From f314afdfb3fd5eeedb0854bffdaa14f0fc9401b0 Mon Sep 17 00:00:00 2001
From: n-marton <marton@natko.eu>
Date: Tue, 17 Dec 2024 15:13:30 +0100
Subject: [PATCH] initial code

Signed-off-by: n-marton <marton@natko.eu>
---
 .github/CODEOWNERS                       |   1 +
 .github/dependabot.yml                   |   7 +
 .github/workflows/build_latest_image.yml |  39 ++++
 DESIGN.md                                |   7 +
 Dockerfile                               |  19 ++
 GUIDE.md                                 |  11 +
 LOGO.png                                 | Bin 0 -> 16570 bytes
 README.md                                |  25 +++
 STARTED.md                               |  19 ++
 diagram.png                              | Bin 0 -> 99680 bytes
 go.mod                                   |  91 ++++++++
 go.sum                                   | 262 +++++++++++++++++++++++
 main.go                                  |   7 +
 manifests/apiservice.yaml                |  14 ++
 manifests/deployment.yaml                |  46 ++++
 manifests/kustomization.yaml             |  11 +
 manifests/rbac.yaml                      |  30 +++
 manifests/secrets.yaml                   |   9 +
 manifests/service.yaml                   |  15 ++
 manifests/webhook.yaml                   |  21 ++
 plugin/plugin.go                         | 206 ++++++++++++++++++
 renovate.json                            |  10 +
 rexec/main.go                            |  26 +++
 rexec/server/async.go                    |  52 +++++
 rexec/server/config.go                   |  96 +++++++++
 rexec/server/parser.go                   |  68 ++++++
 rexec/server/server.go                   | 258 ++++++++++++++++++++++
 rexec/server/tcp.go                      | 133 ++++++++++++
 28 files changed, 1483 insertions(+)
 create mode 100644 .github/CODEOWNERS
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/build_latest_image.yml
 create mode 100644 DESIGN.md
 create mode 100644 Dockerfile
 create mode 100644 GUIDE.md
 create mode 100644 LOGO.png
 create mode 100644 README.md
 create mode 100644 STARTED.md
 create mode 100644 diagram.png
 create mode 100644 go.mod
 create mode 100644 go.sum
 create mode 100644 main.go
 create mode 100644 manifests/apiservice.yaml
 create mode 100644 manifests/deployment.yaml
 create mode 100644 manifests/kustomization.yaml
 create mode 100644 manifests/rbac.yaml
 create mode 100644 manifests/secrets.yaml
 create mode 100644 manifests/service.yaml
 create mode 100644 manifests/webhook.yaml
 create mode 100644 plugin/plugin.go
 create mode 100644 renovate.json
 create mode 100644 rexec/main.go
 create mode 100644 rexec/server/async.go
 create mode 100644 rexec/server/config.go
 create mode 100644 rexec/server/parser.go
 create mode 100644 rexec/server/server.go
 create mode 100644 rexec/server/tcp.go

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..ab872d1
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @Adyen/container-services
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..c684890
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,7 @@
+---
+version: 2
+updates:
+- package-ecosystem: "gomod"
+  directory: "/rexec"
+  schedule:
+    interval: "weekly"
diff --git a/.github/workflows/build_latest_image.yml b/.github/workflows/build_latest_image.yml
new file mode 100644
index 0000000..b246232
--- /dev/null
+++ b/.github/workflows/build_latest_image.yml
@@ -0,0 +1,39 @@
+name: build rexec proxy image
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - 'v*'
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: 'Login to GitHub Container Registry'
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{github.actor}}
+          password: ${{secrets.GITHUB_TOKEN}}
+      - name: Log into registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push latest
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: ghcr.io/adyen/kubectl-rexec:latest
+      - name: Build and push ref
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: ghcr.io/adyen/kubectl-rexec:${{github.ref_name}}
diff --git a/DESIGN.md b/DESIGN.md
new file mode 100644
index 0000000..2acbb0f
--- /dev/null
+++ b/DESIGN.md
@@ -0,0 +1,7 @@
+## How does rexec work?
+
+The setup consists of two parts, first we have a `ValidatingWebhookConfiguration` where, we deny requests targeting pod exec unless the user is allowed to bypass or the request is coming through the rexec endpont.
+
+The second part is the rexec `APIService` where we receive exec request with the custom plugin. Here we modify the request back to a normal exec and audit it while proxying back to the kube apiserver. This proxyiing is happening through impersonation, as the user credentials are removed by the kube apiserver before being proxied to here.
+
+![Diagram](diagram.png?raw=true "Diagram")
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..dac3b04
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,19 @@
+FROM golang:1.23-bookworm AS builder
+
+LABEL org.opencontainers.image.source=https://github.com/adyen/kubectl-rexec
+LABEL org.opencontainers.image.description="Rexec proxy"
+LABEL org.opencontainers.image.licenses=MIT
+
+WORKDIR /workspace
+COPY go.mod go.mod
+COPY go.sum go.sum
+COPY rexec/main.go main.go
+COPY rexec/server rexec/server
+
+RUN CGO_ENABLED=0 go build -a -o rexec-server .
+
+FROM scratch
+WORKDIR /
+COPY --from=builder /workspace/rexec-server .
+
+ENTRYPOINT ["/rexec-server"]
diff --git a/GUIDE.md b/GUIDE.md
new file mode 100644
index 0000000..65fe37b
--- /dev/null
+++ b/GUIDE.md
@@ -0,0 +1,11 @@
+## Configuration
+
+`--sys-debug` if set the api will log more verbose information about internal events
+
+`--audit-trace` if set, and tty was requested all keystrokes will be logged (otherwise the async auditer will merge keystrokes into command on each new lines)
+
+`--by-pass-user` repeatable flag for adding users to bypass list so they can use the standard exec command, handy for system users like `system:admin`
+
+`--by-pass-shared-key` this flags needs to be set if one runes more then one replica of rexec api, so the shared key between the apiservice part and the validatingwebhookpart are matching, otherwise said hey is autogenerated, it has to be a RFC 4122 compliant uuid
+
+`--max-strokes-per-line` with this flag we can alter the treshold we have on a linelength before async audit flushes, keep in mind the increasing it too high might lead oom kills on the rexec server
\ No newline at end of file
diff --git a/LOGO.png b/LOGO.png
new file mode 100644
index 0000000000000000000000000000000000000000..e390c5b185a6b0393671659be068dd6f82245432
GIT binary patch
literal 16570
zcmY+s1y~ec^e{ZTEU<J4(kb2D-CYt&BO%=--QA5yhbUdr9ZGjdHzM5)@A~_{@qPO|
zvwLUe#GE_#o_p$Uq?(E>8Zsd=003z6a#9)q0D?7vJ17F|`&Y&R9P9_=q9H2*RE`nv
z!%o!9-^p7jD+3I$HWUDZuz~+T{-K3i0g!*-u!9D6003Mb=>Of#1OK19ARrI!|FnU-
ze}E6Fv#T(~_g0$kT;C}x379(Av6z@Sd@yJ6v~&Ci00?;sz?ydEt|sK3cDD8|0-nN@
z|3L`A+W#)IQj-4%;%XyI`A%7lT++eWoScV+jfIU;1eu(iT*%qXLO?@G=6|EZ&V(r~
zU0odoSXn(hJXkz9Ssa`{va<8@^Ru#XuySxP!yuSlKH0mPcrx3&y!js@|A&s0xr?c@
zm7}YbgFX2_x+WhS++2kzDgQD0zn}kkPFE|7|HsMR<$sF>6Oi@a9aeT0HrD@38-^<M
z@2Y^Rvz0lF^FR6`>_Y!R{{OE1Z$3h-|Cs-O9_D`}{qHJFR1st$*8kgWBFF@W8;AfP
zQYSAZuIULnGC=ep?w`#SyjorHW^LNE4^~E@amA}v4hQ7_^sUPvtstFFVoQ+Yz;$O}
zOVF;{FMBuc*f-17mK&-Htlaq1X1fZEmb+ISuZ}+YxwP`ytv!BRTgv2huuxKJNf7I@
zsB4gst_mPS6vgjg77E4f)#)M&U4!dHeg2p{m=av(iVcbkNW=oRj36&)ZMcRNWimai
z8>}48E7V8WfeBJTj7?A{wjXobS9?a}CIS&As_vB3G$=kii0vCe4!%EUTjL4~j$9D=
zGM%TK05zB*5Xj)D&Edb<`fK9>!SDn`XsEhUQ&XUSa6xP)`of$R8-E?rgAtzzMC7Y(
z<yv%Qx@MfQGbJ3L0s9(a)9t4iU0<#8$1O~$`*DBtenhqz`pz_>@Tss+$)qA_ME;C@
zcZ}v$^t=Y?)NXet`U~#}F^=U3V=^K>h#mkh1G=Ob17EFL!#7@l+&rGDhPkv>YmeF0
z`1F(?i+&4JU*`szjz}#mxO=^1jym@@Z`%^v-ymivmuNPOi?v|i@@^O<zKtMMLvhqN
zj>a_pyuD?B32b@DOuRX5>@6ep*3nu*e>vEjnkIYJ;3*i;CECy^-(36S_;&UvoyNB9
zF6lN7%OobJYA#W^+xwJN0+aY{mV5~cDp&)6Ab4o0!f$!V_B?EygvD#5B1JMV{}}P`
zrx(8H9;Ys}w#k&8_ON(W*8aila5pnKd2_2k*>`p-z;*UCx2F>juhx+i$()IY%7NBp
zt7k=!V?;5nKK6_U=!|wz?=%R$oRn=2In1YH^uAj=u=74k$Y72im5Wn~;K?rh!6K)F
z@&fnBi3uU%+D?{#3J91t!WNw%u8#+{k~5E)ZihFt8qwIFr%|G<)9lOeH!&OsE@M~u
z9b`1jv$m@@2y+_=_g_%OtKXT5WG>4>OZ^6YE`8oJVLE<zWaI)gvJ5O&9=F5cowCs1
z-CO<IYbb(il{%J<C$I8eI#s9BbW?@5lE-|6e-?zo5mipXL;t-kh)~9AjO=v!Gy5$T
z;jdB=*A|OjQ<U>1i=6WP5{lgMr0admPmhB{$*Nb@WFn{-lOO1t;P#EeUU(saz6w(x
zrG|o<VZG56+V2r)>@zi>8lH<*CH+kseqfF3p#2eDw$`TJa>rMPAU#R2Bs|yCR%XgX
ziF#^6?8+8?iZtkj@$mr@QY4fzruwf>Y4f^o6Fq0RJnuJeG#}p4T@3M%l`lT_g@?Ag
zAXk_n=6R>5S&n&|DNG$lBmP7UG*K@=2#TjTVmx(_#GG&~a21geLk7s;PzPv-TLjmw
zNITmXf0`J7>GZVeAH#c%i^jxIMm;Rr+g!xwGFbRF*<IhuUP-jgQul8{^w2ZhvlcW+
zqE~BK45A2HFB|}GB}X3nUKut>laybcr`eV*JRSD*<QL=e%+C3Vd=Jx!ijC$-U2!q*
z+5NWHf5nrftn0<zPaXgP5#VNDA+y&e(7=S6fS`}R1f1#Rr-=55LaV&;V;a)3Z$D`5
zZ_IbF5TK)oFmHVvkGy`1gtb9~G7`hP%FUi1EOXGqk#Nf*gcS73kCK;)^bLGK`e%Ze
zHF#-Zh(B$cHA3Zg3&fWz7x}TETtyiPsO4nd7W;tfhDpgH5o^Sn>%7C(bRngZt_25E
z=^5qiM+zuM?0autb!Pa0@FUQ`Nj#-Rcd~^MH(am2hv<mgMVm?Gfe9`+t-X81Q$d3%
z3@M~gcdweo2Rq0(dQpkPzy(qSSjI(u$7B<+E5BoFYu#<>&EH6`Bn9zSpdfXhY<!cg
zHVpbk0vl3X9}osShV^f3t&UzR?MPQH>3!>uGkoJVpn6ON{Z%SA{9x6{5<-4EcT0C$
zg`f*ulW7U~VB^1hNVvjz#7EoyJ?cjGl1J`0OrdCmb|)dS&u>7<nVXU5Gl0fvN{BrY
z{sQh1yROmoOfCY{0I1Rl+q^G$@K1En91L@hna<LC-K^m?b^7ADB#pt|oXLBaDpe8i
zK~G|7{a@-yxz<<D)VHeSP;1B3xZnUBfLN{T7TslqKjOGoo)Y={qHn!d?;!?qORj+4
zv`UIxn2l_nr0&AEpAK>&P;s#!K5a>)@WgAkTYm{mP3vEH*z(1IqqPN_h_8u#Ag#+v
zoQir>quOq2kG{w7E0id&J)Bufc2{*K9T^^3a_(-Q*K?t*#uh^O76adpnA9|Q9?MQ0
z#4uBMS^2pnivY3K;IqNaV|UNbV})<(G@Es^nEeNT3}v(W=n9pVE`Kg(NLJd$g|OMZ
zLq6zXemfq261*?P(V=m0o^X0{S|yGd@<>xc!3=cW?t5Y#hjx+~HdF|VxQ+WXcG!*^
ziLjE!-T5%Ds0+ymI8b5|nX|Os40&b{{Ji1HnniJ#5X;Kwzz`)1TCeA|;?Q_cK@X!d
zqfA>STssTXZ`CuyLCwdBI-T?cCN&EMu`?6hDrLPRw_}lKM{jzS47g?*k*)B$l9|QR
z!hFONxr!hFekY@DtnKAV5DZ=G^-{P0lLn#2Zi|d>E6H4Fyo$U+L?nlm`nmuQyDxf>
zai{u0RqAm9CSd#s0>aX^RKn*!RJNYPIw&B&u3#eBiB{%m;7L=eA_dVw?R4T|RxVE)
zB5ROpEIdYHa)Zbhik>3}ln7?PK#VA4lmpQZx$SR@fcyNDg~6SpDNk9^A_0i@K%(NP
z8GlCzBwjt&+-BUOGm0bgoeO`>q|!SSp~Y^&%w_s58D78b0_&(7_qs&}OohrEd!L7G
zZ?aVM%41r7x(S{ed4~dRvA1Lso(;wKV-Y&iDEl|^$by@XwXG`4UUN!*Jy>FYTz|`3
zyxTRBQI4X8ft2V@BxLvgHCI*!p&<}(MzY)DFVl+}s&l{u<G8habFoAsWH7B|N0Z6o
ziTP)Sfyri-t2LATXsBG5KBm5P;|1Bllhd>p8DQ%$O&<MZ8DV&8ZScDUPAlu>QC)p}
z8lKy3)*@*?2ruwb>LT;gJnhFEUh>a8>{`Ois8Vq~$!_^3yzJax0ATAU=ya`nJmdtZ
z8sZ;uBYUW>9?z60dp*pqwKFU=AWKf&og!*ueXc?r$ODbZ@2}-VZ16|PQITQcz{U>4
z0*rman~!aQWf|sQ)r*3#H{v1uVs*B@>0I`D$*CbeVLu2p@YeF}Z?Y;!n^)6y0h<n|
zRg#$7M4;CzC;*!uLO>hhGstsR<F~Gj;8p+k+Tbexw;W2J4+uB3X2@b)rS9$02OQdu
zc#*PuMwEvCj%m#73g32$VSbr18YQHks(?x00nYRf`g+{)*Xe!3Y}!?>(QsVbv)kaW
zA?t^~9RrI)f{_74(2(%VGKUT-``+wVuNGy(*qI*$H8-4cyG7B&9VcRCAB3WhVZ$>Q
zD5-i{IaRmD3TQqCWgP5=ozrAl*Cg#POLm!92)QU|5Np4=o>q&34Rd&CP&?uIozORX
z7@|M9wPI8|!RdF^&&(C|M?QDM1^+Gk$-6Bg{zltyf3e69dPLVU^n*<&el2QNlu7rH
zt;1BLx*d&C2}%=8ig;;w`5F)YHfyh<=1Nv0l=nY$Azwyf!mU2}C#IF7Sm|9*Tj%aX
zyM8AaTf#uxN<QoNxkcehG04hxFnHPiDUFncF6Ux^)-+foB4aFf^9xS3YozI|4Br*>
z7oT#4UQ|dOITT!b`s)NX9aJxFS$n6G^c%*j_>&CUU%T8MU7Krp$cpS!fm@{VbRHtg
zzuGJC|1R@|q0f9Km_F`z=n(~rt8I)&eKQxUnt<${L<Mz(>$FO{&*p5+mXW<w=N(KE
zTU8#U$|Qu|!Ux7x^r(usNe)eluTYNl!_9ssIFVQ!rhvpfgvtr^Ie>u?Ro%CQC-s(n
z!S&`uoXkYek0(7H{P1(Hryo$5?ua7;v?03G;X9+*X({}bMwjFn1aD6osXeffSVAy=
z+0y6pZaz^0T@y#*Ocmekt-h|D?+7yTZdx9K;HewFt(N97NmAw^LXtK|;3u#SGuX&K
zr%^VV%{xP^1|*<guDOpy@Bm{!LPX}^uiW<%>DfkgXV*Go?nCtTQ+~cv@{l0xKpuJ%
z{uALZer;~f_())CSs@qp5I~vae#B~0yG60@&9BnF$GLIsw2G$3!R3vlyOq#)yPU}2
z-|%yD>7t38hoUw^+Cdi7yB)w;y<UTAwyHO9dp~`fJ-|_)5WZ)<>#tqEf1zbw=$Xi&
zM2R^9UG_A2Tnw*NF4}iY+|Z-g^eVth*kdI2S%J&js*@fWUwy7I%Qo{f;;vxQIf44L
z)w^EGDk{v=O~^;D`7ENGzQ+KJ{6F9GfpQ1R*2fBG%j|vcMn1Li5zt^ksUfe&#@?Yl
zfNCRlnr$KO608ApuRK@oY7reNN_RL!(HHp69(d1xsYwV#iv4<X+NyJoU~=bG2|x*D
z9u6h<6+vw3Y82P^y!}6GWJG0fSbM3#`5|KOQ<<OJUs6fcN-xZjok*qcG=P{rbp&~j
z^JMeldZPc_7%^e+$)hGm?T<OXAa;ybEUahP)@T=zu$4p<E97zy>tcF$2(GkL?qG13
zvX=@h9uI`|Z!o%R9pY)avUz@|-l7oK-Z9RF0zye8S4~PCj_<$yjTK6jPp`oaT$fl+
zF5anta7T&pDdTyq+$jJt8|u1xHp8n~S}VbLv@nACab0u0TE5nHKYT#w1@FP)&Ticu
z*ns|U=c`Y1y?=iteS^V-14ou_C8gJSdArN;-^nZf8dsqJF<PYu<42X{zjbz!o0Vo8
zQjw^^0<y+W9SW0vfN7VW;hs(v9@Gc1+oj^=wZk{eSSQz2rX-=r0DsJPZ4C_4r&P7b
znyv9+c@ewa9hg8tjl%D^H)%Pe@(C3G+&j3y(M+v&C)K6Mi!Tw4o>p3+cM^c(PX_qn
zhD@&6{3wP@IZDg|sOH>4LG{KFNc;+o0%(%57t}N_<(!6~kq1+QMP!ZV*@xeEOE$Gp
z%at)KlnDcL^ov{HmJR%0JCsG}NGB>$VL_cBX|`3^M-&SrLc6oCD%u%<3Ht(Rl!h`7
zox!^oO#d45t67R_A6fqWA={vtLii1PcyB$xv6YVR$AOxBsPa{Jj{U5ZMG_Q(1cs;n
zF=NdrNK=ZQ{u5%QhkE@3SZ4q@RcCK~TzX&IFuan3poRcr-FfX?o+`Ou!1UGPxhHx2
z=8hmk(*fAi$~;3#jIwLtyFn@?ept|a+Yh#1S;BxW(3icdSKA&`hL1C=7N!W1APJ;i
zVpv3C%L^4ZTvGa(1rAu^{?<^lT&{0JD{gL9{f~+``GuLXjwJ|%PaUU^#2RIa0l}qn
zA&S2*Q6J>Uu;vAQUxZYR&)fM^N+x4r;yBS(|E1-3iIIm+Eps^2hz7HU&_i}#f<HMk
z>JW21Db5$Nt{rX<v5P36D<i}Ud)dHm?&w>6lVrxomH|ZL)d;HW`?`y<$Pa~1vC;O+
z81DBWeA@84Ywiml$h=wB)CX1e^x72zn3OreFn4Q+g=}nv-+}4u3okm_Sri~PiqJ)S
zW_>&S<GZV26Y2#s*dk(k_2|vQ9bCkI;rm>4EYy$FNCr4w@Nc|je?N^3${(8Lq*h3b
z8}F!GqND4+YtXtz4_UvX14r*^K)?a7Q71nKw&#c}>Vd_$Xud7@H7T$F=k=+YyQ*=#
zbtb}v3wOqz_fxb3EmfOVxugRnvGH{e$kDNOL**YB^E02_Ja8rFHL0aJGHIdZYeusu
zci#|62I<4YKrL9nGP}Hbrk%fAtQ}jpC&4y6WaPHsW+2_yELWg}Y=S#UJ)_Y;sc3LD
zIxh#(-20pRI;T7ANy~ORkReRkaOw^Kp$>mgV6<!9DpYQJ;*Q*V-q|;8pM_gT4zLR^
zLl&l1+jWQnd}n26JZAS9a}&4yUq##7^}KK7IXj$F+<dS8o_Q%^71W^}<BE7ktwG3T
z$3Fgi#BV)F1Okma>E~<}y+u8L2Z#|&qO1Pt@g7RDOSK-8+%r!#QGu#?v{mYnjgB2*
z4fgc<oMw7><)rBmdyle^Vw>K$RGQkp3|hBRCb}X%sAzIp))ij>fyIIhg%EHat!EV)
zPT+4+oN*z)WU)R?%u|AJ=u&819m-iK=8<F1AZ0K#(9*RTF<(#>xeWzDrf!b@`DMtv
zkh+w&+T9`h*m$LbL0gx?8&TIuS(PjIZq3Dx19Ddx3fxwat7ujK6b6Js%YeSy9kz_l
zRt5$$N*SY1Q$5q^IRlr88>GX#0fh>0<J03KYP_dj9ST_2Fk;V3;v0MX37Gx}0iQ?N
zaI(R<2vLsAL`t%v!GT$TCeuX8uQn=yeDnZcg^aja3}=yEk*|;_snLBUz7Ap?N^eLX
z`AqtwuMWHWd3kCgIr&QWXW`WHHibA`sUv@;uQX+{t<XdO)BG*&@uXh(vFLmH37Wi7
zVjPKqmk{o<)Q_MejoyXQ4mX!0(|hT<h0=-8QeR#CEH0k8V-guTt}?NxzCwQP91w|F
za}8VRYjA)Lqb@#9tVw|54kl}|ONOiiIjIOJl-Y%4!bx<edAShg`?v5thi__?v8&L1
z=qsz^lCX|aSc}6#6!qgOl%1Xk^WP!|w0R$=J-5^`fbmWDml}W$V`T098)orDA@~8l
zy*Z+-FQVj8)O}43F|Tj}n$(dJv9R4!Kk!pnhJ^f1ImRc)UAGy1Tlxy)uOeWE_io=c
zIe`u2&OJZ?J!(%HtRQ;CoO+)Ulfcs})l36XO0hCgGfcc9w-pI<F+@0)%}9<T+IGhP
zR{RM?9Pxk+*H@DryZV$dum9M_NE+Q;N|~xm6QFq%=$M7ngWVB7MhAO*b}}s~er$XU
z6?grBDFdQutS_}k0qUhiZ#AuPbZ&;zhPdXdjqg;AiWp@FKE#Pcp@qrlsmkzo2h}Wk
zC16cK7UU-gBQoSTAIAT3$Q-;5nq*$pO=Q9ZW~NKH;T~4LHPV8`X0A#X{pdVZfdah4
zwPA&$oRIEQLv?q-yPBs${5kv9X#|dV8HnRA)TJ11Xqmef`~7)(NI)PK>Nj0o{2~lc
zz+2_(E!S7as{w>d?{5a>@h6b^&$n9|(Hc?UYG>!O1}l%dHOVm*%zuzs^qcXDDW)`<
zt_7)avX_L4n``|Lc2cML`>9pn9=~&suynU`-W%Y1QFZNTCiFthMi@{%oY>d6?q)5%
zE^dmG7SvG9Yk!}OM*#nDYsf6%9j`Yw;p`Ci>S};rJ`16l8pw0CjQ!B0?Wg!d$II^L
zR7nxxfsxZE=H8~!W21L7uD>h4(62WZUvO-xO`cvPu7|U%=n_z40_|PN1Zt3+jXj+3
z7IT<EuPl*h<Q&ytz`-j>7A+Q}jU-1?kyGiP{sZjh5O*Q-W;J8$MrO%z)oKM|P8GiM
ze5qtJ`TSW&67VTZeb?v(ctSlu3H{cB$h#-sQ=xB)JFPXDT91-K!j5W}?=%vzhbIN0
z+&1D4x_8YVZu+at4?As!VlM@(3a*s$8*oKL-ebCw@DoJRKGDGDVw~hxYn7mgyw?Dv
zt*)5R?P@SAn`^2Fwdh4xpE+rIi0}O6F+T);$qV#R@Wp(I@pp~>_~B#rM?*_2E!_`=
z#l?Cn@0nwZgX`bXIuQ?9<N)jEW{Olc$Dq6iRow`RwxF7JS4Wkea|S&!85!|7H1>$h
zY~DV{kAsXq)PMT8H?I)6_2)I}-19p`aNrOX7+aM~L_<7g{t9bpf419f+UU!|N3i7R
z*-Go9U*@-jJUeP7D*n)}_fWyNzL}x!??G$rJg5x`qportd1V)2@@<la%qrJUmqqb8
z)*;HR^<zNe{QaxAB06D=z1I^ZbY@Sq1|;B4+i#ZM7t+hIKO$(ud#YxGQU!lGw-S0b
zTwvr>BHbT%zIMz`Z`1Cv2)G`rTS7Z5|M00_n_2qz^wjO0=qI=KV6hXz?V}aHU*F?n
zzFSJ-G)E{rS|1MAx`v}kVa;Wo{@9>hy=?wxVeI3)!jx%;+vkH~_D)r{Z13qCeO!<b
zhV!@?dlR_%hotRRI<ehjeb^VyAe?t~;bgqoMs-@Rs6SnW0E91{IsRG?qlh;2Yz&bK
zbeiOhq-@H41+Wd|b>oqM7e`D$YSMLL1YObr+L!_uxL-O;j*sIc+k-=ghYxdj2r0t8
zzv4SSA=Z!hjl6ihWB~uwW`{%o?eAPNnm<wSvD+VAR{xhZ*Sr?jO}5J4cYK@be6yy?
z%3uKZ2yJ{N&+%-IVO7`M-_-Qi9{)-9-o)p(C&v3f6dLC`r>}L<UzyME3^8YutlP$H
z#R|U+?wT;Uixx1CNc!SYIkbO?ZcL+9CD!(k30BOkXDdZ~1f@G}7*&7+1fOO1U$-#{
zhpHxGeaCVXE*S1kFoWxa<2g0MtLj(x`pNYsldd&~6en<0w%zw{ys0t-O}=QhFl|mF
z-Tle$;e+63)txievr>O};5A^rIqViEaBj}P4CSlxr-duv_Wp|#X>+4p%fV}5@J;W8
zO~N^*S-8QLDqmW$@SBbQMxN!ILS@v<RNv?6G@aRj{PadV$@Y#fBUFIMdWcJ~Cw53y
zwMfDe+=6eLfGT}*%mq4lCVSVe?x->_mNsVXHPM&20fevDb|W?Si32xNcNl@fZYaT0
zU@>lr@9;nh3RlOv`$f7v<JXnI;)^%n%Pae33&EN}tB&Ig+D54s$#gNJPZ}&gTo)Y`
zcLqJjG2eC6F-TOim11~u<3@>Tl{ssn011lI{`%~l&W*)oA7>Mrg{8&Jat;T>2ox+D
zbEX(Cyu-StDsWdUR1~&xC4>YBpS=x>Y%*Shx{jW8^nSB5Y5Y0Vt$rlqgXoVYdsy=&
zhC?E^LMR1#$x}w{;pT&wMG0EpH2#=dR0+#eKH~otsq^#(sOF<U!AJ%NOe1?iDeD#o
z^1-H}cHfOJUgJ2*dmpFa@Hk}<k2-Zvnyl9lAJo{}^-6=qaQna8R<V_k3vRi5qMrIj
z-R4M8q6+!7t-Wm-r6#aNUTxt}Y-vT!j2fl+_EiJ3%E)+wP!~AQ-I|nY`VSnaxcxF^
z^HRLMsD~iX=!f<Xr{@z_)fK+uD1)zD*Ln^AhRRoIq)ghf*5=m?F9&!aYC%eR;Bv`c
zXy}@_?ouoZ_hJ)sVCVgOy)``G0m9U-H=o*s%uDR}lf236+EM5c|H+N~ek$UoI&M1v
z0IHCIV{o2wW*SF#uX(i!mYSI}{6^mN-w>hqdg$*JAmpC1fLNy3far1!0uOBhN&w`~
z0r$JepSYpHhKx9yu1{^nL5-|H{uE)`@JjO%0SEVrM<UfX!(4hifIrwO#G9H%2OC|c
zRF7_|$-e5Tk9^WLAi{$v&sh&xPf1d;RiGFLECV!F<sgso05j_M(pnN6q2G+)fHGj&
zWrh+DKvJ7`sh-j?{N|CjClD%N=UvCt3`T8gJNTkqgBZXLi9LJZ`{=lA3QtIYDF2ZS
zf&(9r0wCCo3OMT=mPTP>u969TVTh<hWJCsv$dP)K>ppmx<9Q>U(^_JxVWW$`9V9RR
zwRwbF(C=B#W?7_>+B|ZU5-1p!H!WX#QL&r}`r3A`9S)VFnKvo)l*2xw<gpW`rVAVH
zjjOju0tB-A)C1ZGQ9#9p9XRL%)`}mk<8#09?>?^WuL^?#YT#lSJ@qg+VPN~9^Eojn
z9eZ<<BbyqoWRm6~jRAA%t=ws?qe+4WMt};zhROx=Z*7X!7jXR*sjcY;9$3G5Rq2#Y
zhlh$6ybZQ8nIOj!QGmVw(17$J$U|a-r3sZ+9x4VK_``F!rCJ0k+wb$UA?Tri#lCzS
zy&N?$0v!@yUsBiKkg3M!s7j3~q>pd_1@%|8ZTpinr0{4&&|VDJv!ZHX1IwfU&lend
z0y~`HnSai#4%UL#1f?#akjf=_B@i%`N5oOTV}5U5=6D8TZAP6Y04tDv>R$~U`%5us
z6$f}Gw<^+U`~a!C*ugh}0fMF#|B!jx1)bkzcZKE=>X>RDoT)dAQ|?1KvTZz;KE36V
z{JCS52&}umI1vtln82H)Dx^bQMBk1Tlq#u+V>ExN72~!M#KU_Pgo^9uyhZ{l>$`q$
zf0V#o&imFF1W}7X{`?owTlzY?dK>!p*Ur8L%rk{2l)c=-t+kacww(O$87aU~N|pHE
zdWYnaK2ucN%BKD)k9X->8s)*Tq5;$>-Ef<xeTF?W-R!TW2#o0<DJ^$NFKDwV`XAEm
z%Kr4kmg>#S+uDf2R&IA(N94h8Z$H{BA|a=DBZ!Ns19C{l3EDWxpU%r0NNm9>C>mT_
zcC%pegP5z*JT(Gaa!5+~Q%Xp1;CKA<qMTo4{0xBjd%!qGY%6@DZKUi5s!Fjzoo?bK
zEw;f}MMZq6OCqo10?|Iv(#M~Xl3ibf%aevX8;v%zt?{h+CrdI^4gwD8N~%aD2$G$~
z@k<UBuLS44#|uQ3n6I|wRiVJbVF*SG36MYp(CqS}<TOH|hkPH5@Tmmq3X$T=uz`1G
z)nu&z_r3r$m*tIXY`_$s(RpWOmI}91Us<SmLuL?a6gZ#+$l?!`Mi`wM0({@(^=-p6
z#actsOfzNmQ9|)A?(%1U7+*A4Oac&mBaUcD1A}eb=1}_iKZAP0DV55K7}8aT^u-w2
zT4(&=`VRsqz+brq;d-Hkj8TOwam$}p4Ar;np9<=pa6=d0^w%=PpP88UcnzQhj(JXQ
z22DljPI5@@6`ijFP`cAjO)z2J(@fGkZ7apn+68o^DPEt$Y<MxrJeQJ@WbT4~__4w5
zc5zI#`yobT#NZj#q~8&MCvWSSQF1GSVIwT!gJjvpmM5QdFFO1~NA5@z13x&7p5TEF
z2{Blkw`kC?qcEwp1Tha47+=Ce;P(RR<pQ!i_pgV>C}IoB+oZbkpvE`$SSQ$3@p;z#
z5HZR0uI9>yh9ATWxQ!m@$u|QsV*89$GlFdH6_UyK<!ztQnVC_Yp+F`0R4V7n(NY4h
zuR$CC4<k}IxeQflSr~4cEIe+#|K%t?3YROQ{;Nt{Rt869LXH>JJ-y6g-N0zqxDf0e
znb*J!%?!^Jx3qC=M!0O?P472EM|7XMY>86*n3w5&27@=?gKMoCo18K8m-hx^6YU&d
zI60Cpx=QYuR&~2egwlsg?TT!ox{~Z9NK2&s;pBSP`nV?Oy+`9rXIH*F4=;H^oRKRI
zn^jRLAVUkm^E9=v_yTIMGTRkU{U@~jUW<JxuFTa3^7m6li;NKU%R6kq-7e4O8Wtyl
z<%L?B!iHaBp@*a2Ej&8?(qa!u`bl$AetFeTzobPf2m{m`6YmbX)<}jcOdR}lKD?YG
z<`DY61xVv6e=OEg_9&6?r=Zh<*b-iKGnCn$L&!<lzEod5lr3D|eOzz||5^J`rDA3k
ziN3->TN4)yn?j_&SQyI8VIjvJ5xw^V)tkx!snB=d-@k{PJdD5d#|DH3yR7Y$tTi>k
zN`nD-5B8G$y~~WPem=ylTT_tNMCMa!LH<d9vj;!XbrEO#wiLv)zbMiNzZYPQM13m;
zR9Q5Tx4c3MFf%ms<eT>QPm}cw=w&#q^$Wne3XjD-9E(Ic{5)ARQeKE2m;|Urp+L&1
zG}9&WI<D6~xGPxSuGj}bIip{jsZfEsv@rXmK1(ejBMl{Wk3qNR7?JT<Sj{o?lYb3d
z;WY%huzWfZGlmP(stP*0$;I?-Bc|VJpoUPsQ7-u1ri%^KJBe{x@MgV}QE0of6}Pg}
zRm4a*`v5`zIA4vpI@HLBY&8Ij<afE3!&J-V1RUSzx4qA2?V6{NYjk$(70Ep=Y?yY;
zzqI7CrwfDRrs0E4(V?4W)iMw{b<bX-v1(dT2D4B7fp4q+TY)Ct8H^61DBAp1G<scg
zkTagT=sWr+l2f09={|ukjf4hNt(>yna`C}N%85f?5R5LpF{`>$%iBS3!Dp-GO(8Op
zPetr=^-kk7acukhSLcPE9gWr#yDwFt=nCCORG?~&lsws`h;Afyi^<gw1-2Y*@DO6w
zr=pLK4(j+&n!RrEo(Yp~*&a-ycc)2%Y#5kw@@zXERwN>t`4QAqKu74_qS|LACcoY7
zq6%dAUvwCld~Y>Bs(Y@WJRe*$)MR#s1e@}~$`8O+ohRK7(;9QX-zIyI$I3nE$2H}S
z(j-TAoEk+TxB5tpOk7gARMHuSdB=5O(IH0?JfAk!iOhR3{#%Am+tOkZB`&-Dck4t8
zax!U)-PedRqJ}K9vD18El^q)eo+19otE?rYKr`M(^HIE^*k(}pw0vS$?AMX0Pl%w;
z_bq2t9}j!FbQqUlMn}Bv!sK)_sc^PdD?>Y68k00k8O{AzS0$iL3{U}Y@=r;;kV!AV
z15_Y-FrFGP-XM=gChX!|pr+F`{HAwVl03oGlzL-b#g14;J#fOUNz$Qu`;)Ei)KCo7
zMKki%Cp@9ftW6SOpv51@(6yW`ON7F2<ksawkw`$od9Vu|vb>;*MfGZ}?+s7#MIJfD
z^-~zKJGbThmMvoZt}#-pndM=c%|KtI_N@kY-TFuVzf0r*Io25YDUIh}(o_9DMGtC^
z!vs<pc)2}Vh^60SKWo&2X1ND#Me`~N{jEjU>PBQd^1|;AR*fg)*MGlY`E7<SCADs5
zJ{F6{Ox8cgu3t$Y8lZs#z?e0V^xtuE^Nd_!`_a4g4DoSXi3sWfqLgBa#`5a754>Zw
zzVE^gE8i0CdQS=RxweF@U_{GmoRTCUi+E)HJo0f;FR2Z!<76<tN-t3R)w_O1BY8&y
z4&b2dR&4SSyAeX%J$afeBygtdg8PYKLd2O*=ToDi?s;BbT1P_zSrS8f)6d?+G*Yu`
zviPX~!>bWCM-tBsQ0bpU{J2bIHH*G|?RhH#cIez7TvGyOXm8;vv-DpHK6}`Zh`1lu
zr|iVNoc}d~M1))Mu@QtxnTeE{N0wtJGa@0*6DHwqEs3V#dwFxs3lLnraPk(H!?L+P
z_28$=?v5<Haa<q)hiZtnH`y@YfF?ec|D@JrQi7s;lnSmr3UK$T$r?9=pZ>t{wfKcu
zAe0JO9j!l!Bk5X_3Vu!0pUy-JVU@fgUjw1zZnT*_i<OAfB}W4Hk6Be&*R(!7who|X
z^2?DpUH-HHZN4X`nYzI{U3()%r3IiA6WmGo@pQj8USCS5i4Ur`+*fbBP_OhA?R&)j
zwvJ+)yhOIrZr3-t=ODiyC`wsOMju^?$eN2e$$$f-fC&8iLrV~w<8aV(M}|scVmZ>C
zUi}j5q+D0SS-p2AUGmFdZA|Srr`)LC^W<(t@g_?Oicj&Kf+q!O-1}b2$)F9q$Rp1z
zV~`r=W3Kg~2V|kcw}nM`G$%qsHuLAdx^TEBQA(u9ggxK|X3H`k#_3!f)*;Ydd}ctF
zR#L%f;W1VbU(pTKGZg6MAzNp`J9FsYo<4+PRy}!Z4~&&UWsLk2^?+4hMVx)8&LM~o
zd&7(M5#j5Lvi;K6&{!{LnW%yyt0eK~Gk!2yRL{o)oKR}Q>nR(xQ+{p676pXdx2$A&
zAzhD48al2cP_p6#3zE$y1<`q-KmBDc6PS(C3L5tfueM8lHw$}4*Bt0{bOXqLF$DX@
zihU^0Tyb_1dLu4|ESb~##Cuk5XU*rnO>f~GGcHMYYN8V#w{qGSvu%<mb$K=>v&`o6
zWW_8Nt<nJGC6Pl0)@xBklAc=yeB6+~isb4=%-R{~Z*BYgl8X_gM5%CTL`@@J<tt0a
z|JaZf$)09FlMIjoVHaJtLPt6kFxQygQAvNME&_1c5YiEw6R$nf9tRJ#8=NM0Kd2KD
zkiLURji_qU_rs@I-?`E~DTw+|6>10GAr*Povx%BdPyuvsq^B7AtNGqJ(Ws^?B3a2b
zcp*cdC`rX&*~vUCknM!t!*5dpZ&(e{3T|x&(kjk*F<q_&NX=+MxCyzHz)quAM#MvL
zNMTaaya|?_$s-NKJ5e(DO~bD*-zXz|5k8Z?kTJy!0^}u4V-MCtqrw!&WBFee+1aHs
z{;PJ(g6a$M*gu7UCSgYTH1_kib@`5sa0!_xXGK6wMkt{^_U*d#tG?Y&(;5iZ$CyqL
zQ;M`$2~bPPypInNy%&|Lf5Y`D&4n`$jo=K0iYvAUW?)fR1~5j+-9Rg0w2c>{u-GFa
z#@DQ!u^wfo#1|?sGerUpkv3GZlkHS3NMg~uJ6Pg@IMfGCofHXRfQR@*3}>NHw=Bbw
zM=gHrRkPws?A+Y)F7mW53J@x=8#H0cVRHErj&HKD4op)Oc(bY%p@X|q1C;tBE2AMZ
zgKEl7n=c#`u^7;_)EQpMLnI)9I>!nIsfjoxMVD{&3k%_Cs-S=zr3SJgMlQA2t#q*I
zfGQDLqxOHvRcw&u#aOf+@9~#E7r51YaZU2;{EaDol{;S2fLcCz#2kqc8tWp<NQk5i
z!u1ipU&8<N2AA~u7na1#x++D&05$63HM7&tj=6Cq)IT1_ZNLGf@I4`d@iYB(P4Jw0
z(#2F6<3E%>D^XxUN&ZWezj(1R6LQDBExjV^GBsQY`B?@IfFcHxZAmCbG_#D12(Wx!
z`J17M?7Wc}ND%>?fy+N)NQYz!&}+U>pUxp7pV>=)G5}`YvcJ;N<?3^@irmdF`m-)G
zBo-+aL2-H`TJ-ce2S<kSQOX{PayNof80jVw2q-GBGyNs^r#hm^>8bGNnxlAIJq`|t
zs#g*msK=`EPPjldC8>Cg9bm7>`Pvp2sR{wqk%BIq@`d50mqIgPmL#8<W8<&(6hm0z
zx|D*gT5<dNp;86EK+R$CS2EZ0CuA$3sPjyK{JYq#yS{y3<D`FF^rwfw`o0v;Z#dh=
zZ-RsHL3BMAFIQ?_OyA{l_98yo!(rHMNP97kd<6$YNWuU4bCxaz35P{^oE9gX=n!}8
zlPMF-Jk=<~PVV<yj!t}JL!(9!Pna|!ZWL0+;l+eg>ztm{rPxz~Bv)@u3E%U|(_%rr
zAge8`c4%Jh!MF_fD4V1@5jVOiMi79Czz*FRu5AKpX?9YI<nhEKjtr`TCHUpyq084<
zx3iMoQuOcdNkA*p-JII~6DN2eF<kLbWXEP?!zP1;m2_%UqB%}yjN)_^N=#cQ>LFqC
z$tvTkaE6&O94FVP_%+lWDVlI(F0a?2vC>u2NJV(-B18{U*<Wrw-Erd5RBjICpNCh<
z?D%?F<Teo{vfqZ)UH&umL)OK{msqUr0c~w7)7%Yw7H8qbkUDoO<neVO-zPtmvhOuD
z-3D*)kB|=?T}%JuAMP@w&kdTCdptPGa(v;pG}UwL`V}ySW&1AvSD53^(E+&EKTyKM
z5-vhSWIv7Rlt;iZW0m9m+5gQFG^xGwpsHE7;%Ug^$n{zAU*ha6lZTt_K7Xa*Q(TIl
zYt;B&o19T7_m3Y{IqMoM47a!;T`16;18nmblz>Hl{;JtA#oZk$?fHezoo;PPAat0W
z6KB9(!Vh=xOTeilOt`Z;p#t%OuhqNC%C8G0yX^oIn9nBrNt65am>|yC|G_iP;E$^v
z$rx!XML*UEEQE8YdwAy%=;-LKx|T5#b`@t0^*XDQXa(?B8KYKQv@T*Tjb6T&iUXb!
zM!j$c4sv-SpWY%LOtbfJ4?X9iGiBcRftI|A=);!#1fZxGoI0$Zm;U0c9*HAw3mrJ@
z(&`e5q9CW-kw@VWuSE_iM{r|!UgXT=>GLm8y!rBUwCc)ZRd0DM8xr*Zi}RKl>t(B4
z=dTXMV(N|^2Z1J)GyD-d9;5v#4t!_UCnk{<vv01(y5IgBsKp=~#pDp3To#~?Y5(L;
z*lJ-G<AUqzjY0I%Fz5uULwO;K@MplpJ@v*2U_g@Bi8ky)U7m`Qc%mDb6<6nYzDcJo
z_d0k;y3pUce9ToDU-7EmXR%tqigX*$;S;E}p9y9Kd9N=@{czTy9^N9Z<$t=<Py6PG
zK$d-9Ct9{sWfVJ&_k1TUeVF{4fQhm#E-Z^R@}p5D{YUAY2GnVd!;Uhd&eK1iYW5}+
zorvFDZ%lE><SZ}U6xX;+zEN{No{-&fQ@}9AP*$<dOYDi;o2xzwXG`g(?^~dZM*C|x
zPah*COxnrbZ*P2l<yD(L`L)&bLr)c4ixeIG6Nfne`+ImZ{a2VEG38L?bTMc`@w(UT
z?voK@m7m?@wgfJ1C5xl%eyfT?Us{W~^&xgwfcQi0U1Lc#O8AU#!zKle%uVEnHT#+8
zbB+0@FuVqWaFVfaCS=Sk=8dXK)mssUuUl<C2zj50_S+JMy{5_|J~k~9{56Tix2f0C
zB1x7SSzL{(XT*#1vR|ulJ*Cr+78F6rLV`V-)6Simh)L~nvlDsvb2N1{jMJ?q@QGwn
z(0ZPXRaI?qp%8+TRBU9DM^_Qf&K57*f3r2n+q=~|=r;M%#LG-#AhH-RGZE*7Ko(T<
z#XyJd`f-2t&WL`v2XA(RCh+XRJ;K;SUz-+(?hzl-za+Qk!27z#(acB}O>d9qxT+R~
zR+hC7>$$Tc)pmbQCSSf6q~ZK`^uJ`-Q@mBtuh(wrav&EXPh$^qD~wVgFA6Te!SRy}
z1YF-;fj2t#D;k}b`$#96;}2gO@s{OBk9YZ5Ctt?&ZZ6HAQE<G`Wmo<*vZW2^x_V=>
zFQMeVM%cDlB;!OIJ5DbCKykTyLw&eHMkG9n`DgHVs$U&v?WCerq1b$~=ZzH)Q{Gr-
zF1eGIJV;{Yk-m-UPi4-<nB@Mjz1P_Ye4A%sh%(81>FpZ}z3{3pf-FKKeHP00#B~=#
zw;;*r?5nq~V`nz(+_%#M&OA<@B+OhmPE8K;sWq{PdUMQtQ_+>j6MI4s3hAxCz8`Gk
zOlWpS$x3g^Rd1eqtq#aFQ(bk8g3tFZ#oAe58kk}R^kWGmXXJV8*=h7O0_C`s!)b?T
z?R9Py;<^-9LP7k%{TK`TT%SNgT-RW0?8U8775x?ikbMz(ET8MR65^>|FYM!>%?-1*
zw}<g>;*arGPItam*Y#^(59zF$FnIjwb()t7Tft)HGUF)lw$zwHZY$fuwOk8t(mNeH
zC<u!!WmG$irvo<2ag=t2FXq<z;#d9pYDpGdis^9;wL3#6=TDMc`lsJs?)YzYN*`|R
z6lhI#&~kUyrzHwYXy_MaO2fBI7Fl7W*ucM`3TK4)%D5IjNS(Bu1vO0~*C*pL(LY7u
zOx<!T@PY%Z(Tq7JUp0|7igxjKVBx&qqcrSbY*^7!-OUj(P@A5^vMgdm_cGqgel^;$
zqShUOwc^CZ`oc5Ntq|u0P|CU-J+*Rih!($j2x(=F{#fN-re9gAwCCvYXPB{;gKq4w
zpQ@i1UGdBC?1k?^(dn1@mxL)~E*|(FiI&!f1fD-{co5*9Rdm1s>wuW3BvdGJ>EowU
zG5U-eOT&S&=#L+1CBIQW&zy5SP{g2Gkb2fR5hf_<)|^Kx<Kv97kZAKBlTL9)3H!d~
zXuTo3vsaf|+4AtmVjN6CR#s(msko;bN5ku{%jMCcTO_ATJ&JG%?@0cnJ=f@BfMgYE
z;=TkaM1_OJPf~M5a}q!DWHt59d+C$*wm!APy=m9KVzACd6w8ei>v_KqC*ntCT1O|6
zu%Ydf&D-nPzajta`r?NIkB2ygpl9t_nGlWyIp%R9y?l%<Kzw|G8ygf7#_Cc+EeRF;
z@Z>StlhC&z7tV$-9YpEzdjkJ@niE!d;5a4#uWo1*(s^TiPt%sHF!F+%Be;e)eqBE@
zz}r2Y)RsY(l!Q>|(RG4@yVP!Q+a#*2pidDsZ+Z)&1&JZBI!!+B)L%Tv)<ky;q08=e
zUv$!0l(|n4B)i!gH_FLKLi}5=SU4#=%Xr^yPCB8K<6AX}iO>x7{UEWzDQ~;%K+WRj
zc9MowTWsOvh#NfX9jsY}ngvEq6$9jS0KV_%${@VYZKF-(uqZ(w`x0F{mcEtrG`qiM
z`}<14`o>U@lA;JjiF#L`vHRxa0ij#jO#AZzo?A=l{IlMO<?^v({VDC6$vT}v>P5QM
zOp(9zPsr1j;euansJ!ny=$T%l9y>1ZWQ~S47^~v5@-GjOq?Rv6y300+R+>IYpEMmm
zdQuk~f&MgMpK#E>xbC}tg>#fa>LLjhF&60Y3)*9ZKT+D}+9yz)JJYw3-D~q|t8%Zo
zrjaD}Aig5)@NRL7em_`rlUjAK+U{K?XUTzfH(O=SbfIa`_y8@3>l|nSep*Y`qUGiH
z6rM~zl&v&Nk_qo<Wjw|GCF-}Nld$i}!@uS%hvUqjprZNO0H7CAM}5@_WPPJbuK!S9
z{kG~^q(L~R0_JXkPEPa1Cca*0=0tvKP(33j0rX=IU8JSgwd4)>%Cz`**ACJuBeDOI
zw{@9ss0z}y0!B&mWW&~9;~eUV=(-Mj*E(#5_+GlogIq9nD9hjHQ3Q*UAQd!Y3XDw$
z%(&#ki}h9mgPC`cbNnYebv?Bu?F{}CMDWFHJ-;iW^468#dag3HwTd$I9Z)LVfCJRP
z3I6@&`A~K?|C4yq(FKO6dBxlAY2}~a7r>)?MUzZ@%lm`w6)jsP4!(LL3e~^E>llGI
z%#N8b#&GO;qAS?0`(HZ~hUX3|&Dx58n#rDtzT;5&#FK6(x`?CdKY7>Pt9CD)^~+Lu
zTclg?A&E{yb>rF20K+;iAF!&@?#^Xo*p1dQXEeMmw``*`9N)-Vvz!+*R2&W@!bVsh
z_{7g<2d&NX%dBRViyTn<`mxpVVN5KsNi@k|6y12CM^EA?dhcS$$46%9+(zc7(t7`F
zxZO`TR7k+Fcac<8r5kV+u*eG3gC&ePo^3<M9phY<Rry)%mtjSnS$>O}{3BR2RRhv_
z*lCf1@!drPh8V{M;_P}|j|znT9EaqJqLOT)Cf4{Mu|DvEDJD4Cu@$F79akyQjpgvS
z9xMjQpW{tTB=71BAw0T2U-?!}c;D=^(D!nDB~w@+HfwsG@y@+B)J*`Q>qit-Y3g+w
zdFMgpA-*ClBuO|+?<tExghVF!2lxVl@9NxqDI7ByyTP9>@)0Q0lD19ZcO1ALgETv>
zu`n-ph|79^h3Bxx*=k@a@+qA48fzu|RN)AR6Y@T`R&~!T<==KUc;}CsEBYmvRl{_N
zT+`Gw=mo%K*&ig-u9qbeld<_yxj7=VAIE>cI?G5{nL&kr#uI(MA&jmuNGDzHemff@
zyJmvnjy5IPJ~IK7$u0H#CJ@ZC)c$<(f`77YV?8vjM<~gLh`|K~7DX(m9~}*aLVepS
zZSSUESU!_SrEg#dreS*C52Wm*$7^cdPaaP5K?8QN+lqVKFddpG0^m3S6${h(u3Yz!
zX2U8{T#x6SH(PR6blFm3oZxiS*x#tTI*SW$5JL^^G<RW%8%7|)6Yxh)r#~&QvmH@g
zNtk)%eL_-r39GK2p`4(9^Y{m)vDj7GD{(Hlgys)<JX3@DU-s;LcmNcI@Gf|`m(r0v
zO!3*woskihS3%0ktVybi091a+_~7aeiy-|}Q0PQFJFajX``G8*ivoa2(9S&cSFyOo
z%<vDwVx?~qBxGSBBt-}m<RvSTnOXz4+aZjDd53wjoP~TA7Kw}uQj5P9Zb~X9pKnk`
zA-g*q{Wjd3$e~857T<-^SXAD1ET=&D;wI;%Qw_Z40t48Y17`Exxj5WoeI}DzF!?1V
z5n$!=qnJ(BnuiF7d!BxE5d#6X%PRe?+Ozm(hpl;7zznJ-zBRc9aune&RK4TCc0s8>
zUXe7j(gH7(6NPrSiL@3}H{EZgg-l+$)=306jD~z3xYW&kA2i9*;t&d07FP;njbrfQ
zXZ0<<%<D7~h0*1sVh}*`E*YOr6JvDSh!nz^m!mxt`TDpR-igx!r4$peJ(8akXXxI&
zpL3i164U;U;h<JJoGu&{LmP66KI8ZNu1uKi=BQHbXXB|#dj+P$LTMfja8=<XTG?Yo
z$Yf2x{c=5%8fM2Y-=u?idq6_Zs7D(ft43$byh*AV!Rx9yfegsmw&o+~%JNyXS~^~a
zSZ!^63oJ$vhg1^0s(TI+XIFTTO-QA$IDNIBf*P+2gSRH&BF?m)8YsZM%-vGrq@_ha
zgzbhQr&U3KX9q7Bot~ObYux8YRo`p~w0`4XrKsgW)5V(s2k4@q$whOgqy#ygywJZP
z_THJcK%WW)!16UFp=82ISO~?rQ#rOpmrIz3j*xaB4?#-OFJ$<jV4%-^+Mwgh{9n2_
zmox=&EIDy(6@|`Fmnn3qkeV@MEibr}kyhk0@mILm;Jl88=a4eT-mrS9i;46TB|QQz
zW=6&y>GjmsxA~VScq|mMC9|iT&6&Y$Y-TWHQNZrEtMDVcx?qmK%1p@q)>d(G9+W&d
zT(y(j@2Kf{5;iEeN-2-_X>|>(9U-5S$vD6P-{ZoBgHets$QRqXxm*-B6P%tXJ=DDR
zgAfC;+6&!BzohU%xivIkRWPEwp4KbQ$`T3yCb8wZT@xMiZp5dnoBiz5;=H5mViYih
z1~uaM{jRW8y}WI?gxhgnE0%NC&xoRYuu3;pD0Baxb%ZID2>l&F(NtTXf4-a)l37y+
zR$g)YjX`D;a(HAMq*xt!rUSf-cTAt3Fn+3@&jj>Lc)9Mb_bXInz;;1w<nUg=>Sw>H
zPZ2WWQfz?(#BO*tWS{*UbPZ)RGLm}Y>GZ&&Sl|FxDT+M_Z9q-25HBGNW%SCu@CA9S
zmbc7eMbQYy!dB2$T>x7lA4;%;0g<_kTD&^l?(4}pqWn`fE-2WO8B=)6Nj#FfM~ts<
z1KXTdnoj{i*p&GE!gs%x)Jxy+^M<sJc*V2p!{VoU0T80!0FKVP)PXc+T>7mQG4c`H
zTAH7kjJm}c!}qQcOk{JMLo;6`rFa*d>vi4}(+B+wx|65Hsb$%Q2O5MzfJ_vBBr=tk
zViYe3@z+})l1py8{2&Tml&)Slqd*7DXTjS9V#IScq)j&Kt)<Cbit)#pfm+1%%aTG`
zNBCzyaFyAc;}pqNLR8Qq#6lqBMK*Zyh|}2|qYFv54S#Kel_0v@89A-7I}peW#7G)h
zt7k6;ETa$!kV(WbGozD!pBkoH-pzYL4<Uoela+WqWSpdT9mVg^K{%)V2?3{>fGFBC
z$8Fr{)IJ#qdvj*g2wL)@^|Fl+Cjr|zX^as#fiU>c{k50Y<`+Zq{cDiM;pA-&Prz@K
j648UDpYW>tFBpF{k;Bz9PPSox1OUiOt4LK!7zh0?yc)(v

literal 0
HcmV?d00001

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..69bff14
--- /dev/null
+++ b/README.md
@@ -0,0 +1,25 @@
+# kubectl-rexec
+![LOGO](LOGO.png)
+
+Kubectl exec does not provide any kind of audit what is actually done inside the container. Rexec plugin is here to help with that.
+
+## Contributing
+We strongly encourage you to contribute to our repository. Find out more in our [contribution guidelines](https://github.com/Adyen/.github/blob/master/CONTRIBUTING.md)
+
+## Requirements
+In kubernetes 1.30 `TranslateStreamCloseWebsocketRequests` featuregate is true by the default making protocol between kubectl and kube-apiserver is websocket while prior is SPDY, this solution handles only websockets so the k8s cluster either has to be 1.30 or 1.29 with `TranslateStreamCloseWebsocketRequests=true` feature flag. Version below 1.29 are not supported.
+
+## Installation
+See the [Getting started](https://github.com/Adyen/kubectl-rexec/blob/master/STARTED.md) guide.
+
+## Usage
+See the [Getting started](https://github.com/Adyen/kubectl-rexec/blob/master/STARTED.md) guide.
+
+## Documentation
+See the [Design](https://github.com/Adyen/kubectl-rexec/blob/master/DESIGN.md).
+
+## Support
+If you have a feature request, or spotted a bug or a technical problem, create a GitHub issue.
+
+## License    
+MIT license. For more information, see the LICENSE file.
\ No newline at end of file
diff --git a/STARTED.md b/STARTED.md
new file mode 100644
index 0000000..945cde8
--- /dev/null
+++ b/STARTED.md
@@ -0,0 +1,19 @@
+# Getting started
+
+For a proper installation you should use tagged images and your own implementation of kubernetes manifests, for a quick start however feel free to follow the instruction below.
+
+## Installing proxy
+
+The following command is going to install the proxy component, while adding a webhook that disables normal kubectl exec.
+
+```
+kustomize build manifests/ | kubectl -n kube-system apply -f -
+```
+
+## Installing the plugin
+
+Ensure that you go bin directory is in the path.
+
+```
+go install github.com/adyen/kubectl-rexec@latest
+```
\ No newline at end of file
diff --git a/diagram.png b/diagram.png
new file mode 100644
index 0000000000000000000000000000000000000000..1722c031eb231683b1228b32608bd8de6842362c
GIT binary patch
literal 99680
zcmeEv2Ut|e(l#O>IZF~HX9+__B<Gw3MMP#mGDyyn5y>D)Ku|;_C`mvGf=ZGsNdzTH
zQi75*%-@ILy6)b)d+)dRyWj4=&oe7$`kd2UU0qdO^;Y%l4NY|gJZvg#6ciLZB}G|n
z6cjWB3JPiuCI)CJC`K-UKS!Lj6{Jz}+o?aJpvbp4%NaP^x?i!hF+*YEli9yw;^nch
zcXDRplV#%Nm9sHJI6K<gflJVCVs2)4a6`@B)6&Mqgo#&PfQtv*VpTIiSlT(;J6SOC
zNrUf7cFtxt;4f$f|7z%fe+<BXFdk!=fUyu8xRknj)y7QU46b774E4e%#Kk8Fnpss8
zb=6dvcxAw~jit32_@iKku(pR@F?BR?<Fd2|kMn|2xge5cEFA4^!9(&eUSZHAC<x=@
zf(b(%{Y1JvA1@a#mjGzfF}Y&mX!+f6P#3Odj!u?fihC12>=?S?gfOu&+i!;LGXQSy
zXlmxT-vnmO%fu(g#3KbBg+6>Trj{n=jwZI?i>2xQLox!|(oXz*_Od3NDyE(n%+#G-
zJodY?GXZ4p4XFv(%DFed_q`qVY3r`wXmZs;&E9m6pQi5nFNp~9@AqTsvELxX&$r)T
z?sz!(0nt!{j-}_}O!nyJ<uP}$G&OVDfA`=)XM1}aXUnTUZ$#MJ*#Q~&*@GsIj`nUp
zf9#6A&B2rpI=c#H^|P0t2AyAU6l&GCG<61I1Ie2(uh9N1pms$wOLL3Ekzs-&`*&<j
z4j(?4iIatislD6&`@dL}eKsC4)6w1@^!MGGeSiD#AzODDGaE>D5BaFC<e_h)YAvXs
ztmWijq9?7QtA392U~nKye^7_t_~!Uc$^P(x`7GTPWn8XkIh&{pJIFio$s4%HavpHp
z)x^f-V8xht1#JMIq_5Zmbq9Lj>~Ww6f(|Ya1NUxlI_=36B>ga<t3WJ)+8^ErSLV=j
zhaJHW8(f@#`W*BQSof{{ySDv758vO@!*ApBI@-I~nVLb81_Rx@Sy(!o>0C8IKy<qS
zH34lF&bBrOx1E6Hvi>Gre0%gj{arQr4Hh3P1uzWGW(WGV*YwXN=O_75FatKp*%4?u
z&%x`$2jX&|ti1dO-`#!^eVE`uo5goxfB2lqfwq}{>lvEJ?-4%m%z;4vbLt`U|AXBB
zs<a62YvIqN<%dNwvon=~ECg5vJ9|5@Hs3GGPb&y4rZf<BM-Kz=AP=z52Vc)0EZ^Qe
zS%`t(o|J|72YvgWF0HePqq!N7P{`)|>NF3O!p!t%R_vd%@K*)kyA>Arl?6U*b2PIt
zakg~*xyk&sRsTIC{6vVRJ=m0g62osYb|8l$hcb6Kl9RoQBf{+9t=}hN`-A<%A^8tQ
z_+UuBABWsuihpBBKHwq%+5V<%|C}=iPw$ENZ$0_@G~r-B`k5x|+f88B{s%_W+68XL
zX>!#Pm`Y%QzO#(qS<4?Z?kA=CbD2efLt!`&jz6(ogdHgN&&1(}W%?@^#sjJUiy212
zAFR~hhH=lm05bjE=l8k@utWdpmmcN+%rZKfxtl@ZBruMDX|o99`9U22%ytpjK*$XK
z)$QV;(Er5@BMb&v0B8aK_gqGyAH0IUj>`x;z-WG_G9YYBoSZBX|15yoUz^_>(f-wh
z^G88Bl-2)SIP;^U!1v>jf7);cb^s{;Og8u985e+t9Rf1@EjG{w{4<Eh>8c4piGL;R
zftw(#&G!NnPK3RUJwQ(($jH*p(%I4kAT`pUqXSgwuuB*hcmRrm5Y7+`x4-G{j|(Ec
z{egZyIB5PQMWFF}!hi6^e+ro(JmEKxB!H0H$m|mj5Cgs|SFZ3PAhq0wA-=m~DhL-8
z5CnHjY%I+oNZH2h%03VV4gY)9^bZ7{zIhIZ5thh-IsXoq_$I^OBTt8_b*M`JedGxS
zQ2l?wllTqe2?fds7Z71XU?L;}|C%M;2TJ}4fCT$%B1pe!|NeLc>Bk|zAxej$`EQ%t
z{osaA2B4KD5LkQI;Z+DVbAklopCd*4?|=U<6e9hIx&7!teN#7Jp#CERd}GkRHozW2
zw$F;+GwuI2{095ikm&!cIrvRH`EPRoU}(sC|En_j3w`=;nuFg@{(oIN{&80Cd#C7s
z%bPm~{2^12;IK0X8Gj3VduthcyDOIFE{>oLsxIJh23dVbHh}jDJ!r;x;Psi<UIlxz
z9oz}}102M?yd-$;doK{cs(TjuyW4+zgJ2{2mKph$h7^K$3~AwCz#II>>6d>d;Cr!!
zshQoub`Js(C_Ux|c79$SJCNJv<w4ln0x<;_&Y-l!#oPj19pa8Z2^v(L;$mlG<^;V5
z_qYn;bZ}u~>EsOj$)BY3Z!!E`V#t4(Jo)nlC6G4#aY4y{AP(W>+b8fZ4*h(~Bp&+k
z|M@uN7eoHramat$S>XLO=m(POpDKTNzsp_zhAaKA3-NDy&wmT?f69CQ3kmUoq5JRS
zm%Km6FTZ&Yd&$dR^<e*Y8Gx}l_&^ZKFFn^EaZCZe15fr(=ra6!p6j8E{DDCGo}fCK
zxjBL|O2B<61{3_%fa?z&^Cutr*N1{T0wR8vS@<E^JLJPJn&tP(0_0sm^?^K8T@8pv
zfC^^-vI$9l`_3c;0DSqY_NE6nz}0@!4_Su4J@;Q#!yf}k!NdB+Kc5;N8jzpu7yq`?
z1Emwb6|;W(avsVp{8ZWc4~kj;2Wg1k_M8rk&0oy@{}BZIg&Xt7yZ=H$KgUkKsls8z
z@o&5T`&-}tb{gUv%ODH+djS7$J2bfXJ$Vkn!=m?pZGb;n8iMa17rXs49O`fv`vZ5@
zz1>_&Q%MKZ4O@aE5r2sd9onW%Tud#UxlBww%<Q;8V$RIb4ipXms2Bz}b2fo?`$J~_
z<U4%Z@BiNa_YS!IQRi5`8NCAl`A_VI^MSn{+V20r{omcvdG9O><O_i7?{<Ii?WfHj
z`U3F}0!n_i_y4;N#QsEnZ*|FUmM-uf_zb`4T<{&>Mt?Eq;zuF>w(}qE^nbi_0pmHW
zw>eNO5oouC#Pe{>|J&ZhkN()dx%VG>Lcf{x73Mi$&%fqd{KNi#QRey|AK=>p|7$b&
zvw25+zhY$fA+Z03cXaOWH1z+4qQrk_VE=?D!mp)Hep|rze038W8*oT=&&2;M5B<9`
z(BE+6zmclng;WXuc?)0pz)x5Fah@vVbwb|hzv`*}!A|D?FTUfCe%v4LJO1c<ee*2-
z$FAcapO@b2@gMvO$Khx{{oKj-sMOxw!yj1Lzj5#a^z$|Q0M;W>npzYTS`;N&DP8wV
zv$v1MAFqEKOn@ONiH;^qh=!&_Pb?=_Jf0St=A`L(%CTK!iuF8`IT{lyrL3&uIZ4Ul
z#R8*UALEXRp<C(G=_Z@)`K3di!rd+vTX`wsy_Fpz$LBtGKh&u2DYF}7f9|=WE%CCZ
zU-5+!>c-*($u_}b^Nw`&ln0!|v`2`q3LM!q)+aE|s&U^OR+Nyfk|d_}pOW?4T@&$-
zrhkangp}tChixoPJwzdqW0o_0)^_I(EjDkg39UOGqa<p_ZIqp_PBa0mE=QJYw5*<a
zJOPb#gm;h=%b|*>L%V$p4YJ{6ob&~OQ}jm&juecXj-xvQMqrim+Z9sAbIYnY4~7+>
zuA%^qn9P#M6E9zQRG1I>CQt;HFlO`1*VZgew#_K9&<PP=4MTZ_^3?V{nN2mFvvo@%
zr~2&xS4BTG#TNo-pL~t@bn|O8H;wxU=<K03Db(c}{8w2ygjhl2zW314(ZvLCVD4;!
zR-Q2&SV81RRF#9!sUnxSsua7quwo=lnMR%yjyv%bN9kTRBHyvU9Le%E1Wl247Ia<P
z9w9bMGC$!Pcmvi-S4MD)>=6l%1SaK4#O)K&j7NwuaZxADX~8=YIfh>XcKbLP>Sv&4
z0zks3RD$4R!ui#j&c%tAwVrnZH;gA9(T>B^iFon?NfBw8%A$Z{c667ys1%ViiCQ=j
zGg(Ny2#0Z_7!<5eM0b$AV-1&9vD~+eb>~)WY}=&mR*!T`zr#$%F?ZMvjyxI74AxNS
zh&b|t*fqNv&vuEY(X<5_Xo`|aC>g#L<L^4KP$xGOU=3KAC3n^Q2xM%XXBANyM;uYT
zcgwv|jIM2@`Et=nUJ}QO@e>5Slynx|JBr5IAdC{roJRNJ`dvP1%V5AwAGGytr{QGu
zuH#O-=v@|zmjK^iN&9uw6u$Xbq)u{&VvJvFpqm-IAb7?V%>Ake=<K4nA6JccyF?NJ
zEjL6`Dj;d#)4R?isH6yLKSh#u!jalHlu;$pfFN;*Ap2I-&tW1+R7-vjZom~2x))Q%
z1{Mnj53w{O98y^4EJ;RcHBX!rjYGkDmIgWllqVUBPi3?mi%HTzWxS*2*C7EW_zC4m
z7z|%B3(FjH-sBUm!UZ65S7`u2ugqHu`G%i+t;H`;z~HY{xSx}XvpAOP{YWCcp2E84
z`gW4>wey(@(Wi3qIkUp=QjDeC#oor5sO6b&Om>5qm@4Uh78!znk{$GTj-|?HtIT$p
z#&^4DdwncgJ4c)8e3g5VtrwBWW#sNooPhN?mt3GnDy3Gv^dC#|MHSpzCHkaB&~Kt(
z$tr=_qc;?u7<-qk#c+$?GS1pA3?5+}!amO(Pf+`U1~EhjWVG%E%x7yg;mcrU9?3`R
z*ug|jL&1%Wsf_!&Ioicmz3i2f^jQ-16xPX~eIGk~)B+szR{%@&f<h+@<`0Xi3ZGK+
zBdDFi%y<Zd#yubH)fkWr`SG`p4U0``F$BtJe3oMwHPW}sqnu2|JltDrUV9c)aY0ss
zhh$`ln`g2%>^R5x!dPP*ubFaFx>zNkG8TrE&?Pu^Hs(U9RSuF}KR=Bne&fwunE-Uo
z3w`-UOiq)n)5Gf?(Wk`5uhU%9^sr=7NsRa2SX8PHJ3diQZmipQSsM3*plbEbs-cL-
zV%A6=eKo6~WtS}OJSLrl<9Mj|ViQaAY7iF5c%;yfCX%L?iY7$Mw$7slOb^3<-hFq2
z7(v)s?7iXWGC&}{E}0@|Yt_GYiveNv_7U5YD{b1<c%M~5UwEtyx``dNsz+{|*hv+#
zSI!XkG3`hfb6lN0KS8rJ-o%i=p`Qpw$+a`8aE=|mwxzaVbh_$Fdm7s@d}__c)#=_A
zhKe*1C;2nZpYCjySoJD9PPLz;6F+PB;hE!f51R|uMZ-r1MLji1Tt@7`;%Orr#2%=n
zp4(j?Blz6^<e|-Ah2H&}qf|3*A9Dobke_QjDe9^k5D?H)vw&1dJgp^IIInt>Ig-Iw
zb`*xBF6W`zGm}@DM;fM#6~9K`-59<t>ejrzFm_yTowlljY8PF6aK4C=?@GxsSNPay
zfkFhu-Cdf}{+LtSz52#VQPd*R)X(j!H{`FhCes}wIHmiw1_)nLhXnE>_Hp*CO}Yw~
z7k)>khX*TMNT{RvKZBlCR;GLJO9f(_+H#L>-12@IfPUX$tYP%5bsC=rY!Z2XsN6~6
zlGmKTiZLK1ad&4c&)0sSq=}CX2+%_^h3f<~=fVw)AL~3+x9Zwn>X68#A=4jvEEi73
z>$z;f^!jqwXfhDgrmr=~eEgk{;oPP}RUYk;#VV)E7fe18msF{OEkIG7_H4TE5WH1G
zVrP8gLOiP$eW}H(fQH<!e03DYtj0bodZiWtw1{5hMlo15l2T#*?YkSvxRkuCFVX8a
z94A}Zyw<)PPb1%b|6!ibn@1^@KDdJUYYL2Lv=$IHm(%yeVNAYMSeD~b)w4(EpU4}n
zt<3Z#5C+avy3P&o36q^Rpw-JemoWGKsR|&k_v^6NSFw$iKI7gRx~?pZjG@?DCr>SP
z#Nyl|g7gB@9M#Tycf-p!P0Y(R`)dXebM3E1A>2}&!dbjywb&Q@QPI(^%?$e@@p{SL
zJ-%43-JHld;}lO=62qa-l~I$*XC5_$h*>*Acu_OMZf>Ad`;h@`#oBnc+V*`}z^1!}
zst)#)MEtxU4H*o>>iu}r&0Z$DY4mUf@B6i{F!931Uj^f!8{>D*Pvirgnx3Ipoa?-!
z{1GR8q0#gM4f6%CcZ#uJb{}>#E&keY-Nf``qcvm;xgou|RiCVq#MK0}@{`Bs>oNX3
zLxt<&PbdNjFb%v-USf<MeSB?alh<Wh_m-$zJ`-}vx@6t~^%~J*`A915Oj)c6(FGV9
z-c)lu+f9XtmmOC*kF)D)(rDn)7(P@#xl-DeL_tC%P8}Q&sd!=RD1obI=t<GC3W9qt
zXsf5yQU%*;3Fz^wxu`z20^V?Lt<Eil!Z7$kc@47Y*<arv11!EVlZm&-V*3LY%kqaO
ztaSkCxg@?d%NP819SKw@8!7LM>m7UCILhTn)bp#O0n_h`5DLdj!&o)>*RNJ_Y*~f6
z*NZGTybf)bdV!i!q~&)W5KC0(7p;hBj9N+Fo=7t8QJ@ZkjqW57x3AU~({dVBlwjYK
zJ|W_mwb|u@-1RBFEM1#)I!MPCSP<p<O2>&XY^{cIe(5kGE-|Z~?8|W69@Q}d)--z|
z?G(4MS|06yak*HqK}A8kLn|D&T6J`WoJu<(hBusyY}lL((Vii}ZC|rfwhhFJ{X#7v
z!MqEeW#!$C8bRBEY*Hg9nfPP$@Hgb2s{=9cw2fzCPzBuQFS}$D-L;Z!7%^8gljfud
zJ$ZwK<=h(DaCkh8F<e!4<LYVrg$bfq?oef3g#qchSMUKvYcB1qP-6Wzg=E=Am1Ubk
zWF=U{jPs$e!r<zKkM&N@QP&%{ot9B8Bha9|{D$9&4BsoThV5O8dgR9)5<JUh5*Bq_
z`Qz966z59eIQPXO2v`+w^9tfg5~6zd&J@&e8F0G`$-XJGAHF2lMaFqSSFVP(R0!Cz
z=Iad4u{tZSz%XVoydO!*P{sh&%JD@^F?x^Op&(KBr6n>GJdLCMMBCzG#@*@BmdmZl
zumoxIAm7ov+no__tb_baOs?!AUIlrN29wiICo&9rd|2m+a3=JS0!BZdk?>T9#1jgH
zq`#uWmk%ORY9u8<a%Cbmmb*33je8?PqA};gEqr%39%8%Tw;@gLUhzJ{H;YRxtm&f{
z=*R1`>D*uC@r31Lk8p!w#6mThH|ECXOhNA`>kv-H%<TuHTH;m4HP_f1PvXIQ=SOSN
z*Fs^>9L7R6&v#`hiBU(Ez8b7_6Z=SJb0;Js_CXMV<YU99uHJjx+@`mT+2f`^#Le9y
zn#a|?s0`Cjo-ehFrt2DKanTi`<h-yrXY&$yuYr=vyNs^YfRY)FS5onn!m*wR*u$Ak
zV#NGV#F{z3Y!g-ILj$1~Pqib8q{WD7#_Xl6&W%UN(J~YCNZ?kv@i7xP&Ocvz*Vahy
zVhMcVQ!or)l;lvYa$rm;5*owT)PaLSeXu`Xt(Uju+ZH`t-9d<$N4ExcK0Q_F;m*b9
zo_fKjuTLU1XNQs~0teV91AN!t_=jp|t!8?J!{k|?IKU>Y{dt12DeYm*ncl+E4<l2!
z2tzds$#Gr-=OeemVRCpYRf$zTVkLmCftH=znB%q`*uT=M<p&rbH-DZM>|Ysl4em7(
z7krRt3h}*?o5fmJYO{|c<_qCCyRSnvrBZn44IlCM+><)PZB<KwN24D@kFM2_M1ja+
z8*|T+1O9@li@<b)Cg6iOF-;&`9tN+|)DInuiWrR0w51Zb*cvX$P(sznu!8yi3cbdV
zfw#0?9X$!%s61LkjiJzPa)c834Wi(!`w(ZoXu6|9;fEBo%>W6#Tbq3sKJLOmO%Y3B
zvfwkx&vg1@Ap$jJV}_E<Ap1I53Q}g1%k>PeP!^Sd^;^~BM`ih}@@|E11NN{^do6#`
zil$sDrLAw$Ptlg$yy{(Ei%N`2hP{?ar*Nv1Ym$mL)K6+o#JKI^3vxlit~qC%=#8mm
zfv!_nz_|}Pc0@=Vx&2&%o>zb$Y0V?6Of24>oGLQW6vo-37@Qpta&i|~*L%BSX3eCf
zqj=5E>)4lgwyyN}zw~lT6L!$e!hg$FT}Sa`$E+nW=YoU9`ZND%YEs0ju>ytwTR1sp
z5dWA8by=kM%;TrJViXLenBkH(PlLCGFu7m9R2awIeNVj_VJp*DVEmQHc^;i;V`QCD
zI=holJNR)iTf??}%plOY5w_-TV9d~1AxZN1`oMHmXEKzSqnbbzE2W+y>jMS4*Mc5)
zTecUfRQ>uLqB!J|KzxY%k-L}yMA+jDymg@wusTeqHj3FSKkJv*iE0~xR1d*%tt#ZQ
z2xxdsLs^ig*1}iN!`M!g!dqwE<_7LpFW)5~YqH4x8n|r6z#9Tr^%F;NHw1d$5h>}u
zK0IGd>H9VM+|E~E02zU+HqEQGHU~nhbWdwce!qfZIL=3$u<3hr#pnXVnhY2;X7l;8
z_SY|yt_WE5QHmb>C`LJh$!`qD6|bg^!*J;-41r<e-<y~4W~@)1Pj?}@Ow)XdRNS|1
zo&Nd<;n^>j`GZ0!E0r!Ex$y=OWOZUxr+U_?%3UjtQArxsfYumEP>Y$IcorS_=A^Wc
zRkDX+xHOFvM8udfNZ00m#j&)u#wDtYkq*X2$DzS*LT+r{F5kuN3MVYKQTKS&h(G($
zlnmkB58Ey+c%2-&JW3cJQ)b3bD$gH8wvB74z{)zCXY!~pL8##dT$R)vbDm7e4=o+X
ze}2AZ)Q4fWj>2g(N&*=!y|#YYgp6<gRCt@&8{8xHVVqShRKeGLZg&`vyCd6AW896R
z3Zk1`wBTo$?)4I4vKPgSc(K}V0c6GNt(>3Fc(#c&<;^3xwAJf$Vf9sSWM4952M@i%
zb4`>K7GM^ps&>4qT}sz8Voqp1*_Jxh?{sowfz`c^|2}eu$e-j@OFtBZ)8-OlM%P23
zjvm^Bjay-_v1Pq8DX%r|d2X_y^lDhf_aZ{(Zq4-OO>Nk7>~{3MqbEMD#T8<Ex~uRe
zu{RqPy)j|ARVZwo_<EHq13G3S?O7^A`FlXwD2<2d2d<|EGtA<f<lhLiu4_DbI-o6+
zgko&U;8V&|S^-(+he)nhh+Pq%$PxuqAS<I%FCsf?VuomBmTDBw3vLV08^-J|&5z3X
zqrgoADd?3g%6Luz$=8?jCOVF=bJxh%z8^MBCqv3=l|xxg&==5#ex)tt{^p%Tc6z1Q
z$?y<e#&zF&Z@A0G8$?D}IwKtTlTKhoZ+t9KTiOl}al1T*rnO;4QAtg4{6S=zyYUE&
zQj>cAW#BRPG@Q|fp+*MZQ=<AKzOMsi)T<~fx{pp@@v`%#sJJCma2qggkuVguLn5!b
z;|_+zjW<_F-wC)H^N^H|AqmC8Y@aNYw)SxahP?3SG0$4OW5At{KKi!vp2Ac9!q}$k
z_go32YhRMC#qgL&tE`RmNX44$inwr>$Usamp(70KkPzMNOTDdU_!|4AdYB@*{DP<P
z466NmMY#rroAGQq%2n<Q>6C&_rnmu2gfOq|b%z@?64mT1#F&wARoV!+-v=35aonS(
z7Vak?wyHuA|B+QP#H+Wd3SJ~5+hb|K3l7Z%=s<WC!&lA*D5hGx^k_0cE20yv(XJf?
z>~B0Clt9rkK8SIHZPQpAf+F=T6r6U0<wI*&fD5e)+U15~?^BR?G=}Jt`Jt`z;J%QW
z-~?vJfd0i)29s)fU_&%b0X8~AWX`$A7ffba?`6=v*l1LeLS-b>!<ye9_fR+$d@YiS
zw=GpDDNE_5{7`sr6|a1QMF2u*3JX90XLT+>n8Yy%CV{E@dnTm$`kyJT;s!gx8%*#%
z72U4*S%5KMX;hS)WJdL-2*DyJ05LKqEfkl(xm+=SP8fMn*rLi5c%%y8jVVlds!m2p
zm^=w}rHBTARi<ur(E|uY6uKAXfZdZfzKzopJK+N+5hM?o_6BodZB)q*uIk=(e~yP}
zq?SkZnL7`#8z@8|vi8I14u1M-W9pUE7!!a4gaNQ3p}^A>$_#Lfl#zFB9)P4X9r2L%
ze~<$A+#+=DTw<Csz7uu&YdDY~eu%Yzodg=FFYA&)Bp?RDy1X;PV2@@ruJ#`Fup3|o
z=v!;$_Qp~kvZ1PW8?m=NXG^1WNNf&g^A5z$h=2BF=yRX90=i6}h_Yi}w>a6qtMKCe
z9{wjKCDrxBTw{^mACvA)o<8@>G?}pv;e_L7vA`4<=`UZxU8JPAfx(P@5qrm;l)`if
zVumq*ztX5X!u_5iBg?=Z^-$g!l`E_h)?sat`PQQ?m$p7RTVS=y5Uc_c(_P}&XI~LM
z`T#JrtmdQ$L<ZlH&EeN)&-i=UR&U#vJk-cwhc#d(2wsW+VNFZ?{TH`!I_BDWI?8O{
zPu>W<OStqQB!C61S|}R8>=<6s%EqePK}OOaZF>(EzYsv0eZ<VC#!>uZwhM?6SMi<b
zD37%(kuYAq^#Z9O)zY{GkWaAWjDTu?{**5j<eSEBk>mx50R1`-+S(Vh1ZL21kuyYy
zH@#`Krh}va`V&JvJ&@NJ`5aJ-8Vx8PiL^AWX4s>;N)XH|lo24Bu_Yc{_Q(^e5im5$
zZHZTwtvM>P3aILYJgzg+cP+krm_XASfJP=oH6ZLlVl-RGS8oBry%DcC=)r8Lq1iMF
zqfP4pATxsqfqGopeUN-Dhk(1dL<Q1w@Y%(BgLHHSP6hOltRuODbcqtFr${|5LTQU?
z>IO{=eBRJXBJ++!8Ubpd&kJS%{idR*4YD=7Gi_?JAfc@U!Uy%>hXL;3S<C`pZm)Ym
z(ER|KBCJ8muQSsl!a*N(>RA`@-lIUiW&OgX+6fNE2z7^e1v58|P)kgU5Ij;WdhnP9
z0EK(~8o2g*WW0P6Wv4*R@4**RgiZ0dX$e-$Adqf|EXhD{2ZP@g0zjZoDww}5Y8J&9
zt>gnXkz+R#56P!L!iB*Z@X_R;#}QgU^wecu-UenBb@^13eqdYodgRA^gS3)FkRMQ3
zs01W|SyIO>3?_Kqk#_)%mA<i0x5z$-Y>z4T(YnYD$GbRutCQ4_))^8z1wJ7qfD0p+
zz{ETe3dp?1Hhu2Hch`|{)y)qlXHR6JL)~Ac^dB20AmhSV!HC?|k4`NoucO#B-lDej
z-@{Np`K~lZ?CNLScGEcQ05DZt@&fcKCz#I4^(g3e=S_IT!KmtB)Xgz@WL`%UJi=)<
zo=IJPOR}7zq$36*_k$AP{f@&uWUo2Ec*RBcIuZhW*jYGe6LAGtD_jZIKo`Rgc7>5M
zs26dk2`I?}H)mNJ-kB@l0PcMOxO<+&H82op6K(_p$(&|u5Jro;0*1J#01ZJm2G`6u
zSx>PwYXMDV5Uj~cV>F-@v`xL!if{;Js;9Uv*@X*)X9n{sEL*}9jPv9k1tQ}lClIM;
zsbEoe*E^9=+ZeSdz-NoVk`gMWKzPK-y{SipOZfn5XP?}Ic<Ba&xR*v^(->+?LxAbg
zC4#A-D)9k|^BG>$-`S0EfMr8$@p0W-AiF(Qfd$%U6_`q09GD8NCBX4txS&0w=%L{S
zEbiBeDC&sX<DQz|uD<U!m<nifhyqi&ZlE3EfXUbfQ5=N=m?YCse@7fpyV~E03Z_;G
z6k$4=W~TsZYcB#*AyffV@z0_J6!#I0z%_kegK_>|jFEq3F}^h2^c@c-&uqfsuDU#I
zfOcVhZP<5W*f*mYAoT04=aCyz#w$<AjU%3URX8k_U3|X!kkM;P?FNZxA_Jq{PzC40
z$Lh&YPO1eB6yKxOld*=$K+d8`e{+?l&cP-@o~*0T%-B-*Y1MdZB1{$qC+Sg=)k?){
z8gs#>6AQ*`)S_0eP%XP1l0Q^d=v?w(YTy%`57=<rjvi0SNNf&Zni+5HSK)Pnzu{}t
z%jrJ9=p84QB9uG3cBVbO=Cs%9$pqyI?55{i1dOYx<rCxn6LDwsig^fz?hrjOU4Q4{
zxYFaPF>Lxdyu~YLI96>~Ra2sJYfa2!<?-3#%bvbD7m5lyocvneHHD9Ft#qev_;l>v
z9RGOVn%Bi<jmJ2n0RMJi12$UvOP>p3OEZX?Z7zWmt1%e_yB{}<@|g9^ENTQ77hAY3
zZ`07L<}@2O-(_Gi`&uRv$7P7_;f-*6hJ!KbF!anUTG##!=R0A`!B(W(h21u?jgcMx
zMZ4ywwKfmjgU?xAOJt1`RrT2-xXsn5krpeW<EirH)yjRTxnk{yo;jBVqo_rhZaM13
zK76_sY_Zk&{CY3-I=}uTkCBWlwJI`C<JO+Z>#)!m?SEH-b(PoZ-jZ_`uncs2mf<F(
zXL}Z|{nKY=<kn!t*NOL~qNX29?iYK0wqRS`V4*{O<}+pQA!d2$mOxHYPwu%_PNy$%
zbyuZcyrTN)^OG972I}Fbvhcc4E&>|yIOnhT-6st=;H^T|WgMeZJ$DlVLgT;s3e)yK
zxe{YgP=~uTGB@C(D85sbo+e(btj(xF&!V2L2R}M+yXC!}Zd2J;-$d{F6HWbyVdcfA
zBwJ?{WW!*$J)?-`gI>Vxe78MRw9VK#1@aPNcEwUvW(^8nr)NYdcRF%rsV#A5x%Dxd
zOa|h=ciTPf5f1*Z8t-*H*tf2UGiUh3$+dQ1bJpH<=8fh<ql-|>r@lokqBp6LtMqhr
zCE*Tv;%eVqCGpyv_u^Xb*V?ngn|Qal2wNuAW;nJ8(qroEtLf~S)Cp&o&($Zp8YwjI
z93wFMP#9%WzKto8xT{aY2g&=_^uzsBQ}#m%MTzfI$TUi#BKHiY4KS(Z=F84Ek+wa#
z86)UU3&nVebrc^EE1QG58TK`&a_lIzXzU+yaGf|8m2~=6w{p^@G1K~|hD>dhO+87z
zvM9;*$+sm=#dGK*<MZccnjY7DQEYLQG41;jxY(p{YvR@YJnbS?spB4gpYUZ#X5YC;
zI-0i8o~(JqY0u)LgPmZ-UXxMIdc2u5#zSYTdCDxMW!rKG?NwKOOW*kNEtTSHOVM$2
zwa&`?%E`3pBWBeu*Y5^6k+&x4e607;Tl7gZ!X9tpf{|RK4>!lt<(?#Yz!jS?Y<u(O
z!}g|kCMOewgFoGB;!9*(IMz2<F{asHF~-ugeT|B;r!t|!JQU`Gp`kZb_ncuG{_!=}
z;<XSr^jMh0oCH@9q9${5G+9JvGy8Ss7>l~flLCy~VVN{4Sm9%q0h8Y8xd7JWCGvbl
z|0)sF**8&(u3fTlG6dn{u4gX3pL<J-W{13FnL92r*U(%zei|EN?I_V5r}q`tI*xT-
zd6!%s2Qy;7#cN&8s7z?wfcG`Kj%8lXw=kJMH!n=He>?Zyb@RhofH_&FhRfcQTo*V$
zcRz@yKF^n{`zTQ@S8?}aq*;A{N!<A3Aok*H$s5dzgK=7pqaOu63puBF$M5*us<eot
z{!l8p&`?fSM#>eVg0X5v7kx?sOR)WRbuPos_4XLErI75<m?O1UUT0CNOmyC3(SGiz
z^||j}c}4nJxf6<Gp2u}dx&x09^ok*NZyBytlVp7zu?(AtSdfa7&~VLI^_FwzG%7zo
z$$5zZWI4`hX$$0%>OXjSxoy)(*<!&(Lg^+W@e_*fsySM=OY1tvjh>j+GrL?XtQAI7
zQ^vy9MTEsX7G+P0X4#)OU+S6KW4E30slU|6XT=TXG$h0e|KMHjwU*wKec@t-n+4&Q
zSe4!Mc;JwT2OattY$|CHtNs<1Fbkv|<WBiPS!&p^Prh?H&i9Z$oJyz8^IKoej)mPh
z+Ii3PzM$jShbwwAXsGgyr|wNOlyffXO^qtcQohT(pC;m_bieiD*&=yjrig;BctXlR
z{`=kLT+Oph&+mUuI%>L9_Ppyk;wY1@YU*?C2K>1@b;%{?TR2{3ncOZ`o;7%4k~G_Y
zMnzu3fR&+<J4T>Ip5w?-OXZp`#t$xC@FGZ~e_p|#i2GR^>ymq_&?82%GXkWt#I&!D
zPHlK@$lrQ$wN#a|TkUx^IcJ|XZ<Y#M?J;jAv%J!Ts`4i}{OnmPw3}JZ2?agjqM3x^
z&Blfwt9NsqEp!Y8ZQnB-z1|U@I`#DR0G>ql@?&oH;|c7?v0FxBpNwzP2u*xSFGx@f
zoSE**PdDA5eeB)uk<6cOC^hgjpDjn?G{-I8taCMnPd^`{6u9QU?RqtswwVdh-rV(|
zpM3g$O~;)a<!1v$cDckBv~~iIbkrTkAG6IF_GzyLXVc3b+Xz>e=8vmcI(cR>)%((e
zTk#wT#wh~Xj8aFLb1KAU^dodK71qQ_Om~_ctg0gU?+cu8WjC=Kcy?;BrNBH(q2|W)
zZe#SPtW1S#5>?9D)i-60+^S4Bdd~{GYzB<84QLLj+`ecel$jTIpPNqXj9^T(V->ei
zK!Z}l@>k`W^fpo)M4J7FXLCwADZEbQC3C#e7-*$2s+2l;88XX(^8w{3?-3!cny3tu
z-8<Hmj8|GerAyd^iYp4_?#L-wzAcQSHET+GE<TtdzQmK=n|+<M85tX9BjULo4-ZJJ
zkwr8i&%63tjL%$?$K7U6rU+Cl-YjiqU0{-H&<@ZowmILWvSoK~d|>5-a)gNYvJjhY
z#VyrSgL*fvCs?_}-Cz*S`*cU}c1X@A-qsFai}JQ8#j>7f`EuXyu_a@~vrf`k+V$WM
zgKhSF{@&HBaDaV!^SB$h%#x%mkUxtC{72yY^JVUQ4J}$SU9OXxUVfaS8_R8|OR%IC
zBp2~g<?^fe;2sqr`lIvo*s(|87(of+O~fk2S@z9E#_B3>J96^|I6TDLHX|qkvlHra
z!dbPloEOe2Uk=SUTjSXjLUHuS1NT^s-eVQOZ0fzjzw}7RW~1}w15=QEs7vO2zt*%`
zs?)Q>AU!o(-ok!ibdaF=^{ZP)b%WZ*8Z{U<Pn4g9x5j8a=`FwZj$a1OxNdN52&U0)
zT*W?D8L9h`C<q-BKS!H6Vb;USQ#(a77Nt+(nmdab3B1*q{ArVQLBqKfy%_93Dv_m{
zOB|_XUlw|9N}0B7;OO7KQu<N*kvB)Vk7Z>Q)l?0ACB=26dzHE54j*vxvGCvuo3qFD
za(mX<j5*3G*G|T=Pe|x<k6Hw`@aq$?-@|yiB(iHQ^kvbjI>^3G2Obfd5{%&Jo6gF|
z>(eT=BiAdaR~(aWOHQ0Sme*5Ku<Khbb;oO`R2Xc1_ZkSW@$3hSG@6sR?$mLFo&!#f
z=A%|i<;fJ7$Wm_{eXuy0%;{Tatb>=SgwLyQSE=5Bg$_uSwA`*-Bh`qw>!zG0qSlo0
ze5q0Y*jT7VG8!9pbJJ0d`0Su%LCm<&cBQn6LMm%nlZ{FmC({VJh7mNvG(x%{LDxmN
zWxrh^C|wY6S$cc&xLi<Zk+Ohj?x*DR+b7r@Iu&&S43b$*&T6P-es((7bccv9fiP4g
zAf)E5hWI9JYX|ym{N<W6J-ah9AlzxMWa*ASh@vf(SC4c-p^7yY6oolML0v>T5obe|
zcTGu{w3N&sNsk1UHBLCi(f6Teq&$hc&dt+Tc(t6?+a~YiR2=iC@V6k&y1!0>h=KdF
zhPSZv<!n+~tiOsTR}X~|p7g{^%cMuwzOR_8eN&nQ(SEz;;|*M?ies1LiNsJ~4WZ*N
zJ+Kq4*n8Q@v|?ex%=-Rk*wyls=hPjSw$GLOOy$>UT#|hIn1VyDxlB{*q@qLa#ma6z
z3zmpak21|P>)sJ+M3kJ~7NYm0#im3Lj~#eok91(uo<~rMIozcleDV%K!u|Pp3t2qP
zDs^I(J(Dgf`M}N=0n^*mjOOY&CtXv5FL;l2i_R8XbzWVum!-Um5w!rfr;rOHYJh4@
zmc6Rix{>52a8h1DtIv|8^DGUFYKE#0qQ8!^nOcY94aLGj7yaGMWgFtN-(9$I)`D<#
z6aUtO%*(Xtm)omu&ORorr)bs7@<?Ed)$jLv6O2jR<FLRrNj+CO>v(y}yD9DS^UGsb
z$PnB8OI(>a_=*kznn4%jzM7t9li4hZ-6A;k`khkv#KV(LGF2dJ+d65x#rS2$L6?yr
z1xD^*hv{nM6|JLnF~p#+%q-HpjzTtOXY+me<+bZ$9Ve0Ma*UL78HQf;rb)b;!-e8L
zNVl^;clcu9t$Zjl1Fl`-wh#;us=62P;z0qld`C8I!ySt+=5kc8W2ztPr4Vad7nVAO
zt*I#Y6K`a>J!MwDBUxnJgTHW`lF!ba<#@SY(z{2uy4k$nHDz}vxnzBs%21qcHPdTL
zYMu~JGWHeCqgMmV-&#pV2?zBhb9!ngLP@hH0z$|QvYI3#VDx4&yGJ^Y#qwK(Cj0q0
zj7=J|Pouh6(6(OOuzg;&Iqe&Jn(z$mDVu=`{pZ5>@^J_3Yci7fX%cl%kL1^S8--AG
zKR7Rt@CAM0*oriv<<U#lNzr;l^2hKqVwjvTIJ`pRH%7*C7e_X^^a3$rc|&nucF;CR
z##0J;6qQ&A85j+x-uURn>^S(~Iiu%tlAi5x->FKsul~yRuuQ2(p|H!C4k$U|7NMUc
zv%={bC_1?nKT8G0bHgy$q$l#8>eF{$ztz>8^%*Hg985|XsCfEbK4H6c&&GK{-%w&i
z#4_u4dl<!7$I!q8B0vl`Cg6ICoIGO;kw@^RQgQ(&mEJivjomMeNfbvH2xBGJPe{p#
zrBLBj<h@Sj7R4i<O)0s0#aEz_7A^BZw3}&bBl?W;(1-J4mP$hQLx~)HyYV(O5A-V|
zDb*gnC~fbK+10;3;OhfH6dr3JX1dA5a!<{V3uJDJOCM;p4Q(fI@WbimoCz-&8`lWg
zhg%HgYc`T?0sKN(1>iP5>EHA}NFjx|?086q%no7IYcC=15qAzXt>dKuRGirw3nMQX
zl;U$^ls`*34EEzxlVBcUolX7v#75k@fwrFhT2&vKfIy+ORyp@T4zP>GX1Xiq=TW1j
zpK`t@AnL*Pf98)F?Ahj-H!SA4Eo{(60ff8n$uYLr>~~Wc&3A@4_5AfNCTa0utYO5W
zmR{AguYYGJZ1KYMv%uxz+$sMa8irR#QAw|rnY7sTetrF=Uiq|CO4s6sjGq7HEc)Bq
zb7{G3AD@?&(lwk;5s@5nf9S{F9JWbUc>OhX&ya}oa@IJ<TSd8<@!fS9J(kH&3&RQX
zaIO&?|B;#FClU;TTuA97d25jAVI`8&*l)%0E-Y&WkXv=Hi_*}WzhZCTw;R+L6tcpT
zDwOWL6e{iXa8)alczWbcGB-BMJ=bs`6~V3xqL^ld{w18PLb9YLXCoXMRw!ddLnTw5
zT0|;~dWkC0A3v^B?R>3Npi&RU{N7xkXCZPXL7zyidiL(6=*|~{9wEfV4!vkfsgoyH
z5HhB(Y8>oY&rx^ntP>+NmoVxh^|`3?r-!|@3i48p5h8e=YC0W5+&H6}Owf>TkbLxE
z$0g!cI@uWt^k+mwftepz#UmcS%TNFS-$V67uqzw)OdW3~d7vwo=p#dGDtK##xlo>5
zTEb)r1p?neK-7Sv?-c_0%&(F_w7t7w2ddEkY|bp^wK)`!9R4z9>WanooA+wFea{TP
z@-s24jJ*whoQoe?@V0c#y)+fy%8Y_L``r#Y(NTA{x-W{{RfKA`VtD>X(7hw6*yRWC
zuU+q9%*wv=nwwt7N|)_HCa1FAuJ-eod!zLfL?pqB6S|$k=N<L+KcC!kYhTNHKzqB^
zFrt5JN$a>#u{{!oH7#+zUxpOlbzLeYzDP{SHPgS)Br4Yr#V;Fcb|mmsnMHVFzW$0%
zL<nb=mN1z$u581Hovmu(?5jxY#7Hes22cVx?-)75n|c1~SqjP5x%y8^h|g7L59{^U
ze+7`u1Mes9LCWa0;li0Q7;BdIU2k}@$S7^(n&Dwhe^4A`37byoKG&Lgvu5cobGQTy
zgW5`PIzRJDs{lebGD%9Or|c7j=xn-~jeXPr_cQyF6us~~-4mE(iUPInCoGkdxQz9Q
z&J_lSEc27frSs>8$DiK3WuDfEH#1IzD7>c^>&U6gPE9q9Vq#t(>;T^&MYIxWH9Rwk
zg6G4@Ic>V<T26gwvJlq4f8k`pCo{WHeB}*wZCIv-bOlYQ#{u4g)743s5WI0clzg@;
zD5QrYG?)-UctfwK!S}ODwp`#~lBN!Zr9L^Akq#U$(_z!up8dF$vu39*Ml_Stv8}-n
zG4JOEm|(jwfp&u-F-poqLt=;<;$p1^s=n$eayx285GUkG3ztf7(@Tf$*otBe?3SU|
z>C=px)Dk7JrWgjJccdU~3vG#F$HFzu7)tujdREWEPt+FOByZ{}m(gW~k)a*KN3!EQ
zSi5Q6XTSMDkVLSPApE(Z@1UOC7U29zo9ifBPeRBPX?XxfOtC2ZK=qb(dzuIX$S-w-
z@-ElhMdAh35j-CRNy2M=Z=)r1v9*0ihH2Sf6x`~*QpHJ^fcly0>jQ7mcZsdS_%3`O
z8-3N_jh=FHLucLBHSbH@WyZlyrYhx^t~?{VAxYt17-SR|BhByYDWOL#@M!L<*IMst
zKL}KHD{*d}pbsG|^5eYgaEb%367OyqJ~o=y!?=-&Q}lT6s+POL&$Y5ml5-pBm#Wf|
zy077U_D)ovM;^Nyg5N;zlKYfNKH`)1L#3F3=1QZylxfUIy>GT}cr=t>ea;#h?y2zX
z+;aHtVhejk?XWPyYo^<rJC~J;G+a>P>7${elWh5TY;g5=PaGw7^YH{S;0>XpIk!!z
zucw?z%HO7Ai>tZ+g(y>R+r1#qx*FhKH;8u3>QCVkwXM#NB1%)^@d@%iNQ*}83h_(t
z`fBX^e}}mqZ~Sm6VGYt`nZToXZ5x{vGI{7|c(BQ6zSOMY7)y3px4sa{#R2Q09lM7B
zQoC03UY(w?r?1TKT?H}vfHGOz<5!8-BU0|Yx)y70H$>*pwQMF{PeD4jWG=MCqBk*?
zMw9&kA=`gPab#*kVzJVenam0Re_EByBQqqgt`#LPxfWjrnMF)>KVVbL(K1CBr;x@b
z3Qt&NkS8{cbriSXh~|dF?vg~TGt6tD)9B~wb3LGUA(RTpP6^GuN3`HZy=yMpqrUZp
zL9d4x?G)+gj!Cy_Q?j_;dPbUgXbF^cxE}IzL_mHSezi4At}Azk&}Ebm_kv(P@nkAy
z9z}Q7HS~n3aP;HVRFw3QL{}o}kFYl}@V_NQc-xBJcui&e9yN-(NBsudYpuorJmX5{
z4uc0}gC%hf#_cPmg33RJ6Ti|ea*`ZHE!VYJ)HoKkH7H1eqp%Dso0U~uD96#)73Mnu
zQd{-Oh3!WeDr!FvWa93c^LyKxEvdbrk;w9uD?v_B1goRW1nT8IZ5aXxVM<Svo^y@}
z9+NZ9*;lD3nSSRAhI3r4q=N{{SQG|H%Cgn`;1Rp)OFIWy6)}beVVg6}$)IksIICmF
zIN#D;D2SFJ$#tteqc^9}8Wnp|Y6MdSCyxU0Zm80>%(NqJloHlZb(_A9!uP%UTe}b4
zQ)PavxkBEvAIu$t94>LdBWmU_A}?BI>C&+udmlr8mi)cm=6gY>mMEV%R;jZctJh6N
zn-NO1xkNAEJTePNTk;dVUozIVys>1nkUrIJ%}<~Nq2yJNXaVa~?Y+^%9f@4aAC!kR
zl-DpnVC&yYBVI<kt|S5WO+z|-8a@r%g=gk7HhMAKU*2!j^|^)-BDQTs&lj5NWV}Zm
zs@{1@%Gxh`YWUsb#pKw^=gz%Xj;|o(BCsqgUp|+h(E$Zr!zbA^Lz%HH->cdTh6eaH
ztX}`*JNi*iLrZFl53(dzG3Q$@enNcCdw{}#ke<3iJsM5JfOy0=9t&Vke+6*NWE>_C
z_F{~+c8V$!ci8v#me-v_KZ@vd!-!QagId$@+muPv>a{OoF%T3VM0C5CEO@s}hrcTx
z2+L=C!x!gCyp#e+(aki!p3|=MRI+?;7L*&#=LC;Qek!;8G*w&CwTJ|*EbozSSqub^
zc-LG@8Hl7eX_mHni22o)Pb-w*Jq_F~1VGc8!C^&aSw-j%cPM3W7zu@emyYXk+G}N+
zi9sPM-tehi&e8LH%r;IEjMoZ5iA~``j|f$;(POfb-l7h1FeOi*1hox#yJ+I>pzQCZ
zRXI#e*oOLf^aBb+G>vt`yYaQNWPzhvFZ#foLMWU73YPFN!j`b;`DBg^2RadBHJBFt
zo(>G~0`r~*@RZ9>S@>--FzJ|ODs-)8)Debt0L1Vp<KQQ_Em4{66j=Q*+MB_?&ev#8
za=tcQ#&Nw-F5o1Mw{7Z;53`$XTiHe#Z<LR>+$%GUpyaDK`XrcHk+yKpzPnS=oPCxW
zH&jJ%V|Z!4#?x(d=#oOzZEf_qqMZVDnYPktyo#n?of(<g-LaustE7{&uj=Gc881hI
zWTAli<UQKgv~Ub09~DqCC;m0CY|%8p&~0aK!g;dhNWl(8*#%6O>rz3@muABoBxoln
zm&!tSLsZQxU&fTRZ7($#TdBy{urz@_M^Yij#~g#q$6}~_TAo1uLCCiLajKf^FTM;P
zZ<*>xlzYsSr3rhSbDVfh`f;Lc=8U#&hM1i}W9T!^^guLJP?u0J!~?%B69)5~^<K$@
zM2I|4@CdK!z^~+QyVWd}y{?^MCp<~3PRf?7B9Cjs;Q+6pH_I(c0Ldf8t+%DR&-qD{
z2&O+6U{7@9(DN%qq;k7`9lA-S7p}5~kEh#ASQgbl)^$B9EuL7;NhQNhjmag~v;$?O
zm&Q`TBTO)+VTJwme9_YQ%fRbh<+etanw5{HYXIhYTq`V^2z_xfMvCD|&g*0o#AGwT
zD#l;jC0VRZuhpJi($K{#>$?>BxXiGDE1IKvkR6Mp?xwnNZ)}K5bB^s}0D#c7Oyb2V
zbtg3)!1B3vhGhiZO^=kG_pJ7@eu;hyaNE!8X0}@-fj|MVp~U_PQ%o44X+*<o3b818
zkR4xLhk-o2gtJ>W{Eh$n`&dwNe4Y@>kMe3pbec~I!X~FnPs9nknCQh<!}|kx-N$VJ
zK49Np?Hbl<RC2*eaF(udZ6|5dYoSY^zwAmF@#!#qi~DHN%U|!uSF{CWnanwM-Bq*o
zU_mIco#%g=YbI#gLtT3BV^7gw;1MGL(RS?4UFeH{XFr*^rp=;XiNSTLOzJ_~CAPJK
zxwyPOWIQRQO3nqV{^G2p)j|2D(ix$65U`npq!X{J#WAH+=3po=xFGPD{c-BKo6{?m
zY@_I+4D=tD!#$162E&RLrAx@qS}H$#I&}1*VgXmA9=79BSzwk&t+H~7Ww&MWS?_hl
zkX7q39o=FH9gs7J%0mivle<6yeCZ2F$M4rDfXa(wicktZp9um0-$40sr&J0)$8GQ9
z=N-SibDL(M$V7CR<<TZ-<lht`sZWAW7&dhpt2YIQ_dyBBT>7Q^dEUoWO>c>tC*V@S
zbmZ}^9?B-x6kOvjx^#mLgbr~aA=2b`hwP=_=1h(6ls8j@&8}<ac*jj6xyq_U#%SU|
zO&#0ub#%w8eW+&Ev*Yz$#e<il0eqNP+R~Uk%z3f+5_6jYI|n(wKKc$_HI!V~!T+e5
zCS0UD>V5AD?jCH&b_5%5Wu!g5^7PV!6+I#uRh?qwnk0@^I5cVZ?!&CV*^Qf>;+pcH
z?qF}yUl^fDKRcN8QK_S^Lfm9v8*6-39HPEwS<7+yk^l_rPJglM3MY5Xt}B;8lKxno
zb|*`1V|xOL1UC-Rotj;J^~d_~)~2H^Vp^=7ms+@vxwa?Wy*H)&p>HfZl(J-SD@rjR
z)#WT4w=TnEr$)C%rgJbF=WT+F#OZhf@qBjQwEisYiF;D+{l4=-VTG`8*i^f5EG5aV
zijwpu$t*+g4S2*(4f=&p$nLH*rX4yT|FGl%EMNEYuW09=E*$HxxKdoP+!&pK88!x=
zdhw~#II*~Qpn1~POE13pGeaJu+#;j$r`M^XdCQ-AG*`+!KyJHy_2Gx_cE#z&JMFDq
zdZ~KY@#Pyc8RE9eOby%D+!M0AS(<#UUn0pt0BMH2OHvGf$+NQL5#Fa5i7_Y!$IXAQ
z2;52QVCOlpOGezYbSaa8Yu(w`vb}E3)h<s%mCtMj^1eV%rzALKZTAW%AWw3y#^fIs
zPL!)fNbMxin;E_?6S&Ew@HT?iw8w^0Xu`VO9Ughws9Y)c?ObNpO{%ilJniVWr%!N-
zZK~<6Ts+5pk~1{a5@Z~!7L{>t2^1wUDr#wBtk^M?<|W0K8Ogr}7@pZ=-JQ#lbSN9s
z61Eo!YT&J7EE-uL)5X5Rs?*SuyV?@MSt$l@t&+1IpZ_AaxTwO-_L502EQ{C6(VmH!
z$(<oTET!COD&6$8mR8xLbVh)t6frh9Pm9RkH{?tad9j;y2c0;S9$Lg>DZghC180IQ
z0tUn1fE*Dw6wrWdXtOA#a_;T;3O5^C5SJz5im*4Ou|2<U+S!pM9f{8l$H3F#SDD05
z9JgmlWaCTXaA;T;38Ema7Z94gI-VyXOJWQFMjNSSQrX1&96}sAX3FCU0EY)hU!IXM
zxUgGKIxn_;B-+dJwdERYB(fJD!~1;hro4-u09-n3FJL~;YhLL6^otkU`JBiS3*G*k
z^k%-UZ&0z&1ow)5?(Y`@{ga}f53CI%DFsLeox&%?Wp|?}`8=~x3MZ!fmy#w%Ya6ZB
z7?#q?-H`s^Y>JTwhXZPjtMoKYS5rq?B_j+`2PL6LMQ|(G>V0<fK6e(~y@*_TKpfmU
z_cBnyae5iOw=w%9$uwRH{);alf~`3Xg9o)Uop$v&jfKVz(HHwW=wokqS2H$c{*n+;
z<!0-7O}~!srex1vfzmF7W&L)6(km;Iwh$v?K6&TTlY+oSf3d^@l{aDhzPJA_Z~D8u
z>AzNMCdK(Y@~{@*kFPt!f`vpvdGkzm|K)lzxn9GkF2fgb2VOlq(~TTB*pZolstCD)
zLdOr@D`Bh4pgOAkR=8)PFy+0W<fW+n3e9v0P?tL;fl&oc(trX@|7;Ls^_9aO9!6EO
z;ONm_(Fql>wgPvGa1JU!-+^LSYmz%TqK9C`Zxp725=2a%3;fZrE8ZfF35R8$w2YvF
z(eWBorV7QP2eqyYzpsjv-{p5wNn1~G><F(~lSp!j?7?ivKtj!eh?D@ToQ6KfKrP^z
zV>e?Dsz_gd*`GAy9Vt*%c$BL0fI>etu)7K#NvY6@C~Atk*~u*F3aZ}sdcXsBsNTE-
z=j-?CRBedwAWN}g;1Pi+w;qgBt6l)rzkAPxgBY;{GweDjCWkup3j}<<9oY2xKT+SS
zs^f^y4AtK6jU)$neF3e$cAvogA6007Y5FHB?){Br0p*^AwB7M(fl4X|%Xc{z1d3!*
z3q1S0C%zg3d{`%*Z;<I9Dcv!a%Iz<+m<~oNR0J8D@H_4l2l^tc2=q!MIpX)p&6}Rv
z@ZVQ+4XS9-Uh^|eUH(?WZ2&pqa++uNj)H=<rUsfiL#+xN_1{w$ZZWNX7|;Ah%{3^M
zMKw){bK<eQaUk=jiAUgX=vhyJ2z}3F-~%0S!Ds$koq^*25#{=StMlLL{I@y}p#8=+
z@PBc4zGM_tkOLpago>nN{8X^AxXWJO*WdN#P6fNd?qQklkH=<ce(gL8z$^p75t8o@
zuKdUlaJ1tM6#LN9Vgi7UMt(n0_>WEofm0eX&?yanKU#1I&X?k_uI+YlUDGEX&6GnQ
z2?uy8oRZiRggp@^DRDkgd*?L7!O#CJ@127=JUo)j)OP4`=s_L_(*#l&U=x&kg-oL0
zU|uJU(02zxOcMF`PI-bY;~eCaC6EH@v-YTevq!zw-w*%Axe@r{CJPe!0VfL@YED@!
zRE-Sr1n`RwYvrw!Y2<UD)+?0wQAVShc0}h-H4*?iXpNgZbY<DWnWM*X*wio#?nXSr
z)dYE$7L|4z%39o!QbrHc#)_Ock!~-OFDJB424JWr@|kltwcd~_-cIFQe7R*gJ{WJW
z(DT{$_S9&t0<ZnT1?ZqgohQ=+PD7K=X_Z%fAUM7!=MwwrLGM#utJ`M%PrhdBvg<1f
z+VwNIq@p)%jOE$B$IJ6i-(hL0SLrjIe)q*>u6c};7$iA};-hP!f}g`PN$0z$4?IEx
z2qo6j_NQxrFrW?BIs99~wmFY3ow*R^v#XSR<e5~2h|g-AWRK$7CG4hcC4tXxtE-7I
zKD@E}P{nCqr6b9eZor^4q)cIwRD~SDQrez8v3TwyT3N?NTgqJ5gE1Zv7YlHX>pefi
zQ*iQha||jjJcI;)$vRxv1FgJki{Q{gv3oy83%oTJ@i5D!@h&J#*8}_rT|Ol&hd-NE
zK#y46cGewmImrf&StQV-J2i#++fGET7qn!3ZW;eLVePot%5=VFL!oKa<P3DcqxI7K
z?d@xmnGq-6Y8?@C9?#;p=u{AVM8#cDL&ice4%M)K061XNO&0A;MLWu_r;*A+QdupZ
zZs1Hj+-baT)8x(TYM|gT*Zc0}raCC$&cC>$bLy-&tIsiwn@?{t$5D<2W@+xGrH?hA
zv*vKIj!)!eT7*vWm@Wqe7f)0w5%XPfw){|0L&~{a1Qj}O8#TVHtx-mr@R_!4-j3r`
z@w_Em91c!<s29%6H`18|xI4}ih(a0Y^9yt5Ui!Li=0@>@66(byi_?Z~+gX_&g85Vh
z*Ub5|LRU`msxhk?(PIsTa;TlqjVFs_&*P`PIQ2tKJ_MB33juhu*z)})fsotp-zGen
z;%e#X=NP|jYM<jE)uRbz8{9`VdN)EMZ*fp|-;ZN^lBkl2wqW*QJ}Qnwf!QT}SLR{M
z2e~{ZpMm%|hX2RjTSi6owSB-Qih!bsbcloq(jg6kba#iq&>-EQf=CSA-CfenNDUwi
z9nwlS(mC+%(ZA2SpXYtzUF-dNe{#8)IcLt^XJ7leesOIJQFiKDr%a){bjk(!ge&)q
z?}<mc;byz}SS!L*3F0e$@fh0-tujRLNuk9vJ4gR;5h(>K2q_kz--R730HuR+zWn!R
z<YVR|!saS;`EZAc0>qF_mxCj0NeV9vpzK{4@i%XUGsn@O+!S$dN&Di5#1IPh`^_N|
zne|=0u5(@fw);!lGwzC+=C*6I=^v7~J%s?x!*KJXrg)17*XT5St_`IcO9ZHKRB5bD
zRBb8j1xkTFC}S$6Y8g?|)QR$&NJj6a_Wa;49_7XG6$N|G<G*_k%D(sCEfsv{534b6
zD$q0op{~b1ED_5yi|fX2BfhuG_d9(gp%NF68z_}-rKR?p7cnoN`-t_$0P{}FmPKw}
ztbSwG(fW`&km+aZ9-zehb#{;l6ac;@HMKPQs%(VWB^~L7tki%1fD9>fFWQ<qQp`Ep
z#a1s`vWmOAJv@1-LatmKXts@Zi#|MJ+_o61-ng3&H0h@WZw~d5wwJ(mAUS??m<?=J
z>v0e)I@;@PriY2gF(|G8{Ta6uFy<Itj$0V7_^qvf;)ArxE&d7(x<#wgTym2F@sD;e
zS|7z1p}=pC^TRHak~X~0q{)N@_S;k5(gD)ma}A7oBO5O^RG})!7SoBwr;@&{?1WhJ
zvgg*%j9Z|WcKc&i`4eA0qi6-o>2j?}CxUd5k3d^bw|jF<)U%!)H;c@mH>|+^#{fD3
zk89cd_YxJEH6E9OM-gAIbs9h;sbuI=W6g553pIQsAF=62H2!MEFxP&#`*9<MqvZ3&
z-Ua~`zlTD8UT@;qxP9>Pwm_J|0$x|wE`|}Je9&$IZWY?(#x6w%oU`6nDy?|8qO3jP
zQsE!Tq&gWbdVnzW*qv;GzwoJE^~q}>E-UH#bmez93V2f3X;5M=c#TqjncdapP4-Tx
z>-TIOzV1CCP0$>S$xOTEqr-;0!1q_KdYwL>Lq{6_s`4c(%+(u`^ry+KttOh~jx3X3
zl6h$&+Uk`0nI-*EW+BkD1<p6hH=n?=RFGkr?aCQnxy_^uaQ`2556<P%RxCceh4Op<
zZ%KwS(0++RlW8((7!>hF3M6n(hot<!*ogt}7U0&q-8H`T91atWN>M3llzXY_1Tbqk
zZ7Mx{yb|I`6DQ^$A`x5sQJcR`mRedXLsxzGM(9}f_$%Dt4}=WjEkbN)x<{<bMMWZn
zcd3@0F51libsd6o0oA=*D^M<&P(a6Vw1|muW{HYo7UmI8UZ=WE%XhpZ;6Y8%fo%wp
z+uq`oG5Z;DI8<>Z!nM24;<`W6y5|%jviD{wW6!LlS24$2t8Q<Ko9fj`eF%`Fql*;q
zrb41oW;f8CY!vA}{-ee5WS+^u$OL7{qx#JW&Txx_0CgL!P={WEVxLD<7GOo9p1=2V
zr~powg4HY_q*tBCm>kid%NqaMT_B4g67%|0AR?_VSh@0EiTf}oPL|*-v80IR=?n)I
zp-T|6GlNa+t1`px$>4@8yJA_%Y16Z%YgD}i^J?9aR>~rgppVyS({L2|_H<LZFiHeA
zX8D~;#r(?T0ma>nB!*P&!dqn1sjzb(@+Q~36VC02?Z-7?@zp34zrt*TH1zwOmc@%t
zh5g#4$Bt1Yd(o7V`29*2kh3He7SncVb~UCIMWEX*g^`Ml9&mlJ|IqHgTi%GzncEvb
zH1({U-0sdp7XNP_@F5p3)BO5?9Ozc7GC9iPktzPa?U{kRZ>7H-OZCLt$Bx|27Eck8
zCDXuNPW<u$PCjGut4m{@>aomLAP!?L5Hz-iKF8Sc^N%Q1vy8G|DeZ!y^Np6?369HF
z6vN&c+${VcDJbOd8mO{8$3$B&SckZm>9va~Oa~^bi=JW&{VK=Wy^eJQ;r~I8_QTg{
zpn4WJbfc4bi2L)Jf`NYN6Un$P<nCulUm;2f@$nC_7mVx9D9xUDND;wE)lav^(l)$1
z{?t3(${LriD!L<Cd@TIF8{buJHizp^V@J>HT%iewona}K47{`QUv+hJPkp2TZEXZv
z$k;5iAe5$qN}=`S#f;hPJiBBOQxLO%Q46zagA-YVoIq)=rBG!8fAi-R{-<w=&zFwn
zJMb%-PzKFZT(h)I*W(9k{EZ#>cU`gL$e##37ZJHP8KQHZEz&VY$_&T8zRQ!PzBT2o
zjSxm{F2I=8QwmGQaKc=EdW(`R%U4LBtsT#&@ObX^(q3vI8I>fq9J>F9@6X|@p)dXj
z<_A+KLc(PduhC@w=~en0V?}YGldHTWp{4m0YxZK(L8`#?nOL(G{V_Y?+X7L;=ve!A
zDjMJil7woM+eH>lo%mSluxgaKT$}`?HDme)cnRm;nd*Sk!@p9mR|z%>G8>2(yVL;5
zcP!a4Y0M|q^TK-SXbWdWc4<wvl8hny2r5sdfLqv1zif88FzMc6_65v0Ki@ka3SyL$
zj}?7!c>68pP=b7F`<x>=-|~0HTq^q<w)K=wnN!VCuex77=B}qpvAi`4O^Kl`2HPY2
zkIoU(C<<SN2o38v4v@SB)=*ei9I*BkaMJ?`gOaB_9hGZ&`%v@L^L+K3G&UP$4J0uI
zhHo~Y`JabpOCayPc-w}JRf2358ui<yfyX%uuz+bR`0yMe!ct|)ss1L=_X&YvHC_b1
zj~mzJ_D#d#atYk%C%)q)c)I=RL!;Q~hn=Z4Bd|gF)NI`fT`*UTi4iKyaB(44iZJWh
z#+Pa($b9%6_E_wfe#&`Kv=QH$t?U;E7dju&?3$n)8!A$0Sg%Rf*Lw9DRlWF6f{N6c
zq>&yw{hi8Nq#}N|UuWWH3Iw89yheA>6z#vo(i`hVD)Dhh%_Olk<ni&?U-z<0lJdFH
zqboj+x)ge;ta*DqRZ#vtzWw1DmdcdTR6=(_*aq-3ML+-GAHwgGdxmQ$@5|w}cVV}(
z&8LEcHt*vsoF)0qIU>*WMq}49keN@iUA@NL?0`Mk)JzK;BD}5XIchG1z|W%nNkuy4
z!daqr8NW|ne_i2zUi^)g8{uUB4j_`cxw0yF;4&|4aMxEC=B`JjIbmcNgt;j;yYbZ7
znR|ZO%0mKIQSW>5PyQh&jlv;>Wiju$ma3d$hr<F@52Kh9V+?dn>2?ETL@U1GT@`&Y
zr~2jP`G>%gQ^zY7jV7<$Uad;eCw;_eL&ey?mFQ-}n;2pp_#+cSd}Jd;z%<X;t=Cu<
z^&)14fElg9Y1Cp&3vv5#U)2kE8g)4A{Jr|8I-jm2KuQ-*zQop-pUXZ~yJ@_&S7t6t
z{sL{yQ51ns!kptihn_+)?(Z-3)8g?RU8W{j;O6VaLAVMIrD31sM>jU?74jc~_`<t-
z{<?3zRms2cuJDSJy%%Llff8xA>iuLv@MT0GbNlyeP?!Pc-xBBljTsc3%;`3{(Ms{T
zU&h+CK1mW331XK0bu6pIGNfs(^Zl&1MAVS_rDDTnT6)SoC&Aa67!=&{Y)-&VzwRvV
zuEErlTJUCG%J(}En4|b|?k7k3<4HM&&5Vx^i`5rkrq4v)>Bo{~i3r_#J%V*Fd)~uV
zFZ3BJ^{s9iGEZzwj6R#JT>Ot1y3<X=?$C1%3T63~1>h<`8F!+a!b)yFB=ApaaU_?#
z!Lukhz+4mdDlJ63Z0}|C^G|;Bbttxe@UiHi&W<wG-8UWIY7}qaihLYH6y$R=i`TXG
z2*A;>1|_ib-dQzM7(xjJ{h=+gig_k)vsjyw7ZLjN0bDH0d(i?}$7!?$s#unp<S!N5
zp$=>dvrk2hx^;Ad`)du7F9MnUmASm;p_0c!7;F4YPq42BzEt3}r!~)9(XnCjVBcuD
z)A9b8j5~d(sPS~+)fd*~blaxc@ej!*FGg0${pVR+7~*-<vuB@nm~X6i7r3xGX%|dY
z#y)Bfb5qMuw5WTxo3QS)(HbI)-;dJw84i-`8Zg*#QqiOsZC71~5k7vrSa+Rz;yaNP
zpa>QKT}mzRAEXw^ji&+3%N-PWftPFb3Q+V7Z6U(DL#)`Y`YEhm?2(~~c88N#63H*(
zm++(?D|TS;P^ev0f!?v**>v9Gfr~cz_Vc{E3r!`u)(^XV@<?_xnJ+D$Mx%X#400B|
z%-VRbla-|3`8><^Qx%`fFLA5bq!R>Z%7it+n)-L<Z)$BA0{40oGUMd?R}LnE)=k7`
z_DFNT=q8pfJS9(mZnds#BL&4DygelYOZ}-+#Tw}>{I~}g>G{~bi&6x#&cCYbyPJx<
zB*6L<`Sj7#Cd^~#Rz+~}RB_7ixUI{wK?<M8i8`>VPCt^HW_9v?{nOAg*V@{9_CyLH
z@Czdg-WB&HG^YmpCdNUT!HVg&5Hp-q05p0zE&JO9XBGPw6+8|v5cJiJ2HifHUQpkv
zRS<#>#%nd7k<VY#(tpOjx<ax~DYaZF8=sSWm;60R-lQ{G{!l7Y%=gx_&oZp361joz
zrFN6%4<@7{UMQKVU=y0@q5R$H$VqWT!Ijkq#FJ)VjaFZ2aNJO37E4&}zk<~ZJvJ<|
zKX9b%z<0j@ZC@5U|AVX){z?xgH<~2ou=>70!E96xKG@#~>YpbgjkGGfp+<<LJ~uH^
z0@}M5=R2?heysJc<mS1+QW`;PxW3|L^*pcvf|NxmMkFIyt1-N{@t)jf05aw)A-|Ki
zZ2n9qHYe)Omc}I$-aU?c9WqS;s9*g5(vt|AG#`^N_UAf7r>a`Wz)X}jRuCR&=8Y|X
ziyUtB{BrZj@pZ?@1kOlCJ^oRgt5nV%@2Nf_fi~FbWg+^Q80X(cI{yM_l2>-cJ*HLc
z0_-(Ay;w2>6dJ&7h~T06Eldw*K4bm3^FQt)>7&pO-7mGOZ=EOP+9tf;el*&S|Cn}^
zR+VTV^6SR3yzdj4T>W=xwyhqnKR=o7wPF}BrVyLb-`Mr~ong%VgWLQ!L2WaqeKjsj
zNR*u!ZR+igI;RSYiCcdwCWhBtbGLRc)|w>VFWOtpi=_s5iG1fF{5rj6A%C?16}XOZ
za;uqb#{$IiQ%?*x7Jiw_z=+8MaGIX-@o?TNRr+3Sv5d{8U!KI}E&-9fm{V<-r8%+P
zG5FBsyM<^QDi~R#cjfP<KoF_im*OPdc!WY=?*yVo;U7Is8@*Y`Ka^b2qc7$7B0q%|
z8xrkjiYG(wb%KUD{NJ8m!+1#UK8E>dBRbBD$EyO;P`UO>T9!o9Y^Jv3ne*l(Bh`!Q
zn5o!mt<8r=ZPVoNI4*rL3QMBo?WV_GHq|=g;pT<wwr$*g=yyBfn10&Lw1D66xi|1?
zw1%|G4N&dNF7}`q)4xn3ibhXR!{ZEKMoDR1^7(D|ivEgeQEFsr89iz|M!iT-LwBDc
z1SJ2_s8XWvn8ok3W;3>V+O;k!1*-HEO?PC&Z}P14ka^EW+?E=XKsD`X&EB9Au8(4|
zHNry~vv7qzY!%V~r6cHW5WXHABncx$sMP=MQL#7_y}@GHtKA*P5G@^FrTvJ?pK-y@
zIf@fZ!6!-f=(&FFD1fPSMR55b?+?{>2Q4iZ^O$QHRswHK&z$#MY>3`i4BE>x@t6lg
z-y)(D7ePjsZCCf2#ZI1QqUv0qi5aroXk*k~duj(%==lm&wGKN2g4qTnycdNBWE{d<
zLy-V>>TfzduREo93cqk&V63w{l;e80>I-&tG5Gxr@;mpDFJ{hV!w_?_Q7HJJGc;BF
z@=>s{pgaZ&B@E=y1br8hcpY^$Ig4KaL`h|Efetp6qi!($MQPxx?n_Fu2oV$(fO2E)
zc2@VDaP=+itSnow1u+jpN|nbat33Hqk3BbI=dzs^QVQGwY=NuiJ^f|L5p)1~yduZ{
zjUE_~q63ZZffihsnbeA!X&_;v|KAff?H6$ECMV%XxeW9#iPXXajWND~b_Tb#WNh?!
z-nbp5W{Je;>JUo#Ipk-#P6-V)8c?kb=BGEF3lT`{TifO96+)p2Uj&^lUE~9pQC=y~
zxktQ>dnrq`>d`mS_843YzwW5`o@}ewhmuBL$2v!e93r_#rD$!ho1ywOP@DAYg!lKb
zMcQTWNmZalQ<{FIR8ce9+GA!hzqmob<@KRRgM+*M<rkhq;!KhBe8Yx9g%<C*I(NA@
zHj50}dO90G|2N94=S0Y$)ts2MUW*^jY{9V^F^{X+z4~;E3h7RpZCycb2GEB39hB-6
z^mr)PAmZ|Bp02Z(Yeu?d&84~rF=MN_Ia^WCDp7_5F{I?_&?#=HOZQ$6TxB6!zd5Pg
z_?(|szC0js==4{lxgFR+%k@RQKcp#S3OS#eb!xi`AR8j+J<)+4?}JCwg6G;JHd&S&
zZ#B@$K+-QH<rz`UX1Et$VmD|SAzs73u+(y>!vYziNEHZu_^f_~1@RUWesvHZgc4Gw
z9&;K?bE4$Sfhh!&rNNJaE^K|Ut6Zma*JjH;Ox_@R-TytE1Z*JQBO;O*sP+5luapwi
zp5y+_Y_7jr20@@*xRE7)-&V>9^VV$<wIrUSWKHL%-zapd@7bL$a>p}S1w29{?@e=D
zW0yq<hlO+q|H2|FiyfCfG?W`Aqu{^|m(xzEOVA>K3YaKSjd7^-%0v~j20DjwwUmr)
z){Ah5EPfaP7^B>zJ&q@~Mk?uhnb8(pN3l+ohDuspM(G|9tv*Kg#jQ*_H3vxKlFDMp
zQ~2MC|Jky1YK0_Pa9n-~4ux`xT!rLS3W7?tC@xS9Z~@56X)W;O-Uo@0JhIT#y{bon
z?`(iWIMz9$DZ4$Yl>0#}Mr=v<yvEJw86d|O|IAUPOy*B0F(*lhAXJSg<~fo$9l9N*
zesj<gNObp*XJ(RY=eGR@xE)c<o-e5Qjgd^rl{*~YR{9b72B4d(_pz0%(q88l&~;1B
zkG#1xFS9o9daJ{If#yoi_bmedyg#AK6hKdxd7ul~fAmqS$oh{#mjnWm!mJCjl_$(O
z#tkhmf;$^XE^Wg-n%-t6@p!+1NS`p`8V~qul)KM8q*b7-!6fC93cxWH7jUE1l?}yb
z)jz@Hs<rrVMzY?5!a5$2--|V4u+KRN2LO4&oYiE#7=So)d<j9jPznh2b^Sl}JdK>q
z&hQgMa%*0XgYP&5!)Z<$xZyskmD*CYDx0jRW>Tcg)K+7AdmA<@AD_Ci%hFRN{78W1
z&B>JLz@BoIL*zSLTH5CN5u)T-f{iTg&;2R=M_ldfL+Lfj6f_<2U&MOp(9zB^(mq40
zR0)^F77F7)dwA2TD{rFQVBh)_vU_)p$0#B2$?K8+DG3}}<~whDfjmCTe5Oy*S0b7s
z-(w=99wnCD=|_yO%0YLXQH{>YYMQ2&U2Zi4No%_7=evaOK(D$h4IF}(D7F#z5B(XR
zWAw*x{a-{su8y`r_&%Cc8yuJ9TI15H&hOo*^6uPBPoEoDvjc_&IbVO!>Y<}qKR;*h
z1a7S&cDsQ%yG#AsGkE0=zhWPmUhyW9%>DQ}^_wz3_Y2l*AN2(R4uc&K=#PGzQlgJQ
z2wNgT2psz(c|W3pQYf7GFb()%9)=UE$ctQmQ+G^fvy-gj9FtRkd*>3#yTY|Xuf)y=
zvpzAO%P+WG-?$lZxcdz<JmV(gE;dDDbg>cC+e`y=$pKH`tL5aSO;-4sJ*AD<`5wU>
z5Jp^^_#wK(7ZSzhRBe9Dvx<~9N4@c^CQI%4WW7TGl%if~i-!(=@5Wd{)Npn;%f)uj
zdVan<+JC0k^lW#2hS1T(6hE``<Y98J_r~Q5?hR2B(zT&4JW6~tpb`rAdwJGfhqII5
z>C6UQ8_iZ2IUOq+S789ilX9u@NN>(WnQ;v7**i%5E61{4o!W1{%x>28n3Bi23Ug1k
z{JKgW;3W*uSErgFlK9t&4KWNIM5QcKwFLBXQw%dWeqpT~4fs6p=eLrIRpX0c4RS4I
z(~y$v9AkV4uf0;*Pu={$1ivho_uksNYxuE(mCu$H4O7w?B-Ph$+&#fgyF3%DZ<V5;
zf({0|21VOYC#uOt(2(|6Lv&5M-Z}J3uCbmRs<*|R4xjZjt=*FXkzsKOuP1?ug>b}o
zn_$0hUIAhg9Wo=<^O4Fz#@mnv_SF7KQPk=19r5+3ZbT9O4C|X%^iO?IbUb*GIx?kk
zI;&=FBUIp$sVDDSj7MMZ<y}69(@=&c&Eqkb3Nx#1kE-5sQkVf0P1%NCgYJyLK@{ru
z3>}9$Y;D0^vi#sp@8wJGLg8cMeD#WA;_0T>q+OcpHUa`=HZqmD!e;oHsopE@_R`{+
zEs|^Vr&$YyjPb*znz@<u+V!%!d5YT0(rXr8IpFdVg|Q*bEo1gngmFlXKBV33W<v&R
zm~85)gru^i0ms!SfjA-mnl#yrgSrV~dSCGA#OXG11tpk=m2dH<fd<m3DM;0I_go+P
zxOTIby1lFpkvOU6fUY#uu*1~zg#%Wj^rCSfhR<;ND*m+pND$x9+bj=u<mAiTGVu_8
z%TnU+9N_9Rt*X7a*g(yJTw3Bf@C$Z&#4UD5d~3`{W)0ZO#bJ3E_CZhIt;8-%h}IJn
z_0<k6Oyt^sGtt{*uV8UNd(-yBlgglVs#lRzho9B(HREt9e|)a`C&+S@+v+CK%ms(-
zya+W=&UY(vz57)=!Nge|&)gZ}O;fiw7S*sVO+Ura$CNm0uCF+MYLcPjFDxb-mn~DT
zEjA~ByqVwY*JAsL`K+BnhdWa$+#z#XvT8CB%cN;vo6Y@8mP~T1<z!*vWx??2KAzFL
z)R+ubt5ziMK|34tbai27?`NORawj3QNRvf#Th6xh^eQOUD(o9$b?8w%8&rX;zsPMV
z1N05FsgRRyetU@U-bnB9M7y8LfTOoz$)P%i^`2dPDAT-S1+htOWB4OZ-~peQXM62R
z+PL2F-30!0lkfex*EQB&6!)^^@y`%`cHBQ3eJ8%fCRnIae2Wzfeg3K3@1fT~4L!3~
zxpennMB?DXu;o7sK>e<~_sfB|YynwJqH;Rk`QzDq4<O>tYG#hEQcG}Reffh|b1PPQ
z8OLV%SiJ`c3HTw^jWDlz;#UsRLjqw#yja~l4*9*8K4J*^5Vrj7AP$Vl(0c1jx69Ty
zIBcfRhrU?fM%RHX9HzUE5)14$Wi<*+sK7oS*`DqhS6r;mcg!uN-x(I&SU8BUSPq{(
z^QG0vSt9xAMY?aVQ~N71>D6J=!~)g9j^=7FS*aeDAsll<p96i&eu&ScQTXbr87W4o
zGa0qad!X4Kir3#eKWHp>=RRp9lt3|YNp|+(_KMeLn<xJktI&lDq;0u&+KbP-Wm5?3
zyX&SsH5ZMXr2+KUTk+2~-XN=Lo<Y(3`VQI=_)O1do}z*S`43^>mb$rik1?Q<368|M
z8uh`0Th6hu<}ny<iFuce^O@*csSdxeJQb7c%dk(5&pK~rvrtCxLZ*2dnW&dH$%1Oq
z&~IENTr+_3u^*1lhA>gT;%SY0|8njA^;_72*RI2EV4@)<KY7mt6T&yo*0m-s2V)iF
z=<H$}ncW7MM9E5Zir%G|R#;KX>QH>b;5C5I+md6`-tc8UQVTq@uo1(@Ng^?j{u<-(
z8TE7Dzt_8t=Hr!p*Kj&}_4@T&C7h^dqm%sS*}&cPrRs&Rp>F-P^qP+lOwpHlTk!xq
z>UbjfiAdb+%gHIQGEKmBzfk=h1GV=pX?nD+_|CL$g4aH5$h-&9G*I!MXbQ&cd&D;C
zQEp-XqWh{pQ2N*a+VGf<{QcKMYSfB<lm9=i_&_GOP9Q0^;14$(a%dSWV?@s#49<_u
zyM{Navv_`w&#jAlO!x<MZ}1lw-aNQV{;mlf8~$BSVZF2oJoY;fNv>-Rk)WRZ+6}MU
z_?TzW6j0mPj61imYiDoWHQX$H{yz^o*c_w=Z{E18ZS#9Lqy9ad|G$Q_g9KiC{2I*B
zdqJanMlZ|AS>!GVQ`rwWYcbvpFZIMSf?kZl<2alP!On=&_TMu$uKWJXeXI1k$?vuH
zZUJ51+oxgKmpLS68XEGRP3+H$`uhEu#RpNGKd%Gv?L1h>`=<zWL*kcp1SHo1HuC$u
z|8(te{6;YK@5|nObx+=#<T|?Hja!XtIeC5RySPboe18@+b}V@9w;%ku*rn(7b(?p~
zy-?fAMTo<#EUrH<(vuq_dKhd8ztaQqAI}Amj<+z)WbqeFyAi8*#qIxmm;P2B?1?Fx
z(4XI^0K&vwaeN$d@}8)VZCNybKI4IUchNg~{;ZC>^6$@xh^bls?_VyQfCGP}X~)Wa
zV~F@qn83KcUV58Q=Ff%RJx;sizVQft>uwiI_7A2t^go|T1);?A^)Abwd*1*bLi^m^
zi!UZ+Eh;9M@a*>(>pvAlRtaXJ|9Q|5@StK}!~VaFI9O;m%B5*vNxQxN^TfGe98={R
zF@N9t!!<B1Ee0&C@c(9OG5z>wiZa0zJ!Hz_GJs}Mab`XvM?Cx;G`@fYOfzlp)}MzE
z0}uL)+(7#MdwQjN_ajsO2`scAu+Tha{1dv!1yR!$_wQ-@zZc5Cr|sXX?cb~I-$C-<
zdmBZ$yD|H*EGjDo2bX;)qIx2-8m~7soO4-!uH-#~wFdq`p$1Y7=dC=LlXY1YNF;w}
z1sC21(qoNVGd!rQQjom$mJ^Iq9UpU2hi$zyS<93T%P<eN9fHcC!)d_g3WI<wwju82
z-vkBSaQgc1Ypa4R8kwC55^PuS$LT*eR022jp7~o7$EVa1%m@)+))NhZyi_CyY_aDX
zqQ8@O+nP*pdw)x?Jt7ZL7x^bk52G@W77TOnxpw0r4cH?uBbf0kK^^n&kK_CgBU4s$
z{_{Z2ZXdzfJ>xuMFxTxky*HFCusEh=Qx_uelx)lGVcO-Sp2WXY7#bkex+TGRmmJ#`
zq*z;w1U^FU4dR%FPF`ox(8Nah5Mn;6B}qP-=pMWnqvKi6H@-@9$uZ|FPoe=_+Ov1N
zEmIffHS9#ISS?X`be1qCqZjt^lq?oV5vA%kjTZ|;pGYlBKj^9to-+Q`MNsavz%jfG
zzzxYxHNA+Tj(we7;)}+#mG=^MKYlRB^QY&g#&(`2JmA0324~93*@s*$?{<`U?)@4b
zUEG@>QMD<Avu`*@N1l&e&<LcCe$E*5Rz<yK|BAdAN#NsPQ_g@?y&atizY=By9&3x@
zB@}20+$B!sZS&=G(nj*Mr9qz*hPkU>nV{s|54=nG!(o$I(~JMOFzL+6O8I>z>_kAX
zB!GCXVY1iZbZH!8$obdC-ciBv;%Z7XVBRDoQZtLt4TrLt<*Z?hrI_2puM^nvD8TtW
z(PfcysJ=8^Yr;e~;;AaGelXX$>~ePR$=B0)<<K>yS;dCi0RVx3r>HGjmvA+;!H?O*
zi<i#*h%_oU)#X*+e!XfcqdYx#!!k%=&!xb+`(3<)0+(D0l-J~IXkazVqE;N0A(N>M
zo|!@KPz^`m<&EZ@3ghJwf%CVeiyk?Cn@FR4-ngeSN!WFu$M2crx1c`Wwc$ftGxeGb
z*Cssp#qNSr-RW{-=HdC;n5$hUNsZVi=9+1{3M045kCra(ALH3GI|1rr{KJ23D9`$h
zgsV3Ts)Ao8W|w}hdSXVv{3Uog@<0}c*lfV=;5#jNNaxeDL?0F_54r9XcAvGCQQ0;s
znf1qZVi8kI?cHQqQVp?7`;4$~c=4UMevJYb-L>JWveTrqm6tr2(K0(;lw9^k5kgH`
z;w4G(nVw!%1;crtPc>ql4zsL+@QlBHF=Mfve0#c8Bc)gY)Yaon`IOReKWwarR~o6F
z!TX}^SG=M%N2MgeK?8`0%rnH9c!?NGPloY^@wnP~w)rOtz(Z;&#J;g9;Y4m+F&s?e
zP^S&WGq;KMb6o#Ule!gtT;t6^mEtWbie+ZPzY;2dq<=Yy70x*~Yt+h|Y%ua8`(F9N
zg3gflDjQJT_)90%i-eF0P@O*@j$|j|51S5!fR-xm-R?WykGA$5O?5hvj5qkE!%&mh
zBl~|$qH}R;Txwqm>r+2cLbPdDvA23;^WS%Oz<B``5zn+l_s>A94T+7Aw#CmrM3lOX
zT5U&V?)_ffM<Tea&mgOL8hfw@{L#l_(#)mD;6kA`%m%&AbE(Wit@Fl2i{Hl!7k>@n
zC>Th?5Avz@4RH|`>tio0UVpymUk*%oXumgNCb6rpU^bhVpux}XvM9}UzRy^0JZiMY
zX;k2_#VQ+!+xLu+n9YJm9mwLJCQpt;>v{1p1}H5?2Gdc0gF8ESUEUNk9?C1(6FeGH
ztas6M&4&<x7JT#)DVx^uy!C~=DqljT9ZepY%@u?c%{A(vAV8D*Hf#d>_mkg@6f7{Y
z_CUPeySx3>0+_;7%WZq^n+?1AVy;d|llEPvX`p2x&A;Nf6=^r9NUE9}+=wiCkR4ku
z<0k3Djhp4(i55{~%4f)FVQ0hoEZ?#7=W^0;u9R7fU6o6A{bFCV%A}*GjDtp;A2T7f
zOkBA-9Mg(1o;5pC^yRrk5PUS-c!5x{LRSr^5p!+o8-C+2J3I~KGJf4@PGV*Z?cu6`
zg4=^6`X+A92ulqX@nH_1EHj@M)RpK+54C#>9y9ultA3y+oz!#sze1}8E*zRt`?c49
zK-hb2{MWqs{h2$)7g2A98n^Tbn1895jV^wAmFT>~Da3!eX;GmD-Oh~2eWx>V)nO+Q
z%VDgHk2BfwjEf~cEW@(<!tTdFSss(<F?8^&@p5C0@zKX<2t1Iq9tK4t&7|(-WEHx<
zrTNrNZ+$b4zK$-QN}iB-EtPDp;hQf%VHyfD=XZ0ijwcw(Gxo;0JRoJ8@MQ)E9&o02
zG1AOMilE!DR+v-EXuW-%(zy@Acf5>c)Qfri;7O!y8;@kR-KPvLUxo$OazQIvRZ2PK
zlf5%2XZHA42|Jf#p25ke;-dm|PhGNM#D&Lt(Gt)bJ4{sA2cR1UK5?78#p-67%H1Yz
z(gr2wlyjgCCpDyQGAIeggRd6Fs7Q$=3M9fzgX5DcEHB^Hv5wkPdkpd)4!olVIJaW9
zN4O~p-zPL(8>|~w=W<!C1#;!_Ucve&Jzq+eb(gBH0P<0aWX}MJM2Ds8urYExsZH~J
z;$Q+p!BYU=Jq7R`Kygr8gEb12D_w$Vc*}V@ix!M*lWSep3^#gSnvg|)V!ac8?Q4Jf
zc|cVDq~_5!54{rHsbL;oM>xI8&$`mD$0TLob&hndINb?reu)?&v4KDt9EaQ`Vi$PB
zmM`;^(6I~;R$?z}DFbZej4rifG0gG?i+5ab7>Z_oeL$ypOPcEaMKGrLJAFg**_iKL
zH;?@-gNj9owy?e?cpR1NO?P&@Wb_P!-U>N^7j2!r98bkp)33{pa+6#gkuHciM5wK+
z1Rm`Ve3=i4IyD|!<cAC!@-+qr8CsVYvU)dPF3VSXMNrC8nuJ<08$cNjhX~l+9+wVi
ze~ap(A@ex-1eW7l0=~+o)6;4ay{_R;x`Fo$*`x`_U{$BAjF{(}$kRRXl=VI2heHTK
zEa};Vz@<ZIyupIik3s<+hZA3EqO0);y5y=X<i;cFR(t_(Ll;CefQ{51-Md=(&spM|
z#W`Zk`qY<T+^^keLG8&kS-&&IE5zBxBlv1WDupqj)R{xR(NG>ka}4KN^NZV3>@2KI
z)=f*LVlVpvWwxoew{*n$c7~N&nT-uP=qc#{5$(;r$m-TqoMbDdI;-6n-I$G)p`(ds
z@VY`qtU{{gcw-RstoOhi^gBYjgV-hGHD2?~B^w@j?zZArU=|$E?VYb#QIii*X$HmG
zFv&T*P;HJ+I)MaJO6;jU2cbs(@qWHyy1^$xWd=3%1dbx}NvOAHIJ$o$0o|<0n1*ow
zk|(|SQO`d#BIR+Wh75k@2RT47B6^ybL}TeaFD6J`?Pr<x_ql9}qBIX1-h5(S|AD9+
z{8b>eV+(<VTKg4Mm^n~KkP@=2ov(VoZo{83>9ml;U${I@Ce6SAl-|x=5KeS@WB#Is
z0MLGqO2!|eu;|Mn1prew##}-0Gk44yq$Rw&ZKloNTk3LYJff<9x$cuI<qku~bQqqb
zJ}eZ!IN8m(l;%tx4StJ<AS6Cy_2jL#UM;L(b(jd}m!WmIIVV3jz_bjQyRc0;)#z}a
zNpM<9w2XMU8}bf>Yw)ZF-jfYjJ)!R9=*Y!@&hnnHamY8om?D(o*+l#a;4VF`q;5=B
zBbfM%(7|6nXB|EvmKz<-V>r&6R{44AiC<`(QGjReBOesAj4c_GZ2o>EIs*ARd%7{4
z>EJpHIJU*A-F>6JkI^jNXV)Z>S?XMqoIA>IUsbnDnVdG385K8HxJ0c&;{e+l@9DWL
zvqi=MbzKi2R?HirgE)n4i)FgQR$X0tq7FO-=BfqfXWR<WwSlLJik0RtW{-WctLb>!
z7=pOC*e{LP3iwvOn;c-b+}q#W8aL3ta#{19)LI!8HllO?sXt8I<{=JukTrLFwoRme
zBfm_j1epYd_>aGUmd$)sGYK;d!`UC0z^%_OLBkXvop{V{xIDg(*Sm?KgO=@H?DDy!
zS1z$QYNSv{cW=pcq!I%UPR#2uZ7EwAT0N#gTYnsc#ycC%tzw6BZB4Y%&D4~|qnCIe
z7D*%ZVn64Il?Zu6#;xMC!==vwJG`H~74gCzy@I#foiNOgxt`|R0Xm=Y-a$4s=Af|2
z_-elc&eUzt8tt$?IrD67F4Jt}{PQG=l0`R9U@tOH$x|+RU6JQ$T?wnf3t?NqcQbvb
zlCSDM@#VBF?^x##*GFNAKV0i&j8ndv)9JRV_&nKh;S=*@Y|X)1S(3(LF{fypu|_??
zyMRChVmRg?Ppu(I+M_sV!tzx~JTuw$#gMN>dTPHG#nNTX2U2S`)NtaWhO@)+KcHF&
zy!Phr`mYF8|4E5~v}j**&$w%pz`SdJ>oOA(FTZ-pqRU8#xdtWjZ0)zI>44Su88&Lp
zZRDo*bt7rFgO6y=4xY~7bE<qZQjoI`+zNIuQ~P+bODXj6B;$N#Q@~}Umsm1#z1dWc
z(yw~-i=^;#&s#NpljumEC*z+7HAHHt#K~#58)(*z&)BFuzbS!6l#2~yeR1+M2et2h
za!%A-`I{|lk=V2Ar>E|iPwr~o%D6<j+k7#4xqBRjmre&3W~t@kF|IGOS9WV-2#RfF
zf|G;+s)zjTZ9vN~lKiG+;4>kl^G|-Y;(KOs+_`b}1~nQg>Ay!q;xF8ezi?k1yjs|0
zze}%w{hoTAQ{i+BdGq7mt5?c*FK7S+eH8oY9~LKhEg*4_B+6`P+wXU2jslP`>rv4F
zaAR926o5htRTUxs*506=MpZ>5d;J1eQ36+umMLRjKLB2==64a^qdx$+JNQhW&4XB=
zS_mDnhu`xm6+9VVtEyXyN%Y(aUbqZ7_@(y<mEd6gYl0)Hh@TnSLCoozPR!-@jh9_8
zbtr6ewxLaOHS*cEq>i90*(COgsCzm|uU@4nTw0TSr#SwR{}=wf{cz%VO2e~}GXBx0
zVVvoJ|M>DqpUJcX-~lE<V=NKtr70%^3KfgzWL|7?PwOW$|EUo7jWTLOP}N~VGq*TM
zUXDhaJLYt+{wWcAhd;fZ6R2dEYVP)>4KhafJuvD{dRnccT{Z*i&&(8S2P)PX$`eq2
z>Xylk<F$KmM_b=Y;uU_#RlBkEs#7Dkndc>A(~!~ux<bIC%R`p~XlPVqcV<IEuI?$H
zgU`YiPjl1@+`tp_M^oqK!myRC4H=j4Xn_0&2A^5<Ke3QHg4*7qB7hRT8_tm_cio4q
zfisN1<B5LL|8)|uL$xH_k^MUUqhh8Vb3BK89l>L3K(=n0?6<~|-M0?Qa-RFSVU58J
z?LL*pTAM6MA$WB_#G>Nld033fZ^r9>QQX2lF#$ZF-*J;7GVQW{E-_ruyGbqqq=&%I
zSGVYWR91NT3!K0a8HDE@N&g@_sKTnId4Wpk;$*1Gv#HQ4G!E-^Tin3$gW{fQn>`!f
z|6FzsTTU5gCBfb)0G*}&xvfV{5Ld{cpgAbJ%56K^)z1fV6<=yJ3qksHo?38P2OZsY
zNMu?rj@HUj`D{=QDo@)Kd+nV<tWt;BW+9jKDljYwAy(X*YnNjYOz?-1EkB~K59i7;
z-nma4mcr)_C;TSzO<x|?J#_uE+Iv*Zy87OHheirvNN>mkekDq`uvOnoO(T0rZur?b
zEMqC*TjIW-#JBUv?m9iM=-1i0;kZG%k%x)=QT#r7v8d_`RjEO$r12*-?2LL$XWyPB
z)flyZud~~pE>$dalR){z<8L5OW9R(&n*{p{m3JG5axDzwnUAf2(=#wjHd;F;c!PGz
z$>X5~er8L={l}rCJXAHaZiOJq*%$3ptRfB}V}0`z!i&v|5{PT7k^Qh3aKu}8{!X8G
z&wXLz;RZ5^KH_*I`JE>bbS4n{zR41)owB_Jxs@!<jum5|p73_xT(N;68D`F9!ahlj
z$9Ec3TWDy32H~i)g(BL-<hqi^&%Z78P_XN6(}%8nqu$aQjoBjeG%E?X|0D?4OB3|i
zH6#tsR|-A9A5XEMr$>1_Yah#2qNf33yxUS@v>N#@Mhqr=C=qYTnGn(urtvKMa-C+B
zQG`W6RRJu==c%4`<GlwS&Kop)?S>Os!W-NXJMr4(0K$o{F|C?Td7ciONuuS(5;p55
zDBuPNOQn%pL)*rKZv5u09w^a=Vza|_0@fm*>F`CTn*}?}-jmmqV3lx$?iWP{oqEdb
zz@_M?o?4)JD_*vKw`kdzO)_oaq3qP!9$vC7vuQgfD=XaH+lovxHt4Yj%j75R>bDh`
zM0`^tRT-aBVm>q_NEAeMzlo(fBsi!?$)$KzwY+l-q07Mq0chexvnl$dI>_^#*ev~g
z(F{3exAk4(vN4t7<TKKV3ZpR42Uc>=Ju<;oqIbZ!v$G-VYQPL~glNx~T3p>#S}vO;
zq+G=}hPUhP&7P-<CyRP}{u~2#TKku+!Ac3$1V*h)BvT`<>6MnJbF$rs;t-8W%cjjU
zbC`0mya?zzYq8nN)sAVXSxH0zjQP<^bR0dEyL?nYF}|#=yTztGlqG8bCoTqlI98KB
zI3ax1QK#wBla=305mxSCr8n2;ZMlHqndB7C61+5ZQ!HDt?sd88*pDwOuA3*$26Jlt
za{cG&(hrz8Y_Cju>+h_WvXcOD1yBRLcgmqd^HF;;YQu@~gdYE}H7>mu#)m)B(gP40
z#3=wm1h*TX?M4gu`kNZ?c`jQjKhL;XI7ae0pwBG;Z)Z&X{8ww-&V!;@FX5c7R?hM6
zv8v(45FTsJp4eujM_raTdG^K0aKD{%!bdxx3Y*x2h06T+^*VZ9u~<=ofY;8?;}}VB
zYIpvcHSD=Y{wFBmkZd`Bl<qpm8ZFkka@bMvde_YfDJdZ3T*^)`HtMpdpmZ&7kV#7~
z9T$>|L{sV2e*r{E+_h_yCP|O!k~%T77_={5Zk_|6s(#UR@1bjzh768qv6nrRSML|C
zYk@uqPR458zd{94^$rQuDfT%~vn=ED^r2#5&wQ0)BeseVKG8&SQDI`FsKg!TGnsLa
zB1D5?w;RmMA`swY15JLp$;u-X(nZzb^9CWP92<m1%BAFxRtXS}eXc`C(9IVQ3EAmD
zo5?Kl)Unj{{R*S}s?TJ-TDyMda2!dEtl22-A=rpT(<G~UVydr5KDRLRBYQ8SLgKKS
zPtQ_|9OFqT`(Z_k6mFJNuwo9ww8y>-^{cf(?~F}>cglVbTvWh;ZxlAY_@*&cm1``m
zBjUwo?#Cn%jc+!30&G-+`pf}(8X!$L`ewVCE<ibdMu8f-X>=pz-QoGMR4k>=5zEkg
z^m+u3n(F>-D1*`<6Iec2^shI{y$pVkoMnq76lG_*e?HqA!QslX?=Oqsvk*lg3Hw|`
z)vI((^^Fu~+{N+SO3v%G+mMSd)~By%wSP!V)Ea+&`~n%6#8<skYAZ(Xr~>=q(yWa$
z+$@27F=YQ$L`kX2%a1f2<kJ`6xWB*9hd&ysqXY9;G53AeiV)EInF>5fh~vcoI7*OK
zJEzR@`$alik(R<_bsm)?(Q(9;=db+Ugz2eX&}iDWHvhbz_fTB@GZ6pWEI4PyjV<2D
zk(@9ul>}8&mQrFpI7e@V$~Mp=r}W0DU1DgKo;qJd?%5m!zIr0rNkcf|2s+(@%-<&E
z8t&A|+tH!Hy~$cv7Q1O)jXI;K#jXVAO;@*&vL>5V*NsPZAr{X7bn5({5>W5=vo(q7
zrAM#hz1^8!xy|3$5B4S1e18~wTFB*~b8tc%1Qhr!koO}6-53Um?gqU;HQJqYn{H|0
z3c>DP<024B2R&U|h3v~DbKYD5;CAANWIy`S&^5@c{XZzjzD&gZZ7;6V6b+2x3T+g8
z(oC>lAuVx-^X%o%-KN6c_tJOR%bG&{$hqHr)2d8~x5}KGlp&bX;XgB~;Z3=E^AFUM
zt=;UQp~$N)4NlX1euhY>-bHieuH|u9^liL&JMo;8ByQSnJQ5<f{E4lK$cgi3i0(5i
zrvoi{KKT8e=ZvaAN8E{EpW7svtZMbmID47l$I*FQ0$MX`f<<~Na>v_k)xjF+Hv%y~
zADt#@eDa|X=oDRy%ibLdTlhP#!nlal7=PJ}&lL)^UCq7Th#134?#^ft>3-Xv;C&uj
z{N3or@qTV~0s$T&T>HejkWw65?>-q9tyx7hOO=92o+<utjXRDjxt19UV`x;as635$
z14|p6VAWK+Pr`3-BXPzZ6whSd92HXFWL;Vn-A#Q+XQlbs>+ejWChDt<>#5esCbAyA
zS)9G<PuZaHT=~wG^~B~GE9Gl5B#LF0Pxq;yeq?0c)t#G9bJ-P4W-&MBCfR^$H2Ksf
zxhmsI%cN&DPQ=8Qn9E6WS#E=@x+Lc1X%f1j7k~4cM{_CSs>M?;R4km?uFI}IWQ7i<
zbrvoqy9Y=6d=5!8?gwxEJfVOoek6zEJ)FF?bVGC!F_)^d?i*Dy@|mduNy0!5Y#2I;
z<=z!LHOI7Y3oFH;l&t9iVbvyMXS1#`q;B;g12kWw*!N(2FVIy6U^a+HRnv9lz9f1c
zwfjAJ#*(%=jQz~j$5?zeu`rxUM;wq^pYNXkN3oyInQ5rTX}J#!meED7Q&)7Uda*+w
zGPFnsj|zKp>AkWKLnpl;=I+Um9vxdwOr<q!h}Sz=;BFk~a7TPjG)bW1U~a=lii*SX
z_aX2`4zCm-YfLc9nbYr(I*U5J;?`Q+u(|)ny@xUYCq91|1uwCRz9sbn*&zYzS+Swz
z&H~nmLqK%j&~7Up$+b0d>Sbmx5t@mU?fVj5J2Q|UMB4)zV)-nwCsSl<#V3vQar|F<
zqw0{&jnvonz&C!Z3vw>+p5DP&jHhsv5npun;S(5787KcGcXw5vNvj(+*Ll_MK1g$e
z`Sv9Mfig;^TqCDb=X`H#?mIj~>fWSD)Sw|4%4X>iZDfLc{bi<L;E#7;fgG7&C4`&e
zX9zW;-E}kln(<T=YzI`{yJ$ldO2Vw?Z+wV#ba^Z;d6xMOO@|xD=0I(KHj{pCI!M*6
z+cccrB8TVJ?TnvUA>|NI+}C_^I$fHxY}N%ZHWJ$Xo)KHVUTJwg2iAq+DSlRi-j5v?
zS#QqMsXfGFGb^F^1Mpr3bTu_cQ7dp5?9yU0dk*8)%EXEu#|nWPND0{T_C7wwsyWzS
zJOAv*Y#U6*2F=&a&x@DI1phtUh~i{*JAAI2UKd3h-hV;=`wcRPMk@p7rbgK`^U=qX
z7L$K=hCKuCAhXn0VNSREcyK7$ME9-NZmWCch@CCA3YWHE#v?LbLR@&eV-s)Z_gT(^
zMx9IDfiW2%y_zi*{BUFWLDN-8-7$>;bgBt&GJ)y0V2MoMGJUivj$q*t+{NM(z{HJn
zUY={rE`DO*sqT&VnYq%Xrbos^bh-XjF_+8z9N}@XM(RqhhXA<po%ge|Y_r#dVH0%P
z^<})V$7Ojo;SN{_0ZIa06BV#Hvu;@GEaWJ3@SWlA9u{OQ6d+)Ul<*_|Ix@ryvh8WA
zv#sd+vX0lXS=AhnE@gX&#db~$N{I*<S~21FD!JmZ)nKmt8k;R&B{Dpd2614z^DE~u
zqaM?=bj6tPoz}D9nC;HYIaQ|}o)%15$KdLc(J}VD!to}?L{(Xq(s9Q<?qcoZ2Lt&_
zX9+RE7I6Z@i1VQw34@PJ_itTF-SA*_UMhT8;>E<e{LM+t?M+rMbPy>_EvNUwhLM=|
z{D>_4j(rU0d9-rzuSO3fLP%+)kts)~CVUysj<0eV;@Mc9pIiSq0YEJ^ab9H+)T5r%
zz5`2~XE64#K`%#*vhAh}Dab*$<bLikXO%SU-2k6zV?1-&s12W3a`*gb!#}9s>3u^7
zMxx}U3`0LLvOap8Tm}yJb`U>WK6$nL7_CCVS=oGqeyb;oeaijuWdWBL(*e$imGNxu
zveD6-cR~}5`%)t30LUM`4_WrZF#H{uG9L&Ie0lQ#Da~#FJ@MhjCuYJdU;DdQhUEep
zqr4<i8_lHL9Ij=ew5;c@D-HG;N5#Ve0DC&vm>t=a%l*udIF!9mKTSV<^4dhemFNWS
z*whGf2m5C4e)G_r(&a@epo!sI>sA@1r9*B+^@v-rD>P@hN56G@x&&X;N_AQ67R66@
zJIN41rH3iZ)jd%T@}sq**Crb6$|)re#tk1HipL&#;rN>>j8%<u`|pPgV0m~W4?m(1
zTZd}#%vidF4@xW5j8gk*1@WHB4i6Fr_zYwENX$Q?>)<sXCkmHCCe(2R|Kfh=!VUx3
z=d-<W15(>EYTq|&6mubFD0V2`sn{oK`qVt$40e|CGbQKo{)%mrTuCE4l}(CRw&W=V
zB%$K|BS*KIzD>|VD_euEv;rcjW=5rF=`P%-SF6uKqg!WGIZ-QTGP-JV)QrAg<Zvzb
zLx44Dk%3~_Jw)$vyLsBp#X6<)_zzVKT$4?P;To4&*9ZO!2pXKOyD+go7v5oy*24(X
z4kMORi7pk;ecODxDEQ-dGPzy&Q0;fk-W~o3K4LMcmE!s$7vO?@mPG~bQERZndIR@;
zCt+#%Og(jay|NB^r6Iz6z2^>_{F+bbH7s-si55UjY9RUH5!O;<@qTX+A(o-TGrgHi
z5RD%6+G+4r`mHf8bN9S~$q#T$svb+DtHDB(Px?k0jQ2nHv`vsj;puL_T{q}8mP~il
zAdB7%CUfBM3%TtOKfJ~&AQ2GwvN!Iv$<ZntsX6|n7hnHKZkSR3Kw)S$vzVQJNTZ;B
zF6p?v{hcGbaQ%n@*d_J{`P>=_*w!C2KnHCD8A8Y6i+;i%)Z+!sF)hzu&G679`EUYy
zx43L|Wj{u3gMB~d6W@XUBn<Hw1h&;?2X6jB0Y=^Q_##bixQD?LYman;-X0mZM0d$p
z=g&O-?+l=Q^MS6j+uo6DEuuh3>u9bSdgxpmOvEWVg%M@ks<wi^KkCbD?Pd96qphEa
z=}Ijn$Ee{$sn>7@Y_XHqVIa$*!I1+VD#r09kr{xPxeu(Eh;D-pE~_;T+=e1|INerB
zpL63*0=EsMw@$Awk@h=b{i>kQ9i93?n{3T31e%N6YK>43<N=4p7e}UopU`7_thWx4
zd^+RBN;ZxauV<3p9jDw>@R0$qfERtbz=LD{`kmmTs;i)yUh<P{HMei)Qvx_Tgjqh_
z>yA8Py9YaiBbHgY!|faFTZSnmX=3q@P7!s}PFfeHQOmUQDw+vc-iHJ6tlVGdRO+%%
zV<b}_+x~2|p;jM693D(@VI}*8#vAIU@@gpVE7K(FmRNK9k6y1ltFlyV<JAeg`2ooA
zeOhWu#kCK8fSBJp#1}*ivj!fS>w})d4shT57mjtm0!McUuFcfQn1nv2{gsu^Sl?~c
z>RS`foz~-V&~vXCL(|4F6sI^?_g%W9a4hbcl8Xacj#u}Omo}pWsnHh5sz%jgb6Sl9
zjs2cWnyW;Mlr$VIq^#{6U(QZP4@aC6kcpV+f><<r{&{Q(z*!I3y-t>5_ajQxJy~-G
zGR@iwAk%4jimN8Wwtjuwqr$OjW+bB%8E&iYs$OMH=oyl{SI|?9+WG=1+g1d0kVesU
zA^w5DB(4d5=6UYw`9{^iFUeHRyr&Yiwt;}gePWiEBUT&Fta;VOwQ5ODQVQxwgNjnQ
z)kmf_-4zUSL!Te|lFk~!n~*05{Re|%XUYZ6HC~pw1uHqMB@TYJwY#61KYP(;9|v1w
z6L0e#N-^=hZ7yXf3;LJW?$DgDYZXd>40Xl^7G6VBj8=S3fz~*>lQlg}zPBapm{w2F
zeS|uvC@t-=EDrpwx+DGY&txLeUZ%@g40#_MB+?-v(l8`C@{`E1>gigp{W7{p`e$pF
z+?}6RMk_1(?T7q7CpYY#d2Sj5&_nv<vD?MFGn)O&dRm)W;p5Ih0Jo>7-OoT0bDQ$H
zu2*XGJ!btes4sSW^ImfCVy>L7&sP`~C{-H|qSx;jK+l1@^iVCfoLa{1vn#X;?eMH?
zRmEbC^E|idkEx}%*K$y1&5)-uWL+s>K7l#k{Ub5YZd3gA!sEoTL@;G$<{H|ET65>s
zx6nn};@^qY))!T&#lBsGoDkkyJ^yV&`8Z0L@12t#RTCOK4nw1ug<@H)kZ?GTF82*(
zE27VLvJ%luLCM}Wn`qzXSiw^xYI;&XatiRW%qG-+Bh#-}Yg*C*b4?NQ-X>}iSTCI+
zNt5fMf|gYT72~4R(>_9Cf)9r-BG3M60Rk3V(#~^pQMQM0fPPNuc>)MJd3?{U5Ox+t
z1;U_BHPPAtK}J1Hx<Yic<P1HWGXf_S_k%n@+-Hz!LQpi8*_K{>9<fqz{X{Y#QAbvu
z9&+GgzV~GS_6)R#0C@IJM>pKuDj5g7-LKUY7UpA0``9y^<1_>4_Ka%LJ5ts}znj2u
zLNADHDp#mgL%HqVR#W~Xq67cl$wCR()PX<cC^iJ3^v+Fw%-a+waGo;|0HK$XO8+=Y
zQ2xAnAD|_l`ArzG{C*(L-<UeIf#f$cjUxU^$^OOKK@Y_KAG3(S4PO1e0kkCz7(}2A
zGu~x)W<=CDqp^?;yL!C+-t$R)sW4N1=icB8A1}t4#&HO3oNgjd#58Hw+A0?cmRQbD
z1Z*_EQ{=kf>?ZfNFCYnQ|HZ=c-%6)YoWdmrA0`RA)PX|3X9IgUfR(xv={UMmlBFmW
zTBj~Ca*s<>+5n9lC+2><F{^Ao{v7vk_AIM-ksz?EMaSl9i#Alv{o|}*!J)#E8aGP4
zK`N8NXMskmQWtIXElzYciE~pD;em9mishELG_mUjRAX4Yy;|4zpCpTGG^8Qs=PjR8
zrH0k+bc^lu9gWTfpHciPR|gzD|AQjVw&tAiAnYH6Jf2{%5<xyuZe9))HuG1l`8tvI
zCr4iux=+OaANJletjV<R`W?Hdh=@v2id2zK0tg5w9YT>VARyAaLICNa6omlN2^~U}
zCS6KEL3$_wq!*E1q<08;&!}_nnS18GpJ#vAANG69e3(x;@XD2|oag%g)>?vld%M@<
z+}-FME?V)s)1B~BB%m!qNraUbt&FGE!twRCmL20MpeBFqdPXTwjrxL!9Z&-A59ksS
z{goQYZBkfWZYtjktJ<RG0=GeQ{`W;eubIV)6W~C<{K0zkw+9+n!Y!Tj7HYj|-IB=k
zN+GdOJ#0J<I%NGD&cqEs9rp9xOspF01%OSFC(O5}xbzJyHQ8>enQ;iTITNaSdQ7>Z
ziQ}AQQ)X$RvyI$j>wJi&2*{O*e+t+zhcKE2EAVDHpKpnT6dO`OpZF;xlqvwX*nO%m
zdB9?ZX1~twb!+2VUequdQ^X#aB9^hwo76RT%)F6y{p=)4pu*gbrUkk`Z2h*k6o^*+
z#clz-tX-qFcI==@*_{hXn{x}iW+MprTS1K|9bgoAR}5;kY5zt?WplmQrfJO|MPT0k
zp!%A8>t$Ns5;!wmwbI!Pup-$n=Q?4DEVQAV=%!dvf0E~41{QccI&^uTEIkr*Ue?Oi
zK&Qd248~6qCwU%~f(Qvk&HTM2K>P5urkSGi!!{=TjrWA(Ojc^@yNjMV&i7{IYinLv
zc89Ynjo(xwn1-ju+?K-{x7c9Cej1Ztg<22HwXN%W45|4Bfld-rK#Of|2&`@C1ZbJE
z=rF^I9sUvFH3js~4tDDOwag?bgPob-IL1M=GmL;Vp61fvUMU5Gf*IF$dMUGs+&iy2
z5P}<%+Vg{6VHHQNo(m5%Bt3gf*NTXFXM-Y(j5{u|8lZxJQCNX61t3hIA`O=4K>a&3
z2^M0A(<P`iQ(!6&U4i@oeuK2htSF1r&e-@j_t_-1LX@W?7@Cyir|o^)F>%1(3B*|W
zIEVF%Xs#LM>yJ&R;eaQ)#;M2RJc^VYD$TX&kf1##X4-vR`>xyTk?6bGF5}9gcpV_E
zv4A5WTO9ZOknev`E7_j`BxtlScouP*!V)v4ewc)sdm{dZ`em4Id+T_;ylrDTR@RsI
z6o^{;p&~-AOPakj|EQ8?O@;)m!6P18m$Ox?P+&$Q7jU(Op?o}AtH`8<PDGe5;#mO~
z)G+WUEHCBdQP^EC9j|PiH5Y;sywPTPpy_CgoB7WBbQdn@@Ek?N-m2-Q5!Fu14D686
zU<=h+3HXHagAn<kXyLdTxE$tdD5RZ+rt$*Q$X>+rBW)KtHw#w1y9F+r+kjh;TQ_!Y
zo5Jc9?BkL!38Oypx<@;O3fIRa2#nV(*Q1DIB5_Dq9N@|J#?K_R=C+{Qc{9L6FAjMV
z=$Eg-9!9>>Ig3kKBve9Z=LXwgv1tV934=%)980Vx^u0V_7ogTy<uEYCFCeyLvl8%p
zytM66rl6TWdb{$Z%qzqnz%>QogzSw+V@()GDnZ+P0-UhET^DLv7T|Xm$kGCz#Pjw?
zF_&X+XhZx&Xo>wnzOcoR`Rdw}SIg_)XWJC#t}NrWif22t+T0TlJ4Km6I&|hpQuYUH
zJpm24TyzH=C8Pvx+!3J!q$w5-Dy?X+Pk!wuB`i8-B3?~k__(S^q%>;<8-1+ii=soX
z6{rhLs8;0{An!@NBKfYo(&i}=+x)I{1=cS*IaTMZ%LIn(s#S*0tg5T54t7&qV;@f{
zQyme8zdlj~;-)&fV~A43u;%dT(^o_vhTt@Y`4fcAN9<Nr?1AJ7Vd7QjZ%chCH5C`t
zOgSM*67>{z*MfJ({-B1#fa_i15^5sV?~NnX7Wa-fr$y_Yf+JZOdMG!8fVJ*bcapo`
zUP6C(yf*Z(KxY4pY9(F*9^?uXwE924Wx?FF3l~nH4d^cE5pY@R`v5lx?B#CM^(?X+
z)y&qZLIL?(%4ubg%gpmoJJI#7Ka%Icbi+kvYm5GOWkg1O9JDOJn95o_Q)}cY*T*je
zla{zf%qM@vLz<=&pSpy9QjrFWQ{^<MVP~abH;sy%<J!<zghy=I1qsxStN_a^Xiwd6
z6IP^{#2t6vZI+V*G>CST{c6|R!_L{3CWn|y_YF{Pl>k~$07@}EfUIj4c51~M&@+by
zo`tzcZB(1)zM~yIh#!7^&IsNYc$(4mu6A-6L1G6vzKn5WqlQPi^`yiGqDR&t+TVbb
zwXZmgimDokF3f^v8)&=2EpO3!6b;8u+KIW-MOu~$-0WU7szlZ}_F<Drd)oE+s4BD6
z@HC1{DyhQ?G3kx_8`4}_VcU6@ar{)AX_aCXP>TmlOM7#IiwM#ci1}M!qW24qrQXJs
zu7Dhu*g<+%+(jBu&eH4KZ@J2A4aXet-bO{1^X3j0g@h%|QrP3f9xW?u#S<~~Dv%JH
zU1m{YR2B=BkPePxAqc#lqNd%~3FspkNNspeQs%`8VczD2Jb)g$E@9d27dgtCK`KGp
znDSTziL)o`R_t~tb)1=8Z0`<$sa6V-OplYI`)M%RV<#<L$EfHmcT<}dA!89hKx|3T
zW5eLGQuGGH_N2_R7!`H9eE7jYF2zv3G@uhUe2pu%YprX7jJL#qtztT#MUhS`M@Mc$
z2#x21_tGhLYDrY}W{1UfikMjMWG&tp9zTU{EYu@GkA=Dt)@L_<J`+uUSsB5C?so!&
zutF93u|nllt+{}uJS(L36{v+Xz2&wC3W**^CL6HA(>E(4r0cH{Yi|OXQd6Cxcqcra
z`F$7Vagj3$ytOflDK`T--MW#G{aPcM$|)JM8iHbAit!lU)GOE2rtHc=0*yfG^o68r
zTd+z${{6rL@YuX5VLcoEt;Wq{H)fEz<gCbMb^bPP3l}z$WDx9umRA*3e-tb5&eZeM
z_C*|1m1n}bsi`kb0~<6Nfc(g$`R=6t#&!tIX_I{IO!o-w)kgETP!DnC9_i@H3rk-{
zF!tC%(U7TZ&RJy}KFIAKd|_uYKb5^j%!W8R-*o$R$59uZ%qt#ZBf^Zj?xcucHNRS)
z?EteKnumUAZzPnrmgwv|^;?&}qc^MT(6u!WPFy5Lz$v3Uq_Oyd*%U*B-{VSlS(4Ey
zO|y0P?IZV%!5Xpm`pa^znR^i83{ij|4tmYz3zN0YrF?JibPWHRc^+-NESxZ{ine7T
zvow~Cme&!;v4~Q!87Y#0cU~h74T!WeeR)@JEX`j4!n}!wCb#V<a2BhZ16Wcuzt>@=
z)G`}VQ?qYg2to(tf>-o702b7Ah%8gl0t_1qp9$dLp{^CFNI?|jQ_<ZBB~=s7wekZU
zvzHt|?mnzGugCy?hO#U=-h8)0kMjN}Xc{lKS7-N+fd&5)0*&)uw+OSP2oOpTU4LT?
z7c961CSuWF=eYU^V&bQl<VDXRMsSNj&h)e7jZ-cQq#Lk}H+FrpVT@kBf<h;x54zK-
zD@iS1o?OF(MVQ*0fsNY+G0A-!P6zU($}9?IRwSxF$UX_4#P@S&QINCeB0Z%%#nA0b
z1@>UhT=abJbn%rL%W;Ef62-)tUiM?%B8u=RKhBEVG5BW=M^uf~ss*aOh_hS>0`pIp
zsVoif!e~716a(h{;SA@at5+Luh&bK0Yz*|HsjQYV8}{+zAt0NuP(VkTb;L)KWqNYM
zg5h4V@g!!KN9UZDrhH9FqClLAQJoKnx{^u=>9~t!Ii^vd4h7Ga^+fsUb4U|OS9ZXc
z5ER^Pr8nPk4q~xis+WI<0@q48RdenOka1dYr-5A=!&Lhm7RjRL8UnfR(~;ag$Q3fx
zY`ov)CVNozbOQWjQzED2cD%7nn&6%{Q%K@WCv2>XSAv!Wix=yCXDZW_9Fw$_1fDG2
z0JNJ()<NrYLxnjESwbY_gE9;>cPsXaa=Tuv%tUNgJ?*2zK9-MmB&4qhis>!%7H+{*
z08(4g<5mRtiFJk0O6G_AxNau7c={xEAYWrH^hmsdjUGtXw~#n5^FlJ9vOQf&K&Roq
zx~$*(f~{<E?RmcSGX9btiUuHBtG`DBC@7C0mXkwyDd6}t!rt+$BspPkDnr<AR!0HY
zhwm(iS&7K+ZuQ|1ax<LGG>`*&V7f*RIfglRAGRG?N0FfSmfeGtAaxFcmDf4*B!bY{
zXEVgi)^8o@(zB1$zI;lapBKUxHtJBWov{h>U6?8620TjG9~Nl_FKb(Dr@r~_4ia3=
zq6)yW4XCWeV$B4^z&<R;!)w$>Q@}nCV1E@6gkjmqwMir;ovY7zBhI7kszE!+SN=U_
zo?(}->Jo5M41y+s_!|piUH~3I&~f*c_5-VzIZ$yJCED>G_lu*GQf4-Dd^sTKC4Qh>
zn#S{8>>%Uwt!^IE&gfZrD0kAq2-j?VVu<afyKYCqMbA4PgD~LpVUyYK*0-8q#xvDd
z3v2KoLIox2)~OW4D6y|@I@3lNupWtnA(8CHUfHS3D}B0(UsEAErb-Jo`A9z|AuH*f
z3gDVB8QkrVgydvA$kxKBGLJS%?Sx?uz-q(>H4$X1pIeMrc1eEgUSd)fk+b$LS65Wj
z5@JSt7w#9@5e)F*QHc!aXf5NTZ(mHgZmj6{Y{ZFqycjH&F>9EUuFZ?BejJs?gg&@f
zOdiY`nzJfCoF!re<?cNo2>T{2>p?}P0I9VIquJl%`xv{cV@7s#HKz*`U*N|@2yCf#
zp^3ab9T<a)foI2_el@WyMQr(`iU!G>;fVL2quK&9ZU5gHRl>g4B<;fK6Z;<sF1fRk
zKMYTl;1x8ir)-Eg3VT@5XV4}K7mE&)O5$^Kb5B07zmk6)2x`TGaK9$Pgv)ibLnXO#
z_RUe9JFtPc99HPeM4J=SY(}q4pO=m?c<u-p_W?!#m_59r6G4Q=aE(lK%!cFJuX@~$
z@FRDfvnEa`O=(NZpTR|UP%~4~vRXwI%qftIKtJp{;X|{gp%Zl!diD`O11vT`&`?Rv
zn>OsX?PDj$aU2LN<@HMI#yCop+ti%&Cn1=)K*W}4Q|jO=CYyyTrak%z*=Z1GAZa`{
zb)UOHt(TGJ_I^$+ZL^DI9}_<?953@>14}6gbij`p+Z=Jd+y~inr$0`N860dUGHxDi
zcVaxn$1XG2kv+0|6W+m#HBq(9f(3!}A6xOOBG9RBB%i?OW<NWnhfo-eWlFII;L4|E
zg?d_asWRKVpqL!hDv6SGbE>rJhv+n-wQ6qZ@!^9<dc*w!Zu4_wXej#{V)LjAscg9i
zNTQf@IakkpJfGw{jXa+UPpYChdqxo!5iMe^>U6!CY&{_F?tGCbsO41YZufU=>^R~Y
z<AoLLyQXJm_0Q6>zfHHZL2RwO9GeA8j2$oEd_5BIOmG9M2mpVxtJ(kXY8oTMgy{$h
z(dQrD1^7?z!q&RUYtgdZ0l*jP4IQ*2OmIwM^P|qOOq8A^9s$9&tFgCDcq<O_g;QfK
z#>Z*ySbENUA54j>T{z+b>nF}L7pWl-L-@9@^Jhm<q3{U+*}k!@yYBj^{h;Ykp>2GS
z9(`JY7p9#LpR*3}I0%Vp4{)rA5DjAStbT6l6gVz%(AEBoOaD-h0DqTgf6MHQk7STh
zj(sb4&@WLR!&5I5)9zlH*CD<Z%$5*xnyAw7eaBZK8?xbpMYqKZk)y)bkRod0BtXU6
z7+R*LYIYWj=b2EMBS_zkQU!(O&WN2^*C0FCTe^jPH?e-S&cz#dnJFP@{2_uN-@7Ou
zEF?oxtGQ>I7~&9B9q-RM_BZLS00P*(kC4_g^A2dcm^dB}O9BFwRjyOG4^k(~iwBEY
z$|M91aWlj9VY}Os%+O5-pDOZF8|(gh<s^JVKVgA)?&kup?pMSF2#C2y2#9$NC<$|~
zc>-9g-?qpE@>o7p(tsKDK?YK*f0fp?blErcplEI~LWabGoa4i;|JeGw$}RB7c(9Ws
zv^lT7KWD1fG5LM%^1i-4#iYp5L6T5N3~piRh6lW|#;!v36vmTFjCz#anXzJY?@INw
z+x`_MJ3H!GCA;K{;2$NA`!fRkDfusU7NAfIkABsPzTpCrb{08e`h-r1C#8ks2Or@p
zxJ`k;qWa+@nd#(!*FqPP_n=0E{?z((Fh8uttv1rCyw!&2n~aV9p>l$ZHEv-&HAHlb
zqr$-?@>w{!{9*>zN&BEpnqC&k>E@`l@xwd)?QUS1!^QN!&?^65N}K<D{6C4l|LM%|
zAtnfkBev=U_xDH^?dZG%gaZBz5|my0ixOu8Z;mRbUIXFs0i99!-uiUgCr9VWt<UYx
zC-odec?hW~A4|!TkMs|$K2rY3hZ%W(ym$O-{{JG><gu*7?{~_74r94j7xUXOyGqt~
z5KZ?}v+~M6^K3qY0mj<{pss^76mKsBz%s-O{u3kfPmIhz=|BI3HvPAltbfvf{z?D&
zC;jLDmh_(n^ZyuOlNaHT`#TG8dKTDY|0b%g(1%BRqs)2bHE`km=6#lI05|sdCZe#)
z{O59q^luaA3=zUqU_bTI@g^b4k&-Y6=h6KMx&3=M-QRqakn>8&v^jA){a2c!I|v)~
zpwpXRsx-UM7BNEoBN<1T5GWb@)0_9Q_^*MI>bw0QtMT_t91v6K_=f<Te_|^C?@s-6
z^w@ej-%a}?u%}&M+}*>2Ta@^?7PuZAu0G_^|1Z&|{W28A8$AWaBU8TiQ**4WS_^{N
zk80jCR_)k2pKPOXy%@ttNQ#{&b8Q9LFs&dlLJnkqc<eZ>u09*AnS=pr`|B0{`{?&W
zumnatq#_N_S(<t?96HJi{j6MEU)agYaHWUtnzRAZ0`Y|ORHi>@PXBgUW;c@<1t;z5
z6DAC|BUo?o-6jvWD2{I15j(s!EYJ>@dB0?c|72vp_RTJAIt3oKfu!m#)kEi;(;U;O
zkOI-?%m<>nrY@(q+aJ}(gouqY02y8eqzT&%gnx)i>eTm(5(pz4!k3I+*6hCqxDpNl
zJ|j2G$$)wp*jY1Rb^I+li9PZRB<;=CiKDfqq_E6YSU0dXQwmv@RSVi>G0M4Dl`L_q
z^P>+!r!b*%r?+fxg4#=hQCxOZ$D|z*=Mt#dmbJEFG8yp3e%NL$U8U_vwOW>Dk1+E;
z5rb+{YRM}fyRAIa!AY<vl5^@u)V#`+T~Kc^8Tyc@n)WrE_phLWfh~F~Dr=+HGa$l(
z9f&cvBU`VAf!5Bpb>}i!F!-EW4JA{Zt6(w4bY0BojA_~qsexW2FcMFElcGpZ3^$9&
ztwg+0i*CkFW*QR)ZKm~S!Va+PyhcyBAa1gqXqVxeMUKOn>lih`>E^<4)rv=kWQ_B(
zXb}~0WbN}H<F+t;;4NZDLPY2m1Rf7SL1#wc;r1|7wsz?UKnJT|W>%n69KH}nkPAIX
zu8ZgvnYGY`o3Teu?J!3c)(ba#w5;q6&pOoV&L8uBOmI7k`~e^O_sr|{`WU08T2Nim
zAs=i_+3t_zbpRcccN9GDe7OIup^C4MB<mpcGcY7D%EikLl|5GhrE#26ZG4fy{7Da-
zkD*&}<!v7)dZsZGLERY}XW!6@B_e3Ca+ZCIw;jmy!|-_tmdAsJ!$cT<kJ8XPK!iW>
z-H`R~b2RR8qiq4PH0iJ^SJfib^Vu8X78c#f0q!3hqWAD9zmk8?k5QT3TiiSUM@JFC
zfNktm^sdBm{iS-rBlZ0YuA?V!t>k;^iLY#gXDY!0&IHPDNPofb=6zx?YaLAT3gyUQ
zhJ_rFrSE)f>CSOrXo+HaMWhhRpY>#{{Mq6$kmT=AaITR_W{=0De4kECbCv_d0_;`v
zZQ1Ws=?Y$z(HLNIZJC;f1+~2ZQS1{-B=W#+&|Z`#s&_q*Q|%ql-qYkF#S^*uKVu$R
zs@4W<-r&YANfcYo&zUE!0GIxVou=zOy2l_I+3mp(tn6=tg!fl`co-Tnp(<q8V#qAl
z<oPT{b7wR>&L-sXc(&48j5)nWQ0%@V;;N(8r-0bFlaSH7Z?@RF+{FhL;RC0`IBn!B
z-1myop1+SlTpv>*AW55ZV)wU~9?|cZu;0#BV~!?&cP-j1se^U;U3n<kcy1Kv>21j(
z+L+!Q(_ntuwF<OBWVox0Ziaf<P)^w0!O`{o7~7fNj1C>nSJDas9{#|2_FQO(iVYNd
zyxr+nhH&lu%KQiYf5Tz?jsaPw1cMVq1ti=Uic=*}hch`d3D!85KEsMaW3UnjcL~8T
zp6HOhctTrk5z|Is<&PmSyFP`(L{(lG-F<gK_o=kBc1?MLTkFa#>;pig7}b%B=qIgZ
zY*O8kySU;xYiEe*Y$})iHcZy?&QUkr@_VrT_P{kmWVgoXQ1vd=SrFKaB2WiU%Bts!
zG#M^h9kZ3T5~89fOmFBOa{$RDBhc~#Nat&bEl0b_h`Pyw*f0<;j;Yo;K}sxrNJB{e
zGI>`P1?B~95rv~^@HO{m{J`F+N6Q(Ji|lCw1wLt(3Bg`gsA9v`XimBvv)iWI$*g+m
zkzgu|!T7Yq&8m<g%-@5WV)enTFXg;u@&-LJAGn!8%+vG_j}L7^0_vF594VFN91Umo
zvNCi1nQBXY`=diCIrw;Skx?6a3(mYR%alqy2)WrfF8ZotM0<BeNDzd)nD3@FC6hvo
zhl9Bk=DwZcuj~w@5pu{>FRW%pP;$G+x>q_T?(HRc9kG^=Y^4$T!mnX-TRbq`93p*o
zL!45r{Gn}T&XRz!Zp5^BSYfQnejkBT)lt+s^A}WU64I&H{~Q<dr_^H(>2O&hBRFgD
za$%UL-t8X@5n%V&JfCwR1_6yfcwK5oh4o+2En&?i{ZFU8p*wMCWjG0y$7o*p2t8<z
z`e6|OBUW0C9Q9sjif{k~x^S)-skDW4#0#>qDB&(~sAEA81RJ~)sVq8fv>l9{BqWu|
ztgDmTH3sY$5~x1lJi&VnRGsJMcvllL>2?0|$t&ve_a2B#5lKl^stBd0RsHx+!jMQV
z^s<y3X=vCb^(${L(Yh4i*U&o^&VzcUos?^admWDG{(}z~LC6NOI37tm8y^~UbFw`I
zF4<XgLWU962q%=i6elV^mQ<ocU>%JTWh3-zcHtQ(GtM(9>OLIeKj`w|$rB>xL+QcK
zBbu>NzE;pV+rCI5_h%NE&%Pkkj8*niPXwGwGx@F|#wLzQ_>hE<EIxi=pO8ULfnQQk
zgi0sf&;AwDP6Ap%Y2Mlvw<TNzRd1~Av9$CA&_eMh*;J?u%|-OPsg^{@eSgl?9IL3g
zN-l2>cM6n&f&5$g0+7umN!8E6WhJo0je5NOJ%($(Cj;8!3jd@-&8k)o{3m+zBYOr4
z&o>n6c2xkgJ<^-6sk)%f#Yz=JD8SU@q_XYH$sYX>t-a~gF*Rnm+!*jhH_a8dY`^f}
z_0pi%fWrB1UaH^b#cK{oJh|Fti7%=#U%F*;j*?58HzWF3eMVar(Rl@Gk$q(ZH$wZa
z)r+~_?A^6QZnY|Yn>|%|_by&cERX9W;<rOiG&eU0Hr=3DZUfWy^P#}f5o4h%bUVWs
z`^eNXCYqahcmE|hmy=y-?~4~=gv&B`6Kn{4c#c4u!>+ZQ<4?8n`PHw6T{-Gg2cz@c
zjoXOp<y3SGjW~3l!fHm3RR<pa>Ex-}qxU?R*T{Pm8|~zQn0{|K0Lg+P3i?D#0><>H
zWUH=y!FZj?m@rQ$sEOABnN!xsNvTy*byvK@r@y8c@fwLcZ;T5m%Jmx~h03hV-$J}}
z3|gWO6j?R0OSQSR1gJ}ko|@vht!n2w9aX;d7i&a(P!?r&4W<R9hv22ib4)4z4oREL
zhJOqfzwbC)WfZ)ckhClcmkeeUmQ8AE(q_p#jWM$Z%K|8yGV6m@1;tAEUI1%2ugjBc
z_58P#lxkJalpXF8CvGk(_B1*{w&tT#LBHj#{poif9o?%RXR#I-Dzv|AV3JEU!yIoQ
z4MGsr)T}N}50sr~z4<ls<M+B4+tErKu4-(0CELr|>wFfhKVMHm@Zs9$JQHrkmiCZP
zo?y=_zw*ze!S+a+!x~uyMk%%3_`cPH$efvt&NpOCZ=XL)TFtY>4TUQuxqkINX#e)H
zNjWievEQyaFgwiGMe~Aa@@Z+U0zH9a2wSSh=8xCK0~ifOeW{Na`CfE$vCW&Iw>F0L
z`Ef79^I1`jXKL=HPjmt-&}6tW+ms{eN+%0%AlVsyJ?=da3}E_MrTcTIq$_nOwb<d7
zi=guM{jW+ylGhqf`V*fdHe8Y3rIW^AVJN=_qnMnLp_rVLdG<4j+!_S&TlWG)`pXj~
zVsCC~a!yl;uli(XX&X<TAtn?cW+=w--k!l<Z)gm<-u{|m6rT1V|51f_+<9Qqv%5$D
z(gE~N+wdzcoD@_AsDOl1tw2G(x#Nw(wF7pdxOTsfXy!|2jp(Vqr(D~yZ%&?oJyxT|
z*(JnYi7Ar8FOJ)RKZaro0zow2eqN;y&r0^;Pt(u~*bEud&^ey>d|z@$9l_C^{KS<~
z&{PM37Ud*lo4;0gydR^fTH1d41^uOFBqVb$`v`wS@aU-8<Ez<ztqXpuVDJ*yI(Ji0
zA7lMJi~gP@&hD$hovjp}=h%j?{<47*4FmK$z)ZliZE9}_P&*FqEa^r@<-|w9G$K@a
z`^)JG;18|X5>ns){D+?6s|@S?xHkrg4640>JJI0@m$P?Zv}ZI6jaM%^wd(z8y$Heg
zvKwNK`@lLDeYn-%ev8~Qcy2)GstkFl=MuJ-Jk)6vjy2W$tV53Q+zh>w{{@GdM(IGL
zNpf-LJmfx?zt}Or$1?xr?3~=G)w%mzv`Wfx$2hc#13`Jm-S2R7qoBK77iB(Pknhph
zRydj2o|)x1e6*);(N%3Qmzl$m^FVCx&~P+=W}`Rcv&$X0K*2Q1Bb6uZg{OSg{qIF#
zqBioZs+HMko;S1E6Ck(z9_ejzqMrL+vtRe8HNoZrs8u_)tB&)#;2|X<p+vSXcbqfO
zjQI8XRKDJU#N`YOTN8;pdy<#SJ$Wrl4iTX*;mljNC0A1E2M^vz4w`%~Qc*2&Ki`tT
zP^>^X%7-DZJ^npa*4w(~MrV51u!rIsEKlg-`q5(ddR-K_nM%@lgpRBJp0Mxz^(dOI
z@%RJD<uZ`ja`#J`!H#qoE&+k9`HE^%ZrfV)l8q$~k1I-W4GtYBd?MG>$48$F!<%@m
zt#9#qY@gGvGW0*(ub1AKU-;-$wT>12M4|q*JTRKcHY|SqAVk-AE^E+!=`$sz$OoGe
z8Jo{nF5@Jh*GJ)|kUq+C{Z6G4Ty5zh!{7xlut^D(;?JdEaTzOM(GYvC42ZCA*Gv6)
zlJXO85z67L_pF+~j<qu?cL*rpK7FUZGqCynD>nC55jXRLASJgiTdEY)4s7fzwODIw
zl_f%Pft(Q#%I^@ySHB&<23}>?%qIdy6b&)RVzCw&C9IW;g}*rw=TBIYug~`t{CL4;
zXluCaeD60IZA{=bo3Mn4JXucV3*%HgM=1>4>Jj@cNT>%g9=B#T-}SCirK{3!%Z@3*
zEjX0bs4|xHMkSw}z{4<R7tPj43`_eEanyNoPHBop^SuhS{g?vM1R)2dU>ac?X=Y<r
zjv$5W{fd|GQY+US?#G?&RBPK@5^Gr!ezvdL62^mu<{8`{a=y;w9}*wY=-B3;n7KS$
zRQ~|1y*^xN4%hJ8w7IF=;HAoW=&Dk=O=Fk8F`xNOe%zLL8YeyoI?j-(Jx^+e9AwMB
zkFfc!qdDr&l<=zgcmh)20g+B?2W8OMWRvI1xhBw$emXBS-{lc;xIb*-@Ezv{<zb*o
zb#u?N!WM1uT6w;vOiw|Hw?^Nln}*E_IL_~-D~GExE9lY_B?WV#PM3$~YU}gNCg1#o
zak;rZo8%P`98b|zoQ+&pEjA>PL*6aS9p0=se7YcG(VrT7L+n}OfJoA&;3N(_lGmGP
z1=1V}3X2}Muw340X-d}!zdiGza_c&;B6H_M(~QpEY|Yl){P9hfwC_ysHdGEk8E<QV
zhAty4V>1Ic-I>7GI%!qayKxTjh{(1R(6yl#3aW3lY1#7b)XJgPXQ;MTJ^<H#tdU3I
zK{C<ht)tp-zE^W4X*4+I)}>Q9i2L6pi4+G?w!F|gy7MCD0Y15V3cTn<{!Qn51=-JX
zj;%jgm`ykQUSvN`hMfNFeKic)0#PZ8Gw`Z1ZndbwI*pd?`KvD0Uv6|9_h#r$Yrp4U
zKv;(pN+=6N<81OXmBPo?<@eQR9!?DV9&uV$1SNUiq|{g9z*P$H*A{?s<hOSPi(}lJ
z_c1Q4x}|w=8!egj8CQvnj(u4_L@Wmg)eM!NJ`c<6<5T=dK8X7;I{vo&ypgTek^Ygx
zz5#w&^e>OEF1$|iXoDdJWb>G8m{pmy#&9yrw(QxOW^Wlj1Krs{KDnc}51cUJE`fdW
zz6;;m15=NzyznVK(?<s@kRGGTO&S)Nkc6=L$*Q&q1{Ox$qgeaxsxRy7anorak!EJP
zKR01*2^4YP>u`op=AjR2!?nh5)0!G9JatJpO5;i%9qJE-Td2yvx`s=;pU2x>VUs7@
z=`h;Z33?0nRo^|dW!2)Xg<209z=e9dJUK8tab=W@EF}36{xq%+5)~s2sJ^hWqzBIO
z^rNf_to8Zs!voq_t~<#WaBi7=8M5gvY%;HK^2~wS2+P7-TbsS}rqg>{(v`yXyFci=
zK!~LbviRt_E%cj|;-gwih1#+uZmzfa2CmEZ*)x}5-)6`ydUt0lDz-$kS(Sv)3Olg_
z%R%u}`&LH9nZfgYyk%79=JysHqo0dK_ZDbNS8h|X?2LQWR?s+h=$6zVXvcs!;qj<d
z-Ga@?zYKD)a5k{B%!`9e#)<c4PxIP_;%;BjGZWzFNF}<_c)^0jrV7FB?GH4kxzwBf
zV{LbyJ%M5E+f4>X?gQA85-e^r-Pf@cdq;EGvcoX-S+(VQrwk6_g;7ii8vH)Z<yFx!
z+-#|nR=VA|eUb#z4w>?=+lO^I4O558<N)0tOZ_C19-DyK6eP}5MQc9Nmy4DkD$nK2
z>9+|t1nzxj1Fp!eI49)dTwh8)k@x1%7x{V$>Sy7E)ZlRmna(I!bbfQwdB51-W-EG6
znJlt|Gp#ugF)7uRPnWC3DLl|B&`y#aR&1c6HtAnJ!F;1<Je1^}^V=^lnb_atJ4Lq6
zx1>o&J^{6`Hyo0V8zK_J^QFirJg%9O6B5A%95nd6wHGrqOhz*jKti^9#Z&uN?$rxw
zJ)9)VI_92c$_b(@apKG|$!eK*EUqgaJUN%GS)0@QPN(iLQOZdS+8k)ffGAv%m;-z0
zx@dx<?oaQnWBUf@ORDZ5u+j5`w%WBF``F(yo_afDn!Qcf_+z8Xb7sq8y()ljPlAZ}
z6g(l=cs?Lzo>z#M{!-)I`Gq&(W*~KIW`^m3LGsqLR@-9jOwy54BxNY6HU-%ueFF*s
z>oJq#r$*sZZ-R$n__EE?W-CmFwU{HiHoE7j_^99l3<hPnNMrpN+Sdnu*5@egUXoGE
zrJ~3;bsUqRNck3IeNMUz{!Nj`tUlznq|DYF>}g|vw`}0H1m;$P2246;LnY^#+BM{*
zdonK>Vf(p^iie0ByE9qF?&Ybu2j&RMJ=FAx{^XRFH?$qC4X|jG$Ke^;=l2qo5@jxW
zm8y&4?Q46@yCj@!VhyDYPS(Z1%=qJ?H#L&1Ba1YKS{r)e+Rwf{U#lM`0I6jci$79n
zRkt;gZUTXb!#+G9V&O{CN=O3lu@{NX%Qv(Y2HsmYFmH@6@PjP|Sn9v8aPrveC-)?_
zh5Ps}qtr$&x^JK<CkidvqC?Bb(f*_f%Ef+Hr&~S?8snObn6$PrsptDFFZCsBYWMWf
z3xNoZ1tgQqRS@r7T#^5EJGWmg(-rg)mjnpf5lchaTjF{0uG}6R*gbjew?2z|phuV+
zrN2o9z0{p&+@Lvw2X^+YdB^SL?t3&YQ-(dZW6crzHM<MRAmv2L$qs2!SM3tm-`cM`
z>q7%cbt<-Ae(ZquUX^n0dpc9tL=zen#MTm65FN20BgTU&cJlIQF3G+}f!dMsq6Kj;
zR^m1Hs=5y11l>#oEA1+@C1l7+J^3|`K_c_Oes3mr$IC&|^NyoZ&EAtx%E1hMBC^jA
z?|56FbP@uxT4&=-C7+8yKlWn9Rcydk(Bmu)pm@7sgdA2VC>#p-SK$!e%KKV=^C++4
z{Q8R4)Y@#3e@#Si;`@7*TM3V)!{;`ydfX@R;qf@FOyu$D!pZByeTqB`WZ*Um?&~6V
z^FZR455mLtOD~%;${*M=Fku~t>ew&cz&6KxT?Y*7dlZ8cyr;{oDc@rz{Z7$FFL%b1
z_Tcr&P`(TWR1|Ld(;3=`n;vm-_&#!5>h|I(6tU?Q*<G8JZ5L+aTLyUvL@K@aB#tLs
zOyydqT0N=X?U-Un&AK-0n*i29qo$V4i5~ud8uyto(K-<Tu2NWC=48uj@4WgO@||pz
zP5qDM`+KmY=T8L)Tp(5~c|vUTvcPRISY%zPX2E{r8z))(d~+D3gO=ZE5)LX2khBXI
zid4$!&SraKaNBt4GV^OLBW6yhTI!~+fftP@n=Wq>Cb75eq<)X7m-RxvW_H%*eBXnp
zf&uo>QgUJmdZ8px2hiGP7sbaAP?C4D?4yem{1Bw;#n3K7g{X1G?qio&b@H{%-TGD~
zGik4K#E&ik1skqi<>^l-hxQ9eU^{R=DknDQPDiB?Y*|3|<H73+5Nq|S4JXjdzM`UT
zU-4I(?70U!K}Y>5{ZmsCelG;MUhFa2+x3yY$f?+D_z{G6Dbr{Xvw3H<q}^&&HCOf`
zWN5Z4IuQ5`Y~s&MqDcWw-swslV_o+yg#1Fd=qu*9k1F-b#7%W}LY3LJApJ{m(Q&~%
z?%r-HYN7_WEEz-Z%2l2hM>T<4T`y-aM3ASy-bulimY+8Op@`V9M$ozSYbVKmat>4#
z)?Ka8t)sw^Zxg9S$7ElV2|l9B=Di}oAl@3)%rfrj{D`+&55yr^e6h$P(u5z(3>$^<
zJ6H%7nIT<B`?*aY7i45q*F0(r*m^s-5)`kIX75Yyr98O@kE%|bNPm#MYKW-$dODg!
zA^mJM^mJVeFuF;)CW0>o4gBb0IhUdq22TsN_2xFM&#W@uVi`6zYJR@4ab4gDY6YJ=
zUse;7A)DBodjciux_m~|;IaOgW9`R1h4?acAvmp#^Z}#So(QWxV<vp%VZV={(6{>%
zv?8?BzGS;Yp`Io({l8(8q;_^)lfoE18x<s|crBx}&&(X4+uEB!R`$yR;X4S6KBxD4
zbzerZ(d|^X_KWg+;Kvz^HktHfs!xiCIE)wYF-Q<@o{=tAQ-T<z$E|sShI%5ctn#75
z(f|q4q07QhMEFa16Rn#%y%iTI1qfVq2SWwpm-ngVB6%dJAYm4ppM6#D;Dt>k<t3Yx
zBYCs;&OL0^3W#OZ&DNJ??lJW+9xArg$=CH4N?~vX?}gLMLZjc&yo%FxEkQFvP+6>7
znPrQt#i&ILNb(WbWRoquzQfxT1F49n+=`fp?9IpnUELoMyZaMyk?TXkv@r#5=9{xL
zfn$0t+)P{sRG5;fRAI4fA)?{!C*y$xG!$Pj7N<~<&iDNR`LUX{wu{A1fql_;aR(`e
z3UpVf__BhmN7qU%$lI@LLe+wyS;7aSR4#{WwPM+MsL0KlMUgL#e()>N`5sp&M95-X
z({Co(Rz~#<I*7%oKuAYJx*OJ;i#zXLoi+eZub&Sx;2rmJ%3!8KbtbF-YF0c0UbG~#
z<%83<Kx|d7AGR~)#;fKBeq3-R6XLy(Pp?tQImVoYWfc?ZzMsjO_Xs+Yi^P^~oP}JK
z*!f~1Le)6cmY~s>J8YW~ev+RWm*V|Hqd8*p`r29N&m&~d@WI^}I410=23>4NYns$3
zP+U{{-S5<*;GqW8JSklLt|IAd<@{Vtm9MjFN<_EZZOIsek}4k(lsdHVOp64GsJVW;
z;}oYy0om^?0A_cBx}7D6C1}CA?;TRq%vU|9U$Kw#I>)m~QRa%k-pIEN3>f;ty+FRV
z(vEG&P+F|u5qX@MJcxCf4xcu{z=~|C;NUGUbdL2MSU>m^6d{xY^kl1cRvFZ0)f>L@
zpdS(TL5~8(z`5zGmuVPuy>HBi|CBrwDhgz$=(l{jCLIy_Gl35U&-e4(mwuV~O=?IV
zdg=9&JG@olW#(k;s)7vHylgVcO)Sj$d@o{kw=^dbiqa6;reF|~XZs*>2KY5pi(Ok}
z$>?Toskiy~3B8nA$;tncYGaTY9+@-L$Nog*$;e%#pmRDVu1_Z4p!R0Pc#hSz?JwNS
z_XDa;ag@}=s2L`<vIv{S%vd+~nbq6HN+D&G#JK#!U8J^}OnuDjp`iT2v};ru^X6=N
zUd(z?-9?7ecZ#EeltdOrOH+{ISqyei#03Sl?yU%DF8Ck(oK~`)xp~@bmUlX*W?p~#
zj@NkbUeU@&XVn@VH;72KCMwZ1LaX`PgsI^SaEix{+fb9DCc+bU;(<-}O2+GD|I?EH
z&r9>iwdTVks;l~|$Ws5*bBfK|SNA-fB`8p8wBMN8E%ZB}H@dLLR-$c~*);8V$ooo;
z&ddbzx;WGr)-b09#x}m$c#lj?QG1pV^xgF3Z^Vjl>Pvb9r3!1+GbVT6pOV%!H%~Tb
zBpQRmy*X{KKb%vq5Bj=J>dRB9+4^!GM=zr6(NZ(oOre(}(a(tGdwe=1-b6_*b9%0=
zOg}{FOgH)JM;&@0Y8jdOIaq1%?XwE=UD)fi?X*vp;1L1&6DcOpk?w{dM|Ff}nQp%m
zHk++78>MuBEnt<J-Q9npmmwd=?HyHfYw=~?0<{JO3dJO^weJ=i5ggnV%1jkDABg4*
zxFL!l%2i7Rk2084<yeqX?QPYJH%QO)IL^m8YCdr9Zy3Sb$fU(mtJmpjzEJhRT(qR4
zXn#Kb=3YRbfVW>+VTy-t><hM{$;IXy39+c2>}%~eE@cp|AH7#nZHpNOFJeXWt0=J$
z%R_fam`tZ`NTy-zY1(~0=7jY$26=eTSE-f$I!au-kdRQf>~PzcoPJDnA@mB?(dA`k
z>U@6${By5Erzo{a71lz+7x;sk`W0WLJOl7PRtRjCve-wV7rL#w9xDVXenjrOw5%yL
z>JIsGy5^?99`|h7Y|@A&EsJb0G3njY=@ih5;$^<$QSh}&^_{9!Pnlznir{&(?Pz1U
zM82Nm43)Iy2iL>6XPm@C@q#~BRSLl1@YhxUQ>kS?Zsww#Ue;S{lVXOVMjqdXXzjo6
zJ8o#C07*O6k#W=NzEIJ9nPZ1>x{|ZmYCfsO^U+S8cXtBk;N%_?7p?bA(v5()b)Gex
z;>;*;ckBz7XEV)u)jZbMd?i543>RvJ5KYECUL4swKjXESp_aILO89UO{HhZLu=*R+
zDai(RDo34g`?U7^OUhtI>0mllK_lQ<%_2drR-@;FbI^OB)qkw})JwiwMAkax`5afc
zmdR3jwBXMsvxdM<57i{-v0aT^Cp&ajF>dPTI-l(<c~MBwVk(*6G*oX?MkeK?-M%jq
zahPg`thIE&Nq&(irQx1rj!UhljucjkmH2wN+@<)%B{O#{&Zge)_&yYL6g*!DUr>Jh
zJ?3K}JT1^uQ&;BkDP3dN@-T2Q-Ite)^F+##6D!5v@~+@2AMTaT6rY!+qi(o1CX#wU
zs*&KsQ%)9g*g5}S_FCYq&u}xR=8#lBS{b=BN<GV&cXL&BG}Edc|Aws#ODv=Z>&ygV
zC!TEf%AGgDU-aQ=0h}LlzN=<>`;LQGv**!)lC6+No^H|_uc4%j_WMmTvbsI2?WWrB
zzD7}dl81$~+^B73S3>p7S0mEKfwmqzq3&zf%*-;CXa9oy?_-ur$@r}o@Ho9EI^Ze6
z4_BnbEp(tO=e1BY!PIRE&-M)l;jV4uRV4C2p}-ZyhY5xdjzwO31~G3-iN5@iLcpbP
zss-7AaIfqc&hDAT%-zzv&|lz$GQ`YuI>jB}YN<YFK@1TdRw%F<V?eBRf&_Fk*t=i-
z!8yN?ywXpnALq*O1vxIgKv~=gARs6S8UOjygkIt-kiGtdP>779PXFhVe|Jv*IZOYW
zD<t)z(TG*bX)t5@x_m`e*L-Z$<r{uoy9dATd}6uEWn)GW|E_8W+%h0KA)ZZ|&|15@
zb85~Dk8}IoyWs|;@T1WmwhSszNc;PQ3EWtqBlql2xjYzrCiunu211{o1!yJyeJUsZ
z;s_KD)BhYM-8t8VCp7Zzo_#*<krK%>*(RoC`LigO?)EX7(-yQpKR4n67Lj-iCFS2q
z@>l-VC42;Wa<lIIt){8+ub$j}1DShu6tu^X8B?^(e81|-RbKet4|%ZUM?foHya*wD
zKSN&LzuQIK`d2G2u7Kh3gJ%S9%KvZ@z#8Q^uVRas!mqFP5d|IrG${kbKa45IXu-+F
z)f*fC`<#s+#s2BAKPG?sTa`eX^yk3v2KYmS`eyf&#<5{uF}*%Nzl{tyks{)S*MI&l
zqTrP8`?oaz&xifL{_UEfOnC0>Uv0`E$M0Tn^?4%j^N`%HfQKzfI2g<RRowXVVZRFa
z%M|Z79O!PA`d4=|-ti<OVvY2zh5V7BD%sC(Lqk~doo%rFd713qx`$t+WoG!FFS*lK
zS^iEBga-Vpyc$pFrJiJ<>xnq5Ph<Z1ZSJ01<(?xA82weQtO71&F$L*=A3px|urJ*H
z`(e_bu3XUcA#*Q-b<bZ;@#nXBeg*IV3|FdtU7{%PcfDc||MOu}sK@{9{{K%`E}bDF
z<b{ITI!So!uWxhfV|}vBEvH{^DH*~I$NkR@_s<RY&kgt29mJoX6aU<B|6jl1fDZoY
zt^IQ3147`^)97<)9MBa`kqxh%l6f!O#@{~5OU~BClnm-rX-N`;$LU8s=BH0#UIgEU
z#U`jJCXFQ26#r#s2nAkjs3ov@Q2g+1T>mfInZNt!S);>Z2p^Wh<8->vuQ$foF1+i#
z%6865(+eQmj5-@E;+I7ML3`jPjkmG`xK9$0F*>7u7t6H3yBaMoRRhSKs+)Y^xJOwD
z29j~Y42$sB!ERzOY~j}v`!;xDYq5euW+fbQ3^U=AGK53^=ac_`K1<oUR=XRW_-5SB
zIAM5<7gNEBY0esW;h4N|j%qaStKPc7Yf1P+6VL6BC!CjKJu9B70BNF_QE?q{cYBVZ
z=FyI?0hfIB2jyK=@<>U}<k}OYrKqX~1aJ!}VSnw3!If9c^ySymLIbRR3siX+5PR#3
zcE+1Nr`GGU9S9Q&kZTvh_*_Uoja<Naf-3s~8hr@2PPls&-_nKi3qmpwcz!l9Pf(uu
zxhB23=CSA%yyD(WpcDao5p+5%QJ@~)io&&e3@8=V;wqt8di>oEcRbe-OCzNQpe&M2
zD_=icCaHzlzgCAnTa`IzyM0l>IQ9aKAk6b_5p#)kcZu(GgL-FMWk_R8lHL(6;O@~Q
zCnThzJc27htj;K_4b04q+hXO)4_%_iCZ~Gm9eAG^XM$uJ$x|TCj+JT^L?iD;iHWYZ
z@2FO2nqd#91_(?k=)a5vxIov!E>&H%K^bys(D|Y0I8>tB_%@S(=ipk%nbV(k_QHvU
z)4@#4a5?--!=YCS6Rpi#EdwPEt~A-p-!0EYTUrm9g&rSF)hGk>4~SjkLGq+j8Mhfo
zSZZ=`(rUVkDNr9=yb-EZ6crvv?kuIfv)#E9%fG7BcL6KpFI)%&0yOVWk!okO+GQid
z>&vJccy_Fy-8!!Rm;oLhfNjX~&ezAXf*{+i)J+Qil-R7}i1Cd+`z@xiPNu8!<ZnTB
zZ=13h{<g4yQpjdAITwyonYrU;PorZvC=>Hp&g6>DHjrgjYlOdfZ%u~~{9u*xIhY!j
zZ-AHRu8uj3@<99W(E3{Qf9ebsX_J&mvmV@zH13E|qIt9Nw4|YId4OSMDu+{Mha-Bb
z<#J0(eUsuq@^CsNu01PEQMV={-q)&a?F22Xh_O@pIYOASvE)0ic(2-tsIQ7EdSLPa
zqL-x7oTE>#&oMkRo+Up>fBeR;yX4cEZnVUx`GL7N&}>)*&wb&)Kde~6T2*tGZlwlS
zc@nQ@sIg{q?$o#$vCrn1ar=4zmw)T3)2aD^cYZ{hsl_;_wW808VQQZEXRwlC-GXD`
zQuRgJ;jXRA1tcwC9>LTpasZF1cOy2^aiX|QkkeIO4N1;!t~A$xF$IQz-cG;>Uc5gc
zgM?MP&IfvD7?4>{Y^Ezo5QEYEtD3Yi+Xy)TFi085i|KRsM)auA%5`6fDs7W)Tcp$v
z+a8r}=?)Q)Umy>Q_1fzv{q2(>#%#DYs#xrZomxjD8lXOmK{^-T<_XtCm5*cS2!nKa
z@-`!Bnz^}))QYQrfX3v)b}3s9JVo}723SELYdI!%KyCf16<smQR@l{?^5$&F?9^Og
z4@mfNYT4AGBBPp@rS(ACb-O0d6>dzqOAx>k`<ggyd$Ue<5|-z>gi*CVrb*$^Ef9wa
z`oEN#oA2ACJ*X*{lIcVw6%E{(cM-6FJmB}-_ceYlSPCpU1CNURcmVGVZR)k^S0M+4
zN_2D&nofv!CUEr3G*)IZ#=a5+^@w1aQvnqvkDKvmPqMnhmu45(g}n%<scY1y9M=7d
z!-Qq7Q3}2XZKv@MUe;5f%^YJlqim@cnu9xcT6VJorw>Hh>Jcxoi`YxadV!XqG|Ccj
zpwnD_AIfS{SHcvwI={<n`Sd!OXm&xARv<wsCcV8VMq^b+ffj?z=0%inrN3pT?1{^M
z7_<--{>XQ+xm)lRBbaZ4;~J4#XbteK$DGY2<n+ZM4Wf`6;!}%x4v2CZ-TJ7*isB!L
zTgY`Uzlu(qIImmiGfJTi#iwIPZ+e_o3<Z<w7Fw@ER*;bzp`UO)W}`*_eMWD#ek;PM
z(&>9;g{h6#CtYBsN;AXDHQKk%<%hAk&755fH23Kzbb<FBUfP=sxo#Sv4l0ZlzgS)>
zGR+~<p|4E*{N}R!Q;MEsDKXY~JT;`!bfVjFX4f)vM|)WJu`%N4QNq#ThH~-Bi$q0}
zy;eol(vI;IGk;A!%t}Kq2)TW$Qarsr&8C{|ZaCjtIU^=&&stQ=3Sy-XF8vSK{pjV!
zcu@y^xD6@s1$Z0)4?)qkEa<5bZDr-4a;?_N$Ud}xg4ULhJb~a(@NWY=qwI#$E5+A<
zR%H-$`c?vLRe+XfRJb$_#yFuoLW=Wqg=)MW?#|i$xgojZn-y?NwVsn#T`w}6DdRW9
z046f_V_KhogW>>bkyFmn$Q?zHEzbr}q0qMt^@=Z2dLn8@(F4^bpm*bbWoZG!e0SOv
zj|rOxIS9C|ZkvyiP@P0bF`)T)jh5w++^HxR6|RS=p=q#i@zXmNoDFOxZ*L6pA}!Q~
z@?>O^u5k2^RDW2!<pWTmNI<G{=EZ47I>tH4kAG4FGgaau%kTUUkHuFYGWJpSA)#Ac
z5Z`lZu-3tw$YQga06G=a?uS9G1c0@UjVUiyJxaacYP1&UhVd$M9p$IwcMW#m*;0jw
zv*NCsq+8%fFfgwWPcp@)Tk{KVn3J(jbNc+57-7M!-S6bCI_L?#la)Cm#V;f$!yx5U
zEpkv3?%uEvr=q%L6%`7wU!<d3A3L>)c!-inV{@zt3WK|-pmt9C0BO!GV4-fd2j=bF
zpmf>+hw?AsL&?;PS3Od_o75cdT%A^-AbiJu^9;BcqpD+WBL(fK^&+7*r1K+SB9ELl
zu^4xZNK-y|xw)V^{_x~7Fqb^KkdOg2T)1q3^?bcKKlDIfE~)kKk%SnrehG*9D8uQp
zD8hJc8@@H7>9RZVFr~JXYJW~0^^UfhWy>m(l$eR(U4cxKYx!Y@R`#eiKni;h)`MQF
zuX(T>TA@N=i=&v-6cx#SNSfUSH<+0-=BT8{5E+DJdKtiPYiIQL$mf7Md4fBGqSzVl
z4BFE@D8;H@5s|e00^d-tV#}zFrK2ql?gF1wMdHK>9l0TLHQCaAy>!hlmorB3*RO;3
zqY!vM{+B7A5Q37|KI#IkaA*93$;#<8?fL+0<ymSAZqsgYi{7HzIT-5nZz?wXmt*Lp
z^f$Wm7*1?TsY{$DhCm<6MQv)!#qLrHuC{}SZd<A1ZTW3y-Z9V^ofT=Oc9lCt7F#!{
z`0<jMHs?lI9_R$;_B~&1bmVP27!brffF)lny<X<8q;@WslI*Mzzx5bXoR%VYW&r~{
zIO&d&G+XtmB@a@#G=$R7VX`sl@?v%_=%9FE*wbEEmKR4~nB)noIfO^W-`zr$EZph!
zk)dKY|N53!>PbsH+I}vASugZnr`P7!vJ53+BTwN{xy0v(*e(_6O6d+jof-qMIAyVA
zt~n|km|!E>u0)A5U2g-t*7RD_k-qT`0q7oCy*MNFs6eVyPJmdr+mzELLw=r0%(BX;
zUlibzNiIbF9A1T|O?_J5A8{~Ld*p}?Qq8YjzI(OPhsQfxyV7p(woQA*ybExajOF%U
zj%iG{YJ^&T8COuWI>LWfJW<J#^c<r`0a(3s!>^6X&T=iO6^hT(Q@$*V_#-q{q3K`w
zjK-R^rOr)xz>XWXe71n4>yEG4&$Tr$Bd{vMLPOKt(`=1uD~7wQ&w!hVK4)d>Q>5Vy
zM<}MJWutkbAS(8OTxPiiT{g-A5S`<>{%NT9^i_#pLwSG=f+X2HJor+#&D8GR%+3SA
zBl0;;^utWAga%WvsZ|6~Qun0m*^qIb&S1587{h(Px{L1(fPp!2ehPf|lgmg)H=XCc
z3m63Tjh`<QCTkpM<)QebzuXrFCWXCIhFw2>4)=e9hW*Y001@>e*v082`?A?**2i4o
zBIiRrfcH2m!*OH<x{se};`+DbP(m$kr^dI`)nyXqHW?GjQn^xv`4z$ic+&+?x^Sux
zr6eqtQHX=7h+8`I;oPl2h`(0c76jhoHPKHFeq<<ouFv@;CF@(@l!5TgI~igCUML~s
zHwP#2p!|Y8LDhItdVTKMdbL4kZa9j;2%eN%Ar=uC=m)EKXG6e8?AN+Y-XyV?=jsco
zp1WdaF6}sXC9_Clc<dX*R8|<GBTde8(TBy`LVJH)C{;!x<>Si+p;EK{<yWe7ow~g4
zOOL=)(bGI(KP*4+mfdiL)@8Bik0&2h>Y-irXk2Ef2TNW2C<jsf8N&y@MQ!UYuiEi_
z;Cei*^tD0sLADZ4_rdzd6C{$Z)zLjiB6W=K-#&ZHK}~#${=CuUT6J0GkmVbdZ*AzT
z&x-L%%j}syC#RrPOM{b<t<PnA((gPLj=4oatX$H5H)*rtRy_srLwIa7=bgN`(|STL
zCHtQd)y8aiC>uusB$|U#--QR`asHwaeGb<ledR*3T0HbtcWFSPGCuLb99BJFzls@n
zH>0^k6DX&*B(F5)j+el`iSETvwxD#AITi}}-Y)`FowDKT*+m`bJ2+VFF*N^xsTO;1
z$~PVvN;94+!yi^|1iPn${ZfxX3hA;W*r=1&F#hdW0bCR1K0K8a1^KmM^x(I<DlWtK
z9QZ~?0F*(9`i`-X7b=w&`yPKdy_5DlG`<^cq(}B(?n!N>ldL3zku<Tbl{DuZ%o@PH
zn3OG;v`w7Hty3Fl4g#2ERTIGxstgY9gLdbPlcB<@R^V|%%<E%$m{@)))j1u`%K7uT
zO5s>;W^PsKOfT~}6oUo4hm?%!@uB^M0AxYDKLz`EX35!VYOM)R(~^4M-|x&Kzo)H!
z{E5XC(77omhtnY<yENx=GD(XLVWCs|61ki{5t2`y%3#xL^(8FS)Ca5OM$$qU?mvU4
zVRGyuqpfDkWBJVCX^7wp*dz-IR0;<8*wYQ$j%E%M<tW59H8lY!^Q6JGIXCa};2Llv
znP!xqlz#P`$f);0{jr1vR9x^}S16}9IOct+%+0y8*{=bpLa$!*gpG_Bz1<4qwOt=)
zc#}#+iDD=`zIbl_*@?yf)82VTHMOnpev2K%Mv)>QB1L*fB1NT_fJpBmU7FH6B1BXo
z2+|`p5IRVe4$`Dc4?Q4KLRAPYwExV;J;ph^ob&&3$GG<n`M?)e7;CPqIoDk8^Lw6m
zk268M4lGPqHN2%!eN4-Oeu<fMjPdFC=jk?-CuNCF${Jzu3L{3egWNVKF&S5Jz-Q3V
zFUVipr|W^Dk(nAr@2IK!a+V+V<g;|fkBk=ckrKH;6TdT=PPC~*K|5b62p6^<7VNk=
z_9Yx!Qao#8>fdSMZ<FuGaAH-C$`rZjMh&)EmEW2FqGeqxI~@OD67a1fwl5{htFq<D
z<%kV7u15KoskfZ)_!f5P`-;t@aIT~MeT~ino)LeY!M88$*q1bJE7{z68m<b7rV<-J
z`T7Wt&Io!#12_D8ij=$0xR(&?<I0!vsFCWNUq5@*D~I;xQ$}tlrRfT=0Pli@52cSk
z8fH&hLUXM`>*Wht$h~A>Y@GdaQ1+AwxDvqyAVF;jFsdbcugcf1yy+my_B8SrGR2Ju
zrgoP+ajuT6n|o2YNzF5khl?zF%=ahOow-1ogtH`=EoXq&(xLuxJgV4i^G?y74=OT{
zz45a}DEVzw{nPa^0Gn)4|1u{WTnI*^ml)E~Q{uL{B*`gCG9Zj}DXiXz(`B_d{Im-F
ze!1#d{;3lrQNEAruai1Cr>eb(HWp;!a$b0?QkymWA?R$Cvt3+ENIH{c3T<=0b#J@D
zR+Y66^kG`?=3_QNr$-ma*s+jX6*2kT?{jQEg1J0@uM%%b6JbpUu~QmFgs}DQUMl<I
z>FXbM8$x6~SanfgnNuMp&_Y8QJdRRbOTrTxVw6|4_;=BnM!j&W*BLdFSkK1@PQyz(
zW;;|KH#gR2(To@Qv4?{;eNC^C6$#*0G+dXxB4Q-$_Cfb>Hei8H`8Eho9*xQ?M{Yep
zoAhp8+-8p|^#``5;8I4qT;$@km4449J_4qf7>!mf__=FY{b}wDJBR-lbLSafs{U)T
z$Ei!_&yHbvSv)PbFxCI+@#JZ)@C~Z@c7ShamY3^ro|hQ$hRUJa&Qv8WppBgypVg2r
zpu<*b4<**I)}&O<$1rs??Ecob@s<!Fh4hU1>$MPmLeF1|;-+15MC=vEaa@y*obtEM
zofp(^);&vKTX=q6`C<{I0`0+Gooa~rQak1#8@)8*bBEymS?E){g@-Z3vrue{ee``L
z8}MdQje_R4`HZvs&qKLwvq!6BY&!5a{h^YKxg?(f&B<iSeds%ILc?>PF<35!he-x}
zJ?$k4+7AVTSMpEMm}%x4^q=4W#?glh1CqgHb0#}h2Nwk>l#Lr*$R8Zizv<LYNl@KN
z5OmN`0ExhMdFodNNE1pgUxmoHiW$BmJSXYc(JN-MohS0CO$XhvB6pir^vqV`eZ@Jx
zdpH^H%H->RY?~oLWD3&&Dodam<8Q54@v=DNLvMw1AJ)2pZLQ2?xig}?&WBzo!w&Ss
zGcIPopOPF)oQ}vlo@%`5xl|x`{haA@Iq8!th*CAXY&-?mzOtM223F{#u((z%yPfhp
zMHO~F37~sXb!>4Nd2$U^;H|e6es)|Y9SOK4J3q)*ncCh|gi3Yq2f{w&m1adRrZ3u=
zi)J4@M{gqg@_cXkbOj1QXwv1<Jqg5;KpgvI0dUyLOE%c=Zo$xwfqX`3_T!<v%@f?-
z3V#t2?`(r!wz1rX2M2I=gor=zvHoxs>cJ?bXU+FB#Iqxl>&w@#)GH&-8Y5NGy0J8%
zGUeE={oZ*TzWpQdtsKKEQ`rfFO5bs1zg{6-=VN_!dNdzzE78p$KfP3G>dn7_B~KZC
z=M~$ehOFH8oypqqb_IT>4m9k!2pwN46D96lx93$Jgs+`Eda&o@^9EJso@g&p>;755
zhJSw$&j-AdRl4oc0nfkBq(BnVkMA9-RJ;h82-djyPJU^q;9En5VP|x?o^YP+W;gbB
z#kf5lk&w^*GJBB@TmHCQ=YqJItedoJqDv1JOsH5j!3rJc?-+ff{JW!>2?&)->&TkA
zr(jmLbV1SHp0`|=x=Y>>?PB8~>0b_RK=h#bYEs$2k1aTt(|6AFvuDfDB422t7!x`l
z!)yGm@W=NB*UJ4fruMAlJBjNDfByszOhiR+XmevnN;v$L1vytYcv)yP+-$WC$F$P>
zH8}NK;Qc+9Za}hTRdSI}KXc>G)62^(7cU6*!}WTf$z7QmFSXA~RYk0wPdFKbHzorH
z+ghfoe}Il&W*jaL<|59T;SQbK!<bInv`U*OP)#Q%k53so7dNd%B4*ZkHkClgO9yLm
zKzj1nRNt#hL49g>IMCh}HT|hffw=W=6)R^)tGNhu{zH$yWq|HzTnM0Pn=b|SVBSNF
z&G=TE?`f^5$l~DxqeXuLZ%`I}LJ+Q?y<MAVQyZPP?~10;xhVPlutD`03%oo&X-m>F
zF5E5q%+_C|k>V#ZRMgY<@<2^_;zrEN&$6(KI*ci>?qexZf7ob!Eg~6MdOQDK!v_&p
zdV)6HFvDtYE85PiVY*`{t^#v&O3;;<Q#r=m{X!!|2=2BH3mz~s2TR2@-an)3fb8i>
zQELDh2HzrcW;*8l?1cB>PEB!iGoP7kQaEe&*Q;kaZsRFfgil=j4s?*|&YSK$q-M^I
z$`6S@98jAm<LCmEE;g6#fV3{W+E3>yEs$YoOFo##puX8tX_DrdbbzvX8z^!z+eB%n
zi1kF#y@>l_8A{VXn^=AAvD~#&grI|QWjYEeDpSiVYCw3AQ=&ihFZSg>N{H$pKPh-W
zB{|>)*~v9CLc{tN)6nLyM>G2J3Ga1Nfl1NvzZ>>CBN+Fci+%5TeyM4Akor&<+f$H`
zsu+u-?0(s{Sd3gcX`>jwkY@J1Mb~k8#D(CE?9b5~i!d&8jwkqF>D?!NfuA=RN6X&{
zhf@naLK#$e%lygE8BTCRd)t=-t70K;`c3#G*1h+qC2_WB@MmePrK~l0ra#un5jSM5
zTjX2$(|FqHeNgc@o_ltPPH*6?aA#J9$hpUNCh0GNNl@8J(+J%7T>yKN{Ma4mPPKRX
ze&*%hVHf{V@G4ay5(d_?ogZU7YqnW?y%{Q^1f2oL05Rk?!W#<b$6X_o`3Ua2PlhCE
zN~=#D7jUA(<ousbP{Ndig#G3IrBu*cVXf&QvG28J^vQP3q-o2%?gMo=?_IIjTZQUW
z-ET|unK&_p3g#ZTSlhKnS!Vo?9@>DkqFm*;8s)r%QFh6MLtR4If}je-8mV%C-sA6_
z=KT0T#|TMNR<7`{<NEDNneUY1S*lZ?R<HG@8lBA4K_br@ox<6&*BY0zGia<{%Z?6-
z*j=rZbdC!*(%-5fOV!_n0K>1Mb$3dlV1{OMpfGgweE1^z@U4G!oGcZ4`A71{cdpI;
zo|~b5w6pws&;po^xlB5`dx|<+!pTl+#bBo(5Edxvf#dA=#~v&u-ZwQ03ziONUjldR
zd++t8>x4bcgJOeqUdHxs)a_}Qx0#>?i4s}i-oZ4b$BnKAN8GkGwWN6gC<*bxRm^7G
z{Dgs-3)EIQ$_p)pk%k}*WIXWhsOw5tGI0L^e^g9`Y)B%{8@)|Jind037Bf>vVy9u5
zY%^5%M*HmfC|0sL-YKPnG2PBY>s#wXrlIn&Up*QE`Dle#`Hw}|FIT<^pJwf9$x#sR
ze94HqS$-&SzoD9$uzuD4p;P{YUP`FL`@c9vJN2=8bgs1>YxI_2lpJ0|zopT94GVeV
zann>`XS0&b1V}<dOrTdTh+miiZW?6&tDL=ICL3icr|oR!WaRx7uj@tL8^gB1hmUIX
zS>qFUB>R!Ba#LY&jNt_^jUSu?Zppn^?uuQlgvW)zrsJ`ZySCO>;IgK%$J&{QWs4a%
zX5eSCB_i2g_@eS&j6=P7Pn=mHUDA3V0(%A8VY>O#tcd?E=&JlDK^FrmvCg2yyp~@f
zRQLs4<O-oMloC8`(Hf%y-k0QGYg;iciul;eW?mitXaM><nLQ5yrB21U(h}uZ-~n#~
zu8VfiE=*}<YoYCpv1`nRsdId+OgkEJ^ZqA&vzfk{i26W2%&H;x%>-54R?*~P5MRY?
zJ1EGQVc*}KohzCRk_T4Ldks|Lt98y9ulk}CgI188JCA)JakB%_>Ilb*6(|bb8+Qm^
zuAPYq@h)($-Sih;`h<|dgFjH(zmW~y{HTzNwd8CQ_l05bXi%7M2Zb*4{=k!joE1*J
zQk6Ds8wV8Yz~lZtWpQF%F#{02WHacbTW(c0|1xIejhDjvTLtDLL-uRVYhu0mUZ$Wo
zmpGwtX#k23sE}ovQ;NrvUbd;y42bsf&Ne6dDXv_1>Fh^p_onmP)aHzTU;-`Ng?OYl
zS7KN%h;JvIHF&_H%GvkXO~j<PPqj%1X~At+aUEM25k<=JxfMndEe7Kw_-gxdK~J*j
z3AT)5{$A3ALCXG@L24%@zw)h?{}_1oYdbI`eA_t3)4GnG5HNnQ(2qi06?4|;HNVLu
zz~UUeMO?#?#$F=KWZ~SWCis(3k0jWxp0Io;^m<hrn}pUrAy@Mtg<dDT>gqeUMZDk)
zj>;9$q~Hjbipm`#2ga%L6DSq)j<>QBagx%P#iQ$#i`X>^fu|6OQ29tBk`pjb!>9HJ
zzO&c9U-(4UPq)A`m{8Cc%rO*pejVYpm~`sIqf!Ddy#F6~;YYGmNbRQw=_Dz}TD@QH
zOYS|%86_I4@=y=?V=pC1Y%f62X)(T)oCIYpbwgTHA}fI5_ES9oOzS83%w~3v<7^b4
zCVCq{ep2xFk|&o(N+iFv^e`yL){XFetgcI<!!152FcrU1V2YVwhHMn_5b<deE_+w+
ze~_dB+EM$}FaO0IDzbxY=-~wQQ?nB*c7*A+tNPE=4WwQwm7^~L1w!oV?Wmor!hn4Q
zYAR6wwg9p>L3l2KtfEA&KT?YF3Ctpa2#HPsT<lA0!jWzfzmEKMmHyA)A+I6ur};1%
zfb{rRs$a89_Hdhfb=YnR1=%~KWvjED2$B8lm5J<E&F-t?PI**>UDPDzO48x}*6K0K
z-=pB3teyo(uiKZuRHyz*TK})H*GZo(m{v2K=g{CM*Xy5g!ksGB=LnB|GDkp`1uTCd
z%YR1^{6dz0A<IYPJptMN<q`PZ-|@>M@E6+X-`9y>9)Vw`oc~u$Ie?QpE!9@8eeVdZ
zW`A4ST~&$eI2`Xo9d3L{{9E_Q^)sfu7B<U9mjKoL8<AUV-6yVn7;p0m3J|H~G8(V{
z_Ctia-|xQ1K*D>BT`H(~{!_Ze-yBM?UUv0Mo8qV={y?U$0fW#ntZ?Og93K$;-BQ7J
zzibzjB9~UF|A{qGZVF)g?Ke8Kg7jUD-`(Ybd@C;qwoSKm!b$o32b1S7L*oC&kofB=
z{eO3rrtB~O8^TT}zKjrYX!AQ*j~3gWJnn`oJDmO0kGHQj0&ntBQvduW51{qg_Watg
z9x}?73+Y`71=mGEjI|h{Qmu7Hzto2rlv$z}LUY0<j<dFZlKO1c9Jr$8vQGw+82+Hn
zKDcDnwYuFZQ0RpAy{UeERq|<uUvAgW2u|~bp}elSC%}WxZ*#zY(-=}Kc6rXEHLCVS
zf3BJ$dnCt_ftxdX_pVm1uePYi6LaU+<0ZQ*x1UHGwd$$Z8;zN}kp3B8FAiBwToqzO
z-_{k-p<^w)2g(TV|32yW`x@_1uD*!6VKld4m6n(4vKw#e`_#@syx&3Gm-qV$m#cN|
zD^?{cu}5%U1MSSC6MYXfUG3l7yR0PIk8{Z=ii8EHizor~d8SST(+=vZxeIt!V#Do?
zl&cVLgF*`r842QHP6D3K<Q26~7KBGHh<WZ6TfGdQZTi+V_ni=F*S}sq)1Q1%0cSu|
zPi3j*KvDLBj}V4x#TzGT3L#68DJ=nA3;<EXjXYKI!}SsUR)ryz)Zrz*)C%WiJm#XN
zTwuX4$(S42T`%!VKY(cC{2TF6c-6ByE+Vy!+D{jP#b%`^+*hJ_En4MhrHxyN{2K|u
zPz|FL_Paa_kT_Yn8t;k?4iHxvUu><VIpMSG@`@8K>OP;*?=YcVGvw19ctQ$a%6mv-
zTy>8m69hX^hY0|00kwoho~;g_3cc^GC_oPA6VLjzpOE=9T1bH~1JRW%8m)=9vvJFV
z_b;<5ve6VfFN+(^a_cdvN>ZTr_CUU6Lj?FPpW*0l$$;hzEFPGARt&>!=Cs!{Q7{2~
z&`LVmWj~a*H`j-*XFX3ZJs5tqUzU&|#-eO^oz?dihd5-AEPA~=fXkpl1*8)(*B-d)
z67o6;*_Y^Q?->hgv`gyyy{VjUU12h^=WUr3F0)2}K8NieF?7-El7??d6Ia3unb%tN
z9jYELblZU(xd*9tg#QQzweHCXH{;P!2VvIC0dig8Ht0Mh5bd05G4R#munClW>o`^3
z4?QTfvL7z6N$fz3u)?+TuDh5`ryI9q^Q1?qMukRQW+;vTVU||+N{?f%MqX$mj{w@k
z>r%v@u;}a6A!^fe?Lhb<<g#`Y5X$|vK-e#4tPX<eU5FqQ-8~#@7=L_~;1<PnauN!x
z)IAzVMc{UDgWd3k)PRtFBmUY1?v9<61AI5vTmg{2P;YF!ZoXyBw)P4Yr;!7#vKc)b
zEyA>*SuI$Bxis5>QqZG=t`)IJ8VgxuqUL{GYEa`X!yd`Q8Lx*HRDXfnE2hiWDUm5O
zQ*`Lk9eudXRk$Vun!uxteH19U^)2^6U=@edZb`&x`Z7#$kVF6~<}i1w8uQlL!VF%z
zp%k6pqV09QwKU!<4dCwP+t0Mt8mB|s@@oyln{!XK0A4??$Cdzpmq>7$)R%cT(X=cn
zRGT#|a5*k?h>ChH73b*I8uC|1$)esYTGZ3njaIl=X*L)H8|#~yoZFZCRzDR$HU3Uw
zFjwaCpEX7Qm-R7|r<=;2PAm4Ipwtv(CszOz<Xh>kn`cyQ-z9IHm+1YKPxYgb@jVw@
z1JE^icNc@bi%J8&%}p=PBnQ#Mi$kLMqXc<c!O3xh(CsjwVVPq>JZ4Yw?6t(SB5x~Y
zp<lOiU>_*#Mh%#6RM_#`;;!zjET*wIzob}X1pQ0nHFA2?EO>O76LaHjji?w@zLzeI
zOYq>vaApVF(=R}$0%=gEz3E`#p*!M6$BgZ(xh91dj`nY`e5qoI9Z0Lm(W``lAR#Vv
zmqX-Gfho*L?qOVSk57B2=s7xZxqFlsqT$rNfhz)l(Z-H=y+4~F=uOC32lK6^Du<G@
zNB(tfG-xNmz2HpmA9ex%ARZ4(WdZT&D3oX@&LJWawIRu?9^i>XSQ(W`8j7nq<JAbN
znbW9V_zkstPK3m~Xp?=twh_`%s8!0`SlZSt@TEk+=>{j1H9hz=`KkFnlz@!)!7&WT
zXl$Fo<jX%N_ek>#ZDuKZJZhc_go94F74Zaaruxp07lrPFzmeg-`R3=HRct1;;i*6=
zfNW7fXSuI;Bve1-a^fTvnebg7kk6M|Ef1-QyH)s3R0DK-Q65S{3J3}g?+r&cKl&7|
zD!tkic!`eLqfj~=bQ~t@$gDoa48cnUR8B%0>L%B_c~^!tcGA@19WC&Nggn%*X&CeM
zth4-16N;Gz*+o~!O1fj>AwDX?FlAnUnW+bFpp#*nP2?7y8o61_aIf+UqtyDO>&2a4
z^owNyB;R;~%^&JVuj>&%o8}8~Q6-Hlp|j0nlv$Gw2LWEaW%eGeI8Qz6fu}L=ZyyGq
zHC+%|Wcmlia{V^)*fg*f%xrOJ&j6~)Y@;_Ud^s20QGMvT^@uD4MA1IsGmMLvO%VD+
zt>pjo=G0>~sO1_iTA^EIs(}h0+Hz9FevIuC6U=c2@35^*MK&IF#nlhAgp~wBxa1$P
zg-jQ(HqXDsPMY-j<K5-qdYdXipc_c1z~Q|-M2+-9yQQ<Rp~$0-R9J6@xgVLW71hN7
z)G_5LqSYA7lHX%D^?X_nfuaGZ%AaU6;>teATx-<Wl}=gWw|75XuDbG$yZUomGS8KE
z0iJInj18yFN#fK5AdXW@ZrKfD7al(;{?TV>aU&??Vo!9(I9Lgygx+;1&2Gkfb=Kn3
zRS~^aI16tsXpA+@C!1zzVUUO4r4U#8;k{^;o}L>G3!xnV5ITy_-gqRrA4Skr1&BY*
zhzY*!UhlhqM?{>5?&<pY7OQ!~tYM+uIQjazLyb6#wLo;#^l1s<yKNP3Zg-X}po{?a
zAH}`=xc!PTT|~z)M>~V0Lv+G%7T8(SK|e7qNAoYXL>FAp->0(0F>$<Kr%y^j4I%gx
z5N-p8ehI4Hdx-=8C|@7t#-UIhmj*&=zaTE&_#msWYmdBMecmt;q*l+uw1Zp6GJQI%
zvO$bqgpR5?DOt0D#BQb-Uj8asU_|!FX4E<<ASc(UAfBb=rDTWbiTKmjYGWo>9onub
z-i*F}y(KN;IZb|2!Nt3mE*+0~c9mK7WCWXB+wQZM_sEY?TxWlIdXkhafr3v~#uUyc
zZTc#Pit$>~^V5wwYP^1LJ$*Ah1a=Eo?fb^Ln<_CotWUS%edqRZRk)6#+7*vgv@3lk
zWOfp{tB(;LO@9?1-F{fwJE-)acEJfp=lp6k-Fo_-j^Lbs`gjC(eXLiT{t2nRvrBAx
zJ=;lNd|oC$$Ef0RzLS9ooZXsy$?7(0blASJ+m~{djY>l%OjwfyTNwl6%X;jw@@jO+
z4ZqTvP}w3b<QGR5S|6PQk(=tE_v-(+`a}ZWBN`cRvw*mO_I}iNx^~f8F;dfOUZ8*W
zht!l(X{+2}E}t-Bt-a&zGIe>DFPDjODl@C;jcb)hdzp*Z-ZJ<dceT7SH<rN|R5ofk
zuFXW5=v&%KdTUoPo2}dR-W+laxuse_tC$E?=fR(=8uIzzm|M9OVq>tXUa3)uu+Lys
zt{FY>#N<Iq5G(5J@SYzXWllBv2k9`FtBZP;BJ9(?SH<kI*9eVJ^=Sh$^<cq$Ilp1;
zi(#6oX15pew~1*r22!5f?Q_#x#f%XVkKeyQ?^y!73PA<SU3iL=JD2la*Snr-IjN07
zlNMg#T!;`|X0N=f-PD!jlwT-gW*RC*LAkp$KE$rIhVY$8@c?3PDs(_)1L5N8cQAfj
zcv()QXSlu!BCENSp=UO{MzON{nY2`*?CHoDv5B(pB{YQ8cXGma*<|s8W}|ZKwv$)l
z9<FfjhX!S{Ra{@W6n?0^VynD+W6>!EYTCx0f?Lm$2x2!{GwEQ~RxPqNiPK8swU~~J
zHkg(rC0@4SV$y6jBjH)Rl2y0RyIy5SS;lp6l~|D6mfS(NDYA<qJ~-|mBHqSvfA_Tz
zg{#`jZG7<hSn}udoH>c=3rY_j`@zCI^Q#isbMd%^uLor~Lv+RzJ#781db6*4Z#j%t
zcCjXdMh-zaE}pl0f2(V8J@<>G@qWr^wu01dJiE7`rp-Z>0!4j{kPW)Byy!rLS)nhn
zzox!vl^>3EA1PfKIB0l4V$=<`=erSjOrBvS<$>R3Px&F#?efKDX+1}NS)#(*NAV-a
zhz2y9i>>>bbM;EtlV(PWl%QJ8je&e|g~=uABc;|;D{*{XHlBTLnu}xpL5D-^_lxac
z4f6Fs1k&nb5=j>=@3x~#c=S&`J7CYNotNBdTo#U(*?mkGySiK$Txq{_CcE@Ll~Y%2
z^?1@jy2dT*;$~<qW3>LQr;R43%ZHsPhx=Jzd~tXrmfqNQua}5UleqdLP7OVkR0<RJ
zZlD@Z&D*yM(BIp$SxH<pa_t;VT&Qpn9kKVM=xU@7V)raw>3SDB_ULmdE_Z9JB2-w1
zqHDB$f+xr19gH*1UI-giE*#0iK*OfoQ=FMqALGaAHBw?%omj0(+1!z^TL$?4RfMf1
z+LO6KR^@vZyj2pKsX^tm-|wa5d;a7pT8VL;GpCE~-?A$;8$tR@#I^;q&#RRop`Tu$
z#BUOgZWV!-&*F7gM0l!JjEuaaOVS_H#<ONs_26z*Zz<(-mONBdN8==jAr<s~8p)pK
zeJH>3jYMA)O#v@q$xqcg3jxCM%6+L86YDXzr*SLx7z;0ou7U@<3_j99c9eIz>Zvwh
z>{W&9Q^~O4aossX^)sf<W4g5%C(JwhvBp@}sx04DFY9sI>Mt=Qr!>!)uFXNAFg`j@
zt`As|rpQP*gJx*J*deMC^vZcv{LKu0!p!Z+)=zXIOJ6`1%B@@2cu@FRtNaf11s~*j
zH$YIamETin?Q-Gxjl;wKNa5VLQPPZiL1A;GA866Gea|yKC%A`bo?&}W<+KAWEp4k6
z*_)u8=Q0wIjlAl4J(L});s1S<*<pzM-5Z;zp_Gg`;bfRni9OsNC$uk1A+o3~=Af>y
zhM-ItaHbo7W<Q2Yg9`K%SnGw_=eUsNH)**z<!*T|4g`&b1u<v<J|6}Rdh^~YQR;IT
zCc$g!!r*3|uehz+XptQJ<A#z3G)XaHXu2E1z`8$A^l|&gDCbMa3{K7Uc<%J-piQ8c
zYtK27RKa+KW1W2@D2hQLg-gv<Mcy!4msT^9Mh%%%iQR`Yad!1ox!Qg1hh*cG4xGiA
z#!aE6+!W1hR_q(18k%XDQaoY;?Uaq0+rn#m$LyQ?+YJ#?UX@1Tkjk56pLLRiarI|m
z){2ZK%B8b!21~Hc{fsLp{Z%)&vHgsVos@JVX8_%nU=`*<%O_Ap*8536M8>Qa7c(ws
zTtb$36rb;7a$?biY4lao>du7M&=PxTae1NYcaVvZBeg?3B&Nj&VO^)8;*h1c$L*G{
z_^1|ID_-EzS&FJIsH5c9noN<XJj{FL+Lc|epebPNvr)1*ggy81+wd^uo!Ru8k;JCO
zMxhBcnpIDnmTDI@bEzA)?^2O@`R=TMUZEVCUtI$E!k#T1wJ*8z?Ae#Ti0ws-fe%7-
z&4JvL*$bCWiZ&tY&*!!}I%2}KsKbpf>O^wI4W{x+AqJz>T-sX4Lkc#eirq6&X7icS
zem;IBTv}PI^Y9wmtno2+w(_lzAEg(wg>wT^wptJB^CzW_1+rg!Ey8sx2YVADY=@LR
z=lm|cv*@JxC_{G}WlZN_n%dh3Vx2dQsgb22V!kh-7kWJDcc3I=S;Y5(+t}H<D;OK(
zpvAB^2toUYs+d=z=QTCYF>EM#Jq{J-63k|g^xRme5C{q_a=D8Wb;bCIY<1LQH*cid
zh7E(hOsu?E1&t;O!MH9#C%mSsl#u~7lO@-;tOGUP<jHKyt?3+o(}uRWk9=P!<29cp
zUrQ=%qY^i{x#%X8<doV!*FAD8-s@bEwRxPyV5tiU$u+aww~DHbz2#{OWE%kqxFSpq
zw3^*igYTW>dAjyA({z1z6qJNsl7H?L$-JK1lAWfA9;c3K=faTnv-s>d6#6iSBj=GU
zBFl>2>q(Z)fTJ;Dq7S*+QcqrP46W%%XpY2?KLmGy1{HGkjqMfjjc}nf2~Da<7#}3c
zb|J#RS!G^rI?iGs8$)%Q-j4XTB?i)Ex3j6g=mk|%f2nh|*~*Sp{H}6WmR_H8&DWbw
z$E4&;q8AcSjoWH^(Yu%!f&8z)PaYQa9{z8)z;^bUQ>R-x1m!pxcixn!Lew+5WKp<`
z1xhpYJPRS>w<zo|{FO#%tjMggLScZ^y|R>xoinSl`g97d4>Ynj;<9Ej+sly>d&6v_
z?&9nL2H&OgR_NZ4><Vb`2j3zOCC0kUm5m)t`mOWO%-;UoM<Ousicb<rcI|dquBCHS
zO4V8<!@h+FPT4g*TZW;*U0I^+qjD6S!w~M#^@B8tpnA6IS|Zq9tw@$|&(}`kL!4m#
zrrchmxY*n&FEiH;)OQtiB(CwAxI|S2)Ms~UM0G5R>#%@TdL~qDuH*Bfq|@$4E3K)y
zra9Tn{cO+G0UHU|%7JWclaY4`sMK}Sy~w#r&?M6=`Mz(Tn=0lsG_q|lBy(kb#xH+W
zx!Q11%Y9*JbIEwvMhV6@Y(p)nNU{sBE!bDr-(-cqTC!GYmcQeA)W7N4oo7Epe#^Cr
z9=X`u$k9_Da=E)d!Zm2arMB!*8PqA(dELOP>WAv-#8Tw>)(P!T0a@NJ&Mlb-<FX#i
z^5lzOrI=Xmz7R3lSp=Z5MOjv>T#L92Zg^%aa!3>d`ypajd+9F^b9n7Bt3bXVR>k*`
zM0$ccB;<bkofd8n&?>OcOz8Q$<khiR?{WPZX%5_O%NJ~CPHiljs0Tk@M}2l*)pF4G
z65Hu2ywn`HMLz9NX80rFFE__;(+<DUm?(?Ua9w+LM;G+>3v^=whtioSLvGu=ddJ7d
z*7-A#gRyRV(O;ueDF#LEAWw4U+6O0MaP$`KA4k{6G)4*j%va9;?Mgt+gEV8%x%7W|
zEEwX0Vjy7508*N40tv630=>wvOJ__k>-Szg+St?(8Jxo_UTSVs>LDUJ6M^{6MA<!*
z|KJ74(@X^+Gzzu~PCp~ph@bGybI4GU@yLMlyl)TCsVVWcZCZOds&@bYW+`C)V@w=%
zO-cFWCdyUhgyEM1`ZaKi?Vktq>m+|&$^YB#NzEX>AGzINLJ%gT^L)v}IkE3_-u>`e
zEF`IGFjxO0$|i5Kq_I_J7yn)rPGCSjOrNCkbMt0+a^m;tQlbjhG{Z!)zg>Bjj*=zs
zq=I$g#zT9z`WShozpRIE43EN}UXnlDdjs+i70&3St0ePTc&9m~F&}MCvo23Qdb@u7
zh_{cs@^BAosbc=;m)g2*+Gow&M{`)3nD;=IXx0_1z<=81Qu!V49y)pSpX84<W90AD
z#{`1dK*b;hrK8Wf6XyTfruL(=l4q;iMx1}w_TSIEV_AiY%(}Ie>TJu((SJH|hWFr9
zQUS@)0u)9BuMK+!mZjfVm1FK(EsfaZL(#lkN9*IWI||2|jaAMcjrXw;xTx`>k$hNA
z>z^T%M}IgvrwpxUyePfvM!&Oi|NbkLY@4Te+?(=5nT6_a;7375MLO@^!{`44LDlDt

literal 0
HcmV?d00001

diff --git a/go.mod b/go.mod
new file mode 100644
index 0000000..09e45f2
--- /dev/null
+++ b/go.mod
@@ -0,0 +1,91 @@
+module github.com/adyen/kubectl-rexec
+
+go 1.23.1
+
+require (
+	github.com/google/uuid v1.6.0
+	github.com/gorilla/mux v1.8.1
+	github.com/rs/zerolog v1.33.0
+	github.com/spf13/cobra v1.8.1
+	k8s.io/api v0.32.0
+	k8s.io/apimachinery v0.32.0
+	k8s.io/cli-runtime v0.31.4
+	k8s.io/client-go v0.32.0
+	k8s.io/component-base v0.31.4
+	k8s.io/kubectl v0.31.4
+)
+
+require (
+	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
+	github.com/MakeNowJust/heredoc v1.0.0 // indirect
+	github.com/blang/semver/v4 v4.0.0 // indirect
+	github.com/chai2010/gettext-go v1.0.2 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/daviddengcn/go-colortext v1.0.0 // indirect
+	github.com/distribution/reference v0.6.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
+	github.com/fatih/camelcase v1.0.0 // indirect
+	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
+	github.com/go-errors/errors v1.4.2 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-openapi/jsonpointer v0.21.0 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
+	github.com/go-openapi/swag v0.23.0 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/btree v1.0.1 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
+	github.com/gorilla/websocket v1.5.0 // indirect
+	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/jonboulle/clockwork v0.4.0 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
+	github.com/lithammer/dedent v1.1.0 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.19 // indirect
+	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
+	github.com/moby/spdystream v0.5.0 // indirect
+	github.com/moby/term v0.5.0 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
+	github.com/opencontainers/go-digest v1.0.0 // indirect
+	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/russross/blackfriday/v2 v2.1.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/x448/float16 v0.8.4 // indirect
+	github.com/xlab/treeprint v1.2.0 // indirect
+	golang.org/x/net v0.30.0 // indirect
+	golang.org/x/oauth2 v0.23.0 // indirect
+	golang.org/x/sync v0.8.0 // indirect
+	golang.org/x/sys v0.26.0 // indirect
+	golang.org/x/term v0.25.0 // indirect
+	golang.org/x/text v0.19.0 // indirect
+	golang.org/x/time v0.7.0 // indirect
+	google.golang.org/protobuf v1.35.1 // indirect
+	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/component-helpers v0.32.0 // indirect
+	k8s.io/klog/v2 v2.130.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect
+	k8s.io/metrics v0.32.0 // indirect
+	k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 // indirect
+	sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect
+	sigs.k8s.io/kustomize/api v0.18.0 // indirect
+	sigs.k8s.io/kustomize/kustomize/v5 v5.5.0 // indirect
+	sigs.k8s.io/kustomize/kyaml v0.18.1 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.2 // indirect
+	sigs.k8s.io/yaml v1.4.0 // indirect
+)
diff --git a/go.sum b/go.sum
new file mode 100644
index 0000000..33d52c9
--- /dev/null
+++ b/go.sum
@@ -0,0 +1,262 @@
+github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0=
+github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
+github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ=
+github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
+github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
+github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
+github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk=
+github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA=
+github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
+github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
+github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
+github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/daviddengcn/go-colortext v1.0.0 h1:ANqDyC0ys6qCSvuEK7l3g5RaehL/Xck9EX8ATG8oKsE=
+github.com/daviddengcn/go-colortext v1.0.0/go.mod h1:zDqEI5NVUop5QPpVJUxE9UO10hRnmkD5G4Pmri9+m4c=
+github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
+github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
+github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
+github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
+github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4=
+github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc=
+github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8=
+github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc=
+github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E=
+github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
+github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA=
+github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og=
+github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
+github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
+github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ=
+github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY=
+github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
+github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k=
+github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
+github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE=
+github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ=
+github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
+github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
+github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
+github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
+github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
+github.com/golangplus/bytes v0.0.0-20160111154220-45c989fe5450/go.mod h1:Bk6SMAONeMXrxql8uvOKuAZSu8aM5RUGv+1C6IJaEho=
+github.com/golangplus/bytes v1.0.0/go.mod h1:AdRaCFwmc/00ZzELMWb01soso6W1R/++O1XL80yAn+A=
+github.com/golangplus/fmt v1.0.0/go.mod h1:zpM0OfbMCjPtd2qkTD/jX2MgiFCqklhSUFyDW44gVQE=
+github.com/golangplus/testing v1.0.0 h1:+ZeeiKZENNOMkTTELoSySazi+XaEhVO0mb+eanrSEUQ=
+github.com/golangplus/testing v1.0.0/go.mod h1:ZDreixUV3YzhoVraIDyOzHrr76p6NUh6k/pPg/Q3gYA=
+github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4=
+github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA=
+github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I=
+github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
+github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo=
+github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
+github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
+github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
+github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
+github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
+github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA=
+github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
+github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
+github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/jonboulle/clockwork v0.4.0 h1:p4Cf1aMWXnXAUh8lVfewRBx1zaTSYKrKMF2g3ST4RZ4=
+github.com/jonboulle/clockwork v0.4.0/go.mod h1:xgRqUGwRcjKCO1vbZUEtSLrqKoPSsUpK7fnezOII0kc=
+github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
+github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
+github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
+github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0=
+github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE=
+github.com/lithammer/dedent v1.1.0 h1:VNzHMVCBNG1j0fh3OrsFRkVUwStdDArbgBWoPAffktY=
+github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc=
+github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
+github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
+github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
+github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
+github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
+github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0=
+github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0=
+github.com/moby/spdystream v0.5.0 h1:7r0J1Si3QO/kjRitvSLVVFUjxMEb/YLj6S9FF62JBCU=
+github.com/moby/spdystream v0.5.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI=
+github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
+github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
+github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0=
+github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
+github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus=
+github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
+github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM=
+github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo=
+github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4=
+github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog=
+github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
+github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
+github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=
+github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
+github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
+github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
+github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8=
+github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
+github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ=
+github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
+github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
+github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
+github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
+github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
+github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ=
+github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0=
+github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
+golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
+golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
+golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
+golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
+golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24=
+golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
+golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ=
+golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
+golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ=
+golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
+google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4=
+gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M=
+gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
+gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+k8s.io/api v0.32.0 h1:OL9JpbvAU5ny9ga2fb24X8H6xQlVp+aJMFlgtQjR9CE=
+k8s.io/api v0.32.0/go.mod h1:4LEwHZEf6Q/cG96F3dqR965sYOfmPM7rq81BLgsE0p0=
+k8s.io/apimachinery v0.32.0 h1:cFSE7N3rmEEtv4ei5X6DaJPHHX0C+upp+v5lVPiEwpg=
+k8s.io/apimachinery v0.32.0/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE=
+k8s.io/cli-runtime v0.31.4 h1:iczCWiyXaotW+hyF5cWP8RnEYBCzZfJUF6otJ2m9mw0=
+k8s.io/cli-runtime v0.31.4/go.mod h1:0/pRzAH7qc0hWx40ut1R4jLqiy2w/KnbqdaAI2eFG8U=
+k8s.io/client-go v0.32.0 h1:DimtMcnN/JIKZcrSrstiwvvZvLjG0aSxy8PxN8IChp8=
+k8s.io/client-go v0.32.0/go.mod h1:boDWvdM1Drk4NJj/VddSLnx59X3OPgwrOo0vGbtq9+8=
+k8s.io/component-base v0.31.4 h1:wCquJh4ul9O8nNBSB8N/o8+gbfu3BVQkVw9jAUY/Qtw=
+k8s.io/component-base v0.31.4/go.mod h1:G4dgtf5BccwiDT9DdejK0qM6zTK0jwDGEKnCmb9+u/s=
+k8s.io/component-helpers v0.32.0 h1:pQEEBmRt3pDJJX98cQvZshDgJFeKRM4YtYkMmfOlczw=
+k8s.io/component-helpers v0.32.0/go.mod h1:9RuClQatbClcokXOcDWSzFKQm1huIf0FzQlPRpizlMc=
+k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
+k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
+k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y=
+k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f/go.mod h1:R/HEjbvWI0qdfb8viZUeVZm0X6IZnxAydC7YU42CMw4=
+k8s.io/kubectl v0.31.4 h1:c8Af8xd1VjyoKyWMW0xHv2+tYxEjne8s6OOziMmaD10=
+k8s.io/kubectl v0.31.4/go.mod h1:0E0rpXg40Q57wRE6LB9su+4tmwx1IzZrmIEvhQPk0i4=
+k8s.io/metrics v0.32.0 h1:70qJ3ZS/9DrtH0UA0NVBI6gW2ip2GAn9e7NtoKERpns=
+k8s.io/metrics v0.32.0/go.mod h1:skdg9pDjVjCPIQqmc5rBzDL4noY64ORhKu9KCPv1+QI=
+k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro=
+k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
+sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 h1:/Rv+M11QRah1itp8VhT6HoVx1Ray9eB4DBr+K+/sCJ8=
+sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3/go.mod h1:18nIHnGi6636UCz6m8i4DhaJ65T6EruyzmoQqI2BVDo=
+sigs.k8s.io/kustomize/api v0.18.0 h1:hTzp67k+3NEVInwz5BHyzc9rGxIauoXferXyjv5lWPo=
+sigs.k8s.io/kustomize/api v0.18.0/go.mod h1:f8isXnX+8b+SGLHQ6yO4JG1rdkZlvhaCf/uZbLVMb0U=
+sigs.k8s.io/kustomize/kustomize/v5 v5.5.0 h1:o1mtt6vpxsxDYaZKrw3BnEtc+pAjLz7UffnIvHNbvW0=
+sigs.k8s.io/kustomize/kustomize/v5 v5.5.0/go.mod h1:AeFCmgCrXzmvjWWaeZCyBp6XzG1Y0w1svYus8GhJEOE=
+sigs.k8s.io/kustomize/kyaml v0.18.1 h1:WvBo56Wzw3fjS+7vBjN6TeivvpbW9GmRaWZ9CIVmt4E=
+sigs.k8s.io/kustomize/kyaml v0.18.1/go.mod h1:C3L2BFVU1jgcddNBE1TxuVLgS46TjObMwW5FT9FcjYo=
+sigs.k8s.io/structured-merge-diff/v4 v4.4.2 h1:MdmvkGuXi/8io6ixD5wud3vOLwc1rj0aNqRlpuvjmwA=
+sigs.k8s.io/structured-merge-diff/v4 v4.4.2/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4=
+sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
+sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
diff --git a/main.go b/main.go
new file mode 100644
index 0000000..061c588
--- /dev/null
+++ b/main.go
@@ -0,0 +1,7 @@
+package main
+
+import plugin "github.com/adyen/kubectl-rexec/plugin"
+
+func main() {
+	plugin.Rexec()
+}
diff --git a/manifests/apiservice.yaml b/manifests/apiservice.yaml
new file mode 100644
index 0000000..24092d3
--- /dev/null
+++ b/manifests/apiservice.yaml
@@ -0,0 +1,14 @@
+apiVersion: apiregistration.k8s.io/v1
+kind: APIService
+metadata:
+  name: v1beta1.audit.adyen.internal
+spec:
+  group: audit.adyen.internal
+  groupPriorityMinimum: 100
+  caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURvakNDQW9xZ0F3SUJBZ0lVYnl6UTloVFViV3dwTFAwS05adk9uQ3l5emZVd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0h6RWRNQnNHQTFVRUF4TVVaSFZ0YlhrdVlXUjVaVzR1YVc1MFpYSnVZV3d3SGhjTk1qUXhNakUyTVRNeQpOekl5V2hjTk16UXhNakUwTVRNeU56UTJXakEyTVRRd01nWURWUVFERXl0a2RXMXRlUzVoWkhsbGJpNXBiblJsCmNtNWhiQ0JKYm5SbGNtMWxaR2xoZEdVZ1FYVjBhRzl5YVhSNU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0MKQVE4QU1JSUJDZ0tDQVFFQTdob2hKa0Z2d2ZpTldaK29RZ0Y1K0E3aEgrMnhsaFdhcm9rZDQwWFRoQlQ5dEMwVQplVkxZajF3MGR1UERhMXhqdUllQjhnQmVRTGpKbVlkU2oxblhHSUZ3Nzl6Qm5SMUhwK2FZRjNxRllLb1VLZ0tpCkp4bnNMa3NsZXE2amtBWmVpVFI5ZUdrNGQrU2xrZHB2VlZ1c2ZYV2hsZkhPeVRJWld1YW9NaEZXWC9RdThVNzcKMUxLdFUyT2dtWC9uOHEwZ2JtdmYwWUYvMGNnWExIR1Z2QUhvYjRTTmp5cjRkejdqZUhubVkza1E5UU5tY21nOQpidmNaenBYZXNSdzJjc013T1BhTHM2NmJleldRcW4vMWtYNUxUUTJyK2RCSWdQOEU5aW9YbnZ6QUpHSUZSOHV0CjNYekd0ejNjOW1URERPNlpHajVlbGV4eExIYjR3SkhXTW1UUUVRSURBUUFCbzRHK01JRzdNQTRHQTFVZER3RUIKL3dRRUF3SUJCakFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQjBHQTFVZERnUVdCQlRyWEhvVWZXbnhOLzQrZWFoagp2UUQvMnRsL2R6QWZCZ05WSFNNRUdEQVdnQlRiSUxsZ1JHUEYrelFTWDdxOFIwb1RvWVAwVnpCWUJnZ3JCZ0VGCkJRY0JBUVJNTUVvd1NBWUlLd1lCQlFVSE1BS0dQR2gwZEhCek9pOHZkbUYxYkhRdGNHdHBMbTFoY25SdmJpNWwKZUhRdVpYVXVZV1I1Wlc0dWMyRnVaR0p2ZURvNE1qQXdMM1l4TDNCcmFTOWpZVEFOQmdrcWhraUc5dzBCQVFzRgpBQU9DQVFFQURxSW1jVm5UVFVaZEJoQVRrejVnYWdubHArY1EvUmY3MW5YNitnanZEcnRVSFg4bERpbHJMVC9oCitrQXZNZmNuS0VNQWJvMmVvU2VwY1NOY25sUDNBSEUzMHhBRzFRVGpFVTRuN0pxTGp0QmFIK0ZvSXd5QTRhRGsKNGpwZVZTUm5OWGNzanZRYmpLdTgzd3pTZ2J5OVJkNG00ajVvMVN3VXAwekZLVGNGWkx1bG84RUw3ZG9aNm1YMQpiY3I1WlJlYjJGanhQaHplVTVKU1EvUVhneGIwSjFFUjVzTER1ZmRweElCUVlpeGtnZkhpOGZxYkZKc0F0VmcxCmNHN2RXZWQ2ZWF3MXNLZk1aU3hUUy9HZEtRTDNob3J4MHNvQlhLdEY4REYrOXRsZ2tVZnk2VUVSYm43RzViankKMUptTTFmU2dOZXprR2l4UXlTODdabEk1cXhRTVpRPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJRFVqQ0NBanFnQXdJQkFnSVVVSytLNUkrWCtYM3lNaXdpNTBHYXZYdnlmY0V3RFFZSktvWklodmNOQVFFTApCUUF3SHpFZE1Cc0dBMVVFQXhNVVpIVnRiWGt1WVdSNVpXNHVhVzUwWlhKdVlXd3dIaGNOTWpReE1qRTJNVE15Ck56RTJXaGNOTXpReE1qRTBNVE15TnpRMldqQWZNUjB3R3dZRFZRUURFeFJrZFcxdGVTNWhaSGxsYmk1cGJuUmwKY201aGJEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU5uSElGS21UejZ1eGlnSgpKaGt4RWRrcXp3L0x3aDBNVXN5a0IvcXM0V0FsejhaL21DUi9BSVlyVTY4N21adlhvcDN0UHhjZlpnRUkzOW4wCmNyUU9UN0ZzWk9vekZCRjJhOVE2TWoycVFnb1Rodkc3K0VSY1pvcHIvYTdDWXcyRzd6MytrQ2FOUXdvUHpib1UKQlZQRjk3c3lVNFpIdUVPS3pjZk9YbWRlNm1jdG9PZXRaOWd1VnNHeEMwMlNpQUR3ZVdTZ2Y0bVY3RlBmTTI5TgpPcndGeUd4c05vUzNrcjViNy9WejhwQzhCUHpDRjUxRDIwZXJ2SmZMVmRVc3ZLQkR1cXdxdFZTUFE5eGxuWkFoCnVFQXpjRE1ua2xLU3NHYmp0dkZKbmJJTWVqWldybXZSS0g2YURtQW01bXNrRHRjYmc2NDk1NHcyMkROWVFDRnIKcGxXRFM2RUNBd0VBQWFPQmhUQ0JnakFPQmdOVkhROEJBZjhFQkFNQ0FRWXdEd1lEVlIwVEFRSC9CQVV3QXdFQgovekFkQmdOVkhRNEVGZ1FVMnlDNVlFUmp4ZnMwRWwrNnZFZEtFNkdEOUZjd0h3WURWUjBqQkJnd0ZvQVUyeUM1CllFUmp4ZnMwRWwrNnZFZEtFNkdEOUZjd0h3WURWUjBSQkJnd0ZvSVVaSFZ0YlhrdVlXUjVaVzR1YVc1MFpYSnUKWVd3d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFESzltTkhSNW9UNmRySGpZQ0xPNG5pZHhhdldBbzF0YTJEagpWcURGUGlaUEhPTGVxcVE3YVpHb3YzRzh3Y0I1cnB0UCtRaGFxU2x5eHRUSHQ3MVhtdUdzelh3MjZTSHNzQUROCkpBQ0dHVUNXcDd3QitxVUJjbHVYTDljUmsyOHhHczYzcGJWMHlmZEVXK3NTeTlhVGJTcHhaallwb2tUcU5NQnQKNFRySGQ3TWxoM2djaU10MFJVUVVJaVhGYmx0N1RLSGI1eW13OUlDd1pkUGZ1V214VnNqY2ZGVHozK3lqT09UbwpaWkJOQmY5TVkrWlg5ZjNzRzFhOFFzK3dHUUtTREFaSlNlTWJlU25JMG5CNTlKYm5ZR2NmWVM2M2lIampIM1dhClp1Q0FRS2V6bkNpbUI2M1RoY2psaWduZkJpWksybE4xZThQZ3JKZmlkaGZUZWpuSzBNRT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
+  service:
+    name: rexec
+    namespace: kube-system
+    port: 8443
+  version: v1beta1
+  versionPriority: 100
\ No newline at end of file
diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml
new file mode 100644
index 0000000..f1b45ea
--- /dev/null
+++ b/manifests/deployment.yaml
@@ -0,0 +1,46 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: rexec
+  name: rexec
+  namespace: kube-system
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: rexec
+  strategy: {}
+  template:
+    metadata:
+      labels:
+        app: rexec
+    spec:
+      serviceAccountName: rexec-impersonator
+      automountServiceAccountToken: true
+      containers:
+      - image: ghcr.io/adyen/kubectl-rexec:latest
+        imagePullPolicy: Always
+        name: rexec
+        ports:
+        - containerPort: 8443
+        args:
+        - --audit-trace
+        - --by-pass-user=system:admin
+        resources:
+          requests:
+            ephemeral-storage: "1Gi"
+            cpu: 150m
+            memory: "128Mi"
+          limits:
+            ephemeral-storage: "1Gi"
+            cpu: 300m
+            memory: "256Mi"
+        volumeMounts:
+        - mountPath: /etc/pki/rexec
+          name: rexec-tls
+          readOnly: true
+      volumes:
+      - name: rexec-tls
+        secret:
+          secretName: rexec-tls
diff --git a/manifests/kustomization.yaml b/manifests/kustomization.yaml
new file mode 100644
index 0000000..61c0c00
--- /dev/null
+++ b/manifests/kustomization.yaml
@@ -0,0 +1,11 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: kube-system
+resources:
+  - apiservice.yaml
+  - deployment.yaml
+  - rbac.yaml
+  - secrets.yaml
+  - service.yaml
+  - webhook.yaml
\ No newline at end of file
diff --git a/manifests/rbac.yaml b/manifests/rbac.yaml
new file mode 100644
index 0000000..ecb5db7
--- /dev/null
+++ b/manifests/rbac.yaml
@@ -0,0 +1,30 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: rexec-impersonator
+rules:
+- apiGroups: [""]
+  resources: ["users", "groups"]
+  verbs: ["impersonate"]
+- apiGroups: ["authentication.k8s.io"]
+  resources: ["userextras/secret-sauce"]
+  verbs: ["impersonate"]
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rexec-impersonator
+automountServiceAccountToken: true
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: rexec-impersonator
+subjects:
+- kind: ServiceAccount
+  name: rexec-impersonator
+  namespace: kube-system
+roleRef:
+  kind: ClusterRole
+  name: rexec-impersonator
+  apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
diff --git a/manifests/secrets.yaml b/manifests/secrets.yaml
new file mode 100644
index 0000000..24a5fab
--- /dev/null
+++ b/manifests/secrets.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: rexec-tls
+  namespace: kube-system
+type: kubernetes.io/tls
+data:
+  tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQwekNDQXJ1Z0F3SUJBZ0lVUlZwdzQ2YUdCek1na3MrVHBOeTNkcGhYSVc0d0RRWUpLb1pJaHZjTkFRRUwKQlFBd05qRTBNRElHQTFVRUF4TXJaSFZ0YlhrdVlXUjVaVzR1YVc1MFpYSnVZV3dnU1c1MFpYSnRaV1JwWVhSbApJRUYxZEdodmNtbDBlVEFlRncweU5ERXlNVFl4TXpNd05EaGFGdzB6TkRFeU1EUXhNek14TVRoYU1CQXhEakFNCkJnTlZCQU1UQlhKbGVHVmpNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXJyY0gKY3RUR002OVBtLzFqT3M5VmVZTjdhcWkvN1JWNU1UTHc0MWZXSElzb3BzOFk0Y0hIVmZNNEJZcW1rK0pVWlMvVwpzWnRvUWJiTG1HNWxpWU5PNVRrWERjdVVtb1dibzREcE5JeXZsS2Y4S2M3VVpCUGRKcW9DTkR3ekZvT082NG90Ck9uS0c4eUtGT1B6QU1mSHp1UFlodklaNWptK3ljRWFCWWxkSjQ2UUxKYStta0xVSHFUU3ZGZzluV0doM2VpWVgKRzNyRUQ0b0NSWkJ6THg0Nml0UjFGaXJmeG8xVmNybEhRbm43SHFUTDBCODZRY1RQYWZheWlRWWMvWHRZeHVoNwpjWTlLcXR4ME9yZVNiZUtlUTZDdFYwZS9CL21iK3ROTzUvVTd0bi9WanZlR0p6NUp0UmlDWEdpRFZaL21oOEwwCmVDdXc0K3c4dm43a2xpOHFTUUlEQVFBQm80SCtNSUg3TUE0R0ExVWREd0VCL3dRRUF3SURxREFkQmdOVkhTVUUKRmpBVUJnZ3JCZ0VGQlFjREFRWUlLd1lCQlFVSEF3SXdIUVlEVlIwT0JCWUVGTGxyN3BxbmIzQ1JJVkFTRTV2YQpvNlBzbUpJV01COEdBMVVkSXdRWU1CYUFGT3RjZWhSOWFmRTMvajU1cUdPOUFQL2EyWDkzTUlHSkJnTlZIUkVFCmdZRXdmNElKYkc5allXeG9iM04wZ2dWeVpYaGxZNElSY21WNFpXTXVhM1ZpWlMxemVYTjBaVzJDRlhKbGVHVmoKTG10MVltVXRjM2x6ZEdWdExuTjJZNElpY21WNFpXTXVhM1ZpWlMxemVYTjBaVzB1YzNaakxtTnNkWE5sY2k1cwpiMk5oYklJZGNtVjRaV011YTNWaVpTMXplWE4wWlcwdWMzWmpMbU5zZFhOMFpYSXdEUVlKS29aSWh2Y05BUUVMCkJRQURnZ0VCQU9LMzNwdzhycitrMGtlb0ltQ2dIVUtvR0pjSmxUanlOdUVHLzF3TzIrNWU0OHZkb0pwU0NYdFEKczBCcHBjZWcvSyt0SXZHYWNHRVZ4UjUrVVRFYlhSTExabXlBeG12QVJheFhmRWtmOHJhS1lKbDAyMmFaU2ttago3YnNHOUY1amFuQXF1L2ZlZ1N2V0h1cy9RaGM1dHBrVHFUOEM2WURaelgwTXdGb0VOK1h2a1ZaNDN4aXhlQWhoCkpXVzhiaFV3L3lkV25yVFo4RkM4bzhWTWczTDFBeityckJ4ZnJUS3hVRHJqdWpEanJTRk55SElFN0hjOHB5bVgKeDBTdWVSbmw1TDFIaG5ydjRFTUNabk9jbEVjWFU0NDZOUE9uUC9NRlhXSHRxZ1Mzd0lNbjQ2VU5HN0IrcHlHdgpBL2t4Nm1pNEhXTzBURzNYVmM0bUpPTmY1WHhOdXNRPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+  tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBcnJjSGN0VEdNNjlQbS8xak9zOVZlWU43YXFpLzdSVjVNVEx3NDFmV0hJc29wczhZCjRjSEhWZk00QllxbWsrSlVaUy9Xc1p0b1FiYkxtRzVsaVlOTzVUa1hEY3VVbW9XYm80RHBOSXl2bEtmOEtjN1UKWkJQZEpxb0NORHd6Rm9PTzY0b3RPbktHOHlLRk9QekFNZkh6dVBZaHZJWjVqbSt5Y0VhQllsZEo0NlFMSmErbQprTFVIcVRTdkZnOW5XR2gzZWlZWEczckVENG9DUlpCekx4NDZpdFIxRmlyZnhvMVZjcmxIUW5uN0hxVEwwQjg2ClFjVFBhZmF5aVFZYy9YdFl4dWg3Y1k5S3F0eDBPcmVTYmVLZVE2Q3RWMGUvQi9tYit0Tk81L1U3dG4vVmp2ZUcKSno1SnRSaUNYR2lEVlovbWg4TDBlQ3V3NCt3OHZuN2tsaThxU1FJREFRQUJBb0lCQVFDUW16YlVDVjMrKzFRVgoxUlNqWVdYcWpEUERKT2F0c1Q4OHhGL3ltd25CV0VDT1NBemRGZ2tKajZSSG1lbWpyd21STXBZdExHYVBOVit2CnkzZkk2R0NOZ3NJZERlbnlOekdKazdIeFo1d1Btell2MkZ1Y2RZQnVkdm9hQjlWMUJmQnQ3VkRmOWxqUnRqbXoKNENhbmNBMzhnZU9NYVhVRXVsaGphMGU5Z0dmTXUrU3dIMW9oTlpJVHpncXZsMGNqb3VUS2ZUQXdPTkYrSHJQagpBdUV5ZXJqREhVcStXRVg2Ty82MFZBaGM5cnBwd05vSHhjM1ZMeUk2cUhTaDZPeGt5d0x3SmsvU1NKLzIvRFQrClBPRTBGYXRkNFRBUzBPSkpqTzk0cWUyZy8weEtNbkV2R2gzTktlQUppTS90L2VBNEhPOTVUeXA2U0kwOERCUnIKNktvN05XbHhBb0dCQU5sOCtQRzRScG5LQVpYckEvNk1yRDN4ZDlDcFFqc202c1QxdGd2Y0NaY1B2UlJBc3dscAprcEVrRGRteEdCSHJZaDdrM3JUNk5jNjRlZm5vTVV2eVQ2anNXK2tNMy9XU0dmcG5BeTVjRXgxQmFNK2haN1d2CnpHTE5LZnFzanZrdlV2NExaeUpaMXgvVXhObXdLZ2NJZjRJYm95SjNFS1dOVFppM0JTdGRpQjJsQW9HQkFNMm4KRndvcjROanpibm9PZWtNblN4L2k1aHoyNjBoWW5xQTlJSk93M2ZGeGJPOGZ0ZVcxYUxVN1Q3MHIrVnpiMjlWegpxbE1GaHpmaVdGQkhQM0FxOE1CRWN1aEdxRVZYRXo3ZE53MlByaWlVMnZRVGZ3SDhGRWZhYXI0SXdUdE9Dc2k4CkRoZ2lIREt6SndVR1paNWhmL2s5eFdMZlAyOFdRaUxpZ0tNTjdJRFZBb0dCQUp0b2I4TForS2ovN2U0Z2h6UW4KZFJTMkxQV1BYT0pEeHRLQytWaTBISzR5OHRzNytETXJteTNYWTRaQXc0QmFnRHl2TW15RHRsdEcrdklXZHROYwpESXdhaVBxWTFwZjFsRmFYc1hBNUh2ZHl1K0JSNTNldWJRL1Vwc0NXK1hzWjArWHdZL3ZwMG96T1R2TjJyREZtCll5YW5kUVMxcTlHQWpRZ3BENnFUSlNaNUFvR0FicEc3elhneDkvTktIczNSNW5FbDd3cnJkZjg4R1RXc2M3THAKNVA1ZkZnVko4SGM0TVQwTUF3VFVwbjBTSVY4RUh3dUZOQVh3NFpjTXJIemlHc2k3a0dRODg2MnBvejVoMXBiUgpsclQ5aWt3ZVBNU09zTjU3ZVBaeUZhSlhZaTlmbFBXbkRrcW9wb20wSFB1SGYxUWtuamtiKzBEVXRrRmRaYXdxClJZQ2krOUVDZ1lCd2M2aW0yNFBqbm5SZEx3QjVwK3NkbUl2ZllSTTBzZCsyLzllTWZ2clE2eTUxYjRLQ2NvUEMKbXhqNndHbndUZEhFbXBPMTd3TTNGd0VQVHBYSUxFeHo4U3BTaWxBTS8wWkVYZVg5eHRTdHo5R215cDFxTGQ5aQoxa2tlRW5PL3V2cXVxWjQxMFJhcmluKytoZjZ2S04rZkNCVGd1dS8wUVhENVdFRi9rYlpWZmc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
diff --git a/manifests/service.yaml b/manifests/service.yaml
new file mode 100644
index 0000000..898ba9b
--- /dev/null
+++ b/manifests/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: rexec
+  namespace: kube-system
+spec:
+  sessionAffinity: ClientIP
+  ports:
+  - name: rexec
+    port: 8443
+    protocol: TCP
+    targetPort: 8443
+  selector:
+    app: rexec
+  type: ClusterIP
\ No newline at end of file
diff --git a/manifests/webhook.yaml b/manifests/webhook.yaml
new file mode 100644
index 0000000..5cb6604
--- /dev/null
+++ b/manifests/webhook.yaml
@@ -0,0 +1,21 @@
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name: deny-pod-exec
+webhooks:
+- name: deny-pod-exec.k8s.io
+  clientConfig:
+    service:
+      name: rexec
+      namespace: kube-system
+      port: 8443
+      path: /validate-exec
+    caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURvakNDQW9xZ0F3SUJBZ0lVYnl6UTloVFViV3dwTFAwS05adk9uQ3l5emZVd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0h6RWRNQnNHQTFVRUF4TVVaSFZ0YlhrdVlXUjVaVzR1YVc1MFpYSnVZV3d3SGhjTk1qUXhNakUyTVRNeQpOekl5V2hjTk16UXhNakUwTVRNeU56UTJXakEyTVRRd01nWURWUVFERXl0a2RXMXRlUzVoWkhsbGJpNXBiblJsCmNtNWhiQ0JKYm5SbGNtMWxaR2xoZEdVZ1FYVjBhRzl5YVhSNU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0MKQVE4QU1JSUJDZ0tDQVFFQTdob2hKa0Z2d2ZpTldaK29RZ0Y1K0E3aEgrMnhsaFdhcm9rZDQwWFRoQlQ5dEMwVQplVkxZajF3MGR1UERhMXhqdUllQjhnQmVRTGpKbVlkU2oxblhHSUZ3Nzl6Qm5SMUhwK2FZRjNxRllLb1VLZ0tpCkp4bnNMa3NsZXE2amtBWmVpVFI5ZUdrNGQrU2xrZHB2VlZ1c2ZYV2hsZkhPeVRJWld1YW9NaEZXWC9RdThVNzcKMUxLdFUyT2dtWC9uOHEwZ2JtdmYwWUYvMGNnWExIR1Z2QUhvYjRTTmp5cjRkejdqZUhubVkza1E5UU5tY21nOQpidmNaenBYZXNSdzJjc013T1BhTHM2NmJleldRcW4vMWtYNUxUUTJyK2RCSWdQOEU5aW9YbnZ6QUpHSUZSOHV0CjNYekd0ejNjOW1URERPNlpHajVlbGV4eExIYjR3SkhXTW1UUUVRSURBUUFCbzRHK01JRzdNQTRHQTFVZER3RUIKL3dRRUF3SUJCakFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQjBHQTFVZERnUVdCQlRyWEhvVWZXbnhOLzQrZWFoagp2UUQvMnRsL2R6QWZCZ05WSFNNRUdEQVdnQlRiSUxsZ1JHUEYrelFTWDdxOFIwb1RvWVAwVnpCWUJnZ3JCZ0VGCkJRY0JBUVJNTUVvd1NBWUlLd1lCQlFVSE1BS0dQR2gwZEhCek9pOHZkbUYxYkhRdGNHdHBMbTFoY25SdmJpNWwKZUhRdVpYVXVZV1I1Wlc0dWMyRnVaR0p2ZURvNE1qQXdMM1l4TDNCcmFTOWpZVEFOQmdrcWhraUc5dzBCQVFzRgpBQU9DQVFFQURxSW1jVm5UVFVaZEJoQVRrejVnYWdubHArY1EvUmY3MW5YNitnanZEcnRVSFg4bERpbHJMVC9oCitrQXZNZmNuS0VNQWJvMmVvU2VwY1NOY25sUDNBSEUzMHhBRzFRVGpFVTRuN0pxTGp0QmFIK0ZvSXd5QTRhRGsKNGpwZVZTUm5OWGNzanZRYmpLdTgzd3pTZ2J5OVJkNG00ajVvMVN3VXAwekZLVGNGWkx1bG84RUw3ZG9aNm1YMQpiY3I1WlJlYjJGanhQaHplVTVKU1EvUVhneGIwSjFFUjVzTER1ZmRweElCUVlpeGtnZkhpOGZxYkZKc0F0VmcxCmNHN2RXZWQ2ZWF3MXNLZk1aU3hUUy9HZEtRTDNob3J4MHNvQlhLdEY4REYrOXRsZ2tVZnk2VUVSYm43RzViankKMUptTTFmU2dOZXprR2l4UXlTODdabEk1cXhRTVpRPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJRFVqQ0NBanFnQXdJQkFnSVVVSytLNUkrWCtYM3lNaXdpNTBHYXZYdnlmY0V3RFFZSktvWklodmNOQVFFTApCUUF3SHpFZE1Cc0dBMVVFQXhNVVpIVnRiWGt1WVdSNVpXNHVhVzUwWlhKdVlXd3dIaGNOTWpReE1qRTJNVE15Ck56RTJXaGNOTXpReE1qRTBNVE15TnpRMldqQWZNUjB3R3dZRFZRUURFeFJrZFcxdGVTNWhaSGxsYmk1cGJuUmwKY201aGJEQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQU5uSElGS21UejZ1eGlnSgpKaGt4RWRrcXp3L0x3aDBNVXN5a0IvcXM0V0FsejhaL21DUi9BSVlyVTY4N21adlhvcDN0UHhjZlpnRUkzOW4wCmNyUU9UN0ZzWk9vekZCRjJhOVE2TWoycVFnb1Rodkc3K0VSY1pvcHIvYTdDWXcyRzd6MytrQ2FOUXdvUHpib1UKQlZQRjk3c3lVNFpIdUVPS3pjZk9YbWRlNm1jdG9PZXRaOWd1VnNHeEMwMlNpQUR3ZVdTZ2Y0bVY3RlBmTTI5TgpPcndGeUd4c05vUzNrcjViNy9WejhwQzhCUHpDRjUxRDIwZXJ2SmZMVmRVc3ZLQkR1cXdxdFZTUFE5eGxuWkFoCnVFQXpjRE1ua2xLU3NHYmp0dkZKbmJJTWVqWldybXZSS0g2YURtQW01bXNrRHRjYmc2NDk1NHcyMkROWVFDRnIKcGxXRFM2RUNBd0VBQWFPQmhUQ0JnakFPQmdOVkhROEJBZjhFQkFNQ0FRWXdEd1lEVlIwVEFRSC9CQVV3QXdFQgovekFkQmdOVkhRNEVGZ1FVMnlDNVlFUmp4ZnMwRWwrNnZFZEtFNkdEOUZjd0h3WURWUjBqQkJnd0ZvQVUyeUM1CllFUmp4ZnMwRWwrNnZFZEtFNkdEOUZjd0h3WURWUjBSQkJnd0ZvSVVaSFZ0YlhrdVlXUjVaVzR1YVc1MFpYSnUKWVd3d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFESzltTkhSNW9UNmRySGpZQ0xPNG5pZHhhdldBbzF0YTJEagpWcURGUGlaUEhPTGVxcVE3YVpHb3YzRzh3Y0I1cnB0UCtRaGFxU2x5eHRUSHQ3MVhtdUdzelh3MjZTSHNzQUROCkpBQ0dHVUNXcDd3QitxVUJjbHVYTDljUmsyOHhHczYzcGJWMHlmZEVXK3NTeTlhVGJTcHhaallwb2tUcU5NQnQKNFRySGQ3TWxoM2djaU10MFJVUVVJaVhGYmx0N1RLSGI1eW13OUlDd1pkUGZ1V214VnNqY2ZGVHozK3lqT09UbwpaWkJOQmY5TVkrWlg5ZjNzRzFhOFFzK3dHUUtTREFaSlNlTWJlU25JMG5CNTlKYm5ZR2NmWVM2M2lIampIM1dhClp1Q0FRS2V6bkNpbUI2M1RoY2psaWduZkJpWksybE4xZThQZ3JKZmlkaGZUZWpuSzBNRT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
+  rules:
+  - apiGroups: [""]
+    apiVersions: ["v1"]
+    operations: ["CONNECT"]
+    resources: ["pods/exec"]
+  admissionReviewVersions: ["v1"]
+  sideEffects: None
+  failurePolicy: Fail
diff --git a/plugin/plugin.go b/plugin/plugin.go
new file mode 100644
index 0000000..59d632b
--- /dev/null
+++ b/plugin/plugin.go
@@ -0,0 +1,206 @@
+package plugin
+
+import (
+	"context"
+	"fmt"
+	"os"
+	"time"
+
+	"github.com/spf13/cobra"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/meta"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/cli-runtime/pkg/genericclioptions"
+	"k8s.io/cli-runtime/pkg/genericiooptions"
+	_ "k8s.io/client-go/plugin/pkg/client/auth/oidc"
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/remotecommand"
+	cliflag "k8s.io/component-base/cli/flag"
+	"k8s.io/kubectl/pkg/cmd"
+	cmdexec "k8s.io/kubectl/pkg/cmd/exec"
+	"k8s.io/kubectl/pkg/cmd/plugin"
+	cmdutil "k8s.io/kubectl/pkg/cmd/util"
+	"k8s.io/kubectl/pkg/cmd/util/podcmd"
+	"k8s.io/kubectl/pkg/scheme"
+	"k8s.io/kubectl/pkg/util/completion"
+	"k8s.io/kubectl/pkg/util/i18n"
+	"k8s.io/kubectl/pkg/util/templates"
+)
+
+// We dont do much here, mostly implementing the same exec command
+// as in upstream, with the difference in the path we are calling
+
+var MatchVersionKubeConfigFlags *cmdutil.MatchVersionFlags
+
+const (
+	defaultPodExecTimeout = 60 * time.Second
+)
+
+func Rexec() {
+	ioStreams := genericiooptions.IOStreams{In: os.Stdin, Out: os.Stdout, ErrOut: os.Stderr}
+	warningsAsErrors := false
+
+	kubectlOptions := cmd.KubectlOptions{
+
+		PluginHandler: cmd.NewDefaultPluginHandler(plugin.ValidPluginFilenamePrefixes),
+		Arguments:     os.Args,
+		ConfigFlags:   genericclioptions.NewConfigFlags(true).WithDeprecatedPasswordFlag().WithDiscoveryBurst(300).WithDiscoveryQPS(50.0).WithWarningPrinter(ioStreams),
+		IOStreams:     ioStreams,
+	}
+
+	cmds := &cobra.Command{
+		Use:   "rexec",
+		Short: i18n.T("rexec plugin for kubectl exec"),
+		Long: templates.LongDesc(`
+      provides audited way to perform kubectl exec.`),
+	}
+
+	cmds.SetGlobalNormalizationFunc(cliflag.WarnWordSepNormalizeFunc)
+
+	flags := cmds.PersistentFlags()
+
+	flags.BoolVar(&warningsAsErrors, "warnings-as-errors", warningsAsErrors, "Treat warnings received from the server as errors and exit with a non-zero exit code")
+
+	kubectlOptions.ConfigFlags.AddFlags(flags)
+
+	MatchVersionKubeConfigFlags = cmdutil.NewMatchVersionFlags(kubectlOptions.ConfigFlags)
+	MatchVersionKubeConfigFlags.AddFlags(flags)
+
+	f := cmdutil.NewFactory(MatchVersionKubeConfigFlags)
+
+	originalExec := cmdexec.NewCmdExec(f, kubectlOptions.IOStreams)
+
+	options := &cmdexec.ExecOptions{
+		StreamOptions: cmdexec.StreamOptions{
+			IOStreams: kubectlOptions.IOStreams,
+		},
+
+		Executor: &cmdexec.DefaultRemoteExecutor{},
+	}
+
+	roptions := &RexecOptoins{
+		ExecOptions: options,
+	}
+
+	newExec := &cobra.Command{
+		Use:                   originalExec.Use,
+		DisableFlagsInUseLine: originalExec.DisableFlagsInUseLine,
+		Short:                 originalExec.Short,
+		Long:                  originalExec.Long,
+		Example:               originalExec.Example,
+		ValidArgsFunction:     originalExec.ValidArgsFunction,
+		Run: func(cmd *cobra.Command, args []string) {
+			argsLenAtDash := cmd.ArgsLenAtDash()
+			cmdutil.CheckErr(roptions.ExecOptions.Complete(f, cmd, args, argsLenAtDash))
+			cmdutil.CheckErr(roptions.ExecOptions.Validate())
+			cmdutil.CheckErr(roptions.rexecRun())
+		},
+	}
+
+	cmdutil.AddPodRunningTimeoutFlag(newExec, defaultPodExecTimeout)
+	cmdutil.AddJsonFilenameFlag(newExec.Flags(), &options.FilenameOptions.Filenames, "to use to exec into the resource")
+
+	cmdutil.AddContainerVarFlags(newExec, &options.ContainerName, options.ContainerName)
+	cmdutil.CheckErr(newExec.RegisterFlagCompletionFunc("container", completion.ContainerCompletionFunc(f)))
+
+	newExec.Flags().BoolVarP(&roptions.ExecOptions.Stdin, "stdin", "i", roptions.ExecOptions.Stdin, "Pass stdin to the container")
+	newExec.Flags().BoolVarP(&roptions.ExecOptions.TTY, "tty", "t", roptions.ExecOptions.TTY, "Stdin is a TTY")
+	newExec.Flags().BoolVarP(&roptions.ExecOptions.Quiet, "quiet", "q", roptions.ExecOptions.Quiet, "Only print output from the remote session")
+
+	cmds.AddCommand(newExec)
+
+	cmds.Execute()
+}
+
+type RexecOptoins struct {
+	*cmdexec.ExecOptions
+}
+
+func NewRexecOptions(e *cmdexec.ExecOptions) *RexecOptoins {
+	r := RexecOptoins{e}
+	return &r
+}
+
+// mostly copy paste of the upstream Run() command
+// with the minimal adjustment to call a different
+// endpoint
+func (r *RexecOptoins) rexecRun() error {
+	var err error
+	if len(r.PodName) != 0 {
+		r.Pod, err = r.PodClient.Pods(r.ExecOptions.Namespace).Get(context.TODO(), r.ExecOptions.PodName, metav1.GetOptions{})
+		if err != nil {
+			return err
+		}
+	} else {
+		builder := r.ExecOptions.Builder().
+			WithScheme(scheme.Scheme, scheme.Scheme.PrioritizedVersionsAllGroups()...).
+			FilenameParam(r.ExecOptions.EnforceNamespace, &r.ExecOptions.FilenameOptions).
+			NamespaceParam(r.ExecOptions.Namespace).DefaultNamespace()
+		if len(r.ExecOptions.ResourceName) > 0 {
+			builder = builder.ResourceNames("pods", r.ExecOptions.ResourceName)
+		}
+
+		obj, err := builder.Do().Object()
+		if err != nil {
+			return err
+		}
+
+		if meta.IsListType(obj) {
+			return fmt.Errorf("cannot exec into multiple objects at a time")
+		}
+
+		r.ExecOptions.Pod, err = r.ExecutablePodFn(MatchVersionKubeConfigFlags, obj, r.ExecOptions.GetPodTimeout)
+		if err != nil {
+			return err
+		}
+	}
+
+	pod := r.ExecOptions.Pod
+
+	if pod.Status.Phase == corev1.PodSucceeded || pod.Status.Phase == corev1.PodFailed {
+		return fmt.Errorf("cannot exec into a container in a completed pod; current phase is %s", pod.Status.Phase)
+	}
+
+	containerName := r.ExecOptions.ContainerName
+	if len(containerName) == 0 {
+		container, err := podcmd.FindOrDefaultContainerByName(pod, containerName, r.ExecOptions.Quiet, r.ExecOptions.ErrOut)
+		if err != nil {
+			return err
+		}
+		containerName = container.Name
+	}
+
+	t := r.ExecOptions.SetupTTY()
+
+	var sizeQueue remotecommand.TerminalSizeQueue
+	if t.Raw {
+		sizeQueue = t.MonitorSize(t.GetSize())
+
+		r.ExecOptions.ErrOut = nil
+	}
+
+	fn := func() error {
+		restClient, err := restclient.RESTClientFor(r.Config)
+		if err != nil {
+			return err
+		}
+
+		req := restClient.Post().RequestURI(fmt.Sprintf("apis/audit.adyen.internal/v1beta1/namespaces/%s/pods/%s/exec", pod.Namespace, pod.Name))
+		req.VersionedParams(&corev1.PodExecOptions{
+			Container: containerName,
+			Command:   r.ExecOptions.Command,
+			Stdin:     r.ExecOptions.Stdin,
+			Stdout:    r.ExecOptions.Out != nil,
+			Stderr:    r.ExecOptions.ErrOut != nil,
+			TTY:       t.Raw,
+		}, scheme.ParameterCodec)
+
+		return r.ExecOptions.Executor.Execute(req.URL(), r.ExecOptions.Config, r.ExecOptions.In, r.ExecOptions.Out, r.ExecOptions.ErrOut, t.Raw, sizeQueue)
+	}
+
+	if err := t.Safe(fn); err != nil {
+		return err
+	}
+
+	return nil
+}
diff --git a/renovate.json b/renovate.json
new file mode 100644
index 0000000..bbd0e77
--- /dev/null
+++ b/renovate.json
@@ -0,0 +1,10 @@
+{
+    "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+    "extends": ["config:base"],
+    "internalChecksFilter": "strict",
+    "updateNotScheduled": false,
+    "minimumReleaseAge": "21 days",
+    "pre-commit": {
+        "enabled": true
+    }
+}
\ No newline at end of file
diff --git a/rexec/main.go b/rexec/main.go
new file mode 100644
index 0000000..7ae6a9a
--- /dev/null
+++ b/rexec/main.go
@@ -0,0 +1,26 @@
+package main
+
+import (
+	"github.com/adyen/kubectl-rexec/rexec/server"
+	"github.com/spf13/cobra"
+)
+
+func main() {
+
+	cmd := &cobra.Command{
+		Use: "rexec-server",
+		Run: func(cmd *cobra.Command, args []string) {
+			server.Init()
+			server.Server()
+		},
+	}
+	cmd.Flags().BoolVar(&server.AuditFullTraceLog, "audit-trace", false, "if set all keystrokes will be logged")
+	cmd.Flags().BoolVar(&server.SysDebugLog, "sys-debug", false, "if set more system logs will be produces")
+	cmd.Flags().StringArrayVar(&server.ByPassedUsers, "by-pass-user", []string{}, "allow user to bypass webhook restriction")
+	cmd.Flags().StringVar(&server.SecretSauce, "by-pass-shared-key", "", "shared key between apiservice and validatingwebhook")
+	cmd.Flags().IntVar(&server.MaxStokesPerLine, "max-strokes-per-line", 0, "set how much keystores can be held in the async audit before flush")
+	err := cmd.Execute()
+	if err != nil {
+		server.SysLogger.Fatal().Msg(err.Error())
+	}
+}
diff --git a/rexec/server/async.go b/rexec/server/async.go
new file mode 100644
index 0000000..78da5be
--- /dev/null
+++ b/rexec/server/async.go
@@ -0,0 +1,52 @@
+package server
+
+// asyncAuditor will try to make merged commads out of keystrokes
+func asyncAuditor() {
+	SysLogger.Debug().Msg("starting asyncAuditor")
+	for {
+		audit, ok := <-asyncAuditChan
+		if !ok {
+			SysLogger.Debug().Msg("channel closed, stopping asyncAuditor")
+			break
+		}
+		storeOrFlush(audit)
+	}
+}
+
+// storeOrFlush will push keystrokes into a byte slice and
+// flush it upen enter or a certain limit
+func storeOrFlush(audit asyncAudit) {
+	for _, ascii := range audit.ascii {
+		switch ascii {
+		case 0:
+			// nothing
+		case 8, 127:
+			commandSync.Lock()
+			if len(commandMap[audit.ctxid]) > 0 {
+				commandMap[audit.ctxid] = commandMap[audit.ctxid][:len(commandMap[audit.ctxid])-1]
+			}
+			commandSync.Unlock()
+		case 13:
+			commandSync.Lock()
+			logCommand(string(commandMap[audit.ctxid]), userMap[audit.ctxid], audit.ctxid)
+			commandMap[audit.ctxid] = nil
+			commandSync.Unlock()
+		default:
+			commandSync.Lock()
+			// to prevent oom kills by shoving too much input into one line
+			// we flush after the amount of strokes set in MaxStokesPerLine
+			if len(commandMap[audit.ctxid]) > MaxStokesPerLine {
+				logCommand(string(commandMap[audit.ctxid]), userMap[audit.ctxid], audit.ctxid)
+				commandMap[audit.ctxid] = nil
+			}
+			commandMap[audit.ctxid] = append(commandMap[audit.ctxid], ascii)
+			commandSync.Unlock()
+		}
+
+	}
+}
+
+type asyncAudit struct {
+	ctxid string
+	ascii []byte
+}
diff --git a/rexec/server/config.go b/rexec/server/config.go
new file mode 100644
index 0000000..c978a07
--- /dev/null
+++ b/rexec/server/config.go
@@ -0,0 +1,96 @@
+package server
+
+import (
+	"crypto/x509"
+	"os"
+	"sync"
+
+	"github.com/google/uuid"
+	"github.com/rs/zerolog"
+)
+
+var token string
+var proxyMap map[string]bool
+var userMap map[string]string
+var mapSync sync.Mutex
+var SysLogger zerolog.Logger
+var auditLogger zerolog.Logger
+var SysDebugLog bool
+var AuditFullTraceLog bool
+var CAPool *x509.CertPool
+var asyncAuditChan chan asyncAudit
+var commandMap map[string][]byte
+var commandSync sync.Mutex
+var SecretSauce string
+var ByPassedUsers []string
+var MaxStokesPerLine int
+
+func Init() {
+	var sysLogLevel zerolog.Level
+	sysLogLevel = zerolog.FatalLevel
+	if SysDebugLog {
+		sysLogLevel = zerolog.DebugLevel
+	}
+
+	var auditLogLevel zerolog.Level
+	auditLogLevel = zerolog.InfoLevel
+	if AuditFullTraceLog {
+		auditLogLevel = zerolog.TraceLevel
+	}
+
+	logger := zerolog.New(os.Stdout).With().Timestamp().Logger()
+
+	SysLogger = logger.With().Str("facility", "sys").Logger().Level(sysLogLevel)
+	auditLogger = logger.With().Str("facility", "audit").Logger().Level(auditLogLevel)
+	rawCaCert, err := os.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/ca.crt")
+	if err != nil {
+		logger.Fatal().Err(err)
+	}
+	CAPool = x509.NewCertPool()
+	CAPool.AppendCertsFromPEM(rawCaCert)
+	rawToken, err := os.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/token")
+	if err != nil {
+		logger.Fatal().Err(err)
+	}
+	token = string(rawToken)
+	proxyMap = make(map[string]bool)
+	userMap = make(map[string]string)
+	commandMap = make(map[string][]byte)
+	asyncAuditChan = make(chan asyncAudit)
+
+	if SecretSauce == "" {
+		SecretSauce = uuid.New().String()
+	}
+	if SecretSauce != "" {
+		_, err = uuid.Parse(SecretSauce)
+		if err != nil {
+			logger.Fatal().Err(err)
+		}
+	}
+	if MaxStokesPerLine == 0 {
+		MaxStokesPerLine = 2000
+	}
+
+	go asyncAuditor()
+}
+
+func logCommand(command, user, ctxid string) {
+	auditLogger.Info().Str("user", user).Str("session", ctxid).Str("command", command).Msg("")
+}
+
+var httpSpec = `
+{
+  "kind": "APIResourceList",
+  "apiVersion": "v1",
+  "groupVersion": "audit.adyen.internal/v1beta1",
+  "resources": []
+}
+`
+
+var httpForbidden = `
+No User found
+`
+
+var httpInternalError = `
+Internal errror
+`
diff --git a/rexec/server/parser.go b/rexec/server/parser.go
new file mode 100644
index 0000000..b13a86f
--- /dev/null
+++ b/rexec/server/parser.go
@@ -0,0 +1,68 @@
+package server
+
+import (
+	"encoding/binary"
+	"errors"
+)
+
+type webSocketFrame struct {
+	Fin     bool
+	Opcode  byte
+	Mask    bool
+	Payload []byte
+}
+
+// parseWebSocketFrame is for parsing websocket traffic
+func parseWebSocketFrame(data []byte) (*webSocketFrame, error) {
+	if len(data) < 2 {
+		return nil, errors.New("data too short to be a WebSocket frame")
+	}
+
+	fin := data[0]&0x80 != 0
+	opcode := data[0] & 0x0F
+
+	mask := data[1]&0x80 != 0
+	payloadLen := int(data[1] & 0x7F)
+
+	var offset int
+	switch payloadLen {
+	case 126:
+		if len(data) < 4 {
+			return nil, errors.New("data too short for extended payload length")
+		}
+		payloadLen = int(binary.BigEndian.Uint16(data[2:4]))
+		offset = 4
+	case 127:
+		if len(data) < 10 {
+			return nil, errors.New("data too short for extended payload length")
+		}
+		payloadLen = int(binary.BigEndian.Uint64(data[2:10]))
+		offset = 10
+	default:
+		offset = 2
+	}
+
+	if mask {
+		offset += 4
+	}
+
+	var maskingKey []byte
+	if mask {
+		maskingKey = data[offset-4 : offset]
+	}
+
+	payload := data[offset:]
+
+	if mask {
+		for i := 0; i < len(payload); i++ {
+			payload[i] ^= maskingKey[i%4]
+		}
+	}
+
+	return &webSocketFrame{
+		Fin:     fin,
+		Opcode:  opcode,
+		Mask:    mask,
+		Payload: payload,
+	}, nil
+}
diff --git a/rexec/server/server.go b/rexec/server/server.go
new file mode 100644
index 0000000..6fd445e
--- /dev/null
+++ b/rexec/server/server.go
@@ -0,0 +1,258 @@
+package server
+
+import (
+	"context"
+	"crypto/tls"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net"
+	"net/http"
+	"net/http/httputil"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/google/uuid"
+	"github.com/gorilla/mux"
+	admissionv1 "k8s.io/api/admission/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+func Server() {
+	// creating a mux router
+	r := mux.NewRouter()
+
+	// handling rexec request to handler
+	r.HandleFunc("/apis/audit.adyen.internal/v1beta1/namespaces/{namespace}/pods/{pod}/exec", rexecHandler)
+	// returning some dummy json making kubeapiserver happier
+	r.HandleFunc("/apis/audit.adyen.internal/v1beta1", func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(http.StatusOK)
+		w.Write([]byte(httpSpec))
+	})
+	// handle native pod exec through a validating webhook
+	r.HandleFunc("/validate-exec", execHandler)
+
+	// start tls listener
+	http.ListenAndServeTLS(":8443", "/etc/pki/rexec/tls.crt", "/etc/pki/rexec/tls.key", r)
+}
+
+// rexecHandler is responsible for rewrite the request to an exec request
+// and proxy it back to k8s api
+func rexecHandler(w http.ResponseWriter, r *http.Request) {
+	// parsing for vars
+	pathParams := mux.Vars(r)
+	namespace := pathParams["namespace"]
+	pod := pathParams["pod"]
+	user := r.Header.Get("X-Remote-User")
+
+	// if any of the mimimal parameters are missing we should bail
+	if user == "" || namespace == "" || pod == "" {
+		w.WriteHeader(http.StatusForbidden)
+		w.Write([]byte(httpForbidden))
+		return
+	}
+	r.Header.Add("Kubectl-Command", "kubectl exec")
+
+	// adding the service account token we are using for impersonating
+	r.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
+
+	// add user to impersonation header
+	r.Header.Add("Impersonate-User", user)
+
+	// adding all passed groups as impersonation groups
+	groups := r.Header.Values("X-Remote-Group")
+	for _, group := range groups {
+		r.Header.Add("Impersonate-Group", group)
+	}
+
+	// for the webhook service part we need to signal somehow
+	// that we are allowed to do execs, coming through this endpoint
+	// so we pass a custom shared key through the `Impersonate-Extra-Secret-Sauce`
+	// header which will end up in `admissionReview.Request.UserInfo.Extra`
+	r.Header.Add("Impersonate-Extra-Secret-Sauce", SecretSauce)
+
+	// template old and new url pathes and replace them in the url
+	newPath := fmt.Sprintf("api/v1/namespaces/%s/pods/%s/exec", namespace, pod)
+	oldPath := fmt.Sprintf("apis/audit.adyen.internal/v1beta1/namespaces/%s/pods/%s/exec", namespace, pod)
+	r.URL.Path = strings.ReplaceAll(r.URL.Path, oldPath, newPath)
+	r.URL.RawPath = strings.ReplaceAll(r.URL.RawPath, oldPath, newPath)
+	r.Host = "kubernetes.default.svc.cluster.local:443"
+
+	params, err := url.ParseQuery(r.URL.RawQuery)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		w.Write([]byte(httpInternalError))
+		return
+	}
+
+	// first fetching the command parameters from the url params to check what commands were passed
+	// initially to the container
+	var initialCommand []string
+	needsRecording := false
+	for key, value := range params {
+		if key == "command" {
+			initialCommand = append(initialCommand, value...)
+		}
+		// we also check wether tty was requested, if so we will need to record the session
+		if key == "tty" {
+			needsRecording = true
+		}
+	}
+
+	if !needsRecording {
+		// if we dont need any recording, we just pass the request back to the kube apiserver
+		url, _ := url.Parse("https://kubernetes.default.svc.cluster.local:443")
+		proxy := httputil.NewSingleHostReverseProxy(url)
+
+		proxy.Transport = &http.Transport{
+			DisableKeepAlives:  true,
+			DisableCompression: true,
+			TLSClientConfig: &tls.Config{
+				RootCAs: CAPool,
+			},
+		}
+
+		// Log initial command as an audit event
+		// as oneoff, since we dont do tty so there
+		// wont be a recording and a session id
+		logCommand(strings.Join(initialCommand, " "), user, "oneoff")
+
+		proxy.FlushInterval = -1
+
+		proxy.ServeHTTP(w, r)
+	} else {
+		// in the case of recoding we will pass the request through a tcp proxy to make it easier
+		// to actually monitor what is being typed in to the shell
+
+		// we begin to generate a uuid for the session and we set it as the id of a context
+		// we will use this id to keep track what use the session belongs to
+		ctxid := uuid.New().String()
+		ctx := context.WithValue(r.Context(), "sessionID", ctxid)
+
+		// we save the session id into a map with the user's identity
+		mapSync.Lock()
+		userMap[ctxid] = user
+		mapSync.Unlock()
+
+		// we set the previously generated context to the request
+		r.WithContext(ctx)
+
+		// Log initial command as an audit event
+		// with sessin id
+		logCommand(strings.Join(initialCommand, " "), user, ctxid)
+
+		// we start up a tcp forwarder for the session
+		go tcpForwarder(ctx)
+
+		// we need to wait a bit until the listener is actually there
+		// probably there are 10 more sophisticated ways to do this
+		// but it is not important now
+		err = waitForListener(ctxid)
+		if err != nil {
+			SysLogger.Error().Err(err).Msg("waiting for listener")
+			w.WriteHeader(http.StatusInternalServerError)
+			w.Write([]byte(httpInternalError))
+			return
+		}
+
+		// url does not really matter we are going through the socket anyway
+		url, _ := url.Parse("http://localhost:8080")
+		proxy := httputil.NewSingleHostReverseProxy(url)
+
+		proxy.Transport = &http.Transport{
+			DisableKeepAlives:  true,
+			DisableCompression: true,
+			// we are forcing the reverse proxy to go through our socket
+			DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
+				return net.Dial("unix", fmt.Sprintf("/%s", ctxid))
+			},
+		}
+
+		proxy.FlushInterval = -1
+
+		proxy.ServeHTTP(w, r)
+	}
+}
+
+// execHandler is responsible auditing exec request and allowing
+// the ones coming through rexec api along with allowlisted users
+func execHandler(w http.ResponseWriter, r *http.Request) {
+	if r.Header.Get("Content-Type") != "application/json" {
+		http.Error(w, "Invalid content type", http.StatusUnsupportedMediaType)
+		return
+	}
+
+	var admissionReview admissionv1.AdmissionReview
+	if err := json.NewDecoder(r.Body).Decode(&admissionReview); err != nil {
+		http.Error(w, fmt.Sprintf("Failed to decode request: %v", err), http.StatusBadRequest)
+		return
+	}
+
+	response := admissionv1.AdmissionResponse{
+		UID: admissionReview.Request.UID,
+	}
+
+	canPass := canPass(admissionReview)
+
+	if admissionReview.Request.Kind.Kind == "PodExecOptions" {
+		response.Allowed = canPass
+		if !canPass {
+			response.Result = &metav1.Status{
+				Message: "cannot use exec directly, use rexec plugin instead",
+			}
+		}
+	} else {
+		response.Allowed = true
+	}
+	admissionReview.Response = &response
+	respBytes, err := json.Marshal(admissionReview)
+	if err != nil {
+		http.Error(w, fmt.Sprintf("Failed to encode response: %v", err), http.StatusInternalServerError)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.Write(respBytes)
+}
+
+// waitForListener is simly check wether the personnal tcp
+// forwarder ready or not, if it is not there after 5 secs
+// it bails
+func waitForListener(listener string) error {
+	// again, super lazy but it is fine for now
+	for i := 0; i < 5; i++ {
+		if proxyMap[listener] {
+			SysLogger.Debug().Msgf("socket became ready on try %d", i)
+			return nil
+		}
+		SysLogger.Debug().Msgf("waiting for socket on try %d", i)
+		time.Sleep(1 * time.Second)
+	}
+	return errors.New("socket was not ready in time")
+}
+
+// canPass checks wether the exec request is allowed
+// or not
+func canPass(rv admissionv1.AdmissionReview) bool {
+	// check for users that have a bypass for validating
+	for _, user := range ByPassedUsers {
+		if user == rv.Request.UserInfo.Username {
+			return true
+		}
+	}
+
+	// we will check for shared key so we can validate the request was
+	// coming through the rexec endpoint
+	sauce, ok := rv.Request.UserInfo.Extra["secret-sauce"]
+	if ok {
+		if len(sauce) > 0 {
+			for _, sauce := range sauce {
+				if sauce == SecretSauce {
+					return true
+				}
+			}
+		}
+	}
+	return false
+}
diff --git a/rexec/server/tcp.go b/rexec/server/tcp.go
new file mode 100644
index 0000000..d212c9a
--- /dev/null
+++ b/rexec/server/tcp.go
@@ -0,0 +1,133 @@
+package server
+
+import (
+	"context"
+	"crypto/tls"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"net"
+	"os"
+	"strings"
+
+	"github.com/rs/zerolog"
+)
+
+const (
+	targetAddress = "kubernetes.default.svc.cluster.local:443"
+)
+
+func tcpForwarder(ctx context.Context) {
+	lc := net.ListenConfig{}
+
+	ctxid := ctx.Value("sessionID").(string)
+	socketPath := fmt.Sprintf("/%s", ctxid)
+
+	// we setup a unix listener for the specific session
+	listener, err := lc.Listen(ctx, "unix", socketPath)
+	if err != nil {
+		SysLogger.Error().Err(err).Msgf("failed to start listener for %d", ctxid)
+		return
+	}
+	defer listener.Close()
+
+	SysLogger.Debug().Msgf("starting personal tcp forwarer at " + socketPath)
+
+	// in a cheap manner we signer back that it is ready
+	mapSync.Lock()
+	proxyMap[ctxid] = true
+	mapSync.Unlock()
+	halt := false
+	for {
+		client, err := listener.Accept()
+		if err != nil {
+			SysLogger.Error().Err(err).Msgf("failed to accept connection at %d", ctxid)
+			continue
+		}
+
+		// we pass the actual tcp connection
+		go handleTcpConnection(client, ctxid)
+		select {
+		// once the http session is gone we stop the listener
+		case <-ctx.Done():
+			SysLogger.Debug().Msgf("stopping personal tcp forwarer at " + socketPath)
+			halt = true
+		}
+		if halt {
+			break
+		}
+	}
+	// once the http session is gone, the socket and the user and proxymaps are getting cleaned up
+	os.Remove(socketPath)
+	mapSync.Lock()
+	delete(proxyMap, ctxid)
+	delete(userMap, ctxid)
+	mapSync.Unlock()
+
+	commandSync.Lock()
+	delete(commandMap, ctxid)
+	commandSync.Unlock()
+}
+
+func handleTcpConnection(client net.Conn, ctxid string) {
+	// setting up the upstream connection
+	target, err := tls.Dial("tcp", targetAddress, &tls.Config{RootCAs: CAPool})
+	if err != nil {
+		SysLogger.Error().Err(err).Msgf("failed to connect to upstream at %d", ctxid)
+		client.Close()
+		return
+	}
+	defer target.Close()
+
+	// we are creating an instance of TCPLogger
+	// which implements net.conn and custom logging
+	// with the context of the user we are logging
+	// traffic for
+	tcpLogger := &TCPLogger{Conn: target, ctxid: ctxid}
+
+	// on the way toward the target we send the traffic
+	// through the tcp logger
+	go io.Copy(tcpLogger, client)
+	// on the way back however we dont want to log anything
+	io.Copy(client, target)
+	client.Close()
+}
+
+type TCPLogger struct {
+	net.Conn
+	ctxid string
+}
+
+func (t *TCPLogger) Read(b []byte) (n int, err error) {
+	n, err = t.Conn.Read(b)
+	return
+}
+
+func (t *TCPLogger) Write(b []byte) (n int, err error) {
+	n, err = t.Conn.Write(b)
+	if n > 0 {
+		// we need parse the websockter frame
+		frame, err := parseWebSocketFrame(b)
+		if err != nil {
+			SysLogger.Error().Err(err).Msg("failed to parse ws frame")
+		}
+		if frame != nil {
+			// if it is opscode 0x2 we log out
+			// activities
+			if frame.Opcode == 0x2 {
+				if auditLogger.GetLevel() == zerolog.TraceLevel {
+					stroke, err := hex.DecodeString(fmt.Sprintf("%x", frame.Payload))
+					SysLogger.Error().Err(err).Msg("failed to parse payload")
+
+					auditLogger.Trace().Str("user", userMap[t.ctxid]).Str("session", t.ctxid).Str("stroke", strings.ReplaceAll(string(stroke), "\u0000", "")).Msg("")
+					asyncAuditChan <- asyncAudit{
+						ctxid: t.ctxid,
+						ascii: frame.Payload,
+					}
+				}
+
+			}
+		}
+	}
+	return
+}