From 6b82ab16b37ae63fd44c21863f35b1b25e81622f Mon Sep 17 00:00:00 2001 From: Vadim Bauer <1492007+Vad1mo@users.noreply.github.com> Date: Wed, 12 Jun 2024 08:31:27 +0200 Subject: [PATCH 1/3] multiple project levels Signed-off-by: Vadim Bauer <1492007+Vad1mo@users.noreply.github.com> --- .../ref_gitlab_visibility.levels.png | Bin 0 -> 48836 bytes .../multiple-project-visibility-levels.md | 155 ++++++++++++++++++ 2 files changed, 155 insertions(+) create mode 100644 proposals/images/multiple-project-visibility-levels/ref_gitlab_visibility.levels.png create mode 100644 proposals/multiple-project-visibility-levels.md diff --git a/proposals/images/multiple-project-visibility-levels/ref_gitlab_visibility.levels.png b/proposals/images/multiple-project-visibility-levels/ref_gitlab_visibility.levels.png new file mode 100644 index 0000000000000000000000000000000000000000..d985e41710422f239cd656b08dad7d8d3292af1a GIT binary patch literal 48836 zcmdqIc_7sL|39jP4oT;fRJK-S7e&dEQ&QQojD0K#(F_$sW0^^cQ?|<9*s=`9z757Q zN)clp%OFPC4F-cTX1j0a^F5u<@7~|N|J=Xso&Vm<@_N5skJt10SYGef_e>0g1y2a_ z@bC!VxqZ`|hetr2hiA{j{rtdRE=Nm3d3c`l+_|Y|`OI-?e1Rwm`aosVIIm-_Ae$GS zaUy&tQpI3DZ~DRTDp{ubmZ>WxQXTo260b3A{p=?!MxnUB-<!O9TB)E z^!vUiJO<&y-zIr3gdM06WULydSJ$nNUM-T?YNChG*f)!w2hF9{J)P-jcv{R-{tXz$ z|Gc8=xIdBqTmZv*a>M!XughlAnX-T1>%8{Abw?e@PcZa)9i3fwQp_rr(p zVkDaP*BcCoN@aCO?)mmcdbe>2ZZWn!Tv(hvX@&J(KBqD9%vY7RW!t_o9>kh7sRFkW z9u3Lh@hp+{7ksg2BSfUP!Y)R?q(0nf&JliK^&5F~V^6mx?Vs=FIri#~5TpcLuT-}x zhVRU|5%F{HlUUuRvufj_)((TxTP@P8OAKi)8@WYH*OpF}MO}M3eS00>v@XVGAlMXS zQtFi_S-PwOH&c(HJ9}Djn8YVz#Q_fz*VfvCx(4p7w^GDa$Gqu;D`vfe-Vy7cM;;K- zT`9}R)zApm1+!q43S;XEo!UEuUm#KOmQgIL3t`3>9WwD;=s(YXSa)Q#k_cu|42k6P zGBW(Lb&r2!doQ{l38v9jHnE!#WUZ;8&awzGg(ZRoU6vU#M># z$>CF<$>6Nnr|`tu*;|b?zzy9` zbxlvV$FYBa_o){qnu(IW2QKV!ii z2@&XCl=}QJ@np+&@bD;^hAXe05>piTXT;9&GMCF_#aLq^s(R_%ZMyW1*-l_1H04Rc zP;t;XwQjbr^zB^;v#S6=r~LSYHb%u6h-s%gFxx0Z9*%`)V>2e6(x53n^h3Kq%1!a#{fLSS{+w+CT|@7Nwb?2HNee{C7lbU<=lYK&DIiX> z*~>NLJ6z5fo)Hns7HbVzD*w7rOUMAfONrPrdw0el=0PiHXMA?9P(>3@; ztu6!2)(#<4#UM@Mdy>~-Qk7nN!*f^1dqjSv8}usumgQ&u68}uj^LF)x(5_s=^ke(6 zA?tS#kC#g7XCJf@=@;;|!F>J&okWV-b=KzJ@GZ~xjYDtF_gNLqgL ztJkmR=O;{(kyEIYwIi7un7t@3&|H#ryd#nw&G7^28Ay{X9}o2OoX2xOgk$>7wC%O2 zg{RA94MVY6Rwe!oDQX@}v!}4%NvUccE6wWD=b({I_9wmv`S@$jBx#AOLnM-un#d!fCPv(;Z+%-K>#yG&MaiFDm`qDDGk=^65*bB@og zK)28??I4|F$q_Fgi%&N=OlgVz66thhv5mZ9LCu|Jw4~{tR^(2bkMIGDKuT8)6PVm^ zCp@WnHi!znTi?7%lwSxqw;VRPSXkN>MPm}Uz0yY|w4Ob7cBJC*#Ms0_sIvuSF{xN7 zYB0+h{CTIjNLT`~@xy?Zh*Rb^GOxi0ktAqPc5cz9siW^51G~w$H+$Cg% zAdB{Y`IG2)uB)2cd+awMaDv?ae5#z()u);#L85-0LJ-bUo|rrCN!KI3XAC#%tq5zy z76BPoUR3DbPyWvwd2A;FDa)aotK)q-obC6WSJd}ABimAHdO8k>bnHb1Ou$XulV{VEv!f#voAnQN2}nOZujqr`fY@EMJjWk z?$0uZULqJ7!A~`L?5d;8_|>Ty%CoQ)N(?UG%g$TwwJ>J zNW=H|8DP4Q99pC*u~i0E{AdA%@_#lTvjr6PcGe1B5;L_pCy5&92i=k+RS^eM68~kE z$IiPRCLNKMXkb;y6Rlq8T(5dGtfcGd1aemEr7I8atOVeh>}L8|s9^CX=0yx*ytHly z*SR{`9Lmc}AXUzV`Pl#yB}sBT+I@BjqwosousIEopT<^#U zag}{r0;{2!CpB}#^9_@<-ldq(Dq0d)6>s|IGBP+vJ;Xx0G(&HRXGVDz9495F!~Tod zg_jFLn&=Z~qh zLD&zDw^DQ+2<>|P`n3_o9JZ%nsXb4PmaOJcl2K%iYM#{𝔄YMs*#j2CvaR9;0yW z%>gyuVzV0o-$Hw0-NsLgd7dCiz=ZCK-#+&*#g`eg;ZxTSJuSUaj?~@gZ9%+`s%ShP3?xkH@thDq)NsJGIA4FIU?GhGOcMl&H zhIr{(noahaOz|QG_YV)sloj}7jCzW)4k|hp0|i67Zjy|6+gZCXR8>7~AdQ$dxMR;5 zg)>S560EhVPi}#KV-96zCDsW_6uw$;ja4*J_nGLIp5;Yx*QmOeED|5}=Ryv1>Qn#0 zAx|81X)kIAffnA`KGI}ilcP|!z-zsOxL;bM2yHB|iUXSe#WF3vk2!Ml$zmi+9Hr!H zyS-0ST9M6K@QLR27HB5c>$u>+$PY0m*4U+5_m*bK_g(Tl@hMjw=ft2lo zp~(X?d+^{>#bA_lZ~X$=p1&3Js0W~Q=$0Djn2w55kOGUY4NG-;#xYHq^!Q!;aS_qW zV#;fjXjj9e{cXV|5K!#p_Rr59-)qRxI2RJOMo`8Z?Y6I@09kv# z_vzuodHDJZAVP1zHMUm#p8<8CP-8wetLhYcw*jv580%}1TdY`;}!IFCW_y#arh6Z6-in+kj1Zj9gIJGZH*ZwMY7T?_7A z+ZtQ>cEGv@D;TvX{sD1Z&}$|{titPfmXbAF9TN!#SQ#vZtjyWW^SkW!Ms8lR!SgFDLq?8?_ZZtg&t8%W!tHPOo$DpJGuzE+ zFIuMl{A9>?8YV#ox_y=C?1h3yqi00o9 z(-(IVhZ7*TYdq`_0R@~Bh;JhigM z=k&74kbq46-48X1|I`W|9%ru)8_l!tg#`@jQ`uXolI>A*TQc$!+NqH7Ywsj<5T~!g zRqw=cO39aurXD)zhTOIbPvrac)6R=21I@F*tqAWsc>}jt5c@v5K9+Gu&hvyZWlrq< zzibKkos_EP*=YH#gZm^Clx$gg{bNDsG13hK{B5acPYj-ZTH0*4R&q>dF&L3?y4M0+ zeoY1chltskxzZfBUrr29vZle<>OP?( zf0gQ_beq$LR?m;0VS{5+eRiB~S(*w1h{uU!yiq1bzX{xik7~Sseg;-r}<@ z0hg6O)VQ47f3+yb?RDbvumOd1PP}MW0eE%Uda!KN%NV=XR=X2><|=!d7j<`zOF^D( zi%DCNs(lTkI4<;1&?xV!&P^tjztdvRjF{KBw5?9|Zk-4wA z@c#cYTa$6&fUM?xZJ#dGcwlef{XGPyKgm})B(hH`BCX1(Pm=`e*YpC{-{*Z*{=vv1 zSE0C{$Eb55%`7(WXJm76LAi(L22T~=%do} zhYufa??_NaBe_IfgnZrhPx5R`z1QF(hg#_|KFDQf$Lg$b(><0)VeBUvA+wz|W?^h5 z{XBg<0QnTqpy*2J{hiV08-++IYerH`RFC7C%Qnn!cFJH`47+xkEW*`S0_k3Pu zre5`B;^%f5Yp?V$P!jJoz*~z`+?X4irCe}@4>@J3)}u#&cWT=Y&=8#MtmcB*sWzd7 zT`SP<+Ak!kXackESo_da=2`8}@spL#9YBEufnq35-X>JGhctk9(<@ zHI(Y21v_3i^f7eSBdIvYO}_Ubl1Mg)l`_ujtI-jC2CA5PNsiwz?!8{DfoB&}-C76L z(|x;#`4byMf?!R*O80e*UChx}AOWTJ^z?(4Au~T`c=xn5WsUYnlvFWHk}B5|ec4DOgTXPrRVX?cP1fuvt~a+=X2gdEIh1N@AsUE{dD zJuVO5h`Ej)HxR`9SF1We?&U=xLkyJl|p2x$9p37z08hp&S-e;Oi={3@FV zJ^_PrYW!g|d2fO1!%Ae0)Cmdfje##zx;j1Zu=#UpXMy%UQPEDU-rH^%4Vf&J2X|H~ zl)(W$I9)yLXu49zoan4T(Cf(_t(BiTs3CM#r%I^;Af%kaT^1(>v9f(ZjZlem|1uyB; zeCn|GZc-kJ1NqQ zs%4&e*3H(6w`lzp=QCDf0|5VkG4ku)o%inoNW4C4`K}nP=rGArzU}pEHE=IK=+oUo zukT`xHY3vB_Th{630_~1hf7|0+-wAMmk7CL@#*F@Z%3~`NCQ-a4rt-KFMi77*Dim4 z>R6yN?R$N|gBKC@bdwxB@_%5tfmgQuF>7P=f11&IBS*8siuw=cY&KYm_awwJ-C za%;H(an0xq52Jqizmb(<9sKnj+s!s9q_vLt5LY!T zP+9+*<8+{-EW}o_Mu?%5T^+=&87v&Gm3{vJu(H&cH;N6DltNTT0J-#ZzIQx7*S)SS!>^f)^#YKm5tA1bKk_IEeR3TVSsW=q{Vmz8og7CI^^Q z>QXH6Y#9Tvn8+C%z=l~1`?s{c2A12Qdb84Kb#=_wL_kzTl6{&{=_>}1F2Z}<2hhEB z0Q5O`xUtI!^|Oi=ze?SylW5D<7;BI3=+=v6vODT-$EXR`Lv(Iw$rBpM#|v|9Oe=%Eb+#v49st$a^Z6E#wjfk~K`-2SKD2AfDb=Vcuq9>k zV}I*-9=`C|r=m^X&^DLziWXG|{nM&qfF1Ye^`Z+8kCN6Fqs9hm`Tv%0$Ob&ORfEa3 zE+lAy#y%=}F4tV6?M3aHVt13WsZrrS?gHW1m)Q4Mnd)K#YEw{*^uL_+hRQ}W+5tD+ zVsvN?lc#eRiKMZ^{+AzxlAhZfzvh_s1cedY-};xZ)!n7q9VIkbY*7&VElWRkv(18s z_JdC-&e|zNkwMIGH1Y=gLZf>YvdU%fucFqQ5%S*(;7T^Dw^c8$!I7!ESx8Ecz8E+a zyKk@}Q3-zf@XJBf7P|Jo3*&I+H^>g)(*_2e?{^XF8dEtGEMe7Oag(q`A)>|Y%0HEr z_+9LIA`I!sO>#&aY0Wjv*vQ_H)OvP-_)}GxJ$)WO&(&2ftAjoAaXyi|>+Q5!7#i!w zm98c}R5K3;Ce%0=h-P-oRAZ!d(^-H`*JE_JzcZzBH-p*Y zaz;#*H{$Y!@ataa!QA&vNekM51vkAL&+!t>`gPdbQ;mo}e&OIi-?zP}o+jUCnF-TB zh4boPf#_x2W!6{TPv1)3&r0Gl2UXdD564FktK2t&AsX}HIL!c{pGwIt^`@#_woM<6+&#z~zK0C9s)wZp(geuk;VUB1N9Z>f(SPS+S|}Ir%OBNK>7xmnR(99qk!u z^^Z?Jw2cR3%x}e)&QVbx?%Mr|^>}zJT5|TO&$NmL3A~8Do20b8I1)ifyaVqvrj$DgM2kLRU=^Ty7R7#x@7ua z|KD{(!$9`BhDrdb_Y|wvze9Xz*Y&Fx@icF!B!+fPZi}5K^2`9tGk3f_{eKj7?kB@@ zY$v>Da%*4hhuu>j|9LfUs1E(Nv2f_$M2F}9%{d7zq2*wt^?Iwgc--OhCfj;EJVsZq z1st5i`L9p6PXmPP4iLb4?|=TJ(ud4>0Ce)W6g8@mclwi{3g=Isr{hd@HnWW}fSLSY z9Jkrdv7o%UPh>mJG>3+@k5-og>PM0mrqYW3^Ehwna&7nC=HmlkmGR$65YN8PZE?B| zjJEH7gVH6&-gu~g#pK6VuC#j_BOX>~cZ(*`uj{hL_9q^hc9wwjN|HEnQ%`ENZ}TR6 z8f)*t&?BaoSdVTosTov(bMhvjffktYl%Hp7)YuNqv10pHSffQ`F$l0);{aatg2OmrURu)?J@S189JDh>1H=g9Q-U9q`-zSm zb*d@04@4X}OXNDb(O0zD%gkX~Q-;pVwrz3!vR=X|O1**E<@N==Y{a%bZXhN4Qz8M-j_U<|w5KIVf*K_;rcitKG2 z`q7e+%dlDiVg$tFcteCQoZG-+(R$d;qK^2 zCEOR0yPRiT!YLHHBxQb*_@1=s4$b?Ic`Nyw^@zZ=-^0+%#*PZNo(EV{+ULw<-=~(i3$8o| zq=!fPJcAUM`i(UvMs;VUgI7OFJ1p)>GqUp90r&N)VprFDVz8uS+_AQUana50hU#Sn z0?L6j^|MaTFR*up@y0+|Uhz;<4Rk$IM9`*pZiby7k40?LI8FP|Z;~7X>yVC$U~@bu z2{|HMMFd% zkltg0a#dJjx?ETwjr~>3DMw?Y{C)>h$@{x<<1~F?17`|EGrYRT+BfjlW{yJi*Bzzc zrYNBI#B}$W{vX>S6<+9XCNU+6RD8$zt3$;zy4zzF#Ef4~vNa*i^~Tp1`u_yPHV= zlhF+Ck;tp(4RRw@`J3k-r%5&`mAnF<0zM4`wY44x4}kA4-j}#$q`nuWn82rAtT90% zNt=4A+CyV1|F2`Y>i8))nU>x>JD?E*r$Q_MwhwPzX8+jfHavWBMq6X$&&*MPAPsXT>5g-#7)OacPLH*CXl7{%%ihb(H7@t`*h>s z*0t=NgElsKWytu?J~d?Zdb5+;Kov5Uf=~BVWo1L}P2Q%g0y40Fs0vh-?gb5+60XUi zlrGn@w?^7Apu%iiwAZzeG1sz3!z&xtbZRD^8fdbskqsAZ%bZ=-SL#u$eBOAj6u9b2 z+AZQ@R_(L3!@2OnDC~{4r$a^cL_B?E95oA`p-OY-Kl_Q3kw_0@@N!08hGROXH%-$-jM6pnpm)jK$(Fozn8WbzP@1XevLVR9vSi`PBFd(N zs%Z^F$d*2mRzPmmb^1xC<3{!~=ejh=CNeTI{p?~qawjgbUu(`Yy+hO0_iMywhVBQ6WgZAF(DYJEN@fkrYuf9LMxFmFLxjw7HaK`Ic z4}TwP?P!8B&15F+u|$;;WvE1%9b6`Jd^#K+LA^V0l?sSTIj7It zK-x~>rW+{VdiBJbmD#;xYrJ>_HqaI1NPOD7K9;`#DoKQ9_XL&C+%9U+N;KF! zADz9dY-fd{Ac#}M9FCo}qqEwy?>STt%sYad5#s(T#jr_pCS)R-X`hE6a;zNhHQCj! zmiMzI7jJ0B=+Bs-rjqjtpVqdQZ_POv)jd`JUif9eHUcCj0>;)9du#=c^{<#U?| zSrvuvM=GgzdJ0Zs8!W6J20EhyvlicCc!9GH{dRK?B;hcgG}pl2E>InoFi~rMF~wl! zU2a2f6A^0#j=Z1i#wegP#1syJ;09n#JbhweD$6ZmbC^>TEY%lwZ^jHP;uriU!=>P0 zHf*@AI5-DtuJerAxV|ojR)~LGk`JlI$qnQBDTBJwMGY)lkU{mR2^p&ewR0S-qsEBF z)!>@C?Qll{!;qaiE4lS*D{hE7ah0Y@WN1nH#(uBT@(hgqzF|jFM=o3`abTDSMjxCR zO}$D#4;&*gj?nlGf{~i5xiJn4hqenn-3bgEnhK}*m{5e_uuPk+(flcNNWNBf11*fo zy`*SrnaJ>rZ>#RcgcUUO`CN?efu(ykv1yxY=ilFmILI_(hO@PlOJl~dMn08ku#zxi z0{$4>jd@{F3AT72-d3{0ewWKePnF<4cHCRG*0v~T6h@m5r4;Xq%3?L}!aT59FCi&pDr^F9w9mAV@tk|7%mdpbY8HATuf zfby6M*I-T^X*B-$c~tjM^&LJ7+f&8f%+KNu@H;dFr%rdXZMcDTMaMI}-1680e|Jxd z4CqjY_jk~I;xcc@)`|JgQ{{&bo_JalR%i!uOArG+5_JyavS^G^}=A$ZZh+h#n5{^bP)e z<>KZrdVMbn#BjKy;SE}hr(=uyZs>A*o6%Xmt@tm~)mLNmaY_-cF|f|7)>X0H;Xw&1 z#uJyJB-j%uYH`eMF4$JvVmNrPkabC2G$Ep?p>k8`TtW-1yWIu^drqXk%5X<7V4}*a zqyl-C=Un4NCI>%03R~<$q@OA{nCJZGcF-KNUX?hem32KoV*-B!BR0aiqAn{v4Ytn3 zC>;2FWz@&YddAKk+8vQ8hderH7KSC($eNDDTf?aJuArG>7Y7eszLqyzxrpHwPFdH^ z7$zw8J6h|v7RtmKjk=@Qb|-UqW8mV*tqzNlm zT8Z5&Oed0Z#8gK2{T$V5iz;Zb0}M`l(P_6HfzMRnYr)(=7e~RK6M3pYdmsD_vM4;G zQi7j+Ne*!rLXHjX52SqYxP>&AUHCi)(pKmdmqkcgI?uAvHQ%&ERhwR5JZW;^AI86f z<1PQ%7J9aA+@6u+Rs}}b{xCkxL~(|01ev}{Av>lmAp)a`6sWI7fJz9#HB+$2DMnC> zdvE)bfb>=z+ULf|6U!f!3CVBY2u_~%m-_fe!R8uYqtw>e-M_FGm3<0&J7#NHo&K%_9L;mG>buw;#4LSy^+N<%I?z|{-dnS_9#gTHLNXf5bVv}rmi}IM zWs7SJbPE*huyfK!_>ODdw6x!dD|*^T2X^B`_<}K*U_vS7g=-Y-D3&@LY@v1gAkR!! z%f`{<5@6lTh6Vjb^_OJO!J{KcOi?8zDGAx2NjVQ)JaTb#THDk9;Oz-@Io+LL7eZ*W zsmJgs_Z>NX_!s&5C!W6JK0(1ts%*`9GHIyFZK)ybZ4Y4`CpBqZU@^h0==CmCHjQ7O z_)95ha&-1e;sQ=0=IRi9&H?gwOL@6KEAhzjkTLmra&ViMe}?Wl|>EAv`LDIwxe&uHs{hB z>FaK|t}_VkBS{!!uXb>$UE+H?$h54yP_YW&co8$|VI9@#qv;~%@w)8G`coT$W8ViP zjmQ%=VE`xH+ds|Dh-zz^_ zLc|I~FrpdcgSlmr>ODsX#aXz88kypbrRqL!d&d!XCk4W_;RKf91wF^>1G=#m>xzR9 zNIf(Nhdwo|NUR_2ZkT#h`ga@9cdO?@ZT{H=H?;*APiSas%Am}s&h94QhZ3Tc(nSE2 zPxKHB?lw+fJ2xzT18CO+dwQ?km4#zpt$Stu;z{s@YRCRfmyx948S>HXN=1ZYQ1;pfL` zX9NRnz|$GPe$K5a_g~Rs-@7?ir-W;IIw`-e>1Q^h;L&j;5d$q3LsYZM#>3}l+xQ0t zB-1^TvU8MVJ{!kvMTCspY}b7r%RpZr3n}p>9JEf!tT}eMxchgo^}wqLa1SojxT|f# zIe+f}1xm>X3oLUhHO0JSXe?2iC{3Kl(c<}$g{$@07P9m9RB;YlYQ1Eu&hFG`aIPC1 zxETicC<$UOlLV4;?Pg{zR0rEz6-E)VPd+$ipy3JoQsgwIsh@y_mqtF#gosxwj1P=L zzdy#LKNxYjib7087$S6_IBaEnUFu<5Y8}%tm$cRb;%uoKSj;VIoZAtAtDzoyIG7cPku+tTPK{XnX+!ti8ZEB)EWf+m zVw6qm<%UNe2I<7lm=<8Nv1v_E_$a!;%a;t!Rqzp}XcjJ4>s{bGR?Yp)PF-Yh;1T%n zZ7r~0tOAs9xLzU`NB?FHQ-q-KU$$6p(_NJ_WQUJ5cM3TJQEwO!W+e`a`$2*lp`K!O zF16i!)zc*{PU4$U=LQUqd>?G0jd=#GnbnkOa+f#Kh5z!B1kp7sqfGmQ@>Lw#2I$^% zr6OS69vZ``;7-cKrvFi}z*syI)X}kJHoU7JIi$;Vy5^C3*F?rMB6e!hm1XgyA6}t0 z24X!I*>F3{h~=!#`JasEVC!>|x-)KlxcTp8dmhhNWc1_-0*wh6;$T8(mt|9s(6yrZ zJvk?6V%tG;MMKnd;cBkuG}r4mWJPb&^Kl^$TSSnO%<$c(_~i#Uu) zw8bGfbrOL}&1D?;DmvH8z(fq}qca0ZQfE(T*$zI6}PH5A4J{b0hkQng6 zz*h3oY--UT76SJQf46U)A6TcyJ*!GE=9xWNX1Wj0U8%9f6P z53rW)uy1MTZd(1E60w5eogVKgX!4?>SeL)dEjaqvyVnk4waN*eb~VMgqu4Gd?C^=) z2F;4~WIProN!oC;b!^mg%N4#Pnh>eKRBfjB1c}eaFIQis>YJodTx!=}%~0IoW3pRr z21p;xr8&3`S3{OqKha%5aYn6|-ZdK0!R$IdoznF(bOWs8yW#g%5ITKS8RoYpp@uy; zrk~Qc#duDF_3q3LB9DBpo?4Jdd$S*cwLD51XfM3`Ja%agOj>?S{&}v9?I0#9m-V8j zDcT*So}{f%CQ`Dl8sg0C#Im!;I1M0Kg)EIXmd6S9w?KRaLb&FcWdm?9#7(WC>#cz( zgs&YEO7ai%3_9Rf`3J%pLqmUTI(Gz3c$Cl=UVQRlJ&hy;p1@LmcpY0IUrG1}Uvd~1EvHjuq8SygqBrIoZ1NgZ&nOtQ zBdKS~W)^|Nvh4>V3%*s4&tYLNgNT&0> zNqHQ$@JNqU=f>VQqKF=X8t{mXQpa?~UAIoSlX_#Li#1~|30ex`@L#_5Kgb15$Xi$) z92mJ(d}AUkU!~DJ?rF|lTdDFl-VUP<^!h70{v$yB#{z+#t-s0WP8q&VIdGRySpkH~ zN=|bK)?JtNbOusu{TpSn)H53ssZs3F+8ZDdxmB)6WtDH)P3a+|JZgw&In%O0q0H7#yTUDD%V*;1A0(PF`Eu2pjz5*706Pp~S0ZfR$GCSM zIXh@JW}*xw5Y=ZuDCP>l0Usp~+lpUkr`*>ri^L*({0xFEmt zP{LIgE$R6TIRJjsx{Kh14fKNvaWR+L(klB(j|_&R@kD^Bg1ug^_yfJZmc5M&Zo?LQ z#%2{=XegJ2b!!Kn-DBd1%|LoyfBKl`|5>V0ve~$=K7DcLONJn#o|nh`rHk$BCqz~(&JC7$Tv6X8HCu`enC1^U@1P#gZ;0BAJ2R9_8&>Prt$uF|{-c!!&%&G@{;C5!pOy%^vOH!9Vv;M}(y_y(_P4i$ zzh%{&-BcOyt~BoxcfKDRFtTYppn5in;AKs^#;?|YjAy_!b4T$bG$nAjZdyW zbGed9oCz`QshBYW;_La3>mM#ZVov3wzNum#Eog)*YeAP%{M< z>%y+Ig|5^W9s#7SqsMZK|Crnm(NN8wVTB5s#?9Q>)-G)j!YpFlhCeH_B+36jV%4rHoLtRi zmshm&hq%@h6wW1=!$?XUQP>`Vv#j)kgas3=GR1goD>VaRAm z=HBWOrM%L(V10{XCDxTw1(|`f3p20yP$Bj$GLj-NLax%h<*9ZkylItiZ1IE~#*X1Cs#3b}DAiXy*H zUoZc3prJ9@v`mbhHT{Z=nthFV;~>WTo``arOYGu;L{)o~&Zvuy-CKiq7fn5XbeVsv2pnpmJ4#! z%ZdVv5Z8AqA&wJ59UbrFK=88{0PPt#PW`$4l1$h#wFh9RP>&eFSwfsGK1j96WnYL0 z)0}fK`;W?meH%*xRHk*>dH81Mb&*Sh=6cErmI0^2|ev^p|8>iJl&yBA4t)`kabl z=Ry4k$6<=cTbDJ!#@4b{x=)kXr-18lqCC3gnM%B1>YQ%xxAzUctBbPE;h|S3i!O-V(l3ZGPa5)Y1Hk z!-&$jrLm+RHJHPBMz(yi;Yt#LSC)o}B`9qM)S0*vhS9i3^Sc_7Hcfsm+IalFE_Nku z>xLP3B+#(a>R^buR56YJ!xzg#qn0moAU5|vde$5>9$*e>cjmCj!b-X4hgw$7fKGNi z6mO~hVdIyATqk+o2CXER9Xh=WuyRppTkKLw=w@|$Q$qfKAxw*P)MED4UGwo~v=hRp zBZy)Ocx`SzGGkNAc*)6v$S9SPo}~W`yb>a?>*5p7tC>F+3rl=0z82Wwl@^bHK3{^p z?+Jo-gldl2oHfcwqQ9sBnlDJ|w+?TIoOT#F_HZ0)?KgbVat5};d(;i{z19#ElHdNM zNcGLrEBU_Nq6zZ5vDD|lBg+Jr;jgFxHGQzgXvs>jIm0Ej^G`jARVrORkC<`({9K zECL+xx*+mvB3PepAS9-vUPiue4pBA-Yqv#RH9Z$);U{II{|j3ntEBQCIxB=@spnjo zTj2v4`hE6?&@+O+tl4JB{*d0QQIGJRW*cSAbmP*)nld9Re?lrBht$@+t`IbjG7wYj zhC~QDg#_0EPJz?;v{jed-TKu#jZy`hkT;G!Th!4LvzL4{erS~ONIFTIbdOAvw{D8J zQdlYn^>=xWjQ!9|(-G!CWsCzub6n)<+^ZgZ-c0no#}xaJ>$2mUh9X z<(qCI&PtG0f}4~jzkCw%>Lm7O_WFQ#?8GfFYy0p*Q=eu8%Y#-ehEOIPcGG}@MC+8c z>a=U#=v-IIKm=y$Is$kDhkL(d?@Z@rb(8|fNpHK&glbQK!1h|@8wH$NyBL7&T}#x5 zW1uMtZV4U9v?j<-GlHNu7en$+>A-2qT2v#z1G1Q^t{^Dke}$Wo)bHZWn;J@1X@BdK zi_E;@O4+jG16N}}x6BR-{LSzFmhzoV@h*eAAp6SS8}G;NufC2#6MkN6FEI97cu{t>k5s`TP?j~3XZbehnWW$8~Qp&KxOc0VWMb0=wd zWL4rufx=%O*&azQUxzN@E|`9%x(#PyaL|$JvPhPjxO|aqu<{nvXzXVFyi2GY zx%@c(ug14l<0@jZg(tt3kw@irTK{U&J=9trYCK-swi4DLWbrq#1Nrrp`%q=)#cw1W z;wnaICbT9C{)u|?_N9xPn7sBOk*OI_Z{+-qIcyI?+6MCI-zG69%yrMM-zpNmF1yZ-Fgwv&DsGLHwK~AxmozYn1puf+A$H zUaK!KT;S-aha2UeuIY)Qk0$cMu;mv-0F!my@t#$TrI}c&%cxko(}F-=mG{=EMEnz3 z3;$jJ_N+U%3Z~Al-dHhZ<91}`@x8fJdAYyk@0TURQo=5ALvy##D|zc$Azl+MsqF_K zLj}C^du)&O2=wMak7s)yY1s(8XFD*Miz^YD8kCJ2JO@c$DY-Vc{V61H|3ms6;D9Go z)?#xNzR>T+elnQW;1>2Ga6UP2*CT9`PAciBMgx{CY~90=owK|Fj?Z%&jkg8?rSAUv zlXUfA+xpI=;UoBg?4EP4)>xO%Vq^OB;eQ~M>-j;0Py!JCPb)K3p|&-{oa6cs9U;tK z6l_r#+k^?0ke?kT0nbUYjv(m6Gd36JK&Ux5IDR2}v|A3^f!B0nmQj@cun>z>tbel- z3u*kUlReC7k-xn4B|&KK-vZvLpqjsv!vKT}N4Fp_%FyY9{|!ldO2UsxYu*M!`b zAJI4tG|a!CtqvP~UVU1YeKd_zv06{jnR1kRJFw}({oI*<0cr&C*aPt^N6da|QdNWO)#t-C*W-cuIa=9XZ1D;zgb@DI~}0 zjy_|!DP*BO?;#3_$v5m&K`s*-g73@Q+->^v5TGtJp0+&G2iK8mBI6rYgB%e++Z%=G zn~b6ImUV`&+EgDXCr9N6g_TASTtfGzA|2~F-{LO^qa}BatnX8fJ!_AiZA_KrBCK8Zgy*Z2UTb&K}(p>*w`;i8Cc*+ zVg0j7%^WH ztJlT6ByU;KRA7@_?9r*r(hV^SSmEqR5V;w@HvB1z+E;KnRk9Q~e<=c94m_$zA(gwP z1ZGP)*lq3E_%O(DdmnOYP`7FspnsT1+9~zj2yN_tV(02cYKeJ#Yy>>5x+lqRnGp1U zQ1|A6Q0{H~usTUcN{b~4ojMgGBq742(qhRrV+vypS%$=rWlT7w2t}5Rr7Xh?W~@Vl znIx2L>|;!*#4v-w*vInTI?s8|^ZUJjzkj^{&vM`2>-t{%=W{(EaMJ6-RvtTe$>hY$ z|G7Rx)VBgcK=yXenZbSMktHE0EIuF%pb>Y!+$lXUwMcsZZf~MDE3hD5E>XGhkN#DD!Q1>&?bzzr6RqRB=~mfcB$q9fEvH8XA?fFzptzPsmzTb#$6ZD zy$k15L@dL*IfzyfNtDsY-J;XWLZK;#gGPort2DfNymUWQPThhoj61)?4?x|9qpxc|j zZR~*NrNwh!sYAI4;f5qH!6Cbnr1|-{Y0Qui3*dtCTd3R z`dDRlXM3hhzBhm+dql8)+M#0eJQI!o;mW}1@ew;i{EEM&Q?+I_6$WoCy^Fq29bC_% zPe*4AE4Er9T7Q-ad$k4mD9)}~-FpQfd#B>vh~Et~399&hV$9#geT3G5^4OO0CCph0 zhCCb6^DwuiJ~HY&XJq>*=?$9v2Y0^Mp_#VJOj)_@_);#(k1R1^Vqa-S@Du~axaKKE zML-4UYhHm~@86{!a^8?McWg+L2P;BRjY1Dw2spbo zt-GhN`)AjAifW@jWqL?1#>Bw!@0PD(*)6LkW!`NNjG|9Q5UbbEC*#Bx_@Xu z%;pTF&R*Y`<{jTOx9lS9`t&j()E}0*0;0Z|oj^slnpo zwwL zib&8yyWl$BW?uHsl(&yl1nfFgu-oZZGSqX+No5vPy%_Lx_-wz)QyFZ_Q{p|KQu$JA zTnR2NvE~{ze68zwVN~?ecMH2^wcx$VBCu{7P_RSc2=paml1J*3pje|(em8nj;E=Pi zK6Lvbt~+M2DW24>Z2v__!=)pguQoa{yIuc-46AZJ4k4 z0#@~c2?l5_`GmY$6pt8)j;ES;1x$|Hih4kBvyu-_sjO$F*hkUIF zkj0EnPl(tP%!ec$M;|VNXqG5=(kTgVqFPSX!Hee2#}Yv=1EjrNx+$ty$0a3gbmVs% z)G9{oRK_U#%Jq?O3)vFQyeZ$#*kZE$KGAOcJOp$8ebG*7zhOnWzrGLdM&|ug zoPRj$u=GcK0@{yANL}=_$$!>$nu|2wFNVm8qqbO4LuK|Vig;SaK}tDqb1_QD@A+l* zgpiv{O?mA|`@v&!zc;ij#iN`V;Pg1h)=nMxcJdZv5AEOOqB&!*_>RTW zT(^M4kr{VJTgvW3bL`v(D_Wk?w`fXMI-CCKhcM96&uc zN;A5#>oKojq1q zp3+_U5^_nNo5}*h_`iVBj2vluunNY13KgiN&s;y;5V-1;*a5b={&(!|T{jjNzRJuU zby2LgTd9+$-t05MY-q%pY$|=$0LCv4*q6@U(v0~2v<3(lAkXJ`i?>!y#Xn!x7qL;L z@dHYI7W15s4U86#y0el}#7f$nseuP93e2p=a2hTT0n6$`S*oQYJ7B3X^Ev2(B7)T* z-Wu#~ng6WsPp%-Mb;onYbtN#-sP0_tMD;DGmW4t1+cLkabRoV#-$?a^x)~uvoaqre z5_+l<%KH++ta_mvHSdocwSx}BlGODXu_1R+1=GG~yP;ago~Fofj*tHn+yCXhPB{jJ zf2F>gwlvqZR3h+Xu><$G<)O#(*=cNOMxv?{M<57J5`w>0-3+k_`XU=5_w1SP?6-H} zLR5`O$2!y-g1dud@6kN3yMN&NtPdu+goR@KH>2k9K(`KSTfW+tLWcs{d6 ziwiX6>%!C;2W7Tz1^=Go{zkcO z_(7HB;A^z1Q|po=9iEF6@_trJ8E08CEf--ej;A^tq1N^)v&eXkVuMB)w8+@mU!wR z(5ivH^fd8Ye3{Ri39Nas`ZT%lN3JH>s|t|T0|lRf=u#7FYO}13#mZ$XO?Z$vH+!zG zB>tmGoa_abj8NS^tdOM3;CR-N!4&JK8X3umk&jE_J3|u1c+-crG~8~I zS3I;l%nyX|fV_STPstE(YHd9{sWtcMo7VSMJ}`OYgTomw0VpA^b^L7i^)9VLSA8f? zxms(voHrC3M@Cg0&u-W6UMcU$xZhWYVg7w}2E&y`E);9HWEZ7J8WV6dBmPigep>Pu z(#}l!&P(I9%VVYefB4*`jM>`Jy^)PYSr>{ed(AbucY)#@FelMhmOb%Q&DK8z-t1~x&0g0)(0_n?%8my}a z5`lXXt1sE3sq~+IMJr@%6d1)*Lh((;lC8zqJ8GB0WgkRwg8@DoXU-9Q43JJ_2JRDf zVv|(qA2n7LJ6kh@nD{l^QWa_ksleO(dcE1!H!xSr@ot@daU2pna;>ehD|yHusCQU& zYz$>SJj*SWaF)#M+#8{?- zZh~GfZb*ush01kRj@*?GzH?xr>84N0{i8#vD|#J;1p<&A_?Dam@;e;);+;VW-TS@L z4JM#UYxLp`g60f>wn=(&UACC$y#{$O*>ufEvj1+%ubcw(74oWYL0bZuTvr zF$86dkmk8nmr<~1Iob18&6QK3_iKQGbY$D2L@N3FS^T|MrhjEK+aLu%Q=hJcnX8HVe2fqxa! zIMu7R=wvb!j3u~(Vv?f#MaUq}n9 z^1|~uGraH;8A-VRtu4(Y44DRdaStGecruorS9Xcyt#NmcSEh@XWQvF5Zvx1PY#q=3 zp*+nD(xTn)vh9N<`QX{V^hx~VTXmuW_dW1Q4POgIZrC{-?unB1SF%|$UfYK|5&YI= zWX-21;a(ZioWLMlkPG^04n9&~pt2t?9xH1tISCM+^3r{thzK0XET7hL9oR2DkWK*p z)?ndj^t9_)Y{(ITJySweeSNovG07xF;Zv1_kBq_?Ayc>CkcEeq63NZaQHMnZ@Wy!$ zQ$v!z13(m%!ew{+xE2oHWOU+EjN>sB$r;4SwzW*DbCmVS+i@Y!!F5F=by)^$LxXB1L{UjorsLzk6!2)wW+oM&QwBZl?#CKxwbivem@M`m3s)pmpZouOR&*7na$!}nMnLtjV;W}=c!@HWE^2EfC| zUg`*#dISz~7{2OGW{c8Ks}MpJ{s&3g5{q!~b8fe!Ku38Nv@kWlXMdCeDb%H(px~XYdi3kg+5fpC7{NfQLO$)GL_e z-Tkb&OY}n0Pkcj|?-fwrXWt54|1r-|GdC1Vn7E0|>8txzK(oD~ED#N@+35x#_>S<|BcLM+YFwCBhd$ zm8)1+03_V-kUWz>^6o74er(8AZUC&4b%U_i;AI!%y~eSJo9O>#z7((=0;rO~n=Aew z%!fX$IozWw_y-oc1mL_oUws%~&?x%gnyAxx@4tLnkA2nM!`lIb?t+bZ*!mnL{PHh! zd}~ixjfLi;3%A4DW2J|U$A`dRldRDBTk~Tn_NNQ&trOecyLq1<#WK6m_K(6`=D$bD zxnL8UW#Q?!-RRR;X`e}&ippo)2E}_?@ypluqJLHm2j55=r=c$fx%Z{{GYm3OOYi+N z_ez{K-rC%zS;@}|*2vi01_lkISalzLw^@hIhRjdiTbc^#MpztQ8dK*aG(_!R&Q~Y{ zXt;lN8N?*k%+xOTR#cr1Y^zlZns|33q1YxQtXJ=U0L%@lz{>%+p?v+OX(qr0_D57w z#aV#pVa9OiTh~QF4a9+&xGql@gSd55=XVO8Q}5`5!Bf0+k?ZRfM9Nz5Of}$M47V0X72*75=|ofTM(^3N7p8iv z7xw+N=I+%U*1ost(7z=0N8)bn^?JI^V7lpWTwt5=2{|N#81j+p-{(czuyXQp=-CZg zM9cjJdEDupWvzm*%$2!ui@Iv{`f&4^-4R%TB@X5Nz<(PtJQ;DINTg?VF?cjKHfhuj zU|jyK2b3DTFriwW+f!`l1Ne;(=K(-9|HImF2)DMaq8mVk@(0I@0ipq^MALt6fIw3_ zz$f0IsRCYqz`ZQ+@XoDP;gN-@7XRP9Ktqojl)l`MLw%JaNW^P=SpD1()7G00MLF{T zc8fRt@l`|Giqk*T&5m2@cb~I`Q`QI(h!TrQply}g+Fh#)o3xDL(L0rMT!rv?Qa-g0j}_3cgQDg@xV>Mlnz=~pZkWQ>vf zq?ctI0MDdvBDYd8RXw;=`;BGUnh8*wtjy)TaTF%&&ClkzU#=?fv_(i2E%_Yvw-FH35h#E=Ifgs^Gm)GdJ*P#HO<_A%U2x@DGhI571c|Za%Cvr zLA@;jm1r#kUCV}%Fg_ey%>}e}ZBz+PKC9NYTd^?WNr3HE2JJHZV3hAnYEX)t?Igo3 zi(^U+UFE%T1nAELT#o#gsqWjBC-*ir58oX+vSqqVd9Q*W?kxy5SLu*C*{qvCqdQb! zbB1T-;*wD`)povpxVv|kiPwQ028YDNFNwMDvN1cji@#gY*XN*_nArg_b6yf7kV#!nQtS>G=?g|ia^B;QAzoxG_SeI)u4D8zWnVDTw{KF z&P*WYm~QadkpM)FwdY!?wk9Gt_kv3OfA=hWxc@?Fpw^6>oup6Bk@<7r*u7y8BC?%) z;P$A~U})rS4Eskvwn|CWYr%0$(mwQVnnYzr6}#?d8_TWCEtBy|>29ds=+fbT_dT@5 zl?q~j;G^YgQ$tjI+n(b$pbK`vrgec?yC>rUUY2wVnVayeqykGOm){|}9%1a5B^HAn zp1e;Eyid;$Gb-s{&pBh(Nvl=`qx&^Rm-^f<$^9e$4}TuDDZ%;f7e6nny|DR0;333- zo44E>vfLhZ9r?#Srb7>ne(Kp#;HR5eq5Q9n+GD=P4%?iM7`kF`Z-(|(86agcZaa+ z_~SMRJOp`*sWGs?!DEPDsw3N<&{dSN)QzPF&KS}@#k}cSjd)QFfF`K$2Qq1S1U!{| z(TCHY9}~3a|N8xMH`@3gqnb+c@f~~q;424A#Av=EY_CybSuUr5R5HWaKo|<?`C zZ<04X;k4k=m~ThCyuVhzPbImuCg!Im=vRp9cRRP5Y^zAJv5-uxMv!KkF}06WZ?xYGCQ$w`eBo)WfM(*vbyOy2nL z)EmU5G8><|oC-OR>cCgZ2E%DEi$GCkKA1V;Y22Z|x?FI$D*rZf^}mmLx(j$zt>A?_ zvKMcgaeZglk!KE=Y z3%wbXo{j>j4b#cNen65v)>YxkiJBdUrPFTiJi#y|cBOO&1m9 zxR#FhzFrqh_IS58E*%n0zo2|SH@U!LdNM`Y-xjt-K}j|K%TD9kdTkemEgRs$&KPbm z*{fbTV;-oFNf6dVJ(K#)BuVdTI|D0`aI^t3)Y<xTO4(h z9-T0$V(0GMkDx23b90;QrgQFR{5A2<-#RF#eFh51-4>(jYb9kSUFQ=!4a=jsX~|~) zjhzMVyE#Rg_$^H_rV>qWkB8@xlQS|mU60)s-`LU|>XZG#>ZUZ$Q((4KQ{6@5^cM$5SG%Zm zdvwl4EU}Js={6x(PI7}Iina`ly$;__ERNd& z`XT*tNznH{eudPJ-^V!k?b@T!^_N4rRQ;~gJL<>3egX~y9%gQ@UKSwtC{MR;a^X%H`Gm0B4G ztr~i>@#DwHJxTaNYi*KCZt3G>6{ReAtftuX1e3&C_D>|V2I}gOQ{<}A@UZFotI`t6U;2xg1CREx*B%8l6Q(*Y&2)_P zWWwUpYfe|1npA}8MqMBf;CynxFlza7y811C-AsM#>O<>IAO!k6Q@0#GHPPj~x}X=? zPNEqj5_J#z$2L#C>ZoboTB6`Cz6Tawpwfo|M}A{0(uY#BE@ebM*(>Qr)2k_*SGzid zVur|G3M{%XlB{Gp2GDKiY!Y42_8Zy6SvYgB?m^(=Ajd}4JKfQ{J0%<}0w z+rbm$;-gtJ(&X0wcJ+W;UPlkcXC}718kwG0UU;8P!siJsI54TapN}6GOUeevK?#Rc{1{_7!7%n4n(5a9|xzp6u zaj+zBQul&J!N#S^4I>E^qnSYaX7Wt%G-sIZ_Ol~{CO#6mXcsK2i4vVT>NU7TL^+_+ zA)S0?X@6kGYu`{&5bCKMU;a|q`n644y7mRzmPk?WXEFZ4o7*1i^2i>I8*e>JaE4;` ztKVWa&4`6&W`c{<%~?0Kni)p6L z-L^tQ@r|xytT_X5O9dij-dfcZ>Zt$~X^aNhL*ARg{^)k)iy5v&L-yXnw=7N5$bt7Y z+B6=;>yl2%@y;rb8bJlqOtO}n!AP=e;fklRxE{>bx9QGisTw&o+VdUsdDQ@9U9AyNg=wCWcsWIYQpS^UoP9Xxj}!#IWK%&S-(?rl0p3xVf^W%i27FX&WGTBFxx2gbvg^Pdv) zTxuzC-}lm}koQ|lUzZmm<1c2Z2pqfK8x<>Zf zrLcY_OfPliuX+ zZ?tLBkgrx9wj1(Xc3=6v>q=@r%E-e`f-(J-=&c&xIj3Ne>q75cIV*-KkA^Mj={tvC z>vbT-1)Ds4f6#Ll@mExb1M$a9%x4c)88kzhRSAKB`8zw*FfS7yZ*8@*S}{T?>olw- z^?95`PUjM+kj6Uegip)Q_(jxbZHa0m%JhDbJbTw~Dvo$ze;1>t>vSi#|H>o7%DlB~tMy`>az) z?leOO=U`d?Y-B$o<;rSxJB}L)r^Tab)%(_b;51?L6jq(JE5jdUKL<|j)>zr-^7~Rq z9{I6+E9r(@P;Et#(nz!Fi+X(j!DYCMhX?tNRq-a9QiW4rJpOcJsvCv(?7%i(hUx~c zjE$hT9&D0#x-$EFmkL*`UZZ3|U^)4~Y8k1!- z29B|ok8epyRq1nCAwm=L>)RZKkInxWI2NuKVS;paOEO$bDkIx1_Bb0PgLFa*RX6Ij z)Yaksjs-13Pdqf>=nJsQA4YRY3yqWv=4qt9{9tB&=2t8H%@y7}^P{!v3=7WMEQwS4 z?b?twL&rM*qY*OyR2q2midKNz9Z7(udF~c2!U_&!XiTI|4R5%*2je+Z@^p_jWRg?G zP4Z)oE~+-UrXV_1XT=W*3xZdFhUPsd=vEGvOtP<^o#$B1(Tj$ulWB+qkMGzPi^9ji zioyF~8!MCS{vOV#Eq(5LVw~HQt1%q4Ivqnz1Bb0Yn%s~)dndJSv7gz9DpY=pYQ$XW z)l1<9heB}odmxkBuV>stS@SE1wxGd2E4<_t@9aC3=A%n`I5zG5<*bjna}UJ7m{~~_ znE7%hOW6drSH_e%zHHQNP<*12rX7Gk9;a`b;?UD_oMsFkSt5_)JbwS4#fkKPUSRb& zj45WlBB4s&zpffRWZ1;F-0=jO8xtn-J+k!9J5G&(F*4{3CEG6i({Xl$NroF5<<6`` zYd2|cSz7i4EvIV0S$a>2b3%fHS-%NUa6jq63z@2Wp4DRsSLLP(&f6`g!=pUJ^OYSp zv==h%vt`dhcnv~g*7%Ri%KP??Ep}7 zax^GlDmR`tN-wrpti#;`!0qF6;VGgE$;x$kkKjW!!N_IIgc`iK!D~(Pj}A?mpH!o2 z@7i#X8(PnV`HuTiZ>1+}aLq){*(+dU%7UY}^|h2RQ%Tk9?ACqVeW7VwJ`Opwc$6ix zFuc4>A{1`$TftZ6vVI%vFPJWW7p)ZXcn)@7yBJJ+rv56qlv4TPw^O+W2zw+%gXe z?dL03IpqbyOK>eaFv)A;gN}pu_muIJ0ND@nTnl5l2 z*jOcjU!k`g35?UF-3CL)u`2>s9ADEHZ8hJdrF9UmLf0V3R&0y2O%*6kmx{teOrF5> z{<3t*B_5yhTXl?!x9%U{9L-VfM&^~K`qyy>DCHMSXa{UG)b$dFZ_wkLVxyH7L&t)l zAF^37V2#Y31{kb!w)gUh%7=5`(R2sDR5z?>r3K9sdVFo;NUoEWen!~wZ0Gmm6n{zcXPY`N1bt4@-GKzI)a*L*^|PFVM`inymC^bq!?j0*s2 zQ;vfj{mGIUA0DaXtk!CZAPOV+Vsdwyxi=A6`=DM7$H;cyFwyy}SL8E4>b%K1|A%5o zDL#2YHZKcuIz?=vmbsTA-?9`J`mW>yT9I{>*}Ot1gQ(7|B0mxK#g3S6Jgkid$%j5E z;wqOY4=jkE$F(Sp+K8>H&g^FB$#5YqNV-FLJmP+Kw5q4nOZ=|#Wth}>8sdi{yf*b*a98HLd@G!qeEKI159-$KI$IsD>N7}u-1W!@AA2Q13$}54egmFa>tFnivfdfXbK+GUDzwQXNlY*ulFnF4RR`xYL-9t(|Rg6 z>=QMxZyBpW*5k&?X_`Ccf+=%CXSTRki*l-@WHmJ}5 zsgVRzu<_hTAKvyOJ z>pPV$+UcYjN|Elt;U>E)94FE&_7M6l)~4pO6n)okqtV{D-^bSLq--9p_|{kzTf@`F zZT91wg3XZi*b$Y=%Y~zgPx|)dPDGtpvhG2?b9Ux6IrI=~lwX*AbLKT(&gQsLt@%t2 zPIXELdDoj4cVggJpWCgWkPr>iTKmPbymxOq!gqQODV7S}>0MmE*%z=cJDye7HTTTf zD4)a>c}UG$2oiz*@ayHl{W(Hs?6#Ghrko=yxb7C2gwIqm2IR*o_4cb9tVIp+-DsKZ z&99)aX0{VEiVf;V65aV;1x~GY=kNVTnig4A(EsBa8kJ~G$u;AI?)nwOHEfIN z2>H)|dJiIfI^V}cyk_P_sOQC4Eq8o`$%wYg%OCN}$Cm-}gS)TVkR z+xcC;4jX$rDfShpRV=x23<7zM^~0-5oE#Y&KHeBlWz#G@m@lk}j8KyuR=sq!9d&k6fks;!Z6UmXRbz$dH_JTbffx1fST;FL4r*~-?1l$&*^Pw#%mSt!db7}4{^-cy zjUoSNpD%dtot*pW#u&}rn6OLiusv_xHS9(HOv}{5{Q&d(B0B7d?1X_8fiSW9@q%A> z%}7Qrr{7aUR{}mN{MsV?E}eIBDR^kky_?P({$ynfVryu*yyPq8(VPbsP9Cp3S`j2Z z9|VtV*VC)f*~;0KgiQ_sqV1)iBBm`7F^(WFFKRgr;hPaLF5MB^b`j5i@!~1!->dcE zVnq8&lq<$!dGF+BAe1j{I)UW5@H~#4r`ZvK)zdd9ATCE|^=D6G?dBbrASSG>NO?z<6bH4Jw^;nw`)ZKOz=0qdKzl zqYx&HFZM$OPa6|bz>V@g@>G(n#~ZUfKUvoV35!GZr)*WMf!YkTZ zdhG*n@TR`DO&3iuho~6fjhgdsWzjAa5N?)zinQeNSQgRX*BBYZeP6klFL3{M(1?645>3e z!N{Lf)3aB35@I~c!jINf&uz)*y*BS6a-gfY5=PVSJ*kcwz_!>h{!@2fI%^&!ljYp3 z*V6o?cX2xF7D%{-W1T1S2mojomsx8zMYmkyR@bD`0*98OT3NIK3jRlP^#T(+11l`3 z0b__pC5*8*3VO%rsuCmWwnKW5pl_SV#(B_DuDN3$P^kiV!*QXqa_8be0}I8_l(Tlp z)bScEVEO4%$+b&JCW}U$_7vaxO;lP4GGxN^EVTg7kLCh)E~^1D>l51Af8?hB#uU13 z$kb#Mpr8*nQsq98@B-PE1OX-^$L)Do+dHnrrkaHTi?uSxa~2HH1$U3HT$tnq5uNk; z!^2RZK*)<8&CeUj-7HlI&NGh+PjIN4=Kj7%u*HKUlejLo4t8=Qb6Sm&F%W zo!>f`p#3HSTcBv2+{%SOp( z6~~9FOTQ)*w1?pzwvBrVS3snEcx%eZz;iz_St1+41z|~mNI{<`k9q|R?M7R5xqJbZFyWXoiwv-v$?v_=8iRef7wGw55SNo>|Y0N;XD z!U1J#083r<(6_GXL*~nULw~H8dyMro0nzZh@?C_M9B8dSR@KYXNW7mEM<%4Bp4e0SUwn8lv8%Q^aOg*`l ziRNR-(6KUt(OfYZ!j2eYde@Yvs_e#4EH)T2ePA>5!1`^=x1Im)DjCC&E0+G?+5$<1 zsF|2yzOjjkBoBz~Ud8R~hcR3nN_RHCU|3l{eunD7r!uI4L!_lALH_E{st+ zit!aWS*blIUe6|f_N>hE$s`sP6z0w)@j;s@pP}{GmFR#Cc6D_BJ8-A7!F}fRc3c#8 zcEOXqo$scNN4EcR`Wj^K$cQU8!(`Zt&{n~1SEiey{>znRqdF@wKWwg9pK~H-aQLCjk@my4gM1MYoOA6c6?5pRNB~ke0{0W*?$DZYJO5IebTR- zL%0-Y&*FN*ui`lNS>+n>h9VjpbA5|R!Z#NI9xwS9;n(Q2&7OSI6q2fXCdSw#Lv#~@ zpJ9TKJ0j}z@U%lCi1OI_W2>`&?8Y3uWC2dMMlv&4nVNDbSgDbazkKfY0Wk_@wC6gI zWv*}q`?XuQ1g>SN_1lEIhfv+`@6b)@H6U5Bvi z(QBbM5nI(%p~?*r?mxAT|ENY(!=oGV>CC4$l?p-+WJkXwIi0H8e7Usa`9!?G{jHa5 z+4A-<4_(UqslF4piu=}e_DU)%n-KSEh|jKWq^6}Qn@9@&PWdqsFWuwHhpc{Uu75FP zgpc@uoeY+O&=Gg4WOF?@IP6d#^0Q0-P-XS$S&z!q&rXEY+~?Y zmM%#nQ9z%ZX(fA7u`ie|qzlqppCE_QM@NYVp%1U)5Afj3yCr$N@hSyz?2505^M|o! zU5Mv9NC{VwS?RMGC8}Css;e^k9=J*S`E3^{;yIOO{ThuS*-BJO?_3t}%+NjY=LZ(R z7IU=9-XM3*a0o3*!FTHOfKvX>wwpW3vu+HH273gJ=NC$Q?9CJZI;r+KP`&U_Bru1j zr!XW(mRQIU&#)|9=#RHp*LDJ8I5(>3tY!V{O_^qNA^sWhe20UjBUY(!qtow8%(91w z2C&kA?^nc+^fN$JM6Zv;$Dly=uS zz*~&6nmY|a1B>6^Mw3r0hqg|VXG?C=X@o~-hle$js08jO3QHInp7A4+2~j!hy8(|w z{&LaK{$b(NQ?rTkD&j9D2}tIOzfXRf(jvdWUtLr8=cg({jtpZ%J9-;hE@c zGYAd6@m6iva@&J<3IZk47bgc^XI#os#1JW5PCkr}8J`H|`v?k@RY55oa}j?JB+F z-_Tt<_GYsh)(NDkmZPIkMAqhGn1Pv2|C!sb(O>GuzJ@UTq2rUVc@LQb%^-Y_i}VGn zbQ8<2IWvK!bw8D#Nivj(Hp6>FdPXbOlXP1|1L`G*Y{$*_a&CK#kS z`bN8F&xNdyVNea9pdVkPMvWS0;Yrn$kgISanX(|#8^)J-3|juGTVCU8uTYR3ZH@e` z&~W+4X@>T^38OJ+^^NE^bEumP@RhJ{sZQ6r+{iCM1;!r#Wo!sPLDfYC6vr{NR*+_g&YACtp`cu zKH3zL)uxmR`qO#NJ?uDB8+hh2Wvq}AxO(75R^2A=&d8}+Jl}-Kxv^&xWyxpIRTm7h zM%I9iaqw!UAY{fcG!Q0w1US8u>?UULiTgRNKxO_=Y>Rk6(%?xgAQvN)+(9bLeZ>=*`()IZEVg(t@Tk87FopH@fM8 zap@$I?+)zW+yYYRZ17L#`|>9BSkSf5y^;9rMc9*A1j)2nTYda>!~n#_x98CtbD*Re z^n$mRJzdBlwQVO{2m%8{>29n#R}9S6TCQEBLwl`1!iw^u<@PFydwKBJkC;JE^&Ndn z9E;M`v$n_2D@#ECYVvJ|+)5`4IdxqmQT0(e>hcKPvkJ+PcLmzb+OBS~S|%0CO>#z~oY}5Ap`%iFM|xp<~iY(LB7}N*s>H z@tfpD;#==@%`MUf%Rdmd{qgNODG?^-of6AmBvGa% zAs2RIvfnByAC8GL7g^Zuz4UMZaX093`_zlFGTG;u_E*W?qoT2cUwwkHoMDs6(If24 z1zIJ<{K4S{_r$fL*c}fN9lynUdt!n( zGaDD<0`V)fw}7r$Ra;r0)q3Z`(RlfLm0R&lFi`P8fE!!}SoU7U#V>y~@7JyX4Q|Tb zhLybxkOul#b1P5WsA?#{E#1~kF$Ths6yNYIQXSeorZ~BHqn3QwaO0>o+5r}O>I`D3 z$MT6c8wG)A!PIA*EP=zQwve<|J!{q_H{roJU=wj2$;_7sQQb2yX81{1qf$&7l7e`q zbfKug$+XxujE`xJrk~gjGD&r=mZ7kOqs_NChEM^82e***>_uNf;lxo$o~=in#~Y4~ zc@exuPdT$^3AYGm+ZIIJE&h}JF-b33ZfT|92c%fbf?K?ZbGg@7c67vNvfIY>tQ)g< zR9w+jH&#*H#?IRO=DX57c7f9!T2wEIgRHB1f(8Z!Dd(-;4VBQ0O^ao`w1zP7$y)i# zFPOR6=lbKRN3u*dH;X(=f7Uegui@qIFLLea!Ies={VQ^A6FSZO%f*Gxt#>i7VmFKL z`nhh8XXKE-6E^ySEDCLhV3bM+Xo-RcBl{&}2w!-}nqC=kT)L-7Vc<1T{u0)-aHRI* zypN*x9H<#b{AhS`>W*vvwv96-YF&iw4JGy|84)_zF4;mM_PQl zWnk!T)i&NRH;^r)-4y6sEcf&pQ2lP2yoAJ4&b%Ttn`QM4ZuPR_;-WtCS69fb_goy#g_5J`wGcWwH_=?&Ysi8}3Y*4BnJvsBu;BDxk{cCLt@V$kF zWXeRX=T_gK6VT^^rqVS9sU#nKuI$h13tg*y>gGs0pe4SWojx(#rGCJsN~E=Fpf}$4 z>AUH2WWmGgTXeuH=oW;SFZ&*gpTF{U^c~9tUlpaX5ZWEoH`j+$o2VRITwloJ@WSqF zhFNyqiH{6hmRdM6xRF!xWkM?-Iq|*Z@@U%j1|WTbmuzHC?x3eG7#j z#3tpRt84*cm(nQg@M752;7OgN|>jUhlB;15YxYLcyjJ5a}5i|mYnwYx8Zdj>*oabZN5RVWCEM- zp6L$%O~}Z(oV}$!lWv{KRy!XzR*;-r+NxJcj&&Yz4{aA$v~me7rf6=@%1C9o;RM7l z>()g5XUetu+=1;^IpnpuMo&owg^vu@r~u)aq={w}w(Q%R0+~r^is1LDpux^>?)WR+Uso51EayM_8-4V6?{D>|t+jwDj_vvd z%LN#%9sT+IoobuJ$Rod{fgDq_-$fj5*UStWFbpI&&hv+SRA@GHGTJM4=`R0Id*>d{ zbpQYVuDYa42VIpziFI9Fr6z|;qcELxAUSTdVGbeZ#K>Xl%13=d>4Y*_k;5jN)3yv- za>_Z!F`J>@b zp{a*=Ao%7~e+~1xR;;XVy#~wM;rDB!XOGC3&s-{Wscw98?$MA{OcUq>#5G!%){%S+ zrqp5hB>3zGN8KAG)1#tAHT$D09pA1x?OIkr4VQHlxa&z5;$DC61NX-Ke_M$6LpAw7 zBKy;sDjRxs*gc=^(EZ$?&_9574Ji2*c=E1%uKN3!B@D$QX{fp6@o*70rDZbY_M`8gfP4ney+G~Ij(|fPt2&agysZAn29_v>Rl77qk`@KuVl*2BZ=XM0{*l=CJBJsVO|6DIvj_*-#0zzx5W-0aH@~KhWA05&Kbe`fd z1qBHd%?x)9ni+0xx#nP%8`5MjH#muF7fFS9wLy<HOjJsKLi00VJc-d1F;CB27G?c;w^oToXZIfmV77vSd1ZaY)$)u!Gfg4!{v=@FX z14NR>vIt-0I!FJ;62G=(#tGmKPnSvw*PXM`qb1T1J4}6A$MYZG^>nApdKk9}{oqb4 z_#xP2?L%OxX7(1VL7t>*o0@r`GCV?!fxh8|P0n7NW7hPfWa&;zI8GX`(`Q$DAM^vx zc{<4wvss#^O0dq4Z~U#M7Bn@M;?b#NK$Bgsg8Py;2I{`~|7?F-73&yqPW}n;)jyve zEei@|#zX}9t9%UspWB@hk)hpSMbC{06U`p<2AzDU>tonfF2O$+-85KquhcltMiWNT z)HoTb9kKr2#v^*2`q#fYdZ1=*NHCJpr*nYmspOS|9NJi;jYCMg`j7p2v&h-IY^YW) zd-}oDr?ON2E$@d*XHr5Z$>F(0fi(?>qfN7uQlQwn`8n{DM2*2qE4#(0XgXRbWUya{ z?9vMyE`4+5<)kBjAkI+3G=@3XGpWFjnE(8+e-1_x`{4pOEb2UR)oPD;&ayMPsw#-Qx)o(W4bKr%ali zm=OZHr>YHEy&VCWIri0$`yx~8be=oFEY&t8XYgEG_5}OC1N5jd3sz@@Ln>!At?=C zdZHxXYg<1DObBW@qU|0$cEI#8$&n8_%4<4Ex>@45E>%Kupvm*Ovd^;9xHrJ!xW~b# zZIgdA$Gv$FKv?@bl*h~Qkb93qGv|i0l~8FPnpYR-PNe%aZ_iBcEPJJhvsiuK&P~;Z{t`TZ;!p_y3YrLTpme-=;cuhDV!g4inT!`yULP zX?3<8sr2C z2B4#>O#|kEbX-Jt8#Nns+P8P+>J)0{8vgRxyu`S5%0jJ1(UMe8kYtX5-J9-Os^D-v zuPx_whd($B!jnqx)GA==H^7Vre2`LwiI^bQpighh-mLpEKYQPxUeI^aUt_ZBlot(Y`pPt~b;Rqr&-Vgsy>$&wkJS?w>PIHbL71tm;r|<~ac{ z)aOe11mYu4?Dov+o7R$xQmH?l?k&Bh;#YhsGG6{1NxwwcT;ghvPO_=%oJO&;(4J?& z{jTzzX;i!q_h;*N=J;M{r#5KqPF<&pm_XtDXaU@S5R-bq7$2B)LmEjaY;9Biyldfo z|MS>AdROwu-apLTstZ@Z19}KQR5f&oLe?Aq?P}j#f^wswJ&@b?e){Xff8KOE9b1!+ z2J8i_Y)^R5zUkepS()Sx~gWlb3NK(Z??eV_YG>{tn{%XU||3_7ZRsX>luDYQA z-346v*R65?@qceCcK>9dS7}ZC&%dogiublyx&RoYBYFVwNd9$IKnDPKo|i5yD0Kl( z_~~lLN6Ll~e|8t~i^c%%<=>L5#im169^FoH9Zb(Q&lw@8R->qp4lt*NS{P);C`U94 zIxJ@cYKK3(JI-CghcF2W%IJCnP-g-CQFC#QrKGy1z`3U1wZ>hbt8Vw^&2?rDX3jkM zaO;4*q>ht%gfl%j)K2*VKmD@o%>rg-w9Ni4e4!L>s4^r~~HnY&y1! zmuNR#+`?0AT%OBnw0iR18fi%Q({UhdbpU8$jP7>sM;sehDGVD)x9Pv^h#bE3Jk%|& zbs6UA@0|y}sHUma`dQG&_pu>*+v!(!`{s~%T;+AJ(n<5Lf!zOka&oabxq2B75{ED2 zLHp?*t-I4F_ap^Bs{iNF`c!_!D`%a&Bv+p|9}S7uwKsa1<<8&YEf|PWaDd(?qB<@n z;S)48X=d?vpN^a)j#Yhx-7U*t>Cg;HOSMhyjW~q>hqCfWDl(tQfh|T)g$_M)j|nJr z!ZEN@QP&KX=Fb{7&7J6*vJ5OGrKb%E=>$n=Kcj}g>y}-a5T*f8YkmU72GpPCR7Z?HxFNG1V6+q_-pR)d>@v8&Dy?feGV;4;>`yr=7O-Z9q?_Iegj6g6)(9E$pT zG|y?vkKtbaO}mfh-rWm`BaJ7uzV$wjcX%T`whHXO57F=5jmiPI#g(1)mM#raH#5I` zGv|62yTBzPzivrfJ4R;}9Y9k(vC9dR%a{nEYe?Cz;#7y8tr`p`k6wFnZ9d-SvYCF~ zk;P@tYAk1Ggybr1z6#Hu=6DtJ*~=hTQ1y7QTzA%7Hd}|Z?3nZrPNNG9?cj!n@a5nNZJ{yD6TNYGzDqE{nGH|2o1baR>{`Ie zF7v5R#iNO=roI7MKsUc7Mzi{oTIKj+YdhOD__^LBalBakajFH@B}7^z`qFaBZzo53 zpPCVJ30(Hrqdj%`eUb@Tq5p?zypF*m2mxAIq_0B=EON7QcBPZm?AdjGm!5$h+=*_9 z7?`F+0ut4^mr)QdqY-Q@W|Iw}7>+gYT1-$!KO6@);^ZSE1x**-m2`X?$;Cky%p1oP zj;VIjeEix6F)Jayo;ul&EDcsrp$G(HF7rBkyi3+%ar(tBHbEdX#GUkL%0Am@|Cp1x z7sX0BwZn!@#@XvlGQ)N?CcP3n%zdf~KdOEMY=FyPc8&v=CNF$Jt857GH@1JmLs_z| zhX-p)TI{H*IVu$li=)+KW&4EnR3)@wGj2$xYO_t66!4QN#q4c$)nO)t^=O)YJRwYZ zjo4<6Ixzz4=Vvw?MvZOH7yLczZ+U{3i~E56Gjhxe9m*U7!GSyo;|_HxgPS$6y)-jn zD>c;~KtC#lqqbKdgwSi~p#BQg^ufTMF2U$g}axGl`&4H&20)X)my1(`aXyApEf}m13+@N|^pIyYsb+XEK z@887@h0!qGR{{O>rJJyD-(3_i-dV);WAnb5ce^*=NuTJQn6fW1P?SsMlT4YM8{*GR zASyqoYRJ@;-L*E|)mvFcE!^nx0hv+wl5UUG>poe8cGWWKgPF>zJs7poUj;LP;lDsH zhOE#&aqlX&NfqX`v@0Nd*@!FjE;zz=(Y)s5BhbEdv0y?u3E&*PE^$8ltLjNm`O9Zv z_HrzHkUm=4VfDhlQqHEqmM({|W0#&~2iS8v^WvsmHnT@eS`V5Vh4%==b+QqbN}q!4 znRQb_;D=2^j#RjYH_tvy{c8S;WpZD1itD1FR9Qi7cqy)KKJ`V9P3>8k-fRJSt`dYb z?#RIULV4rP1{~J5sH!C~;Pbb-@9(i;RGDtL^<^qx?%GFb%*>dXI_2j1rZHVsJlhMd z3EV7FO0zS6IDis;(iz`WWukH!)BQo52I;7nolkwBX7uu52JaY$CF!Z_>l8!2}Y7K8KeASfc^f+Zf&9AQfsIGdWP#pd%@= zWj68hCN8~pnFlA1>ZvbIO=&4H{wcO?K81N~5;>&7OI_88f%C@WBv^qgr z;d1I$<5lKrmd4TRNR>u*6v{eU{*m94faC^XusSYEg$+cu<=>I7K=yAhxtyR$-6iZY z(|nef>|jMCea${p4^yP(->n-BjXCicF>?lHur@8yt^gap$6bGt=ymZI6JuZ|qMwUyjLnHNxe%kQUQQfN9i>9V`(!*?-15+03?F|Wn?vtxA{nVTUJ))N? zRxE_*D^h#!P5wT2$w=MSYTLT1kXeTayhtLu#T%+SRhL0CgiAX_2-|f{dQaA5puLRF zgZsS)wek7|KzJrp5C?J1@TxGA>Q|&aA)~^rlZg1X!zk}i#JN9-fcnDuq&`q};BlmT z%BQeWq=&2yv0&fFyWN?*R=TZKoh3e_qaBeFI{M5R-s2bfflKIHE7#*P<3f?5OqZlEX%=K0Zybv@QQJ^jEh!1{}khnt5 z_>cZyZpz3m{`8)LuEZ3CN`P|UJSiV7CqmYQetF+4T9|5Wm&<1_ zi_Ri{Q#OOZ?=m|0-3n+~6~l;v|Y2~*7Qk-I)nh})Zt-8Jha>{jw!vaC!5hbc73!f zwMh$4c2P!W1s#pcXi$u&g_jJ?j!iY`E3bJj+bxZoAkIm#WP@1e*#YWloCt%ujEoGv zi)SnLep~n7>}u?{^}$sBX0e5zB9;2TBvU@d<`CL$Rc2Ho|2X4vMi{MrPqhQN0oML# zpV7ee1)=kUflLJA8Y#cA$p-N-+jp;z3gUeT(2Jkkf=9L|)dlY%_N(c3`vUB>Ex!gR zeSos?xdQf7wwJMeNd{xcO6@QpS(yKjERU>QG&1IEEu$$X4=dn=#uL2 zT^Ww5vj-5o(|FYg)eld}F!kAIuOXV9f%e&>3q|TuXJwvZS=RRkNd5{wVt?-ze<{2@ zrJB@aEg8^MGHDGoh-=xSIMcLVPP}iAk)cCg$jrdz)>*r{EIQ_Mre8C$Nva7W&AEMo z@-0;Vb^HX#(*ru)Fy$e)S`J+tg!4#(Hu|8vm4}5gIB_Z~N6|Y%&{gm2b`KT92`8Q7 z0|690xN6ef-jxb{DyGcg*lu8!WP@G4jtb>%B18ozfC<)|kV$&0xWJ;Iwl<+n{MdB>Q{;?k8c71Sy>^JXOJjZ z-?YUa2~$qZLk)3^^u>)ZvF)9QEN1wJ!|(Z-qubR5p&QPZSV-f2<`b?=!TEpNwky^w zB_T|%Hw7Qg<{g^;MV#+C2zftqf?$ZKzPb}|E9^9u*<{IpFa7khcZPVgKC2Qk*MjkD zWW)ta$m~c^#yhTRPXPnR806(NjGTL@ugi+#&agS?Le&UmE-K(6s$Y zXzahcM`I|f*t8vn6Dc5}fUdLD|D-`byw8O>Nir1CR=b>}z{94^}i_)D% zCR20qlTwZkxMuC(ayo0WcVDMI@N(f3uNloBOGX}AI;N${yQIig+`rAgTzC4$RqUN<0KFy6G2;H*>yzEL0`k zL~FRI9K^(pTW=qEUzE_riIBKR-+2B1jCx-F`|RvbvvO%ZCM0KaH04u?APHEcE!3dg z5Eq5lfK7;4=m5p$8{gA!Th*z8SQn|%Tz`{Kv|(?gHzuB3<_78B<%xR*kPU6*e;^w* zUE5$J?41TL`xJpcx!Zi#Yxz?$x9}6EAl?h(paNz0t7Sr9YJT3lTtRs~7N0e7L~h+_ znR)9Xl|(BGTXFy?Pb1A#)vpm4 zAj#!7JPy4$x81vH(4cRjS9)FKx62+yc5#D80mWzE1-h@k4-Nsqj@P`s9Yg1zn@K`G z6(a>@p<|>s>OJl<92Rp z*3q4aPAA5HE#Io&y*a$dCya!khm=pT1AiK6vP7N-DOGI#*epXl<8%iavT9v9}G z7+IKDARZazeMEJS1PD(UkIt8T6`7hgqvrgb%j!$@X7~(a);2}lW70NJoE!iQ z?`^JDlaATlPUqLlktit9=vkFn8xy6I%2cZONfFg_X{(HZhzv*rg-#8MsDLux8iiOgXsb1s6Uu~n zZ_q}}bO$c4Po<0_NJ8BlHeCDm^QsL$_y|U(!Pkkh60{X{UEGPs5S^xAr)>X;egQ(x zP$RbwhGp9h4#dSN@HcMt2DQVe*nKak9ma4)iY&{%b4tDs$d z5+U_tm9h;^jWP;+3nWpB2aNTt4^y($k3q z=ZY(h)+f1A8&}*t`~9}M5>?T>Tdy!Y_vW@IUb?5U|Ay#B&D=fnv_txvVOf`F@ zx?CU}st&dyrTPmkMf|tY_#J4uiNAXfV<$#e--J0~dZrx^H?{sb z%Iqh9StyHYP$2vP?t_iMZHyV59k{8>Ot(m^g<(YDT=Vba(Et-+9LH?euhyUeN6uQNKK@bnn@w&J#2KD#gD>vK9s>V?07H0$}jF zeO+z9GyTUU4-ebyeILMArU;GhLbOeRj)eR;`9IMJU1=(Z?aBNa1j1A?9d<2PA-Vc2_cAD?HqEtb=U31hLk2&F zp5~7(A$Y!q87~wfZFu)PSY%!*S!x7$|1~K+d0uB6)8${#Hbosmh&pi~k+%f5)V(aB zgq0U)+`|PwGD+;UOsZ~^S_L1==Fk~~rKD9a$N8BP+trt(k8&oqL6R!n&*5=71L#^L z4#`8!5F=f)}kK6W34puQOZ3ZgnQcwjB*67_f z8*2T)jlxSJ?HI72WUG1MhAIb|t3zh&J#D7CM?fVSA>_C%y?y^E=Mopu^xJHs6C=gz z*}d_;F~(aP#Zl}(PWMX05Qx3?MN6NZlWKQ!X@6Lzr^ueP_UC}>IO5^Rnk^RTnUtLu zuyI{(hEx?yS%POyYKLb;3Mg=sn85~a>%1re@GglNG098?!OwYN`S(+X!A#Ew(rIwi7QHTZ!_OOE3?p=s%*$>Ynt_PjrKH~P zJOFd0Y@W=x2wveB0Mr8MBgBqkW>jkQ#-C4Jtkp5KuGu%EW|rDyq=l_ZD{ml-2E?G#qcYeCnFGkilR z(BoJ5B9G8BF@Evc5Ojr0Kl&i4Vr7;NgVG2G2r@2(aO#!0ZY^L8UgMqRyrRfF4V6Ti zXu)!>6WFEwPcB5+Gh;q>#^*Av=H-h(B|YnXUaf7@N75&G7Co0T$x;yc#k>pYar|NQ zEgR}5`p8tk;h>G=Ra%yHz7l<^FFQRhz+iNoE!!i~2k}^{b}0|LE0l)8fl^>tAt*G| zqP^lxUH!c48`qN$GA`-HyQ$k+HD~0eiLTL<7uHfX&<$BYZ!L%TE4#Z3lo)C(KZVK5 zdgS>V;O>m#FT*c1Gup*3QEFM#G(tx08%1cl6h6P@-m?ssmkHLMAsMyWQaI*nts@y% z+6BaHqo}{8Yzev+zV}{D?Db(lq3!+1f%TgXO?Ut$^&2G2)TsK@FP%Ut^1w!8foz|% zGOgYWHy%LeD+LzpkDxr6@uH*w9#}s2wiEM?{3;`z_|-Ai&5HN;!%BS(8<;pQ+8ZG!wd0`nlMKM2 zb7ai=7o3|Hvfov~x-(sJ{6GGQn63tBuIWI#kv;7M_h2J0hDITK9b3^+7lG17#uxkE z6_WNn1sZZY8;h9Dm}ecVtI6qn^hSe#S(sf>0AFkW7XRm zYlY7C)-ZKHP?y1jFCvDXQ8I)(llHyHlb9KtN)k}d@05liME;7dxkRsBa5K(*6MSk% z7gNrGG|#nyjANvED3Nj#P##+$JWR+z;gJ z0qK;JV|4S|>;gGldkJVmA+1%#BUYbK>} z(eIuDryURU`;~M?MvPnyl(gAO?T)qDZi??>o3rNH6DiQwIHR;^RP;tt9jrn=1lgAJ zoUsELj1!<%@D~~z0KQqB`8&2EdB##sq!*??743WcRut{Ur|p3YZ>OI*Zsi&_YPV0( zGA7a5D0jp~=oA+Rz2AOFf3_DzK%GIVhb_#Egzv0*lk7vkZ)0CsSjCQ2*UZ^>wOJ95 z-NqRfKHvnElILi-FHAt;gg@H&hb!r;ke`s1eM-zhd`(kL)iZ7d!_6DjJ5PR%C0mZB z7-E~QnElNH#dTe=W+S~*_I4R5f0!3jy@*rCXUqT9Ic-%rF%GAk zeNLG#@-%XKMP@%?Hl~r&=OfqmnbJ!^7K11+$&=n7XFsr9&Q1>t?dd)P;fA(#Qxb%s z6B#r9%JY+b3l`rp&2O}R_jY*O_NQ@A4l&jEGtxe{`LDJ3GcLo#Kdo3~8*>|llYvt} zbHJ5*w8P3+u7i-WpxtQMk3NTx!UMXaE$KpCmfm~apest1g6DdhWV)PP(aO|K7K6Es z7WPq|k2Shq_=?&#W})0Rv=~k44%?0-wNi6%DyLV%%<))Jp-*U>(}d1*$(l)(dNr)v z=&*{)mz2?E?kz3v@a${zW(hsrr!Ax%#@nItg(IgN7S+e`rEVdU<|(Oz*rwrL3!R4Y zlIeeabr8D4T0%H$bx0Inm?Zf71ojt*33Ha|HrmZoEyqC~i z`U2uXyi#9Bt1gKP=-~=@DJ=n5TI1hv!?ofK-;(?R>wz4ZC<9ZCN3H4-kdy#gw)Yuh zD>Wf=!4F~L{w*r_sXG>k#p}~SNLnu3ro=O3?W(u0EY Date: Wed, 12 Jun 2024 09:07:44 +0200 Subject: [PATCH 2/3] wording Signed-off-by: Vadim Bauer <1492007+Vad1mo@users.noreply.github.com> --- .../multiple-project-visibility-levels.md | 101 +++--------------- 1 file changed, 17 insertions(+), 84 deletions(-) diff --git a/proposals/multiple-project-visibility-levels.md b/proposals/multiple-project-visibility-levels.md index 80c1f775..09b0d30d 100644 --- a/proposals/multiple-project-visibility-levels.md +++ b/proposals/multiple-project-visibility-levels.md @@ -2,27 +2,24 @@ Author: [Vadim Bauer](https://github.com/Vad1mo) - [8gears Container Registry](https://container-registry.com/) Created time: 11 June 2024 -Last updated: +Last updated: ## Abstract -This proposal extends Harbor with additional project visibility and permission levels -and upgrades the current public/private project visibility and access. +This proposal extends Harbor with additional project visibility and permission levels, and upgrades the current public/private project visibility and access levels. -Once this proposal has been implemented, additional uses cases will become possible, which will be outlined in the proposal. +Once this proposal is implemented, additional uses will become possible, which will be outlined in the proposal. -In addition, it also eliminates the confusion about the consequences of the current visibility of public-private projects. +Furthermore, it also removes confusion about the consequences of the current visibility of public-private projects. ## Background -The current only two possible options for public and private projects are too limited -and unsuitable for many use cases and organizations. +Currently, only two visibility options for projects exist. +Public and private projects are too limited and unsuitable for many use cases where Harbor is used in organizations. This is also reflected in many issues and feature requests from the Harbor community. -Harbor has a wide popularity and recognition for its proxy and replication capabilities. -With this proposal, -we can leverage the existing features -and extend them to a wider audience and use cases. +Harbor has a wide popularity and recognition for its proxy and replication capabilities. +With this proposal, we can leverage the existing features and extend them to a wider audience and use cases. Here are some related issues from the Harbor Community. - https://github.com/goharbor/harbor/issues/10760 @@ -52,104 +49,40 @@ Extend the current public and private project visibility levels with additional Unauthenticated Users without a Harbor account can view artifacts and artifacts in this project, but they cannot pull artifacts, without being authenticated. - **Public (Existing)** - Same behavior as the currently project visibility. Users don’t need to have an account to pull artifacts from this project. + Same behavior as the current project visibility. Users don’t need to have an account to pull artifacts from this project. -For reference, here is the visibility levels in GitLab for projects: +For reference, here are the visibility levels in GitLab for projects: ![img.png](./images/multiple-project-visibility-levels/ref_gitlab_visibility.levels.png) -### Project Level +### Project Level On the project level, the project owner can set the visibility level of the project. ### System Level On the system level, the system admin can set the maximum visibility level for new projects. -For example, -If the maximum visibility level for new projects is set to "private", -then newly created projects would have the visibility level "private" -and the project admin would not be able to change it. +For example, If the maximum visibility level for new projects is set to "private", then newly created projects would have the visibility level "private" and the project admin would not be able to change it. -A system admin can change the visibility level for projects regardless of the system level setting. +A system admin can change the visibility level for projects regardless of the system-level setting. ### Internal Project Internal projects are a bit special in terms of internal visibility accessibility. On the one hand, we want the internal projects -to be visible and accessible inside the organization but private to the outside. +to be visible and accessible inside the organization, but private to the outside. The same would apply to pulling artifacts, internally without a pull secret and externally just like a private project with a pull secret. -To handle this the internal use case we would need +To handle this the internal use case, we would need to have a functionality -that can distinguish between access from internal or external networks. +that can distinguish between access from internal or external networks. ### Robot Accounts in Context of Internal Project -Robot accounts for access to projects inside the organization aren't needed for pulling artifacts. +Robot accounts for access to projects inside the organization aren't needed for pulling artifacts. ## Rationale Looking at how Harbor is used in enterprise environments, -where there are multiple teams and departments, -using different projects, -but also share and common in projects across teams and departments. - -Shared projects can be, for example, projects with base artifacts that are offered -internally to the whole organization. - -It becomes obvious that in all these use cases, it becomes unfeasible to use the -existing Harbor functionality to cope with the requirements. - -Adding every user in the organization to a project makes the project visible to -the user on one hand, but there is no option for the user to build upon this in -automation, deployment or CI/CD. -Robot account can only be created by project owners. - -Another use case that would become easier to use is proxy cache projects. Proxy -projects are often used within an entire organization -and would be set to internal visibility. -As those 3rd party sources represent publicly awaitable artifacts, it makes sense -to set it up in a way that the entire -organization to pull or view artifacts in that project would make their adoption -and integration easier. - - -## Non-Goals - -### Project Level - -TBD - -### System Level - -If maximal project visibility restriction is enabled -and the sysadmin changes the setting from a less restrictive to more restrictive option. -Existing projects visibility will not be altered, settings will only apply for newly created projects. - - -## Implementation - -- Database Schema Updates: The database schema needs to be modified to accommodate the new visibility levels. -- API Changes: The Harbor API needs to be updated to support the new visibility levels -- User Interface Changes Project Configuration: The Harbor user interface needs to be updated to allow users to set and view the visibility level of projects. This would involve changing the controls in the project settings page. -- User Interface Changes on System Level: Implement the system-level settings that allow a system administrator to set the maximum visibility level for new projects -- Authorization Logic: The authorization logic in Harbor needs to be updated to enforce the new visibility levels. - - -## Internal Project Detection -Depending on the underlying infrastructure and deployments, -some Harbor installations might only be reachable from external (internet) networks. -In such cases, the internal project visibility level would make no sense. -In addition the internal network detection would need -to be implemented in Harbor. -The easiest way to achieve this would be a Header-based detection, -that is set in the reverse proxy or load balancer in front of Harbor. - -For this case Harbor evaluate the HTTP Header`CNCF_HARBOR_INTERNAL` header for presence. - -If the environment variable or configuration `HARBOR_INTERNAL_NETWORK_HEADER` is set to a value, -Harbor will evaluate the header with the value of the environment variable. -This environment variable or config need to be set, -otherwise the internal project visibility level will not be displayed or selectable in the UI or by the sysadmin. From 3a89cbb5322a29436e4362c3458b214e6ac54658 Mon Sep 17 00:00:00 2001 From: Vadim Bauer Date: Fri, 5 Jul 2024 15:38:39 +0200 Subject: [PATCH 3/3] Update multiple-project-visibility-levels.md add related issue Signed-off-by: Vadim Bauer --- proposals/multiple-project-visibility-levels.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/proposals/multiple-project-visibility-levels.md b/proposals/multiple-project-visibility-levels.md index 09b0d30d..f4ebef9b 100644 --- a/proposals/multiple-project-visibility-levels.md +++ b/proposals/multiple-project-visibility-levels.md @@ -25,8 +25,9 @@ Here are some related issues from the Harbor Community. - https://github.com/goharbor/harbor/issues/10760 - https://github.com/goharbor/harbor/issues/12306 - https://github.com/goharbor/harbor/issues/5447 +- https://github.com/goharbor/harbor/issues/12306 -Similar Proposal: +Similar Proposals: - https://github.com/goharbor/community/pull/124