From f2aa83a7314a08dfdc337acbb711d6840023f2b1 Mon Sep 17 00:00:00 2001 From: Tana M Berry Date: Mon, 11 Dec 2023 15:26:36 -0600 Subject: [PATCH 01/16] root: update security policy to include link to cure53 report (#7853) * add links to the cure53 audit results * fix link * link * fighting with Docu * removed link for now * use absolute link --------- Co-authored-by: Tana Berry --- SECURITY.md | 4 ++++ website/docs/security/2023-06-cure53.md | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 0d9d6a673..9bb674f23 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,5 +1,9 @@ authentik takes security very seriously. We follow the rules of [responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure), and we urge our community to do so as well, instead of reporting vulnerabilities publicly. This allows us to patch the issue quickly, announce it's existence and release the fixed version. +## Independent audits and pentests + +In May/June of 2023 [Cure53](https://cure53.de) conducted an audit and pentest. The [results](https://cure53.de/pentest-report_authentik.pdf) are published on the [Cure53 website](https://cure53.de/#publications-2023). For more details about authentik's response to the findings of the audit refer to [2023-06 Cure53 Code audit](https://goauthentik.io/docs/security/2023-06-cure53). + ## What authentik classifies as a CVE CVE (Common Vulnerability and Exposure) is a system designed to aggregate all vulnerabilities. As such, a CVE will be issued when there is a either vulnerability or exposure. Per NIST, A vulnerability is: diff --git a/website/docs/security/2023-06-cure53.md b/website/docs/security/2023-06-cure53.md index 3df339e81..55d65d12d 100644 --- a/website/docs/security/2023-06-cure53.md +++ b/website/docs/security/2023-06-cure53.md @@ -1,8 +1,8 @@ # 2023-06 Cure53 Code audit -In May/June of 2023, we've had a Pen-test conducted by [Cure53](https://cure53.de). The following security updates, 2023.4.2 and 2023.5.3 were released as a response to the found issues. +In May/June of 2023, we've had a Pentest conducted by [Cure53](https://cure53.de). The following security updates, 2023.4.2 and 2023.5.3 were released as a response to the found issues. -From the complete report, these are the points we're addressing with this update: +From the [complete report](https://cure53.de/pentest-report_authentik.pdf), these are the points we're addressing with this update: ### ATH-01-001: Path traversal on blueprints allows arbitrary file-read (Medium) From 333d781f92ea20da4d496fa0d08eff1ac4af4706 Mon Sep 17 00:00:00 2001 From: Philipp Kolberg <39984529+PKizzle@users.noreply.github.com> Date: Tue, 12 Dec 2023 01:24:35 +0100 Subject: [PATCH 02/16] documentation: Improve explanation of `kubernetes_json_patches` (#7832) Co-authored-by: Marc 'risson' Schmitt --- website/docs/outposts/_config.md | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/website/docs/outposts/_config.md b/website/docs/outposts/_config.md index f1b3e8792..ce013b625 100644 --- a/website/docs/outposts/_config.md +++ b/website/docs/outposts/_config.md @@ -64,9 +64,17 @@ kubernetes_image_pull_secrets: [] # (Available with 2022.11.0+) # Applies to: proxy outposts kubernetes_ingress_class_name: null -# Optionally apply an RFC 6902 compliant patch to the Kubernetes objects. This value expects -# a mapping of a key which can be any of the values from `kubernetes_disabled_components`, -# which configures which component the patches are applied to. For example: +# Optionally apply an RFC 6902 compliant patch to the Kubernetes objects. +# For an understanding of how this works, refer to the link below: +# https://github.com/kubernetes-sigs/kustomize/blob/master/examples/jsonpatch.md +# +# This value expects a mapping where the key represents +# the Kubernetes component that shall be patched. +# It can be any of the same values supported by `kubernetes_disabled_components`. +# +# For example use this patch to add custom resource requests and limits +# to the outpost deployment: +# # deployment: # - op: add # path: "/spec/template/spec/containers/0/resources" From 38272e8a6821a416907cf5e1bdc6bca80a8265ee Mon Sep 17 00:00:00 2001 From: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com> Date: Tue, 12 Dec 2023 03:04:39 -0800 Subject: [PATCH 03/16] web: refactor the table renderer for legibility (#7433) * web: break circular dependency between AKElement & Interface. This commit changes the way the root node of the web application shell is discovered by child components, such that the base class shared by both no longer results in a circular dependency between the two models. I've run this in isolation and have seen no failures of discovery; the identity token exists as soon as the Interface is constructed and is found by every item on the page. * web: fix broken typescript references This built... and then it didn't? Anyway, the current fix is to provide type information the AkInterface for the data that consumers require. * Refactor the Table component for legiibility. This commit does not change the functionality of the Table, nor does it require any changes to existing uses of the Table. It will probably be easier to review this by looking at the `View Code` in the upper-right-hand corner of GitHub's reviewer; that or side-by-side, if your monitor is wide-enough. The existing Table component is used 49 times (at last count) in authentik, and those uses are wide-ranging and complex, but they all come down to a couple of entries: - Displaying a row of summary information - Permitting the display of more complex ("expanded") information - Displaying a collection of rows - Displaying a collection of rows grouped by some header - Pagination of many rows - Permitting an action on the visible rows - *Not* blocking events that may happen on a cell or expansion - Providing a toolbar - Providing a display of "selected items" when using the table as a multi-select with many pages of items (chips display) - Providing sort functionality on columns - Providing the ability to filter the table from the back-end This commit changes none of that. What this commit does is re-arrange the innards of Table.ts into smaller units: - The RowGroup's "checkbox" and "expansion" segments are pulled out into their own functions, which makes the RowGroup's actual functionality much easier to see and understand. The same is true of the rowGroup's selection and expansion handlers. - Almost all in-line decisions and event handlers have been extracted and named, to make it easier to see and understand what's happening inside what is otherwise a jumble of HTML. - The TablePagination code was duplicated-- and one of the duplicates was wrong! So I've deduplicated it and fixed the bug. - In many cases, the conditional code grew organically, resulting in some pretty hard-to-understand conditions. - A really good example is the `itemSelectHandler`; there are two possible events that result in a change, and the consequences of that change may be that *all* checkboxes are unchecked. In all cases where there's an add/remove option, I've opted to remove the specific object always (even if it's not present!), and then add it if it's actually an add. Logically coherent as long as the accessors are not also mutators. It was not possible to redefine the `columns()` function to take anything other than a TableColumn object; I wanted to be able to replace all of the `new TableColumn("Foo")` with just `"Foo"`, building the TableColumn dynamically at construction time. Unfortunately, some of our most complex tables dynamically re-arrange the columns (RBAC, for example, draws an empty table, fetches the content, then redraws with the columns based on what was retrieved), and detecting that change and rebuilding those columns proved more difficult than anticipated. I may contemplate an alternative column specification if I find myself building a lot of tables. Likewise, it was not possible to replace all of our uses of the empty `html` declaration with the Lit-preferred `nothing` sigil; hard-coded `TemplateResult` entries scattered throughout the code caused massive type inconsistencies, since a type of `TemplateResult | nothing` is unique thanks to `nothing`'s underlying Symbol. It is for this issue that Typescript itself recommends you "prefer allowing Typescript infer the return type." I may revisit this issue later. I've added a `prequick` command to `package.json`; this one runs *only* the Typescript type checker, lit-analyse, and `eslint:precommit`, the last of which lints only the files touched since the last commit. This is fast, intended to support quick checks of code quality not normally displayed in the IDE. * web: refactor table After talking to Jens, I've put back the positional variable and eslint escape; it's better to document existing practices than try to force something. I also misunderstood the role of `inner` in one bit of code, and have restored its functionality. Looking through the code, though, I can see a case where it will fail; it's expecting `inner` to be either undefined or a TemplateResult; if there's no error message, the error message defaults to a blank TemplateResult, which is _not_ undefined, and will result in a blank table. This will only happen under very weird network failures, but... --- web/package.json | 1 + web/src/elements/table/Table.ts | 361 ++++++++++++++++---------------- 2 files changed, 177 insertions(+), 185 deletions(-) diff --git a/web/package.json b/web/package.json index 811e221ca..cecb3d40d 100644 --- a/web/package.json +++ b/web/package.json @@ -19,6 +19,7 @@ "lint:spelling": "codespell -D - -D ../.github/codespell-dictionary.txt -I ../.github/codespell-words.txt -S './src/locales/**' ./src -s", "lit-analyse": "lit-analyzer src", "precommit": "run-s tsc lit-analyse lint:precommit lint:spelling prettier", + "prequick": "run-s tsc:execute lit-analyse lint:precommit lint:spelling", "prettier-check": "prettier --check .", "prettier": "prettier --write .", "pseudolocalize:build-extract-script": "cd scripts && tsc --esModuleInterop --module es2020 --moduleResolution 'node' pseudolocalize.ts && mv pseudolocalize.js pseudolocalize.mjs", diff --git a/web/src/elements/table/Table.ts b/web/src/elements/table/Table.ts index 6175b5296..0b78c4dfb 100644 --- a/web/src/elements/table/Table.ts +++ b/web/src/elements/table/Table.ts @@ -13,6 +13,7 @@ import "@goauthentik/elements/table/TableSearch"; import { msg } from "@lit/localize"; import { CSSResult, TemplateResult, css, html } from "lit"; import { property, state } from "lit/decorators.js"; +import { classMap } from "lit/directives/class-map.js"; import { ifDefined } from "lit/directives/if-defined.js"; import PFButton from "@patternfly/patternfly/components/Button/button.css"; @@ -41,11 +42,7 @@ export class TableColumn { if (!this.orderBy) { return; } - if (table.order === this.orderBy) { - table.order = `-${this.orderBy}`; - } else { - table.order = this.orderBy; - } + table.order = table.order === this.orderBy ? `-${this.orderBy}` : this.orderBy; table.fetch(); } @@ -75,16 +72,12 @@ export class TableColumn { } render(table: Table): TemplateResult { - return html` + const classes = { + "pf-c-table__sort": !!this.orderBy, + "pf-m-selected": table.order === this.orderBy || table.order === `-${this.orderBy}`, + }; + + return html` ${this.orderBy ? this.renderSortable(table) : html`${this.title}`} `; } @@ -230,7 +223,7 @@ export abstract class Table extends AKElement { return html`
- +
`; @@ -241,11 +234,10 @@ export abstract class Table extends AKElement {
- ${inner - ? inner - : html`
${this.renderObjectCreate()}
-
`} + ${inner ?? + html`
${this.renderObjectCreate()}
+
`}
@@ -257,14 +249,13 @@ export abstract class Table extends AKElement { } renderError(): TemplateResult { - if (!this.error) { - return html``; - } - return html` - ${this.error instanceof ResponseError - ? html`
${this.error.message}
` - : html`
${this.error.detail}
`} -
`; + return this.error + ? html` + ${this.error instanceof ResponseError + ? html`
${this.error.message}
` + : html`
${this.error.detail}
`} +
` + : html``; } private renderRows(): TemplateResult[] | undefined { @@ -294,104 +285,89 @@ export abstract class Table extends AKElement { private renderRowGroup(items: T[]): TemplateResult[] { return items.map((item) => { const itemSelectHandler = (ev: InputEvent | PointerEvent) => { - let checked = false; const target = ev.target as HTMLElement; - if (ev.type === "input") { - checked = (target as HTMLInputElement).checked; - } else if (ev instanceof PointerEvent) { - if (target.classList.contains("ignore-click")) { - return; - } - checked = this.selectedElements.indexOf(item) === -1; - } - if (checked) { - // Prevent double-adding the element to selected items - if (this.selectedElements.indexOf(item) !== -1) { - return; - } - // Add item to selected - this.selectedElements.push(item); - } else { - // Get index of item and remove if selected - const index = this.selectedElements.indexOf(item); - if (index <= -1) return; - this.selectedElements.splice(index, 1); - } - this.requestUpdate(); - // Unset select-all if selectedElements is empty - const selectAllCheckbox = - this.shadowRoot?.querySelector("[name=select-all]"); - if (!selectAllCheckbox) { + if (ev instanceof PointerEvent && target.classList.contains("ignore-click")) { return; } - if (this.selectedElements.length < 1) { - selectAllCheckbox.checked = false; - this.requestUpdate(); + + const selected = this.selectedElements.includes(item); + const checked = + ev instanceof PointerEvent ? !selected : (target as HTMLInputElement).checked; + + if ((checked && selected) || !(checked || selected)) { + return; } + + this.selectedElements = this.selectedElements.filter((i) => i !== item); + if (checked) { + this.selectedElements.push(item); + } + + const selectAllCheckbox = + this.shadowRoot?.querySelector("[name=select-all]"); + if (selectAllCheckbox && this.selectedElements.length < 1) { + selectAllCheckbox.checked = false; + } + + this.requestUpdate(); }; - return html` + + const renderCheckbox = () => + html` + + `; + + const handleExpansion = (ev: Event) => { + ev.stopPropagation(); + const expanded = this.expandedElements.includes(item); + this.expandedElements = this.expandedElements.filter((i) => i !== item); + if (!expanded) { + this.expandedElements.push(item); + } + this.requestUpdate(); + }; + + const expandedClass = { + "pf-m-expanded": this.expandedElements.includes(item), + }; + + const renderExpansion = () => { + return html` + + `; + }; + + return html` - ${this.checkbox - ? html` - - ` - : html``} - ${this.expandable - ? html` - - ` - : html``} + ${this.checkbox ? renderCheckbox() : html``} + ${this.expandable ? renderExpansion() : html``} ${this.row(item).map((col) => { return html`${col}`; })} - + - ${this.expandedElements.indexOf(item) > -1 ? this.renderExpanded(item) : html``} + ${this.expandedElements.includes(item) ? this.renderExpanded(item) : html``} `; }); @@ -418,28 +394,24 @@ export abstract class Table extends AKElement { } renderSearch(): TemplateResult { - if (!this.searchEnabled()) { - return html``; - } - return html`
- { - this.search = value; - this.fetch(); - updateURLParams({ - search: value, - }); - }} - > - -
`; - } + const runSearch = (value: string) => { + this.search = value; + updateURLParams({ + search: value, + }); + this.fetch(); + }; - // eslint-disable-next-line @typescript-eslint/no-unused-vars - renderSelectedChip(item: T): TemplateResult { - return html``; + return !this.searchEnabled() + ? html`` + : html`
+ + +
`; } renderToolbarContainer(): TemplateResult { @@ -449,18 +421,7 @@ export abstract class Table extends AKElement {
${this.renderToolbar()}
${this.renderToolbarAfter()}
${this.renderToolbarSelected()}
- ${this.paginated - ? html` { - this.page = page; - updateURLParams({ tablePage: page }); - this.fetch(); - }} - > - ` - : html``} + ${this.paginated ? this.renderTablePagination() : html``} `; } @@ -469,57 +430,87 @@ export abstract class Table extends AKElement { this.fetch(); } + /* The checkbox on the table header row that allows the user to "activate all on this page," + * "deactivate all on this page" with a single click. + */ + renderAllOnThisPageCheckbox(): TemplateResult { + const checked = + this.selectedElements.length === this.data?.results.length && + this.selectedElements.length > 0; + + const onInput = (ev: InputEvent) => { + this.selectedElements = (ev.target as HTMLInputElement).checked + ? this.data?.results.slice(0) || [] + : []; + }; + + return html` + + `; + } + + /* For very large tables where the user is selecting a limited number of entries, we provide a + * chip-based subtable at the top that shows the list of selected entries. Long text result in + * ellipsized chips, which is sub-optimal. + */ + renderSelectedChip(_item: T): TemplateResult { + // Override this for chip-based displays + return html``; + } + + get needChipGroup() { + return this.checkbox && this.checkboxChip; + } + + renderChipGroup(): TemplateResult { + return html` + ${this.selectedElements.map((el) => { + return html`${this.renderSelectedChip(el)}`; + })} + `; + } + + /* A simple pagination display, shown at both the top and bottom of the page. */ + renderTablePagination(): TemplateResult { + const handler = (page: number) => { + updateURLParams({ tablePage: page }); + this.page = page; + this.fetch(); + }; + + return html` + + + `; + } + renderTable(): TemplateResult { - return html` ${this.checkbox && this.checkboxChip - ? html` - ${this.selectedElements.map((el) => { - return html`${this.renderSelectedChip(el)}`; - })} - ` - : html``} + const renderBottomPagination = () => + html`
${this.renderTablePagination()}
`; + + return html` ${this.needChipGroup ? this.renderChipGroup() : html``} ${this.renderToolbarContainer()} - ${this.checkbox - ? html`` - : html``} + ${this.checkbox ? this.renderAllOnThisPageCheckbox() : html``} ${this.expandable ? html`` : html``} ${this.columns().map((col) => col.render(this))} ${this.renderRows()}
- 0} - @input=${(ev: InputEvent) => { - if ((ev.target as HTMLInputElement).checked) { - this.selectedElements = - this.data?.results.slice(0) || []; - } else { - this.selectedElements = []; - } - }} - /> -
- ${this.paginated - ? html`
- { - this.page = page; - this.fetch(); - }} - > - -
` - : html``}`; + ${this.paginated ? renderBottomPagination() : html``}`; } render(): TemplateResult { From a5a380db7b189bb3d90e961c4502e8a6b6672ef3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 12:06:23 +0100 Subject: [PATCH 04/16] web: bump the eslint group in /tests/wdio with 2 updates (#7860) Bumps the eslint group in /tests/wdio with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser). Updates `@typescript-eslint/eslint-plugin` from 6.13.2 to 6.14.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.14.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 6.13.2 to 6.14.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.14.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: eslint - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: eslint ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- tests/wdio/package-lock.json | 88 ++++++++++++++++++------------------ tests/wdio/package.json | 4 +- 2 files changed, 46 insertions(+), 46 deletions(-) diff --git a/tests/wdio/package-lock.json b/tests/wdio/package-lock.json index c528b4a15..7be9ced74 100644 --- a/tests/wdio/package-lock.json +++ b/tests/wdio/package-lock.json @@ -7,8 +7,8 @@ "name": "@goauthentik/web-tests", "devDependencies": { "@trivago/prettier-plugin-sort-imports": "^4.3.0", - "@typescript-eslint/eslint-plugin": "^6.13.2", - "@typescript-eslint/parser": "^6.13.2", + "@typescript-eslint/eslint-plugin": "^6.14.0", + "@typescript-eslint/parser": "^6.14.0", "@wdio/cli": "^8.26.1", "@wdio/local-runner": "^8.26.1", "@wdio/mocha-framework": "^8.24.12", @@ -946,16 +946,16 @@ } }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.13.2.tgz", - "integrity": "sha512-3+9OGAWHhk4O1LlcwLBONbdXsAhLjyCFogJY/cWy2lxdVJ2JrcTF2pTGMaLl2AE7U1l31n8Py4a8bx5DLf/0dQ==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.14.0.tgz", + "integrity": "sha512-1ZJBykBCXaSHG94vMMKmiHoL0MhNHKSVlcHVYZNw+BKxufhqQVTOawNpwwI1P5nIFZ/4jLVop0mcY6mJJDFNaw==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.5.1", - "@typescript-eslint/scope-manager": "6.13.2", - "@typescript-eslint/type-utils": "6.13.2", - "@typescript-eslint/utils": "6.13.2", - "@typescript-eslint/visitor-keys": "6.13.2", + "@typescript-eslint/scope-manager": "6.14.0", + "@typescript-eslint/type-utils": "6.14.0", + "@typescript-eslint/utils": "6.14.0", + "@typescript-eslint/visitor-keys": "6.14.0", "debug": "^4.3.4", "graphemer": "^1.4.0", "ignore": "^5.2.4", @@ -981,15 +981,15 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.13.2.tgz", - "integrity": "sha512-MUkcC+7Wt/QOGeVlM8aGGJZy1XV5YKjTpq9jK6r6/iLsGXhBVaGP5N0UYvFsu9BFlSpwY9kMretzdBH01rkRXg==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.14.0.tgz", + "integrity": "sha512-QjToC14CKacd4Pa7JK4GeB/vHmWFJckec49FR4hmIRf97+KXole0T97xxu9IFiPxVQ1DBWrQ5wreLwAGwWAVQA==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "6.13.2", - "@typescript-eslint/types": "6.13.2", - "@typescript-eslint/typescript-estree": "6.13.2", - "@typescript-eslint/visitor-keys": "6.13.2", + "@typescript-eslint/scope-manager": "6.14.0", + "@typescript-eslint/types": "6.14.0", + "@typescript-eslint/typescript-estree": "6.14.0", + "@typescript-eslint/visitor-keys": "6.14.0", "debug": "^4.3.4" }, "engines": { @@ -1009,13 +1009,13 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.13.2.tgz", - "integrity": "sha512-CXQA0xo7z6x13FeDYCgBkjWzNqzBn8RXaE3QVQVIUm74fWJLkJkaHmHdKStrxQllGh6Q4eUGyNpMe0b1hMkXFA==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.14.0.tgz", + "integrity": "sha512-VT7CFWHbZipPncAZtuALr9y3EuzY1b1t1AEkIq2bTXUPKw+pHoXflGNG5L+Gv6nKul1cz1VH8fz16IThIU0tdg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "6.13.2", - "@typescript-eslint/visitor-keys": "6.13.2" + "@typescript-eslint/types": "6.14.0", + "@typescript-eslint/visitor-keys": "6.14.0" }, "engines": { "node": "^16.0.0 || >=18.0.0" @@ -1026,13 +1026,13 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.13.2.tgz", - "integrity": "sha512-Qr6ssS1GFongzH2qfnWKkAQmMUyZSyOr0W54nZNU1MDfo+U4Mv3XveeLZzadc/yq8iYhQZHYT+eoXJqnACM1tw==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.14.0.tgz", + "integrity": "sha512-x6OC9Q7HfYKqjnuNu5a7kffIYs3No30isapRBJl1iCHLitD8O0lFbRcVGiOcuyN837fqXzPZ1NS10maQzZMKqw==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "6.13.2", - "@typescript-eslint/utils": "6.13.2", + "@typescript-eslint/typescript-estree": "6.14.0", + "@typescript-eslint/utils": "6.14.0", "debug": "^4.3.4", "ts-api-utils": "^1.0.1" }, @@ -1053,9 +1053,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.13.2.tgz", - "integrity": "sha512-7sxbQ+EMRubQc3wTfTsycgYpSujyVbI1xw+3UMRUcrhSy+pN09y/lWzeKDbvhoqcRbHdc+APLs/PWYi/cisLPg==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.14.0.tgz", + "integrity": "sha512-uty9H2K4Xs8E47z3SnXEPRNDfsis8JO27amp2GNCnzGETEW3yTqEIVg5+AI7U276oGF/tw6ZA+UesxeQ104ceA==", "dev": true, "engines": { "node": "^16.0.0 || >=18.0.0" @@ -1066,13 +1066,13 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.13.2.tgz", - "integrity": "sha512-SuD8YLQv6WHnOEtKv8D6HZUzOub855cfPnPMKvdM/Bh1plv1f7Q/0iFUDLKKlxHcEstQnaUU4QZskgQq74t+3w==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.14.0.tgz", + "integrity": "sha512-yPkaLwK0yH2mZKFE/bXkPAkkFgOv15GJAUzgUVonAbv0Hr4PK/N2yaA/4XQbTZQdygiDkpt5DkxPELqHguNvyw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "6.13.2", - "@typescript-eslint/visitor-keys": "6.13.2", + "@typescript-eslint/types": "6.14.0", + "@typescript-eslint/visitor-keys": "6.14.0", "debug": "^4.3.4", "globby": "^11.1.0", "is-glob": "^4.0.3", @@ -1093,17 +1093,17 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.13.2.tgz", - "integrity": "sha512-b9Ptq4eAZUym4idijCRzl61oPCwwREcfDI8xGk751Vhzig5fFZR9CyzDz4Sp/nxSLBYxUPyh4QdIDqWykFhNmQ==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.14.0.tgz", + "integrity": "sha512-XwRTnbvRr7Ey9a1NT6jqdKX8y/atWG+8fAIu3z73HSP8h06i3r/ClMhmaF/RGWGW1tHJEwij1uEg2GbEmPYvYg==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", "@types/json-schema": "^7.0.12", "@types/semver": "^7.5.0", - "@typescript-eslint/scope-manager": "6.13.2", - "@typescript-eslint/types": "6.13.2", - "@typescript-eslint/typescript-estree": "6.13.2", + "@typescript-eslint/scope-manager": "6.14.0", + "@typescript-eslint/types": "6.14.0", + "@typescript-eslint/typescript-estree": "6.14.0", "semver": "^7.5.4" }, "engines": { @@ -1118,12 +1118,12 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.13.2.tgz", - "integrity": "sha512-OGznFs0eAQXJsp+xSd6k/O1UbFi/K/L7WjqeRoFE7vadjAF9y0uppXhYNQNEqygjou782maGClOoZwPqF0Drlw==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.14.0.tgz", + "integrity": "sha512-fB5cw6GRhJUz03MrROVuj5Zm/Q+XWlVdIsFj+Zb1Hvqouc8t+XP2H5y53QYU/MGtd2dPg6/vJJlhoX3xc2ehfw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "6.13.2", + "@typescript-eslint/types": "6.14.0", "eslint-visitor-keys": "^3.4.1" }, "engines": { diff --git a/tests/wdio/package.json b/tests/wdio/package.json index 589ae6332..a5f196e6d 100644 --- a/tests/wdio/package.json +++ b/tests/wdio/package.json @@ -4,8 +4,8 @@ "type": "module", "devDependencies": { "@trivago/prettier-plugin-sort-imports": "^4.3.0", - "@typescript-eslint/eslint-plugin": "^6.13.2", - "@typescript-eslint/parser": "^6.13.2", + "@typescript-eslint/eslint-plugin": "^6.14.0", + "@typescript-eslint/parser": "^6.14.0", "@wdio/cli": "^8.26.1", "@wdio/local-runner": "^8.26.1", "@wdio/mocha-framework": "^8.24.12", From 72ce909ed48e5523f23bab9697b2ec8682446e65 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 12:06:32 +0100 Subject: [PATCH 05/16] web: bump rollup from 4.7.0 to 4.8.0 in /web (#7859) Bumps [rollup](https://github.com/rollup/rollup) from 4.7.0 to 4.8.0. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v4.7.0...v4.8.0) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- web/package-lock.json | 113 +++++++++++++++++++++--------------------- web/package.json | 2 +- 2 files changed, 57 insertions(+), 58 deletions(-) diff --git a/web/package-lock.json b/web/package-lock.json index d1caf97bc..6a5943695 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -15,7 +15,6 @@ "@codemirror/lang-xml": "^6.0.2", "@codemirror/legacy-modes": "^6.3.3", "@codemirror/theme-one-dark": "^6.1.2", - "@esbuild/linux-arm64": "^0.19.9", "@formatjs/intl-listformat": "^7.5.3", "@fortawesome/fontawesome-free": "^6.5.1", "@goauthentik/api": "^2023.10.4-1701882394", @@ -91,7 +90,7 @@ "pyright": "^1.1.338", "react": "^18.2.0", "react-dom": "^18.2.0", - "rollup": "^4.7.0", + "rollup": "^4.8.0", "rollup-plugin-copy": "^3.5.0", "rollup-plugin-cssimport": "^1.0.3", "rollup-plugin-postcss-lit": "^2.1.0", @@ -4581,9 +4580,9 @@ } }, "node_modules/@rollup/rollup-android-arm-eabi": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.7.0.tgz", - "integrity": "sha512-rGku10pL1StFlFvXX5pEv88KdGW6DHUghsxyP/aRYb9eH+74jTGJ3U0S/rtlsQ4yYq1Hcc7AMkoJOb1xu29Fxw==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.8.0.tgz", + "integrity": "sha512-zdTObFRoNENrdPpnTNnhOljYIcOX7aI7+7wyrSpPFFIOf/nRdedE6IYsjaBE7tjukphh1tMTojgJ7p3lKY8x6Q==", "cpu": [ "arm" ], @@ -4594,9 +4593,9 @@ ] }, "node_modules/@rollup/rollup-android-arm64": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.7.0.tgz", - "integrity": "sha512-/EBw0cuJ/KVHiU2qyVYUhogXz7W2vXxBzeE9xtVIMC+RyitlY2vvaoysMUqASpkUtoNIHlnKTu/l7mXOPgnKOA==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.8.0.tgz", + "integrity": "sha512-aiItwP48BiGpMFS9Znjo/xCNQVwTQVcRKkFKsO81m8exrGjHkCBDvm9PHay2kpa8RPnZzzKcD1iQ9KaLY4fPQQ==", "cpu": [ "arm64" ], @@ -4607,9 +4606,9 @@ ] }, "node_modules/@rollup/rollup-darwin-arm64": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.7.0.tgz", - "integrity": "sha512-4VXG1bgvClJdbEYYjQ85RkOtwN8sqI3uCxH0HC5w9fKdqzRzgG39K7GAehATGS8jghA7zNoS5CjSKkDEqWmNZg==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.8.0.tgz", + "integrity": "sha512-zhNIS+L4ZYkYQUjIQUR6Zl0RXhbbA0huvNIWjmPc2SL0cB1h5Djkcy+RZ3/Bwszfb6vgwUvcVJYD6e6Zkpsi8g==", "cpu": [ "arm64" ], @@ -4620,9 +4619,9 @@ ] }, "node_modules/@rollup/rollup-darwin-x64": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.7.0.tgz", - "integrity": "sha512-/ImhO+T/RWJ96hUbxiCn2yWI0/MeQZV/aeukQQfhxiSXuZJfyqtdHPUPrc84jxCfXTxbJLmg4q+GBETeb61aNw==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.8.0.tgz", + "integrity": "sha512-A/FAHFRNQYrELrb/JHncRWzTTXB2ticiRFztP4ggIUAfa9Up1qfW8aG2w/mN9jNiZ+HB0t0u0jpJgFXG6BfRTA==", "cpu": [ "x64" ], @@ -4633,9 +4632,9 @@ ] }, "node_modules/@rollup/rollup-linux-arm-gnueabihf": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.7.0.tgz", - "integrity": "sha512-zhye8POvTyUXlKbfPBVqoHy3t43gIgffY+7qBFqFxNqVtltQLtWeHNAbrMnXiLIfYmxcoL/feuLDote2tx+Qbg==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.8.0.tgz", + "integrity": "sha512-JsidBnh3p2IJJA4/2xOF2puAYqbaczB3elZDT0qHxn362EIoIkq7hrR43Xa8RisgI6/WPfvb2umbGsuvf7E37A==", "cpu": [ "arm" ], @@ -4646,9 +4645,9 @@ ] }, "node_modules/@rollup/rollup-linux-arm64-gnu": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.7.0.tgz", - "integrity": "sha512-RAdr3OJnUum6Vs83cQmKjxdTg31zJnLLTkjhcFt0auxM6jw00GD6IPFF42uasYPr/wGC6TRm7FsQiJyk0qIEfg==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.8.0.tgz", + "integrity": "sha512-hBNCnqw3EVCkaPB0Oqd24bv8SklETptQWcJz06kb9OtiShn9jK1VuTgi7o4zPSt6rNGWQOTDEAccbk0OqJmS+g==", "cpu": [ "arm64" ], @@ -4659,9 +4658,9 @@ ] }, "node_modules/@rollup/rollup-linux-arm64-musl": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.7.0.tgz", - "integrity": "sha512-nhWwYsiJwZGq7SyR3afS3EekEOsEAlrNMpPC4ZDKn5ooYSEjDLe9W/xGvoIV8/F/+HNIY6jY8lIdXjjxfxopXw==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.8.0.tgz", + "integrity": "sha512-Fw9ChYfJPdltvi9ALJ9wzdCdxGw4wtq4t1qY028b2O7GwB5qLNSGtqMsAel1lfWTZvf4b6/+4HKp0GlSYg0ahA==", "cpu": [ "arm64" ], @@ -4672,9 +4671,9 @@ ] }, "node_modules/@rollup/rollup-linux-riscv64-gnu": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.7.0.tgz", - "integrity": "sha512-rlfy5RnQG1aop1BL/gjdH42M2geMUyVQqd52GJVirqYc787A/XVvl3kQ5NG/43KXgOgE9HXgCaEH05kzQ+hLoA==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.8.0.tgz", + "integrity": "sha512-BH5xIh7tOzS9yBi8dFrCTG8Z6iNIGWGltd3IpTSKp6+pNWWO6qy8eKoRxOtwFbMrid5NZaidLYN6rHh9aB8bEw==", "cpu": [ "riscv64" ], @@ -4685,9 +4684,9 @@ ] }, "node_modules/@rollup/rollup-linux-x64-gnu": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.7.0.tgz", - "integrity": "sha512-cCkoGlGWfBobdDtiiypxf79q6k3/iRVGu1HVLbD92gWV5WZbmuWJCgRM4x2N6i7ljGn1cGytPn9ZAfS8UwF6vg==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.8.0.tgz", + "integrity": "sha512-PmvAj8k6EuWiyLbkNpd6BLv5XeYFpqWuRvRNRl80xVfpGXK/z6KYXmAgbI4ogz7uFiJxCnYcqyvZVD0dgFog7Q==", "cpu": [ "x64" ], @@ -4698,9 +4697,9 @@ ] }, "node_modules/@rollup/rollup-linux-x64-musl": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.7.0.tgz", - "integrity": "sha512-R2oBf2p/Arc1m+tWmiWbpHBjEcJnHVnv6bsypu4tcKdrYTpDfl1UT9qTyfkIL1iiii5D4WHxUHCg5X0pzqmxFg==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.8.0.tgz", + "integrity": "sha512-mdxnlW2QUzXwY+95TuxZ+CurrhgrPAMveDWI97EQlA9bfhR8tw3Pt7SUlc/eSlCNxlWktpmT//EAA8UfCHOyXg==", "cpu": [ "x64" ], @@ -4711,9 +4710,9 @@ ] }, "node_modules/@rollup/rollup-win32-arm64-msvc": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.7.0.tgz", - "integrity": "sha512-CPtgaQL1aaPc80m8SCVEoxFGHxKYIt3zQYC3AccL/SqqiWXblo3pgToHuBwR8eCP2Toa+X1WmTR/QKFMykws7g==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.8.0.tgz", + "integrity": "sha512-ge7saUz38aesM4MA7Cad8CHo0Fyd1+qTaqoIo+Jtk+ipBi4ATSrHWov9/S4u5pbEQmLjgUjB7BJt+MiKG2kzmA==", "cpu": [ "arm64" ], @@ -4724,9 +4723,9 @@ ] }, "node_modules/@rollup/rollup-win32-ia32-msvc": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.7.0.tgz", - "integrity": "sha512-pmioUlttNh9GXF5x2CzNa7Z8kmRTyhEzzAC+2WOOapjewMbl+3tGuAnxbwc5JyG8Jsz2+hf/QD/n5VjimOZ63g==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.8.0.tgz", + "integrity": "sha512-p9E3PZlzurhlsN5h9g7zIP1DnqKXJe8ZUkFwAazqSvHuWfihlIISPxG9hCHCoA+dOOspL/c7ty1eeEVFTE0UTw==", "cpu": [ "ia32" ], @@ -4737,9 +4736,9 @@ ] }, "node_modules/@rollup/rollup-win32-x64-msvc": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.7.0.tgz", - "integrity": "sha512-SeZzC2QhhdBQUm3U0c8+c/P6UlRyBcLL2Xp5KX7z46WXZxzR8RJSIWL9wSUeBTgxog5LTPJuPj0WOT9lvrtP7Q==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.8.0.tgz", + "integrity": "sha512-kb4/auKXkYKqlUYTE8s40FcJIj5soOyRLHKd4ugR0dCq0G2EfcF54eYcfQiGkHzjidZ40daB4ulsFdtqNKZtBg==", "cpu": [ "x64" ], @@ -16672,9 +16671,9 @@ "integrity": "sha512-IXgzBWvWQwE6PrDI05OvmXUIruQTcoMDzRsOd5CDvHCVLcLHMTSYvOK5Cm46kWqlV3yAbuSpBZdJ5oP5OUoStg==" }, "node_modules/rollup": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.7.0.tgz", - "integrity": "sha512-7Kw0dUP4BWH78zaZCqF1rPyQ8D5DSU6URG45v1dqS/faNsx9WXyess00uTOZxKr7oR/4TOjO1CPudT8L1UsEgw==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.8.0.tgz", + "integrity": "sha512-NpsklK2fach5CdI+PScmlE5R4Ao/FSWtF7LkoIrHDxPACY/xshNasPsbpG0VVHxUTbf74tJbVT4PrP8JsJ6ZDA==", "dev": true, "bin": { "rollup": "dist/bin/rollup" @@ -16684,19 +16683,19 @@ "npm": ">=8.0.0" }, "optionalDependencies": { - "@rollup/rollup-android-arm-eabi": "4.7.0", - "@rollup/rollup-android-arm64": "4.7.0", - "@rollup/rollup-darwin-arm64": "4.7.0", - "@rollup/rollup-darwin-x64": "4.7.0", - "@rollup/rollup-linux-arm-gnueabihf": "4.7.0", - "@rollup/rollup-linux-arm64-gnu": "4.7.0", - "@rollup/rollup-linux-arm64-musl": "4.7.0", - "@rollup/rollup-linux-riscv64-gnu": "4.7.0", - "@rollup/rollup-linux-x64-gnu": "4.7.0", - "@rollup/rollup-linux-x64-musl": "4.7.0", - "@rollup/rollup-win32-arm64-msvc": "4.7.0", - "@rollup/rollup-win32-ia32-msvc": "4.7.0", - "@rollup/rollup-win32-x64-msvc": "4.7.0", + "@rollup/rollup-android-arm-eabi": "4.8.0", + "@rollup/rollup-android-arm64": "4.8.0", + "@rollup/rollup-darwin-arm64": "4.8.0", + "@rollup/rollup-darwin-x64": "4.8.0", + "@rollup/rollup-linux-arm-gnueabihf": "4.8.0", + "@rollup/rollup-linux-arm64-gnu": "4.8.0", + "@rollup/rollup-linux-arm64-musl": "4.8.0", + "@rollup/rollup-linux-riscv64-gnu": "4.8.0", + "@rollup/rollup-linux-x64-gnu": "4.8.0", + "@rollup/rollup-linux-x64-musl": "4.8.0", + "@rollup/rollup-win32-arm64-msvc": "4.8.0", + "@rollup/rollup-win32-ia32-msvc": "4.8.0", + "@rollup/rollup-win32-x64-msvc": "4.8.0", "fsevents": "~2.3.2" } }, diff --git a/web/package.json b/web/package.json index cecb3d40d..b94f7742d 100644 --- a/web/package.json +++ b/web/package.json @@ -112,7 +112,7 @@ "pyright": "^1.1.338", "react": "^18.2.0", "react-dom": "^18.2.0", - "rollup": "^4.7.0", + "rollup": "^4.8.0", "rollup-plugin-copy": "^3.5.0", "rollup-plugin-cssimport": "^1.0.3", "rollup-plugin-postcss-lit": "^2.1.0", From f996dc1bc30230cc3f84b7f792dda1fd6f4eb4a6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 12:07:04 +0100 Subject: [PATCH 06/16] web: bump the eslint group in /web with 2 updates (#7857) Bumps the eslint group in /web with 2 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser). Updates `@typescript-eslint/eslint-plugin` from 6.13.2 to 6.14.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.14.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 6.13.2 to 6.14.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.14.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: eslint - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: eslint ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- web/package-lock.json | 88 +++++++++++++++++++++---------------------- web/package.json | 4 +- 2 files changed, 46 insertions(+), 46 deletions(-) diff --git a/web/package-lock.json b/web/package-lock.json index 6a5943695..afdb90817 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -72,8 +72,8 @@ "@types/chart.js": "^2.9.41", "@types/codemirror": "5.60.15", "@types/grecaptcha": "^3.0.7", - "@typescript-eslint/eslint-plugin": "^6.13.2", - "@typescript-eslint/parser": "^6.13.2", + "@typescript-eslint/eslint-plugin": "^6.14.0", + "@typescript-eslint/parser": "^6.14.0", "babel-plugin-macros": "^3.1.0", "babel-plugin-tsconfig-paths": "^1.0.3", "cross-env": "^7.0.3", @@ -8036,16 +8036,16 @@ "dev": true }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.13.2.tgz", - "integrity": "sha512-3+9OGAWHhk4O1LlcwLBONbdXsAhLjyCFogJY/cWy2lxdVJ2JrcTF2pTGMaLl2AE7U1l31n8Py4a8bx5DLf/0dQ==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.14.0.tgz", + "integrity": "sha512-1ZJBykBCXaSHG94vMMKmiHoL0MhNHKSVlcHVYZNw+BKxufhqQVTOawNpwwI1P5nIFZ/4jLVop0mcY6mJJDFNaw==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.5.1", - "@typescript-eslint/scope-manager": "6.13.2", - "@typescript-eslint/type-utils": "6.13.2", - "@typescript-eslint/utils": "6.13.2", - "@typescript-eslint/visitor-keys": "6.13.2", + "@typescript-eslint/scope-manager": "6.14.0", + "@typescript-eslint/type-utils": "6.14.0", + "@typescript-eslint/utils": "6.14.0", + "@typescript-eslint/visitor-keys": "6.14.0", "debug": "^4.3.4", "graphemer": "^1.4.0", "ignore": "^5.2.4", @@ -8104,15 +8104,15 @@ "dev": true }, "node_modules/@typescript-eslint/parser": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.13.2.tgz", - "integrity": "sha512-MUkcC+7Wt/QOGeVlM8aGGJZy1XV5YKjTpq9jK6r6/iLsGXhBVaGP5N0UYvFsu9BFlSpwY9kMretzdBH01rkRXg==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-6.14.0.tgz", + "integrity": "sha512-QjToC14CKacd4Pa7JK4GeB/vHmWFJckec49FR4hmIRf97+KXole0T97xxu9IFiPxVQ1DBWrQ5wreLwAGwWAVQA==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "6.13.2", - "@typescript-eslint/types": "6.13.2", - "@typescript-eslint/typescript-estree": "6.13.2", - "@typescript-eslint/visitor-keys": "6.13.2", + "@typescript-eslint/scope-manager": "6.14.0", + "@typescript-eslint/types": "6.14.0", + "@typescript-eslint/typescript-estree": "6.14.0", + "@typescript-eslint/visitor-keys": "6.14.0", "debug": "^4.3.4" }, "engines": { @@ -8132,13 +8132,13 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.13.2.tgz", - "integrity": "sha512-CXQA0xo7z6x13FeDYCgBkjWzNqzBn8RXaE3QVQVIUm74fWJLkJkaHmHdKStrxQllGh6Q4eUGyNpMe0b1hMkXFA==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.14.0.tgz", + "integrity": "sha512-VT7CFWHbZipPncAZtuALr9y3EuzY1b1t1AEkIq2bTXUPKw+pHoXflGNG5L+Gv6nKul1cz1VH8fz16IThIU0tdg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "6.13.2", - "@typescript-eslint/visitor-keys": "6.13.2" + "@typescript-eslint/types": "6.14.0", + "@typescript-eslint/visitor-keys": "6.14.0" }, "engines": { "node": "^16.0.0 || >=18.0.0" @@ -8149,13 +8149,13 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.13.2.tgz", - "integrity": "sha512-Qr6ssS1GFongzH2qfnWKkAQmMUyZSyOr0W54nZNU1MDfo+U4Mv3XveeLZzadc/yq8iYhQZHYT+eoXJqnACM1tw==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.14.0.tgz", + "integrity": "sha512-x6OC9Q7HfYKqjnuNu5a7kffIYs3No30isapRBJl1iCHLitD8O0lFbRcVGiOcuyN837fqXzPZ1NS10maQzZMKqw==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "6.13.2", - "@typescript-eslint/utils": "6.13.2", + "@typescript-eslint/typescript-estree": "6.14.0", + "@typescript-eslint/utils": "6.14.0", "debug": "^4.3.4", "ts-api-utils": "^1.0.1" }, @@ -8176,9 +8176,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.13.2.tgz", - "integrity": "sha512-7sxbQ+EMRubQc3wTfTsycgYpSujyVbI1xw+3UMRUcrhSy+pN09y/lWzeKDbvhoqcRbHdc+APLs/PWYi/cisLPg==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.14.0.tgz", + "integrity": "sha512-uty9H2K4Xs8E47z3SnXEPRNDfsis8JO27amp2GNCnzGETEW3yTqEIVg5+AI7U276oGF/tw6ZA+UesxeQ104ceA==", "dev": true, "engines": { "node": "^16.0.0 || >=18.0.0" @@ -8189,13 +8189,13 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.13.2.tgz", - "integrity": "sha512-SuD8YLQv6WHnOEtKv8D6HZUzOub855cfPnPMKvdM/Bh1plv1f7Q/0iFUDLKKlxHcEstQnaUU4QZskgQq74t+3w==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.14.0.tgz", + "integrity": "sha512-yPkaLwK0yH2mZKFE/bXkPAkkFgOv15GJAUzgUVonAbv0Hr4PK/N2yaA/4XQbTZQdygiDkpt5DkxPELqHguNvyw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "6.13.2", - "@typescript-eslint/visitor-keys": "6.13.2", + "@typescript-eslint/types": "6.14.0", + "@typescript-eslint/visitor-keys": "6.14.0", "debug": "^4.3.4", "globby": "^11.1.0", "is-glob": "^4.0.3", @@ -8249,17 +8249,17 @@ "dev": true }, "node_modules/@typescript-eslint/utils": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.13.2.tgz", - "integrity": "sha512-b9Ptq4eAZUym4idijCRzl61oPCwwREcfDI8xGk751Vhzig5fFZR9CyzDz4Sp/nxSLBYxUPyh4QdIDqWykFhNmQ==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.14.0.tgz", + "integrity": "sha512-XwRTnbvRr7Ey9a1NT6jqdKX8y/atWG+8fAIu3z73HSP8h06i3r/ClMhmaF/RGWGW1tHJEwij1uEg2GbEmPYvYg==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", "@types/json-schema": "^7.0.12", "@types/semver": "^7.5.0", - "@typescript-eslint/scope-manager": "6.13.2", - "@typescript-eslint/types": "6.13.2", - "@typescript-eslint/typescript-estree": "6.13.2", + "@typescript-eslint/scope-manager": "6.14.0", + "@typescript-eslint/types": "6.14.0", + "@typescript-eslint/typescript-estree": "6.14.0", "semver": "^7.5.4" }, "engines": { @@ -8307,12 +8307,12 @@ "dev": true }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "6.13.2", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.13.2.tgz", - "integrity": "sha512-OGznFs0eAQXJsp+xSd6k/O1UbFi/K/L7WjqeRoFE7vadjAF9y0uppXhYNQNEqygjou782maGClOoZwPqF0Drlw==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.14.0.tgz", + "integrity": "sha512-fB5cw6GRhJUz03MrROVuj5Zm/Q+XWlVdIsFj+Zb1Hvqouc8t+XP2H5y53QYU/MGtd2dPg6/vJJlhoX3xc2ehfw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "6.13.2", + "@typescript-eslint/types": "6.14.0", "eslint-visitor-keys": "^3.4.1" }, "engines": { diff --git a/web/package.json b/web/package.json index b94f7742d..962e66617 100644 --- a/web/package.json +++ b/web/package.json @@ -94,8 +94,8 @@ "@types/chart.js": "^2.9.41", "@types/codemirror": "5.60.15", "@types/grecaptcha": "^3.0.7", - "@typescript-eslint/eslint-plugin": "^6.13.2", - "@typescript-eslint/parser": "^6.13.2", + "@typescript-eslint/eslint-plugin": "^6.14.0", + "@typescript-eslint/parser": "^6.14.0", "babel-plugin-macros": "^3.1.0", "babel-plugin-tsconfig-paths": "^1.0.3", "cross-env": "^7.0.3", From f85ae175d8d78a90172d57dba41a48f5b75004bd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 12:07:13 +0100 Subject: [PATCH 07/16] web: bump the babel group in /web with 4 updates (#7856) Bumps the babel group in /web with 4 updates: [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core), [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators), [@babel/plugin-transform-runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-transform-runtime) and [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env). Updates `@babel/core` from 7.23.5 to 7.23.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.6/packages/babel-core) Updates `@babel/plugin-proposal-decorators` from 7.23.5 to 7.23.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.6/packages/babel-plugin-proposal-decorators) Updates `@babel/plugin-transform-runtime` from 7.23.4 to 7.23.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.6/packages/babel-plugin-transform-runtime) Updates `@babel/preset-env` from 7.23.5 to 7.23.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.6/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/core" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: babel - dependency-name: "@babel/plugin-proposal-decorators" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: babel - dependency-name: "@babel/plugin-transform-runtime" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: babel - dependency-name: "@babel/preset-env" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: babel ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- web/package-lock.json | 174 +++++++++++++++++++++--------------------- web/package.json | 8 +- 2 files changed, 92 insertions(+), 90 deletions(-) diff --git a/web/package-lock.json b/web/package-lock.json index afdb90817..27fd5155e 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -43,13 +43,13 @@ "yaml": "^2.3.4" }, "devDependencies": { - "@babel/core": "^7.23.5", + "@babel/core": "^7.23.6", "@babel/plugin-proposal-class-properties": "^7.18.6", - "@babel/plugin-proposal-decorators": "^7.23.5", + "@babel/plugin-proposal-decorators": "^7.23.6", "@babel/plugin-transform-private-methods": "^7.23.3", "@babel/plugin-transform-private-property-in-object": "^7.23.4", - "@babel/plugin-transform-runtime": "^7.23.4", - "@babel/preset-env": "^7.23.5", + "@babel/plugin-transform-runtime": "^7.23.6", + "@babel/preset-env": "^7.23.6", "@babel/preset-typescript": "^7.23.3", "@hcaptcha/types": "^1.0.3", "@jackfranklin/rollup-plugin-markdown": "^0.4.0", @@ -176,21 +176,21 @@ } }, "node_modules/@babel/core": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.23.5.tgz", - "integrity": "sha512-Cwc2XjUrG4ilcfOw4wBAK+enbdgwAcAJCfGUItPBKR7Mjw4aEfAFYrLxeRp4jWgtNIKn3n2AlBOfwwafl+42/g==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.23.6.tgz", + "integrity": "sha512-FxpRyGjrMJXh7X3wGLGhNDCRiwpWEF74sKjTLDJSG5Kyvow3QZaG0Adbqzi9ZrVjTWpsX+2cxWXD71NMg93kdw==", "dev": true, "dependencies": { "@ampproject/remapping": "^2.2.0", "@babel/code-frame": "^7.23.5", - "@babel/generator": "^7.23.5", - "@babel/helper-compilation-targets": "^7.22.15", + "@babel/generator": "^7.23.6", + "@babel/helper-compilation-targets": "^7.23.6", "@babel/helper-module-transforms": "^7.23.3", - "@babel/helpers": "^7.23.5", - "@babel/parser": "^7.23.5", + "@babel/helpers": "^7.23.6", + "@babel/parser": "^7.23.6", "@babel/template": "^7.22.15", - "@babel/traverse": "^7.23.5", - "@babel/types": "^7.23.5", + "@babel/traverse": "^7.23.6", + "@babel/types": "^7.23.6", "convert-source-map": "^2.0.0", "debug": "^4.1.0", "gensync": "^1.0.0-beta.2", @@ -206,20 +206,20 @@ } }, "node_modules/@babel/core/node_modules/@babel/traverse": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.5.tgz", - "integrity": "sha512-czx7Xy5a6sapWWRx61m1Ke1Ra4vczu1mCTtJam5zRTBOonfdJ+S/B6HYmGYu3fJtr8GGET3si6IhgWVBhJ/m8w==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.6.tgz", + "integrity": "sha512-czastdK1e8YByZqezMPFiZ8ahwVMh/ESl9vPgvgdB9AmFMGP5jfpFax74AQgl5zj4XHzqeYAg2l8PuUeRS1MgQ==", "dev": true, "dependencies": { "@babel/code-frame": "^7.23.5", - "@babel/generator": "^7.23.5", + "@babel/generator": "^7.23.6", "@babel/helper-environment-visitor": "^7.22.20", "@babel/helper-function-name": "^7.23.0", "@babel/helper-hoist-variables": "^7.22.5", "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.5", - "@babel/types": "^7.23.5", - "debug": "^4.1.0", + "@babel/parser": "^7.23.6", + "@babel/types": "^7.23.6", + "debug": "^4.3.1", "globals": "^11.1.0" }, "engines": { @@ -233,12 +233,12 @@ "dev": true }, "node_modules/@babel/generator": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.5.tgz", - "integrity": "sha512-BPssCHrBD+0YrxviOa3QzpqwhNIXKEtOa2jQrm4FlmkC2apYgRnQcmPWiGZDlGxiNtltnUFolMe8497Esry+jA==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.23.6.tgz", + "integrity": "sha512-qrSfCYxYQB5owCmGLbl8XRpX1ytXlpueOb0N0UmQwA073KZxejgQTzAmJezxvpwQD9uGtK2shHdi55QT+MbjIw==", "dev": true, "dependencies": { - "@babel/types": "^7.23.5", + "@babel/types": "^7.23.6", "@jridgewell/gen-mapping": "^0.3.2", "@jridgewell/trace-mapping": "^0.3.17", "jsesc": "^2.5.1" @@ -272,14 +272,14 @@ } }, "node_modules/@babel/helper-compilation-targets": { - "version": "7.22.15", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.22.15.tgz", - "integrity": "sha512-y6EEzULok0Qvz8yyLkCvVX+02ic+By2UdOhylwUOvOn9dvYc9mKICJuuU1n1XBI02YWsNsnrY1kc6DVbjcXbtw==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.23.6.tgz", + "integrity": "sha512-9JB548GZoQVmzrFgp8o7KxdgkTGm6xs9DW0o/Pim72UDjzr5ObUQ6ZzYPqA+g9OTS2bBQoctLJrky0RDCAWRgQ==", "dev": true, "dependencies": { - "@babel/compat-data": "^7.22.9", - "@babel/helper-validator-option": "^7.22.15", - "browserslist": "^4.21.9", + "@babel/compat-data": "^7.23.5", + "@babel/helper-validator-option": "^7.23.5", + "browserslist": "^4.22.2", "lru-cache": "^5.1.1", "semver": "^6.3.1" }, @@ -288,9 +288,9 @@ } }, "node_modules/@babel/helper-create-class-features-plugin": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.23.5.tgz", - "integrity": "sha512-QELlRWxSpgdwdJzSJn4WAhKC+hvw/AtHbbrIoncKHkhKKR/luAlKkgBDcri1EzWAo8f8VvYVryEHN4tax/V67A==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.23.6.tgz", + "integrity": "sha512-cBXU1vZni/CpGF29iTu4YRbOZt3Wat6zCoMDxRF1MayiEc4URxOj31tT65HUM0CRpMowA3HCJaAOVOUnMf96cw==", "dev": true, "dependencies": { "@babel/helper-annotate-as-pure": "^7.22.5", @@ -553,34 +553,34 @@ } }, "node_modules/@babel/helpers": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.23.5.tgz", - "integrity": "sha512-oO7us8FzTEsG3U6ag9MfdF1iA/7Z6dz+MtFhifZk8C8o453rGJFFWUP1t+ULM9TUIAzC9uxXEiXjOiVMyd7QPg==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.23.6.tgz", + "integrity": "sha512-wCfsbN4nBidDRhpDhvcKlzHWCTlgJYUUdSJfzXb2NuBssDSIjc3xcb+znA7l+zYsFljAcGM0aFkN40cR3lXiGA==", "dev": true, "dependencies": { "@babel/template": "^7.22.15", - "@babel/traverse": "^7.23.5", - "@babel/types": "^7.23.5" + "@babel/traverse": "^7.23.6", + "@babel/types": "^7.23.6" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/helpers/node_modules/@babel/traverse": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.5.tgz", - "integrity": "sha512-czx7Xy5a6sapWWRx61m1Ke1Ra4vczu1mCTtJam5zRTBOonfdJ+S/B6HYmGYu3fJtr8GGET3si6IhgWVBhJ/m8w==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.23.6.tgz", + "integrity": "sha512-czastdK1e8YByZqezMPFiZ8ahwVMh/ESl9vPgvgdB9AmFMGP5jfpFax74AQgl5zj4XHzqeYAg2l8PuUeRS1MgQ==", "dev": true, "dependencies": { "@babel/code-frame": "^7.23.5", - "@babel/generator": "^7.23.5", + "@babel/generator": "^7.23.6", "@babel/helper-environment-visitor": "^7.22.20", "@babel/helper-function-name": "^7.23.0", "@babel/helper-hoist-variables": "^7.22.5", "@babel/helper-split-export-declaration": "^7.22.6", - "@babel/parser": "^7.23.5", - "@babel/types": "^7.23.5", - "debug": "^4.1.0", + "@babel/parser": "^7.23.6", + "@babel/types": "^7.23.6", + "debug": "^4.3.1", "globals": "^11.1.0" }, "engines": { @@ -602,9 +602,9 @@ } }, "node_modules/@babel/parser": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.5.tgz", - "integrity": "sha512-hOOqoiNXrmGdFbhgCzu6GiURxUgM27Xwd/aPuu8RfHEZPBzL1Z54okAHAQjXfcQNwvrlkAmAp4SlRTZ45vlthQ==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.23.6.tgz", + "integrity": "sha512-Z2uID7YJ7oNvAI20O9X0bblw7Qqs8Q2hFy0R9tAfnfLkp5MW0UH9eUvnDSnFwKZ0AvgS1ucqR4KzvVHgnke1VQ==", "dev": true, "bin": { "parser": "bin/babel-parser.js" @@ -679,14 +679,15 @@ } }, "node_modules/@babel/plugin-proposal-decorators": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-decorators/-/plugin-proposal-decorators-7.23.5.tgz", - "integrity": "sha512-6IsY8jOeWibsengGlWIezp7cuZEFzNlAghFpzh9wiZwhQ42/hRcPnY/QV9HJoKTlujupinSlnQPiEy/u2C1ZfQ==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-proposal-decorators/-/plugin-proposal-decorators-7.23.6.tgz", + "integrity": "sha512-D7Ccq9LfkBFnow3azZGJvZYgcfeqAw3I1e5LoTpj6UKIFQilh8yqXsIGcRIqbBdsPWIz+Ze7ZZfggSj62Qp+Fg==", "dev": true, "dependencies": { - "@babel/helper-create-class-features-plugin": "^7.23.5", + "@babel/helper-create-class-features-plugin": "^7.23.6", "@babel/helper-plugin-utils": "^7.22.5", "@babel/helper-replace-supers": "^7.22.20", + "@babel/helper-skip-transparent-expression-wrappers": "^7.22.5", "@babel/helper-split-export-declaration": "^7.22.6", "@babel/plugin-syntax-decorators": "^7.23.3" }, @@ -1267,12 +1268,13 @@ } }, "node_modules/@babel/plugin-transform-for-of": { - "version": "7.23.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.23.3.tgz", - "integrity": "sha512-X8jSm8X1CMwxmK878qsUGJRmbysKNbdpTv/O1/v0LuY/ZkZrng5WYiekYSdg9m09OTmDDUWeEDsTE+17WYbAZw==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.23.6.tgz", + "integrity": "sha512-aYH4ytZ0qSuBbpfhuofbg/e96oQ7U2w1Aw/UQmKT+1l39uEhUPoFS3fHevDc1G0OvewyDudfMKY1OulczHzWIw==", "dev": true, "dependencies": { - "@babel/helper-plugin-utils": "^7.22.5" + "@babel/helper-plugin-utils": "^7.22.5", + "@babel/helper-skip-transparent-expression-wrappers": "^7.22.5" }, "engines": { "node": ">=6.9.0" @@ -1654,9 +1656,9 @@ } }, "node_modules/@babel/plugin-transform-runtime": { - "version": "7.23.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.23.4.tgz", - "integrity": "sha512-ITwqpb6V4btwUG0YJR82o2QvmWrLgDnx/p2A3CTPYGaRgULkDiC0DRA2C4jlRB9uXGUEfaSS/IGHfVW+ohzYDw==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.23.6.tgz", + "integrity": "sha512-kF1Zg62aPseQ11orDhFRw+aPG/eynNQtI+TyY+m33qJa2cJ5EEvza2P2BNTIA9E5MyqFABHEyY6CPHwgdy9aNg==", "dev": true, "dependencies": { "@babel/helper-module-imports": "^7.22.15", @@ -1831,13 +1833,13 @@ } }, "node_modules/@babel/preset-env": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.23.5.tgz", - "integrity": "sha512-0d/uxVD6tFGWXGDSfyMD1p2otoaKmu6+GD+NfAx0tMaH+dxORnp7T9TaVQ6mKyya7iBtCIVxHjWT7MuzzM9z+A==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.23.6.tgz", + "integrity": "sha512-2XPn/BqKkZCpzYhUUNZ1ssXw7DcXfKQEjv/uXZUXgaebCMYmkEsfZ2yY+vv+xtXv50WmL5SGhyB6/xsWxIvvOQ==", "dev": true, "dependencies": { "@babel/compat-data": "^7.23.5", - "@babel/helper-compilation-targets": "^7.22.15", + "@babel/helper-compilation-targets": "^7.23.6", "@babel/helper-plugin-utils": "^7.22.5", "@babel/helper-validator-option": "^7.23.5", "@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression": "^7.23.3", @@ -1877,7 +1879,7 @@ "@babel/plugin-transform-dynamic-import": "^7.23.4", "@babel/plugin-transform-exponentiation-operator": "^7.23.3", "@babel/plugin-transform-export-namespace-from": "^7.23.4", - "@babel/plugin-transform-for-of": "^7.23.3", + "@babel/plugin-transform-for-of": "^7.23.6", "@babel/plugin-transform-function-name": "^7.23.3", "@babel/plugin-transform-json-strings": "^7.23.4", "@babel/plugin-transform-literals": "^7.23.3", @@ -2177,9 +2179,9 @@ } }, "node_modules/@babel/types": { - "version": "7.23.5", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.5.tgz", - "integrity": "sha512-ON5kSOJwVO6xXVRTvOI0eOnWe7VdUcIpsovGo9U/Br4Ie4UVFQTboO2cYnDhAGU6Fp+UxSiT+pMft0SMHfuq6w==", + "version": "7.23.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.23.6.tgz", + "integrity": "sha512-+uarb83brBzPKN38NX1MkB6vb6+mwvR6amUulqAE7ccQw1pEl+bCia9TbdG1lsnFP7lZySvUn37CHyXQdfTwzg==", "dev": true, "dependencies": { "@babel/helper-string-parser": "^7.23.4", @@ -9024,9 +9026,9 @@ } }, "node_modules/browserslist": { - "version": "4.21.10", - "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.21.10.tgz", - "integrity": "sha512-bipEBdZfVH5/pwrvqc+Ub0kUPVfGUhlKxbvfD+z1BDnPEO/X98ruXGA1WP5ASpAFKan7Qr6j736IacbZQuAlKQ==", + "version": "4.22.2", + "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.22.2.tgz", + "integrity": "sha512-0UgcrvQmBDvZHFGdYUehrCNIazki7/lUP3kkoi/r3YB2amZbFM9J43ZRkJTXBUZK4gmx56+Sqk9+Vs9mwZx9+A==", "dev": true, "funding": [ { @@ -9043,10 +9045,10 @@ } ], "dependencies": { - "caniuse-lite": "^1.0.30001517", - "electron-to-chromium": "^1.4.477", - "node-releases": "^2.0.13", - "update-browserslist-db": "^1.0.11" + "caniuse-lite": "^1.0.30001565", + "electron-to-chromium": "^1.4.601", + "node-releases": "^2.0.14", + "update-browserslist-db": "^1.0.13" }, "bin": { "browserslist": "cli.js" @@ -9154,9 +9156,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001532", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001532.tgz", - "integrity": "sha512-FbDFnNat3nMnrROzqrsg314zhqN5LGQ1kyyMk2opcrwGbVGpHRhgCWtAgD5YJUqNAiQ+dklreil/c3Qf1dfCTw==", + "version": "1.0.30001568", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001568.tgz", + "integrity": "sha512-vSUkH84HontZJ88MiNrOau1EBrCqEQYgkC5gIySiDlpsm8sGVrhU7Kx4V6h0tnqaHzIHZv08HlJIwPbL4XL9+A==", "dev": true, "funding": [ { @@ -10603,9 +10605,9 @@ } }, "node_modules/electron-to-chromium": { - "version": "1.4.513", - "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.513.tgz", - "integrity": "sha512-cOB0xcInjm+E5qIssHeXJ29BaUyWpMyFKT5RB3bsLENDheCja0wMkHJyiPl0NBE/VzDI7JDuNEQWhe6RitEUcw==", + "version": "1.4.610", + "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.610.tgz", + "integrity": "sha512-mqi2oL1mfeHYtOdCxbPQYV/PL7YrQlxbvFEZ0Ee8GbDdShimqt2/S6z2RWqysuvlwdOrQdqvE0KZrBTipAeJzg==", "dev": true }, "node_modules/elkjs": { @@ -15016,9 +15018,9 @@ "dev": true }, "node_modules/node-releases": { - "version": "2.0.13", - "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.13.tgz", - "integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ==", + "version": "2.0.14", + "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz", + "integrity": "sha512-y10wOWt8yZpqXmOgRo77WaHEmhYQYGNA6y421PKsKYWEK8aW+cqAphborZDhqfyKrbZEN92CN1X2KbafY2s7Yw==", "dev": true }, "node_modules/non-layered-tidy-tree-layout": { @@ -18509,9 +18511,9 @@ } }, "node_modules/update-browserslist-db": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.11.tgz", - "integrity": "sha512-dCwEFf0/oT85M1fHBg4F0jtLwJrutGoHSQXCh7u4o2t1drG+c0a9Flnqww6XUKSfQMPpJBRjU8d4RXB09qtvaA==", + "version": "1.0.13", + "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz", + "integrity": "sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==", "dev": true, "funding": [ { diff --git a/web/package.json b/web/package.json index 962e66617..abc1bcfe0 100644 --- a/web/package.json +++ b/web/package.json @@ -65,13 +65,13 @@ "yaml": "^2.3.4" }, "devDependencies": { - "@babel/core": "^7.23.5", + "@babel/core": "^7.23.6", "@babel/plugin-proposal-class-properties": "^7.18.6", - "@babel/plugin-proposal-decorators": "^7.23.5", + "@babel/plugin-proposal-decorators": "^7.23.6", "@babel/plugin-transform-private-methods": "^7.23.3", "@babel/plugin-transform-private-property-in-object": "^7.23.4", - "@babel/plugin-transform-runtime": "^7.23.4", - "@babel/preset-env": "^7.23.5", + "@babel/plugin-transform-runtime": "^7.23.6", + "@babel/preset-env": "^7.23.6", "@babel/preset-typescript": "^7.23.3", "@hcaptcha/types": "^1.0.3", "@jackfranklin/rollup-plugin-markdown": "^0.4.0", From c6c6646fd5689e94da77cc7228825823939c9d0f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 15:01:13 +0100 Subject: [PATCH 08/16] web: bump lit-analyzer from 2.0.1 to 2.0.2 in /web (#7858) * web: bump lit-analyzer from 2.0.1 to 2.0.2 in /web Bumps [lit-analyzer](https://github.com/runem/lit-analyzer) from 2.0.1 to 2.0.2. - [Release notes](https://github.com/runem/lit-analyzer/releases) - [Changelog](https://github.com/runem/lit-analyzer/blob/master/CHANGELOG.md) - [Commits](https://github.com/runem/lit-analyzer/commits) --- updated-dependencies: - dependency-name: lit-analyzer dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * fix Signed-off-by: Jens Langhammer --------- Signed-off-by: dependabot[bot] Signed-off-by: Jens Langhammer Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer --- web/package-lock.json | 8 ++++---- web/package.json | 2 +- web/src/admin/applications/ApplicationForm.ts | 10 +++++----- web/src/admin/outposts/ServiceConnectionDockerForm.ts | 4 ++-- web/src/admin/providers/ldap/LDAPProviderForm.ts | 2 +- web/src/admin/providers/proxy/ProxyProviderForm.ts | 2 +- web/src/admin/providers/saml/SAMLProviderForm.ts | 4 ++-- web/src/admin/sources/ldap/LDAPSourceForm.ts | 4 ++-- web/src/admin/sources/saml/SAMLSourceForm.ts | 4 ++-- web/src/admin/tenants/TenantForm.ts | 2 +- 10 files changed, 21 insertions(+), 21 deletions(-) diff --git a/web/package-lock.json b/web/package-lock.json index 27fd5155e..868cafb86 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -83,7 +83,7 @@ "eslint-plugin-lit": "^1.10.1", "eslint-plugin-sonarjs": "^0.23.0", "eslint-plugin-storybook": "^0.6.15", - "lit-analyzer": "^2.0.1", + "lit-analyzer": "^2.0.2", "npm-run-all": "^4.1.5", "prettier": "^3.1.1", "pseudolocale": "^2.0.0", @@ -13749,9 +13749,9 @@ } }, "node_modules/lit-analyzer": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/lit-analyzer/-/lit-analyzer-2.0.1.tgz", - "integrity": "sha512-4bHJLCbxywMHd9bnVkLDkCSHXs/KrlwUks75EhYtJNdzH07O5BSVdZdadbw4T2AvuYxb0xRO4ZjqgQJCkp8Kjg==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/lit-analyzer/-/lit-analyzer-2.0.2.tgz", + "integrity": "sha512-Is3cx8ypCVq5uNl8EKkPdlLuV3HDVntDVUeLNQlzTM2Je3uG5wHcn+06NB+yhCoa4rhwwXCjprU/7g21CSFqOA==", "dev": true, "dependencies": { "@vscode/web-custom-data": "^0.4.2", diff --git a/web/package.json b/web/package.json index abc1bcfe0..c10417206 100644 --- a/web/package.json +++ b/web/package.json @@ -105,7 +105,7 @@ "eslint-plugin-lit": "^1.10.1", "eslint-plugin-sonarjs": "^0.23.0", "eslint-plugin-storybook": "^0.6.15", - "lit-analyzer": "^2.0.1", + "lit-analyzer": "^2.0.2", "npm-run-all": "^4.1.5", "prettier": "^3.1.1", "pseudolocale": "^2.0.0", diff --git a/web/src/admin/applications/ApplicationForm.ts b/web/src/admin/applications/ApplicationForm.ts index 3401b1d6d..64ed05adb 100644 --- a/web/src/admin/applications/ApplicationForm.ts +++ b/web/src/admin/applications/ApplicationForm.ts @@ -142,21 +142,21 @@ export class ApplicationForm extends ModelForm { return html`
{ @@ -215,7 +215,7 @@ export class ApplicationForm extends ModelForm { ? html` ${this.instance?.metaIcon diff --git a/web/src/admin/outposts/ServiceConnectionDockerForm.ts b/web/src/admin/outposts/ServiceConnectionDockerForm.ts index 7fd8731ad..ca15d552c 100644 --- a/web/src/admin/outposts/ServiceConnectionDockerForm.ts +++ b/web/src/admin/outposts/ServiceConnectionDockerForm.ts @@ -88,7 +88,7 @@ export class ServiceConnectionDockerForm extends ModelForm

${msg( @@ -101,7 +101,7 @@ export class ServiceConnectionDockerForm extends ModelForm

${msg( diff --git a/web/src/admin/providers/ldap/LDAPProviderForm.ts b/web/src/admin/providers/ldap/LDAPProviderForm.ts index f7853e7e1..7a6a2eb81 100644 --- a/web/src/admin/providers/ldap/LDAPProviderForm.ts +++ b/web/src/admin/providers/ldap/LDAPProviderForm.ts @@ -206,7 +206,7 @@ export class LDAPProviderFormPage extends ModelForm {

${msg( diff --git a/web/src/admin/providers/proxy/ProxyProviderForm.ts b/web/src/admin/providers/proxy/ProxyProviderForm.ts index 9886c9be3..5f8e79c56 100644 --- a/web/src/admin/providers/proxy/ProxyProviderForm.ts +++ b/web/src/admin/providers/proxy/ProxyProviderForm.ts @@ -324,7 +324,7 @@ export class ProxyProviderFormPage extends ModelForm {

{ name="signingKp" >

${msg( @@ -188,7 +188,7 @@ export class SAMLProviderFormPage extends ModelForm { name="verificationKp" >

diff --git a/web/src/admin/sources/ldap/LDAPSourceForm.ts b/web/src/admin/sources/ldap/LDAPSourceForm.ts index a927eae29..188f177fe 100644 --- a/web/src/admin/sources/ldap/LDAPSourceForm.ts +++ b/web/src/admin/sources/ldap/LDAPSourceForm.ts @@ -206,7 +206,7 @@ export class LDAPSourceForm extends ModelForm { name="peerCertificate" >

@@ -220,7 +220,7 @@ export class LDAPSourceForm extends ModelForm { name="clientCertificate" >

${msg( diff --git a/web/src/admin/sources/saml/SAMLSourceForm.ts b/web/src/admin/sources/saml/SAMLSourceForm.ts index 9e9fb8392..49ba30b28 100644 --- a/web/src/admin/sources/saml/SAMLSourceForm.ts +++ b/web/src/admin/sources/saml/SAMLSourceForm.ts @@ -272,7 +272,7 @@ export class SAMLSourceForm extends ModelForm {

${msg( @@ -285,7 +285,7 @@ export class SAMLSourceForm extends ModelForm { name="verificationKp" >

diff --git a/web/src/admin/tenants/TenantForm.ts b/web/src/admin/tenants/TenantForm.ts index 59048d987..438396660 100644 --- a/web/src/admin/tenants/TenantForm.ts +++ b/web/src/admin/tenants/TenantForm.ts @@ -235,7 +235,7 @@ export class TenantForm extends ModelForm { name="webCertificate" > Date: Tue, 12 Dec 2023 14:46:51 -0600 Subject: [PATCH 09/16] website/blog: okta part two blog (#7863) * okta part two blog * Optimised images with calibre/image-actions * fix quotation marks Signed-off-by: Jens Langhammer * fix some more quotation marks Signed-off-by: Jens Langhammer --------- Signed-off-by: Jens Langhammer Co-authored-by: Tana Berry Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer --- .../2023-11-1-happy-birthday-to-us/item.md | 12 +-- .../item.md | 4 +- .../item.md | 93 ++++++++++++++++++ .../okta-timeline.png | Bin 0 -> 97165 bytes 4 files changed, 101 insertions(+), 8 deletions(-) create mode 100644 website/blog/2023-12-12-oktas-october-breach-part-two/item.md create mode 100644 website/blog/2023-12-12-oktas-october-breach-part-two/okta-timeline.png diff --git a/website/blog/2023-11-1-happy-birthday-to-us/item.md b/website/blog/2023-11-1-happy-birthday-to-us/item.md index 684975a1b..a49487d74 100644 --- a/website/blog/2023-11-1-happy-birthday-to-us/item.md +++ b/website/blog/2023-11-1-happy-birthday-to-us/item.md @@ -1,6 +1,6 @@ --- -title: “Happy Birthday to Us!” -description: “We are celebrating our one-year anniversary since the founding of Authentik Security..” +title: "Happy Birthday to Us!" +description: "We are celebrating our one-year anniversary since the founding of Authentik Security.." slug: 2023-11-1-happy-birthday-to-us authors: - name: Jens Langhammer and the authentik team @@ -56,7 +56,7 @@ Once you get to know Jens, you won’t be surprised to his answer about what he That task alone will scare most of us. In software, team work is most definitely what makes the dream work, so finding the right talents and skills sets and experiences to compliment Jens’ deep technical skills and full-stack experience was of paramount importance. We now have developers with expertise in frontend and backend development, infrastructure, and security, a well as a content editor. -Of course, it is not just the technical skills that a potential new hire needs; as important are less-measurable skills like collaboration, communication, and perhaps most importantly, what we call “technical curiosity”. +Of course, it is not just the technical skills that a potential new hire needs; as important are less-measurable skills like collaboration, communication, and perhaps most importantly, what we call "technical curiosity". > How does this thing work, from whom can I learn more, and with whom can I share my knowledge? @@ -90,10 +90,10 @@ An interesting offset to our shared love of building is the shared sense of humi The tone and espirit of the company is one reason it’s so meaningful to celebrate our 1-year birthday; we can happily celebrate a hard year of doing things with full, enthusiastic engagement. At authentik, nerdiness is embraced, technical curiosity flourishes, and transparency is a big part of our nature. Speaking of how we communicate with our community, our Discord forum is (in addition to GitHub) an important place where transparency matters. For example, we recently asked our community what they preferred for a release cycle. Based on the answers, we lengthened the release time from from monthly to every two or three months. -Moving from a role of solo creator of an open source project, to being primary maintainer of a popular, growing project, to suddenly being CTO of a company based on that project is a quite a transition. A natural question we wanted to ask Jens is “What’s been the hardest thing about building a company?” His answers: +Moving from a role of solo creator of an open source project, to being primary maintainer of a popular, growing project, to suddenly being CTO of a company based on that project is a quite a transition. A natural question we wanted to ask Jens is "What’s been the hardest thing about building a company?" His answers: -- “Recognizing and accepting that you don’t get to work on only what you want to, 100% of time… “ -- “Learning to delegate, learning to let go a bit, trusting others to do it in their way, in the right spirit. Especially letting others get into the code… I’ve learned that instead of saying ‘I would not have done it this way’, I instead measure the success of the change itself.” +- "Recognizing and accepting that you don’t get to work on only what you want to, 100% of time… " +- "Learning to delegate, learning to let go a bit, trusting others to do it in their way, in the right spirit. Especially letting others get into the code… I’ve learned that instead of saying ‘I would not have done it this way’, I instead measure the success of the change itself." ### What’s up next? diff --git a/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md b/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md index ff1e0bf24..6814a8857 100644 --- a/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md +++ b/website/blog/2023-11-30-automated-security-versus-the-security-mindset/item.md @@ -1,6 +1,6 @@ --- title: Automated security versus the security mindset -description: “Automated security plays a key part in many cybersecurity tasks. But what are its failings and will a security mindset always require the human factor?” +description: "Automated security plays a key part in many cybersecurity tasks. But what are its failings and will a security mindset always require the human factor?" slug: 2023-11-30-automated-security-versus-the-security-mindset authors: - name: Jens Langhammer @@ -142,7 +142,7 @@ Once new and significant threats are detected by the automated security, it is h ### Human-centered cybersecurity -Despite the growing technology around automated security, and the temptation to relax when it is deployed, there are human factors that are irreplaceable in the practice of cybersecurity. We recently wrote about the importance of the “Blue Team” and how [organizational and product hardening](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#hardening) are an integral part of our human-centered security mindset. +Despite the growing technology around automated security, and the temptation to relax when it is deployed, there are human factors that are irreplaceable in the practice of cybersecurity. We recently wrote about the importance of the "Blue Team" and how [organizational and product hardening](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#hardening) are an integral part of our human-centered security mindset. - The human ability to think creatively and rapidly adapt to changing situations is invaluable to good security processes. - The higher the security risk, the more you need skilled security professionals to supervise the security process. diff --git a/website/blog/2023-12-12-oktas-october-breach-part-two/item.md b/website/blog/2023-12-12-oktas-october-breach-part-two/item.md new file mode 100644 index 000000000..24284f79a --- /dev/null +++ b/website/blog/2023-12-12-oktas-october-breach-part-two/item.md @@ -0,0 +1,93 @@ +--- +title: "Okta's October breach part two: a delayed but slightly better response" +description: "Okta continues to revel more information about the HAR files breach first revealed in October; now we know that a service account was involved, and 100% of their customer support users were impacted." +slug: 2023-12-12-oktas-october-breach-part-two +authors: + - name: Jens Langhammer + title: CTO at Authentik Security Inc + url: https://github.com/BeryJu + image_url: https://github.com/BeryJu.png +tags: + - authentik + - security mindset + - incident response + - service account + - Okta + - SSO + - HAR files + - identity provider + - authentication + - Authentik Security +hide_table_of_contents: false +image: ./okta-timeline.png +--- + +> **_authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a [public benefit company](https://github.com/OpenCoreVentures/ocv-public-benefit-company/blob/main/ocv-public-benefit-company-charter.md) building on top of the open source project._** + +--- + +On November 29th, 2023, Okta [revealed](https://sec.okta.com/harfiles) that a breach they announced in October was much worse than originally conveyed. The number of impacted users went from less than 1% of customers to every single customer who had every opened a Support ticket in the Okta Help Center. + +> So the impact leapt from [134 users](https://sec.okta.com/articles/2023/11/unauthorized-access-oktas-support-case-management-system-root-cause) to [18,400 users](https://www.beyondtrust.com/blog/entry/okta-support-unit-breach-update). + +We wrote in October about Okta’s poor response to breaches (see [Okta got breached again](https://goauthentik.io/blog/2023-10-23-another-okta-breach)), but since our blog doesn’t seem to be changing Okta’s behaviour, let’s take a closer look at the new revelations from Okta about what happened back in October, how it is impacting users now, and why Okta is still dealing with it in December. + +> Now all of Okta’s customers are paying the price… with increased phishing and spam. + +Our take is that any company can be hacked, but it is the response that matters. How quick is the response, how transparent are the details, how forthright are the acknowledgments? Okta’s initial announcement about the October breach (remember the [HAR file](https://goauthentik.io/blog/2023-10-23-another-okta-breach) that contained a session token?) was less-than-timely, devoid of details, and titled with one of the worst titles ever given such a serious announcement. + +![screenshot of the timeline that Okta published](./okta-timeline.png) + + + +## Looking back at October’s breach + +With the original incident, probably what most people now recall is not only the technical details of the session tokens that were exposed in HAR files, but also the very slow response time. Turns out 1Password reported the breach to Okta on September 29, and [BeyondTrust](https://www.beyondtrust.com/blog/entry/okta-support-unit-breach) reported the breach to Okta on October 2. But Okta waited three weeks before announcing the breach on October 20th. + +In this October 20th announcement, Okta CISO David Bradbury stated that the malicious actor had gained access to Okta’s Support dashboard and retrieved only names and emails addresses for a very small number of customers. He explained that the hacker used session tokens that were not scrubbed from a HAR file (which Okta support routinely asks their customers to submit, for troubleshooting purposes) to gain access to specific customer’s accounts. But what wasn’t revealed at the time (because Okta themselves did not yet know) was _how_ the hacker obtained access to the Customer Support dashboard to access customer accounts and then download associated HAR files. + +### The second **Okta shoe fell in early November** + +As mentioned above, the new information revealed by Okta came from their security team retracing the steps of the original malicious actor. Okta’s research and analysis was greatly aided by the fact that [BeyondTrust shared a suspicious IP address with Okta](https://www.beyondtrust.com/blog/entry/okta-support-unit-breach-update); the IP address that BeyondTrust believed to be the hacker’s. + +**Initial access gained via a service account** + +This new finding, based on retracing the steps of that IP address, show that the initial breach occurred when the hacker obtained the credentials for a service account "stored in the system", which provided access to the Customer Support dashboard and had permissions to view and update customer support cases. The hacker then reviewed customer support cases, downloaded the associated HAR files, and retrieved the session tokens. + +From the [November 3rd announcement](https://sec.okta.com/articles/2023/11/unauthorized-access-oktas-support-case-management-system-root-cause), we now know that the service account credentials were exposed through an Okta employee’s personal Google account, which the employee had accessed on the Okta-issued work laptop. + +In announcing the service account’s role in the breach, Okta’s CISO stated: + +> "During our investigation into suspicious use of this account, Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop. The username and password of the service account had been saved into the employee’s personal Google account." + +The use of the service account was discovered on October 16, by examining the activities of the IP address of the hacker that BeyondTrust had supplied Okta. This begs the question of why Okta did not revel the malicious use of the service account in their October 20th announcement. Perhaps they did not yet want to show details of their internal investigation? + +### And a third shoe in late November + +Now fast-forward to Okta’s [November 29th announcement](https://sec.okta.com/harfiles). Back in October, it was known that after the hacker accessed Okta’s Support dashboard they ran queries on the support database to create reports containing customer data. In the November 3rd announcement Okta shared that the report was thought to be quite small is scope; this is the infamous "less than 1% of Okta customers" statement. + +But after more internal investigation and recreating the reports that the malicious actor ran, Okta announced on November 29th that their original statement that less than 1% of their users were impacted by the October breach was incorrect. Instead, Okta revealed that the scope of the report was much larger, and indeed concluded that "[the report contained a list of all customer support system users](https://sec.okta.com/harfiles)". A total of 18,400 users. The only customers that were not impacted are those in FedRAMP and DoD IL4 environments, who are on a separate support platform. + +> An aside, perhaps, but the timing of Okta’s update is interesting; the announcement was released on the same date as the quarterly earnings report. This could be seen as transparency, or it could be seen as damage control. (Also, why in the heck is Nov 29th within Okta’s 3rd quarter of **fiscal year 2024**? But we aren’t writing here about Okta’s financial schedules; I digress.) + +**Filters removed from report** + +Apparently when the hacker ran queries to gather customer data, they used a standard template available from the dashboard. However, they removed all filters on the templated report, thus grabbing much more data then the original template would have returned. + +In addition to removing all filters on the report, it seems that Okta’s original analysis of the logs pertaining to the breach failed to take in to account exactly HOW the hacker accessed and downloaded data: + +> "For a period of 14 days, while actively investigating, Okta did not identify suspicious downloads in our logs. When a user opens and views files attached to a support case, a specific log event type and ID is generated tied to that file. If a user instead navigates directly to the Files tab in the customer support system, as the threat actor did in this attack, they will instead generate an **entirely different log event** with a different record ID." + +## Now what? + +The third shoe has dropped, but it feels like there might still be a fourth. Maybe even more data was stolen, beyond just email addresses. Perhaps the malicious actor gained more sensitive customer data when they were able to log into specific customer’s accounts, but are sitting on it waiting to use it. Perhaps the explorations by the hacker form within the customer support system reveled other weaknesses that have yet to be exploited. + +So while we are all waiting with baited breath to see if Okta can squeeze even more drama into 2023, here are a few tips to consider: + +- If you are an Okta customer, do indeed follow each and every one of their recommendations, listed under the "**Implementing recommended best practices**" section of their [November 29th announcement](https://sec.okta.com/harfiles). +- Be aware of Okta’s plan for a 90-day pause on new features. During the [earning report call](https://seekingalpha.com/article/4655057-okta-inc-okta-q3-2024-earnings-call-transcript) on November 29th CEO Todd McKinnon stated "During this hyper-focused phase, no other project or even product development area is more important. In fact, the launch dates for the new products and features that we highlighted at Oktane last month will be pushed out approximately 90 days." +- As Okta advises, be on the lookout for more phishing attempts and stay hyper-vigilant. +- In general, across the board, be vigilant and adopt a "[security mindset](https://goauthentik.io/blog/2023-11-30-automated-security-versus-the-security-mindset)" (as valuable and maybe more than any technology). +- Consider breaking out of vendor lock-in and using an on-premise, open core solution such as [authentik](https://goauthentik.io/). We realize change is hard, but continual breaches and uncertainty around when a breach has been fully contained is also painful. + +We’d be happy to talk with you more about your security and identity management needs; reach out to us with an email to [hello@goauthentik.io](mailto:hello@goauthentik.io) or on [Discord](https://discord.com/channels/809154715984199690/809154716507963434). diff --git a/website/blog/2023-12-12-oktas-october-breach-part-two/okta-timeline.png b/website/blog/2023-12-12-oktas-october-breach-part-two/okta-timeline.png new file mode 100644 index 0000000000000000000000000000000000000000..69e0a8aa25796686cfe6e99baf7a93ee63b37f6e GIT binary patch literal 97165 zcmcG#XHZk^+Q*BC6hW#|q<57jASLu(q^T%~bO=NxfDnq2CPj+$-UAAViu5L31R+Qu zC^b}tkkCu$fxubp_u2d1@67pdz8q&9W?+?jUF&N1_5ZDyd#3tVE?>V)Mn-nU&_L$_ z85ud6jO@Y^H6`$y23hiA;0MhM11lIA87=eq{|moof=|fE_{a=(G#|d4T${Nx!82M- zwKXY`rsehas{gOU^)?fo0kXu|StK2BE@g03+RRiuz5jM&Yw+bdJNu`>PRD2&MWfwx)OIM#y zQ55!wah~<+Eu8{pY=c6!{e&7k^_CusK<@GcJU3H-3_U> z-3Rc!QOkZ#&({01fja{PU{PtniIss{om7im4C>;%LA&>lu&HK0ffJvo0VfiU@CD<9 zA8hs`zgzq_D`Y-y6-{||v`za>x%_Z7jC5dBY1eiOetNi&C>DA;i`Rt@1IDvZhe1pO4%_0qIB-S@&z zlb_O9TRm0g&7mOni57^XRd$Twr$_h>`C~3@Q+Cj)X&($a5G@X4#PR)%fB}CQ_nw90 z(_v`U#thgXsI)9EXdm;xZz*#AH#WGF%B$;7jEPpfk-T9YMY&FSggfIBQbYY@t7~z) zmsiS6b?@Q$etf2VaFf{a$^Mk*L3+@}_*ndAgo=KH)d!Hl`Q7>`{Kl*x>9S~*+B~lw z4%@}uVYAI!rTKnO{{2iw8SlPQY|=_bbIwO=R(R=iJ@{}vnVwlfQ;c>-XsF@E#6{A# ziwtS{Jn&+Vxul@rjV3%1spju7voyE1!zYMNcF*uoK=KVlFoLtIOjY+ryno&-9q}gg ziTbC9kXG%3(o#*8ZvK}E?XjWrJPg!@;vkfB}Xylvj8i^{7##ABz6A&=^OxIy+N+)`V6D3TWbTY)ZwbO>IsYe)YUtjS^c`JQx&6|S zagFb{A~2yScj(+x*K@l7@pe4X%v4!UOMtHSIA|i)y*!v9;qk_@niP)o?~Rl6xx92FqIiQ} zS{@zGogw~}1I{19<%WdGY!nq`lLzy&X{M-dVV8Hg6i;d_evj?PBh`9mA(a)e<(zib z2L)#*rK{zf_Vt@b0sLqS^8J!-i+Iy{V?NESa3Nm52}j$-A#H~BTOr3&bN^)>-IBh& zv_G#kKj!LOkI9J1c++!J*hLs3{LJ}SPxg3?gr0461T51~(GrA4)&`+xRPP+-r$VeC zVqp`XnYuB5Xxx?PJn{~eqexvigWA`!lSQeJy4mY^y>YzJBaj=uKje^vKMh*w(GW#bI%y>P zCX`>FVZw`8(Z4%ALWd0gPof2ELAZF+!(bE-x!YXVYj>aRm-I5)#UIcGk$sU?cC z&8uj~*LO|~o*=;W zl)@S`x(y9ntKDNgAHDsv`Q_8CU;4c3u__0vz(r}{4OGGnP<98|Rb#S&I9TePC`Jaw zKd&nYfS*bKcZ}rNm@Nza%BOfjkgGxa-RT~?g2fo!nlI->!tmPRnusO9;BjN|69;Q1o=DivyG|UZf|9-E zc;NUB;GWJMwW0iI%E|11jP~K)*+Iye!hbKQ{jCmFXo3V+a!^7W;2Q3o13~D4D9Uh^ zKbHgl zI8+F3dj1#SfRjH+SnIQ{uCVGkkevyewY*YHtxs?Y{-2Y(8Q!WW*qgHfZ{(dQ|J+R=8Qa83n9lY!CFK3<_5#U=nyL7gy)aSu zhUDr=%N$9v5BAT}=A%py%5&Q%+I;A6t*>*}S`UT-7}J3VYipm|YI*G!C^LL~t%&5h zZQ9exGeJcteag_|Q>xVVYf|flDyx+gmdDfDS1EG zjPfJ~m1}k|VzXuAc(Wsf#K~d(^xd1Eak7Jt)m;T&%e^ymj+54ta83ZZmLIh6 zU7vg$v^QFIMdx^+2525aie3ec&l(L=U8AT4daSz2Z+|)`#DE5cb9^;)3aF)}#!Ab@ zi{l-qzE;rcAD`op5TIvSU$D_!s~a|5m5M?q=fpb4%UNVU|NLpCV}t$*wCXHYs{Lzw z@hPESiWf|nb52zKDV%BZ+a8~j+c@oQWCh9hU5VX0W@FX2YXVjM(LL=r8u0uHyeB1{ zqeh@6HU?9y=6<)CeqL6-qECZ@1ou(V9kyiQ*M3=NQ(isEI2?{(5Z;Qv$l_$#ak5s} z1C+4)BH7@SU`o&GZ=!FHsno7_b}%5{JGSkOm9_V{LF@z8>xr)AbEo@_q}HB!T@~1s zrkI29izrfb*8ux7wYO0xpbk03@GGx0wa+vjJYTEs-Eek%9?C~Al%m4GswFqLm}%cW z{c<7Rm%O6p=dHamd7$yM6jtczz@`|D(KJtaw4`5=pD0AMOg=A5=k}X;X9HhMcL97( zYTVY}_R6limCDUh7^ zVMp;JUpjTP7EcW#xh+NsRH@5qRV=B<#o};DZ6E8&QqU#ej(o5zs93@6yE1j&_;&D7 ztR;qfrdWIbxff^Kl3bmldmr4J=L}tW`=~`tXUuYn=wuAE;UDp0X6hs#iCxZ6;}7Ol z-od+8$}9VQLxaX+=Y9FbDL6jga!Qyb!s=He;LN4{JaxWk)q{~sOy1w=`xZK>c)!#% z@VSMpVO~pv*tWTVmZN3uo0A47f5#BFt)Bg|pp5B?fB6DdSIwuZf?Hu+VfsbalY-{1 zqr(N0sfT9(-H5x9nhoh@s@q$tDwRjZH&1A3xU=Q9ufA?eu<342B)M{Sw2 z1bzviLkez-RI9`LpB=Ouec=g;m!?GazTBP5Iw^2}Y>?^<@f$qcQ-Fr8N91=~R@UjB zLdQ43tDgIxLWoQqy(c5`Gaq~5*ad%*OyZuEDvstTx&CxHV5GC%Y2$j!*|9`>yKaah zK40FXB2Z=SJ*gzqu6gn!8eii^8s^D88?6j})H`iRrX^o(Ak=?|t$1@F-OFWu?AXp8 zUYW3+o?I=b_5jQkiIobo1zBj^2lcV%lr zd+_X2v>1*8uaBvy-SiWujaBt*MUOaE1-FVO*HOobYFJLOq4G+a&e5`2$fU20`Vs-K zK*f3#eY}x+J!F=>_i0hQ1wMIG@v)Fwl!V;o-K6R_$+`l{{Ib#sq$Tr1;XP%&${FEj zBibEAs132SZR=vshq-tDB!@G8!REMyH6u=1sn!?q&;AOI_yVqH$$M7;x}4)y@yY%7 zGZbVY)*0N@cxS=>@ZF$dQ3vs=vs`eyS=)BH@?Ipv+lF1Mm?I9a!M(2(>ZS+5!=Aml z{=%ekJHlDP*-=47JIFqc1K5C-A(jz&6IR{(Iw|-~I=aD&DPb30Ov|EfYd0;ukG%!I zjWMnO;qz)u)x7`Q7U=)l&1^J+HvF0LAYoNmHcq5Pyn&d62YT>Nu1%xmB#dird0xOq zQ;wt|B z`(u`+O7EgqlJ7T0|Iw*ynSU!bMwk5UCiM%xyj$NrjB88>rc&~(z|`o&(vP9$CR{wq#SUhyNMy}W+xiAyiH{}<;W&)9;!ar=&y&U$N) zCKuAdm)gP4v7C6lkUX(J>#aM3k3Q^5Ww951kt7%=U?aaC#j7TbUU&O)KQTGGT|rbR zJHKB$>VQ`=wzC^`=D6vjjUc*KBh^Nq z@mTp}>0^Zp?SO2%Sko_AwhpZwkbgv30}q@u5R88~rNtMQY`c_sq=#EWaw!9wfR zH4jX3aV@*a9m_&!;#C>*acaT1du-wt2*TDf_CT&KTd%f0YtA?oLA;#5i`X*>8IU*= zK%ac^`V=mCbhQ~qZ=0G3@AIg8XDSrsQIBU2(Qfeh?&-&@yRayVL@>zE)6ϔ|U+ zTdloW<8lrMGoNZq1*%W6v2l;fE6-o-W`KnNZ=tM4bZ4k~zckmQ`R)md%6V6LO20VC z${BmGTWyFaGKGE1Q;-7NkGdHLE;mehSZ{u#19G9SWETE}UfI0hwC8)ITD~*Cj#P>! z5ohBYOI2O?_Q=pQP@APk(~h{N5+q|Oc)a<_?^`=2t;uORxKV>qYT`C#=*_~${%^N# z`{p}(&Y;CK^XCCXWJdju4!)*S^w?6j5reqR((BV7GNjcw*~wp2dxR^}9V2g0^BTkt zb3R>cxx83i5g#*2>RrHh%<)NHivHheM8EVgsP#`je(?o2+~w3!K~YTi>f`eMkamgVb^nY>5ZOy>FDJ zl+_wSpqB|fT*e$R)jRF zP~+@|yOJ%a$R%pq_jakVUGCjxjkt`KV4{k5w(po#S#X@WgNSF)l_?p8WX9eR(Jbo7 zDfdR(Om`YR;BG80gSzDwcTshOA3 z;kTljwVmx04(x|_fcceOZ}Ayx^NIr7Zp*V&td0m&zhf^wp$maYSEj(BxL~OJXJ{Tw zo->X?wd%s&*M$+AJb|!{*EEIE?^~3Rh3))T$VCEN%UDZ*Nsm8w3oMC8Ge2;Gb#A>i zi&MrTAzOJ;h$^D6DL&ec;;FBH3Z!N)*EmO65*M`dgjjdwEtmMTc#SROf>SGwOm!-_ zn=Q-C=T`gH&B1`o_IdCmW^gNVO?aDbKs5lMrW)ad%D?LGUnu|7)Nk<-d9?D z+b%JHsu@nv(#2`hOgHvErv|Ze7Koj`K@7O~{whCOv%yzknDn`-SBA8rjIYVS@(-V@ z>^e&BOzlGGv(bS}VPDi@YenFC)W}5f-I$Klw5lPQ@gtBkzvqz%It%Q->W0`^=f4e6t9e%KgHY-?KY_R_Hp7 z&Y)v?Oj1a2mSg0nQ$+bT>@O^S=KYY@cx<{;Oh+FXMmM}rka=a2Hx?d_1s9hoFVdRdOx%N51p|<%?rsWzQ>Pe za>(-P`uMlJjl&Q$U~+}NS~_u2rmE);MMbfJLBBkbAlbJE(cKz;AZ3oPgYKLOUgRPl zGzule952{Xl5Jo6qDW_IBOjV@>7jG&lY}X6O#`M#zVBS=e4<-K+b!vs`khBu4!Edj zjav#N2zSU-1ayjxlnU-C+}TGhG^SVX{|Ss|F{FFne?i&Q&cGb%TXk1IDL)n}AWRg| z@cOLz(nCbU=_?bpICmasKCCW~T?UcZ&lCq9SzaQa&&QDF-C&<1)*5N`(RTVdDL`4qoe z@Hy#+MRepc-eVM!kqNGO$9cvE6=dn%Kh{MoRFEBAR_hsS4d^lrSILF>2)`K)-Z~UB3QsC6R+-25hLvt7D1T9%c)AkH6LZ5Z=Go^HN8DcEGBUNB{zd#BFo z9;VVJ$VT3ZI4#T4YBIwU9v`~m zqE7E#U{-rd$q#O2KBEPB|2}D4WlI>&nep=Yode6&%HUcl8J!97zzM3Rk6rI$J?n;K z%ns#skWRl(VuFqXGuHUeJWnI(1}+72!9N6eyh(khu=Qm0p=dkdTEow+`?%&eFH6y`wLVYnmfhk;_l>{uWtPu0;893A$Axb~ z*g8dZ%3JsNE{CixL8C3Kv;(9|as5c9ljQ!u+m1`6RFfw@%s zs#HB6?6=8jF?m00h|o?5`*bvP#3-68D8_N8SQK%kO1HE6lpoFXB22|vML-hTy@xYS zf?&I~V?l9*qG{2keFbTR1N<_1#MI{p%k0N8^N za{@WMSR5z5G?FzD1!AF)Mas4~@UF;7P294L;2F3nzv{n3)5Kb}tUL9tW9wo**6N-f z*WopyqcYT#wvmVdpB^rc)oh8ZVSg}?j z@&>JOoE^r!fs*+{=}nFvHQZBAz{lc+@lop^(ODC4q{x1W;Ioq)VlvZCk~$dQgOndo zK7%MUtPNGuy=#AC+bhu3AP z_kgmd7Ja3f7shD#L3D2~R%Hi9GD37Q9IJEGfVN|&m$l-kk1rC2_5E=ETw&7-7;f(( z7Fv2(Y=<9@)3b!W-QM{oV0z}^iPc_GMZ%z;E)!6|WTOofjm&W)ZkS5s$3pVG^i&qz z;*Ij0%mTksL><1q*gfOq4AW1VX`(;ma_*w7<7jY?3lwVmYW{4y)DsFikq;o-|1Cuj z|L}|7>VmazFWex2G>Zqmq#je>69AXk>6h2&P$y#4-?k!dG^HC z%`79vT%XR^PG?*~hyL+g{EP%X+coD?!xT3h_f$f}*atlQwlM@*>*t~y&t~Yinpfmt zX+RgiVnY!~OBeJ`d?x$OOxZ>jCt>>n9k-s5vP@ zTtqEHH-<~I4)bV7Gxx=oK`WozUx!xc##9o-eW?J&sQe4hhwk~{*^_Wp08E{>L!o7* z1AdhBLCTw7D)>q=u5#j9hwJ@mZnz&L0)gQO7>`s|&&PtI$puX3q7#ppt%6QpU*Y>` zur!_wc?Bfv-hEkzDiPFO#lV3GjfU(mrXcFK4x) zF75QfO}rgdeBSf=bbqkv_5W4Ejy!Nnb582ycI+3+^{`)jA`pVgNSEeUe z4oB^~d)fIrE+?1gyJwROf};njWMSFy&p91sBparHX*I2lkb7M}ddJ;_fGXW$3f!WO$pH88c*NoSf6PunU5|d_~yn^z}lNq7H>UjO!nzk=BY3zSe6x=kIhav zJaJuH7)Hi0ED51crEV74#eV+k#=e~>j2SeM0-bvzr)F6$Za8+AKPN_Xd3 zif?q`qI{ISl0x<6bKPJcW4sJUW0|y>6&R1R{c^{ z7(yB7yq|y>g^}+KpP$G$<}ounF3zcBRx4M~>!Fx>E_&r__&A~SY4{ypfJv_sMWUqK zsPjIyQ!{gEmGbjV{wjURe(O(Qs>FUEr6O6UT3AVp;pSvalnfaEUh*swR>KTopqA4g z5=stxV$*fBWL*~;kyIM|Q{cz&2>A_i*F6s?I1KC!&YzN>_=K`ixf4T1@o9m*yayu! zx)ZLD@4*rFi zw#)s8NDx#3@pe2zmnpXpM#77osCx_$b9r{t-D_!Kd8YI0%=`sg{9t!Pjk;3(HyZ2P z2VvA4oX6Ten4IkzG5?3VqhT|9xC`nUrum)^G$}8^-4AnvlT3?eUbf%jtClFXwLg-Q z?{64*R3pr}_rv;bl8!S(8F!oa^-Fmc?&N$r8D_K-pFK{am4+Wj6X1_xPtG#kQV$gT z?b<%1a8@n}j!+k6A;J>i+@~6CU}JP}Y>U>e(-$J+aW0cLez@$k)|#-O-j|Yxl5_71 z-YH+ZMXnBCf=rWEC_=cb4JK|jHJhr}Yy0E4tak!-E`S;)jywW_UrSW`d&eAoI$IGC zeD&js5?(&5E3ny%-4f>bc@|eIuxlFWWf@EA*{5|+R%rUeft?g0LMJwHAnsmkF{EG* zl6UJ$g?oD^1&8ZYKCOnI{-D?N;~!KFeRgpsYj-kH0nLerJ%fD_XUTN;sCaov0uX;z z2|tW%$PdrnmkWdJwyPa;xoD=Ry?Knz$R4e(y|o)LuoQeZA0?I3@BW;Ka31DwG(VsE zWtN!HU8jC>61rxxQOfC4^*F{K#o(dQt|BNc)TQ;su$x8Q=J5-|KU>eXGs-V$CgBaB z!YL}E@Y7HYO3ldMx8Md(%6mAq+gB{Soc?^*(zWQe%|b!xl#l{_TUQcjwJ{Yh*^ZJf zV}89`UWLVY()&|`{e>^K$C&g6A{DFw1?oTgkO3j@ztkhpf7BsBO8Sqe1RV2^nq=^Q zPdy3eN870`XjAko(7M>=Z7eQqJJLxBdA8ed2a42&*o!UN{>0+?wZWJp-*1}FZqIT~ zVGcYm@@_;kd>m2+!PBkGS$pu>RBA(ievsNH#!sFa{Uc5RRg-;|du`{lTFikYv_JBlFK#%KHGaJGVI!dQ5FJ?xUdKz-3;&M>Cj{pSd-I%&)4lFKZ*NeK&$%3c zRY2C7?GwSP9xdw@k(?f1?=lCyh*)E_58NiwIP>y6`yM+XdOo_6uV0)yL{+1Gh+nEY z>hZ9=_Ltb&4+i*GtL2tFfXaV2ET|V@nql{9nb`N3_tDnx5S6D0*%@iyxHTx zxHrx;7z2QV%P(EF^1VBTa`{pX&O@qvgtG4Xu8HG;=)$ zSeweXItf7svvcRd*MQHlUK=_R@!~s;OJ&>s=Wg!%8BMxd06#KvcV*Ag-r}+2o19;I zX+bh0rTRgBQ%%GO=w@{<&tkm7?9$5cxrDLWc0OuO*7x3f254$Gfg#;9VZ6DC+#_3Y zAE$V^v5#2bDE|r)Z5J0Xm|DSmR(6~cl`O2~p>H%tBrfY+e^%@bjBpmk|B+L%a05}a zOu40fkS}kq%Y8uX>%5B)&4t#;^sqYvCu~1k0v6D+akdv@O3(^Uh8AB9btk9M_3Ly0 z`-ZIo|E$p-YbDR_cuu4IJRidV+RE0RZN9coyT6Cd zJdUW6a=!bI224<)NQF$%0nkH~QpJZCl>n^NT&~HAIfV%M9R7{keDzooDa(P$@EWA$Lsvx)c$&`EMd>(_@^!`jB4xcR!E zRKML2EMHHzc=E}EVVMoyAgp7r*#l286uEgY4Kow&Y4Bv<`6*Uub37(RXa%&?(V#)i zlymfDJnG_l%*JS$C495(U}Zj>ZpU5xe-vmyrPF1gn|$tI6uEsq$@e{z4x0*e7?O_| zP?&3l*7S+&NpLO1E7%E_)N~k#zmG9)t~heYi>pG(arAE>0ttOC4H(xlAz#2TKi9Mo zeu}MLjMYTA{~8h{S$Q-qKJQ_T*)K#y?K3{JmRi!|j;@?*y;*FCV0sboZh39Se{Ovx zHE4k7ZheV+s&f700zX=2kHzH9{U*TXZtBn-4WtXAQ}JB*oiyvc78{!D+1`|(@Q*^? zx5Icj+q}{`RzZK_qKQaNsRrdf-PG?tnkqWO(gaPLaX>J=>x2d-ug#l}^_oB30SAU( zk^dMmf^a&c3V2PLtLIVEnNBtZTexD{U4*W~?fftG z5nG^F-5qMqr>JON`TQi&o$JCvp@MIp@f5w2TQt=bmw1;iqkkQHOu69LWZz#Jt~|F! z8XBK{?6P~|O>z85;tq5(I_%3-?Lf~zi3-U7?Q%&FYXPTRDn7KG=lGFG;=eJ26g=-8 zaDf>xY*s_o8dte6F`NQ^laO+7(Y`d?G6J1N@7}~`svq77-=8C7wOVYch@krt$_E2zc~dmdnSbYqvq!{e9a)%SyX*`toqh%e0{H#k~bUE|UVX`Q*WKDF8P_Imq=Qi-xI0fObLU z-ZlVfq|1#xE<(vqL0y21DG6vL+QKSS+&=eI8_r<~K<_KOe0C0#ij~(r$acxF`uW>P z%GNMFre$x;dK`ua0?~UAgx@Xs3V<`Ed9PMJx%{|h`GtNrS}@@T3?;2^1y0ueX(*aM zqU%a7@)r<#p8)r&ebuHW0WcaaJsc46^Ek6lbpl|+TfMv?f#YY%S?AaU<$&p-JAjX# z_4I&Sqqw{cgylpF0=+?hUSFi7RrLUru|;6{j;YEjnxFG}hpX;S6#bm|?f{7V zlIOx_HUt6xJP2?t8_hR37!?azmDyyBB%8oZr2Q$XCK~_>sE`?bX#Oa`8VLA)pJ5YA zd7yMYch0o&HpBp<_+!Na_v{1Qw{cB}JCJio5o?AaBF~UZ-W4u0~r8NNI&lih&?-K^^mFqFCQO3&ZJ8| zg##(IA~t<9JP-M&8EnTZ0 zxAR?m`sG~2Z30-=pIWpM4`X`I3%8*(RU|4U9_Bw6bZ}0!WY(h9T2dr5dEnXtIWGaG zO^ly2u?Dw)`IVxUzOoX)%Ju^kdDe@3^fS zH!#7ubb+LF&M)ejHvB5qnom}sB^!+D!ijTm;GYp}y?$Iv|LU)_f38C%SgR6Ylg~;= zPcMDK?}7q?RtD7=`Sy;vIWD;C?%Ncyy@=ZZh6`WzZ`K|GQvcYg^z48({c9v`z~k3N@G+&b5!KtLTWTf>ms+5()3Zzwrn6@TFbEcb;h8?K_L!5^02 z-VX>c{E|iR?VP_*;Y?uHP7hGg&7aw5F9kX65Pg9FwjlXPk|CLzewoS4%K}nlizMgm z;Dz|OI@mcjtQ3VLOLCWqpyCazT0xz~qrX2;pU4Zg?%q;AM||KwpRg(i4WrAIx#y2! zYA9v^b7PNy^z&)I+jUt8yL{a}GH-cHU!8cLyY%R@UC0@6yrbfkuvE~8Mk=0{g+EOr z3#Peb&nDjNE7wK_CVFi(uB=HK`K;HETRiw?u?MP|#g!eEB;u-9UA}WGuYRd*-gugn z-GoBSdt5$>Qqye1rNSmWAxYKIm-9KScf(KiRB>&qNV6Ge>>TZsFOT(Ye+*-8{p|}x zVNMc+mOrGysJ(+YTKSywmn3_X(uf-(Vh)(TM}+iQTI1SxMy`$5u#w{2I%gD5BcK>+ zOpUT{l5Mv>5l7oiE*)m(a^{15;;%p+Sh`(RE&@*oPUbAo4_Oi7B?{`3M%CN*0Uo)s zc?O`*%PJQcoCojpsad7ah6uq-C{HpKyD0mRAOrP)edX-)yl$KAw3BZpB3L7%<_wvV zwzT1-z3xBcB$>kk9ja8~2w z*Y`xirn7}vUQ*mC^GmS6MLXm96u%F~0CP&zul@{yxen60XTN9gPOef62ux45?GbIe2xxbJehf5j&3U~oJxcE7T zlOE&6?*o*{r?wi)3d%ZLKxAjWN@(hx1@MHL=5H)tTpU3I_w~8!*E-Hl_gc>}H|t{& zw4q3LaqPzkL9a%Qf-sd@dxEY*T*%v-A3k2t9MU4>s{^iWp+8GO?rIFR=F@yp_aitH zKu0DiF;$|31$*Sk_u-B;SgMKqr$JSsFguM<52ST1UIL^)mN$6GTOPurxG{J?)h4;* zNZ@vLC{VNBC&WMp;)OFFzaP}4h~}Zd0dPv$VD>rsXEeLU3D5BQz*3{%+yhW2N{P!{ zH>gz?Xa(65kVOK(aiuAQLk=viJj_KmGbtoK6VJbt{fLC-uIe8jtvu|MyV-H>E|-I%&9I1pbHip&yO=ZPF&oT zscAo2b2=pvkK7`j10a4SK}c{xq;|QqpdC?ay8kUoS+4?$Fh&gkZ?19jN^Xf1$p`Xw zQ^ZZa8+XX5=6JN2DJ45_$K1Ac#|8S93;C^e!Dugj)5+3=ATIJXV@{twWINXWVUvJ| z&)|m%R&}k)9=Es?1X1Ye;h;!d{FjOB;9=STYsWX&KA-OWa(c~$g8NI?J0pfTwy0L* zOAjU6a}Wcd8h%)@$#2aN!4`4WrIz*-v7@pn&y%|SLl5c#W`~_M4$MWENy7~J_vt$d zLZ2oQU!um7>znk(0;zeW=c5J3yrQ+i8e=^kvo$wip$uByM=UVR%O!+3M(BN|)Cp}! zcjQu?a))sP?&6#?B2jtcYfv(z`FDu#kb-(A@32_aD1a)oOl|=E;k2AoU;J5#ne(XB zt0FdeBYou7ITyCrnfc2SKcm3)!>Nz_;j|+gI0Xyp+tCOo6N2$QhD~6<-2j17lXkFq zPH)Uy^W4Gc`LT~Nnj+*N0^|*kW>_2t$jW=@LTVz4i4vdt@oGF$(TuW3$mvkzdg(Zv zHlt`!L#eN}50&g?5GGLCjd?*4#^l5@WeolU0yQf{BJ*A#@*7t`ych{=nCx39ujqFk zMfT8aZJ`#Vcjzjk>ENiMB8};QT(SgqjghP~qig;Sh$q3|53>XK%98%Qly|g*wI}j- zL%14ODc+pVBa}SWUrdl+v*}H))3D(hBZ;dknfs|Db{SUEPg~3qJWfaZ`^e zz`la$Xd29L6Q3h0tg>8d?TrcFB37p$OadZSmDE%ye9xb1(4wHZCI7P&R$zjH;|@=; zB6^gfoacO$(8f3j>^`R_4EdvkIBCf zT?mSS-hj=!dMK{Je&spTn&6R?Nj43k5xSH)GsCns&(u~6$lhw?*puI?5?r^Y;6p=A zl!Fx##VK=QEsE#9-w#4|y!qH(9aP+_QdopTSo+%^+U)VeaZa$ZIJjXXG}a_JM(v}y ze6}glW=8#VJ5fxUTr;gwuWnC}HF;%WF6{BDe_X2Z1Q&BBWv*rv>CF{BJ|7{sP0xLS zmfp%OZt5p0Vh+$SwUmn|@l878MTu&!##Lk#Cg{`+5R)Uk&3gBMkwx4}ZO$M6xF}Oh znqmn9P9DVXht)dh!FvYzsRam{6|!{y?$~8GsZ@*-s!^`~3w%)XW$#vxhQ)5&L&By( zoc!{f04k3!fDj)C#W!408{5Mc&9Sn-RTH#~Zf@?2;;s=4N|X>p2H@qHorNJaE=3jk zKJl6EO|z{-X3q1ahtxY3sQIWvO4!3W@jDa7;_dOFXz2q1k1S9!_VLlGJonJ)x?H^B3oNr(3%a4 z!8)KW&?lmjb@08XD|~2?1U?RiJS3ynZIi6S-H~b0=fY4Z*PCyWj4!^5yi8Sr34FWY zJ!{dCY`e$VOMHaQR;Bob`)KllgHPz810yQ=6HdaCKBnupXoQX}knCU*$W(p^!aNB&5%v}e zoBj#r-MvxN`GK5VI|)CLD^jK*LX5j{lu63YC8wh@L3{k5dBO>;(iHAod#8-oU<=cQ z^}lv_Q=G)9irn`an{+w`8c-3`6+*1W2*rcf(>21OG2GruNY&pJrf({2%MvEO|GlmW zLdpt!$mc_|G7*Ql;qszM5~1qURxCc~kUqL>vp?7Uq+Z6W5RkS(sodW51Z?9(PI2XV z|GveyVjvW7TWyb+o1bktfRa7N8KEFLeG@rYtC09kFC|w&pH4R2ISk8`4#HWg-MStp zIs{m)pV2!l*(@kWigTh7cbVz&~sTL&Tsr8{WN9U)ZdVQppw5@I1NA!G}7L zRLv3lyNSAAb5(Z9Ebi@_1Q5SSY<^ECuOB{>)GwJ6umk9Bp56!IYhh|fM$Uz9K|R;% z@RB9KUWHq#T8A#fo&IrQ_A0PTNl{D9Km84nrM%Nu+dSa1bE6MXAwnD61z#P3~f&_S9>rgd}RAz^2+4S#0-fdf|OeZo(begw&?2t2Vs z*Yqj5Wm0Xlm+gA&Nh4)zu49xsd){`Wst8`!L@b1M@}cwM+h4o@qKS)wn?mG5q_&H) zNPC-0gZm4$9`thh+#BIVDQ{BJ_rfUmD0agWkXwAFfAAf^np06RPdXc9T<_ovkm|S}m z!TxL%v5)UjoJc-Sww~T+%>%igT^2FmwzVqs8UzBBn&vasg$__kJtT-uEunvwBxyLZ z)GLMo$SE?Sg5p~5!v4oUYbO(fELf`#rS@11`;jOi5BT!(_|@0sD}3H7v6pB;{9ZasTTsu&?i-!2`bic0E~j;UA7FO&VH@;0hg*P*HPGx+viwFXn6=NNmbdo8R)$< z@!l)|{P#Lh^J*UzoL0NT&Av-a_@!?Bf-QA3 z`Ue>akb31&Y)#>Y2~Kn^-mQj+WHcXo`?iI6S%TME6KR)E_iYR9IZgcLjuC~5WEE$FwZO|a*&@yj5r ze1@f+q2yk{L*C7$&Gs8xsAc(&5HRx#nNk^fA6pgBH}*CeSlR2-7C+o*W94ZH{H0X- z<+jOk{maz@VNr=Ti`)_wrSYuAbzjyS2ZPGNO}>NGPsAcj?jDg?C8Sz_12=JtzmH09 zNUgWp!J)aM{oI^Vb5A(99wLrOev7-p5Ha4f)gkX`=Gt`HF}r4)n&r=n3^3D2YHhoy z2Nf+J(>SFhc0_?*{eBDq0L};Wn&rKNc48eeS^PcEvX2x@=lpc z3m81H1UVG>{`}4oZ@zB_8Lc@n9!`^`KZ3ytAKdz}f>-RvY`uTgY`^W#FtM=x)Oxfg zyXfDtVKb<*UEnfj>wi<9huBD%=we8R;}B&lsq~<`gPDk=zyuDaYsNVa2YHg5j5;pv z#7h*0-xj_mOC@k$xFM9sR^MLP0t>EC$*+NDOG-@HQ0U+W+wf*AryT`aY z&0A^=dcxRWO!I(O1K;y{4O4}tldi+oFf1?PGvh&#WYrSxu-UM?YZBuJgFzX@GLO&) z8bfB9)S-e9XY;!L4d>O@f4UKUS)0;lC>os!5czey)Qe^pBcAG^Ye<1w=fA&a%=ddV z{cuTzA5>-Z6~%2R_|7unvQ(FpYT|xekTENr^jAG1_yZIq{14mmb^bd%5xpIOpQ@{+ zWrT7kinui*#o0-wQD8;}xgX(v*kz^m@822!ih2fjOE)maetUTsBc=j9#xx%WIlm9sFSnH`H19oez5m%0YqU9-x+lm+^h0&b z)2a#>49ZF6i+$sSAPY_AT6D~xYO@aZ=ItNt4mioq~&{)xc6gQ`JSE1 z7og;tU0Hlec)Ex7B^RVage8!PDDk@}!G#iDoo+5xHd{y@(I^sU!FYT9X=T$(a_sE< z=t(Uy8p0+dF%m8i3X7LR!AAIJK zEN%OZ;LX4-`!;C0ZB^pShPR2eE`l;!&=jt{(Zl6}iV=<~c9{a9O_Vt-+fzo8xUoC1 zeY>*hs`b62-?)Y^=jupD`aO=cYtPbNKAC)*Zmxez z*9&PBAwnOI_>5UZLRtlfK?coz)4k@$1@&PI?YS8>2C;tz)qftCvp&=-JKNX$$#%VV z*Y0T?;pjv#6aD1JoXan-yH?QY2dtJoVg*unERLSG-|yFtCcR%suUW$`)|QCe^sGNU z8$0Qc+^mm2DHTKCn|%UJArQhA(jhpWq7z8y_D=|>!~->t^kW=PsY>e-croFqN6Hgg zqjU2ZYGXIyv-}&@E7wnJUHQar#-;56{Zv_N>w)WHWIdadzk99g(HfSuPwAjwku;nr zsj%4?)U-KtCUFMZ%OZ?jW2;jMNPNK4R+=WtD_%MMDhR%jvDy!jQnTi1JL>tpI-2?9 z@^PWWYB2OT`BIUXj)Kg5*c&?fw%&^+T=lR^V))u?_+D$hyoIkVEXh~mjSM#?bV3M3=v)EzxLRs;J71}q{u~Htj2o1 zNo5A_S;p|a^Vl)U-{!IQlYHE3=SuJvpOu{oM9Vty`jguTe)DbjiF*Yl%a7RNy#r8UoOQbAfp4dIq1CQ5Ya$wN(YP1K#Z{<^*A@nhL+PEfGX`7p2tl|(cy)p6r@)T8f$ zy%$U_tmUaJT)B`?Jy50XEqsx9S;nk=O&a_Bf<`d^*;defNNxL)d7ZlrSYHbGreyN6 zYA>gI9_N&Com=ag$_8CcQI&7am?hzb+S!IeENAaL2|YQ?w%*OjnX?HQ^Bn(`?WQ!h zS22LIzAb*f2F zi%gW;$Jy|ijvckNqscGbN>Qu}3-O>5!^`v?bw+aHYqIxx>~mbw$OLz2v^m;bS;7!s zFJ3z@|Gk;@Vn`vtV5jscuBF*F$gd%}wfp>6_Gjho6<(W^2pHNW;<>kR;genLOhu|} zgW7zERJ!}FU=afX)^c92cW1snHO!lLS$igZza7@lXp5QuVw+K~G39pjyaCp1IsxfR zMNCmvexVky`3~_jF^73%AiQI=sz%t-%7;eTGDR~GKeU_?(fywvJmKln9_K1(h~R(Z z#-piaSUZ?j!d4Z9300(csX83zSo7;R-6?6;hTHM(tADadePG3vG2j0RE{C_Ly045B znFKiSOql5W5HLu09~vlv`l|9I%o+R`Bg@z~i6L%3HB>b-YQjtj*`_FJrGseFccv-rHKwK}zYNND+8t!6VO7UBl2OpSRexcv35hUD4g z^FfKSR9$0|kd#aPAF?p?{?(oP%gkpP?uIc=m-WhrWRq2?7s0R}X7qJ8FYlD6BF6WN z&b>>;Y8u}ddc;Gb^9!C#XJmeOGE8LmQDC#x(4SA!2vOf*Xjz6;=vssqMoe4JxO6}F zHf?cv!qe_5;C^SeAhmtV><7hJn)`XarsUC1QO;QM0%vhU?Si=3Xu7m1bar$gg{&qh~J;SxQ^HopdbC9c|ItL+LViB2t+Pv#u{^hiEGQUsCZ$6!xjF~{AoAoPOlT7)$~fdIXA zm>ak;$E>X5?N7PxN^v>QT#x7Z`7i9BtGVa%f#r-93$I(1A?5m znu|v){;VWGf|V)k=-4Uj8k566#s`5#3M$%`mRv*f4L0~kpT z35+CH)0iZ$Z^%jLO_c-1k>j9aFF4nKX;ZeZautYo+10UkEb!Egp_%i1$s^tfdD?j2 zpbqlfJbk9hDTB$NUcJrz%*#A|bB5&eeV_SVo93F<`!Q^q!8-$61m6OGRBm<8TxcXT zR8eJ}M{YX_?J~I}HK=aC%ut2JwDoMe3SDCku6AbDmYy{WXY;-C`wNaHL(=ih#q zkHy z^<{be?uEaZ@3{+H%&}&N+YCf=w@N$BfR)*wBx&wq)!#N>48jOV2D{~c{wy_g;F#c?Fwl(lC@|S?O-*4=elw|PimkS8vObd3tBzJ4hFAh5wFEBe| zRMN`WZ`GHX9w%UUw{BTYb)jg^;UGM0#^Vv7cW}Up;yJ0a9Yg!^*H)j}_DR#eTc=9pl1XyVcsq&bTF}oc&+1E=g~Nnz(ZphhW9pW zuWhgKn7h5lhFTXYPtPD`scKAnbD9ogpU?X~3ViY(i-x1^ZE9Z>`y%4^&LeCg`w}*B z-c8YeCOi;r$E5e;CQ+JuSKC(qr~Z#b@{Q)r7r%?O*h1N6riTQW7pnWOo@h|^u;v{G z=_M63Ui8k}c;DX)`pK*z`L_vMOWrUAJuqCqK=ui=xCn?W_@DI&JYfDM@SxQr7^mmh zhx(FCo>3n}|7M1KJwu#$^%lhY_Jz+xo~io>`<|2-WQWfb!>kH55@3)TI*|0CeF+QH6QKr^RRg3y9VZC{3KwLCjP@|uJ z-{3rb2BPP*2xBYN^?obTWKLO*Lz>jVygKsttlsW$xzpxblKKUQ+D^PJt3K6xWZf!8 z;y=D#JfoYa{A**n@hhH4x8B)ux$?oOU4hNnTk)<*TPuE~O-|(YczUlanagIv{8ZNw zb^X>#=giDm&lW`^FwJx;qRh96b}qVC*F6F01c=gHsQ=5a)OG%TUxYGG5I=oxnvd@z zjtXea_;>VWU)_xf1xfw#=dX$LRV(9#aE|trtw$6 zs9lZSWy*@eaxND36be6{?%N{h>lSmX8z|x&LRLTv<5Zzo>^y`*Coe!SC|WZaJ_u0e#uOWIWE&XfO5ts;L5S)E(ceG z-sg-x7xcm6qUhY7^G(CU;+sA1mkwN4y+#@bUoXuL%6P}iPP@&vW4i2=q|Qbq=k2A? zkRvaERrm;aT0QUDnTwM>9hqu>qfL8u?q?VL_>AJ{Vb8=%?*GF7#?iFb_b-ldxqlNt zJ=jE0>6a`Nn1ePz_#2}KX2)OZ3e#F#?%f~U5x7o>_YBhkuSAZ)0<+}16LKl@tw_|PA8Y0HFW z0WRF#2YwneYDO7)`o}TK!vHBW69Y^bVq70K?uG%)LOmJKbAD=`uY7x7D`8{eQ`;Ga z2ceaY{PY=JkbjEKY;y&laxRGN@qgfp$*TqN(7X4oVmxI4c4CvH4B^3vxHuz#$0mT& z9sIy11Mk@yQQH8#np0&&E#iCz>a>zW3jK0a0`5~_`0W`h?r6;Ud|CkY!kzO=p$4 z<^h?-C(lJ6Lmb2V`aRIdl`|%O?-w01p;p1cUE{SLIQdYO6w!a(+eb5Eu``fsXnhrN zWEe+s4Cxl|9_rPW5ob9=24F`(w_qR%ZqQSm7e44I?g)w+N|0l=%4jdu(3AGZ7tpqyh!R$?FH zE&UB7(}+_lZzJkf^MixZwOlT`1b{sKDNu=b0{ zU&MDcUWKw&u*NEXoB-0Q?8vtor$(%ty5jQ716bn5RsFj7g@XOM`a+VO*tr*)*2qV2 z@@)vToZ2s4cp}|d8vc~9A%)ihUX?qWJp5!Ho%sfgQ0u|zqb;AlIX*gNn z_KEU?Y`JN2%l+DR{kILO2~1uILhkSGl^fUs?|@z9i~_uj+RXRQK3J0D{iTlNEwr|o z1(cFqBiLIU+vO-x_qg-vnb_HBeTxLa3oq3?=lsMZu@wS{;fIasAd9Xf!5)y26Wl*v zV!mo}G1zMnU=f)|)$Xme$JPWVc}*R%$4h*)ZH?=@`~xEOf?NJ#@tI3^X(h=Kf9wQ%wo!Zlcib}A4nIw_%rfgTphvVKU57qb)NO+NEA@!#Qwr}1wxI?Q z38Wd@4Oiwy;Tj?s&EZYfxQWZ8n`bpblE00QHe&+6vl>hQ+%)Hr=xrwQx*empu;UrL zM#_BuD61C7ewurH3SRA)_ybs8egGSuT$4J)nQBi{JE_pYIDj*FMCj}BV$6lK`M?;C zMoc`);K$*5kBM-YfA0YczFiAQMg5B$^Vf7yE`tq0NvBm|oER?%vIK!Ngx5yq%`5QA zgw{ACR{Fz`bZekR$uwj7+m9Axrox0RMh&XJ5r3)#`PbMXMTWf#XdduN83K`mK-L z!0sahfbmW3Xlo4e^kv`ggV9vt z4k=F2irZfT{UD-m=r$=!C#2%W7kdCa&y`=%nCt-p`QPxAApDfzk`EGNPTkQzcHMOL z&f2%M{0##I+!F#v&6Bfyug5)4ud!z40zsC|m-SEOMwT43St*uzz}@D^V(wf&{^QYv ziSCdzAh~%u$!>|v&lj_#$<(%V)&G&OJ zt-yx)KF$bO$$X;HM0H^d>`I&U11zyR=0H4XO2`%^@%ACUAC^9MbO8jr%+(9!-j=w4 z-&*}V*wWR1)*8e)4Mm46!=p~Y4R3HIl+w2TDf?GMCs<#m3Bc(Gdvxa9znbIm)DH-A zH+OKh#|y^mKDk;4U?*v!9!CmLy>=V}wYdmSkjAdj6$dfB>bM>VXS4bG(=h;5RwKEC zi38Utl4-7wfiKK^NtvCna(InWV!+se%RvJ^Y*^uJ)v}yH@0*h;1IpBKvY&<%3DJTd& zRB%B%Ih{&_z5TfNHWy+`^*J3@&l51Sd;jv&7jh19 zZ^X)bNBtHK*nwFqNEuq1UNcG^Emh{veo%b)7u;f%h&`!bt2?Z(Hb#pxTj0IO*pz|H z&*0M;ZHfBT%;6k}8{FG;Nqkwn+Y(-(LW?OsDcW1ktU7n-Cc+x{Cwti-9BM7tUxwCk zU*yP6wgIQF*XG&n(*MjOF3|ARSzKjJ7%td$DufUvj3y4G;A4Yr4HBK~fX!@uEAX7& zNsu|-0wI;Ep0%*8P1nP?xm^+@#ii;Ta{cv^_*Iw4fhpr@-|D^q5~g4ZSv&kwAQniZ2e}M8#uP4Nw*f)kB zp?3QmuZ88lJ#pJ$iX=TaRPqTsDLep>>`UO1inwN1z%ql2kmyNSQlq)n*oi~)P7g^! z8Vu!ZEvlMVc&SZ2pK*$U2aijoxk`R4!9xByn%hgB%_C@7o=8uDtwd5tZXT6j@k31D z;bGWqk}nW;HCe0Z-)s(5BdXyjUkcK23lPk!3@2V65uY&+g_6wbY6&ZIo}-(<2}gg? z6^bXCWz5e?TQfOK)ASiP5kpu%2Q)%evEHf>8CQd7kFY;wSCJ0E+kssQjbdEYUwZ4QE+<8Vv#=LVhi>ho^j&hmgYo#Mnc#Dr)9`!QrnINlIZdM;N%&xhCShKf^Wb`h%D9~PI z+gK@y;FS7_1ZOAHVD|601Kf0aHx_qb@KU_=EVzS3-GP8j?_)yu`n45voDy%^^|f4+ zbBMy=RJKg*&57o>q*GE0g~8{7E#9UcXW_!gM^5p9iNY7vuHi`oSwpydKp8{7&7?zkPX#$NclA@JG=znotp%UIRW5QkQqDI88_SMfBr1xu1`xf@x zY6u37)UZILYM!unhLpJ9m=5+o97Bo&H^OpwBZXeE2;s$b#5TEAso7z&(5NJV&T7BD zv>cP6&KANXl`4V{Tz*`dAuMlLTJ#gW+pcMj0F_Fjr}XI0@Jlw{CwPRXLQ%J(a7jg= zPgVaC8Y&k;dJC(T+Oar^JB5cmxr=0bb!#8VRl+txoXNtq#)I(1<71;gb0W}~$_+}g zbLX(eC%swo0B4>w?)}ITeON*g;=IkM;=sjqxBEX?01C@a0}4+-iecctk_gcK^$=$G zeHd4t%^pj3L ziA-depD$7eqD;)mt)?Cy!Rl(F!DFd)@X3WD8gy)$$7mN)F)> z(JFjOBAft{Q7T&PM0qjW7<_~ZI+oFmqYovxnSiOgN-1s;-zZFIItV3YT>>XwjEu+% zNCG+5Q(3RgIyyS7aJ7f?e;H)>DZBKDC^km>qdAH6g}aQutAbe8ZG@{>@8!CYDO!V@ z*lYHs9O(dcApGz4G0GTr|52}~5qsaIt?V{iB44ZOiv9&eGU|N8z3h1%8#wH1?502Xf9VOz)Ov#{2^sKC597$Qt#0Nho! zd@F<>>0nc{j2_(Gnf!F9#GMi5f2OVQM|`Tpz-5k|d=!k5-Jtio4T?$QL3MVQBh4)j z2kY1F)gF%F-4eDf4j_Y(0MIaeXvG|roG-2)gk%(7J)NN$AlRy2Uzv;lw+GPcAucCF zz$ee=veWnCmYUi#QI?ime%|1IDR-{pd{QBfJAv_}WZdwp2P#j=u@=CUYui-qzoE@R?yC|)L%vhTg z=q6uti#}KU78^5~0=h`ZA}TE7|_aarw?D?=!~r2ZUmj4_v^mj+E`w4#fGCAx7x2k2nh;;t2fZNg?_uiD8Z*^wKQNjaEAG zmbl-`+bV#<4)nN9KQ4QOt8$upmkNrok@@`P4~PUW|HqL>R8w41up-P3*}fCSpT~(E z)g5B0=bMk)63AGry+5~mqV$PY1K0lDwg0`-X@*p0ar4*v^M>MCh|-(n>r~eg?{wZN zjq=D<)ekM;&)6agh5NV`67M_hlwlZ0D_MXSB&h(nYB-l>J~xt~I#{1W@I;b5*;}Ha zU3qqBnn`U|m}&*W7I*lAx+uos4wiuK;4WxLTC*?)MW zS1wkS#xndpZSvkJ@ZL`;=Y{3q`>E7jt_EKg6G|!J^W0UFV*Vm3$e}Kl;>2$V_+Mn7 z6>)U(Kp``BQ%ulm$z-DMMV#oM#Q4g3a*)j?uw0QFdJbpB7FK*zCY&l$oeA|$IZqa~ zdN=E>nkVq)r}|3LOJ|wtwbvs0+>7Oc`^wOx8zFM!_!nG$pG2`XA#V&H_KF6wsv_5( zhF>fpKGqEV{6#17PI`<*af9J?M*TzP$@o2ErHx|g7Q`yjVxA=um8DFW9NIKOFmsy? zDP|HwO6aG;1XlE1@BJT`w*&Od%_xzLyNg16n(+Vw#ngWeT79nyBr>s6$2JjD5z0hH z)y$6-^PF#j+sj|VM-Ek6Q7W9=9)t>IYsTC@N!jx3KNq1!!AwsFkV{WVlIf~TEVYq6 zkudzn)YsG8#vw+={O`XbZJ$|?5S_iMY_Ui2gJY6Nhf|*5I&2{n>SzwN2t#*^;d315 zx1gH4KY0&$EO}NDu$Z&*SmcTI)<&d8a4;*_o^~-g6Cz#G?Qps$YMpz(2+1=S6mjkN^8_3uC~`aU<@+tNk{Dydi@Z$+pJQ zg=N3x>@lCW5s};Q7giTGqMFD7UD}I8ChPOMi7_w2_F6$3G|6z;LNQ_l`njDtQ zxk`FrCO%O3l8$Nj4I$l24t6&AP`u~j&bK>ykLNO@&YwS@m3KlIv5Dx#&YhKI`Z=z&jb z;gx6kPfwWGHf`psY-z<$SmT}2q(?s+T78{X{LmY7JE>r(8|~efexTU4_|U&N7{Nll zu&x<^U>R=DX!?|UEbr(fE8-obmSBd-gVy)t$EuTB$exaU_UL*j({bmx8rv@)%X)(( zbGTXA7dCz*-TaOZsp)+RC)-n0cN?;U%v$Lm*OdpLdx!#&^T+YnHSO6&5_nJki)9Mi z7-_v=u`*}G@YCb#(#Bs;=w)S|Z~!4e3iNL&7#U*pnMEX=F+bvWDwAWqEwCK3_)FGiW03Eusf|UUm6pe{JLQ_@+)w z-*MHJ&;5&rtwTqDrN^7xg$17T^?w=`wvSuf9TK(%OSghc+>ZPgE@qqy7n)`yv12=^ zN%e_5)q9O9KfNcY-y){4@8qQZQk-b`FtO7sz8!tm-t4_9k{TFWlAFN(hYPp4JPGgY z>LJ9gxqJNm1No0C;lDnHJ5Kr4^(^JG|5Z5rzbR|@?;?c%!SnFnONaj-)e8SNzT@_- z<0T1f$~T;rKj@^-JRPU9fgb-33(J=Um9}M&OT1KbzS?pP<^v@+mlN;@7*578B7+50 zux2QT;^${p;0!POAl_I6Y~WJ)CGp2UKqGHA`bgCvKh=c!^;*F+uHpjxUg-Y0B{p6(=QyWNP@2ATggk@tduO!(%qnG zJILKhwG9uv}Xj*;+ zQufDsPl0}EMD^BF_AnrI_L3*FsZ(gP1?rl zq3BlK*e{wUP|=BdA(fovI}Faqc_mA@(ORm$GUi_~h(6xllNIrHqdXv}(C$~cJS>(? z1KrTW-~c>nbfThz6SHZeC>U5aIx_mpplv^m?z<{AKijg~rOmwi8LA@y7%;xVVLMB} z5Kt!B)D8NB;xwWv5Xc|*2WB<6#?}n29?IbGHHbmSdYaJDG5}e^GN>B=i$VT;gTj^1 z{#DphF(1gMC!v|oe-ouO<$>nqk+c;zZE~2k4-iTq_K@@$<`)|V`jar!LSfR#6S@mb2A{~>d9A19+d z2iHcxF2_yf!c2L(8AAAM&KDG&e*jsO`BUg#*JA@Js)cgwH&B!}9a0RsJnoUzr=0~$ zN-sWiJkvVfCdp>?Z35O@$E_8G|Q00;8&9@R@cY4vgD>hX8Ra-JLnzc{=n53K*_72tZ_FC zZ2k+tDZ9Ny)v-;RK**KTzkUcCgU$ZIr9S%F^iKlrPT3G0N=IgMb9i4 zHnE~@ci4sevQI2U(KAJRHm?0*Fvk1 zz@T}NHx&=h=p@$c)G))&gG@x>kbi_HWd`ilTmx8@iJ@axe*JeGK(TJc&Cqo zy(tcg&8>g)4PIdz+fA1oS{@W+SJ&=(2&0-UTTTz!#ZXUX6|B(Fh78?*1LD5^28+Dx zixvHOx^u0YI|iZ|3QeJxeaN&F)ub2?|MbM0AIbZmTG|;=0I>==FAzclaFmRR!Td#2 zZ^oS*p~#deoK=8C-T7(pSxFn+-IJQT9%K4z^L+1^_G4=hS7Jz-gc_fvn^N2`#5*zc z6X(&=1NOG;+6Jq^{WpGo%EBD*rKYBDHf`_pt*j5_UD31#j&TtT$J5}AV0KZ;>^Bd_ z13F5b!gm(moIK8VnW}ZW&fH0|0)ks~y1QXF$e`65Dfy8yvFh2r@;;pc-dYbwl)Pk) zvmzc((KQ+tYp>G!98(6rf}X|svR+2ZW5Uk+{eXO}B0?OgNspe!EeHz*U079g%yx&m#J_Q&Tq&L+BUiTs54g{7xsMU6^j ziBv+Nhm(3gO`Ww?8It!M9ujy@%w$y+`tJ(A2ZcPM8+adw_5_T{sRL6Q->@{r2_tEa zq+;;%!w5P+jZ{=Z@Vfdnm_upN29)zw$iJ-|Yd6l0a}z7;#wuR>?`$XqIk`u!*83N@ z@ku>f{xKg4;~$p|T7rjfx!&ORk6Ei|mqY72p&vPl6xurp>3{O_0W4rDYX&?BjXx86 zf*jY>n-g5~=25g`M$XrK=Y}a>BMC5&Zxc!(Blhlvnr)RBi#bFRuddl%o9!XBn1)!J zPhOCTJj)HSEr&kvGBs_tE2K=l)(&2uzm(p+s_QkY{zQM>z}&MN8Ob(;Toe70I$OA6K-L6lyyUlRd8kqpS?3*hB}p@8+{g;0o{cnh3XX zq%elU?NvVxaoI}hC%?JGZr5N3II!sJIOd}jFYLpf6d-+Dw#v+dw;avSI>v7sJWC`& zSl-3?@)=!W*Okdl2SzgBVuKP(KWRRievyB3G?bT{u;yJJM*K!*QeqBqJBW`dq$vWw z>*M?F$s)tgPsE(s7TdkoX3cwZoC353&j+Xk8?>1`6RMBn7it2nxm?|CTMn6KkdqWy z2Y&hGi0u3;c9~rdb@QC_4TE;$r3dCL382f_e#-85AcTO=s6`oCLjxwElQLOJM6Frh z!K+WIKV1xK&xDpIn)XTSg0SN&X~FM0{mhx7&!)_d%gsBckR`u+Pd8T2?F~PFILZ!Ev*O3UNQ}vNAFuP?^rRs9EXP=X?`tE+Axy+JutJeWF zESjb(9({W+moX~q7HqKg*rIl2prM;DJVmCzyVOfAKFO%u^UkwL;{x&yZ!jeE^gT(gV*DX1Q%WU4 zL?&JHY>j0~!1;)BKFXpPMu9x@$GUe={`L zLov@_%o7a-979*%|3cX%DM`XSXu}xrHJ)xusegBPtlyQKVlm?~LXP6J5>e!;_@qb5 z?v_}?Vlm!3bt8w4f*Qjpw5t-)Absa%QtU^>NYLOOc{haNiPgPWe7X>Z-k2W^7F-si zmE$~Y-JN>(jfoTS;w_?Bh_#-%jeT}IGq>RS&I5Ry2gmQrmBProWQ4BkAV`u0)LBidqEp@jvfuC3Sz9$ zPh(as-=l88tZs(OR)m6&{I(bixueJZeJ!Ra!fYM&WJ6HfFnA>nIZ%)xCyb7W4MZ}v zkSM~#2dXEkU-rr&>Y6MJ28GR+l4hN{qqd$#B{p&KtTP{rg6hc4xB2R)azarhVkcBH z@@jD@m3uSx#isDJNb`5MDfklGsuD&*{^7pK)_6!5l|vxN7H+t19*}-Mqe0SRiB!il(y7yJLX{?mgPgB0r7dL-gAoE&e7U6A1uzQJgbG5;%|Lu z?oJEewQh^3-gUJWg9I_esFBbeSe5THEe>dR-Nt_Us1^?yIQ6KIK-sOu-##$Kzy0jM z%qhvE1#RS}=!CE!+^2#a#$+NP^ad;ZE4`h<@Il*|g=@Pv@kJY)4IkV%Q*AdLIh z{?S~7Wk6#@2Yr|Z-(YGTzlaj8cIoMoM|Qn9;0h)oKv2jo)1F$FPm5B2vDq}Gx3mtR zQ~xC+>FXMVV~Ogew)WkcBcHD6R@n@pyW0hRu5~IzwtF>({HvE6J^RkV-ud*^@;x|P z$gS$o$H^!P$)*pTBjmKvcS95=@i~x=^<_^~czRVvN%x(W*(4K)oDIx2n%N6oyX3LsS+PJogS>mNfz(aafMOUWg?s{YXoS-PcBa2}(qlx8+~ zQUHEB%TQ?UKNTVtOqdRaHDevcAp9{kd--el+9K>NEHvjgEE6nR zRy5;J^XG4kRlgETkR#$=( zQxh_b#Wmo2ja%ANs#%jYar6LFz^8V>>lPDEDRaAeJ)`QHc@!%wL+;w-{HNBnYL-sa z@;@e7TW-&>@kYIEmq~~)&w$>L<<_oAt4j1d5Mw%ZZ@cxuulh+~%%;_oM7yqp+db!j zRUZll42P?8hY9jGxBVWO#fZ9-`inujQY%nw4FZ5sENQO32_F;QD!LT(i+8Jb^>zs9 zCqgqEAS~$LL1Vs8Q}*>g368%R|J%Vx%BLpFw3_OJUErx1=Hq9q>Z&{M*`mQ>F?N|} zkHabS$@|DfCHlx-PWQwNLrdYpCMv`;a!c7L-oSS+_o@Ai4wW$6MAj;ZscS4*GCRqu zhQxbrJqOCpD80p(J_&vqP{$i+d2C1g(z`Hf$u7Jv%zk2#4ffpII1iRy`l(K$W%2ZA zLnhJ|Wn@ynX19bZas_h~Ai?m+h&Os=_^_v}Vl|Rj>vn$CY{3$#;;VaF*1h~aSk!`-fC%09n;sTIF?lFa4@zQ7G&#)UKA+_3WKsM zgfb(z$-$m$NKZ%40}rp_+I^i8TLnyXcDa-P5ZdiK4w4ngEUYJ-$}OPfZyN8 z1ca#RRl+(Is>mt-d1|4gv##|@nLLrG^RA?b!MGZ^VVoqYwjCuTnOJ#ki{`otUL8xa z#j(656X%1BWpegtQBN^b0;JA>c4IX$LpwX7`p4&r4zn%y@! zsfz(E*>IDUGx?Ve+Q{lpIUJ0S2!yO!UleAN0fB|!F;pKXg; zdG}3vO2=cO{890f1IdP8oI{w@I2d^dHqp*H#iYOY+o(S_G(efNoO9@unZi${;;{Hh zH1fDhGdcqrCkqk00N8253(^E=ZQ3>&VUnFpw`!c;6>?J0{y3U9w_A^&P5?PY+`?%s zB4^u6VaeqP&vo6Ce*BAjA*!5zTBmcV9A%!kYFJ0;_ep4#HrqGkoQ?4`MzV1)95YpI z*kOyNzkp39rSW=$VFlqsBVJurtF@919Kn)cO5Ya;6DQd!7kodLWkJCd@XoYDa#oF8 zUwFjr9>2kZ2R{cRo7${mquy&Yo+O5d#b%uA$%jFE&I(YqZkyskimb)evM2iHzcoT8 zt>ufDB^6D^gU`Yg-9H|Hj}iurafZnMS*qeva$2RHD<_zyOjzU%V<=9v>fcY!r1#)1 zHhgiNSzf=JWN8t$rFYlBxBFfM!#`7aPtUEhAv`M`WL;7R_f$_FNxfR`|3&0HM$gFJ zd(H#@EneUsE5ts?>uEB!oe*b)|qKUAXaJ&o378rleI_4gH zK}#MogTVr8(-Qpze(`*A7buUjFfbYyww9PtUW(S{-WQrFG+5nZ6iL($h4x@kxIDEg z9bS1Fk0PbkSDL%*4H~+Eiv9iBwZv@1#tbpnM3kOJNw{%)5}h3X6-Ot zR?$6c0ywJaEne}eQq(;n3R1~`x?W;JtuTHHu`eVUgpS=DJiN>>*-k>&H4u1-mvMUT zjXlph$SXJqSJ?#dDlOFRB;Thc*sFc@0LWNwW=PkRH$9B9PYkn&z2+7WZE9oa)gIBo zU9fI0Qpg>mKKu}Z)>*(S`4Cgb)+Jce{4jD-LZ!pDhxmH3Z2%s{)JrL>ysDm15J#!> zMY8x@im-W&+I0@OL{Gnr{`$|a!#=RC3QWc*IYY}9G0`&oE*v*AmXC|kRZp-E%=tBJ zo|e><4liUmRd3#*xW%>}5JMm$CL|VSQIfOP*G#Ny(k3qWm}9JABO!oQZ(8xzzz{T! zXz!DGbp70cYmizM{`a?QV<&j;X{=%o3(XCtd8hu91@MSx?oKS;^ZFZwkdG#L#u40` zAuTme^PokFvYT|Ml?+xc4QBYo=$Tc=Jo_EmM4Q=3Bgf^>c$;-<&)cL=W&a@luW3_naJ zw@2_eJ}9=krcKpwDfz*-LS_z~nU&iR6H8b5u6}KkC9=y=7<;YH9T0} z1M4MG^V1sgC2A|dk6n4|>ABTUgq15Oxnm9TZ{0+$81BbtRAnw6S6^@7Zb&LGhb~(1 zpLWT?IU%-I#EeLN(E|~g1J%=$B889$c;fSe*uE zk?4jgmi>P05%t;Y6S=eRW|C79y|GUPzOp4q5D6>(T6-hd_4oLC&QM%Y3&C)@G=hud zb?pZTwbf89U1~V|LcS4(qiI_p>B!kA{wwTzZ%p-ae6)(481sH-o!- zZw6zFNU$9)y$0tb7Y71BtcSW^wv3#d3+t~cB!(DBSUw0A?24}~@4lgBrqX9x?qV-wDB zUyY@Q9EBg>P&T1}_pU`&!XTM;9%^;<-c4zksC?(RTiEL3sjU~^Gh#?`G*$JR?wfjF zj72^>ALu_yP5sErkfEzrG{7FT&M#l~{)`{%PvTy)5KD?rvhjKzc@3Y(1bNTf`zqH2}lLThQ zNM>f7bR{HlP&E_;T2F{KpSJn`z2&@_f9E)PZ%uT?Dd*HOAzt3TKMpE@_ff%eyXGoG zkX+F@says%{`I^5qDIWnIz&E=VM&mZm=iJ6s@f!3>YgOp!lBzx=1M|yIW~`{V&N_6YhP z(MmZs+OAXIjF&)BcZ=?I9QSLVv+{j8Xl;&Z|09H?n{n+Iov&@(u9Qfkaqh~cV`J*k zQ#~=#vT@{%eYR}3B(picU?PPH890bpo0(l7`is$$byKD28OsRz;QZ z%699wszBx)cI5Ew3-6twr|D=K87&B$#;tR;KvZPE-IsQ&nlW%pyGzS0IxsQr*oidY z{lEz{$UrIn)MCetA=p9_uBbn^m53fB?BYI%&Rq0RdQ`>WDNj8;YP+`Zby1MHV91+E zAcx*Z=B61r!nS8$!KwLHKG#9@MAOHoL5F?wy&>)IRbebR#hc`w|)JOg4Hp~ zW7b$GNi9Hzg=|W97LQd=@4U&SoO2N6-$3B?cPiLeF4U<}H|YgyyoTLkEy4Ifg8R-X z2-_)H)ydVXD5DGMS{+nmEcud-1LQfYU4u^Mwd1Y3=bwP*Y+RsVQ?cHxkbsz$9F z2tWOQn9%=whwQ(@^|<8-2%rC*BKbcv_vb!f{2l9EW`b?KjTOwan}@&ngwNOkwp8=? zr|miVy09gvPUl68bm9C(;*ur%^ucbJcdSbkbHe$hL_vPS=4ClE(JY6I%em~A6=w16 zzxbuT{d;R~U|SLK>xfoPO4Am)Z_v+6O;49xCVzPmQ=wYqZYg3WdlX$P86S_o#Y)92CQCE1$`i!(ZzDJ19*1xOq1VE1GLq{H?9$T8 zy}D^o{H{Vb+-!zZr9%BFrbimoroME)aO@)UvbxaVUtfK7l{b4d!%@$cFI&P|i25`V%^P08nzBK*7Q?9Nbb zyAOF2IIty-2}?)BW(nE#Q3p-%ghJ;(6xB?#yXuo^J?g>lcTscCz~V9WOFi1nBb_F* za)P?dvk^8Q*u#aF4oDNIurwG5Q|W-K3c-HjthL+5NPpoi?R$q3R{Kpcmxd`5tir^%JL_k(1@k)a-I!XXE9zN%NR z-SqC-pdfVDx_LRB@9t9x%RnVTNr&v`z5mV}=qY`N0g*+V_q^hwQK!ZX;6cK z6M3+;E<{}6klRy1*Ml2#58(0m( zcSLrcm0_%L<1P|T4`1E5U*tcz@D<{ZSXcA<#sMwmPQt)B7@p zfZa~7SYTDP4upRuxR=G&vc(<=J2txtpna(`#U=%sIXB>Mh#lMOBXCaLA99?5IMll* ziBsD6p8?PcP7CnOsdDh1)caf0k5Q$^{3!ISkNeuQ1gB8+SX9LY7o2;nMtwnaatH^1 zPxMgvV+3194bE_Bj((jsD+H@HMLy`qaz(96CIfM5qymxO1S_%Na#Y*P6(oQTDk zy%KA03$qnQN%@vVR{B}c!TJFz&|>|*)W-G&Wtw6tpW$n6y?gerR$)yMxz!#dBng8M zM}g;4>ZU7Oyg(Yw;TW=gymMWw*j zsYx!_eXDJnQmy_^aPRxCpy1_oLpY{y{d$P0jSk+k)4*v9H1Zr8tJZ_)}B?2 zH$M_c3)S|E)VJbtjh9rz*8Vt)y$*IE`09(rZnJl+-g8{M$1$6dZ@+!3Vdj?`3pV-f ztug-E{^vIJARC;HgQWE(^g?nRpE_37>(@(pe<}+n&7AlcBWQfLBBBG}=g)eS;{`&L z*BJY_)(4>Eg6hxOQO;-RY7jz%f8IcbIMGt?^Z!9;ij@YQDki_h z3oM=17_RcI*4%$26I1>M4FyTi;16GT1r1}>Co#yYcu^$ilGr9fH+%jP-*4SdO0Pc7 z%T0_d7r=BXh*T}w$H>HbfF6B$kTSPZbVa|BEV>Oe-^Z8qP29RQeoh?&hVzK75d;x) zjkE0dswim_2*L@t7yUb~6Q$w;FoJl8-&FzzCnn2JY7AnkAxy31@Ay^NoY3J)wG?h) zfomxYIR3%G(P{Eyv1T4_CODnc)b)?EE(4UB>n{O2T*Z+%M=!e{J2~32m$C%%)yLQ8 zQVK3liaaRHu&9iaIenP3-Vz=qlJJQQ>5g+I#pRTx8h3r&FIYJMMrx z4l2%^;A|U%K^^nIBlo>XP9Uf;w61b8<7ahT&E#Wqu95mTG@#e@zwh(^McrEmRTchi zzltCz4N}sZP&yP4=`NL!O-MFyM11S#nhHr<=Pp?9u`XoOc|A`8i;+D6_+$I zgw3K^^BSY7CSIBaD1}v;kgx4Bm~7O&_#Dpbp*Ux|9Kxw9?V|KfF%80Z3wE)_5k%c+ zeoMrJgQ{6z6;ml-(|8UX_e{I7&Rt&_JzjCO(@}_Y$qH(vYAYz}_|KKyb7GaVX!*eE zgKqaixJQpM^HNfCO5$@DOBc{F^GxVimW9N=j8KCis=h0agy8yEkLr!zGlE%7ODqBy zXyaPJ2}~Z3SL<04N)(f;m1{Ik2 zsD4B_zETCp-IYn}^-GDlH_YkO{|z1G?RLb(!oK^++)05ohH>Fdp81l$hOP&S{EyI-~_PDzf4IR543*%Q778IK-?~!f>UnG|);9-Ta zG7Fi7gcaq+r16Z=`4U~=cqn$i0^ynoMtYdxsWmgQ|GhQ0SuT$t zMS5pzHHkd@B__&gOoGP1(8l2EJk6*d7shkAb7LVD$fGuk$pqf)R7^eIAy=^V4aVe% zJYHoNDNIkLxBXOMNdI#6LX^RBZ{wIg{%-J9@ePZ_%aw3rp0$(G#$GwQv!7Ir8ZM-t zodWeX6w=xf$B4*kEkDiId}#aL+ciaE+d)Gs0jo9RI%8AvT(g^;Tkw7tLHf#Zxrown zw~h)klK2y!ejuru93Ss6SUfzhJ>lPT#F{KzKr2#HL1qTqDsuv&O=_>7>e%w>o&bNyZ_pQB!TFL^u4Y>kI_sPUrUF;<}pJH-A)s4TwF`-l6? zmL1y4E5nbva6DX}QOTq=aI@~` z@F6}hf}X#9KRV`~39V#y6Zyuc-A0&vPMk|?-HPaGJv3+#1XR=e9xQBfvCG2Ol-oHs zHdGXJ6o>?F_cu6Tk1JHe3r=ILDrNe32dXsS=!z~|03(rZ zY8e#(P@UF;+-TktQdx_jzM9(pY20w{JyEp20?EKYljsmlYN?RqyZE@!>c4x5;$rCq z2H4b}_LLIEhtl7dIF!MilwbiXHj`I)IRcMCXN3atr6J|d5Rt*#l}t?5Azy*^)jlqs z+<}$oQ|uw2+{iD2&$~w{)|R?sWKOP&;0Y^WWrOEM{W?-plk0t*4JhoLhNVn<>%$(we7I=WOT1l z9LHE$$W*8}O21~kiLIURoD3hcp@;s)cHaoYO|8bSOf=3yPnOl4L4|_duS#;E4?n(3 zI~aw&RftvN^A?B%ECVbVs2VXGW$((6?4Q}E*3bP>{aBsBxx5nibIPp#tTH9|2pBVp z%Iv2wD=wTP!JRdTJF@FI;|1Rw3z7xa7xJkwM!U<9LI*~O$>;NlOO?+fUbxM)j*75Y zkq~9c2S3tD;~2P+?M|EN!18fl=67e)SJg^XW{GOZW+my~bBD|YBwF-v3srz#*OMpl z&`F@Dz}ON{-gj25Qf85O^bN<0^@cg>Ll+pukML%2znNT<4GwwaU&I;JGk~j~Ejd)N zP5LxEG3R?)?Zn+#>C#C?vq6eUMapuu#Qh?^S{XX-$788&*RbSAy~7ID@lE$>QirIF z2I3U9LOLIK$$TCQY&6uIuL7LhXAXp-0y+k-Bl6z&)dHNtd*c`}*DrjHMV{6MxT&ys zAVi779lJgh>^AdiGKPuonJ4HB!%x2!RdRA6nPYy#do8HULTZ?5CcgNlhl_2y*r!=(f z_6nyxjk+AWFQ_ zj8JQZ0S{#|gZ?yC`cjo9G$I1sZ!DW-lazC!B!$WM+&09grr^S4&hmO}RUrcSD$&V| zK@Choyvuc-gAEq8Tl=rY6~((R^TQx;BIi_J}GZ=C8Zvga_DrQA`P6S2@oJwNUPX(!p0si zqxj*@^Q^O^K%6C|UFoWQCV|Cw9cAV7rZ2_Y-mtyJu7k!ZtN&!US)B@Cc-Vzet>=3V43YvIt zq)TM6sJ9*b*zSJJxW?(9SFM8EtAbJC7hMHUIx~mMsGA!n3&{4l6qBFVDYQDskY(EM zt<9XgHw>z!eG(zpL+H~^oM&W7y;k|zLFwyXBTWkyxi+{H1H~*$N5B5NlnO>k#oxw= z#*mW%s=BqMq~iwV(R3K{qufyxCvlOJ0W$BGU2;4LZ@kL@57wUPNIMh&esh6AqNCHpevq2MlABYgK*ynrcR09&~ z-M}rV)%Onr0w|hq~qXm(_Ks z?(egtA`a+S^^9bjJ_%<5)rTX>;}o}Eij0;e9y@@ty+p{xj#`1>1MK7Kx0Rbgou84* zrDk(9Fjh9!hJ2aTL=2r*f%pDWsQwU89Ll%>N?`aK1E6MMzDr%?a08@P3te=|&Zzp0 zrnBko+~1Pi$g8v2Bq;CNxef3oE113XtMdmGT&;Cre&rP3R|iHF*5|gNER&FNKaWTW zJ22IVY0@v4!81FpuR|#ixTmY2po5TI2zlo1<#31V*oNF8IFBK>yd|j3rKZcQ2G9e1 z9kCgUxTm@FUVJ(g(kW1_sddNsGUQ43T}*@K(U@}@id+u_aBm8QCeK2Se$QM31vkG=a3^l3+MtqqXzTS`WGDO;0rrpqjN`pg&JP5$q?&K8d4v zi0K6x$P+Zwq2XT{<>?8?Oc+P&{(ZiCfO3yeaH+u=e4?)W{gNaOn)+2n&wZfEUIBJ- za!V*+jy9p7_fK)*npk?mup!H);WB*=%@do$C}9P?I^QPh0H1^}}DHxm2~+5pb%_lc{aTo=~aBKy>r zC$uVrfabc`zJ56XXA#$Yh||U9+QT~;$-4{$_{@^6L2FMSntwflF$;mLZw3n+$ z3g8}EZnWDDkkvl0lWZwG<1zE@n~C7tP!;Yr-CckX`A**S8P=n}ux>Epu|GK|@-+%A zY2_AR=0`=o<7F08Cxf@eQnTUtT|upV!%38#KOjn8+)cp<_upVi1$1k(xf+Kf z;L5D=n@@ww-@5zc*Lz=n1MZKIUxmi7>jvO_y*O|NxW5FDZOGDTqL%_Wk3`VM@g1sw zvxJ60PV!@>w(Ya+<w4J<#s;b}Jz=E>zk#0BK?(=!=CXqUWvU33 zO&@~(Bnu1irT06`_7jSVq-xlD8L}GXMUM+%GqOS?D#ES^WgXNR6qyR$p?8}S(0e1a z1fK3o$b=AOq+jj9Tff9G{0f(p78w6IYi|GK_Je6t-a+6{sIWe#;J`doM=+apHiO^L zdv`jOJ7 zPQ21!{#bfZ=BiHEU<1gp=@^8x+CPB`y%TitJ05RCZK=z2DZ z=RzxfT-Fv;vfAR#ozmH!u>#_81^8Ilge8_-Q4ZYt%-=TRQj19^KX!)G9b-uhge%aD zv%H$9`fMhZTgfw)>QKt&#AF5k^N+ytr3=|hp_#GFRNqOJE_*vx0{_}_p8O!bmZeNN zXjdNPQJY{(N)(UdpeU?@W6frro5EkbE>j+8Tr43eiIBp=$ zTu%AgxtF+=%+;zHA<#|bf1aCBmH@#mTnxcz{!L^PC2E7PhRv;%AxzxhE$6k@qgdfQ z<;5}N(YB<|nH9%)4$U>qH48YOBHQmJx^$H(*7>-zY;1uJ z^CuedlBaX_Xro3gZIPwcg}^{*Y&@&YzrHPzUQF<;{U6wswJ(#jGtz>`j~Rd%J)_MR4=43zD~959gR0MR z|CYpn2gu%2lvVhkYhK)CjKgwvE^R^Xa zcb^Z%Ez()Jk+bligh}z3v|@*ibr|biWbkaPz+jioL}hvNEQz7CMywSkx}l{rL$wMC zZgU%|1ij%z^b29}9|+81X72(^p^_ng)YdjH7|mW>yMo!XCT$(qe|go25Tf$<#&x-x zWq%&1 zA068;beg)^U}H8qK1?`Ej$?bU+h7iKuPnk0E1x}OP!`1~jc{h?wsEF~2s)b03e0EF zFXxfPHHqG>+a0v8^HKIy_SvA&nI2}RojWSA8b9wGsgIx+cu0($^m~k|A&(tHJDVe2 z_S|!he1paV#u!dm9I~#I78%gXll<$6nlV60j2f9LBJdhS!u#fNsvz z9N`?tJSJF&as)O<35;*o{1L{KxPzKt~;U>B$gHB4G4W9xLI5M^n97!3vc73)Y67r}nHUX6C|9 zeF8#dF^@N4j!{)H;N&5FZVn2t+ecr_ciEAc?a8gJj(=zX{^H8F0?%q?X2$ccRwFOF ze$02kSoWJKJ5%$$6?G`-maOq{remd&KQS70OvB52m-a`a#fScav9S-!g0fYT_)sjD z=4r)u1MwB!rL)-O>bqYNu4BAU3`v=acs(kA4EJfElV=TzyCinc$ehsllmTe9S=$+} z^s}_Bm13h~XhH){15)MBw{7aR&+zVgl%RGvqnQ`ordy@OQqXvF9Tbq>Y9Fz5@Bs% zN*6krl=DuM%a=%fUK?cfoX_*(T%w*%c`)b3J20AD1=~h2Z+$l9)}-LwCfN5FwpSHB zO#kK8L9d-A>b$Lm-1Sux-TQ#q8ow9c5heE3@PfE5{_63;?61ixf|$XpTDNzRlJGS5 zolDH=ULVmDbT4LW(mvtd&82n0T7egat*K%wy6FOvk7XxfuazE17{v;dsb%O2=r`wL`)rcqD5IDBSyu zD!c}wg#HI+nQ|;HJuG6Es^hSwlEuB7pn0#a#fwL%_ZoA0T|6P^viX#tHoklhwBXoq z++)z{e*Znuap+nN^7vBA7+F#utlgAU)v5|6L(td}wcNUVo%pgQ{-8<36QGrg*uLGj zT)l4AFh!7+&u;@teN4J}*W(@0msy66uQ-UOpU-$LvW@;Oll>2l8MVyX7uv_P(c-h^N8=REJS4DwmUd*xJ?^&XA;L_&WEz< zcWZmUs1%Z4#g%FG@imOq&axd#v`*d#?-rS*-tik%_1GNNGWMyt6W*I-!o8Tatmd&> zqh;*=Eq?jtIXd~Cn#Y=bmiUPthp$(8e3PVMw+RF1V(ghG{*u@B3ZkGCu}-W@bbPg# zHO0T+%(XasRTIy0#I;RdtHgmz zd^{vYICgb)sn2m$4ClbL6(|mw&X4y&PMl3QGtd%nzaCvb>3U|9P&OvINa9!E`zKG3Pi#7y+!~JPLXNL`h5A-pcWhX=n{_@Z zU1!BO$}$`+r3KEGHq4CltP4RWQYVi*bNu(Zf5F7bx`ct(K^7*BbB8=S$#IrGYsy_= zyE~F`h@sMr(J|ZWdmCKhO6Yx3-2(^qv&W1 zX5p`tQF`q^R1JA(-{*CBh9*O8UAzr1$Kw8#E;!qgv|MLD$MYm@BW`F?7_70_UUyK6 zaiQe2+*|ZSd!~cB#^p`blcuvnWWD=H6EVrB2dXugpIU`Y`SAutn?~KP`e!ACLF85|lxyo@=85(sH z-UvLJQ1f!#opka{cv$iGZw%BQRn9Q<;Hz^j1_r2|%o-di zA9On%kX@|Q%i+PktbHeI964|JHSvjWGLK}d@$%XiY9^Jd>Zcr6;3}fDq1#<@1ADF2 zcXRW))WynmGZ$};<@5UZJy7l>a$}+4xQAi2_I$Jf!98jy&Yv`Uz&T%KtlPaQvVZ7M zr|sK!&7p4lkReoVf`|QbJ#A*@`PuW$gTqpjVf7!m3 zy4z$I=G#?>vq&E7Xz_lQr1qVih6V#7*hgZ*h;2Wqqju{aXN&VC(*cKNMo(QTZC)Pv z%SY1k_O+$oJJxv-hXcf&i-ToeZpJ6WDp@HPj1rEX?E+aThgYhi2c6f)83d$th_?|& zk5>D&kVxe|B3tuEON?rwYw!FN`XvvnTfFxDdjXq}8sL5t7uAu|Y z!S)5*%G{q)4Akp4XZb7_826DjKb}>co7x-O(S~+zSHG}7!HUwf04qtkpHk2BJRtZ!?i^AuK_n~Sry zt24%yRgUM;SI@ioa4F4_(kIU@e*AzfO5igL?~NhR2P3o%oM#$E*{vO1x%)mvAJGY@ z|JwGm8)jdub0=~#Jl06F=o;NPu8zxQB)(m|>n8rLy{f%2a%Q|O?2$XBX-Ocf+cohu zol!QiXrTDLX_#phf2(YVSxcIQE~~bWQ9?0cXTmM1`bpblt;!c);x~19EJv@?PI|>@ z5sj4|W$GA+X}hV5l~(o5!ttc=w6k;Ug&s!vMg{V_7r zUw%9{bG_^a+}b=Ec(5x8$M6wiKco-_-D$Lkyay~(Hpoo3)%pvEq+A=e854SUg{*xp zl}4pXf0JA5XJ3VKhqgLPd(J3MEGI|L5}b6YJEbZg{2A?OxY*oUF`F%{Q_e4YX>SnJ zZO2xfcd&JCHd|LfU&&8bX~m&*CC72K%a@hnC~tq(d(yOms52!$oS$@b+=Dk1+_!BP zrkK>RwJdpA*4rFyI!UP7a5*^1y8+h34My(i&IFD7XCeFSj2RCOcGt}B_3nOt6Cf$CMhn(mu zn{~g@#4NgE4{#|K-kB(m_wk+Z%1N87t36VbkYy~An6Hr8d(pJ#TR$UJDPiJed}cef z-lFEa^>>r<^8#STuM);8!c{k z_^L~dvlOIhuPXU76z)AcQVQ}xh8)k30E5^j{(s%6fm!h1(-J6L`>(J5UkeEQzw{SR z%EEzIR(1}^O+|ZRXB%a|0E5X8=c1D(TAL;X5Xl!I>~u#XkiiyFYP>mu)j%Np1win| zfFG0!fbUiD(1Z!X)!YY?;geb9C7{CmL!meNZq+R3)?aMjC8`i(vcm_ZU(E^y*RrlISo%f%~Uy)`K5wk+=k-c0Pd9ne3P+*#Qz?B8c2(o^QD| zaeCZR;O3z6VrCJxIij{&NJJAUZyaK=mouHPzll$ElB$ zKu~{60K>}mRl+lOeE~l!kN(rFM#)^}5BKr0&N)bv zjC^A>d-bUOKtJ$N^Oj_np(7yWCjyp6(GxK4UJRBxH?0BC?=?5G(6MP*Nt*Fp(Ic=a z)T<@M&A1HiF9S>VhuVQ6xa`=;9PGW~Fj!*Pbq~1{z^Hw7T#W~?PxLxK)ntSl(E*Kd zaX^WY2bbPiWAPd^q1HtwOOwuICBDdg+ziQit^i)9dZ&ICXr{l^k(juT8#pYE`fsul za-Trv$~9@Qm(2CeLfJSy6km|`QiibqY=Goah#tkx+k5~N%s1lz4{tMT1Pgx%6%i%u zPXWDp5#YJ>eMGGQS1P-;p$*`!40ZHO-($dGt-ZMlc1C}9c>{Oc6j?vC9A)RrP% zR_x}I_Pcpt#7_^@bYmLvj$MGc*cS5y+#zp!IvM|rXlnBq!tJgmHpV4xKT)X(S^(4f z1wOH^r7t*>h{>~8L%xq_ z6@5ToOqt#1jBrS_W~Z-g{DFn9&BzkaA9v#Mp6__deKoT}Y4%Lq_Ltc+x;1u_*|JsF zh?fy42732hm4!i_^6lY?Jcl-{+F^?M-@nZxKx>um)548aa3&X)uzH6*nRLzc_00UW zB4+#ZxL1Xd`T0eN8qoGwPi4QG-I_{!?RBwE@Cch;uL)-d$eSmAGO!;p|Oko)1NB?lgQmieQv+Q z+ftg0npiWBxxKZ|3W!hB>BBZ5Mt=>MysuwD7RtyL%*J(GI{vYuLr_C7`{x70q1@=w zc+n%~%Thk`=ts{gnQ>1SsM_zeeFR6Y3L<{FMEoT_4e@wwexKgOW%bOC?!mK;1B0G7 zEVi6zy34Ojcb47xUIj6D+kau)3v*gwGc%8$l`lNX z!*`M4ZyYb$MH)3B%GisI*vwV99l?04mB@^I#Bn~K8C0Ia!1h+&f{G&$G(c6|6vKAz z6&lUIE=}Rsj6;=w3n~UHkP+alRpV=LmQbo_w&J`2j^-4<&)fT@@b@v48kdO0H_16p~jW11T?`Uz--Fo#qKdG4axlleDy*r*RbN>2Y=4C zX1>mBLHY1>=$ZDEA;lQj>+55z&&`d1$sw<&A{b4bzIWoMTE zd~~=Qz6%M42SsT74cL-&VS5&4F-uDv02blNNQff{ph|yV!c5P8GXp=$ZnRJ*A0P+1 zc+bne{Di3FfDq^jqL>ZNKpd8);*~GB7sUzoz{?_}Qyw}h@K0slE#!V8G^}lzY?+wT z^&0d_WFOkfbTmbfGqd8Fm+4i6eBnCf*GV5LspMvdO!b^aBX&n13*wo-yCapJ%rZ@b z>qWlIp5{L9NtX=Fqq5H$<90g3`BeL-^Vlq;iQAt>hYYdCJ<+1#0p=W^1E)q=-}8ZL zQe8OF| zE{Eu&>#bnx0~s41dUB5ofN0Of{!y|q@gcw+2PCvgt%)Z@l)|xu?_Mrt^@2=Qbvxx| zKUZB7II8QiKLsq5IyQcJIl0!G8)h-%E@*hWuY3s(qG>@?P3zzjSY(=<1YLx8Fr{&@ zhfr83_(BaUk-;-iL5vXc1AekQ04OR79hO?|cDf(;L4_!11Cl-;^Tw7RI97xHm%Q!! z_cwrU0)Iss-t~@0(eRezo5m<&40mG~p{-WkztRGWeMOUYS)%FNYv8_ObOymQ4HhW` z|B|2gnT^wVx9hZuJ3NV?I2#3J7}j}9d`m;IjXhVNX3t-3lFPW{AFiUryZn0Ok}$BV z{bc_b$u{9yL{}K~Ti}2qZojwi=X)*#6kHU;6fPWV8$1+XJS7`lq^_Age}Un? zRCuDTOnw#7w|iRK`qLeLg2z4+4bavB zNh3I12{+B-Yz;@`)9AT8^2Avb$Wkt`*=JR3ugi?3^x|B9D5CNt=1vHyhrIfn{G&0B zd5c0+iUN@l-f?AZ%p2Al@NkI5#K4!M@)`^BBj|MrXhqGj$SYGc$pnqz&8s4n<6lOQ zl-yJ4G9djWGr+cO8Y z#(ZKmw*u`p=9c1c=xmvar*^@hiJQUulht3xv1+Wi%nl5bri{u2 z5@k3BUtTEdfI!{IOSY+uxJbR%%pXuWRI-+ZoI#BucFT$fcasN2XkhhZ$u-V-zm|et z#6g1r0`KSrxws17a5_f|s>{1n(1m`j>I(1UyuG(Sg zF~RRs-hUaBuiBt4QH*jRM#2iic6nC%AC2F^^eojcS7EM6&C~u)3h$YI)RSu5^}HUY zRui6X0<( zS+ZUEif;4c3r?Rx6F@daKu?mKh2`?1g)5xk>4g5=a^t+nF@_U2o+|OQMo)nd+8)IZcA~YF) z3*e$dQpQxrx&Y2*{$+5<9Mct)D(HrLk*T=Zy8;x_X0~=Rt^VGPE<$ahiaZ|7a}OA8 zqt&HzL`?RJLzX`87lYc7K>3z}t2XSJ@fQ!bKj&g%jwAQlMs;U*m(uv?Jz;7E zsS%|1bQ}KO0HfF~F>GD=#2#r=dPrY3T+RtxFi zy$+Y^D2ja6KonMIcH?Ym9o_tmG_m?;8}YH0HccCI3Cg!r%4sQJe{t>INtuu9uRb_d zo5G>#E=>u`?VC&Fy0zZRDT(4`w4xD2@MG?eJmsX5phCpbOQGNJ!kz)|*&SLEN&Z*c zKCc)qt=#sNZ%VG~toF7XP4hg&u$~Di?nV^da6+~gv8D}YFDq$1(H9@c3=*vdtc!Yo97T4kkY!<%Hj|a3F~lR z`wUWY+unC-?zt`Z6FP!3;*ffhHX=5^ZKC+r@DXXORk%&@apL!g*ehDG6AWBn!Yr2i zI8_uQ;^;=_>)0lH#UhtBp278WLxQrc&^2WGG$|8}ioHnH1ZkONEI^a-wB?ardc>N+ zdS97{U{*Ex0d_3WawLMvg87)~CYGcbEfG1IMn*aVTk1C42;~kZrekc)V(a5Hr4zxD zb5pOlt!)sS_=i=@;>KSJ+g_!t&jsS^&+7nAFZX37dR!cP8L#*^MGT3G>)arhAdCYx z>Mx9;>-dx;&8FOODei;q5tVBLGL_eobqx<~2iW>Zzpg61g%6Yd!RG#|K8qq2r7p6t zu3!3|%e|{s&3Olf zYM3S70eP#K_IYKtSORzmtM(>ySMC>ZZY3$U@NpY=P8epabv|pOL%bOR?H8eWQL&7Z zfWMVzoYPsNR4LPbDwoz0Oh;~jA47wPad~&qUlKTRF+gAU0GBms_5(=JCr9d6!*G|( z&kHF-Q;nH^2N@dxJc~J>s9CFUfVfz&&p;j31#>G3*-9b|5*s>ioEGmDI)`pg5Qv6} z=9YT@kR`lsDsmd3wu~-9ZELx7CZv`b9GZ!jNXVy=GR7h-6okl|P4CTfNR)W(+1~G{xka9lV&>Oi+?awOrnT%;amGpy*n&_vH1$4ln_0UddSzds$ zsLx~F`W^a{VmH@cjHf(5$w5B53V7BWzaS*>BOQMpZF0XYHpT8qT{qWwI7%8br z^9LN2TiX0_tg+k+w!RT8bF^-(5_#5L(mV1$_JenBY1#TsjYSIJ3u6@r@(N@JJ_Sq$ zIe?iXJL~R|!||WKwIdS+f^-4bwx^C`qdwnfqK#$>+D{J1t=wZ%!j}1=t&os?9N5Q- z=PAgGDM!e?RJzM5s>`dLz-o)oXUg9H$Rf(3hb2C*+DMj+BzZqJ%JBJKtG=w(zy|=x zUiat+i?DCQ4kA`A$mn#MIKB)gD{V6YW4c2U4MzdHg|ZKK!^F$(1%l92Vrwk*Bq3{b zwe2{T3cqUy2+Itm_Qhh|dY+X$TkL>-k|Jnj{{0^I_lv*8g0^^zudc0`_x>~%9mg%Tzs-;_3R~;%* z_)2+)tWNScX}h7^rrv@}hvg=x2guu{sT@;QQ;ylD&~f*_ka|wx-1c*d=ON+^2@46C zE@e62?;X=qnKd6uuO3p(#!kvuv&M+I@Hd@7dhgy*NADeU=+ck=tmnaSe;~Qz5L>@W zT0*Yg`ts05Q~f4oSLe6wSW3xxzM8=YG|8hooewY_GY6sAp*-j=Dd0TFeqDxt5%yr0 z7N?^<&FV2IrL*CkzfrfVztQ`RN?5WKovi*SIHJ|DB)%Y)&>(SPtj2?>YhHME6=iiw zT6Rn%+BV}m?12a|pOEofD=amMqM1HBKCL42k`|5|@fD4x)2kaL2ke!mP zA|=J(eu%71@QPVJCRB;B;wuS_qz&*ueW9ku_d&AbcHx*wi2l01DY^AG)~bfHkT*mW z-M7VaA9jRdyg=bjFVQ~+DYU{aCv7d9e)r^iElWLE{=W)xIq9&O-$b+V4ddLB-l5dS z&PL8@qv?{4ZHGuU%=uiX(422@cEcy94g#t%h6-hrDyR zX2x_Yhn4y}dgx*|A~(`uMLo-q|K@e6LM%K-PFp<3mB)v&LmU#KQj+9Z@`?JS!M2}Ff{y+5Z4Q@%F)QWq~nR4k|{=2M?p(S5HsRfyI`E5X64BfLuN z8UmO3MBOX?=9XG?%UVf>drbOClkix?e(-h8Y{iVC*$n9LG`vRu!pqo z*soxri<5U&&2b_wX2PUWi2|Qg*e+D0aH`nGTqr5qcu>M5?poKK-DoizWo6qxUdwuP zAFRf%y`J=-)KMm;fl)@4XfS=JW~s|!@%*B`Sq8^MOPWtg$N%Q?AIc~Rvxpq)Q!Yeeo(*6TqO;AypnulWZd!N`Ufm36m z&$OinMpG4mGspM6*4Ca*4M$71(Ku0F!5BWKWBH4JCs}m&W?>rHVJ=aZIwhuE)j6+d z`^|%fiRjbiln*h}JWBHERF@p0ntZ5!*y^?#MKl)L_aY|XgS_PaoL))KSl0^^%x(IR z67R0_<051$(;?qcxBv-qfG85<4O`=VQq{D`YS;Y$=lRq80+S$4;$$5*# zw$RHam&tvm!|h@Mf#^Tl;Dg%A< z-~SAL=D&X6Kc<)e{^tMmtI#q1AL+aQum0lyy}|$a9H5V6oA)y!uTcDNbm5k2n@aJu zTO_R2b>xQrH{IOalGX|{sGUC&-@gCZ5B6}&Z;p($8r$s+6ShBg5|gRVauw0uq30(r z#-rwdn4}ZNg$S=LQ7^vaQxm76GPi#utpE8r|Cgfc|0R6*zyJ6GC~>KSKhOUOOkj9s zf3nj;ylw?#1)Z9;+`R5-w^<{o4ES{11WZ3Lz=fV*a&eoh z36O_4AjQT5yx!kzcZI};2%%Gvw7)+eLCr9wy~306P(M7x8OSukg-S9!0C=ez8opvc zscpnaDhy%x!MWfch2Q&!gO;ThzUc<7oYj#FSf4EKaZOtkS~%egr#bwjg4Ebr$X<4 zEZ&eBlmJp39`ONEO*^_Nw`Lhq-N9Dd)StmnPyR{M3@za4U>|5~#XXPL^DTjL#rr+Q zQPl(NneMwb`I_v&R(?va|DyJ_5ifu7qY*^R*n*X0h z2vtVI=b`F~K1Q$yx}lNvYm`#FE=Z4^PD4em?5WO!f?%$d_-{ZCrlxoQj)9?iPSo&+ z)h$SYN(S+A&Q*mKDo`g%+W8lZVGNc9=>AEJP?HJU5@dx>hQiZ?5q4&!|41@jP&G9K z0~?q)1byBn2N*znN`TavwRabV)$?Ic_jk6dxS{OB+&Pi`OVCg3yCf_O!cx}6px8xA z-?pUfX6KGZcnlOB1am*v99OYn?dJ(JuReT9bAs48pcU9FaN$HG<3gbY%MR?@3t2n_ z6{QKSef{qJxIcg2)gNQtzC9S$O#%ZSWMCgRl1TD+PIE18#`mx+9ZnDAfp3dIoMhPC zBO`YOM~}~zG#SXoDrp@g817g#YG}+%!K)8SV(1n@@Q?@UlP{2j#5_v~d;|Xl)&GLl z3ef{`Oe{5!9i~*deOy5eay+Og_Y9OY2K~>c7eLK4R*COsL_uFAf`C)y6TqLTfQ^{} zJ1#dAIYg-85Sj`SbveZ8<5mKBt8^B57AegT(+VXZ$?(uLqVY_9Ks-~;h-lX9 zSqGf9+{Zd_Bv?mEug?G%g{!Pr*Z>H`ZfjR~Czog2CX-%E$yS^LZ1@+)5j`Yqhko~8 zn^bK0;WAJ&El_fY0fX&iL`$mEMjyt1kzx|#qV%AG>Od8>*ZI3f@*WHF$@cjt zi4S58{Yj!;>UJPx?0It1=WFcJ6};--V+X|=tKN%D3c2nXfW8o=m@jRjXOf`kYTW~* z%ib28hS58#B(_^lT|eyQ<83;})ZYIrC;UwKFFD|$sY`&ta_J{-?;@$k%+b|kE$yA3 zY+GeZ@7Vm%TZ!)76IqUH@Sx=~O3pLq_U_{J4wlmAAAB%doXtY(@Gd`fUEC>5uZMm0 zF|dk)XY;oAVHzsZ{tf8Q)?CfZ#gcO6G5EI>{N;n#(tHlbze7>ggcRmxaKadmgQfZl zki7V187FomL}7jCyy$o63HD1Sj*wRCyaJuL_=5k7x%UogGWxrH5kWwtDgh+Y5v2+! zz4xYwQl*n1N|kP;Nt0d`5b0RJP(yEmAcWAHXy^)&jz~ayIs5T9?>+ClbI;73x&NI1 zLr8g^?7i1_ttoQha`X6mPPQ4bCAQ^|hPG;#jy?v^WC2uShY@No?J{^-{g<6bx~FZdc6i z5BQ;*c@eRsI!rP~w{9goF3hfF6zsYqHSNs)%AL>e1QoEC+$*c1| z7>M5=JG`N`48o-|P^*uCou9~@&cCp7Hr@EJjOY7_NZz6tzdD7I#ufD6p64jxiqE8f z1(bh4y;-TkDG5Wv7nKU!Hy9Yl+=D0h-a?8n>f9f8fEIMt@|eQ+%<=dYH*(P#UlDd9(8yr28kgDgpg44=w~v4@Vo$Tax4 zl$?|SFMWs?obl1H>O-WS305zMk~0&*hC^$F3JTgY$W)no7Rc2)+aW-%40$2?omQ-V zAg6ul6llgCzFbFtU%WOiPmkIb;m}kz$LWDxeGRRu#;^mAoR)Fng3C<7Uez}o*sytY zu1kq{}>4@WWlcP9J==t^_ zUA4m*N5juSLL|T8$0Xjs9%((5!U5PQb&@v z&bbB;Dt4Ji`Qq$j1_l0 zRKq;rvqSrwn4)+k-jU|NB$=N)h-F2n+uS<^v?AL(M1tvIOH~2A+4+&-&qe;(uK6p`IaqM`N)#nG*jQf`}@DQ&$`_2c) zN(Y9Z3q82*fxVBbtCkQkV|TkyA)IypAbgf;!pr-kDwB4FeOWpVE znf(kwm~EDK=#WL$l7ZZU+fNNn>dhetbla=O?=8&rwZ|Ud<)S z6x@MXBe}{r2M^B1ejK99xEzeXn9Inv{6;a}z%t)vQ=cv1E2-eWpQTe8lI~ZplhW#^ zqJK~=gvzB{!}C~&9?ivyT1Q*z0Yy+;{!cG?mdgpu(ItCOH}h3E6y7kR7Owj9E!Z&xSj zN&=r8T2QOadAPR^2JZN_l^XPLPe4t8);=aS`Ih|2~l~&G)>Au z==G0YTq*d>3{RMgnU*5`v|9v!}XLe&rC?`*x&+t8%4>al4F*!8*`o zF4uP+SeR8Fi=bd~ZQNQKX;v}i1jLj;jWB3xn(Zj$1Sp!H{bli^vFsD|Yx0;b{C59$ zq1th|+*k|{r50nwf|yn6(Az=Z?Q*QoldYXWU7g)KQ(a88P+X9R1CXvS-z^Q#6Z^2F zbG);c-iAi~CmvINgDf!pj_Z}A3-qK&b=71NBWI&bdP^OXIn`(MGF=DO+!~7Zr-iyb zwti}qM4`tGyoqogCbSYx6M)Rt^}HX;*6MNciUil@Np$FwdX3-b)1A{I$y$_q_68&e zo$skz8UrlWYu!iaaWrS9L+F-M^SCY$~w)3fw_Y! z<1#Bs^D1~n9mfWW0!!1!bz#Ylgz4A30jW}C^q713n&@uSHDcV+M|kp;klS>t_4Ej zZBI@uUZ%(5K^?t2bg2ei<`){#bAY;f2Xt$}Qja1p;OfqR4@SiHas zp$y+IiSYEB1n94kJGtvniviEccH4`r-i?WMx^3jowlblUy(*6?l~}!J;wRt&ykt6z zfAyM6k|k0)+H#d2SGD<)DFegNHIm6;YoRUoA~@zgfDp|DjJ)1^txs zi#sqWofY+a2`&Vh)8ZEG&x~;$-`EBB$(H{^rda=NLtEd0E+8iymAVHOx48JQT!_ka zVkPCm1aJ7y7QbT~jxMD=6MdO=`;&+E1H(_L(#fi-S7m{{nQQy_w~tnp-t|psFwNAOT{Hz8c`Ro zu+*V^gGrc`_3^w#zl%w^5xCZt_~_$M-RzceamIWDvaUsK64FIWV_&lG4LfPvj>v~= z$Q939++!jwMibkP!{N`({!}YnewU8da^tdxCup6}`|@fY9#pqpO0K>3Hj;BNVE8DB ze`m#ukYPO$*sW4cZ**_x^?!K*J`FM3Gp0Tw#*jyL#-YVRyJ-U*Et0&1o+K%%SAF`F zrNP!DWfFUS%XGa?ILa#NjA~3CMzmIC22-Q){^DcJlf9TAwSn504&QSY)cEF|{m7?; zPZ1F<)3-Z(Lz9B1NGoa5&={Cxnb61IDHNfFqypHCV3+b6k`_$Wyw6QJV08Um-$#>aiR9^_`}hkUa+a3jxY|FB5G>dAm=kh9I*`*tMyHE za&IXRcJAwRI{S)NE2HxJmkV6L2;0L#DDJhh`1J#CY7r2Boz~SAVaLwZL)yeYill+oSA(l|XOGQKk7XRc)a+l} zX7G|mCSh%6AWTJRn@N_PHEtZwAU$Tf@#$PsZk^DH8gm}fTFBj&r z=W}e-$XLGq4upjJzX2Bsy#f4m!PTojKq2f$1Yhek1 z0#sek{mp?QBp+n7ya*dwwxM>p;j%Uws?(Pt99epS+2s!~LR>CI6#BVVh7HI6(eags z@5lXaiHxB_Fycp-^zVL&Kl}FL+#sl?m0Jt?73+54^4L4}+Wgsk`@<&znsJwnl@<;I z3S2ip=@iQ^j{xi0ryHMkd*&0B6ni$GRn!um^XCQ-C6-m2CiXxzrcKvP*+7Ih9#{0- zwTB`%f?5IeOG4jWuq;_@Y28d?2>?$y0KKJ@aQ_d~J=qJXQ<8YwFi+qx{)S+{-IkiJ zW^WqSWHa{UW8DBR%KXl-T|}gmC5TP+@U;ywptnxe&FdO8|1tx^@*1Qc{!RQzR`G>SsTuP02j8+-D2KdSh3vbZ&(ay$yZ}rQj3uy!zWq7~ z9%Ko%@Fsr4Q12YwhF{LEcr61Op`7kX1Avaxq0QCnh_^t&+Gn|))%g}k6R2uo{SGu# zYKD*fHcY;0*>^?6gK^YAcKO}l6eLfXmbDzLfT76cu?VHPrV(AiF*97*+tQz*8@;FN zb9R7|CIZTohtj#-F)0_A{9xwDWV>uc$aBAI_BGOgFx6WQob`>AVv&Xsp%+iSq}2gW z`Y_gcNxO_GSdp3?FyaT12t2bY6$d?Pm!kJF=mru>G1e4t!a0kma*+c&$wIm(zKV-}wS z1UZK+4=ig@fZnqNHlckFOINA~6TZJ8DTC^RSB>M5a074eEQn21pp^E7v zlM`3nzQP|>sWe-Ydg-)|i6M}4$JQEY4+j$RCS{j4nc;QjC-G{zFgSM2pPJNn%^zXn zV-1M&J>Z&tAUJ4fHIhg+X_BdW4m*&xcaQmi$HtXL11>yQ&E)kp{do|$WoU6G9E|Wo zcuBkK6!Q9A=h0J_dK&nIEKq-XLAR#qB#=Y?u8`g#kEMOE=Tf1Yr9l9ysY1I4a_lOl zr=)K#s~7L$qp7wr7`g53m%Vl19f3UMB_a{odBN8=y+#QfDLnzb0~c5Bs0 z;xZ61&ALjI^KIu=tSxA+O61a+7{fLQml|O&_nyx;2f)M}ik=qy@FXN_B@BIs@bg{D zBCd)zf^xf3xx60oySi{oAZ(evS)Xxrxw+YCfq;R|IQX1b>py@z%0Y%qO~-5f&a|Pk z<^T!)YV1RMaJ(zz)uxu-k=*K&_`VMk8kzHrxe+<^sLie;g4AY6`5Q!LU0hgTXe(g~ z+f|WVANtr0c-(fLf2y%%n{LkIAkLZQvDnMoT^witrt)(EA${AAg^c)fCI4rp6)jld!PH}b~8ih*rf^-YFh6ls(wzgvV1#(a!Du#_`q%SAw88tKYOMqi*KBpZG zL}mVRmAq1;NX4vG_%T#_UoQSO7cz|Yd=J%3dF$N8vIVuuCjcCu(_$zascRYVYwOAU zcz(7AWPWUzHLy(p(KBYtH@>9RbdUz$I}_;S1=25jWGE1HsVat(E&P*+3xWD>X*h^L zSVN`4x9!)WW~kog`(R1p7GCdfbGpmw4J1av2RZg--%Z?Kg|(oN&h2iis64M5R1o<*##`FzND zC;-hEvcLQj>~G9~fz{eYV{YG%?u(t=K7drlX4Y|e13Ei7&0}p7uspSu7P(d+{$ZSe z?Y;UpqNC~~h$fVt4DRfgc!6oclZNPEsaowp25akQc%<=eE zO6;KNFe#$aX~I2hkWW3{C#rHI-im3gew@_vm-OsvW`8!&X#WPx54U382=22?0;Zc7 z>GelH&xb2^ssyzuWfcksMd6|llpp5fQU`mekqhwLWdlou0R%#dH%O2QLi~_h5N+9; zJ<6W6zCO>d9kWHRh{(UVnI!y1>To1?^G)&IS5-?+ew6vtNJ}dW>s=fuOXJDD87_+X znU9mmNa+P`MYF|jitz}K*K)I|XX6w=U)lB3=<8VYfu3n8d=k$0qC%`T(*KWMEixeB zT(nQ~7DRrNWgatv|AIX9e_wJE2la?rImEWRbub|q)%HyFa%$|@k7kePUAK5Bh?@<~xZUN@=IvZiT(os9`4Qo6 z3iF?4GL2j>p%<`sT6g7-w@00y%=Mjl=M6@N<=qcdP0S%^(>aqQWS=3fk`JF1*2kdT zrKf*M_|ZNs$|(BbR~60)C(6CJt(qhfUQ?ZHHGhM2QeH;}Zxv5tg~h0ebP|i#O5#_| zJe-W>yY#-o#~q})zwAcUwQARRSX|Q94ehlhn2%i<<`(T9hQswtNDFLV$X6(cI~N0K zu6y7$AEnnmh%wqY-1)Y!9I$0Sx@N9w$~7F>AZ?P%=$7OdZU+hUwO0rk!7Oh{_~~Cp zkQ{|^9Od;qu#Lmi(Ldrl(^Zj?wpPKXqBpr6dXsZ-LY9!E<}|`s&8K#Jz5r=gM(Rbs z-iE8P70Bb^2TOvg@6|REqKjO@zMQEoEIi&g7p)lOt9KA4U+fDOJQ)rThKpp65P7Cs zsYf{Tdsh*aOK$G=qlR{332awBy4{ly;?BtQz8d7)<+oyWlXl z+=5;Z7;)N7e~9?(q<5>Unchco+yt3)W)_2rB~R@FF9gLs3qw&dA12>iP6-A`t}iDz zR#f`ezVx8IB0cO(mCYu8hpVL15ncLLH1V^ zVs7J}lc&Xu*R}jDbvh+DizM(#ynArOFJ){&eBvN%Z)NmD=t1@MTKven+s7{gaJ|yw zDbnqy%VxmF=iQUjL46$C1T$~Z>KT{(beSV`{^?}&iwQ+wSTJgDgJOD@ZI$tKc8Y2k9~ z?boa((|Gy{!Go1gkSlNx&beqztjy6vP#+ER?l(>90F$?Ttn#MrTGf-6xq$O+ABovy zdY9=I*C`_`^vL6UZM=MDl^D*a)@<{7!wda=l37NtxYnlcQ>nJGwvyTg0qPd^343T! zB2vrqgNooJ;$H2J!?=6P#-*-2Gbc+jb$)5j zI{P)DSkfiqN(JAf@ZVx3%%II?n|-86XT8~F~m9U0WZrmE)^U$7Nfi^meR3J8rDraS}z~GRQM$=3?YL zI_3X%&UDUzRtWx6v0z#I+>~Zjipg(R?=e`!;V14Y&0WkbkXGhc5d0SN7)wvcpy9Sy zn+c5+b{fU+=dlb1Js_?%$%xX!80p5HA$!0KYp zbi&=*A^AFre`54It`-2x*{C@Z$=^3{hS|FT3?@sc{N#sA79v7-_xv-N!3}|_c}_QM ze2Kq9X`YcSQZMJNuuQmHciU67v?zqjAzPe$SBtx^+nLyo9x7Xg?^rF@O*z*JjBytnQ{=P&G>Z2-fYIbOs4pSWobWAiI|=iz!Jue8am+ssv;w8YS+8i90zF9@2;*{CvKl2&Zz{K1n0CU%_gVp+6jo>Sio9KD!Rw-*_B+R!VZ zdQt-#_dYfH?NJi@6!}z+Gv0pYWYJ?pYCVKeqF=4aAen(3pZ8HCoE0S*6#gQhyB+>F z@|`p-RZ<7Apr@VuAcdANG# z(;LK+^YAeoK)pFhW^fH|@^oxK{F)Na+$JhCFfskx~v*%DH(?G+%Fxd~rdG&OSqH?r_sQz?$o6+2S9Z-A5s}H)VWOpihtU9v>pMB38Hx4ST|9cPoul6(i;5Wc)VJGf z>iS1uqW8ngHqdJ32!D%<{{5@othq`l7vnDL-d)8q4w4#6ER8Y3dZ4?<6!RMK7KRf> z?MTI37wDW8_5n8PEz(LRFZ@s2O;AVO*ZO6*x^PbL!%&DI`L>pccG~HFScGQMBIkyE z35yP$eOT64)qE^w?Hr00eAw|qDPqAMB}YhF>_&_sn^MOeQLlt{DJPrdPMo*%Oa_?(@(H~1wPTJ#eMT%sd|gLvWWb11i69*VZbMDN0T8}h`5?rR*; z2{Cn+mm-?XY-I+F1tfKp!jcy`$5e9mb4U{~Ea~JlO%Ex`o;^xefLISlAL%bh7rD}9 z^~Hv9w?;)N3$bPvznlHdx@A8FC;6FV#GCWGHuAY`sqh&SP9|+Ksu#1?&%g(h>b!R4 z5*gpUa08OH6MWC^#3g;i#s_7dr)(TuHxl=_;3?OOF4xT?T1bN|R2ZxK<&baNKf|i| z%^uT5&*NQG-uFtwW9e5p7#M}fE(TI*E`T6MWfIa@nD?&h@L8>gURFgnwHXH(0=6Sb z>c8segjR}CKMgIg6=OkZMrAEZBe{1_=TMTq)VzzMqSF~w@8&GkMSpvSB0*?}p7-qR zX!hpb$#(;*LD3)61DW_D#7tBEsd{ zEnz;=in)BTiCA~ckQn~Bj38v55{cppXMF5pNB?S^z2FOMJc<`fi~o!h7zFJ^LgN?x zzg<1y)>JPbB0kzk|m)@==Yg71c zysBC-C07H{(98b5w>%4KXQp8;R={NMqRov#uxr|hi%?35mZZO!dPA}-Sm*1nhlGql znX5ZUo+Px_c0X;BdPi62M6+t{+-<#_aT!nS;#_1KvLmrO?)K`JJ^Cj)78WWaHT~A{ zhHUmZn_FThw+k0KP6^k<5I4Y#c7+aAoA=u~pA8g!Su!y#CFgX!D=J{)R~TaT7oQP9 zN#5}VP+0|xihu2snxU(clx!d}QtTNysP(mA81l6x-J!xidwo;%gk9(?~FPOR?duixGw$MU~es zeGsOsue_f7s2IG7xMEj(nB0n6?pf6N>*+j-@$y|8noDU%@sTCnF^YkOG~)L$QX(im z`=YI74SkOi87Dn?ztoJJ4mz2h`hbVDn9@6CJEm>`gFwI1VvbP7mdI32IW z{4qbtfKCa8+(98%$~h%BsokS>^Ed-S8Wp~shL)q_oXXU1eRWMB>(mxXP;olfB&Y08 zC8=H0N*Nn7Y`gm+!6t@!Dy6=4xXjnSwfG(3(_kDcCaJG)RAwTHva!|7FCmXF>O9_~ zL3+W?l2mPq>P*A%Rn|_&ftS2<%*WUvM)Atc49P2c)-84Q(Kf4fH?Z~d6d5dPM|1Lo zQY9+Pv4bbB6TZD1Fq_%x71!^GW!-;y3F$)v|0nQ7wT|UGEva zP#eu-^>@it_46c?v2xE}vk^;Fm6;V+Po7!Wh;-iYaGZKJH2Mei4QKU9Ab(n>-d&fCRA7}*b+psAu~R}L51y1Mq#!2_eB&Nh z?Aqn7yU{Wq zbAn&QTeh$-q7Pan zl{UUyt#%NZv%&!kg74a0%V@J-&G{~OOXy8;7KZPe@HCS*3YVk^3sq0qN&H9d_+f6o z9t_Wp*a*+!&glqTt(ly#sAk^h!VY828gI_*&G@-=I<9deCw4^Bc%D90^~*GzdTE|J zZAtGM&6KcdepDMu^HPiLlzYax(EmG!SDf57?jm+FK0Dv5(aFc|LVjW`j>*G7$ZbnD zSe$k-YPAK?JKY3h<;i_`9}D+g_@rTk4_X?)$A`f8@BbmmrP(=a?%MgZM&)7Yg}qn1 zcD)C-<=BZ&G`9Z+ORZd#PfS)tZqsO7!jctT`k1vTm4484NNQ1J>mBU9WgLF|bO9L~ z(rU%{a&MJ8sEaGV?vI+7$8jv_$OoePYQH1u`In;4OcjH~inw7a4E5tQHKsEyQ4}Qq zxZu$plvFbg#ly$EP34zMi0hc@uKu22cH6_{))=oCo197RZ3hL6keGat?#Djg zy4a7ZHFaS}+-vPKPf}}IDa<(WZ|n|3i!a&iT)g-{r)2*%FM~*c|3wx0?`HVE`q;KW+sKLH-{u$#nT;~+nYw!X-OLXxoJgL7GE6vE4Q6mwpABBh~rm4 zJsY~aJMy=|3qF5Rw)ypjS4^Q+=gSXq4TqPCq+tz2Vxau((rmA4CY?{&{_^Afum3X5 zyLAn%s7?}QR=&t!nGKYj4ijZGZPxFf-~@8WV3mo5MiKW>M&(_{*wJ_P@&mE^&)luC zmkfSwg?~tkdtJpZMWcClPUrE$t*^TTM8am^p*c>!b%rfip35*Z|8$4STO}%c!vm9( z$FxP)v;%bh;+6T3Nqz^PMOf5HHb)QH}y|L_` zk|IDazOcWQZt1CWyCCOgO$Vdi*Tr#vp~bsNYuIj8)}H_J0P4n@ zP(o7)2SqY}_qPQ`XPiyR`_Eo)#Jjg1JI&_U8GPS{hezJw3qo3P?|j98IosQm2pIc- z-M~Tv#Lg-Fkqzb`f2llG(x8^sHysKerp)4&ht%jwsVv95ARptFVg7d1<3CSr=iOh{ z31lF$AvgPXL{bDKm;^n%z%Jkkyv|<-asI$|i>{^0(OpuxP$~~*p0nsla7pE_M3q&m z`Q=n<@@87@hJBE$hny`ay zSzwG+!q{>f>^w{WP;VE7Sw|P`Oys)s!6fLES@nP_Yu0C_<0u+DX<20lrN`CvaugJO zA&AUk>M^kv0EEQyL|0dp0f09#&!%YdNL6Qp5(az@z;f;D>OZW( zTq>r%wg(|=)>nZQTcnF4IKZ_F;WvJRbTxSh$k-04$pTP!jm@NO)wHg7;G5XZO^ZOb z(ct6q)0&>V(lY-z*QEzGD%w{T15%v``(QRB4AHGfHhtD;q^9n26vBZ)*xM5r#*Hla z)qJsK0j;3)$5i!q_iMsi8zR4Z?xxzJbV8zr4YJSo!Q24terAhsUMK7PFnhxvR>hkD z+Vu~(HDG=SHRLEyx^znK9Rbj#WGxvv|sOY z*Fnsi(i|OG?X2EhcELkX=JEYqjCOK1A>s)qyMSCy$kWisMQT`Un&fhqX_X z_S)#s12E9<;|Vek#!WvR>E!34M>p+cuT^sV@)g$8^MWOJbMe}m)S}H#YG#FN@db))BHM!-SdQQ$r&g%VDZ}ms zE4u%V+x{D=`%Hc;|}RGM$g9+oqQ~AYxU4`i05TOSfsP* zpvQ^>q28GE$kWt3-c7BA>wimzeaO)H> z)@oM7a1yGD&|Ivibz?a_zD9jk#-lT&pVJ2mYA*6PPtK?hJKrD%00RPDk|Q<67G}vq zD0^u(Yl#op{qP}}V~4C?IRICg`D%gv4Wd3f%sJqDL684doFE5#Mx4A{B8P>`AGt>F zi1zxpFDN@3TopO<(|59LzPB{te2zhU2_s>cEj3JN5JD~r#d^`ECdsAEWRKw!XV>O=9f6Td7%+ z#6Y0Xi55PS5>NKat3zVvweDxef|Yl?>+dVy%f6qBgBQ8z+(SRX6wI(RvNc(YDtb{(|BHk^<|5cY6aC(##Tg}6{(hOn7kIBfr9|93e9qlZR{K9 z7NI7>k%N54Kova$#`}ZX<1$)y1wc1lRfzy;k=+abvk8{g!o}j>yGxd>EuE| zSm^}@X5a9=32yM-iN1Vig}x;T>@X5oQMXKq8adKGOAKv}LOk(`BN=o~RFAVo`vbS-Sh3MeHXlxe}yT9OOqNhl5W zRfb_sSx_do5`G*sgCMq=Z|EM8q80!OyuX4DYT-%Uo^sB9XCWicm7yyI)5j|IdO6AGs4hi|rvoV=`mdJKf#GceE^I}TDAd67a3Sh5 z_aHXpC@BQZUVtu5lb5jHI)XaN)(d0Xa1!@E2zzSYS*FTYwp=UJ7)m0mR1E;C>cZu9 z9>sDVLXHk{47kVFQXJoX0{=>%`pjW`P5y(ZZE~XmJw0}%Z|-`-Q) zNzXJ*m)}yd5Z*gKSz(Kbw32@-*b)yqV7}F^n;;9&&Oum*BZ7O|>iK(mIr05R;{_4o zSN<4a?w>B;cCvwFM22S~c_x_vTf1}1hG~4piTCvkl++Wrf1>$f8~BSRjqc5+I6kX+ zUi0@XP$b@^F#AUE&xG<2EI_rD#Or z`**7nObtad(gtAePmBOm63o5fmy~?UN}8&kNyh2MljnKwg(=r?x~G09dd1^;aIPaW zXnTVwdT)w6P%|?{YR<03JO0&#Mcng_7Cm*g{N*0p5xrPA3DpRUm?s<#laXXkA7QwS zus5Ytnp`odVi55B-5yHHdiI@}u>o7{`$wZJ_Bq;=1(DhrkzVs%L1%WBW0ao@C8-{$ z$V(d^;RFRL1zKQQ6Kaxc_Y=sYcJR8-={TCY@6>6Z?KTv;|0f0DtZWxwF$Fy}Ik*YOISNmmfwGwjR!m3YB>gOY7Q-?;>&h$GtKvqnyn!BH&YQl)-_;`5;dMaz~7hY z5}!P<|Nf-kVvSL6kI%kju&69n!9}ZNu?u$Jr4uG-(WGoM9pU(2`@eU#d{?@QKKVSD zYA^MVE#5J4RtYfjpX^|%^L38K%<~?!{f;<9b(Np)z>ImqFmyf^P03tt{2z#{bwg}u zVK0}(nf8J+%PP&9~Rgd*&Ib#kk-(&IA}};ki+)}cK+W{^8e$X0Y9F$BBE_Fb*p@Ws4 zN%@nbMWuA;Ko-7%d*r?R*|NX96Ob6qpxiYPcs0`@R;BR=?2nDbPQW}qiEapDXPIA2 zCYOn|fl$VZf6W@7g211mU6`F{F5e7GldqEC%(K zT(m%OG6xq6p@CSoHahz(-$8&;iLi?`cwr-{SUwv&Y`=Baqqli)*fhD27sVb1hNe|u z`g*&!Cb*%XfEIB4`@Rc7elvh=vlloVZxJ@>6!&b${bmDK4}o2>ObED39Dt)k z6oj*}{8_|Q12u93;EJoUKs7=+P9G4 z-~f(t*P&1DUkxa*3(dy)DwI^TpZ^77_`++Oz#_Q!b)HW8$8)DlVfs7bmzg+~4_>K@ z0D!1~7uDnAzu!gmL>iF$W931{u7T2It5wh0_e`lJrAPH8QX#(~aHJ`HL_oCa;u)c& zZ@?QpJhBUA$Dvp+gJKiV4F1_~pjK9Ka578>vHU!JkPshZR}zI%;Fl#dneTuu(nt-3N5t_IyT+ZzU$Yun2B&{hA9-~6K9sgs-vUn3)A03x zobUjkM7;WEHO?M%1WyFw@U1X+h>Lsd5BAULP$1lF5po;*oY*)38<*IZ%F@9YsNocL zOOXzcNTc7(YmS|(1E#6Q*OmZ4+dF1zbDa9BRbH;rY#*pg-%bc2eDYS5XW zU;v~IC{rB;S#>kSXItBg2Yd2l3efq-fN2HlR)@M{n?Y!u#sNH1sJNt3w^SNp9RKQ* z7%UMt1Fg2so_OH%?)i}E_8^Y`Roj%(jlQnvP6V?V=QglBzja?GgTuE~1-kO{} z@s(Mt_<}Bh-ll<(o&hi*RsxTjG4aE!2D4T5xjAZ)`aB`<#pP;0@%}rSds2N)!mAN% zX9PCWr#|^55Te$+?7RIy)VZwKGhsu5*Fx1vM^ZZ~^kyXa{0y+buB?0mPN8ilIW!}L z4{rcR)K%%4$P1bgYrq&?bgY|p;B$c#xTn8=+r{=Q;8VwZGKD5>xs*E!G?~c8q3YL_ zIWCjg(6@sCTG?c*#J%Kjq@Ao-Q`o)|OchZk^q^0Jjo`F)09oNFNM90`EW5mm>uqT# zysZNgrCBq5>CLD^D6u#+InzBydG9;EjPNGqJ-ib>4fRM#JGLRky-y6Siqto-_7FN8 z3(C9%9m*=fJN&i=s_Z#>uMWOhkp$Fulf2)&KP7SpWrOhJ9Cl*adKFPn1j z-P!xpkV3P+l36k**Y(m^h_=6T7dup1Bx_?SPNB#wCRXgZHMc_(09n){j5x~Lo4vHT#V|bbtc2)xCvW1PVILd58{bF zUMqcX^`%QQgrs6% ziiF%(6TDyp!0ni&!?glD5{j!A%B&V24eq)K%{76x-3H(C7L2LKc!M1q(He(|FpH32 z;cqQ$igNG}vbro~MWY!IXs`pDdV0R;#zUewHY&rgi0A&|-W{9mE;_ugv!2b@F#_)( z;s$Er5rh`F_4F8;?$+SIn5OwSV4rhy(aQQ&c1 zxk1Uw{{|QuohJ`Wr{@X6)l~qnV9cFxNjnX$R&lYqk%@WT6APmxf~Hq<9R<&8OHZVq z)d>6}Tpt=gwghqhRY!qEX7J6oXv4Y|pJ#o?CjyP}LC7pvfdumxqR?0v&q=yI zaB+WYyoRAagAAFLcKc@TSc*{nW85>I-`N3$3>M4LDrMLfAOXiIKkp0sbY3x(ao?%8 zne3eBPU~Qe>y$t)^4Ch6c(2g?L@xfo2P{?|olL1ebo#u*zdnGQ-$?p|s)z*{=(jtf zPd}18Wj)J1dd^HG^*7EDEJJ0+x3+%TAl+PGG6xJlgxUjMfM{wcr#;uWK1kCW=RzPA zK9;peg-VL8&6KB0y>R0fWIGTh<(wfgZnJ4*u1W-zwgdyV{x^5yruRu*lN>8;w-)B* zf_PAuH~z6aW=z`q{sM8Ucy`r4L1v-IGwthgcz?#lecj6^bfk&Mm+z%{y1Bq~MSfg@ z?EC=UA-g-!Pp!SU3GqCZ1YoYc>RoThV6{3sb?*K0upe74$ zay!rSIiD=_Tnx5!tr=T6>U8mf$o0kg{nn$OFE#`)sGeVYr@!KcT?t`!=X6#4kXnLbBIg+xWV4le?KuE~00 z0>X}u_O)II7e<5Dj%~p$2-~~(*OeU!e`jv7K6Z68$GUHF@0Tzpeb%C{HS7zx<5BUHswCPQr^LBE_I)cdD4FJ;AJ6wa8RFV-*_)+4ErAEG3T$fSAi^% zs5(xy^~;6x9jJzoz?TYvu}TMiLYcR;d@srfeJ;xqwTU&v&Y4N-DhcD@b+#J^>CVfM z?w6~cs&QDibag#=-6U2;Mf_20|6VZix{U!v3A!z(ylp5?KDI)y*_W45JlLajD-35>N9sxU_lF- z+k-+Ix01PJJodA^sAnjHV*&o=_#zW+7d1S~IE5iVrs;f`^3C7%^WXM|n%*&~sHv{^ zXjPoF(FNUwl;CeNoFWq-Ooc+f^|V*fBr;0l6Fv0wQzA(iyk7kwmu&Mah`x%RPpghI zZqhClK1tZ8>_95>uXSxkm8*~P z4H9}!z)teVfi<8{jNeKTVz?Z(|0i&s^M2(B2R9;Ty`2H&&`VI=An5J5=*lg;<*>3mbmvY6|!y7RgZDESxV%<`B;DI z;$lGJ1)14`?&hUSZ3R3#8*(}s3RQITswH?D)+McASB>ve0q!L+7bv;LIeBK}(l)r0 zD02YB6EQAR0M9$?`#kE8-u$M*^vkB#j?LI#at(=740q=9q0ow;v`MtH#Ib8*RZQPfc%b_f2-SRMAYXRt4s&M>`P z);lGVb|!WxJ^N{a9^ST(!`Tuz zP^t-Dont6_NjX=p7f~uLj%pAgD4XAZ=wZhLvB<%#jQaEZBGo@k6aIc`wZDG6RM%uh z)?Kq_n@DVp_|$?YIp$fI<7q9-6H&jE$?|8?E|AgQiBdk$XJojG zyZcMsmT`}qu6Q1Zv&BsA%6IMlkiMK>R&G_v`Bdki_Bv_P=M&*b7As_??-ocY6{CJIZ5*8B*e2ehcENQrX(;Y2*DcBURNiqfA$fY& zK#i13Bw_N@x}nmOw8Rp7i7yu-Y=wN=<Ug|>{$U;Q5$#%t4dL2 zJ!!Hd`sD_ttKB!R93H7ju8&bl_MN~B>8P&-M%{K9Y)ENgu@~!Ez$pdX6Y_>=( z`!Xrs*}?Re@eKw{+supGR4PY>A!Fp(*;@GiaIWXWzGqwz_t?3w=}Sx9p9w! z&}&9)VGDyL`xEKs&HhxJ-4Xl-8tZ93iv`@Cx+zkbT;9P@S-`R5(so_5xTDr|xI;Nt zgXw0iD;cVm{=F#mb&N?CPcNtNM1hoetW(QACkm@y<`R+6ZK}u>?B(F>qScq8w`A_J zz>j6vkGw4>8K4WQ<)~n9EnVYC?;A}6zQLcF*mcirmb}3I=f`!EV)$#VdCp=o+SdwV z^J;A)=Pv!x+NXO$D@yEC*>8k&@4aZEZ}J&^Qv8l`#S|wWm|%oAXte{P197HBwvp!742nn7nAqMT)wsw+p=cXI z*VhwI1E7R5t+i*1d{;txM*hPB5U6H^3(9E`=tUkzQOfACC$xa`_pZp_l9sT+-RRY- zX$T25m9?8fGaIStuz#kJV~?oc-8|jMtXye*4glbWR`DPBg*3NG@#_vP^*h}(Oy?MjWAw~b>KtvVw5ZuKMqz*Y=Ma+=1Ym}({|eTd!Yy< zNa5BjC39-1U(ouizaHPb$~s_1y+p?>C$=!Y^C1f;qXO-f(~blbi@B_G+e5issn6G& zCpr@(LoQKdi!qE%IT!rta#CA_WY;kIPJ^_XN8e)~kM&5azg%DU02-CL zQ{;@uUdz~QH&>IG4yjGJlox%~`??emJNwK<$5g*1{TlDGNEBz~dJnagIFbG~bfvpP z>;0M`11+6vIN^&(b5j}n$=Fgwd0bSL@-#O%r}YsHcfpcoShKYSr{l|LbynPBCf z1j>~@8Q#B#BULglo&LSp#aT!ZMM(d5ZKr@0=XLt_yO2PEZLjCMZI4WEp?FvJHzzRW z$V-y#@pb&JXw!o#G1=7x8tOe>S3DbZh1bA6i7#j3Y)gnjPhw9buC3mZ@TIS33}4GhlU|UpgBd$u`ASYg7|Ea z5=C-WDe^8&L`Dq-I(P~i{=TxNM6z$#dtcc4<;d+vo+v88o)0R?>iP?i_Q?;bVCXU>+Qv+uAPiT)IsaZ(bJ2%PeNY&;JD`$KBXN;gsfnGckkt{s1N$;nH@lceF-K@j+GY@d=>&8 zET_)Sx!Z85LH3K5tMt5d3*jZJ46q^%8(oWb`$>Ju*hlE;FLj8XspToTY<|earqgoG z>}qAcgqo{yx=N4TaHv)qHX*g!*g-`v9Bw*k-_8$ zl)Awl$9Ln_lQ6?|MnST94-VfLdekQgCVM_td5w(g6z+k2>MSPTR&pd!w?ieA9~5#Y zCNBxBvz&cZsKs&uz<5PIm7Gfu|un#OK5f7{N#;n4rmk1JFi`+Ou&AclslL3jFF2kqVPI z;F}vJO)Y^dGBmMzr|)YazEXN|%@UFi3q*54Z_}TxbXX-06vG{;h1wpX-%JO}oWJ(b zUk(RRiiM9`B`+?<*$1pX_XRg~a>Fu7z0|^I=G-EAYGv-7_`3L<7t8JYhECMC-9p-Q zl@g}dou&1y6^+h;vldPpF;Kqj(aJb+b7=B|WKi5fTvgi`43)oUoU#x~`+dmbX1o0E z7B`BpzJ$}&m$%ity-j)?4*B(4aiAxwR32f!9JPXh(8UKMWu)g zYNzq}oFEc=vriCqZwKJm;cL}y`>xil5fpq@Gko0WV)1nA1%`7OeakK(y4Hr*6+iey z{ch1^%LN?N!uWaR+NTsY@}<;) zUm-5p*JZdRpJvLFW4F(GG4nXo9$H^=r6ks1-l%=0sN^#|(maGiCuLG-?iQ{xQT+$? zDs;Di1ek{J;EW;#^|;z^hz9k9E%`7I&r@V{KXuP%T6ZA$EWwslp)@jcLH0!YvL>DS zCHf6$!3P}?T8-erL6zy{FLl4fcfT0^G&m2);*~(JdU@^*+jR#htGqNccvFXJ$}NpY zoN8okjlm>wJ;KXL29NIIMCV49a|plltlADcGK;=CtKs9`jT4oAF4?H`8u8d1(*Z z(cJ7}SpOC)-o>#doxl+w440{@nv;PJ@%Pwbl!xou)iII9qX(_gK{^k z)Vg&RGyXKDQagxs1Jk^MqjICn--q<~BgCclxU8>oQ5CHT_A~3a$#AS0!mYZ`7jr{f z1Hhdnz4nMzmbKdv0~1yg+CC|fATz~N*e{}XnPIE)X1hPrV8F#U#9OHGsvWz6#LjGX z{MO;yG%N1H_iqAh`s6O(8sZeK`OqT2EPm!5wex7{Xde4-Kry0^*!D|xvt4SJ% znWtP*O|uH`?Yea7yMt@g&CVeG3B_qV}^GOeCRq1ka6OP1Dkokk3Zd2-f!1o!DFJH#4m zsXmaN81fsp{64nR$t-p#8BM9F^tdVY^$}_?8(PLA99=uGQ1}uPh*U#4xK%R!YILQ` zCTyR(0=DGjTX)@?-qfEe+^}ODvy7UxEV-tnm!UA0aAC*QqoUWXG@O7~(a*A~d&7my zf8M>bsfjSS@NCpjJv}x&gl5OO+wdelX(ws&{KQVdVyf6lR z2~&T$a6t8g`f%cXgiGBhYiZF@^g)ln;Y4p~*7@%rh7#+iYcC?u+NbrO#urJ^+Q!ET zs5cRbQbRBosE3Yi)*x#lDVn(Zie$7iZo59NtKcYCr~2&stWrf~XXCfZFSXlKvl%s& zIW_wz&`@0!JE#A=o2s7n-THc#zQ@Z56~pIHxBb&b%d_XqSndny8|!7|{Zv6a5e$^3 z)bGS}NZSt~*TF*dX85=v|Embc1__je(i8XT3(H^o?nR8h4Q+BY#*!*y3les9dekH{ zVlBN5DEAcx(A1Y~8)k)e$Za3kF57;R{66P*U+}feaxc}#D9K5yG7kUaxlK`J0qVVP z3T|C{&W{c~Hk&oPj(Rk_P8*d(t#&moz_yo@K`H3r=6V$~``8&vsH|t1rlFl)9;@~G z?yI)97--EiTlKob)-2vh7?S|hc+NTC=(hLTI7?p-?#yPw)WW-w)b{xutKH56Enn^| zZtIl;K}g|)DirD%MbHeyK813Jlq<{T$A;!{D5SDd^+6>zcd*47n5R9nBrc?JS;1^2 zxePyOv4zgleLCoCTUq9@_Gldcaw|L*wR;wiDnf#yb4=D&nOpjnP0bUo&7p=U>?nt?p{v zWRanPqaoKgT%$5JK}- z%D2@7;!(jm5s8f$jdYLJo{T42g=cP9HSEUe8`t`&IVYj5aZA6(+0gOLbdUPwqxQg} z%KBL=L))X{zVUHnR^8^2DwnrcCH(98JXYfZWsI4kY1f6W^(2!_E;>lUJU5~mie`}q z!^uVb%NqyE)$_PR>J)`|`>n=!RLG37s8MN}ci~Xu!eaLT_wNL$9rzs#H-FCJa`5QE zK<3ULB)*kax^-Jit1Y^B?&1Wo1M!A;3q>4XJGtVF?mD#<*oFs7;xaWZ28^+Mx4B{B z1yjl^A;*DxTb>#cVtEs}FmB^1IkNbq3^*6e_%rk?+!O7^eyeNlT@>_prMY|0tFw&mW1n!@jcbU=>YWS?o0^PRWZ|amFFV&clRj!6bN7HkijyUgVm1B_B-pbZE4##8=+aTG42fxOP8`35T@{iExWvB&?g=RWv*bq z{>yCFYkbd@CJ+9J#$>LvGUDP~wSD>zvlW%odTHNlISUmf*y%^tLPA@u>gQr=~nPr<;({3u>4C7!ndS#AocQN5IKUct6bpFC=bQ`;)i$-)OG*PwB z8gE;{TBqvUrY%YjXT@F z|;XGo!Yre|wOs9bNs;YQKtWX5k^7P`_jr`mJhqD{J zi1&_bsg?J&IsQQwDOo>3xR^(CBXTF6cEzotW488*#<%Gpii5dzx#Ny`ozYoV#qSzF z=SSCf_hOY&l!tp%f3d!nx^Pi@9lbAzp*mZM+Hd37*qrv7X6M|AImqHzr+hIw=_Y4_ zAcyym>{~M;i@eh<*Y8GWhjAj;U-~$ zDR%FGS^hR3l81Fk^J5@ zgPZ-6^bp;zR0j@ph`Z(HtDW()Gbp<&8?0G}ybc%cHM&1$dDgg4sRnaI4GEo%7L-N^ zEHAa3oym{~;>z8*a1}2a5pQq!aeszrPh}V*+bbl8N{+5$bCJ}_35dyP>^28~0xL(Z ze{SYx?{K3>c=5#Ub~%Otx9f?Ww%oa}v+Nt?JnM%!&wA0L?T|_teMdAKl|>t?SyEa` zp2*iG42FT~o_sTqbcie6W@OPTj6jE2NA=XN*Qp8P8Ca-7;vDEs&%2%%IrYfW*M!u~ zibfX|0LMy}d2b?VwNnbSV?Lcx8Nu90CbMEqFUsLzmGz6c2WL(LM2vNLyENznWQ#4X zPKh5Ca>7!d3Yi55_)qx*JkY4o0vlc^=sD)pz6Ag6l}TaaU3r~;A>4&&m)j1#%(8D= zrwv7YYZy0N-^JQ^KNs0+X+{%$Dmo007|&b&b`k|YPb|Xj8=mX#E<)BPA!q8EI19qP zMaZUWJ#H4~PG@_(ykEU7XlGb-=S<16Ha7%=X+8g3J(+wqbOVbFtah9{XcSnk&hAmL z33$V7ibL>`ltliJ60R?9^eKt^UG`1sbU+q5+fu8H)4&&?#f+xDN-=J7 zMyp@6(3_JM=FuqyDf3r_e~O1-Xk1@iy9BF zozk2JW9zr^YT-YGm$ybv=XV8nw+G){-AT^z8@VSKC#M} z{0zcq9ZZlXPhVuW1&E+>cn#_V>0@!gotLix_>LM(j@hbf$_~D#0c?{tDve2g9{!dN zc!JTX^o}eNxirZ!N4yaw;x_t?+N#?W#Ce#qqkE49gJR(ZuiTE9sU8Nwcox6;!;8tM2&9GTFHf_H$up$7{U+ z_^QM=rN6@S4{k{yfw5`&0?Zr+sNZ2=s7>s4?e!3 zW#WbBa6tP(O$s1<{LATfUaFw7l$76fcmI>nwDpjNrcrA4$p`vzKt~ZCO3iI z1AeA(jIN5=F%TQ(cn%JLk_XA=6wMsavySw&rqAv08F~3PZ3kXYjT6H&HH^Q>CuGvJ z7Ww|t?B`>t00@CSP+KJsQtN)v2W1aOx|uI)BcPZ!Nubug2M-Me9RLeh{C|Rj(W`=~ z5=eWWe9SM#4A7OCTjk|r9?}6SB=o|iE>4v0lFPftMXllqJjMtSq=_#B>%`M-@Zxmw z;w6wTFIBkVWn4%4>8DN1reBi5o!pYuN$m(wuh4i= z{`B3nB4?^*rD5IC7%ZJ>!0YMTP%~)`?q0M>-n}^>zhaGC1=v&(#hM=}w2Gga%=)AF zwfFeZ_s=Di$F=;ZN%#{mgk?~?WOKwv#_l5wOo3*L7jS>pGukEK(K^lfMc*QzZUm@M zE42r|o;cPLg@#HX`4_5WNhQl{4vH&lW-2am&!btT_I_UR1C+Dw(HZ!#3rzRDfW{=S z5pBI&1sJl;W*_|u;2L~sr{jsH)3Ba9!DCaEwtyLqa)!OcpDBm4e@+d2Nk=T?CQCn> z2st~i;1tMaA4*W++#<~ZGD~|(W}Z6%_Qc~25?7S2Xo!bf!0V@J1MJm+dZ{Rq)2bTtqFmGW-H?_D&Aq{fYi=Iv2mI@ zAnX2ly&yty`mssi4l&n4zL-_xgN5)t?@d-UZG9Rt;W0aARXlZR;3n#xwo z)OmXE%1_*ox+guuSTdE9*h*wb^SU&6tS^0?f73=R?G z{?F0--^EA&{_GF;|9?%Z{`0i|uATn-m;e0f|L}}emH7(Pu^yr)xT4%h*8w>N2g@r^K` z8JnK9ybs@ZR0qzd^z|uxJvjrAylTyY^ql>`D)4nacLg=xjSqzJ22l?ivEf2=Rf#R%2xiFL_vl$#((h5%fjcT3=)5%IRu4u5w+YF`$DpV4Ob0e(3OxzzZgGtY7xy`8>U@J_rAb*A14Bj;Ku2P zdAywWY?S2Z6gqfh*1Za>f1d%I2!yY=x{dUiXW-wLQ9S~Xh0m!@ zQ$O(6Q+VL++M+r8gDneiHHEx3F|LdOVJV075-(>e2Gq1C zmqXx5{c=1k9_-EA0C=yycO9wede+&AO z3%vEsbRVzn#o-gK<18KKO?YWC2|$b)VVnJ?Eg#P16s&0v%zwqzm4W&#QuX&_b4wq+ zY1ZsqJnUUURNEcEUo^9-lhvy66OVe z(F#y--{UJAe7p=?rM#L1&HSAMh5SyYP{-vJ$YQiJd!Nd6cD=4t*HO)JVLHFE6{M{D>>22voyjlNg>_v=6E789l>Luo3;3!_&P- z-JxR-w>T(1JV60?ynd<=v@+=+hn+_?nZ%Fdo*uS|=GuQKCkRTRZ~W`~uJJj(mW*Bh z5+zN5biwDW?iPPFz)Pobj{>ww@(BfX%6g0IWtBrvW-Dj_PMdNu1w$RUr=ut^s?$4R$f{{5A%6(l~5Jy6g7PRk};ZuD_E!7tInL0R`s zx;t-?tLj{oIWr0QYZ14SJT_{BBJD~G&=1vpWBzWqI4T+!{5Wl(RybuDV}2}8(WyK4 zjAJbc8%2mslxFlg`7Ig4ef6Mt+~e!yqq4dm^DKquOL=nW-^T) zA9x=N?>K_V&k;a-+?*Fc7C5{hD9jFB$>8EUESAcpQ>h zpDb}8iF%~E)K$OsRRtRQwtQ4O4}I6hV-q%)J04_eY%Zg(KQK^Z`q$|&DSUZT8v!cZ zjh)_sBda}UFNqD7X{T+hHIFpkXI{8ejX}C@SMl~2E4tClO~*|C)SVQp|7ds`H?ZcP zN}EvCjRP}K6(E_6KhQTk8(+$v({>GIZI{>fNPV{E=ef_b7-E4?g3Q!Z*v>VuK1-V{ za0w?EmRkzJo29$;A#DgezDcp@ln;)w=O4xCcKb;vU#CN8s$|Kn2G#Ei?5=AL&f!sa z|HA^{F0cVPPCfhJ#J8*lYdK2>B*+lt6|VDfZxnKx+M6UV#9bb|N^f=VV;@~9OL)5V z9H+pzg`e$Ow%0Ey@$vCl5JcS+TYb_P#$^?}eYK3orUU|2)p^fhgBqBOcZ0NRzJ{(^)q_q!vHs+O-+l(}j~{qyhAT-VB)TxrXK zt9(M9Y!VR(f6FcvCi8kyS9`tYa7cOlFCPhq9k4pDMMuS8fyY+C@p+Ru-ja!t8(M3) z)pd?93mUDpi`HY)x&L^mJo~o5KC#4^MZZq(_1O3S=ogq()^F!-M_e?yE;N+wI#G=QC=^H^{H2?1A}aVRjjhDQTWX z&7c3_UGKM~Pf>ZujDO5emB19;BAyt?I&U25y{>+`bBUu5%151YIk))Z$!k zI%zvVBP!4O0R0>{5mP-^3BF`)P_}PfyzeUPY#u->#ku&+M~Ujih(B(#Ip1mcgJ}AA zT#Z`ZE&L^gl9~6D7#2X9oIO1S?N#DWP}F|k!F4rPEyhE*PpV57d4AjVZ=t_$O)w#y z(n>a@^yspySE^ldZwY6^r@I{=1yFbE*VQ@| zZbl89tA=~TFr;iYm@zXR%co6J!{+HdhH+_F%fO3&=;SI?+=X9U+uUsYZ`N%8md?dBV($XAz|^kmS|1PQF2SpF?n&wx;KX~ zGlwmY%y0mmcSf1Iq(@^6P%7Bbid_B$x_4@3sz<)oVjXHocYW5XvqrWpFRL~J1+6QS za*P=nk5{8>2p)gOhq&Bwiw}FLC(1Hq<2fj~m$vIepdrv9MP5D@CM$iZGJ#VTx1Wzr zKU`oMyXj|8Jb8pm93_Ez=W>sq1gl6)jdC$52$CwA!w;KZPl&SktTAaCX=IVMuNhiN zJtbNAf!oREW0Q7|)_WG-IU5`s#85lGXx9Cm-5@AtPBh|HbwK7ywqh{tlHtr!5+BRW zE$wDPVW#zpuT!r)I9%{cBKHMq??-kD-#f$fCm$|Q+1)siy05&t6@CXHYQ5gLNtVO( z+Wym0{vERNt4yY1uSw%!i@6)?fQL_? z*vU%}LMY2nxY!CYXk~Q4{H@T{DT*&_^Pj>EM6^lV6TYAXa?fH;H}!%nf&JLjZsrAw z$#Tve4)+T0H5!z{j#+>R>)cl4GnJcNK9UG?%51b*fr0B7_36jL$-CHnMMQ}1ol#dQ zch&(Dhrbc6&%C;?{w*6Cm5yK*{9JJIERESg@Yz;Sfzndmp>xeSQ8Qf{H@=cS$tv6Sj(b#DxW5`WMATi!4k0s`J-)9eW zmV51A6ZG+D&9Slh*}lAa_hVGtgtD;JM5c;9?mo05Zs}B+#GfsQnD(Zo2IU}|)YZ4> z&Ot&6dF~{kD%~_W4gwA#Sw+S97#EQeAI7t$4-zp&>6c`lK7X8I(v_ol{ChtMaVmy*nCyMvwH8^$HLM0+Eqclro zrozIuGWZn7T}$p8hn8$V{=g|N-0VNemK3cuL5QFjozkt=NIhpmF~DLq?-vl<3Xwoo zki#g;x*%;=smAso=;5?AS|SbddtD1ebHF&1%h-(T>SBwq;#&^+*3Q#F3ltbwBiO=q zq>Zht&^65&bBK)1)KZe|S_FDMH5FBT_hwE8>cxFxoTh=iYMX#)sKlX;2U)46Uf86_ zbO>pnxCv_@=lKlol$Sn8--vhX6W@`1n##%Al(7|9h#8#!{VlAm+m|+6VmObsZ+2Q? z?wdf1Y#KIJ{BZ(?{KB^FquMFl-SMjmsIP4NHqoSdl*HH-<{A7j{Rz0tAYUmgq*?I6 zM=DGLQo84Wy?XcXZ|0>~uz;iw;g&#k6lw;lP_&?1IbHeN3nF$}+FSbqe{6*hTwP-4 zvDscF?$oAwbp7=LbZC=F$&2z(h??&5xUnIGZq5{(z$3W*_dIVjIBY}kt zIk~i@*N6gELNPQ=nwMpjG{@O_pKn{otmb%?b(LBuiqx91Ry)%-`lvepglaj4${5`v z!48>g5mDKs(?80PSMApleSRxQG31MY%y8|O*WY*an>33x)+4J7l*2pwiaQ-7?oDtE zP}DL9=mSI8}Yr2G@fAB4m^OC># zc;hXK4wlIo^r>HqeNBYBKAtDaNU_uN5aKF79c9i#@YUfO#jm(f(gRAnHYoVX+KhF3xLb9r=^`-sg23+l%=XWyToD2L}{(~(IZiXrK!Xg4g+(< z<;B{a0fF=It-+#-2_l21YfCBtQ?E!5d4Bj?v#@TdA}Q({qFFC@;7$pWSl?{fyL1YD zn4));gX-b96tRGD{DeYI?)YDw&@QAwLjabYQ}3ZD@tZ7TWX%SX3MYZ|KV9nru% zVD?zy@R|R%ixN8iTqUhJ4V(|Dfz^e^tXsO_!QG{}WP+Yoh0ERx*M}&3MmVOPUZIzl zSo`>_bM7JVP&*yMAZs_fo&=tJtNZeN!FiE(R&wAlM~cIFXZ@X&@Nm8Lm5EHHi@j*` z>d%sGrB^u4tW>wiiQ3rFb7@tTT@GiyO+Zv_ll251Wl(XfxFmYc*I6pU?6psGDp*1O zW2ybfqv8>YmozwryTHRhf<=Mwim92hNjbw84SHMNuR=BN=O#?2RnppC@|d6ZI$A}m zZKPL`=Q&*`dC%(HmFf~9(tFYR$TQeP#&#*m#w5ke__CjQ;H4>c@6*76$byMBr^O`R zeIEvFdPH!^xt>(HtN?VAW1!?iE}whpq?u;fq)~qBAJF`<(SysB9nu>Np((yfDVbNpUsdcFHXEm-bDjqy40d?p%5lt!+!{%nZBeP!wf;tgtdeddM`) z4NFn|A|qTD@|^hI1*fqc?>2E-JR`emlNyfj+4yZ8cUwUeixIP4zs%)M*+w>+@m47B zxFVC8d?B|`XGLp=;?Z2Ne+D5O|h+xOJ)z zIr-SF#pbc}VWtfJtyP%NRz`o0oOPTvl!Cc7%p%(?bdM<>)8ZeNw7o&p7`${>o>{!} z$yShA?TjsRVExJYv>KFI5upNATG{_XA{ydN97c8BX=@(WFZbZYOX7+TLr{qN@8cvW z3lE0V_u#FY{Jd7#gxtx^$rAeU!5gR+qHnk9zp$brBrlkGFmGBif7P=YIg!J%G;1R@ zV?G2Ln*?5ah2$rH*Z>JMm(*-x;jiMa*jY<}29jg=E1%3|+|F;TFmKKLacj|BV9B?v zN9t)&)ldG3%csmd3k*mODJ`@XfIkA|EfMrWHebTs*`~5WDu!nn?~-78X{YSQ2$W$ajII?pPDqSg@>Vq53Ma%k9wPMK zTH|N?1Z#DqXolrN*KC`GYi6o*#zLQ3Wck`7smG|rCI@KunCXH=bL(ql-mAi}0$C2@ zrFQ4C0mjZ~+r1Ytnxai76IAII5yLGusH7l9`iImNU68PV{;sgblCTMyUatxIIZ!g> zp0Z!5Bi8A|7fF-uB$>X1GxmF0tyOdPF~M&+#3b!P_v*L3B||e7!xFxIvZgRBY6%2m zQpi|aAMTHMwo+o>6+-tEoHivY$Oj0ji&zM;!{wW`SjF>U@B6>$1?`MDxsOVkBk{H+ z;v1u=N9Mt-j4SgDuR|{rJZ>^(4?tJ%?~J(w!{lsr>37Kkb2t+9960yMuBoW#%dEem+$dXMALsor@`IHkPV&)@T8) zyt}Q#!%G<|Ske}`j8scr3O~!mpfe_Cv){9r1zdaUZ}N|f)7~&nWWfuJfViydtFE_V z`R)xGn0~EU1Gf!SbBbxa&I)7cO?``QjrgS8*sSk&A^i7^Pv89p(4@yuzo6o2)xeYG zdRK3a2;Wp(96JXeg!h5hsmrgR&C^}J2QsdfzWd60PE#n%`CF@2TfxP>0r?#cNy?30177@%kBh{nni%^<)~l(T9oQ~*Tb!PcHI+-zx!mhzj zE@$+}>+@VCoE(N@L8A}xdbDQk?lx{oj?qpssaOTA)GuQ+@zrTkGU@8C@B$X-D$P`I zfW_jShITgSliHo%FB^Pf+me~}6&l*Zqmua^(jdo5``M1cNNZf zok_NOjq6-%JnLh#%Dl5W`Biw~7Kv4cb@tSCdgCkmv-+MPmF!H+953tZbMGw>CclSH z#=Nl7GI?ai=kNb4G|8a!n{LxE>HUXjr<7ZBZ>7GdfQ%G&7)L8>B{ffK;!!5Ig6TxB z*I)-323^nY)RrtPF-DnBA#uj8t&XTx}1iz<$=^) zyrer^*Y8&*{ROOt&>^ z5)i89_Qk(4vaHIjxWw}{x(flRcr2fFzDk{S?i!#$GFcjno2-moB;{QmX^gk;x69IZ zddW3zsM}pI{+@Qn;MMbhlmrq%0oK!*>7Z8gO9-O@i!iNN0;E*HHEWH=)Bx zCr~$dK*`0oSTCLTujyCg?3;qJQk-14IvAe=+AaZ=y{&vY)1I|8U76HsTlSR8vR|t^ zSSS`TQuJ8_Xrh@LMnr^U1Qb@iE&E{IEza5e@^*=L+mkEhNyn8?DYRi^qhFX`x95_$ z+n!Ld58&EOeM@fJHyEwzzM1a#&5W31>!kW_8NKvfITnG<&DyG#;X1R?>XxaEw_oy( zLsbHz_K;OP2=h^cUn(zllb?HerAM6ncuHfZ=7-`6>8yG;>v1gVMQik0Q zsUmyL!&!BQR$N%PRRy9Btu$luV%Dub)_InDx!zgnbiQ5#in$kb{^q9EaL!Gy61{R$ zzboRNCwqPxv%3?^wW+!X=;TzAhOvp=1GR_fuvWyWJ7#nno;5d`HT~`_mrfe2TaGiq zenl`VjrgPL4-()MRZ{xtTXNdT=H4jXwJ@uJ?txDzATvxmqY5 zu{Dy#EBaQ}q9Ahr1*HYF$C-wqa(_|m_r;^u@GDNwuH0!eF8^tve|-JLpY3XOx`;V= z_iw<0{Y*_>oS#YN?u|MVrlM2a8fi)X`2D)OR{(*bi$=^6KeT*PB~Ul<2?7TJOb9QFy0s4{;5kA{1bG}=^Da@`LTWC1jaqD zK66hv@i;9ZlxF%hoYrC8J9k94s|~r%tTeAOQ!gENSc{{kv%t!2xbq}a_V(#;7nS*= zR%|?v*vDmzf0@*KbFK)-L!4&7pae2VTmXvX6>q$-kR6PIuszi{aWTSl>s))fRlEBj zrXT_ShQm}1I?Y^o9FO|Boi*+0Aml3)ReKSwQ7GD264j$>dp=>dn_{Xgy6AlyXRhom zo)dHpH_Tk_jg{pJ*cyFCfh#jDub07oYgMJyO=H!}_#e$7RS`Vkzzq8xN-Z`?t1_$A5x77_qq7OJ3ZiFJ^ssijhmU-6s z?ibyrK^kaoU_$4n&=fHERY-{Q)Bfm~ID}QeVbOzaqai8xfWv{|tvGm*Y^d-~r)Nx4 zt9M>grgy;T=d8V%@wZP$A!25@2$*os5|Lx)#aDMHju)xdrUlO&Idr`FmzPM?#j%0@ zbxAo`Y^eYAjEf#urNKD!1@`mu9&R)8Vl|!LPxGOch_&ovl-BQnRoX*QNK1_X(rb6- zHT&0LT#Xv8srL5cyz7?H4sCjUnX4(Lp9=^%8K7`C5>lTskMU2j z5l>8>x#FcFrqAl)FrGe3t=1dgTWK z)2;k!Fl68X)i@`_n!A|0gd0&gH>mk0idMNRA!UqNu*3OjFL|HvO{5^nRDG;xr44cK z&gR3OE|~Mvv+v5nUGEE2H4F-5d38RQ{J57_=sC*03h&;)PViBP%t}=bY6A16>}|jK zL(QYrH^diW2hQ(HpL5aw*b(cPCGt(@w@30AjA|u5{M>~o&~SGq-rN<7K}cE6S|v}}*1on!o9Dev z4LUMDdqCxI(GyV+`U3&?lzHJ<>ABPZOYS~@5g{CdxDbe!=`7;YfYi;kMv1h>r+uSx zxT+Q@zbw%8?&D>&Q)126J7pjvY|g4Vwt;``|Wr}yF2yKLn^tRMV%BO z7x*eJ-X3L~#o#P0+pg7*t9uc166I4bY!!Iv!*@jBy!8;r3dngiAF9Nuf3ou}iFvcS z-v*^Iy8j%~pIVdj0G;|xFYKP;q*GganzbN;bYd)Hk;E#EsJP}`TXmTCw7nJ>mhj+5 ztJB`@9RU(I_KalTsJw@}eBUn}$0VRuEc=3GXU?P&r%4!2xOi^yNdc${Pu8^N$WIXI zlxzsT>nz~i-sYX<-n(#rHJEJs;0zXZtgvIv*r_4YxKj5TvYDjt(0zgrha3;jNAeWd zSGH`Zw2jE>#%JgxXECqNYM3CEJxhObGI%mj-omLvRyLrTCX2MY=^Y;yJu&FdMH|!~ zC;0ERQu{WU?nKEb^Q)KG^c3)o4|Y)8p{QLrRB1D48zZo)bQE85EM1}VYuwW7{*9Zo zaz(JWjzyMQ$B33payU44ytY}3ob=L(x9gq<$vLyr*aW z3f<#SE6*Rc>MnVcmk(ApRYtK#Iz3-5VU=BvmR~DB3uq;ETR;7-k#l?3_n|Gh>qf~+ z)5ADdTZ8AR$18+OTmAGzjjq2DB)=Pre+Lis}uY{U@4j5NG+?(?4W0M}8ee%<< zkkLi%rgiq|0H631yMx!TFzyS+%|}aiG^E8x))j^$d^CB&q@|OEU&Smo{aeO-jPKa> zSNIjlJS#Wm@kKiY@-e2KZPjVNuq!XmuCJHIU6jcl%;yKZDR}H6vb(i-`?CA`+bn%A zCoY{-c()_XqqBNTt%_4bhCQy}&g9H!XG!!VXI^g}zov=Q&4sBc?R$woNi1}X{@9}r zXh;R}jxReE+3s)4&%p2Pz1>?t;lUK{4tHe%06Inu2|Ss8^a{|wK{d8tExchbSfWm* zWgP{OuWKp>Z*DC6)5mfXuLW(XbGv7h_Ed};+L4d2k>swJnaby%hU(OQ&3R#vyZvuvpLaMC28r9M%IJPT*stHe;Edx0A2b?Rx@NMcr*UPpR`? z3J?Q4HN`wth1tmCF-G4(nSDIR0Cb6^&nw-gX1yDa#o+<9qGQR!24l;M)77FU$M}+O zylauY*(_Lh6YP`sKHojtpC{5e&&(TEld6{h?xeVLMxb3<4(2Jm>xnu1BdoV3WtK4tl}bJgc=I3HZ^Lkl zV?3cXT?c^XnUGDhE|5+e2NmW@X_AS7ouH34?1%{oI^(MFOxrSCsEB7Va z1$bXvAnWR(nRqAO>NW6{R1DnM2DDNo8Y1zr3h-fCsL)LJc|kN@0scS4X^_ZzW{d^Z zF`)N$<0Jqyck1Z=slKH`ajR-ETvi_k=)_py$}5T<0wi*7T@P>RGxnN_x4ocRz!4{i zvP$ms1^vyh(>>AmL8a-qQi+o_j@TscmX_(+m-XK|jTkNVslXF_32%|kviwQd74^y^ zGdzDa&O8~yi+DP-IL$EtAW7RhI>#+R|FW8R?*OSUu(Op=Ow!v_eTDX}{ubZ+TnP?Z zk#-XK8`9M%#d9g2chSs49>CN%Qr~Oj-o~Dwufa2g7ALxd{wt&4c4zg5pi2&!?<~Fw z+H1|gd8VA=rTf=o!2dDNp4$O{FBVTQP`vsGA&1;ElCFO=1e(x^#-VPVgRS%6JS{9L z5C@|Gyq8alUkl*NFy8;70|p;w$_Qi`)7}ISqdzsj&^r5QzOx(~U_P^8jbcyXNfZ zRr~}Hy*gWA^WPUA8ozY9*Fp-hK{5QV$FL0G(K6AEoNsQO2Th=Wm_%alr#(K-fTz`? zS9b!gE`nB@e?JXc>#l>Z0gPhLP}7A_qM-l!c4@6U@dI8L4`JCK{!&O_4HwA>kT^!y z)G!TLUrzlGZ_gt5GJ5q-gNoCHv21-|VdaJc!+%lVZ?{~bU@Ujzkx@J)sswInOa~Uw zZxa#uNfQNm0kr>x_`d@z=$D@afP%WRu!XDW26Nb>Dfe_Ff!Ndc|HlUyRwn!MMgWq$YW!X~Fpix_`nV==M*A zK`Z{ZGBDHhz7?NXpS~ws|1X*R%U>cLG`p}@*yKRn-`zt)E3cLDF<4XFc><`X^b4gM z=oV5bUi?XNdNzkM#80iW07J%{0{tx<7$tK7PFooZu-Q^CG*HCG0a!UN%^g&7j9Y?v zYY{bJ8WD#_{_%;5WgsfuJ%U2jq`_ul;Ew>(xIJ*J3 zzTYt}!y9+OYCsC;RaIBOzV-n3)eCT$C|8rj0ew_HW+Pq@c}E>vn{7Artz?MH^W`Vk z^ZkyzG-%!dUC8QnAZbiM4E#SmoqIgf?f=Ki`4DEKxP@()a!AeXP?*ykmQ&=Al!`gz zkV3K;<$Sg|b&x|yOeu3H3OBj6rIPb(p)_|0)nd;2UHd-n`?o*0J@(jR`&`%i^}asO z_v?k(Ea0h$$)Qu*OWtLI%EV>oRzQjM-Pp}farogJHRFBZ$?r>Y;>CWsTWk>D@W*F; zB|uvL5x~%0=T}~iO-{ca0;}8v*OqTp?q_hF9RQ3T7g7dloR=PkN{q9cRN>>oIzAQ^ zUTH|@WoNt&7{7zL2Vzw$@97+p_zs*G_jOw9PXb2zbB=<~gMf?sr%&`ieSesm_8WbF zNuIO`ciBoe1Y0}6;SRCo8#3k_%>uqRE-KjCx|T2A=7tYdR@{OA1W_PC}MMY?qmpoECUjT=sdU7A|9Sr%1Y_^ z2^OM<%Qs_lB9EW$)9H-$1lEXecsVzd05(R{lTU?YdIIV2ZH4I#B*Pn2afnNNRKA^R zNUwarqcBtQCmw@^2H7yf*m%H274mj>^_yL$z;Kvn_A7NO7P7-jGjXiQIyXhsj(O2e z-p%D%+ZH+i%gFCCPY*s&#AsLk;dfL03Q75d|b1iY#kHGGEE-f`SJRdQ)I@ns%gx$xJP~mVcq&)&3@y(wf*^TE zd4*&%Q=u1A@kyPy$$cF40$lqZ-7TQlxwEV-#!c5)*f@OR*=@i>D^Ba~pnq@u8l!7= zr+&;4u|M|rs6Od8FN}Tx0Nc&cU9TVB4Wi69{>K=n7*64na#9Vd7lF1?IjbKM3QXhn z*GGH@H5>ij@XIhR&>phRKY;;=^$cKeHNkbhZ2P^EVFH#?{2|yDD4p!qRO7les};|L zXT(Z}a<#1*3zY#|8Khz=Wx_)?VS|_Pqb@~*d)kA*6+N5^U88ArDn4GVTBJ@j4kR88 zN6>}mxF;)IL|qlF|6)Z0I5ybJH|MCoCz$N&;}tUAZTex2gM-GOlVI)~Rxg+YI1{%q zROX&gF9khlk-h&h^^Hce#+Xo^#XfRX!sRgFUwu`}ycEbDCes6!@SXTQrf`pnI@HjI z$N7(LHeaA71=_HnWxvSpfUvvo?F+rUGUDOEKT;|xGQI{?^u-(CVfcHGYdQ0o5w4$> zrvxO|!Elma@Ph%i>T(kg@uT2(r6cTCtDf<2*A_h>NJf6w(Ut(KUwC;|0sffQfTMwh zeWtF{-75|d@g98H<$-y%u;sRcKSqxGuwU8U%E z?sccH-=^CX8|T+XIoOlb&00t;@Y6@!JBx?!RLM8ezwmysO|HR|?aA73%%LnzbZ8efd;?KXPkRsQ-_NDh zUa|5ken*X1{a~=eOo_7xs=E2M*+a^c$X8Lc!ENb2IsSH%JhEQ7oeUCE^^mChaa6?i zgCThT^83kqny4S*g??yjj>F+Lk3yd5HgEi|fG2&KN#9C>n-8ZMPNCh|qxkbYckuA$ z(0)~y;<&G-J{bAhocPrjQ;%6I%>0fI2Z??18|9Ccw>}AvOd_MwN|qnShiCmVF|gd{ z154BF1kRY0J#)1R3#08>uY*oyl{}hr8u-l1Mam{e{_%TErz6+Z>%Q035x2VRbyEdc zOph~F`UwMWsut`!^K8Ll;gjaH$u_HFRu{%N^%KEbDog}bEQ1`NihbZzF2ScL8(8>E zKfTBpG6x^Zkv`kKMHO{}%A9bsQbp}PJ1AQ&NUS2<6x>^*iZkOrgV%0k-M}&PsA@s! z9|sg@P=dSmFWvGDq{uZ(Gn<0u?>iLgQXMkmWAhPUZRp0wJge;m2E#P3+ym=D!&(2x z(;2KX&p3VL2u>!Abe=c2HQF2#3G`X|DM189o;A6>8ZF}-Qg689}fVo8=#J0*&&wfg^KaBXzORozV z5J`&)04Bu8+;PA6b*@>3DjWpUl@b)=k0&{*`~nWiWcxWQK)mK3_=AFp_a;;SgPQ5fF?6+Q>YyQ_t~X@CJdOe_E>ynrvIWZf-mpiu3o`? zrM&YLdT8||d9)+SexV0~rI=h94uhHKca@!ST8ez4ysQrf0^FfkB_5F&WJF^C?pC*8 zd-E+`q-!R?ozCEkk=jI?!})z>f9(bBT~KD|ZHByo(eU0onfaYtGdkb4>4}G=HHcqN zE?nvo-1kUR0Wc%UlLBoqGf7(hcP~~e89{EXyiTGApdvL|nAT0%?~V(ViNnjb5-u@b z;@~ zq8Zv@C`X?pI`T>6C-A-T{jFh87)Wcz<{aPls%WI-@4Z-j4JKzys5wj|q@clY|d8~8i>h@bgZ%Rlrf6ivzqdRZq zo;-;5wR(F-#lLCQV@Q75;_F7@OSq?xK)4T|0m#I1YnKyOM1+LGed_%p(*CHp$mcVY z{I&vVrxYn$2WdHY^~qYAb8jkE#RtqT*zIgsE%nmM9)G}&JdIhgbt{k<325+k)z24G&xt(Yv3C1Ck6b30vhS*9hU>X!uT z1kUUbM!ks8dLjY3}f z8_~hs=OSw&B)lx!lT)zE)o)e~HxG!k6j3+1`zDjl=^mmdSA2vwF17AMWCm5>YsEnO z{T^5xB5d3!#m4+D<$2#R6X*DWW9!kD2?0-!MYKE`Ma}7u*G0-o$>fctkpg73H-<|2 z2|fyuutE!VReN@NKfFHF!oeHmWL~SLkNQQPKPMGZ%?%zFqhFC5fx1V+OQJdV8 zHE0xQ4y`Y69-%e5j+-?kTSCO4*@lS0yyRUn_+vSY{&lycT@Ni(<#8lQmNH2v$<>dB z-+cw5r4}`kZ0Ipfx=nT+f$yH6`a!-^I@e833z3m9zo8?v@xS=4Aj3YlIX;IVo`0*#1nm)9=$^u6{Fk*+p}>MygX@N;T4%brM?DnXl6KQnWs zajP~}hb~CERf51rLk~Y|685=|ROmH9L%6No+7d43{jES+>oW~O7q#-uGO=`g3ImCz z#D~@_A(M+xYVNzslvc*k)o(JRRQIRv_B1$zdwZW#eY*M&75V16hj|HVj>JN(EM?I_ zCBA^SOp7xmnU|Sg<|AYgTtwIGi(ob6mm?V1t-~Rr%w}dm&5C&pr84BH0!{oyfogVo z{T4QeE_dOwQ#@<0uZ0<^p?|o_;;IsEOr2NQT4dODXwJ#-oSL3$eW#W;XFJS1=^CE_mE>4UEF!~URk2q+Cr_qGh8`8vBn$O zm1bacS^Gt$GRH#3XFBcnhZ0MLMVxXm)xoB0F<$THWl5G^t*&=R!iOgH%J)M$0%}Sp zhW3^m8ykGN**Zzs853$%5ch(^s2}20CFtnd^O|gg_unp<%~1Yt#R;hgW(SVW1Z<^60l!leFL7t%Nq4X<}lZMNEr zdcC2s)RvkqH?^v3f ztiGk{pxB3-zvWdp7dbavt@mVjcv5j+{z;5Xj*a@()9S9=6nthwNi%rK7uh$}jcHr# zGg%oC@XESkGF2(X85IuK?PWMtoiZz1>cY$zU7?xu2*PHfNrvuc7?hTt!`lNL4Fi_; zW)2!n6W#>9@x!gd0r{QWAb%uTuK976~TZa`UyZecw z6@^_EX{#4e7^xZ|D2HqHkXV#GuP6*fL@V9aW z{+H{=`_Lm`4#vqnCiM2$&u9~O$VJ)z|3L1*Hl_Aos|l=6fm;8h=)7X-V9wZzqfdR7TL=l zH)tg|ki*o(k&CQ;(wzQ%NtX#C+u*=|HWbzhoULwgo#EBFjq4uga+# Date: Wed, 13 Dec 2023 12:18:00 +0100 Subject: [PATCH 10/16] web: bump wdio-wait-for from 3.0.9 to 3.0.10 in /tests/wdio (#7867) Bumps [wdio-wait-for](https://github.com/webdriverio/wdio-wait-for) from 3.0.9 to 3.0.10. - [Release notes](https://github.com/webdriverio/wdio-wait-for/releases) - [Commits](https://github.com/webdriverio/wdio-wait-for/compare/3.0.9...3.0.10) --- updated-dependencies: - dependency-name: wdio-wait-for dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- tests/wdio/package-lock.json | 8 ++++---- tests/wdio/package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/wdio/package-lock.json b/tests/wdio/package-lock.json index 7be9ced74..1689c45f1 100644 --- a/tests/wdio/package-lock.json +++ b/tests/wdio/package-lock.json @@ -20,7 +20,7 @@ "prettier": "^3.1.1", "ts-node": "^10.9.2", "typescript": "^5.3.3", - "wdio-wait-for": "^3.0.9" + "wdio-wait-for": "^3.0.10" }, "engines": { "node": ">=20" @@ -8440,9 +8440,9 @@ } }, "node_modules/wdio-wait-for": { - "version": "3.0.9", - "resolved": "https://registry.npmjs.org/wdio-wait-for/-/wdio-wait-for-3.0.9.tgz", - "integrity": "sha512-f7SZ916X9DpN1ZpY82wbwS0UwpRl8fOmT3v5TIfSn/XNLwDS1qZiGndayd5sNKhzYZFlDQDIIcfOcZDr7YBMcA==", + "version": "3.0.10", + "resolved": "https://registry.npmjs.org/wdio-wait-for/-/wdio-wait-for-3.0.10.tgz", + "integrity": "sha512-YMWfI0BYgEviGDB9+rDUuHDZNVk8pHeae0cvaqk3Wx/2LijwJi4xkRP01uYC/hM7RBB7QJFBmjrXczVSqtJOGw==", "dev": true, "engines": { "node": "^16.13 || >=18" diff --git a/tests/wdio/package.json b/tests/wdio/package.json index a5f196e6d..b9b6df3da 100644 --- a/tests/wdio/package.json +++ b/tests/wdio/package.json @@ -17,7 +17,7 @@ "prettier": "^3.1.1", "ts-node": "^10.9.2", "typescript": "^5.3.3", - "wdio-wait-for": "^3.0.9" + "wdio-wait-for": "^3.0.10" }, "scripts": { "wdio": "wdio run ./wdio.conf.ts", From 24e23ba0f5f82e919e2f2fe51011758f7d8b41a3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Dec 2023 12:19:30 +0100 Subject: [PATCH 11/16] website: bump @types/react from 18.2.43 to 18.2.45 in /website (#7865) Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 18.2.43 to 18.2.45. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) --- updated-dependencies: - dependency-name: "@types/react" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- website/package-lock.json | 8 ++++---- website/package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/website/package-lock.json b/website/package-lock.json index 5b1300f37..009fe65dd 100644 --- a/website/package-lock.json +++ b/website/package-lock.json @@ -33,7 +33,7 @@ "@docusaurus/module-type-aliases": "3.0.1", "@docusaurus/tsconfig": "3.0.1", "@docusaurus/types": "3.0.1", - "@types/react": "^18.2.43", + "@types/react": "^18.2.45", "prettier": "3.1.1", "typescript": "~5.3.3" }, @@ -4373,9 +4373,9 @@ "integrity": "sha512-+0autS93xyXizIYiyL02FCY8N+KkKPhILhcUSA276HxzreZ16kl+cmwvV2qAM/PuCCwPXzOXOWhiPcw20uSFcA==" }, "node_modules/@types/react": { - "version": "18.2.43", - "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.43.tgz", - "integrity": "sha512-nvOV01ZdBdd/KW6FahSbcNplt2jCJfyWdTos61RYHV+FVv5L/g9AOX1bmbVcWcLFL8+KHQfh1zVIQrud6ihyQA==", + "version": "18.2.45", + "resolved": "https://registry.npmjs.org/@types/react/-/react-18.2.45.tgz", + "integrity": "sha512-TtAxCNrlrBp8GoeEp1npd5g+d/OejJHFxS3OWmrPBMFaVQMSN0OFySozJio5BHxTuTeug00AVXVAjfDSfk+lUg==", "dependencies": { "@types/prop-types": "*", "@types/scheduler": "*", diff --git a/website/package.json b/website/package.json index 154632203..c8c48c25d 100644 --- a/website/package.json +++ b/website/package.json @@ -52,7 +52,7 @@ "@docusaurus/module-type-aliases": "3.0.1", "@docusaurus/tsconfig": "3.0.1", "@docusaurus/types": "3.0.1", - "@types/react": "^18.2.43", + "@types/react": "^18.2.45", "prettier": "3.1.1", "typescript": "~5.3.3" }, From dfe3b7c70506b12fbbd4aa8263d9417036ae1a57 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Dec 2023 15:33:26 +0100 Subject: [PATCH 12/16] core: bump github.com/google/uuid from 1.4.0 to 1.5.0 (#7866) Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c05347832..961f07d07 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/go-openapi/runtime v0.26.2 github.com/go-openapi/strfmt v0.21.9 github.com/golang-jwt/jwt v3.2.2+incompatible - github.com/google/uuid v1.4.0 + github.com/google/uuid v1.5.0 github.com/gorilla/handlers v1.5.2 github.com/gorilla/mux v1.8.1 github.com/gorilla/securecookie v1.1.2 diff --git a/go.sum b/go.sum index 3d974ad6d..e65a8b9a5 100644 --- a/go.sum +++ b/go.sum @@ -183,8 +183,8 @@ github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hf github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= -github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU= +github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE= From f1b679314514f4eefb2097ab256e23b1e87e7a38 Mon Sep 17 00:00:00 2001 From: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com> Date: Wed, 13 Dec 2023 06:33:47 -0800 Subject: [PATCH 13/16] web: fix turnstile types after update (#7854) * web: fix turnstile types after update After running 'npm update' on the dev tree, the build started to fail with these options and types no longer being set correctly in the source tree. I have explicitly included the Turnstile object as a sub-component of Window, and modified the CaptchaStage to understand the TurnstileObject and TurnstileOptions, and the build now completes. * eslint says to prefer this format * Google recaptcha (aka Turnstile) doesn't understand the "invisible" setting; that's purely an HCaptcha thing. * web: removing the typecast means I no longer need the type. * Locking pyright to 1.1.338 and maintaining it. * web: locking down hard After reading [this guide](https://medium.com/@anjusha.khandavalli/decoding-commonly-used-symbols-in-package-json-file-e08f3939c9e4), I've locked down the version of pyright to a specific and immovable version until we can get a better read on how the Pyright upgrade breaks things. * Update is specific to package-lock.json. Signed-off-by: Jens Langhammer --------- Signed-off-by: Jens Langhammer --- web/package-lock.json | 10 +++++----- web/package.json | 6 +++--- web/src/flow/stages/captcha/CaptchaStage.ts | 9 ++++++--- web/src/global.d.ts | 1 + 4 files changed, 15 insertions(+), 11 deletions(-) diff --git a/web/package-lock.json b/web/package-lock.json index 868cafb86..17f30aee1 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -87,7 +87,7 @@ "npm-run-all": "^4.1.5", "prettier": "^3.1.1", "pseudolocale": "^2.0.0", - "pyright": "^1.1.338", + "pyright": "=1.1.338", "react": "^18.2.0", "react-dom": "^18.2.0", "rollup": "^4.8.0", @@ -98,7 +98,7 @@ "storybook-addon-mock": "^4.3.0", "ts-lit-plugin": "^2.0.1", "tslib": "^2.6.2", - "turnstile-types": "^1.1.3", + "turnstile-types": "^1.2.0", "typescript": "^5.3.3", "vite-tsconfig-paths": "^4.2.2" }, @@ -18195,9 +18195,9 @@ } }, "node_modules/turnstile-types": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/turnstile-types/-/turnstile-types-1.1.3.tgz", - "integrity": "sha512-hurCjOLYMYU9OmUY2JX/ewHBcadUfOhHX1XgLx9A9Ig5TFl2NGqoyM4EyfaaClsROr95cT868rkgzxCvSCcY6A==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/turnstile-types/-/turnstile-types-1.2.0.tgz", + "integrity": "sha512-cTtNEtCYpcXeXR5AOD0YR0xZpXk1iZeTOuXT5vAGNowGGdgapC+k6m/lOVSkmDOUopZmPtmu311XeULIro4gUA==", "dev": true }, "node_modules/type-check": { diff --git a/web/package.json b/web/package.json index c10417206..f6f04c27b 100644 --- a/web/package.json +++ b/web/package.json @@ -88,8 +88,8 @@ "@storybook/api": "^7.6.4", "@storybook/blocks": "^7.6.4", "@storybook/manager-api": "^7.6.4", - "@storybook/web-components-vite": "^7.6.4", "@storybook/web-components": "^7.6.4", + "@storybook/web-components-vite": "^7.6.4", "@trivago/prettier-plugin-sort-imports": "^4.3.0", "@types/chart.js": "^2.9.41", "@types/codemirror": "5.60.15", @@ -109,7 +109,7 @@ "npm-run-all": "^4.1.5", "prettier": "^3.1.1", "pseudolocale": "^2.0.0", - "pyright": "^1.1.338", + "pyright": "=1.1.338", "react": "^18.2.0", "react-dom": "^18.2.0", "rollup": "^4.8.0", @@ -120,7 +120,7 @@ "storybook-addon-mock": "^4.3.0", "ts-lit-plugin": "^2.0.1", "tslib": "^2.6.2", - "turnstile-types": "^1.1.3", + "turnstile-types": "^1.2.0", "typescript": "^5.3.3", "vite-tsconfig-paths": "^4.2.2" }, diff --git a/web/src/flow/stages/captcha/CaptchaStage.ts b/web/src/flow/stages/captcha/CaptchaStage.ts index 7690fc626..753bda99c 100644 --- a/web/src/flow/stages/captcha/CaptchaStage.ts +++ b/web/src/flow/stages/captcha/CaptchaStage.ts @@ -1,11 +1,11 @@ /// -/// import "@goauthentik/elements/EmptyState"; import { PFSize } from "@goauthentik/elements/Spinner"; import "@goauthentik/elements/forms/FormElement"; import "@goauthentik/flow/FormStatic"; import "@goauthentik/flow/stages/access_denied/AccessDeniedStage"; import { BaseStage } from "@goauthentik/flow/stages/base"; +import type { TurnstileObject } from "turnstile-types"; import { msg } from "@lit/localize"; import { CSSResult, TemplateResult, html } from "lit"; @@ -21,6 +21,10 @@ import PFBase from "@patternfly/patternfly/patternfly-base.css"; import { CaptchaChallenge, CaptchaChallengeResponseRequest } from "@goauthentik/api"; +interface TurnstileWindow extends Window { + turnstile: TurnstileObject; +} + @customElement("ak-stage-captcha") export class CaptchaStage extends BaseStage { static get styles(): CSSResult[] { @@ -110,9 +114,8 @@ export class CaptchaStage extends BaseStage { this.host?.submit({ token: token, diff --git a/web/src/global.d.ts b/web/src/global.d.ts index b7b3dfdf8..059e86815 100644 --- a/web/src/global.d.ts +++ b/web/src/global.d.ts @@ -1,4 +1,5 @@ declare module "*.css"; + declare module "*.md" { const html: string; const metadata: { [key: string]: string }; From b181c551a57fe7f38a42c37159480c158e52bb9f Mon Sep 17 00:00:00 2001 From: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com> Date: Wed, 13 Dec 2023 07:13:28 -0800 Subject: [PATCH 14/16] web: expressing success (#7830) * web: expressing success Ever see an idiom that just, I dunno, *annoyed* you? Automated tools for the win. * web: repetition, repetition, repetition! [throws chair] * web: giving the de-duplication treatment to policy mappings. * Created a BaseStageForm with success message and canonical primary key type for for Providers, Sources, and Stages. --- web/src/admin/applications/ApplicationForm.ts | 8 +++----- web/src/admin/blueprints/BlueprintForm.ts | 8 +++----- web/src/admin/crypto/CertificateKeyPairForm.ts | 8 +++----- web/src/admin/events/RuleForm.ts | 8 +++----- web/src/admin/events/TransportForm.ts | 8 +++----- web/src/admin/flows/FlowForm.ts | 8 +++----- web/src/admin/groups/GroupForm.ts | 8 +++----- web/src/admin/outposts/OutpostForm.ts | 8 +++----- .../admin/outposts/ServiceConnectionDockerForm.ts | 8 +++----- .../outposts/ServiceConnectionKubernetesForm.ts | 8 +++----- web/src/admin/policies/BasePolicyForm.ts | 11 +++++++++++ web/src/admin/policies/dummy/DummyPolicyForm.ts | 12 ++---------- .../policies/event_matcher/EventMatcherPolicyForm.ts | 12 ++---------- web/src/admin/policies/expiry/ExpiryPolicyForm.ts | 12 ++---------- .../policies/expression/ExpressionPolicyForm.ts | 12 ++---------- .../admin/policies/password/PasswordPolicyForm.ts | 12 ++---------- .../policies/reputation/ReputationPolicyForm.ts | 12 ++---------- .../property-mappings/BasePropertyMappingForm.ts | 11 +++++++++++ .../property-mappings/PropertyMappingLDAPForm.ts | 12 ++---------- .../property-mappings/PropertyMappingNotification.ts | 8 +++----- .../property-mappings/PropertyMappingSAMLForm.ts | 12 ++---------- .../property-mappings/PropertyMappingSCIMForm.ts | 12 ++---------- .../property-mappings/PropertyMappingScopeForm.ts | 12 ++---------- web/src/admin/providers/BaseProviderForm.ts | 11 +++++++++++ web/src/admin/providers/ldap/LDAPProviderForm.ts | 12 ++---------- web/src/admin/providers/oauth2/OAuth2ProviderForm.ts | 12 ++---------- web/src/admin/providers/proxy/ProxyProviderForm.ts | 12 ++---------- web/src/admin/providers/radius/RadiusProviderForm.ts | 12 ++---------- web/src/admin/providers/saml/SAMLProviderForm.ts | 12 ++---------- web/src/admin/providers/scim/SCIMProviderForm.ts | 12 ++---------- web/src/admin/roles/RoleForm.ts | 8 +++----- web/src/admin/sources/BaseSourceForm.ts | 11 +++++++++++ web/src/admin/sources/ldap/LDAPSourceForm.ts | 12 ++---------- web/src/admin/sources/oauth/OAuthSourceForm.ts | 12 ++---------- web/src/admin/sources/plex/PlexSourceForm.ts | 12 ++---------- web/src/admin/sources/saml/SAMLSourceForm.ts | 12 ++---------- web/src/admin/stages/BaseStageForm.ts | 11 +++++++++++ .../authenticator_duo/AuthenticatorDuoStageForm.ts | 12 ++---------- .../authenticator_sms/AuthenticatorSMSStageForm.ts | 12 ++---------- .../AuthenticatorStaticStageForm.ts | 12 ++---------- .../authenticator_totp/AuthenticatorTOTPStageForm.ts | 12 ++---------- .../AuthenticatorValidateStageForm.ts | 12 ++---------- .../AuthenticateWebAuthnStageForm.ts | 12 ++---------- web/src/admin/stages/captcha/CaptchaStageForm.ts | 12 ++---------- web/src/admin/stages/consent/ConsentStageForm.ts | 12 ++---------- web/src/admin/stages/deny/DenyStageForm.ts | 12 ++---------- web/src/admin/stages/dummy/DummyStageForm.ts | 12 ++---------- web/src/admin/stages/email/EmailStageForm.ts | 12 ++---------- .../stages/identification/IdentificationStageForm.ts | 12 ++---------- web/src/admin/stages/invitation/InvitationForm.ts | 8 +++----- .../admin/stages/invitation/InvitationStageForm.ts | 12 ++---------- web/src/admin/stages/password/PasswordStageForm.ts | 12 ++---------- web/src/admin/stages/prompt/PromptForm.ts | 8 +++----- web/src/admin/stages/prompt/PromptStageForm.ts | 12 ++---------- .../admin/stages/user_delete/UserDeleteStageForm.ts | 12 ++---------- .../admin/stages/user_login/UserLoginStageForm.ts | 12 ++---------- .../admin/stages/user_logout/UserLogoutStageForm.ts | 12 ++---------- .../admin/stages/user_write/UserWriteStageForm.ts | 12 ++---------- web/src/admin/tenants/TenantForm.ts | 8 +++----- web/src/admin/tokens/TokenForm.ts | 8 +++----- web/src/user/user-settings/tokens/UserTokenForm.ts | 8 +++----- 61 files changed, 184 insertions(+), 475 deletions(-) create mode 100644 web/src/admin/policies/BasePolicyForm.ts create mode 100644 web/src/admin/property-mappings/BasePropertyMappingForm.ts create mode 100644 web/src/admin/providers/BaseProviderForm.ts create mode 100644 web/src/admin/sources/BaseSourceForm.ts create mode 100644 web/src/admin/stages/BaseStageForm.ts diff --git a/web/src/admin/applications/ApplicationForm.ts b/web/src/admin/applications/ApplicationForm.ts index 64ed05adb..970b3638e 100644 --- a/web/src/admin/applications/ApplicationForm.ts +++ b/web/src/admin/applications/ApplicationForm.ts @@ -75,11 +75,9 @@ export class ApplicationForm extends ModelForm { clearIcon = false; getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated application."); - } else { - return msg("Successfully created application."); - } + return this.instance + ? msg("Successfully updated application.") + : msg("Successfully created application."); } async send(data: Application): Promise { diff --git a/web/src/admin/blueprints/BlueprintForm.ts b/web/src/admin/blueprints/BlueprintForm.ts index 47b6c492c..2df50180b 100644 --- a/web/src/admin/blueprints/BlueprintForm.ts +++ b/web/src/admin/blueprints/BlueprintForm.ts @@ -44,11 +44,9 @@ export class BlueprintForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated instance."); - } else { - return msg("Successfully created instance."); - } + return this.instance + ? msg("Successfully updated instance.") + : msg("Successfully created instance."); } static get styles(): CSSResult[] { diff --git a/web/src/admin/crypto/CertificateKeyPairForm.ts b/web/src/admin/crypto/CertificateKeyPairForm.ts index 46e7cd4c9..6f194d436 100644 --- a/web/src/admin/crypto/CertificateKeyPairForm.ts +++ b/web/src/admin/crypto/CertificateKeyPairForm.ts @@ -19,11 +19,9 @@ export class CertificateKeyPairForm extends ModelForm { diff --git a/web/src/admin/events/RuleForm.ts b/web/src/admin/events/RuleForm.ts index 43e54ab89..ed392a1ca 100644 --- a/web/src/admin/events/RuleForm.ts +++ b/web/src/admin/events/RuleForm.ts @@ -37,11 +37,9 @@ export class RuleForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated rule."); - } else { - return msg("Successfully created rule."); - } + return this.instance + ? msg("Successfully updated rule.") + : msg("Successfully created rule."); } async send(data: NotificationRule): Promise { diff --git a/web/src/admin/events/TransportForm.ts b/web/src/admin/events/TransportForm.ts index 1554d7007..593477c60 100644 --- a/web/src/admin/events/TransportForm.ts +++ b/web/src/admin/events/TransportForm.ts @@ -36,11 +36,9 @@ export class TransportForm extends ModelForm { showWebhook = false; getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated transport."); - } else { - return msg("Successfully created transport."); - } + return this.instance + ? msg("Successfully updated transport.") + : msg("Successfully created transport."); } async send(data: NotificationTransport): Promise { diff --git a/web/src/admin/flows/FlowForm.ts b/web/src/admin/flows/FlowForm.ts index a78c0f4fa..eb37aa4ca 100644 --- a/web/src/admin/flows/FlowForm.ts +++ b/web/src/admin/flows/FlowForm.ts @@ -34,11 +34,9 @@ export class FlowForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated flow."); - } else { - return msg("Successfully created flow."); - } + return this.instance + ? msg("Successfully updated flow.") + : msg("Successfully created flow."); } @property({ type: Boolean }) diff --git a/web/src/admin/groups/GroupForm.ts b/web/src/admin/groups/GroupForm.ts index 1d703133e..b55cafb56 100644 --- a/web/src/admin/groups/GroupForm.ts +++ b/web/src/admin/groups/GroupForm.ts @@ -46,11 +46,9 @@ export class GroupForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated group."); - } else { - return msg("Successfully created group."); - } + return this.instance + ? msg("Successfully updated group.") + : msg("Successfully created group."); } async load(): Promise { diff --git a/web/src/admin/outposts/OutpostForm.ts b/web/src/admin/outposts/OutpostForm.ts index 65fd60845..1952cfe85 100644 --- a/web/src/admin/outposts/OutpostForm.ts +++ b/web/src/admin/outposts/OutpostForm.ts @@ -79,11 +79,9 @@ export class OutpostForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated outpost."); - } else { - return msg("Successfully created outpost."); - } + return this.instance + ? msg("Successfully updated outpost.") + : msg("Successfully created outpost."); } async send(data: Outpost): Promise { diff --git a/web/src/admin/outposts/ServiceConnectionDockerForm.ts b/web/src/admin/outposts/ServiceConnectionDockerForm.ts index ca15d552c..10dc8894b 100644 --- a/web/src/admin/outposts/ServiceConnectionDockerForm.ts +++ b/web/src/admin/outposts/ServiceConnectionDockerForm.ts @@ -21,11 +21,9 @@ export class ServiceConnectionDockerForm extends ModelForm { diff --git a/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts b/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts index f087998cc..414bb8922 100644 --- a/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts +++ b/web/src/admin/outposts/ServiceConnectionKubernetesForm.ts @@ -25,11 +25,9 @@ export class ServiceConnectionKubernetesForm extends ModelForm< } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated integration."); - } else { - return msg("Successfully created integration."); - } + return this.instance + ? msg("Successfully updated integration.") + : msg("Successfully created integration."); } async send(data: KubernetesServiceConnection): Promise { diff --git a/web/src/admin/policies/BasePolicyForm.ts b/web/src/admin/policies/BasePolicyForm.ts new file mode 100644 index 000000000..450a653a6 --- /dev/null +++ b/web/src/admin/policies/BasePolicyForm.ts @@ -0,0 +1,11 @@ +import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; + +import { msg } from "@lit/localize"; + +export abstract class BasePolicyForm extends ModelForm { + getSuccessMessage(): string { + return this.instance + ? msg("Successfully updated policy.") + : msg("Successfully created policy."); + } +} diff --git a/web/src/admin/policies/dummy/DummyPolicyForm.ts b/web/src/admin/policies/dummy/DummyPolicyForm.ts index 7dcb82ec2..57fe5812d 100644 --- a/web/src/admin/policies/dummy/DummyPolicyForm.ts +++ b/web/src/admin/policies/dummy/DummyPolicyForm.ts @@ -1,8 +1,8 @@ +import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -12,21 +12,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { DummyPolicy, PoliciesApi } from "@goauthentik/api"; @customElement("ak-policy-dummy-form") -export class DummyPolicyForm extends ModelForm { +export class DummyPolicyForm extends BasePolicyForm { loadInstance(pk: string): Promise { return new PoliciesApi(DEFAULT_CONFIG).policiesDummyRetrieve({ policyUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated policy."); - } else { - return msg("Successfully created policy."); - } - } - async send(data: DummyPolicy): Promise { if (this.instance) { return new PoliciesApi(DEFAULT_CONFIG).policiesDummyUpdate({ diff --git a/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts b/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts index a8198d8f6..b6d3e00d1 100644 --- a/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts +++ b/web/src/admin/policies/event_matcher/EventMatcherPolicyForm.ts @@ -1,8 +1,8 @@ +import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -20,21 +20,13 @@ import { } from "@goauthentik/api"; @customElement("ak-policy-event-matcher-form") -export class EventMatcherPolicyForm extends ModelForm { +export class EventMatcherPolicyForm extends BasePolicyForm { loadInstance(pk: string): Promise { return new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherRetrieve({ policyUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated policy."); - } else { - return msg("Successfully created policy."); - } - } - async send(data: EventMatcherPolicy): Promise { if (data.action?.toString() === "") data.action = null; if (data.clientIp?.toString() === "") data.clientIp = null; diff --git a/web/src/admin/policies/expiry/ExpiryPolicyForm.ts b/web/src/admin/policies/expiry/ExpiryPolicyForm.ts index 0ec7caae3..c22311571 100644 --- a/web/src/admin/policies/expiry/ExpiryPolicyForm.ts +++ b/web/src/admin/policies/expiry/ExpiryPolicyForm.ts @@ -1,8 +1,8 @@ +import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -12,21 +12,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { PasswordExpiryPolicy, PoliciesApi } from "@goauthentik/api"; @customElement("ak-policy-password-expiry-form") -export class PasswordExpiryPolicyForm extends ModelForm { +export class PasswordExpiryPolicyForm extends BasePolicyForm { loadInstance(pk: string): Promise { return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordExpiryRetrieve({ policyUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated policy."); - } else { - return msg("Successfully created policy."); - } - } - async send(data: PasswordExpiryPolicy): Promise { if (this.instance) { return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordExpiryUpdate({ diff --git a/web/src/admin/policies/expression/ExpressionPolicyForm.ts b/web/src/admin/policies/expression/ExpressionPolicyForm.ts index a00c6584d..01c603914 100644 --- a/web/src/admin/policies/expression/ExpressionPolicyForm.ts +++ b/web/src/admin/policies/expression/ExpressionPolicyForm.ts @@ -1,3 +1,4 @@ +import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { docLink } from "@goauthentik/common/global"; import { first } from "@goauthentik/common/utils"; @@ -5,7 +6,6 @@ import "@goauthentik/elements/CodeMirror"; import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -15,21 +15,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { ExpressionPolicy, PoliciesApi } from "@goauthentik/api"; @customElement("ak-policy-expression-form") -export class ExpressionPolicyForm extends ModelForm { +export class ExpressionPolicyForm extends BasePolicyForm { loadInstance(pk: string): Promise { return new PoliciesApi(DEFAULT_CONFIG).policiesExpressionRetrieve({ policyUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated policy."); - } else { - return msg("Successfully created policy."); - } - } - async send(data: ExpressionPolicy): Promise { if (this.instance) { return new PoliciesApi(DEFAULT_CONFIG).policiesExpressionUpdate({ diff --git a/web/src/admin/policies/password/PasswordPolicyForm.ts b/web/src/admin/policies/password/PasswordPolicyForm.ts index 96183b077..08674effa 100644 --- a/web/src/admin/policies/password/PasswordPolicyForm.ts +++ b/web/src/admin/policies/password/PasswordPolicyForm.ts @@ -1,8 +1,8 @@ +import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -12,7 +12,7 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { PasswordPolicy, PoliciesApi } from "@goauthentik/api"; @customElement("ak-policy-password-form") -export class PasswordPolicyForm extends ModelForm { +export class PasswordPolicyForm extends BasePolicyForm { @state() showStatic = true; @@ -32,14 +32,6 @@ export class PasswordPolicyForm extends ModelForm { return policy; } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated policy."); - } else { - return msg("Successfully created policy."); - } - } - async send(data: PasswordPolicy): Promise { if (this.instance) { return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordUpdate({ diff --git a/web/src/admin/policies/reputation/ReputationPolicyForm.ts b/web/src/admin/policies/reputation/ReputationPolicyForm.ts index a32d6febf..d5f12ba1c 100644 --- a/web/src/admin/policies/reputation/ReputationPolicyForm.ts +++ b/web/src/admin/policies/reputation/ReputationPolicyForm.ts @@ -1,8 +1,8 @@ +import { BasePolicyForm } from "@goauthentik/admin/policies/BasePolicyForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -12,21 +12,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { PoliciesApi, ReputationPolicy } from "@goauthentik/api"; @customElement("ak-policy-reputation-form") -export class ReputationPolicyForm extends ModelForm { +export class ReputationPolicyForm extends BasePolicyForm { loadInstance(pk: string): Promise { return new PoliciesApi(DEFAULT_CONFIG).policiesReputationRetrieve({ policyUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated policy."); - } else { - return msg("Successfully created policy."); - } - } - async send(data: ReputationPolicy): Promise { if (this.instance) { return new PoliciesApi(DEFAULT_CONFIG).policiesReputationUpdate({ diff --git a/web/src/admin/property-mappings/BasePropertyMappingForm.ts b/web/src/admin/property-mappings/BasePropertyMappingForm.ts new file mode 100644 index 000000000..82981b9cf --- /dev/null +++ b/web/src/admin/property-mappings/BasePropertyMappingForm.ts @@ -0,0 +1,11 @@ +import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; + +import { msg } from "@lit/localize"; + +export abstract class BasePropertyMappingForm extends ModelForm { + getSuccessMessage(): string { + return this.instance + ? msg("Successfully updated mapping.") + : msg("Successfully created mapping."); + } +} diff --git a/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts b/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts index 6919ab079..0b5afe81b 100644 --- a/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts +++ b/web/src/admin/property-mappings/PropertyMappingLDAPForm.ts @@ -1,9 +1,9 @@ +import { BasePropertyMappingForm } from "@goauthentik/admin/property-mappings/BasePropertyMappingForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { docLink } from "@goauthentik/common/global"; import "@goauthentik/elements/CodeMirror"; import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -13,21 +13,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { LDAPPropertyMapping, PropertymappingsApi } from "@goauthentik/api"; @customElement("ak-property-mapping-ldap-form") -export class PropertyMappingLDAPForm extends ModelForm { +export class PropertyMappingLDAPForm extends BasePropertyMappingForm { loadInstance(pk: string): Promise { return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapRetrieve({ pmUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated mapping."); - } else { - return msg("Successfully created mapping."); - } - } - async send(data: LDAPPropertyMapping): Promise { if (this.instance) { return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapUpdate({ diff --git a/web/src/admin/property-mappings/PropertyMappingNotification.ts b/web/src/admin/property-mappings/PropertyMappingNotification.ts index 8ab561dec..9991d2a32 100644 --- a/web/src/admin/property-mappings/PropertyMappingNotification.ts +++ b/web/src/admin/property-mappings/PropertyMappingNotification.ts @@ -21,11 +21,9 @@ export class PropertyMappingNotification extends ModelForm { diff --git a/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts b/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts index 77836c505..101455c84 100644 --- a/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts +++ b/web/src/admin/property-mappings/PropertyMappingSAMLForm.ts @@ -1,9 +1,9 @@ +import { BasePropertyMappingForm } from "@goauthentik/admin/property-mappings/BasePropertyMappingForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { docLink } from "@goauthentik/common/global"; import "@goauthentik/elements/CodeMirror"; import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -13,21 +13,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { PropertymappingsApi, SAMLPropertyMapping } from "@goauthentik/api"; @customElement("ak-property-mapping-saml-form") -export class PropertyMappingSAMLForm extends ModelForm { +export class PropertyMappingSAMLForm extends BasePropertyMappingForm { loadInstance(pk: string): Promise { return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSamlRetrieve({ pmUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated mapping."); - } else { - return msg("Successfully created mapping."); - } - } - async send(data: SAMLPropertyMapping): Promise { if (this.instance) { return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSamlUpdate({ diff --git a/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts b/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts index 19bd13aab..30993cbbd 100644 --- a/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts +++ b/web/src/admin/property-mappings/PropertyMappingSCIMForm.ts @@ -1,9 +1,9 @@ +import { BasePropertyMappingForm } from "@goauthentik/admin/property-mappings/BasePropertyMappingForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { docLink } from "@goauthentik/common/global"; import "@goauthentik/elements/CodeMirror"; import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -13,21 +13,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { PropertymappingsApi, SCIMMapping } from "@goauthentik/api"; @customElement("ak-property-mapping-scim-form") -export class PropertyMappingSCIMForm extends ModelForm { +export class PropertyMappingSCIMForm extends BasePropertyMappingForm { loadInstance(pk: string): Promise { return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScimRetrieve({ pmUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated mapping."); - } else { - return msg("Successfully created mapping."); - } - } - async send(data: SCIMMapping): Promise { if (this.instance) { return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScimUpdate({ diff --git a/web/src/admin/property-mappings/PropertyMappingScopeForm.ts b/web/src/admin/property-mappings/PropertyMappingScopeForm.ts index caf2dc11d..3df60889f 100644 --- a/web/src/admin/property-mappings/PropertyMappingScopeForm.ts +++ b/web/src/admin/property-mappings/PropertyMappingScopeForm.ts @@ -1,9 +1,9 @@ +import { BasePropertyMappingForm } from "@goauthentik/admin/property-mappings/BasePropertyMappingForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { docLink } from "@goauthentik/common/global"; import "@goauthentik/elements/CodeMirror"; import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -13,21 +13,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { PropertymappingsApi, ScopeMapping } from "@goauthentik/api"; @customElement("ak-property-mapping-scope-form") -export class PropertyMappingScopeForm extends ModelForm { +export class PropertyMappingScopeForm extends BasePropertyMappingForm { loadInstance(pk: string): Promise { return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeRetrieve({ pmUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated mapping."); - } else { - return msg("Successfully created mapping."); - } - } - async send(data: ScopeMapping): Promise { if (this.instance) { return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeUpdate({ diff --git a/web/src/admin/providers/BaseProviderForm.ts b/web/src/admin/providers/BaseProviderForm.ts new file mode 100644 index 000000000..3f6134046 --- /dev/null +++ b/web/src/admin/providers/BaseProviderForm.ts @@ -0,0 +1,11 @@ +import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; + +import { msg } from "@lit/localize"; + +export abstract class BaseProviderForm extends ModelForm { + getSuccessMessage(): string { + return this.instance + ? msg("Successfully updated provider.") + : msg("Successfully created provider."); + } +} diff --git a/web/src/admin/providers/ldap/LDAPProviderForm.ts b/web/src/admin/providers/ldap/LDAPProviderForm.ts index 7a6a2eb81..449a3ad5b 100644 --- a/web/src/admin/providers/ldap/LDAPProviderForm.ts +++ b/web/src/admin/providers/ldap/LDAPProviderForm.ts @@ -1,11 +1,11 @@ import "@goauthentik/admin/common/ak-crypto-certificate-search"; import "@goauthentik/admin/common/ak-flow-search/ak-tenanted-flow-search"; +import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import { rootInterface } from "@goauthentik/elements/Base"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/forms/SearchSelect"; @@ -25,21 +25,13 @@ import { } from "@goauthentik/api"; @customElement("ak-provider-ldap-form") -export class LDAPProviderFormPage extends ModelForm { +export class LDAPProviderFormPage extends BaseProviderForm { async loadInstance(pk: number): Promise { return new ProvidersApi(DEFAULT_CONFIG).providersLdapRetrieve({ id: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated provider."); - } else { - return msg("Successfully created provider."); - } - } - async send(data: LDAPProvider): Promise { if (this.instance) { return new ProvidersApi(DEFAULT_CONFIG).providersLdapUpdate({ diff --git a/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts b/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts index f5b59efe5..000df8cad 100644 --- a/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts +++ b/web/src/admin/providers/oauth2/OAuth2ProviderForm.ts @@ -1,5 +1,6 @@ import "@goauthentik/admin/common/ak-crypto-certificate-search"; import "@goauthentik/admin/common/ak-flow-search/ak-flow-search"; +import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { ascii_letters, digits, first, randomString } from "@goauthentik/common/utils"; import "@goauthentik/components/ak-radio-input"; @@ -7,7 +8,6 @@ import "@goauthentik/components/ak-text-input"; import "@goauthentik/components/ak-textarea-input"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/forms/SearchSelect"; import "@goauthentik/elements/utils/TimeDeltaHelp"; @@ -116,7 +116,7 @@ export const redirectUriHelp = html`${redirectUriHelpMessages.map( */ @customElement("ak-provider-oauth2-form") -export class OAuth2ProviderFormPage extends ModelForm { +export class OAuth2ProviderFormPage extends BaseProviderForm { propertyMappings?: PaginatedScopeMappingList; oauthSources?: PaginatedOAuthSourceList; @@ -143,14 +143,6 @@ export class OAuth2ProviderFormPage extends ModelForm { }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated provider."); - } else { - return msg("Successfully created provider."); - } - } - async send(data: OAuth2Provider): Promise { if (this.instance) { return new ProvidersApi(DEFAULT_CONFIG).providersOauth2Update({ diff --git a/web/src/admin/providers/proxy/ProxyProviderForm.ts b/web/src/admin/providers/proxy/ProxyProviderForm.ts index 5f8e79c56..ddd554572 100644 --- a/web/src/admin/providers/proxy/ProxyProviderForm.ts +++ b/web/src/admin/providers/proxy/ProxyProviderForm.ts @@ -1,11 +1,11 @@ import "@goauthentik/admin/common/ak-crypto-certificate-search"; import "@goauthentik/admin/common/ak-flow-search/ak-flow-search"; +import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/components/ak-toggle-group"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import "@goauthentik/elements/utils/TimeDeltaHelp"; @@ -30,7 +30,7 @@ import { } from "@goauthentik/api"; @customElement("ak-provider-proxy-form") -export class ProxyProviderFormPage extends ModelForm { +export class ProxyProviderFormPage extends BaseProviderForm { static get styles(): CSSResult[] { return [...super.styles, PFContent, PFList, PFSpacing]; } @@ -65,14 +65,6 @@ export class ProxyProviderFormPage extends ModelForm { @state() mode: ProxyMode = ProxyMode.Proxy; - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated provider."); - } else { - return msg("Successfully created provider."); - } - } - async send(data: ProxyProvider): Promise { data.mode = this.mode; if (this.mode !== ProxyMode.ForwardDomain) { diff --git a/web/src/admin/providers/radius/RadiusProviderForm.ts b/web/src/admin/providers/radius/RadiusProviderForm.ts index 3898ba048..269a5ee95 100644 --- a/web/src/admin/providers/radius/RadiusProviderForm.ts +++ b/web/src/admin/providers/radius/RadiusProviderForm.ts @@ -1,9 +1,9 @@ +import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { ascii_letters, digits, first, randomString } from "@goauthentik/common/utils"; import { rootInterface } from "@goauthentik/elements/Base"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -14,21 +14,13 @@ import { customElement } from "lit/decorators.js"; import { FlowsInstancesListDesignationEnum, ProvidersApi, RadiusProvider } from "@goauthentik/api"; @customElement("ak-provider-radius-form") -export class RadiusProviderFormPage extends ModelForm { +export class RadiusProviderFormPage extends BaseProviderForm { loadInstance(pk: number): Promise { return new ProvidersApi(DEFAULT_CONFIG).providersRadiusRetrieve({ id: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated provider."); - } else { - return msg("Successfully created provider."); - } - } - async send(data: RadiusProvider): Promise { if (this.instance) { return new ProvidersApi(DEFAULT_CONFIG).providersRadiusUpdate({ diff --git a/web/src/admin/providers/saml/SAMLProviderForm.ts b/web/src/admin/providers/saml/SAMLProviderForm.ts index 181a0c831..006a32545 100644 --- a/web/src/admin/providers/saml/SAMLProviderForm.ts +++ b/web/src/admin/providers/saml/SAMLProviderForm.ts @@ -1,9 +1,9 @@ import "@goauthentik/admin/common/ak-crypto-certificate-search"; import "@goauthentik/admin/common/ak-flow-search/ak-flow-search"; +import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/forms/SearchSelect"; import "@goauthentik/elements/utils/TimeDeltaHelp"; @@ -27,7 +27,7 @@ import { } from "@goauthentik/api"; @customElement("ak-provider-saml-form") -export class SAMLProviderFormPage extends ModelForm { +export class SAMLProviderFormPage extends BaseProviderForm { loadInstance(pk: number): Promise { return new ProvidersApi(DEFAULT_CONFIG).providersSamlRetrieve({ id: pk, @@ -44,14 +44,6 @@ export class SAMLProviderFormPage extends ModelForm { propertyMappings?: PaginatedSAMLPropertyMappingList; - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated provider."); - } else { - return msg("Successfully created provider."); - } - } - async send(data: SAMLProvider): Promise { if (this.instance) { return new ProvidersApi(DEFAULT_CONFIG).providersSamlUpdate({ diff --git a/web/src/admin/providers/scim/SCIMProviderForm.ts b/web/src/admin/providers/scim/SCIMProviderForm.ts index cdc935973..e505c4b23 100644 --- a/web/src/admin/providers/scim/SCIMProviderForm.ts +++ b/web/src/admin/providers/scim/SCIMProviderForm.ts @@ -1,8 +1,8 @@ +import { BaseProviderForm } from "@goauthentik/admin/providers/BaseProviderForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/forms/SearchSelect"; @@ -22,7 +22,7 @@ import { } from "@goauthentik/api"; @customElement("ak-provider-scim-form") -export class SCIMProviderFormPage extends ModelForm { +export class SCIMProviderFormPage extends BaseProviderForm { loadInstance(pk: number): Promise { return new ProvidersApi(DEFAULT_CONFIG).providersScimRetrieve({ id: pk, @@ -39,14 +39,6 @@ export class SCIMProviderFormPage extends ModelForm { propertyMappings?: PaginatedSCIMMappingList; - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated provider."); - } else { - return msg("Successfully created provider."); - } - } - async send(data: SCIMProvider): Promise { if (this.instance) { return new ProvidersApi(DEFAULT_CONFIG).providersScimUpdate({ diff --git a/web/src/admin/roles/RoleForm.ts b/web/src/admin/roles/RoleForm.ts index 7d4778469..e5cc0e8f3 100644 --- a/web/src/admin/roles/RoleForm.ts +++ b/web/src/admin/roles/RoleForm.ts @@ -21,11 +21,9 @@ export class RoleForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated role."); - } else { - return msg("Successfully created role."); - } + return this.instance + ? msg("Successfully updated role.") + : msg("Successfully created role."); } async send(data: Role): Promise { diff --git a/web/src/admin/sources/BaseSourceForm.ts b/web/src/admin/sources/BaseSourceForm.ts new file mode 100644 index 000000000..f8c68c4bd --- /dev/null +++ b/web/src/admin/sources/BaseSourceForm.ts @@ -0,0 +1,11 @@ +import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; + +import { msg } from "@lit/localize"; + +export abstract class BaseSourceForm extends ModelForm { + getSuccessMessage(): string { + return this.instance + ? msg("Successfully updated source.") + : msg("Successfully created source."); + } +} diff --git a/web/src/admin/sources/ldap/LDAPSourceForm.ts b/web/src/admin/sources/ldap/LDAPSourceForm.ts index 188f177fe..39a121cb9 100644 --- a/web/src/admin/sources/ldap/LDAPSourceForm.ts +++ b/web/src/admin/sources/ldap/LDAPSourceForm.ts @@ -1,10 +1,10 @@ import "@goauthentik/admin/common/ak-crypto-certificate-search"; import { placeholderHelperText } from "@goauthentik/admin/helperText"; +import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -24,7 +24,7 @@ import { } from "@goauthentik/api"; @customElement("ak-source-ldap-form") -export class LDAPSourceForm extends ModelForm { +export class LDAPSourceForm extends BaseSourceForm { loadInstance(pk: string): Promise { return new SourcesApi(DEFAULT_CONFIG).sourcesLdapRetrieve({ slug: pk, @@ -41,14 +41,6 @@ export class LDAPSourceForm extends ModelForm { propertyMappings?: PaginatedLDAPPropertyMappingList; - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated source."); - } else { - return msg("Successfully created source."); - } - } - async send(data: LDAPSource): Promise { if (this.instance) { return new SourcesApi(DEFAULT_CONFIG).sourcesLdapPartialUpdate({ diff --git a/web/src/admin/sources/oauth/OAuthSourceForm.ts b/web/src/admin/sources/oauth/OAuthSourceForm.ts index 51b1c6e42..cf0209fcb 100644 --- a/web/src/admin/sources/oauth/OAuthSourceForm.ts +++ b/web/src/admin/sources/oauth/OAuthSourceForm.ts @@ -1,5 +1,6 @@ import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search"; import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText"; +import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm"; import { UserMatchingModeToLabel } from "@goauthentik/admin/sources/oauth/utils"; import { DEFAULT_CONFIG, config } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; @@ -8,7 +9,6 @@ import "@goauthentik/elements/CodeMirror"; import { CodeMirrorMode } from "@goauthentik/elements/CodeMirror"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -28,7 +28,7 @@ import { } from "@goauthentik/api"; @customElement("ak-source-oauth-form") -export class OAuthSourceForm extends ModelForm { +export class OAuthSourceForm extends BaseSourceForm { async loadInstance(pk: string): Promise { const source = await new SourcesApi(DEFAULT_CONFIG).sourcesOauthRetrieve({ slug: pk, @@ -61,14 +61,6 @@ export class OAuthSourceForm extends ModelForm { @state() clearIcon = false; - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated source."); - } else { - return msg("Successfully created source."); - } - } - async send(data: OAuthSource): Promise { data.providerType = (this.providerType?.slug || "") as ProviderTypeEnum; let source: OAuthSource; diff --git a/web/src/admin/sources/plex/PlexSourceForm.ts b/web/src/admin/sources/plex/PlexSourceForm.ts index 1318a1ae9..8091067ff 100644 --- a/web/src/admin/sources/plex/PlexSourceForm.ts +++ b/web/src/admin/sources/plex/PlexSourceForm.ts @@ -1,5 +1,6 @@ import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search"; import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText"; +import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm"; import { UserMatchingModeToLabel } from "@goauthentik/admin/sources/oauth/utils"; import { DEFAULT_CONFIG, config } from "@goauthentik/common/api/config"; import { PlexAPIClient, PlexResource, popupCenterScreen } from "@goauthentik/common/helpers/plex"; @@ -7,7 +8,6 @@ import { ascii_letters, digits, first, randomString } from "@goauthentik/common/ import { rootInterface } from "@goauthentik/elements/Base"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -24,7 +24,7 @@ import { } from "@goauthentik/api"; @customElement("ak-source-plex-form") -export class PlexSourceForm extends ModelForm { +export class PlexSourceForm extends BaseSourceForm { async loadInstance(pk: string): Promise { const source = await new SourcesApi(DEFAULT_CONFIG).sourcesPlexRetrieve({ slug: pk, @@ -50,14 +50,6 @@ export class PlexSourceForm extends ModelForm { } as PlexSource; } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated source."); - } else { - return msg("Successfully created source."); - } - } - async send(data: PlexSource): Promise { data.plexToken = this.plexToken || ""; let source: PlexSource; diff --git a/web/src/admin/sources/saml/SAMLSourceForm.ts b/web/src/admin/sources/saml/SAMLSourceForm.ts index 49ba30b28..76e996322 100644 --- a/web/src/admin/sources/saml/SAMLSourceForm.ts +++ b/web/src/admin/sources/saml/SAMLSourceForm.ts @@ -1,13 +1,13 @@ import "@goauthentik/admin/common/ak-crypto-certificate-search"; import "@goauthentik/admin/common/ak-flow-search/ak-source-flow-search"; import { iconHelperText, placeholderHelperText } from "@goauthentik/admin/helperText"; +import { BaseSourceForm } from "@goauthentik/admin/sources/BaseSourceForm"; import { UserMatchingModeToLabel } from "@goauthentik/admin/sources/oauth/utils"; import { DEFAULT_CONFIG, config } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import { rootInterface } from "@goauthentik/elements/Base"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/utils/TimeDeltaHelp"; @@ -29,7 +29,7 @@ import { } from "@goauthentik/api"; @customElement("ak-source-saml-form") -export class SAMLSourceForm extends ModelForm { +export class SAMLSourceForm extends BaseSourceForm { @state() clearIcon = false; @@ -41,14 +41,6 @@ export class SAMLSourceForm extends ModelForm { return source; } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated source."); - } else { - return msg("Successfully created source."); - } - } - async send(data: SAMLSource): Promise { let source: SAMLSource; if (this.instance) { diff --git a/web/src/admin/stages/BaseStageForm.ts b/web/src/admin/stages/BaseStageForm.ts new file mode 100644 index 000000000..67c5ffc35 --- /dev/null +++ b/web/src/admin/stages/BaseStageForm.ts @@ -0,0 +1,11 @@ +import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; + +import { msg } from "@lit/localize"; + +export abstract class BaseStageForm extends ModelForm { + getSuccessMessage(): string { + return this.instance + ? msg("Successfully updated stage.") + : msg("Successfully created stage."); + } +} diff --git a/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts b/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts index 4d74059be..db9322a84 100644 --- a/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts +++ b/web/src/admin/stages/authenticator_duo/AuthenticatorDuoStageForm.ts @@ -1,9 +1,9 @@ import { RenderFlowOption } from "@goauthentik/admin/flows/utils"; +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -21,21 +21,13 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-authenticator-duo-form") -export class AuthenticatorDuoStageForm extends ModelForm { +export class AuthenticatorDuoStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorDuoRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: AuthenticatorDuoStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorDuoPartialUpdate({ diff --git a/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts b/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts index 4522d050b..2938b156a 100644 --- a/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts +++ b/web/src/admin/stages/authenticator_sms/AuthenticatorSMSStageForm.ts @@ -1,9 +1,9 @@ import { RenderFlowOption } from "@goauthentik/admin/flows/utils"; +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/forms/SearchSelect"; @@ -26,7 +26,7 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-authenticator-sms-form") -export class AuthenticatorSMSStageForm extends ModelForm { +export class AuthenticatorSMSStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG) .stagesAuthenticatorSmsRetrieve({ @@ -45,14 +45,6 @@ export class AuthenticatorSMSStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorSmsUpdate({ diff --git a/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts b/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts index f9f2684d0..7a5dcab47 100644 --- a/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts +++ b/web/src/admin/stages/authenticator_static/AuthenticatorStaticStageForm.ts @@ -1,8 +1,8 @@ import { RenderFlowOption } from "@goauthentik/admin/flows/utils"; +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -19,21 +19,13 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-authenticator-static-form") -export class AuthenticatorStaticStageForm extends ModelForm { +export class AuthenticatorStaticStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorStaticRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: AuthenticatorStaticStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorStaticUpdate({ diff --git a/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts b/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts index aebca9872..91ddcab19 100644 --- a/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts +++ b/web/src/admin/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts @@ -1,9 +1,9 @@ import { RenderFlowOption } from "@goauthentik/admin/flows/utils"; +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -21,21 +21,13 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-authenticator-totp-form") -export class AuthenticatorTOTPStageForm extends ModelForm { +export class AuthenticatorTOTPStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorTotpRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: AuthenticatorTOTPStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorTotpUpdate({ diff --git a/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts b/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts index 146422988..2884f948c 100644 --- a/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts +++ b/web/src/admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts @@ -1,7 +1,7 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/utils/TimeDeltaHelp"; @@ -20,7 +20,7 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-authenticator-validate-form") -export class AuthenticatorValidateStageForm extends ModelForm { +export class AuthenticatorValidateStageForm extends BaseStageForm { async loadInstance(pk: string): Promise { const stage = await new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorValidateRetrieve({ stageUuid: pk, @@ -41,14 +41,6 @@ export class AuthenticatorValidateStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorValidateUpdate({ diff --git a/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts b/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts index 9bd8bebe1..d8464b6f3 100644 --- a/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts +++ b/web/src/admin/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts @@ -1,8 +1,8 @@ import { RenderFlowOption } from "@goauthentik/admin/flows/utils"; +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/forms/SearchSelect"; @@ -23,21 +23,13 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-authenticator-webauthn-form") -export class AuthenticateWebAuthnStageForm extends ModelForm { +export class AuthenticateWebAuthnStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorWebauthnRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: AuthenticateWebAuthnStage): Promise { if (data.authenticatorAttachment?.toString() === "") { data.authenticatorAttachment = null; diff --git a/web/src/admin/stages/captcha/CaptchaStageForm.ts b/web/src/admin/stages/captcha/CaptchaStageForm.ts index cc8299f30..cacdee5de 100644 --- a/web/src/admin/stages/captcha/CaptchaStageForm.ts +++ b/web/src/admin/stages/captcha/CaptchaStageForm.ts @@ -1,7 +1,7 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -11,21 +11,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { CaptchaStage, CaptchaStageRequest, StagesApi } from "@goauthentik/api"; @customElement("ak-stage-captcha-form") -export class CaptchaStageForm extends ModelForm { +export class CaptchaStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesCaptchaRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: CaptchaStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesCaptchaPartialUpdate({ diff --git a/web/src/admin/stages/consent/ConsentStageForm.ts b/web/src/admin/stages/consent/ConsentStageForm.ts index 84866b10d..7bc5ad0ec 100644 --- a/web/src/admin/stages/consent/ConsentStageForm.ts +++ b/web/src/admin/stages/consent/ConsentStageForm.ts @@ -1,7 +1,7 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/utils/TimeDeltaHelp"; import { msg } from "@lit/localize"; @@ -12,7 +12,7 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { ConsentStage, ConsentStageModeEnum, StagesApi } from "@goauthentik/api"; @customElement("ak-stage-consent-form") -export class ConsentStageForm extends ModelForm { +export class ConsentStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG) .stagesConsentRetrieve({ @@ -27,14 +27,6 @@ export class ConsentStageForm extends ModelForm { @property({ type: Boolean }) showExpiresIn = false; - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: ConsentStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesConsentUpdate({ diff --git a/web/src/admin/stages/deny/DenyStageForm.ts b/web/src/admin/stages/deny/DenyStageForm.ts index 340e911d2..ed3dffa5f 100644 --- a/web/src/admin/stages/deny/DenyStageForm.ts +++ b/web/src/admin/stages/deny/DenyStageForm.ts @@ -1,6 +1,6 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -10,21 +10,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { DenyStage, StagesApi } from "@goauthentik/api"; @customElement("ak-stage-deny-form") -export class DenyStageForm extends ModelForm { +export class DenyStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesDenyRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: DenyStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesDenyUpdate({ diff --git a/web/src/admin/stages/dummy/DummyStageForm.ts b/web/src/admin/stages/dummy/DummyStageForm.ts index 03fbbb4c3..39d36b99d 100644 --- a/web/src/admin/stages/dummy/DummyStageForm.ts +++ b/web/src/admin/stages/dummy/DummyStageForm.ts @@ -1,7 +1,7 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -11,21 +11,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { DummyStage, StagesApi } from "@goauthentik/api"; @customElement("ak-stage-dummy-form") -export class DummyStageForm extends ModelForm { +export class DummyStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesDummyRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: DummyStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesDummyUpdate({ diff --git a/web/src/admin/stages/email/EmailStageForm.ts b/web/src/admin/stages/email/EmailStageForm.ts index a08b5c115..c2595674d 100644 --- a/web/src/admin/stages/email/EmailStageForm.ts +++ b/web/src/admin/stages/email/EmailStageForm.ts @@ -1,8 +1,8 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -12,7 +12,7 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { EmailStage, StagesApi, TypeCreate } from "@goauthentik/api"; @customElement("ak-stage-email-form") -export class EmailStageForm extends ModelForm { +export class EmailStageForm extends BaseStageForm { async loadInstance(pk: string): Promise { const stage = await new StagesApi(DEFAULT_CONFIG).stagesEmailRetrieve({ stageUuid: pk, @@ -30,14 +30,6 @@ export class EmailStageForm extends ModelForm { @property({ type: Boolean }) showConnectionSettings = false; - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: EmailStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesEmailPartialUpdate({ diff --git a/web/src/admin/stages/identification/IdentificationStageForm.ts b/web/src/admin/stages/identification/IdentificationStageForm.ts index 6fad5fbb2..cc064adf1 100644 --- a/web/src/admin/stages/identification/IdentificationStageForm.ts +++ b/web/src/admin/stages/identification/IdentificationStageForm.ts @@ -1,9 +1,9 @@ import "@goauthentik/admin/common/ak-flow-search/ak-flow-search"; +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first, groupBy } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -23,7 +23,7 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-identification-form") -export class IdentificationStageForm extends ModelForm { +export class IdentificationStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesIdentificationRetrieve({ stageUuid: pk, @@ -38,14 +38,6 @@ export class IdentificationStageForm extends ModelForm { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesIdentificationUpdate({ diff --git a/web/src/admin/stages/invitation/InvitationForm.ts b/web/src/admin/stages/invitation/InvitationForm.ts index 4555a547e..24b2c34cf 100644 --- a/web/src/admin/stages/invitation/InvitationForm.ts +++ b/web/src/admin/stages/invitation/InvitationForm.ts @@ -23,11 +23,9 @@ export class InvitationForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated invitation."); - } else { - return msg("Successfully created invitation."); - } + return this.instance + ? msg("Successfully updated invitation.") + : msg("Successfully created invitation."); } async send(data: Invitation): Promise { diff --git a/web/src/admin/stages/invitation/InvitationStageForm.ts b/web/src/admin/stages/invitation/InvitationStageForm.ts index 549c58ae6..822d8a2da 100644 --- a/web/src/admin/stages/invitation/InvitationStageForm.ts +++ b/web/src/admin/stages/invitation/InvitationStageForm.ts @@ -1,8 +1,8 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -11,21 +11,13 @@ import { customElement } from "lit/decorators.js"; import { InvitationStage, StagesApi } from "@goauthentik/api"; @customElement("ak-stage-invitation-form") -export class InvitationStageForm extends ModelForm { +export class InvitationStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: InvitationStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesUpdate({ diff --git a/web/src/admin/stages/password/PasswordStageForm.ts b/web/src/admin/stages/password/PasswordStageForm.ts index ce503ef00..939f92931 100644 --- a/web/src/admin/stages/password/PasswordStageForm.ts +++ b/web/src/admin/stages/password/PasswordStageForm.ts @@ -1,9 +1,9 @@ import { RenderFlowOption } from "@goauthentik/admin/flows/utils"; +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/SearchSelect"; import { msg } from "@lit/localize"; @@ -22,21 +22,13 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-password-form") -export class PasswordStageForm extends ModelForm { +export class PasswordStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesPasswordRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: PasswordStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesPasswordUpdate({ diff --git a/web/src/admin/stages/prompt/PromptForm.ts b/web/src/admin/stages/prompt/PromptForm.ts index f46a6be5a..bddf1c368 100644 --- a/web/src/admin/stages/prompt/PromptForm.ts +++ b/web/src/admin/stages/prompt/PromptForm.ts @@ -90,11 +90,9 @@ export class PromptForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated prompt."); - } else { - return msg("Successfully created prompt."); - } + return this.instance + ? msg("Successfully updated prompt.") + : msg("Successfully created prompt."); } static get styles(): CSSResult[] { diff --git a/web/src/admin/stages/prompt/PromptStageForm.ts b/web/src/admin/stages/prompt/PromptStageForm.ts index f3841e10f..43e35f475 100644 --- a/web/src/admin/stages/prompt/PromptStageForm.ts +++ b/web/src/admin/stages/prompt/PromptStageForm.ts @@ -1,9 +1,9 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import "@goauthentik/admin/stages/prompt/PromptForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; import "@goauthentik/elements/forms/ModalForm"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg, str } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -19,7 +19,7 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-prompt-form") -export class PromptStageForm extends ModelForm { +export class PromptStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesRetrieve({ stageUuid: pk, @@ -38,14 +38,6 @@ export class PromptStageForm extends ModelForm { prompts?: PaginatedPromptList; policies?: PaginatedPolicyList; - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: PromptStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesUpdate({ diff --git a/web/src/admin/stages/user_delete/UserDeleteStageForm.ts b/web/src/admin/stages/user_delete/UserDeleteStageForm.ts index 3d15b52ff..617cd182a 100644 --- a/web/src/admin/stages/user_delete/UserDeleteStageForm.ts +++ b/web/src/admin/stages/user_delete/UserDeleteStageForm.ts @@ -1,6 +1,6 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -10,21 +10,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { StagesApi, UserDeleteStage } from "@goauthentik/api"; @customElement("ak-stage-user-delete-form") -export class UserDeleteStageForm extends ModelForm { +export class UserDeleteStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: UserDeleteStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteUpdate({ diff --git a/web/src/admin/stages/user_login/UserLoginStageForm.ts b/web/src/admin/stages/user_login/UserLoginStageForm.ts index 6ba879799..c386a9af2 100644 --- a/web/src/admin/stages/user_login/UserLoginStageForm.ts +++ b/web/src/admin/stages/user_login/UserLoginStageForm.ts @@ -1,9 +1,9 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/Alert"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/utils/TimeDeltaHelp"; import { msg } from "@lit/localize"; @@ -13,21 +13,13 @@ import { customElement } from "lit/decorators.js"; import { StagesApi, UserLoginStage } from "@goauthentik/api"; @customElement("ak-stage-user-login-form") -export class UserLoginStageForm extends ModelForm { +export class UserLoginStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesUserLoginRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: UserLoginStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesUserLoginUpdate({ diff --git a/web/src/admin/stages/user_logout/UserLogoutStageForm.ts b/web/src/admin/stages/user_logout/UserLogoutStageForm.ts index 7e90aade6..40a99500f 100644 --- a/web/src/admin/stages/user_logout/UserLogoutStageForm.ts +++ b/web/src/admin/stages/user_logout/UserLogoutStageForm.ts @@ -1,6 +1,6 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import { msg } from "@lit/localize"; import { TemplateResult, html } from "lit"; @@ -10,21 +10,13 @@ import { ifDefined } from "lit/directives/if-defined.js"; import { StagesApi, UserLogoutStage } from "@goauthentik/api"; @customElement("ak-stage-user-logout-form") -export class UserLogoutStageForm extends ModelForm { +export class UserLogoutStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: UserLogoutStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutUpdate({ diff --git a/web/src/admin/stages/user_write/UserWriteStageForm.ts b/web/src/admin/stages/user_write/UserWriteStageForm.ts index 3ef5185cd..08b436f9b 100644 --- a/web/src/admin/stages/user_write/UserWriteStageForm.ts +++ b/web/src/admin/stages/user_write/UserWriteStageForm.ts @@ -1,9 +1,9 @@ +import { BaseStageForm } from "@goauthentik/admin/stages/BaseStageForm"; import { UserCreationModeEnum } from "@goauthentik/api/dist/models/UserCreationModeEnum"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; -import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/forms/SearchSelect"; @@ -22,21 +22,13 @@ import { } from "@goauthentik/api"; @customElement("ak-stage-user-write-form") -export class UserWriteStageForm extends ModelForm { +export class UserWriteStageForm extends BaseStageForm { loadInstance(pk: string): Promise { return new StagesApi(DEFAULT_CONFIG).stagesUserWriteRetrieve({ stageUuid: pk, }); } - getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated stage."); - } else { - return msg("Successfully created stage."); - } - } - async send(data: UserWriteStage): Promise { if (this.instance) { return new StagesApi(DEFAULT_CONFIG).stagesUserWriteUpdate({ diff --git a/web/src/admin/tenants/TenantForm.ts b/web/src/admin/tenants/TenantForm.ts index 438396660..51e81b24e 100644 --- a/web/src/admin/tenants/TenantForm.ts +++ b/web/src/admin/tenants/TenantForm.ts @@ -26,11 +26,9 @@ export class TenantForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated tenant."); - } else { - return msg("Successfully created tenant."); - } + return this.instance + ? msg("Successfully updated tenant.") + : msg("Successfully created tenant."); } async send(data: Tenant): Promise { diff --git a/web/src/admin/tokens/TokenForm.ts b/web/src/admin/tokens/TokenForm.ts index 904c8cdac..7324b0e70 100644 --- a/web/src/admin/tokens/TokenForm.ts +++ b/web/src/admin/tokens/TokenForm.ts @@ -26,11 +26,9 @@ export class TokenForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated token."); - } else { - return msg("Successfully created token."); - } + return this.instance + ? msg("Successfully updated token.") + : msg("Successfully created token."); } async send(data: Token): Promise { diff --git a/web/src/user/user-settings/tokens/UserTokenForm.ts b/web/src/user/user-settings/tokens/UserTokenForm.ts index 05bb3b111..78ce3413d 100644 --- a/web/src/user/user-settings/tokens/UserTokenForm.ts +++ b/web/src/user/user-settings/tokens/UserTokenForm.ts @@ -21,11 +21,9 @@ export class UserTokenForm extends ModelForm { } getSuccessMessage(): string { - if (this.instance) { - return msg("Successfully updated token."); - } else { - return msg("Successfully created token."); - } + return this.instance + ? msg("Successfully updated token.") + : msg("Successfully created token."); } async send(data: Token): Promise { From 026e80bd10be43df1e9bad96a63e85271b28c4c9 Mon Sep 17 00:00:00 2001 From: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com> Date: Wed, 13 Dec 2023 07:16:57 -0800 Subject: [PATCH 15/16] web: replace 'description-list' with list of descriptions (#7392) * web: break circular dependency between AKElement & Interface. This commit changes the way the root node of the web application shell is discovered by child components, such that the base class shared by both no longer results in a circular dependency between the two models. I've run this in isolation and have seen no failures of discovery; the identity token exists as soon as the Interface is constructed and is found by every item on the page. * web: fix broken typescript references This built... and then it didn't? Anyway, the current fix is to provide type information the AkInterface for the data that consumers require. * web: description lists as functions One thing I hate is clutter. Just tell me what you're going to do. "Description Lists" in our code are renderings of Patternfly's DescriptionList; we use only four of their idioms: horizontal, compact, 2col, and 3col. With that in mind, I've stripped out the DescriptionList rendering code from UserViewPage and replaced it with a list of "Here's what to render" and a function call to render them. The calling code is still responsible for having the right styles available, as this is not a component or an attempt at isolation; it is *just* a function (at this point). * web: fix issue that prevented the classMap from being rendered properly * web: added comments to the description list. * web: analyze & prettier had opinions * web: Fix description-list demo This commit re-instals the demo for the "description list" of user fields. * web: prettier had opinions. * any -> unknown Signed-off-by: Jens Langhammer --------- Signed-off-by: Jens Langhammer Co-authored-by: Jens Langhammer --- web/src/admin/users/UserViewPage.ts | 243 +++++++++----------------- web/src/components/DescriptionList.ts | 94 ++++++++++ 2 files changed, 181 insertions(+), 156 deletions(-) create mode 100644 web/src/components/DescriptionList.ts diff --git a/web/src/admin/users/UserViewPage.ts b/web/src/admin/users/UserViewPage.ts index 25915b64a..6ef77aa51 100644 --- a/web/src/admin/users/UserViewPage.ts +++ b/web/src/admin/users/UserViewPage.ts @@ -14,6 +14,11 @@ import "@goauthentik/app/elements/rbac/ObjectPermissionsPage"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { EVENT_REFRESH } from "@goauthentik/common/constants"; import { userTypeToLabel } from "@goauthentik/common/labels"; +import "@goauthentik/components/DescriptionList"; +import { + type DescriptionPair, + renderDescriptionList, +} from "@goauthentik/components/DescriptionList"; import "@goauthentik/components/ak-status-label"; import "@goauthentik/components/events/ObjectChangelog"; import "@goauthentik/components/events/UserEvents"; @@ -137,165 +142,91 @@ export class UserViewPage extends AKElement { const user = this.user; - const canImpersonate = - rootInterface()?.config?.capabilities.includes(CapabilitiesEnum.CanImpersonate) && - this.user.pk !== this.me?.user.pk; + // prettier-ignore + const userInfo: DescriptionPair[] = [ + [msg("Username"), user.username], + [msg("Name"), user.name], + [msg("Email"), user.email || "-"], + [msg("Last login"), user.lastLogin?.toLocaleString()], + [msg("Active"), html``], + [msg("Type"), userTypeToLabel(user.type)], + [msg("Superuser"), html``], + [msg("Actions"), this.renderActionButtons(user)], + [msg("Recovery"), this.renderRecoveryButtons(user)], + ]; return html`

${msg("User Info")}
-
-
-
-
- ${msg("Username")} -
-
-
${user.username}
-
-
-
-
- ${msg("Name")} -
-
-
${user.name}
-
-
-
-
- ${msg("Email")} -
-
-
${user.email || "-"}
-
-
-
-
- ${msg("Last login")} -
-
-
- ${user.lastLogin?.toLocaleString()} -
-
-
-
-
- ${msg("Active")} -
-
-
- -
-
-
-
-
- ${msg("Type")} -
-
-
- ${userTypeToLabel(user.type)} -
-
-
-
-
- ${msg("Superuser")} -
-
-
- -
-
-
-
-
- ${msg("Actions")} -
-
-
- - ${msg("Update")} - ${msg("Update User")} - - - - - { - return new CoreApi(DEFAULT_CONFIG).coreUsersPartialUpdate({ - id: user.pk, - patchedUserRequest: { - isActive: !user.isActive, - }, - }); - }} - > - - - ${canImpersonate - ? html` - { - return new CoreApi(DEFAULT_CONFIG) - .coreUsersImpersonateCreate({ - id: user.pk, - }) - .then(() => { - window.location.href = "/"; - }); - }} - > - - ${msg("Impersonate")} - - - ` - : nothing} -
-
-
-
-
- ${msg("Recovery")} -
-
-
+
${renderDescriptionList(userInfo)}
+ `; + } + + renderActionButtons(user: User) { + const canImpersonate = + rootInterface()?.config?.capabilities.includes(CapabilitiesEnum.CanImpersonate) && + user.pk !== this.me?.user.pk; + + return html`
+ + ${msg("Update")} + ${msg("Update User")} + + + + { + return new CoreApi(DEFAULT_CONFIG).coreUsersPartialUpdate({ + id: user.pk, + patchedUserRequest: { + isActive: !user.isActive, + }, + }); + }} + > + + + ${canImpersonate + ? html` + { + return new CoreApi(DEFAULT_CONFIG) + .coreUsersImpersonateCreate({ + id: user.pk, + }) + .then(() => { + window.location.href = "/"; + }); + }} + > + + ${msg("Impersonate")} + + + ` + : nothing} +
`; + } + + renderRecoveryButtons(user: User) { + return html`
${msg("Update password")} ${msg("Update password")} diff --git a/web/src/components/DescriptionList.ts b/web/src/components/DescriptionList.ts new file mode 100644 index 000000000..cfeee4640 --- /dev/null +++ b/web/src/components/DescriptionList.ts @@ -0,0 +1,94 @@ +import { TemplateResult, html, nothing } from "lit"; +import { classMap } from "lit/directives/class-map.js"; +import { map } from "lit/directives/map.js"; + +export type DescriptionDesc = string | TemplateResult | undefined | typeof nothing; +export type DescriptionPair = [string, DescriptionDesc]; +export type DescriptionRecord = { term: string; desc: DescriptionDesc }; + +interface DescriptionConfig { + horizontal: boolean; + compact: boolean; + twocolumn: boolean; + threecolumn: boolean; +} + +const isDescriptionRecordCollection = (v: Array): v is DescriptionRecord[] => + v.length > 0 && typeof v[0] === "object" && !Array.isArray(v[0]); + +function renderDescriptionGroup([term, description]: DescriptionPair) { + return html`
+
+ ${term} +
+
+
${description ?? nothing}
+
+
`; +} + +function recordToPair({ term, desc }: DescriptionRecord): DescriptionPair { + return [term, desc]; +} + +function alignTermType(terms: DescriptionRecord[] | DescriptionPair[] = []) { + if (isDescriptionRecordCollection(terms)) { + return terms.map(recordToPair); + } + return terms ?? []; +} + +/** + * renderDescriptionList + * + * This function renders the most common form of the PatternFly description list used in our code. + * It expects either an array of term/description pairs or an array of `{ term: string, description: + * string | TemplateResult }`. + * + * An optional dictionary of configuration options is available. These enable the Patternfly + * "horizontal," "compact", "2 column on large," or "3 column on large" layouts that are (so far) + * the layouts used in Authentik's (and Gravity's, for that matter) code. + * + * This is not a web component and it does not bring its own styling ; calling code will still have + * to provide the styling necessary. It is only a function to replace the repetitious boilerplate of + * routine description lists. Its output is a standard TemplateResult that will be fully realized + * within the context of the DOM or ShadowDOM in which it is called. + */ + +const defaultConfig = { + horizontal: false, + compact: false, + twocolumn: false, + threecolumn: false, +}; + +export function renderDescriptionList( + terms: DescriptionRecord[], + config?: DescriptionConfig, +): TemplateResult; + +export function renderDescriptionList( + terms: DescriptionPair[], + config?: DescriptionConfig, +): TemplateResult; + +export function renderDescriptionList( + terms: DescriptionRecord[] | DescriptionPair[] = [], + config: DescriptionConfig = defaultConfig, +) { + const checkedTerms = alignTermType(terms); + const classes = classMap({ + "pf-m-horizontal": config.horizontal, + "pf-m-compact": config.compact, + "pf-m-2-col-on-lg": config.twocolumn, + "pf-m-3-col-on-lg": config.threecolumn, + }); + + return html` +
+ ${map(checkedTerms, renderDescriptionGroup)} +
+ `; +} + +export default renderDescriptionList; From 2337f5a173cfa4b34979effcc15459318ae0f59e Mon Sep 17 00:00:00 2001 From: Jens L Date: Wed, 13 Dec 2023 17:32:09 +0100 Subject: [PATCH 16/16] web: dark/light theme fixes (#7872) * web: fix css for user tree-view Signed-off-by: Jens Langhammer * fix unrelated things Signed-off-by: Jens Langhammer * fix header button colors Signed-off-by: Jens Langhammer * fix missing fallback not showing default slant Signed-off-by: Jens Langhammer * move global theme-dark css to only use for SSR rendered pages Signed-off-by: Jens Langhammer --------- Signed-off-by: Jens Langhammer --- .github/workflows/ci-main.yml | 5 +- authentik/core/templates/base/skeleton.html | 1 - authentik/core/templates/login/base_full.html | 1 + web/src/common/styles/theme-dark.css | 6 ++ web/src/user/UserInterface.ts | 8 +-- web/xliff/fr.xlf | 66 +++++++++---------- 6 files changed, 47 insertions(+), 40 deletions(-) diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml index 26baa3556..4f7cf5256 100644 --- a/.github/workflows/ci-main.yml +++ b/.github/workflows/ci-main.yml @@ -91,13 +91,14 @@ jobs: git checkout $GITHUB_SHA # Delete previous poetry env rm -rf $(poetry env info --path) - poetry install - name: Setup authentik env (ensure latest deps are installed) uses: ./.github/actions/setup with: postgresql_version: ${{ matrix.psql }} - name: migrate to latest - run: poetry run python -m lifecycle.migrate + run: | + poetry install + poetry run python -m lifecycle.migrate test-unittest: name: test-unittest - PostgreSQL ${{ matrix.psql }} runs-on: ubuntu-latest diff --git a/authentik/core/templates/base/skeleton.html b/authentik/core/templates/base/skeleton.html index 50a40de66..85137cc42 100644 --- a/authentik/core/templates/base/skeleton.html +++ b/authentik/core/templates/base/skeleton.html @@ -13,7 +13,6 @@ {% block head_before %} {% endblock %} - diff --git a/authentik/core/templates/login/base_full.html b/authentik/core/templates/login/base_full.html index 4cbf5e8dc..c2dcd874b 100644 --- a/authentik/core/templates/login/base_full.html +++ b/authentik/core/templates/login/base_full.html @@ -6,6 +6,7 @@ {% block head_before %} + {% include "base/header_js.html" %} {% endblock %} diff --git a/web/src/common/styles/theme-dark.css b/web/src/common/styles/theme-dark.css index 30cda084a..530a7c218 100644 --- a/web/src/common/styles/theme-dark.css +++ b/web/src/common/styles/theme-dark.css @@ -310,6 +310,12 @@ select[multiple] option:checked { --pf-c-wizard__nav-link--before--BackgroundColor: transparent; } /* tree view */ +.pf-c-tree-view__node { + --pf-c-tree-view__node--Color: var(--ak-dark-foreground); +} +.pf-c-tree-view__node-toggle { + --pf-c-tree-view__node-toggle--Color: var(--ak-dark-foreground); +} .pf-c-tree-view__node:focus { --pf-c-tree-view__node--focus--BackgroundColor: var(--ak-dark-background-light-ish); } diff --git a/web/src/user/UserInterface.ts b/web/src/user/UserInterface.ts index fbd21d347..09b10d632 100644 --- a/web/src/user/UserInterface.ts +++ b/web/src/user/UserInterface.ts @@ -82,9 +82,9 @@ export class UserInterface extends Interface { :host([theme="dark"]) .pf-c-page__header { color: var(--ak-dark-foreground) !important; } - .pf-c-page__header-tools-item .fas, - .pf-c-notification-badge__count, - .pf-c-page__header-tools-group .pf-c-button { + :host([theme="light"]) .pf-c-page__header-tools-item .fas, + :host([theme="light"]) .pf-c-notification-badge__count, + :host([theme="light"]) .pf-c-page__header-tools-group .pf-c-button { color: var(--ak-global--Color--100) !important; } .pf-c-page { @@ -183,7 +183,7 @@ export class UserInterface extends Interface {
- ${this.uiConfig.theme.background === "" + ${(this.uiConfig.theme.background || "") === "" ? html`
` : html``}
diff --git a/web/xliff/fr.xlf b/web/xliff/fr.xlf index 2c647c773..e0976e5e8 100644 --- a/web/xliff/fr.xlf +++ b/web/xliff/fr.xlf @@ -1,4 +1,4 @@ - + @@ -613,9 +613,9 @@ Il y a jour(s) - The URL "" was not found. - L'URL " - " n'a pas été trouvée. + The URL "" was not found. + L'URL " + " n'a pas été trouvée. @@ -1057,8 +1057,8 @@ Il y a jour(s) - To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have. - Pour permettre n'importe quelle URI de redirection, définissez cette valeur sur ".*". Soyez conscient des possibles implications de sécurité que cela peut avoir. + To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have. + Pour permettre n'importe quelle URI de redirection, définissez cette valeur sur ".*". Soyez conscient des possibles implications de sécurité que cela peut avoir. @@ -1630,7 +1630,7 @@ Il y a jour(s) Token to authenticate with. Currently only bearer authentication is supported. - Jeton d'authentification à utiliser. Actuellement, seule l'authentification "bearer authentication" est prise en charge. + Jeton d'authentification à utiliser. Actuellement, seule l'authentification "bearer authentication" est prise en charge. @@ -1798,8 +1798,8 @@ Il y a jour(s) - Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test". - Entrez une URL complète, un chemin relatif ou utilisez 'fa://fa-test' pour utiliser l'icône Font Awesome "fa-test". + Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test". + Entrez une URL complète, un chemin relatif ou utilisez 'fa://fa-test' pour utiliser l'icône Font Awesome "fa-test". @@ -2897,7 +2897,7 @@ doesn't pass when either or both of the selected options are equal or above the To use SSL instead, use 'ldaps://' and disable this option. - Pour utiliser SSL à la base, utilisez "ldaps://" et désactviez cette option. + Pour utiliser SSL à la base, utilisez "ldaps://" et désactviez cette option. @@ -2986,8 +2986,8 @@ doesn't pass when either or both of the selected options are equal or above the - Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...' - Champ qui contient les membres d'un groupe. Si vous utilisez le champ "memberUid", la valeur est censée contenir un nom distinctif relatif, par exemple 'memberUid=un-utilisateur' au lieu de 'memberUid=cn=un-utilisateur,ou=groups,...' + Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...' + Champ qui contient les membres d'un groupe. Si vous utilisez le champ "memberUid", la valeur est censée contenir un nom distinctif relatif, par exemple 'memberUid=un-utilisateur' au lieu de 'memberUid=cn=un-utilisateur,ou=groups,...' @@ -3282,7 +3282,7 @@ doesn't pass when either or both of the selected options are equal or above the Time offset when temporary users should be deleted. This only applies if your IDP uses the NameID Format 'transient', and the user doesn't log out manually. - Moment où les utilisateurs temporaires doivent être supprimés. Cela ne s'applique que si votre IDP utilise le format NameID "transient" et que l'utilisateur ne se déconnecte pas manuellement. + Moment où les utilisateurs temporaires doivent être supprimés. Cela ne s'applique que si votre IDP utilise le format NameID "transient" et que l'utilisateur ne se déconnecte pas manuellement. @@ -3450,7 +3450,7 @@ doesn't pass when either or both of the selected options are equal or above the Optionally set the 'FriendlyName' value of the Assertion attribute. - Indiquer la valeur "FriendlyName" de l'attribut d'assertion (optionnel) + Indiquer la valeur "FriendlyName" de l'attribut d'assertion (optionnel) @@ -3779,8 +3779,8 @@ doesn't pass when either or both of the selected options are equal or above the - When using an external logging solution for archiving, this can be set to "minutes=5". - En cas d'utilisation d'une solution de journalisation externe pour l'archivage, cette valeur peut être fixée à "minutes=5". + When using an external logging solution for archiving, this can be set to "minutes=5". + En cas d'utilisation d'une solution de journalisation externe pour l'archivage, cette valeur peut être fixée à "minutes=5". @@ -3789,8 +3789,8 @@ doesn't pass when either or both of the selected options are equal or above the - Format: "weeks=3;days=2;hours=3,seconds=2". - Format : "weeks=3;days=2;hours=3,seconds=2". + Format: "weeks=3;days=2;hours=3,seconds=2". + Format : "weeks=3;days=2;hours=3,seconds=2". @@ -3986,10 +3986,10 @@ doesn't pass when either or both of the selected options are equal or above the - Are you sure you want to update ""? + Are you sure you want to update ""? Êtes-vous sûr de vouloir mettre à jour - " - " ? + " + " ? @@ -5075,8 +5075,8 @@ doesn't pass when either or both of the selected options are equal or above the - A "roaming" authenticator, like a YubiKey - Un authentificateur "itinérant", comme une YubiKey + A "roaming" authenticator, like a YubiKey + Un authentificateur "itinérant", comme une YubiKey @@ -5401,7 +5401,7 @@ doesn't pass when either or both of the selected options are equal or above the Show arbitrary input fields to the user, for example during enrollment. Data is saved in the flow context under the 'prompt_data' variable. - Afficher des champs de saisie arbitraires à l'utilisateur, par exemple pendant l'inscription. Les données sont enregistrées dans le contexte du flux sous la variable "prompt_data". + Afficher des champs de saisie arbitraires à l'utilisateur, par exemple pendant l'inscription. Les données sont enregistrées dans le contexte du flux sous la variable "prompt_data". @@ -5410,10 +5410,10 @@ doesn't pass when either or both of the selected options are equal or above the - ("", of type ) + ("", of type ) - (" - ", de type + (" + ", de type ) @@ -5462,8 +5462,8 @@ doesn't pass when either or both of the selected options are equal or above the - If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here. - Si défini à une durée supérieure à 0, l'utilisateur aura la possibilité de choisir de "rester connecté", ce qui prolongera sa session jusqu'à la durée spécifiée ici. + If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here. + Si défini à une durée supérieure à 0, l'utilisateur aura la possibilité de choisir de "rester connecté", ce qui prolongera sa session jusqu'à la durée spécifiée ici. @@ -6247,7 +6247,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti Can be in the format of 'unix://' when connecting to a local docker daemon, using 'ssh://' to connect via SSH, or 'https://:2376' when connecting to a remote system. - Peut être au format "unix://" pour une connexion à un service docker local, "ssh://" pour une connexion via SSH, ou "https://:2376" pour une connexion à un système distant. + Peut être au format "unix://" pour une connexion à un service docker local, "ssh://" pour une connexion via SSH, ou "https://:2376" pour une connexion à un système distant. @@ -7554,7 +7554,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti Use this provider with nginx's auth_request or traefik's forwardAuth. Each application/domain needs its own provider. Additionally, on each domain, /outpost.goauthentik.io must be routed to the outpost (when using a managed outpost, this is done for you). - Utilisez ce fournisseur avec l'option "auth_request" de Nginx ou "forwardAuth" de Traefik. Chaque application/domaine a besoin de son propre fournisseur. De plus, sur chaque domaine, "/outpost.goauthentik.io" doit être routé vers le poste avancé (lorsque vous utilisez un poste avancé géré, cela est fait pour vous). + Utilisez ce fournisseur avec l'option "auth_request" de Nginx ou "forwardAuth" de Traefik. Chaque application/domaine a besoin de son propre fournisseur. De plus, sur chaque domaine, "/outpost.goauthentik.io" doit être routé vers le poste avancé (lorsque vous utilisez un poste avancé géré, cela est fait pour vous). Default relay state @@ -7968,7 +7968,7 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti Utilisateur créé et ajouté au groupe avec succès - This user will be added to the group "". + This user will be added to the group "". Cet utilisateur sera ajouté au groupe &quot;&quot;. @@ -8045,4 +8045,4 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti - \ No newline at end of file +