From 0548ba90da50fa76278b36e4bc3f15a07a962939 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 17 Jul 2023 10:49:56 +0200
Subject: [PATCH 01/44] Merging work done in forked Repository to own CloudPG
 branch (#61)

* updated version in build.gradle.kts

* added new typescript module

* bump java target form 11 to 17

* remove experimental opt-ins and comment out various error sources for now

* replace String representation by Direction value and remove warning in check

* simplify equality check

* replace String value by Direction

* replace String value by Direction

* removed imports

* fixed many incompatibilities between Name and String by reading the localName and creating new Name objects without parents where needed

* added FIXME statements

* fix all remaining errors regarding Name and String types

* fix the creation of new Statements in all Handlers

* apply spotless

* fixed rest of the references in the handlers

* bumped CPG from 6.2.0 to 6.2.2 to solve issue of TranslationResult.additionalNodes not being mutable

* fix inheritance of the frontend

* trying to fix Azure.kt by replacing every instance of CallExpression.base by CallExpression.callee

* immediately bump CPG version to 7.0.0 in order to save redundant work on passes

* adapt all passes to the new structure in CPG 7.0.0

* fix pass registration to work with CPG 7.0.0

* add RubyLanguage.kt

* bump neo4j to version 4.0.5 to fix NoSuchMethod-Errors

* manually register the default Languages

* correcly overwrite visit in all IVisitors.
Also stop trying to get "additionalNodes" from scratch since they are now a part of the result

* split the searches again to prevent any order errors

* make spotless

* add comments

* apply various fixes from oxisto's branch "cpg-v6"

* fix order of evaluation leading to NPE

* made code resistant against unsafe casts, null values, empty lists. Also added comments in these places.

* remove unused import

* replace calls of deprecated TranslationResult.translationUnits

* remove heaps of warnings concerning unused variables/parameters and deprecated calls

* correctly override additional "visit" functions

* fix typo

* manage debugging comments

* add full request name parsing that was not working in previous versions

* add comments regarding (missing) functionality

* return all visitors into its original form, this prevents any subclasses from being visited as well

* manually register the GoExtraPass

* move defaultPasses after language registrations
---
 build.gradle.kts                              |   4 +-
 cloudpg/build.gradle.kts                      |  22 +--
 .../src/main/java/io/clouditor/graph/App.kt   | 119 +++++++---------
 .../java/io/clouditor/graph/ValueResolver.kt  |   2 +
 .../frontends/ruby/DeclarationHandler.kt      |  17 +--
 .../graph/frontends/ruby/ExpressionHandler.kt | 107 +++++++--------
 .../graph/frontends/ruby/RubyLanguage.kt      |  61 +++++++++
 .../frontends/ruby/RubyLanguageFrontend.kt    |  26 ++--
 .../graph/frontends/ruby/StatementHandler.kt  |  14 +-
 .../clouditor/graph/github/WorkflowHandler.kt |  36 +++--
 .../java/io/clouditor/graph/nodes/Database.kt |   8 +-
 .../java/io/clouditor/graph/nodes/Holder.kt   |   7 +-
 .../clouditor/graph/nodes/labels/AnonLabel.kt |   6 +-
 .../io/clouditor/graph/nodes/labels/Label.kt  |   2 +-
 .../graph/nodes/labels/PrivacyLabel.kt        |   3 +-
 .../java/io/clouditor/graph/passes/Azure.kt   | 100 +++++++-------
 .../passes/BidirectionalEdgesCachePass.kt     |  30 ++--
 .../passes/CloudResourceDiscoveryPass.kt      |   5 +-
 .../graph/passes/DFGExtensionPass.kt          |  33 +++--
 .../graph/passes/DatabaseOperationPass.kt     |   7 +-
 .../graph/passes/GitHubWorkflowPass.kt        |  17 ++-
 .../graph/passes/GormDatabasePass.kt          |  63 ++++-----
 .../clouditor/graph/passes/HttpClientPass.kt  |  11 +-
 .../graph/passes/HttpStatusCodesPass.kt       |  14 +-
 .../graph/passes/IngressInvocationPass.kt     |   5 +-
 .../clouditor/graph/passes/KubernetesPass.kt  |  34 ++---
 .../graph/passes/LabelExtractionPass.kt       |  86 ++++++------
 .../java/io/clouditor/graph/passes/LogPass.kt |   8 +-
 .../graph/passes/golang/GinGonicPass.kt       | 128 +++++++++++-------
 .../graph/passes/golang/GoCryptoPass.kt       |  38 +++---
 .../graph/passes/golang/GolangHttpPass.kt     |  57 ++++----
 .../passes/golang/GolangHttpRequestPass.kt    |  45 +++---
 .../graph/passes/golang/GolangLogPass.kt      |  59 ++++----
 .../graph/passes/java/JaxRsClientPass.kt      |  59 ++++----
 .../clouditor/graph/passes/java/JaxRsPass.kt  |  43 +++---
 .../graph/passes/java/SpringBootPass.kt       |  64 +++++----
 .../io/clouditor/graph/passes/js/FetchPass.kt |  23 ++--
 .../clouditor/graph/passes/js/JSHttpPass.kt   |  62 +++++----
 .../graph/passes/js/JSValueResolver.kt        |   5 +-
 .../graph/passes/python/CryptographyPass.kt   |  38 +++---
 .../graph/passes/python/FlaskPass.kt          |  60 ++++----
 .../graph/passes/python/Psycopg2Pass.kt       |  67 ++++-----
 .../graph/passes/python/PyMongoPass.kt        |  70 +++++-----
 .../graph/passes/python/PythonLogPass.kt      |  18 +--
 .../passes/python/PythonValueResolver.kt      |   9 +-
 .../graph/passes/python/RequestsPass.kt       |  37 +++--
 .../graph/passes/ruby/WebBrickPass.kt         |  44 +++---
 .../graph/testing/LocalTestingPass.kt         |  30 ++--
 .../io/clouditor/graph/DetectabilityTest.kt   |   5 +
 49 files changed, 1004 insertions(+), 804 deletions(-)
 create mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt

diff --git a/build.gradle.kts b/build.gradle.kts
index 0c664b1..5c4b437 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -1,7 +1,7 @@
 plugins {
     // Apply the Kotlin JVM plugin to add support for Kotlin.
-    id("org.jetbrains.kotlin.jvm") version "1.7.20-Beta" apply false
-    kotlin("plugin.serialization") version "1.7.20-Beta" apply false
+    id("org.jetbrains.kotlin.jvm") version "1.8.0" apply false
+    kotlin("plugin.serialization") version "1.8.0" apply false
     id("com.diffplug.spotless") version "5.12.1"
 }
 
diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts
index 1aab640..fb414b7 100644
--- a/cloudpg/build.gradle.kts
+++ b/cloudpg/build.gradle.kts
@@ -1,5 +1,3 @@
-import org.jetbrains.kotlin.com.intellij.openapi.vfs.StandardFileSystems.jar
-
 /*
  * This file was generated by the Gradle 'init' task.
  *
@@ -31,13 +29,13 @@ java {
     sourceSets["main"].java {
         srcDir("${generatedDir}/main/java")
     }
-    sourceCompatibility = JavaVersion.VERSION_11
-    targetCompatibility = JavaVersion.VERSION_11
+    sourceCompatibility = JavaVersion.VERSION_17
+    targetCompatibility = JavaVersion.VERSION_17
 }
 
 tasks.withType<org.jetbrains.kotlin.gradle.tasks.KotlinCompile>().configureEach {
     kotlinOptions {
-        jvmTarget = "11"
+        jvmTarget = "17"
     }
 }
 
@@ -50,6 +48,7 @@ publishing {
 }
 
 repositories {
+    mavenLocal()
     mavenCentral()
 
     maven { setUrl("https://jitpack.io") }
@@ -59,7 +58,7 @@ repositories {
     }
 
     ivy {
-        setUrl("https://download.eclipse.org/tools/cdt/releases/10.3/cdt-10.3.2/plugins")
+        setUrl("https://download.eclipse.org/tools/cdt/releases/11.0/cdt-11.0.0/plugins")
         metadataSources {
             artifact()
         }
@@ -71,20 +70,23 @@ repositories {
 
 dependencies {
     implementation("org.junit.jupiter:junit-jupiter:5.7.0")
-    val version = "4.6.0"
+    val version = "7.0.0"
 
     implementation("de.fraunhofer.aisec:cpg-core:$version")
     implementation("de.fraunhofer.aisec:cpg-analysis:$version")
     implementation("de.fraunhofer.aisec:cpg-language-go:$version")
     implementation("de.fraunhofer.aisec:cpg-language-python:$version")
+    implementation("de.fraunhofer.aisec:cpg-language-typescript:$version")
+    implementation("de.fraunhofer.aisec:cpg-language-java:$version")
+    implementation("de.fraunhofer.aisec:cpg-language-cxx:$version")
 
     implementation("com.fasterxml.jackson.module:jackson-module-kotlin:2.13.+")
     implementation ("org.xmlunit:xmlunit-core:2.9.0")
     implementation("org.xmlunit:xmlunit-matchers:2.9.0")
 
-    api("org.neo4j", "neo4j-ogm-core", "3.2.31")
-    api("org.neo4j", "neo4j-ogm", "3.2.21")
-    api("org.neo4j", "neo4j-ogm-bolt-driver", "3.2.21")
+    api("org.neo4j", "neo4j-ogm-core", "4.0.5")
+    api("org.neo4j", "neo4j-ogm", "4.0.5")
+    api("org.neo4j", "neo4j-ogm-bolt-driver", "4.0.5")
 
     implementation(platform("org.jetbrains.kotlin:kotlin-bom"))
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/App.kt b/cloudpg/src/main/java/io/clouditor/graph/App.kt
index 658ab9f..26c7bbf 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/App.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/App.kt
@@ -4,14 +4,18 @@
 package io.clouditor.graph
 
 import de.fraunhofer.aisec.cpg.*
-import de.fraunhofer.aisec.cpg.frontends.golang.GoLanguageFrontend
-import de.fraunhofer.aisec.cpg.frontends.python.PythonLanguageFrontend
-import de.fraunhofer.aisec.cpg.frontends.typescript.TypeScriptLanguageFrontend
+import de.fraunhofer.aisec.cpg.frontends.cxx.CLanguage
+import de.fraunhofer.aisec.cpg.frontends.cxx.CPPLanguage
+import de.fraunhofer.aisec.cpg.frontends.golang.GoLanguage
+import de.fraunhofer.aisec.cpg.frontends.java.JavaLanguage
+import de.fraunhofer.aisec.cpg.frontends.python.PythonLanguage
+import de.fraunhofer.aisec.cpg.frontends.typescript.TypeScriptLanguage
 import de.fraunhofer.aisec.cpg.graph.Node
+import de.fraunhofer.aisec.cpg.graph.allChildren
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
-import de.fraunhofer.aisec.cpg.graph.graph
 import de.fraunhofer.aisec.cpg.helpers.Benchmark
-import io.clouditor.graph.frontends.ruby.RubyLanguageFrontend
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import io.clouditor.graph.frontends.ruby.RubyLanguage
 import io.clouditor.graph.nodes.Builder
 import io.clouditor.graph.passes.*
 import io.clouditor.graph.passes.golang.*
@@ -35,12 +39,6 @@ import picocli.CommandLine
     mixinStandardHelpOptions = true,
     description = ["Builds the Cloud Property Graph and persists it into a graph database."]
 )
-@OptIn(
-    ExperimentalTypeScript::class,
-    ExperimentalPython::class,
-    ExperimentalGolang::class,
-    ExperimentalGraph::class
-)
 object App : Callable<Int> {
     @CommandLine.Option(
         names = ["-k8s-n", "--kubernetes-namespaces"],
@@ -93,12 +91,13 @@ object App : Callable<Int> {
         val result = doTranslate()
 
         val nodes = mutableListOf<Node>()
-        nodes.addAll(result.graph.nodes)
-        nodes.addAll(result.translationUnits)
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        nodes.addAll(result.allChildren())
         nodes.addAll(result.images)
         nodes.addAll(result.builders)
         nodes.addAll(result.computes)
-        nodes.addAll(result.translationUnits)
+        nodes.addAll(translationUnits)
         nodes.addAll(result.additionalNodes)
 
         session.beginTransaction().use { transaction ->
@@ -123,67 +122,55 @@ object App : Callable<Int> {
             TranslationConfiguration.builder()
                 .topLevel(rootPath.toFile())
                 .sourceLocations(paths.map { rootPath.resolve(it).toFile() })
-                .defaultPasses()
-                .defaultLanguages()
-                .registerLanguage(
-                    RubyLanguageFrontend::class.java,
-                    RubyLanguageFrontend.RUBY_EXTENSIONS
-                )
-                .registerLanguage(
-                    TypeScriptLanguageFrontend::class.java,
-                    TypeScriptLanguageFrontend.TYPESCRIPT_EXTENSIONS +
-                        TypeScriptLanguageFrontend.JAVASCRIPT_EXTENSIONS
-                )
-                .registerLanguage(
-                    PythonLanguageFrontend::class.java,
-                    PythonLanguageFrontend.PY_EXTENSIONS
-                )
-                .registerLanguage(
-                    GoLanguageFrontend::class.java,
-                    GoLanguageFrontend.GOLANG_EXTENSIONS
-                )
+                .registerLanguage(RubyLanguage())
+                .registerLanguage(JavaLanguage())
+                .registerLanguage(CPPLanguage())
+                .registerLanguage(CLanguage())
+                .registerLanguage(TypeScriptLanguage())
+                .registerLanguage(PythonLanguage())
+                .registerLanguage(GoLanguage())
                 .debugParser(true)
-                .registerPass(GitHubWorkflowPass())
-                .registerPass(SpringBootPass())
-                .registerPass(JaxRsPass())
-                .registerPass(GolangHttpPass())
-                .registerPass(GinGonicPass())
-                .registerPass(WebBrickPass())
-                .registerPass(JSHttpPass())
-                .registerPass(FlaskPass())
+                .defaultPasses()
+                // This pass needs to be executed to have all VariableDeclarations
+                .registerPass(GoExtraPass::class)
+                .registerPass(GitHubWorkflowPass::class)
+                .registerPass(SpringBootPass::class)
+                .registerPass(JaxRsPass::class)
+                .registerPass(GolangHttpPass::class)
+                .registerPass(GinGonicPass::class)
+                .registerPass(WebBrickPass::class)
+                .registerPass(JSHttpPass::class)
+                .registerPass(FlaskPass::class)
                 .apply {
                     if (localMode) {
                         // register the localTestingPass after the HTTP Passes since it needs HTTP
                         // request handlers
-                        registerPass(LocalTestingPass())
-                        registerPass(GolangHttpRequestPass())
+                        registerPass(LocalTestingPass::class)
+                        registerPass(GolangHttpRequestPass::class)
                     } else {
-                        registerPass(AzurePass())
-                        registerPass(AzureClientSDKPass())
-                        registerPass(KubernetesPass())
-                        registerPass(IngressInvocationPass())
+                        registerPass(AzurePass::class)
+                        registerPass(AzureClientSDKPass::class)
+                        registerPass(KubernetesPass::class)
+                        registerPass(IngressInvocationPass::class)
                     }
                 }
-                .registerPass(CryptographyPass())
-                .registerPass(GoCryptoPass())
-                .registerPass(JaxRsClientPass())
-                .registerPass(FetchPass())
-                .registerPass(RequestsPass())
-                .registerPass(PythonLogPass())
-                .registerPass(GolangLogPass())
-                .registerPass(GormDatabasePass())
-                .registerPass(PyMongoPass())
-                .registerPass(Psycopg2Pass())
+                .registerPass(CryptographyPass::class)
+                .registerPass(GoCryptoPass::class)
+                .registerPass(JaxRsClientPass::class)
+                .registerPass(FetchPass::class)
+                .registerPass(RequestsPass::class)
+                .registerPass(PythonLogPass::class)
+                .registerPass(GolangLogPass::class)
+                .registerPass(GormDatabasePass::class)
+                .registerPass(PyMongoPass::class)
+                .registerPass(Psycopg2Pass::class)
                 .processAnnotations(true)
 
         if (labelsEnabled) {
-            val edgesCache: BidirectionalEdgesCachePass = BidirectionalEdgesCachePass()
-            val labelPass: LabelExtractionPass = LabelExtractionPass()
-            labelPass.edgesCachePass = edgesCache
             builder
-                .registerPass(DFGExtensionPass())
-                .registerPass(edgesCache)
-                .registerPass(labelPass)
+                .registerPass(DFGExtensionPass::class)
+                .registerPass(BidirectionalEdgesCachePass::class)
+                .registerPass(LabelExtractionPass::class)
                 .matchCommentsToNodes(true)
         }
 
@@ -196,7 +183,6 @@ object App : Callable<Int> {
     }
 }
 
-@OptIn(ExperimentalPython::class, ExperimentalTypeScript::class, ExperimentalGolang::class)
 fun main(args: Array<String>): Unit = exitProcess(CommandLine(App).execute(*args))
 
 val TranslationResult.images: MutableList<Image>
@@ -212,11 +198,6 @@ val TranslationResult.computes: MutableList<Compute>
         this.scratch.computeIfAbsent("computes") { mutableListOf<Compute>() } as
             MutableList<Compute>
 
-val TranslationResult.additionalNodes: MutableList<Node>
-    get() =
-        this.scratch.computeIfAbsent("additionalNodes") { mutableListOf<Node>() } as
-            MutableList<Node>
-
 fun TranslationResult.findApplicationByTU(tu: TranslationUnitDeclaration): Application? {
     return this.additionalNodes.filterIsInstance(Application::class.java).firstOrNull {
         it.translationUnits.contains(tu)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt b/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt
index befeaeb..e5b160b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt
@@ -14,6 +14,8 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
  * literal values. Furthermore, its behaviour can be adjusted by implementing the [cannotResolve]
  * function, which is called when the default behaviour would not be able to resolve the value. This
  * way, language specific features such as string formatting can be modelled.
+ *
+ * TODO: Replace with Evaluator from the new cpg-analysis package
  */
 open class ValueResolver(
     /**
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt
index 012daf4..4ecbb7e 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt
@@ -1,9 +1,9 @@
 package io.clouditor.graph.frontends.ruby
 
 import de.fraunhofer.aisec.cpg.frontends.Handler
-import de.fraunhofer.aisec.cpg.graph.NodeBuilder
 import de.fraunhofer.aisec.cpg.graph.declarations.Declaration
 import de.fraunhofer.aisec.cpg.graph.declarations.ProblemDeclaration
+import de.fraunhofer.aisec.cpg.graph.newParamVariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.types.UnknownType
 import org.jruby.ast.*
 
@@ -19,14 +19,11 @@ class DeclarationHandler(lang: RubyLanguageFrontend) :
             return null
         }
 
-        val param =
-            NodeBuilder.newMethodParameterIn(
-                node.name.idString(),
-                UnknownType.getUnknownType(),
-                false,
-                lang.getCodeFromRawNode(node)
-            )
-
-        return param
+        return newParamVariableDeclaration(
+            node.name.idString(),
+            UnknownType.getUnknownType(frontend.language),
+            false,
+            frontend.getCodeFromRawNode(node)
+        )
     }
 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt
index 047e090..ddb5413 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt
@@ -1,13 +1,13 @@
 package io.clouditor.graph.frontends.ruby
 
 import de.fraunhofer.aisec.cpg.frontends.Handler
-import de.fraunhofer.aisec.cpg.graph.NodeBuilder
+import de.fraunhofer.aisec.cpg.graph.*
 import de.fraunhofer.aisec.cpg.graph.statements.Statement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.ProblemExpression
-import de.fraunhofer.aisec.cpg.graph.types.TypeParser
 import de.fraunhofer.aisec.cpg.graph.types.UnknownType
 import org.jruby.ast.*
+import org.jruby.ast.Node
 
 class ExpressionHandler(lang: RubyLanguageFrontend) :
     Handler<Statement, Node, RubyLanguageFrontend>({ ProblemExpression() }, lang) {
@@ -26,7 +26,7 @@ class ExpressionHandler(lang: RubyLanguageFrontend) :
         if (node !is FCallNode) {
             return null
         }
-
+        // FIXME: what is this? Unimplemented or intentional?
         return null
     }
 
@@ -35,20 +35,22 @@ class ExpressionHandler(lang: RubyLanguageFrontend) :
             return null
         }
 
-        var binOp = NodeBuilder.newBinaryOperator("=", lang.getCodeFromRawNode(node))
+        val binOp = newBinaryOperator("=", frontend.getCodeFromRawNode(node))
 
-        var base = this.handle(node.receiverNode) as? Expression
-        var expr =
-            NodeBuilder.newMemberExpression(
-                base,
-                UnknownType.getUnknownType(),
+        val base =
+            this.handle(node.receiverNode) as? Expression
+                ?: return ProblemExpression("could not parse base")
+        val expr =
+            newMemberExpression(
                 node.name.idString(),
+                base,
+                UnknownType.getUnknownType(frontend.language),
                 "=",
-                lang.getCodeFromRawNode(base)
+                frontend.getCodeFromRawNode(base)
             )
 
         binOp.lhs = expr
-        binOp.rhs = this.handle(node.argsNode) as? Expression
+        (this.handle(node.argsNode) as? Expression)?.let { binOp.rhs = it }
 
         return expr
     }
@@ -58,14 +60,11 @@ class ExpressionHandler(lang: RubyLanguageFrontend) :
             return null
         }
 
-        val ref =
-            NodeBuilder.newDeclaredReferenceExpression(
-                node.name.idString(),
-                UnknownType.getUnknownType(),
-                lang.getCodeFromRawNode(node)
-            )
-
-        return ref
+        return newDeclaredReferenceExpression(
+            node.name.idString(),
+            UnknownType.getUnknownType(language),
+            frontend.getCodeFromRawNode(node)
+        )
     }
 
     private fun handleAssignableNode(node: Node?): Statement? {
@@ -82,23 +81,23 @@ class ExpressionHandler(lang: RubyLanguageFrontend) :
 
         // either a binary operator or a variable declaration
         val lhs =
-            NodeBuilder.newDeclaredReferenceExpression(
+            newDeclaredReferenceExpression(
                 name.idString(),
-                UnknownType.getUnknownType(),
-                lang.getCodeFromRawNode(node)
+                UnknownType.getUnknownType(language),
+                frontend.getCodeFromRawNode(node)
             )
         val rhs = this.handle((node as AssignableNode).valueNode) as? Expression
 
         // can we resolve it?
-        var decl = this.lang.scopeManager.resolveReference(lhs)
+        var decl = frontend.scopeManager.resolveReference(lhs)
 
         if (decl == null) {
-            val stmt = NodeBuilder.newDeclarationStatement(lang.getCodeFromRawNode(lhs))
+            val stmt = newDeclarationStatement(frontend.getCodeFromRawNode(node))
             decl =
-                NodeBuilder.newVariableDeclaration(
+                newVariableDeclaration(
                     lhs.name,
-                    UnknownType.getUnknownType(),
-                    lang.getCodeFromRawNode(lhs),
+                    UnknownType.getUnknownType(language),
+                    frontend.getCodeFromRawNode(node),
                     false
                 )
             decl.initializer = rhs
@@ -108,9 +107,9 @@ class ExpressionHandler(lang: RubyLanguageFrontend) :
             return stmt
         }
 
-        val binOp = NodeBuilder.newBinaryOperator("=", lang.getCodeFromRawNode(node))
+        val binOp = newBinaryOperator("=", frontend.getCodeFromRawNode(node))
         binOp.lhs = lhs
-        binOp.rhs = rhs
+        rhs?.let { binOp.rhs = it }
 
         return binOp
     }
@@ -120,25 +119,19 @@ class ExpressionHandler(lang: RubyLanguageFrontend) :
             return null
         }
 
-        val base = handle(node.receiverNode) as? Expression
-        val member = null
+        val base =
+            handle(node.receiverNode) as? Expression
+                ?: return ProblemExpression("could not parse base")
+        val callee = newMemberExpression(node.name.asJavaString(), base)
 
-        val mce =
-            NodeBuilder.newMemberCallExpression(
-                node.name.asJavaString(),
-                node.name.asJavaString(),
-                base,
-                member,
-                ".",
-                lang.getCodeFromRawNode(node)
-            )
+        val mce = newMemberCallExpression(callee, false, frontend.getCodeFromRawNode(node))
 
         for (arg in node.argsNode?.childNodes() ?: emptyList()) {
-            mce.addArgument(handle(arg) as? Expression)
+            mce.addArgument(handle(arg) as Expression)
         }
 
         // add the iterNode as last argument
-        node.iterNode?.let { mce.addArgument(handle(it) as? Expression) }
+        node.iterNode?.let { mce.addArgument(handle(it) as Expression) }
 
         return mce
     }
@@ -151,24 +144,23 @@ class ExpressionHandler(lang: RubyLanguageFrontend) :
         // a complete hack, to handle iter nodes, which is sort of a lambda expression
         // so we create an anonymous function declaration out of the bodyNode and varNode
         // and a declared reference expressions to that anonymous function
-        val func = NodeBuilder.newFunctionDeclaration("", lang.getCodeFromRawNode(node))
+        val func = newFunctionDeclaration("", frontend.getCodeFromRawNode(node))
 
-        lang.scopeManager.enterScope(func)
+        frontend.scopeManager.enterScope(func)
 
         for (arg in node.argsNode.args) {
-            val param = lang.declarationHandler.handle(arg)
-            lang.scopeManager.addDeclaration(param)
+            val param = frontend.declarationHandler.handle(arg)
+            frontend.scopeManager.addDeclaration(param)
         }
 
-        func.body = lang.statementHandler.handle(node.bodyNode)
+        func.body = frontend.statementHandler.handle(node.bodyNode)
 
-        lang.scopeManager.leaveScope(func)
+        frontend.scopeManager.leaveScope(func)
 
-        var def = NodeBuilder.newDeclarationStatement(lang.getCodeFromRawNode(node))
+        val def = newDeclarationStatement(frontend.getCodeFromRawNode(node))
         def.singleDeclaration = func
 
-        var cse =
-            NodeBuilder.newCompoundStatementExpression(lang.getCodeFromRawNode(node).toString())
+        val cse = newCompoundStatementExpression(frontend.getCodeFromRawNode(node))
         cse.statement = def
 
         return cse
@@ -179,13 +171,10 @@ class ExpressionHandler(lang: RubyLanguageFrontend) :
             return null
         }
 
-        val literal =
-            NodeBuilder.newLiteral(
-                String(node.value.bytes()),
-                TypeParser.createFrom("string", false),
-                lang.getCodeFromRawNode(node)
-            )
-
-        return literal
+        return newLiteral(
+            String(node.value.bytes()),
+            parseType("string"),
+            frontend.getCodeFromRawNode(node)
+        )
     }
 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt
new file mode 100644
index 0000000..9d26683
--- /dev/null
+++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt
@@ -0,0 +1,61 @@
+package io.clouditor.graph.frontends.ruby
+
+import de.fraunhofer.aisec.cpg.ScopeManager
+import de.fraunhofer.aisec.cpg.frontends.*
+import de.fraunhofer.aisec.cpg.graph.Name
+import de.fraunhofer.aisec.cpg.graph.declarations.RecordDeclaration
+import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression
+import de.fraunhofer.aisec.cpg.graph.types.*
+import kotlin.reflect.KClass
+
+/** The Ruby Language */
+class RubyLanguage() :
+    Language<RubyLanguageFrontend>(),
+    HasDefaultArguments,
+    HasClasses,
+    HasSuperClasses,
+    HasShortCircuitOperators {
+    override val fileExtensions = listOf("rb")
+    override val namespaceDelimiter = "::"
+    @Transient override val frontend: KClass<out RubyLanguageFrontend> = RubyLanguageFrontend::class
+    override val superClassKeyword = "super"
+    override val conjunctiveOperators = listOf("&&")
+    override val disjunctiveOperators = listOf("||")
+
+    @Transient
+    /** See [The RubySpec](https://github.com/ruby/spec) */
+    override val builtInTypes =
+        mapOf(
+            // The bit width of the Integer type in Ruby is only limited by your memory
+            "Integer" to IntegerType("Integer", null, this, NumericType.Modifier.SIGNED),
+            "Float" to FloatingPointType("Float", 64, this, NumericType.Modifier.SIGNED),
+            "String" to StringType("String", this),
+            // The bit width of Booleans is not defined in the specification and
+            // implementation-dependant
+            "Boolean" to BooleanType("Boolean", null, this, NumericType.Modifier.NOT_APPLICABLE)
+        )
+
+    override val compoundAssignmentOperators =
+        setOf(
+            "+=", // Addition assignment
+            "-=", // Subtraction assignment
+            "*=", // Multiplication assignment
+            "/=", // Division assignment
+            "%=", // Modulo assignment
+            "**=", // Exponentiation assignment
+            "<<=", // Left shift assignment
+            ">>=", // Right shift assignment
+            "&=", // Bitwise AND assignment
+            "|=", // Bitwise OR assignment
+            "^=" // Bitwise XOR assignment
+        )
+
+    override fun handleSuperCall(
+        callee: MemberExpression,
+        curClass: RecordDeclaration,
+        scopeManager: ScopeManager,
+        recordMap: Map<Name, RecordDeclaration>
+    ): Boolean {
+        TODO("Not yet implemented")
+    }
+}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt
index 122066b..4d43c98 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt
@@ -1,10 +1,11 @@
 package io.clouditor.graph.frontends.ruby
 
-import de.fraunhofer.aisec.cpg.TranslationConfiguration
+import de.fraunhofer.aisec.cpg.TranslationContext
+import de.fraunhofer.aisec.cpg.frontends.Language
 import de.fraunhofer.aisec.cpg.frontends.LanguageFrontend
-import de.fraunhofer.aisec.cpg.graph.NodeBuilder
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
-import de.fraunhofer.aisec.cpg.passes.scopes.ScopeManager
+import de.fraunhofer.aisec.cpg.graph.newFunctionDeclaration
+import de.fraunhofer.aisec.cpg.graph.newTranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.sarif.PhysicalLocation
 import java.io.File
 import org.checkerframework.checker.nullness.qual.NonNull
@@ -14,19 +15,15 @@ import org.jruby.ast.RootNode
 import org.jruby.parser.Parser
 import org.jruby.parser.ParserConfiguration
 
-class RubyLanguageFrontend(config: @NonNull TranslationConfiguration, scopeManager: ScopeManager?) :
-    LanguageFrontend(config, scopeManager, "::") {
-
-    companion object {
-        @kotlin.jvm.JvmField var RUBY_EXTENSIONS: List<String> = listOf(".rb")
-    }
-
+class RubyLanguageFrontend(
+    language: Language<RubyLanguageFrontend>,
+    ctx: @NonNull TranslationContext
+) : LanguageFrontend(language, ctx) {
     val declarationHandler: DeclarationHandler = DeclarationHandler(this)
     val expressionHandler: ExpressionHandler = ExpressionHandler(this)
     val statementHandler: StatementHandler = StatementHandler(this)
 
     override fun parse(file: File): TranslationUnitDeclaration {
-
         val ruby = Ruby.getGlobalRuntime()
         val parser = Parser(ruby)
 
@@ -43,17 +40,14 @@ class RubyLanguageFrontend(config: @NonNull TranslationConfiguration, scopeManag
     }
 
     private fun handleRootNode(node: RootNode, file: File): TranslationUnitDeclaration {
-        val tu = NodeBuilder.newTranslationUnitDeclaration(node.file, getCodeFromRawNode(node))
+        val tu = newTranslationUnitDeclaration(node.file, getCodeFromRawNode(node))
 
         scopeManager.resetToGlobal(tu)
 
         // wrap everything into a virtual global function because we only have declarations on the
         // top
         val func =
-            NodeBuilder.newFunctionDeclaration(
-                file.nameWithoutExtension + "_global",
-                getCodeFromRawNode(node)
-            )
+            newFunctionDeclaration(file.nameWithoutExtension + "_global", getCodeFromRawNode(node))
 
         scopeManager.enterScope(func)
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt
index e9efd04..c561ecd 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt
@@ -1,7 +1,8 @@
 package io.clouditor.graph.frontends.ruby
 
 import de.fraunhofer.aisec.cpg.frontends.Handler
-import de.fraunhofer.aisec.cpg.graph.NodeBuilder
+import de.fraunhofer.aisec.cpg.graph.newCompoundStatement
+import de.fraunhofer.aisec.cpg.graph.newReturnStatement
 import de.fraunhofer.aisec.cpg.graph.statements.CompoundStatement
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
 import de.fraunhofer.aisec.cpg.graph.statements.Statement
@@ -22,11 +23,10 @@ class StatementHandler(lang: RubyLanguageFrontend) :
         }
 
         blockNode.containsVariableAssignment()
-        val compoundStatement = NodeBuilder.newCompoundStatement(lang.getCodeFromRawNode(blockNode))
+        val compoundStatement = newCompoundStatement(frontend.getCodeFromRawNode(blockNode))
 
         for (node in blockNode) {
-            val statement = lang.expressionHandler.handle(node)
-
+            val statement = frontend.expressionHandler.handle(node)
             statement?.let { compoundStatement.addStatement(it) }
         }
 
@@ -34,13 +34,13 @@ class StatementHandler(lang: RubyLanguageFrontend) :
 
         // get the last statement
         var lastStatement: Statement? = null
-        if (!statements.isEmpty()) {
-            lastStatement = statements.get(statements.size - 1)
+        if (statements.isNotEmpty()) {
+            lastStatement = statements[statements.size - 1]
         }
 
         // add an implicit return statement, if there is none
         if (lastStatement !is ReturnStatement) {
-            val returnStatement = NodeBuilder.newReturnStatement("return")
+            val returnStatement = newReturnStatement("return")
             returnStatement.isImplicit = true
             compoundStatement.addStatement(returnStatement)
         }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt
index a1848c9..b3bd297 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt
@@ -3,8 +3,10 @@ package io.clouditor.graph.github
 import com.azure.core.management.Region
 import com.fasterxml.jackson.databind.ObjectMapper
 import com.fasterxml.jackson.dataformat.yaml.YAMLFactory
+import com.fasterxml.jackson.module.kotlin.KotlinFeature
 import com.fasterxml.jackson.module.kotlin.KotlinModule
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import io.clouditor.graph.*
 import io.clouditor.graph.docker.DockerCompose
 import io.clouditor.graph.nodes.Builder
@@ -13,9 +15,9 @@ import io.clouditor.graph.passes.locationForRegion
 import java.lang.IllegalArgumentException
 import java.nio.file.Files
 import java.nio.file.Path
-import kotlin.io.path.name
 
-class WorkflowHandler(private val result: TranslationResult, val rootPath: Path) {
+@Suppress("UNUSED_PARAMETER")
+class WorkflowHandler(private val result: TranslationResult, private val rootPath: Path) {
 
     fun handleWorkflow(workflow: Workflow) {
         workflow.jobs.values.forEach { handleJob(it, workflow) }
@@ -43,7 +45,7 @@ class WorkflowHandler(private val result: TranslationResult, val rootPath: Path)
                 ?.let { command ->
                     val application =
                         result.additionalNodes.filterIsInstance(Application::class.java)
-                            .firstOrNull { it.name == Path.of(path).fileName.toString() }
+                            .firstOrNull { it.name.localName == Path.of(path).fileName.toString() }
                     val rr = command.split(" ")
 
                     // look for the host
@@ -65,13 +67,22 @@ class WorkflowHandler(private val result: TranslationResult, val rootPath: Path)
                                 result.locationForRegion(Region.US_EAST),
                                 mutableMapOf()
                             )
-                        compute.name = host
+                        compute.name = Name(host)
                         application?.runsOn?.plusAssign(compute)
 
                         result += compute
 
                         val mapper = ObjectMapper(YAMLFactory())
-                        mapper.registerModule(KotlinModule())
+                        mapper.registerModule(
+                            KotlinModule.Builder()
+                                .withReflectionCacheSize(512)
+                                .configure(KotlinFeature.NullToEmptyCollection, false)
+                                .configure(KotlinFeature.NullToEmptyMap, false)
+                                .configure(KotlinFeature.NullIsSameAsDefault, false)
+                                .configure(KotlinFeature.SingletonSupport, false)
+                                .configure(KotlinFeature.StrictNullChecks, false)
+                                .build()
+                        )
 
                         Files.newBufferedReader(rootPath.resolve(composePath)).use { reader ->
                             val compose = mapper.readValue(reader, DockerCompose::class.java)
@@ -89,7 +100,7 @@ class WorkflowHandler(private val result: TranslationResult, val rootPath: Path)
                                             compute.geoLocation,
                                             mutableMapOf()
                                         )
-                                    networkService.name = host
+                                    networkService.name = Name(host)
 
                                     result += networkService
                                 }
@@ -108,9 +119,11 @@ class WorkflowHandler(private val result: TranslationResult, val rootPath: Path)
                 // filter out the translation units belonging to these applications, until cpg#341
                 // is
                 // solved
+                val translationUnits =
+                    result.components.stream().flatMap { it.translationUnits.stream() }.toList()
                 val tus =
-                    result.translationUnits.filter {
-                        val tuPath = Path.of(it.name)
+                    translationUnits.filter {
+                        val tuPath = Path.of(it.name.localName)
 
                         try {
                             tuPath.startsWith(Path.of(path).toAbsolutePath().normalize()) ||
@@ -121,6 +134,7 @@ class WorkflowHandler(private val result: TranslationResult, val rootPath: Path)
                     }
 
                 // create a new application based on the path
+                // TODO: Use component from the new CPG API
                 val application =
                     Application(
                         mutableListOf(),
@@ -128,18 +142,18 @@ class WorkflowHandler(private val result: TranslationResult, val rootPath: Path)
                         mutableListOf(),
                         tus,
                     )
-                application.name = Path.of(path).fileName.toString()
+                application.name = Name(Path.of(path).fileName.toString())
 
                 result.additionalNodes += application
 
                 // we need to assume, that GH stores its images in the US
                 val image = Image(application, result.location("US"), mapOf())
-                image.name = name
+                image.name = Name(name)
 
                 result.images += image
 
                 val builder = Builder(mutableListOf(image))
-                step.name?.let { builder.name = it }
+                step.name?.let { builder.name = Name(it) }
 
                 result.builders += builder
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/nodes/Database.kt b/cloudpg/src/main/java/io/clouditor/graph/nodes/Database.kt
index efe560f..b45353c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/nodes/Database.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/nodes/Database.kt
@@ -1,19 +1,21 @@
 package io.clouditor.graph.nodes
 
+import de.fraunhofer.aisec.cpg.graph.Name
 import io.clouditor.graph.DatabaseService
 import io.clouditor.graph.DatabaseStorage
 
 fun DatabaseService.getStorageOrCreate(name: String, parentName: String? = null): DatabaseStorage {
-    var storage = this.storage.filterIsInstance<DatabaseStorage>().firstOrNull { it.name == name }
+    var storage =
+        this.storage.filterIsInstance<DatabaseStorage>().firstOrNull { it.name.localName == name }
 
     if (storage == null) {
         storage = DatabaseStorage(mutableListOf(), null, listOf(), this.geoLocation, mutableMapOf())
-        storage.name = name
+        storage.name = Name(name)
 
         // if the parent name was specified, try to look it up and set the parent(s)
         // TODO: why exactly is parents a list? FIX in the ontology?
         if (parentName != null) {
-            storage.parent = this.storage.filter { it.name == parentName }
+            storage.parent = this.storage.filter { it.name.localName == parentName }
         }
 
         this.storage.add(storage)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/nodes/Holder.kt b/cloudpg/src/main/java/io/clouditor/graph/nodes/Holder.kt
index adabde6..ca06e98 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/nodes/Holder.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/nodes/Holder.kt
@@ -1,6 +1,7 @@
 package io.clouditor.graph.nodes
 
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import io.clouditor.graph.*
 
@@ -19,11 +20,13 @@ class Holder(
 
 fun TranslationResult.location(locationName: String): GeoLocation {
     var location =
-        this.additionalNodes.firstOrNull { it is GeoLocation && it.name == locationName } as?
+        this.additionalNodes.firstOrNull {
+            it is GeoLocation && it.name.localName == locationName
+        } as?
             GeoLocation
     if (location == null) {
         location = GeoLocation(locationName)
-        location.name = location.region
+        location.name = Name(location.region)
 
         this += location
     }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/AnonLabel.kt b/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/AnonLabel.kt
index f112b2e..755a398 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/AnonLabel.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/AnonLabel.kt
@@ -8,13 +8,13 @@ class AnonLabel(labeledNode: Node) : Label(labeledNode) {
      * In the future on label will be used to label multiple nodes, with the purpose of havein one
      * unique label of the same type and properties.
      */
-    @field:Relationship(value = "ANONYMIZES", direction = "OUTGOING")
+    @field:Relationship(value = "ANONYMIZES", direction = Relationship.Direction.OUTGOING)
     var anonymizes: Label? =
         null // We can make this a list if we allow anonlabels to anonymize several
     // labels that are not mergeable between each other
 
     override fun areMergeable(l: Label): Boolean {
-        if (!(l::class == AnonLabel::class)) {
+        if (l::class != AnonLabel::class) {
             return false
         }
         (l as AnonLabel).anonymizes?.let {
@@ -28,7 +28,7 @@ class AnonLabel(labeledNode: Node) : Label(labeledNode) {
     }
 
     fun addAnonymize(l: Label) {
-        if (anonymizes?.labeledNodes?.isEmpty() ?: true) {
+        if (anonymizes?.labeledNodes?.isEmpty() != false) {
             anonymizes = l
         } else {
             anonymizes!!.mergeWith(l)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/Label.kt b/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/Label.kt
index b5e6cc7..d706081 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/Label.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/Label.kt
@@ -10,7 +10,7 @@ open class Label constructor(labeledNode: Node) : Node() {
      * In the future on label will be used to label multiple nodes, with the purpose of havein one
      * unique label of the same type and properties.
      */
-    @field:Relationship(value = "LABELEDNODE", direction = "OUTGOING")
+    @field:Relationship(value = "LABELEDNODE", direction = Relationship.Direction.OUTGOING)
     var labeledNodes: MutableList<Node> = mutableListOf(labeledNode)
 
     open fun areMergeable(l: Label): Boolean {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/PrivacyLabel.kt b/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/PrivacyLabel.kt
index cd7c00b..5549478 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/PrivacyLabel.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/nodes/labels/PrivacyLabel.kt
@@ -9,7 +9,8 @@ import org.neo4j.ogm.annotation.Relationship
  */
 class PrivacyLabel(labeledNode: Node) : DataLabel(labeledNode) {
 
-    @Relationship(value = "PROTECTION_LEVEL", direction = "OUTGOING") var protectionlevel: Int = 0
+    @Relationship(value = "PROTECTION_LEVEL", direction = Relationship.Direction.OUTGOING)
+    var protectionlevel: Int = 0
 
     override fun areMergeable(l: Label): Boolean {
         return l::class == PrivacyLabel::class &&
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt
index 1c6c663..61b6622 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt
@@ -16,15 +16,16 @@ import com.azure.resourcemanager.loganalytics.LogAnalyticsManager
 import com.azure.resourcemanager.loganalytics.models.Workspace
 import com.azure.resourcemanager.storage.models.PublicAccess
 import com.azure.resourcemanager.storage.models.StorageAccount
-import de.fraunhofer.aisec.cpg.ExperimentalGolang
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.ParamVariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.ValueDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
@@ -35,19 +36,19 @@ import kotlin.time.DurationUnit
 import kotlin.time.toDuration
 import kotlin.time.toJavaDuration
 
-class AzureClientSDKPass : Pass() {
-    override fun accept(t: TranslationResult) {
-        for (tu in t.translationUnits) {
-            val app = t.findApplicationByTU(tu)
+@Suppress("UNUSED_PARAMETER")
+class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+            val app = result.findApplicationByTU(tu)
 
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    /*fun visit(c: MemberCallExpression) {
-                        handleCall(t, tu, c)
-                    }*/
-                    fun visit(c: NewExpression) {
-                        handleNewClient(t, tu, c, app)
+                object : IVisitor<Node>() {
+                    fun visit(t: NewExpression) {
+                        handleNewClient(result, tu, t, app)
                     }
                 }
             )
@@ -61,7 +62,7 @@ class AzureClientSDKPass : Pass() {
         app: Application?
     ) {
         try {
-            if (c.type.name == "com.azure.storage.blob.BlobContainerClientBuilder") {
+            if (c.type.name.toString() == "com.azure.storage.blob.BlobContainerClientBuilder") {
                 // we need to follow the EOG until we have proper support for querying outgoing
                 // edges in the graph because
                 // we need to find call expressions which have the new expression as a base
@@ -72,15 +73,14 @@ class AzureClientSDKPass : Pass() {
                 var containerName: String
                 var url = ""
                 var client: ValueDeclaration? = null
-                var appendClient: ValueDeclaration
 
                 var eog: Node = c
 
                 var path =
                     eog.followEOG {
                         it.end is CallExpression &&
-                            it.end.name == "endpoint" &&
-                            (it.end as CallExpression).base == c
+                            it.end.name.localName == "endpoint" &&
+                            (it.end as MemberCallExpression).base == c
                     }
                 path?.let {
                     val call = it.last().end as CallExpression
@@ -94,7 +94,7 @@ class AzureClientSDKPass : Pass() {
                 path =
                     eog.followEOG {
                         it.end is CallExpression &&
-                            it.end.name ==
+                            it.end.name.localName ==
                                 "containerName" /*&& (it.end as CallExpression).base == c*/
                     }
                 path?.let {
@@ -109,7 +109,8 @@ class AzureClientSDKPass : Pass() {
                 path =
                     eog.followEOG {
                         it.end is CallExpression &&
-                            it.end.name == "buildClient" /*&& (it.end as CallExpression).base == c*/
+                            it.end.name.localName ==
+                                "buildClient" /*&& (it.end as CallExpression).base == c*/
                     }
                 path?.let {
                     val call = it.last().end as CallExpression
@@ -138,11 +139,12 @@ class AzureClientSDKPass : Pass() {
                     // AppendBlobClient
                     path =
                         eog.followEOG {
-                            it.end is CallExpression &&
-                                it.end.name == "getAppendBlobClient" &&
-                                (it.end as CallExpression).base is CallExpression &&
-                                (it.end as CallExpression).base.name == "getBlobClient" &&
-                                (((it.end as CallExpression).base as CallExpression).base as
+                            it.end is MemberCallExpression &&
+                                it.end.name.localName == "getAppendBlobClient" &&
+                                (it.end as MemberCallExpression).base is CallExpression &&
+                                (it.end as MemberCallExpression).base?.name?.localName ==
+                                    "getBlobClient" &&
+                                (((it.end as CallExpression).callee as MemberCallExpression).base as
                                         DeclaredReferenceExpression)
                                     .refersTo == client
                         }
@@ -194,23 +196,23 @@ class AzureClientSDKPass : Pass() {
         storage: ObjectStorage,
         app: Application?
     ) {
-        if (c.name == "create") {
+        if (c.name.localName == "create") {
             println("We got an interesting call: create")
 
             val request = ObjectStorageRequest(c, listOf(storage), "create")
             request.addNextDFG(storage)
-            request.name = request.type
+            request.name = Name(request.type, null)
 
             t += request
 
             app?.functionalities?.plusAssign(request)
-        } else if (c.name == "appendBlock") {
+        } else if (c.name.localName == "appendBlock") {
             println("We got an interesting call: appendBlock")
 
             // create an object storage request
             val request = ObjectStorageRequest(c, listOf(storage), "append")
             request.addNextDFG(storage)
-            request.name = request.type
+            request.name = Name(request.type, null)
 
             t += request
 
@@ -232,7 +234,7 @@ class AzureClientSDKPass : Pass() {
             val s = sRef.refersTo as ParamVariableDeclaration
 
             // follow
-            val param = s.followDFGReverse { it.second.name == "password" }
+            val param = s.followDFGReverse { it.second.name.localName == "password" }
 
             if (param?.isEmpty() == false) {
                 println("Dude, you are probably leaking a password.")
@@ -241,10 +243,9 @@ class AzureClientSDKPass : Pass() {
     }
 }
 
-class AzurePass : CloudResourceDiscoveryPass() {
+class AzurePass(ctx: TranslationContext) : CloudResourceDiscoveryPass(ctx) {
     override fun cleanup() {}
 
-    @OptIn(ExperimentalGolang::class)
     override fun accept(t: TranslationResult) {
         val profile = AzureProfile(AzureEnvironment.AZURE)
         val credential: TokenCredential =
@@ -287,7 +288,7 @@ class AzurePass : CloudResourceDiscoveryPass() {
                     val storage =
                         t.additionalNodes.filterIsInstance<ObjectStorage>().firstOrNull {
                             // TODO:  unique names
-                            it.name == "am-containerlog"
+                            it.name.localName == "am-containerlog"
                         }
 
                     // model data export as ObjectStorageRequest
@@ -296,7 +297,7 @@ class AzurePass : CloudResourceDiscoveryPass() {
 
                     // add DFG from the source to the sink
                     request.to.forEach { request.source.nextDFG.add(it) }
-                    request.name = request.type
+                    request.name = Name(request.type, null)
 
                     t += request
                 }
@@ -314,10 +315,9 @@ class AzurePass : CloudResourceDiscoveryPass() {
                 val compute = handleVirtualMachine(t, vm)
 
                 // look for the image tag to connect services
-                val name = vm.tags().getOrDefault("image", null)
-
-                val image = t.getImageByName(name)
 
+                // val name = vm.tags().getOrDefault("image", null)
+                // val image = t.getImageByName(name)
                 // image?.implements?.forEach { it.deployedOn.add(compute) }
                 t.computes += compute
             }
@@ -352,7 +352,7 @@ class AzurePass : CloudResourceDiscoveryPass() {
                 workspace.retentionInDays().toDuration(DurationUnit.DAYS).toJavaDuration(),
                 loggingServices
             )
-        logging.name = workspace.name()
+        logging.name = Name(workspace.name(), null)
 
         return logging
     }
@@ -374,7 +374,7 @@ class AzurePass : CloudResourceDiscoveryPass() {
 
                 log =
                     t.additionalNodes.filterIsInstance(ResourceLogging::class.java).firstOrNull {
-                        it.name == shortName
+                        it.name.localName == shortName
                     }
             }
         }
@@ -453,7 +453,7 @@ class AzurePass : CloudResourceDiscoveryPass() {
         // loop through the containers (for our use case this is ok, for larger ones, probably not)
         val paged =
             azure.storageBlobContainers().listAsync(account.resourceGroupName(), account.name())
-        for (blob in paged.collectList().block()) {
+        for (blob in paged.collectList().block() ?: listOf()) {
 
             // TODO: also include other endpoints
 
@@ -461,15 +461,12 @@ class AzurePass : CloudResourceDiscoveryPass() {
             // accepts more methods
             // TODO: make methods an array?
 
-            val auth =
-                if (blob.publicAccess() == PublicAccess.NONE) {
-                    SingleSignOn(
-                        true
-                    ) // this is closest to how auth works in Azure. TokenBased would
-                    // be better
-                } else {
-                    NoAuthentication()
-                }
+            if (blob.publicAccess() == PublicAccess.NONE) {
+                SingleSignOn(true) // this is closest to how auth works in Azure. TokenBased would
+                // be better
+            } else {
+                NoAuthentication()
+            }
 
             // at rest seems to be default anyway now
             val storage =
@@ -480,7 +477,7 @@ class AzurePass : CloudResourceDiscoveryPass() {
                     t.locationForRegion(account.region()),
                     mapOf()
                 )
-            storage.name = blob.name()
+            storage.name = Name(blob.name(), null)
 
             storageList += storage
         }
@@ -507,7 +504,7 @@ class AzurePass : CloudResourceDiscoveryPass() {
 
         val block =
             BlockStorage(null, mutableListOf(atRest), t.locationForRegion(disk.region()), mapOf())
-        block.name = disk.name()
+        block.name = Name(disk.name(), null)
 
         return block
     }
@@ -527,7 +524,7 @@ class AzurePass : CloudResourceDiscoveryPass() {
                 t.locationForRegion(vm.region()),
                 mapOf()
             )
-        compute.name = vm.name()
+        compute.name = Name(vm.name(), null)
         compute.labels = mapOf<String, String>()
 
         return compute
@@ -535,9 +532,10 @@ class AzurePass : CloudResourceDiscoveryPass() {
 }
 
 fun TranslationResult.getImageByName(name: String?): Image? {
-    return this.images.firstOrNull { it.name == name }
+    return this.images.firstOrNull { it.name.localName == name }
 }
 
+@Suppress("UNUSED_PARAMETER")
 fun TranslationResult.getObjectStorageByUrl(url: String?): ObjectStorage? {
     //    return this.additionalNodes.firstOrNull {
     //        // TODO(all): How to check that?
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/BidirectionalEdgesCachePass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/BidirectionalEdgesCachePass.kt
index ae0d029..1a4e3f3 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/BidirectionalEdgesCachePass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/BidirectionalEdgesCachePass.kt
@@ -1,23 +1,25 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.ConstructExpression
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 
-class BidirectionalEdgesCachePass : Pass() {
+class BidirectionalEdgesCachePass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     enum class EdgeLabel {
         INSTANTIATES
     }
 
-    val predicatesToHandle: MutableMap<(Node) -> Boolean, Pair<EdgeLabel, (Node) -> List<Node>>> =
+    private val predicatesToHandle:
+        MutableMap<(Node) -> Boolean, Pair<EdgeLabel, (Node) -> List<Node>>> =
         mutableMapOf()
 
-    val outgoingEdgesCache: MutableMap<Node, MutableMap<EdgeLabel, MutableList<Node>>> =
+    private val outgoingEdgesCache: MutableMap<Node, MutableMap<EdgeLabel, MutableList<Node>>> =
         mutableMapOf()
-    val incomingEdgesCache: MutableMap<Node, MutableMap<EdgeLabel, MutableList<Node>>> =
+    private val incomingEdgesCache: MutableMap<Node, MutableMap<EdgeLabel, MutableList<Node>>> =
         mutableMapOf()
 
     override fun accept(t: TranslationResult) {
@@ -27,24 +29,20 @@ class BidirectionalEdgesCachePass : Pass() {
         // Register default extractor that gets Label from Annotation
         predicatesToHandle.put(
             { node -> node is ConstructExpression },
-            Pair(
-                EdgeLabel.INSTANTIATES,
-                { node: Node ->
-                    (node as ConstructExpression).instantiates?.let { listOf(it) }
-                        ?: emptyList<Node>()
-                }
-            )
+            Pair(EdgeLabel.INSTANTIATES) { node: Node ->
+                (node as ConstructExpression).instantiates?.let { listOf(it) } ?: emptyList<Node>()
+            }
         )
 
         nodes.forEach { node: Node ->
-            predicatesToHandle.forEach { predicate, pair ->
+            predicatesToHandle.forEach { (predicate, pair) ->
                 val targets: List<Node> =
                     if (predicate(node)) {
                         pair.second(node)
                     } else {
                         emptyList<Node>()
                     }
-                if (!targets.isEmpty()) {
+                if (targets.isNotEmpty()) {
                     if (!outgoingEdgesCache.containsKey(node))
                         outgoingEdgesCache[node] = mutableMapOf<EdgeLabel, MutableList<Node>>()
 
@@ -65,11 +63,11 @@ class BidirectionalEdgesCachePass : Pass() {
     }
 
     fun getEdgeTargetOf(source: Node, edgeLabel: EdgeLabel): List<Node>? {
-        return incomingEdgesCache.get(source)?.get(edgeLabel)
+        return incomingEdgesCache[source]?.get(edgeLabel)
     }
 
     fun getEdgeSourceOf(target: Node, edgeLabel: EdgeLabel): List<Node>? {
-        return outgoingEdgesCache.get(target)?.get(edgeLabel)
+        return outgoingEdgesCache[target]?.get(edgeLabel)
     }
 
     override fun cleanup() {}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/CloudResourceDiscoveryPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/CloudResourceDiscoveryPass.kt
index 85c9c9b..9e5e305 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/CloudResourceDiscoveryPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/CloudResourceDiscoveryPass.kt
@@ -1,5 +1,6 @@
 package io.clouditor.graph.passes
 
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.TranslationContext
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 
-abstract class CloudResourceDiscoveryPass : Pass() {}
+abstract class CloudResourceDiscoveryPass(ctx: TranslationContext) : TranslationResultPass(ctx) {}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index 0cad262..8e86651 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -1,5 +1,6 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.HasType
 import de.fraunhofer.aisec.cpg.graph.declarations.FieldDeclaration
@@ -9,7 +10,7 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression
 import de.fraunhofer.aisec.cpg.graph.types.ObjectType
 import de.fraunhofer.aisec.cpg.graph.types.Type
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.plusAssign
 import java.util.*
 
@@ -19,7 +20,7 @@ import java.util.*
  * expression. Normally no data flows from the base to the member expression. FOr this use case,
  * however, the mere usage of a base causes labels to be relevant for the member expression.
  */
-class DFGExtensionPass : Pass() {
+class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun accept(t: TranslationResult) {
         // loop through services
@@ -27,7 +28,9 @@ class DFGExtensionPass : Pass() {
         val memberExpressions = nodes.filterIsInstance<MemberExpression>()
 
         val stringifyFunctions =
-            nodes.filterIsInstance<CallExpression>().filter { node -> node.name == "stringify" }
+            nodes.filterIsInstance<CallExpression>().filter { node ->
+                node.name.localName == "stringify"
+            }
         // val stringFunctions: List<CallExpression>  =
         // nodes.filterIsInstance<CallExpression>().filter { node -> node.name == "stringify" ||
         // node.name == "toString" }
@@ -49,25 +52,27 @@ class DFGExtensionPass : Pass() {
      * unpacking operations although there is no explicit data flow through the key Value expression
      * to for example an InitializerListExpression
      */
-    fun connectDFGValuesToKeyValueExpression(keyValueExpressions: List<KeyValueExpression>) {
+    private fun connectDFGValuesToKeyValueExpression(
+        keyValueExpressions: List<KeyValueExpression>
+    ) {
         keyValueExpressions.forEach {
             val keyValueExpression: KeyValueExpression = it
             it.value?.let { keyValueExpression.addPrevDFG(it) }
         }
     }
 
-    fun redirectDFGThroughFunctionCall(call: CallExpression) {
+    private fun redirectDFGThroughFunctionCall(call: CallExpression) {
         call.arguments.forEach { call.addPrevDFG(it) }
     }
 
-    fun drawDFGEgesFromNestedFields(call: CallExpression) {
-        call.arguments.forEach {
-            var nestedFields: MutableSet<FieldDeclaration> = getNestedFields(it)
+    private fun drawDFGEgesFromNestedFields(call: CallExpression) {
+        call.arguments.forEach { it ->
+            val nestedFields: MutableSet<FieldDeclaration> = getNestedFields(it)
             nestedFields.forEach { call.addPrevDFG(it) }
         }
     }
 
-    fun dereferenceToObjectType(originalType: Type): ObjectType? {
+    private fun dereferenceToObjectType(originalType: Type): ObjectType? {
         var type: Type = originalType
         var derefType: Type = type.dereference()
         while (!Objects.equals(type, derefType) || type is ObjectType) {
@@ -75,19 +80,19 @@ class DFGExtensionPass : Pass() {
             derefType = type.dereference()
             type = tmp
         }
-
-        return (type as? ObjectType) ?: null
+        // FIXME: always null
+        return type as? ObjectType
     }
 
-    fun getNestedFields(
+    private fun getNestedFields(
         node: HasType,
         visitedfields: MutableSet<FieldDeclaration> = mutableSetOf()
     ): MutableSet<FieldDeclaration> {
         var fields: MutableSet<FieldDeclaration> = mutableSetOf()
-        node.possibleSubTypes.map {
+        node.possibleSubTypes.map { it ->
             val oType: ObjectType? = dereferenceToObjectType(it)
             oType?.let {
-                fields = it.recordDeclaration.fields.toMutableSet()
+                fields = it.recordDeclaration!!.fields.toMutableSet()
                 if (!visitedfields.addAll(fields)) {
                     return visitedfields
                 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
index ee08ad1..f429917 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
@@ -1,14 +1,15 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.DeclaredReferenceExpression
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.*
 
-abstract class DatabaseOperationPass : Pass() {
+abstract class DatabaseOperationPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     /**
      * Creates a new [DatabaseConnect]. This also takes care of adding the query to the
@@ -64,7 +65,7 @@ abstract class DatabaseOperationPass : Pass() {
         log.info("Looking for databases hosted at {}", host)
 
         return t.additionalNodes.filterIsInstance(DatabaseService::class.java).filter {
-            it.name == host
+            it.name.toString() == host
         }
     }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/GitHubWorkflowPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/GitHubWorkflowPass.kt
index 3645a2a..60dfbdf 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/GitHubWorkflowPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/GitHubWorkflowPass.kt
@@ -2,15 +2,17 @@ package io.clouditor.graph.passes
 
 import com.fasterxml.jackson.databind.ObjectMapper
 import com.fasterxml.jackson.dataformat.yaml.YAMLFactory
+import com.fasterxml.jackson.module.kotlin.KotlinFeature
 import com.fasterxml.jackson.module.kotlin.KotlinModule
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.App
 import io.clouditor.graph.github.Workflow
 import io.clouditor.graph.github.WorkflowHandler
 import java.nio.file.Files
 
-class GitHubWorkflowPass : Pass() {
+class GitHubWorkflowPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     override fun cleanup() {}
 
     override fun accept(t: TranslationResult) {
@@ -22,7 +24,16 @@ class GitHubWorkflowPass : Pass() {
             workflowPath.toFile().walkTopDown().iterator().forEach { file ->
                 if (file.extension == "yml") {
                     val mapper = ObjectMapper(YAMLFactory())
-                    mapper.registerModule(KotlinModule())
+                    mapper.registerModule(
+                        KotlinModule.Builder()
+                            .withReflectionCacheSize(512)
+                            .configure(KotlinFeature.NullToEmptyCollection, false)
+                            .configure(KotlinFeature.NullToEmptyMap, false)
+                            .configure(KotlinFeature.NullIsSameAsDefault, false)
+                            .configure(KotlinFeature.SingletonSupport, false)
+                            .configure(KotlinFeature.StrictNullChecks, false)
+                            .build()
+                    )
 
                     Files.newBufferedReader(file.toPath()).use {
                         val workflow = mapper.readValue(it, Workflow::class.java)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
index c957832..d569847 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
@@ -1,5 +1,6 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
@@ -14,30 +15,33 @@ import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.getStorageOrCreate
 
-class GormDatabasePass : DatabaseOperationPass() {
-    override fun accept(t: TranslationResult) {
-        for (tu in t.translationUnits) {
-            val app = t.findApplicationByTU(tu)
+@Suppress("UNUSED_PARAMETER")
+class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+            val app = result.findApplicationByTU(tu)
 
             // we need to find the connect first
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(call: CallExpression) {
-                        findConnect(t, tu, call, app)
+                object : IVisitor<Node>() {
+                    fun visit(t: CallExpression) {
+                        findConnect(result, tu, t, app)
                     }
                 }
             )
         }
 
-        for (tu in t.translationUnits) {
-            val app = t.findApplicationByTU(tu)
+        for (tu in translationUnits) {
+            val app = result.findApplicationByTU(tu)
 
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(call: MemberCallExpression) {
-                        findQuery(t, tu, call, app)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        findQuery(result, tu, t, app)
                     }
                 }
             )
@@ -50,7 +54,7 @@ class GormDatabasePass : DatabaseOperationPass() {
         call: CallExpression,
         app: Application?
     ) {
-        if (call.fqn == "postgres.Open") {
+        if (call.name.toString() == "postgres.Open") {
             call.arguments.firstOrNull()?.let { expr ->
                 val dsn = resolveDSN(expr, app) as? String
 
@@ -61,7 +65,6 @@ class GormDatabasePass : DatabaseOperationPass() {
                     }
 
                 val host = map?.get("host")
-                var port = map?.get("port")?.toShortOrNull() ?: 5432
 
                 if (host != null) {
                     createDatabaseConnect(result, host, call, app)
@@ -77,10 +80,11 @@ class GormDatabasePass : DatabaseOperationPass() {
         app: Application?
     ) {
         // it can either be a direct call, without any chained selectors, such as Where
-        val directCall = call.base.type is PointerType && call.base.type.name == "gorm.DB*"
+        val directCall =
+            call.base?.type is PointerType && call.base?.type?.name?.localName == "gorm.DB*"
 
         // make sure, the base call is really to a gorm DB object
-        if (call.name == "First" || call.name == "Find") {
+        if (call.name.localName == "First" || call.name.localName == "Find") {
             val calls = mutableListOf<CallExpression>(call)
 
             if (!directCall) {
@@ -94,8 +98,8 @@ class GormDatabasePass : DatabaseOperationPass() {
                     calls += memberCall
 
                     // check, if its base is already of our database type
-                    if (memberCall.base.type is PointerType &&
-                            memberCall.base.type.name == "gorm.DB*"
+                    if (memberCall.base?.type is PointerType &&
+                            memberCall.base!!.type.name.localName == "gorm.DB*"
                     ) {
                         // found it, yay!
                         found = true
@@ -121,7 +125,7 @@ class GormDatabasePass : DatabaseOperationPass() {
 
                     // loop through the calls and set DFG edges
                     calls.forEach {
-                        when (it.name) {
+                        when (it.name.localName) {
                             "First" -> handleFirst(it, op)
                             "Where" -> handleWhere(it, op)
                             "Find" -> handleFind(it, op)
@@ -134,7 +138,7 @@ class GormDatabasePass : DatabaseOperationPass() {
             if (op != null) {
                 op.location = call.location
             }
-        } else if (call.name == "Create") {
+        } else if (call.name.localName == "Create") {
             val op =
                 app?.functionalities?.filterIsInstance<DatabaseConnect>()?.firstOrNull()?.let {
                     val op =
@@ -155,7 +159,7 @@ class GormDatabasePass : DatabaseOperationPass() {
             if (op != null) {
                 op.location = call.location
             }
-        } else if (call.name == "Update") {
+        } else if (call.name.localName == "Update") {
             val op =
                 app?.functionalities?.filterIsInstance<DatabaseConnect>()?.firstOrNull()?.let {
                     val op =
@@ -229,7 +233,7 @@ class GormDatabasePass : DatabaseOperationPass() {
 
     private fun handleCreate(call: CallExpression, op: DatabaseQuery) {
         // create should have one argument, that specifies the object which is stored
-        var target = call.arguments.firstOrNull()
+        val target = call.arguments.firstOrNull()
 
         // add a DFG edge towards our target
         if (target != null) {
@@ -245,11 +249,11 @@ class GormDatabasePass : DatabaseOperationPass() {
         }
     }
 
-    private fun handleUpdate(call: CallExpression, op: DatabaseQuery) {
+    private fun handleUpdate(call: MemberCallExpression, op: DatabaseQuery) {
         var target = call.arguments.firstOrNull()
         // for update calls, a model condition may be specified which has the actual target
-        if (call.base.name == "Model") {
-            target = (call.base as CallExpression).arguments.first()
+        if (call.base?.name?.localName == "Model") {
+            target = (call.callee as CallExpression).arguments.first()
         }
 
         // add a DFG edge towards our target
@@ -268,10 +272,7 @@ class GormDatabasePass : DatabaseOperationPass() {
     }
 
     private fun deriveName(type: Type): String {
-        // short name
-        val shortName = type.name.substringAfterLast(".").substringBefore("*")
-
-        return shortName.toLowerCase() + "s"
+        return type.name.localName
     }
 
     override fun cleanup() {}
@@ -288,7 +289,7 @@ class GormDatabasePass : DatabaseOperationPass() {
                 when (node) {
                     is CallExpression -> {
                         // support for some special calls, i.e. format
-                        if (node.name == "Sprintf") {
+                        if (node.name.localName == "Sprintf") {
                             val str = resolver.resolve(node.arguments.firstOrNull()) as String
                             val arguments = node.arguments.drop(1)
 
@@ -299,7 +300,7 @@ class GormDatabasePass : DatabaseOperationPass() {
 
                         // a little bit of a hack, this is specific to our use case, since the
                         // stdlib doesnt have that built-in
-                        if (node.name == "EnvOrDefault") {
+                        if (node.name.localName == "EnvOrDefault") {
                             // environment lookup on python
                             val key = resolver.resolve(node.arguments.firstOrNull())
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
index 4b9a016..429ba3b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
@@ -1,11 +1,13 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.*
 
-abstract class HttpClientPass : Pass() {
+abstract class HttpClientPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     protected fun createHttpRequest(
         t: TranslationResult,
@@ -15,9 +17,12 @@ abstract class HttpClientPass : Pass() {
         body: Expression?,
         app: Application?
     ): HttpRequest {
+        // FIXME (TODO): url = null!
+        // FIXME: body.refersTo = null! (DeclaredReferenceExpression) ä
+        //      -> named argument "json = personal_data"
         val endpoints = getEndpointsForUrl(t, url, method)
         val request = HttpRequest(call, body, endpoints)
-        request.name = method
+        request.name = Name(method)
         request.location = call.location
 
         endpoints.forEach { request.addNextDFG(it) }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt
index 7267b6b..ea24a21 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt
@@ -1,21 +1,23 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.statements.CompoundStatement
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.HttpEndpoint
-import io.clouditor.graph.additionalNodes
 
-class HttpStatusCodesPass : Pass() {
+class HttpStatusCodesPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {}
 
-    override fun accept(result: TranslationResult?) {
+    override fun accept(result: TranslationResult) {
 
-        result?.additionalNodes?.filterIsInstance(HttpEndpoint::class.java)?.forEach {
+        result.additionalNodes.filterIsInstance(HttpEndpoint::class.java).forEach {
             (it.handler?.body as CompoundStatement).statements.forEach {
-                if (it is ReturnStatement) {}
+                if (it is ReturnStatement) {
+                    // FIXME I think this is missing something
+                }
             }
         }
     }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/IngressInvocationPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/IngressInvocationPass.kt
index 7f0b913..e7bce0f 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/IngressInvocationPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/IngressInvocationPass.kt
@@ -1,11 +1,12 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.golang.appendPath
 
-class IngressInvocationPass : Pass() {
+class IngressInvocationPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     override fun accept(t: TranslationResult) {
         // loop through services
         val services = t.additionalNodes.filterIsInstance(NetworkService::class.java)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/KubernetesPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/KubernetesPass.kt
index 7d96f40..d974a7d 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/KubernetesPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/KubernetesPass.kt
@@ -1,8 +1,9 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import io.clouditor.graph.*
-import io.clouditor.graph.nodes.isInSelector
 import io.kubernetes.client.openapi.ApiClient
 import io.kubernetes.client.openapi.Configuration
 import io.kubernetes.client.openapi.apis.CoreV1Api
@@ -13,13 +14,10 @@ import io.kubernetes.client.openapi.models.V1Service
 import io.kubernetes.client.util.ClientBuilder
 import io.kubernetes.client.util.KubeConfig
 import java.io.FileReader
-import java.util.*
 import kotlin.collections.ArrayList
 import kotlin.collections.HashMap
 import kotlin.collections.List
-import kotlin.collections.Map
 import kotlin.collections.emptyList
-import kotlin.collections.filter
 import kotlin.collections.filterIsInstance
 import kotlin.collections.first
 import kotlin.collections.firstOrNull
@@ -32,7 +30,8 @@ import kotlin.collections.plusAssign
 import kotlin.collections.toCollection
 import kotlin.collections.toMap
 
-class KubernetesPass : CloudResourceDiscoveryPass() {
+@Suppress("UNUSED_PARAMETER")
+class KubernetesPass(ctx: TranslationContext) : CloudResourceDiscoveryPass(ctx) {
 
     override fun cleanup() {}
 
@@ -109,14 +108,14 @@ class KubernetesPass : CloudResourceDiscoveryPass() {
                 val container =
                     t.computes.filterIsInstance(Container::class.java).firstOrNull {
                         // not sure why/when there are more addresses
-                        it.name == subset.addresses?.get(0)?.targetRef?.name
+                        it.name.localName == subset.addresses?.get(0)?.targetRef?.name
                     }
 
                 // look for the service
                 val service =
                     t.additionalNodes.filterIsInstance(NetworkService::class.java).firstOrNull() {
                         // not sure if the name is really unique, probably need the namespace later
-                        it.name == item.metadata?.name
+                        it.name.localName == item.metadata?.name
                     }
 
                 // some quick and dirty database heuristics
@@ -148,7 +147,7 @@ class KubernetesPass : CloudResourceDiscoveryPass() {
     }
 
     private fun heuristics(service: NetworkService?, container: Container?, t: TranslationResult) {
-        if (service?.name == "postgres") {
+        if (service?.name?.localName == "postgres") {
             val db =
                 RelationalDatabaseService(
                     mutableListOf<Storage>(),
@@ -164,7 +163,7 @@ class KubernetesPass : CloudResourceDiscoveryPass() {
             t += db
         }
 
-        if (service?.name == "mongo") {
+        if (service?.name?.localName == "mongo") {
             val db =
                 DocumentDatabaseService(
                     mutableListOf<Storage>(),
@@ -192,7 +191,7 @@ class KubernetesPass : CloudResourceDiscoveryPass() {
         val image: Image =
             t.getImageByName(name)
                 ?: Image(null, null, mapOf()).let {
-                    name?.let { n -> it.name = n }
+                    name?.let { n -> it.name = Name(n) }
                     t += it
                     it
                 }
@@ -205,7 +204,7 @@ class KubernetesPass : CloudResourceDiscoveryPass() {
                         cluster?.geoLocation ?: GeoLocation("Europe"),
                         meta.labels?.toMap(HashMap())
                     )
-                c.name = meta.name ?: ""
+                c.name = Name(meta.name ?: "")
 
                 // add env to labels with env_ prefix
                 pod.spec?.containers?.first()?.env?.forEach {
@@ -250,7 +249,7 @@ class KubernetesPass : CloudResourceDiscoveryPass() {
                     mapOf()
                 )
             service.metadata?.name?.let {
-                node.name = it
+                node.name = Name(it)
 
                 // also add the name as IP / host
                 node.ips.add(it)
@@ -274,7 +273,7 @@ class KubernetesPass : CloudResourceDiscoveryPass() {
                 // look for the service (TODO: add namespace to filter)
                 val service =
                     t.additionalNodes.filterIsInstance(NetworkService::class.java).firstOrNull {
-                        it.name == path.backend?.serviceName
+                        it.name.localName == path.backend?.serviceName
                     }
 
                 val hasTLS = ingress.spec?.tls?.isEmpty() ?: false
@@ -310,13 +309,4 @@ class KubernetesPass : CloudResourceDiscoveryPass() {
 
         return list
     }
-
-    private fun selectContainers(
-        t: TranslationResult,
-        selector: Map<String, String>
-    ): List<Container> {
-        return t.computes.filter { it is Container && it.isInSelector(selector) }.map {
-            it as Container
-        }
-    }
 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index ff4cf44..c6013ae 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -1,28 +1,29 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Annotation
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.Declaration
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.RecordDeclaration
+import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.DeclarationStatement
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
-import de.fraunhofer.aisec.cpg.passes.Pass
-import io.clouditor.graph.additionalNodes
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.nodes.labels.*
 import io.clouditor.graph.plusAssign
 import java.util.function.Consumer
 import java.util.function.Predicate
 import java.util.stream.Collectors
 
-class LabelExtractionPass : Pass() {
+class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
-    val predicatesToHandle: MutableMap<Predicate<Node>, Consumer<Node>> = mutableMapOf()
+    private val predicatesToHandle: MutableMap<Predicate<Node>, Consumer<Node>> = mutableMapOf()
 
-    var edgesCachePass: BidirectionalEdgesCachePass? = null
+    private var edgesCachePass: BidirectionalEdgesCachePass = BidirectionalEdgesCachePass(ctx)
 
     init {
         // Todo Here you can add other predicates to add labels
@@ -97,7 +98,7 @@ class LabelExtractionPass : Pass() {
     private fun handleAnnotations(t: TranslationResult, annotationParent: Node) {
         annotationParent.annotations.forEach {
             var label: Label? = null
-            when (it.name) {
+            when (it.name.localName) {
                 "PrivacyLabel" -> label = handlePrivacyLabelAnnotation(annotationParent, it)
                 "Identifier" -> label = labelCreationDispatcher<Identifier>(annotationParent)
                 "PseudoIdentifier" ->
@@ -113,7 +114,7 @@ class LabelExtractionPass : Pass() {
     }
 
     inline fun <reified T : Label> anonLabelCreationDispatcher(node: Node): AnonLabel {
-        var anonLabel = labelCreationDispatcher<AnonLabel>(node)
+        val anonLabel = labelCreationDispatcher<AnonLabel>(node)
         val anonymizedDummyLabel = initLabel<T>(node)
         anonymizedDummyLabel.labeledNodes.clear() // To mark it as Dummy
 
@@ -128,7 +129,7 @@ class LabelExtractionPass : Pass() {
      * Sub-AST
      */
     private fun handleComment(t: TranslationResult, nodeWComment: Node) {
-        var regexes =
+        val regexes =
             mutableMapOf(
                 Regex("@Identifier($|\\s)") to
                     { node, _ ->
@@ -152,10 +153,10 @@ class LabelExtractionPass : Pass() {
                     this::handleAnonPrivacyLabelComments,
             )
 
-        regexes.entries.forEach {
+        regexes.entries.forEach { it ->
             val matches = it.key.findAll(nodeWComment.comment!!)
             if (matches.toList().isNotEmpty()) {
-                var labels = it.value(nodeWComment, matches)
+                val labels = it.value(nodeWComment, matches)
                 labels.forEach {
                     t += it // Adding Labels to the supplementary nodes of a translation unit
                 }
@@ -163,8 +164,10 @@ class LabelExtractionPass : Pass() {
         }
     }
 
-    inline fun <reified T : Label> anonCommentLabelCreationDispatcher(node: Node): List<AnonLabel> {
-        var anonLabel = labelCreationDispatcher<AnonLabel>(node)
+    private inline fun <reified T : Label> anonCommentLabelCreationDispatcher(
+        node: Node
+    ): List<AnonLabel> {
+        val anonLabel = labelCreationDispatcher<AnonLabel>(node)
         val anonymizedDummyLabel = initLabel<T>(node)
         anonymizedDummyLabel.labeledNodes.clear() // To mark it as Dummy
 
@@ -176,7 +179,7 @@ class LabelExtractionPass : Pass() {
         node: Node,
         matches: Sequence<MatchResult>
     ): List<Label> {
-        var labels: MutableList<Label> = mutableListOf()
+        val labels: MutableList<Label> = mutableListOf()
         matches.forEach {
             val thisLevel: Int? = it.destructured.toList().first().toIntOrNull()
             thisLevel?.let {
@@ -197,7 +200,7 @@ class LabelExtractionPass : Pass() {
         node: Node,
         matches: Sequence<MatchResult>
     ): List<Label> {
-        var labels: MutableList<Label> = mutableListOf()
+        val labels: MutableList<Label> = mutableListOf()
         matches.forEach {
             val thisLevel: Int? = it.destructured.toList().first().toIntOrNull()
             thisLevel?.let {
@@ -213,20 +216,20 @@ class LabelExtractionPass : Pass() {
         annotationParent: Node,
         annotation: Annotation
     ): Label? {
-        val values: MutableList<Expression> =
+        val values: MutableList<Expression?> =
             annotation
                 .members
-                .filter { member -> member.name == "level" }
-                .map { member -> member.value }
+                .filter { member -> member.name.localName == "level" }
+                .mapNotNull { member -> member.value }
                 .toMutableList()
         // This is to handle annotation that don't use named attributes, e.g. decorators in
         // TypeScript that are
         // more of meta calls to functions
-        if (values.isEmpty() && !annotation.members.isEmpty()) {
-            values.add(annotation.members.get(0).value)
+        if (values.isEmpty() && annotation.members.isNotEmpty()) {
+            annotation.members.getOrNull(0)?.value?.let { values.add(it) }
         }
-        if (!values.isEmpty()) {
-            val param: Node? = values.get(0) as? Node
+        if (values.isNotEmpty()) {
+            val param: Node? = values.getOrNull(0)
             param?.let {
                 val label = labelCreationDispatcher<PrivacyLabel>(annotationParent)
 
@@ -241,20 +244,20 @@ class LabelExtractionPass : Pass() {
         annotationParent: Node,
         annotation: Annotation
     ): Label? {
-        val values: MutableList<Expression> =
+        val values: MutableList<Expression?> =
             annotation
                 .members
-                .filter { member -> member.name == "level" }
-                .map { member -> member.value }
+                .filter { member -> member.name.localName == "level" }
+                .mapNotNull { member -> member.value }
                 .toMutableList()
         // This is to handle annotation that don't use named attributes, e.g. decorators in
         // TypeScript that are
         // more of meta calls to functions
-        if (values.isEmpty() && !annotation.members.isEmpty()) {
-            values.add(annotation.members.get(0).value)
+        if (values.isEmpty() && annotation.members.isNotEmpty()) {
+            annotation.members.getOrNull(0)?.value?.let { values.add(it) }
         }
-        if (!values.isEmpty()) {
-            val param: Node? = values.get(0) as? Node
+        if (values.isNotEmpty()) {
+            val param: Node? = values.getOrNull(0)
             param?.let {
                 val label: AnonLabel = labelCreationDispatcher<AnonLabel>(annotationParent)
                 val anonymizedDummyLabel = initLabel<PrivacyLabel>(annotationParent)
@@ -270,7 +273,7 @@ class LabelExtractionPass : Pass() {
     }
 
     inline fun <reified T : Label> labelCreationDispatcher(node: Node): T {
-        var label: T = initLabel<T>(node)
+        val label: T = initLabel<T>(node)
         when (node) {
             is FunctionDeclaration -> {
                 addLabelToDFGBorderEdges(node, label)
@@ -284,7 +287,13 @@ class LabelExtractionPass : Pass() {
                 addLabelToInstantiations(node, label)
             }
             is DeclarationStatement -> {
-                addLabelToDFGBorderEdges(node, label)
+                // To connect to all border edges, we first need to iterate through all declared
+                // variables and find their USAGEs
+                val usages =
+                    node.declarations.filterIsInstance<VariableDeclaration>().flatMap {
+                        it.usageEdges
+                    }
+                usages.forEach { addLabelToDFGBorderEdges(it.end, label) }
             }
             else -> {
                 addLabelToDFGBorderEdges(node, label)
@@ -299,15 +308,14 @@ class LabelExtractionPass : Pass() {
      * have an outgoing DFG-edge to another node not in the annotated nodes Sub-AST.
      */
     inline fun <reified T : Label> addLabelToAnnotatedNode(n: Node): T {
-        var label: T = T::class.constructors.first().call(n)
+        val label: T = T::class.constructors.first().call(n)
         label.labeledNodes.add(n)
         return label
     }
 
     /** Adds a newly created Label to the DFG-Border nodes, */
     fun addLabelToDFGBorderEdges(n: Node, label: Label) {
-
-        var dfgExitNodes: MutableList<Node> = getDFGPathEdges(n)!!.exits
+        val dfgExitNodes: MutableList<Node> = getDFGPathEdges(n)!!.exits
 
         label.labeledNodes.addAll(dfgExitNodes)
     }
@@ -318,7 +326,7 @@ class LabelExtractionPass : Pass() {
      */
     fun addLabelToInstantiations(n: Node, label: Label) {
         if (n is Declaration) {
-            edgesCachePass?.getEdgeSourceOf(n, BidirectionalEdgesCachePass.EdgeLabel.INSTANTIATES)
+            edgesCachePass.getEdgeSourceOf(n, BidirectionalEdgesCachePass.EdgeLabel.INSTANTIATES)
                 ?.forEach { addLabelToDFGBorderEdges(it, label) }
         }
     }
@@ -346,13 +354,13 @@ class LabelExtractionPass : Pass() {
      * - root of the subgraph.
      * @return Two lists, list 1 contains all dfg entries and list 2 contains all exits.
      */
-    fun getDFGPathEdges(n: Node?): SubgraphWalker.Border? {
-        var border = SubgraphWalker.Border()
-        var flattedASTTree = SubgraphWalker.flattenAST(n)
-        var dfgNodes =
+    private fun getDFGPathEdges(n: Node?): SubgraphWalker.Border? {
+        val border = SubgraphWalker.Border()
+        val flattedASTTree = SubgraphWalker.flattenAST(n)
+        val dfgNodes =
             flattedASTTree
                 .stream()
-                .filter { node: Node -> !node.prevDFG.isEmpty() || !node.nextDFG.isEmpty() }
+                .filter { node: Node -> node.prevDFG.isNotEmpty() || node.nextDFG.isNotEmpty() }
                 .collect(Collectors.toList())
         // Nodes that are incoming edges, no other node
         border.entries.addAll(
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LogPass.kt
index e53722e..5a4a6e1 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LogPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LogPass.kt
@@ -1,12 +1,14 @@
 package io.clouditor.graph.passes
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.*
 
-abstract class LogPass : Pass() {
+abstract class LogPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     override fun cleanup() {}
 
     protected fun handleLog(
@@ -32,7 +34,7 @@ abstract class LogPass : Pass() {
 
         val out = LogOperation(m, log, m.arguments.firstOrNull())
         out.location = m.location
-        out.name = name
+        out.name = Name(name)
 
         // add DFG from expression to sink
         out.logging?.let { out.value.nextDFG.add((it)) }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index 69504db..9258de0 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -1,18 +1,21 @@
 package io.clouditor.graph.passes.golang
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
+import de.fraunhofer.aisec.cpg.graph.parseName
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 
-class GinGonicPass : Pass() {
+class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     private val clients = mutableMapOf<VariableDeclaration, HttpRequestHandler>()
 
     private val httpMap: Map<String, String> =
@@ -60,37 +63,37 @@ class GinGonicPass : Pass() {
 
     override fun cleanup() {}
 
-    override fun accept(result: TranslationResult?) {
-        if (result != null) {
-            // first, look for clients
-            for (tu in result.translationUnits) {
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(r: VariableDeclaration) {
-                            handleVariable(result, tu, r)
-                        }
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: VariableDeclaration) {
+                        handleVariable(result, tu, t)
                     }
-                )
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(r: MemberCallExpression) {
-                            handleGinResponse(r)
-                        }
+                }
+            )
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        handleGinResponse(t)
                     }
-                )
-            }
+                }
+            )
         }
     }
 
     private fun handleGinResponse(m: MemberCallExpression) {
-        if (m.base.type.name.startsWith("gin.Context") &&
+        if (m.base?.type?.name?.startsWith("gin.Context") == true &&
                 m.arguments.firstOrNull()?.name?.startsWith("http.Status") == true
         ) {
             // replace the status code name with the harmonized naming
             m.arguments.firstOrNull()?.name =
-                httpMap.get(m.arguments.firstOrNull()?.name).toString()
+                m.parseName(httpMap[m.arguments.firstOrNull()?.name?.toString()].toString())
         }
     }
 
@@ -107,24 +110,25 @@ class GinGonicPass : Pass() {
 
             val funcDeclaration =
                 (m.arguments[1] as? DeclaredReferenceExpression)?.refersTo as? FunctionDeclaration
-            if (m.name == "GET" || m.name == "POST" || m.name == "PUT") {
+            if (m.name.localName == "GET" || m.name.localName == "POST" || m.name.localName == "PUT"
+            ) {
                 val endpoint =
                     HttpEndpoint(
                         NoAuthentication(),
                         funcDeclaration,
-                        m.name,
+                        m.name.localName,
                         getPath(m),
                         null,
                         null
                     )
-                endpoint.name = endpoint.path
+                endpoint.name = Name(endpoint.path)
 
                 // get the endpoint's handler and look through its mces
                 funcDeclaration?.accept(
                     Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(mce: MemberCallExpression) {
-                            handleBind(mce, endpoint)
+                    object : IVisitor<Node>() {
+                        fun visit(t: MemberCallExpression) {
+                            handleBind(t, endpoint)
                         }
                     }
                 )
@@ -132,9 +136,9 @@ class GinGonicPass : Pass() {
                 // get the endpoint's handler and look through its mes
                 funcDeclaration?.accept(
                     Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(me: MemberExpression) {
-                            handleForm(me, endpoint)
+                    object : IVisitor<Node>() {
+                        fun visit(t: MemberExpression) {
+                            handleForm(t, endpoint)
                         }
                     }
                 )
@@ -149,17 +153,17 @@ class GinGonicPass : Pass() {
                 client?.httpEndpoints?.plusAssign(endpoint)
                 app?.functionalities?.plusAssign(endpoint)
                 result += endpoint
-            } else if (m.name == "Group") {
+            } else if (m.name.localName == "Group") {
                 // add a new (sub) client
-                val app = result.findApplicationByTU(tu)
+                val application = result.findApplicationByTU(tu)
 
                 val requestHandler =
                     HttpRequestHandler(
-                        app,
+                        application,
                         mutableListOf(),
                         client?.path?.appendPath(getPath(m)) ?: "/"
                     )
-                requestHandler.name = requestHandler.path
+                requestHandler.name = Name(requestHandler.path)
 
                 val subClient = m.nextDFG.filterIsInstance<VariableDeclaration>().firstOrNull()
                 subClient?.let {
@@ -174,14 +178,14 @@ class GinGonicPass : Pass() {
     }
 
     private fun handleBind(m: MemberCallExpression, e: HttpEndpoint) {
-        if (m.name == "BindJSON" || m.name == "Bind") {
-            var obj = (m.arguments.firstOrNull() as UnaryOperator).input
+        if (m.name.localName == "BindJSON" || m.name.localName == "Bind") {
+            val obj = (m.arguments.firstOrNull() as UnaryOperator).input
             if (obj is DeclaredReferenceExpression) {
                 obj.refersTo?.let { e.addNextDFG(it) }
             } else {
                 e.addNextDFG(obj)
             }
-        } else if (m.name == "Get") {
+        } else if (m.name.localName == "Get") {
             // lets see, whether we have a chain of member calls that go
             // to the base
             var memberCall: MemberExpression? = m.base as? MemberExpression
@@ -192,7 +196,7 @@ class GinGonicPass : Pass() {
 
                 // check, if its base is already of our gin type
                 if (memberCall.base.type is PointerType &&
-                        memberCall.base.type.name == "gin.Context*"
+                        memberCall.base.type.root.name.localName == "gin.Context"
                 ) {
                     // we can break immediately
                     break
@@ -207,7 +211,7 @@ class GinGonicPass : Pass() {
 
     // TODO consolidate duplicated code here and above in handleBind
     private fun handleForm(m: MemberExpression, e: HttpEndpoint) {
-        if (m.name == "Form") {
+        if (m.name.localName == "Form") {
             // lets see, whether we have a chain of member calls that go
             // to the base
             var memberCall: MemberExpression? = m.base as? MemberExpression
@@ -218,7 +222,7 @@ class GinGonicPass : Pass() {
 
                 // check, if its base is already of our gin type
                 if (memberCall.base.type is PointerType &&
-                        memberCall.base.type.name == "gin.Context*"
+                        memberCall.base.type.name.localName == "gin.Context*"
                 ) {
                     // we can break immediately
                     break
@@ -246,14 +250,42 @@ class GinGonicPass : Pass() {
         tu: TranslationUnitDeclaration,
         r: VariableDeclaration
     ) {
+        // FIXME: we're missing the following VariableDeclarations:
+        //  (caused by bug in CPG missing VariableDeclarations in shorthand ":=")
+        //      (TestD2Go):
+        //      - in client.go (11:5 - 11:33) with initializer Literal
+        //      - in client.go (12:10 - 15:3) with initializer ConstructExpression
+        //      - in server.go (16:2 - 16:16) with initializer CallExpression
+        //      (TestD2ValidationGo):
+        //      - in client.go (13:2 - 15:3) with initializer ConstructExpression
+        //      - in server.go (16:2 - 16:16) with initializer CallExpression
+        //      (TestD4Go):
+        //      - in client.go (10:5 - 10:33) with initializer Literal
+        //          [name := "firstname lastname"]
+        //      - in client.go (11:2 - 14:3) with initializer ConstructExpression
+        //          [data := url.Values{ "Name": {name}, "Message": {"helloworld"}, }]
+        //      - in server.go (26:5 - 31:6) with Initializer MemberCallExpression
+        //          [dsn := fmt.Sprintf("host=%s user=%s password=%s dbname=%s port=5432
+        //           sslmode=disable", "postgres", "postgres", "postgres", "postgres", )]
+        //      - in server.go (39:2 - 39:16) with Initializer CallExpression
+        //          [r := gin.New()]
+        //      - in server.go (50:2 - 50:36) with Initializer MemberCallExpression
+        //          [name := c.Request.Form.Get("Name")]
+        //      - in server.go (51:2 - 51:42) with Initializer MemberCallExpression
+        //          [message := c.Request.Form.Get("Message")]
+        //      - in server.go (52:5 - 55:6) with Initializer UnaryOperator
+        //          [data := &Data{ Name: name, Message: message, }]
+        //      - in server.go (56:2 - 56:30) with Initializer MemberExpression
+        //          [err := db.Create(data).error]
+        //      (...)
         if (r.initializer is CallExpression &&
-                (r.initializer as CallExpression).fqn == "gin.Default" ||
-                (r.initializer as CallExpression).fqn == "gin.New"
+                ((r.initializer as CallExpression).name.toString() == "gin.Default" ||
+                    (r.initializer as CallExpression).name.toString() == "gin.New")
         ) {
             val app = result.findApplicationByTU(tu)
 
             val requestHandler = HttpRequestHandler(app, mutableListOf(), "/")
-            requestHandler.name = requestHandler.path
+            requestHandler.name = Name(requestHandler.path)
 
             clients[r] = requestHandler
 
@@ -264,9 +296,9 @@ class GinGonicPass : Pass() {
             // look for calls to that client
             r.accept(
                 Strategy::EOG_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(m: MemberCallExpression) {
-                        handleMemberCall(result, tu, m)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        handleMemberCall(result, tu, t)
                     }
                 }
             )
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
index 241871f..faf4c7c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
@@ -1,32 +1,34 @@
 package io.clouditor.graph.passes.golang
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
 
-class GoCryptoPass : Pass() {
+@Suppress("UNUSED_PARAMETER")
+class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {}
 
-    override fun accept(result: TranslationResult?) {
-        if (result != null) {
-            for (tu in result.translationUnits) {
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(c: CallExpression) {
-                            handleSign(result, tu, c)
-                        }
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: CallExpression) {
+                        handleSign(result, tu, t)
                     }
-                )
-            }
+                }
+            )
         }
     }
 
@@ -35,11 +37,13 @@ class GoCryptoPass : Pass() {
         tu: TranslationUnitDeclaration,
         c: CallExpression
     ) {
-        if (c.fqn == "ed25519.Sign") {
+        if (c.name.toString() == "ed25519.Sign") {
             // the text that is signed is the second argument
-            val text_to_be_signedDRE = c.arguments[1] as DeclaredReferenceExpression
-            val plain_text = text_to_be_signedDRE.refersTo as VariableDeclaration
-            val signature = Signature(plain_text, c.nextDFG.first() as VariableDeclaration)
+            val textToBeSigned = c.arguments[1] as DeclaredReferenceExpression
+            // FIXME: Safety measures added later; they were not necessary with the previous CPG
+            //  version. This can mean that the expected value differs from before (not null/empty).
+            val plainText = textToBeSigned.refersTo as? VariableDeclaration
+            val signature = Signature(plainText, c.nextDFG.firstOrNull() as? VariableDeclaration)
             t += signature
         }
     }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
index 3b40546..74949ba 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
@@ -1,6 +1,8 @@
 package io.clouditor.graph.passes.golang
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
@@ -12,37 +14,38 @@ import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
 
-class GolangHttpPass : HttpClientPass() {
+@Suppress("UNUSED_PARAMETER")
+class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     private val clients = mutableMapOf<VariableDeclaration, HttpRequestHandler>()
 
     override fun cleanup() {}
 
     override fun accept(result: TranslationResult) {
-        if (result != null) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
 
-            // first, look for clients
-            for (tu in result.translationUnits) {
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(r: VariableDeclaration) {
-                            handleVariable(result, tu, r)
-                        }
+        // first, look for clients
+        for (tu in translationUnits) {
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: VariableDeclaration) {
+                        handleVariable(result, tu, t)
                     }
-                )
-            }
+                }
+            )
+        }
 
-            // then for the member calls
-            for (tu in result.translationUnits) {
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(m: MemberCallExpression) {
-                            handleMemberCall(result, tu, m)
-                        }
+        // then for the member calls
+        for (tu in translationUnits) {
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        handleMemberCall(result, tu, t)
                     }
-                )
-            }
+                }
+            )
         }
     }
 
@@ -69,11 +72,9 @@ class GolangHttpPass : HttpClientPass() {
                         null,
                         null
                     )
-                endpoint.name = endpoint.path
+                endpoint.name = Name(endpoint.path)
                 funcDeclaration?.parameters?.forEach {
-                    if (it.type is PointerType && it.type.name == "http.Request*" ||
-                            it.type is HttpRequest
-                    ) {
+                    if (it.type is PointerType && it.type.root.name.toString() == "http.Request") {
                         // add a dfg from the endpoint to the paramvariabledeclaration the data is
                         // stored in
                         endpoint.addNextDFG(it)
@@ -93,12 +94,12 @@ class GolangHttpPass : HttpClientPass() {
         // actually check for return types - but that does not work (yet) with the standard library
 
         if (r.initializer is CallExpression &&
-                (r.initializer as CallExpression).fqn == "http.NewServeMux"
+                (r.initializer as CallExpression).name.toString() == "http.NewServeMux"
         ) {
             val app = result.findApplicationByTU(tu)
 
             val requestHandler = HttpRequestHandler(app, mutableListOf(), "/")
-            requestHandler.name = requestHandler.path
+            requestHandler.name = Name(requestHandler.path)
 
             clients[r] = requestHandler
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index 087bfbe..7fba3cf 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -1,8 +1,8 @@
 package io.clouditor.graph.passes.golang
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
-import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.processing.IVisitor
@@ -12,18 +12,20 @@ import io.clouditor.graph.passes.HttpClientPass
 
 // This pass is needed only for the local testing mode, since in the testing pass we create the
 // endpoints and only after that we can create the respective requests
-class GolangHttpRequestPass : HttpClientPass() {
+class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
     override fun cleanup() {}
 
     override fun accept(result: TranslationResult) {
         // look for http call expressions in the client code
-        for (tu in result.translationUnits) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(m: CallExpression) {
-                        handleCallExpression(result, tu, m)
+                object : IVisitor<Node>() {
+                    fun visit(t: CallExpression) {
+                        handleCallExpression(result, tu, t)
                     }
                 }
             )
@@ -36,46 +38,49 @@ class GolangHttpRequestPass : HttpClientPass() {
         c: CallExpression
     ) {
         val app = result.findApplicationByTU(tu)
-        var requestFunction = c.invokes.first() as FunctionDeclaration
-        // should also have c.base.name == "http" but this is not parsed correctly atm
-        if (c.name == "PostForm") {
+        // FIXME: There are invokes missing compared to the previous version! (However, there are
+        //  more CallExpressions (many of them being ConstructExpressions or MemberCallExpressions)
+        //  in total!)
+        val requestFunction = c.invokes.firstOrNull()
+        if (c.name.toString() == "http.PostForm") {
             createHttpRequest(
                 result,
                 // TODO this should be resolved if it targets a variable
-                (c.arguments[0] as Literal<String>).value,
+                (c.arguments[0] as? Literal<String>)?.value ?: "",
                 c,
                 "POST",
                 // TODO request body: the default value is not correctly set, so we use the
                 // value that has a dfg edge to the request parameter
-                requestFunction.parameters[1].prevDFG.first() as DeclaredReferenceExpression,
+                requestFunction?.parameters?.get(1)?.prevDFG?.firstOrNull() as?
+                    DeclaredReferenceExpression,
                 app
             )
-            // should also have c.base.name == "http" but this is not parsed correctly atm
-        } else if (c.name == "PutForm") {
+        } else if (c.name.toString() == "http.PutForm") {
             createHttpRequest(
                 result,
-                (c.arguments[0] as Literal<String>).value,
+                (c.arguments[0] as? Literal<String>)?.value ?: "",
                 c,
                 "PUT",
-                requestFunction.parameters[1].prevDFG.first() as DeclaredReferenceExpression,
+                requestFunction?.parameters?.get(1)?.prevDFG?.firstOrNull() as?
+                    DeclaredReferenceExpression,
                 app
             )
-        } else if (c.fqn == "http.Get") {
+        } else if (c.toString() == "http.Get") {
             createHttpRequest(
                 result,
-                (c.arguments[0] as Literal<String>).value,
+                (c.arguments[0] as? Literal<String>)?.value ?: "",
                 c,
                 "GET",
                 null,
                 app
             )
-        } else if (c.name == "NewRequest" && c.arguments.first().code == "\"POST\"") {
+        } else if (c.name.localName == "NewRequest" && c.arguments.first().code == "\"POST\"") {
             createHttpRequest(
                 result,
-                (c.arguments[1] as Literal<String>).value,
+                (c.arguments[1] as? Literal<String>)?.value ?: "",
                 c,
                 "POST",
-                requestFunction.parameters[2].prevDFG.first() as Expression,
+                requestFunction?.parameters?.get(2)?.prevDFG?.firstOrNull() as? Expression,
                 app
             )
         }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
index 8511fcc..4555620 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
@@ -1,41 +1,54 @@
 package io.clouditor.graph.passes.golang
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
+import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.passes.LogPass
+import kotlin.streams.toList
 
-class GolangLogPass : LogPass() {
-    override fun accept(t: TranslationResult) {
-        for (tu in t.translationUnits) {
+class GolangLogPass(ctx: TranslationContext) : LogPass(ctx) {
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(m: MemberCallExpression) {
-                        val logMethods =
-                            arrayOf(
-                                "log.Info",
-                                "log.Debug",
-                                "log.Trace",
-                                "log.Warn",
-                                "log.Err",
-                            )
-                        // we are looking for calls to Msg or Msgf, which have a base of one of the
-                        // logging
-                        // specifiers above, e.g. log.Info().Msg("Hello")
-                        if ((m.name == "Msg" || m.name == "Msgf") &&
-                                (m.base as? CallExpression)?.fqn in logMethods
-                        ) {
-                            // the base name specifies the log severity, so we use this one as the
-                            // "name" of the log operation
-                            handleLog(t, m, m.base.name, tu)
-                        }
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        handleMemeberCallExpression(result, tu, t)
                     }
                 }
             )
         }
     }
+
+    private fun handleMemeberCallExpression(
+        result: TranslationResult,
+        tu: TranslationUnitDeclaration,
+        m: MemberCallExpression
+    ) {
+        val logMethods =
+            arrayOf(
+                "log.Info",
+                "log.Debug",
+                "log.Trace",
+                "log.Warn",
+                "log.Err",
+            )
+        // we are looking for calls to Msg or Msgf, which have a base of one of the
+        // logging
+        // specifiers above, e.g. log.Info().Msg("Hello")
+        if ((m.name.localName == "Msg" || m.name.localName == "Msgf") &&
+                (m.base as? CallExpression)?.name?.toString() in logMethods
+        ) {
+            // the base name specifies the log severity, so we use this one as the
+            // "name" of the log operation
+            handleLog(result, m, m.base?.name?.toString() ?: "missing", tu)
+        }
+    }
 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt
index 9ea10ef..b792bd4 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt
@@ -1,5 +1,6 @@
 package io.clouditor.graph.passes.java
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.Declaration
@@ -15,24 +16,29 @@ import io.clouditor.graph.nodes.followDFGReverse
 import io.clouditor.graph.nodes.followEOG
 import io.clouditor.graph.passes.HttpClientPass
 
-class JaxRsClientPass : HttpClientPass() {
-    override fun accept(t: TranslationResult) {
-        for (tu in t.translationUnits) {
+class JaxRsClientPass(ctx: TranslationContext) : HttpClientPass(ctx) {
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(r: StaticCallExpression) {
+                object : IVisitor<Node>() {
+                    fun visit(t: CallExpression) {
                         try {
                             // look for ClientBuilder.newClient (Jersey 3.x and 2.x)
-                            if (r.fqn == "jakarta.ws.rs.client.ClientBuilder.newClient" ||
-                                    r.fqn == "javax.ws.rs.client.ClientBuilder.newClient"
+                            if (t.name.toString() ==
+                                    "jakarta.ws.rs.client.ClientBuilder.newClient" ||
+                                    t.name.toString() ==
+                                        "javax.ws.rs.client.ClientBuilder.newClient"
                             ) {
-                                handleClient(t, r, tu)
+                                handleClient(result, t, tu)
                             }
 
                             // or ClientBuilder.newBuilder
-                            if (r.fqn == "javax.ws.rs.client.ClientBuilder.newBuilder") {
-                                handleBuilder(t, r, tu)
+                            if (t.name.toString() == "javax.ws.rs.client.ClientBuilder.newBuilder"
+                            ) {
+                                handleBuilder(result, t, tu)
                             }
                         } catch (t: Throwable) {
                             t.printStackTrace()
@@ -45,7 +51,7 @@ class JaxRsClientPass : HttpClientPass() {
 
     private fun handleBuilder(
         t: TranslationResult,
-        r: StaticCallExpression,
+        r: CallExpression,
         tu: TranslationUnitDeclaration
     ) {
         var builder: VariableDeclaration? = null
@@ -60,7 +66,7 @@ class JaxRsClientPass : HttpClientPass() {
 
         val buildCall =
             builder
-                ?.followEOG { it.end is MemberCallExpression && it.end.name == "build" }
+                ?.followEOG { it.end is MemberCallExpression && it.end.name.localName == "build" }
                 ?.lastOrNull()
 
         (buildCall?.end as? MemberCallExpression)?.let { handleClient(t, it, tu) }
@@ -75,21 +81,16 @@ class JaxRsClientPass : HttpClientPass() {
         creationCall: CallExpression,
         tu: TranslationUnitDeclaration
     ) {
-        var client: VariableDeclaration? = null
         val clientRefs = mutableListOf<DeclaredReferenceExpression>()
-        var target: VariableDeclaration? = null
-        val targetRefs = mutableListOf<DeclaredReferenceExpression>()
-        var targetToClient = mutableMapOf<VariableDeclaration, VariableDeclaration>()
 
         // look for the client itself, probably it is the DFG target
         val pair = followDFGTargetToDeclaration(creationCall)
-        pair?.let {
-            client = it.second as VariableDeclaration
-            clientRefs += it.first
-        }
+        pair?.let { clientRefs += it.first }
 
         val edges =
-            creationCall.followEOG { it.end is MemberCallExpression && it.end.name == "target" }
+            creationCall.followEOG {
+                it.end is MemberCallExpression && it.end.name.localName == "target"
+            }
         edges?.let { it ->
             val last = it.last()
 
@@ -101,10 +102,10 @@ class JaxRsClientPass : HttpClientPass() {
 
     private fun handleTargetCall(
         targetCall: MemberCallExpression,
-        t: TranslationResult,
+        result: TranslationResult,
         tu: TranslationUnitDeclaration
     ) {
-        val app = t.findApplicationByTU(tu)
+        val app = result.findApplicationByTU(tu)
 
         // assume that we are only on one client
         val env =
@@ -117,9 +118,9 @@ class JaxRsClientPass : HttpClientPass() {
         val url =
             ValueResolver { node, resolver ->
                     when (node) {
-                        is StaticCallExpression -> {
+                        is CallExpression -> {
                             // support for some special calls, i.e. format
-                            if (node.name == "getenv") {
+                            if (node.name.localName == "getenv") {
                                 // environment lookup on Java
                                 val key = resolver.resolve(node.arguments.firstOrNull())
 
@@ -136,12 +137,12 @@ class JaxRsClientPass : HttpClientPass() {
 
         targetCall.accept(
             Strategy::EOG_FORWARD,
-            object : IVisitor<Node?>() {
-                fun visit(mce: MemberCallExpression) {
+            object : IVisitor<Node>() {
+                fun visit(t: MemberCallExpression) {
                     // just look for a "get"
                     // TODO: actually look for client/builder... Hacky for now
-                    if (mce.name == "get") {
-                        handleGetCall(t, url.toString(), mce, app)
+                    if (t.name.localName == "get") {
+                        handleGetCall(result, url.toString(), t, app)
                     }
                 }
             }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsPass.kt
index 63310e2..a518515 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsPass.kt
@@ -1,35 +1,37 @@
 package io.clouditor.graph.passes.java
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Annotation
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.MethodDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.RecordDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.Literal
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 
-class JaxRsPass : Pass() {
+class JaxRsPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     // for now, assume, that we have one JAX-RS Application per analysis
     // this might not be the case everytime
 
     override fun cleanup() {}
 
-    override fun accept(result: TranslationResult?) {
-        if (result != null) {
-            for (tu in result.translationUnits) {
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(r: RecordDeclaration) {
-                            handleAnnotations(result, tu, r, r.annotations)
-                        }
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: RecordDeclaration) {
+                        handleAnnotations(result, tu, t, t.annotations)
                     }
-                )
-            }
+                }
+            )
         }
     }
 
@@ -41,7 +43,7 @@ class JaxRsPass : Pass() {
     ) {
         val app = result.findApplicationByTU(tu)
 
-        if (annotations.any { it.name == "Path" }) {
+        if (annotations.any { it.name.localName == "Path" }) {
             // handle it as a request handler
             val handler = HttpRequestHandler(app, mutableListOf(), "")
             handler.name = r.name
@@ -49,7 +51,7 @@ class JaxRsPass : Pass() {
             app?.functionalities?.plusAssign(handler)
 
             // the path of the controller is in the Path annotation, if it is set
-            handler.path = getPath(r.annotations.firstOrNull { it.name == "Path" })
+            handler.path = getPath(r.annotations.firstOrNull { it.name.localName == "Path" })
 
             // look for methods
             for (method in r.methods) {
@@ -68,13 +70,16 @@ class JaxRsPass : Pass() {
 
     private fun handleMapping(methodDeclaration: MethodDeclaration): HttpEndpoint? {
         val mapping =
-            methodDeclaration.annotations.firstOrNull { it.name == "GET" || it.name == "POST" }
+            methodDeclaration.annotations.firstOrNull {
+                it.name.localName == "GET" || it.name.localName == "POST"
+            }
         if (mapping != null) {
             // TE is not really interesting for us here, but we need to fill it. maybe make it
             // optional later
             val te = /*TransportEncryption(null, null, false, false)*/ null
 
-            val pathMapping = methodDeclaration.annotations.firstOrNull { it.name == "Path" }
+            val pathMapping =
+                methodDeclaration.annotations.firstOrNull { it.name.localName == "Path" }
 
             // the url is unknown at this point
             val endpoint =
@@ -86,7 +91,7 @@ class JaxRsPass : Pass() {
                     te,
                     null
                 )
-            endpoint.name = endpoint.path
+            endpoint.name = Name(endpoint.path)
 
             return endpoint
         }
@@ -97,7 +102,7 @@ class JaxRsPass : Pass() {
     private fun getMethod(mapping: Annotation): String {
         var method = "GET"
 
-        if (mapping.name == "POST") {
+        if (mapping.name.localName == "POST") {
             method = "POST"
         }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/java/SpringBootPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/java/SpringBootPass.kt
index 0378358..5811fed 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/java/SpringBootPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/java/SpringBootPass.kt
@@ -1,14 +1,17 @@
 package io.clouditor.graph.passes.java
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Annotation
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.MethodDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.RecordDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
+import de.fraunhofer.aisec.cpg.graph.parseName
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
@@ -17,37 +20,37 @@ import io.clouditor.graph.*
  * This pass parses an application for spring boot annotations and creates services and end-points
  * from it.
  */
-class SpringBootPass : Pass() {
+class SpringBootPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     override fun cleanup() {}
 
-    override fun accept(result: TranslationResult?) {
-        if (result != null) {
-            for (tu in result.translationUnits) {
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(r: RecordDeclaration) {
-                            handleAnnotations(result, tu, r, r.annotations)
-                        }
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: RecordDeclaration) {
+                        handleAnnotations(result, tu, t, t.annotations)
                     }
-                )
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(e: MemberExpression) {
-                            handleExpression(e)
-                        }
+                }
+            )
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberExpression) {
+                        handleExpression(t)
                     }
-                )
-            }
+                }
+            )
         }
     }
 
     fun handleExpression(e: MemberExpression) {
-        if (e.base.name == "HttpStatus") {
+        if (e.base.name.localName == "HttpStatus") {
             // use the code, e.g. "HttpStatus.CONFLICT", as we are using this Spring syntax across
             // languages
-            e.name = e.code.toString()
+            e.name = e.parseName(e.code.toString())
         }
     }
 
@@ -59,7 +62,7 @@ class SpringBootPass : Pass() {
     ) {
         val app = result.findApplicationByTU(tu)
 
-        if (annotations.any { it.name == "RestController" }) {
+        if (annotations.any { it.name.localName == "RestController" }) {
             // handle it as a request handler
             val handler = HttpRequestHandler(app, mutableListOf(), "")
             handler.name = recordDeclaration.name
@@ -67,7 +70,8 @@ class SpringBootPass : Pass() {
             app?.functionalities?.plusAssign(handler)
 
             // the path of the controller is in the requestmapping annotation, if it is set
-            val mapping = recordDeclaration.annotations.firstOrNull { it.name == "RequestMapping" }
+            val mapping =
+                recordDeclaration.annotations.firstOrNull { it.name.localName == "RequestMapping" }
             mapping?.let { handler.path = getPath(mapping) }
 
             // look for methods
@@ -88,7 +92,9 @@ class SpringBootPass : Pass() {
     private fun handleMapping(methodDeclaration: MethodDeclaration): HttpEndpoint? {
         val mapping =
             methodDeclaration.annotations.firstOrNull {
-                it.name == "RequestMapping" || it.name == "PostMapping" || it.name == "GetMapping"
+                it.name.localName == "RequestMapping" ||
+                    it.name.localName == "PostMapping" ||
+                    it.name.localName == "GetMapping"
             }
         if (mapping != null) {
             // TE is not really interesting for us here, but we need to fill it. maybe make it
@@ -107,12 +113,12 @@ class SpringBootPass : Pass() {
                     te,
                     null
                 )
-            endpoint.name = endpoint.path
+            endpoint.name = Name(endpoint.path)
 
             // if it's a mapping and has a simple return statement, it is an HttpStatus.OK
-            val ret = methodDeclaration.prevDFG
+            val ret = methodDeclaration.prevDFG.firstOrNull()
             if (ret is ReturnStatement) {
-                ret.name = "HttpStatus.OK"
+                ret.name = methodDeclaration.parseName("HttpStatus.OK")
             }
 
             return endpoint
@@ -141,7 +147,7 @@ class SpringBootPass : Pass() {
     private fun getMethod(mapping: Annotation): String {
         var method = "GET"
 
-        if (mapping.name == "PostMapping") {
+        if (mapping.name.localName == "PostMapping") {
             method = "POST"
         }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/js/FetchPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/js/FetchPass.kt
index cc5d5b4..7978234 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/js/FetchPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/js/FetchPass.kt
@@ -1,5 +1,6 @@
 package io.clouditor.graph.passes.js
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
@@ -12,10 +13,10 @@ import io.clouditor.graph.findApplicationByTU
 import io.clouditor.graph.passes.HttpClientPass
 import java.nio.file.Files
 
-class FetchPass : HttpClientPass() {
+class FetchPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     var map = mutableMapOf<String, String>()
 
-    override fun accept(t: TranslationResult) {
+    override fun accept(result: TranslationResult) {
         val applications = listOf(App.rootPath)
 
         for (rootPath in applications) {
@@ -33,12 +34,14 @@ class FetchPass : HttpClientPass() {
             }
         }
 
-        for (tu in t.translationUnits) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(call: CallExpression) {
-                        handleCallExpression(t, tu, call)
+                object : IVisitor<Node>() {
+                    fun visit(t: CallExpression) {
+                        handleCallExpression(result, tu, t)
                     }
                 }
             )
@@ -50,7 +53,7 @@ class FetchPass : HttpClientPass() {
         tu: TranslationUnitDeclaration,
         call: CallExpression
     ) {
-        if (call.name == "fetch") {
+        if (call.name.localName == "fetch") {
             handleFetch(t, tu, call)
         }
     }
@@ -80,7 +83,7 @@ class FetchPass : HttpClientPass() {
         ValueResolver()
             .resolve(
                 options?.initializers?.firstOrNull {
-                    it is KeyValueExpression && it.key?.name == "method"
+                    it is KeyValueExpression && it.key?.name?.localName == "method"
                 }
             )
             ?.let { method = it as String }
@@ -89,9 +92,9 @@ class FetchPass : HttpClientPass() {
     }
 
     private fun getBody(options: InitializerListExpression?): Expression? {
-        var body =
+        val body =
             (options?.initializers?.firstOrNull() {
-                    it is KeyValueExpression && it.key?.name == "body"
+                    it is KeyValueExpression && it.key?.name?.localName == "body"
                 } as
                     KeyValueExpression)
                 .value
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt
index d5c2546..44b4746 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt
@@ -1,32 +1,35 @@
 package io.clouditor.graph.passes.js
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 
-class JSHttpPass : Pass() {
+@Suppress("UNUSED_PARAMETER")
+class JSHttpPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {}
 
-    override fun accept(result: TranslationResult?) {
-        if (result != null) {
-            for (tu in result.translationUnits) {
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(v: VariableDeclaration) {
-                            handleVariableDeclaration(result, tu, v)
-                        }
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: VariableDeclaration) {
+                        handleVariableDeclaration(result, tu, t)
                     }
-                )
-            }
+                }
+            )
         }
     }
 
@@ -35,18 +38,20 @@ class JSHttpPass : Pass() {
         tu: TranslationUnitDeclaration,
         v: VariableDeclaration
     ) {
-        if (v.name == "dispatcher" || (v.initializer as? CallExpression)?.name == "express") {
+        if (v.name.localName == "dispatcher" ||
+                (v.initializer as? CallExpression)?.name?.localName == "express"
+        ) {
             val app = result.findApplicationByTU(tu)
 
             val requestHandler = HttpRequestHandler(app, mutableListOf(), "/")
-            requestHandler.name = requestHandler.path
+            requestHandler.name = Name(requestHandler.path)
 
             tu.accept(
                 Strategy::AST_FORWARD, // EOG_FORWARD would be better but seems to be broken on top
                 // level statements
-                object : IVisitor<Node?>() {
-                    fun visit(mce: MemberCallExpression) {
-                        val endpoint = handleEndpoint(result, tu, mce, v)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        val endpoint = handleEndpoint(result, tu, t, v)
 
                         endpoint?.let {
                             requestHandler.httpEndpoints.plusAssign(it)
@@ -68,24 +73,25 @@ class JSHttpPass : Pass() {
         mce: MemberCallExpression,
         v: VariableDeclaration
     ): HttpEndpoint? {
-        return if ((mce.name == "onPost" ||
-                mce.name == "onGet" ||
-                mce.name == "post" ||
-                mce.name == "get") && (mce.base as? DeclaredReferenceExpression)?.refersTo == v
+        return if ((mce.name.localName == "onPost" ||
+                mce.name.localName == "onGet" ||
+                mce.name.localName == "post" ||
+                mce.name.localName == "get") &&
+                (mce.base as? DeclaredReferenceExpression)?.refersTo == v
         ) {
             val path: String =
                 unRegex((mce.arguments.first() as? Literal<*>)?.value as? String ?: "/")
             val func = (mce.arguments[mce.arguments.size - 1] as? LambdaExpression)?.function
 
             val endpoint = HttpEndpoint(NoAuthentication(), func, getMethod(mce), path, null, null)
-            endpoint.name = path
+            endpoint.name = Name(path)
 
             // get the endpoint's handler and look for assignments of the request's JSON body
             func?.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(me: MemberExpression) {
-                        handleRequestUnpacking(func, me, endpoint)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberExpression) {
+                        handleRequestUnpacking(func, t, endpoint)
                     }
                 }
             )
@@ -101,7 +107,7 @@ class JSHttpPass : Pass() {
         me: MemberExpression,
         e: HttpEndpoint
     ) {
-        if (me.name == "body" &&
+        if (me.name.localName == "body" &&
                 fd.parameters.first() == (me.base as? DeclaredReferenceExpression)?.refersTo
         ) {
             // set the DFG target of this call to the DFG target of our http endpoints
@@ -124,7 +130,7 @@ class JSHttpPass : Pass() {
     }
 
     private fun getMethod(mce: MemberCallExpression): String {
-        return if (mce.name == "onPost" || mce.name == "post") {
+        return if (mce.name.localName == "onPost" || mce.name.localName == "post") {
             "POST"
         } else {
             "GET"
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSValueResolver.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSValueResolver.kt
index 53f419a..8225070 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSValueResolver.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSValueResolver.kt
@@ -7,8 +7,7 @@ import io.clouditor.graph.ValueResolver
 
 class JSValueResolver(
     app: Application?,
-    override val cannotResolve: (Node?, ValueResolver) -> Any? =
-            { node: Node?, resolver: ValueResolver ->
+    override val cannotResolve: (Node?, ValueResolver) -> Any? = { node: Node?, _: ValueResolver ->
         // assume that we are only on one client
         val env =
             app?.runsOn?.firstOrNull()?.labels?.filter { it.key.startsWith("env_") }?.mapKeys {
@@ -19,7 +18,7 @@ class JSValueResolver(
         when (node) {
             is Expression -> {
                 val s =
-                    if (node?.code?.startsWith("process.env.") == true) {
+                    if (node.code?.startsWith("process.env.") == true) {
                         val envVarName =
                             node.code?.split("process.env.")?.get(1)?.split("!")?.get(0)
                         env[envVarName]
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
index 0dc121c..8284fbb 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
@@ -1,37 +1,43 @@
 package io.clouditor.graph.passes.python
 
-import de.fraunhofer.aisec.cpg.ExperimentalPython
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
 
-@ExperimentalPython
-class CryptographyPass : Pass() {
+@Suppress("UNUSED_PARAMETER")
+class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {
         // nothing to do
     }
 
-    override fun accept(t: TranslationResult) {
+    override fun accept(result: TranslationResult) {
         // if (this.lang is PythonLanguageFrontend) {
-        for (tu in t.translationUnits) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(r: MemberCallExpression) {
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
                         // look for key.sign()
-                        if (r.name == "sign") {
-                            val private_key = r.base as DeclaredReferenceExpression
-                            val generator = private_key.prevDFG.first() as MemberCallExpression
-                            if (generator.name == "generate_private_key") {
-                                handleSignature(tu, t, r)
+                        if (t.name.localName == "sign") {
+                            val privateKey = t.base as DeclaredReferenceExpression
+                            // FIXME ( TODO): Safety measures added later; they were not necessary
+                            //  with the previous CPG version.
+                            //  This can mean that the expected value differs from
+                            //  before (not null/empty).
+                            val generator = privateKey.prevDFG.firstOrNull() as? CallExpression
+                            if (generator?.name?.localName == "generate_private_key") {
+                                handleSignature(tu, result, t)
                             }
                         }
                     }
@@ -47,9 +53,9 @@ class CryptographyPass : Pass() {
         mce: MemberCallExpression
     ) {
         // TODO check if it is always the first one
-        val text_to_be_signed_expression = mce.arguments.first() as DeclaredReferenceExpression
-        val plain_text = text_to_be_signed_expression.refersTo as VariableDeclaration
-        val signature = Signature(plain_text, mce.nextDFG.first() as VariableDeclaration)
+        val textToBeSignedExpression = mce.arguments.first() as DeclaredReferenceExpression
+        val plainText = textToBeSignedExpression.refersTo as VariableDeclaration
+        val signature = Signature(plainText, mce.nextDFG.first() as VariableDeclaration)
         t += signature
     }
 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
index 8151467..505b600 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
@@ -1,21 +1,22 @@
 package io.clouditor.graph.passes.python
 
-import de.fraunhofer.aisec.cpg.ExperimentalPython
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Annotation
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 
-@OptIn(ExperimentalPython::class)
-class FlaskPass : Pass() {
+@Suppress("UNUSED_PARAMETER")
+class FlaskPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     // for now, assume, that we have one Flask application per analysis
     // this might not be the case everytime
 
@@ -35,18 +36,18 @@ class FlaskPass : Pass() {
 
     override fun accept(result: TranslationResult) {
         // if (this.lang is PythonLanguageFrontend) {
-        for (tu in result.translationUnits) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(v: VariableDeclaration) {
-                        handleVariableDeclarations(result, tu, v, v.annotations)
-                        // handleAnnotations(result, tu, r, r.annotations)
+                object : IVisitor<Node>() {
+                    fun visit(t: VariableDeclaration) {
+                        handleVariableDeclarations(result, tu, t, t.annotations)
                     }
                 }
             )
         }
-        // }
     }
 
     private fun handleVariableDeclarations(
@@ -57,7 +58,7 @@ class FlaskPass : Pass() {
     ) {
         val app = result.findApplicationByTU(tu)
 
-        if ((v.initializer as? CallExpression)?.name == "Flask") {
+        if ((v.initializer as? CallExpression)?.name?.localName == "Flask") {
             // handle it as a request handler
             val handler = HttpRequestHandler(app, mutableListOf(), "/")
             handler.name = v.name
@@ -67,9 +68,9 @@ class FlaskPass : Pass() {
             // look for functions
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(v: FunctionDeclaration) {
-                        handleMapping(v)?.let {
+                object : IVisitor<Node>() {
+                    fun visit(t: FunctionDeclaration) {
+                        handleMapping(t)?.let {
                             handler.httpEndpoints.plusAssign(it)
 
                             app?.functionalities?.plusAssign(it)
@@ -85,7 +86,7 @@ class FlaskPass : Pass() {
     }
 
     private fun handleMapping(func: FunctionDeclaration): HttpEndpoint? {
-        val mapping = func.annotations.firstOrNull { it.name == "route" }
+        val mapping = func.annotations.firstOrNull { it.name.localName == "route" }
         if (mapping != null) {
             // TE is not really interesting for us here, but we need to fill it. maybe make it
             // optional later
@@ -101,23 +102,23 @@ class FlaskPass : Pass() {
                     te,
                     null
                 )
-            endpoint.name = endpoint.path
+            endpoint.name = Name(endpoint.path)
 
             // get the endpoint's handler and look for assignments of the request's JSON body
             func.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(me: MemberExpression) {
-                        handleRequestUnpacking(me, endpoint)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberExpression) {
+                        handleRequestUnpacking(t, endpoint)
                     }
                 }
             )
 
             func.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(rs: ReturnStatement) {
-                        handleReturnStatement(rs)
+                object : IVisitor<Node>() {
+                    fun visit(t: ReturnStatement) {
+                        handleReturnStatement(t)
                     }
                 }
             )
@@ -129,7 +130,7 @@ class FlaskPass : Pass() {
     }
 
     private fun handleRequestUnpacking(me: MemberExpression, e: HttpEndpoint) {
-        if (me.name == "json" && me.base.name == "request") {
+        if (me.name.localName == "json" && me.base.name.localName == "request") {
             // set the DFG target of this call to the DFG target of our http endpoints
             me.nextDFG.forEach { e.addNextDFG(it) }
 
@@ -141,9 +142,10 @@ class FlaskPass : Pass() {
 
     private fun getMethod(mapping: Annotation): String {
         var method = "GET"
-        (mapping.members.firstOrNull { it.name == "methods" }?.value as? InitializerListExpression)
+        (mapping.members.firstOrNull { it.name.localName == "methods" }?.value as?
+                InitializerListExpression)
             ?.initializers?.firstOrNull()
-            .let { (it as? Literal<*>)?.let { method = it.value.toString() } }
+            .let { it -> (it as? Literal<*>)?.let { method = it.value.toString() } }
 
         return method
     }
@@ -161,10 +163,12 @@ class FlaskPass : Pass() {
     }
 
     private fun handleReturnStatement(rs: ReturnStatement) {
-        var returnValue = rs.returnValue as InitializerListExpression
+        val returnValue = rs.returnValue as InitializerListExpression
         // set the correct http status code by looking through the initializers
-        returnValue.initializers.first { it.name in httpMap }.let {
-            returnValue.name = httpMap.get(it.name).toString()
+        // FIXME: Safety measures added later; they were not necessary with the previous CPG
+        //  version. This can mean that the expected value differs from before (not null/empty).
+        returnValue.initializers.firstOrNull { it.name.toString() in httpMap }.let {
+            returnValue.name = Name(httpMap[it?.name.toString()].toString())
         }
     }
 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt
index 3b3efc9..f6fb588 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt
@@ -1,5 +1,6 @@
 package io.clouditor.graph.passes.python
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.edge.Properties
@@ -10,22 +11,26 @@ import io.clouditor.graph.*
 import io.clouditor.graph.nodes.getStorageOrCreate
 import io.clouditor.graph.passes.DatabaseOperationPass
 
-class Psycopg2Pass : DatabaseOperationPass() {
+@Suppress("UNUSED_PARAMETER")
+class Psycopg2Pass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
     val clients: MutableMap<Node, Pair<DatabaseConnect, List<DatabaseStorage>>> = mutableMapOf()
     private val executes: MutableMap<Node, DatabaseQuery> = mutableMapOf()
 
-    override fun accept(t: TranslationResult) {
-        for (tu in t.translationUnits) {
-            val app = t.findApplicationByTU(tu)
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+            val app = result.findApplicationByTU(tu)
 
-            t.accept(
+            result.accept(
                 Strategy::AST_FORWARD, // actually we want to have EOG_FORWARD, but that doesn't
                 // work
-                object : IVisitor<Node?>() {
-                    fun visit(call: MemberCallExpression) {
-                        if (call.name == "connect" && call.base.name == "psycopg2") {
-                            handleConnect(t, call, app)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        if (t.name.localName == "connect" && t.base?.name?.localName == "psycopg2"
+                        ) {
+                            handleConnect(result, t, app)
                         }
                     }
                 }
@@ -39,42 +44,42 @@ class Psycopg2Pass : DatabaseOperationPass() {
 
             // in order to avoid ordering problems, we need to do this one step at a time, so first
             // looking for a cursor.
-            t.accept(
+            result.accept(
                 Strategy::AST_FORWARD, // actually we want to have EOG_FORWARD, but that doesn't
                 // work
-                object : IVisitor<Node?>() {
-                    fun visit(call: MemberCallExpression) {
-                        clients[call.base]?.let {
-                            if (call.name == "cursor") {
-                                handleCursor(call, it)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        clients[t.base!!]?.let {
+                            if (t.name.localName == "cursor") {
+                                handleCursor(t, it)
                             }
                         }
                     }
                 }
             )
 
-            t.accept(
+            result.accept(
                 Strategy::AST_FORWARD, // actually we want to have EOG_FORWARD, but that doesn't
                 // work
-                object : IVisitor<Node?>() {
-                    fun visit(call: MemberCallExpression) {
-                        clients[call.base]?.let {
-                            if (call.name == "execute") {
-                                handleExecute(t, call, app, it)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        clients[t.base!!]?.let {
+                            if (t.name.localName == "execute") {
+                                handleExecute(result, t, app, it)
                             }
                         }
                     }
                 }
             )
 
-            t.accept(
+            result.accept(
                 Strategy::AST_FORWARD, // actually we want to have EOG_FORWARD, but that doesn't
                 // work
-                object : IVisitor<Node?>() {
-                    fun visit(call: MemberCallExpression) {
-                        clients[call.base]?.let {
-                            if (call.name == "fetchall") {
-                                handleFetchAll(t, call, app, it)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        clients[t.base!!]?.let {
+                            if (t.name.localName == "fetchall") {
+                                handleFetchAll(result, t, app, it)
                             }
                         }
                     }
@@ -146,7 +151,7 @@ class Psycopg2Pass : DatabaseOperationPass() {
         something?.let { matchResult ->
             val table = matchResult.groups[2]?.value
             val dbName = dbStorage.firstOrNull()?.name
-            val storage = connect.to.map { it.getStorageOrCreate(table ?: "", dbName) }
+            val storage = connect.to.map { it.getStorageOrCreate(table ?: "", dbName?.localName) }
 
             val op = createDatabaseQuery(result, false, connect, storage, mutableListOf(call), app)
             op.name = call.name
@@ -182,15 +187,13 @@ class Psycopg2Pass : DatabaseOperationPass() {
         // resolve the connection details
         val host =
             resolver.resolve(
-                call.argumentsPropertyEdge
-                    .firstOrNull { it.getProperty(Properties.NAME) == "host" }
-                    ?.end
+                call.argumentEdges.firstOrNull { it.getProperty(Properties.NAME) == "host" }?.end
             ) as?
                 String
 
         val db =
             resolver.resolve(
-                call.argumentsPropertyEdge
+                call.argumentEdges
                     .firstOrNull { it.getProperty(Properties.NAME) == "database" }
                     ?.end
             ) as?
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
index f35c7e1..1dce34b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
@@ -1,5 +1,6 @@
 package io.clouditor.graph.passes.python
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
@@ -12,31 +13,35 @@ import io.clouditor.graph.nodes.getStorageOrCreate
 import io.clouditor.graph.passes.DatabaseOperationPass
 import java.net.URI
 
-class PyMongoPass : DatabaseOperationPass() {
+@Suppress("UNUSED_PARAMETER")
+class PyMongoPass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
     val clients: MutableMap<Node, DatabaseConnect> = mutableMapOf()
     val dbs: MutableMap<Node, Pair<DatabaseConnect, List<DatabaseStorage>>> = mutableMapOf()
     val collections: MutableMap<Node, Pair<DatabaseConnect, List<DatabaseStorage>>> = mutableMapOf()
 
-    override fun accept(t: TranslationResult) {
-        for (tu in t.translationUnits) {
-            val app = t.findApplicationByTU(tu)
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+            val app = result.findApplicationByTU(tu)
 
             tu.accept(
                 Strategy::AST_FORWARD, // actually we want to have EOG_FORWARD, but that doesn't
                 // work
-                object : IVisitor<Node?>() {
-                    fun visit(call: CallExpression) {
+                object : IVisitor<Node>() {
+                    fun visit(t: CallExpression) {
                         // TODO: actually, this should be a ConstructExpression, but currently, it
                         // is parsed as a CallExpression in the CPG
-                        if (call.name == "MongoClient") {
-                            handleClientCreate(t, call, app)
+                        if (t.name.localName == "MongoClient") {
+                            handleClientCreate(result, t, app)
                         }
                     }
                 }
             )
 
             // There is no need for us to continue, if we have not found any clients
+            // FIXME: clients is empty because of the error described in line 112
             if (clients.isEmpty()) {
                 log.info("Found no clients in {}, we are not processing this any further", tu.name)
                 continue
@@ -45,14 +50,12 @@ class PyMongoPass : DatabaseOperationPass() {
             tu.accept(
                 Strategy::AST_FORWARD, // actually we want to have EOG_FORWARD, but that doesn't
                 // work
-                object : IVisitor<Node?>() {
-                    fun visit(memberExpression: MemberExpression) {
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberExpression) {
                         // We are interested in member expression to a base that is in our clients
                         // map. This means that
                         // a database object is created from this client.
-                        clients[memberExpression.base]?.let {
-                            handleDBObjectCreate(t, memberExpression, app, it)
-                        }
+                        clients[t.base]?.let { handleDBObjectCreate(result, t, app, it) }
                     }
                 }
             )
@@ -60,13 +63,11 @@ class PyMongoPass : DatabaseOperationPass() {
             tu.accept(
                 Strategy::AST_FORWARD, // actually we want to have EOG_FORWARD, but that doesn't
                 // work
-                object : IVisitor<Node?>() {
-                    fun visit(memberExpression: MemberExpression) {
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberExpression) {
                         // The process is then repeated for a database object, to create a
                         // collections object.
-                        dbs[memberExpression.base]?.let {
-                            handleCollectionsObjectCreate(t, memberExpression, app, it)
-                        }
+                        dbs[t.base]?.let { handleCollectionsObjectCreate(result, t, app, it) }
                     }
                 }
             )
@@ -79,9 +80,9 @@ class PyMongoPass : DatabaseOperationPass() {
             tu.accept(
                 Strategy::AST_FORWARD, // actually we want to have EOG_FORWARD, but that doesn't
                 // work
-                object : IVisitor<Node?>() {
-                    fun visit(mce: MemberCallExpression) {
-                        collections[mce.base]?.let { handleQuery(t, mce, app, it) }
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        collections[t.base!!]?.let { handleQuery(result, t, app, it) }
                     }
                 }
             )
@@ -104,9 +105,15 @@ class PyMongoPass : DatabaseOperationPass() {
         val connect = createDatabaseConnect(result, uri?.host ?: "", call, app)
 
         // the DFG target of this call expression is the client, we are interested in
-        val target = call.nextDFG.iterator().next()
-
-        storeDeclarationOrReference(clients, target, connect)
+        // FIXME: this is not true for the new CPG version -> bug?
+        //  CPG should usually return the associated VariableDeclaration as the next DFG Edge
+        //  However, we don't get any values at all for prev/next EOG/DFG edges
+        if (call.nextDFG.iterator().hasNext()) {
+            val target = call.nextDFG.iterator().next()
+            storeDeclarationOrReference(clients, target, connect)
+        } else {
+            System.err.println("Failed to resolve target of Client creation")
+        }
     }
 
     private fun handleDBObjectCreate(
@@ -119,7 +126,8 @@ class PyMongoPass : DatabaseOperationPass() {
         // the services are reachable by proxies, or are clustered. Thus technically, we have
         // multiple database storage nodes (one per service)
         val storages =
-            connect.to?.map { it.getStorageOrCreate(memberExpression.name) } ?: emptyList()
+            connect.to?.map { it.getStorageOrCreate(memberExpression.name.localName) }
+                ?: emptyList()
 
         // the DFG target of this member expression is the DB object, we are interested in
         val target = memberExpression.nextDFG.iterator().next()
@@ -141,12 +149,12 @@ class PyMongoPass : DatabaseOperationPass() {
         // again, multiple services, multiple storages
         val storages =
             connect.to?.map {
-                val pair = dbs[memberExpression.base]
+                val clPair = dbs[memberExpression.base]
                 // name should be the same in all storages of all the dbs of all the clients of all
                 // the services
-                var parentName = pair?.second?.firstOrNull()?.name
+                val parentName = clPair?.second?.firstOrNull()?.name
 
-                it.getStorageOrCreate(memberExpression.name, parentName)
+                it.getStorageOrCreate(memberExpression.name.localName, parentName?.localName)
             }
                 ?: emptyList()
 
@@ -165,16 +173,16 @@ class PyMongoPass : DatabaseOperationPass() {
         app: Application?,
         pair: Pair<DatabaseConnect, List<DatabaseStorage>>
     ) {
-        var (connect, storage) = pair
+        val (connect, storage) = pair
         var op: DatabaseQuery? = null
-        if (mce.name == "insert_one") {
+        if (mce.name.localName == "insert_one") {
             op = createDatabaseQuery(t, true, connect, storage, listOf(mce), app)
 
             // data flows from first argument to op
             mce.arguments.firstOrNull()?.addNextDFG(op)
         }
 
-        if (mce.name == "find" || mce.name == "find_one") {
+        if (mce.name.localName == "find" || mce.name.localName == "find_one") {
             op = createDatabaseQuery(t, false, connect, storage, listOf(mce), app)
             // data flows from first argument to op
             mce.arguments.firstOrNull()?.addNextDFG(op)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonLogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonLogPass.kt
index 9bbf341..33d9a37 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonLogPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonLogPass.kt
@@ -1,23 +1,25 @@
 package io.clouditor.graph.passes.python
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
-import io.clouditor.graph.*
 import io.clouditor.graph.passes.LogPass
 
-class PythonLogPass : LogPass() {
-    override fun accept(t: TranslationResult) {
+class PythonLogPass(ctx: TranslationContext) : LogPass(ctx) {
+    override fun accept(result: TranslationResult) {
         // if (this.lang is PythonLanguageFrontend) {
-        for (tu in t.translationUnits) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(m: MemberCallExpression) {
-                        if (m.name == "info" && m.base?.name == "logging") {
-                            handleLog(t, m, m.name, tu)
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        if (t.name.localName == "info" && t.base?.name?.localName == "logging") {
+                            handleLog(result, t, t.name.localName, tu)
                         }
                     }
                 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonValueResolver.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonValueResolver.kt
index 7b69576..fee42c1 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonValueResolver.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonValueResolver.kt
@@ -1,7 +1,6 @@
 package io.clouditor.graph.passes.python
 
 import de.fraunhofer.aisec.cpg.graph.Node
-import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import io.clouditor.graph.Application
 import io.clouditor.graph.ValueResolver
@@ -19,11 +18,11 @@ class PythonValueResolver(
 
         when (node) {
             is MemberCallExpression -> {
-                var base = resolver.resolve(node.base as Expression?).toString()
+                var base = resolver.resolve(node.base).toString()
 
                 // support for some special calls, i.e. format
                 val s =
-                    if (node.name == "format") {
+                    if (node.name.localName == "format") {
                         // basic sub for now, loop through arguments
                         for (i in 0 until node.arguments.size) {
                             // sub on base
@@ -32,7 +31,9 @@ class PythonValueResolver(
                         }
 
                         base
-                    } else if (node.base.name == "environ" && node.name == "get") {
+                    } else if (node.base?.name?.localName == "environ" &&
+                            node.name.localName == "get"
+                    ) {
                         // environment lookup on python
                         val key = resolver.resolve(node.arguments.firstOrNull())
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
index c77540f..07785c7 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
@@ -1,6 +1,6 @@
 package io.clouditor.graph.passes.python
 
-import de.fraunhofer.aisec.cpg.ExperimentalPython
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
@@ -10,25 +10,33 @@ import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
 
-@ExperimentalPython
-class RequestsPass : HttpClientPass() {
+class RequestsPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
     override fun cleanup() {
         // nothing to do
     }
 
-    override fun accept(t: TranslationResult) {
+    override fun accept(result: TranslationResult) {
         // if (this.lang is PythonLanguageFrontend) {
-        for (tu in t.translationUnits) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
             tu.accept(
                 Strategy::AST_FORWARD,
-                object : IVisitor<Node?>() {
-                    fun visit(r: MemberCallExpression) {
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        // FIXME: first part of the name is UNKNOWN when it was previously
+                        //  not (e.g. UNKNOWN.Sprintf instead of fmt.Sprintf)
+                        //  this is not important for this check but still worth
+                        //  investigating
+                        // FIXME: it seems we are also missing some Expressions
                         // look for requests.get()
-                        if (r.name == "get" && r.base.name == "requests") {
-                            handleClientRequest(tu, t, r, "GET")
-                        } else if (r.name == "post" && r.base.name == "requests") {
-                            handleClientRequest(tu, t, r, "POST")
+                        if (t.name.localName == "get" && t.base?.name?.localName == "requests") {
+                            handleClientRequest(tu, result, t, "GET")
+                        } else if (t.name.localName == "post" &&
+                                t.base?.name?.localName == "requests"
+                        ) {
+                            handleClientRequest(tu, result, t, "POST")
                         }
                     }
                 }
@@ -45,8 +53,13 @@ class RequestsPass : HttpClientPass() {
     ) {
         val app = t.findApplicationByTU(tu)
 
+        // FIXME: "refersTo" in DeclaredReferenceExpression is null when it should not be
+        // (testD2Python)
         val url = PythonValueResolver(app).resolve(r.arguments.first())
 
-        createHttpRequest(t, url as String, r, method, r.arguments[1], app)
+        // FIXME: Safety measures added later; they were not necessary with the previous CPG
+        // version.
+        // FIXME: This can mean that the expected value differs from before (not null/empty).
+        createHttpRequest(t, url as String, r, method, r.arguments.getOrNull(1), app)
     }
 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt
index 29ae6d7..cb0368a 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt
@@ -1,6 +1,8 @@
 package io.clouditor.graph.passes.ruby
 
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
@@ -8,37 +10,37 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.CompoundStatement
 import de.fraunhofer.aisec.cpg.graph.statements.DeclarationStatement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.golang.appendPath
 
-class WebBrickPass : Pass() {
+class WebBrickPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {}
 
-    override fun accept(result: TranslationResult?) {
-        if (result != null) {
-            for (tu in result.translationUnits) {
-                val app = result.findApplicationByTU(tu)
+    override fun accept(result: TranslationResult) {
+        val translationUnits =
+            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        for (tu in translationUnits) {
+            val app = result.findApplicationByTU(tu)
 
-                // one handler per file
-                val handler = HttpRequestHandler(app, mutableListOf(), "/")
+            // one handler per file
+            val handler = HttpRequestHandler(app, mutableListOf(), "/")
 
-                tu.accept(
-                    Strategy::AST_FORWARD,
-                    object : IVisitor<Node?>() {
-                        fun visit(mce: MemberCallExpression) {
-                            handleMemberCall(result, tu, mce, handler)
-                        }
+            tu.accept(
+                Strategy::AST_FORWARD,
+                object : IVisitor<Node>() {
+                    fun visit(t: MemberCallExpression) {
+                        handleMemberCall(result, tu, t, handler)
                     }
-                )
+                }
+            )
 
-                result += handler
+            result += handler
 
-                app?.functionalities?.plusAssign(handler)
-            }
+            app?.functionalities?.plusAssign(handler)
         }
     }
 
@@ -50,7 +52,7 @@ class WebBrickPass : Pass() {
     ) {
         val app = result.findApplicationByTU(tu)
 
-        if (mce.name == "mount_proc") {
+        if (mce.name.localName == "mount_proc") {
             var path: String = (mce.arguments.first() as? Literal<*>)?.value as? String ?: "/"
 
             val func =
@@ -70,7 +72,7 @@ class WebBrickPass : Pass() {
                 ) {
                     val init = (statement.singleDeclaration as VariableDeclaration).initializer
 
-                    if (init is MemberCallExpression && init.name == "split") {
+                    if (init is MemberCallExpression && init.name.localName == "split") {
                         if (init.base is MemberCallExpression &&
                                 (init.base as MemberCallExpression).base is
                                     DeclaredReferenceExpression
@@ -87,7 +89,7 @@ class WebBrickPass : Pass() {
             }
 
             val endpoint = HttpEndpoint(NoAuthentication(), func, "GET", path, null, null)
-            endpoint.name = path
+            endpoint.name = Name(path)
 
             handler.httpEndpoints.plusAssign(endpoint)
             app?.functionalities?.plusAssign(endpoint)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
index b634f14..a8510a7 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
@@ -2,15 +2,18 @@ package io.clouditor.graph.testing
 
 import com.fasterxml.jackson.databind.ObjectMapper
 import com.fasterxml.jackson.dataformat.yaml.YAMLFactory
+import com.fasterxml.jackson.module.kotlin.KotlinFeature
 import com.fasterxml.jackson.module.kotlin.KotlinModule
+import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
-import de.fraunhofer.aisec.cpg.passes.Pass
+import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.golang.appendPath
 import java.nio.file.Files
 
-class LocalTestingPass : Pass() {
+class LocalTestingPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun accept(t: TranslationResult) {
         val applications = listOf(App.rootPath)
@@ -25,7 +28,16 @@ class LocalTestingPass : Pass() {
             rootPath.toFile().walkTopDown().iterator().forEach { file ->
                 if (file.name == "config.yml") {
                     val mapper = ObjectMapper(YAMLFactory())
-                    mapper.registerModule(KotlinModule())
+                    mapper.registerModule(
+                        KotlinModule.Builder()
+                            .withReflectionCacheSize(512)
+                            .configure(KotlinFeature.NullToEmptyCollection, false)
+                            .configure(KotlinFeature.NullToEmptyMap, false)
+                            .configure(KotlinFeature.NullIsSameAsDefault, false)
+                            .configure(KotlinFeature.SingletonSupport, false)
+                            .configure(KotlinFeature.StrictNullChecks, false)
+                            .build()
+                    )
 
                     Files.newBufferedReader(file.toPath()).use {
                         val config = mapper.readValue(it, TestConfig::class.java)
@@ -62,7 +74,7 @@ class LocalTestingPass : Pass() {
                     }
                 }
 
-                var tud =
+                val tud =
                     t.components.let {
                         var tud: TranslationUnitDeclaration? = null
                         for (component in it) {
@@ -84,10 +96,10 @@ class LocalTestingPass : Pass() {
                         // mutableListOf(if (tud != null) tud else null)
                         mutableListOf(tud)
                     )
-                application.name = service.name
+                application.name = Name(service.name)
                 t += application
             } else if (service.type.contains("client")) {
-                var tud =
+                val tud =
                     t.components.let {
                         var tud: TranslationUnitDeclaration? = null
                         for (component in it) {
@@ -107,7 +119,7 @@ class LocalTestingPass : Pass() {
                         mutableListOf(),
                         mutableListOf(tud)
                     )
-                application.name = service.name
+                application.name = Name(service.name)
                 t += application
             }
         }
@@ -125,7 +137,7 @@ class LocalTestingPass : Pass() {
                         null,
                         mapOf()
                     )
-                db.name = service.name
+                db.name = Name(service.name)
                 t += db
             }
             if (service.name == "mongo") {
@@ -140,7 +152,7 @@ class LocalTestingPass : Pass() {
                         null,
                         mapOf()
                     )
-                db.name = service.name
+                db.name = Name(service.name)
                 t += db
             }
         }
diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
index 901c670..bcc365c 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
@@ -95,6 +95,7 @@ open class DetectabilityTest {
 
     // D3 Detectable Outliers out of scope
 
+    // FIXME: The new CPG fails to parse VariableDeclarations for ":=" statements
     @Test
     fun testD4Go() {
         val result =
@@ -123,6 +124,10 @@ open class DetectabilityTest {
         assertEquals(0, result.count())
     }
 
+    // FIXME: The new CPG gives no values for prev/next EOG/DFG for CallExpressions, but the CloudPG
+    //      depends on it to resolve the target of the Client creation!
+    // FIXME: DeclaredArgumentExpression has its "refersTo" value null for named arguments
+    //      (e.g. "requests.post(url, json = personal_data)"), was VariableDeclaration before
     @Test
     fun testD4Python() {
         val result =

From fcf7496508cfa3142e51fb9e49f65a5f549b6468 Mon Sep 17 00:00:00 2001
From: Christian Banse <oxisto@aybaze.com>
Date: Mon, 17 Jul 2023 14:34:38 +0200
Subject: [PATCH 02/44] Adding dependency to GoExtraPass

---
 cloudpg/src/main/java/io/clouditor/graph/App.kt            | 3 ---
 .../java/io/clouditor/graph/passes/golang/GinGonicPass.kt  | 7 ++++---
 .../java/io/clouditor/graph/passes/golang/GoCryptoPass.kt  | 3 +++
 .../io/clouditor/graph/passes/golang/GolangHttpPass.kt     | 3 +++
 .../clouditor/graph/passes/golang/GolangHttpRequestPass.kt | 3 +++
 .../java/io/clouditor/graph/passes/golang/GolangLogPass.kt | 3 +++
 6 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/App.kt b/cloudpg/src/main/java/io/clouditor/graph/App.kt
index 26c7bbf..7d00549 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/App.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/App.kt
@@ -14,7 +14,6 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.allChildren
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.helpers.Benchmark
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import io.clouditor.graph.frontends.ruby.RubyLanguage
 import io.clouditor.graph.nodes.Builder
 import io.clouditor.graph.passes.*
@@ -131,8 +130,6 @@ object App : Callable<Int> {
                 .registerLanguage(GoLanguage())
                 .debugParser(true)
                 .defaultPasses()
-                // This pass needs to be executed to have all VariableDeclarations
-                .registerPass(GoExtraPass::class)
                 .registerPass(GitHubWorkflowPass::class)
                 .registerPass(SpringBootPass::class)
                 .registerPass(JaxRsPass::class)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index 9258de0..31100b1 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -10,11 +10,14 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.parseName
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 
+@DependsOn(GoExtraPass::class)
 class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     private val clients = mutableMapOf<VariableDeclaration, HttpRequestHandler>()
 
@@ -64,10 +67,8 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     override fun cleanup() {}
 
     override fun accept(result: TranslationResult) {
-        val translationUnits =
-            result.components.stream().flatMap { it.translationUnits.stream() }.toList()
+        val translationUnits = result.components.flatMap { it.translationUnits }
         for (tu in translationUnits) {
-
             tu.accept(
                 Strategy::AST_FORWARD,
                 object : IVisitor<Node>() {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
index faf4c7c..6a01ed1 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
@@ -6,13 +6,16 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
 
 @Suppress("UNUSED_PARAMETER")
+@DependsOn(GoExtraPass::class)
 class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
index 74949ba..fba981c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
@@ -9,12 +9,15 @@ import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
 
 @Suppress("UNUSED_PARAMETER")
+@DependsOn(GoExtraPass::class)
 class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     private val clients = mutableMapOf<VariableDeclaration, HttpRequestHandler>()
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index 7fba3cf..c6022ef 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -5,6 +5,8 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
@@ -12,6 +14,7 @@ import io.clouditor.graph.passes.HttpClientPass
 
 // This pass is needed only for the local testing mode, since in the testing pass we create the
 // endpoints and only after that we can create the respective requests
+@DependsOn(GoExtraPass::class)
 class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
     override fun cleanup() {}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
index 4555620..e392dc5 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
@@ -6,11 +6,14 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.passes.LogPass
 import kotlin.streams.toList
 
+@DependsOn(GoExtraPass::class)
 class GolangLogPass(ctx: TranslationContext) : LogPass(ctx) {
     override fun accept(result: TranslationResult) {
         val translationUnits =

From 153ae707e8e806fd6b6e58e2fc17795521d9112c Mon Sep 17 00:00:00 2001
From: Christian Banse <oxisto@aybaze.com>
Date: Mon, 17 Jul 2023 14:41:11 +0200
Subject: [PATCH 03/44] Playing around with the order of the passes

---
 .../java/io/clouditor/graph/passes/golang/GinGonicPass.kt    | 5 +++++
 .../clouditor/graph/passes/golang/GolangHttpRequestPass.kt   | 2 ++
 2 files changed, 7 insertions(+)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index 31100b1..1a53af3 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -13,11 +13,16 @@ import de.fraunhofer.aisec.cpg.graph.types.PointerType
 import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
+import io.clouditor.graph.passes.KubernetesPass
+import io.clouditor.graph.testing.LocalTestingPass
 
 @DependsOn(GoExtraPass::class)
+@ExecuteBefore(LocalTestingPass::class)
+@ExecuteBefore(KubernetesPass::class)
 class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     private val clients = mutableMapOf<VariableDeclaration, HttpRequestHandler>()
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index c6022ef..1977203 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -11,10 +11,12 @@ import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
+import io.clouditor.graph.testing.LocalTestingPass
 
 // This pass is needed only for the local testing mode, since in the testing pass we create the
 // endpoints and only after that we can create the respective requests
 @DependsOn(GoExtraPass::class)
+@DependsOn(LocalTestingPass::class)
 class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
     override fun cleanup() {}

From 9694639bc63f12677bc664ee096196b5cf7ea38b Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 27 Jul 2023 10:07:37 +0200
Subject: [PATCH 04/44] bump CPG version to 7.1.2

---
 cloudpg/build.gradle.kts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts
index fb414b7..026c4d7 100644
--- a/cloudpg/build.gradle.kts
+++ b/cloudpg/build.gradle.kts
@@ -70,7 +70,7 @@ repositories {
 
 dependencies {
     implementation("org.junit.jupiter:junit-jupiter:5.7.0")
-    val version = "7.0.0"
+    val version = "7.1.2"
 
     implementation("de.fraunhofer.aisec:cpg-core:$version")
     implementation("de.fraunhofer.aisec:cpg-analysis:$version")

From b2dbe84af27c9fce3a0f4170d75ca182cd4404a9 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 27 Jul 2023 10:07:50 +0200
Subject: [PATCH 05/44] remove FIXME-comment

---
 .../graph/passes/golang/GinGonicPass.kt       | 28 -------------------
 1 file changed, 28 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index 1a53af3..670a49f 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -256,34 +256,6 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         tu: TranslationUnitDeclaration,
         r: VariableDeclaration
     ) {
-        // FIXME: we're missing the following VariableDeclarations:
-        //  (caused by bug in CPG missing VariableDeclarations in shorthand ":=")
-        //      (TestD2Go):
-        //      - in client.go (11:5 - 11:33) with initializer Literal
-        //      - in client.go (12:10 - 15:3) with initializer ConstructExpression
-        //      - in server.go (16:2 - 16:16) with initializer CallExpression
-        //      (TestD2ValidationGo):
-        //      - in client.go (13:2 - 15:3) with initializer ConstructExpression
-        //      - in server.go (16:2 - 16:16) with initializer CallExpression
-        //      (TestD4Go):
-        //      - in client.go (10:5 - 10:33) with initializer Literal
-        //          [name := "firstname lastname"]
-        //      - in client.go (11:2 - 14:3) with initializer ConstructExpression
-        //          [data := url.Values{ "Name": {name}, "Message": {"helloworld"}, }]
-        //      - in server.go (26:5 - 31:6) with Initializer MemberCallExpression
-        //          [dsn := fmt.Sprintf("host=%s user=%s password=%s dbname=%s port=5432
-        //           sslmode=disable", "postgres", "postgres", "postgres", "postgres", )]
-        //      - in server.go (39:2 - 39:16) with Initializer CallExpression
-        //          [r := gin.New()]
-        //      - in server.go (50:2 - 50:36) with Initializer MemberCallExpression
-        //          [name := c.Request.Form.Get("Name")]
-        //      - in server.go (51:2 - 51:42) with Initializer MemberCallExpression
-        //          [message := c.Request.Form.Get("Message")]
-        //      - in server.go (52:5 - 55:6) with Initializer UnaryOperator
-        //          [data := &Data{ Name: name, Message: message, }]
-        //      - in server.go (56:2 - 56:30) with Initializer MemberExpression
-        //          [err := db.Create(data).error]
-        //      (...)
         if (r.initializer is CallExpression &&
                 ((r.initializer as CallExpression).name.toString() == "gin.Default" ||
                     (r.initializer as CallExpression).name.toString() == "gin.New")

From f5ac54ccd509eefd7a7523cc06b1e171ff53569f Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 27 Jul 2023 12:10:24 +0200
Subject: [PATCH 06/44] fix evaluation of body for HttpRequests

---
 .../io/clouditor/graph/passes/HttpClientPass.kt |  5 ++---
 .../passes/golang/GolangHttpRequestPass.kt      | 17 ++++++++++-------
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
index 429ba3b..0a7b6da 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
@@ -17,9 +17,6 @@ abstract class HttpClientPass(ctx: TranslationContext) : TranslationResultPass(c
         body: Expression?,
         app: Application?
     ): HttpRequest {
-        // FIXME (TODO): url = null!
-        // FIXME: body.refersTo = null! (DeclaredReferenceExpression) ä
-        //      -> named argument "json = personal_data"
         val endpoints = getEndpointsForUrl(t, url, method)
         val request = HttpRequest(call, body, endpoints)
         request.name = Name(method)
@@ -32,6 +29,8 @@ abstract class HttpClientPass(ctx: TranslationContext) : TranslationResultPass(c
         call.addPrevDFG(request)
 
         val i = endpoints.firstOrNull()
+        // FIXME: this is null when it previously contained the function "post_data"
+        //  (for test D4_Go with call http.PostForm)
         val f = i?.handler
 
         // for convenience, add DFG edges from return nodes to the point in the code where the
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index 1977203..e0ecca5 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -43,10 +43,16 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
         c: CallExpression
     ) {
         val app = result.findApplicationByTU(tu)
-        // FIXME: There are invokes missing compared to the previous version! (However, there are
-        //  more CallExpressions (many of them being ConstructExpressions or MemberCallExpressions)
-        //  in total!)
         val requestFunction = c.invokes.firstOrNull()
+        // FIXME: the following change is necessary as the "prevDFG" containing the
+        //  "DeclaredReferenceExpression"
+        //  pointing to the declaration of the "data" variable is now in the function itself
+        //  instead of the parameter.
+        //  However, this feels unstable... will the order of the "prevDFG" values always be
+        //  [0]->Param_1, [1]->Param[0] ?
+        // TODO (old) request body: the default value is not correctly set, so we use the
+        //  value that has a dfg edge to the request parameter
+        val body = requestFunction?.prevDFG?.firstOrNull() as? DeclaredReferenceExpression
         if (c.name.toString() == "http.PostForm") {
             createHttpRequest(
                 result,
@@ -54,10 +60,7 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
                 (c.arguments[0] as? Literal<String>)?.value ?: "",
                 c,
                 "POST",
-                // TODO request body: the default value is not correctly set, so we use the
-                // value that has a dfg edge to the request parameter
-                requestFunction?.parameters?.get(1)?.prevDFG?.firstOrNull() as?
-                    DeclaredReferenceExpression,
+                body,
                 app
             )
         } else if (c.name.toString() == "http.PutForm") {

From 8c823d4b654c468dc1cac1bfe507e0ff86d4ed67 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 27 Jul 2023 13:20:16 +0200
Subject: [PATCH 07/44] adapt the query of the D2-Go-tests (explanation in code
 comment)

---
 .../java/io/clouditor/graph/DetectabilityTest.kt     | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
index bcc365c..cf6ed6c 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
@@ -59,10 +59,13 @@ open class DetectabilityTest {
                         "/../ppg-testing-library/Detectability/D2-detectable-communication/Go"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(i:PseudoIdentifier)--()-[:DFG*]->(:HttpRequest) RETURN p"
+                "MATCH p=(i:PseudoIdentifier)-[*2]->()-[:DFG*]->(:HttpRequest) RETURN p"
             )
-        // we expect exactly one threat path
-        assertEquals(1, result.count())
+        // FIXME: we now expect two threat paths since the path changes as following:
+        //  (PseudoIdentifier) -[LabeledNode]> (=) -[RHS]> ("firstname lastname") -[DFG]> (name) ...
+        //  with a direct [Declarations] relation between (=) and (name)
+        //  Therefore there are two possible paths that lead to a "DFG-Path" to the Http-Request
+        assertEquals(2, result.count())
 
         // compare expected nodes
         result.first().apply {
@@ -87,7 +90,7 @@ open class DetectabilityTest {
                         "/../ppg-testing-library/Detectability/D2-detectable-communication/Go-validation"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(i:PseudoIdentifier)--()-[:DFG*]->(:HttpRequest) RETURN p"
+                "MATCH p=(i:PseudoIdentifier)-[*2]->()-[:DFG*]->(:HttpRequest) RETURN p"
             )
         // we expect exactly one threat path
         assertEquals(0, result.count())
@@ -95,7 +98,6 @@ open class DetectabilityTest {
 
     // D3 Detectable Outliers out of scope
 
-    // FIXME: The new CPG fails to parse VariableDeclarations for ":=" statements
     @Test
     fun testD4Go() {
         val result =

From 9f7b0600063f2a40c08536173d80f7b77fc68341 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 27 Jul 2023 13:40:53 +0200
Subject: [PATCH 08/44] add question to code comment

---
 cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
index cf6ed6c..35622d9 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
@@ -65,6 +65,8 @@ open class DetectabilityTest {
         //  (PseudoIdentifier) -[LabeledNode]> (=) -[RHS]> ("firstname lastname") -[DFG]> (name) ...
         //  with a direct [Declarations] relation between (=) and (name)
         //  Therefore there are two possible paths that lead to a "DFG-Path" to the Http-Request
+        //  (in short: the Pseudo-Identifier now points at the "=" instead of the "name" declaration
+        //  directly, is this intended or should we reverse this?)
         assertEquals(2, result.count())
 
         // compare expected nodes

From 34ca07d14f21493d0f648b393f14ffa287c186f8 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 27 Jul 2023 13:57:00 +0200
Subject: [PATCH 09/44] extend comment further

---
 cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
index 35622d9..1b0c9c2 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
@@ -67,6 +67,8 @@ open class DetectabilityTest {
         //  Therefore there are two possible paths that lead to a "DFG-Path" to the Http-Request
         //  (in short: the Pseudo-Identifier now points at the "=" instead of the "name" declaration
         //  directly, is this intended or should we reverse this?)
+        //  Also: what if we mark a variable declaration instead of an Assignment?
+        //  -> we probably should not allow the above query as an easy fix...
         assertEquals(2, result.count())
 
         // compare expected nodes

From ec29130019be2c2f3e6f9a58d3a71b54ba24c582 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 27 Jul 2023 14:35:50 +0200
Subject: [PATCH 10/44] revert adaptation of D2 test query

---
 .../java/io/clouditor/graph/DetectabilityTest.kt     | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
index 1b0c9c2..81e3da0 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
@@ -59,16 +59,20 @@ open class DetectabilityTest {
                         "/../ppg-testing-library/Detectability/D2-detectable-communication/Go"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(i:PseudoIdentifier)-[*2]->()-[:DFG*]->(:HttpRequest) RETURN p"
+                "MATCH p=(i:PseudoIdentifier)--()-[:DFG*]->(:HttpRequest) RETURN p"
             )
-        // FIXME: we now expect two threat paths since the path changes as following:
+        // FIXME: The path changes as following:
         //  (PseudoIdentifier) -[LabeledNode]> (=) -[RHS]> ("firstname lastname") -[DFG]> (name) ...
         //  with a direct [Declarations] relation between (=) and (name)
         //  Therefore there are two possible paths that lead to a "DFG-Path" to the Http-Request
         //  (in short: the Pseudo-Identifier now points at the "=" instead of the "name" declaration
         //  directly, is this intended or should we reverse this?)
         //  Also: what if we mark a variable declaration instead of an Assignment?
-        //  -> we probably should not allow the above query as an easy fix...
+        //  -> we probably should not allow to just extend the query as an easy fix...
+        //  Also: current implementation does not handle "pulling apart the assignment" as:
+        //  var name string
+        //  name = "firstname lastname"
+        //  -> In this case, the Identifier is no longer connected to the HttpRequest!
         assertEquals(2, result.count())
 
         // compare expected nodes
@@ -94,7 +98,7 @@ open class DetectabilityTest {
                         "/../ppg-testing-library/Detectability/D2-detectable-communication/Go-validation"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(i:PseudoIdentifier)-[*2]->()-[:DFG*]->(:HttpRequest) RETURN p"
+                "MATCH p=(i:PseudoIdentifier)--()-[:DFG*]->(:HttpRequest) RETURN p"
             )
         // we expect exactly one threat path
         assertEquals(0, result.count())

From 57c1be02d2096e24b577034d336338831aa9f9e6 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 7 Aug 2023 12:28:06 +0200
Subject: [PATCH 11/44] Add special case for AssignExpressions; Add the label
 to every corresponding VariableDeclaration

---
 .../io/clouditor/graph/passes/LabelExtractionPass.kt   | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index c6013ae..d9cdf8a 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -10,15 +10,19 @@ import de.fraunhofer.aisec.cpg.graph.declarations.RecordDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.DeclarationStatement
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
+import de.fraunhofer.aisec.cpg.graph.statements.expressions.AssignExpression
+import de.fraunhofer.aisec.cpg.graph.statements.expressions.DeclaredReferenceExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import io.clouditor.graph.nodes.labels.*
 import io.clouditor.graph.plusAssign
 import java.util.function.Consumer
 import java.util.function.Predicate
 import java.util.stream.Collectors
 
+@DependsOn(DFGExtensionPass::class)
 class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     private val predicatesToHandle: MutableMap<Predicate<Node>, Consumer<Node>> = mutableMapOf()
@@ -273,6 +277,7 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
     }
 
     inline fun <reified T : Label> labelCreationDispatcher(node: Node): T {
+        val node = node
         val label: T = initLabel<T>(node)
         when (node) {
             is FunctionDeclaration -> {
@@ -295,6 +300,11 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
                     }
                 usages.forEach { addLabelToDFGBorderEdges(it.end, label) }
             }
+            is AssignExpression -> {
+                val variableDeclarations =
+                    node.lhs.filterIsInstance<DeclaredReferenceExpression>().map { it.refersTo }
+                variableDeclarations.forEach { addLabelToDFGBorderEdges(it as Node, label) }
+            }
             else -> {
                 addLabelToDFGBorderEdges(node, label)
             }

From eb4f478c712e2e373038785100127910db271765 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 7 Aug 2023 12:28:43 +0200
Subject: [PATCH 12/44] change dependencies of go passes

---
 .../main/java/io/clouditor/graph/passes/DFGExtensionPass.kt   | 3 +++
 .../java/io/clouditor/graph/passes/golang/GinGonicPass.kt     | 4 ++--
 .../java/io/clouditor/graph/passes/golang/GoCryptoPass.kt     | 4 ++--
 .../java/io/clouditor/graph/passes/golang/GolangHttpPass.kt   | 4 ++--
 .../io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt | 4 ++--
 .../java/io/clouditor/graph/passes/golang/GolangLogPass.kt    | 4 ++--
 6 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index 8e86651..8bd61d4 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -10,7 +10,9 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression
 import de.fraunhofer.aisec.cpg.graph.types.ObjectType
 import de.fraunhofer.aisec.cpg.graph.types.Type
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import io.clouditor.graph.plusAssign
 import java.util.*
 
@@ -20,6 +22,7 @@ import java.util.*
  * expression. Normally no data flows from the base to the member expression. FOr this use case,
  * however, the mere usage of a base causes labels to be relevant for the member expression.
  */
+@DependsOn(GoExtraPass::class)
 class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun accept(t: TranslationResult) {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index 670a49f..d33756b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -10,7 +10,6 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.parseName
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore
@@ -18,9 +17,10 @@ import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.KubernetesPass
+import io.clouditor.graph.passes.LabelExtractionPass
 import io.clouditor.graph.testing.LocalTestingPass
 
-@DependsOn(GoExtraPass::class)
+@DependsOn(LabelExtractionPass::class)
 @ExecuteBefore(LocalTestingPass::class)
 @ExecuteBefore(KubernetesPass::class)
 class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
index 6a01ed1..d6b46b5 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
@@ -6,16 +6,16 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
+import io.clouditor.graph.passes.LabelExtractionPass
 
 @Suppress("UNUSED_PARAMETER")
-@DependsOn(GoExtraPass::class)
+@DependsOn(LabelExtractionPass::class)
 class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
index fba981c..1d39640 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
@@ -9,15 +9,15 @@ import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
+import io.clouditor.graph.passes.LabelExtractionPass
 
 @Suppress("UNUSED_PARAMETER")
-@DependsOn(GoExtraPass::class)
+@DependsOn(LabelExtractionPass::class)
 class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     private val clients = mutableMapOf<VariableDeclaration, HttpRequestHandler>()
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index e0ecca5..a69af2a 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -5,17 +5,17 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
+import io.clouditor.graph.passes.LabelExtractionPass
 import io.clouditor.graph.testing.LocalTestingPass
 
 // This pass is needed only for the local testing mode, since in the testing pass we create the
 // endpoints and only after that we can create the respective requests
-@DependsOn(GoExtraPass::class)
+@DependsOn(LabelExtractionPass::class)
 @DependsOn(LocalTestingPass::class)
 class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
index e392dc5..e1a313d 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
@@ -6,14 +6,14 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
+import io.clouditor.graph.passes.LabelExtractionPass
 import io.clouditor.graph.passes.LogPass
 import kotlin.streams.toList
 
-@DependsOn(GoExtraPass::class)
+@DependsOn(LabelExtractionPass::class)
 class GolangLogPass(ctx: TranslationContext) : LogPass(ctx) {
     override fun accept(result: TranslationResult) {
         val translationUnits =

From dd97a825294923e0e38c4b11a1258b331b635942 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 14 Aug 2023 10:20:59 +0200
Subject: [PATCH 13/44] flip pass order again

---
 .../io/clouditor/graph/passes/LabelExtractionPass.kt     | 3 ++-
 .../io/clouditor/graph/passes/golang/GinGonicPass.kt     | 9 ++++++---
 .../io/clouditor/graph/passes/golang/GoCryptoPass.kt     | 4 ++--
 .../io/clouditor/graph/passes/golang/GolangHttpPass.kt   | 4 ++--
 .../graph/passes/golang/GolangHttpRequestPass.kt         | 4 ++--
 .../io/clouditor/graph/passes/golang/GolangLogPass.kt    | 4 ++--
 6 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index d9cdf8a..b718e0a 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -14,6 +14,7 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.AssignExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.DeclaredReferenceExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import io.clouditor.graph.nodes.labels.*
@@ -22,7 +23,7 @@ import java.util.function.Consumer
 import java.util.function.Predicate
 import java.util.stream.Collectors
 
-@DependsOn(DFGExtensionPass::class)
+@DependsOn(GoExtraPass::class)
 class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     private val predicatesToHandle: MutableMap<Predicate<Node>, Consumer<Node>> = mutableMapOf()
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index d33756b..dd16aa8 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -10,6 +10,7 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.parseName
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore
@@ -17,10 +18,9 @@ import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.KubernetesPass
-import io.clouditor.graph.passes.LabelExtractionPass
 import io.clouditor.graph.testing.LocalTestingPass
 
-@DependsOn(LabelExtractionPass::class)
+@DependsOn(GoExtraPass::class)
 @ExecuteBefore(LocalTestingPass::class)
 @ExecuteBefore(KubernetesPass::class)
 class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
@@ -114,8 +114,11 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
             val client = clients[(m.base as DeclaredReferenceExpression).refersTo]
             val app = result.findApplicationByTU(tu)
 
+            // FIXME: we are (again?) missing the "refersTo" field in our
+            // DeclaredReferenceExpression
             val funcDeclaration =
-                (m.arguments[1] as? DeclaredReferenceExpression)?.refersTo as? FunctionDeclaration
+                (m.arguments.getOrNull(1) as? DeclaredReferenceExpression)?.refersTo as?
+                    FunctionDeclaration
             if (m.name.localName == "GET" || m.name.localName == "POST" || m.name.localName == "PUT"
             ) {
                 val endpoint =
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
index d6b46b5..6a01ed1 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
@@ -6,16 +6,16 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
-import io.clouditor.graph.passes.LabelExtractionPass
 
 @Suppress("UNUSED_PARAMETER")
-@DependsOn(LabelExtractionPass::class)
+@DependsOn(GoExtraPass::class)
 class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
index 1d39640..fba981c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
@@ -9,15 +9,15 @@ import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
-import io.clouditor.graph.passes.LabelExtractionPass
 
 @Suppress("UNUSED_PARAMETER")
-@DependsOn(LabelExtractionPass::class)
+@DependsOn(GoExtraPass::class)
 class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     private val clients = mutableMapOf<VariableDeclaration, HttpRequestHandler>()
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index a69af2a..e0ecca5 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -5,17 +5,17 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
-import io.clouditor.graph.passes.LabelExtractionPass
 import io.clouditor.graph.testing.LocalTestingPass
 
 // This pass is needed only for the local testing mode, since in the testing pass we create the
 // endpoints and only after that we can create the respective requests
-@DependsOn(LabelExtractionPass::class)
+@DependsOn(GoExtraPass::class)
 @DependsOn(LocalTestingPass::class)
 class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
index e1a313d..e392dc5 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
@@ -6,14 +6,14 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
-import io.clouditor.graph.passes.LabelExtractionPass
 import io.clouditor.graph.passes.LogPass
 import kotlin.streams.toList
 
-@DependsOn(LabelExtractionPass::class)
+@DependsOn(GoExtraPass::class)
 class GolangLogPass(ctx: TranslationContext) : LogPass(ctx) {
     override fun accept(result: TranslationResult) {
         val translationUnits =

From 440ba7a274065fabd7282a85ceb87ccd36841585 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 14 Aug 2023 11:15:08 +0200
Subject: [PATCH 14/44] fix extraction of the Http request function body

---
 .../clouditor/graph/passes/golang/GolangHttpRequestPass.kt | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index e0ecca5..664c505 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -48,11 +48,12 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
         //  "DeclaredReferenceExpression"
         //  pointing to the declaration of the "data" variable is now in the function itself
         //  instead of the parameter.
-        //  However, this feels unstable... will the order of the "prevDFG" values always be
-        //  [0]->Param_1, [1]->Param[0] ?
+        //  However, I'm not sure whether this is the best way to go about it
         // TODO (old) request body: the default value is not correctly set, so we use the
         //  value that has a dfg edge to the request parameter
-        val body = requestFunction?.prevDFG?.firstOrNull() as? DeclaredReferenceExpression
+        val body =
+            requestFunction?.prevDFG?.firstOrNull { it is DeclaredReferenceExpression } as
+                DeclaredReferenceExpression
         if (c.name.toString() == "http.PostForm") {
             createHttpRequest(
                 result,

From 537ebbc617133e86c6ec7e9a081a94206abb92d6 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 14 Aug 2023 11:15:30 +0200
Subject: [PATCH 15/44] add Pass dependencies

---
 .../main/java/io/clouditor/graph/passes/LabelExtractionPass.kt | 1 +
 .../main/java/io/clouditor/graph/testing/LocalTestingPass.kt   | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index b718e0a..3e6a4ae 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -24,6 +24,7 @@ import java.util.function.Predicate
 import java.util.stream.Collectors
 
 @DependsOn(GoExtraPass::class)
+@DependsOn(DFGExtensionPass::class)
 class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     private val predicatesToHandle: MutableMap<Predicate<Node>, Consumer<Node>> = mutableMapOf()
diff --git a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
index a8510a7..189d224 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
@@ -9,10 +9,13 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import io.clouditor.graph.*
+import io.clouditor.graph.passes.golang.GinGonicPass
 import io.clouditor.graph.passes.golang.appendPath
 import java.nio.file.Files
 
+@DependsOn(GinGonicPass::class)
 class LocalTestingPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun accept(t: TranslationResult) {

From 68d56445aa7acf464c753160c74388f61a57ef6f Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 14 Aug 2023 11:22:12 +0200
Subject: [PATCH 16/44] remove comment as this was fixed in the
 LabelExtractionPass

---
 .../java/io/clouditor/graph/DetectabilityTest.kt     | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
index 81e3da0..5023c4f 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
@@ -61,18 +61,6 @@ open class DetectabilityTest {
                 listOf(Path(".")),
                 "MATCH p=(i:PseudoIdentifier)--()-[:DFG*]->(:HttpRequest) RETURN p"
             )
-        // FIXME: The path changes as following:
-        //  (PseudoIdentifier) -[LabeledNode]> (=) -[RHS]> ("firstname lastname") -[DFG]> (name) ...
-        //  with a direct [Declarations] relation between (=) and (name)
-        //  Therefore there are two possible paths that lead to a "DFG-Path" to the Http-Request
-        //  (in short: the Pseudo-Identifier now points at the "=" instead of the "name" declaration
-        //  directly, is this intended or should we reverse this?)
-        //  Also: what if we mark a variable declaration instead of an Assignment?
-        //  -> we probably should not allow to just extend the query as an easy fix...
-        //  Also: current implementation does not handle "pulling apart the assignment" as:
-        //  var name string
-        //  name = "firstname lastname"
-        //  -> In this case, the Identifier is no longer connected to the HttpRequest!
         assertEquals(2, result.count())
 
         // compare expected nodes

From dff95303e68128b1a74a0f49a5eca0a098d0fb90 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 21 Aug 2023 12:25:27 +0200
Subject: [PATCH 17/44] remove/change several FIXME-comments to narrow down the
 problem

---
 .../graph/frontends/ruby/ExpressionHandler.kt        |  2 +-
 .../io/clouditor/graph/passes/DFGExtensionPass.kt    |  1 -
 .../java/io/clouditor/graph/passes/HttpClientPass.kt |  2 --
 .../io/clouditor/graph/passes/HttpStatusCodesPass.kt |  2 +-
 .../io/clouditor/graph/passes/golang/GinGonicPass.kt | 11 ++++++-----
 .../io/clouditor/graph/passes/golang/GoCryptoPass.kt |  2 --
 .../graph/passes/golang/GolangHttpRequestPass.kt     |  5 -----
 .../graph/passes/python/CryptographyPass.kt          |  6 ++----
 .../io/clouditor/graph/passes/python/RequestsPass.kt | 12 ++----------
 .../java/io/clouditor/graph/DetectabilityTest.kt     |  4 ----
 10 files changed, 12 insertions(+), 35 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt
index ddb5413..ab569f5 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt
@@ -26,7 +26,7 @@ class ExpressionHandler(lang: RubyLanguageFrontend) :
         if (node !is FCallNode) {
             return null
         }
-        // FIXME: what is this? Unimplemented or intentional?
+        // TODO
         return null
     }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index 8bd61d4..6a70050 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -83,7 +83,6 @@ class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
             derefType = type.dereference()
             type = tmp
         }
-        // FIXME: always null
         return type as? ObjectType
     }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
index 0a7b6da..4c05101 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
@@ -29,8 +29,6 @@ abstract class HttpClientPass(ctx: TranslationContext) : TranslationResultPass(c
         call.addPrevDFG(request)
 
         val i = endpoints.firstOrNull()
-        // FIXME: this is null when it previously contained the function "post_data"
-        //  (for test D4_Go with call http.PostForm)
         val f = i?.handler
 
         // for convenience, add DFG edges from return nodes to the point in the code where the
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt
index ea24a21..ad41adb 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt
@@ -16,7 +16,7 @@ class HttpStatusCodesPass(ctx: TranslationContext) : TranslationResultPass(ctx)
         result.additionalNodes.filterIsInstance(HttpEndpoint::class.java).forEach {
             (it.handler?.body as CompoundStatement).statements.forEach {
                 if (it is ReturnStatement) {
-                    // FIXME I think this is missing something
+                    // TODO
                 }
             }
         }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index dd16aa8..7881b6b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -114,13 +114,14 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
             val client = clients[(m.base as DeclaredReferenceExpression).refersTo]
             val app = result.findApplicationByTU(tu)
 
-            // FIXME: we are (again?) missing the "refersTo" field in our
-            // DeclaredReferenceExpression
-            val funcDeclaration =
-                (m.arguments.getOrNull(1) as? DeclaredReferenceExpression)?.refersTo as?
-                    FunctionDeclaration
             if (m.name.localName == "GET" || m.name.localName == "POST" || m.name.localName == "PUT"
             ) {
+                // FIXME: we are missing the "refersTo" field in our DeclaredReferenceExpression.
+                //  Any references to FunctionDeclarations seem to be null;
+                //  It does not matter whether we do it indirectly (f := post_data)
+                var funcDeclaration =
+                    (m.arguments.getOrNull(1) as? DeclaredReferenceExpression)?.refersTo as?
+                        FunctionDeclaration
                 val endpoint =
                     HttpEndpoint(
                         NoAuthentication(),
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
index 6a01ed1..71948ea 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
@@ -43,8 +43,6 @@ class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         if (c.name.toString() == "ed25519.Sign") {
             // the text that is signed is the second argument
             val textToBeSigned = c.arguments[1] as DeclaredReferenceExpression
-            // FIXME: Safety measures added later; they were not necessary with the previous CPG
-            //  version. This can mean that the expected value differs from before (not null/empty).
             val plainText = textToBeSigned.refersTo as? VariableDeclaration
             val signature = Signature(plainText, c.nextDFG.firstOrNull() as? VariableDeclaration)
             t += signature
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index 664c505..2db620f 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -44,11 +44,6 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     ) {
         val app = result.findApplicationByTU(tu)
         val requestFunction = c.invokes.firstOrNull()
-        // FIXME: the following change is necessary as the "prevDFG" containing the
-        //  "DeclaredReferenceExpression"
-        //  pointing to the declaration of the "data" variable is now in the function itself
-        //  instead of the parameter.
-        //  However, I'm not sure whether this is the best way to go about it
         // TODO (old) request body: the default value is not correctly set, so we use the
         //  value that has a dfg edge to the request parameter
         val body =
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
index 8284fbb..a8a3698 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
@@ -31,10 +31,8 @@ class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                         // look for key.sign()
                         if (t.name.localName == "sign") {
                             val privateKey = t.base as DeclaredReferenceExpression
-                            // FIXME ( TODO): Safety measures added later; they were not necessary
-                            //  with the previous CPG version.
-                            //  This can mean that the expected value differs from
-                            //  before (not null/empty).
+                            // FIXME: As with the other issues, the DeclaredReferenceExpression is
+                            //  missing its target (refersTo)
                             val generator = privateKey.prevDFG.firstOrNull() as? CallExpression
                             if (generator?.name?.localName == "generate_private_key") {
                                 handleSignature(tu, result, t)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
index 07785c7..aa52276 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
@@ -25,11 +25,6 @@ class RequestsPass(ctx: TranslationContext) : HttpClientPass(ctx) {
                 Strategy::AST_FORWARD,
                 object : IVisitor<Node>() {
                     fun visit(t: MemberCallExpression) {
-                        // FIXME: first part of the name is UNKNOWN when it was previously
-                        //  not (e.g. UNKNOWN.Sprintf instead of fmt.Sprintf)
-                        //  this is not important for this check but still worth
-                        //  investigating
-                        // FIXME: it seems we are also missing some Expressions
                         // look for requests.get()
                         if (t.name.localName == "get" && t.base?.name?.localName == "requests") {
                             handleClientRequest(tu, result, t, "GET")
@@ -53,13 +48,10 @@ class RequestsPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     ) {
         val app = t.findApplicationByTU(tu)
 
-        // FIXME: "refersTo" in DeclaredReferenceExpression is null when it should not be
-        // (testD2Python)
+        // FIXME: "refersTo" in DeclaredReferenceExpression of the first argument is null when it
+        //  should not be (testD2Python)
         val url = PythonValueResolver(app).resolve(r.arguments.first())
 
-        // FIXME: Safety measures added later; they were not necessary with the previous CPG
-        // version.
-        // FIXME: This can mean that the expected value differs from before (not null/empty).
         createHttpRequest(t, url as String, r, method, r.arguments.getOrNull(1), app)
     }
 }
diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
index 5023c4f..6e3eaf8 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
@@ -122,10 +122,6 @@ open class DetectabilityTest {
         assertEquals(0, result.count())
     }
 
-    // FIXME: The new CPG gives no values for prev/next EOG/DFG for CallExpressions, but the CloudPG
-    //      depends on it to resolve the target of the Client creation!
-    // FIXME: DeclaredArgumentExpression has its "refersTo" value null for named arguments
-    //      (e.g. "requests.post(url, json = personal_data)"), was VariableDeclaration before
     @Test
     fun testD4Python() {
         val result =

From 02459dd669ce20e3da53bdf6f98b1ad46692139f Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 21 Aug 2023 12:27:00 +0200
Subject: [PATCH 18/44] remove some warnings

---
 .../main/java/io/clouditor/graph/passes/DFGExtensionPass.kt   | 1 -
 .../java/io/clouditor/graph/passes/golang/GinGonicPass.kt     | 2 +-
 cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt | 4 ++--
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index 6a70050..64524fd 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -13,7 +13,6 @@ import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
 import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
-import io.clouditor.graph.plusAssign
 import java.util.*
 
 /**
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index 7881b6b..e80b443 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -119,7 +119,7 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                 // FIXME: we are missing the "refersTo" field in our DeclaredReferenceExpression.
                 //  Any references to FunctionDeclarations seem to be null;
                 //  It does not matter whether we do it indirectly (f := post_data)
-                var funcDeclaration =
+                val funcDeclaration =
                     (m.arguments.getOrNull(1) as? DeclaredReferenceExpression)?.refersTo as?
                         FunctionDeclaration
                 val endpoint =
diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
index 6e3eaf8..3f1afbf 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
@@ -25,7 +25,7 @@ open class DetectabilityTest {
         assertEquals(1, result.count())
 
         result.first().apply {
-            var path = this.get("p") as Array<*>
+            val path = this.get("p") as Array<*>
             // the first node should be the label
             val firstNode = (path.first() as InternalPath.SelfContainedSegment).start()
             assert(firstNode.labels().contains("PseudoIdentifier"))
@@ -67,7 +67,7 @@ open class DetectabilityTest {
         result.first().apply {
             // get the path; the path contains multiple sub-paths, each one connecting two nodes via
             // an edge
-            var path = this.get("p") as Array<*>
+            val path = this.get("p") as Array<*>
             // the first node should be the label
             val firstNode = (path.first() as InternalPath.SelfContainedSegment).start()
             assert(firstNode.labels().contains("PseudoIdentifier"))

From 818e27fc194e4da56cd29750b0862286ee3ca4fc Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 24 Aug 2023 12:22:28 +0200
Subject: [PATCH 19/44] provide a fix for the python requests Pass by making it
 depend on the GoExtraPass

---
 .../java/io/clouditor/graph/passes/python/RequestsPass.kt    | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
index aa52276..d951e3f 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
@@ -5,11 +5,14 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
 
+@DependsOn(GoExtraPass::class)
 class RequestsPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
     override fun cleanup() {
@@ -48,8 +51,6 @@ class RequestsPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     ) {
         val app = t.findApplicationByTU(tu)
 
-        // FIXME: "refersTo" in DeclaredReferenceExpression of the first argument is null when it
-        //  should not be (testD2Python)
         val url = PythonValueResolver(app).resolve(r.arguments.first())
 
         createHttpRequest(t, url as String, r, method, r.arguments.getOrNull(1), app)

From 3c36d518d2ddd0bd35f9bcb98f790debdd3bc5e1 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 24 Aug 2023 12:37:02 +0200
Subject: [PATCH 20/44] change the way the key generator is resolved

---
 .../io/clouditor/graph/passes/python/CryptographyPass.kt  | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
index a8a3698..7e33f86 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
@@ -6,13 +6,16 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
+import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
 
 @Suppress("UNUSED_PARAMETER")
+@DependsOn(GoExtraPass::class)
 class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {
@@ -33,7 +36,10 @@ class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                             val privateKey = t.base as DeclaredReferenceExpression
                             // FIXME: As with the other issues, the DeclaredReferenceExpression is
                             //  missing its target (refersTo)
-                            val generator = privateKey.prevDFG.firstOrNull() as? CallExpression
+                            val generator =
+                                (privateKey.prevDFG.firstOrNull() as? VariableDeclaration)
+                                    ?.initializer as?
+                                    CallExpression
                             if (generator?.name?.localName == "generate_private_key") {
                                 handleSignature(tu, result, t)
                             }

From daefdfb71399e895b31388ba3859e014ffd50b69 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 28 Aug 2023 11:18:24 +0200
Subject: [PATCH 21/44] add Pass Dependencies

---
 .../java/io/clouditor/graph/passes/golang/GinGonicPass.kt   | 4 ++++
 .../java/io/clouditor/graph/passes/golang/GoCryptoPass.kt   | 4 ++++
 .../io/clouditor/graph/passes/python/CryptographyPass.kt    | 6 ++++--
 .../java/io/clouditor/graph/passes/python/RequestsPass.kt   | 6 ++++--
 4 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index e80b443..0f1bd2c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -10,8 +10,10 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.parseName
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
+import de.fraunhofer.aisec.cpg.passes.CallResolver
 import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore
 import de.fraunhofer.aisec.cpg.processing.IVisitor
@@ -21,6 +23,8 @@ import io.clouditor.graph.passes.KubernetesPass
 import io.clouditor.graph.testing.LocalTestingPass
 
 @DependsOn(GoExtraPass::class)
+@DependsOn(CallResolver::class)
+@DependsOn(VariableUsageResolver::class)
 @ExecuteBefore(LocalTestingPass::class)
 @ExecuteBefore(KubernetesPass::class)
 class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
index 71948ea..287acf7 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
@@ -6,8 +6,10 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
+import de.fraunhofer.aisec.cpg.passes.CallResolver
 import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
@@ -16,6 +18,8 @@ import io.clouditor.graph.nodes.Signature
 
 @Suppress("UNUSED_PARAMETER")
 @DependsOn(GoExtraPass::class)
+@DependsOn(CallResolver::class)
+@DependsOn(VariableUsageResolver::class)
 class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
index 7e33f86..f884f7b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
@@ -6,8 +6,9 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.CallResolver
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
@@ -15,7 +16,8 @@ import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
 
 @Suppress("UNUSED_PARAMETER")
-@DependsOn(GoExtraPass::class)
+@DependsOn(CallResolver::class)
+@DependsOn(VariableUsageResolver::class)
 class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
index d951e3f..3bda002 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
@@ -5,14 +5,16 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.CallResolver
+import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
 
-@DependsOn(GoExtraPass::class)
+@DependsOn(CallResolver::class)
+@DependsOn(VariableUsageResolver::class)
 class RequestsPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
     override fun cleanup() {

From b644437cfee672ba5e49f84da42a9cd3d9cbae83 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 28 Aug 2023 11:20:12 +0200
Subject: [PATCH 22/44] use the resolved VariableDeclaration when we want to
 add a Label to a DeclarationStatement

---
 .../io/clouditor/graph/passes/LabelExtractionPass.kt     | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index 3e6a4ae..e841319 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -297,10 +297,11 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
                 // To connect to all border edges, we first need to iterate through all declared
                 // variables and find their USAGEs
                 val usages =
-                    node.declarations.filterIsInstance<VariableDeclaration>().flatMap {
-                        it.usageEdges
-                    }
-                usages.forEach { addLabelToDFGBorderEdges(it.end, label) }
+                    node.declarations
+                        .filterIsInstance<VariableDeclaration>()
+                        .flatMap { it.usageEdges.map { edge -> edge.end.refersTo } }
+                        .toSet()
+                usages.forEach { addLabelToDFGBorderEdges(it as Node, label) }
             }
             is AssignExpression -> {
                 val variableDeclarations =

From e570174d9b72bc5e9f4e8f0f3bfd915cd87dd29e Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 28 Aug 2023 11:22:30 +0200
Subject: [PATCH 23/44] double the expected result paths as there are now two
 paths from the "plain_text" to the "message" (one of it via its inclusion in
 "signature"). This doubles the original two results (there are two
 HttpEndpoint nodes)

---
 cloudpg/src/test/java/io/clouditor/graph/NonRepudiationTest.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/NonRepudiationTest.kt b/cloudpg/src/test/java/io/clouditor/graph/NonRepudiationTest.kt
index c7b0735..3d161d8 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/NonRepudiationTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/NonRepudiationTest.kt
@@ -20,7 +20,7 @@ open class NonRepudiationTest {
                 listOf(Path(".")),
                 "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(hr:HttpRequest)-[:DFG*]->(:HttpEndpoint) WHERE (:Signature)--(n)-[:DFG*]->(hr) AND (:Signature)-[:SIGNATURE]->()-[:DFG*]->(hr) RETURN p"
             )
-        assertEquals(2, result.count())
+        assertEquals(4, result.count())
 
         result.first().apply {
             val path = this.get("p") as Array<*>

From 8f41e67fc31b71828056a5adca3585552ff57a3b Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 31 Aug 2023 11:47:16 +0200
Subject: [PATCH 24/44] add necessary pass dependencies for flask pass

---
 .../main/java/io/clouditor/graph/passes/python/FlaskPass.kt  | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
index 505b600..2c56c7a 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
@@ -10,12 +10,17 @@ import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
+import de.fraunhofer.aisec.cpg.passes.CallResolver
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
+import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 
 @Suppress("UNUSED_PARAMETER")
+@DependsOn(CallResolver::class)
+@DependsOn(VariableUsageResolver::class)
 class FlaskPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     // for now, assume, that we have one Flask application per analysis
     // this might not be the case everytime

From bb94f57b1e2129b0d613a37f6f73d7a437f2340f Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Thu, 7 Sep 2023 10:56:57 +0200
Subject: [PATCH 25/44] add necessary pass dependencies for flask pass (fixes
 U3Python)

---
 .../java/io/clouditor/graph/passes/python/PyMongoPass.kt     | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
index 1dce34b..499d114 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
@@ -6,6 +6,9 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression
+import de.fraunhofer.aisec.cpg.passes.CallResolver
+import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
+import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
@@ -14,6 +17,8 @@ import io.clouditor.graph.passes.DatabaseOperationPass
 import java.net.URI
 
 @Suppress("UNUSED_PARAMETER")
+@DependsOn(CallResolver::class)
+@DependsOn(VariableUsageResolver::class)
 class PyMongoPass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
     val clients: MutableMap<Node, DatabaseConnect> = mutableMapOf()

From 296512ceaa65c03d119f02296851f0c4e8d40c02 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 25 Sep 2023 10:51:37 +0200
Subject: [PATCH 26/44] increase the expected number of results to two since
 the PI is now linked to the "identifier" variable as well as the url.Values
 CallExpression

---
 cloudpg/src/test/java/io/clouditor/graph/DisclosureTest.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/DisclosureTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DisclosureTest.kt
index 876bd32..1eaebc9 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DisclosureTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DisclosureTest.kt
@@ -21,7 +21,7 @@ open class DisclosureTest {
                 listOf(Path(".")),
                 "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:ProxiedEndpoint) WHERE NOT EXISTS ((h)--(:TransportEncryption)) RETURN p"
             )
-        assertEquals(1, result.count())
+        assertEquals(2, result.count())
 
         result.first().apply {
             var path = this.get("p") as Array<*>

From de6271668946a9ca45f322c53bbb9474cfa593fa Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 25 Sep 2023 10:58:15 +0200
Subject: [PATCH 27/44] double the expected amount of results because of the
 new paths

---
 cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt
index f8ca2b6..3e8e95c 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt
@@ -23,7 +23,7 @@ open class IdentifiabilityTest {
                 listOf(Path(".")),
                 "MATCH p=(:Identifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p"
             )
-        assertEquals(2, result.count())
+        assertEquals(4, result.count())
 
         result.first().apply {
             var path = this.get("p") as Array<*>

From a02d5b343e289c9ca8f60a6269c30eb14bceac49 Mon Sep 17 00:00:00 2001
From: Robert Haimerl <robert.haimerl@aisec.fraunhofer.de>
Date: Mon, 25 Sep 2023 11:04:18 +0200
Subject: [PATCH 28/44] changed other test cases where number of paths doubled

---
 cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt     | 2 +-
 .../src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt
index f1bd5db..5dcd45e 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt
@@ -23,7 +23,7 @@ open class LinkabilityTest {
                 listOf(Path(".")),
                 "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p"
             )
-        assertEquals(2, result.count())
+        assertEquals(4, result.count())
 
         result.first().apply {
             var path = this.get("p") as Array<*>
diff --git a/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt b/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt
index 4682dc8..0f1da65 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt
@@ -60,7 +60,7 @@ open class PolicyNonComplianceTest {
             )
         // in this case, 2 paths are expected because there are two HttpEndpoints that the
         // Identifier crosses: A proxied endpoint and the actual one
-        assertEquals(2, result.count())
+        assertEquals(4, result.count())
 
         result.first().apply {
             var path = this.get("p") as Array<*>

From d3a5eaf287bae75c5ab1eb55fc07d6da99634de9 Mon Sep 17 00:00:00 2001
From: "Kunz, Immanuel" <immanuel.kunz@aisec.fraunhofer.de>
Date: Wed, 17 Apr 2024 11:19:35 +0200
Subject: [PATCH 29/44] upgrade to cpgv8

---
 build.gradle.kts                              |   2 +-
 cloudpg/build.gradle.kts                      |   8 +-
 .../src/main/java/io/clouditor/graph/App.kt   |   6 +-
 .../java/io/clouditor/graph/ValueResolver.kt  |  12 +-
 .../frontends/ruby/DeclarationHandler.kt      |  29 ---
 .../graph/frontends/ruby/ExpressionHandler.kt | 180 ------------------
 .../graph/frontends/ruby/RubyLanguage.kt      |  61 ------
 .../frontends/ruby/RubyLanguageFrontend.kt    |  72 -------
 .../graph/frontends/ruby/StatementHandler.kt  |  50 -----
 .../clouditor/graph/github/WorkflowHandler.kt |   1 +
 .../java/io/clouditor/graph/passes/Azure.kt   |  24 +--
 .../graph/passes/DFGExtensionPass.kt          |  20 +-
 .../graph/passes/DatabaseOperationPass.kt     |   6 +-
 .../graph/passes/GormDatabasePass.kt          |   1 +
 .../graph/passes/HttpStatusCodesPass.kt       |   4 +-
 .../graph/passes/LabelExtractionPass.kt       |   4 +-
 .../graph/passes/golang/GinGonicPass.kt       |  21 +-
 .../graph/passes/golang/GoCryptoPass.kt       |  11 +-
 .../graph/passes/golang/GolangHttpPass.kt     |  10 +-
 .../passes/golang/GolangHttpRequestPass.kt    |   8 +-
 .../graph/passes/java/JaxRsClientPass.kt      |  13 +-
 .../clouditor/graph/passes/java/JaxRsPass.kt  |   1 +
 .../graph/passes/java/SpringBootPass.kt       |   1 +
 .../io/clouditor/graph/passes/js/FetchPass.kt |   1 +
 .../clouditor/graph/passes/js/JSHttpPass.kt   |   6 +-
 .../graph/passes/python/CryptographyPass.kt   |  13 +-
 .../graph/passes/python/FlaskPass.kt          |   7 +-
 .../graph/passes/python/Psycopg2Pass.kt       |   1 +
 .../graph/passes/python/PyMongoPass.kt        |   7 +-
 .../graph/passes/python/PythonLogPass.kt      |   1 +
 .../graph/passes/python/RequestsPass.kt       |   7 +-
 .../graph/passes/ruby/WebBrickPass.kt         |  15 +-
 .../graph/PolicyNonComplianceTest.kt          |  16 +-
 33 files changed, 98 insertions(+), 521 deletions(-)
 delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt
 delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt
 delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt
 delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt
 delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt

diff --git a/build.gradle.kts b/build.gradle.kts
index 5c4b437..d39af92 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -15,7 +15,7 @@ subprojects {
         mavenCentral()
 
         ivy {
-            setUrl("https://download.eclipse.org/tools/cdt/releases/10.2/cdt-10.2.0/plugins")
+            setUrl("https://download.eclipse.org/tools/cdt/releases/11.3/cdt-11.3.1/plugins")
             metadataSources {
                 artifact()
             }
diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts
index 026c4d7..7fc56c2 100644
--- a/cloudpg/build.gradle.kts
+++ b/cloudpg/build.gradle.kts
@@ -70,7 +70,7 @@ repositories {
 
 dependencies {
     implementation("org.junit.jupiter:junit-jupiter:5.7.0")
-    val version = "7.1.2"
+    val version = "8.1.2"
 
     implementation("de.fraunhofer.aisec:cpg-core:$version")
     implementation("de.fraunhofer.aisec:cpg-analysis:$version")
@@ -84,9 +84,9 @@ dependencies {
     implementation ("org.xmlunit:xmlunit-core:2.9.0")
     implementation("org.xmlunit:xmlunit-matchers:2.9.0")
 
-    api("org.neo4j", "neo4j-ogm-core", "4.0.5")
-    api("org.neo4j", "neo4j-ogm", "4.0.5")
-    api("org.neo4j", "neo4j-ogm-bolt-driver", "4.0.5")
+    api("org.neo4j", "neo4j-ogm-core", "4.0.10")
+    api("org.neo4j", "neo4j-ogm", "4.0.10")
+    api("org.neo4j", "neo4j-ogm-bolt-driver", "4.0.10b  ")
 
     implementation(platform("org.jetbrains.kotlin:kotlin-bom"))
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/App.kt b/cloudpg/src/main/java/io/clouditor/graph/App.kt
index 7d00549..bf4ca18 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/App.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/App.kt
@@ -14,7 +14,6 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.allChildren
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.helpers.Benchmark
-import io.clouditor.graph.frontends.ruby.RubyLanguage
 import io.clouditor.graph.nodes.Builder
 import io.clouditor.graph.passes.*
 import io.clouditor.graph.passes.golang.*
@@ -24,10 +23,10 @@ import io.clouditor.graph.passes.java.SpringBootPass
 import io.clouditor.graph.passes.js.FetchPass
 import io.clouditor.graph.passes.js.JSHttpPass
 import io.clouditor.graph.passes.python.*
-import io.clouditor.graph.passes.ruby.WebBrickPass
 import io.clouditor.graph.testing.LocalTestingPass
 import java.nio.file.Path
 import java.util.concurrent.Callable
+import kotlin.streams.toList
 import kotlin.system.exitProcess
 import org.neo4j.ogm.config.Configuration
 import org.neo4j.ogm.session.SessionFactory
@@ -121,7 +120,6 @@ object App : Callable<Int> {
             TranslationConfiguration.builder()
                 .topLevel(rootPath.toFile())
                 .sourceLocations(paths.map { rootPath.resolve(it).toFile() })
-                .registerLanguage(RubyLanguage())
                 .registerLanguage(JavaLanguage())
                 .registerLanguage(CPPLanguage())
                 .registerLanguage(CLanguage())
@@ -135,7 +133,7 @@ object App : Callable<Int> {
                 .registerPass(JaxRsPass::class)
                 .registerPass(GolangHttpPass::class)
                 .registerPass(GinGonicPass::class)
-                .registerPass(WebBrickPass::class)
+                // .registerPass(WebBrickPass::class)
                 .registerPass(JSHttpPass::class)
                 .registerPass(FlaskPass::class)
                 .apply {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt b/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt
index e5b160b..00a87e9 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt
@@ -46,7 +46,7 @@ open class ValueResolver(
         when (expr) {
             is KeyValueExpression -> return resolve(expr.value)
             is Literal<*> -> return expr.value?.toString() ?: ""
-            is DeclaredReferenceExpression -> return resolveDeclaration(expr.refersTo)
+            // is Reference -> return resolveDeclaration(expr.refersTo)
             is BinaryOperator -> {
                 // resolve lhs
                 val lhsValue = resolve(expr.lhs)
@@ -119,10 +119,8 @@ open class ValueResolver(
             is CastExpression -> {
                 return this.resolve(expr.expression)
             }
-            is ArraySubscriptionExpression -> {
-                val array =
-                    (expr.arrayExpression as? DeclaredReferenceExpression)?.refersTo as?
-                        VariableDeclaration
+            is SubscriptExpression -> {
+                val array = (expr.arrayExpression as? Reference)?.refersTo as? VariableDeclaration
                 val ile = array?.initializer as? InitializerListExpression
 
                 ile?.let {
@@ -146,9 +144,9 @@ open class ValueResolver(
                     val rhs = resolve((expr.condition as? BinaryOperator)?.rhs)
 
                     return if (lhs == rhs) {
-                        resolve(expr.thenExpr)
+                        resolve(expr.thenExpression)
                     } else {
-                        resolve(expr.elseExpr)
+                        resolve(expr.elseExpression)
                     }
                 }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt
deleted file mode 100644
index 4ecbb7e..0000000
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt
+++ /dev/null
@@ -1,29 +0,0 @@
-package io.clouditor.graph.frontends.ruby
-
-import de.fraunhofer.aisec.cpg.frontends.Handler
-import de.fraunhofer.aisec.cpg.graph.declarations.Declaration
-import de.fraunhofer.aisec.cpg.graph.declarations.ProblemDeclaration
-import de.fraunhofer.aisec.cpg.graph.newParamVariableDeclaration
-import de.fraunhofer.aisec.cpg.graph.types.UnknownType
-import org.jruby.ast.*
-
-class DeclarationHandler(lang: RubyLanguageFrontend) :
-    Handler<Declaration, Node, RubyLanguageFrontend>({ ProblemDeclaration() }, lang) {
-
-    init {
-        map.put(ArgumentNode::class.java, ::handleArgumentNode)
-    }
-
-    private fun handleArgumentNode(node: Node?): Declaration? {
-        if (node !is ArgumentNode) {
-            return null
-        }
-
-        return newParamVariableDeclaration(
-            node.name.idString(),
-            UnknownType.getUnknownType(frontend.language),
-            false,
-            frontend.getCodeFromRawNode(node)
-        )
-    }
-}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt
deleted file mode 100644
index ab569f5..0000000
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt
+++ /dev/null
@@ -1,180 +0,0 @@
-package io.clouditor.graph.frontends.ruby
-
-import de.fraunhofer.aisec.cpg.frontends.Handler
-import de.fraunhofer.aisec.cpg.graph.*
-import de.fraunhofer.aisec.cpg.graph.statements.Statement
-import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression
-import de.fraunhofer.aisec.cpg.graph.statements.expressions.ProblemExpression
-import de.fraunhofer.aisec.cpg.graph.types.UnknownType
-import org.jruby.ast.*
-import org.jruby.ast.Node
-
-class ExpressionHandler(lang: RubyLanguageFrontend) :
-    Handler<Statement, Node, RubyLanguageFrontend>({ ProblemExpression() }, lang) {
-
-    init {
-        map.put(CallNode::class.java, ::handleCallNode)
-        map.put(FCallNode::class.java, ::handleFCallNode)
-        map.put(IterNode::class.java, ::handleIterNode)
-        map.put(StrNode::class.java, ::handleStrNode)
-        map.put(DVarNode::class.java, ::handleDVarNode)
-        map.put(AttrAssignNode::class.java, ::handleAttrAssignNode)
-        map.put(AssignableNode::class.java, ::handleAssignableNode)
-    }
-
-    private fun handleFCallNode(node: Node?): Statement? {
-        if (node !is FCallNode) {
-            return null
-        }
-        // TODO
-        return null
-    }
-
-    private fun handleAttrAssignNode(node: Node?): Statement? {
-        if (node !is AttrAssignNode) {
-            return null
-        }
-
-        val binOp = newBinaryOperator("=", frontend.getCodeFromRawNode(node))
-
-        val base =
-            this.handle(node.receiverNode) as? Expression
-                ?: return ProblemExpression("could not parse base")
-        val expr =
-            newMemberExpression(
-                node.name.idString(),
-                base,
-                UnknownType.getUnknownType(frontend.language),
-                "=",
-                frontend.getCodeFromRawNode(base)
-            )
-
-        binOp.lhs = expr
-        (this.handle(node.argsNode) as? Expression)?.let { binOp.rhs = it }
-
-        return expr
-    }
-
-    private fun handleDVarNode(node: Node?): Statement? {
-        if (node !is DVarNode) {
-            return null
-        }
-
-        return newDeclaredReferenceExpression(
-            node.name.idString(),
-            UnknownType.getUnknownType(language),
-            frontend.getCodeFromRawNode(node)
-        )
-    }
-
-    private fun handleAssignableNode(node: Node?): Statement? {
-        if (node !is DAsgnNode && node !is LocalAsgnNode) {
-            return null
-        }
-
-        val name =
-            if (node is DAsgnNode) {
-                node.name
-            } else {
-                (node as LocalAsgnNode).name
-            }
-
-        // either a binary operator or a variable declaration
-        val lhs =
-            newDeclaredReferenceExpression(
-                name.idString(),
-                UnknownType.getUnknownType(language),
-                frontend.getCodeFromRawNode(node)
-            )
-        val rhs = this.handle((node as AssignableNode).valueNode) as? Expression
-
-        // can we resolve it?
-        var decl = frontend.scopeManager.resolveReference(lhs)
-
-        if (decl == null) {
-            val stmt = newDeclarationStatement(frontend.getCodeFromRawNode(node))
-            decl =
-                newVariableDeclaration(
-                    lhs.name,
-                    UnknownType.getUnknownType(language),
-                    frontend.getCodeFromRawNode(node),
-                    false
-                )
-            decl.initializer = rhs
-
-            stmt.singleDeclaration = decl
-
-            return stmt
-        }
-
-        val binOp = newBinaryOperator("=", frontend.getCodeFromRawNode(node))
-        binOp.lhs = lhs
-        rhs?.let { binOp.rhs = it }
-
-        return binOp
-    }
-
-    private fun handleCallNode(node: Node): Expression? {
-        if (node !is CallNode) {
-            return null
-        }
-
-        val base =
-            handle(node.receiverNode) as? Expression
-                ?: return ProblemExpression("could not parse base")
-        val callee = newMemberExpression(node.name.asJavaString(), base)
-
-        val mce = newMemberCallExpression(callee, false, frontend.getCodeFromRawNode(node))
-
-        for (arg in node.argsNode?.childNodes() ?: emptyList()) {
-            mce.addArgument(handle(arg) as Expression)
-        }
-
-        // add the iterNode as last argument
-        node.iterNode?.let { mce.addArgument(handle(it) as Expression) }
-
-        return mce
-    }
-
-    private fun handleIterNode(node: Node): Expression? {
-        if (node !is IterNode) {
-            return null
-        }
-
-        // a complete hack, to handle iter nodes, which is sort of a lambda expression
-        // so we create an anonymous function declaration out of the bodyNode and varNode
-        // and a declared reference expressions to that anonymous function
-        val func = newFunctionDeclaration("", frontend.getCodeFromRawNode(node))
-
-        frontend.scopeManager.enterScope(func)
-
-        for (arg in node.argsNode.args) {
-            val param = frontend.declarationHandler.handle(arg)
-            frontend.scopeManager.addDeclaration(param)
-        }
-
-        func.body = frontend.statementHandler.handle(node.bodyNode)
-
-        frontend.scopeManager.leaveScope(func)
-
-        val def = newDeclarationStatement(frontend.getCodeFromRawNode(node))
-        def.singleDeclaration = func
-
-        val cse = newCompoundStatementExpression(frontend.getCodeFromRawNode(node))
-        cse.statement = def
-
-        return cse
-    }
-
-    private fun handleStrNode(node: Node): Expression? {
-        if (node !is StrNode) {
-            return null
-        }
-
-        return newLiteral(
-            String(node.value.bytes()),
-            parseType("string"),
-            frontend.getCodeFromRawNode(node)
-        )
-    }
-}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt
deleted file mode 100644
index 9d26683..0000000
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt
+++ /dev/null
@@ -1,61 +0,0 @@
-package io.clouditor.graph.frontends.ruby
-
-import de.fraunhofer.aisec.cpg.ScopeManager
-import de.fraunhofer.aisec.cpg.frontends.*
-import de.fraunhofer.aisec.cpg.graph.Name
-import de.fraunhofer.aisec.cpg.graph.declarations.RecordDeclaration
-import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression
-import de.fraunhofer.aisec.cpg.graph.types.*
-import kotlin.reflect.KClass
-
-/** The Ruby Language */
-class RubyLanguage() :
-    Language<RubyLanguageFrontend>(),
-    HasDefaultArguments,
-    HasClasses,
-    HasSuperClasses,
-    HasShortCircuitOperators {
-    override val fileExtensions = listOf("rb")
-    override val namespaceDelimiter = "::"
-    @Transient override val frontend: KClass<out RubyLanguageFrontend> = RubyLanguageFrontend::class
-    override val superClassKeyword = "super"
-    override val conjunctiveOperators = listOf("&&")
-    override val disjunctiveOperators = listOf("||")
-
-    @Transient
-    /** See [The RubySpec](https://github.com/ruby/spec) */
-    override val builtInTypes =
-        mapOf(
-            // The bit width of the Integer type in Ruby is only limited by your memory
-            "Integer" to IntegerType("Integer", null, this, NumericType.Modifier.SIGNED),
-            "Float" to FloatingPointType("Float", 64, this, NumericType.Modifier.SIGNED),
-            "String" to StringType("String", this),
-            // The bit width of Booleans is not defined in the specification and
-            // implementation-dependant
-            "Boolean" to BooleanType("Boolean", null, this, NumericType.Modifier.NOT_APPLICABLE)
-        )
-
-    override val compoundAssignmentOperators =
-        setOf(
-            "+=", // Addition assignment
-            "-=", // Subtraction assignment
-            "*=", // Multiplication assignment
-            "/=", // Division assignment
-            "%=", // Modulo assignment
-            "**=", // Exponentiation assignment
-            "<<=", // Left shift assignment
-            ">>=", // Right shift assignment
-            "&=", // Bitwise AND assignment
-            "|=", // Bitwise OR assignment
-            "^=" // Bitwise XOR assignment
-        )
-
-    override fun handleSuperCall(
-        callee: MemberExpression,
-        curClass: RecordDeclaration,
-        scopeManager: ScopeManager,
-        recordMap: Map<Name, RecordDeclaration>
-    ): Boolean {
-        TODO("Not yet implemented")
-    }
-}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt
deleted file mode 100644
index 4d43c98..0000000
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt
+++ /dev/null
@@ -1,72 +0,0 @@
-package io.clouditor.graph.frontends.ruby
-
-import de.fraunhofer.aisec.cpg.TranslationContext
-import de.fraunhofer.aisec.cpg.frontends.Language
-import de.fraunhofer.aisec.cpg.frontends.LanguageFrontend
-import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
-import de.fraunhofer.aisec.cpg.graph.newFunctionDeclaration
-import de.fraunhofer.aisec.cpg.graph.newTranslationUnitDeclaration
-import de.fraunhofer.aisec.cpg.sarif.PhysicalLocation
-import java.io.File
-import org.checkerframework.checker.nullness.qual.NonNull
-import org.jruby.Ruby
-import org.jruby.ast.BlockNode
-import org.jruby.ast.RootNode
-import org.jruby.parser.Parser
-import org.jruby.parser.ParserConfiguration
-
-class RubyLanguageFrontend(
-    language: Language<RubyLanguageFrontend>,
-    ctx: @NonNull TranslationContext
-) : LanguageFrontend(language, ctx) {
-    val declarationHandler: DeclarationHandler = DeclarationHandler(this)
-    val expressionHandler: ExpressionHandler = ExpressionHandler(this)
-    val statementHandler: StatementHandler = StatementHandler(this)
-
-    override fun parse(file: File): TranslationUnitDeclaration {
-        val ruby = Ruby.getGlobalRuntime()
-        val parser = Parser(ruby)
-
-        val node =
-            parser.parse(
-                file.path,
-                file.inputStream(),
-                null,
-                ParserConfiguration(ruby, 0, false, true, false)
-            ) as
-                RootNode
-
-        return handleRootNode(node, file)
-    }
-
-    private fun handleRootNode(node: RootNode, file: File): TranslationUnitDeclaration {
-        val tu = newTranslationUnitDeclaration(node.file, getCodeFromRawNode(node))
-
-        scopeManager.resetToGlobal(tu)
-
-        // wrap everything into a virtual global function because we only have declarations on the
-        // top
-        val func =
-            newFunctionDeclaration(file.nameWithoutExtension + "_global", getCodeFromRawNode(node))
-
-        scopeManager.enterScope(func)
-
-        func.body = statementHandler.handle(node.bodyNode as BlockNode)
-
-        scopeManager.leaveScope(func)
-
-        scopeManager.addDeclaration(func)
-
-        return tu
-    }
-
-    override fun <T : Any?> getCodeFromRawNode(astNode: T): String? {
-        return ""
-    }
-
-    override fun <T : Any?> getLocationFromRawNode(astNode: T): PhysicalLocation? {
-        return null
-    }
-
-    override fun <S : Any?, T : Any?> setComment(s: S, ctx: T) {}
-}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt
deleted file mode 100644
index c561ecd..0000000
--- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt
+++ /dev/null
@@ -1,50 +0,0 @@
-package io.clouditor.graph.frontends.ruby
-
-import de.fraunhofer.aisec.cpg.frontends.Handler
-import de.fraunhofer.aisec.cpg.graph.newCompoundStatement
-import de.fraunhofer.aisec.cpg.graph.newReturnStatement
-import de.fraunhofer.aisec.cpg.graph.statements.CompoundStatement
-import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
-import de.fraunhofer.aisec.cpg.graph.statements.Statement
-import de.fraunhofer.aisec.cpg.graph.statements.expressions.ProblemExpression
-import org.jruby.ast.BlockNode
-import org.jruby.ast.Node
-
-class StatementHandler(lang: RubyLanguageFrontend) :
-    Handler<Statement, Node, RubyLanguageFrontend>({ ProblemExpression() }, lang) {
-
-    init {
-        map.put(BlockNode::class.java, ::handleBlockNode)
-    }
-
-    private fun handleBlockNode(blockNode: Node): CompoundStatement? {
-        if (blockNode !is BlockNode) {
-            return null
-        }
-
-        blockNode.containsVariableAssignment()
-        val compoundStatement = newCompoundStatement(frontend.getCodeFromRawNode(blockNode))
-
-        for (node in blockNode) {
-            val statement = frontend.expressionHandler.handle(node)
-            statement?.let { compoundStatement.addStatement(it) }
-        }
-
-        val statements = compoundStatement.statements
-
-        // get the last statement
-        var lastStatement: Statement? = null
-        if (statements.isNotEmpty()) {
-            lastStatement = statements[statements.size - 1]
-        }
-
-        // add an implicit return statement, if there is none
-        if (lastStatement !is ReturnStatement) {
-            val returnStatement = newReturnStatement("return")
-            returnStatement.isImplicit = true
-            compoundStatement.addStatement(returnStatement)
-        }
-
-        return compoundStatement
-    }
-}
diff --git a/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt
index b3bd297..25b5901 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt
@@ -15,6 +15,7 @@ import io.clouditor.graph.passes.locationForRegion
 import java.lang.IllegalArgumentException
 import java.nio.file.Files
 import java.nio.file.Path
+import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 class WorkflowHandler(private val result: TranslationResult, private val rootPath: Path) {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt
index 61b6622..8c800a8 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt
@@ -20,10 +20,7 @@ import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.Node
-import de.fraunhofer.aisec.cpg.graph.declarations.ParamVariableDeclaration
-import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
-import de.fraunhofer.aisec.cpg.graph.declarations.ValueDeclaration
-import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
+import de.fraunhofer.aisec.cpg.graph.declarations.*
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
@@ -32,6 +29,7 @@ import io.clouditor.graph.*
 import io.clouditor.graph.nodes.followDFGReverse
 import io.clouditor.graph.nodes.followEOG
 import io.clouditor.graph.nodes.location
+import kotlin.streams.toList
 import kotlin.time.DurationUnit
 import kotlin.time.toDuration
 import kotlin.time.toJavaDuration
@@ -120,7 +118,7 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                         if (next is ValueDeclaration) {
                             next
                         } else {
-                            (next as DeclaredReferenceExpression).refersTo as ValueDeclaration?
+                            (next as Reference).refersTo as ValueDeclaration?
                         }
                 }
 
@@ -145,7 +143,7 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                                 (it.end as MemberCallExpression).base?.name?.localName ==
                                     "getBlobClient" &&
                                 (((it.end as CallExpression).callee as MemberCallExpression).base as
-                                        DeclaredReferenceExpression)
+                                        Reference)
                                     .refersTo == client
                         }
 
@@ -154,7 +152,7 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                         if (next is ValueDeclaration) {
                             next
                         } else {
-                            (next as DeclaredReferenceExpression).refersTo as ValueDeclaration?
+                            (next as Reference).refersTo as ValueDeclaration?
                         }
 
                     append?.let {
@@ -179,9 +177,8 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
             base.followEOG {
                 it.end is MemberCallExpression &&
                     ((it.end as MemberCallExpression).base == base ||
-                        ((it.end as MemberCallExpression).base is DeclaredReferenceExpression &&
-                            ((it.end as MemberCallExpression).base as DeclaredReferenceExpression)
-                                .refersTo == base))
+                        ((it.end as MemberCallExpression).base is Reference &&
+                            ((it.end as MemberCallExpression).base as Reference).refersTo == base))
             }
 
         return path?.last()?.end as? MemberCallExpression
@@ -222,16 +219,15 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
             // documented as a graph query in the paper
 
             // first parameter is always an input stream
-            val inputStreamRef = c.arguments[0] as DeclaredReferenceExpression
+            val inputStreamRef = c.arguments[0] as Reference
             val inputStream = inputStreamRef.refersTo as VariableDeclaration
             val newExpression = inputStream.initializer as NewExpression
             val construct = newExpression.initializer as ConstructExpression
 
             // this is very hacky, but we assume that it is always a new
             // ByteArrayInputStream(s.getBytes(StandardCharsets.UTF_8))
-            val sRef =
-                (construct.arguments[0] as MemberCallExpression).base as DeclaredReferenceExpression
-            val s = sRef.refersTo as ParamVariableDeclaration
+            val sRef = (construct.arguments[0] as MemberCallExpression).base as Reference
+            val s = sRef.refersTo as ParameterDeclaration
 
             // follow
             val param = s.followDFGReverse { it.second.name.localName == "password" }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index 64524fd..985f98a 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -2,13 +2,14 @@ package io.clouditor.graph.passes
 
 import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
-import de.fraunhofer.aisec.cpg.graph.HasType
 import de.fraunhofer.aisec.cpg.graph.declarations.FieldDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.KeyValueExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression
+import de.fraunhofer.aisec.cpg.graph.types.HasType
 import de.fraunhofer.aisec.cpg.graph.types.ObjectType
 import de.fraunhofer.aisec.cpg.graph.types.Type
+import de.fraunhofer.aisec.cpg.graph.types.recordDeclaration
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
 import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
@@ -18,7 +19,7 @@ import java.util.*
 /**
  * The purpose of this Pass os to enhance the DFG graph with additional edges that are needed for
  * DF-Label tracking. One such case is the labeling of a variable that is the base of a member
- * expression. Normally no data flows from the base to the member expression. FOr this use case,
+ * expression. Normally no data flows from the base to the member expression. For this use case,
  * however, the mere usage of a base causes labels to be relevant for the member expression.
  */
 @DependsOn(GoExtraPass::class)
@@ -43,7 +44,7 @@ class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
         stringifyFunctions.forEach {
             redirectDFGThroughFunctionCall(it)
-            drawDFGEgesFromNestedFields(it)
+            drawDFGEdgesFromNestedFields(it)
         }
 
         memberExpressions.forEach { it.addPrevDFG(it.base) }
@@ -67,7 +68,7 @@ class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         call.arguments.forEach { call.addPrevDFG(it) }
     }
 
-    private fun drawDFGEgesFromNestedFields(call: CallExpression) {
+    private fun drawDFGEdgesFromNestedFields(call: CallExpression) {
         call.arguments.forEach { it ->
             val nestedFields: MutableSet<FieldDeclaration> = getNestedFields(it)
             nestedFields.forEach { call.addPrevDFG(it) }
@@ -89,16 +90,7 @@ class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         node: HasType,
         visitedfields: MutableSet<FieldDeclaration> = mutableSetOf()
     ): MutableSet<FieldDeclaration> {
-        var fields: MutableSet<FieldDeclaration> = mutableSetOf()
-        node.possibleSubTypes.map { it ->
-            val oType: ObjectType? = dereferenceToObjectType(it)
-            oType?.let {
-                fields = it.recordDeclaration!!.fields.toMutableSet()
-                if (!visitedfields.addAll(fields)) {
-                    return visitedfields
-                }
-            }
-        }
+        var fields = node.type.recordDeclaration!!.fields.toMutableSet()
 
         fields.forEach {
             it.prevDFG.filterIsInstance<HasType>().forEach { getNestedFields(it, visitedfields) }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
index f429917..6f29e8c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
@@ -5,7 +5,7 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
-import de.fraunhofer.aisec.cpg.graph.statements.expressions.DeclaredReferenceExpression
+import de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.*
 
@@ -77,13 +77,13 @@ abstract class DatabaseOperationPass(ctx: TranslationContext) : TranslationResul
         // them as well
         if (target is VariableDeclaration) {
             target.nextDFG.forEach {
-                if (it is DeclaredReferenceExpression && it.refersTo == target) {
+                if (it is Reference && it.refersTo == target) {
                     map[it] = obj
                 }
             }
             // sometimes there is only an EOG edge but not a DFG
             target.nextEOG.forEach {
-                if (it is DeclaredReferenceExpression && it.refersTo == target) {
+                if (it is Reference && it.refersTo == target) {
                     map[it] = obj
                 }
             }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
index d569847..d14bd68 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
@@ -14,6 +14,7 @@ import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.getStorageOrCreate
+import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt
index ad41adb..d3d93f0 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt
@@ -2,8 +2,8 @@ package io.clouditor.graph.passes
 
 import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
-import de.fraunhofer.aisec.cpg.graph.statements.CompoundStatement
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
+import de.fraunhofer.aisec.cpg.graph.statements.expressions.Block
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import io.clouditor.graph.HttpEndpoint
 
@@ -14,7 +14,7 @@ class HttpStatusCodesPass(ctx: TranslationContext) : TranslationResultPass(ctx)
     override fun accept(result: TranslationResult) {
 
         result.additionalNodes.filterIsInstance(HttpEndpoint::class.java).forEach {
-            (it.handler?.body as CompoundStatement).statements.forEach {
+            (it.handler?.body as Block).statements.forEach {
                 if (it is ReturnStatement) {
                     // TODO
                 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index e841319..855d7d9 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -11,8 +11,8 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.DeclarationStatement
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.AssignExpression
-import de.fraunhofer.aisec.cpg.graph.statements.expressions.DeclaredReferenceExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression
+import de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
 import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
@@ -305,7 +305,7 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
             }
             is AssignExpression -> {
                 val variableDeclarations =
-                    node.lhs.filterIsInstance<DeclaredReferenceExpression>().map { it.refersTo }
+                    node.lhs.filterIsInstance<Reference>().map { it.refersTo }
                 variableDeclarations.forEach { addLabelToDFGBorderEdges(it as Node, label) }
             }
             else -> {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index 0f1bd2c..7067679 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -10,10 +10,7 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.parseName
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
-import de.fraunhofer.aisec.cpg.passes.CallResolver
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
-import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
-import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
+import de.fraunhofer.aisec.cpg.passes.*
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore
 import de.fraunhofer.aisec.cpg.processing.IVisitor
@@ -23,8 +20,7 @@ import io.clouditor.graph.passes.KubernetesPass
 import io.clouditor.graph.testing.LocalTestingPass
 
 @DependsOn(GoExtraPass::class)
-@DependsOn(CallResolver::class)
-@DependsOn(VariableUsageResolver::class)
+@DependsOn(SymbolResolver::class)
 @ExecuteBefore(LocalTestingPass::class)
 @ExecuteBefore(KubernetesPass::class)
 class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
@@ -112,20 +108,17 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         tu: TranslationUnitDeclaration,
         m: MemberCallExpression
     ) {
-        if (m.base is DeclaredReferenceExpression &&
-                clients.containsKey((m.base as DeclaredReferenceExpression).refersTo)
-        ) {
-            val client = clients[(m.base as DeclaredReferenceExpression).refersTo]
+        if (m.base is Reference && clients.containsKey((m.base as Reference).refersTo)) {
+            val client = clients[(m.base as Reference).refersTo]
             val app = result.findApplicationByTU(tu)
 
             if (m.name.localName == "GET" || m.name.localName == "POST" || m.name.localName == "PUT"
             ) {
-                // FIXME: we are missing the "refersTo" field in our DeclaredReferenceExpression.
+                // FIXME: we are missing the "refersTo" field in our Reference.
                 //  Any references to FunctionDeclarations seem to be null;
                 //  It does not matter whether we do it indirectly (f := post_data)
                 val funcDeclaration =
-                    (m.arguments.getOrNull(1) as? DeclaredReferenceExpression)?.refersTo as?
-                        FunctionDeclaration
+                    (m.arguments.getOrNull(1) as? Reference)?.refersTo as? FunctionDeclaration
                 val endpoint =
                     HttpEndpoint(
                         NoAuthentication(),
@@ -194,7 +187,7 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     private fun handleBind(m: MemberCallExpression, e: HttpEndpoint) {
         if (m.name.localName == "BindJSON" || m.name.localName == "Bind") {
             val obj = (m.arguments.firstOrNull() as UnaryOperator).input
-            if (obj is DeclaredReferenceExpression) {
+            if (obj is Reference) {
                 obj.refersTo?.let { e.addNextDFG(it) }
             } else {
                 e.addNextDFG(obj)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
index 287acf7..41ef2fb 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
@@ -6,20 +6,17 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.CallResolver
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
-import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
-import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
+import de.fraunhofer.aisec.cpg.passes.*
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
+import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 @DependsOn(GoExtraPass::class)
-@DependsOn(CallResolver::class)
-@DependsOn(VariableUsageResolver::class)
+@DependsOn(SymbolResolver::class)
 class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {}
@@ -46,7 +43,7 @@ class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     ) {
         if (c.name.toString() == "ed25519.Sign") {
             // the text that is signed is the second argument
-            val textToBeSigned = c.arguments[1] as DeclaredReferenceExpression
+            val textToBeSigned = c.arguments[1] as Reference
             val plainText = textToBeSigned.refersTo as? VariableDeclaration
             val signature = Signature(plainText, c.nextDFG.firstOrNull() as? VariableDeclaration)
             t += signature
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
index fba981c..e665313 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
@@ -15,6 +15,7 @@ import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
+import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 @DependsOn(GoExtraPass::class)
@@ -57,13 +58,10 @@ class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) {
         tu: TranslationUnitDeclaration?,
         m: MemberCallExpression
     ) {
-        if (m.base is DeclaredReferenceExpression &&
-                clients.containsKey((m.base as DeclaredReferenceExpression).refersTo)
-        ) {
-            val client = clients[(m.base as DeclaredReferenceExpression).refersTo]
+        if (m.base is Reference && clients.containsKey((m.base as Reference).refersTo)) {
+            val client = clients[(m.base as Reference).refersTo]
 
-            val funcDeclaration =
-                (m.arguments[1] as? DeclaredReferenceExpression)?.refersTo as? FunctionDeclaration
+            val funcDeclaration = (m.arguments[1] as? Reference)?.refersTo as? FunctionDeclaration
             val literal = m.arguments.first() as? Literal<*>
             literal.let {
                 val endpoint =
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index 2db620f..31d53e1 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -12,6 +12,7 @@ import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
 import io.clouditor.graph.testing.LocalTestingPass
+import kotlin.streams.toList
 
 // This pass is needed only for the local testing mode, since in the testing pass we create the
 // endpoints and only after that we can create the respective requests
@@ -46,9 +47,7 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
         val requestFunction = c.invokes.firstOrNull()
         // TODO (old) request body: the default value is not correctly set, so we use the
         //  value that has a dfg edge to the request parameter
-        val body =
-            requestFunction?.prevDFG?.firstOrNull { it is DeclaredReferenceExpression } as
-                DeclaredReferenceExpression
+        val body = requestFunction?.prevDFG?.firstOrNull { it is Reference } as Reference
         if (c.name.toString() == "http.PostForm") {
             createHttpRequest(
                 result,
@@ -65,8 +64,7 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
                 (c.arguments[0] as? Literal<String>)?.value ?: "",
                 c,
                 "PUT",
-                requestFunction?.parameters?.get(1)?.prevDFG?.firstOrNull() as?
-                    DeclaredReferenceExpression,
+                requestFunction?.parameters?.get(1)?.prevDFG?.firstOrNull() as? Reference,
                 app
             )
         } else if (c.toString() == "http.Get") {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt
index b792bd4..b20a2b0 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt
@@ -15,6 +15,7 @@ import io.clouditor.graph.findApplicationByTU
 import io.clouditor.graph.nodes.followDFGReverse
 import io.clouditor.graph.nodes.followEOG
 import io.clouditor.graph.passes.HttpClientPass
+import kotlin.streams.toList
 
 class JaxRsClientPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     override fun accept(result: TranslationResult) {
@@ -55,7 +56,7 @@ class JaxRsClientPass(ctx: TranslationContext) : HttpClientPass(ctx) {
         tu: TranslationUnitDeclaration
     ) {
         var builder: VariableDeclaration? = null
-        val builderRefs = mutableListOf<DeclaredReferenceExpression>()
+        val builderRefs = mutableListOf<Reference>()
 
         // look for the builder itself, probably it is the DFG target
         val pair = followDFGTargetToDeclaration(r)
@@ -81,7 +82,7 @@ class JaxRsClientPass(ctx: TranslationContext) : HttpClientPass(ctx) {
         creationCall: CallExpression,
         tu: TranslationUnitDeclaration
     ) {
-        val clientRefs = mutableListOf<DeclaredReferenceExpression>()
+        val clientRefs = mutableListOf<Reference>()
 
         // look for the client itself, probably it is the DFG target
         val pair = followDFGTargetToDeclaration(creationCall)
@@ -168,14 +169,12 @@ class JaxRsClientPass(ctx: TranslationContext) : HttpClientPass(ctx) {
         }
     }
 
-    private fun followDFGTargetToDeclaration(
-        n: Node
-    ): Pair<DeclaredReferenceExpression, Declaration?>? {
+    private fun followDFGTargetToDeclaration(n: Node): Pair<Reference, Declaration?>? {
         // get the next dfg
-        val ref = n.nextDFG.filterIsInstance<DeclaredReferenceExpression>().firstOrNull()
+        val ref = n.nextDFG.filterIsInstance<Reference>().firstOrNull()
 
         // it is probably a ref, so we need to follow it back to the declaration
-        if (ref is DeclaredReferenceExpression) {
+        if (ref is Reference) {
             return Pair(ref, ref.refersTo)
         }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsPass.kt
index a518515..e9f5ab3 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsPass.kt
@@ -13,6 +13,7 @@ import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
+import kotlin.streams.toList
 
 class JaxRsPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     // for now, assume, that we have one JAX-RS Application per analysis
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/java/SpringBootPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/java/SpringBootPass.kt
index 5811fed..f2556bd 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/java/SpringBootPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/java/SpringBootPass.kt
@@ -15,6 +15,7 @@ import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
+import kotlin.streams.toList
 
 /**
  * This pass parses an application for spring boot annotations and creates services and end-points
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/js/FetchPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/js/FetchPass.kt
index 7978234..5b12084 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/js/FetchPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/js/FetchPass.kt
@@ -12,6 +12,7 @@ import io.clouditor.graph.ValueResolver
 import io.clouditor.graph.findApplicationByTU
 import io.clouditor.graph.passes.HttpClientPass
 import java.nio.file.Files
+import kotlin.streams.toList
 
 class FetchPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     var map = mutableMapOf<String, String>()
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt
index 44b4746..148ab0c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt
@@ -12,6 +12,7 @@ import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
+import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 class JSHttpPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
@@ -76,8 +77,7 @@ class JSHttpPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         return if ((mce.name.localName == "onPost" ||
                 mce.name.localName == "onGet" ||
                 mce.name.localName == "post" ||
-                mce.name.localName == "get") &&
-                (mce.base as? DeclaredReferenceExpression)?.refersTo == v
+                mce.name.localName == "get") && (mce.base as? Reference)?.refersTo == v
         ) {
             val path: String =
                 unRegex((mce.arguments.first() as? Literal<*>)?.value as? String ?: "/")
@@ -108,7 +108,7 @@ class JSHttpPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         e: HttpEndpoint
     ) {
         if (me.name.localName == "body" &&
-                fd.parameters.first() == (me.base as? DeclaredReferenceExpression)?.refersTo
+                fd.parameters.first() == (me.base as? Reference)?.refersTo
         ) {
             // set the DFG target of this call to the DFG target of our http endpoints
             me.nextDFG.forEach { e.addNextDFG(it) }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
index f884f7b..6454545 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
@@ -6,18 +6,17 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.CallResolver
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
-import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
+import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
-@DependsOn(CallResolver::class)
-@DependsOn(VariableUsageResolver::class)
+@DependsOn(SymbolResolver::class)
 class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun cleanup() {
@@ -35,8 +34,8 @@ class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                     fun visit(t: MemberCallExpression) {
                         // look for key.sign()
                         if (t.name.localName == "sign") {
-                            val privateKey = t.base as DeclaredReferenceExpression
-                            // FIXME: As with the other issues, the DeclaredReferenceExpression is
+                            val privateKey = t.base as Reference
+                            // FIXME: As with the other issues, the Reference is
                             //  missing its target (refersTo)
                             val generator =
                                 (privateKey.prevDFG.firstOrNull() as? VariableDeclaration)
@@ -59,7 +58,7 @@ class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         mce: MemberCallExpression
     ) {
         // TODO check if it is always the first one
-        val textToBeSignedExpression = mce.arguments.first() as DeclaredReferenceExpression
+        val textToBeSignedExpression = mce.arguments.first() as Reference
         val plainText = textToBeSignedExpression.refersTo as VariableDeclaration
         val signature = Signature(plainText, mce.nextDFG.first() as VariableDeclaration)
         t += signature
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
index 2c56c7a..976779c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
@@ -10,17 +10,16 @@ import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.CallResolver
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
-import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
+import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
-@DependsOn(CallResolver::class)
-@DependsOn(VariableUsageResolver::class)
+@DependsOn(SymbolResolver::class)
 class FlaskPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     // for now, assume, that we have one Flask application per analysis
     // this might not be the case everytime
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt
index f6fb588..d3e35b3 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt
@@ -10,6 +10,7 @@ import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.getStorageOrCreate
 import io.clouditor.graph.passes.DatabaseOperationPass
+import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 class Psycopg2Pass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
index 499d114..8c82efe 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
@@ -6,8 +6,7 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression
-import de.fraunhofer.aisec.cpg.passes.CallResolver
-import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
@@ -15,10 +14,10 @@ import io.clouditor.graph.*
 import io.clouditor.graph.nodes.getStorageOrCreate
 import io.clouditor.graph.passes.DatabaseOperationPass
 import java.net.URI
+import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
-@DependsOn(CallResolver::class)
-@DependsOn(VariableUsageResolver::class)
+@DependsOn(SymbolResolver::class)
 class PyMongoPass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
     val clients: MutableMap<Node, DatabaseConnect> = mutableMapOf()
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonLogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonLogPass.kt
index 33d9a37..158c242 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonLogPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PythonLogPass.kt
@@ -7,6 +7,7 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.passes.LogPass
+import kotlin.streams.toList
 
 class PythonLogPass(ctx: TranslationContext) : LogPass(ctx) {
     override fun accept(result: TranslationResult) {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
index 3bda002..8c2e4a4 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
@@ -5,16 +5,15 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.CallResolver
-import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
+import kotlin.streams.toList
 
-@DependsOn(CallResolver::class)
-@DependsOn(VariableUsageResolver::class)
+@DependsOn(SymbolResolver::class)
 class RequestsPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
     override fun cleanup() {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt
index cb0368a..90f059c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt
@@ -7,7 +7,6 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
-import de.fraunhofer.aisec.cpg.graph.statements.CompoundStatement
 import de.fraunhofer.aisec.cpg.graph.statements.DeclarationStatement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
@@ -15,6 +14,7 @@ import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.golang.appendPath
+import kotlin.streams.toList
 
 class WebBrickPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
@@ -56,8 +56,7 @@ class WebBrickPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
             var path: String = (mce.arguments.first() as? Literal<*>)?.value as? String ?: "/"
 
             val func =
-                ((mce.arguments[mce.arguments.size - 1] as? CompoundStatementExpression)
-                        ?.statement as?
+                ((mce.arguments[mce.arguments.size - 1] as? Block)?.statements as?
                         DeclarationStatement)
                     ?.singleDeclaration as?
                     FunctionDeclaration
@@ -65,7 +64,7 @@ class WebBrickPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
             val req = func?.parameters?.get(0)
 
             // check, if path is further split
-            (func?.body as? CompoundStatement)?.statements?.forEach { statement ->
+            (func?.body as? Block)?.statements?.forEach { statement ->
                 // just look for the pattern for now
                 if (statement is DeclarationStatement &&
                         statement.singleDeclaration is VariableDeclaration
@@ -74,12 +73,10 @@ class WebBrickPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
                     if (init is MemberCallExpression && init.name.localName == "split") {
                         if (init.base is MemberCallExpression &&
-                                (init.base as MemberCallExpression).base is
-                                    DeclaredReferenceExpression
+                                (init.base as MemberCallExpression).base is Reference
                         ) {
-                            if (((init.base as MemberCallExpression).base as
-                                        DeclaredReferenceExpression)
-                                    .refersTo == req
+                            if (((init.base as MemberCallExpression).base as Reference).refersTo ==
+                                    req
                             ) {
                                 path = path.appendPath("{fragment}")
                             }
diff --git a/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt b/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt
index 0f1da65..0f0402c 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt
@@ -18,7 +18,7 @@ open class PolicyNonComplianceTest {
                         "/../ppg-testing-library/Policy-Non-Compliance/NC1-disproportionate-collection/Python"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p"
+                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:Reference) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p"
             )
         // in this case, 2 paths are expected because there are two HttpEndpoints that the
         // Identifier crosses: A proxied endpoint and the actual one
@@ -42,7 +42,7 @@ open class PolicyNonComplianceTest {
                         "/../ppg-testing-library/Policy-Non-Compliance/NC1-disproportionate-collection/Python-validation"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p"
+                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:Reference) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p"
             )
         assertEquals(0, result.count())
     }
@@ -56,7 +56,7 @@ open class PolicyNonComplianceTest {
                         "/../ppg-testing-library/Policy-Non-Compliance/NC1-disproportionate-collection/Go"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p"
+                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:Reference) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p"
             )
         // in this case, 2 paths are expected because there are two HttpEndpoints that the
         // Identifier crosses: A proxied endpoint and the actual one
@@ -80,7 +80,7 @@ open class PolicyNonComplianceTest {
                         "/../ppg-testing-library/Policy-Non-Compliance/NC1-disproportionate-collection/Go-validation"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p"
+                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:Reference) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p"
             )
         assertEquals(0, result.count())
     }
@@ -176,7 +176,7 @@ open class PolicyNonComplianceTest {
                         "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Go"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p"
+                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:Reference) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p"
             )
         assertEquals(1, result.count())
 
@@ -198,7 +198,7 @@ open class PolicyNonComplianceTest {
                         "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Go-validation"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p"
+                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:Reference) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p"
             )
         assertEquals(0, result.count())
     }
@@ -214,7 +214,7 @@ open class PolicyNonComplianceTest {
                         "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Python"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p"
+                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:Reference) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p"
             )
         assertEquals(1, result.count())
 
@@ -236,7 +236,7 @@ open class PolicyNonComplianceTest {
                         "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Python-validation"
                 ),
                 listOf(Path(".")),
-                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p"
+                "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:Reference) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p"
             )
         assertEquals(0, result.count())
     }

From a5b1191ac0bd6fc5b7147bf7f5d6a9e873efc1d8 Mon Sep 17 00:00:00 2001
From: Christian Banse <oxisto@clouditor.io>
Date: Fri, 19 Apr 2024 23:20:27 +0200
Subject: [PATCH 30/44] Upgraded kotlin and gradle

---
 build.gradle.kts                              |   4 +-
 cloudpg/build.gradle.kts                      |   8 ++--
 gradle/wrapper/gradle-wrapper.jar             | Bin 60756 -> 43453 bytes
 gradle/wrapper/gradle-wrapper.properties      |   4 +-
 gradlew                                       |  35 +++++++++++-------
 gradlew.bat                                   |  21 ++++++-----
 owl2java/build.gradle.kts                     |   4 +-
 owl2java/gradle/wrapper/gradle-wrapper.jar    | Bin 60756 -> 43453 bytes
 .../gradle/wrapper/gradle-wrapper.properties  |   4 +-
 owl2java/gradlew                              |  35 +++++++++++-------
 owl2java/gradlew.bat                          |  21 ++++++-----
 11 files changed, 80 insertions(+), 56 deletions(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index d39af92..3d3e894 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -1,7 +1,7 @@
 plugins {
     // Apply the Kotlin JVM plugin to add support for Kotlin.
-    id("org.jetbrains.kotlin.jvm") version "1.8.0" apply false
-    kotlin("plugin.serialization") version "1.8.0" apply false
+    id("org.jetbrains.kotlin.jvm") version "1.9.20" apply false
+    kotlin("plugin.serialization") version "1.9.20" apply false
     id("com.diffplug.spotless") version "5.12.1"
 }
 
diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts
index 7fc56c2..ce00464 100644
--- a/cloudpg/build.gradle.kts
+++ b/cloudpg/build.gradle.kts
@@ -8,7 +8,7 @@ plugins {
     application
     idea
     `maven-publish`
-    id("org.jetbrains.kotlinx.benchmark") version "0.4.4"
+    id("org.jetbrains.kotlinx.benchmark") version "0.4.10"
     // use this plugin to set all classes open which is required for kotlinx benchmark: id("org.jetbrains.kotlin.plugin.allopen") version "1.7.20-Beta"
 }
 
@@ -86,7 +86,7 @@ dependencies {
 
     api("org.neo4j", "neo4j-ogm-core", "4.0.10")
     api("org.neo4j", "neo4j-ogm", "4.0.10")
-    api("org.neo4j", "neo4j-ogm-bolt-driver", "4.0.10b  ")
+    api("org.neo4j", "neo4j-ogm-bolt-driver", "4.0.10")
 
     implementation(platform("org.jetbrains.kotlin:kotlin-bom"))
 
@@ -120,7 +120,7 @@ dependencies {
 
 application {
     // Define the main class for the application.
-    mainClassName = "io.clouditor.graph.AppKt"
+    mainClass = "io.clouditor.graph.AppKt"
 }
 
 tasks.named("compileJava") {
@@ -161,7 +161,7 @@ kotlin {
     sourceSets {
         test {
             dependencies {
-                implementation("org.jetbrains.kotlinx:kotlinx-benchmark-runtime:0.4.4")
+                implementation("org.jetbrains.kotlinx:kotlinx-benchmark-runtime:0.4.10")
             }
         }
     }
diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
index 249e5832f090a2944b7473328c07c9755baa3196..e6441136f3d4ba8a0da8d277868979cfbc8ad796 100644
GIT binary patch
literal 43453
zcma&N1CXTcmMvW9vTb(Rwr$&4wr$(C?dmSu>@vG-+vuvg^_??!{yS%8zW-#zn-LkA
z5&1^$^{lnmUON?}LBF8_K|(?T0Ra(xUH{($5eN!MR#ZihR#HxkUPe+_R8Cn`RRs(P
z_^*#_XlXmGv7!4;*Y%p4nw?{bNp@UZHv1?Um8r6)Fei3p@ClJn0ECfg1hkeuUU@Or
zDaPa;U3fE=3L}DooL;8f;P0ipPt0Z~9P0)lbStMS)ag54=uL9ia-Lm3nh|@(Y?B`;
zx_#arJIpXH!U{fbCbI^17}6Ri*H<>OLR%c|^mh8+)*h~K8Z<V--Q23O4&HBVn~<)q
zmUaP7+TjluBM%#s1Ki#^GurGElkc7{cc6Skz+1nDVk%wAAQYx1^*wA%KSY>!9)DPf
zR2h?lbDZQ`p9P;&DQ4F0sur@TMa!Y}S8irn(%d-gi0*WxxCSk*A?3lGh=gcYN?FGl
z7D=Js!i~0=u3rox^e<cs4tSN~YA?c-d185$YFNA$Eq1&U{wh#b^OveuKoBPy0oYZ4
zAY2?B=x8yX9}pVM=cLrvugywt!e@Y3lH)i?7fvT*a`O;c)CJQ>O3i@$0=n{K1lPNU
zwmfjRVmLOCRfe=seV&P*1Iq=^i`502keY8Uy-WNPwVNNtJFx?IwA<BCEY82WDKJP<
zB^CxjFxi=mg*OyI?K3GoDfk;?-K<Z#JoxhYNeEUf896)l%7gL``44}zn)7|Rf;)SC
z_EfJr4I+3i(GiHN`R+vHqf}1wXtH?65<wKlxV1BU(#3XgtH<$Fir3S(7QeRA3)u89
zID&66K{&mq$DsB}s&o?H60{cskfh*hvn8hQW#~Q!qM04QtZvx3JEpqeKWE6|+OZW=
z(LB7}flr|t7va%>yR<KG!FYzS$bs7qXcpM&wV@~>PZo2<wCq%CszVO$mosTTuv*Mz
zOLoi?e^7B~xS22~QW8Rmnt{(AtL<HGi<_P9`0pH;3)@S9Eg`gt2X<om7C^q}pKX|*
zTy3X{nOr-xyt4=Qx1IjrzGb!_SyAv^SZcf;air&-;Ua+)5k0z=#R7@UW%)3oEjGA|
zZ#DE3px@h1k7w%|4rVIO=0Aid2A%?nBZrupg^_z5J-$$YKeDZ&q8+k7zccb<dc4D;
zz}+UYkl_eUNL3PW+reZ6UUB}=sHp~$z%Q}gZ-#ow+ffQIj|A3`B9LO*6%t@)0PV!x
ziJ=9fw_>Wo1+S(xF37LJZ~%i)kpFQ3Fw=mXfd@>%+)RpYQLnr}B~~zoof(JVm^^&f
zxKV^+3D3$A1G;qh4gPVjhrC8e(VYUHv#dy^)(RoUFM?o%W-EHxufuWf(l*@-l+7vt
z=l`qmR56K~F|v<^Pd*p~1_y^P0P^aPC##d8+HqX4IR1gu+7w#~TBFphJxF)T$2WEa
zxa?H&6=Qe7d(#tha?_1uQys2KtHQ{)Qco)qwGjrdNL7thd^G5i8Os)CHqc>iOidS}
z%nFEDdm=GXBw=yXe1W-ShHHFb?Cc70+$W~z_+}nAoHFYI1MV1wZegw*0y^tC*s%3h
zhD3tN8b=Gv&rj}!SUM6|ajSPp*58KR7MPpI{oAJCtY~JECm)*m_x>AZEu>DFgUcby
z1Qaw8lU4jZpQ_$;*7RME+gq1Ky<fW-rh4ehZ;%u960Gt5OF)<y$00S=6tVE=%Pt~(
z!&BP&2I%`@>SGG#Wql>aL~k9tLrSO()LWn*q&YxHE<sT^`N@Q|)S3y<ZACaLXO56z
zncP$~M5K!npWqz?)C50MMw=XqFtDO!3JHI*t-^8Ga&lGPHX2F0pIGdZ3w5ewE+{kf
z-&Ygi?@-h(ADD|ljIBw%VHHf1xuQ~}IeIQ5JqlA4#*Nlvd`IfDYzFa?PB=RCcFpZ4
z|HFmPZM=;^DQ_z<IPz$$+yG(H4803QQAA7vQF7;_gv|AD1bH*R-CP3f<<utDpH)Ht
zI@{uO12adp{;132YoKPx?C9{&;MtHdHb*0F0;Z~D42}#*l+WD2u?r>uzmwd1?aAtI
zBJ>P=&$=l1efe1CDU;`Fd+_;&wI07?V0aAIgc(<VS*?#8Zt!w88FJrjasA1!6>!{a
z0Jg6Y=inXc3^n!U0Atk`iCFIQooHqcWhO(qrieUOW8X(x?(RD}iYDLMjSwffH2~tB
z)oDgNBLB^AJBM1M^c5HdRx6fBfka`(LD-qrlh5jqH~);#nw|iyp)()xVYak3;Ybik
z0j`(+69aK*B>)e_p%=wu8XC&9e{AO4c~O1U`5X9}?0mrd*m$_EUek{R?DNSh(=br#
z#Q61gBzEpmy`$pA<eVn3dnmk^xq`=o2)~2c0ywsuTQsC?1WZZehsJYfK@LQ>*6!87
zSDD+=@fTY7<4A?GLqpA?Pb2z$pbCc4B4zL{BeZ?F-8`s$?>*lXXtn*NC61>|*w7J*
z$?!iB{6R-0=KFmyp1nnEmLsA-H0a6l+1uaH^g%c(p{iT&YFrbQ$&PRb8Up#X3@Zsk
zD^^&LK~111%cqlP%!_gFNa^dTYT?rhkGl}5=fL{a`UViaXWI$k-UcHJwmaH1s=S$4
z%4)PdWJX;hh5UoK?6aWoyLxX&NhNRqKam7tcOkLh{%j3K^4Mgx1@i|Pi&}<^5>hs5
zm8?uOS>%)NzT(%PjVPGa?X%`N2TQCKbeH2l;cTnHiHppPSJ<7y-yEIiC!P*ikl&!B
z%+?>VttCOQM@ShFguHVjxX^?mHX^hSaO_;pnyh^v9EumqSZTi+#f&_Vaija0Q-e*|
z7ulQj6Fs*bbmsWp{`auM04gGwsYYdNNZcg|ph0OgD>7O}Asn7^<IivRZw`Wa$`V6)
zgX@^QL9j}-Od{q5<J*k0+1U=R5+PCYj(U}4VpX+BjfI~+dttS?HJ6uZSGH#H-twTo
zaptG40+PAc$fs*zLFkOfGfc+xGs<T?rLGIA%SU7c%jh!E1SNN~*-`ccW8wo4gv2Sj
zhify^C(ygi)uGwqXDLqVbH>Z=eI>`$2*v78;sj-}oMoEj&@)9+ycEOo92xSyY344^
z11Hb8^kdOvbf^GNAK++bYioknrpdN>+u8R?JxG=!2Kd9r=YWCOJYXYuM0cOq^FhEd
zBg2puKy__7VT3-r*dG4c62Wgxi52EMCQ`bKgf*#*ou(D4-ZN$+m<X+=`m<r!lO%3T
zMp}MJd(WDoQ2&6(LClZxpv<vZPPM3Ngkye2VhB=i|B12g5ouw(%`gbWtRq8~sU|o*
z$kQ8Jb~6&{ak;r$7@?#t*q9RfAOj=^uAf1z5Y8`N%M`oM@?!~VqN{g%-u$XR1u1Im
zGE&AzFpIcER(5jtCPR%RZ)!+|*rU~jZBiOKdqYjO(%yK3Lz;{##(@QEVo>g&7$u!!
z-^<eVk1WtrWdvAzoBMHoB$s2RXJCv}%muyVFFJ``?>+Z%;-3IDwqZ|K=ah85OLwkO
zKxNBh+4QHh)u9D?MFtpbl)<T1$eOrb4-+U|WDC2BesgFRlgt`klbeQ^1S`7`r+uZ8
zH&U=geA}Si;CUcKvBA&^@<o1GQ7`{1Y(cCHZv|73JIJOvVwLOMZP%Q|)y@^j2e<+z
zWVo=#FL!4XNKS~-_1`gw*qi$0j6P7ym_LTvG>us}9+V!D%w9jfAMYEb>%$A;u)rrI
zuBudh;5PN}_6J_}l55P3l_)&RMlH{m!)ai-i$g)&*M`eN$XQMw{v^r@-125^RRCF0
z^2>|DxhQw(mtNEI2Kj(;<s2pnue6O@?^QaAp;Ze6z9nX*w}4h7342+0lU$@;Knnve
zqqY2Ci=`)@>KblC7x=JlK$@78`O~>V!`|1Lm-^JR$-5pUANAnb(5}B}JGjBsliK4&
zk6y(;$e&h)lh2)L=bvZKbvh@>vLlreBdH8No2>$#%_Wp1U0N7Ank!6$dFSi#xzh|(
zRi{U<eziQYNZ-=4ReK3@^LFvNQI~(Pdvp+X@J@g#bd~m0wFc+sW3Xf5tyA3xKp;T3
zy14<o-`F}$ET-DQ;B;yNy?d>w%-4W!{IXZ)fWx@XX6;&(m_F%c6~X8hx=BN1&q}*(
zoaNjWabE{oUPb!Bt$eyd#$5j9rItB-h*5JiNi(v^e|XKAj*8(k<5-2$&ZBR5fF|JA
z9&m4fbzNQnAU}r8ab>fFV%J0z5awe#UZ|bz?Ur)U9bCIKWEzi2%A+5CLqh?}K4JHi
z4vtM;+u<SJ)DEVF_yZnTw01M`(s#^BNx+c|MQ6ogb50Jjul0L;!#OmrYCs)iE)7(t
z?%I~O!zVNt#Bf3#O2WXsGz!B}&s@MfyDeaoqqf=GELN3g$+DA`&&GKy(`Ya~A@6vK
zn|WZ-+tB`DH^+SjI&K3KekF%-QIP%R{F)inWc~@cEO-=3Or<lm9g9}|`|ky#v{5*;
zKA5d<ecC{<o9p<U4UUK$m|+q#@(>PsVz{Lfr;78W78gC;z*yTch~4YkLr&m-7%-xc
ztw6Mh2<b07B|^BQBjvq{FXx?kyJ);`+G*=&9PMD`1uf<{+pNnnsIQx~kaB?*5<-7a
zqY)GyF_w$>d>_iO<o;tRi5=dcnU&wcur@4T5Z=-$xFUEsp-yX${|jSF|HMDPq3?MS
zw;p9zjR`yYJOfJZsK~C-S=JQ?nX{z_y@06JFIpheAo-rOG|5&Gxv)%95gpu@ESfi|
z7Auc&hjVL;&81Pc#L`^d9gJb`wEtLVH8q|h{>*$Rd8(-Cr1_V8EO1f*^@wRoSozS)
zy1UoC@pruAaC8Z_7~_w4Q6n*&B0AjOmMWa;s<dwKr_&w<X$Z*rmLmKUI3S>Iav&gu
z|J5&|{=a@vR!~k-OjKEgPFCzcJ>#A1uL&7xTDn;{X<DkOU(-L87#5hf4{m?aj!I6-
zPEt$K07IXK8mI0TYf-jhke2QjQw3v?qN5h0-#Fel0)Krq1f)#^AFsfd|K$I={`Xs9
z{JIr8M>BdeM}V=l3B8fE1--DHjSaxoSjNKEM9|U9#m2<eS=8Og#NOG$&X&%|8sOyg
zpZ6&%KPd&uh?v{hRMVvQjUL}gY3)Mk3{XQXF{><3>n{Iuo`r3UZp;>GkT2YBNAh|b
z^jTq-hJp(ebZh#Lk8hVBP%qXwv-@vbvoREX$TqRGTgEi$%_F9tZES@z8Bx}$#5eeG
zk^UsLBH{bc2VBW)*EdS({yw=?qmevwi?BL6*=12k9zM5gJv1>y#ML4!)iiPzVaH9%
zgSImetD@dam~e>{LvVh!phhzpW+iFvWpGT#CVE5TQ40n%F|p(sP5mXxna+Ev7PDwA
zamaV4m*^~*xV+&p;W749xhb_X=$|LD;FHuB&JL5?*Y2-oIT(wYY2;73<^#46S~Gx|
z^cez%V7x$81}UWqS13Gz80379Rj;6~WdiXWOSsdmzY39L;Hg3MH43o*y8ib<ko|2T
z<o~B%-$Y4Q9z_t97c`{g0veSfFt63Osbpe2Osn@<=nrAVk_JfMGt&lMGw9leshc#5
z*hkn0u>NBBH`(av4|u;YPq%{R;IuYow<+GEsf@R?=@tT@!}?#>zIIn0CoyV!hq3mw
zHj>OOjfJM3F{RG#6ujzo?y32m^tgSXf@v=J$ELdJ+=5j|=F-~hP$G&}tDZsZE?5rX
ztGj`!S>)CFmdkccxM9eGIcGnS2AfK#gXwj%esuIBNJQP1WV~b~+D7PJTmWGTSDrR`
zEAu4B8l>NPuhsk5a`rReSya2nfV<T&F{)-N{)9$`9a!^D!-03RDN<TPH!aW46TC4L
z>1EK01+G!x8aBdTs3Io$u5!6n6KX%uv@DxAp3F@{4UYg4SWJtQ-W~0MDb|j-$lwVn
znAm*Pl!?Ps&3wO=R115RWKb*JKoexo*)uhhHBncEDMSVa_PyA>k{Zm2(wMQ(5NM3#
z)jkza|GoWEQo4^s*wE(gHz?Xsg4`}HUAcs42cM1-qq_=+=!Gk^y710j=66(cSWqUe
zklbm8+zB_<cF$~mH3zum`PN7rn^cr1XvcjzxFO{ms_482AyMFYi+#o7!*vecrNhft
z48z<2q#fIw=ce!MXuptfT4+M8FP&|QfB3H@2)dceSR<*e5@hq<#7<$5tC^!RO8Zi<
zd_Wl!>syQv5A2rj!Vbw8;|$@C!vfNmNV!yJ<MblqN@23-5g1<aeoul%Um5K((_QY}
ze%_@BuNzay69}2PhmC<;m}2=FevDzrp!V!u4u|#h@B=rfKt+v!U`0k7>IWDQ>{+2x
zKjuFX`~~HKG~^6h5FntRpnnHt=D&rq0>IJ9#F0eM)Y-)GpRjiN7gkA8wvnG#K=q{q
z9dBn8_~wm4J<3J_vl|9H{7q6u2A!cW{bp#r*-f{gOV^e=8S{nc1DxMHFwuM$;aVI^
zz6A*}m8N-&x8;aunp1w7_vtB*pa+OYBw=TMc6Q<xVqo{NJ3h9-a)s5XuYMqZ=Y{7{
z$O63J`)FM-y*mko#!-UBa!3~eYtX1hjRQY2jMxAx=q5uKNm#uaKIak>K=mbA-|Cf*
zvyh8D4LRJImooUaSb7t*fVfih<97Gf@VE0|z>NcBwBQze);Rh!k3K_sfunToZY;f2
z^HmC4KjHRVg+eKYj;PRN^|E0>Gj_zagfRbrki68I^#~6-HaHg3BUW%<xsJq4AotN+
zH6twFV=)FlAbs*F6vGws^==x5Tl0AIbcP{&2yxB=)*u+bvK^L6$Vp}U2{9nj{bK~d
zee7tC)@DR<dI`D%cA(%7M9Ui3a)^iG?m=oJO0E^``<|5il2sf1fZHvy=D@e0<I)<l
zI!|d{`X3u}lz2(4Vn>+clM1<yhZZgPANro5CwhUb>xQEdPYt_g<2K+z!$>*$9nQ>;
zf9Bei{?zY^-e{q_*|W#2rJG`2fy@{%6u0i_VEWTq$*(ZN37|8lFFFt)nCG({r!q#9
z5VK_kkS<W$zJN%xs9<lngf<utn=i|I;bCdr-Lr<EzK)tkE-pYh-fc0wqKz?&U8TTN
zh_eAdl<>J3?zOH)OezMT{!YkCuSSn!<oaxO4?NS?VufjhPn>K#-Rhl$uUM(bq*jY?
zi1xbMVthJ`E>d>(f3)~fozjg^@eheMF6<)I`oeJYx4*+M&%c9VArn(OM-wp%M<-`x
z7sLP1&3^%Nld9Dhm@$3f2}87!quhI<BVn6Upp<cc;cU|)&2W%nk!Ak8tXK8aT!m*5
z^9zmeeS|PCG$hgM&Uh}0wp+#$jK3YCwOT&nx$??=a@_oQemQ~hS6nx6fB5r~bFSPp
z`alXuTYys4S5dCK)KDGR@7`I-JV^ewQ_BGM^o>@nwd@3~fZl_3LYW-B?Ia>ui`ELg
z&Qfe!7<FViITCBP{rA>m6ze=mZ<W0bN&bq-0D3>`Ia9$z|ARSw|IdMpooY4YiPN8K
z4B(ts3p%<w%rbophph+BzYj>2i(Td=<hfIaF6Ll8+9!48Ti=xpXB{FgJbk;>tgEHX
z0UQ_>URBtG+-?0E;E7Ld^dyZ;jjw0}XZ(}-QzC6+NN=40oDb2^v!L1g9xRvE#@IBR
zO!b-2N7wVfLV;mhEaXQ9XAU+>=XVA6f&T4Z-@AX!leJ8obP^P^wP0aICND?~w&N<u
ztispy>ykJ#54x3_@r7IDMdRNy4Hh;h*!u(Ol(#0bJdwEo$5437-UBjQ+j=Ic>Q2z`
zJNDf0yO6@mr6y1#n3)s(W|$iE_i8r@Gd@!DWD<Q)gT}bxTg_YpJQ5s|m8}+B)KBN6
zYnlzh>qZ7J&~gAm1#~maIGJ<sH@F<m!Fuh_fvrMbcDJNJ5~Yg;LF}NFN}&Y&LL76S
zv)~8W2?_rx`P;4LB-=JqsI{I~4U8DnSSIHWU2rHf%vWsA2-d=78An8z4q|lvgQ2iB
zhUUI!H+|C+_qp(Tjzu5usOu}cEoivZK&XA==sh0cD|Eg7eERXx?KwHI=}A9S_rx8S
zd)VLh_s!Juqi^!0xv7jH)UdSkEY~N|;QMWvs;HN`dMsdK=Dw2mtAHHcK8_+kS%a_V
zGgeQoaMM>1sls^gxL9LLG_Nh<XXk<>U!pTGty!TbhzQnu)I*S^54U6Yu%ZeCg`R>Q
zhBv$n5j<?~h)Y%y=zErI?{tl!(JWSDXxco7X8WI-6K;9Z-h&~kIv?$!6<k(g(xee?
z53>0v%O_j{QYWG!R9W?5_b&67KB$t}&e2LdMvd(PxN6Ir!H4>PNlerpBL>Zvyy!yw
z-SOo8caEpDt(}|gKPBd$qND5#a5nju^O>V&;f890?yEOfkSG^HQVmEbM3Ugzu+UtH
zC(INPDdraBN?P%kE;*Ae%Wto&sgw(crfZ#Qy(<4nk;S|hD3j{IQRI6Yq|f^basLY;
z-HB&Je%Gg}Jt@={_C{L$!RM;$$|<j7k-g{75e!h)4SlFvEZ*AkqrJI;EWu$Zx+OwM
zm{5Yk>iD6vu#3w?v?*;&()uB|I-XqEKqZPS!reW9JkLewLb!70T7n`i!gNtb1%vN-
zySZj{8-1>6E%H&=V}LM#xmt`J3XQoaD|@XygXjdZ1+P77-=;=eYpoEQ01B@L*a(uW
zrZeZz?HJsw_4g0vhUgkg@VF8<-X$B8pOqCuWAl28uB|@r`19DTUQQsb^pfqB6QtiT
z*`_UZ`fT}vtUY#%sq2{rchyfu*pCg;uec2$-$N_xgjZcoumE5vSI{+s@iLWoz^Mf;
zuI8kDP{!XY6OP~q5}%1&L}CtfH^N<3o4L@J@zg1-mt{9L`s^z$Vgb|mr{@WiwAqKg
zp#t-lhrU>F8o0s1q_9y`gQNf~Vb!F%70f}$>i7o4ho<sjDlFD=G`r<7$U?bJN+x5S
z@0&tQ=-XO1uDq(HCa$X)-l<u1!s<!W`30F78UcZaZKc8)G0af1Dsh%OOWh5)q+Q+n
zySBnE+3;9^#)U#Gq);&Cu=mtjNpsS~S0yjE@m4{Kq525G&cO_+b-_B$LeXWt_@XTq
z`)(;=^RDS@oh5dPjKyGAP?-Dbh507E5zZ=D2_C*6s^HXiA)B3f=65_M+rC&rMIUP6
zi4@u>$`uciNf=xgJ>&!gSt0g;M>*x4-`U)ysFW&Vs^Vk6m%?iuWU+o&m(2Jm26<Ea
z?or_^bK_`R)hBTfrBqA3Y^o7$K~Nzo)sh-vT%yWcc1I5wF1nkvk%!X_Vl_MK1IHC=
zt}Dt+sOmg0sH-?}kqNB|M_}ZXui7H;?;?xCCSIPSHh8@h^K8WU5X(!3W|>Y(3%TL;
zA7T)BP{WS!&xmxNw%J=$MPfn(9*^*TV;$JwRy8Zl*yUZi8jWYF>==j~&S|Xinsb%c
z2?B+kpet*muEW7@AzjBA^wAJBY8i|#C{WtO_or&Nj2{=6JTTX05}|H>N2B|Wf!*3_
z7hW*j6p3TvpghEc6-wufFiY!%-GvOx*bZrhZu+7?iSrZL5q9}igiF^*R3%DE4aCHZ
zqu>xS8LkW+Auv%z-<1Xs92u23R$nk@Pk}MU5!gT|c7vGlEA%G^2th&Q*zfg%-D^=f
z&J_}jskj|Q;73NP4<UD^T*M!yxMr=U!@&!rJfydk7CE7PGb<{)^=nM9Le#FQ=GkV~
z)_A$YPAn35??iNa@`g-wBX><4k*Y%pXPU2Thoqr+5uH1yEYM|VtBPW6lXaetokD0u
z9qVek6Q&wk)tFbQ8(^HGf3Wp16gKmr>G;#G(HRBx?F`9AIRboK+;OfHaLJ(P>IP0w
zyTbTkx_THEOs%Q&aPrxbZrJlio+hCC_HK<4%f3ZoSAyG7Dn`=X=&h@m*|UYO-4Hq0
z-Bq&+Ie!S##4A6OGoC~>ZW`Y5J)*ouaFl_e9GA*VSL!O_@xGiBw!AF}1{tB)z(w%c
zS1Hmrb9OC8>0a_$BzeiN?rkPLc9%&;1CZW*4}CDDNr2gcl_3z+WC15&H1Zc2{o~i)
z)LLW=WQ{?ricmC`G1GfJ0Yp4Dy~Ba;j6ZV4r{8xRs`13{dD!xXmr^Aga|C=iSmor%
z8hi|pTXH)5Yf&v~exp3o+sY4B^^b*eYkkCYl*T{*=-0HniSA_1F53eCb{x~1k3*`W
zr~};p1A`k{1DV9=UPnLDgz{aJH=-LQo<5%+Em!DNN252xwIf*wF_zS^!(XSm(9eoj
z=*dXG&n0>)_)N5<wxn0{TP0tnD=JAzVUcIUoR85Xt>oc6v!>-bd(2ragD8O=M|wGW
z!xJQS<)u70m&6OmrF0WSsr@I%T*c#Qo#Ha4d3COcX+9}hM5!7JIGF>7<~C(Ear^Sn
zm^ZFkV6~Ula6+8S?oOROOA6$C&q&dp`>oR-2Ym3(HT@O7Sd5c~+kjrmM)YmgPH*tL
zX+znN>`tv;5eOfX?h{AuX^LK~V#gPCu=)Tigtq9&?7Xh$qN|%A$?V*v=&-2F$zTUv
z`C#WyIrChS5|Kgm_GeudCFf;)!WH7FI60j^0o#65o6`w*S7R@)88n$1nrgU(oU0M9
zx+EuMkC>(4j1;m6N<sS-ys^qbJhGY7%0ZoC7dK=j7bGdau`J`{>oGqEkpJYJ?vc|B
zOlwT3<tNmX!mXZdsEW2s2`|?DC8;N?2tT*Lfq)F*|4vf>t&UgL!pX_P*6g36`ZXQ;
z9~Cv}ANFnJGp(;ZhS(@FT;3e)0)Kp;h^x;$*xZn*k0U6-&Fw<BqOnDKEdld8!Qk{Z
zjI1+R_ciEqL3CLOv$+J~YVpzIy`S&V{koIi$Lj}ZFEMN=!rL1?_EjSryIV+OBiiJ-
zIqT$oSMA>I=uOGaODdrsp-!K$Ac32^c{+FhI-HkYd5v=`PGsg%6I`4d9Jy)uW0y%)
zm&j^9WBAp*P8#kGJUhB!L?a%h$hJgQrx!6KCB_TRo%9{t0J7KW8!o1B!NC)VGLM5!
zpZy5Jc{`r{1e(jd%jsG7k%I+m#C<kI0i<ajCqQC!(pKlSsMl7M2N^mP%W`BGKb?hm
zBK`pddcg5+WhE#$46+K<Z!1CW-hZdo7hAw13ZUVqwW*}&ujL=eh{m~phuOy=JiBMN
z7FaCUn6boJ!M=6PtLN6%cveGkd12|1B{)kEYGTx#IiMN&re0`}NP-_{E-#FxOo3*P
zkAXSt{et292KfgGN`AR|C`p{MRpxF-I?+`ZY1Vsv>GS*BPA65ZVW~fLYw0dA-H_}O
zrkGFL&P1PG9p2(%Qi<evvBkNEkQkM%A>EWm6x;U-U&I#;Em$nx-_I^wtgw3xUPVVu
zqSuKnx&dIT-XT+T10p;yjo1Y)z(x1fb8Dzfn8e&#9yu?e%!_ptzGB|8GrCfu%p?(_
zQccdaaVK$5bz;*rnyK{_SQYM>;aES6Qs^lj9lEs6_J+%nIiuQC*fN;z8md>r_~Mfl
zU%p5Dt_YT>gQqfr@`cR!$NWr~+`CZb%dn;WtzrAOI>P_JtsB76<bUr7Lsb65vEd}g
z5JhMCmn#UeH#6Cew?bxogM)$x5ed{E)%2nWY5rb@Clvh$(JzQ#!CsQ(2I4QnhDDJ^
zYL%2bf8?`y)Ro=x{(dw<4^)(H^z7~3nfYFh-r7yBBb=l3V8dE-Dr&a%qs<OYcajo2
z(4Nw|k5_OQ@6zHmcIK%waj!yoZT(S1YlEFN?8-_lp9nf>PYe*<%H(y>qx-`Kq!X_;
z<{RpAqYhE=L1r*M<cT6p|4(5fVa-WIh|@AphR|cJ1`?N>)gNF3B8r(<%8mo*SR2hu
zccLRZwGARt)H<F*kMvg%oJV~29ud_q>lo1euqTyM>^!HK*!Q2P;4UYry<i)yWXzKa
zM^_qppY~vnIrhL_!;Z9msXMZTTwR{e`yH5t=HdD1Pni7?LqOpLoX}u5n5RfkGBvQ1
z@cdMeR4T6rp^S~>sje@;(<|$&%vQekbn|0Ruu_Io(w4#%p6ld2Yp7tlA`Y$cciThP
zKzNGIMPXX%&Ud0uQh!uQZz|FB`4KGD?3!ND?wQt6!n*f4EmCoJUh&b?;B{|lxs#F-
z31~HQ`SF4x$&v00@(P+j1pAaj5!s`)b2RDBp*PB=2IB>oBF!*6vwr7Dp%zpAx*dPr
zb@Zjq^XjN?O4QcZ*O+8>)|HlrR>oD*?WQl5ri3R#2?*W6iJ>>kH%KnnME&TT<gNU{
zn$Veg044#l=Z-&wsmEZhnw7IwT7Cd}hiZ%ke)-GzAR-Dt6)8Cb6>@Z<Y-SEE^OC5H
z=$M0HjdWR5p?n;s9OTXrEa1eGt}G;Eu)ifSop!$z#6V<>zrHS$Q%LC?n|e>V+D+8D
zYc4)QddFz7I8#}y#Wj6>4P%34dZH<AWj}HgE@5&D9Ra@o(Km_Gm}5Zb61p%9mDz1%
zya$Vd!_U~pDN*Y5%lo}-K~}4&F)rTjJ7uGyV@~kB-XNrIGRiB=UrNxJtX;JHb(EyQ
z{!R%v{vC7m|L3bx6lCRb7!mP~Is!r!q&OXpE5nKnH3@l({o}PrL`o>~OUDb?uP%-E
zwjXM(?Sg~1!|wI(RVu<h{6ESg9k500(D<HXwz52OGq(JEKS2CJR}8N&E-#%vhhaRN
zL#Q6%yUcel+!a#~g&e7w4$3s62d$Dv;SxCxhT}>xbu)-rH+O=igSho_pDCw(c6b=P
zKk4ATlB?bj9+HHlh<_!&z0rx13K3ZrAR8W)!@Y}o`?a*JJsD+twZIv`W)@Y?Amu_u
zz``@-e2X}27$i(2=9rvIu5uTUOVhzwu%mNazS|lZb&PT;XE2|B&W1>=B58#*!~D&)
zfVmJGg8UdP*fx(>Cj^?yS^zH#o-$Q-*$SnK(ZVFkw+er=>N^7!)FtP3y~Xxnu^nzY
zikgB>Nj0%;WOltWIob|}%lo?_C7<``a5hEkx&1ku$|)i>Rh6@3h*`slY=9U}(Ql_<
zaNG*J8vb&@zpdhAvv`?{=zDedJ23TD&Zg__snRAH4eh~^oawdYi6A3w8<<tS1{)`*
zH!u#2_lf&B)x2)tE$?4|aMAYUFZ{|Se7->Ozh@Kw)<E~4fKYaJ{OS+>#bdktM^GVb
zrG08?0bG?|NG+w^&JvD*7LAbjED{_Zkc`3H!My>0u5Q}m!+6VokMLXxl`Mkd=g&Xx
z-a>m*#G3SLlhbKB!)tnzfWOBV;u;ftU}S!NdD5+YtOjLg?X}dl>7m^gOpihrf1;PY
zvll&>dIuUGs{Q<Ww4SS<E23Sm*si$^C!!snD|AFym<+q$`*o0wokE?J{^g?f3>nd-
zwIR3oIrct8Va^Tm0t#(bJD7c$Z7DO9*7NnRZorrSm`b`cxz>OI<bVZt$VQ!oMxCu0
zbb7D5OIXV5Ynn@Y6)HLT=1`a=nh7{ee{vr<=$>C;jSE3DO8`hX955ui`s%||YQtt2
z5DNA&pG-V+4oI2s*x^>-$6J?p=I>C|9wZF8z;VjR??Icg?1w2v5Me+FgAeGGa8(3S
z4vg*$>zC-WIVZtJ7}o9{D-7d>zCe|z#<9>CFve-OPAYsneTb^JH!Enaza#j}^mXy1
z+ULn^10<XTm*l1Jg2Z;UvGEN!6Wq%I@OP4p{k`RNRKlKFWPt_of11^Gr%_Mg*mVP3
zm?)&3I719~aYcs)TY&q^$zmQ=xoC++VJH@~YG6>+rWLF6j2>Ya@@Kq?26>AqK{A_|
zQKb*~F1>sE*=d?A?W7N2j?L09_7n+H<SF8|SM#pTc9|9|rf1w*m4Y0Vdj643qA#D|
z!hJzb_-}IrrhkWr{zk_YC%(c-)UJl6Ma!mcbvj&~#yN-UhH?ZQ3TPq4hTVQ$(?eJ6
zNfJ_K+VJDBXN=l!7{2}lq?-$`fq|e&PEONfZDU<_SM+s2_3$vT_yqV<R&KG=K{zS}
zKQF$?mYsg%vV|E_E=a*SL!`7*AeN6GMVDXC59yPgi$F2!7&8e}EyHVLwCm{i%<pN!
zdc`SbZK}JQj7?6K&|261iHrsnVjdhxu_l_NKs&yy#;#^%8?Jlg`wcTlNZ3urUtEYd
zsFE!K0}Eg39)z+J6mLW)#Kn<ok4*6AAE=n*vh*;TpgGnnM|npykFpO|a0`4#SjP^b
z2<JG#Qk^#3FeFS`0eooK9|wEmCcvRKI*~6mamFTd^UW9Eg4!J4N9qz*C$3a#F;Sad
zi#o9LaqNG5TsiT<`SDtY^`)zkYx$(C5;&K9#(Zj}HolT_st~#C`VS8q%#q1)HN+hT
zz9IjVUdZNIp@;b88oR`~DvQL_zmsBy>Gi{VY;MoTGr_)G9)ot$p!-UY5zZ2Xtbm=t
z@dpPSGw<TLTZo~Zyx(+AKWvR~{L4S^5I;5+QT9bcQ-4cC{QnLfRBf&Pov~kv@`W6V
zA|h{EGx|7msvR1t`a-jF$JZ>gH=QtIcEulQNI>S-#ifbnO5EWkI;$A|pxJd885oM+
zGZ0_0gDvG8q2xebj+fbCHYfAXuZStH2j~|d^sBAzo46(K8n59+T6rzBwK)^rfPT+B
zyIFw)9YC-V^rhtK`!3jrhmW-sTmM+tPH+;nwjL#-SjQPUZ53L@A>y*rt(#M(qsiB2
zx6B)dI}6Wlsw%bJ8h|(lhkJVogQZA&n<jl%@&gd%^X|lsDQwDHEiKLCz}r`kC^h0t
z(!vYS%C)Ku?w$ti5R##9jSkNC#5)Juc{8XfEhczdGQy8yNrZL6+d0~%V=N|iF{V)E
zLT(gH!$j8Mf(1>{?Vgs6gNSXzuZpEyu*xySy8ro07QZ7Vk1!3tJphN_5V7qOiyK8p
z#@jcDD8nmtYi1^l8ml;AF<#IPK?!pqf9D4moYk>d99Im}Jtwj6c#+A;f)CQ*f-hZ<
z=p_T86jog%!p)D&5g9taSwYi&e<jP@@Q_fbXtVO&n9{e#)jg+D#~q=hoZ<9PIa)>P
z#JuEK%+NULWus;0w32-SYFku#i}d~+{Pkho&^{;RxzP&0!RCm3-9K6`>KZpnzS6?L
z^H^V*s!8<>x8bomvD%rh>Zp3>Db%kyin;qtl+jAv8Oo~1g~mqGAC&Qi_wy|xEt2iz
zWAJEfTV%cl2Cs<1L&DLRVVH05EDq`pH7Oh7sR<WSzBWU(MxAIA&4v~INVdLKA><BK
zwCgTxJU0mM{;1UV<^ZRk0SQNNN(;SRZsH7^EDWVUu%^mFfvW{m5jOQuQWSy`f586I
zTj}Z4e5WsvkNmBd`TJdfe=^>`NNkL%wi}8n>IXcO40hp+J+sC!W?!krJf!GJNE8uj
zg-y~Ns-<~D?yqbzVRB}G>0A^f0!^N7l=$m0OdZuqA<e9rzV|ixGyk9uS=Vov2_ECA
z^Sd0M$B)O&tv@%@UmTb%ngcl58ED9TyFp$y4JjFU+g+9EWUl?am<e#4uCGy9Tmt)z
z2Y|kWUahugFHsF<J6o!<?X(Ncsy&Wg9<QLPD}g-`PWGHWDY5P6;<Y+5J1vz2Z|PSy
zBN?Q^NkxnWq>OQq<EC8_d&#T2smn`YINd-HF@)Op)pBRHnx+Q|Hsv_BpWAPsT1>Lc
zX?AEGr1Ht+inZ-Qiwnl@Z0qukd__a!C*CKuGdy5#nD7VUBM^6OCpxCa2A(X;e0&V4
zM&WR8+wErQ7UIc6LY~Q9x%Sn*Tn>>P`^t&idaOEnOd(Ufw#>NoR^1QdhJ8s`h^|R_
zXX`c5*O~Xdvh%q;7L!_!ohf$NfEBmCde|#uVZvEo>OfEq%+Ns7&_f$OR9xsihRpBb
z+cjk8LyDm@U{YN>+r46?nn{7Gh(;WhFw6GAxtcKD+YWV?uge>;+q#Xx4!GpRkVZYu
zzsF}1)7$?%s9g9CH=Zs+B%M_)+~*j3L0&Q9u7!|+T`^O{xE6qvAP?XWv9_MrZKdo&
z%IyU)$Q95AB4!#hT!_dA>4e@zjOBD*Y=XjtMm)V|+IXzjuM;(l+8aA5#Kaz_$rR6!
zj>#&^DidYD$nUY(D$mH`9eb|dtV0b{S>H6FBfq>t5`;OxA4Nn{J(+XihF(stSch<f
zIn>e7$es&~N$epi&PDM_N`As;*9D^L==2Q7Z2zD+CiU(|+-kL*VG+&9!Yb3LgPy?A
zm<g7T4Wx!m(zMlVE_2jX$1$$5DcfL6>7Z&^qRG_JIxK7-FBzZI3Q<;{`DIxtc48k>
zc|0dmX;Z=W$+)qE)~`yn6MdoJ4co;%!`ddy+FV538Y)j(vg}5*k(WK)KWZ3WaOG!8
z!syGn=s{H$odtpqFrT#JGM*utN7B((abXnpDM6w56nhw}OY}0TiTG1#f*VFZr+^-g
zbP10`$LPq_;PvrA1XXlyx2uM^mrjTzX}w{yuLo-cOClE8MMk47T25G8M!9Z5ypOSV
zAJUBGEg5L2fY)ZGJb^E34R2z<C?_X1)4xsl9%Z|w&L9k!F(V>J?}Vf>{~gB!8=5Z)
z9y$>5c)=;o0HeHHSuE4U)#vG&KF|I%-cF6f$~pdYJWk_dD}iOA>iA$O$+4%@>JU08
zS`ep)$XLPJ+n0_i@PkF#ri6T8?ZeAot$6JIYHm&P6EB=BiaNY|aA$W0I+nz*zkz_z
zkEru!tj!QUffq%)8y0y`T&`fuus-1p>=^hnBiBqD^hXrPs`PY9tU3m0np~rISY09>
z`P3s=-kt_cYcxWd{de@}TwSqg<T-v~${38)1dqT{JCO5}Gk$$yZP*X!5)RaGFqqkZ
zeHhqUgXb37$91~LS-3Zi29CKKki0sBTh7unqEK$%FG?oo$Sp>*xVhp;E9zCsnXo6z
z?f&Sv^U7n4`xr=mXle94HzOdN!2kB~4=%)u&N!+2;z6UYKUDqi-s6AZ!haB;@&B`?
z_TRX0%@suz^TRdCb?!vNJYPY8L_}&07uySH9%W^Tc&1pia6y1q#?*Drf}GjGbPjBS
zbOPcUY#*$3sL2x4v_i*Y=N7E<UbOmi3K%)5<dOJui+{^+b*shA_w8&X4_Icv*!}kT
zW@BG{C%f{(K^kE?tjU`Led*kAj6wB_3f*UyIEV0T9TyMo4`NS;oA7Ec+71eFa;K|G
zCyaKKi1bvX9fTLQ+uAgF*@ZR8fB%|JlT8A-jK$7FMyxW>$mR}J%|GUI(>WEr+28+V
z%v5{#e!UF*6~G&%;l*q*$V?&r$Pp^sE^i-0$+RH3ERUUdQ0>rAq2(2QAbG}$y{de(
z>{qD~GGuO<V3ijl7+~xmS#nUvH{qF0*%7G(r|}BSXsu}HwrFbXWzcYJouIY*34axA
z(n@XsPrv%6;|GSbkH9Og>k559Y@%$?N^1ApVL_a704>8OD%8Y%8B;FCt%AoPu8*D1
zLB5X>b}Syz81pn;xnB}%0FnwazlWfUV<Vu@5P52pgIa+J{M)H4nAC<>)Z-~rZg6~b
z6!9J$EcE&sEbzcy?CI~=boWA&eeIa%z(7SE^qgVLz??1Vbc1*aRvc%Mri)AJaAG!p
z$X!_9Ds;Zz)f+;%s&d<S0a>RcJt2==P{^j3bf0M=nJd&xwUGlUFn?H=2W(*2I2Gdu
zv!gYCwM10aeus)`RIZSrCK=&oKaO_Ry~D1B5!y0R=%!i2*KfXGYX&gNv_u+n9wiR5
z*e$Zjju&ODRW3phN925%S(jL+bCHv6rZtc?!*`1<n2%>TyYXT6%Ju=|X;6D@lq$8T
zW{Y|e39ioPez(pBH%k)HzFITXHvnD6hw^lIoUMA;qAJ^CU?top1fo@s7xT13Fvn1H
z6JWa-6+FJF#x>~+A;D~;VDs2<i>6>^oH0EI`IYT2iagy23?nyJ==i{g4%HrAf1-*v
zK1)~@&(KkwR7TL}L(A@C_S0G;-GMDy=MJn2$FP5s<%wC)4jC5PXoxrQBFZ_k0P<n-
z??iM<JF!BTjD>{{s@<jPT1+pTPdk3<izB+}jAtjokIz)aPR$L&4%}45Et}?jz0w{(
zC4G}+Nu0D*w=ay`v91hMo+V&V8q(a!`~K-2<yR0H)sK+mcY?TAaSS8F<Q+!pSc;`*
z*c@5)+ZpT%-!K3O=Z0(hI8LH7KqK>sz+gX`-!=T8rcB(=7vW}^K6oLWMmp(rwDh}b
zwaGGd>yEy6fHv%jM$yJXo5oMAQ>c9j`**}F?MCry;T@47@r?&sKHgVe$MCqk#Z_3S
z1GZI~nOEN*P~+UaFGnj{{Jo@16`(qVNtbU>O0Hf57-P>x8Jikp=`s8xWs^dAJ9lCQ
z)GFm+=OV%AMVqVATtN@|vp61VVAHRn87}%PC^RAzJ%JngmZTasWBAWsoAqBU+8L8u
z4A&Pe?fmTm0?mK-BL9t+{y7o(7jm+RpOhL9Kn<D3v{}Wpv2i&ghEZe;t&DmOA_QYc
zM+NIUU}=*bkxOJsLKV3e^oGG8rufTpa8R~7Iki1y+fC(UT;;{l19@qfxO@0^!xMA?
z#|<YBZ6;vAb>Y#E&qu^}B6=K_dB}*VlSEiC9fn)+V=J;OnN)Ta5v66ic1rG+dGAJ1
z1%Zb_+!$=tQ~lxQrzv3x#CPb?CekEkA}0MYSgx$Jdd}q8+R=ma$|&1a#)TQ=l$1tQ
z=tL9&_^vJ)Pk}EDO-va`UCT1m#Uty1{v^A3P~83_#v^ozH}6*9mIjIr;t3Uv%@VeW
zGL6(CwCUp)Jq%G0bIG%?{_*Y#5IHf*5M@wPo6A{$Um++Co$wLC=J1aoG93&T7Ho}P
z=mGEPP7Gb<mBTnJH7dKM2CB)0*o-AW2E4i5R+rHU%4A2BTVwOqj4zmJqsb|5^*{DT
zv^HFARK6@^_1|vU{>voG!uD$k(H3A$Z))+i{Hy?QHdk>3xSBXR0j!11O^mEe9RH<y
zF3MI;^J1vHI9U>mw!pvzv?Ua~2_l2Yh~_!s1qS`|0~0)<BWX>YsbHSz8!mG)WiJE|
z2<APmuYD%tKwB@0u<C~CKyaC}XX{?mylzkDSuLMkAoj?zp*zFF7q515SrGD~s}ATn
z`Ded41yk>f($6TQtt6L_f~ApQYQKSb=`053LgrQq7G@98#igV>y#i==-nEjQ!XNu9
z<h*hnP2Pol+z>~;mE+gtj4IDDNQJ~JVk5Ux6&LCSFL!y=>79kE9=V}J7tD==Ga+IW
zX)r7>VZ9dY=V&}DR))xUoV!u(Z|%3ciQi_2jl}3=$Agc<a_3#EUXJj<z2jVv6VHGT
zV^v1FiRwA!kPmt}m$qdr&9#-6{QeZqtM3|tRl$sws3Gy`no`Kj@X-)O(^sv>(`RPb
z8kEBpvY>1FGQ9W$n>Cq=DIpski};nE)`p3IUw1Oz0|wxll^)4dq3;CCY@RyJgFgc#
zKouFh!`?Xuo{IMz^xi-h=StCis_M7y<P{h0$_I#EukRYag9%BMRXh|%Xl7C<>q$u)
z?XHvw*HP0VgR+KR6wI)jEMX|ssqYvSf*_3W8zVTQzD?3>H!#>InzpSO)@SC8q*ii-
z%%h}_#0{4JG;Jm`4zg};BPTGkYamx$Xo#O~lBirRY)q=5M45n{GCfV<Kqrcu9<z@R
zSE>7h9qwyu1NxOMoP4)jjZMxmT|IQQh0U7C$EbnMN<3)Kk?fFHYq$d|ICu>KbY_hO
zTZM+uKHe(cIZfEqyzyYSUBZa8;Fcut-GN!HSA9ius`lt<SmSV9vasBl&hE7ciOunD
z?%e1Hl-5B3e+<+8CD{j5U*D3h89nV<zn^0g+t=uRKgZiGu)3h;vu#^y`HqWe_=jGm
zW2p}*n<!QH%pQ2EV`&z|LD#BOpj0QS9R5#$q}3&-+@GL4F^wO-bcSo|J^I_{LATPF
z2$`fUCOO=XxYVD!<7Yz4te$d-_>NebF46ZX_BbZNU}}ZOm{M2&nAN<H$fJIKS=j8q
zwXlN!l^_4>L9@0qvih15(|`S~z}m&h!u4x~(%MAO$jHRWNfuxWF#B)E&g3ghSQ9|>
z(MFaLQj)NE0lowyjvg8z0#m6FIuKE9lDO~Glg}nSb7`~^&#(Lw{}GVOS>U)m8bF}x
zVjbXljBm<v)#bs=9p`s>34Cs-yM6TVusr+3kYFjr28STT3g056y3cH5Tmge~ASxBj
z%|yb>$eF;WgrcOZf569sDZOVwoo%8>XO>XQOX1OyN9I-SQgrm;U;+#3OI(zrWyow3
zk==|{<m8xZ#>lt2xrQ%FIXOTejR>;wv(Pb8u8}BUpx?yd(Abh<shPyABw|Ens8m6@
zIg($GO4)<g4x5icbki?U&2%56@tYd`zRs}Nk6R~4!AjVAihB3r8oDhQ8f)v^r}|(y
z4B&Q<ARRqYXKQGAeJa_KHe`)04jUO~B=%q#SUlU@pU?apz0v{Al@s`Cvzo)u;2>6?
zsoO3VYWkeLnF43&@*#MQ9-i-d0t*xN-UEyNKeyNMHw|A(k(_6QKO=nKMCxD(W(Yop
zsRQ)QeL4X3Lxp^L%wzi2-WVSsf61dqliPUM7srDB?Wm6Lzn0&{*}|IsKQW;02(Y&|
zaTKv|`U(pSzuvR6Rduu$wzK_W-Y-7>7s?G$)U}&uK;<>vU}^^ns@Z!p+9?St1s)dG
zK%y6xkPyyS1$~&6v{kl?Md6gwM|>mt6Upm>oa8RLD^8T{0?HC!Z>;(Bob7el(DV6x
zi`I)$&E&ngwFS@bi4^xFLAn`=fzTC;aimE^!cMI2n@Vo%Ae-ne`RF((&5y6xsjjAZ
zVguVoQ?Z9uk$2ON;ersE%PU*xGO@T*;j1BO5#TuZKEf(mB7|g7pcEA=nYJ{s3vlbg
zd4-DUlD{*6o%Gc^N!Nptgay>j6E5;3psI+C3Q!1ZIbeCubW%w4pq9)MSDyB{HLm|k
zxv-{$$A*pS@csolri$Ge<4VZ}e~78JOL-EVyrbxKra^d{?|NnPp86!q>t<&IP07?Z
z^>~IK^k#OEKgRH+LjllZXk7iA>2cfH6+(e&9ku5poo~6y{GC5>(bRK7hwjiurqAiZ
zg*DmtgY}v83IjE&AbiWgMyFbaRUPZ{lYiz$U^&Zt2YjG<%m((&_JUbZcfJ22(>bi5
z!J?<7AySj0JZ&<-qXX;mcV!f~>G=sB0KnjWca4}vrtunD^1TrpfeS^4dvFr!65knK
zZh`d;*VOkPs4*-9kL>$GP0`<?hW@{z#_gXtp%=2VbN+$~z+M($Vf(dl@)t-*82<$(
zHi{FrD1wO9L~*Rc0{A2WU%f?ar(T9V1JpQ?M0Q|&{UES|#Z~k2-mj@z)8Rw^(XeYc
zomT(B0EF!##4dQq_*NN<%Bo5)&+gCXSGZo`b>(M!j~B;#x?Ba<KDM~HJ!|Zzy=p2e
z8;av`GLw{_*RgO(W|UK-<iDeT!t_x1c=M3%wGk|fDk<e0lLe8-5ga6apKYJD`*a3G
zBl?Ps)hDb7X`7bW5S=IHr0Mm?fr|$zCf+gmZUrit$5n+)JZG>~&s6CopvO86oM?-?
zOw#dIRc;6A<R&%m3DDJhF+|tb*0Yw8mV{a-bf^E~gh66MdsMHkog<r9`fVIVE+h@O
zi)iM`rmA-Fs^c=>6T?B`Qp%^<<Dyu<%Kg0H=lq;E!p&UHzSpD1)q%^v)Y8yQkp>U5
z19x(ywSH$_N+Io!6;e?`tWaM$`=D<O;$E>b!gzx|lQ${DG!zb1Zl&|{kX0y6xvO1o
z220r<-oaS^^R2pEyY;=Qllqpmue|5yI~D|iI!IGt@iod{Opz@*ml^w2bNs)p`M(Io
z|E;;m*Xpjd9l)4G#KaWfV(t8YUn@A;nK^#xgv=LtnArX|vWQVuw3}B${h+frU2>9^
z!l6)!Uo4`5k`<<;E(ido7M6lKTgWezNLq>U*=uz<KVOwgK<qq^3FEy1LAV}ep3|Zt
z>&s=cc$1%>VrAeOoUtA|T6gO4>UNqsdK=NF*8|~*sl&wI=x9-EGiq*aqV!(VVXA57
zw9*o6Ir8Lj1npUXvlevtn(_+^X5rzdR>#(}4YcB9O50q97%rW2me5_L=%ffYPUSRc
z!vv?Kv>dH994Qi>U(a<0KF6NH5b16enCp+mw^Hb3Xs1^tThFpz!3QuN#}KBbww`(h
z7GO)1olDqy6?T$()R7y%NYx*B0k_2IBiZ14&8|JPFxeMF{vSTxF-Vi3+ZOI=Thq2}
zyQgjYY1_7^ZQHh{?P))4+qUiQJLi1&{yE>h?~jU%tjdV0h|FENbM3X(KnJdPKc?~k
zh=^Ixv*+smUll!DTWH!jrV*wSh*(mx0o6}1@JExzF(#9FXgmTXVoU+>kDe68N)dkQ
zH#_98Zv$}lQwjKL@yBd;U(UD0UCl322=pav<=6g>03{O_3oKTq;9bLFX1ia*lw;#K
zOiYDcBJf)82->83N_Y(J7Kr_3lE)hAu;)Q(nUVydv+l+nQ$?|%MWTy`t>{hav<vVD
zHx;qQ>FSQloHwiIkGK9YZ79^9?AZo0ZyQlVR#}lF%dn5n%xYksXf8gnBm=wO7g_^!
zauQ-bH1Dc@3ItZ-9D_*pH}p!IG7j8A_o<ZOCWxl^<k=*NA9oUpW$0D`yCb}VfC~vb
z4IkfiRDM@RHlIGG_SRrrd~6$XYP~2Y^<fekveOOZRCv69S{4_se`>94#~>$LR|TFq
zZ-b00*nuw|-5C2lJDCw&8p5N~Z1J&TrcyErds&!l3$eSz%`(*izc;-?HAFD9AHb-|
z>)id`QCrzRws^9(#&=pIx9OEf2rmlob8sK&xPCWS+nD~qzU|qG6KwA{zbikcfQrdH
z<yJStD<g^`?^d44p$8FFXwD2dL810^xg@~^x$C_H#3NSLs8fBVu~K)3BMKCOp^;|&
zKPz+s!|fXFr%*`Dg*#A{!QB-jnah3y4$Pe0L2%RM)706&eqyFTNAO2gMd<bcjBp>+
zQg>O<`K4L8rN7`GJB0*3<3`z({lWe#K!4AZLsI{%z#ja^OpfjU{!{)x0ZH~RB0W5X
zTwN^w=|nA!4PEU2=LR05x~}|B&ZP?#pNgDMwD*ajI6oJqv!L81gu=KpqH22avXf0w
zX3HjbCI!n9>l046)5rr5&v5ja!xkKK42zmqHzPx$9Nn_MZk`gLeSLgC=LFf;H1O#B
zn=8|^1iRrujHfbgA+8i<9jaXc;CQBAmQvMGQPhFec2H1knCK2x!T`e6soyrqCamX%
zTQ4dX_E*8so)E*TB$*io{$c6X)~{aWfaqdTh=xEeGvOAN9H&-t5tEE-qso<+C!2>+
zskX51H-H}#X{A75wqFe-J{?o8Bx|>fTBtl&tc<VVc3-U5wTq>bdR|<Uon(X?ZiT<<
zWC=zLEjacGDZ|?>132Ztqu5X0i-pisB-z8n71%q%>EF}yy5?z=Ve`}hVh{Drv1YWL
zW=%ug_&chF11gDv3D6B)Tz5g<uwqk#dj|RK7gNl@*lm*xHRBk*7MnT4(@7VIDfO0u
zB?1X+)GR^0j1A{Q#WUmQX%LN=W?aGzO$5=2@yxjXBzxbGO*{DYkV!aJ!$~-FNzvt;
z?r)HU;0!4T-%vWzAiHJ?*-ivIq!#dErMvhpJJ^QyZ5n0qmMn+}I>54H0mDHNj<FD1
z&CIP+ZDDy<;b2`JW=0_p9c4p<zwE30JFgdhO2HQiMRBb%Y9ZJ>uKZ+)CKFk4Z|$RD
zfRuKLW`1B>B?*RUfVd0+u8h3r-{@fZ{k)c!93t1b0+Q9vOaRnEn1*IL>5Z4E4dZ!7
ztp4GP-^1d>8~LMeb}bW!(aAnB1tM_*la=Xx)q(I0Y@__Zd$!KYb8T2VBRw%e$iSdZ
zkwdMwd}eV9q*;YvrBFTv1>1+}{H!JK2M*C|TNe$ZSA>UHKk);wz$(F$rXVc|sI^lD
zV^?_J!3cLM;GJuBMbftbaRUs$;F}HDEDtIeHQ)^EJJ1F9FKJTGH<(Jj`phE6OuvE)
zqK^K`;3S{Y#1M@8yRQwH`?kHMq4tHX#rJ>5lY3DM#o@or4&^_xtBC(|JpGTfrbGkA
z2Tu+AyT^pHannww!4^!$5?@5v`LYy~T`qs7SYt$JgrY(w%C+IWA;ZkwEF)u5sDvOK
zGk;G>Mh&elvXDcV69J_h02l&O;!{$({fng9Rlc3ID#tmB^FIG^w{HLUpF+iB`|<Dd
z$~}?*yaE3d3m&(}pR(IuL%&h+j{wz$6(l^GO8O{^N!08Gnw7N>NnX)EH+Nua)3Y(c
z&{(nX_ht=QbJ%DzAya}!&uNu!4V0xI)QE$SY__m)SAKcN0P(&JcoK*Lxr@P<Bj^D-
zi(H(l^zsWRcIm}YCou&G1we!7IMt1dAI3MKk4-3tybIvwniaUWp=||&s9lB&iptb>
zY&P=}&B3*UWNlc|&$Oh{BEqwK2+N2U$4WB7Fd|aIal`FGANUa9E-O)!gV`((ZGCc$
zBJA|FFrl<?%m-}hcKbonJcfriSKJrE#oY4SQUGFcnL~;J2>g~9OBp#f7aHodCe{6=
zay$6vN~zj1ddMZ9gQ4p32(7wD?(dE>KA2;SOzXRmPBiBc6g`eOsy+pVcHu=;Yd8@{
zSGgXf@%sKKQz~;!J;|2fC@emm#^_rnO0e<D`xKOl)v&1gxhN0@LroTIseY?HHF`U$
zRCxyayrK2fk|YppMxAKP{J=gze_dhnAkmEFp<%l9vvc1zcx#Lz*hP4TNeag4(W!Be
zM4c#}`np`hRl02rJ50(%WD@_u_Qk1TUrpL44g>sEn^QxXgJYd`#FPWOUU5b;9eMAF
zZhfiZb|gk8aJIw*YLp4!*(=3l8Cp{(%p?ho22*vN9+5NLV0TTazNY$B5L6UKUrd$n
zjbX%#m7&F#U?QNOBXkiiWB*_tk+H?N3`vg;1F-I+83{M2!8<^nydGr5XX}tC!10&e
z7D36bLaB56WrjL&HiiMVtpff|K%|*{t*ltt^5ood{FOG0<>k&1h95qPio)<rMG98B
zE?gDMmn^Zo(`Ek7uvNsnUgUfUfwFF7?z~>2`eL${YAGIx(b4VN*~nKn6E~SIQUuRH
zQ+5zP6jfnP$S0iJ<xI2U>@~t!Ai3o`X7biohl<ds?PbGDArmkAV12ldkGzY{P*80E
zF=Wk3w#9|J1dAeV)Rlk?%L=ol!+m5%A|(KP`fR=nD^&iHT@Z5DaZ(w0hqfh|V>i;E
zT#yXyl{bojG@-TGZzpdVDXhbmF%F9+-^YSIv|<!(knL3!Z+}F~)r$<ET0f@9KVjok
zfvU`%FUbk|yAc)S0rB`JBWTLd7hPAAqP2ltlwee5T}#_Gpbl80w-LA;|BD>MT1l3j
zrxOFq>gd2%U}?6}8mIj?M<N%?8n+3Rx8(2-`*c@op88}5-iqw*PHkqnj$k8#t^|g>
zc077Zc9fq(-)4+gXv?Az26IO6eV`RAJz8e3)SC7~>%rlzDwySVx*q$ygTR5kW2ds-
z!HBgcq0KON9*8Ff$X0wOq$`T7ml(@TF)VeoF}x1OttjuVHn3~sHrMB++}f7f9H%@f
z=|kP_?#+fve@{0MlbkC9tyvQ_R?lRdRJ@$qcB(8*jyMyeME5ns6ypVI1Xm*Zr{DuS
zZ!1)rQfa89c~;l~VkCiH<d?V{)&8(@3=6jm=fW<)H`CSQ9+iNwDH;4S!Xw4H9nux4
zKNscQ&OV9zHF_+cIJ=X)qIF;(!)}sl`hhO)dHz6nA0^W{a9q1^gzxvh-bS1(N273|
zq;PSR{n|+%3`+}9Q7}{mC7k)HXlUhkBKH%A@-sEx!4Mlk=^P1dtF=-lC3U?55B}ez
z`Fd)kItC)!X+F!>I|PCBd`S*2RLNQM8!g9L6?n`^evQNEwfO@&JJRme+uopQX0%Jo
zgd5G&#&{nX{o?TQwQvF1<^Cg3?2co;_06=~Hcb6~4XWpNFL!WU{+CK;>gH%|BLO<b
zgJpht0ltX3sE2RJAUcld5MW}&%<sw};dL~bdZ0?zVg~mRcaNBgUZe;8@DKXRQmlOf
zAIhHBNh=}LzcTdUnfgd6#GEx350bi`lb)LaBso2CW!*0Xe!UJNwIWeg)QXy=e3bwZ
zIJ8=;u}r&BGoF;ftQ-dJ!kBp#;lHIlNwC)v?OHP&#Mh~B%=jdgWQCSqpANGQEkG%n
zM?zk5@$%!-gPc55s943P-Mv1>h7@!hsa(>pNDAmpcuVO-?;Bic17R}^|6@8DahH)G
z!EmhsfunLL|3b=M0MeK2vqZ|OqUqS8npxwge$w-4pFVXFq$_EKrZY?BuP@Az@(k`L
z`<G71X#W|!P3Z{wEvg5Ob7@MbwprRM&*~yi*+R-9I8&p-;yM=Q)z$bTY1}y<i9f;W
zGBCz3n1=6)vV6bV+;GN8E|c1rg49&nk_(FLVA<i_4OxA`vE>ViQBSk`y+YwRT;&W|
z2e3UfkCo^uTA4}Qmmtqs+nk<f8_TTXgg$0%V(GO^t)<!()wOU}JKa$=7V(Fd-u5kW
zfKQU%n`CZ_1jFoAu|=do)|56^VkbaXtt)NlpAubGIJ@ET@k0K*McoNg@OCSSeKJ`(
z*rHh**zg=F3rmZ2ux+4MzedRxj4$W0VqcP)lO*|#;Iw4z!Gidd%|ry%SN>#gNr2W4
zTH%hhErhB)pkXR{B!q5P3-OM+M;qu~f>}IjtF%>w{~K-0*jPVLl?Chz&zIdxp}bjx
zStp&Iufr58FTQ36AHU)0+CmvaOpKF;W@sMTFpJ`j;3d)J_$tNQI^c<^1o<49Z(~K>
z;EZTBaVT%14(bFw2ob@?JLQ2@(1pCdg3S%E4*dJ}dA*v}_a4_P(a`cHnBFJxNobAv
zf&Zl-Yt*lhn-wjZsq<9<PjKts@j|?j*H<KG_l+Ikza{2Tyz(8wgaT$KKCTR@fUFh?
z9>v-IsXxAxMZ58C@e0!rzhJ+D@9^3~?~yllY^s$?&oNwyH!#~6x4gUrfxplCvK#!f
z$viuszW>MFEcFL?>ux*((!L$;R?xc*myjRIjgnQX7<gW>9@UPD$6Dz0jutM@7h_pq
z0Zr)#O<^y_K6jfY^X%A-ip>P%3saX{!v;fxT-*0C_j4=UMH+Xth(XVkVGiiKE#f)q
z%Jp=JT)uy{&}Iq2E*xr4YsJ5>w^=#-mRZ4vPXpI6q~1aFwi+lQcimO45V-JXP;>(Q
zo={U`{=_JF`EQj87Wf}{Qy35s8r1*9Mxg({CvOt}?Vh9d&(}iI-quvs-rm~P;eRA@
zG5?1HO}puruc@S{YNAF3vmUc2B4!k*yi))<5BQmvd3tr}cIs#9)*AX>t`=~{f#Uz0
z0&Nk!7sSZwJe}=)-R^$0{yeS!V`Dh7w{w5rZ9ir!Z7Cd7dwZcK;BT#V0bzTt>;@Cl
z#|#A!-IL6CZ@eHH!CG>OO8!%G8&8t4)Ro@}USB*k>oEUo0LsljsJ-%5Mo^MJF2I8-
z#v7a5VdJ-Cd%(a+y6QwTmi+?f8Nxtm{g-+WGL>t;s#epv7ug>inqimZCVm!uT5Pf6
ziEgQt7^%xJf#!aPWbuC_3Nxfb&CFbQy!(8ANp<Dkrrv&eXZOx^ui15L`|GC6Zo9J8
zt4l&YYgkq79`qbC=O@Wu>kWLI4oSnH?Q3f?0k1t$3d+lkQs{~(>06l&v|MpcFsyAv
zin6N!-;pggosR*vV=DO(#+}4ps|5$`u<dyVk_IJiOQUOA<$>dE%Kdmp?G7B#y%<bi
zGVk-OWo?nx8M9(n3)OkC>H`R|i8skKOd9Xzx8xgR$>Zo2R2Ytktq^w#ul4uicxW#{
zFjG_RNlBroV_n;a7U(KIpcp*{M~e~@>Q#Av90Jc5v%0c>egEdY4v3%|K1XvB{O_8G
zkTWLC>OZKf;XguMH2-Pw{BKbFzaY;4v2seZV0>^7Q~d4O=AwaPhP3h|!hw5aqOtT@
z!SNz}$of**Bl3TK209@F=T<Nh*u*7J=P_EEnnD=hbiG0v_)iQwN<!vDIogn=iGRs3
zt_h!RUdkzWHMpc*d}k%tjHimct$!p&AH8pRZ+FJo|9w~+h(n#lp$57vBXGLddx*%@
z5%Aj-8?hH;TIkF9$}Pwu0)KjO*p&uKv6>n1+mgZa8yh(Png%Zd6Mt}^NSjy)etQrF
zme*llAW=N_8R*O~d2!apJnF%(JcN??=`$qs3Y+~xs>L9x`0^NIn!8mMRFA_tg`etw
z3k{9J<p4JZCS-C}49WuHGGruT=x>Ajnl@ygIiJcNHTy02GMAvBVqEss&t2<2mnw!;
zU`J)0>lWiqVqo|ex7!+@0i>B~BSU1A_0w#Ee+2pJx0BFiZ7RDHEvE*ptc9md(B{&+
zKE>TM)+Pd>HEmdJao7U@S>nL(qq*A)#eLOuIfA<xx)>S@j`_sK0UEY6OAJJ-kOrHG
zjHx`g!9j*_jRcJ%>CE9K2MVf?BUZKFHY?EpV6ai7sET-tqk=nDFh-(65rhjtlKEY%
z@G&cQ<5BKatfdA1FKuB=i>CCC5(|9TMW%K~GbA4}80I5%B}(gck#Wlq@$nO3%@QP_
z8nvPkJFa|znk>V92cA!K1rKtr)skHEJD;k8P|R8RkCq1Rh^&}Evwa4BUJz2f!2=MH
zo4j8Y$YL2313}H~F7@J7mh>u%556Hw0VUOz-Un@ZASCL)y8}4XXS`t1AC*^>PLwIc
zUQok5PFS=*#)Z!3JZN&eZ6ZDP^-c@StY*t20JhCnbMxXf=LK#;`4KHEqMZ-Ly9KsS
zI2VUJGY&PmdbM+iT)zek)<hjl_Ql0Z<Zn_qAb)m1SGqs~RuzvnShAB@_vF{e+592q
z$DB!xBIZfcH*9&k=wlV*!)l9TjLaF6{FU=1emb_fuvC;885YA6nM5}UqhPTc%&*tY
z3h;oOpGO3Hx+t7EjPYfzaZ}+D=ndS&SDnV=GA-}a=$GiNOi~a`1gJao%JzT9!|NX9
z<CC9{n}y#@=&Y6rk@_w$wqbKs!E-bTFZW}3bqJ;f!@40M^ykqGs3;>#Qc#_i4uH43
z@T5SZBrhNCiK~~esjsO9!qBpaWK<`>!-`b71Y5R<QKZFC;tbrvH*7OQFB+SCa^&~y
zposW2PUqn>eXQ4AJU~T<enI;Gq30%Z%SsfHco3Z`w^cm#%0^~onRV&P&#QErx)JwE
z+PM!k!qYC}ESrBrHoDQz*X1YmFa#(SZW<AV$!J0LWu4IDbZ2bw=%%Iq9Hg*REoc?;
z{E60bn(-sNYKAv{(YDGA5Ne~oOSP*!BJYblyeWN+CVy8q4{fMj;2#8%D!ii%2bR=s
z%l;FFHzQ~S|A8UKuFT*34q|LzMc~~o#;)Kw9DtS!bp3JQi_@L6HQjXe7-;AjHEUja
z>2Njri1CEp5oKw;Lnm)-Y@Z3sEY}X<ceQi^_CPpPY_VEPYF+%Om#`r)SPUG}UXq2Y
zpr9=;`h)oB6MR*Xk2Eh4r7Hb|{>IgSy%xo=uek(kAAH5MsV$V3uTUsoTzxp_rF=tx
z<QsYQ(;?5S(qGqiH7>V07vlJNKtJhCu`b}*#m&5LV4TAE&%KtHViDAdv#c^x`J7bg
z&N;#I2GkF@SIGht6p-V}`!F_~lCXjl1BdTLIjD2hH$J^YFN`7f{Q?OHPFEM$65^!u
zNwkelo*5+$ZT|oQ%o%;rBX$+?xhvjb)SHgNHE_yP%wYkkvXHS{Bf$OiKJ5d1gI0j<
zF6N}Aq=(WDo(J{e-uOecxPD>XZ@|u-tgTR<972`q8;&ZD!cep^@B5CaqFz|oU!iFj
zU0;<Kr(xN%j}{P50=dczD~4jn(p0D1`)Q|ld@m)3cU?5-DDA%Lq4Vd2?$jcNa3@4}
zt0;5Pk0HJXk<P(S=!%ZtD121Ne##d}^nRI9>6fQX&~15E53EW&w1s9gQQ~Zk16X%6
zjG`j0yq}4deX2?Tr(03kg>C(!7a|b9qFI?jcE^Y>-VhudI@&LI6Qa}WQ>4H_!UVyF
z((cm&!3gmq@;BD#5P~0;_2qg<pD9=9nXg$TuH}wQh9<MTT}D~YJ$+K3jbd)SV}wix
zf+zmLDPNc@nH3C;GngJH(K9z-$bm-ym&hXvg&{t=h}^v&Zpkgh>ZhtJS|>WdtjY=q
zLnHH~Fm!cxw|Z?Vw8*~?I$g#9j&uvgm7vPr#&iZgPP~v~BI4jOv;*OQ?jYJtzO<^y
z7-#C={r7CO810!^s(MT!@@Vz_SVU)7VBi(e1%1rvS!?PTa}Uv`J!EP3s6Y!xUgM^8
z4f!fq<3Wer_#;u!5ECZ|^c1{|q_lh3m^9|nsMR1#Qm|?4Yp5~|e<cTgyd3~1T9l&*
zeQ01<P2U~{V&q4>r2?W^7~cl;_r4WSme_o68J9p03~Hc%X#VcX!xAu%1`R!dfGJCp
zV*&m47>s^%Ib0~-2f$6oSgn3jg8m%UA;ArcdcRyM5;}|r;)?a^D*lel5C`V5G=c~k
zy*w_&BfySOxE!(~PI$*dwG><<WF75p<o9EVVze~dTW<Z_^0lybcm7u?o5{_6x)ND;
zb8GQ#!>+-%KT5p?whOUMA*k<9*gi#T{h3DAxzAPxN&Xws8o9Cp*`PA5>d9*Z-ynV#
z9yY*1WR^D8|C%I@vo+d8r^pjJ$>eo|j>XiLWvTWLl(^;JHCsoPgem6PvegHb-OTf|
zvTgsHSa;BkbG=(NgPO|CZu9gUCGr$8*EoH2_Z#^BnxF0yM~t`|9ws_xZ8X8iZYqh!
zAh;HXJ)3P&)Q0(&F>!LN0g#bdbis-cQxyGn9Qgh`q+~49Fqd2epikEUw9ca<Icy-f
zOt40c5j7j)$)tP9?uvS*(MhNoK9DyuR}iw#hq(_Yg;FQNx_fxU*Eu(iTCigNUM7t<
z>M%V6WgP)532RMRW}8gNS%V%Hx7apSz}tn@bQy!<=lbhmAH=FsMD?leawbnP5BWM0
z5{)@EEIYMu5;u)!+HQ<i|FmCtfdneL-c-Zq4Plvb%6L#`yCeba4_fn4B8J3*R<jzl
zfvYN4K`&;0Sxn>WhQ;D3_Cm_NADNeb-f56}<{41aYq8p4=93d=-=q0Yx#knGYfXVt
z+kMxlus}t2T5FEyCN~!}90<Qw*O-2+V!RyNwDJ!D4}()%&9a2ilTUH&u5D!U%eI_q
zx}xGi`t`GnBsEW*ontVcR-ikx88LbjAhe<X@Zi_w7Y34lxFFrZ2Q&%wKjDtka2LVK
zHc8~1#H%sr<^E7ZD2HEuJ^9vl!WfP^A{M0b1kd0=9ymV8H)Sd)K8ApeV;=DNu1w7T
zq3y-B$08B=*qJh`RBSq*hM$V1Wi(wSS$C7SwYBw1{q+D%@|+@4!e&J2mmVQuQ$1nJ
zGVp>O_X@@PQpuy;kuGz@bWft%diBTx?d)_xWd_-(!LmVrh**oKg!1CNF&LX4{*j|)
zIvjCR0I2UUuuEXh<9}oT_zT#jOrJAHNLFT~Ilh9hGJPI1<5`C-WA{tUYlyMeoy!+U
zhA#=p!u1R7DNg9u4|QfED-2TuKI}>p#2P9--z;Bbf4Op*;Q9LCbO&aL2i<0O$ByoI
z!9;Ght733FC>Pz>$_mw(F`zU?`m@>gE`9_p*=7o=7av`-&ifU(^)UU`Kg3Kw`h9-1
z6`e6+im=|m2v`pN(2dE%%n8YyQz;#3Q-|x`91z?gj68cMrHl}C25|6(_dIGk*8cA3
zRHB|Nwv{@sP4W+Y<?>ZM)VKI>R<dU=sQkg7!lDS83Q3{+&sk$J+O!cATJ_o5Pb&W_
z)bdtK2>lB`n=Oj~Rzx~M+Khz$N$45rLn6k1nvvD^&HtsMA4`s=MmuOJID@$s8Ph4E
zAmSV^+s-z8cfv~Yd(40Sh4JG#F~aB>WFoX7ykaOr3JaJ&Lb49=B8Vk-SQT9%7TYhv
z?-Pprt{|=Y5ZQ1?od|A<_IJU93|l4oAfBm?3-wk{O<8ea+`}u%(kub(LFo2zFtd?4
zwpN|2mBNywv+d^y_8#<$r>*5+$wRTCygFLcrwT(qc^n&@9r+}Kd_u@Ithz(6Qb4}A
zWo_HdBj#V$VE#l6pD0a=NfB0l^6W^g`vm^sta>Tly?$E&{F?TTX~DsKF~poFfmN%2
z4x`Dc{u{Lkqz&y!33;X}weD}&;7p>xiI&ZUb1H9iD25a(gI|`|;G^NwJPv=1S5e)j
z;U;`?n}j<Q^Xq~o28<9wN;wOTm1lpjZMh*aUX(~T_Y3#ZnG~Ye&HG?FC8<&_!tool
z+@`jls~3x-4`e?M70izyrpLQDV~@R;Ddqa8ubupC&5hxJ!0Qn2&@6(rv>nY6rA{V^
zxTd{bK)Gi^odL3l989DQlN+Zs39Xe&otGeY(b5>rlIqfc7Ap4}EC?j<{M=hlH{1+d
zw|c}}yx88_xQr`{98Z!d^FNH77=u(p-L{W6RvIn40f-BldeF-YD>p6#)(Qzf)lfZj
z?3wAMtPPp>vMehkT`3gToPd%|D8~4`5WK{`#+}{L{jR<c)T{dJNa_2~nx}yzR>UMt
zrFz+O$C7y8$M&E4@+p+o<?<4i!4ikchlAhrd(TAazwXC#eTotZ4)SbD2SX9vq+(V^
zQt>V5c%uYzbqd2Y%SSgYy#xh4G3hQv>V*BnuKQhBa#=o<cI|?w3{ulWOpdl|%RYTA
zSx@6KnTs$R(CM2sHs-QJn!^oj_3M4<ToCw0Dysc#3eTjWBJ-T+adb-$?`_4mF<8?g
zSKY1V7KhH!;LK22fSg)B*<uJ7m~6W3CUps0^d9*o2V_Gub>ZB~w{azUB+q%bRe_R^
z>fHBilnRTUfaJ201czL8^~Ix#+qOHSO)A|xWLqOxB$dT2W~)e-r9;bm=;p;RjYahB
z*1hegN(VKK+ztr~h1}YP@6cfj{e#|sS`;3tJhIJK=tVJ-*h-5y9n*&cYCSdg#EHE#
zSIx=r#qOaLJoVVf6v;(okg6?*L_55atl^W(gm^yjR?$GplNP>BZsBYEf_>wM0Lc;T
zhf&gpzOWNxS>m+mN92N0{;4uw`P+9^*|-1~$<g_U{SU`H<rGXK<wL9(P>uXpggj4-
z^SFc4`uzj2OwdEVT@}Q`(^EcQ_5(ZtXTql*yGzdS&vrS_w<Vq*ng}zPHZxXbJ~5By
z5q!Q1MEDSMNOWX9zY-~b`9@lU+AIe>>~~ra|Nb5abwf}Y!uq6R5f&6g2ge~2p(%c<
z@O)cz%%rr4*cRJ5f`n@lvHNk@lE1a*96Kw6lJ~B-XfJW%?&-y?;E&?1AacU@`N`!O
z6}V>8^%RZ7SQnZ-<!aS@7Sy5FdEA^NVBSolPfAv!POl_VDW*<OY|VOa1x+Nt4h}kC
zF5f5bMcr5zsZz*#rv_qyg5_y;>z$(jsX`amu*5Fj8g!3RTRwK^`2_QH<oOlcTv0T*
zq^FmDESBJUwy8>e;_2y_n|6gSaGyPmI#kA0sYV<_qOZc#-2BO%hX)f$s-Z3xlI!ub
z^;3ru11DA`4heAu%}HIXo&ctujzE2!6DIGE{?Zs>2}J+p&C$rc7gJC<HidCCr+8PF
zWiTVZ>35gxhflorvsb%sGOxpuWhF)dL_&7&Z99=5M0b~Qa;Mo!j&Ti_kXW!86N%n=
zSC@6Lw>UQ__F&+&Rzv?gscwAz8IP!n63>SP)^62(HK98nGjLY2*e^OwOq`3O|C92?
z;TVhZ2SK%9AGW4ZavTB9?)mUbOoF`V7S=XM;#3EUpR+^oHtdV!GK^nXzCu>tpR|89
zdD{fnvCaN^^LL%amZ^}-E+214g&^56rpdc@yv0b<3<Gcz@z*K79?oK~*UzGlKFJXT
z{XOryj|k?!nDS(G1LtLxYD^Cq?c?_!zYn!x^#tLjQ6=Wb!)yrQsQW$6U<7{9%v7a-
zv*ocK5QN4V3`xVyd7lYi<tse4LzLtbxdam8l#%xfBL@jXus_3m`H&T(SG4<1{Xtfu
zMb*~2c3zevaj8sJ+%2=tK7#q$!xF@Xc_%7Ws0|ayo4RjQhmCcKBx<ij=1uikr$^Pt
z9|pP=(@t-<MX5uDFk4~}Y&YCR_($i(L2tZ?=zYb8^M2`}T)&sKMTvyh6Hf2vk#&E}
zXFWd3BT@?-Qm?6K=3M(cZ#LOR`xDd$o~J$T>}Ys?)f|fXN4oHf$six)-@<;W&&_kj
z-B}M5U*1sb4)77aR=@%I?|Wkn-QJVuA96an25;~!gq(g1@O-5VGo7y&E_srxL6ZfS
z*R%$gR}dyONgju*D&?geiSj7SZ@ftyA|<I`YtD1a%3oCr%5@GGkBtN{5mnwPyOw=G
z)5mh1d5f2bd0O6v9}uRb?jQWt0Hmbh{Lw~%;q96e<JYrfUt;Ww3`|kuk8YLozMnJA
zL-%S-b>}(*Y4KbvU!YLsi1EDQQCnb+-cM=K1io78o!v<D2B&P2)99nqSy|&vmf_z?
z=eWr~Nb^z}4FA|*1-U>*);o<<Bb~caN#d%78rHzz&LtUD8*+uiPJdUJ<!gd#RBLsK
z$C!13l?*$0KTH~HOk{`~({IY19$^eGtD0+`Ng;Krabee-ZmxY?a!#sR^lIs7X@lqE
z)iFHx46*Kc<U3%gK1Qg`N*=%M8g<Qr@DDqezg1<>XwjaQH%)uIP&Zm?)Nfbfn;jIr
z)d#!$gOe3QHp}2NBak@yYv3m(CPKkwI|{;d=gi552u?xj9ObCU^DJFQp4t4e1tPzM
zvsRIGZ6VF+{6PvqsplMZWhz10YwS={?`~O0Ec$`-!klNUYtzWA^f9m7tkEzCy<_nS
z=&<(awFeZvt51>@o_~>PLs05CY)$;}Oo$VDO)?l-{CS1Co=nxjqben*O1BR>#9`0^
zkwk^k-wcLCLGh|XLjdWv0_Hg54B&OzCE^3NCP}~OajK-LuRW53CkV~Su0U>zN%yQP
zH8UH#W5P3-!ToO-2k&)}nFe`t+mdqCxxAHgcifup^gKpMObbox9LFK;LP3}0dP-UW
z?Zo*^nrQ6*$FtZ(>kLCc2LY*|{!dUn$^RW~m9leoF|@Jy|M5p-G~j%+P0_#orRKf8
zvuu5<*XO!B?1E}-*SY~MOa$6c%2cM+xa8}_8x*aVn~57v&W(0mqN1W`5a7*VN{SUH
zXz98DDyCnX2EPl-`Lesf`=AQT%YSDb`$%;(jUT<emmKF_zfZmU9B12q_dyZ<_@h~k
zvEq1`Vx6X|zFHC1f>rNen$NPJrlpPDP}prI>Ml!r6bCT;mjsg<oj3+@ct5lWE*J;5
z4E~(;FwK{V8;n^S+p_aly?)G^7&y`S%eK)TJhe8?@}L_b8H};V-{Fr!7~z`5Jn&~y
zle5N-{eo+>@X^#&<}CGf0Jt<ps|x+2W>R{Ecwd&)2zuhr#nqdgHj+g2n}GK9CHuwO
zk><uMX@X}I+5rrj?NaO6BMSeLuD{-~8R-Gl2xdC9#?M&n3M8$1#r~F<bd_yU6EE{Y
z#eCFVb$%8`qmYLY$VN_bTcap4)*3IM0tVFqt0C)EHHU4$9K2ap4$RYn7cYx68f*63
zqjgq9d3s#J0z)IOp-dbsoyDl3q&F;wDIxirPuXzvw6-Mhm_%B8`dB@kd7fLXw-%?$
zoq?`st6r0!H5QKHrVxu9;wFCr4k6@&eG$(7Z2Wi#T=t;uR8LkI#eWjbL4#SB+RR!}
zkvLwWmhxM!7BIsi5NeXcxeg6+4^H8NJB5=2mJzA06v|{=fl0X|ig2$)&h*GM&JpHp
zr`8`GjG!&l9EyWchuo>oZxy{v<eHuSsx&-tHadS1q^a4f?|RTjYB^sRK14!iW+^lB
z!ebp33Hf8OUb(D`D*|G{AftC98wHP4tb?H!)=@9haZJ)F+0;HQc5`Qlnk&U!fz)-9
z%lX#G)XFlYmyE^D)O;h749_^`>cOL)$8-}L^iV<p27<5%t|ClWJe$Rd_|U|Ck(u@6
zTgwrC&(m^cFeKDxIl7TOJH#1Wo==_x;yAITBFJ1z$*I>fJHAGfwN$prHjY<ZwGVKY
zZ8+b}fUD+>V0ju}8%jWquw>}_W6j~m<}Jf!G?~r5&Rx)!9JNX!ts#SGe2HzobV5);
zpj@&`cNcO&q+%*<%D<T}5E&SDWDa4Lg;*h`<xw$&SGrTg$|CXl_i7+njSd+)yvyz7
z+0<o|PMTJL)R>7za|?m5qlmFK$=MJ_iv{aRs+BGVrs)98BlN^nMr{V_fcl_;<BiuS
ztTFCwthZrVHPPZYBIYp#EouQ9MTH{-OaLh9+PRHAG3=cqP}nnZd8AjsX8sR)@*@Na
z!0>jkzRju+c-y?gqBC_@J0dFLq-D9@VN&-`R9U;nv$Hg?>$oe4N&Ht$V_(JR3TG^!
zzJsbQb<dCovVFFYER#ii{pf+`)Dd4mJA8V_i{)g*7b35$IR9(S%Er0t1yr7X5aERc
zeK=jG4aV7X*X+)C@a&31a^^wDy<E&Lu}Ry(`Um&dxXGiHJfU<|q(iByYWWLIS^^>i
zFE6-{#9{G{+Z}ww!ycl*7rRdmU#_&|DqPfX3CR1I{Kk;bHwF6jh0opI`UV2W{*|nn
zf_Y@%wW6APb&9Rr<YY$Si*BvV^N#m{QYOko?PXQXU(La}0lCv3qWQ$bi`=<yuf89@
zA3M_;xKTP6E^K#?{F`hD*rTDZhZ!h73@a^*&yKH>bEN=PQRBEpM(N1w`81s=(xQj6
z-eO0k9=Al|>Ej|Mw&G`%q8e$2xVz1v4DXAi8G};R$y)ww638Y=9y$ZYFDM$}vzusg
zUf+~BPX>(SjA|tgaFZr_e0{)+z9i6G#lgt=F_n$d=beAt0Sa0a7>z-?vcjl3e+W}+
z1&9=|vC=$co}-Zh*%3588G?v&U7%N1<wSL*V~9}~r(eJ^+Xr3`-m(Sj@@;y|({lFw
zG+a0jI%A@viPJ_TgyiV93C-_fon>Qf-wNWJ)(v`iO5KHSkC5&g7CrKu8V}uQGcfcz
zmBz#Lbqwqy#Z~UzHgOQ;Q-rPxrRNvl(&u6ts4~0=KkeS;zqU<rCYLCOgtuj&A3yvF
z)|<)nA^eF$@T!K+ig@JbUkyVVJP%Y)>Rz%!-ERppmd%0v>iRlEf+H$yl{_8TMJzo0
z>n)`On|7=WQdsqhXI?#V{>+~}qt-cQbokEbgwV3QvSP7&hK4R{Z{aGHVS3;+h{|Hz
z6$Js}_AJr383c_+6sNR|$qu6dqHXQTc6?(XWPCVZv=)D#6_;D_8P-=zOGEN5&?~8S
zl5jQ?NL$c%O)*bOohdNwGIKM#jSAC?BVY={@A#c9GmX0=T(0G}xs`-%f3r=m6-cpK
z!%waekyAvm9C3%>sixdZj+I(wQlbB4wv9xKI*T13DYG^T%}zZYJ|0$Oj^YtY+d$V$
zAVudSc-)FMl|54n=N{BnZTM|!>=bhaja?o7s+v1*U$!v!qQ%`T-6fBvmdPbVmro&d
zk07TOp*KuxRUSTLRrBj{mjsnF8`d}rMViY8j`jo~Hp$fkv9F_g(jUo#Arp;Xw0M$~
zRIN!B22~$kx;QYmOkos@%|5k)!QypDMVe}1M9tZfkpXKGOxvKXB!=lo`p?|R1l=tA
zp(1}c6T3Fwj_CPJwVsYtgeRKg?9?}%oRq0F+r+kdB=bFUdVDRPa;<s*Z4&z%Yqy%U
zOeHw$WK*_?C+%QKv}yj&a(!5Ni>E~~>2$w}>O>v=?|e>#(-Lyx?nbg=ckJ#5U6;RT
zNvHhXk$<cTrzyFrc-kzJ80|Sr7cPKJYnxQh*Fg9@b51h^!>P}m9wSvFyU3}=7!y?Y
z=fg$PbV8d7g25&-jOcs{%}wTDKm>!Vk);&rr;O1nvO0VrU&Q?TtYVU=ir`te8SLlS
zKSNmV=+vF|ATGg`4$N1uS|n??f}C_4Sz!f|4Ly8#yTW-FBfvS48Tef|-46C(wE<BN
zM?~(EkSJJWr_!W7-HptZRmK`p&C>O_%pPhUC5$-~Y?!0vFZ^Gu`x=m7X99_?C-`|h
zfmMM&Y@zdfitA@KPw4Mc(YHcY1)3*1xv<iSQWzdA1>W9V-r4n-9ZuBpFcf{yz+SR{
zo$ZSU_|fgwF~aakGr(9Be`~A|3)B=9`$M-TWKipq-NqRDRQc}ABo*s_5kV%doIX<z
zw8f$0lCeVGD0^!OedVm2t32)213YQ46v=o)@UsVzy`KZ%hr__m!jsQbd@}{{Vg1hz
z`m2-BpqxgapTIephm4Cik^T6BeWfmt%BA@BRlvqT0ILcR0(vVdxD!}~F3BI!@Yuk*
zM2~`l5+!SvcPoj}AC@Q9McO3!2ke!m5VcW3F%a(IA*N@sL73(w3O(3~t5el4Dq{JU
z21IfDfV)n^u4cGvvfJlGe~Q~Yzeudy#8j^ja>7LRLRau_gd@Rd_aLFXGSU+U?uAqh
z8qusWW<lz^u{++i(BMS0kYpMurHwdx8=v!VDug!+!?SoQ%5#Z9_%%XQ)=}5@(OGY$
z!*NFRMlh?b0mZ-o&{hRY(q#;?AsyI_fTbU3vvt{86Gd^<UxrFKXriAuhLyoz-Rb+|
z<1fH@C7QEgQz2VdIb}M#v@~+roe%YIUs5B>cvgQ&wu{|sRXmv?sl=xc<$6AR$+cl&
zFNh5q1~kffG{3lDUdvEZu5c(aAG~+64FxdlfwY^*;JSS|m~CJusvi-!$XR`6@XtY2
znDHSz7}_Bx7zGq-^5{stTRy|I@N=>*y$zz>m^}^{d&~h;0kYiq8<^W<E|75Z!A4X;
zB0ckyjy2crb1=uu;OnTA+AN(`$!y~N){ZywsrcJ<-RJ-6@#;QH|7$vRI{)h?@p2NX
z`N+$B?J?QE9;Pm%%)e)K9b55SBEW5@Zc4|{XhN6&8tG6ODyNFgS%k;enJu!|jBjTn
zO3=N;{~$Us+^lM79~#+NVdMuMV*xv4<srsN5l%(Xfx|TFiWsSLu6VKb8+BQX%9T6)
zLIA<^s*!o98&YNSoO#lh*yl=4IaXWU@%j6|nHVJL2?PUhARrz8&IkW*Q<47%jpzTI
z4gPog-xBcuLB=pm_-|9W&~MFVz_3-f?M6(XIxnIg#$zC^5E`10kVD2)wtP_r+-MVn
zDB)nM192c6VQ(1fw5pgW;z9QPF|WVy-Pi3Kqyd;SXdDvK@g#36c@VC&u=_B=n%w}x
z9G42<h(@l93n9W)B(s=&>q7Dz0w31ShO^~LUfW6rfitR0(=3;Uue`Y%y@ex#eKPOW
zO~V?)M#AeHB2kovn1v=n^D?2{2jhIQd9t|_Q+c|ZFaWt+r&#yrOu-!4pXAJuxM+Cx
z*H&>eZ0v8Y`t}8{TV6smOj=__gFC=eah)mZt9gwz>>W$!>b3O;Rm^Ig*POZP8Rl0f
zT~o=Nu1J|lO>}xX&#P<uNYpwDdsi81$~7Dv-8cIS(lR52^!TF;6k;WMGV`thcu^6S
z@T3rgu^2l&lSgk|u&dqJ2P;_lKd-gsz+E~nyy$zL@l8HyyxzgF#YH#@jXdT>58%Yl
z83`HRs5#32Qm9mdCrMlV<JBDhyZ+y^N%S92djDerOElqpRE}K*p`=oMP>|NKNC+Z~
z9OB8xk5HJ>gBLi+m@(pvpw)<om*<*&g*ukIpJ5#uX6#7U*X+*MN|7vZ8*HK)=`Y9r
z)#d;zRimk{mmRK`xtmKSn@imtSD%un-#&@aHsi(XFSqmU+t2^tlw;mwe}X*y&#AIH
zlv#=?W?e4tr=1o`K<LAS)WBGaORGt!_L??}o8QF5X|ARAXjcw9(=`^ih&uvZ?3o=4
ztCfj-M@ZND9Dnt(PEoh14OzzWaAN5QQ)tU}4*nXvp1HQ^w*zt7KrnA5B`0hYyAdFC
zH+>1(OaVJKs*$Ou#@Knd#bk+V@y;YXT?)4eP9E5{J%KGtYinNYJUH9PU3A}66c>Xn
zZ{Bn0<;8$WCOAL$^NqTjwM?5d=RHgw3!72WRo0c;+houoUA@HWLZM;^U$&sycWrFd
zE7ekt9;kb0`lps{>R(}YnXlyGY}5pPd9zBpgXeJTY_jwaJGSJQC#-KJqmh-;ad&F-
z-Y)E>!&`Rz!HtC<wKL>z>%yO<y&s#nmyWumg2@9<En(?C^(|rjP3fstXvL7F_}@s~
zK?}vRELPAe=@^SDzf;4gMIY~6wbR)ERQj~L^17FRR>J|v(u7P*I$jqEY3}(Z-orn4
zlI?CYKNl`6I){#2P1h)y(6?i;^z`N3bxTV%wNvQW+eu|x=kbj~s8rhCR*0H=iGkSj
zk2<D*!UmdR0qg)7cV>3lr9kr|p7#qKL=UjgO`@UnvzU)`&fI>1Qs7ubq{@+lK{hH*
zvl6eSb9%yngRn^T<;jG1SVa)eA>T^XX=yUS@NCKpk?ovCW1D@!=@kn;l_BrG;hOTC
z6K&H{<8K#dI(A+zw-MWxS+~{g$tI7|SfP$EYKxA}LlVO^sT#Oby^grkdZ^^lA}uEF
zBSj$weBJG{+Bh@Yffzsw=HyChS(dtLE3i*}Zj@~!_T-Ay7z=B)+*~3|?w`Zd)Co2t
zC&4DyB<B`NVJ>!o&YgSw+fJn6`sn$e)29`kUwAc+1MND7YjV%lO;H2}fNy>hD#=gT
ze+-aFNpyKIoXY~Vq-}OWPBe?Rfu^{ps8>Xy%42r@RV#*QV~P83jdlFNgkPN=T|Kt7
zV*M`Rh*30&AWlb$;ae130e@}Tqi3zx2^JQHpM>j$6x`#{mu%tZlwx9Gj@Hc92IuY*
zarmT|*d0E~vt6<+r?W^UW0&#U&)8B6+1+;k^2|FWBRP9?C4Rk)HAh&=AS8FS|NQaZ
z2j!iZ)nbEyg4ZTp-zHwVlfLC~tXIrv(xrP8PAtR{*c;T24ycA-;auWsya-!kF~CWZ
zw_uZ|%urXgUbc@x=L=_g@QJ@m#5beS@6W195Hn7>_}z@Xt{DIEA`A&V82bc^#!q8$
zFh?z_Vn|ozJ;NPd^5uu(9tspo8t%&-U9Ckay-s@DnM*R5rtu|4)~e)`z0P-sy?)kc
zs_k&J@0&0!q4~%cKL)2l;N*T&0;mqX5T{Qy60%JtKTQZ-xb%KOcgqwJmb%MOOKk7N
zgq})R_6**{8A|6H?fO+2`#QU)p$Ei2&nbj6TpLSIT^D$|`TcSeh+)}VMb}LmvZ{O|
ze*1IdCt3+yhdYVxcM)Q_V0bIXLgr6~%JS<<&dxIgfL=Vnx4YHuU@I34JXA|+$_S3~
zy~X#gO_X!cSs^XM{yzDGNM>?v(+sF#<0;AH^YrE8smx<36bUsH<L8f?5hvib^(w-z
zQO~nQ$dVU0i#a3ki#~Zfn+z)A0X6&+uTO~YY-95PED8rYa#tnOB_5j0D(OiyL`p9s
zv+IJ_k!HYz5YcKEc7QF88Nvot?2oM%4aDY1Bzw#ErO+K${;d;Xz}Qst%^Hxe<y|{#
z0i<}um0l#qNYBrEHp~^dRc(MW&*nx$<xOZo&ngs@b)HTJL5#EBLw4XB%N{_Unwz1|
zV8i$e7agBMpxq^UD+OBzpAA4~Wm`dImRWzuo^(m(ArJer$O=jb))nZ!p#}ai;I|`b
zxh~i8wmS;I?uK@A5wM9(c}p9|(M`BOW}{O$gH|yS=WST0IY5xeK;n^|OTOu06VXGL
ziLV81^Z>bN#y57K8WEu(`qHvQ6cAZPo=J5C(lSmUCZ57Rj6cx!e^rfaI5%w}unz}4
zoX=nt)FVNV%QDJH`o!u9olLD4O5fl)xp+#RloZlaA92o3x4->?rB4`gS$;<QP`qnB
zxyR|2?xCkFimDvX6HOV?^)Ex~)EDlr;3{Zk;-f=p?%7c@-P$(ps9BR^)$rFZsteaA
z;pEqzR194rw0JOm6L~PJ9F(nNaRn+j%W1SvOz`}E|6u-%XnRuFO#whbo=$_b&QmEc
zz35A#zc{~jeDG0s#(%Oyh`}`Lr28fKNg=;!oXo#n2s2b!wHSqmp4gLtkq~?+{}p*~
zmyPE6L~1+ln$95dm03gaCX?Mx^?0LvGdEce@^Fw=4Li}NJ(PPrnJG8UTM7f;`bHcw
z$Z`@wnD>WO{R;Z3>cG3IgFX2EA?PK^M}@%1%A;?f6}s&CV$cIyEr#q5;yHdNZ9h{|
z-=dX+a5elJoDo?Eq&Og!nN6A)5yYpnGEp}?=!C-V)(*~z-+<AB{~}$sb=b_3)fww3
z1aC=mU#wAjt*hH!O=_Rq0hO_a&wY#~Xao9@|NW*<bx}+viW;viI*Z+I?~t{%B+v(!
zDDr@@d60%bC|=S0vZozViq<m)h@uyR_WM|>?kY1Q7qs#Rsy%hu_60rdbB+QQNr?S1
z?;xtjUv|*E3}HmuNyB9aFL5H~3Ho0UsmuMZELp1a#CA1g`P{-mT?B<X1H9ohvAM^;
z+8=gDne1h_tC$>chuLEtK}!QZ=3AWakRu~?f9V~3F;TV`5%9Pcs_$gq&CcU}r8gOO
zC2&SWPsSG{&o-LIGTBqp6SLQZPvYKp$$7L4WRRZ0BR$Kf0I0SCFkqveCp@f)o8W)!
z$%7D1R`&j7W9Q9CGus_)b%+B#J2G;l*FLz#s$hw{BHS~WNLODV#(!u_2Pe&tMsq={
zdm7>_WecWF#D=?eMjLj=-_z`aHMZ=3_-&E8;ibPmM}61i6J3i<Ry9$0oO(dC+M{8z
zs~&fm$9WhF63%!K_Mm6jbUbs_bSm8+)$j`QmCxcnfVz-~LWI0Pvt$(Iiice=m6f#A
znKpqTEVc`=3la-JE~IF8T$O7$xw2vGNtATg%;ITCJQ$<SdLX>s*=dKf%HC>=xbj4$
zS|Q-hWQ8T5mWde6h@;mS+?k=89?1FU<%qH9B(l&O>k|u_aD|DY*@~(`_pb|B#rJ&g
zR0(~(6<MTX1VH`>8fpUPz6TdS@4JT5MOPrqDh5_H(eX1$P2SQrkvN8sTxwV>l0)Qq
z0pzTuvtEAKRDkKGhhv^jk%|HQ1DdF%5oKq5BS>szk-CIke{%js?~%@$uaN3^Uz6Wf
z_iyx{bZ(;9y4X&>LPV=L=d+A}7I4GkK0c1Xts{rrW1Q7apHf-))`BgC^0^F(>At1*
za@e7{lq%yAkn*NH8Q1{@{lKhRg*^TfGvv!Sn*ed*x@6>M%aaqySxR|oNadYt1mpUZ
z6H(<Ni{=BqKRj2FW+}Co`K?u{@WLS%pQm3TU}Q0c616}yg+(R+@sl}k&>rupHYf&Z
z29$5g#|0MX#aR6TZ$@eGxxABRKakDYtD%5BmKp;HbG_ZbT+=81E&=XRk6m_3t9PvD
zr5Cqy(v?gHcYvYvXkNH@S#Po~q(_7MOuCAB8G$a9BC##gw^5mW16cML=T=ERL7wsk
zzNEayTG?mtB=x*wc@ifBCJ|irFVMOvH)AFRW8WE~U()QT=HBCe@s$dA9O!@`zAAT)
zaOZ7l6vyR+Nk_OOF!ZlZmjoImKh)dxFbbR~z(cM<ohJsx2;$$S(LMO!JiV@-OGlmm
z`NdjOOy9O@m26&M`?ASmTQ{@=-K%#U)U7w<-rclq>hfeX1l7S_`;h|v3gI}<v)x_w
zvu)Dq)`qX%>n9$sSQ>+3@AF<e#LTCwgPu=4ybha;DXu-e#IUo*sWeYFrWHoigJs{Q
zYu_ff&j$_|OP<X2&rv4d2FV^~F@43}*F8@FN!r^c>Ay9=B_y$)q;Wdl|C-X|VV3w8
z2S#>|5dGA8^9%Bu&fhmVRrTX>Z7{~3V&0UpJNEl0=N32euvDGCJ>#6dUSi&PxFW*s
zS`}TB>?}H(T2lxBJ!V#2taV;q%zd6fOr=SGHpoSG*4PDaiG0pdb5`jelVipkEk%FV
zThLc@Hc_AL1#D&T4D=w@UezYNJ%0=f3iVRuVL5H?eeZM}4W*bomebEU@e2d`M<~uW
zf#Bugwf`VezG|^Qbt6R_=U0}|=k;mIIakz99*>FrsQR{0aQRP6ko?5<7bkDN8evZ&
zB@_KqQG?ErKL=1*ZM9_5?Pq%lcS4uLSzN(Mr5=t6xHLS~Ym`UgM@D&VNu8e?_=<G2
z$Y^_uSNUz|Ag`4k$;;4dC>nSFtF$u@hpPSmI4Vo_t&v?>$~K4y(O~Rb*(MFy_igM7
z*~yYUyR6yQgzWnWMUgDov!!g=lInM+=lOmOk4L`O?{i&qxy&D*_qorRbDwj6?)!ef
z#JLd7F6Z2I$S0iYI={rZNk*<{HtIl^mx=h>Cim*04K4+Z4IJtd*-)%6XV2(M<qEcY
zKpTExU9W`Sp|>CscPiw_a+y*?BKbTS@BZ3AUao^%Zi#PhoY9Vib4N>SE%4>=Jco0v
zH_Miey{E;FkdlZSq)e<{`+S3W=*ttvD#hB8w=|2aV*D=yOV}<n%QCtpFj!1iP3=++
zF%bul8RQG~xNUT@7_D%fDp&f9U3+!yV(BF^EJ6M?ggfgy%D_aSJLQh<Q8L9^3Z4lP
zSliD?8{L~ZN{}ULe$or4iOcd9fCXx)uXD>(&p%0LbEWH$&@$X3x~CiF-?ejQ*N+-M
zc8zT@3iwkdRT2t(XS`d7`tJQAjRmKAhiw{WOqpuvFp`i@Q@!KMhwKgs<K(HF*wpN5
zv(vj1XA8yT@r9sbul0J^6}T8DTrg3?UvaTK(_8@BG(vOS@R#A};jf~t=|7FM{G%;V
z$moCx(glgj5-;%1QM|u%2d3FX97|2!-{zNf(~wZQL8&V6ON(xoE>A}%@sw8Xo5Y=F
zhRJZg)O4uqNWj?V&&vth*H#je6T}}p_<>!Dr#89q@uSjWv~JuW(>FqoJ5^ho0%K?E
z9?x_Q;kmcsQ@5=}z@tdljMSt9-Z3xn$k)kEjK|qXS>EfuDmu(Z8|(W?g<kN}okBu|
z`906+8rq=5w?nFA6VC1#eQVZ_=+&soKuCq9J4-B?5ajOsO<ZqBE?J2XT_J8fPV98+
zk#wtSBTro80%$s5KaeCr*oviwvkprv-mw0v@x!YSCMmDCbzwIduaRkq+nkD$>Y6-l
z@R_#M8=vxKMAoi&PwnaIYw2COJM@atcgfr=zK1bvjW?9B`-+Voe$Q+H$j!1$Tjn+*
z&LY<%)L@;zhnJlB^Og6I<R<r5yYZK!bg%i+z^Gb9&z&*Z#pVBay5jNKYESI$cqK!;
zs%j&*N?LE3ILkbKV_0UUpL<A`zeQtv+?k$&h|~*OX&e)^SV^abQ&PMGXtX3fI2kT=
z2Y%RbH`bf;|K;F8Mxo)Ov25Y*lHOz#D>&BOR-m?{IW;tyYC%FZ!&Z>kGjHJ6cqM-F
z&19n+e1=9AH1VrVeHrIzqlC`w9=*zfmrerF?JMzO&|Mmv;!4DKc(sp+jy^Dx?(8>1
zH&yS_4yL7m&GWX~mdfgH*AB4<e8V;o9`b8>{CKo;+egw=PrvkTaoBU+P-4u?E|&!c
z)DKc;>$$B6u*Zr1SjUh<mc1^2+c=@@6(J4|#?}T_|M2b62=4`4F-ba1m43BpL!aCj
zR^w2TEDEd$X7pi$++6T@mH_M(zN#-+gi}U5eaDqd^tUG_>2)FeuWLWHl5TH(UHWkf
zLs>7px!c5n;rbe^lO@ql<wf#W%s8knI~Th~JR_Kl+2&@Zoorl!op+Ba_ZYj2yD(^E
z$}7%1B7{$MlPHueM^5x<Vc5^Pd5$8yYQ@u;!UngDNs9O`zY)-uu_X-;n9-+TuAb`^
z<H1e|G%#k-<p?8qbT%m<kMd#1>YLzlDVp(z?6r<WUtyWnlD^G9B?_Ur{&KCOuHNMq
zk|B^K_<0Q-9-+@;d#BY&2k-R$to<44{eG#pW>PZel=YB)Uv&n!2{+Mb$-vQl=xKw(
zve&>xYx+jW_NJh!FV||r?;hdP<!CWxpcsZKiv4>*jOXYcLCp>DOtJ?2S^)DkM{{Eb
zS$!L$e_o0(^}n3tA1R3-$SNvgBq;DOEo}fNc|tB%%#g4RA3{|euq)p+xd3I8^4E&m
zFrD%}nvG^HUAIKe9_{tXB;tl|G<%>yk6R;8L2)KUJw4yHJXUO<O#J#etA!EQr#Ixj
zZuFu$GT+Wpqx#)|V^@Cm`sHrRN~=Je%6V#~5_a6U7SazOW-GgiQtB4%%~2(B0iBsg
z;PpJsF|+l@`Wy@y_OtfS`JgrB)rNO1MTjsxeQ7|k!FQ^3n6kbM;^~mT&4KxW*m77y
zq%{h&JwttX7mQ1|xDfr$rzHoYHzjn|^DmxVimK9<IM)^a;|9O2LO78(*WR_|D40bM
z4}thc%eqOsDqUE<D1~O4evp0zw~wzT!F>PM>(-+jxq4R;z8H#>rnJy*)8N+$wA$^F
z<U&lTYAkA<S9x1+2s?lu2|Zd2nj#EvZB!v_&9eAD+8*)ghmbT+{)~_^Px6pMeOz2X
zv~Wjk&YGtROVvA~E^msuyea-{C!TM*WVVa4lhy%2Gi&UvdDpYWzNapW2o<z2pU37x
zeudIr){wxOzdWU}R?Ue;nbpX4`c>N+H*3t)eFEgxLw+Nw3};4WV$qj&_D`%ADV2%r
zJCPCo%{=z7;`F98(us5JnT(G@sKTZ^;2FVitXyLe-S5(hV&Ium+1pIUB(CZ#h|g)u
zSLJJ<@HgrDiA-}V_6B^x1>c9B6%~847JkQ!^KLZ2skm;q*edo;UA)~?SghG8;QbHh
z_6M;ouo_1rq9=x$<`Y@EA{C%6-pEV}B(1#sDoe_e1s3^Y>n#1Sw;N|}8D|s|VPd+g
z-_$QhCz`vLxxrVMx3ape1xu3*wjx=yKSlM~nFgkNWb4?DDr*!?U)L_VeffF<+!j|b
zZ$Wn2$TDv3C3V@BHpSgv3JUif8%hk%OsGZ=OxH@8&4`bbf$`aAMchl^qN>Eyu3JH}
z9-S!x8-s4fE=lad%Pkp8hAs~u?|uRnL48O|;<hL9ZDZTaoVqCgAV4_fXA_B>*DEU!
zuS0{cpk%1E0nc__2%;apFsTm0bKtd&A0~S3Cj^?72-*Owk3V!ZG*PswDfS~}2<8le
z5+W^`Y(&R)yVF*tU_s!XMcJS`;<i5$MCe|U*GT!0%*LADX`D^%6_<=D#Ru0`TRN8+
zm@tIK)49`32a<@shitOU#x<QU%nW!IzfjK>(Tr`J0%>p=Z&InR%D3@KEzzI+-2)HK
zuoNZ&o=wUC&+*?ofPb0a(E6(<2Amd6%uSu_^-<1?hsxs~0K5^f(L<W1_uUGAdyXWF
z-9E^}>sGqgEF^+0_H=uNk9S0bb!|O8d?m5gQjUKevPaO+*VfSn^2892K~%crWM8+6
z25@V?Y@J<9w%@NXh-2!}SK_(X)O4AM1-WTg>sj1{lj5@=q&dxE^9xng1_z9w9DK>|
z6Iybcd0<ba%T-PM@iR4f+hWNy2(Dh#%r^4ZjOOcYUhl?lcc*@SuVYF<0NRX~sTl15
z&yX+gisvpMdp($7GpQ}~BtfayBnqkt65sVAS)H#))Ya=X_9qRpsELVk)K-Umx|Q>e
zy<csGv$iOY<#zt!tLyihB^h0nm-w?)HRS0&_TFyZkN{(*U!r-+J#Pt@VJw|c&+Ad7
zGuhURv<S1E^2YPq{$<>i;Ew!KBRIfGPGytQ6}z}MeXCfLY0?9%RiyagSp_D1?N&c{
zyo>VbJ4Gy`@Fv+5cKgUgs~na$>BV{*em7PU3%lloy_aEovR+J7TfQKh8BJXyL6<F;
zULuFu;b(C;CC(l^>|P8un-Jnq(ghd!_HEOh$zlv2$~y3krgeH;9zC}V3<xe_B^^Vb
z>f`uDtW(%mT#944DQa~^8ZI+zAUu4U(j0YcDfKR$bK#gvn_{JZ<YX};laf~yTsdEA
zA~Ra?VD!R`MyGN9;7}SV*B=q$h>>|gZ5+)u?T$w<UlM8Es^_5l0fa>7Q%F^;!Wk?G
z(le7r!ufT*cxS}PR6hIVtXa)i`d$-_1KkyBU>qmgz-=T};uxx&sKgv48akIWQ89F{
z0<y9Cbjk%^#=J+qPnsNw%*mP1XLirQj9jh94t22gxgVWwR*I>XiY?WM^~;|T8zBOr
zs#zuOONzH?svv*jokd5SK8wG>+yMC)LYL|vLqm^PMHcT=`}V$=nIRHe2?h)8WQa6O
zPAU}d`1y(>kZiP~Gr=mtJLMu`i<2CspL|q2DqAgAD^7*$xzM`PU4^ga`ilE134XBQ
z99P(LhHU@7qvl9Yzg$M`+dlS=x^(m-_3t|h>S}E0bcFMn=C|KamQ)=w2^e)35p`zY
zRV8X?d;s^>Cof2SPR&nP3E+-LCkS0J$H!eh8~k0qo$}00b=7!H_I2O+Ro@3O$nPdm
ztmbOO^B+IHzQ5w>@@@J4cKw5&^_w6s!s=H%&byAbUtczPQ7}wfTqxxtQNfn*u73Qw
zGuWsrky_ajPx-5`R<)6xHf>C(oqGf_Fw|-U*GfS?xLML$kv;h_pZ@Kk$y0X(S+K80
z6^|z)*`5VUkawg}=z`S;VhZhxyDfrE0$<offD>(PMurAxl~<>lfZa>JZ288ULK7D`
zl9|#L^JL}Y$j*j`0-K6kH#?bRmg#5L3iB4Z)%iF@SqT+Lp|{i`m%R-|ZE94Np7Pa5
zCqC^V3}B(FR340pmF*qaa}M}+h6}mqE~7Sh!9bDv9YRT|>vBNAqv09zXHMlcuhKD|
zcjjA(b*XCIwJ33?CB!+;{)vX@9xns_b-VO{i0y?}{!sdXj1GM8+$#v>W7nw;+O_9B
z_{4L;C6ol?(?W0<6taGEn1^uG=?Q3i29sE`RfYCaV$3DKc_;?HsL?D_fSYg}SuO5U
zOB_f4^vZ_x%o`5|C@9C5+o=mFy@au{s)sKw!UgC&L35aH(sgDxRE2De%(%OT=VUdN
ziVLEmdOvJ&5*tCMKRyXctCwQu_RH%;m<lO9)YlolKp~SHA~$RD@rJEPJ4LfFabjtz
zzIU?%C*Qz8oJB~DbsOtV|5q`38L}^8Uq{e{^Ki<?YLnvYT2b=9GoWdOL!w)E5Yy?N
zCPB}zb-LW~opI;Pm$>*$YK&m;jtbdH#Ak~13T1^f89tn`A%QEHWs~jnY~E}p_Z$XC
z=?YXLCkzVSK+Id`xZYTegb@W8_baLt-Fq`Tv|=)JPbFsKRm)4UW;yT+J`<<s6L^~#
zDKX^stn#n?Mc#=>)%#ue9DPOkje)YF2fsCilK9MIIK>p*`fkoD5nGfmLwt)!KOT+>
zOFq*VZktDDyM3P5UOg`~XL#cbzC}eL%qMB=Q5$d89MKuN<r)TznqqP**!jJ?cnTT2
zaaf?rvaC;><?H&|zm@ni*?D9zRWNdd5|h7<r<^y7j=M<<S|!iYxdgG*6u6u?mWfD3
zB)<Dfkbae`fO#+9WEYybHeZv}*cbdmPDkPU(jb+Sl1(!A;;QmZ9oNWRty}&5QMWy9
zX_w<YIby`Y;2BC{-IfA^=3f)~-*KF*rKr=krZyJeUl;NhG@Ajb2fr2VF0H7ZuP8_;
zl#_lD<2+R)LHx3c896sfpWG@kpwT@>#$6|4gx_Jt0Gfn8w&q}%lq4QU%6#jT*MRT%
zrLz~C8FYKHawn-EQWN1B75O&quS+Z81(zN)G>~vN8VwC+e+y(`>HcxC{MrJ;H1Z4k
zZWuv$w_F0-Ub%MVcpIc){4PGL^I7M{>;hS?;eH!;<Yf7EM>gmcOE66z3;Z1Phqo(t
zVP(Hg6q#0gIKgsg7L7WE!{Y#1nI(45tx2{$34dDd#!Z0NIyrm)HOn5W#7;f4pQci#
zDW!FI(g4e668kI9{2+mLwB+=#9bfqgX%!B34V-$wwSN(_cm*^{y0jQtv*4}eO^sOV
z*9xoNvX)c9isB}Tgx&ZRjp3kwhTVK?r9;n<haxnrRq){mtk9A+#MWR@iL>!x>^XYT
z@Q^7zp{rkIs{2mUSE^2!Gf6$6;j~&4=-0cSJJDizZp6LTe8b45;{AKM%v99}{{FfC
zz709%u0mC=1KXTo(=TqmZQ;c?$M3z(!xah>aywrj40sc2y3rKFw4jCq+Y+u=CH@_V
zxz|qeTwa>+<|H%8Dz5u>ZI5MmjTFwXS-Fv!TDd*`>3{krWoNVx$<133`(ftS?ZPyY
z&4@ah^3^i`vL$BZa>O|Nt?ucewzsF)0zX3qmM^|waXr=T0pfIb0*$AwU=?Ipl|1Y;
z*Pk6{C-p4MY;j@IJ|DW<V4g+WfmkDAI{!240rBm;^p*C?EK5<-i6<dFN`<4WIVA6x
zQ_A}VBKmDESd)f<tKV+_7{`O-ZQ=Kw_N>>QHZQJcp;Z~?8(Q+Kk3^0qJ}SCk^*n4W
zu9ZFwLHUx-$6xvaQ)SUQcYd6fF8&x)V`1bIuX@>{mE$b|Yd(qomn3;bPwnDUc0F=;
zh*6_((%bqAYQWQ~odER?h>1mkL4kpb3s7`0m@rDKGU*oyF)$j~Ffd4fXV$?`f~rHf
z<dmhsigJ=rWi_aV`WXyhB>B%Y)@5SXZvfwm10RY5X?TEo)PK_`L6qgBp=#>fO49$D
zDq8Ozj0q6213tV5Qq=;fZ0$|KroY{Dz=l@lU^J)?Ko@ti20TRplXzphBi>XGx4bou
zEWrkNjz0t5j!_ke{g5I#PUlEU$Km8g8TE|XK=MkU@PT4T><2OVamoK;wJ}3X0L$vX
zgd7gNa359*nc)R-0!`2X@FOTB`+oETOPc=ubp5R)VQgY+5BTZZJ2<L28T@@Z{~(FZ
zheu(w_rw1D2_zLx!dpDtOmwLC!DhBIo<Q>?9QwnO=<wr%&Gfr?0?EHFALMv;_+d?S
zzAg%@ydS-+C)WJy(gMckj>dnulIUF3gFn;BODC2)65)HeVd%t86sL7Rv^Y+nbn+&l
z6BAJY(ETvwI)Ts$aiE8rht4KD*qNyE{8{x6R|%akbTBzw;2+6<pQ&SDXNQj*or8md
z6z#{?Yky9DqRtSV0CMnGmM?NZ;=ja)lj3y_HwGOxfijBU4|3qigw`1zRQjL!B8PR+
zaRn%p#eR@M4(R@Wz!rx^(f#sKB!vBtl{_H&pMv^{xCn<;&`rM&o>Echkt+W+`u^XX
z_z&x%n<Jwv#rI=O_ITYt8jK&7Lbvimxh?Mpm*TNff4FbaUEWX?w*B~|ab(^T*a99t
zcJ#fCD8IP<V1pf_@pm2K2=}<d0_Y2*QClSUBi8yzf&VOuJ`CJAoEUwr?!mKD=5}o2
zV^&)q)<B;SMXmbXj|caU)A+-MMW5C}&8F^$XYi3}kDOaQe6Z+qH3z$S;;<vL9ydXD
zI5~P97&YCq9}$m^On$P-pTjcf#j%4IH8Sc*nG=+l4{M+gXHaFf{g{b8PUBySZmJ4r
UfUyy3EX0IC28@JalTrWuAK7&_a{vGU

literal 60756
zcmb5WV{~QRw(p$^Dz<H#6;^E9wry+0wkoz!v2EKnEB2dnp51QS&)(;ryWbCEt<_q_
z%vf{Ij$i-xF_)Yq2q+W~5CjAe5D@>@00IL3?^hro$gg*4VI_WAaTyVM5Foj~O|-84
z$;0<Gf%j{m{PRR<ei?BQVMQf6X^~s$@i8e$TDlonNm{DO@u_+RhI!`ggFoZ6!{QUt
z6V&1~-=IzbM#=jH8kEiGq(%D$R6*#ZXeb3}Hx4%r-~MIAuSNdPR|Ea}Z0lh9Z{O;l
z=Rp5sj;Vvbk(KfPIu-fvQ(YbO?d*&l{_PMsht{<6ud70f1_VU)KOZ9c-;1gK^$(==
z&28umt@Irov(&)dP=-)Hz_S{P7xEnP!ichkxx$E~7}a_a2q8(l2>6hMwt*rV;^8iB
z1~&0XWp<s4<3+-8i_yvLp=2@>YJmG?Ts^K9PC62H*`G}xom%S%yq|xvG~FIfP=9*f
zZo<U;yqPuzvK$}+n^LL;n^MT#U2$-W#`#sg?M@{@(gHfAYL^m#{&XY2t3v`wuX2Ob
zJ|E-g(=OFBrmQ4BNYySt*Qqd2Zl}{zt~_o(QZ0X@(Jm9-p$YdmymL==Ie?AQJ`?lf
z`Njkl*jD~p1=ZOtBV40hyN64OCJFd*fD3i~XsAso=-LMLs^|UBS%-sLHqPeN5cpej
zP96&U@H4ow7X*CS6N3Vk2xHMM5uO4=)iyB|+fIBqm)%MXwL_oiyPH}M@t<2mhnqdB
zpZ>DRJBm*Y0aId=qJ?7dyb)6)JGWGwe)MHeNSzhi)Ko6J<-m@v=a%NsP537lHe0R*
z`If4$aaBA#S=w!2z&m>{lpTy^Lm^mg*3?M&7HFv}7K6x*cukLIGX;bQG|QWdn{%_6
zHnwBKr84#B7Z+AnBXa16a?or^R?+>$4`}{*a_>IhbjvyTtWkHw)|ay)ahWUd-qq$~
zMbh6roVsj;_qnC-R{G+Cy6bApVOinSU-;(DxUEl!i2)1EeQ9`hrfqj(nKI7?Z>Xur
zoJz-a`PxkYit1HEbv|jy%~DO^13J-ut986EEG=66S}D3!L}Efp;Bez~7tNq{QsUMm
zh9~(HYg1pA*=37C0}n4g&bFbQ+?-h-W}onYeE{q;cIy<G6>%eZK9wZjSwGvT+&Cgv
z?~{9p(;bY_1+k|wkt_|N!@J~aoY@|U_RGoWX<;p{Nu*D*&_phw`8jYkMNpRTWx1H*
z>J-Mi_!`M468#5Aix$$u1M@rJEIOc?k^QBc?<b59)xNczO{#+_)9&wFZVex;^4Vl#
z>T(#=n&*5eS#u*Y)?L8Ha$9wRWdH^3D4|Ps)Y?m0q~SiKiSfEkJ!=^`lJ(%W3o|CZ
zSrZL-Xxc{OrmsQD&s~zPfNJOpSZUl%V8tdG%ei}lQkM+z@-4etFPR>GO<GhYd~TtJ
zwBkK^Mf~X+_zkRIz?y=<$$)%45zt~zJgiQCTcppoxe=pu88AJHVU3fzN(qJSGX29E
zfbGs2RA>H9+Y_F<3=~SXln9Kb-o~f>2a6Xz@AS3cn^;c_>l<hcV+2`3y`U@%b10Ti
zcsAuz3qW@}1&hcn9e|iQZ-*nRdQA=6HE0WZ=-IqLdFH?}s(4A4Su|ovlG8OIY!~1g
zV*}qrf+P~DZYbWlHL~*vJjRpSRBJ|RB}1Yk#lDowyB!0p;et0q>UwlK(n>z?A>NbC
z`Ud8^aQy>wy=$)w;JZzA)_*Y$Z5hU=KAG&htLw1Uh00yE!|Nu{<IBoPg2E_>EZkch
zY9O6x7Y??>!7pUNME*d!=R#s)ghr|R#41l!c?~=3CS8&zr6*aA7n9*)*PWBV2w+&I
zpW1-9fr3j{VTcls1><EmORLr6^_*km(FaYTm!{FpN(j*&ipG9#Bx7MzETdKx3MQix
zP9g$MFZr%m`tSm-g<Nl^j9AagC^~K|67C*eGSlxRu0?PgNMupvPEj}+ToIMPS(h_Y
z=br$^g2gKPI4Ilij?qSjH4rcN?$oLnmWI|kQy-!uDx_L8FFnwQg1LxHyC}zG(tlAZ
zH8z|S<;cL4*pQkj32mX3%Ut({&Q<B&y6N^XSz#?>ua}F*bbju_Xq%^v;-W~paSqlf
zolj*dt`BBjHI)H9{zrkBo<O`!SS6B=LKl>=B%>8}4jeBO<T-1a7W52S<GA6)qpHuH
zr-%V#6TJ~zK#}#SZ%KJiS%=&s@yJ4k(HVsTu!ro=zMmxYi)tO}vgJ_O50@u`M|%Ri
zphwWiXYN$*r|>~kWqO!~Thi!I1H(in=n^fS%nuL=X2+s!p}HfTU#NBGiwEBF^^tKU
zbhhv+0dE-sbK$>J#t-J!B$TMgN@Wh5wTtK2BG}4BGfsZOoRUS#G8Cxv|6EI*n&Xxq
zt{&OxCC+BNqz$9b0WM7_PyBJEVObHFh%%`~!@MNZlo*oXDCwDcFwT~Rls!aApL<)^
zbBftGKKBRhB!{?fX@l2_y~%ygNFfF(XJzHh#?`WlSL{1lK<Z@o#;*SdVGNH>T*gJM
zs>bd^H9NCxqxn(IOky5k-wALFowQr(gw%|`0991u#9jXQh?4l|l>pd6a&rx|v=fPJ
z1mutj{YzpJ_gsClbWFk(G}bSlFi-6@mwoQh-XeD*j@~huW4(8ub%^I|azA)h2t#yG
z7e_V_<4jlM3D(I+qX}yEtqj)cpzN*oCdYHa!nm%0t^wHm)EmFP*|FMw!tb@&`G-u~
zK)=Sf6z+BiTAI}}i{*_Ac$ffr*Wrv$F7_0gJkjx;@)XjYSh`RjAgrCck`x!zP>Ifu
z&%he4P|S)H*(9oB4uvH67^0}I-_ye_!w)u3v2+EY>eD3#8QR24<;7?*hj8k~rS)~7
zSXs5ww)T(0eHSp$hEIBnW|Iun<_i`}VE0Nc$|-R}wlSIs5pV{g_Dar(Zz<4X3`W?K
z6&CAIl4U(Qk-tTcK{|zYF6QG<GoVw~LX_9wmCyLIg5HrC)J9)r!7|t}PwF9G3L#(i
znq(TLP8w3<iIfL!hDIR3?YNM8r9A6!N(o8YBZ@w;24dkA6!cN#{d&#a!)STfC3#`w
zn~!m@(Thc7Y<7g`lPf7tavkY|IpA1z!Xc-);I@t+8Vv2n<pCz^dd3h3=M+#Ee$$px
z67Z%5xz9Jl=z|J4Mo=+AB<rDYZ9L~g-KY{Q-jka~-Ae^NqTXdE>5ArrEB!;5s?tW7
zrE3hcFY&k)+)e{+YOJ0X2uDE_hd2{|m_dC}kgEKqiE9Q^A-+>2UonB+L@v3$9?AYw
zVQv?X*pK;X4Ovc6Ev5Gbg{{Eu*7{N3#0@9oMI~}KnObQE#Y{&3mM4`w%wN+xrKYgD
zB-ay0Q}m{QI;iY`s1Z^NqIkjrTlf`B)B#M<jM!$tg=k5lp}=|!gJ`-A3NITdMu8RC
zj1XQSG|ZmbdcDW!n80TC;X9x@;5D9oK%Ld~mq|EemE{}fSaq-zyX$@FTX}$Oc0g22
zzETfvk4&(H@-vz=*ZPqWh};?ig{1!LM(TkY4LO&>ajZ#9u41oRBC1oM1vq0i|F59>
z#StM@bHt|#`2)cpl_rWB($DNJ3Lap}QM-+A$3pe}NyP(@+<iN(x4wVJ+_gbEd-^Zb
zWBwY%U*j*Br2PjW(*8Hx+37o((b+lJej%fixv?WP#pslTG#zE5G`)n>i1>o^<jA}~
z(^v!&G?YSwQv@?ogo0voxWugllcS<_%l`tol>fe-oxX#<wXu`21Fg;1yW>Bt`mcQc
zb?pD4W%#ep|3%CHAYnr*^M6Czg>~L4?l16H1OozM{P*en298b+`i4$|w$|4AHbzqB
zHpYUsHZET$Z0ztC;U+0*+amF!@PI%^oUIZy{`L{%O^i{Xk}X0&nl)n~tVEpcAJSJ}
zverw15zP1P-O8h9nd!&hj$zuwjg?DoxYIw{<nX*|aXj4I;Pv(W_%0{1!UxR7=>jWM
zW5_pj+wF<yrjE;j>y8Tsa9g<7Qa21WaV&;ejoYflRKcz?#fSH_)@*QVlN2l4(QNk|
z4aPnv&mrS&0|6NHq05XQw$J^RR9T{3SOcMKCXIR1iSf+xJ0E_Wv?jEc*I#ZPzyJN2
zUG0UOXHl+PikM*&g$U@g+KbG-RY>uaIl&DEtw_Q=FYq?etc!;hEC_}UX{eyh%dw2V
zTTSlap&5>PY{6I#(6`j-9`D&I#|YPP8a;(sOzgeKDWsLa!i-$frD>zr-oid!Hf&yS
z!i^cr&7tN}OOGmX2)`8k?Tn!!4=tz~3hCTq_9CdiV!NIblUDxHh(FJ$zs)B2(t5@u
z-`^RA1ShrLCkg0<B?}_ts1DQjgp}W5VwQK_f$?l4FP6>)OhfoM;4Z{&oZmAec$qV@
zGQ(7(!CBk<5;Ar%DLJ0p0!ResC#U<+3i<|vib1?{5gC<oG^96_Cm0(UK10{w?+e+7
zEH(oxs^u==fa{@(*SXRYQr1OsHi@`@+xSt3wKAa_>ebG7$F7URKZXuX-2WgF>YJ^i
zMhHDBsh9PDU8dlZ$yJKtc6JA#y!y$57%sE>4Nt+wF1lfNIWyA`=hF=9Gj%sRwi@vd
z%2eVV3y&dvAgyuJ=eNJR+*080dbO_t@BFJO<@&#yqTK&+xc|FRR;p;KVk@J3$S{p`
zGaMj6isho#%m)?pOG^G0mzOAw0z?!AEMsv=0T>WWcE>??WS=fII$t$(^PDPMU(P>o
z_*0s^W#|x)%tx8jIgZY~A2yG;US0m2ZOQt6yJqW@XNY_>_R7(Nxb<qz*Zby*O0$bc
z&bwd!3N`yA)-yDGrw923g#%FdDs9(c!1zBe1RB8u-MYi3o@&Spv(9|!3<U?#VR{nH
z(>8Ged6BdYW6{prd!|zuX$@Q2o6Ona8zzYC1u!+2!Y$Jc9a;wy+pXt}o6~Bu1oF1c
zp7Y|SBTNi@=I(K%A60PMjM#sfH$y*c{xUgeSpi#HB`?|`!Tb&-qJ3;vxS!TIz<?2E
z;?m$vD?eW$Ky=1Yq)adqhc?p&C{7b5o?=)unOeZDH>uTZs-&%#bAkAyw9m4PJgvey
zM5?up*b}eDEY+#@tKec)-c(#QF0P?MRlD1+7%Yk*jW;)`f;0a-ZJ<A1MM6Y&2Bjrl
znqSWxYPQP0xd?S^aF>6CQA?E%>i2Dt7T9?s|9ZF|KP4;CNWvaVK<?o_JIw;}zDT`U
z8L9-eX*7(^ut$2QBvx;9WC*DK4d0Kl9Aoah9FvKFLU*E)t<DB)E+Hfy@{d<s5TtbK
z3@*SWX?`UQ;LR6RwJlyE3z}ZE!swzdANx@XuTjkujJwae)D4vw=Dql$%nf#rij0A7
zPZHIZfP9Y{HHIH6!OIl6HIjQP7s$4hLQfM=Y5?9w6~3&f-&54yS(z79jhWNyU*0R2
z2LGB!DxIQ?IKWc4-r|9{@l3idCG70wl#Y>Z+Qeut;Jith_y{v*Ny6Co6!8MZx;Wgo
z=qAi%&S;8J{iyD&>3CLCQdTX*$+Rx1AwA*D_J^0>suTgBMBb=*hefV+Ar<cd*@2&D
z8;>s#mmr+YsI3#!F@Xc1t4F-gB@6aoyT+5O(qMz*zG<9Qq*f0w^V!03rpr*-WLH};
zfM{xSPJeu6D(%8HU%0GEa%waFHE$G?FH^kMS-&I3)ycx|iv{T6Wx}9$$D&6{%1N_8
z_CLw)_9+O4&u94##vI9b-HHm_95m)fa??q07`DniVjAy`t7;)4NpeyAY(aAk(+T_O
z1om+b5K2g_B&b2DCTK<>SE$Ode1DopAi)xaJjU>**AJK3hZrnhEQ9E`2=|HHe<^tv
z63e(b<X3pR+d94@m}tS^Z3?)AN+iBxpwZ<D7`?_tGq?BO;qYoIK%|`4<lnL)z<I(0
zu_t<sVb~sefyW>n#fMWuz>4erc47}!J>U58%<&N<6AOAewyzNTqi7hJc|X{782&cM
zHZYclNbBwU6673=!ClmxMfkC$(CykGR@10F!zN1S<PPl%@(Hn|^OfVI^X@u=eB4LB
zU*t+xZ0wF<m*ErqYAYp>e83LR&a~$Ht&>~43OX22mt7tcZUpa;9@q}KDX3<tKWF1f
zxw`aDW9rcd*xv(|cjctJ=r<rB$*=tRKjhAT3QznFrq0&JHcrBBhQ@YI=C=P(hmztZ
zBtRHZf@NQr^M5yLSW}<&UN$I$ud6^2LG^C;CST5(r;3;$jf|I6ACztPf?wzMlh7(R
zK$zGkcsg9U$_~E{oniYivq)0tjRjewJEOw_A7w)SdVn|$`QY&`&=C?ozE>O&Ugp6<
zLZLfIMO5;pTee1vNyVC$FGxzK2f>0Z-6hM82zKg44nWo|n}$Zk6&;5ry3`(JFEX$q
zK&KivAe${e^5ZGc3a9hOt|!UOE&OocpVryE$Y4sPcs4rJ>>Kbi2_subQ9($2VN(3o
zb~tEzMsHaBmBtaHAyES+d3A(qURgiskSSwUc9CfJ@99&MKp2sooSYZu+-0t0+L*!I
zYagjOlPgx|lep9tiU%ts&McF6b0VE57%E0Ho%2oi?=Ks<h7|XGdLNwTI)ib?N6{Eu
z;h2l5*eV93*R)?j|9)5Mw{~AJzwV0Z*IoH9lKK|_`lq|{FC-HsFD==}hu}T8I5=Nj
zMm|Nv0wu!DR!AT$4?#iVwpDaiN4hcWqWH4L{RHwRzsnYkBn73d=5jdE`3OkM-m10*
zdSrK<cD9qSi<hEpW()G6&#VKxRV)hnG-x*2O9Ur9cji6_gKVb~I_9QB{xCNxI)s~q
zuptRHAY00`Qzhr7(2tu@2-Cypx8Giobh`{rL+hNjig(}@FZ>+5%aj#au^OBwNwhec
zta6QAeQI^V!dF1C)>RHAmB`HnxyqWx?td@4sd15zPd*Fc9hpDXP23kbBenBxGeD$k
z;<D{TYW<{z_^}oSud&ZuHEyD44V>%0VBQEJ-C)&dTAw_yW@k0u?IUk*NrkJ)(XEeI
z9Y>6Vel>#s_v@=@0<{4A{p<R|0RfTyuh&=hpG-YVMbi~o8Dk@%D2pXcC$zylS8Jch
zTmbubLr&$o2Hk+p^ded~#GH{7cu^WdnjPYm>l=9cQ&Iah0iD0H`q)7NeCIRz8zx;!
z^OO;1+IqoQNak&pV`qKW+K0^Hqp!~gSohcyS)?^P`JNZXw@gc6{A3OLZ?@1Uc^I2v
z+X!^R*HCm3{7JPq{8*Tn>5;B|X7n4QQ0Bs79uTU%nbqOJh`nX(BVj!#f;#J+WZxx4
z_yM&1Y`2XzhfqkIMO7tB3raJKQS+H5F%o83bM+hxbQ<YF8%f26g@w6?b)_6@vyLk>
zeeJm=Dvix$2j|b4?mDacb67v-1^lTp${z=jc1=j~QD>7c*@+1?py>%Kj%Ejp7Y-!?
z8iYRUlGVrQPandAaxFfks53@2EC#0)%mrnmGRn&>=$H$S8q|kE_iWko4`^vCS2aWg
z#!`RHUGyOt*k?bBYu3*j3u0gB#v<VSU``i9)i((*A4_MYpA70V(O^YWl0>(3tsije
zgIuNNWNtrOkx@Pzs;A9un+2LX!zw+p3_NX^Sh09HZAf>m8l@O*rXy_82aWT$Q>iyy
zqO7Of)D=wcSn!0+467&!Hl))eff=$aneB?R!YykdKW@k^_uR!+Q1tR)+IJb`-6=jj
zymzA>Sv4>Z&g&WWu#|~GcP7qP&m*w-S$)7Xr;(duqCTe7p8H3k5>Y-n8438+%^9~K
z3r^LIT_K{i7DgEJjIocw_6d0!<;wKT`X;&vv+&msmhAAnIe!OTdybPctzcEzBy88_
zWO{6i4YT%e4<cORn@|6PX^%-74fBfvI*qb65lguos^u7L67Q8>^WQZB)KHCvA(0tS
zHu_Bg+6Ko%a9~$EjRB90`P(2~6uI@SFibxct{H#o&y40MdiXblu@VFXbhz>Nko;7R
z70Ntmm-FePqhb%9gL+7U8@(ch|JfH5Fm)5${8|`Lef>LttM_iww6LW2X61ldBmG0z
zax3y)njFe>j*T{i0s8D4=L>X^j0)({R5lMGVS#7(2C9@AxL&C-lZQx~czI7Iv+{%1
z2<eOr>hEG>RzX4S8x3v#9sgGAnPzptM)g&LB}@%E>fy0vGSa(&q0ch|=ncK<Ys%|-
z$8{E%Rw4?D_8re!3!SBF?$73?o3k7+`5vm8pITte_z3-f7CoPck#W)v4slR3Zzqx8
zNVDE$E-!|FmIAfj{mDQ%vc<UpiEaVi&qHP&p?bTbEWARJ?xHePge3YNpI92C>jNrK
z`jA~jObJhrJ^ri|-)J^HUyeZXz~XkBp$VhcTEcTdc#a2EUOGVX?@mYx#Vy*!qO$Jv
zQ4rgOJ~M*o-_Wptam=~krnmG*p^j!JAqoQ%+YsDFW7Cc9M%YPiBOrVcD^RY>m9Pd<
zu}#9M?K{+;UIO!D9qOpq9yxUquQRmQNMo0pT`@$pVt=rMvyX)ph(-CCJLvUJy71DI
z<CI*+r=tVTlgn@b%PV`RM<s@b7^3<nL0kgliJ>Bk7oc7)-%ngdj~s@76Yse3L^gV0
z2==qfp&Q~L(+%RHP0n}+xH#k(hPRx(!AdBM$JCfJ5*C=<wG1tvhicE*gpY`ZCMnhj
z1G=jh5z6O!^6nUl+c3`w0_ln^hFS56L}g>K3ts>P?@@SZ_+{U2qFZb>4kZ{Go37{#
zSQc+-dq*a-Vy4?taS&{Ht|MLRiS)Sn14JOONyXqPNnpq&2y~)6wEG0oNy>qvod$FF
z`9o&?&6uZjhZ4_*5qWVrEfu(>_n2Xi2{@Gz9MZ8!YmjYvIMasE9yVQL10NBrTCczq
zcTY1q^PF2l!Eraguf{+PtHV3=2A?Cu&NN<O6VN>&a8V(y;q(^_mFc6)%Yfn&X&~Pq
zU1?qCj^LF(EQB1F`8NxNjyV%fde}dEa(Hx=r7$~ts2dzDwyi6ByBAIx$NllB4%K=O
z$AHz1<2bTUb>(MCVPpK(E9wlLElo(aSd(Os)^Raum`d(g9Vd_+Bf&V;l=@mM=cC>)
z)9b0enb)u_7V!!E_bl>u5nf&Rl|2r=2F3rHMdb7y9E}}F82^$Rf+P8%dKnOeKh1vs
zhH^P*4Ydr^$)$h@4<HY{kkgz6jX&Mdasz@VEoye!fw>KVzxrHyy#cKmWEa9P5DJ|-
zG;!Qi35Tp7XNj60=$!S6U#!(${6hyh7d4q=pF{`0t|N^|L^d8pD{O9@tF~W;#Je*P
z&ah%W!KOIN;SyAEhAeTafJ4uEL`(RtnovM+cb(O#>xQnk?dzAjG^~4$dFn^<@-Na3
z395;wBnS{t*H;Jef2eE!2}u5Ns{AHj>WYZDgQJt8v%x?9{MXqJsGP|l%OiZqQ1aB!
z%E=*Ig`(!tHh>}4_z5IMpg{49UvD*Pp9!pxt_gdAW%sIf3k6CTycOT1McPl=_#0?8
zVjz8Hj*Vy9c5-krd-{BQ{6Xy|P$6L<o)r^R5`ZQ`GQhYqfOupFa9l!9lz>JvMuX$*
zA+@I_66_ET5l2&gk9n4$1<ixm5Z@RUb^v5fP{&E>M3LN8(yEV<DNCy-M+F%4k9cS;
zC^^RKH!iKb*+NTZ($+>iRx&mtd#LD}AqEs?RW=xKC(OCWH;~>(X6h!uDxXIPH06xh
z*`F4cVlbD<GpM@G3X6T;YA>P`A)-fzf>MuScYsmq&1LUMGaQ3bRm6i7OsJ|%uhTDT
zlvZA1M}nz*SalJWNT|`dBm1$x<Um4i*)m*aUZO##LwDk6q63h|IW;0Cr>laA>CCiQ
zK`xD-RuEn>-`Z?M{1%@wewf#8?F|(@1e0+T4>nmlSRrNK5f)BJ2H*$q(H>zGD0>eL
zQ!tl_Wk)k*e6v^m*{~A;@6+JGeWU-q9>?+L_#UNT%G?4&BnOgvm9@o7l?ov~XL+et
zbGT)|G7)KAeqb=wHSPk+J1bdg7N3$vp(ekjI1D9V$G5Cj!=R2w=3*4!z*J-r-cyeb
zd(i2KmX!|Lh<K2eIYJREpvNMi&Z#7*f45@XYFPFRp`27wgA7b{lxe_pm*^6y<RLhc
z8e%Fbj59XhBop+|s8G!j;y`1~`5Wy@K-#-nr2&8P(UZtm7KDzi`O}$kr#>ey!snRw
z?#$Gu%S^SQEKt&kep)up#j&9}e+3=JJBS(s>MH+|=R(`8xK{mmndWo_r`-w<m*k89
zcV!Q$3TQF>1#SeRD&YtAJ#GiVI*TkQZ}&aq<+bU2+coU3!jCI6E+Ad_xFW*ghnZ$q
zAoF*i&3n1j#?B8x;kjSJD${1jdRB;)R*)Ao!9bd|C7{;iqDo|T&>KSh6*hCD!rwv=
zyK#F@2+cv3=|S1Kef(E6Niv8kyLVLX&e=U;{0x{$tDfShqkjUME>f8d(5nzSkY6@!
z^<s1zrx%Y{GxOAQiaP`zX4pWwf(3Q?%k(n<-*ko(!rd%~BRbzOMd+_y^a4+aH{F5%
zJscHc3gzd06%1tHe@VXo_oCsSee^HDb^OaWE0e5ck@*pZK0RqW9B3O#2!5)9`cvEa
zg%b@5T@#X^O2>-0>DM)wa&%m#UF1F?zR`8Y3X#tA!*7Q$P3lZJ%*KNlrk_uaPkxw~
zxZ1qlE;Zo;nb@!SMazSjM>;34ROOoygo%SF);LL>rRonWwR>bmSd1XD^~sGSu$Gg#
zFZ`|yKU0%!v07dz^v(tY%;So(e`o{ZYTX`hm;@b0%8|H>VW`*cr8R%<Wzeb1B(_7j
zj%jg9z(<Muj+rwUU3J`9Kkr9fxe1hx2`oE|97F-6%bXb;NK9gbaH21ZD{h@XeCBlS
zTkbMM03Wrp)E~*3bm**>3n|ehw2`(9B+V72`>SY}9^8oh$En80mZK9T4abVG*to;E
z1_S6bgDOW?!Oy1LwYy=w3q~KKdbNtyH#d24PFjX)KYMY93{3-mPP-H>@M-_>N~DDu
zENh~reh?JBAK=TFN-SfDfT^=+{w4ea2KNWXq2Y<;?(gf(FgVp8Zp-oEjKzB<XiW@L
z4DJ=*jZ)bsSD44~x>%2Iqj;48GmY3h=bcdYJ}~&4tS`Q1sb=^emaW$IC$|R+r-8V-
zf0$gGE(CS_n4s>oicVk)MfvVg#I>iDvf~Ov8bk}sSxluG!6#^Z_zhB&U^`eIi1@j(
z^CK$z^stBHtaDDHxn+R;3u+>Lil^}fj?7eaG<FRml8CUEBOnAV8CmKw;V=T((V6h(
z;KHNVT}hTA4oyjv0NUAbK-AxArk$+6ITFf=ABoS3b^1vXdN5Y3$j$Gn7L0qB<*F>B
z&5nl^STqcaBxI@v>%zG|j))G(rVa4aY=B@^2{TFkW~YP!8!9TG#(-nOf^^X-%m9{Z
zCC?iC`G-^RcBSCuk=Z`(FaUUe?hf3{0C>>$?<OA^A&va@m6n{p_RDbpCmC44*u>Vs
z`2Uud9M+T&KB6o4o9kvdi^Q=Bw!asPdxbe#W-Oaa#_NP(qpyF@bVxv5D5))srkU#m
zj_KA+#7sqDn*Ipf!F5Byco4HOSd!Ui$l94|IbW%Ny(s1>f4|Mv^#NfB31N~kya9!k
zWCGL-$0ZQztBate^fd>R<KTx+Kn<12wUG%9I!9v@uJ1RK?y>!hXY_N9ZjYp3V~4_V
z#eB)Kjr8yW=+oG)BuNdZG?jaZlw+l_ma8aET(s+-x+=F-t#Qoiuu1i`^x8Sj>b^U}
zs<v<BrDUuc#V%G@XYC{+Sg}|bZ*&$Xmy?7Y(n?p_lr<7QNavDlGr?4z!qaMY=`TAM
zFH`)mW};}4R%}`-v*@TwSk0p!c2gBZF<0Y~yAY5urGWuSR(DcbqvUph8QXsf(x2A!
z>^z<()YMFP7CmjUC@M=&lA5W7t&cxTlzJAts*%PBDAPuqcV5o7HEnqjif_7xGt)F%
zGx2b4w{@!tE)$p=l3&?Bf#`+!-RLOleeR<bP1HAuJwpA7V6w3e&7FnVSAlVevD>k3
z7#pF|w@6_sBmn1nECqdunmG^}pr5(ZJQVvAt$6p3H(16~;vO>?sTE`Y+mq5YP&PBo
zvq!7#W$Gewy`;%6o^!Dtjz~x)T}Bdk*BS#=EY=ODD&B=V6TD2z^hj1m5^d6s)D*wk
zu$z~D7QuZ2b?5`p)<Zk5N<LwAw|NY@XF!9G7+>E8e2_L38v3WE{V`bVk;6fl#o2`)
z99JsWhh?$oVRn@$S#)uK&8DL8>An0&S<%V8hnGD7Z^;Y(%6;^9!7kDQ5bjR_V+~wp
zfx4m3z6CWmmZ<8gDGUyg3>t8wgJ5NkkiEm^(sedCicP^&3D%}6LtIUq>mXCAt{9eF
zNXL$kGcoUTf_Lhm`t;hD-SE)m=iBnxRU(NyL}f6~1uH)`K!hmYZjLI%H}AmEF5RZt
z06$wn63<H*D^}!!_~!rctzB?W+<x$IW(W<z1pS(B1aK00$0*UbQ&o~2AGrgPX{+%L
zjpNNy?injFg0d#OC9*3D`YWIJp4knE9&uEHc=jswzMs5P)Ct~!Qhd!W;4aD36N5rn
zR-$WHi87V$r>GHnApHXZZJ}s^s)j9(BM6e*7IBK6Bq(!)d~zR#rbxK9NVIlgquoMq
z=eGZ9NR<I_0;qaLkr^sqs*eI>!SEqP6=9UQg#@!rtbbSBUM#ynF);zKX+|!Zm}*{H
z+j=d?<x8+W+YzUX8`Wzx$M0@ats$ISI!}Y&e$baoEyt_PL67D-!l9jd$-U47GPlhn
zFZ(p{^KerTig5@++3nwFz)bDI^Rg#*4JrNT%{~<3KmSD&ZJ;XGkp4=fS6_`Bk^dyB
z2<kf;i`zIF+c=s#nY$P(Iysozn0`U;e|0>aZ2!?@EL7C~%B?6ouCKLnO$uWn;Y6Xz
zX8dSwj732u(o*U3F$F=7xwxm>E-B+SVZH;O-4XPuPkLSt_?S0)lb7EEg)Mglk0#eS
z9@jl(OnH4juMxY+*r03VDfPx_IM!Lmc(5hOI;`?d3<n0O2)hcsP_2=f#ul^%8WEjH
z_45k7p1r2G5<EoD-7_hh0-~>7f>jPP$?9jQQIQU@i4vuG6MagEoJrQ=RD7xt@8E;c
z<Z~cp<{k@e+=yUE(YejRT8|zYjy+~C+(wP9bf2{6?hB`L=aUc<odY()WVr`t9nSc0
zAeWGRrle!<ccgxgu=eN|0Q>eGV*+Pt+t$@pt!|McETOE$9k=_C!70uhwRS9X#b%ZK
z%q(TIUXSS^F0`4Cx?Rk07C6wI4!UVPeI~-fxY6`YH$kABdOuiRtl73MqG|~AzZ@<e
z70bZ1Xfg@ML9rX@!O{Xhvx6+$D#ej982$eGa_sxL;&>iL&^s?24iS;RK_pdlWkhcF
z@Wv-Om(Aealfg)D^adlXh9Nv<v-}opkLv5Ft~N;ilf%n_18GR>f~Uf@y;g3Y)i(YP
zEXDnb1V}1pJT5ZWyw=1i+0fni9yINurD=EqH^ciOwLUGi)C%Da)tyt=zq2P7pV5-G
zR7!oq28-Fgn5pW|<Sr(TR-f}>nlu^b!S1Z#r7!Wtr{5J5PQ>pd+2P7RSD?>(U7-|Y
z7ZQ5lhYIl_IF<9?T9^IPK<(Hp;l5bl5tF9>X-zG14_7PfsA>6<$~A338iYRT{a@r_
zuXBaT=`T5x3=s&3=RYx6NgG>No4?5KFBVjE(swfcivcIpPQFx5l+O;fiGsOrl5teR
z_Cm+;PW}O0Dwe_(4Z@XZ)O0W-v2X><&L*<~*q3dg;bQW3g7)a#3KiQP>+qj|qo*Hk
z?57>f2?f@`=Fj^nkDKeRkN2d$Z@2eNKpHo}ksj-$`QKb6n?*$^*%Fb3_Kb<??RAja
zk0V>f1(*W9K>{L$mud2WHJ=j0^=g30Xhg8$<s&?w=aRQaO9t&giJ1(RsSL3%_cC6M
z*CW9(Zh9c_42B<|)&oM^-GzGdz1}f&d3F5BYqWb4q+Sw(ib=VNbJPT@^wT=3tW(7y
zrx1-UKq0(c(u-_d3s{C`aQ&0%#$*~vtZCzBHFqiV3;VEe=EsFn^iO}7H|DQJkk9H;
zB0P{n&~U<*$_g%{-r&>#g^?36`p1fm;;1@0Lrx+8t`?vN0ZorM<NTJbjJv2{-dI;>
zS<hDSyFi<GVb++PZX@XtOI*=$j*U@=`@o~{Gi!F-NK(%gyI#{g6|hETm*WG_p}s8L
zjZRCuf%OK?g`?(Q%o?EJIq8XN^)7E@6pk&Uqpm7^VOiV00>W?rhjCE8$C|@p^sXdx
z|NOHHg+fL;HIlqyLp~SSdIF`TnSHehNCU9t89yr@)FY<~hu+X`tjg(aSVae$wDG*C
zq$nY(Y494R)hD!i1|IIyP*&PD_c2FPgeY)&mX1qujB1VHPG9`yFQpLFVQ0>EKS@Bp
zAfP5`C(sWGLI?AC{XEjLKR4FVNw(4+9b?kba95ukgR1H?w<8F7)G+6&(zUhIE5Ef%
z=fFkL3QKA~M@h{nzjRq!Y_t!%U66#L8!(2-GgFxkD1=JRRqk=n%G(yHKn%^&$dW>;
zSjAcjETMz1%205se$iH_)ZCpfg_LwvnsZQAUCS#^FExp8O4CrJb6>JquNV@qPq~3A
zZ<6dOU#6|8+fcgiA#~MDmcpIEaUO02L<Rkl`=Q>5#T$HV0$EMD94HT_eXLZ2Zi&(!
z&5E>%&|FZ`)CN10tM%tLSPD*~r#--K(H-CZqIOb99_;m|D5wdgJ<1iOJz@h2Zkq?}
z%8_KXb&hf=2Wza(Wgc;3v3TN*;HTU*q2?#z&tLn_U0Nt!y>Oo>+2T)He6%XuP;fgn
z-G!#h$Y2`9>Jtf}hbVrm6D70|ERzLAU>3zoWhJmjWfgM^))T+2u$~5>HF9jQDkrXR
z=IzX36)V75PrFjkQ%TO+iqKGCQ-DDXbaE;C#}!-CoWQx&v*vHfyI>$HNRbpvm<`O(
zlx9NBWD6_e&J%Ous4yp~s<!5el5C5+U(6q$naw*;HMpy|CU=dglNI1EQ%|HQk4H*H
z4vZmq8i&o(xLex%_9CXr+V#E5;>6)Ghni!I6)0W;9(9$y1wWu`$gs<$9Mcf$L*piP
zPR0Av*2%ul`W;?-1_-5Zy0~}?`e@Y5A&0H!^ApyVTT}BiOm4GeFo$_oPlDEyeGBbh
z1h3q&Dx~GmUS|3@4V36&$2uO8!Yp&^pD7J5&TN{?xphf*-js1fP?B|`>p_K>lh{ij
zP(?H%e}AIP?_i^f&Li=FDSQ`2<P4}YJBR3<86=L)lNLn?n<UqJ){hazu7oE1W<WpM
zkEayA#3<YDk5vng9{R3EwAsH9RNs3PX=z8hou#I@lclzVbk)C_>_NWxL+BB=nQr=$
zHojMlXNGauvvwPU>ZLq!`bX-5F4jBJ&So{kE5+ms9UEYD{66!|k~3vsP+mE}x!>%P
za98bAU0!h0&ka4EoiDvBM#CP#dRNdXJcb*(%=<(g+M@<)DZ!@v1V>;54En?igcHR2
zhubQMq}VSOK)onqHfc<PBSX0Qkle<U&d;N1BT|$4=Uqpo2tm04^j~@drYI0P7duc%
zes@lg1;1w}#p3u@$yb(xFl7Q9B8k2c_rQZ?>zM7YA@s=9*ow;k;8)&?J3@0JiGcP!
zP#00KZ1t)GyZeRJ=f0^gc+58lc4Qh*S7RqPIC6GugG1gXe$LIQMRCo8cHf^qXgAa2
z`}t>u2Cq1CbSEpLr~E=c7~=Qkc9-vLE%(v9N*&HF`(d~(0`iukl5aQ9u4rUvc8%m)
zr2GwZN4!s;{SB87lJB;veebPmqE}tSpT>+`t?<457Q9iV$th%i__Z1kOMAswFldD6
ztbOvO337S5o#ZZgN2G99_AVqPv!?Gmt3pzgD+Hp3QPQ`9qJ(g=kjvD+fUSS3upJn!
zqoG7acIKEFRX~S}3|{EWT$kdz#zrDlJU(rPkxjws_iyLKU8+v|*oS_W*-guAb&Pj1
z35Z`3z<&Jb@2Mwz=KXucNYdY#SNO$tcVFr9KdKm|%^e-TXzs6M`PBper%ajkrIyUe
zp$vVxVs9*>Vp4_1NC~Zg)WOCPmOxI1V34QlG4!aSFOH{QqS<og-9*{m%{>Vq1^1)-
z0P!Z?tT&E-ll(pwf0?=F=yOzik=@nh1Clxr9}Vij89z)ePDSCYAqw?lVI?v?+&*zH
z)p$CScFI8rrwId~`}9YWPFu0cW1Sf@vRELs&cbntRU6QfPK-SO*mqu|u~}8AJ!Q$z
znzu}50O=YbjwKCuSVBs6&CZR#0FTu)3{}qJJYX(>QPr4$RqWiwX3NT~;>cLn*_&1H
zaKpIW)JVJ>b{uo2oq>oQt3y=zJ<SzS^-D>jb%fU@wLqM{SyaC6x2snMx-}ivfU<1-
znu1Lh;i$3Tf$Kh5Uk))G!D1UhE8pvx&nO~w^fG)BC&L!_hQk%^p`Kp@F{cz>80W&T
ziOK=Sq3fdRu*V0=S53rcIfWFazI}Twj63CG(jOB;$*b`*#B9uEnBM`hDk*E<oidpi
zVi-YCX)u~YCBI+laYqXSo<EX9^<PNdjZ=BtK`_ZYngaDtG5R2}vTD}f!DiphZC8q*
z6i0u#X*zYGRu)lm1ElCpjgBvp3Ldd|#4WH$%tK2cXGR#zWyK<<eW|7%5Ju2_h*||L
zg2wp|<^Qbr0(rt`iD%~4&vfIMiU-hB(&TS(L<Ua}Ae0?Iw}pCJ-m<j9H*WOItm42P
z+4mexCkJJkqGU65>wSRdwP8?5T?xGUKs=5N83XsR*)a4|ijz|c{4tIU+4j^A5C<#5
z*$c_d=5ml~%pGxw#?*q9N7aRwPux5EyqHVkdJO=5J>84!X6P>DS8PTTz>7C#F<Zu4
zp3F5$$3=BvvzoPSkFVMT=*}cwr4^?8L-w1olVUL5gHh{)p1vygqRx_|5M(|5i$<sf
zD*3bQ%l!Ml%>O?k#edkntG<Krzma04@|w*Y9|BKCf&FeXNg|upC}{zu^oHarA7zIf
zC8{uLE&-S@l`ZxV=v;r*B3!WS4z%0OHxj5&2`?c0;8f|2cq)E6RQk=VwECk+Q<E<b
z===nd>+fJk8ZMn?pmJSO@`x-QHq;7^h6GEXLXo1TC<!%G;g|1m1_bS}WUN;u(X1H_
zC*#P|&x2L7jt9)tK*_e)O{|{ck0S}rdz!bjq~RUIX}#ve9vhD}wsXP2-}YSVJ>NhH
z8ZDH{*NLAjo3WM`xeb=X{((uv3H(8&r8fJJg_uSs_%hOH%JDD?hu*2NvWGYD+j)&`
zz#_1%O1wF^o5ryt?O0n;`lHbzp0wQ?rcbW(F1+h7_<Pe?a2+{KTPMp$CgHfSHrYCA
zK{ERTzz`pSB$~vt3tii8P;~CRII8wO)%F!tVN6C6<1n2x%4zAuytITcED<o5IyW7o
zh-G7-*3%BqRFkVI(T5y^ar95CXup=KHGy2BZYuLh)vrm>EZZ<i<-|Mk=_v8nD5m5v
zdpML`Rs@XrmR1I|!5H>9{>rePvLAPVZ_R|n@;b$;UchU=0j<6k8G9QuQf@76oiE*4
zXOLQ&n3$NR#p4<5NJMVC*S);5x2)eRbaAM%VxWu9ohlT;pGEk7;002enCbQ>2r-us
z3#bpXP9g|mE`65VrN`+3mC)M(eMj~~eOf)do<@l+fMiTR)XO}422*1S<RWVx0`Uk8
z=5;*6NK#2D`zc^JM6i=$pyv-R_l)2#3c6jS0ZcmLz1#Dg>L{wyY(%oMpBgJagtiDf
zz>O6(m;};>Hi=t8o{DVC@YigqS(Qh+ix3Rwa9aliH}a}IlOCW1@?%h_bRbq-W{KHF
z%Vo?-j@{Xi@=~Lz5uZP27==UGE15|g^0gzD|3x)SCEXrx`*MP^FDLl%pOi~~Il;dc
z^hrwp9sYeT7iZ)-ajKy@{a`kr0-5*_!XfBpXw<un0R1t>EcFGJ;%kV$0Nx;apKrur
zJN2J~CAv{Zjj%FolyurtW8RaFmpn&zKJWL>(0;;+q(%(Hx!GMW4AcfP0YJ*Vz!F4g
z!ZhMyj$BdXL@MlF%KeInmPCt~9&A!;cRw)W!Hi@0DY(GD_f?jeV{=s=cJ6e}JktJw
zQORnxxj3mBxfrH=x{`_^Z1ddDh}L#V7i}$njUFRVwOX?qOTKjfPMBO4y(WiU<)epb
zvB9L=%jW#*SL|Nd_G?E*_h1^M-$PG6Pc_&QqF0O-FIOpa4)PAEPsyvB)GKasmBoEt
z?_Q2~QCYGH+hW31x-B=@5_AN870vY#KB~3a*&{I=f);3Kv7q4Q7s)0)gVYx2#Iz<e
zcH?D}+f3Q#s`S_o+I!i;AG^@C;`0g<<}J>9g(F<Nt8qTR6vu`Q_y)iK3d>2;=+Iy4
z6KI^8GJ6D@%tpS^8boU}zpi=+(5GfIR)35PzrbuXeL1Y1N%JK7PG|^2k3qIqHfX;G
zQ}~JZ-UWx|60P5?d1e;AHx!_;#PG%d=^X(AR%i`l0jSpYOpXoKFW~7ip7|xvN;2^?
zsYC9fanpO7rO=V7+KXqVc;Q5z%Bj})xHVrgoR04s<WC19*!aSDBN9bsQ!y_RQh!2^
zM?3OYfd1?Of*;~K;fPyA-Zs2YGEobYXZSuxP}4a~sqAr!U$f%5T_yC9m}8r(jTC#Z
zlS5i1zBtiGG~ok?`vdcED-M&WdW#GCV?b8L_D^$erV#MdoMmoYt9TZ|Ht9A`j0>A2
zl~DAwv=!(()DvH*=lyhIlU^hBkA0$e*7&fJpB0|oB7)rqGK#5##2T`@_I^|O2x4GO
z;xh6ROcV<9>?e0)MI(y++$-ksV;G;Xe`lh76T#Htuia+(UrIXrf9?<emJgERw<NIn
zQ3ku})$3b}us&H98W&5x<)bV~*h&=0ffNSk1dGwNXOQ%9)}<w_ggrrd<5YvvzW{lc
z%ra;Ag$A><p>L(tZ$0BqX1>24?V$S+&kLZ`AodQ4_)P#Q3*4xg8}lMV-FLwC*cN$<
zt65Rf%7z41u^i=P*qO8>JqXPrinQFapR7qHAtp~&RZ85$>ob|Js;GS^y;S{XnGiBc
zGa4IGvDl?x%gY`vNhv8wgZnP<sGTjZeSulPuO`MCGWcs$^L3#ATO-7+><iA~BUyg7
zK%Ww`C41~DlFVr(wLNj3&@sD(X1>#UYI-w*<g2t%j8f-#L_4CY4*BdT&|1*Oi_vum
zKr_(QQ>^4YCZnxkF85@ldepk$&$#3EAhrJY0U)lR{F6sM3SONV^+$;Zx8BD&Eku3K
zKNLZyBni3)pGzU0;n(X@1fX8wYGKYMpLm<N;CLpE$mA#FhwOAwFc3Gu*Y2ijqt2Mr
zEmgb5Rj4WSTt}-IA7KmFeJ5Mjqr(gVM>Cu{N5-}epPDxClPFK#A@02WM3!myN%bkF
z|GJ4GZ}3sL{3{qXemy+#Uk{4>Kf8v11;f8I&c76+B&AQ8udd<8gU7+BeWC`akUU~U
zgXoxie>MS@rBoyY8O8Tc&8id!w+_ooxcr!1<R^L(;4reEepdzdE}95d2?7a|m*bOO
zw-e)+?=QFS<bE97C&Ii^S^W*sEa3vQg$((7STwNpoGd886wr(*z1BNi)jL%HPZ&tN
zMU1+!wKw7>?#rc$-|SBBtH6S?)1e#P#S?jFZ8u-Bs&k`yLqW|{j+%c#A4AQ>+tj$Y
z^CZajspu$F%73E68Lw5q7IVREED9r1Ijsg#@DzH>wKseye>hjsk^{n0g?3+gs@7`i
zHx+-!<a?ReO?pTi@}bP2;<uA@WM0R7zz}csHRnM~D!mg`gD>sjLx^fS;fY!ERBU+Q
zVJ!e0hJH%P)z!y%1^ZyG0>PN@5W~SV%<y=x@j^(xiknw*C+Ur&ZKl@Fn|2w}`ly8(
zz_1QrAQphp;v3{c3l!jHVeo@tq)&pO(TmgH_gydMs#0|p0EwwF+U6X@z~IpBNd*kS
z6gu9R48Qg1ZmheUKP8?FTjqJfpHv+Qzur?E>f>}c?$H8r;Sy-ui>aruVTY=bHe}$e
zi&Q4&XK!qT7-XjCrDaufT@>ieQ&4G(SShUob0Q>Gznep9fR783jGuUynAqc6$pYX;
z7*O@@JW>O6lKIk0G00xsm|=*UVTQBB`u1f=6wGAj%nHK_;Aqmfa!eAykDmi-@u%6~
z;*c!pS1@V8r@IX9j&rW&d*}wpNs96O2Ute>%yt{yv<kbv8~>>k!6zfT6pru{F1M3P
z2WN1JDYqoTB#(`kE{H676QOoX`cnqHl1Yaru)>8Ky~VU{)r#{&s86Vz5X)v15ULHA
zAZDb{99+s~qI6;-dQ5DBjHJP@GYTwn;Dv&9kE<0R!<?&2c8~t|z-P*DUzhl0`)*&h
z|Nn!A|7U$aOKIxA^!*PLm$hJHXw+OP4ZezL1tUs=phN^Q<ajb=DGRYXwnS-lEtiqY
z<frQHk&G0bcD}r@nR4F*#?F;03be|bX?NbkjK|JLXOk{3&rif|A{D1QLy-_VbXfN<
z`&SwtIfw(ew@5F}*W~2($7(fcbFJ&i{R!6o{(JXA6Go7A?f0+7=m(n5mSsl@X02PS
z-WAkN+CBDC0Juwc><R~*^;Bg@=LH+}=1lFi@bNQ@$bvI%*KR054Mda5?OV~x-9V>d
z8tf1oq$kO`_sV(NHOSbMwr=To4r^X$`sBW4$gWUov|WY?xccQJN}1DOL|GEaD_!@&
z15p?Pj+>7d`@<hmz7-`Nlqgl%etYhVq(Lsv5EWt?S5qiu*a*btqng6H#LO-oz2SH0
z^xQ6+AKHkG1#oA+26Ir>LvNIu9*^hPN)pwcv|akvYYq)ks%`G>!+!pW{-iXPZsRp8
z35LR;DhseQKWYSD`%gO&k$Dj6_6q#vjWA}rZcWtQr=Xn*)kJ9kacA=esi*I<)1>w^
zO_+E>QvjP)qiSZg9M|GNeLtO2D7xT6vsj`88sd!94j^AqxFLi}@w9!Y*?nwWARE0P
znuI_7A-saQ+%?MFA$gttMV-NAR^#tjl_e{R$N8t2NbOlX373>e7Ox=l=;y#;M7asp
zRCz*CLnrm$esvSb5{<D+-TvHfiAKWjMv@f{O6HO_6qs!bUPBzAT_=n|ZXu1_p<5Uy
z3h~@8-S?LvkCJ{s{eD*A;Sn*288f6#+AhGxs`&<L9qn^;Z22jipcEpYF_>T<$6CjY
zmZ(i{Rs_<#pWW>(HPaaYj`%YqBra=Ey3R21O7vUbzO<NIYfKSkPH64b-_2c5+D94m
z%iNp4`dUo?NvQw#46nFlJ1h6~OcEsuw4>kJJO?V`4-D*u4$Me0Bx$K(lYo`JO}gnC
zx`V}a7m-hLU9Xvb@K2ymioF)vj12<*^oAqRuG_4u%(ah?+go%$kOpfb`T96P+L$4>
zQ#S+sA%VbH&mD1k5Ak7^^dZoC>`1L%i>ZXmooA!%GI)b+$D&ziKrb)a=-ds9xk#~&
z7)3iem6I|r5+ZrTRe_W861x8JpD`DDIYZNm{$baw+$)X^Jtjnl0xlBgdnNY}x%5za
zkQ8E6T<^$sKBPtL4(1zi_Rd(tVth*3Xs!ulflX+70?gb&jRTnI8l+*Aj9{|d%qLZ+
z>~V9Z;)`8-lds*Zgs~z1?Fg?Po7|FDl(Ce<*c^2=lFQ~ahwh6rqSjtM5+$GT>3WZW
zj;u~w9xwAhOc<<rq!H2nfR^7-SzR`1qG<@9=UVA!*EEe=aj$k=;J{9<>kF}~`CJ68
z?(S5vNJa;kriPlim33{N5`C{9?NWhzsna_~^|K2k4xz1`xcu<DiNXb8<8|Z|Cq-GN
zCj)9M_ZyLriw>i*LXL-1#Y}Hi9`Oo!zQ>x-kgAX4LrPz63uZ+?uG*84@<PwZBwue+
zS_(JptfpR*pv(`dE1<lRh0d;LEi#-yNm1~qOYx|4^9!+8XC372m2S)!zRs|&NM%#C
z+GAUzg{43ESA4LWP=nq0vMI~2O-KLrb1MH&d{DNr{9l?+9m-=0Uz-DYT;s)i8TcR&
zZh}K8#36!G;6ZC+XJ@IPDh1SQ+DH`botOlr$wuj)=;;c=MU$X;yOXeWp?}z{AJeP3
z$QB6%$q~}6J8i8sO`UWW+mc=Rc6o#AK{c`V$1Y3*YS}cR>PKq-KgQlMNRwz=6Yes)
zY}>YN+qP}nwr$(CZQFjUOI=-6J$2^XGvC~EZ+vrqWaOXB$k?%Suf5k=4>AveC1aJ!
ziaW4IS%F$_B<CZJ!UX;hU#7vjr-A^#gKV?ykV>abi)kA8Y&u4F7E%99OPtm=vzw$$
zEz#9rvn`Iot_z-r3MtV>k)YvErZ<^Oa${`2>MYYODSr6?QZu+<Xr5QDI3|}c*=v!t
z7aWklHMNmj(E4@B8u*Z;TyWOKVOpxR#jrE(G|coSCa0%my~OH?4?4W3oGfzXZ^Yl8
zoBlE^JMVJSf5Id9b3E|!Jy&$Nn|?alu2G4}CVoY>be-~MBjwPGdMvGd!b!elsdi4%
z`37W*8+OGulab8YM?`KjJ8e+jM(tqLKSS@=jimq3)Ea2EB%88L8CaM+aG7;27b?5`
z4zuUWBr)f)k2o&xg{iZ$IQkJ+SK>lpq4GEacu~eOW4yNFLU!Kgc{w4&D$4ecm0f}~
zTTzquRW@`f0}|IILl`!1P+;69g^upiPA6F{)U8)muWHzexRenBU$E^9X-uIY2%&1w
z_=#5*(nmxJ9zF%styBwivi)?#KMG96-H@hD-H_&EZiRNsfk7mjBq{<vAyj;V$oY$;
zeFf@1qm*3JDo_jY%mMvJK|}hElB4>L%!E;Sqn!mVX*}kXhwH6eh;b42eD!*~upVG@
z#smUqz$ICm!Y8wY53gJeS|Iuard0=;k5i5Z_<S6ivK6}$qoRMsg7V!3nguv@i1IcG
zTip=0gi~_71}Ye%-y+=r)peyFsi|a3!G{6XxhN#Qh|@7<<1d75@UG8;<MS%cR=T4O
zoC};`)PZx1F>hSIs6tr)R4n*r*rE`>38Pw&lkv{_r!jNN=;#?WbMj|l>cU(9trCq;
z%nN~r^y7!kH^GPOf3R}?dDhO=v^3BeP5hF|%4GNQYBSwz;x({21i4OQY->1G=KFyu
z&6d`f2tT9Yl_Z8YACZaJ#v#-(gcyeqXMhYGXb=t>)M@fFa8tHp2x;ODX=Ap@a5I=U
z0G80^$N0G4=U(>W%mrrThl0DjyQ-_I>+1Tdd_AuB3qpYAqY54upwa3}owa|x5iQ^1
zEf|iTZxKNGRpI>34EwkIQ2zHDEZ=(J@lRaOH>F|2Z%V_t56<AC&&@dFD$aTcihA@L
zsrWd?<myPVagWF6k#axl>Km$PUYu^xA5#5Uj4I4RGqHD56xT%H{+P8Ag>e_3p<L4#
zGGo`21LS^`#&pLj%z6&83bF#woRX8gnyg4E`RMx;A0GPTje`oZWY-mmMzZp&3~FVT
z%&JKi++U_$aax?RigODkBI8D0f>N$4m8n>i%OyJFPNWaEnJ4McUZPa1QmOh?t8~n&
z&RulPCors8wUaqMHECG=IhB(-tU2XvHP6#NrLVyKG%Ee*mQ5Ps%wW?<IHwX<9-vb-
zW|;MpO8qp-ZnW!-s%jOBntq(xp658aSEi+O=TlVuEDFeZ;Vf58T5E5oJgpsS$z*|w
z_>mcnriTVRc4J`2YVM>$ixSF2Xi+Wn(RUZnV?mJ?GRdw%lhZ+t&3s7g!~g{%m&i<6
z5{ib-<==DYG93I(yhyv4jp*y3#*WNuDUf6`vTM%c&hiayf(%=x@4$kJ!W4MtYcE#1
zHM?3xw63;L%x3drtd?jot!8u3qeqctceX3m;tWetK+>~q7Be$h>n6riK(5@ujLgRS
zvOym)k+VAtyV^mF)$29Y`nw&ijdg~jYpkx<Yqc8N6p%GnFnUNecXA;^tBlRNJF2~8
z83k&Izk?JNwKq$7B{7SaDzJleOD3(MTg8JS?=Wa}5<9yFzA)j$wyJG`eyNKZ->%*^
z8dz`C*g=I?;clyi5|!27e2AuSa$&%UyR(J3W!A=ZgHF9OuKA34I-1U~pyD!KuRkjA
zbkN!?MfQOeN>DUPBxoy5IX}@vw`EEB->q!)8fRl_mqUVuRu|C@KD-;yl=yKc=ZT0%
zB$fMwcC|HE*0f8<f|{q<VA<GPwt+_1vdY4dp0vY!lyK4+MMzS+wPs8%Y!YQ?CyA-f
z|5A#Ax91*K+5prTyd;RpVWXU<95EBu#@OP?@CFlP#ju<zpg)t6EZ7t+Phz{i%)wGY
z8Sly%qPUn+-#Zc6fnT8&C%dW&XQx|!Q}Y8ZE~UUjv&VIXbif`Up{+OPP#QE?I~5wN
zHg1NwMkYZhg(4h)DfG}WB{D2YgF!n(>+PVlW<RX4?O?hiF?W-4C-rmr<l4%Mf}qji
zkPzoVbI6zl!<d=O(O@8ySZ)?gs-s}EQaJeWY|cHwm*h+8s-uBy$q^5SBFqHNH!Nya
zV@RFH@>Hi>M`zfsA(NQFET?LrM^pPcw`cK+Mo0%8*x8@65=CS_^$cG{GZQ#xv($7J
z??R$P)nPLodI;P!IC3eEYEHh7TV@opr#*)6A-;EU2XuogHvC;;k1aI8asq7ovoP!*
z?x%UoPrZjj<&&aWpsbr>J$Er-7!E(BmOyEv!-mbGQGeJm-U2J>74>o5x`1l;)+P&~
z>}f^=Rx(ZQ2bm+YE0u=ZYrAV@apyt=v1wb?R@`i_g64YyAwcOUl=C!i>=Lzb$`tjv
zOO-P#A+)t-JbbotGMT}arNhJmmGl-lyUpMn=2UacVZxmiG!s!6<s%>H39@~&uVokS
zG=5qWhfW-WOI9g4!R$n7!|ViL!|v3G?GN6HR0Pt_L5*>D#FEj5wM1DScz4Jv@Sxnl
zB@MPPmdI{(2D?;*wd>3#tjAirmUnQoZrVv`xM3hARuJksF(Q)wd4P$88fGYOT1p6U
z`AHSN!`S<vf~_mGQCqX)ayUeL8g`S?LD*d~o*;e7Butl14T(z{eOwARI#k6Z+()QR
zRb-Fll&T}^(XzJMq%~^W5vm%)tln8#72}u>t}}UMBT9o7i|G`r<n?jT0vW2UItF>$
zrB=s$qV3d6$W9@?L!pl0l<c#ekbP<;Y&UotwnNp9`G`wO^=Aisw282N+FetlbD$(D
z7M*F%Rd<HPvo2^kToVnJhdjmlUST#jY=_jHJl3UwxoOwN6*yj#Q|53p9z(c~{M95w
z2|XIj8-<CPgenTQC)l6Cq+N$TfYAFyPq>f%)xs%1ko^=QY$ty-57=55PvP(^6E7cc
zGJ*>m2=;fOj?F~yBf@K@9qwX0hA803Xw+b0m}+#a(>RyR8}*Y<4b+kpp|OS+!whP(
zH`v{%s>jsQI9rd$*vm)EkwOm#W_-rLTHcZRek)>AtF+~<(did)*oR1|&~1|e36d-d
zgtm5cv1O0oqgWC%Et@P4Vhm}Ndl(Y#C^MD03g#PH-TFy+7!Osv<s)+{oZ?`ap%hJ=
z*bwh1?V<z`MwG&0U7SJ4*@zJBC@n5eBU+e74xsX-sjHT`s*lOwc6j~7QTT;glq}6g
z&*%49-SpK^iuY*QN`=#PT9cA+UIO{$3ZZc%>1z^UWS9@%JhswEq~6kSr2DITo59+;
ze=ZC}i2Q?CJ~Iyu?vn|=9iKV>4j8KbxhE4&!@SQ^dVa<p=`%D$z@S%=#yKBRv78Cx
zjasr<f+hkxQ?tW2jO~X7qqFZ|M=u+1v6N#}-O}J_%RE)_BxhmClZdOv0jO$0)%AEc
ze|Be+FNW#V0(^5Jes;NbH!9p(kf|KS=`TmjGtzk>-gK@YfS9xT(0kpW*EDjYUkoj!
zE49{7H&E}k%5(>sM4uGY)Q*&3>{aitqdNnRJkbOmD5Mp5rv-hxzOn80QsG=<y&iAv
zoygUqB(HTOw-D%a7G$=rjE8g{ZQXwB7#B8Wxwbz08Jsb0u509=?`<rrdnI^FIQeST
zajiSMO#8sNw9ue(d(mgN_gC&Vg<qYQ+k22&7!tdVX?_7@F@`@;me)sGM-^Ywu1rH7
zrh<OEbzwuL!xTCj@ogj=wajI}heZh^mL#4*plBwGap)3#yRP80rCsAW+D2zjCMM5q
zqlNo=Si)901Ml@}Ixwm^bC{eJIZ?9!vFEj>HJ_atI-EaP69cacR)Uvh{G5dTpYG7d
zbtmRMq@Sexey)||UpnZ?;g_KMZq4IDCy5}@u!5&B^-=6yyY{}e4Hh3ee!ZWtL*s?G
zxG(A<f#J^YQ1Cz#m-<*_U8HvcG@jc-yMVZp(Zo}py?|jD+4D`Fd+W<A%;vg-apbky
zCI&lkC9TywfFKW;HsiG-H-QDFbT8RZIi@8evyVwL`-aRfT@rSZ(^#qGvae0S2@BTa
z!i>!<FWySf`?H|6p^KKhe*MH{y8K^`R9uZ{0qEqFRq4ez&thQ*WY!<HUw}@VSbJ69
zLD1)><9o!CL+q?u_utltPMk+hn?N2@?}xU0KlYg?Jco{Yf@|mSGC<(Zj^yHCvhmyx
z?OxOYoxbptDK()tsJ42VzXdINAMWL$0Gcw?G(g8TMB)Khw_|v9`_ql#pRd2i*?CZl
z7k1b!jQB=9-V@h%;Cnl7EKi;Y^&NhU0mWEcj8B|3L30Ku#-9389Q+(Yet0r$F=+3p
z6AKOMAIi|OHyzlHZtOm73}|ntKtFaXF2Fy|M!gOh^L4^62kGUoWS1i{9gsds_GWBc
zLw|TaLP64z3z9?=R2|T6Xh2W4_F*$cq>MtXMOy&=IPIJ`;!Tw?PqvI2b*U1)25^<2
zU_ZPoxg_V0tngA0J+mm?3;OYw{i2Zb4x}NedZug!>EoN3DC{1i)Z{Z4m*(y{ov2%-
zk(w>+scOO}MN!exSc`TN)!B=NUX`zThWO~M*ohqq;J2hx9h9}|s#?@eR!=F{QTrq~
zTcY|>azkCe$|Q0XFUdpFT=lTcyW##i;-e{}ORB4D?t@<rUy??=TuYp_*>SfqGo_cS
z->?^rh$<&n9DL!CF+h?LMZRi)qju!meugvxX*&jfD!^1XB3?E?HnwHP8$;uX{Rvp#
zh|)hM>XDv$ZGg=$1{+_bA~u-vXqlw6NH=nkpyWE0u}LQjF-3NhATL@9rRxMnpO%f7
z)EhZf{PF|mKIMFxnC?*78(}{Y)}iztV12}_OXffJ;ta!fcFIVjdchyHxH=t%ci`Xd
zX2AUB?%?poD6Zv*&BA!6c5S#|xn~DK01#XvjT!w!;&`lDXSJT4_j$}!qSPrb37vc{
z9^NfC%QvPu@vlxaZ;mIbn<z7Vac;-rGaZpnh<SqY8Q9CG{=8AL&W;*Sy0lmLjV&JM
zXa)osQ>-VHA6miwi8qJ~V;pTZkKqqOii<1Cs}0i?uUIss;hM4dKq^1O35y?Yp=l4i
zf{M!@QHH~rJ&X~8uATV><23zZUbs-J^3}$IvV_ANLS08>k`Td7aU_S1sLsfi*C-m1
z-e#S%UGs4E!;CeBT@9}aaI)qR-6NU@kvS#0r`g&UWg?fC7|b^_HyCE!8}nyh^~o@<
zpm7PDFs9yxp+byMS(JWm$NeL?DNrMCNE!I^ko-*csB+dsf4GAq{=6sfyf4wb>?v1v
zmb`F*bN1KUx-`ra1+TJ37bXNP%`-Fd`vVQFTwWpX@;s(%nDQa#oWhgk#mYlY*!d>(
zE&!|ySF!mIyfING+#%RDY3IBH_fW$}6~1%!G`s<xV|$thPk-h^=fMv&Hnp;VPWb4H
zXg`{=`?M7=Dq8myqz|0%?*$bn?$egRMQTPls(~O?p^=8tlp~~ufW)FLrAIKI*rXSW
zW3!I>uHub1kP@&DoAd5~7J55;5_noPI6eLf{t;@9Kf<{aO0`1WNKd?<)C-|?C?)3s
z><QEhe||>wEq@8=I$Wc~Mt$o;g++5qR+(6wt9GI~pyrDJ%c?gPZe)owvy^J2S=+M^
z&WhIE`g;;J^xQLVeCtf7b%Dg<YLp9$rJl%g{x?f$ghgkcL$GZMdvMR@u|x}I{Qe9_
z&q1ULjNa6Q(nZR+2Nc7yG$v_t1HN@ezTla8$YpCXrW3pKiQm{R;n=1<rvBfU^9P{3
z@$nqa83WF+{OCA+1Zn*g;2x4@KoiX%brVdz6t^EGHy~>#Z2gq9hp_%g)-%_`y*zb;
zn9`f`mUPN-Ts&fFo(aNTsXPA|J!TJ{0hZp0^;<tHD4nK@wPbS|=fM$wSV$taTPGqt
zGB^u*%|y@PNxElDVJ;aR!0wT&iI7kZpng0zO52HM*WmK30Q~Yu);w=*5<AVVovc^R
z`k-Z;-8;PJFrU7VpM3N7QZ`+O#qh*wm2>MYHLOcD=r_~~^ymS8KLCSeU3;^QzJNqS
z5{5rEAv#l(X?bvwxpU;2%pQftF`YFgrD1jt2^~Mt^~G>T*}A$yZc@(k9orlCGv&|1
zWWvVgiJsCAtamuAYT~nzs?TQFt<1LSEx!@e0~@yd6$b5!Zm(FpBl;(<fB3D_;m2?l
z3de#U|K3raz4D?vBz^xW?Wg=mvwNg@|1i>Cn>2vF<?km-o@xWuhxn3bs$Pljx=>?k
zOm#TTjFwd2D-CyA!mqR^?#Uwm{NBemP>(pHmM}9;;8`c&+_o3#E5m)JzfwN?(f-a4
zyd%xZc^oQx3XT?vcCqCX&Qrk~nu;fxs@JUoyVoi5fqpi&bUhQ2y!Ok2pzsFR(M(|U
zw3E+kH_zmTRQ9dUMZWRE%Zakiwc+lgv7Z%|YO9YxAy`y28`Aw;WU6HXBgU7fl@dnt
z-fFBV)}H-gqP!1;V@Je$WcbYre|dRdp{xt!7sL3Eoa%IA`5CAA%;Wq8PktwPdULo!
z8!sB}Qt8#jH9Sh}QiUtEPZ6H0b*7qEKGJ%ITZ|vH)5Q^2m<7o3#Z>AKc%z7_u`rXA
zqrCy{-{8;9>dfll<T^QC7i-!Fb6U7Jr)|#XOupnl(tkS3y$lcK{_fXxPcyuknfQ~x
zf@~St3JeO(?cJD*9%zow(<yIgW%x$m#slX3pj{at{@6iEH?BdH^RYnm8&dJ7wK$@@
zVWq~nxej{11A23OWBxqf9N%DH_7R<7fAS~Y3ol-7Pi{v{|9EqM&L`?kzu+YCrvBtt
z_D%ic$wLdbBkX0psXy+e8ZxCG;Pms~Doa?=r+ky&_1GWZ)usQYvh=^J`X>Lu$^M5L
z-hXs))h*qz%~ActwkIA(qOVBZl2v4lwbM>9l70Y`+T*elINFqt#>OaVWoja8RMsep
z6Or3f=oBnA3vDbn*+HNZP?8LsH2MY)x%c13@(XfuGR}R?Nu<|07{$+Lc3$Uv^I!MQ
z>6qWgd-=aG2Y^24g4{Bw9ueOR)(9h`scImD=86dD+M<j=UE|C;@sK-I;*&dQ=%}gk
z)B!@EvJAu)BjncrBD%^q6<)oeX~UkPqgBXuU#=iDAF)wuM3*6$<L0BUP6j>nSN4$6
z^U*o_mE-6Rk~Dp!ANp#5RE9n*LG(Vg`1)g6!(XtDzsov$Dvz|Gv1WU68J$CkshQhS
zCrc|cdkW~UK}5NeaWj^F4MSg<F<s`^q0<TvPF|H0&oNb>FM+@fJd{|LLM)}_O<{rj
z+?*Lm?owq?IzC%U%9EBga~h-cJbIu=#C}XuWN>OLrc%M@Gu~kFEYUi4EC6l#PR2JS
zQUkGKrrS#6H7}2l0F@S11DP`@pih0WRkRJl#F;u{c&ZC{^$Z+_*lB)r)-bPgRFE;*
zl)@hK4`tEP=P=il02x7-C7p%l=B`vkYjw?YhdJU9!P!jcmY$OtC^12w?vy3<<=tlY
zUwHJ_0lgWN9vf>1%WACBD{UT)1qHQSE2%z|JHvP{#INr13jM}oYv_5#xsnv9`)UAO
zuwgyV4YZ;O)eSc3(mka6=aRohi!HH@I#xq7kng?Acdg7S4vDJb6cI5fw?2z%3yR+|
zU5v@Hm}vy;${cBp&@D=HQ9j<G=bG8X+ilNJ?RJXvDOEMBde)25_E~7I?MU+6ykbEe
zwlwWZTbqdW7A20%*{o<J`$q1@Ycld!(_(EqnYMdl&`5dkZIC_te`M|#=Iw~8P<CJb
zRB_sFh_lP4SX6pZnM=9HIz|6*yQoYN$ysd{HU9aoSvP2U?umOV9m0QY=>7NcFaOYL
zj-wV=eYF{|XTkFNM2uz&T8uH~;)^Zo!=KP)EVyH6s9l1~4m}N%XzPpduPg|h-&lL`
zAXspR0YMOKd2yO)eMFFJ4?sQ&!`dF&!|niH*!^*Ml##o0M(0*uK9&yzekFi$+mP9s
z>W9d%Jb)PtVi&-Ha!o~Iyh@KRuKpQ@)I~L*d`{O8!kRObjO7=n+Gp36fe!66neh+7
zW*l^0tTKjLLzr`x4`_8&on?mjW-PzheTNox8Hg7Nt@*SbE-%kP2hWYmH<as3s;3dB
zGF)lQb4*{W{s~m$kJ_;7j;cfOyu}B&y0s+jVVv$_H@egmCSN7X?3gk9bYo6swHDQ9
zg-L}N$+=uhC+gRRN)XP@3cO>u#Fn@Q^J(SsPUz*|EgOoZ6<W=Bo)J0Q;m559tyuE#
zLg%v9lH_9r;=_EOdj#0`D7^XXPL;8V>byg3ew88UGdZ>9B2Tq=jF7<EJ!TXj@;|w{
zdf7ZfHx+mvI`W&PIP#=oO`B12md1xam~79(oqs4UUMnyRq{81HXVL2E;h(%Ol(A~}
z^n4*)dGf~yP6-Dv!SSnD?Mdu}C3S%8f7rg+6A3U%FuEXLg<+Iwh%-7NKl@rQpvaJ}
zHwX`+=9DZH9MoIn^aYb`vA~19+Y@$$L7>2ZaR=4u%1A6Vm{O#?@dD!(#tmR;eP(Fu
z{$0O%=Vmua7=Gjr8nY%>ul?w=FJ76O2js&17W_iq2*tb!i{<q|g+F8+dEk=7I*b$k
zfHy1#iZ?<b)WRJw_Q;_?7Qr1x1fOwWj3fU+i95=;^viGx>pt#`qZB#im9Rl>?t?0c
zicIC}et_4d+CpV<WYvG+Qy=M4fqRlShrB0ABj<1vxR!nk?HzgR{1Zy7dT(ql^LGHk
zbtwjlkw%2Sz_=?Ev5<S4+oS_d`MXZIuh9f&=WusVxCg&4M6SulVC6tXa%y3~fy$$=
zgaqCG;I2JkQp{af=&tkR1)k?Mq*~2KarL#o{N9l8`n2Q*{dFn2Aqheuy5pK*5~@dn
zAUq?gaZTTGiAPWtrINms0FE~Rk&J-igF4wai(k+!<AvEH>Px)i4~$u6N-QX3H77ez
z?ZdvXifFk|*F8~L(W$OWM~r`pSk5}#F?j_5u$Obu9lDWIknO^AGu+Blk7!9Sb;NjS
zncZA?qtASdNtzQ>z7N871IsPAk^CC?iIL}+{K|F@BuG2>qQ;_RUYV#>hHO(HUPpk@
z(bn~4|F_jiZi}Sad;_7`#4}EmD<1EiIxa48QjUuR?rC}^HRocq`OQPM@aHVKP9E#q
zy%6bmHygCpIddPjE}q_DPC`VH_2m;Eey&ZH)E6xGeStOK7H)#+9y!%-Hm|QF6w#A(
zIC0Yw%9j$s-#odxG~C*^MZ?M<+&WJ+@?B_QPUyTg9DJGtQN#NIC&-XddRsf3n^AL6
zT@P|H;PvN;ZpL0iv$bRb7|J{0o!Hq+S>_NrH4@coZtBJu#g8#CbR7|#?6uxi8d+$g
z87apN>EciJZ`%Zv2**_uiET9Vk{pny&My;+WfGDw4EVL#B!Wiw&M|A8f1<o!4D>A@
z(yFQS6jfbH{b8Z-S7D2?Ixl`j0{+ZnpT=;KzVMLW{B$`N?Gw^Fl0H6lT61%T<G)JV
zFxXraywnpF6xC3GQdEFWGnwf8cSTaqeK41;?*^^tH^znLzqXnF%VFT3@UDLz31Yt~
zt1AL1yu0;x;(?~W6+jJ9LrfK`D&ByIA}l1-7&U_j+YQ~7z`JkDZjlblA8d}I;WH{g
zC0ES-Qvh<>2AU**!sX0u?|I(yoy&Xveg7XBL&+>n6jd1##6d>TxE*<Ar(sc(Bu^|z
z9hrl)GNg{$efJd|)cea$o#jV;Q4r8b+A}r|>Vj=8lWiG$4<VK5A=k4M5~-nvjP-{O
zV8pcf=E2RAG{W@WaSbt<oK%uC(9#~x&_$sDRj@|UZmCgRQbRy`>=u{1UbAa5QD>5_
z;Te^42v7K6Mmu4IWT6Rnm>oxrl~b<~^e3vbj-GCdHLIB_>59}Ya+~OF68NiH=?}2o
zP(X7EN=quQn&)fK>M&kqF|<_*H<cwCuNRp|+zL#!8ahs~;&EDeLAe8)G*^PjIAy0l
zK-!LhT}2?RS2cld8@7BXA8OL=0Ov9pNm3Zz3)LmJLDvDNjh52-LPTzuVhjZ)*F~32
z){Y^W2Jp7@2l};<g80X*y6xQ=?e?^N18tu9n%iDKPIA*?LsU4H8AEjezYO`=Z>`}c
zk=+x)GU>{Af#vx&s?`UKUsz})g^Pc&?<rGKpJnw3;kV`E!|r0J-GJ}YEK3ik6lvJ?
zLkm)B;+6)qz)}5@`>Ka@t5$n$bqf6{r1>#mWx6Ep>9|A}VmWRnowVo`OyCr^fHsf#
zQjQ3Ttp7y#iQY8l`zEUW)(@gGQdt(~rkxlkefskT(t%@i8=|p1Y9Dc5bc+z#n$s13
zGJk|V0+&Ekh(F};PJzQKKo+FG@KV8a<$gmNSD;7rd_nRdc%?9)p!|B-@P~kxQG}~B
zi|{0}@}zKC(rlFUYp*dO1RuvPC^DQOkX4<+EwvBAC{IZQdYxoq1Za!MW7%p7gGr=j
zzWnAq%)^O2$eItftC#TTSArUyL$U54-O7e|)4_7%Q^2tZ^0-d&3J1}qCzR4dWX!)4
zzIEKjgnYgMus^>6uw4Jm8ga6>GBtMjpNRJ6CP~W=37~||gMo_p@GA@#-3)+cVYnU>
zE5=Y4kzl+EbEh%dhQokB{gqNDqx%5*qBusWV%!iprn$S!;oN_6E3?0+umADVs4ako
z?P+t?m?};gev9J<xrvMj?JFjsZtWf-quiC#u!BU{j|Z+>XQ#Q&KBpzkHPde_CGu-y
z<{}RRAx=xlv#mVi+Ibrgx~ujW$h{?zPfhz)Kp7kmYS&_|97b&H<SL`_{AO<9v%D@8
z77}Y!`#c~v^P+jNiCZgjk$Eu}e?ht~^R`2pg1iPEhXjZVjl-b|*N?0??d5-7i{PRl
z3g-#j3NiART8({yLdUJE-H38|G`rTLl78)2#f9E)ErZoi-Fv`N>&1;J-mzrBWAvY}
zh8-I8hl_RK2+nnf&}!W0P+>5?<Hy2Ocrq-T%g(e-iJ80Q4bGbph6Yn^Ms~*iS%y{)
zR2+@$12xU46My)mb>#?7>npshe<1~&l_xqKd0_>dl_^RMRq@-Myz&|TKZBj1=Q())
zF{dBjv5)h=&Z)Aevx}+i|7=R9rG^Di!sa)sZCl&ctX4&LScQ-kMncgO(9o6W6)yd<
z@Rk!vkja*X_N3H<e&P>=BavGoR0@u0<}m-7|2v!0+2h~S2Q&a=lTH91OJsvms2MT~
zY=c@LO5i`mLpBd(vh|)I&^A3TQLtr>w<oiU80F37l%jO+9L*(6rNJUMQj^mVFrb+K
zbGro$m)k-Mjv2y`V6hi@N1PB7T=%YP1zSAYt&?4uC<+;v72DJZ+TM4vL%d*d?N7Xm
zm~6OL8)rh0XIoR7pN2ODrL%*K0lO((1E{nb4eXnWhR0-4)N_A|nFyFl!4Fa367d3@
z5ruJel)z&kDcd>=zoyzTd=^f@TPu&+*2M<c+GXcqi<cQ#^OejZI|Po8an{Oh-2ytX
zK$MlFe&+@V&gTQgY2e7YqN66POe*A5=RfoUd8+16QdDQgjc}%@)Xu?E)Qo-5tDtuz
z4rP5$Edgx(g_-m&v|zI|MckDZ-*>tqE$Avf>l>}V|3-8Fp2hzo3y<)hr_|NO(&oSD
z!vEjTWBxbKTiShVl-U{n*B3#)3a8$`{~Pk}J@elZ=>Pqp|MQ}jrGv7KrNcjW%TN_<
z<z)esuQW6ysSYp|l#vPogjN7FRRzUSYY_7@QvtoS=9E#^iV5{mHb2N$06kv?{KQ4Y
z{TIb}bD_}cTt+x=_xX$O`O??h@892&xEZqrh{KpSgAqXMBaR^COdOFm;FKQkZc`(c
zwDTDp)<-#gdF+f;!ecTz69+_etlx5gTTYuJs36}MFftQ@Rn)MRhY91bCzTEgj4fv-
z1m@JGpa{H2uzVIbIvR(+jPWIY>Zz8kG{#}XoeWf7qY?D)L)8?Q-b@Na&>i=)(@uNo
zr;cH98T3$Iau8Hn*@vXi{A@YehxDE2zX~o+RY`)6-X{8~hM<uAyYp&U>pc#C`|8y>
zU8Mnv5A<tzpBv6FvrIokz@rbXa#{jdGJP~6p^wT|HfyYaG;wVV>0dNCf{Ims*|l-^
z(MRp{qoGohB34|ggDI*p!Aw|MFyJ|v+<+E3brfrI)|+l3W~CQLPbnF@G0)P~L<BK0
zSRP{4S$9zWWM`Nd;Q6_XmCkEyF=0l#GeYa7+r&_CD~4h2$_LU;yCc{i*o}5aXnx3N
zHqrCmEq3l-{2sjER%{`iHdHZ!Iy}l{>y!1TJLp}xh8uW`Q+RB-v`MRYZ9Gam3cM%{
zb4Cb*f)0deR~wtNb*8w-LlIF>kc7DAv>T0D(a3@l`k4TFnrO+g9XH7;nYOHxjc4lq
zMmaW6qpgAgy)MckYMhl?>sq;-1E)-1llUneeA!ya9KM$)DaNGu57Z5aE>=VST$#vb
zFo=uRHr$0M{-ha>h(D_boS4zId;3B|Tpqo|?B?Z@I?G(?&Iei+-{9L_A9=h=Qfn-U
z1wIUnQe9!z%_j$F_{rf&`ZFSott09gY~qrf@g3O=Y>vzAnXCyL!@(BqWa)Zqt!#_k
zfZHuwS52|&&)aK;CHq9V-t9qt0au{$#6c*R#e5n3rje0hic7c7m{kW$p(_`wB=Gw7
z4k`1Hi;Mc@yA7dp@r~?@rfw)TkjAW++|pkfOG}0N|2guek}j8Zen(!+@7?qt_7ndX
zB=BG6WJ31#F3#Vk3=aQr8T)3`{=<slU+RdlO4Hx0LKNQR4%csKlqXTo6ajrnOY1?l
z2r$(|0XiBb*T4;#8^X*fOz~r=4-{-Rg2n@oH;R!)WGF~o7e;4%=egC+*SUH9@8hON
zRPT>p9nBHlKzE0I@v`{vJ}h8pd6vby&VgFhzH|q;=aonunAXL6G2y(X^CtAhWr*jI
zGjpY@raZD<b_G8JA5s~o@XVViP=?1H?fxk4Pq8R3l2eNln--&c-a(Has8}t#E^(Q*
z=etk{kVRr~2G*+i5b{q+oG(h}R?d-3m0XJJnzvrMZ{1Tcuc{eb>Qkg*aMq}Ni6cRF
z{oWv}5`nhSAv>usX}m^GHt`f(t8@zHc?K|y5Zi=4G*UG1Sza<E8z;l0@bYZ=%a=Vj
z;(n{V1K(1!(<%HdezN^efpP}6_GMFH7m;Wi+()}?4ujb&c~IZ9n3_46*IsTeu9}IF
zAHtU!f4FyUb=kmL3?2I)J-&6Gd2ry1tzU??1iAVB#U4q&;ymb8Acc3xb>{$Dpj%X8
zzEXaKT5N6F5j4J|w#qlZP!zS7BT)9b+!ZSJdToqJts1c!)fwih4d31vfb{}W)EgcA
zH<Fzt5KT4ycl;#zc0!>2pZ^8_k$9+WD<i98{Ka+NY@mr?q>2n`6q5XbOy8>3pcYH9
z07eUB+p<MBNmyg&c4=0;V0B;H%kvu8{sr|yy1~@CobFcUpM3np-7P6;)H5)%*}VV!
zs>}YD@AH!}p!iKv><2QF-Y^&xx^PAc1F13A{nUeCDg&{hnix#FiO!fe(^&%Qcux!h
znu*S!s$&nnkeotYsDthh1d<XHQ3s(h4m+vOMx>q(iQrE|#f_=xVgfiiL&-5eAcC->
z5L0l|DVEM$#ulf{bj+Y~7iD)j<~O8CYM8GW)dQGq)!mck)Fq<!^H$Md3d7YY>oL^X
zwNdZb3->hFrbHFm?hLvut-*uK?zXn3q1z|UX{RZ;-WiLoOjnle!xs+W0-8D)kjU#R
z+S|A^HkRg$Ij%N4v~k`jyHffKaC~=wg<B%ejScY(fj1p_Et27-otoLjL&tKK?8UFN
z%LmnQSnbvpU~;3CWrogVy$oe+4WUkv3SFe(IPiTs$quv+%sU!wurQ6_fZ24IJohEM
zcoKJZay#47ydH__P37To$-Zc()PCOL+72Tm7bmvHtaIu(yG&E4_6jcPE=`5js7(E{
zHf(+WB2w4d@46GMBedn8XLGQp(O+G%3$)&`I%c&|x#vNWkyh%{DGUV$KZ2p<j&Y}k
z)Hs|`mlvf!{5N2bF{_PGj>=9)V5h=|kLQ@;^<Ah@>W!o2^K+xG&2n`XCd>OY5Ydi=
zgHH=lgy++erK8&+YeTl7VNyVm9-GfONlSlVb3)V9NW5tT!cJ8d7X)!b-$fb!s76{t
z@d=Vg-5K_sqHA@Zx-L_}wVnc@L@GL9_K~Zl(h5@AR#FAiKad8~KeWCo@mgXIQ#~u{
zgYFwNz}2b6Vu@CP0XoqJ+dm8px(5W5-Jpis97F`+KM)TuP*X8H@zwiVKDKGVp59pI
zifNHZr|B+PG|7|Y<*tqap0CvG7tbR1R>jn70t1X`XJixiMVcHf%Ez*=xm1(CrTSDt
z0cle!+{8*Ja&EOZ4@$qhBuKQ$U95Q%rc7tg$VRhk?3=pE&n+T3upZg^ZJc9~c2es%
zh7>+|mrmA-p&v}|OtxqmHIBgUxL~^0+cpfkSK2mhh+4b=^F1Xgd2)}U*Yp+H?ls#z
zrL<PO4@qqmi4_%|jPx)N+G{$0%%C1sw{T2fligwqmFd}O+TemcgfxBHvt~23Bx!g6
zxl(O6;y4BH9zTxeA;{A3a_g71v+`o{0uNyu^e>xWg<ZgPjZmPtQ00F}!Yn5nf)<mA
zPThc#yhGf@^9{9a3jZx|NAA<vxc>_hm}AfK2XYWr!rzW4g;+^^&b<P<GfK{gLe<5#
zz<cH|<aY5Fl~>W%LmbtRai9f3PjU${r@n`JThy-cphbcwn)rq9{A$Ht`lmYKxOacy
z6v2R(?gHhD5@&kB-Eg?4!hAoD7~(h>(R!s1c1Hx#s9vGPePUR|of32bS`J5U5w{F)
z>0<^ktO2UHg<0{oxkdOQ;}coZDQph8p6ruj*_?uqURCMTac;>T#v+l1Tc~%^k-Vd@
zkc5y35jVNc49vZ<e37Ty%GD$DqTd&uKFEzb4j%X5FO|fqPqoGYc%Ro7*qb9?JK#sE
zI2o9q*t*5>pZx;gG$h{%yslDI%Lqga1&&;mN{Ush1c7p>7e-(zp}6E7f-XmJb4nhk
zb8zS+{IVbL$QVF8pf8}~kQ|dHJAEATmmnrb_wLG}-yHe><YsE2_~l#l9buQgFXI0`
z(u#b`J=xeBn*3{z^^KAJhXQfvz6EP5l^cD~&vo$LApQd(9gm=munnZ7Bo%LVbi4uK
zNXnx%%rjW{zE{2bapVCkVel~q0upm?=gb{+Eu=B+Z46t{KAKTo1TyYq%j=)TaZP<&
zIfR5WHOe}iiPn?Y<W*8!U(>W|A&Y|;muy-d^t^<&)g5SJfaTH@P1%euONny=mxo+C
z4N&w#biWY41r8k~468tvuYVh&XN&d#%QtIf<GZUR`2QH9h^d*OtBuRQhWwr4nLC*}
zJIh#pCwzAQa(pUP-B<pHxsDxMcBm<`k^}{cmcTX^FsUjvw57E+0Tz}NDT+w-9BC))
zHeGkeroi7YzPFY1zKi5#bbT&jA=fhB<;*YQFRw+++(kz*-d7|)7ibRL<jGF<*B$4+
z`|k6bU2=c_Psjo4w+RtodzK>9;iVXfWY)<X+W}7GbATCgQU`%LT~<fPB3X>#j=<c2
zHd&Dex04~>l`&B~lqDT@28+Y!0E+MkfC}}H*#(WKKdJJq=O$vNYCb(ZG@p{fJgu;h
z21oHQ(14?LeT>n5)s;uD@5&ohU!@wX8w*lB6i@GEH0pM>YTG+RAIWZD;4#F1&F%Jp
zXZUml2sH0!lYJT?&sA!qwez6cXzJEd(1ZC~kT5kZSp7(@=H2$Azb_*W&6aA|9iwCL
zdX7Q=42;@dspHDwYE?miGX#L^3xD&%BI&fN9^;`v4OjQXPBaBmOF1;#C)8XA(WFlH
zycro;DS2?(G&6wkr6rqC>rqDv3nfGw3hmN_9Al>TgvmGsL8_hXx09};l9Ow@)F5@y
z#VH5WigLDwZE4nh^7&@g<bkZm_Vh{ln0@+)lYuu~qeXc#?JCYylKGH|9+kWD0ocxF
z5$1kjN2>{1FV^UZ%_LJ-s<{HN*2R$OPg@R~Z`c-ET*2}XB@9xvAjrK&hS=f|R8Gr9
zr|0TGOsI7RD+4+2{ZiwdVD@2zmg~g@^D--YL;6UYGSM8i$NbQr4!c7T9rg!8;TM0E
zT#@?&S=t>GQm)*ua|?TLT2ktj#`|R<_*FAkOu2Pz$wEc%-=Y9V*$&dg+wIei3b*O8
z2|m$!jJG!J!ZGbbIa!(Af~oSyZV+~M1qGvelMzPNE_%5?c2>;MeeG2^N?JDKjFYCy
z7SbPWH-$cWF9~fX%9~v99L!G(wi!PFp<!s7j4q$86J>>rB!9xj7=Cv<q}(vRw+mcj
z#YR4HX>|F+7CsGNwY0Q_J%FID%C^CBZQfJ9K(HK%k31j~e#&?h<VT6q$5mgm6*^>Q
zNuD6gR<d7v<P!_&8<dm-?#ek*zL2)u8J2l%4_z-z?)QXK(1d9d>kVckU)v+53-fc}
z7ZCzYN-5RG4H7;>>Hg?LU9&5_aua?A0)0dpew1#MMlu)LHe(M;OHjHIUl7|%%)YPo
z0cBk;AOY00%Fe6heoN*$(b<)Cd#^8Iu;-2v@>cE-OB$icUF9EEoaC&q8z9}jMTT2I
z8`9;jT%z0;dy4!8U;GW{i`)3!c6&oWY`J3669C!tM<5nQFFrFRglU8f)5Op$GtR-3
zn!+SPCw|04sv?%YZ(a7#L?vsdr7ss@WKAw&A*}-1S|9~cL%uA+E~>N6QklFE>8W|%
zyX-qAUGTY1hQ-+um`2|&ji0cY*(qN!zp{YpDO-r>jPk*yuVSay<)cUt`t@&FPF_&$
zcHwu1<M$nsSpFX&={p8_cnZ3@SbW>(SQ`I-l8~vYyUxm@D1UEdFJ$f5Sw^HPH7b!9
zzYT3gKMF((N(v0#4f_jPfVZ=ApN^jQJe-X$`A?X+vWjLn_%31KXE*}5_}<jt4v>d8
zw_B1+a#6T1?>M{ronLbHIlEsMf93muJ7AH5h%;i99<~JX^;EAgEB1uHralD*!aJ@F
zV2ruuFe9i2Q1C?^^kmVy921eb=tLDD43@-AgL^rQ3IO9%+vi_&R2^dpr}x{bCVPej
z7G0-0o64uyWNtr*loIvslyo0%)KSDDKjfThe0hcqs)(C-MH1>bNGBDRTW~scy_{w}
zp^aq8Qb!h9Lwielq%C1b8=?Z=&U)ST&PHbS)8Xzjh2DF?d{iAv)Eh)wsUnf>UtXN(
zL7=$%YrZ#|^c{MYmhn!zV#t*(jdmYdCpwqpZ{v&L8KIuKn`@IIZfp!uo}c;7J57N`
zAxyZ-uA4=Gzl~Ovycz%MW9ZL7N+nRo&1cfNn9(1H5eM;V_4Z_qVann7F>5f>%{rf=
zPBZFaV@_Sobl?Fy&KXyzFDV*FIdhS5`Uc~S^Gjo)aiTHgn#<0C=9o-a-}@}xDor;D
zZyZ|fvf;+=3MZd>SR1F^F`RJEZo+|MdyJYQAEauKu%WDol~ayrGU3zzbHKsnHKZ*z
zFiwUkL@DZ>!*x05ql&EBq@_Vqv83&?@~q5?lVmff<cLHceB8mp&F*ZBX}B`|c^idP
zv6n-=r1Y%9B2=MA)BHjW-LyT@+x?-|)~^RdTE*Wmt4T{X?yOR<8KMVy`_8)0^!&oF
z0$q#{$B8*<%lm210;{(CF7N)1MYU#>QZ+V-=qL+!u4Xs2Z2zdCQ3U7B&QR9_Iggy}
z(om{Y9eU;IPe`+p1ifLx-XWh?wI)xU9ik+m#g&pGdB5Bi<`PR*?92lE0+TkRuXI)z
z5LP!N2+tTc%cB6B1F-!fj#}>S!vnpgVU~3!*U<jq0(*nRRh2NkSzq|ekHqi@I{QJ4
zs$%Xz%L?KbVmRwJFka>1ej^)vjUH4s-bd^%B=ItQqDCGbrEzNQi(dJ`J}-U=2{7-d
zK8k^Rlq2N#0G?9&1?HSle2vlkj^KWSBYTwx`2?9TU_DX#J+f+qLi<D9B#g}%V$md`
zk~Ild*}viiyy2C_=6_!CJ#a=26@mjLnII|qn1r<r{`_L^h_&EQU1CrT23vw`5=3<h
zG{v(Q@`P7B9h;CVcDSU+D|~oo@NN9}HbK0D{0!wcrl#V%CP?`IzvTa!#*S)2d1$Yu
z@{MclH9z5OOC5<wLIO8&=t)9CZ5Tx0LQn&eG~9xag*+PbY)P9)O3G<cNK?wZHK1E)
zN?i&=N*5N8I0pp^Xra6>ZCqY1TXHFxXZqYMuD@RU$TgcnCC{_(vwZ-*uX)~go#%PK
z@}2Km_5aQ~(<3cXeJN6|F8X_1@L%@xTzs}$_*E|a^_URF_qcF;Pfhoe?FTFwvjm1o
z8onf@OY@jC2tVcMaZS;|T!Ks(wOgPpRzRnFS-^RZ4E!9dsnj9sFt609a|jJbb1Dt@
z<=Gal2jDEupxUSwWu6zp<<&RnAA;d&4gKVG0iu6g(DsST(4)z6R)zDpfaQ}v{5ARt
zyhwvMtF%b-YazR5XLz+oh=mn;y-Mf2a8>7?2v8qX;19y?b>Z5laGHvzH;Nu9S`B8}
zI)qN$GbXIQ1VL3lnof^6TS~<qSuZSMrS`^DczIf6i8zZ|)TzXBEwW6N#TL3wy;JuH
z4sUyCR`^Gi%H4xvNHCSXsz>rvPVg4V?Dl2Bb*K2z4E{5vy<(@@K_cN@<xbtRT8JEV
z@9ePJQ{ePgXbdj2UeTj`YQ3sQ`t(|5O?8jf1qY=&T$N1)Psvl`6fu>U>R!>aUIRnb
zL*)=787*cs#zb31zBC49x$`=fkQbMAef)L2$dR{)6BAz!t5U_B#1zZG<T23Y;GnC8
z(`aO7qQGuUkmmk=Z)LZ+)_Z;JWly1@9NQ+>`^neKSS22oJ#5B=gl%U=WeqL9REF2g
zZnfCb0?quf?Ztj$VXvDSWoK`0L=Zxem2q}!XWLoT-kYMOx)!7fcgT35uC~0pySEme
z`{wGWTkGr7>+Kb^n;W?BZH6ZP(9tQX%-7zF>vc2}LuWDI(9kh1G#7B<aO|K2FCIJg
zDao72kQAHigp@^v;eK5Vo($1jE5?KxIjn^mY57t?Pj)^$12KtO8GI3M1Ri51g3-Iv
zq`DO&g5CWDnjs~ec$i^VmaK4aG_*NghV8~x3dXdPE^36>99r4x6;_-V+k&c{nPUrR
zAXJGRiMe~aup{0qzmLNjS_BC4cB#sXjckx{%_c&^xy{M61xEb>KW_AG5VFXUOjAG4
z^>Qlm9A#1N{4snY=(AmWzatb!ngqiqPbBZ7>Uhb3)dTkSGcL#&SH>iMO-IJBPua`u
zo)LWZ>=NZLr758j{%(|uQuZ)pXq_4c!!>s|aDM9#`~1bzK3J1^^D#<2<N(j(---cE
zEy;>bNCccH7~-X}Ggi!pIIF>uFx%aPARGQsnC8ZQc8lrQ5o~smqOg>Ti^GNme94*w
z)JZy<k{OAaG~Q|lT7oS<g9V8QNt(KeJIt6&F{U!{MuJ?Xr0XzPZhzp~?qy+NBB<0G
zi_x*hCyRQ*l&365<#;!&Mnh*3`6R@-BoAUC&g|)}Bg;mxBDA&uy<fjp??k5JfO-|6
zv6$F+?VY$#@OP{;d=nLk^Vq&omh*v*bW;ukc`ca|*$h2}@kU)FNYh|cX2FdglBA{Z
zn4gmuD1Tgw4$4s2Q01t5<PSfg@h2F?GtlH6XQC>{_{#$jxG<QXLBP1mLo=v6>Q&`M
z!OMvZMHR>8*^>eS%o*6hJwn!l8VOOjZQJvh)@tnHVW&*GYPuxqXw}%M!(f-SQf`=L
z5;=5w2;%82VMH6Xi&-K3W)o&K^+vJCepWZ-rW%+Dc6X3(){z$@4zjYxQ|}8UIojeC
zYZpQ1dU{fy=oTr<4VX?$q)L<oUsl**eR4|Y=<jHUj;EzXPg2#85xDsCL@vKUk4!ok
zWGU;a1c@)SVKp{%lz7wz>P}IUmpiez^O&N3E_qPpchGTi5ZM6-2ScWlQq%V&R2Euz
zO|Q0Hx>lY1Q1cW5xHv5!0OGU~PVEqSuy#fD72d#O`N!C;o=m+YioGu-wH2k6!t<~K
zSr`E=W9)!g==~x9VV~-8{4ZN9{~-A9zJpRe%NGg$+MDuI-dH|b@BD)~>pPCGUNNzY
zMDg||0@XGQgw`YCt5C&A{_+J}mvV9Wg{6V%2n#YSRN{AP#PY?1FF1#|vO<FCmSeem
zsV>_%e+#`|2*~wGAJaeRX6=IzFNeWhz6gJc8+(03Ph4y6ELAm=AkN7TOgMUEw*N{=
z_)EIDQx5q22oUR+_b*tazu<k7qtKxTlmUW2Omzs&7j%!q->9+pX|n1c*IB-}{DqIj
z-?E|ks{o3AGRNb;+iKcHkZvYJvFsW&83RAPs1Oh@IWy%l#5x2oUP6ZCtv+b|q>jsf
zZ_9XO;V!>n`UxH1LvH8)L4?8raIvasEhkpQoJ`%!5rBs!0Tu(s_D{`4opB;57)pkX
z4$A^8CsD3U5*!|bHIEqsn~{q+Ddj$ME@Gq4JXtgVz&7l{Ok!@?EA{B3P~NAqb9)4?
zkQo30A^EbHfQ@87G5&E<g>QTd`frrwL)&Yw?%-W@uy^Gn23%j?Y!Iea2xw<-f;esq
zf%w5WN@E1}zyXtYv}}`U^B>W`>XPmdLj%4{P298|SisrE;7HvXX;A}Ffi8B#3Lr;1
zHt6zVb`8{#+e$*k?w8|O{Uh|&AG}|DG1PFo1i<Zus%ucO{sZ+tJd!u@5m`tVt$ecP
zHv;DLyGh!O(o#SF9Ho`t`aW6*4AonGVD-cOd49F6=odL=f13sFyII;4g$7X;P=IH_
z!H8wMi5nS$y>?Y*cQm$ZwtGcVgMwtBUDa{~L1KT-{jET4w60>{KZ27vXrHJ;fW{6|
z=|Y4!&UX020wU1>1iRgB@Q#m~1^Z^9<xy6Z(6L!p4YY56>CG1LqDhYBrnx%IEdIty
z!46iOoKlKs)c}<e-V4k`cP%zlS~*r)Iq=(n$n3YjsGj;U{v)@9x+s&RgYVsv=bVhB
z6KS0(1+6KVC4PB64#XkwbuM4|1~xHvpBvYVlWb?(pv$N|&u>newDG)rWUikD%j`)p
z_w9Ph&e40=(2eBy;T!}*1p1f1SAUDP9iWy^u^Ubdj21Kn{46;GR+hwLO=4D11@c~V
zI8x&(D({K~Df2<H8Q0|`g9v?%+ew{*)n&&V=&(8)k^`IVYv)Ef^74^<ekxt26g{<n
z=l9l$ysk3V&@j|Qbd9p}8=X<l&m>E)Nx_yQvYfh4<e?mHvB!$Y?%_59%1<FYEFc$b
z5ztP29y#%z;_YI`kp!lqW2R%wIG*IA1m!F1Kln&)2?~$S$Og+8eH`pJh?)s{O@cqa
zWUZ4w-ZTe!Iykv!<9ko1OVzNOZnowKP{&R2l9=@35YPW+JdW)5@C2juHH<g|8v*@b
z{zCv-5uA{lGB2+F9H+)uLjkGDsT%f9VUvf8ezafoEizvcl$?$h;@OxEC#U#_TL4w5
zDU~DSJxQ)LRv;^Z&wI+)=va(!yOlq(L+s>;MbMJ@Z}=Dt3_>iim~QZ*hZIlEs0mEb
z_54+&*?wMD`2#vsQRN3KvoT>hWofI_Vf(^C1ff-Ike@h@saEf7g}<9T`W;HAne-Nd
z>RR+&SP35w)xKn8^U$7))PsM!jKwYZ*RzEcG-OlTrX3}9a{q%#Un5E5W{{hp>w~;`
zGky+3(vJvQyGwBo`tCpmo0mo((?nM8vf9aXrrY1Ve}~TuVkB(zeds^jEfI}xGBCM2
zL1|#tycSaWCurP+0MiActG3LCas@_@tao@(<l?T*QEH-ae+wh*%6?VE!5DP~@|=`w
zUm(1<BPl}p=AbS7FTVaUy3(jy*M(D2#kTF4RBYR}of+Gx*jB~1QL*jJpu&o6JE?s6
z_S);Tw%)V%`7zq_d$iG?Hu~uO?$>R1ANlwB$4K53egNE_;!&(%@Qo$>h`^1S_!hN6
z)vZtG$8fN!|BXBJ=SI>e(LAU(y(i*PHvgQ2llulxS8>qsimv7yL}0q_E5WiAz7)(f
zC(ahFvG8&HN9+6^jGyLHM~$)7auppeWh_^zKk&C_MQ~8;N??OlyH~azgz5fe^>~7F
zl3HnPN3z-kN)I$4@`CLCMQx3sG~V8hPS^}XDXZrQA>}mQPw%7&!sd(Pp^P=tgp-s^
zjl}1-KRPNWXgV_K^HkP__SR`S-|OF0bR-N5>I%ODj&1JUeAQ3$9i;B~$S6}*^tK?=
z**%aCiH7y?xdY?{LgVP}S0HOh%0%LI$wRx;$T|~Y8R)Vdwa}kGWv8?SJVm^>r6+%I
z#lj1aR94{@MP;t-scEYQWc#xFA30^}?|BeX*W#9OL;Q9#WqaaM546j5j29((^_8Nu
z4uq}ESLr~r*O7E7$D{!k9W>`!SLoyA53i9QwRB{!pHe8um|aD<W*x(R=P_5zAElfw
zT7CEEr(t|!*czBsy>E`Cg0O*{jmor)^t)3`>V>SWN-2VJcFmj^1?~tT=JrP`fVh*t
zXHarp=8HEcR#vFe+1a%XXuK+)oFs`GDD}#Z+TJ}Ri`FvKO@ek2ayn}yaOi%(8p%2$
zpEu)v0Jym@f}U|-;}CbR=9{#<^z28PzkkTNvyKvJDZe+^VS2bES3N@Jq!-*}{oQlz
z@8bgC_KnDnT4}d#<rI9~4w*W=E-{rm^_cQeTd?VLxZpL;UgBY=7Y@N&83iL$n&#~M
zbsQBYt~+>&Cpr!%Yb?E!brx0!eVOw~;lLwUoz#Np%d$o%9scc3&zPm`%G((Le|6o1
zM(VhOw)!f84zG^)tZ1?Egv)d8cdNi+T${=5kV+j;Wf%2{3g@FHp^Gf*qO0q!u$=m9
zCaY`4mRqJ;FTH5`a$affE5dJrk~k`HTP_7nGTY@B9o9vvnbytaID;^b=Tzp7Q#DmD
zC(<aCT_(W?1O|cV&C;hpRo`~BN54GF$vUW?-%&gVawwY-k2~=6)`83yVnUbThqXoO
z#pJ&{AeMt+E`B_K+d;6!WS}aMu|XPUG^g7a(llBSlq>XEN)Ktn39z5|G!wsVNnHi)
z%^q94!lL|hF`IijA^9NR0F$@h7k5R^ljOW(;Td9grRN0Mb)l_l7##{2nPQ@?;VjXv
zaLZG}yuf$r$<79rVPp<j5%445ugcCYz(;(NT0N0@n{$og@`Uam4%uUaCP9*@QWGX9
z{P@Ag+Bgh5@F#Eg5Y9s1Tb4W8at(wr+7n>Xg?6iiieX|r#&`p#Con2i%S8*8F}(E)
zI5E6c3tG*<;m~<e=g`4E<@6ZZ8Ot+&-pVKoq@=)RHy9<I(`p<?)r&YNlEA8CnAU#=
zLQO*=y%_uKi|5n%djKteWf@r}R-KMkn1WGKj9GE)TB7@l$)5};KH)qNoDq}(AbK{}
znBj7g3J8U8H}w+i?7tr%6@z$7g2f*NiOc*m{3%|}PM)?==&#x$-Jq&uhpzZ8rtUDZ
zNmR^a5g(7wY6XKEPtNK>6>!&H!GJ6zEu<u;zM7UrmSD`Ps)7>hH7mkAzovdhLy;)q
z{H2*8I^Pb}xC4s^6Y}6bJvMu=8>g&I)7!N!5QG$xseeU#CC?ZM-TbjsHwHgDGrsD=
z{%f;@Sod+Ch66Ko2WF~;Ty)v>&x^aovCbCbD7>qF*!?BXmOV3(s|nxsb*Lx_2lpB7
zokUnzrk;P<R;aXTpYj?03<w4%%%E_Lx%w}?h6KFkYmQz_=Q!;KI~@zvyE@sz0~S{=
zc7Zp1Pg<<C5w3_-RsBETlpJWaAlby+);^?em@HJt835O5jnvwJ!Ezt?UH{GKJ#_-;
zXWyIZeRlqoB-*o!rz0dsi&bmk<~!5}rFXX!TR>=T-&kUHO}td+Zdj!3n&NR?K~cRU
zAXU!DCp?51{J4w^`cV#ye}(`SQhGQkkMu}O3M*BWt4UsC^jCFUy;wTINYmhD$AT;4
z?Xd{HaJjP`raZ39qAm;%beDbrLpbRf(mkKbANan7XsL>_pE2oo^$TgdidjRP!5-`%
zv0d!|iKN$c0(T|L0C~XD0aS8t{*&#LnhE;1Kb<9&<JFZp&cEpRA~JX*2uhno)g+lW
z)A2j^Jp=5|9|_BqD3yNfz$3!^TP^t32VmQN>=c2B+9JeLvJr*AyyRh%@jHej<V&M}
z(_rfkTF8<3M0mfUD?DaD6=7VHc94p8)f%k_sKhOPc+3w*C;t63&?zS3e((b(P6Fva
zg1a!>=AetOMSlz^=!kxX<aUab1e69e5UxkmMM!xSN{9YUYGb=H*((f4#ZL$Ijz4ZG
z=M2TpNE4&~3j}eO`*MD}g}>>>B{2B1uIrQyfd8KjJ+DBy!h)~*(!|&L4^Q_07SQ~E
zcemVP`{9CwFvPFu7pyVGCLhH?LhEVb2{7U+Z_>o25#+3<|8%1T^5dh}*4(kfJGry}
zm%r#hU+__Z;;*4fMrX=Bkc@7|v^*B<Xvhu2*uH*LPz_h!qs>;HA<UqXI?t|tCaZDB
zM}=e!+VluyMT1_wK?{{}fh!prU@u#|#$3A*>l0((IBPPii%X9+u3DDF6%<Dxg01id
zvRMgy`}RNgOUmsF(*g|!7J~5qLXiIVe!ooTZQWeHyp<$?w&ud7re6&`d1HHH%m41@
zrE0Fb;A`T35^B${Rk`^BD>bI&6?Eu$8&aWVqHIM7mK6?Uvq$1|(-T|)IV<>e?!(rY
zqkmO1MRaLeTR=)io(0GVtQT@s6rN%C6;nS3@eu;P#ry4q;^O@1ZKCJyp_Jo)Ty^QW
z+vweTx_DLm{P-XSBj~Sl<%_b^$=}odJ!S2wAc<kP=%^q`Fk3#DzIfRc20!g-U?(r0
zttu-F5dSTOh@Hh;*8<POV|23UE<I?%YD*|RoGT_RNfg)N<d$-CVBslaSc2;hu2@iM
zijnTdup@(TT6QsX1DSS%iD>xenmzFGX1t&Qp8Vxz2VT`uQsQ<N&Na@Eg(*vW-Sx0Z
zwa1eC?gP9=v{v;-el(Byq7uXErY6a?>Ytdn&_0xVivIcxZ_hnrRtwq4cZSj1c-SG9
z7vHBCA=fd0O1<4*=lu$6pn~_pVKyL@ztw1swbZi0B?spLo56ZKu5;7ZeUml1Ws1?u
zqMf1p{5myAzeX$lAi{jIUqo1g4!zWLMm9cfWcnw`k6*BR^?$2(&yW?>w;G$EmTA@a
z6?y#K$C~ZT8+v{87n5Dm&H6Pb_EQ@V0IWmG9cG=O;(;5aMWWrIPzz4Q`mhK;qQp~a
z+BbQrEQ+w{SeiuG-~Po5f=^EvlouB@_|4xQXH@A~KgpFHrwu%dwuCR)=B&C(y6J4J
zvoGk9;lLs9%iA-IJGU#Rg<oAf^xeCDGN*>nZZR+@{5lYl8(e1h6&>Vc_mvg0d@);X
zji4T|n#lB!>pfL|8tQYkw?U2bD`W{na&;*|znjmalA&f;*U++_aBYerq;&C8Kw7mI
z7tsG*?7*5j&dU)Lje;^{D_h`%(dK|pB*A*1(Jj)w^mZ9HB|vGLkF1GEFhu&rH=r=8
zMxO42e{Si6$m+Zj`_mXb&w5Q(i|Yxyg?juUrY}78uo@~3v84|8dfgbPd0iQJRdMj<
zncCNGdMEcsxu#o#B5+XD{tsg*;j-eF8`mp~K8O1J!Z0+>0=7O=4M}E?)H)ENE;P*F
z$Ox?ril_^p0g7xhDUf(q652l|562VFlC8^r8?lQv;TMvn+*<c9jlj>8I}&+hIQYh2
z1}uQQaag&!-+DZ@|C+C$bN6W;S-Z@)d1|en+XGvjbOxCa-qAF*LA=6s(Jg+g;82f$
z(Vb)8I)AH@cdjGFAR5Rqd0wiNCu!xtqWbcTx&5kslzTb^7A78~Xzw1($UV6S^VWiP
zFd{Rimd<L>-0CZC_Bu(WxBFW7+k{cOW7DxBBkJdJ;VsJ4Z@lERQr%3eVv&$%)b%<~
zCl^Y4NgO}j<COChW_}a6vln)bF3$TpaLb);b~-PYxxR%}%O<}>s@u{|o~KTgH}>!*
z_iDNqX2(As7T0xivMH|3SC1ivm8Q}6Ffcd7owUKN5lHAtz<t12Aa&#mkpHAAP7vmV
z^!AJ*2~=PgYP(Wn4Vk66dQCX+{#B-Z%T|HyH;WjNt4~Za-}DB-){PA#h!r8;?(Vb^
zk44aj#5Wa>MM4<0v+ykUT!QiowO;`@%JGv+K$bBx@*S7C8GJVqQ_K>12}M`f_Ys=S
zKFh}HM9#6Izb$Y{wYzItTy+l5U2oL%boCJn?R3?jP@n$zSIwlmyGq30Cw4QBO|14`
zW5c);AN*J3&eMFAk$SR~2k|&+&Bc$e>s%c{`?d~85S-UWjA>DS5+;UKZ}5oVa5O(N
zqqc@>)nee)+4MUjH?FGv%hm2{IlIF-QX}ym-7ok4Z9{V+ZHVZQl$A*x!(q%<2~iVv
znUa+BX35&lCb#9VE-~Y^W_<SUna+(6v_v93h$)MSc{mD`=k6;#c%#QV`lbAtfE3~q
zAtA7|n`xq>f;Xhl%vgjwdjzMy$FsSIj&ok}L+X`4>J=9BkN&nu^E*gbhj3(+D>C4E
z@Fwq_=N)^bKFSHTzZk?-gNU$@l}r}dwGyh_fNi=9b|n}J>&;G!lzilbWF4B}BBq4f
zYIOl?b)PSh#XTPp4IS5ZR_2C!E)Z`zH0OW%4;&~z7UAyA-X|sh9@~>cQW^COA9hV4
zXcA6qUo9P{bW1_2`eo6%hgbN%(G-<qHJAT=v`nNhtT>F1xTvq!sc?4wN6Q4`e9Hku
zFwvlAcRY?6h^Fj$R8zCNEDq8`=uZB8D-xn)tA<^bFFy}4$vA}Xq0jAsv1&5!h!yRA
zU()KLJya5MQ`q&LKdH#fwq&(bNFS{sKlEh_{N%{XCGO+po#(+WCLmKW6&5iOHny>g
z3*VFN?mx!16V5{zyuMWDVP8U*|BGT$(%IO|)?EF|OI*sq&RovH!N%=>i_c?K*A>>k
zyg1+~++zY4Q)J;VWN0axhoIKx;l&G$gvj(#go^pZskEVj8^}is3Jw26LzYYVos0HX
zRPvmK$dVxM8(Tc?pHFe0Z3uq){{#OK3<aeeBkf6Ls@D&>i-ra#@+;*=ui8)y6hsRv
z4Fxx1c1+fr!VI{L3DFMwXKrfl#Q8hfP@ajgEau&QMCxd{g#!T^;ATXW)nUg&$-n25
zruy3V!!;{?OTobo|0GAxe`Ac<m7!f>n3GV@W=&n;<LWwg+BOz1x0PVh(8wy5x)H%n
z);^KLwS*zuK_mXLt=05$RqxmlzBGrOU$*+pD67{&9S4nenf`=wmSIir^E~5#<>~&9
zQM>NWW~R@OYORkJAo+eq1!4vzmf9K%plR4(tB@TR<A8<4IpzFAVt^jntH)?Lln%G`
z6tiucWhgUNI?A8Udv5fHlOm9!ctl16R`GIy7|o!{GngCtp;Tz@88GLNR}tm$OZ5f}
zPju@d{;|S(Rs51!tah!+6PbnnY<$fK^X^&7uddbpg77+M3+zt^`&Wl4kC?eRy{-46
z-3%mXj1#}r%@t|kQBj7QXfN_>&FSbDoRgJ8qVcH#;7lQub*nq&?Z>7WM=oeEVjkaG
zT#f)=o!M2DO5hLR+op>t0Cix<vSdXuLLoyLNj^8w51xiOY6tARpFGMs_UAVQl{h1q
z__M5D$myTJng;^A_J=JcCX@-~s%uSop76ggk-NNPh1K-Xw6Mwq#g=?x9pSWbMg&Eg
z!IW}nRKAGc2X+4y>JCIeXH*+z{-XS|%jx)y(j&}Wo|3!l7{o)HU3m7LYyhv*xF&tq
z%IN7N;D4raue&&hm0xM=`qv`+TK@;_xAcGKuK(2|75~ar2Yw)geNLSmVxV@x89bQu
zpViVKKnl<KY)q`sT$C@o*b;pi#>kwjS&&c|-X6`~xdnh}<zE$?k&-+|)}}1-k;;{3
zWgBv<7Mg|YWBAi9*yc#1&cuZnxkZaBTj=EQ-!oi23=b7<qC?N!TC&$6!<yQuq~YaC
z_0tVTi{LC-!3@TC@6(yDt1|8;{dkSfR3rrN7be_C({Ti}0{;9qU1;it_)pV>Ps)Hs
z4VbUL^{XNLf7_|Oi>tA%?SG5zax}esF*FH3d(JH^Gvr7Rp*n=t7frH!U;!y1gJB^i
zY_M$KL_}mW&XKaDEi9K-wZR|q*L32&m+2n_8lq$xRznJ7p8}V>w+d@?uB!eS3#u<}
zIaqi!b!w}a2;_BfUUhGMy#4dPx>)_>yZ`ai?Rk`}d0>~ce-PfY-b?Csd(28yX22L%
zI7XI>OjIHYTk_@Xk;Gu^F52^Gn6E1&+?4MxDS2G_#PQ&yXPXP^<-p|2nLTb@AAQEY
zI*UQ9Pmm{Kat}wuazpj<q$kAY7_UQRU$-YKdQWJ&LyZumLzNJQ!;vvr#GB_EA<Jf@
z$2g7!{jMh`@>SyXCdnrD&|C1c5DIb1TnzF}f4KIV6D)CJ!?&l&{T)e4U%3HTSYqsQ
zo@zWB1o}ceQSV)<4G<)jM|@@YpL+XHuWsr5AYh^Q{K=wSV99D~4RRU52FufmMBMmd
z_H}L#qe(}|I9ZyPRD6kT>Ivj&2Y?qVZq<4bG_co_DP`sE*_Xw8D;+7QR$Uq(rr+u>
z8bHUWbV19i#)@@G4bCco@Xb<8u~wVDz9S`#k@ciJtlu@uP1U0X?yov8v9U3VOig2t
zL9?n$P3=1U_Emi$#slR>N5w<w?qFuOF5w}cnum+dV`a<C*;Hv>H-=J&T=EdUHA}_Z
zZIl<E_JWAQn>3nvMP*AZS9{cDqFanrA~S5BqxtNm9tlu;^`)3X&V4tMAkJ4gEIPl=
zoV!Gyx0N{3DpD@)pv^iS*dl2FwANu;1;%EDl}JQ7MbxLMAp>)UwNwe{=V}O-5C*>F
zu?Ny+F64jZn<+fKjF01}8h5H_3pey|;%bI;SFg$w8;IC<8l|3#Lz2;mNNik6sVTG3
z+Su^rIE#40C4a-587$U~%KedEEw1%r6wdvoMwpmlXH$xPnNQN#f%Z7|p)nC>WsuO=
z4zyqapLS<8(UJ~Qi9d|dQijb_xhA2)v>la)<1md5s^R1N&PiuA$^k|A<+2C?OiHbj
z>Bn$~t)>Y(Zb`8hW7q9xQ=s>Rv81V+UiuZJc<23HplI88isqRCId89fb`Kt|CxVIg
znWcwprwXnotO>3s&Oypkte^9yJjlUVVxSe%_xlzmje|mYOVPH^vjA=?6xd0vaj0Oz
zwJ4OJNiFdnHJX3rw&inskjryukl`*fRQ#SMod5J|KroJRsVXa5_$q7whSQ{gOi*s0
z1LeCy|JBWRsDPn7jCb4s(p|JZiZ8+*ExC@Vj)MF|*Vp{B(ziccSn`G1Br9bV(v!C2
z6#?eqpJBc9o@lJ#^p-`-=`4i&wFe>2)nlPK1p9yPFzJCzBQbpkcR>={YtamIw)3nt
z(QEF;+)4`>8^_LU)_Q3<u}L<{1}Pc_TC@cmCN`COOSM8a;|jWsk~1fYJv#PDsm#->
zC5_7lgi_6y>U%m)m@}Ku4C}=l^J=<<7c;99ec3p{aR+v=diuJR7uZi%aQv$oP?<K2
z4>dn?@6Yu_+*^>T0ptf(oobdL;6)N-I!TO`zg^Xbv3#L0I~sn@WGk-^SmPh5>W+<X
znt3fVJDljH9Rg;|i5lPHsR(0ho%1Z#U$BQ5Z>LB<+1PU}AKa?FCWF|qMNELOgdxR{
zbqE7@jVe+FklzdcD$!(A$&}}H*HQFTJ+AO<jQkEo4(Zr!RbHw&%VW+jartXEY{IAo
z-<Q*FbO_;b95g_K9)_94ZpWY1;<Z!iW)9JK0`6zeVbpJRc{foQfe9X-j8eQ-=DlS%
zH`!Rua7Ws)lQGR`lKbWfbJ{-A+Qsq7w~i7ifv23@y@q;f=f9BC2>rJYnhh}Yvta(B
zQ_bW4Rr;R~&6PAKwgLWXS{Bnln(vUI+~g#kl{r+_zbngT`Y3`^Qf=!PxN4IYX#iW4
zucW7@LLJA9Zh3(rj~&SyN_pjO8H&)|(v%!BnMWySBJV=eSkB3YSTCyIeJ{i;<t5`Q
zo(L{QW?hBDuaI(wY%y)W1q$B>(oc%_hk{$_l;v>nWSB)oVeg+blh=HB5JSlG_r7@P
z3q;aFoZjD_qS@zygYqC<CA@uG3$h<l#w}3@ssm8WfebtlUXE~>n=;Zxjo!?NK!%J$
z52lOP`8G3feEj+HTp@Tnn9X~nG=;tS+z}u{mQX_J0kxtr)O30YD%oo)L@wy`jpQYM
z@M>Me=95k1p*FW~rHiV1CIfVc{K8r|#Kt(ApkXKsDG$_>76UGNhHExFCw#Ky9*B-z
zNq2ga*xax!HMf_|Vp-86r{;~YgQKqu7%szk8$hpvi_2I`OVbG1doP(`gn}=W<8%Gn
z%81#&WjkH4GV;4u43EtSW>K_Ta3Zj!XF?;SO3V#q=<=><y*Ez-K*8OuEH#K1Uw04)
zm-E?#$M4Pw!5Sa^O{sRRDY-gWXv@8A@bA;l<_ks)es^2Nu>Tc^@?A`i;&`-cYj|;^
zEo#Jl5zSr~_V-4}y8pnufXLa80vZY4z2ko7fj>DR)#z=wWuS1$$W!L?(y}YC+yQ|G
z@L&`2upy3f>~*IquAjkVNU>}c10(fq#HdbK$~Q3l6|=@-eBbo>B9(6xV<PW<=*tlY
z$*pN5hHZpwqlet{tLghEZT#%M$0U({lim^-U@zba{?NJMf<93*()%m>`*)sae58*f
zym~RRVx;xoC<uxJ0zCckgSOZ<jKZfGBozv^HDI7G(HjLM<voAwa4Kh#eq6#2U!qA0
zF$%FfiP7?q!+@Q%0CG7sP{g!i5R&?DRZkOxRnqe`((<r{70*Vq2Rb6*k>G3`JV`xo
z!lFw)=t2Hy)e!IFs?0~7osWk(d%^wxq&>_XD4+U#y&-VF%4z?XH^i4w`TxpF{`XhZ
z%G}iEzf!T(l>g;W9<~K+)$g!{UvhW{E0Lis(S^%I8OF&%kr!gJ&fMOpM=&=Aj@wuL
zBX?*6i51Qb$uhkwkFYkaD_UDE+)rh1c;(&Y=B$3)J&iJfQSx!1NGgPtK!$c9OtJuu
zX(pV$bfuJpRR|K(dp@<Et6W$J6*Z#&a&;93*Ie~(LKx3oM(w;zbe{$4=AvBd2M!)G
z)q&m$-4a#zj+ntOm6x3DXKBbGe#P@0*At9SemktTX0uh;t#}60aB^D2eE!a4eDuX;
z-as`;dd|o4vBfl1>^j}i&H<lE5B-BmW0%$me#yff@sBn;ohRKEdDubkmfk_9%F#R?
zx3ZTQV}CG~;tIM9J0dPMr);>eJ<ZUgb6%5p(oB8d(S&NYcE9Fn#eq_UTAuN0jA(?H
z^D)QqC|?HmZ<MfF#1KC`+1B#aVb^f*7XyN**6k{KcrsXkYIuNItVY|XpO_RwL+pB-
zi361AR7q3_a+z(hygW-dSQ4&gyU_L%*Ad1YXBX3#1@&17te>Oh@|7lWo8^$*o~Xqo
z5Sb+<gm~yF$-E%g5?e&PX|O%&U0#MK#8=Cb4moDVt9pc5&|d_Nok|m&#&P2i0(_CN
zM^tc5)Kw#?l>!EtJ&e@6F+h&+<iRY;$9#Wr1>_1ETbg7LfP5GZjvIUIN3ibCOldAv
z)>YdO|NH$x7AC8dr=<2ekiY1%fN*r~e5h6Yaw<{XIErujKV~tiyrvV_DV0AzEknC-
zR^xKM3i<1UkvqBj3C{wDvytOd+YtDSGu!<rPOfY>gEMg+!&|8BQrT*|p)(dwQLEy+
zMtMzij3zo40)CA!BKZF~yWg?#lWhqD3@qR)gh~D{uZaJO;{OWV8XZ_)J@r3=)T|kt
zUS1pXr6-`!Z<!o63*D|NQNYak6gGf7_QJ$%QWph8(@+Md9XOp*qP{X}q91Av868w+
zGbBw!<JX87&2|tz_-<JKu<xhK)|6RN*Zk7fvZ42tj|cY?!)H@h7T?|0cVg1Q(Dzye
z>}w2QR7nP%d?ecf90;<QTfw00Ol^jhE%$`<-%SzE37_m?Tsl?x9jtF58}$iamaJPx
z;*k`q<{nE<sbhO}9jI-7R-I>K_7C3d!U<RH+{w3GCUW?FU;!Us-m^hLIJe*q&7e}1
zpDB4cxkQ^$zB~cRxh7B3$~Q``Zt;ZNw-Uj>Z`N(TZoWNN^Q~RjVhQG{Y<%E1PpV^4
z-m-K+$A~-+VDABs^Q@U*)YvhY4Znn2^w>732H?NRK(5QSS$V@D7yz2BVX4<IQ|}VZ
zL_WDk%d5E2#>)f5A04~$WbxGOam22>t&uD)JB8-~yiQW6ik;FGblY_I>SvB_z2?PS
z*Qm&qbKI{H1V@YGWzpx`!v)WeLT02};JJo*#f$a*FH?IIad-^(;9XC#YTWN6;Z6+S
zm4O1KH=#V@FJw7Pha0!9Vb%ZIM$)a`VRMoiN&C|$YA3~ZC*8ayZRY^fyuP6$n%2IU
z$#XceYZeqLTXw(m$_z|33I$B4k~NZO>pP6)H_}R{E$i%USGy{l{-jOE;%CloYPEU+
zRFxOn4;7lIOh!7ab<V}OmeeQNY6TeYO&&E^lN#TB*^`;ju1*`#<QB4aBWp8jLsn56
ztlcT6a*61b7mBGG7Pe5gFr$a2kxI4g;qf)gjt)|Y7A|WcqUTy7lmzDN21ov~uefIa
zStpXF9OSKG--%FP-n6GoKAZkk;aTNW1ae$KBstPWjSIc_V%4U0$Ln1&jVG=$ZcXgh
z#CvGTp=S;-S8-$7HKAq6%SA!$URan_Wx!1Oc!O*_!j0Q;YpHo#pr5>b23YKD+_-?O
z0FP9otcAh+oSj;=f#$&*ExUHpd&e#bSF%#8*&ItcL2H$Sa)?pt0Xtf+t)z$_u^wZi
z44oE}r4kIZGy3!Mc8q$B&6JqtnHZ>Znn!Zh@6rgIu|yU+zG8q`q9%B18|T|oN3zMq
z`l&D;U!OL~%>vo&q0>Y==~zLiCZk4v%s_7!9DxQ~id1LLE93gf*gg&2$|hB#j8;?3
z<g)eCVNaZv3$^cu;yV<qgy7Ou{HZYOe(Yy~3PLV!ZId!<`3EN$I2e|Sb}<jdw%KMG
z$~P@70$N+m@}=Mj9$ZG59AQ=JQRvLB(RM9)t()h{Tno>5v4S;oM6rT{Y;I+#FdmNw
z){d%tNM<<#GN%n9ox7B=3#;u7unZ~tLB_vRZ52a&2=IM)2VkXm=L+Iqq~uk#Dug|x
z>S84e+A7EiOY5lj*!q?6HDk<t%xgyS2(ef%dZKEIaXh3~wff^|xcGFVc_e~Sr`&nX
zB{0<Bl5W%rH&l?6tsWk=E?WK+SiGZtPex%sjw{ofyMqE~@feSemEiHmis}sLGcPDm
zIzGRXgYb$F!6<>Nh~0g;0Jy(al!ZHHDtur9T$y-~)94HelX1NHjXWIM7UAe}$?jiz
z9?P4`I0JM=G5K{3_%2jPLC^_Mlw?-<a70XR;I>kYYgb7`qGa3@dn|^1fRMwiyM@Ch
z;CB&o7&&?c5e>h`IM;Wnha0QKnEp=$hA8TJgR-07N<gl50D&l8aCL6u?F9;bt}O?Y
zClsN^P?BSo;~X-U^>~U5(>9vJzeoFs<a)64ao)eXA>SRBkDq=x(YgEMpb=l4TDD`2
zwVJpWGTA_u7}?ecW7s6%rUs&NXD3+n;jB86`X?8(l3MBo6)PdakI6V6a}22{)8ilT
zM~T*<jE3E@DmR%ike^(4fN~b2CI%ZAFJHK0>mU}__xSy|6XSrJ^%l<L`JF;YY6b4`
z;6>DAR3Lft%+<T2S<6#r`P7WA*H7H@Tkj*;CZWvGK|Ka6#=q$9VereUjcyuYAT-kE
z-4)n_C1YG2*?76Lh&eh@n+#B;0G7^rIA<P1)+|@l^eA4%oi{dOUZb8u1-}Kweut@X
z=3>yxC<CMW8Guf-*pI#2K9_;@nA>|ZUvSO_nqMX!_ul3;R#*{~4DA=h$bP)%8Yv9X
zyp><|e8=_ttI}ZAwOd#dlnSjck#6%273{E$kJuCGu=I@O)&6ID{n<VEYI|KdxCeO+
z8>WF5@gLb16sj|&Sb~+du4e4O_%_o`Ix4NRrAsyr1_}MuP94s>de8cH-OUkVPk3+K
z&jW)It9QiU-ti~AuJkL`XMca8Oh4$SyJ=`-5WU<{cIh+XVH#e4d&zive_UHC!pN>W
z3TB;Mn5i)9Qn)#6@lo4QpI3jFYc0~+jS)4AFz8fVC;lD^+idw^S~Qhq>Tg(!3$yLD
zzktzoFrU@6s4wwCMz}edpF5i5Q1IMmEJQHzp(LAt)pgN3&O!&d?3W@6U4)I^2V{;-
z6A(?zd93hS*uQmnh4T)nHnE{wVhh(=MMD(h(P4+^p83Om6t<*cUW>l(qJzr%5vp@K
zN27ka(L{JX=1~e2^)F^i=TYj&;<7jyUUR2Bek^A8+3Up*&Xwc{)1nRR5CT8vG>ExV
zHnF3UqXJOAno_?bnhCX-&kwI~Ti8t4`n0%Up>!U`ZvK^w2+0Cs-b9%w%4`$+To|k=
zKtgc&l}P`*8IS>8DOe?EB84^kx4BQp3<7P{Pq}&p%xF_81pg!l2|u=&I{AuUgmF5n
zJQCTLv}%}xbFGYtKfbba{CBo)lWW%Z>i(_NvLhoQZ*5-@2l&x>e+I~0Nld3UI9tdL
zRzu8}i;X!h8LHVvN?C+|M81e>Jr38%&*9LYQec9Ax>?NN+9(_>XSRv&6hlCYB`>Qm
z1&ygi{Y()OU4@D_jd_-7vDILR{>o|7-k)Sjdxkjgvi{@S>6GqiF|o`*Otr;P)kLHN
zZkpts;0zw_6;?f(@4S1FN=m!4^mv~W+lJA`&7RH%2$)49z0A+8@0BCHtj|yH--AEL
z0tW6G%X-+J+5a{5*WKaM0QDznf;V?L5&uQw+yegDNDP`<QwM)iHN0Ixe+C<}Kj)cT
z;ugg=7>hA;0XPYc6e0;Xv6|i|^F2<spnC^BAY#K6!R1`y8;L|-ax$>WB)Z$LR|HR4
zTQsRAby9(^Z@yATyOgcfQw7cKyr^3Tz7lc7+JEwwzA7)|2x+PtEb>nD(tpxJQm)Kn
zW9K_*r!L%~N*vS8<5T=iv|o<TQh`NS2YOm^v@YF+FhtT<a+buCZu6h6oT_Y5b`Scg
zm=4c{5~CgG?9-H=F8v%THj;pBAIcNf1w(JQ+AUi+?6F2LasjZ5Oz$7m+jvgK`zeSh
z^(f$UuqGD?j)9ZxVlSw*kzGRC;oCN&mCo&6G7ql5S{99P97)o*h$5+(ch97JLRzc!
zYD=hMW71CXeuLub2z%t|7;RjK6Ogym_1#+sTC!<7k`+%+%pXjbEt&Ewk(hGUoqGvq
zuM0wx5$A~T4SRbOQgIit7jaB@N32&;KWs00gsh)b^;UUaulO8Td<B}%0x3tW7;G##
zTMaSe*B!q#S@Od*Vy(-qm;}PAJhEq0;6w!v@t~78{dMpN>!zTe9k_2jC_j*7ik^M_
zaf%k{WX{-;0*`t`G!&`eW;gChVXnJ-Rn)To8vW-?>>a%QU1v`ZC=U)f8iA@%JG0mZ
zDqH;~mgBnrCP~1II<=V9;EBL)J+xzCoiRBaeH&J6rL!{4zIY8tZka?_FBeQeNO3q6
zyG_alW54Ba&wQf{&F1v-r1R6ID)PTsqjIBc+5MHkcW5Fnvi~{-FjKe)t1bl}Y;z@<
z=!%zvpRua>>t_x}^}z0<7MI!H2v6|XAyR9!t50q-A)xk0nflgF4*OQlCGK==4S|wc
zRMsSscNhRzHMBU8TdcHN!q^I}x0iXJ%uehac|Zs_B$p@CnF)HeXPpB_Za}F{<@6-4
zl%kml@}kHQ(ypD8FsPJ2=14x<gRLSp5jQ3zP{(QVzPLZLVm053fUe=@OltSio705;
z(#z2z>XJE|b20<nbuvWeRu7_ckN!4)4>RUIgs!2|R3>LUMGF6X*B_I|$`Qg=;zm7C
z{mEDy9dTmPbued7mlO@phdmAmJ7p@GR1bjCkMw6*G7#4+`k>fk1czdJUB!e@Q(~6#
zwo%@p@V5RL<HuH8=u8a6RDT=ORPK%+xl*V0g}ZRt7wrV&wXuQ&Kq5z5VF5~$tzh+o
zGvLCh{4xbZi*rM$H53QbbG^}e_;5ZL^rKOCECf%A3k<ba715W9GFJ3%z+y)SixW7v
zFUks)dR&u51!CgipP_*=HsXEQV|A6)MESe^nXfdde|e*3lS%iSm1?2t=&g8iM5yO0
zqGo^30JQ})=Z}tg94XEO6_<mfkScn>0ABU2LH7Asq^quDUho@H>eTZH9f*no9fY0T
zD_-9px3e}A!>>kv5wk91%C9R1J_Nh!*&Kk$J3KNxC}c_@zlgpJZ+5L)Nw|^p=2<X2
zVEH%@dRNgUT+xOlus$Jl>ue}CJtm;uj*Iqr)K})kA$xtNUEvX;4!Px*^&9T_`IN{D
z{6~QY=Nau6EzpvufB^hflc#XIsSq0Y9(nf$d~6ZwK}fal92)fr%T3=q{0mP-EyP_G
z)UR5h@IX}3Qll2b0oCAcBF>b*@Etu*aTLPU<%C>KoOrk=x?pN!#f_Og-w+;xbFgjQ
zXp`et%lDBBh<!%rmD;`)_Iw7qs}PxJE2OWnk0598{1@{z2=&M97kZ^;iS=)VbtW2e
z9{Njc%X1q_Y=7a@dL*7`HknH57C8G{SaT${ATgN~45gpu4M3g9K3K^dkc|SdjG%I{
zqBnN$pX_Ur&xe`6C5rq%1Au6o>~OcFnMKMUoox0YwBNy`N0q~bSPh@+enQ=4RUw1)
zpovN`QoV>vZ#5LvC;cl|6jPr}O5tu!Ipoyib8iXqy}TeJ;4+_7r<1kV0v5?Kv>fYp
zg>9L`;XwXa&W7-jf|9~uP2iyF5`5AJ`Q~p4eBU$MCC00`rcSF>`&0fbd^_eqR+}mK
z4n*PMMa&F<X)^G}xeJ@Gp5hPUp4))DB`D07_#V$I)>Occ)<Z1&cEZXfHKl6!0r^K=
z4G}bu(5ge=G8fwnhNItAV-;CCRA~!*Ffjtk+W5Q4($~|Ogx!7zYTJ+md_mLOIHP$a
z=Xv|*^wnVA6u+^6*Pjw-xuU)%_b=1oT;Uy*3v`{`12FsGfVli|)UZ4c+9zix>vTUR
zlDUAn-mh`ahi_`f`=39JYTNVjsTa_Y3b1GOIi)6dY)D}xeshB0T<J4O9}2CRcgST4
zu^DE1lNC^&bdTFMX*m;=F+oV62|j1N%Y(`}stx4V@A-${Nsme7gPF1VFeZ(Es(Tv1
z2eMG<3ngPbvsdfMDb6jRfMuIQ>8Eov5%UhWd1)u}kjEQ|LDo{tqKKrYIfVz~@dp!!
zMOnah@vp)%_-jDTUG09l+;{CkDCH|Q{NqX*uHa1YxFShy*1+;J`gywKaz|2Q{lG8x
zP?KBur`}r`!WL<v4v3q-kbT^ZHHV*Ab_1=$Ds`sw{p4Q5%K<O{0b-Frgl!8<-ysCa
z@55EXX6zF(6|%WdJ}w;c9q_T(h^VZr*46HXJncAUKTLi*=>KXY_<N$yy+H{DR|LP9
zF#oxrkoE0^A&|7gpQkf#W)&V7g<8v42B_@CDi{phanFo;l(u@KJ-))-pR{b)<rcd3
zf}4BFpSv=>K;C8$EWG>jY3UIh{+BLv0=2)KH%P}6xE2kg)%(-uA6lC?u8}{K(#P*c
zE9C8t*u%j2r_{;Rpe1A{9nNXU;b_N0vNgyK!EZVut~}+R2rcbsHilqsOviYh-pYX=
zHw@53nlmwYI5W5KP>&`dBZe0Jn?nAdC^HY1wlR6$u^PbpB#AS&5L6zqrXN&7*N2Q`
z+Rae1EwS)H=aVSIkr8Ek^1jy2iS2o7mqm~Mr&g5=jjt7Vxwg<tf08u&@2*nrRdWEq
z9>lQ^`h#Mx+x2v|9ZAwE$i_9918Mj<x0*Wdpb36@OAXTH9HjzBO?DU3pPWJl<5`?4
zJx95+eAmsI^}aX!MTHZ2jvyPZ%UQNWgYc&Az}*vhoE;`M;w#yci|VFS(*uY8dTed$
zmI+a!^D3~nUd`%d3v~n803|x?hdA<CAGP8+Vz0wak|gS0b(v+b_#OSxq^j=~x{U#C
zxb5$H!k6E86jdT96;Z=hlwo5iYt(l!8a^<>JxTMr?n!bZ6n$}y11u8I9COTU`Z$Fi
z!AeAQLMw^gp_{+0QTEJrhL424pVDp%wpku~XRlD3iv{vQ!lAf!_jyqd_h}+Tr1XG|
z`*FT*NbPqvHCUsYAkFnM`@l4u_QH&bszpUK#M~XLJt{%?00GXY?u_{gj3Hvs!=N(I
z(=AuWPijyoU!r?aFTsa8pLB&cx}$*%;K$e*XqF{~*rA-qn)h^!(-;e}O#B$|S~c+U
zN4vyOK0vmtx$5K!?g*+J@G1NmlEI=pyZXZ69tAv=@`<PF>t%ag_Hk{LP~OH9iE)I=
zaJ69b4kuCk<W;+Nm{1iL;Sjg&ce)b6RfuYXG6i3lmo`Xoo=yc_#4MF;W?A{F|EAlX
z*<!ti?&E?FEc4)+uE<O&ONf`XLQ^cl<<tMSmTYl1l}%xg`DIk~4?@x6!4)Pmk>V0V
zo(M0#>phpQ_)@j;h%m{-a*LGi(72TP)ws2w*@4|C-3+;=5DmC4s7Lp<h>95%n%@Ko
zfdr3-a7m*dys9iIci$A=4NPJ`HfJ;hujLgU)ZRuJI`n;Pw|yksu!#LQnJ#dJysgNb
z@@qwR^wrk(jbq4H?d!lNyy72~Dnn87KxsgQ!)|*m(DRM+eC$wh7KnS-mho3|KE)7h
zK3k;qZ;K1Lj6uEX<KEj5@nV#iauGcIh@~0bCkde*VA4<NzidV>LYUYi)1FN}F@-xJ
z@@3Hb84sl|j{4$3J}aTY@cbX@pzB_qM~AP<KHC>ljrjju6P0tY{C@<op~*H5^F|n>
zpUCOz_NFmALMv1*blCcwUD3?U6tYs+N%cmJ9<vk4wN1^{7_o-KiUksuyYPZPi6=aB
zRdD0jWfvBXoM%2g7{9p9f&t&G@^K{*T20!5)|u6mVvE8$*gT5c>8D%3)%)Xu^uvzF
zS5O!sc#X6?EwsYkvPo6A%O8&y8sCCQH<%f2togVwW&{M;PR!a(ZT_A+jVAbf{@5kL
zB@Z(hb$3<w@Z7>U{T_}SKA_CoQVU-;j>2J=L#lZ~aQCFg-d<9rzs$_gO&d5N6eFSc
z1ml8)P*FSi+k@!^M9nDWR5e@ATD8oxtDu=36Iv2!;dZzidIS(PCtEuXAtlBb1;H%Z
zwnC^Ek*D)EX4#Q>R$$WA2sxC_t(!!6Tr?C#@{3}n{<^o;9id1RA&-Pig1e-2B1XpG
zliNjgmd3c&%A}s>qf{_j#!Z`fu0xIwm4L0)OF=u(OEmp;bLCIaZX$&J_^Z%4Sq4GZ
zPn6sV_#+6pJmDN_lx@1;Zw6Md_p0w9h6mHtzpuIEwNn>OnuRSC2=>fP^Hqgc)xu^4
z<3!s`cORHJh#?!nKI`Et7{3C27+EuH)Gw1f)aoP|B3y?fuVfvpYYmmukx0ya-)TQX
zR{ggy5cN<mnVz7y7+knzNVJkt;lpc;qc>f4X|g)nl#jC9p>7|09_S7>1D2GTRBUTW
zAkQ=<vO$_umo;W8C9!}&#xkaPRO=3x>JMRogZqG#v;^=11O6@rPPwvJ<B8_C^h!$7
z1FiG#I7Fs!hS~+X_xS9av4ic?s4}I)b~+~ynqpL?4J!M0!;Lh~^{jyZ5OklQ8U2d;
z1_pNZ6|Y?X=U7!TcC`|AaWS_uvHe0n$~l-C+lqY=nw)_qUxZZ$`~TgLQeOW;@1pQ$
z701@hEqV6RKPy$?plo3XV+hmG(FFC_t(R=zC3ndGnN?AOBz^}Il*!(}YM_f?Vs)`N
zoXTGH^9k^Rs*ihNP{En)>kr{bW-Qg8`q8GoD#K`&Y+S#%&B>SGRL>;ZunM@49!}Uy
zN|bBCJ%sO;@3wl0>0gbl3L@1^O60ONObz8ZI7nder>(udj-jt`;yj^nTQ$L9`OU9W
zX4alF#$|GiR47%x@s&LV>2Sz2R6?;2R~5k6V>)nz!o_*1Y!$p>BC5&?hJg_M<tYqR
z53_xZU*2l8Pm44`5q;8sH8AJC`OhY?Pv0f<SBDF<5zRa5Pcc`28WO=W(}@uM2`X|H
zRYQaB%r|t}sRL>iE6UBy>RkVZj`9UWbRkN-Hk!S`=BS3t3uyX6)7SF#)71*}`~Ogz
z1rap5H6~dhBJ83;q-Y<5V35C2&F^JI-it(=5D#v!fAi9p#UwV~2tZQI+W(Dv?1t9?
zfh*xpxxO{-(VGB>!Q&0%^YW_<rkziH`41#l{!R-o<QMyf9_jzZ$o+58{{J}R|9zqw
zCjt0>F!@aZ<db_)!_xH)=)<rL4C7eRuqj-{Vl9!F47?8#IbbtVc$3LetR`tgCkn7O
z@PIcJnWwbNQc9I5c;Bn7#oM!PR?~3~=RhWhOCOgl{-a!vqnWp-GGc#(Z7u=0Jsb@k
zRLR8fKR?v;kdoa(!_kn<QSq40_$nei`C>S#ucP|YaD#>wd1Fv&Z*SR&mc;asi}1G)
z_H>`!akh-Zxq9#io(7%;a$)w+{QH)Y$?UK1Dt^4)up!Szcxnu}kn$0afcfJL#IL+S
z5gF_Y30j;{lNrG6m~$Ay?)*V9fZuU@3=kd40=LhazjFrau>(Y>SJNtOz>8x_X-BlA
zIpl{i>OarVGj1v(4?^1`R}aQB&WCRQzS~;7R{tDZG=HhgrW@B`W|#cdyj%YBky)P=
zpxuOZkW>S6%q7U{VsB#G(^FMsH5QuGXhb(sY+!-R8B<wCq$Ud&dR&R~YEJ18TLm54
z;iNBgol;q`1pM~hbiKQEHVg~udGsD!{32V0-F%Jl2*cE1CKaP}vYl}vY{JE1&Y`9<
zWxp@Q9z&I}X^~yDRt<yP&7ehNHUY-`mMuclQn{f;_BVk|%a!qyv`BTi_<F*shwHHm
zYMk#OgVxOZ5)F7}7!ZzzBqdqiT*o3-6bkMv(=P1min)~A$7Z{$hPM{)lRIzv{ziFg
ztAbHzmqKOklFBd-`W?q14D4v{uKrc3r#AAZ&_oCPRi9dQd_BxsU(vj^hw4-4vST=O
z-I*C6luz(vAIZ~@rb(A8AiNMr62dJzV>mv6Sx3WzSW<1MPPN1!&PurYky(@`bP9tz
z52}LH9Q?+FF5jR6-;|+GVdRA!qtd;}*-h&iIw3Tq3qF9sDIb1FFxGbo&fbG5n8$3F
zy<kUPcTI-*+R})(Lx?7E(-Km*D*#LFloydFBeh2ei+vLj63z@TMnj%!?Pc!@$=lI~
zWpQ4Fa#xXFx30*?LGzyx=<Q>Y&PWL{ys^dTO}oZ#@sIX^BKW*bon=;te9j5k+T%wJ
zNJtoN1~YVj4~Y<zc}D-ou*39R71C?0FVs3%E61z~{QYZ=p=4}v(=uH7JqP$9+LudZ
zPLki+z++>RrlZl)b&kJqp+Z`DqT!la$x&&IxgOQw#yZd-nBP3!7FijBXD|IsU8Zl^
zc6?MKpJQ+7ka|tZQLfchD$PD|;K(9FiLE|eUZX#EZxhG!S-63C$jWX1Yd!6-Yxi-u
zjULIr|0-Q%D9jz}IF~S%>0(jOqZ(Ln<$9PxiySr&2Oic7vb<8q=46)Ln%Z|<*z5&>
z3f~Zw@m;vR(bESB<=Jqkxn(=#hQw42l(7)h`vMQQTttz9XW6^|^8EK7qhju4r_c*b
zJIi`)MB$w@9epwdIfnEBR+?~);yd6C(Le<rt!q$FLriBQXByC(@5W-fyMd+G`gpkw
zo=2x;j`HUicFOMzOr+Hi-h(acwf1R^4yH6<++^$)J=B4dE@KAoZaXF)kE=0uwm3nd
z&m40{?8{tmrxQ5%Wq~$48e6Z&q%RJty{nmI+wz=hvB#pKRac&c?EYSnrDYd1X>MC&
zn&&N*?-g&BBJcV;8&UoZi4Lmxcj16ojlxR~zMrf=O_^i1wGb9X-0@6_rpjPYemIin
zmJb+;lHe;Yp=8G)Q(L1bzH*}I>}uAqhj4;g)PlvD9_e_<a@g*lf#ro&Ve1Oe9Dd~M
zzE8GyZq;U{s*VsFviyO$Mu<MkXYCJUQhOu^nB+^MD~g42i6J&pJlqN$*=O9FeOy#D
zMH(Hs0#anHAVz%4@!PpgmX|z|oRKkJQ8-ANxDXdJsPW`~G`Uz*(^?DtT&VY313h$)
z%Z_iZ<k;!|>ScR{Ipq|$8NvAvLD8MYr}xl=bU~)f%B3E>r3Bu9_t|ThF3C5~BdOve
zEbk^r&r#PT&?^V1cb{72yEWH}TXEE}w>t!cY~rA+hNOTK8FAtIEoszp!qqptS&;r$
zaYV-NX96-h$6aR@1xz6_E0^N49mU)-v#bwtGJm)ibygzJ8!7|WIrcb`$XH~^!a#s&
z{Db-0IOTFq#9!^<xwp4XVUmX2>j!n_F}#<SlrwIgws078xQpgq<=PFmW_#a3Vf1lR
zSZtW_!4KrMla?XPZ^%!uYvas5(q&p4<B~4-u7ZKo%gG=AWYrPaK~Ksf`2-Ltd1AQk
z$_l6x1x`BMZqVJH81bkQU_K4!7|CM9*e*BRdOD=<*r=%KzmW8K`FLhkaj-7c$V5Vt
z97r)f!2oBGV~&1@x<{&a6SOQM=KG6k)^{##XUT*iOlT|QkpE~1=S*FV(g_CM^s;$&
zRL7Q)Be-0f7v6$Yv*CJnQ>Z_nX{YzBK8XLPVmc&X`fT7!@$U-@2KM9soGbmOSAmqV
z{nr$L^MBo_u^Joyf0E^=eo{Rt0{{e$IFA(#*kP@SQd6l<gO0qV6sCD7Vl>WT2-#>`
zP1)7_@IO!9lk>Zt?#CU?cuhiLF&)+XEM9B)cS(gvQT!X3`wL*{fArTS;Ak`J<84du
zALKPz4}3nlG8Fo^MH0L|oK2-4xIY!~Oux~1sw!+It)&D3p;+N8AgqKI<GHze0K;7v
zH(+WEQqQ~(T0<)QjJr`7lg^24K~?@;_<cT}hEd4HZB%o_OQsl^L70Ju&(6N2Jbrfe
z{_b&PJgA)_dyARwqVQ$xthjN!Eyh&j;D~!^U-07v?ZtU+{rtxuW4xJPKdBd+XtoJk
zHGuql=D%L$>`ld6v71wy8I!eP0o~=RVcFQR2Gr(eP_JbSytoQ$Yt}l*4r@A8Me94y
z8cTDWhqlq^qoAhbOzGBXv^Wa4vUz$(7B!mX`T=x_ueKRRDfg&Uc-e1+z4x$jyW_Pm
zp?U;-R#xt^Z8Ev~`m`iL4*c#65Nn)q#=Y0l1AuD&+{|8-Gsij3LUZXpM0Bx0u7WWm
zH|%yE@-#XEph2}-$-thl+S;__ciBxSSzHveP%~v}5I%u!z_l_KoW{KRx2=eB33umE
zIYFtu^5=wGU`Jab8#}cnYry@9p5UE#U|VVvx_4l49JQ;jQdp(uw=$^A$EA$LM%vmE
zvdEOaIcp5qX8wX{mYf0;#51~imYYPn4=k&#DsKTxo{_Mg*;S495?OBY?#gv=edYC*
z^O@-sd-qa+U24xvcbL0@C7_6o!$`)sVr-jSJE4XQUQ$?L7}2(}Eixqv;L8AdJAVqc
zq}RPgpnDb@E_;?6K58r3h4-!4rT4Ab#rLHLX?eMOfluJk=3i1@Gt1i#iA=O`M0@x!
z(HtJP9BMHXEzuD93m|B&woj0g6T?f#^)>J>|I4C5?Gam>n9!8CT%~aT;=oco5d6U8
zMXl(=W;$ND_8+DD<ykE9Jy7gkqr#{X4q*TB+m~s#gS@r(GY*77ySFy{9E;{vV}3na
z%pxHTT*dvMnlo4+oTy^p7miJ3ziqr(ZOJ)L+PUs&R@+OotCT;pPyt{0jl<-}(V7Gp
zX$>*?|5bJ!;8ebESXMUKBAf7YBwNVJibGaJ*(2G`F%wx)grqVPjudiaq^Kl&g$8A2
zWMxMr@_$c}d<p;ey3Tcu>+;_B`#kUX-t|4VKH&_f^^EP0&=DPLW)H)UzBG%%Tra*5
z%$kyZe3I&S#gfie^z5)!twG={3Cuh)Fde<XTsb9xO3ZH)#ow2vM~pRh=a%Jxr4}vf
zpeoa8O2Xww;R&D4PixE%^{woC{=Bqwy7h$AGh*xb_!Z$59PhU?bnh=6>A!Kj<-9**
zvT*5%Tb`|QbE!iW-XcOuy39>D3oe6x{>&<#E$o8Ac|j)wq#kQzz|ATd=Z0K!p2$QE
zPu?jL8Lb^y3_CQE{*}sTDe!2!dtlFjq&YLY@2#4>XS`}v#PLrpvc4*@q^O{mmnr5D
zmyJq~t?8>FWU5vZdE(%4cuZuao0GNjp3~Dt*SLaxI#g_u>hu@k&9Ho*#CZP~lFJHj
z(e!SYlLigyc?&5-YxlE{uuk$9b&l6d`uIlpg_z15dPo*iU&|Khx2*A5Fp;8iK_bdP
z?T6|^7@lcx2j0T@x>X7|kuuBSB7<^zeY~R~4McconTxA2flHC0_jFxmSTv-~?zVT|
zG_|<oYEZfi84t5$?vv+%b)zg;Tm0h&qX7^OaItn%bat|_vvqef-&inSz3!+*B~MXf
zn>yDqa9lkF*B6_{j=T>=M8r<0s;@z#h)3BQ4NLl@`Xr__o7;~M&dL3J8fP&zLfDfy
z);ckcTev{@OUlZ`<a~3lY1y7T*bPTeFJ6B%#~z9?lT!*(A@tJdla9v|(yEo_D!5l3
zgWpU~zc-S_OEaBH!tqx5iHR`(p_}%5+rGBpw+VO8i%xcu<ZEk%m%_6nMT>bCo(-3?
z1u1xD`PKgSg?RqeVVsF<1SLF;XYA@Bsa&cY!I48ZJn1V<3d!?s=St?T<RZHAo{>Lo
zC0cNr`qD<Wz+@C|#V>*M#s6f~X>SCNVkva^9A2ZP>CoJ9bvgXe_c}WdX-)pHM5m7O
zrHt#g$F0AO+nGA;7dSJ?)|Mo~cf{z2L)Rz!`fpi73Zv)H=a5K)*$5sf_IZypi($P5
zsPwUc4~P-J1@^3C6-r9{V-u0Z&Sl7vNfmuMY4yy*cL>_)BmQF!8Om9Dej%cHxbIzA
zhtV0d{=%cr?;bpBPjt@4w=#<>k5ee=TiWAXM2~tUG<V}0zLoj=i_-Df@ocJ$(doRp
ztKallYpOUL#3IL6u(+quF)vpQn3m46D_;nvUCNo3?ECVPP9X(bd00g%F#AlS@SJ#4
z%8N#aRo==*hh^$QLCs*-+4DRsO2)x^3cbV3Q3KH=HsOMoWaaL-P@E2B9AQu{uH>fm
z$s&!Dm0R^V$}fOR*B^kGaipi~rx~A2cS0;t&k<A0G-}=%(v(Q0cfU+X-TJJhn(DnP
z4JUVy2A}-oOBotf4Se48>hV1a<cf@1eDWd;R?38Krle_gtcZK}=dkLCqItP$?~n+g
zae42{<6B27z2%?Bsw0ffr{rV{k~Rp8I~N^Hl7A(kh?&)UkI(~LwR%>4u38*XRUP~f
za!rZMtay8bsLt6yFYl@>-y^31(*P!L^^s@mslZy(SMsv9bVoX`O#yBgEcjCmGpyc*
zeH$Dw6vB5P*;jor+JOX@;6K#+xc)Z9B8M=x2a@Wx-{snPGpRmOC$zpsqW*JCh@M2Y
z#K+M(>=#d^>Of9C`))h<=Bsy)6zaMJ&x-t%&+Ucp<HIt~W~b;(@$>LjV`jo4R2025
z<Y{{N1{{e3B{Jn+c77XlWtbx9OBU+M_(;<8;0~=8Ph2QMs3+Zw?bSQV;q%^JEaX$e
z;Vd8f)b9ET29wV$Q>XaG8EA!0lQa)|dx-@{O)qP6`$rhCkoQqZ`^SW8g-kOwrwsK8
z3ms*AIcyj}-1x&A&vSq{r=QMyp3CHdWH35!sad#!Sm>^|-|afB+Q;|Iq@LFgqIp#Z
zD1%H+3I?6RGnk&IFo|u+E0dCxXz4yI^1i!QTu7uvIEH>i3rR{srcST`LIRwdV1P;W
z+%AN1NIf@xxvVLiSX`8ILA8MzNqE&7>%jMzGt9wm78bo9<;h*W84i29^w!>V>{N+S
zd`5Zmz^G;f=icvoOZfK5#1ctx*~UwD=ab4DGQXehQ!XYnak*dee%YN$_ZPL%KZuz$
zD;$PpT;HM^$KwtQm@7uvT`i6>Hae1CoRVM2)NL<2-k2PiX=eAx+-6j#JI?M}(tuBW
zkF%jjLR)O`gI2fcPBxF^HeI|DWwQWHVR!;;{BXXHskxh8F@BMDn`oEi-NHt;CLymW
z=KSv5)3dyzec0T5B*`g-MQ<;gz=nIWKUi9ko<|4I(-<w4I#sX{Ql80P;8bcKjlGSK
zp~yQ(;^y0s9RFCvc2u(I^#Y^!@tjudAd*v;f|XiHBQNGS6_b-95puIO<;QO*=%?{0
z;mryS)gDuCe~tZ`DPIW5W_fNj_#jL{`6lJ5cJ6SG=+^EJr^`JeJsTD;MclG_sxisZ
z?uhn5F($|2nJ7pvty*2qAtsOJRY_NI77&m{ISD+{sJ_)^o**`w`N>E0k$QncH>E4l
z**1w&#={&zv4Tvhgz#c29`m|;<Ue5bFAZpjqANUFk~kBGuYK<_JK>lU-jmaXFMC11
z*dlXDMEOG>VoLMc>!rApwOu2prKSi*!w%`yzGmS+k(zm*CsLK*wv{S_0WX^8A-rKy
zbk^Gf_92^7iB_uUF)EE+ET4d|X|>d&mdN?x@vxKAQk`O+r4Qdu>XGy(a(19g;=jU}
zFX{O*_NG>!$@jh!U369Lnc+D~qch3uT+_Amyi}*k#LAAwh}k8IPK5a-WZ81ufD>l>
z$4cF}GSz>ce`3FAic}6W4Z7m9KGO?(eWqi@L|5Hq0@L|&2flN1PVl}XgQ2q*_n2s3
zt5KtowNkTYB5b;SVuoXA@i5irXO)A&%7?V`1@HGCB&)Wgk+l|^XXChq;u(nyPB}b3
zY>m5jkxpZgi)zfbgv&ec4Zqdvm+D<<?3uny=i;xwOlAC_Tc+b0;kY7-vx;A)KO<$b
z!mM&%JEI}t>?Im*mXweS9H+V>)zF#Zp3)bhl$PbISY{5=_z!8&*Jv~NYtI-g!>fDs
zmvL5O^U%!^VaKA9gvKw|5?-jk>~%CVGvctKmP$kpnpfN{D8@X*Aazi$txfa%vd-|E
z>kYmV66W!lNekJPom29LdZ%(I+ZLZYTXzTg*to~m?7vp%{V<~>H+2}PQ?PPAq`36R
z<%wR8v6UkS>Wt#hzGk#44W<%9S=nBfB);6clKwnxY}T*w21Qc3_?IJ@4gYzC7s;WP
zVQNI(M=S=JT#xsZy7G`cR(BP9*je0bfeN8JN5~zY(DDs0t{LpHOIbN);?T-69Pf3R
zSNe*&p2%AwXHL>__g+xd4Hlc_vu<25H?(`nafS%)3UPP7_4;gk-9ckt8SJRTv5v0M
z_Hww`qPudL?ajIR&X*;$y-`<)6dxx1U~5eGS13CB!lX;3w7n&lDDiArbAhSycd}+b
zya_3p@A`$kQy;|NJZ~s44Hqo7Hwt}X86NK=(ey>lgWTtGL6k@Gy;PbO!M%1~Wcn2k
zUFP|*5d>t-X*RU8g%>|(wwj*~#l4z^Aatf^DWd1Wj#Q*AY<o|l&}{LI>0D^V@sC`M
zjJc6qXu0I7<!pZblLF~RwT5!S6dVx}2`xj{-i;+(qkgJG1)noJqLA@@RN<oLUCRPP
zxfjHQUai*rkwqrT60~IzB@%WBX02*tw3*sCrM8W>Y*2;;gGu!plAFzG=J;1%eIOdn
zQA>J&e05UN*7I5@yRhK|lbBSfJ+5Uq;!&HV@xfPZrgD}kE*1DSq^=%{o%|LChhl#0
zlMb<^a6ixzpd{kNZr|3jTGeEzuo}-eLT-)Q$#b{!vKx8Tg}swCni>{#%vDY$Ww$84
zew3c9BBovqb}_&BRo#^!G(<gf6o^lp99LD#kx<MER=<@tCX1^BFTbwM^``7(LOQY@
zEqxVCkp#2PI<XB`ov%%Q&@SoBV=IvAgzt#VzvgC(Kk;TpN40`oC^`5s%Q9iB#w=Cj
zv1+$@qJ9DCi{ddRIdFp4*=KLoO^UY)$YpX=UdXvuhtp5Oj@vhVm%-sV85eDjNH{EX
z*kvKl&?&j<QGMeW7tPWM6{1)n`=ac?#8d9f@kIV3kA+gW*^Tqv$T~yoa2DpOjcxOS
z{G<-ajSf74;}+hudPnyuH|_19-h+%2{H$u`G5T5vjwblv={62_r17YY1X@Bcq7XM-
z)mu@onGHy+sUpJW64FX6=h6@DEhZ~&X>1Eg((BScRZ}C)Oz?y`T5wOrv);)b^4XR8
zhJo7+<^7)qB>I;46!GySzdneZ>n_E1oWZY;kf94#)s)kWjuJN1c+wbVoNQcmnv}{>
zN0pF+Sl3E}UQ$}slSZeLJrwT>Sr}#V(dVaezCQl2|4LN`7L7v&siYR|r7M(*JYfR$
zst3=YaDw$FSc{g}KHO&QiKxuhEzF{f%RJLKe3p*7=oo`WNP)M(9X1zIQPP0XHhY3c
znrP{$4#Ol$A0s|4S7Gx2L23<cPp>dv*Gv2o;h((XVn+9+$qvm}s%zi6nI-_s6?mG!
zj{DV;qesJb&owKeEK?=J>UcAlYckA7Sl+I&IN=yasrZOkejir*kE@SN`fk<8Fgx*$
zy&fE6?}G)d_N`){P~U@1jRVA|2*69)KSe_}!~?+`Yb{Y=O~_+@!j<&oVQQMnhoIRU
zA0CyF1OFfkK44n*JD~!2!SCPM;PRSk%1XL=0&rz00wxPs&-_eapJy#$h!eqY%nS0{
z<se?qfQ89XwwA;8XB>!aGg58JIJP<C?-Lq`lTNsm#AgHVz-Y0s_<jRmVW9#JfaAO^
zUgrN5kYa6CiV<`BwJ8O)sIywY6(a>F3_ci%n)QSVpa2H`vIe$RD43;#IRfDV&Ibit
z+?>HW4{2wOfC6Fw)}4x}i1maDxcE1qi@BS*qcxD2gE@h3#4cgU*D-&3z7D|tVZWt=
z-Cy2+*Cm@P4GN_TPUtaVyVesbVDazF@)j8VJ4>XZv!f%}&eO1SvIgr}4`A*3#vat<
z_MoByL(qW6L7SFZ#|Gc1fFN)L2PxY+{B8tJp+pxRyz*87)vXR}*=&ahXjBlQKguuf
zX6x<<6fQulE^C*KH8~W%ptpaC0l?b=_{~*U4?5Vt;dgM4t_{&UZ1C2j?b><dx`$8!
ze4sJ^8}?7VYiLoIC$69~0MIA!!7Rwu6Dq)kX*<lHqT0U&4WX!<G&bkefpSP0=xCcO
z()hqGP~~kv6H&HvLm+kCE!Nz>b+5}{IF_CUyvz-@QZPMlJ)r_tS$9kH%RPv#2_nMb
zRLj5;chJ72*U`Z@Dqt4$@_+k$%|8m(HqLG!qT4P^DdfvGf&){gKnGCX#H0!;W=AGP
zbA&Z`-__a)VTS}k<aEJ311DSHJIu)Ndl?O_C*N_MS1q7Laqq*zlG()h4UCODa;iH4
z(XC(Z`(-cCxkOrT?MTkb=V=+hyg5L(*^!(=yP$&GArQczUu2*gZo{O9t9~>KFjWGk
z%|>yE?t*EJ!qeQ%dPk$;xIQ+P0;()PCBDgjJm6Buj{f^awNoVx+9<|lg3%-$G(*f)
zll6oOkN|yamn1uyl2*N-lnqRI1cvs_JxLTeahEK=THV$Sz*gQhKNb*p0fNoda#-&F
zB-qJgW^g}!TtM|0bS2QZekW7_tKu%GcJ!4?lObt0z_$mZ4rbQ0o=^curCs3bJK6sq
z9fu-aW-l#>z~ca(B;4yv;2RZ?tGYAU)^)Kz{L|4oP<SkWyBU+f_%F<#?yy=LhA~g^
ztueiO@sJ(BDN3Mz`8So5#&T!OUtM8qWT<xiIyfpo(&lgE-7DEcM?<Kd`UVf_*}r(8
zCzgNsXNSi)1{V0~XToTF|4Nv-??<~$G(Uy7p@qc!_j+!O;`gtF$xU(Y@7%v-yrD2q
z{qJ=kRDjxcFq_oCp_our<PFSF$4y0BpPO%|kqiZgitTQIUv=I!_}1+UsxG+!y@1>j
zdOf_?de|#yS)p2v8-N||+XL=O*%3+y)oI(HbM)Ds?q8~HPzI<h)CPl@-?j`}I~*GQ
zcLT0AdRsV9-Yt|ap{0ce+ueYFd~HkkokH(I37}yNHwen&wj}s>P(vs*G`iddbWq}!
z(2!VjP&{Z1w+%eUq^<EbM|6YYL8Gs1;NfI!i}!ad7AQ0{B*q4GUFLSsTemUjW%3QQ
z?x$O#{du(<S~Tcw-wm+KV87yz$<g}Aw&`BzzwZ7*S)lh#H&`6YcV^kz4bZzc8<<74
zTVg_=YnyK3KuZig$=*P(YT6QgZ5w5ab8RRz^rUbD`bEoj(3{T<PpIR8sX1nHE{??k
LmiCMtn7{r93&V3<

diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index ae04661..b82aa23 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.5.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/gradlew b/gradlew
index a69d9cb..1aa94a4 100755
--- a/gradlew
+++ b/gradlew
@@ -55,7 +55,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/master/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -80,13 +80,11 @@ do
     esac
 done
 
-APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
-
-APP_NAME="Gradle"
+# This is normally unused
+# shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
@@ -133,22 +131,29 @@ location of your Java installation."
     fi
 else
     JAVACMD=java
-    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+    if ! command -v java >/dev/null 2>&1
+    then
+        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
 
 Please set the JAVA_HOME variable in your environment to match the
 location of your Java installation."
+    fi
 fi
 
 # Increase the maximum file descriptors if we can.
 if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
     case $MAX_FD in #(
       max*)
+        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
         MAX_FD=$( ulimit -H -n ) ||
             warn "Could not query maximum file descriptor limit"
     esac
     case $MAX_FD in  #(
       '' | soft) :;; #(
       *)
+        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
         ulimit -n "$MAX_FD" ||
             warn "Could not set maximum file descriptor limit to $MAX_FD"
     esac
@@ -193,11 +198,15 @@ if "$cygwin" || "$msys" ; then
     done
 fi
 
-# Collect all arguments for the java command;
-#   * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
-#     shell script including quotes and variable substitutions, so put them in
-#     double quotes to make sure that they get re-expanded; and
-#   * put everything else in single quotes, so that it's not re-expanded.
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Collect all arguments for the java command:
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#     and any embedded shellness will be escaped.
+#   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
+#     treated as '${Hostname}' itself on the command line.
 
 set -- \
         "-Dorg.gradle.appname=$APP_BASE_NAME" \
diff --git a/gradlew.bat b/gradlew.bat
index f127cfd..25da30d 100644
--- a/gradlew.bat
+++ b/gradlew.bat
@@ -26,6 +26,7 @@ if "%OS%"=="Windows_NT" setlocal
 
 set DIRNAME=%~dp0
 if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
 set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
 
@@ -42,11 +43,11 @@ set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
 if %ERRORLEVEL% equ 0 goto execute
 
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 
@@ -56,11 +57,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 
 if exist "%JAVA_EXE%" goto execute
 
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 
diff --git a/owl2java/build.gradle.kts b/owl2java/build.gradle.kts
index 0b3308e..98ca43d 100644
--- a/owl2java/build.gradle.kts
+++ b/owl2java/build.gradle.kts
@@ -1,5 +1,5 @@
 plugins {
-    id("org.jetbrains.kotlin.jvm") version "1.5.10"
+    id("org.jetbrains.kotlin.jvm") version "1.9.0"
     application
 }
 
@@ -19,5 +19,5 @@ dependencies {
 }
 
 application {
-    mainClassName = "io.clouditor.graph.SemanticNodeGenerator"
+    mainClass = "io.clouditor.graph.SemanticNodeGenerator"
 }
\ No newline at end of file
diff --git a/owl2java/gradle/wrapper/gradle-wrapper.jar b/owl2java/gradle/wrapper/gradle-wrapper.jar
index 249e5832f090a2944b7473328c07c9755baa3196..e6441136f3d4ba8a0da8d277868979cfbc8ad796 100644
GIT binary patch
literal 43453
zcma&N1CXTcmMvW9vTb(Rwr$&4wr$(C?dmSu>@vG-+vuvg^_??!{yS%8zW-#zn-LkA
z5&1^$^{lnmUON?}LBF8_K|(?T0Ra(xUH{($5eN!MR#ZihR#HxkUPe+_R8Cn`RRs(P
z_^*#_XlXmGv7!4;*Y%p4nw?{bNp@UZHv1?Um8r6)Fei3p@ClJn0ECfg1hkeuUU@Or
zDaPa;U3fE=3L}DooL;8f;P0ipPt0Z~9P0)lbStMS)ag54=uL9ia-Lm3nh|@(Y?B`;
zx_#arJIpXH!U{fbCbI^17}6Ri*H<>OLR%c|^mh8+)*h~K8Z<V--Q23O4&HBVn~<)q
zmUaP7+TjluBM%#s1Ki#^GurGElkc7{cc6Skz+1nDVk%wAAQYx1^*wA%KSY>!9)DPf
zR2h?lbDZQ`p9P;&DQ4F0sur@TMa!Y}S8irn(%d-gi0*WxxCSk*A?3lGh=gcYN?FGl
z7D=Js!i~0=u3rox^e<cs4tSN~YA?c-d185$YFNA$Eq1&U{wh#b^OveuKoBPy0oYZ4
zAY2?B=x8yX9}pVM=cLrvugywt!e@Y3lH)i?7fvT*a`O;c)CJQ>O3i@$0=n{K1lPNU
zwmfjRVmLOCRfe=seV&P*1Iq=^i`502keY8Uy-WNPwVNNtJFx?IwA<BCEY82WDKJP<
zB^CxjFxi=mg*OyI?K3GoDfk;?-K<Z#JoxhYNeEUf896)l%7gL``44}zn)7|Rf;)SC
z_EfJr4I+3i(GiHN`R+vHqf}1wXtH?65<wKlxV1BU(#3XgtH<$Fir3S(7QeRA3)u89
zID&66K{&mq$DsB}s&o?H60{cskfh*hvn8hQW#~Q!qM04QtZvx3JEpqeKWE6|+OZW=
z(LB7}flr|t7va%>yR<KG!FYzS$bs7qXcpM&wV@~>PZo2<wCq%CszVO$mosTTuv*Mz
zOLoi?e^7B~xS22~QW8Rmnt{(AtL<HGi<_P9`0pH;3)@S9Eg`gt2X<om7C^q}pKX|*
zTy3X{nOr-xyt4=Qx1IjrzGb!_SyAv^SZcf;air&-;Ua+)5k0z=#R7@UW%)3oEjGA|
zZ#DE3px@h1k7w%|4rVIO=0Aid2A%?nBZrupg^_z5J-$$YKeDZ&q8+k7zccb<dc4D;
zz}+UYkl_eUNL3PW+reZ6UUB}=sHp~$z%Q}gZ-#ow+ffQIj|A3`B9LO*6%t@)0PV!x
ziJ=9fw_>Wo1+S(xF37LJZ~%i)kpFQ3Fw=mXfd@>%+)RpYQLnr}B~~zoof(JVm^^&f
zxKV^+3D3$A1G;qh4gPVjhrC8e(VYUHv#dy^)(RoUFM?o%W-EHxufuWf(l*@-l+7vt
z=l`qmR56K~F|v<^Pd*p~1_y^P0P^aPC##d8+HqX4IR1gu+7w#~TBFphJxF)T$2WEa
zxa?H&6=Qe7d(#tha?_1uQys2KtHQ{)Qco)qwGjrdNL7thd^G5i8Os)CHqc>iOidS}
z%nFEDdm=GXBw=yXe1W-ShHHFb?Cc70+$W~z_+}nAoHFYI1MV1wZegw*0y^tC*s%3h
zhD3tN8b=Gv&rj}!SUM6|ajSPp*58KR7MPpI{oAJCtY~JECm)*m_x>AZEu>DFgUcby
z1Qaw8lU4jZpQ_$;*7RME+gq1Ky<fW-rh4ehZ;%u960Gt5OF)<y$00S=6tVE=%Pt~(
z!&BP&2I%`@>SGG#Wql>aL~k9tLrSO()LWn*q&YxHE<sT^`N@Q|)S3y<ZACaLXO56z
zncP$~M5K!npWqz?)C50MMw=XqFtDO!3JHI*t-^8Ga&lGPHX2F0pIGdZ3w5ewE+{kf
z-&Ygi?@-h(ADD|ljIBw%VHHf1xuQ~}IeIQ5JqlA4#*Nlvd`IfDYzFa?PB=RCcFpZ4
z|HFmPZM=;^DQ_z<IPz$$+yG(H4803QQAA7vQF7;_gv|AD1bH*R-CP3f<<utDpH)Ht
zI@{uO12adp{;132YoKPx?C9{&;MtHdHb*0F0;Z~D42}#*l+WD2u?r>uzmwd1?aAtI
zBJ>P=&$=l1efe1CDU;`Fd+_;&wI07?V0aAIgc(<VS*?#8Zt!w88FJrjasA1!6>!{a
z0Jg6Y=inXc3^n!U0Atk`iCFIQooHqcWhO(qrieUOW8X(x?(RD}iYDLMjSwffH2~tB
z)oDgNBLB^AJBM1M^c5HdRx6fBfka`(LD-qrlh5jqH~);#nw|iyp)()xVYak3;Ybik
z0j`(+69aK*B>)e_p%=wu8XC&9e{AO4c~O1U`5X9}?0mrd*m$_EUek{R?DNSh(=br#
z#Q61gBzEpmy`$pA<eVn3dnmk^xq`=o2)~2c0ywsuTQsC?1WZZehsJYfK@LQ>*6!87
zSDD+=@fTY7<4A?GLqpA?Pb2z$pbCc4B4zL{BeZ?F-8`s$?>*lXXtn*NC61>|*w7J*
z$?!iB{6R-0=KFmyp1nnEmLsA-H0a6l+1uaH^g%c(p{iT&YFrbQ$&PRb8Up#X3@Zsk
zD^^&LK~111%cqlP%!_gFNa^dTYT?rhkGl}5=fL{a`UViaXWI$k-UcHJwmaH1s=S$4
z%4)PdWJX;hh5UoK?6aWoyLxX&NhNRqKam7tcOkLh{%j3K^4Mgx1@i|Pi&}<^5>hs5
zm8?uOS>%)NzT(%PjVPGa?X%`N2TQCKbeH2l;cTnHiHppPSJ<7y-yEIiC!P*ikl&!B
z%+?>VttCOQM@ShFguHVjxX^?mHX^hSaO_;pnyh^v9EumqSZTi+#f&_Vaija0Q-e*|
z7ulQj6Fs*bbmsWp{`auM04gGwsYYdNNZcg|ph0OgD>7O}Asn7^<IivRZw`Wa$`V6)
zgX@^QL9j}-Od{q5<J*k0+1U=R5+PCYj(U}4VpX+BjfI~+dttS?HJ6uZSGH#H-twTo
zaptG40+PAc$fs*zLFkOfGfc+xGs<T?rLGIA%SU7c%jh!E1SNN~*-`ccW8wo4gv2Sj
zhify^C(ygi)uGwqXDLqVbH>Z=eI>`$2*v78;sj-}oMoEj&@)9+ycEOo92xSyY344^
z11Hb8^kdOvbf^GNAK++bYioknrpdN>+u8R?JxG=!2Kd9r=YWCOJYXYuM0cOq^FhEd
zBg2puKy__7VT3-r*dG4c62Wgxi52EMCQ`bKgf*#*ou(D4-ZN$+m<X+=`m<r!lO%3T
zMp}MJd(WDoQ2&6(LClZxpv<vZPPM3Ngkye2VhB=i|B12g5ouw(%`gbWtRq8~sU|o*
z$kQ8Jb~6&{ak;r$7@?#t*q9RfAOj=^uAf1z5Y8`N%M`oM@?!~VqN{g%-u$XR1u1Im
zGE&AzFpIcER(5jtCPR%RZ)!+|*rU~jZBiOKdqYjO(%yK3Lz;{##(@QEVo>g&7$u!!
z-^<eVk1WtrWdvAzoBMHoB$s2RXJCv}%muyVFFJ``?>+Z%;-3IDwqZ|K=ah85OLwkO
zKxNBh+4QHh)u9D?MFtpbl)<T1$eOrb4-+U|WDC2BesgFRlgt`klbeQ^1S`7`r+uZ8
zH&U=geA}Si;CUcKvBA&^@<o1GQ7`{1Y(cCHZv|73JIJOvVwLOMZP%Q|)y@^j2e<+z
zWVo=#FL!4XNKS~-_1`gw*qi$0j6P7ym_LTvG>us}9+V!D%w9jfAMYEb>%$A;u)rrI
zuBudh;5PN}_6J_}l55P3l_)&RMlH{m!)ai-i$g)&*M`eN$XQMw{v^r@-125^RRCF0
z^2>|DxhQw(mtNEI2Kj(;<s2pnue6O@?^QaAp;Ze6z9nX*w}4h7342+0lU$@;Knnve
zqqY2Ci=`)@>KblC7x=JlK$@78`O~>V!`|1Lm-^JR$-5pUANAnb(5}B}JGjBsliK4&
zk6y(;$e&h)lh2)L=bvZKbvh@>vLlreBdH8No2>$#%_Wp1U0N7Ank!6$dFSi#xzh|(
zRi{U<eziQYNZ-=4ReK3@^LFvNQI~(Pdvp+X@J@g#bd~m0wFc+sW3Xf5tyA3xKp;T3
zy14<o-`F}$ET-DQ;B;yNy?d>w%-4W!{IXZ)fWx@XX6;&(m_F%c6~X8hx=BN1&q}*(
zoaNjWabE{oUPb!Bt$eyd#$5j9rItB-h*5JiNi(v^e|XKAj*8(k<5-2$&ZBR5fF|JA
z9&m4fbzNQnAU}r8ab>fFV%J0z5awe#UZ|bz?Ur)U9bCIKWEzi2%A+5CLqh?}K4JHi
z4vtM;+u<SJ)DEVF_yZnTw01M`(s#^BNx+c|MQ6ogb50Jjul0L;!#OmrYCs)iE)7(t
z?%I~O!zVNt#Bf3#O2WXsGz!B}&s@MfyDeaoqqf=GELN3g$+DA`&&GKy(`Ya~A@6vK
zn|WZ-+tB`DH^+SjI&K3KekF%-QIP%R{F)inWc~@cEO-=3Or<lm9g9}|`|ky#v{5*;
zKA5d<ecC{<o9p<U4UUK$m|+q#@(>PsVz{Lfr;78W78gC;z*yTch~4YkLr&m-7%-xc
ztw6Mh2<b07B|^BQBjvq{FXx?kyJ);`+G*=&9PMD`1uf<{+pNnnsIQx~kaB?*5<-7a
zqY)GyF_w$>d>_iO<o;tRi5=dcnU&wcur@4T5Z=-$xFUEsp-yX${|jSF|HMDPq3?MS
zw;p9zjR`yYJOfJZsK~C-S=JQ?nX{z_y@06JFIpheAo-rOG|5&Gxv)%95gpu@ESfi|
z7Auc&hjVL;&81Pc#L`^d9gJb`wEtLVH8q|h{>*$Rd8(-Cr1_V8EO1f*^@wRoSozS)
zy1UoC@pruAaC8Z_7~_w4Q6n*&B0AjOmMWa;s<dwKr_&w<X$Z*rmLmKUI3S>Iav&gu
z|J5&|{=a@vR!~k-OjKEgPFCzcJ>#A1uL&7xTDn;{X<DkOU(-L87#5hf4{m?aj!I6-
zPEt$K07IXK8mI0TYf-jhke2QjQw3v?qN5h0-#Fel0)Krq1f)#^AFsfd|K$I={`Xs9
z{JIr8M>BdeM}V=l3B8fE1--DHjSaxoSjNKEM9|U9#m2<eS=8Og#NOG$&X&%|8sOyg
zpZ6&%KPd&uh?v{hRMVvQjUL}gY3)Mk3{XQXF{><3>n{Iuo`r3UZp;>GkT2YBNAh|b
z^jTq-hJp(ebZh#Lk8hVBP%qXwv-@vbvoREX$TqRGTgEi$%_F9tZES@z8Bx}$#5eeG
zk^UsLBH{bc2VBW)*EdS({yw=?qmevwi?BL6*=12k9zM5gJv1>y#ML4!)iiPzVaH9%
zgSImetD@dam~e>{LvVh!phhzpW+iFvWpGT#CVE5TQ40n%F|p(sP5mXxna+Ev7PDwA
zamaV4m*^~*xV+&p;W749xhb_X=$|LD;FHuB&JL5?*Y2-oIT(wYY2;73<^#46S~Gx|
z^cez%V7x$81}UWqS13Gz80379Rj;6~WdiXWOSsdmzY39L;Hg3MH43o*y8ib<ko|2T
z<o~B%-$Y4Q9z_t97c`{g0veSfFt63Osbpe2Osn@<=nrAVk_JfMGt&lMGw9leshc#5
z*hkn0u>NBBH`(av4|u;YPq%{R;IuYow<+GEsf@R?=@tT@!}?#>zIIn0CoyV!hq3mw
zHj>OOjfJM3F{RG#6ujzo?y32m^tgSXf@v=J$ELdJ+=5j|=F-~hP$G&}tDZsZE?5rX
ztGj`!S>)CFmdkccxM9eGIcGnS2AfK#gXwj%esuIBNJQP1WV~b~+D7PJTmWGTSDrR`
zEAu4B8l>NPuhsk5a`rReSya2nfV<T&F{)-N{)9$`9a!^D!-03RDN<TPH!aW46TC4L
z>1EK01+G!x8aBdTs3Io$u5!6n6KX%uv@DxAp3F@{4UYg4SWJtQ-W~0MDb|j-$lwVn
znAm*Pl!?Ps&3wO=R115RWKb*JKoexo*)uhhHBncEDMSVa_PyA>k{Zm2(wMQ(5NM3#
z)jkza|GoWEQo4^s*wE(gHz?Xsg4`}HUAcs42cM1-qq_=+=!Gk^y710j=66(cSWqUe
zklbm8+zB_<cF$~mH3zum`PN7rn^cr1XvcjzxFO{ms_482AyMFYi+#o7!*vecrNhft
z48z<2q#fIw=ce!MXuptfT4+M8FP&|QfB3H@2)dceSR<*e5@hq<#7<$5tC^!RO8Zi<
zd_Wl!>syQv5A2rj!Vbw8;|$@C!vfNmNV!yJ<MblqN@23-5g1<aeoul%Um5K((_QY}
ze%_@BuNzay69}2PhmC<;m}2=FevDzrp!V!u4u|#h@B=rfKt+v!U`0k7>IWDQ>{+2x
zKjuFX`~~HKG~^6h5FntRpnnHt=D&rq0>IJ9#F0eM)Y-)GpRjiN7gkA8wvnG#K=q{q
z9dBn8_~wm4J<3J_vl|9H{7q6u2A!cW{bp#r*-f{gOV^e=8S{nc1DxMHFwuM$;aVI^
zz6A*}m8N-&x8;aunp1w7_vtB*pa+OYBw=TMc6Q<xVqo{NJ3h9-a)s5XuYMqZ=Y{7{
z$O63J`)FM-y*mko#!-UBa!3~eYtX1hjRQY2jMxAx=q5uKNm#uaKIak>K=mbA-|Cf*
zvyh8D4LRJImooUaSb7t*fVfih<97Gf@VE0|z>NcBwBQze);Rh!k3K_sfunToZY;f2
z^HmC4KjHRVg+eKYj;PRN^|E0>Gj_zagfRbrki68I^#~6-HaHg3BUW%<xsJq4AotN+
zH6twFV=)FlAbs*F6vGws^==x5Tl0AIbcP{&2yxB=)*u+bvK^L6$Vp}U2{9nj{bK~d
zee7tC)@DR<dI`D%cA(%7M9Ui3a)^iG?m=oJO0E^``<|5il2sf1fZHvy=D@e0<I)<l
zI!|d{`X3u}lz2(4Vn>+clM1<yhZZgPANro5CwhUb>xQEdPYt_g<2K+z!$>*$9nQ>;
zf9Bei{?zY^-e{q_*|W#2rJG`2fy@{%6u0i_VEWTq$*(ZN37|8lFFFt)nCG({r!q#9
z5VK_kkS<W$zJN%xs9<lngf<utn=i|I;bCdr-Lr<EzK)tkE-pYh-fc0wqKz?&U8TTN
zh_eAdl<>J3?zOH)OezMT{!YkCuSSn!<oaxO4?NS?VufjhPn>K#-Rhl$uUM(bq*jY?
zi1xbMVthJ`E>d>(f3)~fozjg^@eheMF6<)I`oeJYx4*+M&%c9VArn(OM-wp%M<-`x
z7sLP1&3^%Nld9Dhm@$3f2}87!quhI<BVn6Upp<cc;cU|)&2W%nk!Ak8tXK8aT!m*5
z^9zmeeS|PCG$hgM&Uh}0wp+#$jK3YCwOT&nx$??=a@_oQemQ~hS6nx6fB5r~bFSPp
z`alXuTYys4S5dCK)KDGR@7`I-JV^ewQ_BGM^o>@nwd@3~fZl_3LYW-B?Ia>ui`ELg
z&Qfe!7<FViITCBP{rA>m6ze=mZ<W0bN&bq-0D3>`Ia9$z|ARSw|IdMpooY4YiPN8K
z4B(ts3p%<w%rbophph+BzYj>2i(Td=<hfIaF6Ll8+9!48Ti=xpXB{FgJbk;>tgEHX
z0UQ_>URBtG+-?0E;E7Ld^dyZ;jjw0}XZ(}-QzC6+NN=40oDb2^v!L1g9xRvE#@IBR
zO!b-2N7wVfLV;mhEaXQ9XAU+>=XVA6f&T4Z-@AX!leJ8obP^P^wP0aICND?~w&N<u
ztispy>ykJ#54x3_@r7IDMdRNy4Hh;h*!u(Ol(#0bJdwEo$5437-UBjQ+j=Ic>Q2z`
zJNDf0yO6@mr6y1#n3)s(W|$iE_i8r@Gd@!DWD<Q)gT}bxTg_YpJQ5s|m8}+B)KBN6
zYnlzh>qZ7J&~gAm1#~maIGJ<sH@F<m!Fuh_fvrMbcDJNJ5~Yg;LF}NFN}&Y&LL76S
zv)~8W2?_rx`P;4LB-=JqsI{I~4U8DnSSIHWU2rHf%vWsA2-d=78An8z4q|lvgQ2iB
zhUUI!H+|C+_qp(Tjzu5usOu}cEoivZK&XA==sh0cD|Eg7eERXx?KwHI=}A9S_rx8S
zd)VLh_s!Juqi^!0xv7jH)UdSkEY~N|;QMWvs;HN`dMsdK=Dw2mtAHHcK8_+kS%a_V
zGgeQoaMM>1sls^gxL9LLG_Nh<XXk<>U!pTGty!TbhzQnu)I*S^54U6Yu%ZeCg`R>Q
zhBv$n5j<?~h)Y%y=zErI?{tl!(JWSDXxco7X8WI-6K;9Z-h&~kIv?$!6<k(g(xee?
z53>0v%O_j{QYWG!R9W?5_b&67KB$t}&e2LdMvd(PxN6Ir!H4>PNlerpBL>Zvyy!yw
z-SOo8caEpDt(}|gKPBd$qND5#a5nju^O>V&;f890?yEOfkSG^HQVmEbM3Ugzu+UtH
zC(INPDdraBN?P%kE;*Ae%Wto&sgw(crfZ#Qy(<4nk;S|hD3j{IQRI6Yq|f^basLY;
z-HB&Je%Gg}Jt@={_C{L$!RM;$$|<j7k-g{75e!h)4SlFvEZ*AkqrJI;EWu$Zx+OwM
zm{5Yk>iD6vu#3w?v?*;&()uB|I-XqEKqZPS!reW9JkLewLb!70T7n`i!gNtb1%vN-
zySZj{8-1>6E%H&=V}LM#xmt`J3XQoaD|@XygXjdZ1+P77-=;=eYpoEQ01B@L*a(uW
zrZeZz?HJsw_4g0vhUgkg@VF8<-X$B8pOqCuWAl28uB|@r`19DTUQQsb^pfqB6QtiT
z*`_UZ`fT}vtUY#%sq2{rchyfu*pCg;uec2$-$N_xgjZcoumE5vSI{+s@iLWoz^Mf;
zuI8kDP{!XY6OP~q5}%1&L}CtfH^N<3o4L@J@zg1-mt{9L`s^z$Vgb|mr{@WiwAqKg
zp#t-lhrU>F8o0s1q_9y`gQNf~Vb!F%70f}$>i7o4ho<sjDlFD=G`r<7$U?bJN+x5S
z@0&tQ=-XO1uDq(HCa$X)-l<u1!s<!W`30F78UcZaZKc8)G0af1Dsh%OOWh5)q+Q+n
zySBnE+3;9^#)U#Gq);&Cu=mtjNpsS~S0yjE@m4{Kq525G&cO_+b-_B$LeXWt_@XTq
z`)(;=^RDS@oh5dPjKyGAP?-Dbh507E5zZ=D2_C*6s^HXiA)B3f=65_M+rC&rMIUP6
zi4@u>$`uciNf=xgJ>&!gSt0g;M>*x4-`U)ysFW&Vs^Vk6m%?iuWU+o&m(2Jm26<Ea
z?or_^bK_`R)hBTfrBqA3Y^o7$K~Nzo)sh-vT%yWcc1I5wF1nkvk%!X_Vl_MK1IHC=
zt}Dt+sOmg0sH-?}kqNB|M_}ZXui7H;?;?xCCSIPSHh8@h^K8WU5X(!3W|>Y(3%TL;
zA7T)BP{WS!&xmxNw%J=$MPfn(9*^*TV;$JwRy8Zl*yUZi8jWYF>==j~&S|Xinsb%c
z2?B+kpet*muEW7@AzjBA^wAJBY8i|#C{WtO_or&Nj2{=6JTTX05}|H>N2B|Wf!*3_
z7hW*j6p3TvpghEc6-wufFiY!%-GvOx*bZrhZu+7?iSrZL5q9}igiF^*R3%DE4aCHZ
zqu>xS8LkW+Auv%z-<1Xs92u23R$nk@Pk}MU5!gT|c7vGlEA%G^2th&Q*zfg%-D^=f
z&J_}jskj|Q;73NP4<UD^T*M!yxMr=U!@&!rJfydk7CE7PGb<{)^=nM9Le#FQ=GkV~
z)_A$YPAn35??iNa@`g-wBX><4k*Y%pXPU2Thoqr+5uH1yEYM|VtBPW6lXaetokD0u
z9qVek6Q&wk)tFbQ8(^HGf3Wp16gKmr>G;#G(HRBx?F`9AIRboK+;OfHaLJ(P>IP0w
zyTbTkx_THEOs%Q&aPrxbZrJlio+hCC_HK<4%f3ZoSAyG7Dn`=X=&h@m*|UYO-4Hq0
z-Bq&+Ie!S##4A6OGoC~>ZW`Y5J)*ouaFl_e9GA*VSL!O_@xGiBw!AF}1{tB)z(w%c
zS1Hmrb9OC8>0a_$BzeiN?rkPLc9%&;1CZW*4}CDDNr2gcl_3z+WC15&H1Zc2{o~i)
z)LLW=WQ{?ricmC`G1GfJ0Yp4Dy~Ba;j6ZV4r{8xRs`13{dD!xXmr^Aga|C=iSmor%
z8hi|pTXH)5Yf&v~exp3o+sY4B^^b*eYkkCYl*T{*=-0HniSA_1F53eCb{x~1k3*`W
zr~};p1A`k{1DV9=UPnLDgz{aJH=-LQo<5%+Em!DNN252xwIf*wF_zS^!(XSm(9eoj
z=*dXG&n0>)_)N5<wxn0{TP0tnD=JAzVUcIUoR85Xt>oc6v!>-bd(2ragD8O=M|wGW
z!xJQS<)u70m&6OmrF0WSsr@I%T*c#Qo#Ha4d3COcX+9}hM5!7JIGF>7<~C(Ear^Sn
zm^ZFkV6~Ula6+8S?oOROOA6$C&q&dp`>oR-2Ym3(HT@O7Sd5c~+kjrmM)YmgPH*tL
zX+znN>`tv;5eOfX?h{AuX^LK~V#gPCu=)Tigtq9&?7Xh$qN|%A$?V*v=&-2F$zTUv
z`C#WyIrChS5|Kgm_GeudCFf;)!WH7FI60j^0o#65o6`w*S7R@)88n$1nrgU(oU0M9
zx+EuMkC>(4j1;m6N<sS-ys^qbJhGY7%0ZoC7dK=j7bGdau`J`{>oGqEkpJYJ?vc|B
zOlwT3<tNmX!mXZdsEW2s2`|?DC8;N?2tT*Lfq)F*|4vf>t&UgL!pX_P*6g36`ZXQ;
z9~Cv}ANFnJGp(;ZhS(@FT;3e)0)Kp;h^x;$*xZn*k0U6-&Fw<BqOnDKEdld8!Qk{Z
zjI1+R_ciEqL3CLOv$+J~YVpzIy`S&V{koIi$Lj}ZFEMN=!rL1?_EjSryIV+OBiiJ-
zIqT$oSMA>I=uOGaODdrsp-!K$Ac32^c{+FhI-HkYd5v=`PGsg%6I`4d9Jy)uW0y%)
zm&j^9WBAp*P8#kGJUhB!L?a%h$hJgQrx!6KCB_TRo%9{t0J7KW8!o1B!NC)VGLM5!
zpZy5Jc{`r{1e(jd%jsG7k%I+m#C<kI0i<ajCqQC!(pKlSsMl7M2N^mP%W`BGKb?hm
zBK`pddcg5+WhE#$46+K<Z!1CW-hZdo7hAw13ZUVqwW*}&ujL=eh{m~phuOy=JiBMN
z7FaCUn6boJ!M=6PtLN6%cveGkd12|1B{)kEYGTx#IiMN&re0`}NP-_{E-#FxOo3*P
zkAXSt{et292KfgGN`AR|C`p{MRpxF-I?+`ZY1Vsv>GS*BPA65ZVW~fLYw0dA-H_}O
zrkGFL&P1PG9p2(%Qi<evvBkNEkQkM%A>EWm6x;U-U&I#;Em$nx-_I^wtgw3xUPVVu
zqSuKnx&dIT-XT+T10p;yjo1Y)z(x1fb8Dzfn8e&#9yu?e%!_ptzGB|8GrCfu%p?(_
zQccdaaVK$5bz;*rnyK{_SQYM>;aES6Qs^lj9lEs6_J+%nIiuQC*fN;z8md>r_~Mfl
zU%p5Dt_YT>gQqfr@`cR!$NWr~+`CZb%dn;WtzrAOI>P_JtsB76<bUr7Lsb65vEd}g
z5JhMCmn#UeH#6Cew?bxogM)$x5ed{E)%2nWY5rb@Clvh$(JzQ#!CsQ(2I4QnhDDJ^
zYL%2bf8?`y)Ro=x{(dw<4^)(H^z7~3nfYFh-r7yBBb=l3V8dE-Dr&a%qs<OYcajo2
z(4Nw|k5_OQ@6zHmcIK%waj!yoZT(S1YlEFN?8-_lp9nf>PYe*<%H(y>qx-`Kq!X_;
z<{RpAqYhE=L1r*M<cT6p|4(5fVa-WIh|@AphR|cJ1`?N>)gNF3B8r(<%8mo*SR2hu
zccLRZwGARt)H<F*kMvg%oJV~29ud_q>lo1euqTyM>^!HK*!Q2P;4UYry<i)yWXzKa
zM^_qppY~vnIrhL_!;Z9msXMZTTwR{e`yH5t=HdD1Pni7?LqOpLoX}u5n5RfkGBvQ1
z@cdMeR4T6rp^S~>sje@;(<|$&%vQekbn|0Ruu_Io(w4#%p6ld2Yp7tlA`Y$cciThP
zKzNGIMPXX%&Ud0uQh!uQZz|FB`4KGD?3!ND?wQt6!n*f4EmCoJUh&b?;B{|lxs#F-
z31~HQ`SF4x$&v00@(P+j1pAaj5!s`)b2RDBp*PB=2IB>oBF!*6vwr7Dp%zpAx*dPr
zb@Zjq^XjN?O4QcZ*O+8>)|HlrR>oD*?WQl5ri3R#2?*W6iJ>>kH%KnnME&TT<gNU{
zn$Veg044#l=Z-&wsmEZhnw7IwT7Cd}hiZ%ke)-GzAR-Dt6)8Cb6>@Z<Y-SEE^OC5H
z=$M0HjdWR5p?n;s9OTXrEa1eGt}G;Eu)ifSop!$z#6V<>zrHS$Q%LC?n|e>V+D+8D
zYc4)QddFz7I8#}y#Wj6>4P%34dZH<AWj}HgE@5&D9Ra@o(Km_Gm}5Zb61p%9mDz1%
zya$Vd!_U~pDN*Y5%lo}-K~}4&F)rTjJ7uGyV@~kB-XNrIGRiB=UrNxJtX;JHb(EyQ
z{!R%v{vC7m|L3bx6lCRb7!mP~Is!r!q&OXpE5nKnH3@l({o}PrL`o>~OUDb?uP%-E
zwjXM(?Sg~1!|wI(RVu<h{6ESg9k500(D<HXwz52OGq(JEKS2CJR}8N&E-#%vhhaRN
zL#Q6%yUcel+!a#~g&e7w4$3s62d$Dv;SxCxhT}>xbu)-rH+O=igSho_pDCw(c6b=P
zKk4ATlB?bj9+HHlh<_!&z0rx13K3ZrAR8W)!@Y}o`?a*JJsD+twZIv`W)@Y?Amu_u
zz``@-e2X}27$i(2=9rvIu5uTUOVhzwu%mNazS|lZb&PT;XE2|B&W1>=B58#*!~D&)
zfVmJGg8UdP*fx(>Cj^?yS^zH#o-$Q-*$SnK(ZVFkw+er=>N^7!)FtP3y~Xxnu^nzY
zikgB>Nj0%;WOltWIob|}%lo?_C7<``a5hEkx&1ku$|)i>Rh6@3h*`slY=9U}(Ql_<
zaNG*J8vb&@zpdhAvv`?{=zDedJ23TD&Zg__snRAH4eh~^oawdYi6A3w8<<tS1{)`*
zH!u#2_lf&B)x2)tE$?4|aMAYUFZ{|Se7->Ozh@Kw)<E~4fKYaJ{OS+>#bdktM^GVb
zrG08?0bG?|NG+w^&JvD*7LAbjED{_Zkc`3H!My>0u5Q}m!+6VokMLXxl`Mkd=g&Xx
z-a>m*#G3SLlhbKB!)tnzfWOBV;u;ftU}S!NdD5+YtOjLg?X}dl>7m^gOpihrf1;PY
zvll&>dIuUGs{Q<Ww4SS<E23Sm*si$^C!!snD|AFym<+q$`*o0wokE?J{^g?f3>nd-
zwIR3oIrct8Va^Tm0t#(bJD7c$Z7DO9*7NnRZorrSm`b`cxz>OI<bVZt$VQ!oMxCu0
zbb7D5OIXV5Ynn@Y6)HLT=1`a=nh7{ee{vr<=$>C;jSE3DO8`hX955ui`s%||YQtt2
z5DNA&pG-V+4oI2s*x^>-$6J?p=I>C|9wZF8z;VjR??Icg?1w2v5Me+FgAeGGa8(3S
z4vg*$>zC-WIVZtJ7}o9{D-7d>zCe|z#<9>CFve-OPAYsneTb^JH!Enaza#j}^mXy1
z+ULn^10<XTm*l1Jg2Z;UvGEN!6Wq%I@OP4p{k`RNRKlKFWPt_of11^Gr%_Mg*mVP3
zm?)&3I719~aYcs)TY&q^$zmQ=xoC++VJH@~YG6>+rWLF6j2>Ya@@Kq?26>AqK{A_|
zQKb*~F1>sE*=d?A?W7N2j?L09_7n+H<SF8|SM#pTc9|9|rf1w*m4Y0Vdj643qA#D|
z!hJzb_-}IrrhkWr{zk_YC%(c-)UJl6Ma!mcbvj&~#yN-UhH?ZQ3TPq4hTVQ$(?eJ6
zNfJ_K+VJDBXN=l!7{2}lq?-$`fq|e&PEONfZDU<_SM+s2_3$vT_yqV<R&KG=K{zS}
zKQF$?mYsg%vV|E_E=a*SL!`7*AeN6GMVDXC59yPgi$F2!7&8e}EyHVLwCm{i%<pN!
zdc`SbZK}JQj7?6K&|261iHrsnVjdhxu_l_NKs&yy#;#^%8?Jlg`wcTlNZ3urUtEYd
zsFE!K0}Eg39)z+J6mLW)#Kn<ok4*6AAE=n*vh*;TpgGnnM|npykFpO|a0`4#SjP^b
z2<JG#Qk^#3FeFS`0eooK9|wEmCcvRKI*~6mamFTd^UW9Eg4!J4N9qz*C$3a#F;Sad
zi#o9LaqNG5TsiT<`SDtY^`)zkYx$(C5;&K9#(Zj}HolT_st~#C`VS8q%#q1)HN+hT
zz9IjVUdZNIp@;b88oR`~DvQL_zmsBy>Gi{VY;MoTGr_)G9)ot$p!-UY5zZ2Xtbm=t
z@dpPSGw<TLTZo~Zyx(+AKWvR~{L4S^5I;5+QT9bcQ-4cC{QnLfRBf&Pov~kv@`W6V
zA|h{EGx|7msvR1t`a-jF$JZ>gH=QtIcEulQNI>S-#ifbnO5EWkI;$A|pxJd885oM+
zGZ0_0gDvG8q2xebj+fbCHYfAXuZStH2j~|d^sBAzo46(K8n59+T6rzBwK)^rfPT+B
zyIFw)9YC-V^rhtK`!3jrhmW-sTmM+tPH+;nwjL#-SjQPUZ53L@A>y*rt(#M(qsiB2
zx6B)dI}6Wlsw%bJ8h|(lhkJVogQZA&n<jl%@&gd%^X|lsDQwDHEiKLCz}r`kC^h0t
z(!vYS%C)Ku?w$ti5R##9jSkNC#5)Juc{8XfEhczdGQy8yNrZL6+d0~%V=N|iF{V)E
zLT(gH!$j8Mf(1>{?Vgs6gNSXzuZpEyu*xySy8ro07QZ7Vk1!3tJphN_5V7qOiyK8p
z#@jcDD8nmtYi1^l8ml;AF<#IPK?!pqf9D4moYk>d99Im}Jtwj6c#+A;f)CQ*f-hZ<
z=p_T86jog%!p)D&5g9taSwYi&e<jP@@Q_fbXtVO&n9{e#)jg+D#~q=hoZ<9PIa)>P
z#JuEK%+NULWus;0w32-SYFku#i}d~+{Pkho&^{;RxzP&0!RCm3-9K6`>KZpnzS6?L
z^H^V*s!8<>x8bomvD%rh>Zp3>Db%kyin;qtl+jAv8Oo~1g~mqGAC&Qi_wy|xEt2iz
zWAJEfTV%cl2Cs<1L&DLRVVH05EDq`pH7Oh7sR<WSzBWU(MxAIA&4v~INVdLKA><BK
zwCgTxJU0mM{;1UV<^ZRk0SQNNN(;SRZsH7^EDWVUu%^mFfvW{m5jOQuQWSy`f586I
zTj}Z4e5WsvkNmBd`TJdfe=^>`NNkL%wi}8n>IXcO40hp+J+sC!W?!krJf!GJNE8uj
zg-y~Ns-<~D?yqbzVRB}G>0A^f0!^N7l=$m0OdZuqA<e9rzV|ixGyk9uS=Vov2_ECA
z^Sd0M$B)O&tv@%@UmTb%ngcl58ED9TyFp$y4JjFU+g+9EWUl?am<e#4uCGy9Tmt)z
z2Y|kWUahugFHsF<J6o!<?X(Ncsy&Wg9<QLPD}g-`PWGHWDY5P6;<Y+5J1vz2Z|PSy
zBN?Q^NkxnWq>OQq<EC8_d&#T2smn`YINd-HF@)Op)pBRHnx+Q|Hsv_BpWAPsT1>Lc
zX?AEGr1Ht+inZ-Qiwnl@Z0qukd__a!C*CKuGdy5#nD7VUBM^6OCpxCa2A(X;e0&V4
zM&WR8+wErQ7UIc6LY~Q9x%Sn*Tn>>P`^t&idaOEnOd(Ufw#>NoR^1QdhJ8s`h^|R_
zXX`c5*O~Xdvh%q;7L!_!ohf$NfEBmCde|#uVZvEo>OfEq%+Ns7&_f$OR9xsihRpBb
z+cjk8LyDm@U{YN>+r46?nn{7Gh(;WhFw6GAxtcKD+YWV?uge>;+q#Xx4!GpRkVZYu
zzsF}1)7$?%s9g9CH=Zs+B%M_)+~*j3L0&Q9u7!|+T`^O{xE6qvAP?XWv9_MrZKdo&
z%IyU)$Q95AB4!#hT!_dA>4e@zjOBD*Y=XjtMm)V|+IXzjuM;(l+8aA5#Kaz_$rR6!
zj>#&^DidYD$nUY(D$mH`9eb|dtV0b{S>H6FBfq>t5`;OxA4Nn{J(+XihF(stSch<f
zIn>e7$es&~N$epi&PDM_N`As;*9D^L==2Q7Z2zD+CiU(|+-kL*VG+&9!Yb3LgPy?A
zm<g7T4Wx!m(zMlVE_2jX$1$$5DcfL6>7Z&^qRG_JIxK7-FBzZI3Q<;{`DIxtc48k>
zc|0dmX;Z=W$+)qE)~`yn6MdoJ4co;%!`ddy+FV538Y)j(vg}5*k(WK)KWZ3WaOG!8
z!syGn=s{H$odtpqFrT#JGM*utN7B((abXnpDM6w56nhw}OY}0TiTG1#f*VFZr+^-g
zbP10`$LPq_;PvrA1XXlyx2uM^mrjTzX}w{yuLo-cOClE8MMk47T25G8M!9Z5ypOSV
zAJUBGEg5L2fY)ZGJb^E34R2z<C?_X1)4xsl9%Z|w&L9k!F(V>J?}Vf>{~gB!8=5Z)
z9y$>5c)=;o0HeHHSuE4U)#vG&KF|I%-cF6f$~pdYJWk_dD}iOA>iA$O$+4%@>JU08
zS`ep)$XLPJ+n0_i@PkF#ri6T8?ZeAot$6JIYHm&P6EB=BiaNY|aA$W0I+nz*zkz_z
zkEru!tj!QUffq%)8y0y`T&`fuus-1p>=^hnBiBqD^hXrPs`PY9tU3m0np~rISY09>
z`P3s=-kt_cYcxWd{de@}TwSqg<T-v~${38)1dqT{JCO5}Gk$$yZP*X!5)RaGFqqkZ
zeHhqUgXb37$91~LS-3Zi29CKKki0sBTh7unqEK$%FG?oo$Sp>*xVhp;E9zCsnXo6z
z?f&Sv^U7n4`xr=mXle94HzOdN!2kB~4=%)u&N!+2;z6UYKUDqi-s6AZ!haB;@&B`?
z_TRX0%@suz^TRdCb?!vNJYPY8L_}&07uySH9%W^Tc&1pia6y1q#?*Drf}GjGbPjBS
zbOPcUY#*$3sL2x4v_i*Y=N7E<UbOmi3K%)5<dOJui+{^+b*shA_w8&X4_Icv*!}kT
zW@BG{C%f{(K^kE?tjU`Led*kAj6wB_3f*UyIEV0T9TyMo4`NS;oA7Ec+71eFa;K|G
zCyaKKi1bvX9fTLQ+uAgF*@ZR8fB%|JlT8A-jK$7FMyxW>$mR}J%|GUI(>WEr+28+V
z%v5{#e!UF*6~G&%;l*q*$V?&r$Pp^sE^i-0$+RH3ERUUdQ0>rAq2(2QAbG}$y{de(
z>{qD~GGuO<V3ijl7+~xmS#nUvH{qF0*%7G(r|}BSXsu}HwrFbXWzcYJouIY*34axA
z(n@XsPrv%6;|GSbkH9Og>k559Y@%$?N^1ApVL_a704>8OD%8Y%8B;FCt%AoPu8*D1
zLB5X>b}Syz81pn;xnB}%0FnwazlWfUV<Vu@5P52pgIa+J{M)H4nAC<>)Z-~rZg6~b
z6!9J$EcE&sEbzcy?CI~=boWA&eeIa%z(7SE^qgVLz??1Vbc1*aRvc%Mri)AJaAG!p
z$X!_9Ds;Zz)f+;%s&d<S0a>RcJt2==P{^j3bf0M=nJd&xwUGlUFn?H=2W(*2I2Gdu
zv!gYCwM10aeus)`RIZSrCK=&oKaO_Ry~D1B5!y0R=%!i2*KfXGYX&gNv_u+n9wiR5
z*e$Zjju&ODRW3phN925%S(jL+bCHv6rZtc?!*`1<n2%>TyYXT6%Ju=|X;6D@lq$8T
zW{Y|e39ioPez(pBH%k)HzFITXHvnD6hw^lIoUMA;qAJ^CU?top1fo@s7xT13Fvn1H
z6JWa-6+FJF#x>~+A;D~;VDs2<i>6>^oH0EI`IYT2iagy23?nyJ==i{g4%HrAf1-*v
zK1)~@&(KkwR7TL}L(A@C_S0G;-GMDy=MJn2$FP5s<%wC)4jC5PXoxrQBFZ_k0P<n-
z??iM<JF!BTjD>{{s@<jPT1+pTPdk3<izB+}jAtjokIz)aPR$L&4%}45Et}?jz0w{(
zC4G}+Nu0D*w=ay`v91hMo+V&V8q(a!`~K-2<yR0H)sK+mcY?TAaSS8F<Q+!pSc;`*
z*c@5)+ZpT%-!K3O=Z0(hI8LH7KqK>sz+gX`-!=T8rcB(=7vW}^K6oLWMmp(rwDh}b
zwaGGd>yEy6fHv%jM$yJXo5oMAQ>c9j`**}F?MCry;T@47@r?&sKHgVe$MCqk#Z_3S
z1GZI~nOEN*P~+UaFGnj{{Jo@16`(qVNtbU>O0Hf57-P>x8Jikp=`s8xWs^dAJ9lCQ
z)GFm+=OV%AMVqVATtN@|vp61VVAHRn87}%PC^RAzJ%JngmZTasWBAWsoAqBU+8L8u
z4A&Pe?fmTm0?mK-BL9t+{y7o(7jm+RpOhL9Kn<D3v{}Wpv2i&ghEZe;t&DmOA_QYc
zM+NIUU}=*bkxOJsLKV3e^oGG8rufTpa8R~7Iki1y+fC(UT;;{l19@qfxO@0^!xMA?
z#|<YBZ6;vAb>Y#E&qu^}B6=K_dB}*VlSEiC9fn)+V=J;OnN)Ta5v66ic1rG+dGAJ1
z1%Zb_+!$=tQ~lxQrzv3x#CPb?CekEkA}0MYSgx$Jdd}q8+R=ma$|&1a#)TQ=l$1tQ
z=tL9&_^vJ)Pk}EDO-va`UCT1m#Uty1{v^A3P~83_#v^ozH}6*9mIjIr;t3Uv%@VeW
zGL6(CwCUp)Jq%G0bIG%?{_*Y#5IHf*5M@wPo6A{$Um++Co$wLC=J1aoG93&T7Ho}P
z=mGEPP7Gb<mBTnJH7dKM2CB)0*o-AW2E4i5R+rHU%4A2BTVwOqj4zmJqsb|5^*{DT
zv^HFARK6@^_1|vU{>voG!uD$k(H3A$Z))+i{Hy?QHdk>3xSBXR0j!11O^mEe9RH<y
zF3MI;^J1vHI9U>mw!pvzv?Ua~2_l2Yh~_!s1qS`|0~0)<BWX>YsbHSz8!mG)WiJE|
z2<APmuYD%tKwB@0u<C~CKyaC}XX{?mylzkDSuLMkAoj?zp*zFF7q515SrGD~s}ATn
z`Ded41yk>f($6TQtt6L_f~ApQYQKSb=`053LgrQq7G@98#igV>y#i==-nEjQ!XNu9
z<h*hnP2Pol+z>~;mE+gtj4IDDNQJ~JVk5Ux6&LCSFL!y=>79kE9=V}J7tD==Ga+IW
zX)r7>VZ9dY=V&}DR))xUoV!u(Z|%3ciQi_2jl}3=$Agc<a_3#EUXJj<z2jVv6VHGT
zV^v1FiRwA!kPmt}m$qdr&9#-6{QeZqtM3|tRl$sws3Gy`no`Kj@X-)O(^sv>(`RPb
z8kEBpvY>1FGQ9W$n>Cq=DIpski};nE)`p3IUw1Oz0|wxll^)4dq3;CCY@RyJgFgc#
zKouFh!`?Xuo{IMz^xi-h=StCis_M7y<P{h0$_I#EukRYag9%BMRXh|%Xl7C<>q$u)
z?XHvw*HP0VgR+KR6wI)jEMX|ssqYvSf*_3W8zVTQzD?3>H!#>InzpSO)@SC8q*ii-
z%%h}_#0{4JG;Jm`4zg};BPTGkYamx$Xo#O~lBirRY)q=5M45n{GCfV<Kqrcu9<z@R
zSE>7h9qwyu1NxOMoP4)jjZMxmT|IQQh0U7C$EbnMN<3)Kk?fFHYq$d|ICu>KbY_hO
zTZM+uKHe(cIZfEqyzyYSUBZa8;Fcut-GN!HSA9ius`lt<SmSV9vasBl&hE7ciOunD
z?%e1Hl-5B3e+<+8CD{j5U*D3h89nV<zn^0g+t=uRKgZiGu)3h;vu#^y`HqWe_=jGm
zW2p}*n<!QH%pQ2EV`&z|LD#BOpj0QS9R5#$q}3&-+@GL4F^wO-bcSo|J^I_{LATPF
z2$`fUCOO=XxYVD!<7Yz4te$d-_>NebF46ZX_BbZNU}}ZOm{M2&nAN<H$fJIKS=j8q
zwXlN!l^_4>L9@0qvih15(|`S~z}m&h!u4x~(%MAO$jHRWNfuxWF#B)E&g3ghSQ9|>
z(MFaLQj)NE0lowyjvg8z0#m6FIuKE9lDO~Glg}nSb7`~^&#(Lw{}GVOS>U)m8bF}x
zVjbXljBm<v)#bs=9p`s>34Cs-yM6TVusr+3kYFjr28STT3g056y3cH5Tmge~ASxBj
z%|yb>$eF;WgrcOZf569sDZOVwoo%8>XO>XQOX1OyN9I-SQgrm;U;+#3OI(zrWyow3
zk==|{<m8xZ#>lt2xrQ%FIXOTejR>;wv(Pb8u8}BUpx?yd(Abh<shPyABw|Ens8m6@
zIg($GO4)<g4x5icbki?U&2%56@tYd`zRs}Nk6R~4!AjVAihB3r8oDhQ8f)v^r}|(y
z4B&Q<ARRqYXKQGAeJa_KHe`)04jUO~B=%q#SUlU@pU?apz0v{Al@s`Cvzo)u;2>6?
zsoO3VYWkeLnF43&@*#MQ9-i-d0t*xN-UEyNKeyNMHw|A(k(_6QKO=nKMCxD(W(Yop
zsRQ)QeL4X3Lxp^L%wzi2-WVSsf61dqliPUM7srDB?Wm6Lzn0&{*}|IsKQW;02(Y&|
zaTKv|`U(pSzuvR6Rduu$wzK_W-Y-7>7s?G$)U}&uK;<>vU}^^ns@Z!p+9?St1s)dG
zK%y6xkPyyS1$~&6v{kl?Md6gwM|>mt6Upm>oa8RLD^8T{0?HC!Z>;(Bob7el(DV6x
zi`I)$&E&ngwFS@bi4^xFLAn`=fzTC;aimE^!cMI2n@Vo%Ae-ne`RF((&5y6xsjjAZ
zVguVoQ?Z9uk$2ON;ersE%PU*xGO@T*;j1BO5#TuZKEf(mB7|g7pcEA=nYJ{s3vlbg
zd4-DUlD{*6o%Gc^N!Nptgay>j6E5;3psI+C3Q!1ZIbeCubW%w4pq9)MSDyB{HLm|k
zxv-{$$A*pS@csolri$Ge<4VZ}e~78JOL-EVyrbxKra^d{?|NnPp86!q>t<&IP07?Z
z^>~IK^k#OEKgRH+LjllZXk7iA>2cfH6+(e&9ku5poo~6y{GC5>(bRK7hwjiurqAiZ
zg*DmtgY}v83IjE&AbiWgMyFbaRUPZ{lYiz$U^&Zt2YjG<%m((&_JUbZcfJ22(>bi5
z!J?<7AySj0JZ&<-qXX;mcV!f~>G=sB0KnjWca4}vrtunD^1TrpfeS^4dvFr!65knK
zZh`d;*VOkPs4*-9kL>$GP0`<?hW@{z#_gXtp%=2VbN+$~z+M($Vf(dl@)t-*82<$(
zHi{FrD1wO9L~*Rc0{A2WU%f?ar(T9V1JpQ?M0Q|&{UES|#Z~k2-mj@z)8Rw^(XeYc
zomT(B0EF!##4dQq_*NN<%Bo5)&+gCXSGZo`b>(M!j~B;#x?Ba<KDM~HJ!|Zzy=p2e
z8;av`GLw{_*RgO(W|UK-<iDeT!t_x1c=M3%wGk|fDk<e0lLe8-5ga6apKYJD`*a3G
zBl?Ps)hDb7X`7bW5S=IHr0Mm?fr|$zCf+gmZUrit$5n+)JZG>~&s6CopvO86oM?-?
zOw#dIRc;6A<R&%m3DDJhF+|tb*0Yw8mV{a-bf^E~gh66MdsMHkog<r9`fVIVE+h@O
zi)iM`rmA-Fs^c=>6T?B`Qp%^<<Dyu<%Kg0H=lq;E!p&UHzSpD1)q%^v)Y8yQkp>U5
z19x(ywSH$_N+Io!6;e?`tWaM$`=D<O;$E>b!gzx|lQ${DG!zb1Zl&|{kX0y6xvO1o
z220r<-oaS^^R2pEyY;=Qllqpmue|5yI~D|iI!IGt@iod{Opz@*ml^w2bNs)p`M(Io
z|E;;m*Xpjd9l)4G#KaWfV(t8YUn@A;nK^#xgv=LtnArX|vWQVuw3}B${h+frU2>9^
z!l6)!Uo4`5k`<<;E(ido7M6lKTgWezNLq>U*=uz<KVOwgK<qq^3FEy1LAV}ep3|Zt
z>&s=cc$1%>VrAeOoUtA|T6gO4>UNqsdK=NF*8|~*sl&wI=x9-EGiq*aqV!(VVXA57
zw9*o6Ir8Lj1npUXvlevtn(_+^X5rzdR>#(}4YcB9O50q97%rW2me5_L=%ffYPUSRc
z!vv?Kv>dH994Qi>U(a<0KF6NH5b16enCp+mw^Hb3Xs1^tThFpz!3QuN#}KBbww`(h
z7GO)1olDqy6?T$()R7y%NYx*B0k_2IBiZ14&8|JPFxeMF{vSTxF-Vi3+ZOI=Thq2}
zyQgjYY1_7^ZQHh{?P))4+qUiQJLi1&{yE>h?~jU%tjdV0h|FENbM3X(KnJdPKc?~k
zh=^Ixv*+smUll!DTWH!jrV*wSh*(mx0o6}1@JExzF(#9FXgmTXVoU+>kDe68N)dkQ
zH#_98Zv$}lQwjKL@yBd;U(UD0UCl322=pav<=6g>03{O_3oKTq;9bLFX1ia*lw;#K
zOiYDcBJf)82->83N_Y(J7Kr_3lE)hAu;)Q(nUVydv+l+nQ$?|%MWTy`t>{hav<vVD
zHx;qQ>FSQloHwiIkGK9YZ79^9?AZo0ZyQlVR#}lF%dn5n%xYksXf8gnBm=wO7g_^!
zauQ-bH1Dc@3ItZ-9D_*pH}p!IG7j8A_o<ZOCWxl^<k=*NA9oUpW$0D`yCb}VfC~vb
z4IkfiRDM@RHlIGG_SRrrd~6$XYP~2Y^<fekveOOZRCv69S{4_se`>94#~>$LR|TFq
zZ-b00*nuw|-5C2lJDCw&8p5N~Z1J&TrcyErds&!l3$eSz%`(*izc;-?HAFD9AHb-|
z>)id`QCrzRws^9(#&=pIx9OEf2rmlob8sK&xPCWS+nD~qzU|qG6KwA{zbikcfQrdH
z<yJStD<g^`?^d44p$8FFXwD2dL810^xg@~^x$C_H#3NSLs8fBVu~K)3BMKCOp^;|&
zKPz+s!|fXFr%*`Dg*#A{!QB-jnah3y4$Pe0L2%RM)706&eqyFTNAO2gMd<bcjBp>+
zQg>O<`K4L8rN7`GJB0*3<3`z({lWe#K!4AZLsI{%z#ja^OpfjU{!{)x0ZH~RB0W5X
zTwN^w=|nA!4PEU2=LR05x~}|B&ZP?#pNgDMwD*ajI6oJqv!L81gu=KpqH22avXf0w
zX3HjbCI!n9>l046)5rr5&v5ja!xkKK42zmqHzPx$9Nn_MZk`gLeSLgC=LFf;H1O#B
zn=8|^1iRrujHfbgA+8i<9jaXc;CQBAmQvMGQPhFec2H1knCK2x!T`e6soyrqCamX%
zTQ4dX_E*8so)E*TB$*io{$c6X)~{aWfaqdTh=xEeGvOAN9H&-t5tEE-qso<+C!2>+
zskX51H-H}#X{A75wqFe-J{?o8Bx|>fTBtl&tc<VVc3-U5wTq>bdR|<Uon(X?ZiT<<
zWC=zLEjacGDZ|?>132Ztqu5X0i-pisB-z8n71%q%>EF}yy5?z=Ve`}hVh{Drv1YWL
zW=%ug_&chF11gDv3D6B)Tz5g<uwqk#dj|RK7gNl@*lm*xHRBk*7MnT4(@7VIDfO0u
zB?1X+)GR^0j1A{Q#WUmQX%LN=W?aGzO$5=2@yxjXBzxbGO*{DYkV!aJ!$~-FNzvt;
z?r)HU;0!4T-%vWzAiHJ?*-ivIq!#dErMvhpJJ^QyZ5n0qmMn+}I>54H0mDHNj<FD1
z&CIP+ZDDy<;b2`JW=0_p9c4p<zwE30JFgdhO2HQiMRBb%Y9ZJ>uKZ+)CKFk4Z|$RD
zfRuKLW`1B>B?*RUfVd0+u8h3r-{@fZ{k)c!93t1b0+Q9vOaRnEn1*IL>5Z4E4dZ!7
ztp4GP-^1d>8~LMeb}bW!(aAnB1tM_*la=Xx)q(I0Y@__Zd$!KYb8T2VBRw%e$iSdZ
zkwdMwd}eV9q*;YvrBFTv1>1+}{H!JK2M*C|TNe$ZSA>UHKk);wz$(F$rXVc|sI^lD
zV^?_J!3cLM;GJuBMbftbaRUs$;F}HDEDtIeHQ)^EJJ1F9FKJTGH<(Jj`phE6OuvE)
zqK^K`;3S{Y#1M@8yRQwH`?kHMq4tHX#rJ>5lY3DM#o@or4&^_xtBC(|JpGTfrbGkA
z2Tu+AyT^pHannww!4^!$5?@5v`LYy~T`qs7SYt$JgrY(w%C+IWA;ZkwEF)u5sDvOK
zGk;G>Mh&elvXDcV69J_h02l&O;!{$({fng9Rlc3ID#tmB^FIG^w{HLUpF+iB`|<Dd
z$~}?*yaE3d3m&(}pR(IuL%&h+j{wz$6(l^GO8O{^N!08Gnw7N>NnX)EH+Nua)3Y(c
z&{(nX_ht=QbJ%DzAya}!&uNu!4V0xI)QE$SY__m)SAKcN0P(&JcoK*Lxr@P<Bj^D-
zi(H(l^zsWRcIm}YCou&G1we!7IMt1dAI3MKk4-3tybIvwniaUWp=||&s9lB&iptb>
zY&P=}&B3*UWNlc|&$Oh{BEqwK2+N2U$4WB7Fd|aIal`FGANUa9E-O)!gV`((ZGCc$
zBJA|FFrl<?%m-}hcKbonJcfriSKJrE#oY4SQUGFcnL~;J2>g~9OBp#f7aHodCe{6=
zay$6vN~zj1ddMZ9gQ4p32(7wD?(dE>KA2;SOzXRmPBiBc6g`eOsy+pVcHu=;Yd8@{
zSGgXf@%sKKQz~;!J;|2fC@emm#^_rnO0e<D`xKOl)v&1gxhN0@LroTIseY?HHF`U$
zRCxyayrK2fk|YppMxAKP{J=gze_dhnAkmEFp<%l9vvc1zcx#Lz*hP4TNeag4(W!Be
zM4c#}`np`hRl02rJ50(%WD@_u_Qk1TUrpL44g>sEn^QxXgJYd`#FPWOUU5b;9eMAF
zZhfiZb|gk8aJIw*YLp4!*(=3l8Cp{(%p?ho22*vN9+5NLV0TTazNY$B5L6UKUrd$n
zjbX%#m7&F#U?QNOBXkiiWB*_tk+H?N3`vg;1F-I+83{M2!8<^nydGr5XX}tC!10&e
z7D36bLaB56WrjL&HiiMVtpff|K%|*{t*ltt^5ood{FOG0<>k&1h95qPio)<rMG98B
zE?gDMmn^Zo(`Ek7uvNsnUgUfUfwFF7?z~>2`eL${YAGIx(b4VN*~nKn6E~SIQUuRH
zQ+5zP6jfnP$S0iJ<xI2U>@~t!Ai3o`X7biohl<ds?PbGDArmkAV12ldkGzY{P*80E
zF=Wk3w#9|J1dAeV)Rlk?%L=ol!+m5%A|(KP`fR=nD^&iHT@Z5DaZ(w0hqfh|V>i;E
zT#yXyl{bojG@-TGZzpdVDXhbmF%F9+-^YSIv|<!(knL3!Z+}F~)r$<ET0f@9KVjok
zfvU`%FUbk|yAc)S0rB`JBWTLd7hPAAqP2ltlwee5T}#_Gpbl80w-LA;|BD>MT1l3j
zrxOFq>gd2%U}?6}8mIj?M<N%?8n+3Rx8(2-`*c@op88}5-iqw*PHkqnj$k8#t^|g>
zc077Zc9fq(-)4+gXv?Az26IO6eV`RAJz8e3)SC7~>%rlzDwySVx*q$ygTR5kW2ds-
z!HBgcq0KON9*8Ff$X0wOq$`T7ml(@TF)VeoF}x1OttjuVHn3~sHrMB++}f7f9H%@f
z=|kP_?#+fve@{0MlbkC9tyvQ_R?lRdRJ@$qcB(8*jyMyeME5ns6ypVI1Xm*Zr{DuS
zZ!1)rQfa89c~;l~VkCiH<d?V{)&8(@3=6jm=fW<)H`CSQ9+iNwDH;4S!Xw4H9nux4
zKNscQ&OV9zHF_+cIJ=X)qIF;(!)}sl`hhO)dHz6nA0^W{a9q1^gzxvh-bS1(N273|
zq;PSR{n|+%3`+}9Q7}{mC7k)HXlUhkBKH%A@-sEx!4Mlk=^P1dtF=-lC3U?55B}ez
z`Fd)kItC)!X+F!>I|PCBd`S*2RLNQM8!g9L6?n`^evQNEwfO@&JJRme+uopQX0%Jo
zgd5G&#&{nX{o?TQwQvF1<^Cg3?2co;_06=~Hcb6~4XWpNFL!WU{+CK;>gH%|BLO<b
zgJpht0ltX3sE2RJAUcld5MW}&%<sw};dL~bdZ0?zVg~mRcaNBgUZe;8@DKXRQmlOf
zAIhHBNh=}LzcTdUnfgd6#GEx350bi`lb)LaBso2CW!*0Xe!UJNwIWeg)QXy=e3bwZ
zIJ8=;u}r&BGoF;ftQ-dJ!kBp#;lHIlNwC)v?OHP&#Mh~B%=jdgWQCSqpANGQEkG%n
zM?zk5@$%!-gPc55s943P-Mv1>h7@!hsa(>pNDAmpcuVO-?;Bic17R}^|6@8DahH)G
z!EmhsfunLL|3b=M0MeK2vqZ|OqUqS8npxwge$w-4pFVXFq$_EKrZY?BuP@Az@(k`L
z`<G71X#W|!P3Z{wEvg5Ob7@MbwprRM&*~yi*+R-9I8&p-;yM=Q)z$bTY1}y<i9f;W
zGBCz3n1=6)vV6bV+;GN8E|c1rg49&nk_(FLVA<i_4OxA`vE>ViQBSk`y+YwRT;&W|
z2e3UfkCo^uTA4}Qmmtqs+nk<f8_TTXgg$0%V(GO^t)<!()wOU}JKa$=7V(Fd-u5kW
zfKQU%n`CZ_1jFoAu|=do)|56^VkbaXtt)NlpAubGIJ@ET@k0K*McoNg@OCSSeKJ`(
z*rHh**zg=F3rmZ2ux+4MzedRxj4$W0VqcP)lO*|#;Iw4z!Gidd%|ry%SN>#gNr2W4
zTH%hhErhB)pkXR{B!q5P3-OM+M;qu~f>}IjtF%>w{~K-0*jPVLl?Chz&zIdxp}bjx
zStp&Iufr58FTQ36AHU)0+CmvaOpKF;W@sMTFpJ`j;3d)J_$tNQI^c<^1o<49Z(~K>
z;EZTBaVT%14(bFw2ob@?JLQ2@(1pCdg3S%E4*dJ}dA*v}_a4_P(a`cHnBFJxNobAv
zf&Zl-Yt*lhn-wjZsq<9<PjKts@j|?j*H<KG_l+Ikza{2Tyz(8wgaT$KKCTR@fUFh?
z9>v-IsXxAxMZ58C@e0!rzhJ+D@9^3~?~yllY^s$?&oNwyH!#~6x4gUrfxplCvK#!f
z$viuszW>MFEcFL?>ux*((!L$;R?xc*myjRIjgnQX7<gW>9@UPD$6Dz0jutM@7h_pq
z0Zr)#O<^y_K6jfY^X%A-ip>P%3saX{!v;fxT-*0C_j4=UMH+Xth(XVkVGiiKE#f)q
z%Jp=JT)uy{&}Iq2E*xr4YsJ5>w^=#-mRZ4vPXpI6q~1aFwi+lQcimO45V-JXP;>(Q
zo={U`{=_JF`EQj87Wf}{Qy35s8r1*9Mxg({CvOt}?Vh9d&(}iI-quvs-rm~P;eRA@
zG5?1HO}puruc@S{YNAF3vmUc2B4!k*yi))<5BQmvd3tr}cIs#9)*AX>t`=~{f#Uz0
z0&Nk!7sSZwJe}=)-R^$0{yeS!V`Dh7w{w5rZ9ir!Z7Cd7dwZcK;BT#V0bzTt>;@Cl
z#|#A!-IL6CZ@eHH!CG>OO8!%G8&8t4)Ro@}USB*k>oEUo0LsljsJ-%5Mo^MJF2I8-
z#v7a5VdJ-Cd%(a+y6QwTmi+?f8Nxtm{g-+WGL>t;s#epv7ug>inqimZCVm!uT5Pf6
ziEgQt7^%xJf#!aPWbuC_3Nxfb&CFbQy!(8ANp<Dkrrv&eXZOx^ui15L`|GC6Zo9J8
zt4l&YYgkq79`qbC=O@Wu>kWLI4oSnH?Q3f?0k1t$3d+lkQs{~(>06l&v|MpcFsyAv
zin6N!-;pggosR*vV=DO(#+}4ps|5$`u<dyVk_IJiOQUOA<$>dE%Kdmp?G7B#y%<bi
zGVk-OWo?nx8M9(n3)OkC>H`R|i8skKOd9Xzx8xgR$>Zo2R2Ytktq^w#ul4uicxW#{
zFjG_RNlBroV_n;a7U(KIpcp*{M~e~@>Q#Av90Jc5v%0c>egEdY4v3%|K1XvB{O_8G
zkTWLC>OZKf;XguMH2-Pw{BKbFzaY;4v2seZV0>^7Q~d4O=AwaPhP3h|!hw5aqOtT@
z!SNz}$of**Bl3TK209@F=T<Nh*u*7J=P_EEnnD=hbiG0v_)iQwN<!vDIogn=iGRs3
zt_h!RUdkzWHMpc*d}k%tjHimct$!p&AH8pRZ+FJo|9w~+h(n#lp$57vBXGLddx*%@
z5%Aj-8?hH;TIkF9$}Pwu0)KjO*p&uKv6>n1+mgZa8yh(Png%Zd6Mt}^NSjy)etQrF
zme*llAW=N_8R*O~d2!apJnF%(JcN??=`$qs3Y+~xs>L9x`0^NIn!8mMRFA_tg`etw
z3k{9J<p4JZCS-C}49WuHGGruT=x>Ajnl@ygIiJcNHTy02GMAvBVqEss&t2<2mnw!;
zU`J)0>lWiqVqo|ex7!+@0i>B~BSU1A_0w#Ee+2pJx0BFiZ7RDHEvE*ptc9md(B{&+
zKE>TM)+Pd>HEmdJao7U@S>nL(qq*A)#eLOuIfA<xx)>S@j`_sK0UEY6OAJJ-kOrHG
zjHx`g!9j*_jRcJ%>CE9K2MVf?BUZKFHY?EpV6ai7sET-tqk=nDFh-(65rhjtlKEY%
z@G&cQ<5BKatfdA1FKuB=i>CCC5(|9TMW%K~GbA4}80I5%B}(gck#Wlq@$nO3%@QP_
z8nvPkJFa|znk>V92cA!K1rKtr)skHEJD;k8P|R8RkCq1Rh^&}Evwa4BUJz2f!2=MH
zo4j8Y$YL2313}H~F7@J7mh>u%556Hw0VUOz-Un@ZASCL)y8}4XXS`t1AC*^>PLwIc
zUQok5PFS=*#)Z!3JZN&eZ6ZDP^-c@StY*t20JhCnbMxXf=LK#;`4KHEqMZ-Ly9KsS
zI2VUJGY&PmdbM+iT)zek)<hjl_Ql0Z<Zn_qAb)m1SGqs~RuzvnShAB@_vF{e+592q
z$DB!xBIZfcH*9&k=wlV*!)l9TjLaF6{FU=1emb_fuvC;885YA6nM5}UqhPTc%&*tY
z3h;oOpGO3Hx+t7EjPYfzaZ}+D=ndS&SDnV=GA-}a=$GiNOi~a`1gJao%JzT9!|NX9
z<CC9{n}y#@=&Y6rk@_w$wqbKs!E-bTFZW}3bqJ;f!@40M^ykqGs3;>#Qc#_i4uH43
z@T5SZBrhNCiK~~esjsO9!qBpaWK<`>!-`b71Y5R<QKZFC;tbrvH*7OQFB+SCa^&~y
zposW2PUqn>eXQ4AJU~T<enI;Gq30%Z%SsfHco3Z`w^cm#%0^~onRV&P&#QErx)JwE
z+PM!k!qYC}ESrBrHoDQz*X1YmFa#(SZW<AV$!J0LWu4IDbZ2bw=%%Iq9Hg*REoc?;
z{E60bn(-sNYKAv{(YDGA5Ne~oOSP*!BJYblyeWN+CVy8q4{fMj;2#8%D!ii%2bR=s
z%l;FFHzQ~S|A8UKuFT*34q|LzMc~~o#;)Kw9DtS!bp3JQi_@L6HQjXe7-;AjHEUja
z>2Njri1CEp5oKw;Lnm)-Y@Z3sEY}X<ceQi^_CPpPY_VEPYF+%Om#`r)SPUG}UXq2Y
zpr9=;`h)oB6MR*Xk2Eh4r7Hb|{>IgSy%xo=uek(kAAH5MsV$V3uTUsoTzxp_rF=tx
z<QsYQ(;?5S(qGqiH7>V07vlJNKtJhCu`b}*#m&5LV4TAE&%KtHViDAdv#c^x`J7bg
z&N;#I2GkF@SIGht6p-V}`!F_~lCXjl1BdTLIjD2hH$J^YFN`7f{Q?OHPFEM$65^!u
zNwkelo*5+$ZT|oQ%o%;rBX$+?xhvjb)SHgNHE_yP%wYkkvXHS{Bf$OiKJ5d1gI0j<
zF6N}Aq=(WDo(J{e-uOecxPD>XZ@|u-tgTR<972`q8;&ZD!cep^@B5CaqFz|oU!iFj
zU0;<Kr(xN%j}{P50=dczD~4jn(p0D1`)Q|ld@m)3cU?5-DDA%Lq4Vd2?$jcNa3@4}
zt0;5Pk0HJXk<P(S=!%ZtD121Ne##d}^nRI9>6fQX&~15E53EW&w1s9gQQ~Zk16X%6
zjG`j0yq}4deX2?Tr(03kg>C(!7a|b9qFI?jcE^Y>-VhudI@&LI6Qa}WQ>4H_!UVyF
z((cm&!3gmq@;BD#5P~0;_2qg<pD9=9nXg$TuH}wQh9<MTT}D~YJ$+K3jbd)SV}wix
zf+zmLDPNc@nH3C;GngJH(K9z-$bm-ym&hXvg&{t=h}^v&Zpkgh>ZhtJS|>WdtjY=q
zLnHH~Fm!cxw|Z?Vw8*~?I$g#9j&uvgm7vPr#&iZgPP~v~BI4jOv;*OQ?jYJtzO<^y
z7-#C={r7CO810!^s(MT!@@Vz_SVU)7VBi(e1%1rvS!?PTa}Uv`J!EP3s6Y!xUgM^8
z4f!fq<3Wer_#;u!5ECZ|^c1{|q_lh3m^9|nsMR1#Qm|?4Yp5~|e<cTgyd3~1T9l&*
zeQ01<P2U~{V&q4>r2?W^7~cl;_r4WSme_o68J9p03~Hc%X#VcX!xAu%1`R!dfGJCp
zV*&m47>s^%Ib0~-2f$6oSgn3jg8m%UA;ArcdcRyM5;}|r;)?a^D*lel5C`V5G=c~k
zy*w_&BfySOxE!(~PI$*dwG><<WF75p<o9EVVze~dTW<Z_^0lybcm7u?o5{_6x)ND;
zb8GQ#!>+-%KT5p?whOUMA*k<9*gi#T{h3DAxzAPxN&Xws8o9Cp*`PA5>d9*Z-ynV#
z9yY*1WR^D8|C%I@vo+d8r^pjJ$>eo|j>XiLWvTWLl(^;JHCsoPgem6PvegHb-OTf|
zvTgsHSa;BkbG=(NgPO|CZu9gUCGr$8*EoH2_Z#^BnxF0yM~t`|9ws_xZ8X8iZYqh!
zAh;HXJ)3P&)Q0(&F>!LN0g#bdbis-cQxyGn9Qgh`q+~49Fqd2epikEUw9ca<Icy-f
zOt40c5j7j)$)tP9?uvS*(MhNoK9DyuR}iw#hq(_Yg;FQNx_fxU*Eu(iTCigNUM7t<
z>M%V6WgP)532RMRW}8gNS%V%Hx7apSz}tn@bQy!<=lbhmAH=FsMD?leawbnP5BWM0
z5{)@EEIYMu5;u)!+HQ<i|FmCtfdneL-c-Zq4Plvb%6L#`yCeba4_fn4B8J3*R<jzl
zfvYN4K`&;0Sxn>WhQ;D3_Cm_NADNeb-f56}<{41aYq8p4=93d=-=q0Yx#knGYfXVt
z+kMxlus}t2T5FEyCN~!}90<Qw*O-2+V!RyNwDJ!D4}()%&9a2ilTUH&u5D!U%eI_q
zx}xGi`t`GnBsEW*ontVcR-ikx88LbjAhe<X@Zi_w7Y34lxFFrZ2Q&%wKjDtka2LVK
zHc8~1#H%sr<^E7ZD2HEuJ^9vl!WfP^A{M0b1kd0=9ymV8H)Sd)K8ApeV;=DNu1w7T
zq3y-B$08B=*qJh`RBSq*hM$V1Wi(wSS$C7SwYBw1{q+D%@|+@4!e&J2mmVQuQ$1nJ
zGVp>O_X@@PQpuy;kuGz@bWft%diBTx?d)_xWd_-(!LmVrh**oKg!1CNF&LX4{*j|)
zIvjCR0I2UUuuEXh<9}oT_zT#jOrJAHNLFT~Ilh9hGJPI1<5`C-WA{tUYlyMeoy!+U
zhA#=p!u1R7DNg9u4|QfED-2TuKI}>p#2P9--z;Bbf4Op*;Q9LCbO&aL2i<0O$ByoI
z!9;Ght733FC>Pz>$_mw(F`zU?`m@>gE`9_p*=7o=7av`-&ifU(^)UU`Kg3Kw`h9-1
z6`e6+im=|m2v`pN(2dE%%n8YyQz;#3Q-|x`91z?gj68cMrHl}C25|6(_dIGk*8cA3
zRHB|Nwv{@sP4W+Y<?>ZM)VKI>R<dU=sQkg7!lDS83Q3{+&sk$J+O!cATJ_o5Pb&W_
z)bdtK2>lB`n=Oj~Rzx~M+Khz$N$45rLn6k1nvvD^&HtsMA4`s=MmuOJID@$s8Ph4E
zAmSV^+s-z8cfv~Yd(40Sh4JG#F~aB>WFoX7ykaOr3JaJ&Lb49=B8Vk-SQT9%7TYhv
z?-Pprt{|=Y5ZQ1?od|A<_IJU93|l4oAfBm?3-wk{O<8ea+`}u%(kub(LFo2zFtd?4
zwpN|2mBNywv+d^y_8#<$r>*5+$wRTCygFLcrwT(qc^n&@9r+}Kd_u@Ithz(6Qb4}A
zWo_HdBj#V$VE#l6pD0a=NfB0l^6W^g`vm^sta>Tly?$E&{F?TTX~DsKF~poFfmN%2
z4x`Dc{u{Lkqz&y!33;X}weD}&;7p>xiI&ZUb1H9iD25a(gI|`|;G^NwJPv=1S5e)j
z;U;`?n}j<Q^Xq~o28<9wN;wOTm1lpjZMh*aUX(~T_Y3#ZnG~Ye&HG?FC8<&_!tool
z+@`jls~3x-4`e?M70izyrpLQDV~@R;Ddqa8ubupC&5hxJ!0Qn2&@6(rv>nY6rA{V^
zxTd{bK)Gi^odL3l989DQlN+Zs39Xe&otGeY(b5>rlIqfc7Ap4}EC?j<{M=hlH{1+d
zw|c}}yx88_xQr`{98Z!d^FNH77=u(p-L{W6RvIn40f-BldeF-YD>p6#)(Qzf)lfZj
z?3wAMtPPp>vMehkT`3gToPd%|D8~4`5WK{`#+}{L{jR<c)T{dJNa_2~nx}yzR>UMt
zrFz+O$C7y8$M&E4@+p+o<?<4i!4ikchlAhrd(TAazwXC#eTotZ4)SbD2SX9vq+(V^
zQt>V5c%uYzbqd2Y%SSgYy#xh4G3hQv>V*BnuKQhBa#=o<cI|?w3{ulWOpdl|%RYTA
zSx@6KnTs$R(CM2sHs-QJn!^oj_3M4<ToCw0Dysc#3eTjWBJ-T+adb-$?`_4mF<8?g
zSKY1V7KhH!;LK22fSg)B*<uJ7m~6W3CUps0^d9*o2V_Gub>ZB~w{azUB+q%bRe_R^
z>fHBilnRTUfaJ201czL8^~Ix#+qOHSO)A|xWLqOxB$dT2W~)e-r9;bm=;p;RjYahB
z*1hegN(VKK+ztr~h1}YP@6cfj{e#|sS`;3tJhIJK=tVJ-*h-5y9n*&cYCSdg#EHE#
zSIx=r#qOaLJoVVf6v;(okg6?*L_55atl^W(gm^yjR?$GplNP>BZsBYEf_>wM0Lc;T
zhf&gpzOWNxS>m+mN92N0{;4uw`P+9^*|-1~$<g_U{SU`H<rGXK<wL9(P>uXpggj4-
z^SFc4`uzj2OwdEVT@}Q`(^EcQ_5(ZtXTql*yGzdS&vrS_w<Vq*ng}zPHZxXbJ~5By
z5q!Q1MEDSMNOWX9zY-~b`9@lU+AIe>>~~ra|Nb5abwf}Y!uq6R5f&6g2ge~2p(%c<
z@O)cz%%rr4*cRJ5f`n@lvHNk@lE1a*96Kw6lJ~B-XfJW%?&-y?;E&?1AacU@`N`!O
z6}V>8^%RZ7SQnZ-<!aS@7Sy5FdEA^NVBSolPfAv!POl_VDW*<OY|VOa1x+Nt4h}kC
zF5f5bMcr5zsZz*#rv_qyg5_y;>z$(jsX`amu*5Fj8g!3RTRwK^`2_QH<oOlcTv0T*
zq^FmDESBJUwy8>e;_2y_n|6gSaGyPmI#kA0sYV<_qOZc#-2BO%hX)f$s-Z3xlI!ub
z^;3ru11DA`4heAu%}HIXo&ctujzE2!6DIGE{?Zs>2}J+p&C$rc7gJC<HidCCr+8PF
zWiTVZ>35gxhflorvsb%sGOxpuWhF)dL_&7&Z99=5M0b~Qa;Mo!j&Ti_kXW!86N%n=
zSC@6Lw>UQ__F&+&Rzv?gscwAz8IP!n63>SP)^62(HK98nGjLY2*e^OwOq`3O|C92?
z;TVhZ2SK%9AGW4ZavTB9?)mUbOoF`V7S=XM;#3EUpR+^oHtdV!GK^nXzCu>tpR|89
zdD{fnvCaN^^LL%amZ^}-E+214g&^56rpdc@yv0b<3<Gcz@z*K79?oK~*UzGlKFJXT
z{XOryj|k?!nDS(G1LtLxYD^Cq?c?_!zYn!x^#tLjQ6=Wb!)yrQsQW$6U<7{9%v7a-
zv*ocK5QN4V3`xVyd7lYi<tse4LzLtbxdam8l#%xfBL@jXus_3m`H&T(SG4<1{Xtfu
zMb*~2c3zevaj8sJ+%2=tK7#q$!xF@Xc_%7Ws0|ayo4RjQhmCcKBx<ij=1uikr$^Pt
z9|pP=(@t-<MX5uDFk4~}Y&YCR_($i(L2tZ?=zYb8^M2`}T)&sKMTvyh6Hf2vk#&E}
zXFWd3BT@?-Qm?6K=3M(cZ#LOR`xDd$o~J$T>}Ys?)f|fXN4oHf$six)-@<;W&&_kj
z-B}M5U*1sb4)77aR=@%I?|Wkn-QJVuA96an25;~!gq(g1@O-5VGo7y&E_srxL6ZfS
z*R%$gR}dyONgju*D&?geiSj7SZ@ftyA|<I`YtD1a%3oCr%5@GGkBtN{5mnwPyOw=G
z)5mh1d5f2bd0O6v9}uRb?jQWt0Hmbh{Lw~%;q96e<JYrfUt;Ww3`|kuk8YLozMnJA
zL-%S-b>}(*Y4KbvU!YLsi1EDQQCnb+-cM=K1io78o!v<D2B&P2)99nqSy|&vmf_z?
z=eWr~Nb^z}4FA|*1-U>*);o<<Bb~caN#d%78rHzz&LtUD8*+uiPJdUJ<!gd#RBLsK
z$C!13l?*$0KTH~HOk{`~({IY19$^eGtD0+`Ng;Krabee-ZmxY?a!#sR^lIs7X@lqE
z)iFHx46*Kc<U3%gK1Qg`N*=%M8g<Qr@DDqezg1<>XwjaQH%)uIP&Zm?)Nfbfn;jIr
z)d#!$gOe3QHp}2NBak@yYv3m(CPKkwI|{;d=gi552u?xj9ObCU^DJFQp4t4e1tPzM
zvsRIGZ6VF+{6PvqsplMZWhz10YwS={?`~O0Ec$`-!klNUYtzWA^f9m7tkEzCy<_nS
z=&<(awFeZvt51>@o_~>PLs05CY)$;}Oo$VDO)?l-{CS1Co=nxjqben*O1BR>#9`0^
zkwk^k-wcLCLGh|XLjdWv0_Hg54B&OzCE^3NCP}~OajK-LuRW53CkV~Su0U>zN%yQP
zH8UH#W5P3-!ToO-2k&)}nFe`t+mdqCxxAHgcifup^gKpMObbox9LFK;LP3}0dP-UW
z?Zo*^nrQ6*$FtZ(>kLCc2LY*|{!dUn$^RW~m9leoF|@Jy|M5p-G~j%+P0_#orRKf8
zvuu5<*XO!B?1E}-*SY~MOa$6c%2cM+xa8}_8x*aVn~57v&W(0mqN1W`5a7*VN{SUH
zXz98DDyCnX2EPl-`Lesf`=AQT%YSDb`$%;(jUT<emmKF_zfZmU9B12q_dyZ<_@h~k
zvEq1`Vx6X|zFHC1f>rNen$NPJrlpPDP}prI>Ml!r6bCT;mjsg<oj3+@ct5lWE*J;5
z4E~(;FwK{V8;n^S+p_aly?)G^7&y`S%eK)TJhe8?@}L_b8H};V-{Fr!7~z`5Jn&~y
zle5N-{eo+>@X^#&<}CGf0Jt<ps|x+2W>R{Ecwd&)2zuhr#nqdgHj+g2n}GK9CHuwO
zk><uMX@X}I+5rrj?NaO6BMSeLuD{-~8R-Gl2xdC9#?M&n3M8$1#r~F<bd_yU6EE{Y
z#eCFVb$%8`qmYLY$VN_bTcap4)*3IM0tVFqt0C)EHHU4$9K2ap4$RYn7cYx68f*63
zqjgq9d3s#J0z)IOp-dbsoyDl3q&F;wDIxirPuXzvw6-Mhm_%B8`dB@kd7fLXw-%?$
zoq?`st6r0!H5QKHrVxu9;wFCr4k6@&eG$(7Z2Wi#T=t;uR8LkI#eWjbL4#SB+RR!}
zkvLwWmhxM!7BIsi5NeXcxeg6+4^H8NJB5=2mJzA06v|{=fl0X|ig2$)&h*GM&JpHp
zr`8`GjG!&l9EyWchuo>oZxy{v<eHuSsx&-tHadS1q^a4f?|RTjYB^sRK14!iW+^lB
z!ebp33Hf8OUb(D`D*|G{AftC98wHP4tb?H!)=@9haZJ)F+0;HQc5`Qlnk&U!fz)-9
z%lX#G)XFlYmyE^D)O;h749_^`>cOL)$8-}L^iV<p27<5%t|ClWJe$Rd_|U|Ck(u@6
zTgwrC&(m^cFeKDxIl7TOJH#1Wo==_x;yAITBFJ1z$*I>fJHAGfwN$prHjY<ZwGVKY
zZ8+b}fUD+>V0ju}8%jWquw>}_W6j~m<}Jf!G?~r5&Rx)!9JNX!ts#SGe2HzobV5);
zpj@&`cNcO&q+%*<%D<T}5E&SDWDa4Lg;*h`<xw$&SGrTg$|CXl_i7+njSd+)yvyz7
z+0<o|PMTJL)R>7za|?m5qlmFK$=MJ_iv{aRs+BGVrs)98BlN^nMr{V_fcl_;<BiuS
ztTFCwthZrVHPPZYBIYp#EouQ9MTH{-OaLh9+PRHAG3=cqP}nnZd8AjsX8sR)@*@Na
z!0>jkzRju+c-y?gqBC_@J0dFLq-D9@VN&-`R9U;nv$Hg?>$oe4N&Ht$V_(JR3TG^!
zzJsbQb<dCovVFFYER#ii{pf+`)Dd4mJA8V_i{)g*7b35$IR9(S%Er0t1yr7X5aERc
zeK=jG4aV7X*X+)C@a&31a^^wDy<E&Lu}Ry(`Um&dxXGiHJfU<|q(iByYWWLIS^^>i
zFE6-{#9{G{+Z}ww!ycl*7rRdmU#_&|DqPfX3CR1I{Kk;bHwF6jh0opI`UV2W{*|nn
zf_Y@%wW6APb&9Rr<YY$Si*BvV^N#m{QYOko?PXQXU(La}0lCv3qWQ$bi`=<yuf89@
zA3M_;xKTP6E^K#?{F`hD*rTDZhZ!h73@a^*&yKH>bEN=PQRBEpM(N1w`81s=(xQj6
z-eO0k9=Al|>Ej|Mw&G`%q8e$2xVz1v4DXAi8G};R$y)ww638Y=9y$ZYFDM$}vzusg
zUf+~BPX>(SjA|tgaFZr_e0{)+z9i6G#lgt=F_n$d=beAt0Sa0a7>z-?vcjl3e+W}+
z1&9=|vC=$co}-Zh*%3588G?v&U7%N1<wSL*V~9}~r(eJ^+Xr3`-m(Sj@@;y|({lFw
zG+a0jI%A@viPJ_TgyiV93C-_fon>Qf-wNWJ)(v`iO5KHSkC5&g7CrKu8V}uQGcfcz
zmBz#Lbqwqy#Z~UzHgOQ;Q-rPxrRNvl(&u6ts4~0=KkeS;zqU<rCYLCOgtuj&A3yvF
z)|<)nA^eF$@T!K+ig@JbUkyVVJP%Y)>Rz%!-ERppmd%0v>iRlEf+H$yl{_8TMJzo0
z>n)`On|7=WQdsqhXI?#V{>+~}qt-cQbokEbgwV3QvSP7&hK4R{Z{aGHVS3;+h{|Hz
z6$Js}_AJr383c_+6sNR|$qu6dqHXQTc6?(XWPCVZv=)D#6_;D_8P-=zOGEN5&?~8S
zl5jQ?NL$c%O)*bOohdNwGIKM#jSAC?BVY={@A#c9GmX0=T(0G}xs`-%f3r=m6-cpK
z!%waekyAvm9C3%>sixdZj+I(wQlbB4wv9xKI*T13DYG^T%}zZYJ|0$Oj^YtY+d$V$
zAVudSc-)FMl|54n=N{BnZTM|!>=bhaja?o7s+v1*U$!v!qQ%`T-6fBvmdPbVmro&d
zk07TOp*KuxRUSTLRrBj{mjsnF8`d}rMViY8j`jo~Hp$fkv9F_g(jUo#Arp;Xw0M$~
zRIN!B22~$kx;QYmOkos@%|5k)!QypDMVe}1M9tZfkpXKGOxvKXB!=lo`p?|R1l=tA
zp(1}c6T3Fwj_CPJwVsYtgeRKg?9?}%oRq0F+r+kdB=bFUdVDRPa;<s*Z4&z%Yqy%U
zOeHw$WK*_?C+%QKv}yj&a(!5Ni>E~~>2$w}>O>v=?|e>#(-Lyx?nbg=ckJ#5U6;RT
zNvHhXk$<cTrzyFrc-kzJ80|Sr7cPKJYnxQh*Fg9@b51h^!>P}m9wSvFyU3}=7!y?Y
z=fg$PbV8d7g25&-jOcs{%}wTDKm>!Vk);&rr;O1nvO0VrU&Q?TtYVU=ir`te8SLlS
zKSNmV=+vF|ATGg`4$N1uS|n??f}C_4Sz!f|4Ly8#yTW-FBfvS48Tef|-46C(wE<BN
zM?~(EkSJJWr_!W7-HptZRmK`p&C>O_%pPhUC5$-~Y?!0vFZ^Gu`x=m7X99_?C-`|h
zfmMM&Y@zdfitA@KPw4Mc(YHcY1)3*1xv<iSQWzdA1>W9V-r4n-9ZuBpFcf{yz+SR{
zo$ZSU_|fgwF~aakGr(9Be`~A|3)B=9`$M-TWKipq-NqRDRQc}ABo*s_5kV%doIX<z
zw8f$0lCeVGD0^!OedVm2t32)213YQ46v=o)@UsVzy`KZ%hr__m!jsQbd@}{{Vg1hz
z`m2-BpqxgapTIephm4Cik^T6BeWfmt%BA@BRlvqT0ILcR0(vVdxD!}~F3BI!@Yuk*
zM2~`l5+!SvcPoj}AC@Q9McO3!2ke!m5VcW3F%a(IA*N@sL73(w3O(3~t5el4Dq{JU
z21IfDfV)n^u4cGvvfJlGe~Q~Yzeudy#8j^ja>7LRLRau_gd@Rd_aLFXGSU+U?uAqh
z8qusWW<lz^u{++i(BMS0kYpMurHwdx8=v!VDug!+!?SoQ%5#Z9_%%XQ)=}5@(OGY$
z!*NFRMlh?b0mZ-o&{hRY(q#;?AsyI_fTbU3vvt{86Gd^<UxrFKXriAuhLyoz-Rb+|
z<1fH@C7QEgQz2VdIb}M#v@~+roe%YIUs5B>cvgQ&wu{|sRXmv?sl=xc<$6AR$+cl&
zFNh5q1~kffG{3lDUdvEZu5c(aAG~+64FxdlfwY^*;JSS|m~CJusvi-!$XR`6@XtY2
znDHSz7}_Bx7zGq-^5{stTRy|I@N=>*y$zz>m^}^{d&~h;0kYiq8<^W<E|75Z!A4X;
zB0ckyjy2crb1=uu;OnTA+AN(`$!y~N){ZywsrcJ<-RJ-6@#;QH|7$vRI{)h?@p2NX
z`N+$B?J?QE9;Pm%%)e)K9b55SBEW5@Zc4|{XhN6&8tG6ODyNFgS%k;enJu!|jBjTn
zO3=N;{~$Us+^lM79~#+NVdMuMV*xv4<srsN5l%(Xfx|TFiWsSLu6VKb8+BQX%9T6)
zLIA<^s*!o98&YNSoO#lh*yl=4IaXWU@%j6|nHVJL2?PUhARrz8&IkW*Q<47%jpzTI
z4gPog-xBcuLB=pm_-|9W&~MFVz_3-f?M6(XIxnIg#$zC^5E`10kVD2)wtP_r+-MVn
zDB)nM192c6VQ(1fw5pgW;z9QPF|WVy-Pi3Kqyd;SXdDvK@g#36c@VC&u=_B=n%w}x
z9G42<h(@l93n9W)B(s=&>q7Dz0w31ShO^~LUfW6rfitR0(=3;Uue`Y%y@ex#eKPOW
zO~V?)M#AeHB2kovn1v=n^D?2{2jhIQd9t|_Q+c|ZFaWt+r&#yrOu-!4pXAJuxM+Cx
z*H&>eZ0v8Y`t}8{TV6smOj=__gFC=eah)mZt9gwz>>W$!>b3O;Rm^Ig*POZP8Rl0f
zT~o=Nu1J|lO>}xX&#P<uNYpwDdsi81$~7Dv-8cIS(lR52^!TF;6k;WMGV`thcu^6S
z@T3rgu^2l&lSgk|u&dqJ2P;_lKd-gsz+E~nyy$zL@l8HyyxzgF#YH#@jXdT>58%Yl
z83`HRs5#32Qm9mdCrMlV<JBDhyZ+y^N%S92djDerOElqpRE}K*p`=oMP>|NKNC+Z~
z9OB8xk5HJ>gBLi+m@(pvpw)<om*<*&g*ukIpJ5#uX6#7U*X+*MN|7vZ8*HK)=`Y9r
z)#d;zRimk{mmRK`xtmKSn@imtSD%un-#&@aHsi(XFSqmU+t2^tlw;mwe}X*y&#AIH
zlv#=?W?e4tr=1o`K<LAS)WBGaORGt!_L??}o8QF5X|ARAXjcw9(=`^ih&uvZ?3o=4
ztCfj-M@ZND9Dnt(PEoh14OzzWaAN5QQ)tU}4*nXvp1HQ^w*zt7KrnA5B`0hYyAdFC
zH+>1(OaVJKs*$Ou#@Knd#bk+V@y;YXT?)4eP9E5{J%KGtYinNYJUH9PU3A}66c>Xn
zZ{Bn0<;8$WCOAL$^NqTjwM?5d=RHgw3!72WRo0c;+houoUA@HWLZM;^U$&sycWrFd
zE7ekt9;kb0`lps{>R(}YnXlyGY}5pPd9zBpgXeJTY_jwaJGSJQC#-KJqmh-;ad&F-
z-Y)E>!&`Rz!HtC<wKL>z>%yO<y&s#nmyWumg2@9<En(?C^(|rjP3fstXvL7F_}@s~
zK?}vRELPAe=@^SDzf;4gMIY~6wbR)ERQj~L^17FRR>J|v(u7P*I$jqEY3}(Z-orn4
zlI?CYKNl`6I){#2P1h)y(6?i;^z`N3bxTV%wNvQW+eu|x=kbj~s8rhCR*0H=iGkSj
zk2<D*!UmdR0qg)7cV>3lr9kr|p7#qKL=UjgO`@UnvzU)`&fI>1Qs7ubq{@+lK{hH*
zvl6eSb9%yngRn^T<;jG1SVa)eA>T^XX=yUS@NCKpk?ovCW1D@!=@kn;l_BrG;hOTC
z6K&H{<8K#dI(A+zw-MWxS+~{g$tI7|SfP$EYKxA}LlVO^sT#Oby^grkdZ^^lA}uEF
zBSj$weBJG{+Bh@Yffzsw=HyChS(dtLE3i*}Zj@~!_T-Ay7z=B)+*~3|?w`Zd)Co2t
zC&4DyB<B`NVJ>!o&YgSw+fJn6`sn$e)29`kUwAc+1MND7YjV%lO;H2}fNy>hD#=gT
ze+-aFNpyKIoXY~Vq-}OWPBe?Rfu^{ps8>Xy%42r@RV#*QV~P83jdlFNgkPN=T|Kt7
zV*M`Rh*30&AWlb$;ae130e@}Tqi3zx2^JQHpM>j$6x`#{mu%tZlwx9Gj@Hc92IuY*
zarmT|*d0E~vt6<+r?W^UW0&#U&)8B6+1+;k^2|FWBRP9?C4Rk)HAh&=AS8FS|NQaZ
z2j!iZ)nbEyg4ZTp-zHwVlfLC~tXIrv(xrP8PAtR{*c;T24ycA-;auWsya-!kF~CWZ
zw_uZ|%urXgUbc@x=L=_g@QJ@m#5beS@6W195Hn7>_}z@Xt{DIEA`A&V82bc^#!q8$
zFh?z_Vn|ozJ;NPd^5uu(9tspo8t%&-U9Ckay-s@DnM*R5rtu|4)~e)`z0P-sy?)kc
zs_k&J@0&0!q4~%cKL)2l;N*T&0;mqX5T{Qy60%JtKTQZ-xb%KOcgqwJmb%MOOKk7N
zgq})R_6**{8A|6H?fO+2`#QU)p$Ei2&nbj6TpLSIT^D$|`TcSeh+)}VMb}LmvZ{O|
ze*1IdCt3+yhdYVxcM)Q_V0bIXLgr6~%JS<<&dxIgfL=Vnx4YHuU@I34JXA|+$_S3~
zy~X#gO_X!cSs^XM{yzDGNM>?v(+sF#<0;AH^YrE8smx<36bUsH<L8f?5hvib^(w-z
zQO~nQ$dVU0i#a3ki#~Zfn+z)A0X6&+uTO~YY-95PED8rYa#tnOB_5j0D(OiyL`p9s
zv+IJ_k!HYz5YcKEc7QF88Nvot?2oM%4aDY1Bzw#ErO+K${;d;Xz}Qst%^Hxe<y|{#
z0i<}um0l#qNYBrEHp~^dRc(MW&*nx$<xOZo&ngs@b)HTJL5#EBLw4XB%N{_Unwz1|
zV8i$e7agBMpxq^UD+OBzpAA4~Wm`dImRWzuo^(m(ArJer$O=jb))nZ!p#}ai;I|`b
zxh~i8wmS;I?uK@A5wM9(c}p9|(M`BOW}{O$gH|yS=WST0IY5xeK;n^|OTOu06VXGL
ziLV81^Z>bN#y57K8WEu(`qHvQ6cAZPo=J5C(lSmUCZ57Rj6cx!e^rfaI5%w}unz}4
zoX=nt)FVNV%QDJH`o!u9olLD4O5fl)xp+#RloZlaA92o3x4->?rB4`gS$;<QP`qnB
zxyR|2?xCkFimDvX6HOV?^)Ex~)EDlr;3{Zk;-f=p?%7c@-P$(ps9BR^)$rFZsteaA
z;pEqzR194rw0JOm6L~PJ9F(nNaRn+j%W1SvOz`}E|6u-%XnRuFO#whbo=$_b&QmEc
zz35A#zc{~jeDG0s#(%Oyh`}`Lr28fKNg=;!oXo#n2s2b!wHSqmp4gLtkq~?+{}p*~
zmyPE6L~1+ln$95dm03gaCX?Mx^?0LvGdEce@^Fw=4Li}NJ(PPrnJG8UTM7f;`bHcw
z$Z`@wnD>WO{R;Z3>cG3IgFX2EA?PK^M}@%1%A;?f6}s&CV$cIyEr#q5;yHdNZ9h{|
z-=dX+a5elJoDo?Eq&Og!nN6A)5yYpnGEp}?=!C-V)(*~z-+<AB{~}$sb=b_3)fww3
z1aC=mU#wAjt*hH!O=_Rq0hO_a&wY#~Xao9@|NW*<bx}+viW;viI*Z+I?~t{%B+v(!
zDDr@@d60%bC|=S0vZozViq<m)h@uyR_WM|>?kY1Q7qs#Rsy%hu_60rdbB+QQNr?S1
z?;xtjUv|*E3}HmuNyB9aFL5H~3Ho0UsmuMZELp1a#CA1g`P{-mT?B<X1H9ohvAM^;
z+8=gDne1h_tC$>chuLEtK}!QZ=3AWakRu~?f9V~3F;TV`5%9Pcs_$gq&CcU}r8gOO
zC2&SWPsSG{&o-LIGTBqp6SLQZPvYKp$$7L4WRRZ0BR$Kf0I0SCFkqveCp@f)o8W)!
z$%7D1R`&j7W9Q9CGus_)b%+B#J2G;l*FLz#s$hw{BHS~WNLODV#(!u_2Pe&tMsq={
zdm7>_WecWF#D=?eMjLj=-_z`aHMZ=3_-&E8;ibPmM}61i6J3i<Ry9$0oO(dC+M{8z
zs~&fm$9WhF63%!K_Mm6jbUbs_bSm8+)$j`QmCxcnfVz-~LWI0Pvt$(Iiice=m6f#A
znKpqTEVc`=3la-JE~IF8T$O7$xw2vGNtATg%;ITCJQ$<SdLX>s*=dKf%HC>=xbj4$
zS|Q-hWQ8T5mWde6h@;mS+?k=89?1FU<%qH9B(l&O>k|u_aD|DY*@~(`_pb|B#rJ&g
zR0(~(6<MTX1VH`>8fpUPz6TdS@4JT5MOPrqDh5_H(eX1$P2SQrkvN8sTxwV>l0)Qq
z0pzTuvtEAKRDkKGhhv^jk%|HQ1DdF%5oKq5BS>szk-CIke{%js?~%@$uaN3^Uz6Wf
z_iyx{bZ(;9y4X&>LPV=L=d+A}7I4GkK0c1Xts{rrW1Q7apHf-))`BgC^0^F(>At1*
za@e7{lq%yAkn*NH8Q1{@{lKhRg*^TfGvv!Sn*ed*x@6>M%aaqySxR|oNadYt1mpUZ
z6H(<Ni{=BqKRj2FW+}Co`K?u{@WLS%pQm3TU}Q0c616}yg+(R+@sl}k&>rupHYf&Z
z29$5g#|0MX#aR6TZ$@eGxxABRKakDYtD%5BmKp;HbG_ZbT+=81E&=XRk6m_3t9PvD
zr5Cqy(v?gHcYvYvXkNH@S#Po~q(_7MOuCAB8G$a9BC##gw^5mW16cML=T=ERL7wsk
zzNEayTG?mtB=x*wc@ifBCJ|irFVMOvH)AFRW8WE~U()QT=HBCe@s$dA9O!@`zAAT)
zaOZ7l6vyR+Nk_OOF!ZlZmjoImKh)dxFbbR~z(cM<ohJsx2;$$S(LMO!JiV@-OGlmm
z`NdjOOy9O@m26&M`?ASmTQ{@=-K%#U)U7w<-rclq>hfeX1l7S_`;h|v3gI}<v)x_w
zvu)Dq)`qX%>n9$sSQ>+3@AF<e#LTCwgPu=4ybha;DXu-e#IUo*sWeYFrWHoigJs{Q
zYu_ff&j$_|OP<X2&rv4d2FV^~F@43}*F8@FN!r^c>Ay9=B_y$)q;Wdl|C-X|VV3w8
z2S#>|5dGA8^9%Bu&fhmVRrTX>Z7{~3V&0UpJNEl0=N32euvDGCJ>#6dUSi&PxFW*s
zS`}TB>?}H(T2lxBJ!V#2taV;q%zd6fOr=SGHpoSG*4PDaiG0pdb5`jelVipkEk%FV
zThLc@Hc_AL1#D&T4D=w@UezYNJ%0=f3iVRuVL5H?eeZM}4W*bomebEU@e2d`M<~uW
zf#Bugwf`VezG|^Qbt6R_=U0}|=k;mIIakz99*>FrsQR{0aQRP6ko?5<7bkDN8evZ&
zB@_KqQG?ErKL=1*ZM9_5?Pq%lcS4uLSzN(Mr5=t6xHLS~Ym`UgM@D&VNu8e?_=<G2
z$Y^_uSNUz|Ag`4k$;;4dC>nSFtF$u@hpPSmI4Vo_t&v?>$~K4y(O~Rb*(MFy_igM7
z*~yYUyR6yQgzWnWMUgDov!!g=lInM+=lOmOk4L`O?{i&qxy&D*_qorRbDwj6?)!ef
z#JLd7F6Z2I$S0iYI={rZNk*<{HtIl^mx=h>Cim*04K4+Z4IJtd*-)%6XV2(M<qEcY
zKpTExU9W`Sp|>CscPiw_a+y*?BKbTS@BZ3AUao^%Zi#PhoY9Vib4N>SE%4>=Jco0v
zH_Miey{E;FkdlZSq)e<{`+S3W=*ttvD#hB8w=|2aV*D=yOV}<n%QCtpFj!1iP3=++
zF%bul8RQG~xNUT@7_D%fDp&f9U3+!yV(BF^EJ6M?ggfgy%D_aSJLQh<Q8L9^3Z4lP
zSliD?8{L~ZN{}ULe$or4iOcd9fCXx)uXD>(&p%0LbEWH$&@$X3x~CiF-?ejQ*N+-M
zc8zT@3iwkdRT2t(XS`d7`tJQAjRmKAhiw{WOqpuvFp`i@Q@!KMhwKgs<K(HF*wpN5
zv(vj1XA8yT@r9sbul0J^6}T8DTrg3?UvaTK(_8@BG(vOS@R#A};jf~t=|7FM{G%;V
z$moCx(glgj5-;%1QM|u%2d3FX97|2!-{zNf(~wZQL8&V6ON(xoE>A}%@sw8Xo5Y=F
zhRJZg)O4uqNWj?V&&vth*H#je6T}}p_<>!Dr#89q@uSjWv~JuW(>FqoJ5^ho0%K?E
z9?x_Q;kmcsQ@5=}z@tdljMSt9-Z3xn$k)kEjK|qXS>EfuDmu(Z8|(W?g<kN}okBu|
z`906+8rq=5w?nFA6VC1#eQVZ_=+&soKuCq9J4-B?5ajOsO<ZqBE?J2XT_J8fPV98+
zk#wtSBTro80%$s5KaeCr*oviwvkprv-mw0v@x!YSCMmDCbzwIduaRkq+nkD$>Y6-l
z@R_#M8=vxKMAoi&PwnaIYw2COJM@atcgfr=zK1bvjW?9B`-+Voe$Q+H$j!1$Tjn+*
z&LY<%)L@;zhnJlB^Og6I<R<r5yYZK!bg%i+z^Gb9&z&*Z#pVBay5jNKYESI$cqK!;
zs%j&*N?LE3ILkbKV_0UUpL<A`zeQtv+?k$&h|~*OX&e)^SV^abQ&PMGXtX3fI2kT=
z2Y%RbH`bf;|K;F8Mxo)Ov25Y*lHOz#D>&BOR-m?{IW;tyYC%FZ!&Z>kGjHJ6cqM-F
z&19n+e1=9AH1VrVeHrIzqlC`w9=*zfmrerF?JMzO&|Mmv;!4DKc(sp+jy^Dx?(8>1
zH&yS_4yL7m&GWX~mdfgH*AB4<e8V;o9`b8>{CKo;+egw=PrvkTaoBU+P-4u?E|&!c
z)DKc;>$$B6u*Zr1SjUh<mc1^2+c=@@6(J4|#?}T_|M2b62=4`4F-ba1m43BpL!aCj
zR^w2TEDEd$X7pi$++6T@mH_M(zN#-+gi}U5eaDqd^tUG_>2)FeuWLWHl5TH(UHWkf
zLs>7px!c5n;rbe^lO@ql<wf#W%s8knI~Th~JR_Kl+2&@Zoorl!op+Ba_ZYj2yD(^E
z$}7%1B7{$MlPHueM^5x<Vc5^Pd5$8yYQ@u;!UngDNs9O`zY)-uu_X-;n9-+TuAb`^
z<H1e|G%#k-<p?8qbT%m<kMd#1>YLzlDVp(z?6r<WUtyWnlD^G9B?_Ur{&KCOuHNMq
zk|B^K_<0Q-9-+@;d#BY&2k-R$to<44{eG#pW>PZel=YB)Uv&n!2{+Mb$-vQl=xKw(
zve&>xYx+jW_NJh!FV||r?;hdP<!CWxpcsZKiv4>*jOXYcLCp>DOtJ?2S^)DkM{{Eb
zS$!L$e_o0(^}n3tA1R3-$SNvgBq;DOEo}fNc|tB%%#g4RA3{|euq)p+xd3I8^4E&m
zFrD%}nvG^HUAIKe9_{tXB;tl|G<%>yk6R;8L2)KUJw4yHJXUO<O#J#etA!EQr#Ixj
zZuFu$GT+Wpqx#)|V^@Cm`sHrRN~=Je%6V#~5_a6U7SazOW-GgiQtB4%%~2(B0iBsg
z;PpJsF|+l@`Wy@y_OtfS`JgrB)rNO1MTjsxeQ7|k!FQ^3n6kbM;^~mT&4KxW*m77y
zq%{h&JwttX7mQ1|xDfr$rzHoYHzjn|^DmxVimK9<IM)^a;|9O2LO78(*WR_|D40bM
z4}thc%eqOsDqUE<D1~O4evp0zw~wzT!F>PM>(-+jxq4R;z8H#>rnJy*)8N+$wA$^F
z<U&lTYAkA<S9x1+2s?lu2|Zd2nj#EvZB!v_&9eAD+8*)ghmbT+{)~_^Px6pMeOz2X
zv~Wjk&YGtROVvA~E^msuyea-{C!TM*WVVa4lhy%2Gi&UvdDpYWzNapW2o<z2pU37x
zeudIr){wxOzdWU}R?Ue;nbpX4`c>N+H*3t)eFEgxLw+Nw3};4WV$qj&_D`%ADV2%r
zJCPCo%{=z7;`F98(us5JnT(G@sKTZ^;2FVitXyLe-S5(hV&Ium+1pIUB(CZ#h|g)u
zSLJJ<@HgrDiA-}V_6B^x1>c9B6%~847JkQ!^KLZ2skm;q*edo;UA)~?SghG8;QbHh
z_6M;ouo_1rq9=x$<`Y@EA{C%6-pEV}B(1#sDoe_e1s3^Y>n#1Sw;N|}8D|s|VPd+g
z-_$QhCz`vLxxrVMx3ape1xu3*wjx=yKSlM~nFgkNWb4?DDr*!?U)L_VeffF<+!j|b
zZ$Wn2$TDv3C3V@BHpSgv3JUif8%hk%OsGZ=OxH@8&4`bbf$`aAMchl^qN>Eyu3JH}
z9-S!x8-s4fE=lad%Pkp8hAs~u?|uRnL48O|;<hL9ZDZTaoVqCgAV4_fXA_B>*DEU!
zuS0{cpk%1E0nc__2%;apFsTm0bKtd&A0~S3Cj^?72-*Owk3V!ZG*PswDfS~}2<8le
z5+W^`Y(&R)yVF*tU_s!XMcJS`;<i5$MCe|U*GT!0%*LADX`D^%6_<=D#Ru0`TRN8+
zm@tIK)49`32a<@shitOU#x<QU%nW!IzfjK>(Tr`J0%>p=Z&InR%D3@KEzzI+-2)HK
zuoNZ&o=wUC&+*?ofPb0a(E6(<2Amd6%uSu_^-<1?hsxs~0K5^f(L<W1_uUGAdyXWF
z-9E^}>sGqgEF^+0_H=uNk9S0bb!|O8d?m5gQjUKevPaO+*VfSn^2892K~%crWM8+6
z25@V?Y@J<9w%@NXh-2!}SK_(X)O4AM1-WTg>sj1{lj5@=q&dxE^9xng1_z9w9DK>|
z6Iybcd0<ba%T-PM@iR4f+hWNy2(Dh#%r^4ZjOOcYUhl?lcc*@SuVYF<0NRX~sTl15
z&yX+gisvpMdp($7GpQ}~BtfayBnqkt65sVAS)H#))Ya=X_9qRpsELVk)K-Umx|Q>e
zy<csGv$iOY<#zt!tLyihB^h0nm-w?)HRS0&_TFyZkN{(*U!r-+J#Pt@VJw|c&+Ad7
zGuhURv<S1E^2YPq{$<>i;Ew!KBRIfGPGytQ6}z}MeXCfLY0?9%RiyagSp_D1?N&c{
zyo>VbJ4Gy`@Fv+5cKgUgs~na$>BV{*em7PU3%lloy_aEovR+J7TfQKh8BJXyL6<F;
zULuFu;b(C;CC(l^>|P8un-Jnq(ghd!_HEOh$zlv2$~y3krgeH;9zC}V3<xe_B^^Vb
z>f`uDtW(%mT#944DQa~^8ZI+zAUu4U(j0YcDfKR$bK#gvn_{JZ<YX};laf~yTsdEA
zA~Ra?VD!R`MyGN9;7}SV*B=q$h>>|gZ5+)u?T$w<UlM8Es^_5l0fa>7Q%F^;!Wk?G
z(le7r!ufT*cxS}PR6hIVtXa)i`d$-_1KkyBU>qmgz-=T};uxx&sKgv48akIWQ89F{
z0<y9Cbjk%^#=J+qPnsNw%*mP1XLirQj9jh94t22gxgVWwR*I>XiY?WM^~;|T8zBOr
zs#zuOONzH?svv*jokd5SK8wG>+yMC)LYL|vLqm^PMHcT=`}V$=nIRHe2?h)8WQa6O
zPAU}d`1y(>kZiP~Gr=mtJLMu`i<2CspL|q2DqAgAD^7*$xzM`PU4^ga`ilE134XBQ
z99P(LhHU@7qvl9Yzg$M`+dlS=x^(m-_3t|h>S}E0bcFMn=C|KamQ)=w2^e)35p`zY
zRV8X?d;s^>Cof2SPR&nP3E+-LCkS0J$H!eh8~k0qo$}00b=7!H_I2O+Ro@3O$nPdm
ztmbOO^B+IHzQ5w>@@@J4cKw5&^_w6s!s=H%&byAbUtczPQ7}wfTqxxtQNfn*u73Qw
zGuWsrky_ajPx-5`R<)6xHf>C(oqGf_Fw|-U*GfS?xLML$kv;h_pZ@Kk$y0X(S+K80
z6^|z)*`5VUkawg}=z`S;VhZhxyDfrE0$<offD>(PMurAxl~<>lfZa>JZ288ULK7D`
zl9|#L^JL}Y$j*j`0-K6kH#?bRmg#5L3iB4Z)%iF@SqT+Lp|{i`m%R-|ZE94Np7Pa5
zCqC^V3}B(FR340pmF*qaa}M}+h6}mqE~7Sh!9bDv9YRT|>vBNAqv09zXHMlcuhKD|
zcjjA(b*XCIwJ33?CB!+;{)vX@9xns_b-VO{i0y?}{!sdXj1GM8+$#v>W7nw;+O_9B
z_{4L;C6ol?(?W0<6taGEn1^uG=?Q3i29sE`RfYCaV$3DKc_;?HsL?D_fSYg}SuO5U
zOB_f4^vZ_x%o`5|C@9C5+o=mFy@au{s)sKw!UgC&L35aH(sgDxRE2De%(%OT=VUdN
ziVLEmdOvJ&5*tCMKRyXctCwQu_RH%;m<lO9)YlolKp~SHA~$RD@rJEPJ4LfFabjtz
zzIU?%C*Qz8oJB~DbsOtV|5q`38L}^8Uq{e{^Ki<?YLnvYT2b=9GoWdOL!w)E5Yy?N
zCPB}zb-LW~opI;Pm$>*$YK&m;jtbdH#Ak~13T1^f89tn`A%QEHWs~jnY~E}p_Z$XC
z=?YXLCkzVSK+Id`xZYTegb@W8_baLt-Fq`Tv|=)JPbFsKRm)4UW;yT+J`<<s6L^~#
zDKX^stn#n?Mc#=>)%#ue9DPOkje)YF2fsCilK9MIIK>p*`fkoD5nGfmLwt)!KOT+>
zOFq*VZktDDyM3P5UOg`~XL#cbzC}eL%qMB=Q5$d89MKuN<r)TznqqP**!jJ?cnTT2
zaaf?rvaC;><?H&|zm@ni*?D9zRWNdd5|h7<r<^y7j=M<<S|!iYxdgG*6u6u?mWfD3
zB)<Dfkbae`fO#+9WEYybHeZv}*cbdmPDkPU(jb+Sl1(!A;;QmZ9oNWRty}&5QMWy9
zX_w<YIby`Y;2BC{-IfA^=3f)~-*KF*rKr=krZyJeUl;NhG@Ajb2fr2VF0H7ZuP8_;
zl#_lD<2+R)LHx3c896sfpWG@kpwT@>#$6|4gx_Jt0Gfn8w&q}%lq4QU%6#jT*MRT%
zrLz~C8FYKHawn-EQWN1B75O&quS+Z81(zN)G>~vN8VwC+e+y(`>HcxC{MrJ;H1Z4k
zZWuv$w_F0-Ub%MVcpIc){4PGL^I7M{>;hS?;eH!;<Yf7EM>gmcOE66z3;Z1Phqo(t
zVP(Hg6q#0gIKgsg7L7WE!{Y#1nI(45tx2{$34dDd#!Z0NIyrm)HOn5W#7;f4pQci#
zDW!FI(g4e668kI9{2+mLwB+=#9bfqgX%!B34V-$wwSN(_cm*^{y0jQtv*4}eO^sOV
z*9xoNvX)c9isB}Tgx&ZRjp3kwhTVK?r9;n<haxnrRq){mtk9A+#MWR@iL>!x>^XYT
z@Q^7zp{rkIs{2mUSE^2!Gf6$6;j~&4=-0cSJJDizZp6LTe8b45;{AKM%v99}{{FfC
zz709%u0mC=1KXTo(=TqmZQ;c?$M3z(!xah>aywrj40sc2y3rKFw4jCq+Y+u=CH@_V
zxz|qeTwa>+<|H%8Dz5u>ZI5MmjTFwXS-Fv!TDd*`>3{krWoNVx$<133`(ftS?ZPyY
z&4@ah^3^i`vL$BZa>O|Nt?ucewzsF)0zX3qmM^|waXr=T0pfIb0*$AwU=?Ipl|1Y;
z*Pk6{C-p4MY;j@IJ|DW<V4g+WfmkDAI{!240rBm;^p*C?EK5<-i6<dFN`<4WIVA6x
zQ_A}VBKmDESd)f<tKV+_7{`O-ZQ=Kw_N>>QHZQJcp;Z~?8(Q+Kk3^0qJ}SCk^*n4W
zu9ZFwLHUx-$6xvaQ)SUQcYd6fF8&x)V`1bIuX@>{mE$b|Yd(qomn3;bPwnDUc0F=;
zh*6_((%bqAYQWQ~odER?h>1mkL4kpb3s7`0m@rDKGU*oyF)$j~Ffd4fXV$?`f~rHf
z<dmhsigJ=rWi_aV`WXyhB>B%Y)@5SXZvfwm10RY5X?TEo)PK_`L6qgBp=#>fO49$D
zDq8Ozj0q6213tV5Qq=;fZ0$|KroY{Dz=l@lU^J)?Ko@ti20TRplXzphBi>XGx4bou
zEWrkNjz0t5j!_ke{g5I#PUlEU$Km8g8TE|XK=MkU@PT4T><2OVamoK;wJ}3X0L$vX
zgd7gNa359*nc)R-0!`2X@FOTB`+oETOPc=ubp5R)VQgY+5BTZZJ2<L28T@@Z{~(FZ
zheu(w_rw1D2_zLx!dpDtOmwLC!DhBIo<Q>?9QwnO=<wr%&Gfr?0?EHFALMv;_+d?S
zzAg%@ydS-+C)WJy(gMckj>dnulIUF3gFn;BODC2)65)HeVd%t86sL7Rv^Y+nbn+&l
z6BAJY(ETvwI)Ts$aiE8rht4KD*qNyE{8{x6R|%akbTBzw;2+6<pQ&SDXNQj*or8md
z6z#{?Yky9DqRtSV0CMnGmM?NZ;=ja)lj3y_HwGOxfijBU4|3qigw`1zRQjL!B8PR+
zaRn%p#eR@M4(R@Wz!rx^(f#sKB!vBtl{_H&pMv^{xCn<;&`rM&o>Echkt+W+`u^XX
z_z&x%n<Jwv#rI=O_ITYt8jK&7Lbvimxh?Mpm*TNff4FbaUEWX?w*B~|ab(^T*a99t
zcJ#fCD8IP<V1pf_@pm2K2=}<d0_Y2*QClSUBi8yzf&VOuJ`CJAoEUwr?!mKD=5}o2
zV^&)q)<B;SMXmbXj|caU)A+-MMW5C}&8F^$XYi3}kDOaQe6Z+qH3z$S;;<vL9ydXD
zI5~P97&YCq9}$m^On$P-pTjcf#j%4IH8Sc*nG=+l4{M+gXHaFf{g{b8PUBySZmJ4r
UfUyy3EX0IC28@JalTrWuAK7&_a{vGU

literal 60756
zcmb5WV{~QRw(p$^Dz<H#6;^E9wry+0wkoz!v2EKnEB2dnp51QS&)(;ryWbCEt<_q_
z%vf{Ij$i-xF_)Yq2q+W~5CjAe5D@>@00IL3?^hro$gg*4VI_WAaTyVM5Foj~O|-84
z$;0<Gf%j{m{PRR<ei?BQVMQf6X^~s$@i8e$TDlonNm{DO@u_+RhI!`ggFoZ6!{QUt
z6V&1~-=IzbM#=jH8kEiGq(%D$R6*#ZXeb3}Hx4%r-~MIAuSNdPR|Ea}Z0lh9Z{O;l
z=Rp5sj;Vvbk(KfPIu-fvQ(YbO?d*&l{_PMsht{<6ud70f1_VU)KOZ9c-;1gK^$(==
z&28umt@Irov(&)dP=-)Hz_S{P7xEnP!ichkxx$E~7}a_a2q8(l2>6hMwt*rV;^8iB
z1~&0XWp<s4<3+-8i_yvLp=2@>YJmG?Ts^K9PC62H*`G}xom%S%yq|xvG~FIfP=9*f
zZo<U;yqPuzvK$}+n^LL;n^MT#U2$-W#`#sg?M@{@(gHfAYL^m#{&XY2t3v`wuX2Ob
zJ|E-g(=OFBrmQ4BNYySt*Qqd2Zl}{zt~_o(QZ0X@(Jm9-p$YdmymL==Ie?AQJ`?lf
z`Njkl*jD~p1=ZOtBV40hyN64OCJFd*fD3i~XsAso=-LMLs^|UBS%-sLHqPeN5cpej
zP96&U@H4ow7X*CS6N3Vk2xHMM5uO4=)iyB|+fIBqm)%MXwL_oiyPH}M@t<2mhnqdB
zpZ>DRJBm*Y0aId=qJ?7dyb)6)JGWGwe)MHeNSzhi)Ko6J<-m@v=a%NsP537lHe0R*
z`If4$aaBA#S=w!2z&m>{lpTy^Lm^mg*3?M&7HFv}7K6x*cukLIGX;bQG|QWdn{%_6
zHnwBKr84#B7Z+AnBXa16a?or^R?+>$4`}{*a_>IhbjvyTtWkHw)|ay)ahWUd-qq$~
zMbh6roVsj;_qnC-R{G+Cy6bApVOinSU-;(DxUEl!i2)1EeQ9`hrfqj(nKI7?Z>Xur
zoJz-a`PxkYit1HEbv|jy%~DO^13J-ut986EEG=66S}D3!L}Efp;Bez~7tNq{QsUMm
zh9~(HYg1pA*=37C0}n4g&bFbQ+?-h-W}onYeE{q;cIy<G6>%eZK9wZjSwGvT+&Cgv
z?~{9p(;bY_1+k|wkt_|N!@J~aoY@|U_RGoWX<;p{Nu*D*&_phw`8jYkMNpRTWx1H*
z>J-Mi_!`M468#5Aix$$u1M@rJEIOc?k^QBc?<b59)xNczO{#+_)9&wFZVex;^4Vl#
z>T(#=n&*5eS#u*Y)?L8Ha$9wRWdH^3D4|Ps)Y?m0q~SiKiSfEkJ!=^`lJ(%W3o|CZ
zSrZL-Xxc{OrmsQD&s~zPfNJOpSZUl%V8tdG%ei}lQkM+z@-4etFPR>GO<GhYd~TtJ
zwBkK^Mf~X+_zkRIz?y=<$$)%45zt~zJgiQCTcppoxe=pu88AJHVU3fzN(qJSGX29E
zfbGs2RA>H9+Y_F<3=~SXln9Kb-o~f>2a6Xz@AS3cn^;c_>l<hcV+2`3y`U@%b10Ti
zcsAuz3qW@}1&hcn9e|iQZ-*nRdQA=6HE0WZ=-IqLdFH?}s(4A4Su|ovlG8OIY!~1g
zV*}qrf+P~DZYbWlHL~*vJjRpSRBJ|RB}1Yk#lDowyB!0p;et0q>UwlK(n>z?A>NbC
z`Ud8^aQy>wy=$)w;JZzA)_*Y$Z5hU=KAG&htLw1Uh00yE!|Nu{<IBoPg2E_>EZkch
zY9O6x7Y??>!7pUNME*d!=R#s)ghr|R#41l!c?~=3CS8&zr6*aA7n9*)*PWBV2w+&I
zpW1-9fr3j{VTcls1><EmORLr6^_*km(FaYTm!{FpN(j*&ipG9#Bx7MzETdKx3MQix
zP9g$MFZr%m`tSm-g<Nl^j9AagC^~K|67C*eGSlxRu0?PgNMupvPEj}+ToIMPS(h_Y
z=br$^g2gKPI4Ilij?qSjH4rcN?$oLnmWI|kQy-!uDx_L8FFnwQg1LxHyC}zG(tlAZ
zH8z|S<;cL4*pQkj32mX3%Ut({&Q<B&y6N^XSz#?>ua}F*bbju_Xq%^v;-W~paSqlf
zolj*dt`BBjHI)H9{zrkBo<O`!SS6B=LKl>=B%>8}4jeBO<T-1a7W52S<GA6)qpHuH
zr-%V#6TJ~zK#}#SZ%KJiS%=&s@yJ4k(HVsTu!ro=zMmxYi)tO}vgJ_O50@u`M|%Ri
zphwWiXYN$*r|>~kWqO!~Thi!I1H(in=n^fS%nuL=X2+s!p}HfTU#NBGiwEBF^^tKU
zbhhv+0dE-sbK$>J#t-J!B$TMgN@Wh5wTtK2BG}4BGfsZOoRUS#G8Cxv|6EI*n&Xxq
zt{&OxCC+BNqz$9b0WM7_PyBJEVObHFh%%`~!@MNZlo*oXDCwDcFwT~Rls!aApL<)^
zbBftGKKBRhB!{?fX@l2_y~%ygNFfF(XJzHh#?`WlSL{1lK<Z@o#;*SdVGNH>T*gJM
zs>bd^H9NCxqxn(IOky5k-wALFowQr(gw%|`0991u#9jXQh?4l|l>pd6a&rx|v=fPJ
z1mutj{YzpJ_gsClbWFk(G}bSlFi-6@mwoQh-XeD*j@~huW4(8ub%^I|azA)h2t#yG
z7e_V_<4jlM3D(I+qX}yEtqj)cpzN*oCdYHa!nm%0t^wHm)EmFP*|FMw!tb@&`G-u~
zK)=Sf6z+BiTAI}}i{*_Ac$ffr*Wrv$F7_0gJkjx;@)XjYSh`RjAgrCck`x!zP>Ifu
z&%he4P|S)H*(9oB4uvH67^0}I-_ye_!w)u3v2+EY>eD3#8QR24<;7?*hj8k~rS)~7
zSXs5ww)T(0eHSp$hEIBnW|Iun<_i`}VE0Nc$|-R}wlSIs5pV{g_Dar(Zz<4X3`W?K
z6&CAIl4U(Qk-tTcK{|zYF6QG<GoVw~LX_9wmCyLIg5HrC)J9)r!7|t}PwF9G3L#(i
znq(TLP8w3<iIfL!hDIR3?YNM8r9A6!N(o8YBZ@w;24dkA6!cN#{d&#a!)STfC3#`w
zn~!m@(Thc7Y<7g`lPf7tavkY|IpA1z!Xc-);I@t+8Vv2n<pCz^dd3h3=M+#Ee$$px
z67Z%5xz9Jl=z|J4Mo=+AB<rDYZ9L~g-KY{Q-jka~-Ae^NqTXdE>5ArrEB!;5s?tW7
zrE3hcFY&k)+)e{+YOJ0X2uDE_hd2{|m_dC}kgEKqiE9Q^A-+>2UonB+L@v3$9?AYw
zVQv?X*pK;X4Ovc6Ev5Gbg{{Eu*7{N3#0@9oMI~}KnObQE#Y{&3mM4`w%wN+xrKYgD
zB-ay0Q}m{QI;iY`s1Z^NqIkjrTlf`B)B#M<jM!$tg=k5lp}=|!gJ`-A3NITdMu8RC
zj1XQSG|ZmbdcDW!n80TC;X9x@;5D9oK%Ld~mq|EemE{}fSaq-zyX$@FTX}$Oc0g22
zzETfvk4&(H@-vz=*ZPqWh};?ig{1!LM(TkY4LO&>ajZ#9u41oRBC1oM1vq0i|F59>
z#StM@bHt|#`2)cpl_rWB($DNJ3Lap}QM-+A$3pe}NyP(@+<iN(x4wVJ+_gbEd-^Zb
zWBwY%U*j*Br2PjW(*8Hx+37o((b+lJej%fixv?WP#pslTG#zE5G`)n>i1>o^<jA}~
z(^v!&G?YSwQv@?ogo0voxWugllcS<_%l`tol>fe-oxX#<wXu`21Fg;1yW>Bt`mcQc
zb?pD4W%#ep|3%CHAYnr*^M6Czg>~L4?l16H1OozM{P*en298b+`i4$|w$|4AHbzqB
zHpYUsHZET$Z0ztC;U+0*+amF!@PI%^oUIZy{`L{%O^i{Xk}X0&nl)n~tVEpcAJSJ}
zverw15zP1P-O8h9nd!&hj$zuwjg?DoxYIw{<nX*|aXj4I;Pv(W_%0{1!UxR7=>jWM
zW5_pj+wF<yrjE;j>y8Tsa9g<7Qa21WaV&;ejoYflRKcz?#fSH_)@*QVlN2l4(QNk|
z4aPnv&mrS&0|6NHq05XQw$J^RR9T{3SOcMKCXIR1iSf+xJ0E_Wv?jEc*I#ZPzyJN2
zUG0UOXHl+PikM*&g$U@g+KbG-RY>uaIl&DEtw_Q=FYq?etc!;hEC_}UX{eyh%dw2V
zTTSlap&5>PY{6I#(6`j-9`D&I#|YPP8a;(sOzgeKDWsLa!i-$frD>zr-oid!Hf&yS
z!i^cr&7tN}OOGmX2)`8k?Tn!!4=tz~3hCTq_9CdiV!NIblUDxHh(FJ$zs)B2(t5@u
z-`^RA1ShrLCkg0<B?}_ts1DQjgp}W5VwQK_f$?l4FP6>)OhfoM;4Z{&oZmAec$qV@
zGQ(7(!CBk<5;Ar%DLJ0p0!ResC#U<+3i<|vib1?{5gC<oG^96_Cm0(UK10{w?+e+7
zEH(oxs^u==fa{@(*SXRYQr1OsHi@`@+xSt3wKAa_>ebG7$F7URKZXuX-2WgF>YJ^i
zMhHDBsh9PDU8dlZ$yJKtc6JA#y!y$57%sE>4Nt+wF1lfNIWyA`=hF=9Gj%sRwi@vd
z%2eVV3y&dvAgyuJ=eNJR+*080dbO_t@BFJO<@&#yqTK&+xc|FRR;p;KVk@J3$S{p`
zGaMj6isho#%m)?pOG^G0mzOAw0z?!AEMsv=0T>WWcE>??WS=fII$t$(^PDPMU(P>o
z_*0s^W#|x)%tx8jIgZY~A2yG;US0m2ZOQt6yJqW@XNY_>_R7(Nxb<qz*Zby*O0$bc
z&bwd!3N`yA)-yDGrw923g#%FdDs9(c!1zBe1RB8u-MYi3o@&Spv(9|!3<U?#VR{nH
z(>8Ged6BdYW6{prd!|zuX$@Q2o6Ona8zzYC1u!+2!Y$Jc9a;wy+pXt}o6~Bu1oF1c
zp7Y|SBTNi@=I(K%A60PMjM#sfH$y*c{xUgeSpi#HB`?|`!Tb&-qJ3;vxS!TIz<?2E
z;?m$vD?eW$Ky=1Yq)adqhc?p&C{7b5o?=)unOeZDH>uTZs-&%#bAkAyw9m4PJgvey
zM5?up*b}eDEY+#@tKec)-c(#QF0P?MRlD1+7%Yk*jW;)`f;0a-ZJ<A1MM6Y&2Bjrl
znqSWxYPQP0xd?S^aF>6CQA?E%>i2Dt7T9?s|9ZF|KP4;CNWvaVK<?o_JIw;}zDT`U
z8L9-eX*7(^ut$2QBvx;9WC*DK4d0Kl9Aoah9FvKFLU*E)t<DB)E+Hfy@{d<s5TtbK
z3@*SWX?`UQ;LR6RwJlyE3z}ZE!swzdANx@XuTjkujJwae)D4vw=Dql$%nf#rij0A7
zPZHIZfP9Y{HHIH6!OIl6HIjQP7s$4hLQfM=Y5?9w6~3&f-&54yS(z79jhWNyU*0R2
z2LGB!DxIQ?IKWc4-r|9{@l3idCG70wl#Y>Z+Qeut;Jith_y{v*Ny6Co6!8MZx;Wgo
z=qAi%&S;8J{iyD&>3CLCQdTX*$+Rx1AwA*D_J^0>suTgBMBb=*hefV+Ar<cd*@2&D
z8;>s#mmr+YsI3#!F@Xc1t4F-gB@6aoyT+5O(qMz*zG<9Qq*f0w^V!03rpr*-WLH};
zfM{xSPJeu6D(%8HU%0GEa%waFHE$G?FH^kMS-&I3)ycx|iv{T6Wx}9$$D&6{%1N_8
z_CLw)_9+O4&u94##vI9b-HHm_95m)fa??q07`DniVjAy`t7;)4NpeyAY(aAk(+T_O
z1om+b5K2g_B&b2DCTK<>SE$Ode1DopAi)xaJjU>**AJK3hZrnhEQ9E`2=|HHe<^tv
z63e(b<X3pR+d94@m}tS^Z3?)AN+iBxpwZ<D7`?_tGq?BO;qYoIK%|`4<lnL)z<I(0
zu_t<sVb~sefyW>n#fMWuz>4erc47}!J>U58%<&N<6AOAewyzNTqi7hJc|X{782&cM
zHZYclNbBwU6673=!ClmxMfkC$(CykGR@10F!zN1S<PPl%@(Hn|^OfVI^X@u=eB4LB
zU*t+xZ0wF<m*ErqYAYp>e83LR&a~$Ht&>~43OX22mt7tcZUpa;9@q}KDX3<tKWF1f
zxw`aDW9rcd*xv(|cjctJ=r<rB$*=tRKjhAT3QznFrq0&JHcrBBhQ@YI=C=P(hmztZ
zBtRHZf@NQr^M5yLSW}<&UN$I$ud6^2LG^C;CST5(r;3;$jf|I6ACztPf?wzMlh7(R
zK$zGkcsg9U$_~E{oniYivq)0tjRjewJEOw_A7w)SdVn|$`QY&`&=C?ozE>O&Ugp6<
zLZLfIMO5;pTee1vNyVC$FGxzK2f>0Z-6hM82zKg44nWo|n}$Zk6&;5ry3`(JFEX$q
zK&KivAe${e^5ZGc3a9hOt|!UOE&OocpVryE$Y4sPcs4rJ>>Kbi2_subQ9($2VN(3o
zb~tEzMsHaBmBtaHAyES+d3A(qURgiskSSwUc9CfJ@99&MKp2sooSYZu+-0t0+L*!I
zYagjOlPgx|lep9tiU%ts&McF6b0VE57%E0Ho%2oi?=Ks<h7|XGdLNwTI)ib?N6{Eu
z;h2l5*eV93*R)?j|9)5Mw{~AJzwV0Z*IoH9lKK|_`lq|{FC-HsFD==}hu}T8I5=Nj
zMm|Nv0wu!DR!AT$4?#iVwpDaiN4hcWqWH4L{RHwRzsnYkBn73d=5jdE`3OkM-m10*
zdSrK<cD9qSi<hEpW()G6&#VKxRV)hnG-x*2O9Ur9cji6_gKVb~I_9QB{xCNxI)s~q
zuptRHAY00`Qzhr7(2tu@2-Cypx8Giobh`{rL+hNjig(}@FZ>+5%aj#au^OBwNwhec
zta6QAeQI^V!dF1C)>RHAmB`HnxyqWx?td@4sd15zPd*Fc9hpDXP23kbBenBxGeD$k
z;<D{TYW<{z_^}oSud&ZuHEyD44V>%0VBQEJ-C)&dTAw_yW@k0u?IUk*NrkJ)(XEeI
z9Y>6Vel>#s_v@=@0<{4A{p<R|0RfTyuh&=hpG-YVMbi~o8Dk@%D2pXcC$zylS8Jch
zTmbubLr&$o2Hk+p^ded~#GH{7cu^WdnjPYm>l=9cQ&Iah0iD0H`q)7NeCIRz8zx;!
z^OO;1+IqoQNak&pV`qKW+K0^Hqp!~gSohcyS)?^P`JNZXw@gc6{A3OLZ?@1Uc^I2v
z+X!^R*HCm3{7JPq{8*Tn>5;B|X7n4QQ0Bs79uTU%nbqOJh`nX(BVj!#f;#J+WZxx4
z_yM&1Y`2XzhfqkIMO7tB3raJKQS+H5F%o83bM+hxbQ<YF8%f26g@w6?b)_6@vyLk>
zeeJm=Dvix$2j|b4?mDacb67v-1^lTp${z=jc1=j~QD>7c*@+1?py>%Kj%Ejp7Y-!?
z8iYRUlGVrQPandAaxFfks53@2EC#0)%mrnmGRn&>=$H$S8q|kE_iWko4`^vCS2aWg
z#!`RHUGyOt*k?bBYu3*j3u0gB#v<VSU``i9)i((*A4_MYpA70V(O^YWl0>(3tsije
zgIuNNWNtrOkx@Pzs;A9un+2LX!zw+p3_NX^Sh09HZAf>m8l@O*rXy_82aWT$Q>iyy
zqO7Of)D=wcSn!0+467&!Hl))eff=$aneB?R!YykdKW@k^_uR!+Q1tR)+IJb`-6=jj
zymzA>Sv4>Z&g&WWu#|~GcP7qP&m*w-S$)7Xr;(duqCTe7p8H3k5>Y-n8438+%^9~K
z3r^LIT_K{i7DgEJjIocw_6d0!<;wKT`X;&vv+&msmhAAnIe!OTdybPctzcEzBy88_
zWO{6i4YT%e4<cORn@|6PX^%-74fBfvI*qb65lguos^u7L67Q8>^WQZB)KHCvA(0tS
zHu_Bg+6Ko%a9~$EjRB90`P(2~6uI@SFibxct{H#o&y40MdiXblu@VFXbhz>Nko;7R
z70Ntmm-FePqhb%9gL+7U8@(ch|JfH5Fm)5${8|`Lef>LttM_iww6LW2X61ldBmG0z
zax3y)njFe>j*T{i0s8D4=L>X^j0)({R5lMGVS#7(2C9@AxL&C-lZQx~czI7Iv+{%1
z2<eOr>hEG>RzX4S8x3v#9sgGAnPzptM)g&LB}@%E>fy0vGSa(&q0ch|=ncK<Ys%|-
z$8{E%Rw4?D_8re!3!SBF?$73?o3k7+`5vm8pITte_z3-f7CoPck#W)v4slR3Zzqx8
zNVDE$E-!|FmIAfj{mDQ%vc<UpiEaVi&qHP&p?bTbEWARJ?xHePge3YNpI92C>jNrK
z`jA~jObJhrJ^ri|-)J^HUyeZXz~XkBp$VhcTEcTdc#a2EUOGVX?@mYx#Vy*!qO$Jv
zQ4rgOJ~M*o-_Wptam=~krnmG*p^j!JAqoQ%+YsDFW7Cc9M%YPiBOrVcD^RY>m9Pd<
zu}#9M?K{+;UIO!D9qOpq9yxUquQRmQNMo0pT`@$pVt=rMvyX)ph(-CCJLvUJy71DI
z<CI*+r=tVTlgn@b%PV`RM<s@b7^3<nL0kgliJ>Bk7oc7)-%ngdj~s@76Yse3L^gV0
z2==qfp&Q~L(+%RHP0n}+xH#k(hPRx(!AdBM$JCfJ5*C=<wG1tvhicE*gpY`ZCMnhj
z1G=jh5z6O!^6nUl+c3`w0_ln^hFS56L}g>K3ts>P?@@SZ_+{U2qFZb>4kZ{Go37{#
zSQc+-dq*a-Vy4?taS&{Ht|MLRiS)Sn14JOONyXqPNnpq&2y~)6wEG0oNy>qvod$FF
z`9o&?&6uZjhZ4_*5qWVrEfu(>_n2Xi2{@Gz9MZ8!YmjYvIMasE9yVQL10NBrTCczq
zcTY1q^PF2l!Eraguf{+PtHV3=2A?Cu&NN<O6VN>&a8V(y;q(^_mFc6)%Yfn&X&~Pq
zU1?qCj^LF(EQB1F`8NxNjyV%fde}dEa(Hx=r7$~ts2dzDwyi6ByBAIx$NllB4%K=O
z$AHz1<2bTUb>(MCVPpK(E9wlLElo(aSd(Os)^Raum`d(g9Vd_+Bf&V;l=@mM=cC>)
z)9b0enb)u_7V!!E_bl>u5nf&Rl|2r=2F3rHMdb7y9E}}F82^$Rf+P8%dKnOeKh1vs
zhH^P*4Ydr^$)$h@4<HY{kkgz6jX&Mdasz@VEoye!fw>KVzxrHyy#cKmWEa9P5DJ|-
zG;!Qi35Tp7XNj60=$!S6U#!(${6hyh7d4q=pF{`0t|N^|L^d8pD{O9@tF~W;#Je*P
z&ah%W!KOIN;SyAEhAeTafJ4uEL`(RtnovM+cb(O#>xQnk?dzAjG^~4$dFn^<@-Na3
z395;wBnS{t*H;Jef2eE!2}u5Ns{AHj>WYZDgQJt8v%x?9{MXqJsGP|l%OiZqQ1aB!
z%E=*Ig`(!tHh>}4_z5IMpg{49UvD*Pp9!pxt_gdAW%sIf3k6CTycOT1McPl=_#0?8
zVjz8Hj*Vy9c5-krd-{BQ{6Xy|P$6L<o)r^R5`ZQ`GQhYqfOupFa9l!9lz>JvMuX$*
zA+@I_66_ET5l2&gk9n4$1<ixm5Z@RUb^v5fP{&E>M3LN8(yEV<DNCy-M+F%4k9cS;
zC^^RKH!iKb*+NTZ($+>iRx&mtd#LD}AqEs?RW=xKC(OCWH;~>(X6h!uDxXIPH06xh
z*`F4cVlbD<GpM@G3X6T;YA>P`A)-fzf>MuScYsmq&1LUMGaQ3bRm6i7OsJ|%uhTDT
zlvZA1M}nz*SalJWNT|`dBm1$x<Um4i*)m*aUZO##LwDk6q63h|IW;0Cr>laA>CCiQ
zK`xD-RuEn>-`Z?M{1%@wewf#8?F|(@1e0+T4>nmlSRrNK5f)BJ2H*$q(H>zGD0>eL
zQ!tl_Wk)k*e6v^m*{~A;@6+JGeWU-q9>?+L_#UNT%G?4&BnOgvm9@o7l?ov~XL+et
zbGT)|G7)KAeqb=wHSPk+J1bdg7N3$vp(ekjI1D9V$G5Cj!=R2w=3*4!z*J-r-cyeb
zd(i2KmX!|Lh<K2eIYJREpvNMi&Z#7*f45@XYFPFRp`27wgA7b{lxe_pm*^6y<RLhc
z8e%Fbj59XhBop+|s8G!j;y`1~`5Wy@K-#-nr2&8P(UZtm7KDzi`O}$kr#>ey!snRw
z?#$Gu%S^SQEKt&kep)up#j&9}e+3=JJBS(s>MH+|=R(`8xK{mmndWo_r`-w<m*k89
zcV!Q$3TQF>1#SeRD&YtAJ#GiVI*TkQZ}&aq<+bU2+coU3!jCI6E+Ad_xFW*ghnZ$q
zAoF*i&3n1j#?B8x;kjSJD${1jdRB;)R*)Ao!9bd|C7{;iqDo|T&>KSh6*hCD!rwv=
zyK#F@2+cv3=|S1Kef(E6Niv8kyLVLX&e=U;{0x{$tDfShqkjUME>f8d(5nzSkY6@!
z^<s1zrx%Y{GxOAQiaP`zX4pWwf(3Q?%k(n<-*ko(!rd%~BRbzOMd+_y^a4+aH{F5%
zJscHc3gzd06%1tHe@VXo_oCsSee^HDb^OaWE0e5ck@*pZK0RqW9B3O#2!5)9`cvEa
zg%b@5T@#X^O2>-0>DM)wa&%m#UF1F?zR`8Y3X#tA!*7Q$P3lZJ%*KNlrk_uaPkxw~
zxZ1qlE;Zo;nb@!SMazSjM>;34ROOoygo%SF);LL>rRonWwR>bmSd1XD^~sGSu$Gg#
zFZ`|yKU0%!v07dz^v(tY%;So(e`o{ZYTX`hm;@b0%8|H>VW`*cr8R%<Wzeb1B(_7j
zj%jg9z(<Muj+rwUU3J`9Kkr9fxe1hx2`oE|97F-6%bXb;NK9gbaH21ZD{h@XeCBlS
zTkbMM03Wrp)E~*3bm**>3n|ehw2`(9B+V72`>SY}9^8oh$En80mZK9T4abVG*to;E
z1_S6bgDOW?!Oy1LwYy=w3q~KKdbNtyH#d24PFjX)KYMY93{3-mPP-H>@M-_>N~DDu
zENh~reh?JBAK=TFN-SfDfT^=+{w4ea2KNWXq2Y<;?(gf(FgVp8Zp-oEjKzB<XiW@L
z4DJ=*jZ)bsSD44~x>%2Iqj;48GmY3h=bcdYJ}~&4tS`Q1sb=^emaW$IC$|R+r-8V-
zf0$gGE(CS_n4s>oicVk)MfvVg#I>iDvf~Ov8bk}sSxluG!6#^Z_zhB&U^`eIi1@j(
z^CK$z^stBHtaDDHxn+R;3u+>Lil^}fj?7eaG<FRml8CUEBOnAV8CmKw;V=T((V6h(
z;KHNVT}hTA4oyjv0NUAbK-AxArk$+6ITFf=ABoS3b^1vXdN5Y3$j$Gn7L0qB<*F>B
z&5nl^STqcaBxI@v>%zG|j))G(rVa4aY=B@^2{TFkW~YP!8!9TG#(-nOf^^X-%m9{Z
zCC?iC`G-^RcBSCuk=Z`(FaUUe?hf3{0C>>$?<OA^A&va@m6n{p_RDbpCmC44*u>Vs
z`2Uud9M+T&KB6o4o9kvdi^Q=Bw!asPdxbe#W-Oaa#_NP(qpyF@bVxv5D5))srkU#m
zj_KA+#7sqDn*Ipf!F5Byco4HOSd!Ui$l94|IbW%Ny(s1>f4|Mv^#NfB31N~kya9!k
zWCGL-$0ZQztBate^fd>R<KTx+Kn<12wUG%9I!9v@uJ1RK?y>!hXY_N9ZjYp3V~4_V
z#eB)Kjr8yW=+oG)BuNdZG?jaZlw+l_ma8aET(s+-x+=F-t#Qoiuu1i`^x8Sj>b^U}
zs<v<BrDUuc#V%G@XYC{+Sg}|bZ*&$Xmy?7Y(n?p_lr<7QNavDlGr?4z!qaMY=`TAM
zFH`)mW};}4R%}`-v*@TwSk0p!c2gBZF<0Y~yAY5urGWuSR(DcbqvUph8QXsf(x2A!
z>^z<()YMFP7CmjUC@M=&lA5W7t&cxTlzJAts*%PBDAPuqcV5o7HEnqjif_7xGt)F%
zGx2b4w{@!tE)$p=l3&?Bf#`+!-RLOleeR<bP1HAuJwpA7V6w3e&7FnVSAlVevD>k3
z7#pF|w@6_sBmn1nECqdunmG^}pr5(ZJQVvAt$6p3H(16~;vO>?sTE`Y+mq5YP&PBo
zvq!7#W$Gewy`;%6o^!Dtjz~x)T}Bdk*BS#=EY=ODD&B=V6TD2z^hj1m5^d6s)D*wk
zu$z~D7QuZ2b?5`p)<Zk5N<LwAw|NY@XF!9G7+>E8e2_L38v3WE{V`bVk;6fl#o2`)
z99JsWhh?$oVRn@$S#)uK&8DL8>An0&S<%V8hnGD7Z^;Y(%6;^9!7kDQ5bjR_V+~wp
zfx4m3z6CWmmZ<8gDGUyg3>t8wgJ5NkkiEm^(sedCicP^&3D%}6LtIUq>mXCAt{9eF
zNXL$kGcoUTf_Lhm`t;hD-SE)m=iBnxRU(NyL}f6~1uH)`K!hmYZjLI%H}AmEF5RZt
z06$wn63<H*D^}!!_~!rctzB?W+<x$IW(W<z1pS(B1aK00$0*UbQ&o~2AGrgPX{+%L
zjpNNy?injFg0d#OC9*3D`YWIJp4knE9&uEHc=jswzMs5P)Ct~!Qhd!W;4aD36N5rn
zR-$WHi87V$r>GHnApHXZZJ}s^s)j9(BM6e*7IBK6Bq(!)d~zR#rbxK9NVIlgquoMq
z=eGZ9NR<I_0;qaLkr^sqs*eI>!SEqP6=9UQg#@!rtbbSBUM#ynF);zKX+|!Zm}*{H
z+j=d?<x8+W+YzUX8`Wzx$M0@ats$ISI!}Y&e$baoEyt_PL67D-!l9jd$-U47GPlhn
zFZ(p{^KerTig5@++3nwFz)bDI^Rg#*4JrNT%{~<3KmSD&ZJ;XGkp4=fS6_`Bk^dyB
z2<kf;i`zIF+c=s#nY$P(Iysozn0`U;e|0>aZ2!?@EL7C~%B?6ouCKLnO$uWn;Y6Xz
zX8dSwj732u(o*U3F$F=7xwxm>E-B+SVZH;O-4XPuPkLSt_?S0)lb7EEg)Mglk0#eS
z9@jl(OnH4juMxY+*r03VDfPx_IM!Lmc(5hOI;`?d3<n0O2)hcsP_2=f#ul^%8WEjH
z_45k7p1r2G5<EoD-7_hh0-~>7f>jPP$?9jQQIQU@i4vuG6MagEoJrQ=RD7xt@8E;c
z<Z~cp<{k@e+=yUE(YejRT8|zYjy+~C+(wP9bf2{6?hB`L=aUc<odY()WVr`t9nSc0
zAeWGRrle!<ccgxgu=eN|0Q>eGV*+Pt+t$@pt!|McETOE$9k=_C!70uhwRS9X#b%ZK
z%q(TIUXSS^F0`4Cx?Rk07C6wI4!UVPeI~-fxY6`YH$kABdOuiRtl73MqG|~AzZ@<e
z70bZ1Xfg@ML9rX@!O{Xhvx6+$D#ej982$eGa_sxL;&>iL&^s?24iS;RK_pdlWkhcF
z@Wv-Om(Aealfg)D^adlXh9Nv<v-}opkLv5Ft~N;ilf%n_18GR>f~Uf@y;g3Y)i(YP
zEXDnb1V}1pJT5ZWyw=1i+0fni9yINurD=EqH^ciOwLUGi)C%Da)tyt=zq2P7pV5-G
zR7!oq28-Fgn5pW|<Sr(TR-f}>nlu^b!S1Z#r7!Wtr{5J5PQ>pd+2P7RSD?>(U7-|Y
z7ZQ5lhYIl_IF<9?T9^IPK<(Hp;l5bl5tF9>X-zG14_7PfsA>6<$~A338iYRT{a@r_
zuXBaT=`T5x3=s&3=RYx6NgG>No4?5KFBVjE(swfcivcIpPQFx5l+O;fiGsOrl5teR
z_Cm+;PW}O0Dwe_(4Z@XZ)O0W-v2X><&L*<~*q3dg;bQW3g7)a#3KiQP>+qj|qo*Hk
z?57>f2?f@`=Fj^nkDKeRkN2d$Z@2eNKpHo}ksj-$`QKb6n?*$^*%Fb3_Kb<??RAja
zk0V>f1(*W9K>{L$mud2WHJ=j0^=g30Xhg8$<s&?w=aRQaO9t&giJ1(RsSL3%_cC6M
z*CW9(Zh9c_42B<|)&oM^-GzGdz1}f&d3F5BYqWb4q+Sw(ib=VNbJPT@^wT=3tW(7y
zrx1-UKq0(c(u-_d3s{C`aQ&0%#$*~vtZCzBHFqiV3;VEe=EsFn^iO}7H|DQJkk9H;
zB0P{n&~U<*$_g%{-r&>#g^?36`p1fm;;1@0Lrx+8t`?vN0ZorM<NTJbjJv2{-dI;>
zS<hDSyFi<GVb++PZX@XtOI*=$j*U@=`@o~{Gi!F-NK(%gyI#{g6|hETm*WG_p}s8L
zjZRCuf%OK?g`?(Q%o?EJIq8XN^)7E@6pk&Uqpm7^VOiV00>W?rhjCE8$C|@p^sXdx
z|NOHHg+fL;HIlqyLp~SSdIF`TnSHehNCU9t89yr@)FY<~hu+X`tjg(aSVae$wDG*C
zq$nY(Y494R)hD!i1|IIyP*&PD_c2FPgeY)&mX1qujB1VHPG9`yFQpLFVQ0>EKS@Bp
zAfP5`C(sWGLI?AC{XEjLKR4FVNw(4+9b?kba95ukgR1H?w<8F7)G+6&(zUhIE5Ef%
z=fFkL3QKA~M@h{nzjRq!Y_t!%U66#L8!(2-GgFxkD1=JRRqk=n%G(yHKn%^&$dW>;
zSjAcjETMz1%205se$iH_)ZCpfg_LwvnsZQAUCS#^FExp8O4CrJb6>JquNV@qPq~3A
zZ<6dOU#6|8+fcgiA#~MDmcpIEaUO02L<Rkl`=Q>5#T$HV0$EMD94HT_eXLZ2Zi&(!
z&5E>%&|FZ`)CN10tM%tLSPD*~r#--K(H-CZqIOb99_;m|D5wdgJ<1iOJz@h2Zkq?}
z%8_KXb&hf=2Wza(Wgc;3v3TN*;HTU*q2?#z&tLn_U0Nt!y>Oo>+2T)He6%XuP;fgn
z-G!#h$Y2`9>Jtf}hbVrm6D70|ERzLAU>3zoWhJmjWfgM^))T+2u$~5>HF9jQDkrXR
z=IzX36)V75PrFjkQ%TO+iqKGCQ-DDXbaE;C#}!-CoWQx&v*vHfyI>$HNRbpvm<`O(
zlx9NBWD6_e&J%Ous4yp~s<!5el5C5+U(6q$naw*;HMpy|CU=dglNI1EQ%|HQk4H*H
z4vZmq8i&o(xLex%_9CXr+V#E5;>6)Ghni!I6)0W;9(9$y1wWu`$gs<$9Mcf$L*piP
zPR0Av*2%ul`W;?-1_-5Zy0~}?`e@Y5A&0H!^ApyVTT}BiOm4GeFo$_oPlDEyeGBbh
z1h3q&Dx~GmUS|3@4V36&$2uO8!Yp&^pD7J5&TN{?xphf*-js1fP?B|`>p_K>lh{ij
zP(?H%e}AIP?_i^f&Li=FDSQ`2<P4}YJBR3<86=L)lNLn?n<UqJ){hazu7oE1W<WpM
zkEayA#3<YDk5vng9{R3EwAsH9RNs3PX=z8hou#I@lclzVbk)C_>_NWxL+BB=nQr=$
zHojMlXNGauvvwPU>ZLq!`bX-5F4jBJ&So{kE5+ms9UEYD{66!|k~3vsP+mE}x!>%P
za98bAU0!h0&ka4EoiDvBM#CP#dRNdXJcb*(%=<(g+M@<)DZ!@v1V>;54En?igcHR2
zhubQMq}VSOK)onqHfc<PBSX0Qkle<U&d;N1BT|$4=Uqpo2tm04^j~@drYI0P7duc%
zes@lg1;1w}#p3u@$yb(xFl7Q9B8k2c_rQZ?>zM7YA@s=9*ow;k;8)&?J3@0JiGcP!
zP#00KZ1t)GyZeRJ=f0^gc+58lc4Qh*S7RqPIC6GugG1gXe$LIQMRCo8cHf^qXgAa2
z`}t>u2Cq1CbSEpLr~E=c7~=Qkc9-vLE%(v9N*&HF`(d~(0`iukl5aQ9u4rUvc8%m)
zr2GwZN4!s;{SB87lJB;veebPmqE}tSpT>+`t?<457Q9iV$th%i__Z1kOMAswFldD6
ztbOvO337S5o#ZZgN2G99_AVqPv!?Gmt3pzgD+Hp3QPQ`9qJ(g=kjvD+fUSS3upJn!
zqoG7acIKEFRX~S}3|{EWT$kdz#zrDlJU(rPkxjws_iyLKU8+v|*oS_W*-guAb&Pj1
z35Z`3z<&Jb@2Mwz=KXucNYdY#SNO$tcVFr9KdKm|%^e-TXzs6M`PBper%ajkrIyUe
zp$vVxVs9*>Vp4_1NC~Zg)WOCPmOxI1V34QlG4!aSFOH{QqS<og-9*{m%{>Vq1^1)-
z0P!Z?tT&E-ll(pwf0?=F=yOzik=@nh1Clxr9}Vij89z)ePDSCYAqw?lVI?v?+&*zH
z)p$CScFI8rrwId~`}9YWPFu0cW1Sf@vRELs&cbntRU6QfPK-SO*mqu|u~}8AJ!Q$z
znzu}50O=YbjwKCuSVBs6&CZR#0FTu)3{}qJJYX(>QPr4$RqWiwX3NT~;>cLn*_&1H
zaKpIW)JVJ>b{uo2oq>oQt3y=zJ<SzS^-D>jb%fU@wLqM{SyaC6x2snMx-}ivfU<1-
znu1Lh;i$3Tf$Kh5Uk))G!D1UhE8pvx&nO~w^fG)BC&L!_hQk%^p`Kp@F{cz>80W&T
ziOK=Sq3fdRu*V0=S53rcIfWFazI}Twj63CG(jOB;$*b`*#B9uEnBM`hDk*E<oidpi
zVi-YCX)u~YCBI+laYqXSo<EX9^<PNdjZ=BtK`_ZYngaDtG5R2}vTD}f!DiphZC8q*
z6i0u#X*zYGRu)lm1ElCpjgBvp3Ldd|#4WH$%tK2cXGR#zWyK<<eW|7%5Ju2_h*||L
zg2wp|<^Qbr0(rt`iD%~4&vfIMiU-hB(&TS(L<Ua}Ae0?Iw}pCJ-m<j9H*WOItm42P
z+4mexCkJJkqGU65>wSRdwP8?5T?xGUKs=5N83XsR*)a4|ijz|c{4tIU+4j^A5C<#5
z*$c_d=5ml~%pGxw#?*q9N7aRwPux5EyqHVkdJO=5J>84!X6P>DS8PTTz>7C#F<Zu4
zp3F5$$3=BvvzoPSkFVMT=*}cwr4^?8L-w1olVUL5gHh{)p1vygqRx_|5M(|5i$<sf
zD*3bQ%l!Ml%>O?k#edkntG<Krzma04@|w*Y9|BKCf&FeXNg|upC}{zu^oHarA7zIf
zC8{uLE&-S@l`ZxV=v;r*B3!WS4z%0OHxj5&2`?c0;8f|2cq)E6RQk=VwECk+Q<E<b
z===nd>+fJk8ZMn?pmJSO@`x-QHq;7^h6GEXLXo1TC<!%G;g|1m1_bS}WUN;u(X1H_
zC*#P|&x2L7jt9)tK*_e)O{|{ck0S}rdz!bjq~RUIX}#ve9vhD}wsXP2-}YSVJ>NhH
z8ZDH{*NLAjo3WM`xeb=X{((uv3H(8&r8fJJg_uSs_%hOH%JDD?hu*2NvWGYD+j)&`
zz#_1%O1wF^o5ryt?O0n;`lHbzp0wQ?rcbW(F1+h7_<Pe?a2+{KTPMp$CgHfSHrYCA
zK{ERTzz`pSB$~vt3tii8P;~CRII8wO)%F!tVN6C6<1n2x%4zAuytITcED<o5IyW7o
zh-G7-*3%BqRFkVI(T5y^ar95CXup=KHGy2BZYuLh)vrm>EZZ<i<-|Mk=_v8nD5m5v
zdpML`Rs@XrmR1I|!5H>9{>rePvLAPVZ_R|n@;b$;UchU=0j<6k8G9QuQf@76oiE*4
zXOLQ&n3$NR#p4<5NJMVC*S);5x2)eRbaAM%VxWu9ohlT;pGEk7;002enCbQ>2r-us
z3#bpXP9g|mE`65VrN`+3mC)M(eMj~~eOf)do<@l+fMiTR)XO}422*1S<RWVx0`Uk8
z=5;*6NK#2D`zc^JM6i=$pyv-R_l)2#3c6jS0ZcmLz1#Dg>L{wyY(%oMpBgJagtiDf
zz>O6(m;};>Hi=t8o{DVC@YigqS(Qh+ix3Rwa9aliH}a}IlOCW1@?%h_bRbq-W{KHF
z%Vo?-j@{Xi@=~Lz5uZP27==UGE15|g^0gzD|3x)SCEXrx`*MP^FDLl%pOi~~Il;dc
z^hrwp9sYeT7iZ)-ajKy@{a`kr0-5*_!XfBpXw<un0R1t>EcFGJ;%kV$0Nx;apKrur
zJN2J~CAv{Zjj%FolyurtW8RaFmpn&zKJWL>(0;;+q(%(Hx!GMW4AcfP0YJ*Vz!F4g
z!ZhMyj$BdXL@MlF%KeInmPCt~9&A!;cRw)W!Hi@0DY(GD_f?jeV{=s=cJ6e}JktJw
zQORnxxj3mBxfrH=x{`_^Z1ddDh}L#V7i}$njUFRVwOX?qOTKjfPMBO4y(WiU<)epb
zvB9L=%jW#*SL|Nd_G?E*_h1^M-$PG6Pc_&QqF0O-FIOpa4)PAEPsyvB)GKasmBoEt
z?_Q2~QCYGH+hW31x-B=@5_AN870vY#KB~3a*&{I=f);3Kv7q4Q7s)0)gVYx2#Iz<e
zcH?D}+f3Q#s`S_o+I!i;AG^@C;`0g<<}J>9g(F<Nt8qTR6vu`Q_y)iK3d>2;=+Iy4
z6KI^8GJ6D@%tpS^8boU}zpi=+(5GfIR)35PzrbuXeL1Y1N%JK7PG|^2k3qIqHfX;G
zQ}~JZ-UWx|60P5?d1e;AHx!_;#PG%d=^X(AR%i`l0jSpYOpXoKFW~7ip7|xvN;2^?
zsYC9fanpO7rO=V7+KXqVc;Q5z%Bj})xHVrgoR04s<WC19*!aSDBN9bsQ!y_RQh!2^
zM?3OYfd1?Of*;~K;fPyA-Zs2YGEobYXZSuxP}4a~sqAr!U$f%5T_yC9m}8r(jTC#Z
zlS5i1zBtiGG~ok?`vdcED-M&WdW#GCV?b8L_D^$erV#MdoMmoYt9TZ|Ht9A`j0>A2
zl~DAwv=!(()DvH*=lyhIlU^hBkA0$e*7&fJpB0|oB7)rqGK#5##2T`@_I^|O2x4GO
z;xh6ROcV<9>?e0)MI(y++$-ksV;G;Xe`lh76T#Htuia+(UrIXrf9?<emJgERw<NIn
zQ3ku})$3b}us&H98W&5x<)bV~*h&=0ffNSk1dGwNXOQ%9)}<w_ggrrd<5YvvzW{lc
z%ra;Ag$A><p>L(tZ$0BqX1>24?V$S+&kLZ`AodQ4_)P#Q3*4xg8}lMV-FLwC*cN$<
zt65Rf%7z41u^i=P*qO8>JqXPrinQFapR7qHAtp~&RZ85$>ob|Js;GS^y;S{XnGiBc
zGa4IGvDl?x%gY`vNhv8wgZnP<sGTjZeSulPuO`MCGWcs$^L3#ATO-7+><iA~BUyg7
zK%Ww`C41~DlFVr(wLNj3&@sD(X1>#UYI-w*<g2t%j8f-#L_4CY4*BdT&|1*Oi_vum
zKr_(QQ>^4YCZnxkF85@ldepk$&$#3EAhrJY0U)lR{F6sM3SONV^+$;Zx8BD&Eku3K
zKNLZyBni3)pGzU0;n(X@1fX8wYGKYMpLm<N;CLpE$mA#FhwOAwFc3Gu*Y2ijqt2Mr
zEmgb5Rj4WSTt}-IA7KmFeJ5Mjqr(gVM>Cu{N5-}epPDxClPFK#A@02WM3!myN%bkF
z|GJ4GZ}3sL{3{qXemy+#Uk{4>Kf8v11;f8I&c76+B&AQ8udd<8gU7+BeWC`akUU~U
zgXoxie>MS@rBoyY8O8Tc&8id!w+_ooxcr!1<R^L(;4reEepdzdE}95d2?7a|m*bOO
zw-e)+?=QFS<bE97C&Ii^S^W*sEa3vQg$((7STwNpoGd886wr(*z1BNi)jL%HPZ&tN
zMU1+!wKw7>?#rc$-|SBBtH6S?)1e#P#S?jFZ8u-Bs&k`yLqW|{j+%c#A4AQ>+tj$Y
z^CZajspu$F%73E68Lw5q7IVREED9r1Ijsg#@DzH>wKseye>hjsk^{n0g?3+gs@7`i
zHx+-!<a?ReO?pTi@}bP2;<uA@WM0R7zz}csHRnM~D!mg`gD>sjLx^fS;fY!ERBU+Q
zVJ!e0hJH%P)z!y%1^ZyG0>PN@5W~SV%<y=x@j^(xiknw*C+Ur&ZKl@Fn|2w}`ly8(
zz_1QrAQphp;v3{c3l!jHVeo@tq)&pO(TmgH_gydMs#0|p0EwwF+U6X@z~IpBNd*kS
z6gu9R48Qg1ZmheUKP8?FTjqJfpHv+Qzur?E>f>}c?$H8r;Sy-ui>aruVTY=bHe}$e
zi&Q4&XK!qT7-XjCrDaufT@>ieQ&4G(SShUob0Q>Gznep9fR783jGuUynAqc6$pYX;
z7*O@@JW>O6lKIk0G00xsm|=*UVTQBB`u1f=6wGAj%nHK_;Aqmfa!eAykDmi-@u%6~
z;*c!pS1@V8r@IX9j&rW&d*}wpNs96O2Ute>%yt{yv<kbv8~>>k!6zfT6pru{F1M3P
z2WN1JDYqoTB#(`kE{H676QOoX`cnqHl1Yaru)>8Ky~VU{)r#{&s86Vz5X)v15ULHA
zAZDb{99+s~qI6;-dQ5DBjHJP@GYTwn;Dv&9kE<0R!<?&2c8~t|z-P*DUzhl0`)*&h
z|Nn!A|7U$aOKIxA^!*PLm$hJHXw+OP4ZezL1tUs=phN^Q<ajb=DGRYXwnS-lEtiqY
z<frQHk&G0bcD}r@nR4F*#?F;03be|bX?NbkjK|JLXOk{3&rif|A{D1QLy-_VbXfN<
z`&SwtIfw(ew@5F}*W~2($7(fcbFJ&i{R!6o{(JXA6Go7A?f0+7=m(n5mSsl@X02PS
z-WAkN+CBDC0Juwc><R~*^;Bg@=LH+}=1lFi@bNQ@$bvI%*KR054Mda5?OV~x-9V>d
z8tf1oq$kO`_sV(NHOSbMwr=To4r^X$`sBW4$gWUov|WY?xccQJN}1DOL|GEaD_!@&
z15p?Pj+>7d`@<hmz7-`Nlqgl%etYhVq(Lsv5EWt?S5qiu*a*btqng6H#LO-oz2SH0
z^xQ6+AKHkG1#oA+26Ir>LvNIu9*^hPN)pwcv|akvYYq)ks%`G>!+!pW{-iXPZsRp8
z35LR;DhseQKWYSD`%gO&k$Dj6_6q#vjWA}rZcWtQr=Xn*)kJ9kacA=esi*I<)1>w^
zO_+E>QvjP)qiSZg9M|GNeLtO2D7xT6vsj`88sd!94j^AqxFLi}@w9!Y*?nwWARE0P
znuI_7A-saQ+%?MFA$gttMV-NAR^#tjl_e{R$N8t2NbOlX373>e7Ox=l=;y#;M7asp
zRCz*CLnrm$esvSb5{<D+-TvHfiAKWjMv@f{O6HO_6qs!bUPBzAT_=n|ZXu1_p<5Uy
z3h~@8-S?LvkCJ{s{eD*A;Sn*288f6#+AhGxs`&<L9qn^;Z22jipcEpYF_>T<$6CjY
zmZ(i{Rs_<#pWW>(HPaaYj`%YqBra=Ey3R21O7vUbzO<NIYfKSkPH64b-_2c5+D94m
z%iNp4`dUo?NvQw#46nFlJ1h6~OcEsuw4>kJJO?V`4-D*u4$Me0Bx$K(lYo`JO}gnC
zx`V}a7m-hLU9Xvb@K2ymioF)vj12<*^oAqRuG_4u%(ah?+go%$kOpfb`T96P+L$4>
zQ#S+sA%VbH&mD1k5Ak7^^dZoC>`1L%i>ZXmooA!%GI)b+$D&ziKrb)a=-ds9xk#~&
z7)3iem6I|r5+ZrTRe_W861x8JpD`DDIYZNm{$baw+$)X^Jtjnl0xlBgdnNY}x%5za
zkQ8E6T<^$sKBPtL4(1zi_Rd(tVth*3Xs!ulflX+70?gb&jRTnI8l+*Aj9{|d%qLZ+
z>~V9Z;)`8-lds*Zgs~z1?Fg?Po7|FDl(Ce<*c^2=lFQ~ahwh6rqSjtM5+$GT>3WZW
zj;u~w9xwAhOc<<rq!H2nfR^7-SzR`1qG<@9=UVA!*EEe=aj$k=;J{9<>kF}~`CJ68
z?(S5vNJa;kriPlim33{N5`C{9?NWhzsna_~^|K2k4xz1`xcu<DiNXb8<8|Z|Cq-GN
zCj)9M_ZyLriw>i*LXL-1#Y}Hi9`Oo!zQ>x-kgAX4LrPz63uZ+?uG*84@<PwZBwue+
zS_(JptfpR*pv(`dE1<lRh0d;LEi#-yNm1~qOYx|4^9!+8XC372m2S)!zRs|&NM%#C
z+GAUzg{43ESA4LWP=nq0vMI~2O-KLrb1MH&d{DNr{9l?+9m-=0Uz-DYT;s)i8TcR&
zZh}K8#36!G;6ZC+XJ@IPDh1SQ+DH`botOlr$wuj)=;;c=MU$X;yOXeWp?}z{AJeP3
z$QB6%$q~}6J8i8sO`UWW+mc=Rc6o#AK{c`V$1Y3*YS}cR>PKq-KgQlMNRwz=6Yes)
zY}>YN+qP}nwr$(CZQFjUOI=-6J$2^XGvC~EZ+vrqWaOXB$k?%Suf5k=4>AveC1aJ!
ziaW4IS%F$_B<CZJ!UX;hU#7vjr-A^#gKV?ykV>abi)kA8Y&u4F7E%99OPtm=vzw$$
zEz#9rvn`Iot_z-r3MtV>k)YvErZ<^Oa${`2>MYYODSr6?QZu+<Xr5QDI3|}c*=v!t
z7aWklHMNmj(E4@B8u*Z;TyWOKVOpxR#jrE(G|coSCa0%my~OH?4?4W3oGfzXZ^Yl8
zoBlE^JMVJSf5Id9b3E|!Jy&$Nn|?alu2G4}CVoY>be-~MBjwPGdMvGd!b!elsdi4%
z`37W*8+OGulab8YM?`KjJ8e+jM(tqLKSS@=jimq3)Ea2EB%88L8CaM+aG7;27b?5`
z4zuUWBr)f)k2o&xg{iZ$IQkJ+SK>lpq4GEacu~eOW4yNFLU!Kgc{w4&D$4ecm0f}~
zTTzquRW@`f0}|IILl`!1P+;69g^upiPA6F{)U8)muWHzexRenBU$E^9X-uIY2%&1w
z_=#5*(nmxJ9zF%styBwivi)?#KMG96-H@hD-H_&EZiRNsfk7mjBq{<vAyj;V$oY$;
zeFf@1qm*3JDo_jY%mMvJK|}hElB4>L%!E;Sqn!mVX*}kXhwH6eh;b42eD!*~upVG@
z#smUqz$ICm!Y8wY53gJeS|Iuard0=;k5i5Z_<S6ivK6}$qoRMsg7V!3nguv@i1IcG
zTip=0gi~_71}Ye%-y+=r)peyFsi|a3!G{6XxhN#Qh|@7<<1d75@UG8;<MS%cR=T4O
zoC};`)PZx1F>hSIs6tr)R4n*r*rE`>38Pw&lkv{_r!jNN=;#?WbMj|l>cU(9trCq;
z%nN~r^y7!kH^GPOf3R}?dDhO=v^3BeP5hF|%4GNQYBSwz;x({21i4OQY->1G=KFyu
z&6d`f2tT9Yl_Z8YACZaJ#v#-(gcyeqXMhYGXb=t>)M@fFa8tHp2x;ODX=Ap@a5I=U
z0G80^$N0G4=U(>W%mrrThl0DjyQ-_I>+1Tdd_AuB3qpYAqY54upwa3}owa|x5iQ^1
zEf|iTZxKNGRpI>34EwkIQ2zHDEZ=(J@lRaOH>F|2Z%V_t56<AC&&@dFD$aTcihA@L
zsrWd?<myPVagWF6k#axl>Km$PUYu^xA5#5Uj4I4RGqHD56xT%H{+P8Ag>e_3p<L4#
zGGo`21LS^`#&pLj%z6&83bF#woRX8gnyg4E`RMx;A0GPTje`oZWY-mmMzZp&3~FVT
z%&JKi++U_$aax?RigODkBI8D0f>N$4m8n>i%OyJFPNWaEnJ4McUZPa1QmOh?t8~n&
z&RulPCors8wUaqMHECG=IhB(-tU2XvHP6#NrLVyKG%Ee*mQ5Ps%wW?<IHwX<9-vb-
zW|;MpO8qp-ZnW!-s%jOBntq(xp658aSEi+O=TlVuEDFeZ;Vf58T5E5oJgpsS$z*|w
z_>mcnriTVRc4J`2YVM>$ixSF2Xi+Wn(RUZnV?mJ?GRdw%lhZ+t&3s7g!~g{%m&i<6
z5{ib-<==DYG93I(yhyv4jp*y3#*WNuDUf6`vTM%c&hiayf(%=x@4$kJ!W4MtYcE#1
zHM?3xw63;L%x3drtd?jot!8u3qeqctceX3m;tWetK+>~q7Be$h>n6riK(5@ujLgRS
zvOym)k+VAtyV^mF)$29Y`nw&ijdg~jYpkx<Yqc8N6p%GnFnUNecXA;^tBlRNJF2~8
z83k&Izk?JNwKq$7B{7SaDzJleOD3(MTg8JS?=Wa}5<9yFzA)j$wyJG`eyNKZ->%*^
z8dz`C*g=I?;clyi5|!27e2AuSa$&%UyR(J3W!A=ZgHF9OuKA34I-1U~pyD!KuRkjA
zbkN!?MfQOeN>DUPBxoy5IX}@vw`EEB->q!)8fRl_mqUVuRu|C@KD-;yl=yKc=ZT0%
zB$fMwcC|HE*0f8<f|{q<VA<GPwt+_1vdY4dp0vY!lyK4+MMzS+wPs8%Y!YQ?CyA-f
z|5A#Ax91*K+5prTyd;RpVWXU<95EBu#@OP?@CFlP#ju<zpg)t6EZ7t+Phz{i%)wGY
z8Sly%qPUn+-#Zc6fnT8&C%dW&XQx|!Q}Y8ZE~UUjv&VIXbif`Up{+OPP#QE?I~5wN
zHg1NwMkYZhg(4h)DfG}WB{D2YgF!n(>+PVlW<RX4?O?hiF?W-4C-rmr<l4%Mf}qji
zkPzoVbI6zl!<d=O(O@8ySZ)?gs-s}EQaJeWY|cHwm*h+8s-uBy$q^5SBFqHNH!Nya
zV@RFH@>Hi>M`zfsA(NQFET?LrM^pPcw`cK+Mo0%8*x8@65=CS_^$cG{GZQ#xv($7J
z??R$P)nPLodI;P!IC3eEYEHh7TV@opr#*)6A-;EU2XuogHvC;;k1aI8asq7ovoP!*
z?x%UoPrZjj<&&aWpsbr>J$Er-7!E(BmOyEv!-mbGQGeJm-U2J>74>o5x`1l;)+P&~
z>}f^=Rx(ZQ2bm+YE0u=ZYrAV@apyt=v1wb?R@`i_g64YyAwcOUl=C!i>=Lzb$`tjv
zOO-P#A+)t-JbbotGMT}arNhJmmGl-lyUpMn=2UacVZxmiG!s!6<s%>H39@~&uVokS
zG=5qWhfW-WOI9g4!R$n7!|ViL!|v3G?GN6HR0Pt_L5*>D#FEj5wM1DScz4Jv@Sxnl
zB@MPPmdI{(2D?;*wd>3#tjAirmUnQoZrVv`xM3hARuJksF(Q)wd4P$88fGYOT1p6U
z`AHSN!`S<vf~_mGQCqX)ayUeL8g`S?LD*d~o*;e7Butl14T(z{eOwARI#k6Z+()QR
zRb-Fll&T}^(XzJMq%~^W5vm%)tln8#72}u>t}}UMBT9o7i|G`r<n?jT0vW2UItF>$
zrB=s$qV3d6$W9@?L!pl0l<c#ekbP<;Y&UotwnNp9`G`wO^=Aisw282N+FetlbD$(D
z7M*F%Rd<HPvo2^kToVnJhdjmlUST#jY=_jHJl3UwxoOwN6*yj#Q|53p9z(c~{M95w
z2|XIj8-<CPgenTQC)l6Cq+N$TfYAFyPq>f%)xs%1ko^=QY$ty-57=55PvP(^6E7cc
zGJ*>m2=;fOj?F~yBf@K@9qwX0hA803Xw+b0m}+#a(>RyR8}*Y<4b+kpp|OS+!whP(
zH`v{%s>jsQI9rd$*vm)EkwOm#W_-rLTHcZRek)>AtF+~<(did)*oR1|&~1|e36d-d
zgtm5cv1O0oqgWC%Et@P4Vhm}Ndl(Y#C^MD03g#PH-TFy+7!Osv<s)+{oZ?`ap%hJ=
z*bwh1?V<z`MwG&0U7SJ4*@zJBC@n5eBU+e74xsX-sjHT`s*lOwc6j~7QTT;glq}6g
z&*%49-SpK^iuY*QN`=#PT9cA+UIO{$3ZZc%>1z^UWS9@%JhswEq~6kSr2DITo59+;
ze=ZC}i2Q?CJ~Iyu?vn|=9iKV>4j8KbxhE4&!@SQ^dVa<p=`%D$z@S%=#yKBRv78Cx
zjasr<f+hkxQ?tW2jO~X7qqFZ|M=u+1v6N#}-O}J_%RE)_BxhmClZdOv0jO$0)%AEc
ze|Be+FNW#V0(^5Jes;NbH!9p(kf|KS=`TmjGtzk>-gK@YfS9xT(0kpW*EDjYUkoj!
zE49{7H&E}k%5(>sM4uGY)Q*&3>{aitqdNnRJkbOmD5Mp5rv-hxzOn80QsG=<y&iAv
zoygUqB(HTOw-D%a7G$=rjE8g{ZQXwB7#B8Wxwbz08Jsb0u509=?`<rrdnI^FIQeST
zajiSMO#8sNw9ue(d(mgN_gC&Vg<qYQ+k22&7!tdVX?_7@F@`@;me)sGM-^Ywu1rH7
zrh<OEbzwuL!xTCj@ogj=wajI}heZh^mL#4*plBwGap)3#yRP80rCsAW+D2zjCMM5q
zqlNo=Si)901Ml@}Ixwm^bC{eJIZ?9!vFEj>HJ_atI-EaP69cacR)Uvh{G5dTpYG7d
zbtmRMq@Sexey)||UpnZ?;g_KMZq4IDCy5}@u!5&B^-=6yyY{}e4Hh3ee!ZWtL*s?G
zxG(A<f#J^YQ1Cz#m-<*_U8HvcG@jc-yMVZp(Zo}py?|jD+4D`Fd+W<A%;vg-apbky
zCI&lkC9TywfFKW;HsiG-H-QDFbT8RZIi@8evyVwL`-aRfT@rSZ(^#qGvae0S2@BTa
z!i>!<FWySf`?H|6p^KKhe*MH{y8K^`R9uZ{0qEqFRq4ez&thQ*WY!<HUw}@VSbJ69
zLD1)><9o!CL+q?u_utltPMk+hn?N2@?}xU0KlYg?Jco{Yf@|mSGC<(Zj^yHCvhmyx
z?OxOYoxbptDK()tsJ42VzXdINAMWL$0Gcw?G(g8TMB)Khw_|v9`_ql#pRd2i*?CZl
z7k1b!jQB=9-V@h%;Cnl7EKi;Y^&NhU0mWEcj8B|3L30Ku#-9389Q+(Yet0r$F=+3p
z6AKOMAIi|OHyzlHZtOm73}|ntKtFaXF2Fy|M!gOh^L4^62kGUoWS1i{9gsds_GWBc
zLw|TaLP64z3z9?=R2|T6Xh2W4_F*$cq>MtXMOy&=IPIJ`;!Tw?PqvI2b*U1)25^<2
zU_ZPoxg_V0tngA0J+mm?3;OYw{i2Zb4x}NedZug!>EoN3DC{1i)Z{Z4m*(y{ov2%-
zk(w>+scOO}MN!exSc`TN)!B=NUX`zThWO~M*ohqq;J2hx9h9}|s#?@eR!=F{QTrq~
zTcY|>azkCe$|Q0XFUdpFT=lTcyW##i;-e{}ORB4D?t@<rUy??=TuYp_*>SfqGo_cS
z->?^rh$<&n9DL!CF+h?LMZRi)qju!meugvxX*&jfD!^1XB3?E?HnwHP8$;uX{Rvp#
zh|)hM>XDv$ZGg=$1{+_bA~u-vXqlw6NH=nkpyWE0u}LQjF-3NhATL@9rRxMnpO%f7
z)EhZf{PF|mKIMFxnC?*78(}{Y)}iztV12}_OXffJ;ta!fcFIVjdchyHxH=t%ci`Xd
zX2AUB?%?poD6Zv*&BA!6c5S#|xn~DK01#XvjT!w!;&`lDXSJT4_j$}!qSPrb37vc{
z9^NfC%QvPu@vlxaZ;mIbn<z7Vac;-rGaZpnh<SqY8Q9CG{=8AL&W;*Sy0lmLjV&JM
zXa)osQ>-VHA6miwi8qJ~V;pTZkKqqOii<1Cs}0i?uUIss;hM4dKq^1O35y?Yp=l4i
zf{M!@QHH~rJ&X~8uATV><23zZUbs-J^3}$IvV_ANLS08>k`Td7aU_S1sLsfi*C-m1
z-e#S%UGs4E!;CeBT@9}aaI)qR-6NU@kvS#0r`g&UWg?fC7|b^_HyCE!8}nyh^~o@<
zpm7PDFs9yxp+byMS(JWm$NeL?DNrMCNE!I^ko-*csB+dsf4GAq{=6sfyf4wb>?v1v
zmb`F*bN1KUx-`ra1+TJ37bXNP%`-Fd`vVQFTwWpX@;s(%nDQa#oWhgk#mYlY*!d>(
zE&!|ySF!mIyfING+#%RDY3IBH_fW$}6~1%!G`s<xV|$thPk-h^=fMv&Hnp;VPWb4H
zXg`{=`?M7=Dq8myqz|0%?*$bn?$egRMQTPls(~O?p^=8tlp~~ufW)FLrAIKI*rXSW
zW3!I>uHub1kP@&DoAd5~7J55;5_noPI6eLf{t;@9Kf<{aO0`1WNKd?<)C-|?C?)3s
z><QEhe||>wEq@8=I$Wc~Mt$o;g++5qR+(6wt9GI~pyrDJ%c?gPZe)owvy^J2S=+M^
z&WhIE`g;;J^xQLVeCtf7b%Dg<YLp9$rJl%g{x?f$ghgkcL$GZMdvMR@u|x}I{Qe9_
z&q1ULjNa6Q(nZR+2Nc7yG$v_t1HN@ezTla8$YpCXrW3pKiQm{R;n=1<rvBfU^9P{3
z@$nqa83WF+{OCA+1Zn*g;2x4@KoiX%brVdz6t^EGHy~>#Z2gq9hp_%g)-%_`y*zb;
zn9`f`mUPN-Ts&fFo(aNTsXPA|J!TJ{0hZp0^;<tHD4nK@wPbS|=fM$wSV$taTPGqt
zGB^u*%|y@PNxElDVJ;aR!0wT&iI7kZpng0zO52HM*WmK30Q~Yu);w=*5<AVVovc^R
z`k-Z;-8;PJFrU7VpM3N7QZ`+O#qh*wm2>MYHLOcD=r_~~^ymS8KLCSeU3;^QzJNqS
z5{5rEAv#l(X?bvwxpU;2%pQftF`YFgrD1jt2^~Mt^~G>T*}A$yZc@(k9orlCGv&|1
zWWvVgiJsCAtamuAYT~nzs?TQFt<1LSEx!@e0~@yd6$b5!Zm(FpBl;(<fB3D_;m2?l
z3de#U|K3raz4D?vBz^xW?Wg=mvwNg@|1i>Cn>2vF<?km-o@xWuhxn3bs$Pljx=>?k
zOm#TTjFwd2D-CyA!mqR^?#Uwm{NBemP>(pHmM}9;;8`c&+_o3#E5m)JzfwN?(f-a4
zyd%xZc^oQx3XT?vcCqCX&Qrk~nu;fxs@JUoyVoi5fqpi&bUhQ2y!Ok2pzsFR(M(|U
zw3E+kH_zmTRQ9dUMZWRE%Zakiwc+lgv7Z%|YO9YxAy`y28`Aw;WU6HXBgU7fl@dnt
z-fFBV)}H-gqP!1;V@Je$WcbYre|dRdp{xt!7sL3Eoa%IA`5CAA%;Wq8PktwPdULo!
z8!sB}Qt8#jH9Sh}QiUtEPZ6H0b*7qEKGJ%ITZ|vH)5Q^2m<7o3#Z>AKc%z7_u`rXA
zqrCy{-{8;9>dfll<T^QC7i-!Fb6U7Jr)|#XOupnl(tkS3y$lcK{_fXxPcyuknfQ~x
zf@~St3JeO(?cJD*9%zow(<yIgW%x$m#slX3pj{at{@6iEH?BdH^RYnm8&dJ7wK$@@
zVWq~nxej{11A23OWBxqf9N%DH_7R<7fAS~Y3ol-7Pi{v{|9EqM&L`?kzu+YCrvBtt
z_D%ic$wLdbBkX0psXy+e8ZxCG;Pms~Doa?=r+ky&_1GWZ)usQYvh=^J`X>Lu$^M5L
z-hXs))h*qz%~ActwkIA(qOVBZl2v4lwbM>9l70Y`+T*elINFqt#>OaVWoja8RMsep
z6Or3f=oBnA3vDbn*+HNZP?8LsH2MY)x%c13@(XfuGR}R?Nu<|07{$+Lc3$Uv^I!MQ
z>6qWgd-=aG2Y^24g4{Bw9ueOR)(9h`scImD=86dD+M<j=UE|C;@sK-I;*&dQ=%}gk
z)B!@EvJAu)BjncrBD%^q6<)oeX~UkPqgBXuU#=iDAF)wuM3*6$<L0BUP6j>nSN4$6
z^U*o_mE-6Rk~Dp!ANp#5RE9n*LG(Vg`1)g6!(XtDzsov$Dvz|Gv1WU68J$CkshQhS
zCrc|cdkW~UK}5NeaWj^F4MSg<F<s`^q0<TvPF|H0&oNb>FM+@fJd{|LLM)}_O<{rj
z+?*Lm?owq?IzC%U%9EBga~h-cJbIu=#C}XuWN>OLrc%M@Gu~kFEYUi4EC6l#PR2JS
zQUkGKrrS#6H7}2l0F@S11DP`@pih0WRkRJl#F;u{c&ZC{^$Z+_*lB)r)-bPgRFE;*
zl)@hK4`tEP=P=il02x7-C7p%l=B`vkYjw?YhdJU9!P!jcmY$OtC^12w?vy3<<=tlY
zUwHJ_0lgWN9vf>1%WACBD{UT)1qHQSE2%z|JHvP{#INr13jM}oYv_5#xsnv9`)UAO
zuwgyV4YZ;O)eSc3(mka6=aRohi!HH@I#xq7kng?Acdg7S4vDJb6cI5fw?2z%3yR+|
zU5v@Hm}vy;${cBp&@D=HQ9j<G=bG8X+ilNJ?RJXvDOEMBde)25_E~7I?MU+6ykbEe
zwlwWZTbqdW7A20%*{o<J`$q1@Ycld!(_(EqnYMdl&`5dkZIC_te`M|#=Iw~8P<CJb
zRB_sFh_lP4SX6pZnM=9HIz|6*yQoYN$ysd{HU9aoSvP2U?umOV9m0QY=>7NcFaOYL
zj-wV=eYF{|XTkFNM2uz&T8uH~;)^Zo!=KP)EVyH6s9l1~4m}N%XzPpduPg|h-&lL`
zAXspR0YMOKd2yO)eMFFJ4?sQ&!`dF&!|niH*!^*Ml##o0M(0*uK9&yzekFi$+mP9s
z>W9d%Jb)PtVi&-Ha!o~Iyh@KRuKpQ@)I~L*d`{O8!kRObjO7=n+Gp36fe!66neh+7
zW*l^0tTKjLLzr`x4`_8&on?mjW-PzheTNox8Hg7Nt@*SbE-%kP2hWYmH<as3s;3dB
zGF)lQb4*{W{s~m$kJ_;7j;cfOyu}B&y0s+jVVv$_H@egmCSN7X?3gk9bYo6swHDQ9
zg-L}N$+=uhC+gRRN)XP@3cO>u#Fn@Q^J(SsPUz*|EgOoZ6<W=Bo)J0Q;m559tyuE#
zLg%v9lH_9r;=_EOdj#0`D7^XXPL;8V>byg3ew88UGdZ>9B2Tq=jF7<EJ!TXj@;|w{
zdf7ZfHx+mvI`W&PIP#=oO`B12md1xam~79(oqs4UUMnyRq{81HXVL2E;h(%Ol(A~}
z^n4*)dGf~yP6-Dv!SSnD?Mdu}C3S%8f7rg+6A3U%FuEXLg<+Iwh%-7NKl@rQpvaJ}
zHwX`+=9DZH9MoIn^aYb`vA~19+Y@$$L7>2ZaR=4u%1A6Vm{O#?@dD!(#tmR;eP(Fu
z{$0O%=Vmua7=Gjr8nY%>ul?w=FJ76O2js&17W_iq2*tb!i{<q|g+F8+dEk=7I*b$k
zfHy1#iZ?<b)WRJw_Q;_?7Qr1x1fOwWj3fU+i95=;^viGx>pt#`qZB#im9Rl>?t?0c
zicIC}et_4d+CpV<WYvG+Qy=M4fqRlShrB0ABj<1vxR!nk?HzgR{1Zy7dT(ql^LGHk
zbtwjlkw%2Sz_=?Ev5<S4+oS_d`MXZIuh9f&=WusVxCg&4M6SulVC6tXa%y3~fy$$=
zgaqCG;I2JkQp{af=&tkR1)k?Mq*~2KarL#o{N9l8`n2Q*{dFn2Aqheuy5pK*5~@dn
zAUq?gaZTTGiAPWtrINms0FE~Rk&J-igF4wai(k+!<AvEH>Px)i4~$u6N-QX3H77ez
z?ZdvXifFk|*F8~L(W$OWM~r`pSk5}#F?j_5u$Obu9lDWIknO^AGu+Blk7!9Sb;NjS
zncZA?qtASdNtzQ>z7N871IsPAk^CC?iIL}+{K|F@BuG2>qQ;_RUYV#>hHO(HUPpk@
z(bn~4|F_jiZi}Sad;_7`#4}EmD<1EiIxa48QjUuR?rC}^HRocq`OQPM@aHVKP9E#q
zy%6bmHygCpIddPjE}q_DPC`VH_2m;Eey&ZH)E6xGeStOK7H)#+9y!%-Hm|QF6w#A(
zIC0Yw%9j$s-#odxG~C*^MZ?M<+&WJ+@?B_QPUyTg9DJGtQN#NIC&-XddRsf3n^AL6
zT@P|H;PvN;ZpL0iv$bRb7|J{0o!Hq+S>_NrH4@coZtBJu#g8#CbR7|#?6uxi8d+$g
z87apN>EciJZ`%Zv2**_uiET9Vk{pny&My;+WfGDw4EVL#B!Wiw&M|A8f1<o!4D>A@
z(yFQS6jfbH{b8Z-S7D2?Ixl`j0{+ZnpT=;KzVMLW{B$`N?Gw^Fl0H6lT61%T<G)JV
zFxXraywnpF6xC3GQdEFWGnwf8cSTaqeK41;?*^^tH^znLzqXnF%VFT3@UDLz31Yt~
zt1AL1yu0;x;(?~W6+jJ9LrfK`D&ByIA}l1-7&U_j+YQ~7z`JkDZjlblA8d}I;WH{g
zC0ES-Qvh<>2AU**!sX0u?|I(yoy&Xveg7XBL&+>n6jd1##6d>TxE*<Ar(sc(Bu^|z
z9hrl)GNg{$efJd|)cea$o#jV;Q4r8b+A}r|>Vj=8lWiG$4<VK5A=k4M5~-nvjP-{O
zV8pcf=E2RAG{W@WaSbt<oK%uC(9#~x&_$sDRj@|UZmCgRQbRy`>=u{1UbAa5QD>5_
z;Te^42v7K6Mmu4IWT6Rnm>oxrl~b<~^e3vbj-GCdHLIB_>59}Ya+~OF68NiH=?}2o
zP(X7EN=quQn&)fK>M&kqF|<_*H<cwCuNRp|+zL#!8ahs~;&EDeLAe8)G*^PjIAy0l
zK-!LhT}2?RS2cld8@7BXA8OL=0Ov9pNm3Zz3)LmJLDvDNjh52-LPTzuVhjZ)*F~32
z){Y^W2Jp7@2l};<g80X*y6xQ=?e?^N18tu9n%iDKPIA*?LsU4H8AEjezYO`=Z>`}c
zk=+x)GU>{Af#vx&s?`UKUsz})g^Pc&?<rGKpJnw3;kV`E!|r0J-GJ}YEK3ik6lvJ?
zLkm)B;+6)qz)}5@`>Ka@t5$n$bqf6{r1>#mWx6Ep>9|A}VmWRnowVo`OyCr^fHsf#
zQjQ3Ttp7y#iQY8l`zEUW)(@gGQdt(~rkxlkefskT(t%@i8=|p1Y9Dc5bc+z#n$s13
zGJk|V0+&Ekh(F};PJzQKKo+FG@KV8a<$gmNSD;7rd_nRdc%?9)p!|B-@P~kxQG}~B
zi|{0}@}zKC(rlFUYp*dO1RuvPC^DQOkX4<+EwvBAC{IZQdYxoq1Za!MW7%p7gGr=j
zzWnAq%)^O2$eItftC#TTSArUyL$U54-O7e|)4_7%Q^2tZ^0-d&3J1}qCzR4dWX!)4
zzIEKjgnYgMus^>6uw4Jm8ga6>GBtMjpNRJ6CP~W=37~||gMo_p@GA@#-3)+cVYnU>
zE5=Y4kzl+EbEh%dhQokB{gqNDqx%5*qBusWV%!iprn$S!;oN_6E3?0+umADVs4ako
z?P+t?m?};gev9J<xrvMj?JFjsZtWf-quiC#u!BU{j|Z+>XQ#Q&KBpzkHPde_CGu-y
z<{}RRAx=xlv#mVi+Ibrgx~ujW$h{?zPfhz)Kp7kmYS&_|97b&H<SL`_{AO<9v%D@8
z77}Y!`#c~v^P+jNiCZgjk$Eu}e?ht~^R`2pg1iPEhXjZVjl-b|*N?0??d5-7i{PRl
z3g-#j3NiART8({yLdUJE-H38|G`rTLl78)2#f9E)ErZoi-Fv`N>&1;J-mzrBWAvY}
zh8-I8hl_RK2+nnf&}!W0P+>5?<Hy2Ocrq-T%g(e-iJ80Q4bGbph6Yn^Ms~*iS%y{)
zR2+@$12xU46My)mb>#?7>npshe<1~&l_xqKd0_>dl_^RMRq@-Myz&|TKZBj1=Q())
zF{dBjv5)h=&Z)Aevx}+i|7=R9rG^Di!sa)sZCl&ctX4&LScQ-kMncgO(9o6W6)yd<
z@Rk!vkja*X_N3H<e&P>=BavGoR0@u0<}m-7|2v!0+2h~S2Q&a=lTH91OJsvms2MT~
zY=c@LO5i`mLpBd(vh|)I&^A3TQLtr>w<oiU80F37l%jO+9L*(6rNJUMQj^mVFrb+K
zbGro$m)k-Mjv2y`V6hi@N1PB7T=%YP1zSAYt&?4uC<+;v72DJZ+TM4vL%d*d?N7Xm
zm~6OL8)rh0XIoR7pN2ODrL%*K0lO((1E{nb4eXnWhR0-4)N_A|nFyFl!4Fa367d3@
z5ruJel)z&kDcd>=zoyzTd=^f@TPu&+*2M<c+GXcqi<cQ#^OejZI|Po8an{Oh-2ytX
zK$MlFe&+@V&gTQgY2e7YqN66POe*A5=RfoUd8+16QdDQgjc}%@)Xu?E)Qo-5tDtuz
z4rP5$Edgx(g_-m&v|zI|MckDZ-*>tqE$Avf>l>}V|3-8Fp2hzo3y<)hr_|NO(&oSD
z!vEjTWBxbKTiShVl-U{n*B3#)3a8$`{~Pk}J@elZ=>Pqp|MQ}jrGv7KrNcjW%TN_<
z<z)esuQW6ysSYp|l#vPogjN7FRRzUSYY_7@QvtoS=9E#^iV5{mHb2N$06kv?{KQ4Y
z{TIb}bD_}cTt+x=_xX$O`O??h@892&xEZqrh{KpSgAqXMBaR^COdOFm;FKQkZc`(c
zwDTDp)<-#gdF+f;!ecTz69+_etlx5gTTYuJs36}MFftQ@Rn)MRhY91bCzTEgj4fv-
z1m@JGpa{H2uzVIbIvR(+jPWIY>Zz8kG{#}XoeWf7qY?D)L)8?Q-b@Na&>i=)(@uNo
zr;cH98T3$Iau8Hn*@vXi{A@YehxDE2zX~o+RY`)6-X{8~hM<uAyYp&U>pc#C`|8y>
zU8Mnv5A<tzpBv6FvrIokz@rbXa#{jdGJP~6p^wT|HfyYaG;wVV>0dNCf{Ims*|l-^
z(MRp{qoGohB34|ggDI*p!Aw|MFyJ|v+<+E3brfrI)|+l3W~CQLPbnF@G0)P~L<BK0
zSRP{4S$9zWWM`Nd;Q6_XmCkEyF=0l#GeYa7+r&_CD~4h2$_LU;yCc{i*o}5aXnx3N
zHqrCmEq3l-{2sjER%{`iHdHZ!Iy}l{>y!1TJLp}xh8uW`Q+RB-v`MRYZ9Gam3cM%{
zb4Cb*f)0deR~wtNb*8w-LlIF>kc7DAv>T0D(a3@l`k4TFnrO+g9XH7;nYOHxjc4lq
zMmaW6qpgAgy)MckYMhl?>sq;-1E)-1llUneeA!ya9KM$)DaNGu57Z5aE>=VST$#vb
zFo=uRHr$0M{-ha>h(D_boS4zId;3B|Tpqo|?B?Z@I?G(?&Iei+-{9L_A9=h=Qfn-U
z1wIUnQe9!z%_j$F_{rf&`ZFSott09gY~qrf@g3O=Y>vzAnXCyL!@(BqWa)Zqt!#_k
zfZHuwS52|&&)aK;CHq9V-t9qt0au{$#6c*R#e5n3rje0hic7c7m{kW$p(_`wB=Gw7
z4k`1Hi;Mc@yA7dp@r~?@rfw)TkjAW++|pkfOG}0N|2guek}j8Zen(!+@7?qt_7ndX
zB=BG6WJ31#F3#Vk3=aQr8T)3`{=<slU+RdlO4Hx0LKNQR4%csKlqXTo6ajrnOY1?l
z2r$(|0XiBb*T4;#8^X*fOz~r=4-{-Rg2n@oH;R!)WGF~o7e;4%=egC+*SUH9@8hON
zRPT>p9nBHlKzE0I@v`{vJ}h8pd6vby&VgFhzH|q;=aonunAXL6G2y(X^CtAhWr*jI
zGjpY@raZD<b_G8JA5s~o@XVViP=?1H?fxk4Pq8R3l2eNln--&c-a(Has8}t#E^(Q*
z=etk{kVRr~2G*+i5b{q+oG(h}R?d-3m0XJJnzvrMZ{1Tcuc{eb>Qkg*aMq}Ni6cRF
z{oWv}5`nhSAv>usX}m^GHt`f(t8@zHc?K|y5Zi=4G*UG1Sza<E8z;l0@bYZ=%a=Vj
z;(n{V1K(1!(<%HdezN^efpP}6_GMFH7m;Wi+()}?4ujb&c~IZ9n3_46*IsTeu9}IF
zAHtU!f4FyUb=kmL3?2I)J-&6Gd2ry1tzU??1iAVB#U4q&;ymb8Acc3xb>{$Dpj%X8
zzEXaKT5N6F5j4J|w#qlZP!zS7BT)9b+!ZSJdToqJts1c!)fwih4d31vfb{}W)EgcA
zH<Fzt5KT4ycl;#zc0!>2pZ^8_k$9+WD<i98{Ka+NY@mr?q>2n`6q5XbOy8>3pcYH9
z07eUB+p<MBNmyg&c4=0;V0B;H%kvu8{sr|yy1~@CobFcUpM3np-7P6;)H5)%*}VV!
zs>}YD@AH!}p!iKv><2QF-Y^&xx^PAc1F13A{nUeCDg&{hnix#FiO!fe(^&%Qcux!h
znu*S!s$&nnkeotYsDthh1d<XHQ3s(h4m+vOMx>q(iQrE|#f_=xVgfiiL&-5eAcC->
z5L0l|DVEM$#ulf{bj+Y~7iD)j<~O8CYM8GW)dQGq)!mck)Fq<!^H$Md3d7YY>oL^X
zwNdZb3->hFrbHFm?hLvut-*uK?zXn3q1z|UX{RZ;-WiLoOjnle!xs+W0-8D)kjU#R
z+S|A^HkRg$Ij%N4v~k`jyHffKaC~=wg<B%ejScY(fj1p_Et27-otoLjL&tKK?8UFN
z%LmnQSnbvpU~;3CWrogVy$oe+4WUkv3SFe(IPiTs$quv+%sU!wurQ6_fZ24IJohEM
zcoKJZay#47ydH__P37To$-Zc()PCOL+72Tm7bmvHtaIu(yG&E4_6jcPE=`5js7(E{
zHf(+WB2w4d@46GMBedn8XLGQp(O+G%3$)&`I%c&|x#vNWkyh%{DGUV$KZ2p<j&Y}k
z)Hs|`mlvf!{5N2bF{_PGj>=9)V5h=|kLQ@;^<Ah@>W!o2^K+xG&2n`XCd>OY5Ydi=
zgHH=lgy++erK8&+YeTl7VNyVm9-GfONlSlVb3)V9NW5tT!cJ8d7X)!b-$fb!s76{t
z@d=Vg-5K_sqHA@Zx-L_}wVnc@L@GL9_K~Zl(h5@AR#FAiKad8~KeWCo@mgXIQ#~u{
zgYFwNz}2b6Vu@CP0XoqJ+dm8px(5W5-Jpis97F`+KM)TuP*X8H@zwiVKDKGVp59pI
zifNHZr|B+PG|7|Y<*tqap0CvG7tbR1R>jn70t1X`XJixiMVcHf%Ez*=xm1(CrTSDt
z0cle!+{8*Ja&EOZ4@$qhBuKQ$U95Q%rc7tg$VRhk?3=pE&n+T3upZg^ZJc9~c2es%
zh7>+|mrmA-p&v}|OtxqmHIBgUxL~^0+cpfkSK2mhh+4b=^F1Xgd2)}U*Yp+H?ls#z
zrL<PO4@qqmi4_%|jPx)N+G{$0%%C1sw{T2fligwqmFd}O+TemcgfxBHvt~23Bx!g6
zxl(O6;y4BH9zTxeA;{A3a_g71v+`o{0uNyu^e>xWg<ZgPjZmPtQ00F}!Yn5nf)<mA
zPThc#yhGf@^9{9a3jZx|NAA<vxc>_hm}AfK2XYWr!rzW4g;+^^&b<P<GfK{gLe<5#
zz<cH|<aY5Fl~>W%LmbtRai9f3PjU${r@n`JThy-cphbcwn)rq9{A$Ht`lmYKxOacy
z6v2R(?gHhD5@&kB-Eg?4!hAoD7~(h>(R!s1c1Hx#s9vGPePUR|of32bS`J5U5w{F)
z>0<^ktO2UHg<0{oxkdOQ;}coZDQph8p6ruj*_?uqURCMTac;>T#v+l1Tc~%^k-Vd@
zkc5y35jVNc49vZ<e37Ty%GD$DqTd&uKFEzb4j%X5FO|fqPqoGYc%Ro7*qb9?JK#sE
zI2o9q*t*5>pZx;gG$h{%yslDI%Lqga1&&;mN{Ush1c7p>7e-(zp}6E7f-XmJb4nhk
zb8zS+{IVbL$QVF8pf8}~kQ|dHJAEATmmnrb_wLG}-yHe><YsE2_~l#l9buQgFXI0`
z(u#b`J=xeBn*3{z^^KAJhXQfvz6EP5l^cD~&vo$LApQd(9gm=munnZ7Bo%LVbi4uK
zNXnx%%rjW{zE{2bapVCkVel~q0upm?=gb{+Eu=B+Z46t{KAKTo1TyYq%j=)TaZP<&
zIfR5WHOe}iiPn?Y<W*8!U(>W|A&Y|;muy-d^t^<&)g5SJfaTH@P1%euONny=mxo+C
z4N&w#biWY41r8k~468tvuYVh&XN&d#%QtIf<GZUR`2QH9h^d*OtBuRQhWwr4nLC*}
zJIh#pCwzAQa(pUP-B<pHxsDxMcBm<`k^}{cmcTX^FsUjvw57E+0Tz}NDT+w-9BC))
zHeGkeroi7YzPFY1zKi5#bbT&jA=fhB<;*YQFRw+++(kz*-d7|)7ibRL<jGF<*B$4+
z`|k6bU2=c_Psjo4w+RtodzK>9;iVXfWY)<X+W}7GbATCgQU`%LT~<fPB3X>#j=<c2
zHd&Dex04~>l`&B~lqDT@28+Y!0E+MkfC}}H*#(WKKdJJq=O$vNYCb(ZG@p{fJgu;h
z21oHQ(14?LeT>n5)s;uD@5&ohU!@wX8w*lB6i@GEH0pM>YTG+RAIWZD;4#F1&F%Jp
zXZUml2sH0!lYJT?&sA!qwez6cXzJEd(1ZC~kT5kZSp7(@=H2$Azb_*W&6aA|9iwCL
zdX7Q=42;@dspHDwYE?miGX#L^3xD&%BI&fN9^;`v4OjQXPBaBmOF1;#C)8XA(WFlH
zycro;DS2?(G&6wkr6rqC>rqDv3nfGw3hmN_9Al>TgvmGsL8_hXx09};l9Ow@)F5@y
z#VH5WigLDwZE4nh^7&@g<bkZm_Vh{ln0@+)lYuu~qeXc#?JCYylKGH|9+kWD0ocxF
z5$1kjN2>{1FV^UZ%_LJ-s<{HN*2R$OPg@R~Z`c-ET*2}XB@9xvAjrK&hS=f|R8Gr9
zr|0TGOsI7RD+4+2{ZiwdVD@2zmg~g@^D--YL;6UYGSM8i$NbQr4!c7T9rg!8;TM0E
zT#@?&S=t>GQm)*ua|?TLT2ktj#`|R<_*FAkOu2Pz$wEc%-=Y9V*$&dg+wIei3b*O8
z2|m$!jJG!J!ZGbbIa!(Af~oSyZV+~M1qGvelMzPNE_%5?c2>;MeeG2^N?JDKjFYCy
z7SbPWH-$cWF9~fX%9~v99L!G(wi!PFp<!s7j4q$86J>>rB!9xj7=Cv<q}(vRw+mcj
z#YR4HX>|F+7CsGNwY0Q_J%FID%C^CBZQfJ9K(HK%k31j~e#&?h<VT6q$5mgm6*^>Q
zNuD6gR<d7v<P!_&8<dm-?#ek*zL2)u8J2l%4_z-z?)QXK(1d9d>kVckU)v+53-fc}
z7ZCzYN-5RG4H7;>>Hg?LU9&5_aua?A0)0dpew1#MMlu)LHe(M;OHjHIUl7|%%)YPo
z0cBk;AOY00%Fe6heoN*$(b<)Cd#^8Iu;-2v@>cE-OB$icUF9EEoaC&q8z9}jMTT2I
z8`9;jT%z0;dy4!8U;GW{i`)3!c6&oWY`J3669C!tM<5nQFFrFRglU8f)5Op$GtR-3
zn!+SPCw|04sv?%YZ(a7#L?vsdr7ss@WKAw&A*}-1S|9~cL%uA+E~>N6QklFE>8W|%
zyX-qAUGTY1hQ-+um`2|&ji0cY*(qN!zp{YpDO-r>jPk*yuVSay<)cUt`t@&FPF_&$
zcHwu1<M$nsSpFX&={p8_cnZ3@SbW>(SQ`I-l8~vYyUxm@D1UEdFJ$f5Sw^HPH7b!9
zzYT3gKMF((N(v0#4f_jPfVZ=ApN^jQJe-X$`A?X+vWjLn_%31KXE*}5_}<jt4v>d8
zw_B1+a#6T1?>M{ronLbHIlEsMf93muJ7AH5h%;i99<~JX^;EAgEB1uHralD*!aJ@F
zV2ruuFe9i2Q1C?^^kmVy921eb=tLDD43@-AgL^rQ3IO9%+vi_&R2^dpr}x{bCVPej
z7G0-0o64uyWNtr*loIvslyo0%)KSDDKjfThe0hcqs)(C-MH1>bNGBDRTW~scy_{w}
zp^aq8Qb!h9Lwielq%C1b8=?Z=&U)ST&PHbS)8Xzjh2DF?d{iAv)Eh)wsUnf>UtXN(
zL7=$%YrZ#|^c{MYmhn!zV#t*(jdmYdCpwqpZ{v&L8KIuKn`@IIZfp!uo}c;7J57N`
zAxyZ-uA4=Gzl~Ovycz%MW9ZL7N+nRo&1cfNn9(1H5eM;V_4Z_qVann7F>5f>%{rf=
zPBZFaV@_Sobl?Fy&KXyzFDV*FIdhS5`Uc~S^Gjo)aiTHgn#<0C=9o-a-}@}xDor;D
zZyZ|fvf;+=3MZd>SR1F^F`RJEZo+|MdyJYQAEauKu%WDol~ayrGU3zzbHKsnHKZ*z
zFiwUkL@DZ>!*x05ql&EBq@_Vqv83&?@~q5?lVmff<cLHceB8mp&F*ZBX}B`|c^idP
zv6n-=r1Y%9B2=MA)BHjW-LyT@+x?-|)~^RdTE*Wmt4T{X?yOR<8KMVy`_8)0^!&oF
z0$q#{$B8*<%lm210;{(CF7N)1MYU#>QZ+V-=qL+!u4Xs2Z2zdCQ3U7B&QR9_Iggy}
z(om{Y9eU;IPe`+p1ifLx-XWh?wI)xU9ik+m#g&pGdB5Bi<`PR*?92lE0+TkRuXI)z
z5LP!N2+tTc%cB6B1F-!fj#}>S!vnpgVU~3!*U<jq0(*nRRh2NkSzq|ekHqi@I{QJ4
zs$%Xz%L?KbVmRwJFka>1ej^)vjUH4s-bd^%B=ItQqDCGbrEzNQi(dJ`J}-U=2{7-d
zK8k^Rlq2N#0G?9&1?HSle2vlkj^KWSBYTwx`2?9TU_DX#J+f+qLi<D9B#g}%V$md`
zk~Ild*}viiyy2C_=6_!CJ#a=26@mjLnII|qn1r<r{`_L^h_&EQU1CrT23vw`5=3<h
zG{v(Q@`P7B9h;CVcDSU+D|~oo@NN9}HbK0D{0!wcrl#V%CP?`IzvTa!#*S)2d1$Yu
z@{MclH9z5OOC5<wLIO8&=t)9CZ5Tx0LQn&eG~9xag*+PbY)P9)O3G<cNK?wZHK1E)
zN?i&=N*5N8I0pp^Xra6>ZCqY1TXHFxXZqYMuD@RU$TgcnCC{_(vwZ-*uX)~go#%PK
z@}2Km_5aQ~(<3cXeJN6|F8X_1@L%@xTzs}$_*E|a^_URF_qcF;Pfhoe?FTFwvjm1o
z8onf@OY@jC2tVcMaZS;|T!Ks(wOgPpRzRnFS-^RZ4E!9dsnj9sFt609a|jJbb1Dt@
z<=Gal2jDEupxUSwWu6zp<<&RnAA;d&4gKVG0iu6g(DsST(4)z6R)zDpfaQ}v{5ARt
zyhwvMtF%b-YazR5XLz+oh=mn;y-Mf2a8>7?2v8qX;19y?b>Z5laGHvzH;Nu9S`B8}
zI)qN$GbXIQ1VL3lnof^6TS~<qSuZSMrS`^DczIf6i8zZ|)TzXBEwW6N#TL3wy;JuH
z4sUyCR`^Gi%H4xvNHCSXsz>rvPVg4V?Dl2Bb*K2z4E{5vy<(@@K_cN@<xbtRT8JEV
z@9ePJQ{ePgXbdj2UeTj`YQ3sQ`t(|5O?8jf1qY=&T$N1)Psvl`6fu>U>R!>aUIRnb
zL*)=787*cs#zb31zBC49x$`=fkQbMAef)L2$dR{)6BAz!t5U_B#1zZG<T23Y;GnC8
z(`aO7qQGuUkmmk=Z)LZ+)_Z;JWly1@9NQ+>`^neKSS22oJ#5B=gl%U=WeqL9REF2g
zZnfCb0?quf?Ztj$VXvDSWoK`0L=Zxem2q}!XWLoT-kYMOx)!7fcgT35uC~0pySEme
z`{wGWTkGr7>+Kb^n;W?BZH6ZP(9tQX%-7zF>vc2}LuWDI(9kh1G#7B<aO|K2FCIJg
zDao72kQAHigp@^v;eK5Vo($1jE5?KxIjn^mY57t?Pj)^$12KtO8GI3M1Ri51g3-Iv
zq`DO&g5CWDnjs~ec$i^VmaK4aG_*NghV8~x3dXdPE^36>99r4x6;_-V+k&c{nPUrR
zAXJGRiMe~aup{0qzmLNjS_BC4cB#sXjckx{%_c&^xy{M61xEb>KW_AG5VFXUOjAG4
z^>Qlm9A#1N{4snY=(AmWzatb!ngqiqPbBZ7>Uhb3)dTkSGcL#&SH>iMO-IJBPua`u
zo)LWZ>=NZLr758j{%(|uQuZ)pXq_4c!!>s|aDM9#`~1bzK3J1^^D#<2<N(j(---cE
zEy;>bNCccH7~-X}Ggi!pIIF>uFx%aPARGQsnC8ZQc8lrQ5o~smqOg>Ti^GNme94*w
z)JZy<k{OAaG~Q|lT7oS<g9V8QNt(KeJIt6&F{U!{MuJ?Xr0XzPZhzp~?qy+NBB<0G
zi_x*hCyRQ*l&365<#;!&Mnh*3`6R@-BoAUC&g|)}Bg;mxBDA&uy<fjp??k5JfO-|6
zv6$F+?VY$#@OP{;d=nLk^Vq&omh*v*bW;ukc`ca|*$h2}@kU)FNYh|cX2FdglBA{Z
zn4gmuD1Tgw4$4s2Q01t5<PSfg@h2F?GtlH6XQC>{_{#$jxG<QXLBP1mLo=v6>Q&`M
z!OMvZMHR>8*^>eS%o*6hJwn!l8VOOjZQJvh)@tnHVW&*GYPuxqXw}%M!(f-SQf`=L
z5;=5w2;%82VMH6Xi&-K3W)o&K^+vJCepWZ-rW%+Dc6X3(){z$@4zjYxQ|}8UIojeC
zYZpQ1dU{fy=oTr<4VX?$q)L<oUsl**eR4|Y=<jHUj;EzXPg2#85xDsCL@vKUk4!ok
zWGU;a1c@)SVKp{%lz7wz>P}IUmpiez^O&N3E_qPpchGTi5ZM6-2ScWlQq%V&R2Euz
zO|Q0Hx>lY1Q1cW5xHv5!0OGU~PVEqSuy#fD72d#O`N!C;o=m+YioGu-wH2k6!t<~K
zSr`E=W9)!g==~x9VV~-8{4ZN9{~-A9zJpRe%NGg$+MDuI-dH|b@BD)~>pPCGUNNzY
zMDg||0@XGQgw`YCt5C&A{_+J}mvV9Wg{6V%2n#YSRN{AP#PY?1FF1#|vO<FCmSeem
zsV>_%e+#`|2*~wGAJaeRX6=IzFNeWhz6gJc8+(03Ph4y6ELAm=AkN7TOgMUEw*N{=
z_)EIDQx5q22oUR+_b*tazu<k7qtKxTlmUW2Omzs&7j%!q->9+pX|n1c*IB-}{DqIj
z-?E|ks{o3AGRNb;+iKcHkZvYJvFsW&83RAPs1Oh@IWy%l#5x2oUP6ZCtv+b|q>jsf
zZ_9XO;V!>n`UxH1LvH8)L4?8raIvasEhkpQoJ`%!5rBs!0Tu(s_D{`4opB;57)pkX
z4$A^8CsD3U5*!|bHIEqsn~{q+Ddj$ME@Gq4JXtgVz&7l{Ok!@?EA{B3P~NAqb9)4?
zkQo30A^EbHfQ@87G5&E<g>QTd`frrwL)&Yw?%-W@uy^Gn23%j?Y!Iea2xw<-f;esq
zf%w5WN@E1}zyXtYv}}`U^B>W`>XPmdLj%4{P298|SisrE;7HvXX;A}Ffi8B#3Lr;1
zHt6zVb`8{#+e$*k?w8|O{Uh|&AG}|DG1PFo1i<Zus%ucO{sZ+tJd!u@5m`tVt$ecP
zHv;DLyGh!O(o#SF9Ho`t`aW6*4AonGVD-cOd49F6=odL=f13sFyII;4g$7X;P=IH_
z!H8wMi5nS$y>?Y*cQm$ZwtGcVgMwtBUDa{~L1KT-{jET4w60>{KZ27vXrHJ;fW{6|
z=|Y4!&UX020wU1>1iRgB@Q#m~1^Z^9<xy6Z(6L!p4YY56>CG1LqDhYBrnx%IEdIty
z!46iOoKlKs)c}<e-V4k`cP%zlS~*r)Iq=(n$n3YjsGj;U{v)@9x+s&RgYVsv=bVhB
z6KS0(1+6KVC4PB64#XkwbuM4|1~xHvpBvYVlWb?(pv$N|&u>newDG)rWUikD%j`)p
z_w9Ph&e40=(2eBy;T!}*1p1f1SAUDP9iWy^u^Ubdj21Kn{46;GR+hwLO=4D11@c~V
zI8x&(D({K~Df2<H8Q0|`g9v?%+ew{*)n&&V=&(8)k^`IVYv)Ef^74^<ekxt26g{<n
z=l9l$ysk3V&@j|Qbd9p}8=X<l&m>E)Nx_yQvYfh4<e?mHvB!$Y?%_59%1<FYEFc$b
z5ztP29y#%z;_YI`kp!lqW2R%wIG*IA1m!F1Kln&)2?~$S$Og+8eH`pJh?)s{O@cqa
zWUZ4w-ZTe!Iykv!<9ko1OVzNOZnowKP{&R2l9=@35YPW+JdW)5@C2juHH<g|8v*@b
z{zCv-5uA{lGB2+F9H+)uLjkGDsT%f9VUvf8ezafoEizvcl$?$h;@OxEC#U#_TL4w5
zDU~DSJxQ)LRv;^Z&wI+)=va(!yOlq(L+s>;MbMJ@Z}=Dt3_>iim~QZ*hZIlEs0mEb
z_54+&*?wMD`2#vsQRN3KvoT>hWofI_Vf(^C1ff-Ike@h@saEf7g}<9T`W;HAne-Nd
z>RR+&SP35w)xKn8^U$7))PsM!jKwYZ*RzEcG-OlTrX3}9a{q%#Un5E5W{{hp>w~;`
zGky+3(vJvQyGwBo`tCpmo0mo((?nM8vf9aXrrY1Ve}~TuVkB(zeds^jEfI}xGBCM2
zL1|#tycSaWCurP+0MiActG3LCas@_@tao@(<l?T*QEH-ae+wh*%6?VE!5DP~@|=`w
zUm(1<BPl}p=AbS7FTVaUy3(jy*M(D2#kTF4RBYR}of+Gx*jB~1QL*jJpu&o6JE?s6
z_S);Tw%)V%`7zq_d$iG?Hu~uO?$>R1ANlwB$4K53egNE_;!&(%@Qo$>h`^1S_!hN6
z)vZtG$8fN!|BXBJ=SI>e(LAU(y(i*PHvgQ2llulxS8>qsimv7yL}0q_E5WiAz7)(f
zC(ahFvG8&HN9+6^jGyLHM~$)7auppeWh_^zKk&C_MQ~8;N??OlyH~azgz5fe^>~7F
zl3HnPN3z-kN)I$4@`CLCMQx3sG~V8hPS^}XDXZrQA>}mQPw%7&!sd(Pp^P=tgp-s^
zjl}1-KRPNWXgV_K^HkP__SR`S-|OF0bR-N5>I%ODj&1JUeAQ3$9i;B~$S6}*^tK?=
z**%aCiH7y?xdY?{LgVP}S0HOh%0%LI$wRx;$T|~Y8R)Vdwa}kGWv8?SJVm^>r6+%I
z#lj1aR94{@MP;t-scEYQWc#xFA30^}?|BeX*W#9OL;Q9#WqaaM546j5j29((^_8Nu
z4uq}ESLr~r*O7E7$D{!k9W>`!SLoyA53i9QwRB{!pHe8um|aD<W*x(R=P_5zAElfw
zT7CEEr(t|!*czBsy>E`Cg0O*{jmor)^t)3`>V>SWN-2VJcFmj^1?~tT=JrP`fVh*t
zXHarp=8HEcR#vFe+1a%XXuK+)oFs`GDD}#Z+TJ}Ri`FvKO@ek2ayn}yaOi%(8p%2$
zpEu)v0Jym@f}U|-;}CbR=9{#<^z28PzkkTNvyKvJDZe+^VS2bES3N@Jq!-*}{oQlz
z@8bgC_KnDnT4}d#<rI9~4w*W=E-{rm^_cQeTd?VLxZpL;UgBY=7Y@N&83iL$n&#~M
zbsQBYt~+>&Cpr!%Yb?E!brx0!eVOw~;lLwUoz#Np%d$o%9scc3&zPm`%G((Le|6o1
zM(VhOw)!f84zG^)tZ1?Egv)d8cdNi+T${=5kV+j;Wf%2{3g@FHp^Gf*qO0q!u$=m9
zCaY`4mRqJ;FTH5`a$affE5dJrk~k`HTP_7nGTY@B9o9vvnbytaID;^b=Tzp7Q#DmD
zC(<aCT_(W?1O|cV&C;hpRo`~BN54GF$vUW?-%&gVawwY-k2~=6)`83yVnUbThqXoO
z#pJ&{AeMt+E`B_K+d;6!WS}aMu|XPUG^g7a(llBSlq>XEN)Ktn39z5|G!wsVNnHi)
z%^q94!lL|hF`IijA^9NR0F$@h7k5R^ljOW(;Td9grRN0Mb)l_l7##{2nPQ@?;VjXv
zaLZG}yuf$r$<79rVPp<j5%445ugcCYz(;(NT0N0@n{$og@`Uam4%uUaCP9*@QWGX9
z{P@Ag+Bgh5@F#Eg5Y9s1Tb4W8at(wr+7n>Xg?6iiieX|r#&`p#Con2i%S8*8F}(E)
zI5E6c3tG*<;m~<e=g`4E<@6ZZ8Ot+&-pVKoq@=)RHy9<I(`p<?)r&YNlEA8CnAU#=
zLQO*=y%_uKi|5n%djKteWf@r}R-KMkn1WGKj9GE)TB7@l$)5};KH)qNoDq}(AbK{}
znBj7g3J8U8H}w+i?7tr%6@z$7g2f*NiOc*m{3%|}PM)?==&#x$-Jq&uhpzZ8rtUDZ
zNmR^a5g(7wY6XKEPtNK>6>!&H!GJ6zEu<u;zM7UrmSD`Ps)7>hH7mkAzovdhLy;)q
z{H2*8I^Pb}xC4s^6Y}6bJvMu=8>g&I)7!N!5QG$xseeU#CC?ZM-TbjsHwHgDGrsD=
z{%f;@Sod+Ch66Ko2WF~;Ty)v>&x^aovCbCbD7>qF*!?BXmOV3(s|nxsb*Lx_2lpB7
zokUnzrk;P<R;aXTpYj?03<w4%%%E_Lx%w}?h6KFkYmQz_=Q!;KI~@zvyE@sz0~S{=
zc7Zp1Pg<<C5w3_-RsBETlpJWaAlby+);^?em@HJt835O5jnvwJ!Ezt?UH{GKJ#_-;
zXWyIZeRlqoB-*o!rz0dsi&bmk<~!5}rFXX!TR>=T-&kUHO}td+Zdj!3n&NR?K~cRU
zAXU!DCp?51{J4w^`cV#ye}(`SQhGQkkMu}O3M*BWt4UsC^jCFUy;wTINYmhD$AT;4
z?Xd{HaJjP`raZ39qAm;%beDbrLpbRf(mkKbANan7XsL>_pE2oo^$TgdidjRP!5-`%
zv0d!|iKN$c0(T|L0C~XD0aS8t{*&#LnhE;1Kb<9&<JFZp&cEpRA~JX*2uhno)g+lW
z)A2j^Jp=5|9|_BqD3yNfz$3!^TP^t32VmQN>=c2B+9JeLvJr*AyyRh%@jHej<V&M}
z(_rfkTF8<3M0mfUD?DaD6=7VHc94p8)f%k_sKhOPc+3w*C;t63&?zS3e((b(P6Fva
zg1a!>=AetOMSlz^=!kxX<aUab1e69e5UxkmMM!xSN{9YUYGb=H*((f4#ZL$Ijz4ZG
z=M2TpNE4&~3j}eO`*MD}g}>>>B{2B1uIrQyfd8KjJ+DBy!h)~*(!|&L4^Q_07SQ~E
zcemVP`{9CwFvPFu7pyVGCLhH?LhEVb2{7U+Z_>o25#+3<|8%1T^5dh}*4(kfJGry}
zm%r#hU+__Z;;*4fMrX=Bkc@7|v^*B<Xvhu2*uH*LPz_h!qs>;HA<UqXI?t|tCaZDB
zM}=e!+VluyMT1_wK?{{}fh!prU@u#|#$3A*>l0((IBPPii%X9+u3DDF6%<Dxg01id
zvRMgy`}RNgOUmsF(*g|!7J~5qLXiIVe!ooTZQWeHyp<$?w&ud7re6&`d1HHH%m41@
zrE0Fb;A`T35^B${Rk`^BD>bI&6?Eu$8&aWVqHIM7mK6?Uvq$1|(-T|)IV<>e?!(rY
zqkmO1MRaLeTR=)io(0GVtQT@s6rN%C6;nS3@eu;P#ry4q;^O@1ZKCJyp_Jo)Ty^QW
z+vweTx_DLm{P-XSBj~Sl<%_b^$=}odJ!S2wAc<kP=%^q`Fk3#DzIfRc20!g-U?(r0
zttu-F5dSTOh@Hh;*8<POV|23UE<I?%YD*|RoGT_RNfg)N<d$-CVBslaSc2;hu2@iM
zijnTdup@(TT6QsX1DSS%iD>xenmzFGX1t&Qp8Vxz2VT`uQsQ<N&Na@Eg(*vW-Sx0Z
zwa1eC?gP9=v{v;-el(Byq7uXErY6a?>Ytdn&_0xVivIcxZ_hnrRtwq4cZSj1c-SG9
z7vHBCA=fd0O1<4*=lu$6pn~_pVKyL@ztw1swbZi0B?spLo56ZKu5;7ZeUml1Ws1?u
zqMf1p{5myAzeX$lAi{jIUqo1g4!zWLMm9cfWcnw`k6*BR^?$2(&yW?>w;G$EmTA@a
z6?y#K$C~ZT8+v{87n5Dm&H6Pb_EQ@V0IWmG9cG=O;(;5aMWWrIPzz4Q`mhK;qQp~a
z+BbQrEQ+w{SeiuG-~Po5f=^EvlouB@_|4xQXH@A~KgpFHrwu%dwuCR)=B&C(y6J4J
zvoGk9;lLs9%iA-IJGU#Rg<oAf^xeCDGN*>nZZR+@{5lYl8(e1h6&>Vc_mvg0d@);X
zji4T|n#lB!>pfL|8tQYkw?U2bD`W{na&;*|znjmalA&f;*U++_aBYerq;&C8Kw7mI
z7tsG*?7*5j&dU)Lje;^{D_h`%(dK|pB*A*1(Jj)w^mZ9HB|vGLkF1GEFhu&rH=r=8
zMxO42e{Si6$m+Zj`_mXb&w5Q(i|Yxyg?juUrY}78uo@~3v84|8dfgbPd0iQJRdMj<
zncCNGdMEcsxu#o#B5+XD{tsg*;j-eF8`mp~K8O1J!Z0+>0=7O=4M}E?)H)ENE;P*F
z$Ox?ril_^p0g7xhDUf(q652l|562VFlC8^r8?lQv;TMvn+*<c9jlj>8I}&+hIQYh2
z1}uQQaag&!-+DZ@|C+C$bN6W;S-Z@)d1|en+XGvjbOxCa-qAF*LA=6s(Jg+g;82f$
z(Vb)8I)AH@cdjGFAR5Rqd0wiNCu!xtqWbcTx&5kslzTb^7A78~Xzw1($UV6S^VWiP
zFd{Rimd<L>-0CZC_Bu(WxBFW7+k{cOW7DxBBkJdJ;VsJ4Z@lERQr%3eVv&$%)b%<~
zCl^Y4NgO}j<COChW_}a6vln)bF3$TpaLb);b~-PYxxR%}%O<}>s@u{|o~KTgH}>!*
z_iDNqX2(As7T0xivMH|3SC1ivm8Q}6Ffcd7owUKN5lHAtz<t12Aa&#mkpHAAP7vmV
z^!AJ*2~=PgYP(Wn4Vk66dQCX+{#B-Z%T|HyH;WjNt4~Za-}DB-){PA#h!r8;?(Vb^
zk44aj#5Wa>MM4<0v+ykUT!QiowO;`@%JGv+K$bBx@*S7C8GJVqQ_K>12}M`f_Ys=S
zKFh}HM9#6Izb$Y{wYzItTy+l5U2oL%boCJn?R3?jP@n$zSIwlmyGq30Cw4QBO|14`
zW5c);AN*J3&eMFAk$SR~2k|&+&Bc$e>s%c{`?d~85S-UWjA>DS5+;UKZ}5oVa5O(N
zqqc@>)nee)+4MUjH?FGv%hm2{IlIF-QX}ym-7ok4Z9{V+ZHVZQl$A*x!(q%<2~iVv
znUa+BX35&lCb#9VE-~Y^W_<SUna+(6v_v93h$)MSc{mD`=k6;#c%#QV`lbAtfE3~q
zAtA7|n`xq>f;Xhl%vgjwdjzMy$FsSIj&ok}L+X`4>J=9BkN&nu^E*gbhj3(+D>C4E
z@Fwq_=N)^bKFSHTzZk?-gNU$@l}r}dwGyh_fNi=9b|n}J>&;G!lzilbWF4B}BBq4f
zYIOl?b)PSh#XTPp4IS5ZR_2C!E)Z`zH0OW%4;&~z7UAyA-X|sh9@~>cQW^COA9hV4
zXcA6qUo9P{bW1_2`eo6%hgbN%(G-<qHJAT=v`nNhtT>F1xTvq!sc?4wN6Q4`e9Hku
zFwvlAcRY?6h^Fj$R8zCNEDq8`=uZB8D-xn)tA<^bFFy}4$vA}Xq0jAsv1&5!h!yRA
zU()KLJya5MQ`q&LKdH#fwq&(bNFS{sKlEh_{N%{XCGO+po#(+WCLmKW6&5iOHny>g
z3*VFN?mx!16V5{zyuMWDVP8U*|BGT$(%IO|)?EF|OI*sq&RovH!N%=>i_c?K*A>>k
zyg1+~++zY4Q)J;VWN0axhoIKx;l&G$gvj(#go^pZskEVj8^}is3Jw26LzYYVos0HX
zRPvmK$dVxM8(Tc?pHFe0Z3uq){{#OK3<aeeBkf6Ls@D&>i-ra#@+;*=ui8)y6hsRv
z4Fxx1c1+fr!VI{L3DFMwXKrfl#Q8hfP@ajgEau&QMCxd{g#!T^;ATXW)nUg&$-n25
zruy3V!!;{?OTobo|0GAxe`Ac<m7!f>n3GV@W=&n;<LWwg+BOz1x0PVh(8wy5x)H%n
z);^KLwS*zuK_mXLt=05$RqxmlzBGrOU$*+pD67{&9S4nenf`=wmSIir^E~5#<>~&9
zQM>NWW~R@OYORkJAo+eq1!4vzmf9K%plR4(tB@TR<A8<4IpzFAVt^jntH)?Lln%G`
z6tiucWhgUNI?A8Udv5fHlOm9!ctl16R`GIy7|o!{GngCtp;Tz@88GLNR}tm$OZ5f}
zPju@d{;|S(Rs51!tah!+6PbnnY<$fK^X^&7uddbpg77+M3+zt^`&Wl4kC?eRy{-46
z-3%mXj1#}r%@t|kQBj7QXfN_>&FSbDoRgJ8qVcH#;7lQub*nq&?Z>7WM=oeEVjkaG
zT#f)=o!M2DO5hLR+op>t0Cix<vSdXuLLoyLNj^8w51xiOY6tARpFGMs_UAVQl{h1q
z__M5D$myTJng;^A_J=JcCX@-~s%uSop76ggk-NNPh1K-Xw6Mwq#g=?x9pSWbMg&Eg
z!IW}nRKAGc2X+4y>JCIeXH*+z{-XS|%jx)y(j&}Wo|3!l7{o)HU3m7LYyhv*xF&tq
z%IN7N;D4raue&&hm0xM=`qv`+TK@;_xAcGKuK(2|75~ar2Yw)geNLSmVxV@x89bQu
zpViVKKnl<KY)q`sT$C@o*b;pi#>kwjS&&c|-X6`~xdnh}<zE$?k&-+|)}}1-k;;{3
zWgBv<7Mg|YWBAi9*yc#1&cuZnxkZaBTj=EQ-!oi23=b7<qC?N!TC&$6!<yQuq~YaC
z_0tVTi{LC-!3@TC@6(yDt1|8;{dkSfR3rrN7be_C({Ti}0{;9qU1;it_)pV>Ps)Hs
z4VbUL^{XNLf7_|Oi>tA%?SG5zax}esF*FH3d(JH^Gvr7Rp*n=t7frH!U;!y1gJB^i
zY_M$KL_}mW&XKaDEi9K-wZR|q*L32&m+2n_8lq$xRznJ7p8}V>w+d@?uB!eS3#u<}
zIaqi!b!w}a2;_BfUUhGMy#4dPx>)_>yZ`ai?Rk`}d0>~ce-PfY-b?Csd(28yX22L%
zI7XI>OjIHYTk_@Xk;Gu^F52^Gn6E1&+?4MxDS2G_#PQ&yXPXP^<-p|2nLTb@AAQEY
zI*UQ9Pmm{Kat}wuazpj<q$kAY7_UQRU$-YKdQWJ&LyZumLzNJQ!;vvr#GB_EA<Jf@
z$2g7!{jMh`@>SyXCdnrD&|C1c5DIb1TnzF}f4KIV6D)CJ!?&l&{T)e4U%3HTSYqsQ
zo@zWB1o}ceQSV)<4G<)jM|@@YpL+XHuWsr5AYh^Q{K=wSV99D~4RRU52FufmMBMmd
z_H}L#qe(}|I9ZyPRD6kT>Ivj&2Y?qVZq<4bG_co_DP`sE*_Xw8D;+7QR$Uq(rr+u>
z8bHUWbV19i#)@@G4bCco@Xb<8u~wVDz9S`#k@ciJtlu@uP1U0X?yov8v9U3VOig2t
zL9?n$P3=1U_Emi$#slR>N5w<w?qFuOF5w}cnum+dV`a<C*;Hv>H-=J&T=EdUHA}_Z
zZIl<E_JWAQn>3nvMP*AZS9{cDqFanrA~S5BqxtNm9tlu;^`)3X&V4tMAkJ4gEIPl=
zoV!Gyx0N{3DpD@)pv^iS*dl2FwANu;1;%EDl}JQ7MbxLMAp>)UwNwe{=V}O-5C*>F
zu?Ny+F64jZn<+fKjF01}8h5H_3pey|;%bI;SFg$w8;IC<8l|3#Lz2;mNNik6sVTG3
z+Su^rIE#40C4a-587$U~%KedEEw1%r6wdvoMwpmlXH$xPnNQN#f%Z7|p)nC>WsuO=
z4zyqapLS<8(UJ~Qi9d|dQijb_xhA2)v>la)<1md5s^R1N&PiuA$^k|A<+2C?OiHbj
z>Bn$~t)>Y(Zb`8hW7q9xQ=s>Rv81V+UiuZJc<23HplI88isqRCId89fb`Kt|CxVIg
znWcwprwXnotO>3s&Oypkte^9yJjlUVVxSe%_xlzmje|mYOVPH^vjA=?6xd0vaj0Oz
zwJ4OJNiFdnHJX3rw&inskjryukl`*fRQ#SMod5J|KroJRsVXa5_$q7whSQ{gOi*s0
z1LeCy|JBWRsDPn7jCb4s(p|JZiZ8+*ExC@Vj)MF|*Vp{B(ziccSn`G1Br9bV(v!C2
z6#?eqpJBc9o@lJ#^p-`-=`4i&wFe>2)nlPK1p9yPFzJCzBQbpkcR>={YtamIw)3nt
z(QEF;+)4`>8^_LU)_Q3<u}L<{1}Pc_TC@cmCN`COOSM8a;|jWsk~1fYJv#PDsm#->
zC5_7lgi_6y>U%m)m@}Ku4C}=l^J=<<7c;99ec3p{aR+v=diuJR7uZi%aQv$oP?<K2
z4>dn?@6Yu_+*^>T0ptf(oobdL;6)N-I!TO`zg^Xbv3#L0I~sn@WGk-^SmPh5>W+<X
znt3fVJDljH9Rg;|i5lPHsR(0ho%1Z#U$BQ5Z>LB<+1PU}AKa?FCWF|qMNELOgdxR{
zbqE7@jVe+FklzdcD$!(A$&}}H*HQFTJ+AO<jQkEo4(Zr!RbHw&%VW+jartXEY{IAo
z-<Q*FbO_;b95g_K9)_94ZpWY1;<Z!iW)9JK0`6zeVbpJRc{foQfe9X-j8eQ-=DlS%
zH`!Rua7Ws)lQGR`lKbWfbJ{-A+Qsq7w~i7ifv23@y@q;f=f9BC2>rJYnhh}Yvta(B
zQ_bW4Rr;R~&6PAKwgLWXS{Bnln(vUI+~g#kl{r+_zbngT`Y3`^Qf=!PxN4IYX#iW4
zucW7@LLJA9Zh3(rj~&SyN_pjO8H&)|(v%!BnMWySBJV=eSkB3YSTCyIeJ{i;<t5`Q
zo(L{QW?hBDuaI(wY%y)W1q$B>(oc%_hk{$_l;v>nWSB)oVeg+blh=HB5JSlG_r7@P
z3q;aFoZjD_qS@zygYqC<CA@uG3$h<l#w}3@ssm8WfebtlUXE~>n=;Zxjo!?NK!%J$
z52lOP`8G3feEj+HTp@Tnn9X~nG=;tS+z}u{mQX_J0kxtr)O30YD%oo)L@wy`jpQYM
z@M>Me=95k1p*FW~rHiV1CIfVc{K8r|#Kt(ApkXKsDG$_>76UGNhHExFCw#Ky9*B-z
zNq2ga*xax!HMf_|Vp-86r{;~YgQKqu7%szk8$hpvi_2I`OVbG1doP(`gn}=W<8%Gn
z%81#&WjkH4GV;4u43EtSW>K_Ta3Zj!XF?;SO3V#q=<=><y*Ez-K*8OuEH#K1Uw04)
zm-E?#$M4Pw!5Sa^O{sRRDY-gWXv@8A@bA;l<_ks)es^2Nu>Tc^@?A`i;&`-cYj|;^
zEo#Jl5zSr~_V-4}y8pnufXLa80vZY4z2ko7fj>DR)#z=wWuS1$$W!L?(y}YC+yQ|G
z@L&`2upy3f>~*IquAjkVNU>}c10(fq#HdbK$~Q3l6|=@-eBbo>B9(6xV<PW<=*tlY
z$*pN5hHZpwqlet{tLghEZT#%M$0U({lim^-U@zba{?NJMf<93*()%m>`*)sae58*f
zym~RRVx;xoC<uxJ0zCckgSOZ<jKZfGBozv^HDI7G(HjLM<voAwa4Kh#eq6#2U!qA0
zF$%FfiP7?q!+@Q%0CG7sP{g!i5R&?DRZkOxRnqe`((<r{70*Vq2Rb6*k>G3`JV`xo
z!lFw)=t2Hy)e!IFs?0~7osWk(d%^wxq&>_XD4+U#y&-VF%4z?XH^i4w`TxpF{`XhZ
z%G}iEzf!T(l>g;W9<~K+)$g!{UvhW{E0Lis(S^%I8OF&%kr!gJ&fMOpM=&=Aj@wuL
zBX?*6i51Qb$uhkwkFYkaD_UDE+)rh1c;(&Y=B$3)J&iJfQSx!1NGgPtK!$c9OtJuu
zX(pV$bfuJpRR|K(dp@<Et6W$J6*Z#&a&;93*Ie~(LKx3oM(w;zbe{$4=AvBd2M!)G
z)q&m$-4a#zj+ntOm6x3DXKBbGe#P@0*At9SemktTX0uh;t#}60aB^D2eE!a4eDuX;
z-as`;dd|o4vBfl1>^j}i&H<lE5B-BmW0%$me#yff@sBn;ohRKEdDubkmfk_9%F#R?
zx3ZTQV}CG~;tIM9J0dPMr);>eJ<ZUgb6%5p(oB8d(S&NYcE9Fn#eq_UTAuN0jA(?H
z^D)QqC|?HmZ<MfF#1KC`+1B#aVb^f*7XyN**6k{KcrsXkYIuNItVY|XpO_RwL+pB-
zi361AR7q3_a+z(hygW-dSQ4&gyU_L%*Ad1YXBX3#1@&17te>Oh@|7lWo8^$*o~Xqo
z5Sb+<gm~yF$-E%g5?e&PX|O%&U0#MK#8=Cb4moDVt9pc5&|d_Nok|m&#&P2i0(_CN
zM^tc5)Kw#?l>!EtJ&e@6F+h&+<iRY;$9#Wr1>_1ETbg7LfP5GZjvIUIN3ibCOldAv
z)>YdO|NH$x7AC8dr=<2ekiY1%fN*r~e5h6Yaw<{XIErujKV~tiyrvV_DV0AzEknC-
zR^xKM3i<1UkvqBj3C{wDvytOd+YtDSGu!<rPOfY>gEMg+!&|8BQrT*|p)(dwQLEy+
zMtMzij3zo40)CA!BKZF~yWg?#lWhqD3@qR)gh~D{uZaJO;{OWV8XZ_)J@r3=)T|kt
zUS1pXr6-`!Z<!o63*D|NQNYak6gGf7_QJ$%QWph8(@+Md9XOp*qP{X}q91Av868w+
zGbBw!<JX87&2|tz_-<JKu<xhK)|6RN*Zk7fvZ42tj|cY?!)H@h7T?|0cVg1Q(Dzye
z>}w2QR7nP%d?ecf90;<QTfw00Ol^jhE%$`<-%SzE37_m?Tsl?x9jtF58}$iamaJPx
z;*k`q<{nE<sbhO}9jI-7R-I>K_7C3d!U<RH+{w3GCUW?FU;!Us-m^hLIJe*q&7e}1
zpDB4cxkQ^$zB~cRxh7B3$~Q``Zt;ZNw-Uj>Z`N(TZoWNN^Q~RjVhQG{Y<%E1PpV^4
z-m-K+$A~-+VDABs^Q@U*)YvhY4Znn2^w>732H?NRK(5QSS$V@D7yz2BVX4<IQ|}VZ
zL_WDk%d5E2#>)f5A04~$WbxGOam22>t&uD)JB8-~yiQW6ik;FGblY_I>SvB_z2?PS
z*Qm&qbKI{H1V@YGWzpx`!v)WeLT02};JJo*#f$a*FH?IIad-^(;9XC#YTWN6;Z6+S
zm4O1KH=#V@FJw7Pha0!9Vb%ZIM$)a`VRMoiN&C|$YA3~ZC*8ayZRY^fyuP6$n%2IU
z$#XceYZeqLTXw(m$_z|33I$B4k~NZO>pP6)H_}R{E$i%USGy{l{-jOE;%CloYPEU+
zRFxOn4;7lIOh!7ab<V}OmeeQNY6TeYO&&E^lN#TB*^`;ju1*`#<QB4aBWp8jLsn56
ztlcT6a*61b7mBGG7Pe5gFr$a2kxI4g;qf)gjt)|Y7A|WcqUTy7lmzDN21ov~uefIa
zStpXF9OSKG--%FP-n6GoKAZkk;aTNW1ae$KBstPWjSIc_V%4U0$Ln1&jVG=$ZcXgh
z#CvGTp=S;-S8-$7HKAq6%SA!$URan_Wx!1Oc!O*_!j0Q;YpHo#pr5>b23YKD+_-?O
z0FP9otcAh+oSj;=f#$&*ExUHpd&e#bSF%#8*&ItcL2H$Sa)?pt0Xtf+t)z$_u^wZi
z44oE}r4kIZGy3!Mc8q$B&6JqtnHZ>Znn!Zh@6rgIu|yU+zG8q`q9%B18|T|oN3zMq
z`l&D;U!OL~%>vo&q0>Y==~zLiCZk4v%s_7!9DxQ~id1LLE93gf*gg&2$|hB#j8;?3
z<g)eCVNaZv3$^cu;yV<qgy7Ou{HZYOe(Yy~3PLV!ZId!<`3EN$I2e|Sb}<jdw%KMG
z$~P@70$N+m@}=Mj9$ZG59AQ=JQRvLB(RM9)t()h{Tno>5v4S;oM6rT{Y;I+#FdmNw
z){d%tNM<<#GN%n9ox7B=3#;u7unZ~tLB_vRZ52a&2=IM)2VkXm=L+Iqq~uk#Dug|x
z>S84e+A7EiOY5lj*!q?6HDk<t%xgyS2(ef%dZKEIaXh3~wff^|xcGFVc_e~Sr`&nX
zB{0<Bl5W%rH&l?6tsWk=E?WK+SiGZtPex%sjw{ofyMqE~@feSemEiHmis}sLGcPDm
zIzGRXgYb$F!6<>Nh~0g;0Jy(al!ZHHDtur9T$y-~)94HelX1NHjXWIM7UAe}$?jiz
z9?P4`I0JM=G5K{3_%2jPLC^_Mlw?-<a70XR;I>kYYgb7`qGa3@dn|^1fRMwiyM@Ch
z;CB&o7&&?c5e>h`IM;Wnha0QKnEp=$hA8TJgR-07N<gl50D&l8aCL6u?F9;bt}O?Y
zClsN^P?BSo;~X-U^>~U5(>9vJzeoFs<a)64ao)eXA>SRBkDq=x(YgEMpb=l4TDD`2
zwVJpWGTA_u7}?ecW7s6%rUs&NXD3+n;jB86`X?8(l3MBo6)PdakI6V6a}22{)8ilT
zM~T*<jE3E@DmR%ike^(4fN~b2CI%ZAFJHK0>mU}__xSy|6XSrJ^%l<L`JF;YY6b4`
z;6>DAR3Lft%+<T2S<6#r`P7WA*H7H@Tkj*;CZWvGK|Ka6#=q$9VereUjcyuYAT-kE
z-4)n_C1YG2*?76Lh&eh@n+#B;0G7^rIA<P1)+|@l^eA4%oi{dOUZb8u1-}Kweut@X
z=3>yxC<CMW8Guf-*pI#2K9_;@nA>|ZUvSO_nqMX!_ul3;R#*{~4DA=h$bP)%8Yv9X
zyp><|e8=_ttI}ZAwOd#dlnSjck#6%273{E$kJuCGu=I@O)&6ID{n<VEYI|KdxCeO+
z8>WF5@gLb16sj|&Sb~+du4e4O_%_o`Ix4NRrAsyr1_}MuP94s>de8cH-OUkVPk3+K
z&jW)It9QiU-ti~AuJkL`XMca8Oh4$SyJ=`-5WU<{cIh+XVH#e4d&zive_UHC!pN>W
z3TB;Mn5i)9Qn)#6@lo4QpI3jFYc0~+jS)4AFz8fVC;lD^+idw^S~Qhq>Tg(!3$yLD
zzktzoFrU@6s4wwCMz}edpF5i5Q1IMmEJQHzp(LAt)pgN3&O!&d?3W@6U4)I^2V{;-
z6A(?zd93hS*uQmnh4T)nHnE{wVhh(=MMD(h(P4+^p83Om6t<*cUW>l(qJzr%5vp@K
zN27ka(L{JX=1~e2^)F^i=TYj&;<7jyUUR2Bek^A8+3Up*&Xwc{)1nRR5CT8vG>ExV
zHnF3UqXJOAno_?bnhCX-&kwI~Ti8t4`n0%Up>!U`ZvK^w2+0Cs-b9%w%4`$+To|k=
zKtgc&l}P`*8IS>8DOe?EB84^kx4BQp3<7P{Pq}&p%xF_81pg!l2|u=&I{AuUgmF5n
zJQCTLv}%}xbFGYtKfbba{CBo)lWW%Z>i(_NvLhoQZ*5-@2l&x>e+I~0Nld3UI9tdL
zRzu8}i;X!h8LHVvN?C+|M81e>Jr38%&*9LYQec9Ax>?NN+9(_>XSRv&6hlCYB`>Qm
z1&ygi{Y()OU4@D_jd_-7vDILR{>o|7-k)Sjdxkjgvi{@S>6GqiF|o`*Otr;P)kLHN
zZkpts;0zw_6;?f(@4S1FN=m!4^mv~W+lJA`&7RH%2$)49z0A+8@0BCHtj|yH--AEL
z0tW6G%X-+J+5a{5*WKaM0QDznf;V?L5&uQw+yegDNDP`<QwM)iHN0Ixe+C<}Kj)cT
z;ugg=7>hA;0XPYc6e0;Xv6|i|^F2<spnC^BAY#K6!R1`y8;L|-ax$>WB)Z$LR|HR4
zTQsRAby9(^Z@yATyOgcfQw7cKyr^3Tz7lc7+JEwwzA7)|2x+PtEb>nD(tpxJQm)Kn
zW9K_*r!L%~N*vS8<5T=iv|o<TQh`NS2YOm^v@YF+FhtT<a+buCZu6h6oT_Y5b`Scg
zm=4c{5~CgG?9-H=F8v%THj;pBAIcNf1w(JQ+AUi+?6F2LasjZ5Oz$7m+jvgK`zeSh
z^(f$UuqGD?j)9ZxVlSw*kzGRC;oCN&mCo&6G7ql5S{99P97)o*h$5+(ch97JLRzc!
zYD=hMW71CXeuLub2z%t|7;RjK6Ogym_1#+sTC!<7k`+%+%pXjbEt&Ewk(hGUoqGvq
zuM0wx5$A~T4SRbOQgIit7jaB@N32&;KWs00gsh)b^;UUaulO8Td<B}%0x3tW7;G##
zTMaSe*B!q#S@Od*Vy(-qm;}PAJhEq0;6w!v@t~78{dMpN>!zTe9k_2jC_j*7ik^M_
zaf%k{WX{-;0*`t`G!&`eW;gChVXnJ-Rn)To8vW-?>>a%QU1v`ZC=U)f8iA@%JG0mZ
zDqH;~mgBnrCP~1II<=V9;EBL)J+xzCoiRBaeH&J6rL!{4zIY8tZka?_FBeQeNO3q6
zyG_alW54Ba&wQf{&F1v-r1R6ID)PTsqjIBc+5MHkcW5Fnvi~{-FjKe)t1bl}Y;z@<
z=!%zvpRua>>t_x}^}z0<7MI!H2v6|XAyR9!t50q-A)xk0nflgF4*OQlCGK==4S|wc
zRMsSscNhRzHMBU8TdcHN!q^I}x0iXJ%uehac|Zs_B$p@CnF)HeXPpB_Za}F{<@6-4
zl%kml@}kHQ(ypD8FsPJ2=14x<gRLSp5jQ3zP{(QVzPLZLVm053fUe=@OltSio705;
z(#z2z>XJE|b20<nbuvWeRu7_ckN!4)4>RUIgs!2|R3>LUMGF6X*B_I|$`Qg=;zm7C
z{mEDy9dTmPbued7mlO@phdmAmJ7p@GR1bjCkMw6*G7#4+`k>fk1czdJUB!e@Q(~6#
zwo%@p@V5RL<HuH8=u8a6RDT=ORPK%+xl*V0g}ZRt7wrV&wXuQ&Kq5z5VF5~$tzh+o
zGvLCh{4xbZi*rM$H53QbbG^}e_;5ZL^rKOCECf%A3k<ba715W9GFJ3%z+y)SixW7v
zFUks)dR&u51!CgipP_*=HsXEQV|A6)MESe^nXfdde|e*3lS%iSm1?2t=&g8iM5yO0
zqGo^30JQ})=Z}tg94XEO6_<mfkScn>0ABU2LH7Asq^quDUho@H>eTZH9f*no9fY0T
zD_-9px3e}A!>>kv5wk91%C9R1J_Nh!*&Kk$J3KNxC}c_@zlgpJZ+5L)Nw|^p=2<X2
zVEH%@dRNgUT+xOlus$Jl>ue}CJtm;uj*Iqr)K})kA$xtNUEvX;4!Px*^&9T_`IN{D
z{6~QY=Nau6EzpvufB^hflc#XIsSq0Y9(nf$d~6ZwK}fal92)fr%T3=q{0mP-EyP_G
z)UR5h@IX}3Qll2b0oCAcBF>b*@Etu*aTLPU<%C>KoOrk=x?pN!#f_Og-w+;xbFgjQ
zXp`et%lDBBh<!%rmD;`)_Iw7qs}PxJE2OWnk0598{1@{z2=&M97kZ^;iS=)VbtW2e
z9{Njc%X1q_Y=7a@dL*7`HknH57C8G{SaT${ATgN~45gpu4M3g9K3K^dkc|SdjG%I{
zqBnN$pX_Ur&xe`6C5rq%1Au6o>~OcFnMKMUoox0YwBNy`N0q~bSPh@+enQ=4RUw1)
zpovN`QoV>vZ#5LvC;cl|6jPr}O5tu!Ipoyib8iXqy}TeJ;4+_7r<1kV0v5?Kv>fYp
zg>9L`;XwXa&W7-jf|9~uP2iyF5`5AJ`Q~p4eBU$MCC00`rcSF>`&0fbd^_eqR+}mK
z4n*PMMa&F<X)^G}xeJ@Gp5hPUp4))DB`D07_#V$I)>Occ)<Z1&cEZXfHKl6!0r^K=
z4G}bu(5ge=G8fwnhNItAV-;CCRA~!*Ffjtk+W5Q4($~|Ogx!7zYTJ+md_mLOIHP$a
z=Xv|*^wnVA6u+^6*Pjw-xuU)%_b=1oT;Uy*3v`{`12FsGfVli|)UZ4c+9zix>vTUR
zlDUAn-mh`ahi_`f`=39JYTNVjsTa_Y3b1GOIi)6dY)D}xeshB0T<J4O9}2CRcgST4
zu^DE1lNC^&bdTFMX*m;=F+oV62|j1N%Y(`}stx4V@A-${Nsme7gPF1VFeZ(Es(Tv1
z2eMG<3ngPbvsdfMDb6jRfMuIQ>8Eov5%UhWd1)u}kjEQ|LDo{tqKKrYIfVz~@dp!!
zMOnah@vp)%_-jDTUG09l+;{CkDCH|Q{NqX*uHa1YxFShy*1+;J`gywKaz|2Q{lG8x
zP?KBur`}r`!WL<v4v3q-kbT^ZHHV*Ab_1=$Ds`sw{p4Q5%K<O{0b-Frgl!8<-ysCa
z@55EXX6zF(6|%WdJ}w;c9q_T(h^VZr*46HXJncAUKTLi*=>KXY_<N$yy+H{DR|LP9
zF#oxrkoE0^A&|7gpQkf#W)&V7g<8v42B_@CDi{phanFo;l(u@KJ-))-pR{b)<rcd3
zf}4BFpSv=>K;C8$EWG>jY3UIh{+BLv0=2)KH%P}6xE2kg)%(-uA6lC?u8}{K(#P*c
zE9C8t*u%j2r_{;Rpe1A{9nNXU;b_N0vNgyK!EZVut~}+R2rcbsHilqsOviYh-pYX=
zHw@53nlmwYI5W5KP>&`dBZe0Jn?nAdC^HY1wlR6$u^PbpB#AS&5L6zqrXN&7*N2Q`
z+Rae1EwS)H=aVSIkr8Ek^1jy2iS2o7mqm~Mr&g5=jjt7Vxwg<tf08u&@2*nrRdWEq
z9>lQ^`h#Mx+x2v|9ZAwE$i_9918Mj<x0*Wdpb36@OAXTH9HjzBO?DU3pPWJl<5`?4
zJx95+eAmsI^}aX!MTHZ2jvyPZ%UQNWgYc&Az}*vhoE;`M;w#yci|VFS(*uY8dTed$
zmI+a!^D3~nUd`%d3v~n803|x?hdA<CAGP8+Vz0wak|gS0b(v+b_#OSxq^j=~x{U#C
zxb5$H!k6E86jdT96;Z=hlwo5iYt(l!8a^<>JxTMr?n!bZ6n$}y11u8I9COTU`Z$Fi
z!AeAQLMw^gp_{+0QTEJrhL424pVDp%wpku~XRlD3iv{vQ!lAf!_jyqd_h}+Tr1XG|
z`*FT*NbPqvHCUsYAkFnM`@l4u_QH&bszpUK#M~XLJt{%?00GXY?u_{gj3Hvs!=N(I
z(=AuWPijyoU!r?aFTsa8pLB&cx}$*%;K$e*XqF{~*rA-qn)h^!(-;e}O#B$|S~c+U
zN4vyOK0vmtx$5K!?g*+J@G1NmlEI=pyZXZ69tAv=@`<PF>t%ag_Hk{LP~OH9iE)I=
zaJ69b4kuCk<W;+Nm{1iL;Sjg&ce)b6RfuYXG6i3lmo`Xoo=yc_#4MF;W?A{F|EAlX
z*<!ti?&E?FEc4)+uE<O&ONf`XLQ^cl<<tMSmTYl1l}%xg`DIk~4?@x6!4)Pmk>V0V
zo(M0#>phpQ_)@j;h%m{-a*LGi(72TP)ws2w*@4|C-3+;=5DmC4s7Lp<h>95%n%@Ko
zfdr3-a7m*dys9iIci$A=4NPJ`HfJ;hujLgU)ZRuJI`n;Pw|yksu!#LQnJ#dJysgNb
z@@qwR^wrk(jbq4H?d!lNyy72~Dnn87KxsgQ!)|*m(DRM+eC$wh7KnS-mho3|KE)7h
zK3k;qZ;K1Lj6uEX<KEj5@nV#iauGcIh@~0bCkde*VA4<NzidV>LYUYi)1FN}F@-xJ
z@@3Hb84sl|j{4$3J}aTY@cbX@pzB_qM~AP<KHC>ljrjju6P0tY{C@<op~*H5^F|n>
zpUCOz_NFmALMv1*blCcwUD3?U6tYs+N%cmJ9<vk4wN1^{7_o-KiUksuyYPZPi6=aB
zRdD0jWfvBXoM%2g7{9p9f&t&G@^K{*T20!5)|u6mVvE8$*gT5c>8D%3)%)Xu^uvzF
zS5O!sc#X6?EwsYkvPo6A%O8&y8sCCQH<%f2togVwW&{M;PR!a(ZT_A+jVAbf{@5kL
zB@Z(hb$3<w@Z7>U{T_}SKA_CoQVU-;j>2J=L#lZ~aQCFg-d<9rzs$_gO&d5N6eFSc
z1ml8)P*FSi+k@!^M9nDWR5e@ATD8oxtDu=36Iv2!;dZzidIS(PCtEuXAtlBb1;H%Z
zwnC^Ek*D)EX4#Q>R$$WA2sxC_t(!!6Tr?C#@{3}n{<^o;9id1RA&-Pig1e-2B1XpG
zliNjgmd3c&%A}s>qf{_j#!Z`fu0xIwm4L0)OF=u(OEmp;bLCIaZX$&J_^Z%4Sq4GZ
zPn6sV_#+6pJmDN_lx@1;Zw6Md_p0w9h6mHtzpuIEwNn>OnuRSC2=>fP^Hqgc)xu^4
z<3!s`cORHJh#?!nKI`Et7{3C27+EuH)Gw1f)aoP|B3y?fuVfvpYYmmukx0ya-)TQX
zR{ggy5cN<mnVz7y7+knzNVJkt;lpc;qc>f4X|g)nl#jC9p>7|09_S7>1D2GTRBUTW
zAkQ=<vO$_umo;W8C9!}&#xkaPRO=3x>JMRogZqG#v;^=11O6@rPPwvJ<B8_C^h!$7
z1FiG#I7Fs!hS~+X_xS9av4ic?s4}I)b~+~ynqpL?4J!M0!;Lh~^{jyZ5OklQ8U2d;
z1_pNZ6|Y?X=U7!TcC`|AaWS_uvHe0n$~l-C+lqY=nw)_qUxZZ$`~TgLQeOW;@1pQ$
z701@hEqV6RKPy$?plo3XV+hmG(FFC_t(R=zC3ndGnN?AOBz^}Il*!(}YM_f?Vs)`N
zoXTGH^9k^Rs*ihNP{En)>kr{bW-Qg8`q8GoD#K`&Y+S#%&B>SGRL>;ZunM@49!}Uy
zN|bBCJ%sO;@3wl0>0gbl3L@1^O60ONObz8ZI7nder>(udj-jt`;yj^nTQ$L9`OU9W
zX4alF#$|GiR47%x@s&LV>2Sz2R6?;2R~5k6V>)nz!o_*1Y!$p>BC5&?hJg_M<tYqR
z53_xZU*2l8Pm44`5q;8sH8AJC`OhY?Pv0f<SBDF<5zRa5Pcc`28WO=W(}@uM2`X|H
zRYQaB%r|t}sRL>iE6UBy>RkVZj`9UWbRkN-Hk!S`=BS3t3uyX6)7SF#)71*}`~Ogz
z1rap5H6~dhBJ83;q-Y<5V35C2&F^JI-it(=5D#v!fAi9p#UwV~2tZQI+W(Dv?1t9?
zfh*xpxxO{-(VGB>!Q&0%^YW_<rkziH`41#l{!R-o<QMyf9_jzZ$o+58{{J}R|9zqw
zCjt0>F!@aZ<db_)!_xH)=)<rL4C7eRuqj-{Vl9!F47?8#IbbtVc$3LetR`tgCkn7O
z@PIcJnWwbNQc9I5c;Bn7#oM!PR?~3~=RhWhOCOgl{-a!vqnWp-GGc#(Z7u=0Jsb@k
zRLR8fKR?v;kdoa(!_kn<QSq40_$nei`C>S#ucP|YaD#>wd1Fv&Z*SR&mc;asi}1G)
z_H>`!akh-Zxq9#io(7%;a$)w+{QH)Y$?UK1Dt^4)up!Szcxnu}kn$0afcfJL#IL+S
z5gF_Y30j;{lNrG6m~$Ay?)*V9fZuU@3=kd40=LhazjFrau>(Y>SJNtOz>8x_X-BlA
zIpl{i>OarVGj1v(4?^1`R}aQB&WCRQzS~;7R{tDZG=HhgrW@B`W|#cdyj%YBky)P=
zpxuOZkW>S6%q7U{VsB#G(^FMsH5QuGXhb(sY+!-R8B<wCq$Ud&dR&R~YEJ18TLm54
z;iNBgol;q`1pM~hbiKQEHVg~udGsD!{32V0-F%Jl2*cE1CKaP}vYl}vY{JE1&Y`9<
zWxp@Q9z&I}X^~yDRt<yP&7ehNHUY-`mMuclQn{f;_BVk|%a!qyv`BTi_<F*shwHHm
zYMk#OgVxOZ5)F7}7!ZzzBqdqiT*o3-6bkMv(=P1min)~A$7Z{$hPM{)lRIzv{ziFg
ztAbHzmqKOklFBd-`W?q14D4v{uKrc3r#AAZ&_oCPRi9dQd_BxsU(vj^hw4-4vST=O
z-I*C6luz(vAIZ~@rb(A8AiNMr62dJzV>mv6Sx3WzSW<1MPPN1!&PurYky(@`bP9tz
z52}LH9Q?+FF5jR6-;|+GVdRA!qtd;}*-h&iIw3Tq3qF9sDIb1FFxGbo&fbG5n8$3F
zy<kUPcTI-*+R})(Lx?7E(-Km*D*#LFloydFBeh2ei+vLj63z@TMnj%!?Pc!@$=lI~
zWpQ4Fa#xXFx30*?LGzyx=<Q>Y&PWL{ys^dTO}oZ#@sIX^BKW*bon=;te9j5k+T%wJ
zNJtoN1~YVj4~Y<zc}D-ou*39R71C?0FVs3%E61z~{QYZ=p=4}v(=uH7JqP$9+LudZ
zPLki+z++>RrlZl)b&kJqp+Z`DqT!la$x&&IxgOQw#yZd-nBP3!7FijBXD|IsU8Zl^
zc6?MKpJQ+7ka|tZQLfchD$PD|;K(9FiLE|eUZX#EZxhG!S-63C$jWX1Yd!6-Yxi-u
zjULIr|0-Q%D9jz}IF~S%>0(jOqZ(Ln<$9PxiySr&2Oic7vb<8q=46)Ln%Z|<*z5&>
z3f~Zw@m;vR(bESB<=Jqkxn(=#hQw42l(7)h`vMQQTttz9XW6^|^8EK7qhju4r_c*b
zJIi`)MB$w@9epwdIfnEBR+?~);yd6C(Le<rt!q$FLriBQXByC(@5W-fyMd+G`gpkw
zo=2x;j`HUicFOMzOr+Hi-h(acwf1R^4yH6<++^$)J=B4dE@KAoZaXF)kE=0uwm3nd
z&m40{?8{tmrxQ5%Wq~$48e6Z&q%RJty{nmI+wz=hvB#pKRac&c?EYSnrDYd1X>MC&
zn&&N*?-g&BBJcV;8&UoZi4Lmxcj16ojlxR~zMrf=O_^i1wGb9X-0@6_rpjPYemIin
zmJb+;lHe;Yp=8G)Q(L1bzH*}I>}uAqhj4;g)PlvD9_e_<a@g*lf#ro&Ve1Oe9Dd~M
zzE8GyZq;U{s*VsFviyO$Mu<MkXYCJUQhOu^nB+^MD~g42i6J&pJlqN$*=O9FeOy#D
zMH(Hs0#anHAVz%4@!PpgmX|z|oRKkJQ8-ANxDXdJsPW`~G`Uz*(^?DtT&VY313h$)
z%Z_iZ<k;!|>ScR{Ipq|$8NvAvLD8MYr}xl=bU~)f%B3E>r3Bu9_t|ThF3C5~BdOve
zEbk^r&r#PT&?^V1cb{72yEWH}TXEE}w>t!cY~rA+hNOTK8FAtIEoszp!qqptS&;r$
zaYV-NX96-h$6aR@1xz6_E0^N49mU)-v#bwtGJm)ibygzJ8!7|WIrcb`$XH~^!a#s&
z{Db-0IOTFq#9!^<xwp4XVUmX2>j!n_F}#<SlrwIgws078xQpgq<=PFmW_#a3Vf1lR
zSZtW_!4KrMla?XPZ^%!uYvas5(q&p4<B~4-u7ZKo%gG=AWYrPaK~Ksf`2-Ltd1AQk
z$_l6x1x`BMZqVJH81bkQU_K4!7|CM9*e*BRdOD=<*r=%KzmW8K`FLhkaj-7c$V5Vt
z97r)f!2oBGV~&1@x<{&a6SOQM=KG6k)^{##XUT*iOlT|QkpE~1=S*FV(g_CM^s;$&
zRL7Q)Be-0f7v6$Yv*CJnQ>Z_nX{YzBK8XLPVmc&X`fT7!@$U-@2KM9soGbmOSAmqV
z{nr$L^MBo_u^Joyf0E^=eo{Rt0{{e$IFA(#*kP@SQd6l<gO0qV6sCD7Vl>WT2-#>`
zP1)7_@IO!9lk>Zt?#CU?cuhiLF&)+XEM9B)cS(gvQT!X3`wL*{fArTS;Ak`J<84du
zALKPz4}3nlG8Fo^MH0L|oK2-4xIY!~Oux~1sw!+It)&D3p;+N8AgqKI<GHze0K;7v
zH(+WEQqQ~(T0<)QjJr`7lg^24K~?@;_<cT}hEd4HZB%o_OQsl^L70Ju&(6N2Jbrfe
z{_b&PJgA)_dyARwqVQ$xthjN!Eyh&j;D~!^U-07v?ZtU+{rtxuW4xJPKdBd+XtoJk
zHGuql=D%L$>`ld6v71wy8I!eP0o~=RVcFQR2Gr(eP_JbSytoQ$Yt}l*4r@A8Me94y
z8cTDWhqlq^qoAhbOzGBXv^Wa4vUz$(7B!mX`T=x_ueKRRDfg&Uc-e1+z4x$jyW_Pm
zp?U;-R#xt^Z8Ev~`m`iL4*c#65Nn)q#=Y0l1AuD&+{|8-Gsij3LUZXpM0Bx0u7WWm
zH|%yE@-#XEph2}-$-thl+S;__ciBxSSzHveP%~v}5I%u!z_l_KoW{KRx2=eB33umE
zIYFtu^5=wGU`Jab8#}cnYry@9p5UE#U|VVvx_4l49JQ;jQdp(uw=$^A$EA$LM%vmE
zvdEOaIcp5qX8wX{mYf0;#51~imYYPn4=k&#DsKTxo{_Mg*;S495?OBY?#gv=edYC*
z^O@-sd-qa+U24xvcbL0@C7_6o!$`)sVr-jSJE4XQUQ$?L7}2(}Eixqv;L8AdJAVqc
zq}RPgpnDb@E_;?6K58r3h4-!4rT4Ab#rLHLX?eMOfluJk=3i1@Gt1i#iA=O`M0@x!
z(HtJP9BMHXEzuD93m|B&woj0g6T?f#^)>J>|I4C5?Gam>n9!8CT%~aT;=oco5d6U8
zMXl(=W;$ND_8+DD<ykE9Jy7gkqr#{X4q*TB+m~s#gS@r(GY*77ySFy{9E;{vV}3na
z%pxHTT*dvMnlo4+oTy^p7miJ3ziqr(ZOJ)L+PUs&R@+OotCT;pPyt{0jl<-}(V7Gp
zX$>*?|5bJ!;8ebESXMUKBAf7YBwNVJibGaJ*(2G`F%wx)grqVPjudiaq^Kl&g$8A2
zWMxMr@_$c}d<p;ey3Tcu>+;_B`#kUX-t|4VKH&_f^^EP0&=DPLW)H)UzBG%%Tra*5
z%$kyZe3I&S#gfie^z5)!twG={3Cuh)Fde<XTsb9xO3ZH)#ow2vM~pRh=a%Jxr4}vf
zpeoa8O2Xww;R&D4PixE%^{woC{=Bqwy7h$AGh*xb_!Z$59PhU?bnh=6>A!Kj<-9**
zvT*5%Tb`|QbE!iW-XcOuy39>D3oe6x{>&<#E$o8Ac|j)wq#kQzz|ATd=Z0K!p2$QE
zPu?jL8Lb^y3_CQE{*}sTDe!2!dtlFjq&YLY@2#4>XS`}v#PLrpvc4*@q^O{mmnr5D
zmyJq~t?8>FWU5vZdE(%4cuZuao0GNjp3~Dt*SLaxI#g_u>hu@k&9Ho*#CZP~lFJHj
z(e!SYlLigyc?&5-YxlE{uuk$9b&l6d`uIlpg_z15dPo*iU&|Khx2*A5Fp;8iK_bdP
z?T6|^7@lcx2j0T@x>X7|kuuBSB7<^zeY~R~4McconTxA2flHC0_jFxmSTv-~?zVT|
zG_|<oYEZfi84t5$?vv+%b)zg;Tm0h&qX7^OaItn%bat|_vvqef-&inSz3!+*B~MXf
zn>yDqa9lkF*B6_{j=T>=M8r<0s;@z#h)3BQ4NLl@`Xr__o7;~M&dL3J8fP&zLfDfy
z);ckcTev{@OUlZ`<a~3lY1y7T*bPTeFJ6B%#~z9?lT!*(A@tJdla9v|(yEo_D!5l3
zgWpU~zc-S_OEaBH!tqx5iHR`(p_}%5+rGBpw+VO8i%xcu<ZEk%m%_6nMT>bCo(-3?
z1u1xD`PKgSg?RqeVVsF<1SLF;XYA@Bsa&cY!I48ZJn1V<3d!?s=St?T<RZHAo{>Lo
zC0cNr`qD<Wz+@C|#V>*M#s6f~X>SCNVkva^9A2ZP>CoJ9bvgXe_c}WdX-)pHM5m7O
zrHt#g$F0AO+nGA;7dSJ?)|Mo~cf{z2L)Rz!`fpi73Zv)H=a5K)*$5sf_IZypi($P5
zsPwUc4~P-J1@^3C6-r9{V-u0Z&Sl7vNfmuMY4yy*cL>_)BmQF!8Om9Dej%cHxbIzA
zhtV0d{=%cr?;bpBPjt@4w=#<>k5ee=TiWAXM2~tUG<V}0zLoj=i_-Df@ocJ$(doRp
ztKallYpOUL#3IL6u(+quF)vpQn3m46D_;nvUCNo3?ECVPP9X(bd00g%F#AlS@SJ#4
z%8N#aRo==*hh^$QLCs*-+4DRsO2)x^3cbV3Q3KH=HsOMoWaaL-P@E2B9AQu{uH>fm
z$s&!Dm0R^V$}fOR*B^kGaipi~rx~A2cS0;t&k<A0G-}=%(v(Q0cfU+X-TJJhn(DnP
z4JUVy2A}-oOBotf4Se48>hV1a<cf@1eDWd;R?38Krle_gtcZK}=dkLCqItP$?~n+g
zae42{<6B27z2%?Bsw0ffr{rV{k~Rp8I~N^Hl7A(kh?&)UkI(~LwR%>4u38*XRUP~f
za!rZMtay8bsLt6yFYl@>-y^31(*P!L^^s@mslZy(SMsv9bVoX`O#yBgEcjCmGpyc*
zeH$Dw6vB5P*;jor+JOX@;6K#+xc)Z9B8M=x2a@Wx-{snPGpRmOC$zpsqW*JCh@M2Y
z#K+M(>=#d^>Of9C`))h<=Bsy)6zaMJ&x-t%&+Ucp<HIt~W~b;(@$>LjV`jo4R2025
z<Y{{N1{{e3B{Jn+c77XlWtbx9OBU+M_(;<8;0~=8Ph2QMs3+Zw?bSQV;q%^JEaX$e
z;Vd8f)b9ET29wV$Q>XaG8EA!0lQa)|dx-@{O)qP6`$rhCkoQqZ`^SW8g-kOwrwsK8
z3ms*AIcyj}-1x&A&vSq{r=QMyp3CHdWH35!sad#!Sm>^|-|afB+Q;|Iq@LFgqIp#Z
zD1%H+3I?6RGnk&IFo|u+E0dCxXz4yI^1i!QTu7uvIEH>i3rR{srcST`LIRwdV1P;W
z+%AN1NIf@xxvVLiSX`8ILA8MzNqE&7>%jMzGt9wm78bo9<;h*W84i29^w!>V>{N+S
zd`5Zmz^G;f=icvoOZfK5#1ctx*~UwD=ab4DGQXehQ!XYnak*dee%YN$_ZPL%KZuz$
zD;$PpT;HM^$KwtQm@7uvT`i6>Hae1CoRVM2)NL<2-k2PiX=eAx+-6j#JI?M}(tuBW
zkF%jjLR)O`gI2fcPBxF^HeI|DWwQWHVR!;;{BXXHskxh8F@BMDn`oEi-NHt;CLymW
z=KSv5)3dyzec0T5B*`g-MQ<;gz=nIWKUi9ko<|4I(-<w4I#sX{Ql80P;8bcKjlGSK
zp~yQ(;^y0s9RFCvc2u(I^#Y^!@tjudAd*v;f|XiHBQNGS6_b-95puIO<;QO*=%?{0
z;mryS)gDuCe~tZ`DPIW5W_fNj_#jL{`6lJ5cJ6SG=+^EJr^`JeJsTD;MclG_sxisZ
z?uhn5F($|2nJ7pvty*2qAtsOJRY_NI77&m{ISD+{sJ_)^o**`w`N>E0k$QncH>E4l
z**1w&#={&zv4Tvhgz#c29`m|;<Ue5bFAZpjqANUFk~kBGuYK<_JK>lU-jmaXFMC11
z*dlXDMEOG>VoLMc>!rApwOu2prKSi*!w%`yzGmS+k(zm*CsLK*wv{S_0WX^8A-rKy
zbk^Gf_92^7iB_uUF)EE+ET4d|X|>d&mdN?x@vxKAQk`O+r4Qdu>XGy(a(19g;=jU}
zFX{O*_NG>!$@jh!U369Lnc+D~qch3uT+_Amyi}*k#LAAwh}k8IPK5a-WZ81ufD>l>
z$4cF}GSz>ce`3FAic}6W4Z7m9KGO?(eWqi@L|5Hq0@L|&2flN1PVl}XgQ2q*_n2s3
zt5KtowNkTYB5b;SVuoXA@i5irXO)A&%7?V`1@HGCB&)Wgk+l|^XXChq;u(nyPB}b3
zY>m5jkxpZgi)zfbgv&ec4Zqdvm+D<<?3uny=i;xwOlAC_Tc+b0;kY7-vx;A)KO<$b
z!mM&%JEI}t>?Im*mXweS9H+V>)zF#Zp3)bhl$PbISY{5=_z!8&*Jv~NYtI-g!>fDs
zmvL5O^U%!^VaKA9gvKw|5?-jk>~%CVGvctKmP$kpnpfN{D8@X*Aazi$txfa%vd-|E
z>kYmV66W!lNekJPom29LdZ%(I+ZLZYTXzTg*to~m?7vp%{V<~>H+2}PQ?PPAq`36R
z<%wR8v6UkS>Wt#hzGk#44W<%9S=nBfB);6clKwnxY}T*w21Qc3_?IJ@4gYzC7s;WP
zVQNI(M=S=JT#xsZy7G`cR(BP9*je0bfeN8JN5~zY(DDs0t{LpHOIbN);?T-69Pf3R
zSNe*&p2%AwXHL>__g+xd4Hlc_vu<25H?(`nafS%)3UPP7_4;gk-9ckt8SJRTv5v0M
z_Hww`qPudL?ajIR&X*;$y-`<)6dxx1U~5eGS13CB!lX;3w7n&lDDiArbAhSycd}+b
zya_3p@A`$kQy;|NJZ~s44Hqo7Hwt}X86NK=(ey>lgWTtGL6k@Gy;PbO!M%1~Wcn2k
zUFP|*5d>t-X*RU8g%>|(wwj*~#l4z^Aatf^DWd1Wj#Q*AY<o|l&}{LI>0D^V@sC`M
zjJc6qXu0I7<!pZblLF~RwT5!S6dVx}2`xj{-i;+(qkgJG1)noJqLA@@RN<oLUCRPP
zxfjHQUai*rkwqrT60~IzB@%WBX02*tw3*sCrM8W>Y*2;;gGu!plAFzG=J;1%eIOdn
zQA>J&e05UN*7I5@yRhK|lbBSfJ+5Uq;!&HV@xfPZrgD}kE*1DSq^=%{o%|LChhl#0
zlMb<^a6ixzpd{kNZr|3jTGeEzuo}-eLT-)Q$#b{!vKx8Tg}swCni>{#%vDY$Ww$84
zew3c9BBovqb}_&BRo#^!G(<gf6o^lp99LD#kx<MER=<@tCX1^BFTbwM^``7(LOQY@
zEqxVCkp#2PI<XB`ov%%Q&@SoBV=IvAgzt#VzvgC(Kk;TpN40`oC^`5s%Q9iB#w=Cj
zv1+$@qJ9DCi{ddRIdFp4*=KLoO^UY)$YpX=UdXvuhtp5Oj@vhVm%-sV85eDjNH{EX
z*kvKl&?&j<QGMeW7tPWM6{1)n`=ac?#8d9f@kIV3kA+gW*^Tqv$T~yoa2DpOjcxOS
z{G<-ajSf74;}+hudPnyuH|_19-h+%2{H$u`G5T5vjwblv={62_r17YY1X@Bcq7XM-
z)mu@onGHy+sUpJW64FX6=h6@DEhZ~&X>1Eg((BScRZ}C)Oz?y`T5wOrv);)b^4XR8
zhJo7+<^7)qB>I;46!GySzdneZ>n_E1oWZY;kf94#)s)kWjuJN1c+wbVoNQcmnv}{>
zN0pF+Sl3E}UQ$}slSZeLJrwT>Sr}#V(dVaezCQl2|4LN`7L7v&siYR|r7M(*JYfR$
zst3=YaDw$FSc{g}KHO&QiKxuhEzF{f%RJLKe3p*7=oo`WNP)M(9X1zIQPP0XHhY3c
znrP{$4#Ol$A0s|4S7Gx2L23<cPp>dv*Gv2o;h((XVn+9+$qvm}s%zi6nI-_s6?mG!
zj{DV;qesJb&owKeEK?=J>UcAlYckA7Sl+I&IN=yasrZOkejir*kE@SN`fk<8Fgx*$
zy&fE6?}G)d_N`){P~U@1jRVA|2*69)KSe_}!~?+`Yb{Y=O~_+@!j<&oVQQMnhoIRU
zA0CyF1OFfkK44n*JD~!2!SCPM;PRSk%1XL=0&rz00wxPs&-_eapJy#$h!eqY%nS0{
z<se?qfQ89XwwA;8XB>!aGg58JIJP<C?-Lq`lTNsm#AgHVz-Y0s_<jRmVW9#JfaAO^
zUgrN5kYa6CiV<`BwJ8O)sIywY6(a>F3_ci%n)QSVpa2H`vIe$RD43;#IRfDV&Ibit
z+?>HW4{2wOfC6Fw)}4x}i1maDxcE1qi@BS*qcxD2gE@h3#4cgU*D-&3z7D|tVZWt=
z-Cy2+*Cm@P4GN_TPUtaVyVesbVDazF@)j8VJ4>XZv!f%}&eO1SvIgr}4`A*3#vat<
z_MoByL(qW6L7SFZ#|Gc1fFN)L2PxY+{B8tJp+pxRyz*87)vXR}*=&ahXjBlQKguuf
zX6x<<6fQulE^C*KH8~W%ptpaC0l?b=_{~*U4?5Vt;dgM4t_{&UZ1C2j?b><dx`$8!
ze4sJ^8}?7VYiLoIC$69~0MIA!!7Rwu6Dq)kX*<lHqT0U&4WX!<G&bkefpSP0=xCcO
z()hqGP~~kv6H&HvLm+kCE!Nz>b+5}{IF_CUyvz-@QZPMlJ)r_tS$9kH%RPv#2_nMb
zRLj5;chJ72*U`Z@Dqt4$@_+k$%|8m(HqLG!qT4P^DdfvGf&){gKnGCX#H0!;W=AGP
zbA&Z`-__a)VTS}k<aEJ311DSHJIu)Ndl?O_C*N_MS1q7Laqq*zlG()h4UCODa;iH4
z(XC(Z`(-cCxkOrT?MTkb=V=+hyg5L(*^!(=yP$&GArQczUu2*gZo{O9t9~>KFjWGk
z%|>yE?t*EJ!qeQ%dPk$;xIQ+P0;()PCBDgjJm6Buj{f^awNoVx+9<|lg3%-$G(*f)
zll6oOkN|yamn1uyl2*N-lnqRI1cvs_JxLTeahEK=THV$Sz*gQhKNb*p0fNoda#-&F
zB-qJgW^g}!TtM|0bS2QZekW7_tKu%GcJ!4?lObt0z_$mZ4rbQ0o=^curCs3bJK6sq
z9fu-aW-l#>z~ca(B;4yv;2RZ?tGYAU)^)Kz{L|4oP<SkWyBU+f_%F<#?yy=LhA~g^
ztueiO@sJ(BDN3Mz`8So5#&T!OUtM8qWT<xiIyfpo(&lgE-7DEcM?<Kd`UVf_*}r(8
zCzgNsXNSi)1{V0~XToTF|4Nv-??<~$G(Uy7p@qc!_j+!O;`gtF$xU(Y@7%v-yrD2q
z{qJ=kRDjxcFq_oCp_our<PFSF$4y0BpPO%|kqiZgitTQIUv=I!_}1+UsxG+!y@1>j
zdOf_?de|#yS)p2v8-N||+XL=O*%3+y)oI(HbM)Ds?q8~HPzI<h)CPl@-?j`}I~*GQ
zcLT0AdRsV9-Yt|ap{0ce+ueYFd~HkkokH(I37}yNHwen&wj}s>P(vs*G`iddbWq}!
z(2!VjP&{Z1w+%eUq^<EbM|6YYL8Gs1;NfI!i}!ad7AQ0{B*q4GUFLSsTemUjW%3QQ
z?x$O#{du(<S~Tcw-wm+KV87yz$<g}Aw&`BzzwZ7*S)lh#H&`6YcV^kz4bZzc8<<74
zTVg_=YnyK3KuZig$=*P(YT6QgZ5w5ab8RRz^rUbD`bEoj(3{T<PpIR8sX1nHE{??k
LmiCMtn7{r93&V3<

diff --git a/owl2java/gradle/wrapper/gradle-wrapper.properties b/owl2java/gradle/wrapper/gradle-wrapper.properties
index ae04661..b82aa23 100644
--- a/owl2java/gradle/wrapper/gradle-wrapper.properties
+++ b/owl2java/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.5.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/owl2java/gradlew b/owl2java/gradlew
index a69d9cb..1aa94a4 100755
--- a/owl2java/gradlew
+++ b/owl2java/gradlew
@@ -55,7 +55,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/master/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -80,13 +80,11 @@ do
     esac
 done
 
-APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
-
-APP_NAME="Gradle"
+# This is normally unused
+# shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
@@ -133,22 +131,29 @@ location of your Java installation."
     fi
 else
     JAVACMD=java
-    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+    if ! command -v java >/dev/null 2>&1
+    then
+        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
 
 Please set the JAVA_HOME variable in your environment to match the
 location of your Java installation."
+    fi
 fi
 
 # Increase the maximum file descriptors if we can.
 if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
     case $MAX_FD in #(
       max*)
+        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
         MAX_FD=$( ulimit -H -n ) ||
             warn "Could not query maximum file descriptor limit"
     esac
     case $MAX_FD in  #(
       '' | soft) :;; #(
       *)
+        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
         ulimit -n "$MAX_FD" ||
             warn "Could not set maximum file descriptor limit to $MAX_FD"
     esac
@@ -193,11 +198,15 @@ if "$cygwin" || "$msys" ; then
     done
 fi
 
-# Collect all arguments for the java command;
-#   * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
-#     shell script including quotes and variable substitutions, so put them in
-#     double quotes to make sure that they get re-expanded; and
-#   * put everything else in single quotes, so that it's not re-expanded.
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Collect all arguments for the java command:
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#     and any embedded shellness will be escaped.
+#   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
+#     treated as '${Hostname}' itself on the command line.
 
 set -- \
         "-Dorg.gradle.appname=$APP_BASE_NAME" \
diff --git a/owl2java/gradlew.bat b/owl2java/gradlew.bat
index f127cfd..25da30d 100644
--- a/owl2java/gradlew.bat
+++ b/owl2java/gradlew.bat
@@ -26,6 +26,7 @@ if "%OS%"=="Windows_NT" setlocal
 
 set DIRNAME=%~dp0
 if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
 set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
 
@@ -42,11 +43,11 @@ set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
 if %ERRORLEVEL% equ 0 goto execute
 
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 
@@ -56,11 +57,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 
 if exist "%JAVA_EXE%" goto execute
 
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 

From 5ec4eeb491796dc15aa3099905bf889d2ff6e6bc Mon Sep 17 00:00:00 2001
From: Christian Banse <oxisto@clouditor.io>
Date: Fri, 19 Apr 2024 23:47:37 +0200
Subject: [PATCH 31/44] Pass ordering, but broken until cpg 8.2.0 is released

---
 cloudpg/src/main/java/io/clouditor/graph/App.kt | 15 ++++++---------
 .../graph/passes/LabelExtractionPass.kt         |  7 ++++---
 .../graph/passes/golang/GinGonicPass.kt         | 17 +++++++++--------
 .../graph/passes/golang/GolangHttpPass.kt       |  8 +++++---
 .../clouditor/graph/testing/LocalTestingPass.kt |  3 ---
 .../java/io/clouditor/graph/PerformanceTest.kt  |  3 +--
 .../L3-linkability-of-inbound-data/Go/client.go |  5 +++--
 7 files changed, 28 insertions(+), 30 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/App.kt b/cloudpg/src/main/java/io/clouditor/graph/App.kt
index bf4ca18..04dbfc8 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/App.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/App.kt
@@ -18,10 +18,7 @@ import io.clouditor.graph.nodes.Builder
 import io.clouditor.graph.passes.*
 import io.clouditor.graph.passes.golang.*
 import io.clouditor.graph.passes.java.JaxRsClientPass
-import io.clouditor.graph.passes.java.JaxRsPass
-import io.clouditor.graph.passes.java.SpringBootPass
 import io.clouditor.graph.passes.js.FetchPass
-import io.clouditor.graph.passes.js.JSHttpPass
 import io.clouditor.graph.passes.python.*
 import io.clouditor.graph.testing.LocalTestingPass
 import java.nio.file.Path
@@ -119,7 +116,7 @@ object App : Callable<Int> {
         val builder =
             TranslationConfiguration.builder()
                 .topLevel(rootPath.toFile())
-                .sourceLocations(paths.map { rootPath.resolve(it).toFile() })
+                .sourceLocations(paths.map { rootPath.resolve(it).toFile().normalize() })
                 .registerLanguage(JavaLanguage())
                 .registerLanguage(CPPLanguage())
                 .registerLanguage(CLanguage())
@@ -129,13 +126,13 @@ object App : Callable<Int> {
                 .debugParser(true)
                 .defaultPasses()
                 .registerPass(GitHubWorkflowPass::class)
-                .registerPass(SpringBootPass::class)
-                .registerPass(JaxRsPass::class)
+                // .registerPass(SpringBootPass::class)
+                // .registerPass(JaxRsPass::class)
                 .registerPass(GolangHttpPass::class)
                 .registerPass(GinGonicPass::class)
                 // .registerPass(WebBrickPass::class)
-                .registerPass(JSHttpPass::class)
-                .registerPass(FlaskPass::class)
+                // .registerPass(JSHttpPass::class)
+                // .registerPass(FlaskPass::class)
                 .apply {
                     if (localMode) {
                         // register the localTestingPass after the HTTP Passes since it needs HTTP
@@ -194,7 +191,7 @@ val TranslationResult.computes: MutableList<Compute>
             MutableList<Compute>
 
 fun TranslationResult.findApplicationByTU(tu: TranslationUnitDeclaration): Application? {
-    return this.additionalNodes.filterIsInstance(Application::class.java).firstOrNull {
+    return this.additionalNodes.filterIsInstance<Application>().firstOrNull {
         it.translationUnits.contains(tu)
     }
 }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index 855d7d9..a5b866e 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -300,13 +300,14 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
                     node.declarations
                         .filterIsInstance<VariableDeclaration>()
                         .flatMap { it.usageEdges.map { edge -> edge.end.refersTo } }
+                        .filterNotNull()
                         .toSet()
-                usages.forEach { addLabelToDFGBorderEdges(it as Node, label) }
+                usages.forEach { addLabelToDFGBorderEdges(it, label) }
             }
             is AssignExpression -> {
                 val variableDeclarations =
-                    node.lhs.filterIsInstance<Reference>().map { it.refersTo }
-                variableDeclarations.forEach { addLabelToDFGBorderEdges(it as Node, label) }
+                    node.lhs.filterIsInstance<Reference>().mapNotNull { it.refersTo }
+                variableDeclarations.forEach { addLabelToDFGBorderEdges(it, label) }
             }
             else -> {
                 addLabelToDFGBorderEdges(node, label)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index 7067679..27f9d3d 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -7,22 +7,22 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
+import de.fraunhofer.aisec.cpg.graph.firstAssignment
 import de.fraunhofer.aisec.cpg.graph.parseName
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
 import de.fraunhofer.aisec.cpg.passes.*
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
-import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
-import io.clouditor.graph.passes.KubernetesPass
 import io.clouditor.graph.testing.LocalTestingPass
 
-@DependsOn(GoExtraPass::class)
 @DependsOn(SymbolResolver::class)
-@ExecuteBefore(LocalTestingPass::class)
-@ExecuteBefore(KubernetesPass::class)
+@DependsOn(
+    LocalTestingPass::class /*, softDependency = true*/
+) // should be "soft", but broken until #1532 is released
+// @DependsOn(KubernetesPass::class /*, softDependency = true*/)
 class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     private val clients = mutableMapOf<VariableDeclaration, HttpRequestHandler>()
 
@@ -257,9 +257,10 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         tu: TranslationUnitDeclaration,
         r: VariableDeclaration
     ) {
-        if (r.initializer is CallExpression &&
-                ((r.initializer as CallExpression).name.toString() == "gin.Default" ||
-                    (r.initializer as CallExpression).name.toString() == "gin.New")
+        val initializer = r.firstAssignment
+        if (initializer is CallExpression &&
+                (initializer.name.toString() == "gin.Default" ||
+                    initializer.name.toString() == "gin.New")
         ) {
             val app = result.findApplicationByTU(tu)
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
index e665313..43afc45 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
@@ -9,16 +9,18 @@ import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
+import io.clouditor.graph.testing.LocalTestingPass
 import kotlin.streams.toList
 
-@Suppress("UNUSED_PARAMETER")
-@DependsOn(GoExtraPass::class)
+@DependsOn(SymbolResolver::class)
+@DependsOn(LocalTestingPass::class, softDependency = true)
+// @DependsOn(KubernetesPass::class, softDependency = true)
 class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     private val clients = mutableMapOf<VariableDeclaration, HttpRequestHandler>()
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
index 189d224..a8510a7 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
@@ -9,13 +9,10 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Name
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import io.clouditor.graph.*
-import io.clouditor.graph.passes.golang.GinGonicPass
 import io.clouditor.graph.passes.golang.appendPath
 import java.nio.file.Files
 
-@DependsOn(GinGonicPass::class)
 class LocalTestingPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun accept(t: TranslationResult) {
diff --git a/cloudpg/src/test/java/io/clouditor/graph/PerformanceTest.kt b/cloudpg/src/test/java/io/clouditor/graph/PerformanceTest.kt
index d8bbb0c..5a183f5 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/PerformanceTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/PerformanceTest.kt
@@ -2,7 +2,6 @@ package io.clouditor.graph
 
 import kotlin.io.path.*
 import kotlinx.benchmark.Scope
-import kotlinx.benchmark.readFile
 import org.junit.Test
 import org.openjdk.jmh.annotations.*
 
@@ -70,7 +69,7 @@ open class PerformanceTest {
 
         // create ONE large file
         val tmp = createTempFile(dir, "detectability", ".py")
-        tmp.appendText(serverSrc.readFile())
+        tmp.appendText(Path(serverSrc).readText())
         // append the function i times to the temporary file
         for (i in 1..range.toInt()) {
             val sampleFunction =
diff --git a/ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go/client.go b/ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go/client.go
index 3a78bd4..af52da6 100644
--- a/ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go/client.go
+++ b/ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go/client.go
@@ -7,9 +7,10 @@ import (
 
 func main() {
 	//@PseudoIdentifier
-    name := "firstname lastname"
+	var name = "firstname lastname"
+	//name := "firstname lastname"
 	data := url.Values{
-		"Name": {name},
+		"Name":    {name},
 		"Message": {"hello world"},
 	}
 

From f6e0ebe8b1eb531988e447d4559ec998c1bd9f85 Mon Sep 17 00:00:00 2001
From: Christian Banse <oxisto@clouditor.io>
Date: Sat, 20 Apr 2024 00:19:30 +0200
Subject: [PATCH 32/44] First Go test works

---
 cloudpg/src/main/java/io/clouditor/graph/App.kt    |  7 ++++++-
 .../io/clouditor/graph/passes/DFGExtensionPass.kt  |  1 +
 .../io/clouditor/graph/passes/HttpClientPass.kt    |  2 +-
 .../clouditor/graph/passes/LabelExtractionPass.kt  | 14 +++++++++-----
 .../clouditor/graph/passes/golang/GinGonicPass.kt  |  3 ++-
 .../graph/passes/golang/GolangHttpRequestPass.kt   | 14 +++++---------
 cloudpg/src/main/resources/log4j2.xml              |  1 +
 .../java/io/clouditor/graph/LinkabilityTest.kt     |  2 +-
 .../L3-linkability-of-inbound-data/Go/client.go    |  3 +--
 9 files changed, 27 insertions(+), 20 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/App.kt b/cloudpg/src/main/java/io/clouditor/graph/App.kt
index 04dbfc8..337c31d 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/App.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/App.kt
@@ -80,7 +80,12 @@ object App : Callable<Int> {
                 .build()
 
         val sessionFactory =
-            SessionFactory(configuration, "de.fraunhofer.aisec.cpg.graph", "io.clouditor.graph")
+            SessionFactory(
+                configuration,
+                "de.fraunhofer.aisec.cpg.graph",
+                "io.clouditor.graph",
+                "de.fraunhofer.aisec.cpg.frontends"
+            )
         val session = sessionFactory.openSession()
 
         val result = doTranslate()
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index 985f98a..1006d10 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -22,6 +22,7 @@ import java.util.*
  * expression. Normally no data flows from the base to the member expression. For this use case,
  * however, the mere usage of a base causes labels to be relevant for the member expression.
  */
+// TODO: We do have these partial flows now, so this pass is probably obsolete
 @DependsOn(GoExtraPass::class)
 class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
index 4c05101..07627ec 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
@@ -51,7 +51,7 @@ abstract class HttpClientPass(ctx: TranslationContext) : TranslationResultPass(c
     ): List<HttpEndpoint> {
         log.info("Looking for endpoints for {} request to {}", method, url)
 
-        return t.additionalNodes.filterIsInstance(HttpEndpoint::class.java).filter {
+        return t.additionalNodes.filterIsInstance<HttpEndpoint>().filter {
             endpointMatches(it, url) &&
                 (it.method == method || it.method == null) // TODO: make methods an array
         }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index a5b866e..4373073 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -14,7 +14,7 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.AssignExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import io.clouditor.graph.nodes.labels.*
@@ -23,7 +23,7 @@ import java.util.function.Consumer
 import java.util.function.Predicate
 import java.util.stream.Collectors
 
-@DependsOn(GoExtraPass::class)
+@DependsOn(SymbolResolver::class)
 @DependsOn(DFGExtensionPass::class)
 class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
@@ -299,15 +299,19 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
                 val usages =
                     node.declarations
                         .filterIsInstance<VariableDeclaration>()
-                        .flatMap { it.usageEdges.map { edge -> edge.end.refersTo } }
-                        .filterNotNull()
+                        .flatMap { it.usages }
                         .toSet()
                 usages.forEach { addLabelToDFGBorderEdges(it, label) }
             }
             is AssignExpression -> {
                 val variableDeclarations =
                     node.lhs.filterIsInstance<Reference>().mapNotNull { it.refersTo }
-                variableDeclarations.forEach { addLabelToDFGBorderEdges(it, label) }
+                val usages =
+                    variableDeclarations
+                        .filterIsInstance<VariableDeclaration>()
+                        .flatMap { it.usages }
+                        .toSet()
+                usages.forEach { addLabelToDFGBorderEdges(it, label) }
             }
             else -> {
                 addLabelToDFGBorderEdges(node, label)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index 27f9d3d..cefd4aa 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -13,13 +13,14 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
 import de.fraunhofer.aisec.cpg.passes.*
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.testing.LocalTestingPass
 
 @DependsOn(SymbolResolver::class)
-@DependsOn(
+@ExecuteBefore(
     LocalTestingPass::class /*, softDependency = true*/
 ) // should be "soft", but broken until #1532 is released
 // @DependsOn(KubernetesPass::class /*, softDependency = true*/)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index 31d53e1..d6bc721 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -5,7 +5,7 @@ import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
@@ -16,7 +16,7 @@ import kotlin.streams.toList
 
 // This pass is needed only for the local testing mode, since in the testing pass we create the
 // endpoints and only after that we can create the respective requests
-@DependsOn(GoExtraPass::class)
+@DependsOn(SymbolResolver::class)
 @DependsOn(LocalTestingPass::class)
 class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
 
@@ -44,10 +44,6 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
         c: CallExpression
     ) {
         val app = result.findApplicationByTU(tu)
-        val requestFunction = c.invokes.firstOrNull()
-        // TODO (old) request body: the default value is not correctly set, so we use the
-        //  value that has a dfg edge to the request parameter
-        val body = requestFunction?.prevDFG?.firstOrNull { it is Reference } as Reference
         if (c.name.toString() == "http.PostForm") {
             createHttpRequest(
                 result,
@@ -55,7 +51,7 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
                 (c.arguments[0] as? Literal<String>)?.value ?: "",
                 c,
                 "POST",
-                body,
+                c.arguments[1],
                 app
             )
         } else if (c.name.toString() == "http.PutForm") {
@@ -64,7 +60,7 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
                 (c.arguments[0] as? Literal<String>)?.value ?: "",
                 c,
                 "PUT",
-                requestFunction?.parameters?.get(1)?.prevDFG?.firstOrNull() as? Reference,
+                c.arguments[1],
                 app
             )
         } else if (c.toString() == "http.Get") {
@@ -82,7 +78,7 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) {
                 (c.arguments[1] as? Literal<String>)?.value ?: "",
                 c,
                 "POST",
-                requestFunction?.parameters?.get(2)?.prevDFG?.firstOrNull() as? Expression,
+                c.arguments[2],
                 app
             )
         }
diff --git a/cloudpg/src/main/resources/log4j2.xml b/cloudpg/src/main/resources/log4j2.xml
index b295610..de6cac4 100644
--- a/cloudpg/src/main/resources/log4j2.xml
+++ b/cloudpg/src/main/resources/log4j2.xml
@@ -7,6 +7,7 @@
   </Appenders>
   <Loggers>
     <Logger level="DEBUG" name="de.fraunhofer.aisec.cpg"/>
+    <Logger level="ERROR" name="org.neo4j.ogm.drivers.bolt.response.BoltResponse" />
     <Root level="INFO">
       <AppenderRef ref="STDOUT"/>
     </Root>
diff --git a/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt
index 5dcd45e..6add087 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt
@@ -23,7 +23,7 @@ open class LinkabilityTest {
                 listOf(Path(".")),
                 "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p"
             )
-        assertEquals(4, result.count())
+        assertEquals(8, result.count())
 
         result.first().apply {
             var path = this.get("p") as Array<*>
diff --git a/ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go/client.go b/ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go/client.go
index af52da6..c5fd250 100644
--- a/ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go/client.go
+++ b/ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go/client.go
@@ -7,8 +7,7 @@ import (
 
 func main() {
 	//@PseudoIdentifier
-	var name = "firstname lastname"
-	//name := "firstname lastname"
+	name := "firstname lastname"
 	data := url.Values{
 		"Name":    {name},
 		"Message": {"hello world"},

From 7dc76c17b51df71b741461046e3dd5ae9944ba9c Mon Sep 17 00:00:00 2001
From: Christian Banse <oxisto@clouditor.io>
Date: Sat, 20 Apr 2024 00:24:12 +0200
Subject: [PATCH 33/44] ++

---
 .../main/java/io/clouditor/graph/passes/DFGExtensionPass.kt   | 4 ++--
 .../java/io/clouditor/graph/passes/LabelExtractionPass.kt     | 2 ++
 .../main/java/io/clouditor/graph/passes/python/PyMongoPass.kt | 3 +++
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index 1006d10..0608aad 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -11,7 +11,7 @@ import de.fraunhofer.aisec.cpg.graph.types.ObjectType
 import de.fraunhofer.aisec.cpg.graph.types.Type
 import de.fraunhofer.aisec.cpg.graph.types.recordDeclaration
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
-import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import java.util.*
@@ -23,7 +23,7 @@ import java.util.*
  * however, the mere usage of a base causes labels to be relevant for the member expression.
  */
 // TODO: We do have these partial flows now, so this pass is probably obsolete
-@DependsOn(GoExtraPass::class)
+@DependsOn(ControlFlowSensitiveDFGPass::class)
 class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
     override fun accept(t: TranslationResult) {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index 4373073..5d21294 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -296,6 +296,7 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
             is DeclarationStatement -> {
                 // To connect to all border edges, we first need to iterate through all declared
                 // variables and find their USAGEs
+                // TODO: why?
                 val usages =
                     node.declarations
                         .filterIsInstance<VariableDeclaration>()
@@ -304,6 +305,7 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
                 usages.forEach { addLabelToDFGBorderEdges(it, label) }
             }
             is AssignExpression -> {
+                // TODO: why?
                 val variableDeclarations =
                     node.lhs.filterIsInstance<Reference>().mapNotNull { it.refersTo }
                 val usages =
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
index 8c82efe..4a92c1c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
@@ -2,12 +2,14 @@ package io.clouditor.graph.passes.python
 
 import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.frontends.python.PythonLanguageFrontend
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.order.RequiredFrontend
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
@@ -18,6 +20,7 @@ import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 @DependsOn(SymbolResolver::class)
+@RequiredFrontend(PythonLanguageFrontend::class)
 class PyMongoPass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
     val clients: MutableMap<Node, DatabaseConnect> = mutableMapOf()

From 38ddc064da673715fc87926f495302b4a7119f9f Mon Sep 17 00:00:00 2001
From: "Kunz, Immanuel" <immanuel.kunz@aisec.fraunhofer.de>
Date: Sat, 20 Apr 2024 08:57:46 +0200
Subject: [PATCH 34/44] add pass dependencies, initializer check

---
 .../java/io/clouditor/graph/passes/LabelExtractionPass.kt | 8 ++++----
 .../io/clouditor/graph/passes/golang/GolangHttpPass.kt    | 7 +++----
 .../io/clouditor/graph/passes/golang/GolangLogPass.kt     | 2 ++
 .../java/io/clouditor/graph/testing/LocalTestingPass.kt   | 3 +--
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index 5d21294..705bdcb 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -160,10 +160,10 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
             )
 
         regexes.entries.forEach { it ->
-            val matches = it.key.findAll(nodeWComment.comment!!)
-            if (matches.toList().isNotEmpty()) {
-                val labels = it.value(nodeWComment, matches)
-                labels.forEach {
+            val matches = nodeWComment.comment?.let { it1 -> it.key.findAll(it1) }
+            if (matches?.toList()?.isNotEmpty() == true) {
+                val labels = matches?.let { it1 -> it.value(nodeWComment, it1) }
+                labels?.forEach {
                     t += it // Adding Labels to the supplementary nodes of a translation unit
                 }
             }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
index 43afc45..d88c48b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
@@ -7,6 +7,7 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
+import de.fraunhofer.aisec.cpg.graph.firstAssignment
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
@@ -95,10 +96,8 @@ class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) {
     ) {
         // check initializers for http.NewServeMux()
         // actually check for return types - but that does not work (yet) with the standard library
-
-        if (r.initializer is CallExpression &&
-                (r.initializer as CallExpression).name.toString() == "http.NewServeMux"
-        ) {
+        val initializer = r.firstAssignment
+        if (initializer is CallExpression && initializer.name.toString() == "http.NewServeMux") {
             val app = result.findApplicationByTU(tu)
 
             val requestHandler = HttpRequestHandler(app, mutableListOf(), "/")
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
index e392dc5..c1b0e30 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
@@ -7,6 +7,7 @@ import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.passes.GoExtraPass
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.order.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
@@ -14,6 +15,7 @@ import io.clouditor.graph.passes.LogPass
 import kotlin.streams.toList
 
 @DependsOn(GoExtraPass::class)
+@DependsOn(SymbolResolver::class)
 class GolangLogPass(ctx: TranslationContext) : LogPass(ctx) {
     override fun accept(result: TranslationResult) {
         val translationUnits =
diff --git a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
index a8510a7..9c6cc29 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
@@ -49,8 +49,7 @@ class LocalTestingPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     }
 
     private fun handleConf(conf: TestConfig, t: TranslationResult) {
-        val controllers =
-            t.additionalNodes.filter { it is HttpRequestHandler }.map { it as HttpRequestHandler }
+        val controllers = t.additionalNodes.filterIsInstance<HttpRequestHandler>()
 
         for (service in conf.services) {
             if (service.type == "server" || service.type == "third-party") {

From f775d383b73bf75cdd854d2e975be28710511810 Mon Sep 17 00:00:00 2001
From: "Kunz, Immanuel" <immanuel.kunz@aisec.fraunhofer.de>
Date: Thu, 2 May 2024 15:05:26 +0200
Subject: [PATCH 35/44] update build gradle with new Python fix

---
 cloudpg/build.gradle.kts                                 | 9 ++++++---
 cloudpg/src/main/java/io/clouditor/graph/App.kt          | 1 -
 .../io/clouditor/graph/passes/LabelExtractionPass.kt     | 4 ++--
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts
index ce00464..96531d0 100644
--- a/cloudpg/build.gradle.kts
+++ b/cloudpg/build.gradle.kts
@@ -70,15 +70,18 @@ repositories {
 
 dependencies {
     implementation("org.junit.jupiter:junit-jupiter:5.7.0")
+
     val version = "8.1.2"
+    implementation("com.github.Fraunhofer-AISEC.cpg:cpg:0198042dad")
+    implementation("de.fraunhofer.aisec:cpg-language-typescript:$version")
 
-    implementation("de.fraunhofer.aisec:cpg-core:$version")
+    /*implementation("de.fraunhofer.aisec:cpg-core:$version")
     implementation("de.fraunhofer.aisec:cpg-analysis:$version")
     implementation("de.fraunhofer.aisec:cpg-language-go:$version")
-    implementation("de.fraunhofer.aisec:cpg-language-python:$version")
+    implementation("com.github.Fraunhofer-AISEC:cpg:0198042dad")
     implementation("de.fraunhofer.aisec:cpg-language-typescript:$version")
     implementation("de.fraunhofer.aisec:cpg-language-java:$version")
-    implementation("de.fraunhofer.aisec:cpg-language-cxx:$version")
+    implementation("de.fraunhofer.aisec:cpg-language-cxx:$version")*/
 
     implementation("com.fasterxml.jackson.module:jackson-module-kotlin:2.13.+")
     implementation ("org.xmlunit:xmlunit-core:2.9.0")
diff --git a/cloudpg/src/main/java/io/clouditor/graph/App.kt b/cloudpg/src/main/java/io/clouditor/graph/App.kt
index 337c31d..2bebcf2 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/App.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/App.kt
@@ -23,7 +23,6 @@ import io.clouditor.graph.passes.python.*
 import io.clouditor.graph.testing.LocalTestingPass
 import java.nio.file.Path
 import java.util.concurrent.Callable
-import kotlin.streams.toList
 import kotlin.system.exitProcess
 import org.neo4j.ogm.config.Configuration
 import org.neo4j.ogm.session.SessionFactory
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index 705bdcb..6b4e9db 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -59,7 +59,7 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
             }
         }
 
-        // Labels that are equal to each other are merged to reduce them in size and and allow
+        // Labels that are equal to each other are merged to reduce them in size and allow
         // associating them to Anonymization label
         mergeEqualLabels(t)
         // Connects labels and anonymization labels such that anonymization of labels can be
@@ -323,7 +323,7 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx)
     }
 
     /**
-     * Function to just add labels to the annotated node, the type of Label can me specified through
+     * Function to just add labels to the annotated node, the type of Label can be specified through
      * the generic type specialization. Nodes that are in the Sub-AST of the annotated node, and
      * have an outgoing DFG-edge to another node not in the annotated nodes Sub-AST.
      */

From b02f973e7995400ad7701d64d07940214994c643 Mon Sep 17 00:00:00 2001
From: "Kunz, Immanuel" <immanuel.kunz@aisec.fraunhofer.de>
Date: Thu, 6 Jun 2024 14:59:29 +0200
Subject: [PATCH 36/44] update cpg release

---
 cloudpg/build.gradle.kts                              | 11 +++++------
 .../io/clouditor/graph/passes/DFGExtensionPass.kt     |  2 +-
 .../io/clouditor/graph/passes/LabelExtractionPass.kt  |  2 +-
 .../io/clouditor/graph/passes/golang/GinGonicPass.kt  |  4 ++--
 .../io/clouditor/graph/passes/golang/GoCryptoPass.kt  |  3 +--
 .../clouditor/graph/passes/golang/GolangHttpPass.kt   |  2 +-
 .../graph/passes/golang/GolangHttpRequestPass.kt      |  3 +--
 .../io/clouditor/graph/passes/golang/GolangLogPass.kt |  3 +--
 .../clouditor/graph/passes/python/CryptographyPass.kt |  3 +--
 .../io/clouditor/graph/passes/python/FlaskPass.kt     |  3 +--
 .../io/clouditor/graph/passes/python/PyMongoPass.kt   |  4 ++--
 .../io/clouditor/graph/passes/python/RequestsPass.kt  |  2 +-
 12 files changed, 18 insertions(+), 24 deletions(-)

diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts
index 96531d0..0674a60 100644
--- a/cloudpg/build.gradle.kts
+++ b/cloudpg/build.gradle.kts
@@ -71,17 +71,16 @@ repositories {
 dependencies {
     implementation("org.junit.jupiter:junit-jupiter:5.7.0")
 
-    val version = "8.1.2"
-    implementation("com.github.Fraunhofer-AISEC.cpg:cpg:0198042dad")
-    implementation("de.fraunhofer.aisec:cpg-language-typescript:$version")
+    val version = "8.2.0"
+    // implementation("de.fraunhofer.aisec:cpg-language-typescript:$version")
 
-    /*implementation("de.fraunhofer.aisec:cpg-core:$version")
+    implementation("de.fraunhofer.aisec:cpg-core:$version")
     implementation("de.fraunhofer.aisec:cpg-analysis:$version")
     implementation("de.fraunhofer.aisec:cpg-language-go:$version")
-    implementation("com.github.Fraunhofer-AISEC:cpg:0198042dad")
+    implementation("de.fraunhofer.aisec:cpg-language-python:$version")
     implementation("de.fraunhofer.aisec:cpg-language-typescript:$version")
     implementation("de.fraunhofer.aisec:cpg-language-java:$version")
-    implementation("de.fraunhofer.aisec:cpg-language-cxx:$version")*/
+    implementation("de.fraunhofer.aisec:cpg-language-cxx:$version")
 
     implementation("com.fasterxml.jackson.module:jackson-module-kotlin:2.13.+")
     implementation ("org.xmlunit:xmlunit-core:2.9.0")
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index 0608aad..85ffb08 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -13,7 +13,7 @@ import de.fraunhofer.aisec.cpg.graph.types.recordDeclaration
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
 import de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import java.util.*
 
 /**
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
index 6b4e9db..a4bd526 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt
@@ -16,7 +16,7 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference
 import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import io.clouditor.graph.nodes.labels.*
 import io.clouditor.graph.plusAssign
 import java.util.function.Consumer
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index cefd4aa..edc2f00 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -12,8 +12,8 @@ import de.fraunhofer.aisec.cpg.graph.parseName
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
 import de.fraunhofer.aisec.cpg.passes.*
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
-import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.ExecuteBefore
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
index 41ef2fb..7d384b2 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt
@@ -7,12 +7,11 @@ import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.passes.*
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
-import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 @DependsOn(GoExtraPass::class)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
index d88c48b..f47cd64 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
@@ -11,7 +11,7 @@ import de.fraunhofer.aisec.cpg.graph.firstAssignment
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
index d6bc721..f95fa90 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt
@@ -6,13 +6,12 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.passes.HttpClientPass
 import io.clouditor.graph.testing.LocalTestingPass
-import kotlin.streams.toList
 
 // This pass is needed only for the local testing mode, since in the testing pass we create the
 // endpoints and only after that we can create the respective requests
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
index c1b0e30..495a00b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt
@@ -8,11 +8,10 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.passes.GoExtraPass
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.passes.LogPass
-import kotlin.streams.toList
 
 @DependsOn(GoExtraPass::class)
 @DependsOn(SymbolResolver::class)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
index 6454545..d0d280f 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt
@@ -8,12 +8,11 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.Signature
-import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 @DependsOn(SymbolResolver::class)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
index 976779c..4ec7cb8 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
@@ -12,11 +12,10 @@ import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
 import de.fraunhofer.aisec.cpg.passes.TranslationResultPass
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
-import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
 @DependsOn(SymbolResolver::class)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
index 4a92c1c..d15bea6 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
@@ -8,8 +8,8 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
-import de.fraunhofer.aisec.cpg.passes.order.RequiredFrontend
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.RequiredFrontend
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
index 8c2e4a4..c1a994b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt
@@ -6,7 +6,7 @@ import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
 import de.fraunhofer.aisec.cpg.passes.SymbolResolver
-import de.fraunhofer.aisec.cpg.passes.order.DependsOn
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*

From f314be90c412a2820afea486e0bd930f7252b5ef Mon Sep 17 00:00:00 2001
From: Konrad Weiss <konrad.weiss@aisec.fraunhofer.de>
Date: Thu, 6 Jun 2024 15:00:56 +0200
Subject: [PATCH 37/44] DFG edges between value and root seem not to be
 necessary anymore in newer CPG versions

---
 .../main/java/io/clouditor/graph/passes/DFGExtensionPass.kt   | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index 0608aad..d94de30 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -39,10 +39,6 @@ class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         // nodes.filterIsInstance<CallExpression>().filter { node -> node.name == "stringify" ||
         // node.name == "toString" }
 
-        val keyValueExpressions: List<KeyValueExpression> =
-            nodes.filterIsInstance<KeyValueExpression>()
-        connectDFGValuesToKeyValueExpression(keyValueExpressions)
-
         stringifyFunctions.forEach {
             redirectDFGThroughFunctionCall(it)
             drawDFGEdgesFromNestedFields(it)

From c1f67973476bc3aaa58efaba5e2b5f1ace9652ca Mon Sep 17 00:00:00 2001
From: andreas <andreas1.binder@gmail.com>
Date: Fri, 14 Jun 2024 14:33:35 +0200
Subject: [PATCH 38/44] fix: expected number of pathes

---
 cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt
index 3e8e95c..5f29b8d 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt
@@ -97,7 +97,7 @@ open class IdentifiabilityTest {
                 listOf(Path(".")),
                 "MATCH p=(:Identifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p"
             )
-        assertEquals(1, result.count())
+        assertEquals(2, result.count())
 
         result.first().apply {
             var path = this.get("p") as Array<*>

From 026229ca0ab0d022fb95a4c0a0772c50319d27b1 Mon Sep 17 00:00:00 2001
From: andreas <andreas1.binder@gmail.com>
Date: Fri, 14 Jun 2024 14:53:43 +0200
Subject: [PATCH 39/44] fix: expected number of pathes

---
 cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt
index 6add087..eb97ca6 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt
@@ -23,7 +23,7 @@ open class LinkabilityTest {
                 listOf(Path(".")),
                 "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p"
             )
-        assertEquals(8, result.count())
+        assertEquals(4, result.count())
 
         result.first().apply {
             var path = this.get("p") as Array<*>
@@ -133,7 +133,7 @@ open class LinkabilityTest {
                 listOf(Path(".")),
                 "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p"
             )
-        assertEquals(1, result.count())
+        assertEquals(2, result.count())
 
         result.first().apply {
             val path = this.get("p") as Array<*>

From 61b5250821c5e99c7bcdb7b5766e3fe053c51a5f Mon Sep 17 00:00:00 2001
From: "Kunz, Immanuel" <immanuel.kunz@aisec.fraunhofer.de>
Date: Tue, 23 Jul 2024 14:25:42 +0200
Subject: [PATCH 40/44] ++

---
 cloudpg/build.gradle.kts                                   | 2 +-
 .../io/clouditor/graph/passes/DatabaseOperationPass.kt     | 1 +
 .../java/io/clouditor/graph/passes/GormDatabasePass.kt     | 7 +++++++
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts
index 0674a60..688f736 100644
--- a/cloudpg/build.gradle.kts
+++ b/cloudpg/build.gradle.kts
@@ -82,7 +82,7 @@ dependencies {
     implementation("de.fraunhofer.aisec:cpg-language-java:$version")
     implementation("de.fraunhofer.aisec:cpg-language-cxx:$version")
 
-    implementation("com.fasterxml.jackson.module:jackson-module-kotlin:2.13.+")
+    implementation("com.fasterxml.jackson.module:jackson-module-kotlin:2.17.2")
     implementation ("org.xmlunit:xmlunit-core:2.9.0")
     implementation("org.xmlunit:xmlunit-matchers:2.9.0")
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
index 6f29e8c..c52dd2c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
@@ -65,6 +65,7 @@ abstract class DatabaseOperationPass(ctx: TranslationContext) : TranslationResul
         log.info("Looking for databases hosted at {}", host)
 
         return t.additionalNodes.filterIsInstance(DatabaseService::class.java).filter {
+            // TODO IK should be localName?
             it.name.toString() == host
         }
     }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
index d14bd68..f28444d 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
@@ -10,13 +10,20 @@ import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.UnaryOperator
 import de.fraunhofer.aisec.cpg.graph.types.PointerType
 import de.fraunhofer.aisec.cpg.graph.types.Type
+import de.fraunhofer.aisec.cpg.passes.ControlFlowSensitiveDFGPass
+import de.fraunhofer.aisec.cpg.passes.SymbolResolver
+import de.fraunhofer.aisec.cpg.passes.configuration.DependsOn
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
 import io.clouditor.graph.*
 import io.clouditor.graph.nodes.getStorageOrCreate
+import io.clouditor.graph.testing.LocalTestingPass
 import kotlin.streams.toList
 
 @Suppress("UNUSED_PARAMETER")
+@DependsOn(SymbolResolver::class)
+@DependsOn(ControlFlowSensitiveDFGPass::class)
+@DependsOn(LocalTestingPass::class, softDependency = true)
 class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
     override fun accept(result: TranslationResult) {
         val translationUnits =

From 79ef63ebe5503acb7b687f60eee70f138b470172 Mon Sep 17 00:00:00 2001
From: Christian Banse <oxisto@clouditor.io>
Date: Tue, 23 Jul 2024 14:33:48 +0200
Subject: [PATCH 41/44] Using ValueEvaluator instead of ValueResolver

---
 .../java/io/clouditor/graph/ValueResolver.kt  |  3 +++
 .../graph/passes/GormDatabasePass.kt          | 19 ++++++++++---------
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt b/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt
index 00a87e9..084386e 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt
@@ -152,6 +152,9 @@ open class ValueResolver(
 
                 return cannotResolve(expr, this)
             }
+            is Reference -> {
+                return expr.refersTo
+            }
         }
 
         return cannotResolve(expr, this)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
index f28444d..b45215a 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
@@ -2,6 +2,7 @@ package io.clouditor.graph.passes
 
 import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
+import de.fraunhofer.aisec.cpg.analysis.ValueEvaluator
 import de.fraunhofer.aisec.cpg.graph.Node
 import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
@@ -293,16 +294,16 @@ class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
             }
                 ?: mutableMapOf()
 
-        return ValueResolver { node, resolver ->
+        return ValueEvaluator { node, resolver ->
                 when (node) {
                     is CallExpression -> {
                         // support for some special calls, i.e. format
                         if (node.name.localName == "Sprintf") {
-                            val str = resolver.resolve(node.arguments.firstOrNull()) as String
+                            val str = resolver.evaluate(node.arguments.firstOrNull()) as String
                             val arguments = node.arguments.drop(1)
 
-                            return@ValueResolver str.format(
-                                *arguments.map { resolver.resolve(it) }.toTypedArray()
+                            return@ValueEvaluator str.format(
+                                *arguments.map { resolver.evaluate(it) }.toTypedArray()
                             )
                         }
 
@@ -310,17 +311,17 @@ class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
                         // stdlib doesnt have that built-in
                         if (node.name.localName == "EnvOrDefault") {
                             // environment lookup on python
-                            val key = resolver.resolve(node.arguments.firstOrNull())
+                            val key = resolver.evaluate(node.arguments.firstOrNull())
 
-                            return@ValueResolver env[key] ?: resolver.resolve(node.arguments[1])
+                            return@ValueEvaluator env[key] ?: resolver.evaluate(node.arguments[1])
                         }
 
                         // return placeholder
-                        return@ValueResolver "{${node.name}()}"
+                        return@ValueEvaluator "{${node.name}()}"
                     }
-                    else -> return@ValueResolver "{${node?.name}}"
+                    else -> return@ValueEvaluator "{${node?.name}}"
                 }
             }
-            .resolve(expr)
+            .evaluate(expr)
     }
 }

From ab6e10424e6c166e49307a74addcece7abfaecac Mon Sep 17 00:00:00 2001
From: "Kunz, Immanuel" <immanuel.kunz@aisec.fraunhofer.de>
Date: Thu, 7 Nov 2024 14:14:54 +0100
Subject: [PATCH 42/44] update cpg version, fix workflowhandler

---
 cloudpg/build.gradle.kts                        | 17 ++++++++++-------
 .../clouditor/graph/github/WorkflowHandler.kt   |  2 +-
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts
index 688f736..d9c0d96 100644
--- a/cloudpg/build.gradle.kts
+++ b/cloudpg/build.gradle.kts
@@ -58,29 +58,32 @@ repositories {
     }
 
     ivy {
-        setUrl("https://download.eclipse.org/tools/cdt/releases/11.0/cdt-11.0.0/plugins")
+        setUrl("https://download.eclipse.org/tools/cdt/releases/")
         metadataSources {
             artifact()
         }
+
         patternLayout {
-            artifact("/[organisation].[module]_[revision].[ext]")
+            artifact("[organisation].[module]_[revision].[ext]")
         }
     }
 }
 
 dependencies {
     implementation("org.junit.jupiter:junit-jupiter:5.7.0")
+    implementation("com.github.Fraunhofer-AISEC:cpg:4e7c0b862e")
+    //implementation("de.fraunhofer.aisec:cpg-language-cxx:8.3.0")
+    //val version = "8.2.0"
+    
+    implementation("de.fraunhofer.aisec:cpg-language-typescript:8.3.0")
 
-    val version = "8.2.0"
-    // implementation("de.fraunhofer.aisec:cpg-language-typescript:$version")
-
-    implementation("de.fraunhofer.aisec:cpg-core:$version")
+    /*implementation("de.fraunhofer.aisec:cpg-core:$version")
     implementation("de.fraunhofer.aisec:cpg-analysis:$version")
     implementation("de.fraunhofer.aisec:cpg-language-go:$version")
     implementation("de.fraunhofer.aisec:cpg-language-python:$version")
     implementation("de.fraunhofer.aisec:cpg-language-typescript:$version")
     implementation("de.fraunhofer.aisec:cpg-language-java:$version")
-    implementation("de.fraunhofer.aisec:cpg-language-cxx:$version")
+    implementation("de.fraunhofer.aisec:cpg-language-cxx:$version")*/
 
     implementation("com.fasterxml.jackson.module:jackson-module-kotlin:2.17.2")
     implementation ("org.xmlunit:xmlunit-core:2.9.0")
diff --git a/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt
index 25b5901..15f7cae 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/github/WorkflowHandler.kt
@@ -159,7 +159,7 @@ class WorkflowHandler(private val result: TranslationResult, private val rootPat
                 result.builders += builder
 
                 // build a DFG node from the builder to the image
-                builder.addNextDFG(image)
+                builder.nextDFGEdges.add(image)
             }
         }
     }

From 3731baef565685e500bed9af246d2e9678d40f15 Mon Sep 17 00:00:00 2001
From: "Kunz, Immanuel" <immanuel.kunz@aisec.fraunhofer.de>
Date: Thu, 7 Nov 2024 14:59:31 +0100
Subject: [PATCH 43/44] fix dfg edge additions

---
 .../java/io/clouditor/graph/nodes/Walkers.kt   |  6 +++---
 .../java/io/clouditor/graph/passes/Azure.kt    |  6 +++---
 .../clouditor/graph/passes/DFGExtensionPass.kt |  8 ++++----
 .../graph/passes/DatabaseOperationPass.kt      |  4 ++--
 .../clouditor/graph/passes/GormDatabasePass.kt | 18 +++++++++---------
 .../clouditor/graph/passes/HttpClientPass.kt   |  8 ++++----
 .../graph/passes/IngressInvocationPass.kt      |  2 +-
 .../clouditor/graph/passes/KubernetesPass.kt   |  2 +-
 .../graph/passes/golang/GinGonicPass.kt        |  8 ++++----
 .../graph/passes/golang/GolangHttpPass.kt      |  2 +-
 .../io/clouditor/graph/passes/js/JSHttpPass.kt |  2 +-
 .../clouditor/graph/passes/python/FlaskPass.kt |  2 +-
 .../graph/passes/python/Psycopg2Pass.kt        | 16 ++++------------
 .../graph/passes/python/PyMongoPass.kt         |  6 +++---
 .../graph/testing/LocalTestingPass.kt          |  2 +-
 15 files changed, 42 insertions(+), 50 deletions(-)

diff --git a/cloudpg/src/main/java/io/clouditor/graph/nodes/Walkers.kt b/cloudpg/src/main/java/io/clouditor/graph/nodes/Walkers.kt
index 87d8152..e50da98 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/nodes/Walkers.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/nodes/Walkers.kt
@@ -1,10 +1,10 @@
 package io.clouditor.graph.nodes
 
 import de.fraunhofer.aisec.cpg.graph.Node
-import de.fraunhofer.aisec.cpg.graph.edge.PropertyEdge
+import de.fraunhofer.aisec.cpg.graph.edges.Edge
 
-fun Node.followEOG(predicate: (PropertyEdge<*>) -> Boolean): List<PropertyEdge<*>>? {
-    val path = mutableListOf<PropertyEdge<*>>()
+fun Node.followEOG(predicate: (Edge<*>) -> Boolean): List<Edge<*>>? {
+    val path = mutableListOf<Edge<*>>()
 
     for (edge in this.nextEOGEdges) {
         path.add(edge)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt
index 8c800a8..920e01b 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt
@@ -197,7 +197,7 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
             println("We got an interesting call: create")
 
             val request = ObjectStorageRequest(c, listOf(storage), "create")
-            request.addNextDFG(storage)
+            request.nextDFG.add(storage)
             request.name = Name(request.type, null)
 
             t += request
@@ -208,7 +208,7 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
 
             // create an object storage request
             val request = ObjectStorageRequest(c, listOf(storage), "append")
-            request.addNextDFG(storage)
+            request.nextDFG.add(storage)
             request.name = Name(request.type, null)
 
             t += request
@@ -289,7 +289,7 @@ class AzurePass(ctx: TranslationContext) : CloudResourceDiscoveryPass(ctx) {
 
                     // model data export as ObjectStorageRequest
                     val request = ObjectStorageRequest(log, listOf(storage), "append")
-                    storage?.let { request.addNextDFG(it) }
+                    storage?.let { request.nextDFG.add(it) }
 
                     // add DFG from the source to the sink
                     request.to.forEach { request.source.nextDFG.add(it) }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
index e061b86..2405fd3 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt
@@ -44,7 +44,7 @@ class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
             drawDFGEdgesFromNestedFields(it)
         }
 
-        memberExpressions.forEach { it.addPrevDFG(it.base) }
+        memberExpressions.forEach { it.prevDFG.add(it.base) }
     }
 
     /**
@@ -57,18 +57,18 @@ class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     ) {
         keyValueExpressions.forEach {
             val keyValueExpression: KeyValueExpression = it
-            it.value?.let { keyValueExpression.addPrevDFG(it) }
+            it.value?.let { keyValueExpression.prevDFG.add(it) }
         }
     }
 
     private fun redirectDFGThroughFunctionCall(call: CallExpression) {
-        call.arguments.forEach { call.addPrevDFG(it) }
+        call.arguments.forEach { call.prevDFG.add(it) }
     }
 
     private fun drawDFGEdgesFromNestedFields(call: CallExpression) {
         call.arguments.forEach { it ->
             val nestedFields: MutableSet<FieldDeclaration> = getNestedFields(it)
-            nestedFields.forEach { call.addPrevDFG(it) }
+            nestedFields.forEach { call.prevDFG.add(it) }
         }
     }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
index c52dd2c..a6c54f3 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt
@@ -49,9 +49,9 @@ abstract class DatabaseOperationPass(ctx: TranslationContext) : TranslationResul
 
         storage.forEach {
             if (op.isModify) {
-                op.addNextDFG(it)
+                op.nextDFG.add(it)
             } else {
-                op.addPrevDFG(it)
+                op.prevDFG.add(it)
             }
         }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
index b45215a..dc2ba06 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/GormDatabasePass.kt
@@ -200,13 +200,13 @@ class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
         // then, check if we have a second argument
         call.arguments.getOrNull(1)?.let {
             // add it as an incoming DFG edge
-            op.addPrevDFG(it)
+            op.prevDFG.add(it)
         }
     }
 
     private fun handleWhere(call: CallExpression, op: DatabaseQuery) {
         // simply add all arguments as incoming DFG edges
-        call.arguments.forEach { op.addPrevDFG(it) }
+        call.arguments.forEach { op.prevDFG.add(it) }
     }
 
     private fun handleFirst(call: CallExpression, op: DatabaseQuery) {
@@ -223,7 +223,7 @@ class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
         // add a DFG edge towards our target
         if (target != null) {
-            op.addNextDFG(target)
+            op.nextDFG.add(target)
 
             // add storage
             op.to.forEach {
@@ -232,9 +232,9 @@ class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
                 // also add DFG edges from or towards the storage, depending on the query type
                 if (op.isModify) {
-                    op.addNextDFG(storage)
+                    op.nextDFG.add(storage)
                 } else {
-                    op.addPrevDFG(storage)
+                    op.prevDFG.add(storage)
                 }
             }
         }
@@ -246,14 +246,14 @@ class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
         // add a DFG edge towards our target
         if (target != null) {
-            target.addNextDFG(op)
+            target.nextDFG.add(op)
 
             // add storage
             op.to.forEach {
                 val storage = it.getStorageOrCreate(deriveName(target.type))
                 op.storage.add(storage)
 
-                op.addNextDFG(storage)
+                op.nextDFG.add(storage)
             }
         }
     }
@@ -267,7 +267,7 @@ class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
         // add a DFG edge towards our target
         if (target != null) {
-            target.addNextDFG(op)
+            target.nextDFG.add(op)
 
             // add storage
             op.to.forEach {
@@ -275,7 +275,7 @@ class GormDatabasePass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
                 op.storage.add(storage)
 
                 // also add DFG edge towards the storage
-                op.addNextDFG(storage)
+                op.nextDFG.add(storage)
             }
         }
     }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
index 07627ec..9bc7c91 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpClientPass.kt
@@ -22,11 +22,11 @@ abstract class HttpClientPass(ctx: TranslationContext) : TranslationResultPass(c
         request.name = Name(method)
         request.location = call.location
 
-        endpoints.forEach { request.addNextDFG(it) }
-        body?.addNextDFG(request)
+        endpoints.forEach { request.nextDFG.add(it) }
+        body?.nextDFG?.add(request)
 
         // call.invokes = listOf(request)
-        call.addPrevDFG(request)
+        call.prevDFG.add(request)
 
         val i = endpoints.firstOrNull()
         val f = i?.handler
@@ -35,7 +35,7 @@ abstract class HttpClientPass(ctx: TranslationContext) : TranslationResultPass(c
         // remote call happens
         f?.prevDFG?.forEach {
             // for each return node, connect it to the get-call
-            it.addNextDFG(call)
+            it.nextDFG.add(call)
             println("Connecting $it to $call")
         }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/IngressInvocationPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/IngressInvocationPass.kt
index e7bce0f..29df29c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/IngressInvocationPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/IngressInvocationPass.kt
@@ -65,7 +65,7 @@ class IngressInvocationPass(ctx: TranslationContext) : TranslationResultPass(ctx
                         transportEncryption,
                         url
                     )
-                proxy.addNextDFG(endpoint)
+                proxy.nextDFG.add(endpoint)
                 t += proxy
             }
         }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/KubernetesPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/KubernetesPass.kt
index d974a7d..66ac002 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/KubernetesPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/KubernetesPass.kt
@@ -222,7 +222,7 @@ class KubernetesPass(ctx: TranslationContext) : CloudResourceDiscoveryPass(ctx)
         image.application?.runsOn?.add(container)
 
         // add dataflow from image to container
-        container?.let { image.addNextDFG(it) }
+        container?.let { image.nextDFG.add(it) }
 
         return container
     }
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
index edc2f00..9bddd93 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt
@@ -189,9 +189,9 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
         if (m.name.localName == "BindJSON" || m.name.localName == "Bind") {
             val obj = (m.arguments.firstOrNull() as UnaryOperator).input
             if (obj is Reference) {
-                obj.refersTo?.let { e.addNextDFG(it) }
+                obj.refersTo?.let { e.nextDFG.add(it) }
             } else {
-                e.addNextDFG(obj)
+                e.nextDFG.add(obj)
             }
         } else if (m.name.localName == "Get") {
             // lets see, whether we have a chain of member calls that go
@@ -213,7 +213,7 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                 // otherwise, go to the next base
                 memberCall = memberCall.base as? MemberExpression
             }
-            e.addNextDFG(m)
+            e.nextDFG.add(m)
         }
     }
 
@@ -239,7 +239,7 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                 // otherwise, go to the next base
                 memberCall = memberCall.base as? MemberExpression
             }
-            e.addNextDFG(m)
+            e.nextDFG.add(m)
         }
     }
 
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
index f47cd64..bc3f91c 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt
@@ -81,7 +81,7 @@ class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) {
                     if (it.type is PointerType && it.type.root.name.toString() == "http.Request") {
                         // add a dfg from the endpoint to the paramvariabledeclaration the data is
                         // stored in
-                        endpoint.addNextDFG(it)
+                        endpoint.nextDFG.add(it)
                     }
                 }
                 client?.httpEndpoints?.plusAssign(endpoint)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt
index 148ab0c..c704d09 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt
@@ -111,7 +111,7 @@ class JSHttpPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                 fd.parameters.first() == (me.base as? Reference)?.refersTo
         ) {
             // set the DFG target of this call to the DFG target of our http endpoints
-            me.nextDFG.forEach { e.addNextDFG(it) }
+            me.nextDFG.forEach { e.nextDFG.add(it) }
 
             // TODO(oxisto): Once we update the ontology, we should also set this as the
             // "request_body" property of the http endpoint
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
index 4ec7cb8..a0b8fc5 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt
@@ -135,7 +135,7 @@ class FlaskPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
     private fun handleRequestUnpacking(me: MemberExpression, e: HttpEndpoint) {
         if (me.name.localName == "json" && me.base.name.localName == "request") {
             // set the DFG target of this call to the DFG target of our http endpoints
-            me.nextDFG.forEach { e.addNextDFG(it) }
+            me.nextDFG.forEach { e.nextDFG.add(it) }
 
             // TODO(oxisto): Once we update the ontology, we should also set this as the
             // "request_body" property of the http endpoint
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt
index d3e35b3..34b1cff 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/Psycopg2Pass.kt
@@ -3,7 +3,6 @@ package io.clouditor.graph.passes.python
 import de.fraunhofer.aisec.cpg.TranslationContext
 import de.fraunhofer.aisec.cpg.TranslationResult
 import de.fraunhofer.aisec.cpg.graph.Node
-import de.fraunhofer.aisec.cpg.graph.edge.Properties
 import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
 import de.fraunhofer.aisec.cpg.processing.IVisitor
 import de.fraunhofer.aisec.cpg.processing.strategy.Strategy
@@ -105,7 +104,7 @@ class Psycopg2Pass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
             op.calls.plusAssign(call)
 
             // add DFG flow towards the target of the fetchall call
-            op.addNextDFG(target)
+            op.nextDFG.add(target)
         }
     }
 
@@ -159,7 +158,7 @@ class Psycopg2Pass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
 
             // in the select case, the arguments are just arguments to the query itself and flow
             // towards the op
-            call.arguments.forEach { it.addNextDFG(op) }
+            call.arguments.forEach { it.nextDFG.add(op) }
 
             return op
         }
@@ -187,17 +186,10 @@ class Psycopg2Pass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
         val resolver = PythonValueResolver(app)
         // resolve the connection details
         val host =
-            resolver.resolve(
-                call.argumentEdges.firstOrNull { it.getProperty(Properties.NAME) == "host" }?.end
-            ) as?
-                String
+            resolver.resolve(call.argumentEdges.firstOrNull { it.name == "host" }?.end) as? String
 
         val db =
-            resolver.resolve(
-                call.argumentEdges
-                    .firstOrNull { it.getProperty(Properties.NAME) == "database" }
-                    ?.end
-            ) as?
+            resolver.resolve(call.argumentEdges.firstOrNull { it.name == "database" }?.end) as?
                 String
 
         // create a new DB operation (connect)
diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
index d15bea6..f742e97 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt
@@ -186,16 +186,16 @@ class PyMongoPass(ctx: TranslationContext) : DatabaseOperationPass(ctx) {
             op = createDatabaseQuery(t, true, connect, storage, listOf(mce), app)
 
             // data flows from first argument to op
-            mce.arguments.firstOrNull()?.addNextDFG(op)
+            mce.arguments.firstOrNull()?.nextDFG?.add(op)
         }
 
         if (mce.name.localName == "find" || mce.name.localName == "find_one") {
             op = createDatabaseQuery(t, false, connect, storage, listOf(mce), app)
             // data flows from first argument to op
-            mce.arguments.firstOrNull()?.addNextDFG(op)
+            mce.arguments.firstOrNull()?.nextDFG?.add(op)
 
             // and towards the DFG target(s) of the call
-            mce.nextDFG.forEach { op.addNextDFG(it) }
+            mce.nextDFG.forEach { op.nextDFG.add(it) }
         }
 
         if (op != null) {
diff --git a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
index 9c6cc29..da5a9ac 100644
--- a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
+++ b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt
@@ -68,7 +68,7 @@ class LocalTestingPass(ctx: TranslationContext) : TranslationResultPass(ctx) {
                                 null,
                                 url
                             )
-                        proxy.addNextDFG(endpoint)
+                        proxy.nextDFG.add(endpoint)
                         t += proxy
                     }
                 }

From f64e8db3b3597a8979cd4dfca526981eafd4d304 Mon Sep 17 00:00:00 2001
From: "Kunz, Immanuel" <immanuel.kunz@aisec.fraunhofer.de>
Date: Thu, 7 Nov 2024 15:00:13 +0100
Subject: [PATCH 44/44] cosmetic fix

---
 cloudpg/build.gradle.kts                                      | 2 +-
 cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts
index d9c0d96..4a7e60d 100644
--- a/cloudpg/build.gradle.kts
+++ b/cloudpg/build.gradle.kts
@@ -74,7 +74,7 @@ dependencies {
     implementation("com.github.Fraunhofer-AISEC:cpg:4e7c0b862e")
     //implementation("de.fraunhofer.aisec:cpg-language-cxx:8.3.0")
     //val version = "8.2.0"
-    
+
     implementation("de.fraunhofer.aisec:cpg-language-typescript:8.3.0")
 
     /*implementation("de.fraunhofer.aisec:cpg-core:$version")
diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
index 3f1afbf..bcdd551 100644
--- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
+++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt
@@ -9,7 +9,7 @@ import org.neo4j.driver.internal.InternalPath
 @Tag("TestingLibrary")
 open class DetectabilityTest {
 
-    // D1 Dectectable Credentials out of scope
+    // D1 Detectable Credentials out of scope
 
     @Test
     fun testD2Python() {