From 3db9af97aa679b26435cd129f2fc3b08ee136020 Mon Sep 17 00:00:00 2001
From: Stephen Augustus <foo@auggie.dev>
Date: Mon, 6 Jan 2025 11:51:33 -0500
Subject: [PATCH] governance: Add meeting note archives from 2021 through 2024

Signed-off-by: Stephen Augustus <foo@auggie.dev>
---
 governance/meetings/2021.md |  652 +++++++++++++++
 governance/meetings/2022.md | 1495 +++++++++++++++++++++++++++++++++++
 governance/meetings/2023.md | 1235 +++++++++++++++++++++++++++++
 governance/meetings/2024.md | 1491 ++++++++++++++++++++++++++++++++++
 4 files changed, 4873 insertions(+)
 create mode 100644 governance/meetings/2021.md
 create mode 100644 governance/meetings/2022.md
 create mode 100644 governance/meetings/2023.md
 create mode 100644 governance/meetings/2024.md

diff --git a/governance/meetings/2021.md b/governance/meetings/2021.md
new file mode 100644
index 000000000000..eab56e860114
--- /dev/null
+++ b/governance/meetings/2021.md
@@ -0,0 +1,652 @@
+# OpenSSF Scorecard Meeting Archive — 2021
+
+## Dec 16, 2021
+
+Updates:
+
+* Azeem  
+  * Scorecard might be getting an intern\!  
+* Jeff  
+  * Working on doc with long/short term plan for Allstar \+ Scorecard integrations.  
+  * Not planning on implementing: [https://github.com/ossf/allstar/issues/22](https://github.com/ossf/allstar/issues/22)  
+  * Next integration: check for Scorecard GHA  
+  * Further integration: interpret GHA results  
+* Laurent   
+  * Separating checks from the score policy  
+  * Partnered workflows for GitHub market place [\#1302](https://github.com/actions/starter-workflows/pull/1302)  
+  *   
+* Naveen  
+  *   
+* (Chris)  
+  * (11/29) Adding line numbers to results: [\#886](https://github.com/ossf/scorecard/issues/886) and [\#725](https://github.com/ossf/scorecard/issues/725)  
+* David A. Wheeler \- distracted by Great MFA Distribution project & log4j  
+  * Any more thoughts about taking data on scorecards from .yaml file? SECURITY-INFO.yml, e.g., [https://docs.google.com/document/d/1Hqks2J0wVqS\_YFUQeIyjkLneLfo3\_9A-pbU-7DZpGwM/edit\#](https://docs.google.com/document/d/1Hqks2J0wVqS_YFUQeIyjkLneLfo3_9A-pbU-7DZpGwM/edit#)  
+    * The big issue was how to score it. Could give lower number than 10 (“project says they have it, but we can’t confirm it), or separate numbers (ignore / consider claims from project). Could also add an “asterisk” next to numbers that are from project claims. But it’s important to have an idea on how to do this, or this file is much less useful.  
+  * We have a dependabot warning on scorecard project itself :-)  
+  * LICENSES: Should we score lower if license doesn’t match known OSS license? [https://github.com/ossf/scorecard/issues/1369](https://github.com/ossf/scorecard/issues/1369)  
+* 
+
+Open issues:
+
+- [x] ~~Email to Michael Scovetta, cc David A. Wheeler \- [Michael.Scovetta@microsoft.com](mailto:Michael.Scovetta@microsoft.com)~~  
+- [x] ~~Create scorecard-webapp repo \- Naveen Srinivasan~~
+
+* No meeting on Dec 30th   
+* V4 release  
+  * Docker image creation [\#15](https://github.com/ossf/scorecard-action/issues/15)  
+  * [Release notes](https://docs.google.com/document/d/1tIBXs801G-d2zLWzr9qBq6uKAXvshMs9wMTpDVwHmMU/preview?resourcekey=0-UlykB-9xEM5wj2aQPHTTMg). Please add list of enhancements there.  
+  * OSSF metrics not up to date, e.g. [https://metrics.openssf.org/search?q=systemd%2Fsystemd](https://metrics.openssf.org/search?q=systemd%2Fsystemd) claims \`last updated 8 months ago\`. The the page says \`Last refreshed 2021-09-13\` [https://metrics.openssf.org/grafana/d/default/metric-dashboard?orgId=1\&var-PackageURL=pkg%3Agithub/systemd/systemd](https://metrics.openssf.org/grafana/d/default/metric-dashboard?orgId=1&var-PackageURL=pkg%3Agithub/systemd/systemd). Is data stale? We want to say we've scaled to 1M in blog post and release notes and point to OSSF metrics dashboard. Can this be done for Jan? Note: should use the new data format.  
+  * “We used to update Google cloud buckets, now we don’t”  
+  * They should be automatically updated somehow  
+*   
+* Create a scorecard-webapp repo (azeems)  
+  * Repo name?  
+  * Golang webapp?  
+* Improving code quality (azeems)  
+* Reducing number of open issue (azeems)  
+* Dockerfile pinning from same team (laurent)
+
+## Dec 2, 2021
+
+* Laurent: GH action on PR: disable?  
+  * Laurent: GH action: badges vs runs
+
+**Please sign yourselves**
+
+- David A. Wheeler
+
+Score for pinning dependencies: start with 10, \-1 if any/all of the actions of the platform (forge & CI system) aren’t pinned, \-1 for each additional unpinned dependency, minimum 0\. E.g., CIFuzz is hard to pin, but don’t really want to make an exception because it SHOULD be pinnable (they merge code & configuration, and that really should be separate). This way, the problem is noted without us having to constantly make exceptions. We didn’t do percentages; a project with 50 unpinned dependencies is riskier than one that has 1, even if their percentages are the same.
+
+David: Let’s make sure we don’t lock requirements to GitHub. There’s GitLab & other forges.
+
+Naveem demo’d an early-hacked tool to list the transitive dependencies & what’s highest-risk. He’ll switch to prepared statements in his SQL first. This could be contributed to OpenSSF.
+
+FYI: Security-Threats WG has discussed OSSF-SECURITY.yaml, currently early in discussion \- [https://docs.google.com/document/d/1Hqks2J0wVqS\_YFUQeIyjkLneLfo3\_9A-pbU-7DZpGwM/edit](https://docs.google.com/document/d/1Hqks2J0wVqS_YFUQeIyjkLneLfo3_9A-pbU-7DZpGwM/edit)  
+Goal: Provide a text file that tries to justify answers for Scorecard & CII Best Practices Badge & other analysis tools like it. Willing to support? Issue: Do you trust the text? Possible solution: cap the score.
+
+- Azeem: I like having a common format, not sure how much we could trust it. Using it might reduce users’ trust in scorecard.  
+- Jeff Mendoza: Posting in BitQuery is trusted, needs to be very trustworthy. For actions & badges might accept it.  
+- David Wheeler: Could report both scores (automated \+ self-assertion)  
+- Jeff: Some redundancy with future scorecard configuration (disable a check), vs setting this declaration (leave check enabled, declare compliance).  
+- 
+
+## Nov 15, 2021
+
+Attendees:  
+**Please sign yourselves**
+
+- Naveen Srinivasan
+- Jeff Mendoza
+
+Updates:
+
+* (Azeem)  
+  * Mostly working on [https://github.com/ossf/scorecard/issues/1240](https://github.com/ossf/scorecard/issues/1240)  
+* Jeff  
+  *   
+* (Laurent)   
+  * Finished GH action support for pull requests  
+  * Drafting a doc for scorecard badges  
+  * Started a PR for raw e2e results, will write a pager for implementation details  
+* (Naveen)  
+  * Move docker builds to ko \- [https://github.com/ossf/scorecard/pull/1214](https://github.com/ossf/scorecard/pull/1214)  
+  * Working on enabling scorecard to sign releases using cosign and keyless  
+    * [https://github.com/ossf/scorecard/issues/1201](https://github.com/ossf/scorecard/issues/1201)  
+    * Opened a PR in cosign to address one of the pending items which is a blocker [https://github.com/sigstore/cosign/pull/1001](https://github.com/sigstore/cosign/pull/1001). This has been merged  
+    * Rekor has a issue in uploading large binary [https://github.com/sigstore/rekor/issues/481](https://github.com/sigstore/rekor/issues/481)  
+    * Fix the bug [https://github.com/ossf/scorecard/pull/1272](https://github.com/ossf/scorecard/pull/1272)  
+    *   
+* (Chris)  
+  * (11/29) Adding line numbers to results: [\#886](https://github.com/ossf/scorecard/issues/886) and [\#725](https://github.com/ossf/scorecard/issues/725)
+
+Open issues:
+
+* Updated meeting time Thursdays 4PM EST.  
+* Jose from GH is here. Discuss GH Actions.  
+  * Send Jose a link to the action to get it verified “blue check mark” in market place. Need to rename action  
+  * Custom logo in the marketplace. Need an SVG logo from our side.  
+    * Scorecard logo:  
+    * [https://github.com/ossf/scorecard/blob/main/artwork/openssf\_security.svg](https://github.com/ossf/scorecard/blob/main/artwork/openssf_security.svg)  
+    * [https://github.com/ossf/scorecard/blob/main/artwork/openssf\_security\_alt.svg](https://github.com/ossf/scorecard/blob/main/artwork/openssf_security_alt.svg)  
+    * OpenSSF logo:  
+    * [https://github.com/ossf/artwork](https://github.com/ossf/artwork)   
+  * Can setup a custom workflow like a partner GitHub action. \[2 weeks in advance\]  
+  * [https://partner.github.com/resources](https://partner.github.com/resources) explains the steps  
+* For v4 release  
+  * Fix branch protection [https://github.com/ossf/scorecard/pull/1252](https://github.com/ossf/scorecard/pull/1252)   
+  * (low prio) Bug \`Resource not accessible\` [https://github.com/ossf/scorecard/issues/1097](https://github.com/ossf/scorecard/issues/1097)   
+  * GH action:  
+    * Test actions more thoroughly (Appu, ask evverx@)  
+    * GH action doc: Asra/Kara  
+    * Action verified: laurent  
+    * Docker image generation: Naveen  
+    * Add line numbers/filenames to more checks (Chris)  
+  * [https://github.com/ossf/scorecard/issues/1128](https://github.com/ossf/scorecard/issues/1128) make token permissions defined at top level mandatory.  
+    * [https://github.com/ossf/scorecard/issues/1257\#issuecomment-968353572](https://github.com/ossf/scorecard/issues/1257#issuecomment-968353572) agrees it's better.  
+  * Vendor dependencies for hermetic builds. [https://github.com/ossf/scorecard/issues/1188](https://github.com/ossf/scorecard/issues/1188) [https://github.com/ossf/scorecard/pull/1208](https://github.com/ossf/scorecard/pull/1208)   
+    * Punting on this for now  
+* Enable signed commits for this repository. [https://github.com/ossf/scorecard/issues/223](https://github.com/ossf/scorecard/issues/223)  
+  * Only do this for merge  
+* Should scorecard be forcing users to use a zap.Logger? [https://github.com/ossf/scorecard/issues/1273](https://github.com/ossf/scorecard/issues/1273)  
+  * Keep the issue open and see if we can get to it soon
+
+## Nov 1, 2021
+
+Updates:
+
+* (Azeem)  
+  * 1M repos now  
+* (Chris)  
+  * Working on parsing issues.  
+  * Will use actionlint to parse workflows.  
+  * Will also look into adding line info to PinnedDependency check.  
+* (Jeff)  
+  * AllStar overview: install GH app on repos or orgs. If repos are out of compliance, can file issues and potentially in future fix it for you.  
+  * Allstar is using Scorecard as a library. Only calls BinaryArtifact check.  
+  * Scorecard does not have much input config as of now. Having this helps with applying fine-grained policies.  
+  * AllStar check for Scorecard GH action.   
+  * AI(jeff): one-pager on Scorecard are library or GH Actions.  
+* (Laurent)  
+  * Finishing up on GH action  
+* (Naveen)  
+  * Reproducible Builds GoReleaser  
+  * Fixed the Broken e2e tests  
+    * RepoClient e2e is still pending.   
+  * Fixed the e2e tests which weren't running and now it is running part of CI  
+  * Released 3.1.1 with arm builds for Darwin
+
+Issues that [need discussion](https://github.com/ossf/scorecard/issues?q=is%3Aopen+is%3Aissue+label%3A%22needs+discussion%22):
+
+* Frido: Project Thoth collaboration \- [https://thoth-station.ninja/](https://thoth-station.ninja/)  
+  * Analysis and recommendations for Python packages  
+  * OSS project  
+  * Uses prescriptions \- [https://github.com/thoth-station/prescriptions](https://github.com/thoth-station/prescriptions)  
+  * Uses Scorecards. Fetches data from BQ and to create prescriptions.   
+  * Eg for Flask repo \- [https://github.com/thoth-station/prescriptions/tree/master/prescriptions/fl\_/flask](https://github.com/thoth-station/prescriptions/tree/master/prescriptions/fl_/flask)  
+  * Having difficulty in using Big Query  
+* Need decision on \`--repo=file://\` or \`--local\`  
+  * Go with local option for now  
+* OSSF to discuss guidelines when recommending tools in our documentation (no span, open-source, etc): David suggested we write a doc and he will circulate to his lawyer if tools we recommend are proprietary. For oss tools, it's fine. We can say "Here are tools we are aware of that can help: X, Y, Z".  
+  * Laurent to create an issue and submit a doc discussing this. Will defer to David Wheeler once we have consensus internally.  
+* Token permissions [https://github.com/ossf/scorecard/issues/1129](https://github.com/ossf/scorecard/issues/1129)   
+  * Outcome: keep opinion out of Scorecard. Create an umbrella bug for separating policy and evaluation.   
+  * AI(naveen): create issues for these.  
+* Scorecard should sign releases binaries with cosign using keyless option. [https://github.com/ossf/scorecard/issues/1201](https://github.com/ossf/scorecard/issues/1201)  
+  * AI(naveen): Involve Asra, Priya and confirm who the entity will be. And how closely will this map to SLSA builds?  
+* Record Scorecard scans into Rekor [https://github.com/ossf/scorecard/issues/1200](https://github.com/ossf/scorecard/issues/1200)  
+  * Need more discussion with the Rekor team. May consider it for v5 not for v4.  
+  * AI(naveen): update issue with comments  
+* GH actions: upload in our action or leave this in the workflow?  
+  * Leave as is, in the workflow. We can add a different action later to do it all at once, without breaking existing users
+
+## Oct 18, 2021
+
+Updates:
+
+* (Azeem)  
+  * Created Token server and multiple cron workers running now.   
+* (Laurent)   
+  * Some additional ideas to improve communications/engagement with the community, see [doc](https://docs.google.com/document/d/1rgk7-jnXVpLVvB84YlJ75fqQX32RLn-FI_y5Ko2CeV8/edit).  
+  * Crowdsourcing cron job to client workflows, see draft [here](https://docs.google.com/document/d/1s9xkRM2EasyEf6tBO8a6vGieMNxN9h3I00UoCQOrnw8/edit?resourcekey=0-CuJDKI0Q0A0P6udmVAhSog#).  
+  * SLSA with GiHub, see draft [here](https://docs.google.com/document/d/1JbLFhpCpy6Y607g72W-BekAoBC6djaKz3gbcMcLWhwQ/edit?resourcekey=0-eRujJ1O_5m4_Bt0Z0KugsA#).  
+* (Naveen)  
+* (Chris)
+
+Issues that [need discussion](https://github.com/ossf/scorecard/issues?q=is%3Aopen+is%3Aissue+label%3A%22needs+discussion%22):
+
+* Milestone for v4 planning [\#1121](https://github.com/ossf/scorecard/issues/1121)  
+  * Resolution reached on \#1121  
+* Token permissions [https://github.com/ossf/scorecard/issues/1129](https://github.com/ossf/scorecard/issues/1129)   
+  * We shouldn’t be recommending commercial tools. Ask the bigger community what the guidelines here are.  
+* Pinning versions: [https://github.com/ossf/scorecard/issues/1014\#issuecomment-943007111](https://github.com/ossf/scorecard/issues/1014#issuecomment-943007111)  and [https://cloud.google.com/blog/topics/developers-practitioners/best-practices-dependency-management](https://cloud.google.com/blog/topics/developers-practitioners/best-practices-dependency-management) [https://github.com/ossf/scorecard/issues/427](https://github.com/ossf/scorecard/issues/427) I'm going to start a doc with Rhys from renovabote: inventory and description of lock files options for each package manager. If you know someone from dependabot and other package managers, let me know.  
+* PGP signing of commits [https://github.com/ossf/scorecard/pull/1123](https://github.com/ossf/scorecard/pull/1123)  
+  * laurentsimon@ to attend the next "Best practices for open source developers" meeting for discussion  
+  * Need to think more on it, not much clarity  
+* Scorecard meet calendar issues  
+  * azeems@ to ping \#general Slack channel  
+* AI(Laurent): Ask Asra to join bi-weekly 
+
+## Oct 4, 2021
+
+Updates:
+
+* (Azeem)  
+* (Laurent)   
+  * GH action for push/cron triggers. You can try it out by following [\#1074](https://github.com/ossf/scorecard/issues/1074)  
+  * We need to add file and line numbers to all checks ([\#886](https://github.com/ossf/scorecard/issues/886), [\#725](https://github.com/ossf/scorecard/issues/725), etc)  
+  * We're ready for a v3 release:  
+    * It provides numeric scoring and risk categories instead of plain Pass/Fail; aggregate scores; and a new repo interface to ease integration with other code versioning systems. We have scaled scanning to 150k GitHub repos (critical ecosystems dependencies from deps.dev) and we continuously make the results publicly available.  
+    * Contributor ack: chrismcgehee, nanikjava, sprabery, neil465, nathan-415, amamoose, asraa ,  loosebazooka, johanbrandhorst, oliverchang, evalphobia, notanton, ben-moss, olivekl (rough estimate)  
+    * LTS support  
+* (Naveen)  
+* (Chris)
+
+Issues that [need discussion](https://github.com/ossf/scorecard/issues?q=is%3Aopen+is%3Aissue+label%3A%22needs+discussion%22):
+
+* Rest API instead of BQ table [\#1056](https://github.com/ossf/scorecard/issues/1056)  
+* Naveen: Improving discussion for scorecard in general. See this [doc](https://docs.google.com/document/d/1J576To36LUb7O01fQJVO_ysRH-H0fulWHCm13gONA-w/edit?resourcekey=0-mkbr-VNWS16HyAZXjha6mw#). (I don't know how to make if world-readable, so request access)
+
+## Oct 4, 2021
+
+Updates:
+
+* (Azeem)  
+* (Laurent)   
+  * GH action for push/cron triggers. You can try it out by following [\#1074](https://github.com/ossf/scorecard/issues/1074)  
+    * Some checks fail on PR event.   
+    * For v0 only use checks which use local repo content and not GitHub APIs.  
+    * Enable BranchProtection in PRs?  
+      * Start with source code only and then consider implementing BP check.  
+  * We need to add file and line numbers to all checks ([\#886](https://github.com/ossf/scorecard/issues/886), [\#725](https://github.com/ossf/scorecard/issues/725), etc)  
+  * We're ready for a v3 release:  
+    * It provides numeric scoring and risk categories instead of plain Pass/Fail; aggregate scores; and a new repo interface to ease integration with other code versioning systems. We have scaled scanning to 150k GitHub repos (critical ecosystems dependencies from deps.dev) and we continuously make the results publicly available.  
+    * Contributor ack: chrismcgehee, nanikjava, sprabery, neil465, nathan-415, amamoose, asraa ,  loosebazooka, johanbrandhorst, oliverchang, evalphobia, notanton, ben-moss, \+ (rough estimate)  
+* (Naveen)  
+* (Chris)
+
+Issues that [need discussion](https://github.com/ossf/scorecard/issues?q=is%3Aopen+is%3Aissue+label%3A%22needs+discussion%22):
+
+* Naveen: Improving discussion for scorecard in general. See this [doc](https://docs.google.com/document/d/1J576To36LUb7O01fQJVO_ysRH-H0fulWHCm13gONA-w/edit?resourcekey=0-mkbr-VNWS16HyAZXjha6mw#). (I don't know how to make if world-readable, so request access)  
+  * How can the OSS community be better involved in the Scorecard project?  
+  *   
+* Pinning in vendored directories [\#1095](https://github.com/ossf/scorecard/issues/1095), Linear history and review dismissal [\#1027](https://github.com/ossf/scorecard/issues/1027)  
+* Support for local folder instead of GitHub online repo. We can support \--repo=file://path/to/source-code, \--repo=path/to/source-codeor create a new option \--source-code=/path/to/code  
+* REST API:  
+  * As a v0 maybe export BQ data to GCS and expose REST API on top of that.  
+  * A full-fledged REST API is in roadmap further down the road.  
+* 
+
+## Sep 27, 2021
+
+Updates:
+
+* (Azeem)  
+* (Laurent)   
+  * Cron JSON, bypassable code-review/BP, policy file (GH actions \= 1st use case)  
+* (Naveen)  
+* (Chris)
+
+Open Issues:
+
+* (Christie \+ Kim) Demo of using Scorecard for Go dependencies  
+* Naveen \- Demo of using OSV for Go dependencies \- [https://github.com/naveensrinivasan/stunning-tribble](https://github.com/naveensrinivasan/stunning-tribble)
+
+* (Laurent) Versioning and letting our users know [https://docs.google.com/document/d/1femVdKsCWAOHJ1cyIskqd-1k9wTDKhrLnXRrOcLeVhc/edit](https://docs.google.com/document/d/1femVdKsCWAOHJ1cyIskqd-1k9wTDKhrLnXRrOcLeVhc/edit), see also [https://github.com/ossf/scorecard/pull/1001\#discussion\_r706943610](https://github.com/ossf/scorecard/pull/1001#discussion_r706943610) thread  
+  TL:DR: we need to define at least a few public facing API/formats (cron JSON) and use these to announce new versions, changelogs, breaking changes, update steps; then adopt a proper channel to tell our users. Defining an SLO on new versions should also be explicitly stated: e.g., any breaking change should have support for N months minimum.   
+* (Laurent) Thinking about what scorecard badges for GitHub repos would look like: how about badge levels based on score (e.g., score \>= 3 \-\> bronze; score \>= 5 \-\> silver, etc)? do we want more granular badges short-term, long-term? (e.g., a certain branch protection flag is enabled or disabled). Note that for the majority of checks, the distinction between score-based and granular badges is not really important \- it does provide some benefits for branch protection.  
+* Pinned deps check: is it too large? Shall we split it into smaller ones:  
+  * Docker pinning \- note that would make such check result binary (0 or 10\)  
+  * Workflow pinning \- same note  
+  * Etc  
+* https://github.com/ossf/scorecard/issues/1027  
+* [https://github.com/ossf/scorecard/issues/895](https://github.com/ossf/scorecard/issues/895) and [https://github.com/ossf/scorecard/issues/1005](https://github.com/ossf/scorecard/issues/1005) broken/bypassable check
+
+## Sep 20, 2021
+
+Open Issues:
+
+* (Christie \+ Kim) Demo of using Scorecard for Go dependencies  
+* Naveen \- Demo of using OSV for Go dependencies   
+* (Laurent) Versioning and letting our users know [https://docs.google.com/document/d/1femVdKsCWAOHJ1cyIskqd-1k9wTDKhrLnXRrOcLeVhc/edit](https://docs.google.com/document/d/1femVdKsCWAOHJ1cyIskqd-1k9wTDKhrLnXRrOcLeVhc/edit), see also [https://github.com/ossf/scorecard/pull/1001\#discussion\_r706943610](https://github.com/ossf/scorecard/pull/1001#discussion_r706943610) thread  
+  TL:DR: we need to define at least a few public facing API/formats (cron JSON) and use these to announce new versions, changelogs, breaking changes, update steps; then adopt a proper channel to tell our users. Defining an SLO on new versions should also be explicitly stated: e.g., any breaking change should have support for N months minimum.   
+* (Laurent) Thinking about what scorecard badges for GitHub repos would look like: how about badge levels based on score (e.g., score \>= 3 \-\> bronze; score \>= 5 \-\> silver, etc)? do we want more granular badges short-term, long-term? (e.g., a certain branch protection flag is enabled or disabled). Note that for the majority of checks, the distinction between score-based and granular badges is not really important \- it does provide some benefits for branch protection.  
+  * Related: [https://github.com/ossf/scorecard/issues/1027](https://github.com/ossf/scorecard/issues/1027)  
+  * Chris: not having scores might break users when a code change changes score calculation  
+  *   
+* Pinned deps check: is it too large? Shall we split it into smaller ones:  
+  * Docker pinning \- note that would make such check result binary (0 or 10\)  
+  * Workflow pinning \- same note  
+  * Etc  
+* [https://github.com/ossf/scorecard/issues/1005](https://github.com/ossf/scorecard/issues/1005) broken/bypassable check  
+  * Closed?  
+* [https://github.com/ossf/scorecard/issues/895](https://github.com/ossf/scorecard/issues/895) and   
+  * azeems@ to look into it
+
+## Sep 7, 2021
+
+Updates:
+
+* Azeem  
+  * 100k cron repos.  
+  * RepoClient interface implementation complete.  
+* Laurent   
+  * Cleanup JSON format and added schema validation/unit tests  
+    * David A. Wheeler: Will this impact the OpenSSF metrics dashboard?  
+    * No, it shouldn’t. I talked with Michael Scovetta & all should be fine.  
+* Naveen  
+  * sigstore cosign had a breaking change, looking into it.  
+* Chris
+
+Open Issues:
+
+* Cleanup JSON format and added schema validation/unit tests  
+* JWT potential vuln. \- github.com/dgrijalva/jwt-go  
+  * Coming due to github.com/bradleyfalzon/ghinstallation  
+* [https://github.com/ossf/scorecard/issues/942](https://github.com/ossf/scorecard/issues/942)  
+  * Naveen working on it already  
+* [https://github.com/ossf/scorecard/issues/967](https://github.com/ossf/scorecard/issues/967)  
+  * Good first issue  
+* [https://github.com/ossf/scorecard/issues/966](https://github.com/ossf/scorecard/issues/966)  
+  * Scorecard should look for whether certain tools are run and not specifically run those tools.  
+  * Running this can cause false positives which needs to be handled by Scorecard  
+  * Look for whether or not there are security scans  
+  * It’s easy to detect most CI pipelines & check if they do certain things, just by looking at configuration files within the project. Most projects use a small number of CI pipeline systems, which are configured by a small set of config files:  
+    * .github/workflows  
+    * .circleci  
+    * .travis.yml  
+    * .gitlab-ci.yml  
+  * An alternative is actually running the scans & putting in results \- that’s a different topic \- push that option off to the future (if ever), not this year at least.  
+  * Currently in scope of Scorecard is to check configs but in future we might look into  
+* [https://github.com/ossf/scorecard/issues/965](https://github.com/ossf/scorecard/issues/965)  
+  * This is an idea for hardening the Scorecards project itself  
+* [https://github.com/ossf/scorecard/issues/950](https://github.com/ossf/scorecard/issues/950)  
+  * Maybe wait until OpenSSF as an organisation decides the policy here and follow the same policy for Scorecard.  
+  * SBOM \- Scorecard can get started, but signing / cosign needs a bigger discussion.  
+  * Signing \- start identifying how to sign packages for OpenSSF? Okay to use cosign? Any particular preferences?  
+* [https://github.com/ossf/scorecard/issues/859](https://github.com/ossf/scorecard/issues/859)  
+* Webhook for prod cron job. Volunteers?  
+* Naveem will look at CII Best Practices badge site to see what it’s missing on Scorecard & talk with David A. Wheeler about that  
+  * https://metrics.openssf.org/grafana/d/default/metric-dashboard?orgId=1\&var-PackageURL=pkg:github%2Fcoreinfrastructure%2Fbest-practices-badge  
+  * https://github.com/coreinfrastructure/best-practices-badge  
+  * Naveem will email [dwheeler@linuxfoundation.org](mailto:dwheeler@linuxfoundation.org)  
+  * E.g.: CII Best Practices badge \*DOES\* have frozen dependencies \- just look for “Gemfile.lock”.
+
+## Aug 23, 2021
+
+Updates:
+
+* (Azeem)  
+* (Laurent) SARIF support  
+* (Naveen)  
+* (Chris)
+
+Open Issues:
+
+* Protobuf is being rebuilt for every check run on PRs, which takes time and delays merging. Can we pull a protobuf binary directly, or use apt-get, or something else?  
+  * Naveen to work on this.  
+* Go.sum lists the same dependency multiple times (different metadata/hashes). Can this be cleaned?  
+  * This is expected since difference  
+* e2e tests status [https://github.com/ossf/scorecard/issues/861](https://github.com/ossf/scorecard/issues/861)  
+  * New contributor working on it. If not, Naveen will take it up.  
+* Note from David A. Wheeler: Hi, I teach classes at George Mason University (GMU) on Monday evenings (4:30-10pm US Eastern Time), starting August 23\. This is the time when the Security Scorecards meetings meet. It'd be awesome if there was a different time things can be scheduled to. If not, I understand, but please understand I can't join in that case. Thanks\!\! \<[dwheeler@linuxfoundation.org](mailto:dwheeler@linuxfoundation.org)\> Also: Is there a way to contact the group other than issues? E.g., a mailing list? If so, let me know…  
+  * Azeem to try and reschedule.
+
+## Aug 9, 2021
+
+Updates:
+
+* Scorecard checks/sarif (Laurent)  
+* Fixes (Naveen)  
+* Line numbers in remediation results (Chris)  
+* [Friction log](https://docs.google.com/document/d/1dPnjpS8SQo8GfqVBkmxwhPCJz4j9YRS7Sr51u4lnysE/edit?resourcekey=0-DBA9jpoXbRB5RSdCvI-xXA#) by Kara
+
+Open Issues:
+
+* E2E Integration tests \- Assign to Naveen  
+* Bubble up results into OSV  
+* [https://github.com/ossf/scorecard/issues/792](https://github.com/ossf/scorecard/issues/792)  
+* Security-Policy: add a check for allstar being installed?  
+* ShiftLeftSecurity  
+* [https://github.com/ossf/scorecard/issues/759](https://github.com/ossf/scorecard/issues/759)
+
+## Jul 26, 2021
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)
+
+Updates:
+
+* Cron job/performance (Azeem)  
+  * E2E release testing is setup. Next step is to setup a release procedure.  
+* RepoInterface (Azeem)  
+  * More checks now use RepoInterface APIs  
+  * Working on replacing Active check  
+* Scorecard checks (Laurent)  
+  * Score-based result integrated, some nits to fix. Divide by 0 blocking cron job  
+* Naveen  
+  * Active check using graphQL \- [https://github.com/ossf/scorecard/issues/639](https://github.com/ossf/scorecard/issues/639)  
+  * Scorecard V2 update: [https://github.com/ossf/scorecard/issues/711](https://github.com/ossf/scorecard/issues/711)  
+  * [https://github.com/ossf/scorecard/issues/630](https://github.com/ossf/scorecard/issues/630)  
+  * Removed gitcache  
+    
+
+Open issues:
+
+* Weekly cron job blocked on [https://github.com/ossf/scorecard/issues/748](https://github.com/ossf/scorecard/issues/748).  
+* Constantly breaking e2e tests \- [https://github.com/ossf/scorecard/issues/741](https://github.com/ossf/scorecard/issues/741)  
+  * A 20%-er who might take up mocking RepoClient  
+  * Maintain some fake repos like “ossf/fakerepo” for testing  
+* Code-Review and PullRequest merge \- [https://github.com/ossf/scorecard/issues/731](https://github.com/ossf/scorecard/issues/731)  
+  * everyone agrees?  
+* CI-Test check looks for CI test, ie whether some presubmit checks are run. I'm not sure we still need it. no other checks we already look for specific CI tests, like CI-Fuzz, SAST, etc. We should be looking for the corresponding config for other CI systems and add it to other checks. The check, as implemented today, is mostly informational.  
+* Table does not understand \\n. \-\> need fix.  
+* Show check description/remediation steps in new command \--explain or \--show-details  
+* Need monitoring of check errors in cron job to validate/refine check implementation. Relevant previous PR [\#597](https://github.com/ossf/scorecard/pull/597)  
+* Frozen-Deps \-\> Pinned-Dependencies  
+  * Ok for everyone?  
+* Use graphQL for SecurityPolicy check [https://github.com/ossf/scorecard/issues/753](https://github.com/ossf/scorecard/issues/753)
+
+## July 12, 2021
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)
+
+Updates:
+
+* Cron job/performance (Azeem)  
+  * Update to use graphQL   
+* RepoInterface (Azeem)  
+  * Same as above  
+* Scorecard checks (Laurent)  
+  * Started a PR for adding check details (why check is passing/failing \+ remediation) \- \#650.  
+  * Add better error handling. Will write a doc for error handling guidelines.   
+* Gitcache efficiency (Naveen)  
+  * Code doesn’t seem to be using the Gitcache.   
+  * We can remove it. Naveen to work on it.   
+* Misc (Naveen):  
+  * Working on a graphQL PR for archived repos.   
+  * Fixed some bugs  
+* Dependabot PRs (Naveen)   
+  * No update  
+* Remediation (Chris)
+
+Open Issues:
+
+* How should Scorecard results be interpreted?  
+  * Oliver: we can have categories like \- critical, ideal to have etc.   
+  * David: CII badge has 3 levels: passing, silver, gold. Having passing in itself is a bug indicator of secure practices being followed.   
+  * [https://bestpractices.coreinfrastructure.org/en/criteria/0](https://bestpractices.coreinfrastructure.org/en/criteria/0)  
+  * David: might be useful to think of this in terms of risk.   
+  * Azeem: merge both ideas and have severity categories and risk scores.  
+  * Oliver: checks do not currently have threat models. Having this may help categorize checks.  
+* Remediation and Error details:  
+  * [https://github.com/ossf/scorecard/issues/629](https://github.com/ossf/scorecard/issues/629)  
+  * [https://github.com/ossf/scorecard/pull/662](https://github.com/ossf/scorecard/pull/662)  
+  * [https://github.com/ossf/scorecard/pull/650](https://github.com/ossf/scorecard/pull/650)   
+* Scorecard releases \- [https://github.com/ossf/scorecard/issues/651](https://github.com/ossf/scorecard/issues/651)
+
+## June 28, 2021
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Naveen Srinivasan  
+* Azeem Shaikh  
+* Oliver Chang  
+* Laurent Simon  
+* Matt Rutkowski (IBM)
+
+Updates:
+
+* Fixed integration test issues (hooray\!)   
+* Cron job/performance (Azeem) \- not much of an update. Still planning to scale up eventually.  
+* RepoInterface (Azeem) \- will change interface for get files list, etc., so it’s not GitHub-specific.  
+* Scorecard blog post is about to come out.  
+* Scorecard checks (Laurent)  
+  * https://github.com/ossf/scorecard/pull/611  
+  * Working to detect pipe-to-shell as a security concern  
+  * Developers might use files other than .txt, e.g., looking for other information.  
+  * Hashing itself of just a package in Python doesn’t lock all the transitive dependencies necessarily. No way to detect that just with hashes. Need to check that out. E.g.., Hash pinning of all transitive dependencies is fine.  
+  * Python: requirements.txt doesn’t have this information. It was never designed to handle locking, it doesn’t enforce it, you have to do it yourself. Perhaps get people to use pipenv instead, it supports lockfiles.  
+  * David W: I suggest that the goal is simply “if you’re using Python you use something that locks transitive dependencies” & allow any reasonable solution. E.g., support:  
+    * [https://python-poetry.org/](https://python-poetry.org/) \- poetry uses pyproject.toml and poetry.lock files. Presencee of “poetry.lock” says there IS a package lockfile for Python.  
+    * pipenv uses Pipfile and Pipfile.lock. Again, presence of Pipfile.lock says there are package locks.  
+    * pip-tools provides pip-compile and pip-sync commands. Here, requirements.in lists your direct dependencies, often with loose version constraints and pip-compile generates locked down requirements.txt files from your .in files. More complex \- need to check if the requirements.txt file is generated with transitive locks.  
+    * If you just have requirements.txt, but don’t meet any of the other requirements, then you have Python that is NOT dependency locked & that’s a risk.  
+    * [https://stackoverflow.com/questions/52665596/equivalent-of-package-json-and-package-lock-json-for-pip](https://stackoverflow.com/questions/52665596/equivalent-of-package-json-and-package-lock-json-for-pip)  
+    * More info on Python dependency locking:  
+      * [https://lincolnloop.com/blog/python-dependency-locking-pip-tools/](https://lincolnloop.com/blog/python-dependency-locking-pip-tools/)  
+      * [https://dev.to/fridex/micropipenv-the-one-installation-tool-that-covers-pipenv-poetry-and-pip-tools-3ee7](https://dev.to/fridex/micropipenv-the-one-installation-tool-that-covers-pipenv-poetry-and-pip-tools-3ee7)  
+  * Also: Check that there’s a language virtual environment (e.g., Python, Go). There could be some double-checks for consistency to make sure that the package versions are consistent (e.g., someone might not have enabled their virtual environment) \- check that files are consistent with the locks. (E.g., “go install” without pinning)  
+* Gitcache efficiency (Naveen)  
+  * No update here  
+  * Will work on this next week.  
+* Remediation (Chris)  
+  * No update
+
+Open Issues:
+
+* [Needs discussion issues](https://github.com/ossf/scorecard/issues?q=is%3Aissue+is%3Aopen+label%3A%22needs+discussion%22)  
+  * restrict github token for scorecard repo  
+* Synk test failures  
+  * Removed now.   
+* ZeroConfidenceErrors and RetryErrors \-  
+  * AI([azeems](https://who.corp.google.com/azeems)): Create issue and assign to Naveen   
+* ![][image1]  
+    
+* BinaryArtifact checks on repos like [https://github.com/Smithsonian/OpenAccess](https://github.com/Smithsonian/OpenAccess)  
+* Managing dependabot PRs.  
+  * With integration tests fixed, it should be ok to merge.  
+  * Setting weekly PRs may skip 0-day vulnerabilities  
+  * Review process for dependabot PRs:  
+    * Naveen to write a README step-by-step to review PRs.  
+* How can we maintain code quality?  
+  * Maintain list of fake repos to test the checks on  
+  * Emulator for PubSub exist. We can use that.  
+  * https://www.testcontainers.org/modules/gcloud/
+
+## June 14, 2021
+
+* Welcome Chris\!  
+* Donate your tokens to Scorecard.  
+* Improve implementation of CheckIfFileExists and CheckFileContent \- [https://github.com/ossf/scorecard/issues/578](https://github.com/ossf/scorecard/issues/578)  
+  *   
+* Should we delete Gitcache and HTTP cache \- [dashboard](https://cloud.google.com/monitoring/dashboards/builder/6d72d8f8-4fab-4904-9f29-62484c85d147?project=openssf&dashboardBuilderState=%257B%2522editModeEnabled%2522:false%257D&timeDomain=6h)?  
+* curl | bash and other download: new check Non-Pinned-Download or in Frozen-Deps? I think it's part of pinning  
+* Integration of 3P tools for custom checks results  
+  * Possible options:  
+    * Compile out-of-band and add it to the scorecard via go:embed. Easy, but kinda ugly. We won't be able to receive dependabot's PRs.  
+    * Create a new github project with a shim around shellsheck, e.g. go-shellcheck-wrapper that we regularly update to use a newer version of shellcheck. This would still require the use of go:embed, I think so still kinda ugly. We won't be able to receive dependabot's PRs.  
+    * Have scorecard check that shellcheck is installed. It may be installed on the system or in a dedicated directory, e.g. $HOME/.XXX/ where XXX is the package manager: for shellcheck it's Haskel's cabal. If the tool is installed, run the check, otherwise return an error (and the steps to install) when the check is enabled.   
+      * We can provide an option in scorecard to install dependencies, e.g. scorecard \--install-deps=CheckName  
+      * Download a binary pinned by hash. We won't be able to receive dependabot's PRs.  
+    * For sandboxing, we may need something stronger than have the tool installed on system... but any sandboxing utility will require additional installation for container runtime and setup  
+    * Use a docker container as a weak security boundary and to ease installation of 3P tools. As most tools work on files rather than stdin, this option also helps keep workstation clean.  
+    * Long-term, if we have many 3P tools we need, we can think of having config files for each 3P  
+* Integration tests for cron job \- [https://github.com/ossf/scorecard/issues/510](https://github.com/ossf/scorecard/issues/510)  
+* Use regex for quick (though imperfect) analysis, or do deeper AST analysis (which requires a lot more to get going)? Probably start with some regexes  
+* Updates/blockers  
+  * Azeem  
+  * Naveen  
+    * Integration test broken \- not currently clear why. Will investigate this week.  
+  * Laurent  
+  * Chris  
+* How can we get people to make changes to produce higher scorecard results?  
+  * David A. Wheeler: The best approach is to make it really easy for the project to accept the change. Turn it into a pull request/merge request. Don’t “just enable whining” \- provide a change that actually implements the change. Some changes aren’t just technical, but are social \- social changes are harder.  
+* Scorecard scaling: Good news, expect to add scanning of 30K more OSS projects
+
+## May 24, 2021
+
+* Updates/blockers  
+  * Scaling Scorecard (Azeem)  
+    * Scorecard dashboard \- [link](https://pantheon.corp.google.com/monitoring/dashboards/builder/6d72d8f8-4fab-4904-9f29-62484c85d147?project=openssf&dashboardBuilderState=%257B%2522editModeEnabled%2522:false%257D&timeDomain=6h)  
+    * Ideas for reducing token usage  
+    * Cloudbuild  
+  * Scorecard rollouts (Naveen)  
+    * ok-to-test  
+    * Binary artifacts/scorecard UX  
+  * Remediation (Laurent)  
+* Open issues:  
+  * ?  
+* Shared calendar  
+  * Move to the OpenSSF calendar meet after this meeting
+
+## May 17, 2021
+
+* Open issues needing discussion:  
+  * Frozen build/install dependencies \- [bug](https://github.com/ossf/scorecard/issues/429)  
+    * Docker file dependencies are left.  
+    * Dependabot might support Dockerfile updates.  
+  * [GitHub token scopes](https://github.com/ossf/scorecard/issues/432)  
+    * We have a solution for Scorecard  
+    * Adding a Scorecard check to do this might be a future improvement to do.  
+  * [Ok-to-test action](https://github.com/ossf/scorecard/issues/316)  
+    * Naveen to take this up  
+  * [Binary artifacts in source repo](https://github.com/ossf/scorecard/issues/400)  
+    * Up for grabs  
+  * Scorecard UX \- [HTML](https://github.com/ossf/scorecard/issues/342), [GitHub Actions](https://github.com/ossf/scorecard/issues/430), [SARIF/CI integration](https://github.com/ossf/scorecard/issues/193) , [badges](https://github.com/ossf/scorecard/issues/271)  
+    * Up for grabs
+
+## May 10, 2021
+
+* Discuss Scorecard and Remediation collaboration  
+  * Attendees:  
+    * Azeem  
+    * Jeff  
+    * Abhishek  
+    * Laurent  
+    * Oliver  
+* API \- db or lib  
+  * Remediation will run on private repositories, so cannot use Scorecard DB. Will use Scorecard as a library. AI is to confirm that the available Scorecard API is enough to unblock Remediation work.  
+  * Remediation clients will input a policy/config which will be used to run customize and run Scorecards. The schema of this config is TBD and will decide how granular Scorecards API/lib should be to support the Remediation usecase.  
+  * Remediation requires support to run checks on local files using Scorecard. Need development effort on the Scorecard side to enable this.   
+* CI/CD system  
+  * If Scorecard can be enabled as a GitHub action, it is easy for Remediation to use it.  
+* List of checks/priority  
+  * AI: Figure out milestones to be reached in terms for new checks to be added or improving check accuracy.
+
+## May 10, 2021
+
+* Discuss Scorecard and Cosign/Sigstore/BinAuth  
+  * Attendees:  
+    * azeems@  
+    * dlorenc@  
+* BinAuthz  
+  * Enforces policies on what to run on Kubernetes.  
+  * Not very well developed yet. Maybe wait for v2, if the issue is not critical.  
+* Sigstore/Cosign  
+  * Provides an easy way for developers to sign their images and store both image and signature in the same registry.  
+  * Developers publishing binaries/images directly could easily adopt Cosign to make installing and running these binaries more secure. But, this is upto the developer publishing binaries, does not help our case.  
+* Rollout policies/guidelines   
+  * Using Cloud Build to do automated rollout might be the safest/sanest option available, without maintaining more services.  
+  * No way to restrict local binary pushes.  
+  * For floating point dependencies: provide a “make install” command which downloads all dependencies pinned to a certain hash/digest.
+
+## May 6, 2021
+
+* Discuss Scorecard rollout, non-pinned dependencies  
+  * Attendees:  
+    * azeems@  
+    * laurentsimon@  
+    * ochang@  
+* Oliver: maybe not always push master branch?  
+* Oliver: tag commits that we want GCR to pull.  
+* Any way to avoid manual pushes? GCP BinaryAuth maybe?
+
+## Apr 26, 2021
+
+* Intros  
+* Focus areas for contributors  
+  * AI([azeems](https://who.corp.google.com/azeems)): Create issues to discuss  
+  * Some open issues:  
+    * [https://github.com/ossf/scorecard/issues/78](https://github.com/ossf/scorecard/issues/78)  
+    * Sigstore  
+    * Test and deploy   
+    * Check quality [https://github.com/ossf/scorecard/pull/347\#discussion\_r616364482](https://github.com/ossf/scorecard/pull/347#discussion_r616364482)  
+* OpenSSF TownHall \- [https://docs.google.com/presentation/d/1s4Y5pr3drWlx29-Lkio7zWkegJzugWQCqplvV3GiIH0/edit?pli=1\#slide=id.p](https://docs.google.com/presentation/d/1s4Y5pr3drWlx29-Lkio7zWkegJzugWQCqplvV3GiIH0/edit?pli=1#slide=id.p)   
+  * Try in Q3  
+* Snyk test
+
+[image1]: <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAnAAAADzCAYAAAAGqCv8AABjqklEQVR4Xu29+bN8V3XlWRH+BxzdXVXuH9rd5aApR4ej7QiXHeUqBjMYMGY0BYVxAQ2Y2dCMwphJlgALEIMRIBBiECCBGGwBAiMBQiOSQEICIQmhASHAAkkgMUqyTWdr5Vcrv+ut3OfmzXx5M1/mWy/iE/eefc7Z55x9pp13ev/mn//5n0ch7GdOOOGEMZ/+9Ken4lbB9ddfP6mDx4UQQggV/8YFu2GoDejMM88cTHcIv/IrvzLmN3/zN6fiVsFnPvOZSR08LoQQQqiYy4H7yEc+MtlowMknn7wjHrJbb711Kt9uedCDHtTc3G655ZYddVKe/vSnT6VfNrfddtvoHve4x9qdgIpf//Vfb9ptVaD8Bz7wgVPyl73sZWuvG/F6/OhHP9oxjh7ykIdMpf/Yxz7Wqedud7vblF6FTtuXv/zlMn8IIYTQRW8H7mc/+9lkQ3vJS14yeuITnzg+f+xjHztJg/C6HLjf/d3fHT30oQ/dwdvf/vap9Mukj02GBuXBGXI54z75yU9OyVcJ7fOd73xnh3wvO3Cs8wte8IJJPTUNzvs6cH/7t387lU7LiAMXQghhEXo7cNhczj333B2y448/fiz/1re+NUkDB+6qq64avfKVrxxde+21U3rgcL3mNa8ZnX/++VNx4EMf+tDoqKOOGt14440TmTtw0PG5z31udOGFF04cuI9//ONTugDqgLQ4P+SQQ0a/+MUvJjLUmzKmf9e73jV6+ctfPrrssst26EF65Lv44ovHGztkvrETtQnAVbq3vvWt483829/+9o60p5122ugnP/nJJHz55ZdP6stycYQ+OBNqU8ShrEc96lE78mg9XHbMMceUTgXy//SnPx33zdlnnz0On3HGGeN+eOlLX7oj7atf/erRe97znh31pg7YB7e7kYZ1ID/4wQ8maSsHDrY57LDDxn2gPwTQduhGX8MpR9mwKeKuu+66cZ5qrCHNm9/85jEep2g9Lrrooql6MQ2cMp73deAqXXrLNA5cCCGERejlwN1www3NzeVFL3rR6POf//z4HGlwC1E37Q9/+MOTtLgypXGq87vf/e5U3JOe9KRxnDtwmneWA3fEEUfs0In0lUz1Et34PY42gUPkZapNqrxw2jQOjijDT37yk8cyjf+t3/qtHflpU9erdXje8543eu9737tD5unVmVS5XnVS3d/85jen5Owj18E8OMLZURlwBw5OW5Uf4MeAx4Ff/dVf3RHW/sK5p29dHdaybr/99nEYt1E9nabv48DB/pDRmdV0JA5cCCGERejlwH3hC1/otblwU6rCX/3qV8fnz372s8dhOkC47ahpsYEifL/73W+SVx045Mc5N2M6cLiShk1VQTydNTwPxnpRduWVV05kuOWqdf/617++oxzW76abbhqHaRO0i3kqfu3Xfm3Hc3FwNLUcnM9y4GaFq1uomgbAeYbD06VHHQ3G42qRyxjucqxVhr447rjjdsS5A4fzH/7whzvCdG7owHFs/PznP58qqwr/wR/8wY7wXe5yl0lYqeoMcFv+6quvLtP3ceBw1dXrhfGEMK6Cahs9fwghhNBFLwcOz1H12VyQRq9y8MoR4wA/lwB4BQVXgnBs3Valo+CbIaADBwflyCOP3AHi6axpnkrmYcoe8IAHTM7hSDCONoEj6vlcRyXjbUycz3LgWjZlvDtwr3rVq6bKRVht/4xnPGNKj6dXGa76IYzn/jwdb0Hj/D73uc9UPJ2do48+eqLTHTjw2c9+dnT44YePXz7B2EA/QU4HzvV+4xvfmIQf+chHTrVH28sXTVSHpnUZbI6ri7QD7K7p+zhwr3jFKyYOm99S5nkcuBBCCIvQy4HDc1B9NhekaTkb3Lgq8MwVjngGy3WCPg7crFuos2QepoxyHNWBo026vh2GZ7BaevlmJs6X7cBB9vCHP3xKVqHxVXqGecVI0zAd+o/nXQ4cw2iDO3C///u/Pw7DccOVM5zv1oGrUB2a1mXKve51r3EaPJ/J9H0cuBe+8IUTOaAz9/rXv34ijwMXQghhEXo5cKDaXPBwuW9sLWejawPlxkZHwKEDhwf8cUtSbwUO7cDhNhrP1YGjjA+2u1xtUsXjli/PL7jggkncbh043prGbUYvU8OOxyOssvPOO28c/vGPfzyVji+c4HyWA0dHDQ4s9d98881T5UPPbh04Td+FpoV9Dz300DINb8HivJWG5+rA4XlIxD3iEY+YqmMcuBBCCIvQ24HDM2TurMCZ8g2p5Wzw2bWvfe1rk3i88cfnnhCnjhmeT4MMV6eqZ63wpijOl+XAoeynPOUpO2RIw7c7ce4OHL+zpm/M4k1Lr+sHPvCBKb18SB5Ogb4VOo9NGf/c5z53EqaDpOUxnX7eBFcH9RMjngfhSqbP88Gh9rrMcuBUN/Py+UhPQ7ss6sAde+yxkzAcW9RXdWhanmNceVlwWiHjM3Vad4JbpCpTB07z+K3YOHAhhBAWobcDB7gJKfoJDoS7nI23vOUtU/n5uQ3o8Thubu7A8YoGnIWuD/niuafKWatkrL+CFxU0zh048NrXvnYqn9qk0qufGPF4PheocV021by4BY0jX7RwvB68lce4Kq3K9Lt3xN/U7ePAVfr97WWE6ews4sDxEysKnrHzelCXhumYK/7jxd+ABfqZHXfg+JiAlxsHLoQQwiLM5cARbI76Ta95gQODT1K4HMBZwbe9XL4q4BBio289j9dilk0Qh38Jps4YgeyUU06Z+q5aX3AlE1c23dGtQPvwfTeXzwPKQpku3y24QqZXaJcB7H766adPyZWWzb7yla+M+8zlCp6B9G/7LUqrHiGEEIKzkAMXwjYBxwm3sv1fZq2Kc845Z1x+HLgQQgh9iQMX9j1wngCuYHrcKqAD1/pOXQghhODEgQshhBBC2DDiwIUQQgghbBhx4EIIIYQQNow4cCGEEEIIG0YcuBBCCCGEDSMOXAghhBDChhEHLoQQQghhw4gDF0IIIYSwYcSBCyGEEELYMOLAhRBCCCFsGHHgQgghhBA2jDhwIYQQQggbRhy4EEIIIYQNIw5cCCGEEMKGEQcuhBBCCGHDiAMXQgghhLBhxIELIYQQQtgw4sCFEEIIIWwYceBCCCGEEDaMOHAhhBBCCBtGHLgQQgghhA0jDlwIIYQQwoYRBy6EEEIIYcOIAxdCCCGEsGHEgQshhBBC2DDiwIUQQgghbBhx4EIIIYQQNow4cCGEEEIIG0YcuBBCCCGEDSMOXAghhBDChhEHLoQQQghhw4gDF0IIIYSwYcSBCyGEEELYMOLAhRBCCCFsGHHgQgghhBA2jDhwIYQQQggbRhy4EEIIIYQefPDED49u+uEPJ+FnPvs5Ezzt0MSBCyGEEELo4IYbbhzd7Q/vM+bGG28cyy648MLRGWeeNZV2VcSBCyGEEELowZOe8rSJA3f0O44ZveOdx44e+ohHjr77ve9NpR2aOHAhhBBCCD1QB+7Qw181uuyyy8fnuDLnaYcmDlwIIYS1cPMZV40u/rVXTsnDdnDBBReMcfkmow7cG//uqIn8wQ97xPg2q6cfkjhwIYQQ1kIcuO1m2x24w199xOipz3jW6IQPnTi6x73uO5V2aOLAhRBCWAvfe80X4sBtMdvowDlw5q677jtT8lUQBy6EEMJaiAO33ewHB26dxIELIYSwFuLAhbA4ceBCCCGshSsfdlwcuBAWJA5cCCGEtRAHbrvJLdRhiQMXQghhLcSB227iwA1LHLgQQghrIQ7cdhMHbljiwIUQQlgLcN7iwG0vceCGJQ5cCCGEtRAHbruJAzcsceBCCCGshThwISxOHLgQQghrgQ4c/qWWx4UQuokDF0IIYS3Egdtucgt1WOLAhRBCWAtx4LabOHDDEgcuhBDCWogDt93EgRuWOHAhhBDWAh04/E9UjwubTxy4YYkDF0IIYS3Egdtu4sANSxy4EEIIayEOXAiLEwcuhBDCWoDzhn+nBTwuhNBNHLgQQghrIQ7cdpNbqMMSBy6EEMJaiAO33cSBG5Y4cCGEENZCHLjtJg7csMSBCyGEsBb4AgOOHhc2nzhwwxIHLoQQwlqIA7fdxIEbljhwIYQQ1kIcuBAWJw5cCCGEtQDHDf9GKw5cCPMTBy6EEMJaiAO33eQW6rDEgQshhLAW4sBtN3HghiUOXAghhLUQB267iQM3LHHgQgghrAU6bnHgtpM4cMMSBy6EEMJaiAO33cSBG5Y4cCGEENZCHLgQFicOXAghhLXAf6EVBy6E+YkDF0IIYS3Egdtucgt1WOLAhRBCWAtx4LabOHDDEgcuhBDCWogDt93EgRuWOHAhhBDWAv4PKo5x4LaTOHDDEgcuhBDCWogDt93EgRuWOHAhhBDWQhy4EBYnDlwIIYS1EAcuhMWJAxdCCGHl4H+gApzzf6J6mrDZ5BbqsMSBCyGEsHLiwG0/ceCGJQ5cCCGElRMHbvuJAzcsceBCCCGsHD7/BuDAaThsB3HghiUOXAghhJUTB277iQM3LHHgQgghrJw4cCHsjjhwIYQQVk4cuBB2Rxy4EEIIK4f/B5XnGg7bQW6hDkscuBBCCCsnDtz2EwduWOLAhRBCWDlx4LafOHDDEgcuhBDCytF/n4Xn3/LvtLaPOHDDEgcuhBDCyokDt/3EgRuWOHAhhBBWThy4sIl88MQPj2764Q8n4ZM+8cnRc59/yOi2226bSjs0ceBCCCGsnDhwYZP4xS9+MXrHO48d3e0P7zO68cYbx7Kzzj5n9IIXvXh8DrnnGZo4cCGEEFaOOmz4P6hx4LaPbbyF+qSnPG3iwKnThqtw37r22qn0Q9LLgUNlQwghhGUBh43n3/30V3eEw3ZAB87lexn3f5yWA/eyQw8bfeWii6fSD0kvBy6EEEJYJrkCt/3spytwT/iLp45uvuWWqfRDEgcuhBDCylGH7dabfhIHbgvZdgfuiNceOTrhQyeOz/MMXAghhH2BO2weDpvPNjpwFTfcMPvW6xDEgQshhLBy3GHzcAihmzhwIYQQVo47bB4OIXQTBy6EEMLKcYfNw2Hz2S+3UNdFHLgQQggrxx02D4fNJw7csMSBCyGEsHLcYfNw2HziwA1LHLgQQggrxx02D4fNJw7csMSBCyGEsHLcYfNw2HziwA1LHLgQQggrxx02D4cQuokDF0KY4objv5INNQyKjy8PhxC6iQMXQpjie6/5QjbUMCg+vjwcNp/cQh2WOHAhhCmufNhx2VDDoPj48nDYfOLADUscuBDCFNhMs6GGobj5jKumxpeHw+YTB25Y4sCFEKaIAxeGJA7c/iAO3LDEgQshTBEHLgxJHLj9QRy4YYkDF0KYIg5cGJI4cCHsnjhwIYQp4sCFIfnhyZdOjS8PhxC6iQMXQpgiDlwYkuozNXjz2dOFzSa3UIclDlwIYYo4cGFI4sDtD+LADUscuBDCDn5y8XfjwIVBiQO3P4gDNyxx4NYAFi48xOvyEPYCfMDcN9hZVA+mh81niD6NA7c/iAM3LHHg1gAWLixgLg9hL3D90V9cyIGrNuWw+QzRp3DW3GHLmrh9xIEbljhwawALoi9eIewV6IjNu3Hn329tJ0P0aRy4EHZPHLg1EAcu7GWuftyHRt+49zFzb9xx4LaTIfo0DlwIuycO3BpY5OpGCKuCm+u8YzTjejsZok8rBw7PUObZ4O0it1CHJQ7cGshGF/YyceCCMkSfXnLXI0fXveQzO2Rx4LaPOHDDEgduDWSjC3sZjM1FXkjIuN5OhuhTjjGVxYHbPuLADUscuDWQjS7sZYZw4LIxby6tPt0NceD2B3HghiUO3Bro2uhCWDcYm9hIL7nr66biuuC4rjZhf95pP/Hza26akm0SrT7dDZUDBypZ2FziwA1LHLg1EAcu7GW4Yc/rdMWBq8F39Vy2SbT6dDfEgdsfxIEbljhwayAOXNjLcGzO63RxXFeb8H4e75f+pzdPyTYF/neNqk93Q8spXHY5IWwzvRy4rl/WYX762hP/k9JlIQxNHLjl0meu71VW7cDhG4Qu20ZuveknUzLaepvmSq7ADUtvBw63AaoJ1wUHpMv3O5ykNxz/lak4T+eybQLjY5YNwurhuJt300a+6vteqnM/MoQDtCq4hld9uhvowJ1x6S2j//WpX5vIl13Oupi192E8+H6KtXDbHbg++17oT28HDsd5F6FF3mTbD3CS+neQnG23HcbHLBuE1bPofI8DV7PJmzLX8KpPdwN04g7Daz/+T1vpwM3a+xDnz0ZiLdzksVJROXBZ85dHHLg10LXRkVm/4LYBjI8uG4T1sOh8R19Wc34/jOUuNnlTZn8uu/7Ut58dOJ9f3BO68m0alQO3LX28F5jLgZvX8Ns2GJcFbMJfWx5HZsVvA7MWubAe2Ce+wcwCY7bq0/0wlrsYwgFaFUM7cA8/8qodDtyyy1kXs/Y+xPn86rMvbBqVA7dN7Vs3ceDWACdvl23w5lpX/DaQ8bH3wDfL2Ce4cubP6XSBMY3bQt6n+2Esd4EH8ze1/UNdFaK+OHDTsq58m0YcuGGZy4Gb1/DprBrYZNZtpf1gu1mLXFg9Oi7nceCYthrXHMt9dW0TPzz50olNcO7xe52hHTg4b9vowHWt3xgHiPMLIn32hU2nyy5hfno5cBxo8xo+nVVDm3TZpprg28YQG0PYHXoFbR4HjlcT9Aoe4TrgVxx2w6b8dwN+FuPS333zRn4iYxkOXPU5JOrbjw4cxgHGg6/vffaFTSNX4IYlDtwa6DNREecTfNvI+Nh76C0cfKvK35RroW+WeZ+yn5f59tkydQ0JbbGpzzahzru9rVf1FfXRgcPnRFS+6XStbZwLvr4zPY59fzjtdeLADUscuDUwy568jO4TfNvI+Nh7+Gbd96qZjlXNr2N5meN5mbqGhLbY1FtjqLOPiXmp+or69qsDh/HgdmF6xnu+TSQO3LDEgVsDs+zJzc4n+LaR8bH38HHX14HTftRz6tutE+AsU9eQtOyyKaDO1Ysp81DlpYwOHD4n0kq7iaAdrbnDNnpbVd7Ku2moA4cr+mibtzssTi8HjpfA5zV8OqtGHbjW8yGYwNf+5UlTcdsEx0dlg6HYll+2Q7EsBw6L9c1nXj0Zy/zKvOdblGXqGhK3i8fvdVDn3V49rPJSts0OHMZ8tbaxjd5Wlfedd5hjxOM8voXnWSbqwHEcebtXxSrau2p6OXAcTPMafp2d1QcuTi4fGj7M3Cqf8r6TeFm06jMUHB9DlQnd/uYfynJZOIhvHn2vAus8Z59q/+7WCXCqvt1reJuHHOuKl7sbtC89ri9VXsrowL3kgwccnSrtIvi/6CLeBxybnm636LhXudrS26ry6rnBCqQlHufxLTwP83ndZ1Hl2UsO3DrLHop978Ct4/+yqT0rJ402q+KGpFWfoeD4GKpM6HYHBGW5LBzE+6OvrXSeu44qzW6p+navARv0scuy8XJ3A/Tw1pfH9aXKSxmcLHwLDrTSLoL/hwfifYDzIfqE7XDd2jfeVob9KngXs/qnJZ8V73bqA/J07ae8Fd8qc2jWWfZQ7HsHbt5BugxYZjVR9TMMq64byvX6DAnLG6rMavwtc3PbRmAb/RXdp2/80yGV3Sl32aK0ythL+Nj28FCgjGXZhnp8XPTFxwahDE7W495yzeg+h1+xQ75b/APBBPpX0Sdsh+vW8rytlOMOzTfufcyUzgrtHzhyrfgWrXi3Ux+Qx/csvQLHtXdevcsCZbfau6nEgVuxkwS6HDh9YHjVdVv15GJ5Q5VZjb9N/ir+KoBtdKPGf1HwNI4/5F7ZnXKXLUqrjL2Ej20PDwXKWJZtqMfHRV98bBDK+Pwbna0q7SJssgM3z49M7Z/qkz+z9OB7dC5jPq/7LJDH96w4cMPSy4HjxJ238TTYIhN/FVQDbmj0uYhqouoEr56hGJJVD3Daf6gyq/Ysc3PbRtw2Hq7wTbCye19dfWmVsZfw9WXIsa4s0zbU423pSzXf9DmwoRw4PlvncreNh5eF2s3lrQsilM8zTpjO56DHt6jyMN+svI62jagDh+f6Lrnr66bSrIpF2rTXmduB6+tQ6AOLffOsEtavNYCHQp0yXcgIwnw4e5UOnPaXxw0Fx8ZQZVbjr5KFg3hfeLhCxyzDVb5l2X2vry3E6zfkWFda9l8E6sFxkY236ie1A5wsfeFgWfVepwOn7XPdaguN07V+nnHCdPz3XBrXR0/rZYl57cKyfD9VB45OprZ1lczbpk1g3zpwWIxav1qGRAcvXjH3AdWa1EPDzzx4fYYEZVU2WBZsj248lSwcxPvCwxWeprrqwnRdDzn3RcfqXu5Hjm+GhxzrCm3j8kWgnkXXStZF+10di/3owHFMaJx+cqSP46X6qnPqdJnTmj/z2qW1n1YOHNq5jHVgXuZt0yYwtwPX6nCHl4HBqpyQecBAwnfW+jzjs0zcKfMBpWFNO7QNtb88bihY1lBlQq8vKpUsHMT7wsMVnqbLgeu7fnTBsbrX+7FlA5ctm2XOY+pZ1Nasi/a7O3B6XFa91+nA6S1Q1+1la55Wui5a+oDWo4WXq7pm5VVa+6k6cJfc9cjJFb9WuUMyb5s2gV4OHEHj+xpeHYIqz7r/GTXrteoOdVt4+R5m+kUWz3ngAu3lD8E13//5+MiyllWmv4UFvf4QdSXzfPsZ7wsPO9Vbhq0XRRZ1Ahzq8X7cK3Btq+pG2ZBjDmVUdl6kTNZ3njcjCceG97uuu0M6cL/z2PMm/6IL0HH09WBZZZJFHDjvL8/XwvXpvup2r/ALCqqrbx2YXttd7e9Mg/NZ9Vo22vfe3qquLZ757OdM8Lh1MJcD12dAeFrtNKV1731V+IBbFW4LL9/DTO/yZQP9q/qH2/7RzmWV2bKt6q9knm8/433hYacaM615VaVdBI5Vnnv8uumqG2VDjjm1j7JImVrfqj1dsL+931UXv/82hAN36H85YYcDx+fEtAwPLwPdJ123l12dV+EWrkP73cMVQzlwLFevwDENz13HkGjfe3tn2YhccOGFozPOPGtKvk7W5sD5pdZVw45c9UByW3j5/C8Nnt7TLRufgEPyey++fIftl1Wmj6lKfyXzfPsZ7wsPO7Cdj9nWlbFljS+OVZ57/LrheKrqRtmQY07to8xbps7RVp92wbHh/T7LgfMNdhGg75TfeMPkX3QBlqt18fAyWJUD5/sXbK193BoHjqeprlTOgv3GPKyHO3Ds23l0LwPte29v33lx9DuOGb3jnceO7nmf+41e9oq/mYpfB70cOD5PcPaT/370tf/zdaMbb7xxJjDUlS/4+Ph49d/8YxnvsmXx3U9/ddJZOG/F8+jxCvXMStfC81/+oHdNxfMc9bnuxC/tiIftZtVT2/tPZ39jKr4Pag/arEvvD6757pSOCk/36S99bzyWtE1qI7WVyygHyK99W9lI9VQy5ne9LKsaO31xe/Wl1V6XM67qI5W5/hauV+WeVvsU8T5mq77okjvf/cevTck0Pxiy7/pS2R6w/KqtXXGapiu+C+rG0W1Ana16qw7ieTytl+tgbHherGkMv+C9V4+PWBNw9PxeTl/u/4jTxvkPO/GaiYzlepuA22o3QB/2Pp5Tt9vBz7k2gj5td32wNcLsU2/XNdf9YEoH8P1Z7eJpK5he68MjHTjKWJ++urtQe539tes766x9/8J7fmQy3oDbyf0fcujhrxpddtnl4/P3H3/CVPw66O3A4bmlU//ygBE8vgLp4Om2rtr11eP0yTfrY7iM918wFX3TtWA+HmEL2LP6581VXZG+9UwRYXvwUUY8SOrxfdB6sh5sd6V3Vp2Y36/O4KvraP/412LHRyT16HLAX/YM+6/8lh6VVb8G9f/UztLfxTxpq3z+bBnO9VkNxrG+2ke07Tx1aKWt5Nr3VXwXfdJr3yhVH+gY0r6r8i8bHcM6P1A+Ngmv66w4Mm/fKWojX09UjvNqXjMebfN1r6tOXfPZ8+qewHWQV+B4jnWiq7wWyIP6H/07x47PeYUPsFzWk3ZgHte1CK5Pz338+jm/h0cHznU72j9qP/ap6+Da63p8f573Cly1n/LoV+CYp9KttuoD2vOf/uqyMc9697c768y+f/9vHT3ZgxmHPL5PVbzx746anN92222jG25oO3urorcDh+N7Du1/GZ0dug4HTidKdX9b42fp65uuhefn4PHnwEBVV6TvGpiA7fFnTeZB68l6dOmdVSfNrzJdoKr2UrceXc5zzd+qY5WPR11kq/hZ+ruYJ20rX+tcwzxq/Vh3z9NFK20lh8zL70uf9EhTLeRVm7SPtE6rcOBoZ56rHM9feV1nxZGqnX3RvD6/VM66V+VQ7vO3SqtxXp7H85x7Ap5P4zNqWBP0vK8T42i7QOXAsZ6arqvu80B9+uPQy9O0eo49YZ62a/+4Q+L6maaPA6eOraetqPZTHud14ObpB+6jtFtXnWc5cK18yuGvPmL01Gc8a/ws3P0f+OCp+HXQy4HjJHjnay/s1VCAdLMcuEUW2T7l64Cqyq4GXAtNt5v6an0weGhTrV9V13kcOP/FPA9aP9ajS++sOml+lekC1bJnV5m6MLrtXKe2yWU4qgOnepmn0s9wF1Xd+6L5Wuca5tF//c5bh1baSg6Zl98X1s3lnqZy4LxPAHR537XyLxtti/cDNwrPAxniWnZge1rxs1AbefnUyTStMcKx7vO3q05dcYxX/WAoB471B7iVqnFoE23MelTjalFYLm3h/aHluG2xJ/BfgPVp+7IcOE9HvX1t4vupjt95Hbi+ZQKOGX5HsCs/4lDPNz38H8bnzMu6VvWpwC3Ws84+Z3T77bdPxa2DXg4crxY959nn9G4oO9AHrcbP421rPpc5WmaVfla8wngOAI+fhebnUSeS2qCqC+o5a4DN054WzKe/En1ienqXOb4BgD6LM23taSjnucYzTHvq5lTZ2HUxjeap9Gt9WnjeefAyq3MNV2n82IdW2kqutqjiu0D6WfMeaaq51srrfdfKv2wq28+6qtMnnvoWaYPq9b5hXFcayli+t7Gqc0tPK57r1ckX/GgQB07B1U6No03VDruZrw7LpQOnut1+blu0Wa8muW5naAeu1deO7z8+xqpyvEzKKnkLbQtt5mUSxKFdxz/+5Imtccta56Pn2QR6OXDHn3XgXi9+HfRtKNNVH/djfF9dhF8y16+bV/iAmjdeYbwvZn1hHtabg4eDT7/AXemH7WirVrvnaU8L5tOvd3fpZZ1cj0LnU2WcOC5XaGtP4w6lxuNcnx1SB442VhnbBrnm0zyu3+vTYp60in+pv3XOcCu9HltjRnE9SiVn+7rytegzjxDPcefy6gvuVbsXcX7mpWX7i3/nwHi66Kjzp/JApmk8nrI+dqpQG2l+HeetNKoD6PwHXXVqyTWeY5EfdNU3RLku8LyvE+Ow7uC8Q07doQPndKzUDj7XF4XzQXWpbpbHOK8P2oy9tm/b2T8XX/PTA3nuOFJXNTf7OnDUq3tTF75PAI6VvlfgKtvNonLgWnUe6/7o5aOT3n7gRQs+b6h19TybQC8HTn8Z9W0o07WMU23us9BLsx6nsFN4Pm+8p8VRN/95YB7WG0edSJDpJK7yk1a7vT36fykrbrrl1ilZ1U6fmNRbfU+pgn2s9UG7z3lH94LZuqxNeVU+bVC1gzau2gYZ8+n/E/T+9vK6mCetUpVZnTPsVw68DTi2xozi5Xo5GvbvKXn8LGblof6WA1e1p2r30A6c/+9JrQMdh3OOn56HkGkaj6dslp1aqI00v45zT+PrBdMA7YdWndwWFV4m6sI7O2AIB4621jitA8Otds0L9agu1a3lexjnaLPeDnT9Dtcw5uE+jby+NuBq57wOHG3j6R3k1/2H7cKxrwNX2a4Ltodh2qxVZ8RhPHBMqJ2X1f/roJcDR/oOLMB0LQeuJW+Bt2CZZ9birGmqMmbFe9rqvC/MwzJx9InUVRfI+Mu51W6NQ9pZb9Qcfcr3p2RVO9WBU72ttxz5HxYI8np98MYQwqf+xut3pHWg2/VTXpWvdsbRJyXso28ns23jPrnjl6vqdZ1d9amYJ63ic6J1zjDQ+tLWY9vc2abWmFG8XC9Hw2r7rnxddOWBfh13ffJBrn3Xyr9MfKzQ9qgLrzDrFSaicVV7uvqcVFcYqjx6rmuMyn1+Mg372O1Y1cltUYF8Wgec6wsGfP4L51gbsU5UZc2C7UN9sB65PfS/ZHic65oXzgfXxXAldwcO5zi63Ss4znk1ieONfafl8Y3NeRw4nPdZP5C/Gl849nXgWrZz2H9sD+eCjpeqzoh787uu2PF2v/ozsBn+PN9eZy0O3CK/evBrrXVv3UEanRjzxnva6rwvzMN64+gOHNtT6dd8rXZre/yXV4UunKrDz3HkZFC9WifVob+oW+mQBmF9NqUCaVy/yl2v1g1HvyqA9DoWeQ4568Sw6+yqT8U8aZWqTa1xWtVXxwnb1BozXeV6OR7Wcjy+D115EFetGV353BarcODctrQFoO19PgCNq9qjsiqeZbmsyqPnzMM6qtzLYdtw9M3Q02p6l7fSUG+XA0f7VFdTWuhVHC2L8X7uYdc3LzoGVM5wJcePStZ7XgeOduRzcxxvVT0Y38eBo17q8vQO0us6pe1VB+6Su76uzMNyvM4VrA/bw/CbDvvyJG9VZ8TRPkyn/gz+rnzwezfOiVu7A4cB7HkrMLm5MM8a3D6gNA5Xn7riHY2fp76en/VG2B04tqeqC2T41aDt9jpoe/z7YRXVJFabMj+OnMiql3Xyctwx9HSwPX8V4/8UVlcCNW/Vz5C7Xsp5POl5n5sad9CFKwX8f46Mh5zPdlKv66zq432gck/bFx/b0NMapxxL+v8taRMcdb5ovqreVTri5artkeeMex67I77Vpyp3na5f+07r28rnfdfVnmWh5QHaBHA8+XwAGoejts//20GrvV1ta+VnHtaRcp9HTEN5lwPHPnVbVGifUK+uQ7yKhHMcuU4s6sBxXqiN3TYedn3zwja6LoYrOexQOXBu92peMT+dX443nZ9MS5tWa3+rXjjvGmuaHm3g3qrtvfBlH504cKqLeRhu2c6hDraH4W+efMUkb1VnxNE+TAcdN3/istG/3nLrpN4A4V/+8pdTOvYigztwHJwap4OjMnYFy/aNuULjPS0Xzla8gkVA4+epr+dnvYE7cExT1cXz49zr4Pk87FSTWBcMrU+1gfqxpdfT6QTSBacCbfRFjHLXq+eI//jvHTM1TnCu/ef9US0enl/r432g8nnHCfEyNOx18/ZpHhy5CXiaql5ersfpQkt9tB1ey9f0rT5VeVUHwrqwHE3rbVF9Greo/eehqgtkKJdrlc8HoHFezyrs+VmOy6q46txt5ek0jKM7/Fon3xC70D7FEWNK7UMHDs/nUo50rXFZoXOaMv2ci8rdDn3aMAvW13Vpu12O9MzDduN4zSsPfv4EVPOK/YP06gCrboZVd6XHw5XT24JpuLfS3jhedN+3Thy41tqm4VnlMV7HCHW37EyZ50F93XkjkLuOvchCDtz3cdn3zKun4gHkAOnOvPSW0RdPmH7AlR1Ho+tVhBYs298YYnlf/OBlo7PO/8G4TJbNc31mhHoYxnnrV547n30GWCs/6w1Qh3E9ireGWG/q8PyUVZuqh2FX2odA5pMYZesbc13lsG+reNer6dA/93vEFyb5dcHWPAS25htbtAnwicq+nche8tnxufcVzrGgXP6Q43aMS4B6eHrVz77RN5y0bEBbs+zW5uug/TpW/S01zhWvG8eD5td0aJPPlUoPZVqux3G+e9+Dx/3xp3aknyySd45tlwO0SftUxwB06rzhsXqrTvVpHN5855XWoajqAhnqwjXG5wPQOK838zOMc9rdy+G5jkG3Ec59fniZlT6E0Sc4+trIOuGca5jrq+BY5BhyB04fxJ+MIbPHLNg2rY/+1wuVux3UVosCHa05531DOerBurDdOOJh+661lflpR7696nXx/C09POc6hPWRY4BxXON8v2Yajm32mdoY7deXZTQdw+e98bzx8br3XjC1b1VlaVjL0joDtsnz4A/nLTbhdurcDhwGjDs2CuQYOPiAIi6pslM1jW5uSNvaPLRTqMcnAsvD8VOHnT1eAHCOIwY1zjlQ9NVhzd9aJKp2Igw9fGCU5Xtez896A3j+nHSqA0dORH8AWtuNoztWmpb6WL72mS+c4GN/8alJXVSfpkc89bDsqh7vP+T0KT0YC3wDSPNDp5aroP1nf+JAOl+gaCcc2Xcsi/Lx52vshQSAfweHNPxficAntuaBfvYN+oB9jbD2u9oX4T4OHNvB9rEMxEGmV2RcH8cDbcgxAxnHuc8Vlomjjk0t19E+J6wr+K+PPmsyVvUqANLoGNYxh7Lg+HF94BjgfPe64cg+8LFLtJ2+Oavcx4vr0PHcRSs/juM15s5PO3gajfP+YT9oPtqi2hQ5NpnWnQfN53Ktk4axFiCs89LbQb06bjW+Yrz5yxiqfkgirA5c62PILZCWH0lWnQx7Pd0mrX2gL65f5d43mBun3f2dkzkO2G7aQevjtqJe2LIab4jjnNa10/WofVAe10UcuZcyra9xWhZ1+XqOOFyBQ/v1NruubUyHtQTl4lMfOla0b3DO9uhcYN9X45Ft1Ld0cdyXDhzP3UguR1peDve0PilbEwfpVB/PVZ/KqsWKkwTndJw03geS4s+kULfe/tNyHc/PgcF6qBOog7F1e7Fqq8o1jPiqfC68mh63HHWzpT2QngutO5SM1w0EYb2lxrK9PKXSC9B+Lga++KB+ugBqWXRivF9pe2xQCOMZPMpUr9aBOnzTpD7tA01T6apAenV6ND9k2oZKH+2Ac44ZyDi+XKeGdWx4mlnQxrQdx6qWizQ6hn0M4MoIN2u2ge315y1xpH1dD1H7eF9oGh8vivdpF1V+6vbxqnic6uG55/NxwHQcm0zn7W611+uOjY/nWAt8PWjVh32ntp8H14swnXqEV+nAqa0WxfWr3PsGcwN2Zrm0J+JoB62P24p61RHWNJpX1xjXo/ZBHvywQvguT7xwMs+Zlm3w2+pMw/HgcXDgfF65vZEO+Ssdmhbp2B7ItO7oe68z66UyzbPvbqHyvDXYaRwu3m484B/27dKlg4PnVWe0nnU44tEHBiR1eH3cyVF80lE3Nn/aAuFW/T0/24NXoN0JhA5MaIR1EfOyq4eLvY4c8FX5kEG3fvIDct1sYRPdRJG+5VB6PXQzQLj14Cyp9AKdyMzPI+qHfNq37APIaU9fIAD+m4imA6pX68CxobpwrB4Sdlu3xoRCu+s4YBzqpC9d+KceAO2Ac44ZPhOj45PptU+1vpqmD2477R+OLXXmOAZ0zHGcePv12Rt9KYPzozWWtO+8LwjrzPMq3jeaFlX/sg4+XhWP03rgvJov7mzrudbDx7zn03Q8R3lPv+9Jo6suPPhjEi8B6bxs1QfyJ7zsq1Pzpg9VOxFWZwP/kH6eW+HYV5BH2wddqKte1SUtWy1KKz/7xevFPQv1xvymzWkH1efzR8vzMQW0T3SOVTZX+/CWc1UHziufI1oPX88Rd8GnzpqaL7q2MR3zuw4fxxhzugZBDhueePf3TuSan1cVtSy2Fy8ruBO31S8x8Nw7hNBQOmDcoB7u0sW0qsc7A8eWA4fOVh1en+otLFJtBAhjwaMtEG7V3/OzPbw6oRsXdNCBqxY3puNgxi1ClWs6LhZePr/5BN3+VqBOGthEJ001MZlvlgPXckZJpRdwAeG5HlE/5NO+ZR9wAvuCSdt3OXD+Jp06atSFozp2TOsLki9yFbS7jgPGoU7af5U+/PpmXo4Z1Jnj3HVqnw7pwKHPkYZyjgEdcy0Hjn2Ac9YXR86P1ljSvvNxT1hnnlfxlaNcUc151sHHq+JxWg+cV/PFr0jqudbDx7zn03Q8R3n4QQqnjengzOm8bNUHcvyI8nnTh6qdCKsDp8+v9QFpkUfbB12Qz3LguvaBvrTys1+8Xkf+3gHnDfkwZmlz2kH1+fzR8nxMAe0TnWOVzdU+tDm+q4YLDVoHfufQ1yKth6/niMObqD5ffI7inPldh49jjDldgyjH3R/KNX+XA4fwOVf8dOLEbZLzBuZ24PgrwDuR0Ci6+fqi6Ab2sMoZx4Hm6XnOgecTUfPh/FmvumSqPA8Tn3QAbTnlN94wmQhaR8fzMy2fD3IdaAPT+kRjOk546vX2Ak4OL59h6P69F1++Q6+Xx3JYF49XfapH64JzlIOFwPOSSi/lvuhoWtaJ5XE8QsZf4VXdqIMLZNV2hWmoX/tA2+rlteaH60bZnCuqD3I6MOjj1nOWbhMeea46tU9RV55rmj5AN29VoW+1XITR51oHjgEfczj6PNB4XplgvTE/uvqKVJs1dXa1GTKf7y26+lftMSvO20zbeT6td3XOsNeraq8+78i++fxd3rgjXTWuXC/kWAs9rg/VuuB3JvBDueqnFkiLW4DqvKCOp97/fVMOA/DnPj1+Xlr5Wbb2DerFPQtgfnMdoA1UH9Lr/NHyfEw5kKtuj2PdcOS8rurANU7niO4/0OV1uOhhx4wu/u3XT9nGr3jinPV0HYznEWNO12/K8fw126N5/YeAthdhlrkJz7w5cztwfBCQDxhqPBdOpNF/v4W3TzStG9jDqov66EXzwUrq83hfvNmhkI8n87trB87bAnywAv4bKOjiv+Vwfa382h5/2wqgDUyrtvb8uNKD/ycImbdXZV4+PnCIfDrR2AafNNquamIC1V/Zgnrxb088L6n00jZYQNROahPWCWVgMrL/IHvbXx9YHHTBZN2oi+OIMre159PxBvwDqJQx7Bupwz7iw8LUgSPbTJtWc42o/cb2uPNhZrapqiN00YGrNrZZQDcXev5LG9ZZ/2VPJde64Mh4H8e0s/7rLthKdbRwXSrTNrtNIeO86qKrP1rjtRXHerJ+tJvrRZy+CMU2uM28XprWdbIe6BvE67+eYh20zq73dUcevAI+LyxXZRwjdDL8yskskFbXUAB97zn0wBXcWboq+/WlGnMeR920qTpwsD3HijpPyAN59RFexFdjystXuTpwzAs9tA/nNcr7j8/d+QUJptM9hW1r1fHCtxx4zMVt4/bCOevpOhhPp4/2Ur2UsT1q68qB0/HQKnMTWNiB0zfyiL5Jyc8I0DC+mWo+DzM9Owj6+HAlPW99GxDxeIOFHaf62KHQh3OPp45qw/XBClg+dMHjZx09b5WfaccLt7w1RDnawLSI468mz68LctUeLvRePvNBN8vmW2c+gLVdml5R/XgD2G1R6XWqeP4iwmLjb1Dpiw3sW9wa1rc3q38jxbpNbH5nGsr87SnPR/0a9rZqedV4UjhXxuNaPieDI9vMf7zc5TCo/XBO27FNXkfOW/Yd/+2O6+0CuvVhcS2XYeJyrcv4eOc8cCeDdtZzzA/V0aKaE7qesM2+fmmZXSCfX70hrfHaimN5+pZt1UbEVW3Q+uLc66VpXSfrwXRcC1SudXa9/GSPx/Wh0kn5Mh04dYZ8LXdoY5f3wd8yVbhWsG84J9SBG8/1O9cBrTPqw/3UbYb4akx5+ZCrbsqZ95x7v2tSD85r1lHbRBtWDtx4XyzqyHxuG5+jOGc9Wzp0zHPsUcf4/KMHrl7jnHMbbfSXYei8TfI2ytwE5nbg1Knwwc4FRtPQMO7IaD4PMz0NDX0c7DqwmVcHm28EkFMX8nq8luV1wK9x/7ccLB9H3HPXgQD0F5Dn97S0DeU6iDiJtWym0zZU7WFaL79y4PjWmQ9graumV8af6rjzhRQu/loXb1NFFc+245aBOwAcW6wTx4jro50or2ysMneWievXNrp8HgeOfaG3zamPbR4viqbXqcYM0PyuH/o4NrQ9fYFuPL/DfFou44HWhXLq0DLZj75GqJ0B9Xp9HN8cAPXr4u127WsLz6e0xmsrTvukq41V/auxWeXrahfLQjzXApVrnRVuii29s6h0Us5/eYTzefTTfirjGKS9PI/iY3AeWusw0TjWCc/jsm90nDzr3d8eX/1ifXTNc53VmPKyNR9085x58TY/7YPbk6rXxxfWfL1KzXbr3NeyeZWZenR/dN3aDtUBdByzrjr+eGSdOUfRjpYDp7KqzE1gVw4cDcCrAzSqOh40jHeW6vUwZVyIoQ8LywX3e/dYn040lsdJ6hMJ6fUyL+N1IFULPuvgizUHCPJXi5i23fN7WtqGch1E1WVdptP6enu1bC+f+aAXcHLx0nOVH+e6CStaNhd/2oY6qnxKFc+64aiOgZ6zDd531Odtr2yMMPpQ9TquX+3icr1Khsv9/sFLBWMZddKXPvzBfh3TOl6VaszgyPw6R1lf2oL9pwtZH1AGfrywvlou47UPWUdN433m9nM7s+9a/eSofoahn3bQNaQqswvka/VHa7x62PsHR65v2qeE9caxWgeA1x111Pa6Tl1j2HasBQhTjjpqvzGffkfR9TpuKy3XgZx7DMe/p2mBtD4+1BHxtdxxe84D57PLieqlPfU2oNabdWZ9GOf9wDgfU1622lr3b6bnhQiWB9hHlLM832/0h4eXBf7o0IsnOlkm41QP9g5tp+oAOo6pj3NBdSGvzm2OIe171lnXm6rMTWAuB84HCI1G4yCMX/VqDJ5rZ+l5FVYZB4fq1uePKOM/P/aF2ctHHDYe/0fTrTr4pGddGO/PQmnbPX8rLeU+iDzMdL4ZVwsH4r185oNetVlVFvPjvHq2AehkxvEjj/rY+Kj/NLjKp1TxlGk9EdZ6MI7leF7aifLKxggf+l9OaLZP0+m5tlnlWh7ONewgvY8H1AVHthlHxKN/fbwSrzfDzM8rsFoW28D+86vMs4De4x9/8qS+Wi7Pq35iu3DufaZhxnt9Nf8sKn167rYHeLbUZRVIU13pAFpHH1dVHG0PnZg/ai+HdfO+9Hiitq76WOun9gbaZ/c+7IodjoOOTS+zwvvM7aJATtsiXR/9BGm9rHkcOOpwWR9aNtZ4nrPt6jCpPfSqmsbp+NE4HVO4cudlu26VI4//twrQ14Hj/qN19LKp0+NVD9dhT6PQxqpP5w/z6vyo+t7b0FXmXmcpDhxvo9FQagycYzCowdx4HlYZjtoJONcOoAwDEzJ3aFgXpkfcp/7zO5tv9LjMN2Ho41u1rJPm9QGq+VtpKfdB5GGk4+dDtD1dDpzXn+XwrUDq8bL4yjjOdUFR1JHEkbdRoZdx/qaZU+mlDEf2LcJaD8axbM/rba9sjPC7H/OJZvs0nZ57H/g56OPA+Xjg7VS2GUfEo399vBKvN8PMz4WLb3SybNqH9XC9XUDvO1974dh2Xi6o3kylnO3wPnP7Icz6cizSLpquRaVPz932oJJVIE1Xf1TjtRVH20Pn4X/89xPb+VUrpsFR6+nt0vRq66qP9U3Qj93zvVN9wiPqqnZnPqTHG9+u13FbVW+gEm0713RP0wJpfXzofwPyZx4r5inP81U21nie07b6UoqOE78yynOdP/pj3MeUl+26aV/m1bd9WR/Ga7twrms+6OPAjd9EFZ2MUz1Y+9gO16HpUReMOebVujGvzo+q7/0N2K4y9zpzOXA6QGgYfdCUHazGwDkdOP4vNDce8/GcMMyyqFt/ufD2H8sAOpEQx/zUd94hp051GOR8C+pPH3LqRBfffFO8fOqu3rTzTbyyDc6r2woMUy/qwn8vVbUH8M0u1s/Lh+w/PufAG0/ad1oXwNt/nPAaz7K87/WNVr49WG1EiperNmQ5biMe2V7WQW2IB969bLcxzvEAq8sd6ue5vtBQpQGwjdvederYgb34Rqq2kf3odgJVvRlmnN7q4lhmmOOY86qFvi2o9eOD0Vqu10vrrXKWyzRuP8AxqJsVdLgdKqiPbVX92nbKEHZZC9bF5aDV3lYcymQfef+7btZN66l29Lqz7zSNlq3l6FjUuvKoV34oY521TJTndXdbtdoHdEyxDJxjfuj/0qxAWtfLNqgNvD6uw2V9QD584UBtS6r5o/l8PGkaxjs+Jzyf4rpZH+bl+ONYoQ1oN73K5XME52c89+BdN20v1/IL33PqDp26R+Goa5/XV0F6jFPdd3zeIi/Dio5/b0NXmXudXTtwfvmVcczDQcKPyGo6gnDlSTPMshDGBwaZD79ItE7srOqXEP8vJuO9wxAPfdA//vaU/B/NFtChvxL1ygPLqvLoOQdt9euJYdaL6VQ3jrjyhbRIw4dUaQsduJTzKqr/UvFfr1qexrMu2i96hBw2PPf/etOUPsfL1bYirrIJbcWPTbKvfHz6Yu42bp072o99zkEfB07HDj+w7G1gP7qdgLcH6PxooWODtnM9qq968LlKp2GmaclRPucp2+k6FdoA526HCuqr5rGuBZT5+tOF1sVxedcYY9g/cwC5j12gbfH1zOOpR+cHafXh5+9y8JtuHG9Mp3deKINe18M1WWWexsNd6Pzw74k6rb5Deairf2i5oqVjFsjn+xHw+eNOFuei6vI0PHdn1Meh5/P8hFc/KceHnLn/aX0Qr3d4tFzqwvnRjzxpMs+5JrMc6MC/0lKdjNe+rdrrnPobr5/YV8e07mOt9UbBOPA5UaXbBOZy4PzqCIyGe9c0nnYS8+AcRq+e3yIIV/eyGWZZCPsvweo5jmrj9F8R3mGIpz6tTxeanmHV6+1kGj3nYlc9F6K21uccVDeObzrsy01bePmQcTH2ZwX8+REtr6oDZFoPHinHMz2uz/FyNez21Hg9sq+0/Tj6RuI2bp07asc+56CPA6djh3bzNrAf3U7A20OZl+VQJ85pO9ej+jTOwyrXMNO05Chfy3b7ObRBpbPC26f4WtOStdC6OC7vGmMM6xpKuY9doG1Rh5Nybyv0AJe3+lDnK+I1XeXAcc30Mr1/qjQa7gLt0ysqHu9pXQbcBl3lt3TMgmPCbethd/Ba7dI0fo70dFq8LR6uZAzrkX2p9UHYHTg98hxrHfvc1y+eX3LX103JtG+9jTxX9Hll7U99dnXW2CM+J1rp9jpzOXD08PWXAL8b45cxmQfnGLSMrxw4DhL/kCTK4QChHDK91IqFheVBB8vwukOmdfAOg4yXcVs6HD4TyAGug7NqJ9PoORdqf76QMqZjmymjbhzxOjrk+guMtvDyIWOZOjmr8rU8xrv9tR7USTn/bVUXXq62Ve2p8VoXhNlXqktt2yrLy9W0ij5jqOcY+6yr2xq3cFu3fDjOUb7aj/VjXWhHwHarHm8PYH26oE6cw3atX+7Up3FVmUynYaZxOXXpq/1Iq3at0LfUqvIdtI9z3uMo0z7zTaoL9oe3DbgdGXY7apx+U49yH7tA28JzzuGqrdCj84O0+pBvoGoaHYuqF0fodT0+TtlutZXboQv2o47ZFq14t0FX+bPGYYU+OuK29X5fhwNX9ZEfYR/qZn0Q1qtbfuS53v7U9uLI82qP1L7Vent9CcqhfbU/tc4ov89Yq+aEp9kE5nLgAAxCI9JwQB0GNRqet6JXrANPdVKm3yHSMvw7LjQ2BwPLq3QrWseqw/hZhC4dCiej3grSAVstBmobnHOh1nPVX+XBkXXk4Pe0LVtAxrTsD5ZVDXbKGK92Q9g3Puhjv1X6HC/Xz10HZd5enlOu466KB30mOqg2ToBbX7SH2xr6aFsHYxxjDWm0H2kL1kXnWMsWPmb6QJ0Mc655OtKycReVc6O69LYh9LVsRbB4V33eArqr+edp/Nz7sYL9UdnM68Y0lY2Z1vsDY7ePjQHnedVWlOf1AX360MeijwFN57o1nu32dcPLa4G2sY2z+qYV37J7xaxxWKHf0qxsq+WNv/H2nIOOcqtdLXvjHH2NK0jn/++v7dW2Vn2qI+qiV8v6OHBepuoDuIXKdZMy5q0cUa+v6gUe7zZcZKy5zk1hIQeORqThLv6dNx88t68a6+TVDlOd/Io1wPNckHEBodOlE8sHCMNdX8Nm+YyvOoxxXToUfsmaX2avBqfnadkGcv+KdvUFbtXPo+adZQvI+Esb5/rFai3Hy2O812X8RexTrpmUBX1Hv+XAvyur9Dlerp+7Dsq8vTyn3DcNj3fGbZEHqGeBtPgvCrjSxl+RGgd9Vf+P4+9Ie9gDDnwyAud8G81trHMMz3ZUtmi1pwvqZHuhp5oPpGXjRaCd+Z9VIPvo+y4fXXTU+VNpPV/V5y3YRpd7Gn8hBUf/da6wr6r+8LkK1Ol0G9MWXtdq7LbQtdPjuIa6vE8f+lj0MaDp/GUWT6v1qGzUxbht9tX9Fq14tTvLb831rv+y0QLl8jnkyrbaXu/bVrta9sI51hXsi/gRWI0pDSN/VR/Vq2HURa+WcW3TNU7ri3MvU/WCj5xy539NurOMSdt+rXbgfEx5Xm+P21B1ed1aVGVuAgs7cPiFTcPhLUie+yVjd+AO/B/PAx4+0UvkdC6ohw6cXwLn83g6IHwjdbSjoV/fDmI83570vBWsI8rFG0g+OKuNoGUb2tT1+zMUqp9HzUvbtGyhNtY6er95eYz3ukDX+c/45KQs6GO40udoufqMJfW7Dsq8vTyn3BdKj3e64iqQFleF+Kyb2ppt6nLg8BkOpME5fk3j6DZGmGO22oznrbOWz/L66GnZeBGYXx+LwBjS23cV3uce77CNLvc0HP9Mq7IK9nXVHzqWVcZx7XaDDPPb61qN3Ra6dqqcb4Nq35GqLo6PRW2XniMddema7GVRVtmoC7Trwv/69kkbW48lgHP+t9dMyQD7gOdd7Yc9u/q/AvXi1xAq3doH3rfI6/sh8+Do9sI5+1wf4fB8RPtH0/izagxD7zIcOB0L7/nkAQfOxxTy8vk11VHVWfN6nNtQdXndWlRlbgILO3A456TSKwW+sOmAxZsfOkAU5vey9Lanyvm2otaHelx3qwy+DaPxfd9AJSybb+KobTytpgfuwHlayvXNGtfvgx9pH/m2K3akUSD7xju+VMZXdVCZ2xrn2vdaBt4YqvRVMJ2+gVqVV8n0raeWbb2cCrbF5S04znEr0L8rxLguBw5HpKHt9G1Qrac+H+X193BfWKZeHfI0SsvGi0A7s+2QwU6zbK/l9qmDj8kKxLOPcH7N938+PnZ9L0zvIHg9fO0jfBvP5exrr2s1drvw/ID9pX1HqrpU6Fjssj/7TtdkT8tjy0YtOP4xP0DXm6j6X00c2oDld4231rxtQdt724n2gfct8lb7YctePEe+qr1eftVO3zd5DrnWBzK8sQkZ1zjOEerCub/5yfaynOcfc9GkLiwHYe7t1dvMXm/m9XSsg9qwslcfvMxNYFcOHDsAA5JG9AGqA5CDoJqE1SKEfJcf+rlSDviRRp8QrrtVhnYuByYHq+dtQR2YTKgP6sJB72k1PVDbtAYa2+n5qR9HzYu0/8ubDr5Rd9Mtt+7QB5luWl6Whl1GuzPMvoYePrtIvfg4ZKWvQm3gbfWNDGFvb2VDX/g83vFxOwumR7/7GGUdq43gqgsPfjoEaTiHOOa8zfrRSq+/h/ui8xbjfpaelo0XgXaDHraL64anVbTcPnXgXHa5gnK58NMeOj8qkF7/Xyjsx7jWGEK6qs5qB92AqrHr6Lyu2sr82nceNwukY3s0j7dR02h5OrZoq5aNWpx49wMfGMb88B9KDtK6jLAeLL9VB9Sxcqha6HyubO1yHNVRQN5qP/T6uhz59P8oezyp2un7Jsch5Dr+tSz+cEFa7QOc65qt+nHEv9ICLAdADjvzA93oV69nFWY9Vc46qA051io9zr/8y7+M8Pee028a3f9VV46P+PvXf/3XqbR7kZU6cHRsqgUScp+cyHfy0z5dytlJOhCpx3W3ytDBwMEL+L2gPlAHNnIuUF0LjZbZ14HTxZrp9DtQmhd1UAfOJxeujLW+x1fVQWW0O8Psa+hxBw7fFqr0VagNdEP0vgU+iX2ToLzaBD3ser2sLpge/X7aA98/vhWgcSir2ghOet5BZ49pEOZHa73N+rC/19/DfdF529p0lJaNF4F2gx62ay85cLOu8rgDp/OrNYaQrqqz2mFeB07LrdrK/JWD7uEWSMf2aB5vo6bR8txxQbhloxb8P51Yk7t+GDOtywjrwfJbdUAdq3nbQudzZWuX4+gOXLUfen1djnyLOnC+b3IcYp/R+vBKGWSYE1jjkFb7AOe6Zqt+7odaDoAcdqZTiH71elZh1lPlrIPakGOt0uPgD+kd/HnavchCDhyNwg6ADIMeYR+gvkG4sVWuTgBAOZiUp939nVNy6vTyuiY4Ny6GtV7Q6fF9oA7mQ110Y3C0zL4OXBXWjcfT/E/vPrCQIc4HsL7R6211PS7TvgesP/Tw5RPqbU22ipYNvG9BtblV+X3cebxT6e2CdeO41f5GHN40q8aAvmmNdHpLTvUyzA2McV4H198Hnbe6wHZR2XgRaGfAdlVj2NH4WWkBdFb2V9T2rEPX3GU6bpxuO+87lVc21vmja2I1dh3VV7W1y14ebqHt0TzeRsb5Ue3D85aNWvDf8zHsa5andRnRunXNddSxqwxH5zNo6dXy3fmu9kOvr8rpaB3x6On2evkeVjn1qj2gl3cD2HccXwDpEOYPzpatqE91a5nQrfPPx4TXm3ldDtyGOu5cr4N1GjodfVN4L7OQA0ej8A0oyGBAhHGub4nw4cMz7zgCpP/iCZeOz1Uv5D4BUQ4edj71L/9xSq6DQstrDShQbZZ67vF9QL4T8AbLHfluPvPq0Unv2Lkgs93g7afuXJhpG3/TyPV7GOkxmfhgqadRB87j6MDxbTrXjbawvjh3G+mE4Jtq0POpw86eyBFuTbYKluvpEfY3jlimp/P8/vBvl41Vr/ZXF6wb2gqbXnC/d0/GNOLwuQDIqB8L3hc/eOAZE45zpPO3hb3NeNmB8WNb3/mmlLd3HnTeglmLHKhsvAj6diPqwHHotudV59Y4hMx1K5yD3m8K7XDDCQft0ceBwxu0OOcY9zHheVo21vmjz93pmul5xnWwscy2epl6zjq6LbvQ9jBP661Gtp9hluNOQstGLU56+1fH7WP9ea5pEP742782Tuv5idaxWkM0HcrAWk48DajmM/N7WpXjqA/Lj8sqXprQ9Gov5kc+rA2tfDomPY3rVXtofbocOL7sgXPXrfU44oQDPoGXifPJCziNMeXhVr+5DTnWMAZdr4LbpEjXYhNuoy7kwGlYFxN+SkNfx8VCzDc8OPD4xs4OPXcOBDofBHn8OS6A/O+//JrR6d+5fioOctdDdMBxUOBcnR7P06WX7UKbxgPyo5fvWEhQhrZfJy8X6i5nx+WsMx1m1NfToI4P+eCXygHPW3KnHHLwHxgTr6fXF3phA4bZt9Bz/bnfnsip18tuUZU1D1V+2pbhLhsDH6d94C9hoP9fF0f8ylYH7v2HnD469w3nTb1tWTnSjurVBVDbOy/aXo+r0HZ73DxwveAD0xzDql/bxnMtl2ncKULYZZrfy8AmzI0IQOZXfBzE4dMxWheltVa5bKyr8aNC+8bbA3xee3093usIXOcs/t1LzxnP/6o+rtfDnq6yUYvvnfrNHeMD53Cg3THE/OvSq3VCOyq7A8h1TAB3jgHmM+ri87lLL49ulwpN73Lkd3mVr+oDTcd9ujUOaWOucdgz/v0Lzx+fwy60geejfhzxCZGqLbQz8ldjyuuj9e2C+3M11nzvjgNXyKp4hb9uPR0Hghu5BX4dvPqCS3c4FATylh4dcKgDBw/Td/367tKr6ID0dir6LEJ1iwW4nHXGoqK3wjQN6vgbx3y2dFrowH3+vkePjvuDN06V1wX0wgYud5tRr5e9SjBxtfwuG+8GLm7oC5aHI8o/597vmqTrej7H7eew3jpeh2jLquCYp918E0A8bzO1xlDVny2Z523JUZbesq6o5tssqrL6xLXifV57fT1+Gfzbw08fz/+qPkOj8wNtRR+xHuzzWXNImeXAuazS3RonVX6gc7jL0XQ9ro9zw+Wz8jnejx4G7sB95LkfHTvyOMdt1pYNVB8+4lvVieewbVW219/DLbr25ypuX95C7ZJV8Yq+bceBDEeGr0RXRq7AIH7Qp84sHQrIW3p0wHHyo3ym73oDtUuvogNylj04YPS5CMXlrDN/vei/GCKoIxdb6OZDpvhFwu9vgSc/6dip8rqATtjA5W4z6vV6rRofl27LZUBb8goOZDzqs5vVK//E7efoA7kcr0O0ZVXAPtx0gW8CiOfm0Zo/1SbGucRwl50g940UefX7dBWLOHCtOsyKA1VZPq/dweA48Xy7AS9GdTk+Q6LzA209457H7phrsGFXnzmtdrReQqh0j7/Bds/p9bNld9Sxpb+C/evpEe5y0Fv5HB93HgZ61RM86/WfGDvyOMcPr5YNVF+XA4d6om+rurrMwy269ucqbt+9xFANUO8Yj69AOi7S+Igg/lEtzisjt0DayoGjA+NyoIsdP16IYyt9X73KPPbggHF5C9aZDhz/wa+mYT2pm/H4uKI6cH3aUul1ucM0Xq9VM08/LEqXA6cLf7UJzIuOV4/bJNAGrCP8gLHbRteGrn7zOJ9Ls+zkt26QdwgHbjdUZfm8rv4x96y2z4uuKR63SjhmuubaLFrt8I+mk0o3ZG536nCZxlX6K9iHnh7hWQ5clW8R3IG790s/sMOBa9lA6XLgaKuqri7zcIuu/akVh1ul+vfLX/5yKs1eZW4HrvLUvWM8vgIf+vu9F18+PsfxWa+6ZHzeMnIF0lZXhLocDf01x4mA8lvp++pV5rEH4melUXTyYgLhlqhvRLrYsn2alxOyT1sqvS53mKbPMwtDMk8/LIo6IP6xW134q01gXnS8etwmgTbAgeMm4LbRK0hd/eZxPpdm2cnjmd/royDOyx2Sqiyf1/7ZI8T5mrBbdE3xuFXij41Uc20WrXbAnpW80k0nZkresea19Fdg/CO9f4SZc8Pls/ItCsaR7he4EssX4Vo2cNhmrZPu/5VNXObhFl37U1fcpjK3A+e3HQCMS2+9r6H13ybhiDBeSICRqxcTKpC2y4Gr9PD1Z8D64sHMVvq+ehW2q489ED8rjaI6MYFwxUAfVKUNuUjpr7HdOHCq1+OqdLNstArUrvPYeB7UAcEY1lt7lPNXrOedF/b9UG1ZFag/xuLkLTSzDTepWfNnPJbv3DDVNpwPXXmreOb3+hDW1/MNibZRZV1XWdQGy4JzH2ulx60S7QP2OWWetgXb4TaiXV0O3fr/UTmfUa7r7oLjy+UVvE3u/watJe8bPy8tBw4vaPW1AeoDPVon/fdylU10DLfSOF17D+NcvunM7cBVwLh488nffpoF0/LItzyrFxMqkLbLgZulh2/f8A2rWen76mV7+tgD8bPSKPrGECYQ3ojTBZ42BEin6bkx6oR0/S1Ur8dV6WbZaBWoXeex8Ty4A6L/TodyLoKed17Yl0O1ZVWg/rAJ38B123Cczpo/1INz/jhRWVfeKp75vT6k9db3kGh7VNZ6c1DjXb4bOPexVnrcKtHPzrDPqxdhumA7/BMTtJvLoVuvNHE+z/tP7zm+XF5BR6yvvG/8vEAfr7bBbnTg8HxvHxvwFqr/uy2gfVjFsR9mrQOka++pviCxDSzNgcMvl65fhRVMy+OLvnjx2Mg4etqKlkNBeR89KPvfvvq0Xun76mV7+tiDtnN5F9RZbSa04T2PO/hwKI/qwL3sT48ubdeCemflmbcPh0RtM6+N++IOCMrU/qFsng2mC9W/qaD+dErcfoCL+qz5o/FM7zLPo3g8dXh9iD9/tQoqG8xqX0u+Gzj3sa543KpBH9Au7K9Zz2IpaAfWfF8TaDeXs981XWuMdK17yNe3b1qOTUveN35e3IEDxz/+5HLeVtCBq+pEudubcZRXc6Cia+9hnMs3naU4cHQMiMe3QKfo5VFcTSOetqLlUEDWVw/Kxq+KPun76uVthj72oA1c3gXtVW0mrN9bz712Ug+1M3894oHUynYtqHdWnnn7cEhoG7R9Xhv3xd+iRJns8zhwNbCPOnD+FuUzP/qNiR3v9abpxZjo2sExTlmf2y4+91Aeb495WshRz+qt7yGp2qFt9vRd8t2AeY918u4fOXglqrpVVdE3XV/QP9rPCPe5lUfQFnxmSftR7ez967dou+Zza92DDeaZuy1HrCXvGz8v0MUrnNxv8c29eRw4/C/Uqk60R7U2697ZZx8FXXtPn71rE1mKA0cPGVTedAumZ+fSe+5r6C4Hrq8elN03fd90+HVH3bPsUQ3sWTBP5cCxjjj3euBIB65luxZ929433SqgbWb1wW6ofp2zvDhwNbAPF23Yxa+e3O+EcyftnHXFh7ZQm+h49/SeV8eG95uCOMirt76HxttRtbmKXyaYz7xTQVl1paOib7q+6LzScF+49qmddLxU9vM53iqzte7BBhzTHlfRcsRa8r7x8wJd7sC1Xj6qgAP31KO6HTiXA++PPnOua++Zd7/bFJbiwHHQAP6y7gPfROHbKTBw34/lMn2Vdh49qHPf9H3T/c9Hf3Kie5Y9WgO4C+ZpOXD8tArrQTsjLZ4n0MnY99dx37b3TbcK0F44Cv624TLx52+0z4dy4PBvuly+ScA+6sD5m2y/efxnJuvJfzju01P5FV3kVdbnTTx9Ew5ov+nLTgDpIK/e+h4an+MMt9rn6ZcB5jM/5kvZb5/Y77Zl33R92Y0D5y95Ua7jpbKfz/FWma11DzaA/kp3BeZH1b/VFVmPr/ItCsrClxt0z2i9fFQBB+75x1xU1rnLHuqI4thnznXtPZDhKlzf/W5TWIoDx0EFqsuhLfQyOMJ0KKoOcFpvReqbKB5XgfL7pJ9HL+L//V8duIowjz36Ar14i6eazKwjz3H0/lnUgevb9j7pVgHb7DYaEu1zOtizvi02D9C37AfU9xrj+fPC8ydz0+OVqo91rGvaT1zznTEM6/zBufab/oskvjEHub/1vQpQNt/g07f3dV47rmO3sE+0P3Cu9mwxqw/nhc6D4mlatBw4HS9uS9gcZfzw5ANjoms+t9oKefUFhy5a6WfNf//3UU6fPiO0AfsezOPAgWqf6pJ7nPZNF6hba++BDM5d3/1uU1iKAweWsXDQ8FUHOPS0Pa164B5XgTr3ST+PXsT/2andt352A97owa+X6nK51q1Vz0UduC6d86bbVvRtKy5wfpVuN3h/byMYO7jao3NzGWBO+rykPfUXPvpK/0E5rxRAvg77c77jHMfqjb6hQT+gXF9f3J4Vy+xDZRE7dDlwnpbgivelv/vm0dWP+9A4zH9H6OlAq60t+dBU5T7t9C9PyWah++28Dhxo9VVLDtSB87iKrr0HMvR93/1uU9hYB473uj2t3gP3uIq+Dtw8eqt6LRM+H1A956PltuqgDlz1nywq5ml7n3Tbij6rwQXOn5PbDd7f2wjGDp63WrYDV81L2tP77SOP+tiONOt04BZ5HmjZwG4o19cXt2dFnzSLsIgd1BHRvuzqV8TpHMZzkK353GprSz40VbmVbBa+3/Z14HALFbRugXb1oY55j6tg3ar2UdZ3v9sUNtaBa70VqW+heFwF3m7pU+48enWgDwH/1131do6W26oDfk3Sdn0HNHVVb/hU6Vplbzv8/5QACxyeH+H//PS0i+D9vY1g7OCNx3/3irPG52/56hVTaRahmpeYR/j4stoVb5oCTbNOB07/tyWOOsZWBeY9bs3RfuiTyp4O0y2rD5VF7OAOHPq++r+6CuLw3y7osGBsVPOZbW3Jh7BBF636VLJZ+H4LW1Q2cOjAtW4Hd/XhPA6ctrVqH2V997tNYWMdOKSpHlikvK8e3FvvU+48eivHctnQ3v7LRstt1QG39Gi7vgO67wToY8v9gv6zdn9Qf1H6PAuy6WDsgL6f9+kL9aqMP4J07cLtU726gDikQV/udo1blHk2syHwtc839BZMt6w+3C24kvR/fODkcb3Z99UPYYU255hozeeWPdZlg1aZVR1nwb2CeVs2cOjAubwPtHtX3xBta9W+vvvXprFnHLiv/OCmHZs/wp5GQZrq68qU89zzOX3LnUdv5VguG9pbvxqubQGt9nzl5K+N29Ka4I7qRb5Kp6drlb2f0Nft8RV/jw81//eJnxmPH7DMuUSdKtM36Cn71GFnTzlwSHfxSz67qzVuN6zTgcM89rWvb9/0Tbcq1PF8/seunPS9/xBW1IHDCwSt+czx5eveumzAciu5y2aBPLrftmzg7NaBg727+oZoW70PdF/qs99tEnvGgdO3R3Cc9bAh0/hg1LweV9G33L568YYPdc7zts+80N56Rcbt0WoPH+bs68Cp3q4HQfvacr+gD/vO86HR/QzmDDe71hxfBOilzupNVF278AYqHTi+9XnOO74yetNhX97VGrcbUK6+gbpKdM77/J7VN33TrQp14PCx82oddWh7jAmMg9Z81jHr8nXYoKoL5fPuTd6Glg2c3TpweEauq2+IttXbrfXus99tEnvGgdNfKDhWvxwUTVvJ/bxF33L76uUA6escLYrf9gH+K6/VHsrwNlKfbzS53kqnp2uVvd+gA+fyUKO3QVpzfBE4H6t5Wa1d7DPeXuPtU0+3Kvrc6hsKncfeJ25Lx9Ovm//wgZMnD+SjXX36VMcA/weopwEcs77urcsGrfKqOTALb0PLBsukT98Qbav3ge5Lffa7TWJpDtxuFxcdVH0GmA8ol1OP53P6lttXL9O1HiBdFtWDt15/D6scR3fMWrieSqen8zz7lThw86HzWs+vvvnHU2nnATowJ6t5WW0U7DPIMdcQxvlu1rjdwPmOo8cNjc999IWuc62+0XTL6MNlgHpg3eP6VPW9Q9vzg7bVfGZbfd1blw20XKeaA7PQNuBY2WDZVBcpKryt3gca9nb/f6NREy8H3O0P7zN6ycsPHR89bh3EgetZbl+9TOeDatnom2nE6+9hleMYB254Wgt+qNF5ree7fYMPOjAnq3lZbeLqwGGurduB43zvemtvKHzuqwMAe7b6xt8MbKVbJajHvA4cbc83Uav5zLb6urcuG3Q5adUcmIW2AcfKBhW7uYXa14HztnofaNjbjXALL+dJT3na6Lvf+974nMd1szQHDg8a9nnYsAUMxsuefRwLH1Aupx7P5/Qtt69eTdfStSx8cGtbQKs9lLXiHdfbytPXlvsJ/2f3oRud17/9vs+Nz31BXoSueVltFOrAMYzz3axxu8XruCp87fP+aPWNpvM86wJtwYbP9anvhQcdB9V8Zvt83VuXDWaV5XNgFjovcaxsULEbB676UH2Ft9X7QPclbzfCLbwcv+r2rWuvnUqzano5cN6woXjykW8ZHfrq142PHleBtC6jfB49fcvtq5fpXL4K2JZZ9ZwV76hej6vSzaN7m3nIC943XuxcHtpwjD3oiPeNzx/3hrdNpVmEPuOXcKNWPM1+wtcU9EkfezLdsvpwGaANi65PXWMBbaz0rssG2keOp+2D5mvZYF1oW6s+4L7k8i7cD3IH7ppvfWsqzarp5cCF3YPB47KwGmL79RHbr4/Yfr3E/uujr+3daety4P74wQ8b3Xb77ePzG2/aG5/IigO3IvoOqLB8Yvv1Eduvj9h+vcT+66Ov7d1p63Lgrv32t0f3fcCfjM48++zR3e9136n4dRAHbkX0HVBh+cT26yO2Xx+x/XqJ/ddHX9u709blwO1F4sCtiL4DKiyf2H59xPbrI7ZfL7H/+uhr+64/T7sXiQO3IvoOqLB8Yvv1Eduvj9h+vcT+62O/2D4OXAghhBDChhEHLoQQQghhw+jlwJ36uc+PDnvlqyfh2267bXTf+z9w/F0U530fOH6c5g/ve/+J7E8f+egpnc989nN2cNXV10yl2Us87ZnP2hH+i6c+ffSQP33k6GuXXDKV9qi3Hj16zGMfP7r0sssmsuPe/4HRQ+9I//nTvjCVXu2HV5VVruluvPHG0b3usKvn3y9c8vVLR6efWX+c8oV/9dej5z7/kPHYpOzwVx8xevLTnjm64YYbd6Q96m1H77D5G//uqLH8nHPPnbI54t5z3PunyttvPPu5z79jzD9jSg5O+sQnRw962J/usP0ZZ55V2h6o7e95n/uNfv6LXzRt77L9xs233DL+AvwjHvVno69fOv0Bcdr+/R84YSKD7R/6iEf2tj3lmi62P8hFF188evnfHD4l/8lPf9q0PfYAT6+2B2p79LGn9fz7DfUPPA6255qvcqz5le1ba37L9puy5u/KgWP4lM9+bnT4q/52Ev7Sly8Yff/7B/9n31uPfseUzltvvXXCve/3x1Pxe4Xv/+AHo9e9/o2j//H4J05k7Nzbb7993NloA+PwnZgLLrxwfA5nC7Z6y9vePnrv+z4wlv23Rz9mqgydrB/9+38YveCQF0/kP//5wX+d86znPH/fOnDnnf+lsT0+9/nTpuLOOvucifNAW8IRRt+pjGAy//1JH5+EEY++hBPxxCdv7mQeCtjgljsciW9cccXoHvf+ox1xsP0LXnRwvOJ4/R1zHw6Hylwfz6+66urRH/3xgya2V1tzsfX8+wltf2UL2v6vXvKy8XER2+M8tm9zrz96QOnA0T6wPdcT2v5DH/7IVB63J23vtr7gwq+MnvAXT50qb78BB81lBPbimk/bc82vbN9a81u235Q1fxAHzgfqLK644ptTsr3Cz372s7Ezqg4cfmHx/LkvOOSOX2hfHV9tOP9LXx69//iDv8Y+9el/HP8aUHt873vT/4pH46+86qqJEwH5yw49bEe6/erA4erja1//hh0OHO3GhRA88tF/PnY27iHf6XnV375mhy6fzPgVjTxwIvDL7OprDlwNhjOOq06bMpmHAlfTeU6bn33OF8fHyvZwKtBfkMH2Z5519g59vj4gTNszjrb3tPsN/PjjOa6Y4QjbP+NZ01clFrU9jn7FLbY/wLe+de34+1+vEIeAtn/cE/5iIuN3wWh74PZrhXHERQLKcWfn0585ZUfa/ca3r7tudNLHPzF2slROm1W21zXfbd1a82l7rvm0/aas+Ys7cA/4k0m4rwMHo4BTTv3szLR7DXXgwE9/+tOxM/X2Y47dIf+z//H4yTkGxf/7vBfMbCPiH/Cgh4458g1v2iHnon3ihz863uT2qwMH4AxXV+DUvnB4v3LRxTsui3/sH07aqeeOyXyfO36A0OZwmiGHfWF/6nvwwx4xPm7KZB4a2OVHP/rRlIzntL3KYPt3v/e4qTy0/UtffuhYRtu/6c1vGYdp+1lzZz+AK/qPf+KTJ2sB0XUULGp7QNtf8c0rp65m71fOPe/88dx3Bw7A9nqrDrbSu06UeZi2f8zj/p+pdLT9U5/xl6OT7/jxr3n3G7iKhgsgOMeepxc+WrbXNd9tr2s+bM81n+lwVNtvyprfy4HDs0f//c8fuyP82Cc8aRJ2Bw5Gch34v2HYfAFvMeLK1Yv++qVTafci7sDBg/dfB+CvX/aKyTmeh3jzW962YzDB6/c8PthU/olPnjz6x1NOnfzKiAPX7cDh8jeeG7r/Ax88kf3dUW/dqcd+jRE6EbwNQptvymQeCjx3qFfhlMr2f/LQg3MDtsc8aOUhtD3DtH2Vdj+hdyfe+a737Ij75pVX7ggvantA2z/6zx83OuK1R3am3S+g/bjCjLtNcJ5f/NKXT+Jge73Fx/Gqe4Lbz8Mup+3/6frr970Dp+Diha7BLdvrmu+2bq35TIc1X22/KWt+LwcOqEHQ2NO+cPok7A4cvGFctWNYr0op//0xj93xjNdeRh24pzz9mVPx11///fHtVgwAOmm41Yr2YWLyAeTnH/JXU3l9sLkcz2A85OH/7cB5YyPdD7gDd9113xkfueEA2kxt6vZtTWY6EegrvKTy4Y9+bCzflMk8FG4/gCvQOML2J3zoxB3pPnPHD45DXvySZt5Kpg6c2r5Ku59QxxlX4XCE7bHe4Jy25zO2i9ge0PaIr+bQfgZrul6Bo+1pH9ieL+/R9rg44Wt9y55qb57vdwfuzx/3hPFtVJzjGXk+z8w1X21J21NW2b615jMP1ny1/aas+b0dOPC1S74++s53DhiwD+d88dzyma9t58c//vHU26l40QGblKcNywFvMftbd/gh8a1rr51KG5bP6WdMvx0c2y8HvAWJTcnlpLJ9JQvLp7JzJQvzgzdNu2zZWvM93TYzlwMXQgghhBDWTxy4EEIIIYQNIw5cCCGEEMKG8f8DI074UI8OrM0AAAAASUVORK5CYII=>
\ No newline at end of file
diff --git a/governance/meetings/2022.md b/governance/meetings/2022.md
new file mode 100644
index 000000000000..4994990842ed
--- /dev/null
+++ b/governance/meetings/2022.md
@@ -0,0 +1,1495 @@
+# OpenSSF Scorecard Meeting Archive — 2022
+
+## Dec 15, 2022
+
+Attendees
+
+* Spencer Schrock (Google)  
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Michael Goddard (Google)
+
+Welcome new faces
+
+* Michael Goddard (Google) \- deps.dev  
+* 
+
+Project/Individual updates
+
+* Naveen: working on Action to use the API for deps. Follow-up to Aiden's summer internship work. Will show a demo next meeting. Some customers asked for "rawer" result
+
+Agenda
+
+* Release [https://github.com/ossf/scorecard/releases/tag/v4.10.0](https://github.com/ossf/scorecard/releases/tag/v4.10.0) [https://github.com/ossf/scorecard-action/releases/tag/v2.1.0](https://github.com/ossf/scorecard-action/releases/tag/v2.1.0) include the OSV scanner integration  
+* \[Jeff\] Criticality score may need reviewer help. Can we have a pool of ossf reviewers?  
+* Scorecard release 4.10 and Scorecard-action 2.10
+
+## Dec 1, 2022
+
+Attendees
+
+* Spencer Schrock (Google)  
+* Naveen Srinivasan  
+* Caroline Lee (IBM)   
+* Lior Kaplan (Checkmarx)  
+* Jeff Mendoza (Google)  
+* Laurent Simon (Google)  
+* Brian Behlendorf (OpenSSF/LF)  
+* Brian Russell (Google)  
+* Raghav Kaul (Google)
+
+Welcome new faces
+
+* Lior Kaplan  
+* Matt Spiekerman
+
+Project/Individual updates
+
+* BrianB \- news re OpenSSF budget support  
+  * New donation from Amazon close to $500,000  
+  * Announcement TBD
+
+Agenda
+
+* IaC in Scorecards proposal (Lior Kaplan)  
+  * [https://docs.google.com/presentation/d/1\_dy3\_L5c42ZhUeVaAvnF8K3ati5L8ePVgukVt3qqXIw/edit?usp=sharing](https://docs.google.com/presentation/d/1_dy3_L5c42ZhUeVaAvnF8K3ati5L8ePVgukVt3qqXIw/edit?usp=sharing)  
+  * Would be multi phase check to give projects time to fix before scoring  
+    * Phases 1 and 2 could be combined  
+    * Detect IaC files and ensure security checks are in place  
+    * Similar to SAST  
+  * Integration could involve detection of KICS GitHub action detection [https://github.com/ossf/scorecard/pull/1487/files\#](https://github.com/ossf/scorecard/pull/1487/files#) is a PR to improve the SAST check to support Actions, etc which could revive  
+* Scorecard UX for Annotations and Configuration (Jeff)  
+  * [Scorecard UX for Annotations and Configuration](https://docs.google.com/document/d/1CcJeIr3Uskj84uwFQQHu12wEKRoO55rkCo7FzBA6jsc/edit?usp=sharing) (shared with [https://groups.google.com/g/ossf-scorecard-dev](https://groups.google.com/g/ossf-scorecard-dev))  
+  * Need to hash out what we do for public facing results  
+    * Bad actor, score inflation  
+  * Related issues:  
+    * [https://github.com/ossf/scorecard/issues/2296](https://github.com/ossf/scorecard/issues/2296)  
+  * Feedback: it would be better to go ahead and define what the score will look like online with this proposal, but that will take a longer discussion to decide  
+* .gitattributes tarball file evasion (Spencer)  
+  * [https://github.com/ossf/scorecard/issues/2489\#issuecomment-1331377334](https://github.com/ossf/scorecard/issues/2489#issuecomment-1331377334)  
+  * go-git could help, and is receiving patches again [https://github.com/go-git/go-git/pull/620](https://github.com/go-git/go-git/pull/620)  
+* Next Scorecard release planning (Naveen)  
+  * Resurrection this PR [https://github.com/ossf/scorecard-action/pull/780](https://github.com/ossf/scorecard-action/pull/780) and make changes to use the API for dependency diff  
+    * For this PR specifically, being able to run Scorecard action on PR trigger is needed  
+  * Building great features, but without a new release date, things fall of the schedule  
+  * Similar to other projects, we should be working towards specific goals/features  
+* Decision on scorecard scan between 2 releases feature (caroline)  [https://github.com/ossf/scorecard/issues/2368](https://github.com/ossf/scorecard/issues/2368)   
+  * Is there some vision of this feature that fits the Scorecard vision  
+  * Request to voice comments on 
+
+## Nov 17, 2022
+
+Attendees
+
+* Spencer Schrock (Google)  
+* Raghav Kaul (Google) \[facilitating meeting\]  
+* Brian Russell (Google)  
+* Laurent Simon (Google)  
+* David A. Wheeler (Linux Foundation)  
+* Theresa Mammarella (Sonatype)  
+* Eddie Knight (Sonatype)  
+* Caroline Lee (IBM)
+
+Welcome new faces
+
+* Theresa Mammarella (Sonatype)  
+* Eddie Knight (Sonatype)  
+* Big thank you / shout-out to Sonatype for their 2022 report, which analyzed Scorecards’ metrics and is really interesting\!\!
+
+Project/Individual updates
+
+* 
+
+Agenda
+
+* Handling Code Review for automated (bot-generated) commits on a project (Raghav/Spencer/Laurent) ([https://github.com/ossf/scorecard/issues/2302](https://github.com/ossf/scorecard/issues/2302), [https://github.com/ossf/scorecard/issues/2450](https://github.com/ossf/scorecard/issues/2450))  
+  * Proposal 1: Move to leveled scoring for Code Review rather than proportional scoring (-3 if any bot commits are unreviewed, \-7 if any human commits are unreviewed)  
+    * Sonatype reported the broader context. On single-maintainer repo, if there are bots & external contributors it’ll seem like code reviews. Most people will do explicit reviews of bots.  
+    * Laurent: Can we differentiate projects that are single-maintainer (e.g. by looking at contribution history), and score them differently?  
+    * David: Having a “lesser” penalty for bot commits seems sound because of the different types of risk posed by bots vs. humans  
+  * Proposal 2: Commits from well-known bots (e.g. Dependabot/Renovatebot) will not be penalized  
+    * David: It’s odd to not penalize “well-known” bots \- perhaps just be consistent (all penalized or none penalized) for bots  
+      * Sometimes the proposals are wrong \- having review even in this case seems wise.  
+    * Will possibly get into an allow-list problem, similar to recent Token Permissions changes  
+  * Note: \*SEPARATE\* the idea of \# of maintainers (having more maintainers is good in case one dies) \- that’s a different issue  
+  * If we can’t tell at all, report “insufficient data”?  
+* Proposal \#1 sounds more sensible, let’s start there. Scott H. (SEI) was running draft Scorecard code against 400 repos \- see if he’d be willing to do this on this proposal to see what happens.  
+  * David: Maybe add this to the Scorecards CI pipeline, so we can form opinions in the future  
+  * Issue: That would affect token usage. Branch protection requires it.  
+  * David: Maybe instead document how to run the test suite? Maybe ask Scott to document his process?  
+* We don’t want numbers to bounce up & down. We look 30 commits back, but if the commits aren’t squashed, a big merged branch may consume many/all of them.  
+  * N\#umber of commits fetched is configurable w/ GitHub GraphQL API  
+* Discussion of using the git data (.git) for checks  
+  * Previous discussion: [https://github.com/ossf/scorecard/issues/1709](https://github.com/ossf/scorecard/issues/1709)
+
+## Nov 3, 2022
+
+Attendees
+
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Spencer Schrock (Google)  
+* Caroline Lee (IBM)  
+* Raghav Kaul (Google)  
+* Sarah Evans (Dell)
+
+Welcome new faces
+
+* Sarah Evans from Dell, interested in contributing. Working on risk dashboards  
+  * Welcome Sarah\!\!  
+* 
+
+Project/Individual updates
+
+* [https://lfms22.sched.com/event/1BKDO/do-you-know-the-health-of-your-oss-dependencies-introducing-ossf-scorecard-naveen-srinivasan-endor-labs-brian-russell-google?iframe=no](https://lfms22.sched.com/event/1BKDO/do-you-know-the-health-of-your-oss-dependencies-introducing-ossf-scorecard-naveen-srinivasan-endor-labs-brian-russell-google?iframe=no)  
+  * Brian Russel and Naveen Srinivasan presenting in Linux Foundation Member summit
+
+Agenda
+
+* Scorecard to check for Git commit signing ([https://github.com/ossf/scorecard/issues/379](https://github.com/ossf/scorecard/issues/379), [https://github.com/ossf/scorecard/issues/779](https://github.com/ossf/scorecard/issues/779)) \- Raghav  
+* 
+
+## Oct 20, 2022
+
+Attendees:
+
+- Caroline Lee   
+- Spencer Schrock (google)  
+- Raghav Kaul (Google)  
+- Azeem Shaikh (Google)
+
+Project/Individual updates:  
+Agenda
+
+- Moving scorecard to Firestore [https://github.com/ossf/scorecard/issues/2066](https://github.com/ossf/scorecard/issues/2066) Naveen Srinivasan  
+    
+  - [https://docs.google.com/document/d/176LTMrCfkAkj8Kv2AlSy8xBBWXq6p5S4gNONro1uYmA/edit?usp=sharing](https://docs.google.com/document/d/176LTMrCfkAkj8Kv2AlSy8xBBWXq6p5S4gNONro1uYmA/edit?usp=sharing)  
+- [https://github.com/ossf/scorecard/issues/2374](https://github.com/ossf/scorecard/issues/2374) Naveen Srinivasan  
+  - We would also need to add to the API metrics to know how the API is being used.  
+- scan between two releases: [https://github.com/ossf/scorecard/issues/2368](https://github.com/ossf/scorecard/issues/2368) (Caroline)  
+  - Potential related “release lag” check which takes in   
+    - Number of versions from the current version  
+    - Number of major versions from the current version  
+    - Time between latest and current version  
+- Discuss about the Scorecard action v2.0.5 issue in release Naveen Srinivasan  
+  - Should have broken [https://github.com/ossf-tests/scorecard-action/actions/workflows/scorecards-latest-release.yml](https://github.com/ossf-tests/scorecard-action/actions/workflows/scorecards-latest-release.yml)  
+  - Run \#103 pulled v2.0.4 \- [https://github.com/ossf-tests/scorecard-action/actions/workflows/scorecards-latest-release.yml](https://github.com/ossf-tests/scorecard-action/actions/workflows/scorecards-latest-release.yml) and run \#104 pulled v2.0.6 \- [https://github.com/ossf-tests/scorecard-action/actions/runs/3278398635/jobs/5396740050](https://github.com/ossf-tests/scorecard-action/actions/runs/3278398635/jobs/5396740050) so looks like v2.0.5 was never tested :(    
+
+## Oct 6, 2022
+
+Attendees:
+
+* Spencer Schrock (Google)  
+* Jeff Mendoza (Google)  
+* Raghav Kaul (Google)  
+* Varun Sharma (StepSecurity)  
+* Caroline Lee (IBM)  
+* Saurabh Singh(IBM)  
+* Naveen Srinivasan  
+* David A. Wheeler (Linux Foundation)  
+* Azeem Shaikh (Google)  
+* Brian Russell (Google)
+
+Project/Individual updates:
+
+- Scorecard gets an official twitter account [https://twitter.com/scorecards\_dev](https://twitter.com/scorecards_dev)
+
+Agenda
+
+* Scorecard releases should include human readable release notes. We have a section on release notes in every PR and is not being utilized. [https://github.com/ossf/scorecard/issues/2329](https://github.com/ossf/scorecard/issues/2329) Naveen Srinivasan  
+  * Might be able to use [https://github.com/googleapis/release-please](https://github.com/googleapis/release-please) ?  
+* David: Question: What do people think about pretty-printing the JSON output so it’s easier for humans to read in addition to be being machine readable? (FIrefox formats JSON in a pretty way, but Chrome does not)  
+  * Seems reasonable, just do it for the web application API.  
+  * Should break nothing. If it does, the pretty-printer or reader is badly broken.  
+* Scorecard participate in hacktoberfest? [https://hacktoberfest.com/](https://hacktoberfest.com/) (Caroline)  
+* Security controls mapping(i.e.NIST/OWASP) to Scorecard Checks?(Saurabh)[https://www.cybersaint.io/blog/nist-800-53-control-families](https://www.cybersaint.io/blog/nist-800-53-control-families) , [https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search\#/](https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/), https://owasp.org/projects/  
+* Add more options for SAST tools [https://github.com/ossf/scorecard/issues/2318](https://github.com/ossf/scorecard/issues/2318) (Varun)  
+* David: It’s *fine* to make changes to Scorecards that changes the final score. Just make sure you version the Scorecard code so you identify which tool version gave the result. The point is to provide an estimate of risk \- added measures, improved detection code, etc., will all modify the final score. In theory you’re improving your estimate over time.  
+* There are many kinds of tools: [https://github.com/ossf/wg-security-tooling/blob/main/guide.md\#readme](https://github.com/ossf/wg-security-tooling/blob/main/guide.md#readme)  
+  * David: It’s better to detect different categories with different measures. That will make it much easier to determine where a program is and isn’t doing well.  
+* David: It’s going to take time to detect more & more tools. Just because Scorecards *currently* detects a tool isn’t an endorsement of that specific tool, it just means that Scorecards isn’t omniscient & we’d like people to help us improve its measurement (detection) system.  
+* Creating GitHub issue for bad scores for correction/enhancement (Just an idea ) :-) (Saurabh)
+
+## Sep 22, 2022
+
+Attendees:
+
+* Spencer Schrock (Google)  
+* Jeff Mendoza (Google)  
+* Christopher Alonso (IBM)  
+* Naveen Srinivasan  
+* Rich Heironimus (IBM)  
+* Shripad Nadgowda (Intel)  
+* Raghav Kaul (Google)
+
+Project/Individual updates:
+
+- Scorecard talk has been accepted at the Linux foundation member summit [https://lfms22.sched.com/event/1BKDO/do-you-know-the-health-of-your-oss-dependencies-introducing-ossf-scorecard-naveen-srinivasan-endor-labs-brian-russell-google?iframe=no](https://lfms22.sched.com/event/1BKDO/do-you-know-the-health-of-your-oss-dependencies-introducing-ossf-scorecard-naveen-srinivasan-endor-labs-brian-russell-google?iframe=no)  
+  - Naveen Srinivasan and Brian Russell would be presenting it.
+
+Agenda
+
+- [https://github.com/ossf/scorecard/issues/2270](https://github.com/ossf/scorecard/issues/2270) Naveen Srinivasan  
+- [https://github.com/ossf/scorecard/pull/2077](https://github.com/ossf/scorecard/pull/2077) Naveen Srinivasan  
+  - And related PR's [https://github.com/ossf/scorecard-action/pull/780](https://github.com/ossf/scorecard-action/pull/780)  
+  - What needs to be done to get this merged in?  
+  - Now that we have a Scorecard API this will be helpful  
+  -   
+- Demo of https://app.stepsecurity.io/securerepo to fix Scorecard issues (Varun)  
+- [https://github.com/ossf/scorecard/issues/2285](https://github.com/ossf/scorecard/issues/2285) (discuss Zombie commits \- Christopher Alonso)  
+- Renovate [https://github.com/ossf/scorecard/issues/2053](https://github.com/ossf/scorecard/issues/2053) Spencer
+
+## Sep 8, 2022
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Spencer Schrock (Google)  
+* Caroline Lee (IBM)  
+* Luigi Gubello  
+* Naveen Srinivasan  
+* Shripad Nadgowda (Intel)  
+* Varun Sharma (StepSecurity)  
+* Raghav Kaul (Google)  
+* Ethan Davis (Google)  
+* Rich Heironimus (IBM)
+
+Project/Individual updates:
+
+* \[Azeem\]: Scorecard/Gauge collaboration update: [https://github.com/ossf/scorecard/issues/2224](https://github.com/ossf/scorecard/issues/2224)  
+* \[Naveen\]: Scorecard web app is fuzzed [https://github.com/google/oss-fuzz/pull/8388](https://github.com/google/oss-fuzz/pull/8388)  
+  * [https://github.com/ossf/scorecard-webapp/pull/194](https://github.com/ossf/scorecard-webapp/pull/194)  
+* \[Naveen\] [https://github.com/sigstore/community/issues/125\#issuecomment-1240965050](https://github.com/sigstore/community/issues/125#issuecomment-1240965050)  
+  * Sigstore Nomination for Best User Adopter Award 2022  
+* Scorecard action v2 release [https://openssf.org/blog/2022/09/08/show-off-your-security-score-announcing-scorecards-badges/](https://openssf.org/blog/2022/09/08/show-off-your-security-score-announcing-scorecards-badges/)  
+  * [https://github.com/ossf/scorecard-action/releases/tag/v2.0.0](https://github.com/ossf/scorecard-action/releases/tag/v2.0.0)  
+  * [https://github.com/ossf/scorecard-webapp/releases/tag/v1.0.0](https://github.com/ossf/scorecard-webapp/releases/tag/v1.0.0)  
+  * [https://securityscorecards.dev](https://securityscorecards.dev)  
+  * David: Q: Do the links work for anyone, or only if you have a GitHub action enabled?  
+    * A: On repos with the action enabled, or projects in the weekly cron as a fallback  
+    * David: Sounds like we should move those instructions earlier, it’s easier to use (if you’re on GitHub)
+
+Agenda:
+
+* Scorecard blog \- [https://github.com/ossf/scorecard/issues/2204](https://github.com/ossf/scorecard/issues/2204) Naveen Srinivasan  
+  * Have a place to put updates, such as pypi using Scorecard  
+  * Matter of practicality, is it worth it?  
+    * Identify a few things we want to post, have someone look it over. Decide if we should work on a post  
+  * Intended for cases where posting elsewhere doesn’t make sense, e.g., highly technical, or want to post more often than others  
+  * Similarly, would a Twitter account make sense?  
+    * If desired, need to contact operations@openssf.org.  
+* Code coverage metrics for the Scorecard-related projects \- [https://github.com/ossf/scorecard/issues/2203](https://github.com/ossf/scorecard/issues/2203) Naveen Srinivasan  
+  * Proposal: Enable mechanisms to fail PRs that reduce code coverage  
+    * Can cause false+... could add new tests without checking anything  
+    * Suspect Code coverage tool can’t include end-to-end (E2E) tests for go  
+      * David: That’s a really unfortunate weakness.  
+      * Naveen: Need to check on that \- maybe it’s included\!  
+      * There’s an updated number after a few minutes \- maybe that’s an update from E2E testing  
+    * In theory Could allow “can drop up to 1% code coverage”  
+      * But we don’t know of an option to implement that  
+      * See [https://github.com/sigstore/sigstore/pull/587](https://st1.zoom.us/web_client/6orpgrb/html/externalLinkPage.html?ref=https://github.com/sigstore/sigstore/pull/587) for details  
+    * There’s a risk that someone may be willing to write code to implement a feature but not a test, and we’d lose the feature  
+      * Seems unlikely  
+      * We want to ensure that we don’t get worse  
+    * Let’s enable “fail PR if test coverage is reduced”; we’ll separately investigate if E2E testing is included in the test coverage  
+      * We can override in specific cases if warranted, but normally shouldn’t need to override  
+  * Proposal: Enable mechanisms to show code coverage on each PR  
+    * Already there except for scorecard webapp – will need to add that.  
+* \[David A. Wheeler\]: CHAOSS Risk WG would like to briefly present in two weeks (Sep 22\) \- Sean Goggins is lead.  
+  * CHAOSS is a Linux Foundation foundation focusing on developing metrics.  
+  * CHAOSS RIsk WG would explain what they do, metrics they’ve developed, & wants to understand what kinds of metrics definitions might be useful for Scorecards (etc.) needs.  
+  * \[David may not be able to attend next meeting, but it should go on\]  
+* \[Luigi\] Feature request regarding consuming SECURITY-INSIGHTS.yml (Security Insights schema) in some checks  
+  * [https://github.com/ossf/security-insights-spec](https://github.com/ossf/security-insights-spec)  
+  * Unlike a README, SECURITY-INSIGHTS is machine-readable & the goal is to put all security info in one place.  
+  * Some discussion: hard around trust and risk  
+  * Will open an issue for further discussion
+
+## Aug 25, 2022
+
+Attendees:
+
+* Naveen Srinivasan  
+* Brian Russell (Google)  
+* Spencer Schrock (Google)  
+* Rich Heironimus (IBM)  
+* Caroline Lee (IBM)  
+* Jeff Mendoza (Google)  
+* Laurent Simon (Google)  
+* Azeem Shaikh (Google)  
+* Ethan Davis (Google)  
+* Scott Hissam (Software Engineering Institute (SEI))  
+* Aiden Wang (Rice University)  
+* Stephen Augustus (Cisco)
+
+Project/Individual updates:
+
+* \[Azeem\] scorecard-action:v2 updates:  
+  * Staging site: [securityscorecards.dev](http://securityscorecards.dev), API: [api.security scorecards.dev](http://api.securityscorecards.dev), badge: [https://api.securityscorecards.dev/projects/github.com/ossf/scorecard/badge](https://api.securityscorecards.dev/projects/github.com/ossf/scorecard/badge)  
+  * Targeting launch and OpenSSF blog post on Sept 8th.  
+  * The blog post will be featured during the OpenSSF day announcement.  
+  * Pending tasks update:  
+    * Can someone from LF please help move the domains? dwheeler@linuxfoundation.org  
+    * API throttling: Azeem Shaikh  
+    * Installer tool: augustus@cisco.com  
+* \[Azeem\]: Heads-up \- criticality score projects want to use Scorecard cron library. Expect some PRs in the coming weeks.  
+* \[Caroline\] issue 2092 ([https://github.com/ossf/scorecard/issues/2092](https://github.com/ossf/scorecard/issues/2092)) to get more info, cron documentation missing? Section empty here: [https://github.com/ossf/scorecard/blob/main/CONTRIBUTING.md\#contributing-to-security-scorecards](https://github.com/ossf/scorecard/blob/main/CONTRIBUTING.md#contributing-to-security-scorecards)   
+  * Engage over slack  
+  * List of missing documentation on cron
+
+Agenda:
+
+* \[azeems\] Bug bounty for Scorecard issues.  
+* \[azeems\] Meeting recordings?  
+  * [operations@openssf.org](mailto:operations@openssf.org)  
+* \[ethan\]  
+  * Update on Allstar GitHub Actions Policy  
+  * Issues get updated/edited when status changes  
+* \[Stephen\] scorecard v5  
+  * Bugs with \`score reporting\` might be a good to include in v5  
+* Bot account? One password?  
+  * No update  
+* Docs maintainer team  
+  * Naveen created the team  
+* Settings bot, codeowners  
+  * Took a look at probot / settings  
+* PRs from forks  
+  * No branches please  
+  * Two reasons:  
+    * Cleanup (can do setting?)  
+    * Contributor experience  
+  * Documentation? yes  
+* 
+
+Summary (last 3-5 minutes)
+
+* Facilitator transfer for next meeting
+
+## Aug 11, 2022
+
+Attendees:
+
+* Naveen Srinivasan
+* Yehuda Gelb (Checkmarx)  
+* Spencer Schrock (Google)  
+* Jeff Mendoza (Google)  
+* David A. Wheeler (Linux Foundation)  
+* Azeem Shaikh (Google)  
+* Caroline Lee (IBM)  
+* Ethan Davis (Google)  
+* Scott Hissam (Software Engineering Institute (SEI))  
+* Aiden Wang (Rice University)  
+* Raghav Kaul (Google)  
+* Stephen Augustus (Cisco)
+
+Standing Agenda
+
+* Welcome  
+  * Add your attendance to the meeting notes  
+  * Anyone new to this meeting (Welcome new friends\!)  
+    * Scott Hissam (Software Engineering Institute (SEI))  
+    *   
+  * Updates on the Project  
+    * OSS Summit Video \- Scorecard and AllStar  
+      * [OpenSSF Day at OSS NA - Automated Techniques for Measuring Trustworthiness of OSS Code & Communities](https://www.youtube.com/watch?v=2ZnDu-rDrP4&t=1s)  
+      * [Assessing the Risk of Open-source Components Using OpenSSF's Scorecard](https://www.youtube.com/watch?v=x4bOTqdSRH8)  
+      * [Using OpenSSF's Allstar to Secure Your Organizations GitHub Repositories - Jeff Mendoza, Google](https://youtu.be/zg21ddTRWvY)  
+    * Scorecard action v2.0.0  beta release  
+      * [https://github.com/ossf/scorecard-action/releases/tag/v2.0.0-beta.1](https://github.com/ossf/scorecard-action/releases/tag/v2.0.0-beta.1)  
+      * Enables Scorecard badges and REST API for your repository.  
+    * Scorecard v4.5.0 release  
+      * [https://github.com/ossf/scorecard/releases/tag/v4.5.0](https://github.com/ossf/scorecard/releases/tag/v4.5.0)  
+      * Bin-Art no more complains on gradle jar files  
+      * SLSA release 
+
+* Still working on scorecards.dev \- hopefully release by next meeting?  
+* Scorecard API results  Naveen Srinivasan  
+  * [https://github.com/ossf/scorecard/issues/2092](https://github.com/ossf/scorecard/issues/2092)  
+  * How do we handle cached/old data? Checks like Branch-Protection and Best-Practices and CII-BestPracitices may get old.  
+  * No problem, they’ll still get re-run weekly  
+  * naveensrinivasan@yahoo.com to pick this up.  
+* Allstar: Action policy proposal Ethan Davis  
+  * See issue [allstar\#246](https://github.com/ossf/allstar/issues/246) for proposal  
+  * Suggestion: Add priority field (number based) to rules to set the order in which they are applied, some allow/blocks may conflict  
+    * Order is proposed to be the implicitly the order in the conf file  
+    * Needs to be clear, as people tend to add rules to end  
+  * What is the default to allow/deny? (if not specified?)  
+  * Would be good to specify priorities in categories (critical/high/medium/etc.)  
+  * Better for priority to be explicit rather than order in conf, maybe someone alphabetizes the rules…  
+  * David: Do we have an organization to try this (to get real-world use feedback)? Maybe Stephen, maybe angular  
+  * Should the repo/action selector use regex vs glob?  
+  * How can the code work with Scorecards as well?  
+  * K8s uses a similar thing: zeitgeist, ex: [https://github.com/kubernetes/release/blob/master/dependencies.yaml](https://github.com/kubernetes/release/blob/master/dependencies.yaml) Ensures all references to a dependency is an expected version @stephen  
+    * [https://github.com/kubernetes-sigs/zeitgeist](https://github.com/kubernetes-sigs/zeitgeist)   
+  * How can you pin allowed actions by hash? Or does the version match hash in a rep o  
+    * Yes, plan to reverse lookup hashes in repos to what version they are  
+  * [https://github.com/kubernetes-sigs/zeitgeist](https://github.com/kubernetes-sigs/zeitgeist)  
+  * AI: Ethan will take feedback above and put into his GitHub issue proposal.  
+* [~~Scorecard gets dependabot warnings~~](https://github.com/ossf/scorecard/security/dependabot) ~~\- who will pick those up? \- David A. Wheeler~~  
+  * ~~Have to update go first for some of them, and that is work in progress. The PR to do this has had problems due to indirect dependencies that make things unresolvable. Newer versions of go significantly fix this, but we have to get there first.~~  
+  * Stephen will look at the newest report that was flagged yesterday  
+* Invite [https://github.com/olivekl](https://github.com/olivekl) to scorecard-actions and the webapp as code owner for markdown similar to Scorecard Naveen Srinivasan  
+  * [https://github.com/ossf/scorecard-webapp/pull/148/files](https://github.com/ossf/scorecard-webapp/pull/148/files)  
+* Meta-discussion: OpenSSF should have instructions on becoming maintainers, maintainer ladder, GitHub permissions. CNCF has info that could be reused, esp. On maintainer experience. Talk with Stephen Augustus (Cisco)  
+* [https://github.com/ossf/scorecard/issues/2102](https://github.com/ossf/scorecard/issues/2102) laurentsimon@google.com Ethan Davis  
+  * Which check would this be a part of?  
+    * There would be a separate action that verifies the files  
+    * The binary artifacts check could then ignore those  
+  * Where would this action come from? Openssf?  
+    * Not clear, first proposing the format that Scorecard will ingest  
+  * Are we providing the action?  
+    * Scorecard will look at the check runs on a repo, and look for annotations? That match the proposed format  
+    * The action would be separate and not decided where it comes from: One needed is to verify Microsoft-signed binaries for example  
+  * Scorecards should report if it was exempted or not  
+  * Does it make sense to build a generalized solution for a single specific use case?  
+  * Adding third-party requirements to using Scorecards is an adoption blocker  
+  * Agree it shouldn’t be Scorecards responsibility to verify binaries (signature or other)  
+    * External actions make sense for verification of binaries  
+  * Context: Scorecard ignores gradle-wrapper if the gradle verification action exists  
+    * There should be a defined format for actions to opt-out verified binaries in scorecard  
+  *   
+* Allstar feedback request: [https://github.com/ossf/allstar/issues/253](https://github.com/ossf/allstar/issues/253)   
+  *   
+* Feature \- scorecard policy for GCP Binary Authorization \- [https://github.com/ossf/scorecard/issues/2136](https://github.com/ossf/scorecard/issues/2136)  
+  * Ragav: Proposes more of a “settings based” policy.  
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting
+
+## Jul 28, 2022
+
+Attendees:
+
+* Naveen Srinivasan
+* Yehuda Gelb (Checkmarx)  
+* Christine Abernathy (F5)  
+* Aiden Wang (Google)  
+* Ethan Davis (Google)  
+* Randall T. Vasquez (Gentoo/Homebrew)  
+* Rahul Gupta (Microsoft)
+
+Standing Agenda
+
+* Welcome  
+  * Add your attendance to the meeting notes  
+  * Anyone new to this meeting (Welcome new friends\!)  
+* Making scorecard scores more predictable Raghav Kaul  
+  * [Feature: map checks to CIS supply-chain security benchmark · Issue \#2028 · ossf/scorecard](https://github.com/ossf/scorecard/issues/2028)   
+* Scorecard API results  Naveen Srinivasan  
+  * [https://github.com/ossf/scorecard/pull/2081](https://github.com/ossf/scorecard/pull/2081)  
+  * [https://github.com/ossf/scorecard/issues/2092](https://github.com/ossf/scorecard/issues/2092) \-  
+    *  Discuss about this new feature  
+* Two quick e2e demo Aiden Wang:  
+  * The Dependency-diff API is in position:  
+    * [https://github.com/ossf/scorecard/blob/main/dependencydiff/dependencydiff.go\#L53-L59](https://github.com/ossf/scorecard/blob/main/dependencydiff/dependencydiff.go#L53-L59)  
+  * Scorecard Dependency-diff CLI  
+    * Mostly likely for program calls, rather than using it in a cmd?  
+    * Are the two flags \`--base\` and \`--head\` clear enough? Other flag names?  
+      * \`–start-commit\` and \`–end-commit\`?  
+      * \`--start-ref\` and \`--end-ref\`?  
+    * The CLI PR: [https://github.com/ossf/scorecard/pull/2077](https://github.com/ossf/scorecard/pull/2077)  
+  * Dependency-diff Visualization in the Scorecard Action  
+    * Visualization in a PR comment (see Jun 30’s agenda)  
+      * How to make this configurable / should we make it configurable?  
+        * CodeCov runs on every commit to compute the coverage-diff  
+        * What’s our concern?   
+          * Hitting the api rate limiting?   
+          * Overuse of GH tokens?   
+          * Spamming the PR with our workflow-generated comments?  
+    * Visualization in check run annotations (an additional one)  
+    * The visualization PR:  
+      * [https://github.com/ossf/scorecard-action/pull/780](https://github.com/ossf/scorecard-action/pull/780) (part1, as a PR comment)  
+      * [https://github.com/ossf/scorecard-action/pull/781](https://github.com/ossf/scorecard-action/pull/781) (part2, as annotations)  
+      * TODO: (Aiden) add unit tests coverage 
+
+## Jul 14, 2022
+
+Attendees:
+
+* Naveen Srinivasan
+* Jeff Mendoza (Google)  
+* Azeem Shaikh (Google)  
+* Varun Sharma (StepSecurity)  
+* Brian Russell (Google)  
+* Laurent Simon (Google) \<- leading meeting  
+* Aiden Wang (Google)  
+* Shripad Nadgowda (IBM)  
+* Spencer Schrock (Google)  
+* David A. Wheeler (Linux Foundation)  
+* Raghav Kaul (Google)  
+* Ethan Davis (Google)  
+* CRob (Intel, OSSF, TAC)
+
+Standing Agenda:
+
+* Welcome  
+  * Add your attendance to the meeting notes  
+  * Anyone new to this meeting (Welcome new friends\!)  
+* Enable DCO for all scorecard and allstar repositories  (Naveen)  
+  * [https://github.com/ossf/scorecard/issues/2042](https://github.com/ossf/scorecard/issues/2042)  
+  * [https://github.com/apps/dco](https://github.com/apps/dco) \<- the app OpenSSF intends to use  
+  * [https://github.com/ossf/tac/pull/115](https://github.com/ossf/tac/pull/115) \<- pending addition to TAC site  
+  * Basically, just use “git \-s commit”, or add “Signed-off-by: NAME \<EMAIL\>” to the end of the commit message text. That shows that the commit you’re adding is something you’re legally allowed to add.  
+  * We’ll start using signoffs and checking for signoff manually, but will not install the GitHub App at the repo level, and wait until it is enabled at the org level.  
+* Present and Demonstrate scorecard big query data as a HTTP get endpoint as a feature (Naveen)  
+  * [https://docs.google.com/document/d/13Uy6PGNudL9ha-LtSJGLmdBFF1qj6gGoPbs6WyxHy8A/edit?usp=sharing](https://docs.google.com/document/d/13Uy6PGNudL9ha-LtSJGLmdBFF1qj6gGoPbs6WyxHy8A/edit?usp=sharing)  
+  * [https://github.com/ossf/scorecard/issues/1056](https://github.com/ossf/scorecard/issues/1056)  
+  * ![][image1]  
+  * [https://github.com/ossf/scorecard/issues/1056\#issuecomment-1183395411](https://github.com/ossf/scorecard/issues/1056#issuecomment-1183395411)  
+      
+* The Scorecard protobuf error (Laurent)  
+  * The PR check “build/validate-projects (pull\_request)” keeps failing  
+  * Hit rate limiting?  
+  * [https://github.com/ossf/scorecard/issues/2052](https://github.com/ossf/scorecard/issues/2052) and [https://github.com/ossf/scorecard/issues/2053](https://github.com/ossf/scorecard/issues/2053) ( Naveen)  
+  * Naveen \- to follow up password manager for scorecard bot with David and CRob \- talk to Jenn Bonner (who is covering while Jory is out)  
+  *   
+* Contributor ladder definitions? (Jeff / Brian)  
+  * [https://github.com/ossf/allstar/issues/238](https://github.com/ossf/allstar/issues/238)   
+  * [https://github.com/ossf/scorecard/issues/1553](https://github.com/ossf/scorecard/issues/1553)   
+  * [https://github.com/ossf/foundation/issues/17](https://github.com/ossf/foundation/issues/17)   
+  * Ex: How do I become a maintainer?
+
+
+* Quick update on the dependency-diff feature (Aiden):  
+  * Adding unit tests and e2e tests to the [API](https://github.com/ossf/scorecard/pull/2046/files#diff-eabcfd77a28fdc286c9f470bf892b3eef91bf40f2d2e027e8c371e8059527782R33-R36) in PR [\#2046](https://github.com/ossf/scorecard/pull/2046)  
+  * Version zero will be merged into the scorecard repo soon  
+  * Next steps:   
+    * finish the visualization in the Action (in 1-2 weeks) \[[example](https://github.com/aidenwang9867/my_workflow_test/pull/59#issuecomment-1171633469)\]  
+      * Please see the design doc and figure in June 30, 2022’s agenda  
+    * Iterate to v1 using Naveen’s API  
+      * Replace running scorecard checks on HEAD → stateless query by commitSHA  
+      * Find the src repo for dependencies with null srcRepo URLs (GH API)  
+    * Replace the current dependency-diff source API with better ones?  
+      * Issues of the current one:  
+        * Confuse direct and transitive dependencies \[[issue to GH](https://github.com/github/docs/issues/18831)\]  
+        * Give null fields such as the src repo url  
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting
+
+## Jun 30, 2022
+
+Attendees:
+
+* Naveen Srinivasan (leading meeting)  
+* Laurent Simon (Google)  
+* Aiden Wang (Google)  
+* Spencer Schrock (Google)  
+* David A. Wheeler (Linux Foundation)  
+* Raghav Kaul (Google)  
+* Ethan Davis (Google)
+
+Standing Agenda:
+
+* Welcome  
+  * Add your attendance to the meeting notes  
+  * Anyone new to this meeting (Welcome new friends\!)  
+    * Spencer (new to Scorecard team @ Google)  
+    * Raghav (new to Scorecard team @ Google)  
+* \[Jeff / Naveen / Laurent\] Scorecard/Allstar presented at Open Source Summit North America last week  
+* Dependency Diff Visualization In Action (Aiden Wang) \- visualize changes in a pull request  
+  * Design doc (in progress): [Scorecard Feature Design: Dependency-diff Visualization](https://docs.google.com/document/d/1k4qzFeCpXF_FEZAzFZnXdcQsEYLB1tqiRUVgFug1bPY/edit?usp=sharing)  
+  * Design figure: [Fig. Dependency-diff Visualization In Action](https://docs.google.com/presentation/d/1Ihvwtfeh112FomdPPlmdYrVlAqbD-bftvg1QjVolgAM/edit?usp=sharing)  
+  * Quick demo of **version-zero**:  
+    * [Repo1](https://github.com/aidenwang9867/my_workflow_test/blob/main/.github/workflows/scorecarddepsdiffvis.yaml) (workflow\_test)  
+    * [Repo2](https://github.com/aidenwang9867/DependencyDiffVisualizationInAction) (the testing code for dependency-diff fetching and visualizing)  
+  * Plans on the [BigQuery Auth issue](https://github.com/ossf/scorecard/issues/2008#issuecomment-1169341164):  
+    * Implement a REST API server on a GKE for Scorecard to query statelessly;  
+    * GKE stores the credentials of the BQ service account and does the auth;  
+    * A simple local Web server demo here \[[Repo3](https://github.com/aidenwang9867/scorecard-bigquery-auth)\]  
+      * Now it has interfaces to query:  
+        * Dependencies of a dependency (given ecosys, pkg\_name, pkg\_version) at **/query/dependencies (GET/POST)**  
+        * Vulnerabilities of a dependency (given ecosys, pkg\_name, pkg\_version) at **/query/vulnerabilities (GET/POST)**  
+        * Arbitrary SQL queries at **/query/arbitrary (POST)**  
+  * Questions:  
+    * Where to put the code to? Scorecard or Scorecard Action?  
+    * About the GH Dependency Review API: see the issue [here](https://github.com/github/docs/issues/18831)  
+    * ~~TODO \- Naveen to add the concerns to the GitHub issue [\#2008](https://github.com/ossf/scorecard/issues/2008)~~   
+* Allstar: Making compliance more convenient, reducing scope of exemptions \- Ethan Davis  
+  * We should allow more specific exemptions so that Allstar users don’t employ very broad exemptions (eg. disabling entire policies) [Ethan Davis](mailto:etdavis@google.com)  
+  * Binary artifacts / spam: [https://github.com/ossf/allstar/issues/227](https://github.com/ossf/allstar/issues/227)  
+    * Question to consider:  
+      * Can we provide some accountability for binary artifacts that do need to exist?  
+  * Outside Collaborators Exemptions: [https://github.com/ossf/allstar/pull/229](https://github.com/ossf/allstar/pull/229)  
+  * Weekend: [https://github.com/ossf/allstar/issues/201](https://github.com/ossf/allstar/issues/201)  
+  * Ping duration configurable: [https://github.com/ossf/allstar/issues/117](https://github.com/ossf/allstar/issues/117)
+
+## Jun 16, 2022
+
+Attendees:
+
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Stephen Augustus (Cisco)  
+* Brian Russell (Google)  
+* Yehuda Gelb (Checkmarx)  
+* Aiden Wang (Google)  
+* Caroline Lee (IBM)  
+* Shripad Nadgowda (IBM)
+
+Standing Agenda:
+
+* Welcome  
+  * Add your attendance to the meeting notes  
+  * Anyone new to this meeting  
+* Announcements  
+  * Project updates  
+    * Allstar:  
+      * [Load key from env var \#207](https://github.com/ossf/allstar/pull/207)  
+      * [Make notice ping duration configurable \#206](https://github.com/ossf/allstar/pull/206)  
+      * [New feature: Log summary of enforce results \#204](https://github.com/ossf/allstar/pull/204)  
+      * [Update logic in getting config files to avoid hitting 404s. \#197](https://github.com/ossf/allstar/pull/197)  
+  * Roadmap updates  
+    * Meet at Austin (June 21st, OSS’ 22\) in person to discuss  
+    * Announce location to meet on slack  
+    * Slack channel for in-person communication? [\#osssummit-onsite](https://openssf.slack.com/archives/C03L0TMT22X)  
+    * Jeff and Stephen [talk on openssf day](https://sched.co/135wg) Monday  
+    * Laurent and Naveen [talk on Tuesday](https://sched.co/11NgG)  
+    * Jeff \- [Allstar talk \- Wed](https://ossna2022.sched.com/event/11Ntx/using-openssfs-allstar-to-secure-your-organizations-github-repositories-jeff-mendoza-google)  
+    *   
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * Allstar: [Proposal: don't allow appending enforceBranches on repo level if disableRepoOverride is true \#211](https://github.com/ossf/allstar/issues/211)  
+  * Allstar: [When should issues be closed? \#159](https://github.com/ossf/allstar/issues/159)  
+  * Scorecard [golang action](https://github.com/ossf/scorecard/pull/1962) discussion  
+    * Trying to preserve git history from code moving from action repo to main repo  
+    * Going to Go 1.18 may be not worth the work at the moment  
+    * Open an issue for dep update problems  
+    * Discuss more in Austin  
+  * Shripad: Proposal Issues opened:   
+    * [https://github.com/ossf/scorecard/issues/1985](https://github.com/ossf/scorecard/issues/1985)  
+    * [https://github.com/ossf/scorecard/issues/1984](https://github.com/ossf/scorecard/issues/1984)   
+  * Discuss Austin meetup \- Done above in roadmap  
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting
+
+## Jun 2, 2022
+
+Attendees:
+
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Azeem Shaikh (Google)  
+* Brian Russell (Google)  
+* Eric Tice (Wipro)  
+* Laurent Simon (Google)  
+* Rich Heironimus (IBM)  
+* Caroline Lee (IBM)  
+* Shripad Nadgowda (IBM)
+
+Standing Agenda:
+
+* Welcome  
+  * Add your attendance to the meeting notes  
+  * Anyone new to this meeting  
+    * Shripad Nadgowda  
+    * Sebastian  
+    * Caroline  
+* Announcements  
+  * Project updates  
+    * Allstar:  
+      * [https://github.com/ossf/allstar\#repo-policy-configurations-in-the-org-repo](https://github.com/ossf/allstar#repo-policy-configurations-in-the-org-repo)  
+      * [https://github.com/ossf/allstar\#org-level-base-and-merge-configuration-location](https://github.com/ossf/allstar#org-level-base-and-merge-configuration-location)  
+    * Scorecard Action release: support for GITHUB\_TOKEN  
+    * Scorecard v4.3.0 / v 4.3.1   
+    * Run dependencies on scorecard (intern project)  
+      * Move discussion to GitHub issue before design doc is written  
+  * Roadmap updates  
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * Shripad Nadgowda: Would like to present some work I am doing around OSS release assessment and see how it can be aligned with scorecard  
+    * The request was made to if scorecard could check for additional checks like tfsec similar to fuzzing. This is not just tfsec, but have suite of tools that scorecard could check for the ecosystem.  
+  * Discuss about dependencies with the tool chain [https://github.com/ossf/scorecard/pull/1969](https://github.com/ossf/scorecard/pull/1969) and [https://github.com/ossf/scorecard/pull/1949](https://github.com/ossf/scorecard/pull/1949)   
+  *   
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting
+
+## May 19, 2022
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Azeem Shaikh (Google)  
+* Eric Tice (Wipro)  
+* Laurent Simon (Google)  
+* Christine Abernathy (F5)  
+* Aiden Wang (Google)  
+* Arnaud Le Hors (IBM)  
+* Caroline Lee (IBM)
+
+Standing Agenda:
+
+* Welcome  
+  * Mission and vision for group (WIP on 4/7)  
+  * Anyone new to this meeting (Welcome new friends\!)  
+    * Aiden Wang (new to Scorecard team @ Google)  
+* Announcements  
+  * Introductions  
+  * David: Open Source Software Security Summit II happened last week in Washington, DC \- lots more focus on OSS security  
+    * Scorecards is important for that, so we need to keep working on what we’re working on. E.g., greatly improve the ability of Scorecards to detect tool usage.  
+    * Good news: Much more attention to OSS security\!  
+  * Is there an LFX “merge/take-over” of scorecards?  
+    * No. The idea is that the scorecards project continues to write the tool. LFX implements a data lake where that data can be stored, and LFX can the display a lot of data about an OSS project including scorecards results.  
+    * There will probably be a small delay due to Shubhra Kar’s unexpected & sudden recent death. He was the LF CTO & lead on LFX.  
+  * Project updates  
+    * The  older JSON format would not be supported in the cron job as well as in the scorecard CLI.This was mentioned in the  [https://github.com/ossf/scorecard/releases/tag/v3.0.0](https://github.com/ossf/scorecard/releases/tag/v3.0.0)  
+    * Scorecard version 4.2.0 was released [https://github.com/ossf/scorecard/releases/tag/v4.2.0](https://github.com/ossf/scorecard/releases/tag/v4.2.0)  
+      * New patch release coming in the next week or two. Potentially with more CheckResult changes.  
+  * Roadmap updates  
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * [https://github.com/ossf/scorecard/issues/1774](https://github.com/ossf/scorecard/issues/1774)  
+  * How to handle invalid config? [https://github.com/ossf/allstar/issues/158](https://github.com/ossf/allstar/issues/158)   
+  *   
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting
+
+## May 5, 2022
+
+Attendees:
+
+* Jeff Mendoza (Google)  
+* Azeem Shaikh (Google)  
+* Stephen Augustus (Cisco)  
+* Godofredo Contreras (Google)  
+* Brian Russell (Google)  
+* John Naulty (Coinbase)  
+* Nusrat Zahan (NCSU)  
+* Jason DeTiberus (Cisco)  
+* Julia Ferraioli (Cisco)
+
+Standing Agenda:
+
+* Welcome  
+  * Mission and vision for group (WIP on 5/5)  
+* Announcements  
+  * Introductions (New attendees)  
+    * John Naulty (Coinbase) \- Promoting Scorecard with crypto community  
+      * Presentation: [\[External\] ETHPortland - Defense Against the Dark Arts: Measuring and Improving Security Posture of Open Source Projects](https://docs.google.com/presentation/d/1rYJ3-58mHBYIlK3o29Vpm3TY7YCCNUkl8FWk4q6rn0k/edit?usp=sharing)  
+    * Nusrat Zahan (NCSU) \- Researching scorecard on npm and pypi  
+    * Parth \- NCSU  
+    * Julia \- Cisco  
+    * CRob \-   
+    * Jason \- Cisco  
+  * Project updates  
+    * Scorecard/Allstar presentation: (Laurent & Jeff) [https://opensourcelive.withgoogle.com/events/security-day-2022](https://opensourcelive.withgoogle.com/events/security-day-2022) [https://opensourcelive.withgoogle.com/events/security-day-2022/watch?talk=session-1](https://opensourcelive.withgoogle.com/events/security-day-2022/watch?talk=session-1)  To be posted on youtube directly at a later date.  
+    * Upcoming Scorecards/Allstar session (Stephen & Jeff) at OpenSSF Day [https://events.linuxfoundation.org/open-source-summit-north-america/features/openssf-day/](https://events.linuxfoundation.org/open-source-summit-north-america/features/openssf-day/)   
+  * Roadmap updates  
+    *   
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * Mission and Vision working time  
+    * [Allstar GH Tracking Issue](https://github.com/ossf/allstar/issues/164)  
+    * [Scorecards GH Tracking Issue](https://github.com/ossf/scorecard/issues/1824)  
+  * Criteria  
+    * Brian:  
+      * Mission that can be used to make decisions  
+      * Vision that paints a picture of project successful   
+    * Stephen: work backwards to figure out the alignment about the criteria.  
+      * Start with Best Practices WG \-  **[https://github.com/ossf/wg-best-practices-os-developers](https://github.com/ossf/wg-best-practices-os-developers)**  
+    * CRob: Diagram of how all Best Practices tool fit together: [https://raw.githubusercontent.com/ossf/wg-best-practices-os-developers/main/img/OpenSSF%20Dev%20Best%20Practices%20Projects%20Relations.png](https://raw.githubusercontent.com/ossf/wg-best-practices-os-developers/main/img/OpenSSF%20Dev%20Best%20Practices%20Projects%20Relations.png)  
+    * Proto unsanctioned one-year-old OSSF Reference Architecture  
+    * ![][image2]  
+    *  ^ (Needs updated)  
+    * Jeff: Scorecard also identifies weaknesses which can be automated.  
+  * Massaged Scorecard Purpose:  
+    * (Adopt) Automate analysis and trust decisions on the security posture of open source projects.  
+  *   
+* OSV vulnerability scanning integration question (godofredo)  
+  *   
+* Scorecards [PR issues](https://github.com/ossf/scorecard/pull/1886) (Parth)  
+  *   
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting
+
+## BEGIN WORKING AREA
+
+* Current purpose from WG readme:  
+  * Purpose \- (Adopt) Automate analysis and trust decisions on the security posture of open source projects.  
+* Draft: [https://github.com/ossf/scorecard/issues/1824](https://github.com/ossf/scorecard/issues/1824)   
+  * Scorecards Mission Draft \- v0.1  
+    * Assess the software development security posture of open-source projects.  
+  * Scorecards Vision Draft \- v0.1  
+    * With Scorecards, open-source projects’ secure development practices become accessible and understandable to consumers.  
+  * Draft (John Naulty):  
+    * Vision: Provide visibility of security posture of open source projects.  
+    * Mission: Build a tool that unifies the measurement of security posture for open source projects.  
+    * Strategy:  
+      * Identify best practices and signals of security posture  
+      * Incorporate those measurements into the scorecard utility  
+      * Incentivize projects to adopt scorecard measurements to improve OSS security posture  
+* \[CRob\]: what is “security posture” defn?  
+  * (Jeff) Security posture \- Adherence to known security best practices.  
+  * \[CRob\] \- Provide visibility of secure development and management practices of open source projects ?  
+  * \[Stephen\]: Scorecard is looking at overall “community health”. Should we incorporate that in the mission/vision statement?  
+  * \[Brian\]: have a Scorecard specific wording but also show how this rolls up to Best Practices MVS.  
+  * \[John\]: Security Posture would be accumulated measurement of potential risk vectors--measured against the potential mitigations for those risks (e.g., branch-protections to ensure certain aspects of [safety/security of the system](https://www.usenix.org/conference/srecon19emea/presentation/leveson))  
+    * Where safety practices:  
+      * Prevent losses due to unintentional actions by benevolent actors  
+    * And security practices:  
+      * Prevent losses due to intentional actions by malevolent actors	  
+  * \[Stephen\]: figure out the different “personas” of Scorecard users \- maintainers, developers, enterprises etc. and find a MSV which fits those personas.  
+    * \[Stephen\]: example from an enterprise perspective (e.g Cisco) \-  have a tool for compliance for the packages which the enterprise published to OSS.  
+    * \[Stephen\] Ideas  
+      * Consumer  
+      * Developer  
+      * Contributor  
+      * Maintainer  
+  * AIs \[for the Scorecard group\]:  
+    * Detail out the personas and their user story.   
+    * Prioritize who will be Scorecard’s primary audience.  
+    * Figure out what will be Scorecard specific and how these specific MSV roll up to Best Practices WG MSV.
+
+From **[https://github.com/ossf/wg-best-practices-os-developers](https://github.com/ossf/wg-best-practices-os-developers)**:
+
+**WG-level Objectives**
+
+Our objective is to provide open source developers with best practices recommendations, and with an easy way to learn and apply them.
+
+Unlike other existing best practices list, we want it to be widely distributed to open source developers and community-sourced. And we want these practices to stick, thanks to an effective learning platform.
+
+**WG-level Vision**
+
+Our vision is to make it easy for developers to adopt these best practices, thanks to:
+
+* \*Identifying\* good practices, requirements, and tools that help open source developers create and maintain more secure software  
+* Helping maintainers \*Learn\* to write secure software  
+* **Provide tools to help developers \*Adopt\* these good practices into their daily work** – WE ARE HERE
+
+**WG-level Scope**
+
+The Developer Best Practices group wants to help identify and curate an accessible \[inventory\](https://github.com/ossf/wg-best-practices-os-developers/blob/main/docs/inventory.md) of best practices
+
+* Prioritized according to ROI for open source developers  
+* Categorized per technology, language, framework  
+* Community-curated
+
+**Help build a community**
+
+* Program to attract open source contributors and incentivize them to use and contribute to the inventory
+
+*Scorecards Project* \- [https://github.com/ossf/scorecard](https://github.com/ossf/scorecard)
+
+* Purpose \- (Adopt) Automate analysis and trust decisions on the security posture of open source projects.
+
+## END WORKING AREA
+
+Updates:
+
+*  David A. Wheeler  
+  *   
+* Azeem  
+  *   
+* Naveen  
+  *   
+* Jeff  
+  * Binary Artifact ignore list: [https://github.com/ossf/allstar/pull/176](https://github.com/ossf/allstar/pull/176)   
+* Laurent  
+* Chris  
+  *   
+* Stephen  
+  *   
+* Rohan
+
+## Upcoming Template:
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Azeem Shaikh (Google)  
+* Aditya Sirish (NYU, in-toto)  
+* Jonathan Metzman (Google)  
+* Varun Sharma (StepSecurity)  
+* Jonathan Leitschuh (Dan Kaminsky Fellowship \- Human Security)  
+* VM Brasseur (Wipro)  
+* Stephen Augustus (Cisco)  
+* Godofredo Contreras (Google)  
+* Brian Russell (Google)  
+* Eric Tice (Wipro)  
+* Georg Kunz (Ericsson)  
+* Yehuda Gelb (Checkmarx)  
+* Saurabh Singh(IBM)  
+* Laurent Simon (Google)  
+* Rich Heironimus (IBM)  
+* Rohan Khandelwal  
+* Abhishek Arya  
+* Alan Gonzalez
+
+Standing Agenda:
+
+* Welcome  
+  * Mission and vision for group (WIP on 4/7)  
+* Announcements  
+  * Introductions  
+  * Project updates  
+  * Roadmap updates  
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * \[add here\]  
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting
+
+Updates:
+
+*  David A. Wheeler  
+  *   
+* Azeem  
+  *   
+* Naveen  
+  *   
+* Jeff  
+* Laurent  
+* Chris  
+  *   
+* Stephen  
+  *   
+* Rohan  
+* 
+
+Open Issues & One-off Discussion Topics:
+
+## Apr 21, 2022
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation) \[I will have to leave early\]  
+* Naveen Srinivasan
+* Jeff Mendoza (Google)  
+* Stephen Augustus (Cisco)  
+* Brian Russell (Google)  
+* Rich Heironimus (IBM)  
+* Christine Abernathy (F5)  
+* Jack Aboutboul (AlmaLinux)
+
+Standing Agenda:
+
+* Welcome  
+  * Mission and vision for group (WIP on 4/7)  
+* Announcements  
+  * Introductions  
+  * Project updates  
+  * Roadmap updates  
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * Add a check/include in existing one for the dependency review actions [https://github.com/ossf/scorecard/issues/1828](https://github.com/ossf/scorecard/issues/1828) (Naveen)  
+  * \[Brian Russell\] Mission and vision update (since 4/7/2022)  
+    * [Allstar GH Tracking Issue](https://github.com/ossf/allstar/issues/164)  
+    * [Scorecards GH Tracking Issue](https://github.com/ossf/scorecard/issues/1824)  
+  * \[laurent\]  
+    * Action release: [https://github.com/ossf/scorecard-action/issues/97](https://github.com/ossf/scorecard-action/issues/97)   
+    * Release process [https://github.com/ossf/scorecard-action/issues/33](https://github.com/ossf/scorecard-action/issues/33)   
+    * [https://github.com/ossf/scorecard/issues/1667](https://github.com/ossf/scorecard/issues/1667) shall we stop altering/reducing score for secevents, checks, status permissions?  
+* Who’s attending Open Source Summit? (We could meet then)  
+  * David A. Wheeler  
+  * Laurent simon  
+  * Naveen Srinivasan  
+  * Jack Aboutboul  
+  * Jeff Mendoza  
+  * Stephen Augustus  
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting
+
+Updates:
+
+* David A. Wheeler \[sadly I have to leave at 4:15pm ET, I suddenly have to pick up my son\!\]  
+  * I gave a presentation to Linux Foundation Networking; they’re interested in what they can do to improve security.  I specifically mentioned Scorecards  
+  * LFX is investigating integrating scorecards results. Goal: If you look up a project on LFX, it’ll show the scorecards results  
+  * We do need to eventually rename “CII” to “OpenSSF” on best practices badge (this changes a key name): [https://github.com/ossf/scorecard/issues/1549](https://github.com/ossf/scorecard/issues/1549)  
+  * I have contacted Jonathan Hunt (GitLab) to see if GitLab would be willing to help in some way so scorecard would work with GitLab (currently scorecard only works for projects hosted by GitHub). He wanted to know exactly what that might entail. I said:  
+    * “I think a first step would be someone looking at their existing scorecards metrics & posting (e.g., via an issue) how to get that data via the GitLab API. Ideally someone could also present & discuss this at one of their meetings (they meet alternating Thursdays 4pm US Eastern Time, see the OpenSSF calendar). Big bonus would be help in implementing that, but I wouldn't expect anyone to commit to that until you knew how hard it was to do anyway.”  
+    * I haven’t had a further response yet, but I have hopes.  
+* Azeem  
+  *   
+* Naveen  
+  *   
+* Jeff  
+  * Dangerous Workflow check [https://github.com/ossf/allstar/pull/169](https://github.com/ossf/allstar/pull/169)   
+  * New operator config: DO\_NOTHING\_ON\_OPT\_OUT [https://github.com/ossf/allstar/pull/172](https://github.com/ossf/allstar/pull/172)   
+  * Moving forward with Smart Code Review feature [https://github.com/ossf/allstar/issues/161](https://github.com/ossf/allstar/issues/161)   
+* Laurent  
+* Chris  
+  *   
+* Stephen  
+  *   
+* Rohan  
+  * 
+
+Open Issues & One-off Discussion Topics:
+
+## April 7, 2022
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Azeem Shaikh (Google)  
+* VM Brasseur (Wipro)  
+* Stephen Augustus (Cisco)  
+* Godofredo Contreras (Google)  
+* Brian Russell (Google)  
+* Eric Tice (Wipro)  
+* Georg Kunz (Ericsson)  
+* Yehuda Gelb (Checkmarx)  
+* Saurabh Singh(IBM)  
+* Laurent Simon (Google)  
+* Rich Heironimus (IBM)  
+* Rohan Khandelwal  
+* Abhishek Arya  
+* Alan Gonzalez
+
+Standing Agenda:
+
+* Welcome  
+  * New attendees (no new friends today)  
+* Announcements  
+  * Introductions  
+  * Project updates  
+    * Allstar v2.0: [https://github.com/ossf/allstar/releases/tag/v2.0](https://github.com/ossf/allstar/releases/tag/v2.0)  
+      * Release process proposal: [https://github.com/ossf/allstar/issues/145](https://github.com/ossf/allstar/issues/145)  
+    * Scorecard  
+      * Actions release planned in the next two weeks  
+  * Roadmap updates  
+* Demo/discussion  
+  *   
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * \[Brian Russell\] Mission and vision update  
+    * [Allstar GH Tracking Issue](https://github.com/ossf/allstar/issues/164)  
+    * [Scorecards GH Tracking Issue](https://github.com/ossf/scorecard/issues/1824)  
+    * Volunteers for writing in a working group meeting?  
+  * \[laurent\]: remove low-risk token permission [https://github.com/ossf/scorecard/issues/1667](https://github.com/ossf/scorecard/issues/1667) [https://github.com/ossf/scorecard/blob/main/checks/permissions.go\#L311-L336](https://github.com/ossf/scorecard/blob/main/checks/permissions.go#L311-L336)  
+  * GitHub has made some new announcements \- should we use some of it?  
+    * [https://github.blog/2022-04-06-prevent-introduction-known-vulnerabilities-into-your-code/](https://github.blog/2022-04-06-prevent-introduction-known-vulnerabilities-into-your-code/)  
+    * New API for dependency: [https://docs.github.com/en/rest/reference/dependency-graph\#get-a-diff-of-the-dependencies-between-commits](https://docs.github.com/en/rest/reference/dependency-graph#get-a-diff-of-the-dependencies-between-commits)   
+  * Kubernetes about to announce \- new signing mechanism using sigstore for container images  
+    * [https://github.com/kubernetes-sigs/promo-tools/issues/523](https://github.com/kubernetes-sigs/promo-tools/issues/523)  
+    * Kubernetes has some questions about pinned dependencies, which impacts use of scorecards (when should & shouldn’t it be done)  
+    * Kubernetes has a best practices badge, badges are a CNCF graduated project requirement.  
+  * Allstar \- allow individual binaries to be opt-out instead of full repos (Godofredo, on Dart/Flutter team)  
+    * Third party dependency management checks (Godofredo)  
+      * [https://opensource.google/documentation/reference/releasing/preparing\#third-party\_components](https://opensource.google/documentation/reference/releasing/preparing#third-party_components)  
+    * [https://github.com/ossf/allstar/issues/157](https://github.com/ossf/allstar/issues/157)  
+    * [https://github.com/ossf/scorecard/issues/1815](https://github.com/ossf/scorecard/issues/1815)  
+    * David W: I think we need to support an .artifact-ignore file or similar, like .gitignore (see [https://github.com/ossf/allstar/issues/157](https://github.com/ossf/allstar/issues/157)). All tools have false positives, we need to handle that well. Maybe we need with two scores: “ignore project claims” & “accept project claims”. E.g., for use as test components.  
+    * ?: You could put test components into a container.  
+    * ?: \-1 on trying to id specific files across all systems & embedding that in scorecard. There’s no end to trying to create that list. Allowing an individual repo to specify them is fine  
+    * We keep seeing the “do we trust claims from the project or not”. It’s useful to allow projects to allow some things, it enables incremental improvements & detect/prevent regressions.  
+    * E.g., “Permissive” vs. Pessimistic” or some other names. Permissive accepts the claims from the project on why something is okay, pessimistic has the “raw” results & ignores project claims such as any  .artifact-ignore files & similar. Maybe warn if the difference is too great.  
+    * David W: This “permissive vs. pessimistic” idea would also enable use of SECURITY-INSIGHTS.yml.  
+  * David W: Let’s contact GitLab via Jonathan Hunt\! Ask him or someone else to come visit/join us\!  
+    * Jonathan Hunt (who works at GitLab) has formally joined the OpenSSF governing board (GB) & was at the GB meeting earlier today. (GitLab is a general member of OpenSSF, and he’s one of the general member reps)  
+    * We should ask him to try to get GitLab to help us expand Scorecard so it works on GitLab-hosted projects at least; Scorecards shouldn’t be tied to GitHub alone.  
+    * Ideally they’d be code contributions, but at least guidance on how to find information & also potential added Scorecards measures based on GitLab experiences (what can THEY report/enforce, e.g., [https://docs.gitlab.com/ee/user/application\_security/](https://docs.gitlab.com/ee/user/application_security/) ?).  
+    * Sensible, want people to provide code, ideally we’ll have more generic interfaces, we’re just not focusing on them due to limited resources. That’d be great.  
+    * Long-term create a scorecards mailing list for maintainers.  
+    * David W. will contact Jonathan Hunt.  
+  * Alan Gonzalez: is there a thought about to store proof attestations of certain checks being run out of band without needing manual overrides to bring the score up? That way the results can be reviewed more easily, so that they can be fixed more easily. There’s a lot of noise in the raw score.  
+    * Need to determine what the remediation step is.  
+    * Need to expose more information so that it’s easier to determine what should be fixed.  
+    * Tell us where it was hard to figure out \- we want to modify scorecards so it’s easy to determine what you need to know so you can fix it (or at least know why you can’t easily do it)  
+  * Quick plug: Need to formalize mission/vision. If you want to help, see issues for each project, see below.  
+  * David W: We need to revisit pinned dependencies. (pick up later)  
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting: Brian (Google)
+
+Updates:
+
+* David A. Wheeler   
+  *   
+* Azeem  
+  *   
+* Naveen  
+  *   
+* Jeff  
+  * Allstar feature proposal issues open:  
+    * Smart Code Review feature [https://github.com/ossf/allstar/issues/161](https://github.com/ossf/allstar/issues/161)   
+* Laurent  
+* Chris  
+  *   
+* Stephen  
+  *   
+* Rohan  
+  * 
+
+Open Issues & One-off Discussion Topics:
+
+* \[Brian Russell\] Mission and vision update  
+  * [Allstar GH Tracking Issue](https://github.com/ossf/allstar/issues/164)  
+  * [Scorecards GH Tracking Issue](https://github.com/ossf/scorecard/issues/1824)  
+  * Volunteers for writing in a working group meeting?  
+* 
+
+## Mar 24, 2022
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Azeem Shaikh (Google)  
+* VM Brasseur (Wipro)  
+* Brian Russell (Google)  
+* Georg Kunz (Ericsson)  
+* Rich Heironimus (IBM)
+
+Updates:
+
+* David A. Wheeler   
+  *   
+* Azeem  
+  *   
+* Naveen  
+  *   
+* Jeff  
+  * Allstar has a few process proposal issues open:  
+    * [Process to roll out functionality changes \#144](https://github.com/ossf/allstar/issues/144)  
+    * [Releases (and versioning) \#145](https://github.com/ossf/allstar/issues/145)  
+    * Input/comments appreciated  
+* Laurent  
+* Chris  
+  *   
+* Stephen  
+  *   
+* Rohan  
+  * 
+
+Open Issues:
+
+* \[Brian\] Mission and vision for Scorecards  
+  * Motivation for creating a mission and vision  
+  * Google Open Source Security Team Example  
+    * Mision  
+      * Making Google’s OSS more secure by creating tools that help manage repository policies at scale and allow projects’ security state to be evaluated.  
+    * Vision  
+      * Google can manage OSS at the scale it develops it (Allstar) and can help developers quickly evaluate a project’s security (Scorecards).  
+  * Project Example  
+    * Mission \- make OSS more secure by creating tools that help assess and manage the security of individual OSS projects  
+    * Vision \- transparent OSS development processes that individual organizations can enforce by policy  
+* \[Azeem\]: MalOSS talk/intro  
+* \[laurent\]Scorecard action release [https://github.com/ossf/scorecard-action/issues/97](https://github.com/ossf/scorecard-action/issues/97) ?  
+  * GITHUB\_TOKEN support [https://github.com/ossf/scorecard-action/issues/78\#issuecomment-1073317664](https://github.com/ossf/scorecard-action/issues/78#issuecomment-1073317664)   
+  * Config to disable checks [https://github.com/ossf/scorecard-action/issues/143](https://github.com/ossf/scorecard-action/issues/143)   
+* \[laurent\] dep vuln alert check [https://github.com/ossf/scorecard/issues/1371](https://github.com/ossf/scorecard/issues/1371). Inside Dependency-Update-Tool and rename to Dependency-Management-Tool?  
+* \[laurent\]: remove low-risk token permission [https://github.com/ossf/scorecard/issues/1667](https://github.com/ossf/scorecard/issues/1667) [https://github.com/ossf/scorecard/blob/main/checks/permissions.go\#L311-L336](https://github.com/ossf/scorecard/blob/main/checks/permissions.go#L311-L336) ?  
+* \[Azeem\] Design discussions for large changes  
+* Dependency tree vulnerability \- should scorecard include “no known vulnerabilities in dependencies” or similar \- [https://github.com/ossf/scorecard/issues/1508](https://github.com/ossf/scorecard/issues/1508)  
+* \[Vicky\]: Is there a key leader for this group?  
+  * ?: I don’t think we need a leader, but perhaps we could use a rotating facilitator for meetings
+
+## March 10, 2022
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Azeem Shaikh (Google)  
+* Jonathan Leitschuh (Dan Kaminsky Fellowship \- Human Security)  
+* Stephen Augustus (Cisco)  
+* Laurent Simon (Google)  
+* Godofredo Contreras (Google)  
+* Brian Russell (Google)  
+* VM Brasseur (Wipro)  
+* Rich Heironimus (IBM)  
+* Saurabh Singh  
+* David Sastre (Red Hat)  
+* Eric Tice (Wipro)  
+* Rohan Khandelwal (Google)  
+* Yehuda Gelb (Checkmarx)  
+* Alan Gonzalez
+
+Updates:
+
+* David A. Wheeler   
+  *   
+* Azeem  
+  *   
+* Naveen  
+  *   
+* Jeff  
+  *   
+* Laurent  
+* Chris  
+  *   
+* Stephen  
+  * What’s an API?  
+  * scorecard-action  
+  * Repo management  
+  * Proposals  
+* Rohan  
+  * [Crowdsourcing Scorecard Runs Design - PUBLIC](https://docs.google.com/document/d/18KgkR-5GCkPvcT-wxxSsbsEYQYDbReLM5jBOofwT0l4/edit?usp=sharing&resourcekey=0-tKZEPEifHPHL15-zTACn1Q)
+
+Open Issues:
+
+* \[laurent\] web hook check: any additional thoughts [https://github.com/ossf/scorecard/issues/1655](https://github.com/ossf/scorecard/issues/1655) ?  
+* \[laurent\] dep vuln alert check [https://github.com/ossf/scorecard/issues/1371](https://github.com/ossf/scorecard/issues/1371). Inside Dependency-Update-Tool and rename to Dependency-Management-Tool?  
+* \[laurent\]: remove low-risk token permission [https://github.com/ossf/scorecard/issues/1667](https://github.com/ossf/scorecard/issues/1667) [https://github.com/ossf/scorecard/blob/main/checks/permissions.go\#L311-L336](https://github.com/ossf/scorecard/blob/main/checks/permissions.go#L311-L336) ?  
+* \[Azeem\] Design discussions for large changes  
+* \[Azeem\] Make this meet to officially say Scorecard/AllStar bi-weekly.   
+* \[GOSST\] Scorecard badges plan  
+* \[Azeem\] Scorecard REST API  
+* Dependency tree vulnerability \- should scorecard include “no known vulnerabilities in dependencies” or similar \- [https://github.com/ossf/scorecard/issues/1508](https://github.com/ossf/scorecard/issues/1508)
+
+## Feb 24, 2022 ([recording](https://youtu.be/KQv7CBm03QU))
+
+Attendees:
+
+* Azeem Shaikh (Google)  
+* Stephen Augustus (Cisco / Kubernetes / TODO Group / dex)  
+* Varun Sharma (StepSecurity)  
+* Jonathan Leitschuh (Dan Kaminsky Fellowship \- Human Security)  
+* Laurent Simon (Google)  
+* Godofredo Contreras (Google)  
+* VM (Vicky) Brasseur (Wipro)  
+* Abhishek Arya (Google)  
+* Brian Russell (Google)  
+* Sauragh Singh (IBM)
+
+Updates:
+
+* David A. Wheeler (not here today)  
+  * Any update on scorecard.dev website?  
+* Azeem  
+  *   
+* Naveen  
+  * Porting the Scorecards action to go with high tests coverage  
+    * Currently many in shell; porting to golang will allow for test coverage (yay\!)  
+  * Builds are parallel  
+  * Scorecard v4.1.0 released  
+    * SA: Is the release process documented?  
+      * Nope, not yet  
+      * SA will add to the docs punchlist  
+  * Scorecard dependabot Vulnerability issue addressed  
+    * Non-issue, but dealt with so it won’t come up again  
+  * Codecoverage tracking enabled for Scorecards action  
+* Jeff  
+  *   
+* Laurent  
+* Chris  
+  *   
+* Stephen  
+  * Created a [project board](https://github.com/orgs/ossf/projects/5)   
+    * Walkthrough of Github project boards  
+  * Copyright? (issue \#1534)  
+    * Year?  
+      * VMB: Not needed  
+    * “OpenSSF authors” ? “Scorecard authors” ?  
+      * VMB: Ask the LF lawyers which it should be  
+* Rohan  
+  * 
+
+Open Issues:
+
+* Demo of [https://github.com/step-security/harden-runner](https://github.com/step-security/harden-runner). 5 minutes for demo and then a few minutes for feedback.   
+  * Purpose built agent for build servers  
+  * Security monitoring of the build server (runner)  
+  * Currently runs against the runner on Github’s CI  
+  * Installs an agent on the runner VM then monitors all outbound calls  
+  * Can set policy to restrict outbound endpoints  
+  * Discuss request to donate project to Open SSF  
+    * Where should this go within OpenSSF?  
+      * Tooling? Best Practices?  
+      * Part of automatic remediation  
+* V5 milestone discussion \- [https://github.com/ossf/scorecard/issues/1490](https://github.com/ossf/scorecard/issues/1490)  
+* Stephen’s walk through about project planning/tracking.  
+  * Azeem: should we lay out a standard about how Scorecard does project planning/tracking so that new users know where to look?  
+* Dependency tree vulnerability \- should scorecard include “no known vulnerabilities in dependencies” or similar \- [https://github.com/ossf/scorecard/issues/1508](https://github.com/ossf/scorecard/issues/1508)  
+* \[laurent\] dep vuln alert check [https://github.com/ossf/scorecard/issues/1371](https://github.com/ossf/scorecard/issues/1371). Inside Dependency-Update-Tool and rename to Dependency-Management-Tool?  
+* \[laurent\]: remove low-risk token permission [https://github.com/ossf/scorecard/issues/1667](https://github.com/ossf/scorecard/issues/1667) [https://github.com/ossf/scorecard/blob/main/checks/permissions.go\#L311-L336](https://github.com/ossf/scorecard/blob/main/checks/permissions.go#L311-L336) ?  
+* Copyright header handling \- [https://github.com/ossf/scorecard/issues/1534](https://github.com/ossf/scorecard/issues/1534)
+
+* ~~\[laurent\] Move to v5 after [https://github.com/ossf/scorecard/pull/1516](https://github.com/ossf/scorecard/pull/1516)?~~  
+* ~~\[laurent\] codecov low coverage? Remove cron/ files?~~
+
+## Feb 10, 2022
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Azeem Shaikh (Google)  
+* Stephen Augustus (Cisco / Kubernetes / TODO Group / dex)  
+* Jonathan Leitschuh (Dan Kaminsky Fellowship \- Human Security)  
+* VM Brasseur (Wipro)  
+* David Deal (LFX)  
+* Brian Behlendorf (OpenSSF / LF)  
+* Godofredo Contreras(Google)  
+* Laurent  
+* Rohan Khandelwal  
+* Shubhra Kar (CTO Linux Foundation)  
+* Yotam Perkal (Rezilion)
+
+Updates:
+
+*  David A. Wheeler   
+* Azeem  
+* Naveen  
+  *   
+* Jeff  
+  *   
+* Laurent  
+  * Code-review check split (raw/score policy)  
+  * SAST check rehaul WIP [https://github.com/ossf/scorecard/pull/1487\#issuecomment-1028556509](https://github.com/ossf/scorecard/pull/1487#issuecomment-1028556509)   
+* Chris  
+* Stephen  
+* Rohan
+
+Open Issues:
+
+* [https://github.com/ossf/scorecard/issues/1597](https://github.com/ossf/scorecard/issues/1597)  
+  * Running a Python script in Go might be complex and also pose a security risk.  
+  * [gclient](https://www.chromium.org/developers/how-tos/depottools/#gclient) is used by Chromium and also by Flutter \+ Dart.  
+  * 3 options:  
+    * Pre-flatten the DEPS file  
+    * Python as subprocess in Golang  
+    * Use a Golang parser of Python   
+* \[laurent\] dep vuln alert check [https://github.com/ossf/scorecard/issues/1371](https://github.com/ossf/scorecard/issues/1371). Inside Dependency-Update-Tool and rename to Dependency-Management-Tool?  
+* \[laurent\] Move to v5 after [https://github.com/ossf/scorecard/pull/1516](https://github.com/ossf/scorecard/pull/1516)?  
+  *   
+* \[laurent\] codecov low coverage? Remove cron/ files?  
+* Dependency tree vulnerability \- should scorecard include “no known vulnerabilities in dependencies” or similar \- [https://github.com/ossf/scorecard/issues/1508](https://github.com/ossf/scorecard/issues/1508)
+
+## Jan 27, 2022
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Naveen Srinivasan  
+* Jeff Mendoza (Google)  
+* Azeem Shaikh (Google)  
+* Stephen Augustus (Cisco / Kubernetes / TODO Group / dex)  
+* Aditya Sirish (NYU, in-toto)  
+* Jonathan Metzman (Google)  
+* Varun Sharma (StepSecurity)  
+* Jonathan Leitschuh (Dan Kaminsky Fellowship \- Human Security)
+
+Updates:
+
+*  David A. Wheeler   
+* Azeem  
+* Naveen  
+  * Continue to work on tests for scorecard  
+  *   
+* Jeff  
+  * Allstar staging env deployed, working on CONTRIBUTOR.md to help folks test contributions  
+* Laurent  
+  * Scorecard v4 is launched [https://openssf.org/blog/2022/01/19/reducing-security-risks-in-open-source-software-at-scale-scorecards-launches-v4/](https://openssf.org/blog/2022/01/19/reducing-security-risks-in-open-source-software-at-scale-scorecards-launches-v4/)   
+  * Continuing splitting check and scoring  
+* Chris  
+* Stephen  
+  * Scorecard logging  
+  * allstar scorecard updates  
+  * contribution guidelines  
+  * planning
+
+Open Issues:
+
+* renamed to Dependency-Management-Tool?  
+* Move to v5 after [https://github.com/ossf/scorecard/pull/1516](https://github.com/ossf/scorecard/pull/1516)?  
+* OSS-fuzz wants an exception for GitHub Action pinning.  
+  * OSS-fuzz adds build file & Docker script to add a new project  
+  * So to build the actual project, need up-to-date version of source repo  
+  * Wheeler: better to refine the criteria than make some specific exception  
+  * Jonathan L: It’s okay if it can’t affect production (other than providing an accept/reject)  
+  * Rationale for pinning: Prevent a malicious later version that wasn’t necessarily reviewed ending up in a production version, and makes it easier to determine exactly what was changed.  
+  * SHA-1 having collisions is a bigger problem.  
+  * What is the harm of a rogue GitHub action? Can we lock it down so we can limit damage? Don’t think so, e.g., a GitHub action has access to secrets unless there’s specific limits on the access token.  
+  * Wheeler: We need a rationale for every criterion, e.g., why pin?  
+  * Proposal: Don’t need to pin something if an unpinned version cannot reveal secrets AND it cannot change a generated artifact that could be used in production.  
+  * Proposal: Per-repo “This is okay”. Security-insights.yml has discussed this. Issue, it’s an open door for people to lie about that \- how can we vet it?  
+  * Jonathan L: Gradle users don’t lock dependencies, and there are good reasons for it.  
+  * Currently only npm & pip are checked  
+  * Wheeler: If pinning only applies to some ecosystems, it needs to be explained why. Just “we don’t implement that” is understable, but any written criterion should apply whether or not it’s implemented today.  
+* Wheeler: I’ve created “every criteria needs a rationale” as an issue: [https://github.com/ossf/scorecard/issues/1550](https://github.com/ossf/scorecard/issues/1550)  
+* \[laurent\] [https://github.com/ossf/scorecard/issues/1371](https://github.com/ossf/scorecard/issues/1371) within Update-Management-Tool  
+* Dependency tree vulnerability \- should scorecard include “no known vulnerabilities in dependencies” or similar \- [https://github.com/ossf/scorecard/issues/1508](https://github.com/ossf/scorecard/issues/1508)  
+* Unit tests for SecurityPolicy [https://github.com/ossf/scorecard/issues/1491](https://github.com/ossf/scorecard/issues/1491)  
+* V5 milestone \- [https://github.com/ossf/scorecard/issues/1490](https://github.com/ossf/scorecard/issues/1490) please chime in  
+* Policy enforcement [https://github.com/ossf/scorecard/pull/1505](https://github.com/ossf/scorecard/pull/1505) 	  
+  * Context: we want to allow users to write policies on top of scorecard results (allstar, slsa, binary authorization). This requires more structure output than the ones we use today (which are aimed for human consumption). The current score we currently provide can be seen as a policy  
+  * See my rambling in [https://github.com/ossf/scorecard/pull/1505\#discussion\_r792265997](https://github.com/ossf/scorecard/pull/1505#discussion_r792265997)   
+* [https://github.com/ossf/scorecard/issues/1529](https://github.com/ossf/scorecard/issues/1529)  
+* In some cases we should add gradations, not just 0 or 10\.  
+* scorecard.dev \- (Wheeler) \- the transfer Google-\>LF was incomplete, it had started but Kim L. left Google before everything had completed. I think we’ve worked out what happened & how to fix it, & I expect the LF will set its “A” record soon so the domain is under the scorecard project’s control.
+
+## Jan 13, 2022
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)
+* Naveen Srinivasan
+* Jeff Mendoza (Google)
+* Azeem Shaikh (Google)
+
+Updates:
+
+* David A. Wheeler  
+  * White House meeting. Scorecards mentioned many times, some to be done:  
+    * Need to support \> GitHub \- many projects aren’t on GitHub (GitLab, etc.)  
+    * Auto-id many more tools [https://github.com/ossf/scorecard/issues/1420](https://github.com/ossf/scorecard/issues/1420)  
+    * US has Executive Order on Cybersecurity \- it’s high level, but see if there are criteria Scorecards can support  
+* Azeem  
+  * Trying to solve scorecard(s).dev site issues  
+  * V4 blog  
+  * Working on automating metric.openssf.org  
+* Jeff  
+  * Planning on Allstar policy to ensure Scorecard action is installed and then verify results. Goal is Q1. Design is just starting, will share.  
+    * Probably most interesting design is format of policy config  
+    * Will deprecate existing Binary Artifacts policy  
+    * Need to update some issues  
+* Laurent   
+  * Action release:  
+    * Blog post w/ OSSF/Google/GitHub  
+    * Disabled Signed-Release and Contributors for GH action (not actionable)  
+* Naveen
+
+  1\. Refactored the Vulnerabilities codebase to be testable. [https://github.com/ossf/scorecard/pull/1432](https://github.com/ossf/scorecard/pull/1432)
+
+
+  2\. Created Codeql Analysis for scorecard-webapp [https://github.com/ossf/scorecard-webapp/pull/5](https://github.com/ossf/scorecard-webapp/pull/5)
+
+
+  3\. Create codeql badge for scorecard-action [https://github.com/ossf/scorecard-action/pull/43](https://github.com/ossf/scorecard-action/pull/43)
+
+
+  4\. Unit tests for signed releases [https://github.com/ossf/scorecard/pull/1446](https://github.com/ossf/scorecard/pull/1446)
+
+
+  5\. Migrate to v4 of scorecard [https://github.com/ossf/scorecard/pull/1441](https://github.com/ossf/scorecard/pull/1441)
+
+
+  6\. Unit test for Maintained check [https://github.com/ossf/scorecard/pull/1449](https://github.com/ossf/scorecard/pull/1449)
+
+
+  7\. Unit tests for CheckFileContainsCommands [https://github.com/ossf/scorecard/pull/1450](https://github.com/ossf/scorecard/pull/1450)
+
+
+  8\. Unit tests for github workflow [https://github.com/ossf/scorecard/pull/1452](https://github.com/ossf/scorecard/pull/1452)
+
+
+  9\. Unit tests for contributors [https://github.com/ossf/scorecard/pull/1453](https://github.com/ossf/scorecard/pull/1453)
+
+
+  10\. Upgraded the dependency to fix the vulnerability [https://github.com/ossf/scorecard/pull/1454](https://github.com/ossf/scorecard/pull/1454)
+
+  11\. Dependabot config for scorecard-webapp [https://github.com/ossf/scorecard-webapp/pull/7](https://github.com/ossf/scorecard-webapp/pull/7)
+
+
+  12\. Unit test for Security Policy checks [https://github.com/ossf/scorecard/pull/1455](https://github.com/ossf/scorecard/pull/1455)
+
+
+  13\. Unit test for CI Test [https://github.com/ossf/scorecard/pull/1467](https://github.com/ossf/scorecard/pull/1467)
+
+
+  And a few more PR's. Most of my work has been with increasing tests coverage across scorecard. I am primarily focusing on checks as of now.
+
+
+  *   
+* (Chris)  
+  * 
+
+Open issues:
+
+* Suggest using [https://app.stepsecurity.io/](https://app.stepsecurity.io/) (open-source and free) to remediate token permission issues?  
+* Codecov  
+  * David A. Wheeler will grant repo rights to Codecov, see Jan 7 docs  
+* Create tool to drive scorecard action's adoption (PAT creation, secrets definition, PR) for large orgs/multi-repo owners [https://github.com/ossf/scorecard-action/issues/52](https://github.com/ossf/scorecard-action/issues/52)
+
+[image1]: <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABIoAAAGVCAYAAACRqRocAACAAElEQVR4Xuzdd3QVV4Iu+vv+ejNzXwebZJsolANCBAmECCILECBAIgtEECByzjlnTDQ55xxNzjnY2MY4t91td7u7p2fuXe+umVlr3j/fq6/EPi6VBBwdHdAR/v74LZ3atSvuAnQ+9t71PyoHR0CKX1xCQ5u7XERERERERETkdfkf7gIpHgqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4KSgKEAqKRERERERERKS4FVtQFBQahaCwGFQNq2bjZ5a56/1aKCgSERERERERkeL2WoKioNBohEZWR2S1WoiOS0BszbovxDqsy224rXt/byIFRSIiIiIiIiJS3F5ZUBQUEoXQyDhEVY+3w59GLdPQe8gkTF2yCWv2nsP+ix/hzP3vcPXTv+DyR3/CuXt/wJ4LH2Hl3jOYsuQD9B48Bskt29nbch/cF/fpPk6giIqNR616TZDYuBXqN00VEREREREREcmDmQGzA2YI7lwhUPg9KOLwsfCYmnbAk9yyPcbMWIbdpx/gwpN/WP4VF5/8DZee/BWXLVef/IzLj3/C7S/+Fdc++QtufPV3a91POPvoG1z++Bvc/PwP2HfqCsZMX+AJjbjvQBqiFhoZi4SkZqiV2BgR1Wr9anpAiYiIiIiIiMjLVQmJtPEzMwNmB8wQmCUwU3DXL25+DYrComrYYU6bTplYvPEgrn72d49Ln//tmdyQ6PKTn+2g6OYXf8e5+9/j6id/xqWP/4DLj7/FlY++wN0v/oCbn3yFW599g1tPv8eNp3/Eog27rX33tI/BY7mP/7qxQZkGRlVPQJDV6FXDq1nnFYeImFp2w4uIiIiIiIiIhEfXsvOC4PBqntCIWQIzhUALi/wSFHEyag4Pq9+kNeav3oXrn/8d15/8LY+rX/6MKxb+vPrF33Dt6b/i5lf/C9ee/B03vvhXnHv0R5y7+xQfffNnfP7DX/HJN3/E0XOXcf/zb3D7s2+tff4B1z7/I2598RMWrdluHYsBTbx9bPf5vC5M/+yQKDTGHhrnfhBERERERERERJyYH1QNjbFzBWYKzBbceUNxKnJQxAmn2cOn37AJuPDxD7jxxd9wk778ex7XvvwJ176yfPkzrj/9V1z97B+4/fV/YPmOi5i3/hg2H7+L09ef4MLtz3Dx1mP88Nf/jR/+8m/46k9/x6ff/oTbT7/Hzac/4PYXP+L25z/iysdfo//wcfaxeQ7u83rV7DmJEhvbIVFYdM18DS8iIiIiIiIiUpCwKE6rkzt1DbOFQJqzqEhBUXh07lCzWcs34OYXHEaW69aXf83n7nd/we1vf8b1z3/G/e/+E7e++i/0HrkcI2Ztx4pd17D24G1sPHgd2w9fx/HzD/Hkm7/j0ad/wOMvfsCDz77DrU++xUff/hX3vvgRdy33vvwJ97/6M+YuX587d1H06x2Kxsmn2LjqSSQiIiIiIiIihcU8oUpIlP2ZGYM7dyguPgdFnFS6Zp0GWLfnOG5/+Zc87n5FP+f1zY8Wa/1X/8CDb/8bY+fuRXr/hRg+Yw96jngfQ2ZsxeSlRzBj+RHsPv4IB07ex6GTt/DhpQc4feEuLt/6FA8+/wH3v/gT7n5h/fzyT3jw1Y+2DbuP2ufCc3Kf56vCcYQhkbH5GlpERERERERExBucs4g9i5gxuHOH4uJTUMTeOwxmNh8+g9vf/PlZMOT0M+59ndetL77Hg2//hkff/Sc+2HcPEQldMWD8TvQYug7pA5ajVeZ0dMhejj5jtmLR+muYMn8vVq0/hU3bz2D9lmPYd/gSjn94C4++/ClfUPTwq5+wwzoXOyx6TT2L+Fo7e+LqAhpaRERERERERORl2KvIZAzu3KG4FDooMnMSrdtzLDck+uYvuPv1n/O4R1a508Pv/4Izd55iw8EbiG/cB806Tsa4eWcw/f3rGDHrGIbM2If0wRuROWYPxi06i6zhqzF8whqsXHsU6zYcxsatR7Hv4AU8+Ox7PHj6PR5+8QMeffkn28df/4SPv/kJm/cee21zFrER9XYzEREREREREfEV34ZmMgZ37lBcChUU8Q1j9pxES9fhwdd/xd0v/oz71s8HX/+M+1/9hHtfsdfQD3j47Y94/Md/x8ff/gcOffgV5q34EG0yp6Nms/6IScrEv5SLR4/BKzF+/klMe/8qpq66gUkrr2PamusYv/QCZq25jTmWyfNPYfaSYxg2Yg42b9qFG1cv4/LVS3j85Vd48NTyxXf47I9/x0ff/RmPvvkJj7/7EYtWfmCf46t+G5odFBXQyCIiIiIiIiIi3jIZgzt3KC6FCor4Ovr+wyfg6qd/xL2v/4YH3/0DD//wD9xlWPTdX/Hwh5/x4Psfcfvr763lv+H2l/9A8w7DUDG8BarGpeK9iGS8F9YA5YPr4bdlohES3QwDhi/Dio2XMGv5SSzbdBVjZu3D4g03MX/NdcxYfAYL3j+F63f/gAePnmDMmFFo0rwlrt3/FE9++Ds+/v4f1jF+to73V9z8/M+49flPuPnp9+g3fJx9ru7z9ycFRSIiIiIiIiJSVCZjcOcOxcXroCgsqgbqN2mNC5/+Cde/+Tuuff1X3P7h33DvT/+OR3/+D9y1Pt/49ifLn3Dzux9x+/uf8cnf/guLtpxCZGIH1GjUAWE1k/GbMlVQrkIYgkNiERFeE1WrxCA0pAY6pmVh3sItmLVgO6bN24k5S44ireskpPecgNmLtyLcunnx9epZy32xYM0unLv/LU7f+wM+/PgnHLvzBxy+9TWO3/kaJ25/iV1XHqNucop9zu7r8BcFRSIiIiIiIiJSVCZjcOcOxcWroCgoNMoezjVmwTqsPXUbq05cw7ozN7H18n2sPnUF09cfwLgVWzBk/grkzF2MQXMWYMCseeg7dR4GzliOMUu3YNzidRg+YyHqN09FtRq1EV8rHnHRMahYrhyCy1dEywbJyOzcC8kNWqF9+94YPXYxps7ehHHT1iBzwHiUrhCMCiFhCK9VD2sPnMWpB99h3/WnOHjnDzhw53vsufEl9lx7il2XHmP9+UcYPGe1fc48d/f1+IOCIhEREREREREpKpMxuHOH4uJVUMTXzienZmD+/suYvuMUxn6wB71nLkHG+BloO2wc2udMRLtB4yyj0XbQCLQbPAKtsgchpd8gNOs9EG2yRyAtZxQ6DhyOlhndkJySgk6dOqJx/boIq1gescFBaN0wCdlduyIqKBRVKwYjqHIUqlVvgI5dBiKublP8rmwFlK5QBQnNWmPams0Yu/wDjFu1FVM27Me8vWcwe9cJzLfM23kM07YcwOQth9CodQf73N3X4w8KikRERERERESkqEzG4M4distLg6KgkNzeRJ0GT0LHMXPRevBEtB0+CZ3GTUeLgcPRqE82UgeNRav+I9A6ezha9MtBSnYOGvXobf0chMaZfayygWjaJwfJPfqieTervFNn9OjdGxmdOiA2PAxNE+uiTaNG6J3WHjFVghBSvhJCg8IRFlYdMbGJqFUnGbXqNkSd+k2QOWwY+kycgB5jxiJ79nz0mjoL3SZNR9fxU9Bz0jT0mjIVWZNnIGviDLTNys7tVRTi/15FCopEREREREREpKhMxuDOHYrLS4Oi0Mg41ExqgrQRU5A2fBJSh4xF68Gj0JS9hbJzkDp0JFplD0fLvoPResAwtM4eavcoatl/EFoNyEGzPv3RJKsv6nfrhxZ9hqBdvyFo36MPho4cg7R2aQitGIRGCYnI7pqJtCbNEP0sKAqyyiNCo1EtuiairHNIrFMfDeo3wuDxYzBx+SKMXDQfo5cvw7AlS9F/9lzkLFiIsStWYMra1Zi/ZSuW79iD1fsOWje7lX0N7usqqqQmuUER505yN7KIiIiIiIiIP9Rv2gYpaT3Qtf8IDBw9w8bPLFMHhjcDM4YSFRTx7WH123awQ5/UQUPs4Kdl/4FIGTAILbMH2sttrHUt+2YjheFQf6vewGFonjUAyd2zkNLPWh4wFC2zctC27xBkDh2NHn0HItuqm5nRHe2btkR681T0TO2EpLh4hFWsiqD3KqPKe1UQHhyJiJAIRFQNQ4P4BKS3aoUJUydjw8ED2HLyFLZ+eB57rt7B3mt37Z/7r97CnotXcPj6HZy88xAnbj/E0InT/P4GtGo1E+1GDI+phbDomvkaWURERERERKQoatdrgsxBYzFkwtwXYh3WdW9fVE1ap9vc5eJ/zBlKTFAUFBptD91K6dULrbP7IXVgNlIHZKPr6DFonzMEbbI5/5BlwAC07NfXWp+D9oNHImPkBGv9KLTsm4POoyZZJqDzoBEYPHEGho2fhMzMLPTv2QtZHTOQ0TwFmSntMbBTN6S3TEN8bB1UrRiCiu9WRmjlUMSGRyMuPBJJsdWRUqcO1q5eh1NXbuPwpdvYf/EO9l16gMPXP8Hhm5/g5O1PcPz6Qxy5+RCH6NYjrN138tmk1tH5rs8XJiRKqN8MYTFvXkhUp0EzNGzeDvFJ/v+Lxt8aNG1jn2v12vXyrRMpqui4OoitZT1bsbXzrfMHz/4LWCciIiIiv24pad09QVC37BF2ryJnGMTPLOM6U489jNz78VVCUlP0HjzRxs/u9eJfzBpKTFAUGlkd8Q2aouOIMWiXMwJpQ8cic9Js9J+5BONXb8eENbsx+YN9mLPlMJbuOY11x69h89k72HbuPrZfeIidFx/Zn3dYn/df+Binbz3F1EWr0ahVKtK7dUObVm3QpnFLdG3ZAQM79UWv9J5omNgAkVXDkFQz3lrujDE5gy0DMbR/b/TpkYE9B/bgzLXrOP+A4dBHOHT7cxy7/xVO3P0cp24+xNmb93HKWnfk489x5P6nOHD9IRo2S7WvxX19heUJiZKa2ZNkuxv3TbByywHsPnEVc5ZvzLcu0PA8qeeAEfnWiRRV56zB9j+4Nesm51vnFBUbj9YdeqLnwDHIHjkNXfoM9aoLcPcBI+39x9RIzLdORERERH69TEjEIWbN2mbkW+/GOqzLbbyp7430XkM8QVF678H51ot/MW8oMUFRpHXCHfsMwtrTV7Hj2iNsu/IIWy49xPpz97Ht8ieWT7H7xpfYdelT7Dj/CNvPPcKuix9j75XPsO/q59hzObecZcduPcWBSw9w4vZj6+d1zFy2Ck1S2qFB/aZo3iAFmR16o1vHLsjM6IpBmVmYOHQEFk6ZhrULF2PzihXYunY1dm3ZgL2HjuD4lTs4dvNjHLj5Ofbe+Aq7rz3FQevzqduf4sx16xg3H+D4nU9w6s6n+PD2E/TJGW1fi/v6CsPZkygiJn/DljRrdhzF5kNn0du6N85yBUVS0jRO6YDsUdPQsEW7fOuKonPvIS8NitgrqM+QiXa9wePneP6BphbtuuSr76SgSERERETc2FPIhESFGU7GuuZ30cJsV5BGLdPsgIj/EUr8zDJ3PbeEBi3QfcjkF2rUqhOatOtmf26fqQDKYOZQYoKi6LgEjJizHJsvPsCmC/ex9dIjbL382Pr5CbZcfIxN5x9j/YcfYefFj7Hr0sfYba3bY9l75VPbbquMYdH+a09w4OYj7L/5EHuuPMDBm59h9/kHaN6pH2LimyIhKQUNklPRuVM3DMoagEkjx2Pe5JlYOmM+Ni5dg62rN+DDw6dw48I1nLn8EVbvuYTUrImYv/MKVp20jnX3z9h363scvfMtTt39AmdvP8HFm09w/tqnOHvlY0ybs8K+Fvf1eStPT6I3ZE6iHccu2yHL0PEz85QrKJKSpmVaN/sfxOZtO+dbVxTeBEWtOmbaddiLyAxRq9uopR0a0YuGrSkoEhERERE3MyeRLz2DuA235T7c67zF/wjtMXAsWnfshQ49Btj4mWVc567v5H1Q1F1BkQtzhxITFHFun2lrdmPLxY+x9dJjuxfRhrMfYfMF/vwY2y9/gW2XnmLjqdvYfv4Bdl9mb6LH2Hf1U7u3z/7rT2x2+a2PsPvWY+y/9z123/wJ41efQ0Ryb0QkdUF0g3RE1ktFk5QMtG7dBZ06ZKFfr+EYPXQapoxbhEVzN+D0iXu4cOFTTFtyCOlDVmLGptuYvuU+5u1/gvkHP8OmSz9gz80fceD2Dzhy9XOcsY557upntjWbD9jX4r4+bzh7Er3q4Wb8gzdxzjIb599hALJg9TbMe38L2nfOsutwGN20hauxbP1ejJm+CHUbtsi3n659BmPKgtVYsWkfpi1ag0zrC2nksy+sTVp1sPdvQpZ1O47Zyyntu9rrnUFR09YdMWHWMixdvxsjJ88t8FicIyhnzDQsWbfb2s8KdOzeD1HVc/8C4TG5PffP45pt2mX0ssuGT5yTZ1/jZiyxy5u16ZTvOAVxBkXpPbMxa+kHWGjdrwEjJxf45bt1hx4YOWUelm3cg/GzlqJDt76ecyXn/ed97jN4LBas2oYhY6bb6weNmmKv69C1D1LSumHK/JV2O4yftQS1CggTXnRvzHpzPM4JxdBu0bpd9v7d+3KKS2ho91bJ6DUILa12q1GnYb46UbEJ9nOb1r0/2lrPDsML8wwY/F8BdmvldTdLzbD3x3HN3Jbrk5q2tv5hyEb7bv3sz/7a1uCfqdSMLLTv2heJya3ynR/3z+PE1k6yrzO9V44dzFRzzOvT1Dp2z4Gj7X8QGbxwvft/UF52HIqOq2v3TEq3rqN1p172MbwJinrnjC8w7DHnVNCfGcMERZyniNfZKXMA2qT3zu21WED9uDq57d4pcyCaWn9G3HNz8Tmwr981v1hcfAO73OyX95PLdaxz4/nxvvD+mPrxSU3RxroHvN9sU27vPpeC1Gvcyt4PnwWeZ0HbRcbGI6lJm9xnwzoun3ve3wLP+yXXKyIiIvKm4ZxD/P2Q8w6513nLzFnEfbnXeYOhEHsR8fd8ExTxM8u4zl3fib9nR8Ul2Pg7pwmH6li/g5ty1om2fneOS2hk/c6dlG8fufL/vv6mY/ZQIoKioNAoO1xZuue83Wto7akHdji0+sRdrDp+F8sOXMOm859g942vcfz+tzh0+yn2X/8M+699hgPXn9hh0aFbT3HCWsdhYcc++RFrzn6KDZd/Qs6SK2gzdA8yJpxE9oLLGLDwNEau/BDT1pzEnFXHMW3xQYydth2jJ27B+Km7MHX+Ucx9/wJGz9iH4fPPYsiia+g1/RRylt7A8DX3MGbjA0zZ/gjTtt3DytNfY8/1r3Hk1hOcefANTt/7ArtOXX02oXVUvut8kdfdk4hfhEz4sWrrQc9nY8jYGfnKth25iFr1Gtvb8w8dwyF3HWLYw/U9+g/Pt44YgnAfJij6YNcJ7Dqe2+vI2Hr4XJ5Jrjt265tvP7R47U7Pl3EOb2MZQyCzHcMVU9cELImNWnrKGFC5701BTH1zzk48hjMQ4PHddYjBjKnnvP/rdh7Psy+u37D3lL3MYXvu/bAdnBMTe3NvMnpm/3K8Hcc8nxkuua/VML1nnNhzpXGrX+4ZQ46BY2bmq5c1bKL9Rd3U4zLLTdhh9BsxBR2698+3PYMbf2xLJiRxyj2/X9qMZRxS5r4WXq8JIdzryDnky5vjcF8542fnO0bvwbnX9qKgiOtqJeb++XPqOWjMS7c158Z/dN3n6O7a65zM0KlBs7aeOgy6WOa+16zDcoY/XGZYxuU+wyd59jNgVG4YyrmWTBnvgfn5sjmXuvYblu/cuB0DSlOHIWJ/6/lw1zP3oWX7bp663lyviIiIyJvG/A7kDHn4n6D8z9HoGnXz1WcZf290/uckl7kP9++E3jATWJvfRTlPkZmfyAxH83Zi62jru7QJitjTyLmuYcuOyMgehZT03vZycpvO9nLj1C5o1aUfug+ehK4DJ9g9j3wJjcx9edHvsLzHrFPQffVmvb8xfygZQVFYjB2ubLv0xO41tPn8p1h/5iM7NNpy8ROsO30Pq0/cweYLH9sB0b6rHHr2EJvP3LJ/cpLpI7fZq+hTHLz1BFM3XcLI1VcxdNV99FnwED3mPEaHSXcs15A+9QK6zTqP/vPPYsTyKxix5CoGzT6LnFnn0GfiCWRNOoU+U8+i5+TT6DzBMuksMiyZc29YrqLX/Mvou/gqBiy9gmFrbmD56cfYev0j7L3/FNuvPcSOq/dygyLrmtzX+TzFMSeRM6ggBkMDRkzKE9gwwGEPoZlLPvCUcZnbsyeKKWPvFPbcmbF4raesWeuO9h9sBhRmn/NWbrGX6yWn2Ptwhi4MSHrnjLFDJlPG3jqsxx5Ppozreax+w8Z7ythzh/Wmzl9lL6/edshe5hd05/Ww9xPLu/Ubai9zSFxBPT4KYvZBk+a+j+zhEz1hDiW3bG/X4/0xZewhxOudNGe5p4y9i1jPff95/exN1Dkrx17v3Dd7erHHkTPQ6zt0XKHujTMoIrbpoFFT0eI53UwbNEu1/9IfNH6W3UuHf2kxIDLDnMxfYn2fBQDstRFXu74dVpgv4136DvXsz4Q9/UdOsXtvMPV3hgfsxRFVPcGe+4fLDGX8sW3bzn3sMnaJ5bkxqOnab7hdxt4opp7ZF8+ddRhSmq64ph6fFfZ6YRkDIjsIe/b8eHscTkDNMt6v6tb9Ys8WZwD2orCnIDxPbmeHLy94lk2bDBo7E3WsfzwZNLI3k/t+maCH9dhrh72fGrVo72l3E1QVNiiijtY1c3sem+1lz7NkHdsO4qxzZ6831mPA4z5/I7Fx7v5Yh/eKf3eaIXm9cnL/TBCH59ntYf2dYh/TembYq8iciwmKvL1eERERkTeN6Q3k7CFv5h1y/0cimaFm/P3flJk5jnzplWQHQxZ+NsHQ84Kjl3lRUOQeetaiY6+8Q9QGT/J85nxG7n2/TEbvHM/vmAUN4XP+x3ZbR896w9xX4r7c618FZhAlIiiqGlbNDle2X36KLReeWD7B5gucl4hBET3C1ksfYfvVx9h67jZ2Xb6P7edv4+AtDjv7BHuv8o1nt2wsH7zoLDJnXkTW/AfInP8JOs98jHaT7iJ1wi20nXAN7cZfQsbMq+g27ya6zbqOzlMuodvUK8iYdBkdx59H2sTzVt3zaD7sKNqOPYN0rp99A52mnkfXOVeRueA6ei+6gazF1zFp02Xsuf4Zdl17jAN3P8e+O5/a18Jrcl9nQV53TyLDGVRwqJcp59AmU256D9H2oxftMg5d4jKHnjSyvpjXs74Imjoc6mSCmezhEzzlL5ujiL2H+DYnlvHLuKlv5i5iYGTqOceqDh8/yy5fv/ukvWx61vAcuJ/mqRn2sjn3GUvW2fU4VI7LDGC4zKE89Zu2zqd24i9/aZp7MtcxnxLDIVNuAjQTdLGXkDOE4nYsZ68nLjvvv3OfhgmKzLVRrPWsmG04vIxl3t4bZ1DUa2Duub6I6bXBL8/OcoZFXfuPQEL95nbQwTpZQ39pa2JbMgCw5815VmbCHmcvMRMM9BgwKs/27CnEctMjqSjb8jzYg4fBhKnDdmE5QzBTxm14vs42Y3DLck4gbcqeN0eRN8fhMD73/oihm+lRU5igiM+Q6eWU1KTgIXeGCYoYgjjLzfbm2THt7uydQy3adbXLTQBU2KCIPaac9fj3B8vZXs57zh5qLxr2xfvLYMk5rJIY9PD+m2V+5n131zPD9ExQ5O31ioiIiLxpTCjkLGOo8byJrdmTiCER6zjLuQ9u467/Is4eQ2aeIv7HK5n5idw9jl7E16CohvV9j98bWmX08ZR525HAcL5gpqCgx/znMxUUqDmDpsLeR18xhyhRQRF7DxEnsN50/hHWnb5tuYlNF+5g6+UH2HLpDnZeuod91z/Cbmt5//WPsYPrzt7E2qMX7JCIodGgBQx9LiB9ykV0m3sb7adeRurES2g19jzajL2IViPPW8uX0XbyFbSdcAntxl1A+3HnrfKTaD7sCJoOP4LkoYfQYNBepIw+bjlmbXcCGTMuocPks7aMmZfsoGnc3BM4sucGzpx6hDOXP8P+c7k9irwNijh3Bxsppmb+eW5eJWdQwYDFlLNXEcsY1jjrs3cRyyfPe99Txi/uDIQY6HAuHucwKfZWMfVeFhSZwMbgvljOoVpc5rxJZr8MYAxTRvzLxBmkNLb+QjHD5/oOHmf/3HLwnL2/DXtyQxjzFrbU9F559mVwDiJzTqbM9OQxTDDG+8ZlE0qNnjo/T73ufXN7MRHvvfP+d+41ME9d+xyfBUWcm8hZbtqBvbe47O29cQZFBc0z5MaeL3bQ84K/KE1X04KScYZJXGeCDxP2OOvwHxuWuf+xMUOpTOji67bsHWL+0u3SZ0geptwM4ePngnqy8B6wJ5NZLigo8vY4yc/ClYLuF3vDcJ23QRHbtP/IqfY2PCf3ejcTFLHXl7O827N2MsPrPO3u2t6EXNwPlwsbFKV165dvn6Z3FQMd3iuGkGbeqRfhtTds1s7uIdQ5a4h1TqM895nreS38zGfBvW2LZ+1ngiJvr1dERETkTVNQUOQL7qMwAYcJhswcRAyHzDxFsdbvqvzctnPu91NvJ7b2JShK7//LfzjXrt/csz3/M9y9/xfh7/bmd9GC5mpy9hgqqMeRmSuKCvqe8CowhygRQZEZerbhwwdYd5rzEt3AyuPXsPrkdaz78AY2XLiFbVfvYcvl29hx8Q42nrpmh0MbTl7F6sPnMGfzfqw8+CE2nb6OJbuOI77jfKSOPIa2444jdcIRtJ54CE1H7kLDQTvQbPAhNM85iiaDLUOOobmlxeAjaD7wAJpm70XywB1oNGgnkrK3ILH/FjTM2YXkwXvQavQRtBhxAM2HH0TKyCNoO+Es2k46j6GDt2JZ9jLsnn8QR7aex8lThRt6FhxezRMWefMlyV+cQUVa118eSG+DopbtungCIGJgwrlzzHJhgiL3W88Wrtlhl5ugyDnkij1nDGeZmX9o9bbDdhnDoZWbc/fPnkFmXh72gDLb1WmQO+Fum449PGVOzgDLlLnfemaujfeN6bOp57x+4gThZh3P4Xn33zBBkRmqZpjrM0GRt/fGGRS97C9aMj0y3OVOZlwze1+413XqOdBeV69xbk+XwoQ9HC7Ecl+CIue27BFn/tLlP15OdtmYmZ6hRVzmcDbnvsiboMjb4/wybC3//TLD1LwJithji72SWL+gAKYgz3vrmTmuCYrsdh+b988p8X4671FhgyKGOu59sjclJ0B3zv3E++3u9eRkv4rVUZ+fTeBErGOCIj4L7u0ZEHGdCYq8vV4RERGRN01BQ8+Mgl4UUlCZL0PPnBNYs1e3u9eQu7eRNxNb+xIUcZ4iU6eWdR2eoKiA63wZ3psXzS/EdQXdP2/X+xtziJIRFD2bzHr53g+x4vAlrDt1E1svPsT7Ry5htfXFdvXxK1hz8iq2X3mEHRduYu2F69j84Ak2XH+IA5fv4/bVT3FhzyVkdRiMerXaI6zhOKQMP45mQ44ieeABJOccRIsRR1G312Y0zN6OhJ7rUL/vTiRmbkejfntRv9cO1Ou+BXU6r0edLhss1s+u61Gr8yokW/Xr9vwAKcMOoH7WZiT23oj6/bYjedBeyz70ydqEhRlLsLPXCuztswCH5m0t9GTWecIi11CJV+V5QYW3QRHn3+Eyh1I1at7OLnPOCeTPoIhvM+MyQxJnvYLw7Wasy/PjuWzcd8Yu51w9LOfwM3Pe7m1fxNyrFwVFXDb3iXMAOevxfrCc58Tl591/w9ugyNt7U9igiEOF+Jc+e8u41xn8i511+AYt9zrTQ8b8helr2FOkba3nkcGDcxz18zwvFPAmKPL2OGZ+nYLul5l4+aVBkXUsMyE1w7h865/D26CIwwhz71/eZ8QMw+Pbybhseke5AyDOF8Vyb4IiJ/Z0atcld56nF/VkM7202ln7cz6bDOWcPYMYAJH7WTfPhwmKvL1eERERkTdNQZNZkxl+5py0mp9Z5v7d24wwcP/n4fM4h5Px97SufYfb+CZcJ1POOs7gyL0/w5egyBkKcW4iU1bYoWclETOIEhEUEcOVqau3Yeulh1h76jqWHz6PxdaX/LWnbmDntY+x/+5TOyjaevoy1l28jmUXbmLd+ds4ffYeDi/dhcGNrMZN6IzEkBSENRiH5AEHUK/3biT22oP6WQcQ33UL6vbaithOS1Gj8zLEd1uDhK7rUDN9FepYP2t0XG5Zgbj21npLfMeVqNt1DWpnrECT7G2ITp1n1V2BWp1XI6HHBiT23op6WdvQLnMdxvdYgSFxmVjXaiSW9BpnX4v7+l7mdfcsel5Q4W1QZIY3sdeOqcOhXGafzqDI9HDhkDIzFxF5GxRxaJbZLydrNvU4aTN7CnFeIFNm5iUyOPE0y9kDylnOeYqcx3wZs93LgiIz/xGZN6olJDXxDEljDyCWPe/+G94GRd7em8IGRezpwb/0O/bMG2p4XsXeqKX9nPIzv5BzsmBTx3zJLmhCaue+vAp7iritCWDcr45v362fPeGxCSRYx5ugqLn1HLGuO/jw5ji87wXdL04WznJ6WVBkJmnunOXdxH6Gt0ERJ5zmMkObgrbnWzC4bCbRdt8z83y8LCji88Px2Jxrylluegc97xk1Pamc//OV0KC5XeYMijgkjWUMPDl5N3t0mV5uZIIib69XRERE5E1jhjxxyghnuQl/CuKeL8j0SnKHTc9jJrCu37StPaTMTGD9PAyLGBC9bGJrX4Mi4hA085nr3Pt+EzF/KDFBUXRcAvqNm4ENF27bcxJtu/IQmy/dw+aLd7D+3C3rZ+7nHeeuYseVe9h24QFOXHiMjXO3YOOgeViQOgxDG/VF5Fu1EJo4Cg2ydiKp107U770HdbvvQJ1uW1AjfQ1iOy61LEJU6mzU6rwMMe3moHqHBQhuOhHRrWchrNlkRLaYhuqpc+3Pdbq9b5fXzliG2p1XWXWXo2bGOiR024SE7luQaO0jZ9A6TGk3Gb0qN8KAZp3ta3FfnzdeZ8+i5wUV3gZFY6Yv8mzPuX/Yc8cskzMo4sTLppw9anoPyu3m521QxHDJzFtEPNbmA78cb8TEX74gOifDpg7P5l/iPpxvQOvY3bshO4bZ7mVBEb9Au4d+mc88PudOYr3n3X/D26DI23tT2KCIw4LM0CnO9dK2S5bn7VycG8fUM684ZyjEL+LsgWFe/+4MAYoS9hRlWxNUMERgeNC2c5bnTW3O+We47A49yB0UmWFNLE/vNcj+H4/CHIc9Ycz9YgjHHjLchlj+oqDI+dYuBjyciNnpRa9z9zYo4lxKZmgXQx+er+l1w+vxBL3PelGxnO2Tmp7l6UVGLwuKzH0k3gf20DLnwnDHff4Gn0PWyR41zR7D3SlzoOc8nEERz9PcfydzDBMUeX29IiIiIm8gM9Gye+4c/q7N/9Qz3wf42f0fombuHe7Dvd+CmJ5BRoceA+w5idz1jJp1ku2AiHUZErmHqDlF13hRUJTbW8gdFHXqOyJPSNSmWzai4l59h41AwOyhxARFkdYJd84eii2X7+ODczex6uQVLNx3CksOnbF/zt9zAgssG89exgfHL2LboWu4ePgBZnQei+29Z2Jmwyx0DGmB2NJ1EJ44GnW6bkRCZw4j24QaHdeidvo6RLdZjJjUhaiethghzScjut1sRLWZaZXPRFjzSbaqDUYjrMkERKdMR1y7OajcYDhiU2chvPlUq948RKbMt/axDNU7rEFcx3VI7LYK6V0XYnnv5RgU3ALNqte3r8V9fd56XT2L2KPBBAecP8eUZ78kKDI9dBg28HX3zhBk0KgpnnmKzKvtiXPy8JX1pq4JVcwcQrOWrc9zLHdQRPyCO3vZBk/PHHOOOWOm5dnWuT1xgmtTbt5IZpc/m8TYW2a7Hv2H5yk3QRHvmymrl5yC9zfvzxNMMeBJaf/L3DTPu//GL0HRkjzlJiiavjA3KCJv7k26IyjyNoSskdDQ/tJuvoibfwgYIjnrtUnv7flHxP4SP3KaPQTJWcf0BHGWsacHy9jrxlnumZD62fNflG2Jc94w7DHnZ/6xc9ZhGQMP577IDopck1wzEDP3pKWjTb05jtnehGnEYMn0gHlRUGQCs+dhOOXexjBBkXvsdJe+uT2UnGOieQ7OdudPhijubdmTxz1fEJ8Ffm7tCorcPXaIf8e55yfiebqP48TgxoQ9BsMdtpEzKLLF1rafEwZKDK54XWZonAmKyNvrFREREXnTmDmG+Lt8QXMVPY89b+Sz3/+92c5MYG1CorTuA6zfyzK84tzOm4mtX8YERW26ZtvL1WrXQ1QR91nSMHcoMUFRaGR11G1sfcE+eQmrTl/B2nPXsfnKPWy+fAeLD5/BsmPnsPDgKaw8cw77bnyEoycf4tCKE+gY3Bhr08ZgVK1OSCxdE9XfrY+QBIY7SxHbdimSemxGYreNCG8+B9GtF6FKg8mISplnB0ZRreYirPkMVG4wHqGNpyEkeSqCksYjvPF0RDefjYoJQxDebAKqNhyFaq1nIaTxZES3nIdqqctQI20NanRYh9rtFqNdmxmYaNVbnNgP8dXr2tfivr7CeJ09i4qKf1DrNGzu6cHxIuzt448vXzzei8aoBgpeL0Oyov5lVhiv4t7wOuL4prSXjNdl+ObusRJIOKcNw6+XXYc3+BpN+1kuYF/eHof3NJD/fLPd7esoYJ0T270ok+/Zk/d58Xw5MTBiwOMO4QwOEWQvJvbcc5abXnEc+ubextvrFREREXmTmLmKGPx4M+yePYlMSOTuifQ87B3kHlbmK+7Lvf/CcAdFv0bMHEpMUBQUGm3P7TNj0x4sOfKh5QyWWj/n7D5if1556jJWn76CGQcPYurGXZi/cBuGdxqNtlUbYknaCHQMbYSI30ciokISKtUYgKgWcxHVcg6iU+YiPn0FwpvPRHDyNIQ3nY2wJrMQ03qZVbbI+jzfKluAsOS5qJo0E1UTpyOkvvWz3nRreRxCG45FeOOJCGs8GdUYLCVPt/cR1Xyhte+lFr6lZzJi/rk2ZrfIeTaRdXS+6yus19WzSETkTZOakduzacCo6fbnlA49wF5DLLPfclaIUEpERETkTWfCIuKcRRzi5ewpxM8s4zpTz9uQKNA0T+tpB0WtOr/4ZStvMuYNJSYooqjq8eg6ZBRm7TmEmbsPYvbeo89+HrbLZuw6gJlHjmDNsfOYNf0DtK2VhqR3aiA7KR3x71RDlbcjUOXdBFSo3h+hyVMR3nQawptNRWSL6dbyZFSqMxZV609FWOO5CG4wxypbgOCG8xGUNBtV681GlTozULH2FFSqNRVB8dNRufZYBCeOQaXawxCcNA7lawyxtp+IIEvVBpOt/cxApVYzENxiDN57Ox4JYQn2Nbivy1fOsCgsqka+BhYRkfzY46jDs4mqnTjvEN+w5q4vIiIi8mvHMMjMWfQirOPNcDMJXMwaSlRQFBoZh/iGzdB/wXIMXPw+hq5YizHrNmPOvqNYceo8Nly5hU2XrmHTwbPomjoAiRUTkfhODbQIq4fosuGoXDoCQe/WwXtRvVExfiSCksYgtOF4VKo7DBXih6Jc9Ry8GzcSletMwXu1xuGdmqOtdZMQVG8qytcai3erj8J7lvJxo1G59kQE1R6PCtVHWJ9Ho3z1oQiuNxGV4kdZ+xpuq1x3FN5pNBaVG45A1YpNEBNT274G93UVBcOiBlYjskG5b3cji4hIwThEsHZSE3uuokAe5iciIiISKPgGM/Yw4hvNOMSM+Jll3r7dTAIbc4YSFRQFhUTZQ7f6TZmFaTv2Yer2vZh/8ATWXbyO1eeu5IZFxz7E0eM3kVa/KxpWqo+ab0ci/r0YhJYOQZXSUQh5pw7ei8xEmej+eDduACrXGYqy1bJQvlYOKsWPRNmYIXin2ki8V2sk3qkxBO/WGoZ3aw5FmWoDUDqqP8pVG2htm413YgbinajBKBM2EOUiBuPdmMEoHzcMpSP7WOv7oGxsP7wT1x/v1R6KYOtY6WbYmXUN7usqKjaiu3FFRERERERERArDZAzu3KG4vDQoovCYmmjctiOWHj2NxYdPYNmx01hy9BQWHjqORUdPYtPBc1i5ag/iIxsg7r1YxJWJQNhvqyC8VChCysTg3d+E452QTigT0RPlojMRVGcgKsVno2xUJspGZ6F0ZF+UiuiHMpEDrPUDUS5mIMrG9LfW9bPKs6zyvta21vqw/igdkevtsD7Wzz54K7Sn9TnT0uOZ7ng7tAcqhXZHrdqN7XN3X48/KCgSERERERERkaIyGYM7dyguXgVFQaG5vYp6j52MsWs2YPzajZi4fhumb9+DefsP4/0NB9G6VQ9EVo5F9DsRiC4VgpDfVEL422Go8lY4yv8+DO+GtEe5iK4oF9kZFeN6oWKNLLwdlm7pjFIRmSgV3gtlIvqibGQ/lIuyRPdD2SiGQb2t8ixLH5QJ74NSYb3xVlgvS6YdEr0V2gNvhzIc6porpCt+H5SOqjGpzyax9n9vIlJQJCIiIiIiIiJFZTIGd+5QXLwKiogTN8fXb4KpW3diwb7DWLjvKObvPYSZ2/di2vSVqBaSgMjyMahWLgJRb1VFyL9URPDvglDlrWCU/30w3qnaCmXDOqFseCdUqN4d5S2lrc9vh6ZbulkyUTqyB8pEUW8LexJl2QFS6UjqiVIR3exeQ7khUW5A9FZIN7wV3AVvB2c8k47SIRmIql7PPmf3dfiLgiIRERERERERKSqTMbhzh+LidVBEfHtY+979MWnTNgxeuBxDFizHiMUrkZ7aG4kRSYh9NxrVSoUi5vdVEfJPFVD5n8qjyltVUfZ/VkCZyk1QNqwd3olIQ6XqXVDR8l5MZ5QJS0fp0K4oxV5BkekoFZWRGxZFsidRbg+i0uGZKBXZ1Vrf0e6BlBsssffQs4Coaie8HdTxmQ6oGtPEr286K4iCIhEREREREREpKpMxuHOH4lKooKhqWDV7OFeH7MEYt/IDTFm9CcPnLkPNoFqILReFam+HokapMNSwfkb8piJCflcRlX9XAWX/77IoH9wE70Wk4r3IVFSs1gEVotPwblQHlAlNQ5mwDJTj3EIRnVAqMgNlInuibHgflA3pjzIhfa31vVCavYkic3sglQ7tglIhGSgVbNW3Q6L2tlKWiuHN7XPkubrP358UFImIiIiIiIhIUZmMwZ07FJdCBUUUGlndDmL6jpuGOet3oEV6L8QH1ULtd6uhRpkI1LSDohA7KAr+7Xt4759Ko/zvyuKdynVRIbwlKse0sVg3IKY9yke2R9mqqSgdlIaywRkoFdoFb1lKh/bAO2F98G5IP5Sr2htlQnrZZW+HcV2GtZxu6YTSVdOsbdujdJW2tvJhLexz4zm6z9vfFBSJiIiIiIiISFGZjMGdOxSXQgdFFB5dA3HxScgaNh5Vo+OREGQtl41ArbKRiCsVhoj/WRFRv6+Myv9cFhX+pRQq/q40yldOQKXIZgiObYXg6m1QtXo7VAhvjbJVUyxtUS6oI0qHdkOZ0B54N6wHKoR2RfngdFvZKta6qp3t4WmlQ6zl4DRrm/YoE9QOZaqkWlqjfEhzVKuRaJ+b+3xfBQVFIiIiIiIiIlJUJmNw5w7FxaegiPja+bjaSUhs3Aax70WgTqVY1HovGrGlQxHzdjAi36qCqr8phyq/LYUqv38blYJqo1JEMqpENbV+NkbF8KYoH9oc5aq0QLmgNpb2eDesW27voqopqBTeAlUimqBCcENUCGtplbdB6aqdrHUdUNYOiKzlyq1QtnJrVAxtlhsSWefkPs9XRUGRiIiIiIiIiBSVyRjcuUNx8TkoIvbe4VCvds3SUC+4JqJKBSO2XARiSocg4q1KCP5tWVT4p98ioqz1s1IsKobUQ6Ww+igfkoR3g+tbGqNcleZ4J6gN3qnSDr97j72LWqNsUBIqhNRA7aQmqJOcgkoRiShVqSHeDeto9yQqa9UvVTEFpSu1ROWwxvY5vK6eRIaCIhEREREREREpKpMxuHOH4lKkoIjMnEUd26Vj2oARGNahGzrXS0ZiUCgiy5RDaJkyqB8ThYZWWfmK4agcGo8KIQ1QPjgF5auk4p2KrVCmSlOUDUtGqfBmKBuShneqNENSozo4eGQIdu7KRqMGzVGuciv8LqQlSgU3R9kgS9XmCI5u8NrmJHJTUCQiIiIiIiIiRWUyBnfuUFyKHBQR3zDG19HXTUrGxEE52D59EjZOHoup/Xqha8vGSIgKxfSx3ZGeXhcRsRVRJTIU5avEoXLlRqhcqRnKBzVEqaDaKB2aiHeDOqJ8hVaoXb0Kzh9vjavH2yOtYXOUf68dflM1GaWDG6NKeEPreIn2MV/1282eR0GRiIiIiIiIiBSVyRjcuUNx8UtQZIRF5Q5Fa9akOcb1643R3dNQO7QSqpT5Hbq0qYT3l6dg8aoUzF7eCj37VkfbVlFIjAtBTHgoQkPCERoWhJjIWqgdXQtN65TD8W2NcPNQKnLa10O14BoICo9CVGy8fQwey33810lBkYiIiIiIiIgUlckY3LlDcfFrUERBoVH2pNIMc5LqJ6NnRif0bJ+C8v/8f2F8Tn3s3NkV6zY1wq799bF3ZzxO7WmE0/ta4/ju9jixtzVO7e+A05Yj2+rg9qlaOL6pFkYOqIuGyfVy5yKy9s1juI/7uikoEhEREREREZGiMhmDO3coLn4PioygkCiERsbZw8MY8MTGJiI2ogHiq9dHi6Z1kdU9BounxeLYhpo4u7MWTu+og6MbErBleT3MmJiIvlmJaNQ4wd6W++C+uE/3cYoLG1FEREREREREpChMxuDOHYrLKwuKnIJCo+0JpyOr1UJ0XG748yKsw7rchtu69xcIAqkRRURERERERKTkCqSM4bUERQXh8LGgsBh7Mmri50AYUuatQGpEERERERERESm5AiljKLagqKQLpEYUERERERERkZIrkDIGBUU+CqRGFBEREREREZGSK5AyBgVFPgqkRhQRERERERGRkiuQMgYFRT4KpEYUERERERERkZIrkDIGBUU+CqRGFBEREREREZGSK5AyBgVFPgqkRhQRERERERGRkiuQMgYFRT4KpEYUERERERERkZIrkDIGBUU+CqRGFBEREREREZGSK5AyBgVFPgqkRhQRERERERGRkiuQMgYFRT4KpEYUERERERERkZIrkDIGBUU+CqRGFBEREREREZGSK5AyBgVFPgqkRhQRERERERGRkiuQMgYFRT4KpEYUERERERERkZIrkDIGBUU+CqRGFBEREREREZGSK5AyBgVFPgqkRhQRERERERGRkiuQMgYFRT4KpEYUERERERERkZIrkDIGBUU+CqRGFBEREREREZGSK5AyBgVFPgqkRhQRERERERGRkiuQMgYFRT4KpEYUERERERERkZIrkDIGBUU+CqRGFBEREREREZGSK5AyBgVFPvJXI4aFVkWTmLfQLu6fRQICn0c+l+5nVURERERERF4Nf2UM/qCgyEf+akSFRBKI+Fy6n1URERERERF5NfyVMfiDgiIf+asR3V/QRQKF+1kVERERERGRV8NfGYM/KCjykb8a0f3lXF6vbvXexo1dvXD8/fb51r1MUbYtCdzPqoiIiIiIiLwa/soY/EFBkY/81YjuL+duOW0qYt34+ri8rQfu7MvCiVVpmNYrKl898Q1Dnv/vu8W2id3D8q1/kaJsWxK4n1URERERERF5NfyVMfiDgiIf+asR3V/OjYGtKuCnOxM8QYTb/3kyByPTgvJtJ4UzPSsK//3tQvznV/PRPalUvvUvUpRtSwL3syoiIiIiIiKvhr8yBn9QUOQjfzWi+8s5LR0WbwcQDIQ+PZmDednV0TXxLWQll8WacUm4f7Cfve6/v1mIqZnqXVRUneu8hbSa/0++cm8UZdtA535WRURERERE5NXwV8bgDwqKfOSvRnR/Oe9RvxT+6+v5dlC0dGjtfOuNVaMTc8Miq97YjGC7LCPh93h4NNs2Oj0Yu+a0wDcXR+LHG+NxdkNndKr92zz7YPh0Zl0nfHVhOP58dxIeHumP5SPqeNZzG+7r0NLUPNsNbVfZc5wRaVU8+9o4JRmfnR5sH4/7HdWxar7zpsVDauPu/j746c5EXN+VaQdhzvXju4R59p/ZoDTOfJCOn26Nx3eXR2HL9Mb59je5RwRu7c2ye2CxzrlNXdCrURnP+vUTG9r7Or2mIyZ3j8CDw/3tukPaVsIY6z6ZY3Wq/Tu7Po/HZYZyi3Jq4pMTg+z7c/9QP/Rp+o5nv+5t10/KPQ6vzXl+7Wv+ix3ucR3bzZRvn9kUn53KwV/uTcaT00Owf1Fru65zW7bZ0eVt8cW5YbltZO3D2UYG7yHPj9fFNmfbOe9BYZ8Ncj+rIiIiIiIi8mr4K2PwBwVFPvJXI7q/nH9yfJAdAH24Lt1enj8gzg4IOLyJYcGlLd3w94+mYVj7ynZowrpPrXLW7Vm/tGdo2l8fTMk3XO3H2xM8x+HQtv/4cl6+OnRxS1e7DkMM03PJ2WuG601dDrliCPGPj6bn2w+5QyDTG8qNwZKps2FKI0/5X+/nvw5zb2jnrGb51hPDNgZaznvKe8hrMXU4dIxhkFlmSMf6/++T2fbyv32c/5q4XzPMzL2taQ9iIGXOcWafGE/58hEJdhjEcMi9b2LQY+41w7d//2RGvjp0c09vz/4vb+2ebz39x5dz7XZmncI8G4b7WRUREREREZFXw18Zgz8oKPKRvxrR/eWc4Q0DDYYFDDrMEDR3qMNeNAwS+JnhhTsMIPZs+XBDhh0YmDL2JmFd9h7iMoOTPfNb4oOJDewAyi77NjcYmtO/umc7Z+BjQqHvr421l788P9yz3eFlbfH+qLqegIf7z2pc1q63d36KZ3/3Dva1e0w9Pj7QU8Yhd6znDIq4PUOkuwf7eO7Ff329wHMunKuJZQxY2LuJQQzXs4zXyDomKDL7Yzl7HfVr/m6+sIf1TVBEvMZjK9rhb4+mesrMW87c2zIwM+d4ZXsPzzky1DHnzfvq3I6TlL8/si6efjjUUzYjK8bezhk8sX3Yds5r4X3t06ScZ5m9qbgv9ogyZbzOwj4bhvtZFRERERERkVfDXxmDPygo8pG/GtH5xdwEPz88C2D4RZ7LJpCZ0DXM86WeQRHL/u1xbo8TBhDOMMCEJMTwwJRzGBbLBrepaPd6yW7xnqfe7L6xnnoc/sUyE1Ax2OEyhzO592XCEQYqZl98dbwpXzsuyS5jrxX7eq6O8dQj08PFnLMzKDLbEsMiU85ePeyZY5Y55M0Mn+rT5B172Ju5Nme4YobKGe6wh2UmKPrfn83Kcz2m3kfHBj53Ww7j4zJ7Apltzf7Mdgx4eO+dk5Fz6Jq5X6dWd7TLTE8h5/BCXjOvjbgNwynui5y9vn6+n9tj6Y/Xx9nLhXk2DPezKiIiIiIiIq+GvzIGf1BQ5CN/NaLzizlfe88v7GZYEeeQ4TJ7/Jg6/+dpbg8aExRxnh8GCe4wgPMFmW0YJphyDtUy5QwXru7oaQc3HApleuKQmSSbc/9wmT13uGyGerFnDoMZhh1mG5YxIDFMubke5/4LqseeSqznDIo4R5E531Vj6nnK+zbLnSuIQYjn+NZ94HUwYHMGYCYoMtfgVFDYY4Idzk3krPu/Pplpl7P3z/O2Za8oU8bePjwPs8yhbmZfLGcgxDZmGzqHufH8WYdtYMrM+XMuI4Y7zlCIE2rvtp4RruNcTqZnGLGnFesU9tkg97MqIiIiIiIir4a/MgZ/UFDkI381ovOL+YCU8vYXdg4h4rKZz4eTDXO5Q63feHqdmKCIPX4YYLjDgDXj6uXZtzsMOLEqLU8IYfZrmKCIw5FMGXshfXdltP3ZhCULBtbIsw8OmzNYxmFx7Ank7P1D7nrE4V3cpzMoYpBhroFD1Uy5CYq61H3LnpzaGUIZDHJYxwRF5j45FRT2mKCI+3XWNUPuXhQU8TrNuexb2MqeCJyfOcTL7IfD+JxzJfG+8T6ZZRMU2dc8LL7AOYU4tI/3hr2nzPA7w3kvCgqKXvZsGO5nVURERERERF4Nf2UM/qCgyEf+akTnF3NigMDwhJ85FMgOEqwyBg4ckma+1J/b0MUzNO3Grl6FDgNMmMBhbQyoWGZ6NJEJisgEJ3xrmAk4FufUstc5h2TxbWbu63HiUC7Wu7k793yfpzBBkRNDLYZq5hzN8K/XGRQR3yzGMvZ2MsPt+HY3s549uFjG8Ghi99whfgyYTFjnDIoMDrXjG9MY/JhjcpnD/cwy34bGMJH12UuJZQqKREREREREAp+/MgZ/UFDkI381ojsQMJMmm/lr2LvIfJGnazt75llmGGLm5vE2DGAvHLPMeXC4nkOZzFA3cgZFJpAy4RJ7vzhf426Gw/HczbkwyOEwMM6hxOCHZZxHyOwnp01Fu4zz7LCc9UyA5G1QNLx9FbtnDZngisx1MPDh8usOisyQMQY/Jvxxzo1khtvxvE2Z6XlEJihiuMQ6HFJmhpqxV5epxyDR9DrjcTjHFetM6RnpOa6CIhERERERkcDnr4zBHxQU+chfjej8Yk7mTWMcUsZQgGUMHvYtaoUxz95KxbmFTq5Kw/wBcXkCm8KEAWYSbGIw4hz6RM6gyDnPDt0/1C/PvpcM/iXAMfMUmaCCoVCfprm9f7gf51Az9jByDpNiEMR63gZFvHbnW7s4gbNzfp6LW7ra273uoIhMeFbQcfnGMbOO7eweOmaCol1zWjjqzbV7KJn7xfvLuYnYi8jU4b03vbYMBUUiIiIiIiKBz18Zgz8oKPKRvxrR+cXcePRs6BJDlUU5Ne1eN+46BWFYYb70c+Jn5zpTvn1mU3uZIZSZnJkYFDl7tZg5kAznPDkMqtzH5tvJnBNTE7cxb+sy2LOGgY5zTiSGKmY+IVo/KXfIHTmvnUPbTLkJnwa2qmD3XHIel4EJXxFvtnt8fKBd7g5siKGJ2Y7Du1hmgiJ3IGaCIvbwed62xpXtPTzrzqzrlGcdwy8z15N9vt/mnq8J6z5c98u5s03c8y8xDHP2UOIwROf9ZI8qDinkZw59Y53CPBuG+1kVERERERGRV8NfGYM/KCjykb8a0fnF3OAwI/YqcX75Zw8gvnqdvUoYFLi38RXfKsY5ipw9k4qCcxax5xOHt7nXOXEuHc4plJVcNt86X3B/DE8KmrsoUDEwGtK2kme43otkNS5r36/n1WX7Mfzj/Xev85X7WRUREREREZFXw18Zgz8oKPKRvxrR/eXcifP4cJ4aTmLNXjfsWcIhSF9fHJGvroi/uZ9VEREREREReTX8lTH4g4IiH/mrEZvEvLjnjUhx4HPpflZFRERERETk1fBXxuAPCop85K9GDAutqrBIAgqfRz6X7mdVREREREREXg1/ZQz+oKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHgdSIIiIiIiIiIlJyBVLGoKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHgdSIIiIiIiIiIlJyBVLGoKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHgdSIIiIiIiIiIlJyBVLGoKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHgdSIIiIiIiIiIlJyBVLGoKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHgdSIIiIiIiIiIlJyBVLGoKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHgdSIIiIiIiIiIlJyBVLGoKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHgdSIIiIiIiIiIlJyBVLGoKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHgdSIIiIiIiIiIlJyBVLGoKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHgdSIIiIiIiIiIlJyBVLGoKDIR4HUiCIiIiIiIiJScgVSxqCgyEeB1IgiIiIiIiIiUnIFUsagoMhHxd2IVUIiERVbGyGRsfnWucXVTrLqxucrL6y6DZqhani1fOUiIiIiIiIi4rvizhicFBT56FU0YpuOPTBm2qKXioythZp1GmH3iauYMHtZvv04xdZMtOvtOHYZQSFR+dZ7q2O3vvZ+FqzekW+diC96ZA/DuBmLERWXkG+diIiIiIjIr8mryBh8paDIR6+iEcfPXGqHMS9TOzHZ66AoLCoOWw6fw+pth/KtK4zklu2w6/hljJw8N986eb1ia9XDhj0nMXjM9HzrSpKVm/fbz3BC/Wb51omIiIiIiPyavIqMwVcKinz0KhqRw7rCouM8Zixea3+RbtS8XZ5y1vU2KJI3j2l7Ph/udSXJso17c4PPeo3zrRMREREREfk1eRUZg68UFPnodTTi5Hnv21+kOTeQe50zKKpZpyF654y2h6V16NYHoZHV89Tt3m8o0rpk5Smr27A5+g0dh3Ezl6DngOF2LxX3MZw4H1LW4DFo2CzvdRd2P8QhcDyf4RNn2T2U3Ofca+BItE3vlWebZm062ccPj6nlKeMQPJaxt5MpY5DWvnOWfS86Zw4ocFhTSHg1eyjd6KnzMWTsDLRK65avDnFup659Btv76tS9X755nuo3aWUfPzquDlLad7H3N3DkZMTUqGuvZxvljJrqaZeChv55c75OzVp3xIiJs+22X7fzmH38FqnpnvWcuyqxUUv0Gzbevrc8L/fz8DzetGVQaIzdFiMmzrGPnZBUcMjjTb2l63bb11EjoUG+dSIiIiIiIr8mryNj8JaCIh+9jkb0Jih6f/M+e0iYc2jaqq2H7DDE1OX6tduPepYZKpm6Zlv+5Bd793GMeskt7Xr84l+U/TDo+WDXiTznS+t3n/QEMZv2ncH2oxfzbGe2Se+Z7Snr1KOfXdatz2B7OalxSr57QS3aZni2YYjDYVvOcyb33EuZ2SPy7YdatuvsqcMQyGzrrMP5oLpk5eTbds7yjXmO4c35uk1dsCpf/VlLPrDXMSSau2JTvvXbDp8vMPRx8qYtw6Nr2m3j3j/DNue+vK1n7lv12i8+NxERERERkTfd68gYvKWgyEevoxG9CYqIPUzYu4ZD1NbsOGaXsQeMqesMioIjqtnLWw6etcMDhgvsdcJtnGGSmzso8nU/nFeHdSbOXWEHQ9VrJ2Hmkg/sMvaCYR1OcMxlzsXEZfZmMtc6e9kGz76mzFtpl1WrWdfeF8MlLrfL6GXPzcTAhedIJowYMnaaXWfAyEn2ckS1Wli0dqddZkIg/uQy53Zq3LK93SOHE42bfZnzMkERgyHee9ZjryJzrvzM0IS9abgvlrH3Ue41eXe+bkHWfU5IamJvx/sWFBptl3Ede2ixnD11WIf3rf/wCXYZg5uCejSRt225YtM+u4xtyH1zbiET4KV2yix0vfmrtua5JyIiIiIiIr9WryNj8JaCIh+9jkb0JihiTxxneUZmtl3OoUymzBkUxcXXt9dzcmtncMCgyT20yskdFPm6HwYnDHYYRpgyhkXc19z3N9vLJqjp3m+YvcxeRFzmnDYMZcx2DD827Dttf2Ywxjoc5uQ8Xpfeg+xyDiHjMnvfcJlBiKnDYVI8J9MLa+rC3F477mF2ppcQh2dx2QRF7I1j6nAfLHP3iDLDxUwY5e35FuR5cxRtPvihfX8YOjnLTRDHIWnufZE3bcmfrOPueWXazvRq8rYesYcVyxgmuc9JRERERETk1+R1ZAzeUlDko9fRiN4ERdMWrM5Tbr6QT1+0xlPmDIrI9O7gkKTJc1fY8wVxIm33MZzcQZGv+yEO/+rce5Dd44a9gkzPkkVrcsMF7oPLc5bn9h5iuMAQhL1RWM5zMYGECcT4k8srtx60z8UwEybzM+uZfRB7vgwYMTHfZMoM33jP3OfNXj7O8zJBUZNWaXnqcVsO/3OW9R40yq7bOq17oc63IAUFRQyHWLZ0/Z589U34xLmq3OuMl7Vl6w7dPffNeb7EMvaYKkw9MqGdmaBdRERERETk1+p1ZAzeUlDko9fRiN4ERe63njGEYfmLgiLOEzRs/Cw7fDFf6lmHw6vcxzEKCop82Q8nqWYdU5fbmpDCBEXEwIOhBT+zdw4nWObQLtYbOGqyHWTws5nImb2RuMy67GlkmHMbP3OpZ9/s1cPhZuY87GNbyyGRsZ7jOQMNg0O0WJevdeeyCYo4PM1Zr8Cg6NkcQCYoKsz5uhUUFHE4HMvYe8hdn5N1cx2HgrnXGS9rS05ubcqd52vmIjLPl7f1iEMM2QPKOZ+WiIiIiIjIr9HryBi8paDIR6+jEV9VUOSu75xrxzkkzKmgoMiX/ZjAgGGNGeZkegc5g6I+OWPsMs7fw59mgmdO3s0QhnMc8bo4bIzlDI9Yj28Fcx/zeXh87tfM69Tn2TAw06vHHWCYe8DQistFCYp8OV+joKCI8xTxuHwTmrs+535ifef8QC9SUFtyDiYuM0xy13fytp6IiIiIiIj84nVkDN5SUOSj19GIryIo4rw7E2YtzfdKeNOr53mvUncHRb7sh4ED17EXjZmAmUyQ4QyKOByMZQyWnIEQ5wdiOSde5qTNpr6Z14jD2JwhVYMmre05h9p07Gkvs1cNh7w5QyAzXIrlXOY1cplhifP8OeSM5ebNa0UJirw934KY4YWmZ5PBOYZY3rRVB08Z28H0EuKz4d4XedOWpjcV7zvnLjJ12BOJw8o4aTaXva1HnDOJ99Kb4YoiIiIiIiJvsteRMXhLQZGPXkcjvoqgKLZmor2eRk2Zh869Bth1uVzQ/DaGOyjydT/mjVhL1++ye/CYiZbJGRSReVMYh4WZMhMgkXMSaYYt5nXrnPeHIQ7nATLDy8w9NG9KY5CTmT3C3oc5jpm8mpMrM+hgGYeIMVwyvYy4bxNaFSUo8vZ8n8eEP+xVxKCLZQ2bt7XLuA+GMpxAm5N9s+x5PcHI27Zke7GMx2Y9vkHO3KfufYcUqh7voblWtoP7nERERERERH5NXkfG4C0FRT56HY1oJgDm68Xd62rWaWivY08QZ3lUXIJd7pzkml/I2dvELDdr0ynfXDTsLfOiSYXZ+8MdOPiyH75dzPR8IfYuMsPL3G/KMqGOO0gwoQPDMmc5e7MwODGvnacNe07m62HD/ZqQgrg/E7YYNRIa2CGJqcchWHNXbMpzbWb4GIdbObflNgx/nGW9Bo606zp77Xhzvs+T3qO/PYcTt5m9LHdybUpJ6+oZSmeu7UUhkeFtWw4YOSlPPZ475yVy78+bemYYovvei4iIiIiI/Nq8jozBWwqKfBRIjegrvikrrnbSc+cT8pYv+2EAwSFUziFo/sR9h0fXzFdu8FxfVoc4jxHrucv9zZtzceM18N4HhUbnW8dAjKGhu/xlvG1Lziv1vKFs3tbjvXUOTxMREREREfm1CqSMQUGRjwKpEUVERERERESk5AqkjEFBkY8CqRFFREREREREpOQKpIxBQZGPAqkRRURERERERKTkCqSMQUGRjwKpEUVEREREROT/Z+/Mn+aqzjv/p8SAQGhFO0JCAgmBhNgXC8y+YzBgYcxiDBgM2IAJ3uN43+I4sR07do09yaQ8W01NZiqpJJVKUjUzlZlKVVx2VYpU/oOe/px+v62nT5/bffq+3dJt6fvDp963zz333rPf83zvc841ZnnpksZgoaglXapEY4wxxhhjjDHGLC9d0hgsFLWkS5VojDHGGGOMMcaY5aVLGoOFopZ0qRKNMcYYY4wxxhizvHRJY7BQ1JIuVaIxxhhjjDHGGGOWly5pDBaKWtKlSjTGGGOMMcYYY8zy0iWNwUJRS7pUicYYY4wxxhhjjFleuqQxWChqSZcq0RhjjDHGGGOMMctLlzQGC0Ut6VIlGmOMMcYYY4wxZnnpksZgoaglXapEY4wxxhhjjDHGLC9d0hgsFLWkS5VojDHGGGOMMcaY5aVLGoOFopZ0qRKNMcYYY4wxxhizvHRJY7BQ1JIuVaIxxhhjjDHGGGOWly5pDBaKWtKlSjTGGGOMMcYYY8zy0iWNwUJRS7pUicYYY4wxxhhjjFleuqQxWChqSZcq0RhjjDHGGGOMMctLlzQGC0Ut6VIlGmOMMcYYY4wxZnnpksZgoaglXapEY4wxxhhjjDHGLC9d0hgsFLWkS5VojDHGGGOMMcaY5aVLGoOFopZ0qRKNMcYYY4wxxhizvHRJY7BQ1JIuVaIxxhhjjDHGGGOWly5pDBaKWtKlSjTGGGOMMcYYY8zy0iWNwUJRS7pUicYYY4wxxhhjjFleuqQxWChqSZcq0RhjjDHGGGOMMctLlzQGC0Ut6VIlGmOMMcYYY4wxZnnpksZgoaglXapEY4wxxhhjjDHGLC9d0hgsFLWkS5VojDHGGGOMMcaY5aVLGoOFopZ0qRKNMcYYY4wxxhizvHRJY7BQ1JIuVeLJ5rwNW3prN2wbC69h7cbt6fw8fBlY5rS35axzN/TWb97R/7tx7NhqOWvN+t5F+68YCz9VrFm3OeX1PWvWjR0z3YR2OWifG8aOmcWxyHFhtdB/SRv9OT92urKaZ/LpxJlY9/PA5bYYdu871Dt77aax8HlxKuuty88AY5adLmkMFopasqhKvPuRD/WOP//aWHiX+PL3/13vmz/607HwGjiP8/PwZWCZ096Wa997V+/3fvqferfd/9jYsdXy/OufSde+95Gnxo6dCp79+G+n9Gy78JKxY6Ydix7PaJfUGe00P3Yy2b3/8t5nv/GD3t3vf3LsGOzYc6D35e/9rPc73/lJ76kX30xQLtffck+abOdxOX7o6I1j1+kKixwXVgv9l7TRn/NjpyureSafbPYfurr30Aef6734yc/37nn0qanjLc8H9ZkmHn3qpRT3TKz7eeBymz83vu++VKaf/Py3x47Ni1NZb11+Bhiz7CxKY2iDhaKWLKoSv/Tdn6bBNw/vEjWTUh4iGEZHr79tJHyZxZZlTntbMGQXNRm4t28kfPePf9m76sY7xo6dCp579R0LRRmbt+9J/ViG2KzMazxrSse8haKmcWsaGL2kA0oeaVxPx3PoA5cevnYs7sNPPj92na4wz3Hhg8+9msp8/eadY8facCqNp1NFzTO5CyAcl9r/pP5G28jPyfnWj/8sxT0T634euNzqqR2vGNNp2/N6UfL2736v9+YXvzMSdirrbZ7PgNOJUj2dydT2FzPKojSGNlgoasmiKnFehtUiqZmU3nb/4ykfx+56aCR8mcWWZU57W86kyYCFonE0Ef3YW18cO1bDvMazpnTMWyhqGrcmcc75m5JBIKP18LXHxuJI/Pngcx9PywTgksuv7T398qdSOOefv2n7SNwzRSh69Z2vpGshBubH2nAqjadTRc0z+VSzYcuFqV6+/oN/39u592Baeqx29PUf/clYfHHuugvS0jrxtR/8IvWXGEYc4p6JdT8PXG71zHu8qgUxNO8np7Le5vkMOJ0o1dOZzKnqL8vOojSGNlgoasmiKrHGsMID484HP5gmSBg0PCRY+qDj7Pvy0PGPpLfvGCNMyPJrYJTccs8jyW37kSdfKBo3sGnb7vQgePpjb6V7sS552qT05jse7L32ma+lfLz6zpeTezkTQ45JbOH+XO/DH3szXX/ztotGrjEtj1t27O3deu+jKf033Xb/mFp94PB16b75nkL7L78mha/bPDDKBNfGHf5DL3wilQXrrnn7ecU17x3GqU17DkYs98zXkbN2nfBo5BJ26Kqbeo8/80rv4ePPJzf9WH+UP+nK6wsvBsKvvP59wzDK7+qb7kxlhfs+Qsiatc3r5bnPZVfekN6AfeDDL/Z29eusaTJAuV537J5U/sfufKi3fsuusesB5ce1KNf33vngyP1pp+Q/f4Dw+7b7PjBoc3e/P+WZOuZ/xVH7wEhXOjCsd118aCwNJTAsKHfqEM8m2kOTUDStrQn2COGaxOOa+w4eHTmOK3rMg6CMY/kqb6Tx5tsfSOVwx0NPDPc6UB099szL6f/8ejBtDKgpP5Y+IWxQJiyZoq6uuPrmsXtNojSe0QYoC9rEBz78sZE2W2JSOqJQRN+mrdF38v4BMkyfeO6VVH43vO/eoYEJk8atSdx0+/3pHOpD5+ZxJok/vH1UHqbFFfQ30nfxwSv7z6KjqZ6pbx1n/GIc4W0e8XbtPTB2DWCc5DzaGG0874vpWhXjwl0PH0/jQH4ufSml87LRvgC0A4797u8NPEZoC/yOdcJYqz5FH9hx0aVj18mJxhP9+v7Hnk79nOvEa0em9ZecLTsvXinX0fZB+RGe773G84V0IAySj1I5146pbZ7JQJsgbfQnypExivbRtMSRJZC3P/h4Ss8t/XGL+w6vtfK8oaziOcNnXRjnOY+w+/r5x4jiORDP+fw3f5jqK15/El/9/s973/7JL8fCIdb9tgv3pzSS/ryvi9oyLzGpzSA4c+/8nsy5KIu4b820Pria54HO5X/mAk+9+Eaq9/wZ1yQ41I4jEcYk4m7curt//9vTPRkvdLy2zHkWMSd78qOvpzRQvnHuM8tcaBC/Li9Nc5aa8SrCkmKOM4dLv8OYzbjxwOPPpnEp9eEJ443GUMRR2j3/0x917GS095pngJg2hx1ek/rojz08j7nmketvTeOKjteOsbFcL7rkcOqP1DG/Oc68jOOMvcwr86XeMK1c1KYRu0kzeeMese1NqqcmaudCF+zYk8qZeMwPSnULk8YkkE2AzcIzm/zym2OUPeMLbZK2WeofNc8xUdNf2jzfzxQWpTG0wUJRSxZViSXDKuczX/t+ivPZr/1B+gsMchzDSFGYIH4cMDBgmbDl8V7+1JdGlk0wCOZxSB9vBCdNSnnjl5/HBIhjnIfanruTkx4edDV5ZLDLrw9x0H72lbdTWD7w8KAjnAeKwhik8mvhucDfaPTVpj2HBwrxeCDE8GtuHqzxlmsyg2ap7FL9rWzWywONsNc+/dWRazHIEx5dXvmNARHrWl4LObQP9ljJ7819+BsnA3sPHBnxoBBRVKMd6dwIk3wZBPc//szYeTy08nO+8O2fpHKJbU7tg/X/efymh63g4Za3fx7suAzzf5xE17Q1YCJRKhMmuYpDu9ESicgXv/XjdK5+K29v/87vjVwLg0qCSQRjLl6vZgyoKb8XPvm5sWOv9MeIPP2TyMczjAf1n1hek/ZxmJQOCUWf+Nw3xuIwqdI12IheaYkwiZHwV+p7Grcm8dtf+f0Ul771uW/8MOUrn8hNEn+UByaf0+IKJoHEieOjvB2ZGNPP8rwwUYvXeOGN8XKlH8iwgdpxgTbMbybS8R7PvDwYh/P+AkzG8+sCBgLHEZdKfQqDOL9WRMYT/Zn8xHPpf7mwX9NfcrQ/R9739MxkMq2wuNxK+eEvxpTi1Iyp8fqRmmcyUK/EZzzNr8FYHONibORxSJ/ahp43PGd1DsaM4m7dtW8YjhFLWEkspJ9oLK7dkL5GKKL+8vKkb0YBq7bMS0xrMxi/hMXy0Z41cU5R0wdX8zzQuaX0xv3USkJR7TiSw4tH4mlchOde+3Q6VlvmpXw9378Gfz/x2a+nOLPMhWryMm3OMm28ytlz6eF0nPkfvzVm5/UItM3SkmXQi4iI+vrJaO+1zwComcMCz+NSfXz6q98fvtytHWOH5boyf4sgDOVzPe7L/XW9mnJRm6bt5fFoq8SZVE8laudC8nKOtH2OEcY9SVeMh5irsUKQpviys+Y5FpnWX9o+388UFqUxtMFCUUsWVYm5YVVCHZoBmTfrdEg8AzAsCGegQbhgIHnpzS+kMN5C5efzdouJGg80qb78TxzOVSdGZWbw5s0XQglhkwZABqa7Hjqe4mFo8YDQQ1ADFIM6AwYPupff+p0U9tHXPzuWxjyPekiQDtJD+nlrRVpBwlCtUISHiO6DR8J567cM35RALhTVpD2HN7PEeeNz3xwJ18Au5Z4HO7+ZWPAQ4fqKg7FMnFkmR8oDYQgZ+VuSiMQy8oYXBQafygo0GcCo1oOXBznlxQNV5Y+xQDzqJt37C99OkxXqTg9bCWO5UESbVZujDqhbJgGaeJSEIoxj3jySXgxtwmjLef4i6mOkg/N4YxUnbxKKatsa5SqDlLeDqa8cuX44CdAb+1mFIgw6vJm4fhQEaLOUpwQFykfnzjoGTCo/2hRlQxgiMv04vvGrIR/PeHPIb3m/MLGUR01JTIBJ6ZDIArxFVf9VfUgE4g0bvzFYCLugX65cizAZyZPGrSa0nObt3/1u+s1bMX4ztsZ4k8QfTT4lhE+KKzQ5BsYL2qLelDLZJpw8E0b9qh709pD9M/hN26O9M3HmbR9hcQypHReYzPObyWRMJ32WNt/UbihjeXEhLsiY4D6qQybg1CsTS/Upnkn5tYSMp5Tufr+m7cR045WmuLX9JafWiNGyRIQcBGra05HrbhmWPXFqx9TVPJNB9cs1jt5wWzKeaaeEUdZq66pL2gzpIN162RHjcR2ef7q+PDJBb/Pp38Sj/eTp4RmqdhlF3WnUCEWAAYdHGX1F4hhjJ/Fqy7xETZuhHWtOhehD/+J+ICO1tg+u5nmgc8kT3kXKp/oWc55YblEoqhlHSug5zz3xqKB8aKu1ZU7bJI6eu8TTPA3aCEU1eamZszSNVyWahCLgmUP/w8iWYNK0VyP9jftQdpTJ4Pk3MP5PRnuvfQZAzRwWJDxxbeIxRkt40guT2jE2livPbTz3eZYqjD7AGEbZaJ7HM2WWcoltGs8n2h4eyBqPGecm1VOJmrnQwSuvT7/p0zz/aDN4AhEW57k1YxKoTBBdGW/wQJJdw1+EIcpPaVOd1TzHSjT1l9U8388UFqUxtMFCUUsWVYm5YVVCD3+U8BjOYMIgRadWGANV/raRwTFfPsOSGK4pN2Ue8PzOjRW9lZw2KW3a60ODkt4aAIMaYeRdYU151Bu4+MYNNOHVw6NWKNIgli9ZksFXEoqmpb2EHtxafoZ7LgOvjBYZnLyFi+fhnkv9EZffs0yO+M15kx5WggcbA3fMG+gtjSYDmrAxoY3x1F7kgcFffucGAJMCfcY5F4rkvZMbmwhphJeEolHvh3XDh088P6K33kwcYzgPKp0roai2rfFQ4zcP1xiPNoUhpcnarEJRbJN6KLPeO56rZRt6ANeOAbXlp4lovjdQLfl4hicQv8mPwmjjvLGdtCyyKR0SinCXjuHaXFqb5NLmuEcUfhCLiMMYcOJ65XGriQeeeDbF18STySi/mQjHeCXxh3bNG23CQUJPKW7OibeoA4FKMK4Tnr+VVF7liUX7KJU540Bso7XjAuXLbwwFxVEaeVsZz80p7WGgPsXShRiXySbhkzYLVVtJ6V4/mm4ZjDIAavtLTq0RgxjCb/ppHIdpJ3oG146pq30my2DDkzWGS9AgPYjhlBvkywoQlYmnJR+0DbUzvT2WAagxXQaHBAlB25eRhWE4TZCN1AhF+csClhARjmHK79oyL1HbZjCquRblJg/lKIbX9sHVPA90br7kWZ67ej7nQlHtOFJCRjXLV2J4bZnr5Vu+rJHrET6rUFSbl5o5C5TGqxJNQlEummoelPfrHAkQMexktPfaZ0DtHFbxaJsxHnNjhAl5edWOsSrX/EWs5tyazwHCHGES/mrLRW06Lu8GCTuxrZbqqUTNXIgX0MTZvW/UPlEfkXdO7ZjEOVHsB9r7oB5PlDPpIEwiUM1zrIlSf1nN8/1MYVEaQxssFLVkUZWYG1Yl9PCPnZ0JHmGAWhxReFyby6RDn53FqJKByPp1jmvJQMldnAF/2qS0yeDiPAavPD4Dawwv5RF4IEajWkgAkLBTKxRxz9KkE1U+Xg9q015CIoiWn2miJvdv3ibxmzX5+bl6KPDAq50cAb9zg7WEjLx8AgOaxGgyoLdLXDe2MbmZ8z/xqA8ZAtQZkyW8bErXllGhNyC5aAeUfUnoyN/oafLSJI5puV+pnPXQ18Sitq1pQ+JcUMqZVSiKceiHhLGkIYZryRUThFnGgNryaxJoasnHs7i0EKOdesDjLj8vpykdEop4uxfDJXzHfXOY8BPOxIgJmMqON8gnrlcet5rQ22AZ2SBjGUNE8ST+NBHd3GcRivJlIHobD6U2ECewpJW3oxjzeFp9/LdPuK5zfJZxASS6a/mZ+kWpP0dKE0neghJWev6Qh0nPH7WV0mRTS6oYB2bpLzm1RgyoD5Bmro3HW9yjpnZMXe0zWc+63LuLlxVcl3C8H+M9I4ixHJPnG+MZni38jxhIGuQlQx4Zk7hfbhCCvPnyfltDjVDEnCaGSxTgGcPv2jLPmbXNMMeK8UvXm9QHoe3zIJ6b7/+kfOiFSS4UzTKO5MioxhsihteWOe2q9NxlHCHerEJRbV5q5ixQGq9KNAlF+i1Ul3GZeomSALHo9j7LM6B2Dqs5QC665NSOsU3PQs1lYpjakAS02nJRm86X6ZFXwqMAXKqnEjVzIb2cLrVbkOe9fjfF05ikvMZ7KA/5EjLG2PgCfNpzrIlSf1nN8/1MYVEaQxssFLVkUZWYG1YlShMHLW8CJlIRwpgkSjSRGzkwGOhNIUgo0qQfV+f8/rlKXaLJ4OK80pfDuGZJKMrjNQ3CTIyIr4nr6oWiwQM4F4pq0l4CN0+ux0SO33q7q0215e6fL1kBJuEcY9JSOzmCWB6TUNth8p4f05spTQbULqiH2Ma0PAxjRufyRpU3RBIhgXgSYnKhSF4gJcOySSjK40nsaRKKmpYGge6v9NW2NT0Im/YqEIsQiniLRjhpmmUMKN0D8vJrEmhqKY1nTKq4jyblwO98s/dIUzokFDGpjOEYoIRLKEIY0P34SztU2toKRYwhSn8JljkobhSKmLzD869/pve+ex8dEZRi3DqhaNSLTe0bSm1Abwjx6KA9KC7/qzyAOLOMC6B0S/ymv+ZvukuUJpJahlB6/kjYyF8iiCbjCeQNmDbOnKG/5NQaMcDYj9dM3LuDNsgyVo7XjqmreSbr+cPSixievznWCw3KJ7+GRAx5FGFw0Ga0vIyxSd4b9CO1RcSj/FpaopKLVjVQNqVnNuSCh0AkJlyGc22Z58zaZhBoFF/1LWr6IJTG6prnQTw3fyEA1JnmM3m51Y4jJWRUs5QrhteWedNzF2OXeLMKRbPkZdqcBUrjVYkmoSgfs/UcWY1QtOj2XvMMqJ3D6hk7yYsJasfYpnKtEYpqy6WpTZMGwtsIRTBtLqSwUrvlHOpgljGJ37lNUCsUTXuONVHqL6t5vp8pLEpjaIOFopYsqhJLhlVOaeLAw5FOG13/S2gix0AWDXL29yBcQpH29OBtVzwfBZnwSZNSaDK4asWWUh5BSn/urq2HMm+x+a23r/nALlfOfOmZ9mYS2itgXkIR6G0fAy51FV2htXwgd3sGGe9MjFhKwf/5YK96bSMUaWIV9+4QEhU1GdBa6KYv5TSB66wMDRnmuVCkCV2+sSrnEj4PoUhvvEvlrA15NSmsbWt60E57YGr9dT5p58E7D6Godgxougfk5dck0NQyaTzjHtS9XMQ19pRoSketUKRJExMz5W3YZ1oKRfKYwR2b8VJIjKZeFbdG/JklbtPkWOHa56EJvW0kvbyRVDjlpLY4y7gwiL8+TZJpfyw1SnX6SHOditJEEpd0wvLnD5C+SQKU2krJmJWbPeU0S3/JkWdiXv5ayhCFoggGnIwOLQGoHVNX80zWUqU8vRpXtI+FxrJ8SUBaxvCjwV5IEiF4ftHG2XyUcuS5pjZDnngmNj1/qKP8y3C10EZXKxTVlnnOrG1Ge6KQXuonLt+p6YNQGqtrngfx3PjFWDjhFfuV9Dsvt9pxpESTUV1b5kpz/uKAr24RPhSKKudCbfNSmrNAabwq0SWhqLbsc2Z5BtTOYdV28+XiObVjbFO51ghFteXS1KZXKxSJprmQlkoj6OfnnDi3fkziWnl/qRWKIqXnWB5HlPrLap7vZwqL0hjaYKGoJYuqxEmGlShNHECGbu7Ox0SOt9cMKBpU5dkCdHIehHGA4stH/OZe8a2fBodJk1LQ0o/4Vh1qxZamPOrhRDpiuDx05MrOW+38/kyeNNmVUKRN7whnsGfPIa1Vh3kKRXLN1drkaNxqss9DJm46zWQ6pS9cX2+74sNDIksboQik4scHZtzoT5MBvc2h/cSHA5vgsaePNmRkDTJiXXSllYusJh25UMT6ZL1Zof1QFxg4qrN5CEVKQ17OmoSChKLatqblGvn6bW2MLBdrCYXRnV0Tl3kZBjVjQNM9IC8/ubDn7Yi2R93EvRtK5OMZ/ZGJZBTftDSgNMEUTemoEYpop/xPncexTO0vGgFN41YO5UM/hFz4AwnQ2pulRvwRNXGbJsfydmO8kLciYMRjmLKnEr81AY2fwGU/OMJiW6wdF4RcytVHpu1fAFqGFPsFHzAgjHTGcYav2BBe8hYSMp4gLn+hvyvdMsxr+0uO+m3eHvWmVEYMxhPerfmXGNUvSEftmLqaZ7JEpmjQgL5ko33UJKQzUY9p0RKNuDEqRihtBeJyGvqEhNn8c+0CI5o+WrN0IWceQlFtmZeobTMamxAoGIf4PwrdtX2wNFbXPg90bpzHgL5Ep/EgL7facaREk1FdW+byPoljMPFl+Esogpq5UG1eauYsUBqvSsxbKNI8KOY1rzcxz/Ze+wyoncPKi5G6i+KBykvL3GrH2KZyrRGKasulqU2XhKJSPZWomQvppVO+bydjJ+nT2FE7JpXKs0YoqnmOxfBIqb+s5vl+prAojaENFopasqhKzA2rEqWJA2jApIOz3h3VVvtlaKLA4CVjnIckxhIDB79BQhEDiyYyKNUMwvHToZMmpSCXa9LCmwO90aoVW5ryiPsx8TiGMcZgK88P8qrBOS4LIe8MhvGz9hKKIC7FE3rbN0+hSMalyiU3MDVp51o8KPBY0MM4DtCaDDJhJv+kVXXaVijSJn9ch+sxaSEduq4mAwzq+qQ65c0DlIeu4mnTPb314aGJUIL4prYo4SQXikDGUAQBhrzOQygCGU3kj3yq/JQHCUW1bQ1kGPNGiDLRw5FrylhW/apPYECoPczLMKgZA5ruAaXyk6sxRg4TGcL0+ed8M+WcfDyTRx9jCstcKBNNrKbt8VRKR41QxG+NZaSXMU71A1Eoahq3cjShi19yiUgUZpKW4leIP8NrV8RtmhwD+eMY5UX7Jo7aMRMx4uhNKmMiY2Psw7Et1o4LgvJSuU5rG0KfFaaP067wFGCckbCq54/qjDExX64XkfGkPh3TTXg0QGv7Sw7PR/Vd+tKDTzw37DsgI0YfOwDSgKea9mKTQVQ7pq7mmSzPllzYlceEls0ypmlza/olzyGVB+UXPyst8Yh0svxM4RKJmt5wxzlIaYnbNOYhFNWWeYmaNkN5ci36oMQwjbkau2r7YGmsrn0e6Fzg2UXbV75JmzycSuVWM46UaDKqa8ucPc407+G5y321VBGiUFQ7F6rJS82cJcUrjFd5GcC8hSKeNcRjDODLV4SV6g3m2d5neQbUzmHluUtZI4bEePoARe0Y21SuNUJRbbk0temSUFSqpxI1cyHmjmqnsmM0ZhNXY0vNmAQpny2EoprnWBOl/rKa5/uZwqI0hjZYKGrJoipR6n0eHtFkMQ8HJiFyXxQowfHNXfykLjAx1CcX41IBJoU8iOPkhYcqE5tJk1KhDS45l704CEtiy/fG3Qp5gEexZVIe8TxhcNK1GdCYMOdfZeCeetAA19QnfHO3dzavxgOEAZZBV+7LY0JRRdonoTd5PHDzY8CXPTTRVt3oba+gXvQQUL3ojWU0evnNAza/RxMM/vHenKu3c3FiyCQUY10PdqBc8rfHPPhi+fM/k2O9QdBDlrcL8Tze+vFwYeLHhnlMGCjj2Oaa2oce+pOEIqBtxvTzcAX+py0oXm1bw/jhwR+vSd3FCRj5RjjQtYBJSb5HUSlvvOEijDdEMVwP29i/a8aA0j2gVH68aaXsCWeSQhhtRenPrxHJxzPePFFOsQzoOzKeJlFKh95A5UKRJies4ec3ApC+CATUk/ZAyL+GUxq3cuROnW/YKhCBaStAvUsAnST+iJq4mhjm3m4CwybuJUB+o1FOe9VET9DfaIu5EV47LgjteUffzY+VoE1IyACJFrRX3izGPsW987E7Rx8iiH1aZVBqrzX9pQTeH5rEA+WtLzPFZZRMwPN9HXiuxDGkdkxt+0zmunEppCiJLvEz0roH/S0f82Q86QtCQkZ9bngI+oPak4zCWSilWajuqb8Yrq+yxTfVtWVeYlqb0cu3eC0Z9dyPNl/bB0tjde3zQEIRY4rGTiB90XOmqdymjSMlJIAxRuXHasuc/MXxmrTL+zsKRbVzIajJy7Q5CzSNVzkSgHKhKB+zJa7n/SiH60nEVV9vqrd5t/dZngE1c1jA1ojxyFP+zKgZY5vKVXUUw3atfIkwfomzplya2rQ2q49CUameStTOhRg34hwUeAmTiynTxiQgLLcJEOAIz9sBbT960tU8x0o09Ze2z/czhUVpDG2wUNSSLlViCTonA0mT6zzwMNEXaibBhIZNxyZdqwkMJinI+bHVgjGbD5YlWI8f34RGGPyYnOUumxo8870aVosMzIsPXjl2LII3S/72N4c6HtTLZFFkVmgXTeWVQ/lPS2dtO0OUkTgUwzUpzj+7Og8ov3wPohK1bQ1ob5OuybXI66Q486BmDKiF/ks/jl5w0wzpSXC9mraTU0rHLDCpqSmTRY5bJxMEb94u5+GCsZ22WFOXNeMC1+MlBJPMmmtGmLA3ubCzRGGaK38T9LPSppk5bfsLY3X+VakStCfSMa1N1fSL1TyTa6EPkJZp6W0DY2BcBnSqqSnzEm3bTGSWPjgruTcSngFNfWwS08aRNtSUOeM1aeZ/LQOLQpGYZS5Uk5eaOcuk8WqRcE95jLWlpuxL1DwDhnEr5rCKN20sqB1jV0vbcilRW0+1cyHNG6ddcx5j0iRqn2M5k/rLap7vpytd0hgsFLWkS5Vo2iMRAsOGpUC4G+MCKfWeNxD5OW3gzYg2cOMNYX7cDAw6vc3D84v9YtgTQ29C8zdXxphuwCQW0V37r03yhjLGnBxyoWiZmSQUGWPM6USXNAYLRS3pUiWa1cF+JtHdGHABzd1MV4NcNrmu9sAx4yDcaemKoG5yF3FjTHfg7bv6K27m+ReLjDEnn9NRKGLfovyYMcacTnRJY7BQ1JIuVaKZD7hTIg7FjTnnBevQ+ULBotxBTzdwD+eLUbXLvYwxpw6WKbEBJ8su82PGmFMDy0SmLetZJliC1LR8xRhjThe6pDFYKGpJlyrRGGOMMcYYY4wxy0uXNAYLRS3pUiUaY4wxxhhjjDFmeemSxmChqCVdqkRjjDHGGGOMMcYsL13SGCwUtaRLlWiMMcYYY4wxxpjlpUsag4WilnSpEo0xxhhjjDHGGLO8dEljsFDUki5VojHGGGOMMcYYY5aXLmkMFopa0qVKNMYYY4wxxhhjzPLSJY3BQlFLulSJxhhjjDHGGGOMWV66pDFYKGpJlypxtZx17sbe+s07+n83jB3rKmvWbU5pfs+adWPHFs3aDdt62y68ZCy8LZT7oPw3jh0bxlmzvnfR/ivGwk9XtuzY2y+TnWPhOeeuuyCVXR5+MqDtbd21r7dx6+6xY8vAqSy7M4G1G7f3ztuwZSy8K3Q9fWZxuO6NMcaYbtIljcFCUUu6VImr5bb7H+v93k//U+/a9941dqyrPPvx305pniTY7NhzoPfUi2/2Dh29cezYavjq93+e7j0v4YZy53rUQ35MPP/6Z1Kcex95auzY6cbmbRelvH77J79MAll+PPLqO19OcRHv8mOL5Kob7+h9949/me79hW//ZOz4MnCqyu5M4Zs/+tPel7//78bCu0LX02cWh+veGGOM6SZd0hgsFLWkS5W4WpZRKHru1XemCkVHr78txXn4yefHjkU++NyrvS9/72dVHizwic99o/etH/9Zb/P2PWPH2nD9LfdMFYruffSpJEwgUChs1nTPk0Xe+7z1W3pf/9Gf9D7/zR8Owyhr7vfoUy+NxD1VYgf1z31Jz6WHrx073iW6VnanG019Yd7G+Nu/+73em1/8zlh4W+advjOBedfBqcJ1b4wxxnSTLmkMFopa0qVKXC1nulD06jtfSfHmJfzMSo1QVOJUpvtk35t65n4fe+uLI+GnQuxguRb3fPt3vzt2rIt0qexOR5r6wryNccRJBNQ8vC3zTt+ZwLzr4FThujfGGGO6SZc0BgtFLVlEJSLU3PXQ8ZGwHRdd2rvn0ad6uy4+NBJ+230f6N34vvuGv89eu6l36Kqbeo8/80rv4ePP9/Yfunps2c6dD36wd/VNd6b9X1jChNiypn9eSShi35zbH3w83Zv9DOJ1psF9ET+eeO6V3vHnX+vd8L57034opbSs37Kr9757H+09/fKnUprWbR6/F+eStg9/7M3kWUOceQhF5J38/e7v/SzF+8CHP5Z+p71b+uni/4sPXtmv66PJG+Oh4x8ZXvfu9z85dr0LduxJZfmhFz6R4uR5BsrmsitvSOXygQ+/2Nu192CVUMQyN9KDMTop3fl5Eer91n5ZsxzvptvuH/OA2LLz4kFb66cphnNPwknDrPe+6+HjvWtuHhUgaad5u6JOCZN3DmVBuaT4R2/sffC5j6f7/c53fpLiXXH1zemYxA7EG7ytKPsHHn+2elng+Zu2926555FUJo88+ULv8LXHxuJErrjmvaktcE+WnJEW6lrH2WeK/OFlMijLAyPnr6aPl5jW7+dZdtPaN9egX7P3ybG7HkrLQ3fvv3zsOkC/Ii3s73TVjbf3y/+NYX0D17ju2D2pXo7d+VDqj6XzN2y5MP1P/mH/5dcU9y2bVk5i07bdqdwZjyiLvQeOjMUR0/qCjHHaGOXB+EX5sbQyvxZtgDHlmZffHvS1Sw4PjzHGEYZHIcsx+f+Wu98/do1IzRhcEgtq8k/5kr77H38mXfvIdbeMXbsJ2sP9jz2drn/HQ0+MiWswrQ+JaW0kjuGkl37LNfnNcQRSjpMW8jxpv66aOpg2vubQBtUHFKY2RZnGuFde/77e3Y98aNhma+pgUh8r1b3Sk9/bGGOMMSePRWgMbbFQ1JJFVOLzr306GRxxYsykk7AXP/n5YRjGEWEf/+0vp98YIl/7wS9SWOQzX/v+yAbVhDE51LIZ4NxcKOKcT37+2ykMQyNP5yQw/r/03Z+OpQVjKk6cU1q+97Pe13/w70fiMQnHWFE8DImYXsVhCQD/r0YowpDI0wkIJpdcfm36/7Nf+4NhuCbWLD3gdzRIb7v/8bHrpOVpwShkkv/Zb/xgLN5rn/5q+jtJKMIgIA5CxaR05+cJDPg8PkRhRHslIRDGc4lDOAberPdmPyfKIYapfdx8x4PDsJtuvz+FIRryG4Psi9/6cfr/hU9+bux+r3zqS+mYxI5PfPbrY3HiMr0S+w4eHWtb8HL/2iWxId4voqUoGJ7avyqCgKDz2/bxEjX9fl5lV9O+uS/hsc9gyOfpBkQ5jv/2V35/GPe5ftlwDHFC+z9FaPv5+dRVHo+lofFeNeUEB45cn8YWjsX7I5jk6YdpfQFjHO8Txrl4nHLbduH+4XUQF/JrAGXOcfWNCNfO0yNqx+BcLKjJP/1C41WenpLoE0HoUHxdn7+IQsO0V/QhqGkjGsP1rIggDOV9n/s2vRSZVgc142sO4h1xOFdhR28YPLN4Lsa4tF/dr7YOJvWxvO4PXnl9Kk/aq9omz0/KqKn9G2OMMWb+LEJjaIuFopYsohIxzpjMRUOdyVw+KeVtJWEytD/3jR+m37wt5e0h4omMQAxFnafJIoYtbxv1BjYKRYgZGFr8bhJYJiFvCyakGCUX7Ng7NOYQO/K0kE6MTbwpJE49/bG3hvFk8PDWFOMZb5e3f+f3huevRigCDMXXPvO1FI8vWMlwlJEBlCtv/PXGOReKmGTzm8k83kcYO3jSEIZxpntJEMBw2dnPB/khX7pPrVA0Kd0lJPRgBBw4fF1688wbZgwDIG/EqxGKZr03dUk83UPLtiCKIB99/bMpTCJhFIrO6pcz9c5x2hL3I4xjaufkDeGH6+N1Rhj1kacnImEDjyLKZM+lh4feIfyfx1dayDNxXnrzCyNp+fRXB9ejD5AO2rTaL95zxGnbx0vU9Pt5lF1t+1Z5Eg+vJcaXc87fNJZukBFLPeOZwRiAhwhjhgx42iP7VdHm1Vbxaornw4NPPJfSjocF+1oR9sATJ4zbmnICCVz0EX4Tj7IhrOkLUZP6AvVJOP0d8YjrvfzW76Qw2jtxaHfyUmHMwaMk5pcxBriulj0N6nDcG0rUjsG5WFCTf14cpDz1x2DaFeVOWROG0NKULtpBEiJ+8O+TmEGe8FzhPPVzqOlDtW0kjuGIcXwpE+FSYbRX0oI3o54pCEJ52mFSHdSOrzmIUpyH6KMwecoC7Snld0WQlJBcWwdNfYxjse5Js+pGZQd4IKmc8rQbY4wxZjEsQmNoi4WiliyiEplgMjFjzwt+YzTzW28EERcI1xewmCDK84A48Vq47zPxYwKoME0a88m8hCLecMrowWDM01cDRiTpjh4ZGCppQty/tsJKacE4JxxjYXDenpHfAsNAb75XKxRBaY+RE2+jx/ehyYUiiRy7940uHZJRKA8DDAnSnRudeuM9i1AEpXSXeOGNgVcJSwtiOAIJ4RKAaoWiWe6tc+UdgfDBb9orZaF4GDjRaKVtRANy2j47GGYxXJ5q+XKMCAZnvjzkWN+g4rz4lj+HPBOHco3XIgyxM8ZV25cXT5s+nt8fZun3qy272vYtoai0XClHRmzurSCBjCUwMRxDl3AM/ng+AkiMp3JhmV38XVNOGM/8jm2CMqCOJK6VaOoLEopif9cX/RA/+M0YwvXzfaIk7ETPs9r9cWrH4Fwoqsk/ImAaw9aPjmFKb1wyF6GNcBwhL475iDS6X20fqm0jGsPf+Nw3R+KxZJTw+OzAq4kwhPsYN6dUB7XjawnGuOhxSZuUWKYlqiw/5be882rroKmPgeqeMqLOGX/jEjjAE49xUIKVMcYYYxbPIjSGtlgoasmiKpGlSfIs0JIEjMc04Vx5G8ykToaGPBQe+uBzY9eSIacJMf9z/TyehCIRjYk2MOHE4GYvE4xMeSi9+YUTBgC/oxAgmLTqc+PsbdOUN4k1ixaK8iUPkAtFMghZVhRRebIvBMYb/yMK5deTCLQooQivj2gQCwlxCAb8XoRQxN4w8R4Yexg6eAcQjjgoAxGPK503q1CUGzkymkr7wUTwWGBvLO7NG3sJkJOE0pJQpCUjUGoH0bictY+XmKXfr7bsato38SQUNS3bi8iIxVsphsvrjjKK95KQxv/x/PfeOe5xJQ8UxI1Zykn3pu3RvumPTUJdpKkvUG75EiKgLcRwyot9yxin2KMoLqeL+0WVRIomasbgXCialn+ECY6XxjCJNJPGMNUL96UeaTeMDzpe24dq20jTGC5hPoYxDhAWx6ASpTqoHV9LkDbi0AblqYhXE9fUklblH8Fxljpo6mOgPi3yMcAYY/bA7XwAAGlqSURBVIwxp4ZFaQxtsFDUkkVVIhsmDyaO+9PeIVragdHMm0Yt3WEZBeEY9fzm7WV+LbmOs/cEv/mf5QV5vFwoYtIb99CYBcQdztd1EAVkIORCUSktUShis9OmvGHUD8pp0ULRi2Pxc6FI5YZxH1EZYMzu2HMg/c49IIDjHJtkZK1GKCoZN8BykFgPixCKAKNGwghpYfNYedZQN9rMW5ssw6xCUe6RofYxSSiiD6nuEIi0BAxmFYrUVqHUDmJeZu3jJWbp96stu0n5UvsmnoSiPD0lZMRqmZOQRyPtJN5LewwhpMTzS3vASAggX7OUE/2Z+PI4EWyAnZ8baeoLuRAjEIkkFNEP4h4y6Zywp1Eboah2DM7TNy3/LKHid2kMY7NljrFkLD8mWGrFteJ+UaRPHm21fai2jTSN4fMWikphkI+vJfBCIg57JuFBxP+UE32fsmGJG3nDE4v4s9RBUx+DXCh69pVBmRljjDHm1LIojaENFopasqhK5KswaeJ4/2PJeJWxqEmflu5o8qeJJm+O82tJ0NDSh6ZJq4QiDB42E+Z/DIhJy3aa0KQeA05LDOQxMqtQxBewmvKG0cCxLghFWirAcpY8rsC7gThaEhORYLEooUiGKPufxHAt9UO44bc8uPI8a6lHW6EIjx3iSohSHhAW2D+GvVQGRtGJ8lu0UKQ2iYEXvzamDWZnFYrUXqaJCjBrHy8xS79fbdnVtG+Yh1BEXyWcr7Xl55TOp23lx6hTLeeZpZwijH145GgvnKYvwUFTX8iFGBGFIomkLLeKXh1aethGKKodg5vSB6X8M4bRL0tjmMYn7SM0DfKqOqQPMJbW9qHaNtI0hs9bKKodX0uQb/LPfm20R415Srvah/IwSx009TGQUEQfV3vhy3x5PGOMMcacXBalMbTBQlFLFlmJelPK5E2fC2ffAX4TnozqFQNAS3s4J34emIk94XGJA79L4kzczJrfcnXH2yGPOwkmvUpL3NNDE9hZhSJ5neR5Y5kG4TAPoUhLPeRZAE1GBuRCkTak5qs+MR4GP2KC9hlhck+8aODEjVlnFYpK6S4hIQrDIYZLKNCGyTKW8nrRF3aiUFR7b5A31bDtrggOXI9w2igbs8ZzcqFI+5TkaasVO3JUv/ELWdQnbZTwWYUieQ+QF/ZdUTjeAfSnuLkyzNLHS8zS71dbdrXtex5CkbzXqJe4hI3NtrmXvsam8/EiiYK2DGu1p9pyYj8WvCryPGqZ05Hrbx0JjzT1hSYhJgpFEj20Hw3QZmTIR6EIgYKwSYLdLGNwTF9t/rVZOGOw4lD+8uZpWsKEYMf18XqJ4fJ04hq1fai2jTSN4asRikp1UDu+NoGHFPVFn5c3EHWHgKQxgrwpfm0dNPUxiHWPl5I80OJ9yCMbjufjgzHGGGMWxyI1hlmxUNSSRVaiDA8minGyL0Eh35xTnx1mgs2bc95gKm6cmPM7NxYhF4pwd5fHzsPHT4gselM/aWNXeR+wCTTGdtxvY1ahCPQFH/L25EdfTwYDcTSxnYdQpE8fMynnizLsA9FkZEAuFCH2kD7CMA7YD4U3xCnd/TLTPhzaMJW0kw/yw3nKy6xCUSnd+XmD9O0Ypg+jhDLVW3D2+ZDRI+OEcIx+vialvEIUimrvLWRgad8NkIAEuYGaC0UgQwjPGPYzIaxW7Mghzyp36oLyjZ91n1UogvjFMOqWtqNyZ2lJjDtrHy9R2+9hNWVX277nIRTRp/T1Q9om8TDeVVfaUFvnE47BSxsk3YoXv1pXW04yyqkbvGnwbNFYE/fSyWnqCzVC0f7Lr0nnkh4EB9pMXJoVhSK+0EYYYyxfncuvK2rH4Dx9NflXejWGffC5jw+XbE5aKqlNvIG+gfcKXw0cpPPEfjs1fai2jTSN4asRikp1UDu+NqEN9CG2Wwn08rhSeG0dNPUxyOue5X/EJVybiw+/rlb4oIMxxhhjFsMiNYZZsVDUkkVWopb65JtKa2KtL0hF+LKJJvrAvidcJ8YhvPSpWybgHJNQBLyVlDGFwMEb3qbzI3whR288gWtoyVH8mk3TtZgU5wIBe4koLcBSJeD/SXspac+GaUIRb2P1eWTgCz0yMvK3xJALRYBghQEiYwWYYOPNEc/FQIr1RBlob45cTIjI+ybu41NKd36eYKPUmD7KGUMkX3bDF6tk9AAGG22L/6N4Msu9QV/Oyr8mpnvlgh/p1L4c4ubbHxh6WiBUECaxI8+HDDraYwyPYEBJwAL6jD77XlrSJPSlsvhpdcH+Q9HQp91Sv3m8Nn28RE2/h9WWXU37lkCR37uEPGnoZ/kxPEsQtGKfZ9+e6EEhI5gNfOOeOuSfJZT5NWvKiT4SxUJgLIpfHivR1Be031Aen/YhoQhoc7Fc8ZRBzOJ/likqHh5npJtwrp1fV9SOwXn6avOPd1Esc/IySSQSPEfy/Ylog3n7q+lDNW2kaQxXXcUwPjNPGM+aGJ7TVAe142sJfZmPvMTwY3c+lMJZ2pifU1MHk/pYXveglzJ6gcOzalAmk8UzY4wxxsyPRWoMs2KhqCVdqsQIbzdzD4F5oP2C8iU0TTBBxoic5H00K1v618v3gZgnGB9t9mWKsFwIo4Fr5cciLINhSUUe3oZZ0k36cvGqBO1oksgiZrn3PECcw2MDr7f8WFuoC4y1PHw18Fa+aRnOIqjp9/Mou9r2PS9oq6V85d4S5L/mC2U15YQHCHmc5EVUYjV9gbphfKsRFrRMKw/PaTsG1+afdMTlfLXQBslrFNpL1PahpjaySJrqoHZ8nRdt66CWaW3AGGOMMfOlSxqDhaKWdKkSTwba5Dpu/GuMMaeCXCgyxhhjjDFm2emSxmChqCVdqsSTgZZ/5eHGGHOysVBkjDHGGGNON7qkMVgoakmXKvFkwJKNpo2BjTHmZMKyH5YmTfoynDHGGGOMMctElzQGC0Ut6VIlGmOMMcYYY4wxZnnpksZgoaglXapEY4wxxhhjjDHGLC9d0hgsFLWkS5VojDHGGGOMMcaY5aVLGoOFopZ0qRKNMcYYY4wxxhizvHRJY7BQ1JIuVaIxxhhjjDHGGGOWly5pDBaKWtKlSjTGGGOMMcYYY8zy0iWNwUJRS7pUicYYY4wxxhhjjFleuqQxWChqSZcq0RhjjDHGGGOMMctLlzQGC0Ut6VIlGmOMMcYYY4wxZnnpksZgoaglXapEY4wxxhhjjDHGLC9d0hgsFLWkS5VojDHGGGOMMcaY5aVLGoOFopZ0qRKNMcYYY4wxxhizvHRJY7BQ1JIuVaIxxhhjjDHGGGOWly5pDBaKWtKlSjTGGGOMMcYYY8zy0iWNwUJRS7pUicYYY4wxxhhjjFleuqQxWChqSZcq0RhjjDHGGGOMMctLlzQGC0Ut6VIlGmOMMcYYY4wxZnnpksZgoaglXapEY4wxxhhjjDHGLC9d0hgsFLWkS5VojDHGGGOMMcaY5aVLGoOFopZ0qRKNMcYYY4wxxhizvHRJY7BQ1JIuVaIxxhhjjDHGGGOWly5pDBaKWtKlSjTGGGOMMcYYY8zy0iWNwUJRS7pUicYYY4wxxhhjjFleuqQxWChqSZcq0RhjjDHGGGOMMctLlzQGC0Ut6VIlGmOMMcYYY4wxZnnpksZgoaglXapEY4wxxhhjjDHGLC9d0hgsFLWkS5VojDHGGGOMMcaY5aVLGoOFopZ0qRKNMcYYY4wxxhizvHRJY7BQ1JJFVeLZ63f2zl63bSx8mSD95COGnXXeBb2zN+zu/daadWPxTxbvOXdTb+2OI/307Rg7ZqaT6rVl2Z21duvC6//sDRf2zjp/61j4PGlzj3O3HOids3H3WHgO101lVDjWBto713vPmo1jx5YR8kF+zjpv89ixztNv9ynta8fbThfGxlrO3XqwdRvtaj5X0+9ok+fvvm4s3BhjjDGmDYvSGNpgoagli6rEo5/6Te/IG/80Fr5MHH3rV70r3/jnkbBLjv+id/Wn/63KYF4Eex74Vro/7H34u2PHzXRol7TPPLyGfY/9USr787ZfPnZsHqzZvD9df/8TPx07Nok1m/f1dt/7ld7lL/1N7/Ar/9C7+OHfb0xjm3vonKveebdvIG8YOx458PQvU9y2YlzOjptfSde74OgTY8eWka3XfSTlZ+vVHx471nVoU6SdfpAfO9VjYy0Inqktv/0vvfesWT92fBpdzedq+p3ytPPYJ8aOGWOMMcbMyqI0hjZYKGrJoiqxVijC+LvyE/+vt/mK94+En3vBJSkc4zc/52SA4c3E+ZLjPx8JRzw6+uavxuKfDPAiIk1HP/Xr3o5jr/XW7rpyLI6ZzuqEoh8vVCjaeu1zAxHh2mfHjjVBWmgTahv6H1Fn/Z6bx+K3ucdZ67al6yJCKaypj67GYC1xuglFMsoZY/JjXWeSUHQqx0ZARKc9ThNwaJe05Ste+buxYzWc6nw2Uep3h178q95lz//Psbg5F97+mf548a9jz2FjjDHGmDYsSmNog4WiliyqEmuFou03fzxNbrdd//xIuAySS4//6dg5J4Mt1zwzMKav+8gw7JxNe1fEo1+MxT8ZbLn6qXR/JvX5MVNPl4Wi/R/8+cwiwsGP/PmK8PPcMAwhkbBDL/zFWPw29yjR1EdLButqON2EIkQGxIY8fBloEopO9dgIB57+jykNCJj5sXnRhXw2Uep3eE0hiuVxjTHGGGMWyaI0hjZYKGrJoipRQtHZG3YlEejiR/4gGXwsYVEcDNsDz/yXNLllkrvr1reSl8zGA3f39jzwzRR++LX/k8I3HbwvnbP5yAd6O4+9vvL/Y2mJza73vd1ouG86eH/vonu/3Nv78PeS6MP+EnmcEpc88bMVYzqk95qnU1gUtdhnZOOBe3oX3ff13u67vtBbd/F7i0tzMMp33PRy7+JHf5CEnnUX3TgW5/zd1/YuvO2dFAdDPxo82254YWgIXPqhP0tlEveUqMknBgTG9t73fz+VWcnbhH03zr/ohpTGPQ9+p7fp8ofG9rJZt/fmdH/ytPnII6kOthw9Hu6zrX+fJ9N9KKtzNu0Zv0+fNVsu7W2/8aV+fv+wt/2mj6V9Q/I4a7cf7u285Y3evkd/OMhzP22zpCWVe7/dcQ/Swl4ctULRWeu2pvKi7VJe7OvTJBSRF+5D+fNWPpaZ0pifA6RJ7RmiiLDz2CdHxB+BZxnX47osncET4Mjr/3csHkYix/LwklCR2t6dn0vLGTcdejDtC7Qz9bv7h3HIn8p2Uh8dGqwbdqf+SpnQnvI9UDZccns6L9/LbP2+Wwbh/fLWfSUUrd15NLVz2ubGA3cV+1qJmrZW05c1/lC/eGRxPfqq9hsiTaTtovu+Nkhfdg/6QurDx/8ktU3yWYpHOjiGMKGwSW0spo3ypF0h5lCv8fxpZUC9c+89D3x7MB7vPDJyvEkoysfGYTn1y0Vjwe67vthbe2H5eUPbuPDOzyfvtA37bx0pd14m0Bbz/G678cWV9rMz/aUPkIbd9341/ab/5veJ18yFx0njr2jKZ1OZT8qXmPZsYIki439+Hn2R9qDfUSiinigD+j+ehfy//YaPjl1DMK4OxtETzzuoeq70n/F6riRP1/6YHY/T5jVe0X/JI2NqKsNCeRhjjDFm+VmUxtAGC0UtWVQlYojzJpOlAExeBcbredsPDeL0DdZ4DDBk5PEQQRzhHPZg4bcmxREEhWEa1qzrHXjmP4/FYc+h6EmBaz5h+SaghOVvYvc//sfpGhhc/GaCXMoDaYwb72649I40WecYE3fFi55BGEIKVxz+YrRxnPLM74NRU5tPJunx3mLvQ2Gfo4Zrce9oNO2++0sp/NALfz2Ms+/xnwzu0zdySveJggPIkyzCeVHkoS3kcYBza9KC4JGfe+T1fxwsHZkiFJFf2upo+t5N7YX/o+hTzEv/XBld5D2l67Efj9xD3glXvPL3g98bd6ffl37oP6Tfh1/9X+l3vpSGvYUIR6xBKEJczQ086pL0ko6Re2b3AAy8PP14CfGXfqZ41A9pSmmY0EfVNw8++1/H4mBY63r7PvCjFJYblggthEsUlFAkj5FIWj40xdgs1k/W1mr7ssafQ8//5Ug8luRJOIvsOPbqSFrkFYjRznI+/i95XtJ/SaPEkWIeQhuLabvipb8dxkGkaTw/L4N1O9J983gIL4rTJBTlY6PSIm+3yOYrHh45tzSWc77qdc8D3xjcs99edA7iCWGcK/EtpySEidSWwzLKaeOvaMpnqcyn5Qtqng08Q/N+DPTFKARHoUgesZFJY96Fd3w2xdl48N5BWMOzoPa5glCqOAhkhOV9BtLY17FNwY0xxhizehalMbTBQlFLFlWJEjYwrJmwY2BgnBKGt06K158ws3kmYYgCySDrTxqT8bvzaArnHMK16agm5kxOMToxtjDENdnGG4F4eCvw+7Ln/0d6C8qbbYkKGKLE4S2wJqzrL7ltmPaSMQ25eMQkN13vgW+nyTN51GQdQ3oYb8WIIE38jnvKkAbSRn4QMJIg0y8DPHk4LsOcsuINOmHyjCFeTT4xpFQ+nMs9MVAk4iE4EE8GGRN6yh/xDIOFsLSp94qBo+uTZgxejFWuSblJXOEN84m64a32vw6NKzxPiEMbwZuCczFYFY/zMJAHv99NhgZ5i9eScdGUFv7KgMHzI+W5X1Yn9vL5zUjd5iAoqQwRdCiPaOhIKNpw4I7B9d78VTKaMNLwBCJs6OXTTyv3S8ZeMIoQNomHdwe/t1z15KCOVrwHEBn4zVt6nTPwIHp3kP4JBpbOxbCN4fk95CFB+uk7lL3iQJNQNKmPqg9Q1nit0Y7wyNJ9dL1ZhSIY1seuK4f1gdAVz4/UtDXi1fZljT+HX/3fg6/A9ftWFAkoT/ogHj95fkFCA+fyW8Y4XmKKg9cNYQc+PCj7qjYW0kY88k3aSEttGej83fd8OdUZ6VA/wHuTOE1CUT426lqIYFyHOsNTK08zXkaEISjxAoF+i7cVYXg+ESd5Aa54C+HlxZcok7dcH32VkjjyTj1v22Uj4l6J1JZXhKKq8XeFpnzmZV6TL5j2bEj3bCEUDZ6jG4dLzwbPi2ZBNReK6p4re9NYRBjCFO2I9qnnivZAk1AEPE9IH/eRKBnFY2OMMcacHixKY2iDhaKWLKoSJRTFZSX6chLGh8Jm3aNIE/PcFR9DhnBc5NN1V7xR8i+DYQTGPRyYsDLJjXEwojiXaygMwymlZ8VrQt4geLLEc1m6gcERJ/BJJOj/jp4hLIsgLRjXCGlcKxkuYTLP0pt4DmUUJ+BQk0/iE4clBDEOBhxGPsZtSuebpPvdoeEoJPDJcJfBkO+VJNGBZQYxHAEnlicbhPNbxpHgTTz3SvfpGzp5XcW0aElMU1p0Twy2GI6hSfgkoQhBizjp7X8Ip1xkGEko0hLF83dfMxJX6ZRXA/WT51nihMpby9p0DnnnN8akzkHUI4yNe+P9IjLMkiG9snxL5PeQcZ0vCdIeR01CETT1URmsLAWM4fSLlN8VL5lZhSJE5xiPsWUgmjXvwVLT1mbpyxp/YnlJVMDjKZ5PfyY8ihb5skedG/umBBUt5attY0pbvnSpqgxWxHGEjRhHXwjTuFcSivKxcSQtLN9bCZPISbjC0pjTb6daupfoj4G51x/CIOdRfvJ2w2MwpnWWPYqiUFQ7/k7MZ1bmtfma9mzgdyuhaCVMQlF+bk4uFM3yXGGZZoyDUEe4NtEeehRl/VcvIfIx2hhjjDHLz6I0hjZYKGrJoiqRCXC+D8og/Ncj4W2Fouj+DhifhMu4x9iXRwlvo/EUwIsmT0+J4SfQ+xNeheEhQ5i8P3gLym/2dcnPlwEnMUFLe0gPxgyGb77UTW/uKTe8DhCrRoyMc8pCUU0+2fuC49Foy9EymHwyDxJdtB+GxBk8HWI85ZPlQORBaFmYvFtIZzJwJnjEJPrH8YDAkGCPIpUraL+bprQQP+V57/g+TMl7YIJQdMGVjzfWLcZPrFsJojG/8hoBvHOIJ0NXBraWy0QhJhcRQEKO2ouuHZe+RRDQ0pKzfh5z47V0j4EQ8u5YPLwg8vTNKhTlfVT1p+VSswpFuRgIWgqY73MkatraLH1Z40+MQxsjDI+8GH7w2f+WwtWPWd6WynTFUwiSeNI35uPys4HXym+Gaa5tY8O0ZXmtKoPDAw+opvtIbCgJRfnYGNOSe/aovhBNEEQm3RPiOLnr1oFXmuLneWgrFEHN+Dspn7FsZ8lXzbPhVAhFdc+VP0zHS2Nses6vjDMSirhGjKN+M7L82RhjjDGnBYvSGNpgoagli6pEJomlvTfSG9U5CEW5AQJMbOM9Mc5ZNqK32MCb3iYjWzAxzw12CQ86V0t7WA6Wn8+GyhwbTqz7RgTxWa6idACeAzqHJRT8jvukkJ/olVESimBaPocG1IQ9OzDWU3lny+2APUU4ps+gD8WZzENBogbGCcauUJ4oQ+INjJffjN0ngvAX9x0iftzvakwoakiLlvhE8rf6OfKmKdWtPm2uslV6Yn61pIL6i1/NY9NnCQBaOiSvCOqf31GYAZV92uumfx5lly+HERh3EhVyb4umezQLRYP+txqhKPcGO/FZ+HZCUSxLMfQwC0u3IjVtbZa+PItQdNmz/z2FS3CQABk3II73oBy0nE/Le4DfMK2NldIGdWUwaPNN91G9l4SifGyclBYJrQhF1Nmke9I2Y9tAeFT83FsNViMU1Yy/tfmcKV8Vz4ZTIRTB1OfKyrLJ0hjLWJfKpZ8/CUW5Ryv9m3ALRcYYY8zpx6I0hjZYKGrJoipx0UJR/LIMaLlQvvxDsGyDN/nEYd+F/LjQcp/8OumtfJisawmTlrpFZAyVvBx428yyOa41yMfol6AAg+jE3jvvDt9WNwlFkVI+8ZTgd8m4Evp6FhP8/JiWCGifkiZxRvtyaM+jJuRVMOmrRNonh6Uw0TNFGzlPE4rYZyWl+fKHR8Ix2gmfZDizX1VT3WqD6dzDhGVKedwc7UnE9fG6og1oeYmWTsaNukEeJ9wH7yrixD2LBEtXZOQiSOTHm+4hQS3/mhzLBwlfqFC0YnjndTdcapUJRblHAsggVTnm1LS1WfpySRioFYrk2ZcL1dqTiDbLJsD8H4Wv2jZWShvUlMHQmA8CRYmSUJSPjdCUligUaczRZu7T0J5U2qMrH19XIxRFmsbf2nzOmi/R9GyQQJ6/HBksFV6cUBQpPVdYcsbvfIyF9NJmZS8qC0XGGGPMmceiNIY2WChqyaIqsVYoYmLMZFHeKkJ7Y8T9WUAT89zzQsvFtDwFMQVDNBpcWp4WxRDe7MYlWYgpxInGuDa9xqgeXmtFcGAiHj//zuSecOWR5SZ4TvBVHcUBLTlgks39iZN/DUjLIbSnS0koqsmn9rXJ9+DQRuJ8vpnf2lMlfq4b40UChASbJnFGXxljyU1cisGGxuyTok1LtQdLbiBItKA8JDqRRh3nrb88ZqYJRfLEob1EEUHxo1CEAc5eMTKwVH553UqoARn78n7J65fP2pPn+Hlx9jwhrgzaKEzwuWjCSp4xOqY3+LkAw7JBbfbL16Dy8/PrxHuwT82gPH6d6g8RJ35tbpJQ1NRHSwYr5EKRhLPY9+lX2sw3F4pSfYS9XIbtekJ/rmlrtX0ZSsJArVBUEhoExxAE8DrJxdraNlZKG8xSBuQ17mtFn2PJlMbVXCgqjY2T0hKFIn5LeM2XLyGYIQqr76oNkBeNg7lAKe+yfIkU+UkedmHsi0JRzfg7az5r8lXzbOC3ljDGfElcnCYUqS/lIiPjZVxanQtFNc8VbZJOGcTxfsdNL6dw+nu6l4UiY4wx5oxjURpDGywUtWRRlVgrFGk5AW9uMWSjp5AECgwC9tAgTBNzYGkSb+H1CWbi6y3z8GtO/YkyQgjGL14chEkYQQRhok2Y9nPRJD0a+Nq/Y+ex10fyok8qkx82/cRjQG+Do9GhJQcYMghjGDvcFzDQtMm3Js0YQvpCTtwzqCgUVeQTZESwxAGxREYVaZDxzVevFIZxyOe+qUPC4ubJTeIMxoLqgjQQj/JUGWszXoxPlQlGEG+m5S0gI2SYln55cm+MjLgsZJpQhCGmtsKbfc6Pn3uOQtHwa28v/MWJPK54JKW67dcJ5aE6I1xCUfLkeWuQLsoY7y29eadO8n1O4ufCWWakcIzSJhGBctM5fHI+Px6/uoVwkKMlh033wFNH5wvtpzJJKIJSHy0ZrJALRTIUdR/KbmR5YS4UvTP4MhX1se/xnwzrQp8wL/XnmrYGtX25JAzUCEXaAywXGoQ8uCCKo1Dbxkppg9oyiF+mo4xTn1u5L8Y/cXKhqGlsbEpLLhQNN17vj//UKWnT+KW2R/tNdd9PV55XtTnQJ+HJK3WRf9Eu7nEVhaKa8XfWfNbkC6Y9G4ijtqln5CDOYDkY8XStUr9j6RhhpJPlroTRX3Q9eSmNCUU1zxXG+xURS2Ps8LnS7ztakmahyBhjjDnzWJTG0AYLRS1ZVCVqT5mx8DdHhSJgjw4ZeHGjUAQReZBoA9ihgdA33nQsTVT7xnLujcEEO+6vwP/pCyt6+9k3Vpioc299uh3DKd+zZbiHSDDsBcaHJvuAZ4C+IiZ4cxuNecDgjmIUk/d8fwwm/nF5BXuRcCz/StvUfJ4z8JphSY+MX6U1/5ISb7HjfhnUVf6FLXn7YADEcMC4QTSI96EdRC8lwIhAmFG9AyKKPncNGDYjx/tGiZbvSFCclBauhbGua/AXgzffg0oCXP6Z9dQuQz4w+ID/2exZ8TCeMShjWslbae8OLf+KX/7T5rfJEyuLL+QxxGfX82O6ZxPJY2TKPcgPAgUGLWWpr2CNCUXZcp1SHz1hsI4uDZLRGpcS0t9j26V/68tsEgPloYCXXxSK6XcjS1YL/Rlq2hrU9OWSMIDHHGF4i8TwuJm1PNxkrOfoi1qAp0l+vKaNldImqsvgzs+PjkP99h+9K7XJOZ4w/G4aG5vSIqE0evcgwuR79HB9CSUaO+MYIsGK9MnjMu1rtiKAgQRSffWNzah1ft6Wp42/s+YTpuULap4NjON4IcW6Y6xq3qPoRL9DjNHYoTFvsOE9S8NOjEG5UAQ1zxXyggAcx0nKJC6pllCEqD/ME2nrj+GEx/24jDHGGHN6sCiNoQ0WilrSlUrkzWZ6AxwmoYn+b8L15jOfmPM2WIZCEywn4RPYeTjgeaJry7U+N6ZL4lEOhl7uQZGDWINhkHuZRMhrMv7ycqhgUj4jGNFnnXfBWHiEsojLcNpAPqaVCQYj8Zr2mKEcBtcZ3++pFsp94j3OGRg8eZjg3GnllejnZVr9lkCco92xFCs/Ni+a7oGBzNKvfImMDMf809dFsj7aBtpkLlo0Qbymthn78xjT2toKNX15VlhmSHmyZCg/NhMt21g8v6YMEArzr9aVqBkba0HMrEnbNJIHV/ZMiOWVfyFzJF7D+LuafNbkq+bZcKLuK8aiDPIcr52WooU84kVHmbB/Wn5u7XOFvaHyJW7GGGOMOTPpisYAFopa0qVKrCEXiuaJ9thhGYjChuLRR/58LL4x84ClF7Sx3LtrnjTdQ94wGMEsaWGJCctH5L2Qe1CYduBZ0lZo6CrLODbiXcfyTdJ94W3vjB0vsYz5rAXxCi8yPILiUjRjjDHGmNXQJY3BQlFLulSJNSxSKGKJ1cCYHixrAm3YuevWt8fiGzMPWAKzaBFh0j3YFDkuMQGWHJaW85nZwZPjdBQalnFsvPjRP0xpZhle3Bh9EsuYz1okgrHsLv/iojHGGGNMW7qkMVgoakmXKrEGlgbEr/LMk7TcKjMecKUnzC71ZlGwlKp22VVbau7B8hjEodIeOWZ1MIbky6GWnWUcG1lWOHF5V4FlzOcsaHN5Y4wxxph50SWNwUJRS7pUicYYY4wxxhhjjFleuqQxWChqSZcq0RhjjDHGGGOMMctLlzQGC0Ut6VIlGmOMMcYYY4wxZnnpksZgoaglXapEY4wxxhhjjDHGLC9d0hgsFLWkS5VojDHGGGOMMcaY5aVLGoOFopZ0qRKNMcYYY4wxxhizvHRJY7BQ1JIuVaIxxhhjjDHGGGOWly5pDBaKWtKlSjTGGGOMMcYYY8zy0iWNwUJRS7pUicYYY4wxxhhjjFleuqQxWChqyaIq8ez1O3tnr9s2Fr5MkH7yEcPOOu+C3tkbdvd+a826sfgni/ecu6m3dseRfvp2jB0z00n12rLszlq7deH1f/aGC3tnnb91LHyetLnHuVsO9M7ZuHssPIfrpjIqHGsD7Z3rvWfNxrFjywj5ID9nnbd57FgTp8N4CrO2u3m3pUnMmraTQn+cSW1lbbt00W7O2375WLgxxhhjzCJZlMbQBgtFLVlUJR791G96R974p7HwZeLoW7/qXfnGP4+EXXL8F72rP/1vVQbzItjzwLfS/WHvw98dO26mQ7ukfebhNex77I9S2S/K+FqzeX+6/v4nfjp2bBJrNu/r7b73K73LX/qb3uFX/qF38cO/35jGNvfQOVe9827feN0wdjxy4OlfprhtxbicHTe/kq53wdEnxo4tI1uv+0jKz9arPzx2rInTYTxt0+7m3ZaaaJO2kwF9mHQx7uTHauAZxvlrL1zMc94YY4wxpsSiNIY2WChqyaIqsdawwfi78hP/r7f5ivePhJ97wSUpHOM3P+dkgOHNBPuS4z8fCWfiffTNX43FPxngRUSajn7q170dx17rrd115VgcM53VCUU/XqhQtPXa5wYiwrXPjh1rgrTQJtQ29D+izvo9N4/Fb3OPs9ZtS9dFhFJYUx+dt3F/uglFEpsZY/JjTdSOp12mTbubd1tqok3aTgYloajpmVnisuf/R++qt/9lprZmjDHGGLNaFqUxtMFCUUsWVYm1hs32mz+eJsLbrn9+JFwT5EuP/+nYOSeDLdc8MzAcrvvIMOycTXtTGIZeHv9ksOXqp9L9L7z9M2PHTD1dFor2f/DnM4sIBz/y5ytG7nPDMIREwg698Bdj8dvco0RTH523cX+6CUUIzQjOefgkasfTLtOm3c27LTXRJm0ng5JQ1PTMNMYYY4zpCovSGNpgoagli6pEGTZnb9iVJrQXP/IHyeDDxV9xMGwPPPNf0qQXg2DXrW8lL5mNB+7u7Xngmyn88Gv/J4VvOnhfOmfzkQ/0dh57feX/x9ISm13ve7vRcN908P7eRfd+ubf34e8l0Yc9hvI4JS554mcrhkNI7zVPj03Q2Wdk44F7ehfd9/Xe7ru+0Ft38XuLS3MwQHbc9HLv4kd/kISedRfdOBbn/N3X9i687Z0UB0Mfjw0d23bDC0Oj6dIP/Vkqk/N3Xzc8XpNPjC2M7b3v/34qs5K3CXtinH/RDSmNex78Tm/T5Q+N7duxbu/N6f7kafORR1IdbDl6PNxnW/8+T6b7UFbnbNozfp8+a7Zc2tt+40v9/P5hb/tNH+udu/XgWJy12w/3dt7yRm/foz8c5LmftlnSksq93+64B2lhf5haoeisdVtTedF2KS/2MGkSisgL96H8edMfy0xpzM8B0qT2DFFE2HnskyPij8CzjOtx3fesWd+76p1/7R15/f+OxcOTgGN5eEmoSG3vzs+l5YybDj2Y9gXamfrd/cM45E9lO6mPDo37DbtTf6VMaE+xvcKGS25P5+V776zfd8sgvF/euq+EorU7j6Z2TtvceOCuYl8rUdPWavqyxh/qF+8Trkdf1X5DpIm0XXTf1wbpy+5BX0h9+PifzJS+klCUxtYbX0z9bPfdX0r1lt9L7YR+kOq3Hze1z8L4MAnlm7qizSJc0GZ0vGb8KbW7aWNSUSjq1wntcM8D30hljYCej1GklecD9YKwwphKupv2O4ppi+UGeMxdeOfnh3HpG7STPQ98e/DM2nlk7HowqUyo38G5R0fOYcyPY3suFDU9M/N7i82H35/GzxhW8yya5TnACxTGA/oNS6PzdmiMMcaYM49FaQxtsFDUkkVVIoYNS1VwkWdSKzBez9t+aBDnzcH+CRGMJb3djSCOcA57sGiSnMcZmRD3J7oHnvnPY3HYcyi+NT704l+lsNyAIIz0x7D9j/9xugZGHb8x1Ep5II1x490Nl96RlgFxDMNd8aJnEEa5whWHvxgkHKc88/sgKtXmk0l9vLfY+1DY56jhWtw7ilYYpYQfeuGvh3H2Pf6TwX36RkfpPlFwAL0Vj3BeFHloC3kc4NyatGCw5Oceef0fB8sHpwhF5Je2Opq+d1N74f8o+hTzkpZ7DERG8p7S9diPR+4hD7UrXvn7we+Nu9PvSz/0H9Lvw6/+r/Q73w+LfVQIxzhDKMJQjIJmol+XpJd0jNwzuwdgpOfpx0uIv/QzxaN+SFNKw4Q+qr558Nn/OhYHwUHX2/eBH6UwxMCYRgxTwiUKSig68PR/HLveFa/83ZiYk1Osn6yt1fZljT+Hnv/LkXgsyZNwFtlx7NWRtMgrcPsNH50pfblQhKCSt09I9bqy0fqG/bemsIPP/rexPkkfyDfqn4TyfcVLfzu8BmJw05iRjz+ldlczJuVCEWmmD+fnIJTGfjII+8eUjjwu9415y9Omcot5VdmTjtI1d9/71RPXrCgTxDHC8vahMSuN7eeMC0WlNso4Ga8RUTvV75pnUVP6m54DpX5OX8jTYowxxpgzh0VpDG2wUNSSRVWihA0Ma96eMuFlIk4Y3jopXt/A23nsE8PJbjLI+pPUZPzuPJrCOYdwwjhHBguTXIxO9k7BENfkF28E4uGtwG/2aOBNLm+WNbHFECUOb8c1sV1/yW3DtOeGg8jFIwz8waT428kAII8ybDCkh/FWDA7SxO+4pwxpIG3kB+MtTcT7ZcAbXI7LMKes8B4gTJ4xxKvJJ2/IVT7prXr/nhgMEvEQHIjHG3p+Y1xQ/ohnGBCEpU29VwxyXZ80Y/AiUnBNyk3GK4bQibr514QENjxPiEMbweuCczGKFY/zeHs9+P1uMtzIW7yWjOGmtPBXhhCeHynP/bI6sZfPb0bqNkfGKGWIoEN5RHFAQtGGA3cMrtc34DBAMSTxBCJs6OXTTyv3S6LNSroBYZN4eJDwe8tVTw7q6IYX0m+MSH7jsaJzBh5E7w7SH66Vo3MRN2N4fg95yZF++g5lrzjQJBRN6qPqA5Q1ggbtCG8R3UfXm1UogmF97LpyWB8IXfH8SE1bI15tX9b4c/jV/z34Cly/b0VBgfKkD+K1k+cXJDZz7izpy4UipYMxgb5CWdHeYrlJ8ADygkBPH5TQSPnl5dWE7kd+SDP5Jp814w/k7a52TMqFot33fDn9RgxmvKEc9VyJYofyzfXwDENgUp+gH0YvtjxtsdzwkKF96kWCyoF0EMYm0Ror8GBK51eUSVuhqOmZGa8RyYWiac8iwto8BzZf/nA6H48njbuIr3l6jDHGGHNmsCiNoQ0WilqyqEqUUBQn5PqyDBNrhTXtt9C0/8nQQFqZ1Asm6YTj5p+uu+KNkn8ZDCMwLmPYePDetB9RjIOhpom4wpgsp/SseE3IGwRPlnguyxIQfJKYsRKWRIL+7/jGm2VNpAXjGiGNa6WNgoN3BEtv4jmUEfHihqs1+SQ+cVgGEeNg5GBkYdymdL5Jut8dGqdChpgMUBkI+V5JEh1YjhDDEXBiebJBOL9lrAg8FLhXuk/f+MnrKqZFyz2a0qJ77r7riyPhGI2ETxKKMKaJQ1uL4ZSLjFsJRVqieP7ua0biKp1aQkT95HmWOKHy1rI2nUPe+Y1xp3MwoAnDgI33i8jQTQbxyvItkd9Dy1jyryJpj6MmoQia+qiMe5YCxnB9gUlLWGYVihCdYzzGloFoNur5F6lpa7P0ZY0/sbwk6uLxFM+nPxMePZLyZY816eN3LhQxLuSeZoyJXEtLGdUO6NdaGgeMORKVaj+7rnzny5Rqxh/I213tmJQLRfxNXjlBHEEsSuXfb8sK4zfIe1Ww3IpwhI2mtKnc8v299AKBPcFiuO6vZ0NNmbQWirh+wzOzRC4UTXsWpTizPgfCsjy47Pn/mcIpxzw9xhhjjDkzWJTG0AYLRS1ZVCUyIc33oxiE/3okvGnS22SEymCJyxoA45NwGfcY+3qziVGEpwBvrPP0lBh+An3bZcMwTezl/YE302CS/Lmx8zWhlpigpT2kB2MSwzdf6qa30pQbXgeIVdG4g5JQVJNPGUdpz5UsrQKjgDi5MQ4SXUg3v2Ug4E0T4ymfLAciD0LLwuTdQjqT8T3hTXiifxwvC8Qe9ihSuYL28GhKC/FTnrNlJsC9JwlFF1z5eGPdyghS3UoQjfmV1wjgrUA8PGD4LYNPe9VEISYXEUBCjtqLrh2XvkUQ0NKSs34ec6O+dI+BEPLuWDwM7Dx9swpFeR9V/WmZ3KxCUS4GgpYCRkE6UtPWZunLGn9iHNoYYXhixHCWfBGufoyHRSrTD4c6r0gf5EIRIKrsuvXt1O/YYF8iJt5bHJfgUdp8X31Vxjz50hfzIhIUhvnO0lkz/kDe7mrGJMiFonTPfrtCFEOIQahVOePBozj8Lj1/2LOHY1FAztOmchtZThbOhVJ/l2BZUyanSiia9ixq8xzIlxXTj1K49yoyxhhjzlgWpTG0wUJRSxZViSXDJoWzP8wchKL4ll4w+Y33xDhn2YgMqDSZf/NXjUa2YLlCbrBLeNC5WsbA0o/8fDZU5tjQOOgbV8RnuYrSAWz+qXNYGsHvuAcF+YleGSWhCKblU3u75Bvkjlyjb6yn8s6W28HmKx5Ox/QZ9KE4k3lBSNTAk4UlCkJ5ogyJx/G8fHMQ/uK+Q8SP+12NCUUNadESn8i0PYrkTVOqW33aXGWr9MT8ag8T6i9+NY9Nn9N9++1By9NkTFH//I7CDKjsk0HZP4+yi2JNBANVwlXJSCvdo1koGvS/1QhFuTfYic/CtxOKYlmKoYfZjiNjx6Cmrc3Sl2cRii579r+ncAlFEiBlaENN+iAfT/Eo41pA/XFMv3OhKC4BE3iBcExfkqMc8VzLkUdaKd9i2vhTanc1Y9Ig3mhbogwlwiTBt38fiey5UFTqJ/IolPBSSpvKLfd20rgApf4e7zetTE6VUDTtWTSP5wBpJ7w0BhljjDHmzGBRGkMbLBS1ZFGVmBs2w/A5CUXxizug5UL58g/B0iDe5BMnGhQ5Wu6TXye9+Q8bA8vg0FK3iLxOSl4OuPnzNlx7+eRfggLemJ/Y/+Hd4Vv8JqEoUsqn3vDmS4Ei+noWYkZ+TPtTaA+OJgOBt/SEa3+RJuQFQlnkx4T2DWGZR/RM0f4q04Qi7WUSl5gARjvhk4xz9qtqqlttMJ17mLBMKY+boz2JuD5eV7QBLffQ0sm4UTekeunH4z54VxEn7lkk8PyQIIcxnR9vuocEtfxrciwfJHyhQtGK+JrX3XA5XyYU4ZkR4wHtNZX/Sjnm1LS1WfpySTCpFYrkRROF6pr0QRxPtQQKD5a4BE4bZedCUb5UCnJPqWmU8l2iNP6U2l3NmAR5W5Iok0SIlWW6Ko9cKCoJoMNlsCtpKaWtSSgahgeBv4ZSmUg0zO+h5bsLE4oCpWfRPJ4DFoqMMcYYsyiNoQ0WilqyqEqsFYq0r4beUgrt+xD3ZwEZLLnnhZaLaXkKYgqGaPQ00PK0OAnmDWpc/oDhQpxojGMkpnuGPTAkODDJjp9/Z7JNuPLIchM8J/iqmeKAlgAgZHB/4vDGNsbRm3Lt6VISimryqX1t8j2QtCmq9pjQnirxs94YExIgJNg0GQh6G85SkLhEhQ2N2YtFX7zC0CLeyBfXzjkhWlAeEp1Io47z9l8eM9OEIr39pr1EEUHxo1CEyMM+MzJGVX553UqoARnY8n7J65dNXclz/HQ23hnElTdFFCYufuQPUljJM0bH9CWiXIBhuYj2nNl69YfHzs+vE+/BXjiD8vh1qj9EnPi1uUlCUVMfzY17kQtFEs5i36dfaXPdXChK9RH2Vhm26wn9uaat1fZlKAkmtUJRLjZDTfr4HcfToQBEP9M5/f6GCEF4LhSlsgyCNMsKqcu05C3ccxKlfEPN+FNqd7Vj0khb6ueR/6PAChIwcqEI+Az8MF39etCYqiWppbQ1CUVDkbnfHuLeX4xLLD+b5dmDwMfvsb6z0scnCUVNz8x8HIMoFNU8i/i92ueAhSJjjDHGLEpjaIOFopYsqhJrhSImnUwqefvLpD16CmliiscC+0MQJoMFWJqE5whvzNMEvh9fb/6HX3PqG50YHRi/eHGkSfiKEcLkV8sYtJ+LJs3RwNfeFNokVuiT9uSH/TLwGNDb2Sj66C04b/GZ5GMcylDD+NAm34DBiCB06fE/GeQx7BVRFIoq8gkyuFhywARfHgWkQcY3X71SGIYPnzjWkpa4eXKTgYAhp7ogDcSjPFXG2vAZw0plgrG7+64vDA0aGVLDtPTLk3tjtMVledOEIgxJtRU2jeb8+MnnKBQNv/ITNq+VR1Kq236dUB6qM8IlFCVPnrcG6aKM8ZSQ9wB1ku8zpfIBviikcAzYXEQQlJvO4VPU+fH41S3EqRwt72m6B546Ol9o35VJQhGU+mitUIQQpPup7EaWF+ZC0TuDLwNSH3z1SnWx8cA9KV6pP9e0NajtyyXBpEYo0t4vUWyeJX1xPEUQUD4lUMQ2kAtFqd3280Ke6I8SW/NlT5Mo5Rtqxp+mdlczJuVtSemgr5LPuG9ZSSgC4rDfkEQixgHFK6WtSSiC+PU+2mEal1b6v0SpmjLR1wsJI08X3vHZofdaijdBKGp6ZpbGsdyjaNqziDirfQ5YKDLGGGPMojSGNlgoasmiKhFjBKNvLPzNUaEI2AdEho82iwYEERk12gBWhgLGm44BhlLujYHxF/eI4P+0iam8XdZsSBNn7q1Pt2Oc5UsWtE9JNOwFRpom34DXgL7YI9gUOxpygMEdxSiM3Xx/IoykuHyNPVo4ln+lbWo+zxkYlyzpkfGrtOZf6+Ktcty/grrKv7Alb5/SV20wNhAN4n1oB/HtNOCNgkGjegdEFAxnxWEfn5HjfUNay3dkHE1KC9fCWNc1+Isxl+9BJQEu/8x6apchH4gTwP/xa0oYcwh6Ma3krbQ/kpa6xC//IXAof3l8IY8hPrueH9M9m0heM1PuQX7w5kCooCy1nGdMKMIDJJxX6qMnjPvRpZfs2UJ4XEpIf49tl/6tr1BJDKTO+I2XXxSK6Xcjy28K/Rlq2hrU9OWSYILHHGEX3fe1kfC4mbU83GjTMU5t+vLxFONcnldKq/a9YoPrFGdF8EAIVJ0A10IIzdMxiVK+xaTxZ1K7qxmT8rZE25HHS7pX/1zt9xOX2PGbMRdhJvZ/rscn64nTlLbhZtZ3f2kszcA1R8bqfhry5aCTykRxEDMlMgHXlHeUxD5tKo8nULx+6ZlZGsdyoajmWQSreQ7Q/gi3UGSMMcacuSxKY2iDhaKWdKUS2Zw6fY43//pPMja2DTevzg0WvBO0NKsJlpPwCew8HHizq2treUBuOJTEoxy+HJN7UORgGDFRz71MIuQ1CQx5OVQwKZ8RjGgZS01QFnEZThvIx7QywbgnXtMeM5TD4Drj+z3VQrlPvMc5A4ErDxOcO628Ev28TKvfEhhltDuWYuXH5kXTPRAoWcKSfx0ODwfiIxzl1xoj66NtoE3mwk0TxGtqm7E/jzGtra1Q05dnhWWGlGfcU2iMyvRFJvX53DOGPh0FtHlTSktTu8upGZMijAeTyop7alkX7SF51YUlblCbtiYQU/Mv++WUyiSH9jbtOiVKz8x87JHYM3ZuxbMoXW8OzwFjjDHGnHl0RWMAC0Ut6VIl1pALRfNEe+ywka/ChuJRYUNYY+YBS1hoY7l31zxpuoe8YRBCWYbCMhmWpchboeRFZ2YHg32a2DxvcqHoVNDU7hZNFIqaOFVpOxnwAoUllOSPJW35cWOMMcaYRdIljcFCUUu6VIk1LFIo0ien4z5Jmw7etyIeDZYCGDNvWEqzaBFh0j3YeDsukwGWmuRLSkw7tAnyyRabh0uoZlxmNk8mtbtFQr55VuThkVOVtpMBHw6gDFhWlu8hZIwxxhizaLqkMVgoakmXKrEGXO3jF2fmSXKzX9lEVeCiT1jN58+NaQNLqWqXXbWl5h4s5UFc4OtI+TGzOhhDpi2RnTtrNgzuO8OSrnlT0+4WAc+ItCyrcGwY5xSl7WRw1tqt7sfGGGOMOWV0SWOwUNSSLlWiMcYYY4wxxhhjlpcuaQwWilrSpUo0xhhjjDHGGGPM8tIljcFCUUu6VInGGGOMMcYYY4xZXrqkMVgoakmXKtEYY4wxxhhjjDHLS5c0BgtFLelSJRpjjDHGGGOMMWZ56ZLGYKGoJV2qRGOMMcYYY4wxxiwvXdIYLBS1pEuVaIwxxhhjjDHGmOWlSxqDhaKWdKkSjTHGGGOMMcYYs7x0SWOwUNSSRVXi2et39s5et20sfJkg/eQjhp113gW9szfs7v3WmnVj8U8W7zl3U2/tjiP99O0YO2amk+q1ZdmdtXbrwuv/7A0X9s46f+tY+Dxpc49ztxzonbNx91h4DtdNZVQ41gbaO9d7z5qNY8eWEfJBfs46b/PYsVNJV9MFbdrrolltuzx368G59hNjjDHGmK6wKI2hDRaKWrKoSjz6qd/0jrzxT2Phy8TRt37Vu/KNfx4Ju+T4L3pXf/rfqgzmRbDngW+l+8Peh787dtxMh3ZJ+8zDa9j32B+lsj9v++Vjx+bBms370/X3P/HTsWOTWLN5X2/3vV/pXf7S3/QOv/IPvYsf/v3GNLa5h8656p13e7+1ZsPY8ciBp3+Z4rYV43J23PxKut4FR58YO7aMbL3uIyk/W6/+8NixU0lX09WmvZ4MVtMuEV1Tf3r7X3rvWbN+7LgxxhhjzDKzKI2hDRaKWrKoSqwViphkX/mJ/9fbfMX7R8LPveCSFI7xm59zMsDwZiJ/yfGfj4QjHh1981dj8U8GeBGRpqOf+nVvx7HXemt3XTkWx0xndULRjxcqFG299rmBsX7ts2PHmiAttAm1Df2PqLN+z81j8dvc46x129J1EaEU1tRHLRRNRmIzYwy/D734V73Lnv+fY/FONl1NV5v2ejIotUuEfPrEtBcJ9A360xWv/N3YMWOMMcaYZWdRGkMbLBS1ZFGVWCsUbb/542myve3650fCMX4Jv/T4n46dczLYcs0zA+Pkuo8Mw87ZtHdFPPrFWPyTwZarn0r3v/D2z4wdM/V0WSja/8GfjxjrNRz8yJ+vGNLPDcMQEgk79MJfjMVvc48STX3UQtFkEJoRnPUbrxJEgzzeyaar6ZpXe503pXZ54On/mMIQUfP4xhhjjDFnCovSGNpgoagli6pECUVnb9iVRKCLH/mDNLFmGYHiYNgeeOa/pIk1xuWuW99KXjIbD9zd2/PAN1P44df+TwrfdPC+dM7mIx/o7Tz2+sr/j6UlNrve93aj4b7p4P29i+79cm/vw99Log97DOVxSlzyxM9WjJOQ3mueTmFR1GI/j40H7ulddN/Xe7vv+kJv3cXvLS7NwcjZcdPLvYsf/UESetZddONYnPN3X9u78LZ3UhwM/WhsbLvhhaEBfumH/iyVyfm7rxser8knhjtGzd73fz+VWcnbhL13zr/ohpTGPQ9+p7fp8ofG9gZZt/fmdH/ytPnII6kOthw9Hu6zrX+fJ9N9KKtzNu0Zv0+fNVsu7W2/8aV+fv+wt/2mj6U9O/I4a7cf7u285Y3evkd/OMhzP22zpCWVe7/dcQ/Swn4itULRWeu2pvKi7VJe7JPSJBSRF+5D+eMdF8tMaczPAdKk9gzRWN957JMj4o/As4zrcV2WrVz1zr/2jrz+f8fiYehzLA/PBQFIbe/Oz6XljJsOPZj2X9mZ+t39wzjkT2U7qY8OhaINu1N/pUxoT7G9woZLbk/n5XuZrd93yyC8X966rwzytTuPpnZO29x44K5iXytR09Zq+rLGH+oXDxeuR1/Vvj6kibRddN/XBunL7kFfGIhrf5LaA/mkjvD+4v/tN3x0GE91DHhtXXjn50fSMPh/+hhY0++7mi6I7XVaf68ZexgbWV5Hu9x971f7/fXhkeNt2iXX5Bj9kDCuy2/GkPz+gpckufhZ85yYqZ3246o8dt/1xd7aCxfzvDfGGGOMiSxKY2iDhaKWLKoSMcR5G40bPhNngfF63vZDgzh9AyAeA4w5vUGOII5wDnuw8FvGaARBYZiGNet6B575z2Nx2HMovplmeQVh+aaihOVv0/c//sfpGhid/EYEK+WBNMYNTjdcekcyuDiG8aV40TMIo1zhisNfDAKOU575fRCVavOJgRXvLfY+FPY5argW946i1e67v5TCD73w18M4+x7/yeA+fcOmdJ8oOIA8ySKcF40+2kIeBzi3Ji0IHvm5R17/x8HywSlCEfmlrY6m793UXvg/Gr/FvPTPlchI3lO6HvvxyD3koXbFK38/+L1xd/p96Yf+Q/p9+NX/lX7ny1jYq4VwxBqEIsTVKGgm+nVJeknHyD2zewBGZJ5+vIT4Sz9TPOqHNKU0TOij6psHn/2vY3EwYHW9fR/4UQpDDIxpRGghXKKgDHJ5a0TS0p0pYlGxfrK2VtuXNf4cev4vR+KxJE/CWWTHsVdH0iKvQIQXeS1G1C437L81/b7ipb8dHpOHZvUYeE5lv+9wuvL2Oqm/14w9jIl6JsW4eOUpzqztErFHQltOSZAUqT+FpZw1z4lZ26m8DSO5MGaMMcYYM28WpTG0wUJRSxZViRI2MKyZLGNYM9knDG+dFK9v4O089okUhiiQJrp9AzcZvzuPpnDOIVwbfmoCzEQao5O9UzAENMHmrS/xeCvM78ue/x/pbS9vVmVkMOEnDm+MNXlef8ltw7TnxonIxSMM/HS9B76dDBDyKCMJQ3oYb8WoIk38jnvKkAbSRn4QMJIg0y8DPHk4LsOcstp244spTJ4xxKvJJ0aMyodzuSdGiQwmBAfi7XngG+k3RjDlj3iGkUJY2tR7xSDX9UkzhiUiBdek3CSupLfsw7rBM+FfhwIbnifEoY3gdcG5GO2Kx3l4bAx+v5uMU/IWr6WvjjWlhb8ytvD8SHnul9WJvXx+M1K3OQhKKkMEHcojigMSijYcuGNwvb7xhvGLlwSeQIQNvXz6aeV+SbQJX0vDeCYeHi783nLVk4M6uuGF9BuRgd94rOicgQfRu4P0T/jyms5F3Izh+T3kJUf66TuUveJAk1A0qY+qD1DWeInQjvAY0X3+f3tnum1LVabpWylTEOkOJO2hEeUA0iiKgiiINCIoKI2JCklKggIqiCjYK3apllmmQytzVGZljRw58k+NqrqGuoGsP17Drv3Mvd915p4rYq1YsffyRJDPj2ecHTPmimY2ceJ74/u+meNtapDDoj8uuXHRHwhd9e9rhow16g2dy3n+XP/8/91bBW53btWiCe3JHMSrrL1fiNjMb/eedecsQrz25vTeHIsgs3dNPy9tFDF76DNw6Lyf8nW147Vvvg999uCNRp14QSG8kIeJMoRlyjYdl/EKop3iIfu2C645INx0UeZTJRSt+3+i1NlwnCLi4UXEnMEDqZR1eB+KiIiIHCXb0hjGoFA0km11YoSi2n0/q9dghKds0xxFeQGO4RAIdaCccIJy3H1vlHZlMF6u69wp55y4r3xBr+tgSPJbjpEyjKFyPfteE/EG4ct2/VtCdhB8ipixX1ZEgt3t2jOEkASuBeMaIY1jFaOh8o4gxKH+DW1EvTqp65D7pD51MJLqOhgQGPkYt+U6X+K6/7gwnkMEvhhIMdbaXEkRHQi5qMsx6Or2JEE42zGIAiESnKucZ9dYbfuqvpYzLr5h5bXknIRb1OWEaVC+SijCqKQOY60up11i4EYoSoji24/ffKBurjMeBfRPe88x+tLeCWvLb7h3tjEg8xuMaMow0uvz1cSYx3BOmExozxHDtg1JSY6jPqEI+uZoDFdCg+py5kW53/2wvE0NckTnuh7Plj3RrD+PzpCxtslczvOnbq+Iung81b9nPlNeCwZdYY9duYDSh105poY+A4fOe5jqdbXjtW++D3328Pxmmz5LHfqZZ03CdTcdl2NzFLVC0br/J8aM0xKWlnr7IjPl7bWIiIiIHCXb0hjGoFA0km11Ii+9bR6UvfJ/P1A+Viiqw6oA45PyGPcY+7w4U8YXVL7A8tW6vZ4uFkugX3DNogxjoBgc+94ffDFnm7wu7e8jEkRMSGgP14MhgYHRhrrFg4V24+s+YlXynoQuoWjIfZLvojUaWhArqNMa4xBji+tmO8Ya3jR1vdwn4UDcQ0iYSLxbuM5i1KzwiCns7scLBLGHHEVpV0i+m75roX655yuW855w7tYorjnvxkd6+zbeB+nbCKL1/cY7A/CIoB4eMGwztthOqEotxHQZ6xFyMl5y7L68LwhoJeRs9x678pu059gzMP+4VI/w0Pb6NhWK2jma/kuY3KYGeSsOQEIB23wyYchY22Qu5/lT12GMUYZHXl1+4sn/Wcozj/FeKW36uZNtCqsEGXLd1OUw9Bk4ZN7DVK8L2vHaN9+HPnsiWuV66HNyftXH2nRcHpVQtO7/iTHjtPVqynxZF64pIiIichi2pTGMQaFoJNvqRF7uu1Y9K/lhjkAoal+AgRfs+pwY57jj5ysq4DXTZ2QHQiBagz3CQ36b0B7Cwdrfk2CVfQvBZtdIpT7hKrkOIBQgv/mzsy4u23X+Ce6n9sroEopg3X0ujJcV+TIwikp7N+F2QE4L9mUZ9IWx1nhpRNTAwCRULeSeaEPq7Rmg/2/pPDUYl3UeEurX+a6WhKKeaymhNM2x1+UoijdNV99mCfG0ba6nvl8o7bDbf/WqeSR9LufdHQ8JT0u4C/3Pdi3MQNq+5Loh79Bu29ViTQ2iYYSrHLem6xz9QtHe/DuMUNR6g51cfn2cUFS3ZVh4mDXGfhgy1jaZy5sIRdc8+b9KeYSiCJARXMMqQab1uoGhz8Ah8x6mel1d43XdfF/37AHmBoJvBHZg+y1njPN0OyqhaN3/E4cdpxChW6FIREREtsm2NIYxKBSNZFuduG2hiFWa6vKEC7XhH4HQIL6Y7xkF/2dpf0i4T3uc4pnwysnEwAlhSjhFTV7Gu7wcCCUgNCP5NNqVoIAv8idzcfxx4Q3RJxTVdN0nX6DZbkOBarJ6FmJGuy95ivgaz3afsYbnD+V1jpEu8lV71YpAyU1CMtbaQyGJnNcJRcfv3ctFcuy6Tx4ox2infJV4QL6qvr5NgumlL/enn7tUtyU5iTg+ng+MgeT1iadDnagbSr/s1uM8eFdRp85ZFAhXiVGM4d/u7ztHDOx2NTlCeCjfqlC0L762fbcI52sMcrzl6nrAeC3tv9+OLUPG2iZzucsAHyoUxZOmFarHCjLrnoFD5j1M9bq6xmvvfB/47DnAaWeXPEYRZsijRfmm4/LIhKKKrv8nDjtO63oKRSIiIrJNtqUxjEGhaCTb6sShQhEvw7y4xlsl4AlCeZ2fBfIC3HpeJFws4SmIKbzw154GCYGoxRC+GtchEBgv1KmNcV6+yzl3jerFsfYFB17k6yWYeaGnPPdIWAdfqFnVLHUgYQYIGZyfOu1qNAlHS06XLqFoyH0mr02bAymJxJPYNTlV6mW9MVgiQESw6TPWssoYITd1qA8JjckVkxWvklS1XeEoogXtEcOPa8x+PAziMbNOKIonDuOlFhFSvxaKEHnIWRJhI+3X9m2EGohRHS+Dtn9Z1p57Ti4lIF8QdWNM1gbflQ/9bSnr8ozJvqxI1wowhA1mWW6W/W5/3x6nPge5evba499L/yHi1KvNrRKK+uboUKEowlk995lXSeDbGuSlP6r8LYtxvWI+DxlrQ+cydBngQ4WiVmwOud9abBwiyKx7Bg6d91O9rq7x2jffhz57GGvMu+QjgmPX7yUez3zcdFzWQlE83NrwX+Z+8fKr7rcWiob8P3HYcQoKRSIiIvKnYFsawxgUikayrU4cKhQhPpSX31f/WAyD+mt0BAo8FniZpywvwEBoEp4jWQKY+vmiuljNafflHsMD4xcvDspiiCCCJPwg+VzyYl4b+DEkLr79xQP3kiXtuR+SFfNlPl+Aa9EnoUgYEQhjGK+cF3j5T5JvwKBFEHrX4/+8d49VzqBOoWjAfUKMd76eY2zFoOEaYnyzKlHKyOnBct/0IWV18uQ+Yw0DLX3BNVCP9kwbJ+Ezgk/aBMPu+N3fWaxgFaN/cS277cm5MUzrsLx1QhHiUMYKSaP5fYQWqIWixWpvVYLeeCSVvt3tE9ojfUZ5hKLiyfPy3nXRxnhLxKOLPmnzTNXLVbNqWMoRBbuMdaDd8huWnG/316tuYRS3JMSn7xx46uT3IbmQVglF0DVHhwpFGNw5X9ruQHhhKxS9urcyIP3Bkujpi3OuvrfU65rPQ8YaDJ3LXQb4EKEoOcBqsTkQNso+jk1IImVDBBlY9QyEdfN+qtdFna7x2jffhz574hXEM4HnOf0eASgC46bjshaKWBiBMsYc46FdVa/Os1ULRbDu/wnqHGacgkKRiIiI/CnYlsYwBoWikWyrE5NTZqn8pYNCEZBfIS/0SRYNCCLxIEmi1bwA81KcfYCx3Hpj8FJd5+3h77IKVr44774s83LOubN8MsZjm7Ml+R9qwz7w4p8XfODrfL1qD5AUuzbmAYO7FqMwdtv8RBgptXFFjhb2tau0rb3Pt+55zWAkxajItbardfHlus6RQV+1K2zF2wejsS4HDBpEg/o8jIPaSwnwRkGYSb8Dhh6GfepgnB7Yv2voJ0wmguKqa+FYGOs5Bv9edOtzSzmoIsC1y6yXcVndB+IE8DfJnlMP0QhBr75W7q0rP1LCaeqV/xA4cn9t/RCPIZZdb/flnH0Ur5k15+B+8OhASKEtMdapvyQUNaEyXXP0pFB0MPQywkMdSsh8r8cu8zsrXUUMpM/YxsuvFiOYdwdCVjvmMwwZazBkLncZ4HitUHbZx984UF4ns46HWwSXGoSH9G/G5SJp9D3fX6q/yTNw3byf6nX1jddV833IswdvwXLeaizwjIvIGTYZl7VQVHKr7QuREJE2q+/Vddv5NOT/CRg7TiFimkKRiIiIbJNtaQxjUCgayVQ6kQSo5etruzrR7jblSZDavgDjnZDQrD5w02dp4bYc8DzJsRNy1BonXeJRC6vTtB4ULRhHGAOtl0kN91oEhrYdBrDqPmswouvQiy5oizq8YQzcx7o2wWChXl+OGdph7zjL+Z6GQruvPMdb94zMtizw23XtVdi9l3X92wXiHOOOkJd231HRdw4ESkJs2tXhLr3rtVIf4ag91hLNHB0DY7IVbvqgXt/YrOfzEuvG2j5D5vKmENZEe7IEfLsvMOeGjJ0xz8BSr2PeT/W6+sbrUNY+exbPlRV13rrZuKwpXmTNvddt2K4EVzPk/wnYxjgVEREROQqmojGAQtFIptSJQ2iNkaMkeS5I5JuyhXj0l/97qb7IUUAoFWOs9e46SvrOEW8YhFBCXQhdJPQlHhddXnSyOXjprRObh3KUz8CpXlffeH0zgIcfIaTc36V3vrq0X0RERGTuTEljUCgayZQ6cQhHaYy0EGK1Z5yczJN07omP74tHryzVFzkKCD85KmO9j1XnIPF2HWYDhON0hffI5iQJ8VGJzUf1DJzqdcGq8Tp3rnz4v5R2IhyyTs4uIiIi8mZhShqDQtFIptSJQyDEhRVk2vKjoIRbNS/uhAFQNmT5c5ExENoyJrxlE4acg1AcxCFWYGr3yeEoiaMHhGEN4SifgVO9riHjda4QMrYurExERERkzkxJY1AoGsmUOlFERERERERE5suUNAaFopFMqRNFREREREREZL5MSWNQKBrJlDpRRERERERERObLlDQGhaKRTKkTRURERERERGS+TEljUCgayZQ6UURERERERETmy5Q0BoWikUypE0VERERERERkvkxJY1AoGsmUOlFERERERERE5suUNAaFopFMqRNFREREREREZL5MSWNQKBrJlDpRRERERERERObLlDQGhaKRTKkTRURERERERGS+TEljUCgayZQ6UURERERERETmy5Q0BoWikUypE0VERERERERkvkxJY1AoGsmUOlFERERERERE5suUNAaFopFMqRNFREREREREZL5MSWNQKBrJlDpRRERERERERObLlDQGhaKRTKkTRURERERERGS+TEljUCgayZQ6UURERERERETmy5Q0BoWikUypE0VERERERERkvkxJY1AoGsmUOlFERERERERE5suUNAaFopFMqRNFREREREREZL5MSWNQKBrJlDpRRERERERERObLlDQGhaKRTKkTRURERERERGS+TEljUCgayZQ6UURERERERETmy5Q0BoWikUypE0VERERERERkvkxJY1AoGsmUOlFERERERERE5suUNAaFopFMqRNFREREREREZL5MSWNQKBrJlDpRRERERERERObLlDQGhaKRTKkTRURERERERGS+TEljUCgayZQ68c3CW04/Z+esYxft/nv20r6Wt519/s4ZZ1+wVF5zxjkXlnqL7d36F1z6zsX2JucT2YTj77h258/OOHep/FRw+pnnlXHelre082OunH/RFbv3e/FSOfP9osuvXvvc+FPzn047s/TPaWceW5S1z6458ZbTztq57Kp3n9ze4Dk75/sWEREROSxT0hgUikayjU58zwc/uvPEMy/tXHLFiaV9dz34aNl3zp8fX9r3ycef3vmLL35lqXxu3Hn/Z3Z+9ff/tvO+D929tK/lh7/5bzs/+93/WCqvYT/1sv3j3/xjOX6MmE3OJzKUD97x8TKuvvrtXyztOxU8/+oPy/WsE0ja+XEUIH789Uvf2XnpO91tgahAO/3iD/9anm/hI/c9vHPBpVct1WXfHbv72uOEYxdcVu6B41E/5Y899Xwph6k9KxHnuK4nv/yNRVn77JoTT7/4rXI/9z30RNne5Dk75/sWEREROSzb0BjGolA0km104ofv+VR5oX74ib8+UI7B88v/+q9lHy/d9T6MP8p/8Kt/WDre3NjEoBgjFH3l9Z/u/Pz3/7Jz7MLLy/Ym5xsDx/3hr/9h56Zb7lzat00wijlvl1fFYThV9zM33nX9+8p8ffzpF5b2bZO+/hkqFLXz4yj40MceWAg0ePO0+9/69nMX+7uI2FDX/eaPf7N0nPC2s87f+cnv/nnn2z/7u0UZ5+V3lCO4X9whxG/KKz/49c5L3/2bpfIxvNmEovsefqKM//d88K6yvclzds73LSIiInJYtqExjEWhaCTb6MSzz7+0vFC/9sbfHijH8IzhhDFX78MLifKpfSUfwyYGxRihqGWT843hzvsfKce//e4Hl/Ztk+df/VE571Ea/HCq7keG0dc/Q4WibfCtN36zeHZ1CWcRfxB28D6Ciy57184nP/t0Ea3Yd/37bj9Qd5VQ1MUH7riv/O4Tjzy5tG8sXBvCU1s+hjebUNSyyXP2zXTfIiIiIpuyDY1hLApFI9lWJ/KSzNfYOp/DY099ubxoE05R9p125mIfoRjsu/Y9ty7KyPHw/tvvLftu/9iDO2edf8nSeWquuva9O/c+/MSBsLbTzji3lN3w/g8fqHvjLXfs3PPQXyzCOsivcdk7r9+5/5EvFEOQ+uREqX9z9fXvL8dqc09cdd3NpfzMYxeW7T6D4twLjpd9n3/25WIE0zZjhCI8Le751GcX213n49gffeCRcl3ky0g54TgPPv6Xxdvrnde970BYSxe33fXAzgvfeqMcH0Od49WeDOSvoc8e+cKXSuggfbDumOHdN39o59Ofe6aIg3hs0FeUp8/wLuO8n/7cs2W77g/6gvugLQnvacUkvAA+9sBjpa9oa4zX41ddt/Z+uiA3ybU3fXDn0ae+VK73hls+cmDsBnLKcC2M11vvvH/JE4rxy/muPHFjCcvE4P/csy/tjYWONutrn3Kui68sx2rDO2kHyhN2VZ+T8U2/46nFNvsRXdj/+ee+vnPnxz99IAcQf7OPPm2PNeT6uRaOWcb7PZ8qY5J24e+2bljVPxGKuC76l3bhGtoQs3Z+AG1HKB2/YTwx/9tz95EwMITLn/z2v5f5yPOirrNK/Ln/M58/IKCsqlvDvL7lw/eWv2mz3P+Xvv79A33cB0IV7fCF517Zq7/b/9mHqEMZz2Gex/yNJ2h7jJq3n3vhzofvfaiM74c++8WF8FUfc4xQxDx9760f26FdEAkZi4ypvnxU6+ZZWDV/YN2YoH1ply7PTcY/x+b/imtu/MDS+O+7702fvyIiIiJzZFsawxgUikayrU7EOOSlmpfhlH3vb/5QjBJektmHwJJ93//l3+8LS+eU7SuuvmERplbDy397rpAv7hgeKbvpA3eWMgy8uu4bv/2nhUCD0ffCN3+8dC721wLEk196pZRjgNXHwligPIZYl3CDUdUen3uO4Vkfr6U1OggV4fcxVtvzYZCTL4UyxI38LoZmDZ4Sq4wV2qn9DUYa+zAcu/aXY65I+NrX3uSWQUxDkGj3AeIIv//i115f2se4iqAB8QDBqy11EB27rjf30wUiW3Le1GDk14IhY66tA7UxzVyg7JXv/Wqp3us//btFf65rH+rQ15QhBtbXm3GGOHHgnD/49dLxEHHi7VKfI8Li5e+6vpQhLG1y/YDh39b5zi/+cGDedbGqfzJ+v/LaT5bqJDwI2vmBcEwoG2X1M2Vo7iUEUOrzLGE+8XctaMMq8ScCCm20rm4N1/rdn/++/E2btfecPu6CNmvrA0IM+2/96P1L+1b1yztO3LQ0VuC5r39/0c5jhSJ+w7Owa55dec1NB+oOmWdD5s+QMcFHA8ryf06es/F0rHntp7898Bztuu8xz18RERGRObItjWEMCkUj2VYn4pHDizChF2wjKrCNYREDlK+47MNThG2MWbb5QhyjBIOYfB28rPNCD+dd1B2KhIHLbzASUvbU868uXsr//JJ37B1/X4h45qvfLtsx/jCA+VLMl+xPPPpkKcO4yIv8WKEIj4QYI7d99BNFYMAjhpAPylYZaNAaHa0hXJ+PayWsj+20PfA3ZRhCJNflmkjOSxmiXnvOwPHufvDxUg/jEwEo58XwpRwhAcMLQzHG0Be/+vrSsQL3Th0SA/NVH8MZDwXKEtbDeeJZQr9FeEr4IgY056PP+epfjlflWolQhPDw7vfeVvqc86y6ny4wAKmbBOyMjxiheFFRJ+IM/cm9MZ4Jpcx4zXiJ0AIYoXjzIDjEQI7YMaR9NhWKcr+ERCGYpYx2QgzFGy4CECICv+0TitZdP+Mr4x2PGNqD30YEWjXeV/VPxhbtjHDBPCWPDGUcO8do5weeH2zjycE2z6LUab1iuuD+SlLp3WtJniCeY3WdVeJP7uepF765tm5NLRTRLnjz8Lt4I/aNW9o7nkK0O2Oofn7yO+AYCT3j71WCReYT18DxGRvx+ONv6hxGKAKEG8Re5jTjmjKuL4Ls0Hk2ZP4MGRN9QlGOQ4g13m6ZNzwj+u577PNXREREZI5sS2MYg0LRSLbVibyg8xL8jR/957Idbx9c/dnGAIgRFFGJF3O2CSdgGwGgPmaSZK/yAOGYHDvbeOxgkPE7DDbKspoTBjPbGJkYVQhS9bEwBqkXAWisUJTrroUbwCiifJXhDK3R0RrCOR9tHHEFA7o+BvdIu2A0pQzDcIhHU1fOmOShSv8ujnn6OeWYGG7tcUK8Hdp8VAgxdf6ZrhxFXD9eAW0YCcZj3e8xbPFMq+tB1/10kXvkWHU5YgtCWITOeDjVHk0Qw74VbSKIhhikGR9D2mdToehrr//sQD28eyivl5FH9KEsxnSfULTu+uP1QWhnXe+SK/ZEljHjDSIUIQ7U5Yw3yhOa2M4PQrXYrsNPGadd46iFMDt+WwufCCSM73oZ+C7xB8Gbtog3EB5JfXW7qIUioD34HWJzW7eG++be2lxOeZ7RDykbmqOIe2lDvAiH43jx4DysUNSuDkcIWum3Wz5StofOsyHzZ8iY6BOK2vGPkMX/H3U7tvd9mOeviIiIyNzYlsYwBoWikWyzEzGwMXbI54L3Di/ZeVHP11Resj/7Vy/uGTBXXlv2JV8R3hxPv/DNBYgSlPN3e66A8b5ndLyzeKLwNx4SGHfxOOH3OTfiUNfLP0TgwUBge6xQRI4QttswCqB91hkKrdHRGsL1l25ALKp/H4+ttF1Nyvvygewdf9lwx3uEsgcfe2qp/nMvf6/sq0WIGjzC4nFCvyBEXH3DLUv1uoQi4H4wHvEKwEvjy984GdKROhGKurwuuu6ni4RPxeugjwgHbTn3ye8RONiO0BLhJTAuKGce5Hfr2mdToSiiVkgoWl3G/KMsnhF9QtG668/cznyuYSyvG+99/ROhqM5BBhFA8NJgu50fdRgc4gxjtmvlsi7ikch4Y9xBnjHkTUu9iD994NHS1t2WUATcO7lzEO94/qSNoM5tNFQoAvqT1dsYHzzPEUc4XkTpwwhFbWgwJGw4AuTQeTZk/gwZE31CUT5o1GQ+xfupvu/DPn9FRERE5sY2NYZNUSgayTY7EQObl2DCRHhxTo4OiKHLv60XULxiKCPsIyR0BcOnPVeIlw75VxLyQSgDxkIRrU4/uxwry04j+lCnDSUBkpuyj5xKbI8VinI/JGFtzzHki3JrbLWGcCsUcZ/11/mEy0DdngkZ4hrae6rpMtwTGsLX/Lb+E898rexrjbMaQjbw0oixCfRvLS51CUV4Q8SDJNdOfpNsp16Eova80HU/XaTeKg826DO2Iwhk9b+Tos0zB+oxbiiP0ALr2mdzoejgOQ8jFLXHaq8/ovC2hKLWUybn6xOKgHahPAICsF17BbXwrEjdLvDKSt1aKEIoA64LUSGhWW3dbQlFCBMR1aE8P/bz8cAYoYgxkN8zJnkeZfsohKL6PkOe5Tle37W28wzWzR9YNyb6hCISY7fXECEuYlN934d9/oqIiIjMjW1qDJuiUDSSbXZiDEhe2Pm39szIV9a8YNdCTfI5sNJUe8x1YBxiHOBlwkt/DJAYueRM4d8Yu3g7YSiQaLs9VgwFvj6zHc8gcmDU9f7qxddKeZ9QlOTdCaEIrBhG+TrDuTW2WkO4TrJ6x37YBfUTipN7rIW6Tegy3GPEteEdkOtrV4fr4/g7rl14BZFXJOVdQlG+wtOm9SpoGF21t8FRCEXxlGFlr3ZfTYzyNowpQgshNGwPFVpautrn5tv2hKL2WAnbPJVC0V0PPrp3DY3nBfdB+brx3tc/hxGKAuE+GP4JvWtDNGtqrxPGW03Kc86h4s8mdccKRXnGkQ+n9r56+sVvlfJNhSJCzvgd9WrxL+HERyEU8cxuy096dO6JoUPnWUvX/KnpGxN9QlHrUQf8/8G+rIZY3/dhn78iIiIic2ObGsOmKBSNZNudWH/RbT0M6hWpWBY75fGKIClzbezhmUSeinqFoy7w4MEA4uU83kC8rHMt+YrLsVIf7yLKCNVIGSJEPJhibLHUNNs5JmD0JSl1n1AUz6S9FW5O3k8SrK4znFtjqzWE2/NFTGF1qPwGg5OyNvztM194rhiQXcu9h+Qiqe87IhftTKLolGOEUt4VShIwdBHd6lCPCIe1YBcRsfZMSr6pOs8KeYgoGyoUdd1PF+QsoR7jpharYpgmXDHeFnV4EUTYyNgeKrQMaZ+IOrUXBSTR9qkUigj5jJcGbY2YQi6Yocnb+/pnrFDEcRA0a4EhYU1dQmfIyoGtRxBEDEtY1FDxZ5O6Y4WiCO3JyQZ4VdLulNdCUfokq012kX7neZwy2hbRhfKjEIoAL9CU8XyJpyB5oigbOs+GzJ8hY6JPKCrPvCpfEx806mNDe99Dn7/0A3OlHeMiIiIic2LbGsMmKBSNZNudGK+QLuMwL+JQv3hjhMRII08RhgHGa4xPvhC3x6qJoQm1kRcjGsO/FqCuuu7mUs7xEVkee+rLi9CK+utxDGLAOCGvxYGQjh6hCCMgAgdflTG06+Wbu9qmpjU6WkN46Xynn70wTFjam7IYe9w7eX0oz4peye3RBwle81u8a45fdV0pJ1kx5YhCGFd80ceIogxxrD1OiNcLRipeZoR25Vpqr7Ms4Y24x8p05JOKEUy70/71uBgqFPXdTxfxbuFaCTGs7/GmW/aSE5NfJOFwiJQYofF+KMtm7xvhQ4WWIe0T4ZMy7vWBR59ajAs4lUIRRBytQZClL9eN977+GSsUxeOPuUfiZcZtBJI2MXLIKo31amo1rBLHfu6H7aHizyZ1xwpFeZ4xTuk7+iuiN9RCUbw9uZa7P3lSWKph/GaO8XzkuV2L/EclFAHiMDmgIhLVK1gOnWdD5s+QMdEnFNEWXAfjnWdp2oZk8H33PfT5u1iB8we/XGonERERkbmwbY1hExSKRrLtToxow4t5uy+5GzD6230YU8++/N2FUZ56tddPH1mtqs57BCSf3Xsx/9HSbwgLS+gBYAh0hRgQ2lV7SWFgJeFtDDC+jLMd4Qb4os/KU7WoQT3uaZ3hXIyOqo1aQ7jrfHhBpe1iwPDFvL5HIO8SX+/bc7aQdyjXThuk/BOPPLnw0gKSx2Kotb9vwTCr25G/EYFqAQ8vgCw9DedffGUxBpMsOWAwYlDX4SsR5trzhr776YIEvvU90h+E99R18KJBfMkxuRaM3Dr8LsZi6xGBEEJ5VhuDIe2DJ1WdrwkxgP7g7xjvfedMu9Zll1xxopTRNmxHAGqFovZYXdcPiCmIffQP7YW4xTWuG+/Q1T8RitqQxogdCExst/ODccTzJ8cD2i2rkHURgbBNAl6TNqSd4mG3TvyBoXW53uRSA3Lj8DvatK3bguhT3y/eQFlFrBZGufYsc7+qXwi3jZAC/IZz8DfzgzrkRWObZ0p+1z67uuA3CE+IOPXzkf5uw8yGzDNYN3+GjAnEVsrf/d7bynaes3iTRYgGng1tmGTXfQ95/kYMjFgrIiIiMke2rTFsgkLRSKbUiX2cd9EVS14E2wIDog6l6oOVdRB/2vJ1IHSQ1HpVqNe24R5p002vAU8lvHq6cr/wtX9MH9HWCHtteQ2iYZ2PCGhHjMYhIlcfq+6nC+4R8aMtP3DM084qbduWj2VI+3BdEUmmAP0ScaguJ9wTIxgvkPY3XWzaP+vgOH/KZ8mphvvlWdOKKF0wv+ql2/sYMh43JUIRf9PnRRDenUdtvZqh82zd9R5mTPD8H/J/Rcu65+9hnmkiIiIiU2BKGoNC0Uim1IkiMn/wAok3B952eBV+/tmXFzly6lw0IrVQJCIiIiLzZ0oag0LRSKbUiSLy5gDvoXoJdUA8ImynrSv/sWFsEMrVlouIiIjIPJmSxqBQNJIpdaKIvLkgST3JlYeECcl/TAjnJMSwLRcRERGReTIljUGhaCRT6kQRERERERERmS9T0hgUikYypU4UERERERERkfkyJY1BoWgkU+pEEREREREREZkvU9IYFIpGMqVOFBEREREREZH5MiWNQaFoJFPqRBERERERERGZL1PSGBSKRjKlThQRERERERGR+TIljUGhaCRT6kQRERERERERmS9T0hgUikYypU4UERERERERkfkyJY1BoWgkU+pEEREREREREZkvU9IYFIpGMqVOFBEREREREZH5MiWNQaFoJFPqRBERERERERGZL1PSGBSKRjKlThQRERERERGR+TIljUGhaCRT6kQRERERERERmS9T0hgUikYypU4UERERERERkfkyJY1BoWgkU+pEEREREREREZkvU9IYFIpGMqVOFBEREREREZH5MiWNQaFoJFPqRBERERERERGZL1PSGBSKRjKlThQRERERERGR+TIljUGhaCSXXX3jzltOP3upXERERERERERkKGgLaAxt+alCoWgkF15+Yuft5164VC4iIiIiIiIiMhS0BTSGtvxUoVA0krOOXbxz4WVXL5WLiIiIiIiIiAwFbQGNoS0/VSgUHYJLrrh256zzLlkqFxERERERERFZB5oC2kJbfipRKDoEp595rMQRKhaJiIiIiIiIyCagJaApoC20+04lCkWHhA5F/cNVjLhCE1yLiIiIiIiISBdoBiUn0WVXFy1haiIRKBQdESVn0eUnihrIsnYiIiIiIiIiIjVoBmgHU8pJ1PL/ASvzLZdqBPiDAAAAAElFTkSuQmCC>
+
+[image2]: <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAe8AAAGZCAYAAACg8rkRAACAAElEQVR4Xuy9Z3BcWXqmqf0xMftjNLsxo5V2pdiVJqTR7mhGMbLd6m61qrurbXV3dVV1ecOidyBBbwHCew/Ce4CENyRBAiQMYUh477333jvCvpvvBUGCSYBAJjKBzOR5Im4QPOkz7z3v+b7zmT+AQCBQOSsrKxgfH0d3dzfq6+tRVFSE9PR0JCcn4969e4iMjERwcLB0eHl5wcPDY8MjICBAuk9oaCju3LmDxMREPH78GLm5uaiurkZbWxuGhobw7Nkz+bcgEAh0mD+QHxAIBIrR09ODwsJCSZgpyhRdV1dXeHt7w9/fXxLfuLg4SbxzcnJQXl6OxsZGSdh5jI6OSkK/0dHX1yfdhyJdVVWFgoICPHnyRBLx27dvS8/v4+MDd3d33Lx5U3qtBw8eIDs7Gw0NDULUBQIdRYi3QKAAExMTKCkpQUJCAgIDA+Hs7CyJdHh4OB4+fIjS0lL09vZiamoKy8vL8g9XG3NzcxgZGUFdXR0yMjIQExMjvT8nJydpMREbG4usrCxpoUGvgEAg0G6EeAsEb4CiWFFRgbt370rubTc3N4SFhUmua7rDZ2Zm5B+iUSwsLEiCTUuc1r+np6dkofMz0IKny10gEGgfQrwFAjnoxqbY0QVNsQ4KCpKs2c7OTvm7aiV0x9PNHx0dLVnlFHS64dvb23fVWyAQCJRHiLdAIGNsbAyZmZnw8/OTLFPuXdfU1GB+fl7+rjoHRZv79fQs8LMzoE5XFioCga4ixFvw1rK4uCjtUdOydnFxkfaJW1pa5O/2VjE4OIjU1FRpH58WeVJSkrSXLhAINAsh3oK3DgaU0bqklcmIbUZ/c29Y8CqMcr9//74UOc8tBAbDCQQCzUCIt+CtgeLDCGyKNgPO6CoXbA09FMXFxVJaGvfIGegmUtAEgr1FiLdA52FqF3OhfX19pchxgfIwcp3bCwzke/TokZQ6JxAIdh8h3gKdhfvZtBTp8m1ubpa/WbADGLHOXHfGCjC/nSl1AoFg9xDiLdA5mH9NS/vWrVuSpShQH7Ozs5KIcyuC6XQi1Uwg2B2EeAt0BgaiMQCNwk0BF+wejB9gERiWaWUdd4FAoF6EeAu0nvXCweIjgr2DC6iQkBApvkAsoAQC9SHEW6DVpKWlSalMLLAianZrDmtbF6z5LqL6BQLVI8RboJWw2xbTvtgmU9Pri7/N0BPCoEF2QxMIBKpDiLdA62BgFKt/1dbWyt8k0EBoedMCF1a4QKA6hHgLtIb+/n6plCmtbZGapH3Q+uaii3n3AoFgZwjxFmgF7PLFxhlVVVXyNwm0CBZ1YUYArXD2PBcIBMohxFug0dDC5kTPql6iJKfuQCuczU8aGxvlbxIIBNtAiLdAY2FQWkBAgFRXW6B7sIMZgw7z8/PlbxIIBFsgxFugkdA9zlzhjo4O+ZsEOgS9KfSqsEqbSPUTCLaPEG+BxsFochb6EE0v3h7YQzw0NFTsgwsE20SIt0BjYOtJRpKz1/bS0pL8zQIdp6ysTGo7yj7iAoHgzQjxFmgEtLLZ/YtR5YK3l66uLknARQ6/QPBmhHgL9hy2l+SEXV1d/WKM7lNnZ2epOhdTxJQ5GM386vH6ffbi4GfiZxsYGFj3LQjW4G/PQLby8nL5mwQCwXOEeAv2FAq3n58f6urqXhlnbWwjIyNJ4BiVrMwxOjaG8YlJzM7NYFz29+jIsGxsEpOTY6/dd/vHECYmpzAyJD++/YOfyd7eHnl5ea98ZsFLpqenJQGnK10gELyOEG/BnkFXOYV7IxdpQ0OD1CNaeSbwIMgbro7WuHrFEM5ubribVom2qjSkZjbI31khWiqLMLLDLXluEYgOaG+GNeuFgAsEGyPEW7An0OJ+U9tIireLi4v88PZZWcbM1CT6yxNw5JsraJYtFGbm5lEQZY5TJ63w4EECarpW62wPtzYiPSVN9v9pLM/0Src9Lnjpwq8vSUNi4iP0TC5ipi8Hn/30p/BPbXpxuzJQlIR4b83s7Kz0XYlcf4HgVYR4C3ad0dFRSbjfVF1rx+L9nGftObhyxgbDz/9fFmeL3/ziKKJjg7H/wBm0zy3A5fBnOGUWipq6cthcu4zI1KfwtzWEf0Ip6gsfwj0oAimh1vhGzwId3RU4/P77uJXR8srrKIoQ7+3DXHB6KoqKiuRvEgjeWoR4C3YVWtzbKYupKvGebc3CZX1rDD7/f0GUFcydU6S/bU4cQUH3KHyuHEN2p+y9Zfvguz/9Bnfv3UWo4xV8oWeJxroi+HiFwsfuEn7y233omZuE28XzqBt9+RrKIMRbMSjgbEojmpoIBKsI8RbsGgsLC1K0dWVlpfxNr6Ey8W55gnMnzLEW150fYQ4z+wTZX4sy8T6Gwu4R+F4+gsf1KxgpDsPvPj6J4tom1FQUobSmAf7GZ2ESlIm2oli8/9F+dEwOweLYcVQOrX8VxRHirTjcA3dzc0Nzc7P8TQLBW4cQb8GuERYWJlVP2w6qEu+5zkJYGXu8cJuXJ3jAzS8DFG8f4xuo7B9HlJ0hMmtnZGNTuOdtAxMXP9jdMEF8XhkKEwJxwcgRQe5O+PLTr5HV1A0fg8OwDn2CnRTzFOKtHIzW53kxNLTD1ZNAoOUI8RbsCklJSYiNjZUf3hRViTdWVrC0uPRCaFeWl7C0tCz9vbS4yJuxvLSI5eWXUtzf043ewZelWUcGejE8OQ8K/twz2XMtzWJkbGelW4V4Kw/TCpkrPz/P30QgeDsR4i1QO4wUZhEWRRpPqEy8NRQh3juDlfhu3bolPywQvDUI8Raolc7OTkmEWXRDETRHvJfxbO4ZVm111SHEe+fExcXh4cOH8sMCwVuBEG+B2picnJQKrVDAFUVR8V4ercEXP/s+vFPWUriW4XjmExx3uv/K/V5nEvYm5ijsXZS/AWm3XRCTkIeqkjJM77AoizzbEe+WlhY4ODjAx8dHKw+mAzo5OUnNZtQBPTmi37vgbUWIt0BtsHqashOrouK90JOLn/zjX+LwDT9wJ3RhoBrv/f1f4QvLQOn28sx78Pb1QWLOajW35cluRAR5wd/dDr/89TcoHAGG6rPh7u2LwNgUUKvv2Z3BzaBklOSWYHphDgXJ9xAeEAyf4CgMPlvdAqh6EgsfP18EBdzG45Lt535vR7wfPHggiWB/fz/6+vq07uD7Zn1yU1NThbZMFIEeHUdHR+m1BIK3CSHeArXAqHJGlyuLouI925GFk6cO4qqBHRpnFlF8LwTHDn+NG97R6Cy9A70LxiiqKIXRqZMITcmDl4E+vO5nI//eTXznB+8jsygb1/TOIaeqAdFOhrALTcbDAGt4efvIHmOI7qk+HP3xjxCcVADf69/CMjQffaXxOHrsMkqry3H+/X/G++f95N/WpmxHvB89eoT4+Hj5Ya2CBXlofatLvAnL67q7u8sPCwQ6jRBvgcph4w26exXd516PwuLdloHDFwwQExqAsDtJCLsVhCA/J5h6BSPC8TTsw1c7VJXG2uLckTM4esoWI9LICG5cuAxnBzP8+LcHEOTvB0/b67hi54UID3uZVR0AmytW6BztgIX+BSlfvPmhA5w8EhDvagnzqFLpWRrjb+KIacja29mS7Yq3ulzOuwXPBVrG6hRvEhUVhZSU1eI7AsHbgBBvgcrx9PR8pb2nMigq3jMtqfj40Fm0t9fjyHs/hLF/Nooe3cQpGz8UJ7rirHkgZheewe/GKdh6h8P0jD6SGkcw2fkEv/zFp4i8E47jhy6iurMfzVVFKG9sRYzDVbi4ecFE3wjtI+24cegY2mSvVRVrDiuXh6hI9MPxa154tjSPCJMj+NpQiLc8uyXerMDG1+np6ZG/SSDQSYR4C1RKamoqIiMj5YcVRlHxftZfDhtXHyysLOOmyTGEF42hr+QeboY/ApYmEeZpDQtbazj4xGJ8ARiuy4SRoSGsDK/i0FlLdM8tovCeLwxsnGFy1RQZdc0oSAjHg8RHiPSPwODUIMLcvSTLuz03GmGxBVieG0Wcrw08fb2g//FHOO64VXDcS4R4qx6eM6zAtrys6twAgUDzEOItUBnd3d3SRM1OUDtFUfHeDsvPi7Os5zVJWd5+WHl/w1M4OrggLDQU9ubWSC3eflS9EG/1INLHBG8LQrwFKmFpaUmqelVTUyN/k1KoQ7xVzyIaq0uQm5uLln7FKq4J8VYPrJ/PALmOjg75mwQCnUKIt0Al0F0eHh4uP6w0bxLvpflZTEyzFjlZwdjYCBaeG9Xzz2YwMTWJ2ZnZV6zqmfFBjI6tegQWXzfAdx0h3uqD5w7rC+zmawoEu40Qb8GOYTEWW1tbTEwoZn2+iTeJ90zbU5w4cRl9nJtHa3DgN+/A5VG7dFu0szGsnBzgaumO9bHug+21aG9vQKyfF+pWw8z3FCHe6oXtQ+kREQh0FSHegh0THR0tNR5RJW8SbywN4vLBr/CkYwFtubE4r6cHM3fmlM/DRP8cHmQ+xNkPfg9jK1tYO/tiaHYJfVXpuO1pi5/803dhF1sku+8Cntzxh41MWJwC7mBmEciM8Ia5uS1sTA0Qk10vvVR5ViwcnG7C0S0A/dPz6MhPhJWJBWxsrOEUmiAVcyl4EAwrB0c4eEdicgGoSoiEqZEd4jM2j7gX4q1e+Lp2dnZSFLpAoIsI8RbsiN7eXtjb22Nx8fXyojvhjeItI97PGoGpZXgQ6ITHhcVwsLVHaUkWzKxc0d9fjoO//hpVnf3wuvQVvFIaURhhBQtrV1icu4DykWdoz/DH14cN0drTjSBjfVj5xsL40K9w3i0VfW0lOHbyPAqaOhAVGISWplro/e77cLxfg2z/83j3cwP09fXC1fQCrhoayu57A83dPYi0PIcbvnHwu3Echm4pmJnbvOuVqsR7sqcevm72kkCaWtojv64TmGiGs7sPBp/rVmPOHXhFrgVxLSLQ+DhM/NfnRD/Dk7u+su/OEbYWRohMX41bWJzoxZ1gTzg6OcLsyg1EpBZJXdiGOkrgIRNGvqaRgTWKmvvWPder7JV4ExG8JtBlhHgLdgRFKC8vT354x2wl3t2Fd2FnfQNG9gGYWF5GvLcFrhoZwT2mEEujeTA8Zyk1E8nwuY6A+9UojnOGi7s/HK8Zokd2Q4b7Wfz487Pw9vCAu6MF/CKi4WhgguznAeM2p4/A52E+IjysZLe74dS+9+AWX4HcUCe4xawWfKmMcsR//Yu/ws/2XYSPpwc8nCzhFXUfwdbXEZPZ9fLNboAqxHtluh1GZ48iPKtBao/Z/CQKhnYBGOjOx6f7TzwvQgNUxdtj/zUn6e+hskR8+Zv38P6Xx1A5vLr5n3fHDZfMPdE3OY/pgWYYn9HDveIe5EbcwD4zf+k+i0NVsHV0xfDUOAxPfgi/p6ufrzbtNlxCE1+P2n/OXor31NQUrK2tVbqdIxBoCkK8BUrDhiO0uhlprmq2Em8868KRT36I09YR0n+bMn3xF3/535HcKjM3+1Jxev9lMDwt0fE0PO9UIj/cUiY+PjA8egjprRPozguD3mkzNPT0ouRJKqpammB55BNc90xFc1UKDuldQkbKXezbdw4tvX0w+/KHOOOdivxQC3x0wAJtbQ0wuXQM5rY2uHLJDDVdvSjPeozSpjYEGBxBUGLzq+9XDlWId3O6L/afc5YfxuJgMT757S/gEnAbt2/fhqn+FzhkHiTd5mN8ChHlfcgKugFjnye8N0yP70dK/Uv3cluqF44Y+qOvMRvHT+vDO/gW7iUXPhfoZSRFueDQ2Ru4FRSMwgZmvm/OXoo3YX34N32HAoG2IsRboDQUIHUFBW0p3jJSooKRVrKaErQ02gQfjyAMytYRyxPNeHg3BXTkN+Y+RGFtP7oqnyCvuAnpcT7wj88Ho9SLkyPg6O4ORwc/tPT3wv7EBzh0xg7OdtZ4UjcECltShBduugciLiIU0QmPkeh7DR9+fAqurk4IS+LzyCzw9GjYu7nDwdYLdX2DqMhIQFnj6Iv3uRGqEO+6R244eMHtlbH52UmMteXgyy8+R0J2sdQY5pbdGZywi8TKRBV+9M//AAuvIHiYHMc//9tXGJeJsc2JA8hsfrkA6870w7f6tpidX8L8+CDKSrLgbmOKk8cvo7htSPbNLWOwvR5Zj6JgfuUsrloFYHSTCP69Fm+W6LWxsRHWt0DnEOItUAqWoWT9cnVVs1qrlrV7rMDb9AIym97sRcgNs4JbtHKd0tYTEhKyY/FeGK7B2RNHkNE8Lv1/tDEN+w+dQn5pJvYdOYX+5z9N2V0HnLPzQay3Ec46RqKpoQ4NzTW4/M0HuJlYi6xoK1yyD5UWO1iagus1fQSlluGRzzUY+qW9eL3r+7+Bf1IGTM8fR1L95OpgXzZ+97sjaNikLs9eizdhcxdtb/AiEMgjxFugFOwYlpb2cmJXNRRvQ0NDdHV17drR1taK9o7O18bXHx3tbWhr73htXNGD1mB+/qrlvhlbiTfpqkiH0XVjuLq64uK5S7ifUwdM1uKqsQV651bvU50WCgs7S1hZWqJuVeclunMjcfa6OxZXJhHtZQ4Ta1fYmV2FS1iaFEU/21sNo4tnYeroChczYzjeSgSfsjbvLk4ePSu9ptkNI8TlrbZZ3QhNEG92NmMq49zc8y9EINABhHgLFIaBQBQfVZRB3YyZmRl4eXlJ/azZF3w3joCAQPj7vz6+/vAPCJDdz/+1cUUOfiY2bxkaomt+c7Yj3hJLcxgeHpbS3VZ5XShXlpc2GJWNLy28GJ8YHcbIxFrxm5eMjQxjeGzq1cHFWek1p+be7HnRBPEm9HQ8ffpUflgg0FqEeAsUhqISExMjPyxQMdsWbw1GU8Sb5VJZNlVd2zwCwW4jxFugEJyEWfyCk7JAvQjxVi2Moait3dzFLxBoE0K8BQrBxiPu7u7ywwI1IMRbtWRlZUnuc4FAFxDiLVAI1ozOycmRHxaoASHeqoVxFAxcY/qYQKDtCPEWbBtOfqxYJepF7w5CvFWPCFwT6ApCvAXbhm7H4OBg+WGBmhDirXrEto9AVxDiLdg2THMqKmJHLsFuIMRb9bAGPF3n4+PrEt4FAi1EiLdgW7DAhXCZ7y5CvNUD4zays7PlhwUCrUKIt2BbsJSnv/9qhynB7kDx1vaynqxuxvxqTRLvkpIS+Pr6yg8LBFqFEG/BtmB3qvT0dPlhgRq5f/++VGWOdeS19SgtLYWJiYlGiTcDL62srCQXukCgrQjxFmwLuj57e3vlhwVqpLW1Fc7OzvD29pZKqmrbQeuW718TXf8MWqurq5MfFgi0BiHegi1hDW4G+QgEukJcXBwSEhLkhwUCrUGIt2BLmBdLt7lAoCswZczDw0N+WCDQGoR4C7bk1q1bYr9boFNw39vS0hILCwvyNwkEWoEQb8GW0EJpbGyUHxYItBr2I+/s7JQfFgi0AiHegjfCvG6R3y3QRZjvzaqBAoE2IsRb8EbYB5mR5gKBrvHw4UPRl16gtQjxFrwRVqISwWoCXaSyslJKaRMItBEh3oI3wpSaBw8eyA8LBFoPS7cyBVKTCsgIBNtFiLfgjQQEBIj+3QKdhJHmjDhn3X6BQNsQ4i14I4w0b2hokB8WCHQCEXEu0FaEeAs2ZXFxUSpvOTg4KH+TQKATsIRreXm5/LBAoPEI8RZsCgtZ2NvbS/8KBLpISEiIaA8q0EqEeAs2ZXx8HBYWFiKgR6CzRERESK1XBQJtQ4i3YFPY0tHGxkZ+WCDQGdh2NTY2Vn5YINB4hHgLNoWBajdv3pQfFgh0BtbsDw8Plx8WCDQeId6CTamuroaXl5f8sEbQ3NiHjwMb0Tr/cmy2fwi/8q1H7ew23fwL8whJ70L/EhD+qBkupRPScGxaI37qUo7kTvmmFfMwjGhAfKdypWKb2gbxuUcJ/sWuDG4F41iSv4NSrMDlbiMC6qZlfy8jKr0DlfzzDYQl1+F7dsX4gWsZfuBYgneDanA0qBpm2SPyd1WMpUWEpXeiZovX1yS4383GO4K9h6l7ubm5SE5ORmpqqk4d/Ex5eXlYWlLNVU+EeAs2pbS0FH5+fvLDGkFpcQv+89UiNMiuhZnhKbg97sTNxDr8r5cLUSzT1pXpOQTKhCywdEy6/+jQJO6UD+FOWT+cnvZhcHEZBQUt+I+nM3ApYwC+ae2IbJhGZ9cQ/vLiY/yFdRkuJXejcWp1IVBUN4gn7eOy12hD5sAcShqGkFg7Au8nXYiuG8faciG7rBd++QN4WDWElLb1gX5L+NbuKf4lRPb4/A78pVkxcsc5voykwm44Z/ajb3b1nrNT0/BKbYNn4RDGZRNaStkAKsZkH3RpATHFg2ieXkBJ/TDuFvQismgANx+1437HLOrruvBHZ9LxWWwH3PL60fH8+bKqBpDT/3KV0z04hazGAfzDtSf4IK4LuZ2TOOKUh58ENiMkqwu3Kkel+7V2jiG+qA/+2QMYlH2nTc1DcErpQmH/6qJmfnoWgU864ZrVh975ZVSWt+M/nUrHoaRBDM4s4E5BDxzTe1A3sfjitTWNgoICqca5YO+pr6/H5cuXpT7riYmJOnWwFK++vj7a2trkP7bSCPEWbEphYSECAwPlhzWCirI2/JVFOaqGpvCBdS7+yasGn7kX4g8Ny1A+Oo1jrkX4gUMZ/tYoF2czh1BS1oo/OJKJD8Ma8R3jJ/hxVAcSc1rwx2ef4NiDDuxzK4ZexggaWvvx/1zOxM+CGvBLuzx89nBIpq9z+K5JHrzKB/GhVRECWsZx0S0P/8GoFAdvVeB/v5CFwJZZ5OXLFgNX83AwvA5/cToNP4rqfuU9RybV4k+v5OBwZAO8q0cxu7wC15gq/K1MyH9km4/v+jSje2oW+5zz8W8elXjXvginE1vwfcMsmFXNyVR9HH98LhtB7RM45ZQr+6zFsM7owcd2RbhRPIHy6g78yblMfBzWhH+zycXJJ7LVwfwk/sYgByHt8t6CBXxklYurBZPS/6wCi/Gfb5TgiOy9/x+Xs+BcO4m7iVX4X/Se4tv4LkQ9acc/Ghfgl64l+HPTUmQPP0Pkw3r8SvY+/944B/9yuw3Jhe34v85m4pv7nbCMrMAfXsrH+x6leD+qDUMaqt/FxcVSISLB3sNytfwtdDVA1s3NTVqgqAoh3oJNYcel0NBQ+WGNgOL9320qEVXQhj+9UQrJiB3ol1m05Ygr7ZQJaibe8arCzxwK8JvoNiTkt+G/mpeBHt28rDr8iX0dOkbG8I5dCXplY2Y+JTiYMiw99+fOefDpWMZYYyf+h2s1IrPa8APvRswtzeM3FkUIbJ3AJc8CfPpo1c38a6s8XMrqxymvQnyQOCSNmQWU4GeR68R7aQldY8+QVT2AszLB/2PTYtyXWe7vWmXh/7Upw/teZfg71ypEFnTiLwxK0Pb8YXPTE/i3G9lwbVqkOwH/zTAfoR0T0HctwMnsVeHd71CIK/kTsteYxo+tC1C6DLQUN+HvvOtx+3ET3gloxrrdhVVkC5L3LXNxIUf65nDdqwA/j+6VPAj7ZYuHb9IGEJVUg+/5tUljliFF+MMrBfggoAr/aJ4P96oJ3MvuxJm4RvxYtlD4P/l9jk/iZzaFqOLr13XjfddyfHWrDscSOtE3r5kTMreGRH1zzaCqqkr6LXRVvF1cXFRa8EqIt2BTuP+kqfuBdJv/mXEp0hsH8F8uZcO8ZARh9yvx766UIEk29jcya9Ukux9WDxphXTSKnMJm/JlM5OlET35cg/9kW4e2oVH8zfVs+NWM44RLIb5JovAu4ReWWTAqm5WJ5QIO3szH/3YpB7ZV9EHP4l9l4undPI7TLrn4hFa57P4/Ms3B2dxhBNyvwl97NCCjYRi/Mc/Br2J7Xr7h+Rm8J7N0D2cMoLqzH396MQuOxUPY75qHX0a2IiS7HYdlFm5L3wj+9lo2TIuHEfW0HSYpbXjHJAvvP+hFssyy/3cnniKscwLHHPJxMYd79Mv4VLZ4OEsf/MIU/u76ExgUTGDx2Sw+dZBZ51dlC5HGDcp/ysT7p0ZZ0Hu6uq1w3jUXP43skYT6E9tcfCUT71sPqvGOX6s05hNTjj+zq0BsWR/2RzUjv3UE/+16Bn4d1YrzgYX4E+cG9I9OyF7/KWxLxhEr+zznH3TCOr4af3AqG/d6NdP0rqiokAq1CPYeId6KIcRbsCmavOfd3NiL3wc2on95BY+zWvE9mQX9SWAVfuXfhM4loEBmmf/CoQg/9apD8fACmhq68WlQE2irFpW243fhHXi2tAib6Aq851+Pi+ENcCqhFbqMa+FVCG5aFby7jyrx7y+XoFtmTWJlDueC6pDQOw2POzUwLVi9/4Vb1XCumkZ9Yz/+P6NcfB5aj3ctc/Cz9eIto7GlHx96FuN7jsU4ldwL7ogP9Axin2zs+44V8CpbtaSflrTjR3aF+NeblYhpnMLTii58174Y+wJq8UuPWmQOzcAlpg5e1atBahbhtTJLeEr62+1eJb53sw5cVtyKLcV/MK7E6g62HMvzuBxSBbdKPg7wvluDSxmrngezqBpYl40hNa8NZxPpl+D+9gyMI8rxA9sSnH7Uj4nZRdx+1Ih33CpwIroe+8PbMLy4BLc7lXjHpxEpNUP41KcMP3Upw9X0PoxppnaLPW8NQoi3YgjxFmxKWVnZW22VpGS34q+vZEM/e1XUtiKnsA1/aZCDn7iW4W8tixHUsHeV6eLSGvFfZO/dRFqQCDYjPz8fwcHB8sOCPUCIt2II8RZsSm1trdSY5G2lb2gKWW1Tr+8Xv4G+vklk1I2iZkg+zWx36eyfRHbnNOgwEGxOZmamxsZ1vG0I8VYMId6CTWltbYWTk5P8sECgM6SkpCAyMlJ+WLAHCPFWDCHegk1hNzH2OxYIdJW4uDjcu3dPfliwBwjxVgwh3oJNmZychLW1tdQaVCDQRcLCwpCWliY/LNgDhHgrhhBvwabMzc3BwcEBExOrZUMFAl2DkeYMWhPsPTsT73nE3LRBfFHHi2qHI03Z8PHzQUBABFpnV1AS5wlr7/jV518aR2igF6r7V7NKRrpq4efmAGdnZ9i6+qG1dwz58Z64ZmwhjfHwDk/C1LIy720VId6CXWN5eRmurq7o6uqSv0kg0Ak8PT1VWvVKoDw7E+8VpHqew++OOmDp+eMDTY7BwtUH+gePIXd0BffsvsYf/eX3kd1CY2QUR7/6HVLaFrE4Uo2Lp/WQUNSIiclJZIU7wd4vDg5Gh2F3pxDr344y72wNId6CXYUXE1PGBAJdg4tTe3t7jI5umAkv2GV2Jt6y33O8Dke++AqFw7LHT9fg8IFTaOvtxpWjJ1AwsoI47xu4YmEOK2sPjMxN4YreN8iVjZfdsYW+VcRrrxtgug/7L9sgKjoa0bLjcWGtEG9dg51i6Fru7e1Fe3u7VHKxqKgIT548QVJSkhQQEx8fv+HB29hTOCMjQ6poxopPTU1N6OzsxMjIiOS63ktu376Nx48fyw8LBFrP9PQ0zM3NX5u0d4PZ2VkMDQ1J1zkn9PLycuTk5Ej77/JzhPzBOYNR8k+fPkVJSQlqamrQ0dGBvr4+TE1NSYsSbWSn4k1iHC7C7V4FyuLsccY+TvZc4zLL+7gk3lEu5+H6oBil8Z5w8Q/DjSsyUZdZ5Dm3jHDR7u4rr7s4PwtPw2+hb+uPrKxsqftceWPnuldSHCHeewjFlMLKPTJeRCyiz5aZPOh+Y+F5Hiz6wPQT3mftIqOQb3Yw1/TBgwdS5CvFkicw+2gzx5rP6+3tLRVL4XNS5HmSd3d349kz+WYTqoeLj9jYWPlhgUDraWtrkyZUdTEzMyOJKoWZC2Dmk/Pa5vXM65rXN69zVjHkbXfu3JE6UMnPDxsdvC45v7AXOfftOe+4u7tLz7s2J3Gcz0dDoqWlBWNjq6VwNRVViPdsaxb0Dn6Frw6cwePmKdlz9eDY1weRJ7PGwx30YByWi5XlKbhd/hp/8/1fIH9wGdMt6Thy8iKax1fbdfYWxkLvgiEuXziOgCfNr7jNd4IQ712CQs2TiX1Y/f39pYuDFwRFNCIiQrqAuOKlpU23G3vRqgOupGnRc9HALl+00tnpixcpL1ZOBBR9Lij4XnZy4m8EJ563ucqaQHdhf2VVVVfj9c9rlBZaVFTUC3Hmv3wNiijLDTc3N6O/v1+y+tUBF/TDw8PSwoTzV3p6umQQrC0Y1owLWvicvzQpGFUV4k1CbnyB3196/jwLPTC+ZIDysRUkBJrj5r18SYwHS6Pxo3c+QvHAaiZNSXoErl0zk+bUc/oXkVbcgvvel3Dw3A1pTFoY+cegd1p5r4YQbzXBk5jtAWllrv1YISEhUh/Wuro6ScxV2UhdFVDY6Xaju40TBk98BphxxU1rnmK+UzgRMF1MINA1eK2zd7QyUBgo1qmpqdLilhMzLWgupLnI7unpkSxvTYILDNZuoEjSCFiz2CnqtOK5ZbeX71lV4s0a/2tBawwx47zN/y0vL2FpfbS47O/lda81PzEs/W5Tz+2wlaV5jA4NSGPS0TeIeeW1W4i3KmEFMYozLWq6r+i6okU9MDCgcUK9XSjo7IvLfTGutvm56Cmg64z7bIrC74HpYhRxgUCXoOgqEozJBT4Xyuy0x0UyxZriz2j1vRS9nUBB5xYc3fo0Vvi5KKBclFCwdhPVibdmIsR7B/Ck4IXGFTdFjaLNvSPuS2lrkMdWcMJZa+3Jz8x9err2FHHbcZKjy08g0BW2G2nO2+l65kKYVioXwgwS01ax3gou1hsbGyXLnG5/fmb+rQov3lYI8VaMt0K8ubLkCpmrSgoRV89bXbS6CC9MRsIz8I3fBffCaHnMz7+59QZdgQyoEwh0BUZ6cztoI6GgMHPBy9gSLngZSEYX+dsI9+e5eKGhw61ExgDxu1MHQrwVQ2fFmy7irKysF4EaPOnoDhesQncZhZuuMlYP4gTFC3UjKPj8DgUCXYFzA71R62GQF2NHOMmybCpjXQQvYXwNrXBa4/TgcStOlaWThXgrhs6JNwWICfX8omJiYqR9bcGbYQoJ97i4smZkPSPM18Nccysrq11JTRMIdgMKN93f9EbRE0fLkgt9binpqktclTBSnTFC9OBR0BnQu1OEeCuGzog3RZoXJFeFdPMwcEugOLwoaY1zv4v56Wsra05svLgEAl3A1tZW2r+maHMbSSzylYPbj4wboojz++QWpbII8VYMrRdvBlcw6pNuXaZ6CVQDI03pQuRFyf0/Rq8zV1Ug0GYYqEnP3IcffijFwWh64RJtgYt8ejDW8sgZBKwoQrwVQ2vFm/svPEko3LW1tfI3C1QE3WGc5K5fv44rV67I3ywQaAV0j7MwCfdqeS6LqoHqg9tu9NzRo6FIiqkQb8XQOvGmm2atgpEiOZqCncEI0/3798POzk5yrQsE2kJBQYEUz3H37l1pP5vFSUQnMfXD+AFG69Njt514GSHeiqE14s2gKRZU4cnAQiq6mpetyTAwhRcX3Y6cAHcj91MgUBaKAWM1WP97LZOCdQ9sbGxUGiUt2Bxm/VC8uXjaat6mxc6AWV0Vb24pqDKDQSvEmz/62gpOmSphAtXAVSPFm/BCo/eDXhARHCjQJNgLgDna3FKTD0RjMCvTwAS7y/j4uLRVQXe6fDbLGjQGLly4IC24dPE4ffq01PlNVWi0eLMOLy9CCoQILNEMWCp17QTkCpn5srwgWc9ZINhr1gqKbLalRiNAla5LgWJ0dXVJXrvNFv2c89kBTRcPVRe30VjxprVNy44FQgSaA4PXWNBlPVxVM+eT7klFyq4KBKqCC0q6XLmvvVnFQKYxOTo66qxbVptgRzcu+tkMRaAcGifeXHkxipwFVtRVLGFyclLa9+KF/DYd165d29Qi2S5cPTJHdqO9Kxa9YES6ubn5a6+tCwcL1TCCVqBZMIqcbsmtLGrOKY8ePZIfFuwRnOtZopnudLHoVxyNEm9GJ3I1xq5Y6oQ9dRk1zRKhbzrYLo6r9KXFxdduU/qQPRefU3reJRU+7zYOFlHgsVPoltxs34rfK5uYyL+2LhysKSDao2oOtLa50Ke1vVU0M61xLjoVSV0S7A70snLeF0WgFEMjxJuWMKujMYp5N1ZgDGJh5N9WzIyyl2svXrcxd8Zwbw96evulHrO7CXv2qiK/lYurzWqds066rubds7YAP59g72HhIE74201bXGs0ItBMuKjiQoxbcnvVjpk1Lbi1oukHAzL5He25eLMSD6NCd+rOVYTtiHfufW9cM7KGu7sdrpq7oqbr9eAKRVmZHUBMsBPsHTzh4WSGc1fMUN03J383tcEqaaoQb8LANQafyENx2+6Eqm3wXBXivbfQY8VFKBf6TB/dDnwMfzcGDQk0m8zMTEnEd7vrI/feGenOlDZNPywsLCRjd0/Fm4LNIBOuJnaTrcS7vSAWeufNMPA8FbTigSdOm/ihta4Uge4ecHFyhkdkIqSb50cQ6e8CVydrpJRSzMZxP8QPPi7ucPYKQf/sy3zSoco7ePfTA7J7rFKSeR+FTUPA4hTibnnA1cUeSYUdwPIgku4+BHf8O8seI6e0HePtNQhwckXInSzMTvUi2NMeLg6y+xd1YGl+ClHP30NycduL15NHleLNi0y+KxMR4i1QF2seuoyMDPmb3ggLsrDMr0A7YC40DbrdXGwxS4ELQm0IZmTpanqd9ky8U1JSpHzLjdIF1M1W4v3A5TzsAnJeDsw144KePjwdjfCjn+9DdX0jnAz1EJBegXs3r8PA7T7aG4ugf+gskgvSsP/dXyOlogFeV76G5a3cl8+zPIWYQHucuW4FE2N7ZNevWq6PA27gokMoWpurcO6wHuLSHsDgyFkMym7LCbwiey9ZqH7oio+/MEHv4AjcLx+Bza0MtNQUICO7HCE2V2Hovvoe9L49ipT6jTv8qFK8ucfI/W35PUQh3gJ1sOahU2ZflMFsu+nZE+wcxjMwpWy3UlC5785sGW0Qb8Zssd7Gros3XV3M8WO1tL1iK/FO8bkKE8/UlwOTNdA/fQEBni5wCsiQhhrve+H0dWvoH/gMp83d4enlg+vnziI2MQ5Wl80kq7ko3BS2Hi+fZ7yvHcPjc1h+NoXyp49gdPwgPGIewvbCPsQVr0bWx9mdgZWrF2wum0oWelmMFdxD81CT6glr1xTZyDQufHsQpS9SBpeg99HPoGf2/D3on0B8Ye/aja+gSvEmXIDJR1/vRLwHmyulvutJqfmYUcE1tLIwjuaGVswvLGBqbuP0IUUQ4r03MIuBHjplClxwouNvpg2TsuBVqBW0hqkV6v79hHhvAVMD2BggPz9f/qZdZSvxnuwogP6JQ0it6MTExADCXAxhE5yOygQ3fPSNMQaHh+BmcBiu8VmIsr8IC/9UDAz0Ild2ArQ3pePigbOg7fvU7zLMXJJePG9Hfhje//w4SlsGsLC0gFgHmcUse2zKLWMYeiVgdLgHlw8fQVRqEs5/cxAlvQMIuPwBjIJzUPPQGQbmFN4l2J/6Bm73yjE+2IGCigp4GerDMmD1PeRkpqNnYuHFa65H1eK9Zn2v7+WrrHiXpwTiqpk9kpOSEGhngNMmLhh9rrfzM1OYXXj1opqamFzdttiEmekZLDwbR1NtI1JDbOESnIGFxVdDDxW9UIV47z5czLGGgLKBrJzkmP0g0F4eP34sCas6q2sK8X4DXDXTfbWb+xibsZV4k/7GbDhY28kmaxt4RqZgRjbv19yxxC9//iXs7e1kYhCHadnvvDTZCR8XK7i6OuOmTyz6Rlpw91YMONU0Zd9BYvp6IVtGUWoUjAytZM9rD4/QBxhjhsvcIALdbeFgb4mI5DLZvZaRFx8CM2sbONqaI6W4E73VaYhPLJKeZaqnGs62pnCytUb001pMj/XDz3X1Pbh4haN/l8SbyFvfyor3fc8L+MzAE+Mzqyk//T2dmFtaQUlCMAxM7WBiYoyUin5gYQQB9sawdHaCmYMt7I0tUNELzLanwdM9FuNj7TA7pgcL7zvo7KtDuKs9Tn32Hj44YIuqskw4eq2myiWGe+Fp01r0wfYQ4r27MDCN9fSVhXMNm0EItB96X+hGZ216dSDEexO4wc4X2+3AtM3YjnhvRFG0NQwcVSt+u4k6xJvWt729/YvGD8qKNxc29255yB5vifNnriI+oxLzA6X47DcfI6myGTXJ3vj9vku4F+6KU1e8pUeMdFfh2rdfI6MZmK6LwpULbujvysXBT/Uh7cSP5ML40g0puM83vFj2EqO4evoccirKYHr5CpoVDLcQ4r17MGVopwVVdqNmhGD3YLVNbp+woqOqEeK9ARRsWtzMTdMUlBXvhblpTE1vLz1FE1GHeBMGlfCiIsqJ9yIyHsSg/bmYTg7U4uTn38Lvlh9+8+uP4Bt6G6FhtxEWexeRTgYw9Up78UjXc0eR1QmstN2HwTUv9HXkwei8peT5WBnOh6WBGQJcreEXvuq1yAy7iaP7j8E17OV2xnYR4r07xMXFISlJ8d9nPcXFxS/OSYHuwBoSDFxUda8LId5yaKJwE2XFe2OW0dtWg6KCfGkvv6iuXf4OrzEz2ou2zgH54Q1ZXp7HvIpqFqhLvAmLtrArEE8qxcV7BanBpnj/20t4nF+A/OQYnL5gjvLWJngbXUJISjHKMhMR9ygbLSWJOH7ojOx++YiKDcGpbz+Hlc99RNodwKcnHDDYlYPzR66DzrWVoWwYnjNAsJsFTlx0w9jcCp61JONf/+F7SKhTfP9MiLd64cTJ85NbMTthrZramjdIoFtQwLkwU6WAC/FeBwt4ULg18QJSqXhPteDQJ+/Cxm+19KjxpTOyv1+6+1hiVZ7J/mZUrRP51++xNtIDLytr1I68fg9lUKd4U9gYjEhxU7ZnbU12CsJk32F4WBxaR1b3vhfHOhATHobw25GoaF1d8HRUPZXuF/+0DJOjPbgnuz3+USLKqjrwbHYYFSXVkHb9nw2hqqwWQ32tiLtzFz1Ty1gcqYS5hQdGlFgQCfFWL6w9npq6LstDSbhPznNdoLus5YKrSsCFeD+HZSQ1VbiJSsV7tBbHjh3DiySW5gT8fv95PE19CAOZ1Xf7fjGGOwphbGQICzNzpJR1YbDqEULu5mByoA2OVsawt7yB0EereagVqREwMLGBkbU9woOc8e53/hVuD1STo6pO8SZPnz7Fu+++K1ngGsnyCKJ8PZBc3iF/y7YQ4q0eOGHSVa4K4ea5x99ocfFNuQgCXYDFd1Ql4AqJ98o0sh8+kC0S45FXsTqXLEz0IjP5obRwjL/3AC0DL7MjKnPTpPGcitYXZtlQayWeFla8zJhZGEVWTh4GpjYONl6P2sSbRTvYM1eZnMzdQqXiPdmCgzLL29Y/SspftzG6isCEXKT4XIO+cQyWlkZhduobxJQOYqovH8eOXESorzWuGjnA7soZWN7KQldLKQ5+/A3iUh7izP7jqBiexVBnExprMmFy8rzM8lZNdXV1izc5deqU1MBDM1nB8jauzc0Q4q0eGJyWmJgoP6wwFGxGl2tCRotgd6CAs1HSTjtQblu85wbgZH0BvhGPkJ6egqsnDiAsuwM9OcF479P9Uoe7tHsBOH70IppHJ5EcbI0b9j5ISk6GjekV3AzNkF4j6eYB/Mc//UeU9616GLvSAvBHf/LniKse3cAT+ypqEW9GHjPCc6vWfHuNSsV7ogmHv/wNgh/lICcnB6X1ndJwmq8B3MPKZdZeIw5/sQ9t0oJqEjZnjsPB3g42xqY4+OVnuGTnC28ff0kUEmP8cOaMDV56dFthdPw8WpVLcX2N3RBv1t5Vugf7/CjuhvqjuP1lOkj50/uIy9j4+cYHOjAst3XdXl2C9j4Fw8i3iRBv1cNJk3ncqkC4y99O2BucaWRbCu8b2K54L8vm+wPffoyQzFpMTHOmXsDg2BSaZOL77TljqebFYGcBjIxsUfDkAfQvmOHZ2nM+a4HeIT1UTyzhcbgVfvWb38E/vgi8OdLxOn7w818jsWZgb8SbdYf5JWg6KhXvkWp89cUnqJYT2ESXs7Dy5HfxDH7mJ2ETno6itNs4fsEOSdEuMLD2RYyXA6z9E9He3oAHd++jp6sKVw8dQMSTCmSnP0RmbgIufPEFHla+KKe2I3ZDvJWLNn/OaBn+6f/+9/jG6Hne+NIk9n3nz/H9E47Sf5dnR1BfV49xLoQWenH94Be4ldGJRZk5PTc2jOa2LrQ11WNwgp6KFbQ21KOx4/nWzeK07LF1aOneXqDgRuyWeHMCYXUpugPpwWLgZ1tbm7TPt9HBxfJaxyF6vlgDXBvcxrSaeB2y3epO4TVNq1sbPrei8Pfkbyz/u+vyQe+dIqWzWRPgwYMHW4rvZmxXvMn8YB1cbO1hfPasbB53RU3vLLrzbuMXv/4Q7jLj1c3mGt47egVh/pYwNY9c95wLsNH7CjHlk3h82wLnr5vAzTMSvX21cLGxx/lzR3GntG/3xZsl7LhvpQ2oVLyfjSA1+REG5C3AimyUVK3mtS/P9OK2vzu8fUPQNr6E1oeOOHbVX3bDM8SH+8LfXybkCdmYXWJ1t3J4e/rCIygS7UNjyEu8hei0jXtnK4qmi/fSQAmOHfgQJy5Zo0M2Bw+VJ+HLD36JMy4hmOqvg7XBdQTdDoSZlTvKKnPx9c/fgWVEIUYa03Dwt/sQdC8FAXZGSM5pwX0vC1y384CZuSUep6XC08YMQVFRcLI2QkJxq/xLbwtVijdX6Jyk2KqSVcT4uzCClp4Leq8YvU93IC9SX19f6eDtGx3c91u7D2NN+Dg+nuc4/2UPAVqlbOjBamOMSdmq/7W6YbVFiq18bXxloGA7OTlpbqzFDrGxsZG6+Mn/7rp8sHIjz4/tiOka7EambPXO7Yr3dFcJIu+kvbhfSYQtvjzjgeLsCOhbeLwY97p4AIfPncdFmQX+wvJe7MDpwydQMbaERD8DWAXfRUKYL2zNbRGf/hQ2144gpqR3d8V7Lc93qw+uKahUvBVlrh/OpmcR9HBjV7A60XTxXuwrwMnz53DTwRnJZY1IDPODnZUxTNz8ccfjGj45ZY+S0hJYHfk9rniHI9jSCGWDwETFbZw84SA9R7TNJbg7ueDUseuYlEZWMN5ZBL2PDyA44QlKK2swqWTunTLiTWGh1ZyVlSXt7fKiY4crCiyj8ymszGnmpEPramBgQLK4uYenjEW6vLwsCTMrUVEY+Z7Z7pBd4Li4DgkJkUSecSm8BuiyZjEUNu5QReDPdqBXga/d1NQkf5NS8HtNSEiQH9YZWARpt1tk7jVDQ0PSOaqIpvC84uJXmfNqu+K9ONGKiye+wjX7IDzJyoa/3Q3YhuagOTsI732yH+myBXJmUhzOnjuH/LYe3Pe5DgP7QGTIrj8ny6twCEyWXiPS8TSu38rG0BMX/PX//DkaByZhcupjhBd2Y4u3oDrxphDyS95pwMBusqfivbyImWc7b5KhDJov3nnYr3cJBYVPYHH5ClwD4pD5KAjX7d0R4XwRn59xkHKAkx7Go6ShAo7nzqBUJt7jFaG4dsVTeo5I26tws3OA/inT1XSx58wMtiP5YRKuHPkYXvHK1brejniz/jI7X1FMKJK0HmgZMw2K0fgUcrpBl5aUW0CoCk50tH4p7PSaccuL1zEPTmKczJgtstVkpih8vp1YSPIwvoILob3+PtUJrW56S3bGirSoezavHdsKvE44Ryt6/nHxy8UxxV8RtiveEgujSI6Jkq7plOxKSWwXxzqRFB8njcVER6Omc20hvIyijIfSeFph3QururulGrWdIzJTvg9ZhaXg2VtfWYSe8a2LgKlEvDkJcTLTtCIsW6Ea8V5atZA2MI4Wn81hfl0jjaUF2UXzbIM7bsbKMuZmt/4RFUUbxPurI6cxLBPAc7/7HzgbWI3OnEAcM/PAUHMBTK4aIfHxY/jKLOvSxga4nfsS1pFF6K+IwrWL7tJzhJqdQfSjUgRZXoSFdyS8vD1w/9FDhAUHIjktDS4G5+F9v1julbfHRuLNi50TK13fFGmKdWBgoNRMgecZC4ZoC/wstPCKiookK51WDCdC1q6nd03Z5iDrkVJp4uPlh5WC8w6/793yGOwVOxXvkgRPHD51UXoeBysDWLrHya4xzV7sKCvehNtR3C5SxHOlkHjvMSoRb0b4McJa29ipeA81FMDR1lKaOG4YGCAiOVdaOa3R31iO9rYWPHn4QKqxPdZZjararS++2b5C3LT2xtCzCVSW1KC1PAPpha3yd1MaTRfvlcUZdHR1S6vTwZ42DM8sY3F6BJ297Gwus7B7G6SLrKh8NRVooq8RxVVNMmt3Av29q3uno/1dmOC6Z3lS6vL2pLBKyqUc6aqXHltSo1yON+GeKvejaeXxM3I1TUuVFxJdz3R765oFSDGncNO9zs/K7THmY6/vJLdd+P0o6grdDHr6+Fyc5HWdnYr3HWd9XPC49/x7n4fJ/o/h/rgLK9PdiAgOQkBEPMZlNy3QOyWbH+6lFmOovwnRt0MRFByC2t7VRVtuyh2EhASirI21xWdkFmUK7oSGIfxeCqakbNZlVOUlIPT2bWRV7iz+YCfiTdYWidt9/Fsl3gUFBdKenTayE/FemW7H1dOHcLd01dsw05oPeydfdI8PIyM6CsGxj1BclIOUiJv46Xd+iJDsZgx1VKKsuhcr8yOIDPKAj4c38uuHMDs3KDv5vRDgE4j6gXnM92XgwlED9D2bQvHjRBh++x4+2G+DuvpKZBRWSK/XWJ2P2h7lOutounhrOoz81tPTk84dun65j03X89sC99MZIc49ZlrlvP75HWzH8qXL1tHRUSXNifg+uIhg/fK3gZ2Kd6L3JRwz80JjYxOaqnNx4fhpJBVVwd3gAoJTCpAe5YwbrtHIf+CGDz+4gMq6Klz8dh/8HpagOD0O93PqkH/PC2eMXZCTnYLTxy8jo/wJDv7k57iVmAlb/S/hmlCF4focePiHoSQjCr/97Wco7lN+IbtT8eYiml6j7e5/vzXizYuV0YDq6O6yG+xEvDtzgrFPz0Z+GEt9mfjond/jaXMn7jlfhKmpLS4cPoGSoQmURpvDyiEUvhaXYB2UjNKcJCRnlMlWubekEp9xNkfx2XkvTI6Uw/icNXqGGmByWh+2xldgZB+PMTbqOHoBnTIryO6SPrI6lHOpC/HeGSz5a2hoqJIIaV2AljQLE/E3p2XOmtObER0dveNmI2vwHFbVc2kDOxXvFN+L+NWXJ+DFTAR3V6RX9mK5JRk/fOc9eN4KwW1fexw+dRUxoW6wd1lNt0oL9sSVqxZw9/RH58gI7PU/Q3TBpOQVi7HWh7WbD6yvmGFadt9y2fxm65WBqYF6uDu6wMPBCr/81a/wpEX5/fWdijdZq7a3na2rt0a8ueqlK01b2Yl49xSG4ZuTlq+MDfe1o7kiAQZnLaSTO93XGO4+QXC8ZgJmFVfFO8Pe3BaX9C6ibjUEWqL8USisnTxhfv4rfHHGHiODlTLxtkLPcBPsjcxwy9sBvrfzpPtGulrCzsEF1i5+UE66hXjvFO5501UreBVOjrSCuddPi5z7/+utcZ4PHFfFxMh0N0bov03sVLzvuJzBFd+HWP/1L/QW4sAnXyOpohWdzTUoLKtCTowdjCyiZPdbQH9fDwYGB3Df9QxOGXog1PUq7CLyZbfNw/zkYfhGR8L01GUMyp4095YhbgY+RUaQBfSso9DbVY6Pf/EuEuvnXwRoKYoqxJswGJOeoq2e560Qb+5xc69bm9mJeONZH8wvHEFQep2UBtRZeh9ffHkYj3Me4NoJQ0lYk25egaOrNwyPn0HLomxlGmMFa1sfmJ85gfCcHsxPD6G2Jgdnv/oS0WU9qIwwws+/uoaB3mJcOW6ELpnlbX7xGnwcTWHpmihddAOF0fjB//wOQjKV37MV4r0zNgpYE7wKtxZYLIMuS8YE8Dtj7rkqvBXszc3nUiQQSRfYqXhnxbnDI+7JK+JNalIjYWBqC0czY9xOykNtbhyCQnm/Z0iK8IaJoyvsLWzwqKQTs6PtsDM3gK21MW7eTsf4ZBP8HNwxJnvSmqQARCVUYbApGwbXb8isdT9c1juGsPSaPRdvus/5PNzueRM6L968AHkiMYdUm9mReIPR/Q1ws7GS9vCuG5ghq7YbmKxDkGco6KApexiC5PRShDhcR+DjCrQW3sOdhxUYbCuBmYkB7C0tEfe0DIWJt2Bi5wR/DzfckF1E5fVliAyIwfBED6KDI1Gc/RCXrpqjWUrxbMPJQ6dRu4OvfrfEe7v7TNoGhUmI9/agwNIaP3DgAC5cuLDjAipMv6PHT5GqW7rCTsX7TSzPz2JmbmP39tzMDORvmtkqC2ZpHnNrmTbLe7fnvR5+d7xumR65GTov3sxb1YUgkZ2K9xoMnNmSDU6GV0dev12elaVJPI7yg/+9nG3ce3N2Q7ytra2l12F5Q+6JbnVwUt/ufeUPPlZ+bDsHX48WIR/PfVr52zc6+BhGWVtYWMh/ZMEmcALmJMNccs4dt2/fViqtlBY3g+PeRuEm6hRvTUWV4k2YDcK5b7Pn02nx5sqXaTK6gKrEe9dYmUN9TT0mto67eCO7Id6MheD+JrdWuAe62cHbOSkdOXJEitze6v7yj6XXg49lcRH52990MLCKIqKvr4+vvvpKOg+2+9rMHWV0tWBruLBlyVJOwmvw3OD3zT1I1ojYDhRuWtyqyDHXVoR47xxucfJ73CzbQWfFmx9I/kLUZtQp3n0t9dKeb//YDpVWDeyGeCsKA5CUjRxmZS1FJzVafgx4YvQzqzEJ1AOryXFhJQ/3INPS0qTrj9Xy3lRjnQYDLe7tCr2uoqh4r0z14ra3Pdxli00uOF2C72J0dgPX+MIoSnMLn+doK053fQlqmzeoZDY7gMb2nbWEVrV4ExYfYiGljZ6T5YMZo7HRbZpGT0+PFPuxLfGmu5ApIbqCWsR7eQ6JUS6wsfOSrLQzR4/hTo5mtUbVRPEma405FIWubAZGbQcKNUWbJ72uBtRpCoyJYT3uN6WSssgKA9t4HW5U6Imu9rfZVb4eRcV7uikNv/voI2Q1NEu9zcNsL+Gk6S1JmHqaSlFQVIoZqfHeNJrrGzEmWxwNdrejuKAIA1KbS2BydBRt9VUoKCzH3As9m0NpYQHKm3qk/412NaKjaxCTY0NoKC9Def1qMO3TYAMcOGyM/kkGFs6jsqgABcXlmFLAnlGHeBN6BTdKaaRHjWmg1DpNPrjwpSeKn2NL8ebKmPuY2h6kth61iPdUKz7/5D08aFwNipgdqEdOeZPs3J3Gg1tusHV2gK13FKZm51GaEgoTW0e4Bt1BR1sDgmTfr71fnFSNraMwEWaW9jC3d0P9gGrrxWuqeBOemHRbbScncz1cSW+VtshSpTzZWVhIoH7u3r0rVbjaDqxBzUUVty7WCt7w92QDlbfZVb4ehcW7ORMHT+ij/7nwlUXb4bChHyrzU+Hq44sI50s4ZxkqE9NOuJhYIMLfGV98cAK+XrL7nbPEwOwMjL74Gb45Yw03i4u45nkXc/NziHC9BgNnP9jcuIKQpEJkRzjCLzgCV7/4BKb2/rh64luEP21Assd5fPTxGTQNTuKWnSHs/eMR6W0D33vZWNymFqtLvBm/stHzcpFITxB7EiQmJmrswdQ3Vo5jzYktxZsuTboYdQm1iLeM1tJHOH/+MkwuXYNvbApmZOdH1T1HHNJ3xODEKIrzClCVGQk9/StoGxxFsp8FvvzyY3z52UW0j89gtqcABz/bj6eNnSiNdcQXxywxrnzA5mtosniTtTRERTooMfCM+98bwehwekEoJoouCgTKQRe3ra2twhYzJ1XGPnB7jpPTtoJB3xIUFe9nnXn46Ff/CiN7B+naMLZxR2P/OLpK0nA7JgUhtqfxkw/1MDDRBSeDGwh0t4WVy2q3K5OjR1Da3AXTo9/gcRsFbhIX9c4hNCYQJ/UMV0WvIxknzxritpcTvLwDYKx3Hl2y8cb71jC5mYSu0hjY2LMc6yK8Lp/HDftgPHmS9dwS3x7qEm/C7TZ6drSdN4o3Jzxds7qJOsR7frQDVbWr6TAT/c2Ic70OfWM3hLrJVp63XlqG5ZGG0DMNl/6eqbuHD3/497hwI0T6/2hOML77ow/g6e0Obw8nmDt4YeQtEm/CSZyRyXSJb5eNigZxL537fWxSINg9eI5t1+peD/fCaYHfuHFDaoTyNpWd3QpFxXu6OQP7Dh9D68z8upz4ZQSanYNFSBpKEzzw6cFLGJzshuN1QwR62MHFK10mlLOwPa2PiuZOWJ86jZxeCucg9A4dQ0TcLZl4X8cSxbTtEU5I4u0ITy+ZJX7xOjpk4zX37eDgmYr6rCCYWbLYywqWnk2gpigPQRbHoCez/he2KcbqFO8161vbF4hvFG9dtLqJOsR7cbgWh774CO53ctA3MIS8KFfoWd5G8eNgHDlhhpbubqSlPUbpk1icPXsBpU3tiHU1xr79n+PSBScwbOfZQCkuHjmJ1OpONJflIj2n9JW2ljtFG8SbsJ4ALfCN9kI3ghc6LTay3tpme07B7rFmdSvq7mYADhdg7ClOGJPAhReD3gRKiHfLExw5dRY9r/ioFxHrbIirrqGIcjPFz3/1OfLryuBuYYlbvs5w882QCeUMHC5cRHXXAG58/mN8e9YBruZnYez3APOL84j2kD1eZlBYGl5F2OMSZIfbw8MnCA5XjSTxrk1wgpNPOgbqHuLLL06ipm8MKZH+uBl2B4H2prD1f4jFbYqxOsWb0PpmJoM2s6l4M7SeF6Iy3YM0HXWINxnvrcJNKxtpf9UzMBYDMzSbl/E0PgSusjGPiERMzS2iqSABti5u8I99jIGeejx++EQq7kL6qp/AwdENLjYueFzS+Eq3sp2iLeJNeP5x4bjd9pFM/2J0M0WfPZ4Fuw/35BQ9vxhRzrgF+SIuXHgx+peudEW2UXQRRcV7ZfEZhkdGX587ZJZ1dXkpWnpGMTk6gJGJSUxNTGB6agKTU4zVWcGE7LteWOjGpa/fR8D9UpRWvuxBDZkpUVVWipr21SyNZ1NjssdNYWJsTOrctzA7gYlJqaUf2pvrMDglG50fR1lpCcpqWl88y3ZQt3jzvOMCUV3PvxtsKt65ubla2zVsK9Ql3pqONon3GoyuZPDSmyZwur9Yc/zo0aOS6At2H7q9udhXpAwqA4S44HrTttxagRe6Ot9WFBXvnTOFzIcP0D21d8KmbvHmnMGqa3wdbWVT8WavaiaD6yIUb10pOKMITM3RNvEmTO3g75WXt9qkZT2c+Gmd0cXOlTSjMAW7jyItgplrT2ub5+N24IKAWyH5+fnyN70VULyVqUynzfA6Vqd4E6aH0TBQ52uokw3Fm6tcXe6exNxHc3NzKff3bTk4AXLCZDCQNkKRjoiIkIKa1jpWcdXMz7TWdICFFjYqDCJQP9td7NOTwv1GRS1ppqxyG4WCr62TrbKYmZlJZakZxCd/Xeviwc/JxSA9Oer8rXlOsbX1m7x6msyG4s3ViC4Hi3A/jeXluLLjRPI2HPy8zBzQ9ujrkpISydLmwYXI+gtvLWCKBUAEuwfT9dYCBjeDliOtZ5ZGfVNVta2g+HMBp2hQnDbD6H0WvWGBIfnrWhcPfk5+XuY0q1O8CecQ1oFQ9+uog9fEm8JmY2PzVl0cAu0iLi5Oqmu+0SROgWC8hmD34FYMJ9rNWEvbU1Vlu9LSUsnjwih1gWAnMFCSe986Id6c+BixKxBoGgwyoeuUK2VCVyL3wuklWrv4uD/+NgYj7hVrgWobZaXQjU6RpbX9pnaMysA9UaaXcQtMINgJLLGsjefRa+LNFbK2578JdA+KM8uncl97PazkxZQiinh5ebk0xngN7p0J1A+jwenqXM9ayVO6PzeqI60quGXytkeiC3YO65loS1OS9bwi3gwK4r7oy6o8AsHeQ+uOwWpvisPgviv3wdlAh9s+wnW+O3DPcK26HecNpn/xd9gtA4Bz1vqgRYFAUbjQ5x67Vov3Wui8QKApULhpcbPf7nbgJG5qaooTJ06otcQmg+PYxIC58ywko8jBAKQXxwa3q/rgnvT6crMsUMEx+fspevCzf/vtt9LvQxf2N998g7Nnz0rjFHF+PvnHqOqgK57NbLiVsibg6rTyBboNvXXa5jp/RbwZkcxoXoFAE2DBldDQUGRnZ8vftCWnT5+GpaWlJCTqcKGnp6fDwMBA8gYocmRl5yD7aSaSHj3Co+RU5BcWITfr9fvJH7n5BcjLy35tfDsH0+esrKyk903rgqlHjB2Qv5+iBxdUXPDz92EUOLc0GIfA/8vfV9UHX+vq1asvqulRwLmAENX1BMqwttDUJuv7hXgzvUak2Qg0BbpguW+63frm8vCxdJ2zsAtX1bQO6VpXFbT6lCl486wrHxf0T8PT2xvezlbwDE3CdkK5nnUUoqR58/7Yb4JpWoyoJZycGKDzpqpm2gIDa9fiHAgzD4SAC5SBFezYgU0rxZv5v7pcmEWgXdBapFWnLBT9tYItdK2yOheDMVkFjBP+TjsKMeKdCwRFackMwFfnzJ7/bxzXDuxDetO8TFWnkBAVAH9fP1R1M/1tBTW5yQgJDkJoeAjOffozfHrYDn2sF60gjPpeL94sqKILFbsYrCbf2pHGBwPotL2egWB34facthVseSHe3EPiHp5AsNfQ1b3d0pmbQVc5L0b5lTStMgZUMZ2MjTQYGa0Myop3b2Ekfvneb+Hp4wMvB0P87oQxpp4tI8bhKsx8ElBVkIBzF2zw+FEU9n2hj/LaRjxOCIX+Nx/B0DYOU/OKLzreJvEm/E35GdWxXSLQXbStBO8L8eZkJlargr2G+6WqCJrkSpqCtVmtc5aL5WKVkzzFnBHT8gVf3oSy4t2ZG4bPD59BrUxQmxuroP/tV/CPjMfJL36Lq05BCAwKwIn93yKhqA7h1uYwdfVE8N1HiPexgF+kcvEob5t4k6amJmlOE9uAgu3CuA1mtcgv+DUVSbyZK8tQedH/WLCXMF+Xru2dlM9cD1fSW7neKfKMvuaeOPeC6Wpn0OZWk76y4t2aGYDPTxk+b7O4DJcL++ERn4ablw/DJbZQJqodKMjLQ+/AMLp7ezDY3wmrM7/Huz/6BdxvKWcVvI3iTVgfm+eAtkzGgr2FC32W+dWW80USb3bZ4ma9QLBXMK2LAqNIS8mtYES4Io1YuGgoKiqSeoMz/oP744yo3si1vlZjW1FGGzJw+vgxOMiuN0dbEzgHxWF8GZhoK4KVubHsde3g6BWFlpZm+LraSe/Dwz8Gj+4G4cJVK7SN7WzPm7DfvC6UFt1KvAm3X+7evSs/LBC8BrNbWOdEEQ/cXiKJN9MuaHkIBHsBRZMV0lRdaIOu0/WipQi8kFlohHXU6X7lwfQqWnPM8ablvZNrZn5+HvML8kK8Iht/tUAS7/eSFSwrYRRQvGlt05vA+uJXrlzRif3g7Yg3rShGpW/UTlYgkEebgh0l8eYe43aLYAgEqoaW7lbubWVY6zKmCjd8f3+/lHrGPTHWQ9DT05P+1gboDjx06JC0AOF7v3Tp0obeBG1jO+JNuB1IbwMXcwLBm6CnjgWGtMF1Lok39/rWV2ASCHYLdpyieKsDXoB0O7NzkKphdgYLyMizvDCL3q4O6XpqbGrZVg73ZkyPDWFier3lrRysHGVhYSF5E8hmbvPFiUHpfbf3rPZL///Zew+wOK4s79u73/Pt977PPvvG3Z0NszuzcWZ2d3ZnPLtjzzjbY3ucJQdJtiUrSygBQkIi55xzFhlETiLnHBpo6Aaa0EBDk5qcc/h/dapBCCwhcqyfn7Loqq5b1d117/+ec889d+9YwCQjuDPPcTOsV7wJ+rw0NPi8WAaOow15oaleHwjxpgq93WONHBzrYSmn8E4GStLiGDSOvd1Qp+NpY95Zfjr44qIyKyweDoa4ddcSDf1zq9+2JoUR7sgWDUAmFkLSsfVkKuQ2pw468ayAtQZeIowNTdn71lG8AcvAeMzsWfs1BsO7KkgWr/1cbES8ic3GKXAcHSjFLrUZB0K8BwcH2QaUom45OHYTiizf6WxY5NomN9h286xo8yh7FegHLg9BWV09CfPQHCR5ucHMMRj1re1IinCFs70NQpKKQSPck71iuNgYw9rcEiFRMbjyu5dxyTAAeWnxqKhnrOCZMUR628HGzhLOD9MwMTmJzHAPWNlawzUkBdNz82jhp8HBzhkWJgZILm9ZjGaXs55oc0eNk1D0zFx8NYC0jBxMMIU0lTCibmYNfQsH1MnGMNZZAVMTE5haM79dmwwFD31gZO6GkoYBTA22wtXWBNamxkgtl7IliYvimeM20Ld0QkNnPySCFNjaOMLG+QE6xqYx2MCDg6EZvMNzMSBrgIe9OWxMdfDOe6eQXtuOnOgAODs6wNLJA5K+lVbzRsWbPjuNaW7kHI6jBRmxNNR2IMR7KS0cB8duQoK6kUjwzbLRiPP18izxTnK7i1OKeuznS4n1h5KyAUpE+bjy8QlktQxBWpYG37BU1OQG4403P0HD6AQ87l2AdUgxZK21KCwqheP96wgraESk6Q34p0pQEmyMG5qe6O5rR35uMTKC7HBJ0Rwt7a2wu3sNdv4RUD97Bh4p1ZDWlqFI2Lhh8R7tqoWehiqszPRgbhcA6cAMFvrLcfXr88hrlkFUlo/aaj5MVC8hpKQRzbxoXL5yFic+PIGgbAkmpoZho3IJFg+L0FqXh4vfKSGrKAtKZ6+gsEWGGub8mpoqhPn4oFZcB9WTb0A/jI+GZAecPGOM/sFeGF0/D9+sBrTXJOK9dz6GX6AXvj2hjNpWGcpLciGWjay4542KN7Hk7eHc5xxPgzIv0poIByHi/AV6+GlKDAfHbkEBVNRh3I5AsudBc7hXrze9HTxLvJMZ8f7quhY7RYm25r5pxrQWQuv6PVB8d291OnQ0DWFraYzjJ89AJO2C7uWLKHsi+Ntf9xZSqnqR5HAfUVn1eGh0E55JksfHwwwv4v1zaoxF6ghrI014PSpGRzUPRura0LqvijS+3Opd4vniPYm6GhEod9v0SDdyHvnj4rnbiI31wW0Vm+W39efhzDcKkCeQ7IH2+Xfw6XFF1FPK9XkpTn3wDu5buMHR2QXa2roI83WEyj25u17OGPzsDWBnbQ+lcx/BNLQM4kwPmDqkAHNtuHDmDlpZi2cKeoo3kdjQi2x/F+haWEDPzAEdIyvH/zcj3gQtbLKUOpeDYzUUJyORSFbv3ne8QDmgaSFyDo7dgHq2FDC13dPCngV5lihN6nbzLPEOt7qOu64rU7vO9xdD+cx1UFRJnNkNKNkloKMxC2+99ApypYN4oHEZFkH5kLXVI6+sHA53LsArWYAI05us5c17aIrr6m7o6u5ETn4BUgJsoHzfBi1dXSjLSWcs2WZUCyoh6e5FhocaztyywZOT0J4v3lNw1jwHBeMgyPoG0NtSiCtX7iOvPB+3z15CVn0nRJWFqBCWwOzeFQQV1kNcGImLl87g8rdXUUpJ7BZG4ax2DXZhRejqkiArPQvt4gJcP30JueIuiAQlyInxwOlvb6JR1g2bS+/iEvM9iJIcoK4fyhQwASuVK3BLFKKlOgmvvvQWwvJqUCYQoVfWBo0zn8I5of6Je968eBN0LreCIsfT2MpztZu8kJKSgqSkpNX7OTh2hOTk5F3tLNIYFrnBtptniXdVbgzi8oQr9i1MSPEoJBpkoI53VMKO6Ux4+oTC28UeGcIOzIy0w93eDPY2VkgoE6MhPxK23g+RnRSD0lrGzp2dQIy/I+wd7OAWmY7RiQnkRHnBhrG8rSw90NLRBWFWDMzsHBmrwQuCtpVBbs8Xb8bwHe9HgIMV7Birw9rCHgVi+VroLWUpMLWwg4m9G0SyYUzIhLAwM4O5nTtEbR3Ii41Ey+JaDtMDEng4mMPRwRoPHiZjdAZoLUuGCZ3v6IV6aRuyIj1g6+COUH9f+EUkoF5YgNT0Cvb8qf5GuNiawdbCEsa2vmhi3h/h5wpHRyf4hKZicGLlvPitNLK0AAW5zw+Ce5RjdyGvDE0L3e/j3i9Q9iFyI3Fw7DQ0t3ino8tXQ6l/yfLebhf9s8R7P7Ie8T6IbEW8CTJaKPEOB8eT0DNBRsa+F2+aY1tRIe/5cnDsJBRbsduZrki0KV/xdk+F5MR779mqeNOa8RR70d7evvoQxxEmLi4OERER+1+8KXE/pUw8SHR0jyKrbhB9W8mAsYo22SgE3VuxzhYgbBlCRv0Q2sdXL9s4j6qWYbSMyqfjTU/MYmp+Ac0dI6jtX5kO81mMjk1BJJtcMZbZOzCBkibmmg0DyG4cweC6ipqHSDqMuoF1vZllbHwWk6s/0gah7FYkGrsNjbHTHOftbqA3It7t4krk5WSxke9l1a2rDz+FBXRKW9E/vjp96uY4yuLdNzAOvmy5oViYmUVF2ygGFiex0/lLAY0S2Rjax7Zvyqysfxz1/ctBdgtMZ6GseQRDcwsYHplEI3Osb3gCZW3jbLAg5uYxNLH29UdGp8BrHkJmwyAyGocgm5Z/jqGhCfCk4+zUw+cyN4e6znGmvdjf4rRXpKWlHYjVxV6gdIkHKbtaYXkL/t2oBG+al+KnxkIUD679sK+XyIwmaGbJx/k2ygJj3Sn5CPCfVny8ZlGKH2jy8KDuybG0aegE1yGsZQozwyP4xlkA/ug8/BLEsC6lkdDnk53XgJ+a1aD/iX1W/nz8yZ1CvOlUgV8ZF+Hf3erROvm8B24WZuEi2PDXd93Whi4cd6+BZIs6QhGcuxWk9iRUAenaz1oadLOsW7wXhqFy5nfQcQ1he/R6ilfhFsN7fHhicnWHkekoTQ9AR+ESQoU0NWqeec+qJnl2ChtZ1vsoi7eQ34w/vl+MwmF5vUjPqcOfaJWj7omOP4l3V30FztsJcadgYMU0u61g7sPD636teKwBE6O46VsP4cQCopNEeMOzCYW1nbgV3c6Kd1B0NW6m9ax5/Udptfj/bubgtw4VeM2Gh59YVCCtaxbiuk5cDW/F2FonLzEyiBe1SvCwfXrNax1VltYt2PfiTdlkqHIfFJyCyvC/DQSo7RqFelgtwlunMDw4DoOHNfjYQQjzAnn0jKSlG5/bl+G/GEH1qu6DXZQI+kXsnBbcC6yBk2gYKUUt+JypBKcDxTCNbYJhHknjLLT8qnA6uB5v2pTibEwrhpn+QX/nAE7al+Okfy2+dBXCsWp5zmlUUg3+2kyITrYfMQ+P1GaEM71iM+aePncS4HaUBBqhYiS0TyCOqXx/eDkN7/mKoRsrhmO5XEQLK6V4x4KHVxwEeNQ6hvyyVrxry8f7blVI6JhCaUkT/tVCtEK8Db14eCdILkod0jb8EVOpA8TDMAyoxjHHSmim96G7bwjn3MvxkmU57uf0YI65P0tGvB2Fo+jrG8Vd3yp85FQFb+Y1UVrVhvcsefiNvQDRTcMwCyjHH17JxIWEdiSWd+Ajpty3nIUIa5pYd8WnBT7oOdsrqIO63ZY35WJfV+DdfD/uXDmFBNEAmwgpxl0XLqHlmOlvga+7OZztrWHuHIxhpvWW1ebCxEAX5gb38dqbxxGYkAl7w3uwMjPAt19fRErdEFpL46GlawJ9PV0klq6cEvYsjrJ4Y2oCr+rk4mreEPO8LuCcdQG+SO5hvpMOnGLqINXitPhMfHhTG18w9UC3dASz48M45ybA2Yd1+DXTGdcq6GXFtbyinel4V+JLvyZU90/AlqlHxx0roBDTiZmpaVhF1OB3Nnx8E9KEtsl5eIZW4u90y/ChEx9vMdfKlQ5ANbCBFe/YZBHeftCMAlEnbj/qRMfgMP5TLQP/k+n40/uVsnvZ+pWR34RLse2PLeqIhCr8m20t5Ab3PPS8eXjRqxnF9TIoRrehf3ySaQtF+L1tOb6OkKCdeePM2DjuBAjwkgkPV5M60D04iN/q8hDTPYfungGcXWofsrtZzx6vogOfOjH13FEAv4ZxzDKdjvPuQqRTOvz+AXzmUYvS/nGYBNewn1+V+T7Fkn4oeAjwEXMstXWa6V9OwSC0lrkPPk6ENaF5dAO9zT0mPz+fDVrb9+JNVglNpzkoTI+N4YZzKX6kno8vGFGUjc/BNbwS/+NOET52LsMLt/IZ4RzEKfMinE3sRFxxG/TSpThpUYgvH5FlPY/fGRbgZlEfvCKZ8/QFyGxnxN+bj98FUgM/jbfUsvEqI4rpla34E+U8BEtGoeJcgl/6NSOzugt/r5iFqzlLMrqA+65l+Cqm64m7JKbxvlY2XgqUokY2gvf1imBWMw5Zaxd+pl2IsMYR3HQoxbnUPsxNDOPn6gUwLOmDf6YEVoUyuCU24U6UGD9Vy8EvvSXIKpfgRauV4m0bWIH/oVLAWPxl+BfTInwYIUUvU9F+ey8bH0R1orF/FMeZ/R/FtCO3QYaf6xTAjt+LczbFUEzrgpp3Of5CsxQfMK//8F4p0iUDTENXAO3CXgRlSWDO/Jta2ISfGPJR0DWGcxb5+KFxJRSCRExHQN64rAdaMYym5dB4Ny2AQwGSu7kpKiqyVjIJ7upjm9moctNYqaamJvs3pUptbX2GO3xhFKrfvQkFTXNWNE8e+wRWyTUYlZQhMCQJVbmReO2Vt1AqkcH8+nmElvdjYUqCy5++idfe+RLe6WLmkR3F5Y/ehk1gJBRPn0ZUaSPqCwLx4cfn0SDvc63JkRZvBs/wCvydkxitHb34sWYxiiaAipIG/KUWH/3MQ5xX1Iz/9nsV/Ou1EFjUzGJmuA8/uJ6Fm4yARqTV4I80ylHY2o8XNXLxkp0A/6aRg1+4VOFdw0K87CdBZd80RgaGoRZcB8VQEf77lWwYCgbhFyNk6ksVEusHcJ5pP37B1NOfaZcjZ2QeiamMsPlKEJXfgJ9b1WNyeha3nZg2LKwN+QIp/s6oAi0Ts7hgWwSlAup4yIlMrMa/2YgwuLijoqwZL9vUIDC3Cf9pW4fS5k78KXPvn/rX40RgPXL6ZuAZVoGf2tcio6YHKkybWdHWh7eMyvFIOowzVsVs+5DDtA//ztR9W+EANN1K8Oe6fCgE1+JOZjeGBgfw0zu5COpgnh+ZDP9TtRgpXcP4WCcHb4a1o657BL83zsfPTCrwqmEe/sysGoVMeX91MxMf+dbjZEAt4toOjpVP06cPhHjTeOB2uxR3jIU5hBd1IL19EoP9I/itVg5Ox7ThJmOB/r2FELpJzTgbWMdYOd34hWYRgmXy3t70zBTOmhfgVKpc+j4yKcJdXj/co4T4PEy+QINDUCU+DKG/p/GBXj7Ma6mvO4Gf65bAs6oXv2cqqoZA7ms7aVGMa0+It1soUzkcl+eg8ut6UcZY6idMS2BTS27RGXxmXAIrEdNqDPXjV8aloG/c0KMcCpkDmOiV4Qf3eFiKPOjvHcIZTwFuRovxAXPfrwW1IocR719arhRvE+8yvOzRiFoZja0tul9nRvG2TjEedjIP3twI/uEu04vskj+E122K8HVsK6658KGSIMWHlozwu9ZCO74Rp0PESBa048dqPJQtdpLHp+fAL5PgFzZVbI+cX90BNaZD8Y13JT4ObEbvOkYsKP0pJfqn6E0dHR02cUlsbOyubjSjIiYm5nv7N7uR+5vKo3Lp89CqfAYGBo8X/ljBfB/uXv8OeTL5y4HSh/j0mzvg8zOgqa4P7wdeOH3mDEoFdbhzXhFViyaW6+0T+OG/fI7CxTg7fxMtmNra4/jHx+Dg6wsfPx+4evmhcx0znY66ePcyHeZ/ZjrM75Mnjqkv9HiXFDXgb/UrMcVUjaLiFvz3i2H4wfv3mA72NKYG+/CvjMjnUxK2zi78kHnfw9JW/B/VXJyPkeBORB2UExvxnhEPttXjrCjV1XXgHVcB9B7V4e/u5TOdgGG4M0bFu4Ft7PHMdBH+UbsAP2HKKmSs0ARGvN9nxDuuqBG/tmtgXevGD3i4mD3Iegi+ZTr23wSK8KpjDVqfeKwiEqrxH/Z1j13xD+Oq8O9ODYjnSfBrRry7xibhmd6MO5H1eMW+At5Vg1BijJ2vEhfd8QvzGO7txytMhzyirhsvahbCr5OuCNywKcDx2C7UNPVAO7oRZ32F+MC/CfVdA3iRMZYimcZnobcbf6nBQ7psGCeZ9s2rZR4LE0P4m/vZ+DhIDPWYBpxnOgiNg5PwZwyAu8x9vGbPh1npcgdkv3NgxJvyS9OqQweDBbhHCvG/9EtwNUzEVIQi2AlGkMlUgJ+Z8XA9qAa/826EbHoG5gF8/MSSj8+dyvG+nxi6oUL8sQ5znn81/vhSJu6V9cMhpBLv+Mu9DqaMEL7mR5I6jVfvZeF+OSO0MyP4K5U8uDSOISqtDv9gWsE81EzlvJuHW/mLk1sZBnsG8a5FCd73qsF5byH+751CWJXJcJwRfP1KagGm8bZWAfQFTEUfH8UvNLJwPKQJX5iX4LvkXqaBn8Y5u2L8p6MAHzvw8R6z/d/7uXjXn6ng5vn41YNmpBQ34e8Nq9hEH0toOBfhJZ9VFt/kMP5LNR9ujRQoMwdzplPyI7MKfOdbgR8z91/cO4kbjiVQzuqFX5KIEWY+LvlW4fNQKYanpnDNqQQvOlTiI5tSfBHdDlEz04O+k4UbCW2491CED7xq8QnTCfg76xp0PkWrVkMJWahzSOti01jSYWQpon1y8ikRlPMDuH6KsZojchnB5iPQRh2GD2KQ6WcGBT1fiASZePvFXyCsvAOJLnrQcghDQVoIXn/pVVxVUoWRrTfKijJx7M134JnKg5+xOh4kl6K2NAtRj9KwHm/kURdvGgq7apOHF06kQpc/yopIe5MMf3EvB+971+Jt3Xz8yLIG/3bqLvQzazA9Moy/Vs5DPCNWI81t+H9VS5ArG8VFp2J85iPCMVchLIo78blRIbTLRtjyUjLr8AfMOZeja/HXKjnQrRiEV0QF/kAhH98xlufP9IpwmRGy/9DmIWN4HtGMCP/GvQkRefX4iVktu077gzA+/tf9EsS2TKO5phV/eCEFV3JWjsGT5f0HN/LwDWPln/erwo8Z4+KBeAK8IjH+2UyECmkv3rWrwOVgEdOJyIUWbxDFTAf8R8z1Tz4Q4N8tBYgRyfBfmiWI6ZqEc4QQP15qH0z4yO2cgGOMCL9zE+Erpp34oXkVGgYm8JVlPv7RrgrnHXn4g5vFSJMN4SPGUrdmDJKF+VmoPijFm65V+JoxOpTSe9He1Y/3mPu4xNzHPzJt2bWM9Xvq9poDI940Fnmw1rldQFZ1J8ySWxD92Ge4gMKqTpgnt6Fctmi6zM0gLF8K86wOiEeYH2FuGv4FbfAp6kZEeS/K+6ZQ1zKAtCZ5juPqxn6ksH/PI4UvA59WgpqfQURZN0QjswhPq8efaxTjZlg9/okRYs2ylXmW58aZnmZuK0xTpEhroUZ8AZmVPRAMkHk6jzTm78p+udqV18vgViBDoqAPhR3yBn9qbAKeGS2wK+wGZdRsauqHTXYHUmuZ+6odQnP3KGKYXvST4U0V9b1IbFxlejGfO7G8B/Uji2bx/BwSeO0wS21DWe8sxkZH8Zp6Lm7mDdJBJJe2wSKN+Y6G5O+fmZiAd2YLbPJlkN/aHPN9dMCHP4ThsSl45LTCmrmv5nVE5ZIreSlvPuUXT0xMXPWOwwEl/CDxfvpc8nnw0sPgxzQG1CCExWXJf8OpHsQ+9EFIdDryM1NQLKIhG+a7jvKHn08gIh5lobKyHJFBXgj088a5z88hWjRKWV4QEuADfx8/5pmXYHYd7Qsn3sx3IO2HV343uh/H/i2guL4HNhkdeFTZh7i6EfhEpcHG6wFr1UaUdqN9mhxZ4wgo6wXVlpmxMbint8CdN4CZ+XnkCHpQ0bdY4Mwskks64FLagwxhH0q6JlDXOojoih6457QxFvAQZmamEc/vRdfMAqTtg0hi2i9p9zBiq+VW6eTIKDyzpMhsGkNaURP+NyPkeQMre2ftXYxFn9UGszSmrcmUIqdL3n50M+VECuXlVDX1wSJJgtCawcezU4prZDBPakWGdJJtI+KYNqKVfRCX24fSHvlnmZmcgm+eFFaZTOd9SF5CG1O+Q7oUkfw+BPP70TU5w7ZvNYvHMT2JEKb9s8ntRs9iNaiW9MGSuY/gqgFsfWHb3YNmhdAw274Xb5p7S8ugcaxNVU0nTrtW4n37SlyKasOWZpXtIal5YrxiV4283nWYzVvE19eXHWcmaOrFYRXv/v5+NqJ9u+kTpsLWOQAR4V6Iz6xcfXjdyGSyFeJNQ2WUvOagQ8/X9uaoWICtlSWbTGgvGe7sxavmPNzn9R8Ya/UwcWCmipE1sN7eKwfHeiFrlJbWo0QYxGEW75GREdy7dw+hoaGIiorati0+IQGR4SEIDg5FQlISYmO+/571bBQwuJTfnRokIyMjNmHO6vetd6Nx/9X79mJTVlbedsODnlFK0MFxdElg6h1lWdv34k0PKvn4OTi2E2oEn0w9eZjFe3h4mI08p2VAs7Ozt3Wj6HzaVu/fyEYR8l1dy7MhaHbJZsuk4Y+LFy9+b/9ebDSD4alBgltgaGiI7XQ+fQiE4yhAU0BJwPe9eFN+X2p0ODi2C8pqRmPAT06fOszivVNu8/0IiRrlpz/MUF4AbsWxowvNjqHhvn0v3tQrJxcUB8d2QQFSq1OhHmbxXjtg7XAxPj4OExOTbbd49xNlZWVsMBzH0cTLy2ubYyl2hheoh8ktTM+xnVDPNSMjY8U+TrwPBxTDYGVlxX7mw8r09DQbIzA4SDHmHEcNihE5CDOwXmhubv6elcTBsVmocSe36upVvDjxPjzQ3P2DlFJ5M9BqizSuznH0MDMzY2Mf9jsv0HgdNbb73b/PcTCgRW6e1hnctHiP90FU34yWhioUVDQ/3t0tLkNJTcsTb2RYGEFucgyb/Yzf2L3y2A5y1MR7L5Z23W0qKytBCay4dvFoQTNHTE1ND8Tv/sJSdqiD0NPg2P/QdKmUlJTVu58r3vNTI+jtX/kMDvb1QlYchW8U9NFQnY9P3/sQ2S1zwJgIV86cREzxsphP9tXCRPc+3AOjkJoaj/vXLsA7TZ5wdnyoHwOjS8L69Eo5MTIE+QqcM+jp6cHEE0O6I/19GBx/9mKLR028aRZBfHz86t2HiomJCdZ1TjMJOI4O5FEit/mBEG/6H1lKEolk1SEOjo1Bq2ZRRrWODnm++CdZS7w7qrKgo60NOzNtOAZlYRbTSPGxgraxJe6d+Qyvn1QH5XMTZ/lC6Y4WzLQ14JNet6KMGGc1qLsmPX49Lq2HsK0XglQfKN7XZ8uP4zVAnO0LN58cUGapB0YGqOkdR7SpBq7ftUZaaiJc7K3h4eYKHSNTiLsGUBrtAQ1DG+jp6iCp7OmLjxw18SZ38rqWQz3gkIehpKRk9W6OQ0xhYSG7VsGBEW9PT08UFxevPsbBsSFItCmYiaaKreaZ4j0/DM2zx2Hgl4PGujKcPfYlHFzdcf2GHptSsS3dBR+cUHy8IIveVz/FP7xzZ5X9PAfzW2fwIHVVjv7pBlw7dw4iyiDZnoVL19QQynQKzKwfgfJdmypcQVnHIOxufIvoigmMC6PwxSc3UFInQUNTM3pqM3DswxPIrBZDEGeP9z5VQMdT8jweNfE+KnEyNBOHsrhxHB1oDQZabOjAiDet+EQ3zcGxFWh5zGc1ds8U77luXD72PjQdghEaFoHgkIeI87CDgoaX/LgkC6evaLOWd4qHNlRtPOGscwsq9iunN0Y53IemZ9rj12OSElhqXcSpc/cxQTsW6qF64xY8nCxg5Sh/n6XidZR2DMBb8wZSBPJ0oc28TPgFPoCy8l0kRQbg9x9+hYDwMEREhiEkKoFd2301R028aQEWY2Pjx9nzDivUGaXflTxKHEcDMmQp3uEgwIp3bW0tm++Yg2MrkJvxWR6cZ4o3YwGneVtAzy4QfH4RAnyDIW2thbkqI7ThCXC9dxovf34XqZFO+OCTS5CQEk814/zv34JZdOnjUiZ6qqGvrgL3gDhkZcXh9vkzcA1LQoCdGky8oxDmYoT7NmGoLorAuTN3EB/vg4/feBflvaNwVTmPROEERloE8H0YhQp+KTSvXUVkRhF8jDXhk1SEgoQIhCfkrFgYZomjJt6Eo6PjAVqNcPNQTvju7t0LfuTYWyjO4aDUY1a8aT4jpQQ8zIkXOHYWcpXTrIVnNXTPFm9iDkUZMYiICEdeWQNrZc8PSRERFs6IbCrKqutRmJWI6tblebcDLUIkFAiXiyCmepAcHs6UE4bi2sVVs6Z6Ece8Dk/MkVvgDJVMWZGP4sDjCTE2M4tWkQA9I/OYn51ESU4Sc34kCiol7HvnR9oRw9xXeGgsGjppreXvcxTFm3JD7KepVBRwS/fk4+PDjllux0bj+jdu3GC9DDR1bPXxvd7Iy+Xt7f29aZkbhTwpwcHBbFmrr3FUNnp2KLPe+fPnQStt1tTIg133M6x4Ly0TyAWtcWwWyp29lotxbfE+2BxF8c7KytpXQWs8Hg8GBgaor69HXV3dtm00vk/TH1fv3w8bfVZaZIby1G8FKkdHR4dd5GX1NY7aRimdScgpy9p+H/dmxZugikjrmHJwbAZKJ0jJO54FJ96HC/KwLK1Uth+gqHCyoI4a1G5vVbxJtMja3O9itVtQR5AEfL9/H4/Fm9Kkcvl8OTYLRWjSUpHPghPvwwfNLHjWMMluQw0uxVwcNajDQlHxW4Es74Myt3k3oFU2D5R405gRZZbhxr05NgP13NdK5s+J9+FjP6UQ5cR782yfeM9DkB0NG0dn2Dk6orRZHqOyMDWCrOgg9hqW5s4ob5J3+MYHmxDk6sLud3YPQ/fwxuqPKD8JRRXtq3dvmQMn3gRFkJILhYNjo1DAY3v7sysSJ96HD3JV7xfB5MR782yXeFckekFVxxKC5laIeEm4deMuKqWjyPDThJJVIBsYLcp6CFUDGwyP9EP7zmkEZosxODSIcEdtWAZlyO9hYQodbW2YYtNFLKC7sxN9zLm93fJsD8N9MgyPzyDG8iZsfEswNTaItqYGFBYUQjb29JibjXAgxZsaV1qInINjI1AqScqstlYqSU68Dx8UpUzLg+6Hz82J9+bZFvFe6IGmwgVkNy97bosCjXDfKQGVGb749pY6kjIyUCddXI1ufhROJspQNnFHRkY++p9MfrQwCqNbZxFU3IeFsSpcv6aKrLwY6N2zYe8x0vw2wvIkyH6gC//kWpSHmeD4MSV4u5vjkpI+2ia28DlwQMVbJpOxQSj7/aY59hdkcdNshadlVluCE+/DCcXJ0PrXew0n3ptne8S7Gernr6CyZ7mMungbXLgrL7e9pgSPogOgcVsJWkau6BimBD+zKE6PR4CzBZQVb8E9PBtTi6dXJ7hAyyESJbH2ULaIxlBLKjTvWLFlRVneQVhuMyvefkkiFAUZwdQ1nzk2Ds0LF8Br38LnwAEVb4IaYZoewcGxXoRCITvkshaceB9O8vLynplVbzd5lnhP9TciPDAIwYH+EEiXPUPd4nJ2bnOQ/0NUty6tTT4PfkaCfH9oMgZmnmy8Z8HLiGSP0eYbnoC+pcQBe8i+EW9Mwd1AAXaRpZAXMw93HWW4JxQh0kUPoSXdizkSJnHrq1PwS06HiZ4h2hevuVAbjw8+u4622cV7mGiH/s3vcOzLy8iXTmKyIQrXFYzYe/TXvojA3BZkeWrBJ6EGxcHGsPYsYI71wVDhGsqOqngnJSVxrnOODUEP+9MazifhxPtwMj4+zq5/TC70veRp4j3SIYCeqhKC4vJRkhkJFWVVZNT2YaA6DjfuaaJEKEBJykMo3FBGw8AEkrz1oGUfDIFAgFA7Ldyx8MLE0hDqdCcuffU2HKNz2LH+cBcDXFK2wTg18HNjkDRLMLKYLXZhdgY9nR0YmlzAwtQwawz1jSw/GzJpC6Q9ix2J+VlMT4ygVdK6IntfX4cErZ3LyVcWJuXl9A6v7DHsH/Gmr0gAMy0VWHl4w95cE3pOEZieW0ALLw7nzinA0dsbbhaG0HUKxejkOB4FmOH8VTV4e/vAVFsDnvHFWNJuItH8DF45Y4h55r7mBsTQvqYAayd7XPziQ0TyZcj3N0ZQah3KIqzh6FfC3H8/LFTuoKJza5/jwIo3NUQUfPSsZBscHKtJTU1ll4lci8DAQKSnp6/efSgg0aYx/70WsL2CLG/Ka7+XfF+8FxBsoQyr0LLHWfE6cv2goO2FxvIYfH7hFvIFYvSOUjs3g5nZOQTZKOOCgSeaJC2gkdupyQk8HgiabIfStfOoGFksTZqJL79RhKRbAkdDTbh4ukLbwAFN/cMI0FLGtXv2yEiMgoWpGfyZ70ff2BTijgHwYhygpGUGfW1NhOVWoy7NHd+duAlrc10o6zpgYHYW5SlBbMS25f2b8IgXYrCtGub6BvD384WBkSFKm5eW6dlf4s0yPwFRdRVqxCtX4Jsf6UV1VRWqayUr9ve1ilHF7G/uWM6euMT8zAQj8suD4XNj/aipEaFvcBSzs/NMp2cUE1OzmJkcw/gE9ZzmMTYygtlnj96tiwMr3oSrq+uBSc7OsfdER0c/16qm92hoaLD/RkREbPtGC+tERUWxLk36m7bV79mJja5DokHZvY5qh5caX2r895Lvi/c8HFUuITxP9njPbHMavjtzA8NMo9wmyIKLhxfuXr8FE5sH6BiTi0R6pD+8HI0Zob4L36jcxYhnOrkXil+/gVu6VuzQoraWFhJ5YmR4aOALBTMIq6the+tr3HH0g63qTaTWzWOiJg6njl1HZkUNaptaMSTJxZULCuggUejMxtWbaghyN4emUTQjFNNQP3sGvM5pVCRHIrW4HA53vsBxJQd01+XjzLGrSC1lRLGhCeMzy8/ZvhPvQ8CBFm9yC1F6OA6O9UAP+vMsr7GxMfa5Kioq2pGNFkShxvvu3bvfO7Z6Ky4uQskT2+rjG90KC/IhlUpXf+QjAwUqUqBrT0/P6kO7xvfFG4hxugcd96THlndtvDMUjX1QkvkQEbnNj99nd+MMdH3iEeHvjqYlr/RIDb7+8AuktSzumO6E4sWvEFXWwgb2DiyKfbipAj6/ZoKEhAQkPIpEcbUAjveVkV4lX6Wus4aHmOiHuHn1GuIfheDa1btyV/t4BZRvqsDHzRqO7tmMUEzAQkkJlU0yeJvcg3NYAsJtlXHungMrIj315YiODcf1c98iuXK5Q7LX4r2Zc9ZiM6Vt9z0caPEmC2KvKyPHweF5CVp2C1qUgvIzc+w+tKzwXsbKPE28Z4YaYa55A3YPovAoxBVKqvqoaB/FQF0Kvvn2LBwDYpEQG4h7anooau5DdogFTp5XRVx8PEI8rHDX1AuypUHvqXZcv3ASOdKVC7r3VGVA574OUvLy4O/sglJGCB3uXkN6zRSGmvlw8QpEXl4OtBSVkFFaj0gnDei6BMHTQhtmfkkoCDWDiV0qKFLa+PoNVIrbYaVyFQ+Ss+GncwlvnVBEU30NvHwCkJ+XC13Fm4jMX3ZJ75V4S2ryYGtpwg4XGVs5o6Zla4ujlMQFwM47HDX1HasPPZ35ARTnFWJkdgKVRSWP4w22gwMt3gT1JMktyMHxPEi893qYhSxfChp7foWbg31EDV42K8VL1uV4ybECdpXfH29bL82NXTjl04h1NjkbIrekBS+bMPdpy8dLVmX42L8OVYPry4DY29oPl8KVne8qUQdeMy3Fy7bM57Yow9cRbehbX3ErKCxpQ3LbNNqaunE9UooxZt/E2Cjsrc2AWXq1+zxNvFnmhpGXlorUlFR0ji4/G5N9LUhj9qWmpqG1fzlWoVVYwsZwpGfxsCKCYX4akiYxhh/70Zfpl1az5+QUVmN2fgGylmYMTSwwz+IsRPwC9lhV8+JvMTeCnNQUpBcJ2JcT/W1o7xoCufk7mpsxzvQVJvslSGPOqWmUQlxXg+HJWTRWFbPlVDZ0LV8YeyPe/fVZuH7zNoqZ358ycuYG2sDkwSP2fJm4DA9DQ5FZLmbfO9YpQnBIKBLyBKxV3d8oQmJ0LHLKm9jjtcWpCAsNw/1LZ3Dd1Bfill5MDHWgJDsLUSEhyK9qkV90fgw5yaEID4tB99gcpEW++PCNDxFbKkCNoArjVPj8MJJiHiIkIgH9M8z3P9oOXk4Woplysisa123VH3jxHh0d3RdRpBz7HwcHB3ZN+L2EUnWub4GGWXxnmo+3AlpQ1DKM2IIm/KlqPtzF8uc8l98Ji7QONA/MIr+mG0U9cnXLrpShqJf5e24WYblMRyGvB6NMOy4WSvA32hVoXCxd2CCDUYIEEWISsTmk8WWIYDbTlFakdi7WpZkZRORJYZ3bjWGmsZ5n6lgcTwb/3HakPvbbMp8pqhJ/YyyEsHcCjb1j+Mo0F69HdrERyuGL97Ck5eV1fbBMbEFkwyhzfA7qbsX4P2o8hNHrRdKza/HnmuUoZMqrb+vGP6tl47v4diTyu+Gb04GiDkaQOwZgliSBv6D/sXiV13XDKF6C9PYJDA4O49dqGXjRoxERpR0wTOvC+OL7NGxDoORXgvI+uRk0PjAG59QW+FaQOIH97hLLumCeLEV+1/ZG5j9TvA85eyHecY6q0HAhb8HK/cPibKgoKyMuIwsmanfh9MAfpjoqeJicCSedu3CIykKIoSLO3rJHlbgLxWEOuK1midzsBHz53mv45PgxOAUUoinfGx+8fR5JyXG4cPocyrsnUBTji4BHmYiyuoVLGh5orU3DxROXkFORD20FZbRPTSPSSRXaruFIDHWEkq4byjJ98Mmbp5GYnIgrp08js350XQJ+4MWboOk9hzVCmGP7IItXLJb3tPeC/v5+dobE+qZqzeKiVSEuZixH7Ko68XAuUYbIrEb8VIeH921K8Wu7anztUor3wzowPT6Cn2gWIap1HMb+lXjRhI/fGBXioxAp+KI2/JwRWMrWXMB0BP5CvwRnAmvwL8YlMGQE+nWNHPzYogpnvPn4Y91SZHaMwyygEr80LsdvjAvxXlArJJ3d+DOFDPzKuRbR4iUpBCISa/ADDR7UEiXQjmvAL/WL4Sgcglmg4PE9fBAsRV1rN/7qVg7echbiFecqJErHoOXFww/ul8C1clE4GfIKxfhz1SKoMOVpxtTgR8w93ompw1/cysKrDxqRUNOPu94CfO4uxJ+q5EGvYhi11W34B91inHkgxC9thYis6sbrujn4pUs9rGJr8R/WtewUp9AEEf7JrAL/rBCKX7vWo6F3FCcsSvC6TSV+plUIjcJ+ZDLX/6Nb+fjUVYC3vOsgGvu+FbtZOPHePBsV7wib29B2p1Smy/tGhweQ4KSCezbxcgu80Aev/dPfQsEwjH09Xh0JFTUDuFnoIiRDyoqoqYICgisG2b8TXLTx0bFj8AgpgTjXB3omkex5TncuI6V6FM0FcXB084e56nc4dtkAg0ONMFU1Q8+IFEZKmmiS1OLmd+cgYeeaDUL/lgLcPZxgahLEluOlfoXpdHcdHfGmRd6pUeQWK+FYi70WbxprpfwE6+P74q3mVoYLkS0441KMH+qX47inAL9kRMcpuxVvOAqgHyXC697NGB8ZwT8x1iqJ2MdOfLziUYuIEil+ZVaNEczjkmURTiXLy01JrWHKKsIvdHnwa5M3At+aF0Ihphm/1MvDL2wE+MSZj5fdREgTyfAr5n2Fq5xc4QnV+AtNHrRSWqCf3IyPnStw1leEH+vk4sXFe/i1qwiCHkasAwT47IEIJ4Prkdo1g8zMWrwTIFlRHon3n92le2jCvbhmxDGdEUlTB9NhKQfrN5kch350A25H1OJHt3NxM6MLRsEVeDekc7HRW2D+m4eiYzGs66YgEbbi51Z1mGO+00+Zz6pXPYu8+GAU5+VBIu7BHyjm4F2PavzOkocvoqRoaB/AaddKnPSrxTeRzaga2r7ofE68N89GxbuzMrefcDEAAGUNSURBVB6Xb92HeFA+/l8V64CL962QEeeKW1pO7LzsPH9jfPHpx7iuboUp5nXtI3soGjjCz0INPo/qWeH31VGESQiPva7tnbP43QcfwTmwEHXZXtDSC2b32ykrIK9CAotb5+CdK0ZtjAU+OauBnp4qqF3VQsdAE3QU7qC1tws6175FumSaTamqcEkJIUEu0NP2ZstxvXsR4UdJvAlaLzYjI2P1bg6Ox9ja2qKhoWH17l2BFjvY2PAOuc3z8Ka/BHnNQ4gsbMFfahQjtGEE2t6l+IVHHUJK2nAmrBl9M3PQ9SzBC5ez4NzA2JczE3hFLxffPWqDW0YTVNJlKBO2MGJaiT6mWXBlhO6HtrVIb+rHGUcePvCvxVv6hTge0obs6k78s1YRPCt78Yl5Ab6NlcI9sxlKqV0Qt3bhX9R54C0b3SzkNv+hkRD87nHUMZs+Y7H/rT4PvzAuwsX4xXtIk6FVNgjFsEZ45LfiH+5m4nRaL9Jy6vHXhnzwepa9EamZIvzQQIBlRzrQIGrFP2qWg2Llq0vFjODmwjynBf+hlYNref14lF6LvzUXILGuDxqRDaxVr+RYiE8j2xGdUc9Y2yLmG52HujMPrwZKEJJXi/fMYpHFvP8ftQpgUdwN3Zh6OFUMoaKuC9ciJXBKb8D/cy0LFlXbNz7Oiffm2ah4E/ycUGip68POzgZ3VPXAa6QsdSMIdDKAvqU1tE2c0dgmQ0awDdSMraCtZ4EKSTey/awRmyNhRXS8qw6W+hqwNDfGue/OQ+W+GiKThGjlx8LVI5m9n4c2JuA3jSA/xB5aFg7wsDLGleuqqJFKYaF6Az6xMfC0ckD3/AJ73h11TRjp6SAksxpdwjg4u8Sy5UQ6GCOjgmrp8zk04t3b28tZ3xxrQqlRa2pqVu/eFcjqft4c85XMwTFShFcsyvAbm3L8xqkSjgK5a3lkYAg3vBmL2oIP4/x+tqILBFL83qMe0sVo1obGTnzlUIZX7KsQJ5lEl7Qbp/2aWLf53MQk1B8K8bJFKU5FtaJrdAyfGOTjLS8R3rAux/2MXrbMZkkXTjJl/NauCpFNExjpH8CFB3UQrep/5PFa8IpZKX5jx8dvmPNfZ6z01L4ZtLfIHt9DpHgSM1PTMGQ+0+vMe74ObED18BzGevvxqQ0PyinLQWvllVJ87d+Enie81W2tPTjn0wByDowNjeLWAwHe8xPhum8NDAv6MT89DYOwKrxkWoqvQyWQjs+jlLGE3rCphHa0GNcipKBR+qH+YVzyKMdv7UV4xzwUJZWlyK9swzvMd/GBZz2Eg7MY7B/BeW8B3rbh4+YjKbomObf5Vtkr8SbmJ0cxMDC4nMhmkWGmQ/2kT2V0aPBxzvLvM8vGUayHseFBTC+WM8dedBbji0lcloqfmxzB0Nh6hs+ezaERb4Ib++ZYi72KNqeOJU1pXL/VvcvMjuK3GnmwrdtaY3LQ6GlvhY2V5erdOwon3ptns+J9WDlU4k2R59RIkouSg2M1tLIUn89fvXvH2Q9pOddkYR6NsnH0Hi3tZqFsdzTddLegJD3U4B41yLDKzs5evXtDcOK9kkMl3kRmZiY7/s3BsRp6LtY3TWv7oEUaaKx9v1ewowpl1KPhNlorYTegxURUVFTYYZTVKWy3si2l2iWRpLJ3K+3uejdlZWW247IV1ife8yjPSYKoY4NertkhtLR1fs+1vhUm+qSQjc2gW1yJesly4Ol2cejEm1IgUlRxa+vKhPMcHLGxsYiPj1+9e0dxcnLas3H29ULfCQXTubi4sI3jft8odoHq+HZ52MgipPn3uwHF5NDQDTW8hYWF27ZR+tu0tDRcu3aNHTokoVz9nr3cyOM1Pb0y69tGWZ94z8Lq5hcw8c5CpbAKT87yaxIJUSVue/x6oL2J6UwJ0TM0hrpUF1y8cA8tA8vBidMTE+jvaoeQKYddF2aeEWKpBPXN8gQ0U4PtEDDHBiaWL9LX1sDsE6FvaAie985Azz0d0mYx2mUj8jKHuyBkrintk4djLkwOsEsVtw/I8yaM9bSxHTxp9/LUyWdx6MSboIhiSshxVBdg4Hg6NBuBLJPd4qB4gUxMTNixWJpySePzB2Gje6ZGbjugxo8WOdqu8vaK4eFhtt3b7435ZlmfeC/A8dYxfHRKDZ6uZlDRcUTP5ARSvS2hb+cNJ0td+CbyISqIgpq2FSIjg2HDdFq9bTRx/KNvwWtaDpwM0LmIj07chLOtCdSdHiA5wBnfMq+jU0rR18CDg70lwgPdcUNJB9LJedRlBkP5ria8XKxh5+KFe19/CEWLYES5GyIwoQ4jLWVQU1aGu6879C08Ia4VwlZPEz4Pg2FibIVQpq3Q1zVBVGQkTMwtUCmVC/6zOJTiTdBY1m5bWRz7G7JOaNx7N+jq6oKVlRUmJlaua7wfodWn2tqWLZKDgLu7O7tK2Hax9HvRut8HFfI20mfY7435ZlmfeM/C7vZ5eKa1sZHdNsqKcPbxxVeffYnQrEIUPHLFp19cQPhDPyhcVEdmcTFErT3oroqGga7nE2UvwEX1LKyjRKBdniZ38NmXX8LWK4d9PdIqQJB/OJJDPfD662+D19YPm5vfIaJ0mL3u/Owcom01kFAuQ+4Dbfg+qkK6mzq0XbLY8zE3gzTm9QdnNFBYXAQv3at4593PcOWyDhIKilFZ17xizfCncWjFe2Zmhh1rlEgkqw9xHFFoMRCyTHYDckFXV1ev3r0vIfE+aPWELOXtFG+C3Oe0nvtBhdyvNKSw3xvzzbI+8WbafUa8fbLliU4ctO7B1fsBTn5+Ag9TMpnfOBMpmbmg2X+ddeVIj/XF1SuKiI/zh5GOxxNlz8NT4zZ8M9vZclx1r+HTL0/APaCQFd+ySCfc0nJAXl46zn99EqXSflgz4h1bOb44HWwOgYZKiOXJkOetA794IVJd1KDvmS8Xb4ZUF1V8dlEXmVlZyExPQlldC3pbG5CZGoPL35xAevXAmvO9D614E0vBQiTkHBxkXZFQ7XQuABp7DA0NXb1738KJ9zL7ZeW5zUDDQiEhIat3HxrWJ94LcLj5GT4+rQ0fVxPcNnHFwMQoEtxMYOoZhrhAD/hHpqKyNAfWrr5ISgyFhpYlsvIScPHkWRQ29j4uyUv1BH5/4h58PSxxz9oJYe4msPeUW878aGfcULPEo9hgfPz6q/ArbEV1sj8UVXUREugGl4gkRNqp4Y6FL8IdteAdI8KgOB8qN5UQwPxGpo5eqCjLh62eNkKSkuDNGBWhwUFw8GDuKSkRmnfUkCWS53B4FodavAlynUdHR6/ezXEEoYAZcituV6DT02hvb2evsdXgnN2EE+9lKP88TTcdGVl7vHE/Qh3Gw5znYn3iDYwOyNBYW4OiomKMPO6nz0BYRuval6GfDTCbQ31VGfse2Yg8NqqxthKS7uW8fi53TkDDNhqFVA7zloWJQfQPLg2rzKNByEOpsAkDfV1ok8lnK7Q1VMjLpAi3qX4Ia2rQ1d2N4RH5PMzR7iZ2+K6uTb406dRQO/u6XChhX0sbBOzrlp7nZ/U79OJN0efkKqUfnoODGuadmolwUJ81TrxXQtHRtOb6QYOEbS+SEO0W6xXv7YKXFoWyxvVlVdsLDr14E7SGMrnPD3IwCsf2QNmtSkpKVu/eFuLi4tjpaAcNTry/DyXWocbxoLA0RbajYydWbN8f7LZ473eOhHgT1GB7e8tXbuE4uqSkpLBJLLabsrIytmNwEJ8vTry/D80SoOCvpqam1Yf2JTTNj8T7IA3XbJSdEO9uUQaiY4seB5FNDbagtISeqwkIyivYfPj7lSMj3sSjR4+48e8jDiVM2e6I85aWFtjb2x9Yzw4n3k9HJpOxHrudjJHYLui5PsyR5sSmxXthErV1teyiI73SOog7h4HZEdSKGyHKdMON82qIj09AZVM3FqYHIa4TQ5Ttg2Pvf4ncFua3nx9GemICErJ5bAa2yb5OVPNL2bS6ZWJ5whYS+5LsRCSl5GCYxtknhyCuFiIzOQGphZWPM7d1NpSx5wlb5RnXusV1yEjLQl3bxjP8HSnxpg9JCfJpTIvjaLLdFspSYgwamjmobFW826qKERYWhofBj9C5GPwjquShbTFrFPMtITUjE/kF2YgOD2ffS1suf/OxAbsh3gRN96MI9O2esULlUWpWSstKsyAaGxvZJDGlpaWsF4c2mrpGniJa0KO8vJzdR8dpShh5BKhzQR0LKucoBOZuXrzHoKd8BY+E/QjW+BDva4agvTgc98390Fweic/ePIXg8FBcu3oLsYlhMNawQ1lBFL45fg68hlY8MFaHa0Q6wt2M4RiciRw/bbz8xgmEMufcVFREgaQHeVFe8ItOho/uFajYxmKkOQtv/vLXcAoIh4n6Dbil16CrMgWqqgbIykmF3n09FDQ0weS7E7hj8ZAT7/VAKzvRA3DQgoo4tg+KBt+OpCQ05YyShRz0zFxbEW9Bigdu61qguKQY8b42uHbfCIMTM9C6ehwPaQnTuT64marBLCAWpiqncFnXmc0vT1tVY/vq4tbNbok3kZWVheDg4NW7nwtFrNPsA5p6lpyczJZBgXCenp7s/ZOlTN89tUc05ELZ+ChinKZ70UYxFLSMbExMzON9dJzeR++n1LvkGaDEQ99++y20tLRY44SyCNJ0RXouaQycFmw6DGxavBnygy1h4uIDL0M1qGu7w8FSF/65regu94OGrlwAfXSV4cJ01Ex1XNHbWwUzHSd01Obj7bc/RkB0DGJ9LPDteSV42prA3Es+ZSzPywDKTo9Qmx8P72BGqJVP4ISyHdqrM6F420x+r/UpULhjACvtGzhxy4zpZMVA9+pJ6Hn6w1btLkrbN/55iCMn3kRPTw9baSjNIsfRgxZtoOkYW4Ua08MwNWcr4l0QYoLjtwxQ39oJ8mVMT4xgem4SRqqXEZaeB1t9LQRky3O7extehVtm48oCNsluijdBi2uQAD8LmmJWW1vLiiYJKN0fCQ0JLCV+SU1NZfONkyVPgk7Cvl3pm6empmBqasp+H7TRs52UlMQ27HR9ug+6H3pNz2tdXd2BGApYzVbEe6KtFKfeewP6wQkItb2B33xwBm3TC2jPcYO6pjwWyltHBe5uLjDSZES7rQSat80ha+Xj62NfI5UvQm11BXgVQsS7GEHVPJo9J8j4Foy9wmB65wYeFtah2F8bp5Rs0FWbh8sXdTDNvKctwx1XtewQZKeBK5oeqK1vQHlxLsQdtbC4dQ154s15AY+keBNLD8JBSF/J8XSo0aKOGLkcybqhRotcjTSmRAJNi03Qw/3kRg2ptrY2Ll26xFow5L4lC4catby8PNY9SZnYyGJZa64vNcZ07mFgK+JN8FLDGYvFHsrXFOHmn4CpuRmYXfkdPvjqG3z0+6+QVCPPF+2rfxrHL91lLU5Hd1+0Dm5evHZbvAl6dpay5lHHn9zYZOUuCSQFxJKlTPfV2dm5bUMzz4N+u7VymlM9oQ4DudvJvb5ktdNGzzDVHep87He2It7AKDS++AxBxVKUhBriy1vy+IDWwiBYWYWzf4fbGTO/ZxCcrPwwNirDvQvfIqasBbxoT+iYO8PZ1AhBSQXIDtTHm2+dZM4zxV1DG7T3DyLSUQ8Gju5wNVLDaQV1RpwT8Nmrb0LP2AqqqreR1dCH+b5G2Bhowc3LC4baZqhsbMADI12USjY3JHNkxZughprcWLtVyTg2R3d3N+sCJPcliTK5qsldSCJA45HUGNHUHnIpkhBTpil6sOkcarCe3KjxpWO0LCPNiaUFOciFS40ujRlSZaBGmFyR1FDQdahhJKEny4vOoelgdL3DwubFex5pYZ4okizWn/kh3D35OQLy6mB56zM4Z7VguDkTnx47DWHPPCKsr0PTPY4dsmhr78Tk85I3r8FeiDetjHX58mVoamqyrm9yg1P8DI09b5cVvRmo47lRtz6NudNYO60zT50SesZJzKn+kGW+H9maeFPM05w8Y9nC8ipgC/NzmJ2V/3Zzs7Ps77j0emp8EP2LyVX6utrR1in31KY7K0LJIBBt0nbW2yRnDl3tbRhldHhhdhLSQj+cPX8b9cy+gbEnxHlunH3+B0bl2WNmmd9hfnMf52iLN0ECTg0xjYVz7D0UwEMWDc0MIBGlKO4llx+JKzWWlPaWLAWK7t7sg0vCT9bIWlCnbmhoiLWiSLSpkSTRv3LlyuOOA007I/GnxC801/YgsnnxBgSJ7jj2tQKC4lOQFu6H2+qmEHUNQ1/pFEL4MvY9wiRnfHPqNq5ePQnbR/xVJWyO3RBvimmg9mFJ3OgZpA4cBTzup2Qo2/Fd0GclbxN5lKhjQp+XvApkle+X53qr4r1ddDcJUCWWP9vPYmZIijJ+zZrpTbfKkRdvYskC51zouw+JI1m/JIJUMUkUycqlRoQsAIqk3Qk2M22QnhNyyVNlocaORJ1c7UveAGrwaLyTRJ5613tpjW2ErYg30d1Qgdi4R3gUm4zOUXlD31RXBdmi1UJU5echNbsAHYPb83tuh2A9DRIq8s6QcC39njQc82TQF3X0qb3YD4GKNNvB0tJy29suKpescvqcVCepftKY/l6yGfFeeusY09HfrIW7JRhrf2pyat0ivpF+Eifei1APkyy9gzpX9yBBFi+5qclyJcuaxJosanKP7xY0tWsjyyfS2twUoLbW+6kBpQadOgbUyNBnI1c+7dupTsh2sFXx3gu2W7xpDJuCvOi7IMuTkjqt9ZvRb03CRq70vYQ6FjRstJOQkFP9pKEkeqapY00est1mY+I9g6RIb/AbmuFvrgYzn1gMzaxx3kg90rL46O8oh6t90Dqv8XwWJmUoLy7H+DqLywsLRApfvpzp8+DE+wk4Ad85SBwoYpesGWp4qaEk9/deQRaWtbX1uqaMUQQxWR4brSTUwFHjSsMyJAr0L3kZ9tvzdZTFm+IglqxL8qpsZAbKfhBw6mjQ3O/dgsbJaVycvi8SDgru3C02It6DdWlQ1bIBryAM7/7mLfili1hBFBUxRgPzncXlyV3atdnpCAjwh6X6Obz37kUkpYVA6esLcHJzR/CjLHbpUKI4NQyeXu4ITS3FHHNiY1kaW05UloAtpzw7HmGBIXBz90ZBSSlCPD0QklSMqekhlOaXYnxmHEUpsXj4wBdegZHom5Z/BkF2OFOuB/x8gpAtbMNwWwnUdC3QQRllngMn3qsgK4l6stTb5NgaFMhDDSKtbU1uZQoko8q/XyC3OVnJa7Fd6VSXrHIKLCKxJG/DbjZ8a3HUxJuirylOgZ5L6lDR+PVmG0D6Xcm1vlP58teCXPm00M5edAZpSIiGkaitJA8aWeY7vdTuRsQ7wUUTpoEFGO3Jw5VTF8Fr64WsLAw3VNRRyC+HkfIt+KblwfjcKZgH5YMXZ4Pr10wgqs7At++dRHp+MdQvnkBYWQ/qEt1wRckE5UIeQsMSUJ0fg9sqqsgt58PivjI8o1OgeuJt3HNMQbq3Bl5+6wxKy3hQv3IZAbGh0L6hjY5hKS688TYCUovhdO8MLMP5kJaE4+p1dabcctz4/Yv4Uush+9n0r59FKK/nudY3J95PgRpVchHt1OpThxl6kKgxJIuErGzqpe8nwX4SGrOm8cKnBeRQNC6NZdP9bzfkjiWL3MvLi43wpSAoyvy2V1CDuF9/o2exGfEmoSWPD7l+aYrU8wIW1wuNgVOnjNzJuwl1QKjjsNdQemD6/FTfKd5jp2bvbES8H2hegk9SGxZma6B7SwujzDnxVleg55XPjoPXxFpC3cgWdtoaKOtawERtBIyMAtDdmgdtVRv2GvG2dxGSWoNwUyW4xNWz5xHpzregbp/Kvqc53RnqagbQvqOInLYFTAqCcEXZgj3mr6cAS1dPmKuZo62vEYaK9zHA7K+JMYejRzIirAxgHi1ky62KsMY141D2PE+1i3CKkO9fC068nwFFXpJLilzpHM+HAs9oHHspyGejDeteQe6/1YE4lMCCOh8UsLPT0Dx18k6Q9UvXXFoIgzqQFHVP1s1ObuTyVVJSYjsp9Pfq41vZqLydSgayUfGmFKP0bNI85526J/odKcaBLPvdYL8tP0sdUPJmUZ2ihDTbzUbE+6GZIuwiq7EwJcCd80roYs6pjrPEDW0XjM1MI9hQGUY+obC/exN5kgUMVvgz1rQjWhvScfe6IXuNcOMb8E8RI89bByrGYZidm4W4oQ754ba4qW6LkekZRFvfg56dF3Suf4ek+gX0F7njzBUD9nzXe+dg7uIGA2UDtPaKoXXxJjqY/WUP9WDlkobSaCfc1PXG9Nw0/LQu4LyhXLytlL6Dd3oLJ95bgdxSNE3kMGTR2inINU5uZWpISLz30oLcDBQt/uScbRJP8rrsdqNI1j+JNd2Lmpoa1NXVWSGgqOed3iiZDVlOq/dvZaN7p6xf9F3uBOsVbxqqIPc4BRvuxrO5FEC209da8hrtxxkN1CbQsBC507dzaGgj4t2cGwglEsaFdvjYe0JGOQVmhxHmaQEDMzOYOYehe3QMMe4OqOpcwOxgDWNx30NEQjQCvaPYa+SHuSKpqANzozJ4WOnB3NICxh5h6BsYQHyADXRNzWDiGIzOgSEEO5ihjLG8R+pSYOMsD2xN8rVHZGIyQjxD0DPchUBHd/Qx+xtzmLoWU4658V6EuZnC1dMN148fg7JbNhZmpLh94y6Efc8fguDE+zmw7hOmt05utt3qUR8EqIJSg09uX3LfHdTvhlypNG5I90+WIgUsbiRoaSegCnkYsrdRY0sN+E7wPPGma1PHgb7L3R7+EovF7LUbGhpWH9o26PlYK13rfoACUqk+0SaRSFYf3jAbEW/M9MLZQg/54u9Hxc8vJmF5GmuVvHpMf37u+QK7Fp012bC2dkBQYBAs9M2RV9OH8hhPuIQvL1G6Fpx4rxMKSCG3Jrk5jzIUHEMLJZBo08PztPHigwZ1znR1dVnX8X7ohFAmucMg3mT17rblTZ1K8iTQdfcyUxglESIvCtWR7YbqoLm5+ZpT2fYTT3o/tjJksSHxZpge7UXvNuUV2BmmUSsoZZ+R5h55HoGedhnWmtH2JJx4bwDKoU2Nxk6M5+x3KAiFpkyRe5wCc7Z7icS9gtyP9JmuXr26byoBfc/kdj7o7LZ407g2icReRH4/DbLUaEiJht62c/YKDePR0MRBY+n32Wz7uVHxPuxw4r1BqLdLFYe+NArSOgrQQ0JBKJTT+6D09tcDJV4hty65N2mMbjtWGtsODpN471QO+Ccta7JySSApYGw/Qp0Mch1vV0Y2Ss96UNuepfaTvCMb/QwUWEoev/0uVrsFdYLoudrv38e+Ee8lKAqdepH7pcHfCWjsjsSNxrbJHXlYoM9C07QoMnbJg0DjotQo7oeKcFjEmxrb06dP///tvQd0XGd6pumZnT3r2TM+uzPr2ZnxeB3a67Hbs7bbbo87TLe6pW611GrJ6la3JCpRFCnmJAYwB2SCRA4kAZAgiAwmMIAESIIAAYLIOeecc87h3fveYpFQCSSrgAJQBXzPOfeQuFWoKgD3/u//ZdXFy+QqYx58XQcHB9UCZ6959pznhpqLGf+2xjp4j1NsJg1IDCsqKlK9OUxc48GNBbv58TOzMRDP6b6PPge/jz/75s2b1U2R7uNLeXCdoCDrWybG/BJDvSQsZ2QiJ99L9/0X6uA1xd+7paWl+nnn+rdbiOPQoUOIiNAk15kyJifehDtHWmw8lqJd4EJBQaOVzQuEoYLlBK1t3oSzZZPz5zVkMVkolot4s3sZp3Bpy8aMdfD1uDHghotJUazXZviDSVH82lgHX48bWC6ShozM5ALPRZ/1z9rXYjteio/uexh68DMtxM86n0P7WSis+nQs1ML1k4YBNzf6xsKZxc+KEN3PYOyDfzv+veh1PHbsmFr+Sg+dKf3eef3rJtGZIiYp3lrYnpDuHFNY+OcLxZrd0Ba74cRCw8WT1gp3qs8b4sCbgZbRUrNcxJtCy9np5g49MoaUflG4F6NHgKnB3xPvM0Ph+slYtilNaiPx8fHqRoxCLswdkxZvwl0k3Wt06dBtZm4wa5ytQhlLNFbnKVOAfxf2VOfmSp+/C92uSx0KWS7izdASrVZzhvcFXd6GijcX/pUGf09zEW/C+5S/N7YjXmo4f0Cb4yOjouePyYu3Frp06H5lWdlcL+TFRhvbprW9HEq/CEu+uBAw9sjSK31/Lk42Y933UmbTi3ibDiLe+jMf8dbCpMOl6qnBzT3XQbrxl1OOz1JjNuKthXE5uoJ4IRoSL1tsOCyEbWAXu5HFQsKSFO2UqLkMbaClzm5xS4Uxxbs6Px4+nmdwxt0D0clFYNpVwcMrOOnspsb+3R1PIjZf42m5G+YOFw8v9TyP6w/nlx0t4r2yMIZ4E4Yf6a5erBHBbIXNmDbXQRoygnExO/Em09PTauyL1h9d0v39/bpPWTK4s6VA0DXEz7kcmNkMYj4bJrrKaH0vVac1Y4l38QN/bDlgj8ySOtSVZuPwlg2IrWyDn/UX+Mr9mrrQViRdwvvrtqOptx9fff4WQlJr1eRLHr0Ds+cG6Iuh4j3Z34KUpCQkpxfi5Wk4k2hrbsbA2PM8KpPIz0xGUlIKOmbs33o6WtDVr//PZYriPd7XiqsBZ9QBKyfdfFHV3I3imHD4XXv07EljbQgJPI/THg6wP+WiPpdH2N30Z88xMsYSb8KELIrpQjba4d+Udfg0smhsCQuDWYq3Frpg6ZLm8AkmTC3WjvJ5UJS4s+UYP3OHGw8mvFC0GaowVnIJ414MfywFxhHvPhzdugYRuc+qIKaHBzE8MQlfu604dfVJo4zuHKz6dDWq27txdOO/4FTQHVV4eJQ3zn0DRAwR78aMSBw8aolA5ec+72aLrw6eQG3/s7IjXYmemmrHgY0bcatE05kK08+eMTHYgNNHD+GUz0Xl93gOx49ZI7lM83vwtVoPpwj9E0tNTrzHWuF0cCtO30pV7+Os2+ewz9YHpZlX8fM3PkPDkznQJVFeWLP5K2xc/zHC0uvVNYjH2NjChYOMKd6EG/CFGBBEL6N2CtpCdMATvo5Zi7cWZjnTTc0dMOMqS1GGxRIbJqUtxXsbEzZ74O+SNyDrS7XTuIwJF46lSF4zjng3YvunnyKhRrfudhoXbdbhnTW74Wi1Fz/50Y8RkMAe3MOw+OJNWHqHq21ieeRVz2+Tqbd4K1biwW3rcKtAWy40hUfRd1DVP4H28kc4fOQQbCytEJXVgNaqVJywscSJY3vwg1d+g+TmUeTfDcAh21M4buestplMCbTDbutnv7/aBH9sPOimWvPnLNfB8Zr+Hb5MTbzrU4Lw+Q6Hr3nLNPkZYzi5ZRW842rAR5z3rkPow0I473kfh71C1BbAPHIqF270q7HFm/Bno3VsjES2wsJCdUNOS5uGy6QBtfvC3FkW4q1Fay0yOYIXEidbLUZWo3aClr41laYI67O5a+YGiD3WF9KLwZaWbIoxHxf8XDCOeE8h4ORO2IU8s1runD0Gt4iH8HPaDYcr6ZgabMX+9b+FfSg9MKPYvekzZBivi6fe4j3a8ACffbwdrd9YSztxbOsnuJbbiaH2HGz63Tt46+01uFfajeG2NLz75ru4HBmBLz7eiOzqBiQF2mLjbjs4HT0I39jqZy/TW4y1q79Cg6JqgbYbzNryLo72wJe7PHRCXdMYV353Jfd98NXxAHTWpWDdBgv0TU3DZsu7sPS9prZU5VFYs3D3y0KItxbe63PJQ2Gokj83N/l0w+tTcSIYl2Ul3jOhxagVI+4wZ2seYgwY27527ZpZFPXrwoWTYQeWe/EGZFvAxcpGZSxsofpzPw/jiLditbQXw9HmEJw8/eHnZo9tO4+hrHsIwS574HJdE/uc6szGB2+9i9iCWpzY/mtYnDyrehx4XItKwny2lPqK91RfKTau3YD8GXvKgqRoJDy6hS2ff4ka1dM7Catf/Q3+6O+3olPVrTHY7zsAF2d7vP72p/D3O6cc3rgYfg0X7I/AIUDjMRkdHsVI9SN8uekQ6GC/YL0RbpE5z97oJZiaeI+15WDrpo3IaNZ4VCY6crFt42akN/F+6ITt7vVY++UWOF9KUyR9Cvs3f4K4xsXJaVlI8SZcw/RpgUtrnfkvbJ5F0WYC6nIqfzU3lq14a+HscMZ2KE7MlKbb0hg3AnfoFAJza7pC7wBdW4zN8wZkroAh3ZuMCRdjei0WC2OJt4ZRlBXkI7+wFNrtzmB/LwZHnsU+B3pa0dE7jKHuZpQWFaid0XiUVTXqkTj2fPQVb5IY5ogdlp7IUiyjxKgAfPS7T5FSWoMwp104ERyDtAch2LJ1H44ftICz8nV6bBC++w+v4ebjZJzYY4H7udXIib+L+0l56K3KxKFte3E3OQe+Nlvxd9/+b9jufEN9nzP738fWU0GqBVZUXIre4W+Y+1/D1MSblD6+gX37LFXP3f6d2+Fz9aFaRUByr9jie79YjaohCvYETu5+HzutnNXnqmVQ12JheP2Ffiy0eBOui0z+1U2y5dcMBVKomVvEzWdmZqbe7VqFhWPZi/dMOHaUs3rZt5lCTouZQ+0NjdFw4WHjGNY5mwNs+8jPSkuXNyDL7Bij171RFxturJh9bsgCPh+MK95LhyHiTfIf3cY5ZbPm7RuIslaNxEwPtSDE/wx8zwehRp1j0YsrgT7w872AwEtR6FB2F73VGTjro3yf10XkPInTj3dUIChQeY6/D+ztHeDqFYKesSlUpt+Bt885Td/xi6Go6nixb4H3kKurq0Elh6x2WEjxJhN9HarXrqlL53NNT2JoRghubKgXDXXV6nN51DW2PRV6Y0PxXowNNtcIusLpfeO6yDWOG3zGsxMSEsw6LLgcWVHiPRNmlLIfNxcbCjlj1lwYXnaT0D1OdzwvZlOF8SjujmlVM1ucbnHGtthDeCmbpMwGWzdyM7UYrFTxXmgm5rAH5MaRs94pFro91p932NjYqL0GVhpsLbyQljc3Uiwho3jv3LlT7ZvPjojMGBfBNl1WrHjPhBnWXBC1YqfNtKaVzh3ozHGddC1RGE0FijHjTlzU6NqiEPLz08XIm9EcOhox5sbf60Ij4m1a7N27V91Y0sLTDiJ63kFv0ZYtW55b3jSqWMUjo6a1MZ3J5MQ4JqfmsMtROHDggDrEgyK+EAeTR9etW4fXX38d27Ztw9q1a9U1hGsJPXXsra77PYYe7MW/kLXlKxER71lgP2Du9FkCwhgPLXO6jrh47N+/X32MNY183mLEfujWp4uZGeCMmbK8gwsevQZMyONNxqQ8egMo5EvtDjcUfl56Pha6fEzEW9motlchUtnk8Xq5cjkcyUWzW3QTgy0ozCvFQsmh1m3+vGE2szGb27y/Jhk7N67FKUVgXByO49TZy2gf1q1e14d+BLs5o7zHGPfOFEJc7HE3o+npmZr8VFQ26R8imAmnitEy1taUL8ShCz2Mus+Zz8ENGNdTc1ubTBkRbz3gQkOR5MLPFoNc+CiYXHxYksZYMt1MFFQmflAkaCHQJVxQUKC6qymqsx0chcfn8GC2NxcnZn7yPbSzhflefH+tR4ClHRQ6xtoWKzt8oWFJH60w/q4WChFvIDPCAW98vENNFEyMuYbVX6xBfHm/sqhOKZtEjehNKZvFjsJr2LnhGNRwuEJHcxPa+57FfId725Xrtxljc1yLjZWw1pQaho+3HHgiCiM4vuEz3MlnXd4oHtwIRoC/H/Ib6DnrR+qDaFwNDEbYrQeaJMPBRlwOuqBs0MNR0VIDly2fwMoxEBcCw9EyPI3Jnho8iLqtfE8grt1PQE5yPC4qm/mCBk1Hx77WEoRdDELo9RgMKG9flZqA4KCrKKhtgMPW1biU3InuskTcfKQId2E+KiqrkRV//8lneJbglvPwqvKzXcTlyzeRWfHNkrPDhw+bfVb39evXVU+miLfxEPHWg9l2/FpoEbOHL93rFHY+jxcpY8zcbVJsaSFTmGY7OCaUz+FBtzfdx7GxseriyrIMdjZjS01Dk+rMEXoW6KYzZEE3BBFvIO26E7Y6hjz92nLLr+GX0oTeggg4Omp+N1fd7RAa5AebA06K5T2NBwEuOO54GraWx/Agvx4VmTdhZeOKC74usPW8iLY5GJTGEu/O/Ft4+6034aFsoH3drPDu+gPoGZ7EHS8rHHG/goL0e9j9lS0yChPwyStv4mpMImy3foLzkQnwOboDziExeHj7Kh4kJ8Nm9e9g7R2NS047YOF2C225l/GD//EW4h4lY8t7r2CDdTgSb3pg7XYH9IwMI/SMOx5lZuP4ut/AIewmLFevgtW5WLT09MPrwFbYnfTEAYsduJdbgXD7vTjr64c1P3tb/Qw2m1fhfFwVKuMCsGnHcaRnPsaqH34b613uQFffKN4vy8UxdRiSFPE2LiLeL4GlYIy3CYsDS43ozViIcISIN5B/xx0/+9XHysbRDXu3rMEOG0+0KmZofaIP9h/wVZ/jf2wXfHx9cNLqLBrLk/HOLz9EfH4x0i874r3VexDs5YQN251QVF6CivoWjM/BS20s8W7Lvo5Vn29AVmkpSkvzsOfLz3A25AZ2f/4udp08D/+LAdi65nMERoTDzsIOE4p4pAbZwcHqBHZvPYjmp2IyjJM7tiCnaxrDRWE4dtQflRnXsHmXsyo4F46sge+DVsVaz8D6z7egeXgYD8LOKL+ns9j2yS9x2PM83A8dRAY71ih4bXgPf/c338Px8/GqGF89dQDevudgu89e/QzJF4/ifGgCAiwP4PTDWrV7W4LvcezyjBLxFvRCxPsF0PJlDedKsHpNCcbu6YkwNiLeQNZNZ3yyxxGNjRU48uW/YIvrLfV81cMzsDh0Qf3/Ravd8D3vi1NWPqjMisbP3ngf4dcjcONmBCKi4tTs8vy4Wwj2scPWr46hcQkt76a0cHy0yQJjT0Th3JH1cLp0F2ePbMTJ4EQ0NzcgLSUZtSX3YbF+P/qU5z30PQwX13NqD/e4qiFMDnejsjYHtpu/RLIivp2ZFxTBvIAK5bW/2GijCo7Xrg/gdace023xWPP5V6gqzcWXn3yJoqZWBB78GJvs3eG8ZxcelXMnMw7bDZ8i+E4anHZ/gcj8Wlx3OQBPrzM4vuOI+hlivfcpm4w0xPnZqFb+9PQETu/+BNs9RLwF/RDxfg6MMTHObEoTy1YSTG5hFroxoReFi4i5wxANF/S5kHrVAauPnNZ8MVqPtW+8Ao/7RRiuTcDaVetx+XooPnnrFzgb4Acri1MYHO6Bj+V+nL/9GLFXgnHjQTKyUx7A7+pdpMSHY8umfSidQzWRscS7vzoZOzZ8AQfltZxOWuGkdwg6xoGBhhycsD4KNzcnnHQPQl1zHvxcz4PpcTmRPsrPUY7arLs4cOg47KzscDPpMa6e8UBRxzT6yu7igv9dNJXGw9EtWBXTG962uJHWBvTk4ZSDJ3oGehHqrryfqyc8bI7j+Ek7nHU9jaJmitMEQlztkVA2jJ78SNi4nEfkJX9ERt5GwGl/DCsvmB3pi8t3SzHe14gLrlaKBe+Nz3/5KxwOeLxg4t1YmqUmuz7OKvna+eKUBM35jBljO0e78ejuPeX8XZQ3zr+3r4i38RHxngXGsZkcZqxJWsLc0HZ9MhYU7xMnTqgeFSYTLtXB5EQKsO55fQ5WG7DPgIWFhe6Ppxf9HfUoqX6WBd1ZW4CU/Br1//UFabgdHY28gjK0t7WgpvLJLPqhVtzlAI5bD9DYO4qJsR7Ex9zBnTtRqOl8cTOW52Es8dYyMjyM4RHd5M0pDA+/5PNNjmF0Ln7/J7BEbT7UZkXD2fUswsJCcOLYCSQUtes+xSjinXHLD/uO2qubYs+TB2HvfRPjk1O44mcNB69QVVhtdq6H4+VHGB2og53NPoRE3MfdyGBsWf8l7hZ8M5HOEES8jY+Itw50kbOVKsvBhKWH4k0RNwZszKOtG6YALvahrWfevn07HBwc1IoC3ee87KDbn81KuAkxZ4wt3mbL+ACyUh+pP1dN+7N+EjOZr3iPtWZj26btqGBKvMoAjm3bgpiCGtjt/QR2V1Ixos5vn0BDSwf6auLxzqpPkVyl6Ro3MdKFlq4nI2LniIi38RHx1oEZ39GK9SGYDiydM5aAmwLcRLAZ0FxzKThkhxUM5oyIt/7MV7zb8y5h1xZ7jMwQzhDr9bALy8P0eDu8HO3gcMwCB6xckFqkKUmry4uFtZ0j9m77Cs7nwtHcP59u/CLeC4GI9wzozmT5lmB6UMBZfrdcYB+AgIAA3dN6weuU3iFzRsRbf+Yr3iONydi0YTsanhblT8Jh9xYExiTjzq1n40BrE8PwwUc78SgzAQ+Sn0xhnBzAFettWHs8cF7CK+JtfES8n8ABCVxMWlpadB8STAR6RJZDwpkWNuDh/HlDYUiHORnmjIi3/sxXvDmX/F6ADXZZuiMlNRXBZ21wwCEQA8N9cD60FhuPnkFKWjruXHTCrlMhqK7OwOqPV8Er6A7SM9PgYrkPrlfSvpFIZwgi3sZHxPsJjEeyOYpg2jArlk1z2JHN3OHQB/aV7uszLJuXk9js7Ox0T5sd7HltiHizi+FijpA1FdgXfH7iraEg6a66zkXcTcSzLgpDiI0IV89fuRWndoojg+0VuBwQrJwPRVzm/LseingbHxFvaOq52YJULizzID09XY35siObucOWuIbEr+ky37p1q9rIht4icz1YgmllZaXG//WFmdKWlpaqxU6vBdsHc/bAcj348/Ha+OSTT8z+WhfxNj4rXrw5MYzWj7nfHCuNmpoatac8S67MHS7U+gxlobeB7WPZhY7XLEXMnA/+LByAoS+8V+l1oPucE6oqKytRUVGxrA/2+udEMXPvbS7ibXxWvHizk5cpz+YWng/dzbROzH3GM38OijF72L8IDndYTln3htDe3q5ucthdbqXBAUj6us3LM6Lhd8FfTYbkEZc5lzGc4yjNzkBb/9zr33UR8TY+K1q8Jbvc/GG5FReGa9euqUlQ5kpycrIa030edC+fPHlyWcT6DYVWNr0stERXIvRS1NfPPrpVF7c972GHczBynjT1qW7qwOjQIMbY03ZqHMPDoxgfGURFWQkqqmvR3N6J8dER1FaWoLyyBg0trRidHEdjZRk6+0aU7+1DtfL77xh8Nja0v70GJaWV6O0fxuiEfveciLfxWbHizRmzHDKv700hmDa0vhkH1ddCMUVY+80N5WzQVbzSPETcjDFBkd4VQxLblhuGiLfX0S/h+7BCHXSiJdjOApFpPcoOMAm2h5zR0F6P8KAAOO3/Er/8/Djau9tx63IAvO334LVfbULD8DDCnO1w7UoINvzmU3i4uWHT1j0o7pxEXfpN7N29G75ep/CT77+CCwmaoSovQ8Tb+KxY8WarTGYtC8sHWmYcJPPgwQPdh8wCxvGZga3rQWhublbd6obEh82d3t5eNQN6JZaG6WKIeJ8/+hHeW2+h5hO4eV9E68gEAo5twbXkHkx3JGD/5sPoUgV0CLY71uFKUs1T8fU5uglnbuUpAjsOr4O7ceHcaezdqZmqdm7/OlxPKIHH7k0IzuhWv8dyzbtwvFWsVwmZiLfxWZHizUxXuiANLdERTB+OEmUzF1rhFD1zYzYLm7HL+ZZIMfGJiydr5U394N9u1apVakgrLi7u6edmKedKDBsYIt6nj6zBifAEdPf0oKevH5PTUzizdx0iMkYw3f0IuzYfwagioBGue2HpF/dUeOMC7PDVidAn4joEr0N7ceH8GdhbnlPPBVt/heiEAjju2ILrJSOqeJ+22ADHyEIR7yViRYo346NRUc86CwnLD4oVy//MzQqne5gby9FRzZANNg2i1T3XVqqE38sSK/ZV1xVKUzzYTY/ucor1zPO7d+9WO9OtNAwRb8/DX8D9Ts7XXNn3Lthgyy4HnDu5ER9vskV+0i388HuvwjucuSLXkfzgEn7+ve/hpP8lRFy9gtzKEpw9fki1vG2OequCS+v9enIHKhOv4MAhS1wLC8IbP3wVZ+KqxG2+RKw48aa1zcWRtabC8oYCyLGizFI2p1Ibuou1mw4K7nybB9HdTjcqS63MmcuXL6uW+ErDEPHuaKlHRx8Hn85kXBHsR0jLK0BbRx96OpqQlZGBpMQExCckoqyyEgXZGUh+rBmQUtnUhu72dnR3daKttUt9he7WRnQPTKAqLwnBQUEIC72A7Wt3426p5vGXIeJtfFaceNPq5s5eWDmwLppNTehONwcBo/XN2DczzGl1z3ejSfFmuVFra6vuQ2bFSm2Paoh4LzRNeXFwc/eB/4XTeJhZCf1yzUW8F4IVJd7aWPd8F0PB/KCAxcTEwNPTU01WZLWBKcN67r1796oL3nwR8TZvTEm854qIt/FZUeJNi5sjP4WVCy1vutI52EOfrmZLBa3uH//4xy9t3KIPIt7mjYi3MBsrRryZtEOreyXXiwrPYDtcxpNZWlZYWKj78JJTVVWFV199VU28my/zE+8pVBemIjbmvppE9ihD53c10Y+c7AzMHPfcWparPvd+XJbqVu2tK1G/jlOENy42Rvn/I7T2PRuNoS8i3uaLiLfxWTHinZSUpCYuCcJMKJK8Lnx8fNQBNaYCy8PYnIRlU/NlXuI93opNH74K2/NXVVe+h80eHPKKgDboUHDDC3/zp/8vXG9rmsukR53DIVsXRN25A28bC+xz8kFtWb76vbs/eg9bjngp/49BU68mm94QVrJ4NzU16Z42K5hvIuJtXFaMeDPbloMMBGE2aOGyPSlriznpaz6lWfOFo0I5gIPZ8u7u7qipqdF9ikHMS7xHG7F942qka733023Y+PkniKli4l8fju7eBf9gP2zacRTMJLniuh2rbQMwMKqR98aGemiN8pvO1giJn3sHvJUq3py+lpWVpXqLzOVgkx1ex9qvuTnmVDgRb+OxIsSbZULM3hWEl0H3JN3p3OxxsTFkZKWxYDlUcHCw+n8m1126dEnnGYYxP/Fuwo4NnyC+7llzFPed63AuRVmU0/zw5oc7UFdfi+3vvg7fuBrl0QmE+7rAxdESu3cdQ1TiMzd7uP0R+EWVPP3aUFaqeNNroZ3CZi4Hx9bu2bPn6dcnTpxQvVyC8VgR4n3lyhW1yYMg6AtzI3jNMDud7mtOs2L3tsWAyXQlJRqRm2mFz5X5iXcjdiiWd2q79sQgdn35KRKqOuB9+FN8se+EalXZ7PgI72+2RnTUHbQ98al31Wdjzb/8FjeKe9WvRbxXDhy0w02wWNoLx7IXb22imjGydoWVBxcfxsI5Opaiyn74xkgiex5dXV1qbffMjQInamVkZMx4lmHMS7zHmrHudz+Fx/VHSEtLwyWv4zjkeg21Gdewav1B1VWuoQM7V72Dj9d9gc93WiMhLR1Jd8OxZbcV8js0Vnvg0d04c3PuyYEi3uYDm2HNd9MpvJhlL975+flqm0xBmC8DAwNq33GKKS1yenQo7MaMj7OHOS39mWRmZqrvOVfmJd4YR9qDK6obn8elyAfgT9teloaskq8nUVVnJ6OwphEFj+8iSHluYNBV1PY+q6evKchBRaPGCp8LIt7mBdfd503JE+bPshdvY7SXFARdaCFzDCmT3BjTo2XOr5mcMx9XIUvXsrOzv3aOTYUcHBzm3FxofuJtOoh4mxdcd7nhm8/9IDyfZS3eHK0oLnNhoRkeHlazgdkAiNnqtMrpXqeVzmRJfSdh0VVOVyMzdXWh5U0LfC6IeAtLAa99bmx1R9wKxmFZi3dZWZm6kArCYsJkN5absY8+e6ozVs56bbrZ2W+gurpatdx13e11dXWq5T0bTABi7fdc4X3ACWUvYqi9Apf8LiLgoh9ikkv0mhalD5PDbcjLzMPIPF9QxNv84GaU3ijB+Cxr8eZiKUNIhKWGljk3koxnU9Ap0BR1/suDMW5epywH4mLH5zY0NKiWMhN/aJHTGme5Da1oQlek9iC0bhiT56aAc8y5QSguLlaTzNQGKbt3v7C74GhrLnbu3oyYtFIUFyTj4Lb1uJau6eo10tuC0tJydA9r3nu4uxGl5ZXQpCJNYHigB1Vl5dA2TZsYH0FPaxPKq+o0J8a6UVFahVHlM46PDaG5ugr1bT2axxSmRjqV1y9DZ88ARsZntGrTQcTb/ODfjBtPwfgsa/GmtbGQmcGCMB8YzmHtK5PeOKd648aNsLe3V13kFHUm/Jw5c+bpv++//z5sbGzUx/j1bAefq90U8OAYzcjISBw+fPiFNevDLVlY/cVnCLqXgvIajciPjk2gIScWFrv24MxZR5w4fVWxoJPh7u6IIJ8TOOISgIy4UKx+dx3cXRyweY8NmsenEXx0AzZus4edxQacCHyE0f4CnDrqhs6hFuz74D1Yn/DAro3rcCuvDWNtRbDctRmnfTzwwWs/wi6v6Oda/CLe5gc3rOxgKHFv47NsxZtWCBdCXdekIJgqjEvrltbQ6ua1TKH38/NTvUn8v+7BenDG1p93vdN1/7KY93hnJS6c84fl3l2wOGyPwsYOXDy6Hm7XijWPDw2hsSAJYZfvITrEEa+98yGCLnji4BGNO99uw2d4VNcDP4svEJbcDzTfw9ZNNmhpzceRbZZo7q7C7k82oFVZyDMDD8HBNxYxvnY46B2nfv9Nh81YaxMm4r2M4OaU156It/FZtuLNjN35lNcIwmLCeDSTe7Ru8dmghT6XXuf6JKw15dyGu/+zEFOi9xFssDyNszY74XfviftbIc7/JPbYXUB8TBi+2LQFoQFn4eQcoT7msXsrkqo7EWy5DXdyhjHVFIMju53QrIj3sZ3WaOyogPW2fehQ1vGsS7Y46x+Hm+5WsArVJOKl+Ftjo/1lEe9lBDeUDAcx/CMYl2Ur3mwpGRUVpXtaEEwSNmFhp7IXwXn0dnZ2Bmfv6iPeo92lsNj6BQ7Z++D69QhYHzmEKyk1qE6+iq07DiAiIgyegVcQ6GqFfQ4BuH/NF2+++RasbQ7D0eWG+hquOzcp4t2FwGObcStzEJMN93DgK0fF8s7D0e1WaOqswPFNu9GmqHNGqBUcfeLRX5+JI3t24dqtq9j4zuvY6HxTxHuZ4eLiInMlFoBlK96M/bFBiyCYA4xLc2zii6DrkdY5S3AMQR/xVpkeRPrDh6pAltY/K69sqshWz5U103oaQ9bjBKTnVaGtuRZl5eVo7+hXn9fe2IDBsUl0tzSgb3gK0+P9aG5sw/jEMFoaW5V/R9HS0KQOKhnqaUVrex+66gpxLSwQYWHhsNy6DZ43c5++ry4i3uZJWFiY/N0WgGUp3lys6KphHFAQzAGWgaWkpOie/gaMe7MMzRD0Fu8loL+lCD6nvdSkpqt3kzAy/jy7W8TbXImJiVETJyXubVyWpXizrpAdqQTBXKBrUZ+pS/pY6LqYsngbgoi3ecLmQvSEingbl2Up3uyny3aVgmAOcFFjLFsfT1Fubq7BiZgi3sJSwp4DknFufAwSb/7yWY/KNpA3b940yYPNLo4fP479+/erVgqT1ubaE1oQFgM2VqHlrc/IUWals5GLIYh4C0sJN6W8/mQdNi4GiTfT/fft24d79+6pQxhM8WBTAP7LTQb/PXTokF6xREFYKmiZ6NvGl3Xgtra2egm9Foo3E90GBwd1HzIrWEHy8OFD3dOCicPeA87OzmhvfzoUXjACBok3LQR3d3fd0yYNMx0p5IJgqjDMo+/YWm3GeVPT18dxvggunvRGMZTEjffdu3fN8tizZ4+6ORfMD3qL2PJXMB4GiTc7OdG9p9sFypRhFi+HQQiCqULP0Llz53RPPxfGvNmwxRDY5/z27dvfEERzOpi1bO7eg5UKdYM9+wXjIeItCEsM5x4znqsvvKbFmySYE+wMONeRtsLsiHgLwhITHR2t1sHqC0NBtESXA+3dQyhoHoZhPeNexDSaOofROPCkzezkNEYmXpzl3NU7gvzGAZR3jKCsdRD5LUPoe0G9+UyGR8bR3D+BQeXfivZRtQGN8E1CQkLUHCTBeIh4C8ISwyoJju3UFz6Xo0XNnZjkKnzXLg3/aJmKn5+rQuO47jPmwjQ8I8rgksVucOM47J+PiKbZh7VoiYgtwz/Zp+I/7n+E/3QsBd91z8ejTv3EOyahHD86U4HUylZsCKvFs750wkxEvI2PiLcgLDE3btxQyxr1hRnXoaGhuqfNjClsd32Mb5+tRH1TDz6+UIiHnVPo7R2EdXgx3vctRkT5sPrMEkUYP/DMwpvnivGgvg+nrpUiqFJZg6ZH8VVIKaIVS/laXDU2KK+xK6IGJ25WIahsALn5tfj9zTH47875+I1/EW42cHcwDY8bpfAp0o2dj+GjU8n4IqZD7a0+NToG18hi/Mw1G5uiGtFD18D0JEIfVuA1t2ysulyNlrEpJCaW4588ypBe3QaLW42o7urF7qAS7LxegZ955uJMQa/6esXFLfidZx523ajAp0HlSOt58YZiucHy4vv370uttxExvnhP9iMvIxs9I7oPPJ/JkQ6UFZehrqoMtY0vb1RhCKYs3jVNfbic3oLzyc3wy2xD9ZDGeVhR24Po8gGdZ2vo6hrA9fwesFCop2sEXWPfvBmmx8cRX9KNppFnzsgO5fvul/VBsxxqmUZ6RTcy2/QsO1JuvNbOEYxMTSOlqBMZT76vu2sYnbN8Dl36+4ZwNaMdtU9+TjI9Mo66bs3r9HaPoH3k5a+jpb1zGD3Psdb6lQuwla81NY47OR2oGjTdxZIucyZj6QsT3HhdmzsN9R143SoJf2mViq8SWjE0PoVD5zPwR4cz8EuXVPxvh7LwqKEXP1ees+1+E1xvVeBQTA1+ejwRe9IGMT01hG/tT4RbeS8OnUnF/+1YhJiafqxxSsf62E60K+vVPxxJxLHkLlgGZuG1S00Y6u3B3xxPxa0W3QtnHJ85pajfxyvwbHge/sixEOF5rXhLEfW191oQk1SJP7TMgl9uOzb6pOGNkBrcSqrCa94ViM6qxt+eKkZ2Yyv+cFMcNsa0wvVKDn7/eC6KOvrwo6OJ+PBOEwKjivGvNifiSrPu+y9v2BWQ4SERb+NhfPEeyse6dz9CTifUnXFPv0bFOYigpU0jzJMTY08nB01OTaK/5j72bNyPwroaNLVxyMG0suYOo6VZ01RipKcd7T3Pdsqj/R1obuEbvBxTFu+TFzPxb3cn4zd+BfilZwb+9EQOkron8DC1FvvvPWuoMTquEbsJRTSrqtqw7Vo9ajt78c7JdITXPYmyKTfF4NgTUezvxrf3pSC08ZkoP4gvxR8ey0Gt9hc/xVjgCN62T8J70R3qqZHRyacxu8kpzRN5s41Mav7fUNWCnzhmI6t3HF43ynGxdAhjA/14+1Q6LlaNYfDJ53zyjd+INZ6/moff++wuPrqveT8+J+CaYhVdbsDg4DB+55iGs2XPrq2B0a9HQofHJqHdj3Q0duC1kxmIann2nEHl86sSPTmKT53TcKpgGJPKdWQRXI7Ydu1iOaU879n3TDz52cYnpjTfuwQwhh0XF6d7+rmkpaWpvcDNGmUNuJ7djvyuMeSWtuC/7nkE64QWvOOUhO94FOGra2X4XXAZIrMb8OcH05H75FKamhzE64oQHsvnGjKC7xxLxtnKXhz2zcTWhB51XdnpkYlNcV3q47+wT0G0sg+eamnFPzjmYFdYId4Jq5slxj6GT1Xx5vdN40OHZKyJ1bxeVHQB/lH5THv8c/FKcKN6rja/Gn9mnQP3e1X4hW8F7ufW4gdupchqaMXfHk1DrnIjDdc24D9b5+JeaRP+eH8qMviNinHz14dTcaVp5Yk38zREvI3HAoh3IXat+wp5pSWw2felYllWozzpOg5Z2sLN/iiCovOREnkOp69nKhdyI7y8LyiClIoTR+xwOcgX9x5XITncHqs+2wM3x+P4Yv12eHicwd5t2xBd1Ir6/Hs4fNQKXqeOwz0oFi/4JCqmLN4nLmTi9VDthKgpbPVIwdtXG3AzuRabb7co69soLM5n4zvKovOeVxbeCqlFVlUr1odWwTumFP9mQwy+61uJ+LJW/NotC68oYvZ5VBN6+nrxw+Ppyu7+mXjHPy7Ht+zzwTYJ9TVteNU+FT/wyMaf7nuMHQ/bcfNRNX7pnIVf+pQiR9lAZGXV4B9P8Os8/JVtOvwVq90vIh//y4ZYvBNUjp2hJbhYNoiHSRX4Xzc/wN+czMZ3XbNwsZLvOY4vTmfhTOkMO3+wH6+7ZePo7Qp8z60AjYpSTvf146fHHuJ/35eK1z2y8PtfxeK/uZciqa4XFv75+LlzNnZGKRbZ5CT8I8vwz6ey8D2XHFyuGcKlO0X4N+tj8P3z1egZG4PzpQL8wCETr50vgo3y3P9rxwP8lxNFSG/pxdbzxYjrnEB1XRvecEnD39mm4cOIOvQpy7D31UJ83y0Pr7pl4B9c8xDfrqcXwogwfm3I+FqWiRnaItXkmBrHDq9UfMstH5ZRZfjjo6kILOvH2et5+AePPFhcLsZvL9Wja3gYnzmn4MfnirDaOwcfXanCurPp+C9O+TgQVoDfWxuPs1W92OWRhs/vaazmtadS8cldur/H8aZ1vHKNVKFdEdOTARn4V9se48qswfUx/Iv1I3wY3a6+xq0Y5RqyzMDO62X4/6yTYZ3Zh+LiBvzRkVR8GVGu3GvJ2HivDdGPyvF3LqW4nVmFv1aut7S6ZvzxrkTEKzZIc3EN/rVFBnJ7h7DVKwM/vVAGhysF+IM9qYhYgZa3iLdxMb54T1Rh91uv4Uc/fxve94uVE+2KJf4reEfnoDg3Cr9+60NE3ruNI1YeSI4Nh6VbBEZ6s3HimD18nawRersAd9y2YetJZtO2YNUv3oRy36D0+gnsO+YEiy9Xw/FSKkoLH+O3P/sFbhS82M1uyuLt4J+JVwPrnn599XYRfulfCa9bJXgruBbRaRX4P45lI6N1CE6Klf4ttzLE5dfh7x0KkdXUiR9YpeCysoPPLmjGnmuV+OBMJn5vVwbi6jrxM+uMb4j3X5wowMD0FDYri+GrVxtR0T6AN2xT8ZZvPv7oYCJe8crHX+yJw6uX63A7sQJ/sC8DiY1DsPVPw1+crURBVTO+Y5uJjM4RrFGsZIvUXoz09+CfrZJxtWEM56/k4rXLjairblEWshyUDj+7UTPTq/Dn9rlIre3B9yyT4VE6oizgUzgVqGxgQurQ3N6HH9smI7hiGK7h2fh3u1Pw1pks/Ottj3CxvBebXJLxl44F2BpeCqesXrQoQvz3Vqm42TyBybFhON6owD5lof2P2xPwq5AKZTOTBrvcIYyO9OGfj6bjclU33j+Rgo9jOlDX2YefWj3GwfQO2CkbqD93K0dx6wBeO56A39xpe/qZFwtDY97LQrzJ+CguxFdjt3LtXi57EiaaHEXIwyrsjahFZqtG4Pp7B+BwsxwHohtQ0T+F3r4BWEdWwvNhM7zim5HfM4qEnBbcq9VsFu9ntCCqRvP/3NJmHLpVj1LFwvcIVTarjiXon1U/JnEztUn5Pm0Lz2nEZDVi95VynM/vffqsrJJW7FHOOaVoYuNNDd0IzOpGTVsvAjK60No/iHMJTWry3WBXH9wSWtA5PgYr/xz8iV0ODl8uwr8/lIZ77Uvl51kawsPDDfIuCS/H+OI9XoHNv/o1Dh+3w4mzEco90YQP3vgFXAJv4PqNmwi/GoGOvkFctN2Pz77YgdgSRXw7k2B7xB5+bva4FF2Ie2f3wj6QNYG12PnFWpQrb1d04ySOHLLGlx+tgq3vVURcv4lLl8JR9RJLyZTF+8SFDPw8VNt1aBpbPNPw3o1GBEaX4r3QOgQ9KMafOJWoj8Yq///vnuV4WFCPf3IqRllXD35ok4asgWmcu1WAH/mVwupKHv7AMgdpjV2KOH1TvL9F8Z6awG9sHuPLRGbjAhs8M/EdhzT8wbEUHI1vxFFFAE+kdeB6bJliUXDzpWwqogrw195VqGhow3fss1XrfZtrBvanKa8x1q+IdwpilbV3orUd/0Ox/t/yzMbmmCeucZUpHD2fgf9wIAXfU6zzP7OIxyvhGo+Dl7KgvnO9BbR8fmKjvI5iIh07n4o/cy6EZ2I9Nl0qw8OmYSTmN8MuuhYf+2bh58E1qGnsxHdt0lGorIGd9S34R6cs2Nyrwj9ZJWHtnTp8oIj3ubop5a0H8EOrTFwubcePjiXDqULzO9nknIyP7jbB+kIW3rupCVGscUvFe7cXX7zZPMWQSWHLRrwXkaj4CvydTSaC6wxIxjEWU5O4eKcEr7lk4SfO2dgb04bBb/rtlzWSbW58jC/eQ/nYuGo9agcUC2rbRzh7Owv3/U/B4fx1pCVG42LQFXQrW9a8kAP4/q92gPvc8cY4HN9vCW9HS4RE5iPKYzuO+iYrj1Rjw4erUKxsovPDj+Iru4uIu3QeNl6hSEuNg79/KBr7X3wXmLJ4OwZk4d/uTsIvvfPwqiKGf+lcgPyBSQRF5ON/+teio7MHP6FlfKEEH7mk4ttnKlTL+9t2hWgcGsY79o/wg9MlWOWVgf9ql4nPAnLw7w9n4kF1B75/JA1hTc/EOzahFP/ZMhddyv/vPyzDHx5Mwa/O5uA/bIvHmlt12KJY9m+cycMPXXIRWjWE2Phi/KldgRobDLyei//HoxKdvX34x8PxeDe4HG/apcMipZdpucrniMdfuZWB2wHXoHT83ldpyJmRzNvb3I4/3v8YgTWjaiy9pLAO/+eBVOQNTSMxoQT/bs9jeKW0Y7V7Er7tUYrAhBr8QLHsf3tWseT9q9A0MIrDwfn4kWc+XnFIUTY8dWjvHcSPjz3EjwJqkZLXiP+0PxFvhxThO0cfY/WNeuz2S8OfnChEal0X/ufRNGUjM6JuSP7EOh1veGbgr5zykdM/gaNnU/CzcE2r0fdPJeHtJ0K+mLBlKePe+iLibTh01754pVgElM/wJMVixcEmRMnJXNMFY2F88Z4aRGlBsZrVPNJZg4z8WtAllRwbicjIW8ivbMHk5Dhy7gbBKyRB8y2j3aipqkFTfQ1aOwfR1ViO6mZKwQjKiorA5OTBtmqU1WisuYxHUeprZRU3vPRmMGXxbmwbQHR+By5nt+FKYSdanmRsNynnM5tG0FDTpojlY7ziW4IPXdPwXf8adA+MILV2UF2Imtt6EVnch+6+ccQVdCC5cRB5tf2K2I0hu6YfbTMSs7p7hpBUM/A0R6CooguRJd1Ire5DZf+k6sK8ndWG+Ceux66uQaTUDaquwdaOASQ1aM5XNvbgXkkvspTXr+zTpLe1tPfhZn638p7d+Nw5Ba8E16nfp2WgbxgJ1f3P8hMUSyS5qgf1dKtPKZ+9qAO5rWPKZxxQXqdH/Xs3NPXgSmYHGgY0P8PU+Dii8tsQUdSDgScvXtPcg8iiPjBPrqa2BzdLe1DSOICithH09A0hMp9uTOVaq+lD66jmmwqrOpXfdwdqnpg+FQ19yG3TfLLC+j7kd77Yk7MQJCQk4MKFC7qnnwsT1i5evKh7WhBMltOnT6s9/AXjYXzx1oOBxgJ4ewegfmjh+xGZsni/jLHhUfhFl+MTv0J8GlqF3M6F/33Nh8iEKvzGvwy5M0rBhJfDtpGGWNLLpVRMWDk4Ojqq0/ME47Ek4r2YmLN4CyuD0tJS1TLRFzZpYQxREMwFindzc7PuaWEeiHgLwhLT2NiojtqdmtLPY8H2qIYkuAnCUkK9oG5QPwTjIeItCEvM8PAwTp48iaEhbZnSi2FyG7tVCYI50NLSos6gHx9fWbXtC42ItyCYAA4ODmht1S/Tnde0jAQVzAXOkvfw8JAGLUZGxFsQTICzZ8/qnY3L5DaWiwmCOcCNJqspRLyNi0Hi3dXVpbo/zAlOXxIrRTB1Ll26hNjYWN3T34ALoKurK5qaNLXpgmDqMEeDHQRFvI2LQeLd19eHAwcOqE0l2C3HFI/ExET1oLXNfw8fPozU1FTdH0UQTAoKd1BQkO7pb0Cvl62trcQPBbPh3LlzyM7O1j0tzBODxJs7J1qxHKTA3ZQpHnfu3IGVlRUOHjyofs3EHn0TgQRhqWC5mJeXl+7pb8C4OJPbBMFc4PWqbz6HoD8Gibe5wNihNLEQzImBgQE4OTmpmecvIjc3V7VkBMEc6OzsVEOt5pQnZS4sS/Fua2tTs3cFwZxgI4uGBu2gmtlh7JCeL0EwB5hYyQZEEu82PstSvCcmJlQrRpoCCOZEcHAw4uPjdU9/DT8/P7U9qiCYAwxjXr9+XcR7AViW4k1YeiPlNII5QVE+f/687umnSKa5YG54enqipEQz1lgwLstWvFl6I12oBHOivb0dzs7OqudoNljtYW9vr3cbVUFYSgYHB3Hq1ClJGF4glq14szTBkElNgmAKMNzzvLg3k9V8fHx0TwuCSZKfn48zZ86Iy3yBWLbizV2fnZ3dc60YQTBFrly5grt37+qeVmHDofv37+ueFgST5OrVq6r3U8R7YVi24k1YN1teXq57WhBMFsYH2Qd6Njh5rKqqSve0IJgkrJ7gUBJhYVjW4k0rhtmOgmAu0FPEOCHrY2fS29uLEydOYHJy8mvnBcEUqa6uVjebYnUvHMtavGl1P8+KEQRTJTAwEAkJCV87x86GFy9e/No5QTBV2N3yxo0bIt4LyLIWb2blsjUfB6oIgrlA1zlLbGbCRLXMzMyvnRMEU4VVE42NjbqnBSOyrMWbhISE6DWtSRBMBbrGZ8YLWWrDTaiU3AjmAD2e3HyK1b2wLHvx1pYrCII5QZfjzZs31f+np6dL2aNgNujTKVCYP8tevGnF0GqRVqmCOUGrm9Y34SAScZkL5gAHkHCuBEt1hYVl2Ys3Yb1hVFSU7mlBMGnYKjUuLk5NuhwbG9N9WBBMDiZaci69uMwXnhUh3kycYOcqQTAnamtr8eGHH0qbX8FsYO99XrfCwrMixJvQeqmsrNQ9LQgmza9//WsUFxfrnhYEk0PaoS4uSyLedAEu9kF3Di8s3fPag7EauegEU6Kurg5r1qyR+d2CWcBJjhRwYXFYVPGmSLJela4Vb29v9Y+9GAffiwPhd+zYof4723vznI2NDSoqKnQ/tiAsCUxUy8jIUMtuWltbdR8WBJOBbXulo9risqjizZaP1tbW6OjoUMcbLuYxMDCgWte657VHf3+/Wo7zvKEQgrCYNDc3P802f/TokZoEJAimCo0yTr0TFo9FF29a3aY6j/jy5ct48OCB7mlBWHRYK/vw4UP1/9p+52J9C6YIc4nE6l58Fl28XVxcVPe5KRIeHi7iLSw59ExRrOkp0iK9zQVThSFHsboXHxHvGYh4C6YA53brXoe0aui1qqmp+dp5QVhKioqK1DwisboXHxHvGYh4C0sNrW52BBwZGdF9CIWFheqMekEwBdi9kut5fX297kPCIiDiPQMRb2Gp4ThQJqg9jwsXLiA5OVn3tCAsOjExMQgLCxOre4kQ8Z6BiLewlNAlzvvjRQmdHG/LLHRWRwjCUsHrkF0rWakjLA0mK96tlbkoKJ5lHuxQM/JLqnXPPmEIJQX5GJjjRlDEW1hK2ESIrvGXkZSUJMlrwpLCstrs7Gzd08IiYrLi3d1YgZqGbowNdaOmtAgJsbGo7ehBxiVrvP/+NlS2a6bW1JVkqPO6u5SX7CmKwPtvvof7ZZ3KI9PISIxFbFI2Jr/+0s9FxFtYKugKp0tcXzi0hKNCBWGxkeEjpoHJiveji5bwCE5FeZw33n59HYIDvbFl5z54ux7Dxx9sQllzP8ofhWPbvmO4FOqLvQedcD86EB+//T4eFjUgKtAGFie9cd7NCvtPhWLo+Z7Ip4h4C0sBXeB0hdMVqS89PT3q94jbUlhM2tra4OzsrDa9EpYWkxXvRIp3UAqK7p3G0RO31HOuFjtwMeA8XE6FqV+f2vY+QlJ61P+fP7wRrv7B8LB0R3tbObZ89gUa1EfqsfWjT5HeonndFyHiLSwFtLhTUlJ0T7+U1NRU1QIXhMWCNd15eXm6p4UlwGTFO+HCMbgFJCni7QXrkxrx9jywB+fOusHWShPvO23xCXxiNGUKrru+hPtFf9hZOKCzpx5frVmNYlbbjJfgiw8+R26H9pWfj4i3sNhQtA1xl+syV+EXBENheFKyy00HkxXv1PBTOHclA2Xx/nD2ugfGsH1tjuP27VvYvHot0iq70F6SAIv9+3Da4wSOnApCQ3sdDq5dhcspVch6cB47D9vipM0RuIfE6xX3pnjHxcXpnhaEBaG7u3verm9+r6Eud0EwlMbGRrVJ0OCgJtdIWHpMVrwnxkYwOjaJqQmO6xxXz40OD4N7vu6OJnT0a15jtLcNFRVVT8V5UPm6uVMTj2mrr0JlQ9uTR14Oa2zv3eNGQRAWHk4Ny8zM1D1tMOxyxcl44+Oa+0QQjMnQ0JDaHIg9zAXTwWTFeylg/HDXrl26pwXB6CQmJiIgIED39JxhBnBISIjuaUGYF3SR+/v7Iy0tTfchYYkR8Z7BjRs3sG3btqfTnARhIWhpaVHvA2Nn7F69ehXR0dG6pwVhznBNvHPnjsS5TRAR7xlwJCiFmxaMNCAQFoLh4WF4enqiuvp5jYbmDjuzMYEtIyND9yFBMBh6h6Se23QR8Z4BE9bofuTn8/DwQF1dne5TBGHOcBH08/NbUHFlfJKbg6qqKt2HBEFviouL1TyKmWNpBdNCxHsGFG822ydNTU1wc3NDb2+vzrMEYW5ERESoLsiFprm5Wb12JQNdmAutra1wd3dX12vBdBHxnoFunXd+fr66++ToO0GYD5wUxmqGxaK0tFTtPy2bT8EQuOFjIxaZG2/6LKp4c1YxW+uZKleuXPlGqRgt8UuXLn3tnCAYQllZGU6fPj3rjO6FhCVkrKCQCWSCPtC4YvmihFzMg0UVb2bXHjt2TL1AmBQWHBxsMkdoaCgsLCzUlpO6zHSnC4Ih0IXN/AluXJcCrYDPpxGMsPxpb29XPTULkUgpLAyLKt6Eje1zc3NRUFBgUgdd5LSQZnORM4uXmw1mXwqCvnBB9PHxQW1tre5DiwqTj7gwi4ALs8E1mQaVuMrNi0UXb3NlYmJC7evLbHRBeBlaS8ZUFkTGwLmR4DQyQdBiKhtMwXBEvA2AFjjd6yLgwotgtq4pJv2Ul5erGwrJIhYIQzq8HqQk1jwR8TYQ1uoyBi5d2ITZ4IJI4a6v10y7MzUqKipUF6n0qV7ZFBYWqj0HOHBEME9EvOcABZwZ6DKBTJgJF0K6IBsaNJPkTRXGOBe6WYxgusTHx6t99SWEYt6IeM8DtlO9f/++7mlhBcKYIV2Q5mLJsHMWPUhRUVG6DwnLFObtXLt2Te1XLi1PzR8R73nAGyAyMlKtDzfVxjPCwsOxnrRkl6ocbD6wrwErKdhWVVi+cHb8xYsXJV9nGSHibQQeP36sjs2TdpQrD634DQ4O6j5kNnAID+PgbAksLD9Yu02vEEsGheWDiLeRKCkpke5EKwi6nZn3sBi9yhcDJtgxXs82rsLygc2l2KSHJWHC8kLE24jwBuFIxpSUFN2HhGUES8HoJk9LS9N9yKzhuFLmcdC9ao4hAOEZTJrkNXrz5k2Mj4/rPiwsA0S8jQxvFMbAedOwLlxYXrDEZrl7WNgBkb3Yk5KSdB8SzABWwbBckY15hOWLiPcCERsbq95A0gBhecCERGbpssSGyT/LHSawMRudVrjkcpgHLS0tqouc16lY28sfEe8FhNYZ44jR0dFihZsx7HnP0bAzx8WuFLRWOJMyBdOF1javUV6rwspAxHuBYW3l7du3VVerqXbdEmaH1gvDH7RmVnImNkeK0grnRlQylk2LvLw8nDlzRq3fZhKlsHIQ8V4k2I6SO2Np6mIesI2o/L2+Dj1J3ISyLFI2oksL1xNuKhnWkL/FykTEexGhJUcrnDed9JY2TZhxzZgh62JNvc3pUpGTk6NaeyyVWwnxf1OCrW3ZV4D5NOIFWdmIeC8BnO5Eq443odRfmgYMbzDJ0NPTU7W2JUfhxbC7ILt18ffFDak5N6kxBxi6YAiHv+/k5GTdh4UViIj3EpKVlaW6IdnoY2RkRPdhYZFIT09Xk7IYN+QiKegP46x3796Fu7u7Ki4y7MK4sN4+IiJC/f0yYZKbTEEgIt4KXHDoxmZMb7EOznrm+EjGVtlMYe/evap4MFuUn0UWwYWHv2smYQUFBal/C2Hu0PKmx4Iiw+Q2cxnQYqqwxJSeOQ8PDzWTXDb3gi4rXrxpOdjY2KjuKCbisEPaYh5MOGHskG50a2trNdbKG9be3l73owpGgpsn/q2ZeyClNcaFeR0sK/Py8lK9ShzaIhOs9GNyclL1AjGeTU9QamqqhG+E57Lixbu3txeOjo4mVWbBm3jjxo3quEaZVmY8ioqK1A0TN0ossREWFnaj4+aUm1HGxVdyud2LoJXNkAN/T4GBgeqcBEF4GStevPv6+uDi4oKBgQHdh5YMdreytLRU3Y/0CLDJS2dnp+7TBD2gJcge5LRmaAlSUITFhdcuXeq0JrlxYmLgSu/axlg2J9Ixa58Hfyc0JARBX0S8TVC8tZ9J+38mtHFXztacBQUFOs8WZoPDQ2jNuLm5qTFtjkUUlp7a2lpcvXpVvZ4ZIqKor5SSPFrY3Igzz4JhhevXr0uNtjBnRLxNULyZ8UxX/swkFca+2KqSsVoufLdu3Voxi56+MGmKE92YAMjfES0bSfwzTXg9M/eAGyxa4/QwcaAPr/Hl8jejd4EVJVoPGr0/DB8wWVUQ5ouIt5mI90zocmN5DhcE7uKZjUpLcyXCXAUu+LSumenM5D9pXmF+sN8B68aDg4PVjRcFnc1ymLTFgRvmADPs+XlZ2kVXOO9PZowzgU/CXoKxEfE2Q/GeCXfxXOS44DGmyCQ3uoiXc5YqLTOOq6QXgoLNcAKzdE0p6VCYO6xlphAyDhwaGqoKIf/OTH6jpU6RZ6Mj3idM7lxM+H5cMzhuMz4+XnV98zpkeIaWNa1snmfp4WJ/NmFlIeKtl3hPYXR4GJOLpIeGiPdMuODRVUyrhYsdd/1c6NhS0ZzFnH+b/Pz8py5WblQuX76sZoxLNv7KgCERCia9TOyHQMHkfUvRZCIiPS90uzOmTOuX3hj2UGBoiZs97cH2t7yveHCzx6+1j7HVK2PQ/D62gGUnM26G+bp8fcbo+X6urq7qRoIW9sOHD9WNBF9HEBYTEW+9xHsEBYpl16FHB8j6jDuIz5ufC3uu4j0T/lyssWVyEC1yHixDobudtc2m2pOamfbchHDhpAucYQG6H7lYcqGU+ejCTHjfUnCZyJmYmKhe3xR3WuwUeF4/FFztwUQx7cF7gtfWzMf5fH5fWFiYKs58Pbq9WaXAjQCvT0EwBUS8ZxPvqQlUZsbivN95ePuHoL67F3mPH6FjVHmovx4h5zxxzscPQVfvo6yiEJcv+MHnzBkkZmbj6Kqf4oNNruhQDMLJwXpc8FYWifOhaB6axHhbFSL8LyLkxmNMTPTjZrA3vJUFJKvm6wk6xhBvXRhzozVCS4LNSbho0Yrl/+n6Y6IXE4gYO1/oPtW0lrl5YOYxPxO9BdxY0O3IRZWfi9YOXeMMAUiTD8FY8NrTWt60lllKKAjmiIj3LOI9WvsIH72zGgmFZUiOjURqSTqsN2xEbmMvfA5ugOuleGTG+OP7f/tXeOVnH+D01TRU5jxCVEIifA5vhJXnfYwo4ux5fBPcIxKQHOmLzYfc8ejmGfz23V0oq2lEoL0FbM/fRUnWXWzesA+5bc/cbgsh3rpQEBmXY+MSutYplrQ6KJw8GGfkvxRVWu+RkZFqDJJWCF2KFN0XHXRdMvbHzQI3B7SE6HbUirP2PRivpnhnZ2erQi2WjSAIwssR8Z5FvKenenHdwwmHbFzgcuYi2oea4bTXApnpmdi6bj80BVpDsNq1GSdPB8P2wEE4nzyJ7PpuxPgchf/tWkWB0/H5xxuhmRnWguPbtsDH2x3O7pHK16P49K2fYb+TH3zPn8PWtZ8jKv+ZG3sxxPtF0CJhRjstY7ojtULMMhcKOV3YdC2+6GDiDmPUHKZAdyYFn7FEbhj485lzDF4QBGGpEfGeRbwnB3tQWVOLro42uO9cBcuzATi1Zw9yKxthtWENbhV2YbAjC+/94i34PyxBa2cX0i/ZYe0ua1x0OQLXgAxMjzfjwKbVuFvejb7qB1i36RBuhLnjuFWI8g7jOLntM7hdTUdraz1SFGu2Y+iZmC21eAuCIAimjYj3bOLd14YQH1e4urnBxfUCSpvqEeF7FtXKU5ryHsDF0Qnn3Rzw1i8/g1dAEGxPusHV3gkPCupR8Tgce444oUnR3ZaSOBw6egxWNvaIL2lGW0EUgsIequ/RW5+DU3aWcHM7pVj3oWgbfFZWIuItCIIgvAgR71nEW8s3XbsDuBtyBh7+4QjwVUT39E2okerpKcw1pWpq6pvfKeItCIIgvAgR7xeI92yM9LYgLS0VaVkFmNB90EiIeAuCIAgvQsTbQPFeDES8BUEQhBch4i3iLQiCIJgZIt4i3oIgCIKZIeIt4i0IgiCYGSLeinhz0IApDRZglzEnJycRb0EQBGFWRLwV8ba2tlaHDvT29prEwUELx48fF/EWBEEQZmXFizdn7rJ/t7Oz89PpW0t90OrmCEIZyCEIgiDMxv8PQio5NIIimP8AAAAASUVORK5CYII=>
diff --git a/governance/meetings/2023.md b/governance/meetings/2023.md
new file mode 100644
index 000000000000..c47432281b99
--- /dev/null
+++ b/governance/meetings/2023.md
@@ -0,0 +1,1235 @@
+# OpenSSF Scorecard Meeting Archive — 2023
+
+## 2023-12-14
+
+Attendees:
+
+* Adrianne Marcum (OpenSSF)  
+* Jeff Mendoza (Kusari)  
+* Stephen Augustus (Cisco)  
+* Pedro Nacht (Google)  
+* David A. Wheeler (OperSSF)  
+* Raghav Kaul (Google)  
+* Sarah Elder (NCSU)
+
+
+  
+Regrets
+
+* 
+
+New Attendees
+
+* Lauri Apple
+
+Agenda 
+
+* There’s been some repo sprawl (multiple Scorecard-related repos). Some blocked because we don’t have a project charter so we “don’t exist” \- being fixed  
+* Scootrs \- tries to do “all you should do when creating a project”  
+  * URL: [https://github.com/kusaridev/skootrs](https://github.com/kusaridev/skootrs)  
+* Stephen: There is interest in getting people involved in Scorecard dev/ tackling backlog  
+* Backlog refinement, prioritization, and roadmapping  
+  * Work done so far (review of 100 issues, starting with oldest): [https://docs.google.com/spreadsheets/d/1UuKvZLlWyIMVkXIz1CqGWPYV\_\_f0xssldbayUOqIs04/edit](https://docs.google.com/spreadsheets/d/1UuKvZLlWyIMVkXIz1CqGWPYV__f0xssldbayUOqIs04/edit)   
+  * Needed: a few volunteers to help review items together (will probably take 2-3 hour-long sessions) to generate more “why”/what problem are we solving-related context. Then we can shape a roadmap.  
+  * Would be helpful to have existing architecture diagrams and overview of what is intended to be accomplished with Scorecard  
+  * Would be helpful to have improved Issue templates to better pull out the why/problem being solved from the request  
+  * Adrianne will post Doodle poll in Slack channel for initial review session in the new year  
+* CRob & David A. Wheeler suggested measuring knowledge on how to develop secure software  
+  * [https://github.com/ossf/scorecard/issues/3534](https://github.com/ossf/scorecard/issues/3534)  
+  * We intend to research to see how to automatically determine educational knowledge \- there’s at least one REST interface  
+    * Looking for ways to checking for certification without compromising developer privacy  
+  * There was 1 person originally resisting this, but that person seems to have been satisfied & we don’t need unanimous agreement anyway.  
+  * David intends to start investigating this (probably Jan 2024\)  
+  * Stephen: Supportive in principle but the devil is in the details  
+  * Key issue: We want equity, let’s find multiple test/courses so we’re agnostic / not requiring just one system. Also; many developers are self-taught, don’t want to exclude them.  
+  * 
+
+## 2023-12-11
+
+Attendees:
+
+* Adrianne Marcum (OpenSSF)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Allen Shearin (Lockheed Martin)  
+* Joe Coyle (Lockheed Martin)  
+* Juanita Gomez (UCSC)  
+* Sarah Elder (NCSU)  
+* David A. Wheeler (OpenSSF)
+
+
+  
+Regrets
+
+* 
+
+Announcements
+
+* Thursday 1-2pm PST meeting has been restored to Biweekly
+
+Agenda & Meeting Notes
+
+* Ian Dunbar-Hall: Between Security-Insights doc & SBOM Naming convention document, this is a good time to have a uniform approach \- e.g., how do we make these projects work together  
+  * E.g., should we measure SBOM quality? E.g., sbom-scorecard? Not sure  
+  * We now have 2 different ways to record SBOMs \- we should be consistent.  
+  * IT’d be nice to have a way to measure impact.  
+  * Need to get a group together to identify & hash out any issues  
+  * [https://github.com/ossf/scorecard/issues/3574](https://github.com/ossf/scorecard/issues/3574)  
+  * Ian will work with SBOM Everywhere SIG to determine recommendations on what to implement  
+  * Adrianne can coordinate a cross-group meeting once recommendations are determined  
+* CRob & David A. Wheeler suggested measuring knowledge on how to develop secure software  
+  * [https://github.com/ossf/scorecard/issues/3534](https://github.com/ossf/scorecard/issues/3534)  
+  * We intend to research to see how to automatically determine educational knowledge
+
+## 2023-11-30
+
+Attendees:
+
+* Spencer Schrock (Google)  
+* Bennett Pursell (OpenSSF)  
+* Gabriela Gutierrez (Google)  
+* Pedro Nacht (Google)  
+* Joyce Brum (Google)  
+* Georg Kunz (Ericsson)  
+* Ryan Ware (Intel)  
+* Allen Shearin (Lockheed Martin)  
+* Jeremy Katz (Tidelift)  
+* Brian Crooks (Datalytica)
+
+Regrets
+
+* Adrianne Marcum (OpenSSF) \- will be late if I can attend
+
+Announcements
+
+* Thursday 1-2pm PST meeting has been restored to Biweekly; will continue to monitor attendance for monthly EMEA Monday 7-8am PST meetings  
+* In an effort to trademark the project as “OpenSSF Scorecard,” the domain will be updated to scorecard.dev and other uses of the name will be changed to the singular form (ex: slack channel). Timeline is still being determined and more details will be shared.  
+  * Goal is to give ample time for migration, e.g. redirects 
+
+Agenda
+
+* \[Gabriella\] Maintainer Annotations  
+  * [Maintainers annotation](https://docs.google.com/document/d/1-5NKRciF3qU-vLS4xPk48EDfC8isz0Z9vnvL4OVjwpQ/edit)   
+    * Similar to CNCF CLOMonitor exemptions [link](https://github.com/cilium/cilium/pull/22371/files)  
+    * Comments to the [tracking issue](https://github.com/ossf/scorecard/issues/1907)  
+* 
+
+## 2023-11-13
+
+Attendees:
+
+* Adrianne Marcum (OpenSSF)  
+* Georg Kunz (Ericsson)  
+* Allen Shearin (Lockheed Martin)  
+* 
+
+Regrets
+
+* 
+
+Announcements
+
+* Adrianne proposes including the EMEA Monday instance as a once/monthly meeting and moving the Thursday afternoon instance back to biweekly
+
+Agenda
+
+* ~~\[Gabriella\] Maintainer Annotations~~ Moved to Nov 30?  
+* Request for available tooling to ease widespread adoption in large organizations [https://openssf.slack.com/archives/C0235AR8N2C/p1698669830558059](https://openssf.slack.com/archives/C0235AR8N2C/p1698669830558059)  
+  * Planning to look into Scorecard Monitor and Scorecard API Visualizer
+
+## 2023-11-02
+
+Attendees:
+
+* Spencer Schrock (Google)  
+* Jeff Mendoza (Kusari)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Allen Shearin (Lockheed Martin)  
+* Sarah Elder (NCSU)  
+* Keith Ganger (Lockheed Martin)  
+* Michael Goddard (Google)  
+* Adrianne Marcum (OpenSSF)
+
+
+Regrets:
+
+* David A. Wheeler (burial)
+
+Agenda:
+
+* \[Spencer\] scdiff demo of draft PR [https://github.com/ossf/scorecard/pull/3640](https://github.com/ossf/scorecard/pull/3640)  
+* \[Spencer\] Contributor.md and ladder changes  
+  * Looking at all of our issues labels  
+  * Trying to make it easier for new contributors to be added, if ready
+
+## 2023-10-16
+
+Attendees:
+
+* David A. Wheeler  
+* Daniel Appelquist (Snyk)  
+* Dana Wang (OpenSSF)  
+* Joseph Coyle (Lockheed Martin)  
+* Caroline Lee (IBM)  
+* Ian Dunbar-Hall (Lockheed Martin)
+
+Agenda:
+
+* Welcome new friends  
+  * Joe \- arrived last time, developing Hopper (under Ian). Trying to re-engage  
+  *   
+* Education (SOSS follow-on)  
+  * In SOSS meeting \- Meeting in DC \- US Govt [https://openssf.org/press-release/2023/09/13/openssf-gathers-us-government-and-industry-leaders-at-secure-open-source-software-summit-2023/](https://openssf.org/press-release/2023/09/13/openssf-gathers-us-government-and-industry-leaders-at-secure-open-source-software-summit-2023/)   
+  * [https://github.com/ossf/scorecard/issues/3534](https://github.com/ossf/scorecard/issues/3534)   
+  * Education a key topic \- lots of developers don’t know how to write secure software .. how can we measure how many developers know how to write secure software … look for credentials, etc… How can we get that into ScoreCard?  
+  * DW: Look for “did developer complete something”... look at “who are the maintainers” then call API to find if developers have certifications… Could be an intermediate step \- if it’s on github or gitlab \- you can get the email address and query for credentials…  
+  * Dana: do we plan to have certificates like AWS \-   
+  * DW: yes they already exist \- i’m thinking of cert of completion of the “fundamentals” course.. Other certifications exist…  
+  * Dan: worried about false negatives…  
+  * DW: yes false \+ and \- are a concern… a way to solve this in many cases … We have another database \- the LF’s database \- if you’ve logged into the LF platform (events, etc…) you can identify personal and work email addresses… Can answer “do they have a cert” in the LF database…  
+  * Dan: *concerns about data protection \- primary uses, etc…*  
+  * DW: totally agree we need to keep in mind \- however much of this data is public by design…  
+  * DW: course I’m thinking about \- fundamentals course \- has zero cost…  not “pay to play”...  
+  * Dan: what’s the process? Is there a scorecard sandbox?  
+  * Ian: we’ve always worked locally and then one of the maintainers validates the work… Not a separate processing queue for items we want to track but not to be incorporated into scoring yet…  
+  * Ian: i like this idea \- we brought up a similar experimental feature… ties into training, etc… we need to come to an understanding with maintainers… there’s a good amount of stuff that scorecard could track \- recommendations \- how do we track these?  There’s some resistance to adopting things …   
+  * Dan: i can understand reluctance to adopt things \- e.g. SBOm \- into scorecard if they are not sufficiently mature…  
+  * Dana: could we still track it and collect that data but make it an optional reporting…  
+  * DW: if it’s not included in the measure than it doesn’t exist…  if it’s measured but ignored, why? I think we’re measuring things that are overly narrow. Only process things.   
+  * \[Dan: maybe score it but not include it in the aggregate score until “out of beta”?\]  
+  * New check process \- [https://github.com/ossf/scorecard/blob/main/checks/write.md](https://github.com/ossf/scorecard/blob/main/checks/write.md)  
+  * Dana: measuring people vs. measuring projects.. Scorecard is measuring the project.   
+  * DW: trying to determine an answer to a risk question… “is this safe?” which is a broader question…  
+  * Ian: really interested in seeing SBOM included in Scorecard… Now solving that issue with the naming conventions thing… Reading the process \- talks about high level requirements \- but doesn’t talk about it’s voted in or rejected…   
+  * DW: usually you have to convince the maintainers… often in a github issue.  
+  * Dan: sounds like it’s based on project \- an aggregate score of the maintainers of a project rather than a score about individual developers/maintainers.  
+  * DW: could even be “at least one maintainer has xyz certification” Opening it up : what do people think of education…? Appreciate SBOM is a little more complicated…   
+  * Dan: i do think it’s worth tracking…  
+  * Ian: i think it’s a good idea \- in line with other activities in OpenSSF \- also concerned about data protection.  
+  * DW: I can talk to data protection officer and legal.  
+  * Dana: if we look at build process or release process we look at project itself \- project achieving the maturity level \- all around the project itself \- and the people are behind it.  
+* Hoppr \- (Joseph Coyle) \- Allen Shearin  
+  * Maybe an SBOM-Scorecard effort as well  
+  * We’d done work on GitLab. Working on O\&M. They’re known issues that are being tracked already.  
+  * Ian: with sbom everywhere coming out with naming conventions … specific place to check for SBOMs… becomes more machine-readable. Very interested in seeing that happen and will dedicate resources to see it happen. Would be great to show coordination across workstreams.  We can bring the issue and start the discussion going.  
+  * DW: I think some pushback will happen because this is so new… developers not seeing value yet… we’re trying to get basic agreement…  Should we have SBOMs included in the source code at all? Challenge to come up with something people can agree on. But it might be the right time. I suggest writing a doc “this is what we intend to look for”... probably need to figure out the requirements.  
+  * Ian: SBOM everywhere SIG has written it \- and may take it to the TAC for informal approval \- it outlines the \- and security insights spec. We’ll have specific guidance on where to look to find SBOMs…Would love to see this be a common thread across OpenSSF… To help encourage best practices across the industry…  We should check even if take up is low at this time… But could be experimental…  
+  * Dan: there’s a runway… also build processes / CICD pipeline needs updated  
+  * Dana: we have to start from somewhere… Using SLSA maturity level \- level 1 is “it exists” and where does it exist \- lower hanging fruit \- then mature to the more advanced level… then advance to next stages of maturity.  
+  * Ian: project to help OSS projects to adopt SBOMs \-   
+* Question on event-based mechanism for changes for API (pub/sub)? \- Dan  
+  * Is there a way to be notified about a change to a Scorecard result?  
+  * E.g., “well-known package X has a lower score now” (hijacked?)  
+  * We could create a query, but looking more for a callback.  
+  * David: I don’t know of one  
+  * Dan: will bring this up in the github issues for the project. ✨  
+* Any other business (AOB)
+
+## Oct 5, 2023
+
+Attendees:
+
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Sarah Elder (NC State University)  
+* Allen Shearin (Lockheed Martin)  
+* Joe Coyle (Lockheed Martin)  
+* Jeff Mendoza (Kusari)  
+* Keith Ganger (Lockheed Martin)  
+* Spencer Schrock (Google)   
+* Evan Anderson (Stacklok)  
+* Victor Lu (?)  
+* Caroline Lee (IBM)  
+* Laurent (?)
+
+Agenda:
+
+* Welcome new friends  
+  * Allen Shearin  
+  * Joe Coyle  
+* Discuss adding a new check that detects if a project has an SBOM. (see previous discussion in this document from April, May and June)  
+  * [SBOM Everywhere SIG \- SBOM Naming Conventions Document](https://docs.google.com/document/d/1-jFoh_R7FV4NhHuUkt4Atz3h4K9b4bnmolntSbytspE/edit)  
+  * If Scorecard can confidently say something is not a library, people are more amenable to having it as a check for release artifacts  
+    * For libraries, there is a discussion needed. Laurent to discuss with WG  
+* On a similar point to unity across the OpenSSF, Security Insights  
+  * See, related issues in scorecard [https://github.com/ossf/scorecard-webapp/issues/478](https://github.com/ossf/scorecard-webapp/issues/478)   
+  * FYI: Security Insights \+ CLOMonitor ([https://clomonitor.io/docs/topics/checks/\#security-insights](https://clomonitor.io/docs/topics/checks/#security-insights))  
+* For future discussion (with David \+ CRob) [https://github.com/ossf/scorecard/issues/3534](https://github.com/ossf/scorecard/issues/3534)  
+*   
+* GitTuf ([https://github.com/gittuf/gittuf](https://github.com/gittuf/gittuf)) is moving to OpenSSF (SCI wg?). Makes sense to have as an Allstar policy ([https://github.com/ossf/allstar/issues/459](https://github.com/ossf/allstar/issues/459))  
+  * Branch Protection audit at the git level (as opposed to GitHub/ GitLab preventing something)  
+* 
+
+## Sep 18, 2023
+
+Attendees:
+
+* Adrianne Marcum (Linux Foundation)  
+* Sarah Elder (NC State University)
+
+Agenda:
+
+* Welcome new friends  
+  * Sarah Elder \- interested in validation of metrics  
+* No other attendees due to OSS-EU \- convened after 10 min 
+
+## Sep 7, 2023
+
+Attendees:
+
+* Jeff Mendoza (Kusari)  
+* David A. Wheeler (Linux Foundation)  
+* Spencer Schrock (Google)  
+* Andres Orbe (graduate / Alpha-Omega project)  
+* Adrianne Marcum (Linux Foundation)  
+* Raghav Kaul (Google)  
+* Evan Anderson (Stacklok)  
+* Caroline Lee
+
+Agenda:
+
+* Welcome new friends  
+  * Welcome Andres\! Has worked on Alpha Omega, and learning about the rest of the OpenSSF  
+* Announcements / Updates  
+  * Allstar: looking into a couple of issues:  
+    * [https://github.com/ossf/allstar/issues/442\#issuecomment-1702520347](https://github.com/ossf/allstar/issues/442#issuecomment-1702520347)  
+    * [https://github.com/ossf/allstar/issues/445](https://github.com/ossf/allstar/issues/445)  
+  * Scorecard:  
+    * Blog: [OpenSSF Scorecard Launches v4.12 with Support for GitLab](https://openssf.org/blog/2023/08/28/openssf-scorecard-launches-v4-12-with-support-for-gitlab/)  
+      * More GitLab contributions welcome\! Especially with Dangerous-Workflows and Pinned-Dependencies checks, or adding repos to scan in the cron to gitlab-projects.csv.  
+    *   
+* David A .Wheeler: Best Practices badge:  
+  * Badge website has now moved to [https://www.bestpractices.dev](https://www.bestpractices.dev), Scorecard probably ought to change the URL where we get best practices info from (the old URL is being redirected so there’s no rush, but it’d be a tiny performance boost).  
+    * Someone has opened a [PR](https://github.com/ossf/scorecard/pull/3448), waiting on DCO  
+  * Also, the badge project intends to bring data from Scorecard to automate some of our questions, per this mapping: [https://github.com/coreinfrastructure/best-practices-badge/blob/main/docs/scorecard-map.md](https://github.com/coreinfrastructure/best-practices-badge/blob/main/docs/scorecard-map.md)  
+  * CRob & I will talk about Scorecard & Best Practices badge at conference in Spain in 2 weeks  
+    * Link?  
+  * Question: What is the difference between the badges?  
+    * BP is a “badge”, Scorecard is a “scorecard” \- but you can have a badge that shows the scorecard  
+    * Will continue to have both “badges”, Scorecard for automated, BP includes non-automated  
+    * Q: Could scorecard read some kind of human-generated yaml-file to address non-automated attestations?  
+    * Q: Would like to point devs to a single place to get better at security, and different BP and scorecard are different  
+    * Starting point is Secure software guide: [https://best.openssf.org/Concise-Guide-for-Developing-More-Secure-Software](https://best.openssf.org/Concise-Guide-for-Developing-More-Secure-Software) Recommend this as a single “Staring point” for devs.  
+    * Scorecard is an easy single point to direct devs to get better at security as it is fully automated.  
+    * BP should be just as easy, even if there are many questions, can just do some  
+    * Scorecard does give a score on having BP badge  
+    * Q: Which order, is it right to start with scorecard?  
+    * Either order is good.  
+    * Q: We should have a good place to start, elevator pitch, easy then continue with more advanced things  
+    * **How about: “start with scorecards”? BP is included in scorecards, so that will lead folks there**  
+    * Scorecards is adding a “remediation effort” estimate so people can sort by amount of effort to achieve an improved score.  
+    * Can we make it easy to get scorecard information without needing to install / run / modify CI, since we have a lot of the scores already?  
+      * Aka point to [https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard](https://securityscorecards.dev/viewer/?uri=github.com/ossf/scorecard)   
+      * ~~Put this at top of README.md, e.g.~~ viewer instead, form not allowed  
+        * \<form action=”[https://securityscorecards.dev/viewer](https://securityscorecards.dev/viewer)” method=”get”\>URL: \<input type=”text” name=”url”\>\<input type=”submit”\>\</form\>  
+      * [https://github.com/ossf/scorecard-webapp/tree/main/scorecards-site/static/viewer](https://github.com/ossf/scorecard-webapp/tree/main/scorecards-site/static/viewer)    
+    *   
+* Vendor news  
+  * Officially started last week, roadmap defined and approved.  
+    * [Scorecard Community Roadmap](https://docs.google.com/document/d/1ttLH1U4BRZkgVukBltLxKyP7UmFSLIyPtUUe1G86Sv0/edit#heading=h.ou02ukhsja30)  
+  * Working on moving checks structured results?  
+  * Also, false positives and negatives  
+* 
+
+## Aug 24, 2023
+
+Attendees:
+
+* David A. Wheeler (LF)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Raghav Kaul (Google)  
+* Evan Anderson (Stacklok)
+
+Agenda:
+
+* GitLab Namespace Squatting  
+  * [https://gitlab.com/ossf](https://gitlab.com/ossf)  
+  * [https://gitlab.com/openssf](https://gitlab.com/openssf)  
+* GitHub Namespace squatting recently resolved (it’s why we’ve been using “ossf” organization)  
+  * Slack conversation \- [https://openssf.slack.com/archives/C05BETTLHEE/p1690586545571689](https://openssf.slack.com/archives/C05BETTLHEE/p1690586545571689)   
+  * Sam White is GitLab product manager for “security product line”. We asked about GitLab squatting.  
+    * [https://openssf.slack.com/archives/C052Z3A3FQA](https://openssf.slack.com/archives/C052Z3A3FQA)  
+* The blog post announcing Scorecard 4.12, including GitLab support, is basically done. Need a bio from Keith Ganger & Jim Robison. Ian is trying to reach Keith & Jim now.  
+* 
+
+Actions:
+
+- Ian Dunbar-Hall \- provide Sam White contact info to David Wheeler. David’s email: dwheeler @ linuxfoundation . org  
+- Ian Dunbar-Hall \- track down keith and jim’s bios for blog post.
+
+## Aug 21, 2023
+
+Attendees:
+
+* Dan Appelquist (Snyk)  
+* David A. Wheeler (LF)  
+* Adrianne Marcum (LF)  
+* Cheuk Ho (LF)
+
+Agenda:
+
+*  Announcements  
+  * Vendor contract process underway for [work outlined in the roadmap](https://docs.google.com/document/d/1ttLH1U4BRZkgVukBltLxKyP7UmFSLIyPtUUe1G86Sv0/edit#heading=h.ou02ukhsja30), we’ve interviewed potential contractors  
+*  [https://github.com/ossf/scorecard/pull/3107](https://github.com/ossf/scorecard/pull/3107)  
+  * All resolved, we just need to make sure the checks all pass  
+  * David W. to merge once the checks run
+
+## Aug 10, 2023
+
+Attendees:
+
+* Jeff Mendoza (Kusari)  
+* Spencer Schrock (Google)  
+* Pedro Nacht (Google)  
+* Diogo Teles (Google)  
+* David A. Wheeler (LF)  
+* Adrianne Marcum (LF)  
+* Cheuk Ho (LF)  
+* Evan Anderson (Stacklok)
+
+Agenda:
+
+*  Announcements  
+  * New meeting link\! Should be updated on the calendar. More details in slack [\[link\]](https://openssf.slack.com/archives/C019M98JSHK/p1691174555715859)  
+    * \[Evan\] calendar seems to still have old link  
+    * \[Evan\] Need LFX account to join  
+    * [Join Link](#meeting-info)  
+  * \[Spencer\] First contributor ladder nomination: Invited Gabriela as Triager [\[link\]](https://github.com/ossf/scorecard/issues/3375)  
+  * \[Spencer\] WIP: GitHub support for Repository Rules [\[link\]](https://github.com/ossf/scorecard/pull/3354)  
+    * Still working with author, but should help with Branch-Protection permissions in cron/action  
+  * Allstar: [https://github.com/ossf/allstar/releases/tag/v4.0](https://github.com/ossf/allstar/releases/tag/v4.0) was released, includes an alternative container that includes busybox image for easy use as a GitHub Action. ([https://github.com/ossf/allstar/pull/441](https://github.com/ossf/allstar/pull/441))  
+  * Roadmap approved by Best Practices WG, reviewing issues in backlog, vendor selection in process  
+* \[Spencer\] Re DNS problem from last meeting:  
+  * Two new health checks for the API and website added in GCP.   
+  * Notification channel currently \#security\_scorecards\_cron in Slack  
+  * Any other emails? Maybe a new Scorecard monitoring google group people can sign up to?  
+* Alternating meeting times decided:  
+  * Pacific time stays the same as current  
+  * Europe time Monday at 2pm GMT (Aug 21\)
+
+## Jul 27, 2023
+
+Attendees:
+
+* Jeremy Katz (Tidelift)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Keith Ganger (Lockheed Martin)  
+* Adrianne Marcum (LF)  
+* Spencer Schrock (Google)  
+* Brian Russell (Google)  
+* Caroline Lee (IBM)   
+* Jeff Mendoza (Kusari)  
+* Eddie Knight (Sonatype)  
+* David A. Wheeler (Linux Foundation)  
+* Sammy Gonzalez (Lockheed Martin)  
+* Raghav Kaul (Google)
+
+Agenda
+
+* DNS Problem  
+  * For \~13 hours there was a disconnect. If you had any Scorecard Action runs fail, that’s why, everything should be good now. I imagine there will be a postmortem.  
+* Scorecard Mentioned in [https://resources.snyk.io/state-of-open-source-2023](https://resources.snyk.io/state-of-open-source-2023).  
+* Should we have a “Scorecard in the news” page? Yes, but not that name. “Notable references to Scorecard”?  
+* Eddie Knight: Through education SIG etc., will be making a “Scorecard course” \- need someone to review it. It’s not complex, it mostly translates docs to another format. Want someone to review before sending it back to LF Training.  
+  * Spencer: I’ll volunteer  
+  * David A. Wheeler: I’d like to also look, especially to make sure it connects to other materials.  
+* What about personal access tokens? I’ve always done the GitHub action before. But now that I’m describing how to use the CLI, I get a lot of errors. See issue \#1097, [https://github.com/ossf/scorecard/issues/1097](https://github.com/ossf/scorecard/issues/1097)  
+  * Branch Protection in particular  
+  * With transition to fine-grained permissions of tokens, we think this works well if you have admin access to the repo, it’s trickier if you don’t have that level access. If you do a classic token it’ll work, the problem with these tokens is that they give write access which many people won’t be comfortable with. See the README on tokens. See the scorecard-action info.  
+* Take the doodle poll on meeting times, we are looking at alternating time slots for more globally friendly timezones  
+  * Pacific \+ US west [poll](https://doodle.com/meeting/participate/id/dN0nO5za)  
+  * Europe \+ US East [poll](https://doodle.com/meeting/participate/id/bD87qJnb)  
+* GitLab release incoming  
+  * Any documentation for GitLab auth token  
+  * Doc to hook up to GitLab cicd system? It’d be good to document the basics (how to hook into CI/CD & how to show that from the README) \- it’s probably just a few lines of config in each, but people are more likely to do it if we explain it directly.
+
+## Jul 13, 2023
+
+Attendees:
+
+* Spencer Schrock (Google)  
+* Pedro Nacht (Google)  
+* Diogo Teles (Google)  
+* Laurent Simon (Google)  
+* Caroline Lee (IBM)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Jonathan Howard (Lockheed Martin)  
+* Evan Anderson (Stacklok)  
+* Jeff Mendoza (Kusari)  
+* Adrianne Marcum (LF)  
+* Keith Ganger (Lockheed Martin)  
+* David A. Wheeler (LF)  
+* Joyce Brum  
+* Brian Russell (Google)  
+* Raghav Kaul 
+
+Regrets:
+
+*  
+
+Agenda:
+
+* Welcome new friends  
+  * Adrianne Marcum \- OpenSSF Tech PM  
+  * Jonathan Howard (Lockheed Martin)  
+* Announcements  
+* \[Spencer\] Change in Dangerous-Workflow and Token-Permissions scores for repos with no workflows ([issue link](https://github.com/ossf/scorecard/issues/3205))  
+  * David \- at least score somewhere on the 0 \- 10 scale  
+  * Dangerous CI/CD on other platforms is something that could happen in the future  
+    * Possibly through structured results  
+* \[Pedro\] Should Dependency-Update-Tool require a dependabot.yml file to detect Dependabot? Or should having Dependabot security updates be sufficient? ([issue link](https://github.com/ossf/scorecard/issues/2845))  
+  * Dependabot.yml is currently optional, used as a detection signal in addition to commit activity  
+    * Problem is repos that have enabled dependabot once X years ago and havent since  
+    * Score decay?  
+  * If required, does it change what the D-U-T check is checking?  
+    * Dependency tool to mitigate security vulns  
+    * Dependency tool to keep all dependencies up-to-date where reasonably possible  
+  * What happens with an empty dependabot.yml?  
+    * Need to test  
+* \[From Stephen Augustus via Slack\] In-person meeting w/ Adrianne Marcum & Brian Russell tomorrow to strawman the community roadmap  
+* \[Laurent\] Status on alternating times for different timezones? Doodle shared?
+
+## Jun 29, 2023
+
+**Attendees:**
+
+Please add an “X” for those present.
+
+| Present? | Name | Organization |
+| ----- | :---- | :---- |
+| X | Brian Russell | Google |
+| X | David A. Wheeler | Linux Foundation |
+| X | Raghav Kaul | Google |
+| X | Evan Anderson | Stacklok |
+| X | Laurent Simon | Google |
+| X | Dan Appelquist (Snyk) | Snyk |
+| X | Christine Abernathy | F5 |
+| X | Victor Lu |  |
+| X | Sanket Naik | Palosade |
+| X | Stephen Augustus | Cisco |
+
+Attendees:
+
+* Evan Anderson  
+* David Wheeler  
+* Christine Abernathy  
+* Laurent  
+* Victor Lu  
+* Christine Abernathy (F5)  
+* Sanket Naik (Palosade)
+
+Regrets:
+
+* Jeff Mendoza (Kusari) \- Under the weather  
+* Jeremy Katz (Tidelift) \- Vacation  
+* Spencer Schrock (Google) \- Vacation
+
+Agenda:
+
+* Welcome new friends  
+  * Dan Appelquist  
+  * Evan Anderson  
+* Announcements  
+  * Introductions  
+    *   
+  * Project updates  
+    * Announcement: Donation of visualizer [https://github.com/ossf/scorecard/issues/3204](https://github.com/ossf/scorecard/issues/3204) by nodejs team.   
+* ✅ Possible to alternate call times to accommodate European time zones? \- Dan Appelquist (resident troublemaker)  
+  * Dan: We’re heavily EU-centered. I chatted with Laurent re: remediation links. This is currently 9pm London time.  
+  * Stephen Augustus:  
+    * Thursdays are triply booked for me\!  
+    * Kubernetes release team ended up switching to Eastern / EMEA for one and Pacific / APAC for the other  
+  * The hardest is that we need to overlay times with maintainer facilitation availability.  
+  * [https://www.timeanddate.com/worldclock/meeting.html](https://www.timeanddate.com/worldclock/meeting.html)  
+  * Two Doodle polls:  
+    * For the Pacific / US-West audience (incl. Sydney) we have now  
+    * For the Europe / US-East (incl Israel)  
+* ✅ Remediation of [links to external commercial sites](https://github.com/search?q=repo%3Aossf%2Fscorecard%20stepsecurity&type=code)… \- Dan Appelquist  
+  * Someone saw a trace of Scorecard run, raised alarm for [https://stepsecurity.io/](https://stepsecurity.io/) (product) URL.  
+  * In the SCM best practices WG, we’re working with Legitify who developed many remediation steps for SCM which were contributed & those are sitting in GitHub.  
+  * It would be good for Scorecard to NOT send people to commercial sites. Instead, refer to the OSS site.  
+  * It’s happening within the \*remediation\* text. Legity can process & do a “hardened” repo.  
+  * Let’s create an issue to id & resolve this. Dan will create the issue.  
+  * SCM Best practices can be found here: [wg-best-practices-os-developers/docs/SCM-BestPractices at main · ossf/wg-best-practices-os-developers · GitHub](https://github.com/ossf/wg-best-practices-os-developers/tree/main/docs/SCM-BestPractices) and at its new home .. somewhere.  
+* ✅ Announcement: Donation of visualizer [https://github.com/ossf/scorecard/issues/3204](https://github.com/ossf/scorecard/issues/3204) by nodejs team.  
+  * Stephen Augustus will follow up on this with the TAC  
+  * May not have a well-defined / easy process  
+* ✅ Licensing of API Data \- [https://github.com/ossf/scorecard/pull/3107](https://github.com/ossf/scorecard/pull/3107) \- Dan Appelquist  
+  * Just noting I’m happy to clarify this issue or help in any way if needed…  
+  * In the Legal Jira world  
+  * David has re-contacted LF legal to get more info  
+* ✅ (Brian Russell) [project roadmap](https://drive.google.com/file/d/1DJJh-9XyLPtSIdcBZZrMg0G4tNlOzxqc/view?usp=sharing) (first pass / discussion kickoff)  
+  * TL;DR: Known contributions \+ Google (GOSST) team commitments \+ OpenSSF contracted vendors  
+  * Addition: OpenSSF Raising test coverage to 80%+ statement coverage  
+  * Additions: Integrating BigQuery & project-run results  
+  * How can we show “gradual improvements” \- handle/detect more CI/CD (CircleCI, Jenkins, etc), more test frameworks, more SAST tools \- maybe show the “by this point” milestone  
+* ✅ \[Christine Abernathy\] Thoughts on publishing Scorecard results in  places other than BigQuery?  
+  * What formats / locations?  
+  * Have a transfer job that weekly transfers data from 1.XM repos from GCS to a BigQuery table which is publicly queryable  
+    * Could probably support other transfer mechanisms  
+    * They can run up a bill somewhere in GCP when copying / querying\!\!  
+  * `Api.securityscorecards.dev` \- where does it pull data?  We believe it reads from GCS blobs, not from BigQuery.  
+    * Or maybe somewhere else  
+  * Where do we pass costs off to the consumer?  
+  * May need to create an issue to work out use cases \- Christine will file  
+  * ​​Dan created this demonstrator: [https://github.com/torgo/Scorecard4Purl](https://github.com/torgo/Scorecard4Purl)  
+  * [https://github.com/ossf/wg-best-practices-os-developers/tree/main/docs/SCM-BestPractices](https://github.com/ossf/wg-best-practices-os-developers/tree/main/docs/SCM-BestPractices)  
+*  Evan Anderson Where does the infrastructure (particularly `allstar`) run?  
+  * Want to be able to verify that community-run public benefit instances are being managed consistently  
+  * `allstar`: Google runs an instance, not clear who runs the public instance  
+    *  Evan Anderson to file an issue
+
+## Jun 15, 2023
+
+Attendees:
+
+* Spencer Schrock (Google) \- a Scorecard maintainer\!  
+* Pedro Nacht (Google)  
+* Diogo Sant Anna (Google)  
+* Brian Russell (Google)  
+* Jeremy Katz (Tidelift)  
+* Ashish Kurmi (StepSecurity)  
+* Jim Robison (Lockheed Martin)  
+* Lucas Gonze (eBay)  
+* Jeff Mendoza (Kusari)  
+* David A. Wheeler (Linux Foundation)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Michael Goddard (Google)  
+* Raghav Kaul (Google)  
+* Caroline Lee (IBM)
+
+Agenda:
+
+* \[Spencer\] Golden test tool proposal  
+  * GitHub issue: [CI: Report scoring differences for PRs that modify scorecard checks](https://github.com/ossf/scorecard/issues/2462)  
+  * [Scorecard Golden Testing Design Document](https://docs.google.com/document/d/1xbk036RCVr5yUCU2NfjDzNAkT8oSRcDFmucUAXjQgaQ/edit?usp=sharing)  
+* \[Diogo\] [Allow unpinned dependencies in the selection of unprivileged workflows](https://github.com/ossf/scorecard/issues/2018) – workflows with read-only permissions and no secrets  
+  * Current blocker is that actions/upload-artifacts can still be called with read-only permissions and the artifacts can be used for critical processes, e.g. builds. Example: [This](https://github.com/pyca/cryptography/blob/main/.github/workflows/wheel-builder.yml#L43) piece of code uploads a python build artifact that is used by [this other workflow](https://github.com/pyca/cryptography/blob/main/.github/workflows/pypi-publish.yml#LL28C56-L28C56) to publish it.  
+  * “Don't punish but throw a warning.”  
+  * Who is this for? Developers? Auditors?  
+    * Should there be a confidence level for analysis to switch between permissive/restrictive?  
+  * We should DOCUMENT what we do when we’re not sure, in particular, the general rule. Should we err on caution or permissive?  
+    * False positives negatively affect people’s view on Scorecard  
+    * Proposed documented statement: “When we aren’t sure if there’s a problem or not, by default we presume it’s okay, and we’ll output a warning that we can’t determine something”  
+    * Maybe have a flag for “only give credit when there’s confidence in it”  
+    * Raghav Kaul: “Structured results feel like they'd go a long way here, we'd create findings and a maintainer can choose what to ignore. I wish there were a threat mapping/threat model of GitHub API permission levels and what a given permission allows you to do. If someone knows of something like this, it would really help to encode it into scorecard.”  
+    * Not very elegant, but this shows what endpoints are accessible:  
+      * for a classic token: [https://docs.github.com/en/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28](https://docs.github.com/en/rest/overview/permissions-required-for-github-apps?apiVersion=2022-11-28)  
+      * for fine-grained tokens: [https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens?apiVersion=2022-11-28](https://docs.github.com/en/rest/overview/permissions-required-for-fine-grained-personal-access-tokens?apiVersion=2022-11-28#actions)  
+    * The decision doesn't need to be binary, as either restrictive or permissive. We could decrease at least a low amount of score (e.g. 0.2 or 0.5) for unpinned read-only actions. That would keep scorecard impartial on possible security risks, and maintainers that'd rather not hash-pin safe dependencies could still be cool with a 9/10 score.  
+* \[Ashish\] Potential updates in StepSecurity remediation page  
+  * We have noticed that open-source maintainers get confused when they visit the current StepSecurity remediation page from scorecard findings. We have an alternate workflow that we can enable on the current page to simplify the user experience.  
+    * Proposing sending people towards the PR generating tool  
+    * Maybe switch up which remediations are enabled by default  
+      * I.e. if coming from a token permission issue, only have the token permissions on by default. But other remediations are available to enable.  
+    * Is there functionality remaining for people not logged in? Even if it’s the same landing page  
+* \[Jeff\] [https://github.com/ossf/allstar/issues/422](https://github.com/ossf/allstar/issues/422)  
+  * [https://github.com/ossf/allstar/pull/424](https://github.com/ossf/allstar/pull/424)   
+* \[MichaelG\] Contributor ladder (see draft in [\#1529 (comment)](https://github.com/ossf/scorecard/issues/1529#issuecomment-1572664893))  
+  * Feedback / next steps?  
+  * TAC feedback  
+    * Contributor ladder is nice to have for all ossf projects, and how people can become maintainers  
+    * But the proposal is too detailed to apply to all projects, especially smaller ones. So the proposal in question should be viewed as scorecard specific.  
+* \[DavidW\] I’d like to change our Scorecard meeting note permissions; currently they are “edit by all”. I want to switch to “comment by all” to prevent problems from trolls. Can everyone share your email address so we can set everyone here can edit?  
+  * Do you want to limit edit permissions to the [https://groups.google.com/g/ossf-scorecard-dev](https://groups.google.com/g/ossf-scorecard-dev)?  
+    * I’m not sure I can do that now that it’s moved to OpenSSF’s drive. Pointers?  
+    * I shared it as “editor” to: [ossf-scorecard-dev@googlegroups.com](mailto:ossf-scorecard-dev@googlegroups.com) \- if that’s enough then we’re done, not sure that’s enough.  
+      * \[Brian Russell\] I think that should work  
+    * Looks like it works\! Now everyone can “suggest” but we’re more careful about who can edit.  
+    * David: I’m not worried about the people present.  
+* David: The OpenSSF critical projects WG has developed a draft updated list of “critical OSS projects” for 2023\. Can we make sure that all projects in their list (where specific GitHub repos are referenced) is included in the weekly run? Below is the list of repos. I expect many are already there, but possibly not all.  
+  * MichaelG: looks like they are all there  
+  * Thanks for checking\!\!
+
+Here is the list that was checked:  
+https://github.com/angular/angular  
+https://github.com/ansible/ansible  
+https://github.com/ant-design/ant-design  
+https://github.com/caolan/async  
+https://github.com/babel/babel  
+https://github.com/twbs/bootstrap  
+https://github.com/Homebrew/brew  
+https://github.com/ceph/ceph  
+https://github.com/chromium/chromium  
+https://github.com/Kitware/CMake  
+https://github.com/veged/coa  
+https://github.com/apache/commons-codec  
+https://github.com/apache/commons-io  
+https://github.com/apache/commons-lang  
+https://github.com/home-assistant/core  
+https://github.com/python/cpython  
+https://github.com/curl/curl  
+https://github.com/DefinitelyTyped/DefinitelyTyped  
+https://github.com/drupal/drupal  
+https://github.com/electron/electron  
+https://github.com/flutter/flutter  
+https://github.com/laravel/framework  
+https://github.com/gatsbyjs/gatsby  
+https://github.com/gradle/gradle  
+https://github.com/grafana/grafana  
+https://github.com/google/guava  
+https://github.com/Homebrew/homebrew-cask  
+https://github.com/Homebrew/homebrew-core  
+https://github.com/apache/httpcomponents-client  
+https://github.com/apache/httpcomponents-core  
+https://github.com/isaacs/inherits  
+https://github.com/juliangruber/isarray  
+https://github.com/FasterXML/jackson-core  
+https://github.com/FasterXML/jackson-databind  
+https://github.com/joomla/joomla-cms  
+https://github.com/JuliaLang/julia  
+https://github.com/jonschlinkert/kind-of  
+https://github.com/knative/community  
+https://github.com/kubernetes/kubernetes  
+https://github.com/laravel/framework  
+https://github.com/lodash/lodash  
+https://github.com/apache/logging-log4j2  
+https://github.com/qos-ch/logback  
+https://github.com/magento/magento2  
+https://github.com/mui-org/material-ui  
+https://github.com/apache/maven  
+https://github.com/mesonbuild/meson  
+https://github.com/substack/minimist  
+https://github.com/addaleax/natives  
+https://github.com/nginx/nginx  
+https://github.com/NixOS/nixpkgs  
+https://github.com/nodejs/node  
+https://github.com/numpy/numpy  
+https://github.com/openssl/openssl  
+https://github.com/OpenVPN/openvpn  
+https://github.com/pandas-dev/pandas  
+https://github.com/symfony/symfony  
+https://github.com/php/php-src  
+https://github.com/postgres/postgres  
+https://github.com/PowerShell/PowerShell  
+https://github.com/PrestaShop/PrestaShop  
+https://github.com/puppetlabs/puppet  
+https://github.com/pytorch/pytorch  
+https://github.com/ljharb/qs  
+https://github.com/rails/rails  
+https://github.com/dominictarr/rc  
+https://github.com/facebook/react-native  
+https://github.com/nodejs/readable-stream  
+https://github.com/ruby/ruby  
+https://github.com/rubygems/rubygems  
+https://github.com/rust-lang/rust  
+https://github.com/saltstack/salt  
+https://github.com/qos-ch/slf4j  
+https://github.com/apache/spark  
+https://github.com/storybookjs/storybook  
+https://github.com/nodejs/string\_decoder  
+https://github.com/systemd/systemd  
+https://github.com/tensorflow/tensorflow  
+https://github.com/mrdoob/three.js  
+https://github.com/torproject/tor  
+https://github.com/microsoft/TypeScript  
+https://github.com/faisalman/ua-parser-js  
+https://github.com/microsoft/vscode  
+https://github.com/webpack/webpack  
+https://github.com/WordPress/WordPress  
+https://github.com/zephyrproject-rtos/zephyr
+
+## Jun 1, 2023
+
+Attendees:
+
+* Diogo Sant'Anna (Google, GOSST Upstream team)  
+* Gabriela Gutierrez (Google, GOSST Upstream team)  
+* Joyce Brum (Google, GOSST Upstream team)  
+* Pedro Nacht (Google, GOSST Upstream team)  
+* Spencer Schrock (Google)  
+* Jeremy Katz (Tidelift)  
+* Jeff Mendoza (Kusari)  
+* Brian Russell (Google)  
+* Raghav Kaul (Google)  
+* Caroline Lee (IBM)  
+* Brian Behlendorf (OpenSSF/LF)  
+* Josh Clements (ADI)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Justin Abrahms (hire me?)
+
+Regrets:
+
+* Michael Goddard (Google) \- SYD this time. NYC next time\!
+
+Agenda:
+
+* Announcements  
+  * Introductions  
+    * Pedro, from GOSST Upstream team. Work full time on external contributions  
+    * Josh, OSPO at Analog Devices. Interested in implementing Scorecard at ADI  
+  * Project updates  
+    * GitHub access changed to teams, check that access is correct.  
+* \[Raghav\] Code Review proportional scoring changes: [https://github.com/ossf/scorecard/pull/2882](https://github.com/ossf/scorecard/pull/2882)   
+  * How to avoid this scoring whiplash in the future?  
+    * Score change visualizer being designed, will be presented here when ready  
+* \[Brian Russell\] FYI putting together launch plan for GitLab support  
+* \[GOSST Upstream team\] Suggest adoption of a contributor ladder (see draft in [\#1529 (comment)](https://github.com/ossf/scorecard/issues/1529#issuecomment-1572664893))  
+  * Current draft is focused on overall openssf contributor ladder, to do so should propose to the TAC with an issue in the TAC repository and then discussion there  
+* \[GOSST Upstream team\] CLO-Monitor viewer of Scorecard scores ([\#2979](https://github.com/ossf/scorecard/issues/2979))  
+  * General acceptance of the idea of hosting in the scorecard site, awaiting PR from the CLO monitor team  
+* \[GOSST Upstream team\] [List of priority issues](https://docs.google.com/spreadsheets/d/1QrpD85bUbnKIWp7UMjrl8nwUcLeCytirMV_UXPR1sEE/edit#gid=0) we believe are important for maintainer satisfaction and Scorecard adoption, that we are willing to contribute with. Example:  
+  * ~~Code-Review: Review change made on version 4.10.5 that caused large reduction of scores ([issue](https://github.com/ossf/scorecard/issues/2812))~~ (covered on Raghav first point)  
+  * Token-Permissions: Only low-risk permissions are punished at the job-level ([issue](https://github.com/ossf/scorecard/issues/3045))  
+  * Pinned-Deps: allow unpinned deps in unprivileged workflows ([issue](https://github.com/ossf/scorecard/issues/2018))  
+* \[Justin Abrahms\] [sboms](https://github.com/ossf/scorecard/issues/3043)  
+  * [There's a way](https://gist.github.com/lucasgonze/b84a2c52c697bf8f686a005080c369dd) to find if they're generated based on looking through github actions  
+  * Github itself [has a way to generate SBOMs](https://docs.github.com/en/rest/dependency-graph/sboms?apiVersion=2022-11-28)
+
+## May 18, 2023
+
+Attendees:
+
+* Justin Abrahms (Hire me?)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Jeff Mendoza (Kusari)  
+* Ashish Kurmi (StepSecurity)  
+* David A. Wheeler (Linux Foundation)  
+* Lucas Gonze (eBay OSPO) \- works on OSPOs, uses Scorecard  
+* Jim Robison (Lockheed Martin)  
+* Keith Ganger (Lockheed Martin)  
+* Andrew Brinker (MITRE)  
+* Jeremy Katz (Tidelift)  
+* Raghav Kaul (Contributor, Google)  
+* Caroline Lee (IBM)  
+* Sanket Naik (Palosade)  
+* Brian Russell (Google)
+
+Regrets:
+
+* Naveen Srinivasan  
+* \[Spencer Schrock (Google)\]  
+* Michael Goddard (Google) \- sorry, in SYD, timezones :(
+
+Agenda:
+
+* Announcements  
+  * Introductions  
+  * Project updates  
+    *   
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * [Add support for SBOM analyzing](https://github.com/ossf/scorecard/issues/2605)  
+    * Bigger issue: Where do the SBOMs go? SBOMs are often \*generated\* from source code (e.g., during build) \- how do we find them?  
+    * Also: [Issue \#1476](https://github.com/ossf/scorecard/issues/1476)  
+    * Question of implementation  
+      * Where does the score go \- release, binary artifacts, new check, etc?   
+        * How would we score this?  
+      * Where does sbom live?  
+    * Write proposal and invite feedback   
+      * Q: How/where does one write a proposal?  
+      * A: Create a GitHub issue  
+        * So.. we have one. :) What next?  
+          * More details on code implementation, and how score is calculated  
+        * Needs to propose an implementation, not ask  
+    * Lot of end users and organizations want this  
+    * If scorecard can find sbom, maybe use rest api to show location of sbom?   
+    * Utilize related ossf groups for their expertise: sbom everywhere (under tooling, \#stream-09-sbom-everywhere) and repos working group (\#wg\_securing\_software\_repos)  
+    * David: This is important, but it is challenging. OSS NA presentation showed that different JavaScript package managers produced very different sets of packages to be installed given the same inputs.  
+  * \[Jeff\]Who are the scorecard core maintainers? Is there a contributor ladder?  
+    * [https://github.com/ossf/scorecard/blob/main/.github/CODEOWNERS](https://github.com/ossf/scorecard/blob/main/.github/CODEOWNERS)   
+    * [https://github.com/ossf/scorecard/pull/3039](https://github.com/ossf/scorecard/pull/3039)   
+    * Contributor ladder: ?   
+  * New mitre tool similar to scorecard called “hipcheck”: [https://github.com/mitre/hipcheck](https://github.com/mitre/hipcheck) (written in Rust)  
+    * What’s the diff?   
+    * Originally focused on software supply chain risks.  
+      * Focuses on typosquatting \- looks for dependencies that are probably typosquatting. Repos are also countering this, maybe that’s less important.  
+      * Concerning contributions: Packed malware, etc.  
+        * What about false+?  
+        * We’d love to validate this.  
+        * We found it hard to find malicious code sample. Looked for patches to fix CVEs, then went backwards to see what contributions were especially likely to be problematic.  
+        * David: There’s a group that has a collection.  
+      * There are also some UI differences, trying to make it easier to use. It’d be possible for scorecard’s JSON output to be sent into something that could build on the UI ideas.  
+      * Probably would just re-implement (Rust vs. Go)  
+      * They’ll come back & identify the specific criteria that (1) are especially useful and (2) not already in scorecard.  
+    * Guide to analyses, slightly out of date, but still useful: [https://github.com/mitre/hipcheck/blob/main/docs/book/src/using/analyses.md](https://github.com/mitre/hipcheck/blob/main/docs/book/src/using/analyses.md)   
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting  
+  * 
+
+Note: A lot of the Scorecard work now is being done by Raghav Kaul, Spencer Schrock, and Naveen Srinivasan.
+
+## May 4, 2023
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Jeff Mendoza (Kusari)  
+* Brian Russell (Google)  
+* Ashish Kurmi (StepSecurity)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Jim Robison (Lockheed Martin)  
+* Caroline Lee (IBM)  
+* Jeremy Katz (Tidelift)  
+* Amber Webb (Shell)  
+* 
+
+Agenda:
+
+* Announcements  
+  * Introductions  
+  * Project updates  
+    *   
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * Code Review Check: Use of AI to review code to help projects with single maintainers  
+    * David: AI shouldn’t count as a human review. It’s a static analysis, sure, and it could count that way. But we’d need strong evidence that AI is as good as human reviews in general before they’d count.  
+    * Jeff: Single-maintainers have a risk, if the maintainer disappears the project stops. AI doesn’t solve that either, so no, AI shouldn’t counter.  
+    * So overall, no, AI doesn’t count for this.  
+    * David: I can draft a tweak to Scorecard to clarify this  
+    * If we ever evaluate the quality of (static analysis) tools, the quality of the AI would matter & we’d need to evaluate.  
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting  
+  * Caroline Lee: I can take it\!
+
+## Apr 20, 2023
+
+Attendees:
+
+* David A. Wheeler (Linux Foundation)  
+* Jeff Mendoza (Kusari)  
+* Brian Russell (Google)  
+* Justin Abrahms (hire me?)  
+* Spencer Schrock (Google)  
+* Ashish Kurmi (StepSecurity)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Jim Robison (Lockheed Martin)
+
+Agenda:
+
+* Announcements  
+  * Introductions  
+  * Project updates  
+    * Allstar  
+      * Could use some help here: [https://github.com/ossf/allstar/issues/381\#issuecomment-1509513138](https://github.com/ossf/allstar/issues/381#issuecomment-1509513138)  
+      * Using cached-transport but tarball download is too big  
+* Open Issues & One-off discussion topics (e.g. pull request to be merged, feature request, etc.)  
+  * \[Abrahms\] [sbom-scorecard](https://github.com/justinabrahms/sbom-scorecard) inclusion. ([Issue](https://github.com/ossf/scorecard/issues/2605))  
+    * Seems promising. What’s the vision on how to integrate overall?  
+    * How would you include this with Scorecard, since SBOM might not be in version control of source code? Scorecard is currently very based on repo  
+    * Can look at GitHub releases, see if there are artifacts in its release, so could infer it from that.  
+    * It seems to fit better with the Signed Releases or Packaging check, but that’s okay.  
+    * Publishing workflow (vs. packaging)  
+    * Sounds reasonable.  
+    * How do we find the SBOM? Probably first check filename extension, look in certain places, verify if they’re SBOMs.  
+    * Google’s osv-scanner uses some naming conventions to find SBOMs, we can use similar ones.  
+      * [https://github.com/google/osv-scanner/pull/258](https://github.com/google/osv-scanner/pull/258) which references  
+        * Cyclonedx [https://cyclonedx.org/specification/overview/\#recognized-file-patterns](https://cyclonedx.org/specification/overview/#recognized-file-patterns)  
+        * SPDX [https://spdx.github.io/spdx-spec/v2.3/conformance/](https://spdx.github.io/spdx-spec/v2.3/conformance/)  
+    * Issue updated: [https://github.com/ossf/scorecard/issues/2605\#issuecomment-1516899502](https://github.com/ossf/scorecard/issues/2605#issuecomment-1516899502)   
+  * OpenSSF Scorecard and Best Practices badges  
+    * David Wheeler will co-present these with crob @ OpenSSF Day  
+  * Is there any guidance between the three ways to pull scorecard data?  
+    * BQ directly / REST API / Deps.dev  
+      * Deps.dev does temporarily filter some data out (currently \-1s, SAST, Dependency-Update-Tool and Code-Review) while Scorecard is re-enabling some checks  
+    * And how is the data licensed [https://github.com/ossf/scorecard/issues/2713](https://github.com/ossf/scorecard/issues/2713)  
+    * ?  
+* Quick heads-up \- will present on Scorecard @ OpenSSF Day  
+  * Naveen \+ Spencer also presenting a Scorecard \+ Sigstore talk, not ready for feedback, maybe next week  
+* Summary (last 3-5 minutes)  
+  * Facilitator transfer for next meeting
+
+## Apr 6, 2023
+
+Attendees
+
+* Jeremy Katz (Tidelift)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Ashish Kurmi (StepSecurity)  
+* Spencer Schrock (Google)  
+* Brian Russell (Google)  
+* Jim Robison (Lockheed Martin)  
+* Jeff Mendoza (Kusari)  
+* Keith Ganger (Lockheed Martin)  
+* David A. Wheeler (Linux Foundation)  
+* Azeem Shaikh (Google)  
+* Raghav Kaul (Google)
+
+Project Updates
+
+* Allstar (Jeff)  
+  * Two new policies contributed:   
+    * Administrator \- are individuals allowed or only teams, with exceptions  
+    * Codeowners \- settings for if required, or optional and if it is there does it have errors  
+  * Looking to fix a memory leak (previously rolled-back)  
+  * Next will cut a release.  
+* Scorecard Action new release   
+  * [https://github.com/ossf/scorecard-action/releases/tag/v2.1.3](https://github.com/ossf/scorecard-action/releases/tag/v2.1.3)
+
+Agenda
+
+* FYI: OpenSSF \- we’re working on funding more maintenance (Naveem, 25 hours/week, reporting to David A. Wheeler), scorecard improvements  
+* FYI: MITRE has “hipcheck” which has some similarities to Scorecard, it might be useful to review it & see if has ideas to reuse. See: [https://github.com/ossf/scorecard/issues/2816](https://github.com/ossf/scorecard/issues/2816)  
+  * Hipcheck: [https://github.com/mitre/hipcheck](https://github.com/mitre/hipcheck)  
+  * *AI: David to reach out to Andrew who led the work and see if he’s up to join and share*  
+* Gitlab discussion  
+  * Plan to use cron to loadtest. Have a list of 25K-30K GitLab repos that we’ll add to the cron list soon. We plan to start by adding just a few GitLab repos to make sure it works before “fulling turning it on”.  
+  * When we talked with Sam & ? from GitLab, they suggested the best thing is to use GitLab service accounts, for now we have a stub account & we’ll switch over once the service account is available. That’s a construct that doesn’t QUITE exist yet in GitLab, but is about to: [https://gitlab.com/groups/gitlab-org/-/epics/9573](https://gitlab.com/groups/gitlab-org/-/epics/9573) . So the idea is to use a normal account, then switch.  
+* Process for proposing scoring changes  
+  * Bug(?): Large changes to Code-Review scores between 4.10.2 and 4.10.5  
+    * [https://github.com/ossf/scorecard/issues/2812](https://github.com/ossf/scorecard/issues/2812)  
+    * Changes proposed during Nov 17, 2022 meeting drastically changed scoring. Having 2 unreviewed PRs (out of \~30) gives a 0  
+    * Number of repos scoring  0 went from 905,973 \-\> 1,058,062  
+  * David W: Might want to borrow the approach from the best practices badge  
+    * When we add new criteria, we mark them as “future” \- we measure them, but report them as “future” & don’t include their values in the final value  
+    * That way, we can add new criteria but give people time to implement them.  
+    * Later the “future” criteria have the “future” marking removed, and thus are included in the final score.  
+  * Maybe for tweaking checks, can create a variant of the check  
+    * Could do the same thing, mark the new variant as “future”  
+  * Planning on Golden tests, details not solidified yet  
+    * Basically, before creating changes, run it against a subset with expected results to see if it does what we expect.  
+    * Is something anyone can do to move that along? Spencer:We can bring things once further along.  
+  * Wheeler: Can add “future: true” property to each criterion, final scoring ignores the criteria with future:true.  
+* Brian will moderate in 2 weeks
+
+## Mar 23, 2023
+
+Attendees
+
+* Jeremy Katz (Tidelift)  
+* Spencer Schrock (Google)  
+* Ashish Kurmi (StepSecurity)  
+* Azeem Shaikh (Google)  
+* Naveen Srinivasan  
+* Theresa Mammarella (Sonatype)  
+* Sanket Naik (Palosade)  
+* Namita Madhira (Comcast)  
+* Brian Russell (Google)  
+* Caroline Lee (IBM)  
+* Raghav Kaul (Google)
+
+Project Updates
+
+* Scorecard v4.10.4 released [https://github.com/ossf/scorecard/releases/tag/v4.10.4](https://github.com/ossf/scorecard/releases/tag/v4.10.4)  
+  * Scorecard action release needed  
+* Scorecard talk at [SCALE](https://www.socallinuxexpo.org/scale/20x)
+
+Agenda
+
+* Ashish discuss StepSecurity using Scorecard, provide remediation steps, add to automation to sbom  
+* Gitlab support timeline question  
+  * There is a Software supply chain security WG [https://gitlab.com/gitlab-com/www-gitlab-com/-/merge\_requests/120855](https://gitlab.com/gitlab-com/www-gitlab-com/-/merge_requests/120855)  
+  * Gitlab repos slowly integrating into cron results, check by check  
+    * Security Policy: [https://github.com/ossf/scorecard/pull/2754](https://github.com/ossf/scorecard/pull/2754)  
+  * Issue tracker: [https://github.com/ossf/scorecard/issues/2775](https://github.com/ossf/scorecard/issues/2775)  
+  * 
+
+## Mar 9, 2023
+
+Attendees
+
+* Naveen Srinivasan  
+* Spencer Schrock (Google)  
+* Jim Robison (Lockheed Martin)  
+* Caroline Lee (IBM)  
+* Keith Ganger (Lockheed Martin)  
+* Sammy Gonzalez (Lockheed Martin)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Raghav Kaul (Google)  
+* Michael Goddard (Google)
+
+Agenda
+
+- [https://github.com/ossf/scorecard-action/pull/1095](https://github.com/ossf/scorecard-action/pull/1095) Naveen Srinivasan  
+  - Discuss about the blocking issue  
+  - Naveen is blocked on the PR  
+    - This issue was opened and presente  
+  - Bus factor  
+  - Try to resolve next steps by next meeting  
+- Code Review scoring changes Raghav Kaul   
+  - Some big (negative) changes in prominent projects (e.g. numpy)  
+  - Change between previous cron results, to recent restarted run  
+  - Change/release policy for score changes needed?  
+    - Better communication about changes (e.g. versioned releases with release notes?)  
+    - Add emoji on PR \[like sapling etc\]  
+  - E2E tests?  
+    - On canary cohort? (to minimize token usage)  
+  - Cron job  
+    - Has a canary, but only that the binary itself works, does not check score variance  
+- Blog on Scorecard published [https://developer.ibm.com/blogs/ibm-works-with-openssf-scorecard-to-improve-supply-chain-security/](https://developer.ibm.com/blogs/ibm-works-with-openssf-scorecard-to-improve-supply-chain-security/) Caroline Lee  
+- 
+
+## Feb 23, 2023
+
+Attendees
+
+* Naveen Srinivasan  
+* Jeff Mendoza  
+* Spencer Schrock (Google)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Keith Ganger (Lockheed Martin)  
+* Ashish Kurmi (StepSecurity)  
+* Michael Goddard (Google)  
+* Raghav Kaul (Google)  
+* Matt Rutkowski (IBM)  
+* Caroline Lee (IBM)  
+* Jerod Heck (Lockheed Martin)  
+* Brian Russell (Google)
+
+Welcome new faces
+
+* Ashish Kurmi \- Welcome Ashish\!  
+* Keith Ganger \- Welcome Keith\!
+
+Project Updates
+
+* Allstar  
+  * Did a release [https://github.com/ossf/allstar/releases/tag/v3.0](https://github.com/ossf/allstar/releases/tag/v3.0)   
+  * Operations funding secured  
+  * Working on a memory leak  
+  * Will merge contributor ladder PR. [https://github.com/ossf/allstar/pull/339](https://github.com/ossf/allstar/pull/339)    
+* Scorecard  
+  * Upcoming talks:  
+    * [SCaLE March](https://www.socallinuxexpo.org/scale/20x/presentations/how-do-you-trust-your-open-source-software)  
+    * [RSA](https://www.rsaconference.com/usa/agenda/session/How%20Do%20You%20Trust%20Open%20Source%20Software) 
+
+Agenda
+
+* Matt Rutkowski would like to describe CycloneDX efforts on Formulation (v1.5, RFC pending)  (i.e., CI/CD Workflow) and its artifact capture from tasks/tools and how to reference them in future SBOMs (and delta from v1.4) with interactive Q\&A  
+* Fuzzing check \- read OSS Fuzz logs instead of GitHub project YAMLs?  
+  * Add RepoURL to schema: [https://github.com/google/oss-fuzz/issues/9782](https://github.com/google/oss-fuzz/issues/9782)  
+  * [https://github.com/ossf/scorecard/issues/2670](https://github.com/ossf/scorecard/issues/2670)  
+    * Naveen provided information for Raghav to check with Oliver in GOOST  
+* Demo \- Implement Scorecard action for dependencies \- [https://github.com/ossf/scorecard-action/issues/1070](https://github.com/ossf/scorecard-action/issues/1070) \- Naveen Srinivasan  
+  * Naveen will open a PR   
+  * It was recommended that we include policy as to what makes the action fail.  
+    * Naveen \-The Policy checks will be added later when scorecard comes up with a policy framework.  
+  * [Scorecard action for dependencies](https://docs.google.com/presentation/d/1QOBO4AGsXT7hddLY0HOyO6evfLvVvQ0fIdnzXiMsN_c/edit?usp=sharing)  
+* 
+
+## Feb 9, 2023
+
+Attendees
+
+* Jeremy Katz (Tidelift)  
+* Spencer Schrock (Google)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Jerod Heck (Lockheed Martin)  
+* Keith Ganger (Lockheed Martin)  
+* David A. Wheeler (Linux Foundation)  
+* Jeff Mendoza  
+* Kara Olive (Google)  
+* Bob Callaway (Google)  
+* Brian Russell (Google)  
+* Raghav Kaul (Google)
+
+Welcome new faces
+
+* Ian Dunbar-Hall, Jerod Heck, Keith Ganger (Lockheed Martin)  
+  * Working on GitLab support on Scorecard  
+* Justin Abrahms (eBay)  
+  * Working on SBOM Scorecard
+
+Laurant is on travel, can’t lead meeting. Spencer will lead today.
+
+Project/Individual updates
+
+* Allstar  
+  * Contributor ladder: [https://github.com/ossf/allstar/pull/339](https://github.com/ossf/allstar/pull/339)   
+  * Planning on release soon.  
+* Scorecard  
+  * Probably also need a release for bug fixes
+
+Agenda
+
+* Allstar request for neutral infrastructure (funding).  
+  * Any donations?  
+  * SCP WG will petition TAC for funding otherwise: [https://github.com/ossf/tac/blob/main/working-group-abilities.md\#technical-infrastructure](https://github.com/ossf/tac/blob/main/working-group-abilities.md#technical-infrastructure)   
+  * Access to repositories through privileged GitHub app is under the image of the OpenSSF  
+    * Administration of the project should be under LF IT  
+  * Jeff to open ticket with TAC  
+* Lockheed-Martin is interested in adding support for GitLab (welcome\!)  
+  * Ian Dunbar-Hall, Jerod Heck, Keith Ganger (Keith not on today) (Lockheed Martin)  
+  * Ragav has been working to get this PR across the finish line.  
+    * Should have a discussion in the relevant issues  
+  * We’re using Scorecard topic & bringing it in, happy to help support  
+  * Local git analysis improvements are also benefit other ecosystems  
+  * David: We’d love improvements to the criteria so they’re more general, if they aren’t, per [https://github.com/ossf/scorecard\#scorecard-checks](https://github.com/ossf/scorecard#scorecard-checks)  
+  * In general, please discuss in the issues.  
+* SBOM Scorecard project (Justin Abrams)  
+  * It scores SBOMs. An “SBOM” can be useless, e.g,. Doesn’t list dependencies or doesn’t list their versions. My project attempts to evaluate them.  
+  * [https://github.com/eBay/sbom-scorecard](https://github.com/eBay/sbom-scorecard)  
+  * David: Have you looked at the US  list of “minimum viable” fields?  
+    * The document is here: [https://www.ntia.gov/sites/default/files/publications/sbom\_minimum\_elements\_report\_0.pdf](https://www.ntia.gov/sites/default/files/publications/sbom_minimum_elements_report_0.pdf)  
+      * Supplier Name The name of an entity that creates, defines, and identifies components.  
+      * Component Name Designation assigned to a unit of software defined by the original supplier.  
+      * Version of the Component Identifier used by the supplier to specify a change in software from a previously identified version.  
+      * Other Unique Identifiers Other identifiers that are used to identify a component, or serve as a look-up key for relevant databases.  
+      * Dependency Relationship Characterizing the relationship that an X is included in software Y.  
+      * Author of SBOM Data upstream component The name of the entity that creates the SBOM data for this component.  
+      * Time stamp Record of the date and time of the SBOM data assembly .  
+  * David: have you considered identifying missing sub-dependencies?  
+    * Doesn’t verify if correct, it just makes sure that the data there is useful & certain kinds of data are present: licenses, version\#s, etc.  
+  * Let’s get the other scorecards maintainers to review the proposed issue: [https://github.com/ossf/scorecard/issues/2605](https://github.com/ossf/scorecard/issues/2605)  
+  * [https://sbom-scorecard.dev/](https://sbom-scorecard.dev/) if y’all wanna try it out.  
+* Docs mini-fixit plans  
+  * Proposed plan of scheduling a doc session every 6 months to speed read docs and identify problems  
+  * Support from previous meeting around this frequency  
+* 
+
+## Jan 26, 2023
+
+Attendees
+
+* Jeff Mendoza  
+* Spencer Schrock (Google)  
+* Jeremy Katz (Tidelift)  
+* Stephen Augustus (he/him) (Cisco)  
+* Raghav Kaul (Google)
+
+Welcome new faces
+
+* Jeremy Katz (Tidelift)
+
+Project/Individual updates
+
+* Allstar  
+  * Update contribution guidelines [https://github.com/ossf/allstar/pull/339](https://github.com/ossf/allstar/pull/339)   
+  * Contributing.md and ladder  
+  * Working on quickstart and other docs updates  
+* Scorecard  
+  * Doc freshness also planned [https://github.com/ossf/scorecard/issues/2579](https://github.com/ossf/scorecard/issues/2579)  
+    * Overarching Issue TBD
+
+Agenda
+
+* CI/CD rate limit improvements. Comments welcome  
+  * [https://github.com/ossf/scorecard/issues/2603](https://github.com/ossf/scorecard/issues/2603)  
+* Comments still welcome on Laurent’s structured results  
+  *  [https://github.com/ossf/scorecard/pull/2584](https://github.com/ossf/scorecard/pull/2584)   
+  * Make sure SARIF output we’re producing for GitHub is good with these changes  
+* What is doc freshness?   
+  * Doing these discussions as a community meeting  
+  * 6 month sync good for re-evaluating  
+* SemVer: [https://github.com/ossf/scorecard/issues/1683](https://github.com/ossf/scorecard/issues/1683)  
+  * Discussion over what is a major/minor change. E.g. [https://github.com/ossf/scorecard/pull/2195](https://github.com/ossf/scorecard/pull/2195)  
+    * Score calculation changed, result format stays the same  
+  * Also needs a discussion on the API / public data
+
+## Jan 12, 2023
+
+Attendees
+
+* Naveen Srinivasan  
+* Spencer Schrock (Google)  
+* Caroline Lee (IBM)  
+* Jeff Mendoza (Google)  
+* Michael Goddard (Google)  
+* Stephen Augustus (Cisco)  
+* Varun Sharma (StepSecurity)
+
+Welcome new faces
+
+* 
+
+Project/Individual updates
+
+* Jeff / Allstar: Planning some docs overhaul  
+  * Ex: [https://github.com/ossf/allstar/issues/336](https://github.com/ossf/allstar/issues/336)  
+  * More updates are coming as well.  
+* 
+
+Agenda
+
+* Laurent: structured results first PR [https://github.com/ossf/scorecard/pull/2584](https://github.com/ossf/scorecard/pull/2584)   
+  * Reference (on convo re: API guarantees): [https://github.com/ossf/scorecard/issues/1683](https://github.com/ossf/scorecard/issues/1683)  
+  * Question from Varun on use an existing standard of SARIF instead of a new format  
+    * [https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning)  
+  *   
+* Naveen : Action to the use API to get comments on updates on the dependencies changes.
diff --git a/governance/meetings/2024.md b/governance/meetings/2024.md
new file mode 100644
index 000000000000..f7c02b484ee3
--- /dev/null
+++ b/governance/meetings/2024.md
@@ -0,0 +1,1491 @@
+# OpenSSF Scorecard Meeting Archive — 2024
+
+## Dec 12, 2024
+
+Attendees
+
+* Spencer Schrock (Google)  
+* Jeff Mendoza (Kusari)  
+* Jeff Diecks (OpenSSF)  
+* Stephen Augustus (???)  
+* Avishay Balter (Microsoft)  
+* Kevin Dix (Boeing)
+
+New Attendees
+
+* Jeff Diecks
+
+Regrets
+
+* 
+
+Announcements
+
+* Expect a minor or patch release upcoming with a collection of minor updates and fixes  
+  * Scorecard \+ action  
+* 
+
+Agenda
+
+* \[Spencer\] Using email for contributor data when organizations unavailable  
+  * Trusts user-supplied git data, but the existing usage isnt much better  
+  * Both GitLab and Azure DevOps suffer from this  
+    * [https://github.com/ossf/scorecard/pull/4415](https://github.com/ossf/scorecard/pull/4415)  
+    * [https://github.com/ossf/scorecard/pull/4437\#issuecomment-2521080469](https://github.com/ossf/scorecard/pull/4437#issuecomment-2521080469)  
+  * Explore what forge alternatives look like  
+    * Different behavior on different forges is reasonable  
+* \[Avishay\]: question about probes implementation ([https://github.com/ossf/scorecard/issues/3736](https://github.com/ossf/scorecard/issues/3736))  
+  * Proposal: Memory Safety Scorecard Checks — [https://github.com/ossf/Memory-Safety/issues/33](https://github.com/ossf/Memory-Safety/issues/33)   
+  * Data isn’t purely binary, but on a continuum  
+  * Probes support a `Values` map for more open ended data  
+    * [https://github.com/ossf/scorecard/blob/2409124a2d48753e8030597f8ae85b6dbb275838/finding/finding.go\#L76-L80](https://github.com/ossf/scorecard/blob/2409124a2d48753e8030597f8ae85b6dbb275838/finding/finding.go#L76-L80)   
+  * [https://github.com/ossf/scorecard/blob/2409124a2d48753e8030597f8ae85b6dbb275838/probes/hasRecentCommits/impl.go\#L76](https://github.com/ossf/scorecard/blob/2409124a2d48753e8030597f8ae85b6dbb275838/probes/hasRecentCommits/impl.go#L76)  
+* Release cadence:  
+  * Aiming to have a maximum time between releases as 2 months if there are no pressing fixes/features to release  
+  * Thumbs up  
+* Meeting discussion  
+  * Next meeting is 26th \- will cancel \- Jeff D will send a message to Reden  
+  * EMEA is on Jan 6 Spencer is available.  
+  * After that is Jan 9, seems ok.  
+* \[Jamie maybe?\] Azure DevOps e2e testing  
+  * 2nd half. Sorry, I have a conflict the 1st half  
+  * Working on implementation, almost all of client implemented, Spencer has reviewed  
+  * E2e testing: should be an Azure sub in OpenSSF that we can create and Azdo org for free (5 user)  
+  * Need to track down who on OpenSSF has access \- Jeff D will ask around and report back in Slack  
+  * Azure Devops task \- equivalent to GitHub action, PoC working for running Scorecard  
+  * Main focus is completing client and hoping for a release  
+  * Would be good to update the issue([https://github.com/ossf/scorecard/issues/4177](https://github.com/ossf/scorecard/issues/4177)) with an update (this update) to also get any feedback from those following it.  
+  * We may wish to get the code merged before complete to attract contributors, Jamie is close to completion.  
+  * What check is being targeted with Azure Pileines?  
+    * The task is for running Scorecard as a part of the build  
+    * A Pipeline check (such as pinned deps in pipeline yaml) would be a subsequent effort
+
+## Dec 9, 2024
+
+Attendees
+
+* Spencer Schrock (Google)  
+* 
+
+New Attendees
+
+* M Atif Ali (Coder)
+
+Regrets
+
+* 
+
+Announcements
+
+* 
+
+Agenda
+
+* StepSecurity harden runner paid license?  
+  * Make sure we aren’t scoring based on paid products   
+* Vuln check  
+  * Some vulns in dev dependencies vs production  
+  * Some indirect dependencies we cant patch directly  
+  * May be able to ignore it with osv-scanner config  
+    * [https://google.github.io/osv-scanner/configuration/](https://google.github.io/osv-scanner/configuration/)   
+* Fuzzing Check (question)  
+  * What about in Go?  
+    [https://go.dev/doc/tutorial/fuzz](https://go.dev/doc/tutorial/fuzz)	  
+* 
+
+## Nov 14, 2024
+
+Attendees
+
+* Raghav Kaul (Google)  
+* Allen Shearin (Lockheed Martin)  
+* Spencer Schrock (Google)  
+* Hannah Sutor (GitLab)
+
+New Attendees
+
+* Amar Takhar (RTEMS Project)
+
+Regrets
+
+* 
+
+Announcements
+
+* Moving scorecard-action image from GCR \-\> GHCR
+
+Agenda
+
+* Roadmap/Status  
+* Overzealous stale issue bot ran this week  
+  * Closed a few open PRs, including one Spencer needs to unblock  
+* Publishing Scorecard results from GitLab  
+  * Contributors Check doing searching?  
+    * [https://github.com/ossf/scorecard/blob/fee8bcf77eff639b1be4272f11b1bc66de8594a3/clients/gitlabrepo/contributors.go\#L78-L85](https://github.com/ossf/scorecard/blob/fee8bcf77eff639b1be4272f11b1bc66de8594a3/clients/gitlabrepo/contributors.go#L78-L85)   
+  * We need to explore CI Components, but that wouldn’t help with self hosted GitLab?  
+    * [https://github.com/ossf/scorecard-webapp/issues/561](https://github.com/ossf/scorecard-webapp/issues/561)  
+  * API struggles with subroutes, but our library has limitations here  
+    * [https://github.com/ossf/scorecard-webapp/issues/511](https://github.com/ossf/scorecard-webapp/issues/511)  
+  * How to visualize a bunch of projects?  
+    * There is some markdown \+ json tooling meant for GitHub, maybe can be adapted?  
+      * [https://github.com/ossf/scorecard-monitor](https://github.com/ossf/scorecard-monitor)  
+  * Previous subgroup fix (due to owner/repo splitting around `/`)  
+    * [https://github.com/ossf/scorecard-webapp/pull/701](https://github.com/ossf/scorecard-webapp/pull/701)  
+  * What is the end goal with submitting Scores?   
+    * Anything to selfhost?  
+      * [https://github.com/ossf/scorecard-webapp](https://github.com/ossf/scorecard-webapp)   
+  * How to deal with regressions?  
+    * Scorecard Action uploads some SARIF to GitHub’s security dashboard  
+    * Allstar as  GitHub app supports filing issues, but again GitHub specific   
+    * GitLab SARIF upload in the works?:  
+      * [https://gitlab.com/gitlab-org/gitlab/-/issues/452042](https://gitlab.com/gitlab-org/gitlab/-/issues/452042)   
+  * Conformance reports  
+    * What’s the output format like?  
+    * Here’s a blog on custom policy, but light on concrete details [https://openssf.org/blog/2024/04/17/beyond-scores-with-openssf-scorecard-granular-structured-results-for-custom-policy-enforcement/](https://openssf.org/blog/2024/04/17/beyond-scores-with-openssf-scorecard-granular-structured-results-for-custom-policy-enforcement/)  
+    * Video form  
+    * [Structured Scorecard Results: Tailor Your Own Supply-Chain... - Adam Korczynski & David Korczynski](https://www.youtube.com/watch?v=ZT3XdMF6U5A)  
+  * 
+
+## Nov 11, 2024
+
+Attendees
+
+* Spencer Schrock (Google)  
+* Michael Winser (Eclipse Foundation)
+
+New Attendees
+
+* 
+
+Regrets
+
+* 
+
+Announcements
+
+* 
+
+Agenda
+
+* What is Scorecard’s roadmap and status today?  
+* What is Allstar story, and alignment with Otterdog and Minder  
+* Lots of data sets out there, between osv.dev deps.dev, scorecard, etc.  
+  * Produce some csv dump to location to enable analysis at scale.  
+    * Has happened for research partners before, could happen again  
+    * Would need to talk to OpenSSF  
+  * Relatively easy to join them together  
+  * Attestations of these data  
+* 
+
+## Oct 31, 2024
+
+Attendees
+
+* Jeff Mendoza (Kusari)  
+* Allen Shearin (Lockheed Martin)  
+* Evan Anderson (Stacklok)  
+* Eddie Knight (Sonatype)  
+* Raghav Kaul (Google)  
+* Kevin Dix (Boeing)
+
+New Attendees
+
+* 
+
+Regrets
+
+* 
+
+Announcements
+
+* 
+
+Agenda
+
+* [https://github.com/ossf/scorecard/pull/4391](https://github.com/ossf/scorecard/pull/4391)  
+  * LFX insights needs to consume output of probes  
+  * Related: [https://github.com/ossf/scorecard/pull/4020](https://github.com/ossf/scorecard/pull/4020)  
+  * Related issue: do we always know if the result of a probe is true or false equals bad or good? Not currently? Depends on name of probe?  
+  * Usually having a “remediation” is bad  
+  *   
+* [https://github.com/ossf/scorecard/pull/4398](https://github.com/ossf/scorecard/pull/4398)  
+  * Will rebase after the above is merged, as this includes those changes  
+  * 
+
+## Oct 17, 2024
+
+Attendees
+
+* Allen Shearin (Lockheed Martin)  
+* Spencer Schrock (Google)  
+* Jeff Mendoza (Kusari)  
+* Jamie Magee (Microsoft)  
+* Stephen Augustus (Cisco)  
+* Kevin Dix (Boeing)
+
+New Attendees
+
+* Tom Hennen (Google)
+
+Regrets
+
+* 
+
+Announcements
+
+* 
+
+Agenda
+
+* \[Tom Hennen\] [SLSA and Scorecards](https://github.com/ossf/scorecard/issues/3352#issuecomment-2417737004)??  
+  * SLSA source track attestations  
+    * Attestations are forge/VCS agnostic  
+    * Refer to specific revisions (for git is a ref either commit or branch)  
+      * Scorecard is very git and GitHub/GitLab specific. Is that a problem?  
+        * No, there can be multiple attestors  
+  * Differences/similarities to OpenSSF security baseline?  
+  * Would a derivative VSA work, if Scorecard has their own predicate type?  
+    * Not really, we need some sort of authority to be producing these VSAs  
+    * SLSA also wants the VSA to be a standard predicate type so that downstream users don’t need to understand every possible predicate type that might attest to these things ([some background here](https://docs.google.com/presentation/d/1_1ikfSaja87-Qx2ev26DYdiNgS6AEvVFO92oSwNGvJ8/edit)).  
+    * CLI could produce a VSA, signed with Sigstore (OIDC?)   
+      * Better than what exists today (nothing)  
+    * Trusted workflow, which calls scorecard, and does the mapping to L2, and produces a VSA?  
+* Need review: [https://github.com/ossf/allstar/pull/582](https://github.com/ossf/allstar/pull/582) (thanks)  
+* \[Jamie Magee\] Azure DevOps  
+  * [https://github.com/ossf/scorecard/issues/4177](https://github.com/ossf/scorecard/issues/4177)   
+  * [https://github.com/ossf/scorecard/pull/4377](https://github.com/ossf/scorecard/pull/4377)  
+  * How do we handle these self hosted and non-standard configurations?  
+  * AZDO Tasks / GitHub Actions analogue  
+    * Running Scorecard in a pipeline, to produce SARIF output  
+      * Container specific logic, unique to GitHub Actions  
+      * But SARIF is supported  
+    * But AZDO specific analysis is an angle too  
+      * [https://github.com/ossf/scorecard/issues/4380](https://github.com/ossf/scorecard/issues/4380)  
+      * And similar for DangerousWorkflows  
+    * Can the task be in the marketplace?  
+      * Discoverability is one thing, from the OpenSSF  
+      * [Extensions for Visual Studio family of products | Visual Studio Marketplace](https://marketplace.visualstudio.com/azuredevops)
+
+## Oct 14, 2024
+
+Attendees
+
+* CRob (OpenSSF)  
+* Zach Steindler (GitHub)  
+* Edward Thomson (Stacklok)  
+* Jakub Hrozek (Stacklok)  
+* Raghav Kaul (Google)
+
+New Attendees
+
+* CRob \- new OSSF architect and BEST WG rep; seeking to get better engaged with project  
+* Edward Thomson \- PM for Minder; looking to foster closer collab with Scorecard team  
+* Jakub Hrozek \- project member of Minder, here to answer technical questions  
+* Zach S \- new TAC chair
+
+Regrets
+
+* 
+
+Announcements
+
+* SOSS Fusion \- Scorecard workshop  
+* Two talks at Fusion about Scorecard
+
+Agenda
+
+* Welcome / Introductions  
+* How are things going? What’s going well? What help do you need?  
+  * High-level \- released v5 w/ structured results and maintainer annotations ; still looking for feedback.  Structured Results may be a feature users don’t fully understand yet.  Hopefully will help it easier to write a new probe or to pick-and-choose probes to use (narrow focus for viewer)  
+  * Can now accept new probes (SBOM probe, as an example).  
+  * Not sure users are getting value out of this feature yet though  
+  * Zach \- notices that there are lots of open issues; this is a sign that the project is generating a lot of interest.  Does the project feel they have enough folks to help with new features/work backlog?  
+  * Raghav \- feels backlog is a nice indicator the project is useful and liked (RFEs, and other suggestions).  We could use more help in addressing some of those.  Can we build the community (this is the intent of the Scorecard Workshops).  A PM would be very useful to help the team.  
+  * Did backlog grooming last year and did a batch of updates, but the queue continues to grow.  Not sure how to catch up with the pace of interest.  
+  *  Zach \- community demand might be outstripping team’s capacity  
+  * CRob \- could leverage TAC’s TI Funding process to see about getting a project manager to assist in getting the backlog wrangled.  [https://github.com/ossf/tac/blob/main/process/TI%20Funding%20Request%20Process.md](https://github.com/ossf/tac/blob/main/process/TI%20Funding%20Request%20Process.md)   
+* TAC PR for Scorecard moving up to Incubating Status [https://github.com/ossf/tac/pull/390](https://github.com/ossf/tac/pull/390)  
+  * 15Oct TAC call at 11am ET this will be discussed  
+  *   
+* 
+
+## Oct 3, 2024
+
+Attendees
+
+* Evan Anderson (Stacklok)  
+* Jeff Mendoza (Kusari)  
+* Spencer Schrock (Google)  
+* Hannah Sutor (GitLab)  
+* Eddie Knight (Sonatype)  
+* Jeff Diecks (OpenSSF)  
+* Kevin Dix (Boeing)  
+* Raghav Kaul (Google)  
+* 
+
+New Attendees
+
+* 
+
+Regrets
+
+* 
+
+Announcements
+
+* 
+
+Agenda
+
+* OpenSSF GCP budget, lots of container egress costs  
+  * GitHub package registry  
+  * Container egress comes from pulling down the image from GCR(GCP)  
+  * Idea: try using GHCR instead of GCR  
+  * New action version will contain the change  
+* Webapp  
+  * Better imposter commit verification in the works ([PR](https://github.com/ossf/scorecard-webapp/pull/682))  
+* Updates on adding probes to replace clomonitor  
+  * Steering committee met and are ok with accepting these probes, see slack messages in \#scorecard  
+* [Minder contribution](https://github.com/ossf/tac/pull/386) – hello, and how do we relate (vis-a-vis Scorecard and AllStar)?  
+  * ([overview](https://docs.google.com/presentation/d/1em0pdt-h-ghPdkmbklXw8_LvuQzo-gAxZ8NFVPQKkpQ/edit?usp=drive_link) presented to TAC)  
+  * Q: possibility for app to be “read-only”  
+    * Yes, some design and possibilities here  
+    * Split remediation app from scanning app  
+      * Possibly even keep queue of remediations and apply async from a GitHub Action or even from desktop  
+  * Evan: Scorecard is a measuring stick  
+    * Spencer: scorecard is trying to be a home for analyses, and then you can choose which ones to measure yourself from  
+    * Evan: Scorecards also has the “public observations” data set, which seems like it’s been useful from e.g. Tidelift  
+  * Jeff: If a user approaches OpenSSF and says “how do I strengthen my security”, how do they decide between Minder and Scorecards?  
+    * Need a clear rubric between the two.  
+    * How does Scorecards relate to private repos?  
+      * Doesn’t centrally report on private repos, but can run a lot of the checks locally.  
+    * Would be nice to have a flow chart or wizard to help choose  
+  * Jeff: AllStar and Minder – harder to square the message here  
+    * How to choose between installing AllStar and Minder on an org I manage.  
+  * What does the Venn Diagram of these three projects look like?  
+    * Scorecard Universe (CLI, action, API, monitor, visualizer)  
+    * Allstar  
+    * Minder
+
+## Sep 19, 2024 (Pacific)
+
+Attendees
+
+* Jeff Mendoza (Kusari)  
+* Raghav Kaul (Google)  
+* Spencer Schrock (Google)  
+* Eddie Knight (Sonatype)
+
+New Attendees
+
+* 
+
+Regrets
+
+* (many are at OSS EU \- Vienna)
+
+Announcements
+
+* 
+
+Agenda
+
+* CNCF usage of Scorecard  
+  * Clomonitor is being sunset  
+  * Needing to work with LFX insights  
+  * LF Baseline SIG  
+  * Good starting point from OpenJS foundation  
+  * Scorecard is already checking for many things on the baseline   
+    * (and some things which aren’t in the baseline)  
+  * LFX Insights question: Hard to check things that are not already in Scorecard  
+    * Adding things to scorecard. Lots of checks, may not agree with everything  
+    * Bring us back to “scorecard is a linter” [viewpoint](#2024-05-30-\(pacific\))  
+  * Question about effort to both write the checks and maintain them  
+    * Need to have some guidelines from Scorecard team on what we want  
+    *   
+  * Probe vs Check:  
+    * Check results in a score  
+    * Probe are distinct characteristics that get compiled into a check  
+    * Probes can be added and then be available in structured results  
+    * Lower bar for accepting new Probes, they don’t affect score  
+    * Higher bar for checks, possibly not all on by default  
+    * Will just a probe be enough for LFX to ingest results?  
+    * LFX insights likely running Scorecard itself  
+    * Probes: [https://github.com/ossf/scorecard/blob/main/docs/probes.md](https://github.com/ossf/scorecard/blob/main/docs/probes.md)   
+  * What sort of checks are missing?  
+    * (some spreadsheet)  
+    * Are they all automated?  
+      * Yes and no, but for the self-attesting parts are declared in security insights.  
+      * Concerns over which data is self-attested or not?  
+        * We don’t have many self-attested data now. Just the OpenSSF Best Practices badge.  
+  * How do we get this merged by November?  
+    * Steering committee can discuss the addition of CLOmonitor \-esque probes  
+    * Confirmation that LFX Insights will run the analysis and can see the probes  
+  * Steering Committee will meet on this topic and raise any new concerns to Eddie if needed
+
+## Sep 16, 2024 (EMEA)
+
+Attendees
+
+* Raghav Kaul (Google)
+
+New Attendees
+
+* Cristian Urlea \- University of Glasgow
+
+Regrets
+
+* 
+
+Announcements
+
+* 
+
+Agenda
+
+* Multiparty session types discussion  
+  * Links  
+    * [https://dsbd-morello-hat.github.io/](https://dsbd-morello-hat.github.io/)  
+    * [https://dsbd-appcontrol.github.io/](https://dsbd-appcontrol.github.io/)  
+    * [https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/](https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/)  
+    * [http://mrg.doc.ic.ac.uk/publications/a-very-gentle-introduction-to-multiparty-session-types/main.pdf](http://mrg.doc.ic.ac.uk/publications/a-very-gentle-introduction-to-multiparty-session-types/main.pdf)  
+    * [https://kar.kent.ac.uk/43737/1/BCDHY13.pdf](https://kar.kent.ac.uk/43737/1/BCDHY13.pdf)
+
+## Sep 5, 2024 (Pacific)
+
+Attendees
+
+* Lelia Bray-Musso (Cisco)  
+* Jeff Mendoza (Kusari)  
+* Allen Shearin (LMCO)  
+* Stephen Augustus (Cisco)  
+* Hannah Sutor (GitLab)
+
+New Attendees
+
+* 
+
+Regrets
+
+* 
+
+Announcements
+
+* 
+
+Agenda
+
+* \[lelia\] Discuss [https://github.com/ossf/scorecard/issues/4333](https://github.com/ossf/scorecard/issues/4333)   
+  * Working on this with Allstar, want to have something more formal by \~SOSS Fusion  
+  * Can run Scorecard with a PAT or app token (some limitations)  
+  * Experimental wrapper code around Scorecard \- could turn into real feature?  
+  * Re: Allstar  
+    * Good for configuring on per-repo, per-org basis, but no good way to report  
+    * There’s also Scorecard Monitor to help with org-level reporting  
+  * What are the right paved paths?  
+  * End state: What does a GitHub App installation look like for Scorecard?  
+    * Allstar can do that today, but not a paved path yet  
+  * If we have entrypoint into Scorecard using GH App credential, if we could do that for GitLab too, that would be great.   
+    * Group Access Token \= GitLab equivalent  
+    * Would be ideal to provide support for GitHub App \+ GitLab’s equivalent if we’re going to roll this out  
+    * Could be possible to get access to Gitlab sandbox for support developing this  
+* For GitHub, what are different containers you can organize in?  
+  * Multiple repos \-\> organization, app installed to entire org in single click w/ permissions to run on all those repos  
+  * From Enterprise POV: top level container \= Enterprise, which can contain many orgs, which can contain many repos \+ teams  
+* Do we have a higher level issue, do we want to start a new one?  
+  * Let’s start with this, if it doesn’t exist already  
+  * Lelia to make issue for top-level ask to improve Scorecard experience for multi-org/many repo use case, link to above issues and any related  
+    * **Done: [https://github.com/ossf/scorecard/issues/4339](https://github.com/ossf/scorecard/issues/4339)**   
+* \[hannah\] How is the backlog going?  
+  * Lelia \- We got through the spreadsheet. I’ve been doing it where I can.   
+  * Stephen \- Spreadsheet was things that were old, incorrectly scoped, etc   
+    * We have been chatting amongst ourselves on the steering side for defined path forward for the triager. We need to define that. Part of the journey on the way to contributing to Scorecard.   
+    * Infrastructure contributor role to be defined  
+  * Now that contributor ladders from various Scorecard/OSSF projects have been merged, need to review language for accuracy and come up with more defined roles for triagers  
+  * Lelia \- The other thing about the contributor ladder is that the end state is that you’re a technical maintainer or infra person or whatever. You could be coming into it from being more on the Product side of things. All of those things I don’t believe you’d need maintainer access for. We could have a different type of graduation ladder.  
+    * Triager has the triage permission in GitHub but could be more  
+    * Always a challenge in OS to give visibility to the “glue work” /non-code contribution  
+  * Lelia \- I can file an issue where we say that the triager does not have a clear ladder and I can tag you, Hannah, so you can add context  
+    * **Done: [https://github.com/ossf/scorecard/issues/4338](https://github.com/ossf/scorecard/issues/4338)**   
+* Hannah: Are there any Scorecard specific activities at SOSS Fusion?  
+  * Stephen: Details to come, pretty sure the answer is “yes” 
+
+## Aug 22, 2024 (Pacific)
+
+Attendees
+
+* Spencer Schrock (Google)  
+* Jeff Mendoza (Kusari)  
+* Lelia Bray-Musso (Cisco)  
+* Avishay Balter (Microsoft)
+
+New Attendees
+
+* Tobias Heldt (tobias@cyberfame.io)
+
+Regrets
+
+* 
+
+Announcements
+
+* 
+
+Agenda
+
+* (Spencer) Looking at scalability for the weekly scan infrastructure  
+  * Currently at 95% capacity  
+  * Not much changes week to week though\!  
+    * 3.3% changed in the last week (current weekly scan cadence)  
+    * 6.9% changed in the last month  
+    * 18.2% changed in the last year  
+    *  50% changed in  the last 3.4 years  
+  * Any benefit for reducing current list of projects?  
+    * Scorecard action installed?  
+    * Renamed projects?  
+    * Deleted projects?  
+    * Archived projects?  
+    *   
+* (Jeff) Self-hosted GitHub Enterprise support PR in Allstar  
+  * [https://github.com/ossf/allstar/pull/559](https://github.com/ossf/allstar/pull/559)  
+  * Any comments appreciated  
+  * Testing can be a problem for GHES and maintaining Scorecard  
+    * Cisco has a GHES instance and may be able to test some things?  
+* (avishay) increase support in nuget ecosystem over the next month or so  
+  * Better powershell support [https://github.com/ossf/scorecard/issues/4253](https://github.com/ossf/scorecard/issues/4253)  
+    * Any good Go library for powershell parsing?  
+  * Csprojec restore locked mode [https://github.com/ossf/scorecard/issues/4251](https://github.com/ossf/scorecard/issues/4251)  
+    * Can we do post-processing if we detect a relevant file and marked unpinned to pin?  
+  * Consider nuget projects as pinned [https://github.com/ossf/scorecard/issues/4252](https://github.com/ossf/scorecard/issues/4252)  
+    * [https://devblogs.microsoft.com/nuget/building-a-safer-future-how-nuget-is-tackling-software-supply-chain-threats/](https://devblogs.microsoft.com/nuget/building-a-safer-future-how-nuget-is-tackling-software-supply-chain-threats/)  
+    * Similar to Go, using a package version has immutability even if not pinned  
+* 
+
+## Aug 8, 2024 (Pacific)
+
+Attendees
+
+* Allen Shearin (Lockheed Martin)  
+* Stephen Augustus (Cisco)  
+* Spencer Schrock (Google)  
+* Jeff Mendoza (Kusari)  
+* Joe Coyle (Lockheed Martin)  
+* Sarah Elder (NCSU)  
+* 
+
+New Attendees
+
+* Kevin Dix (Boeing)  
+  * Product security lead architect
+
+Regrets
+
+* Lelia Bray-Musso (Cisco)
+
+Announcements
+
+* 
+
+Agenda
+
+* Allstar re-deploy  
+  * No updates, work continues  
+* Spencer working on making Scorecard Action use the new Scorecard library entrypoint  
+  * Reduce API consumed, as noted in [https://github.com/ossf/scorecard-action/issues/1071](https://github.com/ossf/scorecard-action/issues/1071)  
+* Check ID PR  
+  * [https://github.com/ossf/scorecard/pull/4021](https://github.com/ossf/scorecard/pull/4021)  
+  * Spener to make an issue about current breaking cron output changes  
+  * Allen can back out the cron specific output so we can merge partially and coordinate the rest in the issue
+
+## Jul 25, 2024 (Pacific)
+
+Attendees
+
+* Lelia Bray-Musso (Cisco)  
+* Dana Wang (OpenSSF)  
+* Spencer Schrock (Google)  
+* Caroline Lee (IBM)  
+* Anjlica Malla (Goldman Sachs)  
+* Jeff Mendoza (Kusari)  
+* Sarah Elder (NCSU)  
+* Stephen Augustus (Cisco)
+
+New Attendees
+
+* Nell Shamrell-Harrington (Microsoft)
+
+Regrets
+
+* Ulises Gascón (One Beyond)  
+* Teba Gomez (Whalar)
+
+Announcements
+
+* \[Spencer\] Scorecard [V5 launched](https://github.com/ossf/scorecard/releases/tag/v5.0.0). Scorecard Action release today/tomorrow   
+* \[Jeff\] Allstar is updating to scorecard.Run() before releasing with V5  
+  * \[Stephen\] Also trying to improve operations for both Scorecard and Allstar  
+  * Feedback for how these products are/aren’t working for you: [https://github.com/ossf/allstar/issues/528](https://github.com/ossf/allstar/issues/528)
+
+Agenda
+
+* \[Nell\] Proposal to add checks for Scorecard for different language ecosystems with re: to memory safety best practices  
+  * Some prior discussion on this [GitHub issue](https://github.com/ossf/scorecard/issues/3736), but the conversation went stale some time ago  
+  * Want to know whether this is something we would like the Memory Safety SIG to continue to pursue or something the SIG should bring to Scorecard later  
+  * Have been compiling a list of best practices for memory safe / non memory safe by default languages.  
+  * Active work on increasing configurability of Scorecard, getting away from requiring every repo to run every check, moving towards probes  
+  * Doing analysis on memory safety makes sense, probes may be a good way to play around with that, Spencer can point in the right direction on how to get started  
+    * Independent Probes  
+      * [https://github.com/ossf/scorecard/pull/4052](https://github.com/ossf/scorecard/pull/4052)   
+  * Non-goal to suggest rewriting a project in a memory-safe language  
+  * To make this a maintainable reality, would require language / ecosystem SMEs in order to achieve parity  
+  * Additional resources:  
+    * [https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-memory-safe-by-default-languages.md)   
+    * [https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md](https://github.com/ossf/Memory-Safety/blob/main/docs/best-practice-non-memory-safe-by-default-languages.md)   
+* \[Lelia\] Do we need to fix the instructions [at the top of this doc](#meeting-info) re: google group to join?  
+  * I joined [ossf-scorecard-announce@googlegroups.com](mailto:ossf-scorecard-announce@googlegroups.com) for edit access, but the correct group appears to be [ossf-scorecard-dev@googlegroups.com](mailto:ossf-scorecard-dev@googlegroups.com)   
+  * Already fixed at the top of the doc  
+  * Request to OpenSSF Staff: Can we make another group owner for the doc?  
+    * Reach out in operations Slack channel  
+    * Should we audit this?  
+    * Not sure if multiple Google doc owners is possible  
+* \[Jeff\]  
+  * Scorecard as a library example documentation:  
+    * Do we have any?  
+    * Where would be a good place?  
+    * (I wrote up this example: [https://github.com/ossf/scorecard/issues/4254\#issuecomment-2250953095](https://github.com/ossf/scorecard/issues/4254#issuecomment-2250953095))  
+    * Currently Run() is buried under the Result type here: [https://pkg.go.dev/github.com/ossf/scorecard/v5@v5.0.0/pkg/scorecard\#Run](https://pkg.go.dev/github.com/ossf/scorecard/v5@v5.0.0/pkg/scorecard#Run)   
+  * We want to bring our docs together as closely as possible  
+    * A library consumer how-to doc would be worthwhile  
+      * Can take some of it from [https://github.com/ossf/scorecard/issues/3717](https://github.com/ossf/scorecard/issues/3717)   
+      * “Existing callers don’t need to change their signature, but those that want to customize the behavior can:”  
+    * Putting it in the go package documentation at the top seems reasonable, as long as we include a call-out to it in the README  
+    * Start with putting it as close to the code as possible, then make a more consumer-friendly markdown document \- Jeff to create a 2-step issue for this  
+  * New issue to capture this discussion: [https://github.com/ossf/scorecard/issues/4258](https://github.com/ossf/scorecard/issues/4258)   
+* \[Dana\] security baseline update if time permits  
+  * [OpenSSF Security Baseline](https://github.com/ossf/tac/blob/main/process/security_baseline.md) was officially established as an OpenSSF security standard as of July 23\. The baselines for sandbox are part of the TAC project lifecycle operating model. Baselines for incubating and graduated are in the process of being incorporated into the operating model.  
+    * Document needs optimization \- want to take Scorecard approach of making everything referenceable  
+    * Adoption tracking has been challenging \- 4 projects piloting, some are sandboxed  
+    * Flexibility in enabling vs enforcing \- On the enterprise level, enforcing means any org within enterprise will kick out members without 2FA enabled  
+    * Start with enablement to give opportunity for compliance, *then* enforce it  
+    * Larger conversation around what integration looks like for various Scorecard/OSSF projects, identifying overlap in checks that CLOMonitor vs Scorecard are running  
+  * [Adoption tracking](https://docs.google.com/spreadsheets/d/1LCLpN1Hgx7C9M9KNuvH5aN5vukYPmxrq_1dUQrDhnco/edit?gid=818010490#gid=818010490) has started, would like to hear the feedback from Scorecard for how to automate the tracking.  
+    * Put Scorecard on the list of pilot projects, working towards incubating status  
+    * Difficult to establish a clear baseline for whether projects are meeting requirements  
+    * Wondering if Scorecard structured results can help with this  
+    * Open question on Security Insights adoption \- not sure it’s recognized on GitHub API level. How to come into compliance with something you’re not informed of?  
+    * CNCF projects using security insights significantly more than OSSF (only GUAC)  
+    * Provide people with clear instructions, if they want to do it themselves, that’s great, or else we can do it on your behalf \- prioritize self-service and discoverability  
+  * [Security baseline SIG](https://github.com/ossf/security-baseline) was established   
+    * OK to add Scorecard to the list of [pilot projects](https://github.com/ossf/security-baseline)  
+* \[Dana\]if time permits, update on [architecture document draft](https://github.com/Danajoyluck/security-baseline/blob/Danajoyluck-patch-1/architecture/architecture/consumption-architecture-dependency-management.md) that includes the work of Allstar and Scorecard  
+  * Take a look and give feedback if anything about Scorecard is misrepresented  
+  * Best way to provide feedback? Dana to create draft PR for comments  
+* \[Anjlica\] Has there been talk about enhancing one of the probes with activity committed?  
+  * Name of probe is “has-recent-commits”  
+  * Currently has binary response, any plan to enhance beyond a binary check?  
+    * To some extent it is slightly more than binary already  
+    * [https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/probes/hasRecentCommits/impl.go\#L40-L41](https://github.com/ossf/scorecard/blob/ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4/probes/hasRecentCommits/impl.go#L40-L41)  
+  * Willing to contribute to this  
+  * There might be an issue already for this, it’s slightly more than binary already  
+  * Please feel free to open an issue for clarification, can discuss async, we can re-discuss at the next meeting as an agenda item if not resolved by then  
+  * 
+
+## Jul 11, 2024 (Pacific)
+
+Attendees
+
+* Jeff Mendoza (Kusari)  
+* Lelia Bray-Musso (Cisco)  
+* Spencer Schrock (Google)  
+* Caroline Lee (IBM)  
+* Allen Shearin (LM)  
+* Sarah Elder (NCSU)  
+* Raghav Kaul (Google)  
+* Dana Wang (OpenSSF)
+
+New Attendees
+
+* 
+
+Regrets
+
+* Stephen Augustus  
+* Ulises Gascón (One Beyond)  
+* Teba Gomez (Whalar)
+
+Announcements
+
+* Scorecard v5 release imminent ( O(days) )  
+  * Should be feature complete  
+  * Drafting release notes now
+
+Agenda
+
+* \[Dana\] OpenSSF [Security Baseline](https://github.com/ossf/tac/blob/a87572b75025e136bd951c3048c699003bb1a91b/process/security_baseline.md) has been [submitted](https://github.com/ossf/tac/pull/353) to the [TAC](https://github.com/ossf/tac)  
+  * Dana to attend today’s session — share motivation for the security baseline, discuss Scorecard’s involvement, get support promoting within the Scorecard universe  
+  * Scorecard is sometimes a measurement tool, and sometimes the requirement  
+    * Scorecard does some of this analysis already and allows the OpenSSF to monitor for regressions  
+      * Allstar would work well for regression, if you trust the public instance  
+  * After review, get some existing OpenSSF projects to try out the baseline  
+    * Later try to get some other LF foundations to try it out  
+  * The security baselines are two part  
+    * If projects have the resources to do the checks (in terms of maintainers)  
+    * What the impact would be if the project were compromised (more adopted projects can impact more software)  
+  * Security insights  
+    * Currently only GUAC has it in their repo?  
+    * (Related scorecard issues) [https://github.com/ossf/scorecard/issues/2305](https://github.com/ossf/scorecard/issues/2305)  
+  * Vulnerability check may be a partial measure, but not complete measure  
+  * How to measure the impact of Scorecard over time in terms of scorecard severity (Critical, High, Medium, etc)  
+    * Related dashboard work, Scorecard TSC needs to discuss  
+  * Have you considered Scorecard Monitor?  
+    * [https://github.com/ossf/scorecard-monitor](https://github.com/ossf/scorecard-monitor)
+
+## Jun 27, 2024 (Pacific)
+
+Attendees
+
+* Ulises Gascón (One Beyond)  
+* Allen Shearin (Lockheed Martin)  
+* Spencer Schrock (Google)  
+* Raghav Kaul (Google)  
+* Adrianne Marcum (OpenSSF)  
+* Sarah Elder (NCSU)
+
+New Attendees
+
+* 
+
+Regrets
+
+* Jeff Mendoza \- at CloudNativeSecurityCon  
+* Teba Gomez (Whalar)
+
+Announcements
+
+* New version of the Scorecard Monitor [https://github.com/ossf/scorecard-monitor/releases/tag/v2.0.0-beta8](https://github.com/ossf/scorecard-monitor/releases/tag/v2.0.0-beta8) 🎉  
+* V5 “soon”, some open PRs
+
+Agenda
+
+* Aggregating Scorecard scores across a dependency tree (NCSU Research Project)  
+  * Survey request? Or results?  
+  * Data still being processed  
+* 
+
+## Jun 24, 2024 (EMEA)
+
+Attendees
+
+* Adrianne Marcum (OpenSSF)  
+* Sarah Elder (NCSU)
+
+New Attendees
+
+* Gergely Csatari (Nokia)  
+* Shivam Agarwal (Nokia)
+
+
+  
+Regrets
+
+* Ulises Gascón (One Beyond)  
+* Teba Gomez (Whalar)
+
+Announcements
+
+* 
+
+Agenda
+
+* CI Check \- how to ensure that CI checks were actually ran and passed? [https://github.com/ossf/scorecard/issues/4191](https://github.com/ossf/scorecard/issues/4191)   
+  * ([https://openssf.slack.com/archives/C0235AR8N2C/p1714376086115049](https://openssf.slack.com/archives/C0235AR8N2C/p1714376086115049))  
+  * From Zoom chat: how can we get the logs for each commit for ci-tests?  
+  * CI check doesn’t run in the cron job  
+* Security policy check \- would it be possible to check for security policies somewhere else than in the SECURITY.md?  
+  * [https://github.com/ossf/scorecard/issues/4192](https://github.com/ossf/scorecard/issues/4192) 
+
+## Jun 13, 2024 (Pacific)
+
+Attendees
+
+* Jeff Mendoza (Kusari)  
+* Spencer Schrock (google)  
+* Sarah Elder (NCSU)  
+* Alex Klevans (NCSU)  
+* Raghav Kaul (Google)
+
+New Attendees
+
+* Teba Gomez (Whalar)  
+* Ulises Gascón (One Beyond)  
+* Annie Mao (Google)  
+* Chris de Almeida (IBM)
+
+Regrets
+
+* Stephen Augustus (Cisco)  
+* Lelia Bray-Musso (Cisco)  
+* Hannah Sutor (GitLab)
+
+Announcements
+
+* The OSSF Scorecard Visualizer ([https://github.com/ossf/scorecard-visualizer](https://github.com/ossf/scorecard-visualizer)) donation has finished  
+* The OSSF Scorecard Monitor ([https://github.com/ossf/scorecard-monitor/issues/79](https://github.com/ossf/scorecard-monitor/issues/79)) donation has finished
+
+Agenda
+
+* Scorecard Visualizer redirection issue  
+* Scorecard Monitor GH Marketplace publication agreement   
+* Lelia as triager: [https://github.com/ossf/scorecard/issues/4136](https://github.com/ossf/scorecard/issues/4136)  
+  * Any maintainer objections?  
+  * Note: Adrianne noticed that the triager role still does not allow label editing/creation, so this will be a continued limitation w/r/t issue triaging.   
+  * I (Lelia) won’t be able to attend this week’s sync due to an ongoing outage with my ISP, but let me know if I need to take any action to move the nomination forward, thanks\!  
+* Tsunami ([https://github.com/google/tsunami-security-scanner](https://github.com/google/tsunami-security-scanner))   
+  * Intersection with Scorecard, add probes/checks for these AI/ML related checks?  
+    * Ideally automated analysis of the repo, as well as analysis of the software runtime behaviour and/or their security feature/control  
+    * POC
+
+| Software | Category | Auth Supported | Can be Internet Exposed | Actively Exploited | Testing Range | Scanning Solution |
+| :---- | :---- | :---- | :---- | :---- | :---- | :---- |
+| [PyTorch Serve](https://github.com/pytorch/serve) | Model Serving | Yes | Yes\* (only the latest version with token based auth) | Yes |  | [Tsunami PytorchServe Exposed API Detector](https://github.com/google/tsunami-security-scanner-plugins/blob/27727598d9fe0fcf2e20c96bdfd0050e91a3c97a/google/detectors/exposedui/pytorch_serve/src/main/java/com/google/tsunami/plugins/detectors/exposedui/pytorchserve/PytorchServeExposedApiDetector.java#L64) |
+| [Ray](https://github.com/ray-project/ray) | Model Serving | No | No, RCE by design | Yes |  | [Tsunami Ray Exposed UI Detector for CVE-2023-48022](https://github.com/google/tsunami-security-scanner-plugins/blob/27727598d9fe0fcf2e20c96bdfd0050e91a3c97a/google/detectors/rce/ai/cve202348022/README.md) [Tsunami Ray Detector for CVE-2023-6019](https://github.com/google/tsunami-security-scanner-plugins/blob/27727598d9fe0fcf2e20c96bdfd0050e91a3c97a/google/detectors/rce/ai/cve20236019/README.md) |
+| [MLflow](https://github.com/mlflow/mlflow) | Model Serving | Yes | Yes\* (only newer versions) | ??? |  | [Tsunami MLflow Detector for CVE-2023-1777](https://github.com/google/tsunami-security-scanner-plugins/blob/master/community/detectors/mlflow_cve_2023_1177/README.md?plain=1) [Tsunami MLflow Detector for CVE-2023-6014](https://github.com/google/tsunami-security-scanner-plugins/blob/master/community/detectors/mlflow_cve_2023_6014/README.md) |
+| [Tensorflow Serving](https://github.com/tensorflow/serving) | Model Serving | No | Maybe (if inference should be publicly accessible) | ??? |  |  |
+| [H2O](https://github.com/h2oai/h2o-3) | Model Serving | Yes | Yes\* | ??? |  | [Tsunami H2O Exposed UI Detector](https://github.com/google/tsunami-security-scanner-plugins/blob/master/google/detectors/rce/ai/cve20236018/src/main/java/com/google/tsunami/plugins/cve20236018/Cve20236018Detector.java) |
+| [Argo Workflow](http://github.com/argoproj/argo-workflows) | Workflow Management | Yes | Yes\* | ??? |  | [Tsunami Argo Workflow Exposed UI Detector](https://github.com/google/tsunami-security-scanner-plugins/blob/master/google/detectors/exposedui/argoworkflow/src/main/java/com/google/tsunami/plugins/detectors/exposedui/argoworkflow/ExposedArgoworkflowDetector.java) |
+| [Argo CD](https://github.com/argoproj/argo-cd) | CI/CD | Yes | Yes\* | ??? |  | Tsunami plugin in development |
+
+  * Open an issue to discuss possibilities   
+  * May know more after Codename Internet CTF launches in July? Currently we are setting up securely and vulnerable configurations of OSS at [https://github.com/google/security-testbeds](https://github.com/google/security-testbeds)   
+  * Potentially collaborate with Best Practice group to provide best practice guidelines for configuring the AI related software  
+* Having both Scorecard Visualizer and the webapp “viewer”  
+  * Upcoming UX work  
+    * Known issues in scorecard-webapp
+
+## 2024-05-30 (Pacific) {#2024-05-30-(pacific)}
+
+Attendees
+
+* Lelia Bray-Musso (Cisco)  
+* Allen Shearin (LM)  
+* Spencer Schrock (Google)  
+* Stephen Augustus (Cisco)  
+* Jeff Mendoza (Kusari)  
+* Sarah Elder (NCSU)  
+* Alex Klevans (NCSU)
+
+New Attendees
+
+* 
+
+Regrets
+
+* Adrianne Marcum (OpenSSF)  
+* Hannah Sutor (GitLab)  
+* Lauri Apple
+
+Announcements
+
+* Allstar is developed as a part of the [OpenSSF Scorecard](https://github.com/ossf/scorecard) project.  
+  * [https://github.com/ossf/allstar?tab=readme-ov-file\#what-is-allstar](https://github.com/ossf/allstar?tab=readme-ov-file#what-is-allstar)   
+  * There’ll be more doc updates eventually, but we wanted to update obvious places now  
+* PR merged for letting people know who steering committee members are
+
+Agenda
+
+* \[Spencer\] Continue discussion of [OpenSSF Scorecard as a Supply Chain Linter](https://docs.google.com/document/d/1I5vtZWa0_64ruFP_MrSaTgzQrAHfh_NknA2feVOHdD4/edit?usp=sharing)  
+  * Idea: Have a baseline/default set of checks that are universally consistent, allow further customization from there  
+  * No specific feedback on the doc so far, but we may want to hold off until we have personas  
+  * \[jeff\] Some previous thoughts: [Scorecard UX for Annotations and Configuration](https://docs.google.com/document/d/1CcJeIr3Uskj84uwFQQHu12wEKRoO55rkCo7FzBA6jsc/edit#heading=h.n318i9hjmace)  
+    * This is an older doc, but is an example of prior art to show we’ve thought about this  
+    * Has some persona categories there we can use for inspiration  
+* \[Lelia\] Scorecard personas update  
+* \[Lelia\] [“Needs discussion” issue](https://docs.google.com/spreadsheets/d/1UuKvZLlWyIMVkXIz1CqGWPYV__f0xssldbayUOqIs04/edit#gid=452836399) progress  
+  * We have completed the “red” category (2021 or older)  
+  * We should probably run this same exercise on Allstar in the future  
+  * Scorecard also has two other repos: scorecard-action \+ scorecard-webapp  
+  * If donation goes through, then we’ll need to go through it again\!  
+    * We should look into label syncing between repos now that everything’s consolidating under ossf org  
+    * Description of the labels should also be documented in the repo  
+    * A lot of these labels are unique to scorecard, so not all of them need to be duplicated/synced across the org. Maybe just a set of generic ones?  
+    * Dependencydiff code removal  
+      * Consensus among present maintainers to remove deadcode  
+      * actions/dependency-review-action has the functionality  
+      * Spencer to comment and close / remove  
+    * [Scorecard-dependency analysis](https://github.com/ossf/scorecard-dependencyanalysis) \<- candidate to be archived  
+* \[Lauri\] [Label descriptions](https://docs.google.com/spreadsheets/d/1UuKvZLlWyIMVkXIz1CqGWPYV__f0xssldbayUOqIs04/edit#gid=293611645) progress  
+  * Lauri is unable to attend today, so we can continue this at a future session  
+* 
+
+## 2024-05-16 (Pacific)
+
+Attendees
+
+* Spencer Schrock (Google)  
+* Jeff Mendoza (Kusari)  
+* Hannah Sutor (GitLab)  
+* Lelia Bray-Musso (Cisco)  
+* Stephen Augustus (Cisco)
+
+New Attendees
+
+* 
+
+Regrets
+
+* 
+
+Announcements
+
+* 
+
+Agenda
+
+* \[Lauri\] [Label descriptions](https://docs.google.com/spreadsheets/d/1UuKvZLlWyIMVkXIz1CqGWPYV__f0xssldbayUOqIs04/edit#gid=293611645) progress  
+  * Priority & urgency?  
+* \[Lelia\] [“Needs discussion” issue](https://docs.google.com/spreadsheets/d/1UuKvZLlWyIMVkXIz1CqGWPYV__f0xssldbayUOqIs04/edit#gid=452836399) progress  
+* \[Spencer\] [OpenSSF Scorecard as a Supply Chain Linter](https://docs.google.com/document/d/1I5vtZWa0_64ruFP_MrSaTgzQrAHfh_NknA2feVOHdD4/edit?usp=sharing)  
+  * \[jeff\]Some previous thoughts: [Scorecard UX for Annotations and Configuration](https://docs.google.com/document/d/1CcJeIr3Uskj84uwFQQHu12wEKRoO55rkCo7FzBA6jsc/edit#heading=h.n318i9hjmace)  
+* \[Stephen\] Updates on survey things?
+
+## 2024-05-02 (Pacific)
+
+Attendees
+
+* Jeff Mendoza (Kusari)  
+* Adrianne Marcum (OpenSSF)  
+* Stephen Augustus (Cisco)  
+* Lelia Bray-Musso (Cisco)  
+* Lauri Apple  
+* Caroline Lee (IBM)  
+* Spencer Schrock (Google)  
+* Sarah Elder (NCSU)
+
+New Attendees
+
+* 
+
+Regrets
+
+* 
+
+Announcements
+
+* \[Jeff\] Allstar  
+  * New release tomorrow (with v5 scorecard)  
+  * Public instance is having reliability issues  
+* 
+
+Agenda
+
+* \[Stephen\] Creating the Scorecard Universe: [https://github.com/ossf/scorecard/issues/4073](https://github.com/ossf/scorecard/issues/4073)   
+  * Will anyone be joining from Scorecard Monitor and Scorecard API Visualizer? Yes, once the tasks outlined in the issue are underway, those maintainers will be pulled in more.  
+  * Approval and permissions will be separated by area of expertise  
+* \[Lauri\] survey results \+ spreadsheet  
+  * **AI:** bucket roles into top personas (soft-yes Adrianne and Lauri)  
+  * **AI:** priority re: org size means prioritizing deployment as many orgs/repos as quickly as possible  
+  * **AI:** tool should be useful for lay person, \# of sec supply chain startup folks should go down over time  
+  * **AI:** badge factoring into decisions based on pressuring maintainers or not?  
+    * Followup survey: Didn’t know about it, or know about it and you don’t want to advertise your score? One use case is private repos – don’t need a badge.  
+  * **AI:** ask people what’s preventing them from using Scorecard–is the “unclear” stuff to blame?  
+  * **AI:** Find out more about what does the badge mean to different audiences?  
+  * **AI:** I wonder if any of the three "hasn't helped us" respondents offered to do user interviews? Find out if so, and follow up with them in those interviews; same for “hasn’t helped us”; for the 16.2% “not sure” can follow up later  
+  * If you're using \[the X\], were you able to install Scorecard in less than 10 minutes?  
+    * 77.3% said yes for CLI  
+    * 68% said yes for GitHub Action; should focus on this to help highest number of checks run (66.7%)  
+  * **Acceptable Rate of false negatives:** 73.5% said rate of 5% or less. But getting false negatives:  
+    * SAST 37.9%  
+    * Pinned Dependencies 17.9%  
+    * Security Policy 17.2%  
+    * Signed Releases 16%  
+    * Vulnerabilities 14.3%  
+    * Fuzzing 13.8%  
+    * CI Tests 13.8%  
+    * Token Permissions 12.5%  
+    * Packaging 12%  
+    * Dependency-Update-Tool 10.7%  
+    * Code Review 10.3%  
+    * Binary Artifacts 6.9%  
+  * **Acceptable Rate of false positives:** 64.7% said rate of 5% or less. But getting false positives:  
+    * Pinned Dependencies 26.9%  
+    * SAST 25%  
+    * Maintained 17.4%  
+    * Signed-Releases 17.4%  
+    * Dangerous Workflow 16.7%  
+    * Dependency-Update-Tool 15.4%  
+    * Vulnerabilities 15.4%  
+    * CI Tests 14.3%  
+    * Contributors 13%  
+    * Packaging 13%  
+    * Pinned Dependencies 11.5%  
+    * Binary Artifacts 10.7%  
+    * Fuzzing 10.7%  
+    * Token Permissions 8.3%  
+    * Branch Protection 7.1%  
+  * **Unclear purpose**  
+    * Dangerous workflow 75%  
+      * This is interesting. Could be tracking issue about projects not interested in adopting Scorecard because “these checks have no value in my ecosystem.” Is this related? Could require docs embellishment.   
+      * Confusion around “CRITICAL” rank/weighting  
+        * [https://github.com/ossf/scorecard/issues/3990](https://github.com/ossf/scorecard/issues/3990)   
+    * Binary Artifacts 58.8%  
+    * Fuzzing 58.8%  
+    * Webhooks 58.3%  
+  * **Most important, Source**  
+    * Code Review (9)  
+    * Branch Protection (9)  
+  * **Most important, Build**  
+    * Token Permissions (18)  
+    * Dangerous Workflow (14)  
+    * Webhooks (26 in 3rd place)  
+  * **Most important, Dependencies**  
+    * Vulnerabilities (21)  
+    * Dependency Update Tool  
+    * Pinned Dependencies (20 in 3rd place)  
+  * **Most important, Package and Miscellaneous**  
+    * Maintained (10)  
+    * CII-Best-Practices (9)  
+    * Signed Releases (5)  
+  * **Proposed checks, ranked by interest in:**  
+    * Secret Scanning 122 points  
+    * Security Audit 116 points  
+    * Validates Domains 106 points  
+  * 14 respondents were open to direct interviews; will follow up after deeper dive 
+
+## 2024-04-29 (EMEA)
+
+Attendees
+
+* Adrianne Marcum (OpenSSF)  
+* Georg Kunz (Ericsson)  
+* Neal McBurnett  
+* 
+
+New Attendees
+
+* 
+
+Regrets
+
+* 
+
+Agenda
+
+* 
+
+## 2024-04-04 (Pacific)
+
+Attendees
+
+* Lelia Bray-Musso (Cisco)  
+* Lauri Apple  
+* Louis Vera  
+* Allen Shearin (LM)  
+* Jeff Mendoza (Kusari)  
+* Spencer Schrock (Google)  
+* Hannah Sutor (GitLab)  
+* Caroline Lee (IBM)  
+* Stephen Augustus (Cisco)  
+* Jared Miller (SAP)
+
+New Attendees
+
+* 
+
+Regrets
+
+* Adrianne Marcum (OpenSSF)
+
+Announcements
+
+* Ongoing Reminder: OpenSSF Scorecard New Contributor Workshop co-located at OSS NA \<[link](https://events.linuxfoundation.org/open-source-summit-north-america/features/co-located-events/#openssf-scorecard-new-contributor-workshop)\>  
+  * Will need to update onboarding docs and prepare good first issues  
+* Ongoing Reminder: User survey open through April 20, 2024 \<[link](https://docs.google.com/forms/d/e/1FAIpQLSfEgrFVBhin9pClvWSv6WirZW3yKaIvhZAU_CPqR29_yIJl8g/viewform?usp=sf_link)\> – please share in your networks. We’ve got 16 responses so far  
+  * Related: use survey data will, among other things, help us prioritize contents about checks and draft strategy doc … see Miro ([https://miro.com/app/board/uXjVN7\_ijXQ=/](https://miro.com/app/board/uXjVN7_ijXQ=/))  
+* Allstar:  
+  * Comment on: Policy for checking for arbitrary file existence: [https://github.com/ossf/allstar/issues/500](https://github.com/ossf/allstar/issues/500)   
+  * Updating from Scorecard v4.13.1 to head ([https://deps.dev/go/github.com%2Fossf%2Fscorecard%2Fv4](https://deps.dev/go/github.com%2Fossf%2Fscorecard%2Fv4))  
+    * Note: v5 Scorecard release by OSS NA
+
+* Maintainer team has been reviewing Scorecard project charter  
+  * Once project can be shipped under LF project umbrella, Scorecard can start to accept other projects as donations (eg. scorecard-monitor)
+
+Agenda
+
+* \[Lauri\] Some issue triage / whatever we can do  
+* Documenting common understanding/definition of labels \- great task for triagers to work on  
+* How to run Allstar  
+  * As a service (original)  
+    * Polls in a loop  
+    * Webhooks never implemented  
+  * As a cron job \- single loop  
+  * As a GitHub Action  
+* Allstar runtime credentials  
+  * GitHub App (current)  
+  * PAT  
+    * Needs to be scoped to many repos or an org  
+    * CLI params list repos/orgs to run on  
+* AI: Take a look at the “needs discussion” items and consolidate into some bullet points to inform broader conversation about “what goes in and what stays out” of Scorecard; hold off on discussions (Lelia and Lauri to do)  
+  * Need to process user feedback once survey closes, creates some buckets around “needs discussion”   
+* AI: Make new issue based off: [https://github.com/ossf/scorecard/issues/3687](https://github.com/ossf/scorecard/issues/3687) 
+
+## 2024-04-01 (EMEA)
+
+Attendees
+
+* Adrianne Marcum (OpenSSF)  
+* Lelia Bray-Musso (Cisco)  
+* 
+
+New Attendees
+
+* 
+
+Announcements
+
+* OpenSSF Scorecard New Contributor Workshop co-located at OSS NA \<[link](https://events.linuxfoundation.org/open-source-summit-north-america/features/co-located-events/#openssf-scorecard-new-contributor-workshop)\>  
+  * Will need to update onboarding docs and prepare good first issues  
+* User survey open through April 20, 2024 \<[link](https://docs.google.com/forms/d/e/1FAIpQLSfEgrFVBhin9pClvWSv6WirZW3yKaIvhZAU_CPqR29_yIJl8g/viewform?usp=sf_link)\>
+
+Agenda
+
+* 
+
+## 2024-03-21 (Pacific)
+
+Attendees
+
+* Spencer Schrock (Google)  
+* Ian Dunbar-Hall (Lockheed Martin)  
+* Allen Shearin (Lockheed Martin)  
+* Raghav Kaul (Google)  
+* Caroline Lee (IBM)  
+* Gabriela Gutierrez (Google)  
+* Sarah Elder (NCSU)  
+* Adrianne Marcum (OpenSSF)  
+* Hannah Sutor (GitLab)  
+* 
+
+New Attendees
+
+* Aaron Bacchi (Labelbox)
+
+Announcements
+
+* OpenSSF Scorecard New Contributor Workshop co-located at OSS NA \<[link](https://events.linuxfoundation.org/open-source-summit-north-america/features/co-located-events/#openssf-scorecard-new-contributor-workshop)\>  
+  * Will need to update onboarding docs and prepare good first issues  
+* User survey open through April 20, 2024 \<[link](https://docs.google.com/forms/d/e/1FAIpQLSfEgrFVBhin9pClvWSv6WirZW3yKaIvhZAU_CPqR29_yIJl8g/viewform?usp=sf_link)\>
+
+Agenda
+
+* (Raghav) [Proposal: Scorecard SLSA Attestation Probe](https://docs.google.com/document/d/1dziCiVVBEgtpdGp-C9Nls6ryrXFWz1DR9T5E9THesXk/edit?usp=sharing)  
+  * Discussion mainly in the doc through the form of comments  
+  * The proposal talks about multiple challenges. Not all of them are being addressed, because some of the challenges are currently untenable (downloading artifacts, finding public keys, etc).  
+  * Interfaces allows for multiple implementations  
+    * Deps.dev may be best API currently, but no reason we cant use NPM or other package manager APIs directly  
+  * Any other provenance/attestation formats to consider when designing/generalizing?  
+    * Hard when not many package managers support any, and npm is just slsa only for now  
+  * Will be tracking work against [https://github.com/ossf/scorecard/issues/3038](https://github.com/ossf/scorecard/issues/3038)   
+* 
+
+## 2024-03-07 (APAC)
+
+Attendees:
+
+* Jeff Mendoza (Kusari)  
+* Lelia Bray-Musso (Cisco)  
+* Caroline Lee (IBM)  
+* Adrianne Marcum (OpenSSF)  
+* Spencer Schrock (Google)  
+* Allen Shearin (Lockheed Martin)  
+* Lauri Apple  
+* Reden Martinez (Linux Foundation)  
+* Joe Coyle (Lockheed Martin)
+
+New Attendees \- Welcome\!:
+
+* Louis Vera
+
+Announcements: 
+
+* OpenSSF Scorecard New Contributor Workshop co-located at OSS NA \<[link](https://events.linuxfoundation.org/open-source-summit-north-america/features/co-located-events/#openssf-scorecard-new-contributor-workshop)\>  
+  * Will need to update onboarding docs and prepare good first issues  
+* OpenSSF Scorecard talk accepted at OSS NA  
+* OpenSSF Scorecard Tech Talk scheduled for next week (March 13\) \- register [here](https://openssf.org/blog/2024/03/04/come-to-first-openssf-tech-talk-of-the-year-on-scorecard/)  
+* Scorecard [Blog Post](https://openssf.org/blog/2024/03/05/openssf-scorecard-evaluating-and-improving-the-health-of-critical-oss-projects/) mentions things to come  
+  * “Finally, the OpenSSF Scorecard website, including documentation and API is changing from securityscorecards.dev to scorecard.dev. The new site is up and running. **We’ll continue to host api.securityscorecards.dev for 12 months, afterwhich the API will redirect to api.scorecard.dev**. Migrate your applications, or ensure you follow redirects.:  
+* Allstar:  
+  * Working with Dana on [OpenSSF Security MVP Draft](https://docs.google.com/document/d/1-NBXdKvEJ9Wsh2i7lDNYven4fY9Bn6uvNJM5ySlMrdg/edit?usp=sharing). Will be adding org-level policy checks.  
+  * New deploy last week causing some stability problems this week. Working on getting that fixed.
+
+Agenda:
+
+* \[Adrianne+Lauri\] Review user survey with incorporated feedback (inclusive to folks not in orgs, time estimates, fewer required questions); hope to share by EOW \<[link](https://docs.google.com/forms/d/e/1FAIpQLSfEgrFVBhin9pClvWSv6WirZW3yKaIvhZAU_CPqR29_yIJl8g/viewform?usp=sf_link)\>  
+  * Next step: Ping Amanda to send out to whole community  
+  * Checked that it doesn’t collect email addresses  
+  * Can we extend the survey open time until after OSSNA (week of Apr 15-19)  
+  * Feedback  
+    * Job title, recommend adding SWE as an alias for one of the options  
+    * Post-meeting update: Feedback shared during the meeting is now incorporated  
+* \[Lauri\] Show off new project board [https://github.com/orgs/ossf/projects/24/views/1](https://github.com/orgs/ossf/projects/24/views/1) and  
+  * Capacity: [https://github.com/orgs/ossf/projects/24/views/2](https://github.com/orgs/ossf/projects/24/views/2)   
+  * Roadmap: [https://github.com/orgs/ossf/projects/24/views/4](https://github.com/orgs/ossf/projects/24/views/4)   
+  * Priority field built into GitHub now – Lauri set three options (must, should, nice to have)  
+  * There are a few more columns right now as we sort through items  
+* \[Lauri\] Finish reviewing and prioritizing bugs [https://miro.com/app/board/uXjVN7\_ijXQ=/?moveToWidget=3458764576985195132\&cot=10](https://miro.com/app/board/uXjVN7_ijXQ=/?moveToWidget=3458764576985195132&cot=10)  
+* Let’s timebox miro review for \~20 mins, then look over updated survey in last 5-10 
+
+## 2024-03-04 (EMEA)
+
+Attendees:
+
+* Laurent Simon (Google)  
+* Adrianne Marcum (OpenSSF)  
+* Lelia Bray-Musso (Cisco)  
+* Reden Martinez (Linux Foundation)  
+* Sarah Elder (NCSU)  
+* Jared Miller (SAP)
+
+New Attendees \- Welcome\!:
+
+* Hannah Sutor (GitLab)  
+* Martina Goetz (SAP SE)
+
+Announcements: 
+
+* OpenSSF Scorecard New Contributor Workshop co-located at OSS NA \<[link](https://events.linuxfoundation.org/open-source-summit-north-america/features/co-located-events/#openssf-scorecard-new-contributor-workshop)\>  
+  * Will need to update onboarding docs and prepare good first issues  
+* Scorecard talk accepted at OSSA NA
+
+Agenda:
+
+* Looking to map checks/probes to where they fit in standards  
+* Users thinking about both rooting out bad dependencies, but also meeting compliance standards
+
+## 2024-02-22 (APAC)
+
+Attendees:
+
+* Caroline Lee (IBM)  
+* Allen Shearin (Lockheed Martin)  
+* Spencer Schrock (google)  
+* Lelia Bray-Musso (Cisco)  
+* Joe Coyle (Lockheed Martin)  
+* Adrianne Marcum (OpenSSF)
+
+New Attendees \- Welcome\!:
+
+* Sarah Evans (Dell, Risk API)  
+* Rahul (Microsoft)
+
+Announcements: 
+
+* 
+
+Agenda:
+
+* Upcoming Scorecard Tech Talk (Caroline)  
+  * Intro to scorecard.  
+  * New OpenSSF tech talk series  
+* Forthcoming Sbom Check Draft MR (Allen)  
+  * Related to issues:  
+    * [https://github.com/ossf/scorecard/issues/3574](https://github.com/ossf/scorecard/issues/3574)  
+    * [https://github.com/ossf/scorecard/issues/2605](https://github.com/ossf/scorecard/issues/2605)   
+* Suggestions by Lauri, who can’t join—gather around the Miro ([https://miro.com/app/board/uXjVN7\_ijXQ=/](https://miro.com/app/board/uXjVN7_ijXQ=/)) and:  
+  * sign off on the labeling suggestions  
+    * Deletions are fine  
+  * Common prefix  
+    * Good, but consistency needed  
+  * Spaces vs kebab case  
+    * Dont have to double quote when doing queries  
+  * Prioritization good change  
+  * figure out a plan to add labels to items so we can organize them accurately  
+    * Workflow that runs on newly created issues  
+  * finish prioritizing the bug items, with an eye toward closing as many of them as possible  
+    * async  
+  * Take a look at this draft user survey and add notes for me to act on next week: [https://docs.google.com/forms/d/e/1FAIpQLSfEgrFVBhin9pClvWSv6WirZW3yKaIvhZAU\_CPqR29\_yIJl8g/viewform?usp=sf\_link](https://docs.google.com/forms/d/e/1FAIpQLSfEgrFVBhin9pClvWSv6WirZW3yKaIvhZAU_CPqR29_yIJl8g/viewform?usp=sf_link).   
+    * [@John Klein](https://openssf.slack.com/team/U05HYRLNCTB) has editing access to this, and I'm happy to share with anyone else who wants to actively work on it.   
+    * Please note that for now the questions aren't in any particular order and that there might be too many questions overall—this is in "dumping ground" state :)  
+    * Add documentation questions\!  
+    * Weekend warrior UX?  
+      * Follow up with Mike  
+    * Some questions organization focused  
+      * Not everyone is in an organization  
+    * Time required? Optional questions? Avoiding required ones  
+      * Be clear about time up front  
+    *   
+* 
+
+## 2024-02-08 (APAC)
+
+Attendees:
+
+* Spencer Schrock (google)  
+* David A. Wheeler (Linux Foundation)  
+* Jared Miller (SAP)  
+* Raghav Kaul  
+* Lauri A  
+* John Klein (Capital One)  
+* Allen Shearin (Lockheed Martin)  
+* Adrianne Marcum (LF OpenSSF)  
+* 
+
+Regrets
+
+* 
+
+New Attendees \- Welcome\!
+
+* 
+
+Agenda 
+
+* Implement decision from last time: “Adapt standing community meetings to be half-office hours, half-planning”  
+  * Let’s do the reverse order. We’ll do agenda items first, then free-form. That way people can prepare & make progress on planned items.  
+* Review AIs from last time  
+* Label cleanup  
+  * Areas that aren’t checks, group similar labels
+
+* Review bug issues/org on prio matrix [https://miro.com/app/board/uXjVN7\_ijXQ=/](https://miro.com/app/board/uXjVN7_ijXQ=/)   
+* Callout: strategy doc now drafted—next steps: [Security Scorecard charter/strategy draft](https://docs.google.com/document/d/1MHVTaAynPoCKYRHB0EQIi4LxHtYHuWpR4SEBFfBIqTc)  
+  * Leave comments  
+  * Sign off  
+  * Post to repo  
+* Survey Questions for next time?  
+* Free-form discussion / office hours (standing agenda item)
+
+## 2024-02-05 (EMEA)
+
+Attendees:
+
+* Adrianne Marcum (OpenSSF)  
+* Raghav Kaul (Google)  
+* Lelia Bray-Musso (Cisco)  
+* Sarah Elder (NCSU)  
+* Lauri Apple  
+* Maximilian Huber (TNG Technology Consulting)
+
+Regrets
+
+* 
+
+New Attendees \- Welcome\!
+
+* Antonio (Toni) Pereira (Google)
+
+Agenda 
+
+* Going over backlog: [https://miro.com/app/board/uXjVN7\_ijXQ=/](https://miro.com/app/board/uXjVN7_ijXQ=/) 
+
+## 2024-01-25 (APAC)
+
+Attendees:
+
+* Allen Shearin (Lockheed)  
+* Caroline Lee (IBM)  
+* Spencer Schrock (Google)  
+* Lelia Bray-Musso (Cisco)  
+* Stephen Augustus (Cisco)  
+* Patricia Tarro (Dell Technologies)  
+* John Klein (Capital One)  
+* Lauri Apple
+
+New Attendees \- Welcome\!
+
+* Jared Arave (Tanium)  
+* Lelia Bray-Musso (Cisco)  
+* Patrick Kwiatkowski (Lockheed Martin)  
+* Jared Miller (SAP)
+
+Agenda:
+
+* \[Lauri\] Update on strategy doc and Action Items; finishing up checks prioritization  
+  * ([Miro link](https://miro.com/app/board/uXjVN7_ijXQ=/) from last time)
+
+## 2024-01-11 (APAC)
+
+Attendees:
+
+* Spencer Schrock (Google)  
+* David A. Wheeler (Linux Foundation)  
+* Allen Shearin (Lockheed)  
+* Jeff Mendoza (Kusari)  
+* John Klein (Capital One)  
+* Patricia Tarro (Dell Technologies)  
+* Pedro Nacht (Google)  
+* Lauri Apple  
+* Raghav Kaul (Google)
+
+Regrets
+
+* Adrianne Marcum (OpenSSF) can only attend first half on mobile
+
+New Attendees \- Welcome\!
+
+* John Klein (Capital One)  
+* Patricia Tarro (Dell Technologies)  
+* Lelia Bray-Musso (Cisco)
+
+Agenda 
+
+* Spencer Schrock leading today’s meeting  
+* Do we have any priority items before doing backlog review?  
+  * None noted.  
+* Review (long\!) backlog items that propose A) new checks or B) substantial(-ish) adjustments to existing checks. To prepare, I've created this Miro: [https://miro.com/app/board/uXjVN7\_ijXQ=/?share\_link\_id=559268244976](https://miro.com/app/board/uXjVN7_ijXQ=/?share_link_id=559268244976)  
+  * Sourced from [https://github.com/ossf/scorecard](https://github.com/ossf/scorecard)  
+  * Async in Between now and next meeting, async work on step 3 of Miro agenda
+
+## 2024-01-08 (EMEA)
+
+Attendees:
+
+* Adrianne Marcum (OpenSSF)  
+* Lauri Apple  
+* Maximilian Huber (TNG Technology Consulting)  
+* David A. Wheeler  
+* Raghav Kaul  
+* Lucas Gonze
+
+
+  
+Regrets
+
+* 
+
+New Attendees
+
+* Lucas Gonze
+
+Agenda 
+
+* Quick housekeeping question \- would the group like staff to create a new 2024 notes template and upload previous notes to GitHub?  
+  * Prefer to continue with this document  
+* Discuss [https://github.com/ossf/tac/issues/169\#issuecomment-1871056697](https://github.com/ossf/tac/issues/169#issuecomment-1871056697) and [https://github.com/ossf/wg-best-practices-os-developers/issues/344](https://github.com/ossf/wg-best-practices-os-developers/issues/344) if there is interest, otherwise, will cover in next Best Practices WG meeting  
+* Backlog review  
+  * [Link to sheet](https://docs.google.com/spreadsheets/d/1UuKvZLlWyIMVkXIz1CqGWPYV__f0xssldbayUOqIs04/edit#gid=293611645) with some notes about 100 issues I/Lauri scanned  
+  * Ideally 2-4 dedicated volunteers can work with me to focus on reviewing and prioritize, pull together a roadmap draft
+
+Meeting Notes
+
+* Quick housekeeping question \- would the group like staff to create a new 2024 notes template and upload previous notes to GitHub?  
+  * Prefer to continue with this document  
+* Discuss [https://github.com/ossf/tac/issues/169\#issuecomment-1871056697](https://github.com/ossf/tac/issues/169#issuecomment-1871056697) and [https://github.com/ossf/wg-best-practices-os-developers/issues/344](https://github.com/ossf/wg-best-practices-os-developers/issues/344) if there is interest, otherwise, will cover in next Best Practices WG meeting  
+  * Issue opened with recommendations to level up OpenSSF  
+  * Specific recommendations similar to workflows used by OSPOs  
+  * What is the benefit or what is missing compared with the BP Badge json output?  
+    * Converting the json is an extra step  
+  * There is also UI in BP Badges, though it is not obvious (to some) and has not been noticed  
+    * There is a button at the top that hides met criteria  
+    * Why are some people not seeing this? Maybe the buttons don’t have enough contrast; if we switch them to have more contrast, maybe that’d be more obvious \- [https://github.com/coreinfrastructure/best-practices-badge/issues/2093](https://github.com/coreinfrastructure/best-practices-badge/issues/2093)  
+  * Which remediation should be used? Direct to documentation about specific checks or criteria or to a full checklist with all items? Where does this tool fit within Scorecard?  
+    * Ideally Scorecard would output a kanban board  
+  * There is interest in this feature though no concrete design concept. Currently creating GH issue to dump json and individuals create separate issues with specific fixes  
+  * Creating output that fits into project’s existing workflows will solve the problem. Can create a script to use GH CLI to create issue including To Do list from Scorecard feedback.  
+  * Scorecard Monitor  
+  * Allstar can create issues based on findings from checks and automate closing issues when problem is resolved. Includes some checks from Scorecard and others.  
+  * Markdown to copy/paste into a GitHub issue (or GitLab issue) is probably best “bang for buck” \- it’s widely supported, there may social pressure to do more. Maybe csv also.  
+    * Best Practices badge: New issue here: [https://github.com/coreinfrastructure/best-practices-badge/issues/2094](https://github.com/coreinfrastructure/best-practices-badge/issues/2094)  
+  *   
+* Backlog review  
+  * [Link to sheet](https://docs.google.com/spreadsheets/d/1UuKvZLlWyIMVkXIz1CqGWPYV__f0xssldbayUOqIs04/edit#gid=293611645) with some notes about 100 issues I/Lauri scanned  
+  * Ideally 2-4 dedicated volunteers can work with me to focus on reviewing and prioritize, pull together a roadmap draft  
+  * 2FA check? [https://github.com/ossf/scorecard/issues/7](https://github.com/ossf/scorecard/issues/7) . GitHub automatic. GitLab, requires admin to do it [https://forum.gitlab.com/t/retrieving-mfa-status-via-api/89759/4](https://forum.gitlab.com/t/retrieving-mfa-status-via-api/89759/4)