From bb1f1d193df4fc71b6c4488cc718f08a54a51f72 Mon Sep 17 00:00:00 2001
From: actions <actions@github.com>
Date: Fri, 26 Feb 2021 18:55:49 +0000
Subject: [PATCH] Generated changes

---
 .../artifactory-ha/artifactory-ha-4.7.600.tgz | Bin 0 -> 156835 bytes
 assets/index.yaml                             |  31 +-
 charts/artifactory-ha/CHANGELOG.md            | 161 +++++++-
 charts/artifactory-ha/Chart.yaml              |  16 +-
 charts/artifactory-ha/README.md               | 378 ++----------------
 charts/artifactory-ha/UPGRADE_NOTES.md        |   6 +-
 .../charts/postgresql/Chart.yaml              |   6 +-
 .../charts/postgresql/README.md               | 136 ++++++-
 .../postgresql/charts/common/.helmignore      |  22 +
 .../postgresql/charts/common/Chart.yaml       |  22 +
 .../charts/postgresql/charts/common/README.md | 274 +++++++++++++
 .../charts/common/templates/_capabilities.tpl |  22 +
 .../charts/common/templates/_errors.tpl       |  20 +
 .../charts/common/templates/_images.tpl       |  43 ++
 .../charts/common/templates/_labels.tpl       |  18 +
 .../charts/common/templates/_names.tpl        |  32 ++
 .../charts/common/templates/_secrets.tpl      |  49 +++
 .../charts/common/templates/_storage.tpl      |  23 ++
 .../charts/common/templates/_tplvalues.tpl    |  13 +
 .../charts/common/templates/_utils.tpl        |  26 ++
 .../charts/common/templates/_validations.tpl  | 219 ++++++++++
 .../charts/common/templates/_warnings.tpl     |  14 +
 .../postgresql/charts/common/values.yaml      |   3 +
 .../postgresql/ci/commonAnnotations.yaml      |   3 +
 .../charts/postgresql/requirements.lock       |   6 +
 .../charts/postgresql/requirements.yaml       |   4 +
 .../charts/postgresql/templates/NOTES.txt     |   9 +-
 .../charts/postgresql/templates/_helpers.tpl  |  91 ++++-
 .../postgresql/templates/configmap.yaml       |   8 +-
 .../templates/extended-config-configmap.yaml  |   8 +-
 .../templates/initialization-configmap.yaml   |   8 +-
 .../templates/metrics-configmap.yaml          |   8 +-
 .../postgresql/templates/metrics-svc.yaml     |  13 +-
 .../postgresql/templates/networkpolicy.yaml   |  14 +-
 .../templates/podsecuritypolicy.yaml          |  37 ++
 .../postgresql/templates/prometheusrule.yaml  |  14 +-
 .../charts/postgresql/templates/role.yaml     |  19 +
 .../postgresql/templates/rolebinding.yaml     |  19 +
 .../charts/postgresql/templates/secrets.yaml  |   8 +-
 .../postgresql/templates/serviceaccount.yaml  |  10 +-
 .../postgresql/templates/servicemonitor.yaml  |  14 +-
 .../templates/statefulset-slaves.yaml         |  92 +++--
 .../postgresql/templates/statefulset.yaml     | 103 ++++-
 .../postgresql/templates/svc-headless.yaml    |  11 +-
 .../charts/postgresql/templates/svc-read.yaml |  14 +-
 .../charts/postgresql/templates/svc.yaml      |  14 +-
 .../charts/postgresql/values-production.yaml  |  96 ++++-
 .../charts/postgresql/values.schema.json      |   4 +-
 .../charts/postgresql/values.yaml             | 100 +++--
 .../artifactory-ha/ci/access-tls-values.yaml  |   6 +-
 charts/artifactory-ha/ci/default-values.yaml  |   3 +
 charts/artifactory-ha/ci/global-values.yaml   |  47 +++
 .../ci/migration-disabled-values.yaml         |   3 +
 charts/artifactory-ha/questions.yml           |   2 +-
 charts/artifactory-ha/requirements.lock       |   6 +-
 charts/artifactory-ha/requirements.yaml       |   2 +-
 .../artifactory-ha/security-mitigation.yaml   |  20 +
 charts/artifactory-ha/templates/_helpers.tpl  | 165 ++++++++
 .../templates/additional-resources.yaml       |   3 +
 .../templates/artifactory-access-config.yaml  |   2 +-
 .../templates/artifactory-custom-secrets.yaml |   2 +-
 .../templates/artifactory-node-pdb.yaml       |   4 +-
 .../artifactory-node-statefulset.yaml         |  89 +++--
 .../templates/artifactory-primary-pdb.yaml    |  20 +
 .../artifactory-primary-statefulset.yaml      | 115 ++++--
 .../templates/artifactory-secrets.yaml        |  16 +-
 .../templates/artifactory-service.yaml        |  20 +-
 .../templates/artifactory-system-yaml.yaml    |   2 +
 charts/artifactory-ha/templates/ingress.yaml  |  51 ++-
 .../templates/nginx-certificate-secret.yaml   |   2 +-
 .../templates/nginx-deployment.yaml           |  23 +-
 .../artifactory-ha/templates/nginx-pvc.yaml   |   6 +-
 .../templates/nginx-service.yaml              |   2 +-
 charts/artifactory-ha/values.yaml             | 132 +++++-
 index.yaml                                    |  31 +-
 sha256sum/artifactory-ha/artifactory-ha.sum   |   6 +-
 76 files changed, 2349 insertions(+), 692 deletions(-)
 create mode 100644 assets/artifactory-ha/artifactory-ha-4.7.600.tgz
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/.helmignore
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/Chart.yaml
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/README.md
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_capabilities.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_errors.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_images.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_labels.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_names.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_secrets.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_storage.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_tplvalues.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_utils.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_validations.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/templates/_warnings.tpl
 create mode 100755 charts/artifactory-ha/charts/postgresql/charts/common/values.yaml
 create mode 100755 charts/artifactory-ha/charts/postgresql/ci/commonAnnotations.yaml
 create mode 100755 charts/artifactory-ha/charts/postgresql/requirements.lock
 create mode 100755 charts/artifactory-ha/charts/postgresql/requirements.yaml
 create mode 100755 charts/artifactory-ha/charts/postgresql/templates/podsecuritypolicy.yaml
 create mode 100755 charts/artifactory-ha/charts/postgresql/templates/role.yaml
 create mode 100755 charts/artifactory-ha/charts/postgresql/templates/rolebinding.yaml
 create mode 100644 charts/artifactory-ha/ci/global-values.yaml
 create mode 100644 charts/artifactory-ha/security-mitigation.yaml
 create mode 100644 charts/artifactory-ha/templates/additional-resources.yaml
 create mode 100644 charts/artifactory-ha/templates/artifactory-primary-pdb.yaml

diff --git a/assets/artifactory-ha/artifactory-ha-4.7.600.tgz b/assets/artifactory-ha/artifactory-ha-4.7.600.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..0ea201c47f4f93de8eeb5eaa7208e0d20fd7e3e6
GIT binary patch
literal 156835
zcmV)FK)=5qiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PMZ}dfPU#Fy6m)6{zf8+igfmj+1oNB<FQ(C-o+d{j;2Q`)v2P
z5D7_$NrDAH+uFqEIT!N2H+Qb&_uz{JKSjw-()O6oZex+aU;qpTGlRhlq#RG6#|fP~
zGuYdkLCW1Z41=%k?&<gY{l_~y^51^HU;KBly*>D9u+twr-rm{nKYsL8f3P#?Z+`{)
zcZfsnlQ0hHSN&VJRqWg!<bhE{IOLc_Y}f(7gB%8A>Uxm#0J)g-JR~RtBYy~DNO^>4
zWig5Z1Q~K77@{G_Q&k7X_(wz;CeaXF4mvQ7)1Ob=!M6Lj<0Ix#9CP{ZU4$<YWiSAz
zC?*UGFyIJAaEd5kNgNZ(aWn-m2tWwm6AEJJUBIb$Hz72HoIL>J1P4Cggai!0$On6e
zfFUa2x}6yjNX|Hq*|68Uy1H`TPpIe)340dmy$<#SKBgdrSMC(^Su#!-q8^Djiny#K
ztM@#ycvvrlj3e4(9F7CjD=e^pOiAvYc;Uv;v~z*xSA_a(*m3Of>o`C{?>N9mmn3GL
z5aNhK93d*pq7dR>2ynzW3<5;i|4BR30YJ@%T-M+ys|X+me}5^!R!$fr3H6W!Z#qB5
z5vOo&bvLHOPdwg}aGYHW!U-k4ON_3p>T29dgVnh-gs|g2aUb{loiDv0{+B%k^1OsW
zg4i8z0FC^A@OWqE$&(`gfB5*xJ^%k4&l=cA6PN@XsHqnWw7?DA&KfwIVFoY*5d6G*
z^u|$KmLnfbaDYUC7w8I71g>T%0^STpk{N4|GenUKekKWEGm->8xQNIVxSBx@<|F~4
zo=<Qz{kpRTc0CU<2KWq_+E<v*z=sdO{ZY~81)94o8DF3|xVh<crU4nlK<r&>0Ecjj
zPSF%IPUl156Ym01*KjUOvO*_G5R8yV5of9@01gP}rtWJrS6|=45Q*<=iiNtn>DC22
z7=bYY<PuTr`zQhl6Ma_rxSFpq*BVPeXxa<wwJR}lIh?AN-V%<6;F$V|0x|(HMH56(
z<RLKugRNo<V0)_>DtNe6!d|r`XBEbAfDr>QU_{Qon7eB=Obl!q(DH2tbgKh^!C(kJ
z+~`5H5K!a#p5W*;(m&MBnEuq?vXL&7Dt_=1#z}Y>VZKMqM)m?taWn)UJGCVWAAcl4
z5~Aw2M<j`O@zV(V$b+;15Zi4WiczVcw;l{)9HHSuA><51CA~+B{_uG$`xOU}i}f_L
zz8^*tG6WkRx_Xa2^t(gQ{Q(8xd4XYzg`p<b(B;id_W|fm5abC(tUCn%1Rv7h3ebse
zQq=bK^6y?GV?-mw5$mS(lp^FBECu+Rf8A_!I&0u1$%$ie5(H8Nqa*||#g~vHK-G%E
zh;^!#Uh~51tgQh{t^jP#I0}D;VIY?s#Xjn+Wz0#kF8>ln9`ZrLkO!IIAA<depOk?s
z7;y$T0Wl?)*hhlTU<$}pWWyG4JQ7XtG@(+?w4|}MHE=4{W1aXY>II2dtvw&JIDqrs
z-(Q{{zv@~2_;w`Q`c|;gPP*V_FRpNq^$nnF%;eB+>RGB@=@#lZ0@fBT$1mWBMv&u6
z6wDvk-7GP%OAISlkmhXYT0#ndmJUIHF9erP0wHgwU#XGV1ye!XbHRyJ4S?ihRSf`!
zJR$jmF$&0)n#KsAYZ%6Ib6Lz1E3w|*vU+=598*PRf;XBKP(O@iFhhZr*wMrwCJX^6
zkaE%qV+#6s4p@vlJejKjw43gL!i%AzWdwZ4;cGNEyX9Dtsg&eJ=f&R|yeJ67M(9xl
zIr7~OFqMaL@tl$XfftY=-)yX6d?*Pt9cNUWt$x9`eB!Yl^g|r=V8UmF;(tpWu}8<y
z>vhC`rM4)W9Rf}hu}e}CNRB4=meV9aa;d38E;!_1LV|!?soh-^)`NpR30&5sqM8EY
z02t#}lq9i!Azp24=szh+l@#+$=y%vdEPa6@KPEWh*_)X7=Eo(XW2^F1&WQT^3UY6j
z{t7VTax_N@z8FfeQM4aJjhF*fMdqm2owc=&{-i-x463FHd-g}UI%13yhFn$lZ~`L2
z0YhABy$YCEB?8<702Lt2z!XJ@3Zl`gTL7LUK_I_#6bgoqi~`vKz%~?!{l0^vDMd_<
zAc};l>kq*M2251aOX>ymE>PsFK~4*qj)8ZAE>j8-YyMEd1QdCMN^+hNCU)e1{!7wV
z!Vx`zd^QBVPEOd+FLTO!8E4UGev))2TrYr(4VCCqQH%%7fu2y5y8`>JETSbM4Iy74
zrsR6=jEO&Y82-1Y*B6xnI7UH+3#V{0!JZ>Ufs}(*e8N%si3esl1VPGe6od)mf=z@l
zN?;JA{6O$A!#Y?DJw+sPrKFM-kczmYxvj$krbRh5^7@Bdjn<aqlMv#_)wPtkwCnp=
zj5QSeQ_rJV&0-?bPm(Rj4yesZ@dF}CXfAFlcMMZkWF~~J2=OaIFJcm4Ps@-R0t~W7
z1>GYBLZDqTa7b#5i9bRC5-$u72*s*@qh?6I0zx`2Sw|!_r^GMXkn;(EwItHFYv5hv
zkuXGRr9y!(AW<;4p-R3amjVgHBoYh}Da9uyj0>Q@1z;0Tte>u4PiAdz>8VxS&C2Ns
zEcAD+s>f?~pGy#|&MB!)$ayw>R5sDjOx^HG%Gie-j)l}<1TnRY#iw^nZHQM8bD@bk
z{ul^xTohG%zY9i4j<)1S;tzI#<Bq8Cl28L$b0Pt9&u+xlghe~n6!<7ck&hxz3WC&T
z{+5AjjClk@Z0v#KfQ*e%(0s~Z_D&CW_m2+T&==c5_CCi~HOrLpv!X8AsO5r83Y!l>
zxlvh!!|4zVw%tc=-|^8H!^j!*9lHHUC?#ppcT8}e@)F8QoIu8|2=#}c+s%E*2D+~5
z!8I4->5K7K{SuokigtZp(3;>B-HmTHx*bJE*Lx(2l&mPe3?B6*SB-_{BdU3*daD6I
zG2uu3SGWU=oG{dkfbt=DwDWMg1GMU?K19SvDLtDNE|_wJ`8<8WNr0%?VkBE;0lY-F
z1Chx#sb)>lZway)a)?4Xx!p&D?IYYZue~@CBh&AP`c;5KTvcuGs#xiftkh9L#M|RD
zOE5T5GdBAF-l#1FGqr7i%`!uJCKuh-0|97G5^(fxbY`Sr!{U9jx_!hU4wQ)q5Sr8W
zq%I`zU>s83F?DR+*{AqY&6mPjv?oL#fpbEG2OvQ363MMhZVO_v0SaR-$S|QnzUGw_
zx20BNbuklAEXiB58Z$orSOJRlQg|SB0zN~`n6X5AOrdHD<r|*~L{t6Ybt+Bh7Mb0o
zKNcwYDB>6fOg5%q6<X9)Gb%DD$XQpbx=VfLSnD$-iVGyj#2-7Nl75>*eHj?0qW)rr
zekn9)(Cu^rGM%bEtjY`%HXoB~ivzk32kxNL$(b5D1w&TlDT%;PXr_SApw#t@CV7RF
zPM8@BIS~qm!dW!iyG-qHEA~U3qSzS4RFztj{Zh;=34#+PErG+yTf$E$VkqKDVB6Dj
zH;5@F6!STdVsN_g?G^<TLRG(_j8I9WWcjzpX9vImNAMblNvOme<SSAXdJB}aCq@WI
z$j@37`g`9zVsYpXdr}~moiGZKQ7(XjI?Pv;^q*?^W+ozKzm?*;R%B$scZF``M?lvw
zUr+Kl$^P!60BM%skKLG(7*URe)PMsdnB?y1+2PCGy|d%fpU;0dK04?j?)7p-rJf|9
z?7uikUmiyz!R?Yb-MnnRCpW?47)7~_@H^3ePC^fIJ!0ysE!tk6%_xFC8-i^;TtFxs
z6e`hY2sWVSp_uOpmGYU`K)M^Mrz2(IlT<-s6oC+Nialv@Q*!Jj#DQS_vWQJIPuwT&
zHQ3D70o#&n7>>!M)<w>U-mN9y{<X@yB^o_aZJIsiSFxae6$A9Egd$CHz**KNCr0vH
z4Y~t>)lfl>P^7027CVEFDN<d;Oe$wWh>_hF>q83eZ(oi8x<nCAV2~GLWw{@Ag>nmp
zh_sJsWpi=?3%ypB6uNX0FD@&Qe2I<mg~W65Z;2WKi2#D$EN@>`q}Ktm-f?triRj$W
zqhiQwV0X+&kZ>g1Q!gED63lDh=VL-R;}pidF^(XeGfpUSuS26z$cYQ2X|fVWQ;b78
zMSKXv3My#$D`R96Sb)8|!bq(cbz+d|Bbuc`EbZg=hzDdUC{OKbnPTq%D9v>aOnl7U
zfK2nRwKQ1%z>t>+R#jI~i@x>;YX?z<YCcM0uK9*T!6F=VE&iz~Q-QPfwT#$=N(T$S
zqGI}~Tq{Hz3XWM(EB#cir7TMob@YeY8k|Bj!57vCAJOq#{+2J^sF}5CA(ig4i9cON
z;2-oW<o$)>e!pDnk(BpaQ0$r9TfnAt`@s?1GIVQRyeZMI+KwDkz#1U^B_JLQgkYYH
zRb?~N;*b^E{L({rgr}OVGqX`r5`xF>wcsF6Tp?+Orc9lB%5jKD!biv>k=UajKF(yC
z1F=iX(*?<%rHM#vqBzRng2M=NkR7OSV*G)?-}hhaX+25K>Ct@jThKd#6vO>-@0da_
zFcMNsk!1FJs)Zrwh8I4jz==VR#JpD$IeV9o_9}U5Pt9^Kz~k?M=ijD2`0HQ6l@Okt
z<J*Agg>&{>;H09F^B!J8=aD;bcLwfzNK@J2y@w)h$=*VOkaa5|^b~|e(7T<E($IEo
zJEv{4VgOwuFVW{<6GD-g4<j!Z%8F&sbQrGpK&@J-q7FkmiBmdOY6s|Ao)zUYZE$mw
zuW({16n53J<3Xl+*g!P#T4q28Y_Qoz?ziLRe{+&}ITsMSHOu(phC+BffqVvTZhFR|
zZTCKfdugBd+l{3l>ibvMV%N59s-aiSn3Y^V_sb9moNz>!r;U2DkcXRd7zTe_3Nid)
zX&T{PPxW6O^rk%EsnE2Yga*%h+3<WJ;wg~^D{a<#XFZ!C<JjPv<8z^qFksI0HB7LX
z^M%=Js?TQRiUFEL((;tH2_OTM5Dqr65Bggv(N%iO<mpc1?*y1}2XXHU6Pyv5MKkD{
zTN5gc7$+28;s8z20rOy>cJWl{TAgCq4D^)CGt>XNR+Z1qo+{y&@v8t~n20Q5e`d*8
z!AWbIuep<ZUA`o;<s`6&wuQSOgr#o_;#*#X+y1T+g0hpBR+t)>jFVbEV>wc;?7Y(T
zk6>(}QdPXJRW<8{wlmMP#R#;V!@3Ewj}T{sTqv=#5x6dD%2u{gE>mcZqPDHsC9B&i
zlt|B~%}}Rngd2`1TVlWgyE$u?I{))!{lkeoMm(V?h7@JOHfHL~fk=5CJWz)R^7KNK
zS1?p1BaCG2JG%Y+CZ5jzNm}rP_=*(v0*J#**@;s3NNcpzZ>7#35g%Enwp~Y$mpl^F
ze{w?M6iNGL=5ATp+ng<I*%1{(G(!MI98=3Hp`y2+v8#F=T1J^4b|pW;RPLNfgnvtr
zJ{klUXzqf8qTwteK2ly7@)$=R6v5E0^tEcnxQrR^8$cp$FBEmWRPiD)iWmz36`Gzi
zL)YNpc2|Kofs6qx>1~FBP}SaW9O?37?E|SB?X&d{N4ul5gVXcZ2S49z=>F#20_O`|
z*<>@?+YAN)@^$AN@h0!*R^h;_8a+HZIX*qxeS0>vy}{K{qZ&0Mb)+DaHz3e{utNUz
zQ5=wYh$8-V32Nr1F2)hcxe)*+6tNjN)G9HV0BM)rjbr1(tVE#9KN-Bd<&%eJdonAe
z|4wiOME|6bR%(snPr_%?A5uB8NgJd!rKSFk5a;R)5;JqwqK`nB9#1`s+Shv7dC=7s
z&O++v4GtDOcSe4q#R}ppIhEV!73U!*R_k+C;~gbfnmo<PWZT?@f#M!)oI0~p%iI^`
zNvc2lki#K(o(Tx5=(#F-u0)8OC=){pL&Oms4An#rD!*>)uiFhcZr3BZ?W(5pcz(>9
zlIQf2RoR0EwzbrwiTiM(c8LelFH2LiD8fj9r0q~`j}hU3B6XM|ouecNB#|kqt%my7
z8#1+aAL~e=%BrRik$#p+j+cwc_y(Bc=yZ=a=Y^_5!VuMqZG>uX3f3Mgy<>>7Z(-zr
ztGrj&<O>-2>Zfyx<dG(hrhJC<^_yMMuqa2>M<l)GLaa@OIF?fE6Swd7-GTClNm9?8
zt}NNrr$E^ez3~80e`lV-r5!K89*UF?ss1xPDb>FP6Tph6=r?jL;t0e6#1RmxlPix^
z5tckmvLrpa2E3*grnr{&_c7qp77r(&a5`gG#!Pk*`47Y<D9LE7g$?8b$WmiV)%j}y
zt~`tk2o(A*<U+}nmRPqmba&yHU77%W{GRFyn#Wlvs!y&uU2(6&Kq71u*5Z3HEGaS>
zR2*r)YkAIX7)8fYR0{kMMsw+gm4OLiT-=N7`k7vm*BM+k8-kCH;U37F5zx)HXi-=l
zIcgQ8TL6M0zYPc^#zX^9Bl|{UZ&-TqTw1y!#6dE}5!37ZI6~T;R`PxIaYG&F%QB+Q
ziF{k!1|aoj_!2oJ@KX;KW<JVm$c`5v7|DZG`SJ>lMF-8#jSnAEk898k=Z<tda*a23
z7r5Z&W<&R_?l@q1lmETJ|C1X0?b#xXm#0gx8|i{!UNUXl&5Ufaj-n+2BR5$&dO*=7
zrX-SH#+PEE$I<~{2D!QBlW1pqo<w=i9!`Y#ML~p+Z&pL*vaA@6z8wl6lf{tV(cU8m
zS-U@)W{29GsP?AO!Re0&r|17TdUI~GWFdg+Rjs{wy5IG`8+6;$J=*=p`PmPr2fO>D
z0*Gzp5LyjkZ|`6<YN-6Ep{~{X!9UJUchC2Z-@ZJ2Re-Rl?NzF#b>1F`_8Y71zc@cR
zK7J$nxVv|D_~SvL_@FpGc8$aRH|6sA;zvK9j}G=u56;dH-u`(0<8BU}mpOlM#d}|)
z`6-&%lB@z0&b7qpM9{WCDw#C<dV%KpZ1{NpcnDtNYakZdajdy|h{7?VQvYUP(@Q8t
z5fA3d>K#)YLOM6{hQ1&u<xXE&y|as5Y6}B^%^*d-@tX?Bbc&;Cb{)VHMbmed=viZu
z&1!+08{7Hn@47Ea7tlu7eY>i5$?yV<BJPIp+VwKmuV;39s-WV3ZpxS3%=Ig4`@;uE
z2^*F6V>N1SI?ide5^iiBd9Ft&Iw2$&;eR8Eko_XxCY}KII?O}-N618_+-p%*?CKSj
zuM3s0RpsjzmEVWg>7|KWpF9$}EQ#Duh8PjNOq8W4BpkIY<_bwn_Fl9i-2hrQ;nEP_
zsy<^uT9vV&y64gdItNosuxwk!MUf@MY80?|99Y%X3!@t_v;?SBvMGcW$mE+M{JPnL
z37?^etLriC$H%VrEcLl)Q&FucAp@oZtlquE!7>;ar7RE1yv+lv9^v*K%p3x1MzeBw
zmEp;1QXpA)xfojBS2csK*-XXlC96es)va(zMLY=&hM@c2AA3XVeoRl^eLq!khg_k<
zfSVh~Dqt~3t6}5HrPo-mx>WfRi#|b9kDzb8`|6IXiwJ<wsSRddzRo(5Y3z%dHP>#e
zW<Pu=(S;f^8<?2^SA5FhY*4H$t+fTavE0-a+~G?zTjQ^r;Tqb0wV=hGS>g3-pcQb_
zsMG}4NPTQmDAlD>|JpKX3UQ%^qN`hq)ro6HE~%eyU2p5^)~?qDeJEp)`489QP*=ZV
zz#Er+wVQfPvndUh>trq1-tC~u!yOd7+-n+ZB_4sIZ+u%|RwV<?xT+dF8DcDT1O(dk
z?+8Z;M|rGGMOW8wwU3}K3qFG15|V9$YFiqvJRxeQ`}A|Mgp}Gi4K;8oW}v)g3Vp5J
zin<L0RAR4clWM4u&|o1yF4ifr<+?qj)EFyNi?d6b4b@V+c<n}DoTyi(Gy|Xwtu-(^
zisC@XJEX*~vo8jxvcIj>snUtq;l!Mw6=J`*<`(`5p<G|y+doc^&7?pPkSl5Xh7lO_
zw|4+!Ia>=&A|{O}Byyzpl#J0J!xVrqR%RgqhZO;Rtqd+%^WeMwciSBRayXfnrli$$
z`h8$ks{5W`e+UNshy4x!Q|oVzXow@}1NDkR51k;2iJy5b_w{JLNUy>@C|x8Qamdjm
z2}a76Zz2`w^Sy#Ima<?m#MQ~euQZ8vnGlVBl_MwLO_)4Z`PFzA{Ay2Gg8g5Wbs~$8
zA+LHubsgWwOnD|K+kLL>s%vl-_7C)F5@vwIX?ojSUc2O@f>W7&D0MbNmPI}_PC$zE
zVX(X^q;Q%@$Ee7gn*)XbU!urFIS>pJ%U>}iV|AfGe?Ji~>fFs^6)i*EVd%ja_bvz8
z(Xlr}FyJcq363zwFxW={oTrmK_)dAIPaqBwiUikYGZIK5sq|&nuj4$e=(jA99LR>!
zkr$wK$39s%{`MJq(c)gZyai!j;-bh;A|FQHd<Y&Yj%)isT|!!I67O14z>$zw!6}0N
zPZV=>9C`L7`0alG74Dd0EqM{roaX8S5Ki((YRW!bzQd)W)g7N5*ukstG$It~gI`VB
zDz1}U%OSi#Ac-rXDJ))OU;YsWCNxq<Z!LS!o1u}u&7Z&j>4{G#%72wgL07&}Bd>4b
znJpno!ZD)9lT=0-r1vfCupIInFY`(Q$}I_uloJuy%Pxyb&Z0fCAC$d}z*GCxbE}Sa
z9qT&Xs%qWt18_CN-pp_+2K;#hL+mL}T_G8oqf`YiiHu+PrggBrCDbF`RFnk40}zo?
zbJC3h;Iv1QlRW_5jF2=EfH^2nTSwFdU~?L80}_GVpGKk=F!CYwfez^;A-#Hi@IZV9
ze+6Q*A93hiZ0XPHpQ_$F-IP#A=IB0KRHlX$*IbJRVH^i@Sz3l35x5uVt#FzNQnv@y
zmb%G<d<j{y=JXtRf&-*|=CiPD=3_KT2X9KqRFqUGro?r{9QH8(%el;6{5zq@83$zC
z$;42r#oV$T=N5_`)h=DoHEULmls*@NnSqW_FoV?hh;L4;^Gz5Vc`BHp-xhixOF6k~
zb)lQd*-yWA9C=k$+u>8u4U-5s&hy18uicVpLj~4z)3|EVm@mBu%Tj*Ux>?Q+*w<^T
zcwj6~fgi|IS0k{9BKx~%yK*CbvAg&B-HC<sQ$<k5z3f?cr~BMeYo2;Dh$H)re5>b=
z0_;EQO6KKESXYvP_4_#}Ke98~xwtH=g0srWvoNb~kcr91(bP1U{%+BrDGO4F)h(L&
zq%fKyu+FjxdMi2d1F(+3@EJ%Vj)N@t=!$c0xcq_sCf~A;IO1Et$?2K7uCZk7lt<>n
zhYEa!qGX0kh=vZlf)sUoO?}UqPI3+ROsgfzsQmJ@r^%>OH>LG7RBXWBTA#PMSzwh1
zH#bjvIRHiI#jUwb3&lFJl@g#%^&nZVdp$7H(Pw1bK?HrdX0L>71Q@4~qv>4B(?<A8
zh5wYW6)Q~XyLQOyS5a|L1ST)g3|?YFpHq@V{wW#b=xHzap;$|zoqmlG^-#p&6uqPf
zjbiAbr@efUa<itB&$mTe>955@`FmWsz1~YgRVahpy4{rW>(+xb^pI4iQido5?=<LS
z?L02C=1T)DyC@nHbegtY2l8nzSH5O4@^g{nBu{&4&#|}7{CPoXQ`)}6O{w+v;&?&A
zIHJV`lD@Cwo%sdhQNq|;6%cTw7jg5_N#W$zM>U|vHDqCwuAUYg&0;TNzN?pB4t{_l
zj3WL9hnS1in)_W>Da6qzh7`SvrE4QSkXJ_u6##0#wciUZl3!-$d#d%8JT!HHX#nY8
z^)PhsoVoNOdDi_mi4f~5`_8kj)TJLZ!MNXGKg9+sMM1&5eI~<r%6Z7?N$HT~<KW~)
z#HY)USu?YhEXA2HXHd^oWi3HK&n3Q3d-Ct)dTUg1MRTikvy%SHvpYlHg)+82f7lmP
znf)%7)#uxX{&S9)3Th&N4xaY1FU30A*!5fn)Oy-8KPyK|fh!Les92vfBzTOgy%fd)
z@h;NUD&y$(n)kWNEv=0^Lu<t}uca4t(^v9qYG!Cq@9uZf-}z4ZX*We<UM$W?>3to@
z@+4El={#c$;zv{EGJqm!D@cX6wOcJ{+%B^c_E7xkw|>d`5eFf>24=lVt9m1kzn2k;
zBeL>xS!u)m#2fBiY@V%9&lyn_{`RY8k!ab-C_dz{mny9b#3+u!SiJA?Fn-!Izn1M^
zD~46OsUG^zbx|)MiEk=oEmz1rCO<@*(NVy)sn|6&<$6fL6yeJoCdX0GYER2IkXDr~
zWPplIj1%ud-Dq9DjjXP0!~#`p1<P2&e1(3PnzDryOliHP(TtaGA*-vHQwFL;Dv-~X
zhp%1Xp7vz*>hYImDz@qjsM^*XXmGcejh7LH)5EBu6ukS>2#g+rA0I9)0L%L3c<EVJ
zb9K>*UY(+~@<BoM_UWX%1ABM}LUR?k_5$=m3DAOiTOrT_wTc{=A8pgq+{-U61?IZ=
zIqf%hLKU}Fr*5xCeJb^7RjGRkQLH@mpFniF&FWm;NVKx1uoSEN(`pUPx74iW;1wG^
z{PAJ_P<3f0SRvIio;jt;e&=7wZWT)9fEdpOO9*O|tXc?5H3!J1rJOLdK+0+<IMp6m
zKc#4D21fm<xyiIN5M@ENz3iDvZOwvMPL^*Wo@dmR&nr{W&wK&dK)P<M_ig7%wR#b<
zk-RK7!ah2PJUW-z&tIeYVbxeS70)ngEVVR#^75{p*9v^n&$;%qw@bITC(tEF#7ET)
zX5VuyTCbN`DhWd}AXMa`y)2nZMa$I%pL3d^r@fkwWkd=$x0+!~f6yg>S1!+lp%aQ2
zo<=yD$`Q-Gk;9iSQ#wn)(@3U`J-CiBHO{jVRP`qbv!+(fyi0BUB_$ExmpSD$ODOTK
zieecRRDNBK{xT4+(fkBrTDc4>N-17iS=&Y|E59mUCn}}xYgDz5R28clAM5LKcqsq5
z5uQfKe@BB;6Sk?0N=?ZOo4Nw4AanxxY{cgQ()ms6&?%HFB2)al7?moGqn%GidhZ0R
ztfkke=y#@{w^qu($m!K*JAS#f=AB8JUtY)lYzp@MDarjQ$(K7NS(&}uTX9yh;^dgz
ztxi~^8oyX|Yk3_&L8Bx<H4>%y)E+ep*wbEGy*!CB+H6@>sQ6ImR*jNSQL#PFrMj9}
z7UEK=Q?Q4-S4<~!YmbCoOQ{Gpm=<=IR;?^)oLTmKPBqf@T+XtMw4A3U4JfUkwz9G;
zwV>LXvX%u_ZSSfi#HH|E#vrylz&fj0{Q_!x2B{jWHF;T{_!nsY0IaL{e8XpL0cQy-
zD{#zj7au;zMx@)j-ZR82)#A-fe$QyBE8YF+WqNb2q#KDZ;6*^j*+s9r(UY<^Q}={>
zy-Dg#6(e&CJ*pmB#g}_M>t4^Q9L?g;Y1+<`v{o>Rkq%vMZavFcX!cwGbEqG+H^XGX
z+%=Rz^R<-EaD@E%&yPR(;c<yL&F<4gdrR@j5~k4eND{RdFa=1lSX`^3T#z=PnnsLq
zdf7IV?K^FvWW`=q<4obV^XE$gGcP|#xvGk9<$&FR5|p;Jlp?g0Y$o5Vt$~+>f<}4F
zj#(h;WY;}S1P+}HCxmkV14d*Br7Y=(ydViYdFwMv(f~P>_jJcHPMx`zp(8)&EDz?g
z#^&4Ik*ujxnQZB>CNd7Tyu5Fqsi=3r$CT+<8;~Nv;6%pbk*EMD`6&pKfa5qoxga4j
zny_2$mbrLZeV0`QZ1+_x(;2w}A&g9vpZcNTM8#!s!KO|e0iJ=uR@S&qDsb}S9#iKe
zX&9Iz0bj>p;oi)oF3?&1E|Ch=l|hmLCtCz>b-~SzBl9Z9m!9)fBI*#a*=0J>vf$JN
z3xFAb1D%p)Gm*hasz-GQwzupy!?{TVnqt^r@O@DIy$Yqbgrgz&X@&zNqe?{x`G8*$
zG5jj>pA4HKU$6%m^_={eh2P*@#cI&et7O_JL&G>yRN+CH#L<L|5=~{48Oe|@G?3YE
zWWYGLW1)x?>@+V`F7lKvS8)ToB2cFtSQgZd{~#@~wgyINq6`SU84i3ab3U0Yo31m3
z?3-ws%jQ6|BPPii&jRF)v-p?|VU{!*sC2&VSfLdY=5PWO@xFaI0+6Kv29R&2T%|(F
zGKs-7^QNexqAROKEI6J#tHk2~f$>}gX?mTE5seT>X`4opu((t^vWO-bHvmThBbi_X
zdQu)aJP{LUA!Vl_YZ{Yi!dx6bTmSI(<>>tIMCKy{D#MNbOT|K!84tx=*wbV}l%^le
zbQI~LVFqU@v?ZrpRq|jAJ<R7Okd}HYiR?Jm;SOaM^mf!y5hf_-B5pC{pJpi1^z&-(
z1Sn%3E5zplD!jpFmUK@}jLdKmQ_QmTJtPX|hF4C#SgSg_O0rtG{B;Z>o$LojpqQ{r
zXFQa7%AtP=BTohxiW9C=-ATL4CPi@oJ!IZ-6!9%lMf{dJ0<)W>Xp&`Pnqodn#xh-p
znlza<h4qA(+f%96dW;L~3-jMQJ=onpI&edOtz!5U!P^<XOiIM`n~q2N(Rv5Khukj!
zKvzs~cL=)r;_bPXTDuQQC1Xn7BafeBUzC5E{d`_oSh{eWU!b|J@E_u7E-8vR;(2lK
z>hLW%IX(Pw_v`??KKNO_{U!Pj{XBd2OC(<%yxp%TR?&*eO>mAvhy#ty|9Nls!No9i
zr+O6hAc$$Jhh=rEvSTpev-5;vQOb~m2F&yo3rQEGM?}%>p7?JC98NA!R0O1|XfQCw
zOoEa{>rgQw^!fFp{@>0$MEQ9_0~_eo)m0IqM(uLY6BStfXe<Mik}=`E%YiGNZVqCa
zc|xl<L!E6+a7`mh=b;&{Yfd@xOhCnCOA}-&egt$r5AkHj4a1_q=S;nnqZ-4%Sz?(<
z-MmqO9t$9{+iBfgd+PFxl_{<rBhJTS(=NpZfxP;ZABM%~s{@^3#i-alf>$ipT|28$
z+STF|n(Zg&i8=(2jF8*p5IW4tq)waGyUeZ9ysUOdw4zzcBAGv7ew?b^0*ByX-ymD%
z#WyT{OC9OTpEBpReCXejt63hiN*Ayd2`ClyvVg)z@B#srPy|K~!LMfOR0P{!6>a>g
zbh59(2%&U;^NGh?c*R^8!he%UE^n1LHs}c@it*l*_9%>e<j%N`?k5R%co!=aUa@Ws
zx#bDkoP-bWdOep9sdKbuu_fzm(^9pMorj>i`_pL0`Qd1H&l&x&yZz{K*V3DIeIE+|
zFaXwBnNA@|lzhS-7Q=yMMRnF<H475eEQOEb*=u#s@3*J1e0<2%<YNZbGQAaE<<>-g
zHgkrkMI2A>;;L9wWMcBIidwm+^p3+5yK_th))Zpm)eLi_(hNqWFv})o=w`yuBnbeX
zm|(KzlN^s{ZwT~Xz(8;$ng-z<rD2%~fN3Vf!xOM~xPPinO;hbi8x@8!3#5TGlIiJB
zWx*l%=f<G#s{cLeJ>1@S0OX57`XUwfg?KAeqzNUV%FS%Dy#+Wzr6y$wle5otU7(bw
zXo{ojG)+kzUe7i@<j{JM!%1sZ4V_X*%gE!<1Zlr9DE=g^U@EDWmc@-4nWeteA55%q
z*%%n>)<8^105+w1nU>%bPA1p`GGMc@c!b%!rBPR9WlQ>BThocY(w{I;>`s&%rXQ=~
zYyTZyLO_&eCJlQkd#JIuyceHiN~H6!(Y4Dtm$TTiV;h2)IWsaE2^XB`v}0o8?fhf{
z)cZ8yml<u9@>wR6X$TKqjt&likCgS$2Zzy=3jE1fh}_b;d74JSH!G%74vk--+hGMN
zjgxG#gc*@?l_s5P;!$0?NUabqCOr+(^#UliRY~7gVMXtzP`+wR$@SbBCzA=HQlRLP
z$)ww|axMy!!y+8Vh!?dsZ<a(C$Uo;4Mr?xUIf^_Y13r@Id&3I@yW6s!&H<_{HDd%q
z7$q<W(uA*Ob)-4&U8}aEhcbtVljHop6o6c9e9RSOnNA9%#_JdpB@bAZhB`ADWU~%1
zGjpy&VCpFNGV3>m-UXsyf~1i4z`W43mB!DV1aN9`0Uc91-GJBDz=_PrBzA8^MPHXo
zp8WThluW-pL5Mn>IO5-L|FZqv$@a-#w*U6+KDmknpHX}uk6|g>gT3>wK*!6F@olL1
zc0{})4d04{%M{#}fLqhAkTlq=flJw0F9r`E{!Nv<F1_xQ=U1~?Ay26z8tmmGwy~7y
zBZ^dfV;_sjlR?MFh+iS3#wNB{y$m;AVE1clU{4y7unC}!DWHhSy;$XNP#cg*%Phkw
z`y@g#)4Bkmo2U`EgrKfV=<TGC(>Lp)-tY{{0>=mXOpGRxPCc7X1et?W4PW6Ez%dH4
z)l*7*kjiDqJ}oeeLkLbe!-BMwi!YWrT-y@?l!q(QsF^0;M(z~+dMRV`JK>zFlyFY<
zFgg8S4WqDeDXM#x{wDW+<?W{V9z}w<0pwutwXC37?4B}95A;xlI7-d1IwgdJeVP)0
zIoY%)MFZ4DEI|RtTp;PPlSZNtg@n$BpgVYlyV+|mPGmycewe-taEPm`ZdX**Ddz85
zn#y%FJ&gF7BxYoFg8opdEh_M`2A!=MQ3j65r5dSJqDr-`>yU{aOuN>bYthg2jh&%%
z2nLV!>-XXHLc4b?S<B!0gMRu-CId`=F%}ffWO5hI<*pRUi6n0;o1{tMo@Rs;!z-p7
zQ{<=MZ7@aLGGG}xHpFa*GMN+T{B|Q0s2pCJLju4_fGEsPG?c<HnczsCeq`E$^oEwl
z>UaXWrbJf?8)3}nT2S|QBaU}X{cNfK2m|bEX<zoa%gBUx1yktGAoaW7%Z&6Y7o}Q;
z=G>fthyWOI?3h-~Zm05hnfc}<CIOkwg%S+9`3=^jDwX1Qmg%pO(<=7flF?dw!T%~g
ztNOiw&6b(wwtQD)nYA3#-f92T9J44=+;hy|0mobeg)x&a>>*nNt(dIP(IDofgd?_0
zcLgzjNvJj}NT!g))w%6*Oh7rG;1DUpg-&Xxj#|eF4!D%?5mQ;{WSRGZ1Bmu?LNqSx
z8!n244pqN52w|59L7r!VwTghObC+3rgMMQZ_xED^;5ws7L?TCS9uExYZea)M+FM3M
zxZHu<@+S4C+okM`qH>~TdeAi4R;Q3-R4^n#12_`QRi+MATaa>fQ%U9&L?F*N6(vO4
zL1c`K8D1}`d>Yar*m&6A=ybC5qibv6K++^Qdou##xzO>1f~(R;@qhsoaXJT^(rYP~
zcu)Kx=p}UkFv;(wa^}uqsKSbC%_`>%(9*ha1S2Sr`S$G1=-WLcR-BrnHS^`{&B%V=
z$?PZwO;>aRGu!m>07$b1&_M`P5-N`yA0G=K*iHD1$lh-5?QY4X$M973SB#ivHLmD&
zJePJx=>e(LP_ElM2_T;k8s;=ksjr}jB@{8`D<n5?;!6vn{MRF4m_%lI8kJLU2!Vru
zqlR8*UX>GXx<9ln3aQehHzf~7(wYQiuB4(*$T)S1lwOBYGqwjibGPW^T>gf}tr1EB
z($JJE%&%ghcs$T%3-eKwd#e6+#KL(F97hc8GY`5R<-l<+&|Lh`J`(N)nhS|#tr4wZ
zr(@gI7~*Qi_jX^SIm<RFn+_;ahjv_X-o0IWij|SrBq`IlfD1I2sFYgB_OE>2)vBDU
zGEbwOtGAS=*Ur(Ko*3sc?rsP&h`AKeo^=QPes`nOu~WddLZh<=4kOI7gC^DyY;Z6A
zIqVeWw>2fw8R<<sM5F@P<DDbiHE*^2B_ucb#>j2ON`vk1O0~8hiE0AFx6+;`O>qL9
zVyeaq9Qi}AkK%yLLlp6jQ4x$CFejRq?E!hgwx1<g-N|ySK9Q6DmPks0a=Dm`Cs#-<
zt2j2-XgL8>!~qUv0z5eF=__m<pxzC&R6NCui|+fxyFk<(<A_r@cQG+CIAK_(bqC6c
zO7<rw)5nx(k%mLf3*saQPDp^g`4AjV-V%NyNHvmnyESk^vEpztm7h`_Eaz(+0Y4o_
zu^a0{R9{)UWYsJQpaMC<KJp;7NJwb{5C_sZQXmZiBDcSQOs9gVl(};aIA$LS$W*^T
zloBd`%NK7{4I6q&jv2tyf`(DhFV-q3G^ZhKKMM7mOtV<4qR@g$5_VH8nb9N^R$7E-
z+((q!vTcAaQ7{BokVc|z2(eg{6Js}C14j@?derjCD#ZS(q)tLF5Ixtb31R^3e6NJ5
z4<GF7x5{`ekZ~0r#!**}@p(X|20`21*QzCP1vfX}YvB4Cyi*2Ks$c8oD**S>Np9b8
zb^|rWzEKEzJdAs~LF}i4P<siPu~{+Opper>KLF*51NQ6@*E2{F3{w|E?NXb06b7=F
z<$j2!Y+HER8=#yKuIK0SL|RN)<OPYp$n$<!<4`U8bY0ny>fuds5Y^;eqKLD!Bbufx
z_Xi-eTYqnX5CUCV!62<C0&!1GL@&glasgll4b3UfrJsb%0IJ2C9`QKhjv8W9`Vvws
z)2W`%Ae)_s@cLZdoXoH(l~KMjs@UVSkeaG<c}P-#wbTFG<N9JYxWV>!-&;CC5zuyj
zr|Nq(LTc8<u70jXb+EnD@2BIWeF{}-mc}Au;?JuKs5bO8rbV7SDimNSszE}1S0`fW
z5L{G!WniaY`H`h1>Hu&Q#^-{coy%*FdMqFH!+bG8aOZmS1Os<aH41f@24s3J<Zs9o
zlLcU7U0pOhhrUmN1I$mEkpG|SVl>X>b-;gt?z-MSy1+QWZ>%#8dBVWDYIe>M6T`?s
zcU|Hs4^<JhYUmFF{yChYh<8odYk}Goq(1V+U)_xgtT~n!fHrUpo`D?dX#*1TXW*Bv
z-IZS~3}koYJgZ_^AMH{?gB5Maf77>m1Ppxn!>*-=;~6jmlYWt7BR&*IDnmThY*hj`
zzhv+1CejbO2U$sqSWF^@)R!X8Y5Cl5tCXB6)wn%(cH8fEt?$_s{*uj=5?xl>|1zlu
z=y}e#QRIt-VRnk_n0SqQ@p(kzgv|<HE)a@gfG<(HqQT=wX|?IUacq}1jN4+_Le6mg
z-ZxU6HymGRn%OpE%P55nR&`iv`^C+bu|S9^oOmQ)LVvv+sQ<d=-);Tx!|&4ywhp$$
zz%mx}c))}TSqba>0?k)}cY)>^JZ--@mp9w>1)<?+^kz5+zqfjfBui2oi-+TxV3ye&
z6y%w;H6vAcW$7a?Zd8uEEoJ;5W+A(eRVSQORS~FvZ?%&X^_H3R`es$}f>cy$w@ntY
z=I$&%0G80SOy8I5dYwGDxYw490{(0BKb{KR@VWc#)-P^r@v*(2X(6HF*qELeHyG()
zlFRj~2S_Vv40K%q$|=MK0^Kh72yo<!y`V2}D)q$$1*l>eoYKHJ+2G*`*eq|VlIehF
zU}Iy;lGPdFpsp-fXWk5jC@(uJhvQ6Q&5jbaMyrchdx5;J78rFscfZME`+2Uvwq_|)
z4FFQT$yB6B<x2ifyIAi()<F+Y?NDzIl-Lnt0=|AGrotYX49@1|;N#`?R&Ue&W((w?
z!Wj3IsiG&r^wtNx^=&Yw2woINt&QK4mg0mgEd>QB!u7xJq@s`>@}7lfg$ND)*6&wo
zR$7h*K<jqJG9Dop7@f;FP5}JZH~-mlzX82U9nGfUx;3PzN2_YR-mTTTf=Xv0R>_Tw
zQ!--#nM?u#eQO~ZnV)B40{-DhJGFDH&z_tYkRj(C4eD0Nu-B6kVjhuVT)aDNYPhZ$
zUrZ=3&P=h5mj;F-hYVELtq6j(5S-)>HK;aY^@EV8bB_X(AIC)qyd>h)x+(^Jzo<TZ
zpM@yN7LC1ftp$|v0VNqH6odaNun)2H*K_Qlay@*3#bBMonss3#zCQTgLfPJYekY50
z0sa~GHw6n$@p^~8v=QP6UnFDnK>He~n-y<~j|BJ!a&=xwSILASU|-3QP}C`B>2=0K
zY{O-Xdm_qeX~VNT-0v@dEO!B9Z4KzqSwJY**aJ8QLPJK3l^`6RWJk(!zU8HaD*|A8
z*_@aw@c;AQ|5x7t`k(*)e_&Hv=hS)U|NQs=eM3AL{Lg>?KXqVlDECZV5HTkU8i2wh
z@A<T*-#8a&KGc88Q}>RtAQn7_Q}^_|hwyjm&@1mvEMKZ)<yJs;b{<whQE%74{=v!V
z!QSrK!Tzw|7-Vjf=o|3zocGP3|M-#fX3&4~Sl*illY}SIsYSY4Nr-mqLaWdiuYsbv
zk$x!FU>SNP9Zh|*-LIGOwXVCr!pav|l;?riAtKKNz5xNgL=j@jHCjkuSpJGB8LOih
z{ryC|sGA>ky|5>*8Br-wUJiOH7*TJAV8Ca(W0+$Y?4tl?w^0Y0CMFOE2}Nf!ir9<<
z@_bIQGbIsb71ZlkhP^JnWr-BVZ73aiJg7VN>AJD~sk@QR^=R}aJ#?Qzp3=4PUC4NL
zOnganJg|?{%a;Ib$9a8Nas*>};HP+_AfgU1C-tVlu%Vv4Pv&ax=B-aDppt84YPKl{
z3z0~5^Rt-S(sr}U6(Nk^6#3x9z~|sc=};*tUiwIyTBpjBjoG-kWinA-oIaZ12>B1B
z*QUABVQzAyt&h=!Pz00<XF5}3lB8~@d2dba^ebmy-UQFWNgYRe!)4MX@R1IMvZk-I
zs9;^?UYf{?@_@Gre;tV+I{*ex?N`sOI@$rJ>vXHCb-NF=kCTs?JjY4%^~(cihDn5@
zsRb{IG!|e}I@_2%OWvWAO+`r%JOB|XH78YefYTmHGr$Aj%?L3!Khm@Ov~@&X05+%b
zwh(Q0e;SEiz{rQx2ih_xA-#Hi@IYqx_$xS$Q8ePvyD*m~^{iF&-szT{Di$1BZ$Ijn
zPM-(bA-3Vrx~iJ;qwQ3CJytjm<~{b-z)KvUF@n5&?%&Z|$M_7$18Z3{e~yh=$){2t
z`hr6aAY)00WY`=NWl4PFkj;!ZrZ32)yOpo6b_a8}V_M9)iJ0|X_8T|Fi;fwY<3(5d
zW}pBvjy=~SJyC)6OjX5OF3rXDC+^?eZS4UdkbXylA?TW4!$<v{9Xa?M(GW*+JYG@g
zA(fgza`l?6^cs2Dt#Hfl9LW1!Y-as%JnP3tOAA{2x|cB88{?>lqDwFqqv{~5fS1q!
zIF8twz+n4{+jsl!VECy2_;Jma^{`=|YudJod)%Yiz4x>9JEc_Vb4wB)C;apDcnQy{
zLBC(&TD91>s<v7u>-f)MU`}@eGM(aR>S{+798E|n^SIKvY}w#&(wJ$jwFOHNfZr07
zAeX5d<p0&NXUN4-oEQgrM{BUkd#GAelR-!rI!9zO1nVF6-W-n(hLR;19b0tFy73E~
zmHPLMn_)4*DDW+iMs)|>_Y=yymbGSju04&dcGP!8gu~PrsyRr8rnxI?2ii+V$>KlY
z=BE3vj$qEaDh#Jky?tN&--OY~9GWfXDji15aU1{{fPkSGQh8O`T(eArCgv*1NEwld
z?fIZ|*|-!NEFe<{MlhIj>@g>%Bt(3Ml6<tV!c7+C?JfO|J6T68H?WVLum0#yAqI;H
z(8+plkIxQ9F2CltZ=>Ju_aE=<$bb9&e&OH2qyFI0SA(7Y;PLj(cK`9Culj>Wj|bad
zf&N`|aM6=64(V6@Tens0+#lrGBhi#Xo&@^lv-IMYLXo@+q8v4mZ~WUWaq5TNuREOv
zH#oJXbhbiWPRLZ75#h}hGUad!Y}RCe$e?#$-ty^gNq@D@H*FvA)9&fp!?&+M>l)v5
zz7YePmq%3>zy+Gi+XP%_W9CkQE#V?#FRXb4@XDcicH5EBz(3iehs9iFlQ%_BYPywC
zEy+~`jQ_k3q_uAe;OhWg$Aoflv^zRGI6Z%T@bk0vO%kJsu>ep(j?N5SgNNH&%VWL{
zkT)Y>{X+))W`#kh2L8z&0sI6qbulF~5TvBYiLy)E@m#B^E7$Rj&x84HAgzuZU!q{H
zZml+7Ig#CfvS*&s>r@9E@kV~kfH(Cv<4MofKa39cP7lt`-|ikA=#DSM{1ZMM>$uT&
zz-{2o?+K3boVkY0nu6Vf1yA?O@KAx@?Kx<fhw6SmTh#5=g!{>!&&Nameth`$?l@?H
zhZ^8_!$E)NJk(H^)$NVXhWRIa>Nru66~%<{DMjqJ!1itH?C+lKzStcd3_E8;-9z(u
zn)qQ18A|VFKaimma&gN$no9RyoS*EDMn4^&?mt`KG?xRXhy%w-Lm5fs`&1pOxo^|A
zH#Z<(MQ<XlYC1&SbovOU6vZIx<CggJo{=bqeD<vSLE1O0F>p+;Zo1$j5dD0-102Uk
z9`VsuM=uboU-`iu9h|*88FmIPc%?!C<QU}Pi4?luoxYK_{E`oyImYkSxcbQJ6v~f9
z5AfUL{e$z9<I}TMhPN;hEJmIypt67V|K&y+mz%CJX0XPj5en11bHr8=)5DVjo+_;2
zD%fI<LW!vIMR)Z%Ig;=6kDIQ-KunrEi0<{)H6FwDbm)5NWJuSh+>F?s4J~Fx=;=dn
z$YshA4ljftG(lJCWp5KOBj+#?C*uHnf;iN@yz~J7Yl)b-$$OP13en#8`jpm$=N!+|
zkQE!bWpn8P=W6M>+py+tba49P;a<h`N!V>BZ`sy!v%T@bOtS3&VVqONeB=0Lqde6a
z+D%iO#zt+w>Q0XLrMy`fjhOgtX*mF0kAyLaP{f~=T!$l-mZ)1x^XAsCEUBs7U?MPd
zw6|DGHf#C=zUzP2AF4xldnB`i0Z||uOU?AQU3nIkV|6&vi4Z8cV#;mA<jAp-b{0;B
zq^&byh$@)~`XQD_Z-yri)4y!~StTm#yb7+~GX$0o-TVQRDzVA7<du74T9Jm&EOCe4
zbaYmu5b+uDMR|$>bO|FBD?}d+*cWL@6wGBbvUjl$xjA$+*&ecpjq<AhC5AcF-W>u$
z!Rf*14D6m9y5Mjkbt@Af@&ch)9bFr^u-q?wAwSJxqfjp>X}NRwczzrmT%t6niI_sm
z=<4Q|kQq_m2S4nZMwO-6<Lcsk-aZBRjFMzJD{YGJ4l~Yq0KHl6qYRKh&DlE?2w~qe
z=jI}GFAO?ydiJvS!|u0->QGUd*uI64|Lq8g-inC~2}Qt19O8hvB{El6Z3(SDDNq4n
zTocd7eIH(@@>Ep?8Fa0(^vzA@???a0AE6G7)D{sAHtY7M>f53g8<WPh0y!y%0w9`{
zu5yw>NEj#FB$9dWk%*B%2d1(@9d#GA_biX!*I$1vM$rstjg(|Iw8N8OliJ)k;x{)&
z1U)%DJlZ||`TW!FVFsC7?qCIxy{6}lq+@Js2S+asPCs$4?_kd^>?21o&IvUpT!H=W
z@I<gCd6`WIKD`B%u*4^T&4A;9uH5o|>8^h$(~Q)Fmm`2*y5RY93(f9b%x)#RrMX^+
zZGPe!F%?|?4NM|0;{&%Ea06t?(X8{cu52z=p4N9U;H}VY=Mr9Srv^{;=a)W=x_>_V
zQ+xh<K0`r_D06un+_H`4^WW|5et)}g{`+|6$)o%8-_P-U_|W?XT;gyjrK<@JkQAaq
zF)ZE;4Z$}($s&5+bPld#6X#m)k=hs_-FMxNF6U@Z&a%oanU#|jl8TwTCu>U=%2XkR
zAu_kPz(>Go5_#b9L-{8TN6BP@uR+(zfSK!?3eB@ZJY|*dW)XUM_V1M0cMdD_J*GI~
z6VUw&GvTGXx9Ens4=jGH%OM^<%Zo@UobA6=;b5bo0NCTZ%urSjs}-)X-Kfg_XXPPP
z&3)++HCWvBfEJgNa+@})%;KR<%{CRQs%+Z1qs5iR;WJGMIb;rgOJIN}82JFkvFwi9
z`3WiLvOE`U2u{Jk7<n*Z2rv>N+w37!ymN3QZ~U&ku{XB0v29~x+u2}aTN~T9ZQHhO
z+fF9)=KDM6yr)i8SI_*{(_K?f_2+u-`<hdcv%aqnbz)=v=fDJ(@lN0OwGlU_J!y1k
z-6q_zi1`OCRz*Fj@^{xjPz22UDM{?gDm~7%%yv1^pNBfp$tDQ3lI`Wpg?<)%B-w#B
zh}eCtHd-yxRBhHR(8i}z_6rjT=EnJ*PfaRj>5F-p%w~RrB_?}}d^`kN#S?ZkBLgE8
z=bP9fdNMc~^yo3yf{#Zt3goS=B*~&!7<26KvT_fJzytHuoFu=m%E>}EA~o`=qwqx=
zXSN~!x!@ESP9R)!NB*%%Wdiq5!SrF1U9~3t!plbc+cc)5vzv)3V^-o61~FXox!^g=
z$o_6|Z^wI#4b6`T@fj^T;cIqeAkoB@ifYke(EU(_IL7tze4uRYxh-nvOF`QcLi>)3
z&`W2BKjqiBXc9rx_F;Z7gQ#aXi9}K6v>Glv898I!{-41>*$STOQ@JY@vjv^zV_WpS
z*2{TqY_;$zD2Qxjw5zLQA-7sM0)C%ANur4t_0({;*=}{3xE2GeDlLM6V3r!-3Uie|
zD#3ckXr$^v)IkBz!!fQ3hakG5-0MYRdIj#)qVB>H%mmP@nf3%PhsX!XkC69APYTX|
zT%Jw;R1-cuHmUjE`LFyFFL&`mryY-ezCPaHO!?bU@esrCC$ilj!}|q|2}Os*U{h9=
zGDHk8Uqr*hjxdS^Sq8MQPbq)1(qT*2G0Y&#LFo+Qo4#ghyl~X&E?dE#P4`KGV}0r*
z&~YqVe#qidXW)3y?80C*V4IggK!?zt6$5*9DZ0Y1HG%IU|7~?<SY5gneu;tTtURYy
zxa!b~+5A8SsiXJ6|J%Q}aMg-qeaJ#qMAu^fxLDb%WLoB74js1~Z1<F=;g_h<U1TjI
zL&bir)&ZP^?$870BzdyizvAH{^EyU#^`5^3=eSkGpF`;Bqdne^6H8jwPPR<76VYeP
z18w(`^n9VxF*&gQ^_#tC+z}F!KWy>Jjq-+!RiIq#$Bx90Bukwt;G@b{UA&xF=pf4!
z>aQf1SZC|qHkcOvDXQs27Oh7})NC3YAT49+^F~KxXcfyXgx&|Hi%yeGmmDo7|47o8
z;I3+#t$53$^udxHjc5~Hny>XHL080kJH=^bX03ZC+Q}qI&|jx!k(@~7<+p88lu1Hj
ze2Pu%bs|6h4os@jsnqYX(Dbn+(S_p4S!-v37s?QHXpZMkk!$VQt#5%6f>4mk*|RpC
zEr8~RO^a#)Vs%*<Fddr4C?xm|5)|CWIs?P-X^kt|Lt#IgAet|qk2H8Kw|w#<a!JUX
zty_{Poy#d&v6i?O20eWZMe<@80u>73*HZAb-cpa65ROirnN&Q(*6B83->oqOB8`oS
zby_bC@iNMq)B=t02F(11K#p^HF8!yp8q~>8Ruf$~TLi<N^H-_q1eYp3`AZu|RDMpS
zJPWq_b{{HV08=13?dL~%?$w6xtyw>SPagpx0iD2|XM@|*yDs3)iQE0yCUrg@6*BlO
zr#Y=EbBxzn^p-$XcJLG7{wOwTKXwVD3vc)*I(D!BlK_^L0ChF+Dl6pW0_ey~SjnR&
zY*js9OGcII8TAD5KMnjHExQ*XboLf%F~cNnRZTD+#$kbU!IYE$o%*#!!PR>;(KwF=
z+A8WwYdj7Snm-kBu!fEZ-b9&dX~f}NnHCMjT=RHmj-I-bJg)H4nE9e03onf{)tBM4
zooQn(z!QecG+xJQ{M$g{^apS{%s%@Fn2mDYp-JFdQP}&}U%=vn??nJNflDRtrF2uB
z<d^4X;V7^L3XtXb1?0*e`ubrcgqi9PZMYLIazc3#Gn%9NXXyazD>?UPg4SC%0X$!_
z$I@V|CyQ&f@UF!_kA#FALoC*)FATc|CsQ8R88huF;Qy&#Iyw29r1s`N0snZG)P51#
zAZBmY0B7zr?sxLd2ghf>ND6{{1K*)v7GUi)1AIjx<4$1I%r-5@;4<S~bXh(RHhXu_
zwauHp(Ba?=JJUg1?SO>5wCBDtkT1_UGxunh0&Tan-1x8+Nk8Tzsamx6u-)l8dTAWO
zO(Qm+d%D`}>p6~j&!dwXgPpCSikfU%nyh6rCc8&JTeN}k4;NLw?gX`?Ukf`vN{K*1
z{_~yxej6*6#bckxaiOZqkp=BF=QM>P-tv?M`!x_<rl3QE7RjKUeZsu500OKcKCGyi
zx>`MWXI5xw+{(0T(CokPem~9Il*e7Qlvcga2NIYQvB;-IkjVOpRbJj%<fC-L5#S*$
zTkUgaP+!*`N@Eb%LYVvtJoxhdjG4LDAYgf$gg2dT+RCv$5=aqwweeOGQIzuc)sXgy
zR{x+%aZ%~*n6IT!@nm~5rpWu(uNInOz}L`w!XAa_vU~>F3qJ>6AL-?;o_i&N55pgk
z-zJ0lLIIO=^LGeXlFcooOsuk2&)zHc>07(Nunx?Izn<|Gm}m$De21l31-bu~@I37+
z?giHt{pf76IbIgK(gtlr$G=Hf!!FVL4B67Y&j&6lmkfHewcn&+<vb@32ccF?2jS4h
z5?+hIehK||TV!HIKcjygR$mDKBzVL=Zk`9OJU?d4+{1%6I}S_T>)%N4RTrN6L1*Ec
zjE%Onc-iROv1CJqkEG@84;Cx{7rQ4FnE;=q<4-fsj@GZ1n*(2;?2^LCHQ|3S9yP!v
z>;e8XS#^#EoB|E~Y{g1-=J5KzE_J_~<+>Q)i@UdUihlS~g_SM6Bi^YTf!n1@*mqWf
z*yVk#eBUj>v+MN=(99hNt<h=O`sqSB8!Tn?GKQA9bebq-YVvJD8jt9>TNuxYVt+<Y
ztx#K`NXA(vpHKmb0H@3oq}1pRvX(T7%8=N_WsaoPlV^(%`2AE#2Wz0aLVthn-DG_L
zf4aDgp8x@#z@C}=#F<CO1l>Px@1)Vi*F&z8Lxm|eptegTsG2v^KVKdiU*5z9O!I1z
zZlMK3hDIlpQU?bK^L~V}qa$4eIgyShy+Svp*zwcvGAOoqrRMw^A0GfGbePogLMw1*
zk3nWBQ2=E^g;R$*oKw`UnD!O@n@HoOpxBI3{guaU(cO4<=rS$c2Wm^|PrG}HQHwuP
zhfmV|$PD-+&+{c<DCc!n<pyv?2KsK^VBYvX=4?&?b57o7Q@=L&(PO!&I_3h$RCX*a
zEr+Z;{kPOFpeP{W)tPK<ZeVu@Q+!2_1krkZw0WztL31zRjL7xMzt>_ZV<{=m_k0*f
zk$BNhP7L8L)0Ai2qdu+HxOogM#ktWdEP}|qkT$7im{e{JCDO%wd}ZxEr4-}n(3)m?
zs7#VmpeU2XNL<L^wi;2h@*xCLh!j1xzw%(7%pJBY>k*?ULldSbu9KaWDRZz_aVKzn
zF{96WG!OnI@%>u>12~{e{m<J0Kc-vaF?Jcozggz2hnn&tp)1h@XG9!i4!Q|PWNdp>
z>pbLCXh<K7^KS=*%n?u~$<acpojmRess`Q0;b|Q8K5k|B2BXc`=nqbl`hn$v`TNZ6
zRJqo5X&(3!()Q&kdk6@l@d?M3*F*R#2W6En12|Ck#_QPXDDG?9)#bZ>4jhz_yNnT#
z{jBMGF31PC5`DF;00jmXh_przqllwj7>IxFaw-^NUv2$PL-tGwVA^L)f(+}4!Imvt
zyd}9SX>kT%x_NzVO|<W*rs%XyLwBabeZP!iToX+YH_tZ<`9rY$IeN0{*!p3Rpu~4g
zp5Nh00Z5eh{F>oBG>-?j`iodA{v~jV=+Z3xl@mj_l>_un9x**(jMj9?=9qur(@OVE
zX&cDNbmicl8=F%A%f0!)h3MSQBH4f^L$OuIa>$~JV{_EfwUDQ&#Qzch?cs>x48oIb
z;;wP3RYn2lOz%#BSie;1$;cWJTu9X#q|GJ@d89V45iM*vvz5-*71J@#iw9G%hq2R)
z2UbJVv5}8)g_88=HEWs#M0Ua@2X^gy{|PG(tE$Q;@ppcai7ER4W&Td(!aHH^SX`I;
zX<I?I5b~M+PR;qV)r}r*)>Lc>YSCnoIfX5ecMqvuWUab``~!p4<0Yj<Dr+vK`cbxM
ziF?tGr>@PGD|`aaaG7ED6GS8BjrC9WYk6uaw)gRw#&WU{=HL#jIB}y$nf<_3hD4^3
zFjJ1SV{$|_(*b9C_Nr|Iq(jic)<LoX%|5VYSltX!*KgNCQ|v-}%CWh>G=(xZ6SFCe
zP5nr*$&FQlbug|lP94qT6kJi}6Zu~9aOGw^s>y2c4jf4<N4Y|*p8=-GG<TwHly(`=
z>H>{>`j41@K8*ZDa&V5VMS}l@_~7-s+O)>AY|t)m7hNZ_N+T8D+Wd<4fx!FYq@D-C
za=0Duv6#9^?V?j()9XpA-d0lf*yi7m@<MzZCe~AZH8Cn4QCEjk%C@NJQCwvPbKV@h
z(%}S4+&zKO{E#!cnSD5J$AR&>?3i%8;};$U#|rbCxQ9W)G7?-b9`zDZ;&=;k2?Sie
zIy9*Oso8%$`C!1p-DS?qLJtTugO|)dR7{4{Do#HmnP;XX_;XL`Md=ygaj1Z|rQKo^
z77N_Rt7|>2x5`WY36Vim_t@oq8FD(^ZT6u8Q(Z!crh^Lvw9|qg_Km=OQB%J?thxj9
zLE@v|IzkrZjR!GVoOHmBf;yC>q*IyhTw=RlDHF1zQ?iKmH77A!l|bB_gyieYbQ=+Q
z=ehf$d&mExAEz)w#D$KsN(eeKiLSo_x$DaBI!G%_G%)W?!JT~lH5iE*iP28=K$zJ5
zP#MMVRlKg-ZC*Spj;}&o#w_qcAmSB9V?YCq{_#=#fCOm+t^cE{&x=A5JJ{yKsMs}k
zJ0B`%FUeeE^Pn?j=hrJB<m&xk5zc9chha>pxXX!bU+8h9!L|2~1#}wQ4H`#jE1h=F
zC<N=-LpHvK0Ca+$sq&1b{Ww&dk&{?u)RV6k@L2<Pi!4JG-Z$(EdONVT_S+WB3;gyR
z)XHm?d*^v-SPjz)0PocD0ib_fd1+(2K;@IBI8(8cl^0abBBSL)K)hP#51V}{I^(Z9
zQ4xM`7fs<Jup7Co2H#-}Mu-{YO7bok#bU=`3XU2U+xlkTEr;XVq<46fnT5%8YJIS{
zzik4o?aed=T_H+Jbfi2m&8Iywe?^k^`14@bT7VCB66%vk)x|K6(I7-*Ej=5x9Xz{X
zO$^h5(-58gq5f|F7G-NRC=bZgryy{yCwQ%xAEqSaRVkyzOE)?hgBX5p!2Bj5l#wLD
z%A3_0w5r8RgQ*LtCVKgEJ25GePx~DH0xrRPTpT+jJylI<jlI=smg~DymM4+L=SLF!
zS}jFf`++m1`NYUFc=TK;<=>@CG{H?oGz*0)C2Rm+xOH=Zt%{E!WwJHVOq7fWuPS;P
zWv;3Ux;#9j)>|m9DzDtPa-46QCDi>>&=He-V-iO@>TmI*o!KT!kVd{01?UB#i~P(_
z{p;&2{G2Z@pZ|+{5!`%uEYuESOU%%8*F6)~K`J&{6q4ANQxXFQGGlWqd%tT1XtMYE
zm86s0nx#hKa3>7sZGsPZ*-9s%QyHNT4W;Yo>yczJ9rJ19G*)-NH2%WNSeAXn4H5h?
z!*gv0Xc^BoJ?{=_*H&qP^v2u&CBkjFDc@?D7PW{OCt0kjYC;jX@LZVI&bwr%Gzb?m
zvzee6Y~f9LKsMS~aa@ClmZuCS7CWO}EuW1yRvjKJnAz-Yvc0u#JVr;LnsLPI%ZRIh
z<}7K_?qXJ7`71rnt*h?ZN3`C_E>^x=pWRUPBG7_NVZj}*H9NC!&t^Wfn~dLi?rcb8
zdF8DiK`sklk4M=y_IVI<lNg**w@!vU0usu*`-#h`ZqRZ5x-;fsjM%s&;Z1owEVT#a
z3#f=Ej|7Jr9eU}dc&pMXKihb+c*j>VX|T6_8^~rq;jJLJYvkV2WcQQLzGtsb<@xqu
zxdcQ0{Tp_9^xWSC$72HKn_$|38qQ$vSA6Q{&KQf&wqlo#5!DzTX?W4JV1Z&3UYKPo
z&!$n9Os+_l$Xo@DZfULpS6sG!koR7^MNMjqOpYJ;+iu8giy+MX1`rrucI7!2U{5<-
zu7$1HLX@~<TJ#eeP1aKBkyAGRQu=4Jb?#_C#gSJ1HpdFBxOBO{5^V#L5e{t`q}Dq?
zZn4Er#+uXL2(xLUG1d^TBV`;{rHscJ+9Yx4KP?Ii6vQna@6Mq)I_h*Ihlo&W5Qrlf
z^Hw~@L9(_`kmms?@{kf2-5dwS2*&ffi#rlCd*18i>C@iWn|w!z*$G38{0!oky^Gzu
z%gfZ;S42Ju54f&ef=YZ9k5|1*sZl;8`fd;Lr7uB4PY*94pw`o)*0;OIv-!iw)yeM5
zhOCx{TSIk>-fqAGT)N%qSlz0wVZ2=myi$2YTc}m=f!B|EtJ38%9J(fbAV08UdQ`zy
zqSUP}6mPx|{^<;7eY89Z&9R;b2jJw@4lJYmm7`(gUe5GnE5SvTcvM<~aPRtCsJKh~
zGQFhTPcHyRAxPx82{Hu&tt)k4E?iRzwV1YW*|o%$AKS8^Z#**!vgMBzt44ASo3Uq!
zRTQN3tl-jP7vHwPcbEP@5K5Qk8<I;C^nRWHE^tZEx#fL#oI6-H@7*$2hp+1hi<mDh
z^BXNc6bMa)5kXP1kDd2N`nbJrYm4T6&1$SFJk%mPUUe3hLdyhcl7B~xrAVRRNfskw
zTk%0tV}7`J!ALr7Y(vzmwrIuX#O9M+Ag-nGXmh&W!8XAz@)WF=erq!cVD^wKD}i!+
zcPQwaV7n%PcPG`xIis0)avXw)uCc5=_*7pZ)7$DFaM(U8_6J-?j<S59NR7YdD*b1!
z@<zzUe$8$K0oJ7yeXp4Bt~kp|42E$zyTg%GBfI@tQzEYKnVbT8wKP<zrO@9B27r0L
zl7AgSEzPud#&P&V#tWR~F0RY?9c0;dcf8ZL5_G)I0Pg-R6=|9?$i60axig;h8<|c$
z)c?Go+2m#3Vq443e2EmDaBimVQZk9DfL%6iS9b2|zX}KnAs<?Z^|Y*V*S4)P2?c{%
z`j|VsM)fw$ux==79zH92BRNL#hK}3ZDa0j<hzp@u)h;r2z_b>{{oxeFJ1c@*@{qb4
z%F|YGtJ(1rR<)tp5hR<)_8MZexS>&4Zv%A{txJ?zF7N`TI{tEU;v|T}xls91W(i3h
z-f4kz2bc2(A#+Xee|^3{PBVLapPB<bY<D|3?C4E)BVner*_F{x0%zZI$vDS#@y^jo
zY=_-DnH6Z7?NPl(5^W2pBo#mSIs-?T%&tFf+dV@5hL~e(=mb!_7@c^#bxDepK5&{e
zY~)gvGo(}gBccg?u(sMo(7^P5v%*{qM_-;Ntz8?jb4MHy>rR`PS_GZhSnBAS?YO`8
zrm^$@mR;WOP8(r+F@Ny3w#@l*;{re(KK5PSr9RIKhdp`RhF+6yB!R?Nd$JE-C#*pX
z8^$waICR@}(q>b+$EEqsTVw6DfyCp(gN5RzPbrz@4HO)7akL=!D2}nXIYe<Q=d8IT
zP?gwA!ut1ez34Al<>%E-du8r{mBVmJ=~y4k?dnuQ0F(iGi%07Fe)V`?u{Jf8=b;!Q
zOUT>kE<0TF1d`JOXeJlovDSFQ6X{j<pLqja!VuEFo1#-e%lrPb)F&#zW9Gbu6C{7V
zz<=YV$X480q%%a<?q+{b`aOu*AHwpLm8OT_w}i{7<K>j^I-QSw1hqhD-2ZAJlKZb#
zK5hDKhJpEPW{h|Wrxo8;*T=D_+Xme#j{DHd7YCg|Z^idM*?0#_aP1~_72OJ&Yh$xN
z+1rA#J`vhR{(JI|UTkfD$fMY9MO3<KVVaKU4R4U^a@47uVXkby`5%~9;=k&=5W$yD
zxOTY}pM!D^*CT?upY5<|oo0jO#H*|DkBtMyF(P=JAZh1t+!sR`OyvzOj5*ptKQw9@
z$5O{3)2Q;-NgHq!(4ST3<(E#RzJu;9%MZToi(PV#HX2kaLO;Rq`Z&b;Es6)$EqXjX
zbe!PasH86KQ9NRS48KM}iD~6ir{1r@q0A!<g2wd>*JR;VUjI2)j8kLMg&XzPo+=WP
z2<2sVBdu}|8svF2QD7A=;Key*ZO*B!aE$`c;-j%+%$h$&?~#9|k1Z1InDd{KM?M!0
z)tQZ#__jV|R#8p>C~B+ohsMKm=F#*}C?{}q!j-H4WId~?^y2IuMJ$6^&C=6pz%`CP
zgS1viFVnBFbASA&GIdhS^>e6OUiU1sPz<VpTj*LfR`@h4Z1DV3V9<k4FL^$T$6v5W
zlqnMkFJK#ER0sLvcnY=@8&@^TUe{d_#g}8>O}!<*>M~NstpyfJBrwQ=OI<YlSE$nA
z4F#ISLL7&P56Z5&2WOPz`};1Ad)Q;()bAK|Xn8ZQZ(D+o(96B7wpnPf*ol~&5lZaY
zCtLZ;Zq>DoTHU20v9foh!<oTl2?<*ypfcW;+*8YhW-R;IIFZ%^21Zcbec(7ou`*bF
zdMke9c-q_^vaE-iPU%tGU!817UPw6#ZAntTC9k;1{H&Vt?AfW2vsjje;fPGIF?I4A
z=a5OTF=ODW!L?Q)9$?@Pl|8^_fNK#XmmxfgK|T{2DxkAO7tH~+Af_$hn!R*1=QJ+h
zXEYs$ekIRwUtj9fy{XtAQE3N;B!35K?dZAUS}ZT+N><<xs2xB4M$>QL>Cm%HMUBKn
zP*j(_S0NIqXEfe(*(_wT!OKQK>pi8EEDSh!5+u9$&<!v=ne^G8Z|y3=d_$~%LD8U7
ztMqg61jWq}O4{h^^}Ot>BiE+4=$Git@r`e=l~=!1+mMD`WxL6HTU;vJT@gByj16>-
zh%DvnC@$!jW-f*$cET9C*t5f$;49a3uTTxEwUAp~Es#5nZF||f{l1f%E7>Isy!SRo
zqb*2<*F@XSc^Bw))f4;5LP)<+$;Z8@{@crP{OWIi`ZXXtoJ=>{<Ph%El6<-?g(F52
z1K@dF(T_K<S=qcobUK&Azcz)d4DK$RH}H&P<IbbI@>R2Kss0J8h-utOoM3qM4;I##
ze`kaX4s`%1Zfh5Mp{sG3EP4jtg|;#gsU`ES_4nsrDzd{{S1IfYX>UzN*70}KftD6m
z7AZ}f^<_8aB9anK9qGl!FrNg8?FrEO!l?Zc;?w01Z*?>qmarom)^>;!WmRd{G}3)i
zc5tB8lAfAaBluSlvF3?hFc#H2oe(V{zpilynY$WoG5em{`X)~~>FmaiphXh4yQ0It
zjoH)qS^>T_`kgf#DVxFrIjw>|!eVSxIGybxk&dxLmWagKwt}Ww^Vag#7j<Ap_UG^>
z3p2!oiN?x&0qTb_cAxDS`#Zn~csCvW*|Kwk3B<P&SbO__-PoSDZk``Bvp`YrX+D^P
zSf8aHXYHYBfKYaEl->pW|6(M8k|d5j16aV)O#fh_<Z8aIi9RfQ&QqP;Q9^&z{TpNP
zgj8dcF3C@-eSFUd4XwbXQm4nhTvLz<f+u&DQv3u<%TW>+bd+H-VZ{MeYfI^GZ0<fD
zJqeP}&&wEugNQv9JmMgcgASGbO;yJ0PWK(h9B^h6-8r%g*1=U7hEx>w`3HMb^mu%O
z&8Yr2T7kbadH(m!R<L;8>j9;`K*DQYyv>JiT)f(eH_UXQi}Q<rKH;0MxU1g>?XVqm
zvx?NpI7IRoy+wUtn^G>FVlPOIp&OU<Vhd>e-IVbRxzyz?nw=?pdq?{HYd@;mK0LR^
z%QG?u>GTT)fZ}bOt)D+o@LxD$tHn&@_WE$??D`7?>wB)r#JdEO6O@@N>Q(NA05QD0
z(9c(P3Y$Y;{V;sFstDj1so9)`%3zr`X1{zYPMwLbyNFYu$clTI@c7oBI$w_x9Dtta
z{R>#TZSG~5)9#-`%A8_E{ex*R_#@1pt2I3jdh$0Ykr<I7XS%;V%9{~VC7F805mWrv
z2<ZJDSp~z$Z&RKUGH?aON@AMYH?+&v6>Yy6A}E&8N{q%7){q5YPM7PI&4xH=@JoX)
z#PV1}lWs)vp?18DN3=0dSxeZ}h)eUvLJ5Vxq@=JcvW{P4mG#Hh^NWF9iKMO-g{*4<
zqBU(?00<-2q&E_7?#Ud!5uWq<+}1Cg151C=vAhYl=pezN(A?HT9eNWw=(at7w5AUz
zw*p{FmM(3`M+*bUo9v@BRe0O1dPz9roBW$cjzqQG`9EWpoml+|L(VZ}oP%R8+J|JH
z+t{SEX0sG`e>ewCJDu3PpOG}bxZMBIYoyOxy%G>;h%$a;g42DwwzQe%3zMMRKSZau
z0$2p>#wQ}W;h4`LmKU&<2*zu3R6&A^Q)!KZ!nz!#W%n%=qg$-Fm~}DfTAP-gpa7$(
zSq17ENRlAX%xl`JlyP_9c{{OKd)L?5lp}j;7k6Eu4Ic<sBM)VBn1q||6W1KgC(r3D
z=Bg}e-c?J$pM42R5xE|MA6nNT#y^ZeXay9zka)!K6N)X}H*KQ_IBnepF$w~T$4n~)
zEoJ#E?U{?$Dh)WE{OAqp^m@wfkyXEJ!_NAp^>X990Q@YAd4wx}>cg^ynR<#vwPWl9
z;UTxhdw|vPS7?#z*VEg(aM(MJa@d9XMH<i->fA3q&S2n(Gtt93c$H1XEg0NjAiJrk
zmo<WX{>vNNg*a}@<xddeS!ev&`9F~HCg1Ak9v}JuZEk9b0{_x%-%3LW{$x;;`a>1t
zjVSlvZWS5kRm{}T$KS9f5P(zB55Noi9^op%bq)5Xd1qh2f!zf+Fxz^0Nt(H14g73j
zz*+WKze09N@D>YZt$5j7;d7hGZo0h}j<UQtf%mO+>xx0EGUMT<nVv6~(y0o(4{>ty
ziKK^*SwHv?qALM(mqZ~TCo>>oJ<FI&y=LjJ)bl5}oUe;IBV#|jy~D%GNJ_yvJf3GZ
zWZwFt*e44a`!UxLvpqS{oV7T7d;-~{yoW|+(_Pmv8Vf^P;(ZR2?R}gB<YmORn;n@=
zISP}Q6&oQdC*y%vd@pa|n?61<fE3F&w#p-pr&)ru-&2IQ{{r5Im@T0yC@!!epu1JR
zvrgrA{H+8xW@>RQ%`)rzNyY*R?VWP)zN{Z252Op;?3X6Fvf}8*1HLa&wHj$vwJ-7K
z9Zu7~qq(MnU*eG#wK`Dh<Fqbne=l@tzjq)D``Jfp*}nY{LS6JgBd}*rs*^BI&h2vf
zD2Tir*%Sh4DC6UcBAs6K|NGNyvlj6fUe$)bhWTbP<-#!$aK5<LY07kc+-l?-)f28s
zkh;@T&RkM+%v4gtpH&Kjzm1X1fv(Q==S|e?!7m9D{gVHL+<*+xkTeEjB=(&xEwsu%
zC7)=FgGO1!CkBnA@NIopypD}4HN*gcOk(;aJ*<Ui30o#7nA-Gfng4kg!5Uj=$kPue
z0FqV~8p=@nTF6bBuQ<IivxSzE`CaqsdfXm4CV#9eCZ>4#d(Vh1#XgBK{nxEu!}1RY
z8;aR8x?R!OeZi}NzL!5F=P<Id!r2Oi*`gs(lKdZ>6{q3F>aAgjT?Qt+9=x;Kj5ml(
zUr0Y2Z`-L3o{8f$X0b3uS(iTS3NN4TBfBtfM8={}KLWLtiXOgqyC)+gHVd(&{T_xp
ze<h6Ivz$CaVv2(51v2Ag()KW>k9CxOiyC}%AHpSmKQYWuu>A>kN3uS1{<ra)r-LA)
z+amb2n7cqNIQz@P&ffX{efReKa(@I7$jQS6xCPwB^c2_<x}MUtSs`w^qWfqxJS+$-
zb}x5+ILEMF_26D+zZ@ReygGb*T<_kWzwUSQ;8~Swg|um(KM8$ZPB$sWoy+;PBuYQs
zsSx5;Y#sJz^;a|x;ytz|#xz%t9m>1eonx%V?MmqF<7}p5YVz^grV*-Ge1Pzm$0+>-
z%PYfPOdND8P3JP{QEWf<Qe|nxTEf;fEiZG{GF7IOl8uWMU*t2X#}K%A(QH5N-?vNn
zrOuQ$b=}S;VOX9eInY2TpIb8>dMiAc5t|%oNs;U8$@po>{5Mb_K!37MXnO2M-;$b&
ziJ|U2{djy_u9B*{*niQYI{Pn`9i4hhQBmvacUV0q=Y^P{ZUerF9!Hj*+Ujy>lCsXT
zxP66PBUO=CV3_NAArT`{rTlWAtW3|J&gpgQTlPn2c6RaxMNlz!HDd0p?TdwQs4Ww*
z5=nTb@TrM;Rq68l%=+7{3gn=w5EvWqkh=<Zgf?Te_>O3?m2aa<9kimiqi=2-UG2r}
z6ejHZkugsuvkYpqvXdJaq@*P!8QtFf99J9Z^}tl>;9|FO-<K9KXtK>g=9p(b8G=p>
z7*~ZsKu&kK->g}XMdQV5?sz+mK7U86=aR96G#mOmZZpHxl}CjgZ;X6^mV6E2j{$rD
zD0z3@{?#$pc9bJ(zg0lcuq2{ym~607+nFt`4)%!}wktc%8<?GfJPD;2rFpxYSfWeD
z<d#^(HG(^t4QknLy;}@mG^w0DMi0oxMj$JVV0P@OWM89OLM1~fFd)16ShH11_Li8h
z<AoaEPys7?pVSFWfuNU~^Gg7J6r=_yu|MufhG%hHE48i2LUWC$TeO69i|tgSAM#%}
z?k$HF8mq%{Nv+x8JNE#zPcpc{5-1#??j4WX^(FRZ7Sz40d7dY3<fjEb?d%+$_MX;;
zLJoX&@%1waIstZ%<rX7u|I`3#zv0k6Sz0XrIDkqES@;CmS~7l&Tp*_G;OpQKdUJBO
za=SU(xqt2fiUzN@?!2vO(Z5t<b`z<Fk|=Mn6s|g?;H~PvDf3>sjPMU<51)f|Rb;*V
zNa{bfauR0dn+ZPB(My#SD_%@7cve5w7g3daCgau3lqTQ$j*bw`FeL~hjEVzJlM8Sj
zz6K~qgf*i*FoeFCs750>P&?MNb%kt$sTD#3KAJ#M$Ulf=2o3cbr0*vn-Zq9dVush<
zJZz_j7oeEgv*{;ROpQNEt)gaXzm}jQ7dBiyT%11lKKBo|`i2spdK@g-yT7*j?#}uu
zT1J#3$3asyDf~9k@d(X05*w^!>i2U}mEB!H>1HTNE>8azIrYxV{X1qyX8R>UQM#;!
zw>1;PB%>Oi#q{TCP6B5;JhvgFIYt)YgK3@BXDm*GUt<3sHcF1F&mg=wI|Ijl!)T;N
zac--T))RZ}ZWy_AL`6&a(@@UT$Xm8II>tq1Evx4!WIsxL55!Ahh*)sN#={xq8g{3N
zsd39&)fV;TdcbGj(95gwCYugklG*X)M`ux+#8ToKU=}0&gi%fLwOvh$jCfJ5`MOV&
z<=LvI&(^+ZwO2=9TIA(yW?}UsE!7l)N+IG^jhS0eAWzL7l=+9yoycT8$U8RR%9c%D
zLs&?_Hy|8&4780aQqFmXI;6e)ZJE`e4@X?9YD%{KFKFY^57P-KmfWei!>=yI9c#-k
zm7&BgjQKJ=X55E59ir9Vmt)xenFR+)mYUArsO?<5tA2%O>PukSxKnNxNRD$^iVIms
z2@RL8!M9^7T_6w73!o3giu>mgDWlH0YwrR^&fT?pf3_q+%CUvY{Uj1a^18zC0uzYa
zJY^fetHg1&D?oncL7!k((ijMj_-ks72_(`;XeXtl_TKb}G>2ymZwBQkvRxZ{7zn<5
zK|73}G=ayzqf-)#L9u>uYLJRvOGY+Js@?vcHdkx(cPpRse=yEBPuGxwBFi46g28dk
zz!YYQ5iQ2SQbc9<$Ekt)(8dz;w;=hQewNRj)=sYHl6P~k@w&fWo5N5Y_5UA8A>Us=
zW=}C!hJm@3q-MO2e>K2{xDKXFa{sC!W$!)eKp<DExZ0|qy><N~XuUD*vrRj}RK$uZ
z1i*FonYk0^>kqp=xlS6jF85F1*3#{FK25w{XSY`)6@(a2>*uuSq6jG>pJU$to2vgs
zJD>WfsGYD)G45uA_u}B$Bq`tHIpt{+`g8!L!65LFrj~a0e7jy+pE;z~)7aFWyJbS0
z3F=)1LpY;^#w##j&+=gUw!i-QzmH#^`@eMj4?bPnVNU3U3M@_E)v~fE&W{@dgJwp^
zikQYK=Q$pb0YIr{o2|4tdHNQrzV|}%Me13<a@smWRT@Va7UJVYKbD(q8bbGH*f*;7
zJ?REc0Q|B%i{dUTd8b$dh_+4A5w13|pXq&#yA5&vJ1?mkzxe$;yu~3n1uLm=rsHzW
z(b^trcbnw-fUV?^W&BM3&bawoVh<uQa?EHZEc`k05>5W(!(SR_9|0QBsnS2W5@bUO
z?g*^ZEM@L&fmsZT$p!8F&bnNS6fz;2XuB#XQBd}Nf3+MO*!D#uHPUHe8{YMj$^^AO
z=M^e$w)6#L&Jfam@AiQq7TnlX3NX2cpt_TtS65C4gz*HvP&VTGdy&om{12-k@$WfZ
z2eT{6!nQ*duBpY<?<ts(R*ZO)BEKW7Gw!G6E+JN!H#MF6qL$eb&?sC|X{n9|G8w(l
zF5M<!<<a4@cdHttH!HC(x`)YE!2GkQ_xZgJwRGsNWx2x4fcqyn@S^qEL(qA31xC<W
zU<DSr>AYzh7*T|B7zNj?R^1OF_cwS)4aQQgQfa|5hmUXCTE8Bi+y>nW?_l3Im53&=
zme+84*$#@8+}q!>@fqi$)w`9L#HHz46TNc$_cZuYo&`gC4oj3fCf%~Wdl&yNj0ZzO
zvWlu++17RLpI?dba<hnQ0B+LuWy_3Zy;vE9dlrQ6P4``G1E)>qnGIj?ru;+)hvcFJ
zOi3eMiHIf!9~sNnL_w~qLCs8mij2mVa!__Ky;pOVUToN6D9dQIHn)?$cM9B?OA?C@
za#_j9x6W{yg&4ZZUimJqrTvU|RC+Y8w7Ni@^X&y2;!j)s$um~o4m8EBR5!-h_|HF7
zq7@9pf4bYC{D*m${+M&bmC<sI!g}OF&5OJCK@M5q;{+4Y)IbntXTn3Dka1CezbdEP
zg_4;_HSCQs8b4ng@Svo`5+X^)w*>x_7=l~;+d|`^VKm%M;-!NCOQ$id#GdITpZ<V@
zV|KZn6|MSDZ!tyazyYYdFt`caETL=tn7k?l>{=5TW^cM?aJ{+yzG<5v{M%t_vpiYl
zF)B{iEGvCq>0cD6-hu3?Pd|nfSxKa~2xkHJk#y{ylvo59GCFn#dZ=Ue(Lg=xA2e2D
zmDL7OV3v=zQ?CA<(VjAh7_M-SXh;+S8n=y_@{C@0nLOOix_XLy2Rk_K4FmYjpVLh`
zXSRLtN;XL7TZ)?9iw~^6hNnCLebo&g*6WQ>4tiQA0O@zO6s1}lJzv7)=#Z>n0k#yb
z?7oq{0*qHc|Hv^^Oq{)*Of;qMKOf!6(WYMWCqu&piXth;C0G973*YJk-)91Prg(7|
zMYSU9;Fo%u=~^GYpTDVB5!ZrnDgnexj>ee+&w1IPya%vvBDkj0XRj-6GhUHuK5(02
zAg?i$4{Yp$UZ1h83_@9muxFDO{sRH;TesUNXt#@h${O!8+~QK_hd(@Aa`z<qb)rb@
z_21k?afj{cQHI`L8=^kF-viY7%XQx%9)l%Lah1|MWM^XAm=%N}TV>!HkHfJVzhX43
zn;*3-E7JkoT2DCX)zu74T|-5cng9+{*PT=bF#6U3=UvP}&$?<{7Ehzetl_R;9jR(9
zGU-!f$G~LXQbgSAy|0;H6k7+Q-+q^rM%h=UWR?N;l;~9}mj{*DMQC<5l{<!v;iT$U
z!Yb~w9E5km`{d}e$Vx$5vbRQ&nSGCg(jzHbR1IBBv}w>!ZF3n|S_ayH<3*igx~RJR
z50TgSBu&b=4p=<6eCkA|YsMjA85U@6LCeD(B(i#1BKg^huSd`-b_(f5-p)~eIeBB#
zQ?J{g{frw8;X$~^1>u7>^+U;1Gla1RG+d9v!yR&D!xN0Ct9Udm$L#Wui|(~(S=RU4
zP6>(l7x6no)^@VX82RQ2`R0G|X7hL9-p1nKYgRJ6c7{laKWX7I4rC1<B+U%B9hR7G
zduYF4Y@6vEso(_W@{=6LIq7~?X<Wl5ZtEI__B3u>J#SC{{OsAXQ3vj9UtNC|H7s0T
zI=i-Cb#3)Dc5Gd3ZS~|nGY4$GD2IbS^fVIksyRFO#?M?bBCR@ehAU3Os2xT-zRRNr
zJcITxBu((P`}`sqZ?@s4Sz-NV4vxSl^qd}3<#+Xj+@mo6Czoy{i2*m~x^UBy&X=FO
zH2O;YyK%x}XkId*^|$?h)VtCVM+JrKeyOQnyMBJ%&Iq66G$hh`pKqCMzwK<S)no#n
zpXEL#-hgO1<8LS4cpP}nuP`Y?q4w{DN4%8;Z*a-+yM-lsrQ`K`RCmx9-{u>RU1T6S
z`?RKbz3J8n=9GBgLcd<uuT!y(!zmF*P~+q!Q+2nr<q^gH`+lJS2?Y(9lY%Q?|4EO0
zgJ}JmXYD_(lb(e$l^I_%TicWWxvqo&um&y5%MgrZ&5!b<CsxA(l&)}@9v(sq`nwc;
zhZ8aJP!3n`9;sQ)=RKgAHnTeUA#*HG{qFTfI}Vh+>huivdw2y-Cw{K{y}9(>1Lo`>
zIJ!-YB=r>PnQ13dc{x-A?fCU%9PUB0j$U`jHJMOzuGF!N6_LL9(p0=*uS3f3e60y6
zXSA2V7y0t9oX=B|%ly^~<+XoMYj^gvh}3hknoKp-vF8He3N)v<Q)@7FApl+vI5K>>
z>ViH3u3zs*M`l0?!iAV;%~)WC%_d<8@aCqmL;2I!^8*g}{bVV`Z$-g|k>!*Raoe1R
zNJd#u=cEQqKyH9zHWBhQq?5nX<D~J*#2D$#t%+*0kFs!PM&LiHxSBX8H1<mN-1H}D
zuvMT)2S)~mUfaL@?J8%gB7uI?KsCQ)P=q**KIw{(aBBH!^^2(f<Fi%XlHoev>7lCo
z{rqh42aj>Pd)N}r2$&vl!dZyv;NghH$BTUJIp{7a3Xt{YKnF_~E-VKQ-Jjwd+M3Pb
zGSixUM#<fR>LDjIl(Z3(nwo-<50y`q%V^mFJiNXFpBd+f98-NuBtO;M`-ZGb@w*1O
zIRsPN4hb@o#8Tt**|-Y<!?I&$lfU%sG*uDKO_@~O-ll(fI7XR1<&iQX%iSjqzs4qM
z)<s*%ahsiGN|&Qto2_kKI;lD;I1Vc{a{oHuCktTUrQX%C)oWWhI<;y4mEv{$v1X=c
zT%~4t1j9Y25*kRsqmpSn3zU$9sH4sLbUuRdV372GM=ewn9YZTMpd^TUU00<Ov_k6M
zp#U3(iFeQvY9OY57(o-Ycz%swG{PuSBS>pE_Xo2G^rJXcf`w<2TYy0+^s8cd1buPq
zi|rbV%T4?A5rxPH-Gj%LgE}<UYwQp5zLTdA@M^}q%elOMuZhFP;110J=z872Jt6kY
zf0-kE#sFxIfqmSvfVzX8XV;47oNKv~hoP?rDt>e|YHA1=3%)+pu!&dNtX;OD1!}vK
z3^E)~aMh@vK(PLGFy1~#+0}?FU-W|YaohbEWMJLST1GhV^xBu}`wz`hKznjoNP&N-
z`Qn(Qxk&xzMPAEe)V+tvoNWwY={(#wlyv@7A<6IgD1YrFuzn?|Zil1D$fv%a4+R}#
zRLOi)0lES8Iw!4GP)oSMTn7eN6a2-1`z(O|aAUn$)6-vDwd1S*^~o>{)Q!K8*acnz
zwzke*dl<fY<nPOVcWG0)zuoPN7ds2*Y=3<mbr7A4qGg&6kaoFQ;O~xh3HDT}Xk|b)
zL#JTtH_c38fZ)#fl3%$*K6sk_nB)O^c3fF}0<X7IUV-xWnnY_IOBPFnFCqy$U58;g
zX`2Af5<c!kU}IM576-8LehYM@CH`Q=E3yk}iuu*K(DG*uVD0l@1Y6=okK@BAXZS(B
zftcb&^10$|k{_65(~%BbS=+es3IhVkzLzkL4x4CSY2`g-Yr`KFzIXLZz0-&nW!-S>
z_rcL*|6sPePx<WII3vq_`}`LYSR8BDLg1!My)B{y;mzBy@Pvjr0txHwqq&4CcDg&y
zM6<F=w=8P%PmxYq<(0J*Nb+wc_~#-iJw)JQDBir-Nr&hTR)lO!a?n~E_Gvi3a2+6+
z-{g_`%WZsz8s*WRpJ;hB@&)=^*;lN&)VD2&PJ0v9ZVzmShu(0hIq~(A13<b&Du4{y
zPpb|ScSpx_$LkzsU9*vp<s$<e*sMf_e*x&xHNTSs<qEprm9FYsr_se;p>`Ho?aY|m
zhPnELWmgM3myFnr`c;}9&l|>U0giePPH<xaXrQ-lN6iH2L3F$c2S#X4DYd$7*=iCB
zU$Yh`3FFjjhX4q*iu=n*)r^=-R}X%OV1!SO)qOR}l0`07y64}*<Y5Po{Y9MX!iCAr
z9S>28kVbJ9MwIjGuUx>k;@j5cOG+txUKK{Yq_90XCIRK-ELzVlx7-WcbV%N>42Im`
zr^=oPwG(}D`HJMtw42lKvA*i$^>4wXfHM<cR+SX3xQ(>_FX>**&*(CQ>$inXX2;||
zbrWXxL@{<0)@{hmU!xZz96xOLGHu)`7QVFEbk<QIDBNTk_DaOup3xgQ(I-2^Fx<Si
zkCfWX)5oD#bl4pUXj*m5e3a%k&Z{YhYy3lQoE6XRk~?atCD%PCY!*v8+JtXrGdpMu
zm?k#$nxp|eZXv2JUwP_l@OHoh4lNTC0;f8*0guR!s~KkrmF4|xbuolQa$9&7zk4`K
z!RRTDPyPdiMR?;cfW!t_j~D+|$=p{Bt`6_!2geF<W$Q-n4cM-K4)jW&xh(u5|0v`w
zPpK`V8qcY&3{0zEIeLY7N7(kfU#a4sY92I)`1106J|37G8=5G=|2R48>o`b}@3?(=
z8=I4U+C_Z?D~2f4EwTzl8CUE(v_PtSAKr{MmztG7ttm~)E$Ol7?J3CV5eob3K&B+@
zP#7$wA&z#s>bsri>|_7=eyGooQyu3v_=t+qvNLBZ84K=B-b~iSyS0wv(_|Ct^*!XH
zlY&ZOz^nBNdwJhKzaA|#spP7a2+k$@mkqypi-3x3*|wlKG$bXJb@qvaQ<N@g=4gSk
z_%DhDthIavsG)0ct=?2bE%;K3@1gXgRCO<55hH?$LXfq~ezjYe-UXwD3TJ0n;DGAq
zWM<>z`*L#4uPP7*XZ7G5!!9J6iU7k@vmS($7d`OdfgI8j@<5B;P7~Uc2}v7hg*c+v
z%}_;g8$(UoIzehA-aECHUGh7%2N>=^*6y-0A}5c}fe?saWQLjWpg-<AO-16Z$_Hzi
z`qFAC?Wx`qz@5$_W5Mkh7#Ud4lUHLir{&{O;4yk?@_V`y^<PV=?kU9wozXjs|AuSL
z%q{58$VdCUaP06KQLsZ;5AlPQ**UvSt&`anEE0mPyV(#blosB7%>=V{JUmnjqP3==
zF>-v_mVeornVm>~jZnP3jwSdY5n1&t|Kbg4@0whpk@rZy8%YE`FT0<iMF%HApMYem
z6SfGlZ-ryo|4d#3a-9gc=&CrOw|d(7wVm{^paVO40AgR?E7#gdk7SU(InAfN3R+vL
z=dH6$ZMZ`h{YRi#A(24>-8>}Exx;2}!JGgC>Fd)9_VWwzn2J1^i8UhM5n_cB`_1Rh
z%k+zY<ALuBchYMQU^?ZsNB%+c@C(RG4-ohet5J7aMi&@n&2VfHXtsBmev_BXt{+R?
zB)!=1J{|;KyYei3-aJ1~r+m(QulTK){f>YTG2r_q_(_```7ob)NWZEN-ONxt74+>j
zp>E)<J@wln1#KC2x=PWyb#>LX^2=amxbLr!$VKa^bL3yf$-41IOJw5y+A@m<7ntY5
zORT`!<xwomyVI%`-3i-OQ0b1<eG;C+;i`FQS~~~ajh`xAC`YTPjsEjZ<rGvNIBAex
zb2PNjqTbbNK@F-)ehQIxuCDTl#yhfF*d^uM3_PY)LZ$AXtgCq+mvdb|m-l%}_~Gye
zgD8h>g*bJS_Oey+6s&!vxrap@^oq-r>WbI3<N!9Wf?zMz{5@J5OZO{WSHer6P<+Y#
zsBBNlQ(rPYde$xMQBYIn_M`Qn3z2rx4#keg<wRm>HS1A<W5H#+AbzNC9V?!4J;W&|
znMJJGiv|etqHW%V!coSTA>56#>gz8LNkCniXW-{@gv+k+;(kCz`p|tlc{KUa>FjM)
zV%Yu#2u;HwF5>hncOG8TebEnuAh0|f*X{&F@H_nHq;`ZV2)?GWQMDYU&0nXk)RH=&
zinWzQu6iN{dZtkOT|}LxyYY~+yHLU$y{R5{rvg|U^K&|C`7oB^$oIrle(iGgAf9X>
z1{LOXMfrlrS`eib7s^D0G53DcyInQ?H(CSZm@qn9p$L#Wt@>6VJWuZa(a|#u(TIrE
za?^5iXKPD$a87I_=DqWYTk}?-lq&9t?NK_)WaD__F$h=^vtF{fnW&3l%>~hmB7CDQ
ztg?zZxt!#jq%hQuqAY=NhuNEp_q8)C%=wCnhhG+~{H$9}>h%A}1IwiBwlkc?cD=Nc
z5h0+#y=X!uACn(m&0%=G(7G#RxF`$F2r@(DuW-VKvfF`5;X%tvUi(96QK6e=TxM!C
zI%q@1>jC`1)!PQ77P6I_Cw=SJM*IXRJ0xP2gZ*@7o3{k$Ci;9D50;$bQ6eR#ol8Tu
zv`DfERZGEl)ZUGA2b;QZS<r#Sb|@rIQLFoX4VWalRckJ`<~7{13D;(X_QD1we6H=y
zkvCjsfONTI=pgymm3W<U4#N`P!}vYZ=mdF_0lKmCxbC&&lRN12+;Q*E>+^Fj*nnEu
z`^|r*_Put66K8q#<B5f$()J#rO1y1kOcU`QRXiHw=_$gcTziS+a074zh{WhlG8&q+
z@YG)Xfo#33bX;vX_9Wu8RV?VLxvD$RdtoRRrgR`R@575#jlFak^SI0pkKl-#FSmgO
zUR*pc0z7+C{I91f?8hJ!6oHSu0jQv!w{0+ebk0`2`Ipz+GugZ!QjdCwG^c+fb>J&J
zX4PM2Z4DX*nS?3`)$)9@UStcq-DweS|A(JZ8$`Vkg^~_<VL{vJH|ar{2I>1geTV8E
zwHZ5he1R5J?sn0akBz2lxQ9_CO&NAf+SjGAgDUlH%j25D^i6%MT^GI|`Q3$p21p+D
z0nTr<6tb<{I>iwK)?+}m=hKgd=kszDUyzEQ&1|_C`d(+h-JR-fqUts1oIZ*Mm3k+~
zx8s{S)A}!swlqM7ZZOiM6fQ~INX)e7t5kY{QP(!kLY;~e@KmfH1F-@P=dSx(THhk<
z2vgR@kg&P>cPaJ!*YUhYM(cIrjIH<ceEk2RG1jcy494JT71w1yI?_}y!2hVy>wS1n
z^|N)V%PXQwB8ClH=&;s!ulagL49&c=P<)Zfza!TC;Gp=bSU7X3c-ndH=+NI6;2$!x
z`3xZpj|*_@D;~K(*`?*m_fKg<lhjKZvpa*W&5>Xn&i~pUp}FDX$Tzgdd@dN_kNoRm
z7x0%FCePIAyDaMUDgT)^0=!wdBmSH`0CsqOe2;@S-_syjPP#wql+mZw6<gg;6F>k)
z<ieiLMQOt|ME=qs4#)WO?Y78<tk-eM%)o^n`(q?y6ah}kIv-(s<MmvR0nV#ai9Z*t
zvF=N#{)MN+q_4YLN~nIyDRLcBdIims#gtj~<>Vd^@$$2p-|-b_<Jv*}J&QWObl(Ey
z?=+>p#a9(eGXYCJ?YS3_xY5>!d>o(c_lJ>?J1kII%^+S68xt))h=x<v?|Khz)*Z{Y
zZ9zCq(_SVXR3}7F%NPCK76y~6mN$0^j=KM-KOG?JlUk<CqnaxFTV!2^&_@D5q5#l+
z>p7-G%wQ@HNiDPayp{4_{&r@p$c>6oG1xP!%Xg7*qRi!j!(7CXa2`jNTHEh2^xIc1
z(TKikBirlS8c&AqQK#>z??O>5b=Kj5Iv8u3Ah8Q|ug<|hk9{-}lYoC@a}ey(i`UDO
zBC0{YJ5yEdkjKI>1q|nam<DzsFZg)mmwaq{TQ9=dq;&`vdT(LEGE`^t7%xHP<Fw)N
zwEU%$QWAi=FZH`VE6G{vPnO}agD55jpl?fu?i|pinMeN}=p8?U>J$w(#`XUJdO(H0
zK&VkWk8VdKL;aGbiIjJ89AD!h5z)#MbTy*FNIU|G5lK@tOj%!fFK9O0l;;~4^oBt2
zq4&KMg`S{{3_+JbYdI$adPfo!_VU;D2%Tl=1hEX>lqjK`aFo)FL@UwJ<%i3HakBCR
z9kTJ5W$2%WmnflJtVBavY{7pO`YTcYKYR=RYrYr_x8#4!pW-Ila)A0czAkg9)h1Rp
zB5|9qY(#y0y|NJ%<9ub~|66&2{)stdr9dY~$6_VQIs1jg#Y#jIg16Ljoc*$L_QUD%
z#pNHprAvJ(=l}4#gVQ(1Z_nOD<K)rCn0fv??M`>E+W%{NfB%d9=aYP%pntsPY={m5
zIzZ4YPyRO>l9UZs4$@Q?;{!ec<@ms`Vl|tD#pRe}1xci40}ntw#+4^e&`&$jezf;9
zYN3DN40Sr2sN3$gS2oc5Jb@a1-smQ+OAfOib-K|WYN4OBoPbVQLB!8%Ab-8s+Pb~H
zjeZ$$HjH96hNO?QBw0+h5-Rc(PqzN?`r_=(mIwZ84e4uu^u+r`{{Y{&yzdnf>uw^u
zW+Lr<JCTDVAxWSLvRt*gLAv%cN=O1xF>-xWb>?23s5rN_e-EwcP$$@m0Zs++u-mcN
z?O5zy1D_qz5JOSmf(*)3kixybEnhz(G1~4_CO7MKcm@elT!uNCXpmy4{E4OVT+QG_
z{glPm^5;H5oQ&BGNzj0^v0oIe9?h;nv-{klxv_CFme}E}c(Jj8E;K;9%41S+8jBtn
zo$R+jF@;>!*Xm#J^Eqc@QjAC`kQA(kI^1&I%+y;4D2*xaN!Q-Ut8?Z2D3Xjh84!*}
zgcC=@Lt2c=J`gaF@>a@*Eu7(WQqWkma*N4UKV|)`F%|{kTOr?WDZ>Mp>DL!LSG#UC
zJ9agfJDS@LMB9MqJX;Dx*V0$*X<#|Y-l=`F^lt{;b9i^E#HwO8OAhe~y-H%d#vvG~
zC%Kllif#}$vvy@>C}*OOXY=1FD)7*sTTd=<)NUoDPjS}jv|GHp+p|Zp=g-l1EDaeO
zrsPt&mm-oSIip$8Q>UV*-A?)`oKqpmrUwJYAj~AVzzt7%8=^S3v0xD{5E)}?=e(;}
zoSgGc^XZa0owsYQ1F^zq`g_w&y648(v1@C`Igz5&4MBu+#?hDvfrpYi6eZ83uqZ`S
zDISh<ICN59L1jMVI3XrV-oXcMcFJzhc6IM&QDrCE{p0VPj^ycT7F{!o?)Fl%=zbQn
zaJT}?%%D+_KrA!$F$8ejoF&5D6q2!0QBY=W7$~74W;cXSRyMR?QfV8bDxE+XV9lOK
zOvrJ+x7=8>Z*wapQ~-leEF3c3jce;2%V@#4qBr0?pbEKbLEk1T8|a*q8<G`JhWea|
z;ycE!4Jqo&jogvAgsXo5kCj3S1T=xZ>mnyH9ZV3mFM$9>j5Qg=DBv833Q-cJFcqo#
z1r152vjG&cb*4xuj7d4cos5p5sm}A|Xli8xy()(TdWTv%)*w>MHln~EqPua5m_F+0
z0G>dvNn&ucoEa`uhfv!hw7(QW9mkGwn$wI-vEprc&vY!;*-?@x4CT1OITph2w~lTo
zw(b!f5e-y{lN+4HB$0a<V_|5jBK@gwek1AmYi7h5DJ{YF=QO^Sv{mN5ge@6)U!Gev
zv~bw(8tj+Zxc28DMz=jNdPnho;A;Net<D<M9J(wfDbWO!bCwfcOw<<Kik8@J-E5;i
z%`l(HUvFqaxV2TfQMRW?S!A_7gA1S??Ru*PcfeU(pst(9;fUR4s9z3|B&}O1R-(5w
zEALQjT4qg94E|db!?QR|m7N2{xD=A=QZ@t=3%bQTlZ;t&n%7*)=#qh{)Is@Bp}b$B
z^wzgy@oER#SY@#}Cz46G)WK-EED)Vh0{ND%?13AgZ3bA1QMEsZ%dZ`E?GA1$daq2x
z*Cph=rEh}i@<)>Ffw3c3k<o$PwxD+_I-hr8KwbTsU~P0eqVWjfR4_Cog;HhmJf$R&
zm$bZya!$t>E?!9*@`}Q+=1Ld&o=nu;Yeti|kP^uxED&AyqC2%ScMfYy(w&{A1yRDl
zm~n!N5zbHtohwx26<IM^TwYx|*p@8AwN?s14W~W{ibuU7Lz+2YmIT{NTusm6X4=?z
z#R&%fu9&-&o#i6-{17sbm}AB{iHq<Tx%o}1N!KCfw*B}nXM*_ps}@w?Lc<mD1};7>
zT>A_GYocC(J4n%vR*lWb9X0YL$(ItWpGWOK{7^o(C$b%Nx@H#L-KuI=FnPgCt{1Y?
z!-Mk=hu@w3aEfRq3W5_UGjhfX1h;j_#ejrw7)=n)CIHVo><UcDXL2cgT##gh3u_~R
zh)c?eJn6#2xnps5iuR>Gwo0#y8RH4fa6yEmoG~3z6~BXg>S;%vcJuTlE%XU40zpdd
zV7KQ0Jh$&xO-+5yu1Ti(K}&H2p^@y}Vp_ar{76eUFF-Qwd8-CpJjxu2f~F~wk1Mh~
zdgaD`X2+hs*g3(;n7C*6Yo3*7P+n;o$64#N*YLWYWaE3g_PwfgVoVD<bg#hV{8Q6H
zKfRMYk7ffl!%zg<9h0meJg^NVEEZdaj@(%Cc8SJ`cK~(_hMlS<Gq9fsA|ws0y+2vE
z;sDJgV^<==n8uuGWzGTLt^qEWO^l@!QcQ9tfm|FP9KAaR4G_b~O42jbpCB+4DlJNY
z45Ql57}JZ<{k<b%PqlZi%;in{(X&6CH|<ByeC}kX@oa{b**BEtoS~G)BohR!N#QOf
zaOtlDtHNmtR1mol-1+ycJT>=~(zX-St5%5YscT7H@uJ}JwL&5xiY8dv)~5>AaWbT$
z;1gw%je}u~l}=fc)K>)__F&ox1Cu&@Td#oWn_gX;9s&49FPbTisczK;t$N#`Rd2u3
zt9w(Fea(&i*Plx<uqWy4d31-~YpYd-*1Tihr$vUxR2_7&Rd7Pg88<(<A)h>Nx7U@S
z?%ny>#nr*-)yBrk209riZwwW>0g;m+5#wmWN`zBrN(DC*&Yaq7mC&`G8^;(GUMjx5
zz9~gSL9Ft+v5_!PZ1G?q<(Ua9H#YuSK_s&_JGt|K11CtSBvRru$=v5^*vtR>wjPIq
zmw<wVV46U|ZJKj(10LJw(cM<39o>B;yzPlBJ;C^9o_a?v<YEA5eOR`Q#B)#%QD+Gw
z+<vtE$8(i+Gl_Q8*|oE1SGbB=(MvkaNb;Vi7bKw|j>^O2v^A3{0fD|w5s$nflmn_v
zeGifmsz$^xd_iJmam&yt=rxy@Z&5+`SPCwB{Wuw<5(W7hj*Akf=*NS1ZzZQG<D%rm
zA9mXgTb)_VGUb@@^-&3POtoJJiI~&85I(%Ff#-Rcj<k<6*l^IROw|t`LdQa=a_}*}
zJ7ig=mOw1O#O*1_+Pt(C@W4_Kex8;?nwbi~Ak6#7?>nf^Ezm$1fHnmMt6>V-G8L_C
zpm!{x1F10fRF$P30)AJmZ>)ZELq4-ZZZE%Qp{VUG&%T8^)0^eo+)_$U61|aGV$@xo
zm;fw=CCW;zr5wcizmPZ}m_0kHqrXeN8QL0nc%be%zxIQDf7iUf41d`J{_<)0$zHT=
z<@|ROc}rS~_yuzn^+Pk%%Q=CzcZbTT-E-2Oo3!N>?u5K!Hv|bb4(?%X2``woaup*o
zk>X&PCQ>lOaSSStYBD(@NR)lJGu=qr(<5Dy@E|K|Hi}a!PhspGPy-c@wNV~np}7*g
zQjFyN=~IK{9(&7dX1C`0R_6f-^$<jT^c_jZh?ATN3P5Vs)v}&;pnBBAASglxc5z`N
z4=kBG?*~a7bj^OUY2|;W>?E0VC_HUH>n&ux_nzvPV$x@K)6k>sP6V>p7x@R|pBh=`
z<@0DS>O2d?*V*!q+VigQg3CScE@6h<i#mS*d+K->m!#{)o6F2@*IY!IZwa|9SPn@j
zW>1uyA_`9M7>!v{rUdm#j3w33LT+ouZo!MkiT>S<uy022;v*yv6{ycxAqtLjS7=Hb
zC0K^W1p1)LtI5IIv#>f-R}B=AV*_*LOwDw+=H1h?tK-Y4xGRtf$fTLEMbd1*_!#b6
z2V%#9Si+~W8|{B`QrM059oE|hYwrRma6x07rW0$NGFQK0fFOev4A~sC$T@t))YG5`
z_lX2Vzz&<ByzHkmPAA$b4hP)N9aAH)48<uc6YI$`cS+Z{|3l0#z`}(}#S>fBTqB|T
zTLAJN<2X)9(svL$2I6j&7L`fs{OFY?!8vC9u5sJ~IV?jByPuvKW}diQsvcnG(jKlw
zuCy9{+A|BYqs8=hcv6w5NrJA}IL3w41Fn?lfc^%uL|#C#1P9}}1yS|vcxY*rN*PId
z=p1uACI#Wb!FgukR86%NLmVeVtVAg%X=|IGgSKy=g{~~A+318|IkmH#WS*MiUf(mX
zw?oTdPur;oKgkBHXDmvJ1-aLi4x4j-S?5yRjtN%l8rO3Lf(|LEa|a>D6J^ZjWrq4>
zp!`t;t=ctejj&%)Z#C>j;zr)KBkzP$Zwd&*x8id9pW9I>$cbE?EGCDXBqS>+PDRh-
z)mCM~DN5Op#t?Nd&gT;Fen7z8dUsRT_@E{79VgWus(VH|aiR97@jA@X)4IlWTmk3V
z)dOo@oL>gban!edu$+V2ws4oQ|L#N`17X`@Mr*V&b5MY_LiE|qwh7!34n*4n;YrCt
zigr245|YIeWg!$gxX*Ay^<|_De7+s9SF@wjM#g8+ezXmn=zEZijdOX5=ysYYqN{Bj
za;>W-4o>8n$cZ{#!)1~?$JkD1TZQ@w4{CcF>N|+#owC@VGLuKM2foW5QZ_3Fu4*F@
zRrJu1I8Q=<9Twq9v=2sAZPsD?+#uVYmd2ceT#oz;qZ#~LROPa+V$c;R$C)UV=Udsp
z<ooEFOhAK31w%2*sfmfyl0$;}lR$@2BgqxClXml^nU!InjXq0=A8!o;Ehi!;aUqOI
zX`*N04N!|AYC$3*-`_F-ZQ!$;<bKU0wY>+&BhpIoL?IQAFwLYA1QoSaVBQ-z?dTBX
zq)THXGXXz}b#N^g2@u+Ptr59H+rZJRuU388+4FW#-$&fHSnBIQ&hHjal(O&fj-DyV
z+>@Ijmr5|H1VA=~a$%(trHNs5dGhA!_~M;J=@)#1-N3sw1Dmk*q*U5C3C(EQ!P7Gw
z7kGzRa$im8s#|Ufx+vuBH5(@5e%MC^?6v{h4Pz^mdX%!EPJIwBkSG$u;Z&t;2*HYy
zW+3E<+z^kCbS<i$@ix!XNu{fo*OWrVJm-^^3fgN)#?;#cv(wB#qu!>9|94k+Xr=TV
z(L!@<Yx~h!IY>uD>iblTC9x%T$#Bj60uPW>5M{g4!JW!Jwe)@iGsu+!0zrrnt}}h!
z9W$-jE^vP9lIMaZB*t7+0yF(E+Kk+)P*b(kD8&<27K&q#TiDMGkNtz*ZWvTw?Km0J
zOa;MKWpO=zllzdHuydbFD=XZA1lp_Gog)~_9`=q$zB|FS>{(Zi?+UoM4p}x({zju7
zY8L2OWdf|xn$Kt)z(fC`-nv7^(tUUO?vUeNUcN;po1Yp_iPkpPd^K_%0q=~^Nmg){
zl(Af+rosR{G@vBaiI;uGQi3zkLnDWoBb)8Y9c+bkunx%e_Cy2C2B|=UQtH)e!RUW*
z-x)(X9(gQb>)wvK20}a9wmiEMcW7w#&EYwUouC~3B3OoSS&ZZtabVGCN87t|pg~ZS
zy~_(u$0$+Sw$q4xk#_*!yEmvn+g&6tp0&LlIQlr23fj7dgJstZ@qrSD)7O_)#-T)@
z-Uz>f?A0U6bzaj5AK?PazdhKN=soMxNfvXdDjUw7b9OiR&@TrA#TNcUJOGwZJ5`M-
zfuK?yZUBYeRQxh4`|b-XKbkCCRIksV8_X&AdTy~m35iq8RYKwAwmF0X^-C2w4UE+~
z@zE)})wHKfF!JZfn?t8&4oYZ{GNgRNh5sX?XL!|*JW!T^J=I0-)%#5E7O281bwwLa
zI?oiHbfY`8W=X{(fbMe()VHK4EAbJFg*NwiZ#=7eBU7@N)-9C%$rN4i-rYCv29mqH
zN^IuhEvDN4>j?rjT@NSPzJyK8PC<lv9xB#IIkNN?t!s%eRQJGPB)PVq)AqsM3%$CO
zJ0`hYni|V2l$T&CwZbVIi4Gr?HyJ6sC{mUY6w7x!<Sc>L$D%^e3AiC4ge_*7U@3Xa
zhM*huyu^W?m-Y&ff$UzBe#H&!hq>mQfgh;{hvYS9<DRixb9|iLP|h-`#r;#C4u4hK
z7W|%Xy5^p`01Mzt1?{NwyymsJEV%2GWaA;1AUrdUl4c-jM?3f-5WH9CVd&||V|mn7
z>{r1|Ah9lHG8N|KhHux5K6e7`sI4G$tbI;`=xjG``sL+!m1{#n@&<75?2>v4za(%i
zG#tGGec+byM3<qmcTmSz=;YhY+`m`kY0t=yAYRm{q#a|QldyIgT+!O0t{DF{H7Ro)
zW1IuR2>Ak1`g{TBS{*!GXnyM}`#Nye7fC&FNiz(95xezJOh(Er+GOP7)r3QBw;nZr
zi43QLAZF`2F)C_YH3m4?Hf=f#AAzM-3{k~sD?yHUX}w1DR|2)KJy_t|2Do?FOrE1X
z8j+NT^(Ah<Gb_|nCOx_N));B#4UA2$Iiw>2fHA&SYD*}drjp5Ul9PfK^oBSDyB5K&
zca#S-14DBnS)a}sKz&FWQ2K$?w4}zOG85#${>jT(;;li)rvE>$+`iW9tOyh^mJ?M_
zz2DVOW1Ksv?HZ_axWHc2*>`MUTl@Ybh`nk^)Eyq@DG8m3sxGQY?6Oey>x%-^q#7t;
z81=wbdZtw6p1i%JaCiPs59XfD#Rr<~Jl9L+l0kCL`jP}Og?kAMK`Ab?cx39Tz*VdR
zXc7n7Cip5X2tdCgML~F78e5=H`Gux>4x&xvRWdz5e24k9YNLY2I5#37;MM!}ckg9e
zbwKR_ynK+cVnjIPHo+NV!y(Kv^R*yVxX(edg#navGFY?4AauffZ-q-`Cl`a%4zim8
z(0tn5bF|s@a^#*h;-X9dreZca_j89FB$o%b-w3JURhNF;uFNBtM#_fFz2x#sL(D^d
zs*RR*0r9ldEp_T?o+pZOFhD82Cf19XuvkR+Rz!G=|HCpcoRe#@1?7y3Ey-PnB~8ed
z&ayJKjaz!q7H27mM#VT?chhLsOk@5Y?z%nfXgSGcwpx<xDNjN)PI}tMh1Rrzq>#sT
z-GkAofuZ-n+{-M;h|<cZl>a<1?FLl*1Zb_fi4=>GW5d2-E40*D=+7;1$5SpzfykZY
z;I!~9B9Z&&xxV6FuCDf+U%+@)z&GH=cxK1wF0mihxg$aBTM!+eGL7rZ)Ui?P5h(r+
zMkRyT-wxk4RQ1hB0kos-O|au>vnk2<ddeYf+HXB42w3#ILa0i+xE;}gq?&DnDLQq)
zib+mh`ZlMYL(cN4y+-DOvx$y%7$D+Q8mIC1Cz_S@8r7a2!lFfm8+W^YTq*OJVum4y
zvsC9`*yFj|%<e~CAg(fDNDXV#q)sM@2&GV#pp%1lNOBYpTYHGz`S`&_g@85tEIYm-
zd~&HWpn981k_+8HsuZNkH}j1_Py<08WRe&swFGIDWMz4=$XHgez0^UnjIHga<6rm=
z+t3&;mxSEWLMTd;D!5kIb52^2@g=o_p_XRcC^pB@U0g1}54F&%i{pduPfp(;Rl4l*
zuNxbG@AGe0Ha3pVemK24d3TK7oxJ((3cWf;7svni{mI4g5qf=gfeud5`|~#!2S>+$
z{ojcb9G9X{?y(WEpryLSOC9S<GxU>Qmk%m1Y@GbOR{dsOBI*t5@?E4huK|NHXb7mc
z7wtxOy-1Z1G~ZIW4jE)m#@Dx)Cs0Nd7qp*}jSXGtLW&G&V&7TowWH_JZVzxcWje3G
z)o0$=aENVesBl@G8L5_j1)&Y7>1^^PeZD)w!ek=-6<rd7e)7!QKd<?PmMm|O)N)NG
z0!)qoy@CT3nwm(0Ft`M@ll77m@H`CUt>?%h?b1a?Wgp6OMq*?#f&>T(UJ{VP38yK-
zwmnl_#f`R9f^6Ejrv!L@&#L3x6Th_Em1aW^oGVe#Y2>7}H;h)=b(#A*gJ11ylFKjh
zj_xk2A9VQI9Pz13d=?AbHnIf3u-vICmdysywjlPr>{Pc4XI4TM*E9!1Y-_-HE9qA=
zjNycQ)oKY+ph{w`Vmx1YL+#ZJHD}qv76d&Hm`iWnUT(V^GwyxpHZ`@|tc6+VO-^DT
zpi4(xMjPuIrxU=inWfK{0@3k6bW8$PH`GsojaX%p@DE_qR@XbdA<EYQo2^X`(TIsc
zc#v&^T6eh#I$GTI^TVD6=o$6$a)dcaRLfNtGAVSlsN@pbXyOCiu|Rj0z^oJP`9QWU
zkWPS^u8xQ}D^=+Vl}W7b=P6XW28t6HkJK#;<`~pdzT_=Z#9P({5yhM&qKC>13~1oD
zHbF0vnQJSFwPpfoLcyRlUB1Q$4!Twoyv1>r_;1mHDhFiZcvwc(l{8?iFjELo;T~U8
zLIGSu&T^yhSl=}DS5%BjF_Ozu;Uq#Oxk%Qoy!{CyLZPH$DExJ_WbA}yW6)GJc~qE*
zx_Y4OcPB!JEW05(-^zF-<WJp5W&LQ=U+7VWC$=MNz;23lP<XYc@j7DJSA`agy<=vL
ziNY_NRbMa*U_ZA67|@^64zI~%%j$_<r(IXy3j(!NjUDZAbS7OJfbR|WEX?s!+B6;K
zDIH8Krzpx?rKOD+FNoSw8hY+np9l}EOOD%}I*TS3zt747jg;pMLljP6=TQ+UK2VqY
z)~yN>=6D{QpJ>ma6YvxzauQ1s+bfxABFwxIc56mhgoSK-Fl@3}sQA}iPXF}!;P-q_
zUEoyk0_DQOQ!w0i!*BurHmPN&Ggv>6r*UgiVe+x$t0R);Y88)EM!c66CPngujWNyY
z3^stG%~IQLveAJNSni}VcIs2A*o`0hAqi1caYd{wOeqezBSZxkgtis`*xIF9YI8dt
z2$!F<j3m}kEm|NfPO1XuzN1@JK@WMZ;*3&9=o6BmvB`U-84AP5ENVM0U#22;)tf?b
zhEC3%)dB90mI|0M<v@i8e7gp?F$`9#e0r~SYhKeQR*@nkz0#~O1nTSZet!xNrp+p;
z2!wv*hmzaII88Uvm?X3utB^p<hosK!2Y}t)dV;zj$hOEAo=YUu<~*9z9uwm=4U2_B
zZequ!vMeLuwWA#m$n!AKYu;`<!=pLjyi7gjy6tk)YNRI}@2ccNb^j){`EK%}sER||
zE-7tqsp)Qe&)I0OmWl?e^1*GFtu{SKZAh=YDc)bag{@OPcTC`q2Xr^cU{d!yNr}GU
zlYXQN22xFURqMDeG2}tCr*s*6Sld$%woPc^WH|}E?eVc~6A?J^Nf5*gDQT;EeM3|E
z1QmGbldpZ%Ey`t`dDzb{fxzo?oplCLWKg_3Yvr7bsUW7Anm3M3Yg&fWwmm(gYh!^X
zGmNgax+4~oERJHv$vI=`CH)WS`C#qpIVnL$q?8$GP_~X_FRZx^(NX;}OHvXI2!`Sk
zVZCWJfX#Q<ZdObG@$O$}tm>=z29mCh)j7y{_qqRarE<-P-~{vxQy$lY(6Pw|p+m3&
zqBpgxJ`9^`;Blx!bH~fm=NYGh+>o1&3QzEI<&1N-&QToO@L9N0d=&P>)SrNcrX4UB
zT8KCYA>y!BnCV8HJqxrub8V(2JRge5E=%Wt>6h^}DUPLHEP5)+sUasx!L>POo;Y|x
z@)XBJ;>6RQVbI1yemf*Z4<#ircW_2-b(Ohs1^Bi_y4~#FRd<fD9M_2S$~2jq^g(|B
zm-@AYt?aqS*}Pn#RJSImceUsXB$*fdreL<~CawjUj1;$wU!z=gDU_5w<jiCGE_WwH
z2~-}rM$W1J&qG}pQHuY{CvC27b)AFUxbA^|=0Lj}MVD!*EzaV-YmdiHMRTy(*jh<*
z>A6!`zql+|%h(%Sx~R1`c*E`0p{hte4EFZk*{yxYba~*UP$>a+swjuK3LQlSofB<m
zu@q;+G9+nxT-u?XOc|P<ba%JWS}AI_2(nKlm(p#0bTu7+Yqo1(E7VUF$>_e8m5hj>
z?S=|1#cApT?z%;3Hi3JqQ8i%r*&2H@q{o=$6NGK9zmlvAh7K;SPF^1zUY%Y1_~E;=
zcgIj<y&~!O$r($Ceb2r7yQA+AfDvBchbIsPT&ZaklT9n$3Twwnlt}J_wL!_<?yTuM
zABFLM1$xpHiFfqnFb%oN)&K5YV7~!+-$s9zQZ~(q5Wl7LhRA<>d(K&(L^&=-s&=c6
zs??4XT#SUv3mOre7Ne>urlYSKm;KR%)3kZwQswM8lea=bnYfJQPdyW6Gc5#NU5#}x
zRSr@xhn<=^fEU>8H-vZl<s|*Lx5JzV^|ln(RP16tk>p)X5z;wtR*?h#t6Wtkj0vh0
zd*gI##_`SC%Aj3UkWAc-OPo-OhF6Zt5v62CO2w3%2v~3!ajpXyedsQYz@4HWjOngU
zods1!`}UOqh87;c=QZ#^cq*n^?-(z%pjoWzDcurIY+Z2Rv;Iy$tAXt^<ehzaD+U&2
z6PBnF=hr=8_M9){5qM_Gc>oA|pgY?k=~QRxE*!%ByhDIuk6^_}H@&y^qS1+Xu_PHW
zRk~GFB)^VJ!(7Jk^vrX9csXm+Hrp8xc034SdPD8K6ypM?G{aKGbZLP;x!UmSB^1AB
zo(Z<&g7z!dhPG$>av-MZG!nXw7eJ`ou-gZ>LN}`Sb`HuXOh;D1j=~wOgz3N-HnCwD
zGte{76wr2SH5IQn6ND*UWFn8*0QD}9FaCLa@!?<Z-hMd#*VV<rhr_ee(_?wb_fRQ(
zTJw@3I!jTCz1p9<)Pc?tc94Cy$<JK^L9-?jY%chFsLCVNwGghK350X%VA{z4y@2=B
z1y{=>>RaY}UQx+69LMCGaLSTP60<CEs^4>UPURTQCW!}+u{}M8woj<kC9Ev|$`4=+
zmr7Q2KrDGKwL@J8z=q;?_Zye<;6EiN=vB)4)-d-fY_{Rx*&zJxQW#mPduA-JHUVLA
zQ78-}sF7L1J4v`PpPL~&O{Nq!Ft%&svr$nH4n`$+Kwm;-R(NR($~m&8c+k4`>!gsC
zwdJ1r0P5}s`IG~1lM3{4epW-1i*M93uLa|Fu<@bEMX8pGC4<6@XyRb(*1(v%*?Xqj
zoP=OgZJvb^V?!52mBIL)r>-VAcxL2@@sdNFW6X_Y^KO>7c~yDKsnjbUxf$`Pru-g=
zesy84qBea@BI{ZjKC_#x67_Z7S+7D<;Q!YpKnms^CJSia0$O0&9S6ZCE@+3#f)MP1
z-q)HO<UTBc#BS8t_F&lj7j21qHiKO2%vs9qq2$?6)85z0mjwRY9jzZO(d9NokMyKW
zpqg*E919~Wcu;KC%U%^qk3x!Hp^KaMTrzqOVmP5zV4?y&(g~siG{QFoVO?O<niv{~
zwmCD7H|V?Mh>C*KeyNJRc-3ZYoPXrOadcOO^ACK3jV!g=I`WS|%AjdgWO$5<4o~{4
zI=+*-m=|A7*EW5Bco#*y1g-5x&pi+}l)3xdrxT*Y_#0>GwQkkQNpi5B*MK_H`Or{}
zBu>jDtc-$arYZ!xBsrBM=b%2Tf$Ey#xhl7Aicp5B;~?0ig=Nn4ZuHDSa48GV{JW&u
zx6BsA(`t{tMQ51cl^h+I`1f75f>!Vr#Me9hHl;w{GtaD%E@uhCSwUN-=(ej2P_Wu9
za!_r;fX7m7WKj^38pgiLwc%w3(L1I~pVq@kR`7}Pm4mHKxY2BC!T!`>F6)!0&g72P
zj$VCufAMzRqi!2j>u5(CxOMiQiA{Od-f5#X6~;ADm53m+ny5azws~fnqC(Xl)OCvy
z%h0p-vkvejayP=IC`jVr;9~HfRd#c_6qy(D4U)T#`T>iHT(#1#wW0{AXDSAn5%<(N
zgb}v`*6(~6b-nql!`rL;;b1=dIcTBgQ52YDgY;el{fbK>i?u;mj`5b^q^~nz9PIrX
z*v>^hRsPHzxivUD#_zN4hgc^jphvaHKsQ}C+TPD$r1gTQ%Y(4{bI^>;KV5c(b52^;
z>Y-Oz3(`;l$t9SXcQNnNf~#s`E`g7QMaKLPDo7FDK*!mD@t8o-5tP!gO%pLa>SDRi
zTDn!vF~}+f&!!o?C)l9qAt|hlFi(0m>Dy+u`6CAmWU<K$fA-Ts7Cz0H9$(u%)1pwt
zL%K$V%vA|9=@`mu+Zu?T6Wym*)(dR#mI&T&9M0{#YeH8&$+N{W2f_84+YfY-gIr>d
zx>4K6U+$esr#E;9ME=Wd8`KoG99p}@0?BQRSz-d8dtzJXcH&#r(s<ns;ez=)AwgT^
z%?csCK8~+Rmh?1hGVye_#0N=2Uypvk8?9Y4+5*dH1>{|~jPCsX-;x#1Zf?T^4MVu4
zX%b_e__em$raUk(gJ3^;BU2_G1X`%Ciz+oHRnc9_U?uz-@@-QjID}iRm=Dw1an!Nv
zwG`T)_m*9Z9WMo9FPKA2w+bSP)>Q4uwkcHMx|i9P>RKEQ!g>&5(=X*#Ff^vwfz6j;
z1JrTDxI~1-cY52g+8r-0zuO>q>B6#Dpp0eEA8wIByvY6S+Ch#rU0=L9I5cuct<ZN~
zsU(8dt{6(#Z3cD6Ogahr$I+`p(-wj8^`L~5CkBl1-3PCELcJkJMO&)~5gW$0P#{s%
zUir(H&!c_9sMW2vCx^$Um&cDgM!Vf^@9pfs|J&_$<^SEi&i3wKIy>#oUU#S4-rN04
zyR+Td-~9_}KQ0>epHd3#e`!B>tm@?cBp)>Iqwn>%`c9wmr18FVqxL5H2hK_<h;-ZS
zoyM2sb)@URV;Cl4e7I#247OI}i&w`N?=I27=@B|SJ3TtNIypPNg#6w2m&cpv;`sdH
z?CAZW{CX3fIy$+$x;T0DUVZ}rIuSaug=9svqOn=kGg?JrBvqm@6hVXp7(P~2bZkX!
z8^*FJFH~EnXj6lN78<_I1!~u+>N))hx-@NMI#S_c<#2?atK?@YtSzgG7voci#Vnt2
zIvf><-DZSKc|}>6pg<Ml^gl43hEw;3D%m8^kmIZ{VxwLM4*@d7DLMwwQ%IDV7N&Jm
zE|7&a7OLW!2BV6%z)w<Eg`subwoR3)u8X(<(whjH84_L3S*qA9(~$IoCK(tPdcX+1
zHic?So-;v&TUEQ^W{*}ilvS9DKx=eey~=J0-_%xli3H8mzc)c4#9BDlP;^p;Tmg>8
zIKxAt^1}y6l<`O-wkaiZn0|kvu*U$~UzuAfsfls4M(MiR9x<Z13g;OV6O<DUc`<9d
z?f<h5!%2x=ExZ9#7NWoz=qqA`xs+=ZM7oapBqIYFQ=Ep-Jv`l(|H#T!w8l96i?6Qx
zyAGLR3B937DPeKs(}xB??g)=5Xd-@AAkdjQ1h6erq^62etU|GiDy8L|3<&2ch-R!S
zaX>j(m35)?I$<_g*?r{CraUAlk}6L|s)o0cyi{T+l3K-PB^^b9Q4egI^IwU*@Yu&0
zG)|gE9cL5u9VbEynBddY1%qR34oJaqCR{+DBxU(cYSmSY)baqh&2WMmMrE2Y8|M^M
z8P(NEP16Md1{3zVR}7hX!W8~hXLn2zilJtQH|-x7zn)?W5N0Vc20kPy%^d-nnQ7Pq
zaAtc>jW^L4iW^wrTb+N8FKtS0DhW{at?Ew@wtT^Gw~Q6gtVOdoZ30YGwKRl_0z*M8
z9Y!m$)gabfmS~VnscY;V<T=R_dWZTXWw+~Y6^;m}HyC`iazVsul>+1#^=qJKuOX>5
zFo^d-mS!0o#YB!Fsh_j4;#G1eWUP^@^oU~yB!Pf)oFYzcC~W1XZ-&`KB*lHk&0mb0
zZT3%-1}1MgB1l$js+i#05li7vAjavCLUGWkJ)h>shEENG<G+cj%coaQQnNAN-op2=
zFr17rwdWIR&Phs<>$0f|{c(~`P)f6FShzmTfKH^Iylyrfs+J9K441^FcSqVqokB{k
z4q*eg>xYt+>pQ-7$E#<+9$9ZZyMRWm(RZoELjnu-1ZY?X8=EDCS>Zyx#dss~o8F-)
zRLM!4riN{cvOlJUW*$cF0O|tFRfUesq1T_(i4|s-xo$nsd|UW}3RpJe@RHv9WQ5ZJ
zVuNPkWwF~Ht=c)QYFO&Nw``dW5L5=@ETi$J+=V_)fsSsud@lpxqs)xmP@V#R(TQ6q
zxlV;}hXvMOY|gxjEbsEiV3~&#8tbsRl!`)Z`d5|}g;c#+;j?fRhbKi1xFhuwYWwBQ
zr=%4tYx#@5>9LW33cS^Z%3xH)r4S~|UL~9vG4coCc<yQ<cV-d7xf*(mStfECm#h@&
z1dTDjRwg(r9T|~}2s+HPAszMz7PgiWC9_&RWd*{>KdaH|^bxMe*LK?G1kM$C`~{T!
zaa<YHC5dtp6X4|iNidE(go6CLBw3*xjEv_@UDs0J^^TunMBNCzkz$n`_Rvn>NLJ{w
zRF`YPnw1&vnE70p;CO_*1wxXA^e0M+1G(TwRw67VyqpvzP7V3pGM*;4RLU9|%UZDW
zg5JQNt$2j_P%2Jrg41Hs8gN235#^lRuo&WjtGBsv-$MsrrEL*cz+j5gId*P)t?9mD
zo9>&OaCOxR_(lsBzTW1G`IZ-husk(l&2<jEMQzZww?XF^I{N<kcV~^<#UwAFbxmOo
zBOs_7Ij^H!&DGnzF}^07Dy%_Dc?KcSquF4fD>{-i-PHf3<DBtAZH(muT2R(fA+Q-U
zGw7!Qdt@`1@;sI5Cd5?0Dofs_QPUy2>RE4c{fPqNudd~r8HtGym{T~N15UG{(P#)Y
zcb|Xo*Tg!)DHJ%<3gEbJnp&&7p7QDoW<sXi6%ZhFyOly-h@2kcR&Is4>mqbAko#|S
zAyLpm(zM-_f(~`K%n-|;fyrsbea&51R<`C$h!!juR1;yPl%Le!G(#Ar_*Rs(kW)>`
z(AI-C$UB*!!WCyRIJgrO;zFz14o>VgXJV#h_G1i^Y60HuY*L{_BQhCfRG$>1Xt*<`
zuRJ4FsoTLsb{bm2!U$~O{?^22SC^`E<3zE7od{hJ-!c@z&|^GtoUO`*AfQWxivBz)
z54J>#jgV2lY1%%*|Czm!L$w*{URbr9Y}2Viupo}K#)K4=dTWk%y;!k&)w-H#DGD@{
z_)7GYzQIXMa|-=4ebLuyhw?KuQEan8{2luSu2C~)-y2gIZk#AB^(d1i6=SaasAHN*
zI#JrA@P-dcoJ*LxAe^hC7>*o!BXd$<nr#}n*;C;`JIE$elk*0)13H4(gn$iuJ8o*~
z-jr-HAyRJI^n?i@(ZU@!JvU{7sKKYoQbWm2aZdvSkkd5_bHY^$AJZoe!exV*OkdUE
zq9yC9(xKjet@z2UUOhd#IypREMUcOt`bG&eh7`HIas1Qev4EPBGPSa>Umhr<dSWQ6
zpiAc&q9e7-YT}Ch<=0FNID?u9Oks18b@jm1uW;?U0<qx&r34G9PWe`P{faxSkZ~+t
z7&NiL(XF*xp@6EyOdP)PnR!5D{<#hfP>2p3pOIJQ(A|L3@EPBnUS(`#J<rOeb%UB!
z8dOdS2oN_=^Bim`lqW4Y$%);Y465{|6De2_%p+Acl7TKQrkB~<Zx9}oDs7E?IQ5iQ
zDWQbuB&HHsLI;z;HgB&DoFww!T<SYMMS4&S>UxD1ISHF;^#x4=(gA%6L#8vyl5%W|
z75Nln7>m;X%yw3J8Z59^?4<TEfwfANh=PiwRr*s4)8x0PT_UGdfY=JgdL;l<3}4<>
zNFX)!Ss*+_O09vETO+|c(_W3sNJp8t*|R|nHk<C)nA*wps)%o$vquTw$)P=Ko<m^D
zTNT{GR_cz~Sc%e-jsmlc)l@2)K(HaZpzN435umF&DNsb{y{e@rH_g-sPbUhZ=OD56
zjY(CC^o&`a8LQEB<s^MMV%3nNM7_RmeO^X2(_$8&=@E<qp+wijcpugKr>u}KS?>+p
zFMXzzGI?x=px()A1W*%YPPiZmQH~&a47@GT11agkHs!D?(U22G_!E6XKqDh}B=%T5
zFkZVLt_$>(?xB4Fdl9-a0*KH--$stMg#$t4_REFnpkhE8+WBafg~vpA5{=lj9Rc*8
zu0M>fE1-$iV7%$9PFhX1$s!QCOR!*>jX_mG&6um$JLohjVov*dE3DE%hjiLLYfh8d
zH+>t_TmfpO_9Jve1*lGh%cp+8T&~N+9s-MMf1(sv(7dIJ<=6o1Vxj_^jTLOuZJ0j$
z!lAkb#W-<1s;a2|)3gxb=B^_snuS&mF44*5DtdKrd2(qM_lJ|K@6O&|p&t$|E)Gtw
zPL40p*@f?xKYNW1PJcw-pPU|TB0`l1_%4TdHaiojVMr3sOzKV$*h#VBQxkNnmI@Ri
zKFwm;09~D2y*=JUr)Q_FlhfB1C#P?Y-yNS`ZK8L_7l+>+oL(KgI(d6?^&^nb>yxX~
z<4YAjaG+tFA6#6W9KL^haDmR>U!0#^9;@3{c?(mLLMPjtWdceTLYOg8T46{oIL|rD
zIhEo$On9JUGlBjb$Mx)`%GxMIIR;(Duxl!SvkMket0pU^uKlcFjrAR^)5@%(y=M`6
zYnN2M^p@g2O~HA7B5z&<jYL&oHo(XjO2OD!j0ocs&(vZ(Sp@_xJCi|1hAADAEGFxl
z*4w=qm~yS<XD+?3DM3M?gru|&0v#YX<V*<bw=hE%2*-s0?|A+BP~0=PJ{U)Rvt_C3
zJfJNCDuR5BhoKE$zHLGRTyOvc7ds;x&0@&+(XIq3z$lw8g%Du?YB;oQ|A;VGK681C
z+q+tnX;D>lVKqz3V@mZ6&Gcq^eATxYtj+X^8?5BCQ>F-Z$XIeqQ{Q%YjYPrn91qDR
z$OL7fGy6-fZX=uy%FGEja0%8#f<T)R9tZ281}0*C6X;M1=v70UhGC8AIJu$VB-PCW
zm=IJif(dTW;MECu9-)I+-U)IQ4Cj?2do4e_L-E5%itgcYtvU;5y4#Et8jl!LR#32X
z2F`Y{xgv}P1o+7&R4>V)7p9s-uFRmC`%QrE$T*{gJ&)FVn;P5^>!;cZ1#-)lWIIyw
zRjwA*1KH?TR0QrG5~1(dt<;2+DrpxC*3$#*<_8fiS?YO1tjw+5B4EVTUrR>n*eKu&
zl8*DDIF9ZtMIISwo3PH51O6-zygKi&HUqmh2^o+qQE!Y`n$(!iF&_gbGQzc8MR%M_
z&YibRTaK|11bTaFBkJa~-MBx|!iJmBM6Q5aQ!C8hderENjTRS0z{jUY@?NbAgM;4>
z&d-lek52yeLT;g}*sH=9{Lnr58=!J)eMtzRs|8=!)L|5%HNlA0jHZOET24xv+jN>d
z^coh3WO2%bV)}iK<7-j~wEFAst4>Ktacpk8i6JJHMX9ttPm_+&nyTxpjW*sHHNgM6
zjzC)nHC2pQnI<aQU*n;*1Mk}Qe6!H#aFP}H&N@OtsaFU@=m(-Y@Y~LZ+F@XnHYhm>
zbR&dnPYP-mh?%*$jE!rxPh7|fct{N<&~$t?=M)Urk_WHKyCU>_>fje>Qilb#{&>A|
z#_wv)GtS6?c|4*whEqCc;;)m*Wb!-u)wETucv*jk$2E~8p3W4K&!!&`iq_-<Hs*5u
z8wtYbBf6Kby76G?v=|Sii>0^-tkF`G6>&VRpY_37h69tGA!J+_a-SD+s^gzq5L}PY
zLK1qD?4e`MR(vaEuwDi|DuM@^B=84{-$w9;WxFIKK*12XZIo$BvY{cnA*yP*FK}vW
ziIdmG^t_@kf%>2SrxO2fThcw|7&GJlJG*<kyWML1|IY5-m-zor@p*#&@tU)+e&ly_
zI6^ufO39YcL+NmYd9kvxvGE-w4VU=~bXIcjH<YkgwILhpxFCkWv?)1rShPXVf~bft
ze_&f}5)42D{dA(fs1&$#Es-P}S4nI!8*jxd8>FSwM7Ok8VCx^RFV5a<IWS*)VAi9J
z4alH6=L8tML`t9|Qec{jm6Z+jz3WNPi8|e{S2n_RItWr7)f$-B!6K$xV$n232@6H1
z7b{S+I!{^HUSULsqjci8Z&C%ABh(4Y4oHEb8)UUb4kGrObJ-MCw6Sq|c6Iz>V*{4n
z>$vP1f!PA=%l3Bm2G4?i2Cz7lbpz3(AaPN0vT{`^NBiA@nY6VntA(UOg$tKCVuO_y
zIzUo=PAkd&Ep&CuD(QYIkRryJ>Rm4&1QDyPSy_3@aDr4)x2k=I5|-JryFMgPK_a!e
zDZw||;udVoKr1FAoFyqizp%bCBo`R$I$2`U@*yUbm$`OY(X7u(`JBo**Q02hgKP<1
zWzrN4sBPDnGnV$E6}#gr=)JNv_)YmZvu5Ho6Kev>r!XrEGm?{D--Isu(;c{UEsaA~
zX2r`k^e6Z7HKP@&Vu%>)h}{5g!O*x&3!3XM#M-x=^-Z9$W4Sgtr-H0~z3yz;AZQcG
zO(c~;imT~jw{|Sm6M&mZaSS6ta^jo9*HzsSkEzIY)NJjEB+?{Ne;yJ!ykc#xrN+w2
zD^>D=ItYq;x^``16U5p~3xrtL68y;rI|{)%b_Nh)cqpQ5-6~)Td`d}HtgQ5Uy*?JB
zl`y|I)}S>c`F#|E^Ij++%ThvGaRh?Sv5M`qeQeZu%MuL4B1OajC(slYrVpwCoXfTS
z=nfs^xejSwSF3rb>TqFHX7t}BLGM(-fbYp<rQx(|F<ZEIT#<oDqPj5G5(Q`35Nx;8
z?8_82@qnWf(9=x=9WN{2WR1IrRSzZQFuEa<Wn-RH>e6~oOSKS5)tIXWm-5n)T8mam
zjo;eMS+X7|vo3W<>IDnxYRR}TQ{FPPU(hj$EM<60e@!MU<PP#~-yK|D9bbI-{`kk2
zPuEyZG9glELWNo*a)-9N>nkK4G4%9T_vG)2MxMA+qmRoKvs6&nMv7KJ)AjU~;@b;F
z%-)L%37a{zS_WeH0#eQGe7<8T^ksl7YPG;Ql;fCGfv97!1;WBsrB#ca<0S-5S1Qc=
zv|0+)@C(w@bc}UfiPjeCsUKCLu1NKFWCNX$705zMOEU_~uYWvv_x9@m)vsUElz<0^
z7DCmAj8;y(?%7h6<1`5gJHRxY%w~<$V)o8k!xt+^uf>meoW4N6fwKMgAJ5)je7OAa
z^6L2A2Z`*5!?V-ZCvV<g97uKbTes{=Y^YW-x1D0PR9M?qU6YuT%%eZk40p1LZiz0Z
zm8cjtc_sUOXg1-LDVs?=3V^CE#jTpLA^JmvfI!@}Oa{AbQPaM{HX{V?2DP!F<Bh6v
zGEkjmd4Pe6GSQ<*_<kx-C7kD{`_j_!xi1#8>}x0NK5;*=%zfQbgr}Lb98;_-UzwCq
z22|b6V`Es08CMoxl>`v(5NaVk!4|ADP~WEcN-etUDy6?xn_#LyJVC0tUWIPF3+<#p
zV=!A4P+kxX$SoSv48lt*b$h=OI#wK=oU5`RF&le%X`4p$&|;uYwu6o{rs*1#n~PRn
z!`|qmBd@V8D~r4=yZ|M`?qb(pb*O_Y{c~_~4r9N+cnboBYA8sHNUZ@BOsFowSr!wx
z&U8t+jNFFJ$d!;1LwjL}V+9)Y8XiN?M=hJ4V$SzxxhI1_8oh-?KcxXC)+Ovp@_423
zW;T*XYuI&Flt6J=FdH7WzNt?SQtg=iJ$kXyiO?Ip2jBt73J0n`F(tqp7d$_^yn1tS
zeEH%0;PUc^vx}pbPuH%?K8cGIHdB{PYGvr}cAdUOe;-fu75Qz;tDMnd=oi7V92cXP
ztG`B4ZS$trGKl=XihhGs!Mz>SY9%CQ30a2~?MCRmkqEqNxIckO7=btE<c6xWn@W=i
zh3$*_jrWkg=dSCUeCFo8eERFunrbNo)FBYOl*a;mslnZAikh=b5wtDf<S1Jon@i=s
zwaazN3L@k$p{8o)4vcp%g0^T<)?GWub7S6KUpe6R1@9U2t|!!jQc1@|vL%gj&Y3*W
zu52P`o^oHtxS%nJqVh48m`)DRD3p+dB+<%AAsH9=K$RccRWJi7)D9y@m8Z#hW&H4M
zZwV>r_L9A$7z-lQU1UScY#~SMPjN-=Nd~nIR2f0wjb3z_MFqrE;NcYs;t6_Z(Y3W=
z!gXIk4$cb@GIVLC7pUN+@|x(G>e|aM(Dq)t4fLaWg}*S8J`@|U?NeZ&jv8nux>FwP
zJ~Sou`KH)JxjIvc>o(@fgn1>Q*}$)fV@meh@jRhLakM@sD!JXzFwJ}bqU^)tPRKW0
zMkC^lEzsZ3-X49pIDUJ4aC!XU^x)mG&t{z5<x~2YjF~Rbc6k2YNiB888NZ`C8=HPb
z(`6(}4lU|*0%M){qpF-j8Mp|&ni%pjt@3SMM^!HZ+;Sw5H>o6j)jVF=%QiNunx0T>
zTtZ>)E*z9_;i@c36WE<XiCqs@AIE5AMGEg@rT2UJ`WgCZTE?^ToWEo?tvgR~mXSn>
z=1a(G7gw*1)PLbgUr*F`{#UIFw+i23p4?&%W)G(t9=p==RrKd=ksnZEE|g#J4K~E%
zm*Mp7tPARS|Idr|h0nC&XFA2(1&<8MQJj}AS9ja(@#_5m>D>k}-Fw2Y$fyN*x!QR{
zABK(rw6i22xh-dTA)>pnc)8jc-uLCZm#aIAy{v7458Rgul;t<235{iUq#luFw*#Qu
zYcHyA&fbWo2Kbe2=*-xKMi9Xs?A`~$)F$lhylY;+d5GAZ>^_?T#S=1{R--$MC~M#M
zm!fmep$+=G?e?<hR~KLg5vuxn&2%th=G9jh-v7oi4Z_{sSyOHpcm8_aTLJwxxTXD@
z%=%W8|7A`0STECLUB&(Mi4rgv8skDoMb*g>s&J`)uz%8A_BVOLe-4;~t`xu6(|5gS
zWku?$Aekh}>nMc`BYRctY1%Ave=DSvBMwrjl@CYS%<iimay{I{we+9@=CxD-p1fN;
z*=%+#YW=j;FKJo?hPIVOJ4c%sOKplDBOJ#}B{LX*id3JZG&8W--IMiA6?F`G03<;_
zjR+?{uRXE0$(Fa4tpVe$Y5QO+uuZOiF>Zb_Za%=cS<_UkqKDa5is+Um1aTmFDc9>t
z*?k;eBa%to%1lHURmNi&KUKl%*L6|$CH0i=4!%C|w)<<GC0}2XqRgLsci{hkvjo0w
zT`F37pZ~~8u3OjyZjJR7brMV%fHGcc{Z0|IH);9XEjFRfjeW1>Ydz;?Q|2-q<QG~*
zj8+qYDr^lPdbp_o1*pU=Pfts^M0&Q_1lV0w%?e#V04px2e%20SsDlN;94p_Vjg6Cc
z=VupJ2d7srHlU!j9k|+@REJESzP?-stz373b#9)fmH7YJd;9*jZ6tC0{?@BNX|=H(
zlk!87Zr#}XRctv?>!*|Cw7H}!K_V=%rbrz@+19$g*Z%up1^@w)lI1wf?%l84&o&kb
z3<khpFc{23!u)CE(`Yd3W&55qJ_uwQOUd3x@eLW%Xr^#Rmj)ekT<e4&`na~RmAAXk
zxa!y$rW_2oROmt!5wHbUs`N}>muafON))x#K`LEq#KBUj0!q*S0UlsUGzA-uA>4~5
zsIOANdw@k{Nb=yHQr#b+Z!p*{n1vuVGQx$3^{~hlRA>{MLtUdda+jnI#BX4IWZ15l
zw{_aorlhtu*sNRT90*C0h-HbeTXC~nVLkn+4OCuC;I%D&abHWNFNj(Dt}RBnvPpNd
zN0>L%m9(mOe))<E1_x%sY0+s6TP`;YDG-_JgPvApc%E08e}*+F+{*H~2bw~q0}~T)
zV%YaQZ2~Myp$BGR&Kz)CT!HC8+Km8hK$5>Nvt_5E%hHDoa(d>R@+Bt~yWzeDG-&7|
z0{gv<<>pvc-;}erEJ<wjyg!L1U{sbRh-|e&NL4?#Xcy5362@vt7V0$}_6$=FNYE6*
z>|{JYM=KezoWDPiXNeZ0{x3<8vJ=6F0cv&viRf5r^smu9n!{aAg^;_u%znhNC&0U$
zhM}MXhj`@v-W903lk0)|8v5f(D%gJ<6zq2?9Dz|ii@S;O0Y>o+C)>HPRKq3qAk~xc
zOjgX(k;Z#-Q7Hqjh2=D~ttFvt0e&uIJAl*Rob6VK1}JN4GHe4i05N(h8HH^{2dp5O
zG8_cgB?Y$k=oXOdp9TsU!`WrSTu*#&+gMGfN9{^SFO}1ywn}bEd12!%VVF3e(}`Uf
zFKNXQqj@d>^-ho4-R61E+~ay;1|_q=Y3gYS9V3LHyY^9=pn(+g4GA9B+KpIemfHgg
zXo^jVx`w9UOYB}b33V^J<mA%>1*1#u1(Ut%9gf01`2^6jId~h#!;q=;ka{|D?@50;
zxMHbxFw*k^M?oRcNi(KgHJNSlT;`g2<Z<C3(^foBM+{7ups^L>OFCluy^GDu*0FKb
z_L`cR9EyMPBn_c8S4rj%&DYTEfTz*~?p5#J9-McZhxd;JkmVhcAixwZqXF^%!mdT$
z9-QkK3qs<U3Q^mXWl%>#$#5_+n&95=Tp77Z@gAJivXw)*JP^<s63y*6l+h4OduA(K
zPr<BWI0)mZPXantNV*b9POjLDs~oSd1>i0SF~oHPI#$KVYgw-=Utl2^j9<Xe84L+j
z3^q&ckh2!&^jaRxGPgcVx(SK@fQj`CUfs*?Xzwb75J%96vrC*DMh-Z2Ig=#*oek1%
z;EOV^v!DCAKyXb{*1cjgS?KTLDSj27T=BeVyltM6^H%eHz0)8+H$K4IPto7yv$yvt
zf>({x!;)eWGTIw=*_Z~QZ1w;BZsO+!bnFdfuVkmhQn%|HC~KtYG#z!PNg%!`ZlUH^
zQaA97xE70|+coiDSvQTZSd_1f#bi}F2_QXG4T_pgs(e`8+n1X^bO$U+yVE2z0STU!
zgCbG5-l~ZT-0t0D03~rhPHWd&o_L&!v}!qvbf$R}4<%`957>`wu*%8!>XlYnc|lzB
z;{g}URh<6ek4!62LwlauTHc%(Y1U?g=sbyr(H1!u&5FfpF<fI*0zR$33-G)wd*TyD
zlQ0m+;T4jpGe8XpMImfnpOFC?emP|v$02>Dk}(*12{fygJC?-bip{>!))8_r<tJb|
z!N9sF7!D?`XpIxs6<u%zPJ3Rh3=5dCwo)uepn)_tS~zw&TNi_yqaBOI(&ZJ$a4>1(
z;;Q4?*wuF*MY9+2AO=V-r*zDA%R7p6SC7!i-lDz9G{w$j>=`L4OIy9DyV^*Ss=-lq
z@`@CINP-kl_&Q?(=qsCKeD3T!q{R%{DEAPnwu&xb+U4cGEc-Uvcp@V&LMmbDMxiG#
zcXLiYi_PcJ_;L)tI0{c-{TZ-(LrllS(b9f-eVzQw*hDP1aiGEr<P$#98}9O*p1E{D
zAC5;TGXt!ObED(hMUYZj9)c#ZPeOLhLfc&+AHFMZ*dtMquo4JDryGVFDj_vxVIx#2
z?N~<#qab3d7<CGTF6+jUE6FfZM@w@#*k|Y<&7uzL!O$8CaMplNKe4pEllDj$^dW~P
zc<QGN((=Gbul`G0y8yxEf$qK0IU-xqqlHeY(1J|*{hs$!Ky0sKoO|WxWlvb`ov(hX
zYVXWBN=ek8a)eqTzhIhMjPqw^O5I)Ne1$Xn;IW9_@b-?U@`>(M@9Mv_yX~EB<Mi<S
zta;jb_+W()5;hFtNY-yP-Zsxpm#u0X=0xTC!9k<l76-DW&UFaGI?q8D8V9XL#{i~I
zcjn;YQq<}*oiG0X)bOgL{HpTVF`BoU$KA~R12W9=X##0xdkS$$t%yYrm8Wvq2~xM+
z)Z<9!r_ENNkhldxG8rwbLzI`onqWLUtqqe}LL;AfqjVguS^S;6-}wy2fCkCR_aigo
z*2WwF=<w$a%|Oo7m-gY$U!9xOVPx7n3W@gN&mGB@*Ca2`x>jV^#a>OLFt}niqYuWD
zkY#fPJHcF@?^Q0;;X$_-*bHCpR3^ulJB@Y87W<hnyh=HVCzDv-ks<_eAy0FgTulbv
zH9^5XnM?(lt$CGf<Ifx&)FuiJ;Nw2r`N(_StG{uTQ;g$nRMxt}A7%R3=Nklu@1r;t
zZ3lFm5x_7=N7FvczF^=oGjJ_U7^|V1WsRpodZ?+oYck3khAHL2I0$LtRdV~qduz+k
z=YlK+IxH&VmP?QMsv+eVbK&WepF$)HRs(6p>5N<pBKH|2?TUs<y0PhGZMpr+IQ4#s
z&C9)BlEJ=z3WI#V;~^(8m}GmW`{v@{=SD|!%H;rkfvxQQV>UC8gL8xa<W240d)STa
zY~Hhgjz4AT%|FRwL&%;<fX(^|Zg}<9>3ue09hIJ(d_2S)mIt6ZRjThpna26iUd9OR
zIY4_Zp*>g7R`4r)l;6}Rcgs_|0!v5C;CFg^SbKzmT@5gHvK<T~=3gXXiy;q&Tdcx`
z$4M|qVjf?nr2bE_|Gx?2e*XHS_~l`_yrj-o-&q9;0t00!g~-km-irwT$#)@CwCMIl
ziw~|H)fG>w2h{TUuZvbgaEP;u)1|pq9u@`%ut7;~vn(W2)CD+?kaRT=l_4UrI(Kk(
z+Nn2B8?A!)iUfRs$~82s($^>uHUcd_Bc-=9&-6+s_c2%ROA+Oo_qw0#S2|$AMup^d
z6Duo0X%7?dN@dF<4Ik6AnOeh-hNkehRpZCnJdePFM$qWjuUVi0LSBF4x|o>(2jJI}
zW5T0gGGQrk-F;O`sxqZ7-=1^5<?I`}nAd|5B;1hV;htky@i{dOMe5l1D>z@<o>Gf{
zZH>M38`q-;fvg}$nyH{|OYM9hL@Rvfn)HD)a1})Ut}I)jlR)~m?vm@R%9y3przsV4
z5P@2`2&O_vNc&94L<D1DTgqp638JO_nx}%w4khp$+3u1*+<)l==R^{1T2OZ3p>G_}
zH`$FW*LL@kc(pl$Ul9|Rn`v{R)jaQhcDNLiGa(Xhtc8TrzE{NW$pKXsgaE44LkJ<3
z2G=Z{WoDj(+$c*1s&t-4V4X3IrkI=M-z8X136bQ`hgd@${6k-$V@Y)lCPv(s{d5IN
zi|?|=Ggk!}!27E(NLfO|y$r%$0n2k`^Q`V=B#1Ny(tCPfp6n88&qVOEsmTcH5vkCo
z1IpP3BpF04kJt)TzrZNLpp`fRE4#~SDoPG$7%nINd_$xY#$}K|S~1Zi97JVW+3<$W
zxb}waEgh?<=PAe>Jk>uJYS}<zM_9zs3CKuNq4Q?Q8Nt-bWE#l?XAeb3kPG-{HX}X)
zHv%4H?)wlPAqxhUO`a$XLA-UCxh&Wi=ry)p5wX5jceb-I`5bpcsjUI|M+`?+6OW0#
zvSr#MtFK;Ipn^zXu^}@=>Y23~#NYs&`O<%hV=BmC7{v+mJ@QVl(v6ZK(9sFNNheK$
zaXI+NH@a}eX3FFwkU4h*ES?5om?^Xbu#7PPO<#(pH8#Cc`sgXMe0dQhXo~p?^(;U{
zF4BTm&cA<(gQyU|tr)fKcTo&jUFOqoxH63>2M;Cm_O$FASFK(MIHC`z9Rs!46^5n5
zG#ukt$I#9^^i)r$GRQYIBgV1lI!NMZ%%b$02LrJ|^tLa*xBPV0JY8mIQRT`xwi@Fn
z^K3cDdq#s#+V?+iU)SCFGk5jR8u>4^ql+FsWj|N-_a35*FSM6Sy7;%)$u)I+{yyG$
z%=TKcCZ4!qFBr`yY}cM0n{iHX;-ferbdW;ElAIsvyE?8=AXQBok(m`ifdML42Y>K6
zg+7A|bVOy`OI>z--E8KfxxT(Z*4JB&c8Ao@;TPlvUSBs1$#8Ji*S!k3+F>>Wxdmsw
zT{m>5{OpR2crwZ@el3A5nl<rIn+f%=X*7V?ENX`iIO($#;&x60m0eCnW`Ya;oO_<J
znLvh~2x2#}Vh+wROGgm$rhOBncxBUP=?!BMI+@-;78;sGLDq&4GN7FwK>q4tsF^I7
z>NnEAiP%Gg&UeaFtk}Q?5u7nsN#+XXEJ@8-UPW<Ayt!yf73sTr(HR>8<9#VN(lwX{
z(}z_Mn~+fPf^C*f0*1sD6s__*h>atTbb1nSj}Ege3@UdX=6N6yy9tAcd4gBTpiwfM
zuZ9P~x>7=6``OSLErzgIQTwHghaobtP8FCBX)H$h1~Qt2G4-=l)Zn|Mrc#k@MY;0|
zd^9fC0o5hQ<3`(<?&ku;^ZI#n#ds;+)z6!*oRW8Ssdko`9{8F^vKbJ)(Ri@i2^*xG
zIG-X%`^?FK<%)V#7j#Dp3s?6TJwpq(vIa#$O3aT1`_!js<GhN}tWhIRuD*mf8ox<`
zG-VJ*El9znNah2{0$uC*T2=CaX-F?1uWgVZea2-ve0e)PnWkiYJ-vw`nj;RMVj315
z_rrK_wZ8t%vUa<xkbq7x%`hHNy<Vi9KPS&<l6qk<c((Qk%Ua1?Tm{Uwuayuj2`0=E
z4?RhAQM(W#x3>VPjk0P!O{v)ZC5m50+L7{yVEpK<9I|UMwV1Lr@AeFv$2SC+b<QLX
z3o(DgWOd@qbH&)i4D`sY%N}YEaUg`2gi(K{)$G!t!H$ZmoLW}X5u0gqUU?E;^C~+2
zs0lpt1czvbf-&VblsM5WLN9uQN+nh0a!$(t=HNwIF;0#1?hhn7sFIdHer7XMuPpQZ
z2nla%zfviAy<Pr#C#N1>l2k9P)9zn{_2&{+&Y~0g0m7=zxm(;q4EtJCBErZT0dr-P
znn667okfjnmdx5RFsJfp<s-;khFsm8Z@4Hxk-en)C8LlI1Mb^$F%)_h4Y1oZp|04g
zdZy=9B4tkLo+J;=y?U$DJgOgb&RQS3@6JvdHI@#{decd4>NsVXQ7{GOv5Et_k&PtY
zE){~Fb8V>fsMh0%Fo>eB+wI)MYAAUo2;In;--QcC0U9nUaz18CP|HW}@3RrT4&rID
zf#~P1nsVI%YJ{Q8`cpPW8x>UB;UN&vRN*^O61-v%a~*@esu97q+w$_ISJt+&+MZy>
zE@E0`XUAlm2-zS=Cs@8Pre$&5wOYdn_)``h7C-OK<FQ3LMt18Gj106(Ov>%{<2dDM
zLMOHS-8Qn=lqN%#?h=*`%z8B$Fxp5tkfq$nur|A5I3UdlXuLq6_`K-G7IW9P!}VyU
zt}RP41!$GF6};DgEOSg!PI_TH?9;)O7_Oc%f%4XKOeaR}M60mfuvhs~lW%H>WtfD#
zSzjq~#c`-8@1^$uhO4`MSKc_w-nh5p(8bzgI??$W#qSe3$$WtpS29~V0l$>TG&dGC
z&S^T@CAD-sv8X`St1Y)M=G9&=Sq%SM7XS!$nyyb-dJ`vC=W!SeW|fNdQ<-xzPHrGr
zMl^)Xg`gb6KS8z#;~TXv2AEqD5cLR#0b<c0o(jprm-`W@3bd){&4^)GA2W1a5Q%|;
zfWw1nB6A6Y1c0#*Dk>CPFG7qbfU)-V5XH@XUdamB>I_c%9K=|=$8rC6aX9uWprV_^
zew&4`EpC+beggu3$7psN@GK@bBt$X-J-OuWz6WC^w*z^%q{0`(H@G_hB(GAbV^rkT
z{xrpWHV{oLp0H@m4$^_Sso~VVUEUMYXAr!@AUhxhYuGT@cU>TYu}?~7I*n^^BSlNX
z8-cYiM%sbE(Uol7=1oqFAyv!)4E~P|Ta_|<6(MDd_lS*JxOeyPheX$UtNSyEqeu|N
zwV<MW7sMigK+0AM18Jd+DY{kmFUT$iftIauW@n9%-jD8Uu5PYN0&i8pEdx9k_`Ja^
zjXD0)$*;LwJ5q_NBGrNTX$IY<{dk(npzCOLfAR)oFVIZ8<g=AtKb`#g96?no4Ya2f
z*ePe%?ELf?Rw{#)E)i(?_wlV2mt}5EJ1p?rYM*_q%v=woRk8Fr$vOVPh9d?@O2vxz
zz%ASA51U(?Yo3}+lx{}Muvjz_WkHR;jvY>Vz21W(CF=Bg@|vet41iTuxS~v}2BSE@
zJnQ0%9neWG-f}lb(Ou~G?}IpkgyyR<d${z0AZZ+jYeotam4-s4%{McT7(y0L*#uLM
z7?fuPBgISv5Su?6IV(V<jO2kkp4hx*6Go0>>c4@khAjEtLAUv8Dw!de7MtC9I;C&p
zt*wsdDCtj}HwB(vG7dZ$ZD<tp6k_59D$oFqHoRL^ZYdBKSWC8jDNt9IA!yOS(gZCF
zuWgVvB%FSLdMh@~8mb*3ljjKubmL;=xb7t;L@M+f7X?}?#ypimC*^Ql!8lc~&0$wz
z-c&r7V6qRJg*7wzz;v>b4M_}19t<JGt_le3c;uK)qk++XEh_8aH@>fh55W<#g`(>$
zh2!pP)x+P%x2}M+pFyyz?7oIBWaaek_(mO%C;5w7>W_m+=OWVAA^JQmUE@Tl9^7GO
zd5bJoqM|@&6^pGHE>4ej8@b>t;c#2`Hi@Sbz5*|3<l|4b#XvYjw}wMpe09;PD3{<z
zwnm220PelEv~@N14I@~%g`gA41|B@g&dI7_ceJ(ry|?LYdRv)MwHTJUhgxU{C7NKe
zOPtru^KPqt`nIv}5S>0_mpJQACQr*<66L*U20>l{f|v=E)*OI~zW*8r;=G0=M~C}P
zrY`^k;%qw0x-8b(qd5BKpXlb`unf%(a<ZLuSw6oSMxN4^1aLc~Z%cWmUBz87bGKh7
zf`*WE#MI28@wZ{zr=cx)ex`>+mUWS@SnuGKYjrUlF>E;(+jvQ=+v;TcFTh*1osY_F
zEKZHIRF_CPMPF58JCk4WW)n28Xdr+MSnt(L_gNU<7^~HGPC&<n1Em5gaaI`5T*ZC!
zSXNZYg(&KTmQt6cjC1xYqzv=<#dH25T5lzYIlGtLEu?soE(MpQbd=Rjm)U`7xauDD
zsrgpF?0xD+akNk9MA<~mo2w`LB3y9oK7y$x1YD$0$W~sdw1psUgy6~s5=v#YD(jl?
zvzI*?<t{&a7BC@mL6xjm*`>JA046MhDJ@K=I$?a)w8}PM9Q3N$%c1ndEV=_4YT3}*
z50F+Wbui_V*Ik16a~4ce%%=Sy6dX?m^QKvNaAmdx(YG<q``ipZMso7%-NEq%Sm3vt
z|JAtfDYJ6Srne#U!t30cVsFE|Z5(@)-@<+wu}FQh(|#*&@o<(IGU_b+S}+SP(awWL
zU{+=X-HIdQU|}AxwfM@SK?n*EBhP=P5nhwIK~f`+WubjdKhiq(@Xfp|mgPAuV>}4_
zL52yN7#gLurzf%$Yqhsrwnzi(d%5AryDx~_P6wHrB)b;lK*>1J%L-D|<t^sgP;)w|
z95a|6&ZlE5pQ@riXl;Fcdwtys{f*J%&6{T~A&S4(*LQN|$topjoKnb0_X6LonYPS`
zP#UX`WOd8ZhVEG4md&@e%#ztzGH0hb3r}SrdItRXCR%n5@?$!04piv=!mL?I^4eC}
zZ42@j9Nq1&Ji0E)%tqQli3y0ZG6fqt(+E#ymn3b5$r(w)#_=`PITWRFV;GY4^(amu
z9pgBbioZgrd(1~t!YpMa3=k;i;yB<b1VFEtOlWcqrem$FmGk!pNDQN3IAS~{GT`_(
zl@+4$hsf&;?1Cx>xXZ$jFL--{@K~d#and#`UOxHe<a!``<`xtc+qMJ(@#4WjA|!{B
zBUdWx>u>>-`KcgrS?Pf0CrvV88ry*k6vI=R1_RCY*Vm<wc~;W!=muL4nWRLAa#Jfv
zw6&liKe)VP_ErNM1oMU->5XUB*!cb42HsrheG}G;644Cs>PjV!$VKZ|rBEpWs5eWq
zd9Px{9R|ChlAG?#ps6I{fw4Z7+VYZyJPY-#T0}*qab;5|;3vT~OZMVqXe@Q_5Z)F`
zPm^%(+3$XTu$vX$t<``dygO@m?st(noV7alwZecrD*?z^f(+%N-Duqx3ryy4ow5L1
zAC%*OfY6&aNWDx+sqBC8*4jw<)zj^-8%b!m2Vr31X-WcQI|V~Axo49z@FO{V1B&m*
z&~qu-Lh_e5wFRy9^^7Lh*S#z&teHy5OulB4;uAwKC{D3f*$1t479h*u--q$wiX|i%
zQ_LSc2&YmbW-KP%M<hhAvQGr-!C0{RqZmbA7R*uFziT7I95_-i^GoCLfTp!D=zsP)
zTrncK70wi9r@^sMfIFF$bQNu~AG4}$y*&dnjstYY-*d)SevlA%LTd3OEpEBBYns$D
zYbWzdHY7iif&Y~H<h$?4jo1y{v!{Tmjb}nEmwYx(+~4Unbzgd0-is~ocbe#H)!$LT
z@cKcNCUgcA40TH()DXf$(49G46spZ-po4hqK?zT=$At_O*<I_ngxme!V~5g|dQJ{V
zJRYen{4Ak^Fym1=EMdMv4CVa3T>3Ig8VDy*N-!L*j;$&)5QagY1~IP4yjds^o+#mw
zddTr~e|*?IZoX;NTOYdT_0BuOqHA(ZlR%7|XJ{Iw$y&~0&DJz4RiUwGR*d-2Fbx&e
zYw=0Y+pg?pg-Cv(ULb+tSRt8J2$?3~E_sb~wO>I!zkJbdw8WcC$N$=(oc%(K8=J4}
zl7BnKBIg;W+3iyv4BRk?rnlbhs~7Ip58f-dUfJ~f$<+I2Fd<o-OpFNT$#I0(%4yW)
z@nw2L6IKH#H4A=i>xWmHo3%%``Q3M98i_yL-=oK4Z1fiCcB{MT?RZ;To9<4Rj{R3J
zJfHQUW4pE5WjgWtiFgyx$cvL<4gai7;yA30X%LAaq%{OpTLkgD?+EcHS3_6)aBmm3
z?upWai6~RM{oAYVs~6ZQcNk4;>%?;i5mbJgCbW@xxxbfd2yAqe<xp<1fw~%&)$UV>
zMqR6yd82+w3&q7ZR^_MT%r?=L)TmYGhC}it!JM_a{ajRp4G@69EufcMxIHqB1W&i4
zFsSefdGSHT`9f#aNy1zm<gn=aCQaHgA`hA)DappTsa2s4%0cxIR&S$Vn+Oi4*8w#)
z9aQk~9xNnAeR0U|S$n25RVZwez1;=zl5&poWu5q3-}wAKp8Gs!7yqmio*Wz)1~0PR
z;ujabVlzN=eldmT(r|SJ0bA>p?Pzl3kcBMo_$~H&sl3RWfMhPjmC9L!O6BYA+ya$#
zU3W4~hIu`dN^BzQ?v&SE+U8gWy403wgLpg<5W<-PwZIM9t1PebnxpXIr5Z2O8EtvZ
z7k^0gC6;613dvA2xuI%wuVj=8XHseIq0fsS=k!tcZbFA_p{s04`4z7v)5rz$V$5q>
zLkwLmK?-WE$pqLkmZ3bTC2Sb*RA#`&<j`<lRa{Pu%w!sd_}xC%qKO5Oc{4I_kabb3
z_imJ8NhymF2RtQ8byevham~KRQ9(;8=D6j1vV?yz4w}Ala3`_v>d25a(N`C6b7j9=
z1-uvu(7Mnym~1&#Dyh!1gbne{vpGE0hx)o<qAL*BmEX`DPB784gP$8M2$I|Gv>;xL
zETZgPvO<a>%K|1V#sY#J8wDUuN%pmIQg0q(mJIM&l=1>jlQAq1?xXivSE4ZT=hINe
z!Q*>o*PnJ3dK?dja8K#80Zq8nfWUE2S}gILX)FjBvN#-;Xb{3dD4uc>#zVOR3?_zw
z7vRG5ng$_Q9!e=|anwz?AykeDni@6Fn8bd85rO7C_BnAQ^7^!X(rBO84;uUA_4(N$
zgfiW??*5+Lc|y#{f}rw`>%YO~cK?k0LDGag6aV`ZJ;Nb;AF!LuRU?dt1q5IO7BoH}
zuaD2(=HjbL%L|hm1yPV1eV(H+q=*a+H^?-SA<N+88^HVx7#C#&E^m-A$ogQ!23KI$
z8;==!YiQrWP`Q*4ar9?0&#W%jm)Fgc0QaQnM8-S}q6}H-Es~A`+?W#dxz)ZXf)T2q
z1B24us&*i!z$NCxW<qpSX@&FUmC@i_S|V1YFSyjkTMD?$o~8>N$m+g74^4K<22+T}
zf%wkHP&;)sqaZ!duivm?5Gi{ch?8SCpyNpmV<vqFR#uir3&-x!SUnn{%#jKalKf!_
z`i<~BSger|tq1yF<>xbwqackzZ$yU}fhZA+jtt^3)RuNj)1TgXOAvU7roISCl?;{6
zlZKy4=cQe!wrFaUF>dC+2?oXzMjAto2e?v|Sivbk8=jc%54JK~CD7M{rjXE`Cz(kq
zBnX$nY*vGElEiUJRs)}Gt{E0<qTlRR=1)teQJr6a4r>!$Tyn726+iRTCk5HOz=oG8
z1G9{kQxMihoD^py?^+*lxg9P;Xt44OPA8H3O4Ox>Vvh4_e#}G@i<UKtANhe55<#|(
zbk4!AJg^eEKW|{IRVy2FRevWeQEtL^nnRwssac_^v7UBIyJEB4Cr>UPe83Krn6aXj
zR7_K<6D?RIjs-UKG~phQUjp72A*4l}!ylOk9yiiI+U4zTV3Q^IOIigtXEOrJ!vr_C
zv-23P)j0vq9nd5@7|A|en~vH`O}FWy9Z%BQf|=*jJ{DY1CSlY+i^7>qEt&Z;`o0~0
zM6mVqa5@Yk6=2o0;3!+zALrCBP0&+3Ylw}+oj?t~wrIWQb#ZV8{*sN0O)T5EbjWhU
zq{?WR2hlKO(oF>bXaRq2T&ck*xMpq~`r63B&e$qToQ1yX759co9A8_`4|%1@gNWh#
zl7IydAbi96qd2~@P?YZ!TBYBlVYfI!c^vok1?XeIRo_?0N+h5>oQmc2C{Gz~MgW<!
zSViZN4lEYymd}CwCegR$p(wt|%wJV>(i}=~CdwH$EAm0M1o7SqcL~N6@vL9`(UA@=
ziHXmb4tzVNGa2Ab$l&P|=_gRhF2TM6eDN^5SzL&c3pL+mksiPgA2VEWJXR`&f~Sq#
z_<%(;31U=Rf(e!#Ml|5iUN|HEETZFJ0P%J+>*MQyX5#MUGy<uBgHfD{0;SB#peDw*
z)xe`?sgACYVWmQ+tLttZ0h|fx0Yg1uItUCYCELfah9GkE(n;9Mc$1i5kB?*kKS*2F
zO@j&V(#Y?oNiewLwH5GEbkh-Y(@E&6zO3n92@xY0PfR=Qgx*L*@;4R|C-F0+(QrzK
zGRkx+O`$<wnZ+(sch%||r9TrqzbNKsuE{hJ0#mQt*DJqR-4Wd-E9BIe;2g;!p|EH$
zvwd84wQpL<LKn;V+1*`60nT{lB8gp2!%%e8As)HEN2Lt}m-YQXj3y0DZ~YB2LG5_L
zE?Gi83PJO;{0X0*%S}dxyOn8<?5H{?bdq;d&&U6gB8{r2SdUR-Lq#N(&IW{!SQrvM
zNP<a<5o_m%@>wkn)U({S+|%wM7Go?ikdp313j#8!(NNN(fsK(e$L@g7`qSZ_19x6_
z&J;QU8cKk|_nd>X)AreM!y$u^a=zybM&5tN+*54~;)Hnz==EBcH7$4mlSPAAfLs7W
z7V(bhES{#nNN2PLzAZoms38<pK;vZSS<XoDa2P~G4@-G(=-{f8&;dKAsbJgKPAOmj
zKEY!9-}++0K7Q-IgcQKPkx#4Ny4#zByPf;pZ;wB%k#EP0b2?<-Mz3qCQW>^2M5Hh_
zHQ94(5^8D|_ABP=5Y@{#Gv=OD9CE-G`O%)!JUu$g65bT1+D+J{ShU$}*KBOC-Tk?!
zh_PpbFqm-W{m#<#A$)$Rw@$wtKCkU4u5!o(6GIVy67$rB$Y?HzTzr%*3kU%3sASV)
z9l1-?!Dwnk)Nv|Hg^{ux<@5rd6Gv*S%D7`X5%5Kuwr$WKGLO<Y_Q~_xl4`X@z5Ees
zKf2QLv8-&U2HPo%XN5A8kn#juR5@+o&dv}8Re1l;kn3_B^+}?gzI@&Q1;{jsb}Q?d
zu$FTaRJwkQ0;s}T$uJ&fy@fH;EN~!R^vda}S6L@Oe}vP(H)_X`I06)>rl+#2l3tO9
z1+=zw9kX`78>tguz6$x-%TuVRdk{~g_qr8<PHnb93X!WOEP+tNN*;y^)dyll%I&`a
z326fkS0<g~Hr!*>QLq{?F+{;YNRE|eMBa5e=WQu=#^dock{8wjhcq6<p$r+8%qA%W
ze+QTejX1c(9n%?0GT-af&T-pPaBV>QDh%^aM@c*+=OImn3?yB(0<NO9`yQ!)%b=(O
z&BEIaS+9;U1mIvR2lycC4XIDlQH)p|)Yk|Ph7lGL(9CY5NGfDa87M9@a4$m;^VBmn
zrVn;#SH(wyf-{Weqb1}}bPMj|(Hu&iI&k=;eo+UF$EXRO;ma(8cpj+;??Rf~Am>jP
zBTr=1*XNz%_H$!c`HK3|Ic}Tp*UZ$aDOytCA!7sWd()8jV8JF+rft8VL%qfKu0;hY
z8l-A@4uF7HI{byUyvT6XP%2414Y{e5>Y!3d?pXqBlQ1?i#v?xEv)CC$k$V{)apfih
z0?O+&<Wgyd!A*$k3P^hc>J5^VxRA1BKs{;M;9ap9A}c02Vd~;TM$oVb*)UcUBMyae
zl^oQ6X0yWhOBhOxy>J%Ltb!##*i@P-$!*1}tYbL)U5t}#Z8>5+#}V6DgcF*MUB(IF
z(>`baJr#>j0^npdjS0Pu1OI{U>nN^f`)g066D78owB9yU#)bK;5K`!5K@n<bX9Vf=
z8BOztFL{Az*f12Vwn`F5U~+^pW>65@bV9@2eI(&=IE6nziPAX!dASppLR6l&9*Bfm
zICiP(mT9>hV$sKx^3erYiGMh|XmyXz-nKjS_B&-To-h=h<e@teM8dNp_?V5wd5$<+
zo0}(rqavM7rub^?$e8Bi;4yV9?HmpXC~%M@f`3ZygWSk~|9u3vH<Kx5$~X2Dy^F)>
z^LV)tQr|up@iJhX4ldfAvy<*o^SJS*QSWp=oE-1}>7t_5;m;8i^CpUTQs6QVeSy$n
z4M<^65HlSP6E>u2oRIj^3{$rO?(t?MIrGr2<R)V<dkYf+Wx+0Bd39Ja4kED}+U;Wj
z4L`LpGS;dYZ*9#Jn@g}D{H)}qqQ3%Ke0d3pOeBt0?6wf3s`ygI-4Gi=<91gXL)U+4
zllsAl%?i_)_;DFr@ps>X>sb-~Anr9yH<Xr7Ij~vEH)>1PoQHFwEy-IUh?aq?4#g04
zc(grCkP*XJsuG-svIBZ0h{s3-Z(ihK?7Kcosb||1(i`qVu65OQz*&sgE^%lQ?a~{*
zO9$iK+gtbc_V#x7RzADNsMc=H$N9W=g@Df@-&NxDE^)+=d?qx}3s4G6Fx>g`mOjL`
znm_Av9SIh*09<@oINQ!~TP&O*OHqq&sQ4ot_ZEZaD!Wt_ZE!;oD`yx3NhW;}XF3yc
z38hG~2E|(OUGuz{U;w{N`)kMN8Bb^g|CZ^HbM%dlRHw1e&f_FiOQlk>IKJAvmJHA5
zO>I+gW*K;b$^gbPA=m&XHi)BI!qOyQ(pJ21JX-~S_>bb9i<#4s@(Wj%@{|s)YG%o`
zwVYO6?jn9Xn2uSLQf<HiH$`J6j%NWM<0(()R?IAwI>+q|mE0BxQ(-StCz9{1gTaIb
znct!eow&;QnsgQBBbkssWrGv~Y#NCl#Ykk=T1u+{)3CeDQNx^7@mn4=CNv$@(zup}
z+!HV4k;8ng&m2v|DO#FCV+ipLLc=&3W|E)JICwd#)yOv#(&nD3mb&bkiUn@wUoX4N
znYS_p^SFd%xl!7T^7fQ>sj^PVqE^t#fao5nLMJi}l@2H#T<XG^n!;>s0l)C$F%2Tg
zE=qScdlL}H4LX1Ti2`$H5$3RzEKg5aSl(ahgqs<i%S-1xy_ua!L!&FE^-PZ5^p<Az
ze&Gm|YzcZeq`0Va#z?DYKpTggTZ53s<R(t8@Lo|G`?r*_ewMSQ#U?QipvE~(M>2hl
zOwMP8`s8^ikBm|97LTsaK>^78=VIwRH)Cp3{+vF?HlC|C)=D^)*7W3~d_zV)NC~4C
zjImtu+n7|Tyg`X%w`|j~=FTPKnfU3+DNtKno?>N_IpO6pP6iBw29@W}qTupMlO(>K
zx&7Fmxjgu%p!v;*izkfwZW@ePJQZ!c+FYWJIC+%SvCAq5aAUS>?9~_~uDk(j0lGX2
zCKHxs7bpq4NrIG-f7Dj5x7TWEe8nOw1x$@jf*SgI)S_t^)~>g))Q{y5RzLpZQ|-6)
zwc4t;zBU(9b-PyGs#SM>d=URRbD+6^o9Av$kxZPDm7QIIC)1E|JZG20J_mD7^S&JG
zLnXDF+e#7a1*u1xSzJo%O%R?2;6sT~HIjI$&4_Ea37rwK4GOToCUo}nqtS>iIvLGf
zoXf4wvc>oH2-aEsd$0y$wp#n6x+bX2A+_o@=_ia{!8KSmZ7nfd*=?Vok6rTm<O2ld
zL6;M`SEQ+tmPSlQZs(Zb1)z2H**6C%d!(!_^>n|s>L0r8M(cf}1^+Y;8eOyHTrDAw
z&#85O*6Qq+AteUm-x9HWnvcieXIZvb;n{$OY!jD7DBs-??>#OCtg7N_h|llRbRz2O
zV~(`U|9Y8t<}X{*GuQ{Q-q&nQ9z`!fH;?X}aiaSDSe_<<Nv75+!21lImLXNstj+X=
zdoqVxB(3L8zZov`&efK1ui_C4HqktN+iJAi*1E`vm2<=sGEZH!B&Q_HZI9E-OO^<F
zB~E;K=`2<C0Y*!}bYU7@F~6H8G~$;m>4LEfy2$-#+*KH(P$F%Y?#SjUHLf$HKDpgE
zXf-<f#eKWaMnU8g8es%1&@C!`l)A#83CrBX?IIg^&JMUX1XK!2c{K~i#>*s*QmydR
zZ6Cx@n#5r!z{KDXq*_zgLhI|lx<_$xLld9*?)v&V88Pa!M8@XAWZ>$CMP62}uRoh|
z=3eS*vI=C{c(%T-?m{qT+D*V2&Z<6LUIt-^3ohnNHJF`@<yD0xu?Hzh*nkDs%0nAd
z^vF0v)`)rL#i~;L*!lY(;*l7wSaBJXMcQ8^hs>x{D}$h1&H9DTz^-BWiBqGlr{|9;
z5LKMWPDpg;bRv)XXEyn`t|<fucGkb_#(k*^uMEG;%upMW7V*@_Axta8B2qqmPmT=p
zCsD(kTz1Ftkklg@&eCAOWfYeqaXL;9H^_McuDooD%HOvMy`&KZg3mN=<%Pro9#Y^z
zW0oetpy=pL(oqsmhd5edmy9p7rpuIqaJ8gx728$3TdB--?Fi$ct4q5Rjb)|M!Q^j~
zSQ$ifLUEoJ9u6=cDsJM6J4$o@Yz#KkbrU&3*V7GaR3vq1BX{uPCKnvyR)j%x#Ve1<
z`qenkYb_pAyVW_W$%{1s!89~p0!rmS{w*JS0&6XH%@WSeg%n_=d+^5oXScDrxw-l3
z#S8d%b8|EI@7BxB7u)}_^<s1D)%J_+%~vn~V{_~K@3*%9gKU1$p3ZruJf+EhY(BZI
zeCPg`JS)oj%-}PU2nbLCY2%9FQpqTDB>>~I3Rcz$A=14tr)czZu}Q${X-p%ZD%GZ_
zWI^))oC!w<%%C|0EjlG{(Tzo%G6o4_Id2=mj)Z(8U2+&mWtRa9F)5?+fgu$u)S-Rt
zE+yL>RETA)Lf&C!0l7h;dN7=2?%YYj_#{T-03#E&yf{c???4nMG6xwUL=AArXrh#)
zX1v+cx6RXEg&<j<(7}kwL!1dq?+&&SRxAGFh<rqHxCyR;C&a9!&*c<7hbdYE)D5#Y
zb6yQYf+=TQ%E(3J#gH13B;+m?gR*`ar)+(FS60LrKfWNepbudhU=NwoqS#o>*g$yA
zhVwV30Xm|BH6@IT2Ql`L_{k9_u;60iOz^luM32uE$*O+mQ+=l+!dZ9;)||`-0|)cA
z%}fYE7#)mCZ%1*doMWh|Toa-nd8k1|dJxbr3-t#wk6~%6J9%JQcb3f_N=uNl<bs#V
zmSQF?BT;mUiZA71QVg@89YMMH#@Lg@2O&LjR+c8cpP3{}kw>E=!yhO^XKgL*Rg7>K
zyT!nwQUJxgF19?gM1E{-8ItRQIt6ncc9p3F+-F^H;eS2#@3#C`YO+NIbMA^-CmmvJ
zz&!0zK<@8roQHTPnxv($x>s!WIq<I7EQ7}x=Rq8G2f%Uoh$hV6ZMTnix5hsjJr;bY
zi=3=G2qq(Opd|Xtzp^5^T*>X8{BS4F_aUHG#5#y<-5V$O_oD3|A6ZXSQ*{*iGwGm5
z4o}<K&ks!tV`aE$E{RH}EM!R+D*Vst-(L#>df$7#_Q|`u)6uydTmH(aAIZ`se^h=!
z!6jL(3clUF?dmfb(j3_%&z`O6p(L>V%_~c)d@y2TrUv6a8<ct$_st5{#IqteDqV2^
z0ZtPt9%CsgrTw=kl?LM=8X6<dk|a(Z0sw_X{o>tG)xIjaVSPH8)QGyQD^@T||9w?f
zSo`~uaKx~aDx8tN*&~ia%yBkvw6^|$ORa@>Spp1PXX(oadk#wAef&r5x94zaQC;$m
ztPITjs#`TxYZ(<DM&9j?>20?k`?D^jRoc{RQCW;ytr_D5`+YZI)bGkWOhSIx)b&+?
z3FW+t+6F@47|D`+nL!+11*{9IVnY6B{U0@Noz${YYTiJl)tx2*`JWsu;Fy}zX|^w4
z$jHD;FV|gz5t(-o<`shAxh5jjtqkq^lA*}Z`x@Bf2b!}qn+x)*YcNFj?3yJ>;4}9P
z<;=ZE!g*Y0w^pmdU0PK#&q<u5X0s2qn(0abXJW#6L|x#3b8uV?=3UHFVm$~(^lEto
zgor{&6^l{dx3IX36PqF2>%@XhTQIcE^&WTeH1AreAQxq^^;U>ZpeHs*nRh1VC|wZi
zgGfq!LKY)$Sz4Od+DJK!+8`MrqGu&0yB-iXB2^t55Jx4;AZyt*s*HU`az7hckDSB_
zBOgmXDFKo%87f7^wv@GMX~I}-OnJ(Z8u;4C%}q4o`D-Xbz<-XiU|^ZCP_ZXjh3q_p
zKZ)+Y(b>E=p&Sm%r9)D1i$+tKFX0uNc^SkOn}l?b)BhQN_te?On7x!<u?Ur#JY^HI
z<z+}K+9XnZ@O>e?fh$>n(d;7But7qBzBtx%G$WLWJV}|XES|E1&XS_>!m9rcQt*ox
zJ0&vi-!}hr0d~%;lR5AI5>DayOE~>YIJL_BIl}2enQ+bu-Tm9<-?nnnraiq&%A8BX
z|4V-SH<BL-Zo#-8?_?5_5lY~)OkPmt)wtP<O&vlUc!fQEZZ2e+q;8gcI2X{(ZcbzQ
z!XxCc7#0kr!%Vk}SSW8tIv9ad14xg3b(^46k}616)?w8(OfsLwI@2>~i|e*}52`%i
z_B~IgGh&^IEl(;TX-bl5BpA$YVKA*wX?WkAm);-3buTyWrI9aWyZ`DNs=uB;^U2-+
zUYx&e)ejrp)3Z*a{ggXj^I3fVyZQa*%l!TCi<d86{dNEQHJ-Bj-vhWByO1gZah#Ny
z3*ZFlGd@UyKI1AlerDVxN~)mNG|l91ao$Itmz5O_7fym(-mj2h+4~iv(F3<#MFif<
zT5FXG<YrR&&?$-7jkF{gvk2m{f#F;zq_SBdC9Y2Ku{u8~-`a-sw1k@~#>x7+A43jM
zdU?qPsc7Jv_4Ud++;E#cpsIIdk_0i_u5Nj^XrG6Ebvi<}td_<EA{(Z<W_&5?z)iUv
zTsVEtRV`p3l3G8E`$~%d@mpAqh1U+=)lc6xj?dnDV_!wJ*d>NpBjO~sA~_w9>gt7e
zYfJ~;l&U$@rbb5kAf0ha<$sYE>qa768NxqnFN*}}Phm_z+yu)rIR!yv0^rlW+}7u0
z$1&RG<n`I{VYk&dZq(b-`rOT6DQhm96gQC+1w|GJaDDyo?3dF{^Q1wVZPIG|=S8#C
zI3!1BEmA)vl4&A+{M!(!k@S^M`^r_Haz%$glZpa+ue_JuZO<dH&ehw11LQs(TnXV3
zGB43I=$jUUap>#vtG!L{2k&KX?Hd(A#l9}JQ|Ov;O=WK?gsek?Tlv<~xs527<@|5Z
zpKZRdrCe0S1YEHhn&$%a91a1O6NF){sLqPihIrEJ*pM-nnSg18BAxa<6^>M{O}QSk
zc|@E*)2h?7SpDObbw!ZS@ZtPrA$m4<EH?-xI`Nze45~>hOID)obj1v+>vKV`Djler
z3p3+*23Y1lQ8~9iUQWYMB{yNW5IqZwV8-IlN1Bo}p%NI9ME>)}t^Bnn^^aLbuTD%j
zxFZB(wxODhqi{yXETy6+fP_s)tB|3E^cuH#IdXuOu00)3qm8{lEXa2R5$LTE4hh8a
z9$KKlh2(qz*BQTjiK}8U;&i0V*tb0LCX5GH7{yp>;A~F@vMQG~A5Bv~zKPcK>5qD(
zJ)mMIj&Gzzk#tE1-|JvZlbK9vFGgauC;s-Nx57a@jnchM(V1BCZkg4_@0W~~GPAg1
z6EUzPju^R$M7z+yDkhGBCNl*49#PKnxd0?T|BY*<FnV`FTvj&jvqZ*AlQ=6Ekx3kf
zdsu+?*0PM$I*7U)ybKS-OdDOT3NEX!2}EC&t#VIcyzP;5840R~b4`#0df6iB)%|f0
z^@zJqdU?Wtm#T*N+XiAz+`$~uOC=#o5(b^rD&=$N3`Rgw8li(E<~)lJWz53CD2`Ff
z%azlPUL#h1Iy;WN3`@A0w-Pe-H@&Q(fkzI)0K0|bv6`w(-zjA7j>ot}Rh=D=w5D>g
zSw{0lz(aPUwiS<@g}%9+DWb%bd1$O9$_wID%-kGwotPO^Rx0Nnac~zFY*|ZmAssr>
zCBaU)DA#dIRN0#`-t)*24MOQeBrWK0=STEleS@Vo*8E0d^uoiSV$k>oi6<<wlL$1)
zYUbOa$UI>#n6IOmQs9#?7_f-5HIKBff(h&^anz4#0>afz@K3Q{1Jf}_BIBHgar7)D
zH*u28lnLXrlyI3zOl%3r2w-qA92{w;*f-HwqDfIsm}LFP@3q4{yG>CsB(ZpDEH$}|
zp0?C%AZB0RB=HRrKPE#ms9#7yVnsZj>|bjWId>LM1%>SQ>?MaQ0nvJRCA{)TOO9me
zHc({xCcn2Br;yUrJ{~8*Fc2c8U?g%UvaVG}5OqF^Z*U!nb&z718U-eblQ9hiead^N
zfAvZAujkKratB5_nLxmSG5b==pNI87TRU4j1^v&~i@)?gU*jp$|GW!^BT~mxN)QI=
z3{MwuD6Uj4qCjlSG&Ez4oM3n&mDK@^Zo`m_>F;quCUkHGF;)qB4Dt=qp9XO1h(q*(
zI%vx4W)4Aqr3&g0v)GzxGhqYrWBXvaTdAy<T?veW;V7J$2QHZum~7e7qCjEWVy9jP
zk(#oHJ{@JBRop!6z^aO?xK?ykdK1ROUGniAOMKEvghbMe(pbnR32D)2Fk%TgrhQIM
zrePYm2Vp$*Njptw%7(Lo9eZ}D$_`ZhFdo)MEb-k`z;}Zvjm1utxCz2{L)z!=7~l^C
ze3wi3u7Gb|+F=4;QXiz4YxhH5pa*j!A<I-ynvltMrD*bZ6}K0HN79HuW>>Mbd{npq
z-mWaq|DW#0Z>yqc8t*<-a82!6LF)arL4D4X<Nt%8hH{9ThE~k9r?l|^|KEJI^&-dr
zUw!}m_kZ#Kukn<fZ)606T(|>NH2=(IyX5GJPi2L4VsaGR5(p0whs1RgHswrG9C3+C
z(%&YHR_m;_i~jC#h?8e68DuSiD6}fAw6qn|s&-Ic0UN4hsyNXbaQ8udOiG8lWNX{o
z@itwb^#dBYTbpk3{g%wZfR)Z=3%k0l&yK)6FP`$hV*ZQkUwZj`sl~s9{I|W8zyEu+
z^YZ0i>;G#!E996_WfuYWdu%*OXBba{V=h~o3i&LVMjYifPUw&Z5l=0zutIENgMhrs
z0zR{{LR7*PxD6RF3@ihu_C6cXDQDze9dsc)V?!8JJc@MaRE*#O@|;u{q6RuuW)_%)
zRAUBuF_c%yE4=vn-n%6yO2sV@vr-Q{{XVYMs2`p*ys^I`?@nFGsa&`_b+`U+Gu?&U
z^k2Oa{{Q(D`TsDC`!xK5?EfMDzq9$OApdP|ZvMspzs9qOFaLY<3#3y~OqnL2tYvag
z^1ZjU<!ygqMoP%<aS#El#siPex6zD(w2*3E<q30i^5Jx<VyB~kN*u#CD==X+!C(FU
z-YkAT4a4&|3<fj1qG?JA1-*$bnSszrd!@?RCC~WineodVn7`6^Iv9~Tt<3czmM$!=
z*<%T{EYCA>%{*!I`ZTXKBPtjUG&Ye>H@-Ogc0ScKWWz$hASxXOiN=-(|76F(I7oL1
zB;lCT683RX3b_T1n&VN!58NqaP|xS)<_pqr=ZI0(b;E$CE=vdhGJ;fRD7YoP&2pSW
z<n{9;xDG-#WDP!`m@~#qyr8L>e02E8*>K!}v*AE`zh`m;gjguUx;-QN`$P?9O%8yU
z-ljj20Zr$8xfwxDvt-JCBz{bI$k>GJZ2k!Oft=r#CTepMEov>9{9M|YlFTt?BAA`+
zEDwxM1@m$<i<W06kg;;eZ2zsKE~b(BSMOPWJzwrA%75C#$5najo+=AIr2l*I>ZL9J
zZEwE(OaA*h&;MTe?@v4_lg!SoG*b1ydeXk&Q(XTk<6lzwx5WAvi`_o|z5IUjFa7^l
zdHyx}e?knAy)1h21KRo@yjR}V-z;tY9CqO-e&JXJ8n-DJv_fzufIFtQ2dGViqoj~^
zww;F&{a4T5Q=i=W$6y4={g}r`U!;wN>;J{8ot>92^Xq^6)nDuXt2`^;)cQeG1BZ&r
z3ONetkXMe5>u<Xs_MDl6f1d6+5&qfkeh|N^Sc2fcr>fXlr&~WiKW-k>-yApgobGA8
z>r^TS7p+#~w9|dxXtkSXr+d|{O68YU{rtSq>b4JB&GSyT^WnVFZJnPSHs0(x_^(r1
z=J4#`=SHi0aCUNj)^6-M_*?#TDwTHQwB779-#5BHH$HUV*N-m*9$n5N9;CrFM0V(o
z0^es*w=0laA#DiPpzIf~*o;@&AKFmA{jT0>9Cjgv@I~u*&%w|RXuy7vgigL>yK!*Q
zYIZ(!e>!WP{@nPWYpA2FCpAa&Yo65Gokpv)uI9j^qjvSvv%^NWd8q4v$#>uvn)#{z
zzW(m)q>*)nUekB+m=!@D);sk#^>zaWUYA$<g_q7ItN`AsgTvoFKWlg1wi@j{Cu6_!
zD;~C*?;EXRbAA$Bvt)ifb9!{8X~`62HQJ5VY5k<6Yg5h=h>kS3t`dBUb+hdzU%7Ey
zZ+Dsp?MA(I@Xo@Qg_NhkfHRs5Mx{vS>gF-e0hour4W-Zr8%oxZg-{NTF9f}|8=Z^u
zIgq5$RU4I?i+gt3JgB!jN6q88or{72<>^rnKGZ)GGsOu$G}^G{57}i9$xF`wd|CYI
zz;IYZm5WE(XeTSRXlODovrbH-AQhNks>Kx|Fw&{lgNTFqwv5}7#ss5T=-hz=!HiUf
z_~<g0j#rswI|Vpa-zzK2j-BeRL4>XPn>WqQ$$xh12f!YIVOT_z(0)HiPyX9O<dB8f
zbW{qYdA=A#Fo7W#<AZ7E07KDqxBa2rX`FOF)KA1>00s<44#y}XIB6Hyp<tcfmEeBa
zSLBxX9ob{PMDw)WsUIIVTCy4GIL{K<Qe}m_g_{I1%RHq~Dswpm5$R8P5HZe47!QL%
z1-c8It=*}g9@dY~PQ~!0H1cT}N6axwNa}+j+H=G}m|qnm*>e=*07M$n6L1w3FKgP`
zkdsQrdo({)e>vGlizN0O>!(pnP2`@V{&Ff61+IHsf73YLb26((r(%<uEYL8i)2V3c
zke^#X4defIDwTSx(>$slbk15I)K|lh(5d`%baJ3RoCFX|NoB`yDu>N>r`3FO(P^HY
zszQe<zHbmmP6d(&$uGYqbY^zu;Ow+hZ=Q-hMeRTN?ifYb0Bt~$znm@^MH1buR^zZ~
zHIOhr;9@50zK?Nd`55vg%Rn*G36|peM*9jb4HUqXHi#n#H=WoKqcM_o#SA*Lx9PnU
zBy$F~5}YI~q%saJxV>dzrBy_m%6aST<h%p4*F9{uy2ob+bup%UPSZ@heyD0X6|v?^
zif2nmG}ZNkWR5`cuHHBmqF_!g8PNuwp&W%%{qV5cIa7;95C_JnqH-J~GrbU4c%(5J
zi%7>~#la<m{X62G2b&>2qE6*~{kVCEtg>AwTGi67Q>mOZ+U@$=Z0RYcvgdS0jA*Ff
z=b_{2k*d9*^kUvne!!x*vS7*e$MCeB2j)|>YLwEPVt4t31|Zkg&~@f{3xl1HS(Ne>
zd}qFL%^xQ;O@iAsJ$=P-IgG93|7uWjeUZ~tte#Dj{Htrqj@HB#D_c{yqKvn>8frn~
zzBDXvou70M8*efoLN@LmHje5S$DKVV=LnSX4^>YQMz$Yhpv1!2bMmt{ipSD_53HrN
zi)xT^+kz@<L=N)&HafFOmaw+8LB#_yps-ZuLd?eBa6}*BF+ug&7QN542b|$-TpV%7
z<U*?U>Kewc5?E$l@E5JHftSU5@D*}`Io0#l+2O@O2R3(y1d$c_s#@4+)~xU1DS_|&
z?)L|~hRUf{d)+)2JfYQSxA%8nLnb=Yn9H%i{`jMfMYf$S*ZhMmj{_NC5ckBta~_Uk
zpY6#Tn#I@@_s=gmD88{1KMt>K*M8h6%|YZgp)<d~GzyH<0sIIq$w%V;lQ`94qYnA)
zN674uRU3?A;zp#furFH24p|{bF<iP!m7#RnP$x22>G}dgflOFBO|XT_pt7)$X%c!w
z;<igZmSFswQ@O9S8gCoF{@X7xZ{1u`-uj=oro8q15_+h)FSlsCb!&}0)bJBlg|{vj
z!Gbn4*=rj6M+p^ustPiKOTBJ6zi&q9hg`M{wA`2#uP)HrIF%LfN+wMZgwcao3Jy|K
z!E{!%&q9y1br6Oz;~bNA%*3G?)p}w*U$l+|BnVVc+;Ft^q_DcQ;>7MiR^cIC(pT<E
zrozd0CDYzmT`?*=q}p;S&2~3ar<Q?0C9ok97y^ZT!dgyVE;(dovc%(L=0%{i4Dv9#
z^TgN^@KTn27-mtn%^f-|@%CYOIdRuIl$Xi8YO-u_hmB6XdEB-Ixzb@=Ak>wpI7>lj
zCQ(-5A+@PE+?O_&Ez`0#?ZrK}>Qai=c_<ibqYMRmQO>Qpl-4%4Jm&(_YjlMiNadqa
z6@c9s1Rhc(p_EppR?VabdAfe4yf82-cvENjyNsuh_e!4v?Ce(Hvx_0o#1VcP`79wd
zmJVv_ilb)g@Z=DeA$5Yy!&QhFs<JZqaV*}j<i@ZRNP)*?`bfdceu{%gjDiY-gt=$o
zjY@gQz!fCmBLXhDq|eeD3}6lsZgfB=^us<6X?htaWA9V6`a$!%32qzE+RtnzQ$zaW
zAR_yuEe8+&#9VFJ(L6&}RmKs^-p?H;d54u7C8MGm8x%LQ5C8Z`-GA2I|Jrna`0Z}%
z)yBOLCv0INE35>G486(<QK~~tt4eWhB%ReWvOu-1h!+CDg37&mXR9gikroAK$b!<S
zn5-Wm`!GoEE+@YcNT{VrS#LZ_jW44RS(+&2pq!3^j887WxQL%|S3oibwg|+7I{&4|
zn5;%@AVd?ffTIwD<;Y|PV!MqwTU*$v=J`Wi3MLCW1l1q7eK6Oiyr@;D9h7ky!KDi8
zOUP4TKg>z>&OGScoBm{w7u;Tu+S|Q+WoqC{EX{kpIQ7M{t}j=o{*Ygt>Wf}=y5v7V
z@Ar2&2khQ$Zrp!_^|!h4qHO)?YI^-;7{IN#q**Z(^0GhHCVPS-$e@Q}dhzoA9;gbg
zvHC2GqaiE_acm>~X{s3H+3E2I2-E~_h3L{3q=d)him?gAL{8E3Pmo#^-+1HzH<vLL
z)Dpqej9EI0G4NB2!NH}ttjSf=#L2~Rr+I$d=$^mrwh!JlfGw!N1nG2AIKf~r>%oYP
z>D-8%OR83lY_alI<GH@osC0)cJ%N6lP1DIVJxkuxB%u9}fsy>Git0X%I7><6=%|5Y
zFFR%&=dakT6SqO&+pBIF9~gv$46fM;9xwKcZwcemFx_)D@u;{$!g$yY!f-|$1SR8j
z$g$ofAFD<?zhSN8gRYQ44@f$jFyfdc9I{VpKD(|((=a64``>MmKmO3IR{!p3<;zFn
zRPnt-_V$Rg>5$*@Y8Ml|BakvA2?z|!FcVK<%=Vn>s#$i;S)_!yreO()Pt`jU#C@hi
z`UbT~g(^iQQn4|!e}{n|Jxj@Dko7W7$h9Pn(jMQ#nr$_XG=+`>KJYHXco^{bGR4>+
zl#gm@FzF8BFiv=vMi2~sOo1^~1_vRd$)59xecT*7mBE{E%HY?|-+p}g<EtOUyB6~g
zr(p=Mw|?B&67N1R!A{ky9a-#65)4OaR)6b<?*V8W`dD-<_)Is9heMXUW$8)mvlhM4
zRF6b@0=K8tEhke?RmD4{lxm(Hon>m0NfJcqC2_E{RC*jX-dwybmid-D#Q9jg6VUE|
zBUY7P>aEjajq081{{6T7TVB1x0lOD)9Pt@IImF391I9ZK91hdt0D=nVzA$=UWaz4Q
zFz*5(_vK=wmKtUEduyB@J<N|nV#$$y6ihYPE98Jqf|P~<XWTf+ge(;@lN1T18poU&
ze3P3T6`xJ<Wv41NcK8`UAB<?SS6u}e#;M-rs_bs=ZrwZN4?=IQ$g?}_EJ@?(WWtiw
z>gF1`f3{|`dzPMEW(^hqZb`Q**`UUuYFBk|G=xOOCu~4y$Ya9k46d(I7Nsh<T%VDU
zU8ZiD1miLDK?qQhk)t@xwra7lf|~&4%p<=r;zKl{1QOnYwk#M2sb>soJEeoGPC^IS
zxMu76TX$!Z<MI~sy0u%~##y~LS4?M=FzT077xl(8i1HO=n)=RcQr_sxtW7>*VW`_&
z0YpjjP<5PQiXy?w(^#4saT7IBzIiwYHv}5SLz7$LoH<r;we;0DtR)z*B_8K%-2soj
zuWn^4Bo78>-=`@f{U8!EcoQdAocO`zB}-V8hBMNq9Mcxxj2OgaKr4s0rx&$1?ZZmI
zyP|$q#$RCm-ev^=x~>W)T_!#ht8EEc^zG?|S}D~+ku_`DgRwY|k0*NQVC#0OcL?S_
z6G7%&{8U#F&nbES?NR63j`!`(>3`u$W7_#}QTffyO<Ddjz|l0NN}wHSeumpMuklF`
zMJ%aRy5g_ZwF+V`U++1!KR$hO;XgQ4=$MGs>VAw(#R&-@^D}4vO*YB*J@YHE?wsx<
z;N5DVnL<{AMa22ExwV<SN5{u42{2;WANQ3CAH_Fqgr|pmg|t(eVDu3A4UvWZk?&-o
z6MDr6g{%UCzXmBM=Q8MY^N_5bHxJjaTKl|t+C6U`?p42$Reuh`5cM$#UY*=|FpOxp
zA@gEFUZ`n8;v3K+%ZxE;LMOzz5)j-UNL2xM)X;6c?2+$G;smi)2y|o<dYs0Se2*p9
zAD}1HfbqTR>Vy-QU6Mb@Fkuto-VDUhtJdxv$-G%g9HZXzJuR=pv5ltkBqfcA1h0-#
zvbwEfRYRC%&;<u6<QfO#12HXRI#Egs6u<dewj!!Vqr@GiWUH_u3PVJ`+b<s#RpW*R
zsVr`nHkN}p7BzC`7W?)x6Xv&^yueev+jbox+Bo->-0kkc*=eWoYp1xf<%hlM>Hzfe
zdT}C67LNcqz{h8AyKfrr>hGIpEwCdxX>{tvW=a4#)zyLoj8fW~^+jF|Rb@SSY_Zr4
zjzPQ8dfz<ICfmS9oLrestA2pC;)O5oT8;YQo+Gxu>|3so9Iftg^R$tPCwg#|K!Wl}
zbxTPhMF3#rI}d<+<kXxD%;}K{XXzo;+<uLiuZ^wT{vf76j=%L@?#MYPS_mOkvrpMC
zF+@2)Aa$$}mn<>A@@S~Y6ZeXyzEX6hoHT&jvuGwxkor`Nv6KTYUwGsfv@9OPV1+<}
z=rV|cl#wuwCmy-r4B2}c6QA{`L)bDq@lg<#o-3+%TY8ygpHi9(8JK48m8^<Z<FMHh
zvvqc=SXlE&O41=C0T-Q_P|lgZL1;ft(%d@Bz%O^A2I!f**=K^^CsT|~#gcx^85yhS
zpYR7HgXm9(;=CQkH!LY2;#BY6H(GDb+KsL}FMP8{v?iSVM!x%QZmBexvImMl>&4#5
zrbR)NPvE#EVEyq&?n}FQeEgvZAvZ?GI4M52qLRL4Ga~j};>QeT2DIIlvIC^WY*OwQ
z&I&exF++@*ES2(Pm^@=Dr7#e{slXSav-~g^jbop@da=12P+99Z9;(v{&xzQdB5`Oa
zG8TvI@8@Vx0Y$-jXl(a#z6wj=wDAit1)QpkYRW`S$6^9yyCQL_|8L<2xMa_;0lnT8
zImvz<3X)VCut~CeHU+y5_(scS%lFhdOUND!Mbl-a)Dl`yL@yz0NO6MTP^4B**&bRb
zME1XXHIEr9joqI=I9xRIwffXZk~kyfa$GH_pmuQzpdkNk<2FdiQ-MLJ1fVSe_l73X
zqd@*rZ=Dv=gJZ>Gz?`0S8bvUDDg=Ev&uCz2kcLcY;>BXl4$v+Wr>C8rk6YvF9hAF=
zpDHE`l+M7SoyD?%*B^L@YLYxuvJ{zV|4H~PY`v^O!R8Fj*%LeO*u@nx&gVjbqaI6J
z%qKYsDTpT1bkEkmxQu*)iQW+t4<+tD$(gU*3qWrZ#-hi8+MWXnHS&*xwNnO5?rUA@
z`^Q1VAQcs{l}=*NT-W^+IoZT%8MS=w5S>2W1mIdQx3MTbh{JfA$dA^_$W5Vualf+U
zLz*Y&XRS{Cv_qDyQoU2i<mp7Vt*Ge1g3Gq}8Bb~3*<>`LOv|~_IXgVVEI1VB1XDiI
za4-#p>=&|Vn2v})i|9BIoN$I|qG(DusBA=W7Wv}Xa7AbsT(OeLd2kgy>M83~IblhW
zZm+rxKMmGAcfD6-9Ye1PzJ73peM3epoNzMbI;FZ+a^J9LzRZyl&d4Z0m!uTygZ%8_
zIdw(KoWC&i_~7iCCE#rcHYS|hjDo?448kc~B%t|8#AB6XFNVuu7<e8-%0LOQHyHb-
zq}wAdo_7?k+_YtR#ucPACZf0}!N`B!#Ww;m$S!DEfZQ<h`;@1mi)2h^eQ<KUoQ9xM
zluA}{fYdo1#X)L9MQ0)l)9+sO$Z8Prlu;k@Ne{;UKG`?$$J~ZRj03I=Vs(xnHAJ$7
z{xsFyW;&Z)V7j%bX;Iy-tQ^X~#SrU8VDw6~1f2z)6uV^u@@n7EQmH16;~~!-j!l_;
zMPK6}ZOWJWhWPGM9+xa7nN?K?-a)cgUG)R>9B`_llC!3YS%<L8;_+(*q`!~E^+f>$
zr<xpJ`9VV53DF<K+fPQlRoNdQIyFz<l3j8j69%O!hxdd+OsCAiZ&gEE!;Dqgih-#T
z6R=A(vOnsclQr3Lb`)KC1-XePaS)|Ezp!K(H9ZodstKW*Su|i;tv-!{TaTx7aK&yh
zi6UHwYxBq2){B>~UT)POfw(Kcx-|0LlrcArUDXdajE7vj;He)^Qz$~kOUPF429cYN
zn9J#yxoI%Akc1=XKG|PQ86z&uW^7H~EJ9Ma;F3@>46Yei4@#GFj%sTazJl;H0f$H~
z#y>^1cx8pWQMWCbGFPsp%+T6r1Hq+&luL@2Mw`-Pg@Khp6bo>Kw80I4OyQilO9K8g
zo3%9-PWA4J&F&rY-FK=w*sSbH&JSl}>qGSp+PtsWkZi^76`R>Ig6{XvY{vI=D4##j
z%JPpZHv1!uub5O;=F~+J#d4j5ysjuwp@QCLK)GnsxPC=o;>1s$ecXjx*4^KpiNB$O
z_<K9!6q&9PtXu9(pyEvTKcsqRb?%=028toQCNj>jrOs;imCBH%=i)%Gt%S}le`d3s
zbB{UhxzW|qUp7ovY*rj3BO?1Cox&CeN<-<HEa@V?G<A%?gry#Gh)L+ekYM!oX~b?P
z$eYy$DsLW;KyB5B8xd!oWscFIYb3eqw(QcfG+HeQ5>upDN0F>4F+`+l7J~Z<<c9~y
z<&I;mD={eXr=zYiHGFq=(pao1lc(|$m1+SF_@{>PuqJt|7sf+GSF`v9wH!;=mTf4O
zQm=sN=c(`>siy<Bh-Psz%QoJb3x53!!ZC12Up)yXYP&ad-OZFhidP}!+F1#-5f$jU
zQ<jW_2o#+qwhQ9u1F$PAS}chpVhlCzMrwnQw+cDgz?jQ|#oa*heNeehBXp`5vJ~B~
zfy7YnidstB+Ade_bFA&YnPY7SDi#N}d~J!A<#_x+$Kg8`PFRA;C&6k{42K#Ca5T>G
z+f8c$=Wtii0S0;zp}wWtZggzS?>^K|j&aFK-54s?ihWSJn^uODk#ZJlJqG<BE&La+
zZLOXxeiIlMS3iz-uC%~*8tL3+pFP%3V<hmO0*^z;XlDSiEZl^IK?H%2H8xW9{Onu)
zDS8IGU=Rt(Z-3un0)`AsR#aY6>2M`_N~2i{#;C5$iE18|WMm9tSRAaZkVENe$D->X
zi6h9pu9iN>lPqpf>4^Mv)Fm{G)lV%R2{`Z7$siNJAep!d)02r#l&e#(Q(0LNb)^KQ
zP}!BQ_vSp}+fPTNQHJpY^{{F#5*R5yyFdz~n5T9P>E}^e1N(%HRAhG>(REI>^wUuz
zy56g<!i=-%S{XI`Lkw;~EXu@@!e(Bwx*E~-gZm|JF*GHwUz5h^`)<2aZ*{bxbY<??
z%^mQ$HA<ipX<oyk6m8iQ*4ARUvZP5Ud!Jo)KihjY=gu6*WyzY`qNc98Kp?s<NbA?O
zn66;t7qjyz`qtf%wr&cb1LrzZTGD1f0_`6`OrpMj91mM@ii{-Nlnq+K%O>KWSv;xU
z9bKFroYqeoA2)xySG(qzMm~iTC+I7=K}2G+mn_aQ4GH6+e7)_cBc^O4%MBSsq#ML%
zD&H;l_^4#p4dO0m>4*P>3<KqRu9Vu5l#SvGTP|#^rL8Zu=bP<IMFa$ij|Q_n$EQI!
zGsgx@{jb?k9QrKTbL3CosaWGWo+OO(V;o1mw`dcW;=h-OsSe`EQ?(s=fA_$KF7NpA
zE53k(qv0+iS`@Gv(_4V!5JwraDgE==<r_M<noeXpHja;Or5*f}o%9{zY`-*{;lV%I
znW9#+g%dsWYB|VgQeiv<xGX2sqC<eB@!uf9W>u|(-!#2LatN!Q5QCIDC0joSN{PBE
z8S3%b+tyj9-f0}1ogP(GJ95odHEH3oBj7xUhVd2rlGs*rBZ?LC^9gUGI1Mf#s|Ngx
zLth+YsuqnRgP|#7w`h;RZd1YJ;)sax*Pl^^N!)KgxZjT5Z!z8mB-XFqWrKfTxv$tg
zTqA};uX<;UiI80gzQMDRx!eSg)5)@%{LQRQ$LxX^i~v#c5g+ngN`^@npPGkz)z!c!
z?sToZz$qOwRU}$7w#}*qMJ%Xl)}j(kt2s!8V)KHY%oxw^n9c1$mxyA=&{qhqe~`q{
zPjUY!PL34;KaS-q0`5a%`AcIRD1&OnNui|RDyu=<m1^V$oS(?EK@vwP?LS+?V~^+w
z+Tx(_Ej}0EIfhC`t8o|XKhpQ}T|6#qLB`g!ZN10QIlBQ%-s+BCufH%Y1y4BxJ5_0H
z9bA%0%y|HZf@Z2>MvUV`2;&1G$)qES>XkTRO4D-Iws%Av!#4nP&#4-?*XU$YOGiQC
zyAztEvzjiQ{pD10S_7w=gIN^X3XK}jRGB%mr%TS8zxhOAPa?@{SO#N%uYkL?%3YTu
zA2WwY9GF--C>t6q?vNF*W$(va+8x1SB~^3AOLy=)*(F$tc5y#u*gMb)c(^7O><w1m
ze<b(jdTOz8e9df6W^qD8)(sz(z$SRBMIl1?GZAz07FMlkWZ(os2caq1-r0Tml8oYM
z!gFh&8Ko?_rs1CR@+H~cA?xtJ>R@b3B3ZD_lh_v=u$<@S(bLx^%}Z?)n1KT0zYTH&
zDseHoV!^pnxKD%Yu0-Vt!pakAg)SDJC_bWc95a`eiONpIvt{B`ZR}CpiQ?iyS(VI+
zxM7iGjPulwYL_xc&{-pY5Dg$-+b!z7&DI_V+~D*pD?~~4%$Rv0n^46UMWG`agrdkG
zjxeAj7bjyeFRD@iN;Y-d)K_l0aNQV>LEpe-a!#7iF-uv3FsfU-aDl5l@FO~gQ+##X
zem{!w{UMvM$mb-Eh|DENB5`h6Ss@n_AwlrM`xY!EzDrK)m5N$v<}z7+XIpwVfvvuv
zxUU*t=jfA~wz}RUb!%vVQEGy{#JFY9A+2MQotn!*=Wc!5<;aS!k4F|F7+!+x_e7ja
zkA!yyatjn;cwninPQ}=*p%pGoZh~lm?(x__C@-dus4`1tk?sZaJz_bhk7)$gFY|SL
zxp|nP^azrKH3j%#`O%l<zu15elXyB2a_!xVT~}grZ%+s^5EO-~cQ1`%xg~Wl2M0nq
zvg?ns=5HI=F8NrM?f<rsdBp=GBNte~ZvQtYKd@lVsNE-x>+mAi({pHj%dpg;a4?9U
zCW&ma%LT_GrOuH+JW)xr7%=+5y*?HK;xyr+^LSf=sxwgU9tL9Hv>FlnJdULJOAeu9
z3Mth)b71aE1&+DkMIXLG6L{J6Rhp@3{mB<;@98tB$iyLEVE`<0bnr-EEUHJfCc7>u
z8Ql@GtGW0l!Z7<K;u#}Gx<tfQ8ntH<y(3Lx4Akx|+zQ4nIfaV=XzEysh|gDdmSUoR
zJbi}d9J$L@_9I5*p_av2e?q66HE!8pYDq#1?AqtJyBPZ@Sc)c$UY*B5WLU3~T+ofI
zOu6q%KEA;lQ69{Tw3{>eXh2aR7t~{#cNrUR8R+vwoDEn6VF99n3}l|*MVZQ4p9ayC
z<vgr$cc(saIT?)NV32brc1+F6%I6=^3Kbuxj(MaYBmthrDGA1tkjX6kLX^O2-eTG2
zVa<xIL9w(ePdhF?c>^YvRnqe3za@`<+IRRG4OuUxU(%yaf8~e2he2Dkh(S*~hB1)V
zRG^WAwAr+^&zynnMPlF3YjM-7WM)WkuZZ#gJ#kpP$)ZGH<qeX?;{i?4HUuw<hb(Uu
zO657CCX=>+WwWhR*#MIzy_uj<hw`0HV<-qW$Q6*#JJ70OWbnAfq)AL(tUvB@zIZPW
z(|bFKlaw6PJN4t{X}x=P(b+?0FH7A!(s^MzX~SlD91r<tci~ZXP9{Sjx#FHYUI)=|
zQCud=Q890gBb^qN4lqQXE8XH{^}?uG21_esg)|^Dhcag4WEBr|HRT;u6Pw~1hCV40
zSq?7^6>X%m@ULLp0G9Y{JfTS}4p_l$c6b0&RUL%Q>?v$3&C_<r-Tq-qboMg1WxhH2
zi@a|iM`QB<o-`o6fr<eMY(T0<$OklP%D4e$+J>}9K0~W4Od4JZcnf8>CVZ>wbmF%B
z;9e4^=3(SP7F{oj%dRjgaJpQPQ?;EEfxHd^chPRN_I~)`hsx>O=IO8ab8GX3{Q0(Z
zc5%M9wfTKT72Vq0+?1JMbk&oy)3;~YPaU{WzY(JeDT>Y;t&?UO(&D{(u~|899+td+
z0Y<{{WQO;3gLpDS`!e%h3G;&6_Op1Uqx>Q89R$a(-tFwV@ij{zEtPo;$LyBxQE!ch
zbtA%`SyJk@k3u?xOjCK0?9KvpZ+brGzkmZMHu9l_X;>|}*Y<rciX-2URZ_(v5Ut3|
zEV4GwwyljtY2?d65+s`G;$XeW@h*rbTP5wA&d~QIf)Lzwk8#r{jvjeOn*FYl!Gu)r
zjE>$TNbHiMJ&!?(%RDQci%6L>YJ4|z_|jbg6%0BN%st6aT(g*-EfIWWR4hqClR3{0
zx}gksI}EN_BnjPcJOEoxo(2&L7W#t{A0!XD2|~oIKmGsMdlUFbs%mjKfPk+R{p39X
z74TB&nIuEfoy@?185-!xG7~0Ahwco_kO`SeS9MaPyQ-(EIt!V`;m>=n2!hK)Wl@30
za|aPz(NP5SvFHO-1X+B@LlMD^MFIJKcdNSh)~#N$49g?>W0I;{=bn4+Ip>~x?z!i<
zID%_1H4MC|Kvm&<C^W<iuN4|zSH$B+Dv8dZm7;J2skF1aNJ30`f#ie%4j=00HJxpq
zK$I1Z(~xXAb{22Y@ShN>jO`?0Qdpg8J`hhVoAVB6O9K47MYeY1DAv5{8q;W3J*2vm
z!89U%Y#)8^Z<{QeEYl{4Hlw&w+#P5`@hv$nS`2UzRCpQf)@@^2_prd__#lU=uB)OX
zHzGd>07!)c&?&yaKXAh0`mAfKW7uAmwnDQgR0m>eS-@?9^gDDThyx$T|HNhsdFdAc
za#v|D5Wg~xVVws$#TQoMc&_4QuCdS~VaDjZ2&5e0K4U#e%q=G#n$p5=!>PbAm!7yB
z6sR8sZmPx@9V@OlP{^1)w->CIGvI%*9s&S+-8#XkeS_VpQ#0TM__WL0%@ovGU=?+f
zC@YkT7XC>N2X!23Os?eM=&lIb3vKQ<3Q&~@aUli698hOdMcu?<N74C?&bBqH+uPgA
z(pE#XpG0(ib!S^g`|6|EhK}yin>TAZ+n}On-@--EFee6_iC)X5{T&tBg6->Q-y4t4
zI1oipCM}*AJ{?f{K8JT|<M<PPz|AGp61188?fWj=Sfse&cyTN&9A;AzotL~Xqws-}
ziTcttM*qoxfwsI0S8jfCLNm0?Q?g5}82ICj5VjS7mKEkQq!$c;&6NRl7MP{NIL<W5
z5J84Cq)gtLIf54*x^e`ko`$SbPoJ!XZ$z_}0(#(E0Ci#6iZVi57DN^0c!o=>O%kv(
z*FBC1INkVjB_1@xsUAC(s<4yKsX><V;3=#hC#+44ti^mFvKRAekt|l?S<D0cQm`4@
zc{r;vt(KJCJh+QuxpE}pEm@AByVYW`TXj`*W0$|bh`dKQSdX>&uoucnDB~zB5{z4x
z>!8GgsA`7pX0hX8#<Hh~;-rN2`$EKo9LCTjX|e-hjO4)f2K!LpLWH_>T)UKYOSY~6
zZfD>boc>U#&B%7^Im&2cfvhvyCeR`I;bMr8sYnj}O%R<YB*SYIV;17)363yv+8qAI
zVjeg<Kz1-`E0-rvZNM?$oahLtPT+sYeZXG5^C0tErC!y@V_y-Wj06<nJbJ4o;_8l@
z)>Z9PXwwYoHmPS8up>0X9&@cRWNHZ6;2{DDbo0q$DQJJQUzD+YGPpJg4VpaXn$KO_
z+71yN!&l$=FXQk{ThT||3w1=bvAtMiBS&)4>5hv6Zas))&>;rQ1um{)U`{EU)pbqR
zVqjRuv2C`lYOz?1Wr3{f^57ZhvIJ@cay`=fpo*SKcw)rNDDRWvn{k^oa^_YBi3F01
zI<7K{2PrtY1*E615hhg!(Ik#blQZ*z<2=YRS#oq6F`ri#co~^*@!VG$Gc;N3w4seT
zuANW}*ePsOR(Ly>vWZV15xFV^LkH2(dE61RXFmdjimuRu=+dmf8}vXHJI|!t;hliF
zV^HBHqRsGk(AJ*?iZ_>?V1?Pr4y6;UP+QRnyWI&^Y$owDonXZVMMRfP?1^c(h%7cr
z0GLSr?o>|(xol9lWzn{Zx?Ob=f<QfjNZt-uC3HCH^FRTmK2fLjdS-rE$ifIkcSRN*
zSGAfj^v+i?l0(8LB52jt!GvXL#MQsqHS&f#N1bc_QpVQ&Le3f1jfbvSW+$x~6XbN&
zMTaa-Bs3}%4%dMUU-Es6fnFlgK+v>hvC0nl4`)za8C0YRB1ZCG5Dy=X6zw-0lvl$K
zv&l{xd7mc?w6jO2$T$eaDXLi<XS${n6MAOSqR}dFq^KAg#Uw^5wySyc$x)poK&{qq
z!lPD0f>ybh)kfG1W&4jbl7Xk`IFT!ct#*yix=D<dZ=uq2R%2WN3LNhks!9bEG!Xnp
zBnX@Li`tgu2FztRE6}>;ZDrU+BD#iof;u9Bg!Axqne|-cO8GqUMA3DIo=1>A<%xH=
zz$U+?LOMXdp?=GX2$!NQ2kfEagY^wuXelD=)`P*hJehCluh62^APm}uL)>c>f;nLC
zN!KL9%Oaed?;d|d#jjogTC-;b$ln8sNmpz>PMe0U7$!~coG>k_a7m#b>7hC>%xP;%
z*RZY}i4w>pAeC;%$Wyu%WBmNI4|;ddb@f6KSvKr;!}}gJXSXaq<j~_C3`Fy7h!Ov@
zQAH446pYLT<@k}nYs3&=bP-^4Uw3>14n3ynpz)G{f@b|Yfb3x-jhiDL7xL7Lp$q1>
z=~3;xf%Bai4!ZXOW)Sm`#U9dA*FXmeD9E85TMP_ZGw@H8By2{tO(zBzpweiS(4L?z
zGp^%0C-{WPAD|byfMQZ$&rCPCY_LI2vDEwwuD(*xy-X;m7nNr1KrtTlnivh0M3D!k
zWwt@Bgl4LhJF-Wxy>S8~#~|R~T6Vmdp&EGyG&>fAOyXoz6lsm(D7-61xx6*w_@*Pi
zAdRAvoJpfNXqn!k0Tjyo;gOMIye9IwqfjR+#|RI;6pKN0dZFN)9n|RMEuyuUU5ixJ
zp=W?lNW6OPh`b0A!`gXkf=WAHo>&FomkJ{}p(gxr%7k~NE$l8q2JUDb2Wt2^79*la
zSrLo@kirK12wnvGy33tp5$NkKkFqDOI2bTv<=lS5oJyKnm$#k-_jWQBS6Rlrdk6vg
zDAA+v8y*8r1qD}TUppz@(EJsS{=t$qY^lTD0u?w`4q7wjlt7EB<0t2_{enIYBuql5
zQxIYz+6;vn_C*2)yw8GrDRe#03qzYLps(0j#@X?RVjrQWV6dMuQv(nCECNLJj@!|B
zmcOAuV(OJLRozK^X4P%j<R)g2D8wm%j(Q<!@H$1$n7IaJ8t>qR;^52vaHXM7a6TVW
z(XN7pLL&I2#)-`4K*!FExv?a6Krjpkb|Z>O<@J6fO26^fcrUACaFHiY9h`=XZxxdL
z;bprD3%Z}=xU8)3B}wrp7o&q=j)8OJNI1eI|7`=^slldUknHXT{izKb`UW=$3B)kV
zLuhiI&v}sz9J_mSRzIiH5s)o`x6kB~KsMvU4U~0toNd;!kl}S3HpyyGi%hc%7YY;U
zkjeH=Fp~vs`4$Bg3~CRmLY^2BZ>T_;;2hJc4gNf{TaCJ@Ku92;XA)88&$35>00k8<
zu1RU(ihYDqfEl5j1U`u<1=6}><;hKBnyRSILF?0Mo>rL^hl`W#ipx9A8cq}EpsJ`!
zbRM@ZD~WB<d4;A9C-H%(4H^i3N!ymmT8tbJ)Q>4k)ljnYO)acZROc{7kitmGyI~7o
zR$+AYr0PuKi!pqQvcd)?v3?9U5j}x*%i6ezZ97$VeC~{OIB^D>En}TGzY@BX>^vR;
zm-S!))bIfLVYMRJ71#(byoNP4sX7Cyo1J81!7D9eEYFa%gYCjrlw1umC%_114kg;L
zO`$gpwkgro+X83PqfGWqREB}Hh72h?$0l8O5X%y+6(rqZsLzAV!btM#;uQ}xmmHG(
zlvV~eEEAOMd<#JLWu2l0EeMa^YIYLklSG#V<i-gY#KwfgLLq&7D5(=r_q%nODt(!;
z{!~}8e`6{$jQ1)y*DvIpxM?Y(8Dm&u6S~{y^uvjpv>dm-`DVLI@Nw0Q`pBSxaTXC_
zi6PZSLGdF|rr{_zD>FKBJ!`s}_j2}0sI7SUwkYQUg$1erB~QnQZm-R=7B@i$SC;nL
zF&7fR2#G6aOl#TTw=y^5aLP!OCCKlh+rS%DT-_PrnM2j4C~mA12T~9|>>ElTeK4WB
zL#6S&k==+Mwp1N*6n|Z1z@*h494^I6I@oU6V7qG_Y<EqA?cU>q?UoLf=5Z2+3m*pu
zEFUqpm#dE%w%gOAM!4Z|hb(cfYA?wO=fSD4z`3eT%<VdX3vwrz6R8ZYw@9x<vi@J@
zs|0s?OFkm5AMXOCxI-#tT-7Z(kVSGhSQqGKySEBD=&ew75vPIlK#&e8DAJ>fG9ZLp
zmSwS)_iUKD%iIx!f36j4KXPbP3gm)4fxaO=>x+%8T`d@lrRU{D>^IEPY;Z)vXdqjn
zAf+~gzwk(QW=hBEV`A;G_E?9~!ukgVFf=_J`?wrl{*tM#%YT9S5mjd-<_a=HCN0}V
z3IYdIHJ6I?W*II!u32uq+di3&5o-BB{1^f`Eg|UTAi-Gd9CA-hbwHt%okaBsNQ$z>
zqRAA(mLS;@>fa-gb(I`N=tPvY#8`(xh|Senn}5i##>TyjhxOT1K@U=()(7=4RJvSA
zvy1p2jQV7$biWdgZP-A|5-Klzq(U<&wyoIMwql@dMTSU*A9qji^_@{M+)pezPr;GV
z&FK!<3AW+eK)l0eo`>gcDX>4Z7bjityBI}d(KR^9j_&~VJ|FciC5i<>P%RK^TDNm~
zYeuLAa#Z{3HOH=Lk55`NZLZapwF*Vm*4x|}s}0-dPMcx2X_njO=tUI;0nm!&Z8+m3
zd_S%_lMvL=?Q4&2B>zSXXAFm{di;=89UUmq^~ub}u~T}|nZDGZ0t|mb*Tgzvt6Dg<
zIg}h8?nw_Onzo(3ZKS>JUE4;F+!k%(nyg#r{TcT0>G0FhBjq3Jj+*t{T4>XiI15C{
zw_tP>k`*tmkTj>@!8_c2%@Gi7gv<GA*c`D+u)Za+1qy~aMoYfan6rXm8ii7!VhxBS
z<hPC$D`Kk%qpXJyR+9&uza~klw00m<Mv1N`f3GHgC&>-O^@<eT;8-EEb~LVv;nRlI
z=(nIN$H)P1%5g6%S8`9*`vVND!3^$g`VNYmWU=-M+AgH5$g?me+?rr?RDzMO4Mv*)
zgvph`g;Uonnrqg+>zJdDrIP8|MxkwH(r|SYfYX+<twNiMB(II}jzL?w2-JKY<aHIL
z(M89iwrZg5B>L7_fVpWK1;GrQR+)^hG(CsctB)zjPO7$=g$oX9ioctmR_#Xo&x#cz
zM~rl$ww<G+tIA4Qfazgh3(yq=cH=4*st43xQ>Q)a*wqU~%SH*mXi*A!9nz+!QicnX
zndDHUkye*S`T0n7B2xplUd%(hTzwX~X-TOJ^l(_8b;k<E1kMC8HfdRb!!}!=&}V~w
z1N_PZBA#jFaGH)aQhzPu(Dw^4Rdm({*T#BspE$Y(ZOo=7RA|nLN9UPAmC>KxK+182
zxzgsHYx{BH9yup{lG64;%|p806a7+AUKkg=`lr2-Cx0VP{>EjS_GRuDaOP$jH`l;O
zl<9PohA=Tbk3vZJ#B;P31}fUf4Cfh$Jgk#}+*cImG{u_~ehQVQxUsD%+O*Bwwhg|6
z<0&gm=t)!M>GY^rCmZcqBq%4S8kujnUC}2D9IwPAO^m3Tbn?jzcSvS<^~-REJDm9G
zafXPPuJI~lMAWHw9+#mjJX?k}Mx+}vh&Uy*Mw>7vw&NcP@CmzgxIg#at>NFH4VPt;
zv?OsZ9Z3mo%9*Nn^-K)=vG3a<6-~fSL`ubp&U+}7AuYU7l=(O8Ah=g#-^|U@p6!~t
z(0q3k(?9k`jpYne+j_EJG`OnU0yOve0gri{6Ps4T0NpgZ7UU*0EY3lSs)%+QwyZRv
z_p-KndBJl=ntfyh`KD2*Hi1}HKpXO1F=_5e4hoG6VV&ENAc-n!{hX=hk3*p5c9i3D
zJ0vNKaAu{gCyxy!hc_ntmW+Hw*a9-kJtg5M@^d@*^Z2T>!TGI1>!hJ5Axxy|sly0g
zN*l|&#vK#-mc_87`L5K!P%6_SMMr!Wjtk$CMTF#SJr!44rF%EHj~vfi*(sprTomY=
z_v<F3>doHGSS?obSTbGdz9Bhfg;(Jt;Tm!jEz^Ty<YMnOpn*2dXZh^!8{E8Qth+BW
zobFq{8KoKX>K&<5IzS24Xza0N0t5*=nW&BiZB7eXd#NLziEJmJdZ8d%B^S(0sxF2B
zGzJ}dT5OqqO)!+`WL2B3<Fsn@(82&|T?>Q|tXwG@Nm|!7s;*e$Ae8}YW3zlehU1j<
z7;`wX1f3isb|M>0RySSCsj;gr-E>nK`OC3WdeRBym_S8`R0bSN5W#)!fZZw-lVcT(
zo2_e;s_P+G6F#`hV`W_)Q=!Xa7Tu+Elxr(=xpvWAt`)kh%Ax*WO~gf<IHsvSma2mS
z717c3aYHq0?7JH`t{r-5ykxqi8li8-joEs!;julI7h!7UXzB%&0n`brNP(CEg~4*S
zar^?vxL5;d1HH-NWIxj$XSc%3YcNmsN^)aBC|*H6M^~-M@BYn##zuN41P#cVF_BJg
zYy=z7`I93lPeC8hysSExmUS>Sys>X^1C4n~Wgx->Y8H9*A;oaA*oB0CS<diWQRk1s
zS=(YBHz+Hdq7OaC+H5+dBD9ip4Wu$m2~>n;c;aAT0~m5A9bH~DH0CY7cPLh&6x(?v
zUeQ~w1BsRApL6$_(`w$(5Km>jQUJ7S@c^!!7N`iKNCt(kT5_m+VchIvc7uc-jCmI}
z$tKFQlwf%Un$n5A-(yj~jR$<xzgj#J=y{a#IxW4xy%cNuxC#DlyMSxCg6)aEZU*e_
z_7$7Sb#)Hiatn}bzhs}6z>10R&-s}k<4)j<<xm_X(?s8PjFx#f#60<&$b<K{-z$nE
zhs-wO-Ev{u2S|%Q2o)$l*uG#mC|D;(4^@2-qX7jrBEhUv*86Bkw#=&8DdgH4Wx(as
zH$Kmg6OGsg22+FnRqdr$=UCr*NyEu4w>B~a2XqLk98}lk^d8ExYVt^hdv%^(ucEi>
zQQ4tI`kA`Z0o@Drtwh!G>eUCZCv_{MPs@UKl&*m>z(hCWsU`QXshE`cy81*=YH2E#
znXFS*Vu-`M^G!g?ZH?<_9aZyrU4zP<rbch2x2RKt{aaCf1l$DWW3qK;l3Gx}veBK=
ztXgtVP7D<OfNrM3P0%vfR<9Oed`$rNhyb>w>yg2#t!ooQnws9QHGtiMWU2DJIzm0I
zA<J<m>~L`*tdFvfVVe4vek~iQj$=%i(#zPQG*IrP{Egm|wC5-Hk98-9lVj;rYIxx+
zFT1<$pj`zb3mq!To={JT0qXveVH>y|DS#b9iGo~Y!$`j$C3waFN))JTsQv)v4EE}=
z^y9dux+?Ko3%407Ak4f$IpO7x`1}hQa_64Y@Zn>^cY=A4o#KO0lGi|4LVg~cFwEJP
zhM94S{^jRmG{glnv4CYg{40K1E9(Zj3}x6La^6FqQJGQ*HM40Db<Cj*>`or?axiC4
zUUgg}n?bP#FAbCS^d~dJeO-HiO}W7?m|X+-*2A#Dk85Sw;FncYtqf22nANcL>Q)*0
zm~9!Ax}3^1t!u_hWEtR+Cd<#IXow5uP65k$cvJkeR?ZA`8OoAD<h+MIPjY|P#+E_M
zF;g<2I=R1=gEa>%bHaLQSQC}k>0ZAFm=g_h!OR)JvmW*geq1Yq2EUBwtqDhxO-Ira
zU-i<)Yimv0$+%xOdit2*f9~(v_+LgEECCF#PVTQ|QO@f4xZw_*{1WMBT2yKesAw|K
zg=^^mu5~Hu;MX<lYDvf8>RN^+`<zkQ!lN4Xwrn6ob#nka#Rok5f~2NF4x&-ID#?cH
z&H)3JGnh6sU84^T-SMI(Q#J|JrSuiT^(Y*CExAMTh6Jju4!$yU2j{9}Q*~-OE`~s3
z_7aMhV+gY<WI@%Oqv4&z_ov!A&<jO(4zm%B2V<~PaK8B9!$bloH2DtW6cb^faVP=|
z`mi<_WWWjs!+R)!;fEC{r=wb;9^&O~&Z_9VN33#eRa60969SV<PmT`9Y5dFypv}}l
zJ76*n=|I_L3Z1Y$_^)U&iQ|tC_J}%Q!^(G7M|@`;z3!Y?CmAPZ@{I2Kd~KQeIkpCu
zqr1ebN;w&q;Ia)(NXWHBEd3hO2AQ_AW*)`)>^(M>CPktpsu}p8HZJvJm#OCU_@*jE
zbRR(i($~0w<4Z3iBMnBtA+(SiynZ{yo)vKX%C+o)CsN`n&eVx3)B5F0;Tml=x%`3*
z^>@Ev>VnFK0LENvOw}}5@kdgLfigGAb#Kp+Of#ycVHBbr@K2OgXXRRd;<Bpi9RVOv
zUIw1FUZ6yo&K1x$vxEPb&iWAv&<<o#9tasYCZPr|y81z{oT-|oYXVvx*RU8M-e6D_
zR%Jg)D48#ASY&E|pQ<7}QIJZK>NMlK_(f=`xw_p#j1tIFstHuvR_8$TYE#24pe@%D
zX#^eg6Zilq7?f+F{25B55pW*>1)6Rc6snkvF3A|CS0%QnIu20jl^JxBrmI<+_Q$)U
z>?JCPJ&+Q3onC&q9$c0iD02!>=D=29f<YxBz7^A>Aza8yvF;6gm4sL)nxm`PfbX1D
zGBuK)2^!Hl{=U!bGc|n{k`5J{@xC89akQ+gBRR22NWbt+A_1ZtGQs$M+$&dC+^hOV
zvqYgbVRJvB;~cq7UTOBgM52&XC{oUp7w{#SPt**<K$)Y|Y*sJ2t&*v7;MZ&H;MazO
z(_8B~wUnp8K(lMXKB-NQ;&L3LP|V}{$ByoR9ux8)!vdgbLU%Viy4{6gC`lXFtIz2=
zx?!3xWvAv&07E5n>IlReCfEuF;crS)g!`7Ry0pr--fvB$P~ta2WmOw<je>5K+(dMq
z{j;;JJ$5u7sRRKg6jK%NZ$U}d45ye^=Xj1I1m#z8LZC4Mj~J$qFb;i&m$#DXqT--}
zG(>SD#rw@sxb*C#D*rnAuOC#D*YzTZvV#PTC^@u_DoZ<no^>N*9Q8(Q33}Z*#+>Y`
z8fZgX6oCYwQ=!~Q8^d)6Kk7_G`SF)|w&%zYWx%lZqtIa|h_avgYg+9CCYKOM0diEc
z(cArs8phuj^OMakY1zqwh3{r~jmy%@jhR5sYQTMjRd8NM)&Q;s#O=BwjWp}Et?wuq
zHr!yT?xX{Ukt`N*!eop+38e4tODFu&meKYW_T|RZKu<!6HfJ@y{^dMM29Zf^PIuvr
zbPGxwP@K_7Da_>15Q401&j!Q$*A-{9?Fik|`i5{;BIQh@s6^;31^g&$6^fRlE0K*o
z{R8CLq@FJ*k@OJ#+b$NANO#YA@+Xe{RU#3b=MvYAmt{s}v!Z&}6UbzU)qP0mWj1D(
zWZr{o9VyXFiZJ^Y1)B*)a-)HPPbZS?0I7M|Z8_W>$2rpU_oN|d*9wZXTsxCSkkng2
zdv{cng>~_`7LAr6NpsK@d*;?pBOv9eJx-g{^F`fuB8F+W8}aXf<rtM1-KrMyxIsdR
z&J$iK$HkX1XOdH`lZLGgskS?ZYI4xRyx!-rShed;!MjWxO#fO_f8Y8o1O2PRn&pl0
z*+PDGeB3bOvxR)#FiA!{T86%RtiNx4I+@;D4MN@^zDbT@p>ZM50^NF}`DMMV1i&zJ
z7MN2Dn5+Gw&%xx_1N56dGiO1#cxo7n1@o&%POp=VdcFWZiot#)*AfT%Hl&j%SU<Bh
zGu$&Uwlz7>Kh`(cn@ZFG&jZspm>Ev?_xGgXSDwgwS4J!2c$!gMN)$P8atx{Jsu96-
zaY<>&fs-Rhm1K<wcI)Fyi693~jv!UrH6qxBmxHB5G5}JJD7!4lt}wGT6QLCP;@Rhk
zr?7QI`2{?Tgjxr#ZRpcFl+jc04vyEM5FVfOn!m-&T~+q-C3BaQ3v77<&H*z|q5HYP
z{n62Pfzp|9eZ+e?RKhAcA3hT_?a_qp`Xl7~RVsharKP5Wo<|K%N%n81Q^Xdcrx%q2
z9OH$!)9la4xpXQn_!^Q!2wQ4Bg`zu02aPI`c_SdRTVV`L0J@*Nh{qu_WfVgYVEkqQ
zUJTe41+T;eea%;kg=<5PISu%5PY)+g5C~eV;tOKeNDPb~bK0;i6KxrUYp{@a9Nh)u
zdd{*LS@B>D_MD239+3SQZRWCpE9_eZC<1V{5<5Hp>{l|p1*);=(=1K0aS$IbDM^E_
z#S&A9v7WqzH!uU3VrsFdn<)Fzv}*H3r=miiVKm~$hiaik1l|hHBeTQ?2{NI(T_wl0
z3Zz&qN`DmEeX75kA#ZInfG+=z0P>oLP<4WQFBvfchtjD5xS1g!P=Z(}dga<?f)k+-
zCQhePeg{>#m>p1%i`loBi#g~l8!rhq^~zKzHm{s1U7Uc`A!N+;^9kK0@)9tvtEp0S
z&>?BU+a6)9D#|id@j*_nN6N`Yo|-I5JQjohCwuw&X+~1(VOs|b;WCamQ!BC|!dFj7
zX4>9cwSrcY;)y|w6p2KZ1#2hZG%^amn3qgVU)XX^I7w=a(06|F6!HY6PjPL~G}2ir
z7InLGv<d#6w`TC~O!nUvo}YXGM<jrv+OCmPaj9XPFj8p1W+0Han6=e8Sv3$}NCPCT
zfi`rZB)&Dz6@e6%>fn1l6rAdSWO}%-H`z6uN^b?04cH6SoWLz~X*;PGMJpuO;j><i
zE}TWvLy4ySM5h)7!z8RnvTUM5pn^KfKaF5Q>1ex7TLz;Tm@h<QKG2b9*a!L)ZG0a7
z+Kyur%Gy}Rv9WfxQOV5EtIIqz=a@vZa!hP>tR2Arb|@`EYASiYQNB}b%Lgz;?!q>G
z2WZD?Z%JTvgcqgr774_MUU*at_#6P4l%8V-d-g>EN<l}5U|iLMzc{Unp+zVx2`w<L
z&2@DU;Gjhy8xE_Z1t}vCov*-*BPWiQ0ZQ=;8+L6@r+Ws6X*Oc`MrvN*@?&wgP>drb
zwl388ASrzrhM;2K92ifFznLfZ{+S&=G%5o4DdBsyan&?+JL9Uh3zTl%)w8ayv3LZ!
zZv}>FxQ2?n{Ds;~S}F;WaR%UfBR9A)lFOBn4zW-$>$<-_hp0Z8a_gw3+&JxL>N8A%
zGfwYWd5w8>l%Nt(tV5sKZDpsB_xWhq`-Bo*8?H(dtUntUKHznuw;;)lxG>?wjxPrN
zFsoT&0VG5VAT;}NVA(;{9yjT8Y+wtPSq_yJG3T<t$a2^?GNU3S!Cog6RUBMNH0UV7
zWMUW~j7&9+l(GUIF$Yz^lOmRbCS$lji<#irp^rj?W`yr%)IaZ`o-~?ZoCsn}pga_}
z_Mo_ja$iMj=rz`>iS>jY1HDyH`GEDV29`#=qYFG{L)<7wF-lwLjqybx%RY=n__Xg!
zE=voSp*p#6i5RK&`Cgzql>Uf1VR7;=WB+B>I)bRkIgHzxEsWs>3Sz1|Y)v3KTY_{9
zTAty8heh%*2dKdeOadKoW*wk8qQ(THh|lyS+Y{Dq+K23Z@QD#-{*W;F@MOdOvuSGD
zpl36aaCCjWnM6~fiG=ppU`nSh5}bAcVLzqMq38zm9TRmlG6Ih9-zUxj+Zto5AW><s
z1%AOi@Xu&GAX7R-zL``q@V*N8BmI67f(DR^<g~B0X{Re!VmDdBwM#nuYuwh=sc?mW
z8>4e5Q3y24)WLCnhz9Shpy`h=ujQTE(l>hvciCxgq_=_ktqG>UEPmK;O>ouGD`+tP
z95&Po>7OM_j|w(Bx}7w&4YpM(_S#kfY9VGcp|#rs4#K>J3dW(3l(FH|Sl7m$u1%Qt
z(RFL)8RthtAi4bz6kdFxgkEjJUI0iKQBe9*8^(J3`g_I(lLI{o#>oZILG4(YG9UVG
zFA5^)^UPZl@#s9)g~$`tyuP8+Qqi)LBgY0}h2TYa&a2%W1VkDJL*o<%;!sa|pf7`s
zp^9MiSv?C@9uJOhc6A-JsbP&<u$P_Oxlr9nFf*y!I*BPl2lzBA5GkMT=x)Y~qd^DP
z-psRpN*bfXPn_;%;|%Bub9O}a$)HOKiz^Ks$H<~p1&wMXIxk|!MF<df*8?)|7swB*
zl`Sp>UUUGr7>LSEh#BxtYO(?zfT^~<)G=qg8Ubu!Z^B1~Db27!TTyr?==PmE1LFXu
zKv}=5OF1t*VnB8lzwonrB7olI!1b!5YbmqObX+x`$NL4ALO7H)ym@t&dFhrACifA)
zGIR#k1#$8Nk+sZqM-xPS*5xnKEVFJFFLnw@<K*G~MNaPz-pR(&EIh~+(CF-vp@9iQ
z1IHbA98Dyd1x+XoWfKh)#YapWk)dWR85-%FCpUaIf!^V`ZB!w}^=T|(NoN-D#pR-8
zW6M^RV_XV+c{p+43ewb8(T$&xv#p6Z^CA0t%)dM3ixX3Xjy)c$(xGs+jru2+nNzKs
zSzE0(9ud5wXG^x>&czF=<LY*7N}rR0MiueOz%vZFC~(SNhVDdYN(=m|+hD_Vi9fnD
zo*{L_m9BJ8a=34B14#Frytyyk(+#@&(mh?nsdQgYW;rYwnL%8;35k|%La_>xg!8m6
zs0WncWmzES5&LE*jcHw5o*rf_dun+glaie^!<MK(A)utP7Oao&LgMJ^oAh{*q=u_C
zHyS_UfT#B5y%*EnY^{5-MX*gkT$i^yPj;8Ln}8rMZ+D(lFK;)Dh}YMVw@pVo0o`;_
zW=&8~i@<OIE=WsmDX7IB^ja`y&^PR*9V9>KDc*psQWDB48nI041`!*c7R`o_P{l0f
zDg}0E;rJhPpI5cb2>ef94nLIGRkGk~CMa97mx=`ZqLp0S!2n~!L><uW;ld(~#cdC_
z_waW}GQShq7{OW0TN7PYaSoSh4_xmd9(A5Jd23?83pnSf14rt=TEk7Q-02%Q6Y+u5
zbS{;hx^yqbbWQHoWUb;Hx?ZW9u7iWn$So?@0-El)hKZvpVZ*M178pEg94P3AZjS|`
zcPvd0R1PC&$$$o7W81iZO71XKz)WKYt%c;xUJ<lm(-9+4R^qFGSF5_L#No)r;|?en
z@&g%+6Fbi=MU@N&kSpc$kYGiFu`fjmj(8~1Br*i2QH3qyhG@S47&1H9De74xXJmsU
zD&|-c?O6iR1B05WQSAfS(2J_;>b42je5cy*_b`K?N+tj$^GDf_Jw#U3Mv5B0l~E<<
z#ZGe6uyd~o4B0e#%b^FyyQV}`APFsp-5TZuQh_P63%5q~*Oo>ba@$E<{*vv)VP}lg
zdJCz6NtJYnz$5pXrAbRtGUt9CJv>$v=*t^8sCb%u(SWZOxo89yh{7~EGnbCAW)80X
zkd<R(I3kvht8raT3$xGRh?ccM$EA7a3VFkvBDC}GKu5@n#S$Mw$&|)%9mqA6Jm$Pt
zg!|MZ@Hj3R88|60L7P)SGgWtI^Sm4Y#{mP?!LbDkgKlyxeU;dRj9z3FI(u-Uth^SK
zsR}N6pItI!()n@=I2l5%I*lL*)f)LVWiDE!N!VrSblbu>3;r;&5ULmnfbcVl>Og`%
zkLv1`%5NnNOR6(-C)=3b>bPU&ORjWp2Ki97H^V)kH^NmN78)cg*cM+UDU|GgANVFX
zY`!(ci9d6t`z^mM-gKer4z}acy>XSTG2UX*-Ekn<8tsKP*a_5`DbUudBoxpzU$hO=
z1<{Uj6X`jFs`b{oEnkYhSEIfg!7z?YVksMed*HP0So!G+hgLE!(C{56ajI)^Sufy(
zr{aAiE3c6oR|-(LKj=B4e=I?;mfa~rW)6};(n`j5xPjz`CSf^BT+|7<<i*j^%h$qA
zAM+LFP^8X=D$EU2W1F7<8iJDukuvXwH)$9gB5l#k@rM6Ji&Vy@{bJHIV2Ff>RN!(T
za|8v7^`k6~6-)%V->8|Fa$iVVLSodL1>p>QAq3)u21Vhu)XQdTI5<Nj_0f$`xT7?!
z2;H03=6DJ#M=wb@AVrK#JAe_(;fO|WOrv!<!h-m`$^+gO6}9b27l~ga0@khD<48aF
z$OI&=1~40;-dYG4oF0)D>)CAQaXI<1jg~b90{JB50EM7d32l*qGV8`lwk+QW{lSuH
z6s4u{@%k3`SGP6gCQ>oK$%%KyR>k8@Edh{T=n`2xoJrNzwU}vXdd$E+c%z8N76=v!
zQq42WNf5*c4{j7+ZX7`{kt_uQpF&6`q8UPWIhx#-fnvr$AZTF`B$?-mOv-Iu{8^Mk
z;yGp88z76^<j*}AZ$0@PCrhnmn?lDoB*)v2!e(NMy&gts*v>|^2W9rs&<$;WeIhyi
zU@Ib4Ltgj+astYZFZvC~O~_U<*(%0*Y1AU)d#HBd8jTR)5JT=e1t_$0g=9A&8kk^I
zEr$zj7-DS+8lA*3&>)7PbgHW-lj$4W;KxORR4*7xr-pjc!&^abUq6jzKs5vnoI{K0
zHlXo?p%N&~J1!yT-#N8%AnGS?t&?=<%NU&@LPPRvz*b~T61lOsppJ3&XNCDy+A*<t
z<Q>b7y;iPdo{{XsSZ1KoHO!KDS%q$zA%gynxi(R)yq^Y=8x+0}`T|PN-$MHw<&`Ch
zhC*s>k_s?ZX-F&4Y~hn?8`8r}CVay|*-&-U6}7FP2{@8+ZR?)vf(n-v{NKO~!yhRB
zVH3<vazQPI&n1;G?-V#%P>cM<Tt>#^9N?W2vlef)38p`yvCnKqc?MMix}N=!Uc&*N
z%?j;iJVf4lt}$7HVS2ep@$q=8@Ha4Gy1#j#V+x`vtk+&*Rp}5a$iR&1@QYP-SwK!)
zOyqz=2;l*@jVRh+7`crkUY&wfGF`m=4fVN2Sj;gb#?$EIJQAI!;2@sV|JdpW%NZ^k
z?e9fXdnJkSnE?SIIL$nX@dhRNegUHcRWiA~LSnTglviYq8^(h6Xp7UM#G3&8UrT^a
z#5>|ojJJquhK<*7f1vAtxQcT?ygwkGng<LB(dB-#8r<=qhCpowV1yIXS7c~96alL^
zm-2k_OB^U6=XpXy>g5w(Ku%2X?m(JYyAcq-GMBZ>Tc62k0ZQ+dS6wK`D6J~+oVv*O
z<h!N?r#K(Y%li1Mc_J%%82RxA!Y6}nGT{T_>*K!?QaX`2g|pf3#n}i)r;S+JJu;!%
z5C%&3k3IUVCEw2xCuB@$s_>m&bRxi?ar%2@s`S$k0aPkt(mT!J&I^l{VY;N2gm?4=
zd*Qr71)(EfdhsN49|pZy)HvxjZ0UK<5#i>Ew+Y51WKox`WMuWN?qFk3>Y^ttbt6^#
zDR_;j_|)Mzl3f}qV<s960Z75KD29=Rum$M}mINh+>xq8LkT@ghMtk8p?lqOPXq8lH
zzqlZY48&pu)A`mdkuR|rgr45k#QQ@y&}@K&WG%4>1deBw==@PMaqyx=gC4iY#KYhE
z$wh?ABk}4I6Un+oN4t=<i|hdxzJBFJMB;4hVux74E5sIFI&oW|$N_#69uPfoXtfGr
zfJrK<ETNZGl{J`e!!x`S*t}|tY|BHH<&n5vGP1BJR}#TB5>AMEqhAAE%A!ewG+G2M
z!I)DHhp@;^CujjK0ts2D_#Q@s#FrvwT8|v&gr5S-1<z1^HKhUke0BYdCY%9urG~bG
z=sbm4W_|uObCL|^KytVX6{=-`*T@vrP-L!Jg09ryaL?ed9Anv3F9~oufrdG4P3e$p
zdP^pPSknx8M!;&R5kSM@>Y3J{?Oj`pZ_RUD(RCi3hyC{=Cu}+9YmUmkbD2dG>PQbY
zu&RzT5Ia^A6Y|cQ1rbwvDP?hB{m68yXrS6$5)I`mFxAwkf@1PwSj9P_rReQvk!k(e
z3?!lC6pwHQ%5is)vt>Fg&`RQ~^0C47Ua@r4&X9<n{NMgjs|dW>iL21Qwu4u1xV|Ts
z@Fq=j?WMM6Q(gzsTuT-Vj?D#4TZhbs9(08raJ>TT{E!nh#?QS3CuqKBp<3V>KcE_7
z+vtzSdyJ3JkM<@)Pwqqt!C<u?vMHellV10pdSbgL>Sg)5m#wi9-5#>b2srHb;7KHz
zXpEn9<HMDoq{n}FzysE_9%@w76?Bi<h8_W|R~_B-f?5{sN1**I$k7(@#lu63tFY*8
zO35%tDs$}U_Ln`;Ql~b#V6cm)w7k7u)e+!rZ)@`fbO&$k_;>|Rk;!GB1$xiqL!(4p
zfD<j4hC&4CeN8WQ1ql_7nN0E51IN`1MecqE^Rc{TRb1%xwE^ZFr;23-JFQ?<q1U|O
zB@HF3W=2(C+XY16${u*)n?S<5swR-oenGKk1F2Jbf;n^Q8C3ly%WL+)tH&PTm&aGG
z6(F?$8o{t_6aY?bwMn1D=f@71&`li|8ZV)E%1M0|tXT~ru5A<syvCx|p)cUF9Fh`j
zTD7^PGtB2!Uh_aFqRq!e=UISdCjVAT$X8?ix;f!a(!Eb~zL9-fW<N9a8NV||@1ShO
zBET|en{eUy19B+nn&EWc02oMShI`VRdbavg!1d-~$M)3O-nnLV+26ruiy(abfmb*+
z%$VOIU=yTlW5O`mNrJouzk_pJL^Z*yz~s;B?OX)}d9xFxY4)c99AC?q6mbq;$bJP~
zlVB^N>HE+F%cQrz6<rew+NRQI=~6zgRBpN%d0prS*auVP6V7p_0EN2Ps(dDMM=3yI
zeP}pV9Y<eCLiy^k<NcT{=HWPJy|WF6R9iRw=8S2L_uW#nTG-mNAzgTDA0DN`+%=!n
zfm0givg>&QB;;hRV1!AWhIJdfH7(fu_2vrulgikNH-xbwBGaQpo9XWof_v1F*sJ^{
zcP}1iJZN{zt`&>Cz|VU)(JD=t0JGki3Vgn&rbr|dRz?)|QpDv|iouhI+5tbd1(2Kh
z+%{VUNTlFyL$g9-$3m%5S1eiOZMl3NnBcEEcXy4zkE`{^%WtrRAy;9n@c5l-C)f)M
zHDm7Q2W}a#rHC1SPsIqd#pBOLrFp21ghC!&iV@VLf@{P-5U5_kNh6-syB3Y+CL@x>
zunT-FaZOd<IS?zWik_|>{S0c&=HVxQAu*-i6ywPaK_fo8;4!oMk>*urLRT^Kw}Fi4
z6LBptGihWeX~^lgl{d0jfsqvSDCRWA7(`*N68IV!P|M^X@!%^!VSo3XB0dJy+#z1e
z1vx@8TL=341~=8|3-S8=zv~6@ls4hY+O&qBSSL&=zUFHQD2=KI)~^6Z3kY+z;5+kO
zmT6*<#8>7;g~X(!;0!@}^<D_vG$$<Fn%pTzPtb*VrkSmdj~i}b2iFom9M~Z?rfHVB
z#+vG?a3>IetZN3}5<Q7!g;55O7RiuMFy@s$#02*|Hu&MB<+y#t1WMZg&Hd7N-pFo*
z4~JTWX5N?l=5tAl3{WFGtrzoZRtG0ia(1?!h(@T5ceb8LCj|Zq>D39<#fkHHEagtn
z++`JtmZJmjo|11H(~&4AM!gT1Z4?US@pE?Y+A=!N&Td(f_`oBv;$yA^nqg){G`I0U
z2{ZFa2Rvx_Pl7pX=mS2G1>@*(brl3DJ@+(ztT<Ic(VOT!jw2P!Y6v3sdr4+kQ~@u$
z*+wx?KyabsJTy%DA}DM1q%Oi}^vcS>;h-ZBTnm_IQ&fr7k-LZ_wy7s!5lOToPYE=o
zzk<>f!I3OBL(zopGS)GZD#xEp_&45EMF5*OE5xD?rXi9h-lCay0#-w4j-4O{>&!d^
zMaamiu4NC|R?f&9=0w=6gd)$@ZbUSb%mqWbQHk4TQMqjbh}4?k268rwXCM;~_T`a_
z^^hm{f;xWw7H1(zUKrgV+m2S;sX-jMWG_x2(@XU&W^TdTOD?es>?1U(3+iJJ<#Rzq
z*@J0Zg#KOz*;}~frk>PFpr)&QSoOU$30`WQiT^9PRai@e&#S`DRp8T?RW23opxLA9
z5~WcwmLrQwBfv|v<1HYnsri*dm=%P003f?=(&sS8)?zW%ZWq>T7<&2q>M;#NSAEPc
zf|Ka~f_b=jTcu_@WrRWtnkSx%$*;O9GfsRa4A>aejSR5^1t>l|&fXAPRy94u4;EyF
zY#!=P4)>7yvc4GtPVF1s2sZU>1<Ao~fH0`V`7NTf(8~+_;!$->d&F@r(MA5};o9{j
zUlW8BRya%volpqb8S~ae#>nUAfHI)Fla>ae^Szq~y9Sd3JtOU-c<+wC4z1kly$)ov
zMvp?GW`v9MdM*dKb6Vf*=v+vR_X1Um6EkCLI2cBrm03f9@AQU`X4vs<@wl-0qdz>@
zWpH*PKH&x_Ef**ZH_&D|EAs`=6Dz1yz%s1#Iq-9FRx0A=@etPk945je)FoHCO<+T>
zCNKjv&g|~%L5D4OTOU&ObwE>jEp+fWn^qSW1dx!11%&l12AjzsmaA5?2_~*#gVrhz
z+>a&1-UCd)R9>rJ@lgA)Vl)u?Pn8QcWPOp{uL<fi;ff8ju@KKTWjWJppFxJAHBMS>
z8I(p?&}^s;-U*;uL3y1u@wo%MFw28qJ0!C1(@9J*M}j*<HmVxXv5*olnBAlWU=Tf&
z5XiNJh*XB@QL!9}Wb?XeZZ4+0dJCafg2jdvA~Uc!)L^#;fGR+dJ!7ux2GFQ_VORWO
zK^AORe@}7{Y#xGQ3!rG#8L$z+qJE>by1N6#6e`hX_%Aqe#nu&t721l8D+Y+vvg%7(
z#gzQhhH7U}p9CgEU!iE(u4=kKS%rQ;DzBkJ91w+^F;T(;b%1K?B!azEB*v#NfUJ~b
zI4o+6y;ylMt!|1-lzFHo2(w(5#qMMri$}d?kG}ft(bsIz|1-8Ixo^tl%VkaiDvq4L
zav~U{b!#IGo~W6+EAi|JW0gZvZnO$b!i-n{_#+`d5eb=(3Uls%zc5=i&L5;0c|F{u
z4YOdq<TiqKkPuGT@dyV-_{vBn##~nOmim)JsIwR=w<geXV^=Cs<aM>U;{{l^G`u+Y
zL}uC67IrMOU%XYz91PbptXG90i__mN$aD?0MFC(Gg`l*kZ#YrWS?ql;Q&RMc$|?%%
zS?4gn_IL;EqMKN{9@P{oE??qmi5ce(?772vqF$gjK{w-;C!X5tU)10%68>&w88H#;
zikj9KNfbgLni`<{bgpW<eqe~FV#R9@!^!k8S9u6|{&iEU{;eO=0yic7J;OcSAhWrv
zt0$A`-Q3^5Rl!+w4A)Te#+l4Xo1?qQA{-|AYpkf29KB~&&z3M;?=?}jrr~bX^F`fu
z<n5UTM1>={r1<xlISVRK`N#6M7|w+54%wDg%DVDz{r6sb;#CN3PkkvUOiDEv;^NR`
zvO!=YlbLulJ{FUlyeIwl-fJdIQ!^abHpUSO((k*O1~LG%wkqw|u*@yC8tBst3)N>0
z7qsI%3O%M%vULX(bXUdR3d6zniWcclZ5UhMvoU!}Un)J8?Cu^L=owBXlxS~%a>LkG
zCE~@C1&aF#b_0&%47(P<TbX_pJybn!<x0R;`&^}H<FQGrpevI7eC^wF={lg%0VI?P
zc_1K_xQFO7KKg@3K?V!^Il2ZEXXiW_MR{k`>vbm+(i=FyWN;Ig^gV)*f9DOz%b|u<
zXj}v@RCG>+`7ajWhY4%LcuT@r&1YC<3SyHgx_c7S44c9aZHN~a+*Hb!bn=4ba>W4J
zT4t(Z4a~*d>Z$Qc3lkh4kJHN<JMx{vc9RK3K?TYs7ka{@kLwAkkH?t{DL`rD-G4#)
z(F*a5dIv?k+JI@@cA&OKGsQGG1wRj@o-s_aPLT!)Wo@iI*3Ml!QfI|B$B1ocC9giS
z+saPqc0z&1LvONcIF;Tyc1lk=gY1Xk2MLZB3HFNb;0P1NS~RMcv4#yzO%4rVr4@_C
zW4bvl8m?AeW1I6X58chOdXA}mSIzYq=6T(7y`R=MR3D{y9WQiV5s@Vu50@u?PoRik
z$XDJ<(5M&LH~Xl(!9BDnV<dgBC|39}GeZ1;!4E$WWsQI8Ro?F^Ij&V8R;3W)v%oU%
zy{bX%Uv?q`9t339ZO~mP<gS&q^8Qr;a!b*&A%<HD`7ZkR5N#?bC}Xh&%qb415XBtr
z?_0lRpno+AA_Q%1vnZCeDIU-0_Ox!Je~hdi_b?l2iW*I$@e?VaCJ+++%_ai|J8}JF
zC878glvkq)%B~ICG|;4w>dE+SluoA5N0p_cn$H8(#iqFKRHS3lZ?@Ew%m({d3_VxX
zM93E6=7t-QBFO8i1{YJ5+tF6h9UI^j)htP1Bu9~{OD<_ZEf>1ZN}Dh|ZP{)u{0y5d
zIWJqbyLdjfY_~=p1`A<giX%(3f;u}qY3r)y)IhoczwuHN(8FWVRP;x*jI`v@CAJ@=
zr=y!%T2~#*9GbLMN3VgZ8S#^)rmcw6qDd?QTt-4macAgl>v?rn*I>_Gld4?{7pKKf
zmYUuoPK&0u2ym(CU8@og8yKU;rA;_Rj^{O`oj9*2mvnos&WUBdS*DrwdswQe^&!5*
za~m95aB_t<;j<fPh}WIXMGfbcV(xn23n3nP@M0cubhqNVUC{>tKM*Gtg5AnpHLCT_
zP37A<UWeh=br|!69!j)=tXEE%_{eZtG2w=;y#GcdDTt5=HX<Y9J5<ob+cp5h%vtDd
z*bajmIZGnpP?DowwKG<>acu+*-Z>Ir2!yWd?hyw{djAMPmEJ+Bjb(kqgX3GzXsVTY
zUB(UyREr_7mYj!Cj00=Y)bcgMfdzFIP}^{c7%?!|z!AAfjOy2wgfAA#moh*B0@lTz
zL5L!cvcMO?rJ_N_@oF_wG>m2C7N%HCLuj-tJRD*#*2&EQD}ISsI*bGYXNOX%8iR*@
zxKKW?0IveA>tg)SE=2y9_qGU05KT}{5~^(y!X!a%A`6lrHd+=*2(hs1l!U<kYKbHv
zj0A!tgi@-SB!qpqP)Vo&uL7;>l7!GML`jhMws=YK&2^b5gm0^=$bz_~kPCy~YB{AL
zup?QRI54zWT6qXkK`syyYSkza!7mpn5>kMbD83M(kaQ9v6=Hu27Yj$Yox=%5&#Y^!
zUFdzS;vjQ@3$md5P?vg#Ds`UM$^8s^OU3srNS@P0T2$k2p?!^m+XKfJLCFcC8ahFB
z35y7qh=>Q7J*uixDiCN!HlQ$286d!G6a$_6Dog_K+vRZ8@I5S8224F`x%N_v0YB^z
zi4bU0t6=b-)i!W0OJGG{a!v(Y20=j&BL1nNXe`@YhIY7s1+bLOf8FW!LZFYbl9KgT
z5n0YXJ@4oMFj4OHjA2`lDj+bfZOThCGOzR>@n;4;;vJkcHjvjP0TYvP)CU~+va4EN
ze_d9|bOZTIX0!Q{rg!T(wUl>>pP0K*Y9y5C(IG2y0)%TbhI`Qziv5s?wK?69@No_*
z(PjfAKnGX{3~*e6<9{@ivI1Wnd1Olq6D`bMmjKc;Y1tXL5;eT=bYDD}OI{pIJR;@{
z8Qq+S&Ug3pCO7vFk0ntI`Pfh@JzS=-x#6wT!?fk-D7rNz%RDF0cEP7Cb%Zl8;wY?c
zN_4(w%Wyh5)|DFU?c0DPis(3*Qeh^CWOn0Xre30<Ep}K^3HQwl!Coe!-Q_c|%v=r}
z%F$q(;kjZ!u6>>k3xOHp&nS+PHX4w)j*qTlt20g4hMXZD6QY`qm4X(XtxN~+l71li
zq*x1}qrF_|8~J{*qod3ObT)ctP>{;hbQN{Ryp+-;(v68Qk$`0mNI-btM|jLhZ3;_%
z_QE0_n0+tokB{jP&<}XdLDdM0YLOoGk4OSyzA8smbl1veD&QIgRf8L<1zFTTR0)Xr
zs<J@sBe{=ko1(}^%DBD)Lk%8@SB*PZ@L)L@fzircE!)DKEpWWTfQ5)f*YYhisGRlL
ztX?FsbgjN{g4W=fNNd1140q3!2rA!2hsR0QMn*Z*ia~?qZcCFBFCycwiPc?AN<2Q%
z<Tvrv7HTM{39+?ECiIP5^u$j^dM1=@O<|nev`zl8Pj~KXkuk{UdoG4E%y%aLidS3}
z;y&?p3uriN*vQ75du;nr?PwUswjbMpuitt*3;37_L%>3j#h5JZ)<X;5bA*{Na>GPs
z!mO>`ggK^OlSFRAR4_>@+AtyZ2yes$gLNuKL6D``RoxOvL9mbwmE`XE(ru(925t}}
zjkm8IEZLheV9ABZ<Vi!T!g70uZRj*^w;J-Xx5Z_@PlRsqBp27x!(*f+Y&Dh{P7ZI*
zBpjRu!`~-~cO8>mwS2~0l@Hm3DA9StyPm<4O&C*UgSVPVSyi=#&21fKT}>uYZMH-N
zaD~*FkThf?v@%=0Np%{o4xHA7n$^2lVmKgq(h$|Kj0>bMmpr5R5-8c%G{O<fsS!f_
zc(w94rMzNV3K3498_8O46^g1&gUwvBDdZOSNEWrx!!Ii24BL_H4}*NiHXF1wNi<W|
zGBqirH5J+sP)CJ$5RMLE{<WSRpPjTUM+cL}#H7x~9I~f84toJL#``2g2vAl)+k^|C
zsVW~=nOs$_@V&mH;`frW=l=e}aOjW>Q=on;^TDt>1sQ;EAPgAkp$v}(YQnD(Lht&H
zlA4E|k6Y}KS!>oZ9YfRYrRtV!Es-=;Rw462Cak<@wA8TZg~1H2f((lI0a?%m7h!sM
zY#_O1cw@RJ*_{c#L(WC1Z?TeEfGc~?V0XGFnMn-}ZA>RKJwedvp8n*Po^JT8YhyAk
z>72AUd2>&CtJp-C5H(xFgh*t0@iP(%G&m&;lK4TgOEx9RuJ9>Ib}ev9l3kUiB<SG|
z6>dR9T0u~}Wl|&vnnV;AEN3tEw7w>3FEiEmGM6)Y0E3+$tTE)5bH{d2#J3MnPR3yi
z8&T5oZcAr>hZ$M5m`|0BuquXC&=0`w3>l~<Y@Jh$d}P7f0<tw&Zc82;ZUUFGn|sOL
z+CQ6P0(RI2%Vez6pTOpT*^f5@$F*#9803l<k99T6m|g)Acr#ZfX)X;}o)_GooB=DJ
zE>Vv_Z3p7gEkb}4KDSkMZG?)%QerLNj&NwR<!At({4dP($9qB|a!9PW4@36^VP7_~
z8ymv`j_$Ss)0&}r4Gi!{iQeu81EP6>FvX=AhsAAT#o<+0JSq%rA(n+_N3m8>(s4=!
z9kUX%%`+U39&QyVWm+zzR&XQp+79H^U>CjArs^xgGGbS^^{S(5DRa;=lV=psx+R)E
zrvGZm@~}{7vY0aVfMY3*1>YqfdJYhlr;Z^3@#A!WFv~)2I=rOTMPMb}qgc+diL0de
z`C0dn*`6~@4Wx(BHa6Min`jaEBJCzkEtw6Cs$N<{og{ko_`f|wF50R0aYA=drOPam
zBr6A7AwNHO&AIM7*QF7SEIp&m%>wC<>}X+ZeqmZf5#{Z(iel{55#bC9O(U~NxeTY+
zR~?`tlL_%AlU7Y;Ml^x})t(|JKMp=}ha8{^M{#vA1-r8Xq2el0>Ve_cE5~U5xgM7z
ziZ*l+HflSIe3e>2OF^2KmnA}fWD%5dOr?R;j68T@#1-Uywd|0E?wQz)Lip|=)MHeq
zKvh9@!j&UiW#L}(MY|$7+hrI!<hlg962YB+3#G9uv4C8T1ECWYVJw7=_B?^9)e~wt
zOu(U)OgELo`dqYlaD-mSRZ6-(2F!D0BSqK9ETrgBK?`UwXzctSvt|OP{zdP&UuMlL
z%mxZtmcAv#Oo7Z88sxTVmFyuV4;9}E@nJ8tzI{7|aW_Kqdk<LNRV--`VuGWo<^@F>
zY$cV(n)i;COvt(nNG2M=)Ifo?6x~VH<@2~vz^@cragUga(h$4wTU3(GI(XGuRXKyb
zJ6VHmG~vn_d03s&;a=QN8x0K8wI~;(H6HG4USrXkS+uSw&{r>uf+e)t0Dpv5+g_ku
zQbQDL?({IDo;BT7jl5Hv>PDM<5b9F)j}7YLRQW2l#M4^i)V=ZzZQsC=`EQ7m@s(-i
z@OO+~YD<R|qu17l1)4DYlrGyE@hbM4)weKIG=#_k5HN-qMM5m1V>@2s_yt--uW|fh
zIUX#LQ>}jK;mxYRnM%NbVvH-!=<*CJ)d4{am(9Kkte;EFBzuw(mVyCZDkBXS+P3WB
zytC|v*aFnEW(f{E$H@;ZRk0oh)>5as=M=DrGttAt{h1J@8z^x+m>TZs1bq{xg)V;#
z_h(qiF5#O<G~ZV%C|H`2n?uGTJ_W$J!CVXIraGS2A%GZ2*~WxnqVQEnr`T)(U6pgx
zX<Y+`iBpM<gwSP_*ImQ?nX#_a;9yVJa4J34v!yRHoJmCIaShHg*EB39!N2V1=q|{j
z!c@Su3R%@97=nJoadlG<W^QtHm%dvvF3x)ZYhYroae#+KM|@tywFWMx<6BU&9iiL2
z>NxoPq0VmOCuZrl%PKJeOlj~?(GH0-u8>Zszb`Y~GuV@s=M@UfMM(H*InoGJO{>C~
z5mnQM(JM?ppJSJY8-o-h3<woWyR?WO&a^gYc_7)01b9bjm`Hbo%6_XeWfY5?(t#Ul
z2|&qh9I32US;mCXv9N?xb?M=;;nYA^a(Hax@bFNE(Mf~J_5D5F5FW0vUUx>is-XEa
zu&|e4##g|&M;N`!(6Ok~q*b$pJPDpp(TB?$gC#N<i5ZmNkM|;^<@eyd*Oiur!7`2J
z^0R073mc*)T<cmPpA*)EYoJc)WljJCr-zc-F$;+k@FYrxx3_~L3tLTzD??Sn0+`;v
zPLUqwPyA8NPezha^JVplzCtZ_pM+k*AtNV}(*dfjd(nhpnFE%Bk^)Z2u8PyTEVCNe
zi|u)Tw|r8_CU%cb4DUndRf1I0i8nlOzDcRhta=%wkqO4-*#IiPz~aQ-L`CU^(5IMa
z=zN6FiDBy)j<S54O2%KYM8pcYTGa?rW`0gir&b!)9Q27(%JrhfB+2s^A{hk3T7di!
z#UdlmD$xWFbaC8+XcAZ%e3~S?s?&twDW5RMc1Q@rMyR|D2*Yy<;C*5ta%EbSJ~$RW
zoI3T(ng?5Cr{v;E$A+?b2U^TBA-IpFw@vD|9r3YP$d(bkZVq+2w1jRL110;iY>*T;
zLdgyT4pnMi?fEg&t`|Dg0WZ6!w=dw**oNe*-crc-8u`FI>RJ5QNyvsNBMI}&u}XGU
z@8#Y|7RZDGIbY#k6T=3+I+l=FG$#^F9dU|f3=eusAs@r5e$3Z5a>JuGD1HpF2P@PT
zsSTo-K+%IMGk|IX$z=5Qc3gE)jIBEFkxg!i*8xhTT_p=W(Nr_oK*?STJk+?a19+f5
ztpHrIFQ^|nQzDguU&!P$fP);6+C1Eou8Rw7tK{l7!vNB3+EsucL}FP6lgduCn!r)D
z?XgisKT1MjDT5ttu}Rl0`aAm=_G4?rK$n!X2x6rGh50ozWfU<wo}R2${ed>DZP$-|
z_!&KmG`BL8PC>QVH@E=|^leBdhx<~4Ak_=D4D^HEzW$z!Qu|04`cj3i0EPLLE7id)
zZI#Ezm>so`uQcut(YByAGt3FHk`cFH)WdASLxkc?hDd%53~{KI`Xh{;RZ~TtqOBKo
zQv-uNr;c?ehm&L7eQ97pBiqP%y#m8QsfJx+T1ST_=wo3CjW!cl-G;>CW8qVS0l(!#
zg_^OO%gF2KMhx1i@f~sIhSGv9W9;w@^#vpAVT5(?!XbICV0sQDbTlg78W((vffxoa
zctQXa8pYu44gwp_Fz+_tJ={y>*bZ1?{NWeFIe<UMm$_9DT`E|tbr4AAAg=m(m;*%S
zZsZ*ImD$DH?NnkJXu%Szl}aw$rj;W!TOzZ|+U)3oGdvOwG$)$xR$dz-ucU?jOnpXt
z&pE#5LaH?Q_%j#gJ+>5k^&-l|?rN(PG{+@Ll>o2%#9~fbpw7x6A)vHG6{*SZk`i^H
zYyjnJQZ*-ZG~se!q{g_(^MaHQm~07Yy_h$$s^koJq4Uqo?;0|TOG^J`qP;H{C#lnF
zs)&w-UT!kM_2}c7;JcE)K<1(R6<X;MsA3n}Id*;};EKjR#z}k7Q}mce#ZSR6nN@s5
z-L$@EL*L+hZzhrI%_Nj<ic+4>S$4CLSiR0TZm@Tqab#k3%Y;)JZ;pd_t8${!8Z}zV
z9pv<yAEDo$L=!AYe>uzM#|U{RDvplc1oW3C%jQu<pNUAaNyWH@j@5iV4DV2kgIp<~
z5YMeQhwRU|t*cYq(?CiMAA-*v-T);rbR6dBL(gHDcVu=^6$awQh~pR>pq!`x1qdOS
zT*<nChLM!0V=L5o;}>K^X5-QyDjq??1gh}WHdB?g<hB4oLQB1IskKDpq*F}mmWj9?
zkpQcL6G1acS4UWc2x=e0&Yj_7U^q|AS|(2k7RG&xW*SDdri!k7UkjGkU?3DAqsB~G
zX7?i4o6ia(-J`%)RZNVNlBXocQbTYHovG2rC`TeRbvOY-ovp%Zs++DISW3Aik6T1t
z)t=B@@<zUV%9iR%%XFnBy2APxK&o4H)o#O1L}W;zO-Qd{J8lmgFp@O*3*B7^_@d@G
z6|THJt6n_bkTCa*YGY3Uo=U?3dZ7q^F+o8sqPmX=>?qx;<;Z5kbDE5?63{o;n_@Sj
zmCLPGD%6S*qb+>I;EEaG_eJ1SG9BFo3_!+N05}Gwb_~w}(Pn*G&7Y#$1`6a<#0CmK
z11*tSdiA-u%quKrDxr+Bf+wM&Z;8^w0PX{p3=-p07?{{X92ha<y~&kWcDynflB+Ln
z-&#S1pd<pk-6AzALVPWL35#TUxUV<aHJnOs9owAgNk{kvPawJ2+An$_-7oV1Lbovz
zvox^MFockVsRMRuD-K~5&o-<00k9jJJ%@Z|IGG+E>rZth`^VBfL;ZbS$>CI$nUH@&
z=Oegvt#LGSe904TBTV92WT$&pUSr;h3yrDIRCsIUHQ7O+sn7IE9v9Ri`={o^t#)E4
zE|KA<jPmvge_^ZWG-gmzfWrUf`}tYKtNDqUwoB^mCwj5BufL}TXE=jJ%*t!%UyYwu
z1+4(xfrp%XT*50d0@RHQbK*cA$<7~`R~6{4M4RCf+?VS?%Ptld0c$8Q^--q<d*niN
za+tLs#if^Vpw>v1dV8;V0*Itam?0?m;&ez<!=jjh;=(Y4sn3KRMzK1k9%cw)9X=0X
z)LANKV8&1#i3Kx5mBXi?bS&r?N-AW*^C(HP76E)hdKAS84o}sJM_J`6^rA*xibD+A
zZ)}f(b%!>wRS&bIQvtsU@*tQo@_D*N9akN6Z_07id|tPC3$br7Go0-2?@4>kveWv8
z#)h{J^~ly2VaZgY^U0whJQuN8TrLghW6qJnZv&O>SuJqXs6cq@iZj}Fr9$T%pmL@D
z3BkBs@jMTZd|wAwFuRi)xnhvR4^B7R;}UU2tt?naN44TF1u2kuv`#%<P>WERq5pC!
z8`^&|RqYu|1+^%z#Rm7zXgiO*%muX=@JI90KA;u@-i3;rD#ol6-8w!9QL%_D<v|O0
zA+b-Opccs}c<)3NCjdPYMMdFkThBt4vkR)*D*O$MnC?4f=$0Yu5?TZ$(Jbhu3rtJX
zV}>T?dL;M1X)|2|{f4Onb=;cP5yOOhN7@fsn%<{{#!U*(#La@CZPMowHALmmapGu?
zNfmZW=P)GX!#CxZDc)mo2nWM(c!ZZB2B(tN3=Ju%BS3_AMLUzKt!pvJKDD}{F+2FD
zC+yh4PB3BXMWCE+Xq|!FlD0mf&t_cPFegw^5C|wxr@+>Wc{QsK>$7e`X<W%_YwyLF
zH-%%9mNf-Xg>nxzRtHS;8jjh~CKY!H@WpH@QCZal<2q1Fu2oQ7Bdg}~b3oHw-7XlW
zt`QT#!g@PfvTZ2Fla}L}YC#8<4L^2t7nD#C6>OB*m`wL{j}4}}d&c^@fo@J4wq+vm
zpC+!d7#N<^Z5`_yVCuSt@6Z(UM%HlibHFL;StB<G3>UzLF@<s1AzKiRTS^zV8bPqP
zf(h5_GjrB}?l|fM@mN$dgSt`!L#a#;HHC0t$6&LKJ^cfr=8~$BAv7XAiq^~-)d3T_
zsl&xU!?&ok@tB`Zrq%X5HAwxTaQ;cP4NWDJb%xZU&mpO=L<(;8s1+k}WdK4K5o+bo
zT{L<*1C=iII~lUA94@OanWrh8dcBIYS-0Wfkjt>*4Mz|aHXRo6!u2rCBtock4hw&#
zv4<EbDek58+>o@EoTLVi=rI2}y1P;B!4aicNmRWxurSRVoWLpySUk;SRB&vPqP)->
z%~D|G;IHcKWm_*;)5xL<y_-C)W~WL;wD$;Jw(t+qDv>frjs6NW$`(OeG3U32zj<9_
zm4XeqUe(BB<(RdKbKc2P&U5v1-}!4v0kpB;CGapY1c((vr!x59MZiF_bZj!>(s?wD
z&b0_7kq*FJu`@B2wRP3i*P}M6T)#B|e}((|TIU1bLg=?9U<<ly<GEOOvvJ%kp2zKC
zvy>qS5Zg7XgYZ|1FgSWHr)OPbTHoyGc0%@IgKd?FOM00X79JNRI)73xI)q_24LnwX
zHq0HjVCUUE>#O0H9;yR9*zeeIYOHHxPuHfh0xDp+A)VSh#I)t@V8~+`E9dqb=2X(u
zx)6sEmys_cbPBilVfE2@4yiK#2=&h07hPyqgc<AW5iGJxpLrKNQeI)!Jj8&6mKO|E
z7=$3U_$r#HQ~Xn{G};i<tXXW~!*I>uw`6|huE_W+&})j~m8K~CDWzPnED{vbjf@L1
zqvLOpWJnD^4>k&x$8kZJSmCQKixU2f5UrX}Nk8-tgV_tn9-0WGVVT73)o)GUu8L~O
z(R*g~YzdPo*bd`_Y%T`!DZ1?#mKg#>-WWr2T-A2Hdp~jjd>ir|HF38R7g)%rVl%}b
zzn<22lnh(fx($*cLq2}49qE0pkT=XJN^wIE`99c=^lugCs(vgqB5qY{TCe)0&<KC&
z+D2hObzI%vq|eE}<C>8E@XQZ+TMxwbA>B&ba&X9kQt^AzhWn23Yghc1X~%s}<+tL;
zp7f(urJ|;~y3ak~pUYa3dCu#qxw)9iYvdTD%8Z9K7ok;{1fdb-H^xaD#%)X!{FU56
zBmZ39maI{xRz<?u7D#!Kk}1ZSdZeHlX2WYg;txacwn;UPTsd*iX}M9)7vMY~^Jl?*
zw70jnuRZE0^ly86yZG<wHEY*2bR5;*v3B)QtJ~Ke-O%1~%+YJtHh}ge9cjo<2`&o_
z?ThY99Na79$D8WT2nwOpN?Es)jS`ID2p+6RIzfC|wc}RNjh~UTtqInkj|5hgPOLiB
zBL1Zj3|g)ZIzjZL-m!ElHSEU~pp)!zow|gvUjro&MZOBpBtggCBrKeSB5*+m$Vm|Z
z4{;9ff}Af0yC6sx)FN;utx{ftpBpAUIMZj<LNTv*$^axJcoQoZ8(Cy~l^|XX{E)Qp
zy&d$m?q<n5O?6e_C45BQ&RF)8@YXF*uz56H*-2ws*MvrSYr>JX@@F@}wBdJ531;);
zBT9xTZ^jK54N2aP85)O|yfwiPT1sfmdbzOQ%ZBv?A6OzVTkOl=9I<binQ=<RqGh|>
zYw|22F<rRHsDoDCK{!9FfG@M^vjcfh&|Q^hBj=@7xi71q%IkjyT^WiwlZ)!3+WOzI
zcCEPnx3BJaZT;U9KaEGk#|<++t~!&E2)-ePlA$)Y%txpf&4r73qCL_G2Gm(FY!q~>
zgo}KlJ2{RQ1_RDov$nlGLL;|lVbfH}?KAP^9VZd(hzzK+X#z3Y+$?Jq?`Q`tEs;iW
zs%oGx70|sNC7*)(cMx&%x?Tip+9M^?HS%BtDBH6oI}h3%&}IQY`E%P0P*%)Ox^8hS
ziwpU~-#g>+j@8G++GFjpj?QD-k6j(diEH9&(TGoX#PNYsd{S5Q?&Nmt-df$>u7J^X
z5fnOvf(amIhB<+dV?84tmThfq03k|Sb+l7zMW{b8I!{PjM)ee;^FC?HV01JBn3`3n
zSO3TdbrQpGW(^l~M2J_+W=KnZKe7X$RN$Cy9qkbm%R|Vxx;=uUBiK<O=(+}+64b1@
zQa(Qyi^U8R^qGbWx-8RG4U|s@f0}VEoV9{2j}mAdi^Y^kbl%C@M$vWfi6oboX%aZD
zRU|NbW-);!FwmK)4<(_<&C$48EJD^+B0h^HqN^j2(}92o*|<X-q8&sE644VPbe_n~
zNm3kX<x0?&1JJUH>$Yv#tj7~$?<b%kVOV56)HM)`#pGjydt5S?)EUcn+#c+wDjQ1X
z41hRVMvInVx^2P?tc(D_C;<?i_lZ}IkkdqQjBtRa4p~LD=c<pdJ(4qCYOVL$5B(9=
z|GYI}u~O6qAH<60#A5oWy#BB0=;%0FT>s&t*Vg|%@bmtm!3_sQ-X3XaXgHv6V|Tit
zVec&s4STJ7{eBG%4SPND;&lxT4X>L>4kQ~It~vh=&#U`3G&F$h#`Hi#!<j1^8g~6_
zL&M)28X9)}wxOZa-q7&a_J)Seiy9gZE?)etlaFg?XxMLj(}wPb7vcXteZy5BX=v!s
z`nr?Dv-ket{ux(0^<&Sx@Z@(lU)cF|Xa95VzvC?%F7DiT#^%2J*Isn-&AWGf;+ee;
zzvzeUZ+!N!T>qi(IqF~4n{V6a`~y}Va`pFL_m2D0A3N<c_q}WTKIa|#=o8bAetM|%
z%yS#Ad)xO8KlI)&Wv+66|IF4+Q`dawpqb0cBdcC;pZMmZhbYR~hdRGIvT*ZX-<BD%
z+pgX9iHmOEUEc4WOLO1-O7^*i=Pr8gfs1b6FL(A&_Rj4Z*!Ms7ZaeX-4<EVj=TF@C
zkiD+oYvk+??Oyrb1NNJ`f9pQ~c-^zv+>bN651Lu~j^F+7zufnovu=I%=?A|%y*vBh
zJKyr-*as60Z~5_gnXhc?yx~hLz8AmxE9zf<we$EpZoTbsefQ4ohhKegd*PNBA4!$>
zyWyihS@G^mU%dXXE&Cj|-#-qy=khn5-*En~|M89N`RAQ?$~$j(;@m&~{GMl0-Cyn6
zYg701Y4e|(j7ERv?#vx;ByPL<@?Dqj+UGz2?LWV{`+?nmy(e2f{Jvd3+x^eGA3pZY
z+kf@M6W@EsSI&Fj6aSlcK6TxHoHJVf<nIo=;FAB?wL*!XwBeh_-gJBJ!+-y7Zu$eC
zxFmAuhC=V>pML$-Pak4^)!x45x?4Upb*Q<|_ipa{$}NAm;D?1<PrSy8J`H*_duaE8
z7d(3RFUKx=<kH6{im%UI)!F*hd;5R3<`=#C=93Cv`o$>^z3JkQncLp$9CPXM$8BjX
zoSQiDEylLU7Uj<`I%hojgO-ea*VwP`Ir8@BqgVg)**EUG{+{eq!{xh2ci(=+wkQAh
znC(A%@XgatS?4F(-(s{zwkYeLd+X?zetzNnyL$iowr`!?c=o<`=RW_N)I0WiVjpwn
zs*5|Xy!cQ5-yP4Mc+IK5zrOpE7w`S?jUPE9{?^kjjQ;YzUmttp1Fv@*od0a=|HZ_O
zcl<JP+}Ue>^TfYze}3hP(KXwe&%fpHi{AIc&%F8M3s&BBdTemh#`E^GZh8FZ-S59U
z_xZohUH$uu@4fBk1LwVX;Lgc>>kEH4`qt;Ze$(L>z3=XSKYpm^lRy0I16N-Am%n}d
zP3N4t*Co4;`0W~S#j4_EH}3kr{;^f(9Qp0}>)KDhqVKmiZjRpA`S%Zg^G_Z3ed)@d
z-O)aK<aNLNeECOD-}mkh-F$Y_*`K=qZzp$Ndit+V8U4Eb%MTp&^zQEHq5HO8@W#_l
zJN@HVToJ#e`H<<g*S+xh+z$^w^&`$1Q`ecLXWo#$^T0bUzwst}#nZdHwf||^{(h~0
z;&T&czvI^1pI!6NzkKb6^^I@e_scWSD>L7-|8wYDCp^8YTN{V1e)!ox-+9AnUwq_4
zyGM5QG;bN$uW|Qv=e_u&`{ReL`sgXQ9RA_=^}li7)(iT~KYi?`Pki&BBM*5xdG1F(
zci2edM{dnM)Oqn=cHMd6XJ#^w@Adv4efi|w2Y%v;kAL*c)BgG4;d7sP`*+@c(P8ub
zU)^-*J$pa@gJ0kG&@peEe#)5N|AM}g_S&Q!_*nBZhpIQ<clOsa_w5+{>LW)ywEv}l
ze<tzNy7!!U(!FmxUAqth>+byf8?HU~HwSEga^J!I>}zg`et&q^r_Q#{)StiVoWzlT
zy=O=}5H@?=LC+jCa^ZIlyJY)2d(YqJQ@8j2@z%TUezEZI^=)7O)!#okb=|u^{-fxp
zcdfYdq0Z;#pPqj7_S`?dzJ34C46Ogu$&p|E{)w?Qk6(E9`X@hf&Hhp4C#k(QU6H)x
z-c$QeyM3_#wtwvR@O6`y51svo-B&*GyI<UM{XcI0{u=Af{Kq$*liq!xabnZh=@+jp
zeg1~quYU7h8~*z{Cw$=_UwrX}+n)RB7oUmlYu@t0)SC`I;Gn->fAirVe&6${+yB1T
ziaS62@sHlycFpzsbUgRrpFQyZ{i^Nhi}vpO-0e4?`}nhO-}mO}orV3^KAgYlo+sLK
zvyW{#WBcjz-S_6&-+EDR;lZzb?!@1p_m%4p8_Ue>)StTGvEKK-^NKtE{g}f4{$ph9
z7hgE$fS$L%Z|{$9Jm<HMk9~aC!Mo1id()2x+Yj0Il+3z6&K_{}L9=h1{oy4)%YAXj
zomYMSXOI2;zrJB@yzA!|{O+zDsqcSj?K%3f=l$unzSbKLIQLJHwQEngWVIgo_9s?+
z`)%KC$~||{n*Fc++wPs)pFC{rxd!J)cf_9Ay#1d0Px$wt(Q7{Y(-RJ#KT%0vzH7yu
z4F^3HyW|r;dGx_+9=_nABd)pS+BaN!{7;`f{h`5`@9p#WS!>>X_ccwQH@<b|ai9D0
zx4%5qbKU9tbUyNn4?17^Qf4}J;HR?pY`eI8*qhoPZhz?Y4{hJx`H|=T^2axS<J~u;
z4_o(c{U@J3{B0jNYS)jSKU=x*pDuYJ@!a0;-0y)Ke{<hipIQHh3m*8$?hie2*3r*?
zY5V!>zW9awJMW);>I?5(b<O^N%U^Qkm%r2W<9y>U@4x@iy>9t`ZAU#EJ>%MKckSBw
z_>L#8IN+g!Pr2)_f4T9dKWDGmzwyq;|K;j#<+0|{JEz`X-h1|~KRs~%xcHsN{_%Bx
z+_ml(pZr^7=B#tBx#pAqaru!SeB@iV4-S0vrYkSq_CLm_u3CHKkDcRkn+_Pf^7>8x
zIP{FEZ?8Nj^2Z}*Ui{jlcaFTb^VTzO9f}^fZ|eoGAAEf5ll@I&8?R37byfSj&N}F_
z2J`d(w(83RNB-_ZU5P6XxMu&i{@4F}_m2B7yyB^k<u1-$H~N><r?0<sYV|h`diHfc
zUH8)~Z+cSc=zq_fOBeM2?(yH7D{lGJ?mPB<(}xn5KKkpsA9(EBKfC0}-KUN}fB2?L
z57~C+=FAIsKG9nG$q~PP>v?ToyEp%E$K410*D-&d`0eNu|M=xerTfl5^{Fqu{ey`^
zF38>Wqj$bZ`NUl(KX$44{!0#czOnt7r)Mwi`nP*W-u;C`zxVoYbd*LC+kSi4hZ0xc
zbMJE>{L(-D_|TcbqaH5oKJbjG>)&3w;phK+-iuQ=y)g2H$dv_1!2W-^y8E#!F8|(q
z%6Sgl{NB&~;r_cPdv|^N`?ng8opAVJ*WH)9ZDa3$9d`TCBTtQAY(KJk>ellII&Qt;
z2d#5Q4t@IR-topS|Lor1{&Dj&kNx63kw>0_09zrzPhbA4HMg95e#4VjUBBYQ#?LkU
zVxRBXkN){jXPo)m&k|SmeSIkL@pIl?{PgXY%|CSVKmGU%9e2EL@QOb@{mXmb^pDFv
zeAbRnf8mSH8+#r*aj#9$tDpYDw;tW{!13zM>x?fJkABmy{^yAYZ~Ed-R{gHLPvn&N
zFaIZf#ATZvZ@BRTyTASY^De(8_qE<#Z`k#dH@Z)q@s9m3*!?e8ckg}Lou^)O*{zQp
zzt6=z58rmixqHnt9Q@F>lYY>+&!+jOI$wO9G4|gVT>G`s;rG1b_Su7rM}6qpeQ!DB
zj%R-L!mqwR{@~@;?B95y9@(Ot-P&^S*rnSqTYK%bljn|I-BNt>vo{%M9K7WR`<ycx
zIps5l{_Src$v^qe)9Zd@KRx)+?RWot^63Bffg7Ls(_b&!{|#5ZH~Z$^=ocU+Tkbsd
z;>&(>Vd}|aum0v+a$o-WuK;{NgTJ5u;r;Rcwi|YQW9a9fD3$K~?)cU_ewAAL=wXLg
zdp-Su#LDf5KL3NeU-;E$*7vR1s_fOg{r&w{pJzYw!1l}Tzvh3>IO#XPK6kGpGtYcw
z{EcreJym#L`Q4w~yy2S@2mMsN`N6$E_`Y|3XT#Y~&OY|&n+|&JYkwTo{$I=X_xFGL
z4*MsEAM)tlPc}XgAKL$kTVB|C?i=>|*5AMOpWoc;&}Tm~{i*LwoHcmIpWm%scWu+b
z4Shd6;zN5s_`|zW2mH%PzaM|_ofou1RShnAA#v^5=Qq6bv(sCOt&O`s_R!da-zwes
z(*q_R`1CRRyyLddrc=kCA76d#_imnj>y8_rZT{mUci;8y!&ZHC?JeIuM%ntAT`N}a
zb<k69z3Mm4kM}>|_%}U%(2nLeuRH7TD;|8?<Eu_M{JHP`=r2?8XKqXVac2DK<U^0V
z<-K3s_nFk3{`iCY|N8;w{qVbSW$TAOm}t1*$6vl-+m9Z(@HeeD9>3S)Z!->g>-LY`
zxZ$|#KKP!<FBAXzu1$x3=Z_EE{+B!M{r$JL-TC*CHTRu=+K)c)rypJY)@vW$Xiq(T
z=3QrfJ#p55?{nt2hqZ%m+WB<+!hh=h>TOr2PG0ws*n3J3J^1Adzq{t&9{9{>?|9?I
z{a@aCR(XZhciB}JAMpIaS9jbw^z_<m&re<UfPM2dCyf5bRqy!!+4~N-CX(-Q0TGR-
zp1tcDL{L-cU=$mmAfN~$SYeZF!fKL@yBk786nobL@36PCpAE&11<&3+^%M(&XGg>i
zDwh9eXLplL2!eOs-S_wTUq0XO$?nd)dGF24n>X*hdBe{N>K4GyTCwU%@-I%s%d=mk
zPI+GC`A>azjy`<4X#3R*q4><x$C?@n{S?L5vU{XX88!3B=T?OU2Smjmzh8K^K}Nvv
zpXcB&AdgZ>PSd)lJHI`b-L1!(aVthnR%~|v`M?0x&bIBFEvdPr1zf%M(4W?RI=oVv
zm%Q!S)RXcxy(jU-J(4zLWG(#Ym$SY4{odox<X+CarXG^K=GUlQ-!%-8X%dh{YscAq
zNV~Bx^^Lr{J}u|OjWfAPM-R5<&-+P{5s(m3+Hmszo$Xq?XZEv=d@^)w&9^0&JwMK0
zDIIiTiF|0%hLK~_?tNZ(V^F%slc8fb-d!Gc;N?$ue&rn)<g$I9=R~LN^ENpdb}mew
z_I~Qdu>9DBl5qp~jHvB@?9+)$S3bw;5Arr`CEh)r@)0@za-F#7>BZJ}`JIDpLgdcm
zk4bZO9zAdK;P<_+Bl92jd~;^v<V%ZkN_rG1*XQi6{kGnD=kYsrqHe7V?*?B=kQbIh
z?$=%7rtc4GdH;{$iZKh`i@S_%;XC!ph31b6t}UJr7N2o3Yx<SXHB08&zUjK;-JYXw
zPdME_-^+LPVELu+?0SZ}H$o;4^e83rYw1KEGw!x-zUt-D@zUU#*B9q>*XLCq_^#F4
z6DbZ)VkCzX!_E)RyL>(Ga=p^7(?T2ZV))_-gEVz>Vr?!zi7BqD|D5CU)66YJ1zSrN
z%P*x=+c$95kij3PXDzquGT_9e%i~KrlSdCa@aIjoO+Q&P=E{&I%Ht<e>~(_D1$Q5+
za(8_^aV=qU_@1<GgZme@-ne?~sW}TbohXQTUuELl9VLxQW+&GPXlG|HNPYO*?Yzs2
zE?jq5|17qspJdGb!S{RnEZe)iS!t`FyMulo*6c*b#=WZ#3YoY6z_{QIIn7F2P4kpc
z_27$$;#t)j1q1Mw&mUje*lp<b-011Khdj58|8+*6MQgj+d=_Nv>x&G@zCF+5$&B1X
zL8~IO>ltc4{pct5cnf8WTiQoscQBx!@pp|+556c8$FGlRr7O&;9cx$cX3FC+8Hb7r
zpNusWehO^1&^G<#@{7M6+TnCKkN5h@hI<Q+_(VSJ<}f4qrnE#n??hbmv#aE$_qFt&
z4`s&;o6&68vYea!KHR@FhN}D%Rr!a3uTD%zuCo5b;Ca7vo}YMn{#4$9=CTseybI4?
zzFhlD^e6j=>$(q~nx<AP@gsV5Jq};t&zoSIelk<A|Cf=yM9OhtOK&$Lo8Z4JZ`z^w
zDzR<5{OsvJW_T4nc1~%i>tI+fdp2Zf!7n9Er!&=d+#|Ny_FdPtTkDc44{J9(tv^~c
zq}`#z(#M(;-Ry4-pF6tR)^me2*Z(;9^Z5=942|pssmez#Zwi%)aW+@(#{8hmcJA;K
z8C7`DsdGf;Prl3T3PvgJt2|0O)?3^>3rp>_D#dC0k!^>%irT!mW)o5nt~r`}A>{Jw
zhZ{%tc@yK|7$!|bv3+ayy_4pD4qqPlZ0lJV>sCCYzUNG*m*4SX_?^#cZoUdXa=TXO
z2LHVsZx!xeDGkQHJ3T3D+rve_UHO<d{!Br*W>Hh@<^lEARk9M{rJx2G0V#7nNkgQk
zhNQ>}!i#F_KmQsY{cP2?()7Y+9bWrAe%p9_-qn@2UKH(z??n0CxHC-dU@xef@}vLZ
z+xGWtqi@_hAKjthp{@yM(vl|*OTIQ*-EO3Re#G>q%ALEk^1@|-%_iHXdmgwedU|qD
z+J1)|v9|q*y*Vd3G~PUTtu8vEHM-`#EWaM~dT;vFltTwHHxazR?lvKl24xQJS7o^U
zq}xBe_sNfKEjchQq;T09!*}8*c>~@QM5p9Ah>$oeA!N?9+{_@y@a(j;2_G)pd^P1j
z4PQ^~hS^19?iLL3xhnIUbuu%z#+atnTNahr-`=@nK=qI7hpoQTJ}x+Nv0vuX7?0uh
zlg1wV5WNh4oRc@~*|wzg2OdLR)}g1j-rCz%yJ7#~rf6D=)>+EboCX=IQQ_WSa%^|C
zm>@oT;9Bm5<^@H=T4yQI;r_>NzxiQo%{?8p8z$CDI(Mn#KF^s>VPQ5Qiw36UoEg8n
zZbI>h77u?7TYP-$%-pTh3~wa2##NtHRWQ#kJ!#0N=Q$r|99^B_6t-d2A?IyNmd+U!
zlON#|bpSss+}gVO$7=IW)@<goW&PT>_SwSmAxra%mQMW`l$90oDk3{=t-L5Ja`Ax?
zHDVMs-x`+9>QXN&Hg(<Jb#r|`EuS>(`7)18pL4lM`lbC{!a{697R?*fSUVuU!+|}+
zc5Z(%La3TQ#cgPz{+CZ9S9H^En0GEMQd-in-b~wc&!y4BckQT^*fJw2+kN9<aWj|K
zU7KdbrYf5kiZ;Kxa>#yD%@{?8=ey?M+gd4;W_Y%+7od{M>+bin?aLdgfOMl}B^_Qa
zIlHA@A$+mguAG)FZG~aMHX)1V?A>YSU@zF#PWQPed?glHI6QFKnYfkurAeb}JWtGa
zFO5mt-!5S*-_0d1IP$SeN#WGrg7-X2cBr=Tr-Hb`;eo@0bX{6j={a`mt|mM5Kk`bC
z7e%eU-5_K2skf=w8*FN-bS1B%g-`ODWkseo-i{kSEA(Tlc4?S#wtxD)zB6+-1|4W0
z7koKh+<2XowDYh_Zx1IVQ&2bcK{m~*|1v2-{5<e!^v>NB*kuheRvTiruls$@@fyhD
zBmEq*M*E+yHZ64hsNI|AjGMnAE9>STtC7>=w<R^);A}5ITb&Qiwz26rw9e3$Sz)P5
zM}2(Ru;_fB{Iw~_@H=-(mexmIcrlk6G#cLjtkdzP-G{8G*YNqJxaeoe+maeyM;k7y
zGPciCr`g}%_%1ymJ!{=DP1Ne)4Kh}@kD0SKyZxlnWrrG<Y?PL?e;M(e@Y%)*b?o%j
z1d%~Y{iG!wBE%Hjmz{=GKU*{Ak13?;^{$-c8T$v^{pm%X-4UCR!m01JZ7XfCp|QOH
z<xN@2D{T1a<>Hjs+Dp53X_VD3b^eH`3)u<JZGKf>znC5qQCRrw{IQ~_)vX$2w0$KB
zIc8|GwR+4SHd|NQZ7XeXJqq<|X<Jl-eAgl)Lo#q_-K>78qr<b)3N!C%^MB|btzU8`
zSS2g;4ovtxT>q~BlBn)Z;nUw;O}i%RiSl?cX$DP;+J%iDy&Q7uaZ5q*;}<LB6W`s>
ze$YKS&tqG@!{(WuRqX|*cFZ|gwD3WTkUh`d3<=ufldzm$|JWU$?AEr!#&*!&`r}Na
zT}O)|+j`myPVG8c{Hw2Ms7>q8jk116HIee469+H;$?4Xz7>5UILu0?s>X&-4K}OrV
zV?^4-6*DpI!}L2v<6q<qn-TisN@<?&c__m#e7e2jQBI3fUF-#?HbshuEDG<u%<;;d
z^LktT(V|HC&x4+B)2|Qf{ZQ7TK~`@7Epu(C8ucoynr-{j9^&$YKI?aO;QyAmXiK#%
zwPOBwJ||-SoO7w6k=bd5?t|UtIEQB6sP^GO`nAo~-$=58JSQHz)aceYyVY=qoVqc6
zPdo@(+deK>5w-DP;|%EH{cC@WB??;w{<<w|{8ZavA6zHq%JeSv(rnY^14VbV&=uJ<
zuc+3alM7n~_8j%9bbP7pu(4Z?+{*ErF==&*({-eU{SNy*+dF@_y(ubdcZg#1e$AO9
zlWN8oJmx%d(H9Kuc}id}IJMm|<!Y5{E$uW3uev{p4EST?GGg|`yc)A6ZHVg~C%mB@
z;2vTV;=bYI={epRA8TZ0C%5Q_H7zQrxwG!7AemO<aMfYYcAKdaD74$h1-COCL|T1c
zAYAii%HzZqr@H8is`d2ab&DHwcHPmU{%srB3r?+W8$7()+1jJjQ?qhaLnz#D?wH;?
z<@fQTZX4H3ezz^DL5)D05cgBh4cW6?uRZA7<;uPWsmI-te40BHwL3dDMyS{|j;hr^
zJ8jl>Lsbd?MDDW<1CO7O>RswB>%23iq0~ROk)G<91{rNPKB&^>s^0f)a>x0b*B{q}
zx7{&*OILkKQuPKIDf5pp7%i!PC~3fiOy!C*TYWNjZcA#gq49~<P-yn)#e1*PWIYI7
z+*#k~&YU}mx0arx3N%-GO?tm<cPHoAu`|4z{}dXLopv@D_qMC~s#=?j8yP~X%>1Ki
z{g<4u9X3`m<e>2685jOG3ep0n%i{-)7aeMp(=4lZ>OQv)F&QadlUIjL?HbaK`tBR*
zoYQ<#7q5YvN7NCZt%~mY_N%t<eFKk#nYlj)Rp-T|by9?`X|&z;d95ejUHAAU%;mpH
z8@+ReVSVGyHv~0ao%kV0#fwSvJKrE~@U)P{+g_aa`P^e_mylQ5tyTKj?;E{wFIp>I
zP7R^ClWWGr4Ibwdc7LUF#|>HP>g2nD&%0-y<Bw_|7u;y4t=eWwXI}irpFDqZxb0S0
z)M~`YwEc_2X6LQ~SOf~M^t>9-Tt`-0>A5Oy$h>>!{EoKv=l@2Lu;+5UN0%BBt!L*h
z4?5s<+~xZ}64$p-@M6+}sfsIYulg$PZd+V`L+4etliuF$*X7oQjX?t_q#vxDb34fI
zZ0rmE?DI8<R<QKFU)!c@Fx9CRuj2BqX;uiEt*&9{v*1~>|DmaESG}Gs93<c70P*?f
z!fZm^PY81a^Y&(qRjjTtX#K)=y)%DJ>;E2UGpNCcr2{4`9IIH})T#TlowMh3j0^UD
zJb$u$u7lxbjS)%3k7hfgy*mB6|LOdF_Jg{J>n*iSm(N)^+kPL}D)am13ubtFmkfkj
z=bvu4ap@0GS|>n4aUp8Iyk1tP)b}+LhR6NB)38<kqiwqUw<hqX4jQ|f<g^_@j+ukT
zi-y`<eh~@C?$Om&RY!a0=#h_3;!8g?iv4XVp-NbBW-fftD`76bjZ0i`wd*b!!izio
zK>^%=S4*n4??aRC3m`OgeS?g)#I5Ac-{0FRotT^c<IG4|iA#idS<G!=TsEH9BCB`m
z_YE@ICe7O1eSMv$e)TR&1ZcDAsXhzpKYHo70Gq}1S*IzJzl%wN*Xm*}1$3!%wkG)^
zbw*~_gsGtU2Z@7oZ703onAqCiCS+0XMT0xKcDs0g_omn<i=`zl^(NS+%g;~w?YDD%
zGY-voXzM{C;B&rJcG37P2j3U(E*|NuKh>6+OG9FJ;<w_4tvK`SajU}lvxAOoYf)NX
z(YU0;^TfhW0o1JBG&t;O!{^h}ea0OA`HV!EFp<A<XNkV~+cuMG#N6G}tzK5|)bIuw
zZ5Q8a?R=%D{_YPSu8bK{*eI}PNcMM~e~h!4IhDd^hHbh$O*Xf_#_q_Gv!OO2?wFiR
zs_on0r2U=`i6go+VSvnQF|KO$*9mDYYp?ZR?)2)$;I(Jl+-g4Q<}U+U&B<LA<U$R~
z-wPhC%AV4Fex9>#oT0E)-~^A__C1&Szm1!@v#R7$pSE2op*2QysO5ys&*H=K-_D8X
zUo+R~^4Y@bal5O`Pk5e{o7^Q~E`Oy<TyVQujo!EXAo_KGa1JkF|Dc~!oSG`9+IiRx
z`_R`hDm(3LM0Q#su5svPH?-4X-vs%NUp#6!Wv2hQ?_m`Ohkauft-aMX+-2mv{y;Db
zw%Tt>?LL3`&8z7x8d2ob%d{JBXFF`HI&DF5b{e&$oc(3+n^F0{b)TPiX4YL<iA%j%
z?+#~A=pKD&vG&BE>0t5P)Z$(Lsd-ge<-g3#?wh}T-j3QK?#fYlm)d8$b^qbx?OS^t
zH&^R?zRzlE2q-$;l}*VDSde0`O)R}~z4REh;N8cCNzD`btbfvc?89(9wqRbPfM%0y
z)8$vg;lSUw-K@U5_LJ(F_on3}&j|G``IsWJ8<s3Q-deibrQRajbort?b0dd5tNZKF
zC9;Rh^H!dil-9K6nq~Xpnbmju9kH8}+n8CBFGuvdHX*N3!Fz>3BJc5}>$cJc3tbeU
z$71^K$*WT`ch10Pb92`P#q(m)Q2)s<-?yxp>))wizn!&1+>h3Am{Xg4;g-K^WIyqf
zX<+3>Z4(@xC$5<JY`W9Zryq}vDHH{^n{>VDq|W1>w}0MTw%aA54yAk)jcr_Y$biL7
z5)^~O)}1Jdlt=HJzpuEeB;{&%r)8Voz7<khl7qeA)c%!I`_!p&s7}lu>)QtRot3-p
z<d!~Zx6tnE>+>S?huZf(b0a5t#+8Y->GHhmMcKOSDcu_?7CUY2R&?pudqZ0AleZn`
zp0OF0{h_<l@w1yQw3(f|G05*x;|ZRVcNA<)akd-QRhg0a;B0$`V?~ko)-1~1S8^vV
z#5O&Ve++BV;q~MjZ=+XJgDWzpYg*S7htA#(`4^9Fa!y#z7cX7fYtOkro7UdSutHH_
zL7+{@qF;BQ!S;7~ah?Necswa`DLFemcjL+P1upt$wf5JJuQ7nHTZd&_Tz7ZWYLtT6
zMDW^B@SR=1s)Ed_ckksKm{BO0SbzNizb2=LP04LWsdLnxA~nCC?V1#)V%J2qa$L!#
zoC7oV$2^S|ES+#YD@8kGwr|IcccWU)bqu2rINp6Fw()Ls-6FR(*&8GEEvpFU^}4jE
z+w>cSQR_Xtd}N!N4Ih5HURE@K{NRs-j#?s{m*lJ%cX0Kg??<fam0E)+ys&SGYf@)d
zaoobrUEXYzm2`-}crlj-^xCb?%3C@<#i?F~$LxE1C^UY^)n`ub?sG@6H6nk}VQHQp
zrG5L@3(yYNmhIg>!L53i78z#`)+pXGr(@%hjY67T{dME$wOOyK<!7fLSNE+uG%a^y
z(09C;OJs-hUfoZ=x>zr6@6Nu%nq)<%K1{nXYC==2`k*6s6#e$LVfG-G2Sq)~t@?pi
zeXsL{@o`FB`kP)WJ(oGH`D0ewJGt3sY}1>1ysbN3Jv(<R0K4SY)~ZFdhTh*fM>r?<
zmy?-JHA2>_1<fu!yX@KW;%~l}HZ{mt9en+6_Jx!Y+5FN4FAh$QPIy)~Ye?!k;bU<T
z+O~DoU&qGoi!DU&Z=?2vKc_f_p(`#93G+M9AhE4>L(h<z2gU}+_FKPuM?gZK^G}7{
zlk(m5k{_ogRXZ+YHg20&pFZF_zpBV1cUGO4IsVd;j+goub>(Gdj$b%F<jrXNma`qf
z#`J3UerV^n;_(i4^G65TJ{xu=dPy^CD?2kOYu&^H&3)ap8ys@qy}P*m;1AC2rg>7+
zY(&G|&Bt%FosZhwUgYy+M($S6twZM|c-#)oxsdG8di{XC?Gg?FttWEGpu*fKgxmA*
z{0MR8(NDi*4!tE#xNvDq`s;?pUYT=k3ETOD@1B3RarEfk(h@<v#kT352c8xk>E7-8
z_qvz1if4~q8V`|{2+pm_ypo$9g14^Hx8~5(qeMr-n$MiEBE{)f-LZqeUHN!3yZ-o)
z`-gAO9HcK?wq|;hGj8Xr^=zH{de0HP!^{IWWxEBJsyE08sB%Q}^DgngM}syQrhN2Q
zj(d@x;}=q_E7rH3a(!xwLFb~c@iuH*QX{khFNU8Tw^H9W>~c+Q(N_Px#}Z$zJa*vN
z^=+l;g$0i~o~>5e{MTm&d+q!q{i@YWmNe=ucd!?vwj6V7oWs~QuwL(Q5?=Dt87JjZ
z9BI=!3p=&!d_<dVZ4D03`$DhV?Y^76#&K3`<18$-*Uu?V+mAede82x$akYXM3uHbX
zUAwIDik^Gj9(CVvf1g`vQe3Z=r$64l{JQfs-RAX2i-xRDb%~qa<w*DF#|iq+tupr3
zzF*t@t-SZ%AzAy+OnU6ncy8ZW<El2gvhr5KtwZ*=S~7;DmxAG&hgSXW+J;*_k9560
zTr}zS@}NcCd&gcI>e1ODCSqM$$4h<Q&pRw_|N2ZD{=7N1=_fP4d$TFAL)g1!&*d#o
zJ2lxFB6xSR7{9hD=fIhJx*H8AKTbcB+@x@}uEV=MS>t5!gAD4z+kwqeZPQOKk6Z1(
zCpPG<x_Ong6At)n`;gW7wBO2-4r$*>9;8V_Mvi<rHlxHwt#es8;q%4Ir{k!4z<%c%
zBbe>Gq|VSG>(Y{{JY4YN`1y!7jkCrr>~bT-Z?9i*&}~@J+D378Lt(8sOS@e;ARWS5
z{)i@m*SXV6$5nYVx~hBQw}N22*TaVPA62Jo4jx=^*6G1kyRLoT64jRPYW1P{#9;?^
zpD2o5o%+~+=sm-lLsdm>KHQG!*SSg|aeGmN;?lz_SC)v=f;YW7{qx?P4ctl_XycZi
zUYmXF_kx@?+e#awBrk@4LAE0N_L9->b@^8%>3*kYiCeg0hXS{i&Og3mJ+{FxbEmA>
zkbhE=e$f8m$RoKEZ)_WO&)y|&`u^`X-m3AbQ{1qYGg~R!#$saK@&xTW`8oNi*1F9x
z%kIq^Gj(CIz3;9$YpzMgytqx?o0C)0UG5&9UC&_SKg@2~+M##O@7~a|W`y{J^Ymm{
z?Bd_YKCd%(;K_QDtuAfRMF|V9AF?@dZQE<#^ZH++4t=;&)aI$d=_UV>|B!ou1&_o<
zSlfp->#ps6jotd#y2J4HTRUtClI1x}UzK@iL5k3!v~fXaVzU48q&La_lX1V={*6yn
zJr_59f6&BXYaB*>=4<;c4QZ`Z#A3lOmE`NjI$yH>2=SYHFYf8$KKELBq~Y@_=amh&
z1SC*{=luHjP*JR{_m#ab@5FtE+m5^1zi45jQtzOTg2Ew^V`uYbzi61BA(@{y?Nz7d
z{i2T_tizu-+cy1V-zJaRuW@`_{H*g>oA3?9yN@Yi>6naFhm;A0Np0>33&dwfoVx${
z>e;UTPxB5fJKj<h^rCewf%x~4i|eJHz1U2UIzKKr_64$c=*wr>PxwE^K6^fF>ws=P
zS0abEEFB)yq~*tB@1`U-C{z{f_AhPS>C;Bf`&*~XOs;eMU}OF~YUqYs8B{dZN%7fc
zNsE;qT(nJ#9?p69wq<l<haGSI9C>yjn<Lbnj?W^-dyH@Lq)79^^W(T`GuJGZ<<&_&
z)n{(?z~MiS@0mBd=u=bZ_#b)R`Lh=+&65h(>3>Xr{KKQ~V(@prj#;y)+vQnU|HUn5
z*WJ>JEE(4<uPYu>SlY&Y;p6Z@sl!~KURZm(v!4$!bD^->+Fnh5J*Y@%=3DytT@QVi
z#5>83+n!C|@A>rpAH(;Kc~W||@N#zDqlRBIuI6^L|9xh(sP&ai>raZpv+G^AA2}}L
z_`^@vC)|AXuC1GI!}#g0vvSX=RxW(HJAbLe?N`~8OEynWj+H+YJbu!t!~C3euBBBn
zqF2KzUCGvgmrwglo!POMEU$j*slFpK0@`)&z1R1q;GJ{6c!S@;nJam>{@5_CYuM%3
zIwe2uK6X(2@`L1kmU7X}$4wqq>0SR}DwN&it<Q-QA8$pS>C;@A*Em%Wo?UMt)N)PH
z-t-)0N;l{8p;s?o-Ajybn%C@6!GVs&$*G?oUx}Ey^S99poQk{V=Voi_PMv3)*Dtr5
z`+!H6hiu^253mW5+v<u-3hRuqNvuCAmcPL^I;+&s{;_y!&HJ0TJ)3=H$(TVUJ2pf<
zovqlv{6_QjZu*D%{B@|;$I_KWX}e_KFYL~X;n&}^>K3uS>E~Wg&;FW&6>K^7v2o)2
z-#xc=p1QBko7*j-65_?WhxPBeWE?u2=#`<r*QV3+C!Y6@_y?XNXM}p%3sS2{&iM6~
zj;RsT>%$LG_C-X=tDui*eMHG*RP>?S-*23EzM)^QMMV#D7N09TkbU^*=R#e6hoEj<
zE=KM1EB32*>gSwp_xKBcA5_$}TBf*4?$J7f!f!4i*JQ=!Zy4rvB{$2vIA!~mRYPx`
z$Y^!;ww<6|(T)Ae0^)7f;VrlGj<uQ=G_ZZ#^r}~`=Oura^KipCx!36nH><7qZp_>(
zA$G^QZoaT6ZszFueX&!!1rFzJdEFhCwlqx68b@YaEV-FuSNGKRUhlFSpV~ABzmTf<
z&{11$c4o;EyOAk9P8<p=xTa}ca_-vl;l(+2i#MhJINy2MoO3~G^8V7|L)ne$k6Ze?
z$C~V|Z9cAVRddFqbtz5}4og4gPEAQ}mS{Ko)q?6H4v{{0Za;bMKk>;g4aeb$gMxdE
zbS8gHdSJV5(TmzEYUcPAFIeVeKXyuKC%ef9yB%#cE65`}yWWO*=RYm8&+caX?B{Jg
zuU_`Homez>q3nL%?5Ltx{pdpzt`feV8rPh+&|_`O9~Lys9&RtNR~&D3ZMo}=SB}re
zwQ_mw*C5H2f3BxZ$m%(gGm|_0Fs5o|iQQ${+=rc1_8Pl^`5$iG*{zvXTldC0Ij6&S
zjnsF0ja=My_A24FYmtjLkG7v(itRm?duZvvjh`jAE`OF69-ih|-(HX^dGhGVGNe=2
z>c#q_o%Kb>n%E8OJalfUQ?^(8gQNF^kJ#s!D0!c?Zm-9Qd{2+0`p^5s)xOv)Np(Rs
zJ8RtLp7)z?<aP8u-fC7*X8-JZ)8qO-`(s!7tt-1_3AJ}7r#4$?cQ^aMoRT}=<tMB&
zjLz$>Z=X5UR$TCG(IV&FRUQV-s(oa1irsp@+v?XB&L<u2=HtHoW9hYJ+uSoh_u|jq
z^jo*K0q!GTAj8s^r*~`l)>k{Y@I~RIr`gzHETOQ`5$u<Nmpf0*a{fH3%hnH3qi*a#
zPt~3Nu11`*t+Q?Ki+ko)S$=N(lavc_kE85Db`pnz1iTo2UET0Oq4C>fuBE=un>8a|
zl)k!d+r_p^zPA2`*!gQ8Z%)54c(8iEd(Zm?9`BoJo(@!wn>+qt@PRdpZY&F)bJwl&
zu@U1(jLS!|XXV_z6)elXzoFE*<B)kbw~Rd(RZE{2xM;d<dXQcGGx7PbF7LiSo)llG
z8+1WA>qg<#YWbR}dHJ_gMI}GvjD9ZsX@o8Wk(2jsctrpHbp5i(tsMrB{B=O4d`eS~
zh!VfEzDH-tQtD^dc2M+Ryk?QgrUdP`ml*rg>G{!(b}SgSx~@yybkAwW=Ig>vg`HcD
z9M7}qeXP}mszDq4w%_1&sebE8Q5~B)3$NeJ@3%Mex48P}AN-Q38zabl|7g){S)D_r
z#~b^V;&12n+rIF!a!22Vm)vs&OEn6QQH#~bRdIDrJX~~hY_?4k2iuw{8?JQy-0V*E
zRm1LNFZGS(ziC~IEb+>%S)D(-k4?zx@dA<VKAyg0MEVE2j3vj%hNz=w**(#ZQCIcu
zpLA=_?=RF-)ONj6+@6m*@yiw4A=1R!yBp2&j+@ar(rxV^b+r-Ic3xkfyIx(qxAPBk
zb5&47{n)4H8*ln`=fpEf8@D;M<$n&d30Z9;6zR@g81yMw@d0c0WY15diBC!G3Lg*J
zEI$$LF>dT;n@?w!e)foYl<Zp^7jSRfhzE6CQm5=%eZ|9RyvC#Jj8XNjFFlvmc&qKu
zheffW$%Uuy{IOzJ-1lfWFNR-hOXkonJ9fRwI?yu5xj3=yBIoflZ(YV}H|nE5)@s(Y
zF5T<}slh7_-12I9;Z57=A8TbyE8NmC?ehlPp|!>&FL`}!<GwyOWp#oAhA*&9KiT%T
z+p(TUihUA&a;|5e`R#%>z0>n1&&T;~9{$7XQ~n)Czc1KzVDhxWX34%YL)~YJo}PTD
z+$r!3`IL48K9Y32)x6L>wYtX^e5!S1OH;w?IVW2EFs-l!)&7Xzq9$J#3Qs*beA`|S
zFf%`Mh3zKtZL8<64sW@wqqrodREf3;FORLu`O!}y44QRq;z#iahu$NTuil$ytG9VL
z@v~~h#%Bj}?CPZsTb1IJX7e;T<W)@3ilb?Icz+Gw?@u0UHGlsK-p*k~;=W63)(?5s
z^wA}obNoRoQk>G-%p7}l*~o>zCkUn=u=BO^opfqki_k_<<GZEArb_bcvUKZLEX@hr
z9$*vFcB15c(#w43@du9Qzj2B8;;l>gzWBnZ&w)<&A4KIQ-w+IFJF!7VfV(PquX52H
zhvxgQp1s{iJ$qos_t&@X?w>zgFS7j{<@F{jI$>nDj;VsnQ#S?Gj~6!_4Ef~M8;(40
zlpnw2fPZ}LF7~%-f11}o<hb+1lo>bh9;=&Db0Kxkr&dIXU%gdTcFnp`Tzm8@t+bQY
zCxf@A!{&jdmuoFvHu&9x=3^Rf?Z}@u%{Dz~UcsX$%QVwl+8_Kr^YZw}ltGV(J8QIY
z9_M$~j-C)ZY{QLb1K+&X%=UAwJKewaYJS+3<UqG=SBl;4y2drld7Nz<S8dVt(OskB
zJf1`6f7(#muttK<vMo&?T^(4Hf3B}hNWiD{2M%pqQ}DR3(V6A8S8FBI+nKSm4sS^K
z&D|rsp07Ak>%r@N@7_Gv1$RGjecDM6m$>OCi2^~xhkKn)$d<%wzuS52g~O$xCtl97
zEwMX9?5XuZ5wf?_=6lPV3?4iAYSi?T%U7p3@x}2kN{V;OZ?{QWaQ#zukL((X;yxo*
zj`ZGneY2pjMQrYiovq$(J~F%7?kXjcF1|UxXL%P_VS<yF?pl4t%W3{S<yv&#)IoUF
z<1eZ?hu^$NwsUQ{pxTb3t)9GU;;_qR$cD{p_BH;Xn7Vj;XYH~+x!!deC-s)r84%E}
zwY{M3b*Gtq{L+2u3C_)4_xm8>y*l1^wX-H>H>yIU<m$&f?Ile4{Z-w&O)_faWZWI;
z_k8scJKu5IOIgQHd>Ed2>-g2HJ0!~nUXD7}aP(_uepY}@NWg?nFaJ1ps#WF?<->Wm
zhWgxWJ_hr+dE|xPcQ@;g@yW<t@26ODeB6aGVKz6`+i&Z#Q#SUypye;T`Utzs4qrTZ
z^!t(XKD!0IlN`BvXOrF4{Db>OJf1f<T6MQ|`cIc~N_q!u53vae_&Fvg%X9gK>kR}x
zUZWQOadAYinimT$N`J7sFww8&mMSeyxZPShV`22D<8I9fWs5Q2m8AaS;VxOE%DVHr
zr2C+N|9$}ht5XLR+DxlL7MBQY*B)y%bz11?$K9i`PQ_5b%WV$O_9OP$JzQSTJh`Q5
zk8zuV?ZUIudcoc6C4J9#fBbl^CtCge<aT^M-~Did3<_Gi1-9warcFCpH8Q(i-MV!b
z#_?kKd_KQ^s7**fKmZ81n>KA)sH?r8Zr!@6HP)s$ee=qtpQ{88D1_>tf8|-FN);zE
zFou-FBqE{H5LIz^b?YQ_a}&C|4sh)x@$izkdv$bmmAJYNezbR`Sp_vFM-_&$72MqD
z3jKBbr&X#{sS+I6H(*Q8xC#IEVV3`XU;VQ<|20a75a2p2k>M{Se6jddaQ@4~-PP0L
z{FkSXr|W;`zy67zvBM=Gb$<e^ks%P1q?h0cjd{K$+|#`xH75ZWbM{*T@q7KnA0I%Y
zPv)YSMq+*{nQjvri5NssFARqWM5e=0(g5KIOkf&90O=8kAaP8iR8cSKOjL5nfa#2x
zuc-$d!t@#rG-JMVlmH2?V2xY?Ib&KxLl7zmhc$9Y7>^`E9`4Q*f}}x<NT_yDjgkjJ
zDp-oBB#?DPc@U(;F`ZTd@grGmS>Ez_JV(>%SSVNxD-m;sGmHgaxO`@A05s=R6oD8|
z;Rj%{kq8c<Y9@6SgCkXhNo)qOKxt~E7^XsC4G)5dcuXHl=%nnhh(#3=h`r{MrNt6!
zstryZka&el2&zFzV;#0-?!b`)ghf(RL*lSOgkoY?rA0M}#6#rf&fcHKr4}452J}H1
zSk2@Iv*;Nk-4=x{kmC+(P)LL$T8u!Mlty1hv&^Y;p%%xiA<P{gmBpJ|2XGDQTN(5d
zI7t*uxci8_MIM#IjD(e6i`W2IX@QqUiE0x6EJHzMVI|nwmnv9khSH_WWhEEouVf+@
zj|$nxMWZa^0FZE<N)?I7aD*hRjeby-Dg)7lDj5Hk#VN@XiQoySj7jYuiox=punN}5
zC`nkM^anZHnM^zWm`+2Qtpe_4#du$xT8iKhrhw=aA24o!`eJfga#$Cr<yI+ANHJ2;
zByTO~gNy|7dFH}Ni6aCdLg)<iTvAxMXHHCDq81|%2-a$ul_L~3AUNd1Z3V$0Aq$yr
zMa(ipRu0s+pcsO1Ci|$d-j^jd&6IeIAc-Na!z|`OBB~XkRwrZ-dz}c0(QB=FP7rWA
z87KWJ%@_6#5+={C1)fH3v9PJ(OV1&zBbA=UR=U&bx=CL=Kv#kY1W%wdRg~9ZbZNGA
zs`Ov!0jgK2p5$8$LO<sEh_Yl6bQ2;9KeJh9n!+>z*5ngY84zb864B_?*03{^Rt#y-
z0J>ch=4RXmmlL;ZR}M9mW)!C73`)MgN=NBa!Qp)R8C-pY;Ux2DPI&noQ*p`#hnw-P
zEWg5WECH1xP$UVHs0<1Yr|)ghC{U#iN9ao`0AtD*VE**oC^Y-HNJ60XFLSVLXZvwM
z{8bj0<r1kP=(T}a7c0e_$WUfMf!Hbk7g%J1_BW5Ovc$`D1c|9RS`Cd@7_6-%CuD4S
zD~zD21MHyNf#SGpDOE78A{J4Q6&TLI;;LWt_rIBA)XtF8W+aK>ltxjZo}i_aD1t;Z
zGDJk6qs_;amuqkI%NsspbrMRzR5~>RQ9vrU2MagV9Z1)Wq!B11=2#9`p^#rG%F2jh
z1*$@XbRMz4Mj#`Zzf2z68;oQwLmx+&0(ohH9eAfv5XQfi7^b93uq<F+!+JtUc<?J?
z7|)T5&({qRje-!NWv84)XMeGI)2h`gl3AZ2M%bGzhrJ@1wH~6E71QkbQZM@fK2?^K
zcsKwi;jl9LG01BA1;w{lBt%t&j2S$wqE7*V<ZO`&`{nN<k-kpA3XydB&@YooSFV6i
z=Jug~n^ZZSz0{n@a&sXI<G;|uK|Lz!;GiD=8~tm%5TdeVSJdl4J<4=?4Qtd}c6yC}
zi2*WL3(HW_+|23j$}C;wkL>V){$Rl=OC0-^lJwu2DxPC+AiN<)ctgb3h+kUpGfj)6
zI@w4o+MxLu7b<06=xhcVc0uR~AOgcnS+-apPPc9}>3ka=S*~nf&lFUSXh_T9P-zCR
zd#D~V86_{F;DB=Z5NYf{x(duxLFNBT?2zFIU<j=GHVg?ttVn|jI5HCXhQjf$vxK?%
zzPt%T=T{~%{0nNV1;HRGc(8_<J{9r@q#;K&%nbVbSmOx6dLq)}&xsmPwUQzR)_=iD
z*dsa;iuCxhXkp6yEh2^0iYrevjworna%JX=Ie8JFYDEOn4g8xVex;OT(C-l)8Qa6(
zKQJ;fHY9LRY;Zt%be1XjZ_@hJB9KEwWT1aU-~bLS<#w&r(*Gve-$2YUq*Wx|m|}mI
zSYt`&IRc$r3KQjQTD2HKDshAurTSXaayVTxvVW*G!*Y3M*D{qkB$vUIUxAC@OQwDf
zVWvOBVS><OxZJ|-Z_VOw!VuCjwYau@Ef-SxwtWs1v$nrTGPjq@_KzQXV{>`bmbFfC
zXmxk(jaEQyxz?NVU2$A8%d=2@L#pWM;ID!Sq7pqBtblYHIidiU#bY?6(Wz7dNJk(9
zxPXI=E{Nnn6&V8xNDP!WCm$4)8JlOA5MTumFmIX-_P@pk9HFm4Aw<-eLkN-($+S8P
zCb+x0sw)`M%mreQOsj(!NR{s4V5Y8rcoY;t*Zn)_QX}fJo^>x**D$n_w9x?mG<jik
z^>0t13RR<4`^~Ka!l=#yl`BmP)kUFHjc<>>)$VcYT~X&So$_^LFkSIgl$b>vF;cdy
zP1{txtVuhOL~sqPGS&u|LN2B%0!VED|6n*QQz4XWQ4_={Rr^XiAp_YqjOzen?yh)A
zERTAl3&heuZcZwA1<*G>(Nvf|65yj%KI-tYdZA@BfhG5%B0@z_umZ%b5eNxnuMSrU
zAQb{9Ai!A;yfj)2Cm}?wB@N{(S!MYa6;U}&q5`&ArIteNtI1`Z|6fBykSSo`@1cab
zyz1*H(K1fy%2E+dH}dyTpd%3ct0|x=eQjSvF?IgFzA)*7U)diVb+n8!T7IvX%KT+|
zDh#QmKg#>jBB<inqsVwnZ>(i>GJ}8`g5&)H#d@&C{LPA0Ht5sRJ<393aOGF9tuWhl
z;iwwM4V6>Myvk9^%p9jQKuCkhk*`<L%p9o<q`nj+>k8YSpz3SZ{0iy%8uhF~(#j}n
z6;U?=PJsJqNkWvUw%kLwDZh#y3KA5fCMvN_Dwm8tEDUC^RQbLsSDCaLUtBH`l~gUu
zC4j4Fel_w|hn4474y(#5mgN#*p=N%?5K6Q}{!a~|#BVT!5-S=)Opxn0l2~d4gtPv2
zffYsr`V;c1Jc6u_D))*<l{J$7tgNy|Ri#B0AnY&6DK060QcQ6vsH~K-=#f7!qPY0~
z2?@o;y)pvII^KU)I&qQzbHa&>e<fv;<(T<;!DMC3e63uvGG-XD#B+p#HH>CzRdZxQ
zsS!L_qrkX&qw~<Dp?u~Z?_l{*z62V|kAO9@cmxkZRO(m@L%om4&0XX@lrMmW@)Zb7
z>TrYrm4;Aom^Un(a2O{w2rlm7?=N(9^>O#~9?Bn@JapL5WaskZw93!{xddR~&OrKf
zX?s5J-#!EP|MSmcJTL|rHKHL2kqVQI{1$CgaR0BXho_sx`A;t|FVFwZfBq9cIepEx
zMh5Qd7Xtq{*PscEa_sRf3AjR+kch>yco-)MkrX90uo@M~FtwQZn+HM6;VB8!N#r5&
z<jGMbLXZ-Oh=<+1yd~Z;Z<!AwmH8-KWgcFzw_MT5&BxcLlT7X-^KwJn-MtkaZm_4^
z!`&5e_41H<c)PpGygYrp-F<zKPEubUdze!WO!)4uLf1}0SN8#~og|)}B(6Rp4_8k&
zSC5XaUJ?)2|Ab2gzc0;y1N?2yfLApC-Q7IO%zy9y=KnwPGoSyI!em7Pl$p}BGxsaS
z0tCr0jU1(QDJ%Z;f14HmU;ZrSKYOTNs76Ut2`q+xT?|w(|J^*ie9GMa|KI%oXMT>3
zP!BCEi$|bPREB5>1R6+Bb;w=h%5!vNFU{BM^&%J)6k)hhtfC7O;?Q9Kz`l`zLU)m?
zh)g7TRFz0sJfenKnE_!6I=RB29$}%70#zYA0u&g?%9I2*P_17Ag2O5mWEy%9p;N12
z+`wc0l|aTc3Y<cyMuFjK`fmk>(~ZGea6Fm4gq_4;*+@hVNe#fCR^BiN=s{#WOga;g
z7RE^<^6`jD4FT~c0?3A$+SgztLI*IQ8abMP%5|^`@*fyT@J!Gd*(ysw7)K-Z<UcS_
z=<e#~BlPv?)Cs(Gr1pJs3U7pJUp5j}B2W~L0_gg9R2FZBz8Mz?NJ}3_lZybh60!J?
zl(o>9F%W&so_+?+zzPK-BN2Hx-9i+OO4usajxw;QMFRu?6WGorn7kPY2w(#wMN}BI
z$0ISbhM2A<BoM!=ALJo&6S?wPr~#%eHY5g6%I>@eP>uKx41_cYBB!83QUp?<iHICR
zHGm~_!UzbsY3OtKn1VUgD`Qhnh<N|4F_u3I`JVu*bO<3-!MGCn$MipMH&;vj&(p*0
zKl%Sp{5btj2`0weE@3o0#>B^pEY@bsK0}PbP6F}0SwkPt^Rzk%#P?)h&;~*)mE2s*
z*7Buau(mn2R-&2`9^Oj6@i~zy44yTZ9APmwC8dx+9{-1^_#fzh&iq#+a#W}ORsx{H
z`S0p&Isd)g|I`2ek>9tP|DI*%fO~~A$G2=H?=MXpPm77;{l)3;{(pyv|B3$R%zr`+
zt5pBo`d@bbd;Vwt{bzpv>ijQ%xvkvP@%-Zacl*CX#Q#M9Q}drT;E7GvIk7+3^Zq4K
zP?7z|&D%2nr;nG9&wum(pZLKV4Mv(w6f&4Zlwe%5L61CGi*hYBuvTk)baNAR61nos
zw(4NKSRCgNK(GeFq$3a+DZ~*v0T?$@Qw?iiC2%@GbY>FBrC&rq&#=h$bmAOX10iZ{
zJWQYjglQlokwi2EDn(T&X#la%m<A$9SR;pVIU$r`YOM-|H8MoRi^tT6$vmys>p6#<
zfFX;A$|$Va5?sqQOb`f3hzSywjWnAQs9MQ+6oLXmH#gTrH#Z-VR-@#NL=1Wimjj0y
z$B=G%;0cYy^MnxnjS*fHZ+JpTMrXa^sbQ3{UI1u_8b(zTlSzZ<&cT?Hg}`{<ld-v*
z$|G_dm35aR1O-k_O?r(;fg3BBec+Yx02n2x(8wqyO2+G?Tnj(@uaGu32|4vGya)gG
znE&r*`c)|ZX^rqNEdXDZ|DN8io)-2WcUM=B|K$Ha@^f^AdaE!gtTM|Q3~6B;RwE>W
z6Ff&pC|rfW1R|hKyktB~(pFzRs!~B%0)peH9068X%gO=>)yPyjIjT`YTu-CGlpswG
zkr<>S==w?;6)@(ghW&LoPOS=X0*tD_fmr1ik!8}SMj%R*AaQzaD3egt(UC_(0Sd2i
zq)VWrWS%1gnS+o(Y6JT>NL64g!2u}&Zy`v?DI9_rI2rY*@7&{<6j<*0N8nRn#5VUt
z7fm3Wjn>f-!V!gOwW1_2lS7vh#JEuubLKAzD+w`0GXNz4@f<8^OkEVSi1H{4h6h0;
ztYlYwp&XH-utw<SD#R%*+tCq<)FLueVSr#0bHXtdDl_mHBR_~w1EzcD9x6R-Ae<po
zVM>_`p#<ctf=PrRodpo0A`trU69zd4EBaz&IF1mAhIFRE8Mz=4i%06D2(Cd$gb<;a
zSdPgEv5r7+p;Cv+5iw|h5IbsdM5xuNRH#NNq~8HZ)Ce%5DuK97(Jj%(9blEp01+&S
z8VJU5*Z^UQG9y96aD#q=)H;HMq(H&Z0T}cZ3`Va7wbBw=n9@|t=_0HXM#98MLTsEn
zLM<j28g&6NMF~xuP>Z7pFo_7+z8168Is$r)<Cc2yrE$xW1A2nQbqLjI222O(F`Y^d
zsnC%i-64S>lvakrX3jWF1F0}2&1fi?gh(B(A)uZ;B7?xh?As$O7?LAWol;532UG*8
zQ4K0bq#Ry+N#9^f3qiw#*pUJ+#56)FOvDR~a6xdSRHtN*)Bp!12vVdF*HY^r=ozCN
z<0yy<ok~S#bVSrzYH&g>K<2SZ8R$bC0n!olWqWF(If6g?G4Lc7EmANm*%}RueQgGi
z2Rwx+$<YM4VvzbwA4(5La5YLW&Nu&fSfivREvDDd>6NJm=Fm8Mj$KXdpS2jO0lglf
z)AS&s2n3fXh~7A+(^Acs1<r#YCXmB)c*!Vo$`d-)#g1thFj7ZK>%tIJp{V)h!sc6w
z8)gcciyRt1wxvHIZvMQ$`TIqVk>WC9ry{|__`<m(+~oZC$2268$VlkE7>P&#ak6+!
zuVKeDNT8>{RB}p9ARsxWVI&m|g8?DJ+0jh{qvVnXqYvFm5f!E{JB>sYfQXJqG?4Kf
z)iyJ>K!>v04aA3aB*qtjqZ1q&fqbD<7ZQVH@p=q&8x5FC5s5)meK|GV)gWO5H3-{*
zplbn>Oq{vQf{;LQs2mdN;w0eT-q09GrXwMtoDcCKp~5|m22UeI;fpYsstgoVg-!*w
z^Zm4lCNdsXkW3&#JWN1@Oh)g}<pyfz$^aIqoPb;?M!HhKC~m?k6{bhz?U_|>5T=9F
zumRG;w1lCxKa}_yUi-1=YA8CTsD@s0C}ikHw3xh1XPX_*1bt1!tLf|;B3Zl|lbe@d
z*GvmAj6gGrMaUJ1_$UApf>j{iokSo)7LUkvDg+lmh)5}d_>=-Tk}oQw#+5tkU^yiU
zDcL7v>;asKsMe`SRI5US#&&2u&(YK{HIwM|CmfTPoj!kg_8Y@!WHdz3z7=j67Y61~
zDYKABAU9W6N`K_=61*{CY?dJIuOn=F&*YI4GI`|0Jmv+{l-1>o5;oNOj49}j#t~R<
zfRIF#AgTFgk(y4#o_Ju!HkkEtl%Rmp8C9qetOg0jEwkDIsf}V9FkxsLP1$Z_7QIR^
zMTTi)h!*VYsVZWMDaO8I-tn}A7FYnmg2C06{J|Rn!Z8&BBtfJZtEeIoOx_0C?iU%(
z!=<py3N((5%PNO;U<^>DVwnT%?2&EeE$0L`p@I{T2pS+kTl*PRl`v>z@i?Zzbo7lr
zC^&0^NFYojfG~wZ0O5!lBav8Gt5q3{PkJ0BX{n&XWFVoJC2OtN4*`EWiM++QPD7$<
zL`V-Yp&nL=;z_m2v3HceFuF&mFf?#rU?_#Q2|0g&n*?&k6bfcz(+kJc^g?aC|02$e
z&^U<A&;v`c1Vms=5n-x8#$yDtO$Vz<Je+`-@q}w>q(^nX0f7=qLze+_Fr`3rHRmr6
zq8f-a0WmS&m4*>v0tzuH`^|#zs6i~Ege1G306M7Y!3r`iUJw|SC{UX?P=G*#)P`8j
zJ7!`Sx6D9j8pjRfq9YJFq^B0;I8)!TSqtLWCCd0Mu6>yq^)<Fmu~dag#q<?W;)uW=
z0bzk6wcL@O&>E!>7P5w4Ay6AJjZlH&1S!OI8pws(M`<t;Y15wP$k`e&)DdiM0*NKf
z6e!3AtjIbof`dm&A464$5+Nwvmrd<J(fc>k%A|r6lJSTT$1qaJ_JtX-yt18PvN>DQ
zXPox`9=c#<Et?^&Ojj5O9<79NRtIpmfup1G6|L<`*e@We6i9y#H2NC^6A(<trlJ~x
zL|{2J&#9I`6Pg4R$27ow!k!T1IZ{2&BH0U7S&`@vY;r>ULqq;c9AzC&WjM;F!u}hO
zq;N3DAOOWBkTp9Rg$2N@2fH7mba1(xv3pqS1YkSuh2apA2&=U!L_+sIiNk@K1n^)w
zZ_%q?Kl%kkYYGyGFNJYF%_LJD<6qE_VE`MWLc+N!g3)*A;m06HAw`%&8wlfse;8w*
zU^bhq5eFsZQV7PC#NWhpZpR0M)_UMd!W<Wvy)c7XjyciY+^mQYiNhKKmVwVIO!<$Y
z8x5<dp<+2!%~G;(iDA?O^8y@`4L!x>sEjmj-(WSO@&|TzYWqL|OX3spFpkK3>J$nD
zC-_XFx1RiDFff^&2bzFTT8#nIQR_LR)sgg7OdQRH!U81wqxlKab&5^t*2{3QJjF*w
z+vmjuxF^R#2Lk$!CHKsd(Uf5y@a)PhQ`-RI2v*^d>PU!M|3Sf6V3&+XfJp$EKxV(r
zO05c5(!n|>sFxzS1w;PKh;jrwUm=?uSx90+DI!#1upE&K6*#6Af(C^c8IRyXG9K1|
zWr#V=%>hJVWXZ}vhFKI#%ML^p3LGaoG9J;8tX5U-@B|w;4ehtrDr4iNu!w1rwWdiR
zIel!KR_QHERXF%e#lJZ4AgwY;3Y(7-Xp9gzP=Hzv!7BRyB(5V!@SaYI#=HiFz#EGK
zYJ(}>z(4>M$*q&S$j#eV<SKF%yL&=vxfi`W8YL;PZG35Z)0*>uvfi+AMm(Lltqh4g
zM|03d3?vmGRNjO!exRyaKx3pk9kW4jM*$^%P)q~kz}UzXU`|_5`YB98VEKlm7)Dm6
z*I5vjJ<d!NL_^{RU}zT7NQvZTbB@O%8%e{V{cLJOEcG^)1}-AvCD0hg0S7s@5lc~x
zn22XzAhLK2;s;<5fvFKP9@QvCd}}<d1hM7zwHc0<I9o8ExiG6TZ9*=TNCO92j21!y
zA`lIMQVi$1TH0ISM|FZ8!$(4}3Inbc4nhz(sALU8OVk+!)of9=SbmM$3NWr&)tAH|
zBoUG6NX9E{G2oaNz~EziGFPZsJ2)g~Cl0EilwnLGr)?)%Ol~?1L>oaVsieeV83J4^
zl`^v#4I>n@D6ve4wHW;$u_Fr=#WX@pA*4RgW0LcsH`QJ^f}@z6zNeCqKpwO`Ff^b?
zco~7gQ^{eib<+o~l0eSRz}$!@AUN}&#c-1S6Gs$iB3nqOFg;L0Eub&^fNJDs4@RSj
z1OSI|S$r%^lDM%s@J4}BbD4c7i$^G}6g-eBg1dPz+nvy6D|0HDw-VYe5RMU)9OM>f
zvWwCQLyXt^0aKTZeUd<ZF%4p5fS0F-JI~zH42&MkU4V>rjnxm$uG<5yMz$Om1)`Ep
zSK}aIDicBtLQ(?;)hO9_Vn+(1kiv(_9m#lGSqvo%_Ux5$u*N{`9#CeObHeZ#^ST-~
z0I9%O)<jSsMI-R#09BE75{lTixRHENQZmPLYsnEV6R7EfvME|H4K;7RAyZh$K;;oi
zO&6Ln+%dnDkr^@O_o%X2hQ3UHC2Z+38A1?3j^W6PO<ktKbaEkcjuNN#s)!y|sl<*r
zLXbErBZUkY1%?BfSdv(KvUSoT0SytbMu{*!cOm5FDx&{KsUD1v7{*EV_Hf{wP{9d^
z3(=kucGN%AqJim1Iuw~1ESLr&;?+zvGLU&a4aQX6^fC)z8ExQl+Bc)c2m+O=3=mK~
zISwdBhbO?20$PIN#BwA-OvJ0>sL>MV?HLwFo2r0YgNz5}gCR^~C_(6uVJ=p*WoFS=
zp;8>i4aU8-7}Oxdo^Ial0jexO4$9>NH5KCi$$<3m_VR2mpn%bHN(O=!q`<}oAsS4l
zjE7K##d=0N(p4%%1(r~1Zx)Zh2`Ig!@QfZKiD`z#ncPT>T&Foj;yMKU1w85y3~3NO
zM5?t4*40IQ!x1%>z_=HHr@+*`#<^|jKrzK+nA(T~9xTYm#|JX?7o~BU-@nex7oaB4
zsgEI)fKZJR!x1^fjkvO2I3rOg0mXrpAdbZhG)jBK%#pNa#Icg|p1D4T4uW!Ygn|{U
zfm>h}FhyH_yKrB1Wy&+|RlbmKtqPwnV0z!^dtsfGV4hPHq8cRw%aj1$g_HBXJ*6`-
z&Cpr#HCUOZfPWW43EGT9Afy12#bX#jdw@*&^Np<{xCnw=lv;PHmwH4;3XCz#5WTs8
zpxz;Y0&r7CJKFt9!m^Pd#)OmR-<pGsQq4^<0Cae@+zR`t>E^G3Q8nXl=P*BfpuaJi
zfDIxrLX;v33`f{O476b>0!cBQM$Qf|gjthO0z#}yZUIDK0<dN?_A!AmL;)zUbig3R
z98m-lV}s$42n3j$<Sc7V1!S<REY&=?GK2zXfhCxW6fVHh0^AY6J3w1q<fuY{;KuMT
z%TPSRI3)p?aF~p@YA)p9LFlB$Jq;V2V4D53WFRpkE+|EK0@t2Mm_idU4FZJ^1Uxf(
zP1pt4h#8@i(s(&L12ilG5BWkqr7eJUEDVz)#?0pt2rQ4rQ4;B=0Sg&{jz%PqFSrN8
zQn{dpr%o$}NhFfQVG>aqEJFUl)yWh=l$-)#m?S|jXax6DS^Hw;v~)_=<CqFKy$J>!
zfskTH8Yv+`V}&9F&m2vOQSpqxKzL3R_{_#sag*uO3$a-wERSBDC2Zu091%dULO}^w
zg8(8i6~bg$7SJ0a9K~>yG=M8Gj8|mQMiz{k4FswLUHp|gmzlmTrojMDH>GWg9jX5k
zhzbn3Zwr~FRS0Y3LRdqhLiWwKZHHQ_NCLFNVX9Dykg$+RO8A!=q*`J-N2tXSM6G4K
zp;Y^k4DT2<nkA8W<RApB@Jwn)R_QLQhHEi-D7S<bllLfFh{1-layc_T;XtEJo)hiI
zegcBiC=D6oelT~zCz#P{@-@gYq0t(`eq)36AgPWpNU=oIdnSxX0u6DNW6lD|*;v<^
zBHmhqz&Sy$LZ&TF*{L;<6K-e>#|7}{FTfkdGP!cVtbs9y01>Dhk-<2@T8_1toWnme
zcMW*MmM_Cb1E#~7*f)(aWR1f~(|3zc;nu?cm;%)9(bN<KaWit^q<K4Z?=V~kn@q^f
z-NO@zZU$#lPxRx)>08~n)5{9XgjzC@PxMxv*-z4v(_&w1zHPT6NFyn!Zy`s)O7Nc;
z{ZEYkLt@mblp4dtp_U^T=@8X2Vv&AbfmAG4TG5l?+ekhxtp5bxUle>mBK-xq$Hx8w
za|($uTQW0iDd;XH$ceDr5gU)AnD6YYZL3+=5n?>tZamaZhp&O7>b$QCT$f>Ltqw$Q
zGX^&h%V~Ca-u&P^d;Z<s%R7w8?x@vKkFIJuOhPU<vuctU?X?3tVXX=?Aac{$e5x&K
zMqwJuDa~Wdip;QK)E=6*Y?LImtLn=wW&$jN`e{@KC|E;n%Rm}9g#x8^=@4!2W<nM<
zn7*v7g)w;>H*ySYH6}+?fE=w>Wf0Nv-i&boR1p9>DmA?b+Rp=G(=nXd1JckK=PVF-
zoESZZRAz5xnx?o}ND#0PQ3J%Ny<r*#3u=T2xMcxs3Y-?`jv7QpcZLGT)W8Hyvxx@d
zVu>syN2ske8<2;S?M=pJl?v0dm*=oU6F@-~5Rym@aTEmdgTn>{yA)8!1FMoo$uX%U
zB{M8z_!5o*Cl5?QFpd~cE^s^8nJ}GXFzt>(6*WxC;#sREwVTCJm^Lh68iWB0xDC!5
zVwjxn1_3ZR;0Vm5*bC^%7|MF;NZNOZsu4l}=@BMu9h6~QcXWrL)R-hOh6;wsG$KZ1
z!HGyFXC4Uc(9^aKHUyrrfKwP5c?M1`P=8a65{MZv?upDV@CYK}f$0-g5ddMfhg84`
zfyhOig&@#u5h%Yejj|eWoLQPpG8)G~%oz>>3*=^H0~58>Y-EoO(G`SH(n!Q00rdnB
zrlphvN_Pm>2xv<ZCDU1O!;-;DS1xL-iNYi)>A)uDt~W5}RcHdDq2?JibZ`Wgqu@!4
zV^XA2W{Jv%nzIcFjg1KDM#PSs%HU0V9$Pq^dbVcTW3Ji=Kvb}S>v9Au2iFbhM!lm(
zEv6%lFTHpWq<~SC4o3#W;|LLtspJyK8(59NAm+Sv<ME6be;qnre-AeF&SF4lWLdW=
z$&5XAX`l)*!rp2mKPbytt=R*}wC~lKpj$z;@gR^E0VY8iLO?i7*NBH{sYK6pXJCAz
z%S8eR{-7#hGRT4k*<d}YCKCt%=C0AX4?rR~i7MzEpghRzk&PIoEdv0gzv(lGtzZ--
zs#Y)NvE1?@h{3W>2x72atw(t+0jn{adDP0{V+ue5y&{f`3^htfsqv~9#z?M)U@pM`
ze5E7ssiuUK5{}6UI`)jF$-jq@BqKf48*ZE=Y(`!LlE8)>hN9r^85yoJ0Wp^>YJ|j5
z89|9745#+aj*dL$o%K^BoRmbge#vo|Tl0#WZ-$uML0TN_HxM0=M}!QAscO#DaC5d=
zgb5_*<mT%`7bxp{W$*~YG$<qAt)LHa+}39MG4`Yi5XBNmO+ztlrGPIufzlQ{T$%HZ
z5RLZ$S}agPf>{9l>A=r$BLxvUdTo^=tcT(+`x)qJm2xzc8&WF6a0Da7CQb|4h0BqS
zU1htPKJ36=z^65%>+2cKVY9RGkm>-S98en52pvJPv=R`mQ&F0NmL?3A!&;J_Y9vMn
zX@M{r<9X09cq9T5)WD`x8B9ZvIE*q14*<pLrA+K6C(?}_K&G>$RCx*eM6L0#3ZaH!
zkWPtk4vd7tN>d@Qu;UU)tBmCw2#Hm}$|MH9A3rI{bR?T^<p?z&5<$tyLS`EBlOZwW
z;qB@Qb!C!*F%2mwRl!ZoeWfz$F`V5dfg~U}FkMg@B}yL-GJY>JJB{_s5+iX>w@`zz
zax_?K{xE%5UTUD~Q+#MkkK^QIK2<s%)8Q^edyxhHZ2D{tFfKY@3z+U#W{dqN4|%f`
z3ypHqc--4n<ZF>*!q>OVxoL}34bXq5r!7xU2LM6IjWS~5>6vNqWznX`F&#o^5S6i~
zV%eT@q(EwvLJgv4r<gDSg@rJC_zfg^2lf%rV3=t&q|nwXW97!P9`q{+8l^)(HoeHe
z&_MqIkX$5(fzb!*5ee8Xfc$$z213z6fqf|eGMI!_m{JrE6GmXM#uHC2#_9sd*}q@k
zzJdM&oZCYKEGlyli6zj{oNDc%z|hD*$Q26g8$e+|eT|hGNQ8iTMf3|R2M7etnc?8<
zIlx_mk<`#}ab_pFtFr(yKDbd2EOVW~W!N+?)aLx+*upq(sGp7i_BMWKkDh^{e2b6f
zSC?^BPZnRkSpy~-%WI~0kEq^(Uv4H69bKjwiUj~JpH;uUaEJz+Q(=}KM!~WsDI6Uk
z0ztld;Bvg`LenW7tM*UG?3@hqiZw}w_l^yW3GWv%ATS~}AULu|&(OfwfWTfoqCyA6
zh6N6Y2=<R;*~FgaVegGMg9`SkOrU|41KQs}#FRav4SnHIyA>tG@@)1u!0AtJjcLvB
zPw(g<sLbBF>~{7G8(QmITI-wI^0u|*Y-}N@>_+>41h;=XKiPl3zxP+!{D1V7Eus+w
zruphND#-up>Fw!mk^j%l!}Y)XfB(oYi3dUawsi0EB@mx+7E%2yWcnP#m16o&N4|h6
zP8zfbRhG`^O25<M)XtYg5rQv)l7Kkjmp$Qa{KkPo-xvy@(C<-F1wQlu2l;gbf}1`n
zFkH>&NW^4;WmD`qlCNsYSgGQMOzt^rEpS*u7ca{e@E%+g%Y9QmmKK<n4WXq#nHA>X
zZuTBWG;#z7O{h>ghpjY9;9VH1;Y%PlYhU0*KF|TIe2dbcBn6k73Okv{{g>sR(e_mt
z?ir~z<`;=DRyP*nD4<l)FE~f7_HKn;WvpFJcUd6)C0O7a?Kmy-{>ua4OZ{4L-<mVi
z{9^601<eM6Yk8l+XmEG+^ev|VJ0!w5Ljp1l1Y>ELR`)ORf^&8HUu1-9c?DQTs4e)w
zv-Wp+lg4PPsm!#oHo7@e$z=BlKu8!>5fzIoMinh@3P>?bg}|C}L>A+c;WS*XxH9oU
zz>$^QL^S20fNDrYX(`f-DA18IMi`Znmhq@uj%doxU!V~2nJtpVVAjH9Jk=hj!^AA_
zzM{X&oWS@iOU<9@yYhHq*{2{upDCou9Ehc0{wB#MD_UPzlkY#wFq1$j*Dq9wL2phG
zkNSV|-@F5>Q2%GGRfM>2zX5@fA~KQu+BUwd|GT+*d3co7|Np!H?H~Dd=)h$6hNR%g
z3<$u{$J5tfBFtrvC;>?kCWkj2xz(WqkH^i60BcNfFo+yVKw&y=sXQkK^^tLK&?zn<
z1*TGAda99tzO>1g4xrJaWIX!+*n8LRwsB=a^nBg=6&R)W#7<kZ<=A;>CTFf<yVG9V
zaeOQ%z4xU1T961y*ro_J0oqZ=xxf7`6aW%@ijw6=PRzBsBa?U*stScdJ$!XjrOoZY
z%LmoGKyki)jj#2b*i=M*;Fm*3x9F(Q63Pc=6P#cyd#T3PuPsDJ$oZts!WMTou5sww
zw*|%o>aN8Hrj4Z1<03wEZpMgx7p?hBpf&PmJmCC6EE!yLeI2c_u%K)<>KIy6!Q9g`
zi#Rz*1+;1+XMG)pbjHwF`ya=l0Y)se`bJ^o>(x|j5}kbLoxM9f=$&`>-ya^IpLBb@
z-#(n~zxiqHA{vmP@SsT@7OT}tES$=qS-K=VzAn*-*kVW?d*vSfruo%zvA`BI;$SRs
ze6Vj#bPcZeFLqF?<&q(D$$Dx{N&!$dCKFCUji?Gd4+$`p@Q^^zC>!56$2S9ElqG&+
zSFL7krY6hPBrR=2*lLAS)M^PaLoF)*B9hOGH&2hrB?+I_gHTId&XslzUk#92#J_yg
zJb9O_Om4B7$fi<5aVe`k!%)^06&IIDSzoSe-qUKSyX)Gw;|fx5;9>$LXp34cy$Gn)
zLIMBNL#-A>(5ZQ2-TDX+E$2P5jEgc%H6I90<7j087`CU%ngaGzf*L!J<ej&&C@L~_
zkNQKBu}`MlX!mo*!pbOknI$w1uGrY2CR7Ior>W>rYIn(Ut5QN$wycrh#*kjOkc#t?
zqhj8P_odjxt!ZL$G-Eg#vk{0#@$FlR;T?b2KR7=;$*?(a&8bPlY34-*nexwDe>hxV
z5pf5*ZYX6Ic&GpP)?CjG;pD^VS!NK+bk74a1k{86j5EQvX6(gVbLH2Kv_VJ3+p=NG
zviLee-@aLlsaedKG$Pm(|C0tkYPA3qKgF<kKvb@948Erj&5n6eiEMHB+bNzQfiDQc
zXhg2il=_iL?Vbywa(H5lzfEo$CqBsi1~%wmPYPHDl-)s3Q#<wLuqFmw)x?RXDZ=R;
zoPIjoE1;d)9oJ>|t)$e~uX6JV;h?`peV2SehR|$tLx*aAjIDK8T}S>;uV(X`A-~$#
zy)1GkATsz}<GAwh@jkX4ox@=bQpm}*Ml8I-p<53#_~mf3CU(q+Xr~6y|L2_`M0@+C
zv*m0#?FY2T^+lM>QLq3=m)N5&7DSCk)@<d9D=#eP3Wq-R$J_~3l!P-pPOwP{#c|!A
z4Ddgx_9^oZ!jOd=b>8F}zKqLo=Q0bGco}&Ut+{k4P?PI3W#Ot@xVA2P085r8`f0s<
zVgyF!M8P=3E=f9c$TSeMxZBIjRGMhbqmpNo&9$Ka`&RALdKS?Coll4tkdQkfSS%Ib
zocw=V?X9f-Z@c~C#iRc3E}pMnH=m(PI_-cn-iUfc?h$XM5-h_B>7Zwu-@Y|usm8&V
zK!@j2>N%~y2b6Idx?D@!=cnjY(P%3v0D+K{fj#Uj$&t!RbcL>w2qS-pUOb1NblQWU
zhp5>~8k0Ov6Z__~MiSUu_o1?F{TX48jwo>v4g!^lpz#|~twVVs`;ZgiXh4QI;skvD
z&_80+Hm#AQ#B(_q*@Kg<%3cVktF?g&NvO4#5b`}B!}V&&Bpl34$l6b`nZM#Pr3Gq1
zOzt)2kDp*#oj3It#TsWUa;R2PvO+S})Z2vz7=+XpBh>smZ~a|vS*g}kzl)$r`S0%$
zdsMKF0wh{~S$~SN&{?(D=C8u~e5{?LK`&YHWI#<d-R4b@$Zl_0yiv$<N<<VY?IjL^
zkOd(HWQen6E5~xB_E9-@<}k^$HYsi=#Tq!7UXpN+O#_KV&HsGUc6M4@8|Z(xotLex
zCUW+0fFUt9CESq+s9SN~QDFuq+iU71+RW#hm+b)&xZO;hCo(<#zYBMe!~=CMUV&-w
zrRky+sG0)Rty3IVSf@Wlm?KE$qG?5y0)1IEWT9ZQl%?3Dp?;frT!WX4JoGewZldOS
zP1GyH6LsO7PwxtzlvNYZdgho$Ln|Szq|=mO?wGH3dE<XmR>OQx>Igi}7nCorkzhKV
zWz0E$CEgTmJMA{&Q2^>KMHq2p9+jd(c@zl-Kb7@;oX&{)kpDnO-$Q)J0<zH<L;~r?
zUjr^|JMAsxGQ$0*!gPkH*g%}2D+0c35Yl!Ucq*Yhuva>20bYA-OovXR>v3jW@1F{A
z{>6w>f9wJ38z%1Izh=g%P`gP%HalNiohNH%u{NEcIKB@o_~@jQ6n{(1LDJ~C`FGv{
z46Ul2U0hhWmeqaC39CCvBh~y?Z5p<FxKZo1SgxIHN7IN(fD~s5s-h+H(^44}Y)~51
z1@#K<MXi}HRX+vCLVZGEm297Nd$8+<*mt{LFu}*s6t%aOTZCF*UmDuWLU{q`)`aSv
zKr@vDtqx>uS!zKjTU8eWb5X@II2Vnt5YnXuZw=Pwy1f#<$({Uym}@Bu7sA}QUg_K`
z6qA);sDpF0U}7)Tg7C4bLVnyu@eL}?g-mvUOYSbAn6sDIa%JVTwFVxN5Y(EoU19EY
zjeb8!m0n<~#?d)W2v;@j*nf0Uim<fa3sFQ|Z$2+i6)mTie2aAsdRl-_q;{31Iks!n
zCaghXxLXOwe4zEZf__QOg+%}IHs&4%%Bnsd4<3&P_kKJmK4}|k?3yQTU3@M<#wxOA
z9PuJqkW?cJ(Pp-0DMiNJ!xfDv>-&)~9|`mR2=iUm23B3_Rx9mnE7V$IMmnu7Dx6jm
zt%<;^--y1+EfP60C5yqB>2FT!rESc;`>xL%!w6<^6^DcbBJwjyiK~~Uz~tLnA<LG0
zE_`bM6Gpu7{IIcvR!%==vPmwJYK1YBDVUqDvhvlmf?sAHhE~!6ij!o8>iVg2@To+S
z?+dA?IN4<3eMt&|OX?LNaz@jhs<|4JHlQlbfw>UO>};9yU{{z~b3W*btJQ#<sdyV8
z%u$W%V~PWdVobuE>SU;u(v)nW3brgnYtAp!BiwoCu>oqTG@%)+Zmt)XN>a-<*9*>i
z=>)9t_goUzd04(YG3&T3^e@$q$@{qohNd%i7Gq{{R?qpUSyHbCZpxZ1J)PAObqUDy
z2C*Q#vYfmgBno!v!l9a@#Ujh8>(~ovfz>#%E&<W9qtL#}&UXmMpI8XhQv~DA`8SYO
z=)C5=o*`f#Ud15-8oH%pM8y%p0;DXNeb;Gd1^1ZLsh)%-`}$Q`gMLknL2c31lFZbx
z(26Qpa&RmvQKtO~7N1pN#kuoIw^2Ue#oMYmwfPXwp0XaHe_zlqWZ9YEaK>M0&Yg!H
zqHRyrP<*h3t_`^ta_mH5?r3j4@`VghFg~YTHapV>=OrhL*d_ED{TVS~tk0Y7Kz?{r
zQqk&EnW4v?hX&rli&J~1-lc<PgTX)d<jb<Igva+tY^=|@cR^-z%Kn4QRPki(ny59g
zZSZRuzJE=u=T`yN8$n5~$t^;v`PK3YSQ1hRk)&KkOi<otxnU5%_cLmZ&?XB+LCVWb
zF%34ISZ*UO`U72G>na7s(?#nYRBVYRojSHsm1O0={Eh{e3UQ-VskXG|pVKHxo<;ry
z1Gb84>#2HKB~?D_?(fato6THb38B_)r$CKbIU9pDl}c3m;xGy4R^D(Wu*zD<Lu@&?
zRYPx47%n(p8=R#euF@zk3hEmJ`R>uO_Pi<qSHbywmxMfFMCpVfaTffK5Tv<LwwDAR
z47Z8aQ0(C(|BPpW#l#WJ5fh?brTv+{eXHcKN%NV-7qfsI@;Hnea!gS96lCBCuD&?B
zSCl2<f+}me&NUM3UwG=R7uU`UhKpEmTiJ!@Tv%8I>sfFA@3zz4S;(k5#!A%0L0~Mm
zx2w$F<C1lZ+U3xwM<7$1aREfshs{qPkf(%8OjDUThqB-Z(>Vs%S;xcp7E?C{o`T?C
zSNH`7ke?%YS14qsJ8?W02PyU5d&mrvQkvYnmw*Q=Zc%u=yu~XjCM*)x%Vr*$vf#fN
z^-=S8ziAb1Sz&_WvRUoZ@BXLm(Z_=x`qVu--0z+pemL&@?!#4}sd5b~UIUx7kEBku
z!lgKM63-j8(BTNlRdS-xLsZ-LiwS{XPsnBdQ=uiJ3DJ4fQn_Dc-38FD93w0WwFQ3|
zo00t2tiVdsK+MvmqR?AkFaNBvO0BD~NXY;@@$@&4RSr1UzgUEZkXZyA^9D>zP~Q~q
z!#Mj^oj%ej;5b+%(W#C`pksUK{7eX=$ftis1YN1n`$>@fqy6rQs`8#e(!CLrP0q`^
zq?5p?+)FSXNW64oyg2EdSV2<I>D%s}bt7S33&s{f03g<q#SVC&ul>?7Ucvz$>JPcq
zOX_SOs~kYFWW+Q#HR>Z4x+GNj^Lr3g;);bA6^l`opjUYsL1x}K^uK=hL@p8w>0i_z
zt9O*}`ZhHcdt|^|(^-Y5Q?^X~O>%45O|rnrsdB5-kjj@`5|_`8dZ?vxbIPA~*dNZ~
zbTgl_dap&08up74q_$NTDXh+G+TsXD863Bo*g&P#09Om937j0Jsng-+T0oeiE8=-7
zWiI5MvNPU+M>2<mozMp;@920UY$Ho&0mCpXCUF8Q5-N}9YT+eT*_g&d6O6i9loC(Q
zJ}z+;gTyx=Y37tju?p!r-i6ClEV4M?{5!AXY?htrh0gX@Yqp?ts-Cc&J#g_!TZsm5
zZ{B;|MHac6Ugr8^s?Z89Hr&&rnnOK3D!c%O0VJ6UZ#tENmWqh%zC##1J~wz4i2o7W
zhBz}kT_gg?octf#TQ9QtKel&X?mou<xQoXMefS`Za55nli%oGrN=d}W4!UeNE~xKz
z5*v)hlnCr%fjbS9+!oe~shBcrvNJ+{Er=(izB*iB-^D8a)HU*{?-F029i@l*nl--5
zB)V6na4PeCNeHL8dc1t&mL3nS7Y|OW$P~DY3bqz1z*bPNtkc!DMd%voA#7(Y6z1U#
zj5yPBM_<0GyX2oP$ZW&puCxr~0a&$~hd5)h8FY=fk1xnjc`UuLb7B@<IVbz^d;+O}
zn_X@pnB@)H6u6QG6{xCe#NF)VW@difH^+K>R{1Qj|7Q$QTeanZIs1S6`F1w`*Y57~
z$Nm3K9!qObCIHBFcHGTp<(vC~W!s$DzzfZu*KcwAE;g6`LHBVm*`B+kn!i_WHt{Z?
znyf?tH6W(rKh@Zzoz?8Tj~mqD&jS2EZIWG|{m<q9ySwci|KHwu<o|c^)ZqWhv$aKh
z5zZhnQ%jl20|WWWCmZ}vPyXkO|N3Ta4=G#v%&t)Ead4~0I@?v@huRIQ_JPW!RZ9xH
z!+`oYobAW^ie}>h7LyJ1lS+)9@bRx-Aq|N7j=p_^HTubPPlWz(jRr4vh(EOKFH1Q3
z{0*%Rj(%Hcqidyix)jFhc9hi#;6_C=4|`Wyfd89R{|oB@=kWinmpeNd{=d`Sd5r&i
zCr`nxp)u*t8a<o$!-xwueXqTqR>`t0uPDt*ejGM!Af%vcT)=?D6u>mIsa%X=PFl78
zOVB^R94>YPFjxL-XX$_Y<;(3y`oD`OLmpY$FQe|B3OKdAIHo&V35napTbtt1{g8QV
zzgkSrCXkmkrEGINAVWD#F$=T{R7o2q*#}Bx9kbE`7FI~7%~>xkZ0B=1Jki`b^{#So
zMb%Sa0*8zaz{|LMO@s(6#F39I)j_Y@uU_gG0*7NFPT+N>JSQHJjBXC9O|ckGj^KA8
zwjmTUk93fVM*SU#c$Lor{68JbdVw8a-u>_M=UW;6|9ofXG5_nGJQ-$LnD$QMwqpCK
zEOx1#p^WX9M>PitZ`u9hhY}49#}Am>vv?Rn7OU#yx3rpU?S<-3r{q%YJV9O0V^@g!
z0~YzNm2;MBj%=~#<VE@FS$>EqN1vMM6q9<RkWJIwW?*8T9Bgdgo&}OCc2E=2D>l-;
zLFF{_CGhBwia22wH{(mY7{zI}lHup2{Mt>&8i@9Gx|@vXu`JM*L9F&p-djy=osiML
zQ8++@c|pjgL`+D;5g&#)Aaf88M1b#nFTRgwf&D*k!Mz&&PkZ-8R{y{AeEa3&{(l!w
zhL>4x5SgQ2+Oe?8mfuO_g%inWR6#8>JZ|`lZ1^F)q#hX)w}VF5<C1483;OtE^mJ(S
zY){P_75OgyGxkpv%FkfW!*m*d1#hK&8Yaa<_HQy2#FcL*j0-LEB_oh84^Q^eFHR2k
zlNVv+clk$7^zITylIcHvA8~OizZ^6Flrb0~Cr8wezNE@QnXW&B?@^##;<5KGWKqD2
zn^ePxYl(PsXrU?fJE+}AcDFAb^kR4S`ECQD5r_6x)m%uh`@#2Sa$;~jG2?<v4M-mD
z#<U3kkGEtAt_2Q&^Z5VHPVW5oqWyUPdneBl`u_wEP9+|cs0yddr-FslA3H-95(XS`
zGgcs;q#9X%TgYA1m5kE2^4B&j>ANt9(5m*DIs?P5OXdE6JtadYwXN&LDt+SjwW-ww
zi)1l+=wplTx8`7n!i=Aig9o&u$_E}=Gca98KUsr)_1#_DuIyQW|I4%6qOKqC%;W#<
z_R9?aZ|}T({>cCD;>mCi%Z)ja;!l}JQoJ2X8E;~hWF=1V_bB1lVTOt=<p-QTe@T9a
z1F8jI^x5)fZvLS}RKi&l4hekC9?K{(#V$!WfFcnmnVO(XN@U#HYxQHY%l~%Ig8Y9#
zeOHQfE4}~U-hPpl|F<6XKX>!g<^ONh!ar^UtK9~eM^4E|PSx6K7Y3NwBPy1p!6V3o
z0AOvQlodyJIAoD88s=I8dX95H&j~?|5)%QQYR<89-(}8QcK+!2RQ9-y+{3c~|5tiN
zzW5Pf9{+#2ljZ;0+wDjDuRD3ZR)j51r$KSb&GS`}N0wiQ<twwT4*~u&BC*kDffg<q
zPcECUjx+XWLD@JDXgr_h`g+!Fx@CU0Oh%^c^-eAaqm^0KDKy;AS#Kqs&F!OB(<K>Y
zE$w5fSF6nY5frD;tu;|YKc#`=QZJ?Wd~SMJ&yHCZNe{NX^8B&Y3(>L=|A*}z>+OAI
z`v0vLJG)u=e|Ps$|9>ZsZ5mo4$Hk$+QZ8Ht!d}$|krFiRjpF8<f5ENhd)X-NMjT$8
z{`JMq>ga!a`(@Vt<N1rNNBX~$XNmhijR)^F9xQkN*Gn~0EIQ6Rc@~j#$snt*{}!sd
z;(NlnGbp|%tm8~j+Cs@#zPp>n*j|SCE;xV2mxV!*A3%MWQ(utq(l$ReZ|dMpzIM(S
zv)(Y20puB-5*CT1a_V)R0hP3q8dZT=YHS#qzbYtJ<fL6KR%xdEs3KbRv&jCR1h{X3
z1#ewdQ1$-*{N;8#tN+>A*?RQ<xRa;e(YlVOM_K*@%N(?)i}VVWMa`Oa`G9-P6>Ppa
zTNG$nS43q#{@KWAOZp$)llNiCoN>|cY8fDzy;tuw$BQ_DP6&2A!a3Ma0^;%1K4xPh
zjPq2Ny4_u-$W_5iNB3nRZ|c^h-VszjUdqd2VFZ3<`&QUPEm`1zxkuG_U1S7R+)#lp
zZH5SHbpSGq#-0LUhz}>kjXV+_TlYv(>akucrcqX-nHO-%s4k!1)EfAUQh`l@#Ahza
zJNejei+p<u>ZU<ePiEBgI~q}+ikY<@`b~M)ah>J670e@H789(O<(=C#m+4=Sa7uk>
z;9ZD^<b;G2oDG=o+GD9Imf|%v8=MOlZGf|<SaMoF4fvZbka#i~gLHdP+17NKMTS$P
z%Ckpfe?MOB<?q~4S}9Q#R*)|u#D_i=dn&;d33*zzUYdabqE{8A<Vq!QiF=z&l`}+6
z$&q{+PNvL_m7nGoMI8d|0cP0OgBWd528eZ(@&Qy^7DUB@x-Ge%S>AfU5zF_ql3cB+
zEiP_GGFIjPlfv$*e6Ol_`f|fOIhj@4z@<xBrf~&2lBAO5usGj$5}8!7Y4^w$+8j`S
zlTR{lTf;AzH`h5|)Y2q*IbzM!A%CJZBv=nptD&_Dux8mv?4N_y*HIHkf;IEK3@7Z$
zM}6v|R@CpnzwgjB8b$&VouVdcjkf#tdfJ1Bl>a9x{#U{9i*p&OE-Uz7GVpKTI<@%Z
zvg6AxyL_e>E)8|I)p>1hN^(L~x9d<k6@3}v9<A3LG{o>MA1lx_dbzdrJq&h4eYZ|C
zs5O<O8i)yMqt+CEF~2Qu@`Z=rlC@gu(p-f@{c7dewLUuB#{r)((M-Me7#BZ}Sme7+
zbd7$$7g|N=3l7Iz6Hx1PF4@*5$z01TrOvvPSNS2c=`OrmmJv_u6uo@;5^cKVa+6P{
z3l6DZ2QKI+K#(?BC1810np#<XzsGH$21+eH_^M4{)tI)#=*rpZ3&mCo1*2@%?m8{s
z{z{gfI?7g}qJr(;TP@C2E!#XfOSSf1GVWX~iUlPmBkX1*T=~SiOJ@l|fk%VNs``7j
zVhM6(Pi{FjRyM0VZ?a}p$i3=~pn`LmzC(P~veUIyj3Z`qg$-F&P&M1DBIoMK)>Ca1
z9YwY3EXXP|ippjcUpE>|5K;z&WKvKk<#V6X3WRypbNvr<2iy5xmxT&WH2)A;^T=rH
z_;M%2M9o(Ky}LacE~*Mb%kkNpa8=@8W>2naY2O~69e3X!p6?&L{rE0Jc5nfqS26T)
zIMX4KP!pmXG&76il0h^sKDj6ToqXt>y*oYV{nyd?rw>OT-yfXsAD$NX+pNKvoAWw3
z`EYu6e*E$M+k=W;=7g?lR&mQ(dqzC4cl+J5ZYh}acD?&p;C&jFLA8XTXW?*udT?@d
zxCdFC&)<L8KPUl3e8X0=sgJ!fsMavJjkL+KQn{B-&jNMCiLr(Lg?e*QEH%`VZm;*-
zhtvJ@Uk;DTreC(VXa|VRIcCOrG$|5vYmKsKfWM?7pqWRF?H^>O-HEbKH3L_*kBeBi
zc`nGTGta<!DV*Fp`q(==I6d#4oSYwb-<K>($*mv`;@|0gt)#Q}UFhrA552PrCb!5I
zSKi57mQ!kTuNY1>F<AM?>pKFZ)Xo(S21Ub)I63%2xuE_yaS2&pF{vg$R!gTjkB23R
zG&jBnOrg0s*F6KwKN>8&tSes48!qB^uy!}#sQ-0zesJ7<dvtJqcGR0M%FPIGqNdN9
zg$KWSJ93SqqBXj+qu%++>A^1tr{}$c(@zJd=X-}IzaE?}J=h>5BNFyVcuB%N8cgK*
ztG@gxhqHHZdRBp)bCf+bHU-_!KMwx2d^g29rGll%B%!Veg6@(d>z06^zLvqxG+lGB
zr$<YU_Vj46q2^v^0+8B+6vLpEbeB~fnuGPpVv%wSVCK<F;uFqKLN+MT52cEvM@zmW
zHaE%O3T`z~>CGn6x0|__Rd+}(7I=W+yqFUkRD*J4C>Wnp9un-%Q0rrvj8uGR0CluG
zkRRTZRI~=6?yhq82R1LOBr3$YCtsFzm0}LE@CBL8DH~IGf_Y8UnxOXfOJ~d3a@zX#
zu|DQlh+J~NvjVW+2#RveZV{4A`!;Vykj!%mof~hTcz9N1U6iKSg3{RrgHl7KbW=gG
znUZ>hGWDO|O1faS86FLXg!8jWNce<#Zbd`cqS>ZKn0ir2>NJ%ty0`*PVl$n?C(~u_
zj#0KyixhLuLUoBf$UQZLOt9@2i=t!(Iyb_}Ok2w$Wu}=MU}dJI8=+;UttIfX>Mm=U
zbJe_qLamz;bFNxKX1o8psqgXDuVPv&$-EqYF3h=H1D7(XlPeak=;Dp}BQxLy7PMsM
znH>Mk^%^<#^Uz7>wvWH()7~e(6}E}c0-#$KVoM&F=Ais7-liszt~*GC5m|<NBzLBt
zEXG(=tI%{jU$gw4E^qvw9S5f_8Dev}yQEJ}rl~TAoFWg1OhoqrcvWl)^)>{>>C+oe
zqLW%eZ&k3)-w`=i!!Jk4ae)0a0IOAg!<?<*jo^1%8^J=Gz*2y)hp-Gl=CQpRmMAsQ
zKO}!fG$bx+cJ(KtuA%-IogMX%-8P~;sc|(SK9ryw>G3slCtg!iU7XBWfs$#MObs3M
zwGQBF$!aBXTHI9%W>ezQXxc&V$&`h&G&t#B<cLnG=%DsHS`*LhXfg%zTsGc}vScYL
zS2Urt(6=n?vil9s7M{03@iLdaROeCPVnKQ$#Da`x3hKG^j_E>HcE?2PM*c+2Q=-DQ
zHLEJdFbkRIQGfgqigb`4d0qn*?wYCCWChaq+;vi2UM4w6&WvZdiPn(yszmw4%sD06
z9p#)@)su10O&Zc!%rD4n1N{U$x|PH{DF`LvH0G*Y74OQuu$>$c!f+IQ&)n>muZB}N
zv7}0Ra4HBx(OpLYawk?#DgDQv5#iZmDHkj>mRp5q9Qqe2?zK>U(#?VSSu>Yy;p<~i
zhx>b$i~q37_|Lm9cekHs<3F|AkMSSw<hhf`4yF0tA%*U3MFUNz8Btw%%jH=4t|L6?
zsXw3)5ABC8^W05r37tXuy9h23kF`(=(<qh-GLaXOi+d=PpGsPv8+l^!{=V}F6dE=)
zLQoW)SBh%aU!?pnD#B1ybZ-TsSibAIp(rW_kPb$%#26l<QPdpHJw~ILKTOLwRwKq^
zJc`G76p!&J9^+B0&=2`B9>v2S>|;EN$9NQ#lvnxTF&@QZJc{}Iz+*g$|32|3zI)TO
z@5AWtM-50(aTrZkSw`7h(Rig9)6M3xbU=&w^>ZV5jA-!~(IP{)w;a)8^}#0YBy2`@
zBa4S6`GPy>O1XQ^<j)U}56|}Bo_9~*m3wnmcCc84i#bF74SV}EtUKu6x<{qZtQfZL
z<VFLh&{7`d3s+tax3_nCcyiW*&>OX)CY1NE$Oz*Q0gH{Y%Hz6Vlx4ltM1ltxi6zIy
zOEMUiL$q$}7PUb>25)%`-eNtg3f^MtwXCossXPrce>e%5&mz9Zrc)|VlZ{5r^?4BN
z{p)z|*V7NjA3pZZ_ddLTe|T1b<z+b{a(&m_v*l);8i8KV`Foh%y&p|`$q3?H6*r98
zber*Us+ajO#LQ!ene=m;A!c%bSa@T){mtkxj?FE`v8lT6sfrzugUkNgQnZ=h_>JT`
z(4rjpmxaZuwKIjvnYcYm6|-K~-K`2nNsOSQ{qD*9({VoTPAbWDJ!(r;nLj`|G94gj
z?w$uta|i%bw`F-quh*_TlrM1lSL5FM^`ORHt;Ri^km9{L3q0Y?J%O76l*WE)whP#e
z@79Id>A^3D|EvkOkc{Y;g(3Ixm)bq>Xk_(JvxB$Y-og3)alIZSU)VpcJNCDS$NTl0
zroNkR+HgT7cTEE^%hyU$$j@blsgZpL8%8Pz{tfW7chEiE`}Mqgc2=8t;BYuO$3oQR
zAi9rV4v)_2vnc3gL_JZTQ++%=s@HlHdL{co?d{+(WZYxOxW|xjD-Ib~A|-ypA>VtS
zyUxgS;#T5&UC4(ME^LLS&-79dQSLFc-D7CG$Iy0<q3vu)K8Ch?3~iSuqsP#8kD=|B
zG>a>VXydZs1qoZk7vU^m)E6yv^$SsMzVgWi|I?HIIpe>+SpjcUq24g0f#69<o5Ig!
za^W!If=!{n7FR_x=$bNDD<9|*qHAh^`Die6hS^dF>g7gTP`7%_KW<RE1+NG0I~?Qp
z9}(`}O-ui~8SQ=#aoFnM>fMD^wC!LQ3`<yAb-B2Ny1A7ECd{@~H!@*%NJNBmSQ&s#
z7qR9z$5hs|xwxNZs^&cJ%#xYhmMLpl`-LX0^$c2Nsh`Z@9(CSW(drI;#6p*ZNH86I
z&a4BPu?YEuxbhPZ$dHa^2&1@}wPMRQ_-0vfj6F8Mo|8I2X3MWP7gvhFoH+NU%!Mh%
z+FCugCThBr%Lx_hn9B`T7CxmH@}T|hS@*p6;p6GvLAB9M5K>=^P;<h#c$1vK<uUus
z-(3`O62AF6M|!IICnyBePkG$`I|m4s_zLP1`}%sR&5Y4otS2BXESl&VO4>>(7z)>{
z$}Yi%*~invxgd+7)%m--`FH+*5*XD3M?w?vw3kvR*Oc<?>78_Yy?eC*$quGy91rA1
zZ<$m^DO9R511cP(t;(CT>6?Ac(v`2ucB8QEo7r)!R98L`B6ydLi;7U71gq>@Q0&Vp
zt^7tmUm;^)u|i#8ag)ocXNp_9ftIGY!5b-SikrNDUE+Np(keB4C2igml~$+mD`{~h
z$n==p;=i3X#VoB-Aime<fod&d5iO=?kULgaj1-4s-a((6Ev>zC{)|XCYe|mK+(1pO
zmP_>v5k;GS%%5(>9d#*J$=y)DZohh2&JYvYSi;vbU%8ggWp1uzSpmKW%}#-O;4#Af
zLyfRsgFQdEG!qZxR;k{N(o(CM9@65gIp?Bjp-ZM^7q(ywk9i-;NouuuAM#4+dC3ck
zYShVIkm}x6!DY3^wFQ*9!pTx3rJGrTm>x(DjRFu?WnxHu({6Q;c%g9g>07P1uK1KB
zZ0NuUO4Bct_5mv<UmmCI6wyxwmkyxx(k`YoFX!sy{IHvz2fy;fB=!Wgdh{`$#bZ7T
z^c^R$SS0_$<uDHCzEA>)>iiE|?X4GE`TP%CkNF?&;<58TT((U%2NgYeflLnNQU6zy
z%VB=Dg<KT)J5Rk}*rLi}u;)cmoH{&d$jwjx?x17llSWF5QE6cxEM`zIa5yGH={R!j
z*(nVw)}l0j!OnNb+#a8~&w~6vB-mXn`Okd*|NO=C-3<TV-rm`L<o|c^<nDqB0~0B8
z4INY8Vve0RXvnZf_%IRlbS_j?I3>fzB?`W^GQFJ50#c)S$Ow~d7hYx?JYv{=i#_ZQ
zB_poUw3n`s?IiQLs=FSDsi#sLt^+c!tZLN|QU$YviT9!!y~lf1uDj$*w*6z~61nNr
zXx=wPv#rM;WaGCZl}P5b5{cw{O9w?qh16SjSgBDJHB@5NFi%91$4{Hw?eWS(dI{;S
zkw4S*ns$MvKA5NJGu2t9y;7J#{G)lD%_aEUXzZ`GMAbt0m-bhCG3LxOW*XKc6Gj5{
zExFbLZ>CVH$HnB{6$!ow<;WoBSaA!6|D>jpFZQ)8N!Zd7HHvd=0jIoUO~PXG-@>9F
zJoDtg-QBGG*M9!|QU1G=XA#NH7?a<YXqRb!rLtY7?K>3iDtf*P=`Pd#%Eh}(`}Zi{
zJ&JaZqTQot_nnA#KbB;tv!~woW?%5kmH(Ux@uqa_vyd#?#~k@@Yqy=1|D;s-DF5BX
z^8}q>AxP+RBp6cbtZZ8b5%pZ^k5Pb!7kEs#(|Cf;CX^!{1wibGPl)HCvBw4~Lo)Tp
z8z>|m7W9&U0l4)Z`)=b2^2u0P5U#1{fW%ez-~VIXK_7f?hL{gE<&aQ7LgZ1OI1OjN
zcis~$B#kF%4@eMw+Up^ghP>g7sn~@7tKm1C!C&Df{NKEoj5p=~%%A+y-%J`B;Ne9S
zAg~~7JahO}(0Jwy@I~X9Bc?&)+5gvgf<EDpvWTO@{R7@`f{^{23`N7CF2S3sT*&_Y
z5b1l~Gnf8P54!vB51gsHd>@tczrDS?yPcu`_RIFp_9Ok@#q$K|(A>TMI%+gNCx860
zHW4D=oz2awt1H_9l!fEXbwoMBK4Jq&2Q5YN%*S5hU^>M<9+Rou4Ec-;GDT}2PWRuw
z@2x9>$37y{V1ha2i1`StSUDX~kBS+HEzCzoQs=E9n+6`05|Ptr{K7)?Yj*<$9+5q9
zLeOV10pq-YCF34bF^L9J#*R(zHF}GXkWIBG7g*)DCV0Kkc=80D9sRHU(?+A;?+=;J
znMWEwA-NkuKM1=n(v^|vQnl~s*LK&YD)qU*o`<G02{jmhegv{h7{Q@0Lgq$83EV~l
zm@jmJ28;<VLL6{}QQ@i;%wGT7(pIubf9uF4fyZXBTFjSC{v#TY&?ka$)nsRL^CEub
zP_}L)L=<tkNr(wSpMNFZG#P=Mufr$nW&_bE5ju^=TMah_FEqqH8W0q5vl~G7I0$&s
z+J$}tGg?O@7TSZB2xDO!8zDIsw5Qsqz8NidkOjpF=4e2Oj|AaDxk_KL@IsB@_}$_0
zKhdEtLBuz}5VWOduz^NiM10{wzb7G^5-}kWAhKYA>>l9p_8%vw=@|qea~;Yy*Bw~j
zlaPQxDW`()Mx%uiu%ouq-u}7KQWM#he;|qX@~`L4R%<{6elEYCd_qCUE~z|ClhAC=
za?WxLk?)ewo5>}j{wTy;gwaq$A<_5+*k~3Iz|}ZoF_y}g3RD0R`KQ5J@Sg4`Xx#4<
zQOW}7ekS`;@t^d{a*H<sXeY!5kU>B_Q<Eh;<rpBBo1o7pIK)#T*Z+^TCqewjI^qOq
z3we|a4$UNAk(gj%aMQF(T;xWf0w+vOb<=44Cwlhmj0Vr1b<h#z0?AqHDRWIDeE^B<
zN>TSmpBBMiE<j{HZMwuGg1~1R+7|K`0$x{3YUF_&k}10+9GQi-LCdBA^NBAw8bkt}
zeA;`;5$2o?DHeuE6XZ}!=0Q~pM;w@nHG$%Gs*p(1%uslyk>GNOS}|PTWM?PW;Ft*_
z7hzx4Fo0DZUr{e<DaJn7vJmFzig=!bPBfMhG{lhrp>IG&QYv;CEW6O88{>(B>WFzB
zyMhk!z$4s3sTd;%UJAc7o3M~P0jHP{8pb$%snkV{#x=@6@kk236_vlyvrm+pfFzm~
zKb2$M*N~{H-?(lq_AFZdKA)S8^}2D5`Z}Bk1Wq|6W6DK1>zA*`J1CC!L0&+IvK9(;
zwVSN;>Yr=W_o-JpmHG88=u`$f=_fr}ben`#VV5KfsY^KO7gSzf)qEG6-EBk1qyj32
zj)})m0-d<>e=q2eR3@W-x<^RH#74*zGTujmNoav|YXQ(W+wl|xGacL#^llw@jMHH;
z?qGLH{TKix7!)^g=NNQL(9ufj6BdeW+bQUPq;JE-+_uRN_eD?kSZ@V7mXTr>d9KlE
z@(~zMG49xQj=?=)&nlr4hf7n;fETx#-O=N{Tyr1Eg{6Fsu#a#U;``j>uTlT=AAPju
zGQz<d47;w13WtKo^YoBGYpsq##6<yfxmiRTI<~(~IlN=&=;CN7%PUR8OdeT>$w6DP
z?E8FHf;%dHUN}z<G(B2;=OK%N3OY*1<xsW^j8f1E7^i~GflmQ+K;n6b&o%1jbubHn
z$%2l+<2n@!pd;}85>V-Ljrw2Dy6+(B-?t@@$AV50nQ~Fw0S*_apq3BnxkmlN(J>Pz
zA>qW&2`BUGr=e51TbUkvI(p?{p7}qp$8hCkH!TY~kaB)LcoXQ*5mIUDm97Z!35z@z
z4G7|-Qf+c)&o$~pcKu~{Er5>Xsvoo*H@Bf{)Dxhq6$}M96cl^j3>h&H6<CrbMk(r&
z3USrI8t4v#kOV|2=Tds`RS1qN+0o53YC*_`j;y#GWbWo!33QaN{s{@EluIElj!aS1
z?ln440d=WQMG`+sUkXf=L6&L}1xb_fZ3Gq=xikbTq8VC~QsfZs0<I<`B&i#Vi&yeQ
zVgdyBLI2wy=|40%yA1fr6$>x&*tQbN%0s6@KD<VUX|Sl;trR34h>*AvX|NnR1@d8i
z=-j`MXi0-p>Qk2t7K2eGbPDCe`p~(5AyGmHZW)&(txD(=%7^u#bN@o(HR^Z0D?F<d
z;Hv5uL#H%$dLLaQh@pPC565!JL^JGp4Q$s&cnEiOoJ-zGee@w9es4lY0<jQ9)J2hh
z;j=4$14-7TVxTl}Bv^BGN}y}h-&%gh($L97Wvg!Q8vTkd)!t$xO$gygTu|zOi5uKo
z6YPTa*}p`WIJ_4*dL?_7ol&}mG^ls<qy6qlY$x$BpA|x<{2C(DV~slrfLwALabM3$
zq(PH0w^lRPYU&?PkI;aOsqZTb5FoV?3#Y2N&-{<h=H`TP@wp?B>yOO==EU_s|DVrT
zh>#8<LH_vse?Ide3*d*!1N_GyfBbP1Mv)uqs-UA1s@FM%9-hdfZb&$n4A$3}B%z~-
z4H|Nm9?}Y*)j=mHxSc8P5gZNtXgVOFv178pA_;8Be4h+~*6#ILA?`p@`&t?d#bclv
z?;Ca_0n~dC7?V7!gO2d($xI1!+A(C#j(Ujr!*F&hRyfN)E2J!N4XA}XiGIiEW|*>j
z0Odd$zm#Gk@F67-vT$mQ!S;`3p#k;XrH8u2vqH*>Mhim+2M-!JE8Vl=JpOaEUtO~$
z%Nc{83c_PdeV&1l-sV-qOONm-&&r{r<c^94ufc9sPg#{V><3Ur*+Q!CKLfVlNKA+?
z%+>oHKC6R{l-Bl->rmDyW5Upilm~4LF(*^NAbQ^ndWF!TzFQAE`^QrHgZUd~BA60+
z9@w*5=$r>xTc)BO&3QhJC=U@(D}hcyNU^F@s6L}xwU+MwmY<cJ(QW8Ne9mF3z`E(d
zK6-BFb0<|+KMS3?v{hyM_0S#zof-_IxPBHo5IacEzwl^rjgIvJbff|eaYJJd?iyV}
zr+s71X$m?se>e%5&mz9Zrc+vARVmL|Rx$9Bp#n{rOB~eoJa$D~eHqt5edhN!WEWE=
z$T<!IZ)W{{6;eUu-yR!cPv7UU(P%|Fp6eSnmV=HTO?%1A3y{dhofv80A{4I0C-{=2
zU}rauj+r1Gv<HDz(14(ENU%^BseTm>FM0M~iPqg7m0Vr@`xqB#G_FmoUt|@9ql1G!
zax#iM*y*u*iTxpQQ(GG+LQsEvXC!!y`qSCDHO>V=1<<LhQr0~#Y3uIjBM6k8V6N3<
z0&8jeg3MAz;IThzD`Bcv6FQtAYCQWaxvR+kKpkzUkQH1y8j(=@lE#H4Q5Ph^F&zOl
z#6}cF2I}eh7ADMVt9T~_&SEtvCDG!RzzztcOY5LU5c5IWRIpapV3Z>wf8qGr$XI@?
zOdGcnxzd8J{+072uzRfVDNugLa_tMTf+|xk8wsedVLQZ}Bp(c>sSb?W%ld+FyGG|B
z_FXnb?Je*K#6w^%UNFIaG$kP&YU7*pI?&1a=FEW(2u^E5;L>vSedf242`vJrTd}9N
z=C%|9WpSt0i7f-22P;;t8h3JDZ$&*8`N2KRXT^L+LT8^=o^Eo`K`sr^h<WbAJG)(@
zenB*hK3d~)16P{^=E%;Q5+{gUPh<m??YQRcM%SMqsDg-pNkisC_=ZayQsqQFV-dOn
zLspMo5M{^7b({sYsWbO(HZSduvV46TI-hXJ_uki*oG?;J>Ck%|*a^xW4&+u$S%;80
zt{aZad3=hpRHiu%4;+r8Da0;#D9^1x=Qr$?GoKW6<S`UZ8=!CuvCpxNdcp47z7DM(
zI;lLEWqxp{kuT_!7`jS=Iox0#xAUwRI(8P*Qrt0xD!{a+ZWPs#Vk*yMEG!Pea;sjI
ztAS1~zip+w17?ZpU})vjU3v(&_$cV0HEleuWO{qh>vQZ0C3K2Y{FdTQl0G#K5@QEA
zNo5g+kb7uNX^1`)d3I-3MV)u^%eB7DPPP)<DNF!d)@C7eObc_sbjL^Z6?vH28DQtN
zb&d8Z>`OSDN#fF*x=u^G^gwRqSs`>j*1I6dpF#yg<O>-_I=GU<|MY-BRDR?8gxd<C
zQ{#M&DsELdc*jxVBI+*)@LPLUPgzTG<qUb{xp10zmtwKY%x>k-nQ!^5(=!8TGGI~e
zURv$UiO(s-wx#}vg;O2LRzWTo#ISUYShzHBR{|Y7mqHDzc`GiQ4$%)m-j^Q3?LF71
zA4e!(`p!8OLS=rB*=Q^e_qj&>-JR##OCwJTIwq+49D9WV+=&xGJgjG>lx1a+sNy?z
zqJ_*gm~Lt5;jH+%M*Xkf`e?0$G0i>WrJ$3}-%z?|Ws<PaQ4ADdKa``sohjiSxAc|b
zPFX&QjQ?#{yIa5pg+qd{wo!l!8h$yH0J7n;iis{aI~~dAX1Ft)5I6EjSbPVc?eW<1
zK)HCuQCuCZF)=aL2U=fouW_<ggFBO{%F|!R87{W5Ga2%Y8@psdn=ZNB<dZ4<p+aP<
zLxqPg$r@irC(K>rcLuR*)E8m2w2567I>X77xz#WN-5|n3JC@1{=;h0o2AN{`tf^!I
zuH;Kqkp(21Qf7jy2ii)YW8df0x6ia{>FCBMpZ1m=$L&0;hmJO2+4C@+7TegJgzS>K
z1fts;bC>>!X+tP9RP{FipYBeflN;+QG^a&(f#upS`4#lVvZ$KA;ym~PN`r-Wp|$I0
zp~Is=6>Q)X8V!<wA)4K2_{1=K7=XG){buu~ccCfh%nQ(W4eX_-1M}_0f%z<nS%d2S
zpOsS<9u5iT@0nX>@}i*Ag<?pSd$6!k(%>n<?r$L#<byvX3tp<{afkjjFV2yTJE!E&
zh;Z>hA#{!UuinvB;?BI2X#Nzc1Logg7Ps~2Q|R*b)qPeb=VG<2Y(odUy%2WwwI_yj
z0y>OaNH`qUI9dyd?~-ugbIwhll|V<Q^YocZdO8PQWy}c4Y*aElz@31}S#vs8<|u1c
zng!MJy`8mI2^~Bd$<x7{kg3<GtIIun2(1!2f_WsIOIp|HEH3xZ;j<FkFM~TZ`ObR`
zd4zD9{a`nC;^qPiGKxG-?ios}#2tkQ^YuF#IvQ^tC}8whR|lPdxi$8!8n_cMmp=g5
ztQ<N=^U<docODF2^jKF2oscpJswU4)rApLmbfU}YLzd;FL-23{?D>JfXC>z>4IQu?
zJ@l#AGm+$qun4s7RA)L&2cCOyh_uQ*3!tNPSMOQmmzeUTprg-IptX2#u(>tpRNwYx
zq4NOYV#c~U=y2+iAuc4RRF7TPm9Q`nN)wib&hjH#<+D=g)H21mRu0G}k07?Z6H`~B
zl1sl=cQ*I-tdc9&Gd8GzPHb!N5FmqY2|B|{la~tU#1$V3cvf>4>fuXLQ-QIV1_N5Y
zzsus4NP`MG^%NM3YcTE+LMwz$Jq5-x8jO2`&r0?zjXSjz7z=7J_`QN@g}75sfl*(B
zale4kV_g|^>M1am(qP;dX{{DIH53?&YB26~*IFfXYAG-l*I?Z5p0z4@r=9}iMjDKJ
z;L5Aov+5}@ZlJ-qdnCFY=v3d>EUv-0N3Ogo=+skS{CFA+4V`+vB#US;da~i=2Y2IV
zg<QF&w?thH#(hHu-41lB6&Uq37!LqED}+u>yWDH^+k_~Sc7{|r#dVWNeYUOcy*?|k
z$Q2}<QXdWl??OBzCnTiI?U5n#-5iq!-#+;vX23onuHwkL9fHQP8I=L=KA#mu+tp@B
zb=tW`dnX?^-;*f|XR!ej3YCQ%-}LB|J{ZUAYox~6LH+IB7w>6*Lk=GP+A1{0&em5x
zHtEb#b36gGt-GlOTRQpjAWU#G&uaW6GSC_EcOi>PoQkgze6&+>C0V#0*mI5g?X9il
zL&_FH$I41p)MGYJ*@Fens-OdVd3QLJ=cPH0Bo<{U*$=B~#+BN*it5&MEKJ{<f%#=5
z*c1yogk-KNrit>x$&4Wtm5`Gq-Mm&3<-2fX<vkWeOijb-!91&ppHDA|PdGmb*<h{@
z(lz=GqMFTEq#~PPl&Y_dbag9B4{RmRO1QF5#1#uKRHDfF(9x82Y}Z<T2DkaFCLeSP
zI^Y9)@I{c&#|2n<jrN)URDgs-LxP4Lm8S^MqXMJWX}Cb&e9zBq;LaC$AfQ6B7argt
z;i((aYt*&<^+6SF3aDT+s=7Br99~0=Yt;}Mg=}iVE&F5TnH=KLhz`-vBqBE+%Bz9S
z&GpJ@zC(Q~DE9V=hi3(+iE9L3(146sNMfFY0$@6nBUNAAH_uUHeZF<0`g!OCRi`Z3
z<FD)rv5_DUUos#eWJQES7Xau1J=dtcYUl_$B`gwU;DIx`Z$U$r=ZHlQXeT$%HQK#d
z{XBF=n0ir2&L$z@6Xs<%uWR(4`g9siCHs|9HbmIbl@gbvz}nqqL8^RgWI5s@JQ5^C
z6MPBcQZyVA;u3e|-m}-}#m(yHp#y{Ed@<<gO7p>^3yvZ$4I&M;)jrp#eY5&XgMnRI
zR~)?7F>WnsFkSxviGwTI(KFDg-n24%R$TWXZdxnhI~nLyZ(2Xxo|S=4^``a1?O7S<
zRBu{8+@6(zPW7hs!|hqZ<F(V!Cuj7tqh5SSdZ6j(S8_&|&<R2^B4G~_UhmOhQevNy
zxzCC?(U~=6y{8;NHiYU(wMcw<`V4Ur)CrWWaIk-R+lTno+-G^*8In-Y5v1g)4p(XA
z1n~0-m8@8m>cY!z_XhJ^?pcX$&_L%G>XA8FY~VgCnJ|P+h6KJ3@>xj?6$71rklB0y
zrJ-{{W)B!bD}~Npw+8lHqrGk+`Z(xtBzLMy>JoRuju`^i5~*}rXGguwUhhcrAC3ky
zbDOI3YflljiE`N-cQ+#}3p$}!i?Gl&lI85&BRB=DQ*vpNOdL^uzuVYKpfe>Rq{EuK
z`Zeka914Ubo=oNL6>&tq$PN9$-S@3zM>o)^W&QQTMi8E3*JOI^2`uQ)vSnf+I%d8y
zhMN%Vdh*Dw8@<<iiPd<oWpJl5LQ%@*6lVez>6Q{oyI%v#Yt;X0F#w0MO+E~9Ksu-?
z#l+@D=Bpfa2Q^=}U%hO8>lZ_(GFEO;jNFj8l*gcXI1zJi19#ptp9&V1Flm+3S4=3F
zdud5sFp~zQmuf@B153C!3rL9N`@4B=gDV^8BsR&mcS(w}j3)^kAgnm{oMpjel8L&M
z57{Lg*9S8jaJTWSCJsh1bmBYAe!9mGfrd?7Aj$e!ibVJF+$LpFUy$%JdzXHVdcfF_
z`3y3$HnUN2O)ZQtS)q8kj$}uGWVid=CUn${&XgXtpY*7qqZO=+07qB3BiO7MI?3*K
z8hK?mH)*acnX*Mr=@$4sGv(EC<qULg#+9>xx(~LzQm&kVP8nBDnDNzwgn5LCjhOkw
zSe+OP!8?AgmEsali8W}<k>wm!UB3c4p`2^Meb#6A@W<Ljh=6xCH`C&#%ZA)~wdr9&
zxY$hP8r#I4Jk|T-b7*RF-Du|(5I4|pLWUPAYPBLy&_m*B;4P-iSWOTW4IVnhW8#El
zOt}clf*Pb!wH%lu!=bE-Ox5Mbv)bnx^<6f+AfZFq(#Oy&bOOfZu2l@5D(E~k72!4N
zXJd1>%o(tj+e02Y0*|W?>E+N7_#q@wjUUOC&${o<kGt;=mf_9?zzHJHQznE9qmHbK
zf(K)SdX4&rqhlscLc)nZKfP0~elc*=l}(Ambq`X|&1`_E`<i<<G0i?k7+iB1QC9QV
zbrH>vTd*YVall-Y4kQJgVZ;TSzE^*hn=4!5j;ax>E*{#mQc>AX1YV&yJ*Y_Vop@d+
zn&uj5nlk5^8van_eo(d&?qNJD)}z$$_^I;rd1&xiiKmZ&PA%){AI@sJ7&;|}Xg{0<
zS}}A=4AFi#3$$YBlo+D@a29CA&?zxQ`{69m40LK)PycXM(<RU;-n722J!^%0r<V2f
z54&g8vY!57_pDmh(?9H<Rm*z%hugEFz{P^}M2H0$&yPj>5sD+O%ReBsQudL@a4`eJ
zk5lG()E}#{H)|^7R2DBDI7;naC%OsRQ#WWQ%tbwOPJfu*-zzzzhXXvU4W1Y}r_3Xe
z&Q|_-OMO=o$eMNschz-c??lqp6$>x!E33r~q0?v>m7|Jxi9<Xkk|C)0S(1hHTP;om
zx*)SRaFz3UBmVhEAK`EufwD<3)SnP<im1;8_PoA>eqo`x@7ZWH`u)D-K+GeJpO9S=
zO=qo;cm#8Tes3V8`b+M<PB7<JEOg%}m13a(+(=67V}S>llQ+{@%hkW3DTMNgIpsha
zjk5_sc)%_tTbxcIYcXgmC&boJ_f55a98SY@4--z0sP9-RN^gd!(05@RVHA(c$5Y~>
zzBSao(`a-(2t**+xHsEC82zjJ{s`=f)txSfWuk;9nP4q0Z<dXlyI*62jIJiK2@Pqp
zq{9gg#Zv3j8tJ~B8J>Ej(EU&J?AaL&o;~ZJf3XM#W!y825yNMzoj=yBKh_(KCr{9x
zebWeJs7Iq-xI|#;aar^U`m7lz`qV>*(`h6?11a#>y54lzkUM&~&X7$vlaPy>6L!@S
zY%}s*5^{lkw-u@eTe6LoRdT)2I0S<WE<)yyy%`FL#2@18G=FlIG&KZ7eP!$GMi4B*
z*3dfWY(hCAJ_ng*#-dOw%Ymd~)%tLP{c$#$4IL%7#sZJQ3<P!#7hO>?NyWZX*AI=x
zTLl1R0$|n@BcEI;oKP)DP*TC|sFZZ1i(QhC%US50vr|m{q}&GLbnJtjw{J$xHxLWa
zFr+YUbQyU*3Gsk>R7h+FzZ6HU<4FRfVQ%>+ETn(Qjy%MNSgwvFV#@WvsXz207bvZ-
zkg1ix9Pp~Is7cuZ%rsVxsHA*0P0<hwDe;9`(4cHgFz;!AL&}+NqIQO49C<i2Ls0!X
z85*EmjYJ|e!L9+NAq?irm1-G9x{k~z`|L>Kl8f4C*{{vPy@OygX#8CKQJ#zyb+*uP
zG#!vo_6*_wcpU$)tP3c1Y6_utrjyL)ZPQPW2*hXpa1t_~MI3l76==#_Qrc5ed=E-@
zP?L>D&1{cF#r$S|f^lR+V55Ne6D(zAYgjd4>_^jHQX`q_R%Tpf<=Qbw%B}zHzB4`r
z$=c>VB<p&{EGqG4KqngEfJioCv^UJS-)b57^wG$}W0gJHl>&kM?#E#CnItaiD<)-a
zkqN(YP}k!u-$x}mve53&B0@f4SH9Y!HG9~DJ3soDWKTK)iDV2al4or44(!&f2yxR?
z+h}xEE^)yE<dI9_fstJZsu~<yK(oQW$xvtmPM3`2aV+*NgkI#%J78j>(=Ne4R47i^
zRb4^?66#w@`WN(Vdcq;ebYwNBcxt*yFvyk@bLk~@Be}GC<G?D`sf4&-h+UE}q%N@~
z1nQ@!o1G$OiY^NK)v^Q|l|<m>P!=|uf-tKbZN?F4xyB7WoT1!y<fyN(U(&ZavP#xC
z3rO6K!eAg`pC|^+iE1J43T~X^;b=GjCnuNk4Msz`yUSfnf-wdaz(FpKUOYY4bOIfT
zuc?5v@e;zI1ip~67a0;4BB;tGsaybq+G>Nhb4;s!7Kqv+kbDVc<_Cj~H$y{$T+8+t
zq%CUh=LH@og3%-zINE+libY{TD*H_-$84_KX9CL-CZ^f6KxvhE^H1kr&j0Njqz!_Q
z$-@R9FlX|GBvufZ7-Ha^3w60tI2-oJHL#L_Ig+^1CJM&qlL1zLNv^^X=9=)|<3P&^
zAkr%MK)2e98gRo9s-m5%2~+-S)^;zOm14T<Dh{X(5R`z<P!qb{%nYp=Gfa6zl)#IV
z_G@4$kwhD0Lil)f4<8TSNEVhX2Ewq2Yr*>KfMhUWvq%=MD4*#3F(Zp8R+aShEyiqN
zK{DNxxNhNuvMF%sP;BUmLp&wk9_C~N5ohe6uT4I|A#vYEl4N<agPOZrTkqdCzd4P@
zp&v&{*MQ&zF|fAh$>`N`5~1u1RX{g=fRGSW(y*k?Nztluy%dxqm-z$@X0k02Pcl^_
zZZ(DX$4n5zN2z87DQ+yT6#t<NER$jU8k-?rwdv8M4fhz92MP$3rVyH?oz{)8*w0{G
zztK1x0bpE+UZ)r=Gv`4Iy-SxGP*UO;1kp5@F(jeHKMN5o_#2{-z=xAiUkyf&J)sZz
z)^Rth=%R5pVVvlii&BQ`Qh&TDL4PF=9C`^2u+sCixtTgVoVzsa>!Hv~y`p-LUD*Pa
z6X7Cg3^qYaAhTH^+3b?IoWWy_#)s;9OtMgnMj_!7bzt|0L@8T7o3m$vc*!O-rb6yR
zasx8kkN&r%_NG<>#&x}mrG=kJNfa?-=EIN%in-JBp*iT#M=W%8MD#CY7zrIkLe&SM
zZHA^17i!s+P)R|Pp6F80h<UP+zCv?7X5x!*7BK3ImK=jSaNNF<xX8>1S3~CWXljhF
z;w72Ssx$LUVYBS3r#@tOvE;<J!dGJ;D_qpWnuCq0k*<=pBE<y5l3^L1fjIFw1zM;6
zh=o&KDjH6J)r3-vll8fj`;3~87o4L~Gci#)l4)ptqmF3_M99H4Rmz)vhfn$&@}EDw
zK5$<6>5TvCYvNK$dI>ch0Y<I%*-@|2I6Laa0bw*wnX7msZ3Bi5VqPADUwGW<+grO*
z7J|-Fx$SEek&=@~OpafENFURT?}TPXvEC#gp*J&W24si!Q0=jG<heK%7pG%~z0p-1
zw6A!oa?w<ZZ&R@#C`xDf@Fx=O3<u|q-A5b&p;Hq7p{$}Eb)!=nTq9GzVF}coM&lX!
zg@#;g7!N3QB8B+?EvjiGL0o_tbsC@tx3s(R&x>e4hQc!~=~l+XCm|iCV9^pDZ|U!?
zmfY}KvfVe%rYz+Q!@}2cQkmCSmNjFMlR29Ze<LQLBJ3(2yGkc?Lc%HKKt%>^-he7Z
z7O`+C{W6ayZ<-~uZKf)j#Z$%QRMOwA_0>f#$gG)6SN`}<#myv6ODg}AokzzO%JfAO
zPb9CTAYwM_Qu4=I%(c?E#lbCy3#Hw4(7tk_!#-kuYs@6TKU2;lQn(vm#L*b+pHQA}
z?!J7z{d^sTWQ;?&9ZQO&Mk^;Pmsl<}8&yTeSDY1gTg^B6xz+Bg<Rv@`2_lyyoQa9-
zTS}5}?jv6UG8Du$yi=!SiUng(9F!+t3L_t=Ni!%=ud6Jb_Uf#`*#-M{JH~pKg~(&$
zu^f~+x~?Z%hRdV~a7nS^!AZs_#Xs%6uSchWH`59zE#1WS!gx4j3hG)8wgP7)r6kLD
z;BIGzr(WX;9MLm}L#5$psDC;Qgv^-a?-txwb)fea2wpAu0`M9Bv_B<pPhvNa4(fVW
zc*fxy9Jo91(=;q!#VsZyKY@4$?d|6~#e+6#%LZs;9^j~f>Lmhdw+1BwsJ)m4@f{(E
zbXp~xi%}s@^`8?(af!3uy4s%O+P(`iCt8Dz_I3N!%XO34K(@@Ku&GoCG@%wt4XE3Z
zqREhXp85<Y9ZT%Jc*TvXPfH^lh6KOplzJHCO?4EKV%H!MNIvT=&GtFfKFz5UO(93J
zoD!{{1CI?h6$VS`8?L04lcMg+F5OD_lrx)p>smaE!LCmhiK}tO+XP@?5x&I7KO+)S
zDLM3r0??jZ>8Ct>6_oLUgmr)ufF}%Ow5|)KW>E-<tB^&6`^1aYPUoij6Lk`9`Q)ml
zN8P%lxP@B^z_2N=E1v@fDo?mh)hzR);?rY~4X~GZk-)J5iVv9_{TIZC#K$3Jd;?t(
zG{rM@wUXY>MM#tmnFR9a=?|%FN|HyRO~TKu)bn$3sq3sELt*uw5mM`*ERcRKZ1=jV
z-NHUnh2jR2F6Y#!c=^z4To%<RczN0Qxd1Fb=V6t5)hJql?3k_#Udf8q{t#E}MT6GR
z;J|g})wZs<T#s2)MS1j1%`ry3*aAgNByqr4I2sU-U1>6r5}v*gBkC$W6b6+Y^eelP
zlFtU>(Lh&j125SIA~aVcIzxs0X+Z{abVWQbt@;3|q^Ld9)`icmvU{*~KHiW*jXdJ3
ztqnMfx)}tWuQ?;CS20b-r<M}oU&6`KpB0z{3BrZ^uVF^sb{4F#UAIDEvDos+9kl0-
zp|EU8_o=dgE{CJcjjZ9PLatg%FB|pcmc<F*D75)e5YL$l4cU~KsuavxTsj)jVdM!1
zb$x^rRh0GyP)4QZ?#)(|C}AMGcSx*Li)_|am8c8+s?vE_fzs&;&o*+SGYVyViKzz%
z4C;dpOB-Rt1OQthI!Ur2-jWuR3l@@`-I<F8Ho`$74{@YLw0^-QT^|KlOw2rDiPUK{
z;z<a7<V1TOrc)*1!R?WxZ$bhktwGnrka2F^?OU2W$q9U8_9(&kZtq|Nb${z^z=)^R
zr&7Lh8b%WOd=lf^A8St%<XcBv<<HT)N@<T2C_e2Wl}N^=9G1z>a2X%vuon{SYN-PT
zPJKk}TjCL>9$@OsAL?_k?+#|#oB^aU&(mfpe8b2=Ko$@(Sl0PGWNz{4c<w4Ix%Ab`
z?cEV+yD#16TVz09xvz2i1$o_mx$AE2j$UH-_4bRc;p^v{ubmg0E*Vhlw_b0CjENE7
z^yt9CdOmq_wA+5wI@;ZRv2N6yF_Tuh6vh=WHc+4pydcVpP$5Mn4F2@g0bmLT1Z4o8
zw%tS{>Qg?^hv;;ID7cc=r*oY%$e34yO>B(CF$+SUu_*~G-iyX?62L-^!6SfR*)wc9
zDV03OCQD$+?<Q7>!2E)5VppP{JO#A$;bhY#Ll1|fr3cVbLw%wgc3LwQwFYEN{dI-C
zlB1Pn(TW4ZX~mp1*vq!Fi~gtl=Y^%h0R6d$LSOFY>G@<d;aan~PyCr30Va-NsPy0+
zO9xK;5etXJhWt79ymOUSTOYLIraBq(PNV+QJ=kGq%*9pHC&C#Jft@t8({OzA_4lUE
z;q-g6Bmdw`nP~pr?EK!e=Jk8?+c#~V^_$#;((uqg-iS5ahEYRaQH9<AmM{gB-Q9V<
ztrr2#BSA=plpA1d6s=+^+t(YVJk~rd$ruQQ6a-_@1azXxlE}^gRwiCKYV%QrtVm0N
zhiAzNm_;Ip1n8!1Ukptzis<&W4a<;7(NJ6w;-mcTV=lvd7k%Cb_Jcl108;Fg+IXDD
z+lJnS8jTjH5HbzqyNNAQjT+xJeKXuBz?>uO&+LzdaS1jwJ{yUGj(rvqSE(~#L5iap
z=+0H#Dp4?Q4U>?dlMlVKcc%xv^N+oQ(~acM{kPU1C*5A}w-2ZL)~mzg!?XRj=iSqH
zz5LtXx<~tmrvUSlcl+J5u7kSz8Z0DJ9rL(&=wSS%Ou2_faaXpej$W10MF*vh-;x`J
zgoLJCjn%RK82GGQmoW0<%*KG;Sw*b6d{RclItj9^b5@dt(#Pt{KVRK^?HOsK@1QPR
zXbgx?MpURulxJ;cd7^HTqtTLK5;S5!B&mmZD8Skdb}KH)T%Lzqqo!rP&4XRaMMwvc
zl9XV46CAp!NEBRzn99ut42wPl#P3b$NJvOaW)i>HfU}G|OA!k9`dSAIOKh~&Ff5(-
zHc`iVGcb4-;Y`h3=~rfQ1&8`{)G4^aDAkF-Y2rw*=0-{Q4aLef_++YNJ7+kVGB^EI
zX?6D1*-P7bgOpxD?}v&n{1P%_G-d3~cAPC|YeTCK1I9VkmRqrPvvt%cqRu>?za^YX
zc`S25>60r{If+Q6ZWHj>j6g{-+RUZcQVt};*un%F&{#ZGE**^e!a;8_SEltFWerHV
zP;$S4!UU_fZeG@<0!^^76OrtFU>Uc-2AB=9^~SK{Mq)D8-f~_v(r27~8ot?-L)i?*
z@}Gt+6T?_eu$br~M*oaH2ICOBq|rDOPdW05+-tBzP8ORID1#DxK^ot3>)T-Mv<vsa
zK8jRp))h>038}c7gip#3f%?k!FvPygrryljQRBWGbV{ZKPPS#^(pH+93-$AdMSXQ{
z??|y@PWqCYn0chm#!5ySU_LSaFJ`iq{|g7l4(r&Z-Hb|omOh)!<G+sLeddo;rJ@19
z`FwhCa&)-YJv;nxoYXVUHA)z?C4U|bxS+yVuLK?*k_p(PaCBZchI1wGo)`CYo{+Br
z`~X;dauXoJNM}FQLQTp+$7fPr1PpvF83rhifjbyJVkspsN7%)Imh;qZ0N;O=%b;Yb
z^p+rHJbAJ_MbEdk+m(kib)Mf0BG22Dh2gpc3p6EIU;Pj8@Zw5t72wbzC^)Cg%$><N
z!XfqrA*Gn3Hgd`9@xNJUCg?O8U5+pulX1u*-?c6QiAVHOC6)<N5FbUJ#EG?(``r-p
zA$EzDT9utX2&snNRCDgS2}2N5X|b=D=F-Yo1S3VBa+o8JU4b!%-Yc+=nCHeTw)V>T
zr}NMC3QsYMF7g@*)M}ZQUODY8r@do*B0gB1fEyE_W*GTWk}BxV<Bj9)`vawi{hR#R
zJL&En{O$DM(_!!M!|~rfp6qwe4)%+*)%NqZ-dXqTV-KOf?fu$4JxhP<o}8dh2dA<<
zixL0LoR84oj92sDwzsyoT3fGLTRW)zyz~5ZXLrYW`Re)3tF7%<FVN3hTU%S`<JsQd
zOdPboCC#-oB>vWJJFg^_BxkcRFcjCGYW6uj=<fduA!Mc@-}KJ9r)Tna_uYXtZc8cA
z+Cm7mH`VY@6_61^R`i3HFSuD6DS%o`Ut*Ms1qu?<+H1fFxoFCiK$0(}Ucs7~Mk-OH
zaS(<q?4XY)?@qh>2k4jX;nBf<$LzZS7Q+c@7S5`vIMxOAUC5FkNvTIf$Ns~?LBLDv
zL$nSch7N2&9Z56;>bk`5BvLU;5vnW)hwl+3o}01)eQK_#pKhS1CaT&~#dV*i-PxZ4
zC67#R2KM_2m$3RQKFMp2VwK}+wi)(;3Mb#N>Qw_tvzpk?N;7J+x?qK&M#%kzSO3n)
zdp>bLFDCAt?atOKXKQ=w`K#SmuXg4T_iLx^Y#Y+n5c^H})m+fnlGg}c%#AH&q~vR(
znN45%PFlHRGG95;l_G>}wS)^a<hSB=Zfzwi{V-Tk`?Y3CCm@JzfPi6q`ox4qqGY!O
zw<_bLvt|QT0y|*tIuKtB-T@rq*`>CUNL7#ZIVPYb9%Je!qEg?+^}g{e2O;Q{5`s=b
zGNND1>6(Q)FM8Yr4N(v>!G_FJ1_%sHfZ+2X7ZkKkm&7+71jg7ueQB7qYwYYf5mB&#
zruc#&CAKro(qgr6NJfyT-5lZkv2wgaFP*j=de?Ph)eEq^qy6ql`e1L$!&E_b)29b1
z2YHNLL_zGct{u<@m=hQ{6&#J>D7_{b(E3Iqc3if#b{3fX+J1a1v98_9)RhG0&<LEz
zKdHL^pi=5$A$s@eACB^}GIG_sPyawlF=2wD;Een?2nm*FPY`$$MZ;5l;$tIpNy!!5
zd}_H)?omy>{7tQiH@KrWPf4`Uwci3E-9ZO9^eBnNMmXXC?4Bc+x**@#fs-^Chb&YF
zPVJ>AkDQ$PLxKi`_(&od2-8#8GGPl*reKFYDiD?>;-)0!_RH;8ZH3f0pc<V0_?pZj
zBNIlQgB)*;euBx00pGlA_u+sL`6M9}9MGq5y%dt6iWMFb9(l_1+%H-O<-dNGld{nu
zng+)09Ox>8y)T?y=Vk8nv5~qH^*m5sq|&wNk-|H$lhQWZ#?xG@DN|l}Q0pYw;>^eP
z)&^>;8};_K#5&XJwzKP?L!~f)b(1rP5IhA}<F)|}Na?^S2GPj+*%~%l=--_A@MBCE
zS0Dcku-Gj;i78k-d!`-f%@wW%jdt61R<}QFJ$sh8w}UgiFi`>ASbq%@_nC@`prZnq
zLt`>MkNOw9gFYMVyt=xw?|WG|-oyhIiA|qe@y+(D*E^fZxvxgyb)_VqTVq79h(a>O
zBBWpHbdj#GZZ0MOOSRsBr{T7t&&%4S0@O=fun><y3Y=mUV<J*4Qf>nPG+9kK(QA!?
zKQ^0<<&z)}#t_kfNLgB|I@6$*qPvE_$HqK;JM<gzz#br@owg*m_;R_?iw4TJPn-P1
zc#Wt$n4v4lePoZzT%O9-r=aBHkyZk0P@6=Fa3Q|by{u}p(UZGoq$6*P2yq8^c!3hv
z021>5#|j$KXdE8@@&TbYZ~hZKd!}6ZGo%6=EqeB>5f}U<PZU@?A802s>LW`h^9&LH
z5?$huJC4;u>{6BK!i0@+Ql+zAvEat1lmkN9L!);}@utFiWNK$TXzSP9kF9*N?9-?x
zT^Mn?)}H07YF`s2dOEA{5mO46w98YvLGTw*txct5s4wT_hH91S2^IwDv8J1O_AI}c
z<}Uny$Yq_60neT_5c=Hy1O3uH>mGGb68T5FCWl~aqqjIu?~2MpSJ&J>IO`tDs%OR^
zBhg;VO*ZjpQ>k0>PT_LLQG$WiVrBbFsp8sg=eeWJjEo~W2-%XSXb+z$9f!v01cn4+
z5lC{LYwN*?Iha@s2m6WJx3LZuI`lxwJoqzouI)l9c`w}h52G+7zSxYFa?V6dy(db2
zaCrQ#_35zNI(fJM@%>5n=xE&<v$>2&nc1f90OE62yne0}HOvjJne+ydhXtjuB4Et}
z7Zbh>32j%qqqg5O`;J759?A7x*_EJW({GRtW@FZ{-`;XwI$N#q#Vd2MZ9d5X@**!i
zkB#Y2HRCgvIR94H7MM?T3k4B>)WGB0#gso^?nbq50HMRoXxqaL`8u{ej9tajHb8xg
zCn-;22g0Xo`|H@}&z75$0ZJ;v?j_acO-BDfr&HomEQmLgvhe$p52t6{<FgKmy{3U$
zjN5chk!owNed{<S>&DK2)=K1{7u#i_4`M>XD{9CLP+@G+UBTY1Zi^%jC{W-RUND12
z|1=OYdFIh+#2lSOixk)B9vyx7?fl^V$=Sc+w%^Qj&VX1EpJ1OlA_EQ@F?HZ!|H8h^
zF{Wa6a4fjbS7xD?#AAURMdBp!+#-!wW&-e1k-B6wcSA{p4~e-w;sJZyKzJnCwb0ju
z%p;+l1T-6EBw#Lg8i(3cN1e>EuOtqAM{cnl9SUR=d7jFGJRx2nL86s=0C6@Tup63E
zAGEWo;sH<4TX~v+-AoC>;QI)p7PEeG5D1Bi6DQA6x?eLjebJ@Dki;*Qw_!5j>b6n^
zt>*0a(4r09>L$}Atu|91G%MVWPa-iJFtir)=>C@TPv@U~GzhV;5-IlE@Fuk{S+_;X
zfSL;ufahQfeSkYFeMPClu0VdGwSMp5^wZ(q0c5`EtCK+-*l(@>;b=c$Ve5u=Elph_
z3ai_d+zBXkKPH&IJ<}%Lx*z@b@rSd6o+G~Ke1EBdng~4R?rkuOZ$*l=ev*Ok%b`&=
z9_o9UHFYZs0A7!GrZ~n-URxiMz$l0+q5+nL|7%J4&e%qo-U8;LHFHR@-~kg&CWiW1
zZDW7E%zTY}Aw$%n0)ajfu5QhZl00^LY&-_B!rsi~9u5+2jA!vq5^wbC04z5kS-iiY
zl~!1wt2kTSFg?S#kt}j#$F3VitqHP`5VbzWRndO;toydx(_j7*ZHj5IDUT*m;KV@g
zg572q`I$JD7Hz0NkW;u=1zXn``ScxNf{Q#o3$@vml7zN$Q#lq@Y&_W?gg=6_r=U}!
z6&C8i8Ox0TU{3#1LGECk<cMR(AvH}{qU20#Nme?xp_y%bx`p@xL|tH}0S;G>rO^G~
z#n8>m!5~q9sh;I@>9HZUuRS+(e1`;d$x_&&@meYXp%NHlMzEeJc8wrn0FZ*Bxh+V*
zI-HOxPOS8RV;Mu4l<CKahFsXZ6S$@&ivuW~IiQS{`EQ;eH)KIFk`#>pmt9U%V*Qd4
zCn5USJ2=gk0KWtjGLIw$jEjQ?|I@dJXUE<5hhP90WAM{dGviP~8Sbw`dPzMpCg5US
zJVpt=s^OH>Vpm#vvg%4q`;YJEk;je^hGS@Jf@5`YqE#8vO-Yx`?<U#T!SS(vA6r{n
zTQ7EY;NPvSt?a*B?dRM7(cal=zu4Z{-g>e7A6whoFP^vm18v>r#LW{)vG+f=ZroRP
za^K05TiZ?pfo$OL$>xNyiw=4kgrub<g$=o#w6xUmG*h&7Md)}UI_PPu{q%bxf*<&)
zL;qTf(Xzar7wTg!{qJsN>3?fy=aK&J;(3COh!WFG<U*xuu#G{nKzoN$D&=SpQP1V-
zj+_e}3ZN(w8};p=;?5&Cc%V-m`sb6WvaN1u&pmfBRxpqLx1R50=znK>Yxj}<@8XG_
z4CKC_2~2(8V|#pV|CvkwD*EB+L3jWCfircN>0|Exzx_Nz|6AMJkMw^h&mIeA$fQpQ
zb2rY|cQ;vB5RBR6#SkjUr4Dp8#lhoN|6M&b>0bx=U5*XRqyLvXS@~c7^+^AB@zjhg
zebaE#!!(;I4l3<5&LC)QI!-k8|E<E6Wf+aJ9>T60$A%^q=aKu14E-LI-2N!el<>LK
zgb6A7S}rcdlhlM&G_d*1xF-FVM?bE?6XwzX&Q@0cxBL9%i%0sui|1d(1gg!l(qW8Q
zm_#vFJir9L#vw70wq4{V=?c`9#DFnjE?iC4ss*TGNphf;sa*?0*gO*=eBJUrcJ6xx
z?)RBX|Jo`@1q|}o@M7^k=F$K2=UMr`z5S^FyPGF%fNnyes#}2uvgo7}8|CU?T6W?+
z{kwsT{Xqw9IWL^;hD*nUiw@!wyuJIP^KxhF<*Vo0uXo+&TkVnSwqLv&;gLJQ_~nZ&
zmu$bpgWa9M)@bzn#bCGneD~FByo<MY+q+vYw+F9Y?KWaR^A2h%FRs_Et@c^_WoKur
zv$gHKe7(E%`bGQI>;Kz)JcrbI7Nh@#RsZnJJ^%0Q=IDR-<s<#y#gnH0Bp7nc0a7IW
z#rXoS7Gw+eJ;}$X^qEWl#hLyV>Z6+ecXnUw<nI5spKm|X|6M#!o}hOsuBVR5qry;G
zJ{wP-puB%>N#d4l<qhpwmvwd9$Yd5VX4Y|tQ7<BpF<AKmSfM?~m4of5H>YGwxzJ&O
z;wbPcH-wy!4m~RQU4rQy^z~cgi3uBTn&_bE%=|vaQ<9Xhn(V+^$vl(7{~$B<HLj(-
z!S+1Nxooy){SB^sr9r`rQRkB<C?unV<<`#gC+DnU<bzCSrl#vsmXY)dY(Nnbc-%ql
zw)5KAYUzNM?X6bWZXopJ3F^gZ2{Tdm)n_}+%TpDG|0$xQBzYmC96eQ0D4uR0;&GxP
z(K7V(aCFSXNk};H#Z%Q>429yrkr5|hYaCIRY^tP#n@@s}w1P-wfL8CIC5Zu6f&jZK
z)zgP0tbd$&(MLE8@k}0RvzXv$Xz1WcCdbqi`;kfw0QPTgE|{Z}nO9{*%$Rms0dtd7
z*5Kr;Gb02cy~KjF%vx`n**<~!#&|1VRN<|ej<SgjBO(_Kj2OWJQdw#;@K03f%j}#>
z${R%i8XXD<o5|7JZtqth%;WC+L*$Y{r1EM|AL7iqWMILf$`eqRZb8R<^NDP}#r)O)
z^GPdiw}Dh2=2BA<QBQ>0-ZPN<AFNEw$1D||vG-5B0oH)$O)>RjTW4c9EeozoLVJR2
zAAwG$N7-i0-c(~*rvqrPq0_V3iB9Y=+fSb4<I#0YN>VVb1=B^Xl+j*&sR(MyAzm<a
zYNFP4bX+{yeZKMh^|49Ip(Vy5rc=yz5;V|UX8>Ve;qN)DX64LgmFz~7V4CGvIZ2jd
zH_J1e+h;lPjB{*f9^+9wBZc8QWtx~F9WPN8GEsC18bW$$lX@Ne8C42DldBFmRY^=n
z)tL5bw_Hya2<xbt_-#UbE1)E}K8o1Q$w)Uyhkyk4J!_6C<*+j79!{>5k-cizo{?Zk
z)^{bjPr;2uBH{mpU>k8(R%K4lJE%`x)Qb8Y`1k*3@7ufL#+7~l_ovWtXD*P94NVee
zcHfh|E+I@dYw}<Lliag1vp{XDyFIuqk7Yx82kvLTOQn)5Kl%j;$uRA;cZRn0D7{Lh
zQq`|sk!unZIq^c5xWpUmoU7s$LEvqMl*SWT>Y#|h(ZB#{+UOKPfU%+x3{z4Og@UZh
zj@;Icsu(1119!Rq;RWDu8jm~;GPyj2CL&ApqeN{vk{DG<%EQKBR}eIn%h*heO`N{9
zVvwO3wn(-WC?gbUaP^hteptjT!>G8f6aX(=zahpg1ASdC#BmYlQ5rMP)T89QPFb;B
zNoxN&;$d_7+<Eouj)7O~Qx5gF^j0;lJ<$NGJ<{FYmhz+3m++>fSouxu1%cd>?oM#|
z9$m6Ls*2un@C8=Yx}8a8Q-&YZK=oD_LPaeW2|k+WM=R$xta>z{Q=U0;21`*XsAt7+
zjXZ$`qck$jVZ=>ufldi{60j7`^)kzr>=ZM0_|8d1DqF2K3|m^-hc`m`WJpeMQt2w0
z<X9;Ql}FOi$&r)wY0y%d1q;wNFAA6fGSOL~_^I~!z_<FRT$C}rWXA}{)+0Nmq$(y!
zFv@ts6|TlO%E_3AtVejVN%&x}iFg8MG)?1)`K4}<!T*Q{G;R^dr+KXZ)8F07iX@N5
zOvhrnqOo#YfA#CW_hIj~_xj-d!D~r&N!&ir)+1{?!DG$O+I_8z2y$L&=Q)BFhsr-}
zvy7B)GAM*11ks9P<%DH-i8Tf|r{A3(^rU=VBH{k4+Pw~u6`YiXl>Ls!zhevUVIM<?
zVGMW$9SVUke=T<tXop-JnvGQ<BjlWnKxnc`0d_{llQZibE{ie}j%1mZlbgcukz2BL
zH!oR@^7h3I%6vQDXsoB@V?$ufGIKHB(a~2u>S<3R4}?azr_V(0Wko{P<tZxRIs2~-
z$Bu}v!G|>dY_HyC@TOXa{kTY320tyYr)U5v;AjzvuiaKOo$&Gz0~B*lk42@iPIEAN
zr3+fEeP-2vJ91%PZ9)MzhQdrdC4$vL)XK#Am6COP`iuPZ26%r3s{}%{g5e9?w_Au!
zvZiU6^iD^PxF+)FC~o2B76`_DP5D_psssKsdQ?NDd<7yU4GlQ%9%<8}0XDZJVNajN
zqy!#@sP$+K3?P$Ng8jni=NUanF5yRc+w$|fcj^UEazc-|eVVzdlgd2iFY@ts6~sl0
zBUT7+ly=ngL*f94s9M^4nu+~4sGY#0rdHuZdDtg38;Y;g>Gr@MLT!5)Kvq>w_h^Fx
z@!56!u^Nbbp3y|mKm(uL8@V57ET>9+u2w9t?8cyUP_s$10L)>Dhf$E5!y6s5cptRx
z^6(%F`|OGl%~<%N7z|h@+#YeCZEwGM;oiW+Y!5A;7J0j6Z;`+`a)jn~TO}M(qZj8P
z^@v;wu{9A0#GiWa?c42dbf2*bZ1m%v&;n1t$cfzlA>o;J*#>aBX0AD1^0>Vx(AKru
zA-6I?f^)B@jS0P+dwu39W5P0yw(!81(91_Ofo({;+m!`Lit1f?fSo0~v^fz~SQ}d8
zBbMY^s+u}I;rNy)1W?P=+bMNvJ&mG+4&1d=b0?o=KR#>Xk#zX)KCR9Ya_zzOiE_)Q
zvHE|W6(WcCBQA3D8WO>qT7vP!_;8OW0z{<lKX?4@E`Ydh?K~yp@R`~k4JWmsA6u8V
zlAKSQcVSazyuu`DG|}l)i#8PW<`6V(!I%#+Yppco?g+SM&jQJQBA(C;RE?NG!{-(W
zp}A$xx5%jLBI+YP-I%np<{VAzi7H3kvW+Ka^6i-_+!v!BxyI`^()q8gew1v9k$%B~
z5hw0TUIsGu-O4Ug+fR&~Tmg^Cxi)SzfLnGC;tSAUm|s;1u{MMY^zGECRq2v?7uCjE
z$(Re(N!BF?rOKrPMF?R9q_^&MHfr?AF^7n8H0E%RV-ZAnHig1E=_n5a-C7GyLd%_0
zuz)9_Fad@V#zF<b3o1~_m4+D&7+kO{q+~N{5lOvd%VI0#>YuHSE;Ztb#|IujWW$`a
zKD?6k9kDFp;fbQIN1iBcU=v7L=8i*}wyKtjEbfuDHBdHYmn_2{Da0OEe*((1PE-ua
zACjrPe5-#%Nm%(|bS4l_ozW~9ozXncOm*;P5XrTy-vuKkrBe8j$HG25R8A*KX;p0{
zzU?W!z!4Xc58BD|Nh(_`|I^dDg2N+FbOriXkG$mxGac~k>60C&de00>4<523p5>@p
z)AHeKPQw>8rb&RfU~hFgn*_1om8+Q~m|1vb*hBqpt0PPFBt4Sg@~%}=*hA`%(6NFh
z6Fb;=85B^Ua(zrE3bkD6)qHXw+enQYguWv5bzN2wV8~G3+tz!;?gY7f3}h`&<huES
zouW$yk;m&J0cG#R7FmZ!IAbKOq$F0sP|s=q0-AIH`SC2pQHw@Bh<Oou==_q&vnsoy
zalF;Zn8>pz$UQ7(z%yu*Zj#m}w>Rws+HefWaO%e0Bi(IZ{ZEP>ctcFHyn$x7E;b~y
zlmF3>_z*o2Cks!A7>&u8jUf_Mr$b(ppp$Bw)gfn<20T<ZGl;%7K|hxA`Uz!t0X!aR
zBIjEnyWA3^v5J<t`}EDZQdPmFMm_@d!AGnNQ1)64_HomXqkcxSi8)&%YVX$5?(T*L
zKY{`+lBXA1CbIv;BA@I&d%CeH3sY;#M63oFrGyv55s3!1?O$D^$1#gxPm^b}5u=xp
z+ESc~yELw_^YRj@8CO(AFe{`m4nR@)I34JVE(HQL=9hT60QUst@S3$<SCf|(8D$;k
zaDPR9{P9Opj+c};NhO#ct`|i5(t-P;WXLlX%HB9{-ocqhMS`5G2n?Dss8rpDRf%j<
z;xuCxqXiUECQzLYIUHyO_h!XhN@;%o+kW*gOplkVuIIL8ab1m>Yi?fjRVA!**}^Cp
zVp&p9RqFM1%d2Zc3NctsQpE8lNqD0w6*VRjN{u5}zDa@+=f>+yFG^D@%X~uChv|+S
zC5W^Pag1pe5_PyB<kc@K2s8O#>hd+G!39{DSV7|2u2H0DURnT*X+noAZ0UZv+#qZ;
z-nLtvfAoIe*b-<H0#hPJq%u(>m7iXp7fGn67ls&v+vIl6y$QkT2h|W(7DQqh{=z>-
z3mcvhAHvL+d{%2yp&5FYJq4^b9qOz~C9FkB3us#4Izoj2gOM@_q(*wF7~%=DBu!|(
zR&}98haD=g7H-pUhMXH(BH8duTc0RO!vvl%a`axIp6Xi@y#X7_MA27tt*rqWHM2w4
zbEUKZ``8;EGBn2U$T6eghb+q3y972e5&eht$WO1L7U4op&uX-zT9{}%K$9}U%!S4a
zwmvoWi;GF=lGkTEhAVF?Y{gbb5#<R*Rm6l-C9`J)&tne8Iln46Oth%78t_JK#1%VO
zNA1o%ZFdr~5}S6@2BuY!P0}plS(Hx#+4H4KDJWUETn!=`!VoVhb5-Q+EmaKMb4zJ+
zs{>)s5t{YOmaN<A(IoU}l1H9?^JVMFA)YJLVs)z5XF2sSTELwulr`zW@zRX3af-L0
zHmog*(YlHF(;^78@I-|&)IxVt3{QFZ+D?)3aIcvNsj+shHM|qvD~}1y>G|F=*fR#L
zpv6~T;6_Okx>#Xt#Z*fmA_`eRGZX(N<)PuowJQ&JqtoNh^4ep<iwv#D5@Ym5w1Kt#
zz4qy-&43OQ$P-vu6|t(5U#j)U#|VyaP$S))Cr^R>A<b~rqHObQOZV2puLVe5+77AX
zFrLX2_o<x?t4H4!W^|%}tt-3;xao=&tyt0hv7!TWJ!qL7>rb%YEj9q`<Ip~PG}nK~
zJ)@XyEdG8WCVl>?e2?~wJ@Roa<ZGK`&E#GCUGuA2g>x96T326&iP~kYc<3E@C@{A>
zuuyG?t57;Po{%caOBgO4&a-|%HNGL$gI3!qci#lK&_UCzNJao=J&tOE?p!PKfREDx
zOsP@-1%{R8mvZ7!bttlw0;orJp6$Mg;7yPg^5^zgSuKQNMaih*K;Xd?;~tvgWnE2J
zSdjZs%ZJkjm%i#-ZL%m2IdAP`Wx+mqm&6ltn8;I-AbBPknmjZUrG7^H!GvEmRUfE<
zHs>lVd(1-?LvzwJp7_f68qew~ioU|AfzZk({u&0_Q>EcusftKln#^HS@u*ZT)2w2l
z0}2~CK@11u2~r_v$YwQwQXE5ZX>NxyQm`^KnV_;$6|-I^mV`{6bhUk4mT#20-#F%1
z2cML(RZmSQB^nU+Nlx(ytm?t?U+7&$5)VqAWN2wPKHp%MVZR)4xO1U72022=b8CRt
zMCn#g9#$cXid2Y7MtQi*BD$%e-LY7M5<lcTRKu`|0Pz&V9KL*kdaD;juCDT;F%z5Q
zilGfTq|xE|6`niB7E!IhPF92%V!=JphJ?RTst0Y4jtXf>k?AvVA;6fLOt4B}wtM7^
zKGN{<5TB&a%m~GBC%{7A+6WFRo51w3G`t#m9C!JWM`s*Nz%sb!4=ZU8KBaOsY9Ahz
z!6Tn9*rW&fHZdfC6hjV^O@wvrk&n8#-)~^2n@XD27?hk+*%>MQqmn}7=#nLJovD~h
zG>qU^n(;ncNK3G&-M6mDGnII%lC6%F8QyF-I`NVG-KJ?njG31#rW5-H5OxmxR<JAI
z$yv*b+`N3|5QwZ@WbAa5F)`wC*dx23#DPg{z3n=Vp?EoRo_!r^)FI{c^-1%VGsn57
zw+5LAnSHBSJ*2gEYwZoJu0q#@swGNCVAskp0;M1st)g(LwY~<rFqQ5EO4x_2qSTK<
zh1zyb=ERF~Si9!(8;WFE9u1;^<{;GBKeYj;l8ym;AB5nc$o=v&m^z@KBy;_YKc}Yu
zg-z;teqodLY<tsc0wpe9V1+H4PiYSXqq22!^4f67{zMBEsIwjuYBv~)U)UaAR^>_Y
zoQFc0f~hv`@0li<_Q*H3*&?kp@0eX`3&7Wr$ib-~E(@u0mNCn-C=ikz@k}1WI~@n#
zwQ9;s;RMA?>-xIwj=FlRa+LI&W^fQ;1+XI#WK?EblXa}MCc$g{e|CTRQ6*^Jgd!bp
zcoHFdZ&^9Sx<sy=?6lViaN-^rt5TGVBEP}S?4=YIo@}G<AyIUnDy|@T1nz(P$_(?!
zwBWc<TPp<3hWmm$YyDNWh1C924Lk#$F)p^sp7!*<)lrtDdZ?A_feIsOkBn^B@*Qn;
z^O|uORXB!HVEUsFxo)c<SrJP?Ayo~dAx(1=s~b$Fz^KLeX1=jQdj~ubc}63Ycc3UO
zmZBx59jFK=Q0eC>)A#f*xy93%$!YlSV#qA_jn{NoCW3uE>ydPLX1Qma#dP=?%YW{E
z{#?38yDjd_F7e6Djfbnyy&+rV$?o<x`4{+(n2H8cQs|EDSFsUetiz^Ymn;J%h!iLz
z<*8%7H&&;~r^4W*%B0ZtHIb8Xu{P8Nf2thU`xBX8_QNAJk8f^VnR>*FY+Y>lHTsM3
zn98%7RhUiAvIVPg#S``|9j<kYJ;OGQ>-Dz(Qw{Ior=J==%r)2qvhrlEdosTSMrqsp
zpmjSgi`lI0D&qwc35(50o#~P4$Rd*=z#C#&-ep8Rsy)%9bfDBDP~n?$Gn8bf!?VzM
zUZ_`u{8=zLJKU3l*9ZHjB=kcHIv=uk0^Pnz_V-Q>$cKL)yp;t6G^a5i`Xee#VQ0qw
zXx(JrBy0Qc-o8E9KV91(r?t!$A!j1`kCknM9K1d`Alu~N?Mq34{7Qa4e)ncdb^`uh
z8F+vL)d`1CT<dFkiEpoM67!=gf9P&q+i*=UjH^9mDZ#8a@+kx;+T7QBFAiS2wT~6H
z<JvN(rq``hAX|6VpX5wTtLD|-udfbfS92n}s8)^a0w~u-CFC?m7Vs6p4F{#FHvZ7*
z5W(2e)784!_DWBgR;4GY_^RM5t%p2%b$0N7kKP@h9vq*&JUrQZ@%rHG<-yN;zrH>_
zdvkDle7Jw2yGVP~NO{b4YNf*A6fgT*T%^AMV`(}`lNoO1Euu%=JNgUIbj$Owk_T^n
zj3=aVpl*ufGfuJX=h*g>?6kA&l+!FB&C~UFLfhBH|C%5FMZHl9;VqEEmqmbE9{+vk
z$+H#y+r2zBfmxoohaejsCWDNsfVV})9GXV&H4fxu*P&_pzJ~N_??8LxwX*Xh|7P)+
zz^nlV0RSZ$oWw*c@3Z`hu|&(G1fe8}6;&M_wbg9}XqEaC66J!$1K%0(F*8>yS65dR
z5K1QsBuScA+Mhyxl_-m%m=C!yo?K&^UHEA-bS~Hg!e93sPa|S_7$Ms6N}MK-42lG_
z`HrU>;b@R3xcKx48`CK6Sr@1O$D+g`xUC@soKpeeG}k`fEH^aOX-*A*ckcKvxBhPx
z0&Xt;>ytYE>(1`>3jh6Ho=(S{0&%t}tTu?*j-Vd>3E4l~+J8xM&SQZFC0uS)O!y9p
zZ10tnr3&$2)~s+}zyD{+^{-i;*g6YnO8Ze9<q;Epp3dM0bJl;iyW6eDfB12Q|9U^q
z=g(V@$z?R|!Ts+bidjBM+4HgNmSDts<nh+cjU!Vz$1E>0rF@}jn(;J?07t?|1_<mT
zcW8OO^Bv6Vp`MtyY8LsGsbgg*i*kvFS)&0FY<$VGeLhZU#)$jhUBCO(+jfb+Z<q5+
z(Px<3e--7LCS6XNMM+Lv@Qj7q&aKOCpXIb$Rs}$Swe&PiWlAei5;p!`rhg)3{jgx?
z=+xg~&y*ft{>4vl@N8yl>8o!&;a5-Pxjp}9S;n(DoL@b2`2Wt%PM!Zh-R(YE@&EgH
zmf-)VqYQlJVBpbf1_FW0^Bm$GLF{1dag3mMXy*e8eZ&`obiU*K3OY^T505Ts9EETa
zJ&+Y_Z<F40gby#7W0^?!covZr$IOQ!U9uiVK~7xw_6wW1#7${F@^kKMs<yXX;woe%
z^T%7b<8cQOi$lnQ7*N~W?uOxD4GOzoi^A>_6m|`T4N`E0VzhQsyl7HlH%qu=J&r`)
zHX_X~*pRh>{?a9nHi+B|4H%#SPyowy3@=fyjd&Uy*)uSLKHT&ZKCn^~0jUgt0c^IL
z0P72<6*cvuoLoUDyL^=KD>YSps28aup4RPF>N}!ve~O8wZ_e|&RE`88ZL>wl$?^w}
z65_hVZ}x)87(vv{mi)e^4ll<2L-DJk19M}=KqK~P?>TXQOOEzVPCmRletAL;j*s6R
zgHf<rk2=yH2K~ZYWV3#)Mb2!n>mP($sS`wkLAB~;1Fk{uX*G2vAAIxY_WM72M1Fz&
z|H-p@{I93aR{G!jd2V<9lcyUKegkaJTDBjYAn+fTtP{1{sOTD;=PvQztNl^$fBA^1
z)WlT*I`oz@jT={MF#B|7#p{q9&^LAZ`jeel+e5S_*B{FaIUUwg$v4*|=XxJ2&u2b{
zE3sH*`PQ$-D#0|Q*@Wj)a@ZWWjg?xQ+5JIm{UCahZ&%B%w;!4}_k4@vk5O0-VayC!
zXiN!~z%%BBWkyk(9Yz9~IzhUd)4%O(l+#BiQok3OOBJfD-Q0RFM<2+$fve-`L!Cji
zh054j7B6P_T55Ps6vSQit=~H0)n87fYSpMpHvE#_6Cu%ntV^MPUCC#5F&i)*%~(2B
zN-GsZE!qU&^JlQis?bp(V<lP4e{R43E9<;3u>W_v-Fp15r_Y|O;{V;tv&8=Yi?K2(
zp-R*wn95Xfj_BlyqtZ0>s}?I}J=eDiF!J+D3ruIk;;}DAYF5t30^c!DvpyXMSn&{j
zoPzzYH9bP8c>PH=hmKFsx?L(eVeQYr6V#0RB4vTEy`p`~Uq_)nT?W+@^ZM2*;O^bK
zY*($=>tFr3J^xpeX94y<_x!j0^l6>{Kiz(|;{W&YEW!T|KBWlIrcj#Dz!WCPbd8zK
zW4tm6fMF@O4#iEhsBVWklc%bzNCL9^1pbW1Cjfj&T(5b_q=-atdu23apj^=?hEPEu
zAVhyslCJi!c@4k~rFpFK<e93{5cRjdWxEFJei|_1{=+5inS1+2QPXiMh}@qAjiW)t
zLMf!H5F5@1rb>tOxvWD{E=ZpRRPIB9j~TIca_Az^Dhu#e0e5v3loK3d*RiW!z6INF
zh-HwnV8eF~2bIuwrQe*@_fc+ux1iruB!eQ3k=ogPUV2~HM{1lW^{{v*&C~=7^}Bu1
z`6xk+z{2y@qSJJTDy6!08d@uFmnN`23oE6mdY74OE0yfu@45Z{FVJykz63C5|9{eb
z_G5kj|8aMFwg2D8v&8=YiX|+Az;;T(r&xG-hub(_=ozATINml^<KMI^fvahVi~Luz
zHO0PM;*KZg&-w-Ak#*fzE6O7W^%vSv&9`tPl~-jgdXLbqXO<Bx8Ag{Z(eeZaEhBhG
z30q!dBKFuYpgdtd`A3ut_{?A>xcKsnF&&wtYOUGPG-4Pb+2lrV*;lM(Yn72F&<J=R
z(STer3>U^OSw`b}yM^3PZ2PY2z3NLjzV@Z+>4=%n8l2m>S)zk5;M`6V1F93Ku`RE+
zpJy$nO{{%G%Th{$Xz8Fz(a%XhbG>g*Pi)C(p2C)?PuzO3Kwx|Raw~T+dAlfBUxXKI
zvd|j5V3Rv7LC7!v1w(|@IwPL!`gY?5+sjWT(#r?3&Y$hj)n@9*0(#Gh54G8|xMi-D
zml4&EGV>dnruufusQP80&q<Vo?9;3~k4){;FPoaPSm#-ZlHc)j2l-Fo3g2D+>vne=
z`kx=4t>nLZd6vKbw=aOJ0Pbzu4^9#Q9xbnVEnL0!?Z-;6s4+mTD#Mc=*#OwUO0B~E
z%Ey+Qd$0ZKzL8BkVmE7iK0DJ)ei{vGg;luxI{OpO@s%VSwd-8XlAGB0zq!A;_8m8<
z78cA441Nk_Q(Lpz1iruL_WVCjV-(Ql?ErK5|Mu>7{rvyz$<EUi|G$rCDgK{?5UUd5
znrdiiCL+)D!$>)0GAOIu5a4zDRsgRWhx}=~K(mS(2baw|6q2V&xm}s!78c)A3G+18
zU-TieVro)hm1UN7%yUh0{y%gaZ?xzBj%-tIzy6CnTFm@ouKc(AwBi5p^yzB--^;Va
z`ac4{uP9NV02)Vl$Z|rpHUeh<EDoS14W5LDEXQ?^iiw)fgO^mD9`G&X@$}0D`NEWn
zE#HnztCiYmhWbvq!i{m!1Wv))5QWgC3b?s>{%HN8=(8Y?p>wcnJg)?R{rtIU%x{2G
z$;}NUz<f71#N*@-!4t_8pSz#^kml5vDS#w$b93X8Yls54`;>TI$O0a+jTYU}iz13c
z4e_Hc=#*N8svE$$<5uefHE4Pu#uF1e-JL%YwW2IbOZWonwlt1%IUqv*0UjYz+QnvD
zIf^u8**+EQ=SEhr(`?v9*6XO~M5dKinnF%Xu}<I%@yW(CgGlrMIdi9%a=$yn?fJj$
z=rns5n9cupx=$PSAJ2AI^56YDOYr~qYQVK#c2S2ug$%LJlYw&So9_RHJo!$}c~))R
zFI(FTN4plEzp9I!hSI3J)>ZnZtqCpeb=6_0`_@4#+tt!_wY#P|8EV+phT0v1&-Wy6
z7k|da+s%c_^uE@1w`6O;F`dHXYp++3Azo{QTO#Kf3o8|yeMNXUSU>>o1M})v$tpT{
z0L5#s!kxNrwG6V3!q)WuLo0g&p;9@7+}UH)Hv?^EuND{d#Km3GnmyIauo<eF+G^Lw
zy_w5>exs(lzm91Z(Xd}muX$^-B5ADF$M?HFs?)gY8w&%m2MCl^5zn{hcRdd{v{s4&
zX(WHw|3iK<lN=QZjTKp|xuzSCv)d}LU6G35%^ACl*p<4!O!6qhxx)u!?FX@@?lj>h
zQ}u;hfTmRyN7#mxSZVKbvX1w27Gb4;+31AlI^!&l9B8MV%v5O(L2{8<XC#wk$nt&V
zCj7oJ9u@y(&5$bMdZVVLPFq&~IvLN+@Q_n=CbeO)6$0pQ$#02P*!&=VOWdXb!IV>?
zzcG8Pbls|a82<*hv{1i8vgUbG-1<R0e<TxY6mJ#a$_HCMGg->NOs_SXKUeu)W$4Ip
zON1}useeZ%FZ?<)7t;>+$kUhL-c5$ue&t?asKC9n#7Z+p7UQ4G2m#F&H=Oyw1+K=M
zOvdWH`^NNi3XQb79`z6&8K3>yskgkkno=yzb}XnYr?%pBMaP`yZ&X&D7EENP?dlol
z`LBXyZQHwFP6casR~bE-(c0&ykW<oIp3j@#W>RlDs=^=9VR2fog?+yeEZeAD{?%w(
zrkmR3pP3!h);D+UpSHd!ORX@zxf9DmwQtPbwux0HUu<Go#V<X#%Di8t8{674zbhBu
zuC)V4<9OLZRLNrNCxBV*yEFF>E6l`K*g~xM3yba|qUfW82Eb-Fww0s1ZX;HUm)=XD
zQY4Ug<OSz3qe(>`*TIjhYP4-86=h}!j+gu7rLu0*AmK}FR_%RjiPJT!vKDo?RfN`c
z)a?l?1>(wItR$7VR)k*sM<%_^Am*2P!6xRdI5Nw<jZACdE=94;jpkBsRdTRQ@5pv!
zP0ph0YY{mf)n$uEcM&4WbgctX=hU;tZK~eFioVjqneW1rTd1guNNuyAVcgR!Z^4~w
zv6-+?&&=PyzD!Te+Q(W?LifIh&EB*2ice7-(ahj;%cEAvf+%E?u>;T5k*Ww<d?A^$
zHm&B;EClnlnHo08SWJ6-;OTF(Hm0fe#Bf1`w$5c-t*a;>MF~=^_n;app1L*6Zb8+S
zxF+6BF^p?XWz|!Yf6(T5ZZ5Dqz9xSbJZHBOTUw`pRuE*-aD?gs3`$lpfnIJ7)VD#L
z2Mb<M&o9r~Q&c}04a^<pXT6eXE6th@r7U9&hc>uhuMeq3OHH=GQQfFEr)H11P#wz_
z{Dme9a%`)GOHLRq?c8~$=z^*Xw{@UqjSn`cy4)H=fx%F|U{7jCiH4B2WQR@>^z_le
z91>J0pxLK{Zy~TR+@i0-3d*Fv3YH}`{oFKm0Aglyoz0kq#9lFJLn^Bp*|lYArmXG-
zcD}}r(q7}2XA2em#I5*3^-S>>p2V%~xf`o$(=E+mTWuvSSj?B@a&3yMTQIuTli*)?
zmP~EaoS8CZR;0DXZBK<+>HcQ;2e-HXx}sSUCBp?wfam&uZ8z+{x;v}*Klk!1VgL0(
z4LG5FUgQY)p7A(_aN%?~%k0<86-<9hhcn<`k2%k03BawT**;UC|1zElu6E^hi3RAo
zfw+`)^ww*Vu_62PbCiU{^|If73;*%xT8!w<v)!JnAS*xY9lt$%`>IEd%hr>S<t&ir
z^7YT3?Rv<~O;5g&X>M*d%r$T#_ZV=YQ26B{&v-J7<@O+($&yf^@X$*hh0Wdu(*jD;
zjEBk?n^=)GeFt2gjmLAy15t^IRz@M)8u2SH=UWB%cH}e(J*>r(wRl!a$MRkH+wjMS
z{w&G={Sk}D(J<i|TfB~W{$I~_cI)xqp6zy5{Qo|l4mqNE&NAi9p+;80{`ZS0hR_}<
z4K4s1+3Bc=jG{<Wp5=mw5sPCuViAC$jFRCd$yiMD=o0Or%J(!0oeoLZQ0djz(~J$G
zPpHTw|Fz+hcS$@UJb|2&B$Bd>#8JY0$A5Wpc9QdqIUTaELPx&eKOte13CABs`4;@E
z$annyf3hw3SHBnyx8y(ir?^bE%7XedxF}NC`-Jn@7gwqC*zeN|=dquUQ|Iyjb2{Wb
z%_3e1a`^H<IDVS(KUk1EeiSmgrP5{m568b00T0>MUx*_vx&Dt2_Fld@@W<gYb<AG>
zyW2ZI*8RV_KXzB^|6ZPs4mqk<gAUvZP<M{AM?OLb*UIbP*R^D!@px6tX`V)b*osxs
zGn_dcnPy}8=&z2`>5$Xc|NG^!<D8$LPv|&yLY7LwC<!8lhu2D=RC%_u;-7x<Kk4Hh
z3S%V*3|3+bMLKZn`T052*r#ITJR*{OVk(}HA`NNIOe&zO79IB@O2Qrn%6>yrXUuXM
z(wz28oY$#fycT$ol(TfM@kB>4|2K<cPCoD~4qZh=r$Y{t+z5h>V};Gd_%4D_-RA~?
zNrkZ$<Z2WJBNEWWK<U68*(Hm4N)mR3<AEY5%!bDJZ|F^eD5&JjcbpfM;jB~u9RK4l
zMW4|$6=i7`_y&e!qZUpOq<U36{Nw{GxG;#rL0pKOWjb&$d{x~rqJs409Lt%=0q~0C
zJe5U!)MQ$im`9~heOx4YG-g#2rO@q1d~1WOzxd_oc*7?zfl4BO8K1}^=VQ32JAHjZ
z0w(!v6v(6VrkwXfI7!JC@kCBd`BSzR0`bt)=qGR;9Ayk{MMab|;W(a6ZrAVb{KN57
zdw1jy!ZY>jiNEdjSx%q)LzO}^I%cwq<RoEaz~h)-sS`y%W^m;%Ku@J72fd_G4ByZ|
z92Ymv8Zd$hc*?+lJd6ed1_rl+1)BKBkHNF?@ngrimPA3^kdP&^J6J~MJlEu98CQB<
z;&1s}lY>vGIshIfX_0?xdcNXw?Oc0HKex#8ZJxgjp?80-oojO5fN4ITGx}r}4z%Pv
zg<#~o4IXz+$zS-nCg=V+hMw0T3=i~a4x|<%W_0;ASsYgSJ{!|Q=-+rCVO7muIM>)W
zuo%<05C-o2JA3|C1L-_|3~{kmlF!3=R+7&Hd2Bvw2N9gfXs<~#0-h9vAf7=P3i1A?
z<8(sLZxw6te3J;q$j3vS?f3N#q{%qXH;fH~!v86<Z!8w5rZxxCiWfI!INJttekjBH
zZdzj?zgAep`xVQlJg{M^FjlJ#^T9l;4fBCKHlM8p^_$K<44<7IIq+U*<J9MGbueiR
zq!mH%0c@CmpMi89KSuoR)sFdKp4E=|KpvaXR-ox;iQ8?Awt}&Lk27)RV@@WwMDo{1
z&7<<`@9P~a?e}xs1V($BD({xn;pE{wD^~kJ9-GzH@!zL%Tghq{!Lz^LIoV3+`SKX~
z=bI&VpusF8V#JF$B&uhW|Bi0vW*Mn1V?n`^Jf7&xK}DWEe{@cG27>k%Z>nUq`!uEf
zD30=I#cdzZv*NZ7<gvMJV69c(iVRuWLn4!?2(~npqHPv|@qtNMGxz&e(%#=mgD_<v
zqXgW|o1?hIK<YBSUF-f%1L-_|{JuomS?!t+=2`8U59G0#?Hr_Ro7paa!v0O?CqC6P
z%0h7#{A4ju_j3)z2&NW*ghew(cp1k!ApsQtoj!q25YuMUGGixKQ5+ixbwbIAUuiRa
zE1Z!}P8cH}-`i0beqZnCs0`4K4KimStLSFurhjboWlS<Xjs`i*Ne0`jJe`UWm4`K!
zWjuqumBz6RME_L=^2<c5IA5$!zsWOiAnUNs=c<1`j38i=Iul3QE#_SNm}9o{3O2@s
z7y9g7z)X$6+fw&J3y7+m$8t*CdOnzeG|Nt7---s(*Q4*k0_4`uoPlhEJUu7Z%16j%
z5G)Zz_EiSsPOWPUq=f@n^3)lCFX!b%#8?l)uutHs0nE%k17t5E+W{cDQI2kJg75@!
zaOF&f&XV)kLWEJpYqtQ^t4p^X<XA+RSP8KY=UEA{59F~qZ3_rX`!;e-<^jjt`-E(N
zuF1Kvd_DimS;8*$0H-~Wd)A82KAdO8XCKI8^I4EAg<qt@jE1ZfVe7gAaxDeZnS!h+
zkH-q)<%+=@RW@*FCCK^Ya6ryWSz2+5b166)IarE^P+LCA_!XfE%D_?vg!dxnDR4<7
zolrbw+scAU1@*J0{$QOn&8zMP`3sz2fY1J#M=PWD2lTAi>;rjhHro<*Zkjl2!f0!_
zJ#tC22tYELF}1(x1=#ce-QOv{yyepz$XW=$w&q@wg#+4ugC<o7t!sd86(0YuFyzXp
zT{-WqcFYI!tai)?@>Go4)iRxr8FNiu>8rOoW(>0F`<sa~AH!%H0nJ)WE^9GIT*Od$
zOULY_7!0CMu;ZFPs~4J#d_1V+|9!oq3ltct>#Hi6+6MB1P38fOn1RIY@q&FH_s_NG
zP6KJ;HbHE`?_#uOH5Gu}PEr;`G$s*jBqA8GF%|MlhZq%RiB_1Qw_eX7B%h?LC#jB-
zp+iVm?wvjD;-`~aA<7kUKqN@a1DdnYA%uOR<1}VH5<)IN;*MhhFV3mzxWvn*Nob)d
z*d^;b)?^qZpByKr!+FK3a&kJfi|P8^UBByvtRK<D>u!75?i0sJi#R^waTLs@6*_w`
zAygHAWHOrI2OvkT?ZsDgBGyPWDCv-Wwx*(WuWhQJ1cK#|{BZD==SLY6EXmgtJtzs4
z1ko&`6Niu}XDWKbY)W+yhj>DSCOT1tNDges$9jCn30c3edbO|OK{R?mkqp;`(Lh}a
z!X089T`>7Yt{L_z&nStK0nf$?@>d~#3VSS6kO(=2_Y#oAX%a9jtj~H*$IL!^Vs$Ez
zp4Dm5k=;CHkUPX0Wny=@(;=$qND%^Sc8KMmR4yP46*9M<bm$C~o>=ZpzTF8BP{~0j
zF>v#mHw9mfxKL60O9FH9p2x+QRUO7Q$>BgxG1qf9iCxWGz#?^BL~{%yA?Xw(oX8Fh
z6ndzLcoHSU3dOGHIt~p2Cd3;avU%k0K}s^_VHpW!D&3Weju{O<WKquE!2pQpKXWTP
ziT=ZusNttqk>kkyU|zXLG#_CQK0T0Or6dC&J8L@YsiOwHQyC7`uN`7_Y^?)21bP67
z?f}5HRjrw`)y>MxT0owi(?~l2uHNFblxDYeJi)>**yIgO(<lM1Q7H@G8+>0?CLVb%
z*hEQ!ZBT;pW0XuILebCr0Kq-0uNBm;A+<wnVmpKw#kfqQ<IViSCaNbNKR!^cl~ff1
zoUA{f)*J%=62TG?0n|CHM6mv_0c#;bgQ9zr2tH;ckH$>M0<LHROL8c4=UkSbDQBCM
z3la6>D4(c$;gWR3qD<8LLh@@pwjEMNX2G6<_nzmqgA-$)+#Z>jAcBM1g=m^Co>dLt
zyOjP}FoSShj>YHCmYjwrIM<}V`;;YtiOzI$<5U_Qrg7O~-}f<S7)vgDCMK#zi$2;r
zIr;GJ_@x!>8<ZwLXMEgqZ0SmM<u7b<%m&pjGrG$@7@3Gn(<ITl^jVA3RIT!YO=i{z
zqU(|sV(d4q7=&77|2Z9P!eqL&ww|g>f96_}T&ZFM2)MxSP7hA}{8KJhmQ1F@B{%F0
zd(U;NrrDQnZ#OMW-&WOQnm})R+ublRp4v<p7pbqiM15VXZ^8KIa|7hw#Uc~N7sljp
zAQ{nsXMx-<xiI#q7-$wQ`6R1?%RI&u2ct2|aslHN@I>&KX^3=S!Ep=_+hjb!AYGo6
zJ!(Vs+;ul=z4_dAVXm*$lCCwaV@(7d8ir)8y@E%2iJ!?Lq^LS#0Dw-D&?l#5jJBZ2
zGNr+f3)XYYdSjnbp5??U=J})bi=xkhJci6ViaaP`MM?u^P*ls=Ks-+V5Im9OJ$FC*
zlGpjxJiKuwW21uYJ|&(PvVezd!)fb??yWkaYj;HV%XCEdD|AG+y(2Wb{adc!$%7G1
lhD<ol+pWF7P>7AyvwBv~>iI68{~rJV|Nn@mQ;7hM3;<LabW8vM

literal 0
HcmV?d00001

diff --git a/assets/index.yaml b/assets/index.yaml
index 606e7cda5..f844847fa 100644
--- a/assets/index.yaml
+++ b/assets/index.yaml
@@ -1,6 +1,35 @@
 apiVersion: v1
 entries:
   artifactory-ha:
+  - annotations:
+      catalog.cattle.io/certified: partner
+      catalog.cattle.io/release-name: artifactory-ha
+    apiVersion: v1
+    appVersion: 7.12.6
+    created: "2021-02-26T18:55:48.762534939Z"
+    dependencies:
+    - condition: postgresql.enabled
+      name: postgresql
+      repository: https://charts.bitnami.com/bitnami
+      version: 9.3.4
+    description: Universal Repository Manager supporting all major packaging formats, build tools and CI servers.
+    digest: 6f13240e67c292e0a7229b1e0b1d8389991e10850d629fab7bac34b7f702fa3c
+    home: https://www.jfrog.com/artifactory/
+    icon: https://raw.githubusercontent.com/jfrog/charts/master/stable/artifactory-ha/logo/artifactory-logo.png
+    keywords:
+    - artifactory
+    - jfrog
+    - devops
+    maintainers:
+    - email: installers@jfrog.com
+      name: Chart Maintainers at JFrog
+    name: artifactory-ha
+    sources:
+    - https://bintray.com/jfrog/product/JFrog-Artifactory-Pro/view
+    - https://github.com/jfrog/charts
+    urls:
+    - assets/artifactory-ha/artifactory-ha-4.7.600.tgz
+    version: 4.7.600
   - annotations:
       catalog.cattle.io/certified: partner
       catalog.cattle.io/release-name: artifactory-ha
@@ -550,4 +579,4 @@ entries:
     urls:
     - assets/sysdig/sysdig-1.9.200.tgz
     version: 1.9.200
-generated: "2021-02-25T22:46:37.810270792Z"
+generated: "2021-02-26T18:55:48.743664584Z"
diff --git a/charts/artifactory-ha/CHANGELOG.md b/charts/artifactory-ha/CHANGELOG.md
index 788bf661c..d39066f5a 100644
--- a/charts/artifactory-ha/CHANGELOG.md
+++ b/charts/artifactory-ha/CHANGELOG.md
@@ -1,5 +1,164 @@
 # JFrog Artifactory-ha Chart Changelog
-All changes to this chart will be documented in this file.
+All changes to this chart will be documented in this file
+
+## [4.7.6] - Jan 11, 2020
+* Updated Artifactory version to 7.12.6 - [Release Notes](https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.12.6)
+
+## [4.7.5] - Jan 07, 2020
+* Added support for optional tracker dedicated ingress `.Values.artifactory.replicator.trackerIngress.enabled` (defaults to false)
+
+## [4.7.4] - Jan 04, 2020
+* Fixed gid support for statefulset
+
+## [4.7.3] - Dec 31, 2020
+* Added gid support for statefulset
+* Add setSecurityContext flag to allow securityContext block to be removed from artifactory statefulset
+
+## [4.7.2] - Dec 29, 2020
+* **Important:** Removed `.Values.metrics` and `.Values.fluentd` (Fluentd and Prometheus integrations)
+* Add support for creating additional kubernetes resources - [refer here](https://github.com/jfrog/log-analytics-prometheus/blob/master/artifactory-ha-values.yaml)
+* Updated Artifactory version to 7.12.5
+
+## [4.7.1] - Dec 21, 2020
+* Updated Artifactory version to 7.12.3
+
+## [4.7.0] - Dec 18, 2020
+* Updated Artifactory version to 7.12.2
+* Added `.Values.artifactory.openMetrics.enabled`
+
+## [4.6.1] - Dec 11, 2020
+* Added configurable `.Values.global.versions.artifactory` in values.yaml
+
+## [4.6.0] - Dec 10, 2020
+* Update postgresql tag version to `12.5.0-debian-10-r25`
+* Fixed `artifactory.persistence.googleStorage.endpoint` from `storage.googleapis.com` to `commondatastorage.googleapis.com`
+* Updated chart maintainers email
+
+## [4.5.5] - Dec 4, 2020
+* **Important:** Renamed `.Values.systemYaml` to `.Values.systemYamlOverride`
+
+## [4.5.4] - Dec 1, 2020
+* Improve error message returned when attempting helm upgrade command
+
+## [4.5.3] - Nov 30, 2020
+* Updated Artifactory version to 7.11.5 - [Release Notes](https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.11)
+
+# [4.5.2] - Nov 23, 2020
+* Updated Artifactory version to 7.11.2 - [Release Notes](https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.11)
+* Updated port namings on services and pods to allow for istio protocol discovery
+* Change semverCompare checks to support hosted Kubernetes
+* Add flag to disable creation of ServiceMonitor when enabling prometheus metrics
+* Prevent the PostHook command to be executed if the user did not specify a command in the values file
+* Fix issue with tls file generation when nginx.https.enabled is false
+
+## [4.5.1] - Nov 19, 2020
+* Updated Artifactory version to 7.11.2
+* Bugfix - access.config.import.xml override Access Federation configurations
+
+## [4.5.0] - Nov 17, 2020
+* Updated Artifactory version to 7.11.1
+* Update alpine tag version to `3.12.1`
+
+## [4.4.6] - Nov 10, 2020
+* Pass system.yaml via external secret for advanced usecases
+* Added support for custom ingress
+* Bugfix - stateful set not picking up changes to database secrets
+
+## [4.4.5] - Nov 9, 2020
+* Updated Artifactory version to 7.10.6 - [Release Notes](https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.10.6)
+
+## [4.4.4] - Nov 2, 2020
+* Add enablePathStyleAccess property for aws-s3-v3 binary provider template
+
+## [4.4.3] - Nov 2, 2020
+* Updated Artifactory version to 7.10.5 - [Release Notes](https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.10.5)
+
+## [4.4.2] - Oct 22, 2020
+* Chown bug fix where Linux capability cannot chown all files causing log line warnings
+* Fix Frontend timeout linting issue
+
+## [4.4.1] - Oct 20, 2020
+* Add flag to disable prepare-custom-persistent-volume init container
+
+## [4.4.0] - Oct 19, 2020
+* Updated Artifactory version to 7.10.2 - [Release Notes](https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.10.2)
+
+## [4.3.4] - Oct 19, 2020
+* Add support to specify priorityClassName for nginx deployment
+
+## [4.3.3] - Oct 15, 2020
+* Fixed issue with node PodDisruptionBudget which also getting applied on the primary
+* Fix mandatory masterKey check issue when upgrading from 6.x to 7.x
+
+## [4.3.2] - Oct 14, 2020
+* Add support to allow more than 1 Primary in Artifactory-ha STS
+
+## [4.3.1] - Oct 9, 2020
+* Add global support for customInitContainersBegin
+
+## [4.3.0] - Oct 07, 2020
+* Updated Artifactory version to 7.9.1
+* **Breaking change:** Fix `storageClass` to correct `storageClassName` in values.yaml
+
+## [4.2.0] - Oct 5, 2020
+* Expose Prometheus metrics via a ServiceMonitor
+* Parse log files for metric data with Fluentd
+
+## [4.1.0] - Sep 30, 2020
+* Updated Artifactory version to 7.9.0 - [Release Notes](https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.9)
+
+## [4.0.12] - Sep 25, 2020
+* Update to use linux capability CAP_CHOWN instead of root base init container to avoid any use of root containers to pass Redhat security requirements
+
+## [4.0.11] - Sep 28, 2020
+* Setting chart coordinates in migitation yaml
+
+## [4.0.10] - Sep 25, 2020
+* Update filebeat version to `7.9.2`
+
+## [4.0.9] - Sep 24, 2020
+* Fixed broken issue - when setting `waitForDatabase:false` container startup still waits for DB
+
+## [4.0.8] - Sep 22, 2020
+* Updated readme
+
+## [4.0.7] - Sep 22, 2020
+* Fix lint issue in migitation yaml
+
+## [4.0.6] - Sep 22, 2020
+* Fix broken migitation yaml
+
+## [4.0.5] - Sep 21, 2020
+* Added mitigation yaml for Artifactory - [More info](https://github.com/jfrog/chartcenter/blob/master/docs/securitymitigationspec.md)
+
+## [4.0.4] - Sep 17, 2020
+* Added configurable session(UI) timeout in frontend microservice
+
+## [4.0.3] - Sep 17, 2020
+* Fix small typo in README and added proper required text to be shown while postgres upgrades
+
+## [4.0.2] - Sep 14, 2020
+* Updated Artifactory version to 7.7.8 - [Release Notes](https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.7.8)
+
+## [4.0.1] - Sep 8, 2020
+* Added support for artifactory pro license (single node) installation.
+
+## [4.0.0] - Sep 2, 2020
+* **Breaking change:** Changed `imagePullSecrets` value from string to list
+* **Breaking change:** Added `image.registry` and changed `image.version` to `image.tag` for docker images
+* Added support for global values
+* Updated maintainers in chart.yaml
+* Update postgresql tag version to `12.3.0-debian-10-r71`
+* Update postgresqlsub chart version to `9.3.4` - [9.x Upgrade Notes](https://github.com/bitnami/charts/tree/master/bitnami/postgresql#900)
+* **IMPORTANT**
+* If this is a new deployment or you already use an external database (`postgresql.enabled=false`), these changes **do not affect you**!
+* If this is an upgrade and you are using the default PostgreSQL (`postgresql.enabled=true`), you need to pass previous 9.x/10.x's postgresql.image.tag and databaseUpgradeReady=true.
+
+## [3.1.0] - Aug 13, 2020
+* Updated Artifactory version to 7.7.3 - [Release Notes](https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes#ArtifactoryReleaseNotes-Artifactory7.7)
+
+## [3.0.15] - Aug 10, 2020
+* Added enableSignedUrlRedirect for persistent storage type aws-s3-v3.
 
 ## [3.0.14] - Jul 31, 2020
 * Update the README section on Nginx SSL termination to reflect the actual YAML structure.
diff --git a/charts/artifactory-ha/Chart.yaml b/charts/artifactory-ha/Chart.yaml
index 04d28a751..1b66ed764 100644
--- a/charts/artifactory-ha/Chart.yaml
+++ b/charts/artifactory-ha/Chart.yaml
@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 7.6.3
+appVersion: 7.12.6
 description: Universal Repository Manager supporting all major packaging formats,
   build tools and CI servers.
 home: https://www.jfrog.com/artifactory/
@@ -9,21 +9,13 @@ keywords:
 - jfrog
 - devops
 maintainers:
-- email: amithk@jfrog.com
-  name: amithins
-- email: daniele@jfrog.com
-  name: danielezer
-- email: eldada@jfrog.com
-  name: eldada
-- email: ramc@jfrog.com
-  name: chukka
-- email: rimasm@jfrog.com
-  name: rimusz
+- email: installers@jfrog.com
+  name: Chart Maintainers at JFrog
 name: artifactory-ha
 sources:
 - https://bintray.com/jfrog/product/JFrog-Artifactory-Pro/view
 - https://github.com/jfrog/charts
-version: 3.0.1400
+version: 4.7.600
 annotations:
   catalog.cattle.io/certified: partner
   catalog.cattle.io/release-name: artifactory-ha
diff --git a/charts/artifactory-ha/README.md b/charts/artifactory-ha/README.md
index f9ad3619d..47fe4db80 100644
--- a/charts/artifactory-ha/README.md
+++ b/charts/artifactory-ha/README.md
@@ -1,5 +1,7 @@
 # JFrog Artifactory High Availability Helm Chart
 
+**Heads up: Our Helm Chart docs are moving to our main documentation site. For Artifactory installers, see [Installing Artifactory](https://www.jfrog.com/confluence/display/JFROG/Installing+Artifactory).**
+
 ## Prerequisites Details
 
 * Kubernetes 1.12+
@@ -19,7 +21,10 @@ The Artifactory HA cluster in this chart is made up of
 
 Load balancing is done to the member nodes only.
 This leaves the primary node free to handle jobs and tasks and not be interrupted by inbound traffic.
-> This can be controlled by the parameter `artifactory.service.pool`.
+This can be controlled by the parameter `artifactory.service.pool`.
+**NOTE:**
+ Using artifactory pro license (which supports single node only), set `artifactory.node.replicaCount=0` in values.yaml.
+ To scale from single node to multiple nodes(>1), use Enterprise(+) license and then do an helm upgrade (Each node need a seperate license).
 
 ## Installing the Chart
 
@@ -62,7 +67,7 @@ artifactory:
     <YOUR_SYSTEM_YAML_CONFIGURATION>
 ```
 
-### Deploying Artifactory for small/medium/large instllations
+### Deploying Artifactory for small/medium/large installations
 In the chart directory, we have added three values files, one for each installation type - small/medium/large. These values files are recommendations for setting resources requests and limits for your installation. The values are derived from the following [documentation](https://www.jfrog.com/confluence/display/EP/Installing+on+Kubernetes#InstallingonKubernetes-Systemrequirements). You can find them in the corresponding chart directory -  values-small.yaml, values-medium.yaml and values-large.yaml
 
 ### Accessing Artifactory
@@ -98,6 +103,10 @@ artifactory:
     enabled: true
     timeoutSeconds: 3600
 ```
+* Note: If you are upgrading from 1.x to 4.x and above chart versions, please delete the existing statefulset of postgresql before upgrading the chart due to breaking changes in postgresql subchart.
+```bash
+kubectl delete statefulsets <OLD_RELEASE_NAME>-postgresql
+```
 
 ### Artifactory memory and CPU resources
 The Artifactory HA Helm chart comes with support for configured resource requests and limits to all pods. By default, these settings are commented out.
@@ -334,6 +343,13 @@ Use this template if you want to attach an IAM role to the Artifactory pod direc
 ...
 ```
 
+To enable [Direct Cloud Storage Download](https://www.jfrog.com/confluence/display/JFROG/Direct+Cloud+Storage+Download#DirectCloudStorageDownload-1.ConfiguretheArtifactoryFilestore)
+```bash
+...
+--set artifactory.persistence.awsS3V3.enableSignedUrlRedirect=true \
+...
+```
+
 #### Microsoft Azure Blob Storage
 To use Azure Blob Storage as the cluster's filestore. See [Azure Blob Storage Binary Provider](https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore#ConfiguringtheFilestore-AzureBlobStorageClusterBinaryProvider)
 - Pass Azure Blob Storage parameters to `helm install` and `helm upgrade`
@@ -1217,11 +1233,11 @@ If you are running a load balancer, that is used to offload the TLS, in front of
 
 To enable it with `helm install`
 ```bash
-helm upgrade --install nginx-ingress --namespace nginx-ingress stable/nginx-ingress --set-string controller.config.use-forwarded-headers=true
+helm upgrade --install nginx-ingress --namespace nginx-ingress center/kubernetes-ingress-nginx/ingress-nginx --set-string controller.config.use-forwarded-headers=true
 ```
 or `helm upgrade`
 ```bash
-helm upgrade nginx-ingress --set-string controller.config.use-forwarded-headers=true stable/nginx-ingress
+helm upgrade nginx-ingress --set-string controller.config.use-forwarded-headers=true center/kubernetes-ingress-nginx/ingress-nginx
 ```
 or create a values.yaml file with the following content:
 ```yaml
@@ -1231,355 +1247,19 @@ controller:
 ```
 Then install nginx-ingress with the values file you created:
 ```bash
-helm upgrade --install nginx-ingress --namespace nginx-ingress stable/nginx-ingress -f values.yaml
+helm upgrade --install nginx-ingress --namespace nginx-ingress center/kubernetes-ingress-nginx/ingress-nginx -f values.yaml
 ```
 
-## Configuration
-The following table lists the configurable parameters of the artifactory chart and their default values.
+### Log Analytics
 
-|         Parameter            |           Description             |                         Default                       |
-|------------------------------|-----------------------------------|-------------------------------------------------------|
-| `imagePullSecrets`           | Docker registry pull secret       |                                                       |
-| `serviceAccount.create`   | Specifies whether a ServiceAccount should be created | `true`                                |
-| `serviceAccount.name`     | The name of the ServiceAccount to create             | Generated using the fullname template |
-| `serviceAccount.annotations`     | Artifactory service account annotations       | `` |
-| `rbac.create`             | Specifies whether RBAC resources should be created   | `true`                                |
-| `rbac.role.rules`         | Rules to create                   | `[]`                                                     |
-| `logger.image.repository` | repository for logger image       | `busybox`                                                |
-| `logger.image.tag`        | tag for logger image              | `1.30`                                                   |
-| `artifactory.name`                   | Artifactory name                     | `artifactory`                              |
-| `artifactory.image.pullPolicy`       | Container pull policy                | `IfNotPresent`                             |
-| `artifactory.image.repository`       | Container image                      | `docker.bintray.io/jfrog/artifactory-pro`  |
-| `artifactory.image.version`          | Container image tag                  | `.Chart.AppVersion`                        |
-| `artifactory.priorityClass.create`   | Create a PriorityClass object        | `false`                                    |
-| `artifactory.priorityClass.value`    | Priority Class value                 | `1000000000`                               |
-| `artifactory.priorityClass.name`     | Priority Class name                  | `{{ template "artifactory-ha.fullname" . }}` |
-| `artifactory.priorityClass.existingPriorityClass`      | Use existing priority class  | ``                               |
-| `artifactory.loggers`             | Artifactory loggers (see values.yaml for possible values) | `[]`                     |
-| `artifactory.loggersResources.requests.memory` | Artifactory loggers initial memory request                  |                          |
-| `artifactory.loggersResources.requests.cpu`    | Artifactory loggers initial cpu request     |                                          |
-| `artifactory.loggersResources.limits.memory`   | Artifactory loggers memory limit            |                                          |
-| `artifactory.loggersResources.limits.cpu`      | Artifactory loggers cpu limit               |                                          |
-| `artifactory.catalinaLoggers`     | Artifactory Tomcat loggers (see values.yaml for possible values) | `[]`              |
-| `artifactory.catalinaLoggersResources.requests.memory` | Artifactory Tomcat loggers initial memory request                  |                          |
-| `artifactory.catalinaLoggersResources.requests.cpu`    | Artifactory Tomcat loggers initial cpu request     |                                          |
-| `artifactory.catalinaLoggersResources.limits.memory`   | Artifactory Tomcat loggers memory limit            |                                          |
-| `artifactory.catalinaLoggersResources.limits.cpu`      | Artifactory Tomcat loggers cpu limit               |                                          |
-| `artifactory.customInitContainersBegin`| Custom init containers to run before existing init containers |                 |
-| `artifactory.customInitContainers`| Custom init containers to run after existing init containers |                       |
-| `artifactory.customSidecarContainers`| Custom sidecar containers            |                                            |
-| `artifactory.customVolumes`       | Custom volumes                    |                                                  |
-| `artifactory.customVolumeMounts`  | Custom Artifactory volumeMounts   |                                                  |
-| `artifactory.customPersistentPodVolumeClaim`  | Custom PVC spec to create and attach a unique PVC for each pod on startup with the volumeClaimTemplates feature in StatefulSet | |
-| `artifactory.customPersistentVolumeClaim`  | Custom PVC spec to be mounted to the all artifactory containers using a volume |                                                  |
-| `artifactory.customSecrets`       | Custom secrets                    |                                                     |
-| `artifactory.userPluginSecrets`   | Array of secret names for Artifactory user plugins |                                 |
-| `artifactory.masterKey`           | Artifactory master key. A 128-Bit key size (hexadecimal encoded) string (32 hex characters). Can be generated with `openssl rand -hex 32`. NOTE: This key can be generated only once and cannot be updated once created |``|
-| `artifactory.masterKeySecretName` | Artifactory Master Key secret name                     |                             |
-| `artifactory.joinKey`                | Join Key to connect other services to Artifactory. Can be generated with `openssl rand -hex 32`  | ``   |
-| `artifactory.joinKeySecretName`            | Artifactory join Key secret name |                                                                    |
-| `artifactory.admin.ip`                     | Artifactory admin ip to be set upon startup, can use (*) for 0.0.0.0| `127.0.0.1`                                  |
-| `artifactory.admin.username`               | Artifactory admin username to be set upon startup| `admin`                                       |
-| `artifactory.admin.password`               | Artifactory admin password to be set upon startup|                                               |
-| `artifactory.admin.secret`                 | Artifactory admin secret name |                                                                    |
-| `artifactory.admin.dataKey`                | Artifactory admin secret data key |                                                                    |
-| `artifactory.preStartCommand`                    | Command to run before entrypoint starts |                             |
-| `artifactory.postStartCommand`                   | Command to run after container starts. Supports templating with `tpl`   |                             |
-| `artifactory.license.licenseKey` | Artifactory license key. Providing the license key as a parameter will cause a secret containing the license key to be created as part of the release. Use either this setting or the license.secret and license.dataKey. If you use both, the latter will be used.  |           |
-| `artifactory.configMaps` | configMaps to be created as volume by the name `artifactory-configmaps`. In order to use these configMaps, you will need to add `customVolumeMounts` to point to the created volume and mount it onto a container |           |
-| `artifactory.license.secret` | Artifactory license secret name              |                                            |
-| `artifactory.license.dataKey`| Artifactory license secret data key          |                                            |
-| `artifactory.service.name`   | Artifactory service name to be set in Nginx configuration | `artifactory`                 |
-| `artifactory.service.type`   | Artifactory service type                                  | `ClusterIP`                   |
-| `artifactory.service.clusterIP`| Specific cluster IP or `None` for headless services     | `nil`                         |
-| `artifactory.service.loadBalancerSourceRanges`| Artifactory service array of IP CIDR ranges to whitelist (only when service type is LoadBalancer) |  |
-| `artifactory.service.annotations` | Artifactory service annotations           | `{}`                            |
-| `artifactory.service.pool`   | Artifactory instances to be in the load balancing pool. `members` or `all` | `members`    |
-| `artifactory.externalPort`   | Artifactory service external port                         | `8082`                        |
-| `artifactory.internalPort`   | Artifactory service internal port (**DO NOT** use port lower than 1024)                         | `8082`                        |
-| `artifactory.internalArtifactoryPort` | Artifactory service internal port (**DO NOT** use port lower than 1024) | `8081`                                                  |
-| `artifactory.externalArtifactoryPort` | Artifactory service external port | `8081`                                                  |
-| `artifactory.extraEnvironmentVariables`          | Extra environment variables to pass to Artifactory. Supports evaluating strings as templates via the [`tpl`](https://helm.sh/docs/charts_tips_and_tricks/#using-the-tpl-function) function. See [documentation](https://www.jfrog.com/confluence/display/RTF/Installing+with+Docker#InstallingwithDocker-SupportedEnvironmentVariables) |   |
-| `artifactory.livenessProbe.enabled`              | Enable liveness probe                     |  `true`                                               |
-| `artifactory.livenessProbe.path`                 | liveness probe HTTP Get path              |  `/router/api/v1/system/health`                        |
-| `artifactory.livenessProbe.initialDelaySeconds`  | Delay before liveness probe is initiated  | 180                                                   |
-| `artifactory.livenessProbe.periodSeconds`        | How often to perform the probe            | 10                                                    |
-| `artifactory.livenessProbe.timeoutSeconds`       | When the probe times out                  | 10                                                    |
-| `artifactory.livenessProbe.successThreshold`     | Minimum consecutive successes for the probe to be considered successful after having failed. | 1  |
-| `artifactory.livenessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `artifactory.readinessProbe.enabled`              | would you like a readinessProbe to be enabled           |  `true`                                |
-| `artifactory.readinessProbe.path`                      | readiness probe HTTP Get path                           |  `/router/api/v1/system/health`           |
-| `artifactory.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | 60                                                    |
-| `artifactory.readinessProbe.periodSeconds`       | How often to perform the probe            | 10                                                    |
-| `artifactory.readinessProbe.timeoutSeconds`      | When the probe times out                  | 10                                                    |
-| `artifactory.readinessProbe.successThreshold`    | Minimum consecutive successes for the probe to be considered successful after having failed. | 1  |
-| `artifactory.readinessProbe.failureThreshold`    | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `artifactory.copyOnEveryStartup`     | List of files to copy on startup from source (which is absolute) to target (which is relative to ARTIFACTORY_HOME   |  |
-| `artifactory.deleteDBPropertiesOnStartup`    | Whether to delete the ARTIFACTORY_HOME/etc/db.properties file on startup. Disabling this will remove the ability for the db.properties to be updated with any DB-related environment variables change (e.g. DB_HOST, DB_URL)  | `true` |
-| `artifactory.database.maxOpenConnections`         | Maximum amount of open connections from Artifactory to the DB   | `80` |
-| `artifactory.haDataDir.enabled`         | Enable haDataDir for eventual storage in the HA cluster   | `false` |
-| `artifactory.haDataDir.path`         | Path to the directory intended for use with NFS eventual configuration for HA   | |
-| `artifactory.haBackupDir.enabled`         | Enable haBackupDir for eventual storage in the HA cluster   | `false` |
-| `artifactory.haBackupDir.path`         | Path to the directory intended for use with NFS eventual configuration for HA   | |
-| `artifactory.haBackupDir.enabled`         | Enable haBackupDir for eventual storage in the HA cluster   | `false` |
-| `artifactory.haBackupDir.path`         | Path to the directory intended for use with NFS eventual configuration for HA   | |
-| `artifactory.migration.timeoutSeconds`          | Artifactory migration Maximum Time out in seconds| `3600`       |
-| `artifactory.migration.enabled`          | Artifactory migration enabled or disabled   | `true`       |
-| `artifactory.persistence.mountPath`    | Artifactory persistence volume mount path           | `"/var/opt/jfrog/artifactory"`  |
-| `artifactory.persistence.enabled`      | Artifactory persistence volume enabled              | `true`                          |
-| `artifactory.persistence.accessMode`   | Artifactory persistence volume access mode          | `ReadWriteOnce`                 |
-| `artifactory.persistence.size`         | Artifactory persistence or local volume size        | `200Gi`                         |
-| `artifactory.persistence.binarystore.enabled` | whether you want to mount the binarystore.xml file from a secret created by the chart. If `false` you will need need to get the binarystore.xml file into the file-system from either an `initContainer` or using a `preStartCommand`             | `true`                    |
-| `artifactory.persistence.binarystoreXml` | Artifactory binarystore.xml template              | See `values.yaml`               |
-| `artifactory.persistence.customBinarystoreXmlSecret` | A custom Secret for binarystore.xml   | ``                              |
-| `artifactory.persistence.maxCacheSize` | Artifactory cache-fs provider maxCacheSize in bytes | `50000000000`                   |
-| `artifactory.persistence.cacheProviderDir` | the root folder of binaries for the filestore cache. If the value specified starts with a forward slash ("/") it is considered the fully qualified path to the filestore folder. Otherwise, it is considered relative to the *baseDataDir*. | `cache`                   |
-| `artifactory.persistence.type`         | Artifactory HA storage type                         | `file-system`                   |
-| `artifactory.persistence.redundancy`   | Artifactory HA storage redundancy                   | `3`                             |
-| `artifactory.persistence.nfs.ip`            | NFS server IP                        |                                     |
-| `artifactory.persistence.nfs.haDataMount`   | NFS data directory                   | `/data`                             |
-| `artifactory.persistence.nfs.haBackupMount` | NFS backup directory                 | `/backup`                           |
-| `artifactory.persistence.nfs.dataDir`       | HA data directory                    | `/var/opt/jfrog/artifactory-ha`     |
-| `artifactory.persistence.nfs.backupDir`     | HA backup directory                  | `/var/opt/jfrog/artifactory-backup` |
-| `artifactory.persistence.nfs.capacity`      | NFS PVC size                         | `200Gi`                             |
-| `artifactory.persistence.nfs.mountOptions`            | NFS mount options | `[]`                                    |
-| `artifactory.persistence.eventual.numberOfThreads`  | Eventual number of threads   | `10`                                |
-| `artifactory.persistence.googleStorage.endpoint`    | Google Storage API endpoint| `storage.googleapis.com`             |
-| `artifactory.persistence.googleStorage.httpsOnly`   | Google Storage API has to be consumed https only| `false`             |
-| `artifactory.persistence.googleStorage.bucketName`  | Google Storage bucket name          | `artifactory-ha`             |
-| `artifactory.persistence.googleStorage.identity`    | Google Storage service account id   |                              |
-| `artifactory.persistence.googleStorage.credential`  | Google Storage service account key  |                              |
-| `artifactory.persistence.googleStorage.path`        | Google Storage path in bucket       | `artifactory-ha/filestore`   |
-| `artifactory.persistence.googleStorage.bucketExists`| Google Storage bucket exists therefore does not need to be created.| `false`             |
-| `artifactory.persistence.awsS3.bucketName`          | AWS S3 bucket name                     | `artifactory-ha`             |
-| `artifactory.persistence.awsS3.endpoint`            | AWS S3 bucket endpoint                 | See https://docs.aws.amazon.com/general/latest/gr/rande.html |
-| `artifactory.persistence.awsS3.region`              | AWS S3 bucket region                   |                              |
-| `artifactory.persistence.awsS3.roleName`            | AWS S3 IAM role name                   |                             |
-| `artifactory.persistence.awsS3.identity`            | AWS S3 AWS_ACCESS_KEY_ID               |                              |
-| `artifactory.persistence.awsS3.credential`          | AWS S3 AWS_SECRET_ACCESS_KEY           |                              |
-| `artifactory.persistence.awsS3.properties`          | AWS S3 additional properties           |                              |
-| `artifactory.persistence.awsS3.path`                | AWS S3 path in bucket                  | `artifactory-ha/filestore`   |
-| `artifactory.persistence.awsS3.refreshCredentials`  | AWS S3 renew credentials on expiration | `true` (When roleName is used, this parameter will be set to true) |
-| `artifactory.persistence.awsS3.httpsOnly`  | AWS S3 https access to the bucket only | `true` |
-| `artifactory.persistence.awsS3.testConnection`      | AWS S3 test connection on start up     | `false`                      |
-| `artifactory.persistence.awsS3.s3AwsVersion`        | AWS S3 signature version               | `AWS4-HMAC-SHA256`           |
-| `artifactory.persistence.awsS3V3.testConnection`        | AWS S3 test connection on start up               | `false`                      |
-| `artifactory.persistence.awsS3V3.identity`            | AWS S3 AWS_ACCESS_KEY_ID               |                              |
-| `artifactory.persistence.awsS3V3.credential`          | AWS S3 AWS_SECRET_ACCESS_KEY           |                              |
-| `artifactory.persistence.awsS3V3.region`        | AWS S3 bucket region               |                       |
-| `artifactory.persistence.awsS3V3.bucketName`        | AWS S3 bucket name               | `artifactory-aws`                      |
-| `artifactory.persistence.awsS3V3.path`                | AWS S3 path in bucket                  | `artifactory/filestore`   |
-| `artifactory.persistence.awsS3V3.endpoint`            | AWS S3 bucket endpoint                 | See https://docs.aws.amazon.com/general/latest/gr/rande.html |
-| `artifactory.persistence.awsS3V3.maxConnections`            | AWS S3 bucket maxConnections                | `50` |
-| `artifactory.persistence.awsS3V3.kmsServerSideEncryptionKeyId`        | AWS S3 encryption key ID or alias  |              |
-| `artifactory.persistence.awsS3V3.kmsKeyRegion`        | AWS S3 KMS Key region  |              |
-| `artifactory.persistence.awsS3V3.kmsCryptoMode`        | AWS S3 KMS encryption mode  | See https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore#ConfiguringtheFilestore-AmazonS3OfficialSDKTemplate |
-| `artifactory.persistence.awsS3V3.useInstanceCredentials`        | AWS S3 Use default authentication mechanism  | See https://www.jfrog.com/confluence/display/RTF/Configuring+the+Filestore#ConfiguringtheFilestore-authentication             |
-| `artifactory.persistence.awsS3V3.usePresigning`        | AWS S3 Use URL signing  | `false`            |
-| `artifactory.persistence.awsS3V3.signatureExpirySeconds`        | AWS S3 Validity period in seconds for signed URLs  | `300`            |
-| `artifactory.persistence.awsS3V3.cloudFrontDomainName`        | AWS CloudFront domain name  | See https://www.jfrog.com/confluence/display/RTF/Direct+Cloud+Storage+Download#DirectCloudStorageDownload-UsingCloudFront(Optional)|
-| `artifactory.persistence.awsS3V3.cloudFrontKeyPairId`        | AWS CloudFront key pair ID  | See https://www.jfrog.com/confluence/display/RTF/Direct+Cloud+Storage+Download#DirectCloudStorageDownload-UsingCloudFront(Optional)|
-| `artifactory.persistence.awsS3V3.cloudFrontPrivateKey`        | AWS CloudFront private key  | See https://www.jfrog.com/confluence/display/RTF/Direct+Cloud+Storage+Download#DirectCloudStorageDownload-UsingCloudFront(Optional)|
-| `artifactory.persistence.azureBlob.accountName`     | Azure Blob Storage account name        | ``                        |
-| `artifactory.persistence.azureBlob.accountKey`      | Azure Blob Storage account key         | ``                        |
-| `artifactory.persistence.azureBlob.endpoint`        | Azure Blob Storage endpoint            | ``                        |
-| `artifactory.persistence.azureBlob.containerName`   | Azure Blob Storage container name      | ``                        |
-| `artifactory.persistence.azureBlob.testConnection`  | Azure Blob Storage test connection     | `false`                   |
-| `artifactory.persistence.fileSystem.existingSharedClaim`  | Enable using an existing shared pvc | `false`                             |
-| `artifactory.persistence.fileStorage.dataDir`             | HA data directory                   | `/var/opt/jfrog/artifactory/artifactory-data`     |
-| `artifactory.persistence.fileStorage.backupDir`           | HA backup directory                 | `/var/opt/jfrog/artifactory-backup` |
-| `artifactory.javaOpts.other`                        | Artifactory additional java options (for all nodes) |              |
-| `artifactory.replicator.enabled`                | Enable the Replicator service (relevant for Enterprise+ only)            | `false`  |
-| `artifactory.ssh.enabled`                       | Enable Artifactory SSH access     |                                      |
-| `artifactory.ssh.internalPort`                  | Artifactory SSH internal port     | `1339`                                      |
-| `artifactory.ssh.externalPort`                  | Artifactory SSH external port     | `1339`                                     |
-| `artifactory.primary.preStartCommand`           | Artifactory primary node preStartCommand to be run after `artifactory.preStartCommand`         |                     |
-| `artifactory.primary.labels`                    | Artifactory primary node labels                  | `{}`                |
-| `artifactory.primary.resources.requests.memory` | Artifactory primary node initial memory request  |                     |
-| `artifactory.primary.resources.requests.cpu`    | Artifactory primary node initial cpu request     |                     |
-| `artifactory.primary.resources.limits.memory`   | Artifactory primary node memory limit            |                     |
-| `artifactory.primary.resources.limits.cpu`      | Artifactory primary node cpu limit               |                     |
-| `artifactory.primary.javaOpts.xms`              | Artifactory primary node java Xms size           |                     |
-| `artifactory.primary.javaOpts.xmx`              | Artifactory primary node java Xms size           |                     |
-| `artifactory.primary.javaOpts.corePoolSize` | The number of async processes that can run in parallel in the primary node - https://jfrog.com/knowledge-base/how-do-i-tune-artifactory-for-heavy-loads/  |   `16` |
-| `artifactory.primary.javaOpts.jmx.enabled`              | Enable JMX monitoring           |  `false`                                        |
-| `artifactory.primary.javaOpts.jmx.port`              | JMX Port number            |  `9010`                                        |
-| `artifactory.primary.javaOpts.jmx.host`              | JMX hostname (parsed as a helm template)   |  `{{ template "artifactory-ha.primary.name" $ }}` |
-| `artifactory.primary.javaOpts.jmx.ssl`              | Enable SSL           |  `false` |
-| `artifactory.primary.javaOpts.jmx.authenticate`              | Enable JMX authentication           |  `false` |
-| `artifactory.primary.javaOpts.jmx.accessFile`              | The path to the JMX access file, when JMX authentication is enabled           | |
-| `artifactory.primary.javaOpts.jmx.passwordFile`              | The path to the JMX password file, when JMX authentication is enabled           | |
-| `artifactory.primary.javaOpts.other`            | Artifactory primary node additional java options |                     |
-| `artifactory.primary.persistence.existingClaim` | Whether to use an existing pvc for the primary node | `false`            |
-| `artifactory.node.preStartCommand`              | Artifactory member node preStartCommand to be run after `artifactory.preStartCommand`          |                     |
-| `artifactory.node.labels`                       | Artifactory member node labels                   | `{}`                |
-| `artifactory.node.replicaCount`                 | Artifactory member node replica count            | `2`                 |
-| `artifactory.node.minAvailable`                 | Artifactory member node min available count      | `1`                 |
-| `artifactory.node.resources.requests.memory`    | Artifactory member node initial memory request   |                     |
-| `artifactory.node.resources.requests.cpu`       | Artifactory member node initial cpu request      |                     |
-| `artifactory.node.resources.limits.memory`      | Artifactory member node memory limit             |                     |
-| `artifactory.node.resources.limits.cpu`         | Artifactory member node cpu limit                |                     |
-| `artifactory.node.javaOpts.xms`                 | Artifactory member node java Xms size            |                     |
-| `artifactory.node.javaOpts.xmx`                 | Artifactory member node java Xms size            |                     |
-| `artifactory.node.javaOpts.corePoolSize` | The number of async processes that can run in parallel in the member nodes - https://jfrog.com/knowledge-base/how-do-i-tune-artifactory-for-heavy-loads/  |   `16` |
-| `artifactory.node.javaOpts.jmx.enabled`              | Enable JMX monitoring           |  `false`                                        |
-| `artifactory.node.javaOpts.jmx.port`              | JMX Port number            |  `9010`                                        |
-| `artifactory.node.javaOpts.jmx.host`              | JMX hostname (parsed as a helm template)           |  `{{ template "artifactory-ha.fullname" $ }}` |
-| `artifactory.node.javaOpts.jmx.ssl`              | Enable SSL           |  `false` |
-| `artifactory.node.javaOpts.jmx.authenticate`              | Enable JMX authentication           |  `false` |
-| `artifactory.node.javaOpts.jmx.accessFile`              | The path to the JMX access file, when JMX authentication is enabled           | |
-| `artifactory.node.javaOpts.jmx.passwordFile`              | The path to the JMX password file, when JMX authentication is enabled           | |
-| `artifactory.node.javaOpts.other`               | Artifactory member node additional java options  |                     |
-| `artifactory.node.persistence.existingClaim`    | Whether to use existing PVCs for the member nodes | `false`            |
-| `artifactory.terminationGracePeriodSeconds`     | Termination grace period (seconds)               | `30s`               |
-| `artifactory.node.waitForPrimaryStartup.enabled`    | Whether to wait for the primary node to start before starting up the member nodes | `false`            |
-| `artifactory.node.waitForPrimaryStartup.time`    | The amount of time to wait for the primary node to start before starting up the member nodes | `60`            |
-| `artifactory.tomcat.connector.maxThreads`         | The max number of connections to Artifactory connector   | `200` |
-| `artifactory.tomcat.connector.extraConfig`         | The max queue length for incoming connections to Artifactory connector  | `'acceptCount="100"'` |
-| `artifactory.systemYaml`                      | Artifactory system configuration (`system.yaml`) as described here - https://www.jfrog.com/confluence/display/JFROG/Artifactory+System+YAML  | `see values.yaml`    |
-| `artifactory.primary.affinity` | Artifactory primary node affinity | `{}` |
-| `artifactory.node.affinity` | Artifactory member node affinity | `{}` |
-| `access.database.maxOpenConnections`                      | Maximum amount of open connections from Access to the DB  | `80`    |
-| `access.tomcat.connector.maxThreads`         | The max number of connections to Aceess connector   | `50` |
-| `access.tomcat.connector.extraConfig`         | The max queue length for incoming connections to Access connector  | `'acceptCount="100"'` |
-| `initContainers.resources.requests.memory`    | Init containers initial memory request   |                     |
-| `initContainers.resources.requests.cpu`       | Init containers initial cpu request      |                     |
-| `initContainers.resources.limits.memory`      | Init containers memory limit             |                     |
-| `initContainers.resources.limits.cpu`         | Init containers cpu limit                |                     |
-| `ingress.enabled`           | If true, Artifactory Ingress will be created | `false`                                     |
-| `ingress.annotations`       | Artifactory Ingress annotations     | `{}`                                                 |
-| `ingress.labels`       | Artifactory Ingress labels     | `{}`                                                           |
-| `ingress.hosts`             | Artifactory Ingress hostnames       | `[]`                                                 |
-| `ingress.routerPath`              | Router Ingress path            | `/`                                                  |
-| `ingress.artifactoryPath`              | Artifactory Ingress path            | `/artifactory`                                                  |
-| `ingress.tls`               | Artifactory Ingress TLS configuration (YAML) | `[]`                                        |
-| `ingress.defaultBackend.enabled` | If true, the default `backend` will be added using serviceName and servicePort | `true` |
-| `ingress.annotations`       | Ingress annotations, which are written out if annotations section exists in values. Everything inside of the annotations section will appear verbatim inside the resulting manifest. See `Ingress annotations` section below for examples of how to leverage the annotations, specifically for how to enable docker authentication. |  |
-| `ingress.additionalRules`       | Ingress additional rules to be added to the Artifactory ingress. | `[]`  |
-| `metadata.database.maxOpenConnections`                      | Maximum amount of open connections from metadata to the DB  | `80`    |
-| `nginx.enabled`             | Deploy nginx server                      | `true`                                          |
-| `nginx.kind`                | Nginx object kind, for example `DaemonSet`, `Deployment` or `StatefulSet`                  | `Deployment`                                          |
-| `nginx.name`                | Nginx name                        | `nginx`                                                |
-| `nginx.replicaCount`        | Nginx replica count               | `1`                                                    |
-| `nginx.uid`                 | Nginx User Id                     | `104`                                                  |
-| `nginx.gid`                 | Nginx Group Id                    | `107`                                                  |
-| `nginx.image.repository`    | Container image                   | `docker.bintray.io/jfrog/nginx-artifactory-pro`        |
-| `nginx.image.version`       | Container version                 | `.Chart.AppVersion`                                    |
-| `nginx.image.pullPolicy`    | Container pull policy             | `IfNotPresent`                                         |
-| `nginx.labels`              | Nginx deployment labels           | `{}`                                                   |
-| `nginx.minAvailable`                 | Nginx node min available count      | `0`                 |
-| `nginx.loggers`        | Nginx loggers (see values.yaml for possible values) | `[]`                           |
-| `nginx.loggersResources.requests.memory` | Nginx logger initial memory request                  |                          |
-| `nginx.loggersResources.requests.cpu`    | Nginx logger initial cpu request     |                                          |
-| `nginx.loggersResources.limits.memory`   | Nginx logger memory limit            |                                          |
-| `nginx.loggersResources.limits.cpu`      | Nginx logger cpu limit               |                                          |
-| `nginx.logs.stderr`      | Send nginx logs to stderr               |        false                                  |
-| `nginx.logs.level`      | Nginx log level: debug, info, notice, warn, error, crit, alert, or emerg               |        warn                                  |
-| `nginx.mainConf`        | Content of the Artifactory nginx main nginx.conf config file | `see values.yaml`                           |
-| `nginx.artifactoryConf`        | Content of Artifactory nginx artifactory.conf config file | `see values.yaml`                           |
-| `nginx.service.type`        | Nginx service type                | `LoadBalancer`                                         |
-| `nginx.service.clusterIP`   | Specific cluster IP or `None` for headless services     | `nil`                         |
-| `nginx.service.loadBalancerSourceRanges`| Nginx service array of IP CIDR ranges to whitelist (only when service type is LoadBalancer) |        |
-| `nginx.service.labels`       | Nginx service labels     | `{}`                                                           |
-| `nginx.service.annotations` | Nginx service annotations           | `{}`                            |
-| `nginx.service.ssloffload`  | Nginx service SSL offload           |  false                          |
-| `nginx.service.externalTrafficPolicy`| Nginx service desires to route external traffic to node-local or cluster-wide endpoints. | `Cluster` |
-| `nginx.loadBalancerIP`| Provide Static IP to configure with Nginx |                                 |
-| `nginx.http.enabled` | Nginx http service enabled/disabled            | true                            |
-| `nginx.http.externalPort` | Nginx service external port            | `80`                            |
-| `nginx.http.internalPort` | Nginx service internal port            | `80`                            |
-| `nginx.https.enabled` | Nginx http service enabled/disabled            | true                            |
-| `nginx.https.externalPort` | Nginx service external port           | `443`                           |
-| `nginx.https.internalPort` | Nginx service internal port           | `443`                           |
-| `nginx.ssh.internalPort`        | Nginx SSH internal port          | `22`                            |
-| `nginx.ssh.externalPort`        | Nginx SSH external port          | `22`                            |
-| `nginx.externalPortHttp` | DEPRECATED: Nginx service external port            | `80`                            |
-| `nginx.internalPortHttp` | DEPRECATED: Nginx service internal port            | `80`                            |
-| `nginx.externalPortHttps` | DEPRECATED: Nginx service external port           | `443`                           |
-| `nginx.internalPortHttps` | DEPRECATED: Nginx service internal port           | `443`                           |
-| `nginx.livenessProbe.enabled`              | would you like a liveness Probe to be enabled          |  `true`                                  |
-| `nginx.livenessProbe.path`                 | liveness probe HTTP Get path              |  `/router/api/v1/system/health`                    |
-| `nginx.livenessProbe.initialDelaySeconds`  | Delay before liveness probe is initiated  | 100                                                   |
-| `nginx.livenessProbe.periodSeconds`        | How often to perform the probe            | 10                                                    |
-| `nginx.livenessProbe.timeoutSeconds`       | When the probe times out                  | 10                                                    |
-| `nginx.livenessProbe.successThreshold`     | Minimum consecutive successes for the probe to be considered successful after having failed. | 1  |
-| `nginx.livenessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `nginx.readinessProbe.enabled`             | would you like a readinessProbe to be enabled           |  `true`                                 |
-| `nginx.readinessProbe.path`                     | Readiness probe HTTP Get path                           |  `/router/api/v1/system/health` |
-| `nginx.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | 60                                                    |
-| `nginx.readinessProbe.periodSeconds`       | How often to perform the probe            | 10                                                    |
-| `nginx.readinessProbe.timeoutSeconds`      | When the probe times out                  | 10                                                    |
-| `nginx.readinessProbe.successThreshold`    | Minimum consecutive successes for the probe to be considered successful after having failed. | 1  |
-| `nginx.readinessProbe.failureThreshold`    | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `nginx.tlsSecretName` |  SSL secret that will be used by the Nginx pod |                                                 |
-| `nginx.customConfigMap`           | Nginx CustomeConfigMap name for `nginx.conf` | ` `                                   |
-| `nginx.customArtifactoryConfigMap`| Nginx CustomeConfigMap name for `artifactory-ha.conf` | ` `                          |
-| `nginx.resources.requests.memory` | Nginx initial memory request               | `250Mi`                                 |
-| `nginx.resources.requests.cpu`    | Nginx initial cpu request                  | `100m`                                  |
-| `nginx.resources.limits.memory`   | Nginx memory limit                         | `250Mi`                                 |
-| `nginx.resources.limits.cpu`      | Nginx cpu limit                            | `500m`                                  |
-| `nginx.persistence.mountPath` | Nginx persistence volume mount path | `"/var/opt/jfrog/nginx"`                           |
-| `nginx.persistence.enabled` | Nginx persistence volume enabled. This is only available when the nginx.replicaCount is set to 1 | `false`                                                  |
-| `nginx.persistence.accessMode` | Nginx persistence volume access mode | `ReadWriteOnce`                                  |
-| `nginx.persistence.size` | Nginx persistence volume size | `5Gi`                                                         |
-| `waitForDatabase`                 | Wait for database (using wait-for-db init container)  | `true`                       |
-| `postgresql.enabled`              | Use enclosed PostgreSQL as database        | `true`                                  |
-| `postgresql.image.registry`       | PostgreSQL image registry                  | `docker.bintray.io`                     |
-| `postgresql.image.repository`     | PostgreSQL image repository                | `bitnami/postgresql`                    |
-| `postgresql.image.tag`            | PostgreSQL image tag                       | `9.6.18-debian-10-r7`                  |
-| `postgresql.postgresqlDatabase`   | PostgreSQL database name                   | `artifactory`                           |
-| `postgresql.postgresqlUsername`   | PostgreSQL database user                   | `artifactory`                           |
-| `postgresql.postgresqlPassword`   | PostgreSQL database password               |                                         |
-| `postgresql.postgresqlExtendedConf.listenAddresses` | PostgreSQL listen address            | `"'*'"`                     |
-| `postgresql.postgresqlExtendedConf.maxConnections`  | PostgreSQL max_connections parameter | `1500`                       |
-| `postgresql.persistence.enabled`  | PostgreSQL use persistent storage          | `true`                                  |
-| `postgresql.persistence.size`     | PostgreSQL persistent storage size         | `50Gi`                                  |
-| `postgresql.service.port`         | PostgreSQL database port                   | `5432`                                  |
-| `postgresql.resources.requests.memory`    | PostgreSQL initial memory request  |                                         |
-| `postgresql.resources.requests.cpu`       | PostgreSQL initial cpu request     |                                         |
-| `postgresql.resources.limits.memory`      | PostgreSQL memory limit            |                                         |
-| `postgresql.resources.limits.cpu`         | PostgreSQL cpu limit               |                                         |
-| `postgresql.master.nodeSelector`          | PostgreSQL master node selector    | `{}`                               |
-| `postgresql.master.affinity`              | PostgreSQL master node affinity    | `{}`                               |
-| `postgresql.master.tolerations`           | PostgreSQL master node tolerations | `[]`                               |
-| `postgresql.slave.nodeSelector`           | PostgreSQL slave node selector     | `{}`                               |
-| `postgresql.slave.affinity`               | PostgreSQL slave node affinity     | `{}`                               |
-| `postgresql.slave.tolerations`            | PostgreSQL slave node tolerations  | `[]`                               |
-| `database.type`                  | External database type (`postgresql`, `mysql`, `oracle` or `mssql`)  |                       |
-| `database.driver`                | External database driver e.g. `org.postgresql.Driver`  |                       |
-| `database.url`                   | External database connection URL                   |                                         |
-| `database.user`                  | External database username                         |                                         |
-| `database.password`              | External database password                         |                                         |
-| `database.secrets.user.name`     | External database username `Secret` name           |                                         |
-| `database.secrets.user.key`      | External database username `Secret` key            |                                         |
-| `database.secrets.password.name` | External database password `Secret` name           |                                         |
-| `database.secrets.password.key`  | External database password `Secret` key            |                                         |
-| `database.secrets.url.name     ` | External database url `Secret` name                |                                         |
-| `database.secrets.url.key`       | External database url `Secret` key                 |                                         |
-| `networkpolicy.name`             | Becomes part of the NetworkPolicy object name                                  | `artifactory`                           |
-| `networkpolicy.podselector`      | Contains the YAML that specifies how to match pods. Usually using matchLabels. |                                         |
-| `networkpolicy.ingress`          | YAML snippet containing to & from rules applied to incoming traffic            | `- {}` (open to all inbound traffic)    |
-| `networkpolicy.egress`           | YAML snippet containing to & from rules applied to outgoing traffic            | `- {}` (open to all outbound traffic)   |
-| `filebeat.enabled`           | Enable a filebeat container to send your logs to a log management solution like ELK            | `false`   |
-| `filebeat.name`           | filebeat container name            | `artifactory-filebeat`   |
-| `filebeat.image.repository`           | filebeat Docker image repository            | `docker.elastic.co/beats/filebeat`   |
-| `filebeat.image.version`           | filebeat Docker image version            | `7.5.1`   |
-| `filebeat.logstashUrl`           | The URL to the central Logstash service, if you have one            | `logstash:5044`   |
-| `filebeat.livenessProbe.exec.command`           | liveness probe exec command            | see [values.yaml](stable/artifactory-ha/values.yaml)   |
-| `filebeat.livenessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `filebeat.livenessProbe.initialDelaySeconds`  | Delay before liveness probe is initiated  | 180                       |
-| `filebeat.livenessProbe.periodSeconds`        | How often to perform the probe            | 10                        |
-| `filebeat.readinessProbe.exec.command`           | readiness probe exec command            | see [values.yaml](stable/artifactory-ha/values.yaml)   |
-| `filebeat.readinessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed after having succeeded.   | 10 |
-| `filebeat.readinessProbe.initialDelaySeconds`  | Delay before readiness probe is initiated  | 180                       |
-| `filebeat.readinessProbe.periodSeconds`        | How often to perform the probe            | 10                        |
-| `filebeat.resources.requests.memory` | Filebeat initial memory request                  |                          |
-| `filebeat.resources.requests.cpu`    | Filebeat initial cpu request     |                                          |
-| `filebeat.resources.limits.memory`   | Filebeat memory limit            |                                          |
-| `filebeat.resources.limits.cpu`      | Filebeat cpu limit               |                                          |
-| `filebeat.filebeatYml`      | Filebeat yaml configuration file                | see [values.yaml](stable/artifactory-ha/values.yaml)                                         |
+#### FluentD, Prometheus and Grafana
+
+To configure Prometheus and Grafana to gather metrics from Artifactory through the use of FluentD, please refer to the log analytics repo:
+
+https://github.com/jfrog/log-analytics-prometheus
+
+That repo contains a file `artifactory-ha-values.yaml` that can be used to deploy Prometheus, Service Monitor, and Grafana with this chart.
 
-Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
 
 ## Useful links
 - https://www.jfrog.com/confluence/display/EP/Getting+Started
diff --git a/charts/artifactory-ha/UPGRADE_NOTES.md b/charts/artifactory-ha/UPGRADE_NOTES.md
index 9c7f771be..b3326dccc 100644
--- a/charts/artifactory-ha/UPGRADE_NOTES.md
+++ b/charts/artifactory-ha/UPGRADE_NOTES.md
@@ -1,10 +1,14 @@
 # JFrog Artifactory Chart Upgrade Notes
 This file describes special upgrade notes needed at specific versions
 
-## Upgrade from 1.X to 2.X (Chart Versions)
+## Upgrade from 1.X to 2.X and above (Chart Versions)
 
 * If this is a new deployment or you already use an external database (`postgresql.enabled=false`), these changes **do not affect you!**
 * To upgrade from a version prior to 1.x, you first need to upgrade to latest version of 1.x as described in https://github.com/jfrog/charts/blob/master/stable/artifactory-ha/CHANGELOG.md.
+* Note: If you are upgrading from 1.x to 4.x and above chart versions, please delete the existing statefulset of postgresql before upgrading the chart due to breaking changes in postgresql subchart.
+```bash
+kubectl delete statefulsets <OLD_RELEASE_NAME>-postgresql
+```
 
 ## Upgrade from 0.X to 1.X (Chart Versions)
 **DOWNTIME IS REQUIRED FOR AN UPGRADE!**
diff --git a/charts/artifactory-ha/charts/postgresql/Chart.yaml b/charts/artifactory-ha/charts/postgresql/Chart.yaml
index a40485f21..8365f1fb7 100755
--- a/charts/artifactory-ha/charts/postgresql/Chart.yaml
+++ b/charts/artifactory-ha/charts/postgresql/Chart.yaml
@@ -1,5 +1,7 @@
+annotations:
+  category: Database
 apiVersion: v1
-appVersion: 11.7.0
+appVersion: 11.9.0
 description: Chart for PostgreSQL, an object-relational database management system
   (ORDBMS) with an emphasis on extensibility and on standards-compliance.
 engine: gotpl
@@ -20,4 +22,4 @@ maintainers:
 name: postgresql
 sources:
 - https://github.com/bitnami/bitnami-docker-postgresql
-version: 8.7.3
+version: 9.3.4
diff --git a/charts/artifactory-ha/charts/postgresql/README.md b/charts/artifactory-ha/charts/postgresql/README.md
index c2b848af1..319291bc6 100755
--- a/charts/artifactory-ha/charts/postgresql/README.md
+++ b/charts/artifactory-ha/charts/postgresql/README.md
@@ -4,7 +4,7 @@
 
 For HA, please see [this repo](https://github.com/bitnami/charts/tree/master/bitnami/postgresql-ha)
 
-## TL;DR;
+## TL;DR
 
 ```console
 $ helm repo add bitnami https://charts.bitnami.com/bitnami
@@ -20,7 +20,7 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment
 ## Prerequisites
 
 - Kubernetes 1.12+
-- Helm 2.11+ or Helm 3.0-beta3+
+- Helm 2.12+ or Helm 3.0-beta3+
 - PV provisioner support in the underlying infrastructure
 
 ## Installing the Chart
@@ -42,7 +42,15 @@ To uninstall/delete the `my-release` deployment:
 $ helm delete my-release
 ```
 
-The command removes all the Kubernetes components associated with the chart and deletes the release.
+The command removes all the Kubernetes components but PVC's associated with the chart and deletes the release.
+
+To delete the PVC's associated with `my-release`:
+
+```console
+$ kubectl delete pvc -l release=my-release
+```
+
+> **Note**: Deleting the PVC's will delete postgresql data as well. Please be cautious before doing it.
 
 ## Parameters
 
@@ -95,10 +103,10 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `replication.synchronousCommit`               | Set synchronous commit mode. Allowed values: `on`, `remote_apply`, `remote_write`, `local` and `off`                                                                      | `off`                                                         |
 | `replication.numSynchronousReplicas`          | Number of replicas that will have synchronous replication. Note: Cannot be greater than `replication.slaveReplicas`.                                                      | `0`                                                           |
 | `replication.applicationName`                 | Cluster application name. Useful for advanced replication settings                                                                                                        | `my_application`                                              |
-| `existingSecret`                              | Name of existing secret to use for PostgreSQL passwords. The secret has to contain the keys `postgresql-postgres-password` which is the password for `postgresqlUsername` when it is different of `postgres`, `postgresql-password` which will override `postgresqlPassword`, `postgresql-replication-password` which will override `replication.password` and `postgresql-ldap-password` which will be sed to authenticate on LDAP. The value is evaluated as a template.                                                                                                                  | `nil`                                                         |
-| `postgresqlPostgresPassword`                  | PostgreSQL admin password (used when `postgresqlUsername` is not `postgres`)                                                                                              | _random 10 character alphanumeric string_                     |
-| `postgresqlUsername`                          | PostgreSQL admin user                                                                                                                                                     | `postgres`                                                    |
-| `postgresqlPassword`                          | PostgreSQL admin password                                                                                                                                                 | _random 10 character alphanumeric string_                     |
+| `existingSecret`                              | Name of existing secret to use for PostgreSQL passwords. The secret has to contain the keys `postgresql-postgres-password` which is the password for `postgresqlUsername` when it is different of `postgres`, `postgresql-password` which will override `postgresqlPassword`, `postgresql-replication-password` which will override `replication.password` and `postgresql-ldap-password` which will be sed to authenticate on LDAP. The value is evaluated as a template.                                                                        | `nil`                                                         |
+| `postgresqlPostgresPassword`                  | PostgreSQL admin password (used when `postgresqlUsername` is not `postgres`, in which case`postgres` is the admin username).                                              | _random 10 character alphanumeric string_                     |
+| `postgresqlUsername`                          | PostgreSQL user (creates a non-admin user when `postgresqlUsername` is not `postgres`)                                                                                    | `postgres`                                                    |
+| `postgresqlPassword`                          | PostgreSQL user password                                                                                                                                                  | _random 10 character alphanumeric string_                     |
 | `postgresqlDatabase`                          | PostgreSQL database                                                                                                                                                       | `nil`                                                         |
 | `postgresqlDataDir`                           | PostgreSQL data dir folder                                                                                                                                                | `/bitnami/postgresql` (same value as persistence.mountPath)   |
 | `extraEnv`                                    | Any extra environment variables you would like to pass on to the pod. The value is evaluated as a template.                                                               | `[]`                                                          |
@@ -112,7 +120,7 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `extendedConfConfigMap`                       | ConfigMap with the extended PostgreSQL configuration files. The value is evaluated as a template.                                                                         | `nil`                                                         |
 | `initdbScripts`                               | Dictionary of initdb scripts                                                                                                                                              | `nil`                                                         |
 | `initdbUser`                                  | PostgreSQL user to execute the .sql and sql.gz scripts                                                                                                                    | `nil`                                                         |
-| `initdbPassword`                              | Password for the user specified in `initdbUser`                                                                                                                       | `nil`                                                         |
+| `initdbPassword`                              | Password for the user specified in `initdbUser`                                                                                                                           | `nil`                                                         |
 | `initdbScriptsConfigMap`                      | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`). The value is evaluated as a template.                                                                | `nil`                                                         |
 | `initdbScriptsSecret`                         | Secret with initdb scripts that contain sensitive information (Note: can be used with `initdbScriptsConfigMap` or `initdbScripts`). The value is evaluated as a template. | `nil`                                                         |
 | `service.type`                                | Kubernetes Service type                                                                                                                                                   | `ClusterIP`                                                   |
@@ -132,6 +140,7 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `persistence.accessModes`                     | PVC Access Mode for PostgreSQL volume                                                                                                                                     | `[ReadWriteOnce]`                                             |
 | `persistence.size`                            | PVC Storage Request for PostgreSQL volume                                                                                                                                 | `8Gi`                                                         |
 | `persistence.annotations`                     | Annotations for the PVC                                                                                                                                                   | `{}`                                                          |
+| `commonAnnotations`                           | Annotations to be added to all deployed resources (rendered as a template)                                                                                                | `{}`                                                          |
 | `master.nodeSelector`                         | Node labels for pod assignment (postgresql master)                                                                                                                        | `{}`                                                          |
 | `master.affinity`                             | Affinity labels for pod assignment (postgresql master)                                                                                                                    | `{}`                                                          |
 | `master.tolerations`                          | Toleration labels for pod assignment (postgresql master)                                                                                                                  | `[]`                                                          |
@@ -139,7 +148,7 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `master.labels`                               | Map of labels to add to the statefulset (postgresql master)                                                                                                               | `{}`                                                          |
 | `master.podAnnotations`                       | Map of annotations to add to the pods (postgresql master)                                                                                                                 | `{}`                                                          |
 | `master.podLabels`                            | Map of labels to add to the pods (postgresql master)                                                                                                                      | `{}`                                                          |
-| `master.priorityClassName`                    | Priority Class to use for each pod (postgresql master)                                                                                                                    | `nil`                                                          |
+| `master.priorityClassName`                    | Priority Class to use for each pod (postgresql master)                                                                                                                    | `nil`                                                         |
 | `master.extraInitContainers`                  | Additional init containers to add to the pods (postgresql master)                                                                                                         | `[]`                                                          |
 | `master.extraVolumeMounts`                    | Additional volume mounts to add to the pods (postgresql master)                                                                                                           | `[]`                                                          |
 | `master.extraVolumes`                         | Additional volumes to add to the pods (postgresql master)                                                                                                                 | `[]`                                                          |
@@ -154,7 +163,7 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `slave.labels`                                | Map of labels to add to the statefulsets (postgresql slave)                                                                                                               | `{}`                                                          |
 | `slave.podAnnotations`                        | Map of annotations to add to the pods (postgresql slave)                                                                                                                  | `{}`                                                          |
 | `slave.podLabels`                             | Map of labels to add to the pods (postgresql slave)                                                                                                                       | `{}`                                                          |
-| `slave.priorityClassName`                     | Priority Class to use for each pod (postgresql slave)                                                                                                                     | `nil`                                                          |
+| `slave.priorityClassName`                     | Priority Class to use for each pod (postgresql slave)                                                                                                                     | `nil`                                                         |
 | `slave.extraInitContainers`                   | Additional init containers to add to the pods (postgresql slave)                                                                                                          | `[]`                                                          |
 | `slave.extraVolumeMounts`                     | Additional volume mounts to add to the pods (postgresql slave)                                                                                                            | `[]`                                                          |
 | `slave.extraVolumes`                          | Additional volumes to add to the pods (postgresql slave)                                                                                                                  | `[]`                                                          |
@@ -162,13 +171,14 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `slave.service.type`                          | Allows using a different service type for Slave                                                                                                                           | `nil`                                                         |
 | `slave.service.nodePort`                      | Allows using a different nodePort for Slave                                                                                                                               | `nil`                                                         |
 | `slave.service.clusterIP`                     | Allows using a different clusterIP for Slave                                                                                                                              | `nil`                                                         |
+| `slave.persistence.enabled`                   | Whether to enable slave replicas persistence                                                                                                                              | `true`                                                        |
 | `terminationGracePeriodSeconds`               | Seconds the pod needs to terminate gracefully                                                                                                                             | `nil`                                                         |
 | `resources`                                   | CPU/Memory resource requests/limits                                                                                                                                       | Memory: `256Mi`, CPU: `250m`                                  |
 | `securityContext.enabled`                     | Enable security context                                                                                                                                                   | `true`                                                        |
 | `securityContext.fsGroup`                     | Group ID for the container                                                                                                                                                | `1001`                                                        |
 | `securityContext.runAsUser`                   | User ID for the container                                                                                                                                                 | `1001`                                                        |
 | `serviceAccount.enabled`                      | Enable service account (Note: Service Account will only be automatically created if `serviceAccount.name` is not set)                                                     | `false`                                                       |
-| `serviceAcccount.name`                        | Name of existing service account                                                                                                                                          | `nil`                                                         |
+| `serviceAccount.name`                         | Name of existing service account                                                                                                                                          | `nil`                                                         |
 | `livenessProbe.enabled`                       | Would you like a livenessProbe to be enabled                                                                                                                              | `true`                                                        |
 | `networkPolicy.enabled`                       | Enable NetworkPolicy                                                                                                                                                      | `false`                                                       |
 | `networkPolicy.allowExternal`                 | Don't require client label for connections                                                                                                                                | `true`                                                        |
@@ -184,6 +194,13 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `readinessProbe.timeoutSeconds`               | When the probe times out                                                                                                                                                  | 5                                                             |
 | `readinessProbe.failureThreshold`             | Minimum consecutive failures for the probe to be considered failed after having succeeded.                                                                                | 6                                                             |
 | `readinessProbe.successThreshold`             | Minimum consecutive successes for the probe to be considered successful after having failed                                                                               | 1                                                             |
+| `tls.enabled`                                 | Enable TLS traffic support                                                                                                                                                | `false`                                                       |
+| `tls.preferServerCiphers`                     | Whether to use the server's TLS cipher preferences rather than the client's                                                                                               | `true`                                                        |
+| `tls.certificatesSecret`                      | Name of an existing secret that contains the certificates                                                                                                                 | `nil`                                                         |
+| `tls.certFilename`                            | Certificate filename                                                                                                                                                      | `""`                                                          |
+| `tls.certKeyFilename`                         | Certificate key filename                                                                                                                                                  | `""`                                                          |
+| `tls.certCAFilename`                          | CA Certificate filename. If provided, PostgreSQL will authenticate TLS/SSL clients by requesting them a certificate.                                                      |`nil`                                                          |
+| `tls.crlFilename`                             | File containing a Certificate Revocation List                                                                                                                             |`nil`                                                          |
 | `metrics.enabled`                             | Start a prometheus exporter                                                                                                                                               | `false`                                                       |
 | `metrics.service.type`                        | Kubernetes Service type                                                                                                                                                   | `ClusterIP`                                                   |
 | `service.clusterIP`                           | Static clusterIP or None for headless services                                                                                                                            | `nil`                                                         |
@@ -198,12 +215,13 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `metrics.prometheusRule.additionalLabels`     | Additional labels that can be used so prometheusRules will be discovered by Prometheus                                                                                    | `{}`                                                          |
 | `metrics.prometheusRule.namespace`            | namespace where prometheusRules resource should be created                                                                                                                | the same namespace as postgresql                              |
 | `metrics.prometheusRule.rules`                | [rules](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) to be created, check values for an example.                                            | `[]`                                                          |
-| `metrics.image.registry`                      | PostgreSQL Image registry                                                                                                                                                 | `docker.io`                                                   |
-| `metrics.image.repository`                    | PostgreSQL Image name                                                                                                                                                     | `bitnami/postgres-exporter`                                   |
-| `metrics.image.tag`                           | PostgreSQL Image tag                                                                                                                                                      | `{TAG_NAME}`                                                  |
-| `metrics.image.pullPolicy`                    | PostgreSQL Image pull policy                                                                                                                                              | `IfNotPresent`                                                |
+| `metrics.image.registry`                      | PostgreSQL Exporter Image registry                                                                                                                                        | `docker.io`                                                   |
+| `metrics.image.repository`                    | PostgreSQL Exporter Image name                                                                                                                                            | `bitnami/postgres-exporter`                                   |
+| `metrics.image.tag`                           | PostgreSQL Exporter Image tag                                                                                                                                            | `{TAG_NAME}`                                                  |
+| `metrics.image.pullPolicy`                    | PostgreSQL Exporter Image pull policy                                                                                                                                    | `IfNotPresent`                                                |
 | `metrics.image.pullSecrets`                   | Specify Image pull secrets                                                                                                                                                | `nil` (does not add image pull secrets to deployed pods)      |
 | `metrics.customMetrics`                       | Additional custom metrics                                                                                                                                                 | `nil`                                                         |
+| `metrics.extraEnvVars`                        | Extra environment variables to add to exporter  | `{}` (evaluated as a template)   |
 | `metrics.securityContext.enabled`             | Enable security context for metrics                                                                                                                                       | `false`                                                       |
 | `metrics.securityContext.runAsUser`           | User ID for the container for metrics                                                                                                                                     | `1001`                                                        |
 | `metrics.livenessProbe.initialDelaySeconds`   | Delay before liveness probe is initiated                                                                                                                                  | 30                                                            |
@@ -218,6 +236,9 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
 | `metrics.readinessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed after having succeeded.                                                                                | 6                                                             |
 | `metrics.readinessProbe.successThreshold`     | Minimum consecutive successes for the probe to be considered successful after having failed                                                                               | 1                                                             |
 | `updateStrategy`                              | Update strategy policy                                                                                                                                                    | `{type: "RollingUpdate"}`                                     |
+| `psp.create`                                  | Create Pod Security Policy                                                                                                                                                | `false`                                                       |
+| `rbac.create`                                 | Create Role and RoleBinding (required for PSP to work)                                                                                                                    | `false`                                                       |
+
 
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
 
@@ -287,7 +308,7 @@ At the top level, there is a service object which defines the services for both
 
 ### Change PostgreSQL version
 
-To modify the PostgreSQL version used in this chart you can specify a [valid image tag](https://hub.docker.com/r/bitnami/postgresql/tags/) using the `image.tag` parameter. For example, `image.tag=12.0.0`
+To modify the PostgreSQL version used in this chart you can specify a [valid image tag](https://hub.docker.com/r/bitnami/postgresql/tags/) using the `image.tag` parameter. For example, `image.tag=X.Y.Z`. This approach is also applicable to other images like exporters.
 
 ### postgresql.conf / pg_hba.conf files as configMap
 
@@ -316,6 +337,35 @@ In addition to these options, you can also set an external ConfigMap with all th
 
 The allowed extensions are `.sh`, `.sql` and `.sql.gz`.
 
+### Securing traffic using TLS
+
+TLS support can be enabled in the chart by specifying the `tls.` parameters while creating a release. The following parameters should be configured to properly enable the TLS support in the chart:
+
+- `tls.enabled`: Enable TLS support. Defaults to `false`
+- `tls.certificatesSecret`: Name of an existing secret that contains the certificates. No defaults.
+- `tls.certFilename`: Certificate filename. No defaults.
+- `tls.certKeyFilename`: Certificate key filename. No defaults.
+
+For example:
+
+* First, create the secret with the cetificates files:
+
+    ```console
+    kubectl create secret generic certificates-tls-secret --from-file=./cert.crt --from-file=./cert.key --from-file=./ca.crt
+    ```
+
+* Then, use the following parameters:
+
+    ```console
+    volumePermissions.enabled=true
+    tls.enabled=true
+    tls.certificatesSecret="certificates-tls-secret"
+    tls.certFilename="cert.crt"
+    tls.certKeyFilename="cert.key"
+    ```
+
+    > Note TLS and VolumePermissions: PostgreSQL requires certain permissions on sensitive files (such as certificate keys) to start up. Due to an on-going [issue](https://github.com/kubernetes/kubernetes/issues/57923) regarding kubernetes permissions and the use of `securityContext.runAsUser`, you must enable `volumePermissions` to ensure everything works as expected.
+
 ### Sidecars
 
 If you need  additional containers to run within the same pod as PostgreSQL (e.g. an additional metrics or logging exporter), you can do so via the `sidecars` config parameter. Simply define your container according to the Kubernetes container spec.
@@ -443,6 +493,60 @@ $ helm upgrade my-release stable/postgresql \
 
 > Note: you need to substitute the placeholders _[POSTGRESQL_PASSWORD]_, and _[REPLICATION_PASSWORD]_ with the values obtained from instructions in the installation notes.
 
+## 9.0.0
+
+In this version the chart was adapted to follow the Helm label best practices, see [PR 3021](https://github.com/bitnami/charts/pull/3021). That means the backward compatibility is not guarantee when upgrading the chart to this major version.
+
+As a workaround, you can delete the existing statefulset (using the `--cascade=false` flag pods are not deleted) before upgrade the chart. For example, this can be a valid workflow:
+
+- Deploy an old version (8.X.X)
+```console
+$ helm install postgresql bitnami/postgresql --version 8.10.14
+```
+
+- Old version is up and running
+```console
+$ helm ls
+NAME      	NAMESPACE	REVISION	UPDATED                                	STATUS  	CHART             	APP VERSION
+postgresql	default  	1       	2020-08-04 13:39:54.783480286 +0000 UTC	deployed	postgresql-8.10.14	11.8.0
+
+$ kubectl get pods
+NAME                      READY   STATUS    RESTARTS   AGE
+postgresql-postgresql-0   1/1     Running   0          76s
+```
+
+- The upgrade to the latest one (9.X.X) is going to fail
+```console
+$ helm upgrade postgresql bitnami/postgresql
+Error: UPGRADE FAILED: cannot patch "postgresql-postgresql" with kind StatefulSet: StatefulSet.apps "postgresql-postgresql" is invalid: spec: Forbidden: updates to statefulset spec for fields other than 'replicas', 'template', and 'updateStrategy' are forbidden
+```
+
+- Delete the statefulset
+```console
+$ kubectl delete statefulsets.apps --cascade=false postgresql-postgresql
+statefulset.apps "postgresql-postgresql" deleted
+```
+
+- Now the upgrade works
+```cosnole
+$ helm upgrade postgresql bitnami/postgresql
+$ helm ls
+NAME      	NAMESPACE	REVISION	UPDATED                                	STATUS  	CHART           	APP VERSION
+postgresql	default  	3       	2020-08-04 13:42:08.020385884 +0000 UTC	deployed	postgresql-9.1.2	11.8.0
+```
+
+- We can kill the existing pod and the new statefulset is going to create a new one:
+```console
+$ kubectl delete pod postgresql-postgresql-0
+pod "postgresql-postgresql-0" deleted
+
+$ kubectl get pods
+NAME                      READY   STATUS    RESTARTS   AGE
+postgresql-postgresql-0   1/1     Running   0          19s
+```
+
+Please, note that without the `--cascade=false` both objects (statefulset and pod) are going to be removed and both objects will be deployed again with the `helm upgrade` command
+
 ## 8.0.0
 
 Prefixes the port names with their protocols to comply with Istio conventions.
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/.helmignore b/charts/artifactory-ha/charts/postgresql/charts/common/.helmignore
new file mode 100755
index 000000000..50af03172
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/Chart.yaml b/charts/artifactory-ha/charts/postgresql/charts/common/Chart.yaml
new file mode 100755
index 000000000..a56ef8bf5
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  category: Infrastructure
+apiVersion: v1
+appVersion: 0.6.2
+description: A Library Helm Chart for grouping common logic between bitnami charts.
+  This chart is not deployable by itself.
+engine: gotpl
+home: http://www.bitnami.com/
+icon: https://bitnami.com/downloads/logos/bitnami-mark.png
+keywords:
+- common
+- helper
+- template
+- function
+- bitnami
+maintainers:
+- email: containers@bitnami.com
+  name: Bitnami
+name: common
+sources:
+- https://github.com/bitnami/charts
+version: 0.6.2
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/README.md b/charts/artifactory-ha/charts/postgresql/charts/common/README.md
new file mode 100755
index 000000000..e04391a3f
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/README.md
@@ -0,0 +1,274 @@
+# Bitnami Common Library Chart
+
+A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between bitnami charts.
+
+## TL;DR
+
+```yaml
+dependencies:
+  - name: common
+    version: 0.x.x
+    repository: https://charts.bitnami.com/bitnami
+```
+
+```bash
+$ helm dependency update
+```
+
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.names.fullname" . }}
+data:
+  myvalue: "Hello World"
+```
+
+## Introduction
+
+This chart provides a common template helpers which can be used to develop new charts using [Helm](https://helm.sh) package manager.
+
+Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of [Bitnami Kubernetes Production Runtime](https://kubeprod.io/) (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications.
+
+## Prerequisites
+
+- Kubernetes 1.12+
+- Helm 2.12+ or Helm 3.0-beta3+
+
+## Parameters
+
+The following table lists the helpers available in the library which are scoped in different sections.
+
+**Names**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.names.name`                              | Expand the name of the chart or use `.Values.nameOverride`                                                                                                             | `.` Chart context                                                                                                                                                                                                                        |
+| `common.names.fullname`                          | Create a default fully qualified app name.                                                                                                                             | `.` Chart context                                                                                                                                                                                                                        |
+| `common.names.chart`                             | Chart name plus version                                                                                                                                                | `.` Chart context                                                                                                                                                                                                                        |
+
+**Images**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.images.image`                            | Return the proper and full image name                                                                                                                                  | `dict "imageRoot" .Values.path.to.the.image "global" $`, see [ImageRoot](#imageroot) for the structure.                                                                                                                                  |
+| `common.images.pullSecrets`                      | Return the proper Docker Image Registry Secret Names                                                                                                                   | `dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global`                                                                                                                                    |
+
+**Labels**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.labels.standard`                         | Return Kubernetes standard labels                                                                                                                                      | `.` Chart context                                                                                                                                                                                                                        |
+| `common.labels.matchLabels`                      | Return the proper Docker Image Registry Secret Names                                                                                                                   | `.` Chart context                                                                                                                                                                                                                        |
+
+**Storage**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.storage.class`                           | Return the proper Storage Class                                                                                                                                        | `dict "persistence" .Values.path.to.the.persistence "global" $`, see [Persistence](#persistence) for the structure.                                                                                                                      |
+
+**TplValues**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.tplvalues.render`                        | Renders a value that contains template                                                                                                                                 | `dict "value" .Values.path.to.the.Value "context" $`, value is the value should rendered as template, context frecuently is the chart context `$` or `.`                                                                                 |
+
+**Capabilities**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.capabilities.deployment.apiVersion`      | Return the appropriate apiVersion for deployment.                                                                                                                      | `.` Chart context                                                                                                                                                                                                                        |
+| `common.capabilities.ingress.apiVersion`         | Return the appropriate apiVersion for ingress.                                                                                                                         | `.` Chart context                                                                                                                                                                                                                        |
+
+**Validations**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.validations.values.single.empty`         | Validate a value must not be empty.                                                                                                                                    | `dict "valueKey" "path.to.value" "secret" "secret.name" "field" "my-password" "context" $` secret and field are optional. In case they are given, the helper will generate a how to get instruction. See [ValidateValue](#validatevalue) |
+| `common.validations.values.multiple.empty`       | Validate a multiple values must not be empty. It returns a shared error for all the values.                                                                            | `dict "required" (list $validateValueConf00 $validateValueConf01) "context" $`. See [ValidateValue](#validatevalue)                                                                                                                      |
+| `common.validations.values.mariadb.passwords`    | When a chart is using `bitnami/mariadb` as subchart you should use this to validate required password are not empty. It returns a shared error for all the values.     | `dict "secret" "mariadb-secret" "context" $`                                                                                                                                                                                             |
+| `common.validations.values.postgresql.passwords` | This helper will ensure required password are not empty. It returns a shared error for all the values.                                                                 | `dict "secret" "postgresql-secret" "subchart" "true" "context" $` subchart field is optional and could be true or false it depends on where you will use postgresql chart and the helper.                                                |
+
+**Warnings**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.warnings.rollingTag`                     | Warning about using rolling tag.                                                                                                                                       | `ImageRoot` see [ImageRoot](#imageroot) for the structure.                                                                                                                                                                               |
+
+**Errors**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.errors.upgrade.passwords.empty`          | It will ensure required passwords are given when we are upgrading a chart. If `validationErrors` is not empty it will throw an error and will stop the upgrade action. | `dict "validationErrors" (list $validationError00 $validationError01)  "context" $`                                                                                                                                                      |
+
+**Utils**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.utils.fieldToEnvVar`                     | Build environment variable name given a field.                                                                                                                         | `dict "field" "my-password"`                                                                                                                                                                                                             |
+| `common.utils.secret.getvalue`                   | Print instructions to get a secret value.                                                                                                                              | `dict "secret" "secret-name" "field" "secret-value-field" "context" $`                                                                                                                                                                   |
+
+**Secrets**
+
+| Helper identifier                                | Description                                                                                                                                                            | Expected Input                                                                                                                                                                                                                           |
+|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `common.secrets.name`                            | Generate the name of the secret.                                                                                                                                       | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure.                                                                           |
+| `common.secrets.key`                             | Generate secret key.                                                                                                                                                   | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure.                                                                                                      |
+
+## Special input schemas
+
+### ImageRoot
+
+```yaml
+registry:
+  type: string
+  description: Docker registry where the image is located
+  example: docker.io
+
+repository:
+  type: string
+  description: Repository and image name
+  example: bitnami/nginx
+
+tag:
+  type: string
+  description: image tag
+  example: 1.16.1-debian-10-r63
+
+pullPolicy:
+  type: string
+  description: Specify a imagePullPolicy. Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
+
+pullSecrets:
+  type: array
+  items:
+    type: string
+  description: Optionally specify an array of imagePullSecrets.
+
+debug:
+  type: boolean
+  description: Set to true if you would like to see extra information on logs
+  example: false
+
+## An instance would be:
+# registry: docker.io
+# repository: bitnami/nginx
+# tag: 1.16.1-debian-10-r63
+# pullPolicy: IfNotPresent
+# debug: false
+```
+
+### Persistence
+
+```yaml
+enabled:
+  type: boolean
+  description: Whether enable persistence.
+  example: true
+
+storageClass:
+  type: string
+  description: Ghost data Persistent Volume Storage Class, If set to "-", storageClassName: "" which disables dynamic provisioning.
+  example: "-"
+
+accessMode:
+  type: string
+  description: Access mode for the Persistent Volume Storage.
+  example: ReadWriteOnce
+
+size:
+  type: string
+  description: Size the Persistent Volume Storage.
+  example: 8Gi
+
+path:
+  type: string
+  description: Path to be persisted.
+  example: /bitnami
+
+## An instance would be:
+# enabled: true
+# storageClass: "-"
+# accessMode: ReadWriteOnce
+# size: 8Gi
+# path: /bitnami
+```
+
+### ExistingSecret
+```yaml
+name:
+  type: string
+  description: Name of the existing secret.
+  example: mySecret
+keyMapping:
+  description: Mapping between the expected key name and the name of the key in the existing secret.
+  type: object
+
+## An instance would be:
+# name: mySecret
+# keyMapping:
+#   password: myPasswordKey
+```
+
+**Example of use**
+
+When we store sensitive data for a deployment in a secret, some times we want to give to users the possiblity of using theirs existing secrets.
+
+```yaml
+# templates/secret.yaml
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    app: {{ include "common.names.fullname" . }}
+type: Opaque
+data:
+  password: {{ .Values.password | b64enc | quote }}
+
+# templates/dpl.yaml
+---
+...
+      env:
+        - name: PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ include "common.secrets.name" (dict "existingSecret" .Values.existingSecret "context" $) }}
+              key: {{ include "common.secrets.key" (dict "existingSecret" .Values.existingSecret "key" "password") }}
+...
+
+# values.yaml
+---
+name: mySecret
+keyMapping:
+  password: myPasswordKey
+```
+
+### ValidateValue
+
+**NOTES.txt**
+
+```
+{{- $validateValueConf00 := (dict "valueKey" "path.to.value00" "secret" "secretName" "field" "password-00") -}}
+{{- $validateValueConf01 := (dict "valueKey" "path.to.value01" "secret" "secretName" "field" "password-01") -}}
+
+{{ include "common.validations.values.multiple.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }}
+```
+
+If we force those values to be empty we will see some alerts
+
+```console
+$ helm install test mychart --set path.to.value00="",path.to.value01=""
+    'path.to.value00' must not be empty, please add '--set path.to.value00=$PASSWORD_00' to the command. To get the current value:
+
+        export PASSWORD_00=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-00}" | base64 --decode)
+
+    'path.to.value01' must not be empty, please add '--set path.to.value01=$PASSWORD_01' to the command. To get the current value:
+
+        export PASSWORD_01=$(kubectl get secret --namespace default secretName -o jsonpath="{.data.password-01}" | base64 --decode)
+```
+
+## Notable changes
+
+N/A
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_capabilities.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_capabilities.tpl
new file mode 100755
index 000000000..c0ea2c70c
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_capabilities.tpl
@@ -0,0 +1,22 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Return the appropriate apiVersion for deployment.
+*/}}
+{{- define "common.capabilities.deployment.apiVersion" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+{{- print "extensions/v1beta1" -}}
+{{- else -}}
+{{- print "apps/v1" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the appropriate apiVersion for ingress.
+*/}}
+{{- define "common.capabilities.ingress.apiVersion" -}}
+{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+{{- print "extensions/v1beta1" -}}
+{{- else -}}
+{{- print "networking.k8s.io/v1beta1" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_errors.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_errors.tpl
new file mode 100755
index 000000000..d6d3ec65a
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_errors.tpl
@@ -0,0 +1,20 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Through error when upgrading using empty passwords values that must not be empty.
+
+Usage:
+{{- $validationError00 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password00" "secret" "secretName" "field" "password-00") -}}
+{{- $validationError01 := include "common.validations.values.single.empty" (dict "valueKey" "path.to.password01" "secret" "secretName" "field" "password-01") -}}
+{{ include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $validationError00 $validationError01) "context" $) }}
+
+Required password params:
+  - validationErrors - String - Required. List of validation strings to be return, if it is empty it won't throw error.
+  - context - Context - Required. Parent context.
+*/}}
+{{- define "common.errors.upgrade.passwords.empty" -}}
+  {{- $validationErrors := join "" .validationErrors -}}
+  {{- if and $validationErrors .context.Release.IsUpgrade -}}
+    {{- $errorString := "\nPASSWORDS ERROR: you must provide your current passwords when upgrade the release%s" -}}
+    {{- printf $errorString $validationErrors | fail -}}
+  {{- end -}}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_images.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_images.tpl
new file mode 100755
index 000000000..aafde9f3b
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_images.tpl
@@ -0,0 +1,43 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Return the proper image name
+{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
+*/}}
+{{- define "common.images.image" -}}
+{{- $registryName := .imageRoot.registry -}}
+{{- $repositoryName := .imageRoot.repository -}}
+{{- $tag := .imageRoot.tag | toString -}}
+{{- if .global }}
+    {{- if .global.imageRegistry }}
+     {{- $registryName = .global.imageRegistry -}}
+    {{- end -}}
+{{- end -}}
+{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
+{{- end -}}
+
+{{/*
+Return the proper Docker Image Registry Secret Names
+{{ include "common.images.pullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global) }}
+*/}}
+{{- define "common.images.pullSecrets" -}}
+  {{- $pullSecrets := list }}
+
+  {{- if .global }}
+    {{- range .global.imagePullSecrets -}}
+      {{- $pullSecrets = append $pullSecrets . -}}
+    {{- end -}}
+  {{- end -}}
+
+  {{- range .images -}}
+    {{- range .pullSecrets -}}
+      {{- $pullSecrets = append $pullSecrets . -}}
+    {{- end -}}
+  {{- end -}}
+
+  {{- if (not (empty $pullSecrets)) }}
+imagePullSecrets:
+    {{- range $pullSecrets }}
+  - name: {{ . }}
+    {{- end }}
+  {{- end }}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_labels.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_labels.tpl
new file mode 100755
index 000000000..252066c7e
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_labels.tpl
@@ -0,0 +1,18 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Kubernetes standard labels
+*/}}
+{{- define "common.labels.standard" -}}
+app.kubernetes.io/name: {{ include "common.names.name" . }}
+helm.sh/chart: {{ include "common.names.chart" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector
+*/}}
+{{- define "common.labels.matchLabels" -}}
+app.kubernetes.io/name: {{ include "common.names.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_names.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_names.tpl
new file mode 100755
index 000000000..adf2a74f4
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_names.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "common.names.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "common.names.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "common.names.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_secrets.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_secrets.tpl
new file mode 100755
index 000000000..d6165a294
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_secrets.tpl
@@ -0,0 +1,49 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Generate secret name.
+
+Usage:
+{{ include "common.secrets.name" (dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $) }}
+
+Params:
+  - existingSecret - ExistingSecret - Optional. The path to the existing secrets in the values.yaml given by the user
+    to be used istead of the default one. +info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret
+  - defaultNameSuffix - String - Optional. It is used only if we have several secrets in the same deployment.
+  - context - Dict - Required. The context for the template evaluation.
+*/}}
+{{- define "common.secrets.name" -}}
+{{- $name := (include "common.names.fullname" .context) -}}
+
+{{- if .defaultNameSuffix -}}
+{{- $name = cat $name .defaultNameSuffix -}}
+{{- end -}}
+
+{{- with .existingSecret -}}
+{{- $name = .name -}}
+{{- end -}}
+
+{{- printf "%s" $name -}}
+{{- end -}}
+
+{{/*
+Generate secret key.
+
+Usage:
+{{ include "common.secrets.key" (dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName") }}
+
+Params:
+  - existingSecret - ExistingSecret - Optional. The path to the existing secrets in the values.yaml given by the user
+    to be used istead of the default one. +info: https://github.com/bitnami/charts/tree/master/bitnami/common#existingsecret
+  - key - String - Required. Name of the key in the secret.
+*/}}
+{{- define "common.secrets.key" -}}
+{{- $key := .key -}}
+
+{{- if .existingSecret -}}
+  {{- if .existingSecret.keyMapping -}}
+    {{- $key = index .existingSecret.keyMapping $.key -}}
+  {{- end -}}
+{{- end -}}
+
+{{- printf "%s" $key -}}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_storage.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_storage.tpl
new file mode 100755
index 000000000..60e2a844f
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_storage.tpl
@@ -0,0 +1,23 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Return  the proper Storage Class
+{{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }}
+*/}}
+{{- define "common.storage.class" -}}
+
+{{- $storageClass := .persistence.storageClass -}}
+{{- if .global -}}
+    {{- if .global.storageClass -}}
+        {{- $storageClass = .global.storageClass -}}
+    {{- end -}}
+{{- end -}}
+
+{{- if $storageClass -}}
+  {{- if (eq "-" $storageClass) -}}
+      {{- printf "storageClassName: \"\"" -}}
+  {{- else }}
+      {{- printf "storageClassName: %s" $storageClass -}}
+  {{- end -}}
+{{- end -}}
+
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_tplvalues.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_tplvalues.tpl
new file mode 100755
index 000000000..2db166851
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_tplvalues.tpl
@@ -0,0 +1,13 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Renders a value that contains template.
+Usage:
+{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $) }}
+*/}}
+{{- define "common.tplvalues.render" -}}
+    {{- if typeIs "string" .value }}
+        {{- tpl .value .context }}
+    {{- else }}
+        {{- tpl (.value | toYaml) .context }}
+    {{- end }}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_utils.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_utils.tpl
new file mode 100755
index 000000000..7d02f2ef6
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_utils.tpl
@@ -0,0 +1,26 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Print instructions to get a secret value.
+Usage:
+{{ include "common.utils.secret.getvalue" (dict "secret" "secret-name" "field" "secret-value-field" "context" $) }}
+*/}}
+{{- define "common.utils.secret.getvalue" -}}
+{{- $varname := include "common.utils.fieldToEnvVar" . -}}
+export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 --decode)
+{{- end -}}
+
+{{/*
+Build env var name given a field
+Usage:
+{{ include "common.utils.fieldToEnvVar" dict "field" "my-password" }}
+*/}}
+{{- define "common.utils.fieldToEnvVar" -}}
+  {{- $fieldNameSplit := splitList "-" .field -}}
+  {{- $upperCaseFieldNameSplit := list -}}
+
+  {{- range $fieldNameSplit -}}
+    {{- $upperCaseFieldNameSplit = append $upperCaseFieldNameSplit ( upper . ) -}}
+  {{- end -}}
+
+  {{ join "_" $upperCaseFieldNameSplit }}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_validations.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_validations.tpl
new file mode 100755
index 000000000..62635b30e
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_validations.tpl
@@ -0,0 +1,219 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Validate values must not be empty.
+
+Usage:
+{{- $validateValueConf00 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-00") -}}
+{{- $validateValueConf01 := (dict "valueKey" "path.to.value" "secret" "secretName" "field" "password-01") -}}
+{{ include "common.validations.values.empty" (dict "required" (list $validateValueConf00 $validateValueConf01) "context" $) }}
+
+Validate value params:
+  - valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password"
+  - secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret"
+  - field - String - Optional. Name of the field in the secret data, e.g: "mysql-password"
+*/}}
+{{- define "common.validations.values.multiple.empty" -}}
+  {{- range .required -}}
+    {{- include "common.validations.values.single.empty" (dict "valueKey" .valueKey "secret" .secret "field" .field "context" $.context) -}}
+  {{- end -}}
+{{- end -}}
+
+
+{{/*
+Validate a value must not be empty.
+
+Usage:
+{{ include "common.validations.value.empty" (dict "valueKey" "mariadb.password" "secret" "secretName" "field" "my-password" "context" $) }}
+
+Validate value params:
+  - valueKey - String - Required. The path to the validating value in the values.yaml, e.g: "mysql.password"
+  - secret - String - Optional. Name of the secret where the validating value is generated/stored, e.g: "mysql-passwords-secret"
+  - field - String - Optional. Name of the field in the secret data, e.g: "mysql-password"
+*/}}
+{{- define "common.validations.values.single.empty" -}}
+  {{- $valueKeyArray := splitList "." .valueKey -}}
+  {{- $value := "" -}}
+  {{- $latestObj := $.context.Values -}}
+  {{- range $valueKeyArray -}}
+    {{- if not $latestObj -}}
+      {{- printf "please review the entire path of '%s' exists in values" $.valueKey | fail -}}
+    {{- end -}}
+
+    {{- $value = ( index $latestObj . ) -}}
+    {{- $latestObj = $value -}}
+  {{- end -}}
+
+  {{- if not $value -}}
+    {{- $varname := "my-value" -}}
+    {{- $getCurrentValue := "" -}}
+    {{- if and .secret .field -}}
+      {{- $varname = include "common.utils.fieldToEnvVar" . -}}
+      {{- $getCurrentValue = printf " To get the current value:\n\n        %s\n" (include "common.utils.secret.getvalue" .) -}}
+    {{- end -}}
+
+    {{- printf "\n    '%s' must not be empty, please add '--set %s=$%s' to the command.%s" .valueKey .valueKey $varname $getCurrentValue -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Validate a mariadb required password must not be empty.
+
+Usage:
+{{ include "common.validations.values.mariadb.passwords" (dict "secret" "secretName" "context" $) }}
+
+Validate value params:
+  - secret - String - Required. Name of the secret where mysql values are stored, e.g: "mysql-passwords-secret"
+*/}}
+{{- define "common.validations.values.mariadb.passwords" -}}
+  {{- if and (not .context.Values.mariadb.existingSecret) .context.Values.mariadb.enabled -}}
+    {{- $requiredPasswords := list -}}
+
+    {{- if .context.Values.mariadb.secret.requirePasswords -}}
+      {{- $requiredRootMariadbPassword := dict "valueKey" "mariadb.rootUser.password" "secret" .secretName "field" "mariadb-root-password" -}}
+      {{- $requiredPasswords = append $requiredPasswords $requiredRootMariadbPassword -}}
+
+      {{- if not (empty .context.Values.mariadb.db.user) -}}
+          {{- $requiredMariadbPassword := dict "valueKey" "mariadb.db.password" "secret" .secretName "field" "mariadb-password" -}}
+          {{- $requiredPasswords = append $requiredPasswords $requiredMariadbPassword -}}
+      {{- end -}}
+
+      {{- if .context.Values.mariadb.replication.enabled -}}
+          {{- $requiredReplicationPassword := dict "valueKey" "mariadb.replication.password" "secret" .secretName "field" "mariadb-replication-password" -}}
+          {{- $requiredPasswords = append $requiredPasswords $requiredReplicationPassword -}}
+      {{- end -}}
+
+      {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Validate a postgresql required password must not be empty.
+
+Usage:
+{{ include "common.validations.values.postgresql.passwords" (dict "secret" "secretName" "subchart" false "context" $) }}
+Params:
+  - secret - String - Required. Name of the secret where postgresql values are stored, e.g: "mysql-passwords-secret"
+  - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
+*/}}
+{{- define "common.validations.values.postgresql.passwords" -}}
+  {{- $existingSecret := include "common.postgresql.values.existingSecret" . -}}
+  {{- $enabled := include "common.postgresql.values.enabled" . -}}
+  {{- $valueKeyPostgresqlPassword := include "common.postgresql.values.key.postgressPassword" . -}}
+  {{- $enabledReplication := include "common.postgresql.values.enabled.replication" . -}}
+  {{- $valueKeyPostgresqlReplicationEnabled := include "common.postgresql.values.key.replicationPassword" . -}}
+
+  {{- if and (not $existingSecret) $enabled -}}
+    {{- $requiredPasswords := list -}}
+
+    {{- $requiredPostgresqlPassword := dict "valueKey" $valueKeyPostgresqlPassword "secret" .secret "field" "postgresql-password" -}}
+    {{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlPassword -}}
+
+    {{- if $enabledReplication -}}
+        {{- $requiredPostgresqlReplicationPassword := dict "valueKey" $valueKeyPostgresqlReplicationEnabled "secret" .secret "field" "postgresql-replication-password" -}}
+        {{- $requiredPasswords = append $requiredPasswords $requiredPostgresqlReplicationPassword -}}
+    {{- end -}}
+
+    {{- include "common.validations.values.multiple.empty" (dict "required" $requiredPasswords "context" .context) -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Auxiliar function to decide whether evaluate global values.
+
+Usage:
+{{ include "common.postgresql.values.use.global" (dict "key" "key-of-global" "context" $) }}
+Params:
+  - key - String - Required. Field to be evaluated within global, e.g: "existingSecret"
+*/}}
+{{- define "common.postgresql.values.use.global" -}}
+  {{- if .context.Values.global -}}
+    {{- if .context.Values.global.postgresql -}}
+      {{- index .context.Values.global.postgresql .key | quote -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Auxiliar function to get the right value for existingSecret.
+
+Usage:
+{{ include "common.postgresql.values.existingSecret" (dict "context" $) }}
+*/}}
+{{- define "common.postgresql.values.existingSecret" -}}
+  {{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "existingSecret" "context" .context) -}}
+
+  {{- if .subchart -}}
+    {{- default (.context.Values.postgresql.existingSecret | quote) $globalValue -}}
+  {{- else -}}
+    {{- default (.context.Values.existingSecret | quote) $globalValue -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Auxiliar function to get the right value for enabled postgresql.
+
+Usage:
+{{ include "common.postgresql.values.enabled" (dict "context" $) }}
+*/}}
+{{- define "common.postgresql.values.enabled" -}}
+  {{- if .subchart -}}
+    {{- .context.Values.postgresql.enabled | quote -}}
+  {{- else -}}
+    true
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Auxiliar function to get the right value for the key postgressPassword.
+
+Usage:
+{{ include "common.postgresql.values.key.postgressPassword" (dict "subchart" "true" "context" $) }}
+Params:
+  - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
+*/}}
+{{- define "common.postgresql.values.key.postgressPassword" -}}
+  {{- $globalValue := include "common.postgresql.values.use.global" (dict "key" "postgresqlUsername" "context" .context) -}}
+
+  {{- if not $globalValue -}}
+    {{- if .subchart -}}
+      postgresql.postgresqlPassword
+    {{- else -}}
+      postgresqlPassword
+    {{- end -}}
+  {{- else -}}
+    global.postgresql.postgresqlPassword
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Auxiliar function to get the right value for enabled.replication.
+
+Usage:
+{{ include "common.postgresql.values.enabled.replication" (dict "subchart" "true" "context" $) }}
+Params:
+  - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
+*/}}
+{{- define "common.postgresql.values.enabled.replication" -}}
+  {{- if .subchart -}}
+    {{- .context.Values.postgresql.replication.enabled | quote -}}
+  {{- else -}}
+    {{- .context.Values.replication.enabled | quote -}}
+  {{- end -}}
+{{- end -}}
+
+{{/*
+Auxiliar function to get the right value for the key replication.password.
+
+Usage:
+{{ include "common.postgresql.values.key.replicationPassword" (dict "subchart" "true" "context" $) }}
+Params:
+  - subchart - Boolean - Optional. Whether postgresql is used as subchart or not. Default: false
+*/}}
+{{- define "common.postgresql.values.key.replicationPassword" -}}
+  {{- if .subchart -}}
+    postgresql.replication.password
+  {{- else -}}
+    replication.password
+  {{- end -}}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/templates/_warnings.tpl b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_warnings.tpl
new file mode 100755
index 000000000..ae10fa41e
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/templates/_warnings.tpl
@@ -0,0 +1,14 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Warning about using rolling tag.
+Usage:
+{{ include "common.warnings.rollingTag" .Values.path.to.the.imageRoot }}
+*/}}
+{{- define "common.warnings.rollingTag" -}}
+
+{{- if and (contains "bitnami/" .repository) (not (.tag | toString | regexFind "-r\\d+$|sha256:")) }}
+WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
++info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
+{{- end }}
+
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/charts/common/values.yaml b/charts/artifactory-ha/charts/postgresql/charts/common/values.yaml
new file mode 100755
index 000000000..9ecdc93f5
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/charts/common/values.yaml
@@ -0,0 +1,3 @@
+## bitnami/common
+## It is required by CI/CD tools and processes.
+exampleValue: common-chart
diff --git a/charts/artifactory-ha/charts/postgresql/ci/commonAnnotations.yaml b/charts/artifactory-ha/charts/postgresql/ci/commonAnnotations.yaml
new file mode 100755
index 000000000..f6977823c
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/ci/commonAnnotations.yaml
@@ -0,0 +1,3 @@
+commonAnnotations:
+  helm.sh/hook: 'pre-install, pre-upgrade'
+  helm.sh/hook-weight: '-1'
diff --git a/charts/artifactory-ha/charts/postgresql/requirements.lock b/charts/artifactory-ha/charts/postgresql/requirements.lock
new file mode 100755
index 000000000..72e1642e2
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/requirements.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: common
+  repository: https://charts.bitnami.com/bitnami
+  version: 0.6.2
+digest: sha256:740783295d301fdd168fafdbaa760de27ab54b0ff36b513589a5a2515072b885
+generated: "2020-09-01T17:40:02.795096189Z"
diff --git a/charts/artifactory-ha/charts/postgresql/requirements.yaml b/charts/artifactory-ha/charts/postgresql/requirements.yaml
new file mode 100755
index 000000000..2c28bfe14
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/requirements.yaml
@@ -0,0 +1,4 @@
+dependencies:
+  - name: common
+    version: 0.x.x
+    repository: https://charts.bitnami.com/bitnami
diff --git a/charts/artifactory-ha/charts/postgresql/templates/NOTES.txt b/charts/artifactory-ha/charts/postgresql/templates/NOTES.txt
index 3b5e6c60d..596e969ce 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/NOTES.txt
+++ b/charts/artifactory-ha/charts/postgresql/templates/NOTES.txt
@@ -7,7 +7,7 @@ PostgreSQL can be accessed via port {{ template "postgresql.port" . }} on the fo
     {{ template "postgresql.fullname" . }}-read.{{ .Release.Namespace }}.svc.cluster.local - Read only connection
 {{- end }}
 
-{{- if and .Values.postgresqlPostgresPassword (not (eq .Values.postgresqlUsername "postgres")) }}
+{{- if and (not (eq .Values.postgresqlUsername "postgres")) (or .Values.postgresqlPostgresPassword (include "postgresql.useExistingSecret" .)) }}
 
 To get the password for "postgres" run:
 
@@ -52,9 +52,8 @@ To connect to your database from outside the cluster execute the following comma
 
 {{- include "postgresql.validateValues" . -}}
 
-{{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }}
+{{- include "common.warnings.rollingTag" .Values.image -}}
 
-WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
-+info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
+{{- $passwordValidationErrors := include "common.validations.values.postgresql.passwords" (dict "secret" (include "postgresql.fullname" .) "context" $) -}}
 
-{{- end }}
+{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $passwordValidationErrors) "context" $) -}}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/_helpers.tpl b/charts/artifactory-ha/charts/postgresql/templates/_helpers.tpl
index 708434856..68cd0dc0e 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/_helpers.tpl
+++ b/charts/artifactory-ha/charts/postgresql/templates/_helpers.tpl
@@ -220,13 +220,20 @@ Get the password secret.
 {{- end -}}
 {{- end -}}
 
+{{/*
+Return true if we should use an existingSecret.
+*/}}
+{{- define "postgresql.useExistingSecret" -}}
+{{- if or .Values.global.postgresql.existingSecret .Values.existingSecret -}}
+    {{- true -}}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Return true if a secret object should be created
 */}}
 {{- define "postgresql.createSecret" -}}
-{{- if .Values.global.postgresql.existingSecret }}
-{{- else if .Values.existingSecret -}}
-{{- else -}}
+{{- if not (include "postgresql.useExistingSecret" .) -}}
     {{- true -}}
 {{- end -}}
 {{- end -}}
@@ -253,6 +260,15 @@ Get the extended configuration ConfigMap name.
 {{- end -}}
 {{- end -}}
 
+{{/*
+Return true if a configmap should be mounted with PostgreSQL configuration
+*/}}
+{{- define "postgresql.mountConfigurationCM" -}}
+{{- if or (.Files.Glob "files/postgresql.conf") (.Files.Glob "files/pg_hba.conf") .Values.postgresqlConfiguration .Values.pgHbaConfiguration .Values.configurationConfigMap }}
+    {{- true -}}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Get the initialization scripts ConfigMap name.
 */}}
@@ -325,9 +341,9 @@ Get the readiness probe command
 {{- define "postgresql.readinessProbeCommand" -}}
 - |
 {{- if (include "postgresql.database" .) }}
-  exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+  exec pg_isready -U {{ include "postgresql.username" . | quote }} -d "dbname={{ include "postgresql.database" . }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} sslcert={{ include "postgresql.tlsCert" . }} sslkey={{ include "postgresql.tlsCertKey" . }}{{- end }}" -h 127.0.0.1 -p {{ template "postgresql.port" . }}
 {{- else }}
-  exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+  exec pg_isready -U {{ include "postgresql.username" . | quote }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} -d "sslcert={{ include "postgresql.tlsCert" . }} sslkey={{ include "postgresql.tlsCertKey" . }}"{{- end }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
 {{- end }}
 {{- if contains "bitnami/" .Values.image.repository }}
   [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ]
@@ -399,6 +415,8 @@ Compile all warnings into a single message, and call fail.
 {{- define "postgresql.validateValues" -}}
 {{- $messages := list -}}
 {{- $messages := append $messages (include "postgresql.validateValues.ldapConfigurationMethod" .) -}}
+{{- $messages := append $messages (include "postgresql.validateValues.psp" .) -}}
+{{- $messages := append $messages (include "postgresql.validateValues.tls" .) -}}
 {{- $messages := without $messages "" -}}
 {{- $message := join "\n" $messages -}}
 
@@ -418,3 +436,66 @@ postgresql: ldap.url, ldap.server
     More info at https://www.postgresql.org/docs/current/auth-ldap.html
 {{- end -}}
 {{- end -}}
+
+{{/*
+Validate values of Postgresql - If PSP is enabled RBAC should be enabled too
+*/}}
+{{- define "postgresql.validateValues.psp" -}}
+{{- if and .Values.psp.create (not .Values.rbac.create) }}
+postgresql: psp.create, rbac.create
+    RBAC should be enabled if PSP is enabled in order for PSP to work.
+    More info at https://kubernetes.io/docs/concepts/policy/pod-security-policy/#authorizing-policies
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the appropriate apiVersion for podsecuritypolicy.
+*/}}
+{{- define "podsecuritypolicy.apiVersion" -}}
+{{- if semverCompare "<1.10-0" .Capabilities.KubeVersion.GitVersion -}}
+{{- print "extensions/v1beta1" -}}
+{{- else -}}
+{{- print "policy/v1beta1" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Validate values of Postgresql TLS - When TLS is enabled, so must be VolumePermissions
+*/}}
+{{- define "postgresql.validateValues.tls" -}}
+{{- if and .Values.tls.enabled (not .Values.volumePermissions.enabled) }}
+postgresql: tls.enabled, volumePermissions.enabled
+    When TLS is enabled you must enable volumePermissions as well to ensure certificates files have
+    the right permissions.
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the path to the cert file.
+*/}}
+{{- define "postgresql.tlsCert" -}}
+{{- required "Certificate filename is required when TLS in enabled" .Values.tls.certFilename | printf "/opt/bitnami/postgresql/certs/%s" -}}
+{{- end -}}
+
+{{/*
+Return the path to the cert key file.
+*/}}
+{{- define "postgresql.tlsCertKey" -}}
+{{- required "Certificate Key filename is required when TLS in enabled" .Values.tls.certKeyFilename | printf "/opt/bitnami/postgresql/certs/%s" -}}
+{{- end -}}
+
+{{/*
+Return the path to the CA cert file.
+*/}}
+{{- define "postgresql.tlsCACert" -}}
+{{- printf "/opt/bitnami/postgresql/certs/%s" .Values.tls.certCAFilename -}}
+{{- end -}}
+
+{{/*
+Return the path to the CRL file.
+*/}}
+{{- define "postgresql.tlsCRL" -}}
+{{- if .Values.tls.crlFilename -}}
+{{- printf "/opt/bitnami/postgresql/certs/%s" .Values.tls.crlFilename -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/configmap.yaml b/charts/artifactory-ha/charts/postgresql/templates/configmap.yaml
index d2178c077..b29ef6040 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/configmap.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/configmap.yaml
@@ -4,10 +4,10 @@ kind: ConfigMap
 metadata:
   name: {{ template "postgresql.fullname" . }}-configuration
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
 data:
 {{- if (.Files.Glob "files/postgresql.conf") }}
 {{ (.Files.Glob "files/postgresql.conf").AsConfig | indent 2 }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/extended-config-configmap.yaml b/charts/artifactory-ha/charts/postgresql/templates/extended-config-configmap.yaml
index 8a4119578..f21a97654 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/extended-config-configmap.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/extended-config-configmap.yaml
@@ -4,10 +4,10 @@ kind: ConfigMap
 metadata:
   name: {{ template "postgresql.fullname" . }}-extended-configuration
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
 data:
 {{- with .Files.Glob "files/conf.d/*.conf" }}
 {{ .AsConfig | indent 2 }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/initialization-configmap.yaml b/charts/artifactory-ha/charts/postgresql/templates/initialization-configmap.yaml
index 8eb5e0588..6637867a3 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/initialization-configmap.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/initialization-configmap.yaml
@@ -4,10 +4,10 @@ kind: ConfigMap
 metadata:
   name: {{ template "postgresql.fullname" . }}-init-scripts
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
 {{- with .Files.Glob "files/docker-entrypoint-initdb.d/*.sql.gz" }}
 binaryData:
 {{- range $path, $bytes := . }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/metrics-configmap.yaml b/charts/artifactory-ha/charts/postgresql/templates/metrics-configmap.yaml
index 524aa2f6a..6b7a3171e 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/metrics-configmap.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/metrics-configmap.yaml
@@ -4,10 +4,10 @@ kind: ConfigMap
 metadata:
   name: {{ template "postgresql.metricsCM" . }}
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
 data:
   custom-metrics.yaml: {{ toYaml .Values.metrics.customMetrics | quote }}
 {{- end }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/metrics-svc.yaml b/charts/artifactory-ha/charts/postgresql/templates/metrics-svc.yaml
index c610f09af..b993c9971 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/metrics-svc.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/metrics-svc.yaml
@@ -4,12 +4,12 @@ kind: Service
 metadata:
   name: {{ template "postgresql.fullname" . }}-metrics
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
   annotations:
-{{ toYaml .Values.metrics.service.annotations | indent 4 }}
+  {{- if .Values.commonAnnotations }}
+    {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+    {{- toYaml .Values.metrics.service.annotations | nindent 4 }}
 spec:
   type: {{ .Values.metrics.service.type }}
   {{- if and (eq .Values.metrics.service.type "LoadBalancer") .Values.metrics.service.loadBalancerIP }}
@@ -20,7 +20,6 @@ spec:
       port: 9187
       targetPort: http-metrics
   selector:
-    app: {{ template "postgresql.name" . }}
-    release: {{ .Release.Name }}
+  {{- include "common.labels.matchLabels" . | nindent 4 }}
     role: master
 {{- end }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/networkpolicy.yaml b/charts/artifactory-ha/charts/postgresql/templates/networkpolicy.yaml
index ea1fc9b3a..2a7b372fe 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/networkpolicy.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/networkpolicy.yaml
@@ -4,15 +4,14 @@ apiVersion: {{ template "postgresql.networkPolicy.apiVersion" . }}
 metadata:
   name: {{ template "postgresql.fullname" . }}
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
 spec:
   podSelector:
     matchLabels:
-      app: {{ template "postgresql.name" . }}
-      release: {{ .Release.Name | quote }}
+    {{- include "common.labels.matchLabels" . | nindent 6 }}
   ingress:
     # Allow inbound connections
     - ports:
@@ -28,8 +27,7 @@ spec:
           {{- end }}
         - podSelector:
             matchLabels:
-              app: {{ template "postgresql.name" . }}
-              release: {{ .Release.Name | quote }}
+            {{- include "common.labels.matchLabels" . | nindent 14 }}
               role: slave
       {{- end }}
     # Allow prometheus scrapes
diff --git a/charts/artifactory-ha/charts/postgresql/templates/podsecuritypolicy.yaml b/charts/artifactory-ha/charts/postgresql/templates/podsecuritypolicy.yaml
new file mode 100755
index 000000000..da0b3ab11
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/templates/podsecuritypolicy.yaml
@@ -0,0 +1,37 @@
+{{- if .Values.psp.create }}
+apiVersion: {{ include "podsecuritypolicy.apiVersion" . }}
+kind: PodSecurityPolicy
+metadata:
+  name: {{ template "postgresql.fullname" . }}
+  labels:
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+spec:
+  privileged: false
+  volumes:
+    - 'configMap'
+    - 'secret'
+    - 'persistentVolumeClaim'
+    - 'emptyDir'
+    - 'projected'
+  hostNetwork: false
+  hostIPC: false
+  hostPID: false
+  runAsUser:
+    rule: 'MustRunAsNonRoot'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  fsGroup:
+    rule: 'MustRunAs'
+    ranges:
+      - min: 1
+        max: 65535
+  readOnlyRootFilesystem: false
+{{- end }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/prometheusrule.yaml b/charts/artifactory-ha/charts/postgresql/templates/prometheusrule.yaml
index 44f1242dd..b0c41b1a4 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/prometheusrule.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/prometheusrule.yaml
@@ -7,13 +7,13 @@ metadata:
   namespace: {{ . }}
 {{- end }}
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
-{{- with .Values.metrics.prometheusRule.additionalLabels }}
-{{ toYaml . | indent 4 }}
-{{- end }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- with .Values.metrics.prometheusRule.additionalLabels }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
 spec:
 {{- with .Values.metrics.prometheusRule.rules }}
   groups:
diff --git a/charts/artifactory-ha/charts/postgresql/templates/role.yaml b/charts/artifactory-ha/charts/postgresql/templates/role.yaml
new file mode 100755
index 000000000..6d3cf50a4
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/templates/role.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.rbac.create }}
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "postgresql.fullname" . }}
+  labels:
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+rules:
+  {{- if .Values.psp.create }}
+  - apiGroups: ["extensions"]
+    resources: ["podsecuritypolicies"]
+    verbs: ["use"]
+    resourceNames:
+      - {{ template "postgresql.fullname" . }}
+  {{- end }}
+{{- end }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/rolebinding.yaml b/charts/artifactory-ha/charts/postgresql/templates/rolebinding.yaml
new file mode 100755
index 000000000..f7837388d
--- /dev/null
+++ b/charts/artifactory-ha/charts/postgresql/templates/rolebinding.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.rbac.create }}
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ template "postgresql.fullname" . }}
+  labels:
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+roleRef:
+  kind: Role
+  name: {{ template "postgresql.fullname" . }}
+  apiGroup: rbac.authorization.k8s.io
+subjects:
+  - kind: ServiceAccount
+    name: {{ default (include "postgresql.fullname" . ) .Values.serviceAccount.name }}
+    namespace: {{ .Release.Namespace }}
+{{- end }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/secrets.yaml b/charts/artifactory-ha/charts/postgresql/templates/secrets.yaml
index 094d18b49..c93dbe0bd 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/secrets.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/secrets.yaml
@@ -4,10 +4,10 @@ kind: Secret
 metadata:
   name: {{ template "postgresql.fullname" . }}
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
 type: Opaque
 data:
   {{- if and .Values.postgresqlPostgresPassword (not (eq .Values.postgresqlUsername "postgres")) }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/serviceaccount.yaml b/charts/artifactory-ha/charts/postgresql/templates/serviceaccount.yaml
index 27e5b516e..17f7ff399 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/serviceaccount.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/serviceaccount.yaml
@@ -3,9 +3,9 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
   name: {{ template "postgresql.fullname" . }}
-{{- end }}
\ No newline at end of file
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/servicemonitor.yaml b/charts/artifactory-ha/charts/postgresql/templates/servicemonitor.yaml
index f3a529a96..d57b7fb48 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/servicemonitor.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/servicemonitor.yaml
@@ -7,13 +7,14 @@ metadata:
   namespace: {{ .Values.metrics.serviceMonitor.namespace }}
   {{- end }}
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
     {{- if .Values.metrics.serviceMonitor.additionalLabels }}
-{{ toYaml .Values.metrics.serviceMonitor.additionalLabels | indent 4 }}
+    {{- toYaml .Values.metrics.serviceMonitor.additionalLabels | nindent 4 }}
     {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+
 spec:
   endpoints:
     - port: http-metrics
@@ -28,6 +29,5 @@ spec:
       - {{ .Release.Namespace }}
   selector:
     matchLabels:
-      app: {{ template "postgresql.name" . }}
-      release: {{ .Release.Name }}
+    {{- include "common.labels.matchLabels" . | nindent 6 }}
 {{- end }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/statefulset-slaves.yaml b/charts/artifactory-ha/charts/postgresql/templates/statefulset-slaves.yaml
index b6d607672..54d24099f 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/statefulset-slaves.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/statefulset-slaves.yaml
@@ -4,33 +4,29 @@ kind: StatefulSet
 metadata:
   name: "{{ template "postgresql.fullname" . }}-slave"
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
 {{- with .Values.slave.labels }}
 {{ toYaml . | indent 4 }}
 {{- end }}
-{{- with .Values.slave.annotations }}
   annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
+  {{- if .Values.commonAnnotations }}
+  {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+  {{- with .Values.slave.annotations }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
   serviceName: {{ template "postgresql.fullname" . }}-headless
   replicas: {{ .Values.replication.slaveReplicas }}
   selector:
     matchLabels:
-      app: {{ template "postgresql.name" . }}
-      release: {{ .Release.Name | quote }}
+    {{- include "common.labels.matchLabels" . | nindent 6 }}
       role: slave
   template:
     metadata:
       name: {{ template "postgresql.fullname" . }}
       labels:
-        app: {{ template "postgresql.name" . }}
-        chart: {{ template "postgresql.chart" . }}
-        release: {{ .Release.Name | quote }}
-        heritage: {{ .Release.Service | quote }}
+      {{- include "common.labels.standard" . | nindent 8 }}
         role: slave
 {{- with .Values.slave.podLabels }}
 {{ toYaml . | indent 8 }}
@@ -68,7 +64,7 @@ spec:
       {{- end }}
       {{- if or .Values.slave.extraInitContainers (and .Values.volumePermissions.enabled (or .Values.persistence.enabled (and .Values.shmVolume.enabled .Values.shmVolume.chmod.enabled))) }}
       initContainers:
-      {{- if and .Values.volumePermissions.enabled (or .Values.persistence.enabled (and .Values.shmVolume.enabled .Values.shmVolume.chmod.enabled)) }}
+      {{- if and .Values.volumePermissions.enabled (or .Values.persistence.enabled (and .Values.shmVolume.enabled .Values.shmVolume.chmod.enabled) .Values.tls.enabled) }}
         - name: init-chmod-data
           image: {{ template "postgresql.volumePermissions.image" . }}
           imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
@@ -79,10 +75,15 @@ spec:
             - /bin/sh
             - -cx
             - |
-              {{ if .Values.persistence.enabled }}
-              mkdir -p {{ .Values.persistence.mountPath }}/conf {{ .Values.persistence.mountPath }}/data
-              chmod 700 {{ .Values.persistence.mountPath }}/conf {{ .Values.persistence.mountPath }}/data
-              find {{ .Values.persistence.mountPath }} -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \
+              {{- if .Values.persistence.enabled }}
+              {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
+              chown `id -u`:`id -G | cut -d " " -f2` {{ .Values.persistence.mountPath }}
+              {{- else }}
+              chown {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} {{ .Values.persistence.mountPath }}
+              {{- end }}
+              mkdir -p {{ .Values.persistence.mountPath }}/data {{- if (include "postgresql.mountConfigurationCM" .) }} {{ .Values.persistence.mountPath }}/conf {{- end }}
+              chmod 700 {{ .Values.persistence.mountPath }}/data {{- if (include "postgresql.mountConfigurationCM" .) }} {{ .Values.persistence.mountPath }}/conf {{- end }}
+              find {{ .Values.persistence.mountPath }} -mindepth 1 -maxdepth 1 {{- if not (include "postgresql.mountConfigurationCM" .) }} -not -name "conf" {{- end }} -not -name ".snapshot" -not -name "lost+found" | \
               {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
                 xargs chown -R `id -u`:`id -G | cut -d " " -f2`
               {{- else }}
@@ -92,6 +93,15 @@ spec:
               {{- if and .Values.shmVolume.enabled .Values.shmVolume.chmod.enabled }}
               chmod -R 777 /dev/shm
               {{- end }}
+              {{- if .Values.tls.enabled }}
+              cp /tmp/certs/* /opt/bitnami/postgresql/certs/
+              {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
+              chown -R `id -u`:`id -G | cut -d " " -f2` /opt/bitnami/postgresql/certs/
+              {{- else }}
+              chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} /opt/bitnami/postgresql/certs/
+              {{- end }}
+              chmod 600 {{ template "postgresql.tlsCertKey" . }}
+              {{- end }}
           {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
           securityContext:
           {{- else }}
@@ -108,6 +118,12 @@ spec:
             - name: dshm
               mountPath: /dev/shm
             {{- end }}
+            {{- if .Values.tls.enabled }}
+            - name: raw-certificates
+              mountPath: /tmp/certs
+            - name: postgresql-certificates
+              mountPath: /opt/bitnami/postgresql/certs
+            {{- end }}
       {{- end }}
       {{- if .Values.slave.extraInitContainers }}
 {{ tpl .Values.slave.extraInitContainers . | indent 8 }}
@@ -158,7 +174,7 @@ spec:
               value: {{ template "postgresql.fullname" . }}
             - name: POSTGRES_MASTER_PORT_NUMBER
               value: {{ include "postgresql.port" . | quote }}
-            {{- if and .Values.postgresqlPostgresPassword (not (eq .Values.postgresqlUsername "postgres")) }}
+            {{- if and (not (eq .Values.postgresqlUsername "postgres")) (or .Values.postgresqlPostgresPassword (include "postgresql.useExistingSecret" .)) }}
             {{- if .Values.usePasswordFile }}
             - name: POSTGRES_POSTGRES_PASSWORD_FILE
               value: "/opt/bitnami/postgresql/secrets/postgresql-postgres-password"
@@ -180,6 +196,24 @@ spec:
                   name: {{ template "postgresql.secretName" . }}
                   key: postgresql-password
             {{- end }}
+            - name: POSTGRESQL_ENABLE_TLS
+              value: {{ ternary "yes" "no" .Values.tls.enabled | quote }}
+            {{- if .Values.tls.enabled }}
+            - name: POSTGRESQL_TLS_PREFER_SERVER_CIPHERS
+              value: {{ ternary "yes" "no" .Values.tls.preferServerCiphers | quote }}
+            - name: POSTGRESQL_TLS_CERT_FILE
+              value: {{ template "postgresql.tlsCert" . }}
+            - name: POSTGRESQL_TLS_KEY_FILE
+              value: {{ template "postgresql.tlsCertKey" . }}
+            {{- if .Values.tls.certCAFilename }}
+            - name: POSTGRESQL_TLS_CA_FILE
+              value: {{ template "postgresql.tlsCACert" . }}
+            {{- end }}
+            {{- if .Values.tls.crlFilename }}
+            - name: POSTGRESQL_TLS_CRL_FILE
+              value: {{ template "postgresql.tlsCRL" . }}
+            {{- end }}
+            {{- end }}
           ports:
             - name: tcp-postgresql
               containerPort: {{ template "postgresql.port" . }}
@@ -190,9 +224,9 @@ spec:
                 - /bin/sh
                 - -c
                 {{- if (include "postgresql.database" .) }}
-                - exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+                - exec pg_isready -U {{ include "postgresql.username" . | quote }} -d "dbname={{ include "postgresql.database" . }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} sslcert={{ include "postgresql.tlsCert" . }} sslkey={{ include "postgresql.tlsCertKey" . }}{{- end }}" -h 127.0.0.1 -p {{ template "postgresql.port" . }}
                 {{- else }}
-                - exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+                - exec pg_isready -U {{ include "postgresql.username" . | quote }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} -d "sslcert={{ include "postgresql.tlsCert" . }} sslkey={{ include "postgresql.tlsCertKey" . }}"{{- end }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
                 {{- end }}
             initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
             periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
@@ -236,6 +270,11 @@ spec:
             - name: postgresql-config
               mountPath: /bitnami/postgresql/conf
             {{- end }}
+            {{- if .Values.tls.enabled }}
+            - name: postgresql-certificates
+              mountPath: /opt/bitnami/postgresql/certs
+              readOnly: true
+            {{- end }}
             {{- if .Values.slave.extraVolumeMounts }}
             {{- toYaml .Values.slave.extraVolumeMounts | nindent 12 }}
             {{- end }}
@@ -258,13 +297,20 @@ spec:
           configMap:
             name: {{ template "postgresql.extendedConfigurationCM" . }}
         {{- end }}
+        {{- if  .Values.tls.enabled }}
+        - name: raw-certificates
+          secret:
+            secretName: {{ required "A secret containing TLS certificates is required when TLS is enabled" .Values.tls.certificatesSecret }}
+        - name: postgresql-certificates
+          emptyDir: {}
+        {{- end }}
         {{- if .Values.shmVolume.enabled }}
         - name: dshm
           emptyDir:
             medium: Memory
             sizeLimit: 1Gi
         {{- end }}
-        {{- if not .Values.persistence.enabled }}
+        {{- if or (not .Values.persistence.enabled) (not .Values.slave.persistence.enabled) }}
         - name: data
           emptyDir: {}
         {{- end }}
@@ -276,7 +322,7 @@ spec:
     {{- if (eq "Recreate" .Values.updateStrategy.type) }}
     rollingUpdate: null
     {{- end }}
-{{- if .Values.persistence.enabled }}
+{{- if and .Values.persistence.enabled .Values.slave.persistence.enabled }}
   volumeClaimTemplates:
     - metadata:
         name: data
diff --git a/charts/artifactory-ha/charts/postgresql/templates/statefulset.yaml b/charts/artifactory-ha/charts/postgresql/templates/statefulset.yaml
index 66eaa01d1..0e6eefebb 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/statefulset.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/statefulset.yaml
@@ -3,15 +3,16 @@ kind: StatefulSet
 metadata:
   name: {{ template "postgresql.master.fullname" . }}
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
   {{- with .Values.master.labels }}
   {{- toYaml . | nindent 4 }}
   {{- end }}
+  annotations:
+  {{- if .Values.commonAnnotations }}
+  {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
   {{- with .Values.master.annotations }}
-  annotations: {{ toYaml . | nindent 4 }}
+  {{- toYaml . | nindent 4 }}
   {{- end }}
 spec:
   serviceName: {{ template "postgresql.fullname" . }}-headless
@@ -23,20 +24,16 @@ spec:
     {{- end }}
   selector:
     matchLabels:
-      app: {{ template "postgresql.name" . }}
-      release: {{ .Release.Name | quote }}
+    {{- include "common.labels.matchLabels" . | nindent 6 }}
       role: master
   template:
     metadata:
       name: {{ template "postgresql.fullname" . }}
       labels:
-        app: {{ template "postgresql.name" . }}
-        chart: {{ template "postgresql.chart" . }}
-        release: {{ .Release.Name | quote }}
-        heritage: {{ .Release.Service | quote }}
+      {{- include "common.labels.standard" . | nindent 8 }}
         role: master
       {{- with .Values.master.podLabels }}
-      {{- toYaml . | indent 8 }}
+      {{- toYaml . | nindent 8 }}
       {{- end }}
       {{- with .Values.master.podAnnotations }}
       annotations: {{- toYaml . | nindent 8 }}
@@ -67,7 +64,7 @@ spec:
       {{- end }}
       {{- if or .Values.master.extraInitContainers (and .Values.volumePermissions.enabled (or .Values.persistence.enabled (and .Values.shmVolume.enabled .Values.shmVolume.chmod.enabled))) }}
       initContainers:
-      {{- if and .Values.volumePermissions.enabled (or .Values.persistence.enabled (and .Values.shmVolume.enabled .Values.shmVolume.chmod.enabled)) }}
+      {{- if and .Values.volumePermissions.enabled (or .Values.persistence.enabled (and .Values.shmVolume.enabled .Values.shmVolume.chmod.enabled) .Values.tls.enabled) }}
         - name: init-chmod-data
           image: {{ template "postgresql.volumePermissions.image" . }}
           imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
@@ -79,9 +76,14 @@ spec:
             - -cx
             - |
               {{- if .Values.persistence.enabled }}
-              mkdir -p {{ .Values.persistence.mountPath }}/conf {{ .Values.persistence.mountPath }}/data
-              chmod 700 {{ .Values.persistence.mountPath }}/conf {{ .Values.persistence.mountPath }}/data
-              find {{ .Values.persistence.mountPath }} -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | \
+              {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
+              chown `id -u`:`id -G | cut -d " " -f2` {{ .Values.persistence.mountPath }}
+              {{- else }}
+              chown {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} {{ .Values.persistence.mountPath }}
+              {{- end }}
+              mkdir -p {{ .Values.persistence.mountPath }}/data {{- if (include "postgresql.mountConfigurationCM" .) }} {{ .Values.persistence.mountPath }}/conf {{- end }}
+              chmod 700 {{ .Values.persistence.mountPath }}/data {{- if (include "postgresql.mountConfigurationCM" .) }} {{ .Values.persistence.mountPath }}/conf {{- end }}
+              find {{ .Values.persistence.mountPath }} -mindepth 1 -maxdepth 1 {{- if not (include "postgresql.mountConfigurationCM" .) }} -not -name "conf" {{- end }} -not -name ".snapshot" -not -name "lost+found" | \
               {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
                 xargs chown -R `id -u`:`id -G | cut -d " " -f2`
               {{- else }}
@@ -91,6 +93,15 @@ spec:
               {{- if and .Values.shmVolume.enabled .Values.shmVolume.chmod.enabled }}
               chmod -R 777 /dev/shm
               {{- end }}
+              {{- if .Values.tls.enabled }}
+              cp /tmp/certs/* /opt/bitnami/postgresql/certs/
+              {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
+              chown -R `id -u`:`id -G | cut -d " " -f2` /opt/bitnami/postgresql/certs/
+              {{- else }}
+              chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} /opt/bitnami/postgresql/certs/
+              {{- end }}
+              chmod 600 {{ template "postgresql.tlsCertKey" . }}
+              {{- end }}
           {{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto" }}
           securityContext:
           {{- else }}
@@ -107,9 +118,15 @@ spec:
             - name: dshm
               mountPath: /dev/shm
             {{- end }}
+            {{- if .Values.tls.enabled }}
+            - name: raw-certificates
+              mountPath: /tmp/certs
+            - name: postgresql-certificates
+              mountPath: /opt/bitnami/postgresql/certs
+            {{- end }}
       {{- end }}
       {{- if .Values.master.extraInitContainers }}
-      {{- tpl .Values.master.extraInitContainers . | nindent 8 }}
+      {{- include "postgresql.tplValue" ( dict "value" .Values.master.extraInitContainers "context" $ ) | nindent 8 }}
       {{- end }}
       {{- end }}
       {{- if .Values.master.priorityClassName }}
@@ -177,7 +194,7 @@ spec:
             - name: POSTGRES_CLUSTER_APP_NAME
               value: {{ .Values.replication.applicationName }}
             {{- end }}
-            {{- if and .Values.postgresqlPostgresPassword (not (eq .Values.postgresqlUsername "postgres")) }}
+            {{- if and (not (eq .Values.postgresqlUsername "postgres")) (or .Values.postgresqlPostgresPassword (include "postgresql.useExistingSecret" .)) }}
             {{- if .Values.usePasswordFile }}
             - name: POSTGRES_POSTGRES_PASSWORD_FILE
               value: "/opt/bitnami/postgresql/secrets/postgresql-postgres-password"
@@ -243,6 +260,24 @@ spec:
             - name: POSTGRESQL_LDAP_URL
               value: {{ .Values.ldap.url }}
             {{- end}}
+            - name: POSTGRESQL_ENABLE_TLS
+              value: {{ ternary "yes" "no" .Values.tls.enabled | quote }}
+            {{- if .Values.tls.enabled }}
+            - name: POSTGRESQL_TLS_PREFER_SERVER_CIPHERS
+              value: {{ ternary "yes" "no" .Values.tls.preferServerCiphers | quote }}
+            - name: POSTGRESQL_TLS_CERT_FILE
+              value: {{ template "postgresql.tlsCert" . }}
+            - name: POSTGRESQL_TLS_KEY_FILE
+              value: {{ template "postgresql.tlsCertKey" . }}
+            {{- if .Values.tls.certCAFilename }}
+            - name: POSTGRESQL_TLS_CA_FILE
+              value: {{ template "postgresql.tlsCACert" . }}
+            {{- end }}
+            {{- if .Values.tls.crlFilename }}
+            - name: POSTGRESQL_TLS_CRL_FILE
+              value: {{ template "postgresql.tlsCRL" . }}
+            {{- end }}
+            {{- end }}
           {{- if .Values.extraEnvVarsCM }}
           envFrom:
             - configMapRef:
@@ -258,9 +293,9 @@ spec:
                 - /bin/sh
                 - -c
                 {{- if (include "postgresql.database" .) }}
-                - exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+                - exec pg_isready -U {{ include "postgresql.username" . | quote }} -d "dbname={{ include "postgresql.database" . }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} sslcert={{ include "postgresql.tlsCert" . }} sslkey={{ include "postgresql.tlsCertKey" . }}{{- end }}" -h 127.0.0.1 -p {{ template "postgresql.port" . }}
                 {{- else }}
-                - exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
+                - exec pg_isready -U {{ include "postgresql.username" . | quote }} {{- if and .Values.tls.enabled .Values.tls.certCAFilename }} -d "sslcert={{ include "postgresql.tlsCert" . }} sslkey={{ include "postgresql.tlsCertKey" . }}"{{- end }} -h 127.0.0.1 -p {{ template "postgresql.port" . }}
                 {{- end }}
             initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
             periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
@@ -299,6 +334,11 @@ spec:
             - name: postgresql-password
               mountPath: /opt/bitnami/postgresql/secrets/
             {{- end }}
+            {{- if .Values.tls.enabled }}
+            - name: postgresql-certificates
+              mountPath: /opt/bitnami/postgresql/certs
+              readOnly: true
+            {{- end }}
             {{- if .Values.shmVolume.enabled }}
             - name: dshm
               mountPath: /dev/shm
@@ -328,8 +368,14 @@ spec:
         {{- end }}
           env:
             {{- $database := required "In order to enable metrics you need to specify a database (.Values.postgresqlDatabase or .Values.global.postgresql.postgresqlDatabase)" (include "postgresql.database" .) }}
+            {{- $sslmode := ternary "require" "disable" .Values.tls.enabled }}
+            {{- if and .Values.tls.enabled .Values.tls.certCAFilename }}
+            - name: DATA_SOURCE_NAME
+              value: {{ printf "host=127.0.0.1 port=%d user=%s sslmode=%s sslcert=%s sslkey=%s" (int (include "postgresql.port" .)) (include "postgresql.username" .) $sslmode (include "postgresql.tlsCert" .) (include "postgresql.tlsCertKey" .) }}
+            {{- else }}
             - name: DATA_SOURCE_URI
-              value: {{ printf "127.0.0.1:%d/%s?sslmode=disable" (int (include "postgresql.port" .)) $database | quote }}
+              value: {{ printf "127.0.0.1:%d/%s?sslmode=%s" (int (include "postgresql.port" .)) $database $sslmode }}
+            {{- end }}
             {{- if .Values.usePasswordFile }}
             - name: DATA_SOURCE_PASS_FILE
               value: "/opt/bitnami/postgresql/secrets/postgresql-password"
@@ -342,6 +388,9 @@ spec:
             {{- end }}
             - name: DATA_SOURCE_USER
               value: {{ template "postgresql.username" . }}
+            {{- if .Values.metrics.extraEnvVars }}
+            {{- include "postgresql.tplValue" (dict "value" .Values.metrics.extraEnvVars "context" $) | nindent 12 }}
+            {{- end }}
           {{- if .Values.livenessProbe.enabled }}
           livenessProbe:
             httpGet:
@@ -369,6 +418,11 @@ spec:
             - name: postgresql-password
               mountPath: /opt/bitnami/postgresql/secrets/
             {{- end }}
+            {{- if .Values.tls.enabled }}
+            - name: postgresql-certificates
+              mountPath: /opt/bitnami/postgresql/certs
+              readOnly: true
+            {{- end }}
             {{- if .Values.metrics.customMetrics }}
             - name: custom-metrics
               mountPath: /conf
@@ -408,6 +462,13 @@ spec:
           secret:
             secretName: {{ template "postgresql.initdbScriptsSecret" . }}
         {{- end }}
+        {{- if  .Values.tls.enabled }}
+        - name: raw-certificates
+          secret:
+            secretName: {{ required "A secret containing TLS certificates is required when TLS is enabled" .Values.tls.certificatesSecret }}
+        - name: postgresql-certificates
+          emptyDir: {}
+        {{- end }}
         {{- if .Values.master.extraVolumes }}
         {{- toYaml .Values.master.extraVolumes | nindent 8 }}
         {{- end }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/svc-headless.yaml b/charts/artifactory-ha/charts/postgresql/templates/svc-headless.yaml
index 5c71f468d..49131578a 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/svc-headless.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/svc-headless.yaml
@@ -3,10 +3,10 @@ kind: Service
 metadata:
   name: {{ template "postgresql.fullname" . }}-headless
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  {{- if .Values.commonAnnotations }}
+  annotations: {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
 spec:
   type: ClusterIP
   clusterIP: None
@@ -15,5 +15,4 @@ spec:
       port: {{ template "postgresql.port" . }}
       targetPort: tcp-postgresql
   selector:
-    app: {{ template "postgresql.name" . }}
-    release: {{ .Release.Name | quote }}
+  {{- include "common.labels.matchLabels" . | nindent 4 }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/svc-read.yaml b/charts/artifactory-ha/charts/postgresql/templates/svc-read.yaml
index 92bdda80e..885c7bb04 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/svc-read.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/svc-read.yaml
@@ -10,12 +10,13 @@ kind: Service
 metadata:
   name: {{ template "postgresql.fullname" . }}-read
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  annotations:
+  {{- if .Values.commonAnnotations }}
+  {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
   {{- if $serviceAnnotations }}
-  annotations: {{- include "postgresql.tplValue" (dict "value" $serviceAnnotations "context" $) | nindent 4 }}
+  {{- include "postgresql.tplValue" (dict "value" $serviceAnnotations "context" $) | nindent 4 }}
   {{- end }}
 spec:
   type: {{ $serviceType }}
@@ -36,7 +37,6 @@ spec:
       nodePort: {{ $serviceNodePort }}
       {{- end }}
   selector:
-    app: {{ template "postgresql.name" . }}
-    release: {{ .Release.Name | quote }}
+  {{- include "common.labels.matchLabels" . | nindent 4 }}
     role: slave
 {{- end }}
diff --git a/charts/artifactory-ha/charts/postgresql/templates/svc.yaml b/charts/artifactory-ha/charts/postgresql/templates/svc.yaml
index 299e8d0b7..e9fc50456 100755
--- a/charts/artifactory-ha/charts/postgresql/templates/svc.yaml
+++ b/charts/artifactory-ha/charts/postgresql/templates/svc.yaml
@@ -9,12 +9,13 @@ kind: Service
 metadata:
   name: {{ template "postgresql.fullname" . }}
   labels:
-    app: {{ template "postgresql.name" . }}
-    chart: {{ template "postgresql.chart" . }}
-    release: {{ .Release.Name | quote }}
-    heritage: {{ .Release.Service | quote }}
+  {{- include "common.labels.standard" . | nindent 4 }}
+  annotations:
+  {{- if .Values.commonAnnotations }}
+  {{- include "postgresql.tplValue" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
   {{- if $serviceAnnotations }}
-  annotations: {{- include "postgresql.tplValue" (dict "value" $serviceAnnotations "context" $) | nindent 4 }}
+  {{- include "postgresql.tplValue" (dict "value" $serviceAnnotations "context" $) | nindent 4 }}
   {{- end }}
 spec:
   type: {{ $serviceType }}
@@ -35,6 +36,5 @@ spec:
       nodePort: {{ $serviceNodePort }}
       {{- end }}
   selector:
-    app: {{ template "postgresql.name" . }}
-    release: {{ .Release.Name | quote }}
+  {{- include "common.labels.matchLabels" . | nindent 4 }}
     role: master
diff --git a/charts/artifactory-ha/charts/postgresql/values-production.yaml b/charts/artifactory-ha/charts/postgresql/values-production.yaml
index d34e326ee..c08014549 100755
--- a/charts/artifactory-ha/charts/postgresql/values-production.yaml
+++ b/charts/artifactory-ha/charts/postgresql/values-production.yaml
@@ -15,7 +15,7 @@ global:
 image:
   registry: docker.io
   repository: bitnami/postgresql
-  tag: 11.7.0-debian-10-r65
+  tag: 11.9.0-debian-10-r1
   ## Specify a imagePullPolicy
   ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
   ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@@ -94,6 +94,16 @@ serviceAccount:
   ## Name of an already existing service account. Setting this value disables the automatic service account creation.
   # name:
 
+## Pod Security Policy
+## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
+psp:
+  create: false
+
+## Creates role for ServiceAccount
+## Required for PSP
+rbac:
+  create: false
+
 replication:
   enabled: true
   user: repl_user
@@ -101,7 +111,7 @@ replication:
   slaveReplicas: 2
   ## Set synchronous commit mode: on, off, remote_apply, remote_write and local
   ## ref: https://www.postgresql.org/docs/9.6/runtime-config-wal.html#GUC-WAL-LEVEL
-  synchronousCommit: "on"
+  synchronousCommit: 'on'
   ## From the number of `slaveReplicas` defined above, set the number of those that will have synchronous replication
   ## NOTE: It cannot be > slaveReplicas
   numSynchronousReplicas: 1
@@ -221,17 +231,17 @@ extraEnv: []
 ##
 ldap:
   enabled: false
-  url: ""
-  server: ""
-  port: ""
-  prefix: ""
-  suffix: ""
-  baseDN: ""
-  bindDN: ""
+  url: ''
+  server: ''
+  port: ''
+  prefix: ''
+  suffix: ''
+  baseDN: ''
+  bindDN: ''
   bind_password:
-  search_attr: ""
-  search_filter: ""
-  scheme: ""
+  search_attr: ''
+  search_filter: ''
+  scheme: ''
   tls: false
 
 ## PostgreSQL service configuration
@@ -253,7 +263,6 @@ service:
   ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
   ##
   # loadBalancerIP:
-
   ## Load Balancer sources. Evaluated as a template.
   ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
   ##
@@ -301,7 +310,7 @@ persistence:
   ## The subdirectory of the volume to mount to, useful in dev environments
   ## and one PV for multiple services.
   ##
-  subPath: ""
+  subPath: ''
 
   # storageClass: "-"
   accessModes:
@@ -330,7 +339,7 @@ master:
   annotations: {}
   podLabels: {}
   podAnnotations: {}
-  priorityClassName: ""
+  priorityClassName: ''
   ## Additional PostgreSQL Master Volume mounts
   ##
   extraVolumeMounts: []
@@ -372,14 +381,14 @@ slave:
   annotations: {}
   podLabels: {}
   podAnnotations: {}
-  priorityClassName: ""
+  priorityClassName: ''
   ## Extra init containers
   ## Example
-  ## 
+  ##
   ## extraInitContainers:
   ##   - name: do-something
   ##     image: busybox
-  ##     command: ['do', 'something'] 
+  ##     command: ['do', 'something']
   extraInitContainers: []
   ## Additional PostgreSQL Slave Volume mounts
   ##
@@ -405,6 +414,10 @@ slave:
   # type:
   # nodePort:
   # clusterIP:
+  ## Whether to enable PostgreSQL slave replicas data Persistent
+  ##
+  persistence:
+    enabled: true
 
 ## Configure resource requests and limits
 ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
@@ -414,6 +427,10 @@ resources:
     memory: 256Mi
     cpu: 250m
 
+## Add annotations to all the deployed resources
+##
+commonAnnotations: {}
+
 networkPolicy:
   ## Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now.
   ##
@@ -457,6 +474,33 @@ readinessProbe:
   failureThreshold: 6
   successThreshold: 1
 
+##
+## TLS configuration
+##
+tls:
+  # Enable TLS traffic
+  enabled: false
+  #
+  # Whether to use the server's TLS cipher preferences rather than the client's.
+  preferServerCiphers: true
+  #
+  # Name of the Secret that contains the certificates
+  certificatesSecret: ''
+  #
+  # Certificate filename
+  certFilename: ''
+  #
+  # Certificate Key filename
+  certKeyFilename: ''
+  #
+  # CA Certificate filename
+  # If provided, PostgreSQL will authenticate TLS/SSL clients by requesting them a certificate
+  # ref: https://www.postgresql.org/docs/9.6/auth-methods.html
+  certCAFilename:
+  #
+  # File containing a Certificate Revocation List
+  crlFilename:
+
 ## Configure metrics exporter
 ##
 metrics:
@@ -465,8 +509,8 @@ metrics:
   service:
     type: ClusterIP
     annotations:
-      prometheus.io/scrape: "true"
-      prometheus.io/port: "9187"
+      prometheus.io/scrape: 'true'
+      prometheus.io/port: '9187'
     loadBalancerIP:
   serviceMonitor:
     enabled: false
@@ -480,7 +524,7 @@ metrics:
   prometheusRule:
     enabled: false
     additionalLabels: {}
-    namespace: ""
+    namespace: ''
     ## These are just examples rules, please adapt them to your needs.
     ## Make sure to constraint the rules to the current postgresql service.
     ## rules:
@@ -497,7 +541,7 @@ metrics:
   image:
     registry: docker.io
     repository: bitnami/postgres-exporter
-    tag: 0.8.0-debian-10-r72
+    tag: 0.8.0-debian-10-r188
     pullPolicy: IfNotPresent
     ## Optionally specify an array of imagePullSecrets.
     ## Secrets must be manually created in the namespace.
@@ -517,6 +561,14 @@ metrics:
   #       - size_bytes:
   #           usage: "GAUGE"
   #           description: "Size of the database in bytes"
+  ## An array to add extra env vars to configure postgres-exporter
+  ## see: https://github.com/wrouesnel/postgres_exporter#environment-variables
+  ## For example:
+  #  extraEnvVars:
+  #  - name: PG_EXPORTER_DISABLE_DEFAULT_METRICS
+  #    value: "true"
+  extraEnvVars: {}
+
   ## Pod Security Context
   ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
   ##
diff --git a/charts/artifactory-ha/charts/postgresql/values.schema.json b/charts/artifactory-ha/charts/postgresql/values.schema.json
index ac2de6e94..7b5e2efc3 100755
--- a/charts/artifactory-ha/charts/postgresql/values.schema.json
+++ b/charts/artifactory-ha/charts/postgresql/values.schema.json
@@ -72,8 +72,8 @@
           "title": "Slave Replicas",
           "form": true,
           "hidden": {
-            "condition": false,
-            "value": "replication.enabled"
+            "value": false,
+            "path": "replication/enabled"
           }
         }
       }
diff --git a/charts/artifactory-ha/charts/postgresql/values.yaml b/charts/artifactory-ha/charts/postgresql/values.yaml
index e14709a5e..f45c4183d 100755
--- a/charts/artifactory-ha/charts/postgresql/values.yaml
+++ b/charts/artifactory-ha/charts/postgresql/values.yaml
@@ -15,7 +15,7 @@ global:
 image:
   registry: docker.io
   repository: bitnami/postgresql
-  tag: 11.7.0-debian-10-r65
+  tag: 11.9.0-debian-10-r1
   ## Specify a imagePullPolicy
   ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
   ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@@ -79,7 +79,6 @@ volumePermissions:
 ##
 # schedulerName:
 
-
 ## Pod Security Context
 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
 ##
@@ -95,6 +94,16 @@ serviceAccount:
   ## Name of an already existing service account. Setting this value disables the automatic service account creation.
   # name:
 
+## Pod Security Policy
+## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
+psp:
+  create: false
+
+## Creates role for ServiceAccount
+## Required for PSP
+rbac:
+  create: false
+
 replication:
   enabled: false
   user: repl_user
@@ -102,7 +111,7 @@ replication:
   slaveReplicas: 1
   ## Set synchronous commit mode: on, off, remote_apply, remote_write and local
   ## ref: https://www.postgresql.org/docs/9.6/runtime-config-wal.html#GUC-WAL-LEVEL
-  synchronousCommit: "off"
+  synchronousCommit: 'off'
   ## From the number of `slaveReplicas` defined above, set the number of those that will have synchronous replication
   ## NOTE: It cannot be > slaveReplicas
   numSynchronousReplicas: 0
@@ -222,17 +231,17 @@ extraEnv: []
 ##
 ldap:
   enabled: false
-  url: ""
-  server: ""
-  port: ""
-  prefix: ""
-  suffix: ""
-  baseDN: ""
-  bindDN: ""
+  url: ''
+  server: ''
+  port: ''
+  prefix: ''
+  suffix: ''
+  baseDN: ''
+  bindDN: ''
   bind_password:
-  search_attr: ""
-  search_filter: ""
-  scheme: ""
+  search_attr: ''
+  search_filter: ''
+  scheme: ''
   tls: false
 
 ## PostgreSQL service configuration
@@ -254,7 +263,6 @@ service:
   ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
   ##
   # loadBalancerIP:
-
   ## Load Balancer sources. Evaluated as a template.
   ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
   ##
@@ -302,7 +310,7 @@ persistence:
   ## The subdirectory of the volume to mount to, useful in dev environments
   ## and one PV for multiple services.
   ##
-  subPath: ""
+  subPath: ''
 
   # storageClass: "-"
   accessModes:
@@ -331,14 +339,14 @@ master:
   annotations: {}
   podLabels: {}
   podAnnotations: {}
-  priorityClassName: ""
+  priorityClassName: ''
   ## Extra init containers
   ## Example
-  ## 
+  ##
   ## extraInitContainers:
   ##   - name: do-something
   ##     image: busybox
-  ##     command: ['do', 'something'] 
+  ##     command: ['do', 'something']
   extraInitContainers: []
 
   ## Additional PostgreSQL Master Volume mounts
@@ -382,7 +390,7 @@ slave:
   annotations: {}
   podLabels: {}
   podAnnotations: {}
-  priorityClassName: ""
+  priorityClassName: ''
   extraInitContainers: |
     # - name: do-something
     #   image: busybox
@@ -411,6 +419,10 @@ slave:
   # type:
   # nodePort:
   # clusterIP:
+  ## Whether to enable PostgreSQL slave replicas data Persistent
+  ##
+  persistence:
+    enabled: true
 
 ## Configure resource requests and limits
 ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
@@ -420,6 +432,10 @@ resources:
     memory: 256Mi
     cpu: 250m
 
+## Add annotations to all the deployed resources
+##
+commonAnnotations: {}
+
 networkPolicy:
   ## Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now.
   ##
@@ -463,6 +479,33 @@ readinessProbe:
   failureThreshold: 6
   successThreshold: 1
 
+##
+## TLS configuration
+##
+tls:
+  # Enable TLS traffic
+  enabled: false
+  #
+  # Whether to use the server's TLS cipher preferences rather than the client's.
+  preferServerCiphers: true
+  #
+  # Name of the Secret that contains the certificates
+  certificatesSecret: ''
+  #
+  # Certificate filename
+  certFilename: ''
+  #
+  # Certificate Key filename
+  certKeyFilename: ''
+  #
+  # CA Certificate filename
+  # If provided, PostgreSQL will authenticate TLS/SSL clients by requesting them a certificate
+  # ref: https://www.postgresql.org/docs/9.6/auth-methods.html
+  certCAFilename:
+  #
+  # File containing a Certificate Revocation List
+  crlFilename:
+
 ## Configure metrics exporter
 ##
 metrics:
@@ -471,8 +514,8 @@ metrics:
   service:
     type: ClusterIP
     annotations:
-      prometheus.io/scrape: "true"
-      prometheus.io/port: "9187"
+      prometheus.io/scrape: 'true'
+      prometheus.io/port: '9187'
     loadBalancerIP:
   serviceMonitor:
     enabled: false
@@ -486,7 +529,7 @@ metrics:
   prometheusRule:
     enabled: false
     additionalLabels: {}
-    namespace: ""
+    namespace: ''
     ## These are just examples rules, please adapt them to your needs.
     ## Make sure to constraint the rules to the current postgresql service.
     ## rules:
@@ -503,7 +546,7 @@ metrics:
   image:
     registry: docker.io
     repository: bitnami/postgres-exporter
-    tag: 0.8.0-debian-10-r72
+    tag: 0.8.0-debian-10-r188
     pullPolicy: IfNotPresent
     ## Optionally specify an array of imagePullSecrets.
     ## Secrets must be manually created in the namespace.
@@ -515,7 +558,7 @@ metrics:
   ## ref: https://github.com/wrouesnel/postgres_exporter#adding-new-metrics-via-a-config-file
   # customMetrics:
   #   pg_database:
-  #     query: "SELECT d.datname AS name, CASE WHEN pg_catalog.has_database_privilege(d.datname, 'CONNECT') THEN pg_catalog.pg_database_size(d.datname) ELSE 0 END AS size FROM pg_catalog.pg_database d where datname not in ('template0', 'template1', 'postgres')"
+  #     query: "SELECT d.datname AS name, CASE WHEN pg_catalog.has_database_privilege(d.datname, 'CONNECT') THEN pg_catalog.pg_database_size(d.datname) ELSE 0 END AS size_bytes FROM pg_catalog.pg_database d where datname not in ('template0', 'template1', 'postgres')"
   #     metrics:
   #       - name:
   #           usage: "LABEL"
@@ -523,6 +566,15 @@ metrics:
   #       - size_bytes:
   #           usage: "GAUGE"
   #           description: "Size of the database in bytes"
+  #
+  ## An array to add extra env vars to configure postgres-exporter
+  ## see: https://github.com/wrouesnel/postgres_exporter#environment-variables
+  ## For example:
+  #  extraEnvVars:
+  #  - name: PG_EXPORTER_DISABLE_DEFAULT_METRICS
+  #    value: "true"
+  extraEnvVars: {}
+
   ## Pod Security Context
   ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
   ##
diff --git a/charts/artifactory-ha/ci/access-tls-values.yaml b/charts/artifactory-ha/ci/access-tls-values.yaml
index 2ba5a7af1..e11939170 100644
--- a/charts/artifactory-ha/ci/access-tls-values.yaml
+++ b/charts/artifactory-ha/ci/access-tls-values.yaml
@@ -1,7 +1,11 @@
 databaseUpgradeReady: true
 artifactory:
   masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
-
+# To Fix ct tool --reuse-values - PASSWORDS ERROR: you must provide your current passwords when upgrade the release
+postgresql:
+  image:
+    tag: 12.3.0-debian-10-r71
+  postgresqlPassword: password
 access:
   accessConfig:
     security:
diff --git a/charts/artifactory-ha/ci/default-values.yaml b/charts/artifactory-ha/ci/default-values.yaml
index 01310a3b7..1ebf93823 100644
--- a/charts/artifactory-ha/ci/default-values.yaml
+++ b/charts/artifactory-ha/ci/default-values.yaml
@@ -4,3 +4,6 @@ databaseUpgradeReady: true
 ## Please refer https://github.com/jfrog/charts/blob/master/stable/artifactory-ha/README.md#special-upgrade-notes-1
 artifactory:
   masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
+# To Fix ct tool --reuse-values - PASSWORDS ERROR: you must provide your current passwords when upgrade the release
+postgresql:
+  postgresqlPassword: password
diff --git a/charts/artifactory-ha/ci/global-values.yaml b/charts/artifactory-ha/ci/global-values.yaml
new file mode 100644
index 000000000..d2ce1d675
--- /dev/null
+++ b/charts/artifactory-ha/ci/global-values.yaml
@@ -0,0 +1,47 @@
+databaseUpgradeReady: true
+# To Fix ct tool --reuse-values - PASSWORDS ERROR: you must provide your current passwords when upgrade the release
+postgresql:
+  postgresqlPassword: password
+global:
+  versions:
+    artifactory: 7.11.2
+  masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
+  joinKey: EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
+  customInitContainers: |
+   - name: "custom-setup"
+     image: "{{ .Values.initContainerImage }}"
+     imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
+     command:
+       - 'sh'
+       - '-c'
+       - 'touch {{ .Values.artifactory.persistence.mountPath }}/example-custom-setup'
+     volumeMounts:
+       - mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
+         name: volume
+  # Add custom volumes
+  customVolumes: |
+   - name: custom-script
+     emptyDir:
+       sizeLimit: 100Mi
+  # Add custom volumesMounts
+  customVolumeMounts: |
+   - name: custom-script
+     mountPath: "/scripts"
+  # Add custom sidecar containers
+  customSidecarContainers: |
+   - name: "sidecar-list-etc"
+     image: "{{ .Values.initContainerImage }}"
+     imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
+     securityContext:
+       allowPrivilegeEscalation: false
+     command: ["sh","-c","echo 'Sidecar is running' >> /scripts/sidecar.txt; cat /scripts/sidecar.txt; while true; do sleep 30; done"]
+     volumeMounts:
+       - mountPath: "/scripts"
+         name: custom-script
+     resources:
+       requests:
+         memory: "32Mi"
+         cpu: "50m"
+       limits:
+         memory: "128Mi"
+         cpu: "100m"
diff --git a/charts/artifactory-ha/ci/migration-disabled-values.yaml b/charts/artifactory-ha/ci/migration-disabled-values.yaml
index 148618353..6c1e2587f 100644
--- a/charts/artifactory-ha/ci/migration-disabled-values.yaml
+++ b/charts/artifactory-ha/ci/migration-disabled-values.yaml
@@ -1,4 +1,7 @@
 databaseUpgradeReady: true
+# To Fix ct tool --reuse-values - PASSWORDS ERROR: you must provide your current passwords when upgrade the release
+postgresql:
+  postgresqlPassword: password
 artifactory:
   masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
   migration:
diff --git a/charts/artifactory-ha/questions.yml b/charts/artifactory-ha/questions.yml
index 500ae707b..b5fbdea2b 100644
--- a/charts/artifactory-ha/questions.yml
+++ b/charts/artifactory-ha/questions.yml
@@ -419,6 +419,6 @@ questions:
 
 # Internal Settings
 - variable: installerInfo
-  default: '\{\"productId\": \"RancherHelm_artifactory-ha/7.6.3\", \"features\": \[\{\"featureId\": \"Partner/ACC-007246\"\}\]\}'
+  default: '\{\"productId\": \"RancherHelm_artifactory-ha/7.12.6\", \"features\": \[\{\"featureId\": \"Partner/ACC-007246\"\}\]\}'
   type: string
   group: "Internal Settings (Do not modify)"
diff --git a/charts/artifactory-ha/requirements.lock b/charts/artifactory-ha/requirements.lock
index 5035c3ee5..0cfb2c54a 100644
--- a/charts/artifactory-ha/requirements.lock
+++ b/charts/artifactory-ha/requirements.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: postgresql
   repository: https://charts.bitnami.com/bitnami
-  version: 8.7.3
-digest: sha256:7c0ecc958c9d90f0b5c3843621674788b414ea0497ea6053e8c46531545a47d3
-generated: "2020-08-03T02:21:09.654710336Z"
+  version: 9.3.4
+digest: sha256:6c6c7ebc7f0c35a6df917879cd7c51e226f31a4d320e053b3620c5476287e9b8
+generated: "2020-09-02T09:49:07.304103+05:30"
diff --git a/charts/artifactory-ha/requirements.yaml b/charts/artifactory-ha/requirements.yaml
index bedbccf5a..3e98e794a 100644
--- a/charts/artifactory-ha/requirements.yaml
+++ b/charts/artifactory-ha/requirements.yaml
@@ -1,5 +1,5 @@
 dependencies:
   - name: postgresql
-    version: 8.7.3
+    version: 9.3.4
     repository: https://charts.bitnami.com/bitnami
     condition: postgresql.enabled
diff --git a/charts/artifactory-ha/security-mitigation.yaml b/charts/artifactory-ha/security-mitigation.yaml
new file mode 100644
index 000000000..679edfe45
--- /dev/null
+++ b/charts/artifactory-ha/security-mitigation.yaml
@@ -0,0 +1,20 @@
+## Apache License Version 2.0
+## http://www.apache.org/licenses/LICENSE-2.0.txt
+
+## Schema version of this YAML file
+schemaVersion: v1
+
+## Overall mitigation summary
+summary: Security mitigation information for this application is tracked by the security-mitigation.yaml file that's part of this helm chart.
+
+## Mitigation notes for individual CVEs
+mitigations:
+  - cves:
+      - CVE-2017-8399
+    ## Indicates package Uri for which the security mitigation is provided. helm://… || docker://…
+    affectedPackageUri: helm://jfrog/artifactory-ha
+    ## Which chart versions this cve note belongs to
+    affectedVersions: ">= 3.1.0"
+    ## Description / note
+    description: This CVE needs to be fixed in the alpine base image of nginx container.
+
diff --git a/charts/artifactory-ha/templates/_helpers.tpl b/charts/artifactory-ha/templates/_helpers.tpl
index 8f9dc060c..04109d8c4 100644
--- a/charts/artifactory-ha/templates/_helpers.tpl
+++ b/charts/artifactory-ha/templates/_helpers.tpl
@@ -68,6 +68,19 @@ If release name contains chart name it will be used as a full name.
 {{- end -}}
 {{- end -}}
 
+{{/*
+Create a default fully qualified replicator tracker ingress name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "artifactory-ha.replicator.tracker.fullname" -}}
+{{- if .Values.artifactory.replicator.trackerIngress.name -}}
+{{- .Values.artifactory.replicator.trackerIngress.name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-replication-tracker" .Chart.Name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
@@ -125,3 +138,155 @@ Scheme (http/https) based on Access TLS enabled/disabled
 {{- printf "%s" "http" -}}
 {{- end -}}
 {{- end -}}
+
+{{/*
+Resolve joinKey value
+*/}}
+{{- define "artifactory-ha.joinKey" -}}
+{{- if .Values.global.joinKey -}}
+{{- .Values.global.joinKey -}}
+{{- else if .Values.artifactory.joinKey -}}
+{{- .Values.artifactory.joinKey -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve masterKey value
+*/}}
+{{- define "artifactory-ha.masterKey" -}}
+{{- if .Values.global.masterKey -}}
+{{- .Values.global.masterKey -}}
+{{- else if .Values.artifactory.masterKey -}}
+{{- .Values.artifactory.masterKey -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve joinKeySecretName value
+*/}}
+{{- define "artifactory-ha.joinKeySecretName" -}}
+{{- if .Values.global.joinKeySecretName -}}
+{{- .Values.global.joinKeySecretName -}}
+{{- else if .Values.artifactory.joinKeySecretName -}}
+{{- .Values.artifactory.joinKeySecretName -}}
+{{- else -}}
+{{ include "artifactory-ha.fullname" . }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve masterKeySecretName value
+*/}}
+{{- define "artifactory-ha.masterKeySecretName" -}}
+{{- if .Values.global.masterKeySecretName -}}
+{{- .Values.global.masterKeySecretName -}}
+{{- else if .Values.artifactory.masterKeySecretName -}}
+{{- .Values.artifactory.masterKeySecretName -}}
+{{- else -}}
+{{ include "artifactory-ha.fullname" . }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve imagePullSecrets value
+*/}}
+{{- define "artifactory-ha.imagePullSecrets" -}}
+{{- if .Values.global.imagePullSecrets }}
+imagePullSecrets:
+{{- range .Values.global.imagePullSecrets }}
+  - name: {{ . }}
+{{- end }}
+{{- else if .Values.imagePullSecrets }}
+imagePullSecrets:
+{{- range .Values.imagePullSecrets }}
+  - name: {{ . }}
+{{- end }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve customInitContainersBegin value
+*/}}
+{{- define "artifactory-ha.customInitContainersBegin" -}}
+{{- if .Values.global.customInitContainersBegin -}}
+{{- .Values.global.customInitContainersBegin -}}
+{{- else if .Values.artifactory.customInitContainersBegin -}}
+{{- .Values.artifactory.customInitContainersBegin -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve customInitContainers value
+*/}}
+{{- define "artifactory-ha.customInitContainers" -}}
+{{- if .Values.global.customInitContainers -}}
+{{- .Values.global.customInitContainers -}}
+{{- else if .Values.artifactory.customInitContainers -}}
+{{- .Values.artifactory.customInitContainers -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve customVolumes value
+*/}}
+{{- define "artifactory-ha.customVolumes" -}}
+{{- if .Values.global.customVolumes -}}
+{{- .Values.global.customVolumes -}}
+{{- else if .Values.artifactory.customVolumes -}}
+{{- .Values.artifactory.customVolumes -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve customVolumeMounts value
+*/}}
+{{- define "artifactory-ha.customVolumeMounts" -}}
+{{- if .Values.global.customVolumeMounts -}}
+{{- .Values.global.customVolumeMounts -}}
+{{- else if .Values.artifactory.customVolumeMounts -}}
+{{- .Values.artifactory.customVolumeMounts -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Resolve customSidecarContainers value
+*/}}
+{{- define "artifactory-ha.customSidecarContainers" -}}
+{{- if .Values.global.customSidecarContainers -}}
+{{- .Values.global.customSidecarContainers -}}
+{{- else if .Values.artifactory.customSidecarContainers -}}
+{{- .Values.artifactory.customSidecarContainers -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the proper artifactory chart image names
+*/}}
+{{- define "artifactory-ha.getImageInfoByValue" -}}
+{{- $dot := index . 0 }}
+{{- $indexReference := index . 1 }}
+{{- $registryName := index $dot.Values $indexReference "image" "registry" -}}
+{{- $repositoryName := index $dot.Values $indexReference "image" "repository" -}}
+{{- $tag := default $dot.Chart.AppVersion (index $dot.Values $indexReference "image" "tag") | toString -}}
+{{- if $dot.Values.global }}
+    {{- if and $dot.Values.global.versions.artifactory (or (eq $indexReference "artifactory") (eq $indexReference "nginx") ) }}
+    {{- $tag = $dot.Values.global.versions.artifactory | toString -}}
+    {{- end -}}
+    {{- if $dot.Values.global.imageRegistry }}
+        {{- printf "%s/%s:%s" $dot.Values.global.imageRegistry $repositoryName $tag -}}
+    {{- else -}}
+        {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
+    {{- end -}}
+{{- else -}}
+    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the proper artifactory app version
+*/}}
+{{- define "artifactory-ha.app.version" -}}
+{{- $image := split ":" ((include "artifactory-ha.getImageInfoByValue" (list . "artifactory")) | toString) -}}
+{{- $tag := $image._1 -}}
+{{- printf "%s" $tag -}}
+{{- end -}}
diff --git a/charts/artifactory-ha/templates/additional-resources.yaml b/charts/artifactory-ha/templates/additional-resources.yaml
new file mode 100644
index 000000000..c4d06f08a
--- /dev/null
+++ b/charts/artifactory-ha/templates/additional-resources.yaml
@@ -0,0 +1,3 @@
+{{ if .Values.additionalResources }}
+{{ tpl .Values.additionalResources . }}
+{{- end -}}
diff --git a/charts/artifactory-ha/templates/artifactory-access-config.yaml b/charts/artifactory-ha/templates/artifactory-access-config.yaml
index 6552d45dc..4eac505bc 100644
--- a/charts/artifactory-ha/templates/artifactory-access-config.yaml
+++ b/charts/artifactory-ha/templates/artifactory-access-config.yaml
@@ -10,6 +10,6 @@ metadata:
     release: {{ .Release.Name }}
 type: Opaque
 stringData:
-  access.config.import.yml: |
+  access.config.patch.yml: |
 {{ tpl (toYaml .Values.access.accessConfig) . | indent 4 }}
 {{- end }}
diff --git a/charts/artifactory-ha/templates/artifactory-custom-secrets.yaml b/charts/artifactory-ha/templates/artifactory-custom-secrets.yaml
index c22188a64..67473fc58 100644
--- a/charts/artifactory-ha/templates/artifactory-custom-secrets.yaml
+++ b/charts/artifactory-ha/templates/artifactory-custom-secrets.yaml
@@ -4,7 +4,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ .name }}
+  name: {{ template "artifactory-ha.fullname" $ }}-{{ .name }}
   labels:
     app: "{{ template "artifactory-ha.name" $ }}"
     chart: "{{ template "artifactory-ha.chart" $ }}"
diff --git a/charts/artifactory-ha/templates/artifactory-node-pdb.yaml b/charts/artifactory-ha/templates/artifactory-node-pdb.yaml
index d588e0a85..cb45027cf 100644
--- a/charts/artifactory-ha/templates/artifactory-node-pdb.yaml
+++ b/charts/artifactory-ha/templates/artifactory-node-pdb.yaml
@@ -1,3 +1,4 @@
+{{- if .Values.artifactory.node.minAvailable -}}
 apiVersion: policy/v1beta1
 kind: PodDisruptionBudget
 metadata:
@@ -13,8 +14,7 @@ spec:
     matchLabels:
       component: {{ .Values.artifactory.name }}
       app: {{ template "artifactory-ha.name" . }}
-      {{- if eq .Values.artifactory.service.pool "members" }}
       role: {{ template "artifactory-ha.node.name" . }}
-      {{- end }}
       release: {{ .Release.Name }}
   minAvailable: {{ .Values.artifactory.node.minAvailable }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/artifactory-ha/templates/artifactory-node-statefulset.yaml b/charts/artifactory-ha/templates/artifactory-node-statefulset.yaml
index af5ce966d..c5b6f08f4 100644
--- a/charts/artifactory-ha/templates/artifactory-node-statefulset.yaml
+++ b/charts/artifactory-ha/templates/artifactory-node-statefulset.yaml
@@ -34,6 +34,7 @@ spec:
 {{ toYaml . | indent 8 }}
         {{- end }}
       annotations:
+        checksum/database-secrets: {{ include (print $.Template.BasePath "/artifactory-database-secrets.yaml") . | sha256sum }}
         checksum/binarystore: {{ include (print $.Template.BasePath "/artifactory-binarystore-secret.yaml") . | sha256sum }}
         checksum/systemyaml: {{ include (print $.Template.BasePath "/artifactory-system-yaml.yaml") . | sha256sum }}
       {{- if .Values.artifactory.persistence.googleStorage.gcpServiceAccount.enabled }}
@@ -52,16 +53,17 @@ spec:
     {{- end }}
       serviceAccountName: {{ template "artifactory-ha.serviceAccountName" . }}
       terminationGracePeriodSeconds: {{ .Values.artifactory.terminationGracePeriodSeconds }}
-    {{- if .Values.imagePullSecrets }}
-      imagePullSecrets:
-      - name: {{ .Values.imagePullSecrets }}
+    {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
+{{- include "artifactory-ha.imagePullSecrets" . | indent 6 }}
     {{- end }}
+      {{- if .Values.artifactory.setSecurityContext }}
       securityContext:
         runAsUser: {{ .Values.artifactory.uid }}
-        fsGroup: {{ .Values.artifactory.uid }}
+        fsGroup: {{ .Values.artifactory.gid }}
+      {{- end }}
       initContainers:
-    {{- if .Values.artifactory.customInitContainersBegin }}
-{{ tpl .Values.artifactory.customInitContainersBegin . | indent 6 }}
+    {{- if or .Values.artifactory.customInitContainersBegin .Values.global.customInitContainersBegin }}
+{{ tpl (include "artifactory-ha.customInitContainersBegin" .)  . | indent 6 }}
     {{- end }}
   {{- if .Values.artifactory.persistence.enabled }}
     {{- if eq .Values.artifactory.persistence.type "file-system" }}
@@ -126,7 +128,11 @@ spec:
           echo "Copy system.yaml to {{ .Values.artifactory.persistence.mountPath }}/etc";
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/etc;
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/etc/access/keys/trusted;
+          {{- if .Values.systemYamlOverride.existingSecret }}
+          cp -fv /tmp/etc/{{ .Values.systemYamlOverride.dataKey }} {{ .Values.artifactory.persistence.mountPath }}/etc/system.yaml;
+          {{- else }}          
           cp -fv /tmp/etc/system.yaml {{ .Values.artifactory.persistence.mountPath }}/etc/system.yaml;
+          {{- end }}
           echo "Remove {{ .Values.artifactory.persistence.mountPath }}/lost+found folder if exists";
           rm -rfv {{ .Values.artifactory.persistence.mountPath }}/lost+found;
           echo "Removing join.key file";
@@ -137,7 +143,7 @@ spec:
         {{- if .Values.access.customCertificatesSecretName }}
           echo "Load custom certificates from database";
         {{- end }}
-        {{- if or .Values.artifactory.masterKey .Values.artifactory.masterKeySecretName }}
+        {{- if or .Values.artifactory.masterKey .Values.global.masterKey .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName }}
           echo "Copy masterKey to {{ .Values.artifactory.persistence.mountPath }}/etc/security";
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/etc/security;
           echo -n ${ARTIFACTORY_MASTER_KEY} > {{ .Values.artifactory.persistence.mountPath }}/etc/security/master.key;
@@ -145,7 +151,7 @@ spec:
         - name: ARTIFACTORY_MASTER_KEY
           valueFrom:
             secretKeyRef:
-              name: "{{ .Values.artifactory.masterKeySecretName | default (include "artifactory-ha.fullname" .) }}"
+              name: {{ include "artifactory-ha.masterKeySecretName" . }}
               key: master-key
         {{- end }}
         resources:
@@ -153,17 +159,24 @@ spec:
         volumeMounts:
         - name: volume
           mountPath: {{ .Values.artifactory.persistence.mountPath | quote }}
+      {{- if or .Values.systemYamlOverride.existingSecret .Values.artifactory.systemYaml }}  
         - name: systemyaml
+          {{- if .Values.systemYamlOverride.existingSecret }}
+          mountPath: "/tmp/etc/{{.Values.systemYamlOverride.dataKey}}"
+          subPath: {{ .Values.systemYamlOverride.dataKey }}
+          {{- else if .Values.artifactory.systemYaml }}
           mountPath: "/tmp/etc/system.yaml"
           subPath: system.yaml
-    {{- if .Values.artifactory.customPersistentPodVolumeClaim }}
+          {{- end }}
+      {{- end }}
+    {{- if and .Values.artifactory.customPersistentPodVolumeClaim (not .Values.artifactory.customPersistentPodVolumeClaim.skipPrepareContainer) }}
       - name: "prepare-custom-persistent-volume"
         image: "{{ .Values.initContainerImage }}"
         command:
           - 'sh'
           - '-c'
           - >
-            chown -Rv {{ .Values.artifactory.uid }}:{{ .Values.artifactory.uid }} {{ .Values.artifactory.customPersistentPodVolumeClaim.mountPath }}
+            chown -Rv {{ .Values.artifactory.uid }}:{{ .Values.artifactory.gid }} {{ .Values.artifactory.customPersistentPodVolumeClaim.mountPath }}
         securityContext:
           runAsUser: 0
         resources:
@@ -187,12 +200,12 @@ spec:
 {{ toYaml .Values.initContainers.resources | indent 10 }}
       {{- end }}
     {{- end }}
-    {{- if .Values.artifactory.customInitContainers }}
-{{ tpl .Values.artifactory.customInitContainers . | indent 6 }}
+    {{- if or .Values.artifactory.customInitContainers .Values.global.customInitContainers }}
+{{ tpl (include "artifactory-ha.customInitContainers" .)  . | indent 6 }}
     {{- end }}
 {{- if .Values.artifactory.migration.enabled }}
       - name: 'migration-artifactory-ha'
-        image: '{{ .Values.artifactory.image.repository }}:{{ default .Chart.AppVersion .Values.artifactory.image.version }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list . "artifactory") }}
         imagePullPolicy: {{ .Values.artifactory.image.pullPolicy }}
         securityContext:
           allowPrivilegeEscalation: false
@@ -211,10 +224,14 @@ spec:
           cp -fv /tmp/migrationHelmInfo.yaml $scriptsPath/migrationHelmInfo.yaml;
           cp -fv /tmp/migrationStatus.sh $scriptsPath/migrationStatus.sh;
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/log;
-          bash $scriptsPath/migrationStatus.sh {{ default .Chart.AppVersion .Values.artifactory.image.version }} {{ .Values.artifactory.migration.timeoutSeconds }} > >(tee {{ .Values.artifactory.persistence.mountPath }}/log/helm-migration.log) 2>&1;
+          bash $scriptsPath/migrationStatus.sh {{ include "artifactory-ha.app.version" . }} {{ .Values.artifactory.migration.timeoutSeconds }} > >(tee {{ .Values.artifactory.persistence.mountPath }}/log/helm-migration.log) 2>&1;
         resources:
 {{ toYaml .Values.artifactory.node.resources | indent 10 }}
         env:
+      {{- if and (not .Values.waitForDatabase) (not .Values.postgresql.enabled) }}
+        - name: SKIP_WAIT_FOR_EXTERNAL_DB
+          value: "true"
+      {{- end }}
       {{- if or .Values.database.secrets.user .Values.database.user }}
         - name: JF_SHARED_DATABASE_USERNAME
           valueFrom:
@@ -283,8 +300,8 @@ spec:
           mountPath: "{{ $.Values.artifactory.persistence.fileSystem.existingSharedClaim.backupDir }}"
     {{- end }}
   {{- end }}
-  {{- if .Values.artifactory.customVolumeMounts }}
-{{ tpl .Values.artifactory.customVolumeMounts . | indent 8 }}
+  {{- if or .Values.artifactory.customVolumeMounts .Values.global.customVolumeMounts }}
+{{ tpl (include "artifactory-ha.customVolumeMounts" .) . | indent 8 }}
   {{- end }}
   {{- if eq .Values.artifactory.persistence.type "nfs" }}
         - name: artifactory-ha-data
@@ -306,7 +323,7 @@ spec:
 {{- end }}
       containers:
       - name: {{ .Values.artifactory.name }}
-        image: '{{ .Values.artifactory.image.repository }}:{{ default .Chart.AppVersion .Values.artifactory.image.version }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list . "artifactory") }}
         imagePullPolicy: {{ .Values.artifactory.image.pullPolicy }}
         securityContext:
           allowPrivilegeEscalation: false
@@ -324,6 +341,7 @@ spec:
           {{ tpl . $ }};
         {{- end }}
           exec /entrypoint-artifactory.sh
+        {{- with .Values.artifactory.postStartCommand }}
         lifecycle:
           postStart:
             exec:
@@ -331,11 +349,14 @@ spec:
               - '/bin/bash'
               - '-c'
               - >
-                echo;
-              {{- with .Values.artifactory.postStartCommand }}
+                echo "Running custom postStartCommand command";
                 {{ tpl . $ }}
-              {{- end }}
+        {{- end }}
         env:
+      {{- if and (not .Values.waitForDatabase) (not .Values.postgresql.enabled) }}
+        - name: SKIP_WAIT_FOR_EXTERNAL_DB
+          value: "true"
+      {{- end }}
       {{- if or .Values.database.secrets.user .Values.database.user }}
         - name: JF_SHARED_DATABASE_USERNAME
           valueFrom:
@@ -384,12 +405,16 @@ spec:
 {{- end }}
         ports:
         - containerPort: {{ .Values.artifactory.internalPort }}
+          name: http
         - containerPort: {{ .Values.artifactory.internalArtifactoryPort }}
+          name: http-internal
         {{- if .Values.artifactory.node.javaOpts.jmx.enabled }}
         - containerPort: {{ .Values.artifactory.node.javaOpts.jmx.port }}
+          name: tcp-jmx
         {{- end }}
         {{- if .Values.artifactory.ssh.enabled }}
         - containerPort: {{ .Values.artifactory.ssh.internalPort }}
+          name: tcp-ssh
         {{- end }}
         volumeMounts:
        {{- if .Values.artifactory.customPersistentVolumeClaim }}
@@ -445,8 +470,8 @@ spec:
         - name: installer-info
           mountPath: "/artifactory_bootstrap/info/installer-info.json"
           subPath: installer-info.json
-      {{- if .Values.artifactory.customVolumeMounts }}
-{{ tpl .Values.artifactory.customVolumeMounts . | indent 8 }}
+      {{- if or .Values.artifactory.customVolumeMounts .Values.global.customVolumeMounts }}
+{{ tpl (include "artifactory-ha.customVolumeMounts" .) . | indent 8 }}
       {{- end }}
         resources:
 {{ toYaml .Values.artifactory.node.resources | indent 10 }}
@@ -474,12 +499,10 @@ spec:
           failureThreshold: {{ .Values.artifactory.livenessProbe.failureThreshold }}
           successThreshold: {{ .Values.artifactory.livenessProbe.successThreshold }}
         {{- end }}
-      {{- $image := .Values.logger.image.repository }}
-      {{- $tag := .Values.logger.image.tag }}
       {{- $mountPath := .Values.artifactory.persistence.mountPath }}
       {{- range .Values.artifactory.loggers }}
       - name: {{ . | replace "_" "-" | replace "." "-" }}
-        image: '{{ $image }}:{{ $tag }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list $ "logger") }}
         command:
           - 'sh'
           - '-c'
@@ -496,7 +519,7 @@ spec:
       {{ if .Values.artifactory.catalinaLoggers }}
       {{- range .Values.artifactory.catalinaLoggers }}
       - name: {{ . | replace "_" "-" | replace "." "-" }}
-        image: '{{ $image }}:{{ $tag }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list $ "logger") }}
         command:
         - 'sh'
         - '-c'
@@ -536,8 +559,8 @@ spec:
 {{ toYaml .Values.filebeat.resources | indent 10 }}
         terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }}
       {{- end }}
-    {{- if .Values.artifactory.customSidecarContainers }}
-{{ tpl .Values.artifactory.customSidecarContainers . | indent 6 }}
+    {{- if or .Values.artifactory.customSidecarContainers .Values.global.customSidecarContainers }}
+{{ tpl (include "artifactory-ha.customSidecarContainers" .) . | indent 6 }}
     {{- end }}
     {{- with .Values.artifactory.node.nodeSelector }}
       nodeSelector:
@@ -619,7 +642,7 @@ spec:
       - name: bootstrap-config
         configMap:
           name: {{ .Values.artifactory.configMapName }}
-      {{- end}}      
+      {{- end}}
       {{- if or .Values.artifactory.loggers .Values.artifactory.catalinaLoggers }}
       - name: tail-logger-script
         configMap:
@@ -650,9 +673,11 @@ spec:
         persistentVolumeClaim:
           claimName: {{ template "artifactory-ha.fullname" . }}-backup-pvc
       {{- end }}
+      {{- if or .Values.systemYamlOverride.existingSecret .Values.artifactory.systemYaml }}
       - name: systemyaml
         secret:
-          secretName: {{ template "artifactory-ha.primary.name" . }}-system-yaml
+          secretName: {{ default (printf "%s-%s" (include "artifactory-ha.primary.name" .) "system-yaml") .Values.systemYamlOverride.existingSecret }}
+      {{- end }}
       {{- if .Values.artifactory.customPersistentVolumeClaim }}
       - name: {{ .Values.artifactory.customPersistentVolumeClaim.name }}
         persistentVolumeClaim:
@@ -663,8 +688,8 @@ spec:
         configMap:
           name: {{ template "artifactory-ha.fullname" . }}-filebeat-config
       {{- end }}
-      {{- if .Values.artifactory.customVolumes }}
-{{ tpl .Values.artifactory.customVolumes . | indent 6 }}
+      {{- if or .Values.artifactory.customVolumes .Values.global.customVolumes }}
+{{ tpl (include "artifactory-ha.customVolumes" .) . | indent 6 }}
       {{- end }}
   {{- if not .Values.artifactory.persistence.enabled }}
       - name: volume
diff --git a/charts/artifactory-ha/templates/artifactory-primary-pdb.yaml b/charts/artifactory-ha/templates/artifactory-primary-pdb.yaml
new file mode 100644
index 000000000..cc4dfab65
--- /dev/null
+++ b/charts/artifactory-ha/templates/artifactory-primary-pdb.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.artifactory.primary.minAvailable -}}
+apiVersion: policy/v1beta1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ template "artifactory-ha.fullname" . }}-primary
+  labels:
+    app: {{ template "artifactory-ha.name" . }}
+    chart: {{ template "artifactory-ha.chart" . }}
+    component: {{ .Values.artifactory.name }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+spec:
+  selector:
+    matchLabels:
+      component: {{ .Values.artifactory.name }}
+      app: {{ template "artifactory-ha.name" . }}
+      role: {{ template "artifactory-ha.primary.name" . }}
+      release: {{ .Release.Name }}
+  minAvailable: {{ .Values.artifactory.primary.minAvailable }}
+{{- end }}
diff --git a/charts/artifactory-ha/templates/artifactory-primary-statefulset.yaml b/charts/artifactory-ha/templates/artifactory-primary-statefulset.yaml
index 9de929da2..afe1d223d 100644
--- a/charts/artifactory-ha/templates/artifactory-primary-statefulset.yaml
+++ b/charts/artifactory-ha/templates/artifactory-primary-statefulset.yaml
@@ -6,18 +6,18 @@ metadata:
     app: {{ template "artifactory-ha.name" . }}
     chart: {{ template "artifactory-ha.chart" . }}
     component: {{ .Values.artifactory.name }}
-    version: {{ default .Chart.AppVersion .Values.artifactory.image.version }}
+    version: {{ include "artifactory-ha.app.version" . }}
     heritage: {{ .Release.Service }}
     release: {{ .Release.Name }}
 {{- with .Values.artifactory.primary.labels }}
 {{ toYaml . | indent 4 }}
 {{- end }}
 {{- if and .Release.IsUpgrade .Values.postgresql.enabled }}
-    databaseUpgradeReady: {{ required "\n\n*********\nIMPORTANT: UPGRADE STOPPED to prevent data loss!\nReview CHANGELOG.md (https://github.com/jfrog/charts/blob/master/stable/artifactory/CHANGELOG.md), pass postgresql.image.tag=9.6.18-debian-10-r7 and databaseUpgradeReady=true if you are upgrading from chart version which has postgresql version 9.6.x." .Values.databaseUpgradeReady | quote }}
+    databaseUpgradeReady: {{ required "\n\n*********\nIMPORTANT: UPGRADE STOPPED to prevent data loss!\nReview CHANGELOG.md (https://github.com/jfrog/charts/blob/master/stable/artifactory-ha/CHANGELOG.md) \nNote: This applies only when you are using bundled postgresql (postgresql.enabled=true) \nIf you are upgrading from a chart version (< 4.x) that has postgresql.image.tag of 9.x or 10.x, make sure to pass the current postgresql.image.tag and set databaseUpgradeReady=true \nOR \nIf you are upgrading from a chart version (>= 4.x), just set databaseUpgradeReady=true \n" .Values.databaseUpgradeReady | quote }}
 {{- end }}
 spec:
   serviceName: {{ template "artifactory-ha.primary.name" . }}
-  replicas: 1
+  replicas: {{ .Values.artifactory.primary.replicaCount }}
   updateStrategy:
     type: RollingUpdate
   selector:
@@ -38,6 +38,7 @@ spec:
 {{ toYaml . | indent 8 }}
         {{- end }}
       annotations:
+        checksum/database-secrets: {{ include (print $.Template.BasePath "/artifactory-database-secrets.yaml") . | sha256sum }}
         checksum/binarystore: {{ include (print $.Template.BasePath "/artifactory-binarystore-secret.yaml") . | sha256sum }}
         checksum/systemyaml: {{ include (print $.Template.BasePath "/artifactory-system-yaml.yaml") . | sha256sum }}
       {{- if .Values.access.accessConfig }}
@@ -62,16 +63,17 @@ spec:
     {{- end }}
       serviceAccountName: {{ template "artifactory-ha.serviceAccountName" . }}
       terminationGracePeriodSeconds: {{ .Values.artifactory.terminationGracePeriodSeconds }}
-    {{- if .Values.imagePullSecrets }}
-      imagePullSecrets:
-      - name: {{ .Values.imagePullSecrets }}
+    {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
+{{- include "artifactory-ha.imagePullSecrets" . | indent 6 }}
     {{- end }}
+      {{- if .Values.artifactory.setSecurityContext }}
       securityContext:
         runAsUser: {{ .Values.artifactory.uid }}
-        fsGroup: {{ .Values.artifactory.uid }}
+        fsGroup: {{ .Values.artifactory.gid }}
+      {{- end }}
       initContainers:
-    {{- if .Values.artifactory.customInitContainersBegin }}
-{{ tpl .Values.artifactory.customInitContainersBegin . | indent 6 }}
+    {{- if or .Values.artifactory.customInitContainersBegin .Values.global.customInitContainersBegin }}
+{{ tpl (include "artifactory-ha.customInitContainersBegin" .)  . | indent 6 }}
     {{- end }}
   {{- if .Values.artifactory.persistence.enabled }}
     {{- if eq .Values.artifactory.persistence.type "file-system" }}
@@ -167,13 +169,17 @@ spec:
           echo "Copy system.yaml to {{ .Values.artifactory.persistence.mountPath }}/etc";
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/etc;
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/etc/access/keys/trusted;
+          {{- if .Values.systemYamlOverride.existingSecret }}
+          cp -fv /tmp/etc/{{ .Values.systemYamlOverride.dataKey }} {{ .Values.artifactory.persistence.mountPath }}/etc/system.yaml;
+          {{- else }}
           cp -fv /tmp/etc/system.yaml {{ .Values.artifactory.persistence.mountPath }}/etc/system.yaml;
+          {{- end }}
           echo "Remove {{ .Values.artifactory.persistence.mountPath }}/lost+found folder if exists";
           rm -rfv {{ .Values.artifactory.persistence.mountPath }}/lost+found;
         {{- if .Values.access.accessConfig }}
-          echo "Copy access.config.latest.yml to {{ .Values.artifactory.persistence.mountPath }}/etc";
+          echo "Copy access.config.patch.yml to {{ .Values.artifactory.persistence.mountPath }}/etc/access";
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/etc/access;
-          cp -fv /tmp/etc/access.config.import.yml {{ .Values.artifactory.persistence.mountPath }}/etc/access/access.config.import.yml;
+          cp -fv /tmp/etc/access.config.patch.yml {{ .Values.artifactory.persistence.mountPath }}/etc/access/access.config.patch.yml;
         {{- end }}
         {{- if .Values.access.resetAccessCAKeys }}
           echo "Resetting Access CA Keys";
@@ -186,41 +192,48 @@ spec:
           cp -fv /tmp/etc/tls.crt {{ .Values.artifactory.persistence.mountPath }}/bootstrap/etc/access/keys/ca.crt;
           cp -fv /tmp/etc/tls.key {{ .Values.artifactory.persistence.mountPath }}/bootstrap/etc/access/keys/ca.private.key;
         {{- end }}
-        {{- if or .Values.artifactory.joinKey .Values.artifactory.joinKeySecretName }}
+        {{- if or .Values.artifactory.joinKey .Values.global.joinKey .Values.artifactory.joinKeySecretName .Values.global.joinKeySecretName }}
           echo "Copy joinKey to {{ .Values.artifactory.persistence.mountPath }}/bootstrap/access/etc/security";
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/bootstrap/access/etc/security;
           echo -n ${ARTIFACTORY_JOIN_KEY} > {{ .Values.artifactory.persistence.mountPath }}/bootstrap/access/etc/security/join.key;
         {{- end }}
-        {{- if or .Values.artifactory.masterKey .Values.artifactory.masterKeySecretName }}
+        {{- if or .Values.artifactory.masterKey .Values.global.masterKey .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName }}
           echo "Copy masterKey to {{ .Values.artifactory.persistence.mountPath }}/etc/security";
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/etc/security;
           echo -n ${ARTIFACTORY_MASTER_KEY} > {{ .Values.artifactory.persistence.mountPath }}/etc/security/master.key;
         {{- end }}
         env:
-        {{- if or .Values.artifactory.joinKey .Values.artifactory.joinKeySecretName}}
+        {{- if or .Values.artifactory.joinKey .Values.global.joinKey .Values.artifactory.joinKeySecretName .Values.global.joinKeySecretName }}
         - name: ARTIFACTORY_JOIN_KEY
           valueFrom:
             secretKeyRef:
-              name: "{{ .Values.artifactory.joinKeySecretName | default (include "artifactory-ha.fullname" .) }}"
+              name: {{ include "artifactory-ha.joinKeySecretName" . }}
               key: join-key
         {{- end }}
-        {{- if or .Values.artifactory.masterKey .Values.artifactory.masterKeySecretName }}
+        {{- if or .Values.artifactory.masterKey .Values.global.masterKey .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName }}
         - name: ARTIFACTORY_MASTER_KEY
           valueFrom:
             secretKeyRef:
-              name: "{{ .Values.artifactory.masterKeySecretName | default (include "artifactory-ha.fullname" .) }}"
+              name: {{ include "artifactory-ha.masterKeySecretName" . }}
               key: master-key
         {{- end }}
         volumeMounts:
         - name: volume
           mountPath: {{ .Values.artifactory.persistence.mountPath | quote }}
+      {{- if or .Values.systemYamlOverride.existingSecret .Values.artifactory.systemYaml }}  
         - name: systemyaml
+          {{- if .Values.systemYamlOverride.existingSecret }}
+          mountPath: "/tmp/etc/{{.Values.systemYamlOverride.dataKey}}"
+          subPath: {{ .Values.systemYamlOverride.dataKey }}
+          {{- else if .Values.artifactory.systemYaml }}
           mountPath: "/tmp/etc/system.yaml"
           subPath: system.yaml
+          {{- end }}
+      {{- end }}
         {{- if .Values.access.accessConfig }}
         - name: access-config
-          mountPath: "/tmp/etc/access.config.import.yml"
-          subPath: access.config.import.yml
+          mountPath: "/tmp/etc/access.config.patch.yml"
+          subPath: access.config.patch.yml
         {{- end }}
         {{- if .Values.access.customCertificatesSecretName }}
         - name: access-certs
@@ -230,7 +243,7 @@ spec:
           mountPath: "/tmp/etc/tls.key"
           subPath: tls.key
         {{- end }}
-    {{- if .Values.artifactory.customPersistentPodVolumeClaim }}
+    {{- if and .Values.artifactory.customPersistentPodVolumeClaim (not .Values.artifactory.customPersistentPodVolumeClaim.skipPrepareContainer) }}
       - name: "prepare-custom-persistent-volume"
         image: "{{ .Values.initContainerImage }}"
         resources:
@@ -239,9 +252,11 @@ spec:
           - 'sh'
           - '-c'
           - >
-            chown -Rv {{ .Values.artifactory.uid }}:{{ .Values.artifactory.uid }} {{ .Values.artifactory.customPersistentPodVolumeClaim.mountPath }}
+            chown -Rv {{ .Values.artifactory.uid }}:{{ .Values.artifactory.gid }} {{ .Values.artifactory.customPersistentPodVolumeClaim.mountPath }}
         securityContext:
-          runAsUser: 0
+          capabilities:
+            add:
+              - CHOWN
         resources:
 {{ toYaml .Values.initContainers.resources | indent 10 }}
         volumeMounts:
@@ -263,12 +278,12 @@ spec:
 {{ toYaml .Values.initContainers.resources | indent 10 }}
       {{- end }}
     {{- end }}
-    {{- if .Values.artifactory.customInitContainers }}
-{{ tpl .Values.artifactory.customInitContainers . | indent 6 }}
+    {{- if or .Values.artifactory.customInitContainers .Values.global.customInitContainers }}
+{{ tpl (include "artifactory-ha.customInitContainers" .)  . | indent 6 }}
     {{- end }}
 {{- if .Values.artifactory.migration.enabled }}
       - name: 'migration-artifactory-ha'
-        image: '{{ .Values.artifactory.image.repository }}:{{ default .Chart.AppVersion .Values.artifactory.image.version }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list . "artifactory") }}
         imagePullPolicy: {{ .Values.artifactory.image.pullPolicy }}
         resources:
 {{ toYaml .Values.artifactory.primary.resources | indent 10 }}
@@ -289,8 +304,12 @@ spec:
           cp -fv /tmp/migrationHelmInfo.yaml $scriptsPath/migrationHelmInfo.yaml;
           cp -fv /tmp/migrationStatus.sh $scriptsPath/migrationStatus.sh;
           mkdir -p {{ .Values.artifactory.persistence.mountPath }}/log;
-          bash $scriptsPath/migrationStatus.sh {{ default .Chart.AppVersion .Values.artifactory.image.version }} {{ .Values.artifactory.migration.timeoutSeconds }} > >(tee {{ .Values.artifactory.persistence.mountPath }}/log/helm-migration.log) 2>&1;
+          bash $scriptsPath/migrationStatus.sh {{ include "artifactory-ha.app.version" . }} {{ .Values.artifactory.migration.timeoutSeconds }} > >(tee {{ .Values.artifactory.persistence.mountPath }}/log/helm-migration.log) 2>&1;
         env:
+      {{- if and (not .Values.waitForDatabase)  (not .Values.postgresql.enabled) }}
+        - name: SKIP_WAIT_FOR_EXTERNAL_DB
+          value: "true"
+      {{- end }}
       {{- if or .Values.database.secrets.user .Values.database.user }}
         - name: JF_SHARED_DATABASE_USERNAME
           valueFrom:
@@ -359,8 +378,8 @@ spec:
           mountPath: "{{ $.Values.artifactory.persistence.fileSystem.existingSharedClaim.backupDir }}"
         {{- end }}
       {{- end }}
-      {{- if .Values.artifactory.customVolumeMounts }}
-{{ tpl .Values.artifactory.customVolumeMounts . | indent 8 }}
+      {{- if or .Values.artifactory.customVolumeMounts .Values.global.customVolumeMounts }}
+{{ tpl (include "artifactory-ha.customVolumeMounts" .) . | indent 8 }}
       {{- end }}
       {{- if eq .Values.artifactory.persistence.type "nfs" }}
         - name: artifactory-ha-data
@@ -382,7 +401,7 @@ spec:
 {{- end }}
       containers:
       - name: {{ .Values.artifactory.name }}
-        image: '{{ .Values.artifactory.image.repository }}:{{ default .Chart.AppVersion .Values.artifactory.image.version }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list . "artifactory") }}
         imagePullPolicy: {{ .Values.artifactory.image.pullPolicy }}
         securityContext:
           allowPrivilegeEscalation: false
@@ -418,6 +437,7 @@ spec:
           {{ tpl . $ }};
         {{- end }}
           exec /entrypoint-artifactory.sh
+        {{- with .Values.artifactory.postStartCommand }}
         lifecycle:
           postStart:
             exec:
@@ -425,11 +445,14 @@ spec:
               - '/bin/bash'
               - '-c'
               - >
-                echo;
-              {{- with .Values.artifactory.postStartCommand }}
-                {{ tpl . $ }}
-              {{- end }}
+                echo "Running custom postStartCommand command";
+                {{ tpl . $ }};
+        {{- end }}
         env:
+      {{- if and (not .Values.waitForDatabase) (not .Values.postgresql.enabled) }}
+        - name: SKIP_WAIT_FOR_EXTERNAL_DB
+          value: "true"
+      {{- end }}
       {{- if or .Values.database.secrets.user .Values.database.user }}
         - name: JF_SHARED_DATABASE_USERNAME
           valueFrom:
@@ -478,12 +501,16 @@ spec:
 {{- end }}
         ports:
         - containerPort: {{ .Values.artifactory.internalPort }}
+          name: http
         - containerPort: {{ .Values.artifactory.internalArtifactoryPort }}
+          name: http-internal
         {{- if .Values.artifactory.primary.javaOpts.jmx.enabled }}
         - containerPort: {{ .Values.artifactory.primary.javaOpts.jmx.port }}
+          name: tcp-jmx
         {{- end }}
         {{- if .Values.artifactory.ssh.enabled }}
         - containerPort: {{ .Values.artifactory.ssh.internalPort }}
+          name: tcp-ssh
         {{- end }}
         volumeMounts:
         {{- if .Values.artifactory.customPersistentVolumeClaim }}
@@ -547,8 +574,8 @@ spec:
         - name: installer-info
           mountPath: "/artifactory_bootstrap/info/installer-info.json"
           subPath: installer-info.json
-      {{- if .Values.artifactory.customVolumeMounts }}
-{{ tpl .Values.artifactory.customVolumeMounts . | indent 8 }}
+      {{- if or .Values.artifactory.customVolumeMounts .Values.global.customVolumeMounts }}
+{{ tpl (include "artifactory-ha.customVolumeMounts" .) . | indent 8 }}
       {{- end }}
         resources:
 {{ toYaml .Values.artifactory.primary.resources | indent 10 }}
@@ -576,12 +603,10 @@ spec:
           failureThreshold: {{ .Values.artifactory.livenessProbe.failureThreshold }}
           successThreshold: {{ .Values.artifactory.livenessProbe.successThreshold }}
         {{- end }}
-      {{- $image := .Values.logger.image.repository }}
-      {{- $tag := .Values.logger.image.tag }}
       {{- $mountPath := .Values.artifactory.persistence.mountPath }}
       {{- range .Values.artifactory.loggers }}
       - name: {{ . | replace "_" "-" | replace "." "-" }}
-        image: '{{ $image }}:{{ $tag }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list $ "logger") }}
         command:
           - 'sh'
           - '-c'
@@ -598,7 +623,7 @@ spec:
       {{ if .Values.artifactory.catalinaLoggers }}
       {{- range .Values.artifactory.catalinaLoggers }}
       - name: {{ . | replace "_" "-" | replace "." "-" }}
-        image: '{{ $image }}:{{ $tag }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list $ "logger") }}
         command:
         - 'sh'
         - '-c'
@@ -638,8 +663,8 @@ spec:
 {{ toYaml .Values.filebeat.resources | indent 10 }}
         terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }}
       {{- end }}
-    {{- if .Values.artifactory.customSidecarContainers }}
-{{ tpl .Values.artifactory.customSidecarContainers . | indent 6 }}
+    {{- if or .Values.artifactory.customSidecarContainers .Values.global.customSidecarContainers }}
+{{ tpl (include "artifactory-ha.customSidecarContainers" .) . | indent 6 }}
     {{- end }}
     {{- with .Values.artifactory.primary.nodeSelector }}
       nodeSelector:
@@ -764,9 +789,11 @@ spec:
         persistentVolumeClaim:
           claimName: {{ template "artifactory-ha.fullname" . }}-backup-pvc
       {{- end }}
+      {{- if or .Values.systemYamlOverride.existingSecret .Values.artifactory.systemYaml }}
       - name: systemyaml
         secret:
-          secretName: {{ template "artifactory-ha.primary.name" . }}-system-yaml
+          secretName: {{ default (printf "%s-%s" (include "artifactory-ha.primary.name" .) "system-yaml") .Values.systemYamlOverride.existingSecret }}
+      {{- end }}
       {{- if .Values.access.accessConfig }}
       - name: access-config
         secret:
@@ -787,8 +814,8 @@ spec:
         configMap:
           name: {{ template "artifactory-ha.fullname" . }}-filebeat-config
       {{- end }}
-      {{- if .Values.artifactory.customVolumes }}
-{{ tpl .Values.artifactory.customVolumes . | indent 6 }}
+      {{- if or .Values.artifactory.customVolumes .Values.global.customVolumes }}
+{{ tpl (include "artifactory-ha.customVolumes" .) . | indent 6 }}
       {{- end }}
   {{- if not .Values.artifactory.persistence.enabled }}
       - name: volume
diff --git a/charts/artifactory-ha/templates/artifactory-secrets.yaml b/charts/artifactory-ha/templates/artifactory-secrets.yaml
index 260e516b9..5870428ca 100644
--- a/charts/artifactory-ha/templates/artifactory-secrets.yaml
+++ b/charts/artifactory-ha/templates/artifactory-secrets.yaml
@@ -9,9 +9,13 @@ metadata:
     release: {{ .Release.Name }}
 type: Opaque
 data:
-{{- if and .Values.artifactory.masterKey (not .Values.artifactory.masterKeySecretName) }}
-  master-key: {{ .Values.artifactory.masterKey | b64enc | quote }}
-{{- end }}
-{{- if and .Values.artifactory.joinKey (not .Values.artifactory.joinKeySecretName) }}
-  join-key: {{ .Values.artifactory.joinKey | b64enc | quote }}
-{{- end }}
+  {{- if or .Values.artifactory.masterKey .Values.global.masterKey }}
+  {{- if not (or .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName) }}
+  master-key: {{ include "artifactory-ha.masterKey" . | b64enc | quote }}
+  {{- end }}
+  {{- end }}
+  {{- if or .Values.artifactory.joinKey .Values.global.joinKey }}
+  {{- if not (or .Values.artifactory.joinKeySecretName .Values.global.joinKeySecretName) }}
+  join-key: {{ include "artifactory-ha.joinKey" . | b64enc | quote }}
+  {{- end }}
+  {{- end }}
diff --git a/charts/artifactory-ha/templates/artifactory-service.yaml b/charts/artifactory-ha/templates/artifactory-service.yaml
index 68b467ea5..baacb970f 100644
--- a/charts/artifactory-ha/templates/artifactory-service.yaml
+++ b/charts/artifactory-ha/templates/artifactory-service.yaml
@@ -29,27 +29,29 @@ spec:
   - port: {{ .Values.artifactory.externalPort }}
     targetPort: {{ .Values.artifactory.internalPort }}
     protocol: TCP
-    name: router
+    name: http-router
   {{- if .Values.artifactory.ssh.enabled }}
   - port: {{ .Values.artifactory.ssh.externalPort }}
     targetPort: {{ .Values.artifactory.ssh.internalPort }}
     protocol: TCP
-    name: ssh
+    name: tcp-ssh
   {{- end }}
   - port: {{ .Values.artifactory.externalArtifactoryPort }}
     targetPort: {{ .Values.artifactory.internalArtifactoryPort }}
     protocol: TCP
-    name: artifactory
+    name: http-artifactory
   {{- with .Values.artifactory.node.javaOpts.jmx }}
   {{- if .enabled }}
   - port: {{ .port }}
     targetPort: {{ .port }}
     protocol: TCP
-    name: jmx
+    name: tcp-jmx
   {{- end }}
   {{- end }}
   selector:
-{{- if eq .Values.artifactory.service.pool "members" }}
+{{- if eq (int .Values.artifactory.node.replicaCount) 0 }}
+    role: {{ template "artifactory-ha.primary.name" . }}
+{{- else if eq .Values.artifactory.service.pool "members" }}
     role: {{ template "artifactory-ha.node.name" . }}
 {{- end }}
     app: {{ template "artifactory-ha.name" . }}
@@ -81,23 +83,23 @@ spec:
   - port: {{ .Values.artifactory.externalPort }}
     targetPort: {{ .Values.artifactory.internalPort }}
     protocol: TCP
-    name: router
+    name: http-router
   - port: {{ .Values.artifactory.externalArtifactoryPort }}
     targetPort: {{ .Values.artifactory.internalArtifactoryPort }}
     protocol: TCP
-    name: artifactory
+    name: http-artifactory
   {{- if .Values.artifactory.ssh.enabled }}
   - port: {{ .Values.artifactory.ssh.externalPort }}
     targetPort: {{ .Values.artifactory.ssh.internalPort }}
     protocol: TCP
-    name: ssh
+    name: tcp-ssh
   {{- end }}
   {{- with .Values.artifactory.primary.javaOpts.jmx }}
   {{- if .enabled }}
   - port: {{ .port }}
     targetPort: {{ .port }}
     protocol: TCP
-    name: jmx
+    name: tcp-jmx
   {{- end }}
   {{- end }}
   selector:
diff --git a/charts/artifactory-ha/templates/artifactory-system-yaml.yaml b/charts/artifactory-ha/templates/artifactory-system-yaml.yaml
index cf8ffbac8..aaa1be152 100644
--- a/charts/artifactory-ha/templates/artifactory-system-yaml.yaml
+++ b/charts/artifactory-ha/templates/artifactory-system-yaml.yaml
@@ -1,3 +1,4 @@
+{{- if not .Values.systemYamlOverride.existingSecret }}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -12,3 +13,4 @@ type: Opaque
 stringData:
   system.yaml: |
 {{ tpl .Values.artifactory.systemYaml . | indent 4 }}
+{{- end }}
diff --git a/charts/artifactory-ha/templates/ingress.yaml b/charts/artifactory-ha/templates/ingress.yaml
index 262647f9c..53f7c93ec 100644
--- a/charts/artifactory-ha/templates/ingress.yaml
+++ b/charts/artifactory-ha/templates/ingress.yaml
@@ -3,7 +3,7 @@
 {{- $servicePort := .Values.artifactory.externalPort -}}
 {{- $artifactoryServicePort := .Values.artifactory.externalArtifactoryPort -}}
 {{- $ingressName := default ( include "artifactory-ha.fullname" . ) .Values.ingress.name -}}
-{{- if semverCompare ">=v1.14.0" .Capabilities.KubeVersion.GitVersion }}
+{{- if semverCompare ">=v1.14.0-0" .Capabilities.KubeVersion.GitVersion }}
 apiVersion: networking.k8s.io/v1beta1
 {{- else }}
 apiVersion: extensions/v1beta1
@@ -55,7 +55,7 @@ spec:
 {{- if .Values.artifactory.replicator.enabled }}
 ---
 {{- $replicationIngressName := default ( include "artifactory-ha.replicator.fullname" . ) .Values.artifactory.replicator.ingress.name -}}
-{{- if semverCompare ">=v1.14.0" .Capabilities.KubeVersion.GitVersion }}
+{{- if semverCompare ">=v1.14.0-0" .Capabilities.KubeVersion.GitVersion }}
 apiVersion: networking.k8s.io/v1beta1
 {{- else }}
 apiVersion: extensions/v1beta1
@@ -99,4 +99,51 @@ spec:
 {{ toYaml .Values.artifactory.replicator.ingress.tls | indent 4 }}
   {{- end -}}
 {{- end -}}
+{{- if and .Values.artifactory.replicator.enabled .Values.artifactory.replicator.trackerIngress.enabled }}
+---
+{{- $replicatorTrackerIngressName := default ( include "artifactory-ha.replicator.tracker.fullname" . ) .Values.artifactory.replicator.trackerIngress.name -}}
+  {{- if semverCompare ">=v1.14.0-0" .Capabilities.KubeVersion.GitVersion }}
+apiVersion: networking.k8s.io/v1beta1
+  {{- else }}
+apiVersion: extensions/v1beta1
+  {{- end }}
+kind: Ingress
+metadata:
+  name: {{ $replicatorTrackerIngressName }}
+  labels:
+    app: "{{ template "artifactory-ha.name" $ }}"
+    chart: "{{ template "artifactory-ha.chart" $ }}"
+    release: {{ $.Release.Name | quote }}
+    heritage: {{ $.Release.Service | quote }}
+  {{- if .Values.artifactory.replicator.trackerIngress.annotations }}
+  annotations:
+{{ .Values.artifactory.replicator.trackerIngress.annotations | toYaml | trimSuffix "\n" | indent 4 -}}
+  {{- end }}
+spec:
+  {{- if .Values.ingress.defaultBackend.enabled }}
+  backend:
+    serviceName: {{ $serviceName }}
+    servicePort: {{ $servicePort }}
+  {{- end }}
+  rules:
+{{- if .Values.artifactory.replicator.trackerIngress.hosts }}
+  {{- range $host := .Values.artifactory.replicator.trackerIngress.hosts }}
+  - host: {{ $host | quote }}
+    http:
+      paths:
+        - path: /
+          backend:
+            serviceName: {{ $serviceName }}
+            servicePort: {{ $servicePort }}
+  {{- end -}}
+{{- end -}}
+  {{- if .Values.artifactory.replicator.trackerIngress.tls }}
+  tls:
+{{ toYaml .Values.artifactory.replicator.trackerIngress.tls | indent 4 }}
+  {{- end -}}
+{{- end -}}
+{{- if .Values.customIngress }}
+---
+{{ .Values.customIngress | toYaml | trimSuffix "\n" }}
+{{- end -}}
 {{- end -}}
diff --git a/charts/artifactory-ha/templates/nginx-certificate-secret.yaml b/charts/artifactory-ha/templates/nginx-certificate-secret.yaml
index 2c1430a18..c4aceb951 100644
--- a/charts/artifactory-ha/templates/nginx-certificate-secret.yaml
+++ b/charts/artifactory-ha/templates/nginx-certificate-secret.yaml
@@ -1,4 +1,4 @@
-{{- if and (not .Values.nginx.tlsSecretName) .Values.nginx.enabled }}
+{{- if and (not .Values.nginx.tlsSecretName) .Values.nginx.https.enabled }}
 apiVersion: v1
 kind: Secret
 type: kubernetes.io/tls
diff --git a/charts/artifactory-ha/templates/nginx-deployment.yaml b/charts/artifactory-ha/templates/nginx-deployment.yaml
index 4327e7479..7d321b3f9 100644
--- a/charts/artifactory-ha/templates/nginx-deployment.yaml
+++ b/charts/artifactory-ha/templates/nginx-deployment.yaml
@@ -36,10 +36,12 @@ spec:
         release: {{ .Release.Name }}
     spec:
       serviceAccountName: {{ template "artifactory-ha.serviceAccountName" . }}
-    {{- if .Values.imagePullSecrets }}
-      imagePullSecrets:
-      - name: {{ .Values.imagePullSecrets }}
+    {{- if or .Values.imagePullSecrets .Values.global.imagePullSecrets }}
+{{- include "artifactory-ha.imagePullSecrets" . | indent 6 }}
     {{- end }}
+      {{- if .Values.nginx.priorityClassName }}
+      priorityClassName: {{ .Values.nginx.priorityClassName | quote }}
+      {{- end }}
       initContainers:
       - name: "setup"
         image: "{{ .Values.initContainerImage }}"
@@ -58,7 +60,7 @@ spec:
         fsGroup: {{ .Values.nginx.gid }}
       containers:
       - name: {{ .Values.nginx.name }}
-        image: '{{ .Values.nginx.image.repository }}:{{ default .Chart.AppVersion .Values.nginx.image.version }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list . "nginx") }}
         imagePullPolicy: {{ .Values.nginx.image.pullPolicy }}
         command:
           - 'nginx'
@@ -70,19 +72,24 @@ spec:
         {{- if .Values.nginx.http }}
         {{- if .Values.nginx.http.enabled }}
         - containerPort: {{ .Values.nginx.http.internalPort }}
+          name: http
         {{- end }}
         {{- else }} # DEPRECATED
         - containerPort: {{ .Values.nginx.internalPortHttp }}
+          name: http-internal
         {{- end }}
         {{- if .Values.nginx.https }}
         {{- if .Values.nginx.https.enabled }}
         - containerPort: {{ .Values.nginx.https.internalPort }}
+          name: https
         {{- end }}
         {{- else }} # DEPRECATED
         - containerPort: {{ .Values.nginx.internalPortHttps }}
+          name: https-internal
         {{- end }}
         {{- if .Values.artifactory.ssh.enabled }}
         - containerPort: {{ .Values.nginx.ssh.internalPort }}
+          name: tcp-ssh
         {{- end }}
         volumeMounts:
         - name: nginx-conf
@@ -92,8 +99,10 @@ spec:
           mountPath: "{{ .Values.nginx.persistence.mountPath }}/conf.d/"
         - name: nginx-volume
           mountPath: {{ .Values.nginx.persistence.mountPath | quote }}
+        {{- if .Values.nginx.https.enabled }}  
         - name: ssl-certificates
           mountPath: "{{ .Values.nginx.persistence.mountPath }}/ssl"
+        {{- end }}  
         resources:
 {{ toYaml .Values.nginx.resources | indent 10 }}
         {{- if .Values.nginx.readinessProbe.enabled }}
@@ -130,12 +139,10 @@ spec:
           failureThreshold: {{ .Values.nginx.livenessProbe.failureThreshold }}
           successThreshold: {{ .Values.nginx.livenessProbe.successThreshold }}
         {{- end }}
-      {{- $image := .Values.logger.image.repository }}
-      {{- $tag := .Values.logger.image.tag }}
       {{- $mountPath := .Values.nginx.persistence.mountPath }}
       {{- range .Values.nginx.loggers }}
       - name: {{ . | replace "_" "-" | replace "." "-" }}
-        image: '{{ $image }}:{{ $tag }}'
+        image: {{ include "artifactory-ha.getImageInfoByValue" (list $ "logger") }}
         command:
         - tail
         args:
@@ -182,6 +189,7 @@ spec:
       {{- else }}
         emptyDir: {}
       {{- end }}
+      {{- if .Values.nginx.https.enabled }}
       - name: ssl-certificates
         secret:
       {{- if .Values.nginx.tlsSecretName }}
@@ -189,4 +197,5 @@ spec:
       {{- else }}
           secretName: {{ template "artifactory-ha.fullname" . }}-nginx-certificate
       {{- end }}
+      {{- end }}
 {{- end }}
diff --git a/charts/artifactory-ha/templates/nginx-pvc.yaml b/charts/artifactory-ha/templates/nginx-pvc.yaml
index 68a89cea0..0e573f383 100644
--- a/charts/artifactory-ha/templates/nginx-pvc.yaml
+++ b/charts/artifactory-ha/templates/nginx-pvc.yaml
@@ -15,11 +15,11 @@ spec:
   resources:
     requests:
       storage: {{ .Values.nginx.persistence.size | quote }}
-{{- if .Values.nginx.persistence.storageClass }}
-{{- if (eq "-" .Values.nginx.persistence.storageClass) }}
+{{- if .Values.nginx.persistence.storageClassName }}
+{{- if (eq "-" .Values.nginx.persistence.storageClassName) }}
   storageClassName: ""
 {{- else }}
-  storageClassName: "{{ .Values.nginx.persistence.storageClass }}"
+  storageClassName: "{{ .Values.nginx.persistence.storageClassName }}"
 {{- end }}
 {{- end }}
 {{- end }}
diff --git a/charts/artifactory-ha/templates/nginx-service.yaml b/charts/artifactory-ha/templates/nginx-service.yaml
index d0e10e248..594717cf9 100644
--- a/charts/artifactory-ha/templates/nginx-service.yaml
+++ b/charts/artifactory-ha/templates/nginx-service.yaml
@@ -70,7 +70,7 @@ spec:
   - port: {{ .Values.nginx.ssh.externalPort }}
     targetPort: {{ .Values.nginx.ssh.internalPort }}
     protocol: TCP
-    name: ssh
+    name: tcp-ssh
   {{- end }}
   selector:
     app: {{ template "artifactory-ha.name" . }}
diff --git a/charts/artifactory-ha/values.yaml b/charts/artifactory-ha/values.yaml
index f0ff3a1c5..b142d38c6 100644
--- a/charts/artifactory-ha/values.yaml
+++ b/charts/artifactory-ha/values.yaml
@@ -3,8 +3,30 @@
 # Beware when changing values here. You should know what you are doing!
 # Access the values with {{ .Values.key.subkey }}
 
-# Common
-initContainerImage: docker.bintray.io/alpine:3.12
+global:
+  # imageRegistry: docker.bintray.io
+  # imagePullSecrets:
+  #   - myRegistryKeySecretName
+  ## Chart.AppVersion can be overidden using global.versions.artifactory or .Values.artifactory.image.tag
+  ## Note: Order of preference is 1) global.versions 2) .Values.artifactory.image.tag 3) Chart.AppVersion
+  ## This applies also for nginx images (.Values.nginx.image.tag)
+  versions: {}
+  #   artifactory:
+  # joinKey:
+  # masterKey:
+  # joinKeySecretName:
+  # masterKeySecretName:
+  # customInitContainersBegin: |
+
+  # customInitContainers: |
+
+  # customVolumes: |
+
+  # customVolumeMounts: |
+
+  # customSidecarContainers: |
+
+initContainerImage: docker.bintray.io/alpine:3.12.1
 
 installer:
   type:
@@ -13,7 +35,20 @@ installer:
 installerInfo: '{"productId": "Helm_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "Platform/{{ default "kubernetes" .Values.installer.platform }}"}]}'
 
 # For supporting pulling from private registries
-imagePullSecrets:
+# imagePullSecrets:
+#   - myRegistryKeySecretName
+
+## Artifactory systemYaml override
+## This is for advanced usecases where users wants to provide their own systemYaml for configuring artifactory
+## Refer: https://www.jfrog.com/confluence/display/JFROG/Artifactory+System+YAML
+## Note: This will override existing (default) .Values.artifactory.systemYaml in values.yaml
+## Alternatively, systemYaml can be overidden via customInitContainers using external sources like vaults, external repositories etc. Please refer customInitContainer section below for an example.
+## Note: Order of preference is 1) customInitContainers 2) systemYamlOverride existingSecret 3) default systemYaml in values.yaml
+systemYamlOverride:
+## You can use a pre-existing secret by specifying existingSecret
+  existingSecret:
+## The dataKey should be the name of the secret data key created.
+  dataKey:
 
 ## Role Based Access Control
 ## Ref: https://kubernetes.io/docs/admin/authorization/rbac/
@@ -67,6 +102,8 @@ ingress:
   # Additional ingress rules
   additionalRules: []
 
+## Allows to add custom ingress
+customIngress: |
 
 networkpolicy:
   # Allows all ingress and egress
@@ -102,7 +139,7 @@ postgresql:
   image:
     registry: docker.bintray.io
     repository: bitnami/postgresql
-    tag: 10.13.0-debian-10-r38
+    tag: 12.5.0-debian-10-r25
   postgresqlUsername: artifactory
   postgresqlPassword: ""
   postgresqlDatabase: artifactory
@@ -156,7 +193,8 @@ database:
 
 logger:
   image:
-    repository: docker.bintray.io/busybox
+    registry: docker.bintray.io
+    repository: busybox
     tag: 1.31.1
 
 # Artifactory
@@ -164,8 +202,9 @@ artifactory:
   name: artifactory-ha
   # Note that by default we use appVersion to get image tag/version
   image:
-    repository: docker.bintray.io/jfrog/artifactory-pro
-    # version:
+    registry: docker.bintray.io
+    repository: jfrog/artifactory-pro
+    # tag:
     pullPolicy: IfNotPresent
 
   # Create a priority class for the Artifactory pods or use an existing one
@@ -187,6 +226,12 @@ artifactory:
       maxThreads: 200
       extraConfig: 'acceptCount="100"'
 
+  # Support for open metrics is only available for Artifactory 7.7.x (appVersions) and above.
+  # To enable set `.Values.artifactory.openMetrics.enabled` to `true`
+  # Refer - https://www.jfrog.com/confluence/display/JFROG/Open+Metrics
+  openMetrics:
+    enabled: false
+
   # This directory is intended for use with NFS eventual configuration for HA
   haDataDir:
     enabled: false
@@ -273,13 +318,13 @@ artifactory:
 
   ## Add custom init containers execution after predefined init containers
   customInitContainers: |
-  #  - name: "custom-setup"
+  #  - name: "custom-systemyaml-setup"
   #    image: "{{ .Values.initContainerImage }}"
   #    imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
   #    command:
   #      - 'sh'
   #      - '-c'
-  #      - 'touch {{ .Values.artifactory.persistence.mountPath }}/example-custom-setup'
+  #      - 'wget -O {{ .Values.artifactory.persistence.mountPath }}/etc/system.yaml https://<repo-url>/systemyaml'
   #    volumeMounts:
   #      - mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
   #        name: volume
@@ -292,8 +337,7 @@ artifactory:
   #    image: "{{ .Values.initContainerImage }}"
   #    imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
   #    securityContext:
-  #      runAsUser: 0
-  #      fsGroup: 0
+  #      allowPrivilegeEscalation: false
   #    command:
   #      - 'sh'
   #      - '-c'
@@ -331,6 +375,7 @@ artifactory:
   #    subPath: prehook-start.sh
 
   # Add custom persistent volume mounts - Available for the pod
+  # If skipPrepareContainer is set to true , this will skip the prepare-custom-persistent-volume init container
   customPersistentPodVolumeClaim: {}
   #  name:
   #  mountPath:
@@ -338,6 +383,7 @@ artifactory:
   #   - "-"
   #  size:
   #  storageClassName:
+  #  skipPrepareContainer: false
 
   # Add custom persistent volume mounts - Available to the entire namespace
   customPersistentVolumeClaim: {}
@@ -500,6 +546,10 @@ artifactory:
         driver: "{{ .Values.database.driver }}"
       {{- end }}
     artifactory:
+    {{- if .Values.artifactory.openMetrics }}
+      metrics:
+        enabled: {{ .Values.artifactory.openMetrics.enabled }}
+    {{- end }}
     {{- if or .Values.artifactory.haDataDir.enabled .Values.artifactory.haBackupDir.enabled }}
       node:
       {{- if .Values.artifactory.haDataDir.path }}
@@ -515,6 +565,9 @@ artifactory:
         connector:
           maxThreads: {{ .Values.artifactory.tomcat.connector.maxThreads }}
           extraConfig: {{ .Values.artifactory.tomcat.connector.extraConfig }}
+    frontend:
+      session:
+        timeMinutes: {{ .Values.frontend.session.timeoutMinutes | quote }}
     access:
       database:
         maxOpenConnections: {{ .Values.access.database.maxOpenConnections }}
@@ -544,7 +597,13 @@ artifactory:
   externalArtifactoryPort: 8081
   internalArtifactoryPort: 8081
   uid: 1030
+  gid: 1030
   terminationGracePeriodSeconds: 30
+
+  ## By default, the Artifactory StatefulSet is created with a securityContext that sets the `runAsUser` and the `fsGroup` to the `artifactory.uid` value.
+  ## If you want to disable the securityContext for the Artifactory StatefulSet, set this tag to false
+  setSecurityContext: true
+
   ## The following settings are to configure the frequency of the liveness and readiness probes
   livenessProbe:
     enabled: true
@@ -807,6 +866,12 @@ artifactory:
             {{- with .cloudFrontPrivateKey }}
               <cloudFrontPrivateKey>{{ . }}</cloudFrontPrivateKey>
             {{- end }}
+            {{- with .enableSignedUrlRedirect }}
+              <enableSignedUrlRedirect>{{ . }}</enableSignedUrlRedirect>
+            {{- end }}
+            {{- with .enablePathStyleAccess }}
+              <enablePathStyleAccess>{{ . }}</enablePathStyleAccess>
+            {{- end }}
           </provider>
         {{- end }}
       </config>
@@ -983,7 +1048,7 @@ artifactory:
         #      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
         #      "client_x509_cert_url": "https://www.googleapis.com/robot/v1....."
         #   }
-      endpoint: storage.googleapis.com
+      endpoint: commondatastorage.googleapis.com
       httpsOnly: false
       # Set a unique bucket name
       bucketName: "artifactory-ha-gcp"
@@ -1011,6 +1076,8 @@ artifactory:
       cloudFrontDomainName:
       cloudFrontKeyPairId:
       cloudFrontPrivateKey:
+      enableSignedUrlRedirect: false
+      enablePathStyleAccess: false
 
     ## For artifactory.persistence.type aws-s3
     ## IMPORTANT: Make sure S3 `endpoint` and `region` match! See https://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -1075,6 +1142,22 @@ artifactory:
         # - hosts:
         #   - artifactory.domain.example
         #   secretName: chart-example-tls-secret
+    ## When replicator is enabled and want to use tracker feature, trackerIngress.enabled flag should be set to true
+    ## Please refer - https://www.jfrog.com/confluence/display/JFROG/JFrog+Peer-to-Peer+%28P2P%29+Downloads
+    trackerIngress:
+      enabled: false
+      name:
+      hosts: []
+      annotations: {}
+       # kubernetes.io/ingress.class: nginx
+       # nginx.ingress.kubernetes.io/proxy-buffering: "off"
+       # nginx.ingress.kubernetes.io/configuration-snippet: |
+       #   chunked_transfer_encoding on;
+      tls: []
+       #  Secrets must be manually created in the namespace.
+       # - hosts:
+       #   - artifactory.domain.example
+       #   secretName: chart-example-tls-secret
 
   ssh:
     enabled: false
@@ -1095,6 +1178,11 @@ artifactory:
       ## Set existingClaim to true or false
       ## If true, you must prepare a PVC with the name e.g `volume-myrelease-artifactory-ha-primary-0`
       existingClaim: false
+
+    ## IMPORTANT: This value should remain at 1!
+    replicaCount: 1
+    # minAvailable: 1
+
     ## Resources for the primary node
     resources: {}
     #  requests:
@@ -1189,6 +1277,12 @@ artifactory:
       type: ""
       topologyKey: "kubernetes.io/hostname"
 
+frontend:
+  ## Session settings
+  session:
+    ## Time in minutes after which the frontend token will need to be refreshed
+    timeoutMinutes: '30'
+
 access:
   ## Enable TLS by changing the tls entry (under the security section) in the access.config.yaml file.
   ## ref: https://www.jfrog.com/confluence/display/JFROG/Managing+TLS+Certificates#ManagingTLSCertificates
@@ -1238,10 +1332,13 @@ nginx:
   gid: 107
   # Note that by default we use appVersion to get image tag/version
   image:
-    repository: docker.bintray.io/jfrog/nginx-artifactory-pro
-    # version:
+    registry: docker.bintray.io
+    repository: jfrog/nginx-artifactory-pro
+    # tag:
     pullPolicy: IfNotPresent
 
+  # Priority Class name to be used in deployment if provided
+  priorityClassName:
 
   # Sidecar containers for tailing Nginx logs
   loggers: []
@@ -1493,7 +1590,7 @@ filebeat:
   name: artifactory-filebeat
   image:
     repository: "docker.elastic.co/beats/filebeat"
-    version: 7.5.1
+    version: 7.9.2
   logstashUrl: "logstash:5044"
 
   terminationGracePeriod: 10
@@ -1549,3 +1646,8 @@ filebeat:
     output:
       logstash:
          hosts: ["{{ .Values.filebeat.logstashUrl }}"]
+
+## Allows to add additional kubernetes resources
+## Use --- as a separator between multiple resources
+## For an example, refer - https://github.com/jfrog/log-analytics-prometheus/blob/master/artifactory-ha-values.yaml
+additionalResources: |
diff --git a/index.yaml b/index.yaml
index 606e7cda5..f844847fa 100644
--- a/index.yaml
+++ b/index.yaml
@@ -1,6 +1,35 @@
 apiVersion: v1
 entries:
   artifactory-ha:
+  - annotations:
+      catalog.cattle.io/certified: partner
+      catalog.cattle.io/release-name: artifactory-ha
+    apiVersion: v1
+    appVersion: 7.12.6
+    created: "2021-02-26T18:55:48.762534939Z"
+    dependencies:
+    - condition: postgresql.enabled
+      name: postgresql
+      repository: https://charts.bitnami.com/bitnami
+      version: 9.3.4
+    description: Universal Repository Manager supporting all major packaging formats, build tools and CI servers.
+    digest: 6f13240e67c292e0a7229b1e0b1d8389991e10850d629fab7bac34b7f702fa3c
+    home: https://www.jfrog.com/artifactory/
+    icon: https://raw.githubusercontent.com/jfrog/charts/master/stable/artifactory-ha/logo/artifactory-logo.png
+    keywords:
+    - artifactory
+    - jfrog
+    - devops
+    maintainers:
+    - email: installers@jfrog.com
+      name: Chart Maintainers at JFrog
+    name: artifactory-ha
+    sources:
+    - https://bintray.com/jfrog/product/JFrog-Artifactory-Pro/view
+    - https://github.com/jfrog/charts
+    urls:
+    - assets/artifactory-ha/artifactory-ha-4.7.600.tgz
+    version: 4.7.600
   - annotations:
       catalog.cattle.io/certified: partner
       catalog.cattle.io/release-name: artifactory-ha
@@ -550,4 +579,4 @@ entries:
     urls:
     - assets/sysdig/sysdig-1.9.200.tgz
     version: 1.9.200
-generated: "2021-02-25T22:46:37.810270792Z"
+generated: "2021-02-26T18:55:48.743664584Z"
diff --git a/sha256sum/artifactory-ha/artifactory-ha.sum b/sha256sum/artifactory-ha/artifactory-ha.sum
index 705696e5a..a434e4c79 100644
--- a/sha256sum/artifactory-ha/artifactory-ha.sum
+++ b/sha256sum/artifactory-ha/artifactory-ha.sum
@@ -1,4 +1,4 @@
-c9d48693a4167c6d483d5b8ff25b52e574d39bb288be470f750e6a8cc832472f  packages/artifactory-ha/artifactory-ha.patch
+09e6066802fa1d420df13ca6af1c4fd6c90e1497d977c97762175ca3a7ba9226  packages/artifactory-ha/artifactory-ha.patch
 d12365c0a850cb3a405e105ed2b7858644f27831a46b8dde64ede4eb25bba9c4  packages/artifactory-ha/overlay/app-readme.md
-b3242886b886a6273dba8b838dc8f9c52d0fe6a86d195d5291dd13e0e95baf9d  packages/artifactory-ha/overlay/questions.yml
-df94fbf838108e4178bc3f51be85745dda4c4f577ad842fef65e5b7d78989a0e  packages/artifactory-ha/package.yaml
+3c42752639460fe63c0b288d2ab8f6cdf87ded1b269ff307028b6c675635e67b  packages/artifactory-ha/overlay/questions.yml
+65882a62266f8948889c99279658ffcf01fb215a6d303dff9852364d0a3a3d4a  packages/artifactory-ha/package.yaml