From f745e8a66cc58e1127a7793c79d783cc84821be0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladimir=20T=C3=A1mara=20Pati=C3=B1o?= Date: Thu, 18 Apr 2024 11:28:33 -0500 Subject: [PATCH] =?UTF-8?q?Versi=C3=B3n,=20financiaci=C3=B3n,=20gitlab?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CONTRIBUTING.md | 2 +- FUNDING.yml | 3 ++- README.md | 24 +++++++++--------- config/initializers/msip.rb | 6 ++--- ...nfiguar_produccion_con_punto_de_montaje.md | 13 +--------- doc/imagenes/sivel2-sin-js-webpack.png | Bin 60057 -> 0 bytes .../a5_perdida_del_control_de_acceso.md | 2 +- ...6_configuracion_de_seguridad_incorrecta.md | 2 +- ...ponentes_con_vulnerabilidades_conocidas.md | 6 ++--- 9 files changed, 24 insertions(+), 34 deletions(-) delete mode 100644 doc/imagenes/sivel2-sin-js-webpack.png diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index b4922a54..0ff125bc 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,7 +1,7 @@ # CONTRIBUCIONES Aplican los mismos lineamientos descritos en: - + Respecto a la aplicación de prueba, una vez la configure e ingrese a la aplicación desde un navegador en el punto de montaje `/sivel2`, diff --git a/FUNDING.yml b/FUNDING.yml index dcab3793..1df653ef 100644 --- a/FUNDING.yml +++ b/FUNDING.yml @@ -1,3 +1,4 @@ patreon: pasosdeJesus -#github: [vtamara] +github: [vtamara] +buy_me_a_coffee: vtamara diff --git a/README.md b/README.md index e261f8d6..921e2428 100644 --- a/README.md +++ b/README.md @@ -1,36 +1,36 @@ -# SIVeL 2.1 # +# SIVeL 2.2 # -## Bienvenido al código fuente de SIVeL 2.1 ## -Sistema de Información de Violencia Política en Línea versión 2.1 +## Bienvenido al código fuente de SIVeL 2.2 ## +Sistema de Información de Violencia Política en Línea versión 2.2 [![Revisado por Hound](https://img.shields.io/badge/Reviewed_by-Hound-8E64B0.svg)](https://houndci.com) Pruebas y seguridad: [![Estado Construcción](https://gitlab.com/pasosdeJesus/sivel2/badges/main/pipeline.svg)](https://gitlab.com/pasosdeJesus/sivel2/-/pipelines?page=1&scope=all&ref=main) [![Clima del Código](https://codeclimate.com/github/pasosdeJesus/sivel2/badges/gpa.svg)](https://codeclimate.com/github/pasosdeJesus/sivel2) [![Cobertura de Pruebas](https://codeclimate.com/github/pasosdeJesus/sivel2/badges/coverage.svg)](https://codeclimate.com/github/pasosdeJesus/sivel2) -![Logo de sivel2_1](https://raw.githubusercontent.com/pasosdeJesus/sivel2/main/app/assets/images/logo.jpg) +![Logo de sivel2_2](https://gitlab.com/pasosdeJesus/sivel2/-/raw/main/app/assets/images/logo.png) -## Sobre SIVeL 2.1 +## Sobre SIVeL 2.2 -SIVeL 2.1 es una aplicación web para manejar casos de violencia política y +SIVeL 2.2 es una aplicación web para manejar casos de violencia política y desaparición. Es segura y de fuentes abiertas. Su desarrollo es liderado por el colectivo [Pasos de Jesús](https://www.pasosdeJesus.org). Esta aplicación web es usada o incluida o adaptada en sistemas de información de varias organizaciones que documentan casos de violencia socio política o refugio como las de la Red de Bancos de Datos, el Banco de Datos del -CINEP/PPP, JRS-Colombia, CODACOP, ASOM, IAP, ANZORC entre otras. +CINEP/PPP, JRS-Colombia, CODACOP, ASOM, FASOL entre otras. Te invitamos a ver el manual de usuario en: -Si necesitas una instancia de SIVeL 2.1 para tu organización no gubernamental, -o necesitas un sistema de información o incluir y adaptar SIVeL 2.1 en el +Si necesitas una instancia de SIVeL 2.2 para tu organización no gubernamental, +o necesitas un sistema de información o incluir y adaptar SIVeL 2.2 en el sistema de información de tu organización por favor revisa . -Si quieres desplegar tu propia instalación de SIVeL 2.1 mira más adelante este +Si quieres desplegar tu propia instalación de SIVeL 2.2 mira más adelante este documento. -Si desea reportar un problema con sivel 2.1 o conocer del desarrollo de esta +Si desea reportar un problema con sivel 2.2 o conocer del desarrollo de esta aplicación por favor revisa: * Reportar problemas: * Reportar una falla de seguridad: @@ -40,7 +40,7 @@ aplicación por favor revisa: Si quieres ayudar a mejorar esta aplicación de fuentes abiertas te recomendamos el repositorio del motor -[sivel2_gen](https://github.com/pasosdeJesus/sivel2_gen). +[sivel2_gen](https://gitlab.com/pasosdeJesus/sivel2_gen). Desde Pasos de Jesús estaremos atentos a quienes hagan aportes para proponerles oportunidades labores cuando las haya. diff --git a/config/initializers/msip.rb b/config/initializers/msip.rb index 53c926fa..89198f02 100644 --- a/config/initializers/msip.rb +++ b/config/initializers/msip.rb @@ -12,9 +12,9 @@ config.titulo = ENV.fetch('MSIP_TITULO', "SIVeL").dup.force_encoding('UTF-8') + " #{Sivel2Gen::VERSION}" config.descripcion = "Sistema de Información de Violencia Política en Línea" - config.codigofuente = "https://github.com/pasosdeJesus/sivel2" - config.urlcontribuyentes = "https://github.com/pasosdeJesus/sivel2/graphs/contributors" - config.urlcreditos = "https://github.com/pasosdeJesus/sivel2/blob/main/CREDITOS.md" + config.codigofuente = "https://gitlab.com/pasosdeJesus/sivel2" + config.urlcontribuyentes = "https://gitlab.com/pasosdeJesus/sivel2_gen/-/graphs/main" + config.urlcreditos = "https://gitlab.com/pasosdeJesus/sivel2/-/blob/main/CREDITOS.md" config.agradecimientoDios = "

El mayor agradecimiento al Dios trino, el de la Biblia, a quien dedicamos este trabajo y a quien oramos para que no sea usado por estructuras armadas diff --git a/doc/configuar_produccion_con_punto_de_montaje.md b/doc/configuar_produccion_con_punto_de_montaje.md index 4b9f7e9f..43cd2451 100644 --- a/doc/configuar_produccion_con_punto_de_montaje.md +++ b/doc/configuar_produccion_con_punto_de_montaje.md @@ -28,7 +28,7 @@ upstream unicornsivel2fian { ### Págia inicial sin recursos gráficos -![Pantallazo de inicio sin recursos](https://github.com/pasosdeJesus/sivel2/raw/master/doc/imagenes/inicio-sin-assets.png) +![Pantallazo de inicio sin recursos](https://gitlab.com/pasosdeJesus/sivel2/-/raw/main/doc/imagenes/inicio-sin-assets.png) O al inspeccionar fuentes y revisar consola ve mensajes del estilo: ``` GET https://rbd.nocheyniebla.org:15443/csofb/sivel2/application-3f56911d83c1e4aab6ce1f08fbd92f8d83166c1f765cee5dd29f1ae0ebad9219.js net::ERR_ABORTED 404 (Not Found) @@ -57,17 +57,6 @@ location ^~ /csofb/sivel2/images/ { } ``` -### Mapa y otras experiencias interactivas no operan - -Por ejemplo el mapa se ve así: -![Mapa sin webpack](https://github.com/pasosdeJesus/sivel2/raw/master/doc/imagenes/sivel2-sin-js-webpack.png) - -Es posible que no se estén cargando los recursos Javascript preparados con webpack, asegurese de que exista el enlace packs: -``` -cd public/laorg/sivel2 -ln -s ../../packs . -``` - ### No permite subir anexos grandes diff --git a/doc/imagenes/sivel2-sin-js-webpack.png b/doc/imagenes/sivel2-sin-js-webpack.png deleted file mode 100644 index e800403ad7a4a083d0bc2a66b6d6f27c2a05dfb2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 60057 zcmeFZRa9JSvo;C@g1b8ecN%xM;Dq4X5Zs;M?$EfqLvVL%BxtZeLvVrwcbA`UpMQV* z+v}`#e=g2VkI_A5&v#bMs(PQQ`8+dHRaq7li3kY_3JUe3oYW^MC|Fx4D41!4_iw)p z(eGM9K~X?`loJ2!X?T?5=A*7fJmUW`tEGZh!@3E_gP11_l>o(q@Pxw$C9D&DaT9FT z=a`1yS~ygp=3re>GIQ(VkjbT#)KbO5vNI~`GuC~(;?g5~dMfn8h0koHOZCI^$fjfd zXX_U!zt_nw+TOY1E2NgG2)1*U?|{H%{AM<5BRJkYJond!Pd3p5taROZ!vLa@s8c?f z=d1_b>(iB6hs;|I*bCp4X*}Ec_&-J;#9$+!FezZ90uV5u|MN@W09D@%9b~^!qGM_N z(9L&D-LIFb_G|GTC)2@a(F{b@$NZau?rn+Z;D>M?Xd?0}5c*)~uo4k3r+cNWBx_kjo8{s$Vh#_FCAnB5tFS>}J%q)0MOI(^X;061OgEZ|%TGWcEy)2z>} zJm!A#FL;r74twGr9>O0;OHU*r@!Ooa+()_1TLTs*{q6fd-ca0;($vn5iOI6|I=mvV@m)+fC*%OaEWqV z`Qn&aZe7{hXuhZ1SB)7?5|3cW&gV{ZOlRdFc1-dTXHuO@W#+E>gV^@wUTpZhJyQ9q zDhhGp@!#JS=ntw*2>Wi4jFzvQzELHtsX{rZu#HL$kZGrc`G4L1|Hqc0 zI?DCIAD2qhhJ(>QzeZbEOmT3aCa!Cr!ySZb}<5qa(|J6fyGP%Q8g1b9!ix+0TEN_(_tl z>%bHSJm;Ta-(9GkthUOlN8Xf$-ioru0cPXZ|S>zIz{>s9B3(T(*#N5j(gX2idM!)P^(QOSHqL zTO%Rfj4+QTzcU|xBJgNQPH!rP87HYfOt@9_p{13!QyiS4@4qT0MkYOc4F#aD_IQjX zf_%%U>b2-O`4Dz@pMMiSAK%LmFOSaH$<6y+jD#<%!gCL%wc(?A9N;s;%)gXB&vXPV zz~u=#%-m(Po+k~j1`&ENgeev5e`)t;pjw!B*occ2t^%^AZrvw+=>lm$mFl;(XBA|F z2w{cz<7yuQDgrs^W0a;_n90dXj@j$mX+&0I2JCx3-*u}DP_+YSQ7?ugqU3E2&M=wM zU0wa0O|ccpc0+-=9Lzc75jmqer!#5Z{AuB%U>_7Do_3b{_F$F;R3~vsEz<~z#Pj`F z0!$N{DqBU>o*=j}J_2z}ym0Yxu%j&Wd~NN}t`*1H2!S~mNoXVAkd(LTkJURt`i;}H zm^9!gxtMl(jRh=jg^PR)TGPoeW81g{n+Cg`?HC19(!S^P5Cw7?MG2^))$-Sr(X(D+ ziR>-i#vr9wYCzoTM~Om3L~K*miMMsD!*J#G-ucM}Pv85G@_(pj-3vM_Is)S4gpD|; zW8}g@k~fOPxjED6N=&Zv0wGmpXl~e=&N0(PE*~cxY~%J@5!=prP(LYfa#cIPS$y;o zIIr}2VZ-Cu6{1RZt`h^HvF;nrz}~j>j(>oZ4>qstQOWYTzWa}I7exSl*udJh939?{ zEa@n3uFcM1vQ&EX1P|kEs?JP!2zP4}xc^FhELtoE!U$Z!{7wzQX(FddDhcwFby6_0 zXX>kGU@gzi49Z{%K2za{A6=Z8K#q<$Cuw$h)uRt#ehT3~|3|yU~cU@wVB5>Z*tK7Ia%OdOFbvck6ZtV+m%C+1n z9(<;vOn2l(tj~_QWop--|F$1-j@kxkpn^$bK6aFtG}pk0qh;hwk+m|9GCEkYg0LU| z7#l|%8Q~jX0l?Yt_zd6`=!4ZqHw&E%w3rX=-({7<#uyPsMSsF|Xg0=np(R*lrM1=% zbseYUZXHVCuPMjFiN4ADuu(hlU3C2?W*IGi!Js$gvP0yctl7wf=9MJR+nnNHN#7ibc-Cd!w8=s}n&JHQSgyB{{W6~;7Va9(`*2|nIyy4~U;t9%S! zhGAjRFzavL)`pE6v_Qx+$^;qEXz3pe4mHsfw9$_XiQv$^DC%e*j{R|OYZZcG3Sor4 zQMjC{E>QyhW{R!FnzJb_F?rddI8smpm`FV-A9vR`wevrr-4|URCrj*U68K!W=(EJ# zJ3JNPw=}h?qFy`04Spbmd6($)5{2O(F6W#b-Ye5{0N8nn5@QCjb~$y?HqWY7J`ldUuBG!gvy2GuRGs1GJq$wG-{jX6ka0o<1SubCsmYx_#Yl_!Z3*r)s5yf zXlQ#>h=wG;B7;G%gF6DH5i)g4k80ZsgURC7z+mv)iYljCNCK0DlY#7W?fM{cr@*<> z*E#qYKPt0mJA0c*L{a{HX!8{;I->w@l#!0#Y{f+%ZXL!_iuUA z+fpzlDB^q0#x<$~^s5Int+oVeRufPTG1bFE8E)i&^WaLKWl@=?KWp_kcwF55&%N)a zPZP#yCgP2Y9=irt!k+0>k$Gb13tlR!wT{SS3Mcysz&qmw^`pmdZG4k(xekRhmNu?& zf94%_V+}|r9L-m~6`$fa-HS6VaDsF2X zbvmY9;G)jCvWykP64~C!{)lzYGInbGIO6DXq<@C^TFd~n85#*Vsj(ba7|g%MJSr?> z_v1;?cam19V~7#*sqi?!w(Xhk>uV zjS_|EoO&E=gtn*PK%6MBEC#4CvNAUW9gw+dO@qF54xEFOJz-bnzncKTy#2SSeZ&PJ ztFV(G@}GKss!tDd(}!3Z(=Qe%E&r;QAB|2dLDA|to47d<=iek8DGew_D}3BFR?b9+ z2V`XHfbYxwgnihHMBqnKAGbmAG3cIzAW(^E*Ypr0VG@4$MzR!iPouE=>p_h3ESG*K z%Yb(R439mY<>EBbQ@(c03Ql0>M0ihJ=wzVlIF6)&6z^-yn6RBE0}3+@cp>!Vj#D{f zG*OP1boXmUuoxS$ zbeHOlDBB&MznvB-0kn6J5bwen+er*h37T5You+Z5tEu-7uj^ozO(XEwbMy_$1qOI9 zc#@ZeB!T#?+b%G^(vftd4SlKaGP$V5L-cL!1qbZSDqfdmf!qpX9?aa^+%6N;AE!Wv zJ2vf`s&r&L%*X?&uB-=M8$?dPQdNqjj{%bJNL82P;F+*#q|~h1yf{!U4I`IGHPBVO zCk|{uUNPk~DU{6gnBF(x_18>$8OHNJSobwXNTz7T(*3c}Ua{jQ6F35FLS&k=*?UU3 z#~{Sw3G|YE-}oj38Rt8TF8Pm(*oU>6jT^tZW4Mn8{*`8&M*#*Ab1NZ_DgXrCO@LeIp4yGRNGJLF1AmTq&$1UGol6%v*oX^ zh9U$XV#VLkoY&B2SzhQ}SB!i^2KBSSPazLpNTL$=veR?rebQx+TFql|P z+m$A;S;q8X@wMZu?$w`z%hotDv4upcJ7VbRomv};NNVh*7(O~#G8P;GgTRS0pDt;1 zaQinX7eOS|+G0dcXTr4=e3L&*oMaKLa8Ma?14g!f%$J606%Y;wC||fFbsVEGA)bzDJwtf(M+Y2Z07W@lqfB{Ful7qw(_CLX=j zWIx@yHnS*EtPPfQ+>bq8E$)#g0(^$u@R!;u+R5(v4rd~-TGVlz*IHdW^rL-~px#v2 z4YmZ1Uru=yir_h>g!DVbz@6T&0saHzl13FgNy$?;Z2~h$ z;d^kVE)7`19d{e(-hi7C!XhPZ5!m?6-ADuyInI&VYCE;jA%qIbNbN=z*n{&iag|pi zXPM^nL@UJ#hsZ>C{ul-is_BC~ZFTb0o>PY^XesVkFP>lW(aZk>QBXxeHl+VB9d~&!wc} zrzri!U(3e@kgWWGdCh=Ef5_HugIHCBn&rWtJ|)7Q+O+oE8inM{M+X+bjZUsd%gPh%$Q-atEbyw$P+t(mTqa$Iq#0$7DP7F57UCa zpur0ZJQ^q3A>AOx&eXKPWlMcPF(Qofb_QqZOWXOF^n6W?y&d#m1J7(`e>Z+)HUgvC z{L-n|G8o&bY+gxlw2ey@*Q+Bu`wWvcR?{{U7wt4I;i!bxoh?&^0yd~tV!p{T?LuW` zMxWMh_^8BEXO&27I|aL~Xm!hc&ExI{yQ1f9;!4V?twSKrkU+Vi!>mafJ?v(#lx*07 znaF^CFayC41_bx;vwm&9#=E#F&L?_^#*FvYu^QQz9v|n*c z0w91)r*5SHd5Z|z@q6ud%0^=tF3qo5cDY%#Nd&WY375me<;yBC`OjD@4u1NAvM)U4zlSooH=rKYJd1fq7r%AF}&dX7y0fn_yv_IO&jRdtw=s zeh2uL5`V*qL`7B_d)D9g35z+GEW%(bW;7WQvQi(6p31$mwc+f)aHVMn+}_FysOTJU zq7)8G$hL_3BdK7L4}#Idzi*62Sj}rOE+TflbGbZk*B80i>|Z(+>4L)t)t2;AtXuxz^{wqd2jRY&&(jt z$;-3b$nw1??G*Z&YE8V5X*Vzv$R3e6nsss8*CG$ksuIGw@7}csAsVj4{@_aRw{J%} z^oup-WQwpe^+9$~JUNZqJqPT&QM~V$DNPq_peB+Y+PXCbcozRIFoO4paZ()a>-})P zq8Y$Bmt%a+Mb>E_amE!Item4iGsKJ-%ptLWY1Vr|@xzF0TrYhlVM+uU}-BubUh88_b;Xi8aWM>gdc|kAhY@ zv-03d_svwLAjm9A?09DID**3tiv#pg@zrW!7Wvy)G{DjT)(5vT^fGcC&a+u0o)q2H z-#HNKHO3?4&Y5p_?W0r>9Qm=ePT(aqkzTB=lXcL$5IQjXqZ-F7iCvv*Jo3>=SmBRm zsdRSxns?Rbo8~C)tJsu-gCyAR`TC!n*==wO9eDNaZKC~Y1;l+=N&Ht-q^jECcF~+9 zhb%TNy;(4KD%(wswA4wKiGolmKiws}3{?7QdNwgYsf#eMH-XR}sL;0GAbKn&I=6yu zK?^hDH&H*|&PMD0UGOf36!&f44@%5^pLK*^BaqGAT{+L2OR><$Jnhs8&!69O!sjgk zh6+%Ef!w?39x`K;{!b6el~`qudYgZCERQagWSTPgWv< z@D|c9OV+=&)cxsZy$nSC#HnzUzWY9Fu7CfWo#oNVXhJ-k$1q(>Eo?_{z){FBQr?hf z-%uio5dF8d$jrMZe@}JK+xohv8}R31G)dDwUgtEBG-#ARhSdMEb|}h(0R~@ zBSG@$M?`(slbx_#Otm9(WfQdLJiC#J^ow4CBQFYxh3MIxr`^B^ zsDk7(128f#2M4m7mF|ECZ`5%@%ym1AMTaSH3<@;U z;3ctpr)WqvT!Wf{e)9(`Ul^+$5;_v%$-pTQE5ND^kqZ2CDdEWRT=eX6z#`59VMhI8 zs}7qA$`B$b&ua%;n=Wx|4ROD*k;j~l5B zgtCqDqV@Jd`7S=dNo0^f17=BBdU{<~&2B}SrJuVF`eyu#9J$3}_Re)!OiAE&%gvZa z#`zFUVm&R_Ah?%fW%ZXYk~JSo33wC@tYC>V^(IMhU>BYJ-JhsUO!`NXq zkplA;IaZS?(iJ_uH(jbIStKT|zkh$brKuT@jhT57gh#Qqjg_wvs^%#ZYx3uq%8MNw z^Qh!|1HS}OK(KyVdb;V{X|CnyWL+^(K(ukLt+b?G#z$4}_WKV%iC5x}#!ZxN4;*^X zXeusY_dBYtd}#s2Lc?`HsYI&A6*W%r5b<$IZt`mWb2DX8YrS70#5`)+_pB*qrhkrO z#{)#zKr4!fiR_52z8Y( ziv$NYI4m-;k25GMi$C+(7!^ID-q(yGRn}~fy~i zY0~IP9Y1aWCZMH_z5hKMnhbE86Z2_y(!P=D2OF*(z$T<~jel>VnNLxOOxLn!(pr2@ zNE#ZEuZ}}&>-s1CgeZRa2o~IgaE_y22){eaQwZtARuF*Gq6(f)d-E*F*p|C-D1)Iz z^%R3+@!np!jeQDB79ZB6vk!AG?3`2dbSuIJyV}Va2&GA6=9~Lbk~a*sZJ0nfA4h;A zI`fK@dttW9!s-fJy6{+oWg0c$%|3fqG^DFNYZ8YMA*{m64vbqT2`hC$8`CqTw?6;H4|<%{Cc=l}4N}`A|!* z&mrQ^zSHX;5XV6XPPFogX7HbkypIj~OXXVBX~R%WftNsE3e9u`M=uQW)?A{3IHC8) zKT3e_v8gBw>NXwQ%0Foa0N3@3Y!S&|@$}O#V$WX68HZ6#`@MvH@lz_0!z8c6av>Tj z@6B(oa)V6I?&CaW*=h6IbGz}v5l1AsO~L-8_%592fLovFKb!ztO)acoOj|>np;GnJ zFIv~AlH-Eewj_;edxz_42`4h`kKjXzb?3IW zB%I(>h{h*h{Wv4MF!i??bA4eb}O0t(@)X7 zyKVCLH<4Tq^^vf@I$652(~f*CpkHKjVYF)vL)(AOp&3gxu2S7WKvo|5Ii8?>FMoXu zg^Y~iU>lx_JE6@)tWJiHXZ0~%=oMR;z7f-Qc1VDmuDP+g=jK3T6<2oIMZ*d7TZUkH zk$5#Uq3SO23q=^J%kpuplCA1^7COEHtKwu#-&fp7TEWl=b{^B}@N_RTX8-gT3xj^# zMK40&)RXE>XV}u!i(4JK0EbP0%Li)0%d5rvJm_>>#&M1pcFS}(x$6rwg5^FWGlQ=f z=@t_y1}DXMy1gu^mpDUp_Z?ikEQ>Cp&;v>iJAOLesB5t9iwmE}Bxmedm%(kvJ zac0|=@AI&HJ~P?Gz5hA8WP4+QFMAIJzClZEUi77*I^c;0{6n)3PDZs^xP8Y&zIJO1 z@xo0D^qv9Aumfmt^(w%8so7Yw-NIn9fvhz*Cp7jvB|Zk!c7?C)$-j+c3hl_qm&9N9 z@Vul0@v#>{>d@j4WGZ@08^&k{A`^$Hgy(ewdIh%ENn$xE89dEwV~ZL|&qaI-G!{mn zll)txCleWOQ+a!wwB2+ghFyYEcx~tY<*HwMY=Br{zeUnjYkL$J$%Zk>S>%kenJCyKF7VvS72A zR3jZ%;5Nz<>W55x9p3$rOl3~CKfOSF`Hi7&+n8(0XRPZc1DAHur|X+^dG>>eTJ^f3 z3s+h+hr16~)pkJrq>__$ifF0q1-pMTU1k}z@$o3%3T`Q7K{7Jy%_eZ>2_su<3Xf;m zB!^O&qlc#D^#o~Y6AA@XH;^&f($+3v1}tFy=#LX#@L~Ff}selP5qG> zHRU8(+#3xymze}SwMEnJos40z%^*(JIJW@GewpX4w+|PCWBZi&bcTHw_Z`#0P+HX0 zx~3%VVz$sbUzN|PAX&*DjWwdr3Z~Au{F+m!eW_QZ6xSme0`3znq0ri7Op8bYBm<0( z%Yra?hRRi;iDzHfmkmeH)-`V(hCR~wGh*Hn_YiAn(3Wua2i=HIx#^#MG~jE=i;K1B z&%?CA+#CHWBdoz;vhO&Zf#VT~=IO#y*gK~_L0)BI>o6HCqKgPAD|P_4e5x2W*n&$= z!_pj0+Se*Gy^hdW9&%b^<03|7ZAcafdHkuKozX^gjJEA3@=a?8p8JPwehkGTQny)^eguVYV>(y``&&S^NAsXFc?NrGeHc6Jr+g|AlX$3j zl!yu&>i&4LCal(LwIe+kN2D(S7h8n32b7HCFopHcT}(6+)X7DCkFOM36^?zZka;F* zT0$FHhWQlgZ@zM1&4J9#V6&84)w#EH##aGH6>iqiLI(XZb{T!i(PjoTsNIXw`HJu< zcjo)|FqCR$9o-J-sR3+(} z3!YeLL)f$AW)%-j78194(fM+LE7-HV>*;erwA$uTz@q2#5#6gP_i0-S_OB*zS-MvH z-IOryN?mmYZ#LR~%8{>loNHb&mNK-%?L6+bJrwJ)xShsM^N6bmTk2s!%bn`er-R4dN4VQfiU$aD~#>F zMbxT-gd=1II!!jybUd3Pb_la^>1#6`x(j~jR`F+CZ@JDju0sTtar$E~bz~mvXmx`? zzM@={=_6xiuAtb3rwRvy+2aJ5OBwHifmP!hcC3X4g>fuN7D#!u{n)z3(3OebvJJT; z`6>TT6}4|h!-=!m-^4m*YH1&1La$yjYBosF#7@PKv!5jc%D%w>1SNKMt1w0ILbgIa z(cF9kT`$ypBX(A%RiIwQl`1_&n>7E(Vg7IlX#C9Rw^WeXs?#s?Z7p4>ju>_|hF$o% z4@1Vs>PEf8xRH}6VYu>6$O|qD?qF`bjbNph%S%co|JaPd9Hdq4@iXwYc?94011Y%H zH~f<^Pl4_cR>OK;hl`n09)8c4d-||gk!9&Wud^yr9Ip0ooyfwga3$*_mT^&<9_BaN z4mtVYgTe}f&tCk|00%$zFLv@kKVcdk=CehqUM*z&t}Niul#9EC#c%E~)Fif>kjkml zJ6B;?;kcnaPx;Sd77bs2Y}R*HQdK%SnZIpHSBw7gIN02NR-BDKqBK!CSIlChe-1xQB7NP=k7-A?|WcU&Y93EsF?s`KAYCEx6lGZ^pmF)V`*LGhtGQIsOymrS>)h+TH zvZsxGbkQ~`MGsCS_pP*NHJ6MuorqtZ*4C*-q+_`?U)ba+P#?wK1pXu(b_GF6vOED% z=ITa@E&-!DZuewxpm1K<4K7RZx{wCK9{p2SN#0}xy)UzRvn|~^L}s1eSc=I80rX8d z!32MNRjJO-g)a`Vr0%i~JmGgEC)}^CW%lYb^4MT9)Jz{EYV-l!8aYcm>%*DMs5FBh zCs#QTWR!V<>B$94MNUJN0iJYU5&f`RSEj1WM%5pc1LVUilaf{;c6CiP*?h)9A^IKc zM}k>O7Asj;Lb%-OD7Gh$RFy?o90|PSPbFf53$lIe?Q)jsLhVi^UN#*w1suhscv5kW z3*lKr0kPr2b(PE05@VQNMm?!Fx5|dev|n;!+z#i3Q$8DYnZ)ivys4?u3T zKaSEx``?``2F>iWWAZ%jhDFty)}2{@D25SPe*PVS#%gu+C(CGgz}zXbq~Go1x&=oJ z;eIe#qIQfB2{I-qSgHcik38)jY-q-R5bURqSxOQqU0#7G!1F`<@d+O}tFX--D1^)t z=L~aNfw1?SxWSYN?W5jw*N<3a^Nu(bew(d=pSWo3k0!PGit_vQC8XeG!Tb!di3JBg z9SFM*F>7EA8s4vYI47q7g2x=Jr6U+~VhrNwpRs%* zXSQ87QXI&K7J0we879?{y*tJR;PGcV%_rcI77B~ak7By{3FDp}IgntPQu}QgD_{xL zZgl{A{8#$+^Et%=hm5aqCjrmF-jZpPw|3vH92X7?sj4tD-s;O3BvJ#O>d=I3DEB&0 zn;`N2d3OQN5||n0Uu34E961}OmY8$e;QsYDUMfUj=A9C0a+^Ojj{l1CgewuI`dY^h z341{TX3J4T-y9N+qgXWRoYl`ifZG=9%}88b+w?=_wJAPk$8Kwf?csAH-5*J_V{u90a8@f3Xpy zfi6trC?hYpl`}5ZDPZ&&p^2Xa{2rDI2P|W6ADB`kJToPL%ZUfKX<5mLdVFhv4-R|w zG!N1(+bgK3Jd4>(h|19K1 z5X^#(g$cBXh7%^8>1txYkpS4QD+J!E;Mq^cNhO5uHQknw~N5AVHu5TK%%<%i);I;Vs112mgCtq*A?pCU@b^q zg#}`pK^l`&!6==ubZ#|UOuf*&wRsmNHW9_!Kfx1cX_x`R!Xt^;Dn9zC!lW{^6*^+T>1_U|Olk-?7ipQTqE_6gVip$&-tC9r z`2I@n+b3r>hUcHMyBxV|<(RKNh(Mg2168Gcr+A|(w$A~ziL8Pca&k}>Dk%Mq60YrH z>fSh*-tw~U$BW&?!sgBR`K5H|LKP&?4p?>1mQoK4YH{f^Gs=g_<(AAHShf5#jDn4x zyEx$w&H8}eB5v;o#j_GsS0TEfzDYFfU(1{D4xHLV3>ern{ouod^cxC927Rig^6i0K zEREr~BtN9g1L}C{I7|T^hCrYwds!mE8|!lOc-+%gh$s@->!J6=Grv26vE2QZe>=n- zC5wNPa9gC4VmAYLo*qNM!@g~*AC9$uOPc5A=JU*l30PZj{0MRaYtydW4Z(=dka)He zij%PQgWskxp1f*1v+0wUiYQrK&MZhmE`qg(Huy%SFBt?pddqs2nQobKK~S$>^t+h{ zTU4-qR#+?QjoGiL^okURVtf5;{PM`)aRQjAQcT2;$SWr5)+w5L%h~yE2OUrLOXu}kuiO}{9N3b-6H0WSTX~wk|*THWj1vXz+HmwCjmrf*Aa6)uv)t!;TT1DIv<~4Riulcj67`IuV-=Sl*lRN`oJ~@fBZ2 zk;rJp`j{}uzE4cAX%Bkg{A=!JM_Bwe-S3}%F`K61NQ{+6^3IA8STsDXLF6KM%lhGw z!8n@fTK9$aL=(stpW3}~A-OjabPG?}3j$9d%s@O>*K>N*nG_t~?(iEQ6oz}{tDGlx zu#+B@HZLKqvdpgrAJ60#@ZjznMB_y2eEzg~D}vY~08oKoE0wnAM`6WhLicovNZ4Uj zly0fcB6fxg_Kipd@~U8M5`PE{842x7gFDdT0zU@7R9Te_50nPMpx4k+rhml`f3}`` z$~vP&8(*skft3`6*Yd6++KLfC(=QGy+gdxs87zh_O%+OJvxwtR9**~qGTlDvswsEw z9~~GTASfBLtY5+l?EG`iIA3q9dDRrisRjL-7U@aI8a|jF{mG0)t&tji>pOMT(i5U! zlSmf|B2UMTYNymsIjn6+4mCALnE{~-aELdo69i|S$`L5UPNvQi)-Zxe{7_-4%WPvE z7J`o0b|;U7_)a~V4twhE=e8wDq}F|5L!h@_Ce?)(y?1u)@`tF5;2;Jfey;Z^60C2F zFaG|<6STCg`vIGWz5v@W8P^;1V`Re%rm1S!qNqjhqP^;X6fZeQR%P31f)`VzI3|Mv z-mR;8rnCc^XX3n71^ZkLgq%=R#2v<6FTIVlZ1zTqoa1})?8_ET%MoR&J$#`KB`@kExdC` zmts8k;Mrw90{SS1i@1*YuD8{M`(91Hax(mtOx$lr|YKxBiE_ZMBJ?+e(Ax@ZjCT?(0|un$CAC zpT&R83hs=sMJqzNZNI3-RslEVyCZN zPIP5Xku?^yV#m?TTBX|lIt$f<;dftFBTAj9{2$=ns2L}TBq^YO2}@K55q&1{cx;U~ z%;jVB@Djffph|Z!(tEd4h~e?H2S~O4kN)6Z;!UD~bN&XPe%{Va$IQtoO7q8?IOOZOIj^g9x@*R%|_O}^M1YhwnMeuy)#`#VwWOs%u@W#XsmzI zPl)wk8nf8GNgEW`(UR;D|3_}}^-XS)cv`bbF*`3>?(Y-*9K0;t{OC}>O1um#b#pL> z;S!m?6Wf+N*W>-v%bM<|1hBnOdMph2Cs9beC@g&#>JUN!0j2zf5_c2TUGwAYr* zulZNV!y{Ai4f5An8Bool*8aac4W4{jt)Aw38>RFc_9T2F(5s^xbqi-Y5*A{YVJ%mm z+-kBa)-KA{=);u!J{l#X{W~N7B0su_gc_})|X^k8%u3wyc)`q%! z2^&ZlPIgK!X87c{>0^tyUjDRZ7oFF8f{eQ(j>0NkN zg7nW%=LwwiHE-gnl5{2jQC8kE9S{|h2Jc4+pw}gg9 z66c4$J<|A@E1AUaiQSmL#$ z&bwRbFR8Q6vs;dKmwqH{>xlm7wdm2_;Q+63-{2r6%bYdO77z9#G-k0Re(4_vGWN7$ za}14jEh-w?3ft!wyV!T{kthL;0kT6;R%Vra6qyz)1 zB$aObh9?;rnF+{G)&_Fj!kvU=+-m0+u(n}CVaILyEHh(lQBz&}n~2eJgbjgd zAa`79y~cBPjBCtxh}))2GhZ$UBa-=LKPubtqgae+O0RSphlGq!B!Gicw4|HtH3=6~ zZVME8b3AF(0x-1>SRfIrtHKz5+eEA)XwpHEq+|1yapv5%j%M>1id~rS6|r>hYxUyz zQSC5&E{Rz0WZu#EOjo%X+{vw(JO@;0|DiLvbeQpGteLb!Tnm@w^FODNpdNOtQpHpv z)(rFfG4Z1%;(^u+8#nRq;#N!qlO8K5b}b(~i*R(p598vCef6H;ML(@PKJ1-#|L|iH zTg#MTIBILKi)%lJ``O^x@h`yW4deS3!!Tk7=UC&ppByNAns$BJ-RKxBKXiPY9(}3o zUnHSgfJVy5x-37 zST_H5$E%m=ZXkST+dQ0UrCfv$R>2BsM~+`mu^Q-OTWM( z!?O+CXz8q`q+hr}ybx@x;elTdBOzBGt480sRPV(}YJZY+vy%*|KRE69ke$_q;h%jq zo+7PUgDlPax6w`kv-B3%K}yQv;Vy6FEhnup*8RHW0hv5waQ51~)sQu_-8S@2xJ8@e zHI3o>5Gnz+7)CH1ur7_f^eLXVf7tXuW`*G8D<01Y7=HuefVx3})c+ItcH@zUWB?*X zpLI1j8^_8AC}(4Wu(PU}jWGB1%rtKrPl!u6vWxUQ2Bd*P zYU_u;-%pU@p%8hXg0j%Sk1WCzZSBauGRMJ2nL*N12$aXIg)6?DiE7n~kdb(7QayISH4iSdc2ZfqH8_KnNsD+Lcp*L-+ z_C?`rB#zmS&)j30CUT6y#a6%7FzuF~BTBi)3tih2%YWO$$!$5BJ#e82Ka@gc(a|MY*x58Jovs3hAYE`CFz&CJ08#ZGd_jS)U9U$wh^r;T$X2EDWA_5fy`~v zRF9khrI)2VEL_zJCNdJjNDh3S!d-|zN6OHf5NkD=khjcPveab#_xt$M4A3w#`Bqu4 z^Bz{oF>6TW1beS{vc7qBw$1u2Nw0!|e?BTa_PQ z$)WLVgB5|s;4;hw?*M$AtSI7(9;+n3b#tWAcSo}0ulHtl?r2VM5P9y`@foE57GM*>49V94x0)1J8WFJ> z8O|>Tzpfx8^?!^H!bZN?l&kJJVo-Z9fv`&qZuQ~=->BlJwZZ`omW;MzTHsr5l798f zKIUV!TsY#ewuxD|9E%?Vvo*NJnMClt-YRFaMiE@OaM@#;Qq@F;j$8>_V~`gDA4L%KBp3P?gVRCV$E^^5i||(+SWsC+8J_m;OsDI^DiD* zY;mrZn^)XuU+GHIZrkQp0O0yqp)xR#&1XOg4z`3l{8 zs~7Ccjf(s>i#LA)Ago%q_v>Z^ZQ!doIX{X>-53PkYh03nWeogdN@5Q|$ACg_DlTJX zKNIDmPxA2?L@2%9=#B^b{Mnu)107-?N#u)uoSL$CXyAIDmB=AHL>z{Lj62=nvq>^A z!C{y|en(5V!v2+!nPvu?mUdB1cYHn<-5|+B58z{xoYG~&vRC1FL?FR(DV}^<9Sqj? z*=E1ekxn~y`1)|;E#T{w{ZCvffuEAy)@GZw7D(z=96?6+n-96G+V`h60^F4W0@O4L zf0vB`ly4vuRRj9(^5MTggP7)9yQ2E-A5knO)myWI`3+<29~(uvx&og6z@GmLiUfX; zd25$GXi_GV{%xeb?N0H=l6HT6`}g_kX>#?+F27#<6R`Sw)6P7j-Um6X$*%fe1dVfqX!$lXcH%-(RehJepVS zpuNNA=1MK8S`kt3&!5mj*xNozo#k}2Dc>>3SO;H(Eza-$d@IadHOUcubAsFTr_KMp zlGqv|yUFCiYSE_t0HTaOwqv`@SC!W5|1(R1X3Tk=~-F`ma$FXp49xC`dZRTJuFm^7wZ&hB33<2daUy z@gK;&-yb=8r6Qjn(+V|@Gub&FT3AMZJM)u?UPzy=sei7-eeU54G@*m|RIU=Mv~UkM z+i%w$bl*k4E5ZM7v~i~oV-g;v?P&=&W=j_5Co5w1RY*yd2pO$LI-~lb*8k*j|Nk)d zmQitR?Yig+fdqHg;1)E{xCM82cWXSj1rpqXOXKb|?hxGF-QC^ccGlke-tX+S&KUP! zF{rM3eLkXEf`nXQ5ySX|f!DC~4=KJl5t>?zA4<@bRdQj~OkV49H0){z3@JWK-lGQk$&g|~}GRh~zV$rZrq1T3R zz=lJX_muSToF4;Y&H16tiFF|TPx0(0zxA&};&M!Khdc-*A0?RURveclqW8Y>=rV~w zHJ#`tr-sXqkr<3sInTecF)pQ=CKH&T2Y=>ia)fyLgR zn|UKF>VAI zk`6lipnvM160lU#Y9v*_geI6Jf)7`Z^QqjmZZB8&GBUcch<{qBHiy(x@;k7{`2y(X z!bSOG5^eAd#%!eZoqFaMnn?QU6gat_qJ)cxgU}u z@cez$+gEIB+7oxpjtk-$ePS7XrH~_T#J^v=VMDl0+tWlN>I?7K9_+YpeIZN@kH*jK zg#`>Rk1x4$HC6aPSLXeNwTRN4fnl}rFrS6%%~GX-PW^{$4Ib!Wd&eDVZZqZH7Bl4y?j{t# zIoYozH}VLP{CUqKsN-J0<#2;15{=k*)M_MTLqUFbE z+^6veFNDc=Fsb@=`yrsR&ZB>POY}cWQ3;G<_?W>+)Rl_oyCs)RNXs}=>9$2tbK~$c zr;e-*#Bf35k?7@9@Eg5XcoDPQpDSYI?++>a+P>E`sQ=-OCVbr9(c98d|JJ*>X-6v(W0n%HOa9d!Az7zl?v3<(c!3 z%0ui(L^0ZodpVa?{Jtg>z?M5kN&;0QBdm%9^3=~dY>{q za~$niL%W9fmYA(}RC&u*5KvrD#Mr+uPIjXU(sq;y1RCtON87);|Aif8{o|1zSrEv4 zN;pWv^gg9>7%o{AsqYcFx5o2gO$J0i?0;x|<|iB2;cH{8bH)RIm2O%mGCo=&2A)VE zNOEbt>?c!Mcp=~hddAymqtnKNEmsMosa(DqlYF#S+C<%SCDDG<2oW|URONAU3-yMh zyim4b;v_|ma6w7Ra+H(3l!*of{cxQU;i`>*6`t)ISIM_q1ntkKh+PYzkPgNn(RdMZEpMkUdqizVNN zA+Bmu@c!UE@yTK!+{YIMd3t?^(SE*_3+LUk0%pKG)ZK7&P$yBYS&I_k0)6 z4^CBJ+HNZbm5xB?kmB6Gu3qw9DO0t=dZ(DOdi^8jl`hE5UYb5olQqzAn9$w6K@FcV z;{-(v8tk6#>|b8|MK#J58YCuHxR%d{ADG_RpLBNNW~bk<+#G(>%(&@-NTRzd*Y#;b zh>h3*R*{fcYOWX=R2X%S8V#FlEsChcN}!t#*-#`NvWiscq3EhXs1+4Ly^3XYGhPyg z@J`qtNtr*Yh`^z!hZ@nY9TK}Vt911@;Y_xF`;^|HHb*EM&r2%PshluZDe&i)-HJdSFC4pLE5p;6wqK0+fj)0u{-S3^4g9O` z`=}VY2DOELaU4dF4=t|WG)&xY8Nxr2wl?bFkJ_vRd8@CHT|DW{vo*pq-r$8aw!xL2 zXCI+s>D64>NdJ|}t?8saq9s4eP+70tEXqM{O zZk08G{A@_+%{T_vr#KSMS3+IA>;^CGU7VP?=s>_+WJkx1xc#9a4W{#w(Zu!#H-HOf z@0yHI2^K-+;tL*?%zR)qoEICB0M?O@Oz*IqlYNr1*wpDAkSo$RL%hrT9Je)8cAfCo($=0&t*(^nmp*6 z8yd#jKWDUF{S{TbxOmRP*Gf%6n&rBkT?h;B4^M^-&LR^PM5QG&5K=tIG1UJlazU`%bSB(8`jFD)Q-;fD z&Kk7`-07eeFf(8JD76i4j2jy*dK&o#st%^Kk!N+@G~$n9nW!1E;hp`IKr4M0hYF;7 zdR6G9%qUPFkG2w=BAcK7E?I0!#jOptoGaH={3%Pi*hvVe-Kiztns4`QhXu&#Xv<*% zf!f)~Oh)%r@Av9O^13U>t~>xhkHtD~lg%hN0Pi4EshwR?;8>|4;>68f#e$87&zwj? zUxL?P^w!dGOH)@5)pK}(e9RfTTxL4ls~ul{c#ap@kaxBq;V$!yzqR~CCZEfBW~EI; zZCHk;LkD7_QM#o1B{s|N-c=&p*R5nM^I33FN4V&JBjAe?u;c4lc@bDY^ZOEVkkK>V zb_HzHp}7Y(AHYWO-!neRXr)|x#}%9%iGTv%LA&EIySdpP*Rs_0LxT*Ii+$X+vmFU^ zMuIoI50)xnHvIH(5j|QaT`smys_#2%dtl&{zI>1&HHr&0_Z%_PPJpWpBN0}wFxyW* zSZ+Iqjw;m|0ed?EJ7Z38%qV?3KN2LlT_SmmED7HQl(;kOJu{6b-|$qqO|c!evV?bJ z^v2W9*SMLYX)nH68!PwI8+3a49Ju?m>Yp~o-O^DjBz5J7Q6?gOb88gZ6lkwB8T_i9 zDLV4g$*Aj3k+{4zu60rSN!hShZRYrII0GlnMMa{nHVj1g=0MslVuB%Jnw&;-smM*n8>;208frVO=juxE^O-Z9r$7HAYXuJ9+i<#XcS`dqA3)GIk~Z zxhHqT@+bcYjI>IC>xsfo*|i4^ecgdU;!}!z91OBr4@AW!+}SripHqP?sE!`0PTqu` zexAL`J-@_zcOwiRcPHARwx^(+1>$h6>NsM3UUkY2v4!-D!NWQC^<$i2O>o4DI2qT3 zIeK63L9$n0Dk}_uw*QF#9ae{!JFc7CjCuH@IdVNig!yG}590aQC%*P1n&KJbhfAU+ z*|!6z4l0g9qzXH)AAtx%*g$v^0Jb$?(r}nsbcxQUb3)@i(@kpctjxlP&2VSatGltj zXbx|(DPLJ~fg3_N%}7xWEU|e+9&oT<*xkl$KQuqFO4Nc5-^87C zD5SFJ%d9e($($JaWw)L2HhIDvN<1H6?64LxY%!hj{%p0s{-t+8uH-XAcsEMAa|fS{ z4v7C);|}#>P}GK`F~lr)Yq!Dhdrehiqr}wB;DR`LoKbnpX14bQD)%pnID4wSIx*j2 z0h?%V?C;DG05(f?@q_?6EN5M?W~Jkz@5v+O&s5q5rI`@JBXPSmy zUdS*jj;j8Apm&0Tm(PEoT`$Rr?Bo>gIAdXW0~WODKT;>2kMVTxUMb#aXel5J4Wg4P z!mJ?k3w4}tX>&x@^-Z-|ikUm#5d~T{g3_bPs205pYt%K-SVa}7-m59RMX1t1iS4mu zEOv{>iZf%(GM1=--Q7o^%JrYvP|ElX36f)kH=P5paKmRic?Sa>M??E{mzONiO#T{oSU@1)oEZ$F5&vX-oGBsU^ zf3@ug+)sF(dSSZ+o6qJjT_|RMB!{Sc^F$kwn60f5Wy%bt(|bbsTARq(&mc$SnC1j& zo+F5n;QAI8gma<|8(&fd3!3zog>031IxWLj`dgh5m%0t^U2d1uD5m!rK9poYLQ@4i zJNLIsRE6yCYdQi!Z)LvG>YW)z!d*nygjI_PJf$_v*&_3VNfX~iTd6Cl+Ad*1p}PsX zn{w+=hY$wx$m#DHQ%J?owF~lBNc?oPvb2%1h#MkhBx^u-H6GO!x+S$3Ga|Wa=GiX zc_&9%IGSsBI+Meg(USfk69O0+Lu_(Z!!@T zGyn%%pc`au0jdL`_=dEv3q3-0>_)OYf2rrw=Vys`mH#g9L+D#`Fm^_=EWf!_@x}dR zEmwCX%ysn_Az)PR=MEeIav(}|wU}d`mp`W2SGo9zHltU9*u~a?l!F5=_*ZYKlpPoKwB#^`6^;P179k+3pjt)3E|4_$v?auV3=)Ac= z0en!krAyWJh7irTvCL&i#>62o+z_-^ExXoWf(#A&#%LRxtq>>ttFIIU~az~`6M?+={3jiF{1 zM2Mb25f!aHVatkH2GvuCBeGlRhO;?ylidcJ-4z0tvA6gic6~K#D5c~=nkd?126tcq z`Zn$f<>mNK&5fEAB57u8^=p@_F>hN2`Fz|Wjb2Rx{RqZqdFn?BEi(&sj?Mgfg9s#V zqLaTgMWXBmL)?f)@ZDo@NP6r@7)%c@1%TAc+c5Qp!!_o(ORbeQ^!~KM^8&|?s#3w0+LyF2X zumqxD#hAW2cN179l;hso!4SCx+HMlAZXATwospG2IxJvZ87+#Ox8Hzk9ocxy;2uW0 z$!0yAqm&A}jswK1>n!3&oEom?V7|H8mUQ_?uy%*5)q`Djq-)l$NZ+Tw!LR&?ia(I9 zCii!@J(PIVT}!gx$*t+8x%H`vJV0pQX;|>VUwD2qwO7*3s1ve6k9_S)s9)WhA(3B_ zNZ_O#)D`V)Tf4VU;JcI46t}~{0q$&%=5ii`i&Twh!tBV$mlY#o={fM1J(^XCTTz*?muk;wH08c49W`3M&Z?Oy3R|tW zT7iQ{>7u;kaLJp_QSQrk(_(#Sm;9lzX!{`p**1vE38ng@9QjLp*>Izp%~WvlqOZeT z!~A335fQ(a1~iCtDv5u~p~>aQ&({ET))A8zOU-BL0b@cDjqsi$W~}a5&>Jp0LKz0c zeaS`Mg$b1yFX-++WO^ckj{#L1C#bn3Zgrqws_|727S?Y_P7oS26sdw=`ty4=3`ng^ zOO-1~_I5UTxlyi1n?zm+E`~OJe9oxS-ebq@15raDdxe15duuBFR_1wZ!z*`RJGF2R zf78C|u)^)2FLGWA^B#Of4WI(3%#SajnZoI+VI={@_W|`L76>YYo?7Jt%&&dp1xF^ z;{^Kp0<)#7!=dr|*=jh?7WzG^O#ZT1ev%HP>p;ko$LaYY_bo*R!cq#ar%^L1D%2qXP(~Z6G4Lz3h7Cic7RbzgJ#|=KbmKYl3Fh*Z6~pokd@DUbNKPce!mcDTs<0q z46b$%erUMN$nfKNVNpDH#-UY2-wiwJ9jr%+=JhOfVa=r99XuU#vwmG1e|l{`Al&`I zwe9=!xiwN>N83sHsCVCK^TB-Os~*q9PmY9^ZdqIWX-@%~YP~rzVjON|m@RI{?O>64 z#N^&-OW}sY!1Vo<_bkb!_wI$3xP_E!7CQzte8sbwm5$dLL_cAk>|bu?FmQ1C9&a+3 z-%gNlC>Mhbl<)ZOOuE@qAt;UA3#!Mf03EfXx9C34iS!e+73ZG>;2wHb@G1=wO@RxO zVzL8=2gn&8ux74}j2Ya&_=w^d2cBmV(pFsvW6hy1M`*bx6p2=VA zxeqG5I#R9K>wMzhFgNnXj$e4|HoYHVzM~fzKQ%9wL(x{mzg2MEK#q`n3O~Z}=?4dD zvH3D?q-(xi&R_OiBh>6|Dh|@UVUft2ZgG2D7s3LB^DhSD`tH||>T_ICKK+)K4X)rD zQ`m6+L^qbdL$q3-HeYBg>Z`8d>E_1j)GMy47eF?zf|sm<3iZcY-$7XW`5mHF=O_r* z&UT||d`1v(%Ai$K$m)Om1`^Gf(d1=6f-7glHr&FWPWr@wV6G->GVX`$#p{|W3w}84 z=>T+?P5rL3sJdl!9sj1J|KP7Vmx>b%>>OH_=q*hZmajLWq9oiMlIJ(ydo@m#lcFZ) ziTzeB5XJbK6df_`(ve^4p-MPYY25esN|LCLC-X$$F_A6FoL-JYh4IS4iW55#ULS-l z&w<1p0WZ2YG&ZvPRtGej9adGPK=~hTaKzVZ8*>=Tv!{z=q4kn#8pNWspIgP`^=sMN zxXTePZmfb^oO9+V;LINZ_HjDt5k5HFKtL+)A)aDNC_PLDO;J;>2us_@QC&NC5)y$z$Qa zu5ZH9aNJZJ1Dzb=^VHJFn5&0Ki;qT{axh3=Pibgr_h|eMn;5(2h|+}qzCJvH_%rtp zrBg@rLS#ttb4xA$HnPYa<_RcFuD=v5pIYom+1%_;p25KLTGvu*eWXF^hvdirWQ!kw zC;46EWTC|?P?AGhTVcA(n$qKNgu(RS!u7XWYF4v3^i$6(T=`Njkf)bQosHb$JQLp2 zHn$eTeJ~nQW~oPHWR6=S2DO~T&yio2Eu8Luo$%a=9qr1ePaOX$v1YeIEcWtwbHJz= z)!b4@+YAr^7qPMyeS&6;{JuP`PgviiQNq1e%EL{vc@`NH;~0rvSbp@?Yh?m2?(ge1 zM*oPMFEl%h)PFLokrY5RB`%}-pa{>2Fe>nSd?X3$>Q zWj%)r1`WW3Waz$R3B(=m#pa6jwV}d0wR_@ogW^_+mF2Ni2BRQb9mYkL@df2 z*OQzdimy3+V!>Gh=(;tS^SO96{D2rJYqsAY)jTFVU%*W<@2BPB?65P0cZd<88vdt-f9aKEnc>F7Bhil!$EHkiR$_u2S(tf!(aoaiT&Jc)I$7s zjYSps6-_!#f2)$||BotVQ`j1rgOKP-klE9tlb(}SyS-k5B~<)FXUQMYgSBCTKp=Os3(@XUMH?k0 zLu)UJob6!=AV5v!`gA3U>t^zxiZ$f8ShZpzujC5it_D32eVa0=C%&vGD$O|S23PQK z|JWN!uJzFKsX{w>3*U{_bv~F{VNsiznG*#&0AF*bcPQ7tb>ut5#%#)1D(0llg(?{F za4&USiY~>$57OV*kfG3ho;4D;*N*oLG%|{=T9bOvH#FMvFOvy?id0&28U3~~vAwgP z9Fm5HhW58wF{t?^g37%Wn(xt~n=)Q3wL|(>ef*}ZOFhWi6dZ2NpS077ZNuF*Ls(2=cFOI9eFsQq$C}pXkTAb$RE0ZHJ2!C<+9`(m(T8wj6 z&N$m0*|oem_?6fd&J|rcQfdB6oj?8TWGcy>Z<(`U1M}|9!;+(B)kgSXgP%QCKgmfYNgm;-fJZd$UlcUThGl|Fz@jFw)LP) z5^JPWa_K!EN5QN6C=**jk|78CNv4ea^avKRkO}=9d8Ed77*Qpr^t!KjpUhiDaS7F4 zKFV>Mt9|&t^ynyS`ecu8ze9)dm|X*l*h%MP9A4r9#~)bn*se zpUxQk^BtVMWRK0YNw zW)?(a|I%xli?Z&#(Wt(hzjA_d@{!oeg&F34Pkst(bdE#}-CWo&F|e1RzlrChFxHE6 zI5C(>C7}NhGBSuN*OuFYx8-L!sC-jQNQwwdA7 z@?uFQu%pHD@Nlt1p&#iL9iab_iJNV<%I?5HjIc@|m?ly3thc40%l(s15c`_{rQD#M zdE?d;W@($AOe@p(bQ>K94iMMl7#Fs8N`HOhZDGdwhgX?{Bk7>P4>g((B0E+^zJN*# z={Recn<0X?1|k=<;RW?O1rC0!yxm)ZuWpYnO!$w5 z{j&WVePtIi0!cO?`I7pNU(S%S&8^>`(n-ko?||fUGqy)7+2>zY;`)Lr#K6Tu z{Q?zw%~#JUmzL^p{@f&^;Rc3}4~3PX&wQo+H;2LP`okU- zjIXEr9wkUe*zxqr-9j~N{={7hca`3)2r@U{q%H(p*cFPf`|8@o5Drji`un`^{~OCRlL zZwx0nmj9wplA#I%@9SBs+|g2@0W*AV&w$B zzw-1rFd`mPF2-Rd2T#oAD|TBS^i|x2cvQg)H4jLS730}TMWUrem(w%R@M@+x`N_4y zBiEki3;2BdkZLlPYs(op*4PU78`B{OI0ER25y*YBt@3@C|5vVVAZCv(v4P`_oXv^;<-IXRF^$r_5Ka7J$7%3!Kf4G$HJS*JQt1nTJ|K;=H(JhMvJRM!US9@GOqpkfXRqlgOgDWLw(&&TIdq99d%;#;> zJ^N4f+tYEiqTRW!rl<2CmhGuR_Uco&z@zaFD06#0&fLO@eODC)C`TDZLAK^lS3a`T zvUcmI{8@-|!Cy}xoVRHHMFQ%8b1JA7WBJn$Cw0PKGg}-f6 z>^gFic)heFaa9p75XiCICPlN(Nl2y3eq!)}+!bFo_w6k7g>MUe*3iu&cHI=@EN6+ugySCEHWgcBH9$3lz$yAh)RDt-NsrGbJR{kQx zd<($oINzsH@3_NLPE&314Cj;=B_G)U_CWp(Y+ZTBL7S@RR-BAJznRp6c7 zAgnQZJy6bk-&huJGkxHQAoiY>rJW|UxP?K{^r2a)&Rg0yyo0R)`c?MU9op22} zMxeTiPkSN{`9JwlEtzlo<9}PqN#Vg!Hfx93=&(hMoo)Y8S;Vu6bJy116ffFVhdR?D z3`l)ci~jl!)Xsc4Dt!aDl-NzMR#3%v^&DZO$pwUm0fj7L+OF91N5zVkvP+_QYva%Ytbk)j_V$FWyFqmUNmGmWXbpct55vY@!neJs8uwcC%J+ z+E^I4RNU%JO7~m#E#pCIRizL!zZ%&yPj+TS z5r-iNt3Ux|lm(sEQ(&LUY^@=Fc{^GNu0J%N+(L&TIIFvP*fC^h8VNSD_7jXd+vvin zfVMwRn>s!n|Hbvrvd$+?|C=-dpb7p+{L(R|eEC9sV58jLa0lXxbo8#WhI6(2ox3X% zbeDH+?I4@Bwd;Bs;)OKhE~BfUX8bEFi4S}UR54q7J#n7T2eZ9M`Vj%a=ekTQT71263Sk6nAz;LOE4^ z)>Cmuf842_`;gMYNQegHce*gSxw>g2Wl!tF>8|RUs+Rz}a|tOIwLftntvB*`1D8ad z8^t1zr8iE>B#&znNDP&AycE5v&U7P^-D?AOj?f=ixk18OOaOVL?R)=z$V)LN3bSuK zjt0N=Mp%kGweHp5VdDTFPa5xU+NgFmV;1$%s9hkFSI0+#sD178QL8A+!E#53>%n&CUQJ>3d%%`^F~+7{_m2F+5F=`4tmRb9wBIT@`aI0#UnU?YEr~&c!t`X7 zDibgY>HQ;O`hK^jqZl9Ix$mugW`(!)mlmH#^rVjT#`cu++e8EOln^aV}Jq9% z4vwlvxlC2aPwa@u0UXl#xScad9=TIC*8(C?-T!lqQ@vUe+s@OpYjxRVF9KHF&GkO| z%XV18*r5h3CrUpL4Pg4%tR>sbtgnZQAAGwsb-iS5*qbC)vx?P2?wg9kAuT>cL#;eQ zu=ZW8JqZ+X4&v`V=4Bphymy=iVs(7&c9EF+4X>1`=5z@}3Q|A&aK`tnda<`Q1zbJe zP%XI>34Dcm*rk1awUI$#I%n)7Yec$^ko=pIZXT1w+@V8E z69H=%Ea_rwrB3wmZP>uPDh4i1PLl+Uq8X1n*+qT&pkJ^vMQ0mQC$JY6)3uvIKyayO2U&-^ zFPxh~U2MGZW|xAt8PMW)!9~DU^`P9#$VYI_PH{;E&SFI{;758x+EH`eZ;s6EgP_Pr z#X&f~P}p1w)62aI>ihi{yHtu+&7MsdLDeSgGot}h!J|N3wWM$Nx=)g%Sa5(rPpmZjsVZ5% z{F~d|VrD+>>g4&UWZ<$}!rhi^o!7gl6|BLe^3!{x-J?9}^F)}wH38x@?>r`c3yV&>vRuE=jrd4SzxTTa?kL$yslbQv zORp~xme>qQ*B=Qde@mp^C`WZ-`_V3Id#zLu$4gn9`iK>=rs?EU`J#3Qau)A(E_&5_ zo=)0rEB42*8C{eM8C0>{U*h{2t;=VzUm}`lx4Hj{iS2E4M_Jwc(dk2gy`A*?*fyvtP^eVe9@aijnYuod-`*NDFQA45xXOC^;iV zBfqIUY>0GTW&7;l1BaehCb4U+18KLeu&oF2+iOan%S+q-UTn6ntHVAN!Neno8ZnL!&aQw6&&I31=U_UU5W1r$ljn)60+D#ViqK4> zi9zs&w`S9-H;Zgho!x@6#qUi6z8=}R_ z;j5^P(~Zc20&0&|;u6QuGAUK+SN3F?+`PQ#wD>O2m0Fegnh-?4>)Y%~VA_!ZKJt|F z>7DJLh+8!PL|vZ`5k@#h$nL=s!cN-L5$F+<_rsvVuaEYVdAf=ek&|i)({s=sR1QsX z1{fYzSUx`7au2sm=;pkWWUxaz;%5CAA|>w!)2fC{h24o%YP~DAyME#ckn`(6Mz2b% z9bpK}7sy`J?4W8l%vxK5<_~4{N=rtei;tR6^(#j8l)u=Nl(*@9u?(Gol+EF21gQ09 zis8J^&g29$Ikaq6r0Q%~lO^S(_O9gXoYwnk886~!DAB1tdlDUF$)n|5 z_FOGHbUJZ3FkaJco`1e9`9Phxu2;cQ!0Vy({HgyE8U$7zI={W!$-R5QOxG%{OR_-c z!cpB1=#+Q(*ro%BtEVYmY=h*aZ*I{bkG(M=*~(17a%oum9Hw0fmy6n*GijTilUHHB zhL)~(YyLR~Pr&aTa)ULwERmV%9qAC7Dt$-^zYE1m^rvhCS?PU~!{8V(+!jWA)Z?t3 zMCltZ-0oGQ*`au8XWv-P&%bg6ndHH6;jfVfEBd*fE8^kWPM^&%^zhK8rFDbY_aP_h zyZjXf=ghKJTUb-KpEhLr!zg1`%dsR}GOx@LQr_Y;c8@<+wmnP}_{iSlzi400_^PMe zQnov<`KK`LF>;ZWVr1!jbCc33e++4gW(cle0}rbdlp(mx&PM z_+)}Dz(~^TWlxfhYW`=MPN1vcKyY#>Gy!D_6~!)s*UZOpOp)KoY!Rd!{w;k*(Q(a&;y18ds8n7e)5kpN^$*>Y2sT>b1}o9 zthZ{&%*rLi40NAcPan_X@!g$uaW;?Ct$L4an;`|%qto#I{($eOg-6gL;6~UEF*N0` zIe^WrXvtK4-x&CA{GMd^dIZWKS&G$7rEPuH6?9b%#e<=qI6uv;P{ys#hMId$^9|b+ zn^t`79fO5;RN6-&o*i|i(zQYZs#~^F^zee!7KkReP$kQMYdT5M_HYLsDiYnzaMDOT zOl`<<^K8aZ%c@0j#sO05opY-%PIzA!*`~)J6r%Wd2l?$gq!*`(2}Eq9{n>5PxiS>{ z<@H6PK7rRr+r3?AIU6AsS-e%#>@@kZP9&cF?uLAB^C({0jvE6OU!jTqf?opnwr>ONM&;1Er&y(;6-UStkm$PTz{agU-HXUOb-QjDOwMJ1 zTbXhxA52&334tSHOGK9XMI~SMHlrO=QK!^KXFNkq!jP+b^SUK9XWT`LO0j1VStidq z%uA}1jX;nd7e~`}^`yJv!SBHOw`c_Ix6YXKWV|(j$#s~68?3fMm zkV{|z$g+aE3>5ydx@qos_5YASrY#01R^_Mg?caud7w~-sa`c1P z<>s5g$|6#y$iEoLPr)?Ob+(S)xuq~kCV{>U4OgEiH78beW%JA-L3--(>7HRELu{=e zGZxp`quks)bv;R`|F5C^AJi05{vm?q8FM0kPS?%{bfo|D0gBM6bo0|RN=Bvs5Ym4)v0up{w(=~VnMd$1zyI5`IHe#{ zy5f?OT>rNlp2Z;n;UP*;n&UrS{eM`ceH_Fw|1==~Z#UdW!E&mC6(Ivkt#>EOZpH*$ zl!pQ-=P8pBj#AU*xa-Ts1?Y zjl!hD2=(}~tZac8zE+^wjxH= zReUjgzVyVR)NdozmX6RFBQrsSFApKUm9{63i`+VRiT^?ltRKRkNBwPjzL)DNZL3tX zpNt|J%pIU$vSl&6`E#1gFRvR8I>rC*)?+rc%dy}7HB2fGyE1>YK^yC%RjvQb@M4zP zBi}s`i(cB{U)8~$_#HBB^N!wG12T*ZDR?3OSHX)44cIOGKjGm&c+ZqWgLE(CWL-xH zN(ZeBM^JMhBOG>z-A4cN@CImzrRYHM7J2NzL7J00c+x2UqE3Yu*lErVD$ZS=ma@Ky zBISv~j$AnEiFyvn#lPTDKFlRK!i7A++s(k$;A2qPaE95QQ=&4JDHk}CX5QtxuYN7Hb{d9pCaTSv?BJ|~n4;WICS8O-UjDyCGWCb{{D}j~ zLhr@sa+E%+;SL^Cp3`!?ZfJoKt}tDRB3~;8AHAa7hC8aR>@FV5kE^zl-O~iRDpV9k zy7(BHQs4_2F1eRd*`(H{7z>L4Dr&flnlt+gWU9_P(kkf?o;>q$Gy*S- zJ2c=ka<#U&l5+%e@i&bbEmj@>FpGboiCex=bE?~6ve4-V zadD1Z5guzm6MPhsWceo#sD-M~R;dQcDQ%u&Y#T*G18{h~mNvLe&xrUvjNOEnsL_GD zb%g|!lerhk9Et(g8@bZW*%E|#WtoK)aMv=M-)K9iuBYjqpTDJEp6FAI(o8TLCLi@9 zy8Bx=3pPfs2P36G9@YK16Wv3g0O7a=bBuL6fBe%c(QwBLm#KxGDRScEU3@9M|44i; zz0JQ!Sl7<*qc$dJd#PLbpoJ6iRO<=n47SFRNDc2FHp zv$ni=a~*gKG{Te>GEk+6jEZ7;WSuK}`4d%kup5$O0sADJzKNNJsS{J#Fc+=XJE@VV zeN`zQb_Z%VkJ@(4QAX}(8s=)&s_rUil8k!jL+XOji9QfC^MAxC$REFxp{-gBFv?-+ z+iX)WtHnF-yU%jkZV1qi1myi6yvmaw(MrxQu4qVq)2t6+0HJc)$u;h94)pHOwq^;# z7JjOWLEk9N86q`-Fv^L38+|R~7VyT7pQWndH2R@FJvaU3n0hIX-m=L)T^w&%Hzl#}Xc*N$j zY>WNEnT}EpoShbEgci7KAZzcxY6*xv)pcM(ji9UQ;JH+WYN?h2_9#69F(0U!)*(m6 z&f*D({wJJNA@hwSWrD#`#?~u(I-exm(-~(5%`4N)a}H)Tao58FW}MBs8UMvv8)BfX zat(4|39=LkE-v~h$~9C%po;BzlpNWHfCTS2i zEB^+VLo19k+ub_fvRo?rM&1$7@q`>oai{0lgc)o>rhlmacT|AbNNtE<1O_l}yNT2R zWPf+L9qubISw>k8yAX5M%h1GpU_T8q-A$*plUC7;)e&%HXwz#H`G81Xoz$8OtP!0ckp&OonOVE}7Xw-t2Lw4gzU++U3T zZDG-ogkqNhEB^cizTau^fJUpJKw-?cpqZdv@X!bKEAB=wmYZ`Cumw^aD{@F}hxb}_ z3V0B_OP5T&aF6>OpRmbg)G`&BGtrn0Fk4Tq`-mb;IPk73cqY#GtICFns@ac8-yi*= zZXS)lj#p!4O6d6|1vXDoM8367dkI9o265-ZSlyIm-WxWKz1EtFC=1eX4AaM zngVnr`mkmC8bbs-jZnx>zd7e-MFv@L3T?zv_3cKnwzp_2P_&mWmd;f~b5!#d9hY%yBP4H| z0=kWizjX%=_HG>CLB>LE5hdRKh2nL@Kf-qS@abTx5dv@=7<~_P|7E>S6^6j0J^MsG zA_~ZS=a0c8~ZAkef|8S5fe%liAroGb#Q7cUtj8r zlKQ{A;HO{&83ay3#vf3&(3hjx`J*xr@IzZ;3z?s@BIswF7@W;faP zFK>tSvl9Mo=^s&1j}xos6WLXH`b=E5Yf_%SD2OJUDxX;tmQ2w3xdwT}=(KcBQc~Kr zP0`5jU!U_9{Cx_Vz| z#Dw~XSp9~iei!+Vm=cAsQT>ab{kh*y>nkKp&|-~dMf{g|0SVEWx2O=%ayy(C{;%j8 zlA%&U^i@QOLEH7eqx*k@UMmzodd7K;GPM*yW9=>=Z{e$yq z2Piu0tVbmnR4J^Tb{6Z`jisprw#&O7)e2Q&S|KziAWA}LVNO+iwSdK<{?JpW_;b$X zO>}I=*ugfN2jJXb;&+LSwFD%8@{*8L{D)u!k*Mt_{3CjdvM%CCV9ycOW%wzQG0|`P z37%B%73eAgg6@S?=YF)S$-Zxm&vlX%8E!zT)nf3MMS25cUHx+%R3){SgnTfn@$CE( zj%+2{f*mHB{IY_tQ-TvVNc#G{epyPKlS9&KgDy0v*sEAl^PdDUeELJs0#NL3*mWIG z1%bIA^`{^^<*(@P7bEEwZ1^GIqI_ivGq`vE`={m5e$p7gUSAYqKXgflkZ4TwXmT{k z9Wj%(5x8DZR8LhGelYR|KV8* zrcjAg^WhJ~%aomBWF{0}cSCnR4+i%&{1LKml_bpnChX@QAzS*7K&JVWyY}>lD^8)~ zU_p=wQgk{+ar;k37&-nhl1>v2rsbSyUe;mkS>-U>h__Gr*2)15VB(Z5g1;H!^)5o5 z8|6H8%b`rz-8s_DcLY{~*5)jVH29GO)?p&X; zb5|G*$awcLqvoGWY2hg}qbwNjHBA>+fpI5G&3&J-Wzf@RU}r1Q&fvQpx^li4%NK3s z+Q;}>{h(EKQ%Zw#7sCzVlLPN~4#QKr$;m4&C$@C?w*RNS_l|06dH?;@qoSf92NjT} z2M`qjr36D&Q8|i$h=O#GE}hUx5m8a9fYd;uQk4>v8d^YTf#0{~)zly~BXF(hN?P!TmRqg1{RS`v zcX*t&uO^`3QO6(HAnFN&m;(0mKDE(B<5|lApz=#mP-bdD`f=+arQQ|aae+1NiKu)p<7~bU@k*y%~W%at64M-=CEp9QU$5-e_eoX_RnW z`=*kp$8voV9sICnMbb!CjB!!*SkJcgoZlDJV-_OuiT4MNxMGIgU*!Ln&$00MVd3gl zM{SL=`i^NTC$mwW#i6hl;a-xXM^M(AU32m`?w>vD*>*KKc)uO=g!6h{fn&kg5%)Nu zs*ZclipI=8;vUxo5^{vuNC<%>-vq#_X;yM z5B|ELr0Og5DdqE@pUxZpbvvkH*UI5fy&$Z*uD%tIbJ=Uo{-4lsQR6#_=ZjTTj=P&3 zJ_D-Ln7{UcJRhdhc1{7*v($B>jZk~7;oGn=L5+6S<)py(9E%IL???3=VWd5|$$f%f zuC=*Ud1i27Uc=3KEk_9aCOa?Lg8NOVx+b#3@6Y4++S)fD{E`DVz-?@^rq`L zv%*;g{G+zpO^+{yj`4$qL(TZw?$36=zcP`lgt}fIsB$(C^;YZnh1AZZ6Ix>L=mbX( zv}OuwyK;5n<7LeVT=Tr+_+~z%a#$_0$Q*Br1vcj!jJ8}RSXfyKG&k*)*tiA>nwYRr zz0T5(J@T06y<-Ox8(37gFZRh{N1Qr#PbRmZ#Q;$DrL|S$#5X0W&$(~JXL7pPp{_wH z7vP%Wh#3=IA*dsNRJ@^6My6eU)9d*!9_BznXaF~H#J;}W5^F#fACJ+#Ep9AKUCwBv z6@+ukV**}KJBls{9n+6}8Ky)t+t=h~1!kBveYhuBs);Z!?t`4B@LRVhnx7im7Zz*5#5m@+W2R}Bqf_zQq!NhDwzC3 z%4uz7Y5dy@`u+5RosakcF;U-Bu*F7~-WP zR^11`TbOF(VmvRZ7EK;H?AxFzBH}*2;NDrQb5u`hP95kX5953t(eT94_dxffTl%(3 z@sKF}l?n~}>fjHiz{SVG6<*r#RPE2k1|3adzS}*|oHBR$^B#Qn3Mm%W`}GwjM$y4f zVF6oInbg()a?TL!cK*a#9P(9oZiGW4s;mN;*xWG67e&XoUGse0^0XRqaHZ1*+c8rg z08^Of(g-Ph9PC?!PtvCq=&j{Y+3G9!_VEO%5JABir{OP3l(-jBZe;zp@QC&4J9XBz z$y_lqj|@Jvr#G)l7dc+n|8ulo%BLVu={D!!l7hWOk4N9$xj9r2SY_EC)i3UG4Zcg+ zB^UQOuvP0$dqF_mzOo43ri$!r4sx?24qkOnP5B(#iQU&F({=*+DA~G_OQ(6?XXieb zoSbv~=3e_~-uCfYm=29EFR#nmi96$FJ1*BfKGtLzPVL-w3NU|$MJa}D1^Hj)O!;0~ zC|pDgJ;j_ze{}y^gK^;(g%c9Q54w6Rp730;BvvU_Kwa?s)6$zVy45imf4W{jP1aMK8XTi^qAR)mcaK0FhpBuS~TAEN`G+X2t;q+#9Q-=B@@ zW(o?$H7gfhqpeSX9qZD*a+#VI1kr+rSi;Q%WTRVaUJjcpP2bt9iy51#^?J=mC$}U3 zsYbyj2yt&2ZQPCSdDkggoxc=i%wV%_6WK0Nz7<%21}kisr7cCE_et9?tfJE=m= zPr*k5ILm_~VkTonB;LuImC)vFG}HLoT?cQ=B|c4;Ib@xI$N;4srQr_lznNN}9`4j_ zsPM*JyDj_rNi;1q`GxkrD8$Q_TqAiygfH#?v{8pog+@z3Aj1lPy{yK z^Qo!tHQ`#d6F3ez@vX#2DCZIKTa@dNkk9=S`$v34?Z}6+y&X@$>mo?KQ-fd4BF>rK z4oXau!k6bv^kuHAKKeYI+qE)Snv`cEnoIW1938tN{+HFtcv!MsAa*qDr2vF;_V0zB zlBH{g$uS#){&qY8^6Jg+h!Hk+_TRr;M?mXDU%6&hlDu&HHt7|ICOR_))fKd&m!5A5 ztQnq^b!DFA1ITcsny7e%!l8fpv?o(PWJyrLAn_3nN;wCK@Z-WnXvS}QNvQW_^%7kSNw$Xo`Nr5#MKwL9K0a^(s!;u^ECGe z52&}>DBTFrKFT!JtW`q@8z>A-;u>s=?jZQ__lBY3Davc-J?P8>8SJ*^*P`tM)kQN6 z!VH&r)U-?2TiU|jQ1R^KK@*p(tI^EMn<=5Wj^9321x`m_61H}iQxvOAGe@oc)uA2M zVAM`%XJ_|_NoaWF;Ysd_&gj1~1ixL#2*q1@M7Vt8+bZt-FNxne?oEAbTM02&xTN?3Kyb?NG|hf=C484vmDa9}ID2DA@|R)n zrg(@zg?8a5Zh(1A_kuI$WJSf5#;Bb15VjywU*P&^V2GFRM=hj2urXiEN(4HVp>pQi znt!N#*_QQ17!|PExzM`kPQ=IAa#E%m=XAgL-HH+qQL-%$jA}eh0ygig5))jUf@D$Y zuk*TNa;^`6C7(u5iM!mp_wSTK?SMs^jbi1>Lr*RR9+H!S_ljRl*SF_U>h#9Sv9~v1 z^MVyv{Is-6K#cyXBdz^YN7<6(Cm+1tk%xSUYndCVf`8NimB#89KX43b;E3Y#gmDMC zK>8e=(O7#GH5pFjq0~f*v)5a4N!8~Vj%C9t3$OMxI9dZT#p@zWCxU9K&c|$!)?Bur<@}OYMV{(U8vgbz(%R|yQA(4w`Y|Vi0%79&+)pRW2*=vYCt58k zE`$w>pNDr*$)ZG33^q`8Msle_sP(>2-b2|AVTzUqYw2{M= zUGK@N{lN+=%QpKt+mVdd+#jh@v2`dBEHaDNx!!fs@GA5S1z8;mhsC~aBm<*rQ9_wU zoP+2>T0rvO_%z|Eu)a0kQK(Vgp?2 z*Q-Z?)oKy3fW?VX3*Ha~H*-0One#;C`D&XUn|8zH%f@F1DpzT5ZssM6W*KDNGv24U zoSrt>+%15=*xVD|(&_@)g&(aWJ5JWo4l;(7p7ikV8Qi}5R}SKxZ!9yi zPTYY~9WS33$UZ4*U3(uX!Hv7vm6S=U(Mp7WG6(jBBpv{iO-&i!JpC_1;+0;X%?)_Y zS#HvotBfQ&l~31yxvVL3^kGM^ilgRKt@<=Mc)+TitAFu&Q|!VGBvX2p;UuO}l#eHwWOw=msb0GM z#V$Wi-g@E6d`NBzpWs*PiX0H0aSVDlrl#qO394Me|LU>E1l<|8uGyfe)f0#RW<|>7 z_gtQvv{UJRqf1^c9Q>{ty^!SO)wncs>Cp8FY7&Xh%%k*m*2`l}clvOZ2T^`HXnIQg zmMK?`h-M1-kHR`l{R&u#bIQpE7Xht{frI5Mc~OITjoL5a$67`N^h?f4rsR2_A4@F` zpX=K-3^?_HZ@%qS}HgyOHdY zx{f${?ax!bSqIL#7v{ZvH2A>8#OvH`KH-+x4uGxJf|vb+&hp>#{o~VO@F7JzVc+(?mc@C96fdANxkB28~!kC@MIxH|^(vZWguzLBX27!>Z<3x@yQQ)etJel| z_-MUC@a!qwej*b#+mVDH(-2pEe9zcQL5e;))?KkMUhUatNI+|isx2p##Et<%M$|O; z<*d@8P9g}10R%-;UEbQNgr!x`UwzN6zL+svdQfO1QQ8k4!Q5aBqJV zU5jM9=x20iWNZ=?Ng|q>AUQ-l6Iy*<9)jBfv!9CsSrRJKZOfrSqr!+}5Mnf;0tR-3 zUi6N<1JiMpW7e0^=I7thnoX8c6RZXi?f6P*PxFDwFGP8i{bS*3Q&!;6z&eYtMEiO? zfGFMGXU~}R4r0EePp7cBOUTKjnet2UnK6DYst}W22r6+Nn5~&Tor&iaN)8!Qx!8|j zCWvT39w6AC1&HrqCtoY#s-$6y>509%0uD4Dd@EJ+A`qhid(4wccoQqGa4rN_Bb{ui zCW|o}N$kU(Ay!Ht5>$%JQcS=Q4-e`t;Tp&+Bb}N`n655SE1>~~Nu?E9YSkSn z3H?^8(kh#P8B2Dl<=7`@$IWVgha@Fd!buH40NBgI-`PAVHp9nyj3D6F2dmKoZk7#` zG(aAl1H!EZ+{9+uiu%fH+>iMk0p*J0h#+r+@v~%1dRU; zo|+QBCC}O0Yu%6v9M!s5DVLLzg6sV5Xwt_7h-FlKD~@3OS_)eTq!x>=_01Uh3JbWm1H9^Oz?X(_{ShJ6&A7F42-;T|VYMn$`BnXTE6ifr`h)Fpk zUaYTRb{Lf;kuS#DI_b1}Ha6ET#)c9V+`eJ+)5QPB){DLOzy;j^YhnP-T`9$)lpGhT zLoQO59;rCIX=*-`qq0t{jO}QlhR1XS#0nt=JbTj;dyDuP@yQWAI^U$wea-;naiuqY1U1^DUv# zGHzB{l07D6PR)jTsX?Sk@bY^h^jmLyQW6wMtG@-@n9)|u%a_5_IGVn|IN$ZCwRs$~ z$PI|~;gPsWtTBmg6Wm$T7Z?}dOthMqV`drT04wKTUh+lDHt)RJaA^7ha(vQiH! zN#FWBF&Gfe64J<$%7|12QT!-tt>U=$;|qvn=pR1Yx&VBfykJ_ZgxO~wLnkN`RszB) zbNjekvmdt|L=B&7maEf}uXJ=FZZNH7fg5^i(+q)i;*|7gs*#xYbG^?b5B{};TH^E* zR3T0lws7JiRyL^jS?F9H%oJKVhATnzBQ`^^a}_yi?W)GpUrNZhR#8{-Zr>&uY2sG$ zVQfnh;!Z8p1IOqKL%WUIom9GzEUK!>MFyO5x6JpU@H);^x(X2cBqhp`Z(KY*=0lEH zZ{8Ida#%Zoo*!)lF>{x33poKBkoz7Bg*Qn=l_MRek?D!z?$i4K5R6pYaey$@!!hE2 zdtlB#_*0>JhX70AmKg{g=HK5NQO5!+2Qp!>ze({ITwO+*EF1t2rndE>+$zm-RL_O`mVzEqkFw0;WuQF4J8qg&1 z)X2(jZ_bYls*W4rn~erNw<7kr5Q6V{1X3Mo9Y6;Z1}X~bnK%TGhUqBY`rl9RWLK!u z%lb3>;P1kjlKK0iZ@ErcRX|qXog1BlbXb!ylq?JXuPttue3zP?q5j|g04_CsL)TU? zw(@)4P-}eX>Cnz6QI9>_CWS<4C|yV5fRKzhh2}m#<;q}0Zl zg7(6lTHuA@SAT8upFfPHk*8X9RG4o5{x+`d!tOngJ+h*plCQ@BR!9Dc>;Jr^t!n;( zEE~nO;`|;p=f(Y6NuTvW+T!MG%(6Y;K4=tfVImF{o)d#MJv+b{t-Tad|7+nNC5i8B z!s2#?s_u!lQ8Xz25Vnx_>n{Qial82xx4yjup%x8xBAYbsfswKO&6(VcLbhgb625iB zQzRuRDM?A$eamnC7&O-V@vp^CtqAS~oEwNzTbx&_4#(QrP$l*P^xx*%c{o;oahxi? z!}p81jSEQ@-)eBIkU+IQg*JANjBMv&+CsE3dxqHTSa4Lt2nFIul<|cX*!@zwCU;TN#NIFRD-EwL38fn@i~3Fg-h^&8<(fO{yAt8z( zP#w7~;&%%O_5BFiXM^9X%J}G6{sG%7=2lhMl^QB1mmG*=(xF>(UX-yWAfV`@%ZOXx zXs@zCI7KeR{|^5z9rmRD#gE>tp>z{SABEaK_vY~lb)w2v4JNWGDputuC2JwpDqnCz zFy|uX5S6ALhl)LJnXh0s5nto`r5;RtJ-TfbX%N2hX<4LSi@^C>JS1Q0zoVZscA9m@ zFYSZheC7g{e7qKpYMqVCR0KUxfay&=J89@Riu8+X>UZ52s4j$x?JCqu9gt7OctMvn z7M|oT=|p}_YbG7R8~)a-zCU|)^;2G70t(kTVOLU`+x1wi%I7P=6?JiP<&C#s*HHQm zZYL+KG!J-aKRmZxID#ViuQqYPIYQT+T&*gku(=B4*ExOH$YyY)fHmFD2wqHUiqZRJ zFzwzG3$M@F2j_>z9~Ps$LC1edlr35u98c8KCE0J}?u9omWi)cma{HxU-+ug2AOQU( zXTD@=JQi8MhBjpiH4s<-@RR%>QT@;R%{y1@(m>46y0stur72OvAWSAC3EMi4=LRSf z?ufvDHG;ijTA_N}08fmn(4rV1me4ctckkYlCIjHB#UF?Zzm3XME0u@b%!+};dHc=* zEq2rV5te_JWWI@GOO4v+g4|V^?0BULDQ382ShEy!e*rTZ4_hKZFcAhA2dYzV8p3|- z>-lEu5QEfk=oCGH#sGMzGNc-a-VmzS#owEM=124M!k_9*t@klA!J{8E84F2C7QWqb zz(@C73D-SIX&p75SBq!_VG3?I-2MiAysXPnTZ>&0L#D^JdVbBar7_Nk^dFclS&t2Fry7UpYW1qv}J z7a7n(jkw##KxivUmQ45}t!KAs*Ja%N@j1*o%h%seQns*l9Gh@8vtJAa@-|CWf2};4 zAD;wu)r#q@4A)QVE_E|DQzbg+O&vl&!{TlEdpj*KwO{9;&Q`W`%sLY1QW$YR*+g03d>eCTXb|Q zY+c4%p zFk@oSx^~VuFxdxh-WY9c_Q^?HB@VbFHX?_GU z{0C=$nQye!ZuB6@l%LY7U5*!Exj<(lojzI2MbIdNc=%b}w_=YnOiI%l^j zy&&dy+gq;YMe26<`Ybe5w5b_yAkyo^_n_SAN-pBeNaH4MBIHQ>R^ReSb(RWz)X(}R z7-ZUa_+&h}7WByKa}fLRQa>EsBi3P3rz9o*P+_ermfEG}Gcppcxu-9%Si`lu^syBV z=*AYQCcHenY?+Z-q4k;~Z~3OZIi_tx#|_acLC>xY&|7AWeh1GAbFURH?-sh~5$K@? z{Ts?`w?{&5I((@w8rdSK%wV;IU(?}flx>n{szL4J>o<8lZjsk;jMaHKXoS7du2+kV z4KyA~(s->>`xu`d)JaTL&y%KhEVd1VMy|!g;@Y!i)Vg7J*RnII9j+Bi$nxVEw3z@{ zh6&T-x~ljL&D~m6(ev^a8n|$LN+Ia3ClUMbji(hrk!-0D7^csW3KU|PKQ$g`zFs(iYK^B+O8SMVEkc>b)8BO+NzE?!YAX#n zX(cQ+&r`1bV>uLPKRY?1#S9(k&QNF9!&;>1zB7JE^LQknLSr(JJK2|*qr3p=aPD18 z51d8-gIXd)*wKTuAl(q2L6GzQ5d}3;(PJ!MYKE|*Y)dV3|MZ(o-WERYT&HI7BK={< zMi9wmN^xO+A8m0%S0Utk3wS%l7Ck{=y>4_YbLi)j4eE|)ap(A_XPpsS`#xsY-yu>d82H3RplwRe=l5`#%v1y z&5j2C{t*nr1uSe!WEfY@<7L9fiuEJK0!JZq~c$(IM`)Y$o?~@oSjpoEqyneeONUZ8kW|=Z(t0jrn*ql2f z%H6jN+n`9#ygwMJu=?4-#Z*;Me!w#~oe_U<(4Vq-*xj@3b<7}ez5qyjY$hI56Rve| z$sIi*k>JxqgK0tue|s7XnRK*O^Nh)O4mjN}7wS#ggvz?mMn{Dx8`&-=)zo2NgAh$0 z;t05m?@5}u&o;&bDIuPoRLc&q4K`B)Z7v`){_qz{I~Zo(t(m1<0p8#pq&97&(>Hxd zQ{*8HeD%cGV!%{HU2kJEFTPNxe5N!Oi;pcAj2mV-JQ(w9^Yo!^W?%!GJQJIfINXTdodcNAx(DN8>x}hJ0xIFfC3w7dqZ-^0ju##5jIVye5Trsi5p0A$HExvEFMDdj0UGlyX=LdxB#UU-3TKPpAin@WX4ME#_CoO>hzBfO#1>3 z@h*vfPaDRM0jO30Y2-F@(xSH~O&sccO>C>9L!>P4gM9G_JJkgkY$b7Y{Y)4a3CDY+ z{f3iz3Z=U5W|#@HF$?TI`Th>0@AG0^Pab2olMlVs&P(KEeQ3xu2X~Gx(Pn{^wZyTq z-LvvB)Lf^{cN8Jb3jv5rmjxi>_-3;3oK<2#jY~4v{*ei;I?%ta%R}) zRjxdBevdb+KP624!Zg{5F0_a2S7?fM7^SzzamEhfo~L5h#M|z!vw^=w!nMchM75ZVDFNgkve6jm zT~;NF!t^3BVRzYAV~l}*o6tZghODR0l6e)}OmLD^EMk|Ve7jHpu6 z(R!Q{Jw5=T*y0i2zPA>BYqGQ}_?0@Hu9}Y$8qx3-z+W979d5DtZke-d0vWFvq*r#7 zND3J%zd59e6bUvdXA?hOaQ4u3CB+xGxU}lF+OaR! zaXRlCmNt>f8S4fH?S>SwsxOY?oSSYIGZ>{>#ILyBE@ZPb0gNxzLc#l1ISsca!fX-+ zjXXU!IP-DYR~hFz;)o`FwWZCPMj!3kZkf_x1PLnrrIMkn-VYnksmXV}-d(Heo)P&u z_^UAu=aSIFmQf)oE1LDdW}YrGzi6ys@bfKSBa?GN)>jy;XXW7OC@xCxau(#<({z7^ z?pkcXXtERgom2oc&_+(x#SCYic=+KZdFdL`+ZtkDbqN8x@D!^p-93bmuXU|)XJP($>oct4QsrsjQVosPkma4ay)6ZttO24w``snb%8JaAl$qhu(Za`2>|E~x zPCza)u}X$`3U^a8STe+1(0EGvI?)m^yPlB^`dr{{(+#+&O{d~-p$O;6?#N^(m^5wE zRAP<7%K}LIA2BfR?~WSw%V)42FhR4;WGt_+$^+MZtvXKSlZ%C|#DE(^E$r5B zo<8v2J~5IF#RMwgJ0)S5yZ8o+VU5<%sQHSIIGEfEm9d6^Wu!0y9j!pv$&vn%Bwl8F zIj|_mOdq{MrCl}A-AqwBjT!(y#MR_VlL;s(5X?^pdfC;`@y?hGW~+0PHX0N#lkrFM z%yI%3sh`BYkULs_R-$|e;7Ra!h_h5bkAeI@8Gm;vpcwqvEG7-JEMdr`3{I6}8>l1k znRObn8s_AbfI2^th>~4!`PSxI4MS>}_}&TI`iaB@1jLRhG>g@_@*qnuH>Yb#TU&8x zy4F}Dte>L_G#RL2;*v%HY0H4{M!Yn-#e9=+sWAuDY8>tk46=m*dwy& z$J0r)Wjg!xFk`ZgBMxxsW!Abx_IwNjUvMK;F$l$2*B&M%QF4d_QVU#g%-S|*GT9L9$kZsp+Y1^$9g{OIn zB#t&!WPv46J-$(96EQa=>89qQ)nw zlH3ce%9QOHBwfC38ij5Bc(WJ?u{eQ$++LnwPWNY1RUD^Z&P5YOzrQhARR4d?7z9r9 zcYE4sZsgno`XE_zh?2idnB~%3i?wH@kr3;;zEOBXqYhEmQv@CsAe_>mp@C+PInXv$ zoTjJIyw&3RQ!TR0wPgXfIDQ_Hq{47XN>0GEur+6*GKtFO&J`yNWRSE_Dx`FvY;ufX zh76BrLMA!U;7$B<%8{2?s6n@8}T`fhldcp98rm|7gPm8cdQxF0b<37O^|KUZnZ zfpj&5%Ur)XsvnY+2cQ?$f~fN`r9nG_}@XY)V+k1I+RQ zhsa%?ssnrL;d_Rtt-+A>LjZ%#kZ9&_H@SPNxV0gNZm9L=1F!uz5329}4>&e>QhNNi zU#xDn?*R@N zp7VQ-crctH-ugrLZy7A|V^RG^8rS#Yjr0%-> z8N8T}X;rSk<4TWP8tCqlW_Fwy2(}5~8E~=Chb(9cY5Bjjp>#m2G*o{zLUp^nVxZ!= zr6s+o^YG>6c{L>dZ(BYquxx@Z{DySXkumc_b2hwxgiyk&cIJI| z=6!#0AUi48P73zZhwh|cJ1N+I4Phq*`=u{-=6!eOeSd-2|G!VcR@l4KT@a@hxhyPp QasF=I(7#@E&F1O<0#C0CZU6uP diff --git a/doc/owasp_top_10/a5_perdida_del_control_de_acceso.md b/doc/owasp_top_10/a5_perdida_del_control_de_acceso.md index c69fe702..7f8d3bc2 100644 --- a/doc/owasp_top_10/a5_perdida_del_control_de_acceso.md +++ b/doc/owasp_top_10/a5_perdida_del_control_de_acceso.md @@ -3,7 +3,7 @@ * Para el control de acceso de utiliza la gema `cancancan` que centraliza las reglas en `app/models/ability.rb` * Se ha documentado el control de acceso en detalle junto con la documentación - del API, ver + del API, ver * Se han desarrollado pruebas de regresión con minitest específicas para probar el control de acceso de sivel2. Ver en fuentes en directorio `test/controllers` las que comienzan con `control_acceso` diff --git a/doc/owasp_top_10/a6_configuracion_de_seguridad_incorrecta.md b/doc/owasp_top_10/a6_configuracion_de_seguridad_incorrecta.md index e53e8403..2dbe6bd5 100644 --- a/doc/owasp_top_10/a6_configuracion_de_seguridad_incorrecta.md +++ b/doc/owasp_top_10/a6_configuracion_de_seguridad_incorrecta.md @@ -20,7 +20,7 @@ Deben implementarse procesos seguros de instalación, incluyendo: para un servidor que pueda alojar SIVeL2 u otro de los sistemas de información activos que desarrolla Pasos de Jesús, con posibilidad de ser sistema de desarrollo. -* Se recomienda actualizar con regularidad del repositorio github. +* Se recomienda actualizar con regularidad del repositorio gitlab. * La aplicación tiene una arquitectura bastante segmentada porque está dividida la funcionalidad en motores. * Las cabeceras de seguridad servidas por un sitio en producción con diff --git a/doc/owasp_top_10/a9_uso_de_componentes_con_vulnerabilidades_conocidas.md b/doc/owasp_top_10/a9_uso_de_componentes_con_vulnerabilidades_conocidas.md index e124267d..f2b751d2 100644 --- a/doc/owasp_top_10/a9_uso_de_componentes_con_vulnerabilidades_conocidas.md +++ b/doc/owasp_top_10/a9_uso_de_componentes_con_vulnerabilidades_conocidas.md @@ -8,14 +8,14 @@ extensivas: sistema operativo, base de datos, lenguaje, marcos de trabajo. Ante cambios es la pila que afectan la aplicación, se planea ruta de actualización y se documenta bien en incidentes o bien en los motores - (lo más tipico es en msip en https://github.com/pasosdeJesus/msip/wiki) + (lo más tipico es en msip en https://gitlab.com/pasosdeJesus/msip/-/wikis) * Las gemas y paquetes npm se obtiene de repositorios oficiales rubygems y npm. * En ocasiones se ha requerido contribuir mejoras a componentes de terceros desactualizados o con problemas. Como solo se emplean componentes de - fuentes abiertas, esto se ha hecho de manera pública en github.com o en + fuentes abiertas, esto se ha hecho de manera pública en gitlab.com o en el repositorio y canales públicos del software al que se contribuye. Cuando ha sido indispensable se ha bifurcado un repositorio público de un tercer (también de manera pública) para implementar un cambio que requerimos y que no ha sido aceptado por quienes mantiene (e.g - https://github.com/pasosdeJesus/adJ y https://github.com/vtamara/cocoon ). + https://gitlab.com/pasosdeJesus/adJ y https://github.com/vtamara/cocoon ).