onF=D{LZ2<u=K
ztb`S?43@%TP!^V`uP(>(707cntbw&4K?LlIQ3ib#vKhNFD>qe?5)XxqAV0awEdaKF
zGARF}unmrY{3Ul-ebranic}FCf`hOhzJ`6U7k0vSP$WCxJNOp%z%JMg-+<(l*#n@&
z)v`)ZZoV4zWqhUvz|Zgl`~*M3aqzjF#IEN51tcSW14ZgHH~CX@Cj4b9Q@$lw$HINQ
zlR+9d1Lt7?#6w?AQbhvKVO4g|!adu0>dRK$*b7*LJ?yhE=fWdM&UFA-@WgdjJ3oZS
zpmvv><kj~6$oYZ#sRuI|=v*Kp1VJFAfz+V04xNE0o)lX0=|X}TKxY&>yU?MAN_+}_
zg%2sBwm$tq1EMkh`u3F~la@*0dtx?+X7CZ$D#T`J%=IixX-l(!_IOH1nJMO};3$Z5
za-kfnw9-jthBMexfO@r;Yn4QY4p~7N41r80ynt0RR$hu*QK(?bm#^>?(%x?>J^8D=
zVW9l`%B`@<6Pr`N!k}GsE{KEzPy~E_g|HWd{O}UwQzhoXk{h%x(4AO;qR7ZAuG`DH
z1|?VmibD)kM5YlHq`hYYkRGr$=w|#nNMTV3GQh9M{|KrJHGuY%ts$MBgZcr>_n?v=
z17GQnU{^=fo>Dp24&rOr0;){4&?Z<3jo>S20HZ)%Y9x$+I-p9|&RrGX0qVnWXc^0Y
zAAqV@J^y`7ZC&1jcj0a544ptt&=J%OYVG!zO`!>>)!%@sAZ=i2&@@^WvkX*(3Q!*8
zR~cS~*h>6Y1(b8;TDeURHQ+U<4(hkBV^)LOP!l90Kc8$Z>>5xiSzS<O6_>8-fvR0K
ztC~_;DkS}g=kTy-ORm7GYK_P?;LD89za?%8^cFM&jaZeuIVikJ+XAySsHqfA8Bn;k
zpv2|wtA1th9kqW^EL}joHy@}2s=d`iBSAe@y;vPI0wkv%oCnl#6|tJJD<~ssE@ei4
z1F-jpe$W?sKzHZ{eW14j_Jm#_PuT~;phVY$u@8Y^Fcjika}G5y6VAdM+-8ERc^sqz
zb!cVoBT$DO3#xwA${0uwvA&M=As3@T5##`Qeg>bw$1olyz^4#Kf-^9u!!-CDrod#F
z1QWr)RG1CAU(UkR4OaKb6$x(Uj|eL&`CJ@A{Y;J`Ru10D$o&Vl!eQ72J7EWGhiz~O
zz60H@zs39pc7r0{gQ*+ye$2hF4<vs84#H8*d)`<tR&^Cs&`D?oKZ7dB*G23R%Jom6
z)|6}zsE$;@x=srxK;6yfF1xzjFK`LcGX<rC)7aBs2KdwOe{((Mcnbc2i|{*WK_U0^
z&=mVQ%(HL?;^6{FUNV2dZBW?D@F)1fU%`G0G@stYyaCtYn)>}!_u?+*1Goow;2-!K
z)XHj2`Dcau5Q*C(%!lBiBt0;nfV%Bt7zh^b@{_wCW-{=1uTx`6J(XO~zsVwfRSHN8
zN+1+73urb7!ORSqAP9UV4aEK?vKcXhL9$sfB_nq=m71p@*RMcs$OZ4=mJKr}G|s_)
zDp_{SFz~w9atp`)66ArrkPlvl{2)Dq)@W5QD}yv7Qoto6Twgzvx~Nq;HiGL{p*n7r
zFv~+l(4oL|!cK*%*wvKPF#Rx<X~m&Js2eLz`PGCPP#uc7a&q_iOTLbK{W;<At7)Hy
z$)h;|>R~DYU(F~HCDsu44A`Z&)mfR&%$^@tvpgn!wAC#3E&SRLO>aychxGyJb=8VP
zU@!~<HM?}Z13=wD*XkmgoknBV02v24K!Zm!(+9X~W*UZB6Vo>{4duEP*Gx>Y_RKU2
zhmqhLg(I*Jhtvp3FePLM6>c`BZ`K)ujFx@lFdt%Sx%d(GxtO}vLOSt^Z4=j80BdSp
z4~zY)IT3tJp#LrG$c{&LB7t>J{{(wHrn8zgzZSDv$LerU8CAySf-hsrq%!Bru*_fz
zBblVux7zh9tk$@aQQ>^6X{lK)!YU5mnpbl8$J)#7RS0M^<O?8k9d2u(6ahov3~tJR
zmXmWqo3|dY2AL(G4Ew_WugXzIoQmn>RQW~%pTKbg=6X1T{Wnl^_)INI6PH4n@s)Zm
ze!j$0VLwD1TikdKVjeJaid*>`ZN=IE?|qni;XBw5-$G(H$q4!R?7AN)>Z7<F22Hg`
zFbncxE-Qc3F|2>V?{EPw!=G>oF2Z>@2Y<jB_|0@LVP!H$N?KNw6y53rDuK^T?4~$<
z;m=}^x5IkQ@&+)=Yf_f9g3W;vR$9+_C(chwSy@y0;yG_7l(MpfUnAIUxDLwFRk#9A
zqqW8Ob#p=v6vP+H4eY-9y@mazFe`~UUE&~4210%Ha0e+R=1b%^6HkarKJQ0(B~?}T
z-5~ccAA+jw0o(-@|BPMCa9=b^A#o6iOU$X^bV}iACQNuqYV1fUE2a6WgcTN>j6!)p
zjjRGbM%Y*8C)nlgyMEs8kG#*%7l-d!vKIcnJo<|IT#pEPrhEzABD*h~GM>2isIuL1
z`O1`%WX{^H7o%b9%Ry?KHB@ElxFsV<wdmVX>n@;U8D}mElDF^1pwnLNU>(a?4Ptd_
zQ<!KAVoI~DH9=9#C@2CtC609Mx^4T`1jTUc1wG+Cco(|B+n@zoXUulc8p6n??xa#E
zOOY>yely_MpNC|y=txONOSPdIyarXEGQ0|vK$Cn$%uJXSFm)cLL;J#9>j1wvXmJvQ
zSsKbh8PI`<WJ`eDbuF_hEF*ot>R4Wf8c-8zK^<ra4WKU6gZfaE#I(dxq6MJ<yn(yU
z!n6ixj;WH#-oka4p9-jjejCiTpu%>7j<NjL9y-7~plVX&syf-JBD*G33td5_m;d|N
zyF)kV0ZLR&;%k;M*hj-C_y9)0a2N(kQ_VC)_IpH@8GLOu7)K?nb{Yf&pg$yTroLSJ
znkjMfs9BzG5_Q*pxT_{rqXR*;q<E>JSi9=7lVCXHgrRuEfpV>O^JPw%Qbu$-kyLGb
zh`VG|I}@>g2A{$N_!vHck6^reJr47;WEI%IV3`b)pg(OSVMQ<<*1<G5L8PB!P6g?2
z6p==aJ-Bk(&znm8AYyYdm%=Jo0n0&(vpJYEK*};{^ORSq{f@#m@P%7~%xstiGr^~H
zll(?dc%k@Y5-#?s&^#QKe`)N#z?8mG*Nb2w%!dW=B`gL-Fde4CGOiP6QW;qZUx6~B
zI8{hr2G(F-4HNYfi|u%-6l-yi&^NFVHo*o^?u)r@&0N#xzK!c;_(x%Gfz9wTY=y63
z7wmv$RJdAR`@rp(J3(n|P>0q$q(r}iJ>ZMHGIj+j2foPHV^?N+fx6eXn29qiIr%H|
zic6VSrsTE{4#0jm1V<qD82=rG)(Ex%sZqL;%O7z25st$N_!;<TFUhpB$&LM295hI@
zWRlEWOhtYYesN7*v)s401?qN^R}IOnrnZ<hu$;!BdLp4SuE1GL1;~P5eF%b#xYff<
zyj^&V+XYZFq=Sc`dF%n^J-7>Z;2-!4uEACKJz0CFgx!hn3J!n3pKuW_fi^>zF_j7Z
z-Nt?kZo&<?4u6BH`99_&n1)@OoPL!o{%3X%HeFt|3atO+RV#&+QaRV3nf01=dHomF
ztg`-|_9ni%73%3@9$>_b<JK6$M3N`Z=QUQ&?v^Fk(=sZeXau|3)%aw=C*}F7OLo0-
zb84_>9xfSi*=MTPu%i9rQ<xz&tgMBfxPqgb4(=7vqjT|K&n;ZiA=swJJ9_(wU)3Eo
zJJtUE`~1PYoo!bQtBfbNc~ZkF7*Hf7a;8#smVd9-wDNjJn@%-(@}Yv6R+AjoF`frj
zs5w;As>2%{v)3ZY(`iiHeJiW!Qp+mlS!HJ7#uLlm%gA6-)V2=u>XV;pb5-61-Xd(?
zI#xDMF;k%q(Ty>`&BK^tde*Uq`riyP|J1Q+`9BIWRq9$rz0uq-(vszLA$ObI_~^`F
zf7L^j>LJ!ls7tufrcFI7)H@luK;-%y{$x(Ax<7nx%SB3Vp*f9Q%z6ZZ5xA7DU7j8%
zT0e9JxFLFRPL0o+$zO*3daTum1Ro~}Z$1Q6ZC6&5n-jdY(aW|#(TEuCP<G<H9!g1g
z|KB6>m`5s1Rt9wt31*!&aO${44U4)t;>PV3x`3%!pR)5+ng$rJnb`W&ZC$e(!`qC&
z83;T%-*+8)2feY&4s6$$D}K;;3FR%|%0-mj)#2ipHyXQ%Jgr%;2LW}o@N_rl-b<c+
z%JaD}(;Lu=ZjRiz-2x<8W6}R=HPhe?Vwh^)dxQMUWB8;Yxd}y@jeBWrxl&55L_}mn
zv8d%{4g$Q|YBNUIUgXjvH^2Y*QIFnj7>rybBO?aoSE#x1h84%_dAm16zJwWz;jNm@
zo+RU9@=ka?D9qeMzGy^rL`mjjv#p`k$q^4R<r-PpefI8+tP(E@7!~aV3^l(tBKJ;W
zCSzlI{->sDV;Z7{iEm88Z?Gy*E7qM?Hu%@DV`NmTE&X*c%Oubbfm{d_toHH5u$sk{
zvtkjHIXc>jfftj-rws`8-bYR~^H25Ci(Wlg=A(p&0!)!6L}YR}0-s-x+cmSt=GCe?
zJ0U+O2LF>e%#bElRyV@17e{z9r#X-y$Y*k%5WgGDXS{D}ze%El!ku<FyME(=-ucEv
zCFE+18HxZSdK!kmFUrN{Fqbh~2u6#<o$6d7Z}T&}$L?vZOr>Ep4lkyfd#>BYmXi~F
zoKpC5v)R;dO7w0jZV9jDF|(UmS^e+jF^4u<S-pXI?bTS^J9pL<D}U?NQB+BZh@vqO
zrTij|XA{9In8O{cEXhjx)iL4CxNc_3V0hmpoaWuMpH^)cIQ-{ocDP~@#aMZou9BN#
z>Ta?^%&cZseO}mhQ%>KRG|egKg}kQL9<uNtuc_Fa%Fb+>Hn$3<%AL>Y2E}-%uQkmT
zHm|-#f9YfTzQyeM;3c#4E%H1mzax3-)V3K*if%2%ORkh<rl^G`ex(&$#<p)pN;zy$
z{z$>F?12jtq>kdFDK6{%`%w+{74MMXb0NQpXh911kzgK-i+uI-R_l{z@K2CPXWF!&
zD0$343~z~-ot(VAvFxH^$=~}uL9V)4xylMoZs(+h3H;g$&Sl%X5kk3I^4i-idQ`|i
zJt4$M^GH$7KtP!*5cG1iXY9E-2?8rkR7;Zn*2EK=Y1PsS2s`Pf|HtHBx8_v%XLEw^
z)t60NODfmj3|;L@JM$|}+C>8gH;&)bplyP5L35C(y%iA9NZfH@!lF!Bs@+KtsBb*2
zNV|jaVubZ`<%-ujux`$$YX&69oryH{TG6&wBPT@$1e+nPtdjnYTW|oA6rJd(;+bpe
zF2mSp=Cro5n6IsX%(<EM)Piq;Cezl{+oj3<VWVH@SJBRWtf#4)IUq~2Vt&2Nd#wp<
zU%PRHdQzLsa?EEY1O#L@xjI`G_g|&uoz0A=c|PBQ(^*n~-g_Z2Mn)(vek;tJ&4k%%
zZtmn>+qez0)OV(P8>=?2E!@@ypEc%08|JB<CS6+`Q<~;&iElSEqK04U8S%diPjN1q
z_==K4CX%{ld|PfTVWk~`a<{jy+?O$?vpqB-CD7K)`kWZnAdrd}3KV($;oauJw_E{o
zw3GKjlWs~=5X0XYtHH^mBTD#DiLKkwp7wCe93UrqK+0O&?~obl3CNthI5p_hd~y{q
zamCxCIkU;w{%OUSi1rMvL?IK4J9THiYEPX^Gh34dJX5viaeJ$Es%+()+r6ESELK#c
z6G2F_sL1?gS_jHuCz>T$DL*^cp>D4TC>{|N>7<Lbs9(&aCq!S(Ja|How@m$x7z52a
z7+yV|qYk+zEYsr|moj9vYpQ5*Zc0IBmINXZ(6XoNl*1W@jIL!6C>Bw)7=<ruswEGI
zHpx3#*}PTQ{YfhN({=-P%$UvMs01!rs?;;xA2FEfcCrGz?OnI^S$F?><jCXm#Kl4~
zBC3>Mchj{K{a_mJwN4_<jGmK(RD-&WquH~hx!H+wB<hc9&U)WkAuM{`mXlnfAc+Ts
zTX)Yi7#(`T+oXSnj-tG0sQlW=4CSttv@6A4xY+Rq=dzb`shNtsNafqT;Env=E|ybu
z(ag|xo<e!US_@)(IyxB><Vy+g4%a10=igJj@4h_DoR*v`?xdRBPBqrF>EiTUikg*0
zPvT4O*w<|xQC!yM<Eq6?9pJ1jqoQIWq86GJgp1kb3Is;<sypbX3(gYL7C4O$H;A~y
zSAYK~W1$PFC=O$epplk&L{M+R>h|MnarXj`P3cp=Yrs>1s0JqL9dbLs)RZyPba=-q
z=-FT<=xW3ICGS{GJ^xx%1$$D|;7~*LXDV$)Fv>K?Fb&?b2ZY@ZdLf~9D0qBckE8Fb
zddp6csQ?X=ne!eKL6e$J6KoC+32HHZ>M+YwEF!v;W}Y7AIz5T6*R@$<WlG_=Ei?5m
zKE2p$%Dqpa{vd{&B(XZ5)gtoZh)fAFBsbj=pnr{(T(w&ElYwz}TTUHPZ2G<@336S`
zHVKSIfID_vi@n{eR;e-gSc1S(6MpGwvIk7Mu1H^Xr9T}S)^tdpzh6#}4m6bz;2qD+
zCHH!5`!T|}>;vk0E(|&zmmt@{jF&(x0w@LJGMqgcRp{aVhY14H%uSLtKX$cp@haM=
zjYR6M64IL@-Kpt%JFLz=r>*Ad4g|89_-+_u&EXyx?(FS|yOO4DciN|-8B7ekiTUU<
z?k>x_TVdQR_RFb;x%m%^k_X+bmHrRkG|PLCx*OeI^WFfG_3vp7<L-X6zdQf-w6ezB
z%VR%h8F#1F`0G*U^EeZFQ7xsDUOmYtv$@)n1Ya^Kda<i3W`63$1X9@?P03v`XKyRO
zQ_ECXM^?)8W(D2+Eq7;iDMzgv{Z{XA`ff?OQU|kQ1NGPy0ZlOVdYven_GGQo2++}3
z^ZVs7J9?8&KXbCT)yX>&xj^KyoT!j{`qB_ZWKUu2pm~KoYxsF4YJ`>9{L;so&4)7v
z_9ZAW45Q%7`&z}q{vdo-!l%wZsNSWl3vSuF>5}TPPu?<*`?4}h+rpWV!*)#is>a0N
zU6P1qn-J;8+sFG6U13ub!&?P8t)RXiKC|hf%Vlp!u4n{PcVrV2+mFF93IT0TOv|xd
z^VB;qG1&7SE?V(UG6xmIVpm{)Xi4wgpCj_xd5LBO`E4*Bn#c2v@ya-4V*0Z<{HcZM
z(%&lTAK${v#B|z_6_njsOpXC;!ks4eKi1OxI*d*D>;cv~M=Zp=H;_$DIa6s65x!>X
zkE24q9!O7k)~VMZ?wG7^KgN3}cJH{>&W567)edvpCd<;?-%~V#tqFUIDJF2RHI!FU
zem0nfFKxaZY}NJ_>fn@lUY9<-`#)};-DyTuUTITg2uW8l)rU})lO4^FAyoFAj!tFY
zEq>wjlojVDA@44eQkj(q^5XXkLx{I%Cud>TJX@Wy>z1A`ha45H<<#rE@t=5Gm`<^D
z!?C7B97bnTa115LHIzCTWV#NuF8Rhvw_#R2w?nwq)X_VF$TQL`TbkTD*uGt-PDIYl
zMtx$Ei6<Ur)V?3EJX&maW4x#fk{4qN4@Z2bsWu$(17^~2tCj!pPUfHCRxWQmsi-^j
zT;Js973WS=AQkOaxry0bwpHru2xzu_*vZrzNf%x*f);z#92`McY1G--x=tEVHub8%
zN?dWX$ik29_DIsKZoDI@S0`-Nn7}Shkv3OJcCu{8%k7Y-)s$Gc>(i-p`8q%JeE2#(
z+FR42QD(+Svh7YP{-dnoyoS5fD8|$@GiMZO*h|L{3(?i)_$b<bl4&v;?@8;ojpm2+
zEb8hnq}DTzVTN*Az@4c4?{qb-$8fiF<Njm}aXZq)K@~@P^~**Te)+Dsr{-0-vYc$G
zBhUuvOp&paEWVRzKbBta21{vHj%5#JhYmJvKC+H`%h6Reg{)b0c0h&_%m4EC4AIm;
z6n1~V^lVpmd-?zB;Gt&A$8;h$)tx5acy6shrv7-Vk+*SgXWhNx?Ip(#WcoUUJS#yO
zrGwcqo(k(@CVavScyl}rIm~4Eg!_MmKF)Z$(!N=v-^y;ULKtQrWwHi7+7~SC8nx!#
zYwczx)Ib~4f}q}o2&6`!nP>XR*Y3>fh5(BLwVa(!D6hM><p%b1>Y>s1SMm<%nz1Qz
zYGIQ2+MFgLCtJa}>;+XDH`466<MV7!m3t$?8dwOYFoh?OYUBP+sz={ke5Cqcvo27p
zQoGTU4wyCw=)J>(CNM2wel>xOk#CV5gUr)qU@^a5<`L3izYKKhtm}=wRYJxzOh$U{
zgmP)1Df%h#JQ`>^eri?G-D~Nm+`a7ENRa?)mMnQbqlX5Y9qX*N=I{V3h1u|#b;!G8
zurn3cNqfQEDKNYPky0-zL}N2&qLarh6Pa!%qdbxRq~4HsxBR+t^-{NLqFGy*>j=ga
zj&-`>{K+$~1mtR62?5nHF_p$gz3az1uPwYhKE4<}ZU?Pw%1xqH>zXE$n6R3gvAXJL
z=1(H41<k+>I65~uQ*kmQgH6_CvUG8n=`)%B?B4%w4|8URtQQ|g)EwV?kDD_R_L$$0
z_j*5Y78+|WTzvD~<0X%+rxS4r6KF`Wo+*goeFr(+V}_-_z38{I$2KL%jWDecDE<Wk
zTK0XH_tc^d3-%335ZH+iI+?g44Sy?j^yI6R5`4~mV3r%|FWGQswKj0>j2iu#oJb^*
z+r%pq70d%;)s7kSp|c%HlRo#y%__Z-p3=BF>&dQ<H~i$i+Bx3zP56{^t{FUq{I5hH
zBbnITVC<2e#j3cgT(!Usvl0RSV;`CWQ^?DC1cOzM_rud4{eInA($Fpy!7=8^6sD8{
z<DA85pYVf&Ke~|fYJz~fN@+9I%E^nwhfYPf4#Jv$-r8O0V(8%fbr6oUZ~7dJ9iB?b
zMwwPCF}^hYSNa+>#MJ(rk?k~S(wky?*X(SHJ?qTI&$)f{{n#ns*!B}wZuw;|D;;;z
zAf@nWB(cks!SFvl!8D#`)$-Q=)akS1Uz#)M!<qFr1wU1jy~W4Dsj)5y=*DvM??Q`5
zT669t2=rTjbDEXR^FMEJd}PF4DA>!SyE9l7xby1xnbgo{X2ncuXwF2ZO}Fg*p+kJ9
zNZr5OyW}zxJBxg5aRqX}mF?YWv-9V)1!#6ovP={L{>LVoTC=zd*b#<Uw3HK)Z@^5Q
zMWvQD2Nh4ZNlrpbw<cfPG~3SB#N$p$uJXVQwbR7RwmSJAn`CCrra$DJ?9@~E$s#TD
zw+#P-i3)v``a`%mI-BU7U?#^L2H`*xzu&U6;3Ucyy5F0F%rhx?mr)`qR`y>Fc(c+=
z+lrGDx2;|`*XJ<28=7)+nKhD3+HU$|ltpc``PlDm7xi2-%AGx#vpbuy1oh-K^XFR8
zF~c||N`>6^Z26LJZq@n>DM=|r-Nldr`Q-FJ+p_+(Ynt`hU}^px%ja0AuE_+=h(Ksi
z(7O%uWca}iO1T%9N(gW=(_BV#(|ev(u$-Ch%nxPJD=6L@-wf_H{ig%=F^SeAk$%O9
zO{H$S?OMR}Q&)A!p;D7)=YYmLZ-z5gW-k8pa!BT5BM{I%jLd#z0>2=sJ|_MPbPg51
zK<DtrOecGH?+@&}^UaC#{XJ!I(T%Q+X@&6H{kT*WwQss>=gbVV8Sw3J$&5=9H!^k%
zYSGV;&}fZHee-gG*MiylkHjSym#?|`X@;*;War$_eY;S#(|PPLcBXWbRH{kcOx4LK
z<Wy5+J_1SHs7p~j6w-;o44O|rnrF;>y3IVZpD<zPW;^%F{s+Ik5;CxU9Eod)5b4#~
zlNYehN}@4Q4X8vfuJjb9_5$kEYdS3;r3f=kS5?hgT~#!fWH`M!M=2C^^PI}e^W&Hu
zbG{hVmmHuiQm)+<Obhc4Yc!^@5eo_E>=rc=E1I0kad)K5M}YxB{wL;}Y>TX1x>J>1
z!~ioqy&g!_e$l?w;JLNBzCqktSFqe!WV$Y5B%WEo$9SxZeBfipmsWJ)j9)snv3EuJ
zP3;?&&4qkqgw$bv9r2O2>R!6sYcp4zeZ!y6XNNDg!oAn<2vQOSPL1td{goO7ac{DF
zOpC>2c%qrG*lLw((Gq7nV5=cAoAgVp9G)ho@DkdsM@{!W`Q*y2)Y<ms(}q0C-m%!a
zh*0)O10|P~;=z%#6%U!pI2ZX)6yzpHW5++5zCKUjp9#@*!6yekzgNna^6$!3zDe+L
z6b>fiQY(3qiUud<Kohl;8ZTmMVkD_(aO7f5tmGVZLJG%ip;^6@DS7KkcTJMM)cZl1
zYgVVaXlpH3_85=U&-siO!@HB6g;tK|uWZV;J=de7ZcEVYi8XRrvd8!>TkQ;=A7)qh
zvr_y+X?)z9YF;x#F?!9m6&UtHzF?{o^PTlT68%Vv9MfRA74%fd2^w~KjnhS=*M(2|
z%76X?e-HDVJ$qbTW3FWg$m;*k8nb1&RVCFEBsEcZ`JNKTC%(koEVw=PxtzE<^cX)!
z%6oC0Q$>wNwn^V*-Rci0kUJ!u@Fwk7RyO~e>rBPK0C#`#%qU3phzOL48fN@gi82vt
zc6~()6yE4eL<>K>+To=(FIOXaRI?h;rA?sL3)M_P8UL|}$iY;e<av)>C-!-dPCOqF
zO<0oWI<_3=I+3dwq)DFZ*b?@+PB2PL24EgDcoqF3$-^C6z&_m3u3G0h=JYBi@+8l7
zY~hjSiDFCgT*nr$&vo3Sox>e8xMU;A!yVhlKGX?i`8;hkF(-LyW6Rm6Ho;|Vdxuw?
zT|mmf@&z||CLXZQY;2z-PjhS^jze>-v9g8@-{IWzjxYXY@94Jm(Vq`t-j*iwhaIND
z8XiOVVW*jmr2na%X44wBDSzxV*SJo6uM0ap!Rc%}g3A2es@A9bozcS#=67SKDZ7^D
zdGRgHy*=4mx!`d7o{;2TNwN8{SNeMG)4ftrlXo5WB7370&6oYyBo#8V)>+}sPH7ri
zkrwOOr|&hp*IU!Pr*=C7@V$L?Lu#Lkdy=qTd}g=eUAf2U+YdKy95ptyce8|3SXVLG
z#thv~-*%Oju8wn<sksqHSJmnGg&iv6+&XHkeRAg1TW1<^JRwaPUEu%uwAMa_jrQqE
z2bme07$^UKrx#*A*v!h`u7_yfaqs$To2`=nXGMF`XT033{rpOp@o3^>k{lhjK$7FZ
z_UXsB&=@dD&H}c8J)-%Ly?tnEDsV9AO>*4W!p>oHY1^LU)MNYPdD&Td?ex1=?WIfp
z7430n`#49$xomrqvxDtp&j=dp55A`3I3qfR?W0L;8_TAvq@V?1p?9*RxV@{(YY8bN
zc?52Ub*4Kf?IfozTWY0Qxs60KoBbHxk))%!{^*>H*}r-DQr(1fmYFA#b36Vso!h6}
zcSnQU|DPQq_LbLIJD4#3bqFxbH-g+l09Rm!3E%nj7$?<+>P{tRGhKJG4sxS+jt0D|
zIrvch3<yfyxb`Qd*6EgNpB(wwC%*}2L8inmW`)_N=`Nn_>iazpCz|>@t<2n>X6>SQ
zea%Ms*ET10)z$pH3nibE9pAGIX7M*1H@5!4S!6ZLfBnen(P?wrcU3z@_bAG#46`p?
zK#+S7mDg8-|KG<Z=d{kj_tTN-o->Cei}dSaV)sxs_Zg4A$L+U4#O+_5vqpt3)wMcs
zpADH|Dm_LAdv=c%l4>_nQmH(9*7w}epHB}z>|3VdXPU<x`4*+RJ4-sXnYd!8pAO%#
z_BB5_bL6|P+)h>SrH35!N@E*?rk&3fe`giUvk3vMngf1z&ZJ_>#$>I0@soM>!qXPa
zZLWXE#8D9etxP-5Z@g|oy#?J81X|*w)3&m?^0j>J;@p@7pTVZwUfshH$c4b@%MBN-
zSx}3y?90Sf(;Wf-Q$L%J_HrY8f}qyLd86t_RBpCue1c%O*`}DPoNx~8_LdpkI<ohu
zHxdLoncI6=I>r3v6z9~F3BPs9cesGvhjjSiSIJb`M;p~MzhQV=BNt3c<DQ%^bfH2U
z-y?9$lfBG%3A`X8Zj*LI_AcL!t2Q6CE4ZI7ozE=WPryy5ovmr->uatzDAwy0a=>m(
zhf?;2D%yJyrJOdCo$n2bvns6B>P|ahvN*;RIe;#0&Kc)4sYB-ze|~uW)DM={vTPH1
zniro?g6>UTa73E8!)!x*KF7|OAqS|zD@b^e7<}}}_kFt`?wlZz!mK269>Ls?;VmEU
zG<V_7`2(7c3-~EPuDN+4fqn?6%|Z(wdt=e2X=wa>Nquete<q@(=K5I{;~fvuGq;(c
z2WiIR7tHj7tY$7>Fs*-PQt~&4ai){r{1qeG+&qj?*JM9L{O|wns0HVK(Z1WB&HaMx
z*@c6B9zZws4_U1|Yt2gJ@~lNJf_&8e!^uyBCdrD|?Ec2P{ye;7FSh*NGnIa_sv;kL
z)QV2!lXqO7UOKsbE-P%Ql(7RQ-;t*YCJG@>v;Bxw$c;O}Xmpf?kCVZt@=o#0-J@2a
zr*2Nk&CfqtuO%(+v9lR%J|UDV;imFj97za1mFR4|KTxB6t~m2`+SDD&hjq?*$Enfc
z)aY1K7Xe?hc;_IPl`7qGXa2qZzcgLu2%=B$+h}GWm~<`uJEu=G@LXLx`7zgyTZK~l
zn&aA4llMof7LSy6|B)1Gn6ZhB|EQ+tqW%xbXS!urnj6me-ctB>rQ$Pojg~%?+ZVec
zU*~+bS3c9}o))a5@x+tcXQJjydv)WvS^j6A_YNn0jnn~+I;NP=Dv)O?NnJV{KR4YO
zruHvHz200_3Qp(oKX$|9I?E`&M(8j?Z?`;q&h+m1bHd<oyX^bs(l7t+vd`r6X><Qy
zv*M0VH-%>^gg!}^5BEj+YzIl)z1`0Hf<F9A3L0725_kNkedYcwv-A|xN1%y4!$H@{
zQ&x8GOShd_wZzsG>o<qh{nnn>IY8&hca!O~RW(&51nBE=YfYQe)J!F_<20&N+X&~A
zyisQo$=DIMVqtRn3=5P0XypGfqb1#V|Hql_X(vmv)smh&?a>g*r;iiOkWZ`axsKh|
zR60-3a+~wtqn9?iex52?Ysy`)esXnmo^<Pr{4VAG^G{2^=)s=2KbZbqEuejRs<F*e
zJeke;Kdc-{KFSkgYchJ6>=((N`zVj&W<Sa!UD`W%C8<ku<Xl~vbCHxT&GAX<=^n?Y
zi@B;4l6tzw5unyCk-Gz?42JjAU1#Ytb?>S5LuPHOp;d<?XFu1Isf=?`q_#8WE2OC3
zvB&7W?Gwb3df>+i)4^<23Q0Zi;|SOqx={azcTL(q*_&VSn2LY0d8ydM*+%b-trOq%
z^yZd~2dP1sU|y`bA7;k=NugrQ!ate6#+sA5Dr^4!Gm!%S#Tw)PrJpx_F4Gl;n+cbR
zb*@>0;pM?v`xK$WkV}1gG>u<qFLmr=-u>n@0%6Ay&~l|*oo@ZJkJwq(E=H6l>Km5%
z`X43%`-CjSDv5T%RJ%fdoopt_=xoN_A)$Qc(G`p+ljSP6<SHiiDpzlqsaGlCm*$|1
zcE)oJ<6X1lE=FJTwys8)(|5VMue(N`7n`Hk2o+<FKEPOK3g5%nZE{}6a8JJv2Y75<
zXQLDG1%q<d9AM{D#~Ob1&3o60ueq5c@m^-Lu7;TFy0ZO3y}gn<flE#<JTZJ%&|X^&
zq-QOi!1kfsn>RSMJ!r<>;6D9xYO~-5XLJYC@KIGNr^v$c+kYR?7WENrZ0m4Znshf=
zai%omZ&DR@#zV~Qn<x*QAHeWU_JX&_z$z1e3r$<oTUJhQAzpEiirA)1toY3j8{X72
zp)s6AvZ{<SpWR|7uoVGqNV4!+0SUI*8NR#Pl+eEsWC5-0+R?eOhMM5p)ZN#n$ZZme
zGSzQWZoB?Na?%U81v-%pukeGn#*y!Qi(Dc(5olK3M)h?+)8xM>vz_^1Q|&Knl>e{6
z=Ezew4zq(zj=#AZewf)~pUW%>e{=5r5l`}xA!%EQtA(lmH>qbe@5qQUBmSlw|L|jd
z^{Ea$-+lZ2UMy-F#tmGNanaq3o_Df%^cKCir=9dF!D4>FRa=2m;h{mP%cb|XtGTG^
z`5HbU`1EbGZSkZOhjp;8<6DYnnS=L}?%#T-3xWNn>pv{zGiLSJM-M$~z0;_5<zYJ1
zQVi_Ba^s`Jre>qU2b5a-&u-f%syGiNyFK4q1PSHquV3<Hp7Z57=g}TpzhEoI-5*Lt
zoAP&Phsmbt9U8zH72bSwS8eL1P0jmt?avnS&<ba1c8`lPJMJVND3vuP?12($KDkRo
z?l5u2$A1kC)A}CbEzQ7tJV5tfor?rRz5mszqV8L@eLwMvNwU;-@9UGzsj*{ees4SQ
zv%-2v&(@|!Ijs@x{BUgA3wn`fiwSs0S)EZ{H|YnUmCnB(dS1u7G}KhPFf|^lZKu?k
z3-%xb8W<(`p`)4ekPhfP@$LUxcJt#y*1GNk;LbBDNjywlJeL!%{V;VXKhPWdh)BAd
z`H#q_6FBVod?q|J?LOt6Q@tr^jf0j)w#LDynef<piY(@%$5ybXx0&<U>YDA}H~O{V
z9{UkQGiD17>^#S7T0Y^iQd?D#*?f{bz;d6;&gy&q+<q=Si{(B?k4n0nv%M=eXxx-r
zgI1lQuF!$#nS1+5bv=F`?U#Sj;DCfDsr4(E$Vn@CrrmkCd(xQz{TLx!57Fyc_o^&A
zt9k;;IM3d@PsN91kMjFFx5s|M<j(XA@gq0v8|S2@Gpi7D*b@+1JSvYzukDO0y>V>A
z2btTi@(INF)xqZ_d@?L~ytMb{dG$yM*(^#neGeSzkk844splV1Oc`osW#+*l0w-9V
zp9$a^72~?9E4e=sPzxnQryq0JWy)sCsA!3QCJ<^yCnF8V$(zKfGxN1(m(J#<f<~D%
zR)BQ#6)b+n_3vk@wB=xh>`U;OV>$hLB+T=I`u4uKO6>>qRsN`$8Ky-5>AtuQohRo1
z{Q$pPc@*IVzf@3-*}qg!KZ)^+G=-B>T<50=N%q3QW=<+3=<R7R)|%!R{wE5W8>s?{
zn#dFZ*<3Gg6f<Kc8vKvt{U<az+nr4^XTkPCt`qiYpaUsrh#2EZ84&G%wUGHJbwE~A
zCnXV;HE-j_(|R*x*bn`5@>U(^oY5@*b@P?*o`tdzt$SkkOte|Ob6N0cUl>37WUrNV
z_NBB1(GT(FAg2gln$46XY)=u7y+=<`XJFrMuUvaoXB#{-Mq|3Aa+Wob7CTyJ#bUap
z4#?(awU)CE3r=p&`SuTLvm`6Z0bM#(PZE`-ZGh^`v&Za8lc>ZQ(^3m1P1Upk(J_ys
zoOMCf9u0FYc(cr~gp-@@MIE1kS2`UW9dsGRt?tj!Y{%xAW%`BTT32A+{we)ubvgDn
zE1;4T2bJoxKOi*0=>m#LDO@96Ku7LrE7JueQZwI47tj?YXs7hl`)V^SeL!u`>*kUS
zuPKp%`JuTPoPqh_|9T`Gwzs&)e)iyv%OS-Z_kUX}9e02|e^{K?bj?WZxQE0$%)E>N
z&mSHCKOYMFKU!yI2L|Ngmr_o3p4sg;wD#0epZI$=;G#QFj5!%d;k_n95JpK;8N>T3
zFDTM_ZPAEcnG3D#*ML$m_o++OG!ufzbyKq>h}vmuZUzN>h@O66CR+GXDf3mPfUGf*
zrJWT@i5+9tO|Be&*bZ$ku3m7yPrTonN115V8D*SxZReiLpWM%|<ZYfbSEol{p@|9(
z2#tM&KrV7tZg0MyD$knG&hoS+uUeR7FYC<6ht8I1^+Au_=MsEM<0EDAhNIbPwHw-_
zRf11be54fdtNixVY%xRmb%igs-uOs0y|TQ2{fpI;&31h(oaUK>!E}&~#+#WOC;2Nm
zTlMPvDlT=LzU9DQt`O5Bb3nzYWXYUy{cW=Li*s&i5|)$uzt&{_1xK`+yfE#RXs-2C
zQ-%{$Mm?Ckf9tE}Qs#i1;U9N&o;Z0cUyk9c2Gzg&{O=GxHm`&P<m7p{>KK8O20D=}
zm_H!yr#;uN)iwQbF8U=;-DDx|xj(JVxbpk3A=|mu@?*lujh}~2|1fwz*P6<%E=d{G
z{k;nhPR%p>LIQHQv0|jk5>SDe$f@z+C1VbF`lWwdFT^R~$R_LCW(kN$F=~5`fc4vR
JB;Ql|{{tW|c&PvY

diff --git a/package.json b/package.json
index 1592687..bb02a51 100644
--- a/package.json
+++ b/package.json
@@ -38,6 +38,7 @@
     "hono": "^4.8.2",
     "hono-openapi": "^0.4.6",
     "install": "^0.13.0",
+    "jose": "^6.1.0",
     "lucide-react": "^0.509.0",
     "react": "^18.2.0",
     "react-dom": "^18.2.0",
diff --git a/service/auth/README.md b/service/auth/README.md
index 30d792c..36f0e77 100644
--- a/service/auth/README.md
+++ b/service/auth/README.md
@@ -1,21 +1,21 @@
-# Authentication Service
+# Authentication Service - WorkOS Sessions
 
-This authentication service has been updated to use WorkOS for OAuth authentication, replacing the previous fake user implementation.
+This authentication service uses WorkOS sessions for secure, managed authentication instead of self-signed JWT tokens. This provides enterprise-grade session management, automatic token refresh, and comprehensive session controls.
 
 ## Overview
 
-The authentication flow uses WorkOS AuthKit to handle user authentication via OAuth providers. Users are redirected to WorkOS for authentication, and upon successful authentication, a JWT session token is created and stored as an HTTP-only cookie.
+The authentication flow leverages WorkOS's session management system:
 
-## Flow
-
-1. **Login (`/auth/login`)**: Redirects user to WorkOS authorization URL
-2. **Callback (`/auth/callback`)**: Handles OAuth callback, exchanges code for user info, creates session
-3. **Logout (`/auth/logout`)**: Clears session cookies and redirects
+1. **OAuth Flow**: Users authenticate via WorkOS OAuth providers
+2. **Session Creation**: WorkOS creates and manages the user session
+3. **Token Management**: WorkOS provides access tokens (JWTs) and refresh tokens
+4. **Automatic Refresh**: Tokens are automatically refreshed as needed
+5. **Session Controls**: Configure session behavior via WorkOS Dashboard
 
 ## Files
 
-- `auth.endpoints.ts` - Main authentication endpoints
-- `auth.helpers.ts` - Helper functions for session management and authentication middleware
+- `auth.endpoints.ts` - Authentication endpoints using WorkOS sessions
+- `auth.helpers.ts` - Helper functions for session validation and user management
 - `auth.endpoint.test.ts` - Comprehensive tests for auth endpoints
 - `auth.helpers.test.ts` - Tests for auth helper functions
 
@@ -27,15 +27,23 @@ Required environment variables for WorkOS integration:
 WORKOS_API_KEY=sk_test_...
 WORKOS_CLIENT_ID=client_...
 WORKOS_REDIRECT_URI=http://localhost:4000/api/auth/callback
-JWT_SECRET=your_jwt_secret_here
+JWT_SECRET=your_jwt_secret_here  # Used for any additional signing if needed
 ```
 
-## Usage
+## Authentication Flow
 
-### Authentication Endpoints
+### 1. Login Process
+
+```
+User → /api/auth/login 
+     → WorkOS Authorization URL 
+     → User authenticates 
+     → WorkOS callback → /api/auth/callback
+     → Store WorkOS tokens → Redirect to app
+```
 
-#### `GET /auth/login`
-Initiates WorkOS OAuth flow. Optionally accepts a `return` query parameter to specify redirect destination after successful authentication.
+#### `GET /api/auth/login`
+Initiates WorkOS OAuth flow.
 
 **Query Parameters:**
 - `return` (optional): URL to redirect to after successful authentication
@@ -45,42 +53,127 @@ Initiates WorkOS OAuth flow. Optionally accepts a `return` query parameter to sp
 - `302` - Redirects to WorkOS authorization URL
 - `200` - Returns JSON with authorization URL (when `test=true`)
 
-#### `GET /auth/callback`
-Handles OAuth callback from WorkOS. Exchanges authorization code for user information and creates session.
+### 2. Callback Handling
+
+#### `GET /api/auth/callback`
+Handles OAuth callback from WorkOS and establishes session.
 
 **Query Parameters:**
 - `code` (required): Authorization code from WorkOS
 - `state` (optional): Original redirect destination
 
-**Response:**
-- `302` - Redirects to original destination or home page
-- `401` - Authentication failed
+**Process:**
+1. Exchange authorization code for WorkOS tokens
+2. Store access token and refresh token as secure HTTP-only cookies
+3. Redirect to original destination or home page
 
-#### `GET /auth/logout`
-Clears user session and redirects.
+**Cookies Set:**
+- `wos_access_token`: Short-lived WorkOS JWT (configurable duration)
+- `wos_refresh_token`: Long-lived refresh token
+- `user_id`: User ID for quick reference
 
-**Query Parameters:**
-- `return` (optional): URL to redirect to after logout
-- `test` (optional): When set to "true", returns JSON confirmation instead of redirecting
+### 3. Session Validation
+
+The system validates sessions using WorkOS-signed JWTs:
+
+```typescript
+// Validate WorkOS JWT using their JWKS endpoint
+const JWKS = jose.createRemoteJWKSet(
+  new URL(`https://api.workos.com/sso/jwks/${env("WORKOS_CLIENT_ID")}`)
+);
+
+const { payload } = await jose.jwtVerify(accessToken, JWKS, {
+  issuer: "https://api.workos.com",
+});
+```
+
+### 4. Automatic Token Refresh
+
+When an access token expires, the system automatically attempts to refresh it using the refresh token:
+
+```typescript
+const { user, accessToken, refreshToken: newRefreshToken } = 
+  await workos.userManagement.authenticateWithRefreshToken({
+    refreshToken,
+    clientId: env("WORKOS_CLIENT_ID"),
+  });
+```
+
+## API Endpoints
+
+### Authentication Endpoints
+
+#### `GET /api/auth/login`
+Initiate WorkOS OAuth flow.
+
+#### `GET /api/auth/callback`
+Handle OAuth callback and create session.
+
+#### `GET /api/auth/logout`
+Clear session and logout from WorkOS.
+
+**Process:**
+1. Extract session ID from access token
+2. Clear all auth cookies
+3. Redirect to WorkOS logout URL to invalidate session
+4. User redirected back to configured logout URL
+
+#### `POST /api/auth/switch-organization`
+Switch to a different organization context within the same session.
+
+**Request Body:**
+```json
+{
+  "organizationId": "org_123"
+}
+```
+
+**Response:**
+```json
+{
+  "success": true,
+  "organizationId": "org_123"
+}
+```
+
+#### `GET /api/auth/me`
+Get current user information from WorkOS session.
 
 **Response:**
-- `302` - Redirects to specified location or home page
-- `200` - Returns JSON confirmation (when `test=true`)
+```json
+{
+  "id": "user_123",
+  "name": "John Doe",
+  "email": "john@example.com",
+  "roles": [],
+  "profilePicture": "https://...",
+  "organizationId": "org_123",
+  "role": "admin",
+  "permissions": ["read", "write"]
+}
+```
 
-### Helper Functions
+## Helper Functions
 
-#### `getUser(c: SurfaceContext): Promise<User | undefined>`
-Extracts user information from the current session JWT token.
+### `getUser(c: SurfaceContext): Promise<User | undefined>`
+Extracts user information from the current WorkOS session. Automatically handles token refresh if needed.
 
-#### `hasSession(c: SurfaceContext): Promise<boolean | JWTPayload>`
-Checks if the current request has a valid session (via cookie or Authorization header).
+### `hasSession(c: SurfaceContext): Promise<boolean | JWTPayload>`
+Checks if the current request has a valid WorkOS session. Returns JWT payload if valid.
 
-#### `requireAuth(c: SurfaceContext, next: Function): Promise<void>`
+### `requireAuth(c: SurfaceContext, next: Function)`
 Middleware to require authentication for protected routes. Returns 401 if no valid session exists.
 
-### Usage Examples
+### Organization & Permission Helpers
 
-#### Protecting a Route
+- `getCurrentOrganizationId(c)`: Get current organization ID from session
+- `getUserPermissions(c)`: Get user permissions array
+- `hasPermission(c, permission)`: Check if user has specific permission  
+- `getUserRole(c)`: Get user's role in current organization
+
+## Usage Examples
+
+### Protecting a Route
 ```typescript
 export const protectedRoute = new Hono<SurfaceEnv>()
   .use(requireAuth)
@@ -90,45 +183,60 @@ export const protectedRoute = new Hono<SurfaceEnv>()
   });
 ```
 
-#### Manual Session Check
+### Manual Session Check
 ```typescript
 export const optionalAuth = new Hono<SurfaceEnv>()
   .get("/optional", async (c) => {
-    const session = await hasSession(c);
-    if (session) {
-      const user = await getUser(c);
-      return c.json({ message: `Welcome back ${user?.name}` });
+    const user = await getUser(c);
+    if (user) {
+      return c.json({ message: `Welcome back ${user.name}` });
     } else {
       return c.json({ message: "Hello anonymous user" });
     }
   });
 ```
 
-## User Type
-
+### Permission-Based Access
 ```typescript
-export type User = {
-  id: string;
-  name: string;
-  email: string;
-  roles: string[];
-  profilePicture?: string;
-};
+export const adminRoute = new Hono<SurfaceEnv>()
+  .use(requireAuth)
+  .get("/admin", async (c) => {
+    if (await hasPermission(c, "admin:write")) {
+      return c.json({ message: "Admin access granted" });
+    }
+    return c.json({ error: "Insufficient permissions" }, 403);
+  });
 ```
 
-## JWT Payload
+## WorkOS Dashboard Configuration
+
+Configure session behavior in the WorkOS Dashboard under Authentication settings:
+
+- **Maximum session length**: How long before user must re-authenticate
+- **Access token duration**: How often tokens are refreshed (recommended: 15-60 minutes)
+- **Inactivity timeout**: Session ends if no activity for this period
+- **Logout redirect**: Where users go after logout
 
-Session tokens contain the following claims:
-- `sub`: User ID
-- `email`: User email address
-- `name`: User display name
-- `iat`: Issued at timestamp
-- `exp`: Expiration timestamp (24 hours from issue)
+## JWT Token Claims
+
+WorkOS access tokens contain the following claims:
+
+- `sub`: WorkOS user ID
+- `sid`: Session ID (used for logout)
+- `iss`: `https://api.workos.com` (or custom domain)
+- `org_id`: Selected organization ID (if applicable)
+- `role`: User's role in the organization
+- `permissions`: Array of permissions assigned to the role
+- `exp`: Token expiration timestamp
+- `iat`: Token issued timestamp
+- `email`: User's email address
+- `name`: User's display name
 
 ## Testing
 
 The authentication system includes comprehensive tests covering:
-- All authentication endpoints (login, callback, logout)
+- All authentication endpoints (login, callback, logout, organization switching)
+- Token validation and refresh logic
 - Error handling for various failure scenarios
 - Helper functions for session management
 - Mock WorkOS integration
@@ -138,20 +246,32 @@ Run tests with:
 bun test ./service/auth/
 ```
 
-## Security Considerations
+## Security Features
+
+- **HTTP-Only Cookies**: Tokens stored as secure, HTTP-only cookies
+- **Automatic Refresh**: Seamless token refresh without user interaction
+- **Session Invalidation**: Proper logout that clears WorkOS session
+- **JWKS Validation**: Tokens validated using WorkOS's public keys
+- **Token Rotation**: Refresh tokens may be rotated for security
+- **Organization Context**: Built-in multi-organization support
+- **Permission Management**: Fine-grained permission checking
+
+## Migration from Self-Signed JWT
+
+Key differences from the previous self-signed JWT approach:
 
-- JWT tokens are stored as HTTP-only cookies to prevent XSS attacks
-- Cookies use `sameSite: "lax"` and `secure` flag in production
-- Session tokens expire after 24 hours
-- All authentication errors are properly handled and logged
-- WorkOS handles the actual OAuth flow, reducing attack surface
+1. **Token Source**: WorkOS manages token creation and signing
+2. **Validation**: Uses WorkOS JWKS instead of local JWT secret
+3. **Refresh Logic**: Built-in refresh token rotation
+4. **Session Management**: WorkOS tracks and manages session state
+5. **Dashboard Controls**: Configure session behavior via WorkOS UI
+6. **Organization Support**: Native multi-organization context switching
 
-## Migration from Fake User
+## Benefits
 
-The following changes were made during the WorkOS migration:
-1. Removed `fakeUser` from auth helpers
-2. Updated authentication flow to use WorkOS OAuth
-3. Added proper JWT session management
-4. Updated error handling with `AuthError` class
-5. Fixed dependency injection to support JWT mocking in tests
-6. Updated member service client and tests to work with real authentication
\ No newline at end of file
+- **Enterprise Security**: Leverages WorkOS's security infrastructure
+- **Reduced Complexity**: No need to implement session management
+- **Automatic Refresh**: Built-in token refresh and rotation
+- **Session Monitoring**: View and manage sessions from WorkOS dashboard
+- **Compliance**: Built-in compliance and security features
+- **Scalability**: Handles enterprise-scale session management
\ No newline at end of file
diff --git a/service/auth/auth.endpoint.test.ts b/service/auth/auth.endpoint.test.ts
index 1f37669..a968967 100644
--- a/service/auth/auth.endpoint.test.ts
+++ b/service/auth/auth.endpoint.test.ts
@@ -10,15 +10,23 @@ describe("auth endpoints", () => {
   // Mock logger
   const mockLogger = {
     ...logger,
-    info: mock().mockImplementation(() => null),
-    error: mock().mockImplementation(() => null),
+    info: mock(() => null),
+    error: mock(() => null),
   } as unknown as typeof logger;
 
+  // Mock functions for WorkOS
+  const mockGetAuthorizationURL = mock();
+  const mockAuthenticateWithCode = mock();
+  const mockAuthenticateWithRefreshToken = mock();
+  const mockGetLogoutUrl = mock();
+
   // Mock WorkOS
   const mockWorkOS = {
     userManagement: {
-      getAuthorizationUrl: mock(),
-      authenticateWithCode: mock(),
+      getAuthorizationUrl: mockGetAuthorizationURL,
+      authenticateWithCode: mockAuthenticateWithCode,
+      authenticateWithRefreshToken: mockAuthenticateWithRefreshToken,
+      getLogoutUrl: mockGetLogoutUrl,
     },
   } as unknown as WorkOS;
 
@@ -37,15 +45,17 @@ describe("auth endpoints", () => {
   let testApp: Hono<SurfaceEnv>;
 
   beforeEach(() => {
-    // Reset all mocks without restoring them
-    mockLogger.info.mockClear();
-    mockLogger.error.mockClear();
-    mockCookies.get.mockClear();
-    mockCookies.set.mockClear();
-    mockWorkOS.userManagement.getAuthorizationUrl.mockClear();
-    mockWorkOS.userManagement.authenticateWithCode.mockClear();
-    mockJwt.sign.mockClear();
-    mockJwt.verify.mockClear();
+    // Reset all mocks
+    (mockLogger.info as any).mockClear?.();
+    (mockLogger.error as any).mockClear?.();
+    (mockCookies.get as any).mockClear?.();
+    (mockCookies.set as any).mockClear?.();
+    mockGetAuthorizationURL.mockClear?.();
+    mockAuthenticateWithCode.mockClear?.();
+    mockAuthenticateWithRefreshToken.mockClear?.();
+    mockGetLogoutUrl.mockClear?.();
+    (mockJwt.sign as any).mockClear?.();
+    (mockJwt.verify as any).mockClear?.();
 
     testApp = new Hono<SurfaceEnv>()
       .use(
@@ -53,7 +63,7 @@ describe("auth endpoints", () => {
           logger: mockLogger,
           cookies: mockCookies,
           workos: mockWorkOS,
-          jwt: mockJwt,
+          jwt: mockJwt as any,
         }),
       )
       .route("/", sessions)
@@ -65,17 +75,13 @@ describe("auth endpoints", () => {
       const mockAuthUrl =
         "https://api.workos.com/sso/authorize?response_type=code&client_id=test&redirect_uri=http://localhost:4000/api/auth/callback";
 
-      mockWorkOS.userManagement.getAuthorizationUrl.mockReturnValue(
-        mockAuthUrl,
-      );
+      mockGetAuthorizationURL.mockReturnValue(mockAuthUrl);
 
       const response = await testApp.request("/login");
 
       expect(response.status).toBe(302);
       expect(response.headers.get("Location")).toBe(mockAuthUrl);
-      expect(
-        mockWorkOS.userManagement.getAuthorizationUrl,
-      ).toHaveBeenCalledWith({
+      expect(mockGetAuthorizationURL).toHaveBeenCalledWith({
         provider: "authkit",
         redirectUri: "http://localhost:4000/api/auth/callback",
         clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
@@ -88,15 +94,11 @@ describe("auth endpoints", () => {
 
     it("should use return query parameter as state", async () => {
       const mockAuthUrl = "https://api.workos.com/sso/authorize";
-      mockWorkOS.userManagement.getAuthorizationUrl.mockReturnValue(
-        mockAuthUrl,
-      );
+      mockGetAuthorizationURL.mockReturnValue(mockAuthUrl);
 
       await testApp.request("/login?return=/dashboard");
 
-      expect(
-        mockWorkOS.userManagement.getAuthorizationUrl,
-      ).toHaveBeenCalledWith({
+      expect(mockGetAuthorizationURL).toHaveBeenCalledWith({
         provider: "authkit",
         redirectUri: "http://localhost:4000/api/auth/callback",
         clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
@@ -106,9 +108,7 @@ describe("auth endpoints", () => {
 
     it("should return JSON for test requests", async () => {
       const mockAuthUrl = "https://api.workos.com/sso/authorize";
-      mockWorkOS.userManagement.getAuthorizationUrl.mockReturnValue(
-        mockAuthUrl,
-      );
+      mockGetAuthorizationURL.mockReturnValue(mockAuthUrl);
 
       const response = await testApp.request("/login?test=true");
       const body = await response.json();
@@ -118,7 +118,7 @@ describe("auth endpoints", () => {
     });
 
     it("should handle WorkOS errors", async () => {
-      mockWorkOS.userManagement.getAuthorizationUrl.mockImplementation(() => {
+      mockGetAuthorizationURL.mockImplementation(() => {
         throw new Error("WorkOS error");
       });
 
@@ -146,10 +146,11 @@ describe("auth endpoints", () => {
     };
 
     beforeEach(() => {
-      mockWorkOS.userManagement.authenticateWithCode.mockResolvedValue({
+      mockAuthenticateWithCode.mockResolvedValue({
         user: mockUser,
+        accessToken: "mock.workos.access.token",
+        refreshToken: "mock.workos.refresh.token",
       });
-      mockJwt.sign.mockResolvedValue("mock.jwt.token");
     });
 
     it("should authenticate user and create session", async () => {
@@ -160,32 +161,25 @@ describe("auth endpoints", () => {
       expect(response.status).toBe(302);
       expect(response.headers.get("Location")).toBe("/dashboard");
 
-      expect(
-        mockWorkOS.userManagement.authenticateWithCode,
-      ).toHaveBeenCalledWith({
+      expect(mockAuthenticateWithCode).toHaveBeenCalledWith({
         code: "auth_code_123",
         clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
       });
 
-      expect(mockCookies.set).toHaveBeenCalledWith("user_id", "user_123", {
-        path: "/",
-        httpOnly: true,
-        secure: false, // development mode
-        sameSite: "lax",
-      });
-
-      expect(mockJwt.sign).toHaveBeenCalledWith(
-        expect.objectContaining({
-          sub: "user_123",
-          email: "john.doe@example.com",
-          name: "John Doe",
-        }),
-        "sup4h.secr1t.jwt.🔑",
+      expect(mockCookies.set).toHaveBeenCalledWith(
+        "wos_access_token",
+        "mock.workos.access.token",
+        {
+          path: "/",
+          httpOnly: true,
+          secure: false, // development mode
+          sameSite: "lax",
+        },
       );
 
       expect(mockCookies.set).toHaveBeenCalledWith(
-        "session",
-        "mock.jwt.token",
+        "wos_refresh_token",
+        "mock.workos.refresh.token",
         {
           path: "/",
           httpOnly: true,
@@ -194,8 +188,15 @@ describe("auth endpoints", () => {
         },
       );
 
+      expect(mockCookies.set).toHaveBeenCalledWith("user_id", "user_123", {
+        path: "/",
+        httpOnly: true,
+        secure: false,
+        sameSite: "lax",
+      });
+
       expect(mockLogger.info).toHaveBeenCalledWith(
-        "User john.doe@example.com authenticated successfully",
+        "User john.doe@example.com authenticated successfully with WorkOS session",
       );
     });
 
@@ -219,9 +220,7 @@ describe("auth endpoints", () => {
     });
 
     it("should handle WorkOS authentication failure", async () => {
-      mockWorkOS.userManagement.authenticateWithCode.mockRejectedValue(
-        new Error("Invalid code"),
-      );
+      mockAuthenticateWithCode.mockRejectedValue(new Error("Invalid code"));
 
       const response = await testApp.request("/callback?code=invalid_code");
 
@@ -242,17 +241,24 @@ describe("auth endpoints", () => {
         lastName: null,
       };
 
-      mockWorkOS.userManagement.authenticateWithCode.mockResolvedValue({
+      mockAuthenticateWithCode.mockResolvedValue({
         user: userWithoutName,
+        accessToken: "mock.workos.access.token",
+        refreshToken: "mock.workos.refresh.token",
       });
 
       const response = await testApp.request("/callback?code=auth_code_123");
 
-      expect(mockJwt.sign).toHaveBeenCalledWith(
-        expect.objectContaining({
-          name: "john.doe@example.com", // Should fallback to email
-        }),
-        expect.any(String),
+      expect(response.status).toBe(302);
+      expect(mockCookies.set).toHaveBeenCalledWith(
+        "wos_access_token",
+        "mock.workos.access.token",
+        {
+          path: "/",
+          httpOnly: true,
+          secure: false,
+          sameSite: "lax",
+        },
       );
     });
   });
@@ -264,13 +270,19 @@ describe("auth endpoints", () => {
       expect(response.status).toBe(302);
       expect(response.headers.get("Location")).toBe("/login");
 
-      expect(mockCookies.set).toHaveBeenCalledWith("user_id", "", {
+      expect(mockCookies.set).toHaveBeenCalledWith("wos_access_token", "", {
+        path: "/",
+        httpOnly: true,
+        expires: new Date(0),
+      });
+
+      expect(mockCookies.set).toHaveBeenCalledWith("wos_refresh_token", "", {
         path: "/",
         httpOnly: true,
         expires: new Date(0),
       });
 
-      expect(mockCookies.set).toHaveBeenCalledWith("session", "", {
+      expect(mockCookies.set).toHaveBeenCalledWith("user_id", "", {
         path: "/",
         httpOnly: true,
         expires: new Date(0),
@@ -293,5 +305,92 @@ describe("auth endpoints", () => {
       expect(response.status).toBe(200);
       expect(body).toEqual({ message: "Logged out successfully" });
     });
+
+    it("should redirect to WorkOS logout URL when access token is present", async () => {
+      // Mock getting an access token
+      (mockCookies.get as any).mockReturnValueOnce("mock.workos.access.token");
+
+      // Mock WorkOS getLogoutUrl
+      mockGetLogoutUrl.mockReturnValue(
+        "https://api.workos.com/sso/logout?session_id=test_session",
+      );
+
+      const response = await testApp.request("/logout");
+
+      expect(response.status).toBe(302);
+    });
+  });
+
+  describe("POST /switch-organization", () => {
+    beforeEach(() => {
+      const updatedMockUser = {
+        id: "user_123",
+        email: "test@example.com",
+        firstName: "Test",
+        lastName: "User",
+        profilePictureURL: "https://example.com/avatar.jpg",
+        createdAt: "2023-01-01T00:00:00Z",
+        updatedAt: "2023-01-01T00:00:00Z",
+        emailVerified: true,
+      };
+
+      mockAuthenticateWithRefreshToken.mockResolvedValue({
+        user: updatedMockUser,
+        organizationId: "org_123",
+        accessToken: "new_access_token_123",
+        refreshToken: "new_refresh_token_123",
+      });
+    });
+
+    it("should switch organization successfully", async () => {
+      (mockCookies.get as any).mockReturnValueOnce("valid.refresh.token");
+
+      const response = await testApp.request("/switch-organization", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ organizationId: "org_123" }),
+      });
+
+      expect(response.status).toBe(200);
+      const body = await response.json();
+      expect(body).toEqual({ success: true, organizationId: "org_123" });
+
+      expect(mockAuthenticateWithRefreshToken).toHaveBeenCalledWith({
+        refreshToken: "valid.refresh.token",
+        clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
+        organizationId: "org_123",
+      });
+    });
+
+    it("should return 401 when no refresh token", async () => {
+      (mockCookies.get as any).mockReturnValueOnce(undefined);
+
+      const response = await testApp.request("/switch-organization", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ organizationId: "org_123" }),
+      });
+
+      expect(response.status).toBe(401);
+      const body = await response.json();
+      expect(body.error).toBe("No active session");
+    });
+
+    it("should handle WorkOS errors", async () => {
+      (mockCookies.get as any).mockReturnValueOnce("valid.refresh.token");
+      mockAuthenticateWithRefreshToken.mockRejectedValue(
+        new Error("Organization not accessible"),
+      );
+
+      const response = await testApp.request("/switch-organization", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ organizationId: "invalid_org" }),
+      });
+
+      expect(response.status).toBe(400);
+      const body = await response.json();
+      expect(body.error).toBe("Failed to switch organization");
+    });
   });
 });
diff --git a/service/auth/auth.endpoints.ts b/service/auth/auth.endpoints.ts
index c5719a9..00cf2a2 100644
--- a/service/auth/auth.endpoints.ts
+++ b/service/auth/auth.endpoints.ts
@@ -5,6 +5,7 @@ import { describeRoute } from "hono-openapi";
 import { resolver } from "hono-openapi/zod";
 import { z } from "zod";
 import { AuthError } from "../../handlers/error.handler";
+import * as jose from "jose";
 
 export type User = {
   id: string;
@@ -12,6 +13,9 @@ export type User = {
   email: string;
   roles: string[];
   profilePicture?: string;
+  organizationId?: string;
+  role?: string;
+  permissions?: string[];
 };
 
 // Zod schemas for OpenAPI documentation
@@ -23,6 +27,26 @@ const logoutResponse = z.object({
   message: z.string(),
 });
 
+const switchOrganizationRequest = z.object({
+  organizationId: z.string(),
+});
+
+const switchOrganizationResponse = z.object({
+  success: z.boolean(),
+  organizationId: z.string(),
+});
+
+const userResponse = z.object({
+  id: z.string(),
+  name: z.string(),
+  email: z.string(),
+  roles: z.array(z.string()),
+  profilePicture: z.string().optional(),
+  organizationId: z.string().optional(),
+  role: z.string().optional(),
+  permissions: z.array(z.string()).optional(),
+});
+
 export const sessions = new Hono<SurfaceEnv>()
   .get(
     "/login",
@@ -85,7 +109,7 @@ export const sessions = new Hono<SurfaceEnv>()
       },
     }),
     async (c) => {
-      const { workos, cookies, jwt, logger } = c.var;
+      const { workos, cookies, logger } = c.var;
 
       try {
         const code = c.req.query("code");
@@ -98,50 +122,40 @@ export const sessions = new Hono<SurfaceEnv>()
 
         logger.info("Processing WorkOS callback with authorization code");
 
-        // Exchange code for user information
-        const { user } = await workos.userManagement.authenticateWithCode({
-          code,
-          clientId: env("WORKOS_CLIENT_ID"),
+        // Exchange code for WorkOS tokens and user information
+        const { user, accessToken, refreshToken } =
+          await workos.userManagement.authenticateWithCode({
+            code,
+            clientId: env("WORKOS_CLIENT_ID"),
+          });
+
+        // Store WorkOS access token (short-lived JWT)
+        cookies.set("wos_access_token", accessToken, {
+          path: "/",
+          httpOnly: true,
+          secure: env("NODE_ENV") === "production",
+          sameSite: "lax",
         });
 
-        // Create our user object from WorkOS user
-        const surfaceUser: User = {
-          id: user.id,
-          name:
-            `${user.firstName || ""} ${user.lastName || ""}`.trim() ||
-            user.email,
-          email: user.email,
-          roles: [], // You might want to fetch roles from WorkOS organizations
-          profilePicture: user.profilePictureUrl ?? undefined,
-        };
-
-        // Store user ID in cookie
-        cookies.set("user_id", surfaceUser.id, {
+        // Store WorkOS refresh token (longer-lived)
+        cookies.set("wos_refresh_token", refreshToken, {
           path: "/",
           httpOnly: true,
           secure: env("NODE_ENV") === "production",
           sameSite: "lax",
         });
 
-        // Generate JWT session token
-        const now = Math.floor(Date.now() / 1000);
-        const payload = {
-          sub: surfaceUser.id,
-          email: surfaceUser.email,
-          name: surfaceUser.name,
-          iat: now,
-          exp: now + 60 * 60 * 24, // 24 hours
-        };
-
-        const token = await jwt.sign(payload, env("JWT_SECRET"));
-        cookies.set("session", token, {
+        // Also store user ID for quick reference (optional)
+        cookies.set("user_id", user.id, {
           path: "/",
           httpOnly: true,
           secure: env("NODE_ENV") === "production",
           sameSite: "lax",
         });
 
-        logger.info(`User ${surfaceUser.email} authenticated successfully`);
+        logger.info(
+          `User ${user.email} authenticated successfully with WorkOS session`,
+        );
 
         // Redirect to original destination or home page
         const redirectTo = state || "/";
@@ -161,10 +175,10 @@ export const sessions = new Hono<SurfaceEnv>()
   .get(
     "/logout",
     describeRoute({
-      description: "Clear user session and logout",
+      description: "Clear user session and logout from WorkOS",
       responses: {
         302: {
-          description: "Redirect to specified location or home page",
+          description: "Redirect to WorkOS logout URL or specified location",
         },
         200: {
           description: "Logout confirmation (for testing)",
@@ -175,30 +189,183 @@ export const sessions = new Hono<SurfaceEnv>()
       },
     }),
     async (c) => {
-      const { cookies, logger } = c.var;
+      const { cookies, logger, workos } = c.var;
 
       logger.info("User logging out");
 
-      // Clear all auth cookies
-      cookies.set("user_id", "", {
-        path: "/",
-        httpOnly: true,
-        expires: new Date(0),
-      });
+      try {
+        const accessToken = cookies.get("wos_access_token");
+
+        // Clear all auth cookies first
+        cookies.set("wos_access_token", "", {
+          path: "/",
+          httpOnly: true,
+          expires: new Date(0),
+        });
+
+        cookies.set("wos_refresh_token", "", {
+          path: "/",
+          httpOnly: true,
+          expires: new Date(0),
+        });
+
+        cookies.set("user_id", "", {
+          path: "/",
+          httpOnly: true,
+          expires: new Date(0),
+        });
+
+        // For testing purposes, if test=true query param is present, return JSON
+        if (c.req.query("test") === "true") {
+          return c.json({ message: "Logged out successfully" });
+        }
+
+        if (accessToken) {
+          try {
+            // Extract session ID from WorkOS access token
+            const decoded = jose.decodeJwt(accessToken);
+            const sessionId = decoded.sid as string;
+
+            if (sessionId) {
+              // Redirect to WorkOS logout endpoint to properly end the session
+              const logoutUrl = workos.userManagement.getLogoutUrl({
+                sessionId,
+              });
+              return c.redirect(logoutUrl);
+            }
+          } catch (decodeError) {
+            logger.error(
+              "Failed to decode access token for logout",
+              decodeError,
+            );
+          }
+        }
+
+        // Fallback redirect if we can't get session ID
+        const redirectTo = c.req.query("return") ?? "/";
+        return c.redirect(redirectTo);
+      } catch (error) {
+        logger.error("Error during logout", error);
+
+        // Always redirect somewhere even if logout fails
+        const redirectTo = c.req.query("return") ?? "/";
+        return c.redirect(redirectTo);
+      }
+    },
+  )
+  .post(
+    "/switch-organization",
+    describeRoute({
+      description:
+        "Switch to a different organization context within the same session",
+      requestBody: {
+        content: {
+          "application/json": { schema: resolver(switchOrganizationRequest) },
+        },
+      },
+      responses: {
+        200: {
+          description: "Successfully switched organization",
+          content: {
+            "application/json": {
+              schema: resolver(switchOrganizationResponse),
+            },
+          },
+        },
+        401: {
+          description: "No active session",
+        },
+        400: {
+          description: "Failed to switch organization",
+        },
+      },
+    }),
+    async (c) => {
+      const { workos, cookies, logger } = c.var;
+
+      try {
+        const { organizationId } = await c.req.json();
+        const refreshToken = cookies.get("wos_refresh_token");
+
+        if (!refreshToken) {
+          return c.json({ error: "No active session" }, 401);
+        }
 
-      cookies.set("session", "", {
-        path: "/",
-        httpOnly: true,
-        expires: new Date(0),
-      });
+        logger.info(`Switching to organization: ${organizationId}`);
 
-      const redirectTo = c.req.query("return") ?? "/";
+        // Get new access token for the specific organization
+        const { accessToken, refreshToken: newRefreshToken } =
+          await workos.userManagement.authenticateWithRefreshToken({
+            refreshToken,
+            clientId: env("WORKOS_CLIENT_ID"),
+            organizationId, // This will set the org context in the new token
+          });
+
+        // Update stored access token
+        cookies.set("wos_access_token", accessToken, {
+          path: "/",
+          httpOnly: true,
+          secure: env("NODE_ENV") === "production",
+          sameSite: "lax",
+        });
+
+        // Update refresh token if it was rotated
+        if (newRefreshToken) {
+          cookies.set("wos_refresh_token", newRefreshToken, {
+            path: "/",
+            httpOnly: true,
+            secure: env("NODE_ENV") === "production",
+            sameSite: "lax",
+          });
+        }
 
-      // For testing purposes, if test=true query param is present, return JSON
-      if (c.req.query("test") === "true") {
-        return c.json({ message: "Logged out successfully" });
+        logger.info(`Successfully switched to organization: ${organizationId}`);
+        return c.json({ success: true, organizationId });
+      } catch (error) {
+        logger.error("Failed to switch organization", error);
+        return c.json(
+          {
+            error: "Failed to switch organization",
+            message: error instanceof Error ? error.message : "Unknown error",
+          },
+          400,
+        );
       }
+    },
+  )
+  .get(
+    "/me",
+    describeRoute({
+      description: "Get current user information from WorkOS session",
+      responses: {
+        200: {
+          description: "Current user information",
+          content: {
+            "application/json": { schema: resolver(userResponse) },
+          },
+        },
+        401: {
+          description: "Not authenticated",
+        },
+      },
+    }),
+    async (c) => {
+      const { logger } = c.var;
 
-      return c.redirect(redirectTo);
+      try {
+        // Use the getUser helper to get current user from WorkOS session
+        const { getUser } = await import("./auth.helpers");
+        const user = await getUser(c);
+
+        if (!user) {
+          return c.json({ error: "Not authenticated" }, 401);
+        }
+
+        logger.info(`Retrieved user info for: ${user.email}`);
+        return c.json(user);
+      } catch (error) {
+        logger.error("Failed to get current user", error);
+        return c.json({ error: "Failed to get user information" }, 500);
+      }
     },
   );
diff --git a/service/auth/auth.helpers.test.ts b/service/auth/auth.helpers.test.ts
index 889a8ae..481ae27 100644
--- a/service/auth/auth.helpers.test.ts
+++ b/service/auth/auth.helpers.test.ts
@@ -1,6 +1,8 @@
 import { expect, it, mock, describe, beforeEach } from "bun:test";
 import { getUser, hasSession, requireAuth } from "./auth.helpers";
 import { SurfaceContext } from "../../surface.app.ctx";
+import { WorkOS } from "@workos-inc/node";
+import * as jose from "jose";
 
 describe("auth helpers", () => {
   const mockLogger = {
@@ -18,12 +20,19 @@ describe("auth helpers", () => {
     sign: mock(),
   };
 
+  const mockWorkOS = {
+    userManagement: {
+      authenticateWithRefreshToken: mock(),
+    },
+  } as unknown as WorkOS;
+
   const createMockContext = (overrides = {}): SurfaceContext => {
     return {
       var: {
         logger: mockLogger,
         cookies: mockCookies,
         jwt: mockJwt,
+        workos: mockWorkOS,
         ...overrides,
       },
       req: {
@@ -36,26 +45,34 @@ describe("auth helpers", () => {
 
   beforeEach(() => {
     // Reset all mocks without restoring them
-    mockLogger.error.mockClear();
-    mockLogger.info.mockClear();
-    mockCookies.get.mockClear();
-    mockCookies.set.mockClear();
-    mockJwt.verify.mockClear();
-    mockJwt.sign.mockClear();
+    (mockLogger.error as any).mockClear?.();
+    (mockLogger.info as any).mockClear?.();
+    (mockCookies.get as any).mockClear?.();
+    (mockCookies.set as any).mockClear?.();
+    (mockJwt.verify as any).mockClear?.();
+    (mockJwt.sign as any).mockClear?.();
   });
 
   describe("getUser", () => {
-    it("should return user from valid session token", async () => {
+    it("should return user from valid WorkOS access token", async () => {
       const mockPayload = {
         sub: "user_123",
         email: "john@example.com",
         name: "John Doe",
         iat: 1234567890,
         exp: 1234567990,
+        org_id: "org_123",
+        role: "admin",
+        permissions: ["read", "write"],
       };
 
-      mockCookies.get.mockReturnValue("valid.jwt.token");
-      mockJwt.verify.mockResolvedValue(mockPayload);
+      (mockCookies.get as any).mockReturnValue("valid.workos.access.token");
+
+      // Mock jose.jwtVerify
+      const mockJwtVerify = mock(() =>
+        Promise.resolve({ payload: mockPayload }),
+      );
+      (jose as any).jwtVerify = mockJwtVerify;
 
       const context = createMockContext();
       const user = await getUser(context);
@@ -66,42 +83,51 @@ describe("auth helpers", () => {
         email: "john@example.com",
         roles: [],
         profilePicture: undefined,
+        organizationId: "org_123",
+        role: "admin",
+        permissions: ["read", "write"],
       });
 
-      expect(mockCookies.get).toHaveBeenCalledWith("session");
-      expect(mockJwt.verify).toHaveBeenCalledWith(
-        "valid.jwt.token",
-        "sup4h.secr1t.jwt.🔑",
-      );
+      expect(mockCookies.get).toHaveBeenCalledWith("wos_access_token");
     });
 
-    it("should return undefined when no session token", async () => {
-      mockCookies.get.mockReturnValue(undefined);
+    it("should return undefined when no access token and refresh fails", async () => {
+      (mockCookies.get as any).mockReturnValue(undefined);
 
       const context = createMockContext();
       const user = await getUser(context);
 
       expect(user).toBeUndefined();
-      expect(mockJwt.verify).not.toHaveBeenCalled();
     });
 
-    it("should return undefined when JWT verification fails", async () => {
-      mockCookies.get.mockReturnValue("invalid.jwt.token");
-      mockJwt.verify.mockRejectedValue(new Error("Invalid token"));
+    it("should attempt refresh when JWT verification fails", async () => {
+      (mockCookies.get as any)
+        .mockReturnValueOnce("invalid.access.token")
+        .mockReturnValueOnce("valid.refresh.token")
+        .mockReturnValueOnce(undefined); // No new access token after failed refresh
+
+      const mockJwtVerify = mock(() =>
+        Promise.reject(new Error("Invalid token")),
+      );
+      (jose as any).jwtVerify = mockJwtVerify;
+
+      (
+        mockWorkOS.userManagement.authenticateWithRefreshToken as any
+      ).mockRejectedValue(new Error("Refresh failed"));
 
       const context = createMockContext();
       const user = await getUser(context);
 
       expect(user).toBeUndefined();
       expect(mockLogger.error).toHaveBeenCalledWith(
-        "Failed to get user from session",
+        "Failed to refresh WorkOS tokens",
         expect.any(Error),
       );
     });
   });
 
   describe("hasSession", () => {
-    it("should return JWT payload for valid session cookie", async () => {
+    it("should return JWT payload for valid WorkOS access token", async () => {
       const mockPayload = {
         sub: "user_123",
         email: "john@example.com",
@@ -110,8 +136,12 @@ describe("auth helpers", () => {
         exp: 1234567990,
       };
 
-      mockCookies.get.mockReturnValue("valid.jwt.token");
-      mockJwt.verify.mockResolvedValue(mockPayload);
+      (mockCookies.get as any).mockReturnValue("valid.workos.access.token");
+
+      const mockJwtVerify = mock(() =>
+        Promise.resolve({ payload: mockPayload }),
+      );
+      (jose as any).jwtVerify = mockJwtVerify;
 
       const context = createMockContext();
       const session = await hasSession(context);
@@ -128,12 +158,17 @@ describe("auth helpers", () => {
         exp: 1234567990,
       };
 
-      mockCookies.get.mockReturnValue(undefined);
+      (mockCookies.get as any).mockReturnValue(undefined);
 
       const context = createMockContext();
-      context.req.header = mock().mockReturnValue("Bearer valid.jwt.token");
+      context.req.header = mock().mockReturnValue(
+        "Bearer valid.workos.access.token",
+      );
 
-      mockJwt.verify.mockResolvedValue(mockPayload);
+      const mockJwtVerify = mock(() =>
+        Promise.resolve({ payload: mockPayload }),
+      );
+      (jose as any).jwtVerify = mockJwtVerify;
 
       const session = await hasSession(context);
 
@@ -142,7 +177,7 @@ describe("auth helpers", () => {
     });
 
     it("should return false when no token available", async () => {
-      mockCookies.get.mockReturnValue(undefined);
+      (mockCookies.get as any).mockReturnValue(undefined);
 
       const context = createMockContext();
       context.req.header = mock().mockReturnValue(undefined);
@@ -152,16 +187,27 @@ describe("auth helpers", () => {
       expect(session).toBe(false);
     });
 
-    it("should return false when JWT verification fails", async () => {
-      mockCookies.get.mockReturnValue("invalid.token");
-      mockJwt.verify.mockRejectedValue(new Error("Invalid token"));
+    it("should return false when JWT verification fails and refresh fails", async () => {
+      (mockCookies.get as any)
+        .mockReturnValueOnce("invalid.token")
+        .mockReturnValueOnce("valid.refresh.token")
+        .mockReturnValueOnce(undefined); // No new access token
+
+      const mockJwtVerify = mock(() =>
+        Promise.reject(new Error("Invalid token")),
+      );
+      (jose as any).jwtVerify = mockJwtVerify;
+
+      (
+        mockWorkOS.userManagement.authenticateWithRefreshToken as any
+      ).mockRejectedValue(new Error("Refresh failed"));
 
       const context = createMockContext();
       const session = await hasSession(context);
 
       expect(session).toBe(false);
       expect(mockLogger.error).toHaveBeenCalledWith(
-        "No valid session was found",
+        "No valid WorkOS session found",
         expect.any(Error),
       );
     });
@@ -170,8 +216,12 @@ describe("auth helpers", () => {
   describe("requireAuth", () => {
     it("should call next() for authenticated requests", async () => {
       const mockPayload = { sub: "user_123" };
-      mockCookies.get.mockReturnValue("valid.token");
-      mockJwt.verify.mockResolvedValue(mockPayload);
+      (mockCookies.get as any).mockReturnValue("valid.workos.access.token");
+
+      const mockJwtVerify = mock(() =>
+        Promise.resolve({ payload: mockPayload }),
+      );
+      (jose as any).jwtVerify = mockJwtVerify;
 
       const context = createMockContext();
       const next = mock();
@@ -183,7 +233,7 @@ describe("auth helpers", () => {
     });
 
     it("should return 401 for unauthenticated requests", async () => {
-      mockCookies.get.mockReturnValue(undefined);
+      (mockCookies.get as any).mockReturnValue(undefined);
 
       const context = createMockContext();
       context.req.header = mock().mockReturnValue(undefined);
diff --git a/service/auth/auth.helpers.ts b/service/auth/auth.helpers.ts
index 099d4d2..91820c3 100644
--- a/service/auth/auth.helpers.ts
+++ b/service/auth/auth.helpers.ts
@@ -2,46 +2,150 @@ import { JWTPayload } from "hono/utils/jwt/types";
 import { SurfaceContext } from "../../surface.app.ctx";
 import { User } from "./auth.endpoints";
 import { env } from "../../env";
+import * as jose from "jose";
 
 /**
- * Get the current user from session or JWT token
+ * Get the current user from WorkOS session tokens
  * @param c Surface context
  * @returns User object or undefined if not authenticated
  */
 export async function getUser(c: SurfaceContext): Promise<User | undefined> {
   try {
-    const sessionToken = c.var.cookies.get("session");
+    const accessToken = c.var.cookies.get("wos_access_token");
 
-    if (!sessionToken) {
+    if (!accessToken) {
+      // Try to refresh the token
+      return await refreshAndGetUser(c);
+    }
+
+    // Validate the WorkOS JWT using their JWKS
+    const JWKS = jose.createRemoteJWKSet(
+      new URL(`https://api.workos.com/sso/jwks/${env("WORKOS_CLIENT_ID")}`),
+    );
+
+    try {
+      const { payload } = await jose.jwtVerify(accessToken, JWKS, {
+        issuer: "https://api.workos.com",
+      });
+
+      // Extract user info from WorkOS JWT claims
+      // Try different possible field names that WorkOS might use
+      const email =
+        (payload.email as string) || ((payload as any).user_email as string);
+      const name =
+        (payload.name as string) ||
+        ((payload as any).user_name as string) ||
+        ((payload as any).given_name as string) ||
+        ((payload as any).first_name as string) ||
+        email;
+
+      const user: User = {
+        id: payload.sub as string,
+        name: name || email,
+        email: email,
+        roles: [], // Could be enhanced to derive from payload
+        profilePicture:
+          (payload.picture as string) ||
+          ((payload as any).profile_picture_url as string),
+        // Organization context from JWT
+        organizationId:
+          (payload.org_id as string) ||
+          ((payload as any).organization_id as string),
+        role:
+          (payload.role as string) || ((payload as any).user_role as string),
+        permissions:
+          (payload.permissions as string[]) ||
+          ((payload as any).user_permissions as string[]),
+      };
+
+      c.var.logger.debug(`User ${user.email} authenticated from WorkOS token`);
+      return user;
+    } catch (jwtError) {
+      c.var.logger.debug("Access token validation failed, attempting refresh");
+      // Token might be expired, try to refresh
+      return await refreshAndGetUser(c);
+    }
+  } catch (error) {
+    c.var.logger.error("Error getting user from WorkOS session", error);
+    return undefined;
+  }
+}
+
+/**
+ * Attempt to refresh tokens and get user
+ * @param c Surface context
+ * @returns User object or undefined if refresh fails
+ */
+async function refreshAndGetUser(c: SurfaceContext): Promise<User | undefined> {
+  try {
+    const refreshToken = c.var.cookies.get("wos_refresh_token");
+
+    if (!refreshToken) {
+      c.var.logger.debug("No refresh token available");
       return undefined;
     }
 
-    const decoded = (await c.var.jwt.verify(
-      sessionToken,
-      env("JWT_SECRET"),
-    )) as JWTPayload & {
-      email: string;
-      name: string;
-    };
+    c.var.logger.info("Attempting to refresh WorkOS tokens");
+
+    // Use WorkOS refresh token endpoint
+    const refreshResult =
+      await c.var.workos.userManagement.authenticateWithRefreshToken({
+        refreshToken,
+        clientId: env("WORKOS_CLIENT_ID"),
+      });
+
+    const { user, accessToken, refreshToken: newRefreshToken } = refreshResult;
+
+    // Store the new access token
+    c.var.cookies.set("wos_access_token", accessToken, {
+      path: "/",
+      httpOnly: true,
+      secure: env("NODE_ENV") === "production",
+      sameSite: "lax",
+    });
 
-    // Construct user from JWT payload
-    const user: User = {
-      id: decoded.sub as string,
-      name: decoded.name,
-      email: decoded.email,
-      roles: [], // TODO: Add role management
-      profilePicture: undefined, // Could be added to JWT payload if needed
+    // Update refresh token if it was rotated
+    if (newRefreshToken) {
+      c.var.cookies.set("wos_refresh_token", newRefreshToken, {
+        path: "/",
+        httpOnly: true,
+        secure: env("NODE_ENV") === "production",
+        sameSite: "lax",
+      });
+    }
+
+    // Update user ID cookie
+    c.var.cookies.set("user_id", user.id, {
+      path: "/",
+      httpOnly: true,
+      secure: env("NODE_ENV") === "production",
+      sameSite: "lax",
+    });
+
+    c.var.logger.info("Successfully refreshed WorkOS tokens");
+
+    // Convert WorkOS user to our User type
+    const surfaceUser: User = {
+      id: user.id,
+      name:
+        `${user.firstName || ""} ${user.lastName || ""}`.trim() || user.email,
+      email: user.email,
+      roles: [],
+      profilePicture: user.profilePictureUrl ?? undefined,
     };
 
-    return user;
+    c.var.logger.info(
+      `Successfully refreshed tokens for user ${surfaceUser.email}`,
+    );
+    return surfaceUser;
   } catch (error) {
-    c.var.logger.error("Failed to get user from session", error);
+    c.var.logger.error("Failed to refresh WorkOS tokens", error);
     return undefined;
   }
 }
 
 /**
- * Check if the current request has a valid session
+ * Check if the current request has a valid WorkOS session
  * @param c Surface context
  * @returns JWT payload if valid session exists, false otherwise
  */
@@ -49,24 +153,61 @@ export const hasSession = async (
   c: SurfaceContext,
 ): Promise<boolean | JWTPayload> => {
   try {
-    // Check for session cookie first
-    const sessionToken = c.var.cookies.get("session");
-    if (sessionToken) {
-      const decoded = await c.var.jwt.verify(sessionToken, env("JWT_SECRET"));
-      return decoded;
+    // Check for WorkOS access token first
+    const accessToken = c.var.cookies.get("wos_access_token");
+    if (accessToken) {
+      const JWKS = jose.createRemoteJWKSet(
+        new URL(`https://api.workos.com/sso/jwks/${env("WORKOS_CLIENT_ID")}`),
+      );
+
+      try {
+        const { payload } = await jose.jwtVerify(accessToken, JWKS, {
+          issuer: "https://api.workos.com",
+        });
+        return payload;
+      } catch (jwtError) {
+        c.var.logger.info("Access token validation failed, attempting refresh");
+        // Try to refresh the token
+        const user = await refreshAndGetUser(c);
+        if (user) {
+          // Get the new access token after refresh
+          const newAccessToken = c.var.cookies.get("wos_access_token");
+          if (newAccessToken) {
+            const { payload } = await jose.jwtVerify(newAccessToken, JWKS, {
+              issuer: "https://api.workos.com",
+            });
+            return payload;
+          }
+        }
+        return false;
+      }
     }
 
     // Fallback to Authorization header for API calls
     const authHeader = c.req.header("Authorization");
     if (authHeader?.startsWith("Bearer ")) {
       const token = authHeader.replace("Bearer ", "");
-      const decoded = await c.var.jwt.verify(token, env("JWT_SECRET"));
-      return decoded;
+      const JWKS = jose.createRemoteJWKSet(
+        new URL(`https://api.workos.com/sso/jwks/${env("WORKOS_CLIENT_ID")}`),
+      );
+
+      try {
+        const { payload } = await jose.jwtVerify(token, JWKS, {
+          issuer: "https://api.workos.com",
+        });
+        return payload;
+      } catch (jwtError) {
+        c.var.logger.error(
+          "Authorization header token validation failed",
+          jwtError,
+        );
+        return false;
+      }
     }
 
     return false;
   } catch (error) {
-    c.var.logger.error("No valid session was found", error);
+    c.var.logger.error("No valid WorkOS session found", error);
     return false;
   }
 };
@@ -87,7 +228,63 @@ export const requireAuth = async (
   }
 
   // Store the session data in context for use in handlers
-  // Note: Using a custom context extension since "session" is not in Dependencies
   (c as any).session = session;
   await next();
 };
+
+/**
+ * Get the current organization ID from the session
+ * @param c Surface context
+ * @returns Organization ID or undefined
+ */
+export async function getCurrentOrganizationId(
+  c: SurfaceContext,
+): Promise<string | undefined> {
+  const session = await hasSession(c);
+  if (session && typeof session === "object") {
+    return session.org_id as string;
+  }
+  return undefined;
+}
+
+/**
+ * Get user permissions from the current session
+ * @param c Surface context
+ * @returns Array of permissions or empty array
+ */
+export async function getUserPermissions(c: SurfaceContext): Promise<string[]> {
+  const session = await hasSession(c);
+  if (session && typeof session === "object") {
+    return (session.permissions as string[]) || [];
+  }
+  return [];
+}
+
+/**
+ * Check if user has a specific permission
+ * @param c Surface context
+ * @param permission Permission to check
+ * @returns True if user has the permission
+ */
+export async function hasPermission(
+  c: SurfaceContext,
+  permission: string,
+): Promise<boolean> {
+  const permissions = await getUserPermissions(c);
+  return permissions.includes(permission);
+}
+
+/**
+ * Get user role in the current organization
+ * @param c Surface context
+ * @returns User role or undefined
+ */
+export async function getUserRole(
+  c: SurfaceContext,
+): Promise<string | undefined> {
+  const session = await hasSession(c);
+  if (session && typeof session === "object") {
+    return session.role as string;
+  }
+  return undefined;
+}
diff --git a/service/members/members.endpoints.test.ts b/service/members/members.endpoints.test.ts
index dd5ef1c..5ee62fb 100644
--- a/service/members/members.endpoints.test.ts
+++ b/service/members/members.endpoints.test.ts
@@ -1,4 +1,4 @@
-import { expect, describe, mock, it } from "bun:test";
+import { expect, describe, mock, it, beforeEach } from "bun:test";
 import {
   applyContext,
   cookies,
@@ -9,6 +9,7 @@ import { logger } from "../../logger/logger";
 import { members } from "./members.endpoints";
 import { Hono } from "hono";
 import { User } from "../auth/auth.endpoints";
+import * as jose from "jose";
 
 describe("members endpoint tests", () => {
   const mockLogger = {
@@ -18,7 +19,8 @@ describe("members endpoint tests", () => {
   } as unknown as typeof logger;
 
   const mockCookies = {
-    get: mock(() => "valid.jwt.token"),
+    get: mock(() => "valid.workos.access.token"),
+    set: mock(),
   } as unknown as ReturnType<typeof cookies>;
 
   const mockJwt = {
@@ -28,6 +30,12 @@ describe("members endpoint tests", () => {
     sign: mock(() => Promise.resolve("token")),
   };
 
+  const mockWorkOS = {
+    userManagement: {
+      authenticateWithRefreshToken: mock(),
+    },
+  };
+
   // Create mocks with correct return types to avoid type errors
   const getMembersMock = mock<() => Promise<User[] | Response>>();
   const getMemberMock = mock<() => Promise<User | null>>();
@@ -56,11 +64,27 @@ describe("members endpoint tests", () => {
         logger: mockLogger,
         memberServiceClient: mockMemberServiceClient,
         cookies: mockCookies,
-        jwt: mockJwt,
+        jwt: mockJwt as any,
+        workos: mockWorkOS as any,
       }),
     )
     .route("/api/members", members);
 
+  beforeEach(() => {
+    // Mock jose.jwtVerify to simulate valid WorkOS token
+    const mockPayload = {
+      sub: "user_123",
+      email: "test@example.com",
+      name: "Test User",
+      iat: Date.now() / 1000,
+      exp: Date.now() / 1000 + 3600,
+    };
+
+    (jose as any).jwtVerify = mock(() =>
+      Promise.resolve({ payload: mockPayload }),
+    );
+  });
+
   it("returns members from api", async () => {
     // the mock service method delays for a second for UI, skipping this.
     const response = await testApp.request("/api/members");
diff --git a/state/user.store.ts b/state/user.store.ts
index e833f7b..4c41160 100644
--- a/state/user.store.ts
+++ b/state/user.store.ts
@@ -26,9 +26,19 @@ export const useUserStore: StoreCreator<UserStore> = (set) => ({
 });
 
 registerLoader(async (c: SurfaceContext) => {
-  const user = await getUser(c);
-  logger.debug("loading user server side:", user);
-  return {
-    user,
-  };
+  try {
+    const user = await getUser(c);
+    if (user) {
+      logger.debug(`User ${user.email} loaded for SSR`);
+    }
+
+    return {
+      user,
+    };
+  } catch (error) {
+    logger.error("Error loading user data server side:", error);
+    return {
+      user: undefined,
+    };
+  }
 });
diff --git a/views/components/app-sidebar.tsx b/views/components/app-sidebar.tsx
index c72b839..f12ded2 100644
--- a/views/components/app-sidebar.tsx
+++ b/views/components/app-sidebar.tsx
@@ -23,14 +23,10 @@ import {
   SidebarHeader,
   SidebarRail,
 } from "@/components/ui/sidebar";
+import { useAppState } from "@/hooks/use-app-state";
 
-// This is sample data.
+// This is sample data for teams and navigation.
 const data = {
-  user: {
-    name: "shadcn",
-    email: "m@example.com",
-    avatar: "/avatars/shadcn.jpg",
-  },
   teams: [
     {
       name: "Acme Inc",
@@ -155,6 +151,21 @@ const data = {
 };
 
 export function AppSidebar({ ...props }: React.ComponentProps<typeof Sidebar>) {
+  const { user } = useAppState();
+
+  // Use real user data if available, otherwise fallback to default
+  const userData = user
+    ? {
+        name: user.name,
+        email: user.email,
+        avatar: user.profilePicture || "/avatars/default.jpg",
+      }
+    : {
+        name: "Guest",
+        email: "guest@example.com",
+        avatar: "/avatars/default.jpg",
+      };
+
   return (
     <Sidebar collapsible="icon" {...props}>
       <SidebarHeader>
@@ -165,7 +176,7 @@ export function AppSidebar({ ...props }: React.ComponentProps<typeof Sidebar>) {
         <NavProjects projects={data.projects} />
       </SidebarContent>
       <SidebarFooter>
-        <NavUser user={data.user} />
+        <NavUser user={userData} />
       </SidebarFooter>
       <SidebarRail />
     </Sidebar>
diff --git a/views/components/nav-user.tsx b/views/components/nav-user.tsx
index da3c46c..0869272 100644
--- a/views/components/nav-user.tsx
+++ b/views/components/nav-user.tsx
@@ -97,8 +97,10 @@ export function NavUser({
             </DropdownMenuGroup>
             <DropdownMenuSeparator />
             <DropdownMenuItem>
-              <LogOut />
-              Log out
+              <a href="/auth/logout" className="flex items-center gap-2 w-full">
+                <LogOut />
+                Log out
+              </a>
             </DropdownMenuItem>
           </DropdownMenuContent>
         </DropdownMenu>
diff --git a/views/home.tsx b/views/home.tsx
index c4cd920..be70d10 100644
--- a/views/home.tsx
+++ b/views/home.tsx
@@ -4,7 +4,7 @@ import { SurfaceIcon } from "./components/icon/SurfaceIcon";
 import { Header } from "./header";
 import { useAppState } from "./hooks/use-app-state";
 function App() {
-  const { count, increment } = useAppState();
+  const { count, increment, user } = useAppState();
   return (
     <div>
       <Header />
diff --git a/views/hooks/use-app-state.ts b/views/hooks/use-app-state.ts
index b785b6b..0650af4 100644
--- a/views/hooks/use-app-state.ts
+++ b/views/hooks/use-app-state.ts
@@ -1,6 +1,7 @@
 import { useAppStore } from "../../state/root.store";
 import { RootContext } from "@/providers/root-context-provider";
 import React from "react";
+import { User } from "../../service/auth/auth.endpoints";
 
 export function useAppState() {
   const ssrContext = React.useContext(RootContext);
@@ -10,3 +11,13 @@ export function useAppState() {
     ...ssrContext,
   };
 }
+
+export function useUser(): User | undefined {
+  const { user } = useAppState();
+  return user;
+}
+
+export function useIsAuthenticated(): boolean {
+  const user = useUser();
+  return !!user;
+}
diff --git a/views/ssr.ts b/views/ssr.ts
index 4190d9c..0768577 100644
--- a/views/ssr.ts
+++ b/views/ssr.ts
@@ -45,10 +45,11 @@ export async function render(opts: {
   });
 
   const ssrState = await loadServerRouterContext(opts.c);
+  const accessToken = opts.c.var.cookies.get("wos_access_token");
   const rpcClient = hc<Api>(`${process.env.SELF_RPC_HOST}/`, {
     headers: {
       "Content-Type": "application/json",
-      Authorization: `Bearer ${opts.c.var.cookies.get("session")}`,
+      ...(accessToken && { Authorization: `Bearer ${accessToken}` }),
     },
   });
 

From e04861347894e92a7b0a37d18c91687ddd34ce1a Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Mon, 1 Sep 2025 22:53:56 -0700
Subject: [PATCH 04/16] refactor: wiggle the LLM a bit more for working auth

---
 service/auth/auth.endpoint.test.ts        |  50 ++++---
 service/auth/auth.endpoints.ts            |  58 +++-----
 service/auth/auth.helpers.test.ts         | 171 ++++++++++++++--------
 service/auth/auth.helpers.ts              |  96 +++++++-----
 service/members/member.service.client.ts  |  19 ++-
 service/members/members.endpoints.test.ts |  16 +-
 state/user.store.ts                       |   2 +-
 views/components/app-sidebar.tsx          |  12 +-
 8 files changed, 257 insertions(+), 167 deletions(-)

diff --git a/service/auth/auth.endpoint.test.ts b/service/auth/auth.endpoint.test.ts
index a968967..9abbc1d 100644
--- a/service/auth/auth.endpoint.test.ts
+++ b/service/auth/auth.endpoint.test.ts
@@ -7,6 +7,9 @@ import { WorkOS } from "@workos-inc/node";
 import { errorHandler } from "../../handlers/error.handler";
 
 describe("auth endpoints", () => {
+  // Set up test environment variables
+  process.env.WORKOS_CLIENT_ID = "client_test_123";
+  process.env.WORKOS_REDIRECT_URI = "http://localhost:4000/auth/callback";
   // Mock logger
   const mockLogger = {
     ...logger,
@@ -15,7 +18,7 @@ describe("auth endpoints", () => {
   } as unknown as typeof logger;
 
   // Mock functions for WorkOS
-  const mockGetAuthorizationURL = mock();
+  const mockGetAuthorizationUrl = mock();
   const mockAuthenticateWithCode = mock();
   const mockAuthenticateWithRefreshToken = mock();
   const mockGetLogoutUrl = mock();
@@ -23,7 +26,7 @@ describe("auth endpoints", () => {
   // Mock WorkOS
   const mockWorkOS = {
     userManagement: {
-      getAuthorizationUrl: mockGetAuthorizationURL,
+      getAuthorizationUrl: mockGetAuthorizationUrl,
       authenticateWithCode: mockAuthenticateWithCode,
       authenticateWithRefreshToken: mockAuthenticateWithRefreshToken,
       getLogoutUrl: mockGetLogoutUrl,
@@ -50,7 +53,7 @@ describe("auth endpoints", () => {
     (mockLogger.error as any).mockClear?.();
     (mockCookies.get as any).mockClear?.();
     (mockCookies.set as any).mockClear?.();
-    mockGetAuthorizationURL.mockClear?.();
+    mockGetAuthorizationUrl.mockClear?.();
     mockAuthenticateWithCode.mockClear?.();
     mockAuthenticateWithRefreshToken.mockClear?.();
     mockGetLogoutUrl.mockClear?.();
@@ -75,16 +78,16 @@ describe("auth endpoints", () => {
       const mockAuthUrl =
         "https://api.workos.com/sso/authorize?response_type=code&client_id=test&redirect_uri=http://localhost:4000/api/auth/callback";
 
-      mockGetAuthorizationURL.mockReturnValue(mockAuthUrl);
+      mockGetAuthorizationUrl.mockReturnValue(mockAuthUrl);
 
       const response = await testApp.request("/login");
 
       expect(response.status).toBe(302);
       expect(response.headers.get("Location")).toBe(mockAuthUrl);
-      expect(mockGetAuthorizationURL).toHaveBeenCalledWith({
+      expect(mockGetAuthorizationUrl).toHaveBeenCalledWith({
         provider: "authkit",
-        redirectUri: "http://localhost:4000/api/auth/callback",
-        clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
+        redirectUri: "http://localhost:4000/auth/callback",
+        clientId: "client_test_123",
         state: "/",
       });
       expect(mockLogger.info).toHaveBeenCalledWith(
@@ -94,21 +97,21 @@ describe("auth endpoints", () => {
 
     it("should use return query parameter as state", async () => {
       const mockAuthUrl = "https://api.workos.com/sso/authorize";
-      mockGetAuthorizationURL.mockReturnValue(mockAuthUrl);
+      mockGetAuthorizationUrl.mockReturnValue(mockAuthUrl);
 
       await testApp.request("/login?return=/dashboard");
 
-      expect(mockGetAuthorizationURL).toHaveBeenCalledWith({
+      expect(mockGetAuthorizationUrl).toHaveBeenCalledWith({
         provider: "authkit",
-        redirectUri: "http://localhost:4000/api/auth/callback",
-        clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
+        redirectUri: "http://localhost:4000/auth/callback",
+        clientId: "client_test_123",
         state: "/dashboard",
       });
     });
 
     it("should return JSON for test requests", async () => {
       const mockAuthUrl = "https://api.workos.com/sso/authorize";
-      mockGetAuthorizationURL.mockReturnValue(mockAuthUrl);
+      mockGetAuthorizationUrl.mockReturnValue(mockAuthUrl);
 
       const response = await testApp.request("/login?test=true");
       const body = await response.json();
@@ -118,7 +121,7 @@ describe("auth endpoints", () => {
     });
 
     it("should handle WorkOS errors", async () => {
-      mockGetAuthorizationURL.mockImplementation(() => {
+      mockGetAuthorizationUrl.mockImplementation(() => {
         throw new Error("WorkOS error");
       });
 
@@ -163,7 +166,7 @@ describe("auth endpoints", () => {
 
       expect(mockAuthenticateWithCode).toHaveBeenCalledWith({
         code: "auth_code_123",
-        clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
+        clientId: "client_test_123",
       });
 
       expect(mockCookies.set).toHaveBeenCalledWith(
@@ -308,7 +311,10 @@ describe("auth endpoints", () => {
 
     it("should redirect to WorkOS logout URL when access token is present", async () => {
       // Mock getting an access token
-      (mockCookies.get as any).mockReturnValueOnce("mock.workos.access.token");
+      (mockCookies.get as any).mockImplementation((key: string) => {
+        if (key === "wos_access_token") return "mock.workos.access.token";
+        return undefined;
+      });
 
       // Mock WorkOS getLogoutUrl
       mockGetLogoutUrl.mockReturnValue(
@@ -343,7 +349,10 @@ describe("auth endpoints", () => {
     });
 
     it("should switch organization successfully", async () => {
-      (mockCookies.get as any).mockReturnValueOnce("valid.refresh.token");
+      (mockCookies.get as any).mockImplementation((key: string) => {
+        if (key === "wos_refresh_token") return "valid.refresh.token";
+        return undefined;
+      });
 
       const response = await testApp.request("/switch-organization", {
         method: "POST",
@@ -357,13 +366,13 @@ describe("auth endpoints", () => {
 
       expect(mockAuthenticateWithRefreshToken).toHaveBeenCalledWith({
         refreshToken: "valid.refresh.token",
-        clientId: "client_01HRQ08WC5PECTJJFEVW410MC5",
+        clientId: "client_test_123",
         organizationId: "org_123",
       });
     });
 
     it("should return 401 when no refresh token", async () => {
-      (mockCookies.get as any).mockReturnValueOnce(undefined);
+      (mockCookies.get as any).mockImplementation(() => undefined);
 
       const response = await testApp.request("/switch-organization", {
         method: "POST",
@@ -377,7 +386,10 @@ describe("auth endpoints", () => {
     });
 
     it("should handle WorkOS errors", async () => {
-      (mockCookies.get as any).mockReturnValueOnce("valid.refresh.token");
+      (mockCookies.get as any).mockImplementation((key: string) => {
+        if (key === "wos_refresh_token") return "valid.refresh.token";
+        return undefined;
+      });
       mockAuthenticateWithRefreshToken.mockRejectedValue(
         new Error("Organization not accessible"),
       );
diff --git a/service/auth/auth.endpoints.ts b/service/auth/auth.endpoints.ts
index 00cf2a2..9f98faf 100644
--- a/service/auth/auth.endpoints.ts
+++ b/service/auth/auth.endpoints.ts
@@ -5,17 +5,21 @@ import { describeRoute } from "hono-openapi";
 import { resolver } from "hono-openapi/zod";
 import { z } from "zod";
 import { AuthError } from "../../handlers/error.handler";
-import * as jose from "jose";
 
 export type User = {
   id: string;
-  name: string;
-  email: string;
-  roles: string[];
-  profilePicture?: string;
-  organizationId?: string;
+  email?: string;
+  given_name?: string;
+  family_name?: string;
+  name?: string;
+  picture?: string;
+  org_id?: string;
   role?: string;
   permissions?: string[];
+  // Legacy fields for backward compatibility
+  profilePicture?: string;
+  organizationId?: string;
+  roles?: string[];
 };
 
 // Zod schemas for OpenAPI documentation
@@ -38,13 +42,18 @@ const switchOrganizationResponse = z.object({
 
 const userResponse = z.object({
   id: z.string(),
-  name: z.string(),
-  email: z.string(),
-  roles: z.array(z.string()),
-  profilePicture: z.string().optional(),
-  organizationId: z.string().optional(),
+  email: z.string().optional(),
+  given_name: z.string().optional(),
+  family_name: z.string().optional(),
+  name: z.string().optional(),
+  picture: z.string().optional(),
+  org_id: z.string().optional(),
   role: z.string().optional(),
   permissions: z.array(z.string()).optional(),
+  // Legacy fields for backward compatibility
+  profilePicture: z.string().optional(),
+  organizationId: z.string().optional(),
+  roles: z.array(z.string()).optional(),
 });
 
 export const sessions = new Hono<SurfaceEnv>()
@@ -194,8 +203,6 @@ export const sessions = new Hono<SurfaceEnv>()
       logger.info("User logging out");
 
       try {
-        const accessToken = cookies.get("wos_access_token");
-
         // Clear all auth cookies first
         cookies.set("wos_access_token", "", {
           path: "/",
@@ -220,28 +227,9 @@ export const sessions = new Hono<SurfaceEnv>()
           return c.json({ message: "Logged out successfully" });
         }
 
-        if (accessToken) {
-          try {
-            // Extract session ID from WorkOS access token
-            const decoded = jose.decodeJwt(accessToken);
-            const sessionId = decoded.sid as string;
-
-            if (sessionId) {
-              // Redirect to WorkOS logout endpoint to properly end the session
-              const logoutUrl = workos.userManagement.getLogoutUrl({
-                sessionId,
-              });
-              return c.redirect(logoutUrl);
-            }
-          } catch (decodeError) {
-            logger.error(
-              "Failed to decode access token for logout",
-              decodeError,
-            );
-          }
-        }
-
-        // Fallback redirect if we can't get session ID
+        // Simple logout: just clear cookies and redirect
+        // Note: This doesn't invalidate the WorkOS session, but clears our local session
+        logger.info("Performing local logout - clearing session cookies");
         const redirectTo = c.req.query("return") ?? "/";
         return c.redirect(redirectTo);
       } catch (error) {
diff --git a/service/auth/auth.helpers.test.ts b/service/auth/auth.helpers.test.ts
index 481ae27..546bb7f 100644
--- a/service/auth/auth.helpers.test.ts
+++ b/service/auth/auth.helpers.test.ts
@@ -1,13 +1,17 @@
-import { expect, it, mock, describe, beforeEach } from "bun:test";
+import { expect, it, mock, describe, beforeEach, spyOn } from "bun:test";
 import { getUser, hasSession, requireAuth } from "./auth.helpers";
 import { SurfaceContext } from "../../surface.app.ctx";
 import { WorkOS } from "@workos-inc/node";
 import * as jose from "jose";
 
 describe("auth helpers", () => {
+  // Set up test environment variables
+  process.env.WORKOS_CLIENT_ID = "client_test_123";
+
   const mockLogger = {
     error: mock(),
     info: mock(),
+    debug: mock(),
   };
 
   const mockCookies = {
@@ -20,9 +24,12 @@ describe("auth helpers", () => {
     sign: mock(),
   };
 
+  const mockGetUser = mock();
+
   const mockWorkOS = {
     userManagement: {
       authenticateWithRefreshToken: mock(),
+      getUser: mockGetUser,
     },
   } as unknown as WorkOS;
 
@@ -43,14 +50,18 @@ describe("auth helpers", () => {
     } as unknown as SurfaceContext;
   };
 
+  let jwtVerifySpy: any;
+
   beforeEach(() => {
-    // Reset all mocks without restoring them
-    (mockLogger.error as any).mockClear?.();
-    (mockLogger.info as any).mockClear?.();
-    (mockCookies.get as any).mockClear?.();
-    (mockCookies.set as any).mockClear?.();
-    (mockJwt.verify as any).mockClear?.();
-    (mockJwt.sign as any).mockClear?.();
+    // Reset existing spy or create new one
+    if (jwtVerifySpy) {
+      jwtVerifySpy.mockClear();
+    } else {
+      jwtVerifySpy = spyOn(jose, "jwtVerify");
+    }
+
+    // Reset WorkOS API mocks
+    mockGetUser.mockClear();
   });
 
   describe("getUser", () => {
@@ -58,7 +69,10 @@ describe("auth helpers", () => {
       const mockPayload = {
         sub: "user_123",
         email: "john@example.com",
+        given_name: "John",
+        family_name: "Doe",
         name: "John Doe",
+        picture: undefined,
         iat: 1234567890,
         exp: 1234567990,
         org_id: "org_123",
@@ -66,56 +80,76 @@ describe("auth helpers", () => {
         permissions: ["read", "write"],
       };
 
-      (mockCookies.get as any).mockReturnValue("valid.workos.access.token");
+      const context = createMockContext({
+        cookies: {
+          get: mock().mockReturnValue("valid.workos.access.token"),
+          set: mock(),
+        },
+      });
 
-      // Mock jose.jwtVerify
-      const mockJwtVerify = mock(() =>
-        Promise.resolve({ payload: mockPayload }),
-      );
-      (jose as any).jwtVerify = mockJwtVerify;
+      jwtVerifySpy.mockResolvedValue({ payload: mockPayload });
+
+      // Mock WorkOS User Management API response
+      mockGetUser.mockResolvedValue({
+        id: "user_123",
+        email: "john@example.com",
+        firstName: "John",
+        lastName: "Doe",
+        profilePictureUrl: null,
+      });
 
-      const context = createMockContext();
       const user = await getUser(context);
 
       expect(user).toEqual({
         id: "user_123",
-        name: "John Doe",
         email: "john@example.com",
-        roles: [],
-        profilePicture: undefined,
-        organizationId: "org_123",
+        given_name: "John",
+        family_name: "Doe",
+        name: "John Doe",
+        picture: null,
+        org_id: "org_123",
         role: "admin",
         permissions: ["read", "write"],
+        // Legacy compatibility
+        profilePicture: null,
+        organizationId: "org_123",
+        roles: ["read", "write"],
       });
 
-      expect(mockCookies.get).toHaveBeenCalledWith("wos_access_token");
+      expect(context.var.cookies.get).toHaveBeenCalledWith("wos_access_token");
+      expect(mockGetUser).toHaveBeenCalledWith("user_123");
     });
 
     it("should return undefined when no access token and refresh fails", async () => {
-      (mockCookies.get as any).mockReturnValue(undefined);
-
-      const context = createMockContext();
+      const context = createMockContext({
+        cookies: {
+          get: mock().mockReturnValue(undefined),
+          set: mock(),
+        },
+      });
       const user = await getUser(context);
 
       expect(user).toBeUndefined();
     });
 
     it("should attempt refresh when JWT verification fails", async () => {
-      (mockCookies.get as any)
+      const mockGet = mock()
         .mockReturnValueOnce("invalid.access.token")
         .mockReturnValueOnce("valid.refresh.token")
         .mockReturnValueOnce(undefined); // No new access token after failed refresh
 
-      const mockJwtVerify = mock(() =>
-        Promise.reject(new Error("Invalid token")),
-      );
-      (jose as any).jwtVerify = mockJwtVerify;
+      const context = createMockContext({
+        cookies: {
+          get: mockGet,
+          set: mock(),
+        },
+      });
+
+      jwtVerifySpy.mockRejectedValue(new Error("Invalid token"));
 
       (
         mockWorkOS.userManagement.authenticateWithRefreshToken as any
       ).mockRejectedValue(new Error("Refresh failed"));
-
-      const context = createMockContext();
       const user = await getUser(context);
 
       expect(user).toBeUndefined();
@@ -136,14 +170,15 @@ describe("auth helpers", () => {
         exp: 1234567990,
       };
 
-      (mockCookies.get as any).mockReturnValue("valid.workos.access.token");
+      const context = createMockContext({
+        cookies: {
+          get: mock().mockReturnValue("valid.workos.access.token"),
+          set: mock(),
+        },
+      });
 
-      const mockJwtVerify = mock(() =>
-        Promise.resolve({ payload: mockPayload }),
-      );
-      (jose as any).jwtVerify = mockJwtVerify;
+      jwtVerifySpy.mockResolvedValue({ payload: mockPayload });
 
-      const context = createMockContext();
       const session = await hasSession(context);
 
       expect(session).toEqual(mockPayload);
@@ -158,17 +193,17 @@ describe("auth helpers", () => {
         exp: 1234567990,
       };
 
-      (mockCookies.get as any).mockReturnValue(undefined);
-
-      const context = createMockContext();
+      const context = createMockContext({
+        cookies: {
+          get: mock().mockReturnValue(undefined),
+          set: mock(),
+        },
+      });
       context.req.header = mock().mockReturnValue(
         "Bearer valid.workos.access.token",
       );
 
-      const mockJwtVerify = mock(() =>
-        Promise.resolve({ payload: mockPayload }),
-      );
-      (jose as any).jwtVerify = mockJwtVerify;
+      jwtVerifySpy.mockResolvedValue({ payload: mockPayload });
 
       const session = await hasSession(context);
 
@@ -177,9 +212,12 @@ describe("auth helpers", () => {
     });
 
     it("should return false when no token available", async () => {
-      (mockCookies.get as any).mockReturnValue(undefined);
-
-      const context = createMockContext();
+      const context = createMockContext({
+        cookies: {
+          get: mock().mockReturnValue(undefined),
+          set: mock(),
+        },
+      });
       context.req.header = mock().mockReturnValue(undefined);
 
       const session = await hasSession(context);
@@ -188,26 +226,28 @@ describe("auth helpers", () => {
     });
 
     it("should return false when JWT verification fails and refresh fails", async () => {
-      (mockCookies.get as any)
+      const mockGet = mock()
         .mockReturnValueOnce("invalid.token")
         .mockReturnValueOnce("valid.refresh.token")
         .mockReturnValueOnce(undefined); // No new access token
 
-      const mockJwtVerify = mock(() =>
-        Promise.reject(new Error("Invalid token")),
-      );
-      (jose as any).jwtVerify = mockJwtVerify;
+      const context = createMockContext({
+        cookies: {
+          get: mockGet,
+          set: mock(),
+        },
+      });
+
+      jwtVerifySpy.mockRejectedValue(new Error("Invalid token"));
 
       (
         mockWorkOS.userManagement.authenticateWithRefreshToken as any
       ).mockRejectedValue(new Error("Refresh failed"));
-
-      const context = createMockContext();
       const session = await hasSession(context);
 
       expect(session).toBe(false);
       expect(mockLogger.error).toHaveBeenCalledWith(
-        "No valid WorkOS session found",
+        "Failed to refresh WorkOS tokens",
         expect.any(Error),
       );
     });
@@ -216,14 +256,16 @@ describe("auth helpers", () => {
   describe("requireAuth", () => {
     it("should call next() for authenticated requests", async () => {
       const mockPayload = { sub: "user_123" };
-      (mockCookies.get as any).mockReturnValue("valid.workos.access.token");
 
-      const mockJwtVerify = mock(() =>
-        Promise.resolve({ payload: mockPayload }),
-      );
-      (jose as any).jwtVerify = mockJwtVerify;
+      const context = createMockContext({
+        cookies: {
+          get: mock().mockReturnValue("valid.workos.access.token"),
+          set: mock(),
+        },
+      });
+
+      jwtVerifySpy.mockResolvedValue({ payload: mockPayload });
 
-      const context = createMockContext();
       const next = mock();
 
       await requireAuth(context, next);
@@ -233,9 +275,12 @@ describe("auth helpers", () => {
     });
 
     it("should return 401 for unauthenticated requests", async () => {
-      (mockCookies.get as any).mockReturnValue(undefined);
-
-      const context = createMockContext();
+      const context = createMockContext({
+        cookies: {
+          get: mock().mockReturnValue(undefined),
+          set: mock(),
+        },
+      });
       context.req.header = mock().mockReturnValue(undefined);
       context.json = mock().mockReturnValue(new Response());
 
diff --git a/service/auth/auth.helpers.ts b/service/auth/auth.helpers.ts
index 91820c3..f91cdcc 100644
--- a/service/auth/auth.helpers.ts
+++ b/service/auth/auth.helpers.ts
@@ -28,38 +28,60 @@ export async function getUser(c: SurfaceContext): Promise<User | undefined> {
         issuer: "https://api.workos.com",
       });
 
-      // Extract user info from WorkOS JWT claims
-      // Try different possible field names that WorkOS might use
-      const email =
-        (payload.email as string) || ((payload as any).user_email as string);
-      const name =
-        (payload.name as string) ||
-        ((payload as any).user_name as string) ||
-        ((payload as any).given_name as string) ||
-        ((payload as any).first_name as string) ||
-        email;
-
-      const user: User = {
-        id: payload.sub as string,
-        name: name || email,
-        email: email,
-        roles: [], // Could be enhanced to derive from payload
-        profilePicture:
-          (payload.picture as string) ||
-          ((payload as any).profile_picture_url as string),
-        // Organization context from JWT
-        organizationId:
-          (payload.org_id as string) ||
-          ((payload as any).organization_id as string),
-        role:
-          (payload.role as string) || ((payload as any).user_role as string),
-        permissions:
-          (payload.permissions as string[]) ||
-          ((payload as any).user_permissions as string[]),
-      };
-
-      c.var.logger.debug(`User ${user.email} authenticated from WorkOS token`);
-      return user;
+      // Validate we got a payload
+      if (!payload || !payload.sub) {
+        c.var.logger.error("Invalid JWT payload - missing sub claim");
+        throw new Error("Invalid JWT payload");
+      }
+
+      // WorkOS JWT only contains minimal claims (sub, org_id, role, permissions)
+      // We need to fetch full user details from the User Management API
+      const userId = payload.sub as string;
+
+      try {
+        // Fetch user details from WorkOS User Management API
+        const workosUser = await c.var.workos.userManagement.getUser(userId);
+
+        const user: User = {
+          id: workosUser.id,
+          email: workosUser.email,
+          given_name: workosUser.firstName,
+          family_name: workosUser.lastName,
+          name:
+            `${workosUser.firstName || ""} ${workosUser.lastName || ""}`.trim() ||
+            workosUser.email,
+          picture: workosUser.profilePictureUrl,
+          org_id: payload.org_id as string,
+          role: payload.role as string,
+          permissions: payload.permissions as string[],
+          // Legacy compatibility mappings
+          profilePicture: workosUser.profilePictureUrl,
+          organizationId: payload.org_id as string,
+          roles: payload.permissions as string[],
+        };
+
+        c.var.logger.info(`User authenticated: ${user.email} (${user.name})`);
+        return user;
+      } catch (userFetchError) {
+        c.var.logger.error(
+          "Failed to fetch user details from WorkOS",
+          userFetchError,
+        );
+
+        // Fallback: create minimal user object from JWT claims only
+        const user: User = {
+          id: userId,
+          org_id: payload.org_id as string,
+          role: payload.role as string,
+          permissions: payload.permissions as string[],
+          // Legacy compatibility mappings
+          organizationId: payload.org_id as string,
+          roles: payload.permissions as string[],
+        };
+
+        c.var.logger.info(`User authenticated (minimal): ${user.id}`);
+        return user;
+      }
     } catch (jwtError) {
       c.var.logger.debug("Access token validation failed, attempting refresh");
       // Token might be expired, try to refresh
@@ -127,15 +149,19 @@ async function refreshAndGetUser(c: SurfaceContext): Promise<User | undefined> {
     // Convert WorkOS user to our User type
     const surfaceUser: User = {
       id: user.id,
+      email: user.email,
+      given_name: user.firstName ?? undefined,
+      family_name: user.lastName ?? undefined,
       name:
         `${user.firstName || ""} ${user.lastName || ""}`.trim() || user.email,
-      email: user.email,
-      roles: [],
+      picture: user.profilePictureUrl ?? undefined,
+      // Legacy compatibility
       profilePicture: user.profilePictureUrl ?? undefined,
+      roles: [],
     };
 
     c.var.logger.info(
-      `Successfully refreshed tokens for user ${surfaceUser.email}`,
+      `Successfully refreshed tokens for user ${surfaceUser.email || surfaceUser.id}`,
     );
     return surfaceUser;
   } catch (error) {
diff --git a/service/members/member.service.client.ts b/service/members/member.service.client.ts
index 9c9e22b..9b578a5 100644
--- a/service/members/member.service.client.ts
+++ b/service/members/member.service.client.ts
@@ -3,18 +3,27 @@ import { User } from "../auth/auth.endpoints";
 const fakeMembers: User[] = [
   {
     id: "123",
-    name: "Alice",
     email: "alice@domain.com",
-    roles: ["admin"],
+    given_name: "Alice",
+    family_name: "Smith",
+    name: "Alice Smith",
+    picture:
+      "https://plus.unsplash.com/premium_photo-1672201106204-58e9af7a2888?q=80&w=80",
+    // Legacy compatibility
     profilePicture:
       "https://plus.unsplash.com/premium_photo-1672201106204-58e9af7a2888?q=80&w=80",
+    roles: ["admin"],
   },
   {
-    name: "Bob",
-    email: "bob@member.net",
     id: "2",
-    roles: [],
+    email: "bob@member.net",
+    given_name: "Bob",
+    family_name: "Johnson",
+    name: "Bob Johnson",
+    picture: "",
+    // Legacy compatibility
     profilePicture: "",
+    roles: [],
   },
 ];
 
diff --git a/service/members/members.endpoints.test.ts b/service/members/members.endpoints.test.ts
index 5ee62fb..be6233d 100644
--- a/service/members/members.endpoints.test.ts
+++ b/service/members/members.endpoints.test.ts
@@ -1,4 +1,4 @@
-import { expect, describe, mock, it, beforeEach } from "bun:test";
+import { expect, describe, mock, it, beforeEach, spyOn } from "bun:test";
 import {
   applyContext,
   cookies,
@@ -42,11 +42,16 @@ describe("members endpoint tests", () => {
 
   const fakeUser: User = {
     id: "123",
-    name: "Alice",
     email: "alice@domain.com",
-    roles: ["admin"],
+    given_name: "Alice",
+    family_name: "Smith",
+    name: "Alice Smith",
+    picture:
+      "https://plus.unsplash.com/premium_photo-1672201106204-58e9af7a2888?q=80&w=80",
+    // Legacy compatibility
     profilePicture:
       "https://plus.unsplash.com/premium_photo-1672201106204-58e9af7a2888?q=80&w=80",
+    roles: ["admin"],
   };
 
   // Set default implementation
@@ -80,9 +85,8 @@ describe("members endpoint tests", () => {
       exp: Date.now() / 1000 + 3600,
     };
 
-    (jose as any).jwtVerify = mock(() =>
-      Promise.resolve({ payload: mockPayload }),
-    );
+    // Use spyOn to mock jose.jwtVerify properly
+    spyOn(jose, "jwtVerify").mockResolvedValue({ payload: mockPayload });
   });
 
   it("returns members from api", async () => {
diff --git a/state/user.store.ts b/state/user.store.ts
index 4c41160..bac7473 100644
--- a/state/user.store.ts
+++ b/state/user.store.ts
@@ -29,7 +29,7 @@ registerLoader(async (c: SurfaceContext) => {
   try {
     const user = await getUser(c);
     if (user) {
-      logger.debug(`User ${user.email} loaded for SSR`);
+      logger.debug(`User ${user.email || user.id || "unknown"} loaded for SSR`);
     }
 
     return {
diff --git a/views/components/app-sidebar.tsx b/views/components/app-sidebar.tsx
index f12ded2..0fcd480 100644
--- a/views/components/app-sidebar.tsx
+++ b/views/components/app-sidebar.tsx
@@ -156,9 +156,15 @@ export function AppSidebar({ ...props }: React.ComponentProps<typeof Sidebar>) {
   // Use real user data if available, otherwise fallback to default
   const userData = user
     ? {
-        name: user.name,
-        email: user.email,
-        avatar: user.profilePicture || "/avatars/default.jpg",
+        name:
+          user.name ||
+          (user.given_name && user.family_name
+            ? `${user.given_name} ${user.family_name}`.trim()
+            : user.given_name || user.family_name) ||
+          user.email ||
+          "Unknown User",
+        email: user.email || "unknown@example.com",
+        avatar: user.picture || user.profilePicture || "/avatars/default.jpg",
       }
     : {
         name: "Guest",

From 3f3ca6cbaa57804b19f7696650cd0a393a358ade Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Mon, 1 Sep 2025 22:56:03 -0700
Subject: [PATCH 05/16] chore: clean up more LLM slop

---
 service/auth/auth.endpoints.ts            | 2 +-
 service/auth/auth.helpers.test.ts         | 4 ++--
 service/auth/auth.helpers.ts              | 8 ++++----
 service/members/members.endpoints.test.ts | 2 +-
 views/home.tsx                            | 2 +-
 5 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/service/auth/auth.endpoints.ts b/service/auth/auth.endpoints.ts
index 9f98faf..b4fbdc6 100644
--- a/service/auth/auth.endpoints.ts
+++ b/service/auth/auth.endpoints.ts
@@ -198,7 +198,7 @@ export const sessions = new Hono<SurfaceEnv>()
       },
     }),
     async (c) => {
-      const { cookies, logger, workos } = c.var;
+      const { cookies, logger } = c.var;
 
       logger.info("User logging out");
 
diff --git a/service/auth/auth.helpers.test.ts b/service/auth/auth.helpers.test.ts
index 546bb7f..d6e2bd5 100644
--- a/service/auth/auth.helpers.test.ts
+++ b/service/auth/auth.helpers.test.ts
@@ -106,12 +106,12 @@ describe("auth helpers", () => {
         given_name: "John",
         family_name: "Doe",
         name: "John Doe",
-        picture: null,
+        picture: "",
         org_id: "org_123",
         role: "admin",
         permissions: ["read", "write"],
         // Legacy compatibility
-        profilePicture: null,
+        profilePicture: "",
         organizationId: "org_123",
         roles: ["read", "write"],
       });
diff --git a/service/auth/auth.helpers.ts b/service/auth/auth.helpers.ts
index f91cdcc..e21a5ba 100644
--- a/service/auth/auth.helpers.ts
+++ b/service/auth/auth.helpers.ts
@@ -45,17 +45,17 @@ export async function getUser(c: SurfaceContext): Promise<User | undefined> {
         const user: User = {
           id: workosUser.id,
           email: workosUser.email,
-          given_name: workosUser.firstName,
-          family_name: workosUser.lastName,
+          given_name: workosUser.firstName ?? "",
+          family_name: workosUser.lastName ?? "",
           name:
             `${workosUser.firstName || ""} ${workosUser.lastName || ""}`.trim() ||
             workosUser.email,
-          picture: workosUser.profilePictureUrl,
+          picture: workosUser.profilePictureUrl ?? "",
           org_id: payload.org_id as string,
           role: payload.role as string,
           permissions: payload.permissions as string[],
           // Legacy compatibility mappings
-          profilePicture: workosUser.profilePictureUrl,
+          profilePicture: workosUser.profilePictureUrl ?? "",
           organizationId: payload.org_id as string,
           roles: payload.permissions as string[],
         };
diff --git a/service/members/members.endpoints.test.ts b/service/members/members.endpoints.test.ts
index be6233d..97d2cb9 100644
--- a/service/members/members.endpoints.test.ts
+++ b/service/members/members.endpoints.test.ts
@@ -86,7 +86,7 @@ describe("members endpoint tests", () => {
     };
 
     // Use spyOn to mock jose.jwtVerify properly
-    spyOn(jose, "jwtVerify").mockResolvedValue({ payload: mockPayload });
+    spyOn(jose, "jwtVerify").mockResolvedValue({ payload: mockPayload } as any);
   });
 
   it("returns members from api", async () => {
diff --git a/views/home.tsx b/views/home.tsx
index be70d10..c4cd920 100644
--- a/views/home.tsx
+++ b/views/home.tsx
@@ -4,7 +4,7 @@ import { SurfaceIcon } from "./components/icon/SurfaceIcon";
 import { Header } from "./header";
 import { useAppState } from "./hooks/use-app-state";
 function App() {
-  const { count, increment, user } = useAppState();
+  const { count, increment } = useAppState();
   return (
     <div>
       <Header />

From 2ec26d5a5348edea5be575b2ede9c28a79657bc0 Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Mon, 1 Sep 2025 22:58:58 -0700
Subject: [PATCH 06/16] chore: use workos defaults in deploy script

---
 .github/workflows/deploy.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 30a5c64..0d7563e 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -10,6 +10,10 @@ jobs:
     runs-on: ubuntu-latest
     env:
       JWT_SECRET: "test.fake.secret"
+      WORKOS_API_KEY: "test.fake.workos.api.key"
+      WORKOS_CLIENT_ID: "test.fake.client.id"
+      WORKOS_REDIRECT_URI: "http://localhost:3000/auth/callback"
+      NODE_ENV: "test"
     steps:
       - uses: actions/checkout@v4
       - uses: oven-sh/setup-bun@v1

From c3e1233db2be952254d4f482ebd41d24fc75ffff Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Mon, 1 Sep 2025 23:04:04 -0700
Subject: [PATCH 07/16] chore: ye ole packae lock for npm install, let's try
 bun soon

---
 package-lock.json | 1023 +++++++++++++++++++++++++++++++++------------
 package.json      |    2 +-
 2 files changed, 756 insertions(+), 269 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index f87ca42..7d168d7 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -22,6 +22,7 @@
         "@tanstack/react-router": "^1.115.0",
         "@tanstack/react-start": "^1.115.1",
         "@tanstack/router-plugin": "^1.115.0",
+        "@workos-inc/node": "^7.69.1",
         "bunyan": "^1.8.15",
         "class-variance-authority": "^0.7.1",
         "clsx": "^2.1.1",
@@ -31,6 +32,7 @@
         "hono": "^4.8.2",
         "hono-openapi": "^0.4.6",
         "install": "^0.13.0",
+        "jose": "^6.1.0",
         "lucide-react": "^0.509.0",
         "react": "^18.2.0",
         "react-dom": "^18.2.0",
@@ -58,7 +60,7 @@
         "@typescript-eslint/parser": "^7.2.0",
         "@vitejs/plugin-react": "^4.2.1",
         "autoprefixer": "^10.4.19",
-        "eslint": "^9.29.0",
+        "eslint": "^8.57.0",
         "eslint-plugin-react-hooks": "^4.6.0",
         "eslint-plugin-react-refresh": "^0.4.6",
         "glob": "^10.3.12",
@@ -892,79 +894,16 @@
         "node": "^12.0.0 || ^14.0.0 || >=16.0.0"
       }
     },
-    "node_modules/@eslint/config-array": {
-      "version": "0.20.1",
-      "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.20.1.tgz",
-      "integrity": "sha512-OL0RJzC/CBzli0DrrR31qzj6d6i6Mm3HByuhflhl4LOBiWxN+3i6/t/ZQQNii4tjksXi8r2CRW1wMpWA2ULUEw==",
-      "dev": true,
-      "license": "Apache-2.0",
-      "dependencies": {
-        "@eslint/object-schema": "^2.1.6",
-        "debug": "^4.3.1",
-        "minimatch": "^3.1.2"
-      },
-      "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
-      }
-    },
-    "node_modules/@eslint/config-array/node_modules/brace-expansion": {
-      "version": "1.1.12",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
-      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
-      "dev": true,
-      "license": "MIT",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
-    "node_modules/@eslint/config-array/node_modules/minimatch": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
-      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
-      "dev": true,
-      "license": "ISC",
-      "dependencies": {
-        "brace-expansion": "^1.1.7"
-      },
-      "engines": {
-        "node": "*"
-      }
-    },
-    "node_modules/@eslint/config-helpers": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/@eslint/config-helpers/-/config-helpers-0.2.3.tgz",
-      "integrity": "sha512-u180qk2Um1le4yf0ruXH3PYFeEZeYC3p/4wCTKrr2U1CmGdzGi3KtY0nuPDH48UJxlKCC5RDzbcbh4X0XlqgHg==",
-      "dev": true,
-      "license": "Apache-2.0",
-      "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
-      }
-    },
-    "node_modules/@eslint/core": {
-      "version": "0.14.0",
-      "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.14.0.tgz",
-      "integrity": "sha512-qIbV0/JZr7iSDjqAc60IqbLdsj9GDt16xQtWD+B78d/HAlvysGdZZ6rpJHGAc2T0FQx1X6thsSPdnoiGKdNtdg==",
-      "dev": true,
-      "license": "Apache-2.0",
-      "dependencies": {
-        "@types/json-schema": "^7.0.15"
-      },
-      "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
-      }
-    },
     "node_modules/@eslint/eslintrc": {
-      "version": "3.3.1",
-      "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.3.1.tgz",
-      "integrity": "sha512-gtF186CXhIl1p4pJNGZw8Yc6RlshoePRvE0X91oPGb3vZ8pM3qOS9W9NGPat9LziaBV7XrJWGylNQXkGcnM3IQ==",
+      "version": "2.1.4",
+      "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.4.tgz",
+      "integrity": "sha512-269Z39MS6wVJtsoUl10L60WdkhJVdPG24Q4eZTH3nnF6lpvSShEK3wQjDX9JRWAUPvPh7COouPpU9IrqaZFvtQ==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "ajv": "^6.12.4",
         "debug": "^4.3.2",
-        "espree": "^10.0.1",
-        "globals": "^14.0.0",
+        "espree": "^9.6.0",
+        "globals": "^13.19.0",
         "ignore": "^5.2.0",
         "import-fresh": "^3.2.1",
         "js-yaml": "^4.1.0",
@@ -972,7 +911,7 @@
         "strip-json-comments": "^3.1.1"
       },
       "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
       },
       "funding": {
         "url": "https://opencollective.com/eslint"
@@ -983,7 +922,6 @@
       "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
       "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "balanced-match": "^1.0.0",
         "concat-map": "0.0.1"
@@ -994,7 +932,6 @@
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
       "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
       "dev": true,
-      "license": "ISC",
       "dependencies": {
         "brace-expansion": "^1.1.7"
       },
@@ -1003,53 +940,12 @@
       }
     },
     "node_modules/@eslint/js": {
-      "version": "9.29.0",
-      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.29.0.tgz",
-      "integrity": "sha512-3PIF4cBw/y+1u2EazflInpV+lYsSG0aByVIQzAgb1m1MhHFSbqTyNqtBKHgWf/9Ykud+DhILS9EGkmekVhbKoQ==",
-      "dev": true,
-      "license": "MIT",
-      "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
-      },
-      "funding": {
-        "url": "https://eslint.org/donate"
-      }
-    },
-    "node_modules/@eslint/object-schema": {
-      "version": "2.1.6",
-      "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.6.tgz",
-      "integrity": "sha512-RBMg5FRL0I0gs51M/guSAj5/e14VQ4tpZnQNWwuDT66P14I43ItmPfIZRhO9fUVIPOAQXU47atlywZ/czoqFPA==",
-      "dev": true,
-      "license": "Apache-2.0",
-      "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
-      }
-    },
-    "node_modules/@eslint/plugin-kit": {
-      "version": "0.3.2",
-      "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.3.2.tgz",
-      "integrity": "sha512-4SaFZCNfJqvk/kenHpI8xvN42DMaoycy4PzKc5otHxRswww1kAt82OlBuwRVLofCACCTZEcla2Ydxv8scMXaTg==",
-      "dev": true,
-      "license": "Apache-2.0",
-      "dependencies": {
-        "@eslint/core": "^0.15.0",
-        "levn": "^0.4.1"
-      },
-      "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
-      }
-    },
-    "node_modules/@eslint/plugin-kit/node_modules/@eslint/core": {
-      "version": "0.15.0",
-      "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.15.0.tgz",
-      "integrity": "sha512-b7ePw78tEWWkpgZCDYkbqDOP8dmM6qe+AOC6iuJqlq1R/0ahMAeH3qynpnqKFGkMltrp44ohV4ubGyvLX28tzw==",
+      "version": "8.57.1",
+      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.57.1.tgz",
+      "integrity": "sha512-d9zaMRSTIKDLhctzH12MtXvJKSSUhaHcjV+2Z+GK+EEY7XKpP5yR4x+N3TAcHTcu963nIr+TMcCb4DBCYX1z6Q==",
       "dev": true,
-      "license": "Apache-2.0",
-      "dependencies": {
-        "@types/json-schema": "^7.0.15"
-      },
       "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
       }
     },
     "node_modules/@fastify/busboy": {
@@ -1138,42 +1034,41 @@
         "zod": "^3.19.1"
       }
     },
-    "node_modules/@humanfs/core": {
-      "version": "0.19.1",
-      "resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz",
-      "integrity": "sha512-5DyQ4+1JEUzejeK1JGICcideyfUbGixgS9jNgex5nqkW+cY7WZhxBigmieN5Qnw9ZosSNVC9KQKyb+GUaGyKUA==",
+    "node_modules/@humanwhocodes/config-array": {
+      "version": "0.13.0",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.13.0.tgz",
+      "integrity": "sha512-DZLEEqFWQFiyK6h5YIeynKx7JlvCYWL0cImfSRXZ9l4Sg2efkFGTuFf6vzXjK1cq6IYkU+Eg/JizXw+TD2vRNw==",
+      "deprecated": "Use @eslint/config-array instead",
       "dev": true,
-      "license": "Apache-2.0",
+      "dependencies": {
+        "@humanwhocodes/object-schema": "^2.0.3",
+        "debug": "^4.3.1",
+        "minimatch": "^3.0.5"
+      },
       "engines": {
-        "node": ">=18.18.0"
+        "node": ">=10.10.0"
       }
     },
-    "node_modules/@humanfs/node": {
-      "version": "0.16.6",
-      "resolved": "https://registry.npmjs.org/@humanfs/node/-/node-0.16.6.tgz",
-      "integrity": "sha512-YuI2ZHQL78Q5HbhDiBA1X4LmYdXCKCMQIfw0pw7piHJwyREFebJUvrQN4cMssyES6x+vfUbx1CIpaQUKYdQZOw==",
+    "node_modules/@humanwhocodes/config-array/node_modules/brace-expansion": {
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
       "dev": true,
-      "license": "Apache-2.0",
       "dependencies": {
-        "@humanfs/core": "^0.19.1",
-        "@humanwhocodes/retry": "^0.3.0"
-      },
-      "engines": {
-        "node": ">=18.18.0"
+        "balanced-match": "^1.0.0",
+        "concat-map": "0.0.1"
       }
     },
-    "node_modules/@humanfs/node/node_modules/@humanwhocodes/retry": {
-      "version": "0.3.1",
-      "resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.3.1.tgz",
-      "integrity": "sha512-JBxkERygn7Bv/GbN5Rv8Ul6LVknS+5Bp6RgDC/O8gEBU/yeH5Ui5C/OlWrTb6qct7LjjfT6Re2NxB0ln0yYybA==",
+    "node_modules/@humanwhocodes/config-array/node_modules/minimatch": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
+      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
       "dev": true,
-      "license": "Apache-2.0",
-      "engines": {
-        "node": ">=18.18"
+      "dependencies": {
+        "brace-expansion": "^1.1.7"
       },
-      "funding": {
-        "type": "github",
-        "url": "https://github.com/sponsors/nzakas"
+      "engines": {
+        "node": "*"
       }
     },
     "node_modules/@humanwhocodes/module-importer": {
@@ -1188,19 +1083,12 @@
         "url": "https://github.com/sponsors/nzakas"
       }
     },
-    "node_modules/@humanwhocodes/retry": {
-      "version": "0.4.3",
-      "resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.3.tgz",
-      "integrity": "sha512-bV0Tgo9K4hfPCek+aMAn81RppFKv2ySDQeMoSZuvTASywNTnVJCArCZE2FWqpvIatKu7VMRLWlR1EazvVhDyhQ==",
-      "dev": true,
-      "license": "Apache-2.0",
-      "engines": {
-        "node": ">=18.18"
-      },
-      "funding": {
-        "type": "github",
-        "url": "https://github.com/sponsors/nzakas"
-      }
+    "node_modules/@humanwhocodes/object-schema": {
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.3.tgz",
+      "integrity": "sha512-93zYdMES/c1D69yZiKDBj0V24vqNzB/koF26KPaagAfd3P/4gUlh3Dys5ogAK+Exi9QyzlD8x/08Zt7wIKcDcA==",
+      "deprecated": "Use @eslint/object-schema instead",
+      "dev": true
     },
     "node_modules/@ioredis/commands": {
       "version": "1.2.0",
@@ -1691,6 +1579,42 @@
         "url": "https://opencollective.com/parcel"
       }
     },
+    "node_modules/@peculiar/asn1-schema": {
+      "version": "2.4.0",
+      "resolved": "https://registry.npmjs.org/@peculiar/asn1-schema/-/asn1-schema-2.4.0.tgz",
+      "integrity": "sha512-umbembjIWOrPSOzEGG5vxFLkeM8kzIhLkgigtsOrfLKnuzxWxejAcUX+q/SoZCdemlODOcr5WiYa7+dIEzBXZQ==",
+      "dependencies": {
+        "asn1js": "^3.0.6",
+        "pvtsutils": "^1.3.6",
+        "tslib": "^2.8.1"
+      }
+    },
+    "node_modules/@peculiar/json-schema": {
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/@peculiar/json-schema/-/json-schema-1.1.12.tgz",
+      "integrity": "sha512-coUfuoMeIB7B8/NMekxaDzLhaYmp0HZNPEjYRm9goRou8UZIC3z21s0sL9AWoCw4EG876QyO3kYrc61WNF9B/w==",
+      "dependencies": {
+        "tslib": "^2.0.0"
+      },
+      "engines": {
+        "node": ">=8.0.0"
+      }
+    },
+    "node_modules/@peculiar/webcrypto": {
+      "version": "1.5.0",
+      "resolved": "https://registry.npmjs.org/@peculiar/webcrypto/-/webcrypto-1.5.0.tgz",
+      "integrity": "sha512-BRs5XUAwiyCDQMsVA9IDvDa7UBR9gAvPHgugOeGng3YN6vJ9JYonyDc0lNczErgtCWtucjR5N7VtaonboD/ezg==",
+      "dependencies": {
+        "@peculiar/asn1-schema": "^2.3.8",
+        "@peculiar/json-schema": "^1.1.12",
+        "pvtsutils": "^1.3.5",
+        "tslib": "^2.6.2",
+        "webcrypto-core": "^1.8.0"
+      },
+      "engines": {
+        "node": ">=10.12.0"
+      }
+    },
     "node_modules/@pkgjs/parseargs": {
       "version": "0.11.0",
       "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz",
@@ -4054,6 +3978,14 @@
         "url": "https://github.com/sponsors/tannerlinsley"
       }
     },
+    "node_modules/@types/accepts": {
+      "version": "1.3.7",
+      "resolved": "https://registry.npmjs.org/@types/accepts/-/accepts-1.3.7.tgz",
+      "integrity": "sha512-Pay9fq2lM2wXPWbteBsRAGiWH2hig4ZE2asK+mm7kUzlxRTfL961rj89I6zV/E3PcIkDqyuBEcMxFT7rccugeQ==",
+      "dependencies": {
+        "@types/node": "*"
+      }
+    },
     "node_modules/@types/babel__core": {
       "version": "7.20.5",
       "license": "MIT",
@@ -4088,6 +4020,15 @@
         "@babel/types": "^7.20.7"
       }
     },
+    "node_modules/@types/body-parser": {
+      "version": "1.19.6",
+      "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.6.tgz",
+      "integrity": "sha512-HLFeCYgz89uk22N5Qg3dvGvsv46B8GLvKKo1zKG4NybA8U2DiEO3w9lqGg29t/tfLRJpJ6iQxnVw4OnB7MoM9g==",
+      "dependencies": {
+        "@types/connect": "*",
+        "@types/node": "*"
+      }
+    },
     "node_modules/@types/braces": {
       "version": "3.0.4",
       "resolved": "https://registry.npmjs.org/@types/braces/-/braces-3.0.4.tgz",
@@ -4118,6 +4059,35 @@
         "undici-types": "~5.26.4"
       }
     },
+    "node_modules/@types/connect": {
+      "version": "3.4.38",
+      "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.38.tgz",
+      "integrity": "sha512-K6uROf1LD88uDQqJCktA4yzL1YYAK6NgfsI0v/mTgyPKWsX1CnJ0XPSDhViejru1GcRkLWb8RlzFYJRqGUbaug==",
+      "dependencies": {
+        "@types/node": "*"
+      }
+    },
+    "node_modules/@types/content-disposition": {
+      "version": "0.5.9",
+      "resolved": "https://registry.npmjs.org/@types/content-disposition/-/content-disposition-0.5.9.tgz",
+      "integrity": "sha512-8uYXI3Gw35MhiVYhG3s295oihrxRyytcRHjSjqnqZVDDy/xcGBRny7+Xj1Wgfhv5QzRtN2hB2dVRBUX9XW3UcQ=="
+    },
+    "node_modules/@types/cookie": {
+      "version": "0.5.4",
+      "resolved": "https://registry.npmjs.org/@types/cookie/-/cookie-0.5.4.tgz",
+      "integrity": "sha512-7z/eR6O859gyWIAjuvBWFzNURmf2oPBmJlfVWkwehU5nzIyjwBsTh7WMmEEV4JFnHuQ3ex4oyTvfKzcyJVDBNA=="
+    },
+    "node_modules/@types/cookies": {
+      "version": "0.9.1",
+      "resolved": "https://registry.npmjs.org/@types/cookies/-/cookies-0.9.1.tgz",
+      "integrity": "sha512-E/DPgzifH4sM1UMadJMWd6mO2jOd4g1Ejwzx8/uRCDpJis1IrlyQEcGAYEomtAqRYmD5ORbNXMeI9U0RiVGZbg==",
+      "dependencies": {
+        "@types/connect": "*",
+        "@types/express": "*",
+        "@types/keygrip": "*",
+        "@types/node": "*"
+      }
+    },
     "node_modules/@types/debug": {
       "version": "4.1.12",
       "resolved": "https://registry.npmjs.org/@types/debug/-/debug-4.1.12.tgz",
@@ -4133,10 +4103,70 @@
       "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==",
       "license": "MIT"
     },
+    "node_modules/@types/express": {
+      "version": "4.17.23",
+      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.23.tgz",
+      "integrity": "sha512-Crp6WY9aTYP3qPi2wGDo9iUe/rceX01UMhnF1jmwDcKCFM6cx7YhGP/Mpr3y9AASpfHixIG0E6azCcL5OcDHsQ==",
+      "dependencies": {
+        "@types/body-parser": "*",
+        "@types/express-serve-static-core": "^4.17.33",
+        "@types/qs": "*",
+        "@types/serve-static": "*"
+      }
+    },
+    "node_modules/@types/express-serve-static-core": {
+      "version": "4.19.6",
+      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.19.6.tgz",
+      "integrity": "sha512-N4LZ2xG7DatVqhCZzOGb1Yi5lMbXSZcmdLDe9EzSndPV2HpWYWzRbaerl2n27irrm94EPpprqa8KpskPT085+A==",
+      "dependencies": {
+        "@types/node": "*",
+        "@types/qs": "*",
+        "@types/range-parser": "*",
+        "@types/send": "*"
+      }
+    },
+    "node_modules/@types/http-assert": {
+      "version": "1.5.6",
+      "resolved": "https://registry.npmjs.org/@types/http-assert/-/http-assert-1.5.6.tgz",
+      "integrity": "sha512-TTEwmtjgVbYAzZYWyeHPrrtWnfVkm8tQkP8P21uQifPgMRgjrow3XDEYqucuC8SKZJT7pUnhU/JymvjggxO9vw=="
+    },
+    "node_modules/@types/http-errors": {
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.5.tgz",
+      "integrity": "sha512-r8Tayk8HJnX0FztbZN7oVqGccWgw98T/0neJphO91KkmOzug1KkofZURD4UaD5uH8AqcFLfdPErnBod0u71/qg=="
+    },
     "node_modules/@types/json-schema": {
       "version": "7.0.15",
       "license": "MIT"
     },
+    "node_modules/@types/keygrip": {
+      "version": "1.0.6",
+      "resolved": "https://registry.npmjs.org/@types/keygrip/-/keygrip-1.0.6.tgz",
+      "integrity": "sha512-lZuNAY9xeJt7Bx4t4dx0rYCDqGPW8RXhQZK1td7d4H6E9zYbLoOtjBvfwdTKpsyxQI/2jv+armjX/RW+ZNpXOQ=="
+    },
+    "node_modules/@types/koa": {
+      "version": "2.15.0",
+      "resolved": "https://registry.npmjs.org/@types/koa/-/koa-2.15.0.tgz",
+      "integrity": "sha512-7QFsywoE5URbuVnG3loe03QXuGajrnotr3gQkXcEBShORai23MePfFYdhz90FEtBBpkyIYQbVD+evKtloCgX3g==",
+      "dependencies": {
+        "@types/accepts": "*",
+        "@types/content-disposition": "*",
+        "@types/cookies": "*",
+        "@types/http-assert": "*",
+        "@types/http-errors": "*",
+        "@types/keygrip": "*",
+        "@types/koa-compose": "*",
+        "@types/node": "*"
+      }
+    },
+    "node_modules/@types/koa-compose": {
+      "version": "3.2.8",
+      "resolved": "https://registry.npmjs.org/@types/koa-compose/-/koa-compose-3.2.8.tgz",
+      "integrity": "sha512-4Olc63RY+MKvxMwVknCUDhRQX1pFQoBZ/lXcRLP69PQkEpze/0cr8LNqJQe5NFb/b19DWi2a5bTi2VAlQzhJuA==",
+      "dependencies": {
+        "@types/koa": "*"
+      }
+    },
     "node_modules/@types/micromatch": {
       "version": "4.0.7",
       "resolved": "https://registry.npmjs.org/@types/micromatch/-/micromatch-4.0.7.tgz",
@@ -4145,6 +4175,11 @@
         "@types/braces": "*"
       }
     },
+    "node_modules/@types/mime": {
+      "version": "1.3.5",
+      "resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz",
+      "integrity": "sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w=="
+    },
     "node_modules/@types/ms": {
       "version": "0.7.34",
       "resolved": "https://registry.npmjs.org/@types/ms/-/ms-0.7.34.tgz",
@@ -4153,7 +4188,6 @@
     },
     "node_modules/@types/node": {
       "version": "20.12.5",
-      "devOptional": true,
       "license": "MIT",
       "dependencies": {
         "undici-types": "~5.26.4"
@@ -4164,6 +4198,16 @@
       "devOptional": true,
       "license": "MIT"
     },
+    "node_modules/@types/qs": {
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.14.0.tgz",
+      "integrity": "sha512-eOunJqu0K1923aExK6y8p6fsihYEn/BYuQ4g0CxAAgFc4b/ZLN4CrsRZ55srTdqoiLzU2B2evC+apEIxprEzkQ=="
+    },
+    "node_modules/@types/range-parser": {
+      "version": "1.2.7",
+      "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz",
+      "integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ=="
+    },
     "node_modules/@types/react": {
       "version": "18.2.74",
       "devOptional": true,
@@ -4192,6 +4236,25 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/@types/send": {
+      "version": "0.17.5",
+      "resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.5.tgz",
+      "integrity": "sha512-z6F2D3cOStZvuk2SaP6YrwkNO65iTZcwA2ZkSABegdkAh/lf+Aa/YQndZVfmEXT5vgAp6zv06VQ3ejSVjAny4w==",
+      "dependencies": {
+        "@types/mime": "^1",
+        "@types/node": "*"
+      }
+    },
+    "node_modules/@types/serve-static": {
+      "version": "1.15.8",
+      "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.8.tgz",
+      "integrity": "sha512-roei0UY3LhpOJvjbIP6ZZFngyLKl5dskOtDhxY5THRSpO+ZI+nzJ+m5yUMzGrp89YRa7lvknKkMYjqQFGwA7Sg==",
+      "dependencies": {
+        "@types/http-errors": "*",
+        "@types/node": "*",
+        "@types/send": "*"
+      }
+    },
     "node_modules/@types/ws": {
       "version": "8.5.10",
       "dev": true,
@@ -4386,6 +4449,12 @@
         "url": "https://opencollective.com/typescript-eslint"
       }
     },
+    "node_modules/@ungap/structured-clone": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/@ungap/structured-clone/-/structured-clone-1.3.0.tgz",
+      "integrity": "sha512-WmoN8qaIAo7WTYWbAZuG8PYEhn5fkz7dZrqTBZ7dtt//lL2Gwms1IcnQ5yHqjDfX8Ft5j4YzDM23f87zBfDe9g==",
+      "dev": true
+    },
     "node_modules/@vercel/nft": {
       "version": "0.29.2",
       "resolved": "https://registry.npmjs.org/@vercel/nft/-/nft-0.29.2.tgz",
@@ -4465,6 +4534,29 @@
         "vite": "^4.2.0 || ^5.0.0 || ^6.0.0"
       }
     },
+    "node_modules/@workos-inc/node": {
+      "version": "7.69.1",
+      "resolved": "https://registry.npmjs.org/@workos-inc/node/-/node-7.69.1.tgz",
+      "integrity": "sha512-ml2TqUHjUVkubq4EnIIM1O1g+eR0ctKnpdHUJntG/1PuVt64CfntJrAUi/5ePgR4d12EeXunHyjOTK75k+f9Ww==",
+      "dependencies": {
+        "iron-session": "~6.3.1",
+        "jose": "~5.6.3",
+        "leb": "^1.0.0",
+        "pluralize": "8.0.0",
+        "qs": "6.14.0"
+      },
+      "engines": {
+        "node": ">=16"
+      }
+    },
+    "node_modules/@workos-inc/node/node_modules/jose": {
+      "version": "5.6.3",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-5.6.3.tgz",
+      "integrity": "sha512-1Jh//hEEwMhNYPDDLwXHa2ePWgWiFNNUadVmguAAw2IJ6sj9mNxV5tGXJNqlMkJAybF6Lgw1mISDxTePP/187g==",
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
     "node_modules/abbrev": {
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-3.0.0.tgz",
@@ -4509,7 +4601,6 @@
       "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz",
       "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==",
       "dev": true,
-      "license": "MIT",
       "peerDependencies": {
         "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0"
       }
@@ -4535,7 +4626,6 @@
       "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
       "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -4700,6 +4790,19 @@
         "printable-characters": "^1.0.42"
       }
     },
+    "node_modules/asn1js": {
+      "version": "3.0.6",
+      "resolved": "https://registry.npmjs.org/asn1js/-/asn1js-3.0.6.tgz",
+      "integrity": "sha512-UOCGPYbl0tv8+006qks/dTgV9ajs97X2p0FAbyS2iyCRrmLSRolDaHdp+v/CLgnzHc3fVB+CwYiUmei7ndFcgA==",
+      "dependencies": {
+        "pvtsutils": "^1.3.6",
+        "pvutils": "^1.1.3",
+        "tslib": "^2.8.1"
+      },
+      "engines": {
+        "node": ">=12.0.0"
+      }
+    },
     "node_modules/async": {
       "version": "3.2.6",
       "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz",
@@ -5053,12 +5156,38 @@
         "url": "https://paulmillr.com/funding/"
       }
     },
+    "node_modules/call-bind-apply-helpers": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz",
+      "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==",
+      "dependencies": {
+        "es-errors": "^1.3.0",
+        "function-bind": "^1.1.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/call-bound": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz",
+      "integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==",
+      "dependencies": {
+        "call-bind-apply-helpers": "^1.0.2",
+        "get-intrinsic": "^1.3.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/callsites": {
       "version": "3.1.0",
       "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz",
       "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==",
       "dev": true,
-      "license": "MIT",
       "engines": {
         "node": ">=6"
       }
@@ -5604,6 +5733,18 @@
         "node": ">=8"
       }
     },
+    "node_modules/doctrine": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-3.0.0.tgz",
+      "integrity": "sha512-yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w==",
+      "dev": true,
+      "dependencies": {
+        "esutils": "^2.0.2"
+      },
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
     "node_modules/dot-prop": {
       "version": "9.0.0",
       "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-9.0.0.tgz",
@@ -5653,6 +5794,19 @@
         "node": ">=0.10"
       }
     },
+    "node_modules/dunder-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz",
+      "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==",
+      "dependencies": {
+        "call-bind-apply-helpers": "^1.0.1",
+        "es-errors": "^1.3.0",
+        "gopd": "^1.2.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/duplexer": {
       "version": "0.1.2",
       "resolved": "https://registry.npmjs.org/duplexer/-/duplexer-0.1.2.tgz",
@@ -5696,11 +5850,38 @@
         "node": ">=10.13.0"
       }
     },
+    "node_modules/es-define-property": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz",
+      "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==",
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/es-errors": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz",
+      "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==",
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/es-module-lexer": {
       "version": "1.5.0",
       "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.5.0.tgz",
       "integrity": "sha512-pqrTKmwEIgafsYZAGw9kszYzmagcE/n4dbgwGWLEXg7J4QFJVQRBld8j3Q3GNez79jzxZshq0bcT962QHOghjw=="
     },
+    "node_modules/es-object-atoms": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz",
+      "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==",
+      "dependencies": {
+        "es-errors": "^1.3.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/esbuild": {
       "version": "0.24.2",
       "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.24.2.tgz",
@@ -6095,64 +6276,59 @@
       }
     },
     "node_modules/eslint": {
-      "version": "9.29.0",
-      "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.29.0.tgz",
-      "integrity": "sha512-GsGizj2Y1rCWDu6XoEekL3RLilp0voSePurjZIkxL3wlm5o5EC9VpgaP7lrCvjnkuLvzFBQWB3vWB3K5KQTveQ==",
+      "version": "8.57.1",
+      "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.57.1.tgz",
+      "integrity": "sha512-ypowyDxpVSYpkXr9WPv2PAZCtNip1Mv5KTW0SCurXv/9iOpcrH9PaqUElksqEB6pChqHGDRCFTyrZlGhnLNGiA==",
+      "deprecated": "This version is no longer supported. Please see https://eslint.org/version-support for other options.",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "@eslint-community/eslint-utils": "^4.2.0",
-        "@eslint-community/regexpp": "^4.12.1",
-        "@eslint/config-array": "^0.20.1",
-        "@eslint/config-helpers": "^0.2.1",
-        "@eslint/core": "^0.14.0",
-        "@eslint/eslintrc": "^3.3.1",
-        "@eslint/js": "9.29.0",
-        "@eslint/plugin-kit": "^0.3.1",
-        "@humanfs/node": "^0.16.6",
+        "@eslint-community/regexpp": "^4.6.1",
+        "@eslint/eslintrc": "^2.1.4",
+        "@eslint/js": "8.57.1",
+        "@humanwhocodes/config-array": "^0.13.0",
         "@humanwhocodes/module-importer": "^1.0.1",
-        "@humanwhocodes/retry": "^0.4.2",
-        "@types/estree": "^1.0.6",
-        "@types/json-schema": "^7.0.15",
+        "@nodelib/fs.walk": "^1.2.8",
+        "@ungap/structured-clone": "^1.2.0",
         "ajv": "^6.12.4",
         "chalk": "^4.0.0",
-        "cross-spawn": "^7.0.6",
+        "cross-spawn": "^7.0.2",
         "debug": "^4.3.2",
+        "doctrine": "^3.0.0",
         "escape-string-regexp": "^4.0.0",
-        "eslint-scope": "^8.4.0",
-        "eslint-visitor-keys": "^4.2.1",
-        "espree": "^10.4.0",
-        "esquery": "^1.5.0",
+        "eslint-scope": "^7.2.2",
+        "eslint-visitor-keys": "^3.4.3",
+        "espree": "^9.6.1",
+        "esquery": "^1.4.2",
         "esutils": "^2.0.2",
         "fast-deep-equal": "^3.1.3",
-        "file-entry-cache": "^8.0.0",
+        "file-entry-cache": "^6.0.1",
         "find-up": "^5.0.0",
         "glob-parent": "^6.0.2",
+        "globals": "^13.19.0",
+        "graphemer": "^1.4.0",
         "ignore": "^5.2.0",
         "imurmurhash": "^0.1.4",
         "is-glob": "^4.0.0",
+        "is-path-inside": "^3.0.3",
+        "js-yaml": "^4.1.0",
         "json-stable-stringify-without-jsonify": "^1.0.1",
+        "levn": "^0.4.1",
         "lodash.merge": "^4.6.2",
         "minimatch": "^3.1.2",
         "natural-compare": "^1.4.0",
-        "optionator": "^0.9.3"
+        "optionator": "^0.9.3",
+        "strip-ansi": "^6.0.1",
+        "text-table": "^0.2.0"
       },
       "bin": {
         "eslint": "bin/eslint.js"
       },
       "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
       },
       "funding": {
-        "url": "https://eslint.org/donate"
-      },
-      "peerDependencies": {
-        "jiti": "*"
-      },
-      "peerDependenciesMeta": {
-        "jiti": {
-          "optional": true
-        }
+        "url": "https://opencollective.com/eslint"
       }
     },
     "node_modules/eslint-plugin-react-hooks": {
@@ -6175,17 +6351,16 @@
       }
     },
     "node_modules/eslint-scope": {
-      "version": "8.4.0",
-      "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-8.4.0.tgz",
-      "integrity": "sha512-sNXOfKCn74rt8RICKMvJS7XKV/Xk9kA7DyJr8mJik3S7Cwgy3qlkkmyS2uQB3jiJg6VNdZd/pDBJu0nvG2NlTg==",
+      "version": "7.2.2",
+      "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.2.2.tgz",
+      "integrity": "sha512-dOt21O7lTMhDM+X9mB4GX+DZrZtCUJPL/wlcTqxyrx5IvO0IYtILdtrQGQp+8n5S0gwSVmOf9NQrjMOgfQZlIg==",
       "dev": true,
-      "license": "BSD-2-Clause",
       "dependencies": {
         "esrecurse": "^4.3.0",
         "estraverse": "^5.2.0"
       },
       "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
       },
       "funding": {
         "url": "https://opencollective.com/eslint"
@@ -6202,19 +6377,6 @@
         "url": "https://opencollective.com/eslint"
       }
     },
-    "node_modules/eslint/node_modules/eslint-visitor-keys": {
-      "version": "4.2.1",
-      "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.1.tgz",
-      "integrity": "sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ==",
-      "dev": true,
-      "license": "Apache-2.0",
-      "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
-      },
-      "funding": {
-        "url": "https://opencollective.com/eslint"
-      }
-    },
     "node_modules/eslint/node_modules/minimatch": {
       "version": "3.1.2",
       "dev": true,
@@ -6236,31 +6398,17 @@
       }
     },
     "node_modules/espree": {
-      "version": "10.4.0",
-      "resolved": "https://registry.npmjs.org/espree/-/espree-10.4.0.tgz",
-      "integrity": "sha512-j6PAQ2uUr79PZhBjP5C5fhl8e39FmRnOjsD5lGnWrFU8i2G776tBK7+nP8KuQUTTyAZUwfQqXAgrVH5MbH9CYQ==",
+      "version": "9.6.1",
+      "resolved": "https://registry.npmjs.org/espree/-/espree-9.6.1.tgz",
+      "integrity": "sha512-oruZaFkjorTpF32kDSI5/75ViwGeZginGGy2NoOSg3Q9bnwlnmDm4HLnkl0RE3n+njDXR037aY1+x58Z/zFdwQ==",
       "dev": true,
-      "license": "BSD-2-Clause",
       "dependencies": {
-        "acorn": "^8.15.0",
+        "acorn": "^8.9.0",
         "acorn-jsx": "^5.3.2",
-        "eslint-visitor-keys": "^4.2.1"
-      },
-      "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+        "eslint-visitor-keys": "^3.4.1"
       },
-      "funding": {
-        "url": "https://opencollective.com/eslint"
-      }
-    },
-    "node_modules/espree/node_modules/eslint-visitor-keys": {
-      "version": "4.2.1",
-      "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.1.tgz",
-      "integrity": "sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ==",
-      "dev": true,
-      "license": "Apache-2.0",
       "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
       },
       "funding": {
         "url": "https://opencollective.com/eslint"
@@ -6282,7 +6430,6 @@
       "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz",
       "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==",
       "dev": true,
-      "license": "BSD-2-Clause",
       "dependencies": {
         "estraverse": "^5.2.0"
       },
@@ -6383,8 +6530,7 @@
       "version": "3.1.3",
       "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
       "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==",
-      "dev": true,
-      "license": "MIT"
+      "dev": true
     },
     "node_modules/fast-fifo": {
       "version": "1.3.2",
@@ -6420,8 +6566,7 @@
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz",
       "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==",
-      "dev": true,
-      "license": "MIT"
+      "dev": true
     },
     "node_modules/fast-levenshtein": {
       "version": "2.0.6",
@@ -6450,16 +6595,15 @@
       }
     },
     "node_modules/file-entry-cache": {
-      "version": "8.0.0",
-      "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-8.0.0.tgz",
-      "integrity": "sha512-XXTUwCvisa5oacNGRP9SfNtYBNAMi+RPwBFmblZEF7N7swHYQS6/Zfk7SRwx4D5j3CH211YNRco1DEMNVfZCnQ==",
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-6.0.1.tgz",
+      "integrity": "sha512-7Gps/XWymbLk2QLYK4NzpMOrYjMhdIxXuIvy2QBsLE6ljuodKvdkWs/cpyJJ3CVIVpH0Oi1Hvg1ovbMzLdFBBg==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
-        "flat-cache": "^4.0.0"
+        "flat-cache": "^3.0.4"
       },
       "engines": {
-        "node": ">=16.0.0"
+        "node": "^10.12.0 || >=12.0.0"
       }
     },
     "node_modules/file-uri-to-path": {
@@ -6494,25 +6638,24 @@
       }
     },
     "node_modules/flat-cache": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-4.0.1.tgz",
-      "integrity": "sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==",
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.2.0.tgz",
+      "integrity": "sha512-CYcENa+FtcUKLmhhqyctpclsq7QF38pKjZHsGNiSQF5r4FtoKDWabFDl3hzaEQMvT1LHEysw5twgLvpYYb4vbw==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "flatted": "^3.2.9",
-        "keyv": "^4.5.4"
+        "keyv": "^4.5.3",
+        "rimraf": "^3.0.2"
       },
       "engines": {
-        "node": ">=16"
+        "node": "^10.12.0 || >=12.0.0"
       }
     },
     "node_modules/flatted": {
       "version": "3.3.3",
       "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.3.tgz",
       "integrity": "sha512-GX+ysw4PBCz0PzosHDepZGANEuFCMLrnRTiEy9McGjmkCQYwRq4A/X786G/fjM/+OjsWSU1ZrY5qyARZmO/uwg==",
-      "dev": true,
-      "license": "ISC"
+      "dev": true
     },
     "node_modules/follow-redirects": {
       "version": "1.15.6",
@@ -6606,6 +6749,29 @@
         "node": "6.* || 8.* || >= 10.*"
       }
     },
+    "node_modules/get-intrinsic": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz",
+      "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==",
+      "dependencies": {
+        "call-bind-apply-helpers": "^1.0.2",
+        "es-define-property": "^1.0.1",
+        "es-errors": "^1.3.0",
+        "es-object-atoms": "^1.1.1",
+        "function-bind": "^1.1.2",
+        "get-proto": "^1.0.1",
+        "gopd": "^1.2.0",
+        "has-symbols": "^1.1.0",
+        "hasown": "^2.0.2",
+        "math-intrinsics": "^1.1.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/get-nonce": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/get-nonce/-/get-nonce-1.0.1.tgz",
@@ -6619,6 +6785,18 @@
       "resolved": "https://registry.npmjs.org/get-port-please/-/get-port-please-3.1.2.tgz",
       "integrity": "sha512-Gxc29eLs1fbn6LQ4jSU4vXjlwyZhF5HsGuMAa7gqBP4Rw4yxxltyDUuF5MBclFzDTXO+ACchGQoeela4DSfzdQ=="
     },
+    "node_modules/get-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz",
+      "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==",
+      "dependencies": {
+        "dunder-proto": "^1.0.1",
+        "es-object-atoms": "^1.0.0"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/get-source": {
       "version": "2.0.12",
       "dev": true,
@@ -6721,13 +6899,15 @@
       }
     },
     "node_modules/globals": {
-      "version": "14.0.0",
-      "resolved": "https://registry.npmjs.org/globals/-/globals-14.0.0.tgz",
-      "integrity": "sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==",
+      "version": "13.24.0",
+      "resolved": "https://registry.npmjs.org/globals/-/globals-13.24.0.tgz",
+      "integrity": "sha512-AhO5QUcj8llrbG09iWhPU2B204J1xnPeL8kQmVorSsy+Sjj1sk8gIyh6cUocGmH4L0UuhAJy+hJMRA4mgA4mFQ==",
       "dev": true,
-      "license": "MIT",
+      "dependencies": {
+        "type-fest": "^0.20.2"
+      },
       "engines": {
-        "node": ">=18"
+        "node": ">=8"
       },
       "funding": {
         "url": "https://github.com/sponsors/sindresorhus"
@@ -6761,6 +6941,17 @@
         "csstype": "^3.0.10"
       }
     },
+    "node_modules/gopd": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz",
+      "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/graceful-fs": {
       "version": "4.2.11",
       "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz",
@@ -6810,6 +7001,17 @@
         "node": ">=8"
       }
     },
+    "node_modules/has-symbols": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz",
+      "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/hasown": {
       "version": "2.0.2",
       "license": "MIT",
@@ -6996,7 +7198,6 @@
       "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.1.tgz",
       "integrity": "sha512-TR3KfrTZTYLPB6jUjfx6MF9WcWrHL9su5TObK4ZkYgBdWKPOFoSoQIdEuTuR82pmtxH2spWG9h6etwfr1pLBqQ==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "parent-module": "^1.0.0",
         "resolve-from": "^4.0.0"
@@ -7069,6 +7270,63 @@
         "url": "https://opencollective.com/ioredis"
       }
     },
+    "node_modules/iron-session": {
+      "version": "6.3.1",
+      "resolved": "https://registry.npmjs.org/iron-session/-/iron-session-6.3.1.tgz",
+      "integrity": "sha512-3UJ7y2vk/WomAtEySmPgM6qtYF1cZ3tXuWX5GsVX4PJXAcs5y/sV9HuSfpjKS6HkTL/OhZcTDWJNLZ7w+Erx3A==",
+      "dependencies": {
+        "@peculiar/webcrypto": "^1.4.0",
+        "@types/cookie": "^0.5.1",
+        "@types/express": "^4.17.13",
+        "@types/koa": "^2.13.5",
+        "@types/node": "^17.0.41",
+        "cookie": "^0.5.0",
+        "iron-webcrypto": "^0.2.5"
+      },
+      "engines": {
+        "node": ">=12"
+      },
+      "peerDependencies": {
+        "express": ">=4",
+        "koa": ">=2",
+        "next": ">=10"
+      },
+      "peerDependenciesMeta": {
+        "express": {
+          "optional": true
+        },
+        "koa": {
+          "optional": true
+        },
+        "next": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/iron-session/node_modules/@types/node": {
+      "version": "17.0.45",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-17.0.45.tgz",
+      "integrity": "sha512-w+tIMs3rq2afQdsPJlODhoUEKzFP1ayaoyl1CcnwtIlsVe7K7bA1NGm4s3PraqTLlXnbIN84zuBlxBWo1u9BLw=="
+    },
+    "node_modules/iron-session/node_modules/cookie": {
+      "version": "0.5.0",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz",
+      "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/iron-session/node_modules/iron-webcrypto": {
+      "version": "0.2.8",
+      "resolved": "https://registry.npmjs.org/iron-webcrypto/-/iron-webcrypto-0.2.8.tgz",
+      "integrity": "sha512-YPdCvjFMOBjXaYuDj5tiHst5CEk6Xw84Jo8Y2+jzhMceclAnb3+vNPP/CTtb5fO2ZEuXEaO4N+w62Vfko757KA==",
+      "dependencies": {
+        "buffer": "^6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/brc-dd"
+      }
+    },
     "node_modules/iron-webcrypto": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/iron-webcrypto/-/iron-webcrypto-1.2.1.tgz",
@@ -7179,6 +7437,15 @@
         "node": ">=0.12.0"
       }
     },
+    "node_modules/is-path-inside": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz",
+      "integrity": "sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=8"
+      }
+    },
     "node_modules/is-reference": {
       "version": "1.2.1",
       "license": "MIT",
@@ -7264,6 +7531,14 @@
         "jiti": "bin/jiti.js"
       }
     },
+    "node_modules/jose": {
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-6.1.0.tgz",
+      "integrity": "sha512-TTQJyoEoKcC1lscpVDCSsVgYzUDg/0Bt3WE//WiTPK6uOCQC2KZS4MpugbMWt/zyjkopgZoXhZuCi00gLudfUA==",
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
     "node_modules/js-tokens": {
       "version": "4.0.0",
       "license": "MIT"
@@ -7293,15 +7568,13 @@
       "version": "3.0.1",
       "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz",
       "integrity": "sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==",
-      "dev": true,
-      "license": "MIT"
+      "dev": true
     },
     "node_modules/json-schema-traverse": {
       "version": "0.4.1",
       "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
       "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==",
-      "dev": true,
-      "license": "MIT"
+      "dev": true
     },
     "node_modules/json-schema-walker": {
       "version": "2.0.0",
@@ -7340,7 +7613,6 @@
       "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz",
       "integrity": "sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "json-buffer": "3.0.1"
       }
@@ -7404,6 +7676,11 @@
         "safe-buffer": "~5.1.0"
       }
     },
+    "node_modules/leb": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/leb/-/leb-1.0.0.tgz",
+      "integrity": "sha512-Y3c3QZfvKWHX60BVOQPhLCvVGmDYWyJEiINE3drOog6KCyN2AOwvuQQzlS3uJg1J85kzpILXIUwRXULWavir+w=="
+    },
     "node_modules/levn": {
       "version": "0.4.1",
       "dev": true,
@@ -7830,6 +8107,14 @@
         "source-map-js": "^1.2.0"
       }
     },
+    "node_modules/math-intrinsics": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz",
+      "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==",
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
     "node_modules/merge-stream": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz",
@@ -8692,6 +8977,17 @@
         "pathe": "^2.0.3"
       }
     },
+    "node_modules/object-inspect": {
+      "version": "1.13.4",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz",
+      "integrity": "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/ofetch": {
       "version": "1.4.1",
       "resolved": "https://registry.npmjs.org/ofetch/-/ofetch-1.4.1.tgz",
@@ -8835,7 +9131,6 @@
       "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz",
       "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==",
       "dev": true,
-      "license": "MIT",
       "dependencies": {
         "callsites": "^3.0.0"
       },
@@ -8861,8 +9156,8 @@
     },
     "node_modules/path-is-absolute": {
       "version": "1.0.1",
+      "devOptional": true,
       "license": "MIT",
-      "optional": true,
       "engines": {
         "node": ">=0.10.0"
       }
@@ -8942,6 +9237,14 @@
         "pathe": "^1.1.0"
       }
     },
+    "node_modules/pluralize": {
+      "version": "8.0.0",
+      "resolved": "https://registry.npmjs.org/pluralize/-/pluralize-8.0.0.tgz",
+      "integrity": "sha512-Nc3IT5yHzflTfbjgqWcCPpo7DaKy4FnpB0l/zCAW0Tc7jxAiuqSxHasntB3D7887LSrA93kDJ9IXovxJYxyLCA==",
+      "engines": {
+        "node": ">=4"
+      }
+    },
     "node_modules/postcss": {
       "version": "8.5.3",
       "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.3.tgz",
@@ -9031,11 +9334,40 @@
       "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz",
       "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==",
       "dev": true,
-      "license": "MIT",
       "engines": {
         "node": ">=6"
       }
     },
+    "node_modules/pvtsutils": {
+      "version": "1.3.6",
+      "resolved": "https://registry.npmjs.org/pvtsutils/-/pvtsutils-1.3.6.tgz",
+      "integrity": "sha512-PLgQXQ6H2FWCaeRak8vvk1GW462lMxB5s3Jm673N82zI4vqtVUPuZdffdZbPDFRoU8kAhItWFtPCWiPpp4/EDg==",
+      "dependencies": {
+        "tslib": "^2.8.1"
+      }
+    },
+    "node_modules/pvutils": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/pvutils/-/pvutils-1.1.3.tgz",
+      "integrity": "sha512-pMpnA0qRdFp32b1sJl1wOJNxZLQ2cbQx+k6tjNtZ8CpvVhNqEPRgivZ2WOUev2YMajecdH7ctUPDvEe87nariQ==",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/qs": {
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz",
+      "integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==",
+      "dependencies": {
+        "side-channel": "^1.1.0"
+      },
+      "engines": {
+        "node": ">=0.6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/quansync": {
       "version": "0.2.10",
       "resolved": "https://registry.npmjs.org/quansync/-/quansync-0.2.10.tgz",
@@ -9302,7 +9634,6 @@
       "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz",
       "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==",
       "dev": true,
-      "license": "MIT",
       "engines": {
         "node": ">=4"
       }
@@ -9323,6 +9654,65 @@
         "node": ">=0.10.0"
       }
     },
+    "node_modules/rimraf": {
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
+      "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
+      "deprecated": "Rimraf versions prior to v4 are no longer supported",
+      "dev": true,
+      "dependencies": {
+        "glob": "^7.1.3"
+      },
+      "bin": {
+        "rimraf": "bin.js"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/rimraf/node_modules/brace-expansion": {
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+      "dev": true,
+      "dependencies": {
+        "balanced-match": "^1.0.0",
+        "concat-map": "0.0.1"
+      }
+    },
+    "node_modules/rimraf/node_modules/glob": {
+      "version": "7.2.3",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
+      "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
+      "deprecated": "Glob versions prior to v9 are no longer supported",
+      "dev": true,
+      "dependencies": {
+        "fs.realpath": "^1.0.0",
+        "inflight": "^1.0.4",
+        "inherits": "2",
+        "minimatch": "^3.1.1",
+        "once": "^1.3.0",
+        "path-is-absolute": "^1.0.0"
+      },
+      "engines": {
+        "node": "*"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/rimraf/node_modules/minimatch": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
+      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+      "dev": true,
+      "dependencies": {
+        "brace-expansion": "^1.1.7"
+      },
+      "engines": {
+        "node": "*"
+      }
+    },
     "node_modules/rollup": {
       "version": "4.44.0",
       "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.44.0.tgz",
@@ -9628,6 +10018,74 @@
         "node": ">=8"
       }
     },
+    "node_modules/side-channel": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.0.tgz",
+      "integrity": "sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw==",
+      "dependencies": {
+        "es-errors": "^1.3.0",
+        "object-inspect": "^1.13.3",
+        "side-channel-list": "^1.0.0",
+        "side-channel-map": "^1.0.1",
+        "side-channel-weakmap": "^1.0.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/side-channel-list": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/side-channel-list/-/side-channel-list-1.0.0.tgz",
+      "integrity": "sha512-FCLHtRD/gnpCiCHEiJLOwdmFP+wzCmDEkc9y7NsYxeF4u7Btsn1ZuwgwJGxImImHicJArLP4R0yX4c2KCrMrTA==",
+      "dependencies": {
+        "es-errors": "^1.3.0",
+        "object-inspect": "^1.13.3"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/side-channel-map": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/side-channel-map/-/side-channel-map-1.0.1.tgz",
+      "integrity": "sha512-VCjCNfgMsby3tTdo02nbjtM/ewra6jPHmpThenkTYh8pG9ucZ/1P8So4u4FGBek/BjpOVsDCMoLA/iuBKIFXRA==",
+      "dependencies": {
+        "call-bound": "^1.0.2",
+        "es-errors": "^1.3.0",
+        "get-intrinsic": "^1.2.5",
+        "object-inspect": "^1.13.3"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/side-channel-weakmap": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/side-channel-weakmap/-/side-channel-weakmap-1.0.2.tgz",
+      "integrity": "sha512-WPS/HvHQTYnHisLo9McqBHOJk2FkHO/tlpvldyrnem4aeQp4hai3gythswg6p01oSoTl58rcpiFAjF2br2Ak2A==",
+      "dependencies": {
+        "call-bound": "^1.0.2",
+        "es-errors": "^1.3.0",
+        "get-intrinsic": "^1.2.5",
+        "object-inspect": "^1.13.3",
+        "side-channel-map": "^1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/signal-exit": {
       "version": "4.1.0",
       "license": "ISC",
@@ -9837,7 +10295,6 @@
       "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz",
       "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==",
       "dev": true,
-      "license": "MIT",
       "engines": {
         "node": ">=8"
       },
@@ -9971,6 +10428,12 @@
         "b4a": "^1.6.4"
       }
     },
+    "node_modules/text-table": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz",
+      "integrity": "sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==",
+      "dev": true
+    },
     "node_modules/tiny-invariant": {
       "version": "1.3.3",
       "resolved": "https://registry.npmjs.org/tiny-invariant/-/tiny-invariant-1.3.3.tgz",
@@ -10038,8 +10501,9 @@
       }
     },
     "node_modules/tslib": {
-      "version": "2.6.2",
-      "license": "0BSD"
+      "version": "2.8.1",
+      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz",
+      "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w=="
     },
     "node_modules/tslog": {
       "version": "4.9.3",
@@ -10174,6 +10638,18 @@
         "node": ">= 0.8.0"
       }
     },
+    "node_modules/type-fest": {
+      "version": "0.20.2",
+      "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz",
+      "integrity": "sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ==",
+      "dev": true,
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
     "node_modules/typescript": {
       "version": "5.4.4",
       "dev": true,
@@ -10599,7 +11075,6 @@
       "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz",
       "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==",
       "dev": true,
-      "license": "BSD-2-Clause",
       "dependencies": {
         "punycode": "^2.1.0"
       }
@@ -11598,6 +12073,18 @@
         "@esbuild/win32-x64": "0.25.5"
       }
     },
+    "node_modules/webcrypto-core": {
+      "version": "1.8.1",
+      "resolved": "https://registry.npmjs.org/webcrypto-core/-/webcrypto-core-1.8.1.tgz",
+      "integrity": "sha512-P+x1MvlNCXlKbLSOY4cYrdreqPG5hbzkmawbcXLKN/mf6DZW0SdNNkZ+sjwsqVkI4A4Ko2sPZmkZtCKY58w83A==",
+      "dependencies": {
+        "@peculiar/asn1-schema": "^2.3.13",
+        "@peculiar/json-schema": "^1.1.12",
+        "asn1js": "^3.0.5",
+        "pvtsutils": "^1.3.5",
+        "tslib": "^2.7.0"
+      }
+    },
     "node_modules/webidl-conversions": {
       "version": "3.0.1",
       "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
diff --git a/package.json b/package.json
index bb02a51..d0e81fb 100644
--- a/package.json
+++ b/package.json
@@ -66,7 +66,7 @@
     "@typescript-eslint/parser": "^7.2.0",
     "@vitejs/plugin-react": "^4.2.1",
     "autoprefixer": "^10.4.19",
-    "eslint": "^9.29.0",
+    "eslint": "^8.57.0",
     "eslint-plugin-react-hooks": "^4.6.0",
     "eslint-plugin-react-refresh": "^0.4.6",
     "glob": "^10.3.12",

From 2f205e867753de60c9413428079f8d040d77c032 Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Mon, 1 Sep 2025 23:14:34 -0700
Subject: [PATCH 08/16] chore: update workos secrets for workingd deploy

---
 .github/workflows/deploy.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 0d7563e..558111b 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -9,7 +9,6 @@ jobs:
     name: "Test"
     runs-on: ubuntu-latest
     env:
-      JWT_SECRET: "test.fake.secret"
       WORKOS_API_KEY: "test.fake.workos.api.key"
       WORKOS_CLIENT_ID: "test.fake.client.id"
       WORKOS_REDIRECT_URI: "http://localhost:3000/auth/callback"
@@ -59,14 +58,15 @@ jobs:
 
       - name: "Deploy"
         run: |
-          echo "***DO NOT USE*** THESE VALUES IN PRODUCTION!"
-          echo "USE SECRETS MANAGER FOR JWT SIGNING KEY, OR A THIRD PARTY PROVIDER LIKE HASHICORP."
           echo "DEBUG: surface:*" >> env.yaml
           echo "SELF_RPC_HOST: https://surface-demo-app-5v6fvk5ela-uw.a.run.app/" >> env.yaml
-          echo "JWT_SECRET: sup4h.secr1t.jwt.🔑" >> env.yaml
+          echo "NODE_ENV: production" >> env.yaml
+
+          echo "WORKOS_REDIRECT_URI: https://surface-demo-app-5v6fvk5ela-uw.a.run.app/auth/callback" >> env.yaml
           gcloud run deploy surface-demo-app \
             --image "${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6}" \
             --env-vars-file env.yaml \
+            --set-secrets="WORKOS_API_KEY=WORKOS_API_KEY:latest,WORKOS_CLIENT_ID=WORKOS_CLIENT_ID:latest" \
             --service-account ${{ secrets.GCP_APP_SERVICE_ACCOUNT }} \
             --region us-west1 \
             --allow-unauthenticated

From 4f6dc861b748ccf0943186228b8bc34f181695da Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Tue, 2 Sep 2025 07:45:38 -0700
Subject: [PATCH 09/16] chore: clean up env vars use subdomain for redirect

---
 .github/workflows/deploy.yaml | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 558111b..0b5eb6f 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -59,10 +59,9 @@ jobs:
       - name: "Deploy"
         run: |
           echo "DEBUG: surface:*" >> env.yaml
-          echo "SELF_RPC_HOST: https://surface-demo-app-5v6fvk5ela-uw.a.run.app/" >> env.yaml
+          echo "SELF_RPC_HOST: https://surface.makeitstable.com/" >> env.yaml
           echo "NODE_ENV: production" >> env.yaml
-
-          echo "WORKOS_REDIRECT_URI: https://surface-demo-app-5v6fvk5ela-uw.a.run.app/auth/callback" >> env.yaml
+          echo "WORKOS_REDIRECT_URI: https://surface.makeitstable.com/auth/callback" >> env.yaml
           gcloud run deploy surface-demo-app \
             --image "${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6}" \
             --env-vars-file env.yaml \

From 8f1971de336b68ce47636feb61317182b42b6297 Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Tue, 2 Sep 2025 08:15:23 -0700
Subject: [PATCH 10/16] chore: try bun

---
 .github/workflows/deploy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 0b5eb6f..cdcae8d 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -39,7 +39,7 @@ jobs:
       - name: "Push to AR"
         run: |
           docker build . \
-            -f Dockerfile.node \
+            -f Dockerfile.bun \
             -t ${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6} \
             -t ${{ secrets.GCP_AR_PATH }}/app:latest
           docker push ${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6}

From 7a827aac3c22702ea1384c48761bb97efaede0b5 Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Tue, 2 Sep 2025 15:59:34 -0700
Subject: [PATCH 11/16] chore: not bun yet, have to sort client build
 dependencies first, style, manifest etc

---
 .github/workflows/deploy.yaml | 6 +++---
 docker-compose.yaml           | 3 ++-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index cdcae8d..7559b0e 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -9,8 +9,8 @@ jobs:
     name: "Test"
     runs-on: ubuntu-latest
     env:
-      WORKOS_API_KEY: "test.fake.workos.api.key"
-      WORKOS_CLIENT_ID: "test.fake.client.id"
+      WORKOS_API_KEY: "test.workos.api.key"
+      WORKOS_CLIENT_ID: "test.client.id"
       WORKOS_REDIRECT_URI: "http://localhost:3000/auth/callback"
       NODE_ENV: "test"
     steps:
@@ -39,7 +39,7 @@ jobs:
       - name: "Push to AR"
         run: |
           docker build . \
-            -f Dockerfile.bun \
+            -f Dockerfile.node \
             -t ${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6} \
             -t ${{ secrets.GCP_AR_PATH }}/app:latest
           docker push ${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6}
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 89d358b..50fe160 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -33,7 +33,8 @@ services:
       - DEBUG=surface:*
       - JWT_SECRET=foo.bar.baz
       - SELF_RPC_HOST=http://dev:4000
-
+    env_file:
+      - .env
     ports:
       - "4000:4000"
 

From 9425d048c31446950f95be87fba7ad964460675a Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Tue, 2 Sep 2025 16:04:21 -0700
Subject: [PATCH 12/16] feat: okay, now try bun

---
 .github/workflows/deploy.yaml | 2 +-
 Dockerfile.bun                | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 7559b0e..9b1fbb9 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -39,7 +39,7 @@ jobs:
       - name: "Push to AR"
         run: |
           docker build . \
-            -f Dockerfile.node \
+            -f Dockerfile.bun \
             -t ${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6} \
             -t ${{ secrets.GCP_AR_PATH }}/app:latest
           docker push ${{ secrets.GCP_AR_PATH }}/app:${GITHUB_SHA::6}
diff --git a/Dockerfile.bun b/Dockerfile.bun
index cb7a56c..7eaaf6a 100644
--- a/Dockerfile.bun
+++ b/Dockerfile.bun
@@ -13,5 +13,5 @@ FROM base as dev
 CMD ["bun", "run", "dev:docker"]
 
 FROM base as prod
-RUN bunx tsr generate
-CMD ["bun", "surface.server.bun.ts"]
\ No newline at end of file
+RUN bun run build
+CMD ["bun", "surface.server.bun.ts"]

From d5002b7a986591d93439fee438364c5a7b34fe48 Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Tue, 2 Sep 2025 16:22:30 -0700
Subject: [PATCH 13/16] fix: use workos logout to actually log out

---
 service/auth/auth.endpoints.ts | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/service/auth/auth.endpoints.ts b/service/auth/auth.endpoints.ts
index b4fbdc6..00a1908 100644
--- a/service/auth/auth.endpoints.ts
+++ b/service/auth/auth.endpoints.ts
@@ -187,7 +187,7 @@ export const sessions = new Hono<SurfaceEnv>()
       description: "Clear user session and logout from WorkOS",
       responses: {
         302: {
-          description: "Redirect to WorkOS logout URL or specified location",
+          description: "Redirect to WorkOS logout URL to terminate session",
         },
         200: {
           description: "Logout confirmation (for testing)",
@@ -198,7 +198,7 @@ export const sessions = new Hono<SurfaceEnv>()
       },
     }),
     async (c) => {
-      const { cookies, logger } = c.var;
+      const { cookies, logger, workos } = c.var;
 
       logger.info("User logging out");
 
@@ -227,15 +227,20 @@ export const sessions = new Hono<SurfaceEnv>()
           return c.json({ message: "Logged out successfully" });
         }
 
-        // Simple logout: just clear cookies and redirect
-        // Note: This doesn't invalidate the WorkOS session, but clears our local session
-        logger.info("Performing local logout - clearing session cookies");
+        // Get the return URL for after logout
         const redirectTo = c.req.query("return") ?? "/";
-        return c.redirect(redirectTo);
+
+        // Create WorkOS logout URL that will properly terminate the session
+        const logoutUrl = workos.userManagement.getLogoutUrl({
+          redirectUri: `${env("BASE_URL")}${redirectTo}`, // Full URL where to redirect after logout
+        });
+
+        logger.info("Redirecting to WorkOS logout URL to terminate session");
+        return c.redirect(logoutUrl);
       } catch (error) {
         logger.error("Error during logout", error);
 
-        // Always redirect somewhere even if logout fails
+        // Fallback: just redirect locally if WorkOS logout fails
         const redirectTo = c.req.query("return") ?? "/";
         return c.redirect(redirectTo);
       }

From 987004fef251961128b93867ce6c46a2494df250 Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Tue, 2 Sep 2025 16:37:09 -0700
Subject: [PATCH 14/16] fix: logout again, using docs ref this time

---
 service/auth/auth.endpoints.ts | 34 ++++++++++++++++++++++++++++++----
 1 file changed, 30 insertions(+), 4 deletions(-)

diff --git a/service/auth/auth.endpoints.ts b/service/auth/auth.endpoints.ts
index 00a1908..6f0dc28 100644
--- a/service/auth/auth.endpoints.ts
+++ b/service/auth/auth.endpoints.ts
@@ -5,6 +5,7 @@ import { describeRoute } from "hono-openapi";
 import { resolver } from "hono-openapi/zod";
 import { z } from "zod";
 import { AuthError } from "../../handlers/error.handler";
+import * as jose from "jose";
 
 export type User = {
   id: string;
@@ -203,6 +204,24 @@ export const sessions = new Hono<SurfaceEnv>()
       logger.info("User logging out");
 
       try {
+        // Get the access token to extract session ID
+        const accessToken = cookies.get("wos_access_token");
+        let sessionId: string | undefined;
+
+        if (accessToken) {
+          try {
+            // Extract session ID from the access token
+            const payload = jose.decodeJwt(accessToken);
+            sessionId = payload.sid as string;
+            logger.info(`Extracted session ID for logout: ${sessionId}`);
+          } catch (jwtError) {
+            logger.warn(
+              "Failed to extract session ID from access token",
+              jwtError,
+            );
+          }
+        }
+
         // Clear all auth cookies first
         cookies.set("wos_access_token", "", {
           path: "/",
@@ -230,10 +249,17 @@ export const sessions = new Hono<SurfaceEnv>()
         // Get the return URL for after logout
         const redirectTo = c.req.query("return") ?? "/";
 
-        // Create WorkOS logout URL that will properly terminate the session
-        const logoutUrl = workos.userManagement.getLogoutUrl({
-          redirectUri: `${env("BASE_URL")}${redirectTo}`, // Full URL where to redirect after logout
-        });
+        // Create WorkOS logout URL with session ID to properly terminate the session
+        const logoutParams: any = {
+          redirectUri: `${env("BASE_URL")}${redirectTo}`,
+        };
+
+        // Include session ID if we were able to extract it
+        if (sessionId) {
+          logoutParams.sessionId = sessionId;
+        }
+
+        const logoutUrl = workos.userManagement.getLogoutUrl(logoutParams);
 
         logger.info("Redirecting to WorkOS logout URL to terminate session");
         return c.redirect(logoutUrl);

From 26ada591fe8be5f9a7007da747013e85a0df8f26 Mon Sep 17 00:00:00 2001
From: cif <email@benipsen.com>
Date: Wed, 3 Sep 2025 06:39:53 -0700
Subject: [PATCH 15/16] fix: try programatically killing off session

---
 service/auth/auth.endpoints.ts | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/service/auth/auth.endpoints.ts b/service/auth/auth.endpoints.ts
index 6f0dc28..bf1a1f1 100644
--- a/service/auth/auth.endpoints.ts
+++ b/service/auth/auth.endpoints.ts
@@ -249,20 +249,24 @@ export const sessions = new Hono<SurfaceEnv>()
         // Get the return URL for after logout
         const redirectTo = c.req.query("return") ?? "/";
 
-        // Create WorkOS logout URL with session ID to properly terminate the session
-        const logoutParams: any = {
-          redirectUri: `${env("BASE_URL")}${redirectTo}`,
-        };
-
-        // Include session ID if we were able to extract it
+        // Revoke the session directly via WorkOS API to properly terminate the session
         if (sessionId) {
-          logoutParams.sessionId = sessionId;
+          try {
+            await workos.userManagement.revokeSession({
+              sessionId: sessionId,
+            });
+            logger.info(`Successfully revoked WorkOS session: ${sessionId}`);
+          } catch (revokeError) {
+            logger.error("Failed to revoke WorkOS session", revokeError);
+            // Continue with logout even if revoke fails
+          }
+        } else {
+          logger.warn("No session ID found, performing local logout only");
         }
 
-        const logoutUrl = workos.userManagement.getLogoutUrl(logoutParams);
-
-        logger.info("Redirecting to WorkOS logout URL to terminate session");
-        return c.redirect(logoutUrl);
+        // Redirect after session is revoked
+        logger.info("Session revoked, redirecting user");
+        return c.redirect(redirectTo);
       } catch (error) {
         logger.error("Error during logout", error);
 

From 1c52e88cbc035fbde5d215a523a4b53457c8d352 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 29 Sep 2025 08:27:49 +0000
Subject: [PATCH 16/16] build(deps-dev): bump tw-animate-css from 1.2.9 to
 1.4.0

Bumps [tw-animate-css](https://github.com/Wombosvideo/tw-animate-css) from 1.2.9 to 1.4.0.
- [Release notes](https://github.com/Wombosvideo/tw-animate-css/releases)
- [Commits](https://github.com/Wombosvideo/tw-animate-css/compare/v1.2.9...v1.4.0)

---
updated-dependencies:
- dependency-name: tw-animate-css
  dependency-version: 1.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 9 +++++----
 package.json      | 2 +-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 7d168d7..db72fae 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -66,7 +66,7 @@
         "glob": "^10.3.12",
         "rollup": "^4.44.0",
         "rollup-plugin-ignore-import": "^1.3.2",
-        "tw-animate-css": "^1.2.9",
+        "tw-animate-css": "^1.4.0",
         "typescript": "^5.2.2",
         "vite": "6.3.5"
       }
@@ -10619,10 +10619,11 @@
       }
     },
     "node_modules/tw-animate-css": {
-      "version": "1.2.9",
-      "resolved": "https://registry.npmjs.org/tw-animate-css/-/tw-animate-css-1.2.9.tgz",
-      "integrity": "sha512-9O4k1at9pMQff9EAcCEuy1UNO43JmaPQvq+0lwza9Y0BQ6LB38NiMj+qHqjoQf40355MX+gs6wtlR6H9WsSXFg==",
+      "version": "1.4.0",
+      "resolved": "https://registry.npmjs.org/tw-animate-css/-/tw-animate-css-1.4.0.tgz",
+      "integrity": "sha512-7bziOlRqH0hJx80h/3mbicLW7o8qLsH5+RaLR2t+OHM3D0JlWGODQKQ4cxbK7WlvmUxpcj6Kgu6EKqjrGFe3QQ==",
       "dev": true,
+      "license": "MIT",
       "funding": {
         "url": "https://github.com/sponsors/Wombosvideo"
       }
diff --git a/package.json b/package.json
index d0e81fb..cf357b0 100644
--- a/package.json
+++ b/package.json
@@ -72,7 +72,7 @@
     "glob": "^10.3.12",
     "rollup": "^4.44.0",
     "rollup-plugin-ignore-import": "^1.3.2",
-    "tw-animate-css": "^1.2.9",
+    "tw-animate-css": "^1.4.0",
     "typescript": "^5.2.2",
     "vite": "6.3.5"
   }