From acac1972e60323607a57d74aaa9e1a767414f138 Mon Sep 17 00:00:00 2001 From: Luna Reed Date: Wed, 18 Feb 2026 02:01:29 +0800 Subject: [PATCH 01/88] fix(exec): terminate process tree on timeout --- pkg/tools/shell.go | 30 +++++++++++++- pkg/tools/shell_process_unix.go | 32 +++++++++++++++ pkg/tools/shell_process_windows.go | 27 ++++++++++++ pkg/tools/shell_timeout_unix_test.go | 61 ++++++++++++++++++++++++++++ 4 files changed, 148 insertions(+), 2 deletions(-) create mode 100644 pkg/tools/shell_process_unix.go create mode 100644 pkg/tools/shell_process_windows.go create mode 100644 pkg/tools/shell_timeout_unix_test.go diff --git a/pkg/tools/shell.go b/pkg/tools/shell.go index 713850f97..11a1d59da 100644 --- a/pkg/tools/shell.go +++ b/pkg/tools/shell.go @@ -3,6 +3,7 @@ package tools import ( "bytes" "context" + "errors" "fmt" "os" "os/exec" @@ -109,18 +110,43 @@ func (t *ExecTool) Execute(ctx context.Context, args map[string]interface{}) *To cmd.Dir = cwd } + prepareCommandForTermination(cmd) + var stdout, stderr bytes.Buffer cmd.Stdout = &stdout cmd.Stderr = &stderr - err := cmd.Run() + if err := cmd.Start(); err != nil { + return ErrorResult(fmt.Sprintf("failed to start command: %v", err)) + } + + done := make(chan error, 1) + go func() { + done <- cmd.Wait() + }() + + var err error + select { + case err = <-done: + case <-cmdCtx.Done(): + _ = terminateProcessTree(cmd) + select { + case err = <-done: + case <-time.After(2 * time.Second): + if cmd.Process != nil { + _ = cmd.Process.Kill() + } + err = <-done + } + } + output := stdout.String() if stderr.Len() > 0 { output += "\nSTDERR:\n" + stderr.String() } if err != nil { - if cmdCtx.Err() == context.DeadlineExceeded { + if errors.Is(cmdCtx.Err(), context.DeadlineExceeded) { msg := fmt.Sprintf("Command timed out after %v", t.timeout) return &ToolResult{ ForLLM: msg, diff --git a/pkg/tools/shell_process_unix.go b/pkg/tools/shell_process_unix.go new file mode 100644 index 000000000..7b29a81bf --- /dev/null +++ b/pkg/tools/shell_process_unix.go @@ -0,0 +1,32 @@ +//go:build !windows + +package tools + +import ( + "os/exec" + "syscall" +) + +func prepareCommandForTermination(cmd *exec.Cmd) { + if cmd == nil { + return + } + cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true} +} + +func terminateProcessTree(cmd *exec.Cmd) error { + if cmd == nil || cmd.Process == nil { + return nil + } + + pid := cmd.Process.Pid + if pid <= 0 { + return nil + } + + // Kill the entire process group spawned by the shell command. + _ = syscall.Kill(-pid, syscall.SIGKILL) + // Fallback kill on the shell process itself. + _ = cmd.Process.Kill() + return nil +} diff --git a/pkg/tools/shell_process_windows.go b/pkg/tools/shell_process_windows.go new file mode 100644 index 000000000..fe23b5c96 --- /dev/null +++ b/pkg/tools/shell_process_windows.go @@ -0,0 +1,27 @@ +//go:build windows + +package tools + +import ( + "os/exec" + "strconv" +) + +func prepareCommandForTermination(cmd *exec.Cmd) { + // no-op on Windows +} + +func terminateProcessTree(cmd *exec.Cmd) error { + if cmd == nil || cmd.Process == nil { + return nil + } + + pid := cmd.Process.Pid + if pid <= 0 { + return nil + } + + _ = exec.Command("taskkill", "/T", "/F", "/PID", strconv.Itoa(pid)).Run() + _ = cmd.Process.Kill() + return nil +} diff --git a/pkg/tools/shell_timeout_unix_test.go b/pkg/tools/shell_timeout_unix_test.go new file mode 100644 index 000000000..4c6388b9b --- /dev/null +++ b/pkg/tools/shell_timeout_unix_test.go @@ -0,0 +1,61 @@ +//go:build !windows + +package tools + +import ( + "context" + "os" + "path/filepath" + "strconv" + "strings" + "syscall" + "testing" + "time" +) + +func processExists(pid int) bool { + if pid <= 0 { + return false + } + err := syscall.Kill(pid, 0) + return err == nil || err == syscall.EPERM +} + +func TestShellTool_TimeoutKillsChildProcess(t *testing.T) { + tool := NewExecTool(t.TempDir(), false) + tool.SetTimeout(500 * time.Millisecond) + + args := map[string]interface{}{ + // Spawn a child process that would outlive the shell unless process-group kill is used. + "command": "sleep 60 & echo $! > child.pid; wait", + } + + result := tool.Execute(context.Background(), args) + if !result.IsError { + t.Fatalf("expected timeout error, got success: %s", result.ForLLM) + } + if !strings.Contains(result.ForLLM, "timed out") { + t.Fatalf("expected timeout message, got: %s", result.ForLLM) + } + + childPIDPath := filepath.Join(tool.workingDir, "child.pid") + data, err := os.ReadFile(childPIDPath) + if err != nil { + t.Fatalf("failed to read child pid file: %v", err) + } + + childPID, err := strconv.Atoi(strings.TrimSpace(string(data))) + if err != nil { + t.Fatalf("failed to parse child pid: %v", err) + } + + deadline := time.Now().Add(2 * time.Second) + for time.Now().Before(deadline) { + if !processExists(childPID) { + return + } + time.Sleep(50 * time.Millisecond) + } + + t.Fatalf("child process %d is still running after timeout", childPID) +} From 9e120f90ea4dcda6a4323850b6e169514e71a3ca Mon Sep 17 00:00:00 2001 From: Artem Yadelskyi Date: Wed, 18 Feb 2026 21:48:23 +0200 Subject: [PATCH 02/88] feat(fmt): Run formatters --- .github/workflows/pr.yml | 20 -- .golangci.yaml | 9 +- Makefile | 11 +- cmd/picoclaw/main.go | 40 ++-- pkg/agent/context.go | 32 ++-- pkg/agent/instance.go | 2 +- pkg/agent/loop.go | 112 ++++++++---- pkg/agent/loop_test.go | 46 +++-- pkg/agent/memory.go | 8 +- pkg/agent/registry.go | 2 +- pkg/agent/registry_test.go | 8 +- pkg/auth/oauth.go | 17 +- pkg/auth/oauth_test.go | 26 +-- pkg/auth/store.go | 4 +- pkg/auth/store_test.go | 2 +- pkg/channels/base.go | 4 +- pkg/channels/dingtalk.go | 12 +- pkg/channels/discord.go | 5 +- pkg/channels/feishu_32.go | 4 +- pkg/channels/feishu_64.go | 6 +- pkg/channels/line.go | 36 ++-- pkg/channels/maixcam.go | 26 +-- pkg/channels/manager.go | 40 ++-- pkg/channels/onebot.go | 67 +++---- pkg/channels/qq.go | 10 +- pkg/channels/slack.go | 22 +-- pkg/channels/telegram.go | 32 ++-- pkg/channels/telegram_commands.go | 3 + pkg/channels/whatsapp.go | 8 +- pkg/config/config.go | 112 ++++++------ pkg/config/config_test.go | 4 +- pkg/cron/service.go | 16 +- pkg/cron/service_test.go | 2 +- pkg/devices/service.go | 8 +- pkg/devices/sources/usb_linux.go | 2 +- pkg/heartbeat/service.go | 6 +- pkg/heartbeat/service_test.go | 8 +- pkg/logger/logger.go | 38 ++-- pkg/logger/logger_test.go | 10 +- pkg/migrate/config.go | 38 ++-- pkg/migrate/migrate.go | 14 +- pkg/migrate/migrate_test.go | 172 +++++++++--------- pkg/providers/anthropic/provider.go | 38 ++-- pkg/providers/anthropic/provider_test.go | 55 ++++-- pkg/providers/claude_cli_provider.go | 8 +- .../claude_cli_provider_integration_test.go | 2 - pkg/providers/claude_cli_provider_test.go | 19 +- pkg/providers/claude_provider.go | 8 +- pkg/providers/claude_provider_test.go | 13 +- pkg/providers/codex_cli_credentials.go | 4 +- pkg/providers/codex_cli_credentials_test.go | 16 +- pkg/providers/codex_cli_provider.go | 8 +- .../codex_cli_provider_integration_test.go | 2 - pkg/providers/codex_cli_provider_test.go | 12 +- pkg/providers/codex_provider.go | 63 ++++--- pkg/providers/codex_provider_test.go | 111 +++++------ pkg/providers/fallback.go | 6 +- pkg/providers/fallback_test.go | 8 +- pkg/providers/github_copilot_provider.go | 16 +- pkg/providers/http_provider.go | 4 +- pkg/providers/openai_compat/provider.go | 32 ++-- pkg/providers/openai_compat/provider_test.go | 56 +++--- pkg/providers/protocoltypes/types.go | 16 +- pkg/providers/tool_call_extract.go | 2 +- pkg/providers/types.go | 24 ++- pkg/session/manager.go | 4 +- pkg/skills/installer.go | 4 +- pkg/state/state.go | 4 +- pkg/state/state_test.go | 2 +- pkg/tools/base.go | 10 +- pkg/tools/cron.go | 38 ++-- pkg/tools/edit.go | 34 ++-- pkg/tools/edit_test.go | 32 ++-- pkg/tools/filesystem.go | 36 ++-- pkg/tools/filesystem_test.go | 38 ++-- pkg/tools/i2c.go | 32 ++-- pkg/tools/i2c_linux.go | 20 +- pkg/tools/i2c_other.go | 6 +- pkg/tools/message.go | 14 +- pkg/tools/message_test.go | 20 +- pkg/tools/registry.go | 30 +-- pkg/tools/result_test.go | 2 +- pkg/tools/shell.go | 12 +- pkg/tools/shell_test.go | 26 +-- pkg/tools/spawn.go | 14 +- pkg/tools/spi.go | 32 ++-- pkg/tools/spi_linux.go | 14 +- pkg/tools/spi_other.go | 4 +- pkg/tools/subagent.go | 32 +++- pkg/tools/subagent_tool_test.go | 26 ++- pkg/tools/toolloop.go | 7 +- pkg/tools/types.go | 24 ++- pkg/tools/web.go | 48 +++-- pkg/tools/web_test.go | 26 +-- pkg/utils/media.go | 17 +- pkg/voice/transcriber.go | 40 ++-- 96 files changed, 1239 insertions(+), 976 deletions(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 55bf77e00..27782ced2 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -24,29 +24,10 @@ jobs: with: version: v2.10.1 - # TODO: Remove once linter is properly configured - fmt-check: - name: Formatting - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v6 - - - name: Setup Go - uses: actions/setup-go@v6 - with: - go-version-file: go.mod - - - name: Check formatting - run: | - make fmt - git diff --exit-code || (echo "::error::Code is not formatted. Run 'make fmt' and commit the changes." && exit 1) - # TODO: Remove once linter is properly configured vet: name: Vet runs-on: ubuntu-latest - needs: fmt-check steps: - name: Checkout uses: actions/checkout@v6 @@ -65,7 +46,6 @@ jobs: test: name: Tests runs-on: ubuntu-latest - needs: fmt-check steps: - name: Checkout uses: actions/checkout@v6 diff --git a/.golangci.yaml b/.golangci.yaml index 80e54ac1c..6dafb6b56 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -160,12 +160,11 @@ issues: formatters: enable: + - gci + - gofmt + - gofumpt - goimports - # TODO: Disabled, because they are failing at the moment, we should fix them and enable (step by step) - # - gci - # - gofmt - # - gofumpt - # - golines + - golines settings: gci: sections: diff --git a/Makefile b/Makefile index ff280e3e4..a5ad4a02d 100644 --- a/Makefile +++ b/Makefile @@ -17,6 +17,9 @@ LDFLAGS=-ldflags "-X main.version=$(VERSION) -X main.gitCommit=$(GIT_COMMIT) -X GO?=go GOFLAGS?=-v -tags stdjson +# Golangci-lint +GOLANGCI_LINT?=golangci-lint + # Installation INSTALL_PREFIX?=$(HOME)/.local INSTALL_BIN_DIR=$(INSTALL_PREFIX)/bin @@ -126,13 +129,17 @@ clean: vet: @$(GO) vet ./... -## fmt: Format Go code +## test: Test Go code test: @$(GO) test ./... ## fmt: Format Go code fmt: - @$(GO) fmt ./... + @$(GOLANGCI_LINT) fmt + +## lint: Run linters +lint: + @$(GOLANGCI_LINT) run ## deps: Download dependencies deps: diff --git a/cmd/picoclaw/main.go b/cmd/picoclaw/main.go index 128f8c421..5cd8039dd 100644 --- a/cmd/picoclaw/main.go +++ b/cmd/picoclaw/main.go @@ -22,6 +22,7 @@ import ( "time" "github.com/chzyer/readline" + "github.com/sipeed/picoclaw/pkg/agent" "github.com/sipeed/picoclaw/pkg/auth" "github.com/sipeed/picoclaw/pkg/bus" @@ -248,7 +249,7 @@ func onboard() { func copyEmbeddedToTarget(targetDir string) error { // Ensure target directory exists - if err := os.MkdirAll(targetDir, 0755); err != nil { + if err := os.MkdirAll(targetDir, 0o755); err != nil { return fmt.Errorf("Failed to create target directory: %w", err) } @@ -278,12 +279,12 @@ func copyEmbeddedToTarget(targetDir string) error { targetPath := filepath.Join(targetDir, new_path) // Ensure target file's directory exists - if err := os.MkdirAll(filepath.Dir(targetPath), 0755); err != nil { + if err := os.MkdirAll(filepath.Dir(targetPath), 0o755); err != nil { return fmt.Errorf("Failed to create directory %s: %w", filepath.Dir(targetPath), err) } // Write file - if err := os.WriteFile(targetPath, data, 0644); err != nil { + if err := os.WriteFile(targetPath, data, 0o644); err != nil { return fmt.Errorf("Failed to write file %s: %w", targetPath, err) } @@ -411,10 +412,10 @@ func agentCmd() { // Print agent startup info (only for interactive mode) startupInfo := agentLoop.GetStartupInfo() logger.InfoCF("agent", "Agent initialized", - map[string]interface{}{ - "tools_count": startupInfo["tools"].(map[string]interface{})["count"], - "skills_total": startupInfo["skills"].(map[string]interface{})["total"], - "skills_available": startupInfo["skills"].(map[string]interface{})["available"], + map[string]any{ + "tools_count": startupInfo["tools"].(map[string]any)["count"], + "skills_total": startupInfo["skills"].(map[string]any)["total"], + "skills_available": startupInfo["skills"].(map[string]any)["available"], }) if message != "" { @@ -441,7 +442,6 @@ func interactiveMode(agentLoop *agent.AgentLoop, sessionKey string) { InterruptPrompt: "^C", EOFPrompt: "exit", }) - if err != nil { fmt.Printf("Error initializing readline: %v\n", err) fmt.Println("Falling back to simple input mode...") @@ -546,8 +546,8 @@ func gatewayCmd() { // Print agent startup info fmt.Println("\nšŸ“¦ Agent Status:") startupInfo := agentLoop.GetStartupInfo() - toolsInfo := startupInfo["tools"].(map[string]interface{}) - skillsInfo := startupInfo["skills"].(map[string]interface{}) + toolsInfo := startupInfo["tools"].(map[string]any) + skillsInfo := startupInfo["skills"].(map[string]any) fmt.Printf(" ā€¢ Tools: %d loaded\n", toolsInfo["count"]) fmt.Printf(" ā€¢ Skills: %d/%d available\n", skillsInfo["available"], @@ -555,7 +555,7 @@ func gatewayCmd() { // Log to file as well logger.InfoCF("agent", "Agent initialized", - map[string]interface{}{ + map[string]any{ "tools_count": toolsInfo["count"], "skills_total": skillsInfo["total"], "skills_available": skillsInfo["available"], @@ -563,7 +563,14 @@ func gatewayCmd() { // Setup cron tool and service execTimeout := time.Duration(cfg.Tools.Cron.ExecTimeoutMinutes) * time.Minute - cronService := setupCronTool(agentLoop, msgBus, cfg.WorkspacePath(), cfg.Agents.Defaults.RestrictToWorkspace, execTimeout, cfg) + cronService := setupCronTool( + agentLoop, + msgBus, + cfg.WorkspacePath(), + cfg.Agents.Defaults.RestrictToWorkspace, + execTimeout, + cfg, + ) heartbeatService := heartbeat.NewHeartbeatService( cfg.WorkspacePath(), @@ -667,7 +674,7 @@ func gatewayCmd() { healthServer := health.NewServer(cfg.Gateway.Host, cfg.Gateway.Port) go func() { if err := healthServer.Start(); err != nil && err != http.ErrServerClosed { - logger.ErrorCF("health", "Health server error", map[string]interface{}{"error": err.Error()}) + logger.ErrorCF("health", "Health server error", map[string]any{"error": err.Error()}) } }() fmt.Printf("āœ“ Health endpoints available at http://%s:%d/health and /ready\n", cfg.Gateway.Host, cfg.Gateway.Port) @@ -988,7 +995,10 @@ func getConfigPath() string { return filepath.Join(home, ".picoclaw", "config.json") } -func setupCronTool(agentLoop *agent.AgentLoop, msgBus *bus.MessageBus, workspace string, restrict bool, execTimeout time.Duration, config *config.Config) *cron.CronService { +func setupCronTool( + agentLoop *agent.AgentLoop, msgBus *bus.MessageBus, workspace string, restrict bool, execTimeout time.Duration, + config *config.Config, +) *cron.CronService { cronStorePath := filepath.Join(workspace, "cron", "jobs.json") // Create cron service @@ -1315,7 +1325,7 @@ func skillsInstallBuiltinCmd(workspace string) { continue } - if err := os.MkdirAll(workspacePath, 0755); err != nil { + if err := os.MkdirAll(workspacePath, 0o755); err != nil { fmt.Printf("āœ— Failed to create directory for %s: %v\n", skillName, err) continue } diff --git a/pkg/agent/context.go b/pkg/agent/context.go index cf5ce2913..9abb3e5af 100644 --- a/pkg/agent/context.go +++ b/pkg/agent/context.go @@ -96,7 +96,9 @@ func (cb *ContextBuilder) buildToolsSection() string { var sb strings.Builder sb.WriteString("## Available Tools\n\n") - sb.WriteString("**CRITICAL**: You MUST use tools to perform actions. Do NOT pretend to execute commands or schedule tasks.\n\n") + sb.WriteString( + "**CRITICAL**: You MUST use tools to perform actions. Do NOT pretend to execute commands or schedule tasks.\n\n", + ) sb.WriteString("You have access to the following tools:\n\n") for _, s := range summaries { sb.WriteString(s) @@ -157,7 +159,9 @@ func (cb *ContextBuilder) LoadBootstrapFiles() string { return result } -func (cb *ContextBuilder) BuildMessages(history []providers.Message, summary string, currentMessage string, media []string, channel, chatID string) []providers.Message { +func (cb *ContextBuilder) BuildMessages( + history []providers.Message, summary string, currentMessage string, media []string, channel, chatID string, +) []providers.Message { messages := []providers.Message{} systemPrompt := cb.BuildSystemPrompt() @@ -169,7 +173,7 @@ func (cb *ContextBuilder) BuildMessages(history []providers.Message, summary str // Log system prompt summary for debugging (debug mode only) logger.DebugCF("agent", "System prompt built", - map[string]interface{}{ + map[string]any{ "total_chars": len(systemPrompt), "total_lines": strings.Count(systemPrompt, "\n") + 1, "section_count": strings.Count(systemPrompt, "\n\n---\n\n") + 1, @@ -181,7 +185,7 @@ func (cb *ContextBuilder) BuildMessages(history []providers.Message, summary str preview = preview[:500] + "... (truncated)" } logger.DebugCF("agent", "System prompt preview", - map[string]interface{}{ + map[string]any{ "preview": preview, }) @@ -189,15 +193,15 @@ func (cb *ContextBuilder) BuildMessages(history []providers.Message, summary str systemPrompt += "\n\n## Summary of Previous Conversation\n\n" + summary } - //This fix prevents the session memory from LLM failure due to elimination of toolu_IDs required from LLM + // This fix prevents the session memory from LLM failure due to elimination of toolu_IDs required from LLM // --- INICIO DEL FIX --- - //Diegox-17 + // Diegox-17 for len(history) > 0 && (history[0].Role == "tool") { logger.DebugCF("agent", "Removing orphaned tool message from history to prevent LLM error", - map[string]interface{}{"role": history[0].Role}) + map[string]any{"role": history[0].Role}) history = history[1:] } - //Diegox-17 + // Diegox-17 // --- FIN DEL FIX --- messages = append(messages, providers.Message{ @@ -215,7 +219,9 @@ func (cb *ContextBuilder) BuildMessages(history []providers.Message, summary str return messages } -func (cb *ContextBuilder) AddToolResult(messages []providers.Message, toolCallID, toolName, result string) []providers.Message { +func (cb *ContextBuilder) AddToolResult( + messages []providers.Message, toolCallID, toolName, result string, +) []providers.Message { messages = append(messages, providers.Message{ Role: "tool", Content: result, @@ -224,7 +230,9 @@ func (cb *ContextBuilder) AddToolResult(messages []providers.Message, toolCallID return messages } -func (cb *ContextBuilder) AddAssistantMessage(messages []providers.Message, content string, toolCalls []map[string]interface{}) []providers.Message { +func (cb *ContextBuilder) AddAssistantMessage( + messages []providers.Message, content string, toolCalls []map[string]any, +) []providers.Message { msg := providers.Message{ Role: "assistant", Content: content, @@ -254,13 +262,13 @@ func (cb *ContextBuilder) loadSkills() string { } // GetSkillsInfo returns information about loaded skills. -func (cb *ContextBuilder) GetSkillsInfo() map[string]interface{} { +func (cb *ContextBuilder) GetSkillsInfo() map[string]any { allSkills := cb.skillsLoader.ListSkills() skillNames := make([]string, 0, len(allSkills)) for _, s := range allSkills { skillNames = append(skillNames, s.Name) } - return map[string]interface{}{ + return map[string]any{ "total": len(allSkills), "available": len(allSkills), "names": skillNames, diff --git a/pkg/agent/instance.go b/pkg/agent/instance.go index 54a5396e7..4b380cbc5 100644 --- a/pkg/agent/instance.go +++ b/pkg/agent/instance.go @@ -39,7 +39,7 @@ func NewAgentInstance( provider providers.LLMProvider, ) *AgentInstance { workspace := resolveAgentWorkspace(agentCfg, defaults) - os.MkdirAll(workspace, 0755) + os.MkdirAll(workspace, 0o755) model := resolveAgentModel(agentCfg, defaults) fallbacks := resolveAgentFallbacks(agentCfg, defaults) diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index ed69712ff..9b0926e61 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -79,7 +79,9 @@ func NewAgentLoop(cfg *config.Config, msgBus *bus.MessageBus, provider providers } // registerSharedTools registers tools that are shared across all agents (web, message, spawn). -func registerSharedTools(cfg *config.Config, msgBus *bus.MessageBus, registry *AgentRegistry, provider providers.LLMProvider) { +func registerSharedTools( + cfg *config.Config, msgBus *bus.MessageBus, registry *AgentRegistry, provider providers.LLMProvider, +) { for _, agentID := range registry.ListAgentIDs() { agent, ok := registry.GetAgent(agentID) if !ok { @@ -215,7 +217,9 @@ func (al *AgentLoop) ProcessDirect(ctx context.Context, content, sessionKey stri return al.ProcessDirectWithChannel(ctx, content, sessionKey, "cli", "direct") } -func (al *AgentLoop) ProcessDirectWithChannel(ctx context.Context, content, sessionKey, channel, chatID string) (string, error) { +func (al *AgentLoop) ProcessDirectWithChannel( + ctx context.Context, content, sessionKey, channel, chatID string, +) (string, error) { msg := bus.InboundMessage{ Channel: channel, SenderID: "cron", @@ -252,7 +256,7 @@ func (al *AgentLoop) processMessage(ctx context.Context, msg bus.InboundMessage) logContent = utils.Truncate(msg.Content, 80) } logger.InfoCF("agent", fmt.Sprintf("Processing message from %s:%s: %s", msg.Channel, msg.SenderID, logContent), - map[string]interface{}{ + map[string]any{ "channel": msg.Channel, "chat_id": msg.ChatID, "sender_id": msg.SenderID, @@ -291,7 +295,7 @@ func (al *AgentLoop) processMessage(ctx context.Context, msg bus.InboundMessage) } logger.InfoCF("agent", "Routed message", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "session_key": sessionKey, "matched_by": route.MatchedBy, @@ -314,7 +318,7 @@ func (al *AgentLoop) processSystemMessage(ctx context.Context, msg bus.InboundMe } logger.InfoCF("agent", "Processing system message", - map[string]interface{}{ + map[string]any{ "sender_id": msg.SenderID, "chat_id": msg.ChatID, }) @@ -339,7 +343,7 @@ func (al *AgentLoop) processSystemMessage(ctx context.Context, msg bus.InboundMe // Skip internal channels - only log, don't send to user if constants.IsInternalChannel(originChannel) { logger.InfoCF("agent", "Subagent completed (internal channel)", - map[string]interface{}{ + map[string]any{ "sender_id": msg.SenderID, "content_len": len(content), "channel": originChannel, @@ -372,7 +376,7 @@ func (al *AgentLoop) runAgentLoop(ctx context.Context, agent *AgentInstance, opt if !constants.IsInternalChannel(opts.Channel) { channelKey := fmt.Sprintf("%s:%s", opts.Channel, opts.ChatID) if err := al.RecordLastChannel(channelKey); err != nil { - logger.WarnCF("agent", "Failed to record last channel", map[string]interface{}{"error": err.Error()}) + logger.WarnCF("agent", "Failed to record last channel", map[string]any{"error": err.Error()}) } } } @@ -434,7 +438,7 @@ func (al *AgentLoop) runAgentLoop(ctx context.Context, agent *AgentInstance, opt // 9. Log response responsePreview := utils.Truncate(finalContent, 120) logger.InfoCF("agent", fmt.Sprintf("Response: %s", responsePreview), - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "session_key": opts.SessionKey, "iterations": iteration, @@ -445,7 +449,9 @@ func (al *AgentLoop) runAgentLoop(ctx context.Context, agent *AgentInstance, opt } // runLLMIteration executes the LLM call loop with tool handling. -func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, messages []providers.Message, opts processOptions) (string, int, error) { +func (al *AgentLoop) runLLMIteration( + ctx context.Context, agent *AgentInstance, messages []providers.Message, opts processOptions, +) (string, int, error) { iteration := 0 var finalContent string @@ -453,7 +459,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, iteration++ logger.DebugCF("agent", "LLM iteration", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "max": agent.MaxIterations, @@ -464,7 +470,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, // Log LLM request details logger.DebugCF("agent", "LLM request", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "model": agent.Model, @@ -477,7 +483,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, // Log full messages (detailed) logger.DebugCF("agent", "Full LLM request", - map[string]interface{}{ + map[string]any{ "iteration": iteration, "messages_json": formatMessagesForLog(messages), "tools_json": formatToolsForLog(providerToolDefs), @@ -491,7 +497,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if len(agent.Candidates) > 1 && al.fallback != nil { fbResult, fbErr := al.fallback.Execute(ctx, agent.Candidates, func(ctx context.Context, provider, model string) (*providers.LLMResponse, error) { - return agent.Provider.Chat(ctx, messages, providerToolDefs, model, map[string]interface{}{ + return agent.Provider.Chat(ctx, messages, providerToolDefs, model, map[string]any{ "max_tokens": 8192, "temperature": 0.7, }) @@ -503,11 +509,11 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if fbResult.Provider != "" && len(fbResult.Attempts) > 0 { logger.InfoCF("agent", fmt.Sprintf("Fallback: succeeded with %s/%s after %d attempts", fbResult.Provider, fbResult.Model, len(fbResult.Attempts)+1), - map[string]interface{}{"agent_id": agent.ID, "iteration": iteration}) + map[string]any{"agent_id": agent.ID, "iteration": iteration}) } return fbResult.Response, nil } - return agent.Provider.Chat(ctx, messages, providerToolDefs, agent.Model, map[string]interface{}{ + return agent.Provider.Chat(ctx, messages, providerToolDefs, agent.Model, map[string]any{ "max_tokens": 8192, "temperature": 0.7, }) @@ -528,7 +534,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, strings.Contains(errMsg, "length") if isContextError && retry < maxRetries { - logger.WarnCF("agent", "Context window error detected, attempting compression", map[string]interface{}{ + logger.WarnCF("agent", "Context window error detected, attempting compression", map[string]any{ "error": err.Error(), "retry": retry, }) @@ -555,7 +561,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if err != nil { logger.ErrorCF("agent", "LLM call failed", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "error": err.Error(), @@ -567,7 +573,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if len(response.ToolCalls) == 0 { finalContent = response.Content logger.InfoCF("agent", "LLM response without tool calls (direct answer)", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "content_chars": len(finalContent), @@ -581,7 +587,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, toolNames = append(toolNames, tc.Name) } logger.InfoCF("agent", "LLM requested tool calls", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "tools": toolNames, "count": len(response.ToolCalls), @@ -614,7 +620,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, argsJSON, _ := json.Marshal(tc.Arguments) argsPreview := utils.Truncate(string(argsJSON), 200) logger.InfoCF("agent", fmt.Sprintf("Tool call: %s(%s)", tc.Name, argsPreview), - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "tool": tc.Name, "iteration": iteration, @@ -629,14 +635,16 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, // The agent will handle user notification via processSystemMessage if !result.Silent && result.ForUser != "" { logger.InfoCF("agent", "Async tool completed, agent will handle notification", - map[string]interface{}{ + map[string]any{ "tool": tc.Name, "content_len": len(result.ForUser), }) } } - toolResult := agent.Tools.ExecuteWithContext(ctx, tc.Name, tc.Arguments, opts.Channel, opts.ChatID, asyncCallback) + toolResult := agent.Tools.ExecuteWithContext( + ctx, tc.Name, tc.Arguments, opts.Channel, opts.ChatID, asyncCallback, + ) // Send ForUser content to user immediately if not Silent if !toolResult.Silent && toolResult.ForUser != "" && opts.SendResponse { @@ -646,7 +654,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, Content: toolResult.ForUser, }) logger.DebugCF("agent", "Sent tool result to user", - map[string]interface{}{ + map[string]any{ "tool": tc.Name, "content_len": len(toolResult.ForUser), }) @@ -752,7 +760,10 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { newHistory = append(newHistory, history[0]) // System prompt // Add a note about compression - compressionNote := fmt.Sprintf("[System: Emergency compression dropped %d oldest messages due to context limit]", droppedCount) + compressionNote := fmt.Sprintf( + "[System: Emergency compression dropped %d oldest messages due to context limit]", + droppedCount, + ) // If there was an existing summary, we might lose it if it was in the dropped part (which is just messages). // The summary is stored separately in session.Summary, so it persists! // We just need to ensure the user knows there's a gap. @@ -770,7 +781,7 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { agent.Sessions.SetHistory(sessionKey, newHistory) agent.Sessions.Save(sessionKey) - logger.WarnCF("agent", "Forced compression executed", map[string]interface{}{ + logger.WarnCF("agent", "Forced compression executed", map[string]any{ "session_key": sessionKey, "dropped_msgs": droppedCount, "new_count": len(newHistory), @@ -778,8 +789,8 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { } // GetStartupInfo returns information about loaded tools and skills for logging. -func (al *AgentLoop) GetStartupInfo() map[string]interface{} { - info := make(map[string]interface{}) +func (al *AgentLoop) GetStartupInfo() map[string]any { + info := make(map[string]any) agent := al.registry.GetDefaultAgent() if agent == nil { @@ -788,7 +799,7 @@ func (al *AgentLoop) GetStartupInfo() map[string]interface{} { // Tools info toolsList := agent.Tools.List() - info["tools"] = map[string]interface{}{ + info["tools"] = map[string]any{ "count": len(toolsList), "names": toolsList, } @@ -797,7 +808,7 @@ func (al *AgentLoop) GetStartupInfo() map[string]interface{} { info["skills"] = agent.ContextBuilder.GetSkillsInfo() // Agents info - info["agents"] = map[string]interface{}{ + info["agents"] = map[string]any{ "count": len(al.registry.ListAgentIDs()), "ids": al.registry.ListAgentIDs(), } @@ -849,7 +860,10 @@ func formatToolsForLog(tools []providers.ToolDefinition) string { result += fmt.Sprintf(" [%d] Type: %s, Name: %s\n", i, tool.Type, tool.Function.Name) result += fmt.Sprintf(" Description: %s\n", tool.Function.Description) if len(tool.Function.Parameters) > 0 { - result += fmt.Sprintf(" Parameters: %s\n", utils.Truncate(fmt.Sprintf("%v", tool.Function.Parameters), 200)) + result += fmt.Sprintf( + " Parameters: %s\n", + utils.Truncate(fmt.Sprintf("%v", tool.Function.Parameters), 200), + ) } } result += "]" @@ -902,11 +916,21 @@ func (al *AgentLoop) summarizeSession(agent *AgentInstance, sessionKey string) { s1, _ := al.summarizeBatch(ctx, agent, part1, "") s2, _ := al.summarizeBatch(ctx, agent, part2, "") - mergePrompt := fmt.Sprintf("Merge these two conversation summaries into one cohesive summary:\n\n1: %s\n\n2: %s", s1, s2) - resp, err := agent.Provider.Chat(ctx, []providers.Message{{Role: "user", Content: mergePrompt}}, nil, agent.Model, map[string]interface{}{ - "max_tokens": 1024, - "temperature": 0.3, - }) + mergePrompt := fmt.Sprintf( + "Merge these two conversation summaries into one cohesive summary:\n\n1: %s\n\n2: %s", + s1, + s2, + ) + resp, err := agent.Provider.Chat( + ctx, + []providers.Message{{Role: "user", Content: mergePrompt}}, + nil, + agent.Model, + map[string]any{ + "max_tokens": 1024, + "temperature": 0.3, + }, + ) if err == nil { finalSummary = resp.Content } else { @@ -928,7 +952,9 @@ func (al *AgentLoop) summarizeSession(agent *AgentInstance, sessionKey string) { } // summarizeBatch summarizes a batch of messages. -func (al *AgentLoop) summarizeBatch(ctx context.Context, agent *AgentInstance, batch []providers.Message, existingSummary string) (string, error) { +func (al *AgentLoop) summarizeBatch( + ctx context.Context, agent *AgentInstance, batch []providers.Message, existingSummary string, +) (string, error) { prompt := "Provide a concise summary of this conversation segment, preserving core context and key points.\n" if existingSummary != "" { prompt += "Existing context: " + existingSummary + "\n" @@ -938,10 +964,16 @@ func (al *AgentLoop) summarizeBatch(ctx context.Context, agent *AgentInstance, b prompt += fmt.Sprintf("%s: %s\n", m.Role, m.Content) } - response, err := agent.Provider.Chat(ctx, []providers.Message{{Role: "user", Content: prompt}}, nil, agent.Model, map[string]interface{}{ - "max_tokens": 1024, - "temperature": 0.3, - }) + response, err := agent.Provider.Chat( + ctx, + []providers.Message{{Role: "user", Content: prompt}}, + nil, + agent.Model, + map[string]any{ + "max_tokens": 1024, + "temperature": 0.3, + }, + ) if err != nil { return "", err } diff --git a/pkg/agent/loop_test.go b/pkg/agent/loop_test.go index f2257973c..fc026bef4 100644 --- a/pkg/agent/loop_test.go +++ b/pkg/agent/loop_test.go @@ -17,7 +17,10 @@ import ( // mockProvider is a simple mock LLM provider for testing type mockProvider struct{} -func (m *mockProvider) Chat(ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, opts map[string]interface{}) (*providers.LLMResponse, error) { +func (m *mockProvider) Chat( + ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, + opts map[string]any, +) (*providers.LLMResponse, error) { return &providers.LLMResponse{ Content: "Mock response", ToolCalls: []providers.ToolCall{}, @@ -185,7 +188,7 @@ func TestToolRegistry_ToolRegistration(t *testing.T) { // Verify tool is registered by checking it doesn't panic on GetStartupInfo // (actual tool retrieval is tested in tools package tests) info := al.GetStartupInfo() - toolsInfo := info["tools"].(map[string]interface{}) + toolsInfo := info["tools"].(map[string]any) toolsList := toolsInfo["names"].([]string) // Check that our custom tool name is in the list @@ -260,7 +263,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { al.RegisterTool(testTool) info := al.GetStartupInfo() - toolsInfo := info["tools"].(map[string]interface{}) + toolsInfo := info["tools"].(map[string]any) toolsList := toolsInfo["names"].([]string) // Check that our custom tool name is in the list @@ -307,7 +310,7 @@ func TestAgentLoop_GetStartupInfo(t *testing.T) { t.Fatal("Expected 'tools' key in startup info") } - toolsMap, ok := toolsInfo.(map[string]interface{}) + toolsMap, ok := toolsInfo.(map[string]any) if !ok { t.Fatal("Expected 'tools' to be a map") } @@ -363,7 +366,10 @@ type simpleMockProvider struct { response string } -func (m *simpleMockProvider) Chat(ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, opts map[string]interface{}) (*providers.LLMResponse, error) { +func (m *simpleMockProvider) Chat( + ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, + opts map[string]any, +) (*providers.LLMResponse, error) { return &providers.LLMResponse{ Content: m.response, ToolCalls: []providers.ToolCall{}, @@ -385,14 +391,14 @@ func (m *mockCustomTool) Description() string { return "Mock custom tool for testing" } -func (m *mockCustomTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (m *mockCustomTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{}, + "properties": map[string]any{}, } } -func (m *mockCustomTool) Execute(ctx context.Context, args map[string]interface{}) *tools.ToolResult { +func (m *mockCustomTool) Execute(ctx context.Context, args map[string]any) *tools.ToolResult { return tools.SilentResult("Custom tool executed") } @@ -410,14 +416,14 @@ func (m *mockContextualTool) Description() string { return "Mock contextual tool" } -func (m *mockContextualTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (m *mockContextualTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{}, + "properties": map[string]any{}, } } -func (m *mockContextualTool) Execute(ctx context.Context, args map[string]interface{}) *tools.ToolResult { +func (m *mockContextualTool) Execute(ctx context.Context, args map[string]any) *tools.ToolResult { return tools.SilentResult("Contextual tool executed") } @@ -537,7 +543,10 @@ type failFirstMockProvider struct { successResp string } -func (m *failFirstMockProvider) Chat(ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, opts map[string]interface{}) (*providers.LLMResponse, error) { +func (m *failFirstMockProvider) Chat( + ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, + opts map[string]any, +) (*providers.LLMResponse, error) { m.currentCall++ if m.currentCall <= m.failures { return nil, m.failError @@ -602,8 +611,13 @@ func TestAgentLoop_ContextExhaustionRetry(t *testing.T) { // Call ProcessDirectWithChannel // Note: ProcessDirectWithChannel calls processMessage which will execute runLLMIteration - response, err := al.ProcessDirectWithChannel(context.Background(), "Trigger message", sessionKey, "test", "test-chat") - + response, err := al.ProcessDirectWithChannel( + context.Background(), + "Trigger message", + sessionKey, + "test", + "test-chat", + ) if err != nil { t.Fatalf("Expected success after retry, got error: %v", err) } diff --git a/pkg/agent/memory.go b/pkg/agent/memory.go index 3f6896f91..076e822fe 100644 --- a/pkg/agent/memory.go +++ b/pkg/agent/memory.go @@ -29,7 +29,7 @@ func NewMemoryStore(workspace string) *MemoryStore { memoryFile := filepath.Join(memoryDir, "MEMORY.md") // Ensure memory directory exists - os.MkdirAll(memoryDir, 0755) + os.MkdirAll(memoryDir, 0o755) return &MemoryStore{ workspace: workspace, @@ -57,7 +57,7 @@ func (ms *MemoryStore) ReadLongTerm() string { // WriteLongTerm writes content to the long-term memory file (MEMORY.md). func (ms *MemoryStore) WriteLongTerm(content string) error { - return os.WriteFile(ms.memoryFile, []byte(content), 0644) + return os.WriteFile(ms.memoryFile, []byte(content), 0o644) } // ReadToday reads today's daily note. @@ -77,7 +77,7 @@ func (ms *MemoryStore) AppendToday(content string) error { // Ensure month directory exists monthDir := filepath.Dir(todayFile) - os.MkdirAll(monthDir, 0755) + os.MkdirAll(monthDir, 0o755) var existingContent string if data, err := os.ReadFile(todayFile); err == nil { @@ -94,7 +94,7 @@ func (ms *MemoryStore) AppendToday(content string) error { newContent = existingContent + "\n" + content } - return os.WriteFile(todayFile, []byte(newContent), 0644) + return os.WriteFile(todayFile, []byte(newContent), 0o644) } // GetRecentDailyNotes returns daily notes from the last N days. diff --git a/pkg/agent/registry.go b/pkg/agent/registry.go index 4cf5a6fca..77b846832 100644 --- a/pkg/agent/registry.go +++ b/pkg/agent/registry.go @@ -42,7 +42,7 @@ func NewAgentRegistry( instance := NewAgentInstance(ac, &cfg.Agents.Defaults, cfg, provider) registry.agents[id] = instance logger.InfoCF("agent", "Registered agent", - map[string]interface{}{ + map[string]any{ "agent_id": id, "name": ac.Name, "workspace": instance.Workspace, diff --git a/pkg/agent/registry_test.go b/pkg/agent/registry_test.go index f196d7fb7..518bb441f 100644 --- a/pkg/agent/registry_test.go +++ b/pkg/agent/registry_test.go @@ -10,7 +10,13 @@ import ( type mockRegistryProvider struct{} -func (m *mockRegistryProvider) Chat(ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, options map[string]interface{}) (*providers.LLMResponse, error) { +func (m *mockRegistryProvider) Chat( + ctx context.Context, + messages []providers.Message, + tools []providers.ToolDefinition, + model string, + options map[string]any, +) (*providers.LLMResponse, error) { return &providers.LLMResponse{Content: "mock", FinishReason: "stop"}, nil } diff --git a/pkg/auth/oauth.go b/pkg/auth/oauth.go index dcd91bebd..c01fc3b88 100644 --- a/pkg/auth/oauth.go +++ b/pkg/auth/oauth.go @@ -200,8 +200,11 @@ func LoginDeviceCode(cfg OAuthProviderConfig) (*AuthCredential, error) { deviceResp.Interval = 5 } - fmt.Printf("\nTo authenticate, open this URL in your browser:\n\n %s/codex/device\n\nThen enter this code: %s\n\nWaiting for authentication...\n", - cfg.Issuer, deviceResp.UserCode) + fmt.Printf( + "\nTo authenticate, open this URL in your browser:\n\n %s/codex/device\n\nThen enter this code: %s\n\nWaiting for authentication...\n", + cfg.Issuer, + deviceResp.UserCode, + ) deadline := time.After(15 * time.Minute) ticker := time.NewTicker(time.Duration(deviceResp.Interval) * time.Second) @@ -396,15 +399,15 @@ func extractAccountID(token string) string { return accountID } - if authClaim, ok := claims["https://api.openai.com/auth"].(map[string]interface{}); ok { + if authClaim, ok := claims["https://api.openai.com/auth"].(map[string]any); ok { if accountID, ok := authClaim["chatgpt_account_id"].(string); ok && accountID != "" { return accountID } } - if orgs, ok := claims["organizations"].([]interface{}); ok { + if orgs, ok := claims["organizations"].([]any); ok { for _, org := range orgs { - if orgMap, ok := org.(map[string]interface{}); ok { + if orgMap, ok := org.(map[string]any); ok { if accountID, ok := orgMap["id"].(string); ok && accountID != "" { return accountID } @@ -415,7 +418,7 @@ func extractAccountID(token string) string { return "" } -func parseJWTClaims(token string) (map[string]interface{}, error) { +func parseJWTClaims(token string) (map[string]any, error) { parts := strings.Split(token, ".") if len(parts) < 2 { return nil, fmt.Errorf("token is not a JWT") @@ -434,7 +437,7 @@ func parseJWTClaims(token string) (map[string]interface{}, error) { return nil, err } - var claims map[string]interface{} + var claims map[string]any if err := json.Unmarshal(decoded, &claims); err != nil { return nil, err } diff --git a/pkg/auth/oauth_test.go b/pkg/auth/oauth_test.go index 5deb17805..0cb589069 100644 --- a/pkg/auth/oauth_test.go +++ b/pkg/auth/oauth_test.go @@ -10,7 +10,7 @@ import ( "testing" ) -func makeJWTForClaims(t *testing.T, claims map[string]interface{}) string { +func makeJWTForClaims(t *testing.T, claims map[string]any) string { t.Helper() header := base64.RawURLEncoding.EncodeToString([]byte(`{"alg":"none","typ":"JWT"}`)) @@ -89,7 +89,7 @@ func TestBuildAuthorizeURLOpenAIExtras(t *testing.T) { } func TestParseTokenResponse(t *testing.T) { - resp := map[string]interface{}{ + resp := map[string]any{ "access_token": "test-access-token", "refresh_token": "test-refresh-token", "expires_in": 3600, @@ -120,8 +120,8 @@ func TestParseTokenResponse(t *testing.T) { } func TestParseTokenResponseExtractsAccountIDFromIDToken(t *testing.T) { - idToken := makeJWTForClaims(t, map[string]interface{}{"chatgpt_account_id": "acc-id-from-id-token"}) - resp := map[string]interface{}{ + idToken := makeJWTForClaims(t, map[string]any{"chatgpt_account_id": "acc-id-from-id-token"}) + resp := map[string]any{ "access_token": "opaque-access-token", "refresh_token": "test-refresh-token", "expires_in": 3600, @@ -139,9 +139,9 @@ func TestParseTokenResponseExtractsAccountIDFromIDToken(t *testing.T) { } func TestExtractAccountIDFromOrganizationsFallback(t *testing.T) { - token := makeJWTForClaims(t, map[string]interface{}{ - "organizations": []interface{}{ - map[string]interface{}{"id": "org_from_orgs"}, + token := makeJWTForClaims(t, map[string]any{ + "organizations": []any{ + map[string]any{"id": "org_from_orgs"}, }, }) @@ -160,7 +160,7 @@ func TestParseTokenResponseNoAccessToken(t *testing.T) { func TestParseTokenResponseAccountIDFromIDToken(t *testing.T) { idToken := makeJWTWithAccountID("acc-from-id") - resp := map[string]interface{}{ + resp := map[string]any{ "access_token": "not-a-jwt", "refresh_token": "test-refresh-token", "expires_in": 3600, @@ -180,7 +180,9 @@ func TestParseTokenResponseAccountIDFromIDToken(t *testing.T) { func makeJWTWithAccountID(accountID string) string { header := base64.RawURLEncoding.EncodeToString([]byte(`{"alg":"none","typ":"JWT"}`)) - payload := base64.RawURLEncoding.EncodeToString([]byte(`{"https://api.openai.com/auth":{"chatgpt_account_id":"` + accountID + `"}}`)) + payload := base64.RawURLEncoding.EncodeToString( + []byte(`{"https://api.openai.com/auth":{"chatgpt_account_id":"` + accountID + `"}}`), + ) return header + "." + payload + ".sig" } @@ -201,7 +203,7 @@ func TestExchangeCodeForTokens(t *testing.T) { return } - resp := map[string]interface{}{ + resp := map[string]any{ "access_token": "mock-access-token", "refresh_token": "mock-refresh-token", "expires_in": 3600, @@ -240,7 +242,7 @@ func TestRefreshAccessToken(t *testing.T) { return } - resp := map[string]interface{}{ + resp := map[string]any{ "access_token": "refreshed-access-token", "refresh_token": "refreshed-refresh-token", "expires_in": 3600, @@ -290,7 +292,7 @@ func TestRefreshAccessTokenNoRefreshToken(t *testing.T) { func TestRefreshAccessTokenPreservesRefreshAndAccountID(t *testing.T) { server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - resp := map[string]interface{}{ + resp := map[string]any{ "access_token": "new-access-token-only", "expires_in": 3600, } diff --git a/pkg/auth/store.go b/pkg/auth/store.go index 20724929a..d32d4495a 100644 --- a/pkg/auth/store.go +++ b/pkg/auth/store.go @@ -62,7 +62,7 @@ func LoadStore() (*AuthStore, error) { func SaveStore(store *AuthStore) error { path := authFilePath() dir := filepath.Dir(path) - if err := os.MkdirAll(dir, 0755); err != nil { + if err := os.MkdirAll(dir, 0o755); err != nil { return err } @@ -70,7 +70,7 @@ func SaveStore(store *AuthStore) error { if err != nil { return err } - return os.WriteFile(path, data, 0600) + return os.WriteFile(path, data, 0o600) } func GetCredential(provider string) (*AuthCredential, error) { diff --git a/pkg/auth/store_test.go b/pkg/auth/store_test.go index d96b460a1..f6793cfce 100644 --- a/pkg/auth/store_test.go +++ b/pkg/auth/store_test.go @@ -108,7 +108,7 @@ func TestStoreFilePermissions(t *testing.T) { t.Fatalf("Stat() error: %v", err) } perm := info.Mode().Perm() - if perm != 0600 { + if perm != 0o600 { t.Errorf("file permissions = %o, want 0600", perm) } } diff --git a/pkg/channels/base.go b/pkg/channels/base.go index 4925099a3..cd6419ebb 100644 --- a/pkg/channels/base.go +++ b/pkg/channels/base.go @@ -17,14 +17,14 @@ type Channel interface { } type BaseChannel struct { - config interface{} + config any bus *bus.MessageBus running bool name string allowList []string } -func NewBaseChannel(name string, config interface{}, bus *bus.MessageBus, allowList []string) *BaseChannel { +func NewBaseChannel(name string, config any, bus *bus.MessageBus, allowList []string) *BaseChannel { return &BaseChannel{ config: config, bus: bus, diff --git a/pkg/channels/dingtalk.go b/pkg/channels/dingtalk.go index 263785c0c..4e3a5d4f3 100644 --- a/pkg/channels/dingtalk.go +++ b/pkg/channels/dingtalk.go @@ -10,6 +10,7 @@ import ( "github.com/open-dingtalk/dingtalk-stream-sdk-go/chatbot" "github.com/open-dingtalk/dingtalk-stream-sdk-go/client" + "github.com/sipeed/picoclaw/pkg/bus" "github.com/sipeed/picoclaw/pkg/config" "github.com/sipeed/picoclaw/pkg/logger" @@ -108,7 +109,7 @@ func (c *DingTalkChannel) Send(ctx context.Context, msg bus.OutboundMessage) err return fmt.Errorf("invalid session_webhook type for chat %s", msg.ChatID) } - logger.DebugCF("dingtalk", "Sending message", map[string]interface{}{ + logger.DebugCF("dingtalk", "Sending message", map[string]any{ "chat_id": msg.ChatID, "preview": utils.Truncate(msg.Content, 100), }) @@ -120,12 +121,14 @@ func (c *DingTalkChannel) Send(ctx context.Context, msg bus.OutboundMessage) err // onChatBotMessageReceived implements the IChatBotMessageHandler function signature // This is called by the Stream SDK when a new message arrives // IChatBotMessageHandler is: func(c context.Context, data *chatbot.BotCallbackDataModel) ([]byte, error) -func (c *DingTalkChannel) onChatBotMessageReceived(ctx context.Context, data *chatbot.BotCallbackDataModel) ([]byte, error) { +func (c *DingTalkChannel) onChatBotMessageReceived( + ctx context.Context, data *chatbot.BotCallbackDataModel, +) ([]byte, error) { // Extract message content from Text field content := data.Text.Content if content == "" { // Try to extract from Content interface{} if Text is empty - if contentMap, ok := data.Content.(map[string]interface{}); ok { + if contentMap, ok := data.Content.(map[string]any); ok { if textContent, ok := contentMap["content"].(string); ok { content = textContent } @@ -155,7 +158,7 @@ func (c *DingTalkChannel) onChatBotMessageReceived(ctx context.Context, data *ch "session_webhook": data.SessionWebhook, } - logger.DebugCF("dingtalk", "Received message", map[string]interface{}{ + logger.DebugCF("dingtalk", "Received message", map[string]any{ "sender_nick": senderNick, "sender_id": senderID, "preview": utils.Truncate(content, 50), @@ -184,7 +187,6 @@ func (c *DingTalkChannel) SendDirectReply(ctx context.Context, sessionWebhook, c titleBytes, contentBytes, ) - if err != nil { return fmt.Errorf("failed to send reply: %w", err) } diff --git a/pkg/channels/discord.go b/pkg/channels/discord.go index f360c75ef..74ae44412 100644 --- a/pkg/channels/discord.go +++ b/pkg/channels/discord.go @@ -8,6 +8,7 @@ import ( "time" "github.com/bwmarrin/discordgo" + "github.com/sipeed/picoclaw/pkg/bus" "github.com/sipeed/picoclaw/pkg/config" "github.com/sipeed/picoclaw/pkg/logger" @@ -106,7 +107,9 @@ func (c *DiscordChannel) Send(ctx context.Context, msg bus.OutboundMessage) erro return nil } - chunks := splitMessage(msg.Content, 1500) // Discord has a limit of 2000 characters per message, leave 500 for natural split e.g. code blocks + chunks := splitMessage( + msg.Content, 1500, + ) // Discord has a limit of 2000 characters per message, leave 500 for natural split e.g. code blocks for _, chunk := range chunks { if err := c.sendChunk(ctx, channelID, chunk); err != nil { diff --git a/pkg/channels/feishu_32.go b/pkg/channels/feishu_32.go index 4e60fbc11..5109b8195 100644 --- a/pkg/channels/feishu_32.go +++ b/pkg/channels/feishu_32.go @@ -17,7 +17,9 @@ type FeishuChannel struct { // NewFeishuChannel returns an error on 32-bit architectures where the Feishu SDK is not supported func NewFeishuChannel(cfg config.FeishuConfig, bus *bus.MessageBus) (*FeishuChannel, error) { - return nil, errors.New("feishu channel is not supported on 32-bit architectures (armv7l, 386, etc.). Please use a 64-bit system or disable feishu in your config") + return nil, errors.New( + "feishu channel is not supported on 32-bit architectures (armv7l, 386, etc.). Please use a 64-bit system or disable feishu in your config", + ) } // Start is a stub method to satisfy the Channel interface diff --git a/pkg/channels/feishu_64.go b/pkg/channels/feishu_64.go index 39dc40ac1..29d4001cb 100644 --- a/pkg/channels/feishu_64.go +++ b/pkg/channels/feishu_64.go @@ -65,7 +65,7 @@ func (c *FeishuChannel) Start(ctx context.Context) error { go func() { if err := wsClient.Start(runCtx); err != nil { - logger.ErrorCF("feishu", "Feishu websocket stopped with error", map[string]interface{}{ + logger.ErrorCF("feishu", "Feishu websocket stopped with error", map[string]any{ "error": err.Error(), }) } @@ -121,7 +121,7 @@ func (c *FeishuChannel) Send(ctx context.Context, msg bus.OutboundMessage) error return fmt.Errorf("feishu api error: code=%d msg=%s", resp.Code, resp.Msg) } - logger.DebugCF("feishu", "Feishu message sent", map[string]interface{}{ + logger.DebugCF("feishu", "Feishu message sent", map[string]any{ "chat_id": msg.ChatID, }) @@ -165,7 +165,7 @@ func (c *FeishuChannel) handleMessageReceive(_ context.Context, event *larkim.P2 metadata["tenant_key"] = *sender.TenantKey } - logger.InfoCF("feishu", "Feishu message received", map[string]interface{}{ + logger.InfoCF("feishu", "Feishu message received", map[string]any{ "sender_id": senderID, "chat_id": chatID, "preview": utils.Truncate(content, 80), diff --git a/pkg/channels/line.go b/pkg/channels/line.go index ffb5533e8..f7ca98c92 100644 --- a/pkg/channels/line.go +++ b/pkg/channels/line.go @@ -75,11 +75,11 @@ func (c *LINEChannel) Start(ctx context.Context) error { // Fetch bot profile to get bot's userId for mention detection if err := c.fetchBotInfo(); err != nil { - logger.WarnCF("line", "Failed to fetch bot info (mention detection disabled)", map[string]interface{}{ + logger.WarnCF("line", "Failed to fetch bot info (mention detection disabled)", map[string]any{ "error": err.Error(), }) } else { - logger.InfoCF("line", "Bot info fetched", map[string]interface{}{ + logger.InfoCF("line", "Bot info fetched", map[string]any{ "bot_user_id": c.botUserID, "basic_id": c.botBasicID, "display_name": c.botDisplayName, @@ -100,12 +100,12 @@ func (c *LINEChannel) Start(ctx context.Context) error { } go func() { - logger.InfoCF("line", "LINE webhook server listening", map[string]interface{}{ + logger.InfoCF("line", "LINE webhook server listening", map[string]any{ "addr": addr, "path": path, }) if err := c.httpServer.ListenAndServe(); err != nil && err != http.ErrServerClosed { - logger.ErrorCF("line", "Webhook server error", map[string]interface{}{ + logger.ErrorCF("line", "Webhook server error", map[string]any{ "error": err.Error(), }) } @@ -162,7 +162,7 @@ func (c *LINEChannel) Stop(ctx context.Context) error { shutdownCtx, cancel := context.WithTimeout(ctx, 5*time.Second) defer cancel() if err := c.httpServer.Shutdown(shutdownCtx); err != nil { - logger.ErrorCF("line", "Webhook server shutdown error", map[string]interface{}{ + logger.ErrorCF("line", "Webhook server shutdown error", map[string]any{ "error": err.Error(), }) } @@ -182,7 +182,7 @@ func (c *LINEChannel) webhookHandler(w http.ResponseWriter, r *http.Request) { body, err := io.ReadAll(r.Body) if err != nil { - logger.ErrorCF("line", "Failed to read request body", map[string]interface{}{ + logger.ErrorCF("line", "Failed to read request body", map[string]any{ "error": err.Error(), }) http.Error(w, "Bad request", http.StatusBadRequest) @@ -200,7 +200,7 @@ func (c *LINEChannel) webhookHandler(w http.ResponseWriter, r *http.Request) { Events []lineEvent `json:"events"` } if err := json.Unmarshal(body, &payload); err != nil { - logger.ErrorCF("line", "Failed to parse webhook payload", map[string]interface{}{ + logger.ErrorCF("line", "Failed to parse webhook payload", map[string]any{ "error": err.Error(), }) http.Error(w, "Bad request", http.StatusBadRequest) @@ -266,7 +266,7 @@ type lineMentionee struct { func (c *LINEChannel) processEvent(event lineEvent) { if event.Type != "message" { - logger.DebugCF("line", "Ignoring non-message event", map[string]interface{}{ + logger.DebugCF("line", "Ignoring non-message event", map[string]any{ "type": event.Type, }) return @@ -278,7 +278,7 @@ func (c *LINEChannel) processEvent(event lineEvent) { var msg lineMessage if err := json.Unmarshal(event.Message, &msg); err != nil { - logger.ErrorCF("line", "Failed to parse message", map[string]interface{}{ + logger.ErrorCF("line", "Failed to parse message", map[string]any{ "error": err.Error(), }) return @@ -286,7 +286,7 @@ func (c *LINEChannel) processEvent(event lineEvent) { // In group chats, only respond when the bot is mentioned if isGroup && !c.isBotMentioned(msg) { - logger.DebugCF("line", "Ignoring group message without mention", map[string]interface{}{ + logger.DebugCF("line", "Ignoring group message without mention", map[string]any{ "chat_id": chatID, }) return @@ -312,7 +312,7 @@ func (c *LINEChannel) processEvent(event lineEvent) { defer func() { for _, file := range localFiles { if err := os.Remove(file); err != nil { - logger.DebugCF("line", "Failed to cleanup temp file", map[string]interface{}{ + logger.DebugCF("line", "Failed to cleanup temp file", map[string]any{ "file": file, "error": err.Error(), }) @@ -366,7 +366,7 @@ func (c *LINEChannel) processEvent(event lineEvent) { "message_id": msg.ID, } - logger.DebugCF("line", "Received message", map[string]interface{}{ + logger.DebugCF("line", "Received message", map[string]any{ "sender_id": senderID, "chat_id": chatID, "message_type": msg.Type, @@ -497,7 +497,7 @@ func (c *LINEChannel) Send(ctx context.Context, msg bus.OutboundMessage) error { tokenEntry := entry.(replyTokenEntry) if time.Since(tokenEntry.timestamp) < lineReplyTokenMaxAge { if err := c.sendReply(ctx, tokenEntry.token, msg.Content, quoteToken); err == nil { - logger.DebugCF("line", "Message sent via Reply API", map[string]interface{}{ + logger.DebugCF("line", "Message sent via Reply API", map[string]any{ "chat_id": msg.ChatID, "quoted": quoteToken != "", }) @@ -525,7 +525,7 @@ func buildTextMessage(content, quoteToken string) map[string]string { // sendReply sends a message using the LINE Reply API. func (c *LINEChannel) sendReply(ctx context.Context, replyToken, content, quoteToken string) error { - payload := map[string]interface{}{ + payload := map[string]any{ "replyToken": replyToken, "messages": []map[string]string{buildTextMessage(content, quoteToken)}, } @@ -535,7 +535,7 @@ func (c *LINEChannel) sendReply(ctx context.Context, replyToken, content, quoteT // sendPush sends a message using the LINE Push API. func (c *LINEChannel) sendPush(ctx context.Context, to, content, quoteToken string) error { - payload := map[string]interface{}{ + payload := map[string]any{ "to": to, "messages": []map[string]string{buildTextMessage(content, quoteToken)}, } @@ -545,19 +545,19 @@ func (c *LINEChannel) sendPush(ctx context.Context, to, content, quoteToken stri // sendLoading sends a loading animation indicator to the chat. func (c *LINEChannel) sendLoading(chatID string) { - payload := map[string]interface{}{ + payload := map[string]any{ "chatId": chatID, "loadingSeconds": 60, } if err := c.callAPI(c.ctx, lineLoadingEndpoint, payload); err != nil { - logger.DebugCF("line", "Failed to send loading indicator", map[string]interface{}{ + logger.DebugCF("line", "Failed to send loading indicator", map[string]any{ "error": err.Error(), }) } } // callAPI makes an authenticated POST request to the LINE API. -func (c *LINEChannel) callAPI(ctx context.Context, endpoint string, payload interface{}) error { +func (c *LINEChannel) callAPI(ctx context.Context, endpoint string, payload any) error { body, err := json.Marshal(payload) if err != nil { return fmt.Errorf("failed to marshal payload: %w", err) diff --git a/pkg/channels/maixcam.go b/pkg/channels/maixcam.go index 01e570b25..6288a792c 100644 --- a/pkg/channels/maixcam.go +++ b/pkg/channels/maixcam.go @@ -21,10 +21,10 @@ type MaixCamChannel struct { } type MaixCamMessage struct { - Type string `json:"type"` - Tips string `json:"tips"` - Timestamp float64 `json:"timestamp"` - Data map[string]interface{} `json:"data"` + Type string `json:"type"` + Tips string `json:"tips"` + Timestamp float64 `json:"timestamp"` + Data map[string]any `json:"data"` } func NewMaixCamChannel(cfg config.MaixCamConfig, bus *bus.MessageBus) (*MaixCamChannel, error) { @@ -49,7 +49,7 @@ func (c *MaixCamChannel) Start(ctx context.Context) error { c.listener = listener c.setRunning(true) - logger.InfoCF("maixcam", "MaixCam server listening", map[string]interface{}{ + logger.InfoCF("maixcam", "MaixCam server listening", map[string]any{ "host": c.config.Host, "port": c.config.Port, }) @@ -71,14 +71,14 @@ func (c *MaixCamChannel) acceptConnections(ctx context.Context) { conn, err := c.listener.Accept() if err != nil { if c.running { - logger.ErrorCF("maixcam", "Failed to accept connection", map[string]interface{}{ + logger.ErrorCF("maixcam", "Failed to accept connection", map[string]any{ "error": err.Error(), }) } return } - logger.InfoCF("maixcam", "New connection from MaixCam device", map[string]interface{}{ + logger.InfoCF("maixcam", "New connection from MaixCam device", map[string]any{ "remote_addr": conn.RemoteAddr().String(), }) @@ -112,7 +112,7 @@ func (c *MaixCamChannel) handleConnection(conn net.Conn, ctx context.Context) { var msg MaixCamMessage if err := decoder.Decode(&msg); err != nil { if err.Error() != "EOF" { - logger.ErrorCF("maixcam", "Failed to decode message", map[string]interface{}{ + logger.ErrorCF("maixcam", "Failed to decode message", map[string]any{ "error": err.Error(), }) } @@ -133,14 +133,14 @@ func (c *MaixCamChannel) processMessage(msg MaixCamMessage, conn net.Conn) { case "status": c.handleStatusUpdate(msg) default: - logger.WarnCF("maixcam", "Unknown message type", map[string]interface{}{ + logger.WarnCF("maixcam", "Unknown message type", map[string]any{ "type": msg.Type, }) } } func (c *MaixCamChannel) handlePersonDetection(msg MaixCamMessage) { - logger.InfoCF("maixcam", "", map[string]interface{}{ + logger.InfoCF("maixcam", "", map[string]any{ "timestamp": msg.Timestamp, "data": msg.Data, }) @@ -176,7 +176,7 @@ func (c *MaixCamChannel) handlePersonDetection(msg MaixCamMessage) { } func (c *MaixCamChannel) handleStatusUpdate(msg MaixCamMessage) { - logger.InfoCF("maixcam", "Status update from MaixCam", map[string]interface{}{ + logger.InfoCF("maixcam", "Status update from MaixCam", map[string]any{ "status": msg.Data, }) } @@ -214,7 +214,7 @@ func (c *MaixCamChannel) Send(ctx context.Context, msg bus.OutboundMessage) erro return fmt.Errorf("no connected MaixCam devices") } - response := map[string]interface{}{ + response := map[string]any{ "type": "command", "timestamp": float64(0), "message": msg.Content, @@ -229,7 +229,7 @@ func (c *MaixCamChannel) Send(ctx context.Context, msg bus.OutboundMessage) erro var sendErr error for conn := range c.clients { if _, err := conn.Write(data); err != nil { - logger.ErrorCF("maixcam", "Failed to send to client", map[string]interface{}{ + logger.ErrorCF("maixcam", "Failed to send to client", map[string]any{ "client": conn.RemoteAddr().String(), "error": err.Error(), }) diff --git a/pkg/channels/manager.go b/pkg/channels/manager.go index 7f6abc4cb..3ffaf5fb7 100644 --- a/pkg/channels/manager.go +++ b/pkg/channels/manager.go @@ -50,7 +50,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize Telegram channel") telegram, err := NewTelegramChannel(m.config, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize Telegram channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize Telegram channel", map[string]any{ "error": err.Error(), }) } else { @@ -63,7 +63,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize WhatsApp channel") whatsapp, err := NewWhatsAppChannel(m.config.Channels.WhatsApp, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize WhatsApp channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize WhatsApp channel", map[string]any{ "error": err.Error(), }) } else { @@ -76,7 +76,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize Feishu channel") feishu, err := NewFeishuChannel(m.config.Channels.Feishu, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize Feishu channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize Feishu channel", map[string]any{ "error": err.Error(), }) } else { @@ -89,7 +89,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize Discord channel") discord, err := NewDiscordChannel(m.config.Channels.Discord, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize Discord channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize Discord channel", map[string]any{ "error": err.Error(), }) } else { @@ -102,7 +102,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize MaixCam channel") maixcam, err := NewMaixCamChannel(m.config.Channels.MaixCam, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize MaixCam channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize MaixCam channel", map[string]any{ "error": err.Error(), }) } else { @@ -115,7 +115,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize QQ channel") qq, err := NewQQChannel(m.config.Channels.QQ, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize QQ channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize QQ channel", map[string]any{ "error": err.Error(), }) } else { @@ -128,7 +128,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize DingTalk channel") dingtalk, err := NewDingTalkChannel(m.config.Channels.DingTalk, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize DingTalk channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize DingTalk channel", map[string]any{ "error": err.Error(), }) } else { @@ -141,7 +141,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize Slack channel") slackCh, err := NewSlackChannel(m.config.Channels.Slack, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize Slack channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize Slack channel", map[string]any{ "error": err.Error(), }) } else { @@ -154,7 +154,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize LINE channel") line, err := NewLINEChannel(m.config.Channels.LINE, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize LINE channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize LINE channel", map[string]any{ "error": err.Error(), }) } else { @@ -167,7 +167,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize OneBot channel") onebot, err := NewOneBotChannel(m.config.Channels.OneBot, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize OneBot channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize OneBot channel", map[string]any{ "error": err.Error(), }) } else { @@ -176,7 +176,7 @@ func (m *Manager) initChannels() error { } } - logger.InfoCF("channels", "Channel initialization completed", map[string]interface{}{ + logger.InfoCF("channels", "Channel initialization completed", map[string]any{ "enabled_channels": len(m.channels), }) @@ -200,11 +200,11 @@ func (m *Manager) StartAll(ctx context.Context) error { go m.dispatchOutbound(dispatchCtx) for name, channel := range m.channels { - logger.InfoCF("channels", "Starting channel", map[string]interface{}{ + logger.InfoCF("channels", "Starting channel", map[string]any{ "channel": name, }) if err := channel.Start(ctx); err != nil { - logger.ErrorCF("channels", "Failed to start channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to start channel", map[string]any{ "channel": name, "error": err.Error(), }) @@ -227,11 +227,11 @@ func (m *Manager) StopAll(ctx context.Context) error { } for name, channel := range m.channels { - logger.InfoCF("channels", "Stopping channel", map[string]interface{}{ + logger.InfoCF("channels", "Stopping channel", map[string]any{ "channel": name, }) if err := channel.Stop(ctx); err != nil { - logger.ErrorCF("channels", "Error stopping channel", map[string]interface{}{ + logger.ErrorCF("channels", "Error stopping channel", map[string]any{ "channel": name, "error": err.Error(), }) @@ -266,14 +266,14 @@ func (m *Manager) dispatchOutbound(ctx context.Context) { m.mu.RUnlock() if !exists { - logger.WarnCF("channels", "Unknown channel for outbound message", map[string]interface{}{ + logger.WarnCF("channels", "Unknown channel for outbound message", map[string]any{ "channel": msg.Channel, }) continue } if err := channel.Send(ctx, msg); err != nil { - logger.ErrorCF("channels", "Error sending message to channel", map[string]interface{}{ + logger.ErrorCF("channels", "Error sending message to channel", map[string]any{ "channel": msg.Channel, "error": err.Error(), }) @@ -289,13 +289,13 @@ func (m *Manager) GetChannel(name string) (Channel, bool) { return channel, ok } -func (m *Manager) GetStatus() map[string]interface{} { +func (m *Manager) GetStatus() map[string]any { m.mu.RLock() defer m.mu.RUnlock() - status := make(map[string]interface{}) + status := make(map[string]any) for name, channel := range m.channels { - status[name] = map[string]interface{}{ + status[name] = map[string]any{ "enabled": true, "running": channel.IsRunning(), } diff --git a/pkg/channels/onebot.go b/pkg/channels/onebot.go index 5d97fab9c..607aaed2a 100644 --- a/pkg/channels/onebot.go +++ b/pkg/channels/onebot.go @@ -76,9 +76,9 @@ type oneBotEvent struct { } type oneBotAPIRequest struct { - Action string `json:"action"` - Params interface{} `json:"params"` - Echo string `json:"echo,omitempty"` + Action string `json:"action"` + Params any `json:"params"` + Echo string `json:"echo,omitempty"` } type oneBotSendPrivateMsgParams struct { @@ -109,14 +109,14 @@ func (c *OneBotChannel) Start(ctx context.Context) error { return fmt.Errorf("OneBot ws_url not configured") } - logger.InfoCF("onebot", "Starting OneBot channel", map[string]interface{}{ + logger.InfoCF("onebot", "Starting OneBot channel", map[string]any{ "ws_url": c.config.WSUrl, }) c.ctx, c.cancel = context.WithCancel(ctx) if err := c.connect(); err != nil { - logger.WarnCF("onebot", "Initial connection failed, will retry in background", map[string]interface{}{ + logger.WarnCF("onebot", "Initial connection failed, will retry in background", map[string]any{ "error": err.Error(), }) } else { @@ -178,7 +178,7 @@ func (c *OneBotChannel) reconnectLoop() { if conn == nil { logger.InfoC("onebot", "Attempting to reconnect...") if err := c.connect(); err != nil { - logger.ErrorCF("onebot", "Reconnect failed", map[string]interface{}{ + logger.ErrorCF("onebot", "Reconnect failed", map[string]any{ "error": err.Error(), }) } else { @@ -246,7 +246,7 @@ func (c *OneBotChannel) Send(ctx context.Context, msg bus.OutboundMessage) error c.writeMu.Unlock() if err != nil { - logger.ErrorCF("onebot", "Failed to send message", map[string]interface{}{ + logger.ErrorCF("onebot", "Failed to send message", map[string]any{ "error": err.Error(), }) return err @@ -255,7 +255,7 @@ func (c *OneBotChannel) Send(ctx context.Context, msg bus.OutboundMessage) error return nil } -func (c *OneBotChannel) buildSendRequest(msg bus.OutboundMessage) (string, interface{}, error) { +func (c *OneBotChannel) buildSendRequest(msg bus.OutboundMessage) (string, any, error) { chatID := msg.ChatID if len(chatID) > 6 && chatID[:6] == "group:" { @@ -308,7 +308,7 @@ func (c *OneBotChannel) listen() { _, message, err := conn.ReadMessage() if err != nil { - logger.ErrorCF("onebot", "WebSocket read error", map[string]interface{}{ + logger.ErrorCF("onebot", "WebSocket read error", map[string]any{ "error": err.Error(), }) c.mu.Lock() @@ -320,14 +320,14 @@ func (c *OneBotChannel) listen() { return } - logger.DebugCF("onebot", "Raw WebSocket message received", map[string]interface{}{ + logger.DebugCF("onebot", "Raw WebSocket message received", map[string]any{ "length": len(message), "payload": string(message), }) var raw oneBotRawEvent if err := json.Unmarshal(message, &raw); err != nil { - logger.WarnCF("onebot", "Failed to unmarshal raw event", map[string]interface{}{ + logger.WarnCF("onebot", "Failed to unmarshal raw event", map[string]any{ "error": err.Error(), "payload": string(message), }) @@ -335,14 +335,14 @@ func (c *OneBotChannel) listen() { } if raw.Echo != "" || raw.Status.Online || raw.Status.Good { - logger.DebugCF("onebot", "Received API response, skipping", map[string]interface{}{ + logger.DebugCF("onebot", "Received API response, skipping", map[string]any{ "echo": raw.Echo, "status": raw.Status, }) continue } - logger.DebugCF("onebot", "Parsed raw event", map[string]interface{}{ + logger.DebugCF("onebot", "Parsed raw event", map[string]any{ "post_type": raw.PostType, "message_type": raw.MessageType, "sub_type": raw.SubType, @@ -407,14 +407,14 @@ func parseMessageContentEx(raw json.RawMessage, selfID int64) parseMessageResult return parseMessageResult{Text: s, IsBotMentioned: mentioned} } - var segments []map[string]interface{} + var segments []map[string]any if err := json.Unmarshal(raw, &segments); err == nil { var text string mentioned := false selfIDStr := strconv.FormatInt(selfID, 10) for _, seg := range segments { segType, _ := seg["type"].(string) - data, _ := seg["data"].(map[string]interface{}) + data, _ := seg["data"].(map[string]any) switch segType { case "text": if data != nil { @@ -441,7 +441,7 @@ func (c *OneBotChannel) handleRawEvent(raw *oneBotRawEvent) { case "message": evt, err := c.normalizeMessageEvent(raw) if err != nil { - logger.WarnCF("onebot", "Failed to normalize message event", map[string]interface{}{ + logger.WarnCF("onebot", "Failed to normalize message event", map[string]any{ "error": err.Error(), }) return @@ -450,20 +450,20 @@ func (c *OneBotChannel) handleRawEvent(raw *oneBotRawEvent) { case "meta_event": c.handleMetaEvent(raw) case "notice": - logger.DebugCF("onebot", "Notice event received", map[string]interface{}{ + logger.DebugCF("onebot", "Notice event received", map[string]any{ "sub_type": raw.SubType, }) case "request": - logger.DebugCF("onebot", "Request event received", map[string]interface{}{ + logger.DebugCF("onebot", "Request event received", map[string]any{ "sub_type": raw.SubType, }) case "": - logger.DebugCF("onebot", "Event with empty post_type (possibly API response)", map[string]interface{}{ + logger.DebugCF("onebot", "Event with empty post_type (possibly API response)", map[string]any{ "echo": raw.Echo, "status": raw.Status, }) default: - logger.DebugCF("onebot", "Unknown post_type", map[string]interface{}{ + logger.DebugCF("onebot", "Unknown post_type", map[string]any{ "post_type": raw.PostType, }) } @@ -498,14 +498,14 @@ func (c *OneBotChannel) normalizeMessageEvent(raw *oneBotRawEvent) (*oneBotEvent var sender oneBotSender if len(raw.Sender) > 0 { if err := json.Unmarshal(raw.Sender, &sender); err != nil { - logger.WarnCF("onebot", "Failed to parse sender", map[string]interface{}{ + logger.WarnCF("onebot", "Failed to parse sender", map[string]any{ "error": err.Error(), "sender": string(raw.Sender), }) } } - logger.DebugCF("onebot", "Normalized message event", map[string]interface{}{ + logger.DebugCF("onebot", "Normalized message event", map[string]any{ "message_type": raw.MessageType, "user_id": userID, "group_id": groupID, @@ -534,13 +534,13 @@ func (c *OneBotChannel) normalizeMessageEvent(raw *oneBotRawEvent) (*oneBotEvent func (c *OneBotChannel) handleMetaEvent(raw *oneBotRawEvent) { switch raw.MetaEventType { case "lifecycle": - logger.InfoCF("onebot", "Lifecycle event", map[string]interface{}{ + logger.InfoCF("onebot", "Lifecycle event", map[string]any{ "sub_type": raw.SubType, }) case "heartbeat": logger.DebugC("onebot", "Heartbeat received") default: - logger.DebugCF("onebot", "Unknown meta_event_type", map[string]interface{}{ + logger.DebugCF("onebot", "Unknown meta_event_type", map[string]any{ "meta_event_type": raw.MetaEventType, }) } @@ -548,7 +548,7 @@ func (c *OneBotChannel) handleMetaEvent(raw *oneBotRawEvent) { func (c *OneBotChannel) handleMessage(evt *oneBotEvent) { if c.isDuplicate(evt.MessageID) { - logger.DebugCF("onebot", "Duplicate message, skipping", map[string]interface{}{ + logger.DebugCF("onebot", "Duplicate message, skipping", map[string]any{ "message_id": evt.MessageID, }) return @@ -556,7 +556,7 @@ func (c *OneBotChannel) handleMessage(evt *oneBotEvent) { content := evt.Content if content == "" { - logger.DebugCF("onebot", "Received empty message, ignoring", map[string]interface{}{ + logger.DebugCF("onebot", "Received empty message, ignoring", map[string]any{ "message_id": evt.MessageID, }) return @@ -572,7 +572,7 @@ func (c *OneBotChannel) handleMessage(evt *oneBotEvent) { switch evt.MessageType { case "private": chatID = "private:" + senderID - logger.InfoCF("onebot", "Received private message", map[string]interface{}{ + logger.InfoCF("onebot", "Received private message", map[string]any{ "sender": senderID, "message_id": evt.MessageID, "length": len(content), @@ -597,7 +597,7 @@ func (c *OneBotChannel) handleMessage(evt *oneBotEvent) { triggered, strippedContent := c.checkGroupTrigger(content, evt.IsBotMentioned) if !triggered { - logger.DebugCF("onebot", "Group message ignored (no trigger)", map[string]interface{}{ + logger.DebugCF("onebot", "Group message ignored (no trigger)", map[string]any{ "sender": senderID, "group": groupIDStr, "is_mentioned": evt.IsBotMentioned, @@ -607,7 +607,7 @@ func (c *OneBotChannel) handleMessage(evt *oneBotEvent) { } content = strippedContent - logger.InfoCF("onebot", "Received group message", map[string]interface{}{ + logger.InfoCF("onebot", "Received group message", map[string]any{ "sender": senderID, "group": groupIDStr, "message_id": evt.MessageID, @@ -617,7 +617,7 @@ func (c *OneBotChannel) handleMessage(evt *oneBotEvent) { }) default: - logger.WarnCF("onebot", "Unknown message type, cannot route", map[string]interface{}{ + logger.WarnCF("onebot", "Unknown message type, cannot route", map[string]any{ "type": evt.MessageType, "message_id": evt.MessageID, "user_id": evt.UserID, @@ -629,7 +629,7 @@ func (c *OneBotChannel) handleMessage(evt *oneBotEvent) { metadata["nickname"] = evt.Sender.Nickname } - logger.DebugCF("onebot", "Forwarding message to bus", map[string]interface{}{ + logger.DebugCF("onebot", "Forwarding message to bus", map[string]any{ "sender_id": senderID, "chat_id": chatID, "content": truncate(content, 100), @@ -668,7 +668,10 @@ func truncate(s string, n int) string { return string(runes[:n]) + "..." } -func (c *OneBotChannel) checkGroupTrigger(content string, isBotMentioned bool) (triggered bool, strippedContent string) { +func (c *OneBotChannel) checkGroupTrigger( + content string, + isBotMentioned bool, +) (triggered bool, strippedContent string) { if isBotMentioned { return true, strings.TrimSpace(content) } diff --git a/pkg/channels/qq.go b/pkg/channels/qq.go index 18b4ca0e0..055498797 100644 --- a/pkg/channels/qq.go +++ b/pkg/channels/qq.go @@ -77,7 +77,7 @@ func (c *QQChannel) Start(ctx context.Context) error { return fmt.Errorf("failed to get websocket info: %w", err) } - logger.InfoCF("qq", "Got WebSocket info", map[string]interface{}{ + logger.InfoCF("qq", "Got WebSocket info", map[string]any{ "shards": wsInfo.Shards, }) @@ -87,7 +87,7 @@ func (c *QQChannel) Start(ctx context.Context) error { // åœØ goroutine äø­åÆåŠØ WebSocket čæžęŽ„ļ¼Œéæ免阻唞 go func() { if err := c.sessionManager.Start(wsInfo, c.tokenSource, &intent); err != nil { - logger.ErrorCF("qq", "WebSocket session error", map[string]interface{}{ + logger.ErrorCF("qq", "WebSocket session error", map[string]any{ "error": err.Error(), }) c.setRunning(false) @@ -124,7 +124,7 @@ func (c *QQChannel) Send(ctx context.Context, msg bus.OutboundMessage) error { // C2C 궈ęÆ发送 _, err := c.api.PostC2CMessage(ctx, msg.ChatID, msgToCreate) if err != nil { - logger.ErrorCF("qq", "Failed to send C2C message", map[string]interface{}{ + logger.ErrorCF("qq", "Failed to send C2C message", map[string]any{ "error": err.Error(), }) return err @@ -157,7 +157,7 @@ func (c *QQChannel) handleC2CMessage() event.C2CMessageEventHandler { return nil } - logger.InfoCF("qq", "Received C2C message", map[string]interface{}{ + logger.InfoCF("qq", "Received C2C message", map[string]any{ "sender": senderID, "length": len(content), }) @@ -197,7 +197,7 @@ func (c *QQChannel) handleGroupATMessage() event.GroupATMessageEventHandler { return nil } - logger.InfoCF("qq", "Received group AT message", map[string]interface{}{ + logger.InfoCF("qq", "Received group AT message", map[string]any{ "sender": senderID, "group": data.GroupID, "length": len(content), diff --git a/pkg/channels/slack.go b/pkg/channels/slack.go index 0060972ed..f7359cd6d 100644 --- a/pkg/channels/slack.go +++ b/pkg/channels/slack.go @@ -75,7 +75,7 @@ func (c *SlackChannel) Start(ctx context.Context) error { c.botUserID = authResp.UserID c.teamID = authResp.TeamID - logger.InfoCF("slack", "Slack bot connected", map[string]interface{}{ + logger.InfoCF("slack", "Slack bot connected", map[string]any{ "bot_user_id": c.botUserID, "team": authResp.Team, }) @@ -85,7 +85,7 @@ func (c *SlackChannel) Start(ctx context.Context) error { go func() { if err := c.socketClient.RunContext(c.ctx); err != nil { if c.ctx.Err() == nil { - logger.ErrorCF("slack", "Socket Mode connection error", map[string]interface{}{ + logger.ErrorCF("slack", "Socket Mode connection error", map[string]any{ "error": err.Error(), }) } @@ -140,7 +140,7 @@ func (c *SlackChannel) Send(ctx context.Context, msg bus.OutboundMessage) error }) } - logger.DebugCF("slack", "Message sent", map[string]interface{}{ + logger.DebugCF("slack", "Message sent", map[string]any{ "channel_id": channelID, "thread_ts": threadTS, }) @@ -202,7 +202,7 @@ func (c *SlackChannel) handleMessageEvent(ev *slackevents.MessageEvent) { // ę£€ęŸ„ē™½åå•ļ¼Œéæ免äøŗč¢«ę‹’ē»ēš„ē”Øꈷäø‹č½½é™„件 if !c.IsAllowed(ev.User) { - logger.DebugCF("slack", "Message rejected by allowlist", map[string]interface{}{ + logger.DebugCF("slack", "Message rejected by allowlist", map[string]any{ "user_id": ev.User, }) return @@ -238,7 +238,7 @@ func (c *SlackChannel) handleMessageEvent(ev *slackevents.MessageEvent) { defer func() { for _, file := range localFiles { if err := os.Remove(file); err != nil { - logger.DebugCF("slack", "Failed to cleanup temp file", map[string]interface{}{ + logger.DebugCF("slack", "Failed to cleanup temp file", map[string]any{ "file": file, "error": err.Error(), }) @@ -261,7 +261,7 @@ func (c *SlackChannel) handleMessageEvent(ev *slackevents.MessageEvent) { result, err := c.transcriber.Transcribe(ctx, localPath) if err != nil { - logger.ErrorCF("slack", "Voice transcription failed", map[string]interface{}{"error": err.Error()}) + logger.ErrorCF("slack", "Voice transcription failed", map[string]any{"error": err.Error()}) content += fmt.Sprintf("\n[audio: %s (transcription failed)]", file.Name) } else { content += fmt.Sprintf("\n[voice transcription: %s]", result.Text) @@ -293,7 +293,7 @@ func (c *SlackChannel) handleMessageEvent(ev *slackevents.MessageEvent) { "team_id": c.teamID, } - logger.DebugCF("slack", "Received message", map[string]interface{}{ + logger.DebugCF("slack", "Received message", map[string]any{ "sender_id": senderID, "chat_id": chatID, "preview": utils.Truncate(content, 50), @@ -309,7 +309,7 @@ func (c *SlackChannel) handleAppMention(ev *slackevents.AppMentionEvent) { } if !c.IsAllowed(ev.User) { - logger.DebugCF("slack", "Mention rejected by allowlist", map[string]interface{}{ + logger.DebugCF("slack", "Mention rejected by allowlist", map[string]any{ "user_id": ev.User, }) return @@ -375,7 +375,7 @@ func (c *SlackChannel) handleSlashCommand(event socketmode.Event) { } if !c.IsAllowed(cmd.UserID) { - logger.DebugCF("slack", "Slash command rejected by allowlist", map[string]interface{}{ + logger.DebugCF("slack", "Slash command rejected by allowlist", map[string]any{ "user_id": cmd.UserID, }) return @@ -400,7 +400,7 @@ func (c *SlackChannel) handleSlashCommand(event socketmode.Event) { "team_id": c.teamID, } - logger.DebugCF("slack", "Slash command received", map[string]interface{}{ + logger.DebugCF("slack", "Slash command received", map[string]any{ "sender_id": senderID, "command": cmd.Command, "text": utils.Truncate(content, 50), @@ -415,7 +415,7 @@ func (c *SlackChannel) downloadSlackFile(file slack.File) string { downloadURL = file.URLPrivate } if downloadURL == "" { - logger.ErrorCF("slack", "No download URL for file", map[string]interface{}{"file_id": file.ID}) + logger.ErrorCF("slack", "No download URL for file", map[string]any{"file_id": file.ID}) return "" } diff --git a/pkg/channels/telegram.go b/pkg/channels/telegram.go index 24b82b557..eb5bedaaf 100644 --- a/pkg/channels/telegram.go +++ b/pkg/channels/telegram.go @@ -11,10 +11,9 @@ import ( "sync" "time" - th "github.com/mymmrac/telego/telegohandler" - "github.com/mymmrac/telego" "github.com/mymmrac/telego/telegohandler" + th "github.com/mymmrac/telego/telegohandler" tu "github.com/mymmrac/telego/telegoutil" "github.com/sipeed/picoclaw/pkg/bus" @@ -120,7 +119,7 @@ func (c *TelegramChannel) Start(ctx context.Context) error { }, th.AnyMessage()) c.setRunning(true) - logger.InfoCF("telegram", "Telegram bot connected", map[string]interface{}{ + logger.InfoCF("telegram", "Telegram bot connected", map[string]any{ "username": c.bot.Username(), }) @@ -133,6 +132,7 @@ func (c *TelegramChannel) Start(ctx context.Context) error { return nil } + func (c *TelegramChannel) Stop(ctx context.Context) error { logger.InfoC("telegram", "Stopping Telegram bot...") c.setRunning(false) @@ -175,7 +175,7 @@ func (c *TelegramChannel) Send(ctx context.Context, msg bus.OutboundMessage) err tgMsg.ParseMode = telego.ModeHTML if _, err = c.bot.SendMessage(ctx, tgMsg); err != nil { - logger.ErrorCF("telegram", "HTML parse failed, falling back to plain text", map[string]interface{}{ + logger.ErrorCF("telegram", "HTML parse failed, falling back to plain text", map[string]any{ "error": err.Error(), }) tgMsg.ParseMode = "" @@ -203,7 +203,7 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes // ę£€ęŸ„ē™½åå•ļ¼Œéæ免äøŗč¢«ę‹’ē»ēš„ē”Øꈷäø‹č½½é™„件 if !c.IsAllowed(senderID) { - logger.DebugCF("telegram", "Message rejected by allowlist", map[string]interface{}{ + logger.DebugCF("telegram", "Message rejected by allowlist", map[string]any{ "user_id": senderID, }) return nil @@ -220,7 +220,7 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes defer func() { for _, file := range localFiles { if err := os.Remove(file); err != nil { - logger.DebugCF("telegram", "Failed to cleanup temp file", map[string]interface{}{ + logger.DebugCF("telegram", "Failed to cleanup temp file", map[string]any{ "file": file, "error": err.Error(), }) @@ -265,14 +265,14 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes result, err := c.transcriber.Transcribe(ctx, voicePath) if err != nil { - logger.ErrorCF("telegram", "Voice transcription failed", map[string]interface{}{ + logger.ErrorCF("telegram", "Voice transcription failed", map[string]any{ "error": err.Error(), "path": voicePath, }) transcribedText = "[voice (transcription failed)]" } else { transcribedText = fmt.Sprintf("[voice transcription: %s]", result.Text) - logger.InfoCF("telegram", "Voice transcribed successfully", map[string]interface{}{ + logger.InfoCF("telegram", "Voice transcribed successfully", map[string]any{ "text": result.Text, }) } @@ -315,7 +315,7 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes content = "[empty message]" } - logger.DebugCF("telegram", "Received message", map[string]interface{}{ + logger.DebugCF("telegram", "Received message", map[string]any{ "sender_id": senderID, "chat_id": fmt.Sprintf("%d", chatID), "preview": utils.Truncate(content, 50), @@ -324,7 +324,7 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes // Thinking indicator err := c.bot.SendChatAction(ctx, tu.ChatAction(tu.ID(chatID), telego.ChatActionTyping)) if err != nil { - logger.ErrorCF("telegram", "Failed to send chat action", map[string]interface{}{ + logger.ErrorCF("telegram", "Failed to send chat action", map[string]any{ "error": err.Error(), }) } @@ -371,7 +371,7 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes func (c *TelegramChannel) downloadPhoto(ctx context.Context, fileID string) string { file, err := c.bot.GetFile(ctx, &telego.GetFileParams{FileID: fileID}) if err != nil { - logger.ErrorCF("telegram", "Failed to get photo file", map[string]interface{}{ + logger.ErrorCF("telegram", "Failed to get photo file", map[string]any{ "error": err.Error(), }) return "" @@ -386,7 +386,7 @@ func (c *TelegramChannel) downloadFileWithInfo(file *telego.File, ext string) st } url := c.bot.FileDownloadURL(file.FilePath) - logger.DebugCF("telegram", "File URL", map[string]interface{}{"url": url}) + logger.DebugCF("telegram", "File URL", map[string]any{"url": url}) // Use FilePath as filename for better identification filename := file.FilePath + ext @@ -398,7 +398,7 @@ func (c *TelegramChannel) downloadFileWithInfo(file *telego.File, ext string) st func (c *TelegramChannel) downloadFile(ctx context.Context, fileID, ext string) string { file, err := c.bot.GetFile(ctx, &telego.GetFileParams{FileID: fileID}) if err != nil { - logger.ErrorCF("telegram", "Failed to get file", map[string]interface{}{ + logger.ErrorCF("telegram", "Failed to get file", map[string]any{ "error": err.Error(), }) return "" @@ -456,7 +456,11 @@ func markdownToTelegramHTML(text string) string { for i, code := range codeBlocks.codes { escaped := escapeHTML(code) - text = strings.ReplaceAll(text, fmt.Sprintf("\x00CB%d\x00", i), fmt.Sprintf("
%s
", escaped)) + text = strings.ReplaceAll( + text, + fmt.Sprintf("\x00CB%d\x00", i), + fmt.Sprintf("
%s
", escaped), + ) } return text diff --git a/pkg/channels/telegram_commands.go b/pkg/channels/telegram_commands.go index df245e156..a084b641b 100644 --- a/pkg/channels/telegram_commands.go +++ b/pkg/channels/telegram_commands.go @@ -6,6 +6,7 @@ import ( "strings" "github.com/mymmrac/telego" + "github.com/sipeed/picoclaw/pkg/config" ) @@ -35,6 +36,7 @@ func commandArgs(text string) string { } return strings.TrimSpace(parts[1]) } + func (c *cmd) Help(ctx context.Context, message telego.Message) error { msg := `/start - Start the bot /help - Show this help message @@ -96,6 +98,7 @@ func (c *cmd) Show(ctx context.Context, message telego.Message) error { }) return err } + func (c *cmd) List(ctx context.Context, message telego.Message) error { args := commandArgs(message.Text) if args == "" { diff --git a/pkg/channels/whatsapp.go b/pkg/channels/whatsapp.go index c95e59578..6634f2722 100644 --- a/pkg/channels/whatsapp.go +++ b/pkg/channels/whatsapp.go @@ -86,7 +86,7 @@ func (c *WhatsAppChannel) Send(ctx context.Context, msg bus.OutboundMessage) err return fmt.Errorf("whatsapp connection not established") } - payload := map[string]interface{}{ + payload := map[string]any{ "type": "message", "to": msg.ChatID, "content": msg.Content, @@ -126,7 +126,7 @@ func (c *WhatsAppChannel) listen(ctx context.Context) { continue } - var msg map[string]interface{} + var msg map[string]any if err := json.Unmarshal(message, &msg); err != nil { log.Printf("Failed to unmarshal WhatsApp message: %v", err) continue @@ -144,7 +144,7 @@ func (c *WhatsAppChannel) listen(ctx context.Context) { } } -func (c *WhatsAppChannel) handleIncomingMessage(msg map[string]interface{}) { +func (c *WhatsAppChannel) handleIncomingMessage(msg map[string]any) { senderID, ok := msg["from"].(string) if !ok { return @@ -161,7 +161,7 @@ func (c *WhatsAppChannel) handleIncomingMessage(msg map[string]interface{}) { } var mediaPaths []string - if mediaData, ok := msg["media"].([]interface{}); ok { + if mediaData, ok := msg["media"].([]any); ok { mediaPaths = make([]string, 0, len(mediaData)) for _, m := range mediaData { if path, ok := m.(string); ok { diff --git a/pkg/config/config.go b/pkg/config/config.go index 682996bd6..306fc1f34 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -23,7 +23,7 @@ func (f *FlexibleStringSlice) UnmarshalJSON(data []byte) error { } // Try []interface{} to handle mixed types - var raw []interface{} + var raw []any if err := json.Unmarshal(data, &raw); err != nil { return err } @@ -139,16 +139,16 @@ type SessionConfig struct { } type AgentDefaults struct { - Workspace string `json:"workspace" env:"PICOCLAW_AGENTS_DEFAULTS_WORKSPACE"` - RestrictToWorkspace bool `json:"restrict_to_workspace" env:"PICOCLAW_AGENTS_DEFAULTS_RESTRICT_TO_WORKSPACE"` - Provider string `json:"provider" env:"PICOCLAW_AGENTS_DEFAULTS_PROVIDER"` - Model string `json:"model" env:"PICOCLAW_AGENTS_DEFAULTS_MODEL"` + Workspace string `json:"workspace" env:"PICOCLAW_AGENTS_DEFAULTS_WORKSPACE"` + RestrictToWorkspace bool `json:"restrict_to_workspace" env:"PICOCLAW_AGENTS_DEFAULTS_RESTRICT_TO_WORKSPACE"` + Provider string `json:"provider" env:"PICOCLAW_AGENTS_DEFAULTS_PROVIDER"` + Model string `json:"model" env:"PICOCLAW_AGENTS_DEFAULTS_MODEL"` ModelFallbacks []string `json:"model_fallbacks,omitempty"` - ImageModel string `json:"image_model,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_IMAGE_MODEL"` + ImageModel string `json:"image_model,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_IMAGE_MODEL"` ImageModelFallbacks []string `json:"image_model_fallbacks,omitempty"` - MaxTokens int `json:"max_tokens" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOKENS"` - Temperature float64 `json:"temperature" env:"PICOCLAW_AGENTS_DEFAULTS_TEMPERATURE"` - MaxToolIterations int `json:"max_tool_iterations" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOOL_ITERATIONS"` + MaxTokens int `json:"max_tokens" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOKENS"` + Temperature float64 `json:"temperature" env:"PICOCLAW_AGENTS_DEFAULTS_TEMPERATURE"` + MaxToolIterations int `json:"max_tool_iterations" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOOL_ITERATIONS"` } type ChannelsConfig struct { @@ -165,87 +165,87 @@ type ChannelsConfig struct { } type WhatsAppConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WHATSAPP_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WHATSAPP_ENABLED"` BridgeURL string `json:"bridge_url" env:"PICOCLAW_CHANNELS_WHATSAPP_BRIDGE_URL"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_WHATSAPP_ALLOW_FROM"` } type TelegramConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_TELEGRAM_ENABLED"` - Token string `json:"token" env:"PICOCLAW_CHANNELS_TELEGRAM_TOKEN"` - Proxy string `json:"proxy" env:"PICOCLAW_CHANNELS_TELEGRAM_PROXY"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_TELEGRAM_ENABLED"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_TELEGRAM_TOKEN"` + Proxy string `json:"proxy" env:"PICOCLAW_CHANNELS_TELEGRAM_PROXY"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_TELEGRAM_ALLOW_FROM"` } type FeishuConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_FEISHU_ENABLED"` - AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_FEISHU_APP_ID"` - AppSecret string `json:"app_secret" env:"PICOCLAW_CHANNELS_FEISHU_APP_SECRET"` - EncryptKey string `json:"encrypt_key" env:"PICOCLAW_CHANNELS_FEISHU_ENCRYPT_KEY"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_FEISHU_ENABLED"` + AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_FEISHU_APP_ID"` + AppSecret string `json:"app_secret" env:"PICOCLAW_CHANNELS_FEISHU_APP_SECRET"` + EncryptKey string `json:"encrypt_key" env:"PICOCLAW_CHANNELS_FEISHU_ENCRYPT_KEY"` VerificationToken string `json:"verification_token" env:"PICOCLAW_CHANNELS_FEISHU_VERIFICATION_TOKEN"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_FEISHU_ALLOW_FROM"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_FEISHU_ALLOW_FROM"` } type DiscordConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DISCORD_ENABLED"` - Token string `json:"token" env:"PICOCLAW_CHANNELS_DISCORD_TOKEN"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DISCORD_ENABLED"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_DISCORD_TOKEN"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DISCORD_ALLOW_FROM"` } type MaixCamConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_MAIXCAM_ENABLED"` - Host string `json:"host" env:"PICOCLAW_CHANNELS_MAIXCAM_HOST"` - Port int `json:"port" env:"PICOCLAW_CHANNELS_MAIXCAM_PORT"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_MAIXCAM_ENABLED"` + Host string `json:"host" env:"PICOCLAW_CHANNELS_MAIXCAM_HOST"` + Port int `json:"port" env:"PICOCLAW_CHANNELS_MAIXCAM_PORT"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_MAIXCAM_ALLOW_FROM"` } type QQConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_QQ_ENABLED"` - AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_QQ_APP_ID"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_QQ_ENABLED"` + AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_QQ_APP_ID"` AppSecret string `json:"app_secret" env:"PICOCLAW_CHANNELS_QQ_APP_SECRET"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_QQ_ALLOW_FROM"` } type DingTalkConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DINGTALK_ENABLED"` - ClientID string `json:"client_id" env:"PICOCLAW_CHANNELS_DINGTALK_CLIENT_ID"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DINGTALK_ENABLED"` + ClientID string `json:"client_id" env:"PICOCLAW_CHANNELS_DINGTALK_CLIENT_ID"` ClientSecret string `json:"client_secret" env:"PICOCLAW_CHANNELS_DINGTALK_CLIENT_SECRET"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DINGTALK_ALLOW_FROM"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DINGTALK_ALLOW_FROM"` } type SlackConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_SLACK_ENABLED"` - BotToken string `json:"bot_token" env:"PICOCLAW_CHANNELS_SLACK_BOT_TOKEN"` - AppToken string `json:"app_token" env:"PICOCLAW_CHANNELS_SLACK_APP_TOKEN"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_SLACK_ENABLED"` + BotToken string `json:"bot_token" env:"PICOCLAW_CHANNELS_SLACK_BOT_TOKEN"` + AppToken string `json:"app_token" env:"PICOCLAW_CHANNELS_SLACK_APP_TOKEN"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_SLACK_ALLOW_FROM"` } type LINEConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_LINE_ENABLED"` - ChannelSecret string `json:"channel_secret" env:"PICOCLAW_CHANNELS_LINE_CHANNEL_SECRET"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_LINE_ENABLED"` + ChannelSecret string `json:"channel_secret" env:"PICOCLAW_CHANNELS_LINE_CHANNEL_SECRET"` ChannelAccessToken string `json:"channel_access_token" env:"PICOCLAW_CHANNELS_LINE_CHANNEL_ACCESS_TOKEN"` - WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_HOST"` - WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PORT"` - WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PATH"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_LINE_ALLOW_FROM"` + WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_HOST"` + WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PORT"` + WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PATH"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_LINE_ALLOW_FROM"` } type OneBotConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_ONEBOT_ENABLED"` - WSUrl string `json:"ws_url" env:"PICOCLAW_CHANNELS_ONEBOT_WS_URL"` - AccessToken string `json:"access_token" env:"PICOCLAW_CHANNELS_ONEBOT_ACCESS_TOKEN"` - ReconnectInterval int `json:"reconnect_interval" env:"PICOCLAW_CHANNELS_ONEBOT_RECONNECT_INTERVAL"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_ONEBOT_ENABLED"` + WSUrl string `json:"ws_url" env:"PICOCLAW_CHANNELS_ONEBOT_WS_URL"` + AccessToken string `json:"access_token" env:"PICOCLAW_CHANNELS_ONEBOT_ACCESS_TOKEN"` + ReconnectInterval int `json:"reconnect_interval" env:"PICOCLAW_CHANNELS_ONEBOT_RECONNECT_INTERVAL"` GroupTriggerPrefix []string `json:"group_trigger_prefix" env:"PICOCLAW_CHANNELS_ONEBOT_GROUP_TRIGGER_PREFIX"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_ONEBOT_ALLOW_FROM"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_ONEBOT_ALLOW_FROM"` } type HeartbeatConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_HEARTBEAT_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_HEARTBEAT_ENABLED"` Interval int `json:"interval" env:"PICOCLAW_HEARTBEAT_INTERVAL"` // minutes, min 5 } type DevicesConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_DEVICES_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_DEVICES_ENABLED"` MonitorUSB bool `json:"monitor_usb" env:"PICOCLAW_DEVICES_MONITOR_USB"` } @@ -266,11 +266,11 @@ type ProvidersConfig struct { } type ProviderConfig struct { - APIKey string `json:"api_key" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_KEY"` - APIBase string `json:"api_base" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_BASE"` - Proxy string `json:"proxy,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_PROXY"` - AuthMethod string `json:"auth_method,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_AUTH_METHOD"` - ConnectMode string `json:"connect_mode,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_CONNECT_MODE"` //only for Github Copilot, `stdio` or `grpc` + APIKey string `json:"api_key" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_KEY"` + APIBase string `json:"api_base" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_BASE"` + Proxy string `json:"proxy,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_PROXY"` + AuthMethod string `json:"auth_method,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_AUTH_METHOD"` + ConnectMode string `json:"connect_mode,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_CONNECT_MODE"` // only for Github Copilot, `stdio` or `grpc` } type OpenAIProviderConfig struct { @@ -284,19 +284,19 @@ type GatewayConfig struct { } type BraveConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_BRAVE_ENABLED"` - APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_BRAVE_API_KEY"` + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_BRAVE_ENABLED"` + APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_BRAVE_API_KEY"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_BRAVE_MAX_RESULTS"` } type DuckDuckGoConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_ENABLED"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_MAX_RESULTS"` } type PerplexityConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_ENABLED"` - APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_API_KEY"` + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_ENABLED"` + APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_API_KEY"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_MAX_RESULTS"` } @@ -483,11 +483,11 @@ func SaveConfig(path string, cfg *Config) error { } dir := filepath.Dir(path) - if err := os.MkdirAll(dir, 0755); err != nil { + if err := os.MkdirAll(dir, 0o755); err != nil { return err } - return os.WriteFile(path, data, 0600) + return os.WriteFile(path, data, 0o600) } func (c *Config) WorkspacePath() string { diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index 47916d155..8da0d214f 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -55,7 +55,7 @@ func TestAgentModelConfig_MarshalObject(t *testing.T) { if err != nil { t.Fatalf("marshal: %v", err) } - var result map[string]interface{} + var result map[string]any json.Unmarshal(data, &result) if result["primary"] != "claude-opus" { t.Errorf("primary = %v", result["primary"]) @@ -319,7 +319,7 @@ func TestSaveConfig_FilePermissions(t *testing.T) { } perm := info.Mode().Perm() - if perm != 0600 { + if perm != 0o600 { t.Errorf("config file has permission %04o, want 0600", perm) } } diff --git a/pkg/cron/service.go b/pkg/cron/service.go index 9f62c743b..e699a44b5 100644 --- a/pkg/cron/service.go +++ b/pkg/cron/service.go @@ -331,7 +331,7 @@ func (cs *CronService) loadStore() error { func (cs *CronService) saveStoreUnsafe() error { dir := filepath.Dir(cs.storePath) - if err := os.MkdirAll(dir, 0755); err != nil { + if err := os.MkdirAll(dir, 0o755); err != nil { return err } @@ -340,10 +340,16 @@ func (cs *CronService) saveStoreUnsafe() error { return err } - return os.WriteFile(cs.storePath, data, 0600) + return os.WriteFile(cs.storePath, data, 0o600) } -func (cs *CronService) AddJob(name string, schedule CronSchedule, message string, deliver bool, channel, to string) (*CronJob, error) { +func (cs *CronService) AddJob( + name string, + schedule CronSchedule, + message string, + deliver bool, + channel, to string, +) (*CronJob, error) { cs.mu.Lock() defer cs.mu.Unlock() @@ -465,7 +471,7 @@ func (cs *CronService) ListJobs(includeDisabled bool) []CronJob { return enabled } -func (cs *CronService) Status() map[string]interface{} { +func (cs *CronService) Status() map[string]any { cs.mu.RLock() defer cs.mu.RUnlock() @@ -476,7 +482,7 @@ func (cs *CronService) Status() map[string]interface{} { } } - return map[string]interface{}{ + return map[string]any{ "enabled": cs.running, "jobs": len(cs.store.Jobs), "nextWakeAtMS": cs.getNextWakeMS(), diff --git a/pkg/cron/service_test.go b/pkg/cron/service_test.go index 53d69f6a9..1a0dd1829 100644 --- a/pkg/cron/service_test.go +++ b/pkg/cron/service_test.go @@ -28,7 +28,7 @@ func TestSaveStore_FilePermissions(t *testing.T) { } perm := info.Mode().Perm() - if perm != 0600 { + if perm != 0o600 { t.Errorf("cron store has permission %04o, want 0600", perm) } } diff --git a/pkg/devices/service.go b/pkg/devices/service.go index 05a254729..1541d3c57 100644 --- a/pkg/devices/service.go +++ b/pkg/devices/service.go @@ -63,14 +63,14 @@ func (s *Service) Start(ctx context.Context) error { for _, src := range s.sources { eventCh, err := src.Start(s.ctx) if err != nil { - logger.ErrorCF("devices", "Failed to start source", map[string]interface{}{ + logger.ErrorCF("devices", "Failed to start source", map[string]any{ "kind": src.Kind(), "error": err.Error(), }) continue } go s.handleEvents(src.Kind(), eventCh) - logger.InfoCF("devices", "Device source started", map[string]interface{}{ + logger.InfoCF("devices", "Device source started", map[string]any{ "kind": src.Kind(), }) } @@ -115,7 +115,7 @@ func (s *Service) sendNotification(ev *events.DeviceEvent) { lastChannel := s.state.GetLastChannel() if lastChannel == "" { - logger.DebugCF("devices", "No last channel, skipping notification", map[string]interface{}{ + logger.DebugCF("devices", "No last channel, skipping notification", map[string]any{ "event": ev.FormatMessage(), }) return @@ -133,7 +133,7 @@ func (s *Service) sendNotification(ev *events.DeviceEvent) { Content: msg, }) - logger.InfoCF("devices", "Device notification sent", map[string]interface{}{ + logger.InfoCF("devices", "Device notification sent", map[string]any{ "kind": ev.Kind, "action": ev.Action, "to": platform, diff --git a/pkg/devices/sources/usb_linux.go b/pkg/devices/sources/usb_linux.go index 1f6c068b3..be0193cfb 100644 --- a/pkg/devices/sources/usb_linux.go +++ b/pkg/devices/sources/usb_linux.go @@ -115,7 +115,7 @@ func (m *USBMonitor) Start(ctx context.Context) (<-chan *events.DeviceEvent, err } if err := scanner.Err(); err != nil { - logger.ErrorCF("devices", "udevadm scan error", map[string]interface{}{"error": err.Error()}) + logger.ErrorCF("devices", "udevadm scan error", map[string]any{"error": err.Error()}) } cmd.Wait() }() diff --git a/pkg/heartbeat/service.go b/pkg/heartbeat/service.go index dfdaef58b..75d6248b9 100644 --- a/pkg/heartbeat/service.go +++ b/pkg/heartbeat/service.go @@ -193,7 +193,7 @@ func (hs *HeartbeatService) executeHeartbeat() { if result.Async { hs.logInfo("Async task started: %s", result.ForLLM) logger.InfoCF("heartbeat", "Async heartbeat task started", - map[string]interface{}{ + map[string]any{ "message": result.ForLLM, }) return @@ -275,7 +275,7 @@ This file contains tasks for the heartbeat service to check periodically. Add your heartbeat tasks below this line: ` - if err := os.WriteFile(heartbeatPath, []byte(defaultContent), 0644); err != nil { + if err := os.WriteFile(heartbeatPath, []byte(defaultContent), 0o644); err != nil { hs.logError("Failed to create default HEARTBEAT.md: %v", err) } else { hs.logInfo("Created default HEARTBEAT.md template") @@ -354,7 +354,7 @@ func (hs *HeartbeatService) logError(format string, args ...any) { // log writes a message to the heartbeat log file func (hs *HeartbeatService) log(level, format string, args ...any) { logFile := filepath.Join(hs.workspace, "heartbeat.log") - f, err := os.OpenFile(logFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) + f, err := os.OpenFile(logFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644) if err != nil { return } diff --git a/pkg/heartbeat/service_test.go b/pkg/heartbeat/service_test.go index a2b59e350..a4dfa7a72 100644 --- a/pkg/heartbeat/service_test.go +++ b/pkg/heartbeat/service_test.go @@ -37,7 +37,7 @@ func TestExecuteHeartbeat_Async(t *testing.T) { }) // Create HEARTBEAT.md - os.WriteFile(filepath.Join(tmpDir, "HEARTBEAT.md"), []byte("Test task"), 0644) + os.WriteFile(filepath.Join(tmpDir, "HEARTBEAT.md"), []byte("Test task"), 0o644) // Execute heartbeat directly (internal method for testing) hs.executeHeartbeat() @@ -68,7 +68,7 @@ func TestExecuteHeartbeat_Error(t *testing.T) { }) // Create HEARTBEAT.md - os.WriteFile(filepath.Join(tmpDir, "HEARTBEAT.md"), []byte("Test task"), 0644) + os.WriteFile(filepath.Join(tmpDir, "HEARTBEAT.md"), []byte("Test task"), 0o644) hs.executeHeartbeat() @@ -106,7 +106,7 @@ func TestExecuteHeartbeat_Silent(t *testing.T) { }) // Create HEARTBEAT.md - os.WriteFile(filepath.Join(tmpDir, "HEARTBEAT.md"), []byte("Test task"), 0644) + os.WriteFile(filepath.Join(tmpDir, "HEARTBEAT.md"), []byte("Test task"), 0o644) hs.executeHeartbeat() @@ -174,7 +174,7 @@ func TestExecuteHeartbeat_NilResult(t *testing.T) { }) // Create HEARTBEAT.md - os.WriteFile(filepath.Join(tmpDir, "HEARTBEAT.md"), []byte("Test task"), 0644) + os.WriteFile(filepath.Join(tmpDir, "HEARTBEAT.md"), []byte("Test task"), 0o644) // Should not panic with nil result hs.executeHeartbeat() diff --git a/pkg/logger/logger.go b/pkg/logger/logger.go index 22f66829f..54de66bf9 100644 --- a/pkg/logger/logger.go +++ b/pkg/logger/logger.go @@ -41,12 +41,12 @@ type Logger struct { } type LogEntry struct { - Level string `json:"level"` - Timestamp string `json:"timestamp"` - Component string `json:"component,omitempty"` - Message string `json:"message"` - Fields map[string]interface{} `json:"fields,omitempty"` - Caller string `json:"caller,omitempty"` + Level string `json:"level"` + Timestamp string `json:"timestamp"` + Component string `json:"component,omitempty"` + Message string `json:"message"` + Fields map[string]any `json:"fields,omitempty"` + Caller string `json:"caller,omitempty"` } func init() { @@ -71,7 +71,7 @@ func EnableFileLogging(filePath string) error { mu.Lock() defer mu.Unlock() - file, err := os.OpenFile(filePath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0644) + file, err := os.OpenFile(filePath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0o644) if err != nil { return fmt.Errorf("failed to open log file: %w", err) } @@ -96,7 +96,7 @@ func DisableFileLogging() { } } -func logMessage(level LogLevel, component string, message string, fields map[string]interface{}) { +func logMessage(level LogLevel, component string, message string, fields map[string]any) { if level < currentLevel { return } @@ -150,7 +150,7 @@ func formatComponent(component string) string { return fmt.Sprintf(" %s:", component) } -func formatFields(fields map[string]interface{}) string { +func formatFields(fields map[string]any) string { var parts []string for k, v := range fields { parts = append(parts, fmt.Sprintf("%s=%v", k, v)) @@ -166,11 +166,11 @@ func DebugC(component string, message string) { logMessage(DEBUG, component, message, nil) } -func DebugF(message string, fields map[string]interface{}) { +func DebugF(message string, fields map[string]any) { logMessage(DEBUG, "", message, fields) } -func DebugCF(component string, message string, fields map[string]interface{}) { +func DebugCF(component string, message string, fields map[string]any) { logMessage(DEBUG, component, message, fields) } @@ -182,11 +182,11 @@ func InfoC(component string, message string) { logMessage(INFO, component, message, nil) } -func InfoF(message string, fields map[string]interface{}) { +func InfoF(message string, fields map[string]any) { logMessage(INFO, "", message, fields) } -func InfoCF(component string, message string, fields map[string]interface{}) { +func InfoCF(component string, message string, fields map[string]any) { logMessage(INFO, component, message, fields) } @@ -198,11 +198,11 @@ func WarnC(component string, message string) { logMessage(WARN, component, message, nil) } -func WarnF(message string, fields map[string]interface{}) { +func WarnF(message string, fields map[string]any) { logMessage(WARN, "", message, fields) } -func WarnCF(component string, message string, fields map[string]interface{}) { +func WarnCF(component string, message string, fields map[string]any) { logMessage(WARN, component, message, fields) } @@ -214,11 +214,11 @@ func ErrorC(component string, message string) { logMessage(ERROR, component, message, nil) } -func ErrorF(message string, fields map[string]interface{}) { +func ErrorF(message string, fields map[string]any) { logMessage(ERROR, "", message, fields) } -func ErrorCF(component string, message string, fields map[string]interface{}) { +func ErrorCF(component string, message string, fields map[string]any) { logMessage(ERROR, component, message, fields) } @@ -230,10 +230,10 @@ func FatalC(component string, message string) { logMessage(FATAL, component, message, nil) } -func FatalF(message string, fields map[string]interface{}) { +func FatalF(message string, fields map[string]any) { logMessage(FATAL, "", message, fields) } -func FatalCF(component string, message string, fields map[string]interface{}) { +func FatalCF(component string, message string, fields map[string]any) { logMessage(FATAL, component, message, fields) } diff --git a/pkg/logger/logger_test.go b/pkg/logger/logger_test.go index 9b9c96820..6e6f8dfa8 100644 --- a/pkg/logger/logger_test.go +++ b/pkg/logger/logger_test.go @@ -54,11 +54,11 @@ func TestLoggerWithComponent(t *testing.T) { name string component string message string - fields map[string]interface{} + fields map[string]any }{ {"Simple message", "test", "Hello, world!", nil}, {"Message with component", "discord", "Discord message", nil}, - {"Message with fields", "telegram", "Telegram message", map[string]interface{}{ + {"Message with fields", "telegram", "Telegram message", map[string]any{ "user_id": "12345", "count": 42, }}, @@ -128,12 +128,12 @@ func TestLoggerHelperFunctions(t *testing.T) { Error("This should log") InfoC("test", "Component message") - InfoF("Fields message", map[string]interface{}{"key": "value"}) + InfoF("Fields message", map[string]any{"key": "value"}) WarnC("test", "Warning with component") - ErrorF("Error with fields", map[string]interface{}{"error": "test"}) + ErrorF("Error with fields", map[string]any{"error": "test"}) SetLevel(DEBUG) DebugC("test", "Debug with component") - WarnF("Warning with fields", map[string]interface{}{"key": "value"}) + WarnF("Warning with fields", map[string]any{"key": "value"}) } diff --git a/pkg/migrate/config.go b/pkg/migrate/config.go index 57032e566..c7b1acb58 100644 --- a/pkg/migrate/config.go +++ b/pkg/migrate/config.go @@ -44,26 +44,26 @@ func findOpenClawConfig(openclawHome string) (string, error) { return "", fmt.Errorf("no config file found in %s (tried openclaw.json, config.json)", openclawHome) } -func LoadOpenClawConfig(configPath string) (map[string]interface{}, error) { +func LoadOpenClawConfig(configPath string) (map[string]any, error) { data, err := os.ReadFile(configPath) if err != nil { return nil, fmt.Errorf("reading OpenClaw config: %w", err) } - var raw map[string]interface{} + var raw map[string]any if err := json.Unmarshal(data, &raw); err != nil { return nil, fmt.Errorf("parsing OpenClaw config: %w", err) } converted := convertKeysToSnake(raw) - result, ok := converted.(map[string]interface{}) + result, ok := converted.(map[string]any) if !ok { return nil, fmt.Errorf("unexpected config format") } return result, nil } -func ConvertConfig(data map[string]interface{}) (*config.Config, []string, error) { +func ConvertConfig(data map[string]any) (*config.Config, []string, error) { cfg := config.DefaultConfig() var warnings []string @@ -89,7 +89,7 @@ func ConvertConfig(data map[string]interface{}) (*config.Config, []string, error if providers, ok := getMap(data, "providers"); ok { for name, val := range providers { - pMap, ok := val.(map[string]interface{}) + pMap, ok := val.(map[string]any) if !ok { continue } @@ -128,7 +128,7 @@ func ConvertConfig(data map[string]interface{}) (*config.Config, []string, error if channels, ok := getMap(data, "channels"); ok { for name, val := range channels { - cMap, ok := val.(map[string]interface{}) + cMap, ok := val.(map[string]any) if !ok { continue } @@ -306,16 +306,16 @@ func camelToSnake(s string) string { return result.String() } -func convertKeysToSnake(data interface{}) interface{} { +func convertKeysToSnake(data any) any { switch v := data.(type) { - case map[string]interface{}: - result := make(map[string]interface{}, len(v)) + case map[string]any: + result := make(map[string]any, len(v)) for key, val := range v { result[camelToSnake(key)] = convertKeysToSnake(val) } return result - case []interface{}: - result := make([]interface{}, len(v)) + case []any: + result := make([]any, len(v)) for i, val := range v { result[i] = convertKeysToSnake(val) } @@ -330,16 +330,16 @@ func rewriteWorkspacePath(path string) string { return path } -func getMap(data map[string]interface{}, key string) (map[string]interface{}, bool) { +func getMap(data map[string]any, key string) (map[string]any, bool) { v, ok := data[key] if !ok { return nil, false } - m, ok := v.(map[string]interface{}) + m, ok := v.(map[string]any) return m, ok } -func getString(data map[string]interface{}, key string) (string, bool) { +func getString(data map[string]any, key string) (string, bool) { v, ok := data[key] if !ok { return "", false @@ -348,7 +348,7 @@ func getString(data map[string]interface{}, key string) (string, bool) { return s, ok } -func getFloat(data map[string]interface{}, key string) (float64, bool) { +func getFloat(data map[string]any, key string) (float64, bool) { v, ok := data[key] if !ok { return 0, false @@ -357,7 +357,7 @@ func getFloat(data map[string]interface{}, key string) (float64, bool) { return f, ok } -func getBool(data map[string]interface{}, key string) (bool, bool) { +func getBool(data map[string]any, key string) (bool, bool) { v, ok := data[key] if !ok { return false, false @@ -366,19 +366,19 @@ func getBool(data map[string]interface{}, key string) (bool, bool) { return b, ok } -func getBoolOrDefault(data map[string]interface{}, key string, defaultVal bool) bool { +func getBoolOrDefault(data map[string]any, key string, defaultVal bool) bool { if v, ok := getBool(data, key); ok { return v } return defaultVal } -func getStringSlice(data map[string]interface{}, key string) []string { +func getStringSlice(data map[string]any, key string) []string { v, ok := data[key] if !ok { return []string{} } - arr, ok := v.([]interface{}) + arr, ok := v.([]any) if !ok { return []string{} } diff --git a/pkg/migrate/migrate.go b/pkg/migrate/migrate.go index 921f821cb..ab2635890 100644 --- a/pkg/migrate/migrate.go +++ b/pkg/migrate/migrate.go @@ -161,7 +161,7 @@ func Execute(actions []Action, openclawHome, picoClawHome string) *Result { fmt.Printf(" āœ“ Converted config: %s\n", action.Destination) } case ActionCreateDir: - if err := os.MkdirAll(action.Destination, 0755); err != nil { + if err := os.MkdirAll(action.Destination, 0o755); err != nil { result.Errors = append(result.Errors, err) } else { result.DirsCreated++ @@ -174,9 +174,13 @@ func Execute(actions []Action, openclawHome, picoClawHome string) *Result { continue } result.BackupsCreated++ - fmt.Printf(" āœ“ Backed up %s -> %s.bak\n", filepath.Base(action.Destination), filepath.Base(action.Destination)) + fmt.Printf( + " āœ“ Backed up %s -> %s.bak\n", + filepath.Base(action.Destination), + filepath.Base(action.Destination), + ) - if err := os.MkdirAll(filepath.Dir(action.Destination), 0755); err != nil { + if err := os.MkdirAll(filepath.Dir(action.Destination), 0o755); err != nil { result.Errors = append(result.Errors, err) continue } @@ -188,7 +192,7 @@ func Execute(actions []Action, openclawHome, picoClawHome string) *Result { fmt.Printf(" āœ“ Copied %s\n", relPath(action.Source, openclawHome)) } case ActionCopy: - if err := os.MkdirAll(filepath.Dir(action.Destination), 0755); err != nil { + if err := os.MkdirAll(filepath.Dir(action.Destination), 0o755); err != nil { result.Errors = append(result.Errors, err) continue } @@ -226,7 +230,7 @@ func executeConfigMigration(srcConfigPath, dstConfigPath, picoClawHome string) e incoming = MergeConfig(existing, incoming) } - if err := os.MkdirAll(filepath.Dir(dstConfigPath), 0755); err != nil { + if err := os.MkdirAll(filepath.Dir(dstConfigPath), 0o755); err != nil { return err } return config.SaveConfig(dstConfigPath, incoming) diff --git a/pkg/migrate/migrate_test.go b/pkg/migrate/migrate_test.go index e930d45f4..a7c4b5337 100644 --- a/pkg/migrate/migrate_test.go +++ b/pkg/migrate/migrate_test.go @@ -40,20 +40,20 @@ func TestCamelToSnake(t *testing.T) { } func TestConvertKeysToSnake(t *testing.T) { - input := map[string]interface{}{ + input := map[string]any{ "apiKey": "test-key", "apiBase": "https://example.com", - "nested": map[string]interface{}{ + "nested": map[string]any{ "maxTokens": float64(8192), - "allowFrom": []interface{}{"user1", "user2"}, - "deeperLevel": map[string]interface{}{ + "allowFrom": []any{"user1", "user2"}, + "deeperLevel": map[string]any{ "clientId": "abc", }, }, } result := convertKeysToSnake(input) - m, ok := result.(map[string]interface{}) + m, ok := result.(map[string]any) if !ok { t.Fatal("expected map[string]interface{}") } @@ -65,7 +65,7 @@ func TestConvertKeysToSnake(t *testing.T) { t.Error("expected key 'api_base' after conversion") } - nested, ok := m["nested"].(map[string]interface{}) + nested, ok := m["nested"].(map[string]any) if !ok { t.Fatal("expected nested map") } @@ -76,7 +76,7 @@ func TestConvertKeysToSnake(t *testing.T) { t.Error("expected key 'allow_from' in nested map") } - deeper, ok := nested["deeper_level"].(map[string]interface{}) + deeper, ok := nested["deeper_level"].(map[string]any) if !ok { t.Fatal("expected deeper_level map") } @@ -89,15 +89,15 @@ func TestLoadOpenClawConfig(t *testing.T) { tmpDir := t.TempDir() configPath := filepath.Join(tmpDir, "openclaw.json") - openclawConfig := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + openclawConfig := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "sk-ant-test123", "apiBase": "https://api.anthropic.com", }, }, - "agents": map[string]interface{}{ - "defaults": map[string]interface{}{ + "agents": map[string]any{ + "defaults": map[string]any{ "maxTokens": float64(4096), "model": "claude-3-opus", }, @@ -108,7 +108,7 @@ func TestLoadOpenClawConfig(t *testing.T) { if err != nil { t.Fatal(err) } - if err := os.WriteFile(configPath, data, 0644); err != nil { + if err := os.WriteFile(configPath, data, 0o644); err != nil { t.Fatal(err) } @@ -117,11 +117,11 @@ func TestLoadOpenClawConfig(t *testing.T) { t.Fatalf("LoadOpenClawConfig: %v", err) } - providers, ok := result["providers"].(map[string]interface{}) + providers, ok := result["providers"].(map[string]any) if !ok { t.Fatal("expected providers map") } - anthropic, ok := providers["anthropic"].(map[string]interface{}) + anthropic, ok := providers["anthropic"].(map[string]any) if !ok { t.Fatal("expected anthropic map") } @@ -129,11 +129,11 @@ func TestLoadOpenClawConfig(t *testing.T) { t.Errorf("api_key = %v, want sk-ant-test123", anthropic["api_key"]) } - agents, ok := result["agents"].(map[string]interface{}) + agents, ok := result["agents"].(map[string]any) if !ok { t.Fatal("expected agents map") } - defaults, ok := agents["defaults"].(map[string]interface{}) + defaults, ok := agents["defaults"].(map[string]any) if !ok { t.Fatal("expected defaults map") } @@ -144,16 +144,16 @@ func TestLoadOpenClawConfig(t *testing.T) { func TestConvertConfig(t *testing.T) { t.Run("providers mapping", func(t *testing.T) { - data := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + data := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "api_key": "sk-ant-test", "api_base": "https://api.anthropic.com", }, - "openrouter": map[string]interface{}{ + "openrouter": map[string]any{ "api_key": "sk-or-test", }, - "groq": map[string]interface{}{ + "groq": map[string]any{ "api_key": "gsk-test", }, }, @@ -178,9 +178,9 @@ func TestConvertConfig(t *testing.T) { }) t.Run("unsupported provider warning", func(t *testing.T) { - data := map[string]interface{}{ - "providers": map[string]interface{}{ - "deepseek": map[string]interface{}{ + data := map[string]any{ + "providers": map[string]any{ + "deepseek": map[string]any{ "api_key": "sk-deep-test", }, }, @@ -199,14 +199,14 @@ func TestConvertConfig(t *testing.T) { }) t.Run("channels mapping", func(t *testing.T) { - data := map[string]interface{}{ - "channels": map[string]interface{}{ - "telegram": map[string]interface{}{ + data := map[string]any{ + "channels": map[string]any{ + "telegram": map[string]any{ "enabled": true, "token": "tg-token-123", - "allow_from": []interface{}{"user1"}, + "allow_from": []any{"user1"}, }, - "discord": map[string]interface{}{ + "discord": map[string]any{ "enabled": true, "token": "disc-token-456", }, @@ -232,9 +232,9 @@ func TestConvertConfig(t *testing.T) { }) t.Run("unsupported channel warning", func(t *testing.T) { - data := map[string]interface{}{ - "channels": map[string]interface{}{ - "email": map[string]interface{}{ + data := map[string]any{ + "channels": map[string]any{ + "email": map[string]any{ "enabled": true, }, }, @@ -253,9 +253,9 @@ func TestConvertConfig(t *testing.T) { }) t.Run("agent defaults", func(t *testing.T) { - data := map[string]interface{}{ - "agents": map[string]interface{}{ - "defaults": map[string]interface{}{ + data := map[string]any{ + "agents": map[string]any{ + "defaults": map[string]any{ "model": "claude-3-opus", "max_tokens": float64(4096), "temperature": 0.5, @@ -284,7 +284,7 @@ func TestConvertConfig(t *testing.T) { }) t.Run("empty config", func(t *testing.T) { - data := map[string]interface{}{} + data := map[string]any{} cfg, warnings, err := ConvertConfig(data) if err != nil { @@ -386,9 +386,9 @@ func TestPlanWorkspaceMigration(t *testing.T) { srcDir := t.TempDir() dstDir := t.TempDir() - os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents"), 0644) - os.WriteFile(filepath.Join(srcDir, "SOUL.md"), []byte("# Soul"), 0644) - os.WriteFile(filepath.Join(srcDir, "USER.md"), []byte("# User"), 0644) + os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents"), 0o644) + os.WriteFile(filepath.Join(srcDir, "SOUL.md"), []byte("# Soul"), 0o644) + os.WriteFile(filepath.Join(srcDir, "USER.md"), []byte("# User"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, false) if err != nil { @@ -417,8 +417,8 @@ func TestPlanWorkspaceMigration(t *testing.T) { srcDir := t.TempDir() dstDir := t.TempDir() - os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents from OpenClaw"), 0644) - os.WriteFile(filepath.Join(dstDir, "AGENTS.md"), []byte("# Existing Agents"), 0644) + os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents from OpenClaw"), 0o644) + os.WriteFile(filepath.Join(dstDir, "AGENTS.md"), []byte("# Existing Agents"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, false) if err != nil { @@ -440,8 +440,8 @@ func TestPlanWorkspaceMigration(t *testing.T) { srcDir := t.TempDir() dstDir := t.TempDir() - os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents"), 0644) - os.WriteFile(filepath.Join(dstDir, "AGENTS.md"), []byte("# Existing"), 0644) + os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents"), 0o644) + os.WriteFile(filepath.Join(dstDir, "AGENTS.md"), []byte("# Existing"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, true) if err != nil { @@ -460,8 +460,8 @@ func TestPlanWorkspaceMigration(t *testing.T) { dstDir := t.TempDir() memDir := filepath.Join(srcDir, "memory") - os.MkdirAll(memDir, 0755) - os.WriteFile(filepath.Join(memDir, "MEMORY.md"), []byte("# Memory"), 0644) + os.MkdirAll(memDir, 0o755) + os.WriteFile(filepath.Join(memDir, "MEMORY.md"), []byte("# Memory"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, false) if err != nil { @@ -491,8 +491,8 @@ func TestPlanWorkspaceMigration(t *testing.T) { dstDir := t.TempDir() skillDir := filepath.Join(srcDir, "skills", "weather") - os.MkdirAll(skillDir, 0755) - os.WriteFile(filepath.Join(skillDir, "SKILL.md"), []byte("# Weather"), 0644) + os.MkdirAll(skillDir, 0o755) + os.WriteFile(filepath.Join(skillDir, "SKILL.md"), []byte("# Weather"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, false) if err != nil { @@ -515,7 +515,7 @@ func TestFindOpenClawConfig(t *testing.T) { t.Run("finds openclaw.json", func(t *testing.T) { tmpDir := t.TempDir() configPath := filepath.Join(tmpDir, "openclaw.json") - os.WriteFile(configPath, []byte("{}"), 0644) + os.WriteFile(configPath, []byte("{}"), 0o644) found, err := findOpenClawConfig(tmpDir) if err != nil { @@ -529,7 +529,7 @@ func TestFindOpenClawConfig(t *testing.T) { t.Run("falls back to config.json", func(t *testing.T) { tmpDir := t.TempDir() configPath := filepath.Join(tmpDir, "config.json") - os.WriteFile(configPath, []byte("{}"), 0644) + os.WriteFile(configPath, []byte("{}"), 0o644) found, err := findOpenClawConfig(tmpDir) if err != nil { @@ -543,8 +543,8 @@ func TestFindOpenClawConfig(t *testing.T) { t.Run("prefers openclaw.json over config.json", func(t *testing.T) { tmpDir := t.TempDir() openclawPath := filepath.Join(tmpDir, "openclaw.json") - os.WriteFile(openclawPath, []byte("{}"), 0644) - os.WriteFile(filepath.Join(tmpDir, "config.json"), []byte("{}"), 0644) + os.WriteFile(openclawPath, []byte("{}"), 0o644) + os.WriteFile(filepath.Join(tmpDir, "config.json"), []byte("{}"), 0o644) found, err := findOpenClawConfig(tmpDir) if err != nil { @@ -590,19 +590,19 @@ func TestRunDryRun(t *testing.T) { picoClawHome := t.TempDir() wsDir := filepath.Join(openclawHome, "workspace") - os.MkdirAll(wsDir, 0755) - os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0644) - os.WriteFile(filepath.Join(wsDir, "AGENTS.md"), []byte("# Agents"), 0644) + os.MkdirAll(wsDir, 0o755) + os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0o644) + os.WriteFile(filepath.Join(wsDir, "AGENTS.md"), []byte("# Agents"), 0o644) - configData := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + configData := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "test-key", }, }, } data, _ := json.Marshal(configData) - os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0644) + os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0o644) opts := Options{ DryRun: true, @@ -631,33 +631,33 @@ func TestRunFullMigration(t *testing.T) { picoClawHome := t.TempDir() wsDir := filepath.Join(openclawHome, "workspace") - os.MkdirAll(wsDir, 0755) - os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul from OpenClaw"), 0644) - os.WriteFile(filepath.Join(wsDir, "AGENTS.md"), []byte("# Agents from OpenClaw"), 0644) - os.WriteFile(filepath.Join(wsDir, "USER.md"), []byte("# User from OpenClaw"), 0644) + os.MkdirAll(wsDir, 0o755) + os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul from OpenClaw"), 0o644) + os.WriteFile(filepath.Join(wsDir, "AGENTS.md"), []byte("# Agents from OpenClaw"), 0o644) + os.WriteFile(filepath.Join(wsDir, "USER.md"), []byte("# User from OpenClaw"), 0o644) memDir := filepath.Join(wsDir, "memory") - os.MkdirAll(memDir, 0755) - os.WriteFile(filepath.Join(memDir, "MEMORY.md"), []byte("# Memory notes"), 0644) + os.MkdirAll(memDir, 0o755) + os.WriteFile(filepath.Join(memDir, "MEMORY.md"), []byte("# Memory notes"), 0o644) - configData := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + configData := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "sk-ant-migrate-test", }, - "openrouter": map[string]interface{}{ + "openrouter": map[string]any{ "apiKey": "sk-or-migrate-test", }, }, - "channels": map[string]interface{}{ - "telegram": map[string]interface{}{ + "channels": map[string]any{ + "telegram": map[string]any{ "enabled": true, "token": "tg-migrate-test", }, }, } data, _ := json.Marshal(configData) - os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0644) + os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0o644) opts := Options{ Force: true, @@ -751,7 +751,7 @@ func TestRunMutuallyExclusiveFlags(t *testing.T) { func TestBackupFile(t *testing.T) { tmpDir := t.TempDir() filePath := filepath.Join(tmpDir, "test.md") - os.WriteFile(filePath, []byte("original content"), 0644) + os.WriteFile(filePath, []byte("original content"), 0o644) if err := backupFile(filePath); err != nil { t.Fatalf("backupFile: %v", err) @@ -772,7 +772,7 @@ func TestCopyFile(t *testing.T) { srcPath := filepath.Join(tmpDir, "src.md") dstPath := filepath.Join(tmpDir, "dst.md") - os.WriteFile(srcPath, []byte("file content"), 0644) + os.WriteFile(srcPath, []byte("file content"), 0o644) if err := copyFile(srcPath, dstPath); err != nil { t.Fatalf("copyFile: %v", err) @@ -792,18 +792,18 @@ func TestRunConfigOnly(t *testing.T) { picoClawHome := t.TempDir() wsDir := filepath.Join(openclawHome, "workspace") - os.MkdirAll(wsDir, 0755) - os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0644) + os.MkdirAll(wsDir, 0o755) + os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0o644) - configData := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + configData := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "sk-config-only", }, }, } data, _ := json.Marshal(configData) - os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0644) + os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0o644) opts := Options{ Force: true, @@ -832,18 +832,18 @@ func TestRunWorkspaceOnly(t *testing.T) { picoClawHome := t.TempDir() wsDir := filepath.Join(openclawHome, "workspace") - os.MkdirAll(wsDir, 0755) - os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0644) + os.MkdirAll(wsDir, 0o755) + os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0o644) - configData := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + configData := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "sk-ws-only", }, }, } data, _ := json.Marshal(configData) - os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0644) + os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0o644) opts := Options{ Force: true, diff --git a/pkg/providers/anthropic/provider.go b/pkg/providers/anthropic/provider.go index 8f46aa70c..28e04b506 100644 --- a/pkg/providers/anthropic/provider.go +++ b/pkg/providers/anthropic/provider.go @@ -9,16 +9,19 @@ import ( "github.com/anthropics/anthropic-sdk-go" "github.com/anthropics/anthropic-sdk-go/option" + "github.com/sipeed/picoclaw/pkg/providers/protocoltypes" ) -type ToolCall = protocoltypes.ToolCall -type FunctionCall = protocoltypes.FunctionCall -type LLMResponse = protocoltypes.LLMResponse -type UsageInfo = protocoltypes.UsageInfo -type Message = protocoltypes.Message -type ToolDefinition = protocoltypes.ToolDefinition -type ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition +type ( + ToolCall = protocoltypes.ToolCall + FunctionCall = protocoltypes.FunctionCall + LLMResponse = protocoltypes.LLMResponse + UsageInfo = protocoltypes.UsageInfo + Message = protocoltypes.Message + ToolDefinition = protocoltypes.ToolDefinition + ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition +) const defaultBaseURL = "https://api.anthropic.com" @@ -61,7 +64,13 @@ func NewProviderWithTokenSourceAndBaseURL(token string, tokenSource func() (stri return p } -func (p *Provider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *Provider) Chat( + ctx context.Context, + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, +) (*LLMResponse, error) { var opts []option.RequestOption if p.tokenSource != nil { tok, err := p.tokenSource() @@ -92,7 +101,12 @@ func (p *Provider) BaseURL() string { return p.baseURL } -func buildParams(messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (anthropic.MessageNewParams, error) { +func buildParams( + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, +) (anthropic.MessageNewParams, error) { var system []anthropic.TextBlockParam var anthropicMessages []anthropic.MessageParam @@ -170,7 +184,7 @@ func translateTools(tools []ToolDefinition) []anthropic.ToolUnionParam { if desc := t.Function.Description; desc != "" { tool.Description = anthropic.String(desc) } - if req, ok := t.Function.Parameters["required"].([]interface{}); ok { + if req, ok := t.Function.Parameters["required"].([]any); ok { required := make([]string, 0, len(req)) for _, r := range req { if s, ok := r.(string); ok { @@ -195,10 +209,10 @@ func parseResponse(resp *anthropic.Message) *LLMResponse { content += tb.Text case "tool_use": tu := block.AsToolUse() - var args map[string]interface{} + var args map[string]any if err := json.Unmarshal(tu.Input, &args); err != nil { log.Printf("anthropic: failed to decode tool call input for %q: %v", tu.Name, err) - args = map[string]interface{}{"raw": string(tu.Input)} + args = map[string]any{"raw": string(tu.Input)} } toolCalls = append(toolCalls, ToolCall{ ID: tu.ID, diff --git a/pkg/providers/anthropic/provider_test.go b/pkg/providers/anthropic/provider_test.go index 6a1dabafb..6cfb2948a 100644 --- a/pkg/providers/anthropic/provider_test.go +++ b/pkg/providers/anthropic/provider_test.go @@ -15,7 +15,7 @@ func TestBuildParams_BasicMessage(t *testing.T) { messages := []Message{ {Role: "user", Content: "Hello"}, } - params, err := buildParams(messages, nil, "claude-sonnet-4-5-20250929", map[string]interface{}{ + params, err := buildParams(messages, nil, "claude-sonnet-4-5-20250929", map[string]any{ "max_tokens": 1024, }) if err != nil { @@ -37,7 +37,7 @@ func TestBuildParams_SystemMessage(t *testing.T) { {Role: "system", Content: "You are helpful"}, {Role: "user", Content: "Hi"}, } - params, err := buildParams(messages, nil, "claude-sonnet-4-5-20250929", map[string]interface{}{}) + params, err := buildParams(messages, nil, "claude-sonnet-4-5-20250929", map[string]any{}) if err != nil { t.Fatalf("buildParams() error: %v", err) } @@ -62,13 +62,13 @@ func TestBuildParams_ToolCallMessage(t *testing.T) { { ID: "call_1", Name: "get_weather", - Arguments: map[string]interface{}{"city": "SF"}, + Arguments: map[string]any{"city": "SF"}, }, }, }, {Role: "tool", Content: `{"temp": 72}`, ToolCallID: "call_1"}, } - params, err := buildParams(messages, nil, "claude-sonnet-4-5-20250929", map[string]interface{}{}) + params, err := buildParams(messages, nil, "claude-sonnet-4-5-20250929", map[string]any{}) if err != nil { t.Fatalf("buildParams() error: %v", err) } @@ -84,17 +84,22 @@ func TestBuildParams_WithTools(t *testing.T) { Function: ToolFunctionDefinition{ Name: "get_weather", Description: "Get weather for a city", - Parameters: map[string]interface{}{ + Parameters: map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "city": map[string]interface{}{"type": "string"}, + "properties": map[string]any{ + "city": map[string]any{"type": "string"}, }, - "required": []interface{}{"city"}, + "required": []any{"city"}, }, }, }, } - params, err := buildParams([]Message{{Role: "user", Content: "Hi"}}, tools, "claude-sonnet-4-5-20250929", map[string]interface{}{}) + params, err := buildParams( + []Message{{Role: "user", Content: "Hi"}}, + tools, + "claude-sonnet-4-5-20250929", + map[string]any{}, + ) if err != nil { t.Fatalf("buildParams() error: %v", err) } @@ -154,19 +159,19 @@ func TestProvider_ChatRoundTrip(t *testing.T) { return } - var reqBody map[string]interface{} + var reqBody map[string]any json.NewDecoder(r.Body).Decode(&reqBody) - resp := map[string]interface{}{ + resp := map[string]any{ "id": "msg_test", "type": "message", "role": "assistant", "model": reqBody["model"], "stop_reason": "end_turn", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "text", "text": "Hello! How can I help you?"}, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 15, "output_tokens": 8, }, @@ -178,7 +183,13 @@ func TestProvider_ChatRoundTrip(t *testing.T) { provider := NewProviderWithClient(createAnthropicTestClient(server.URL, "test-token")) messages := []Message{{Role: "user", Content: "Hello"}} - resp, err := provider.Chat(t.Context(), messages, nil, "claude-sonnet-4-5-20250929", map[string]interface{}{"max_tokens": 1024}) + resp, err := provider.Chat( + t.Context(), + messages, + nil, + "claude-sonnet-4-5-20250929", + map[string]any{"max_tokens": 1024}, + ) if err != nil { t.Fatalf("Chat() error: %v", err) } @@ -221,19 +232,19 @@ func TestProvider_ChatUsesTokenSource(t *testing.T) { return } - var reqBody map[string]interface{} + var reqBody map[string]any json.NewDecoder(r.Body).Decode(&reqBody) - resp := map[string]interface{}{ + resp := map[string]any{ "id": "msg_test", "type": "message", "role": "assistant", "model": reqBody["model"], "stop_reason": "end_turn", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "text", "text": "ok"}, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 1, "output_tokens": 1, }, @@ -247,7 +258,13 @@ func TestProvider_ChatUsesTokenSource(t *testing.T) { return "refreshed-token", nil }, server.URL) - _, err := p.Chat(t.Context(), []Message{{Role: "user", Content: "hello"}}, nil, "claude-sonnet-4-5-20250929", map[string]interface{}{}) + _, err := p.Chat( + t.Context(), + []Message{{Role: "user", Content: "hello"}}, + nil, + "claude-sonnet-4-5-20250929", + map[string]any{}, + ) if err != nil { t.Fatalf("Chat() error: %v", err) } diff --git a/pkg/providers/claude_cli_provider.go b/pkg/providers/claude_cli_provider.go index 58ba3647d..74ec33b98 100644 --- a/pkg/providers/claude_cli_provider.go +++ b/pkg/providers/claude_cli_provider.go @@ -24,7 +24,9 @@ func NewClaudeCliProvider(workspace string) *ClaudeCliProvider { } // Chat implements LLMProvider.Chat by executing the claude CLI. -func (p *ClaudeCliProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *ClaudeCliProvider) Chat( + ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]any, +) (*LLMResponse, error) { systemPrompt := p.buildSystemPrompt(messages, tools) prompt := p.messagesToPrompt(messages) @@ -111,7 +113,9 @@ func (p *ClaudeCliProvider) buildToolsPrompt(tools []ToolDefinition) string { sb.WriteString("## Available Tools\n\n") sb.WriteString("When you need to use a tool, respond with ONLY a JSON object:\n\n") sb.WriteString("```json\n") - sb.WriteString(`{"tool_calls":[{"id":"call_xxx","type":"function","function":{"name":"tool_name","arguments":"{...}"}}]}`) + sb.WriteString( + `{"tool_calls":[{"id":"call_xxx","type":"function","function":{"name":"tool_name","arguments":"{...}"}}]}`, + ) sb.WriteString("\n```\n\n") sb.WriteString("CRITICAL: The 'arguments' field MUST be a JSON-encoded STRING.\n\n") sb.WriteString("### Tool Definitions:\n\n") diff --git a/pkg/providers/claude_cli_provider_integration_test.go b/pkg/providers/claude_cli_provider_integration_test.go index 9d1131ac4..f6e0d787a 100644 --- a/pkg/providers/claude_cli_provider_integration_test.go +++ b/pkg/providers/claude_cli_provider_integration_test.go @@ -28,7 +28,6 @@ func TestIntegration_RealClaudeCLI(t *testing.T) { resp, err := p.Chat(ctx, []Message{ {Role: "user", Content: "Respond with only the word 'pong'. Nothing else."}, }, nil, "", nil) - if err != nil { t.Fatalf("Chat() with real CLI error = %v", err) } @@ -75,7 +74,6 @@ func TestIntegration_RealClaudeCLI_WithSystemPrompt(t *testing.T) { {Role: "system", Content: "You are a calculator. Only respond with numbers. No text."}, {Role: "user", Content: "What is 2+2?"}, }, nil, "", nil) - if err != nil { t.Fatalf("Chat() error = %v", err) } diff --git a/pkg/providers/claude_cli_provider_test.go b/pkg/providers/claude_cli_provider_test.go index 063530deb..5bfe33247 100644 --- a/pkg/providers/claude_cli_provider_test.go +++ b/pkg/providers/claude_cli_provider_test.go @@ -30,12 +30,12 @@ func createMockCLI(t *testing.T, stdout, stderr string, exitCode int) string { dir := t.TempDir() if stdout != "" { - if err := os.WriteFile(filepath.Join(dir, "stdout.txt"), []byte(stdout), 0644); err != nil { + if err := os.WriteFile(filepath.Join(dir, "stdout.txt"), []byte(stdout), 0o644); err != nil { t.Fatal(err) } } if stderr != "" { - if err := os.WriteFile(filepath.Join(dir, "stderr.txt"), []byte(stderr), 0644); err != nil { + if err := os.WriteFile(filepath.Join(dir, "stderr.txt"), []byte(stderr), 0o644); err != nil { t.Fatal(err) } } @@ -51,7 +51,7 @@ func createMockCLI(t *testing.T, stdout, stderr string, exitCode int) string { sb.WriteString(fmt.Sprintf("exit %d\n", exitCode)) script := filepath.Join(dir, "claude") - if err := os.WriteFile(script, []byte(sb.String()), 0755); err != nil { + if err := os.WriteFile(script, []byte(sb.String()), 0o755); err != nil { t.Fatal(err) } return script @@ -67,7 +67,7 @@ func createSlowMockCLI(t *testing.T, sleepSeconds int) string { dir := t.TempDir() script := filepath.Join(dir, "claude") content := fmt.Sprintf("#!/bin/sh\nsleep %d\necho '{\"type\":\"result\",\"result\":\"late\"}'\n", sleepSeconds) - if err := os.WriteFile(script, []byte(content), 0755); err != nil { + if err := os.WriteFile(script, []byte(content), 0o755); err != nil { t.Fatal(err) } return script @@ -88,7 +88,7 @@ cat <<'EOFMOCK' {"type":"result","result":"ok","session_id":"test"} EOFMOCK `, argsFile) - if err := os.WriteFile(script, []byte(content), 0755); err != nil { + if err := os.WriteFile(script, []byte(content), 0o755); err != nil { t.Fatal(err) } return script @@ -137,7 +137,6 @@ func TestChat_Success(t *testing.T) { resp, err := p.Chat(context.Background(), []Message{ {Role: "user", Content: "Hello"}, }, nil, "", nil) - if err != nil { t.Fatalf("Chat() error = %v", err) } @@ -193,7 +192,6 @@ func TestChat_WithToolCallsInResponse(t *testing.T) { resp, err := p.Chat(context.Background(), []Message{ {Role: "user", Content: "What's the weather?"}, }, nil, "", nil) - if err != nil { t.Fatalf("Chat() error = %v", err) } @@ -403,7 +401,6 @@ func TestChat_EmptyWorkspaceDoesNotSetDir(t *testing.T) { resp, err := p.Chat(context.Background(), []Message{ {Role: "user", Content: "Hello"}, }, nil, "", nil) - if err != nil { t.Fatalf("Chat() with empty workspace error = %v", err) } @@ -611,10 +608,10 @@ func TestBuildSystemPrompt_WithTools(t *testing.T) { Function: ToolFunctionDefinition{ Name: "get_weather", Description: "Get weather for a location", - Parameters: map[string]interface{}{ + Parameters: map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "location": map[string]interface{}{"type": "string"}, + "properties": map[string]any{ + "location": map[string]any{"type": "string"}, }, }, }, diff --git a/pkg/providers/claude_provider.go b/pkg/providers/claude_provider.go index 3ca54d5a3..60639ca18 100644 --- a/pkg/providers/claude_provider.go +++ b/pkg/providers/claude_provider.go @@ -29,7 +29,9 @@ func NewClaudeProviderWithTokenSource(token string, tokenSource func() (string, } } -func NewClaudeProviderWithTokenSourceAndBaseURL(token string, tokenSource func() (string, error), apiBase string) *ClaudeProvider { +func NewClaudeProviderWithTokenSourceAndBaseURL( + token string, tokenSource func() (string, error), apiBase string, +) *ClaudeProvider { return &ClaudeProvider{ delegate: anthropicprovider.NewProviderWithTokenSourceAndBaseURL(token, tokenSource, apiBase), } @@ -39,7 +41,9 @@ func newClaudeProviderWithDelegate(delegate *anthropicprovider.Provider) *Claude return &ClaudeProvider{delegate: delegate} } -func (p *ClaudeProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *ClaudeProvider) Chat( + ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]any, +) (*LLMResponse, error) { resp, err := p.delegate.Chat(ctx, messages, tools, model, options) if err != nil { return nil, err diff --git a/pkg/providers/claude_provider_test.go b/pkg/providers/claude_provider_test.go index 13bbde1fc..1f15e2792 100644 --- a/pkg/providers/claude_provider_test.go +++ b/pkg/providers/claude_provider_test.go @@ -8,6 +8,7 @@ import ( "github.com/anthropics/anthropic-sdk-go" anthropicoption "github.com/anthropics/anthropic-sdk-go/option" + anthropicprovider "github.com/sipeed/picoclaw/pkg/providers/anthropic" ) @@ -22,19 +23,19 @@ func TestClaudeProvider_ChatRoundTrip(t *testing.T) { return } - var reqBody map[string]interface{} + var reqBody map[string]any json.NewDecoder(r.Body).Decode(&reqBody) - resp := map[string]interface{}{ + resp := map[string]any{ "id": "msg_test", "type": "message", "role": "assistant", "model": reqBody["model"], "stop_reason": "end_turn", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "text", "text": "Hello! How can I help you?"}, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 15, "output_tokens": 8, }, @@ -48,7 +49,9 @@ func TestClaudeProvider_ChatRoundTrip(t *testing.T) { provider := newClaudeProviderWithDelegate(delegate) messages := []Message{{Role: "user", Content: "Hello"}} - resp, err := provider.Chat(t.Context(), messages, nil, "claude-sonnet-4-5-20250929", map[string]interface{}{"max_tokens": 1024}) + resp, err := provider.Chat( + t.Context(), messages, nil, "claude-sonnet-4-5-20250929", map[string]any{"max_tokens": 1024}, + ) if err != nil { t.Fatalf("Chat() error: %v", err) } diff --git a/pkg/providers/codex_cli_credentials.go b/pkg/providers/codex_cli_credentials.go index 7ad39ce8e..46ba24b12 100644 --- a/pkg/providers/codex_cli_credentials.go +++ b/pkg/providers/codex_cli_credentials.go @@ -59,7 +59,9 @@ func CreateCodexCliTokenSource() func() (string, string, error) { } if time.Now().After(expiresAt) { - return "", "", fmt.Errorf("codex cli credentials expired (auth.json last modified > 1h ago). Run: codex login") + return "", "", fmt.Errorf( + "codex cli credentials expired (auth.json last modified > 1h ago). Run: codex login", + ) } return token, accountID, nil diff --git a/pkg/providers/codex_cli_credentials_test.go b/pkg/providers/codex_cli_credentials_test.go index 3267f2d16..43b21700a 100644 --- a/pkg/providers/codex_cli_credentials_test.go +++ b/pkg/providers/codex_cli_credentials_test.go @@ -18,7 +18,7 @@ func TestReadCodexCliCredentials_Valid(t *testing.T) { "account_id": "org-test123" } }` - if err := os.WriteFile(authPath, []byte(authJSON), 0600); err != nil { + if err := os.WriteFile(authPath, []byte(authJSON), 0o600); err != nil { t.Fatal(err) } @@ -58,7 +58,7 @@ func TestReadCodexCliCredentials_EmptyToken(t *testing.T) { authPath := filepath.Join(tmpDir, "auth.json") authJSON := `{"tokens": {"access_token": "", "refresh_token": "r", "account_id": "a"}}` - if err := os.WriteFile(authPath, []byte(authJSON), 0600); err != nil { + if err := os.WriteFile(authPath, []byte(authJSON), 0o600); err != nil { t.Fatal(err) } @@ -74,7 +74,7 @@ func TestReadCodexCliCredentials_InvalidJSON(t *testing.T) { tmpDir := t.TempDir() authPath := filepath.Join(tmpDir, "auth.json") - if err := os.WriteFile(authPath, []byte("not json"), 0600); err != nil { + if err := os.WriteFile(authPath, []byte("not json"), 0o600); err != nil { t.Fatal(err) } @@ -91,7 +91,7 @@ func TestReadCodexCliCredentials_NoAccountID(t *testing.T) { authPath := filepath.Join(tmpDir, "auth.json") authJSON := `{"tokens": {"access_token": "tok123", "refresh_token": "ref456"}}` - if err := os.WriteFile(authPath, []byte(authJSON), 0600); err != nil { + if err := os.WriteFile(authPath, []byte(authJSON), 0o600); err != nil { t.Fatal(err) } @@ -112,12 +112,12 @@ func TestReadCodexCliCredentials_NoAccountID(t *testing.T) { func TestReadCodexCliCredentials_CodexHomeEnv(t *testing.T) { tmpDir := t.TempDir() customDir := filepath.Join(tmpDir, "custom-codex") - if err := os.MkdirAll(customDir, 0755); err != nil { + if err := os.MkdirAll(customDir, 0o755); err != nil { t.Fatal(err) } authJSON := `{"tokens": {"access_token": "custom-token", "refresh_token": "r"}}` - if err := os.WriteFile(filepath.Join(customDir, "auth.json"), []byte(authJSON), 0600); err != nil { + if err := os.WriteFile(filepath.Join(customDir, "auth.json"), []byte(authJSON), 0o600); err != nil { t.Fatal(err) } @@ -137,7 +137,7 @@ func TestCreateCodexCliTokenSource_Valid(t *testing.T) { authPath := filepath.Join(tmpDir, "auth.json") authJSON := `{"tokens": {"access_token": "fresh-token", "refresh_token": "r", "account_id": "acc"}}` - if err := os.WriteFile(authPath, []byte(authJSON), 0600); err != nil { + if err := os.WriteFile(authPath, []byte(authJSON), 0o600); err != nil { t.Fatal(err) } @@ -161,7 +161,7 @@ func TestCreateCodexCliTokenSource_Expired(t *testing.T) { authPath := filepath.Join(tmpDir, "auth.json") authJSON := `{"tokens": {"access_token": "old-token", "refresh_token": "r"}}` - if err := os.WriteFile(authPath, []byte(authJSON), 0600); err != nil { + if err := os.WriteFile(authPath, []byte(authJSON), 0o600); err != nil { t.Fatal(err) } diff --git a/pkg/providers/codex_cli_provider.go b/pkg/providers/codex_cli_provider.go index 8886406b4..4c783ece5 100644 --- a/pkg/providers/codex_cli_provider.go +++ b/pkg/providers/codex_cli_provider.go @@ -25,7 +25,9 @@ func NewCodexCliProvider(workspace string) *CodexCliProvider { } // Chat implements LLMProvider.Chat by executing the codex CLI in non-interactive mode. -func (p *CodexCliProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *CodexCliProvider) Chat( + ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]any, +) (*LLMResponse, error) { if p.command == "" { return nil, fmt.Errorf("codex command not configured") } @@ -133,7 +135,9 @@ func (p *CodexCliProvider) buildToolsPrompt(tools []ToolDefinition) string { sb.WriteString("## Available Tools\n\n") sb.WriteString("When you need to use a tool, respond with ONLY a JSON object:\n\n") sb.WriteString("```json\n") - sb.WriteString(`{"tool_calls":[{"id":"call_xxx","type":"function","function":{"name":"tool_name","arguments":"{...}"}}]}`) + sb.WriteString( + `{"tool_calls":[{"id":"call_xxx","type":"function","function":{"name":"tool_name","arguments":"{...}"}}]}`, + ) sb.WriteString("\n```\n\n") sb.WriteString("CRITICAL: The 'arguments' field MUST be a JSON-encoded STRING.\n\n") sb.WriteString("### Tool Definitions:\n\n") diff --git a/pkg/providers/codex_cli_provider_integration_test.go b/pkg/providers/codex_cli_provider_integration_test.go index 0267c730f..17a8305ad 100644 --- a/pkg/providers/codex_cli_provider_integration_test.go +++ b/pkg/providers/codex_cli_provider_integration_test.go @@ -27,7 +27,6 @@ func TestIntegration_RealCodexCLI(t *testing.T) { resp, err := p.Chat(ctx, []Message{ {Role: "user", Content: "Respond with only the word 'pong'. Nothing else."}, }, nil, "", nil) - if err != nil { t.Fatalf("Chat() with real CLI error = %v", err) } @@ -64,7 +63,6 @@ func TestIntegration_RealCodexCLI_WithSystemPrompt(t *testing.T) { {Role: "system", Content: "You are a calculator. Only respond with numbers. No text."}, {Role: "user", Content: "What is 2+2?"}, }, nil, "", nil) - if err != nil { t.Fatalf("Chat() error = %v", err) } diff --git a/pkg/providers/codex_cli_provider_test.go b/pkg/providers/codex_cli_provider_test.go index 7e4e1bc15..414e0844d 100644 --- a/pkg/providers/codex_cli_provider_test.go +++ b/pkg/providers/codex_cli_provider_test.go @@ -292,10 +292,10 @@ func TestBuildPrompt_WithTools(t *testing.T) { Function: ToolFunctionDefinition{ Name: "get_weather", Description: "Get current weather", - Parameters: map[string]interface{}{ + Parameters: map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "city": map[string]interface{}{"type": "string"}, + "properties": map[string]any{ + "city": map[string]any{"type": "string"}, }, }, }, @@ -409,7 +409,7 @@ func createMockCodexCLI(t *testing.T, events []string) string { sb.WriteString(fmt.Sprintf("echo '%s'\n", event)) } - if err := os.WriteFile(scriptPath, []byte(sb.String()), 0755); err != nil { + if err := os.WriteFile(scriptPath, []byte(sb.String()), 0o755); err != nil { t.Fatal(err) } return scriptPath @@ -480,7 +480,7 @@ echo "$@" > "` + filepath.Join(tmpDir, "args.txt") + `" echo '{"type":"item.completed","item":{"id":"1","type":"agent_message","text":"ok"}}' echo '{"type":"turn.completed"}'` - if err := os.WriteFile(scriptPath, []byte(script), 0755); err != nil { + if err := os.WriteFile(scriptPath, []byte(script), 0o755); err != nil { t.Fatal(err) } @@ -522,7 +522,7 @@ func TestCodexCliProvider_MockCLI_ContextCancel(t *testing.T) { scriptPath := filepath.Join(tmpDir, "codex") script := "#!/bin/bash\nsleep 60" - if err := os.WriteFile(scriptPath, []byte(script), 0755); err != nil { + if err := os.WriteFile(scriptPath, []byte(script), 0o755); err != nil { t.Fatal(err) } diff --git a/pkg/providers/codex_provider.go b/pkg/providers/codex_provider.go index e3526cfb5..ecc983642 100644 --- a/pkg/providers/codex_provider.go +++ b/pkg/providers/codex_provider.go @@ -10,12 +10,15 @@ import ( "github.com/openai/openai-go/v3" "github.com/openai/openai-go/v3/option" "github.com/openai/openai-go/v3/responses" + "github.com/sipeed/picoclaw/pkg/auth" "github.com/sipeed/picoclaw/pkg/logger" ) -const codexDefaultModel = "gpt-5.2" -const codexDefaultInstructions = "You are Codex, a coding assistant." +const ( + codexDefaultModel = "gpt-5.2" + codexDefaultInstructions = "You are Codex, a coding assistant." +) type CodexProvider struct { client *openai.Client @@ -44,22 +47,30 @@ func NewCodexProvider(token, accountID string) *CodexProvider { } } -func NewCodexProviderWithTokenSource(token, accountID string, tokenSource func() (string, string, error)) *CodexProvider { +func NewCodexProviderWithTokenSource( + token, accountID string, tokenSource func() (string, string, error), +) *CodexProvider { p := NewCodexProvider(token, accountID) p.tokenSource = tokenSource return p } -func (p *CodexProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *CodexProvider) Chat( + ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]any, +) (*LLMResponse, error) { var opts []option.RequestOption accountID := p.accountID resolvedModel, fallbackReason := resolveCodexModel(model) if fallbackReason != "" { - logger.WarnCF("provider.codex", "Requested model is not compatible with Codex backend, using fallback", map[string]interface{}{ - "requested_model": model, - "resolved_model": resolvedModel, - "reason": fallbackReason, - }) + logger.WarnCF( + "provider.codex", + "Requested model is not compatible with Codex backend, using fallback", + map[string]any{ + "requested_model": model, + "resolved_model": resolvedModel, + "reason": fallbackReason, + }, + ) } if p.tokenSource != nil { tok, accID, err := p.tokenSource() @@ -74,10 +85,14 @@ func (p *CodexProvider) Chat(ctx context.Context, messages []Message, tools []To if accountID != "" { opts = append(opts, option.WithHeader("Chatgpt-Account-Id", accountID)) } else { - logger.WarnCF("provider.codex", "No account id found for Codex request; backend may reject with 400", map[string]interface{}{ - "requested_model": model, - "resolved_model": resolvedModel, - }) + logger.WarnCF( + "provider.codex", + "No account id found for Codex request; backend may reject with 400", + map[string]any{ + "requested_model": model, + "resolved_model": resolvedModel, + }, + ) } params := buildCodexParams(messages, tools, resolvedModel, options, p.enableWebSearch) @@ -98,7 +113,7 @@ func (p *CodexProvider) Chat(ctx context.Context, messages []Message, tools []To } err := stream.Err() if err != nil { - fields := map[string]interface{}{ + fields := map[string]any{ "requested_model": model, "resolved_model": resolvedModel, "messages_count": len(messages), @@ -124,7 +139,7 @@ func (p *CodexProvider) Chat(ctx context.Context, messages []Message, tools []To return nil, fmt.Errorf("codex API call: %w", err) } if resp == nil { - fields := map[string]interface{}{ + fields := map[string]any{ "requested_model": model, "resolved_model": resolvedModel, "messages_count": len(messages), @@ -184,7 +199,9 @@ func resolveCodexModel(model string) (string, string) { return codexDefaultModel, "unsupported model family" } -func buildCodexParams(messages []Message, tools []ToolDefinition, model string, options map[string]interface{}, enableWebSearch bool) responses.ResponseNewParams { +func buildCodexParams( + messages []Message, tools []ToolDefinition, model string, options map[string]any, enableWebSearch bool, +) responses.ResponseNewParams { var inputItems responses.ResponseInputParam var instructions string @@ -197,7 +214,9 @@ func buildCodexParams(messages []Message, tools []ToolDefinition, model string, inputItems = append(inputItems, responses.ResponseInputItemUnionParam{ OfFunctionCallOutput: &responses.ResponseInputItemFunctionCallOutputParam{ CallID: msg.ToolCallID, - Output: responses.ResponseInputItemFunctionCallOutputOutputUnionParam{OfString: openai.Opt(msg.Content)}, + Output: responses.ResponseInputItemFunctionCallOutputOutputUnionParam{ + OfString: openai.Opt(msg.Content), + }, }, }) } else { @@ -221,7 +240,7 @@ func buildCodexParams(messages []Message, tools []ToolDefinition, model string, for _, tc := range msg.ToolCalls { name, args, ok := resolveCodexToolCall(tc) if !ok { - logger.WarnCF("provider.codex", "Skipping invalid tool call in history", map[string]interface{}{ + logger.WarnCF("provider.codex", "Skipping invalid tool call in history", map[string]any{ "call_id": tc.ID, }) continue @@ -246,7 +265,9 @@ func buildCodexParams(messages []Message, tools []ToolDefinition, model string, inputItems = append(inputItems, responses.ResponseInputItemUnionParam{ OfFunctionCallOutput: &responses.ResponseInputItemFunctionCallOutputParam{ CallID: msg.ToolCallID, - Output: responses.ResponseInputItemFunctionCallOutputOutputUnionParam{OfString: openai.Opt(msg.Content)}, + Output: responses.ResponseInputItemFunctionCallOutputOutputUnionParam{ + OfString: openai.Opt(msg.Content), + }, }, }) } @@ -341,9 +362,9 @@ func parseCodexResponse(resp *responses.Response) *LLMResponse { } } case "function_call": - var args map[string]interface{} + var args map[string]any if err := json.Unmarshal([]byte(item.Arguments), &args); err != nil { - args = map[string]interface{}{"raw": item.Arguments} + args = map[string]any{"raw": item.Arguments} } toolCalls = append(toolCalls, ToolCall{ ID: item.CallID, diff --git a/pkg/providers/codex_provider_test.go b/pkg/providers/codex_provider_test.go index 92e276165..4157e53e9 100644 --- a/pkg/providers/codex_provider_test.go +++ b/pkg/providers/codex_provider_test.go @@ -16,7 +16,7 @@ func TestBuildCodexParams_BasicMessage(t *testing.T) { messages := []Message{ {Role: "user", Content: "Hello"}, } - params := buildCodexParams(messages, nil, "gpt-4o", map[string]interface{}{ + params := buildCodexParams(messages, nil, "gpt-4o", map[string]any{ "max_tokens": 2048, "temperature": 0.7, }, true) @@ -39,7 +39,7 @@ func TestBuildCodexParams_SystemAsInstructions(t *testing.T) { {Role: "system", Content: "You are helpful"}, {Role: "user", Content: "Hi"}, } - params := buildCodexParams(messages, nil, "gpt-4o", map[string]interface{}{}, true) + params := buildCodexParams(messages, nil, "gpt-4o", map[string]any{}, true) if !params.Instructions.Valid() { t.Fatal("Instructions should be set") } @@ -54,12 +54,12 @@ func TestBuildCodexParams_ToolCallConversation(t *testing.T) { { Role: "assistant", ToolCalls: []ToolCall{ - {ID: "call_1", Name: "get_weather", Arguments: map[string]interface{}{"city": "SF"}}, + {ID: "call_1", Name: "get_weather", Arguments: map[string]any{"city": "SF"}}, }, }, {Role: "tool", Content: `{"temp": 72}`, ToolCallID: "call_1"}, } - params := buildCodexParams(messages, nil, "gpt-4o", map[string]interface{}{}, false) + params := buildCodexParams(messages, nil, "gpt-4o", map[string]any{}, false) if params.Input.OfInputItemList == nil { t.Fatal("Input.OfInputItemList should not be nil") } @@ -87,7 +87,7 @@ func TestBuildCodexParams_ToolCallFunctionFallback(t *testing.T) { {Role: "tool", Content: "ok", ToolCallID: "call_1"}, } - params := buildCodexParams(messages, nil, "gpt-4o", map[string]interface{}{}, false) + params := buildCodexParams(messages, nil, "gpt-4o", map[string]any{}, false) if params.Input.OfInputItemList == nil { t.Fatal("Input.OfInputItemList should not be nil") } @@ -114,16 +114,16 @@ func TestBuildCodexParams_WithTools(t *testing.T) { Function: ToolFunctionDefinition{ Name: "get_weather", Description: "Get weather", - Parameters: map[string]interface{}{ + Parameters: map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "city": map[string]interface{}{"type": "string"}, + "properties": map[string]any{ + "city": map[string]any{"type": "string"}, }, }, }, }, } - params := buildCodexParams([]Message{{Role: "user", Content: "Hi"}}, tools, "gpt-4o", map[string]interface{}{}, false) + params := buildCodexParams([]Message{{Role: "user", Content: "Hi"}}, tools, "gpt-4o", map[string]any{}, false) if len(params.Tools) != 1 { t.Fatalf("len(Tools) = %d, want 1", len(params.Tools)) } @@ -136,14 +136,14 @@ func TestBuildCodexParams_WithTools(t *testing.T) { } func TestBuildCodexParams_StoreIsFalse(t *testing.T) { - params := buildCodexParams([]Message{{Role: "user", Content: "Hi"}}, nil, "gpt-4o", map[string]interface{}{}, false) + params := buildCodexParams([]Message{{Role: "user", Content: "Hi"}}, nil, "gpt-4o", map[string]any{}, false) if !params.Store.Valid() || params.Store.Or(true) != false { t.Error("Store should be explicitly set to false") } } func TestBuildCodexParams_DefaultWebSearchEnabled(t *testing.T) { - params := buildCodexParams([]Message{{Role: "user", Content: "Hi"}}, nil, "gpt-4o", map[string]interface{}{}, true) + params := buildCodexParams([]Message{{Role: "user", Content: "Hi"}}, nil, "gpt-4o", map[string]any{}, true) if len(params.Tools) != 1 { t.Fatalf("len(Tools) = %d, want 1", len(params.Tools)) } @@ -151,7 +151,11 @@ func TestBuildCodexParams_DefaultWebSearchEnabled(t *testing.T) { t.Fatal("Tool should include built-in web_search") } if params.Tools[0].OfWebSearch.Type != responses.WebSearchToolTypeWebSearch { - t.Errorf("Web search tool type = %q, want %q", params.Tools[0].OfWebSearch.Type, responses.WebSearchToolTypeWebSearch) + t.Errorf( + "Web search tool type = %q, want %q", + params.Tools[0].OfWebSearch.Type, + responses.WebSearchToolTypeWebSearch, + ) } } @@ -162,7 +166,7 @@ func TestBuildCodexParams_WebSearchFunctionReplacedWithBuiltin(t *testing.T) { Function: ToolFunctionDefinition{ Name: "web_search", Description: "local web search", - Parameters: map[string]interface{}{ + Parameters: map[string]any{ "type": "object", }, }, @@ -172,14 +176,14 @@ func TestBuildCodexParams_WebSearchFunctionReplacedWithBuiltin(t *testing.T) { Function: ToolFunctionDefinition{ Name: "read_file", Description: "read file", - Parameters: map[string]interface{}{ + Parameters: map[string]any{ "type": "object", }, }, }, } - params := buildCodexParams([]Message{{Role: "user", Content: "Hi"}}, tools, "gpt-4o", map[string]interface{}{}, true) + params := buildCodexParams([]Message{{Role: "user", Content: "Hi"}}, tools, "gpt-4o", map[string]any{}, true) if len(params.Tools) != 2 { t.Fatalf("len(Tools) = %d, want 2", len(params.Tools)) } @@ -296,7 +300,7 @@ func TestCodexProvider_ChatRoundTrip(t *testing.T) { return } - var reqBody map[string]interface{} + var reqBody map[string]any if err := json.NewDecoder(r.Body).Decode(&reqBody); err != nil { http.Error(w, "invalid json", http.StatusBadRequest) return @@ -309,38 +313,38 @@ func TestCodexProvider_ChatRoundTrip(t *testing.T) { http.Error(w, "max_output_tokens is not supported", http.StatusBadRequest) return } - toolsAny, ok := reqBody["tools"].([]interface{}) + toolsAny, ok := reqBody["tools"].([]any) if !ok || len(toolsAny) != 1 { http.Error(w, "missing default web search tool", http.StatusBadRequest) return } - toolObj, ok := toolsAny[0].(map[string]interface{}) + toolObj, ok := toolsAny[0].(map[string]any) if !ok || toolObj["type"] != "web_search" { http.Error(w, "expected web_search tool", http.StatusBadRequest) return } - resp := map[string]interface{}{ + resp := map[string]any{ "id": "resp_test", "object": "response", "status": "completed", - "output": []map[string]interface{}{ + "output": []map[string]any{ { "id": "msg_1", "type": "message", "role": "assistant", "status": "completed", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "output_text", "text": "Hi from Codex!"}, }, }, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 12, "output_tokens": 6, "total_tokens": 18, - "input_tokens_details": map[string]interface{}{"cached_tokens": 0}, - "output_tokens_details": map[string]interface{}{"reasoning_tokens": 0}, + "input_tokens_details": map[string]any{"cached_tokens": 0}, + "output_tokens_details": map[string]any{"reasoning_tokens": 0}, }, } writeCompletedSSE(w, resp) @@ -351,7 +355,7 @@ func TestCodexProvider_ChatRoundTrip(t *testing.T) { provider.client = createOpenAITestClient(server.URL, "test-token", "acc-123") messages := []Message{{Role: "user", Content: "Hello"}} - resp, err := provider.Chat(t.Context(), messages, nil, "gpt-4o", map[string]interface{}{"max_tokens": 1024}) + resp, err := provider.Chat(t.Context(), messages, nil, "gpt-4o", map[string]any{"max_tokens": 1024}) if err != nil { t.Fatalf("Chat() error: %v", err) } @@ -373,7 +377,7 @@ func TestCodexProvider_ChatRoundTrip_WebSearchDisabled(t *testing.T) { return } - var reqBody map[string]interface{} + var reqBody map[string]any if err := json.NewDecoder(r.Body).Decode(&reqBody); err != nil { http.Error(w, "invalid json", http.StatusBadRequest) return @@ -383,27 +387,27 @@ func TestCodexProvider_ChatRoundTrip_WebSearchDisabled(t *testing.T) { return } - resp := map[string]interface{}{ + resp := map[string]any{ "id": "resp_test", "object": "response", "status": "completed", - "output": []map[string]interface{}{ + "output": []map[string]any{ { "id": "msg_1", "type": "message", "role": "assistant", "status": "completed", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "output_text", "text": "Hi from Codex!"}, }, }, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 4, "output_tokens": 3, "total_tokens": 7, - "input_tokens_details": map[string]interface{}{"cached_tokens": 0}, - "output_tokens_details": map[string]interface{}{"reasoning_tokens": 0}, + "input_tokens_details": map[string]any{"cached_tokens": 0}, + "output_tokens_details": map[string]any{"reasoning_tokens": 0}, }, } writeCompletedSSE(w, resp) @@ -415,7 +419,7 @@ func TestCodexProvider_ChatRoundTrip_WebSearchDisabled(t *testing.T) { provider.client = createOpenAITestClient(server.URL, "test-token", "acc-123") messages := []Message{{Role: "user", Content: "Hello"}} - resp, err := provider.Chat(t.Context(), messages, nil, "gpt-4o", map[string]interface{}{}) + resp, err := provider.Chat(t.Context(), messages, nil, "gpt-4o", map[string]any{}) if err != nil { t.Fatalf("Chat() error: %v", err) } @@ -439,7 +443,7 @@ func TestCodexProvider_ChatRoundTrip_TokenSourceFallbackAccountID(t *testing.T) return } - var reqBody map[string]interface{} + var reqBody map[string]any if err := json.NewDecoder(r.Body).Decode(&reqBody); err != nil { http.Error(w, "invalid json", http.StatusBadRequest) return @@ -465,27 +469,27 @@ func TestCodexProvider_ChatRoundTrip_TokenSourceFallbackAccountID(t *testing.T) return } - resp := map[string]interface{}{ + resp := map[string]any{ "id": "resp_test", "object": "response", "status": "completed", - "output": []map[string]interface{}{ + "output": []map[string]any{ { "id": "msg_1", "type": "message", "role": "assistant", "status": "completed", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "output_text", "text": "Hi from Codex!"}, }, }, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 8, "output_tokens": 4, "total_tokens": 12, - "input_tokens_details": map[string]interface{}{"cached_tokens": 0}, - "output_tokens_details": map[string]interface{}{"reasoning_tokens": 0}, + "input_tokens_details": map[string]any{"cached_tokens": 0}, + "output_tokens_details": map[string]any{"reasoning_tokens": 0}, }, } writeCompletedSSE(w, resp) @@ -499,7 +503,7 @@ func TestCodexProvider_ChatRoundTrip_TokenSourceFallbackAccountID(t *testing.T) } messages := []Message{{Role: "user", Content: "Hello"}} - resp, err := provider.Chat(t.Context(), messages, nil, "gpt-4o", map[string]interface{}{"temperature": 0.7}) + resp, err := provider.Chat(t.Context(), messages, nil, "gpt-4o", map[string]any{"temperature": 0.7}) if err != nil { t.Fatalf("Chat() error: %v", err) } @@ -515,7 +519,7 @@ func TestCodexProvider_ChatRoundTrip_ModelFallbackFromUnsupported(t *testing.T) return } - var reqBody map[string]interface{} + var reqBody map[string]any if err := json.NewDecoder(r.Body).Decode(&reqBody); err != nil { http.Error(w, "invalid json", http.StatusBadRequest) return @@ -533,27 +537,27 @@ func TestCodexProvider_ChatRoundTrip_ModelFallbackFromUnsupported(t *testing.T) return } - resp := map[string]interface{}{ + resp := map[string]any{ "id": "resp_test", "object": "response", "status": "completed", - "output": []map[string]interface{}{ + "output": []map[string]any{ { "id": "msg_1", "type": "message", "role": "assistant", "status": "completed", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "output_text", "text": "Hi from Codex!"}, }, }, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 8, "output_tokens": 4, "total_tokens": 12, - "input_tokens_details": map[string]interface{}{"cached_tokens": 0}, - "output_tokens_details": map[string]interface{}{"reasoning_tokens": 0}, + "input_tokens_details": map[string]any{"cached_tokens": 0}, + "output_tokens_details": map[string]any{"reasoning_tokens": 0}, }, } writeCompletedSSE(w, resp) @@ -588,7 +592,12 @@ func TestResolveCodexModel(t *testing.T) { wantFallback bool }{ {name: "empty", input: "", wantModel: codexDefaultModel, wantFallback: true}, - {name: "unsupported namespace", input: "anthropic/claude-3.5", wantModel: codexDefaultModel, wantFallback: true}, + { + name: "unsupported namespace", + input: "anthropic/claude-3.5", + wantModel: codexDefaultModel, + wantFallback: true, + }, {name: "non-openai prefixed", input: "glm-4.7", wantModel: codexDefaultModel, wantFallback: true}, {name: "openai prefix", input: "openai/gpt-5.2", wantModel: "gpt-5.2", wantFallback: false}, {name: "direct gpt", input: "gpt-4o", wantModel: "gpt-4o", wantFallback: false}, @@ -622,8 +631,8 @@ func createOpenAITestClient(baseURL, token, accountID string) *openai.Client { return &c } -func writeCompletedSSE(w http.ResponseWriter, response map[string]interface{}) { - event := map[string]interface{}{ +func writeCompletedSSE(w http.ResponseWriter, response map[string]any) { + event := map[string]any{ "type": "response.completed", "sequence_number": 1, "response": response, diff --git a/pkg/providers/fallback.go b/pkg/providers/fallback.go index 9b07f9153..ecd451ec9 100644 --- a/pkg/providers/fallback.go +++ b/pkg/providers/fallback.go @@ -110,7 +110,11 @@ func (fc *FallbackChain) Execute( Model: candidate.Model, Skipped: true, Reason: FailoverRateLimit, - Error: fmt.Errorf("provider %s in cooldown (%s remaining)", candidate.Provider, remaining.Round(time.Second)), + Error: fmt.Errorf( + "provider %s in cooldown (%s remaining)", + candidate.Provider, + remaining.Round(time.Second), + ), }) continue } diff --git a/pkg/providers/fallback_test.go b/pkg/providers/fallback_test.go index ea81e0d48..e872c672e 100644 --- a/pkg/providers/fallback_test.go +++ b/pkg/providers/fallback_test.go @@ -462,7 +462,13 @@ func TestResolveCandidates_EmptyPrimary(t *testing.T) { func TestFallbackExhaustedError_Message(t *testing.T) { e := &FallbackExhaustedError{ Attempts: []FallbackAttempt{ - {Provider: "openai", Model: "gpt-4", Error: errors.New("rate limited"), Reason: FailoverRateLimit, Duration: 500 * time.Millisecond}, + { + Provider: "openai", + Model: "gpt-4", + Error: errors.New("rate limited"), + Reason: FailoverRateLimit, + Duration: 500 * time.Millisecond, + }, {Provider: "anthropic", Model: "claude", Skipped: true}, }, } diff --git a/pkg/providers/github_copilot_provider.go b/pkg/providers/github_copilot_provider.go index 5058819f5..6124881f7 100644 --- a/pkg/providers/github_copilot_provider.go +++ b/pkg/providers/github_copilot_provider.go @@ -2,10 +2,9 @@ package providers import ( "context" + "encoding/json" "fmt" - json "encoding/json" - copilot "github.com/github/copilot-sdk/go" ) @@ -17,7 +16,6 @@ type GitHubCopilotProvider struct { } func NewGitHubCopilotProvider(uri string, connectMode string, model string) (*GitHubCopilotProvider, error) { - var session *copilot.Session if connectMode == "" { connectMode = "grpc" @@ -25,13 +23,15 @@ func NewGitHubCopilotProvider(uri string, connectMode string, model string) (*Gi switch connectMode { case "stdio": - //todo + // todo case "grpc": client := copilot.NewClient(&copilot.ClientOptions{ CLIUrl: uri, }) if err := client.Start(context.Background()); err != nil { - return nil, fmt.Errorf("Can't connect to Github Copilot, https://github.com/github/copilot-sdk/blob/main/docs/getting-started.md#connecting-to-an-external-cli-server for details") + return nil, fmt.Errorf( + "Can't connect to Github Copilot, https://github.com/github/copilot-sdk/blob/main/docs/getting-started.md#connecting-to-an-external-cli-server for details", + ) } defer client.Stop() session, _ = client.CreateSession(context.Background(), &copilot.SessionConfig{ @@ -49,7 +49,9 @@ func NewGitHubCopilotProvider(uri string, connectMode string, model string) (*Gi } // Chat sends a chat request to GitHub Copilot -func (p *GitHubCopilotProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *GitHubCopilotProvider) Chat( + ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]any, +) (*LLMResponse, error) { type tempMessage struct { Role string `json:"role"` Content string `json:"content"` @@ -73,10 +75,8 @@ func (p *GitHubCopilotProvider) Chat(ctx context.Context, messages []Message, to FinishReason: "stop", Content: content, }, nil - } func (p *GitHubCopilotProvider) GetDefaultModel() string { - return "gpt-4.1" } diff --git a/pkg/providers/http_provider.go b/pkg/providers/http_provider.go index 967d089d5..05c6eed6c 100644 --- a/pkg/providers/http_provider.go +++ b/pkg/providers/http_provider.go @@ -22,7 +22,9 @@ func NewHTTPProvider(apiKey, apiBase, proxy string) *HTTPProvider { } } -func (p *HTTPProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *HTTPProvider) Chat( + ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]any, +) (*LLMResponse, error) { return p.delegate.Chat(ctx, messages, tools, model, options) } diff --git a/pkg/providers/openai_compat/provider.go b/pkg/providers/openai_compat/provider.go index 9b404dd77..3a7fe4f39 100644 --- a/pkg/providers/openai_compat/provider.go +++ b/pkg/providers/openai_compat/provider.go @@ -15,13 +15,15 @@ import ( "github.com/sipeed/picoclaw/pkg/providers/protocoltypes" ) -type ToolCall = protocoltypes.ToolCall -type FunctionCall = protocoltypes.FunctionCall -type LLMResponse = protocoltypes.LLMResponse -type UsageInfo = protocoltypes.UsageInfo -type Message = protocoltypes.Message -type ToolDefinition = protocoltypes.ToolDefinition -type ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition +type ( + ToolCall = protocoltypes.ToolCall + FunctionCall = protocoltypes.FunctionCall + LLMResponse = protocoltypes.LLMResponse + UsageInfo = protocoltypes.UsageInfo + Message = protocoltypes.Message + ToolDefinition = protocoltypes.ToolDefinition + ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition +) type Provider struct { apiKey string @@ -52,14 +54,20 @@ func NewProvider(apiKey, apiBase, proxy string) *Provider { } } -func (p *Provider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *Provider) Chat( + ctx context.Context, + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, +) (*LLMResponse, error) { if p.apiBase == "" { return nil, fmt.Errorf("API base not configured") } model = normalizeModel(model, p.apiBase) - requestBody := map[string]interface{}{ + requestBody := map[string]any{ "model": model, "messages": messages, } @@ -154,7 +162,7 @@ func parseResponse(body []byte) (*LLMResponse, error) { choice := apiResponse.Choices[0] toolCalls := make([]ToolCall, 0, len(choice.Message.ToolCalls)) for _, tc := range choice.Message.ToolCalls { - arguments := make(map[string]interface{}) + arguments := make(map[string]any) name := "" if tc.Function != nil { @@ -201,7 +209,7 @@ func normalizeModel(model, apiBase string) string { } } -func asInt(v interface{}) (int, bool) { +func asInt(v any) (int, bool) { switch val := v.(type) { case int: return val, true @@ -216,7 +224,7 @@ func asInt(v interface{}) (int, bool) { } } -func asFloat(v interface{}) (float64, bool) { +func asFloat(v any) (float64, bool) { switch val := v.(type) { case float64: return val, true diff --git a/pkg/providers/openai_compat/provider_test.go b/pkg/providers/openai_compat/provider_test.go index 94779b39c..42f9d42ab 100644 --- a/pkg/providers/openai_compat/provider_test.go +++ b/pkg/providers/openai_compat/provider_test.go @@ -9,7 +9,7 @@ import ( ) func TestProviderChat_UsesMaxCompletionTokensForGLM(t *testing.T) { - var requestBody map[string]interface{} + var requestBody map[string]any server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.URL.Path != "/chat/completions" { @@ -20,10 +20,10 @@ func TestProviderChat_UsesMaxCompletionTokensForGLM(t *testing.T) { http.Error(w, err.Error(), http.StatusBadRequest) return } - resp := map[string]interface{}{ - "choices": []map[string]interface{}{ + resp := map[string]any{ + "choices": []map[string]any{ { - "message": map[string]interface{}{"content": "ok"}, + "message": map[string]any{"content": "ok"}, "finish_reason": "stop", }, }, @@ -34,7 +34,13 @@ func TestProviderChat_UsesMaxCompletionTokensForGLM(t *testing.T) { defer server.Close() p := NewProvider("key", server.URL, "") - _, err := p.Chat(t.Context(), []Message{{Role: "user", Content: "hi"}}, nil, "glm-4.7", map[string]interface{}{"max_tokens": 1234}) + _, err := p.Chat( + t.Context(), + []Message{{Role: "user", Content: "hi"}}, + nil, + "glm-4.7", + map[string]any{"max_tokens": 1234}, + ) if err != nil { t.Fatalf("Chat() error = %v", err) } @@ -49,16 +55,16 @@ func TestProviderChat_UsesMaxCompletionTokensForGLM(t *testing.T) { func TestProviderChat_ParsesToolCalls(t *testing.T) { server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - resp := map[string]interface{}{ - "choices": []map[string]interface{}{ + resp := map[string]any{ + "choices": []map[string]any{ { - "message": map[string]interface{}{ + "message": map[string]any{ "content": "", - "tool_calls": []map[string]interface{}{ + "tool_calls": []map[string]any{ { "id": "call_1", "type": "function", - "function": map[string]interface{}{ + "function": map[string]any{ "name": "get_weather", "arguments": "{\"city\":\"SF\"}", }, @@ -68,7 +74,7 @@ func TestProviderChat_ParsesToolCalls(t *testing.T) { "finish_reason": "tool_calls", }, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "prompt_tokens": 10, "completion_tokens": 5, "total_tokens": 15, @@ -109,17 +115,17 @@ func TestProviderChat_HTTPError(t *testing.T) { } func TestProviderChat_StripsMoonshotPrefixAndNormalizesKimiTemperature(t *testing.T) { - var requestBody map[string]interface{} + var requestBody map[string]any server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if err := json.NewDecoder(r.Body).Decode(&requestBody); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } - resp := map[string]interface{}{ - "choices": []map[string]interface{}{ + resp := map[string]any{ + "choices": []map[string]any{ { - "message": map[string]interface{}{"content": "ok"}, + "message": map[string]any{"content": "ok"}, "finish_reason": "stop", }, }, @@ -135,7 +141,7 @@ func TestProviderChat_StripsMoonshotPrefixAndNormalizesKimiTemperature(t *testin []Message{{Role: "user", Content: "hi"}}, nil, "moonshot/kimi-k2.5", - map[string]interface{}{"temperature": 0.3}, + map[string]any{"temperature": 0.3}, ) if err != nil { t.Fatalf("Chat() error = %v", err) @@ -174,17 +180,17 @@ func TestProviderChat_StripsGroqAndOllamaPrefixes(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - var requestBody map[string]interface{} + var requestBody map[string]any server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if err := json.NewDecoder(r.Body).Decode(&requestBody); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } - resp := map[string]interface{}{ - "choices": []map[string]interface{}{ + resp := map[string]any{ + "choices": []map[string]any{ { - "message": map[string]interface{}{"content": "ok"}, + "message": map[string]any{"content": "ok"}, "finish_reason": "stop", }, }, @@ -227,17 +233,17 @@ func TestProvider_ProxyConfigured(t *testing.T) { } func TestProviderChat_AcceptsNumericOptionTypes(t *testing.T) { - var requestBody map[string]interface{} + var requestBody map[string]any server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if err := json.NewDecoder(r.Body).Decode(&requestBody); err != nil { http.Error(w, err.Error(), http.StatusBadRequest) return } - resp := map[string]interface{}{ - "choices": []map[string]interface{}{ + resp := map[string]any{ + "choices": []map[string]any{ { - "message": map[string]interface{}{"content": "ok"}, + "message": map[string]any{"content": "ok"}, "finish_reason": "stop", }, }, @@ -253,7 +259,7 @@ func TestProviderChat_AcceptsNumericOptionTypes(t *testing.T) { []Message{{Role: "user", Content: "hi"}}, nil, "gpt-4o", - map[string]interface{}{"max_tokens": float64(512), "temperature": 1}, + map[string]any{"max_tokens": float64(512), "temperature": 1}, ) if err != nil { t.Fatalf("Chat() error = %v", err) diff --git a/pkg/providers/protocoltypes/types.go b/pkg/providers/protocoltypes/types.go index 6b33ae734..b5b4a2d39 100644 --- a/pkg/providers/protocoltypes/types.go +++ b/pkg/providers/protocoltypes/types.go @@ -1,11 +1,11 @@ package protocoltypes type ToolCall struct { - ID string `json:"id"` - Type string `json:"type,omitempty"` - Function *FunctionCall `json:"function,omitempty"` - Name string `json:"name,omitempty"` - Arguments map[string]interface{} `json:"arguments,omitempty"` + ID string `json:"id"` + Type string `json:"type,omitempty"` + Function *FunctionCall `json:"function,omitempty"` + Name string `json:"name,omitempty"` + Arguments map[string]any `json:"arguments,omitempty"` } type FunctionCall struct { @@ -39,7 +39,7 @@ type ToolDefinition struct { } type ToolFunctionDefinition struct { - Name string `json:"name"` - Description string `json:"description"` - Parameters map[string]interface{} `json:"parameters"` + Name string `json:"name"` + Description string `json:"description"` + Parameters map[string]any `json:"parameters"` } diff --git a/pkg/providers/tool_call_extract.go b/pkg/providers/tool_call_extract.go index 97a219283..7ddea0e99 100644 --- a/pkg/providers/tool_call_extract.go +++ b/pkg/providers/tool_call_extract.go @@ -38,7 +38,7 @@ func extractToolCallsFromText(text string) []ToolCall { var result []ToolCall for _, tc := range wrapper.ToolCalls { - var args map[string]interface{} + var args map[string]any json.Unmarshal([]byte(tc.Function.Arguments), &args) result = append(result, ToolCall{ diff --git a/pkg/providers/types.go b/pkg/providers/types.go index c4a9de58a..2fbddd686 100644 --- a/pkg/providers/types.go +++ b/pkg/providers/types.go @@ -7,16 +7,24 @@ import ( "github.com/sipeed/picoclaw/pkg/providers/protocoltypes" ) -type ToolCall = protocoltypes.ToolCall -type FunctionCall = protocoltypes.FunctionCall -type LLMResponse = protocoltypes.LLMResponse -type UsageInfo = protocoltypes.UsageInfo -type Message = protocoltypes.Message -type ToolDefinition = protocoltypes.ToolDefinition -type ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition +type ( + ToolCall = protocoltypes.ToolCall + FunctionCall = protocoltypes.FunctionCall + LLMResponse = protocoltypes.LLMResponse + UsageInfo = protocoltypes.UsageInfo + Message = protocoltypes.Message + ToolDefinition = protocoltypes.ToolDefinition + ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition +) type LLMProvider interface { - Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) + Chat( + ctx context.Context, + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, + ) (*LLMResponse, error) GetDefaultModel() string } diff --git a/pkg/session/manager.go b/pkg/session/manager.go index 12bf33df0..08f0b0ad2 100644 --- a/pkg/session/manager.go +++ b/pkg/session/manager.go @@ -32,7 +32,7 @@ func NewSessionManager(storage string) *SessionManager { } if storage != "" { - os.MkdirAll(storage, 0755) + os.MkdirAll(storage, 0o755) sm.loadSessions() } @@ -214,7 +214,7 @@ func (sm *SessionManager) Save(key string) error { _ = tmpFile.Close() return err } - if err := tmpFile.Chmod(0644); err != nil { + if err := tmpFile.Chmod(0o644); err != nil { _ = tmpFile.Close() return err } diff --git a/pkg/skills/installer.go b/pkg/skills/installer.go index a3263c525..5742a8f03 100644 --- a/pkg/skills/installer.go +++ b/pkg/skills/installer.go @@ -66,12 +66,12 @@ func (si *SkillInstaller) InstallFromGitHub(ctx context.Context, repo string) er return fmt.Errorf("failed to read response: %w", err) } - if err := os.MkdirAll(skillDir, 0755); err != nil { + if err := os.MkdirAll(skillDir, 0o755); err != nil { return fmt.Errorf("failed to create skill directory: %w", err) } skillPath := filepath.Join(skillDir, "SKILL.md") - if err := os.WriteFile(skillPath, body, 0644); err != nil { + if err := os.WriteFile(skillPath, body, 0o644); err != nil { return fmt.Errorf("failed to write skill file: %w", err) } diff --git a/pkg/state/state.go b/pkg/state/state.go index 0bb9cd497..1a92f82ed 100644 --- a/pkg/state/state.go +++ b/pkg/state/state.go @@ -38,7 +38,7 @@ func NewManager(workspace string) *Manager { oldStateFile := filepath.Join(workspace, "state.json") // Create state directory if it doesn't exist - os.MkdirAll(stateDir, 0755) + os.MkdirAll(stateDir, 0o755) sm := &Manager{ workspace: workspace, @@ -139,7 +139,7 @@ func (sm *Manager) saveAtomic() error { } // Write to temp file - if err := os.WriteFile(tempFile, data, 0644); err != nil { + if err := os.WriteFile(tempFile, data, 0o644); err != nil { return fmt.Errorf("failed to write temp file: %w", err) } diff --git a/pkg/state/state_test.go b/pkg/state/state_test.go index ce3dd7215..f717a5bb4 100644 --- a/pkg/state/state_test.go +++ b/pkg/state/state_test.go @@ -98,7 +98,7 @@ func TestAtomicity_NoCorruptionOnInterrupt(t *testing.T) { // Simulate a crash scenario by manually creating a corrupted temp file tempFile := filepath.Join(tmpDir, "state", "state.json.tmp") - err = os.WriteFile(tempFile, []byte("corrupted data"), 0644) + err = os.WriteFile(tempFile, []byte("corrupted data"), 0o644) if err != nil { t.Fatalf("Failed to create temp file: %v", err) } diff --git a/pkg/tools/base.go b/pkg/tools/base.go index b13174633..770d8cb04 100644 --- a/pkg/tools/base.go +++ b/pkg/tools/base.go @@ -6,8 +6,8 @@ import "context" type Tool interface { Name() string Description() string - Parameters() map[string]interface{} - Execute(ctx context.Context, args map[string]interface{}) *ToolResult + Parameters() map[string]any + Execute(ctx context.Context, args map[string]any) *ToolResult } // ContextualTool is an optional interface that tools can implement @@ -69,10 +69,10 @@ type AsyncTool interface { SetCallback(cb AsyncCallback) } -func ToolToSchema(tool Tool) map[string]interface{} { - return map[string]interface{}{ +func ToolToSchema(tool Tool) map[string]any { + return map[string]any{ "type": "function", - "function": map[string]interface{}{ + "function": map[string]any{ "name": tool.Name(), "description": tool.Description(), "parameters": tool.Parameters(), diff --git a/pkg/tools/cron.go b/pkg/tools/cron.go index e2764d8ac..562fffc84 100644 --- a/pkg/tools/cron.go +++ b/pkg/tools/cron.go @@ -30,7 +30,10 @@ type CronTool struct { // NewCronTool creates a new CronTool // execTimeout: 0 means no timeout, >0 sets the timeout duration -func NewCronTool(cronService *cron.CronService, executor JobExecutor, msgBus *bus.MessageBus, workspace string, restrict bool, execTimeout time.Duration, config *config.Config) *CronTool { +func NewCronTool( + cronService *cron.CronService, executor JobExecutor, msgBus *bus.MessageBus, workspace string, restrict bool, + execTimeout time.Duration, config *config.Config, +) *CronTool { execTool := NewExecToolWithConfig(workspace, restrict, config) execTool.SetTimeout(execTimeout) return &CronTool{ @@ -52,40 +55,40 @@ func (t *CronTool) Description() string { } // Parameters returns the tool parameters schema -func (t *CronTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *CronTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "action": map[string]interface{}{ + "properties": map[string]any{ + "action": map[string]any{ "type": "string", "enum": []string{"add", "list", "remove", "enable", "disable"}, "description": "Action to perform. Use 'add' when user wants to schedule a reminder or task.", }, - "message": map[string]interface{}{ + "message": map[string]any{ "type": "string", "description": "The reminder/task message to display when triggered. If 'command' is used, this describes what the command does.", }, - "command": map[string]interface{}{ + "command": map[string]any{ "type": "string", "description": "Optional: Shell command to execute directly (e.g., 'df -h'). If set, the agent will run this command and report output instead of just showing the message. 'deliver' will be forced to false for commands.", }, - "at_seconds": map[string]interface{}{ + "at_seconds": map[string]any{ "type": "integer", "description": "One-time reminder: seconds from now when to trigger (e.g., 600 for 10 minutes later). Use this for one-time reminders like 'remind me in 10 minutes'.", }, - "every_seconds": map[string]interface{}{ + "every_seconds": map[string]any{ "type": "integer", "description": "Recurring interval in seconds (e.g., 3600 for every hour). Use this ONLY for recurring tasks like 'every 2 hours' or 'daily reminder'.", }, - "cron_expr": map[string]interface{}{ + "cron_expr": map[string]any{ "type": "string", "description": "Cron expression for complex recurring schedules (e.g., '0 9 * * *' for daily at 9am). Use this for complex recurring schedules.", }, - "job_id": map[string]interface{}{ + "job_id": map[string]any{ "type": "string", "description": "Job ID (for remove/enable/disable)", }, - "deliver": map[string]interface{}{ + "deliver": map[string]any{ "type": "boolean", "description": "If true, send message directly to channel. If false, let agent process message (for complex tasks). Default: true", }, @@ -103,7 +106,7 @@ func (t *CronTool) SetContext(channel, chatID string) { } // Execute runs the tool with the given arguments -func (t *CronTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *CronTool) Execute(ctx context.Context, args map[string]any) *ToolResult { action, ok := args["action"].(string) if !ok { return ErrorResult("action is required") @@ -125,7 +128,7 @@ func (t *CronTool) Execute(ctx context.Context, args map[string]interface{}) *To } } -func (t *CronTool) addJob(args map[string]interface{}) *ToolResult { +func (t *CronTool) addJob(args map[string]any) *ToolResult { t.mu.RLock() channel := t.channel chatID := t.chatID @@ -233,7 +236,7 @@ func (t *CronTool) listJobs() *ToolResult { return SilentResult(result) } -func (t *CronTool) removeJob(args map[string]interface{}) *ToolResult { +func (t *CronTool) removeJob(args map[string]any) *ToolResult { jobID, ok := args["job_id"].(string) if !ok || jobID == "" { return ErrorResult("job_id is required for remove") @@ -245,7 +248,7 @@ func (t *CronTool) removeJob(args map[string]interface{}) *ToolResult { return ErrorResult(fmt.Sprintf("Job %s not found", jobID)) } -func (t *CronTool) enableJob(args map[string]interface{}, enable bool) *ToolResult { +func (t *CronTool) enableJob(args map[string]any, enable bool) *ToolResult { jobID, ok := args["job_id"].(string) if !ok || jobID == "" { return ErrorResult("job_id is required for enable/disable") @@ -279,7 +282,7 @@ func (t *CronTool) ExecuteJob(ctx context.Context, job *cron.CronJob) string { // Execute command if present if job.Payload.Command != "" { - args := map[string]interface{}{ + args := map[string]any{ "command": job.Payload.Command, } @@ -320,7 +323,6 @@ func (t *CronTool) ExecuteJob(ctx context.Context, job *cron.CronJob) string { channel, chatID, ) - if err != nil { return fmt.Sprintf("Error: %v", err) } diff --git a/pkg/tools/edit.go b/pkg/tools/edit.go index 1e7c33b45..39d2642d4 100644 --- a/pkg/tools/edit.go +++ b/pkg/tools/edit.go @@ -30,19 +30,19 @@ func (t *EditFileTool) Description() string { return "Edit a file by replacing old_text with new_text. The old_text must exist exactly in the file." } -func (t *EditFileTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *EditFileTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "path": map[string]interface{}{ + "properties": map[string]any{ + "path": map[string]any{ "type": "string", "description": "The file path to edit", }, - "old_text": map[string]interface{}{ + "old_text": map[string]any{ "type": "string", "description": "The exact text to find and replace", }, - "new_text": map[string]interface{}{ + "new_text": map[string]any{ "type": "string", "description": "The text to replace with", }, @@ -51,7 +51,7 @@ func (t *EditFileTool) Parameters() map[string]interface{} { } } -func (t *EditFileTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *EditFileTool) Execute(ctx context.Context, args map[string]any) *ToolResult { path, ok := args["path"].(string) if !ok { return ErrorResult("path is required") @@ -89,12 +89,14 @@ func (t *EditFileTool) Execute(ctx context.Context, args map[string]interface{}) count := strings.Count(contentStr, oldText) if count > 1 { - return ErrorResult(fmt.Sprintf("old_text appears %d times. Please provide more context to make it unique", count)) + return ErrorResult( + fmt.Sprintf("old_text appears %d times. Please provide more context to make it unique", count), + ) } newContent := strings.Replace(contentStr, oldText, newText, 1) - if err := os.WriteFile(resolvedPath, []byte(newContent), 0644); err != nil { + if err := os.WriteFile(resolvedPath, []byte(newContent), 0o644); err != nil { return ErrorResult(fmt.Sprintf("failed to write file: %v", err)) } @@ -118,15 +120,15 @@ func (t *AppendFileTool) Description() string { return "Append content to the end of a file" } -func (t *AppendFileTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *AppendFileTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "path": map[string]interface{}{ + "properties": map[string]any{ + "path": map[string]any{ "type": "string", "description": "The file path to append to", }, - "content": map[string]interface{}{ + "content": map[string]any{ "type": "string", "description": "The content to append", }, @@ -135,7 +137,7 @@ func (t *AppendFileTool) Parameters() map[string]interface{} { } } -func (t *AppendFileTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *AppendFileTool) Execute(ctx context.Context, args map[string]any) *ToolResult { path, ok := args["path"].(string) if !ok { return ErrorResult("path is required") @@ -151,7 +153,7 @@ func (t *AppendFileTool) Execute(ctx context.Context, args map[string]interface{ return ErrorResult(err.Error()) } - f, err := os.OpenFile(resolvedPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) + f, err := os.OpenFile(resolvedPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644) if err != nil { return ErrorResult(fmt.Sprintf("failed to open file: %v", err)) } diff --git a/pkg/tools/edit_test.go b/pkg/tools/edit_test.go index c4c02772d..6780dd9f6 100644 --- a/pkg/tools/edit_test.go +++ b/pkg/tools/edit_test.go @@ -12,11 +12,11 @@ import ( func TestEditTool_EditFile_Success(t *testing.T) { tmpDir := t.TempDir() testFile := filepath.Join(tmpDir, "test.txt") - os.WriteFile(testFile, []byte("Hello World\nThis is a test"), 0644) + os.WriteFile(testFile, []byte("Hello World\nThis is a test"), 0o644) tool := NewEditFileTool(tmpDir, true) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": testFile, "old_text": "World", "new_text": "Universe", @@ -60,7 +60,7 @@ func TestEditTool_EditFile_NotFound(t *testing.T) { tool := NewEditFileTool(tmpDir, true) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": testFile, "old_text": "old", "new_text": "new", @@ -83,11 +83,11 @@ func TestEditTool_EditFile_NotFound(t *testing.T) { func TestEditTool_EditFile_OldTextNotFound(t *testing.T) { tmpDir := t.TempDir() testFile := filepath.Join(tmpDir, "test.txt") - os.WriteFile(testFile, []byte("Hello World"), 0644) + os.WriteFile(testFile, []byte("Hello World"), 0o644) tool := NewEditFileTool(tmpDir, true) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": testFile, "old_text": "Goodbye", "new_text": "Hello", @@ -110,11 +110,11 @@ func TestEditTool_EditFile_OldTextNotFound(t *testing.T) { func TestEditTool_EditFile_MultipleMatches(t *testing.T) { tmpDir := t.TempDir() testFile := filepath.Join(tmpDir, "test.txt") - os.WriteFile(testFile, []byte("test test test"), 0644) + os.WriteFile(testFile, []byte("test test test"), 0o644) tool := NewEditFileTool(tmpDir, true) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": testFile, "old_text": "test", "new_text": "done", @@ -138,11 +138,11 @@ func TestEditTool_EditFile_OutsideAllowedDir(t *testing.T) { tmpDir := t.TempDir() otherDir := t.TempDir() testFile := filepath.Join(otherDir, "test.txt") - os.WriteFile(testFile, []byte("content"), 0644) + os.WriteFile(testFile, []byte("content"), 0o644) tool := NewEditFileTool(tmpDir, true) // Restrict to tmpDir ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": testFile, "old_text": "content", "new_text": "new", @@ -165,7 +165,7 @@ func TestEditTool_EditFile_OutsideAllowedDir(t *testing.T) { func TestEditTool_EditFile_MissingPath(t *testing.T) { tool := NewEditFileTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "old_text": "old", "new_text": "new", } @@ -182,7 +182,7 @@ func TestEditTool_EditFile_MissingPath(t *testing.T) { func TestEditTool_EditFile_MissingOldText(t *testing.T) { tool := NewEditFileTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": "/tmp/test.txt", "new_text": "new", } @@ -199,7 +199,7 @@ func TestEditTool_EditFile_MissingOldText(t *testing.T) { func TestEditTool_EditFile_MissingNewText(t *testing.T) { tool := NewEditFileTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": "/tmp/test.txt", "old_text": "old", } @@ -216,11 +216,11 @@ func TestEditTool_EditFile_MissingNewText(t *testing.T) { func TestEditTool_AppendFile_Success(t *testing.T) { tmpDir := t.TempDir() testFile := filepath.Join(tmpDir, "test.txt") - os.WriteFile(testFile, []byte("Initial content"), 0644) + os.WriteFile(testFile, []byte("Initial content"), 0o644) tool := NewAppendFileTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": testFile, "content": "\nAppended content", } @@ -260,7 +260,7 @@ func TestEditTool_AppendFile_Success(t *testing.T) { func TestEditTool_AppendFile_MissingPath(t *testing.T) { tool := NewAppendFileTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "content": "test", } @@ -276,7 +276,7 @@ func TestEditTool_AppendFile_MissingPath(t *testing.T) { func TestEditTool_AppendFile_MissingContent(t *testing.T) { tool := NewAppendFileTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": "/tmp/test.txt", } diff --git a/pkg/tools/filesystem.go b/pkg/tools/filesystem.go index 09063ea0a..dd996bc0d 100644 --- a/pkg/tools/filesystem.go +++ b/pkg/tools/filesystem.go @@ -94,11 +94,11 @@ func (t *ReadFileTool) Description() string { return "Read the contents of a file" } -func (t *ReadFileTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *ReadFileTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "path": map[string]interface{}{ + "properties": map[string]any{ + "path": map[string]any{ "type": "string", "description": "Path to the file to read", }, @@ -107,7 +107,7 @@ func (t *ReadFileTool) Parameters() map[string]interface{} { } } -func (t *ReadFileTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *ReadFileTool) Execute(ctx context.Context, args map[string]any) *ToolResult { path, ok := args["path"].(string) if !ok { return ErrorResult("path is required") @@ -143,15 +143,15 @@ func (t *WriteFileTool) Description() string { return "Write content to a file" } -func (t *WriteFileTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *WriteFileTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "path": map[string]interface{}{ + "properties": map[string]any{ + "path": map[string]any{ "type": "string", "description": "Path to the file to write", }, - "content": map[string]interface{}{ + "content": map[string]any{ "type": "string", "description": "Content to write to the file", }, @@ -160,7 +160,7 @@ func (t *WriteFileTool) Parameters() map[string]interface{} { } } -func (t *WriteFileTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *WriteFileTool) Execute(ctx context.Context, args map[string]any) *ToolResult { path, ok := args["path"].(string) if !ok { return ErrorResult("path is required") @@ -177,11 +177,11 @@ func (t *WriteFileTool) Execute(ctx context.Context, args map[string]interface{} } dir := filepath.Dir(resolvedPath) - if err := os.MkdirAll(dir, 0755); err != nil { + if err := os.MkdirAll(dir, 0o755); err != nil { return ErrorResult(fmt.Sprintf("failed to create directory: %v", err)) } - if err := os.WriteFile(resolvedPath, []byte(content), 0644); err != nil { + if err := os.WriteFile(resolvedPath, []byte(content), 0o644); err != nil { return ErrorResult(fmt.Sprintf("failed to write file: %v", err)) } @@ -205,11 +205,11 @@ func (t *ListDirTool) Description() string { return "List files and directories in a path" } -func (t *ListDirTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *ListDirTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "path": map[string]interface{}{ + "properties": map[string]any{ + "path": map[string]any{ "type": "string", "description": "Path to list", }, @@ -218,7 +218,7 @@ func (t *ListDirTool) Parameters() map[string]interface{} { } } -func (t *ListDirTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *ListDirTool) Execute(ctx context.Context, args map[string]any) *ToolResult { path, ok := args["path"].(string) if !ok { path = "." diff --git a/pkg/tools/filesystem_test.go b/pkg/tools/filesystem_test.go index 958036419..5daa3dcea 100644 --- a/pkg/tools/filesystem_test.go +++ b/pkg/tools/filesystem_test.go @@ -12,11 +12,11 @@ import ( func TestFilesystemTool_ReadFile_Success(t *testing.T) { tmpDir := t.TempDir() testFile := filepath.Join(tmpDir, "test.txt") - os.WriteFile(testFile, []byte("test content"), 0644) + os.WriteFile(testFile, []byte("test content"), 0o644) tool := &ReadFileTool{} ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": testFile, } @@ -43,7 +43,7 @@ func TestFilesystemTool_ReadFile_Success(t *testing.T) { func TestFilesystemTool_ReadFile_NotFound(t *testing.T) { tool := &ReadFileTool{} ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": "/nonexistent_file_12345.txt", } @@ -64,7 +64,7 @@ func TestFilesystemTool_ReadFile_NotFound(t *testing.T) { func TestFilesystemTool_ReadFile_MissingPath(t *testing.T) { tool := &ReadFileTool{} ctx := context.Background() - args := map[string]interface{}{} + args := map[string]any{} result := tool.Execute(ctx, args) @@ -86,7 +86,7 @@ func TestFilesystemTool_WriteFile_Success(t *testing.T) { tool := &WriteFileTool{} ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": testFile, "content": "hello world", } @@ -125,7 +125,7 @@ func TestFilesystemTool_WriteFile_CreateDir(t *testing.T) { tool := &WriteFileTool{} ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": testFile, "content": "test", } @@ -151,7 +151,7 @@ func TestFilesystemTool_WriteFile_CreateDir(t *testing.T) { func TestFilesystemTool_WriteFile_MissingPath(t *testing.T) { tool := &WriteFileTool{} ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "content": "test", } @@ -167,7 +167,7 @@ func TestFilesystemTool_WriteFile_MissingPath(t *testing.T) { func TestFilesystemTool_WriteFile_MissingContent(t *testing.T) { tool := &WriteFileTool{} ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": "/tmp/test.txt", } @@ -179,7 +179,8 @@ func TestFilesystemTool_WriteFile_MissingContent(t *testing.T) { } // Should mention required parameter - if !strings.Contains(result.ForLLM, "content is required") && !strings.Contains(result.ForUser, "content is required") { + if !strings.Contains(result.ForLLM, "content is required") && + !strings.Contains(result.ForUser, "content is required") { t.Errorf("Expected 'content is required' message, got ForLLM: %s", result.ForLLM) } } @@ -187,13 +188,13 @@ func TestFilesystemTool_WriteFile_MissingContent(t *testing.T) { // TestFilesystemTool_ListDir_Success verifies successful directory listing func TestFilesystemTool_ListDir_Success(t *testing.T) { tmpDir := t.TempDir() - os.WriteFile(filepath.Join(tmpDir, "file1.txt"), []byte("content"), 0644) - os.WriteFile(filepath.Join(tmpDir, "file2.txt"), []byte("content"), 0644) - os.Mkdir(filepath.Join(tmpDir, "subdir"), 0755) + os.WriteFile(filepath.Join(tmpDir, "file1.txt"), []byte("content"), 0o644) + os.WriteFile(filepath.Join(tmpDir, "file2.txt"), []byte("content"), 0o644) + os.Mkdir(filepath.Join(tmpDir, "subdir"), 0o755) tool := &ListDirTool{} ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": tmpDir, } @@ -217,7 +218,7 @@ func TestFilesystemTool_ListDir_Success(t *testing.T) { func TestFilesystemTool_ListDir_NotFound(t *testing.T) { tool := &ListDirTool{} ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "path": "/nonexistent_directory_12345", } @@ -238,7 +239,7 @@ func TestFilesystemTool_ListDir_NotFound(t *testing.T) { func TestFilesystemTool_ListDir_DefaultPath(t *testing.T) { tool := &ListDirTool{} ctx := context.Background() - args := map[string]interface{}{} + args := map[string]any{} result := tool.Execute(ctx, args) @@ -250,15 +251,14 @@ func TestFilesystemTool_ListDir_DefaultPath(t *testing.T) { // Block paths that look inside workspace but point outside via symlink. func TestFilesystemTool_ReadFile_RejectsSymlinkEscape(t *testing.T) { - root := t.TempDir() workspace := filepath.Join(root, "workspace") - if err := os.MkdirAll(workspace, 0755); err != nil { + if err := os.MkdirAll(workspace, 0o755); err != nil { t.Fatalf("failed to create workspace: %v", err) } secret := filepath.Join(root, "secret.txt") - if err := os.WriteFile(secret, []byte("top secret"), 0644); err != nil { + if err := os.WriteFile(secret, []byte("top secret"), 0o644); err != nil { t.Fatalf("failed to write secret file: %v", err) } @@ -268,7 +268,7 @@ func TestFilesystemTool_ReadFile_RejectsSymlinkEscape(t *testing.T) { } tool := NewReadFileTool(workspace, true) - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "path": link, }) diff --git a/pkg/tools/i2c.go b/pkg/tools/i2c.go index abca5ec1e..0387a26d3 100644 --- a/pkg/tools/i2c.go +++ b/pkg/tools/i2c.go @@ -24,37 +24,37 @@ func (t *I2CTool) Description() string { return "Interact with I2C bus devices for reading sensors and controlling peripherals. Actions: detect (list buses), scan (find devices on a bus), read (read bytes from device), write (send bytes to device). Linux only." } -func (t *I2CTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *I2CTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "action": map[string]interface{}{ + "properties": map[string]any{ + "action": map[string]any{ "type": "string", "enum": []string{"detect", "scan", "read", "write"}, "description": "Action to perform: detect (list available I2C buses), scan (find devices on a bus), read (read bytes from a device), write (send bytes to a device)", }, - "bus": map[string]interface{}{ + "bus": map[string]any{ "type": "string", "description": "I2C bus number (e.g. \"1\" for /dev/i2c-1). Required for scan/read/write.", }, - "address": map[string]interface{}{ + "address": map[string]any{ "type": "integer", "description": "7-bit I2C device address (0x03-0x77). Required for read/write.", }, - "register": map[string]interface{}{ + "register": map[string]any{ "type": "integer", "description": "Register address to read from or write to. If set, sends register byte before read/write.", }, - "data": map[string]interface{}{ + "data": map[string]any{ "type": "array", - "items": map[string]interface{}{"type": "integer"}, + "items": map[string]any{"type": "integer"}, "description": "Bytes to write (0-255 each). Required for write action.", }, - "length": map[string]interface{}{ + "length": map[string]any{ "type": "integer", "description": "Number of bytes to read (1-256). Default: 1. Used with read action.", }, - "confirm": map[string]interface{}{ + "confirm": map[string]any{ "type": "boolean", "description": "Must be true for write operations. Safety guard to prevent accidental writes.", }, @@ -63,7 +63,7 @@ func (t *I2CTool) Parameters() map[string]interface{} { } } -func (t *I2CTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *I2CTool) Execute(ctx context.Context, args map[string]any) *ToolResult { if runtime.GOOS != "linux" { return ErrorResult("I2C is only supported on Linux. This tool requires /dev/i2c-* device files.") } @@ -95,7 +95,9 @@ func (t *I2CTool) detect() *ToolResult { } if len(matches) == 0 { - return SilentResult("No I2C buses found. You may need to:\n1. Load the i2c-dev module: modprobe i2c-dev\n2. Check that I2C is enabled in device tree\n3. Configure pinmux for your board (see hardware skill)") + return SilentResult( + "No I2C buses found. You may need to:\n1. Load the i2c-dev module: modprobe i2c-dev\n2. Check that I2C is enabled in device tree\n3. Configure pinmux for your board (see hardware skill)", + ) } type busInfo struct { @@ -122,7 +124,7 @@ func isValidBusID(id string) bool { } // parseI2CAddress extracts and validates an I2C address from args -func parseI2CAddress(args map[string]interface{}) (int, *ToolResult) { +func parseI2CAddress(args map[string]any) (int, *ToolResult) { addrFloat, ok := args["address"].(float64) if !ok { return 0, ErrorResult("address is required (e.g. 0x38 for AHT20)") @@ -135,7 +137,7 @@ func parseI2CAddress(args map[string]interface{}) (int, *ToolResult) { } // parseI2CBus extracts and validates an I2C bus from args -func parseI2CBus(args map[string]interface{}) (string, *ToolResult) { +func parseI2CBus(args map[string]any) (string, *ToolResult) { bus, ok := args["bus"].(string) if !ok || bus == "" { return "", ErrorResult("bus is required (e.g. \"1\" for /dev/i2c-1)") diff --git a/pkg/tools/i2c_linux.go b/pkg/tools/i2c_linux.go index 294f7ecbc..2a0626340 100644 --- a/pkg/tools/i2c_linux.go +++ b/pkg/tools/i2c_linux.go @@ -74,7 +74,7 @@ func smbusProbe(fd int, addr int, hasQuick bool) bool { // scan probes valid 7-bit addresses on a bus for connected devices. // Uses the same hybrid probe strategy as i2cdetect's MODE_AUTO: // SMBus Quick Write for most addresses, SMBus Read Byte for EEPROM ranges. -func (t *I2CTool) scan(args map[string]interface{}) *ToolResult { +func (t *I2CTool) scan(args map[string]any) *ToolResult { bus, errResult := parseI2CBus(args) if errResult != nil { return errResult @@ -99,7 +99,9 @@ func (t *I2CTool) scan(args map[string]interface{}) *ToolResult { hasReadByte := funcs&i2cFuncSmbusReadByte != 0 if !hasQuick && !hasReadByte { - return ErrorResult(fmt.Sprintf("I2C adapter %s supports neither SMBus Quick nor Read Byte ā€” cannot probe safely", devPath)) + return ErrorResult( + fmt.Sprintf("I2C adapter %s supports neither SMBus Quick nor Read Byte ā€” cannot probe safely", devPath), + ) } type deviceEntry struct { @@ -133,7 +135,7 @@ func (t *I2CTool) scan(args map[string]interface{}) *ToolResult { return SilentResult(fmt.Sprintf("No devices found on %s. Check wiring and pull-up resistors.", devPath)) } - result, _ := json.MarshalIndent(map[string]interface{}{ + result, _ := json.MarshalIndent(map[string]any{ "bus": devPath, "devices": found, "count": len(found), @@ -142,7 +144,7 @@ func (t *I2CTool) scan(args map[string]interface{}) *ToolResult { } // readDevice reads bytes from an I2C device, optionally at a specific register -func (t *I2CTool) readDevice(args map[string]interface{}) *ToolResult { +func (t *I2CTool) readDevice(args map[string]any) *ToolResult { bus, errResult := parseI2CBus(args) if errResult != nil { return errResult @@ -201,7 +203,7 @@ func (t *I2CTool) readDevice(args map[string]interface{}) *ToolResult { intBytes[i] = int(buf[i]) } - result, _ := json.MarshalIndent(map[string]interface{}{ + result, _ := json.MarshalIndent(map[string]any{ "bus": devPath, "address": fmt.Sprintf("0x%02x", addr), "bytes": intBytes, @@ -212,10 +214,12 @@ func (t *I2CTool) readDevice(args map[string]interface{}) *ToolResult { } // writeDevice writes bytes to an I2C device, optionally at a specific register -func (t *I2CTool) writeDevice(args map[string]interface{}) *ToolResult { +func (t *I2CTool) writeDevice(args map[string]any) *ToolResult { confirm, _ := args["confirm"].(bool) if !confirm { - return ErrorResult("write operations require confirm: true. Please confirm with the user before writing to I2C devices, as incorrect writes can misconfigure hardware.") + return ErrorResult( + "write operations require confirm: true. Please confirm with the user before writing to I2C devices, as incorrect writes can misconfigure hardware.", + ) } bus, errResult := parseI2CBus(args) @@ -228,7 +232,7 @@ func (t *I2CTool) writeDevice(args map[string]interface{}) *ToolResult { return errResult } - dataRaw, ok := args["data"].([]interface{}) + dataRaw, ok := args["data"].([]any) if !ok || len(dataRaw) == 0 { return ErrorResult("data is required for write (array of byte values 0-255)") } diff --git a/pkg/tools/i2c_other.go b/pkg/tools/i2c_other.go index d1d581348..7becf8339 100644 --- a/pkg/tools/i2c_other.go +++ b/pkg/tools/i2c_other.go @@ -3,16 +3,16 @@ package tools // scan is a stub for non-Linux platforms. -func (t *I2CTool) scan(args map[string]interface{}) *ToolResult { +func (t *I2CTool) scan(args map[string]any) *ToolResult { return ErrorResult("I2C is only supported on Linux") } // readDevice is a stub for non-Linux platforms. -func (t *I2CTool) readDevice(args map[string]interface{}) *ToolResult { +func (t *I2CTool) readDevice(args map[string]any) *ToolResult { return ErrorResult("I2C is only supported on Linux") } // writeDevice is a stub for non-Linux platforms. -func (t *I2CTool) writeDevice(args map[string]interface{}) *ToolResult { +func (t *I2CTool) writeDevice(args map[string]any) *ToolResult { return ErrorResult("I2C is only supported on Linux") } diff --git a/pkg/tools/message.go b/pkg/tools/message.go index abedb1316..15ef4ff73 100644 --- a/pkg/tools/message.go +++ b/pkg/tools/message.go @@ -26,19 +26,19 @@ func (t *MessageTool) Description() string { return "Send a message to user on a chat channel. Use this when you want to communicate something." } -func (t *MessageTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *MessageTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "content": map[string]interface{}{ + "properties": map[string]any{ + "content": map[string]any{ "type": "string", "description": "The message content to send", }, - "channel": map[string]interface{}{ + "channel": map[string]any{ "type": "string", "description": "Optional: target channel (telegram, whatsapp, etc.)", }, - "chat_id": map[string]interface{}{ + "chat_id": map[string]any{ "type": "string", "description": "Optional: target chat/user ID", }, @@ -62,7 +62,7 @@ func (t *MessageTool) SetSendCallback(callback SendCallback) { t.sendCallback = callback } -func (t *MessageTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *MessageTool) Execute(ctx context.Context, args map[string]any) *ToolResult { content, ok := args["content"].(string) if !ok { return &ToolResult{ForLLM: "content is required", IsError: true} diff --git a/pkg/tools/message_test.go b/pkg/tools/message_test.go index 4bedbe79b..717c1117b 100644 --- a/pkg/tools/message_test.go +++ b/pkg/tools/message_test.go @@ -19,7 +19,7 @@ func TestMessageTool_Execute_Success(t *testing.T) { }) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "content": "Hello, world!", } @@ -70,7 +70,7 @@ func TestMessageTool_Execute_WithCustomChannel(t *testing.T) { }) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "content": "Test message", "channel": "custom-channel", "chat_id": "custom-chat-id", @@ -104,7 +104,7 @@ func TestMessageTool_Execute_SendFailure(t *testing.T) { }) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "content": "Test message", } @@ -136,7 +136,7 @@ func TestMessageTool_Execute_MissingContent(t *testing.T) { tool.SetContext("test-channel", "test-chat-id") ctx := context.Background() - args := map[string]interface{}{} // content missing + args := map[string]any{} // content missing result := tool.Execute(ctx, args) @@ -158,7 +158,7 @@ func TestMessageTool_Execute_NoTargetChannel(t *testing.T) { }) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "content": "Test message", } @@ -179,7 +179,7 @@ func TestMessageTool_Execute_NotConfigured(t *testing.T) { // No SetSendCallback called ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "content": "Test message", } @@ -219,7 +219,7 @@ func TestMessageTool_Parameters(t *testing.T) { t.Error("Expected type 'object'") } - props, ok := params["properties"].(map[string]interface{}) + props, ok := params["properties"].(map[string]any) if !ok { t.Fatal("Expected properties to be a map") } @@ -231,7 +231,7 @@ func TestMessageTool_Parameters(t *testing.T) { } // Check content property - contentProp, ok := props["content"].(map[string]interface{}) + contentProp, ok := props["content"].(map[string]any) if !ok { t.Error("Expected 'content' property") } @@ -240,7 +240,7 @@ func TestMessageTool_Parameters(t *testing.T) { } // Check channel property (optional) - channelProp, ok := props["channel"].(map[string]interface{}) + channelProp, ok := props["channel"].(map[string]any) if !ok { t.Error("Expected 'channel' property") } @@ -249,7 +249,7 @@ func TestMessageTool_Parameters(t *testing.T) { } // Check chat_id property (optional) - chatIDProp, ok := props["chat_id"].(map[string]interface{}) + chatIDProp, ok := props["chat_id"].(map[string]any) if !ok { t.Error("Expected 'chat_id' property") } diff --git a/pkg/tools/registry.go b/pkg/tools/registry.go index c8cf92863..6ecb8ae7c 100644 --- a/pkg/tools/registry.go +++ b/pkg/tools/registry.go @@ -34,16 +34,22 @@ func (r *ToolRegistry) Get(name string) (Tool, bool) { return tool, ok } -func (r *ToolRegistry) Execute(ctx context.Context, name string, args map[string]interface{}) *ToolResult { +func (r *ToolRegistry) Execute(ctx context.Context, name string, args map[string]any) *ToolResult { return r.ExecuteWithContext(ctx, name, args, "", "", nil) } // ExecuteWithContext executes a tool with channel/chatID context and optional async callback. // If the tool implements AsyncTool and a non-nil callback is provided, // the callback will be set on the tool before execution. -func (r *ToolRegistry) ExecuteWithContext(ctx context.Context, name string, args map[string]interface{}, channel, chatID string, asyncCallback AsyncCallback) *ToolResult { +func (r *ToolRegistry) ExecuteWithContext( + ctx context.Context, + name string, + args map[string]any, + channel, chatID string, + asyncCallback AsyncCallback, +) *ToolResult { logger.InfoCF("tool", "Tool execution started", - map[string]interface{}{ + map[string]any{ "tool": name, "args": args, }) @@ -51,7 +57,7 @@ func (r *ToolRegistry) ExecuteWithContext(ctx context.Context, name string, args tool, ok := r.Get(name) if !ok { logger.ErrorCF("tool", "Tool not found", - map[string]interface{}{ + map[string]any{ "tool": name, }) return ErrorResult(fmt.Sprintf("tool %q not found", name)).WithError(fmt.Errorf("tool not found")) @@ -66,7 +72,7 @@ func (r *ToolRegistry) ExecuteWithContext(ctx context.Context, name string, args if asyncTool, ok := tool.(AsyncTool); ok && asyncCallback != nil { asyncTool.SetCallback(asyncCallback) logger.DebugCF("tool", "Async callback injected", - map[string]interface{}{ + map[string]any{ "tool": name, }) } @@ -78,20 +84,20 @@ func (r *ToolRegistry) ExecuteWithContext(ctx context.Context, name string, args // Log based on result type if result.IsError { logger.ErrorCF("tool", "Tool execution failed", - map[string]interface{}{ + map[string]any{ "tool": name, "duration": duration.Milliseconds(), "error": result.ForLLM, }) } else if result.Async { logger.InfoCF("tool", "Tool started (async)", - map[string]interface{}{ + map[string]any{ "tool": name, "duration": duration.Milliseconds(), }) } else { logger.InfoCF("tool", "Tool execution completed", - map[string]interface{}{ + map[string]any{ "tool": name, "duration_ms": duration.Milliseconds(), "result_length": len(result.ForLLM), @@ -101,11 +107,11 @@ func (r *ToolRegistry) ExecuteWithContext(ctx context.Context, name string, args return result } -func (r *ToolRegistry) GetDefinitions() []map[string]interface{} { +func (r *ToolRegistry) GetDefinitions() []map[string]any { r.mu.RLock() defer r.mu.RUnlock() - definitions := make([]map[string]interface{}, 0, len(r.tools)) + definitions := make([]map[string]any, 0, len(r.tools)) for _, tool := range r.tools { definitions = append(definitions, ToolToSchema(tool)) } @@ -123,14 +129,14 @@ func (r *ToolRegistry) ToProviderDefs() []providers.ToolDefinition { schema := ToolToSchema(tool) // Safely extract nested values with type checks - fn, ok := schema["function"].(map[string]interface{}) + fn, ok := schema["function"].(map[string]any) if !ok { continue } name, _ := fn["name"].(string) desc, _ := fn["description"].(string) - params, _ := fn["parameters"].(map[string]interface{}) + params, _ := fn["parameters"].(map[string]any) definitions = append(definitions, providers.ToolDefinition{ Type: "function", diff --git a/pkg/tools/result_test.go b/pkg/tools/result_test.go index bc798cd70..a234e33f3 100644 --- a/pkg/tools/result_test.go +++ b/pkg/tools/result_test.go @@ -192,7 +192,7 @@ func TestToolResultJSONStructure(t *testing.T) { } // Verify JSON structure - var parsed map[string]interface{} + var parsed map[string]any if err := json.Unmarshal(data, &parsed); err != nil { t.Fatalf("Failed to parse JSON: %v", err) } diff --git a/pkg/tools/shell.go b/pkg/tools/shell.go index d9430672f..9c58df355 100644 --- a/pkg/tools/shell.go +++ b/pkg/tools/shell.go @@ -118,15 +118,15 @@ func (t *ExecTool) Description() string { return "Execute a shell command and return its output. Use with caution." } -func (t *ExecTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *ExecTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "command": map[string]interface{}{ + "properties": map[string]any{ + "command": map[string]any{ "type": "string", "description": "The shell command to execute", }, - "working_dir": map[string]interface{}{ + "working_dir": map[string]any{ "type": "string", "description": "Optional working directory for the command", }, @@ -135,7 +135,7 @@ func (t *ExecTool) Parameters() map[string]interface{} { } } -func (t *ExecTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *ExecTool) Execute(ctx context.Context, args map[string]any) *ToolResult { command, ok := args["command"].(string) if !ok { return ErrorResult("command is required") diff --git a/pkg/tools/shell_test.go b/pkg/tools/shell_test.go index c06468a39..f85b5a008 100644 --- a/pkg/tools/shell_test.go +++ b/pkg/tools/shell_test.go @@ -14,7 +14,7 @@ func TestShellTool_Success(t *testing.T) { tool := NewExecTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "command": "echo 'hello world'", } @@ -41,7 +41,7 @@ func TestShellTool_Failure(t *testing.T) { tool := NewExecTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "command": "ls /nonexistent_directory_12345", } @@ -69,7 +69,7 @@ func TestShellTool_Timeout(t *testing.T) { tool.SetTimeout(100 * time.Millisecond) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "command": "sleep 10", } @@ -91,12 +91,12 @@ func TestShellTool_WorkingDir(t *testing.T) { // Create temp directory tmpDir := t.TempDir() testFile := filepath.Join(tmpDir, "test.txt") - os.WriteFile(testFile, []byte("test content"), 0644) + os.WriteFile(testFile, []byte("test content"), 0o644) tool := NewExecTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "command": "cat test.txt", "working_dir": tmpDir, } @@ -117,7 +117,7 @@ func TestShellTool_DangerousCommand(t *testing.T) { tool := NewExecTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "command": "rm -rf /", } @@ -138,7 +138,7 @@ func TestShellTool_MissingCommand(t *testing.T) { tool := NewExecTool("", false) ctx := context.Background() - args := map[string]interface{}{} + args := map[string]any{} result := tool.Execute(ctx, args) @@ -153,7 +153,7 @@ func TestShellTool_StderrCapture(t *testing.T) { tool := NewExecTool("", false) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "command": "sh -c 'echo stdout; echo stderr >&2'", } @@ -174,7 +174,7 @@ func TestShellTool_OutputTruncation(t *testing.T) { ctx := context.Background() // Generate long output (>10000 chars) - args := map[string]interface{}{ + args := map[string]any{ "command": "python3 -c \"print('x' * 20000)\" || echo " + strings.Repeat("x", 20000), } @@ -193,7 +193,7 @@ func TestShellTool_RestrictToWorkspace(t *testing.T) { tool.SetRestrictToWorkspace(true) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "command": "cat ../../etc/passwd", } @@ -205,6 +205,10 @@ func TestShellTool_RestrictToWorkspace(t *testing.T) { } if !strings.Contains(result.ForLLM, "blocked") && !strings.Contains(result.ForUser, "blocked") { - t.Errorf("Expected 'blocked' message for path traversal, got ForLLM: %s, ForUser: %s", result.ForLLM, result.ForUser) + t.Errorf( + "Expected 'blocked' message for path traversal, got ForLLM: %s, ForUser: %s", + result.ForLLM, + result.ForUser, + ) } } diff --git a/pkg/tools/spawn.go b/pkg/tools/spawn.go index f01372467..73d385cb0 100644 --- a/pkg/tools/spawn.go +++ b/pkg/tools/spawn.go @@ -34,19 +34,19 @@ func (t *SpawnTool) Description() string { return "Spawn a subagent to handle a task in the background. Use this for complex or time-consuming tasks that can run independently. The subagent will complete the task and report back when done." } -func (t *SpawnTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *SpawnTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "task": map[string]interface{}{ + "properties": map[string]any{ + "task": map[string]any{ "type": "string", "description": "The task for subagent to complete", }, - "label": map[string]interface{}{ + "label": map[string]any{ "type": "string", "description": "Optional short label for the task (for display)", }, - "agent_id": map[string]interface{}{ + "agent_id": map[string]any{ "type": "string", "description": "Optional target agent ID to delegate the task to", }, @@ -64,7 +64,7 @@ func (t *SpawnTool) SetAllowlistChecker(check func(targetAgentID string) bool) { t.allowlistCheck = check } -func (t *SpawnTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *SpawnTool) Execute(ctx context.Context, args map[string]any) *ToolResult { task, ok := args["task"].(string) if !ok { return ErrorResult("task is required") diff --git a/pkg/tools/spi.go b/pkg/tools/spi.go index 4805d6a35..d6a88a5b0 100644 --- a/pkg/tools/spi.go +++ b/pkg/tools/spi.go @@ -24,41 +24,41 @@ func (t *SPITool) Description() string { return "Interact with SPI bus devices for high-speed peripheral communication. Actions: list (find SPI devices), transfer (full-duplex send/receive), read (receive bytes). Linux only." } -func (t *SPITool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *SPITool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "action": map[string]interface{}{ + "properties": map[string]any{ + "action": map[string]any{ "type": "string", "enum": []string{"list", "transfer", "read"}, "description": "Action to perform: list (find available SPI devices), transfer (full-duplex send/receive), read (receive bytes by sending zeros)", }, - "device": map[string]interface{}{ + "device": map[string]any{ "type": "string", "description": "SPI device identifier (e.g. \"2.0\" for /dev/spidev2.0). Required for transfer/read.", }, - "speed": map[string]interface{}{ + "speed": map[string]any{ "type": "integer", "description": "SPI clock speed in Hz. Default: 1000000 (1 MHz).", }, - "mode": map[string]interface{}{ + "mode": map[string]any{ "type": "integer", "description": "SPI mode (0-3). Default: 0. Mode sets CPOL and CPHA: 0=0,0 1=0,1 2=1,0 3=1,1.", }, - "bits": map[string]interface{}{ + "bits": map[string]any{ "type": "integer", "description": "Bits per word. Default: 8.", }, - "data": map[string]interface{}{ + "data": map[string]any{ "type": "array", - "items": map[string]interface{}{"type": "integer"}, + "items": map[string]any{"type": "integer"}, "description": "Bytes to send (0-255 each). Required for transfer action.", }, - "length": map[string]interface{}{ + "length": map[string]any{ "type": "integer", "description": "Number of bytes to read (1-4096). Required for read action.", }, - "confirm": map[string]interface{}{ + "confirm": map[string]any{ "type": "boolean", "description": "Must be true for transfer operations. Safety guard to prevent accidental writes.", }, @@ -67,7 +67,7 @@ func (t *SPITool) Parameters() map[string]interface{} { } } -func (t *SPITool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *SPITool) Execute(ctx context.Context, args map[string]any) *ToolResult { if runtime.GOOS != "linux" { return ErrorResult("SPI is only supported on Linux. This tool requires /dev/spidev* device files.") } @@ -97,7 +97,9 @@ func (t *SPITool) list() *ToolResult { } if len(matches) == 0 { - return SilentResult("No SPI devices found. You may need to:\n1. Enable SPI in device tree\n2. Configure pinmux for your board (see hardware skill)\n3. Check that spidev module is loaded") + return SilentResult( + "No SPI devices found. You may need to:\n1. Enable SPI in device tree\n2. Configure pinmux for your board (see hardware skill)\n3. Check that spidev module is loaded", + ) } type devInfo struct { @@ -118,7 +120,7 @@ func (t *SPITool) list() *ToolResult { } // parseSPIArgs extracts and validates common SPI parameters -func parseSPIArgs(args map[string]interface{}) (device string, speed uint32, mode uint8, bits uint8, errMsg string) { +func parseSPIArgs(args map[string]any) (device string, speed uint32, mode uint8, bits uint8, errMsg string) { dev, ok := args["device"].(string) if !ok || dev == "" { return "", 0, 0, 0, "device is required (e.g. \"2.0\" for /dev/spidev2.0)" diff --git a/pkg/tools/spi_linux.go b/pkg/tools/spi_linux.go index 12b696007..9def73662 100644 --- a/pkg/tools/spi_linux.go +++ b/pkg/tools/spi_linux.go @@ -66,10 +66,12 @@ func configureSPI(devPath string, mode uint8, bits uint8, speed uint32) (int, *T } // transfer performs a full-duplex SPI transfer -func (t *SPITool) transfer(args map[string]interface{}) *ToolResult { +func (t *SPITool) transfer(args map[string]any) *ToolResult { confirm, _ := args["confirm"].(bool) if !confirm { - return ErrorResult("transfer operations require confirm: true. Please confirm with the user before sending data to SPI devices.") + return ErrorResult( + "transfer operations require confirm: true. Please confirm with the user before sending data to SPI devices.", + ) } dev, speed, mode, bits, errMsg := parseSPIArgs(args) @@ -77,7 +79,7 @@ func (t *SPITool) transfer(args map[string]interface{}) *ToolResult { return ErrorResult(errMsg) } - dataRaw, ok := args["data"].([]interface{}) + dataRaw, ok := args["data"].([]any) if !ok || len(dataRaw) == 0 { return ErrorResult("data is required for transfer (array of byte values 0-255)") } @@ -130,7 +132,7 @@ func (t *SPITool) transfer(args map[string]interface{}) *ToolResult { intBytes[i] = int(b) } - result, _ := json.MarshalIndent(map[string]interface{}{ + result, _ := json.MarshalIndent(map[string]any{ "device": devPath, "sent": len(txBuf), "received": intBytes, @@ -140,7 +142,7 @@ func (t *SPITool) transfer(args map[string]interface{}) *ToolResult { } // readDevice reads bytes from SPI by sending zeros (read-only, no confirm needed) -func (t *SPITool) readDevice(args map[string]interface{}) *ToolResult { +func (t *SPITool) readDevice(args map[string]any) *ToolResult { dev, speed, mode, bits, errMsg := parseSPIArgs(args) if errMsg != "" { return ErrorResult(errMsg) @@ -186,7 +188,7 @@ func (t *SPITool) readDevice(args map[string]interface{}) *ToolResult { intBytes[i] = int(b) } - result, _ := json.MarshalIndent(map[string]interface{}{ + result, _ := json.MarshalIndent(map[string]any{ "device": devPath, "bytes": intBytes, "hex": hexBytes, diff --git a/pkg/tools/spi_other.go b/pkg/tools/spi_other.go index 6dfc86fd1..5d078ac3f 100644 --- a/pkg/tools/spi_other.go +++ b/pkg/tools/spi_other.go @@ -3,11 +3,11 @@ package tools // transfer is a stub for non-Linux platforms. -func (t *SPITool) transfer(args map[string]interface{}) *ToolResult { +func (t *SPITool) transfer(args map[string]any) *ToolResult { return ErrorResult("SPI is only supported on Linux") } // readDevice is a stub for non-Linux platforms. -func (t *SPITool) readDevice(args map[string]interface{}) *ToolResult { +func (t *SPITool) readDevice(args map[string]any) *ToolResult { return ErrorResult("SPI is only supported on Linux") } diff --git a/pkg/tools/subagent.go b/pkg/tools/subagent.go index 2fc7162d0..222137c89 100644 --- a/pkg/tools/subagent.go +++ b/pkg/tools/subagent.go @@ -34,7 +34,11 @@ type SubagentManager struct { nextID int } -func NewSubagentManager(provider providers.LLMProvider, defaultModel, workspace string, bus *bus.MessageBus) *SubagentManager { +func NewSubagentManager( + provider providers.LLMProvider, + defaultModel, workspace string, + bus *bus.MessageBus, +) *SubagentManager { return &SubagentManager{ tasks: make(map[string]*SubagentTask), provider: provider, @@ -62,7 +66,11 @@ func (sm *SubagentManager) RegisterTool(tool Tool) { sm.tools.Register(tool) } -func (sm *SubagentManager) Spawn(ctx context.Context, task, label, agentID, originChannel, originChatID string, callback AsyncCallback) (string, error) { +func (sm *SubagentManager) Spawn( + ctx context.Context, + task, label, agentID, originChannel, originChatID string, + callback AsyncCallback, +) (string, error) { sm.mu.Lock() defer sm.mu.Unlock() @@ -168,7 +176,12 @@ After completing the task, provide a clear summary of what was done.` task.Status = "completed" task.Result = loopResult.Content result = &ToolResult{ - ForLLM: fmt.Sprintf("Subagent '%s' completed (iterations: %d): %s", task.Label, loopResult.Iterations, loopResult.Content), + ForLLM: fmt.Sprintf( + "Subagent '%s' completed (iterations: %d): %s", + task.Label, + loopResult.Iterations, + loopResult.Content, + ), ForUser: loopResult.Content, Silent: false, IsError: false, @@ -232,15 +245,15 @@ func (t *SubagentTool) Description() string { return "Execute a subagent task synchronously and return the result. Use this for delegating specific tasks to an independent agent instance. Returns execution summary to user and full details to LLM." } -func (t *SubagentTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *SubagentTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "task": map[string]interface{}{ + "properties": map[string]any{ + "task": map[string]any{ "type": "string", "description": "The task for subagent to complete", }, - "label": map[string]interface{}{ + "label": map[string]any{ "type": "string", "description": "Optional short label for the task (for display)", }, @@ -254,7 +267,7 @@ func (t *SubagentTool) SetContext(channel, chatID string) { t.originChatID = chatID } -func (t *SubagentTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *SubagentTool) Execute(ctx context.Context, args map[string]any) *ToolResult { task, ok := args["task"].(string) if !ok { return ErrorResult("task is required").WithError(fmt.Errorf("task parameter is required")) @@ -295,7 +308,6 @@ func (t *SubagentTool) Execute(ctx context.Context, args map[string]interface{}) "temperature": 0.7, }, }, messages, t.originChannel, t.originChatID) - if err != nil { return ErrorResult(fmt.Sprintf("Subagent execution failed: %v", err)).WithError(err) } diff --git a/pkg/tools/subagent_tool_test.go b/pkg/tools/subagent_tool_test.go index 8a7d22f24..8e4dc3953 100644 --- a/pkg/tools/subagent_tool_test.go +++ b/pkg/tools/subagent_tool_test.go @@ -12,7 +12,13 @@ import ( // MockLLMProvider is a test implementation of LLMProvider type MockLLMProvider struct{} -func (m *MockLLMProvider) Chat(ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, options map[string]interface{}) (*providers.LLMResponse, error) { +func (m *MockLLMProvider) Chat( + ctx context.Context, + messages []providers.Message, + tools []providers.ToolDefinition, + model string, + options map[string]any, +) (*providers.LLMResponse, error) { // Find the last user message to generate a response for i := len(messages) - 1; i >= 0; i-- { if messages[i].Role == "user" { @@ -79,13 +85,13 @@ func TestSubagentTool_Parameters(t *testing.T) { } // Check properties - props, ok := params["properties"].(map[string]interface{}) + props, ok := params["properties"].(map[string]any) if !ok { t.Fatal("Properties should be a map") } // Verify task parameter - task, ok := props["task"].(map[string]interface{}) + task, ok := props["task"].(map[string]any) if !ok { t.Fatal("Task parameter should exist") } @@ -94,7 +100,7 @@ func TestSubagentTool_Parameters(t *testing.T) { } // Verify label parameter - label, ok := props["label"].(map[string]interface{}) + label, ok := props["label"].(map[string]any) if !ok { t.Fatal("Label parameter should exist") } @@ -134,7 +140,7 @@ func TestSubagentTool_Execute_Success(t *testing.T) { tool.SetContext("telegram", "chat-123") ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "task": "Write a haiku about coding", "label": "haiku-task", } @@ -189,7 +195,7 @@ func TestSubagentTool_Execute_NoLabel(t *testing.T) { tool := NewSubagentTool(manager) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "task": "Test task without label", } @@ -212,7 +218,7 @@ func TestSubagentTool_Execute_MissingTask(t *testing.T) { tool := NewSubagentTool(manager) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "label": "test", } @@ -239,7 +245,7 @@ func TestSubagentTool_Execute_NilManager(t *testing.T) { tool := NewSubagentTool(nil) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "task": "test task", } @@ -268,7 +274,7 @@ func TestSubagentTool_Execute_ContextPassing(t *testing.T) { tool.SetContext(channel, chatID) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "task": "Test context passing", } @@ -295,7 +301,7 @@ func TestSubagentTool_ForUserTruncation(t *testing.T) { // Create a task that will generate long response longTask := strings.Repeat("This is a very long task description. ", 100) - args := map[string]interface{}{ + args := map[string]any{ "task": longTask, "label": "long-test", } diff --git a/pkg/tools/toolloop.go b/pkg/tools/toolloop.go index 1302079b4..f0653e1f2 100644 --- a/pkg/tools/toolloop.go +++ b/pkg/tools/toolloop.go @@ -33,7 +33,12 @@ type ToolLoopResult struct { // RunToolLoop executes the LLM + tool call iteration loop. // This is the core agent logic that can be reused by both main agent and subagents. -func RunToolLoop(ctx context.Context, config ToolLoopConfig, messages []providers.Message, channel, chatID string) (*ToolLoopResult, error) { +func RunToolLoop( + ctx context.Context, + config ToolLoopConfig, + messages []providers.Message, + channel, chatID string, +) (*ToolLoopResult, error) { iteration := 0 var finalContent string diff --git a/pkg/tools/types.go b/pkg/tools/types.go index f8205b8bd..a6015cde3 100644 --- a/pkg/tools/types.go +++ b/pkg/tools/types.go @@ -10,11 +10,11 @@ type Message struct { } type ToolCall struct { - ID string `json:"id"` - Type string `json:"type"` - Function *FunctionCall `json:"function,omitempty"` - Name string `json:"name,omitempty"` - Arguments map[string]interface{} `json:"arguments,omitempty"` + ID string `json:"id"` + Type string `json:"type"` + Function *FunctionCall `json:"function,omitempty"` + Name string `json:"name,omitempty"` + Arguments map[string]any `json:"arguments,omitempty"` } type FunctionCall struct { @@ -36,7 +36,13 @@ type UsageInfo struct { } type LLMProvider interface { - Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) + Chat( + ctx context.Context, + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, + ) (*LLMResponse, error) GetDefaultModel() string } @@ -46,7 +52,7 @@ type ToolDefinition struct { } type ToolFunctionDefinition struct { - Name string `json:"name"` - Description string `json:"description"` - Parameters map[string]interface{} `json:"parameters"` + Name string `json:"name"` + Description string `json:"description"` + Parameters map[string]any `json:"parameters"` } diff --git a/pkg/tools/web.go b/pkg/tools/web.go index 6a6d40ecf..de8296816 100644 --- a/pkg/tools/web.go +++ b/pkg/tools/web.go @@ -183,11 +183,17 @@ type PerplexitySearchProvider struct { func (p *PerplexitySearchProvider) Search(ctx context.Context, query string, count int) (string, error) { searchURL := "https://api.perplexity.ai/chat/completions" - payload := map[string]interface{}{ + payload := map[string]any{ "model": "sonar", "messages": []map[string]string{ - {"role": "system", "content": "You are a search assistant. Provide concise search results with titles, URLs, and brief descriptions in the following format:\n1. Title\n URL\n Description\n\nDo not add extra commentary."}, - {"role": "user", "content": fmt.Sprintf("Search for: %s. Provide up to %d relevant results.", query, count)}, + { + "role": "system", + "content": "You are a search assistant. Provide concise search results with titles, URLs, and brief descriptions in the following format:\n1. Title\n URL\n Description\n\nDo not add extra commentary.", + }, + { + "role": "user", + "content": fmt.Sprintf("Search for: %s. Provide up to %d relevant results.", query, count), + }, }, "max_tokens": 1000, } @@ -295,15 +301,15 @@ func (t *WebSearchTool) Description() string { return "Search the web for current information. Returns titles, URLs, and snippets from search results." } -func (t *WebSearchTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *WebSearchTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "query": map[string]interface{}{ + "properties": map[string]any{ + "query": map[string]any{ "type": "string", "description": "Search query", }, - "count": map[string]interface{}{ + "count": map[string]any{ "type": "integer", "description": "Number of results (1-10)", "minimum": 1.0, @@ -314,7 +320,7 @@ func (t *WebSearchTool) Parameters() map[string]interface{} { } } -func (t *WebSearchTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *WebSearchTool) Execute(ctx context.Context, args map[string]any) *ToolResult { query, ok := args["query"].(string) if !ok { return ErrorResult("query is required") @@ -359,15 +365,15 @@ func (t *WebFetchTool) Description() string { return "Fetch a URL and extract readable content (HTML to text). Use this to get weather info, news, articles, or any web content." } -func (t *WebFetchTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *WebFetchTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "url": map[string]interface{}{ + "properties": map[string]any{ + "url": map[string]any{ "type": "string", "description": "URL to fetch", }, - "maxChars": map[string]interface{}{ + "maxChars": map[string]any{ "type": "integer", "description": "Maximum characters to extract", "minimum": 100.0, @@ -377,7 +383,7 @@ func (t *WebFetchTool) Parameters() map[string]interface{} { } } -func (t *WebFetchTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *WebFetchTool) Execute(ctx context.Context, args map[string]any) *ToolResult { urlStr, ok := args["url"].(string) if !ok { return ErrorResult("url is required") @@ -442,7 +448,7 @@ func (t *WebFetchTool) Execute(ctx context.Context, args map[string]interface{}) var text, extractor string if strings.Contains(contentType, "application/json") { - var jsonData interface{} + var jsonData any if err := json.Unmarshal(body, &jsonData); err == nil { formatted, _ := json.MarshalIndent(jsonData, "", " ") text = string(formatted) @@ -465,7 +471,7 @@ func (t *WebFetchTool) Execute(ctx context.Context, args map[string]interface{}) text = text[:maxChars] } - result := map[string]interface{}{ + result := map[string]any{ "url": urlStr, "status": resp.StatusCode, "extractor": extractor, @@ -477,7 +483,13 @@ func (t *WebFetchTool) Execute(ctx context.Context, args map[string]interface{}) resultJSON, _ := json.MarshalIndent(result, "", " ") return &ToolResult{ - ForLLM: fmt.Sprintf("Fetched %d bytes from %s (extractor: %s, truncated: %v)", len(text), urlStr, extractor, truncated), + ForLLM: fmt.Sprintf( + "Fetched %d bytes from %s (extractor: %s, truncated: %v)", + len(text), + urlStr, + extractor, + truncated, + ), ForUser: string(resultJSON), } } diff --git a/pkg/tools/web_test.go b/pkg/tools/web_test.go index a526ea34a..edb914f66 100644 --- a/pkg/tools/web_test.go +++ b/pkg/tools/web_test.go @@ -20,7 +20,7 @@ func TestWebTool_WebFetch_Success(t *testing.T) { tool := NewWebFetchTool(50000) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "url": server.URL, } @@ -56,7 +56,7 @@ func TestWebTool_WebFetch_JSON(t *testing.T) { tool := NewWebFetchTool(50000) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "url": server.URL, } @@ -77,7 +77,7 @@ func TestWebTool_WebFetch_JSON(t *testing.T) { func TestWebTool_WebFetch_InvalidURL(t *testing.T) { tool := NewWebFetchTool(50000) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "url": "not-a-valid-url", } @@ -98,7 +98,7 @@ func TestWebTool_WebFetch_InvalidURL(t *testing.T) { func TestWebTool_WebFetch_UnsupportedScheme(t *testing.T) { tool := NewWebFetchTool(50000) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "url": "ftp://example.com/file.txt", } @@ -119,7 +119,7 @@ func TestWebTool_WebFetch_UnsupportedScheme(t *testing.T) { func TestWebTool_WebFetch_MissingURL(t *testing.T) { tool := NewWebFetchTool(50000) ctx := context.Background() - args := map[string]interface{}{} + args := map[string]any{} result := tool.Execute(ctx, args) @@ -147,7 +147,7 @@ func TestWebTool_WebFetch_Truncation(t *testing.T) { tool := NewWebFetchTool(1000) // Limit to 1000 chars ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "url": server.URL, } @@ -159,7 +159,7 @@ func TestWebTool_WebFetch_Truncation(t *testing.T) { } // ForUser should contain truncated content (not the full 20000 chars) - resultMap := make(map[string]interface{}) + resultMap := make(map[string]any) json.Unmarshal([]byte(result.ForUser), &resultMap) if text, ok := resultMap["text"].(string); ok { if len(text) > 1100 { // Allow some margin @@ -191,7 +191,7 @@ func TestWebTool_WebSearch_NoApiKey(t *testing.T) { func TestWebTool_WebSearch_MissingQuery(t *testing.T) { tool := NewWebSearchTool(WebSearchToolOptions{BraveEnabled: true, BraveAPIKey: "test-key", BraveMaxResults: 5}) ctx := context.Background() - args := map[string]interface{}{} + args := map[string]any{} result := tool.Execute(ctx, args) @@ -206,13 +206,17 @@ func TestWebTool_WebFetch_HTMLExtraction(t *testing.T) { server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "text/html") w.WriteHeader(http.StatusOK) - w.Write([]byte(`

Title

Content

`)) + w.Write( + []byte( + `

Title

Content

`, + ), + ) })) defer server.Close() tool := NewWebFetchTool(50000) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "url": server.URL, } @@ -238,7 +242,7 @@ func TestWebTool_WebFetch_HTMLExtraction(t *testing.T) { func TestWebTool_WebFetch_MissingDomain(t *testing.T) { tool := NewWebFetchTool(50000) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "url": "https://", } diff --git a/pkg/utils/media.go b/pkg/utils/media.go index 2b184f2ec..a34889fb8 100644 --- a/pkg/utils/media.go +++ b/pkg/utils/media.go @@ -9,6 +9,7 @@ import ( "time" "github.com/google/uuid" + "github.com/sipeed/picoclaw/pkg/logger" ) @@ -65,8 +66,8 @@ func DownloadFile(url, filename string, opts DownloadOptions) string { } mediaDir := filepath.Join(os.TempDir(), "picoclaw_media") - if err := os.MkdirAll(mediaDir, 0700); err != nil { - logger.ErrorCF(opts.LoggerPrefix, "Failed to create media directory", map[string]interface{}{ + if err := os.MkdirAll(mediaDir, 0o700); err != nil { + logger.ErrorCF(opts.LoggerPrefix, "Failed to create media directory", map[string]any{ "error": err.Error(), }) return "" @@ -79,7 +80,7 @@ func DownloadFile(url, filename string, opts DownloadOptions) string { // Create HTTP request req, err := http.NewRequest("GET", url, nil) if err != nil { - logger.ErrorCF(opts.LoggerPrefix, "Failed to create download request", map[string]interface{}{ + logger.ErrorCF(opts.LoggerPrefix, "Failed to create download request", map[string]any{ "error": err.Error(), }) return "" @@ -93,7 +94,7 @@ func DownloadFile(url, filename string, opts DownloadOptions) string { client := &http.Client{Timeout: opts.Timeout} resp, err := client.Do(req) if err != nil { - logger.ErrorCF(opts.LoggerPrefix, "Failed to download file", map[string]interface{}{ + logger.ErrorCF(opts.LoggerPrefix, "Failed to download file", map[string]any{ "error": err.Error(), "url": url, }) @@ -102,7 +103,7 @@ func DownloadFile(url, filename string, opts DownloadOptions) string { defer resp.Body.Close() if resp.StatusCode != http.StatusOK { - logger.ErrorCF(opts.LoggerPrefix, "File download returned non-200 status", map[string]interface{}{ + logger.ErrorCF(opts.LoggerPrefix, "File download returned non-200 status", map[string]any{ "status": resp.StatusCode, "url": url, }) @@ -111,7 +112,7 @@ func DownloadFile(url, filename string, opts DownloadOptions) string { out, err := os.Create(localPath) if err != nil { - logger.ErrorCF(opts.LoggerPrefix, "Failed to create local file", map[string]interface{}{ + logger.ErrorCF(opts.LoggerPrefix, "Failed to create local file", map[string]any{ "error": err.Error(), }) return "" @@ -121,13 +122,13 @@ func DownloadFile(url, filename string, opts DownloadOptions) string { if _, err := io.Copy(out, resp.Body); err != nil { out.Close() os.Remove(localPath) - logger.ErrorCF(opts.LoggerPrefix, "Failed to write file", map[string]interface{}{ + logger.ErrorCF(opts.LoggerPrefix, "Failed to write file", map[string]any{ "error": err.Error(), }) return "" } - logger.DebugCF(opts.LoggerPrefix, "File downloaded successfully", map[string]interface{}{ + logger.DebugCF(opts.LoggerPrefix, "File downloaded successfully", map[string]any{ "path": localPath, }) diff --git a/pkg/voice/transcriber.go b/pkg/voice/transcriber.go index 9af2ea6bb..ad8767d40 100644 --- a/pkg/voice/transcriber.go +++ b/pkg/voice/transcriber.go @@ -29,7 +29,7 @@ type TranscriptionResponse struct { } func NewGroqTranscriber(apiKey string) *GroqTranscriber { - logger.DebugCF("voice", "Creating Groq transcriber", map[string]interface{}{"has_api_key": apiKey != ""}) + logger.DebugCF("voice", "Creating Groq transcriber", map[string]any{"has_api_key": apiKey != ""}) apiBase := "https://api.groq.com/openai/v1" return &GroqTranscriber{ @@ -42,22 +42,22 @@ func NewGroqTranscriber(apiKey string) *GroqTranscriber { } func (t *GroqTranscriber) Transcribe(ctx context.Context, audioFilePath string) (*TranscriptionResponse, error) { - logger.InfoCF("voice", "Starting transcription", map[string]interface{}{"audio_file": audioFilePath}) + logger.InfoCF("voice", "Starting transcription", map[string]any{"audio_file": audioFilePath}) audioFile, err := os.Open(audioFilePath) if err != nil { - logger.ErrorCF("voice", "Failed to open audio file", map[string]interface{}{"path": audioFilePath, "error": err}) + logger.ErrorCF("voice", "Failed to open audio file", map[string]any{"path": audioFilePath, "error": err}) return nil, fmt.Errorf("failed to open audio file: %w", err) } defer audioFile.Close() fileInfo, err := audioFile.Stat() if err != nil { - logger.ErrorCF("voice", "Failed to get file info", map[string]interface{}{"path": audioFilePath, "error": err}) + logger.ErrorCF("voice", "Failed to get file info", map[string]any{"path": audioFilePath, "error": err}) return nil, fmt.Errorf("failed to get file info: %w", err) } - logger.DebugCF("voice", "Audio file details", map[string]interface{}{ + logger.DebugCF("voice", "Audio file details", map[string]any{ "size_bytes": fileInfo.Size(), "file_name": filepath.Base(audioFilePath), }) @@ -67,44 +67,44 @@ func (t *GroqTranscriber) Transcribe(ctx context.Context, audioFilePath string) part, err := writer.CreateFormFile("file", filepath.Base(audioFilePath)) if err != nil { - logger.ErrorCF("voice", "Failed to create form file", map[string]interface{}{"error": err}) + logger.ErrorCF("voice", "Failed to create form file", map[string]any{"error": err}) return nil, fmt.Errorf("failed to create form file: %w", err) } copied, err := io.Copy(part, audioFile) if err != nil { - logger.ErrorCF("voice", "Failed to copy file content", map[string]interface{}{"error": err}) + logger.ErrorCF("voice", "Failed to copy file content", map[string]any{"error": err}) return nil, fmt.Errorf("failed to copy file content: %w", err) } - logger.DebugCF("voice", "File copied to request", map[string]interface{}{"bytes_copied": copied}) + logger.DebugCF("voice", "File copied to request", map[string]any{"bytes_copied": copied}) if err := writer.WriteField("model", "whisper-large-v3"); err != nil { - logger.ErrorCF("voice", "Failed to write model field", map[string]interface{}{"error": err}) + logger.ErrorCF("voice", "Failed to write model field", map[string]any{"error": err}) return nil, fmt.Errorf("failed to write model field: %w", err) } if err := writer.WriteField("response_format", "json"); err != nil { - logger.ErrorCF("voice", "Failed to write response_format field", map[string]interface{}{"error": err}) + logger.ErrorCF("voice", "Failed to write response_format field", map[string]any{"error": err}) return nil, fmt.Errorf("failed to write response_format field: %w", err) } if err := writer.Close(); err != nil { - logger.ErrorCF("voice", "Failed to close multipart writer", map[string]interface{}{"error": err}) + logger.ErrorCF("voice", "Failed to close multipart writer", map[string]any{"error": err}) return nil, fmt.Errorf("failed to close multipart writer: %w", err) } url := t.apiBase + "/audio/transcriptions" req, err := http.NewRequestWithContext(ctx, "POST", url, &requestBody) if err != nil { - logger.ErrorCF("voice", "Failed to create request", map[string]interface{}{"error": err}) + logger.ErrorCF("voice", "Failed to create request", map[string]any{"error": err}) return nil, fmt.Errorf("failed to create request: %w", err) } req.Header.Set("Content-Type", writer.FormDataContentType()) req.Header.Set("Authorization", "Bearer "+t.apiKey) - logger.DebugCF("voice", "Sending transcription request to Groq API", map[string]interface{}{ + logger.DebugCF("voice", "Sending transcription request to Groq API", map[string]any{ "url": url, "request_size_bytes": requestBody.Len(), "file_size_bytes": fileInfo.Size(), @@ -112,37 +112,37 @@ func (t *GroqTranscriber) Transcribe(ctx context.Context, audioFilePath string) resp, err := t.httpClient.Do(req) if err != nil { - logger.ErrorCF("voice", "Failed to send request", map[string]interface{}{"error": err}) + logger.ErrorCF("voice", "Failed to send request", map[string]any{"error": err}) return nil, fmt.Errorf("failed to send request: %w", err) } defer resp.Body.Close() body, err := io.ReadAll(resp.Body) if err != nil { - logger.ErrorCF("voice", "Failed to read response", map[string]interface{}{"error": err}) + logger.ErrorCF("voice", "Failed to read response", map[string]any{"error": err}) return nil, fmt.Errorf("failed to read response: %w", err) } if resp.StatusCode != http.StatusOK { - logger.ErrorCF("voice", "API error", map[string]interface{}{ + logger.ErrorCF("voice", "API error", map[string]any{ "status_code": resp.StatusCode, "response": string(body), }) return nil, fmt.Errorf("API error (status %d): %s", resp.StatusCode, string(body)) } - logger.DebugCF("voice", "Received response from Groq API", map[string]interface{}{ + logger.DebugCF("voice", "Received response from Groq API", map[string]any{ "status_code": resp.StatusCode, "response_size_bytes": len(body), }) var result TranscriptionResponse if err := json.Unmarshal(body, &result); err != nil { - logger.ErrorCF("voice", "Failed to unmarshal response", map[string]interface{}{"error": err}) + logger.ErrorCF("voice", "Failed to unmarshal response", map[string]any{"error": err}) return nil, fmt.Errorf("failed to unmarshal response: %w", err) } - logger.InfoCF("voice", "Transcription completed successfully", map[string]interface{}{ + logger.InfoCF("voice", "Transcription completed successfully", map[string]any{ "text_length": len(result.Text), "language": result.Language, "duration_seconds": result.Duration, @@ -154,6 +154,6 @@ func (t *GroqTranscriber) Transcribe(ctx context.Context, audioFilePath string) func (t *GroqTranscriber) IsAvailable() bool { available := t.apiKey != "" - logger.DebugCF("voice", "Checking transcriber availability", map[string]interface{}{"available": available}) + logger.DebugCF("voice", "Checking transcriber availability", map[string]any{"available": available}) return available } From d07ac54eef87fab754c25e3fded292ce6c957db3 Mon Sep 17 00:00:00 2001 From: Artem Yadelskyi Date: Wed, 18 Feb 2026 21:55:55 +0200 Subject: [PATCH 03/88] feat(fmt): Fix fmt --- pkg/skills/loader.go | 2 +- pkg/skills/loader_test.go | 34 ++++++++++++++++++++++++++-------- 2 files changed, 27 insertions(+), 9 deletions(-) diff --git a/pkg/skills/loader.go b/pkg/skills/loader.go index bb0abbdcc..eb0d5f322 100644 --- a/pkg/skills/loader.go +++ b/pkg/skills/loader.go @@ -254,7 +254,7 @@ func (sl *SkillsLoader) getSkillMetadata(skillPath string) *SkillMetadata { content, err := os.ReadFile(skillPath) if err != nil { logger.WarnCF("skills", "Failed to read skill metadata", - map[string]interface{}{ + map[string]any{ "skill_path": skillPath, "error": err.Error(), }) diff --git a/pkg/skills/loader_test.go b/pkg/skills/loader_test.go index 539d24646..aca901d33 100644 --- a/pkg/skills/loader_test.go +++ b/pkg/skills/loader_test.go @@ -80,11 +80,11 @@ func TestExtractFrontmatter(t *testing.T) { sl := &SkillsLoader{} testcases := []struct { - name string - content string - expectedName string - expectedDesc string - lineEndingType string + name string + content string + expectedName string + expectedDesc string + lineEndingType string }{ { name: "unix-line-endings", @@ -117,8 +117,20 @@ func TestExtractFrontmatter(t *testing.T) { // Parse YAML to get name and description (parseSimpleYAML now handles all line ending types) yamlMeta := sl.parseSimpleYAML(frontmatter) - assert.Equal(t, tc.expectedName, yamlMeta["name"], "Name should be correctly parsed from frontmatter with %s line endings", tc.lineEndingType) - assert.Equal(t, tc.expectedDesc, yamlMeta["description"], "Description should be correctly parsed from frontmatter with %s line endings", tc.lineEndingType) + assert.Equal( + t, + tc.expectedName, + yamlMeta["name"], + "Name should be correctly parsed from frontmatter with %s line endings", + tc.lineEndingType, + ) + assert.Equal( + t, + tc.expectedDesc, + yamlMeta["description"], + "Description should be correctly parsed from frontmatter with %s line endings", + tc.lineEndingType, + ) }) } } @@ -173,7 +185,13 @@ func TestStripFrontmatter(t *testing.T) { for _, tc := range testcases { t.Run(tc.name, func(t *testing.T) { result := sl.stripFrontmatter(tc.content) - assert.Equal(t, tc.expectedContent, result, "Frontmatter should be stripped correctly for %s", tc.lineEndingType) + assert.Equal( + t, + tc.expectedContent, + result, + "Frontmatter should be stripped correctly for %s", + tc.lineEndingType, + ) }) } } From 676bd6d222509591614db840c2d36e94b2fdc3a2 Mon Sep 17 00:00:00 2001 From: PixelTux Date: Thu, 19 Feb 2026 15:52:46 +0100 Subject: [PATCH 04/88] extra_hosts mapping to have enables container-to-host connectivity --- docker-compose.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 32e8ee339..c268b01cd 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,6 +10,9 @@ services: container_name: picoclaw-agent profiles: - agent + # Uncomment to access host network; leave commented unless needed. + #extra_hosts: + # - "host.docker.internal:host-gateway" volumes: - ./config/config.json:/home/picoclaw/.picoclaw/config.json:ro - picoclaw-workspace:/home/picoclaw/.picoclaw/workspace @@ -29,6 +32,9 @@ services: restart: unless-stopped profiles: - gateway + # Uncomment to access host network; leave commented unless needed. + #extra_hosts: + # - "host.docker.internal:host-gateway" volumes: # Configuration file - ./config/config.json:/home/picoclaw/.picoclaw/config.json:ro From a89683190386c9da604fc22cf20ec594aa32214f Mon Sep 17 00:00:00 2001 From: Artem Yadelskyi Date: Thu, 19 Feb 2026 22:05:15 +0200 Subject: [PATCH 05/88] feat(fmt): Fix formatting --- pkg/agent/loop.go | 127 ++++++++++++++++-------- pkg/agent/loop_test.go | 46 ++++++--- pkg/agent/mock_provider_test.go | 8 +- pkg/channels/discord.go | 5 +- pkg/channels/onebot.go | 91 +++++++++-------- pkg/config/config.go | 112 ++++++++++----------- pkg/providers/openai_compat/provider.go | 3 +- pkg/tools/subagent_tool_test.go | 30 +++--- pkg/tools/web_test.go | 3 +- 9 files changed, 254 insertions(+), 171 deletions(-) diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index 0f1b26c5c..6772959b6 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -79,7 +79,12 @@ func NewAgentLoop(cfg *config.Config, msgBus *bus.MessageBus, provider providers } // registerSharedTools registers tools that are shared across all agents (web, message, spawn). -func registerSharedTools(cfg *config.Config, msgBus *bus.MessageBus, registry *AgentRegistry, provider providers.LLMProvider) { +func registerSharedTools( + cfg *config.Config, + msgBus *bus.MessageBus, + registry *AgentRegistry, + provider providers.LLMProvider, +) { for _, agentID := range registry.ListAgentIDs() { agent, ok := registry.GetAgent(agentID) if !ok { @@ -216,7 +221,10 @@ func (al *AgentLoop) ProcessDirect(ctx context.Context, content, sessionKey stri return al.ProcessDirectWithChannel(ctx, content, sessionKey, "cli", "direct") } -func (al *AgentLoop) ProcessDirectWithChannel(ctx context.Context, content, sessionKey, channel, chatID string) (string, error) { +func (al *AgentLoop) ProcessDirectWithChannel( + ctx context.Context, + content, sessionKey, channel, chatID string, +) (string, error) { msg := bus.InboundMessage{ Channel: channel, SenderID: "cron", @@ -253,7 +261,7 @@ func (al *AgentLoop) processMessage(ctx context.Context, msg bus.InboundMessage) logContent = utils.Truncate(msg.Content, 80) } logger.InfoCF("agent", fmt.Sprintf("Processing message from %s:%s: %s", msg.Channel, msg.SenderID, logContent), - map[string]interface{}{ + map[string]any{ "channel": msg.Channel, "chat_id": msg.ChatID, "sender_id": msg.SenderID, @@ -292,7 +300,7 @@ func (al *AgentLoop) processMessage(ctx context.Context, msg bus.InboundMessage) } logger.InfoCF("agent", "Routed message", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "session_key": sessionKey, "matched_by": route.MatchedBy, @@ -315,7 +323,7 @@ func (al *AgentLoop) processSystemMessage(ctx context.Context, msg bus.InboundMe } logger.InfoCF("agent", "Processing system message", - map[string]interface{}{ + map[string]any{ "sender_id": msg.SenderID, "chat_id": msg.ChatID, }) @@ -340,7 +348,7 @@ func (al *AgentLoop) processSystemMessage(ctx context.Context, msg bus.InboundMe // Skip internal channels - only log, don't send to user if constants.IsInternalChannel(originChannel) { logger.InfoCF("agent", "Subagent completed (internal channel)", - map[string]interface{}{ + map[string]any{ "sender_id": msg.SenderID, "content_len": len(content), "channel": originChannel, @@ -373,7 +381,7 @@ func (al *AgentLoop) runAgentLoop(ctx context.Context, agent *AgentInstance, opt if !constants.IsInternalChannel(opts.Channel) { channelKey := fmt.Sprintf("%s:%s", opts.Channel, opts.ChatID) if err := al.RecordLastChannel(channelKey); err != nil { - logger.WarnCF("agent", "Failed to record last channel", map[string]interface{}{"error": err.Error()}) + logger.WarnCF("agent", "Failed to record last channel", map[string]any{"error": err.Error()}) } } } @@ -435,7 +443,7 @@ func (al *AgentLoop) runAgentLoop(ctx context.Context, agent *AgentInstance, opt // 9. Log response responsePreview := utils.Truncate(finalContent, 120) logger.InfoCF("agent", fmt.Sprintf("Response: %s", responsePreview), - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "session_key": opts.SessionKey, "iterations": iteration, @@ -446,7 +454,12 @@ func (al *AgentLoop) runAgentLoop(ctx context.Context, agent *AgentInstance, opt } // runLLMIteration executes the LLM call loop with tool handling. -func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, messages []providers.Message, opts processOptions) (string, int, error) { +func (al *AgentLoop) runLLMIteration( + ctx context.Context, + agent *AgentInstance, + messages []providers.Message, + opts processOptions, +) (string, int, error) { iteration := 0 var finalContent string @@ -454,7 +467,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, iteration++ logger.DebugCF("agent", "LLM iteration", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "max": agent.MaxIterations, @@ -465,7 +478,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, // Log LLM request details logger.DebugCF("agent", "LLM request", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "model": agent.Model, @@ -478,7 +491,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, // Log full messages (detailed) logger.DebugCF("agent", "Full LLM request", - map[string]interface{}{ + map[string]any{ "iteration": iteration, "messages_json": formatMessagesForLog(messages), "tools_json": formatToolsForLog(providerToolDefs), @@ -492,7 +505,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if len(agent.Candidates) > 1 && al.fallback != nil { fbResult, fbErr := al.fallback.Execute(ctx, agent.Candidates, func(ctx context.Context, provider, model string) (*providers.LLMResponse, error) { - return agent.Provider.Chat(ctx, messages, providerToolDefs, model, map[string]interface{}{ + return agent.Provider.Chat(ctx, messages, providerToolDefs, model, map[string]any{ "max_tokens": agent.MaxTokens, "temperature": agent.Temperature, }) @@ -504,11 +517,11 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if fbResult.Provider != "" && len(fbResult.Attempts) > 0 { logger.InfoCF("agent", fmt.Sprintf("Fallback: succeeded with %s/%s after %d attempts", fbResult.Provider, fbResult.Model, len(fbResult.Attempts)+1), - map[string]interface{}{"agent_id": agent.ID, "iteration": iteration}) + map[string]any{"agent_id": agent.ID, "iteration": iteration}) } return fbResult.Response, nil } - return agent.Provider.Chat(ctx, messages, providerToolDefs, agent.Model, map[string]interface{}{ + return agent.Provider.Chat(ctx, messages, providerToolDefs, agent.Model, map[string]any{ "max_tokens": agent.MaxTokens, "temperature": agent.Temperature, }) @@ -529,7 +542,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, strings.Contains(errMsg, "length") if isContextError && retry < maxRetries { - logger.WarnCF("agent", "Context window error detected, attempting compression", map[string]interface{}{ + logger.WarnCF("agent", "Context window error detected, attempting compression", map[string]any{ "error": err.Error(), "retry": retry, }) @@ -556,7 +569,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if err != nil { logger.ErrorCF("agent", "LLM call failed", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "error": err.Error(), @@ -568,7 +581,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if len(response.ToolCalls) == 0 { finalContent = response.Content logger.InfoCF("agent", "LLM response without tool calls (direct answer)", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "content_chars": len(finalContent), @@ -582,7 +595,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, toolNames = append(toolNames, tc.Name) } logger.InfoCF("agent", "LLM requested tool calls", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "tools": toolNames, "count": len(response.ToolCalls), @@ -616,7 +629,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, argsJSON, _ := json.Marshal(tc.Arguments) argsPreview := utils.Truncate(string(argsJSON), 200) logger.InfoCF("agent", fmt.Sprintf("Tool call: %s(%s)", tc.Name, argsPreview), - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "tool": tc.Name, "iteration": iteration, @@ -631,14 +644,21 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, // The agent will handle user notification via processSystemMessage if !result.Silent && result.ForUser != "" { logger.InfoCF("agent", "Async tool completed, agent will handle notification", - map[string]interface{}{ + map[string]any{ "tool": tc.Name, "content_len": len(result.ForUser), }) } } - toolResult := agent.Tools.ExecuteWithContext(ctx, tc.Name, tc.Arguments, opts.Channel, opts.ChatID, asyncCallback) + toolResult := agent.Tools.ExecuteWithContext( + ctx, + tc.Name, + tc.Arguments, + opts.Channel, + opts.ChatID, + asyncCallback, + ) // Send ForUser content to user immediately if not Silent if !toolResult.Silent && toolResult.ForUser != "" && opts.SendResponse { @@ -648,7 +668,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, Content: toolResult.ForUser, }) logger.DebugCF("agent", "Sent tool result to user", - map[string]interface{}{ + map[string]any{ "tool": tc.Name, "content_len": len(toolResult.ForUser), }) @@ -754,7 +774,10 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { newHistory = append(newHistory, history[0]) // System prompt // Add a note about compression - compressionNote := fmt.Sprintf("[System: Emergency compression dropped %d oldest messages due to context limit]", droppedCount) + compressionNote := fmt.Sprintf( + "[System: Emergency compression dropped %d oldest messages due to context limit]", + droppedCount, + ) // If there was an existing summary, we might lose it if it was in the dropped part (which is just messages). // The summary is stored separately in session.Summary, so it persists! // We just need to ensure the user knows there's a gap. @@ -772,7 +795,7 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { agent.Sessions.SetHistory(sessionKey, newHistory) agent.Sessions.Save(sessionKey) - logger.WarnCF("agent", "Forced compression executed", map[string]interface{}{ + logger.WarnCF("agent", "Forced compression executed", map[string]any{ "session_key": sessionKey, "dropped_msgs": droppedCount, "new_count": len(newHistory), @@ -780,8 +803,8 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { } // GetStartupInfo returns information about loaded tools and skills for logging. -func (al *AgentLoop) GetStartupInfo() map[string]interface{} { - info := make(map[string]interface{}) +func (al *AgentLoop) GetStartupInfo() map[string]any { + info := make(map[string]any) agent := al.registry.GetDefaultAgent() if agent == nil { @@ -790,7 +813,7 @@ func (al *AgentLoop) GetStartupInfo() map[string]interface{} { // Tools info toolsList := agent.Tools.List() - info["tools"] = map[string]interface{}{ + info["tools"] = map[string]any{ "count": len(toolsList), "names": toolsList, } @@ -799,7 +822,7 @@ func (al *AgentLoop) GetStartupInfo() map[string]interface{} { info["skills"] = agent.ContextBuilder.GetSkillsInfo() // Agents info - info["agents"] = map[string]interface{}{ + info["agents"] = map[string]any{ "count": len(al.registry.ListAgentIDs()), "ids": al.registry.ListAgentIDs(), } @@ -851,7 +874,10 @@ func formatToolsForLog(tools []providers.ToolDefinition) string { result += fmt.Sprintf(" [%d] Type: %s, Name: %s\n", i, tool.Type, tool.Function.Name) result += fmt.Sprintf(" Description: %s\n", tool.Function.Description) if len(tool.Function.Parameters) > 0 { - result += fmt.Sprintf(" Parameters: %s\n", utils.Truncate(fmt.Sprintf("%v", tool.Function.Parameters), 200)) + result += fmt.Sprintf( + " Parameters: %s\n", + utils.Truncate(fmt.Sprintf("%v", tool.Function.Parameters), 200), + ) } } result += "]" @@ -904,11 +930,21 @@ func (al *AgentLoop) summarizeSession(agent *AgentInstance, sessionKey string) { s1, _ := al.summarizeBatch(ctx, agent, part1, "") s2, _ := al.summarizeBatch(ctx, agent, part2, "") - mergePrompt := fmt.Sprintf("Merge these two conversation summaries into one cohesive summary:\n\n1: %s\n\n2: %s", s1, s2) - resp, err := agent.Provider.Chat(ctx, []providers.Message{{Role: "user", Content: mergePrompt}}, nil, agent.Model, map[string]interface{}{ - "max_tokens": 1024, - "temperature": 0.3, - }) + mergePrompt := fmt.Sprintf( + "Merge these two conversation summaries into one cohesive summary:\n\n1: %s\n\n2: %s", + s1, + s2, + ) + resp, err := agent.Provider.Chat( + ctx, + []providers.Message{{Role: "user", Content: mergePrompt}}, + nil, + agent.Model, + map[string]any{ + "max_tokens": 1024, + "temperature": 0.3, + }, + ) if err == nil { finalSummary = resp.Content } else { @@ -930,7 +966,12 @@ func (al *AgentLoop) summarizeSession(agent *AgentInstance, sessionKey string) { } // summarizeBatch summarizes a batch of messages. -func (al *AgentLoop) summarizeBatch(ctx context.Context, agent *AgentInstance, batch []providers.Message, existingSummary string) (string, error) { +func (al *AgentLoop) summarizeBatch( + ctx context.Context, + agent *AgentInstance, + batch []providers.Message, + existingSummary string, +) (string, error) { prompt := "Provide a concise summary of this conversation segment, preserving core context and key points.\n" if existingSummary != "" { prompt += "Existing context: " + existingSummary + "\n" @@ -940,10 +981,16 @@ func (al *AgentLoop) summarizeBatch(ctx context.Context, agent *AgentInstance, b prompt += fmt.Sprintf("%s: %s\n", m.Role, m.Content) } - response, err := agent.Provider.Chat(ctx, []providers.Message{{Role: "user", Content: prompt}}, nil, agent.Model, map[string]interface{}{ - "max_tokens": 1024, - "temperature": 0.3, - }) + response, err := agent.Provider.Chat( + ctx, + []providers.Message{{Role: "user", Content: prompt}}, + nil, + agent.Model, + map[string]any{ + "max_tokens": 1024, + "temperature": 0.3, + }, + ) if err != nil { return "", err } diff --git a/pkg/agent/loop_test.go b/pkg/agent/loop_test.go index 360685eca..4414398b1 100644 --- a/pkg/agent/loop_test.go +++ b/pkg/agent/loop_test.go @@ -171,7 +171,7 @@ func TestToolRegistry_ToolRegistration(t *testing.T) { // Verify tool is registered by checking it doesn't panic on GetStartupInfo // (actual tool retrieval is tested in tools package tests) info := al.GetStartupInfo() - toolsInfo := info["tools"].(map[string]interface{}) + toolsInfo := info["tools"].(map[string]any) toolsList := toolsInfo["names"].([]string) // Check that our custom tool name is in the list @@ -246,7 +246,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { al.RegisterTool(testTool) info := al.GetStartupInfo() - toolsInfo := info["tools"].(map[string]interface{}) + toolsInfo := info["tools"].(map[string]any) toolsList := toolsInfo["names"].([]string) // Check that our custom tool name is in the list @@ -293,7 +293,7 @@ func TestAgentLoop_GetStartupInfo(t *testing.T) { t.Fatal("Expected 'tools' key in startup info") } - toolsMap, ok := toolsInfo.(map[string]interface{}) + toolsMap, ok := toolsInfo.(map[string]any) if !ok { t.Fatal("Expected 'tools' to be a map") } @@ -349,7 +349,13 @@ type simpleMockProvider struct { response string } -func (m *simpleMockProvider) Chat(ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, opts map[string]interface{}) (*providers.LLMResponse, error) { +func (m *simpleMockProvider) Chat( + ctx context.Context, + messages []providers.Message, + tools []providers.ToolDefinition, + model string, + opts map[string]any, +) (*providers.LLMResponse, error) { return &providers.LLMResponse{ Content: m.response, ToolCalls: []providers.ToolCall{}, @@ -371,14 +377,14 @@ func (m *mockCustomTool) Description() string { return "Mock custom tool for testing" } -func (m *mockCustomTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (m *mockCustomTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{}, + "properties": map[string]any{}, } } -func (m *mockCustomTool) Execute(ctx context.Context, args map[string]interface{}) *tools.ToolResult { +func (m *mockCustomTool) Execute(ctx context.Context, args map[string]any) *tools.ToolResult { return tools.SilentResult("Custom tool executed") } @@ -396,14 +402,14 @@ func (m *mockContextualTool) Description() string { return "Mock contextual tool" } -func (m *mockContextualTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (m *mockContextualTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{}, + "properties": map[string]any{}, } } -func (m *mockContextualTool) Execute(ctx context.Context, args map[string]interface{}) *tools.ToolResult { +func (m *mockContextualTool) Execute(ctx context.Context, args map[string]any) *tools.ToolResult { return tools.SilentResult("Contextual tool executed") } @@ -523,7 +529,13 @@ type failFirstMockProvider struct { successResp string } -func (m *failFirstMockProvider) Chat(ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, opts map[string]interface{}) (*providers.LLMResponse, error) { +func (m *failFirstMockProvider) Chat( + ctx context.Context, + messages []providers.Message, + tools []providers.ToolDefinition, + model string, + opts map[string]any, +) (*providers.LLMResponse, error) { m.currentCall++ if m.currentCall <= m.failures { return nil, m.failError @@ -588,7 +600,13 @@ func TestAgentLoop_ContextExhaustionRetry(t *testing.T) { // Call ProcessDirectWithChannel // Note: ProcessDirectWithChannel calls processMessage which will execute runLLMIteration - response, err := al.ProcessDirectWithChannel(context.Background(), "Trigger message", sessionKey, "test", "test-chat") + response, err := al.ProcessDirectWithChannel( + context.Background(), + "Trigger message", + sessionKey, + "test", + "test-chat", + ) if err != nil { t.Fatalf("Expected success after retry, got error: %v", err) } diff --git a/pkg/agent/mock_provider_test.go b/pkg/agent/mock_provider_test.go index ccbecbafe..4962810dc 100644 --- a/pkg/agent/mock_provider_test.go +++ b/pkg/agent/mock_provider_test.go @@ -8,7 +8,13 @@ import ( type mockProvider struct{} -func (m *mockProvider) Chat(ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, opts map[string]interface{}) (*providers.LLMResponse, error) { +func (m *mockProvider) Chat( + ctx context.Context, + messages []providers.Message, + tools []providers.ToolDefinition, + model string, + opts map[string]any, +) (*providers.LLMResponse, error) { return &providers.LLMResponse{ Content: "Mock response", ToolCalls: []providers.ToolCall{}, diff --git a/pkg/channels/discord.go b/pkg/channels/discord.go index 9ddec662c..b26f2e684 100644 --- a/pkg/channels/discord.go +++ b/pkg/channels/discord.go @@ -8,6 +8,7 @@ import ( "time" "github.com/bwmarrin/discordgo" + "github.com/sipeed/picoclaw/pkg/bus" "github.com/sipeed/picoclaw/pkg/config" "github.com/sipeed/picoclaw/pkg/logger" @@ -296,7 +297,7 @@ func (c *DiscordChannel) startTyping(chatID string) { go func() { if err := c.session.ChannelTyping(chatID); err != nil { - logger.DebugCF("discord", "ChannelTyping error", map[string]interface{}{"chatID": chatID, "err": err}) + logger.DebugCF("discord", "ChannelTyping error", map[string]any{"chatID": chatID, "err": err}) } ticker := time.NewTicker(8 * time.Second) defer ticker.Stop() @@ -311,7 +312,7 @@ func (c *DiscordChannel) startTyping(chatID string) { return case <-ticker.C: if err := c.session.ChannelTyping(chatID); err != nil { - logger.DebugCF("discord", "ChannelTyping error", map[string]interface{}{"chatID": chatID, "err": err}) + logger.DebugCF("discord", "ChannelTyping error", map[string]any{"chatID": chatID, "err": err}) } } } diff --git a/pkg/channels/onebot.go b/pkg/channels/onebot.go index 53e82b44d..b221365e3 100644 --- a/pkg/channels/onebot.go +++ b/pkg/channels/onebot.go @@ -87,14 +87,14 @@ type oneBotSender struct { } type oneBotAPIRequest struct { - Action string `json:"action"` - Params interface{} `json:"params"` - Echo string `json:"echo,omitempty"` + Action string `json:"action"` + Params any `json:"params"` + Echo string `json:"echo,omitempty"` } type oneBotMessageSegment struct { - Type string `json:"type"` - Data map[string]interface{} `json:"data"` + Type string `json:"type"` + Data map[string]any `json:"data"` } func NewOneBotChannel(cfg config.OneBotConfig, messageBus *bus.MessageBus) (*OneBotChannel, error) { @@ -117,13 +117,13 @@ func (c *OneBotChannel) SetTranscriber(transcriber *voice.GroqTranscriber) { func (c *OneBotChannel) setMsgEmojiLike(messageID string, emojiID int, set bool) { go func() { - _, err := c.sendAPIRequest("set_msg_emoji_like", map[string]interface{}{ + _, err := c.sendAPIRequest("set_msg_emoji_like", map[string]any{ "message_id": messageID, "emoji_id": emojiID, "set": set, }, 5*time.Second) if err != nil { - logger.DebugCF("onebot", "Failed to set emoji like", map[string]interface{}{ + logger.DebugCF("onebot", "Failed to set emoji like", map[string]any{ "message_id": messageID, "error": err.Error(), }) @@ -136,14 +136,14 @@ func (c *OneBotChannel) Start(ctx context.Context) error { return fmt.Errorf("OneBot ws_url not configured") } - logger.InfoCF("onebot", "Starting OneBot channel", map[string]interface{}{ + logger.InfoCF("onebot", "Starting OneBot channel", map[string]any{ "ws_url": c.config.WSUrl, }) c.ctx, c.cancel = context.WithCancel(ctx) if err := c.connect(); err != nil { - logger.WarnCF("onebot", "Initial connection failed, will retry in background", map[string]interface{}{ + logger.WarnCF("onebot", "Initial connection failed, will retry in background", map[string]any{ "error": err.Error(), }) } else { @@ -208,7 +208,7 @@ func (c *OneBotChannel) pinger(conn *websocket.Conn) { err := conn.WriteMessage(websocket.PingMessage, nil) c.writeMu.Unlock() if err != nil { - logger.DebugCF("onebot", "Ping write failed, stopping pinger", map[string]interface{}{ + logger.DebugCF("onebot", "Ping write failed, stopping pinger", map[string]any{ "error": err.Error(), }) return @@ -220,7 +220,7 @@ func (c *OneBotChannel) pinger(conn *websocket.Conn) { func (c *OneBotChannel) fetchSelfID() { resp, err := c.sendAPIRequest("get_login_info", nil, 5*time.Second) if err != nil { - logger.WarnCF("onebot", "Failed to get_login_info", map[string]interface{}{ + logger.WarnCF("onebot", "Failed to get_login_info", map[string]any{ "error": err.Error(), }) return @@ -250,7 +250,7 @@ func (c *OneBotChannel) fetchSelfID() { } if uid, err := parseJSONInt64(info.UserID); err == nil && uid > 0 { atomic.StoreInt64(&c.selfID, uid) - logger.InfoCF("onebot", "Bot self ID retrieved", map[string]interface{}{ + logger.InfoCF("onebot", "Bot self ID retrieved", map[string]any{ "self_id": uid, "nickname": info.Nickname, }) @@ -258,12 +258,12 @@ func (c *OneBotChannel) fetchSelfID() { } } - logger.WarnCF("onebot", "Could not parse self ID from get_login_info response", map[string]interface{}{ + logger.WarnCF("onebot", "Could not parse self ID from get_login_info response", map[string]any{ "response": string(resp), }) } -func (c *OneBotChannel) sendAPIRequest(action string, params interface{}, timeout time.Duration) (json.RawMessage, error) { +func (c *OneBotChannel) sendAPIRequest(action string, params any, timeout time.Duration) (json.RawMessage, error) { c.mu.Lock() conn := c.conn c.mu.Unlock() @@ -332,7 +332,7 @@ func (c *OneBotChannel) reconnectLoop() { if conn == nil { logger.InfoC("onebot", "Attempting to reconnect...") if err := c.connect(); err != nil { - logger.ErrorCF("onebot", "Reconnect failed", map[string]interface{}{ + logger.ErrorCF("onebot", "Reconnect failed", map[string]any{ "error": err.Error(), }) } else { @@ -405,7 +405,7 @@ func (c *OneBotChannel) Send(ctx context.Context, msg bus.OutboundMessage) error c.writeMu.Unlock() if err != nil { - logger.ErrorCF("onebot", "Failed to send message", map[string]interface{}{ + logger.ErrorCF("onebot", "Failed to send message", map[string]any{ "error": err.Error(), }) return err @@ -427,20 +427,20 @@ func (c *OneBotChannel) buildMessageSegments(chatID, content string) []oneBotMes if msgID, ok := lastMsgID.(string); ok && msgID != "" { segments = append(segments, oneBotMessageSegment{ Type: "reply", - Data: map[string]interface{}{"id": msgID}, + Data: map[string]any{"id": msgID}, }) } } segments = append(segments, oneBotMessageSegment{ Type: "text", - Data: map[string]interface{}{"text": content}, + Data: map[string]any{"text": content}, }) return segments } -func (c *OneBotChannel) buildSendRequest(msg bus.OutboundMessage) (string, interface{}, error) { +func (c *OneBotChannel) buildSendRequest(msg bus.OutboundMessage) (string, any, error) { chatID := msg.ChatID segments := c.buildMessageSegments(chatID, msg.Content) @@ -458,7 +458,7 @@ func (c *OneBotChannel) buildSendRequest(msg bus.OutboundMessage) (string, inter if err != nil { return "", nil, fmt.Errorf("invalid %s in chatID: %s", idKey, chatID) } - return action, map[string]interface{}{idKey: id, "message": segments}, nil + return action, map[string]any{idKey: id, "message": segments}, nil } func (c *OneBotChannel) listen() { @@ -478,7 +478,7 @@ func (c *OneBotChannel) listen() { default: _, message, err := conn.ReadMessage() if err != nil { - logger.ErrorCF("onebot", "WebSocket read error", map[string]interface{}{ + logger.ErrorCF("onebot", "WebSocket read error", map[string]any{ "error": err.Error(), }) c.mu.Lock() @@ -494,14 +494,14 @@ func (c *OneBotChannel) listen() { var raw oneBotRawEvent if err := json.Unmarshal(message, &raw); err != nil { - logger.WarnCF("onebot", "Failed to unmarshal raw event", map[string]interface{}{ + logger.WarnCF("onebot", "Failed to unmarshal raw event", map[string]any{ "error": err.Error(), "payload": string(message), }) continue } - logger.DebugCF("onebot", "WebSocket event", map[string]interface{}{ + logger.DebugCF("onebot", "WebSocket event", map[string]any{ "length": len(message), "post_type": raw.PostType, "sub_type": raw.SubType, @@ -518,7 +518,7 @@ func (c *OneBotChannel) listen() { default: } } else { - logger.DebugCF("onebot", "Received API response (no waiter)", map[string]interface{}{ + logger.DebugCF("onebot", "Received API response (no waiter)", map[string]any{ "echo": raw.Echo, "status": string(raw.Status), }) @@ -527,7 +527,7 @@ func (c *OneBotChannel) listen() { } if isAPIResponse(raw.Status) { - logger.DebugCF("onebot", "Received API response without echo, skipping", map[string]interface{}{ + logger.DebugCF("onebot", "Received API response without echo, skipping", map[string]any{ "status": string(raw.Status), }) continue @@ -594,7 +594,7 @@ func (c *OneBotChannel) parseMessageSegments(raw json.RawMessage, selfID int64) return parseMessageResult{Text: s, IsBotMentioned: mentioned} } - var segments []map[string]interface{} + var segments []map[string]any if err := json.Unmarshal(raw, &segments); err != nil { return parseMessageResult{} } @@ -608,7 +608,7 @@ func (c *OneBotChannel) parseMessageSegments(raw json.RawMessage, selfID int64) for _, seg := range segments { segType, _ := seg["type"].(string) - data, _ := seg["data"].(map[string]interface{}) + data, _ := seg["data"].(map[string]any) switch segType { case "text": @@ -662,7 +662,7 @@ func (c *OneBotChannel) parseMessageSegments(raw json.RawMessage, selfID int64) result, err := c.transcriber.Transcribe(tctx, localPath) tcancel() if err != nil { - logger.WarnCF("onebot", "Voice transcription failed", map[string]interface{}{ + logger.WarnCF("onebot", "Voice transcription failed", map[string]any{ "error": err.Error(), }) textParts = append(textParts, "[voice (transcription failed)]") @@ -713,7 +713,7 @@ func (c *OneBotChannel) handleRawEvent(raw *oneBotRawEvent) { case "message": if userID, err := parseJSONInt64(raw.UserID); err == nil && userID > 0 { if !c.IsAllowed(strconv.FormatInt(userID, 10)) { - logger.DebugCF("onebot", "Message rejected by allowlist", map[string]interface{}{ + logger.DebugCF("onebot", "Message rejected by allowlist", map[string]any{ "user_id": userID, }) return @@ -722,7 +722,7 @@ func (c *OneBotChannel) handleRawEvent(raw *oneBotRawEvent) { c.handleMessage(raw) case "message_sent": - logger.DebugCF("onebot", "Bot sent message event", map[string]interface{}{ + logger.DebugCF("onebot", "Bot sent message event", map[string]any{ "message_type": raw.MessageType, "message_id": parseJSONString(raw.MessageID), }) @@ -734,18 +734,18 @@ func (c *OneBotChannel) handleRawEvent(raw *oneBotRawEvent) { c.handleNoticeEvent(raw) case "request": - logger.DebugCF("onebot", "Request event received", map[string]interface{}{ + logger.DebugCF("onebot", "Request event received", map[string]any{ "sub_type": raw.SubType, }) case "": - logger.DebugCF("onebot", "Event with empty post_type (possibly API response)", map[string]interface{}{ + logger.DebugCF("onebot", "Event with empty post_type (possibly API response)", map[string]any{ "echo": raw.Echo, "status": raw.Status, }) default: - logger.DebugCF("onebot", "Unknown post_type", map[string]interface{}{ + logger.DebugCF("onebot", "Unknown post_type", map[string]any{ "post_type": raw.PostType, }) } @@ -753,14 +753,14 @@ func (c *OneBotChannel) handleRawEvent(raw *oneBotRawEvent) { func (c *OneBotChannel) handleMetaEvent(raw *oneBotRawEvent) { if raw.MetaEventType == "lifecycle" { - logger.InfoCF("onebot", "Lifecycle event", map[string]interface{}{"sub_type": raw.SubType}) + logger.InfoCF("onebot", "Lifecycle event", map[string]any{"sub_type": raw.SubType}) } else if raw.MetaEventType != "heartbeat" { logger.DebugCF("onebot", "Meta event: "+raw.MetaEventType, nil) } } func (c *OneBotChannel) handleNoticeEvent(raw *oneBotRawEvent) { - fields := map[string]interface{}{ + fields := map[string]any{ "notice_type": raw.NoticeType, "sub_type": raw.SubType, "group_id": parseJSONString(raw.GroupID), @@ -780,7 +780,7 @@ func (c *OneBotChannel) handleMessage(raw *oneBotRawEvent) { // Parse fields from raw event userID, err := parseJSONInt64(raw.UserID) if err != nil { - logger.WarnCF("onebot", "Failed to parse user_id", map[string]interface{}{ + logger.WarnCF("onebot", "Failed to parse user_id", map[string]any{ "error": err.Error(), "raw": string(raw.UserID), }) @@ -817,7 +817,7 @@ func (c *OneBotChannel) handleMessage(raw *oneBotRawEvent) { var sender oneBotSender if len(raw.Sender) > 0 { if err := json.Unmarshal(raw.Sender, &sender); err != nil { - logger.WarnCF("onebot", "Failed to parse sender", map[string]interface{}{ + logger.WarnCF("onebot", "Failed to parse sender", map[string]any{ "error": err.Error(), "sender": string(raw.Sender), }) @@ -829,7 +829,7 @@ func (c *OneBotChannel) handleMessage(raw *oneBotRawEvent) { defer func() { for _, f := range parsed.LocalFiles { if err := os.Remove(f); err != nil { - logger.DebugCF("onebot", "Failed to remove temp file", map[string]interface{}{ + logger.DebugCF("onebot", "Failed to remove temp file", map[string]any{ "path": f, "error": err.Error(), }) @@ -839,14 +839,14 @@ func (c *OneBotChannel) handleMessage(raw *oneBotRawEvent) { } if c.isDuplicate(messageID) { - logger.DebugCF("onebot", "Duplicate message, skipping", map[string]interface{}{ + logger.DebugCF("onebot", "Duplicate message, skipping", map[string]any{ "message_id": messageID, }) return } if content == "" { - logger.DebugCF("onebot", "Received empty message, ignoring", map[string]interface{}{ + logger.DebugCF("onebot", "Received empty message, ignoring", map[string]any{ "message_id": messageID, }) return @@ -885,7 +885,7 @@ func (c *OneBotChannel) handleMessage(raw *oneBotRawEvent) { triggered, strippedContent := c.checkGroupTrigger(content, isBotMentioned) if !triggered { - logger.DebugCF("onebot", "Group message ignored (no trigger)", map[string]interface{}{ + logger.DebugCF("onebot", "Group message ignored (no trigger)", map[string]any{ "sender": senderID, "group": groupIDStr, "is_mentioned": isBotMentioned, @@ -896,7 +896,7 @@ func (c *OneBotChannel) handleMessage(raw *oneBotRawEvent) { content = strippedContent default: - logger.WarnCF("onebot", "Unknown message type, cannot route", map[string]interface{}{ + logger.WarnCF("onebot", "Unknown message type, cannot route", map[string]any{ "type": raw.MessageType, "message_id": messageID, "user_id": userID, @@ -904,7 +904,7 @@ func (c *OneBotChannel) handleMessage(raw *oneBotRawEvent) { return } - logger.InfoCF("onebot", "Received "+raw.MessageType+" message", map[string]interface{}{ + logger.InfoCF("onebot", "Received "+raw.MessageType+" message", map[string]any{ "sender": senderID, "chat_id": chatID, "message_id": messageID, @@ -957,7 +957,10 @@ func truncate(s string, n int) string { return string(runes[:n]) + "..." } -func (c *OneBotChannel) checkGroupTrigger(content string, isBotMentioned bool) (triggered bool, strippedContent string) { +func (c *OneBotChannel) checkGroupTrigger( + content string, + isBotMentioned bool, +) (triggered bool, strippedContent string) { if isBotMentioned { return true, strings.TrimSpace(content) } diff --git a/pkg/config/config.go b/pkg/config/config.go index 3bdb6f030..220eae88a 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -23,7 +23,7 @@ func (f *FlexibleStringSlice) UnmarshalJSON(data []byte) error { } // Try []interface{} to handle mixed types - var raw []interface{} + var raw []any if err := json.Unmarshal(data, &raw); err != nil { return err } @@ -139,16 +139,16 @@ type SessionConfig struct { } type AgentDefaults struct { - Workspace string `json:"workspace" env:"PICOCLAW_AGENTS_DEFAULTS_WORKSPACE"` - RestrictToWorkspace bool `json:"restrict_to_workspace" env:"PICOCLAW_AGENTS_DEFAULTS_RESTRICT_TO_WORKSPACE"` - Provider string `json:"provider" env:"PICOCLAW_AGENTS_DEFAULTS_PROVIDER"` - Model string `json:"model" env:"PICOCLAW_AGENTS_DEFAULTS_MODEL"` + Workspace string `json:"workspace" env:"PICOCLAW_AGENTS_DEFAULTS_WORKSPACE"` + RestrictToWorkspace bool `json:"restrict_to_workspace" env:"PICOCLAW_AGENTS_DEFAULTS_RESTRICT_TO_WORKSPACE"` + Provider string `json:"provider" env:"PICOCLAW_AGENTS_DEFAULTS_PROVIDER"` + Model string `json:"model" env:"PICOCLAW_AGENTS_DEFAULTS_MODEL"` ModelFallbacks []string `json:"model_fallbacks,omitempty"` - ImageModel string `json:"image_model,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_IMAGE_MODEL"` + ImageModel string `json:"image_model,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_IMAGE_MODEL"` ImageModelFallbacks []string `json:"image_model_fallbacks,omitempty"` - MaxTokens int `json:"max_tokens" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOKENS"` - Temperature *float64 `json:"temperature,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_TEMPERATURE"` - MaxToolIterations int `json:"max_tool_iterations" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOOL_ITERATIONS"` + MaxTokens int `json:"max_tokens" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOKENS"` + Temperature *float64 `json:"temperature,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_TEMPERATURE"` + MaxToolIterations int `json:"max_tool_iterations" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOOL_ITERATIONS"` } type ChannelsConfig struct { @@ -165,87 +165,87 @@ type ChannelsConfig struct { } type WhatsAppConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WHATSAPP_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WHATSAPP_ENABLED"` BridgeURL string `json:"bridge_url" env:"PICOCLAW_CHANNELS_WHATSAPP_BRIDGE_URL"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_WHATSAPP_ALLOW_FROM"` } type TelegramConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_TELEGRAM_ENABLED"` - Token string `json:"token" env:"PICOCLAW_CHANNELS_TELEGRAM_TOKEN"` - Proxy string `json:"proxy" env:"PICOCLAW_CHANNELS_TELEGRAM_PROXY"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_TELEGRAM_ENABLED"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_TELEGRAM_TOKEN"` + Proxy string `json:"proxy" env:"PICOCLAW_CHANNELS_TELEGRAM_PROXY"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_TELEGRAM_ALLOW_FROM"` } type FeishuConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_FEISHU_ENABLED"` - AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_FEISHU_APP_ID"` - AppSecret string `json:"app_secret" env:"PICOCLAW_CHANNELS_FEISHU_APP_SECRET"` - EncryptKey string `json:"encrypt_key" env:"PICOCLAW_CHANNELS_FEISHU_ENCRYPT_KEY"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_FEISHU_ENABLED"` + AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_FEISHU_APP_ID"` + AppSecret string `json:"app_secret" env:"PICOCLAW_CHANNELS_FEISHU_APP_SECRET"` + EncryptKey string `json:"encrypt_key" env:"PICOCLAW_CHANNELS_FEISHU_ENCRYPT_KEY"` VerificationToken string `json:"verification_token" env:"PICOCLAW_CHANNELS_FEISHU_VERIFICATION_TOKEN"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_FEISHU_ALLOW_FROM"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_FEISHU_ALLOW_FROM"` } type DiscordConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DISCORD_ENABLED"` - Token string `json:"token" env:"PICOCLAW_CHANNELS_DISCORD_TOKEN"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DISCORD_ENABLED"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_DISCORD_TOKEN"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DISCORD_ALLOW_FROM"` } type MaixCamConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_MAIXCAM_ENABLED"` - Host string `json:"host" env:"PICOCLAW_CHANNELS_MAIXCAM_HOST"` - Port int `json:"port" env:"PICOCLAW_CHANNELS_MAIXCAM_PORT"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_MAIXCAM_ENABLED"` + Host string `json:"host" env:"PICOCLAW_CHANNELS_MAIXCAM_HOST"` + Port int `json:"port" env:"PICOCLAW_CHANNELS_MAIXCAM_PORT"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_MAIXCAM_ALLOW_FROM"` } type QQConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_QQ_ENABLED"` - AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_QQ_APP_ID"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_QQ_ENABLED"` + AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_QQ_APP_ID"` AppSecret string `json:"app_secret" env:"PICOCLAW_CHANNELS_QQ_APP_SECRET"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_QQ_ALLOW_FROM"` } type DingTalkConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DINGTALK_ENABLED"` - ClientID string `json:"client_id" env:"PICOCLAW_CHANNELS_DINGTALK_CLIENT_ID"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DINGTALK_ENABLED"` + ClientID string `json:"client_id" env:"PICOCLAW_CHANNELS_DINGTALK_CLIENT_ID"` ClientSecret string `json:"client_secret" env:"PICOCLAW_CHANNELS_DINGTALK_CLIENT_SECRET"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DINGTALK_ALLOW_FROM"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DINGTALK_ALLOW_FROM"` } type SlackConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_SLACK_ENABLED"` - BotToken string `json:"bot_token" env:"PICOCLAW_CHANNELS_SLACK_BOT_TOKEN"` - AppToken string `json:"app_token" env:"PICOCLAW_CHANNELS_SLACK_APP_TOKEN"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_SLACK_ENABLED"` + BotToken string `json:"bot_token" env:"PICOCLAW_CHANNELS_SLACK_BOT_TOKEN"` + AppToken string `json:"app_token" env:"PICOCLAW_CHANNELS_SLACK_APP_TOKEN"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_SLACK_ALLOW_FROM"` } type LINEConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_LINE_ENABLED"` - ChannelSecret string `json:"channel_secret" env:"PICOCLAW_CHANNELS_LINE_CHANNEL_SECRET"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_LINE_ENABLED"` + ChannelSecret string `json:"channel_secret" env:"PICOCLAW_CHANNELS_LINE_CHANNEL_SECRET"` ChannelAccessToken string `json:"channel_access_token" env:"PICOCLAW_CHANNELS_LINE_CHANNEL_ACCESS_TOKEN"` - WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_HOST"` - WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PORT"` - WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PATH"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_LINE_ALLOW_FROM"` + WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_HOST"` + WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PORT"` + WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PATH"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_LINE_ALLOW_FROM"` } type OneBotConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_ONEBOT_ENABLED"` - WSUrl string `json:"ws_url" env:"PICOCLAW_CHANNELS_ONEBOT_WS_URL"` - AccessToken string `json:"access_token" env:"PICOCLAW_CHANNELS_ONEBOT_ACCESS_TOKEN"` - ReconnectInterval int `json:"reconnect_interval" env:"PICOCLAW_CHANNELS_ONEBOT_RECONNECT_INTERVAL"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_ONEBOT_ENABLED"` + WSUrl string `json:"ws_url" env:"PICOCLAW_CHANNELS_ONEBOT_WS_URL"` + AccessToken string `json:"access_token" env:"PICOCLAW_CHANNELS_ONEBOT_ACCESS_TOKEN"` + ReconnectInterval int `json:"reconnect_interval" env:"PICOCLAW_CHANNELS_ONEBOT_RECONNECT_INTERVAL"` GroupTriggerPrefix []string `json:"group_trigger_prefix" env:"PICOCLAW_CHANNELS_ONEBOT_GROUP_TRIGGER_PREFIX"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_ONEBOT_ALLOW_FROM"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_ONEBOT_ALLOW_FROM"` } type HeartbeatConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_HEARTBEAT_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_HEARTBEAT_ENABLED"` Interval int `json:"interval" env:"PICOCLAW_HEARTBEAT_INTERVAL"` // minutes, min 5 } type DevicesConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_DEVICES_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_DEVICES_ENABLED"` MonitorUSB bool `json:"monitor_usb" env:"PICOCLAW_DEVICES_MONITOR_USB"` } @@ -266,11 +266,11 @@ type ProvidersConfig struct { } type ProviderConfig struct { - APIKey string `json:"api_key" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_KEY"` - APIBase string `json:"api_base" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_BASE"` - Proxy string `json:"proxy,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_PROXY"` - AuthMethod string `json:"auth_method,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_AUTH_METHOD"` - ConnectMode string `json:"connect_mode,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_CONNECT_MODE"` //only for Github Copilot, `stdio` or `grpc` + APIKey string `json:"api_key" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_KEY"` + APIBase string `json:"api_base" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_BASE"` + Proxy string `json:"proxy,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_PROXY"` + AuthMethod string `json:"auth_method,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_AUTH_METHOD"` + ConnectMode string `json:"connect_mode,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_CONNECT_MODE"` // only for Github Copilot, `stdio` or `grpc` } type OpenAIProviderConfig struct { @@ -284,19 +284,19 @@ type GatewayConfig struct { } type BraveConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_BRAVE_ENABLED"` - APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_BRAVE_API_KEY"` + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_BRAVE_ENABLED"` + APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_BRAVE_API_KEY"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_BRAVE_MAX_RESULTS"` } type DuckDuckGoConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_ENABLED"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_MAX_RESULTS"` } type PerplexityConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_ENABLED"` - APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_API_KEY"` + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_ENABLED"` + APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_API_KEY"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_MAX_RESULTS"` } @@ -482,11 +482,11 @@ func SaveConfig(path string, cfg *Config) error { } dir := filepath.Dir(path) - if err := os.MkdirAll(dir, 0755); err != nil { + if err := os.MkdirAll(dir, 0o755); err != nil { return err } - return os.WriteFile(path, data, 0600) + return os.WriteFile(path, data, 0o600) } func (c *Config) WorkspacePath() string { diff --git a/pkg/providers/openai_compat/provider.go b/pkg/providers/openai_compat/provider.go index 9cfec44fe..a09825c1c 100644 --- a/pkg/providers/openai_compat/provider.go +++ b/pkg/providers/openai_compat/provider.go @@ -79,7 +79,8 @@ func (p *Provider) Chat( if maxTokens, ok := asInt(options["max_tokens"]); ok { lowerModel := strings.ToLower(model) - if strings.Contains(lowerModel, "glm") || strings.Contains(lowerModel, "o1") || strings.Contains(lowerModel, "gpt-5") { + if strings.Contains(lowerModel, "glm") || strings.Contains(lowerModel, "o1") || + strings.Contains(lowerModel, "gpt-5") { requestBody["max_completion_tokens"] = maxTokens } else { requestBody["max_tokens"] = maxTokens diff --git a/pkg/tools/subagent_tool_test.go b/pkg/tools/subagent_tool_test.go index f960a7fda..59bfdffae 100644 --- a/pkg/tools/subagent_tool_test.go +++ b/pkg/tools/subagent_tool_test.go @@ -11,10 +11,16 @@ import ( // MockLLMProvider is a test implementation of LLMProvider type MockLLMProvider struct { - lastOptions map[string]interface{} + lastOptions map[string]any } -func (m *MockLLMProvider) Chat(ctx context.Context, messages []providers.Message, tools []providers.ToolDefinition, model string, options map[string]interface{}) (*providers.LLMResponse, error) { +func (m *MockLLMProvider) Chat( + ctx context.Context, + messages []providers.Message, + tools []providers.ToolDefinition, + model string, + options map[string]any, +) (*providers.LLMResponse, error) { m.lastOptions = options // Find the last user message to generate a response for i := len(messages) - 1; i >= 0; i-- { @@ -47,7 +53,7 @@ func TestSubagentManager_SetLLMOptions_AppliesToRunToolLoop(t *testing.T) { tool.SetContext("cli", "direct") ctx := context.Background() - args := map[string]interface{}{"task": "Do something"} + args := map[string]any{"task": "Do something"} result := tool.Execute(ctx, args) if result == nil || result.IsError { @@ -108,13 +114,13 @@ func TestSubagentTool_Parameters(t *testing.T) { } // Check properties - props, ok := params["properties"].(map[string]interface{}) + props, ok := params["properties"].(map[string]any) if !ok { t.Fatal("Properties should be a map") } // Verify task parameter - task, ok := props["task"].(map[string]interface{}) + task, ok := props["task"].(map[string]any) if !ok { t.Fatal("Task parameter should exist") } @@ -123,7 +129,7 @@ func TestSubagentTool_Parameters(t *testing.T) { } // Verify label parameter - label, ok := props["label"].(map[string]interface{}) + label, ok := props["label"].(map[string]any) if !ok { t.Fatal("Label parameter should exist") } @@ -163,7 +169,7 @@ func TestSubagentTool_Execute_Success(t *testing.T) { tool.SetContext("telegram", "chat-123") ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "task": "Write a haiku about coding", "label": "haiku-task", } @@ -218,7 +224,7 @@ func TestSubagentTool_Execute_NoLabel(t *testing.T) { tool := NewSubagentTool(manager) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "task": "Test task without label", } @@ -241,7 +247,7 @@ func TestSubagentTool_Execute_MissingTask(t *testing.T) { tool := NewSubagentTool(manager) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "label": "test", } @@ -268,7 +274,7 @@ func TestSubagentTool_Execute_NilManager(t *testing.T) { tool := NewSubagentTool(nil) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "task": "test task", } @@ -297,7 +303,7 @@ func TestSubagentTool_Execute_ContextPassing(t *testing.T) { tool.SetContext(channel, chatID) ctx := context.Background() - args := map[string]interface{}{ + args := map[string]any{ "task": "Test context passing", } @@ -324,7 +330,7 @@ func TestSubagentTool_ForUserTruncation(t *testing.T) { // Create a task that will generate long response longTask := strings.Repeat("This is a very long task description. ", 100) - args := map[string]interface{}{ + args := map[string]any{ "task": longTask, "label": "long-test", } diff --git a/pkg/tools/web_test.go b/pkg/tools/web_test.go index 222a38972..d999d8958 100644 --- a/pkg/tools/web_test.go +++ b/pkg/tools/web_test.go @@ -255,7 +255,8 @@ func TestWebFetchTool_extractText(t *testing.T) { if len(lines) < 2 { t.Errorf("Expected multiple lines, got %d: %q", len(lines), got) } - if !strings.Contains(got, "Title") || !strings.Contains(got, "Paragraph 1") || !strings.Contains(got, "Paragraph 2") { + if !strings.Contains(got, "Title") || !strings.Contains(got, "Paragraph 1") || + !strings.Contains(got, "Paragraph 2") { t.Errorf("Missing expected text: %q", got) } }, From 59772cdbf25904a40ae24dddf55a7767e3f4be4d Mon Sep 17 00:00:00 2001 From: swordkee Date: Fri, 20 Feb 2026 15:33:24 +0800 Subject: [PATCH 06/88] feat: add wecom and wecomApp channel support --- config/config.example.json | 24 + pkg/channels/manager.go | 26 + pkg/channels/wecom.go | 529 ++++++++++++++++ pkg/channels/wecom_app.go | 707 +++++++++++++++++++++ pkg/channels/wecom_app_test.go | 1089 ++++++++++++++++++++++++++++++++ pkg/channels/wecom_test.go | 689 ++++++++++++++++++++ pkg/config/config.go | 28 + pkg/config/defaults.go | 24 + 8 files changed, 3116 insertions(+) create mode 100644 pkg/channels/wecom.go create mode 100644 pkg/channels/wecom_app.go create mode 100644 pkg/channels/wecom_app_test.go create mode 100644 pkg/channels/wecom_test.go diff --git a/config/config.example.json b/config/config.example.json index e14d4fa63..f0c82c2bc 100644 --- a/config/config.example.json +++ b/config/config.example.json @@ -106,6 +106,30 @@ "reconnect_interval": 5, "group_trigger_prefix": [], "allow_from": [] + }, + "wecom": { + "enabled": false, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_43_CHAR_ENCODING_AES_KEY", + "webhook_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=YOUR_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18793, + "webhook_path": "/webhook/wecom", + "allow_from": [], + "reply_timeout": 5 + }, + "wecom_app": { + "enabled": false, + "corp_id": "YOUR_CORP_ID", + "corp_secret": "YOUR_CORP_SECRET", + "agent_id": 1000002, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_43_CHAR_ENCODING_AES_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18792, + "webhook_path": "/webhook/wecom-app", + "allow_from": [], + "reply_timeout": 5 } }, "providers": { diff --git a/pkg/channels/manager.go b/pkg/channels/manager.go index 7f6abc4cb..b80d1c8fb 100644 --- a/pkg/channels/manager.go +++ b/pkg/channels/manager.go @@ -176,6 +176,32 @@ func (m *Manager) initChannels() error { } } + if m.config.Channels.WeCom.Enabled && m.config.Channels.WeCom.Token != "" { + logger.DebugC("channels", "Attempting to initialize WeCom channel") + wecom, err := NewWeComBotChannel(m.config.Channels.WeCom, m.bus) + if err != nil { + logger.ErrorCF("channels", "Failed to initialize WeCom channel", map[string]interface{}{ + "error": err.Error(), + }) + } else { + m.channels["wecom"] = wecom + logger.InfoC("channels", "WeCom channel enabled successfully") + } + } + + if m.config.Channels.WeComApp.Enabled && m.config.Channels.WeComApp.CorpID != "" { + logger.DebugC("channels", "Attempting to initialize WeCom App channel") + wecomApp, err := NewWeComAppChannel(m.config.Channels.WeComApp, m.bus) + if err != nil { + logger.ErrorCF("channels", "Failed to initialize WeCom App channel", map[string]interface{}{ + "error": err.Error(), + }) + } else { + m.channels["wecom_app"] = wecomApp + logger.InfoC("channels", "WeCom App channel enabled successfully") + } + } + logger.InfoCF("channels", "Channel initialization completed", map[string]interface{}{ "enabled_channels": len(m.channels), }) diff --git a/pkg/channels/wecom.go b/pkg/channels/wecom.go new file mode 100644 index 000000000..5d4e14697 --- /dev/null +++ b/pkg/channels/wecom.go @@ -0,0 +1,529 @@ +// PicoClaw - Ultra-lightweight personal AI agent +// WeCom Bot (企äøšå¾®äæ”ę™ŗčƒ½ęœŗå™Øäŗŗ) channel implementation +// Uses webhook callback mode for receiving messages and webhook API for sending replies + +package channels + +import ( + "bytes" + "context" + "crypto/aes" + "crypto/cipher" + "crypto/sha1" + "encoding/base64" + "encoding/binary" + "encoding/json" + "encoding/xml" + "fmt" + "io" + "net/http" + "sort" + "strings" + "sync" + "time" + + "github.com/sipeed/picoclaw/pkg/bus" + "github.com/sipeed/picoclaw/pkg/config" + "github.com/sipeed/picoclaw/pkg/logger" + "github.com/sipeed/picoclaw/pkg/utils" +) + +// WeComBotChannel implements the Channel interface for WeCom Bot (企äøšå¾®äæ”ę™ŗčƒ½ęœŗå™Øäŗŗ) +// Uses webhook callback mode - simpler than WeCom App but only supports passive replies +type WeComBotChannel struct { + *BaseChannel + config config.WeComConfig + server *http.Server + ctx context.Context + cancel context.CancelFunc + processedMsgs map[string]bool // Message deduplication: msg_id -> processed + msgMu sync.RWMutex +} + +// WeComBotXMLMessage represents the XML message structure from WeCom Bot +type WeComBotXMLMessage struct { + XMLName xml.Name `xml:"xml"` + ToUserName string `xml:"ToUserName"` + FromUserName string `xml:"FromUserName"` + CreateTime int64 `xml:"CreateTime"` + MsgType string `xml:"MsgType"` + Content string `xml:"Content"` + MsgId int64 `xml:"MsgId"` + PicUrl string `xml:"PicUrl"` + MediaId string `xml:"MediaId"` + Format string `xml:"Format"` + Recognition string `xml:"Recognition"` // Voice recognition result +} + +// WeComBotReplyMessage represents the reply message structure +type WeComBotReplyMessage struct { + XMLName xml.Name `xml:"xml"` + ToUserName string `xml:"ToUserName"` + FromUserName string `xml:"FromUserName"` + CreateTime int64 `xml:"CreateTime"` + MsgType string `xml:"MsgType"` + Content string `xml:"Content"` +} + +// WeComBotWebhookReply represents the webhook API reply +type WeComBotWebhookReply struct { + MsgType string `json:"msgtype"` + Text struct { + Content string `json:"content"` + } `json:"text,omitempty"` + Markdown struct { + Content string `json:"content"` + } `json:"markdown,omitempty"` +} + +// NewWeComBotChannel creates a new WeCom Bot channel instance +func NewWeComBotChannel(cfg config.WeComConfig, messageBus *bus.MessageBus) (*WeComBotChannel, error) { + if cfg.Token == "" || cfg.WebhookURL == "" { + return nil, fmt.Errorf("wecom token and webhook_url are required") + } + + base := NewBaseChannel("wecom", cfg, messageBus, cfg.AllowFrom) + + return &WeComBotChannel{ + BaseChannel: base, + config: cfg, + processedMsgs: make(map[string]bool), + }, nil +} + +// Name returns the channel name +func (c *WeComBotChannel) Name() string { + return "wecom" +} + +// Start initializes the WeCom Bot channel with HTTP webhook server +func (c *WeComBotChannel) Start(ctx context.Context) error { + logger.InfoC("wecom", "Starting WeCom Bot channel...") + + c.ctx, c.cancel = context.WithCancel(ctx) + + // Setup HTTP server for webhook + mux := http.NewServeMux() + webhookPath := c.config.WebhookPath + if webhookPath == "" { + webhookPath = "/webhook/wecom" + } + mux.HandleFunc(webhookPath, c.handleWebhook) + + // Health check endpoint + mux.HandleFunc("/health/wecom", c.handleHealth) + + addr := fmt.Sprintf("%s:%d", c.config.WebhookHost, c.config.WebhookPort) + c.server = &http.Server{ + Addr: addr, + Handler: mux, + } + + c.setRunning(true) + logger.InfoCF("wecom", "WeCom Bot channel started", map[string]interface{}{ + "address": addr, + "path": webhookPath, + }) + + // Start server in goroutine + go func() { + if err := c.server.ListenAndServe(); err != nil && err != http.ErrServerClosed { + logger.ErrorCF("wecom", "HTTP server error", map[string]interface{}{ + "error": err.Error(), + }) + } + }() + + return nil +} + +// Stop gracefully stops the WeCom Bot channel +func (c *WeComBotChannel) Stop(ctx context.Context) error { + logger.InfoC("wecom", "Stopping WeCom Bot channel...") + + if c.cancel != nil { + c.cancel() + } + + if c.server != nil { + shutdownCtx, cancel := context.WithTimeout(ctx, 5*time.Second) + defer cancel() + c.server.Shutdown(shutdownCtx) + } + + c.setRunning(false) + logger.InfoC("wecom", "WeCom Bot channel stopped") + return nil +} + +// Send sends a message to WeCom user via webhook API +// Note: WeCom Bot can only reply within the configured timeout (default 5 seconds) of receiving a message +// For delayed responses, we use the webhook URL +func (c *WeComBotChannel) Send(ctx context.Context, msg bus.OutboundMessage) error { + if !c.IsRunning() { + return fmt.Errorf("wecom channel not running") + } + + logger.DebugCF("wecom", "Sending message via webhook", map[string]interface{}{ + "chat_id": msg.ChatID, + "preview": utils.Truncate(msg.Content, 100), + }) + + return c.sendWebhookReply(ctx, msg.ChatID, msg.Content) +} + +// handleWebhook handles incoming webhook requests from WeCom +func (c *WeComBotChannel) handleWebhook(w http.ResponseWriter, r *http.Request) { + ctx := r.Context() + + if r.Method == http.MethodGet { + // Handle verification request + c.handleVerification(ctx, w, r) + return + } + + if r.Method == http.MethodPost { + // Handle message callback + c.handleMessageCallback(ctx, w, r) + return + } + + http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) +} + +// handleVerification handles the URL verification request from WeCom +func (c *WeComBotChannel) handleVerification(ctx context.Context, w http.ResponseWriter, r *http.Request) { + query := r.URL.Query() + msgSignature := query.Get("msg_signature") + timestamp := query.Get("timestamp") + nonce := query.Get("nonce") + echostr := query.Get("echostr") + + if msgSignature == "" || timestamp == "" || nonce == "" || echostr == "" { + http.Error(w, "Missing parameters", http.StatusBadRequest) + return + } + + // Verify signature + if !c.verifySignature(msgSignature, timestamp, nonce, echostr) { + logger.WarnC("wecom", "Signature verification failed") + http.Error(w, "Invalid signature", http.StatusForbidden) + return + } + + // Decrypt echostr + decryptedEchoStr, err := c.decryptMessage(echostr) + if err != nil { + logger.ErrorCF("wecom", "Failed to decrypt echostr", map[string]interface{}{ + "error": err.Error(), + }) + http.Error(w, "Decryption failed", http.StatusInternalServerError) + return + } + + // Remove BOM and whitespace as per WeCom documentation + // The response must be plain text without quotes, BOM, or newlines + decryptedEchoStr = strings.TrimSpace(decryptedEchoStr) + decryptedEchoStr = strings.TrimPrefix(decryptedEchoStr, "\xef\xbb\xbf") // Remove UTF-8 BOM + w.Write([]byte(decryptedEchoStr)) +} + +// handleMessageCallback handles incoming messages from WeCom +func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.ResponseWriter, r *http.Request) { + query := r.URL.Query() + msgSignature := query.Get("msg_signature") + timestamp := query.Get("timestamp") + nonce := query.Get("nonce") + + if msgSignature == "" || timestamp == "" || nonce == "" { + http.Error(w, "Missing parameters", http.StatusBadRequest) + return + } + + // Read request body + body, err := io.ReadAll(r.Body) + if err != nil { + http.Error(w, "Failed to read body", http.StatusBadRequest) + return + } + defer r.Body.Close() + + // Parse XML to get encrypted message + var encryptedMsg struct { + XMLName xml.Name `xml:"xml"` + ToUserName string `xml:"ToUserName"` + Encrypt string `xml:"Encrypt"` + AgentID string `xml:"AgentID"` + } + + if err := xml.Unmarshal(body, &encryptedMsg); err != nil { + logger.ErrorCF("wecom", "Failed to parse XML", map[string]interface{}{ + "error": err.Error(), + }) + http.Error(w, "Invalid XML", http.StatusBadRequest) + return + } + + // Verify signature + if !c.verifySignature(msgSignature, timestamp, nonce, encryptedMsg.Encrypt) { + logger.WarnC("wecom", "Message signature verification failed") + http.Error(w, "Invalid signature", http.StatusForbidden) + return + } + + // Decrypt message + decryptedMsg, err := c.decryptMessage(encryptedMsg.Encrypt) + if err != nil { + logger.ErrorCF("wecom", "Failed to decrypt message", map[string]interface{}{ + "error": err.Error(), + }) + http.Error(w, "Decryption failed", http.StatusInternalServerError) + return + } + + // Parse decrypted XML message + var msg WeComBotXMLMessage + if err := xml.Unmarshal([]byte(decryptedMsg), &msg); err != nil { + logger.ErrorCF("wecom", "Failed to parse decrypted message", map[string]interface{}{ + "error": err.Error(), + }) + http.Error(w, "Invalid message format", http.StatusBadRequest) + return + } + + // Process the message asynchronously with context + go c.processMessage(ctx, msg) + + // Return success response immediately + // WeCom Bot requires response within configured timeout (default 5 seconds) + w.Write([]byte("success")) +} + +// processMessage processes the received message +func (c *WeComBotChannel) processMessage(ctx context.Context, msg WeComBotXMLMessage) { + // Skip non-text messages for now (can be extended) + if msg.MsgType != "text" && msg.MsgType != "image" && msg.MsgType != "voice" { + logger.DebugCF("wecom", "Skipping non-supported message type", map[string]interface{}{ + "msg_type": msg.MsgType, + }) + return + } + + // Message deduplication: Use msg_id to prevent duplicate processing + // As per WeCom documentation, use msg_id for deduplication + msgID := fmt.Sprintf("%d", msg.MsgId) + c.msgMu.Lock() + if c.processedMsgs[msgID] { + c.msgMu.Unlock() + logger.DebugCF("wecom", "Skipping duplicate message", map[string]interface{}{ + "msg_id": msgID, + }) + return + } + c.processedMsgs[msgID] = true + c.msgMu.Unlock() + + // Clean up old messages periodically (keep last 1000) + if len(c.processedMsgs) > 1000 { + c.msgMu.Lock() + c.processedMsgs = make(map[string]bool) + c.msgMu.Unlock() + } + + senderID := msg.FromUserName + chatID := senderID // WeCom Bot uses user ID as chat ID + + // Use voice recognition result if available + content := msg.Content + if msg.MsgType == "voice" && msg.Recognition != "" { + content = msg.Recognition + } + + // Build metadata + // WeCom Bot only supports direct messages (private chat) + metadata := map[string]string{ + "msg_type": msg.MsgType, + "msg_id": fmt.Sprintf("%d", msg.MsgId), + "platform": "wecom", + "media_id": msg.MediaId, + "create_time": fmt.Sprintf("%d", msg.CreateTime), + "peer_kind": "direct", + "peer_id": senderID, + } + + logger.DebugCF("wecom", "Received message", map[string]interface{}{ + "sender_id": senderID, + "msg_type": msg.MsgType, + "preview": utils.Truncate(content, 50), + }) + + // Handle the message through the base channel + c.HandleMessage(senderID, chatID, content, nil, metadata) +} + +// verifySignature verifies the message signature +func (c *WeComBotChannel) verifySignature(msgSignature, timestamp, nonce, msgEncrypt string) bool { + if c.config.Token == "" { + return true // Skip verification if token is not set + } + + // Sort parameters + params := []string{c.config.Token, timestamp, nonce, msgEncrypt} + sort.Strings(params) + + // Concatenate + str := strings.Join(params, "") + + // SHA1 hash + hash := sha1.Sum([]byte(str)) + expectedSignature := fmt.Sprintf("%x", hash) + + return expectedSignature == msgSignature +} + +// decryptMessage decrypts the encrypted message using AES +func (c *WeComBotChannel) decryptMessage(encryptedMsg string) (string, error) { + if c.config.EncodingAESKey == "" { + // No encryption, return as is (base64 decode) + decoded, err := base64.StdEncoding.DecodeString(encryptedMsg) + if err != nil { + return "", err + } + return string(decoded), nil + } + + // Decode AES key (base64) + aesKey, err := base64.StdEncoding.DecodeString(c.config.EncodingAESKey + "=") + if err != nil { + return "", fmt.Errorf("failed to decode AES key: %w", err) + } + + // Decode encrypted message + cipherText, err := base64.StdEncoding.DecodeString(encryptedMsg) + if err != nil { + return "", fmt.Errorf("failed to decode message: %w", err) + } + + // AES decrypt + block, err := aes.NewCipher(aesKey) + if err != nil { + return "", fmt.Errorf("failed to create cipher: %w", err) + } + + if len(cipherText) < aes.BlockSize { + return "", fmt.Errorf("ciphertext too short") + } + + mode := cipher.NewCBCDecrypter(block, aesKey[:aes.BlockSize]) + plainText := make([]byte, len(cipherText)) + mode.CryptBlocks(plainText, cipherText) + + // Remove PKCS7 padding + plainText, err = pkcs7UnpadWeCom(plainText) + if err != nil { + return "", fmt.Errorf("failed to unpad: %w", err) + } + + // Parse message structure + // Format: random(16) + msg_len(4) + msg + corp_id + if len(plainText) < 20 { + return "", fmt.Errorf("decrypted message too short") + } + + msgLen := binary.BigEndian.Uint32(plainText[16:20]) + if int(msgLen) > len(plainText)-20 { + return "", fmt.Errorf("invalid message length") + } + + msg := plainText[20 : 20+msgLen] + // corpID := plainText[20+msgLen:] // Could be used for verification + + return string(msg), nil +} + +// pkcs7UnpadWeCom removes PKCS7 padding with validation +func pkcs7UnpadWeCom(data []byte) ([]byte, error) { + if len(data) == 0 { + return data, nil + } + padding := int(data[len(data)-1]) + if padding == 0 || padding > aes.BlockSize { + return nil, fmt.Errorf("invalid padding size: %d", padding) + } + if padding > len(data) { + return nil, fmt.Errorf("padding size larger than data") + } + // Verify all padding bytes + for i := 0; i < padding; i++ { + if data[len(data)-1-i] != byte(padding) { + return nil, fmt.Errorf("invalid padding byte at position %d", i) + } + } + return data[:len(data)-padding], nil +} + +// sendWebhookReply sends a reply using the webhook URL +func (c *WeComBotChannel) sendWebhookReply(ctx context.Context, userID, content string) error { + reply := WeComBotWebhookReply{ + MsgType: "text", + } + reply.Text.Content = content + + jsonData, err := json.Marshal(reply) + if err != nil { + return fmt.Errorf("failed to marshal reply: %w", err) + } + + // Use configurable timeout (default 5 seconds) + timeout := c.config.ReplyTimeout + if timeout <= 0 { + timeout = 5 + } + + reqCtx, cancel := context.WithTimeout(ctx, time.Duration(timeout)*time.Second) + defer cancel() + + req, err := http.NewRequestWithContext(reqCtx, http.MethodPost, c.config.WebhookURL, bytes.NewBuffer(jsonData)) + if err != nil { + return fmt.Errorf("failed to create request: %w", err) + } + req.Header.Set("Content-Type", "application/json") + + client := &http.Client{Timeout: time.Duration(timeout) * time.Second} + resp, err := client.Do(req) + if err != nil { + return fmt.Errorf("failed to send webhook reply: %w", err) + } + defer resp.Body.Close() + + body, err := io.ReadAll(resp.Body) + if err != nil { + return fmt.Errorf("failed to read response: %w", err) + } + + // Check response + var result struct { + ErrCode int `json:"errcode"` + ErrMsg string `json:"errmsg"` + } + if err := json.Unmarshal(body, &result); err != nil { + return fmt.Errorf("failed to parse response: %w", err) + } + + if result.ErrCode != 0 { + return fmt.Errorf("webhook API error: %s (code: %d)", result.ErrMsg, result.ErrCode) + } + + return nil +} + +// handleHealth handles health check requests +func (c *WeComBotChannel) handleHealth(w http.ResponseWriter, r *http.Request) { + status := map[string]interface{}{ + "status": "ok", + "running": c.IsRunning(), + } + + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(status) +} diff --git a/pkg/channels/wecom_app.go b/pkg/channels/wecom_app.go new file mode 100644 index 000000000..c1d0ebaad --- /dev/null +++ b/pkg/channels/wecom_app.go @@ -0,0 +1,707 @@ +// PicoClaw - Ultra-lightweight personal AI agent +// WeCom App (企äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Ø) channel implementation +// Supports receiving messages via webhook callback and sending messages proactively + +package channels + +import ( + "bytes" + "context" + "crypto/aes" + "crypto/cipher" + "crypto/sha1" + "encoding/base64" + "encoding/binary" + "encoding/json" + "encoding/xml" + "fmt" + "io" + "net/http" + "net/url" + "sort" + "strings" + "sync" + "time" + + "github.com/sipeed/picoclaw/pkg/bus" + "github.com/sipeed/picoclaw/pkg/config" + "github.com/sipeed/picoclaw/pkg/logger" + "github.com/sipeed/picoclaw/pkg/utils" +) + +const ( + wecomAPIBase = "https://qyapi.weixin.qq.com" +) + +// WeComAppChannel implements the Channel interface for WeCom App (企äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Ø) +type WeComAppChannel struct { + *BaseChannel + config config.WeComAppConfig + server *http.Server + accessToken string + tokenExpiry time.Time + tokenMu sync.RWMutex + ctx context.Context + cancel context.CancelFunc + processedMsgs map[string]bool // Message deduplication: msg_id -> processed + msgMu sync.RWMutex +} + +// WeComXMLMessage represents the XML message structure from WeCom +type WeComXMLMessage struct { + XMLName xml.Name `xml:"xml"` + ToUserName string `xml:"ToUserName"` + FromUserName string `xml:"FromUserName"` + CreateTime int64 `xml:"CreateTime"` + MsgType string `xml:"MsgType"` + Content string `xml:"Content"` + MsgId int64 `xml:"MsgId"` + AgentID int64 `xml:"AgentID"` + PicUrl string `xml:"PicUrl"` + MediaId string `xml:"MediaId"` + Format string `xml:"Format"` + ThumbMediaId string `xml:"ThumbMediaId"` + LocationX float64 `xml:"Location_X"` + LocationY float64 `xml:"Location_Y"` + Scale int `xml:"Scale"` + Label string `xml:"Label"` + Title string `xml:"Title"` + Description string `xml:"Description"` + Url string `xml:"Url"` + Event string `xml:"Event"` + EventKey string `xml:"EventKey"` +} + +// WeComTextMessage represents text message for sending +type WeComTextMessage struct { + ToUser string `json:"touser"` + MsgType string `json:"msgtype"` + AgentID int64 `json:"agentid"` + Text struct { + Content string `json:"content"` + } `json:"text"` + Safe int `json:"safe,omitempty"` +} + +// WeComMarkdownMessage represents markdown message for sending +type WeComMarkdownMessage struct { + ToUser string `json:"touser"` + MsgType string `json:"msgtype"` + AgentID int64 `json:"agentid"` + Markdown struct { + Content string `json:"content"` + } `json:"markdown"` +} + +// WeComImageMessage represents image message for sending +type WeComImageMessage struct { + ToUser string `json:"touser"` + MsgType string `json:"msgtype"` + AgentID int64 `json:"agentid"` + Image struct { + MediaID string `json:"media_id"` + } `json:"image"` +} + +// WeComAccessTokenResponse represents the access token API response +type WeComAccessTokenResponse struct { + ErrCode int `json:"errcode"` + ErrMsg string `json:"errmsg"` + AccessToken string `json:"access_token"` + ExpiresIn int `json:"expires_in"` +} + +// WeComSendMessageResponse represents the send message API response +type WeComSendMessageResponse struct { + ErrCode int `json:"errcode"` + ErrMsg string `json:"errmsg"` + InvalidUser string `json:"invaliduser"` + InvalidParty string `json:"invalidparty"` + InvalidTag string `json:"invalidtag"` +} + +// PKCS7Padding adds PKCS7 padding +type PKCS7Padding struct{} + +// NewWeComAppChannel creates a new WeCom App channel instance +func NewWeComAppChannel(cfg config.WeComAppConfig, messageBus *bus.MessageBus) (*WeComAppChannel, error) { + if cfg.CorpID == "" || cfg.CorpSecret == "" || cfg.AgentID == 0 { + return nil, fmt.Errorf("wecom_app corp_id, corp_secret and agent_id are required") + } + + base := NewBaseChannel("wecom_app", cfg, messageBus, cfg.AllowFrom) + + return &WeComAppChannel{ + BaseChannel: base, + config: cfg, + processedMsgs: make(map[string]bool), + }, nil +} + +// Name returns the channel name +func (c *WeComAppChannel) Name() string { + return "wecom_app" +} + +// Start initializes the WeCom App channel with HTTP webhook server +func (c *WeComAppChannel) Start(ctx context.Context) error { + logger.InfoC("wecom_app", "Starting WeCom App channel...") + + c.ctx, c.cancel = context.WithCancel(ctx) + + // Get initial access token + if err := c.refreshAccessToken(); err != nil { + logger.WarnCF("wecom_app", "Failed to get initial access token", map[string]interface{}{ + "error": err.Error(), + }) + } + + // Start token refresh goroutine + go c.tokenRefreshLoop() + + // Setup HTTP server for webhook + mux := http.NewServeMux() + webhookPath := c.config.WebhookPath + if webhookPath == "" { + webhookPath = "/webhook/wecom-app" + } + mux.HandleFunc(webhookPath, c.handleWebhook) + + // Health check endpoint + mux.HandleFunc("/health/wecom-app", c.handleHealth) + + addr := fmt.Sprintf("%s:%d", c.config.WebhookHost, c.config.WebhookPort) + c.server = &http.Server{ + Addr: addr, + Handler: mux, + } + + c.setRunning(true) + logger.InfoCF("wecom_app", "WeCom App channel started", map[string]interface{}{ + "address": addr, + "path": webhookPath, + }) + + // Start server in goroutine + go func() { + if err := c.server.ListenAndServe(); err != nil && err != http.ErrServerClosed { + logger.ErrorCF("wecom_app", "HTTP server error", map[string]interface{}{ + "error": err.Error(), + }) + } + }() + + return nil +} + +// Stop gracefully stops the WeCom App channel +func (c *WeComAppChannel) Stop(ctx context.Context) error { + logger.InfoC("wecom_app", "Stopping WeCom App channel...") + + if c.cancel != nil { + c.cancel() + } + + if c.server != nil { + shutdownCtx, cancel := context.WithTimeout(ctx, 5*time.Second) + defer cancel() + c.server.Shutdown(shutdownCtx) + } + + c.setRunning(false) + logger.InfoC("wecom_app", "WeCom App channel stopped") + return nil +} + +// Send sends a message to WeCom user proactively using access token +func (c *WeComAppChannel) Send(ctx context.Context, msg bus.OutboundMessage) error { + if !c.IsRunning() { + return fmt.Errorf("wecom_app channel not running") + } + + accessToken := c.getAccessToken() + if accessToken == "" { + return fmt.Errorf("no valid access token available") + } + + logger.DebugCF("wecom_app", "Sending message", map[string]interface{}{ + "chat_id": msg.ChatID, + "preview": utils.Truncate(msg.Content, 100), + }) + + return c.sendTextMessage(ctx, accessToken, msg.ChatID, msg.Content) +} + +// handleWebhook handles incoming webhook requests from WeCom +func (c *WeComAppChannel) handleWebhook(w http.ResponseWriter, r *http.Request) { + ctx := r.Context() + + if r.Method == http.MethodGet { + // Handle verification request + c.handleVerification(ctx, w, r) + return + } + + if r.Method == http.MethodPost { + // Handle message callback + c.handleMessageCallback(ctx, w, r) + return + } + + http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) +} + +// handleVerification handles the URL verification request from WeCom +func (c *WeComAppChannel) handleVerification(ctx context.Context, w http.ResponseWriter, r *http.Request) { + query := r.URL.Query() + msgSignature := query.Get("msg_signature") + timestamp := query.Get("timestamp") + nonce := query.Get("nonce") + echostr := query.Get("echostr") + + if msgSignature == "" || timestamp == "" || nonce == "" || echostr == "" { + http.Error(w, "Missing parameters", http.StatusBadRequest) + return + } + + // Verify signature + if !c.verifySignature(msgSignature, timestamp, nonce, echostr) { + logger.WarnC("wecom_app", "Signature verification failed") + http.Error(w, "Invalid signature", http.StatusForbidden) + return + } + + // Decrypt echostr + decryptedEchoStr, err := c.decryptMessage(echostr) + if err != nil { + logger.ErrorCF("wecom_app", "Failed to decrypt echostr", map[string]interface{}{ + "error": err.Error(), + }) + http.Error(w, "Decryption failed", http.StatusInternalServerError) + return + } + + // Remove BOM and whitespace as per WeCom documentation + // The response must be plain text without quotes, BOM, or newlines + decryptedEchoStr = strings.TrimSpace(decryptedEchoStr) + decryptedEchoStr = strings.TrimPrefix(decryptedEchoStr, "\xef\xbb\xbf") // Remove UTF-8 BOM + w.Write([]byte(decryptedEchoStr)) +} + +// handleMessageCallback handles incoming messages from WeCom +func (c *WeComAppChannel) handleMessageCallback(ctx context.Context, w http.ResponseWriter, r *http.Request) { + query := r.URL.Query() + msgSignature := query.Get("msg_signature") + timestamp := query.Get("timestamp") + nonce := query.Get("nonce") + + if msgSignature == "" || timestamp == "" || nonce == "" { + http.Error(w, "Missing parameters", http.StatusBadRequest) + return + } + + // Read request body + body, err := io.ReadAll(r.Body) + if err != nil { + http.Error(w, "Failed to read body", http.StatusBadRequest) + return + } + defer r.Body.Close() + + // Parse XML to get encrypted message + var encryptedMsg struct { + XMLName xml.Name `xml:"xml"` + ToUserName string `xml:"ToUserName"` + Encrypt string `xml:"Encrypt"` + AgentID string `xml:"AgentID"` + } + + if err := xml.Unmarshal(body, &encryptedMsg); err != nil { + logger.ErrorCF("wecom_app", "Failed to parse XML", map[string]interface{}{ + "error": err.Error(), + }) + http.Error(w, "Invalid XML", http.StatusBadRequest) + return + } + + // Verify signature + if !c.verifySignature(msgSignature, timestamp, nonce, encryptedMsg.Encrypt) { + logger.WarnC("wecom_app", "Message signature verification failed") + http.Error(w, "Invalid signature", http.StatusForbidden) + return + } + + // Decrypt message + decryptedMsg, err := c.decryptMessage(encryptedMsg.Encrypt) + if err != nil { + logger.ErrorCF("wecom_app", "Failed to decrypt message", map[string]interface{}{ + "error": err.Error(), + }) + http.Error(w, "Decryption failed", http.StatusInternalServerError) + return + } + + // Parse decrypted XML message + var msg WeComXMLMessage + if err := xml.Unmarshal([]byte(decryptedMsg), &msg); err != nil { + logger.ErrorCF("wecom_app", "Failed to parse decrypted message", map[string]interface{}{ + "error": err.Error(), + }) + http.Error(w, "Invalid message format", http.StatusBadRequest) + return + } + + // Process the message with context + go c.processMessage(ctx, msg) + + // Return success response immediately + // WeCom App requires response within configured timeout (default 5 seconds) + w.Write([]byte("success")) +} + +// processMessage processes the received message +func (c *WeComAppChannel) processMessage(ctx context.Context, msg WeComXMLMessage) { + // Skip non-text messages for now (can be extended) + if msg.MsgType != "text" && msg.MsgType != "image" && msg.MsgType != "voice" { + logger.DebugCF("wecom_app", "Skipping non-supported message type", map[string]interface{}{ + "msg_type": msg.MsgType, + }) + return + } + + // Message deduplication: Use msg_id to prevent duplicate processing + // As per WeCom documentation, use msg_id for deduplication + msgID := fmt.Sprintf("%d", msg.MsgId) + c.msgMu.Lock() + if c.processedMsgs[msgID] { + c.msgMu.Unlock() + logger.DebugCF("wecom_app", "Skipping duplicate message", map[string]interface{}{ + "msg_id": msgID, + }) + return + } + c.processedMsgs[msgID] = true + c.msgMu.Unlock() + + // Clean up old messages periodically (keep last 1000) + if len(c.processedMsgs) > 1000 { + c.msgMu.Lock() + c.processedMsgs = make(map[string]bool) + c.msgMu.Unlock() + } + + senderID := msg.FromUserName + chatID := senderID // WeCom App uses user ID as chat ID for direct messages + + // Build metadata + // WeCom App only supports direct messages (private chat) + metadata := map[string]string{ + "msg_type": msg.MsgType, + "msg_id": fmt.Sprintf("%d", msg.MsgId), + "agent_id": fmt.Sprintf("%d", msg.AgentID), + "platform": "wecom_app", + "media_id": msg.MediaId, + "create_time": fmt.Sprintf("%d", msg.CreateTime), + "peer_kind": "direct", + "peer_id": senderID, + } + + content := msg.Content + + logger.DebugCF("wecom_app", "Received message", map[string]interface{}{ + "sender_id": senderID, + "msg_type": msg.MsgType, + "preview": utils.Truncate(content, 50), + }) + + // Handle the message through the base channel + c.HandleMessage(senderID, chatID, content, nil, metadata) +} + +// verifySignature verifies the message signature +func (c *WeComAppChannel) verifySignature(msgSignature, timestamp, nonce, msgEncrypt string) bool { + if c.config.Token == "" { + return true // Skip verification if token is not set + } + + // Sort parameters + params := []string{c.config.Token, timestamp, nonce, msgEncrypt} + sort.Strings(params) + + // Concatenate + str := strings.Join(params, "") + + // SHA1 hash + hash := sha1.Sum([]byte(str)) + expectedSignature := fmt.Sprintf("%x", hash) + + return expectedSignature == msgSignature +} + +// decryptMessage decrypts the encrypted message using AES +func (c *WeComAppChannel) decryptMessage(encryptedMsg string) (string, error) { + if c.config.EncodingAESKey == "" { + // No encryption, return as is (base64 decode) + decoded, err := base64.StdEncoding.DecodeString(encryptedMsg) + if err != nil { + return "", err + } + return string(decoded), nil + } + + // Decode AES key (base64) + aesKey, err := base64.StdEncoding.DecodeString(c.config.EncodingAESKey + "=") + if err != nil { + return "", fmt.Errorf("failed to decode AES key: %w", err) + } + + // Decode encrypted message + cipherText, err := base64.StdEncoding.DecodeString(encryptedMsg) + if err != nil { + return "", fmt.Errorf("failed to decode message: %w", err) + } + + // AES decrypt + block, err := aes.NewCipher(aesKey) + if err != nil { + return "", fmt.Errorf("failed to create cipher: %w", err) + } + + if len(cipherText) < aes.BlockSize { + return "", fmt.Errorf("ciphertext too short") + } + + mode := cipher.NewCBCDecrypter(block, aesKey[:aes.BlockSize]) + plainText := make([]byte, len(cipherText)) + mode.CryptBlocks(plainText, cipherText) + + // Remove PKCS7 padding + plainText, err = pkcs7Unpad(plainText) + if err != nil { + return "", fmt.Errorf("failed to unpad: %w", err) + } + + // Parse message structure + // Format: random(16) + msg_len(4) + msg + corp_id + if len(plainText) < 20 { + return "", fmt.Errorf("decrypted message too short") + } + + msgLen := binary.BigEndian.Uint32(plainText[16:20]) + if int(msgLen) > len(plainText)-20 { + return "", fmt.Errorf("invalid message length") + } + + msg := plainText[20 : 20+msgLen] + // corpID := plainText[20+msgLen:] // Can be used for verification + + return string(msg), nil +} + +// pkcs7Unpad removes PKCS7 padding with validation +func pkcs7Unpad(data []byte) ([]byte, error) { + if len(data) == 0 { + return data, nil + } + padding := int(data[len(data)-1]) + if padding == 0 || padding > aes.BlockSize { + return nil, fmt.Errorf("invalid padding size: %d", padding) + } + if padding > len(data) { + return nil, fmt.Errorf("padding size larger than data") + } + // Verify all padding bytes + for i := 0; i < padding; i++ { + if data[len(data)-1-i] != byte(padding) { + return nil, fmt.Errorf("invalid padding byte at position %d", i) + } + } + return data[:len(data)-padding], nil +} + +// tokenRefreshLoop periodically refreshes the access token +func (c *WeComAppChannel) tokenRefreshLoop() { + ticker := time.NewTicker(5 * time.Minute) + defer ticker.Stop() + + for { + select { + case <-c.ctx.Done(): + return + case <-ticker.C: + if err := c.refreshAccessToken(); err != nil { + logger.ErrorCF("wecom_app", "Failed to refresh access token", map[string]interface{}{ + "error": err.Error(), + }) + } + } + } +} + +// refreshAccessToken gets a new access token from WeCom API +func (c *WeComAppChannel) refreshAccessToken() error { + apiURL := fmt.Sprintf("%s/cgi-bin/gettoken?corpid=%s&corpsecret=%s", + wecomAPIBase, url.QueryEscape(c.config.CorpID), url.QueryEscape(c.config.CorpSecret)) + + resp, err := http.Get(apiURL) + if err != nil { + return fmt.Errorf("failed to request access token: %w", err) + } + defer resp.Body.Close() + + body, err := io.ReadAll(resp.Body) + if err != nil { + return fmt.Errorf("failed to read response: %w", err) + } + + var tokenResp WeComAccessTokenResponse + if err := json.Unmarshal(body, &tokenResp); err != nil { + return fmt.Errorf("failed to parse response: %w", err) + } + + if tokenResp.ErrCode != 0 { + return fmt.Errorf("API error: %s (code: %d)", tokenResp.ErrMsg, tokenResp.ErrCode) + } + + c.tokenMu.Lock() + c.accessToken = tokenResp.AccessToken + c.tokenExpiry = time.Now().Add(time.Duration(tokenResp.ExpiresIn-300) * time.Second) // Refresh 5 minutes early + c.tokenMu.Unlock() + + logger.DebugC("wecom_app", "Access token refreshed successfully") + return nil +} + +// getAccessToken returns the current valid access token +func (c *WeComAppChannel) getAccessToken() string { + c.tokenMu.RLock() + defer c.tokenMu.RUnlock() + + if time.Now().After(c.tokenExpiry) { + return "" + } + + return c.accessToken +} + +// sendTextMessage sends a text message to a user +func (c *WeComAppChannel) sendTextMessage(ctx context.Context, accessToken, userID, content string) error { + apiURL := fmt.Sprintf("%s/cgi-bin/message/send?access_token=%s", wecomAPIBase, accessToken) + + msg := WeComTextMessage{ + ToUser: userID, + MsgType: "text", + AgentID: c.config.AgentID, + } + msg.Text.Content = content + + jsonData, err := json.Marshal(msg) + if err != nil { + return fmt.Errorf("failed to marshal message: %w", err) + } + + // Use configurable timeout (default 5 seconds) + timeout := c.config.ReplyTimeout + if timeout <= 0 { + timeout = 5 + } + + reqCtx, cancel := context.WithTimeout(ctx, time.Duration(timeout)*time.Second) + defer cancel() + + req, err := http.NewRequestWithContext(reqCtx, http.MethodPost, apiURL, bytes.NewBuffer(jsonData)) + if err != nil { + return fmt.Errorf("failed to create request: %w", err) + } + req.Header.Set("Content-Type", "application/json") + + client := &http.Client{Timeout: time.Duration(timeout) * time.Second} + resp, err := client.Do(req) + if err != nil { + return fmt.Errorf("failed to send message: %w", err) + } + defer resp.Body.Close() + + body, err := io.ReadAll(resp.Body) + if err != nil { + return fmt.Errorf("failed to read response: %w", err) + } + + var sendResp WeComSendMessageResponse + if err := json.Unmarshal(body, &sendResp); err != nil { + return fmt.Errorf("failed to parse response: %w", err) + } + + if sendResp.ErrCode != 0 { + return fmt.Errorf("API error: %s (code: %d)", sendResp.ErrMsg, sendResp.ErrCode) + } + + return nil +} + +// sendMarkdownMessage sends a markdown message to a user +func (c *WeComAppChannel) sendMarkdownMessage(ctx context.Context, accessToken, userID, content string) error { + apiURL := fmt.Sprintf("%s/cgi-bin/message/send?access_token=%s", wecomAPIBase, accessToken) + + msg := WeComMarkdownMessage{ + ToUser: userID, + MsgType: "markdown", + AgentID: c.config.AgentID, + } + msg.Markdown.Content = content + + jsonData, err := json.Marshal(msg) + if err != nil { + return fmt.Errorf("failed to marshal message: %w", err) + } + + // Use configurable timeout (default 5 seconds) + timeout := c.config.ReplyTimeout + if timeout <= 0 { + timeout = 5 + } + + reqCtx, cancel := context.WithTimeout(ctx, time.Duration(timeout)*time.Second) + defer cancel() + + req, err := http.NewRequestWithContext(reqCtx, http.MethodPost, apiURL, bytes.NewBuffer(jsonData)) + if err != nil { + return fmt.Errorf("failed to create request: %w", err) + } + req.Header.Set("Content-Type", "application/json") + + client := &http.Client{Timeout: time.Duration(timeout) * time.Second} + resp, err := client.Do(req) + if err != nil { + return fmt.Errorf("failed to send message: %w", err) + } + defer resp.Body.Close() + + body, err := io.ReadAll(resp.Body) + if err != nil { + return fmt.Errorf("failed to read response: %w", err) + } + + var sendResp WeComSendMessageResponse + if err := json.Unmarshal(body, &sendResp); err != nil { + return fmt.Errorf("failed to parse response: %w", err) + } + + if sendResp.ErrCode != 0 { + return fmt.Errorf("API error: %s (code: %d)", sendResp.ErrMsg, sendResp.ErrCode) + } + + return nil +} + +// handleHealth handles health check requests +func (c *WeComAppChannel) handleHealth(w http.ResponseWriter, r *http.Request) { + status := map[string]interface{}{ + "status": "ok", + "running": c.IsRunning(), + "has_token": c.getAccessToken() != "", + } + + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(status) +} diff --git a/pkg/channels/wecom_app_test.go b/pkg/channels/wecom_app_test.go new file mode 100644 index 000000000..4283c07e6 --- /dev/null +++ b/pkg/channels/wecom_app_test.go @@ -0,0 +1,1089 @@ +// PicoClaw - Ultra-lightweight personal AI agent +// WeCom App (企äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Ø) channel tests + +package channels + +import ( + "bytes" + "context" + "crypto/aes" + "crypto/cipher" + "crypto/sha1" + "encoding/base64" + "encoding/binary" + "encoding/json" + "encoding/xml" + "fmt" + "net/http" + "net/http/httptest" + "sort" + "strings" + "testing" + "time" + + "github.com/sipeed/picoclaw/pkg/bus" + "github.com/sipeed/picoclaw/pkg/config" +) + +// generateTestAESKeyApp generates a valid test AES key for WeCom App +func generateTestAESKeyApp() string { + // AES key needs to be 32 bytes (256 bits) for AES-256 + key := make([]byte, 32) + for i := range key { + key[i] = byte(i + 1) + } + // Return base64 encoded key without padding + return base64.StdEncoding.EncodeToString(key)[:43] +} + +// encryptTestMessageApp encrypts a message for testing WeCom App +func encryptTestMessageApp(message, aesKey string) (string, error) { + // Decode AES key + key, err := base64.StdEncoding.DecodeString(aesKey + "=") + if err != nil { + return "", err + } + + // Prepare message: random(16) + msg_len(4) + msg + corp_id + random := make([]byte, 0, 16) + for i := 0; i < 16; i++ { + random = append(random, byte(i+1)) + } + + msgBytes := []byte(message) + corpID := []byte("test_corp_id") + + msgLen := uint32(len(msgBytes)) + lenBytes := make([]byte, 4) + binary.BigEndian.PutUint32(lenBytes, msgLen) + + plainText := append(random, lenBytes...) + plainText = append(plainText, msgBytes...) + plainText = append(plainText, corpID...) + + // PKCS7 padding + blockSize := aes.BlockSize + padding := blockSize - len(plainText)%blockSize + padText := bytes.Repeat([]byte{byte(padding)}, padding) + plainText = append(plainText, padText...) + + // Encrypt + block, err := aes.NewCipher(key) + if err != nil { + return "", err + } + + mode := cipher.NewCBCEncrypter(block, key[:aes.BlockSize]) + cipherText := make([]byte, len(plainText)) + mode.CryptBlocks(cipherText, plainText) + + return base64.StdEncoding.EncodeToString(cipherText), nil +} + +// generateSignatureApp generates a signature for testing WeCom App +func generateSignatureApp(token, timestamp, nonce, msgEncrypt string) string { + params := []string{token, timestamp, nonce, msgEncrypt} + sort.Strings(params) + str := strings.Join(params, "") + hash := sha1.Sum([]byte(str)) + return fmt.Sprintf("%x", hash) +} + +func TestNewWeComAppChannel(t *testing.T) { + msgBus := bus.NewMessageBus() + + t.Run("missing corp_id", func(t *testing.T) { + cfg := config.WeComAppConfig{ + CorpID: "", + CorpSecret: "test_secret", + AgentID: 1000002, + } + _, err := NewWeComAppChannel(cfg, msgBus) + if err == nil { + t.Error("expected error for missing corp_id, got nil") + } + }) + + t.Run("missing corp_secret", func(t *testing.T) { + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "", + AgentID: 1000002, + } + _, err := NewWeComAppChannel(cfg, msgBus) + if err == nil { + t.Error("expected error for missing corp_secret, got nil") + } + }) + + t.Run("missing agent_id", func(t *testing.T) { + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 0, + } + _, err := NewWeComAppChannel(cfg, msgBus) + if err == nil { + t.Error("expected error for missing agent_id, got nil") + } + }) + + t.Run("valid config", func(t *testing.T) { + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + AllowFrom: []string{"user1", "user2"}, + } + ch, err := NewWeComAppChannel(cfg, msgBus) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if ch.Name() != "wecom_app" { + t.Errorf("Name() = %q, want %q", ch.Name(), "wecom_app") + } + if ch.IsRunning() { + t.Error("new channel should not be running") + } + }) +} + +func TestWeComAppChannelIsAllowed(t *testing.T) { + msgBus := bus.NewMessageBus() + + t.Run("empty allowlist allows all", func(t *testing.T) { + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + AllowFrom: []string{}, + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + if !ch.IsAllowed("any_user") { + t.Error("empty allowlist should allow all users") + } + }) + + t.Run("allowlist restricts users", func(t *testing.T) { + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + AllowFrom: []string{"allowed_user"}, + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + if !ch.IsAllowed("allowed_user") { + t.Error("allowed user should pass allowlist check") + } + if ch.IsAllowed("blocked_user") { + t.Error("non-allowed user should be blocked") + } + }) +} + +func TestWeComAppVerifySignature(t *testing.T) { + msgBus := bus.NewMessageBus() + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + Token: "test_token", + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + t.Run("valid signature", func(t *testing.T) { + timestamp := "1234567890" + nonce := "test_nonce" + msgEncrypt := "test_message" + expectedSig := generateSignatureApp("test_token", timestamp, nonce, msgEncrypt) + + if !ch.verifySignature(expectedSig, timestamp, nonce, msgEncrypt) { + t.Error("valid signature should pass verification") + } + }) + + t.Run("invalid signature", func(t *testing.T) { + timestamp := "1234567890" + nonce := "test_nonce" + msgEncrypt := "test_message" + + if ch.verifySignature("invalid_sig", timestamp, nonce, msgEncrypt) { + t.Error("invalid signature should fail verification") + } + }) + + t.Run("empty token skips verification", func(t *testing.T) { + cfgEmpty := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + Token: "", + } + chEmpty, _ := NewWeComAppChannel(cfgEmpty, msgBus) + + if !chEmpty.verifySignature("any_sig", "any_ts", "any_nonce", "any_msg") { + t.Error("empty token should skip verification and return true") + } + }) +} + +func TestWeComAppDecryptMessage(t *testing.T) { + msgBus := bus.NewMessageBus() + + t.Run("decrypt without AES key", func(t *testing.T) { + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + EncodingAESKey: "", + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + // Without AES key, message should be base64 decoded only + plainText := "hello world" + encoded := base64.StdEncoding.EncodeToString([]byte(plainText)) + + result, err := ch.decryptMessage(encoded) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if result != plainText { + t.Errorf("decryptMessage() = %q, want %q", result, plainText) + } + }) + + t.Run("decrypt with AES key", func(t *testing.T) { + aesKey := generateTestAESKeyApp() + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + EncodingAESKey: aesKey, + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + originalMsg := "Hello" + encrypted, err := encryptTestMessageApp(originalMsg, aesKey) + if err != nil { + t.Fatalf("failed to encrypt test message: %v", err) + } + + result, err := ch.decryptMessage(encrypted) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if result != originalMsg { + t.Errorf("decryptMessage() = %q, want %q", result, originalMsg) + } + }) + + t.Run("invalid base64", func(t *testing.T) { + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + EncodingAESKey: "", + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + _, err := ch.decryptMessage("invalid_base64!!!") + if err == nil { + t.Error("expected error for invalid base64, got nil") + } + }) + + t.Run("invalid AES key", func(t *testing.T) { + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + EncodingAESKey: "invalid_key", + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + _, err := ch.decryptMessage(base64.StdEncoding.EncodeToString([]byte("test"))) + if err == nil { + t.Error("expected error for invalid AES key, got nil") + } + }) + + t.Run("ciphertext too short", func(t *testing.T) { + aesKey := generateTestAESKeyApp() + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + EncodingAESKey: aesKey, + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + // Encrypt a very short message that results in ciphertext less than block size + shortData := make([]byte, 8) + _, err := ch.decryptMessage(base64.StdEncoding.EncodeToString(shortData)) + if err == nil { + t.Error("expected error for short ciphertext, got nil") + } + }) +} + +func TestWeComAppPKCS7Unpad(t *testing.T) { + tests := []struct { + name string + input []byte + expected []byte + }{ + { + name: "empty input", + input: []byte{}, + expected: []byte{}, + }, + { + name: "valid padding 3 bytes", + input: append([]byte("hello"), bytes.Repeat([]byte{3}, 3)...), + expected: []byte("hello"), + }, + { + name: "valid padding 16 bytes (full block)", + input: append([]byte("123456789012345"), bytes.Repeat([]byte{16}, 16)...), + expected: []byte("123456789012345"), + }, + { + name: "invalid padding larger than data", + input: []byte{20}, + expected: nil, // should return error + }, + { + name: "invalid padding zero", + input: append([]byte("test"), byte(0)), + expected: nil, // should return error + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + result, err := pkcs7Unpad(tt.input) + if tt.expected == nil { + // This case should return an error + if err == nil { + t.Errorf("pkcs7Unpad() expected error for invalid padding, got result: %v", result) + } + return + } + if err != nil { + t.Errorf("pkcs7Unpad() unexpected error: %v", err) + return + } + if !bytes.Equal(result, tt.expected) { + t.Errorf("pkcs7Unpad() = %v, want %v", result, tt.expected) + } + }) + } +} + +func TestWeComAppHandleVerification(t *testing.T) { + msgBus := bus.NewMessageBus() + aesKey := generateTestAESKeyApp() + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + Token: "test_token", + EncodingAESKey: aesKey, + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + t.Run("valid verification request", func(t *testing.T) { + echostr := "test_echostr_123" + encryptedEchostr, _ := encryptTestMessageApp(echostr, aesKey) + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignatureApp("test_token", timestamp, nonce, encryptedEchostr) + + req := httptest.NewRequest(http.MethodGet, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, nil) + w := httptest.NewRecorder() + + ch.handleVerification(context.Background(), w, req) + + if w.Code != http.StatusOK { + t.Errorf("status code = %d, want %d", w.Code, http.StatusOK) + } + if w.Body.String() != echostr { + t.Errorf("response body = %q, want %q", w.Body.String(), echostr) + } + }) + + t.Run("missing parameters", func(t *testing.T) { + req := httptest.NewRequest(http.MethodGet, "/webhook/wecom-app?msg_signature=sig×tamp=ts", nil) + w := httptest.NewRecorder() + + ch.handleVerification(context.Background(), w, req) + + if w.Code != http.StatusBadRequest { + t.Errorf("status code = %d, want %d", w.Code, http.StatusBadRequest) + } + }) + + t.Run("invalid signature", func(t *testing.T) { + echostr := "test_echostr" + encryptedEchostr, _ := encryptTestMessageApp(echostr, aesKey) + timestamp := "1234567890" + nonce := "test_nonce" + + req := httptest.NewRequest(http.MethodGet, "/webhook/wecom-app?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, nil) + w := httptest.NewRecorder() + + ch.handleVerification(context.Background(), w, req) + + if w.Code != http.StatusForbidden { + t.Errorf("status code = %d, want %d", w.Code, http.StatusForbidden) + } + }) +} + +func TestWeComAppHandleMessageCallback(t *testing.T) { + msgBus := bus.NewMessageBus() + aesKey := generateTestAESKeyApp() + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + Token: "test_token", + EncodingAESKey: aesKey, + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + t.Run("valid message callback", func(t *testing.T) { + // Create XML message + xmlMsg := WeComXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "text", + Content: "Hello World", + MsgId: 123456, + AgentID: 1000002, + } + xmlData, _ := xml.Marshal(xmlMsg) + + // Encrypt message + encrypted, _ := encryptTestMessageApp(string(xmlData), aesKey) + + // Create encrypted XML wrapper + encryptedWrapper := struct { + XMLName xml.Name `xml:"xml"` + Encrypt string `xml:"Encrypt"` + }{ + Encrypt: encrypted, + } + wrapperData, _ := xml.Marshal(encryptedWrapper) + + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignatureApp("test_token", timestamp, nonce, encrypted) + + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + w := httptest.NewRecorder() + + ch.handleMessageCallback(context.Background(), w, req) + + if w.Code != http.StatusOK { + t.Errorf("status code = %d, want %d", w.Code, http.StatusOK) + } + if w.Body.String() != "success" { + t.Errorf("response body = %q, want %q", w.Body.String(), "success") + } + }) + + t.Run("missing parameters", func(t *testing.T) { + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom-app?msg_signature=sig", nil) + w := httptest.NewRecorder() + + ch.handleMessageCallback(context.Background(), w, req) + + if w.Code != http.StatusBadRequest { + t.Errorf("status code = %d, want %d", w.Code, http.StatusBadRequest) + } + }) + + t.Run("invalid XML", func(t *testing.T) { + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignatureApp("test_token", timestamp, nonce, "") + + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, strings.NewReader("invalid xml")) + w := httptest.NewRecorder() + + ch.handleMessageCallback(context.Background(), w, req) + + if w.Code != http.StatusBadRequest { + t.Errorf("status code = %d, want %d", w.Code, http.StatusBadRequest) + } + }) + + t.Run("invalid signature", func(t *testing.T) { + encryptedWrapper := struct { + XMLName xml.Name `xml:"xml"` + Encrypt string `xml:"Encrypt"` + }{ + Encrypt: "encrypted_data", + } + wrapperData, _ := xml.Marshal(encryptedWrapper) + + timestamp := "1234567890" + nonce := "test_nonce" + + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom-app?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + w := httptest.NewRecorder() + + ch.handleMessageCallback(context.Background(), w, req) + + if w.Code != http.StatusForbidden { + t.Errorf("status code = %d, want %d", w.Code, http.StatusForbidden) + } + }) +} + +func TestWeComAppProcessMessage(t *testing.T) { + msgBus := bus.NewMessageBus() + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + t.Run("process text message", func(t *testing.T) { + msg := WeComXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "text", + Content: "Hello World", + MsgId: 123456, + AgentID: 1000002, + } + + // Should not panic + ch.processMessage(context.Background(), msg) + }) + + t.Run("process image message", func(t *testing.T) { + msg := WeComXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "image", + PicUrl: "https://example.com/image.jpg", + MediaId: "media_123", + MsgId: 123456, + AgentID: 1000002, + } + + // Should not panic + ch.processMessage(context.Background(), msg) + }) + + t.Run("process voice message", func(t *testing.T) { + msg := WeComXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "voice", + MediaId: "media_123", + Format: "amr", + MsgId: 123456, + AgentID: 1000002, + } + + // Should not panic + ch.processMessage(context.Background(), msg) + }) + + t.Run("skip unsupported message type", func(t *testing.T) { + msg := WeComXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "video", + MsgId: 123456, + AgentID: 1000002, + } + + // Should not panic + ch.processMessage(context.Background(), msg) + }) + + t.Run("process event message", func(t *testing.T) { + msg := WeComXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "event", + Event: "subscribe", + MsgId: 123456, + AgentID: 1000002, + } + + // Should not panic + ch.processMessage(context.Background(), msg) + }) +} + +func TestWeComAppHandleWebhook(t *testing.T) { + msgBus := bus.NewMessageBus() + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + Token: "test_token", + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + t.Run("GET request calls verification", func(t *testing.T) { + echostr := "test_echostr" + encoded := base64.StdEncoding.EncodeToString([]byte(echostr)) + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignatureApp("test_token", timestamp, nonce, encoded) + + req := httptest.NewRequest(http.MethodGet, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encoded, nil) + w := httptest.NewRecorder() + + ch.handleWebhook(w, req) + + if w.Code != http.StatusOK { + t.Errorf("status code = %d, want %d", w.Code, http.StatusOK) + } + }) + + t.Run("POST request calls message callback", func(t *testing.T) { + encryptedWrapper := struct { + XMLName xml.Name `xml:"xml"` + Encrypt string `xml:"Encrypt"` + }{ + Encrypt: base64.StdEncoding.EncodeToString([]byte("test")), + } + wrapperData, _ := xml.Marshal(encryptedWrapper) + + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignatureApp("test_token", timestamp, nonce, encryptedWrapper.Encrypt) + + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + w := httptest.NewRecorder() + + ch.handleWebhook(w, req) + + // Should not be method not allowed + if w.Code == http.StatusMethodNotAllowed { + t.Error("POST request should not return Method Not Allowed") + } + }) + + t.Run("unsupported method", func(t *testing.T) { + req := httptest.NewRequest(http.MethodPut, "/webhook/wecom-app", nil) + w := httptest.NewRecorder() + + ch.handleWebhook(w, req) + + if w.Code != http.StatusMethodNotAllowed { + t.Errorf("status code = %d, want %d", w.Code, http.StatusMethodNotAllowed) + } + }) +} + +func TestWeComAppHandleHealth(t *testing.T) { + msgBus := bus.NewMessageBus() + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + req := httptest.NewRequest(http.MethodGet, "/health/wecom-app", nil) + w := httptest.NewRecorder() + + ch.handleHealth(w, req) + + if w.Code != http.StatusOK { + t.Errorf("status code = %d, want %d", w.Code, http.StatusOK) + } + + contentType := w.Header().Get("Content-Type") + if contentType != "application/json" { + t.Errorf("Content-Type = %q, want %q", contentType, "application/json") + } + + body := w.Body.String() + if !strings.Contains(body, "status") || !strings.Contains(body, "running") || !strings.Contains(body, "has_token") { + t.Errorf("response body should contain status, running, and has_token fields, got: %s", body) + } +} + +func TestWeComAppAccessToken(t *testing.T) { + msgBus := bus.NewMessageBus() + cfg := config.WeComAppConfig{ + CorpID: "test_corp_id", + CorpSecret: "test_secret", + AgentID: 1000002, + } + ch, _ := NewWeComAppChannel(cfg, msgBus) + + t.Run("get empty access token initially", func(t *testing.T) { + token := ch.getAccessToken() + if token != "" { + t.Errorf("getAccessToken() = %q, want empty string", token) + } + }) + + t.Run("set and get access token", func(t *testing.T) { + ch.tokenMu.Lock() + ch.accessToken = "test_token_123" + ch.tokenExpiry = time.Now().Add(1 * time.Hour) + ch.tokenMu.Unlock() + + token := ch.getAccessToken() + if token != "test_token_123" { + t.Errorf("getAccessToken() = %q, want %q", token, "test_token_123") + } + }) + + t.Run("expired token returns empty", func(t *testing.T) { + ch.tokenMu.Lock() + ch.accessToken = "expired_token" + ch.tokenExpiry = time.Now().Add(-1 * time.Hour) + ch.tokenMu.Unlock() + + token := ch.getAccessToken() + if token != "" { + t.Errorf("getAccessToken() = %q, want empty string for expired token", token) + } + }) +} + +func TestWeComAppMessageStructures(t *testing.T) { + t.Run("WeComTextMessage structure", func(t *testing.T) { + msg := WeComTextMessage{ + ToUser: "user123", + MsgType: "text", + AgentID: 1000002, + } + msg.Text.Content = "Hello World" + + if msg.ToUser != "user123" { + t.Errorf("ToUser = %q, want %q", msg.ToUser, "user123") + } + if msg.MsgType != "text" { + t.Errorf("MsgType = %q, want %q", msg.MsgType, "text") + } + if msg.AgentID != 1000002 { + t.Errorf("AgentID = %d, want %d", msg.AgentID, 1000002) + } + if msg.Text.Content != "Hello World" { + t.Errorf("Text.Content = %q, want %q", msg.Text.Content, "Hello World") + } + + // Test JSON marshaling + jsonData, err := json.Marshal(msg) + if err != nil { + t.Fatalf("failed to marshal JSON: %v", err) + } + + var unmarshaled WeComTextMessage + err = json.Unmarshal(jsonData, &unmarshaled) + if err != nil { + t.Fatalf("failed to unmarshal JSON: %v", err) + } + + if unmarshaled.ToUser != msg.ToUser { + t.Errorf("JSON round-trip failed for ToUser") + } + }) + + t.Run("WeComMarkdownMessage structure", func(t *testing.T) { + msg := WeComMarkdownMessage{ + ToUser: "user123", + MsgType: "markdown", + AgentID: 1000002, + } + msg.Markdown.Content = "# Hello\nWorld" + + if msg.Markdown.Content != "# Hello\nWorld" { + t.Errorf("Markdown.Content = %q, want %q", msg.Markdown.Content, "# Hello\nWorld") + } + + // Test JSON marshaling + jsonData, err := json.Marshal(msg) + if err != nil { + t.Fatalf("failed to marshal JSON: %v", err) + } + + if !bytes.Contains(jsonData, []byte("markdown")) { + t.Error("JSON should contain 'markdown' field") + } + }) + + t.Run("WeComImageMessage structure", func(t *testing.T) { + msg := WeComImageMessage{ + ToUser: "user123", + MsgType: "image", + AgentID: 1000002, + } + msg.Image.MediaID = "media_123456" + + if msg.Image.MediaID != "media_123456" { + t.Errorf("Image.MediaID = %q, want %q", msg.Image.MediaID, "media_123456") + } + }) + + t.Run("WeComAccessTokenResponse structure", func(t *testing.T) { + jsonData := `{ + "errcode": 0, + "errmsg": "ok", + "access_token": "test_access_token", + "expires_in": 7200 + }` + + var resp WeComAccessTokenResponse + err := json.Unmarshal([]byte(jsonData), &resp) + if err != nil { + t.Fatalf("failed to unmarshal JSON: %v", err) + } + + if resp.ErrCode != 0 { + t.Errorf("ErrCode = %d, want %d", resp.ErrCode, 0) + } + if resp.ErrMsg != "ok" { + t.Errorf("ErrMsg = %q, want %q", resp.ErrMsg, "ok") + } + if resp.AccessToken != "test_access_token" { + t.Errorf("AccessToken = %q, want %q", resp.AccessToken, "test_access_token") + } + if resp.ExpiresIn != 7200 { + t.Errorf("ExpiresIn = %d, want %d", resp.ExpiresIn, 7200) + } + }) + + t.Run("WeComSendMessageResponse structure", func(t *testing.T) { + jsonData := `{ + "errcode": 0, + "errmsg": "ok", + "invaliduser": "", + "invalidparty": "", + "invalidtag": "" + }` + + var resp WeComSendMessageResponse + err := json.Unmarshal([]byte(jsonData), &resp) + if err != nil { + t.Fatalf("failed to unmarshal JSON: %v", err) + } + + if resp.ErrCode != 0 { + t.Errorf("ErrCode = %d, want %d", resp.ErrCode, 0) + } + if resp.ErrMsg != "ok" { + t.Errorf("ErrMsg = %q, want %q", resp.ErrMsg, "ok") + } + }) +} + +func TestWeComAppXMLMessageStructure(t *testing.T) { + xmlData := ` + + + + 1234567890 + + + 1234567890123456 + 1000002 +` + + var msg WeComXMLMessage + err := xml.Unmarshal([]byte(xmlData), &msg) + if err != nil { + t.Fatalf("failed to unmarshal XML: %v", err) + } + + if msg.ToUserName != "corp_id" { + t.Errorf("ToUserName = %q, want %q", msg.ToUserName, "corp_id") + } + if msg.FromUserName != "user123" { + t.Errorf("FromUserName = %q, want %q", msg.FromUserName, "user123") + } + if msg.CreateTime != 1234567890 { + t.Errorf("CreateTime = %d, want %d", msg.CreateTime, 1234567890) + } + if msg.MsgType != "text" { + t.Errorf("MsgType = %q, want %q", msg.MsgType, "text") + } + if msg.Content != "Hello World" { + t.Errorf("Content = %q, want %q", msg.Content, "Hello World") + } + if msg.MsgId != 1234567890123456 { + t.Errorf("MsgId = %d, want %d", msg.MsgId, 1234567890123456) + } + if msg.AgentID != 1000002 { + t.Errorf("AgentID = %d, want %d", msg.AgentID, 1000002) + } +} + +func TestWeComAppXMLMessageImage(t *testing.T) { + xmlData := ` + + + + 1234567890 + + + + 1234567890123456 + 1000002 +` + + var msg WeComXMLMessage + err := xml.Unmarshal([]byte(xmlData), &msg) + if err != nil { + t.Fatalf("failed to unmarshal XML: %v", err) + } + + if msg.MsgType != "image" { + t.Errorf("MsgType = %q, want %q", msg.MsgType, "image") + } + if msg.PicUrl != "https://example.com/image.jpg" { + t.Errorf("PicUrl = %q, want %q", msg.PicUrl, "https://example.com/image.jpg") + } + if msg.MediaId != "media_123" { + t.Errorf("MediaId = %q, want %q", msg.MediaId, "media_123") + } +} + +func TestWeComAppXMLMessageVoice(t *testing.T) { + xmlData := ` + + + + 1234567890 + + + + 1234567890123456 + 1000002 +` + + var msg WeComXMLMessage + err := xml.Unmarshal([]byte(xmlData), &msg) + if err != nil { + t.Fatalf("failed to unmarshal XML: %v", err) + } + + if msg.MsgType != "voice" { + t.Errorf("MsgType = %q, want %q", msg.MsgType, "voice") + } + if msg.Format != "amr" { + t.Errorf("Format = %q, want %q", msg.Format, "amr") + } +} + +func TestWeComAppXMLMessageLocation(t *testing.T) { + xmlData := ` + + + + 1234567890 + + 39.9042 + 116.4074 + 16 + + 1234567890123456 + 1000002 +` + + var msg WeComXMLMessage + err := xml.Unmarshal([]byte(xmlData), &msg) + if err != nil { + t.Fatalf("failed to unmarshal XML: %v", err) + } + + if msg.MsgType != "location" { + t.Errorf("MsgType = %q, want %q", msg.MsgType, "location") + } + if msg.LocationX != 39.9042 { + t.Errorf("LocationX = %f, want %f", msg.LocationX, 39.9042) + } + if msg.LocationY != 116.4074 { + t.Errorf("LocationY = %f, want %f", msg.LocationY, 116.4074) + } + if msg.Scale != 16 { + t.Errorf("Scale = %d, want %d", msg.Scale, 16) + } + if msg.Label != "Beijing" { + t.Errorf("Label = %q, want %q", msg.Label, "Beijing") + } +} + +func TestWeComAppXMLMessageLink(t *testing.T) { + xmlData := ` + + + + 1234567890 + + <![CDATA[Link Title]]> + + + 1234567890123456 + 1000002 +` + + var msg WeComXMLMessage + err := xml.Unmarshal([]byte(xmlData), &msg) + if err != nil { + t.Fatalf("failed to unmarshal XML: %v", err) + } + + if msg.MsgType != "link" { + t.Errorf("MsgType = %q, want %q", msg.MsgType, "link") + } + if msg.Title != "Link Title" { + t.Errorf("Title = %q, want %q", msg.Title, "Link Title") + } + if msg.Description != "Link Description" { + t.Errorf("Description = %q, want %q", msg.Description, "Link Description") + } + if msg.Url != "https://example.com" { + t.Errorf("Url = %q, want %q", msg.Url, "https://example.com") + } +} + +func TestWeComAppXMLMessageEvent(t *testing.T) { + xmlData := ` + + + + 1234567890 + + + + 1000002 +` + + var msg WeComXMLMessage + err := xml.Unmarshal([]byte(xmlData), &msg) + if err != nil { + t.Fatalf("failed to unmarshal XML: %v", err) + } + + if msg.MsgType != "event" { + t.Errorf("MsgType = %q, want %q", msg.MsgType, "event") + } + if msg.Event != "subscribe" { + t.Errorf("Event = %q, want %q", msg.Event, "subscribe") + } + if msg.EventKey != "event_key_123" { + t.Errorf("EventKey = %q, want %q", msg.EventKey, "event_key_123") + } +} diff --git a/pkg/channels/wecom_test.go b/pkg/channels/wecom_test.go new file mode 100644 index 000000000..a2015a8d3 --- /dev/null +++ b/pkg/channels/wecom_test.go @@ -0,0 +1,689 @@ +// PicoClaw - Ultra-lightweight personal AI agent +// WeCom Bot (企äøšå¾®äæ”ę™ŗčƒ½ęœŗå™Øäŗŗ) channel tests + +package channels + +import ( + "bytes" + "context" + "crypto/aes" + "crypto/cipher" + "crypto/sha1" + "encoding/base64" + "encoding/binary" + "encoding/xml" + "fmt" + "net/http" + "net/http/httptest" + "sort" + "strings" + "testing" + + "github.com/sipeed/picoclaw/pkg/bus" + "github.com/sipeed/picoclaw/pkg/config" +) + +// generateTestAESKey generates a valid test AES key +func generateTestAESKey() string { + // AES key needs to be 32 bytes (256 bits) for AES-256 + key := make([]byte, 32) + for i := range key { + key[i] = byte(i) + } + // Return base64 encoded key without padding + return base64.StdEncoding.EncodeToString(key)[:43] +} + +// encryptTestMessage encrypts a message for testing +func encryptTestMessage(message, aesKey string) (string, error) { + // Decode AES key + key, err := base64.StdEncoding.DecodeString(aesKey + "=") + if err != nil { + return "", err + } + + // Prepare message: random(16) + msg_len(4) + msg + corp_id + random := make([]byte, 0, 16) + for i := 0; i < 16; i++ { + random = append(random, byte(i)) + } + + msgBytes := []byte(message) + corpID := []byte("test_corp_id") + + msgLen := uint32(len(msgBytes)) + lenBytes := make([]byte, 4) + binary.BigEndian.PutUint32(lenBytes, msgLen) + + plainText := append(random, lenBytes...) + plainText = append(plainText, msgBytes...) + plainText = append(plainText, corpID...) + + // PKCS7 padding + blockSize := aes.BlockSize + padding := blockSize - len(plainText)%blockSize + padText := bytes.Repeat([]byte{byte(padding)}, padding) + plainText = append(plainText, padText...) + + // Encrypt + block, err := aes.NewCipher(key) + if err != nil { + return "", err + } + + mode := cipher.NewCBCEncrypter(block, key[:aes.BlockSize]) + cipherText := make([]byte, len(plainText)) + mode.CryptBlocks(cipherText, plainText) + + return base64.StdEncoding.EncodeToString(cipherText), nil +} + +// generateSignature generates a signature for testing +func generateSignature(token, timestamp, nonce, msgEncrypt string) string { + params := []string{token, timestamp, nonce, msgEncrypt} + sort.Strings(params) + str := strings.Join(params, "") + hash := sha1.Sum([]byte(str)) + return fmt.Sprintf("%x", hash) +} + +func TestNewWeComBotChannel(t *testing.T) { + msgBus := bus.NewMessageBus() + + t.Run("missing token", func(t *testing.T) { + cfg := config.WeComConfig{ + Token: "", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + } + _, err := NewWeComBotChannel(cfg, msgBus) + if err == nil { + t.Error("expected error for missing token, got nil") + } + }) + + t.Run("missing webhook_url", func(t *testing.T) { + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "", + } + _, err := NewWeComBotChannel(cfg, msgBus) + if err == nil { + t.Error("expected error for missing webhook_url, got nil") + } + }) + + t.Run("valid config", func(t *testing.T) { + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + AllowFrom: []string{"user1", "user2"}, + } + ch, err := NewWeComBotChannel(cfg, msgBus) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if ch.Name() != "wecom" { + t.Errorf("Name() = %q, want %q", ch.Name(), "wecom") + } + if ch.IsRunning() { + t.Error("new channel should not be running") + } + }) +} + +func TestWeComBotChannelIsAllowed(t *testing.T) { + msgBus := bus.NewMessageBus() + + t.Run("empty allowlist allows all", func(t *testing.T) { + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + AllowFrom: []string{}, + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + if !ch.IsAllowed("any_user") { + t.Error("empty allowlist should allow all users") + } + }) + + t.Run("allowlist restricts users", func(t *testing.T) { + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + AllowFrom: []string{"allowed_user"}, + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + if !ch.IsAllowed("allowed_user") { + t.Error("allowed user should pass allowlist check") + } + if ch.IsAllowed("blocked_user") { + t.Error("non-allowed user should be blocked") + } + }) +} + +func TestWeComBotVerifySignature(t *testing.T) { + msgBus := bus.NewMessageBus() + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + t.Run("valid signature", func(t *testing.T) { + timestamp := "1234567890" + nonce := "test_nonce" + msgEncrypt := "test_message" + expectedSig := generateSignature("test_token", timestamp, nonce, msgEncrypt) + + if !ch.verifySignature(expectedSig, timestamp, nonce, msgEncrypt) { + t.Error("valid signature should pass verification") + } + }) + + t.Run("invalid signature", func(t *testing.T) { + timestamp := "1234567890" + nonce := "test_nonce" + msgEncrypt := "test_message" + + if ch.verifySignature("invalid_sig", timestamp, nonce, msgEncrypt) { + t.Error("invalid signature should fail verification") + } + }) + + t.Run("empty token skips verification", func(t *testing.T) { + // Create a channel manually with empty token to test the behavior + cfgEmpty := config.WeComConfig{ + Token: "", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + } + base := NewBaseChannel("wecom", cfgEmpty, msgBus, cfgEmpty.AllowFrom) + chEmpty := &WeComBotChannel{ + BaseChannel: base, + config: cfgEmpty, + } + + if !chEmpty.verifySignature("any_sig", "any_ts", "any_nonce", "any_msg") { + t.Error("empty token should skip verification and return true") + } + }) +} + +func TestWeComBotDecryptMessage(t *testing.T) { + msgBus := bus.NewMessageBus() + + t.Run("decrypt without AES key", func(t *testing.T) { + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + EncodingAESKey: "", + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + // Without AES key, message should be base64 decoded only + plainText := "hello world" + encoded := base64.StdEncoding.EncodeToString([]byte(plainText)) + + result, err := ch.decryptMessage(encoded) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if result != plainText { + t.Errorf("decryptMessage() = %q, want %q", result, plainText) + } + }) + + t.Run("decrypt with AES key", func(t *testing.T) { + aesKey := generateTestAESKey() + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + EncodingAESKey: aesKey, + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + originalMsg := "Hello" + encrypted, err := encryptTestMessage(originalMsg, aesKey) + if err != nil { + t.Fatalf("failed to encrypt test message: %v", err) + } + + result, err := ch.decryptMessage(encrypted) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if result != originalMsg { + t.Errorf("decryptMessage() = %q, want %q", result, originalMsg) + } + }) + + t.Run("invalid base64", func(t *testing.T) { + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + EncodingAESKey: "", + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + _, err := ch.decryptMessage("invalid_base64!!!") + if err == nil { + t.Error("expected error for invalid base64, got nil") + } + }) + + t.Run("invalid AES key", func(t *testing.T) { + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + EncodingAESKey: "invalid_key", + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + _, err := ch.decryptMessage(base64.StdEncoding.EncodeToString([]byte("test"))) + if err == nil { + t.Error("expected error for invalid AES key, got nil") + } + }) +} + +func TestWeComBotPKCS7Unpad(t *testing.T) { + tests := []struct { + name string + input []byte + expected []byte + }{ + { + name: "empty input", + input: []byte{}, + expected: []byte{}, + }, + { + name: "valid padding 3 bytes", + input: append([]byte("hello"), bytes.Repeat([]byte{3}, 3)...), + expected: []byte("hello"), + }, + { + name: "valid padding 16 bytes (full block)", + input: append([]byte("123456789012345"), bytes.Repeat([]byte{16}, 16)...), + expected: []byte("123456789012345"), + }, + { + name: "invalid padding larger than data", + input: []byte{20}, + expected: nil, // should return error + }, + { + name: "invalid padding zero", + input: append([]byte("test"), byte(0)), + expected: nil, // should return error + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + result, err := pkcs7UnpadWeCom(tt.input) + if tt.expected == nil { + // This case should return an error + if err == nil { + t.Errorf("pkcs7UnpadWeCom() expected error for invalid padding, got result: %v", result) + } + return + } + if err != nil { + t.Errorf("pkcs7UnpadWeCom() unexpected error: %v", err) + return + } + if !bytes.Equal(result, tt.expected) { + t.Errorf("pkcs7UnpadWeCom() = %v, want %v", result, tt.expected) + } + }) + } +} + +func TestWeComBotHandleVerification(t *testing.T) { + msgBus := bus.NewMessageBus() + aesKey := generateTestAESKey() + cfg := config.WeComConfig{ + Token: "test_token", + EncodingAESKey: aesKey, + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + t.Run("valid verification request", func(t *testing.T) { + echostr := "test_echostr_123" + encryptedEchostr, _ := encryptTestMessage(echostr, aesKey) + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignature("test_token", timestamp, nonce, encryptedEchostr) + + req := httptest.NewRequest(http.MethodGet, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, nil) + w := httptest.NewRecorder() + + ch.handleVerification(context.Background(), w, req) + + if w.Code != http.StatusOK { + t.Errorf("status code = %d, want %d", w.Code, http.StatusOK) + } + if w.Body.String() != echostr { + t.Errorf("response body = %q, want %q", w.Body.String(), echostr) + } + }) + + t.Run("missing parameters", func(t *testing.T) { + req := httptest.NewRequest(http.MethodGet, "/webhook/wecom?msg_signature=sig×tamp=ts", nil) + w := httptest.NewRecorder() + + ch.handleVerification(context.Background(), w, req) + + if w.Code != http.StatusBadRequest { + t.Errorf("status code = %d, want %d", w.Code, http.StatusBadRequest) + } + }) + + t.Run("invalid signature", func(t *testing.T) { + echostr := "test_echostr" + encryptedEchostr, _ := encryptTestMessage(echostr, aesKey) + timestamp := "1234567890" + nonce := "test_nonce" + + req := httptest.NewRequest(http.MethodGet, "/webhook/wecom?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, nil) + w := httptest.NewRecorder() + + ch.handleVerification(context.Background(), w, req) + + if w.Code != http.StatusForbidden { + t.Errorf("status code = %d, want %d", w.Code, http.StatusForbidden) + } + }) +} + +func TestWeComBotHandleMessageCallback(t *testing.T) { + msgBus := bus.NewMessageBus() + aesKey := generateTestAESKey() + cfg := config.WeComConfig{ + Token: "test_token", + EncodingAESKey: aesKey, + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + t.Run("valid message callback", func(t *testing.T) { + // Create XML message + xmlMsg := WeComBotXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "text", + Content: "Hello World", + MsgId: 123456, + } + xmlData, _ := xml.Marshal(xmlMsg) + + // Encrypt message + encrypted, _ := encryptTestMessage(string(xmlData), aesKey) + + // Create encrypted XML wrapper + encryptedWrapper := struct { + XMLName xml.Name `xml:"xml"` + Encrypt string `xml:"Encrypt"` + }{ + Encrypt: encrypted, + } + wrapperData, _ := xml.Marshal(encryptedWrapper) + + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignature("test_token", timestamp, nonce, encrypted) + + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + w := httptest.NewRecorder() + + ch.handleMessageCallback(context.Background(), w, req) + + if w.Code != http.StatusOK { + t.Errorf("status code = %d, want %d", w.Code, http.StatusOK) + } + if w.Body.String() != "success" { + t.Errorf("response body = %q, want %q", w.Body.String(), "success") + } + }) + + t.Run("missing parameters", func(t *testing.T) { + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature=sig", nil) + w := httptest.NewRecorder() + + ch.handleMessageCallback(context.Background(), w, req) + + if w.Code != http.StatusBadRequest { + t.Errorf("status code = %d, want %d", w.Code, http.StatusBadRequest) + } + }) + + t.Run("invalid XML", func(t *testing.T) { + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignature("test_token", timestamp, nonce, "") + + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, strings.NewReader("invalid xml")) + w := httptest.NewRecorder() + + ch.handleMessageCallback(context.Background(), w, req) + + if w.Code != http.StatusBadRequest { + t.Errorf("status code = %d, want %d", w.Code, http.StatusBadRequest) + } + }) + + t.Run("invalid signature", func(t *testing.T) { + encryptedWrapper := struct { + XMLName xml.Name `xml:"xml"` + Encrypt string `xml:"Encrypt"` + }{ + Encrypt: "encrypted_data", + } + wrapperData, _ := xml.Marshal(encryptedWrapper) + + timestamp := "1234567890" + nonce := "test_nonce" + + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + w := httptest.NewRecorder() + + ch.handleMessageCallback(context.Background(), w, req) + + if w.Code != http.StatusForbidden { + t.Errorf("status code = %d, want %d", w.Code, http.StatusForbidden) + } + }) +} + +func TestWeComBotProcessMessage(t *testing.T) { + msgBus := bus.NewMessageBus() + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + t.Run("process text message", func(t *testing.T) { + msg := WeComBotXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "text", + Content: "Hello World", + MsgId: 123456, + } + + // Should not panic + ch.processMessage(context.Background(), msg) + }) + + t.Run("process voice message with recognition", func(t *testing.T) { + msg := WeComBotXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "voice", + Recognition: "Voice message text", + MsgId: 123456, + } + + // Should not panic + ch.processMessage(context.Background(), msg) + }) + + t.Run("skip unsupported message type", func(t *testing.T) { + msg := WeComBotXMLMessage{ + ToUserName: "corp_id", + FromUserName: "user123", + CreateTime: 1234567890, + MsgType: "video", + MsgId: 123456, + } + + // Should not panic + ch.processMessage(context.Background(), msg) + }) +} + +func TestWeComBotHandleWebhook(t *testing.T) { + msgBus := bus.NewMessageBus() + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + t.Run("GET request calls verification", func(t *testing.T) { + echostr := "test_echostr" + encoded := base64.StdEncoding.EncodeToString([]byte(echostr)) + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignature("test_token", timestamp, nonce, encoded) + + req := httptest.NewRequest(http.MethodGet, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encoded, nil) + w := httptest.NewRecorder() + + ch.handleWebhook(w, req) + + if w.Code != http.StatusOK { + t.Errorf("status code = %d, want %d", w.Code, http.StatusOK) + } + }) + + t.Run("POST request calls message callback", func(t *testing.T) { + encryptedWrapper := struct { + XMLName xml.Name `xml:"xml"` + Encrypt string `xml:"Encrypt"` + }{ + Encrypt: base64.StdEncoding.EncodeToString([]byte("test")), + } + wrapperData, _ := xml.Marshal(encryptedWrapper) + + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignature("test_token", timestamp, nonce, encryptedWrapper.Encrypt) + + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + w := httptest.NewRecorder() + + ch.handleWebhook(w, req) + + // Should not be method not allowed + if w.Code == http.StatusMethodNotAllowed { + t.Error("POST request should not return Method Not Allowed") + } + }) + + t.Run("unsupported method", func(t *testing.T) { + req := httptest.NewRequest(http.MethodPut, "/webhook/wecom", nil) + w := httptest.NewRecorder() + + ch.handleWebhook(w, req) + + if w.Code != http.StatusMethodNotAllowed { + t.Errorf("status code = %d, want %d", w.Code, http.StatusMethodNotAllowed) + } + }) +} + +func TestWeComBotHandleHealth(t *testing.T) { + msgBus := bus.NewMessageBus() + cfg := config.WeComConfig{ + Token: "test_token", + WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + } + ch, _ := NewWeComBotChannel(cfg, msgBus) + + req := httptest.NewRequest(http.MethodGet, "/health/wecom", nil) + w := httptest.NewRecorder() + + ch.handleHealth(w, req) + + if w.Code != http.StatusOK { + t.Errorf("status code = %d, want %d", w.Code, http.StatusOK) + } + + contentType := w.Header().Get("Content-Type") + if contentType != "application/json" { + t.Errorf("Content-Type = %q, want %q", contentType, "application/json") + } + + body := w.Body.String() + if !strings.Contains(body, "status") || !strings.Contains(body, "running") { + t.Errorf("response body should contain status and running fields, got: %s", body) + } +} + +func TestWeComBotWebhookReplyMessage(t *testing.T) { + msg := WeComBotWebhookReply{ + MsgType: "text", + } + msg.Text.Content = "Hello World" + + if msg.MsgType != "text" { + t.Errorf("MsgType = %q, want %q", msg.MsgType, "text") + } + if msg.Text.Content != "Hello World" { + t.Errorf("Text.Content = %q, want %q", msg.Text.Content, "Hello World") + } +} + +func TestWeComBotXMLMessageStructure(t *testing.T) { + xmlData := ` + + + + 1234567890 + + + 1234567890123456 +` + + var msg WeComBotXMLMessage + err := xml.Unmarshal([]byte(xmlData), &msg) + if err != nil { + t.Fatalf("failed to unmarshal XML: %v", err) + } + + if msg.ToUserName != "corp_id" { + t.Errorf("ToUserName = %q, want %q", msg.ToUserName, "corp_id") + } + if msg.FromUserName != "user123" { + t.Errorf("FromUserName = %q, want %q", msg.FromUserName, "user123") + } + if msg.CreateTime != 1234567890 { + t.Errorf("CreateTime = %d, want %d", msg.CreateTime, 1234567890) + } + if msg.MsgType != "text" { + t.Errorf("MsgType = %q, want %q", msg.MsgType, "text") + } + if msg.Content != "Hello World" { + t.Errorf("Content = %q, want %q", msg.Content, "Hello World") + } + if msg.MsgId != 1234567890123456 { + t.Errorf("MsgId = %d, want %d", msg.MsgId, 1234567890123456) + } +} diff --git a/pkg/config/config.go b/pkg/config/config.go index 0d41796a4..95753bf15 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -190,6 +190,8 @@ type ChannelsConfig struct { Slack SlackConfig `json:"slack"` LINE LINEConfig `json:"line"` OneBot OneBotConfig `json:"onebot"` + WeCom WeComConfig `json:"wecom"` + WeComApp WeComAppConfig `json:"wecom_app"` } type WhatsAppConfig struct { @@ -267,6 +269,32 @@ type OneBotConfig struct { AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_ONEBOT_ALLOW_FROM"` } +type WeComConfig struct { + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WECOM_ENABLED"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_WECOM_TOKEN"` + EncodingAESKey string `json:"encoding_aes_key" env:"PICOCLAW_CHANNELS_WECOM_ENCODING_AES_KEY"` + WebhookURL string `json:"webhook_url" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_URL"` + WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_HOST"` + WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_PORT"` + WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_PATH"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_WECOM_ALLOW_FROM"` + ReplyTimeout int `json:"reply_timeout" env:"PICOCLAW_CHANNELS_WECOM_REPLY_TIMEOUT"` +} + +type WeComAppConfig struct { + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WECOM_APP_ENABLED"` + CorpID string `json:"corp_id" env:"PICOCLAW_CHANNELS_WECOM_APP_CORP_ID"` + CorpSecret string `json:"corp_secret" env:"PICOCLAW_CHANNELS_WECOM_APP_CORP_SECRET"` + AgentID int64 `json:"agent_id" env:"PICOCLAW_CHANNELS_WECOM_APP_AGENT_ID"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_WECOM_APP_TOKEN"` + EncodingAESKey string `json:"encoding_aes_key" env:"PICOCLAW_CHANNELS_WECOM_APP_ENCODING_AES_KEY"` + WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_WECOM_APP_WEBHOOK_HOST"` + WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_WECOM_APP_WEBHOOK_PORT"` + WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_WECOM_APP_WEBHOOK_PATH"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_WECOM_APP_ALLOW_FROM"` + ReplyTimeout int `json:"reply_timeout" env:"PICOCLAW_CHANNELS_WECOM_APP_REPLY_TIMEOUT"` +} + type HeartbeatConfig struct { Enabled bool `json:"enabled" env:"PICOCLAW_HEARTBEAT_ENABLED"` Interval int `json:"interval" env:"PICOCLAW_HEARTBEAT_INTERVAL"` // minutes, min 5 diff --git a/pkg/config/defaults.go b/pkg/config/defaults.go index 70ba67adf..ee46034a5 100644 --- a/pkg/config/defaults.go +++ b/pkg/config/defaults.go @@ -88,6 +88,30 @@ func DefaultConfig() *Config { GroupTriggerPrefix: []string{}, AllowFrom: FlexibleStringSlice{}, }, + WeCom: WeComConfig{ + Enabled: false, + Token: "", + EncodingAESKey: "", + WebhookURL: "", + WebhookHost: "0.0.0.0", + WebhookPort: 18793, + WebhookPath: "/webhook/wecom", + AllowFrom: FlexibleStringSlice{}, + ReplyTimeout: 5, + }, + WeComApp: WeComAppConfig{ + Enabled: false, + CorpID: "", + CorpSecret: "", + AgentID: 0, + Token: "", + EncodingAESKey: "", + WebhookHost: "0.0.0.0", + WebhookPort: 18792, + WebhookPath: "/webhook/wecom-app", + AllowFrom: FlexibleStringSlice{}, + ReplyTimeout: 5, + }, }, Providers: ProvidersConfig{ OpenAI: OpenAIProviderConfig{WebSearch: true}, From 14ccfb39d94cd2ede66af4d2b21b1765116153fc Mon Sep 17 00:00:00 2001 From: swordkee Date: Fri, 20 Feb 2026 18:28:10 +0800 Subject: [PATCH 07/88] feat: add wecom and wecomApp test --- pkg/channels/wecom.go | 265 +++++++++++++-------------------- pkg/channels/wecom_app.go | 115 +------------- pkg/channels/wecom_app_test.go | 20 +-- pkg/channels/wecom_common.go | 117 +++++++++++++++ pkg/channels/wecom_test.go | 210 +++++++++++++++++--------- 5 files changed, 371 insertions(+), 356 deletions(-) create mode 100644 pkg/channels/wecom_common.go diff --git a/pkg/channels/wecom.go b/pkg/channels/wecom.go index 5d4e14697..33afef17a 100644 --- a/pkg/channels/wecom.go +++ b/pkg/channels/wecom.go @@ -7,17 +7,11 @@ package channels import ( "bytes" "context" - "crypto/aes" - "crypto/cipher" - "crypto/sha1" - "encoding/base64" - "encoding/binary" "encoding/json" "encoding/xml" "fmt" "io" "net/http" - "sort" "strings" "sync" "time" @@ -40,40 +34,54 @@ type WeComBotChannel struct { msgMu sync.RWMutex } -// WeComBotXMLMessage represents the XML message structure from WeCom Bot -type WeComBotXMLMessage struct { - XMLName xml.Name `xml:"xml"` - ToUserName string `xml:"ToUserName"` - FromUserName string `xml:"FromUserName"` - CreateTime int64 `xml:"CreateTime"` - MsgType string `xml:"MsgType"` - Content string `xml:"Content"` - MsgId int64 `xml:"MsgId"` - PicUrl string `xml:"PicUrl"` - MediaId string `xml:"MediaId"` - Format string `xml:"Format"` - Recognition string `xml:"Recognition"` // Voice recognition result +// WeComBotMessage represents the JSON message structure from WeCom Bot (AIBOT) +type WeComBotMessage struct { + MsgID string `json:"msgid"` + AIBotID string `json:"aibotid"` + ChatID string `json:"chatid"` // Session ID, only present for group chats + ChatType string `json:"chattype"` // "single" for DM, "group" for group chat + From struct { + UserID string `json:"userid"` + } `json:"from"` + ResponseURL string `json:"response_url"` + MsgType string `json:"msgtype"` // text, image, voice, file, mixed + Text struct { + Content string `json:"content"` + } `json:"text"` + Image struct { + URL string `json:"url"` + } `json:"image"` + Voice struct { + Content string `json:"content"` // Voice to text content + } `json:"voice"` + File struct { + URL string `json:"url"` + } `json:"file"` + Mixed struct { + MsgItem []struct { + MsgType string `json:"msgtype"` + Text struct { + Content string `json:"content"` + } `json:"text"` + Image struct { + URL string `json:"url"` + } `json:"image"` + } `json:"msg_item"` + } `json:"mixed"` + Quote struct { + MsgType string `json:"msgtype"` + Text struct { + Content string `json:"content"` + } `json:"text"` + } `json:"quote"` } // WeComBotReplyMessage represents the reply message structure type WeComBotReplyMessage struct { - XMLName xml.Name `xml:"xml"` - ToUserName string `xml:"ToUserName"` - FromUserName string `xml:"FromUserName"` - CreateTime int64 `xml:"CreateTime"` - MsgType string `xml:"MsgType"` - Content string `xml:"Content"` -} - -// WeComBotWebhookReply represents the webhook API reply -type WeComBotWebhookReply struct { MsgType string `json:"msgtype"` Text struct { Content string `json:"content"` } `json:"text,omitempty"` - Markdown struct { - Content string `json:"content"` - } `json:"markdown,omitempty"` } // NewWeComBotChannel creates a new WeCom Bot channel instance @@ -205,14 +213,14 @@ func (c *WeComBotChannel) handleVerification(ctx context.Context, w http.Respons } // Verify signature - if !c.verifySignature(msgSignature, timestamp, nonce, echostr) { + if !WeComVerifySignature(c.config.Token, msgSignature, timestamp, nonce, echostr) { logger.WarnC("wecom", "Signature verification failed") http.Error(w, "Invalid signature", http.StatusForbidden) return } // Decrypt echostr - decryptedEchoStr, err := c.decryptMessage(echostr) + decryptedEchoStr, err := WeComDecryptMessage(echostr, c.config.EncodingAESKey) if err != nil { logger.ErrorCF("wecom", "Failed to decrypt echostr", map[string]interface{}{ "error": err.Error(), @@ -265,14 +273,14 @@ func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.Resp } // Verify signature - if !c.verifySignature(msgSignature, timestamp, nonce, encryptedMsg.Encrypt) { + if !WeComVerifySignature(c.config.Token, msgSignature, timestamp, nonce, encryptedMsg.Encrypt) { logger.WarnC("wecom", "Message signature verification failed") http.Error(w, "Invalid signature", http.StatusForbidden) return } // Decrypt message - decryptedMsg, err := c.decryptMessage(encryptedMsg.Encrypt) + decryptedMsg, err := WeComDecryptMessage(encryptedMsg.Encrypt, c.config.EncodingAESKey) if err != nil { logger.ErrorCF("wecom", "Failed to decrypt message", map[string]interface{}{ "error": err.Error(), @@ -281,9 +289,9 @@ func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.Resp return } - // Parse decrypted XML message - var msg WeComBotXMLMessage - if err := xml.Unmarshal([]byte(decryptedMsg), &msg); err != nil { + // Parse decrypted JSON message (AIBOT uses JSON format) + var msg WeComBotMessage + if err := json.Unmarshal([]byte(decryptedMsg), &msg); err != nil { logger.ErrorCF("wecom", "Failed to parse decrypted message", map[string]interface{}{ "error": err.Error(), }) @@ -300,9 +308,9 @@ func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.Resp } // processMessage processes the received message -func (c *WeComBotChannel) processMessage(ctx context.Context, msg WeComBotXMLMessage) { - // Skip non-text messages for now (can be extended) - if msg.MsgType != "text" && msg.MsgType != "image" && msg.MsgType != "voice" { +func (c *WeComBotChannel) processMessage(ctx context.Context, msg WeComBotMessage) { + // Skip unsupported message types + if msg.MsgType != "text" && msg.MsgType != "image" && msg.MsgType != "voice" && msg.MsgType != "file" && msg.MsgType != "mixed" { logger.DebugCF("wecom", "Skipping non-supported message type", map[string]interface{}{ "msg_type": msg.MsgType, }) @@ -310,8 +318,7 @@ func (c *WeComBotChannel) processMessage(ctx context.Context, msg WeComBotXMLMes } // Message deduplication: Use msg_id to prevent duplicate processing - // As per WeCom documentation, use msg_id for deduplication - msgID := fmt.Sprintf("%d", msg.MsgId) + msgID := msg.MsgID c.msgMu.Lock() if c.processedMsgs[msgID] { c.msgMu.Unlock() @@ -330,141 +337,73 @@ func (c *WeComBotChannel) processMessage(ctx context.Context, msg WeComBotXMLMes c.msgMu.Unlock() } - senderID := msg.FromUserName - chatID := senderID // WeCom Bot uses user ID as chat ID + senderID := msg.From.UserID - // Use voice recognition result if available - content := msg.Content - if msg.MsgType == "voice" && msg.Recognition != "" { - content = msg.Recognition + // Determine if this is a group chat or direct message + // ChatType: "single" for DM, "group" for group chat + isGroupChat := msg.ChatType == "group" + + var chatID, peerKind, peerID string + if isGroupChat { + // Group chat: use ChatID as chatID and peer_id + chatID = msg.ChatID + peerKind = "group" + peerID = msg.ChatID + } else { + // Direct message: use senderID as chatID and peer_id + chatID = senderID + peerKind = "direct" + peerID = senderID + } + + // Extract content based on message type + var content string + switch msg.MsgType { + case "text": + content = msg.Text.Content + case "voice": + content = msg.Voice.Content // Voice to text content + case "mixed": + // For mixed messages, concatenate text items + for _, item := range msg.Mixed.MsgItem { + if item.MsgType == "text" { + content += item.Text.Content + } + } + case "image", "file": + // For image and file, we don't have text content + content = "" } // Build metadata - // WeCom Bot only supports direct messages (private chat) metadata := map[string]string{ - "msg_type": msg.MsgType, - "msg_id": fmt.Sprintf("%d", msg.MsgId), - "platform": "wecom", - "media_id": msg.MediaId, - "create_time": fmt.Sprintf("%d", msg.CreateTime), - "peer_kind": "direct", - "peer_id": senderID, + "msg_type": msg.MsgType, + "msg_id": msg.MsgID, + "platform": "wecom", + "peer_kind": peerKind, + "peer_id": peerID, + "response_url": msg.ResponseURL, + } + if isGroupChat { + metadata["chat_id"] = msg.ChatID + metadata["sender_id"] = senderID } logger.DebugCF("wecom", "Received message", map[string]interface{}{ - "sender_id": senderID, - "msg_type": msg.MsgType, - "preview": utils.Truncate(content, 50), + "sender_id": senderID, + "msg_type": msg.MsgType, + "peer_kind": peerKind, + "is_group_chat": isGroupChat, + "preview": utils.Truncate(content, 50), }) // Handle the message through the base channel c.HandleMessage(senderID, chatID, content, nil, metadata) } -// verifySignature verifies the message signature -func (c *WeComBotChannel) verifySignature(msgSignature, timestamp, nonce, msgEncrypt string) bool { - if c.config.Token == "" { - return true // Skip verification if token is not set - } - - // Sort parameters - params := []string{c.config.Token, timestamp, nonce, msgEncrypt} - sort.Strings(params) - - // Concatenate - str := strings.Join(params, "") - - // SHA1 hash - hash := sha1.Sum([]byte(str)) - expectedSignature := fmt.Sprintf("%x", hash) - - return expectedSignature == msgSignature -} - -// decryptMessage decrypts the encrypted message using AES -func (c *WeComBotChannel) decryptMessage(encryptedMsg string) (string, error) { - if c.config.EncodingAESKey == "" { - // No encryption, return as is (base64 decode) - decoded, err := base64.StdEncoding.DecodeString(encryptedMsg) - if err != nil { - return "", err - } - return string(decoded), nil - } - - // Decode AES key (base64) - aesKey, err := base64.StdEncoding.DecodeString(c.config.EncodingAESKey + "=") - if err != nil { - return "", fmt.Errorf("failed to decode AES key: %w", err) - } - - // Decode encrypted message - cipherText, err := base64.StdEncoding.DecodeString(encryptedMsg) - if err != nil { - return "", fmt.Errorf("failed to decode message: %w", err) - } - - // AES decrypt - block, err := aes.NewCipher(aesKey) - if err != nil { - return "", fmt.Errorf("failed to create cipher: %w", err) - } - - if len(cipherText) < aes.BlockSize { - return "", fmt.Errorf("ciphertext too short") - } - - mode := cipher.NewCBCDecrypter(block, aesKey[:aes.BlockSize]) - plainText := make([]byte, len(cipherText)) - mode.CryptBlocks(plainText, cipherText) - - // Remove PKCS7 padding - plainText, err = pkcs7UnpadWeCom(plainText) - if err != nil { - return "", fmt.Errorf("failed to unpad: %w", err) - } - - // Parse message structure - // Format: random(16) + msg_len(4) + msg + corp_id - if len(plainText) < 20 { - return "", fmt.Errorf("decrypted message too short") - } - - msgLen := binary.BigEndian.Uint32(plainText[16:20]) - if int(msgLen) > len(plainText)-20 { - return "", fmt.Errorf("invalid message length") - } - - msg := plainText[20 : 20+msgLen] - // corpID := plainText[20+msgLen:] // Could be used for verification - - return string(msg), nil -} - -// pkcs7UnpadWeCom removes PKCS7 padding with validation -func pkcs7UnpadWeCom(data []byte) ([]byte, error) { - if len(data) == 0 { - return data, nil - } - padding := int(data[len(data)-1]) - if padding == 0 || padding > aes.BlockSize { - return nil, fmt.Errorf("invalid padding size: %d", padding) - } - if padding > len(data) { - return nil, fmt.Errorf("padding size larger than data") - } - // Verify all padding bytes - for i := 0; i < padding; i++ { - if data[len(data)-1-i] != byte(padding) { - return nil, fmt.Errorf("invalid padding byte at position %d", i) - } - } - return data[:len(data)-padding], nil -} - // sendWebhookReply sends a reply using the webhook URL func (c *WeComBotChannel) sendWebhookReply(ctx context.Context, userID, content string) error { - reply := WeComBotWebhookReply{ + reply := WeComBotReplyMessage{ MsgType: "text", } reply.Text.Content = content diff --git a/pkg/channels/wecom_app.go b/pkg/channels/wecom_app.go index c1d0ebaad..783d381f2 100644 --- a/pkg/channels/wecom_app.go +++ b/pkg/channels/wecom_app.go @@ -7,18 +7,12 @@ package channels import ( "bytes" "context" - "crypto/aes" - "crypto/cipher" - "crypto/sha1" - "encoding/base64" - "encoding/binary" "encoding/json" "encoding/xml" "fmt" "io" "net/http" "net/url" - "sort" "strings" "sync" "time" @@ -265,14 +259,14 @@ func (c *WeComAppChannel) handleVerification(ctx context.Context, w http.Respons } // Verify signature - if !c.verifySignature(msgSignature, timestamp, nonce, echostr) { + if !WeComVerifySignature(c.config.Token, msgSignature, timestamp, nonce, echostr) { logger.WarnC("wecom_app", "Signature verification failed") http.Error(w, "Invalid signature", http.StatusForbidden) return } // Decrypt echostr - decryptedEchoStr, err := c.decryptMessage(echostr) + decryptedEchoStr, err := WeComDecryptMessage(echostr, c.config.EncodingAESKey) if err != nil { logger.ErrorCF("wecom_app", "Failed to decrypt echostr", map[string]interface{}{ "error": err.Error(), @@ -325,14 +319,14 @@ func (c *WeComAppChannel) handleMessageCallback(ctx context.Context, w http.Resp } // Verify signature - if !c.verifySignature(msgSignature, timestamp, nonce, encryptedMsg.Encrypt) { + if !WeComVerifySignature(c.config.Token, msgSignature, timestamp, nonce, encryptedMsg.Encrypt) { logger.WarnC("wecom_app", "Message signature verification failed") http.Error(w, "Invalid signature", http.StatusForbidden) return } // Decrypt message - decryptedMsg, err := c.decryptMessage(encryptedMsg.Encrypt) + decryptedMsg, err := WeComDecryptMessage(encryptedMsg.Encrypt, c.config.EncodingAESKey) if err != nil { logger.ErrorCF("wecom_app", "Failed to decrypt message", map[string]interface{}{ "error": err.Error(), @@ -418,107 +412,6 @@ func (c *WeComAppChannel) processMessage(ctx context.Context, msg WeComXMLMessag c.HandleMessage(senderID, chatID, content, nil, metadata) } -// verifySignature verifies the message signature -func (c *WeComAppChannel) verifySignature(msgSignature, timestamp, nonce, msgEncrypt string) bool { - if c.config.Token == "" { - return true // Skip verification if token is not set - } - - // Sort parameters - params := []string{c.config.Token, timestamp, nonce, msgEncrypt} - sort.Strings(params) - - // Concatenate - str := strings.Join(params, "") - - // SHA1 hash - hash := sha1.Sum([]byte(str)) - expectedSignature := fmt.Sprintf("%x", hash) - - return expectedSignature == msgSignature -} - -// decryptMessage decrypts the encrypted message using AES -func (c *WeComAppChannel) decryptMessage(encryptedMsg string) (string, error) { - if c.config.EncodingAESKey == "" { - // No encryption, return as is (base64 decode) - decoded, err := base64.StdEncoding.DecodeString(encryptedMsg) - if err != nil { - return "", err - } - return string(decoded), nil - } - - // Decode AES key (base64) - aesKey, err := base64.StdEncoding.DecodeString(c.config.EncodingAESKey + "=") - if err != nil { - return "", fmt.Errorf("failed to decode AES key: %w", err) - } - - // Decode encrypted message - cipherText, err := base64.StdEncoding.DecodeString(encryptedMsg) - if err != nil { - return "", fmt.Errorf("failed to decode message: %w", err) - } - - // AES decrypt - block, err := aes.NewCipher(aesKey) - if err != nil { - return "", fmt.Errorf("failed to create cipher: %w", err) - } - - if len(cipherText) < aes.BlockSize { - return "", fmt.Errorf("ciphertext too short") - } - - mode := cipher.NewCBCDecrypter(block, aesKey[:aes.BlockSize]) - plainText := make([]byte, len(cipherText)) - mode.CryptBlocks(plainText, cipherText) - - // Remove PKCS7 padding - plainText, err = pkcs7Unpad(plainText) - if err != nil { - return "", fmt.Errorf("failed to unpad: %w", err) - } - - // Parse message structure - // Format: random(16) + msg_len(4) + msg + corp_id - if len(plainText) < 20 { - return "", fmt.Errorf("decrypted message too short") - } - - msgLen := binary.BigEndian.Uint32(plainText[16:20]) - if int(msgLen) > len(plainText)-20 { - return "", fmt.Errorf("invalid message length") - } - - msg := plainText[20 : 20+msgLen] - // corpID := plainText[20+msgLen:] // Can be used for verification - - return string(msg), nil -} - -// pkcs7Unpad removes PKCS7 padding with validation -func pkcs7Unpad(data []byte) ([]byte, error) { - if len(data) == 0 { - return data, nil - } - padding := int(data[len(data)-1]) - if padding == 0 || padding > aes.BlockSize { - return nil, fmt.Errorf("invalid padding size: %d", padding) - } - if padding > len(data) { - return nil, fmt.Errorf("padding size larger than data") - } - // Verify all padding bytes - for i := 0; i < padding; i++ { - if data[len(data)-1-i] != byte(padding) { - return nil, fmt.Errorf("invalid padding byte at position %d", i) - } - } - return data[:len(data)-padding], nil -} - // tokenRefreshLoop periodically refreshes the access token func (c *WeComAppChannel) tokenRefreshLoop() { ticker := time.NewTicker(5 * time.Minute) diff --git a/pkg/channels/wecom_app_test.go b/pkg/channels/wecom_app_test.go index 4283c07e6..bc40806bb 100644 --- a/pkg/channels/wecom_app_test.go +++ b/pkg/channels/wecom_app_test.go @@ -197,7 +197,7 @@ func TestWeComAppVerifySignature(t *testing.T) { msgEncrypt := "test_message" expectedSig := generateSignatureApp("test_token", timestamp, nonce, msgEncrypt) - if !ch.verifySignature(expectedSig, timestamp, nonce, msgEncrypt) { + if !WeComVerifySignature(ch.config.Token, expectedSig, timestamp, nonce, msgEncrypt) { t.Error("valid signature should pass verification") } }) @@ -207,7 +207,7 @@ func TestWeComAppVerifySignature(t *testing.T) { nonce := "test_nonce" msgEncrypt := "test_message" - if ch.verifySignature("invalid_sig", timestamp, nonce, msgEncrypt) { + if WeComVerifySignature(ch.config.Token, "invalid_sig", timestamp, nonce, msgEncrypt) { t.Error("invalid signature should fail verification") } }) @@ -221,7 +221,7 @@ func TestWeComAppVerifySignature(t *testing.T) { } chEmpty, _ := NewWeComAppChannel(cfgEmpty, msgBus) - if !chEmpty.verifySignature("any_sig", "any_ts", "any_nonce", "any_msg") { + if !WeComVerifySignature(chEmpty.config.Token, "any_sig", "any_ts", "any_nonce", "any_msg") { t.Error("empty token should skip verification and return true") } }) @@ -243,7 +243,7 @@ func TestWeComAppDecryptMessage(t *testing.T) { plainText := "hello world" encoded := base64.StdEncoding.EncodeToString([]byte(plainText)) - result, err := ch.decryptMessage(encoded) + result, err := WeComDecryptMessage(encoded, ch.config.EncodingAESKey) if err != nil { t.Fatalf("unexpected error: %v", err) } @@ -268,12 +268,12 @@ func TestWeComAppDecryptMessage(t *testing.T) { t.Fatalf("failed to encrypt test message: %v", err) } - result, err := ch.decryptMessage(encrypted) + result, err := WeComDecryptMessage(encrypted, ch.config.EncodingAESKey) if err != nil { t.Fatalf("unexpected error: %v", err) } if result != originalMsg { - t.Errorf("decryptMessage() = %q, want %q", result, originalMsg) + t.Errorf("WeComDecryptMessage() = %q, want %q", result, originalMsg) } }) @@ -286,7 +286,7 @@ func TestWeComAppDecryptMessage(t *testing.T) { } ch, _ := NewWeComAppChannel(cfg, msgBus) - _, err := ch.decryptMessage("invalid_base64!!!") + _, err := WeComDecryptMessage("invalid_base64!!!", ch.config.EncodingAESKey) if err == nil { t.Error("expected error for invalid base64, got nil") } @@ -301,7 +301,7 @@ func TestWeComAppDecryptMessage(t *testing.T) { } ch, _ := NewWeComAppChannel(cfg, msgBus) - _, err := ch.decryptMessage(base64.StdEncoding.EncodeToString([]byte("test"))) + _, err := WeComDecryptMessage(base64.StdEncoding.EncodeToString([]byte("test")), ch.config.EncodingAESKey) if err == nil { t.Error("expected error for invalid AES key, got nil") } @@ -319,7 +319,7 @@ func TestWeComAppDecryptMessage(t *testing.T) { // Encrypt a very short message that results in ciphertext less than block size shortData := make([]byte, 8) - _, err := ch.decryptMessage(base64.StdEncoding.EncodeToString(shortData)) + _, err := WeComDecryptMessage(base64.StdEncoding.EncodeToString(shortData), ch.config.EncodingAESKey) if err == nil { t.Error("expected error for short ciphertext, got nil") } @@ -361,7 +361,7 @@ func TestWeComAppPKCS7Unpad(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - result, err := pkcs7Unpad(tt.input) + result, err := pkcs7UnpadWeCom(tt.input) if tt.expected == nil { // This case should return an error if err == nil { diff --git a/pkg/channels/wecom_common.go b/pkg/channels/wecom_common.go new file mode 100644 index 000000000..16a25fad6 --- /dev/null +++ b/pkg/channels/wecom_common.go @@ -0,0 +1,117 @@ +// PicoClaw - Ultra-lightweight personal AI agent +// WeCom common utilities for both WeCom Bot and WeCom App + +package channels + +import ( + "crypto/aes" + "crypto/cipher" + "crypto/sha1" + "encoding/base64" + "encoding/binary" + "fmt" + "sort" + "strings" +) + +// WeComVerifySignature verifies the message signature for WeCom +// This is a common function used by both WeCom Bot and WeCom App +func WeComVerifySignature(token, msgSignature, timestamp, nonce, msgEncrypt string) bool { + if token == "" { + return true // Skip verification if token is not set + } + + // Sort parameters + params := []string{token, timestamp, nonce, msgEncrypt} + sort.Strings(params) + + // Concatenate + str := strings.Join(params, "") + + // SHA1 hash + hash := sha1.Sum([]byte(str)) + expectedSignature := fmt.Sprintf("%x", hash) + + return expectedSignature == msgSignature +} + +// WeComDecryptMessage decrypts the encrypted message using AES +// This is a common function used by both WeCom Bot and WeCom App +func WeComDecryptMessage(encryptedMsg, encodingAESKey string) (string, error) { + if encodingAESKey == "" { + // No encryption, return as is (base64 decode) + decoded, err := base64.StdEncoding.DecodeString(encryptedMsg) + if err != nil { + return "", err + } + return string(decoded), nil + } + + // Decode AES key (base64) + aesKey, err := base64.StdEncoding.DecodeString(encodingAESKey + "=") + if err != nil { + return "", fmt.Errorf("failed to decode AES key: %w", err) + } + + // Decode encrypted message + cipherText, err := base64.StdEncoding.DecodeString(encryptedMsg) + if err != nil { + return "", fmt.Errorf("failed to decode message: %w", err) + } + + // AES decrypt + block, err := aes.NewCipher(aesKey) + if err != nil { + return "", fmt.Errorf("failed to create cipher: %w", err) + } + + if len(cipherText) < aes.BlockSize { + return "", fmt.Errorf("ciphertext too short") + } + + mode := cipher.NewCBCDecrypter(block, aesKey[:aes.BlockSize]) + plainText := make([]byte, len(cipherText)) + mode.CryptBlocks(plainText, cipherText) + + // Remove PKCS7 padding + plainText, err = pkcs7UnpadWeCom(plainText) + if err != nil { + return "", fmt.Errorf("failed to unpad: %w", err) + } + + // Parse message structure + // Format: random(16) + msg_len(4) + msg + corp_id + if len(plainText) < 20 { + return "", fmt.Errorf("decrypted message too short") + } + + msgLen := binary.BigEndian.Uint32(plainText[16:20]) + if int(msgLen) > len(plainText)-20 { + return "", fmt.Errorf("invalid message length") + } + + msg := plainText[20 : 20+msgLen] + + return string(msg), nil +} + +// pkcs7UnpadWeCom removes PKCS7 padding with validation +func pkcs7UnpadWeCom(data []byte) ([]byte, error) { + if len(data) == 0 { + return data, nil + } + padding := int(data[len(data)-1]) + if padding == 0 || padding > aes.BlockSize { + return nil, fmt.Errorf("invalid padding size: %d", padding) + } + if padding > len(data) { + return nil, fmt.Errorf("padding size larger than data") + } + // Verify all padding bytes + for i := 0; i < padding; i++ { + if data[len(data)-1-i] != byte(padding) { + return nil, fmt.Errorf("invalid padding byte at position %d", i) + } + } + return data[:len(data)-padding], nil +} diff --git a/pkg/channels/wecom_test.go b/pkg/channels/wecom_test.go index a2015a8d3..c3f889c64 100644 --- a/pkg/channels/wecom_test.go +++ b/pkg/channels/wecom_test.go @@ -11,6 +11,7 @@ import ( "crypto/sha1" "encoding/base64" "encoding/binary" + "encoding/json" "encoding/xml" "fmt" "net/http" @@ -34,7 +35,7 @@ func generateTestAESKey() string { return base64.StdEncoding.EncodeToString(key)[:43] } -// encryptTestMessage encrypts a message for testing +// encryptTestMessage encrypts a message for testing (AIBOT JSON format) func encryptTestMessage(message, aesKey string) (string, error) { // Decode AES key key, err := base64.StdEncoding.DecodeString(aesKey + "=") @@ -42,14 +43,14 @@ func encryptTestMessage(message, aesKey string) (string, error) { return "", err } - // Prepare message: random(16) + msg_len(4) + msg + corp_id + // Prepare message: random(16) + msg_len(4) + msg + receiveid random := make([]byte, 0, 16) for i := 0; i < 16; i++ { random = append(random, byte(i)) } msgBytes := []byte(message) - corpID := []byte("test_corp_id") + receiveID := []byte("test_aibot_id") msgLen := uint32(len(msgBytes)) lenBytes := make([]byte, 4) @@ -57,7 +58,7 @@ func encryptTestMessage(message, aesKey string) (string, error) { plainText := append(random, lenBytes...) plainText = append(plainText, msgBytes...) - plainText = append(plainText, corpID...) + plainText = append(plainText, receiveID...) // PKCS7 padding blockSize := aes.BlockSize @@ -176,7 +177,7 @@ func TestWeComBotVerifySignature(t *testing.T) { msgEncrypt := "test_message" expectedSig := generateSignature("test_token", timestamp, nonce, msgEncrypt) - if !ch.verifySignature(expectedSig, timestamp, nonce, msgEncrypt) { + if !WeComVerifySignature(ch.config.Token, expectedSig, timestamp, nonce, msgEncrypt) { t.Error("valid signature should pass verification") } }) @@ -186,7 +187,7 @@ func TestWeComBotVerifySignature(t *testing.T) { nonce := "test_nonce" msgEncrypt := "test_message" - if ch.verifySignature("invalid_sig", timestamp, nonce, msgEncrypt) { + if WeComVerifySignature(ch.config.Token, "invalid_sig", timestamp, nonce, msgEncrypt) { t.Error("invalid signature should fail verification") } }) @@ -203,7 +204,7 @@ func TestWeComBotVerifySignature(t *testing.T) { config: cfgEmpty, } - if !chEmpty.verifySignature("any_sig", "any_ts", "any_nonce", "any_msg") { + if !WeComVerifySignature(chEmpty.config.Token, "any_sig", "any_ts", "any_nonce", "any_msg") { t.Error("empty token should skip verification and return true") } }) @@ -224,7 +225,7 @@ func TestWeComBotDecryptMessage(t *testing.T) { plainText := "hello world" encoded := base64.StdEncoding.EncodeToString([]byte(plainText)) - result, err := ch.decryptMessage(encoded) + result, err := WeComDecryptMessage(encoded, ch.config.EncodingAESKey) if err != nil { t.Fatalf("unexpected error: %v", err) } @@ -248,12 +249,12 @@ func TestWeComBotDecryptMessage(t *testing.T) { t.Fatalf("failed to encrypt test message: %v", err) } - result, err := ch.decryptMessage(encrypted) + result, err := WeComDecryptMessage(encrypted, ch.config.EncodingAESKey) if err != nil { t.Fatalf("unexpected error: %v", err) } if result != originalMsg { - t.Errorf("decryptMessage() = %q, want %q", result, originalMsg) + t.Errorf("WeComDecryptMessage() = %q, want %q", result, originalMsg) } }) @@ -265,7 +266,7 @@ func TestWeComBotDecryptMessage(t *testing.T) { } ch, _ := NewWeComBotChannel(cfg, msgBus) - _, err := ch.decryptMessage("invalid_base64!!!") + _, err := WeComDecryptMessage("invalid_base64!!!", ch.config.EncodingAESKey) if err == nil { t.Error("expected error for invalid base64, got nil") } @@ -279,7 +280,7 @@ func TestWeComBotDecryptMessage(t *testing.T) { } ch, _ := NewWeComBotChannel(cfg, msgBus) - _, err := ch.decryptMessage(base64.StdEncoding.EncodeToString([]byte("test"))) + _, err := WeComDecryptMessage(base64.StdEncoding.EncodeToString([]byte("test")), ch.config.EncodingAESKey) if err == nil { t.Error("expected error for invalid AES key, got nil") } @@ -408,20 +409,62 @@ func TestWeComBotHandleMessageCallback(t *testing.T) { } ch, _ := NewWeComBotChannel(cfg, msgBus) - t.Run("valid message callback", func(t *testing.T) { - // Create XML message - xmlMsg := WeComBotXMLMessage{ - ToUserName: "corp_id", - FromUserName: "user123", - CreateTime: 1234567890, - MsgType: "text", - Content: "Hello World", - MsgId: 123456, - } - xmlData, _ := xml.Marshal(xmlMsg) + t.Run("valid direct message callback", func(t *testing.T) { + // Create JSON message for direct chat (single) + jsonMsg := `{ + "msgid": "test_msg_id_123", + "aibotid": "test_aibot_id", + "chattype": "single", + "from": {"userid": "user123"}, + "response_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + "msgtype": "text", + "text": {"content": "Hello World"} + }` // Encrypt message - encrypted, _ := encryptTestMessage(string(xmlData), aesKey) + encrypted, _ := encryptTestMessage(jsonMsg, aesKey) + + // Create encrypted XML wrapper + encryptedWrapper := struct { + XMLName xml.Name `xml:"xml"` + Encrypt string `xml:"Encrypt"` + }{ + Encrypt: encrypted, + } + wrapperData, _ := xml.Marshal(encryptedWrapper) + + timestamp := "1234567890" + nonce := "test_nonce" + signature := generateSignature("test_token", timestamp, nonce, encrypted) + + req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + w := httptest.NewRecorder() + + ch.handleMessageCallback(context.Background(), w, req) + + if w.Code != http.StatusOK { + t.Errorf("status code = %d, want %d", w.Code, http.StatusOK) + } + if w.Body.String() != "success" { + t.Errorf("response body = %q, want %q", w.Body.String(), "success") + } + }) + + t.Run("valid group message callback", func(t *testing.T) { + // Create JSON message for group chat + jsonMsg := `{ + "msgid": "test_msg_id_456", + "aibotid": "test_aibot_id", + "chatid": "group_chat_id_123", + "chattype": "group", + "from": {"userid": "user456"}, + "response_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + "msgtype": "text", + "text": {"content": "Hello Group"} + }` + + // Encrypt message + encrypted, _ := encryptTestMessage(jsonMsg, aesKey) // Create encrypted XML wrapper encryptedWrapper := struct { @@ -506,42 +549,61 @@ func TestWeComBotProcessMessage(t *testing.T) { } ch, _ := NewWeComBotChannel(cfg, msgBus) - t.Run("process text message", func(t *testing.T) { - msg := WeComBotXMLMessage{ - ToUserName: "corp_id", - FromUserName: "user123", - CreateTime: 1234567890, - MsgType: "text", - Content: "Hello World", - MsgId: 123456, + t.Run("process direct text message", func(t *testing.T) { + msg := WeComBotMessage{ + MsgID: "test_msg_id_123", + AIBotID: "test_aibot_id", + ChatType: "single", + ResponseURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + MsgType: "text", } + msg.From.UserID = "user123" + msg.Text.Content = "Hello World" // Should not panic ch.processMessage(context.Background(), msg) }) - t.Run("process voice message with recognition", func(t *testing.T) { - msg := WeComBotXMLMessage{ - ToUserName: "corp_id", - FromUserName: "user123", - CreateTime: 1234567890, - MsgType: "voice", - Recognition: "Voice message text", - MsgId: 123456, + t.Run("process group text message", func(t *testing.T) { + msg := WeComBotMessage{ + MsgID: "test_msg_id_456", + AIBotID: "test_aibot_id", + ChatID: "group_chat_id_123", + ChatType: "group", + ResponseURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + MsgType: "text", } + msg.From.UserID = "user456" + msg.Text.Content = "Hello Group" + + // Should not panic + ch.processMessage(context.Background(), msg) + }) + + t.Run("process voice message", func(t *testing.T) { + msg := WeComBotMessage{ + MsgID: "test_msg_id_789", + AIBotID: "test_aibot_id", + ChatType: "single", + ResponseURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + MsgType: "voice", + } + msg.From.UserID = "user123" + msg.Voice.Content = "Voice message text" // Should not panic ch.processMessage(context.Background(), msg) }) t.Run("skip unsupported message type", func(t *testing.T) { - msg := WeComBotXMLMessage{ - ToUserName: "corp_id", - FromUserName: "user123", - CreateTime: 1234567890, - MsgType: "video", - MsgId: 123456, + msg := WeComBotMessage{ + MsgID: "test_msg_id_000", + AIBotID: "test_aibot_id", + ChatType: "single", + ResponseURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + MsgType: "video", } + msg.From.UserID = "user123" // Should not panic ch.processMessage(context.Background(), msg) @@ -637,8 +699,8 @@ func TestWeComBotHandleHealth(t *testing.T) { } } -func TestWeComBotWebhookReplyMessage(t *testing.T) { - msg := WeComBotWebhookReply{ +func TestWeComBotReplyMessage(t *testing.T) { + msg := WeComBotReplyMessage{ MsgType: "text", } msg.Text.Content = "Hello World" @@ -651,39 +713,43 @@ func TestWeComBotWebhookReplyMessage(t *testing.T) { } } -func TestWeComBotXMLMessageStructure(t *testing.T) { - xmlData := ` - - - - 1234567890 - - - 1234567890123456 -` +func TestWeComBotMessageStructure(t *testing.T) { + jsonData := `{ + "msgid": "test_msg_id_123", + "aibotid": "test_aibot_id", + "chatid": "group_chat_id_123", + "chattype": "group", + "from": {"userid": "user123"}, + "response_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", + "msgtype": "text", + "text": {"content": "Hello World"} + }` - var msg WeComBotXMLMessage - err := xml.Unmarshal([]byte(xmlData), &msg) + var msg WeComBotMessage + err := json.Unmarshal([]byte(jsonData), &msg) if err != nil { - t.Fatalf("failed to unmarshal XML: %v", err) + t.Fatalf("failed to unmarshal JSON: %v", err) } - if msg.ToUserName != "corp_id" { - t.Errorf("ToUserName = %q, want %q", msg.ToUserName, "corp_id") + if msg.MsgID != "test_msg_id_123" { + t.Errorf("MsgID = %q, want %q", msg.MsgID, "test_msg_id_123") } - if msg.FromUserName != "user123" { - t.Errorf("FromUserName = %q, want %q", msg.FromUserName, "user123") + if msg.AIBotID != "test_aibot_id" { + t.Errorf("AIBotID = %q, want %q", msg.AIBotID, "test_aibot_id") } - if msg.CreateTime != 1234567890 { - t.Errorf("CreateTime = %d, want %d", msg.CreateTime, 1234567890) + if msg.ChatID != "group_chat_id_123" { + t.Errorf("ChatID = %q, want %q", msg.ChatID, "group_chat_id_123") + } + if msg.ChatType != "group" { + t.Errorf("ChatType = %q, want %q", msg.ChatType, "group") + } + if msg.From.UserID != "user123" { + t.Errorf("From.UserID = %q, want %q", msg.From.UserID, "user123") } if msg.MsgType != "text" { t.Errorf("MsgType = %q, want %q", msg.MsgType, "text") } - if msg.Content != "Hello World" { - t.Errorf("Content = %q, want %q", msg.Content, "Hello World") - } - if msg.MsgId != 1234567890123456 { - t.Errorf("MsgId = %d, want %d", msg.MsgId, 1234567890123456) + if msg.Text.Content != "Hello World" { + t.Errorf("Text.Content = %q, want %q", msg.Text.Content, "Hello World") } } From d692cc0cc62cfa3a56ad692c31a5020f7e5c3392 Mon Sep 17 00:00:00 2001 From: Harsh Bansal <122075346+harshbansal7@users.noreply.github.com> Date: Fri, 20 Feb 2026 16:25:04 +0530 Subject: [PATCH 08/88] Feature: Implement Skill Discovery - With Clawhub Integration and Caching (#332) * Add Find Skills and Install Skills * Improvements * fix file name * Update pkg/skills/clawhub_registry.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * fix * Comments addressed * Resolve comments * fix tests * fixes * Comments resolved * Update pkg/skills/search_cache_repro_test.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * minor fix * fix test * fixes --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- cmd/picoclaw/cmd_skills.go | 101 ++++++++- cmd/picoclaw/main.go | 2 +- config/config.example.json | 11 + pkg/agent/loop.go | 10 + pkg/config/config.go | 34 ++- pkg/config/defaults.go | 13 ++ pkg/skills/clawhub_registry.go | 311 ++++++++++++++++++++++++++++ pkg/skills/clawhub_registry_test.go | 256 +++++++++++++++++++++++ pkg/skills/registry.go | 223 ++++++++++++++++++++ pkg/skills/registry_test.go | 179 ++++++++++++++++ pkg/skills/search_cache.go | 229 ++++++++++++++++++++ pkg/skills/search_cache_test.go | 200 ++++++++++++++++++ pkg/tools/skills_install.go | 199 ++++++++++++++++++ pkg/tools/skills_install_test.go | 103 +++++++++ pkg/tools/skills_search.go | 119 +++++++++++ pkg/tools/skills_search_test.go | 82 ++++++++ pkg/utils/download.go | 93 +++++++++ pkg/utils/skills.go | 19 ++ pkg/utils/string.go | 9 + pkg/utils/zip.go | 120 +++++++++++ 20 files changed, 2303 insertions(+), 10 deletions(-) create mode 100644 pkg/skills/clawhub_registry.go create mode 100644 pkg/skills/clawhub_registry_test.go create mode 100644 pkg/skills/registry.go create mode 100644 pkg/skills/registry_test.go create mode 100644 pkg/skills/search_cache.go create mode 100644 pkg/skills/search_cache_test.go create mode 100644 pkg/tools/skills_install.go create mode 100644 pkg/tools/skills_install_test.go create mode 100644 pkg/tools/skills_search.go create mode 100644 pkg/tools/skills_search_test.go create mode 100644 pkg/utils/download.go create mode 100644 pkg/utils/skills.go create mode 100644 pkg/utils/zip.go diff --git a/cmd/picoclaw/cmd_skills.go b/cmd/picoclaw/cmd_skills.go index 9ea38dcf6..32b7c62b8 100644 --- a/cmd/picoclaw/cmd_skills.go +++ b/cmd/picoclaw/cmd_skills.go @@ -11,15 +11,17 @@ import ( "strings" "time" + "github.com/sipeed/picoclaw/pkg/config" "github.com/sipeed/picoclaw/pkg/skills" + "github.com/sipeed/picoclaw/pkg/utils" ) func skillsHelp() { fmt.Println("\nSkills commands:") fmt.Println(" list List installed skills") fmt.Println(" install Install skill from GitHub") - fmt.Println(" install-builtin Install all builtin skills to workspace") - fmt.Println(" list-builtin List available builtin skills") + fmt.Println(" install-builtin Install all builtin skills to workspace") + fmt.Println(" list-builtin List available builtin skills") fmt.Println(" remove Remove installed skill") fmt.Println(" search Search available skills") fmt.Println(" show Show skill details") @@ -30,6 +32,7 @@ func skillsHelp() { fmt.Println(" picoclaw skills install-builtin") fmt.Println(" picoclaw skills list-builtin") fmt.Println(" picoclaw skills remove weather") + fmt.Println(" picoclaw skills install --registry clawhub github") } func skillsListCmd(loader *skills.SkillsLoader) { @@ -50,13 +53,27 @@ func skillsListCmd(loader *skills.SkillsLoader) { } } -func skillsInstallCmd(installer *skills.SkillInstaller) { +func skillsInstallCmd(installer *skills.SkillInstaller, cfg *config.Config) { if len(os.Args) < 4 { fmt.Println("Usage: picoclaw skills install ") - fmt.Println("Example: picoclaw skills install sipeed/picoclaw-skills/weather") + fmt.Println(" picoclaw skills install --registry ") return } + // Check for --registry flag. + if os.Args[3] == "--registry" { + if len(os.Args) < 6 { + fmt.Println("Usage: picoclaw skills install --registry ") + fmt.Println("Example: picoclaw skills install --registry clawhub github") + return + } + registryName := os.Args[4] + slug := os.Args[5] + skillsInstallFromRegistry(cfg, registryName, slug) + return + } + + // Default: install from GitHub (backward compatible). repo := os.Args[3] fmt.Printf("Installing skill from %s...\n", repo) @@ -64,11 +81,83 @@ func skillsInstallCmd(installer *skills.SkillInstaller) { defer cancel() if err := installer.InstallFromGitHub(ctx, repo); err != nil { - fmt.Printf("āœ— Failed to install skill: %v\n", err) + fmt.Printf("\u2717 Failed to install skill: %v\n", err) os.Exit(1) } - fmt.Printf("āœ“ Skill '%s' installed successfully!\n", filepath.Base(repo)) + fmt.Printf("\u2713 Skill '%s' installed successfully!\n", filepath.Base(repo)) +} + +// skillsInstallFromRegistry installs a skill from a named registry (e.g. clawhub). +func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) { + err := utils.ValidateSkillIdentifier(registryName) + if err != nil { + fmt.Printf("\u2717 Invalid registry name: %v\n", err) + os.Exit(1) + } + + err = utils.ValidateSkillIdentifier(slug) + if err != nil { + fmt.Printf("\u2717 Invalid slug: %v\n", err) + os.Exit(1) + } + + fmt.Printf("Installing skill '%s' from %s registry...\n", slug, registryName) + + registryMgr := skills.NewRegistryManagerFromConfig(skills.RegistryConfig{ + MaxConcurrentSearches: cfg.Tools.Skills.MaxConcurrentSearches, + ClawHub: skills.ClawHubConfig(cfg.Tools.Skills.Registries.ClawHub), + }) + + registry := registryMgr.GetRegistry(registryName) + if registry == nil { + fmt.Printf("\u2717 Registry '%s' not found or not enabled. Check your config.json.\n", registryName) + os.Exit(1) + } + + workspace := cfg.WorkspacePath() + targetDir := filepath.Join(workspace, "skills", slug) + + if _, err := os.Stat(targetDir); err == nil { + fmt.Printf("\u2717 Skill '%s' already installed at %s\n", slug, targetDir) + os.Exit(1) + } + + ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second) + defer cancel() + + if err := os.MkdirAll(filepath.Join(workspace, "skills"), 0755); err != nil { + fmt.Printf("\u2717 Failed to create skills directory: %v\n", err) + os.Exit(1) + } + + result, err := registry.DownloadAndInstall(ctx, slug, "", targetDir) + if err != nil { + rmErr := os.RemoveAll(targetDir) + if rmErr != nil { + fmt.Printf("\u2717 Failed to remove partial install: %v\n", rmErr) + } + fmt.Printf("\u2717 Failed to install skill: %v\n", err) + os.Exit(1) + } + + if result.IsMalwareBlocked { + rmErr := os.RemoveAll(targetDir) + if rmErr != nil { + fmt.Printf("\u2717 Failed to remove partial install: %v\n", rmErr) + } + fmt.Printf("\u2717 Skill '%s' is flagged as malicious and cannot be installed.\n", slug) + os.Exit(1) + } + + if result.IsSuspicious { + fmt.Printf("\u26a0\ufe0f Warning: skill '%s' is flagged as suspicious.\n", slug) + } + + fmt.Printf("\u2713 Skill '%s' v%s installed successfully!\n", slug, result.Version) + if result.Summary != "" { + fmt.Printf(" %s\n", result.Summary) + } } func skillsRemoveCmd(installer *skills.SkillInstaller, skillName string) { diff --git a/cmd/picoclaw/main.go b/cmd/picoclaw/main.go index ce9389417..1e4b393f8 100644 --- a/cmd/picoclaw/main.go +++ b/cmd/picoclaw/main.go @@ -141,7 +141,7 @@ func main() { case "list": skillsListCmd(skillsLoader) case "install": - skillsInstallCmd(installer) + skillsInstallCmd(installer, cfg) case "remove", "uninstall": if len(os.Args) < 4 { fmt.Println("Usage: picoclaw skills remove ") diff --git a/config/config.example.json b/config/config.example.json index abc928e92..fa87fbec7 100644 --- a/config/config.example.json +++ b/config/config.example.json @@ -194,6 +194,17 @@ "exec": { "enable_deny_patterns": false, "custom_deny_patterns": [] + }, + "skills": { + "registries": { + "clawhub": { + "enabled": true, + "base_url": "https://clawhub.ai", + "search_path": "/api/v1/search", + "skills_path": "/api/v1/skills", + "download_path": "/api/v1/download" + } + } } }, "heartbeat": { diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index e7b48d47a..f8eef395a 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -23,6 +23,7 @@ import ( "github.com/sipeed/picoclaw/pkg/logger" "github.com/sipeed/picoclaw/pkg/providers" "github.com/sipeed/picoclaw/pkg/routing" + "github.com/sipeed/picoclaw/pkg/skills" "github.com/sipeed/picoclaw/pkg/state" "github.com/sipeed/picoclaw/pkg/tools" "github.com/sipeed/picoclaw/pkg/utils" @@ -117,6 +118,15 @@ func registerSharedTools(cfg *config.Config, msgBus *bus.MessageBus, registry *A }) agent.Tools.Register(messageTool) + // Skill discovery and installation tools + registryMgr := skills.NewRegistryManagerFromConfig(skills.RegistryConfig{ + MaxConcurrentSearches: cfg.Tools.Skills.MaxConcurrentSearches, + ClawHub: skills.ClawHubConfig(cfg.Tools.Skills.Registries.ClawHub), + }) + searchCache := skills.NewSearchCache(cfg.Tools.Skills.SearchCache.MaxSize, time.Duration(cfg.Tools.Skills.SearchCache.TTLSeconds)*time.Second) + agent.Tools.Register(tools.NewFindSkillsTool(registryMgr, searchCache)) + agent.Tools.Register(tools.NewInstallSkillTool(registryMgr, agent.Workspace)) + // Spawn tool with allowlist checker subagentManager := tools.NewSubagentManager(provider, agent.Model, agent.Workspace, msgBus) subagentManager.SetLLMOptions(agent.MaxTokens, agent.Temperature) diff --git a/pkg/config/config.go b/pkg/config/config.go index 0d41796a4..9d5e5d42e 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -416,9 +416,37 @@ type ExecConfig struct { } type ToolsConfig struct { - Web WebToolsConfig `json:"web"` - Cron CronToolsConfig `json:"cron"` - Exec ExecConfig `json:"exec"` + Web WebToolsConfig `json:"web"` + Cron CronToolsConfig `json:"cron"` + Exec ExecConfig `json:"exec"` + Skills SkillsToolsConfig `json:"skills"` +} + +type SkillsToolsConfig struct { + Registries SkillsRegistriesConfig `json:"registries"` + MaxConcurrentSearches int `json:"max_concurrent_searches" env:"PICOCLAW_SKILLS_MAX_CONCURRENT_SEARCHES"` + SearchCache SearchCacheConfig `json:"search_cache"` +} + +type SearchCacheConfig struct { + MaxSize int `json:"max_size" env:"PICOCLAW_SKILLS_SEARCH_CACHE_MAX_SIZE"` + TTLSeconds int `json:"ttl_seconds" env:"PICOCLAW_SKILLS_SEARCH_CACHE_TTL_SECONDS"` +} + +type SkillsRegistriesConfig struct { + ClawHub ClawHubRegistryConfig `json:"clawhub"` +} + +type ClawHubRegistryConfig struct { + Enabled bool `json:"enabled" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_ENABLED"` + BaseURL string `json:"base_url" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_BASE_URL"` + AuthToken string `json:"auth_token" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_AUTH_TOKEN"` + SearchPath string `json:"search_path" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_SEARCH_PATH"` + SkillsPath string `json:"skills_path" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_SKILLS_PATH"` + DownloadPath string `json:"download_path" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_DOWNLOAD_PATH"` + Timeout int `json:"timeout" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_TIMEOUT"` + MaxZipSize int `json:"max_zip_size" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_MAX_ZIP_SIZE"` + MaxResponseSize int `json:"max_response_size" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_MAX_RESPONSE_SIZE"` } func LoadConfig(path string) (*Config, error) { diff --git a/pkg/config/defaults.go b/pkg/config/defaults.go index 54d6d68c3..07974b8eb 100644 --- a/pkg/config/defaults.go +++ b/pkg/config/defaults.go @@ -265,6 +265,19 @@ func DefaultConfig() *Config { Exec: ExecConfig{ EnableDenyPatterns: true, }, + Skills: SkillsToolsConfig{ + Registries: SkillsRegistriesConfig{ + ClawHub: ClawHubRegistryConfig{ + Enabled: true, + BaseURL: "https://clawhub.ai", + }, + }, + MaxConcurrentSearches: 2, + SearchCache: SearchCacheConfig{ + MaxSize: 50, + TTLSeconds: 300, + }, + }, }, Heartbeat: HeartbeatConfig{ Enabled: true, diff --git a/pkg/skills/clawhub_registry.go b/pkg/skills/clawhub_registry.go new file mode 100644 index 000000000..e2a940afd --- /dev/null +++ b/pkg/skills/clawhub_registry.go @@ -0,0 +1,311 @@ +package skills + +import ( + "context" + "encoding/json" + "fmt" + "io" + "net/http" + "net/url" + "os" + "time" + + "github.com/sipeed/picoclaw/pkg/utils" +) + +const ( + defaultClawHubTimeout = 30 * time.Second + defaultMaxZipSize = 50 * 1024 * 1024 // 50 MB + defaultMaxResponseSize = 2 * 1024 * 1024 // 2 MB +) + +// ClawHubRegistry implements SkillRegistry for the ClawHub platform. +type ClawHubRegistry struct { + baseURL string + authToken string // Optional - for elevated rate limits + searchPath string // Search API + skillsPath string // For retrieving skill metadata + downloadPath string // For fetching ZIP files for download + maxZipSize int + maxResponseSize int + client *http.Client +} + +// NewClawHubRegistry creates a new ClawHub registry client from config. +func NewClawHubRegistry(cfg ClawHubConfig) *ClawHubRegistry { + baseURL := cfg.BaseURL + if baseURL == "" { + baseURL = "https://clawhub.ai" + } + searchPath := cfg.SearchPath + if searchPath == "" { + searchPath = "/api/v1/search" + } + skillsPath := cfg.SkillsPath + if skillsPath == "" { + skillsPath = "/api/v1/skills" + } + downloadPath := cfg.DownloadPath + if downloadPath == "" { + downloadPath = "/api/v1/download" + } + + timeout := defaultClawHubTimeout + if cfg.Timeout > 0 { + timeout = time.Duration(cfg.Timeout) * time.Second + } + + maxZip := defaultMaxZipSize + if cfg.MaxZipSize > 0 { + maxZip = cfg.MaxZipSize + } + + maxResp := defaultMaxResponseSize + if cfg.MaxResponseSize > 0 { + maxResp = cfg.MaxResponseSize + } + + return &ClawHubRegistry{ + baseURL: baseURL, + authToken: cfg.AuthToken, + searchPath: searchPath, + skillsPath: skillsPath, + downloadPath: downloadPath, + maxZipSize: maxZip, + maxResponseSize: maxResp, + client: &http.Client{ + Timeout: timeout, + Transport: &http.Transport{ + MaxIdleConns: 5, + IdleConnTimeout: 30 * time.Second, + TLSHandshakeTimeout: 10 * time.Second, + }, + }, + } +} + +func (c *ClawHubRegistry) Name() string { + return "clawhub" +} + +// --- Search --- + +type clawhubSearchResponse struct { + Results []clawhubSearchResult `json:"results"` +} + +type clawhubSearchResult struct { + Score float64 `json:"score"` + Slug *string `json:"slug"` + DisplayName *string `json:"displayName"` + Summary *string `json:"summary"` + Version *string `json:"version"` +} + +func (c *ClawHubRegistry) Search(ctx context.Context, query string, limit int) ([]SearchResult, error) { + u, err := url.Parse(c.baseURL + c.searchPath) + if err != nil { + return nil, fmt.Errorf("invalid base URL: %w", err) + } + + q := u.Query() + q.Set("q", query) + if limit > 0 { + q.Set("limit", fmt.Sprintf("%d", limit)) + } + u.RawQuery = q.Encode() + + body, err := c.doGet(ctx, u.String()) + if err != nil { + return nil, fmt.Errorf("search request failed: %w", err) + } + + var resp clawhubSearchResponse + if err := json.Unmarshal(body, &resp); err != nil { + return nil, fmt.Errorf("failed to parse search response: %w", err) + } + + results := make([]SearchResult, 0, len(resp.Results)) + for _, r := range resp.Results { + slug := utils.DerefStr(r.Slug, "") + if slug == "" { + continue + } + + summary := utils.DerefStr(r.Summary, "") + if summary == "" { + continue + } + + displayName := utils.DerefStr(r.DisplayName, "") + if displayName == "" { + displayName = slug + } + + results = append(results, SearchResult{ + Score: r.Score, + Slug: slug, + DisplayName: displayName, + Summary: summary, + Version: utils.DerefStr(r.Version, ""), + RegistryName: c.Name(), + }) + } + + return results, nil +} + +// --- GetSkillMeta --- + +type clawhubSkillResponse struct { + Slug string `json:"slug"` + DisplayName string `json:"displayName"` + Summary string `json:"summary"` + LatestVersion *clawhubVersionInfo `json:"latestVersion"` + Moderation *clawhubModerationInfo `json:"moderation"` +} + +type clawhubVersionInfo struct { + Version string `json:"version"` +} + +type clawhubModerationInfo struct { + IsMalwareBlocked bool `json:"isMalwareBlocked"` + IsSuspicious bool `json:"isSuspicious"` +} + +func (c *ClawHubRegistry) GetSkillMeta(ctx context.Context, slug string) (*SkillMeta, error) { + if err := utils.ValidateSkillIdentifier(slug); err != nil { + return nil, fmt.Errorf("invalid slug %q: error: %s", slug, err.Error()) + } + + u := c.baseURL + c.skillsPath + "/" + url.PathEscape(slug) + + body, err := c.doGet(ctx, u) + if err != nil { + return nil, fmt.Errorf("skill metadata request failed: %w", err) + } + + var resp clawhubSkillResponse + if err := json.Unmarshal(body, &resp); err != nil { + return nil, fmt.Errorf("failed to parse skill metadata: %w", err) + } + + meta := &SkillMeta{ + Slug: resp.Slug, + DisplayName: resp.DisplayName, + Summary: resp.Summary, + RegistryName: c.Name(), + } + + if resp.LatestVersion != nil { + meta.LatestVersion = resp.LatestVersion.Version + } + if resp.Moderation != nil { + meta.IsMalwareBlocked = resp.Moderation.IsMalwareBlocked + meta.IsSuspicious = resp.Moderation.IsSuspicious + } + + return meta, nil +} + +// --- DownloadAndInstall --- + +// DownloadAndInstall fetches metadata (with fallback), resolves version, +// downloads the skill ZIP, and extracts it to targetDir. +// Returns an InstallResult for the caller to use for moderation decisions. +func (c *ClawHubRegistry) DownloadAndInstall(ctx context.Context, slug, version, targetDir string) (*InstallResult, error) { + if err := utils.ValidateSkillIdentifier(slug); err != nil { + return nil, fmt.Errorf("invalid slug %q: error: %s", slug, err.Error()) + } + + // Step 1: Fetch metadata (with fallback). + result := &InstallResult{} + meta, err := c.GetSkillMeta(ctx, slug) + if err != nil { + // Fallback: proceed without metadata. + meta = nil + } + + if meta != nil { + result.IsMalwareBlocked = meta.IsMalwareBlocked + result.IsSuspicious = meta.IsSuspicious + result.Summary = meta.Summary + } + + // Step 2: Resolve version. + installVersion := version + if installVersion == "" && meta != nil { + installVersion = meta.LatestVersion + } + if installVersion == "" { + installVersion = "latest" + } + result.Version = installVersion + + // Step 3: Download ZIP to temp file (streams in ~32KB chunks). + u, err := url.Parse(c.baseURL + c.downloadPath) + if err != nil { + return nil, fmt.Errorf("invalid base URL: %w", err) + } + + q := u.Query() + q.Set("slug", slug) + if installVersion != "latest" { + q.Set("version", installVersion) + } + u.RawQuery = q.Encode() + + req, err := http.NewRequestWithContext(ctx, "GET", u.String(), nil) + if err != nil { + return nil, fmt.Errorf("failed to create request: %w", err) + } + if c.authToken != "" { + req.Header.Set("Authorization", "Bearer "+c.authToken) + } + + tmpPath, err := utils.DownloadToFile(ctx, c.client, req, int64(c.maxZipSize)) + if err != nil { + return nil, fmt.Errorf("download failed: %w", err) + } + defer os.Remove(tmpPath) + + // Step 4: Extract from file on disk. + if err := utils.ExtractZipFile(tmpPath, targetDir); err != nil { + return nil, err + } + + return result, nil +} + +// --- HTTP helper --- + +func (c *ClawHubRegistry) doGet(ctx context.Context, urlStr string) ([]byte, error) { + req, err := http.NewRequestWithContext(ctx, "GET", urlStr, nil) + if err != nil { + return nil, err + } + + req.Header.Set("Accept", "application/json") + if c.authToken != "" { + req.Header.Set("Authorization", "Bearer "+c.authToken) + } + + resp, err := c.client.Do(req) + if err != nil { + return nil, err + } + defer resp.Body.Close() + + // Limit response body read to prevent memory issues. + body, err := io.ReadAll(io.LimitReader(resp.Body, int64(c.maxResponseSize))) + if err != nil { + return nil, fmt.Errorf("failed to read response: %w", err) + } + + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + return nil, fmt.Errorf("HTTP %d: %s", resp.StatusCode, string(body)) + } + + return body, nil +} diff --git a/pkg/skills/clawhub_registry_test.go b/pkg/skills/clawhub_registry_test.go new file mode 100644 index 000000000..d12e19504 --- /dev/null +++ b/pkg/skills/clawhub_registry_test.go @@ -0,0 +1,256 @@ +package skills + +import ( + "archive/zip" + "bytes" + "context" + "encoding/json" + "net/http" + "net/http/httptest" + "os" + "path/filepath" + "testing" + + "github.com/sipeed/picoclaw/pkg/utils" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func newTestRegistry(serverURL, authToken string) *ClawHubRegistry { + return NewClawHubRegistry(ClawHubConfig{ + Enabled: true, + BaseURL: serverURL, + AuthToken: authToken, + }) +} + +func TestClawHubRegistrySearch(t *testing.T) { + srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + assert.Equal(t, "/api/v1/search", r.URL.Path) + assert.Equal(t, "github", r.URL.Query().Get("q")) + + slug := "github" + name := "GitHub Integration" + summary := "Interact with GitHub repos" + version := "1.0.0" + + json.NewEncoder(w).Encode(clawhubSearchResponse{ + Results: []clawhubSearchResult{ + {Score: 0.95, Slug: &slug, DisplayName: &name, Summary: &summary, Version: &version}, + }, + }) + })) + defer srv.Close() + + reg := newTestRegistry(srv.URL, "") + results, err := reg.Search(context.Background(), "github", 5) + + require.NoError(t, err) + require.Len(t, results, 1) + assert.Equal(t, "github", results[0].Slug) + assert.Equal(t, "GitHub Integration", results[0].DisplayName) + assert.InDelta(t, 0.95, results[0].Score, 0.001) + assert.Equal(t, "clawhub", results[0].RegistryName) +} + +func TestClawHubRegistryGetSkillMeta(t *testing.T) { + srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + assert.Equal(t, "/api/v1/skills/github", r.URL.Path) + + json.NewEncoder(w).Encode(clawhubSkillResponse{ + Slug: "github", + DisplayName: "GitHub Integration", + Summary: "Full GitHub API integration", + LatestVersion: &clawhubVersionInfo{ + Version: "2.1.0", + }, + Moderation: &clawhubModerationInfo{ + IsMalwareBlocked: false, + IsSuspicious: true, + }, + }) + })) + defer srv.Close() + + reg := newTestRegistry(srv.URL, "") + meta, err := reg.GetSkillMeta(context.Background(), "github") + + require.NoError(t, err) + assert.Equal(t, "github", meta.Slug) + assert.Equal(t, "2.1.0", meta.LatestVersion) + assert.False(t, meta.IsMalwareBlocked) + assert.True(t, meta.IsSuspicious) +} + +func TestClawHubRegistryGetSkillMetaUnsafeSlug(t *testing.T) { + reg := newTestRegistry("https://example.com", "") + _, err := reg.GetSkillMeta(context.Background(), "../etc/passwd") + assert.Error(t, err) + assert.Contains(t, err.Error(), "invalid slug") +} + +func TestClawHubRegistryDownloadAndInstall(t *testing.T) { + // Create a valid ZIP in memory. + zipBuf := createTestZip(t, map[string]string{ + "SKILL.md": "---\nname: test-skill\ndescription: A test\n---\nHello skill", + "README.md": "# Test Skill\n", + }) + + srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case "/api/v1/skills/test-skill": + // Metadata endpoint. + json.NewEncoder(w).Encode(clawhubSkillResponse{ + Slug: "test-skill", + DisplayName: "Test Skill", + Summary: "A test skill", + LatestVersion: &clawhubVersionInfo{Version: "1.0.0"}, + }) + case "/api/v1/download": + assert.Equal(t, "test-skill", r.URL.Query().Get("slug")) + w.Header().Set("Content-Type", "application/zip") + w.Write(zipBuf) + default: + w.WriteHeader(http.StatusNotFound) + } + })) + defer srv.Close() + + tmpDir := t.TempDir() + targetDir := filepath.Join(tmpDir, "test-skill") + + reg := newTestRegistry(srv.URL, "") + result, err := reg.DownloadAndInstall(context.Background(), "test-skill", "1.0.0", targetDir) + + require.NoError(t, err) + assert.Equal(t, "1.0.0", result.Version) + assert.False(t, result.IsMalwareBlocked) + + // Verify extracted files. + skillContent, err := os.ReadFile(filepath.Join(targetDir, "SKILL.md")) + require.NoError(t, err) + assert.Contains(t, string(skillContent), "Hello skill") + + readmeContent, err := os.ReadFile(filepath.Join(targetDir, "README.md")) + require.NoError(t, err) + assert.Contains(t, string(readmeContent), "# Test Skill") +} + +func TestClawHubRegistryAuthToken(t *testing.T) { + srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + authHeader := r.Header.Get("Authorization") + assert.Equal(t, "Bearer test-token-123", authHeader) + json.NewEncoder(w).Encode(clawhubSearchResponse{Results: nil}) + })) + defer srv.Close() + + reg := newTestRegistry(srv.URL, "test-token-123") + _, _ = reg.Search(context.Background(), "test", 5) +} + +func TestExtractZipPathTraversal(t *testing.T) { + // Create a ZIP with a path traversal entry. + var buf bytes.Buffer + zw := zip.NewWriter(&buf) + + // Malicious entry trying to escape directory. + w, err := zw.Create("../../etc/passwd") + require.NoError(t, err) + w.Write([]byte("malicious")) + + zw.Close() + + // Write to temp file for extractZipFile. + tmpZip := filepath.Join(t.TempDir(), "bad.zip") + require.NoError(t, os.WriteFile(tmpZip, buf.Bytes(), 0644)) + + tmpDir := t.TempDir() + err = utils.ExtractZipFile(tmpZip, tmpDir) + assert.Error(t, err) + assert.Contains(t, err.Error(), "unsafe path") +} + +func TestExtractZipWithSubdirectories(t *testing.T) { + zipBuf := createTestZip(t, map[string]string{ + "SKILL.md": "root file", + "scripts/helper.sh": "#!/bin/bash\necho hello", + "examples/demo.yaml": "key: value", + }) + + // Write to temp file for extractZipFile. + tmpZip := filepath.Join(t.TempDir(), "test.zip") + require.NoError(t, os.WriteFile(tmpZip, zipBuf, 0644)) + + tmpDir := t.TempDir() + targetDir := filepath.Join(tmpDir, "my-skill") + + err := utils.ExtractZipFile(tmpZip, targetDir) + require.NoError(t, err) + + // Verify nested file. + data, err := os.ReadFile(filepath.Join(targetDir, "scripts", "helper.sh")) + require.NoError(t, err) + assert.Contains(t, string(data), "#!/bin/bash") +} + +func TestClawHubRegistrySearchHTTPError(t *testing.T) { + srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusInternalServerError) + w.Write([]byte("Internal Server Error")) + })) + defer srv.Close() + + reg := newTestRegistry(srv.URL, "") + _, err := reg.Search(context.Background(), "test", 5) + assert.Error(t, err) + assert.Contains(t, err.Error(), "500") +} + +func TestClawHubRegistrySearchNullableFields(t *testing.T) { + srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + validSlug := "valid-slug" + validSummary := "valid summary" + + // Return results with various null/empty fields + json.NewEncoder(w).Encode(clawhubSearchResponse{ + Results: []clawhubSearchResult{ + // Case 1: Null Slug -> Skip + {Score: 0.1, Slug: nil, DisplayName: nil, Summary: nil, Version: nil}, + // Case 2: Valid Slug, Null Summary -> Skip + {Score: 0.2, Slug: &validSlug, DisplayName: nil, Summary: nil, Version: nil}, + // Case 3: Valid Slug, Valid Summary, Null Name -> Keep, Name=Slug + {Score: 0.8, Slug: &validSlug, DisplayName: nil, Summary: &validSummary, Version: nil}, + }, + }) + })) + defer srv.Close() + + reg := newTestRegistry(srv.URL, "") + results, err := reg.Search(context.Background(), "test", 5) + + require.NoError(t, err) + require.Len(t, results, 1, "should only return 1 valid result") + + r := results[0] + assert.Equal(t, "valid-slug", r.Slug) + assert.Equal(t, "valid-slug", r.DisplayName, "should fallback name to slug") + assert.Equal(t, "valid summary", r.Summary) +} + +// --- helpers --- + +func createTestZip(t *testing.T, files map[string]string) []byte { + t.Helper() + var buf bytes.Buffer + zw := zip.NewWriter(&buf) + + for name, content := range files { + w, err := zw.Create(name) + require.NoError(t, err) + _, err = w.Write([]byte(content)) + require.NoError(t, err) + } + + require.NoError(t, zw.Close()) + return buf.Bytes() +} diff --git a/pkg/skills/registry.go b/pkg/skills/registry.go new file mode 100644 index 000000000..45ae72253 --- /dev/null +++ b/pkg/skills/registry.go @@ -0,0 +1,223 @@ +package skills + +import ( + "context" + "fmt" + "log/slog" + "sync" + "time" +) + +const ( + defaultMaxConcurrentSearches = 2 +) + +// SearchResult represents a single result from a skill registry search. +type SearchResult struct { + Score float64 `json:"score"` + Slug string `json:"slug"` + DisplayName string `json:"display_name"` + Summary string `json:"summary"` + Version string `json:"version"` + RegistryName string `json:"registry_name"` +} + +// SkillMeta holds metadata about a skill from a registry. +type SkillMeta struct { + Slug string `json:"slug"` + DisplayName string `json:"display_name"` + Summary string `json:"summary"` + LatestVersion string `json:"latest_version"` + IsMalwareBlocked bool `json:"is_malware_blocked"` + IsSuspicious bool `json:"is_suspicious"` + RegistryName string `json:"registry_name"` +} + +// InstallResult is returned by DownloadAndInstall to carry metadata +// back to the caller for moderation and user messaging. +type InstallResult struct { + Version string + IsMalwareBlocked bool + IsSuspicious bool + Summary string +} + +// SkillRegistry is the interface that all skill registries must implement. +// Each registry represents a different source of skills (e.g., clawhub.ai) +type SkillRegistry interface { + // Name returns the unique name of this registry (e.g., "clawhub"). + Name() string + // Search searches the registry for skills matching the query. + Search(ctx context.Context, query string, limit int) ([]SearchResult, error) + // GetSkillMeta retrieves metadata for a specific skill by slug. + GetSkillMeta(ctx context.Context, slug string) (*SkillMeta, error) + // DownloadAndInstall fetches metadata, resolves the version, downloads and + // installs the skill to targetDir. Returns an InstallResult with metadata + // for the caller to use for moderation and user messaging. + DownloadAndInstall(ctx context.Context, slug, version, targetDir string) (*InstallResult, error) +} + +// RegistryConfig holds configuration for all skill registries. +// This is the input to NewRegistryManagerFromConfig. +type RegistryConfig struct { + ClawHub ClawHubConfig + MaxConcurrentSearches int +} + +// ClawHubConfig configures the ClawHub registry. +type ClawHubConfig struct { + Enabled bool + BaseURL string + AuthToken string + SearchPath string // e.g. "/api/v1/search" + SkillsPath string // e.g. "/api/v1/skills" + DownloadPath string // e.g. "/api/v1/download" + Timeout int // seconds, 0 = default (30s) + MaxZipSize int // bytes, 0 = default (50MB) + MaxResponseSize int // bytes, 0 = default (2MB) +} + +// RegistryManager coordinates multiple skill registries. +// It fans out search requests and routes installs to the correct registry. +type RegistryManager struct { + registries []SkillRegistry + maxConcurrent int + mu sync.RWMutex +} + +// NewRegistryManager creates an empty RegistryManager. +func NewRegistryManager() *RegistryManager { + return &RegistryManager{ + registries: make([]SkillRegistry, 0), + maxConcurrent: defaultMaxConcurrentSearches, + } +} + +// NewRegistryManagerFromConfig builds a RegistryManager from config, +// instantiating only the enabled registries. +func NewRegistryManagerFromConfig(cfg RegistryConfig) *RegistryManager { + rm := NewRegistryManager() + if cfg.MaxConcurrentSearches > 0 { + rm.maxConcurrent = cfg.MaxConcurrentSearches + } + if cfg.ClawHub.Enabled { + rm.AddRegistry(NewClawHubRegistry(cfg.ClawHub)) + } + return rm +} + +// AddRegistry adds a registry to the manager. +func (rm *RegistryManager) AddRegistry(r SkillRegistry) { + rm.mu.Lock() + defer rm.mu.Unlock() + rm.registries = append(rm.registries, r) +} + +// GetRegistry returns a registry by name, or nil if not found. +func (rm *RegistryManager) GetRegistry(name string) SkillRegistry { + rm.mu.RLock() + defer rm.mu.RUnlock() + for _, r := range rm.registries { + if r.Name() == name { + return r + } + } + return nil +} + +// SearchAll fans out the query to all registries concurrently +// and merges results sorted by score descending. +func (rm *RegistryManager) SearchAll(ctx context.Context, query string, limit int) ([]SearchResult, error) { + rm.mu.RLock() + regs := make([]SkillRegistry, len(rm.registries)) + copy(regs, rm.registries) + rm.mu.RUnlock() + + if len(regs) == 0 { + return nil, fmt.Errorf("no registries configured") + } + + type regResult struct { + results []SearchResult + err error + } + + // Semaphore: limit concurrency. + sem := make(chan struct{}, rm.maxConcurrent) + resultsCh := make(chan regResult, len(regs)) + + var wg sync.WaitGroup + for _, reg := range regs { + wg.Add(1) + go func(r SkillRegistry) { + defer wg.Done() + + // Acquire semaphore slot. + select { + case sem <- struct{}{}: + defer func() { <-sem }() + case <-ctx.Done(): + resultsCh <- regResult{err: ctx.Err()} + return + } + + searchCtx, cancel := context.WithTimeout(ctx, 1*time.Minute) + defer cancel() + + results, err := r.Search(searchCtx, query, limit) + if err != nil { + slog.Warn("registry search failed", "registry", r.Name(), "error", err) + resultsCh <- regResult{err: err} + return + } + resultsCh <- regResult{results: results} + }(reg) + } + + // Close results channel after all goroutines complete. + go func() { + wg.Wait() + close(resultsCh) + }() + + var merged []SearchResult + var lastErr error + + var anyRegistrySucceeded bool + for rr := range resultsCh { + if rr.err != nil { + lastErr = rr.err + continue + } + anyRegistrySucceeded = true + merged = append(merged, rr.results...) + } + + // If all registries failed, return the last error. + if !anyRegistrySucceeded && lastErr != nil { + return nil, fmt.Errorf("all registries failed: %w", lastErr) + } + + // Sort by score descending. + sortByScoreDesc(merged) + + // Clamp to limit. + if limit > 0 && len(merged) > limit { + merged = merged[:limit] + } + + return merged, nil +} + +// sortByScoreDesc sorts SearchResults by Score in descending order (insertion sort ā€” small slices). +func sortByScoreDesc(results []SearchResult) { + for i := 1; i < len(results); i++ { + key := results[i] + j := i - 1 + for j >= 0 && results[j].Score < key.Score { + results[j+1] = results[j] + j-- + } + results[j+1] = key + } +} diff --git a/pkg/skills/registry_test.go b/pkg/skills/registry_test.go new file mode 100644 index 000000000..daecd5a59 --- /dev/null +++ b/pkg/skills/registry_test.go @@ -0,0 +1,179 @@ +package skills + +import ( + "context" + "fmt" + "testing" + "time" + + "github.com/sipeed/picoclaw/pkg/utils" + "github.com/stretchr/testify/assert" +) + +// mockRegistry is a test double implementing SkillRegistry. +type mockRegistry struct { + name string + searchResults []SearchResult + searchErr error + meta *SkillMeta + metaErr error + installResult *InstallResult + installErr error +} + +func (m *mockRegistry) Name() string { return m.name } + +func (m *mockRegistry) Search(_ context.Context, _ string, _ int) ([]SearchResult, error) { + return m.searchResults, m.searchErr +} + +func (m *mockRegistry) GetSkillMeta(_ context.Context, _ string) (*SkillMeta, error) { + return m.meta, m.metaErr +} + +func (m *mockRegistry) DownloadAndInstall(_ context.Context, _, _, _ string) (*InstallResult, error) { + return m.installResult, m.installErr +} + +func TestRegistryManagerSearchAllSingle(t *testing.T) { + mgr := NewRegistryManager() + mgr.AddRegistry(&mockRegistry{ + name: "test", + searchResults: []SearchResult{ + {Slug: "skill-a", Score: 0.9, RegistryName: "test"}, + {Slug: "skill-b", Score: 0.5, RegistryName: "test"}, + }, + }) + + results, err := mgr.SearchAll(context.Background(), "test query", 10) + assert.NoError(t, err) + assert.Len(t, results, 2) + assert.Equal(t, "skill-a", results[0].Slug) +} + +func TestRegistryManagerSearchAllMultiple(t *testing.T) { + mgr := NewRegistryManager() + mgr.AddRegistry(&mockRegistry{ + name: "alpha", + searchResults: []SearchResult{ + {Slug: "skill-a", Score: 0.8, RegistryName: "alpha"}, + }, + }) + mgr.AddRegistry(&mockRegistry{ + name: "beta", + searchResults: []SearchResult{ + {Slug: "skill-b", Score: 0.95, RegistryName: "beta"}, + }, + }) + + results, err := mgr.SearchAll(context.Background(), "test query", 10) + assert.NoError(t, err) + assert.Len(t, results, 2) + // Should be sorted by score descending + assert.Equal(t, "skill-b", results[0].Slug) + assert.Equal(t, "skill-a", results[1].Slug) +} + +func TestRegistryManagerSearchAllOneFailsGracefully(t *testing.T) { + mgr := NewRegistryManager() + mgr.AddRegistry(&mockRegistry{ + name: "failing", + searchErr: fmt.Errorf("network error"), + }) + mgr.AddRegistry(&mockRegistry{ + name: "working", + searchResults: []SearchResult{ + {Slug: "skill-a", Score: 0.8, RegistryName: "working"}, + }, + }) + + results, err := mgr.SearchAll(context.Background(), "test query", 10) + assert.NoError(t, err) + assert.Len(t, results, 1) + assert.Equal(t, "skill-a", results[0].Slug) +} + +func TestRegistryManagerSearchAllAllFail(t *testing.T) { + mgr := NewRegistryManager() + mgr.AddRegistry(&mockRegistry{ + name: "fail-1", + searchErr: fmt.Errorf("error 1"), + }) + + _, err := mgr.SearchAll(context.Background(), "test query", 10) + assert.Error(t, err) +} + +func TestRegistryManagerSearchAllNoRegistries(t *testing.T) { + mgr := NewRegistryManager() + _, err := mgr.SearchAll(context.Background(), "test query", 10) + assert.Error(t, err) +} + +func TestRegistryManagerGetRegistry(t *testing.T) { + mgr := NewRegistryManager() + mock := &mockRegistry{name: "clawhub"} + mgr.AddRegistry(mock) + + got := mgr.GetRegistry("clawhub") + assert.NotNil(t, got) + assert.Equal(t, "clawhub", got.Name()) + + got = mgr.GetRegistry("nonexistent") + assert.Nil(t, got) +} + +func TestRegistryManagerSearchAllRespectLimit(t *testing.T) { + mgr := NewRegistryManager() + results := make([]SearchResult, 20) + for i := range results { + results[i] = SearchResult{Slug: fmt.Sprintf("skill-%d", i), Score: float64(20 - i)} + } + mgr.AddRegistry(&mockRegistry{ + name: "test", + searchResults: results, + }) + + got, err := mgr.SearchAll(context.Background(), "test", 5) + assert.NoError(t, err) + assert.Len(t, got, 5) + // Top scores first + assert.Equal(t, "skill-0", got[0].Slug) +} + +func TestRegistryManagerSearchAllTimeout(t *testing.T) { + ctx, cancel := context.WithTimeout(context.Background(), 1*time.Millisecond) + defer cancel() + + time.Sleep(5 * time.Millisecond) // Let context expire. + + mgr := NewRegistryManager() + mgr.AddRegistry(&mockRegistry{ + name: "slow", + searchErr: fmt.Errorf("context deadline exceeded"), + }) + + _, err := mgr.SearchAll(ctx, "test", 5) + assert.Error(t, err) +} + +func TestSortByScoreDesc(t *testing.T) { + results := []SearchResult{ + {Slug: "c", Score: 0.3}, + {Slug: "a", Score: 0.9}, + {Slug: "b", Score: 0.5}, + } + sortByScoreDesc(results) + assert.Equal(t, "a", results[0].Slug) + assert.Equal(t, "b", results[1].Slug) + assert.Equal(t, "c", results[2].Slug) +} + +func TestIsSafeSlug(t *testing.T) { + assert.NoError(t, utils.ValidateSkillIdentifier("github")) + assert.NoError(t, utils.ValidateSkillIdentifier("docker-compose")) + assert.Error(t, utils.ValidateSkillIdentifier("")) + assert.Error(t, utils.ValidateSkillIdentifier("../etc/passwd")) + assert.Error(t, utils.ValidateSkillIdentifier("path/traversal")) + assert.Error(t, utils.ValidateSkillIdentifier("path\\traversal")) +} diff --git a/pkg/skills/search_cache.go b/pkg/skills/search_cache.go new file mode 100644 index 000000000..5d7d2797e --- /dev/null +++ b/pkg/skills/search_cache.go @@ -0,0 +1,229 @@ +package skills + +import ( + "sort" + "strings" + "sync" + "time" +) + +// SearchCache provides lightweight caching for search results. +// It uses trigram-based similarity to match similar queries to cached results, +// avoiding redundant API calls. Thread-safe for concurrent access. +type SearchCache struct { + mu sync.RWMutex + entries map[string]*cacheEntry + order []string // LRU order: oldest first. + maxEntries int + ttl time.Duration +} + +type cacheEntry struct { + query string + trigrams []uint32 + results []SearchResult + createdAt time.Time +} + +// similarityThreshold is the minimum trigram Jaccard similarity for a cache hit. +const similarityThreshold = 0.7 + +// NewSearchCache creates a new search cache. +// maxEntries is the maximum number of cached queries (excess evicts LRU). +// ttl is how long each entry lives before expiration. +func NewSearchCache(maxEntries int, ttl time.Duration) *SearchCache { + if maxEntries <= 0 { + maxEntries = 50 + } + if ttl <= 0 { + ttl = 5 * time.Minute + } + return &SearchCache{ + entries: make(map[string]*cacheEntry), + order: make([]string, 0), + maxEntries: maxEntries, + ttl: ttl, + } +} + +// Get looks up results for a query. Returns cached results and true if found +// (either exact or similar match above threshold). Returns nil, false on miss. +func (sc *SearchCache) Get(query string) ([]SearchResult, bool) { + normalized := normalizeQuery(query) + if normalized == "" { + return nil, false + } + + sc.mu.Lock() + defer sc.mu.Unlock() + + // Exact match first. + if entry, ok := sc.entries[normalized]; ok { + if time.Since(entry.createdAt) < sc.ttl { + sc.moveToEndLocked(normalized) + return copyResults(entry.results), true + } + } + + // Similarity match. + queryTrigrams := buildTrigrams(normalized) + var bestEntry *cacheEntry + var bestSim float64 + + for _, entry := range sc.entries { + if time.Since(entry.createdAt) >= sc.ttl { + continue // Skip expired. + } + sim := jaccardSimilarity(queryTrigrams, entry.trigrams) + if sim > bestSim { + bestSim = sim + bestEntry = entry + } + } + + if bestSim >= similarityThreshold && bestEntry != nil { + sc.moveToEndLocked(bestEntry.query) + return copyResults(bestEntry.results), true + } + + return nil, false +} + +// Put stores results for a query. Evicts the oldest entry if at capacity. +func (sc *SearchCache) Put(query string, results []SearchResult) { + normalized := normalizeQuery(query) + if normalized == "" { + return + } + + sc.mu.Lock() + defer sc.mu.Unlock() + + // Evict expired entries first. + sc.evictExpiredLocked() + + // If already exists, update. + if _, ok := sc.entries[normalized]; ok { + sc.entries[normalized] = &cacheEntry{ + query: normalized, + trigrams: buildTrigrams(normalized), + results: copyResults(results), + createdAt: time.Now(), + } + // Move to end of LRU order. + sc.moveToEndLocked(normalized) + return + } + + // Evict LRU if at capacity. + for len(sc.entries) >= sc.maxEntries && len(sc.order) > 0 { + oldest := sc.order[0] + sc.order = sc.order[1:] + delete(sc.entries, oldest) + } + + // Insert new entry. + sc.entries[normalized] = &cacheEntry{ + query: normalized, + trigrams: buildTrigrams(normalized), + results: copyResults(results), + createdAt: time.Now(), + } + sc.order = append(sc.order, normalized) +} + +// Len returns the number of entries (for testing). +func (sc *SearchCache) Len() int { + sc.mu.RLock() + defer sc.mu.RUnlock() + return len(sc.entries) +} + +// --- internal --- + +func (sc *SearchCache) evictExpiredLocked() { + now := time.Now() + newOrder := make([]string, 0, len(sc.order)) + for _, key := range sc.order { + entry, ok := sc.entries[key] + if !ok || now.Sub(entry.createdAt) >= sc.ttl { + delete(sc.entries, key) + continue + } + newOrder = append(newOrder, key) + } + sc.order = newOrder +} + +func (sc *SearchCache) moveToEndLocked(key string) { + for i, k := range sc.order { + if k == key { + sc.order = append(sc.order[:i], sc.order[i+1:]...) + break + } + } + sc.order = append(sc.order, key) +} + +func normalizeQuery(q string) string { + return strings.ToLower(strings.TrimSpace(q)) +} + +// buildTrigrams generates hash of trigrams from a string. +// Example: "hello" ā†’ {"hel", "ell", "llo"} +// "hel" -> 0x0068656c -> 4 bytes; compared to 16 bytes of a string +func buildTrigrams(s string) []uint32 { + if len(s) < 3 { + return nil + } + + trigrams := make([]uint32, 0, len(s)-2) + for i := 0; i <= len(s)-3; i++ { + trigrams = append(trigrams, uint32(s[i])<<16|uint32(s[i+1])<<8|uint32(s[i+2])) + } + + // Sort and Deduplication + sort.Slice(trigrams, func(i, j int) bool { return trigrams[i] < trigrams[j] }) + n := 1 + for i := 1; i < len(trigrams); i++ { + if trigrams[i] != trigrams[i-1] { + trigrams[n] = trigrams[i] + n++ + } + } + + return trigrams[:n] +} + +// jaccardSimilarity computes |A āˆ© B| / |A āˆŖ B|. +func jaccardSimilarity(a, b []uint32) float64 { + if len(a) == 0 && len(b) == 0 { + return 1 + } + i, j := 0, 0 + intersection := 0 + + for i < len(a) && j < len(b) { + if a[i] == b[j] { + intersection++ + i++ + j++ + } else if a[i] < b[j] { + i++ + } else { + j++ + } + } + + union := len(a) + len(b) - intersection + return float64(intersection) / float64(union) +} + +func copyResults(results []SearchResult) []SearchResult { + if results == nil { + return nil + } + cp := make([]SearchResult, len(results)) + copy(cp, results) + return cp +} diff --git a/pkg/skills/search_cache_test.go b/pkg/skills/search_cache_test.go new file mode 100644 index 000000000..816bdfb93 --- /dev/null +++ b/pkg/skills/search_cache_test.go @@ -0,0 +1,200 @@ +package skills + +import ( + "testing" + "time" + + "github.com/stretchr/testify/assert" +) + +func TestSearchCacheExactHit(t *testing.T) { + cache := NewSearchCache(10, 5*time.Minute) + + results := []SearchResult{ + {Slug: "github", Score: 0.9, RegistryName: "clawhub"}, + {Slug: "docker", Score: 0.7, RegistryName: "clawhub"}, + } + cache.Put("github integration", results) + + got, hit := cache.Get("github integration") + assert.True(t, hit) + assert.Len(t, got, 2) + assert.Equal(t, "github", got[0].Slug) +} + +func TestSearchCacheExactHitCaseInsensitive(t *testing.T) { + cache := NewSearchCache(10, 5*time.Minute) + + results := []SearchResult{{Slug: "github", Score: 0.9}} + cache.Put("GitHub Integration", results) + + got, hit := cache.Get("github integration") + assert.True(t, hit) + assert.Len(t, got, 1) +} + +func TestSearchCacheSimilarHit(t *testing.T) { + cache := NewSearchCache(10, 5*time.Minute) + + results := []SearchResult{{Slug: "github", Score: 0.9}} + cache.Put("github integration tool", results) + + // "github integration" is very similar to "github integration tool" + got, hit := cache.Get("github integration") + assert.True(t, hit) + assert.Len(t, got, 1) +} + +func TestSearchCacheDissimilarMiss(t *testing.T) { + cache := NewSearchCache(10, 5*time.Minute) + + results := []SearchResult{{Slug: "github", Score: 0.9}} + cache.Put("github integration", results) + + // Completely unrelated query + _, hit := cache.Get("database management") + assert.False(t, hit) +} + +func TestSearchCacheTTLExpiration(t *testing.T) { + cache := NewSearchCache(10, 50*time.Millisecond) + + results := []SearchResult{{Slug: "github", Score: 0.9}} + cache.Put("github integration", results) + + // Immediately should hit + _, hit := cache.Get("github integration") + assert.True(t, hit) + + // Wait for expiration + time.Sleep(100 * time.Millisecond) + + _, hit = cache.Get("github integration") + assert.False(t, hit) +} + +func TestSearchCacheLRUEviction(t *testing.T) { + cache := NewSearchCache(3, 5*time.Minute) + + cache.Put("query-1", []SearchResult{{Slug: "a"}}) + cache.Put("query-2", []SearchResult{{Slug: "b"}}) + cache.Put("query-3", []SearchResult{{Slug: "c"}}) + + assert.Equal(t, 3, cache.Len()) + + // Adding a 4th should evict query-1 (oldest) + cache.Put("query-4", []SearchResult{{Slug: "d"}}) + assert.Equal(t, 3, cache.Len()) + + _, hit := cache.Get("query-1") + assert.False(t, hit, "oldest entry should be evicted") + + got, hit := cache.Get("query-4") + assert.True(t, hit) + assert.Equal(t, "d", got[0].Slug) +} + +func TestSearchCacheEmptyQuery(t *testing.T) { + cache := NewSearchCache(10, 5*time.Minute) + + _, hit := cache.Get("") + assert.False(t, hit) + + _, hit = cache.Get(" ") + assert.False(t, hit) +} + +func TestSearchCacheResultsCopied(t *testing.T) { + cache := NewSearchCache(10, 5*time.Minute) + + original := []SearchResult{{Slug: "github", Score: 0.9}} + cache.Put("test", original) + + // Mutate original after putting + original[0].Slug = "mutated" + + got, hit := cache.Get("test") + assert.True(t, hit) + assert.Equal(t, "github", got[0].Slug, "cache should hold a copy, not a reference") +} + +func TestBuildTrigrams(t *testing.T) { + trigrams := buildTrigrams("hello") + assert.Contains(t, trigrams, uint32('h')<<16|uint32('e')<<8|uint32('l')) + assert.Contains(t, trigrams, uint32('e')<<16|uint32('l')<<8|uint32('l')) + assert.Contains(t, trigrams, uint32('l')<<16|uint32('l')<<8|uint32('o')) + assert.Len(t, trigrams, 3) +} + +func TestJaccardSimilarity(t *testing.T) { + a := buildTrigrams("github integration") + b := buildTrigrams("github integration tool") + + sim := jaccardSimilarity(a, b) + assert.Greater(t, sim, 0.5, "similar strings should have high sim") + + c := buildTrigrams("completely different query about databases") + sim2 := jaccardSimilarity(a, c) + assert.Less(t, sim2, 0.3, "dissimilar strings should have low sim") +} + +func TestJaccardSimilarityEdgeCases(t *testing.T) { + empty := buildTrigrams("") + nonempty := buildTrigrams("hello") + + assert.Equal(t, 1.0, jaccardSimilarity(empty, empty)) + assert.Equal(t, 0.0, jaccardSimilarity(empty, nonempty)) + assert.Equal(t, 0.0, jaccardSimilarity(nonempty, empty)) +} + +func TestSearchCacheConcurrency(t *testing.T) { + cache := NewSearchCache(50, 5*time.Minute) + done := make(chan struct{}) + + // Concurrent writes + go func() { + for i := 0; i < 100; i++ { + cache.Put("query-write-"+string(rune('a'+i%26)), []SearchResult{{Slug: "x"}}) + } + done <- struct{}{} + }() + + // Concurrent reads + go func() { + for i := 0; i < 100; i++ { + cache.Get("query-write-a") + } + done <- struct{}{} + }() + + <-done +} + +func TestSearchCacheLRUUpdateOnGet(t *testing.T) { + // Capacity 3 + cache := NewSearchCache(3, time.Hour) + + // Fill cache: query-A, query-B, query-C + // Use longer strings to ensure trigrams are generated and avoid false positive similarity + cache.Put("query-A", []SearchResult{{Slug: "A"}}) + cache.Put("query-B", []SearchResult{{Slug: "B"}}) + cache.Put("query-C", []SearchResult{{Slug: "C"}}) + + // Access query-A (should make it most recently used) + if _, found := cache.Get("query-A"); !found { + t.Fatal("query-A should be in cache") + } + + // Add query-D. Should evict query-B (LRU) instead of query-A (which was refreshed) + cache.Put("query-D", []SearchResult{{Slug: "D"}}) + + // Check if query-A is still there + if _, found := cache.Get("query-A"); !found { + t.Fatalf("query-A was evicted! valid LRU should have kept query-A and evicted query-B.") + } + + // Check if query-B is evicted + if _, found := cache.Get("query-B"); found { + t.Fatal("query-B should have been evicted") + } +} diff --git a/pkg/tools/skills_install.go b/pkg/tools/skills_install.go new file mode 100644 index 000000000..6b05918ce --- /dev/null +++ b/pkg/tools/skills_install.go @@ -0,0 +1,199 @@ +package tools + +import ( + "context" + "encoding/json" + "fmt" + "os" + "path/filepath" + "sync" + "time" + + "github.com/sipeed/picoclaw/pkg/logger" + "github.com/sipeed/picoclaw/pkg/skills" + "github.com/sipeed/picoclaw/pkg/utils" +) + +// InstallSkillTool allows the LLM agent to install skills from registries. +// It shares the same RegistryManager that FindSkillsTool uses, +// so all registries configured in config are available for installation. +type InstallSkillTool struct { + registryMgr *skills.RegistryManager + workspace string + mu sync.Mutex +} + +// NewInstallSkillTool creates a new InstallSkillTool. +// registryMgr is the shared registry manager (same instance as FindSkillsTool). +// workspace is the root workspace directory; skills install to {workspace}/skills/{slug}/. +func NewInstallSkillTool(registryMgr *skills.RegistryManager, workspace string) *InstallSkillTool { + return &InstallSkillTool{ + registryMgr: registryMgr, + workspace: workspace, + mu: sync.Mutex{}, + } +} + +func (t *InstallSkillTool) Name() string { + return "install_skill" +} + +func (t *InstallSkillTool) Description() string { + return "Install a skill from a registry by slug. Downloads and extracts the skill into the workspace. Use find_skills first to discover available skills." +} + +func (t *InstallSkillTool) Parameters() map[string]interface{} { + return map[string]interface{}{ + "type": "object", + "properties": map[string]interface{}{ + "slug": map[string]interface{}{ + "type": "string", + "description": "The unique slug of the skill to install (e.g., 'github', 'docker-compose')", + }, + "version": map[string]interface{}{ + "type": "string", + "description": "Specific version to install (optional, defaults to latest)", + }, + "registry": map[string]interface{}{ + "type": "string", + "description": "Registry to install from (required, e.g., 'clawhub')", + }, + "force": map[string]interface{}{ + "type": "boolean", + "description": "Force reinstall if skill already exists (default false)", + }, + }, + "required": []string{"slug", "registry"}, + } +} + +func (t *InstallSkillTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { + // Install lock to prevent concurrent directory operations. + // Ideally this should be done at a `slug` level, currently, its at a `workspace` level. + t.mu.Lock() + defer t.mu.Unlock() + + // Validate slug + slug, _ := args["slug"].(string) + if err := utils.ValidateSkillIdentifier(slug); err != nil { + return ErrorResult(fmt.Sprintf("invalid slug %q: error: %s", slug, err.Error())) + } + + // Validate registry + registryName, _ := args["registry"].(string) + if err := utils.ValidateSkillIdentifier(registryName); err != nil { + return ErrorResult(fmt.Sprintf("invalid registry %q: error: %s", registryName, err.Error())) + } + + version, _ := args["version"].(string) + force, _ := args["force"].(bool) + + // Check if already installed. + skillsDir := filepath.Join(t.workspace, "skills") + targetDir := filepath.Join(skillsDir, slug) + + if !force { + if _, err := os.Stat(targetDir); err == nil { + return ErrorResult(fmt.Sprintf("skill %q already installed at %s. Use force=true to reinstall.", slug, targetDir)) + } + } else { + // Force: remove existing if present. + os.RemoveAll(targetDir) + } + + // Resolve which registry to use. + registry := t.registryMgr.GetRegistry(registryName) + if registry == nil { + return ErrorResult(fmt.Sprintf("registry %q not found", registryName)) + } + + // Ensure skills directory exists. + if err := os.MkdirAll(skillsDir, 0755); err != nil { + return ErrorResult(fmt.Sprintf("failed to create skills directory: %v", err)) + } + + // Download and install (handles metadata, version resolution, extraction). + result, err := registry.DownloadAndInstall(ctx, slug, version, targetDir) + if err != nil { + // Clean up partial install. + rmErr := os.RemoveAll(targetDir) + if rmErr != nil { + logger.ErrorCF("tool", "Failed to remove partial install", + map[string]interface{}{ + "tool": "install_skill", + "target_dir": targetDir, + "error": rmErr.Error(), + }) + } + return ErrorResult(fmt.Sprintf("failed to install %q: %v", slug, err)) + } + + // Moderation: block malware. + if result.IsMalwareBlocked { + rmErr := os.RemoveAll(targetDir) + if rmErr != nil { + logger.ErrorCF("tool", "Failed to remove partial install", + map[string]interface{}{ + "tool": "install_skill", + "target_dir": targetDir, + "error": rmErr.Error(), + }) + } + return ErrorResult(fmt.Sprintf("skill %q is flagged as malicious and cannot be installed", slug)) + } + + // Write origin metadata. + if err := writeOriginMeta(targetDir, registry.Name(), slug, result.Version); err != nil { + logger.ErrorCF("tool", "Failed to write origin metadata", + map[string]interface{}{ + "tool": "install_skill", + "error": err.Error(), + "target": targetDir, + "registry": registry.Name(), + "slug": slug, + "version": result.Version, + }) + _ = err + } + + // Build result with moderation warning if suspicious. + var output string + if result.IsSuspicious { + output = fmt.Sprintf("āš ļø Warning: skill %q is flagged as suspicious (may contain risky patterns).\n\n", slug) + } + output += fmt.Sprintf("Successfully installed skill %q v%s from %s registry.\nLocation: %s\n", + slug, result.Version, registry.Name(), targetDir) + + if result.Summary != "" { + output += fmt.Sprintf("Description: %s\n", result.Summary) + } + output += "\nThe skill is now available and can be loaded in the current session." + + return SilentResult(output) +} + +// originMeta tracks which registry a skill was installed from. +type originMeta struct { + Version int `json:"version"` + Registry string `json:"registry"` + Slug string `json:"slug"` + InstalledVersion string `json:"installed_version"` + InstalledAt int64 `json:"installed_at"` +} + +func writeOriginMeta(targetDir, registryName, slug, version string) error { + meta := originMeta{ + Version: 1, + Registry: registryName, + Slug: slug, + InstalledVersion: version, + InstalledAt: time.Now().UnixMilli(), + } + + data, err := json.MarshalIndent(meta, "", " ") + if err != nil { + return err + } + + return os.WriteFile(filepath.Join(targetDir, ".skill-origin.json"), data, 0644) +} diff --git a/pkg/tools/skills_install_test.go b/pkg/tools/skills_install_test.go new file mode 100644 index 000000000..e6941a950 --- /dev/null +++ b/pkg/tools/skills_install_test.go @@ -0,0 +1,103 @@ +package tools + +import ( + "context" + "os" + "path/filepath" + "testing" + + "github.com/sipeed/picoclaw/pkg/skills" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestInstallSkillToolName(t *testing.T) { + tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) + assert.Equal(t, "install_skill", tool.Name()) +} + +func TestInstallSkillToolMissingSlug(t *testing.T) { + tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) + result := tool.Execute(context.Background(), map[string]interface{}{}) + assert.True(t, result.IsError) + assert.Contains(t, result.ForLLM, "identifier is required and must be a non-empty string") +} + +func TestInstallSkillToolEmptySlug(t *testing.T) { + tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) + result := tool.Execute(context.Background(), map[string]interface{}{ + "slug": " ", + }) + assert.True(t, result.IsError) + assert.Contains(t, result.ForLLM, "identifier is required and must be a non-empty string") +} + +func TestInstallSkillToolUnsafeSlug(t *testing.T) { + tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) + + cases := []string{ + "../etc/passwd", + "path/traversal", + "path\\traversal", + } + + for _, slug := range cases { + result := tool.Execute(context.Background(), map[string]interface{}{ + "slug": slug, + }) + assert.True(t, result.IsError, "slug %q should be rejected", slug) + assert.Contains(t, result.ForLLM, "invalid slug") + } +} + +func TestInstallSkillToolAlreadyExists(t *testing.T) { + workspace := t.TempDir() + skillDir := filepath.Join(workspace, "skills", "existing-skill") + require.NoError(t, os.MkdirAll(skillDir, 0755)) + + tool := NewInstallSkillTool(skills.NewRegistryManager(), workspace) + result := tool.Execute(context.Background(), map[string]interface{}{ + "slug": "existing-skill", + "registry": "clawhub", + }) + assert.True(t, result.IsError) + assert.Contains(t, result.ForLLM, "already installed") +} + +func TestInstallSkillToolRegistryNotFound(t *testing.T) { + workspace := t.TempDir() + tool := NewInstallSkillTool(skills.NewRegistryManager(), workspace) + result := tool.Execute(context.Background(), map[string]interface{}{ + "slug": "some-skill", + "registry": "nonexistent", + }) + assert.True(t, result.IsError) + assert.Contains(t, result.ForLLM, "registry") + assert.Contains(t, result.ForLLM, "not found") +} + +func TestInstallSkillToolParameters(t *testing.T) { + tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) + params := tool.Parameters() + + props, ok := params["properties"].(map[string]interface{}) + assert.True(t, ok) + assert.Contains(t, props, "slug") + assert.Contains(t, props, "version") + assert.Contains(t, props, "registry") + assert.Contains(t, props, "force") + + required, ok := params["required"].([]string) + assert.True(t, ok) + assert.Contains(t, required, "slug") + assert.Contains(t, required, "registry") +} + +func TestInstallSkillToolMissingRegistry(t *testing.T) { + tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) + result := tool.Execute(context.Background(), map[string]interface{}{ + "slug": "some-skill", + }) + assert.True(t, result.IsError) + assert.Contains(t, result.ForLLM, "invalid registry") +} diff --git a/pkg/tools/skills_search.go b/pkg/tools/skills_search.go new file mode 100644 index 000000000..b12949ec2 --- /dev/null +++ b/pkg/tools/skills_search.go @@ -0,0 +1,119 @@ +package tools + +import ( + "context" + "fmt" + "strings" + + "github.com/sipeed/picoclaw/pkg/skills" +) + +// FindSkillsTool allows the LLM agent to search for installable skills from registries. +type FindSkillsTool struct { + registryMgr *skills.RegistryManager + cache *skills.SearchCache +} + +// NewFindSkillsTool creates a new FindSkillsTool. +// registryMgr is the shared registry manager (built from config in createToolRegistry). +// cache is the search cache for deduplicating similar queries. +func NewFindSkillsTool(registryMgr *skills.RegistryManager, cache *skills.SearchCache) *FindSkillsTool { + return &FindSkillsTool{ + registryMgr: registryMgr, + cache: cache, + } +} + +func (t *FindSkillsTool) Name() string { + return "find_skills" +} + +func (t *FindSkillsTool) Description() string { + return "Search for installable skills from skill registries. Returns skill slugs, descriptions, versions, and relevance scores. Use this to discover skills before installing them with install_skill." +} + +func (t *FindSkillsTool) Parameters() map[string]interface{} { + return map[string]interface{}{ + "type": "object", + "properties": map[string]interface{}{ + "query": map[string]interface{}{ + "type": "string", + "description": "Search query describing the desired skill capability (e.g., 'github integration', 'database management')", + }, + "limit": map[string]interface{}{ + "type": "integer", + "description": "Maximum number of results to return (1-20, default 5)", + "minimum": 1.0, + "maximum": 20.0, + }, + }, + "required": []string{"query"}, + } +} + +func (t *FindSkillsTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { + query, ok := args["query"].(string) + query = strings.ToLower(strings.TrimSpace(query)) + if !ok || query == "" { + return ErrorResult("query is required and must be a non-empty string") + } + + limit := 5 + if l, ok := args["limit"].(float64); ok { + li := int(l) + if li >= 1 && li <= 20 { + limit = li + } + } + + // Check cache first. + if t.cache != nil { + if cached, hit := t.cache.Get(query); hit { + return SilentResult(formatSearchResults(query, cached, true)) + } + } + + // Search all registries. + results, err := t.registryMgr.SearchAll(ctx, query, limit) + if err != nil { + return ErrorResult(fmt.Sprintf("skill search failed: %v", err)) + } + + // Cache the results. + if t.cache != nil && len(results) > 0 { + t.cache.Put(query, results) + } + + return SilentResult(formatSearchResults(query, results, false)) +} + +func formatSearchResults(query string, results []skills.SearchResult, cached bool) string { + if len(results) == 0 { + return fmt.Sprintf("No skills found for query: %q", query) + } + + var sb strings.Builder + source := "" + if cached { + source = " (cached)" + } + sb.WriteString(fmt.Sprintf("Found %d skills for %q%s:\n\n", len(results), query, source)) + + for i, r := range results { + sb.WriteString(fmt.Sprintf("%d. **%s**", i+1, r.Slug)) + if r.Version != "" { + sb.WriteString(fmt.Sprintf(" v%s", r.Version)) + } + sb.WriteString(fmt.Sprintf(" (score: %.3f, registry: %s)\n", r.Score, r.RegistryName)) + if r.DisplayName != "" && r.DisplayName != r.Slug { + sb.WriteString(fmt.Sprintf(" Name: %s\n", r.DisplayName)) + } + if r.Summary != "" { + sb.WriteString(fmt.Sprintf(" %s\n", r.Summary)) + } + sb.WriteString("\n") + } + + sb.WriteString("Use install_skill with the slug to install a skill.") + return sb.String() +} diff --git a/pkg/tools/skills_search_test.go b/pkg/tools/skills_search_test.go new file mode 100644 index 000000000..7e07b2775 --- /dev/null +++ b/pkg/tools/skills_search_test.go @@ -0,0 +1,82 @@ +package tools + +import ( + "context" + "testing" + + "github.com/sipeed/picoclaw/pkg/skills" + "github.com/stretchr/testify/assert" +) + +func TestFindSkillsToolName(t *testing.T) { + tool := NewFindSkillsTool(skills.NewRegistryManager(), nil) + assert.Equal(t, "find_skills", tool.Name()) +} + +func TestFindSkillsToolMissingQuery(t *testing.T) { + tool := NewFindSkillsTool(skills.NewRegistryManager(), nil) + result := tool.Execute(context.Background(), map[string]interface{}{}) + assert.True(t, result.IsError) + assert.Contains(t, result.ForLLM, "query is required") +} + +func TestFindSkillsToolEmptyQuery(t *testing.T) { + tool := NewFindSkillsTool(skills.NewRegistryManager(), nil) + result := tool.Execute(context.Background(), map[string]interface{}{ + "query": " ", + }) + assert.True(t, result.IsError) +} + +func TestFindSkillsToolCacheHit(t *testing.T) { + cache := skills.NewSearchCache(10, 5*60*1000*1000*1000) // 5 min + cache.Put("github", []skills.SearchResult{ + {Slug: "github", Score: 0.9, RegistryName: "clawhub"}, + }) + + tool := NewFindSkillsTool(skills.NewRegistryManager(), cache) + result := tool.Execute(context.Background(), map[string]interface{}{ + "query": "github", + }) + + assert.False(t, result.IsError) + assert.Contains(t, result.ForLLM, "github") + assert.Contains(t, result.ForLLM, "cached") +} + +func TestFindSkillsToolParameters(t *testing.T) { + tool := NewFindSkillsTool(skills.NewRegistryManager(), nil) + params := tool.Parameters() + + props, ok := params["properties"].(map[string]interface{}) + assert.True(t, ok) + assert.Contains(t, props, "query") + assert.Contains(t, props, "limit") + + required, ok := params["required"].([]string) + assert.True(t, ok) + assert.Contains(t, required, "query") +} + +func TestFindSkillsToolDescription(t *testing.T) { + tool := NewFindSkillsTool(skills.NewRegistryManager(), nil) + assert.NotEmpty(t, tool.Description()) + assert.Contains(t, tool.Description(), "skill") +} + +func TestFormatSearchResultsEmpty(t *testing.T) { + result := formatSearchResults("test query", nil, false) + assert.Contains(t, result, "No skills found") +} + +func TestFormatSearchResultsWithData(t *testing.T) { + results := []skills.SearchResult{ + {Slug: "github", Score: 0.95, DisplayName: "GitHub", Summary: "GitHub API integration", Version: "1.0.0", RegistryName: "clawhub"}, + } + output := formatSearchResults("github", results, false) + assert.Contains(t, output, "github") + assert.Contains(t, output, "v1.0.0") + assert.Contains(t, output, "0.950") + assert.Contains(t, output, "clawhub") + assert.Contains(t, output, "install_skill") +} diff --git a/pkg/utils/download.go b/pkg/utils/download.go new file mode 100644 index 000000000..9fa7fbfa7 --- /dev/null +++ b/pkg/utils/download.go @@ -0,0 +1,93 @@ +package utils + +import ( + "context" + "fmt" + "io" + "net/http" + "os" + + "github.com/sipeed/picoclaw/pkg/logger" +) + +// DownloadToFile streams an HTTP response body to a temporary file in small +// chunks (~32KB), keeping peak memory usage constant regardless of file size. +// +// Parameters: +// - ctx: context for cancellation/timeout +// - client: HTTP client to use (caller controls timeouts, transport, etc.) +// - req: fully prepared *http.Request (method, URL, headers, etc.) +// - maxBytes: maximum bytes to download; 0 means no limit +// +// Returns the path to the temporary file. The caller is responsible for +// removing it when done (defer os.Remove(path)). +// +// On any error the temp file is cleaned up automatically. +func DownloadToFile(ctx context.Context, client *http.Client, req *http.Request, maxBytes int64) (string, error) { + // Attach context. + req = req.WithContext(ctx) + + logger.DebugCF("download", "Starting download", map[string]interface{}{ + "url": req.URL.String(), + "max_bytes": maxBytes, + }) + + resp, err := client.Do(req) + if err != nil { + return "", fmt.Errorf("request failed: %w", err) + } + defer resp.Body.Close() + + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + // Read a small amount for the error message. + errBody := make([]byte, 512) + n, _ := io.ReadFull(resp.Body, errBody) + return "", fmt.Errorf("HTTP %d: %s", resp.StatusCode, string(errBody[:n])) + } + + // Create temp file. + tmpFile, err := os.CreateTemp("", "picoclaw-dl-*") + if err != nil { + return "", fmt.Errorf("failed to create temp file: %w", err) + } + tmpPath := tmpFile.Name() + + logger.DebugCF("download", "Streaming to temp file", map[string]interface{}{ + "path": tmpPath, + }) + + // Cleanup helper ā€” removes the temp file on any error. + cleanup := func() { + _ = tmpFile.Close() + _ = os.Remove(tmpPath) + } + + // Optionally limit the download size. + var src io.Reader = resp.Body + if maxBytes > 0 { + src = io.LimitReader(resp.Body, maxBytes+1) // +1 to detect overflow + } + + written, err := io.Copy(tmpFile, src) + if err != nil { + cleanup() + return "", fmt.Errorf("download write failed: %w", err) + } + + if maxBytes > 0 && written > maxBytes { + cleanup() + return "", fmt.Errorf("download too large: %d bytes (max %d)", written, maxBytes) + } + + if err := tmpFile.Close(); err != nil { + _ = os.Remove(tmpPath) + return "", fmt.Errorf("failed to close temp file: %w", err) + } + + logger.DebugCF("download", "Download complete", map[string]interface{}{ + "path": tmpPath, + "bytes_written": written, + }) + + return tmpPath, nil +} diff --git a/pkg/utils/skills.go b/pkg/utils/skills.go new file mode 100644 index 000000000..1d2cfac7f --- /dev/null +++ b/pkg/utils/skills.go @@ -0,0 +1,19 @@ +package utils + +import ( + "fmt" + "strings" +) + +// ValidateSkillIdentifier validates that the given skill identifier (slug or registry name) is non-empty +// and does not contain path separators ("/", "\\") or ".." for security. +func ValidateSkillIdentifier(identifier string) error { + trimmed := strings.TrimSpace(identifier) + if trimmed == "" { + return fmt.Errorf("identifier is required and must be a non-empty string") + } + if strings.ContainsAny(trimmed, "/\\") || strings.Contains(trimmed, "..") { + return fmt.Errorf("identifier must not contain path separators or '..' to prevent directory traversal") + } + return nil +} diff --git a/pkg/utils/string.go b/pkg/utils/string.go index 0d9837cb9..7a6aa37cc 100644 --- a/pkg/utils/string.go +++ b/pkg/utils/string.go @@ -14,3 +14,12 @@ func Truncate(s string, maxLen int) string { } return string(runes[:maxLen-3]) + "..." } + +// DerefStr dereferences a pointer to a string and +// returns the value or a fallback if the pointer is nil. +func DerefStr(s *string, fallback string) string { + if s == nil { + return fallback + } + return *s +} diff --git a/pkg/utils/zip.go b/pkg/utils/zip.go new file mode 100644 index 000000000..cad91e420 --- /dev/null +++ b/pkg/utils/zip.go @@ -0,0 +1,120 @@ +package utils + +import ( + "archive/zip" + "fmt" + "io" + "os" + "path/filepath" + "strings" + + "github.com/sipeed/picoclaw/pkg/logger" +) + +// ExtractZipFile extracts a ZIP archive from disk to targetDir. +// It reads entries one at a time from disk, keeping memory usage minimal. +// +// Security: rejects path traversal attempts and symlinks. +func ExtractZipFile(zipPath string, targetDir string) error { + reader, err := zip.OpenReader(zipPath) + if err != nil { + return fmt.Errorf("invalid ZIP: %w", err) + } + defer reader.Close() + + logger.DebugCF("zip", "Extracting ZIP", map[string]interface{}{ + "zip_path": zipPath, + "target_dir": targetDir, + "entries": len(reader.File), + }) + + if err := os.MkdirAll(targetDir, 0755); err != nil { + return fmt.Errorf("failed to create target dir: %w", err) + } + + for _, f := range reader.File { + // Path traversal protection. + cleanName := filepath.Clean(f.Name) + if strings.HasPrefix(cleanName, "..") || filepath.IsAbs(cleanName) { + return fmt.Errorf("zip entry has unsafe path: %q", f.Name) + } + + destPath := filepath.Join(targetDir, cleanName) + + // Double-check the resolved path is within target directory (defense-in-depth). + targetDirClean := filepath.Clean(targetDir) + if !strings.HasPrefix(filepath.Clean(destPath), targetDirClean+string(filepath.Separator)) && filepath.Clean(destPath) != targetDirClean { + return fmt.Errorf("zip entry escapes target dir: %q", f.Name) + } + + mode := f.FileInfo().Mode() + + // Reject any symlink. + if mode&os.ModeSymlink != 0 { + return fmt.Errorf("zip contains symlink %q; symlinks are not allowed", f.Name) + } + + if f.FileInfo().IsDir() { + if err := os.MkdirAll(destPath, 0755); err != nil { + return err + } + continue + } + + // Ensure parent directory exists. + if err := os.MkdirAll(filepath.Dir(destPath), 0755); err != nil { + return err + } + + if err := extractSingleFile(f, destPath); err != nil { + return err + } + } + + return nil +} + +// extractSingleFile extracts one zip.File entry to destPath, with a size check. +func extractSingleFile(f *zip.File, destPath string) error { + const maxFileSize = 5 * 1024 * 1024 // 5MB, adjust as appropriate + + // Check the uncompressed size from the header, if available. + if f.UncompressedSize64 > maxFileSize { + return fmt.Errorf("zip entry %q is too large (%d bytes)", f.Name, f.UncompressedSize64) + } + + rc, err := f.Open() + if err != nil { + return fmt.Errorf("failed to open zip entry %q: %w", f.Name, err) + } + defer rc.Close() + + outFile, err := os.Create(destPath) + if err != nil { + return fmt.Errorf("failed to create file %q: %w", destPath, err) + } + // We don't return the close error via return, since it's not a named error return. + // Instead, we log to stderr and remove the partially written file as defensive cleanup. + defer func() { + if cerr := outFile.Close(); cerr != nil { + _ = os.Remove(destPath) + logger.ErrorCF("zip", "Failed to close file", map[string]interface{}{ + "dest_path": destPath, + "error": cerr.Error(), + }) + } + }() + + // Streamed size check: prevent overruns and malicious/corrupt headers. + written, err := io.CopyN(outFile, rc, maxFileSize+1) + if err != nil && err != io.EOF { + _ = os.Remove(destPath) + return fmt.Errorf("failed to extract %q: %w", f.Name, err) + } + if written > maxFileSize { + _ = os.Remove(destPath) + return fmt.Errorf("zip entry %q exceeds max size (%d bytes)", f.Name, written) + } + + return nil +} From bca92433ba209e1866c86eaa342f708f29ba882e Mon Sep 17 00:00:00 2001 From: Yasuhiro Matsumoto Date: Fri, 20 Feb 2026 16:06:33 +0900 Subject: [PATCH 09/88] Use strings.Builder instead of += concatenation in loops --- pkg/agent/context.go | 6 ++--- pkg/agent/loop.go | 54 +++++++++++++++++++++------------------ pkg/agent/memory.go | 61 +++++++++++++++++++------------------------- 3 files changed, 58 insertions(+), 63 deletions(-) diff --git a/pkg/agent/context.go b/pkg/agent/context.go index 27e3ef9dc..78f5f1ffa 100644 --- a/pkg/agent/context.go +++ b/pkg/agent/context.go @@ -146,15 +146,15 @@ func (cb *ContextBuilder) LoadBootstrapFiles() string { "IDENTITY.md", } - var result string + var sb strings.Builder for _, filename := range bootstrapFiles { filePath := filepath.Join(cb.workspace, filename) if data, err := os.ReadFile(filePath); err == nil { - result += fmt.Sprintf("## %s\n\n%s\n\n", filename, string(data)) + fmt.Fprintf(&sb, "## %s\n\n%s\n\n", filename, data) } } - return result + return sb.String() } func (cb *ContextBuilder) BuildMessages(history []providers.Message, summary string, currentMessage string, media []string, channel, chatID string) []providers.Message { diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index e7b48d47a..bec44325e 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -818,49 +818,49 @@ func formatMessagesForLog(messages []providers.Message) string { return "[]" } - var result string - result += "[\n" + var sb strings.Builder + sb.WriteString("[\n") for i, msg := range messages { - result += fmt.Sprintf(" [%d] Role: %s\n", i, msg.Role) + fmt.Fprintf(&sb, " [%d] Role: %s\n", i, msg.Role) if len(msg.ToolCalls) > 0 { - result += " ToolCalls:\n" + sb.WriteString(" ToolCalls:\n") for _, tc := range msg.ToolCalls { - result += fmt.Sprintf(" - ID: %s, Type: %s, Name: %s\n", tc.ID, tc.Type, tc.Name) + fmt.Fprintf(&sb, " - ID: %s, Type: %s, Name: %s\n", tc.ID, tc.Type, tc.Name) if tc.Function != nil { - result += fmt.Sprintf(" Arguments: %s\n", utils.Truncate(tc.Function.Arguments, 200)) + fmt.Fprintf(&sb, " Arguments: %s\n", utils.Truncate(tc.Function.Arguments, 200)) } } } if msg.Content != "" { content := utils.Truncate(msg.Content, 200) - result += fmt.Sprintf(" Content: %s\n", content) + fmt.Fprintf(&sb, " Content: %s\n", content) } if msg.ToolCallID != "" { - result += fmt.Sprintf(" ToolCallID: %s\n", msg.ToolCallID) + fmt.Fprintf(&sb, " ToolCallID: %s\n", msg.ToolCallID) } - result += "\n" + sb.WriteString("\n") } - result += "]" - return result + sb.WriteString("]") + return sb.String() } // formatToolsForLog formats tool definitions for logging -func formatToolsForLog(tools []providers.ToolDefinition) string { - if len(tools) == 0 { +func formatToolsForLog(toolDefs []providers.ToolDefinition) string { + if len(toolDefs) == 0 { return "[]" } - var result string - result += "[\n" - for i, tool := range tools { - result += fmt.Sprintf(" [%d] Type: %s, Name: %s\n", i, tool.Type, tool.Function.Name) - result += fmt.Sprintf(" Description: %s\n", tool.Function.Description) + var sb strings.Builder + sb.WriteString("[\n") + for i, tool := range toolDefs { + fmt.Fprintf(&sb, " [%d] Type: %s, Name: %s\n", i, tool.Type, tool.Function.Name) + fmt.Fprintf(&sb, " Description: %s\n", tool.Function.Description) if len(tool.Function.Parameters) > 0 { - result += fmt.Sprintf(" Parameters: %s\n", utils.Truncate(fmt.Sprintf("%v", tool.Function.Parameters), 200)) + fmt.Fprintf(&sb, " Parameters: %s\n", utils.Truncate(fmt.Sprintf("%v", tool.Function.Parameters), 200)) } } - result += "]" - return result + sb.WriteString("]") + return sb.String() } // summarizeSession summarizes the conversation history for a session. @@ -936,14 +936,18 @@ func (al *AgentLoop) summarizeSession(agent *AgentInstance, sessionKey string) { // summarizeBatch summarizes a batch of messages. func (al *AgentLoop) summarizeBatch(ctx context.Context, agent *AgentInstance, batch []providers.Message, existingSummary string) (string, error) { - prompt := "Provide a concise summary of this conversation segment, preserving core context and key points.\n" + var sb strings.Builder + sb.WriteString("Provide a concise summary of this conversation segment, preserving core context and key points.\n") if existingSummary != "" { - prompt += "Existing context: " + existingSummary + "\n" + sb.WriteString("Existing context: ") + sb.WriteString(existingSummary) + sb.WriteString("\n") } - prompt += "\nCONVERSATION:\n" + sb.WriteString("\nCONVERSATION:\n") for _, m := range batch { - prompt += fmt.Sprintf("%s: %s\n", m.Role, m.Content) + fmt.Fprintf(&sb, "%s: %s\n", m.Role, m.Content) } + prompt := sb.String() response, err := agent.Provider.Chat(ctx, []providers.Message{{Role: "user", Content: prompt}}, nil, agent.Model, map[string]interface{}{ "max_tokens": 1024, diff --git a/pkg/agent/memory.go b/pkg/agent/memory.go index 3f6896f91..6e5d0ba40 100644 --- a/pkg/agent/memory.go +++ b/pkg/agent/memory.go @@ -10,6 +10,7 @@ import ( "fmt" "os" "path/filepath" + "strings" "time" ) @@ -100,7 +101,8 @@ func (ms *MemoryStore) AppendToday(content string) error { // GetRecentDailyNotes returns daily notes from the last N days. // Contents are joined with "---" separator. func (ms *MemoryStore) GetRecentDailyNotes(days int) string { - var notes []string + var sb strings.Builder + first := true for i := 0; i < days; i++ { date := time.Now().AddDate(0, 0, -i) @@ -109,53 +111,42 @@ func (ms *MemoryStore) GetRecentDailyNotes(days int) string { filePath := filepath.Join(ms.memoryDir, monthDir, dateStr+".md") if data, err := os.ReadFile(filePath); err == nil { - notes = append(notes, string(data)) + if !first { + sb.WriteString("\n\n---\n\n") + } + sb.Write(data) + first = false } } - if len(notes) == 0 { - return "" - } - - // Join with separator - var result string - for i, note := range notes { - if i > 0 { - result += "\n\n---\n\n" - } - result += note - } - return result + return sb.String() } // GetMemoryContext returns formatted memory context for the agent prompt. // Includes long-term memory and recent daily notes. func (ms *MemoryStore) GetMemoryContext() string { - var parts []string - - // Long-term memory longTerm := ms.ReadLongTerm() - if longTerm != "" { - parts = append(parts, "## Long-term Memory\n\n"+longTerm) - } - - // Recent daily notes (last 3 days) recentNotes := ms.GetRecentDailyNotes(3) - if recentNotes != "" { - parts = append(parts, "## Recent Daily Notes\n\n"+recentNotes) - } - if len(parts) == 0 { + if longTerm == "" && recentNotes == "" { return "" } - // Join parts with separator - var result string - for i, part := range parts { - if i > 0 { - result += "\n\n---\n\n" - } - result += part + var sb strings.Builder + sb.WriteString("# Memory\n\n") + + if longTerm != "" { + sb.WriteString("## Long-term Memory\n\n") + sb.WriteString(longTerm) } - return fmt.Sprintf("# Memory\n\n%s", result) + + if recentNotes != "" { + if longTerm != "" { + sb.WriteString("\n\n---\n\n") + } + sb.WriteString("## Recent Daily Notes\n\n") + sb.WriteString(recentNotes) + } + + return sb.String() } From 2fb2a733d425ac6b023fd0adcc18a2ee3abc1618 Mon Sep 17 00:00:00 2001 From: Vernon Stinebaker Date: Fri, 20 Feb 2026 19:18:37 +0800 Subject: [PATCH 10/88] feat(discord): add mention_only option for @-mention responses (#518) * feat(discord): add mention_only option for @-mention responses Add MentionOnly config option to Discord channel. When enabled, the bot only responds when explicitly @-mentioned, useful for shared servers. - Add MentionOnly bool field to DiscordConfig - Store botUserID on startup for mention checking - Check m.Mentions before processing messages when MentionOnly is true - Update config example and README documentation * fix(discord): resolve race condition and strip mention from content - Get botUserID before opening session to avoid race condition - Add stripBotMention to remove @mention from message content - Handles both <@USER_ID> and <@!USER_ID> mention formats * fix(discord): skip mention_only check for DMs DMs should always be responded to regardless of mention_only setting. Added check to skip the mention_only logic when GuildID is empty. * Update README.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Hua Audio <161028864+Huaaudio@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- README.md | 7 ++++- config/config.example.json | 3 ++- pkg/channels/discord.go | 55 +++++++++++++++++++++++++++++++------- pkg/config/config.go | 7 ++--- pkg/config/defaults.go | 7 ++--- 5 files changed, 62 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 468350409..a9065d2a4 100644 --- a/README.md +++ b/README.md @@ -334,7 +334,8 @@ picoclaw gateway "discord": { "enabled": true, "token": "YOUR_BOT_TOKEN", - "allow_from": ["YOUR_USER_ID"] + "allow_from": ["YOUR_USER_ID"], + "mention_only": false } } } @@ -347,6 +348,10 @@ picoclaw gateway * Bot Permissions: `Send Messages`, `Read Message History` * Open the generated invite URL and add the bot to your server +**Optional: Mention-only mode** + +Set `"mention_only": true` to make the bot respond only when @-mentioned. Useful for shared servers where you want the bot to respond only when explicitly called. + **6. Run** ```bash diff --git a/config/config.example.json b/config/config.example.json index fa87fbec7..07b75d785 100644 --- a/config/config.example.json +++ b/config/config.example.json @@ -57,7 +57,8 @@ "discord": { "enabled": false, "token": "YOUR_DISCORD_BOT_TOKEN", - "allow_from": [] + "allow_from": [], + "mention_only": false }, "qq": { "enabled": false, diff --git a/pkg/channels/discord.go b/pkg/channels/discord.go index 9ddec662c..342ddb478 100644 --- a/pkg/channels/discord.go +++ b/pkg/channels/discord.go @@ -4,6 +4,7 @@ import ( "context" "fmt" "os" + "strings" "sync" "time" @@ -28,6 +29,7 @@ type DiscordChannel struct { ctx context.Context typingMu sync.Mutex typingStop map[string]chan struct{} // chatID ā†’ stop signal + botUserID string // stored for mention checking } func NewDiscordChannel(cfg config.DiscordConfig, bus *bus.MessageBus) (*DiscordChannel, error) { @@ -63,6 +65,14 @@ func (c *DiscordChannel) Start(ctx context.Context) error { logger.InfoC("discord", "Starting Discord bot") c.ctx = ctx + + // Get bot user ID before opening session to avoid race condition + botUser, err := c.session.User("@me") + if err != nil { + return fmt.Errorf("failed to get bot user: %w", err) + } + c.botUserID = botUser.ID + c.session.AddHandler(c.handleMessage) if err := c.session.Open(); err != nil { @@ -71,10 +81,6 @@ func (c *DiscordChannel) Start(ctx context.Context) error { c.setRunning(true) - botUser, err := c.session.User("@me") - if err != nil { - return fmt.Errorf("failed to get bot user: %w", err) - } logger.InfoCF("discord", "Discord bot connected", map[string]any{ "username": botUser.Username, "user_id": botUser.ID, @@ -131,7 +137,7 @@ func (c *DiscordChannel) Send(ctx context.Context, msg bus.OutboundMessage) erro } func (c *DiscordChannel) sendChunk(ctx context.Context, channelID, content string) error { - // ä½æē”Øä¼ å…„ēš„ ctx čæ›č”Œč¶…ę—¶ęŽ§åˆ¶ + // Use the passed ctx for timeout control sendCtx, cancel := context.WithTimeout(ctx, sendTimeout) defer cancel() @@ -152,7 +158,7 @@ func (c *DiscordChannel) sendChunk(ctx context.Context, channelID, content strin } } -// appendContent 安å…Ø地čæ½åŠ å†…容到ēŽ°ęœ‰ę–‡ęœ¬ +// appendContent safely appends content to existing text func appendContent(content, suffix string) string { if content == "" { return suffix @@ -169,7 +175,7 @@ func (c *DiscordChannel) handleMessage(s *discordgo.Session, m *discordgo.Messag return } - // ę£€ęŸ„ē™½åå•ļ¼Œéæ免äøŗč¢«ę‹’ē»ēš„ē”Øꈷäø‹č½½é™„ä»¶å’Œč½¬å½• + // Check allowlist first to avoid downloading attachments and transcribing for rejected users if !c.IsAllowed(m.Author.ID) { logger.DebugCF("discord", "Message rejected by allowlist", map[string]any{ "user_id": m.Author.ID, @@ -177,6 +183,24 @@ func (c *DiscordChannel) handleMessage(s *discordgo.Session, m *discordgo.Messag return } + // If configured to only respond to mentions, check if bot is mentioned + // Skip this check for DMs (GuildID is empty) - DMs should always be responded to + if c.config.MentionOnly && m.GuildID != "" { + isMentioned := false + for _, mention := range m.Mentions { + if mention.ID == c.botUserID { + isMentioned = true + break + } + } + if !isMentioned { + logger.DebugCF("discord", "Message ignored - bot not mentioned", map[string]any{ + "user_id": m.Author.ID, + }) + return + } + } + senderID := m.Author.ID senderName := m.Author.Username if m.Author.Discriminator != "" && m.Author.Discriminator != "0" { @@ -184,10 +208,11 @@ func (c *DiscordChannel) handleMessage(s *discordgo.Session, m *discordgo.Messag } content := m.Content + content = c.stripBotMention(content) mediaPaths := make([]string, 0, len(m.Attachments)) localFiles := make([]string, 0, len(m.Attachments)) - // ē”®äæäø“ꗶꖇ件åœØå‡½ę•°čæ”å›žę—¶č¢«ęø…ē† + // Ensure temp files are cleaned up when function returns defer func() { for _, file := range localFiles { if err := os.Remove(file); err != nil { @@ -211,7 +236,7 @@ func (c *DiscordChannel) handleMessage(s *discordgo.Session, m *discordgo.Messag if c.transcriber != nil && c.transcriber.IsAvailable() { ctx, cancel := context.WithTimeout(c.getContext(), transcriptionTimeout) result, err := c.transcriber.Transcribe(ctx, localPath) - cancel() // ē«‹å³é‡Šę”¾context资ęŗļ¼Œéæ免åœØforå¾ŖēŽÆäø­ę³„ę¼ + cancel() // Release context resources immediately to avoid leaks in for loop if err != nil { logger.ErrorCF("discord", "Voice transcription failed", map[string]any{ @@ -333,3 +358,15 @@ func (c *DiscordChannel) downloadAttachment(url, filename string) string { LoggerPrefix: "discord", }) } + +// stripBotMention removes the bot mention from the message content. +// Discord mentions have the format <@USER_ID> or <@!USER_ID> (with nickname). +func (c *DiscordChannel) stripBotMention(text string) string { + if c.botUserID == "" { + return text + } + // Remove both regular mention <@USER_ID> and nickname mention <@!USER_ID> + text = strings.ReplaceAll(text, fmt.Sprintf("<@%s>", c.botUserID), "") + text = strings.ReplaceAll(text, fmt.Sprintf("<@!%s>", c.botUserID), "") + return strings.TrimSpace(text) +} diff --git a/pkg/config/config.go b/pkg/config/config.go index 9d5e5d42e..e44212605 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -215,9 +215,10 @@ type FeishuConfig struct { } type DiscordConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DISCORD_ENABLED"` - Token string `json:"token" env:"PICOCLAW_CHANNELS_DISCORD_TOKEN"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DISCORD_ALLOW_FROM"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DISCORD_ENABLED"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_DISCORD_TOKEN"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DISCORD_ALLOW_FROM"` + MentionOnly bool `json:"mention_only" env:"PICOCLAW_CHANNELS_DISCORD_MENTION_ONLY"` } type MaixCamConfig struct { diff --git a/pkg/config/defaults.go b/pkg/config/defaults.go index 07974b8eb..d66de9081 100644 --- a/pkg/config/defaults.go +++ b/pkg/config/defaults.go @@ -43,9 +43,10 @@ func DefaultConfig() *Config { AllowFrom: FlexibleStringSlice{}, }, Discord: DiscordConfig{ - Enabled: false, - Token: "", - AllowFrom: FlexibleStringSlice{}, + Enabled: false, + Token: "", + AllowFrom: FlexibleStringSlice{}, + MentionOnly: false, }, MaixCam: MaixCamConfig{ Enabled: false, From ca481035a4ab5731f5f0d7c867db119f151f5b34 Mon Sep 17 00:00:00 2001 From: swordkee Date: Fri, 20 Feb 2026 19:39:12 +0800 Subject: [PATCH 11/88] feat: add wecom and wecomApp test --- pkg/channels/wecom.go | 8 +++- pkg/channels/wecom_app.go | 51 +++++++++++++++++++++--- pkg/channels/wecom_common.go | 77 +++++++++++++++++++++++++++++++++--- 3 files changed, 122 insertions(+), 14 deletions(-) diff --git a/pkg/channels/wecom.go b/pkg/channels/wecom.go index 33afef17a..404949e07 100644 --- a/pkg/channels/wecom.go +++ b/pkg/channels/wecom.go @@ -220,7 +220,9 @@ func (c *WeComBotChannel) handleVerification(ctx context.Context, w http.Respons } // Decrypt echostr - decryptedEchoStr, err := WeComDecryptMessage(echostr, c.config.EncodingAESKey) + // For AIBOT (ę™ŗčƒ½ęœŗå™Øäŗŗ), receiveid should be empty string "" + // Reference: https://developer.work.weixin.qq.com/document/path/101033 + decryptedEchoStr, err := WeComDecryptMessageWithVerify(echostr, c.config.EncodingAESKey, "") if err != nil { logger.ErrorCF("wecom", "Failed to decrypt echostr", map[string]interface{}{ "error": err.Error(), @@ -280,7 +282,9 @@ func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.Resp } // Decrypt message - decryptedMsg, err := WeComDecryptMessage(encryptedMsg.Encrypt, c.config.EncodingAESKey) + // For AIBOT (ę™ŗčƒ½ęœŗå™Øäŗŗ), receiveid should be empty string "" + // Reference: https://developer.work.weixin.qq.com/document/path/101033 + decryptedMsg, err := WeComDecryptMessageWithVerify(encryptedMsg.Encrypt, c.config.EncodingAESKey, "") if err != nil { logger.ErrorCF("wecom", "Failed to decrypt message", map[string]interface{}{ "error": err.Error(), diff --git a/pkg/channels/wecom_app.go b/pkg/channels/wecom_app.go index 783d381f2..63a1dd815 100644 --- a/pkg/channels/wecom_app.go +++ b/pkg/channels/wecom_app.go @@ -230,6 +230,14 @@ func (c *WeComAppChannel) Send(ctx context.Context, msg bus.OutboundMessage) err func (c *WeComAppChannel) handleWebhook(w http.ResponseWriter, r *http.Request) { ctx := r.Context() + // Log all incoming requests for debugging + logger.DebugCF("wecom_app", "Received webhook request", map[string]interface{}{ + "method": r.Method, + "url": r.URL.String(), + "path": r.URL.Path, + "query": r.URL.RawQuery, + }) + if r.Method == http.MethodGet { // Handle verification request c.handleVerification(ctx, w, r) @@ -242,6 +250,9 @@ func (c *WeComAppChannel) handleWebhook(w http.ResponseWriter, r *http.Request) return } + logger.WarnCF("wecom_app", "Method not allowed", map[string]interface{}{ + "method": r.Method, + }) http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) } @@ -253,28 +264,55 @@ func (c *WeComAppChannel) handleVerification(ctx context.Context, w http.Respons nonce := query.Get("nonce") echostr := query.Get("echostr") + logger.DebugCF("wecom_app", "Handling verification request", map[string]interface{}{ + "msg_signature": msgSignature, + "timestamp": timestamp, + "nonce": nonce, + "echostr": echostr, + "corp_id": c.config.CorpID, + }) + if msgSignature == "" || timestamp == "" || nonce == "" || echostr == "" { + logger.ErrorC("wecom_app", "Missing parameters in verification request") http.Error(w, "Missing parameters", http.StatusBadRequest) return } // Verify signature if !WeComVerifySignature(c.config.Token, msgSignature, timestamp, nonce, echostr) { - logger.WarnC("wecom_app", "Signature verification failed") + logger.WarnCF("wecom_app", "Signature verification failed", map[string]interface{}{ + "token": c.config.Token, + "msg_signature": msgSignature, + "timestamp": timestamp, + "nonce": nonce, + }) http.Error(w, "Invalid signature", http.StatusForbidden) return } - // Decrypt echostr - decryptedEchoStr, err := WeComDecryptMessage(echostr, c.config.EncodingAESKey) + logger.DebugC("wecom_app", "Signature verification passed") + + // Decrypt echostr with CorpID verification + // For WeCom App (č‡Ŗå»ŗåŗ”ē”Ø), receiveid should be corp_id + logger.DebugCF("wecom_app", "Attempting to decrypt echostr", map[string]interface{}{ + "encoding_aes_key": c.config.EncodingAESKey, + "corp_id": c.config.CorpID, + }) + decryptedEchoStr, err := WeComDecryptMessageWithVerify(echostr, c.config.EncodingAESKey, c.config.CorpID) if err != nil { logger.ErrorCF("wecom_app", "Failed to decrypt echostr", map[string]interface{}{ - "error": err.Error(), + "error": err.Error(), + "encoding_aes_key": c.config.EncodingAESKey, + "corp_id": c.config.CorpID, }) http.Error(w, "Decryption failed", http.StatusInternalServerError) return } + logger.DebugCF("wecom_app", "Successfully decrypted echostr", map[string]interface{}{ + "decrypted": decryptedEchoStr, + }) + // Remove BOM and whitespace as per WeCom documentation // The response must be plain text without quotes, BOM, or newlines decryptedEchoStr = strings.TrimSpace(decryptedEchoStr) @@ -325,8 +363,9 @@ func (c *WeComAppChannel) handleMessageCallback(ctx context.Context, w http.Resp return } - // Decrypt message - decryptedMsg, err := WeComDecryptMessage(encryptedMsg.Encrypt, c.config.EncodingAESKey) + // Decrypt message with CorpID verification + // For WeCom App (č‡Ŗå»ŗåŗ”ē”Ø), receiveid should be corp_id + decryptedMsg, err := WeComDecryptMessageWithVerify(encryptedMsg.Encrypt, c.config.EncodingAESKey, c.config.CorpID) if err != nil { logger.ErrorCF("wecom_app", "Failed to decrypt message", map[string]interface{}{ "error": err.Error(), diff --git a/pkg/channels/wecom_common.go b/pkg/channels/wecom_common.go index 16a25fad6..3e3908622 100644 --- a/pkg/channels/wecom_common.go +++ b/pkg/channels/wecom_common.go @@ -12,6 +12,8 @@ import ( "fmt" "sort" "strings" + + "github.com/sipeed/picoclaw/pkg/logger" ) // WeComVerifySignature verifies the message signature for WeCom @@ -37,7 +39,20 @@ func WeComVerifySignature(token, msgSignature, timestamp, nonce, msgEncrypt stri // WeComDecryptMessage decrypts the encrypted message using AES // This is a common function used by both WeCom Bot and WeCom App +// For AIBOT, receiveid should be the aibotid; for other apps, it should be corp_id func WeComDecryptMessage(encryptedMsg, encodingAESKey string) (string, error) { + return WeComDecryptMessageWithVerify(encryptedMsg, encodingAESKey, "") +} + +// WeComDecryptMessageWithVerify decrypts the encrypted message and optionally verifies receiveid +// receiveid: for AIBOT use aibotid, for WeCom App use corp_id. If empty, skip verification. +func WeComDecryptMessageWithVerify(encryptedMsg, encodingAESKey, receiveid string) (string, error) { + logger.DebugCF("wecom_common", "Starting decryption", map[string]interface{}{ + "encodingAESKey_len": len(encodingAESKey), + "receiveid": receiveid, + "encryptedMsg_len": len(encryptedMsg), + }) + if encodingAESKey == "" { // No encryption, return as is (base64 decode) decoded, err := base64.StdEncoding.DecodeString(encryptedMsg) @@ -50,14 +65,27 @@ func WeComDecryptMessage(encryptedMsg, encodingAESKey string) (string, error) { // Decode AES key (base64) aesKey, err := base64.StdEncoding.DecodeString(encodingAESKey + "=") if err != nil { + logger.ErrorCF("wecom_common", "Failed to decode AES key", map[string]interface{}{ + "error": err.Error(), + "key": encodingAESKey, + }) return "", fmt.Errorf("failed to decode AES key: %w", err) } + logger.DebugCF("wecom_common", "AES key decoded", map[string]interface{}{ + "key_len": len(aesKey), + }) // Decode encrypted message cipherText, err := base64.StdEncoding.DecodeString(encryptedMsg) if err != nil { + logger.ErrorCF("wecom_common", "Failed to decode message", map[string]interface{}{ + "error": err.Error(), + }) return "", fmt.Errorf("failed to decode message: %w", err) } + logger.DebugCF("wecom_common", "Message decoded", map[string]interface{}{ + "cipher_len": len(cipherText), + }) // AES decrypt block, err := aes.NewCipher(aesKey) @@ -66,42 +94,79 @@ func WeComDecryptMessage(encryptedMsg, encodingAESKey string) (string, error) { } if len(cipherText) < aes.BlockSize { - return "", fmt.Errorf("ciphertext too short") + return "", fmt.Errorf("ciphertext too short: %d < %d", len(cipherText), aes.BlockSize) } - mode := cipher.NewCBCDecrypter(block, aesKey[:aes.BlockSize]) + // IV is the first 16 bytes of AESKey + iv := aesKey[:aes.BlockSize] + mode := cipher.NewCBCDecrypter(block, iv) plainText := make([]byte, len(cipherText)) mode.CryptBlocks(plainText, cipherText) // Remove PKCS7 padding - plainText, err = pkcs7UnpadWeCom(plainText) + unpaddedText, err := pkcs7UnpadWeCom(plainText) if err != nil { + lastByte := -1 + if len(plainText) > 0 { + lastByte = int(plainText[len(plainText)-1]) + } + logger.ErrorCF("wecom_common", "PKCS7 unpad failed", map[string]interface{}{ + "error": err.Error(), + "plain_len": len(plainText), + "last_byte": lastByte, + }) return "", fmt.Errorf("failed to unpad: %w", err) } + plainText = unpaddedText // Parse message structure - // Format: random(16) + msg_len(4) + msg + corp_id + // Format: random(16) + msg_len(4) + msg + receiveid if len(plainText) < 20 { return "", fmt.Errorf("decrypted message too short") } msgLen := binary.BigEndian.Uint32(plainText[16:20]) + logger.DebugCF("wecom_common", "Message structure parsed", map[string]interface{}{ + "msg_len": msgLen, + "plain_len": len(plainText), + "total_expected": 20 + int(msgLen), + }) + if int(msgLen) > len(plainText)-20 { - return "", fmt.Errorf("invalid message length") + return "", fmt.Errorf("invalid message length: %d > %d", msgLen, len(plainText)-20) } msg := plainText[20 : 20+msgLen] + // Verify receiveid if provided + if receiveid != "" && len(plainText) > 20+int(msgLen) { + actualReceiveID := string(plainText[20+msgLen:]) + logger.DebugCF("wecom_common", "ReceiveID verification", map[string]interface{}{ + "expected": receiveid, + "actual": actualReceiveID, + }) + if actualReceiveID != receiveid { + return "", fmt.Errorf("receiveid mismatch: expected %s, got %s", receiveid, actualReceiveID) + } + } + + logger.DebugCF("wecom_common", "Decryption successful", map[string]interface{}{ + "msg_len": len(msg), + }) return string(msg), nil } // pkcs7UnpadWeCom removes PKCS7 padding with validation +// WeCom uses block size of 32 (not standard AES block size of 16) +const wecomBlockSize = 32 + func pkcs7UnpadWeCom(data []byte) ([]byte, error) { if len(data) == 0 { return data, nil } padding := int(data[len(data)-1]) - if padding == 0 || padding > aes.BlockSize { + // WeCom uses 32-byte block size for PKCS7 padding + if padding == 0 || padding > wecomBlockSize { return nil, fmt.Errorf("invalid padding size: %d", padding) } if padding > len(data) { From df49f6698a145f619fb687125792953401800e61 Mon Sep 17 00:00:00 2001 From: Yasuhiro Matsumoto Date: Fri, 20 Feb 2026 20:48:43 +0900 Subject: [PATCH 12/88] Fix --- pkg/agent/memory.go | 1 - 1 file changed, 1 deletion(-) diff --git a/pkg/agent/memory.go b/pkg/agent/memory.go index 6e5d0ba40..70be2fb61 100644 --- a/pkg/agent/memory.go +++ b/pkg/agent/memory.go @@ -133,7 +133,6 @@ func (ms *MemoryStore) GetMemoryContext() string { } var sb strings.Builder - sb.WriteString("# Memory\n\n") if longTerm != "" { sb.WriteString("## Long-term Memory\n\n") From 0f70f783bd88c5db875c1ebebe5bde902a96ab27 Mon Sep 17 00:00:00 2001 From: swordkee Date: Fri, 20 Feb 2026 20:01:22 +0800 Subject: [PATCH 13/88] feat: add wecom and wecomApp test --- README.fr.md | 84 ++++++++++++++- README.ja.md | 84 ++++++++++++++- README.md | 84 ++++++++++++++- README.pt-br.md | 84 ++++++++++++++- README.vi.md | 84 ++++++++++++++- README.zh.md | 87 ++++++++++++++- config/config.example.json | 2 + docs/wecom-app-configuration.md | 117 ++++++++++++++++++++ pkg/channels/wecom.go | 132 +++++++++++++++++++++++ pkg/channels/wecom_common.go | 182 -------------------------------- 10 files changed, 751 insertions(+), 189 deletions(-) create mode 100644 docs/wecom-app-configuration.md delete mode 100644 pkg/channels/wecom_common.go diff --git a/README.fr.md b/README.fr.md index 21913f6ba..d49edc5ee 100644 --- a/README.fr.md +++ b/README.fr.md @@ -262,7 +262,7 @@ Et voilĆ  ! Vous avez un assistant IA fonctionnel en 2 minutes. ## šŸ’¬ Applications de Chat -Discutez avec votre PicoClaw via Telegram, Discord, DingTalk ou LINE +Discutez avec votre PicoClaw via Telegram, Discord, DingTalk, LINE ou WeCom | Canal | Configuration | | ------------ | -------------------------------------- | @@ -271,6 +271,7 @@ Discutez avec votre PicoClaw via Telegram, Discord, DingTalk ou LINE | **QQ** | Facile (AppID + AppSecret) | | **DingTalk** | Moyen (identifiants de l'application) | | **LINE** | Moyen (identifiants + URL de webhook) | +| **WeCom** | Moyen (CorpID + configuration webhook) |
Telegram (RecommandƩ) @@ -470,6 +471,87 @@ picoclaw gateway
+
+WeCom (WeChat Work) + +PicoClaw prend en charge deux types d'intĆ©gration WeCom : + +**Option 1 : WeCom Bot (Robot Intelligent)** - Configuration plus facile, prend en charge les discussions de groupe +**Option 2 : WeCom App (Application PersonnalisĆ©e)** - Plus de fonctionnalitĆ©s, messagerie proactive + +Voir le [Guide de Configuration WeCom App](docs/wecom-app-configuration.md) pour des instructions dĆ©taillĆ©es. + +**Configuration Rapide - WeCom Bot :** + +**1. CrĆ©er un bot** + +* AccĆ©dez Ć  la Console d'Administration WeCom ā†’ Discussion de Groupe ā†’ Ajouter un Bot de Groupe +* Copiez l'URL du webhook (format : `https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxx`) + +**2. Configurer** + +```json +{ + "channels": { + "wecom": { + "enabled": true, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=YOUR_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18793, + "webhook_path": "/webhook/wecom", + "allow_from": [] + } + } +} +``` + +**Configuration Rapide - WeCom App :** + +**1. CrĆ©er une application** + +* AccĆ©dez Ć  la Console d'Administration WeCom ā†’ Gestion des Applications ā†’ CrĆ©er une Application +* Copiez l'**AgentId** et le **Secret** +* AccĆ©dez Ć  la page "Mon Entreprise", copiez le **CorpID** + +**2. Configurer la rĆ©ception des messages** + +* Dans les dĆ©tails de l'application, cliquez sur "Recevoir les Messages" ā†’ "Configurer l'API" +* DĆ©finissez l'URL sur `http://your-server:18792/webhook/wecom-app` +* GĆ©nĆ©rez le **Token** et l'**EncodingAESKey** + +**3. Configurer** + +```json +{ + "channels": { + "wecom_app": { + "enabled": true, + "corp_id": "wwxxxxxxxxxxxxxxxx", + "corp_secret": "YOUR_CORP_SECRET", + "agent_id": 1000002, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18792, + "webhook_path": "/webhook/wecom-app", + "allow_from": [] + } + } +} +``` + +**4. Lancer** + +```bash +picoclaw gateway +``` + +> **Note** : WeCom App nĆ©cessite l'ouverture du port 18792 pour les callbacks webhook. Utilisez un proxy inverse pour HTTPS en production. + +
+ ## ClawdChat Rejoignez le RĆ©seau Social d'Agents Connectez PicoClaw au RĆ©seau Social d'Agents simplement en envoyant un seul message via le CLI ou n'importe quelle application de chat intĆ©grĆ©e. diff --git a/README.ja.md b/README.ja.md index c0e40883d..793a51101 100644 --- a/README.ja.md +++ b/README.ja.md @@ -226,7 +226,7 @@ picoclaw agent -m "What is 2+2?" ## šŸ’¬ ćƒćƒ£ćƒƒćƒˆć‚¢ćƒ—ćƒŖ -Telegram态Discord态QQ态DingTalk态LINE 恧 PicoClaw ćØä¼šč©±ć§ćć¾ć™ +Telegram态Discord态QQ态DingTalk态LINE态WeCom 恧 PicoClaw ćØä¼šč©±ć§ćć¾ć™ | ćƒćƒ£ćƒćƒ« | ć‚»ćƒƒćƒˆć‚¢ćƒƒćƒ— | |---------|------------| @@ -235,6 +235,7 @@ Telegram态Discord态QQ态DingTalk态LINE 恧 PicoClaw ćØä¼šč©±ć§ćć¾ć™ | **QQ** | ē°”単ļ¼ˆAppID + AppSecretļ¼‰ | | **DingTalk** | ꙮ通ļ¼ˆć‚¢ćƒ—ćƒŖčŖčØ¼ęƒ…å ±ļ¼‰ | | **LINE** | ꙮ通ļ¼ˆčŖčØ¼ęƒ…å ± + Webhook URLļ¼‰ | +| **WeCom** | ꙮ通ļ¼ˆCorpID + Webhookčح定ļ¼‰ |
Telegramļ¼ˆęŽØå„Øļ¼‰ @@ -430,6 +431,87 @@ picoclaw gateway
+
+WeCom (ä¼ę„­å¾®äæ”) + +PicoClaw ćÆ2ēØ®é”žć® WeCom ēµ±åˆć‚’ć‚µćƒćƒ¼ćƒˆć—ć¦ć„ć¾ć™ļ¼š + +**ć‚Ŗćƒ—ć‚·ćƒ§ćƒ³1: WeCom Bot (ę™ŗčƒ½ćƒ­ćƒœćƒƒćƒˆ)** - ē°”単ćŖčØ­å®šć€ć‚°ćƒ«ćƒ¼ćƒ—ćƒćƒ£ćƒƒćƒˆåƾåæœ +**ć‚Ŗćƒ—ć‚·ćƒ§ćƒ³2: WeCom App (č‡Ŗä½œć‚¢ćƒ—ćƒŖ)** - ć‚ˆć‚Šå¤šę©Ÿčƒ½ć€ć‚¢ć‚Æćƒ†ć‚£ćƒ–ćƒ”ćƒƒć‚»ćƒ¼ć‚øćƒ³ć‚°åƾåæœ + +č©³ē“°ćŖčØ­å®šę‰‹é †ćÆ [WeCom App Configuration Guide](docs/wecom-app-configuration.md) ć‚’å‚ē…§ć—ć¦ćć ć•ć„ć€‚ + +**ć‚Æ悤惃ć‚Æć‚»ćƒƒćƒˆć‚¢ćƒƒćƒ— - WeCom Bot:** + +**1. ćƒœćƒƒćƒˆć‚’ä½œęˆ** + +* WeCom ē®”ē†ć‚³ćƒ³ć‚½ćƒ¼ćƒ« ā†’ ć‚°ćƒ«ćƒ¼ćƒ—ćƒćƒ£ćƒƒćƒˆ ā†’ ć‚°ćƒ«ćƒ¼ćƒ—ćƒœćƒƒćƒˆć‚’čæ½åŠ  +* Webhook URL ć‚’ć‚³ćƒ”ćƒ¼ļ¼ˆå½¢å¼: `https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxx`ļ¼‰ + +**2. čح定** + +```json +{ + "channels": { + "wecom": { + "enabled": true, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=YOUR_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18793, + "webhook_path": "/webhook/wecom", + "allow_from": [] + } + } +} +``` + +**ć‚Æ悤惃ć‚Æć‚»ćƒƒćƒˆć‚¢ćƒƒćƒ— - WeCom App:** + +**1. ć‚¢ćƒ—ćƒŖć‚’ä½œęˆ** + +* WeCom ē®”ē†ć‚³ćƒ³ć‚½ćƒ¼ćƒ« ā†’ ć‚¢ćƒ—ćƒŖē®”ē† ā†’ ć‚¢ćƒ—ćƒŖć‚’ä½œęˆ +* **AgentId** ćØ **Secret** ć‚’ć‚³ćƒ”ćƒ¼ +* "ćƒžć‚¤ä¼šē¤¾" ćƒšćƒ¼ć‚ø恧 **CorpID** ć‚’ć‚³ćƒ”ćƒ¼ + +**2. ćƒ”ćƒƒć‚»ćƒ¼ć‚ø受äæ”悒čح定** + +* ć‚¢ćƒ—ćƒŖč©³ē“°ć§ "ćƒ”ćƒƒć‚»ćƒ¼ć‚øć‚’å—äæ”" ā†’ "API悒čح定" 悒ć‚ÆćƒŖ惃ć‚Æ +* URL 悒 `http://your-server:18792/webhook/wecom-app` 恫čح定 +* **Token** ćØ **EncodingAESKey** 悒ē”Ÿęˆ + +**3. čح定** + +```json +{ + "channels": { + "wecom_app": { + "enabled": true, + "corp_id": "wwxxxxxxxxxxxxxxxx", + "corp_secret": "YOUR_CORP_SECRET", + "agent_id": 1000002, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18792, + "webhook_path": "/webhook/wecom-app", + "allow_from": [] + } + } +} +``` + +**4. čµ·å‹•** + +```bash +picoclaw gateway +``` + +> **ę³Øꄏ**: WeCom App ćÆ Webhook ć‚³ćƒ¼ćƒ«ćƒćƒƒć‚Æē”Øć«ćƒćƒ¼ćƒˆ 18792 ć‚’é–‹ę”¾ć™ć‚‹åæ…č¦ćŒć‚ć‚Šć¾ć™ć€‚ęœ¬ē•Ŗē’°å¢ƒć§ćÆ HTTPS ē”Ø恮ćƒŖćƒćƒ¼ć‚¹ćƒ—ćƒ­ć‚­ć‚·ć‚’ä½æē”Øć—ć¦ćć ć•ć„ć€‚ + +
+ ## āš™ļø čح定 čØ­å®šćƒ•ć‚”ć‚¤ćƒ«: `~/.picoclaw/config.json` diff --git a/README.md b/README.md index 468350409..321e8f60c 100644 --- a/README.md +++ b/README.md @@ -264,7 +264,7 @@ That's it! You have a working AI assistant in 2 minutes. ## šŸ’¬ Chat Apps -Talk to your picoclaw through Telegram, Discord, DingTalk, or LINE +Talk to your picoclaw through Telegram, Discord, DingTalk, LINE, or WeCom | Channel | Setup | | ------------ | ---------------------------------- | @@ -273,6 +273,7 @@ Talk to your picoclaw through Telegram, Discord, DingTalk, or LINE | **QQ** | Easy (AppID + AppSecret) | | **DingTalk** | Medium (app credentials) | | **LINE** | Medium (credentials + webhook URL) | +| **WeCom** | Medium (CorpID + webhook setup) |
Telegram (Recommended) @@ -472,6 +473,87 @@ picoclaw gateway
+
+WeCom (企äøšå¾®äæ”) + +PicoClaw supports two types of WeCom integration: + +**Option 1: WeCom Bot (ę™ŗčƒ½ęœŗå™Øäŗŗ)** - Easier setup, supports group chats +**Option 2: WeCom App (č‡Ŗå»ŗåŗ”ē”Ø)** - More features, proactive messaging + +See [WeCom App Configuration Guide](docs/wecom-app-configuration.md) for detailed setup instructions. + +**Quick Setup - WeCom Bot:** + +**1. Create a bot** + +* Go to WeCom Admin Console ā†’ Group Chat ā†’ Add Group Bot +* Copy the webhook URL (format: `https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxx`) + +**2. Configure** + +```json +{ + "channels": { + "wecom": { + "enabled": true, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=YOUR_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18793, + "webhook_path": "/webhook/wecom", + "allow_from": [] + } + } +} +``` + +**Quick Setup - WeCom App:** + +**1. Create an app** + +* Go to WeCom Admin Console ā†’ App Management ā†’ Create App +* Copy **AgentId** and **Secret** +* Go to "My Company" page, copy **CorpID** + +**2. Configure receive message** + +* In App details, click "Receive Message" ā†’ "Set API" +* Set URL to `http://your-server:18792/webhook/wecom-app` +* Generate **Token** and **EncodingAESKey** + +**3. Configure** + +```json +{ + "channels": { + "wecom_app": { + "enabled": true, + "corp_id": "wwxxxxxxxxxxxxxxxx", + "corp_secret": "YOUR_CORP_SECRET", + "agent_id": 1000002, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18792, + "webhook_path": "/webhook/wecom-app", + "allow_from": [] + } + } +} +``` + +**4. Run** + +```bash +picoclaw gateway +``` + +> **Note**: WeCom App requires opening port 18792 for webhook callbacks. Use a reverse proxy for HTTPS. + +
+ ## ClawdChat Join the Agent Social Network Connect Picoclaw to the Agent Social Network simply by sending a single message via the CLI or any integrated Chat App. diff --git a/README.pt-br.md b/README.pt-br.md index 44f27813c..a1788d119 100644 --- a/README.pt-br.md +++ b/README.pt-br.md @@ -263,7 +263,7 @@ Pronto! VocĆŖ tem um assistente de IA funcionando em 2 minutos. ## šŸ’¬ IntegraĆ§Ć£o com Apps de Chat -Converse com seu PicoClaw via Telegram, Discord, DingTalk ou LINE. +Converse com seu PicoClaw via Telegram, Discord, DingTalk, LINE ou WeCom. | Canal | NĆ­vel de ConfiguraĆ§Ć£o | | --- | --- | @@ -272,6 +272,7 @@ Converse com seu PicoClaw via Telegram, Discord, DingTalk ou LINE. | **QQ** | FĆ”cil (AppID + AppSecret) | | **DingTalk** | MĆ©dio (credenciais do app) | | **LINE** | MĆ©dio (credenciais + webhook URL) | +| **WeCom** | MĆ©dio (CorpID + configuraĆ§Ć£o webhook) |
Telegram (Recomendado) @@ -471,6 +472,87 @@ picoclaw gateway
+
+WeCom (WeChat Work) + +O PicoClaw suporta dois tipos de integraĆ§Ć£o WeCom: + +**OpĆ§Ć£o 1: WeCom Bot (RobĆ“ Inteligente)** - ConfiguraĆ§Ć£o mais fĆ”cil, suporta chats em grupo +**OpĆ§Ć£o 2: WeCom App (Aplicativo Personalizado)** - Mais recursos, mensagens proativas + +Veja o [Guia de ConfiguraĆ§Ć£o WeCom App](docs/wecom-app-configuration.md) para instruƧƵes detalhadas. + +**ConfiguraĆ§Ć£o RĆ”pida - WeCom Bot:** + +**1. Criar um bot** + +* Acesse o Console de AdministraĆ§Ć£o WeCom ā†’ Chat em Grupo ā†’ Adicionar Bot de Grupo +* Copie a URL do webhook (formato: `https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxx`) + +**2. Configurar** + +```json +{ + "channels": { + "wecom": { + "enabled": true, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=YOUR_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18793, + "webhook_path": "/webhook/wecom", + "allow_from": [] + } + } +} +``` + +**ConfiguraĆ§Ć£o RĆ”pida - WeCom App:** + +**1. Criar um aplicativo** + +* Acesse o Console de AdministraĆ§Ć£o WeCom ā†’ Gerenciamento de Aplicativos ā†’ Criar Aplicativo +* Copie o **AgentId** e o **Secret** +* Acesse a pĆ”gina "Minha Empresa", copie o **CorpID** + +**2. Configurar recebimento de mensagens** + +* Nos detalhes do aplicativo, clique em "Receber Mensagens" ā†’ "Configurar API" +* Defina a URL como `http://your-server:18792/webhook/wecom-app` +* Gere o **Token** e o **EncodingAESKey** + +**3. Configurar** + +```json +{ + "channels": { + "wecom_app": { + "enabled": true, + "corp_id": "wwxxxxxxxxxxxxxxxx", + "corp_secret": "YOUR_CORP_SECRET", + "agent_id": 1000002, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18792, + "webhook_path": "/webhook/wecom-app", + "allow_from": [] + } + } +} +``` + +**4. Executar** + +```bash +picoclaw gateway +``` + +> **Nota**: O WeCom App requer a abertura da porta 18792 para callbacks de webhook. Use um proxy reverso para HTTPS em produĆ§Ć£o. + +
+ ## ClawdChat Junte-se a Rede Social de Agentes Conecte o PicoClaw a Rede Social de Agentes simplesmente enviando uma Ćŗnica mensagem via CLI ou qualquer App de Chat integrado. diff --git a/README.vi.md b/README.vi.md index 08fa3dccd..5548f88a4 100644 --- a/README.vi.md +++ b/README.vi.md @@ -243,7 +243,7 @@ Vįŗ­y lĆ  xong! Bįŗ”n Ä‘Ć£ cĆ³ mį»™t trį»£ lĆ½ AI hoįŗ”t đį»™ng chį»‰ trong 2 p ## šŸ’¬ TĆ­ch hį»£p į»©ng dį»„ng Chat -TrĆ² chuyį»‡n vį»›i PicoClaw qua Telegram, Discord, DingTalk hoįŗ·c LINE. +TrĆ² chuyį»‡n vį»›i PicoClaw qua Telegram, Discord, DingTalk, LINE hoįŗ·c WeCom. | KĆŖnh | Mį»©c đį»™ thiįŗæt lįŗ­p | | --- | --- | @@ -252,6 +252,7 @@ TrĆ² chuyį»‡n vį»›i PicoClaw qua Telegram, Discord, DingTalk hoįŗ·c LINE. | **QQ** | Dį»… (AppID + AppSecret) | | **DingTalk** | Trung bƬnh (app credentials) | | **LINE** | Trung bƬnh (credentials + webhook URL) | +| **WeCom** | Trung bƬnh (CorpID + cįŗ„u hƬnh webhook) |
Telegram (KhuyĆŖn dĆ¹ng) @@ -451,6 +452,87 @@ picoclaw gateway
+
+WeCom (WeChat Work) + +PicoClaw hį»— trį»£ hai loįŗ”i tĆ­ch hį»£p WeCom: + +**TĆ¹y chį»n 1: WeCom Bot (Robot ThĆ“ng minh)** - Thiįŗæt lįŗ­p dį»… dĆ ng hĘ”n, hį»— trį»£ chat nhĆ³m +**TĆ¹y chį»n 2: WeCom App (į»Øng dį»„ng Tį»± xĆ¢y dį»±ng)** - Nhiį»u tĆ­nh năng hĘ”n, nhįŗÆn tin chį»§ đį»™ng + +Xem [HĘ°į»›ng dįŗ«n Cįŗ„u hƬnh WeCom App](docs/wecom-app-configuration.md) đį»ƒ biįŗæt hĘ°į»›ng dįŗ«n chi tiįŗæt. + +**Thiįŗæt lįŗ­p Nhanh - WeCom Bot:** + +**1. Tįŗ”o bot** + +* Truy cįŗ­p Bįŗ£ng điį»u khiį»ƒn Quįŗ£n trį»‹ WeCom ā†’ Chat NhĆ³m ā†’ ThĆŖm Bot NhĆ³m +* Sao chĆ©p URL webhook (đį»‹nh dįŗ”ng: `https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxx`) + +**2. Cįŗ„u hƬnh** + +```json +{ + "channels": { + "wecom": { + "enabled": true, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=YOUR_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18793, + "webhook_path": "/webhook/wecom", + "allow_from": [] + } + } +} +``` + +**Thiįŗæt lįŗ­p Nhanh - WeCom App:** + +**1. Tįŗ”o į»©ng dį»„ng** + +* Truy cįŗ­p Bįŗ£ng điį»u khiį»ƒn Quįŗ£n trį»‹ WeCom ā†’ Quįŗ£n lĆ½ į»Øng dį»„ng ā†’ Tįŗ”o į»Øng dį»„ng +* Sao chĆ©p **AgentId** vĆ  **Secret** +* Truy cįŗ­p trang "CĆ“ng ty cį»§a tĆ“i", sao chĆ©p **CorpID** + +**2. Cįŗ„u hƬnh nhįŗ­n tin nhįŗÆn** + +* Trong chi tiįŗæt į»©ng dį»„ng, nhįŗ„p vĆ o "Nhįŗ­n Tin nhįŗÆn" ā†’ "Thiįŗæt lįŗ­p API" +* Đįŗ·t URL thĆ nh `http://your-server:18792/webhook/wecom-app` +* Tįŗ”o **Token** vĆ  **EncodingAESKey** + +**3. Cįŗ„u hƬnh** + +```json +{ + "channels": { + "wecom_app": { + "enabled": true, + "corp_id": "wwxxxxxxxxxxxxxxxx", + "corp_secret": "YOUR_CORP_SECRET", + "agent_id": 1000002, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18792, + "webhook_path": "/webhook/wecom-app", + "allow_from": [] + } + } +} +``` + +**4. Chįŗ”y** + +```bash +picoclaw gateway +``` + +> **LĘ°u Ć½**: WeCom App yĆŖu cįŗ§u mį»Ÿ cį»•ng 18792 cho callback webhook. Sį»­ dį»„ng proxy ngĘ°į»£c cho HTTPS trong mĆ“i trĘ°į»ng sįŗ£n xuįŗ„t. + +
+ ## ClawdChat Tham gia Mįŗ”ng xĆ£ hį»™i Agent Kįŗæt nį»‘i PicoClaw vį»›i Mįŗ”ng xĆ£ hį»™i Agent chį»‰ bįŗ±ng cĆ”ch gį»­i mį»™t tin nhįŗÆn qua CLI hoįŗ·c bįŗ„t kį»³ į»©ng dį»„ng Chat nĆ o Ä‘Ć£ tĆ­ch hį»£p. diff --git a/README.zh.md b/README.zh.md index 4827e66ea..d470db033 100644 --- a/README.zh.md +++ b/README.zh.md @@ -273,14 +273,15 @@ picoclaw agent -m "2+2 ē­‰äŗŽå‡ ļ¼Ÿ" ## šŸ’¬ čŠå¤©åŗ”ē”Ø集ꈐ (Chat Apps) -通čæ‡ Telegram, Discord ꈖ钉钉äøŽę‚Øēš„ PicoClaw åƹčÆć€‚ +通čæ‡ Telegram, Discord, é’‰é’‰ęˆ–ä¼äøšå¾®äæ”äøŽę‚Øēš„ PicoClaw åƹčÆć€‚ | ęø é“ | č®¾ē½®éš¾åŗ¦ | | --- | --- | | **Telegram** | ē®€å• (仅需 token) | | **Discord** | ē®€å• (bot token + intents) | | **QQ** | ē®€å• (AppID + AppSecret) | -| **钉钉 (DingTalk)** | äø­ē­‰ (app credentials) | +| **钉钉 (DingTalk)** | äø­ē­‰ (åŗ”ē”Ø凭čƁ) | +| **企äøšå¾®äæ” (WeCom)** | äø­ē­‰ (企äøšID + Webhook配ē½®) |
Telegram (ęŽØ荐) @@ -438,6 +439,88 @@ picoclaw gateway
+
+企äøšå¾®äæ” (WeCom) + +PicoClaw ę”Æꌁäø¤ē§ä¼äøšå¾®äæ”é›†ęˆę–¹å¼ļ¼š + +**选锹1: ę™ŗčƒ½ęœŗå™Øäŗŗ (WeCom Bot)** - č®¾ē½®ę›“ē®€å•ļ¼Œę”Æꌁē¾¤čŠ +**选锹2: č‡Ŗå»ŗåŗ”ē”Ø (WeCom App)** - åŠŸčƒ½ę›“äø°åƌļ¼Œę”Æꌁäø»åŠØęŽØé€ę¶ˆęÆ + +čÆ¦č§ [企äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Ø配ē½®ęŒ‡å—](docs/wecom-app-configuration.md)怂 + +**åæ«é€Ÿč®¾ē½® - ę™ŗčƒ½ęœŗå™Øäŗŗļ¼š** + +**1. 创å»ŗęœŗå™Øäŗŗ** + +* 前往企äøšå¾®äæ”ē®”ē†åŽå° ā†’ ē¾¤čŠ ā†’ ę·»åŠ ē¾¤ęœŗå™Øäŗŗ +* 复制 Webhook URL (ę ¼å¼: `https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxx`) + +**2. 配ē½®** + +```json +{ + "channels": { + "wecom": { + "enabled": true, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=YOUR_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18793, + "webhook_path": "/webhook/wecom", + "allow_from": [] + } + } +} +``` + +**åæ«é€Ÿč®¾ē½® - č‡Ŗå»ŗåŗ”ē”Øļ¼š** + +**1. 创å»ŗåŗ”ē”Ø** + +* 前往企äøšå¾®äæ”ē®”ē†åŽå° ā†’ åŗ”ē”Øē®”ē† ā†’ 创å»ŗåŗ”ē”Ø +* 复制 **AgentId** 和 **Secret** +* 前往"ꈑēš„企äøš"锵面ļ¼Œå¤åˆ¶ **CorpID** + +**2. 配ē½®ęŽ„ę”¶ę¶ˆęÆ** + +* åœØåŗ”ē”ØčÆ¦ęƒ…é”µļ¼Œē‚¹å‡»"ęŽ„ę”¶ę¶ˆęÆ" ā†’ "č®¾ē½®API" +* č®¾ē½® URL äøŗ `http://your-server:18792/webhook/wecom-app` +* ē”Ÿęˆ **Token** 和 **EncodingAESKey** + +**3. 配ē½®** + +```json +{ + "channels": { + "wecom_app": { + "enabled": true, + "corp_id": "wwxxxxxxxxxxxxxxxx", + "corp_secret": "YOUR_CORP_SECRET", + "agent_id": 1000002, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18792, + "webhook_path": "/webhook/wecom-app", + "allow_from": [] + } + } +} +``` + +**4. čæč”Œ** + +```bash +picoclaw gateway + +``` + +> **ę³Øꄏ**: č‡Ŗå»ŗåŗ”ē”Øéœ€č¦å¼€ę”¾ 18792 ē«Æ口ē”ØäŗŽęŽ„ꔶ Webhook å›žč°ƒć€‚ē”Ÿäŗ§ēŽÆ境å»ŗč®®ä½æē”Ø反向代ē†é…ē½® HTTPS怂 + +
+ ## ClawdChat 加兄 Agent ē¤¾äŗ¤ē½‘ē»œ åŖ需通čæ‡ CLI ęˆ–ä»»ä½•é›†ęˆēš„čŠå¤©åŗ”ē”Ø发送äø€ę”궈ęÆļ¼Œå³åÆ将 PicoClaw čæžęŽ„到 Agent ē¤¾äŗ¤ē½‘ē»œć€‚ diff --git a/config/config.example.json b/config/config.example.json index f0c82c2bc..67819688c 100644 --- a/config/config.example.json +++ b/config/config.example.json @@ -108,6 +108,7 @@ "allow_from": [] }, "wecom": { + "_comment": "WeCom Bot (ę™ŗčƒ½ęœŗå™Øäŗŗ) - Easier setup, supports group chats", "enabled": false, "token": "YOUR_TOKEN", "encoding_aes_key": "YOUR_43_CHAR_ENCODING_AES_KEY", @@ -119,6 +120,7 @@ "reply_timeout": 5 }, "wecom_app": { + "_comment": "WeCom App (č‡Ŗå»ŗåŗ”ē”Ø) - More features, proactive messaging, private chat only. See docs/wecom-app-configuration.md", "enabled": false, "corp_id": "YOUR_CORP_ID", "corp_secret": "YOUR_CORP_SECRET", diff --git a/docs/wecom-app-configuration.md b/docs/wecom-app-configuration.md new file mode 100644 index 000000000..3b17d37a7 --- /dev/null +++ b/docs/wecom-app-configuration.md @@ -0,0 +1,117 @@ +# 企äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Ø (WeCom App) 配ē½®ęŒ‡å— + +ęœ¬ę–‡ę”£ä»‹ē»å¦‚何åœØ PicoClaw äø­é…ē½®ä¼äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Ø (wecom-app) 通道怂 + +## åŠŸčƒ½ē‰¹ę€§ + +| åŠŸčƒ½ | ę”ÆꌁēŠ¶ę€ | +|------|---------| +| č¢«åŠØęŽ„ę”¶ę¶ˆęÆ | āœ… | +| äø»åŠØå‘é€ę¶ˆęÆ | āœ… | +| ē§čŠ | āœ… | +| ē¾¤čŠ | āŒ | + +## 配ē½®ę­„éŖ¤ + +### 1. 企äøšå¾®äæ”后台配ē½® + +1. ē™»å½• [企äøšå¾®äæ”ē®”ē†åŽå°](https://work.weixin.qq.com/wework_admin) +2. čæ›å…„"åŗ”ē”Øē®”ē†" ā†’ 选ꋩč‡Ŗå»ŗåŗ”ē”Ø +3. č®°å½•ä»„äø‹äæ”ęÆļ¼š + - **AgentId**: åŗ”ē”ØčÆ¦ęƒ…é”µę˜¾ē¤ŗ + - **Secret**: ē‚¹å‡»"ęŸ„ēœ‹"čŽ·å– +4. čæ›å…„"ꈑēš„企äøš"锵面ļ¼Œč®°å½• **企äøšID** (CorpID) + +### 2. ęŽ„ę”¶ę¶ˆęÆ配ē½® + +1. åœØåŗ”ē”ØčÆ¦ęƒ…é”µļ¼Œē‚¹å‡»"ęŽ„ę”¶ę¶ˆęÆ"ēš„"č®¾ē½®APIꎄꔶ" +2. 唫写仄äø‹äæ”ęÆļ¼š + - **URL**: `http://your-server:18792/webhook/wecom-app` + - **Token**: 随ęœŗē”Ÿęˆęˆ–č‡Ŗ定义ļ¼ˆē”ØäŗŽē­¾åéŖŒčƁļ¼‰ + - **EncodingAESKey**: ē‚¹å‡»"随ęœŗē”Ÿęˆ"ē”Ÿęˆ43字ē¬¦ēš„åƆ钄 +3. ē‚¹å‡»"äæå­˜"ę—¶ļ¼Œä¼äøšå¾®äæ”会发送éŖŒčƁčÆ·ę±‚ + +### 3. PicoClaw 配ē½® + +åœØ `config.json` äø­ę·»åŠ ä»„äø‹é…ē½®ļ¼š + +```json +{ + "channels": { + "wecom_app": { + "enabled": true, + "corp_id": "wwxxxxxxxxxxxxxxxx", // 企äøšID + "corp_secret": "xxxxxxxxxxxxxxxxxxxxxxxx", // åŗ”ē”ØSecret + "agent_id": 1000002, // åŗ”ē”ØAgentId + "token": "your_token", // ęŽ„ę”¶ę¶ˆęÆ配ē½®ēš„Token + "encoding_aes_key": "your_encoding_aes_key", // ęŽ„ę”¶ę¶ˆęÆ配ē½®ēš„EncodingAESKey + "webhook_host": "0.0.0.0", + "webhook_port": 18792, + "webhook_path": "/webhook/wecom-app", + "allow_from": [], + "reply_timeout": 5 + } + } +} +``` + +## åøøč§é—®é¢˜ + +### 1. å›žč°ƒURLéŖŒčÆå¤±č“„ + +**ē—‡ēŠ¶**: 企äøšå¾®äæ”äæå­˜APIęŽ„ę”¶ę¶ˆęÆę—¶ęē¤ŗéŖŒčÆå¤±č“„ + +**ę£€ęŸ„é”¹**: +- ē”®č®¤ęœåŠ”å™Ø防ē«å¢™å·²å¼€ę”¾ 18792 ē«Æ口 +- ē”®č®¤ `corp_id`态`token`态`encoding_aes_key` 配ē½®ę­£ē”® +- ęŸ„ēœ‹ PicoClaw ę—„åæ—ę˜Æå¦ęœ‰čÆ·ę±‚åˆ°č¾¾ + +### 2. äø­ę–‡ę¶ˆęÆč§£åÆ†å¤±č“„ + +**ē—‡ēŠ¶**: 发送äø­ę–‡ę¶ˆęÆę—¶å‡ŗēŽ° `invalid padding size` 错čÆÆ + +**原因**: 企äøšå¾®äæ”ä½æē”Øéžę ‡å‡†ēš„ PKCS7 唫充ļ¼ˆ32å­—čŠ‚å—å¤§å°ļ¼‰ + +**č§£å†³**: ē”®äæä½æē”Ø꜀ꖰē‰ˆęœ¬ēš„ PicoClawļ¼Œå·²äæ®å¤ę­¤é—®é¢˜ć€‚ + +### 3. ē«Æ口冲ēŖ + +**ē—‡ēŠ¶**: åÆåŠØę—¶ęē¤ŗē«Æå£å·²č¢«å ē”Ø + +**č§£å†³**: äæ®ę”¹ `webhook_port` äøŗ其他ē«Æ口ļ¼Œå¦‚ 18794 + +## ꊀęœÆē»†čŠ‚ + +### 加åƆē®—ę³• + +- **ē®—ę³•**: AES-256-CBC +- **åƆ钄**: EncodingAESKey Base64č§£ē åŽēš„32å­—čŠ‚ +- **IV**: AESKeyēš„前16å­—čŠ‚ +- **唫充**: PKCS7ļ¼ˆå—大小äøŗ32å­—čŠ‚ļ¼Œéžę ‡å‡†16å­—čŠ‚ļ¼‰ +- **궈ęÆę ¼å¼**: XML + +### 궈ęÆē»“ęž„ + +č§£åƆ后ēš„ę¶ˆęÆę ¼å¼ļ¼š +``` +random(16B) + msg_len(4B) + msg + receiveid +``` + +其äø­ `receiveid` åƹäŗŽč‡Ŗå»ŗåŗ”ē”Øę˜Æ `corp_id`怂 + +## 调čƕ + +åÆē”Ø调čƕęØ”å¼ęŸ„ēœ‹čƦē»†ę—„åæ—ļ¼š + +```bash +picoclaw gateway --debug +``` + +å…³é”®ę—„åæ—ę ‡čƆļ¼š +- `wecom_app`: WeCom App 通道ē›øå…³ę—„åæ— +- `wecom_common`: 加åÆ†č§£åƆē›øå…³ę—„åæ— + +## å‚č€ƒę–‡ę”£ + +- [企äøšå¾®äæ”å®˜ę–¹ę–‡ę”£ - ęŽ„ę”¶ę¶ˆęÆ](https://developer.work.weixin.qq.com/document/path/96211) +- [企äøšå¾®äæ”å®˜ę–¹åŠ č§£åƆåŗ“](https://github.com/sbzhu/weworkapi_golang) diff --git a/pkg/channels/wecom.go b/pkg/channels/wecom.go index 404949e07..064568243 100644 --- a/pkg/channels/wecom.go +++ b/pkg/channels/wecom.go @@ -7,11 +7,17 @@ package channels import ( "bytes" "context" + "crypto/aes" + "crypto/cipher" + "crypto/sha1" + "encoding/base64" + "encoding/binary" "encoding/json" "encoding/xml" "fmt" "io" "net/http" + "sort" "strings" "sync" "time" @@ -470,3 +476,129 @@ func (c *WeComBotChannel) handleHealth(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") json.NewEncoder(w).Encode(status) } + +// WeCom common utilities for both WeCom Bot and WeCom App +// The following functions were moved from wecom_common.go + +// WeComVerifySignature verifies the message signature for WeCom +// This is a common function used by both WeCom Bot and WeCom App +func WeComVerifySignature(token, msgSignature, timestamp, nonce, msgEncrypt string) bool { + if token == "" { + return true // Skip verification if token is not set + } + + // Sort parameters + params := []string{token, timestamp, nonce, msgEncrypt} + sort.Strings(params) + + // Concatenate + str := strings.Join(params, "") + + // SHA1 hash + hash := sha1.Sum([]byte(str)) + expectedSignature := fmt.Sprintf("%x", hash) + + return expectedSignature == msgSignature +} + +// WeComDecryptMessage decrypts the encrypted message using AES +// This is a common function used by both WeCom Bot and WeCom App +// For AIBOT, receiveid should be the aibotid; for other apps, it should be corp_id +func WeComDecryptMessage(encryptedMsg, encodingAESKey string) (string, error) { + return WeComDecryptMessageWithVerify(encryptedMsg, encodingAESKey, "") +} + +// WeComDecryptMessageWithVerify decrypts the encrypted message and optionally verifies receiveid +// receiveid: for AIBOT use aibotid, for WeCom App use corp_id. If empty, skip verification. +func WeComDecryptMessageWithVerify(encryptedMsg, encodingAESKey, receiveid string) (string, error) { + if encodingAESKey == "" { + // No encryption, return as is (base64 decode) + decoded, err := base64.StdEncoding.DecodeString(encryptedMsg) + if err != nil { + return "", err + } + return string(decoded), nil + } + + // Decode AES key (base64) + aesKey, err := base64.StdEncoding.DecodeString(encodingAESKey + "=") + if err != nil { + return "", fmt.Errorf("failed to decode AES key: %w", err) + } + + // Decode encrypted message + cipherText, err := base64.StdEncoding.DecodeString(encryptedMsg) + if err != nil { + return "", fmt.Errorf("failed to decode message: %w", err) + } + + // AES decrypt + block, err := aes.NewCipher(aesKey) + if err != nil { + return "", fmt.Errorf("failed to create cipher: %w", err) + } + + if len(cipherText) < aes.BlockSize { + return "", fmt.Errorf("ciphertext too short") + } + + // IV is the first 16 bytes of AESKey + iv := aesKey[:aes.BlockSize] + mode := cipher.NewCBCDecrypter(block, iv) + plainText := make([]byte, len(cipherText)) + mode.CryptBlocks(plainText, cipherText) + + // Remove PKCS7 padding + plainText, err = pkcs7UnpadWeCom(plainText) + if err != nil { + return "", fmt.Errorf("failed to unpad: %w", err) + } + + // Parse message structure + // Format: random(16) + msg_len(4) + msg + receiveid + if len(plainText) < 20 { + return "", fmt.Errorf("decrypted message too short") + } + + msgLen := binary.BigEndian.Uint32(plainText[16:20]) + if int(msgLen) > len(plainText)-20 { + return "", fmt.Errorf("invalid message length") + } + + msg := plainText[20 : 20+msgLen] + + // Verify receiveid if provided + if receiveid != "" && len(plainText) > 20+int(msgLen) { + actualReceiveID := string(plainText[20+msgLen:]) + if actualReceiveID != receiveid { + return "", fmt.Errorf("receiveid mismatch: expected %s, got %s", receiveid, actualReceiveID) + } + } + + return string(msg), nil +} + +// pkcs7UnpadWeCom removes PKCS7 padding with validation +// WeCom uses block size of 32 (not standard AES block size of 16) +const wecomBlockSize = 32 + +func pkcs7UnpadWeCom(data []byte) ([]byte, error) { + if len(data) == 0 { + return data, nil + } + padding := int(data[len(data)-1]) + // WeCom uses 32-byte block size for PKCS7 padding + if padding == 0 || padding > wecomBlockSize { + return nil, fmt.Errorf("invalid padding size: %d", padding) + } + if padding > len(data) { + return nil, fmt.Errorf("padding size larger than data") + } + // Verify all padding bytes + for i := 0; i < padding; i++ { + if data[len(data)-1-i] != byte(padding) { + return nil, fmt.Errorf("invalid padding byte at position %d", i) + } + } + return data[:len(data)-padding], nil +} diff --git a/pkg/channels/wecom_common.go b/pkg/channels/wecom_common.go deleted file mode 100644 index 3e3908622..000000000 --- a/pkg/channels/wecom_common.go +++ /dev/null @@ -1,182 +0,0 @@ -// PicoClaw - Ultra-lightweight personal AI agent -// WeCom common utilities for both WeCom Bot and WeCom App - -package channels - -import ( - "crypto/aes" - "crypto/cipher" - "crypto/sha1" - "encoding/base64" - "encoding/binary" - "fmt" - "sort" - "strings" - - "github.com/sipeed/picoclaw/pkg/logger" -) - -// WeComVerifySignature verifies the message signature for WeCom -// This is a common function used by both WeCom Bot and WeCom App -func WeComVerifySignature(token, msgSignature, timestamp, nonce, msgEncrypt string) bool { - if token == "" { - return true // Skip verification if token is not set - } - - // Sort parameters - params := []string{token, timestamp, nonce, msgEncrypt} - sort.Strings(params) - - // Concatenate - str := strings.Join(params, "") - - // SHA1 hash - hash := sha1.Sum([]byte(str)) - expectedSignature := fmt.Sprintf("%x", hash) - - return expectedSignature == msgSignature -} - -// WeComDecryptMessage decrypts the encrypted message using AES -// This is a common function used by both WeCom Bot and WeCom App -// For AIBOT, receiveid should be the aibotid; for other apps, it should be corp_id -func WeComDecryptMessage(encryptedMsg, encodingAESKey string) (string, error) { - return WeComDecryptMessageWithVerify(encryptedMsg, encodingAESKey, "") -} - -// WeComDecryptMessageWithVerify decrypts the encrypted message and optionally verifies receiveid -// receiveid: for AIBOT use aibotid, for WeCom App use corp_id. If empty, skip verification. -func WeComDecryptMessageWithVerify(encryptedMsg, encodingAESKey, receiveid string) (string, error) { - logger.DebugCF("wecom_common", "Starting decryption", map[string]interface{}{ - "encodingAESKey_len": len(encodingAESKey), - "receiveid": receiveid, - "encryptedMsg_len": len(encryptedMsg), - }) - - if encodingAESKey == "" { - // No encryption, return as is (base64 decode) - decoded, err := base64.StdEncoding.DecodeString(encryptedMsg) - if err != nil { - return "", err - } - return string(decoded), nil - } - - // Decode AES key (base64) - aesKey, err := base64.StdEncoding.DecodeString(encodingAESKey + "=") - if err != nil { - logger.ErrorCF("wecom_common", "Failed to decode AES key", map[string]interface{}{ - "error": err.Error(), - "key": encodingAESKey, - }) - return "", fmt.Errorf("failed to decode AES key: %w", err) - } - logger.DebugCF("wecom_common", "AES key decoded", map[string]interface{}{ - "key_len": len(aesKey), - }) - - // Decode encrypted message - cipherText, err := base64.StdEncoding.DecodeString(encryptedMsg) - if err != nil { - logger.ErrorCF("wecom_common", "Failed to decode message", map[string]interface{}{ - "error": err.Error(), - }) - return "", fmt.Errorf("failed to decode message: %w", err) - } - logger.DebugCF("wecom_common", "Message decoded", map[string]interface{}{ - "cipher_len": len(cipherText), - }) - - // AES decrypt - block, err := aes.NewCipher(aesKey) - if err != nil { - return "", fmt.Errorf("failed to create cipher: %w", err) - } - - if len(cipherText) < aes.BlockSize { - return "", fmt.Errorf("ciphertext too short: %d < %d", len(cipherText), aes.BlockSize) - } - - // IV is the first 16 bytes of AESKey - iv := aesKey[:aes.BlockSize] - mode := cipher.NewCBCDecrypter(block, iv) - plainText := make([]byte, len(cipherText)) - mode.CryptBlocks(plainText, cipherText) - - // Remove PKCS7 padding - unpaddedText, err := pkcs7UnpadWeCom(plainText) - if err != nil { - lastByte := -1 - if len(plainText) > 0 { - lastByte = int(plainText[len(plainText)-1]) - } - logger.ErrorCF("wecom_common", "PKCS7 unpad failed", map[string]interface{}{ - "error": err.Error(), - "plain_len": len(plainText), - "last_byte": lastByte, - }) - return "", fmt.Errorf("failed to unpad: %w", err) - } - plainText = unpaddedText - - // Parse message structure - // Format: random(16) + msg_len(4) + msg + receiveid - if len(plainText) < 20 { - return "", fmt.Errorf("decrypted message too short") - } - - msgLen := binary.BigEndian.Uint32(plainText[16:20]) - logger.DebugCF("wecom_common", "Message structure parsed", map[string]interface{}{ - "msg_len": msgLen, - "plain_len": len(plainText), - "total_expected": 20 + int(msgLen), - }) - - if int(msgLen) > len(plainText)-20 { - return "", fmt.Errorf("invalid message length: %d > %d", msgLen, len(plainText)-20) - } - - msg := plainText[20 : 20+msgLen] - - // Verify receiveid if provided - if receiveid != "" && len(plainText) > 20+int(msgLen) { - actualReceiveID := string(plainText[20+msgLen:]) - logger.DebugCF("wecom_common", "ReceiveID verification", map[string]interface{}{ - "expected": receiveid, - "actual": actualReceiveID, - }) - if actualReceiveID != receiveid { - return "", fmt.Errorf("receiveid mismatch: expected %s, got %s", receiveid, actualReceiveID) - } - } - - logger.DebugCF("wecom_common", "Decryption successful", map[string]interface{}{ - "msg_len": len(msg), - }) - return string(msg), nil -} - -// pkcs7UnpadWeCom removes PKCS7 padding with validation -// WeCom uses block size of 32 (not standard AES block size of 16) -const wecomBlockSize = 32 - -func pkcs7UnpadWeCom(data []byte) ([]byte, error) { - if len(data) == 0 { - return data, nil - } - padding := int(data[len(data)-1]) - // WeCom uses 32-byte block size for PKCS7 padding - if padding == 0 || padding > wecomBlockSize { - return nil, fmt.Errorf("invalid padding size: %d", padding) - } - if padding > len(data) { - return nil, fmt.Errorf("padding size larger than data") - } - // Verify all padding bytes - for i := 0; i < padding; i++ { - if data[len(data)-1-i] != byte(padding) { - return nil, fmt.Errorf("invalid padding byte at position %d", i) - } - } - return data[:len(data)-padding], nil -} From 838a69085bafadd90175d8b1a52aa3547084222b Mon Sep 17 00:00:00 2001 From: esubaalew Date: Fri, 20 Feb 2026 18:23:22 +0300 Subject: [PATCH 14/88] fix: correct docs misalignment across translations and guides - Fix DingTalk section referencing "QQ numbers" instead of DingTalk user IDs - Fix Anthropic example showing OAuth when code uses paste-token auth - Replace OpenClaw references in ANTIGRAVITY_AUTH.md with actual PicoClaw paths and Go patterns - Fix auth file path from auth-profiles.json to auth.json in ANTIGRAVITY_USAGE.md - Remove non-existent approval tool from tools_configuration.md, add skills tool docs - Update Quick Start configs in fr/pt-br/vi/ja translations to use model_list format - Fix allowFrom camelCase to allow_from in fr/pt-br translations - Fix camelCase config keys in ja translation - Update zh/ja web search config from old flat format to brave/duckduckgo - Fix broken ClawdChat link and trailing commas in zh translation - Add missing qwen/cerebras providers to fr/pt-br/vi translation tables - Add missing protocol prefixes to migration guide - Fix typos in community roadmap --- README.fr.md | 31 +- README.ja.md | 61 ++- README.md | 8 +- README.pt-br.md | 29 +- README.vi.md | 40 +- README.zh.md | 33 +- docs/ANTIGRAVITY_AUTH.md | 435 ++++++---------------- docs/ANTIGRAVITY_USAGE.md | 10 +- docs/design/provider-refactoring-tests.md | 9 +- docs/migration/model-list-migration.md | 8 + docs/picoclaw_community_roadmap_260216.md | 4 +- docs/tools_configuration.md | 53 ++- 12 files changed, 281 insertions(+), 440 deletions(-) diff --git a/README.fr.md b/README.fr.md index d49edc5ee..7199f7098 100644 --- a/README.fr.md +++ b/README.fr.md @@ -212,19 +212,24 @@ picoclaw onboard ```json { + "model_list": [ + { + "model_name": "gpt4", + "model": "openai/gpt-5.2", + "api_key": "sk-your-openai-key", + "api_base": "https://api.openai.com/v1" + } + ], "agents": { "defaults": { - "workspace": "~/.picoclaw/workspace", - "model": "glm-4.7", - "max_tokens": 8192, - "temperature": 0.7, - "max_tool_iterations": 20 + "model": "gpt4" } }, - "providers": { - "openrouter": { - "api_key": "xxx", - "api_base": "https://openrouter.ai/api/v1" + "channels": { + "telegram": { + "enabled": true, + "token": "VOTRE_TOKEN_BOT", + "allow_from": ["VOTRE_USER_ID"] } }, "tools": { @@ -290,7 +295,7 @@ Discutez avec votre PicoClaw via Telegram, Discord, DingTalk, LINE ou WeCom "telegram": { "enabled": true, "token": "VOTRE_TOKEN_BOT", - "allowFrom": ["VOTRE_USER_ID"] + "allow_from": ["VOTRE_USER_ID"] } } } @@ -333,7 +338,7 @@ picoclaw gateway "discord": { "enabled": true, "token": "VOTRE_TOKEN_BOT", - "allowFrom": ["VOTRE_USER_ID"] + "allow_from": ["VOTRE_USER_ID"] } } } @@ -765,6 +770,8 @@ Le sous-agent a accĆØs aux outils (message, web_search, etc.) et peut communique | `anthropic` (ƀ tester) | LLM (Claude direct) | [console.anthropic.com](https://console.anthropic.com) | | `openai` (ƀ tester) | LLM (GPT direct) | [platform.openai.com](https://platform.openai.com) | | `deepseek` (ƀ tester) | LLM (DeepSeek direct) | [platform.deepseek.com](https://platform.deepseek.com) | +| `qwen` | LLM (Alibaba Qwen) | [dashscope.aliyuncs.com](https://dashscope.aliyuncs.com/compatible-mode/v1) | +| `cerebras` | LLM (Cerebras) | [cerebras.ai](https://api.cerebras.ai/v1) | | `groq` | LLM + **Transcription vocale** (Whisper) | [console.groq.com](https://console.groq.com) |
@@ -1087,7 +1094,7 @@ Ajoutez la clĆ© dans `~/.picoclaw/config.json` si vous utilisez Brave : "tools": { "web": { "brave": { - "enabled": true, + "enabled": false, "api_key": "VOTRE_CLE_API_BRAVE", "max_results": 5 }, diff --git a/README.ja.md b/README.ja.md index 793a51101..bb0bdfb28 100644 --- a/README.ja.md +++ b/README.ja.md @@ -174,35 +174,25 @@ picoclaw onboard ```json { + "model_list": [ + { + "model_name": "gpt4", + "model": "openai/gpt-5.2", + "api_key": "sk-your-openai-key", + "api_base": "https://api.openai.com/v1" + } + ], "agents": { "defaults": { - "workspace": "~/.picoclaw/workspace", - "model": "glm-4.7", - "max_tokens": 8192, - "temperature": 0.7, - "max_tool_iterations": 20 + "model": "gpt4" } }, - "providers": { - "openrouter": { - "api_key": "xxx", - "api_base": "https://openrouter.ai/api/v1" + "channels": { + "telegram": { + "enabled": true, + "token": "YOUR_TELEGRAM_BOT_TOKEN", + "allow_from": [] } - }, - "tools": { - "web": { - "search": { - "api_key": "YOUR_BRAVE_API_KEY", - "max_results": 5 - } - }, - "cron": { - "exec_timeout_minutes": 5 - } - }, - "heartbeat": { - "enabled": true, - "interval": 30 } } ``` @@ -214,7 +204,7 @@ picoclaw onboard > **ę³Øꄏ**: 完å…ØćŖčØ­å®šćƒ†ćƒ³ćƒ—ćƒ¬ćƒ¼ćƒˆćÆ `config.example.json` ć‚’å‚ē…§ć—ć¦ćć ć•ć„ć€‚ -**3. ćƒćƒ£ćƒƒćƒˆ** +**4. ćƒćƒ£ćƒƒćƒˆ** ```bash picoclaw agent -m "What is 2+2?" @@ -764,10 +754,10 @@ HEARTBEAT_OK åæœē­” ćƒ¦ćƒ¼ć‚¶ćƒ¼ćŒē›“ꎄēµęžœć‚’å—ć‘å–ć‚‹ }, "providers": { "openrouter": { - "apiKey": "sk-or-v1-xxx" + "api_key": "sk-or-v1-xxx" }, "groq": { - "apiKey": "gsk_xxx" + "api_key": "gsk_xxx" } }, "channels": { @@ -786,17 +776,17 @@ HEARTBEAT_OK åæœē­” ćƒ¦ćƒ¼ć‚¶ćƒ¼ćŒē›“ꎄēµęžœć‚’å—ć‘å–ć‚‹ }, "feishu": { "enabled": false, - "appId": "cli_xxx", - "appSecret": "xxx", - "encryptKey": "", - "verificationToken": "", + "app_id": "cli_xxx", + "app_secret": "xxx", + "encrypt_key": "", + "verification_token": "", "allow_from": [] } }, "tools": { "web": { "search": { - "apiKey": "BSA..." + "api_key": "BSA..." } }, "cron": { @@ -1001,9 +991,14 @@ Web ꤜē“¢ć‚’ęœ‰åŠ¹ć«ć™ć‚‹ć«ćÆļ¼š { "tools": { "web": { - "search": { + "brave": { + "enabled": true, "api_key": "YOUR_BRAVE_API_KEY", "max_results": 5 + }, + "duckduckgo": { + "enabled": true, + "max_results": 5 } } } diff --git a/README.md b/README.md index a82a9ad32..d7d8be80b 100644 --- a/README.md +++ b/README.md @@ -418,7 +418,7 @@ picoclaw gateway } ``` -> Set `allow_from` to empty to allow all users, or specify QQ numbers to restrict access. +> Set `allow_from` to empty to allow all users, or specify DingTalk user IDs to restrict access. **3. Run** @@ -867,15 +867,15 @@ This design also enables **multi-agent support** with flexible provider selectio } ``` -**Anthropic (with OAuth)** +**Anthropic (with API key)** ```json { "model_name": "claude-sonnet-4.6", "model": "anthropic/claude-sonnet-4.6", - "auth_method": "oauth" + "api_key": "sk-ant-your-key" } ``` -> Run `picoclaw auth login --provider anthropic` to set up OAuth credentials. +> Run `picoclaw auth login --provider anthropic` to paste your API token. **Ollama (local)** ```json diff --git a/README.pt-br.md b/README.pt-br.md index a1788d119..ec8fe8e1c 100644 --- a/README.pt-br.md +++ b/README.pt-br.md @@ -213,19 +213,17 @@ picoclaw onboard ```json { + "model_list": [ + { + "model_name": "gpt4", + "model": "openai/gpt-5.2", + "api_key": "sk-your-openai-key", + "api_base": "https://api.openai.com/v1" + } + ], "agents": { "defaults": { - "workspace": "~/.picoclaw/workspace", - "model": "glm-4.7", - "max_tokens": 8192, - "temperature": 0.7, - "max_tool_iterations": 20 - } - }, - "providers": { - "openrouter": { - "api_key": "xxx", - "api_base": "https://openrouter.ai/api/v1" + "model": "gpt4" } }, "tools": { @@ -291,7 +289,7 @@ Converse com seu PicoClaw via Telegram, Discord, DingTalk, LINE ou WeCom. "telegram": { "enabled": true, "token": "YOUR_BOT_TOKEN", - "allowFrom": ["YOUR_USER_ID"] + "allow_from": ["YOUR_USER_ID"] } } } @@ -334,7 +332,7 @@ picoclaw gateway "discord": { "enabled": true, "token": "YOUR_BOT_TOKEN", - "allowFrom": ["YOUR_USER_ID"] + "allow_from": ["YOUR_USER_ID"] } } } @@ -766,6 +764,8 @@ O subagente tem acesso Ć s ferramentas (message, web_search, etc.) e pode se com | `anthropic` (Em teste) | LLM (Claude direto) | [console.anthropic.com](https://console.anthropic.com) | | `openai` (Em teste) | LLM (GPT direto) | [platform.openai.com](https://platform.openai.com) | | `deepseek` (Em teste) | LLM (DeepSeek direto) | [platform.deepseek.com](https://platform.deepseek.com) | +| `qwen` | Alibaba Qwen | [dashscope.console.aliyun.com](https://dashscope.console.aliyun.com) | +| `cerebras` | Cerebras | [cerebras.ai](https://cerebras.ai) | | `groq` | LLM + **TranscriĆ§Ć£o de voz** (Whisper) | [console.groq.com](https://console.groq.com) |
@@ -1088,7 +1088,7 @@ Adicione a key em `~/.picoclaw/config.json` se usar o Brave: "tools": { "web": { "brave": { - "enabled": true, + "enabled": false, "api_key": "YOUR_BRAVE_API_KEY", "max_results": 5 }, @@ -1119,3 +1119,4 @@ Isso acontece quando outra instĆ¢ncia do bot estĆ” em execuĆ§Ć£o. Certifique-se | **Zhipu** | 200K tokens/mĆŖs | Melhor para usuĆ”rios chineses | | **Brave Search** | 2000 consultas/mĆŖs | Funcionalidade de busca web | | **Groq** | Plano gratuito disponĆ­vel | InferĆŖncia ultra-rĆ”pida (Llama, Mixtral) | +| **Cerebras** | Plano gratuito disponĆ­vel | InferĆŖncia ultra-rĆ”pida (Llama 3.3 70B) | diff --git a/README.vi.md b/README.vi.md index 5548f88a4..161842933 100644 --- a/README.vi.md +++ b/README.vi.md @@ -193,32 +193,24 @@ picoclaw onboard ```json { + "model_list": [ + { + "model_name": "gpt4", + "model": "openai/gpt-5.2", + "api_key": "sk-your-openai-key", + "api_base": "https://api.openai.com/v1" + } + ], "agents": { "defaults": { - "workspace": "~/.picoclaw/workspace", - "model": "glm-4.7", - "max_tokens": 8192, - "temperature": 0.7, - "max_tool_iterations": 20 + "model": "gpt4" } }, - "providers": { - "openrouter": { - "api_key": "xxx", - "api_base": "https://openrouter.ai/api/v1" - } - }, - "tools": { - "web": { - "brave": { - "enabled": false, - "api_key": "YOUR_BRAVE_API_KEY", - "max_results": 5 - }, - "duckduckgo": { - "enabled": true, - "max_results": 5 - } + "channels": { + "telegram": { + "enabled": true, + "token": "YOUR_TELEGRAM_BOT_TOKEN", + "allow_from": [] } } } @@ -747,6 +739,8 @@ Subagent cĆ³ quyį»n truy cįŗ­p cĆ”c cĆ“ng cį»„ (message, web_search, v.v.) vĆ  | `openai` (Đang thį»­ nghiį»‡m) | LLM (GPT trį»±c tiįŗæp) | [platform.openai.com](https://platform.openai.com) | | `deepseek` (Đang thį»­ nghiį»‡m) | LLM (DeepSeek trį»±c tiįŗæp) | [platform.deepseek.com](https://platform.deepseek.com) | | `groq` | LLM + **Chuyį»ƒn giį»ng nĆ³i** (Whisper) | [console.groq.com](https://console.groq.com) | +| `qwen` | LLM (Qwen trį»±c tiįŗæp) | [dashscope.console.aliyun.com](https://dashscope.console.aliyun.com) | +| `cerebras` | LLM (Cerebras trį»±c tiįŗæp) | [cerebras.ai](https://cerebras.ai) |
Cįŗ„u hƬnh Zhipu @@ -1065,7 +1059,7 @@ ThĆŖm key vĆ o `~/.picoclaw/config.json` nįŗæu dĆ¹ng Brave: "tools": { "web": { "brave": { - "enabled": true, + "enabled": false, "api_key": "YOUR_BRAVE_API_KEY", "max_results": 5 }, diff --git a/README.zh.md b/README.zh.md index d470db033..0989770ca 100644 --- a/README.zh.md +++ b/README.zh.md @@ -238,9 +238,14 @@ picoclaw onboard ], "tools": { "web": { - "search": { + "brave": { + "enabled": false, "api_key": "YOUR_BRAVE_API_KEY", "max_results": 5 + }, + "duckduckgo": { + "enabled": true, + "max_results": 5 } }, "cron": { @@ -345,7 +350,8 @@ picoclaw gateway "discord": { "enabled": true, "token": "YOUR_BOT_TOKEN", - "allow_from": ["YOUR_USER_ID"] + "allow_from": ["YOUR_USER_ID"], + "mention_only": false } } } @@ -525,7 +531,7 @@ picoclaw gateway åŖ需通čæ‡ CLI ęˆ–ä»»ä½•é›†ęˆēš„čŠå¤©åŗ”ē”Ø发送äø€ę”궈ęÆļ¼Œå³åÆ将 PicoClaw čæžęŽ„到 Agent ē¤¾äŗ¤ē½‘ē»œć€‚ -**阅čÆ» `https://clawdchat.ai/skill.md` å¹¶ęŒ‰ē…§čÆ“ę˜ŽåŠ å…„ [ClawdChat.ai**](https://clawdchat.ai) +**阅čÆ» `https://clawdchat.ai/skill.md` å¹¶ęŒ‰ē…§čÆ“ę˜ŽåŠ å…„ [ClawdChat.ai](https://clawdchat.ai) ## āš™ļø 配ē½®čÆ¦č§£ @@ -857,8 +863,8 @@ Agent čƻ取 HEARTBEAT.md "zhipu": { "api_key": "Your API Key", "api_base": "https://open.bigmodel.cn/api/paas/v4" - }, - }, + } + } } ``` @@ -921,8 +927,14 @@ picoclaw agent -m "你儽" }, "tools": { "web": { - "search": { - "api_key": "BSA..." + "brave": { + "enabled": false, + "api_key": "YOUR_BRAVE_API_KEY", + "max_results": 5 + }, + "duckduckgo": { + "enabled": true, + "max_results": 5 } }, "cron": { @@ -989,9 +1001,14 @@ Discord: [https://discord.gg/V4sAZ9XWpN](https://discord.gg/V4sAZ9XWpN) { "tools": { "web": { - "search": { + "brave": { + "enabled": false, "api_key": "YOUR_BRAVE_API_KEY", "max_results": 5 + }, + "duckduckgo": { + "enabled": true, + "max_results": 5 } } } diff --git a/docs/ANTIGRAVITY_AUTH.md b/docs/ANTIGRAVITY_AUTH.md index 5d68de427..89261d899 100644 --- a/docs/ANTIGRAVITY_AUTH.md +++ b/docs/ANTIGRAVITY_AUTH.md @@ -378,7 +378,7 @@ const antigravityPlugin = { description: "OAuth flow for Google Antigravity (Cloud Code Assist)", configSchema: emptyPluginConfigSchema(), - register(api: OpenClawPluginApi) { + register(api: PicoClawPluginApi) { api.registerProvider({ id: "google-antigravity", label: "Google Antigravity", @@ -405,7 +405,7 @@ const antigravityPlugin = { ```typescript type ProviderAuthContext = { - config: OpenClawConfig; + config: PicoClawConfig; agentDir?: string; workspaceDir?: string; prompter: WizardPrompter; // UI prompts/notifications @@ -426,7 +426,7 @@ type ProviderAuthResult = { profileId: string; credential: AuthProfileCredential; }>; - configPatch?: Partial; + configPatch?: Partial; defaultModel?: string; notes?: string[]; }; @@ -438,10 +438,9 @@ type ProviderAuthResult = { ### 1. Required Environment/Dependencies -- Node.js ā‰„ 22 -- OpenClaw plugin-sdk -- crypto module (built-in) -- http module (built-in) +- Go ā‰„ 1.21 +- PicoClaw codebase (`pkg/providers/` and `pkg/auth/`) +- `crypto` and `net/http` standard library packages ### 2. Required Headers for API Calls @@ -572,36 +571,40 @@ Each SSE message (`data: {...}`) is wrapped in a `response` field: ## Configuration -### openclaw.json Configuration +### config.json Configuration -```json5 +```json { - agents: { - defaults: { - model: { - primary: "google-antigravity/claude-opus-4-6-thinking", - }, - }, - }, + "model_list": [ + { + "model_name": "gemini-flash", + "model": "antigravity/gemini-3-flash", + "auth_method": "oauth" + } + ], + "agents": { + "defaults": { + "model": "gemini-flash" + } + } } ``` ### Auth Profile Storage -Auth profiles are stored in `~/.openclaw/agent/auth-profiles.json`: +Auth profiles are stored in `~/.picoclaw/auth.json`: ```json { - "version": 1, - "profiles": { - "google-antigravity:user@example.com": { - "type": "oauth", + "credentials": { + "google-antigravity": { + "access_token": "ya29...", + "refresh_token": "1//...", + "expires_at": "2026-01-01T00:00:00Z", "provider": "google-antigravity", - "access": "ya29...", - "refresh": "1//...", - "expires": 1704067200000, + "auth_method": "oauth", "email": "user@example.com", - "projectId": "my-project-id" + "project_id": "my-project-id" } } } @@ -611,277 +614,85 @@ Auth profiles are stored in `~/.openclaw/agent/auth-profiles.json`: ## Creating a New Provider in PicoClaw +PicoClaw providers are implemented as Go packages under `pkg/providers/`. To add a new provider: + ### Step-by-Step Implementation -#### 1. Create Plugin Structure +#### 1. Create Provider File + +Create a new Go file in `pkg/providers/`: ``` -extensions/ -ā””ā”€ā”€ your-provider-auth/ - ā”œā”€ā”€ openclaw.plugin.json - ā”œā”€ā”€ package.json - ā”œā”€ā”€ README.md - ā””ā”€ā”€ index.ts +pkg/providers/ +ā””ā”€ā”€ your_provider.go ``` -#### 2. Define Plugin Manifest +#### 2. Implement the Provider Interface -**openclaw.plugin.json:** -```json -{ - "id": "your-provider-auth", - "providers": ["your-provider"], - "configSchema": { - "type": "object", - "additionalProperties": false, - "properties": {} - } +Your provider must implement the `Provider` interface defined in `pkg/providers/types.go`: + +```go +package providers + +type YourProvider struct { + apiKey string + apiBase string } -``` -**package.json:** -```json -{ - "name": "@openclaw/your-provider-auth", - "version": "1.0.0", - "private": true, - "description": "Your Provider OAuth plugin", - "type": "module" -} -``` - -#### 3. Implement OAuth Flow - -```typescript -import { - buildOauthProviderAuthResult, - emptyPluginConfigSchema, - type OpenClawPluginApi, - type ProviderAuthContext, -} from "openclaw/plugin-sdk"; - -const YOUR_CLIENT_ID = "your-client-id"; -const YOUR_CLIENT_SECRET = "your-client-secret"; -const AUTH_URL = "https://provider.com/oauth/authorize"; -const TOKEN_URL = "https://provider.com/oauth/token"; -const REDIRECT_URI = "http://localhost:PORT/oauth-callback"; - -async function loginYourProvider(params: { - isRemote: boolean; - openUrl: (url: string) => Promise; - prompt: (message: string) => Promise; - note: (message: string, title?: string) => Promise; - log: (message: string) => void; - progress: { update: (msg: string) => void; stop: (msg?: string) => void }; -}) { - // 1. Generate PKCE - const { verifier, challenge } = generatePkce(); - const state = randomBytes(16).toString("hex"); - - // 2. Build auth URL - const authUrl = buildAuthUrl({ challenge, state }); - - // 3. Start callback server (if not remote) - const callbackServer = !params.isRemote - ? await startCallbackServer({ timeoutMs: 5 * 60 * 1000 }) - : null; - - // 4. Open browser or show URL - if (callbackServer) { - await params.openUrl(authUrl); - const callback = await callbackServer.waitForCallback(); - code = callback.searchParams.get("code"); - } else { - await params.note(`Auth URL: ${authUrl}`, "OAuth"); - const input = await params.prompt("Paste redirect URL:"); - const parsed = parseCallbackInput(input); - code = parsed.code; - } - - // 5. Exchange code for tokens - const tokens = await exchangeCode({ code, verifier }); - - // 6. Fetch additional user data - const email = await fetchUserEmail(tokens.access); - - return { ...tokens, email }; -} -``` - -#### 4. Register Provider - -```typescript -const yourProviderPlugin = { - id: "your-provider-auth", - name: "Your Provider Auth", - description: "OAuth for Your Provider", - configSchema: emptyPluginConfigSchema(), - - register(api: OpenClawPluginApi) { - api.registerProvider({ - id: "your-provider", - label: "Your Provider", - docsPath: "/providers/models", - aliases: ["yp"], - - auth: [ - { - id: "oauth", - label: "OAuth Login", - hint: "Browser-based authentication", - kind: "oauth", - - run: async (ctx: ProviderAuthContext) => { - const spin = ctx.prompter.progress("Starting OAuth..."); - - try { - const result = await loginYourProvider({ - isRemote: ctx.isRemote, - openUrl: ctx.openUrl, - prompt: async (msg) => String(await ctx.prompter.text({ message: msg })), - note: ctx.prompter.note, - log: (msg) => ctx.runtime.log(msg), - progress: spin, - }); - - return buildOauthProviderAuthResult({ - providerId: "your-provider", - defaultModel: "your-provider/model-name", - access: result.access, - refresh: result.refresh, - expires: result.expires, - email: result.email, - notes: ["Provider-specific notes"], - }); - } catch (err) { - spin.stop("OAuth failed"); - throw err; - } - }, - }, - ], - }); - }, -}; - -export default yourProviderPlugin; -``` - -#### 5. Implement Usage Tracking (Optional) - -```typescript -// src/infra/provider-usage.fetch.your-provider.ts -export async function fetchYourProviderUsage( - token: string, - timeoutMs: number, - fetchFn: typeof fetch -): Promise { - // Fetch usage data from provider API - const response = await fetchFn("https://api.provider.com/usage", { - headers: { Authorization: `Bearer ${token}` }, - }); - - const data = await response.json(); - - return { - provider: "your-provider", - displayName: "Your Provider", - windows: [ - { label: "Credits", usedPercent: data.usedPercent }, - ], - plan: data.planName, - }; -} -``` - -#### 6. Register Usage Fetcher - -```typescript -// src/infra/provider-usage.load.ts -case "your-provider": - return await fetchYourProviderUsage(auth.token, timeoutMs, fetchFn); -``` - -#### 7. Add Provider to Type Definitions - -```typescript -// src/infra/provider-usage.types.ts -export type SupportedProvider = - | "anthropic" - | "github-copilot" - | "google-gemini-cli" - | "google-antigravity" - | "your-provider" // Add here - | "minimax" - | "openai-codex"; -``` - -#### 8. Add Auth Choice Handler - -```typescript -// src/commands/auth-choice.apply.your-provider.ts -import { applyAuthChoicePluginProvider } from "./auth-choice.apply.plugin-provider.js"; - -export async function applyAuthChoiceYourProvider( - params: ApplyAuthChoiceParams -): Promise { - return await applyAuthChoicePluginProvider(params, { - authChoice: "your-provider", - pluginId: "your-provider-auth", - providerId: "your-provider", - methodId: "oauth", - label: "Your Provider", - }); -} -``` - -#### 9. Export from Main Index - -```typescript -// src/commands/auth-choice.apply.ts -import { applyAuthChoiceYourProvider } from "./auth-choice.apply.your-provider.js"; - -// In the switch statement: -case "your-provider": - return await applyAuthChoiceYourProvider(params); -``` - -### Helper Utilities - -#### PKCE Generation -```typescript -function generatePkce(): { verifier: string; challenge: string } { - const verifier = randomBytes(32).toString("hex"); - const challenge = createHash("sha256").update(verifier).digest("base64url"); - return { verifier, challenge }; -} -``` - -#### Callback Server -```typescript -async function startCallbackServer(params: { timeoutMs: number }) { - const port = 51121; // Your port - - const server = createServer((request, response) => { - const url = new URL(request.url!, `http://localhost:${port}`); - - if (url.pathname === "/oauth-callback") { - response.writeHead(200, { "Content-Type": "text/html" }); - response.end("

Authentication complete

"); - resolveCallback(url); - server.close(); +func NewYourProvider(apiKey, apiBase, proxy string) *YourProvider { + if apiBase == "" { + apiBase = "https://api.your-provider.com/v1" } - }); - - await new Promise((resolve, reject) => { - server.listen(port, "127.0.0.1", resolve); - server.once("error", reject); - }); - - return { - waitForCallback: () => callbackPromise, - close: () => new Promise((resolve) => server.close(resolve)), - }; + return &YourProvider{apiKey: apiKey, apiBase: apiBase} +} + +func (p *YourProvider) Chat(ctx context.Context, messages []Message, tools []Tool, cb StreamCallback) error { + // Implement chat completion with streaming +} +``` + +#### 3. Register in the Factory + +Add your provider to the protocol switch in `pkg/providers/factory.go`: + +```go +case "your-provider": + return NewYourProvider(sel.apiKey, sel.apiBase, sel.proxy), nil +``` + +#### 4. Add Default Config (Optional) + +Add a default entry in `pkg/config/defaults.go`: + +```go +{ + ModelName: "your-model", + Model: "your-provider/model-name", + APIKey: "", +}, +``` + +#### 5. Add Auth Support (Optional) + +If your provider requires OAuth or special authentication, add a case to `cmd/picoclaw/cmd_auth.go`: + +```go +case "your-provider": + authLoginYourProvider() +``` + +#### 6. Configure via `config.json` + +```json +{ + "model_list": [ + { + "model_name": "your-model", + "model": "your-provider/model-name", + "api_key": "your-api-key", + "api_base": "https://api.your-provider.com/v1" + } + ] } ``` @@ -892,33 +703,27 @@ async function startCallbackServer(params: { timeoutMs: number }) { ### CLI Commands ```bash -# Enable the plugin -openclaw plugins enable your-provider-auth +# Authenticate with a provider +picoclaw auth login --provider your-provider -# Restart gateway -openclaw gateway restart +# List models (for Antigravity) +picoclaw auth models -# Authenticate -openclaw models auth login --provider your-provider --set-default +# Start the gateway +picoclaw gateway -# List models -openclaw models list - -# Set model -openclaw models set your-provider/model-name - -# Check usage -openclaw models usage +# Run an agent with a specific model +picoclaw agent -m "Hello" --model your-model ``` ### Environment Variables for Testing ```bash -# Test specific providers only -export OPENCLAW_LIVE_PROVIDERS="your-provider,google-antigravity" +# Override default model +export PICOCLAW_AGENTS_DEFAULTS_MODEL=your-model -# Test with specific models -export OPENCLAW_LIVE_GATEWAY_MODELS="your-provider/model-name" +# Override provider settings +export PICOCLAW_MODEL_LIST='[{"model_name":"your-model","model":"your-provider/model-name","api_key":"..."}]' ``` --- @@ -926,16 +731,16 @@ export OPENCLAW_LIVE_GATEWAY_MODELS="your-provider/model-name" ## References - **Source Files:** - - `extensions/google-antigravity-auth/index.ts` - Full OAuth implementation - - `src/infra/provider-usage.fetch.antigravity.ts` - Usage fetching - - `src/agents/pi-embedded-runner/google.ts` - Model sanitization - - `src/agents/model-forward-compat.ts` - Forward compatibility - - `src/plugin-sdk/provider-auth-result.ts` - Auth result builder - - `src/plugins/types.ts` - Plugin type definitions + - `pkg/providers/antigravity_provider.go` - Antigravity provider implementation + - `pkg/auth/oauth.go` - OAuth flow implementation + - `pkg/auth/store.go` - Auth credential storage (`~/.picoclaw/auth.json`) + - `pkg/providers/factory.go` - Provider factory and protocol routing + - `pkg/providers/types.go` - Provider interface definitions + - `cmd/picoclaw/cmd_auth.go` - Auth CLI commands - **Documentation:** - - `docs/concepts/model-providers.md` - Provider overview - - `docs/concepts/usage-tracking.md` - Usage tracking + - `docs/ANTIGRAVITY_USAGE.md` - Antigravity usage guide + - `docs/migration/model-list-migration.md` - Migration guide --- @@ -987,7 +792,7 @@ Some models might show up in the available models list but return an empty respo ## Troubleshooting ### "Token expired" -- Refresh OAuth tokens: `openclaw models auth login --provider google-antigravity` +- Refresh OAuth tokens: `picoclaw auth login --provider antigravity` ### "Gemini for Google Cloud is not enabled" - Enable the API in your Google Cloud Console @@ -998,5 +803,5 @@ Some models might show up in the available models list but return an empty respo ### Models not appearing in list - Verify OAuth authentication completed successfully -- Check auth profile storage: `~/.openclaw/agent/auth-profiles.json` -- Ensure the plugin is enabled: `openclaw plugins list` +- Check auth profile storage: `~/.picoclaw/auth.json` +- Re-run `picoclaw auth login --provider antigravity` diff --git a/docs/ANTIGRAVITY_USAGE.md b/docs/ANTIGRAVITY_USAGE.md index 8bf1fdfdb..e8194b6bc 100644 --- a/docs/ANTIGRAVITY_USAGE.md +++ b/docs/ANTIGRAVITY_USAGE.md @@ -47,14 +47,12 @@ picoclaw agent -m "Hello" --model claude-opus-4-6-thinking If you are deploying via Coolify or Docker, follow these steps to test: -1. **Branch**: Use the `feat/antigravity-provider` branch. -2. **Environment Variables**: - * `PICOCLAW_AGENTS_DEFAULTS_PROVIDER=antigravity` - * `PICOCLAW_AGENTS_DEFAULTS_MODEL=gemini-3-flash` -3. **Authentication persistence**: +1. **Environment Variables**: + * `PICOCLAW_AGENTS_DEFAULTS_MODEL=gemini-flash` +2. **Authentication persistence**: If you've logged in locally, you can copy your credentials to the server: ```bash - scp ~/.picoclaw/auth-profiles.json user@your-server:~/.picoclaw/ + scp ~/.picoclaw/auth.json user@your-server:~/.picoclaw/ ``` *Alternatively*, run the `auth login` command once on the server if you have terminal access. diff --git a/docs/design/provider-refactoring-tests.md b/docs/design/provider-refactoring-tests.md index fc6429278..060be9ba8 100644 --- a/docs/design/provider-refactoring-tests.md +++ b/docs/design/provider-refactoring-tests.md @@ -1,7 +1,5 @@ # Provider Architecture Refactoring - Test Suite Summary -> PRD: `tasks/prd-provider-refactoring.md` - This document summarizes the complete test suite designed for the Provider architecture refactoring. ## Test File Structure @@ -12,10 +10,8 @@ pkg/ ā”‚ ā”œā”€ā”€ model_config_test.go # US-001, US-002: ModelConfig struct and GetModelConfig tests ā”‚ ā””ā”€ā”€ migration_test.go # US-003: Backward compatibility and migration tests ā”œā”€ā”€ providers/ -ā”‚ ā”œā”€ā”€ registry_test.go # US-006: Load balancing tests -ā”‚ ā”œā”€ā”€ integration_test.go # E2E integration tests -ā”‚ ā””ā”€ā”€ factory/ -ā”‚ ā””ā”€ā”€ factory_test.go # US-004, US-005: Provider factory tests +ā”‚ ā”œā”€ā”€ factory_test.go # US-004, US-005: Provider factory tests +ā”‚ ā””ā”€ā”€ factory_provider_test.go # Factory provider integration tests ``` --- @@ -122,7 +118,6 @@ go test ./pkg/... -race # Run specific package tests go test ./pkg/config -v go test ./pkg/providers -v -go test ./pkg/providers/factory -v # Run E2E tests go test ./pkg/providers -run TestE2E -v diff --git a/docs/migration/model-list-migration.md b/docs/migration/model-list-migration.md index 0682bae1a..589dfc043 100644 --- a/docs/migration/model-list-migration.md +++ b/docs/migration/model-list-migration.md @@ -85,6 +85,7 @@ The `model` field uses a protocol prefix format: `[protocol/]model-identifier` | `openai/` | OpenAI API (default) | `openai/gpt-5.2` | | `anthropic/` | Anthropic API | `anthropic/claude-opus-4` | | `antigravity/` | Google via Antigravity OAuth | `antigravity/gemini-2.0-flash` | +| `gemini/` | Google Gemini API | `gemini/gemini-2.0-flash-exp` | | `claude-cli/` | Claude CLI (local) | `claude-cli/claude-sonnet-4.6` | | `codex-cli/` | Codex CLI (local) | `codex-cli/codex-4` | | `github-copilot/` | GitHub Copilot | `github-copilot/gpt-4o` | @@ -93,6 +94,13 @@ The `model` field uses a protocol prefix format: `[protocol/]model-identifier` | `deepseek/` | DeepSeek API | `deepseek/deepseek-chat` | | `cerebras/` | Cerebras API | `cerebras/llama-3.3-70b` | | `qwen/` | Alibaba Qwen | `qwen/qwen-max` | +| `zhipu/` | Zhipu AI | `zhipu/glm-4` | +| `nvidia/` | NVIDIA NIM | `nvidia/llama-3.1-nemotron-70b` | +| `ollama/` | Ollama (local) | `ollama/llama3` | +| `vllm/` | vLLM (local) | `vllm/my-model` | +| `moonshot/` | Moonshot AI | `moonshot/moonshot-v1-8k` | +| `shengsuanyun/` | ShengSuanYun | `shengsuanyun/deepseek-v3` | +| `volcengine/` | Volcengine | `volcengine/doubao-pro-32k` | **Note**: If no prefix is specified, `openai/` is used as the default. diff --git a/docs/picoclaw_community_roadmap_260216.md b/docs/picoclaw_community_roadmap_260216.md index cfcc30f17..95de768c6 100644 --- a/docs/picoclaw_community_roadmap_260216.md +++ b/docs/picoclaw_community_roadmap_260216.md @@ -71,14 +71,14 @@ Interested in a specific feature? You can "claim" these tasks and start building * Support for OneBot, additional platforms * attachments (images, audio, video, files). * **Skills:** - * Implementing `find_skill` to discover tools via [openclaw/skills](https://github.com/openclaw/skills) and other platforms. + * Implementing `find_skill` to discover tools via [ClawhHub](https://clawhub.ai) and other platforms. * **Operations:** * MCP Support. * Android operations (e.g., botdrop). * Browser automation via CDP or ActionBook. * **Multi-Agent Ecosystem:** - * **Basic Model-Agnet** S + * **Basic Model-Agent** * **Model Routing:** Small models for easy tasks, large models for hard ones (to save tokens). * **Swarm Mode.** * **AIEOS Integration.** diff --git a/docs/tools_configuration.md b/docs/tools_configuration.md index 8777ddbd6..8aba1aa91 100644 --- a/docs/tools_configuration.md +++ b/docs/tools_configuration.md @@ -9,8 +9,8 @@ PicoClaw's tools configuration is located in the `tools` field of `config.json`. "tools": { "web": { ... }, "exec": { ... }, - "approval": { ... }, - "cron": { ... } + "cron": { ... }, + "skills": { ... } } } ``` @@ -83,25 +83,12 @@ By default, PicoClaw blocks the following dangerous commands: "custom_deny_patterns": [ "\\brm\\s+-r\\b", "\\bkillall\\s+python" - ], + ] } } } ``` -## Approval Tool - -The approval tool controls permissions for dangerous operations. - -| Config | Type | Default | Description | -|--------|------|---------|-------------| -| `enabled` | bool | true | Enable approval functionality | -| `write_file` | bool | true | Require approval for file writes | -| `edit_file` | bool | true | Require approval for file edits | -| `append_file` | bool | true | Require approval for file appends | -| `exec` | bool | true | Require approval for command execution | -| `timeout_minutes` | int | 5 | Approval timeout in minutes | - ## Cron Tool The cron tool is used for scheduling periodic tasks. @@ -110,6 +97,40 @@ The cron tool is used for scheduling periodic tasks. |--------|------|---------|-------------| | `exec_timeout_minutes` | int | 5 | Execution timeout in minutes, 0 means no limit | +## Skills Tool + +The skills tool configures skill discovery and installation via registries like ClawHub. + +### Registries + +| Config | Type | Default | Description | +|--------|------|---------|-------------| +| `registries.clawhub.enabled` | bool | true | Enable ClawHub registry | +| `registries.clawhub.base_url` | string | `https://clawhub.ai` | ClawHub base URL | +| `registries.clawhub.search_path` | string | `/api/v1/search` | Search API path | +| `registries.clawhub.skills_path` | string | `/api/v1/skills` | Skills API path | +| `registries.clawhub.download_path` | string | `/api/v1/download` | Download API path | + +### Configuration Example + +```json +{ + "tools": { + "skills": { + "registries": { + "clawhub": { + "enabled": true, + "base_url": "https://clawhub.ai", + "search_path": "/api/v1/search", + "skills_path": "/api/v1/skills", + "download_path": "/api/v1/download" + } + } + } + } +} +``` + ## Environment Variables All configuration options can be overridden via environment variables with the format `PICOCLAW_TOOLS_
_`: From 0675ce7c38ba4139bfce94c47e19275dbaed4017 Mon Sep 17 00:00:00 2001 From: Artem Yadelskyi Date: Fri, 20 Feb 2026 20:03:11 +0200 Subject: [PATCH 15/88] feat(fmt): Fix formatting --- cmd/picoclaw/cmd_agent.go | 10 +- cmd/picoclaw/cmd_gateway.go | 26 +++- cmd/picoclaw/cmd_onboard.go | 6 +- cmd/picoclaw/cmd_skills.go | 4 +- pkg/agent/context.go | 43 ++++-- pkg/agent/loop.go | 127 +++++++++++------ pkg/auth/oauth.go | 13 +- pkg/channels/dingtalk.go | 13 +- pkg/channels/feishu_64.go | 6 +- pkg/channels/line.go | 36 ++--- pkg/channels/manager.go | 44 +++--- pkg/channels/wecom.go | 25 ++-- pkg/channels/wecom_app.go | 38 ++--- pkg/channels/wecom_app_test.go | 42 +++++- pkg/channels/wecom_test.go | 48 +++++-- pkg/config/config.go | 168 +++++++++++----------- pkg/config/migration_test.go | 16 ++- pkg/migrate/migrate_test.go | 172 +++++++++++------------ pkg/providers/anthropic/provider_test.go | 44 +++--- pkg/providers/antigravity_provider.go | 118 ++++++++++------ pkg/providers/claude_provider_test.go | 11 +- pkg/providers/http_provider.go | 8 +- pkg/providers/openai_compat/provider.go | 39 +++-- pkg/providers/protocoltypes/types.go | 20 +-- pkg/providers/toolcall_utils.go | 4 +- pkg/providers/types.go | 28 ++-- pkg/skills/clawhub_registry.go | 5 +- pkg/skills/clawhub_registry_test.go | 7 +- pkg/skills/registry_test.go | 3 +- pkg/tools/shell_timeout_unix_test.go | 2 +- pkg/tools/skills_install.go | 30 ++-- pkg/tools/skills_install_test.go | 19 +-- pkg/tools/skills_search.go | 12 +- pkg/tools/skills_search_test.go | 20 ++- pkg/utils/download.go | 6 +- pkg/utils/zip.go | 13 +- 36 files changed, 731 insertions(+), 495 deletions(-) diff --git a/cmd/picoclaw/cmd_agent.go b/cmd/picoclaw/cmd_agent.go index cee9f68ec..6d6ff935f 100644 --- a/cmd/picoclaw/cmd_agent.go +++ b/cmd/picoclaw/cmd_agent.go @@ -13,6 +13,7 @@ import ( "strings" "github.com/chzyer/readline" + "github.com/sipeed/picoclaw/pkg/agent" "github.com/sipeed/picoclaw/pkg/bus" "github.com/sipeed/picoclaw/pkg/logger" @@ -74,10 +75,10 @@ func agentCmd() { // Print agent startup info (only for interactive mode) startupInfo := agentLoop.GetStartupInfo() logger.InfoCF("agent", "Agent initialized", - map[string]interface{}{ - "tools_count": startupInfo["tools"].(map[string]interface{})["count"], - "skills_total": startupInfo["skills"].(map[string]interface{})["total"], - "skills_available": startupInfo["skills"].(map[string]interface{})["available"], + map[string]any{ + "tools_count": startupInfo["tools"].(map[string]any)["count"], + "skills_total": startupInfo["skills"].(map[string]any)["total"], + "skills_available": startupInfo["skills"].(map[string]any)["available"], }) if message != "" { @@ -104,7 +105,6 @@ func interactiveMode(agentLoop *agent.AgentLoop, sessionKey string) { InterruptPrompt: "^C", EOFPrompt: "exit", }) - if err != nil { fmt.Printf("Error initializing readline: %v\n", err) fmt.Println("Falling back to simple input mode...") diff --git a/cmd/picoclaw/cmd_gateway.go b/cmd/picoclaw/cmd_gateway.go index 1f1bf5491..00ec0f96d 100644 --- a/cmd/picoclaw/cmd_gateway.go +++ b/cmd/picoclaw/cmd_gateway.go @@ -60,8 +60,8 @@ func gatewayCmd() { // Print agent startup info fmt.Println("\nšŸ“¦ Agent Status:") startupInfo := agentLoop.GetStartupInfo() - toolsInfo := startupInfo["tools"].(map[string]interface{}) - skillsInfo := startupInfo["skills"].(map[string]interface{}) + toolsInfo := startupInfo["tools"].(map[string]any) + skillsInfo := startupInfo["skills"].(map[string]any) fmt.Printf(" ā€¢ Tools: %d loaded\n", toolsInfo["count"]) fmt.Printf(" ā€¢ Skills: %d/%d available\n", skillsInfo["available"], @@ -69,7 +69,7 @@ func gatewayCmd() { // Log to file as well logger.InfoCF("agent", "Agent initialized", - map[string]interface{}{ + map[string]any{ "tools_count": toolsInfo["count"], "skills_total": skillsInfo["total"], "skills_available": skillsInfo["available"], @@ -77,7 +77,14 @@ func gatewayCmd() { // Setup cron tool and service execTimeout := time.Duration(cfg.Tools.Cron.ExecTimeoutMinutes) * time.Minute - cronService := setupCronTool(agentLoop, msgBus, cfg.WorkspacePath(), cfg.Agents.Defaults.RestrictToWorkspace, execTimeout, cfg) + cronService := setupCronTool( + agentLoop, + msgBus, + cfg.WorkspacePath(), + cfg.Agents.Defaults.RestrictToWorkspace, + execTimeout, + cfg, + ) heartbeatService := heartbeat.NewHeartbeatService( cfg.WorkspacePath(), @@ -181,7 +188,7 @@ func gatewayCmd() { healthServer := health.NewServer(cfg.Gateway.Host, cfg.Gateway.Port) go func() { if err := healthServer.Start(); err != nil && err != http.ErrServerClosed { - logger.ErrorCF("health", "Health server error", map[string]interface{}{"error": err.Error()}) + logger.ErrorCF("health", "Health server error", map[string]any{"error": err.Error()}) } }() fmt.Printf("āœ“ Health endpoints available at http://%s:%d/health and /ready\n", cfg.Gateway.Host, cfg.Gateway.Port) @@ -203,7 +210,14 @@ func gatewayCmd() { fmt.Println("āœ“ Gateway stopped") } -func setupCronTool(agentLoop *agent.AgentLoop, msgBus *bus.MessageBus, workspace string, restrict bool, execTimeout time.Duration, cfg *config.Config) *cron.CronService { +func setupCronTool( + agentLoop *agent.AgentLoop, + msgBus *bus.MessageBus, + workspace string, + restrict bool, + execTimeout time.Duration, + cfg *config.Config, +) *cron.CronService { cronStorePath := filepath.Join(workspace, "cron", "jobs.json") // Create cron service diff --git a/cmd/picoclaw/cmd_onboard.go b/cmd/picoclaw/cmd_onboard.go index 6e61e3267..1a9ebad61 100644 --- a/cmd/picoclaw/cmd_onboard.go +++ b/cmd/picoclaw/cmd_onboard.go @@ -55,7 +55,7 @@ func onboard() { func copyEmbeddedToTarget(targetDir string) error { // Ensure target directory exists - if err := os.MkdirAll(targetDir, 0755); err != nil { + if err := os.MkdirAll(targetDir, 0o755); err != nil { return fmt.Errorf("Failed to create target directory: %w", err) } @@ -85,12 +85,12 @@ func copyEmbeddedToTarget(targetDir string) error { targetPath := filepath.Join(targetDir, new_path) // Ensure target file's directory exists - if err := os.MkdirAll(filepath.Dir(targetPath), 0755); err != nil { + if err := os.MkdirAll(filepath.Dir(targetPath), 0o755); err != nil { return fmt.Errorf("Failed to create directory %s: %w", filepath.Dir(targetPath), err) } // Write file - if err := os.WriteFile(targetPath, data, 0644); err != nil { + if err := os.WriteFile(targetPath, data, 0o644); err != nil { return fmt.Errorf("Failed to write file %s: %w", targetPath, err) } diff --git a/cmd/picoclaw/cmd_skills.go b/cmd/picoclaw/cmd_skills.go index 32b7c62b8..2dd46756a 100644 --- a/cmd/picoclaw/cmd_skills.go +++ b/cmd/picoclaw/cmd_skills.go @@ -126,7 +126,7 @@ func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) { ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second) defer cancel() - if err := os.MkdirAll(filepath.Join(workspace, "skills"), 0755); err != nil { + if err := os.MkdirAll(filepath.Join(workspace, "skills"), 0o755); err != nil { fmt.Printf("\u2717 Failed to create skills directory: %v\n", err) os.Exit(1) } @@ -193,7 +193,7 @@ func skillsInstallBuiltinCmd(workspace string) { continue } - if err := os.MkdirAll(workspacePath, 0755); err != nil { + if err := os.MkdirAll(workspacePath, 0o755); err != nil { fmt.Printf("āœ— Failed to create directory for %s: %v\n", skillName, err) continue } diff --git a/pkg/agent/context.go b/pkg/agent/context.go index 78f5f1ffa..e989ffaaf 100644 --- a/pkg/agent/context.go +++ b/pkg/agent/context.go @@ -96,7 +96,9 @@ func (cb *ContextBuilder) buildToolsSection() string { var sb strings.Builder sb.WriteString("## Available Tools\n\n") - sb.WriteString("**CRITICAL**: You MUST use tools to perform actions. Do NOT pretend to execute commands or schedule tasks.\n\n") + sb.WriteString( + "**CRITICAL**: You MUST use tools to perform actions. Do NOT pretend to execute commands or schedule tasks.\n\n", + ) sb.WriteString("You have access to the following tools:\n\n") for _, s := range summaries { sb.WriteString(s) @@ -157,7 +159,13 @@ func (cb *ContextBuilder) LoadBootstrapFiles() string { return sb.String() } -func (cb *ContextBuilder) BuildMessages(history []providers.Message, summary string, currentMessage string, media []string, channel, chatID string) []providers.Message { +func (cb *ContextBuilder) BuildMessages( + history []providers.Message, + summary string, + currentMessage string, + media []string, + channel, chatID string, +) []providers.Message { messages := []providers.Message{} systemPrompt := cb.BuildSystemPrompt() @@ -169,7 +177,7 @@ func (cb *ContextBuilder) BuildMessages(history []providers.Message, summary str // Log system prompt summary for debugging (debug mode only) logger.DebugCF("agent", "System prompt built", - map[string]interface{}{ + map[string]any{ "total_chars": len(systemPrompt), "total_lines": strings.Count(systemPrompt, "\n") + 1, "section_count": strings.Count(systemPrompt, "\n\n---\n\n") + 1, @@ -181,7 +189,7 @@ func (cb *ContextBuilder) BuildMessages(history []providers.Message, summary str preview = preview[:500] + "... (truncated)" } logger.DebugCF("agent", "System prompt preview", - map[string]interface{}{ + map[string]any{ "preview": preview, }) @@ -218,12 +226,12 @@ func sanitizeHistoryForProvider(history []providers.Message) []providers.Message switch msg.Role { case "tool": if len(sanitized) == 0 { - logger.DebugCF("agent", "Dropping orphaned leading tool message", map[string]interface{}{}) + logger.DebugCF("agent", "Dropping orphaned leading tool message", map[string]any{}) continue } last := sanitized[len(sanitized)-1] if last.Role != "assistant" || len(last.ToolCalls) == 0 { - logger.DebugCF("agent", "Dropping orphaned tool message", map[string]interface{}{}) + logger.DebugCF("agent", "Dropping orphaned tool message", map[string]any{}) continue } sanitized = append(sanitized, msg) @@ -231,12 +239,16 @@ func sanitizeHistoryForProvider(history []providers.Message) []providers.Message case "assistant": if len(msg.ToolCalls) > 0 { if len(sanitized) == 0 { - logger.DebugCF("agent", "Dropping assistant tool-call turn at history start", map[string]interface{}{}) + logger.DebugCF("agent", "Dropping assistant tool-call turn at history start", map[string]any{}) continue } prev := sanitized[len(sanitized)-1] if prev.Role != "user" && prev.Role != "tool" { - logger.DebugCF("agent", "Dropping assistant tool-call turn with invalid predecessor", map[string]interface{}{"prev_role": prev.Role}) + logger.DebugCF( + "agent", + "Dropping assistant tool-call turn with invalid predecessor", + map[string]any{"prev_role": prev.Role}, + ) continue } } @@ -250,7 +262,10 @@ func sanitizeHistoryForProvider(history []providers.Message) []providers.Message return sanitized } -func (cb *ContextBuilder) AddToolResult(messages []providers.Message, toolCallID, toolName, result string) []providers.Message { +func (cb *ContextBuilder) AddToolResult( + messages []providers.Message, + toolCallID, toolName, result string, +) []providers.Message { messages = append(messages, providers.Message{ Role: "tool", Content: result, @@ -259,7 +274,11 @@ func (cb *ContextBuilder) AddToolResult(messages []providers.Message, toolCallID return messages } -func (cb *ContextBuilder) AddAssistantMessage(messages []providers.Message, content string, toolCalls []map[string]interface{}) []providers.Message { +func (cb *ContextBuilder) AddAssistantMessage( + messages []providers.Message, + content string, + toolCalls []map[string]any, +) []providers.Message { msg := providers.Message{ Role: "assistant", Content: content, @@ -289,13 +308,13 @@ func (cb *ContextBuilder) loadSkills() string { } // GetSkillsInfo returns information about loaded skills. -func (cb *ContextBuilder) GetSkillsInfo() map[string]interface{} { +func (cb *ContextBuilder) GetSkillsInfo() map[string]any { allSkills := cb.skillsLoader.ListSkills() skillNames := make([]string, 0, len(allSkills)) for _, s := range allSkills { skillNames = append(skillNames, s.Name) } - return map[string]interface{}{ + return map[string]any{ "total": len(allSkills), "available": len(allSkills), "names": skillNames, diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index add183aaf..b36f4a0c4 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -80,7 +80,12 @@ func NewAgentLoop(cfg *config.Config, msgBus *bus.MessageBus, provider providers } // registerSharedTools registers tools that are shared across all agents (web, message, spawn). -func registerSharedTools(cfg *config.Config, msgBus *bus.MessageBus, registry *AgentRegistry, provider providers.LLMProvider) { +func registerSharedTools( + cfg *config.Config, + msgBus *bus.MessageBus, + registry *AgentRegistry, + provider providers.LLMProvider, +) { for _, agentID := range registry.ListAgentIDs() { agent, ok := registry.GetAgent(agentID) if !ok { @@ -123,7 +128,10 @@ func registerSharedTools(cfg *config.Config, msgBus *bus.MessageBus, registry *A MaxConcurrentSearches: cfg.Tools.Skills.MaxConcurrentSearches, ClawHub: skills.ClawHubConfig(cfg.Tools.Skills.Registries.ClawHub), }) - searchCache := skills.NewSearchCache(cfg.Tools.Skills.SearchCache.MaxSize, time.Duration(cfg.Tools.Skills.SearchCache.TTLSeconds)*time.Second) + searchCache := skills.NewSearchCache( + cfg.Tools.Skills.SearchCache.MaxSize, + time.Duration(cfg.Tools.Skills.SearchCache.TTLSeconds)*time.Second, + ) agent.Tools.Register(tools.NewFindSkillsTool(registryMgr, searchCache)) agent.Tools.Register(tools.NewInstallSkillTool(registryMgr, agent.Workspace)) @@ -226,7 +234,10 @@ func (al *AgentLoop) ProcessDirect(ctx context.Context, content, sessionKey stri return al.ProcessDirectWithChannel(ctx, content, sessionKey, "cli", "direct") } -func (al *AgentLoop) ProcessDirectWithChannel(ctx context.Context, content, sessionKey, channel, chatID string) (string, error) { +func (al *AgentLoop) ProcessDirectWithChannel( + ctx context.Context, + content, sessionKey, channel, chatID string, +) (string, error) { msg := bus.InboundMessage{ Channel: channel, SenderID: "cron", @@ -263,7 +274,7 @@ func (al *AgentLoop) processMessage(ctx context.Context, msg bus.InboundMessage) logContent = utils.Truncate(msg.Content, 80) } logger.InfoCF("agent", fmt.Sprintf("Processing message from %s:%s: %s", msg.Channel, msg.SenderID, logContent), - map[string]interface{}{ + map[string]any{ "channel": msg.Channel, "chat_id": msg.ChatID, "sender_id": msg.SenderID, @@ -302,7 +313,7 @@ func (al *AgentLoop) processMessage(ctx context.Context, msg bus.InboundMessage) } logger.InfoCF("agent", "Routed message", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "session_key": sessionKey, "matched_by": route.MatchedBy, @@ -325,7 +336,7 @@ func (al *AgentLoop) processSystemMessage(ctx context.Context, msg bus.InboundMe } logger.InfoCF("agent", "Processing system message", - map[string]interface{}{ + map[string]any{ "sender_id": msg.SenderID, "chat_id": msg.ChatID, }) @@ -350,7 +361,7 @@ func (al *AgentLoop) processSystemMessage(ctx context.Context, msg bus.InboundMe // Skip internal channels - only log, don't send to user if constants.IsInternalChannel(originChannel) { logger.InfoCF("agent", "Subagent completed (internal channel)", - map[string]interface{}{ + map[string]any{ "sender_id": msg.SenderID, "content_len": len(content), "channel": originChannel, @@ -383,7 +394,7 @@ func (al *AgentLoop) runAgentLoop(ctx context.Context, agent *AgentInstance, opt if !constants.IsInternalChannel(opts.Channel) { channelKey := fmt.Sprintf("%s:%s", opts.Channel, opts.ChatID) if err := al.RecordLastChannel(channelKey); err != nil { - logger.WarnCF("agent", "Failed to record last channel", map[string]interface{}{"error": err.Error()}) + logger.WarnCF("agent", "Failed to record last channel", map[string]any{"error": err.Error()}) } } } @@ -445,7 +456,7 @@ func (al *AgentLoop) runAgentLoop(ctx context.Context, agent *AgentInstance, opt // 9. Log response responsePreview := utils.Truncate(finalContent, 120) logger.InfoCF("agent", fmt.Sprintf("Response: %s", responsePreview), - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "session_key": opts.SessionKey, "iterations": iteration, @@ -456,7 +467,12 @@ func (al *AgentLoop) runAgentLoop(ctx context.Context, agent *AgentInstance, opt } // runLLMIteration executes the LLM call loop with tool handling. -func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, messages []providers.Message, opts processOptions) (string, int, error) { +func (al *AgentLoop) runLLMIteration( + ctx context.Context, + agent *AgentInstance, + messages []providers.Message, + opts processOptions, +) (string, int, error) { iteration := 0 var finalContent string @@ -464,7 +480,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, iteration++ logger.DebugCF("agent", "LLM iteration", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "max": agent.MaxIterations, @@ -475,7 +491,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, // Log LLM request details logger.DebugCF("agent", "LLM request", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "model": agent.Model, @@ -488,7 +504,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, // Log full messages (detailed) logger.DebugCF("agent", "Full LLM request", - map[string]interface{}{ + map[string]any{ "iteration": iteration, "messages_json": formatMessagesForLog(messages), "tools_json": formatToolsForLog(providerToolDefs), @@ -502,7 +518,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if len(agent.Candidates) > 1 && al.fallback != nil { fbResult, fbErr := al.fallback.Execute(ctx, agent.Candidates, func(ctx context.Context, provider, model string) (*providers.LLMResponse, error) { - return agent.Provider.Chat(ctx, messages, providerToolDefs, model, map[string]interface{}{ + return agent.Provider.Chat(ctx, messages, providerToolDefs, model, map[string]any{ "max_tokens": agent.MaxTokens, "temperature": agent.Temperature, }) @@ -514,11 +530,11 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if fbResult.Provider != "" && len(fbResult.Attempts) > 0 { logger.InfoCF("agent", fmt.Sprintf("Fallback: succeeded with %s/%s after %d attempts", fbResult.Provider, fbResult.Model, len(fbResult.Attempts)+1), - map[string]interface{}{"agent_id": agent.ID, "iteration": iteration}) + map[string]any{"agent_id": agent.ID, "iteration": iteration}) } return fbResult.Response, nil } - return agent.Provider.Chat(ctx, messages, providerToolDefs, agent.Model, map[string]interface{}{ + return agent.Provider.Chat(ctx, messages, providerToolDefs, agent.Model, map[string]any{ "max_tokens": agent.MaxTokens, "temperature": agent.Temperature, }) @@ -539,7 +555,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, strings.Contains(errMsg, "length") if isContextError && retry < maxRetries { - logger.WarnCF("agent", "Context window error detected, attempting compression", map[string]interface{}{ + logger.WarnCF("agent", "Context window error detected, attempting compression", map[string]any{ "error": err.Error(), "retry": retry, }) @@ -566,7 +582,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if err != nil { logger.ErrorCF("agent", "LLM call failed", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "error": err.Error(), @@ -578,7 +594,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, if len(response.ToolCalls) == 0 { finalContent = response.Content logger.InfoCF("agent", "LLM response without tool calls (direct answer)", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "iteration": iteration, "content_chars": len(finalContent), @@ -597,7 +613,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, toolNames = append(toolNames, tc.Name) } logger.InfoCF("agent", "LLM requested tool calls", - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "tools": toolNames, "count": len(normalizedToolCalls), @@ -641,7 +657,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, argsJSON, _ := json.Marshal(tc.Arguments) argsPreview := utils.Truncate(string(argsJSON), 200) logger.InfoCF("agent", fmt.Sprintf("Tool call: %s(%s)", tc.Name, argsPreview), - map[string]interface{}{ + map[string]any{ "agent_id": agent.ID, "tool": tc.Name, "iteration": iteration, @@ -656,14 +672,21 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, // The agent will handle user notification via processSystemMessage if !result.Silent && result.ForUser != "" { logger.InfoCF("agent", "Async tool completed, agent will handle notification", - map[string]interface{}{ + map[string]any{ "tool": tc.Name, "content_len": len(result.ForUser), }) } } - toolResult := agent.Tools.ExecuteWithContext(ctx, tc.Name, tc.Arguments, opts.Channel, opts.ChatID, asyncCallback) + toolResult := agent.Tools.ExecuteWithContext( + ctx, + tc.Name, + tc.Arguments, + opts.Channel, + opts.ChatID, + asyncCallback, + ) // Send ForUser content to user immediately if not Silent if !toolResult.Silent && toolResult.ForUser != "" && opts.SendResponse { @@ -673,7 +696,7 @@ func (al *AgentLoop) runLLMIteration(ctx context.Context, agent *AgentInstance, Content: toolResult.ForUser, }) logger.DebugCF("agent", "Sent tool result to user", - map[string]interface{}{ + map[string]any{ "tool": tc.Name, "content_len": len(toolResult.ForUser), }) @@ -775,7 +798,10 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { // Append compression note to the original system prompt instead of adding a new system message // This avoids having two consecutive system messages which some APIs (like Zhipu) reject - compressionNote := fmt.Sprintf("\n\n[System Note: Emergency compression dropped %d oldest messages due to context limit]", droppedCount) + compressionNote := fmt.Sprintf( + "\n\n[System Note: Emergency compression dropped %d oldest messages due to context limit]", + droppedCount, + ) enhancedSystemPrompt := history[0] enhancedSystemPrompt.Content = enhancedSystemPrompt.Content + compressionNote newHistory = append(newHistory, enhancedSystemPrompt) @@ -787,7 +813,7 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { agent.Sessions.SetHistory(sessionKey, newHistory) agent.Sessions.Save(sessionKey) - logger.WarnCF("agent", "Forced compression executed", map[string]interface{}{ + logger.WarnCF("agent", "Forced compression executed", map[string]any{ "session_key": sessionKey, "dropped_msgs": droppedCount, "new_count": len(newHistory), @@ -795,8 +821,8 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { } // GetStartupInfo returns information about loaded tools and skills for logging. -func (al *AgentLoop) GetStartupInfo() map[string]interface{} { - info := make(map[string]interface{}) +func (al *AgentLoop) GetStartupInfo() map[string]any { + info := make(map[string]any) agent := al.registry.GetDefaultAgent() if agent == nil { @@ -805,7 +831,7 @@ func (al *AgentLoop) GetStartupInfo() map[string]interface{} { // Tools info toolsList := agent.Tools.List() - info["tools"] = map[string]interface{}{ + info["tools"] = map[string]any{ "count": len(toolsList), "names": toolsList, } @@ -814,7 +840,7 @@ func (al *AgentLoop) GetStartupInfo() map[string]interface{} { info["skills"] = agent.ContextBuilder.GetSkillsInfo() // Agents info - info["agents"] = map[string]interface{}{ + info["agents"] = map[string]any{ "count": len(al.registry.ListAgentIDs()), "ids": al.registry.ListAgentIDs(), } @@ -919,11 +945,21 @@ func (al *AgentLoop) summarizeSession(agent *AgentInstance, sessionKey string) { s1, _ := al.summarizeBatch(ctx, agent, part1, "") s2, _ := al.summarizeBatch(ctx, agent, part2, "") - mergePrompt := fmt.Sprintf("Merge these two conversation summaries into one cohesive summary:\n\n1: %s\n\n2: %s", s1, s2) - resp, err := agent.Provider.Chat(ctx, []providers.Message{{Role: "user", Content: mergePrompt}}, nil, agent.Model, map[string]interface{}{ - "max_tokens": 1024, - "temperature": 0.3, - }) + mergePrompt := fmt.Sprintf( + "Merge these two conversation summaries into one cohesive summary:\n\n1: %s\n\n2: %s", + s1, + s2, + ) + resp, err := agent.Provider.Chat( + ctx, + []providers.Message{{Role: "user", Content: mergePrompt}}, + nil, + agent.Model, + map[string]any{ + "max_tokens": 1024, + "temperature": 0.3, + }, + ) if err == nil { finalSummary = resp.Content } else { @@ -945,7 +981,12 @@ func (al *AgentLoop) summarizeSession(agent *AgentInstance, sessionKey string) { } // summarizeBatch summarizes a batch of messages. -func (al *AgentLoop) summarizeBatch(ctx context.Context, agent *AgentInstance, batch []providers.Message, existingSummary string) (string, error) { +func (al *AgentLoop) summarizeBatch( + ctx context.Context, + agent *AgentInstance, + batch []providers.Message, + existingSummary string, +) (string, error) { var sb strings.Builder sb.WriteString("Provide a concise summary of this conversation segment, preserving core context and key points.\n") if existingSummary != "" { @@ -959,10 +1000,16 @@ func (al *AgentLoop) summarizeBatch(ctx context.Context, agent *AgentInstance, b } prompt := sb.String() - response, err := agent.Provider.Chat(ctx, []providers.Message{{Role: "user", Content: prompt}}, nil, agent.Model, map[string]interface{}{ - "max_tokens": 1024, - "temperature": 0.3, - }) + response, err := agent.Provider.Chat( + ctx, + []providers.Message{{Role: "user", Content: prompt}}, + nil, + agent.Model, + map[string]any{ + "max_tokens": 1024, + "temperature": 0.3, + }, + ) if err != nil { return "", err } diff --git a/pkg/auth/oauth.go b/pkg/auth/oauth.go index 496a4674c..cf8c1c9c4 100644 --- a/pkg/auth/oauth.go +++ b/pkg/auth/oauth.go @@ -44,7 +44,9 @@ func OpenAIOAuthConfig() OAuthProviderConfig { // Client credentials are the same ones used by OpenCode/pi-ai for Cloud Code Assist access. func GoogleAntigravityOAuthConfig() OAuthProviderConfig { // These are the same client credentials used by the OpenCode antigravity plugin. - clientID := decodeBase64("MTA3MTAwNjA2MDU5MS10bWhzc2luMmgyMWxjcmUyMzV2dG9sb2poNGc0MDNlcC5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbQ==") + clientID := decodeBase64( + "MTA3MTAwNjA2MDU5MS10bWhzc2luMmgyMWxjcmUyMzV2dG9sb2poNGc0MDNlcC5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbQ==", + ) clientSecret := decodeBase64("R09DU1BYLUs1OEZXUjQ4NkxkTEoxbUxCOHNYQzR6NnFEQWY=") return OAuthProviderConfig{ Issuer: "https://accounts.google.com/o/oauth2/v2", @@ -129,8 +131,13 @@ func LoginBrowser(cfg OAuthProviderConfig) (*AuthCredential, error) { fmt.Printf("Could not open browser automatically.\nPlease open this URL manually:\n\n%s\n\n", authURL) } - fmt.Printf("Wait! If you are in a headless environment (like Coolify/VPS) and cannot reach localhost:%d,\n", cfg.Port) - fmt.Println("please complete the login in your local browser and then PASTE the final redirect URL (or just the code) here.") + fmt.Printf( + "Wait! If you are in a headless environment (like Coolify/VPS) and cannot reach localhost:%d,\n", + cfg.Port, + ) + fmt.Println( + "please complete the login in your local browser and then PASTE the final redirect URL (or just the code) here.", + ) fmt.Println("Waiting for authentication (browser or manual paste)...") // Start manual input in a goroutine diff --git a/pkg/channels/dingtalk.go b/pkg/channels/dingtalk.go index 79cc85219..662fba3b7 100644 --- a/pkg/channels/dingtalk.go +++ b/pkg/channels/dingtalk.go @@ -10,6 +10,7 @@ import ( "github.com/open-dingtalk/dingtalk-stream-sdk-go/chatbot" "github.com/open-dingtalk/dingtalk-stream-sdk-go/client" + "github.com/sipeed/picoclaw/pkg/bus" "github.com/sipeed/picoclaw/pkg/config" "github.com/sipeed/picoclaw/pkg/logger" @@ -108,7 +109,7 @@ func (c *DingTalkChannel) Send(ctx context.Context, msg bus.OutboundMessage) err return fmt.Errorf("invalid session_webhook type for chat %s", msg.ChatID) } - logger.DebugCF("dingtalk", "Sending message", map[string]interface{}{ + logger.DebugCF("dingtalk", "Sending message", map[string]any{ "chat_id": msg.ChatID, "preview": utils.Truncate(msg.Content, 100), }) @@ -120,12 +121,15 @@ func (c *DingTalkChannel) Send(ctx context.Context, msg bus.OutboundMessage) err // onChatBotMessageReceived implements the IChatBotMessageHandler function signature // This is called by the Stream SDK when a new message arrives // IChatBotMessageHandler is: func(c context.Context, data *chatbot.BotCallbackDataModel) ([]byte, error) -func (c *DingTalkChannel) onChatBotMessageReceived(ctx context.Context, data *chatbot.BotCallbackDataModel) ([]byte, error) { +func (c *DingTalkChannel) onChatBotMessageReceived( + ctx context.Context, + data *chatbot.BotCallbackDataModel, +) ([]byte, error) { // Extract message content from Text field content := data.Text.Content if content == "" { // Try to extract from Content interface{} if Text is empty - if contentMap, ok := data.Content.(map[string]interface{}); ok { + if contentMap, ok := data.Content.(map[string]any); ok { if textContent, ok := contentMap["content"].(string); ok { content = textContent } @@ -163,7 +167,7 @@ func (c *DingTalkChannel) onChatBotMessageReceived(ctx context.Context, data *ch metadata["peer_id"] = data.ConversationId } - logger.DebugCF("dingtalk", "Received message", map[string]interface{}{ + logger.DebugCF("dingtalk", "Received message", map[string]any{ "sender_nick": senderNick, "sender_id": senderID, "preview": utils.Truncate(content, 50), @@ -192,7 +196,6 @@ func (c *DingTalkChannel) SendDirectReply(ctx context.Context, sessionWebhook, c titleBytes, contentBytes, ) - if err != nil { return fmt.Errorf("failed to send reply: %w", err) } diff --git a/pkg/channels/feishu_64.go b/pkg/channels/feishu_64.go index 9e15fa3a7..42e74980f 100644 --- a/pkg/channels/feishu_64.go +++ b/pkg/channels/feishu_64.go @@ -65,7 +65,7 @@ func (c *FeishuChannel) Start(ctx context.Context) error { go func() { if err := wsClient.Start(runCtx); err != nil { - logger.ErrorCF("feishu", "Feishu websocket stopped with error", map[string]interface{}{ + logger.ErrorCF("feishu", "Feishu websocket stopped with error", map[string]any{ "error": err.Error(), }) } @@ -121,7 +121,7 @@ func (c *FeishuChannel) Send(ctx context.Context, msg bus.OutboundMessage) error return fmt.Errorf("feishu api error: code=%d msg=%s", resp.Code, resp.Msg) } - logger.DebugCF("feishu", "Feishu message sent", map[string]interface{}{ + logger.DebugCF("feishu", "Feishu message sent", map[string]any{ "chat_id": msg.ChatID, }) @@ -174,7 +174,7 @@ func (c *FeishuChannel) handleMessageReceive(_ context.Context, event *larkim.P2 metadata["peer_id"] = chatID } - logger.InfoCF("feishu", "Feishu message received", map[string]interface{}{ + logger.InfoCF("feishu", "Feishu message received", map[string]any{ "sender_id": senderID, "chat_id": chatID, "preview": utils.Truncate(content, 80), diff --git a/pkg/channels/line.go b/pkg/channels/line.go index 9f7d2bde0..44134996f 100644 --- a/pkg/channels/line.go +++ b/pkg/channels/line.go @@ -75,11 +75,11 @@ func (c *LINEChannel) Start(ctx context.Context) error { // Fetch bot profile to get bot's userId for mention detection if err := c.fetchBotInfo(); err != nil { - logger.WarnCF("line", "Failed to fetch bot info (mention detection disabled)", map[string]interface{}{ + logger.WarnCF("line", "Failed to fetch bot info (mention detection disabled)", map[string]any{ "error": err.Error(), }) } else { - logger.InfoCF("line", "Bot info fetched", map[string]interface{}{ + logger.InfoCF("line", "Bot info fetched", map[string]any{ "bot_user_id": c.botUserID, "basic_id": c.botBasicID, "display_name": c.botDisplayName, @@ -100,12 +100,12 @@ func (c *LINEChannel) Start(ctx context.Context) error { } go func() { - logger.InfoCF("line", "LINE webhook server listening", map[string]interface{}{ + logger.InfoCF("line", "LINE webhook server listening", map[string]any{ "addr": addr, "path": path, }) if err := c.httpServer.ListenAndServe(); err != nil && err != http.ErrServerClosed { - logger.ErrorCF("line", "Webhook server error", map[string]interface{}{ + logger.ErrorCF("line", "Webhook server error", map[string]any{ "error": err.Error(), }) } @@ -162,7 +162,7 @@ func (c *LINEChannel) Stop(ctx context.Context) error { shutdownCtx, cancel := context.WithTimeout(ctx, 5*time.Second) defer cancel() if err := c.httpServer.Shutdown(shutdownCtx); err != nil { - logger.ErrorCF("line", "Webhook server shutdown error", map[string]interface{}{ + logger.ErrorCF("line", "Webhook server shutdown error", map[string]any{ "error": err.Error(), }) } @@ -182,7 +182,7 @@ func (c *LINEChannel) webhookHandler(w http.ResponseWriter, r *http.Request) { body, err := io.ReadAll(r.Body) if err != nil { - logger.ErrorCF("line", "Failed to read request body", map[string]interface{}{ + logger.ErrorCF("line", "Failed to read request body", map[string]any{ "error": err.Error(), }) http.Error(w, "Bad request", http.StatusBadRequest) @@ -200,7 +200,7 @@ func (c *LINEChannel) webhookHandler(w http.ResponseWriter, r *http.Request) { Events []lineEvent `json:"events"` } if err := json.Unmarshal(body, &payload); err != nil { - logger.ErrorCF("line", "Failed to parse webhook payload", map[string]interface{}{ + logger.ErrorCF("line", "Failed to parse webhook payload", map[string]any{ "error": err.Error(), }) http.Error(w, "Bad request", http.StatusBadRequest) @@ -266,7 +266,7 @@ type lineMentionee struct { func (c *LINEChannel) processEvent(event lineEvent) { if event.Type != "message" { - logger.DebugCF("line", "Ignoring non-message event", map[string]interface{}{ + logger.DebugCF("line", "Ignoring non-message event", map[string]any{ "type": event.Type, }) return @@ -278,7 +278,7 @@ func (c *LINEChannel) processEvent(event lineEvent) { var msg lineMessage if err := json.Unmarshal(event.Message, &msg); err != nil { - logger.ErrorCF("line", "Failed to parse message", map[string]interface{}{ + logger.ErrorCF("line", "Failed to parse message", map[string]any{ "error": err.Error(), }) return @@ -286,7 +286,7 @@ func (c *LINEChannel) processEvent(event lineEvent) { // In group chats, only respond when the bot is mentioned if isGroup && !c.isBotMentioned(msg) { - logger.DebugCF("line", "Ignoring group message without mention", map[string]interface{}{ + logger.DebugCF("line", "Ignoring group message without mention", map[string]any{ "chat_id": chatID, }) return @@ -312,7 +312,7 @@ func (c *LINEChannel) processEvent(event lineEvent) { defer func() { for _, file := range localFiles { if err := os.Remove(file); err != nil { - logger.DebugCF("line", "Failed to cleanup temp file", map[string]interface{}{ + logger.DebugCF("line", "Failed to cleanup temp file", map[string]any{ "file": file, "error": err.Error(), }) @@ -374,7 +374,7 @@ func (c *LINEChannel) processEvent(event lineEvent) { metadata["peer_id"] = senderID } - logger.DebugCF("line", "Received message", map[string]interface{}{ + logger.DebugCF("line", "Received message", map[string]any{ "sender_id": senderID, "chat_id": chatID, "message_type": msg.Type, @@ -505,7 +505,7 @@ func (c *LINEChannel) Send(ctx context.Context, msg bus.OutboundMessage) error { tokenEntry := entry.(replyTokenEntry) if time.Since(tokenEntry.timestamp) < lineReplyTokenMaxAge { if err := c.sendReply(ctx, tokenEntry.token, msg.Content, quoteToken); err == nil { - logger.DebugCF("line", "Message sent via Reply API", map[string]interface{}{ + logger.DebugCF("line", "Message sent via Reply API", map[string]any{ "chat_id": msg.ChatID, "quoted": quoteToken != "", }) @@ -533,7 +533,7 @@ func buildTextMessage(content, quoteToken string) map[string]string { // sendReply sends a message using the LINE Reply API. func (c *LINEChannel) sendReply(ctx context.Context, replyToken, content, quoteToken string) error { - payload := map[string]interface{}{ + payload := map[string]any{ "replyToken": replyToken, "messages": []map[string]string{buildTextMessage(content, quoteToken)}, } @@ -543,7 +543,7 @@ func (c *LINEChannel) sendReply(ctx context.Context, replyToken, content, quoteT // sendPush sends a message using the LINE Push API. func (c *LINEChannel) sendPush(ctx context.Context, to, content, quoteToken string) error { - payload := map[string]interface{}{ + payload := map[string]any{ "to": to, "messages": []map[string]string{buildTextMessage(content, quoteToken)}, } @@ -553,19 +553,19 @@ func (c *LINEChannel) sendPush(ctx context.Context, to, content, quoteToken stri // sendLoading sends a loading animation indicator to the chat. func (c *LINEChannel) sendLoading(chatID string) { - payload := map[string]interface{}{ + payload := map[string]any{ "chatId": chatID, "loadingSeconds": 60, } if err := c.callAPI(c.ctx, lineLoadingEndpoint, payload); err != nil { - logger.DebugCF("line", "Failed to send loading indicator", map[string]interface{}{ + logger.DebugCF("line", "Failed to send loading indicator", map[string]any{ "error": err.Error(), }) } } // callAPI makes an authenticated POST request to the LINE API. -func (c *LINEChannel) callAPI(ctx context.Context, endpoint string, payload interface{}) error { +func (c *LINEChannel) callAPI(ctx context.Context, endpoint string, payload any) error { body, err := json.Marshal(payload) if err != nil { return fmt.Errorf("failed to marshal payload: %w", err) diff --git a/pkg/channels/manager.go b/pkg/channels/manager.go index b80d1c8fb..75edaf49e 100644 --- a/pkg/channels/manager.go +++ b/pkg/channels/manager.go @@ -50,7 +50,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize Telegram channel") telegram, err := NewTelegramChannel(m.config, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize Telegram channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize Telegram channel", map[string]any{ "error": err.Error(), }) } else { @@ -63,7 +63,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize WhatsApp channel") whatsapp, err := NewWhatsAppChannel(m.config.Channels.WhatsApp, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize WhatsApp channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize WhatsApp channel", map[string]any{ "error": err.Error(), }) } else { @@ -76,7 +76,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize Feishu channel") feishu, err := NewFeishuChannel(m.config.Channels.Feishu, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize Feishu channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize Feishu channel", map[string]any{ "error": err.Error(), }) } else { @@ -89,7 +89,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize Discord channel") discord, err := NewDiscordChannel(m.config.Channels.Discord, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize Discord channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize Discord channel", map[string]any{ "error": err.Error(), }) } else { @@ -102,7 +102,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize MaixCam channel") maixcam, err := NewMaixCamChannel(m.config.Channels.MaixCam, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize MaixCam channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize MaixCam channel", map[string]any{ "error": err.Error(), }) } else { @@ -115,7 +115,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize QQ channel") qq, err := NewQQChannel(m.config.Channels.QQ, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize QQ channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize QQ channel", map[string]any{ "error": err.Error(), }) } else { @@ -128,7 +128,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize DingTalk channel") dingtalk, err := NewDingTalkChannel(m.config.Channels.DingTalk, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize DingTalk channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize DingTalk channel", map[string]any{ "error": err.Error(), }) } else { @@ -141,7 +141,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize Slack channel") slackCh, err := NewSlackChannel(m.config.Channels.Slack, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize Slack channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize Slack channel", map[string]any{ "error": err.Error(), }) } else { @@ -154,7 +154,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize LINE channel") line, err := NewLINEChannel(m.config.Channels.LINE, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize LINE channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize LINE channel", map[string]any{ "error": err.Error(), }) } else { @@ -167,7 +167,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize OneBot channel") onebot, err := NewOneBotChannel(m.config.Channels.OneBot, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize OneBot channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize OneBot channel", map[string]any{ "error": err.Error(), }) } else { @@ -180,7 +180,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize WeCom channel") wecom, err := NewWeComBotChannel(m.config.Channels.WeCom, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize WeCom channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize WeCom channel", map[string]any{ "error": err.Error(), }) } else { @@ -193,7 +193,7 @@ func (m *Manager) initChannels() error { logger.DebugC("channels", "Attempting to initialize WeCom App channel") wecomApp, err := NewWeComAppChannel(m.config.Channels.WeComApp, m.bus) if err != nil { - logger.ErrorCF("channels", "Failed to initialize WeCom App channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to initialize WeCom App channel", map[string]any{ "error": err.Error(), }) } else { @@ -202,7 +202,7 @@ func (m *Manager) initChannels() error { } } - logger.InfoCF("channels", "Channel initialization completed", map[string]interface{}{ + logger.InfoCF("channels", "Channel initialization completed", map[string]any{ "enabled_channels": len(m.channels), }) @@ -226,11 +226,11 @@ func (m *Manager) StartAll(ctx context.Context) error { go m.dispatchOutbound(dispatchCtx) for name, channel := range m.channels { - logger.InfoCF("channels", "Starting channel", map[string]interface{}{ + logger.InfoCF("channels", "Starting channel", map[string]any{ "channel": name, }) if err := channel.Start(ctx); err != nil { - logger.ErrorCF("channels", "Failed to start channel", map[string]interface{}{ + logger.ErrorCF("channels", "Failed to start channel", map[string]any{ "channel": name, "error": err.Error(), }) @@ -253,11 +253,11 @@ func (m *Manager) StopAll(ctx context.Context) error { } for name, channel := range m.channels { - logger.InfoCF("channels", "Stopping channel", map[string]interface{}{ + logger.InfoCF("channels", "Stopping channel", map[string]any{ "channel": name, }) if err := channel.Stop(ctx); err != nil { - logger.ErrorCF("channels", "Error stopping channel", map[string]interface{}{ + logger.ErrorCF("channels", "Error stopping channel", map[string]any{ "channel": name, "error": err.Error(), }) @@ -292,14 +292,14 @@ func (m *Manager) dispatchOutbound(ctx context.Context) { m.mu.RUnlock() if !exists { - logger.WarnCF("channels", "Unknown channel for outbound message", map[string]interface{}{ + logger.WarnCF("channels", "Unknown channel for outbound message", map[string]any{ "channel": msg.Channel, }) continue } if err := channel.Send(ctx, msg); err != nil { - logger.ErrorCF("channels", "Error sending message to channel", map[string]interface{}{ + logger.ErrorCF("channels", "Error sending message to channel", map[string]any{ "channel": msg.Channel, "error": err.Error(), }) @@ -315,13 +315,13 @@ func (m *Manager) GetChannel(name string) (Channel, bool) { return channel, ok } -func (m *Manager) GetStatus() map[string]interface{} { +func (m *Manager) GetStatus() map[string]any { m.mu.RLock() defer m.mu.RUnlock() - status := make(map[string]interface{}) + status := make(map[string]any) for name, channel := range m.channels { - status[name] = map[string]interface{}{ + status[name] = map[string]any{ "enabled": true, "running": channel.IsRunning(), } diff --git a/pkg/channels/wecom.go b/pkg/channels/wecom.go index 064568243..07bd8488c 100644 --- a/pkg/channels/wecom.go +++ b/pkg/channels/wecom.go @@ -134,7 +134,7 @@ func (c *WeComBotChannel) Start(ctx context.Context) error { } c.setRunning(true) - logger.InfoCF("wecom", "WeCom Bot channel started", map[string]interface{}{ + logger.InfoCF("wecom", "WeCom Bot channel started", map[string]any{ "address": addr, "path": webhookPath, }) @@ -142,7 +142,7 @@ func (c *WeComBotChannel) Start(ctx context.Context) error { // Start server in goroutine go func() { if err := c.server.ListenAndServe(); err != nil && err != http.ErrServerClosed { - logger.ErrorCF("wecom", "HTTP server error", map[string]interface{}{ + logger.ErrorCF("wecom", "HTTP server error", map[string]any{ "error": err.Error(), }) } @@ -178,7 +178,7 @@ func (c *WeComBotChannel) Send(ctx context.Context, msg bus.OutboundMessage) err return fmt.Errorf("wecom channel not running") } - logger.DebugCF("wecom", "Sending message via webhook", map[string]interface{}{ + logger.DebugCF("wecom", "Sending message via webhook", map[string]any{ "chat_id": msg.ChatID, "preview": utils.Truncate(msg.Content, 100), }) @@ -230,7 +230,7 @@ func (c *WeComBotChannel) handleVerification(ctx context.Context, w http.Respons // Reference: https://developer.work.weixin.qq.com/document/path/101033 decryptedEchoStr, err := WeComDecryptMessageWithVerify(echostr, c.config.EncodingAESKey, "") if err != nil { - logger.ErrorCF("wecom", "Failed to decrypt echostr", map[string]interface{}{ + logger.ErrorCF("wecom", "Failed to decrypt echostr", map[string]any{ "error": err.Error(), }) http.Error(w, "Decryption failed", http.StatusInternalServerError) @@ -273,7 +273,7 @@ func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.Resp } if err := xml.Unmarshal(body, &encryptedMsg); err != nil { - logger.ErrorCF("wecom", "Failed to parse XML", map[string]interface{}{ + logger.ErrorCF("wecom", "Failed to parse XML", map[string]any{ "error": err.Error(), }) http.Error(w, "Invalid XML", http.StatusBadRequest) @@ -292,7 +292,7 @@ func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.Resp // Reference: https://developer.work.weixin.qq.com/document/path/101033 decryptedMsg, err := WeComDecryptMessageWithVerify(encryptedMsg.Encrypt, c.config.EncodingAESKey, "") if err != nil { - logger.ErrorCF("wecom", "Failed to decrypt message", map[string]interface{}{ + logger.ErrorCF("wecom", "Failed to decrypt message", map[string]any{ "error": err.Error(), }) http.Error(w, "Decryption failed", http.StatusInternalServerError) @@ -302,7 +302,7 @@ func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.Resp // Parse decrypted JSON message (AIBOT uses JSON format) var msg WeComBotMessage if err := json.Unmarshal([]byte(decryptedMsg), &msg); err != nil { - logger.ErrorCF("wecom", "Failed to parse decrypted message", map[string]interface{}{ + logger.ErrorCF("wecom", "Failed to parse decrypted message", map[string]any{ "error": err.Error(), }) http.Error(w, "Invalid message format", http.StatusBadRequest) @@ -320,8 +320,9 @@ func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.Resp // processMessage processes the received message func (c *WeComBotChannel) processMessage(ctx context.Context, msg WeComBotMessage) { // Skip unsupported message types - if msg.MsgType != "text" && msg.MsgType != "image" && msg.MsgType != "voice" && msg.MsgType != "file" && msg.MsgType != "mixed" { - logger.DebugCF("wecom", "Skipping non-supported message type", map[string]interface{}{ + if msg.MsgType != "text" && msg.MsgType != "image" && msg.MsgType != "voice" && msg.MsgType != "file" && + msg.MsgType != "mixed" { + logger.DebugCF("wecom", "Skipping non-supported message type", map[string]any{ "msg_type": msg.MsgType, }) return @@ -332,7 +333,7 @@ func (c *WeComBotChannel) processMessage(ctx context.Context, msg WeComBotMessag c.msgMu.Lock() if c.processedMsgs[msgID] { c.msgMu.Unlock() - logger.DebugCF("wecom", "Skipping duplicate message", map[string]interface{}{ + logger.DebugCF("wecom", "Skipping duplicate message", map[string]any{ "msg_id": msgID, }) return @@ -399,7 +400,7 @@ func (c *WeComBotChannel) processMessage(ctx context.Context, msg WeComBotMessag metadata["sender_id"] = senderID } - logger.DebugCF("wecom", "Received message", map[string]interface{}{ + logger.DebugCF("wecom", "Received message", map[string]any{ "sender_id": senderID, "msg_type": msg.MsgType, "peer_kind": peerKind, @@ -468,7 +469,7 @@ func (c *WeComBotChannel) sendWebhookReply(ctx context.Context, userID, content // handleHealth handles health check requests func (c *WeComBotChannel) handleHealth(w http.ResponseWriter, r *http.Request) { - status := map[string]interface{}{ + status := map[string]any{ "status": "ok", "running": c.IsRunning(), } diff --git a/pkg/channels/wecom_app.go b/pkg/channels/wecom_app.go index 63a1dd815..878504106 100644 --- a/pkg/channels/wecom_app.go +++ b/pkg/channels/wecom_app.go @@ -145,7 +145,7 @@ func (c *WeComAppChannel) Start(ctx context.Context) error { // Get initial access token if err := c.refreshAccessToken(); err != nil { - logger.WarnCF("wecom_app", "Failed to get initial access token", map[string]interface{}{ + logger.WarnCF("wecom_app", "Failed to get initial access token", map[string]any{ "error": err.Error(), }) } @@ -171,7 +171,7 @@ func (c *WeComAppChannel) Start(ctx context.Context) error { } c.setRunning(true) - logger.InfoCF("wecom_app", "WeCom App channel started", map[string]interface{}{ + logger.InfoCF("wecom_app", "WeCom App channel started", map[string]any{ "address": addr, "path": webhookPath, }) @@ -179,7 +179,7 @@ func (c *WeComAppChannel) Start(ctx context.Context) error { // Start server in goroutine go func() { if err := c.server.ListenAndServe(); err != nil && err != http.ErrServerClosed { - logger.ErrorCF("wecom_app", "HTTP server error", map[string]interface{}{ + logger.ErrorCF("wecom_app", "HTTP server error", map[string]any{ "error": err.Error(), }) } @@ -218,7 +218,7 @@ func (c *WeComAppChannel) Send(ctx context.Context, msg bus.OutboundMessage) err return fmt.Errorf("no valid access token available") } - logger.DebugCF("wecom_app", "Sending message", map[string]interface{}{ + logger.DebugCF("wecom_app", "Sending message", map[string]any{ "chat_id": msg.ChatID, "preview": utils.Truncate(msg.Content, 100), }) @@ -231,7 +231,7 @@ func (c *WeComAppChannel) handleWebhook(w http.ResponseWriter, r *http.Request) ctx := r.Context() // Log all incoming requests for debugging - logger.DebugCF("wecom_app", "Received webhook request", map[string]interface{}{ + logger.DebugCF("wecom_app", "Received webhook request", map[string]any{ "method": r.Method, "url": r.URL.String(), "path": r.URL.Path, @@ -250,7 +250,7 @@ func (c *WeComAppChannel) handleWebhook(w http.ResponseWriter, r *http.Request) return } - logger.WarnCF("wecom_app", "Method not allowed", map[string]interface{}{ + logger.WarnCF("wecom_app", "Method not allowed", map[string]any{ "method": r.Method, }) http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) @@ -264,7 +264,7 @@ func (c *WeComAppChannel) handleVerification(ctx context.Context, w http.Respons nonce := query.Get("nonce") echostr := query.Get("echostr") - logger.DebugCF("wecom_app", "Handling verification request", map[string]interface{}{ + logger.DebugCF("wecom_app", "Handling verification request", map[string]any{ "msg_signature": msgSignature, "timestamp": timestamp, "nonce": nonce, @@ -280,7 +280,7 @@ func (c *WeComAppChannel) handleVerification(ctx context.Context, w http.Respons // Verify signature if !WeComVerifySignature(c.config.Token, msgSignature, timestamp, nonce, echostr) { - logger.WarnCF("wecom_app", "Signature verification failed", map[string]interface{}{ + logger.WarnCF("wecom_app", "Signature verification failed", map[string]any{ "token": c.config.Token, "msg_signature": msgSignature, "timestamp": timestamp, @@ -294,13 +294,13 @@ func (c *WeComAppChannel) handleVerification(ctx context.Context, w http.Respons // Decrypt echostr with CorpID verification // For WeCom App (č‡Ŗå»ŗåŗ”ē”Ø), receiveid should be corp_id - logger.DebugCF("wecom_app", "Attempting to decrypt echostr", map[string]interface{}{ + logger.DebugCF("wecom_app", "Attempting to decrypt echostr", map[string]any{ "encoding_aes_key": c.config.EncodingAESKey, "corp_id": c.config.CorpID, }) decryptedEchoStr, err := WeComDecryptMessageWithVerify(echostr, c.config.EncodingAESKey, c.config.CorpID) if err != nil { - logger.ErrorCF("wecom_app", "Failed to decrypt echostr", map[string]interface{}{ + logger.ErrorCF("wecom_app", "Failed to decrypt echostr", map[string]any{ "error": err.Error(), "encoding_aes_key": c.config.EncodingAESKey, "corp_id": c.config.CorpID, @@ -309,7 +309,7 @@ func (c *WeComAppChannel) handleVerification(ctx context.Context, w http.Respons return } - logger.DebugCF("wecom_app", "Successfully decrypted echostr", map[string]interface{}{ + logger.DebugCF("wecom_app", "Successfully decrypted echostr", map[string]any{ "decrypted": decryptedEchoStr, }) @@ -349,7 +349,7 @@ func (c *WeComAppChannel) handleMessageCallback(ctx context.Context, w http.Resp } if err := xml.Unmarshal(body, &encryptedMsg); err != nil { - logger.ErrorCF("wecom_app", "Failed to parse XML", map[string]interface{}{ + logger.ErrorCF("wecom_app", "Failed to parse XML", map[string]any{ "error": err.Error(), }) http.Error(w, "Invalid XML", http.StatusBadRequest) @@ -367,7 +367,7 @@ func (c *WeComAppChannel) handleMessageCallback(ctx context.Context, w http.Resp // For WeCom App (č‡Ŗå»ŗåŗ”ē”Ø), receiveid should be corp_id decryptedMsg, err := WeComDecryptMessageWithVerify(encryptedMsg.Encrypt, c.config.EncodingAESKey, c.config.CorpID) if err != nil { - logger.ErrorCF("wecom_app", "Failed to decrypt message", map[string]interface{}{ + logger.ErrorCF("wecom_app", "Failed to decrypt message", map[string]any{ "error": err.Error(), }) http.Error(w, "Decryption failed", http.StatusInternalServerError) @@ -377,7 +377,7 @@ func (c *WeComAppChannel) handleMessageCallback(ctx context.Context, w http.Resp // Parse decrypted XML message var msg WeComXMLMessage if err := xml.Unmarshal([]byte(decryptedMsg), &msg); err != nil { - logger.ErrorCF("wecom_app", "Failed to parse decrypted message", map[string]interface{}{ + logger.ErrorCF("wecom_app", "Failed to parse decrypted message", map[string]any{ "error": err.Error(), }) http.Error(w, "Invalid message format", http.StatusBadRequest) @@ -396,7 +396,7 @@ func (c *WeComAppChannel) handleMessageCallback(ctx context.Context, w http.Resp func (c *WeComAppChannel) processMessage(ctx context.Context, msg WeComXMLMessage) { // Skip non-text messages for now (can be extended) if msg.MsgType != "text" && msg.MsgType != "image" && msg.MsgType != "voice" { - logger.DebugCF("wecom_app", "Skipping non-supported message type", map[string]interface{}{ + logger.DebugCF("wecom_app", "Skipping non-supported message type", map[string]any{ "msg_type": msg.MsgType, }) return @@ -408,7 +408,7 @@ func (c *WeComAppChannel) processMessage(ctx context.Context, msg WeComXMLMessag c.msgMu.Lock() if c.processedMsgs[msgID] { c.msgMu.Unlock() - logger.DebugCF("wecom_app", "Skipping duplicate message", map[string]interface{}{ + logger.DebugCF("wecom_app", "Skipping duplicate message", map[string]any{ "msg_id": msgID, }) return @@ -441,7 +441,7 @@ func (c *WeComAppChannel) processMessage(ctx context.Context, msg WeComXMLMessag content := msg.Content - logger.DebugCF("wecom_app", "Received message", map[string]interface{}{ + logger.DebugCF("wecom_app", "Received message", map[string]any{ "sender_id": senderID, "msg_type": msg.MsgType, "preview": utils.Truncate(content, 50), @@ -462,7 +462,7 @@ func (c *WeComAppChannel) tokenRefreshLoop() { return case <-ticker.C: if err := c.refreshAccessToken(); err != nil { - logger.ErrorCF("wecom_app", "Failed to refresh access token", map[string]interface{}{ + logger.ErrorCF("wecom_app", "Failed to refresh access token", map[string]any{ "error": err.Error(), }) } @@ -628,7 +628,7 @@ func (c *WeComAppChannel) sendMarkdownMessage(ctx context.Context, accessToken, // handleHealth handles health check requests func (c *WeComAppChannel) handleHealth(w http.ResponseWriter, r *http.Request) { - status := map[string]interface{}{ + status := map[string]any{ "status": "ok", "running": c.IsRunning(), "has_token": c.getAccessToken() != "", diff --git a/pkg/channels/wecom_app_test.go b/pkg/channels/wecom_app_test.go index bc40806bb..6778520f3 100644 --- a/pkg/channels/wecom_app_test.go +++ b/pkg/channels/wecom_app_test.go @@ -399,7 +399,11 @@ func TestWeComAppHandleVerification(t *testing.T) { nonce := "test_nonce" signature := generateSignatureApp("test_token", timestamp, nonce, encryptedEchostr) - req := httptest.NewRequest(http.MethodGet, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, nil) + req := httptest.NewRequest( + http.MethodGet, + "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, + nil, + ) w := httptest.NewRecorder() ch.handleVerification(context.Background(), w, req) @@ -429,7 +433,11 @@ func TestWeComAppHandleVerification(t *testing.T) { timestamp := "1234567890" nonce := "test_nonce" - req := httptest.NewRequest(http.MethodGet, "/webhook/wecom-app?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, nil) + req := httptest.NewRequest( + http.MethodGet, + "/webhook/wecom-app?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, + nil, + ) w := httptest.NewRecorder() ch.handleVerification(context.Background(), w, req) @@ -481,7 +489,11 @@ func TestWeComAppHandleMessageCallback(t *testing.T) { nonce := "test_nonce" signature := generateSignatureApp("test_token", timestamp, nonce, encrypted) - req := httptest.NewRequest(http.MethodPost, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + req := httptest.NewRequest( + http.MethodPost, + "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, + bytes.NewReader(wrapperData), + ) w := httptest.NewRecorder() ch.handleMessageCallback(context.Background(), w, req) @@ -510,7 +522,11 @@ func TestWeComAppHandleMessageCallback(t *testing.T) { nonce := "test_nonce" signature := generateSignatureApp("test_token", timestamp, nonce, "") - req := httptest.NewRequest(http.MethodPost, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, strings.NewReader("invalid xml")) + req := httptest.NewRequest( + http.MethodPost, + "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, + strings.NewReader("invalid xml"), + ) w := httptest.NewRecorder() ch.handleMessageCallback(context.Background(), w, req) @@ -532,7 +548,11 @@ func TestWeComAppHandleMessageCallback(t *testing.T) { timestamp := "1234567890" nonce := "test_nonce" - req := httptest.NewRequest(http.MethodPost, "/webhook/wecom-app?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + req := httptest.NewRequest( + http.MethodPost, + "/webhook/wecom-app?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce, + bytes.NewReader(wrapperData), + ) w := httptest.NewRecorder() ch.handleMessageCallback(context.Background(), w, req) @@ -646,7 +666,11 @@ func TestWeComAppHandleWebhook(t *testing.T) { nonce := "test_nonce" signature := generateSignatureApp("test_token", timestamp, nonce, encoded) - req := httptest.NewRequest(http.MethodGet, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encoded, nil) + req := httptest.NewRequest( + http.MethodGet, + "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encoded, + nil, + ) w := httptest.NewRecorder() ch.handleWebhook(w, req) @@ -669,7 +693,11 @@ func TestWeComAppHandleWebhook(t *testing.T) { nonce := "test_nonce" signature := generateSignatureApp("test_token", timestamp, nonce, encryptedWrapper.Encrypt) - req := httptest.NewRequest(http.MethodPost, "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + req := httptest.NewRequest( + http.MethodPost, + "/webhook/wecom-app?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, + bytes.NewReader(wrapperData), + ) w := httptest.NewRecorder() ch.handleWebhook(w, req) diff --git a/pkg/channels/wecom_test.go b/pkg/channels/wecom_test.go index c3f889c64..53cde2693 100644 --- a/pkg/channels/wecom_test.go +++ b/pkg/channels/wecom_test.go @@ -358,7 +358,11 @@ func TestWeComBotHandleVerification(t *testing.T) { nonce := "test_nonce" signature := generateSignature("test_token", timestamp, nonce, encryptedEchostr) - req := httptest.NewRequest(http.MethodGet, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, nil) + req := httptest.NewRequest( + http.MethodGet, + "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, + nil, + ) w := httptest.NewRecorder() ch.handleVerification(context.Background(), w, req) @@ -388,7 +392,11 @@ func TestWeComBotHandleVerification(t *testing.T) { timestamp := "1234567890" nonce := "test_nonce" - req := httptest.NewRequest(http.MethodGet, "/webhook/wecom?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, nil) + req := httptest.NewRequest( + http.MethodGet, + "/webhook/wecom?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encryptedEchostr, + nil, + ) w := httptest.NewRecorder() ch.handleVerification(context.Background(), w, req) @@ -437,7 +445,11 @@ func TestWeComBotHandleMessageCallback(t *testing.T) { nonce := "test_nonce" signature := generateSignature("test_token", timestamp, nonce, encrypted) - req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + req := httptest.NewRequest( + http.MethodPost, + "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, + bytes.NewReader(wrapperData), + ) w := httptest.NewRecorder() ch.handleMessageCallback(context.Background(), w, req) @@ -479,7 +491,11 @@ func TestWeComBotHandleMessageCallback(t *testing.T) { nonce := "test_nonce" signature := generateSignature("test_token", timestamp, nonce, encrypted) - req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + req := httptest.NewRequest( + http.MethodPost, + "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, + bytes.NewReader(wrapperData), + ) w := httptest.NewRecorder() ch.handleMessageCallback(context.Background(), w, req) @@ -508,7 +524,11 @@ func TestWeComBotHandleMessageCallback(t *testing.T) { nonce := "test_nonce" signature := generateSignature("test_token", timestamp, nonce, "") - req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, strings.NewReader("invalid xml")) + req := httptest.NewRequest( + http.MethodPost, + "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, + strings.NewReader("invalid xml"), + ) w := httptest.NewRecorder() ch.handleMessageCallback(context.Background(), w, req) @@ -530,7 +550,11 @@ func TestWeComBotHandleMessageCallback(t *testing.T) { timestamp := "1234567890" nonce := "test_nonce" - req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + req := httptest.NewRequest( + http.MethodPost, + "/webhook/wecom?msg_signature=invalid_sig×tamp="+timestamp+"&nonce="+nonce, + bytes.NewReader(wrapperData), + ) w := httptest.NewRecorder() ch.handleMessageCallback(context.Background(), w, req) @@ -625,7 +649,11 @@ func TestWeComBotHandleWebhook(t *testing.T) { nonce := "test_nonce" signature := generateSignature("test_token", timestamp, nonce, encoded) - req := httptest.NewRequest(http.MethodGet, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encoded, nil) + req := httptest.NewRequest( + http.MethodGet, + "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce+"&echostr="+encoded, + nil, + ) w := httptest.NewRecorder() ch.handleWebhook(w, req) @@ -648,7 +676,11 @@ func TestWeComBotHandleWebhook(t *testing.T) { nonce := "test_nonce" signature := generateSignature("test_token", timestamp, nonce, encryptedWrapper.Encrypt) - req := httptest.NewRequest(http.MethodPost, "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, bytes.NewReader(wrapperData)) + req := httptest.NewRequest( + http.MethodPost, + "/webhook/wecom?msg_signature="+signature+"×tamp="+timestamp+"&nonce="+nonce, + bytes.NewReader(wrapperData), + ) w := httptest.NewRecorder() ch.handleWebhook(w, req) diff --git a/pkg/config/config.go b/pkg/config/config.go index 005631e4a..20556011a 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -26,7 +26,7 @@ func (f *FlexibleStringSlice) UnmarshalJSON(data []byte) error { } // Try []interface{} to handle mixed types - var raw []interface{} + var raw []any if err := json.Unmarshal(data, &raw); err != nil { return err } @@ -167,16 +167,16 @@ type SessionConfig struct { } type AgentDefaults struct { - Workspace string `json:"workspace" env:"PICOCLAW_AGENTS_DEFAULTS_WORKSPACE"` - RestrictToWorkspace bool `json:"restrict_to_workspace" env:"PICOCLAW_AGENTS_DEFAULTS_RESTRICT_TO_WORKSPACE"` - Provider string `json:"provider" env:"PICOCLAW_AGENTS_DEFAULTS_PROVIDER"` - Model string `json:"model" env:"PICOCLAW_AGENTS_DEFAULTS_MODEL"` + Workspace string `json:"workspace" env:"PICOCLAW_AGENTS_DEFAULTS_WORKSPACE"` + RestrictToWorkspace bool `json:"restrict_to_workspace" env:"PICOCLAW_AGENTS_DEFAULTS_RESTRICT_TO_WORKSPACE"` + Provider string `json:"provider" env:"PICOCLAW_AGENTS_DEFAULTS_PROVIDER"` + Model string `json:"model" env:"PICOCLAW_AGENTS_DEFAULTS_MODEL"` ModelFallbacks []string `json:"model_fallbacks,omitempty"` - ImageModel string `json:"image_model,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_IMAGE_MODEL"` + ImageModel string `json:"image_model,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_IMAGE_MODEL"` ImageModelFallbacks []string `json:"image_model_fallbacks,omitempty"` - MaxTokens int `json:"max_tokens" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOKENS"` - Temperature *float64 `json:"temperature,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_TEMPERATURE"` - MaxToolIterations int `json:"max_tool_iterations" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOOL_ITERATIONS"` + MaxTokens int `json:"max_tokens" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOKENS"` + Temperature *float64 `json:"temperature,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_TEMPERATURE"` + MaxToolIterations int `json:"max_tool_iterations" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOOL_ITERATIONS"` } type ChannelsConfig struct { @@ -195,114 +195,114 @@ type ChannelsConfig struct { } type WhatsAppConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WHATSAPP_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WHATSAPP_ENABLED"` BridgeURL string `json:"bridge_url" env:"PICOCLAW_CHANNELS_WHATSAPP_BRIDGE_URL"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_WHATSAPP_ALLOW_FROM"` } type TelegramConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_TELEGRAM_ENABLED"` - Token string `json:"token" env:"PICOCLAW_CHANNELS_TELEGRAM_TOKEN"` - Proxy string `json:"proxy" env:"PICOCLAW_CHANNELS_TELEGRAM_PROXY"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_TELEGRAM_ENABLED"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_TELEGRAM_TOKEN"` + Proxy string `json:"proxy" env:"PICOCLAW_CHANNELS_TELEGRAM_PROXY"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_TELEGRAM_ALLOW_FROM"` } type FeishuConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_FEISHU_ENABLED"` - AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_FEISHU_APP_ID"` - AppSecret string `json:"app_secret" env:"PICOCLAW_CHANNELS_FEISHU_APP_SECRET"` - EncryptKey string `json:"encrypt_key" env:"PICOCLAW_CHANNELS_FEISHU_ENCRYPT_KEY"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_FEISHU_ENABLED"` + AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_FEISHU_APP_ID"` + AppSecret string `json:"app_secret" env:"PICOCLAW_CHANNELS_FEISHU_APP_SECRET"` + EncryptKey string `json:"encrypt_key" env:"PICOCLAW_CHANNELS_FEISHU_ENCRYPT_KEY"` VerificationToken string `json:"verification_token" env:"PICOCLAW_CHANNELS_FEISHU_VERIFICATION_TOKEN"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_FEISHU_ALLOW_FROM"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_FEISHU_ALLOW_FROM"` } type DiscordConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DISCORD_ENABLED"` - Token string `json:"token" env:"PICOCLAW_CHANNELS_DISCORD_TOKEN"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DISCORD_ALLOW_FROM"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DISCORD_ENABLED"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_DISCORD_TOKEN"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DISCORD_ALLOW_FROM"` MentionOnly bool `json:"mention_only" env:"PICOCLAW_CHANNELS_DISCORD_MENTION_ONLY"` } type MaixCamConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_MAIXCAM_ENABLED"` - Host string `json:"host" env:"PICOCLAW_CHANNELS_MAIXCAM_HOST"` - Port int `json:"port" env:"PICOCLAW_CHANNELS_MAIXCAM_PORT"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_MAIXCAM_ENABLED"` + Host string `json:"host" env:"PICOCLAW_CHANNELS_MAIXCAM_HOST"` + Port int `json:"port" env:"PICOCLAW_CHANNELS_MAIXCAM_PORT"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_MAIXCAM_ALLOW_FROM"` } type QQConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_QQ_ENABLED"` - AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_QQ_APP_ID"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_QQ_ENABLED"` + AppID string `json:"app_id" env:"PICOCLAW_CHANNELS_QQ_APP_ID"` AppSecret string `json:"app_secret" env:"PICOCLAW_CHANNELS_QQ_APP_SECRET"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_QQ_ALLOW_FROM"` } type DingTalkConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DINGTALK_ENABLED"` - ClientID string `json:"client_id" env:"PICOCLAW_CHANNELS_DINGTALK_CLIENT_ID"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_DINGTALK_ENABLED"` + ClientID string `json:"client_id" env:"PICOCLAW_CHANNELS_DINGTALK_CLIENT_ID"` ClientSecret string `json:"client_secret" env:"PICOCLAW_CHANNELS_DINGTALK_CLIENT_SECRET"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DINGTALK_ALLOW_FROM"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_DINGTALK_ALLOW_FROM"` } type SlackConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_SLACK_ENABLED"` - BotToken string `json:"bot_token" env:"PICOCLAW_CHANNELS_SLACK_BOT_TOKEN"` - AppToken string `json:"app_token" env:"PICOCLAW_CHANNELS_SLACK_APP_TOKEN"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_SLACK_ENABLED"` + BotToken string `json:"bot_token" env:"PICOCLAW_CHANNELS_SLACK_BOT_TOKEN"` + AppToken string `json:"app_token" env:"PICOCLAW_CHANNELS_SLACK_APP_TOKEN"` AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_SLACK_ALLOW_FROM"` } type LINEConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_LINE_ENABLED"` - ChannelSecret string `json:"channel_secret" env:"PICOCLAW_CHANNELS_LINE_CHANNEL_SECRET"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_LINE_ENABLED"` + ChannelSecret string `json:"channel_secret" env:"PICOCLAW_CHANNELS_LINE_CHANNEL_SECRET"` ChannelAccessToken string `json:"channel_access_token" env:"PICOCLAW_CHANNELS_LINE_CHANNEL_ACCESS_TOKEN"` - WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_HOST"` - WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PORT"` - WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PATH"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_LINE_ALLOW_FROM"` + WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_HOST"` + WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PORT"` + WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_LINE_WEBHOOK_PATH"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_LINE_ALLOW_FROM"` } type OneBotConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_ONEBOT_ENABLED"` - WSUrl string `json:"ws_url" env:"PICOCLAW_CHANNELS_ONEBOT_WS_URL"` - AccessToken string `json:"access_token" env:"PICOCLAW_CHANNELS_ONEBOT_ACCESS_TOKEN"` - ReconnectInterval int `json:"reconnect_interval" env:"PICOCLAW_CHANNELS_ONEBOT_RECONNECT_INTERVAL"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_ONEBOT_ENABLED"` + WSUrl string `json:"ws_url" env:"PICOCLAW_CHANNELS_ONEBOT_WS_URL"` + AccessToken string `json:"access_token" env:"PICOCLAW_CHANNELS_ONEBOT_ACCESS_TOKEN"` + ReconnectInterval int `json:"reconnect_interval" env:"PICOCLAW_CHANNELS_ONEBOT_RECONNECT_INTERVAL"` GroupTriggerPrefix []string `json:"group_trigger_prefix" env:"PICOCLAW_CHANNELS_ONEBOT_GROUP_TRIGGER_PREFIX"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_ONEBOT_ALLOW_FROM"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_ONEBOT_ALLOW_FROM"` } type WeComConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WECOM_ENABLED"` - Token string `json:"token" env:"PICOCLAW_CHANNELS_WECOM_TOKEN"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WECOM_ENABLED"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_WECOM_TOKEN"` EncodingAESKey string `json:"encoding_aes_key" env:"PICOCLAW_CHANNELS_WECOM_ENCODING_AES_KEY"` - WebhookURL string `json:"webhook_url" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_URL"` - WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_HOST"` - WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_PORT"` - WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_PATH"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_WECOM_ALLOW_FROM"` - ReplyTimeout int `json:"reply_timeout" env:"PICOCLAW_CHANNELS_WECOM_REPLY_TIMEOUT"` + WebhookURL string `json:"webhook_url" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_URL"` + WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_HOST"` + WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_PORT"` + WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_WECOM_WEBHOOK_PATH"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_WECOM_ALLOW_FROM"` + ReplyTimeout int `json:"reply_timeout" env:"PICOCLAW_CHANNELS_WECOM_REPLY_TIMEOUT"` } type WeComAppConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WECOM_APP_ENABLED"` - CorpID string `json:"corp_id" env:"PICOCLAW_CHANNELS_WECOM_APP_CORP_ID"` - CorpSecret string `json:"corp_secret" env:"PICOCLAW_CHANNELS_WECOM_APP_CORP_SECRET"` - AgentID int64 `json:"agent_id" env:"PICOCLAW_CHANNELS_WECOM_APP_AGENT_ID"` - Token string `json:"token" env:"PICOCLAW_CHANNELS_WECOM_APP_TOKEN"` + Enabled bool `json:"enabled" env:"PICOCLAW_CHANNELS_WECOM_APP_ENABLED"` + CorpID string `json:"corp_id" env:"PICOCLAW_CHANNELS_WECOM_APP_CORP_ID"` + CorpSecret string `json:"corp_secret" env:"PICOCLAW_CHANNELS_WECOM_APP_CORP_SECRET"` + AgentID int64 `json:"agent_id" env:"PICOCLAW_CHANNELS_WECOM_APP_AGENT_ID"` + Token string `json:"token" env:"PICOCLAW_CHANNELS_WECOM_APP_TOKEN"` EncodingAESKey string `json:"encoding_aes_key" env:"PICOCLAW_CHANNELS_WECOM_APP_ENCODING_AES_KEY"` - WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_WECOM_APP_WEBHOOK_HOST"` - WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_WECOM_APP_WEBHOOK_PORT"` - WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_WECOM_APP_WEBHOOK_PATH"` - AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_WECOM_APP_ALLOW_FROM"` - ReplyTimeout int `json:"reply_timeout" env:"PICOCLAW_CHANNELS_WECOM_APP_REPLY_TIMEOUT"` + WebhookHost string `json:"webhook_host" env:"PICOCLAW_CHANNELS_WECOM_APP_WEBHOOK_HOST"` + WebhookPort int `json:"webhook_port" env:"PICOCLAW_CHANNELS_WECOM_APP_WEBHOOK_PORT"` + WebhookPath string `json:"webhook_path" env:"PICOCLAW_CHANNELS_WECOM_APP_WEBHOOK_PATH"` + AllowFrom FlexibleStringSlice `json:"allow_from" env:"PICOCLAW_CHANNELS_WECOM_APP_ALLOW_FROM"` + ReplyTimeout int `json:"reply_timeout" env:"PICOCLAW_CHANNELS_WECOM_APP_REPLY_TIMEOUT"` } type HeartbeatConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_HEARTBEAT_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_HEARTBEAT_ENABLED"` Interval int `json:"interval" env:"PICOCLAW_HEARTBEAT_INTERVAL"` // minutes, min 5 } type DevicesConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_DEVICES_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_DEVICES_ENABLED"` MonitorUSB bool `json:"monitor_usb" env:"PICOCLAW_DEVICES_MONITOR_USB"` } @@ -359,11 +359,11 @@ func (p ProvidersConfig) MarshalJSON() ([]byte, error) { } type ProviderConfig struct { - APIKey string `json:"api_key" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_KEY"` - APIBase string `json:"api_base" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_BASE"` - Proxy string `json:"proxy,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_PROXY"` - AuthMethod string `json:"auth_method,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_AUTH_METHOD"` - ConnectMode string `json:"connect_mode,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_CONNECT_MODE"` //only for Github Copilot, `stdio` or `grpc` + APIKey string `json:"api_key" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_KEY"` + APIBase string `json:"api_base" env:"PICOCLAW_PROVIDERS_{{.Name}}_API_BASE"` + Proxy string `json:"proxy,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_PROXY"` + AuthMethod string `json:"auth_method,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_AUTH_METHOD"` + ConnectMode string `json:"connect_mode,omitempty" env:"PICOCLAW_PROVIDERS_{{.Name}}_CONNECT_MODE"` // only for Github Copilot, `stdio` or `grpc` } type OpenAIProviderConfig struct { @@ -413,19 +413,19 @@ type GatewayConfig struct { } type BraveConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_BRAVE_ENABLED"` - APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_BRAVE_API_KEY"` + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_BRAVE_ENABLED"` + APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_BRAVE_API_KEY"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_BRAVE_MAX_RESULTS"` } type DuckDuckGoConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_ENABLED"` + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_ENABLED"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_MAX_RESULTS"` } type PerplexityConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_ENABLED"` - APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_API_KEY"` + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_ENABLED"` + APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_API_KEY"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_PERPLEXITY_MAX_RESULTS"` } @@ -458,7 +458,7 @@ type SkillsToolsConfig struct { } type SearchCacheConfig struct { - MaxSize int `json:"max_size" env:"PICOCLAW_SKILLS_SEARCH_CACHE_MAX_SIZE"` + MaxSize int `json:"max_size" env:"PICOCLAW_SKILLS_SEARCH_CACHE_MAX_SIZE"` TTLSeconds int `json:"ttl_seconds" env:"PICOCLAW_SKILLS_SEARCH_CACHE_TTL_SECONDS"` } @@ -467,14 +467,14 @@ type SkillsRegistriesConfig struct { } type ClawHubRegistryConfig struct { - Enabled bool `json:"enabled" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_ENABLED"` - BaseURL string `json:"base_url" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_BASE_URL"` - AuthToken string `json:"auth_token" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_AUTH_TOKEN"` - SearchPath string `json:"search_path" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_SEARCH_PATH"` - SkillsPath string `json:"skills_path" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_SKILLS_PATH"` - DownloadPath string `json:"download_path" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_DOWNLOAD_PATH"` - Timeout int `json:"timeout" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_TIMEOUT"` - MaxZipSize int `json:"max_zip_size" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_MAX_ZIP_SIZE"` + Enabled bool `json:"enabled" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_ENABLED"` + BaseURL string `json:"base_url" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_BASE_URL"` + AuthToken string `json:"auth_token" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_AUTH_TOKEN"` + SearchPath string `json:"search_path" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_SEARCH_PATH"` + SkillsPath string `json:"skills_path" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_SKILLS_PATH"` + DownloadPath string `json:"download_path" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_DOWNLOAD_PATH"` + Timeout int `json:"timeout" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_TIMEOUT"` + MaxZipSize int `json:"max_zip_size" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_MAX_ZIP_SIZE"` MaxResponseSize int `json:"max_response_size" env:"PICOCLAW_SKILLS_REGISTRIES_CLAWHUB_MAX_RESPONSE_SIZE"` } @@ -517,11 +517,11 @@ func SaveConfig(path string, cfg *Config) error { } dir := filepath.Dir(path) - if err := os.MkdirAll(dir, 0755); err != nil { + if err := os.MkdirAll(dir, 0o755); err != nil { return err } - return os.WriteFile(path, data, 0600) + return os.WriteFile(path, data, 0o600) } func (c *Config) WorkspacePath() string { diff --git a/pkg/config/migration_test.go b/pkg/config/migration_test.go index b9a333f9e..1e8139e68 100644 --- a/pkg/config/migration_test.go +++ b/pkg/config/migration_test.go @@ -361,7 +361,10 @@ func TestConvertProvidersToModelList_ProviderNameAliases(t *testing.T) { Agents: AgentsConfig{ Defaults: AgentDefaults{ Provider: tt.providerAlias, - Model: strings.TrimPrefix(tt.expectedModel, tt.expectedModel[:strings.Index(tt.expectedModel, "/")+1]), + Model: strings.TrimPrefix( + tt.expectedModel, + tt.expectedModel[:strings.Index(tt.expectedModel, "/")+1], + ), }, }, Providers: ProvidersConfig{}, @@ -382,7 +385,10 @@ func TestConvertProvidersToModelList_ProviderNameAliases(t *testing.T) { } // Need to fix the model name in config - cfg.Agents.Defaults.Model = strings.TrimPrefix(tt.expectedModel, tt.expectedModel[:strings.Index(tt.expectedModel, "/")+1]) + cfg.Agents.Defaults.Model = strings.TrimPrefix( + tt.expectedModel, + tt.expectedModel[:strings.Index(tt.expectedModel, "/")+1], + ) result := ConvertProvidersToModelList(cfg) if len(result) != 1 { @@ -515,7 +521,11 @@ func TestBuildModelWithProtocol_AlreadyHasPrefix(t *testing.T) { func TestBuildModelWithProtocol_DifferentPrefix(t *testing.T) { result := buildModelWithProtocol("anthropic", "openrouter/claude-sonnet-4.6") if result != "openrouter/claude-sonnet-4.6" { - t.Errorf("buildModelWithProtocol(anthropic, openrouter/claude-sonnet-4.6) = %q, want %q", result, "openrouter/claude-sonnet-4.6") + t.Errorf( + "buildModelWithProtocol(anthropic, openrouter/claude-sonnet-4.6) = %q, want %q", + result, + "openrouter/claude-sonnet-4.6", + ) } } diff --git a/pkg/migrate/migrate_test.go b/pkg/migrate/migrate_test.go index 759fc9024..ccc00f72c 100644 --- a/pkg/migrate/migrate_test.go +++ b/pkg/migrate/migrate_test.go @@ -40,20 +40,20 @@ func TestCamelToSnake(t *testing.T) { } func TestConvertKeysToSnake(t *testing.T) { - input := map[string]interface{}{ + input := map[string]any{ "apiKey": "test-key", "apiBase": "https://example.com", - "nested": map[string]interface{}{ + "nested": map[string]any{ "maxTokens": float64(8192), - "allowFrom": []interface{}{"user1", "user2"}, - "deeperLevel": map[string]interface{}{ + "allowFrom": []any{"user1", "user2"}, + "deeperLevel": map[string]any{ "clientId": "abc", }, }, } result := convertKeysToSnake(input) - m, ok := result.(map[string]interface{}) + m, ok := result.(map[string]any) if !ok { t.Fatal("expected map[string]interface{}") } @@ -65,7 +65,7 @@ func TestConvertKeysToSnake(t *testing.T) { t.Error("expected key 'api_base' after conversion") } - nested, ok := m["nested"].(map[string]interface{}) + nested, ok := m["nested"].(map[string]any) if !ok { t.Fatal("expected nested map") } @@ -76,7 +76,7 @@ func TestConvertKeysToSnake(t *testing.T) { t.Error("expected key 'allow_from' in nested map") } - deeper, ok := nested["deeper_level"].(map[string]interface{}) + deeper, ok := nested["deeper_level"].(map[string]any) if !ok { t.Fatal("expected deeper_level map") } @@ -89,15 +89,15 @@ func TestLoadOpenClawConfig(t *testing.T) { tmpDir := t.TempDir() configPath := filepath.Join(tmpDir, "openclaw.json") - openclawConfig := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + openclawConfig := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "sk-ant-test123", "apiBase": "https://api.anthropic.com", }, }, - "agents": map[string]interface{}{ - "defaults": map[string]interface{}{ + "agents": map[string]any{ + "defaults": map[string]any{ "maxTokens": float64(4096), "model": "claude-3-opus", }, @@ -108,7 +108,7 @@ func TestLoadOpenClawConfig(t *testing.T) { if err != nil { t.Fatal(err) } - if err := os.WriteFile(configPath, data, 0644); err != nil { + if err := os.WriteFile(configPath, data, 0o644); err != nil { t.Fatal(err) } @@ -117,11 +117,11 @@ func TestLoadOpenClawConfig(t *testing.T) { t.Fatalf("LoadOpenClawConfig: %v", err) } - providers, ok := result["providers"].(map[string]interface{}) + providers, ok := result["providers"].(map[string]any) if !ok { t.Fatal("expected providers map") } - anthropic, ok := providers["anthropic"].(map[string]interface{}) + anthropic, ok := providers["anthropic"].(map[string]any) if !ok { t.Fatal("expected anthropic map") } @@ -129,11 +129,11 @@ func TestLoadOpenClawConfig(t *testing.T) { t.Errorf("api_key = %v, want sk-ant-test123", anthropic["api_key"]) } - agents, ok := result["agents"].(map[string]interface{}) + agents, ok := result["agents"].(map[string]any) if !ok { t.Fatal("expected agents map") } - defaults, ok := agents["defaults"].(map[string]interface{}) + defaults, ok := agents["defaults"].(map[string]any) if !ok { t.Fatal("expected defaults map") } @@ -144,16 +144,16 @@ func TestLoadOpenClawConfig(t *testing.T) { func TestConvertConfig(t *testing.T) { t.Run("providers mapping", func(t *testing.T) { - data := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + data := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "api_key": "sk-ant-test", "api_base": "https://api.anthropic.com", }, - "openrouter": map[string]interface{}{ + "openrouter": map[string]any{ "api_key": "sk-or-test", }, - "groq": map[string]interface{}{ + "groq": map[string]any{ "api_key": "gsk-test", }, }, @@ -178,9 +178,9 @@ func TestConvertConfig(t *testing.T) { }) t.Run("unsupported provider warning", func(t *testing.T) { - data := map[string]interface{}{ - "providers": map[string]interface{}{ - "unknown_provider": map[string]interface{}{ + data := map[string]any{ + "providers": map[string]any{ + "unknown_provider": map[string]any{ "api_key": "sk-test", }, }, @@ -199,14 +199,14 @@ func TestConvertConfig(t *testing.T) { }) t.Run("channels mapping", func(t *testing.T) { - data := map[string]interface{}{ - "channels": map[string]interface{}{ - "telegram": map[string]interface{}{ + data := map[string]any{ + "channels": map[string]any{ + "telegram": map[string]any{ "enabled": true, "token": "tg-token-123", - "allow_from": []interface{}{"user1"}, + "allow_from": []any{"user1"}, }, - "discord": map[string]interface{}{ + "discord": map[string]any{ "enabled": true, "token": "disc-token-456", }, @@ -232,9 +232,9 @@ func TestConvertConfig(t *testing.T) { }) t.Run("unsupported channel warning", func(t *testing.T) { - data := map[string]interface{}{ - "channels": map[string]interface{}{ - "email": map[string]interface{}{ + data := map[string]any{ + "channels": map[string]any{ + "email": map[string]any{ "enabled": true, }, }, @@ -253,9 +253,9 @@ func TestConvertConfig(t *testing.T) { }) t.Run("agent defaults", func(t *testing.T) { - data := map[string]interface{}{ - "agents": map[string]interface{}{ - "defaults": map[string]interface{}{ + data := map[string]any{ + "agents": map[string]any{ + "defaults": map[string]any{ "model": "claude-3-opus", "max_tokens": float64(4096), "temperature": 0.5, @@ -287,7 +287,7 @@ func TestConvertConfig(t *testing.T) { }) t.Run("empty config", func(t *testing.T) { - data := map[string]interface{}{} + data := map[string]any{} cfg, warnings, err := ConvertConfig(data) if err != nil { @@ -389,9 +389,9 @@ func TestPlanWorkspaceMigration(t *testing.T) { srcDir := t.TempDir() dstDir := t.TempDir() - os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents"), 0644) - os.WriteFile(filepath.Join(srcDir, "SOUL.md"), []byte("# Soul"), 0644) - os.WriteFile(filepath.Join(srcDir, "USER.md"), []byte("# User"), 0644) + os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents"), 0o644) + os.WriteFile(filepath.Join(srcDir, "SOUL.md"), []byte("# Soul"), 0o644) + os.WriteFile(filepath.Join(srcDir, "USER.md"), []byte("# User"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, false) if err != nil { @@ -420,8 +420,8 @@ func TestPlanWorkspaceMigration(t *testing.T) { srcDir := t.TempDir() dstDir := t.TempDir() - os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents from OpenClaw"), 0644) - os.WriteFile(filepath.Join(dstDir, "AGENTS.md"), []byte("# Existing Agents"), 0644) + os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents from OpenClaw"), 0o644) + os.WriteFile(filepath.Join(dstDir, "AGENTS.md"), []byte("# Existing Agents"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, false) if err != nil { @@ -443,8 +443,8 @@ func TestPlanWorkspaceMigration(t *testing.T) { srcDir := t.TempDir() dstDir := t.TempDir() - os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents"), 0644) - os.WriteFile(filepath.Join(dstDir, "AGENTS.md"), []byte("# Existing"), 0644) + os.WriteFile(filepath.Join(srcDir, "AGENTS.md"), []byte("# Agents"), 0o644) + os.WriteFile(filepath.Join(dstDir, "AGENTS.md"), []byte("# Existing"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, true) if err != nil { @@ -463,8 +463,8 @@ func TestPlanWorkspaceMigration(t *testing.T) { dstDir := t.TempDir() memDir := filepath.Join(srcDir, "memory") - os.MkdirAll(memDir, 0755) - os.WriteFile(filepath.Join(memDir, "MEMORY.md"), []byte("# Memory"), 0644) + os.MkdirAll(memDir, 0o755) + os.WriteFile(filepath.Join(memDir, "MEMORY.md"), []byte("# Memory"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, false) if err != nil { @@ -494,8 +494,8 @@ func TestPlanWorkspaceMigration(t *testing.T) { dstDir := t.TempDir() skillDir := filepath.Join(srcDir, "skills", "weather") - os.MkdirAll(skillDir, 0755) - os.WriteFile(filepath.Join(skillDir, "SKILL.md"), []byte("# Weather"), 0644) + os.MkdirAll(skillDir, 0o755) + os.WriteFile(filepath.Join(skillDir, "SKILL.md"), []byte("# Weather"), 0o644) actions, err := PlanWorkspaceMigration(srcDir, dstDir, false) if err != nil { @@ -518,7 +518,7 @@ func TestFindOpenClawConfig(t *testing.T) { t.Run("finds openclaw.json", func(t *testing.T) { tmpDir := t.TempDir() configPath := filepath.Join(tmpDir, "openclaw.json") - os.WriteFile(configPath, []byte("{}"), 0644) + os.WriteFile(configPath, []byte("{}"), 0o644) found, err := findOpenClawConfig(tmpDir) if err != nil { @@ -532,7 +532,7 @@ func TestFindOpenClawConfig(t *testing.T) { t.Run("falls back to config.json", func(t *testing.T) { tmpDir := t.TempDir() configPath := filepath.Join(tmpDir, "config.json") - os.WriteFile(configPath, []byte("{}"), 0644) + os.WriteFile(configPath, []byte("{}"), 0o644) found, err := findOpenClawConfig(tmpDir) if err != nil { @@ -546,8 +546,8 @@ func TestFindOpenClawConfig(t *testing.T) { t.Run("prefers openclaw.json over config.json", func(t *testing.T) { tmpDir := t.TempDir() openclawPath := filepath.Join(tmpDir, "openclaw.json") - os.WriteFile(openclawPath, []byte("{}"), 0644) - os.WriteFile(filepath.Join(tmpDir, "config.json"), []byte("{}"), 0644) + os.WriteFile(openclawPath, []byte("{}"), 0o644) + os.WriteFile(filepath.Join(tmpDir, "config.json"), []byte("{}"), 0o644) found, err := findOpenClawConfig(tmpDir) if err != nil { @@ -593,19 +593,19 @@ func TestRunDryRun(t *testing.T) { picoClawHome := t.TempDir() wsDir := filepath.Join(openclawHome, "workspace") - os.MkdirAll(wsDir, 0755) - os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0644) - os.WriteFile(filepath.Join(wsDir, "AGENTS.md"), []byte("# Agents"), 0644) + os.MkdirAll(wsDir, 0o755) + os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0o644) + os.WriteFile(filepath.Join(wsDir, "AGENTS.md"), []byte("# Agents"), 0o644) - configData := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + configData := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "test-key", }, }, } data, _ := json.Marshal(configData) - os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0644) + os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0o644) opts := Options{ DryRun: true, @@ -634,33 +634,33 @@ func TestRunFullMigration(t *testing.T) { picoClawHome := t.TempDir() wsDir := filepath.Join(openclawHome, "workspace") - os.MkdirAll(wsDir, 0755) - os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul from OpenClaw"), 0644) - os.WriteFile(filepath.Join(wsDir, "AGENTS.md"), []byte("# Agents from OpenClaw"), 0644) - os.WriteFile(filepath.Join(wsDir, "USER.md"), []byte("# User from OpenClaw"), 0644) + os.MkdirAll(wsDir, 0o755) + os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul from OpenClaw"), 0o644) + os.WriteFile(filepath.Join(wsDir, "AGENTS.md"), []byte("# Agents from OpenClaw"), 0o644) + os.WriteFile(filepath.Join(wsDir, "USER.md"), []byte("# User from OpenClaw"), 0o644) memDir := filepath.Join(wsDir, "memory") - os.MkdirAll(memDir, 0755) - os.WriteFile(filepath.Join(memDir, "MEMORY.md"), []byte("# Memory notes"), 0644) + os.MkdirAll(memDir, 0o755) + os.WriteFile(filepath.Join(memDir, "MEMORY.md"), []byte("# Memory notes"), 0o644) - configData := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + configData := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "sk-ant-migrate-test", }, - "openrouter": map[string]interface{}{ + "openrouter": map[string]any{ "apiKey": "sk-or-migrate-test", }, }, - "channels": map[string]interface{}{ - "telegram": map[string]interface{}{ + "channels": map[string]any{ + "telegram": map[string]any{ "enabled": true, "token": "tg-migrate-test", }, }, } data, _ := json.Marshal(configData) - os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0644) + os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0o644) opts := Options{ Force: true, @@ -754,7 +754,7 @@ func TestRunMutuallyExclusiveFlags(t *testing.T) { func TestBackupFile(t *testing.T) { tmpDir := t.TempDir() filePath := filepath.Join(tmpDir, "test.md") - os.WriteFile(filePath, []byte("original content"), 0644) + os.WriteFile(filePath, []byte("original content"), 0o644) if err := backupFile(filePath); err != nil { t.Fatalf("backupFile: %v", err) @@ -775,7 +775,7 @@ func TestCopyFile(t *testing.T) { srcPath := filepath.Join(tmpDir, "src.md") dstPath := filepath.Join(tmpDir, "dst.md") - os.WriteFile(srcPath, []byte("file content"), 0644) + os.WriteFile(srcPath, []byte("file content"), 0o644) if err := copyFile(srcPath, dstPath); err != nil { t.Fatalf("copyFile: %v", err) @@ -795,18 +795,18 @@ func TestRunConfigOnly(t *testing.T) { picoClawHome := t.TempDir() wsDir := filepath.Join(openclawHome, "workspace") - os.MkdirAll(wsDir, 0755) - os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0644) + os.MkdirAll(wsDir, 0o755) + os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0o644) - configData := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + configData := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "sk-config-only", }, }, } data, _ := json.Marshal(configData) - os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0644) + os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0o644) opts := Options{ Force: true, @@ -835,18 +835,18 @@ func TestRunWorkspaceOnly(t *testing.T) { picoClawHome := t.TempDir() wsDir := filepath.Join(openclawHome, "workspace") - os.MkdirAll(wsDir, 0755) - os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0644) + os.MkdirAll(wsDir, 0o755) + os.WriteFile(filepath.Join(wsDir, "SOUL.md"), []byte("# Soul"), 0o644) - configData := map[string]interface{}{ - "providers": map[string]interface{}{ - "anthropic": map[string]interface{}{ + configData := map[string]any{ + "providers": map[string]any{ + "anthropic": map[string]any{ "apiKey": "sk-ws-only", }, }, } data, _ := json.Marshal(configData) - os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0644) + os.WriteFile(filepath.Join(openclawHome, "openclaw.json"), data, 0o644) opts := Options{ Force: true, diff --git a/pkg/providers/anthropic/provider_test.go b/pkg/providers/anthropic/provider_test.go index 08ac9c829..3d21c1d0b 100644 --- a/pkg/providers/anthropic/provider_test.go +++ b/pkg/providers/anthropic/provider_test.go @@ -15,7 +15,7 @@ func TestBuildParams_BasicMessage(t *testing.T) { messages := []Message{ {Role: "user", Content: "Hello"}, } - params, err := buildParams(messages, nil, "claude-sonnet-4.6", map[string]interface{}{ + params, err := buildParams(messages, nil, "claude-sonnet-4.6", map[string]any{ "max_tokens": 1024, }) if err != nil { @@ -37,7 +37,7 @@ func TestBuildParams_SystemMessage(t *testing.T) { {Role: "system", Content: "You are helpful"}, {Role: "user", Content: "Hi"}, } - params, err := buildParams(messages, nil, "claude-sonnet-4.6", map[string]interface{}{}) + params, err := buildParams(messages, nil, "claude-sonnet-4.6", map[string]any{}) if err != nil { t.Fatalf("buildParams() error: %v", err) } @@ -62,13 +62,13 @@ func TestBuildParams_ToolCallMessage(t *testing.T) { { ID: "call_1", Name: "get_weather", - Arguments: map[string]interface{}{"city": "SF"}, + Arguments: map[string]any{"city": "SF"}, }, }, }, {Role: "tool", Content: `{"temp": 72}`, ToolCallID: "call_1"}, } - params, err := buildParams(messages, nil, "claude-sonnet-4.6", map[string]interface{}{}) + params, err := buildParams(messages, nil, "claude-sonnet-4.6", map[string]any{}) if err != nil { t.Fatalf("buildParams() error: %v", err) } @@ -84,17 +84,17 @@ func TestBuildParams_WithTools(t *testing.T) { Function: ToolFunctionDefinition{ Name: "get_weather", Description: "Get weather for a city", - Parameters: map[string]interface{}{ + Parameters: map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "city": map[string]interface{}{"type": "string"}, + "properties": map[string]any{ + "city": map[string]any{"type": "string"}, }, - "required": []interface{}{"city"}, + "required": []any{"city"}, }, }, }, } - params, err := buildParams([]Message{{Role: "user", Content: "Hi"}}, tools, "claude-sonnet-4.6", map[string]interface{}{}) + params, err := buildParams([]Message{{Role: "user", Content: "Hi"}}, tools, "claude-sonnet-4.6", map[string]any{}) if err != nil { t.Fatalf("buildParams() error: %v", err) } @@ -154,19 +154,19 @@ func TestProvider_ChatRoundTrip(t *testing.T) { return } - var reqBody map[string]interface{} + var reqBody map[string]any json.NewDecoder(r.Body).Decode(&reqBody) - resp := map[string]interface{}{ + resp := map[string]any{ "id": "msg_test", "type": "message", "role": "assistant", "model": reqBody["model"], "stop_reason": "end_turn", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "text", "text": "Hello! How can I help you?"}, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 15, "output_tokens": 8, }, @@ -178,7 +178,7 @@ func TestProvider_ChatRoundTrip(t *testing.T) { provider := NewProviderWithClient(createAnthropicTestClient(server.URL, "test-token")) messages := []Message{{Role: "user", Content: "Hello"}} - resp, err := provider.Chat(t.Context(), messages, nil, "claude-sonnet-4.6", map[string]interface{}{"max_tokens": 1024}) + resp, err := provider.Chat(t.Context(), messages, nil, "claude-sonnet-4.6", map[string]any{"max_tokens": 1024}) if err != nil { t.Fatalf("Chat() error: %v", err) } @@ -221,19 +221,19 @@ func TestProvider_ChatUsesTokenSource(t *testing.T) { return } - var reqBody map[string]interface{} + var reqBody map[string]any json.NewDecoder(r.Body).Decode(&reqBody) - resp := map[string]interface{}{ + resp := map[string]any{ "id": "msg_test", "type": "message", "role": "assistant", "model": reqBody["model"], "stop_reason": "end_turn", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "text", "text": "ok"}, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 1, "output_tokens": 1, }, @@ -247,7 +247,13 @@ func TestProvider_ChatUsesTokenSource(t *testing.T) { return "refreshed-token", nil }, server.URL) - _, err := p.Chat(t.Context(), []Message{{Role: "user", Content: "hello"}}, nil, "claude-sonnet-4.6", map[string]interface{}{}) + _, err := p.Chat( + t.Context(), + []Message{{Role: "user", Content: "hello"}}, + nil, + "claude-sonnet-4.6", + map[string]any{}, + ) if err != nil { t.Fatalf("Chat() error: %v", err) } diff --git a/pkg/providers/antigravity_provider.go b/pkg/providers/antigravity_provider.go index 6c6bf7830..cff67c88c 100644 --- a/pkg/providers/antigravity_provider.go +++ b/pkg/providers/antigravity_provider.go @@ -45,7 +45,13 @@ func NewAntigravityProvider() *AntigravityProvider { // Chat implements LLMProvider.Chat using the Cloud Code Assist v1internal API. // The v1internal endpoint wraps the standard Gemini request in an envelope with // project, model, request, requestType, userAgent, and requestId fields. -func (p *AntigravityProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *AntigravityProvider) Chat( + ctx context.Context, + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, +) (*LLMResponse, error) { accessToken, projectID, err := p.tokenSource() if err != nil { return nil, fmt.Errorf("antigravity auth: %w", err) @@ -58,7 +64,7 @@ func (p *AntigravityProvider) Chat(ctx context.Context, messages []Message, tool model = strings.TrimPrefix(model, "google-antigravity/") model = strings.TrimPrefix(model, "antigravity/") - logger.DebugCF("provider.antigravity", "Starting chat", map[string]interface{}{ + logger.DebugCF("provider.antigravity", "Starting chat", map[string]any{ "model": model, "project": projectID, "requestId": fmt.Sprintf("agent-%d-%s", time.Now().UnixMilli(), randomString(9)), @@ -68,7 +74,7 @@ func (p *AntigravityProvider) Chat(ctx context.Context, messages []Message, tool innerRequest := p.buildRequest(messages, tools, model, options) // Wrap in v1internal envelope (matches pi-ai SDK format) - envelope := map[string]interface{}{ + envelope := map[string]any{ "project": projectID, "model": model, "request": innerRequest, @@ -115,7 +121,7 @@ func (p *AntigravityProvider) Chat(ctx context.Context, messages []Message, tool } if resp.StatusCode != http.StatusOK { - logger.ErrorCF("provider.antigravity", "API call failed", map[string]interface{}{ + logger.ErrorCF("provider.antigravity", "API call failed", map[string]any{ "status_code": resp.StatusCode, "response": string(respBody), "model": model, @@ -133,7 +139,9 @@ func (p *AntigravityProvider) Chat(ctx context.Context, messages []Message, tool // Check for empty response (some models might return valid success but empty text) if llmResp.Content == "" && len(llmResp.ToolCalls) == 0 { - return nil, fmt.Errorf("antigravity: model returned an empty response (this model might be invalid or restricted)") + return nil, fmt.Errorf( + "antigravity: model returned an empty response (this model might be invalid or restricted)", + ) } return llmResp, nil @@ -167,13 +175,13 @@ type antigravityPart struct { } type antigravityFunctionCall struct { - Name string `json:"name"` - Args map[string]interface{} `json:"args"` + Name string `json:"name"` + Args map[string]any `json:"args"` } type antigravityFunctionResponse struct { - Name string `json:"name"` - Response map[string]interface{} `json:"response"` + Name string `json:"name"` + Response map[string]any `json:"response"` } type antigravityTool struct { @@ -181,9 +189,9 @@ type antigravityTool struct { } type antigravityFuncDecl struct { - Name string `json:"name"` - Description string `json:"description,omitempty"` - Parameters interface{} `json:"parameters,omitempty"` + Name string `json:"name"` + Description string `json:"description,omitempty"` + Parameters any `json:"parameters,omitempty"` } type antigravitySystemPrompt struct { @@ -195,7 +203,12 @@ type antigravityGenConfig struct { Temperature float64 `json:"temperature,omitempty"` } -func (p *AntigravityProvider) buildRequest(messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) antigravityRequest { +func (p *AntigravityProvider) buildRequest( + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, +) antigravityRequest { req := antigravityRequest{} toolCallNames := make(map[string]string) @@ -215,7 +228,7 @@ func (p *AntigravityProvider) buildRequest(messages []Message, tools []ToolDefin Parts: []antigravityPart{{ FunctionResponse: &antigravityFunctionResponse{ Name: toolName, - Response: map[string]interface{}{ + Response: map[string]any{ "result": msg.Content, }, }, @@ -237,9 +250,13 @@ func (p *AntigravityProvider) buildRequest(messages []Message, tools []ToolDefin for _, tc := range msg.ToolCalls { toolName, toolArgs, thoughtSignature := normalizeStoredToolCall(tc) if toolName == "" { - logger.WarnCF("provider.antigravity", "Skipping tool call with empty name in history", map[string]interface{}{ - "tool_call_id": tc.ID, - }) + logger.WarnCF( + "provider.antigravity", + "Skipping tool call with empty name in history", + map[string]any{ + "tool_call_id": tc.ID, + }, + ) continue } if tc.ID != "" { @@ -264,7 +281,7 @@ func (p *AntigravityProvider) buildRequest(messages []Message, tools []ToolDefin Parts: []antigravityPart{{ FunctionResponse: &antigravityFunctionResponse{ Name: toolName, - Response: map[string]interface{}{ + Response: map[string]any{ "result": msg.Content, }, }, @@ -311,7 +328,7 @@ func (p *AntigravityProvider) buildRequest(messages []Message, tools []ToolDefin return req } -func normalizeStoredToolCall(tc ToolCall) (string, map[string]interface{}, string) { +func normalizeStoredToolCall(tc ToolCall) (string, map[string]any, string) { name := tc.Name args := tc.Arguments thoughtSignature := "" @@ -324,11 +341,11 @@ func normalizeStoredToolCall(tc ToolCall) (string, map[string]interface{}, strin } if args == nil { - args = map[string]interface{}{} + args = map[string]any{} } if len(args) == 0 && tc.Function != nil && tc.Function.Arguments != "" { - var parsed map[string]interface{} + var parsed map[string]any if err := json.Unmarshal([]byte(tc.Function.Arguments), &parsed); err == nil && parsed != nil { args = parsed } @@ -483,9 +500,12 @@ func (p *AntigravityProvider) parseSSEResponse(body string) (*LLMResponse, error Name: part.FunctionCall.Name, Arguments: part.FunctionCall.Args, Function: &FunctionCall{ - Name: part.FunctionCall.Name, - Arguments: string(argumentsJSON), - ThoughtSignature: extractPartThoughtSignature(part.ThoughtSignature, part.ThoughtSignatureSnake), + Name: part.FunctionCall.Name, + Arguments: string(argumentsJSON), + ThoughtSignature: extractPartThoughtSignature( + part.ThoughtSignature, + part.ThoughtSignatureSnake, + ), }, }) } @@ -556,24 +576,24 @@ var geminiUnsupportedKeywords = map[string]bool{ "maxProperties": true, } -func sanitizeSchemaForGemini(schema map[string]interface{}) map[string]interface{} { +func sanitizeSchemaForGemini(schema map[string]any) map[string]any { if schema == nil { return nil } - result := make(map[string]interface{}) + result := make(map[string]any) for k, v := range schema { if geminiUnsupportedKeywords[k] { continue } // Recursively sanitize nested objects switch val := v.(type) { - case map[string]interface{}: + case map[string]any: result[k] = sanitizeSchemaForGemini(val) - case []interface{}: - sanitized := make([]interface{}, len(val)) + case []any: + sanitized := make([]any, len(val)) for i, item := range val { - if m, ok := item.(map[string]interface{}); ok { + if m, ok := item.(map[string]any); ok { sanitized[i] = sanitizeSchemaForGemini(m) } else { sanitized[i] = item @@ -604,7 +624,9 @@ func createAntigravityTokenSource() func() (string, string, error) { return "", "", fmt.Errorf("loading auth credentials: %w", err) } if cred == nil { - return "", "", fmt.Errorf("no credentials for google-antigravity. Run: picoclaw auth login --provider google-antigravity") + return "", "", fmt.Errorf( + "no credentials for google-antigravity. Run: picoclaw auth login --provider google-antigravity", + ) } // Refresh if needed @@ -625,7 +647,9 @@ func createAntigravityTokenSource() func() (string, string, error) { } if cred.IsExpired() { - return "", "", fmt.Errorf("antigravity credentials expired. Run: picoclaw auth login --provider google-antigravity") + return "", "", fmt.Errorf( + "antigravity credentials expired. Run: picoclaw auth login --provider google-antigravity", + ) } projectID := cred.ProjectID @@ -633,7 +657,7 @@ func createAntigravityTokenSource() func() (string, string, error) { // Try to fetch project ID from API fetchedID, err := FetchAntigravityProjectID(cred.AccessToken) if err != nil { - logger.WarnCF("provider.antigravity", "Could not fetch project ID, using fallback", map[string]interface{}{ + logger.WarnCF("provider.antigravity", "Could not fetch project ID, using fallback", map[string]any{ "error": err.Error(), }) projectID = "rising-fact-p41fc" // Default fallback (same as OpenCode) @@ -650,8 +674,8 @@ func createAntigravityTokenSource() func() (string, string, error) { // FetchAntigravityProjectID retrieves the Google Cloud project ID from the loadCodeAssist endpoint. func FetchAntigravityProjectID(accessToken string) (string, error) { - reqBody, _ := json.Marshal(map[string]interface{}{ - "metadata": map[string]interface{}{ + reqBody, _ := json.Marshal(map[string]any{ + "metadata": map[string]any{ "ideType": "IDE_UNSPECIFIED", "platform": "PLATFORM_UNSPECIFIED", "pluginType": "GEMINI", @@ -695,7 +719,7 @@ func FetchAntigravityProjectID(accessToken string) (string, error) { // FetchAntigravityModels fetches available models from the Cloud Code Assist API. func FetchAntigravityModels(accessToken, projectID string) ([]AntigravityModelInfo, error) { - reqBody, _ := json.Marshal(map[string]interface{}{ + reqBody, _ := json.Marshal(map[string]any{ "project": projectID, }) @@ -717,16 +741,20 @@ func FetchAntigravityModels(accessToken, projectID string) ([]AntigravityModelIn body, _ := io.ReadAll(resp.Body) if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("fetchAvailableModels failed (HTTP %d): %s", resp.StatusCode, truncateString(string(body), 200)) + return nil, fmt.Errorf( + "fetchAvailableModels failed (HTTP %d): %s", + resp.StatusCode, + truncateString(string(body), 200), + ) } var result struct { Models map[string]struct { DisplayName string `json:"displayName"` QuotaInfo struct { - RemainingFraction interface{} `json:"remainingFraction"` - ResetTime string `json:"resetTime"` - IsExhausted bool `json:"isExhausted"` + RemainingFraction any `json:"remainingFraction"` + ResetTime string `json:"resetTime"` + IsExhausted bool `json:"isExhausted"` } `json:"quotaInfo"` } `json:"models"` } @@ -797,10 +825,10 @@ func randomString(n int) string { func (p *AntigravityProvider) parseAntigravityError(statusCode int, body []byte) error { var errResp struct { Error struct { - Code int `json:"code"` - Message string `json:"message"` - Status string `json:"status"` - Details []map[string]interface{} `json:"details"` + Code int `json:"code"` + Message string `json:"message"` + Status string `json:"status"` + Details []map[string]any `json:"details"` } `json:"error"` } @@ -813,7 +841,7 @@ func (p *AntigravityProvider) parseAntigravityError(statusCode int, body []byte) // Try to extract quota reset info for _, detail := range errResp.Error.Details { if typeVal, ok := detail["@type"].(string); ok && strings.HasSuffix(typeVal, "ErrorInfo") { - if metadata, ok := detail["metadata"].(map[string]interface{}); ok { + if metadata, ok := detail["metadata"].(map[string]any); ok { if delay, ok := metadata["quotaResetDelay"].(string); ok { return fmt.Errorf("antigravity rate limit exceeded: %s (reset in %s)", msg, delay) } diff --git a/pkg/providers/claude_provider_test.go b/pkg/providers/claude_provider_test.go index b1bcd8b40..98e07bb80 100644 --- a/pkg/providers/claude_provider_test.go +++ b/pkg/providers/claude_provider_test.go @@ -8,6 +8,7 @@ import ( "github.com/anthropics/anthropic-sdk-go" anthropicoption "github.com/anthropics/anthropic-sdk-go/option" + anthropicprovider "github.com/sipeed/picoclaw/pkg/providers/anthropic" ) @@ -22,19 +23,19 @@ func TestClaudeProvider_ChatRoundTrip(t *testing.T) { return } - var reqBody map[string]interface{} + var reqBody map[string]any json.NewDecoder(r.Body).Decode(&reqBody) - resp := map[string]interface{}{ + resp := map[string]any{ "id": "msg_test", "type": "message", "role": "assistant", "model": reqBody["model"], "stop_reason": "end_turn", - "content": []map[string]interface{}{ + "content": []map[string]any{ {"type": "text", "text": "Hello! How can I help you?"}, }, - "usage": map[string]interface{}{ + "usage": map[string]any{ "input_tokens": 15, "output_tokens": 8, }, @@ -48,7 +49,7 @@ func TestClaudeProvider_ChatRoundTrip(t *testing.T) { provider := newClaudeProviderWithDelegate(delegate) messages := []Message{{Role: "user", Content: "Hello"}} - resp, err := provider.Chat(t.Context(), messages, nil, "claude-sonnet-4.6", map[string]interface{}{"max_tokens": 1024}) + resp, err := provider.Chat(t.Context(), messages, nil, "claude-sonnet-4.6", map[string]any{"max_tokens": 1024}) if err != nil { t.Fatalf("Chat() error: %v", err) } diff --git a/pkg/providers/http_provider.go b/pkg/providers/http_provider.go index eeaa9690a..d0c4344f3 100644 --- a/pkg/providers/http_provider.go +++ b/pkg/providers/http_provider.go @@ -28,7 +28,13 @@ func NewHTTPProviderWithMaxTokensField(apiKey, apiBase, proxy, maxTokensField st } } -func (p *HTTPProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *HTTPProvider) Chat( + ctx context.Context, + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, +) (*LLMResponse, error) { return p.delegate.Chat(ctx, messages, tools, model, options) } diff --git a/pkg/providers/openai_compat/provider.go b/pkg/providers/openai_compat/provider.go index 6bc43a470..b8528953a 100644 --- a/pkg/providers/openai_compat/provider.go +++ b/pkg/providers/openai_compat/provider.go @@ -15,15 +15,17 @@ import ( "github.com/sipeed/picoclaw/pkg/providers/protocoltypes" ) -type ToolCall = protocoltypes.ToolCall -type FunctionCall = protocoltypes.FunctionCall -type LLMResponse = protocoltypes.LLMResponse -type UsageInfo = protocoltypes.UsageInfo -type Message = protocoltypes.Message -type ToolDefinition = protocoltypes.ToolDefinition -type ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition -type ExtraContent = protocoltypes.ExtraContent -type GoogleExtra = protocoltypes.GoogleExtra +type ( + ToolCall = protocoltypes.ToolCall + FunctionCall = protocoltypes.FunctionCall + LLMResponse = protocoltypes.LLMResponse + UsageInfo = protocoltypes.UsageInfo + Message = protocoltypes.Message + ToolDefinition = protocoltypes.ToolDefinition + ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition + ExtraContent = protocoltypes.ExtraContent + GoogleExtra = protocoltypes.GoogleExtra +) type Provider struct { apiKey string @@ -60,14 +62,20 @@ func NewProviderWithMaxTokensField(apiKey, apiBase, proxy, maxTokensField string } } -func (p *Provider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *Provider) Chat( + ctx context.Context, + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, +) (*LLMResponse, error) { if p.apiBase == "" { return nil, fmt.Errorf("API base not configured") } model = normalizeModel(model, p.apiBase) - requestBody := map[string]interface{}{ + requestBody := map[string]any{ "model": model, "messages": messages, } @@ -83,7 +91,8 @@ func (p *Provider) Chat(ctx context.Context, messages []Message, tools []ToolDef if fieldName == "" { // Fallback: detect from model name for backward compatibility lowerModel := strings.ToLower(model) - if strings.Contains(lowerModel, "glm") || strings.Contains(lowerModel, "o1") || strings.Contains(lowerModel, "gpt-5") { + if strings.Contains(lowerModel, "glm") || strings.Contains(lowerModel, "o1") || + strings.Contains(lowerModel, "gpt-5") { fieldName = "max_completion_tokens" } else { fieldName = "max_tokens" @@ -173,7 +182,7 @@ func parseResponse(body []byte) (*LLMResponse, error) { choice := apiResponse.Choices[0] toolCalls := make([]ToolCall, 0, len(choice.Message.ToolCalls)) for _, tc := range choice.Message.ToolCalls { - arguments := make(map[string]interface{}) + arguments := make(map[string]any) name := "" // Extract thought_signature from Gemini/Google-specific extra content @@ -238,7 +247,7 @@ func normalizeModel(model, apiBase string) string { } } -func asInt(v interface{}) (int, bool) { +func asInt(v any) (int, bool) { switch val := v.(type) { case int: return val, true @@ -253,7 +262,7 @@ func asInt(v interface{}) (int, bool) { } } -func asFloat(v interface{}) (float64, bool) { +func asFloat(v any) (float64, bool) { switch val := v.(type) { case float64: return val, true diff --git a/pkg/providers/protocoltypes/types.go b/pkg/providers/protocoltypes/types.go index b7e7062b9..3a089ca47 100644 --- a/pkg/providers/protocoltypes/types.go +++ b/pkg/providers/protocoltypes/types.go @@ -1,13 +1,13 @@ package protocoltypes type ToolCall struct { - ID string `json:"id"` - Type string `json:"type,omitempty"` - Function *FunctionCall `json:"function,omitempty"` - Name string `json:"name,omitempty"` - Arguments map[string]interface{} `json:"arguments,omitempty"` - ThoughtSignature string `json:"-"` // Internal use only - ExtraContent *ExtraContent `json:"extra_content,omitempty"` + ID string `json:"id"` + Type string `json:"type,omitempty"` + Function *FunctionCall `json:"function,omitempty"` + Name string `json:"name,omitempty"` + Arguments map[string]any `json:"arguments,omitempty"` + ThoughtSignature string `json:"-"` // Internal use only + ExtraContent *ExtraContent `json:"extra_content,omitempty"` } type ExtraContent struct { @@ -50,7 +50,7 @@ type ToolDefinition struct { } type ToolFunctionDefinition struct { - Name string `json:"name"` - Description string `json:"description"` - Parameters map[string]interface{} `json:"parameters"` + Name string `json:"name"` + Description string `json:"description"` + Parameters map[string]any `json:"parameters"` } diff --git a/pkg/providers/toolcall_utils.go b/pkg/providers/toolcall_utils.go index c7c35ef42..49218b1b1 100644 --- a/pkg/providers/toolcall_utils.go +++ b/pkg/providers/toolcall_utils.go @@ -20,12 +20,12 @@ func NormalizeToolCall(tc ToolCall) ToolCall { // Ensure Arguments is not nil if normalized.Arguments == nil { - normalized.Arguments = map[string]interface{}{} + normalized.Arguments = map[string]any{} } // Parse Arguments from Function.Arguments if not already set if len(normalized.Arguments) == 0 && normalized.Function != nil && normalized.Function.Arguments != "" { - var parsed map[string]interface{} + var parsed map[string]any if err := json.Unmarshal([]byte(normalized.Function.Arguments), &parsed); err == nil && parsed != nil { normalized.Arguments = parsed } diff --git a/pkg/providers/types.go b/pkg/providers/types.go index e783e6348..f711e7803 100644 --- a/pkg/providers/types.go +++ b/pkg/providers/types.go @@ -7,18 +7,26 @@ import ( "github.com/sipeed/picoclaw/pkg/providers/protocoltypes" ) -type ToolCall = protocoltypes.ToolCall -type FunctionCall = protocoltypes.FunctionCall -type LLMResponse = protocoltypes.LLMResponse -type UsageInfo = protocoltypes.UsageInfo -type Message = protocoltypes.Message -type ToolDefinition = protocoltypes.ToolDefinition -type ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition -type ExtraContent = protocoltypes.ExtraContent -type GoogleExtra = protocoltypes.GoogleExtra +type ( + ToolCall = protocoltypes.ToolCall + FunctionCall = protocoltypes.FunctionCall + LLMResponse = protocoltypes.LLMResponse + UsageInfo = protocoltypes.UsageInfo + Message = protocoltypes.Message + ToolDefinition = protocoltypes.ToolDefinition + ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition + ExtraContent = protocoltypes.ExtraContent + GoogleExtra = protocoltypes.GoogleExtra +) type LLMProvider interface { - Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) + Chat( + ctx context.Context, + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, + ) (*LLMResponse, error) GetDefaultModel() string } diff --git a/pkg/skills/clawhub_registry.go b/pkg/skills/clawhub_registry.go index e2a940afd..f78197bbe 100644 --- a/pkg/skills/clawhub_registry.go +++ b/pkg/skills/clawhub_registry.go @@ -214,7 +214,10 @@ func (c *ClawHubRegistry) GetSkillMeta(ctx context.Context, slug string) (*Skill // DownloadAndInstall fetches metadata (with fallback), resolves version, // downloads the skill ZIP, and extracts it to targetDir. // Returns an InstallResult for the caller to use for moderation decisions. -func (c *ClawHubRegistry) DownloadAndInstall(ctx context.Context, slug, version, targetDir string) (*InstallResult, error) { +func (c *ClawHubRegistry) DownloadAndInstall( + ctx context.Context, + slug, version, targetDir string, +) (*InstallResult, error) { if err := utils.ValidateSkillIdentifier(slug); err != nil { return nil, fmt.Errorf("invalid slug %q: error: %s", slug, err.Error()) } diff --git a/pkg/skills/clawhub_registry_test.go b/pkg/skills/clawhub_registry_test.go index d12e19504..65ee638da 100644 --- a/pkg/skills/clawhub_registry_test.go +++ b/pkg/skills/clawhub_registry_test.go @@ -11,9 +11,10 @@ import ( "path/filepath" "testing" - "github.com/sipeed/picoclaw/pkg/utils" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/sipeed/picoclaw/pkg/utils" ) func newTestRegistry(serverURL, authToken string) *ClawHubRegistry { @@ -162,7 +163,7 @@ func TestExtractZipPathTraversal(t *testing.T) { // Write to temp file for extractZipFile. tmpZip := filepath.Join(t.TempDir(), "bad.zip") - require.NoError(t, os.WriteFile(tmpZip, buf.Bytes(), 0644)) + require.NoError(t, os.WriteFile(tmpZip, buf.Bytes(), 0o644)) tmpDir := t.TempDir() err = utils.ExtractZipFile(tmpZip, tmpDir) @@ -179,7 +180,7 @@ func TestExtractZipWithSubdirectories(t *testing.T) { // Write to temp file for extractZipFile. tmpZip := filepath.Join(t.TempDir(), "test.zip") - require.NoError(t, os.WriteFile(tmpZip, zipBuf, 0644)) + require.NoError(t, os.WriteFile(tmpZip, zipBuf, 0o644)) tmpDir := t.TempDir() targetDir := filepath.Join(tmpDir, "my-skill") diff --git a/pkg/skills/registry_test.go b/pkg/skills/registry_test.go index daecd5a59..a4694bd43 100644 --- a/pkg/skills/registry_test.go +++ b/pkg/skills/registry_test.go @@ -6,8 +6,9 @@ import ( "testing" "time" - "github.com/sipeed/picoclaw/pkg/utils" "github.com/stretchr/testify/assert" + + "github.com/sipeed/picoclaw/pkg/utils" ) // mockRegistry is a test double implementing SkillRegistry. diff --git a/pkg/tools/shell_timeout_unix_test.go b/pkg/tools/shell_timeout_unix_test.go index 4c6388b9b..04ef8e441 100644 --- a/pkg/tools/shell_timeout_unix_test.go +++ b/pkg/tools/shell_timeout_unix_test.go @@ -25,7 +25,7 @@ func TestShellTool_TimeoutKillsChildProcess(t *testing.T) { tool := NewExecTool(t.TempDir(), false) tool.SetTimeout(500 * time.Millisecond) - args := map[string]interface{}{ + args := map[string]any{ // Spawn a child process that would outlive the shell unless process-group kill is used. "command": "sleep 60 & echo $! > child.pid; wait", } diff --git a/pkg/tools/skills_install.go b/pkg/tools/skills_install.go index 6b05918ce..55c0b678d 100644 --- a/pkg/tools/skills_install.go +++ b/pkg/tools/skills_install.go @@ -42,23 +42,23 @@ func (t *InstallSkillTool) Description() string { return "Install a skill from a registry by slug. Downloads and extracts the skill into the workspace. Use find_skills first to discover available skills." } -func (t *InstallSkillTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *InstallSkillTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "slug": map[string]interface{}{ + "properties": map[string]any{ + "slug": map[string]any{ "type": "string", "description": "The unique slug of the skill to install (e.g., 'github', 'docker-compose')", }, - "version": map[string]interface{}{ + "version": map[string]any{ "type": "string", "description": "Specific version to install (optional, defaults to latest)", }, - "registry": map[string]interface{}{ + "registry": map[string]any{ "type": "string", "description": "Registry to install from (required, e.g., 'clawhub')", }, - "force": map[string]interface{}{ + "force": map[string]any{ "type": "boolean", "description": "Force reinstall if skill already exists (default false)", }, @@ -67,7 +67,7 @@ func (t *InstallSkillTool) Parameters() map[string]interface{} { } } -func (t *InstallSkillTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *InstallSkillTool) Execute(ctx context.Context, args map[string]any) *ToolResult { // Install lock to prevent concurrent directory operations. // Ideally this should be done at a `slug` level, currently, its at a `workspace` level. t.mu.Lock() @@ -94,7 +94,9 @@ func (t *InstallSkillTool) Execute(ctx context.Context, args map[string]interfac if !force { if _, err := os.Stat(targetDir); err == nil { - return ErrorResult(fmt.Sprintf("skill %q already installed at %s. Use force=true to reinstall.", slug, targetDir)) + return ErrorResult( + fmt.Sprintf("skill %q already installed at %s. Use force=true to reinstall.", slug, targetDir), + ) } } else { // Force: remove existing if present. @@ -108,7 +110,7 @@ func (t *InstallSkillTool) Execute(ctx context.Context, args map[string]interfac } // Ensure skills directory exists. - if err := os.MkdirAll(skillsDir, 0755); err != nil { + if err := os.MkdirAll(skillsDir, 0o755); err != nil { return ErrorResult(fmt.Sprintf("failed to create skills directory: %v", err)) } @@ -119,7 +121,7 @@ func (t *InstallSkillTool) Execute(ctx context.Context, args map[string]interfac rmErr := os.RemoveAll(targetDir) if rmErr != nil { logger.ErrorCF("tool", "Failed to remove partial install", - map[string]interface{}{ + map[string]any{ "tool": "install_skill", "target_dir": targetDir, "error": rmErr.Error(), @@ -133,7 +135,7 @@ func (t *InstallSkillTool) Execute(ctx context.Context, args map[string]interfac rmErr := os.RemoveAll(targetDir) if rmErr != nil { logger.ErrorCF("tool", "Failed to remove partial install", - map[string]interface{}{ + map[string]any{ "tool": "install_skill", "target_dir": targetDir, "error": rmErr.Error(), @@ -145,7 +147,7 @@ func (t *InstallSkillTool) Execute(ctx context.Context, args map[string]interfac // Write origin metadata. if err := writeOriginMeta(targetDir, registry.Name(), slug, result.Version); err != nil { logger.ErrorCF("tool", "Failed to write origin metadata", - map[string]interface{}{ + map[string]any{ "tool": "install_skill", "error": err.Error(), "target": targetDir, @@ -195,5 +197,5 @@ func writeOriginMeta(targetDir, registryName, slug, version string) error { return err } - return os.WriteFile(filepath.Join(targetDir, ".skill-origin.json"), data, 0644) + return os.WriteFile(filepath.Join(targetDir, ".skill-origin.json"), data, 0o644) } diff --git a/pkg/tools/skills_install_test.go b/pkg/tools/skills_install_test.go index e6941a950..676fcecc0 100644 --- a/pkg/tools/skills_install_test.go +++ b/pkg/tools/skills_install_test.go @@ -6,9 +6,10 @@ import ( "path/filepath" "testing" - "github.com/sipeed/picoclaw/pkg/skills" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + + "github.com/sipeed/picoclaw/pkg/skills" ) func TestInstallSkillToolName(t *testing.T) { @@ -18,14 +19,14 @@ func TestInstallSkillToolName(t *testing.T) { func TestInstallSkillToolMissingSlug(t *testing.T) { tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) - result := tool.Execute(context.Background(), map[string]interface{}{}) + result := tool.Execute(context.Background(), map[string]any{}) assert.True(t, result.IsError) assert.Contains(t, result.ForLLM, "identifier is required and must be a non-empty string") } func TestInstallSkillToolEmptySlug(t *testing.T) { tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "slug": " ", }) assert.True(t, result.IsError) @@ -42,7 +43,7 @@ func TestInstallSkillToolUnsafeSlug(t *testing.T) { } for _, slug := range cases { - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "slug": slug, }) assert.True(t, result.IsError, "slug %q should be rejected", slug) @@ -53,10 +54,10 @@ func TestInstallSkillToolUnsafeSlug(t *testing.T) { func TestInstallSkillToolAlreadyExists(t *testing.T) { workspace := t.TempDir() skillDir := filepath.Join(workspace, "skills", "existing-skill") - require.NoError(t, os.MkdirAll(skillDir, 0755)) + require.NoError(t, os.MkdirAll(skillDir, 0o755)) tool := NewInstallSkillTool(skills.NewRegistryManager(), workspace) - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "slug": "existing-skill", "registry": "clawhub", }) @@ -67,7 +68,7 @@ func TestInstallSkillToolAlreadyExists(t *testing.T) { func TestInstallSkillToolRegistryNotFound(t *testing.T) { workspace := t.TempDir() tool := NewInstallSkillTool(skills.NewRegistryManager(), workspace) - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "slug": "some-skill", "registry": "nonexistent", }) @@ -80,7 +81,7 @@ func TestInstallSkillToolParameters(t *testing.T) { tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) params := tool.Parameters() - props, ok := params["properties"].(map[string]interface{}) + props, ok := params["properties"].(map[string]any) assert.True(t, ok) assert.Contains(t, props, "slug") assert.Contains(t, props, "version") @@ -95,7 +96,7 @@ func TestInstallSkillToolParameters(t *testing.T) { func TestInstallSkillToolMissingRegistry(t *testing.T) { tool := NewInstallSkillTool(skills.NewRegistryManager(), t.TempDir()) - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "slug": "some-skill", }) assert.True(t, result.IsError) diff --git a/pkg/tools/skills_search.go b/pkg/tools/skills_search.go index b12949ec2..2b6cffd38 100644 --- a/pkg/tools/skills_search.go +++ b/pkg/tools/skills_search.go @@ -32,15 +32,15 @@ func (t *FindSkillsTool) Description() string { return "Search for installable skills from skill registries. Returns skill slugs, descriptions, versions, and relevance scores. Use this to discover skills before installing them with install_skill." } -func (t *FindSkillsTool) Parameters() map[string]interface{} { - return map[string]interface{}{ +func (t *FindSkillsTool) Parameters() map[string]any { + return map[string]any{ "type": "object", - "properties": map[string]interface{}{ - "query": map[string]interface{}{ + "properties": map[string]any{ + "query": map[string]any{ "type": "string", "description": "Search query describing the desired skill capability (e.g., 'github integration', 'database management')", }, - "limit": map[string]interface{}{ + "limit": map[string]any{ "type": "integer", "description": "Maximum number of results to return (1-20, default 5)", "minimum": 1.0, @@ -51,7 +51,7 @@ func (t *FindSkillsTool) Parameters() map[string]interface{} { } } -func (t *FindSkillsTool) Execute(ctx context.Context, args map[string]interface{}) *ToolResult { +func (t *FindSkillsTool) Execute(ctx context.Context, args map[string]any) *ToolResult { query, ok := args["query"].(string) query = strings.ToLower(strings.TrimSpace(query)) if !ok || query == "" { diff --git a/pkg/tools/skills_search_test.go b/pkg/tools/skills_search_test.go index 7e07b2775..0e5387cf5 100644 --- a/pkg/tools/skills_search_test.go +++ b/pkg/tools/skills_search_test.go @@ -4,8 +4,9 @@ import ( "context" "testing" - "github.com/sipeed/picoclaw/pkg/skills" "github.com/stretchr/testify/assert" + + "github.com/sipeed/picoclaw/pkg/skills" ) func TestFindSkillsToolName(t *testing.T) { @@ -15,14 +16,14 @@ func TestFindSkillsToolName(t *testing.T) { func TestFindSkillsToolMissingQuery(t *testing.T) { tool := NewFindSkillsTool(skills.NewRegistryManager(), nil) - result := tool.Execute(context.Background(), map[string]interface{}{}) + result := tool.Execute(context.Background(), map[string]any{}) assert.True(t, result.IsError) assert.Contains(t, result.ForLLM, "query is required") } func TestFindSkillsToolEmptyQuery(t *testing.T) { tool := NewFindSkillsTool(skills.NewRegistryManager(), nil) - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "query": " ", }) assert.True(t, result.IsError) @@ -35,7 +36,7 @@ func TestFindSkillsToolCacheHit(t *testing.T) { }) tool := NewFindSkillsTool(skills.NewRegistryManager(), cache) - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "query": "github", }) @@ -48,7 +49,7 @@ func TestFindSkillsToolParameters(t *testing.T) { tool := NewFindSkillsTool(skills.NewRegistryManager(), nil) params := tool.Parameters() - props, ok := params["properties"].(map[string]interface{}) + props, ok := params["properties"].(map[string]any) assert.True(t, ok) assert.Contains(t, props, "query") assert.Contains(t, props, "limit") @@ -71,7 +72,14 @@ func TestFormatSearchResultsEmpty(t *testing.T) { func TestFormatSearchResultsWithData(t *testing.T) { results := []skills.SearchResult{ - {Slug: "github", Score: 0.95, DisplayName: "GitHub", Summary: "GitHub API integration", Version: "1.0.0", RegistryName: "clawhub"}, + { + Slug: "github", + Score: 0.95, + DisplayName: "GitHub", + Summary: "GitHub API integration", + Version: "1.0.0", + RegistryName: "clawhub", + }, } output := formatSearchResults("github", results, false) assert.Contains(t, output, "github") diff --git a/pkg/utils/download.go b/pkg/utils/download.go index 9fa7fbfa7..5d9a13a30 100644 --- a/pkg/utils/download.go +++ b/pkg/utils/download.go @@ -27,7 +27,7 @@ func DownloadToFile(ctx context.Context, client *http.Client, req *http.Request, // Attach context. req = req.WithContext(ctx) - logger.DebugCF("download", "Starting download", map[string]interface{}{ + logger.DebugCF("download", "Starting download", map[string]any{ "url": req.URL.String(), "max_bytes": maxBytes, }) @@ -52,7 +52,7 @@ func DownloadToFile(ctx context.Context, client *http.Client, req *http.Request, } tmpPath := tmpFile.Name() - logger.DebugCF("download", "Streaming to temp file", map[string]interface{}{ + logger.DebugCF("download", "Streaming to temp file", map[string]any{ "path": tmpPath, }) @@ -84,7 +84,7 @@ func DownloadToFile(ctx context.Context, client *http.Client, req *http.Request, return "", fmt.Errorf("failed to close temp file: %w", err) } - logger.DebugCF("download", "Download complete", map[string]interface{}{ + logger.DebugCF("download", "Download complete", map[string]any{ "path": tmpPath, "bytes_written": written, }) diff --git a/pkg/utils/zip.go b/pkg/utils/zip.go index cad91e420..919ce5a20 100644 --- a/pkg/utils/zip.go +++ b/pkg/utils/zip.go @@ -22,13 +22,13 @@ func ExtractZipFile(zipPath string, targetDir string) error { } defer reader.Close() - logger.DebugCF("zip", "Extracting ZIP", map[string]interface{}{ + logger.DebugCF("zip", "Extracting ZIP", map[string]any{ "zip_path": zipPath, "target_dir": targetDir, "entries": len(reader.File), }) - if err := os.MkdirAll(targetDir, 0755); err != nil { + if err := os.MkdirAll(targetDir, 0o755); err != nil { return fmt.Errorf("failed to create target dir: %w", err) } @@ -43,7 +43,8 @@ func ExtractZipFile(zipPath string, targetDir string) error { // Double-check the resolved path is within target directory (defense-in-depth). targetDirClean := filepath.Clean(targetDir) - if !strings.HasPrefix(filepath.Clean(destPath), targetDirClean+string(filepath.Separator)) && filepath.Clean(destPath) != targetDirClean { + if !strings.HasPrefix(filepath.Clean(destPath), targetDirClean+string(filepath.Separator)) && + filepath.Clean(destPath) != targetDirClean { return fmt.Errorf("zip entry escapes target dir: %q", f.Name) } @@ -55,14 +56,14 @@ func ExtractZipFile(zipPath string, targetDir string) error { } if f.FileInfo().IsDir() { - if err := os.MkdirAll(destPath, 0755); err != nil { + if err := os.MkdirAll(destPath, 0o755); err != nil { return err } continue } // Ensure parent directory exists. - if err := os.MkdirAll(filepath.Dir(destPath), 0755); err != nil { + if err := os.MkdirAll(filepath.Dir(destPath), 0o755); err != nil { return err } @@ -98,7 +99,7 @@ func extractSingleFile(f *zip.File, destPath string) error { defer func() { if cerr := outFile.Close(); cerr != nil { _ = os.Remove(destPath) - logger.ErrorCF("zip", "Failed to close file", map[string]interface{}{ + logger.ErrorCF("zip", "Failed to close file", map[string]any{ "dest_path": destPath, "error": cerr.Error(), }) From 5ca239b5c502df157ed54774aa46a6c9e3fed1ff Mon Sep 17 00:00:00 2001 From: harshbansal7 Date: Sat, 21 Feb 2026 01:02:35 +0530 Subject: [PATCH 16/88] fix --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d7d8be80b..7bc7b1089 100644 --- a/README.md +++ b/README.md @@ -243,7 +243,7 @@ picoclaw onboard } ``` -> **New**: The `model_list` configuration format allows zero-code provider addition. See [Model Configuration](#-model-configuration) for details. +> **New**: The `model_list` configuration format allows zero-code provider addition. See [Model Configuration](#model-configuration-model_list) for details. **3. Get API Keys** From 123cffa85a1d69c5489a46e4a8f49630f130df03 Mon Sep 17 00:00:00 2001 From: harshbansal7 Date: Sat, 21 Feb 2026 01:04:48 +0530 Subject: [PATCH 17/88] fix 2 --- README.zh.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.zh.md b/README.zh.md index 0989770ca..ab896b6c0 100644 --- a/README.zh.md +++ b/README.zh.md @@ -256,7 +256,7 @@ picoclaw onboard ``` -> **ę–°åŠŸčƒ½**: `model_list` 配ē½®ę ¼å¼ę”ÆęŒé›¶ä»£ē ę·»åŠ  provider怂čÆ¦č§[ęؔ型配ē½®](#-ęؔ型配ē½®-model_list)ē« čŠ‚怂 +> **ę–°åŠŸčƒ½**: `model_list` 配ē½®ę ¼å¼ę”ÆęŒé›¶ä»£ē ę·»åŠ  provider怂čÆ¦č§[ęؔ型配ē½®](#ęؔ型配ē½®-model_list)ē« čŠ‚怂 **3. čŽ·å– API Key** From c2ace2561cfae81839e977f90da7e29017d7b8e7 Mon Sep 17 00:00:00 2001 From: Artem Yadelskyi Date: Fri, 20 Feb 2026 22:09:36 +0200 Subject: [PATCH 18/88] feat(ci): Remove fmt from build step --- .github/workflows/build.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 499613625..9b89b69ae 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,7 +2,7 @@ name: build on: push: - branches: ["main"] + branches: [ "main" ] jobs: build: @@ -16,10 +16,5 @@ jobs: with: go-version-file: go.mod - - name: fmt - run: | - make fmt - git diff --exit-code || (echo "::error::Code is not formatted. Run 'make fmt' and commit the changes." && exit 1) - - name: Build run: make build-all From 02b4d9fbe2dea85fb032ceba7d4c64f1499ba95a Mon Sep 17 00:00:00 2001 From: Artem Yadelskyi Date: Fri, 20 Feb 2026 22:35:16 +0200 Subject: [PATCH 19/88] feat(linter): Fix govet linter --- .github/workflows/pr.yml | 19 ------------------- .golangci.yaml | 1 - cmd/picoclaw/cmd_auth.go | 6 +++--- cmd/picoclaw/cmd_gateway.go | 3 ++- cmd/picoclaw/cmd_skills.go | 4 ++-- pkg/channels/telegram.go | 4 ++-- pkg/channels/wecom.go | 2 +- pkg/channels/wecom_app.go | 2 +- pkg/channels/wecom_app_test.go | 13 ------------- pkg/channels/wecom_test.go | 4 +--- pkg/migrate/migrate.go | 2 +- pkg/migrate/migrate_test.go | 10 +++++----- pkg/providers/codex_cli_credentials.go | 2 +- pkg/tools/edit.go | 2 +- pkg/tools/filesystem.go | 8 +++++--- pkg/tools/i2c_linux.go | 2 +- pkg/voice/transcriber.go | 6 +++--- 17 files changed, 29 insertions(+), 61 deletions(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 27782ced2..be1c10c52 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -24,25 +24,6 @@ jobs: with: version: v2.10.1 - # TODO: Remove once linter is properly configured - vet: - name: Vet - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v6 - - - name: Setup Go - uses: actions/setup-go@v6 - with: - go-version-file: go.mod - - - name: Run go generate - run: go generate ./... - - - name: Run go vet - run: go vet ./... - test: name: Tests runs-on: ubuntu-latest diff --git a/.golangci.yaml b/.golangci.yaml index 6dafb6b56..d45d69e67 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -47,7 +47,6 @@ linters: - godox - goprintffuncname - gosec - - govet - ineffassign - lll - maintidx diff --git a/cmd/picoclaw/cmd_auth.go b/cmd/picoclaw/cmd_auth.go index 5bed7f116..729c56177 100644 --- a/cmd/picoclaw/cmd_auth.go +++ b/cmd/picoclaw/cmd_auth.go @@ -114,7 +114,7 @@ func authLoginOpenAI(useDeviceCode bool) { os.Exit(1) } - if err := auth.SetCredential("openai", cred); err != nil { + if err = auth.SetCredential("openai", cred); err != nil { fmt.Printf("Failed to save credentials: %v\n", err) os.Exit(1) } @@ -188,7 +188,7 @@ func authLoginGoogleAntigravity() { fmt.Printf("Project: %s\n", projectID) } - if err := auth.SetCredential("google-antigravity", cred); err != nil { + if err = auth.SetCredential("google-antigravity", cred); err != nil { fmt.Printf("Failed to save credentials: %v\n", err) os.Exit(1) } @@ -265,7 +265,7 @@ func authLoginPasteToken(provider string) { os.Exit(1) } - if err := auth.SetCredential(provider, cred); err != nil { + if err = auth.SetCredential(provider, cred); err != nil { fmt.Printf("Failed to save credentials: %v\n", err) os.Exit(1) } diff --git a/cmd/picoclaw/cmd_gateway.go b/cmd/picoclaw/cmd_gateway.go index 00ec0f96d..9a3b6aa19 100644 --- a/cmd/picoclaw/cmd_gateway.go +++ b/cmd/picoclaw/cmd_gateway.go @@ -98,7 +98,8 @@ func gatewayCmd() { channel, chatID = "cli", "direct" } // Use ProcessHeartbeat - no session history, each heartbeat is independent - response, err := agentLoop.ProcessHeartbeat(context.Background(), prompt, channel, chatID) + var response string + response, err = agentLoop.ProcessHeartbeat(context.Background(), prompt, channel, chatID) if err != nil { return tools.ErrorResult(fmt.Sprintf("Heartbeat error: %v", err)) } diff --git a/cmd/picoclaw/cmd_skills.go b/cmd/picoclaw/cmd_skills.go index 2dd46756a..0814494b3 100644 --- a/cmd/picoclaw/cmd_skills.go +++ b/cmd/picoclaw/cmd_skills.go @@ -118,7 +118,7 @@ func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) { workspace := cfg.WorkspacePath() targetDir := filepath.Join(workspace, "skills", slug) - if _, err := os.Stat(targetDir); err == nil { + if _, err = os.Stat(targetDir); err == nil { fmt.Printf("\u2717 Skill '%s' already installed at %s\n", slug, targetDir) os.Exit(1) } @@ -126,7 +126,7 @@ func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) { ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second) defer cancel() - if err := os.MkdirAll(filepath.Join(workspace, "skills"), 0o755); err != nil { + if err = os.MkdirAll(filepath.Join(workspace, "skills"), 0o755); err != nil { fmt.Printf("\u2717 Failed to create skills directory: %v\n", err) os.Exit(1) } diff --git a/pkg/channels/telegram.go b/pkg/channels/telegram.go index 2a971e147..a0a1c8d0a 100644 --- a/pkg/channels/telegram.go +++ b/pkg/channels/telegram.go @@ -267,10 +267,10 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes transcribedText := "" if c.transcriber != nil && c.transcriber.IsAvailable() { - ctx, cancel := context.WithTimeout(ctx, 30*time.Second) + transcriberCtx, cancel := context.WithTimeout(ctx, 30*time.Second) defer cancel() - result, err := c.transcriber.Transcribe(ctx, voicePath) + result, err := c.transcriber.Transcribe(transcriberCtx, voicePath) if err != nil { logger.ErrorCF("telegram", "Voice transcription failed", map[string]any{ "error": err.Error(), diff --git a/pkg/channels/wecom.go b/pkg/channels/wecom.go index 07bd8488c..f8daf89de 100644 --- a/pkg/channels/wecom.go +++ b/pkg/channels/wecom.go @@ -272,7 +272,7 @@ func (c *WeComBotChannel) handleMessageCallback(ctx context.Context, w http.Resp AgentID string `xml:"AgentID"` } - if err := xml.Unmarshal(body, &encryptedMsg); err != nil { + if err = xml.Unmarshal(body, &encryptedMsg); err != nil { logger.ErrorCF("wecom", "Failed to parse XML", map[string]any{ "error": err.Error(), }) diff --git a/pkg/channels/wecom_app.go b/pkg/channels/wecom_app.go index 878504106..715c48707 100644 --- a/pkg/channels/wecom_app.go +++ b/pkg/channels/wecom_app.go @@ -348,7 +348,7 @@ func (c *WeComAppChannel) handleMessageCallback(ctx context.Context, w http.Resp AgentID string `xml:"AgentID"` } - if err := xml.Unmarshal(body, &encryptedMsg); err != nil { + if err = xml.Unmarshal(body, &encryptedMsg); err != nil { logger.ErrorCF("wecom_app", "Failed to parse XML", map[string]any{ "error": err.Error(), }) diff --git a/pkg/channels/wecom_app_test.go b/pkg/channels/wecom_app_test.go index 6778520f3..abf15c52b 100644 --- a/pkg/channels/wecom_app_test.go +++ b/pkg/channels/wecom_app_test.go @@ -852,19 +852,6 @@ func TestWeComAppMessageStructures(t *testing.T) { } }) - t.Run("WeComImageMessage structure", func(t *testing.T) { - msg := WeComImageMessage{ - ToUser: "user123", - MsgType: "image", - AgentID: 1000002, - } - msg.Image.MediaID = "media_123456" - - if msg.Image.MediaID != "media_123456" { - t.Errorf("Image.MediaID = %q, want %q", msg.Image.MediaID, "media_123456") - } - }) - t.Run("WeComAccessTokenResponse structure", func(t *testing.T) { jsonData := `{ "errcode": 0, diff --git a/pkg/channels/wecom_test.go b/pkg/channels/wecom_test.go index 53cde2693..8afa7e8c3 100644 --- a/pkg/channels/wecom_test.go +++ b/pkg/channels/wecom_test.go @@ -198,10 +198,8 @@ func TestWeComBotVerifySignature(t *testing.T) { Token: "", WebhookURL: "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=test", } - base := NewBaseChannel("wecom", cfgEmpty, msgBus, cfgEmpty.AllowFrom) chEmpty := &WeComBotChannel{ - BaseChannel: base, - config: cfgEmpty, + config: cfgEmpty, } if !WeComVerifySignature(chEmpty.config.Token, "any_sig", "any_ts", "any_nonce", "any_msg") { diff --git a/pkg/migrate/migrate.go b/pkg/migrate/migrate.go index ab2635890..cfa82b7d7 100644 --- a/pkg/migrate/migrate.go +++ b/pkg/migrate/migrate.go @@ -67,7 +67,7 @@ func Run(opts Options) (*Result, error) { return nil, err } - if _, err := os.Stat(openclawHome); os.IsNotExist(err) { + if _, err = os.Stat(openclawHome); os.IsNotExist(err) { return nil, fmt.Errorf("OpenClaw installation not found at %s", openclawHome) } diff --git a/pkg/migrate/migrate_test.go b/pkg/migrate/migrate_test.go index ccc00f72c..b6b3d70aa 100644 --- a/pkg/migrate/migrate_test.go +++ b/pkg/migrate/migrate_test.go @@ -58,10 +58,10 @@ func TestConvertKeysToSnake(t *testing.T) { t.Fatal("expected map[string]interface{}") } - if _, ok := m["api_key"]; !ok { + if _, ok = m["api_key"]; !ok { t.Error("expected key 'api_key' after conversion") } - if _, ok := m["api_base"]; !ok { + if _, ok = m["api_base"]; !ok { t.Error("expected key 'api_base' after conversion") } @@ -69,10 +69,10 @@ func TestConvertKeysToSnake(t *testing.T) { if !ok { t.Fatal("expected nested map") } - if _, ok := nested["max_tokens"]; !ok { + if _, ok = nested["max_tokens"]; !ok { t.Error("expected key 'max_tokens' in nested map") } - if _, ok := nested["allow_from"]; !ok { + if _, ok = nested["allow_from"]; !ok { t.Error("expected key 'allow_from' in nested map") } @@ -108,7 +108,7 @@ func TestLoadOpenClawConfig(t *testing.T) { if err != nil { t.Fatal(err) } - if err := os.WriteFile(configPath, data, 0o644); err != nil { + if err = os.WriteFile(configPath, data, 0o644); err != nil { t.Fatal(err) } diff --git a/pkg/providers/codex_cli_credentials.go b/pkg/providers/codex_cli_credentials.go index 46ba24b12..40f3ee2a1 100644 --- a/pkg/providers/codex_cli_credentials.go +++ b/pkg/providers/codex_cli_credentials.go @@ -31,7 +31,7 @@ func ReadCodexCliCredentials() (accessToken, accountID string, expiresAt time.Ti } var auth CodexCliAuth - if err := json.Unmarshal(data, &auth); err != nil { + if err = json.Unmarshal(data, &auth); err != nil { return "", "", time.Time{}, fmt.Errorf("parsing %s: %w", authPath, err) } diff --git a/pkg/tools/edit.go b/pkg/tools/edit.go index 39d2642d4..c28ca6ca2 100644 --- a/pkg/tools/edit.go +++ b/pkg/tools/edit.go @@ -72,7 +72,7 @@ func (t *EditFileTool) Execute(ctx context.Context, args map[string]any) *ToolRe return ErrorResult(err.Error()) } - if _, err := os.Stat(resolvedPath); os.IsNotExist(err) { + if _, err = os.Stat(resolvedPath); os.IsNotExist(err) { return ErrorResult(fmt.Sprintf("file not found: %s", path)) } diff --git a/pkg/tools/filesystem.go b/pkg/tools/filesystem.go index dd996bc0d..1bf50906e 100644 --- a/pkg/tools/filesystem.go +++ b/pkg/tools/filesystem.go @@ -34,17 +34,19 @@ func validatePath(path, workspace string, restrict bool) (string, error) { return "", fmt.Errorf("access denied: path is outside the workspace") } + var resolved string workspaceReal := absWorkspace - if resolved, err := filepath.EvalSymlinks(absWorkspace); err == nil { + if resolved, err = filepath.EvalSymlinks(absWorkspace); err == nil { workspaceReal = resolved } - if resolved, err := filepath.EvalSymlinks(absPath); err == nil { + if resolved, err = filepath.EvalSymlinks(absPath); err == nil { if !isWithinWorkspace(resolved, workspaceReal) { return "", fmt.Errorf("access denied: symlink resolves outside workspace") } } else if os.IsNotExist(err) { - if parentResolved, err := resolveExistingAncestor(filepath.Dir(absPath)); err == nil { + var parentResolved string + if parentResolved, err = resolveExistingAncestor(filepath.Dir(absPath)); err == nil { if !isWithinWorkspace(parentResolved, workspaceReal) { return "", fmt.Errorf("access denied: symlink resolves outside workspace") } diff --git a/pkg/tools/i2c_linux.go b/pkg/tools/i2c_linux.go index 2a0626340..4eaaf8f09 100644 --- a/pkg/tools/i2c_linux.go +++ b/pkg/tools/i2c_linux.go @@ -182,7 +182,7 @@ func (t *I2CTool) readDevice(args map[string]any) *ToolResult { if reg < 0 || reg > 255 { return ErrorResult("register must be between 0x00 and 0xFF") } - _, err := syscall.Write(fd, []byte{byte(reg)}) + _, err = syscall.Write(fd, []byte{byte(reg)}) if err != nil { return ErrorResult(fmt.Sprintf("failed to write register 0x%02x: %v", reg, err)) } diff --git a/pkg/voice/transcriber.go b/pkg/voice/transcriber.go index ad8767d40..f973e77fe 100644 --- a/pkg/voice/transcriber.go +++ b/pkg/voice/transcriber.go @@ -79,17 +79,17 @@ func (t *GroqTranscriber) Transcribe(ctx context.Context, audioFilePath string) logger.DebugCF("voice", "File copied to request", map[string]any{"bytes_copied": copied}) - if err := writer.WriteField("model", "whisper-large-v3"); err != nil { + if err = writer.WriteField("model", "whisper-large-v3"); err != nil { logger.ErrorCF("voice", "Failed to write model field", map[string]any{"error": err}) return nil, fmt.Errorf("failed to write model field: %w", err) } - if err := writer.WriteField("response_format", "json"); err != nil { + if err = writer.WriteField("response_format", "json"); err != nil { logger.ErrorCF("voice", "Failed to write response_format field", map[string]any{"error": err}) return nil, fmt.Errorf("failed to write response_format field: %w", err) } - if err := writer.Close(); err != nil { + if err = writer.Close(); err != nil { logger.ErrorCF("voice", "Failed to close multipart writer", map[string]any{"error": err}) return nil, fmt.Errorf("failed to close multipart writer: %w", err) } From 244eb0b47d0f694df4bdc96c316b23698eab7407 Mon Sep 17 00:00:00 2001 From: Goksu Ceylan <79890826+GoCeylan@users.noreply.github.com> Date: Fri, 20 Feb 2026 19:15:46 -0500 Subject: [PATCH 20/88] fix (security): ExecTool `working_dir` sandbox escape (#478) * fix (security) Shell working_dir bypass * Feedback from @mengzhuo & Discord - reuse internal security package to validate path - add tests for workspace escape --- pkg/tools/shell.go | 10 ++++++- pkg/tools/shell_test.go | 60 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+), 1 deletion(-) diff --git a/pkg/tools/shell.go b/pkg/tools/shell.go index d2adb6468..a1ee0b6e1 100644 --- a/pkg/tools/shell.go +++ b/pkg/tools/shell.go @@ -144,7 +144,15 @@ func (t *ExecTool) Execute(ctx context.Context, args map[string]any) *ToolResult cwd := t.workingDir if wd, ok := args["working_dir"].(string); ok && wd != "" { - cwd = wd + if t.restrictToWorkspace && t.workingDir != "" { + resolvedWD, err := validatePath(wd, t.workingDir, true) + if err != nil { + return ErrorResult("Command blocked by safety guard (" + err.Error() + ")") + } + cwd = resolvedWD + } else { + cwd = wd + } } if cwd == "" { diff --git a/pkg/tools/shell_test.go b/pkg/tools/shell_test.go index f85b5a008..60f2b7b91 100644 --- a/pkg/tools/shell_test.go +++ b/pkg/tools/shell_test.go @@ -186,6 +186,66 @@ func TestShellTool_OutputTruncation(t *testing.T) { } } +// TestShellTool_WorkingDir_OutsideWorkspace verifies that working_dir cannot escape the workspace directly +func TestShellTool_WorkingDir_OutsideWorkspace(t *testing.T) { + root := t.TempDir() + workspace := filepath.Join(root, "workspace") + outsideDir := filepath.Join(root, "outside") + if err := os.MkdirAll(workspace, 0755); err != nil { + t.Fatalf("failed to create workspace: %v", err) + } + if err := os.MkdirAll(outsideDir, 0755); err != nil { + t.Fatalf("failed to create outside dir: %v", err) + } + + tool := NewExecTool(workspace, true) + result := tool.Execute(context.Background(), map[string]interface{}{ + "command": "pwd", + "working_dir": outsideDir, + }) + + if !result.IsError { + t.Fatalf("expected working_dir outside workspace to be blocked, got output: %s", result.ForLLM) + } + if !strings.Contains(result.ForLLM, "blocked") { + t.Errorf("expected 'blocked' in error, got: %s", result.ForLLM) + } +} + +// TestShellTool_WorkingDir_SymlinkEscape verifies that a symlink inside the workspace +// pointing outside cannot be used as working_dir to escape the sandbox. +func TestShellTool_WorkingDir_SymlinkEscape(t *testing.T) { + root := t.TempDir() + workspace := filepath.Join(root, "workspace") + secretDir := filepath.Join(root, "secret") + if err := os.MkdirAll(workspace, 0755); err != nil { + t.Fatalf("failed to create workspace: %v", err) + } + if err := os.MkdirAll(secretDir, 0755); err != nil { + t.Fatalf("failed to create secret dir: %v", err) + } + os.WriteFile(filepath.Join(secretDir, "secret.txt"), []byte("top secret"), 0644) + + // symlink lives inside the workspace but resolves to secretDir outside it + link := filepath.Join(workspace, "escape") + if err := os.Symlink(secretDir, link); err != nil { + t.Skipf("symlinks not supported in this environment: %v", err) + } + + tool := NewExecTool(workspace, true) + result := tool.Execute(context.Background(), map[string]interface{}{ + "command": "cat secret.txt", + "working_dir": link, + }) + + if !result.IsError { + t.Fatalf("expected symlink working_dir escape to be blocked, got output: %s", result.ForLLM) + } + if !strings.Contains(result.ForLLM, "blocked") { + t.Errorf("expected 'blocked' in error, got: %s", result.ForLLM) + } +} + // TestShellTool_RestrictToWorkspace verifies workspace restriction func TestShellTool_RestrictToWorkspace(t *testing.T) { tmpDir := t.TempDir() From 80c8b5753338dc75286d93d8d62fa01654b1a2f0 Mon Sep 17 00:00:00 2001 From: Luke Milby Date: Fri, 20 Feb 2026 19:21:38 -0500 Subject: [PATCH 21/88] Fix Memory Write (#557) * fix issue where memory will only trigger when asked to remember something * updated prompt for memory usage --- pkg/agent/context.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/agent/context.go b/pkg/agent/context.go index e989ffaaf..a9db5afdd 100644 --- a/pkg/agent/context.go +++ b/pkg/agent/context.go @@ -80,7 +80,7 @@ Your workspace is at: %s 2. **Be helpful and accurate** - When using tools, briefly explain what you're doing. -3. **Memory** - When remembering something, write to %s/memory/MEMORY.md`, +3. **Memory** - When interacting with me if something seems memorable, update %s/memory/MEMORY.md`, now, runtime, workspacePath, workspacePath, workspacePath, workspacePath, toolsSection, workspacePath) } From 3df7f705408d5767e43a22975fd2d093f33b7705 Mon Sep 17 00:00:00 2001 From: Hoshina Date: Sat, 21 Feb 2026 16:05:39 +0800 Subject: [PATCH 22/88] fix: golangci-lint fmt --- pkg/tools/shell_test.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkg/tools/shell_test.go b/pkg/tools/shell_test.go index 60f2b7b91..d0a300c6c 100644 --- a/pkg/tools/shell_test.go +++ b/pkg/tools/shell_test.go @@ -191,10 +191,10 @@ func TestShellTool_WorkingDir_OutsideWorkspace(t *testing.T) { root := t.TempDir() workspace := filepath.Join(root, "workspace") outsideDir := filepath.Join(root, "outside") - if err := os.MkdirAll(workspace, 0755); err != nil { + if err := os.MkdirAll(workspace, 0o755); err != nil { t.Fatalf("failed to create workspace: %v", err) } - if err := os.MkdirAll(outsideDir, 0755); err != nil { + if err := os.MkdirAll(outsideDir, 0o755); err != nil { t.Fatalf("failed to create outside dir: %v", err) } @@ -218,13 +218,13 @@ func TestShellTool_WorkingDir_SymlinkEscape(t *testing.T) { root := t.TempDir() workspace := filepath.Join(root, "workspace") secretDir := filepath.Join(root, "secret") - if err := os.MkdirAll(workspace, 0755); err != nil { + if err := os.MkdirAll(workspace, 0o755); err != nil { t.Fatalf("failed to create workspace: %v", err) } - if err := os.MkdirAll(secretDir, 0755); err != nil { + if err := os.MkdirAll(secretDir, 0o755); err != nil { t.Fatalf("failed to create secret dir: %v", err) } - os.WriteFile(filepath.Join(secretDir, "secret.txt"), []byte("top secret"), 0644) + os.WriteFile(filepath.Join(secretDir, "secret.txt"), []byte("top secret"), 0o644) // symlink lives inside the workspace but resolves to secretDir outside it link := filepath.Join(workspace, "escape") From 00666022949fb993f9b07ae8c2bb844fde977b23 Mon Sep 17 00:00:00 2001 From: Hoshina Date: Sat, 21 Feb 2026 16:20:15 +0800 Subject: [PATCH 23/88] fix: golangci-lint run --fix --- pkg/tools/shell_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/tools/shell_test.go b/pkg/tools/shell_test.go index d0a300c6c..6d35815e8 100644 --- a/pkg/tools/shell_test.go +++ b/pkg/tools/shell_test.go @@ -199,7 +199,7 @@ func TestShellTool_WorkingDir_OutsideWorkspace(t *testing.T) { } tool := NewExecTool(workspace, true) - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "command": "pwd", "working_dir": outsideDir, }) @@ -233,7 +233,7 @@ func TestShellTool_WorkingDir_SymlinkEscape(t *testing.T) { } tool := NewExecTool(workspace, true) - result := tool.Execute(context.Background(), map[string]interface{}{ + result := tool.Execute(context.Background(), map[string]any{ "command": "cat secret.txt", "working_dir": link, }) From 023b245a285780edfcfbe90ae81b4c9cd7e7913d Mon Sep 17 00:00:00 2001 From: Hoshina Date: Sat, 21 Feb 2026 15:33:35 +0800 Subject: [PATCH 24/88] docs: add Chinese channel documentation --- README.zh.md | 458 ++++++--------------- docs/channels/dingtalk/README.zh.md | 33 ++ docs/channels/discord/README.zh.md | 35 ++ docs/channels/feishu/README.zh.md | 37 ++ docs/channels/line/README.zh.md | 41 ++ docs/channels/maixcam/README.zh.md | 31 ++ docs/channels/onebot/README.zh.md | 31 ++ docs/channels/qq/README.zh.md | 32 ++ docs/channels/slack/README.zh.md | 33 ++ docs/channels/telegram/README.zh.md | 33 ++ docs/channels/wecom/wecom_app/README.zh.md | 47 +++ docs/channels/wecom/wecom_bot/README.zh.md | 41 ++ 12 files changed, 510 insertions(+), 342 deletions(-) create mode 100644 docs/channels/dingtalk/README.zh.md create mode 100644 docs/channels/discord/README.zh.md create mode 100644 docs/channels/feishu/README.zh.md create mode 100644 docs/channels/line/README.zh.md create mode 100644 docs/channels/maixcam/README.zh.md create mode 100644 docs/channels/onebot/README.zh.md create mode 100644 docs/channels/qq/README.zh.md create mode 100644 docs/channels/slack/README.zh.md create mode 100644 docs/channels/telegram/README.zh.md create mode 100644 docs/channels/wecom/wecom_app/README.zh.md create mode 100644 docs/channels/wecom/wecom_bot/README.zh.md diff --git a/README.zh.md b/README.zh.md index ab896b6c0..4d739c5eb 100644 --- a/README.zh.md +++ b/README.zh.md @@ -14,7 +14,8 @@ Twitter

- **äø­ę–‡** | [ę—„ęœ¬čŖž](README.ja.md) | [PortuguĆŖs](README.pt-br.md) | [Tiįŗæng Viį»‡t](README.vi.md) | [FranƧais](README.fr.md) | [English](README.md) +**äø­ę–‡** | [ę—„ęœ¬čŖž](README.ja.md) | [PortuguĆŖs](README.pt-br.md) | [Tiįŗæng Viį»‡t](README.vi.md) | [FranƧais](README.fr.md) | [English](README.md) + --- @@ -42,14 +43,15 @@ > [!CAUTION] > **šŸšØ SECURITY & OFFICIAL CHANNELS / 安å…Øå£°ę˜Ž** -> * **ę— åŠ åÆ†č“§åø (NO CRYPTO):** PicoClaw **ę²”ęœ‰** å‘č”Œä»»ä½•å®˜ę–¹ä»£åøć€Token ęˆ–č™šę‹Ÿč“§åøć€‚ę‰€ęœ‰åœØ `pump.fun` ęˆ–å…¶ä»–äŗ¤ę˜“平台äøŠēš„ē›ø关声ē§°å‡äøŗ **čƈéŖ—**怂 -> * **å®˜ę–¹åŸŸå:** å”Æäø€ēš„å®˜ę–¹ē½‘ē«™ę˜Æ **[picoclaw.io](https://picoclaw.io)**ļ¼Œå…¬åø官ē½‘ę˜Æ **[sipeed.com](https://sipeed.com)**怂 -> * **č­¦ęƒ•:** č®ø多 `.ai/.org/.com/.net/...` 后ē¼€ēš„åŸŸåč¢«ē¬¬äø‰ę–¹ęŠ¢ę³Øļ¼ŒčÆ·å‹æč½»äæ”怂 -> * **ę³Øꄏ:** picoclawę­£åœØåˆęœŸēš„åæ«é€ŸåŠŸčƒ½å¼€å‘é˜¶ę®µļ¼ŒåÆčƒ½ęœ‰å°šęœŖäæ®å¤ēš„ē½‘ē»œå®‰å…Ø问题ļ¼ŒåœØ1.0ę­£å¼ē‰ˆå‘åøƒå‰ļ¼ŒčÆ·äøč¦å°†å…¶éƒØē½²åˆ°ē”Ÿäŗ§ēŽÆ境äø­ -> * **ę³Øꄏ:** picoclaw꜀čæ‘合并äŗ†å¤§é‡PRsļ¼Œčæ‘ęœŸē‰ˆęœ¬åÆčƒ½å†…å­˜å ē”Øč¾ƒå¤§(10~20MB)ļ¼Œęˆ‘们将åœØåŠŸčƒ½č¾ƒäøŗę”¶ę•›åŽčæ›č”Œčµ„ęŗå ē”Ø优化. - +> +> - **ę— åŠ åÆ†č“§åø (NO CRYPTO):** PicoClaw **ę²”ęœ‰** å‘č”Œä»»ä½•å®˜ę–¹ä»£åøć€Token ęˆ–č™šę‹Ÿč“§åøć€‚ę‰€ęœ‰åœØ `pump.fun` ęˆ–å…¶ä»–äŗ¤ę˜“平台äøŠēš„ē›ø关声ē§°å‡äøŗ **čƈéŖ—**怂 +> - **å®˜ę–¹åŸŸå:** å”Æäø€ēš„å®˜ę–¹ē½‘ē«™ę˜Æ **[picoclaw.io](https://picoclaw.io)**ļ¼Œå…¬åø官ē½‘ę˜Æ **[sipeed.com](https://sipeed.com)**怂 +> - **č­¦ęƒ•:** č®ø多 `.ai/.org/.com/.net/...` 后ē¼€ēš„åŸŸåč¢«ē¬¬äø‰ę–¹ęŠ¢ę³Øļ¼ŒčÆ·å‹æč½»äæ”怂 +> - **ę³Øꄏ:** picoclawę­£åœØåˆęœŸēš„åæ«é€ŸåŠŸčƒ½å¼€å‘é˜¶ę®µļ¼ŒåÆčƒ½ęœ‰å°šęœŖäæ®å¤ēš„ē½‘ē»œå®‰å…Ø问题ļ¼ŒåœØ1.0ę­£å¼ē‰ˆå‘åøƒå‰ļ¼ŒčÆ·äøč¦å°†å…¶éƒØē½²åˆ°ē”Ÿäŗ§ēŽÆ境äø­ +> - **ę³Øꄏ:** picoclaw꜀čæ‘合并äŗ†å¤§é‡PRsļ¼Œčæ‘ęœŸē‰ˆęœ¬åÆčƒ½å†…å­˜å ē”Øč¾ƒå¤§(10~20MB)ļ¼Œęˆ‘们将åœØåŠŸčƒ½č¾ƒäøŗę”¶ę•›åŽčæ›č”Œčµ„ęŗå ē”Ø优化. ## šŸ“¢ ę–°é—» (News) + 2026-02-16 šŸŽ‰ PicoClaw åœØäø€å‘Ø内ēŖē “äŗ†12K star! ę„Ÿč°¢å¤§å®¶ēš„å…³ę³Øļ¼PicoClaw ēš„ęˆé•æ速åŗ¦č¶…ä¹Žęˆ‘ä»¬é¢„ęœŸ. ē”±äŗŽPRꕰ量ēš„åæ«é€Ÿč†Ø胀ļ¼Œęˆ‘们äŗŸéœ€ē¤¾åŒŗå¼€å‘č€…å‚äøŽē»“ꊤ. ęˆ‘ä»¬éœ€č¦ēš„åæ—ę„æč€…č§’č‰²å’Œroadmapå·²ē»å‘åøƒåˆ°äŗ†[čæ™é‡Œ](docs/picoclaw_community_roadmap_260216.md), ęœŸå¾…ä½ ēš„参äøŽļ¼ 2026-02-13 šŸŽ‰ **PicoClaw åœØ 4 天内ēŖē “ 5000 Starsļ¼** ę„Ÿč°¢ē¤¾åŒŗēš„ę”Æꌁļ¼ē”±äŗŽę­£å€¼äø­å›½ę˜„čŠ‚å‡ęœŸļ¼ŒPR 和 Issue ę¶Œå…„č¾ƒå¤šļ¼Œęˆ‘ä»¬ę­£åœØ利ē”Øčæ™ę®µę—¶é—“ę•²å®š **锹ē›®č·Æēŗæ图 (Roadmap)** 并ē»„å»ŗ **å¼€å‘č€…ē¾¤ē»„**ļ¼Œä»„ä¾æ加速 PicoClaw ēš„å¼€å‘ć€‚ @@ -69,12 +71,12 @@ šŸ¤– **AI č‡Ŗäø¾**: ēŗÆ Go čÆ­č؀原ē”Ÿå®žēŽ° ā€” 95% ēš„ę øåæƒä»£ē ē”± Agent ē”Ÿęˆļ¼Œå¹¶ē»ē”±ā€œäŗŗęœŗ回ēŽÆ (Human-in-the-loop)ā€å¾®č°ƒć€‚ -| | OpenClaw | NanoBot | **PicoClaw** | -| --- | --- | --- | --- | -| **čÆ­č؀** | TypeScript | Python | **Go** | -| **RAM** | >1GB | >100MB | **< 10MB** | -| **åÆåŠØꗶ闓**
(0.8GHz core) | >500s | >30s | **<1s** | -| **ęˆęœ¬** | Mac Mini $599 | å¤§å¤šę•° Linux 开发ęæ ~$50 | **ä»»ę„ Linux 开发ęæ**
**ä½Žč‡³ $10** | +| | OpenClaw | NanoBot | **PicoClaw** | +| ------------------------------ | ------------- | ------------------------ | -------------------------------------- | +| **čÆ­č؀** | TypeScript | Python | **Go** | +| **RAM** | >1GB | >100MB | **< 10MB** | +| **åÆåŠØꗶ闓**
(0.8GHz core) | >500s | >30s | **<1s** | +| **ęˆęœ¬** | Mac Mini $599 | å¤§å¤šę•° Linux 开发ęæ ~$50 | **ä»»ę„ Linux 开发ęæ**
**ä½Žč‡³ $10** | PicoClaw @@ -101,9 +103,12 @@ ### šŸ“± åœØꉋęœŗäøŠč½»ę¾čæč”Œ + picoclaw åÆ仄将你10幓前ēš„老ꗧꉋęœŗåŗŸē‰©åˆ©ē”Øļ¼Œå˜čŗ«ęˆäøŗä½ ēš„AI助ē†ļ¼åæ«é€ŸęŒ‡å—: + 1. 先去åŗ”ē”Ø商åŗ—äø‹č½½å®‰č£…Termux 2. ę‰“å¼€åŽę‰§č”ŒęŒ‡ä»¤ + ```bash # ę³Øꄏ: äø‹é¢ēš„v0.1.1 åÆä»„ę¢äøŗ你实际ēœ‹åˆ°ēš„ęœ€ę–°ē‰ˆęœ¬ wget https://github.com/sipeed/picoclaw/releases/download/v0.1.1/picoclaw-linux-arm64 @@ -111,19 +116,17 @@ chmod +x picoclaw-linux-arm64 pkg install proot termux-chroot ./picoclaw-linux-arm64 onboard ``` -ē„¶åŽč·Ÿéšäø‹é¢ēš„ā€œåæ«é€Ÿå¼€å§‹ā€ē« čŠ‚ē»§ē»­é…ē½®picoclaw即åÆä½æē”Øļ¼ + +ē„¶åŽč·Ÿéšäø‹é¢ēš„ā€œåæ«é€Ÿå¼€å§‹ā€ē« čŠ‚ē»§ē»­é…ē½®picoclaw即åÆä½æē”Øļ¼ PicoClaw - - - ### šŸœ åˆ›ę–°ēš„低占ē”ØéƒØē½² PicoClaw 几乎åÆ仄éƒØē½²åœØ任何 Linux č®¾å¤‡äøŠļ¼ -* $9.9 [LicheeRV-Nano](https://www.aliexpress.com/item/1005006519668532.html) E(ē½‘口) ꈖ W(WiFi6) ē‰ˆęœ¬ļ¼Œē”ØäŗŽęžē®€å®¶åŗ­åŠ©ę‰‹ć€‚ -* $30~50 [NanoKVM](https://www.aliexpress.com/item/1005007369816019.html)ļ¼Œęˆ– $100 [NanoKVM-Pro](https://www.aliexpress.com/item/1005010048471263.html)ļ¼Œē”ØäŗŽč‡ŖåŠØåŒ–ęœåŠ”å™Øčæē»“怂 -* $50 [MaixCAM](https://www.aliexpress.com/item/1005008053333693.html) ꈖ $100 [MaixCAM2](https://www.kickstarter.com/projects/zepan/maixcam2-build-your-next-gen-4k-ai-camera)ļ¼Œē”ØäŗŽę™ŗčƒ½ē›‘ꎧ怂 +- $9.9 [LicheeRV-Nano](https://www.aliexpress.com/item/1005006519668532.html) E(ē½‘口) ꈖ W(WiFi6) ē‰ˆęœ¬ļ¼Œē”ØäŗŽęžē®€å®¶åŗ­åŠ©ę‰‹ć€‚ +- $30~50 [NanoKVM](https://www.aliexpress.com/item/1005007369816019.html)ļ¼Œęˆ– $100 [NanoKVM-Pro](https://www.aliexpress.com/item/1005010048471263.html)ļ¼Œē”ØäŗŽč‡ŖåŠØåŒ–ęœåŠ”å™Øčæē»“怂 +- $50 [MaixCAM](https://www.aliexpress.com/item/1005008053333693.html) ꈖ $100 [MaixCAM2](https://www.kickstarter.com/projects/zepan/maixcam2-build-your-next-gen-4k-ai-camera)ļ¼Œē”ØäŗŽę™ŗčƒ½ē›‘ꎧ怂 [https://private-user-images.githubusercontent.com/83055338/547056448-e7b031ff-d6f5-4468-bcca-5726b6fecb5c.mp4](https://private-user-images.githubusercontent.com/83055338/547056448-e7b031ff-d6f5-4468-bcca-5726b6fecb5c.mp4) @@ -253,15 +256,14 @@ picoclaw onboard } } } - ``` > **ę–°åŠŸčƒ½**: `model_list` 配ē½®ę ¼å¼ę”ÆęŒé›¶ä»£ē ę·»åŠ  provider怂čÆ¦č§[ęؔ型配ē½®](#ęؔ型配ē½®-model_list)ē« čŠ‚怂 **3. čŽ·å– API Key** -* **LLM ęä¾›å•†**: [OpenRouter](https://openrouter.ai/keys) Ā· [Zhipu](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) Ā· [Anthropic](https://console.anthropic.com) Ā· [OpenAI](https://platform.openai.com) Ā· [Gemini](https://aistudio.google.com/api-keys) -* **ē½‘ē»œęœē“¢** (åÆ选): [Brave Search](https://brave.com/search/api) - ęä¾›å…č“¹å±‚ēŗ§ (2000 čÆ·ę±‚/꜈) +- **LLM ęä¾›å•†**: [OpenRouter](https://openrouter.ai/keys) Ā· [Zhipu](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) Ā· [Anthropic](https://console.anthropic.com) Ā· [OpenAI](https://platform.openai.com) Ā· [Gemini](https://aistudio.google.com/api-keys) +- **ē½‘ē»œęœē“¢** (åÆ选): [Brave Search](https://brave.com/search/api) - ęä¾›å…č“¹å±‚ēŗ§ (2000 čÆ·ę±‚/꜈) > **ę³Øꄏ**: å®Œę•“ēš„配ē½®ęØ”ęæčÆ·å‚č€ƒ `config.example.json`怂 @@ -278,260 +280,28 @@ picoclaw agent -m "2+2 ē­‰äŗŽå‡ ļ¼Ÿ" ## šŸ’¬ čŠå¤©åŗ”ē”Ø集ꈐ (Chat Apps) -通čæ‡ Telegram, Discord, é’‰é’‰ęˆ–ä¼äøšå¾®äæ”äøŽę‚Øēš„ PicoClaw åƹčÆć€‚ - -| ęø é“ | č®¾ē½®éš¾åŗ¦ | -| --- | --- | -| **Telegram** | ē®€å• (仅需 token) | -| **Discord** | ē®€å• (bot token + intents) | -| **QQ** | ē®€å• (AppID + AppSecret) | -| **钉钉 (DingTalk)** | äø­ē­‰ (åŗ”ē”Ø凭čƁ) | -| **企äøšå¾®äæ” (WeCom)** | äø­ē­‰ (企äøšID + Webhook配ē½®) | - -
-Telegram (ęŽØ荐) - -**1. 创å»ŗęœŗå™Øäŗŗ** - -* ę‰“å¼€ Telegramļ¼Œęœē“¢ `@BotFather` -* 发送 `/newbot`ļ¼ŒęŒ‰ē…§ęē¤ŗę“ä½œ -* 复制 token - -**2. 配ē½®** - -```json -{ - "channels": { - "telegram": { - "enabled": true, - "token": "YOUR_BOT_TOKEN", - "allow_from": ["YOUR_USER_ID"] - } - } -} - -``` - -> 从 Telegram äøŠēš„ `@userinfobot` čŽ·å–ę‚Øēš„ē”Øꈷ ID怂 - -**3. čæč”Œ** - -```bash -picoclaw gateway - -``` - -
- -
-Discord - -**1. 创å»ŗęœŗå™Øäŗŗ** - -* 前往 [https://discord.com/developers/applications](https://discord.com/developers/applications) -* Create an application ā†’ Bot ā†’ Add Bot -* 复制 bot token - -**2. 开åÆ Intents** - -* åœØ Bot č®¾ē½®äø­ļ¼Œå¼€åÆ **MESSAGE CONTENT INTENT** -* (åÆ选) å¦‚ęžœč®”åˆ’åŸŗäŗŽęˆå‘˜ę•°ę®ä½æē”Øē™½åå•ļ¼Œå¼€åÆ **SERVER MEMBERS INTENT** - -**3. čŽ·å–ę‚Øēš„ User ID** - -* Discord č®¾ē½® ā†’ Advanced ā†’ 开åÆ **Developer Mode** -* 右键ē‚¹å‡»ę‚Øēš„夓像 ā†’ **Copy User ID** - -**4. 配ē½®** - -```json -{ - "channels": { - "discord": { - "enabled": true, - "token": "YOUR_BOT_TOKEN", - "allow_from": ["YOUR_USER_ID"], - "mention_only": false - } - } -} - -``` - -**5. 邀čÆ·ęœŗå™Øäŗŗ** - -* OAuth2 ā†’ URL Generator -* Scopes: `bot` -* Bot Permissions: `Send Messages`, `Read Message History` -* ę‰“å¼€ē”Ÿęˆēš„é‚€čÆ· URLļ¼Œå°†ęœŗå™Øäŗŗę·»åŠ åˆ°ę‚Øēš„ęœåŠ”å™Ø - -**6. čæč”Œ** - -```bash -picoclaw gateway - -``` - -
- -
-QQ - -**1. 创å»ŗęœŗå™Øäŗŗ** - -* 前往 [QQ å¼€ę”¾å¹³å°](https://q.qq.com/#) -* 创å»ŗåŗ”ē”Ø ā†’ čŽ·å– **AppID** 和 **AppSecret** - -**2. 配ē½®** - -```json -{ - "channels": { - "qq": { - "enabled": true, - "app_id": "YOUR_APP_ID", - "app_secret": "YOUR_APP_SECRET", - "allow_from": [] - } - } -} - -``` - -> 将 `allow_from` č®¾äøŗē©ŗ仄允č®øꉀ꜉ē”Øꈷļ¼Œęˆ–ęŒ‡å®š QQ 号仄限制č®æ问怂 - -**3. čæč”Œ** - -```bash -picoclaw gateway - -``` - -
- -
-钉钉 (DingTalk) - -**1. 创å»ŗęœŗå™Øäŗŗ** - -* 前往 [å¼€ę”¾å¹³å°](https://open.dingtalk.com/) -* 创å»ŗ内éƒØåŗ”ē”Ø -* 复制 Client ID 和 Client Secret - -**2. 配ē½®** - -```json -{ - "channels": { - "dingtalk": { - "enabled": true, - "client_id": "YOUR_CLIENT_ID", - "client_secret": "YOUR_CLIENT_SECRET", - "allow_from": [] - } - } -} - -``` - -> 将 `allow_from` č®¾äøŗē©ŗ仄允č®øꉀ꜉ē”Øꈷļ¼Œęˆ–ęŒ‡å®š ID 仄限制č®æ问怂 - -**3. čæč”Œ** - -```bash -picoclaw gateway - -``` - -
- -
-企äøšå¾®äæ” (WeCom) - -PicoClaw ę”Æꌁäø¤ē§ä¼äøšå¾®äæ”é›†ęˆę–¹å¼ļ¼š - -**选锹1: ę™ŗčƒ½ęœŗå™Øäŗŗ (WeCom Bot)** - č®¾ē½®ę›“ē®€å•ļ¼Œę”Æꌁē¾¤čŠ -**选锹2: č‡Ŗå»ŗåŗ”ē”Ø (WeCom App)** - åŠŸčƒ½ę›“äø°åƌļ¼Œę”Æꌁäø»åŠØęŽØé€ę¶ˆęÆ - -čÆ¦č§ [企äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Ø配ē½®ęŒ‡å—](docs/wecom-app-configuration.md)怂 - -**åæ«é€Ÿč®¾ē½® - ę™ŗčƒ½ęœŗå™Øäŗŗļ¼š** - -**1. 创å»ŗęœŗå™Øäŗŗ** - -* 前往企äøšå¾®äæ”ē®”ē†åŽå° ā†’ ē¾¤čŠ ā†’ ę·»åŠ ē¾¤ęœŗå™Øäŗŗ -* 复制 Webhook URL (ę ¼å¼: `https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxx`) - -**2. 配ē½®** - -```json -{ - "channels": { - "wecom": { - "enabled": true, - "token": "YOUR_TOKEN", - "encoding_aes_key": "YOUR_ENCODING_AES_KEY", - "webhook_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=YOUR_KEY", - "webhook_host": "0.0.0.0", - "webhook_port": 18793, - "webhook_path": "/webhook/wecom", - "allow_from": [] - } - } -} -``` - -**åæ«é€Ÿč®¾ē½® - č‡Ŗå»ŗåŗ”ē”Øļ¼š** - -**1. 创å»ŗåŗ”ē”Ø** - -* 前往企äøšå¾®äæ”ē®”ē†åŽå° ā†’ åŗ”ē”Øē®”ē† ā†’ 创å»ŗåŗ”ē”Ø -* 复制 **AgentId** 和 **Secret** -* 前往"ꈑēš„企äøš"锵面ļ¼Œå¤åˆ¶ **CorpID** - -**2. 配ē½®ęŽ„ę”¶ę¶ˆęÆ** - -* åœØåŗ”ē”ØčÆ¦ęƒ…é”µļ¼Œē‚¹å‡»"ęŽ„ę”¶ę¶ˆęÆ" ā†’ "č®¾ē½®API" -* č®¾ē½® URL äøŗ `http://your-server:18792/webhook/wecom-app` -* ē”Ÿęˆ **Token** 和 **EncodingAESKey** - -**3. 配ē½®** - -```json -{ - "channels": { - "wecom_app": { - "enabled": true, - "corp_id": "wwxxxxxxxxxxxxxxxx", - "corp_secret": "YOUR_CORP_SECRET", - "agent_id": 1000002, - "token": "YOUR_TOKEN", - "encoding_aes_key": "YOUR_ENCODING_AES_KEY", - "webhook_host": "0.0.0.0", - "webhook_port": 18792, - "webhook_path": "/webhook/wecom-app", - "allow_from": [] - } - } -} -``` - -**4. čæč”Œ** - -```bash -picoclaw gateway - -``` - -> **ę³Øꄏ**: č‡Ŗå»ŗåŗ”ē”Øéœ€č¦å¼€ę”¾ 18792 ē«Æ口ē”ØäŗŽęŽ„ꔶ Webhook å›žč°ƒć€‚ē”Ÿäŗ§ēŽÆ境å»ŗč®®ä½æē”Ø反向代ē†é…ē½® HTTPS怂 - -
+PicoClaw ę”ÆęŒå¤šē§čŠå¤©å¹³å°ļ¼Œä½æę‚Øēš„ Agent čƒ½å¤ŸčæžęŽ„åˆ°ä»»ä½•åœ°ę–¹ć€‚ + +### ę øåæƒęø é“ + +| ęø é“ | č®¾ē½®éš¾åŗ¦ | ē‰¹ę€§čÆ“ę˜Ž | ę–‡ę”£é“¾ęŽ„ | +| -------------------- | ----------- | ----------------------------------------- | --------------------------------------------------------------------------------------------------------------- | +| **Telegram** | ā­ ē®€å• | ęŽØ荐ļ¼Œę”ÆꌁčÆ­éŸ³č½¬ę–‡å­—ļ¼Œé•æč½®čÆ¢ę— éœ€å…¬ē½‘ | [ęŸ„ēœ‹ę–‡ę”£](docs/channels/telegram/README.zh.md) | +| **Discord** | ā­ ē®€å• | Socket Modeļ¼Œę”Æꌁē¾¤ē»„/ē§äæ”ļ¼ŒBot ē”Ÿę€ęˆē†Ÿ | [ęŸ„ēœ‹ę–‡ę”£](docs/channels/discord/README.zh.md) | +| **Slack** | ā­ ē®€å• | **Socket Mode** (ę— éœ€å…¬ē½‘ IP)ļ¼Œä¼äøšēŗ§ę”Æꌁ | [ęŸ„ēœ‹ę–‡ę”£](docs/channels/slack/README.zh.md) | +| **QQ** | ā­ā­ äø­ē­‰ | å®˜ę–¹ęœŗå™Øäŗŗ APIļ¼Œé€‚合国内ē¤¾ē¾¤ | [ęŸ„ēœ‹ę–‡ę”£](docs/channels/qq/README.zh.md) | +| **钉钉 (DingTalk)** | ā­ā­ äø­ē­‰ | Stream ęØ”å¼ę— éœ€å…¬ē½‘ļ¼Œä¼äøšåŠžå…¬é¦–选 | [ęŸ„ēœ‹ę–‡ę”£](docs/channels/dingtalk/README.zh.md) | +| **企äøšå¾®äæ” (WeCom)** | ā­ā­ā­ č¾ƒéš¾ | ę”Æꌁē¾¤ęœŗå™Øäŗŗ(Webhook)和č‡Ŗå»ŗåŗ”ē”Ø(API) | [Bot ę–‡ę”£](docs/channels/wecom/wecom_bot/README.zh.md) / [App ę–‡ę”£](docs/channels/wecom/wecom_app/README.zh.md) | +| **飞书 (Feishu)** | ā­ā­ā­ č¾ƒéš¾ | 企äøšēŗ§åä½œļ¼ŒåŠŸčƒ½äø°åƌ | [ęŸ„ēœ‹ę–‡ę”£](docs/channels/feishu/README.zh.md) | +| **Line** | ā­ā­ā­ č¾ƒéš¾ | éœ€č¦ HTTPS Webhook | [ęŸ„ēœ‹ę–‡ę”£](docs/channels/line/README.zh.md) | +| **OneBot** | ā­ā­ äø­ē­‰ | 兼容 NapCat/Go-CQHTTPļ¼Œē¤¾åŒŗē”Ÿę€äø°åƌ | [ęŸ„ēœ‹ę–‡ę”£](docs/channels/onebot/README.zh.md) | +| **MaixCam** | ā­ ē®€å• | äø“äøŗ AI ę‘„åƒå¤“č®¾č®”ēš„ē”¬ä»¶é›†ęˆé€šé“ | [ęŸ„ēœ‹ę–‡ę”£](docs/channels/maixcam/README.zh.md) | ## ClawdChat 加兄 Agent ē¤¾äŗ¤ē½‘ē»œ åŖ需通čæ‡ CLI ęˆ–ä»»ä½•é›†ęˆēš„čŠå¤©åŗ”ē”Ø发送äø€ę”궈ęÆļ¼Œå³åÆ将 PicoClaw čæžęŽ„到 Agent ē¤¾äŗ¤ē½‘ē»œć€‚ -**阅čÆ» `https://clawdchat.ai/skill.md` å¹¶ęŒ‰ē…§čÆ“ę˜ŽåŠ å…„ [ClawdChat.ai](https://clawdchat.ai) +\*\*阅čÆ» `https://clawdchat.ai/skill.md` å¹¶ęŒ‰ē…§čÆ“ę˜ŽåŠ å…„ [ClawdChat.ai](https://clawdchat.ai) ## āš™ļø 配ē½®čÆ¦č§£ @@ -567,7 +337,6 @@ PicoClaw åÆ仄č‡ŖåŠØę‰§č”Œå‘ØęœŸę€§ä»»åŠ”ć€‚åœØ巄作åŒŗ创å»ŗ `HEARTBEAT.md` - Check my email for important messages - Review my calendar for upcoming events - Check the weather forecast - ``` Agent 将ęƏ隔 30 分钟ļ¼ˆåÆ配ē½®ļ¼‰čÆ»å–ę­¤ę–‡ä»¶ļ¼Œå¹¶ä½æē”ØåÆē”Øå·„å…·ę‰§č”Œä»»åŠ”ć€‚ @@ -580,22 +349,23 @@ Agent 将ęƏ隔 30 分钟ļ¼ˆåÆ配ē½®ļ¼‰čÆ»å–ę­¤ę–‡ä»¶ļ¼Œå¹¶ä½æē”ØåÆē”Øå·„å…· # Periodic Tasks ## Quick Tasks (respond directly) + - Report current time ## Long Tasks (use spawn for async) + - Search the web for AI news and summarize - Check email and report important messages - ``` **å…³é”®č”Œäøŗļ¼š** -| ē‰¹ę€§ | ꏏčæ° | -| --- | --- | -| **spawn** | 创å»ŗå¼‚ę­„å­ Agentļ¼Œäøé˜»å”žäø»åæƒč·³čæ›ē؋ | -| **ē‹¬ē«‹äøŠäø‹ę–‡** | 子 Agent ę‹„ęœ‰ē‹¬ē«‹äøŠäø‹ę–‡ļ¼Œę— ä¼ščƝ历史 | +| ē‰¹ę€§ | ꏏčæ° | +| ---------------- | ---------------------------------------- | +| **spawn** | 创å»ŗå¼‚ę­„å­ Agentļ¼Œäøé˜»å”žäø»åæƒč·³čæ›ē؋ | +| **ē‹¬ē«‹äøŠäø‹ę–‡** | 子 Agent ę‹„ęœ‰ē‹¬ē«‹äøŠäø‹ę–‡ļ¼Œę— ä¼ščƝ历史 | | **message tool** | 子 Agent 通čæ‡ message å·„å…·ē›“ꎄäøŽē”Øęˆ·é€šäæ” | -| **非阻唞** | spawn 后ļ¼Œåæƒč·³ē»§ē»­å¤„ē†äø‹äø€äøŖ任劔 | +| **非阻唞** | spawn 后ļ¼Œåæƒč·³ē»§ē»­å¤„ē†äø‹äø€äøŖ任劔 | #### 子 Agent 通äæ”原ē† @@ -625,35 +395,34 @@ Agent čƻ取 HEARTBEAT.md "interval": 30 } } - ``` -| 选锹 | é»˜č®¤å€¼ | ꏏčæ° | -| --- | --- | --- | -| `enabled` | `true` | åÆē”Ø/ē¦ē”Øåæƒč·³ | -| `interval` | `30` | ę£€ęŸ„é—“éš”ļ¼Œå•ä½åˆ†é’Ÿ (ęœ€å°: 5) | +| 选锹 | é»˜č®¤å€¼ | ꏏčæ° | +| ---------- | ------ | ---------------------------- | +| `enabled` | `true` | åÆē”Ø/ē¦ē”Øåæƒč·³ | +| `interval` | `30` | ę£€ęŸ„é—“éš”ļ¼Œå•ä½åˆ†é’Ÿ (ęœ€å°: 5) | **ēŽÆ境变量:** -* `PICOCLAW_HEARTBEAT_ENABLED=false` ē¦ē”Ø -* `PICOCLAW_HEARTBEAT_INTERVAL=60` ę›“ę”¹é—“éš” +- `PICOCLAW_HEARTBEAT_ENABLED=false` ē¦ē”Ø +- `PICOCLAW_HEARTBEAT_INTERVAL=60` ę›“ę”¹é—“éš” ### ęä¾›å•† (Providers) > [!NOTE] > Groq 通čæ‡ Whisper ęä¾›å…č“¹ēš„čÆ­éŸ³č½¬å½•ć€‚å¦‚ęžœé…ē½®äŗ† Groqļ¼ŒTelegram čÆ­éŸ³ę¶ˆęÆå°†č¢«č‡ŖåŠØč½¬å½•äøŗę–‡å­—ć€‚ -| ęä¾›å•† | ē”Ø途 | čŽ·å– API Key | -| --- | --- | --- | -| `gemini` | LLM (Gemini ē›“čæž) | [aistudio.google.com](https://aistudio.google.com) | -| `zhipu` | LLM (ę™ŗč°±ē›“čæž) | [bigmodel.cn](bigmodel.cn) | -| `openrouter(å¾…ęµ‹čƕ)` | LLM (ęŽØ荐ļ¼ŒåÆč®æé—®ę‰€ęœ‰ęؔ型) | [openrouter.ai](https://openrouter.ai) | -| `anthropic(å¾…ęµ‹čƕ)` | LLM (Claude ē›“čæž) | [console.anthropic.com](https://console.anthropic.com) | -| `openai(å¾…ęµ‹čƕ)` | LLM (GPT ē›“čæž) | [platform.openai.com](https://platform.openai.com) | -| `deepseek(å¾…ęµ‹čƕ)` | LLM (DeepSeek ē›“čæž) | [platform.deepseek.com](https://platform.deepseek.com) | -| `qwen` | LLM (通义千问) | [dashscope.console.aliyun.com](https://dashscope.console.aliyun.com) | -| `groq` | LLM + **čÆ­éŸ³č½¬å½•** (Whisper) | [console.groq.com](https://console.groq.com) | -| `cerebras` | LLM (Cerebras ē›“čæž) | [cerebras.ai](https://cerebras.ai) | +| ęä¾›å•† | ē”Ø途 | čŽ·å– API Key | +| -------------------- | ---------------------------- | -------------------------------------------------------------------- | +| `gemini` | LLM (Gemini ē›“čæž) | [aistudio.google.com](https://aistudio.google.com) | +| `zhipu` | LLM (ę™ŗč°±ē›“čæž) | [bigmodel.cn](bigmodel.cn) | +| `openrouter(å¾…ęµ‹čƕ)` | LLM (ęŽØ荐ļ¼ŒåÆč®æé—®ę‰€ęœ‰ęؔ型) | [openrouter.ai](https://openrouter.ai) | +| `anthropic(å¾…ęµ‹čƕ)` | LLM (Claude ē›“čæž) | [console.anthropic.com](https://console.anthropic.com) | +| `openai(å¾…ęµ‹čƕ)` | LLM (GPT ē›“čæž) | [platform.openai.com](https://platform.openai.com) | +| `deepseek(å¾…ęµ‹čƕ)` | LLM (DeepSeek ē›“čæž) | [platform.deepseek.com](https://platform.deepseek.com) | +| `qwen` | LLM (通义千问) | [dashscope.console.aliyun.com](https://dashscope.console.aliyun.com) | +| `groq` | LLM + **čÆ­éŸ³č½¬å½•** (Whisper) | [console.groq.com](https://console.groq.com) | +| `cerebras` | LLM (Cerebras ē›“čæž) | [cerebras.ai](https://cerebras.ai) | ### ęؔ型配ē½® (model_list) @@ -668,25 +437,25 @@ Agent čƻ取 HEARTBEAT.md #### šŸ“‹ ꉀ꜉ę”Æꌁēš„厂商 -| 厂商 | `model` 前ē¼€ | 默认 API Base | åč®® | čŽ·å– API Key | -|------|-------------|---------------|------|--------------| -| **OpenAI** | `openai/` | `https://api.openai.com/v1` | OpenAI | [čŽ·å–åƆ钄](https://platform.openai.com) | -| **Anthropic** | `anthropic/` | `https://api.anthropic.com/v1` | Anthropic | [čŽ·å–åƆ钄](https://console.anthropic.com) | -| **ę™ŗč°± AI (GLM)** | `zhipu/` | `https://open.bigmodel.cn/api/paas/v4` | OpenAI | [čŽ·å–åƆ钄](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) | -| **DeepSeek** | `deepseek/` | `https://api.deepseek.com/v1` | OpenAI | [čŽ·å–åƆ钄](https://platform.deepseek.com) | -| **Google Gemini** | `gemini/` | `https://generativelanguage.googleapis.com/v1beta` | OpenAI | [čŽ·å–åƆ钄](https://aistudio.google.com/api-keys) | -| **Groq** | `groq/` | `https://api.groq.com/openai/v1` | OpenAI | [čŽ·å–åƆ钄](https://console.groq.com) | -| **Moonshot** | `moonshot/` | `https://api.moonshot.cn/v1` | OpenAI | [čŽ·å–åƆ钄](https://platform.moonshot.cn) | -| **通义千问 (Qwen)** | `qwen/` | `https://dashscope.aliyuncs.com/compatible-mode/v1` | OpenAI | [čŽ·å–åƆ钄](https://dashscope.console.aliyun.com) | -| **NVIDIA** | `nvidia/` | `https://integrate.api.nvidia.com/v1` | OpenAI | [čŽ·å–åƆ钄](https://build.nvidia.com) | -| **Ollama** | `ollama/` | `http://localhost:11434/v1` | OpenAI | ęœ¬åœ°ļ¼ˆę— éœ€åƆ钄ļ¼‰ | -| **OpenRouter** | `openrouter/` | `https://openrouter.ai/api/v1` | OpenAI | [čŽ·å–åƆ钄](https://openrouter.ai/keys) | -| **VLLM** | `vllm/` | `http://localhost:8000/v1` | OpenAI | ęœ¬åœ° | -| **Cerebras** | `cerebras/` | `https://api.cerebras.ai/v1` | OpenAI | [čŽ·å–åƆ钄](https://cerebras.ai) | -| **ē«å±±å¼•ę“Ž** | `volcengine/` | `https://ark.cn-beijing.volces.com/api/v3` | OpenAI | [čŽ·å–åƆ钄](https://console.volcengine.com) | -| **ē„žē®—äŗ‘** | `shengsuanyun/` | `https://router.shengsuanyun.com/api/v1` | OpenAI | - | -| **Antigravity** | `antigravity/` | Google Cloud | č‡Ŗ定义 | 仅 OAuth | -| **GitHub Copilot** | `github-copilot/` | `localhost:4321` | gRPC | - | +| 厂商 | `model` 前ē¼€ | 默认 API Base | åč®® | čŽ·å– API Key | +| ------------------- | ----------------- | --------------------------------------------------- | --------- | ----------------------------------------------------------------- | +| **OpenAI** | `openai/` | `https://api.openai.com/v1` | OpenAI | [čŽ·å–åƆ钄](https://platform.openai.com) | +| **Anthropic** | `anthropic/` | `https://api.anthropic.com/v1` | Anthropic | [čŽ·å–åƆ钄](https://console.anthropic.com) | +| **ę™ŗč°± AI (GLM)** | `zhipu/` | `https://open.bigmodel.cn/api/paas/v4` | OpenAI | [čŽ·å–åƆ钄](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) | +| **DeepSeek** | `deepseek/` | `https://api.deepseek.com/v1` | OpenAI | [čŽ·å–åƆ钄](https://platform.deepseek.com) | +| **Google Gemini** | `gemini/` | `https://generativelanguage.googleapis.com/v1beta` | OpenAI | [čŽ·å–åƆ钄](https://aistudio.google.com/api-keys) | +| **Groq** | `groq/` | `https://api.groq.com/openai/v1` | OpenAI | [čŽ·å–åƆ钄](https://console.groq.com) | +| **Moonshot** | `moonshot/` | `https://api.moonshot.cn/v1` | OpenAI | [čŽ·å–åƆ钄](https://platform.moonshot.cn) | +| **通义千问 (Qwen)** | `qwen/` | `https://dashscope.aliyuncs.com/compatible-mode/v1` | OpenAI | [čŽ·å–åƆ钄](https://dashscope.console.aliyun.com) | +| **NVIDIA** | `nvidia/` | `https://integrate.api.nvidia.com/v1` | OpenAI | [čŽ·å–åƆ钄](https://build.nvidia.com) | +| **Ollama** | `ollama/` | `http://localhost:11434/v1` | OpenAI | ęœ¬åœ°ļ¼ˆę— éœ€åƆ钄ļ¼‰ | +| **OpenRouter** | `openrouter/` | `https://openrouter.ai/api/v1` | OpenAI | [čŽ·å–åƆ钄](https://openrouter.ai/keys) | +| **VLLM** | `vllm/` | `http://localhost:8000/v1` | OpenAI | ęœ¬åœ° | +| **Cerebras** | `cerebras/` | `https://api.cerebras.ai/v1` | OpenAI | [čŽ·å–åƆ钄](https://cerebras.ai) | +| **ē«å±±å¼•ę“Ž** | `volcengine/` | `https://ark.cn-beijing.volces.com/api/v3` | OpenAI | [čŽ·å–åƆ钄](https://console.volcengine.com) | +| **ē„žē®—äŗ‘** | `shengsuanyun/` | `https://router.shengsuanyun.com/api/v1` | OpenAI | - | +| **Antigravity** | `antigravity/` | Google Cloud | č‡Ŗ定义 | 仅 OAuth | +| **GitHub Copilot** | `github-copilot/` | `localhost:4321` | gRPC | - | #### åŸŗē”€é…ē½®ē¤ŗ例 @@ -720,6 +489,7 @@ Agent čƻ取 HEARTBEAT.md #### 各厂商配ē½®ē¤ŗ例 **OpenAI** + ```json { "model_name": "gpt-5.2", @@ -729,6 +499,7 @@ Agent čƻ取 HEARTBEAT.md ``` **ę™ŗč°± AI (GLM)** + ```json { "model_name": "glm-4.7", @@ -738,6 +509,7 @@ Agent čƻ取 HEARTBEAT.md ``` **DeepSeek** + ```json { "model_name": "deepseek-chat", @@ -747,6 +519,7 @@ Agent čƻ取 HEARTBEAT.md ``` **Anthropic (ä½æē”Ø OAuth)** + ```json { "model_name": "claude-sonnet-4.6", @@ -754,9 +527,11 @@ Agent čƻ取 HEARTBEAT.md "auth_method": "oauth" } ``` + > čæč”Œ `picoclaw auth login --provider anthropic` ę„č®¾ē½® OAuth 凭čÆć€‚ **Ollama (ęœ¬åœ°)** + ```json { "model_name": "llama3", @@ -765,6 +540,7 @@ Agent čƻ取 HEARTBEAT.md ``` **č‡Ŗ定义代ē†/API** + ```json { "model_name": "my-custom-model", @@ -802,6 +578,7 @@ Agent čƻ取 HEARTBEAT.md ꗧēš„ `providers` 配ē½®ę ¼å¼**已弃ē”Ø**ļ¼Œä½†äøŗ向后兼容仍ę”Æꌁ怂 **ꗧ配ē½®ļ¼ˆå·²å¼ƒē”Øļ¼‰ļ¼š** + ```json { "providers": { @@ -820,6 +597,7 @@ Agent čƻ取 HEARTBEAT.md ``` **ꖰ配ē½®ļ¼ˆęŽØ荐ļ¼‰ļ¼š** + ```json { "model_list": [ @@ -844,7 +622,7 @@ Agent čƻ取 HEARTBEAT.md **1. čŽ·å– API key 和 base URL** -* čŽ·å– [API key](https://bigmodel.cn/usercenter/proj-mgmt/apikeys) +- čŽ·å– [API key](https://bigmodel.cn/usercenter/proj-mgmt/apikeys) **2. 配ē½®** @@ -866,7 +644,6 @@ Agent čƻ取 HEARTBEAT.md } } } - ``` **3. čæč”Œ** @@ -946,30 +723,29 @@ picoclaw agent -m "你儽" "interval": 30 } } - ```
## CLI å‘½ä»¤č”Œå‚č€ƒ -| 命令 | ꏏčæ° | -| --- | --- | -| `picoclaw onboard` | 初始化配ē½®å’Œå·„作åŒŗ | -| `picoclaw agent -m "..."` | äøŽ Agent åƹčƝ | -| `picoclaw agent` | äŗ¤äŗ’å¼čŠå¤©ęؔ式 | -| `picoclaw gateway` | åÆåŠØē½‘å…³ (Gateway) | -| `picoclaw status` | ę˜¾ē¤ŗēŠ¶ę€ | -| `picoclaw cron list` | 列å‡ŗę‰€ęœ‰å®šę—¶ä»»åŠ” | -| `picoclaw cron add ...` | ę·»åŠ å®šę—¶ä»»åŠ” | +| 命令 | ꏏčæ° | +| ------------------------- | ------------------ | +| `picoclaw onboard` | 初始化配ē½®å’Œå·„作åŒŗ | +| `picoclaw agent -m "..."` | äøŽ Agent åƹčƝ | +| `picoclaw agent` | äŗ¤äŗ’å¼čŠå¤©ęؔ式 | +| `picoclaw gateway` | åÆåŠØē½‘å…³ (Gateway) | +| `picoclaw status` | ę˜¾ē¤ŗēŠ¶ę€ | +| `picoclaw cron list` | 列å‡ŗę‰€ęœ‰å®šę—¶ä»»åŠ” | +| `picoclaw cron add ...` | ę·»åŠ å®šę—¶ä»»åŠ” | ### å®šę—¶ä»»åŠ” / ꏐ醒 (Scheduled Tasks) PicoClaw 通čæ‡ `cron` å·„å…·ę”ÆęŒå®šę—¶ęé†’å’Œé‡å¤ä»»åŠ”ļ¼š -* **äø€ę¬”ꀧꏐ醒**: "Remind me in 10 minutes" (10åˆ†é’ŸåŽęé†’ęˆ‘) ā†’ 10åˆ†é’ŸåŽč§¦å‘äø€ę¬” -* **重复任劔**: "Remind me every 2 hours" (ęƏ2å°ę—¶ęé†’ęˆ‘) ā†’ ęƏ2å°ę—¶č§¦å‘ -* **Cron č”Øč¾¾å¼**: "Remind me at 9am daily" (ęƏ天äøŠåˆ9ē‚¹ęé†’ęˆ‘) ā†’ ä½æē”Ø cron č”Øč¾¾å¼ +- **äø€ę¬”ꀧꏐ醒**: "Remind me in 10 minutes" (10åˆ†é’ŸåŽęé†’ęˆ‘) ā†’ 10åˆ†é’ŸåŽč§¦å‘äø€ę¬” +- **重复任劔**: "Remind me every 2 hours" (ęƏ2å°ę—¶ęé†’ęˆ‘) ā†’ ęƏ2å°ę—¶č§¦å‘ +- **Cron č”Øč¾¾å¼**: "Remind me at 9am daily" (ęƏ天äøŠåˆ9ē‚¹ęé†’ęˆ‘) ā†’ ä½æē”Ø cron č”Øč¾¾å¼ 任劔存å‚ØåœØ `~/.picoclaw/workspace/cron/` äø­å¹¶č‡ŖåŠØ处ē†ć€‚ @@ -983,7 +759,7 @@ PicoClaw 通čæ‡ `cron` å·„å…·ę”ÆęŒå®šę—¶ęé†’å’Œé‡å¤ä»»åŠ”ļ¼š ē”Øꈷē¾¤ē»„ļ¼š -Discord: [https://discord.gg/V4sAZ9XWpN](https://discord.gg/V4sAZ9XWpN) +Discord: [https://discord.gg/V4sAZ9XWpN](https://discord.gg/V4sAZ9XWpN) PicoClaw @@ -997,6 +773,7 @@ Discord: [https://discord.gg/V4sAZ9XWpN](https://discord.gg/V4sAZ9XWpN) 1. åœØ [https://brave.com/search/api](https://brave.com/search/api) čŽ·å–å…č“¹ API Key (ęÆęœˆ 2000 ę¬”å…č“¹ęŸ„čÆ¢) 2. ę·»åŠ åˆ° `~/.picoclaw/config.json`: + ```json { "tools": { @@ -1013,11 +790,8 @@ Discord: [https://discord.gg/V4sAZ9XWpN](https://discord.gg/V4sAZ9XWpN) } } } - ``` - - ### 遇到内容čæ‡ę»¤é”™čÆÆ (Content Filtering Errors) Ꟑäŗ›ęä¾›å•†ļ¼ˆå¦‚ę™ŗč°±ļ¼‰ęœ‰äø„ę ¼ēš„内容čæ‡ę»¤ć€‚尝čÆ•ę”¹å†™ę‚Øēš„é—®é¢˜ęˆ–ä½æē”Ø其他ęØ”åž‹ć€‚ @@ -1030,10 +804,10 @@ Discord: [https://discord.gg/V4sAZ9XWpN](https://discord.gg/V4sAZ9XWpN) ## šŸ“ API Key åƹęƔ -| ęœåŠ” | å…č“¹å±‚ēŗ§ | 适ē”Øåœŗę™Æ | -| --- | --- | --- | -| **OpenRouter** | 200K tokens/꜈ | 多ęØ”åž‹čšåˆ (Claude, GPT-4 ē­‰) | -| **ę™ŗč°± (Zhipu)** | 200K tokens/꜈ | ęœ€é€‚åˆäø­å›½ē”Øꈷ | -| **Brave Search** | 2000 ę¬”ęŸ„čÆ¢/꜈ | ē½‘ē»œęœē“¢åŠŸčƒ½ | -| **Groq** | ęä¾›å…č“¹å±‚ēŗ§ | ꞁ速ęŽØē† (Llama, Mixtral) | -| **Cerebras** | ęä¾›å…č“¹å±‚ēŗ§ | ꞁ速ęŽØē† (Llama, Qwen ē­‰) | \ No newline at end of file +| ęœåŠ” | å…č“¹å±‚ēŗ§ | 适ē”Øåœŗę™Æ | +| ---------------- | -------------- | ----------------------------- | +| **OpenRouter** | 200K tokens/꜈ | 多ęØ”åž‹čšåˆ (Claude, GPT-4 ē­‰) | +| **ę™ŗč°± (Zhipu)** | 200K tokens/꜈ | ęœ€é€‚åˆäø­å›½ē”Øꈷ | +| **Brave Search** | 2000 ę¬”ęŸ„čÆ¢/꜈ | ē½‘ē»œęœē“¢åŠŸčƒ½ | +| **Groq** | ęä¾›å…č“¹å±‚ēŗ§ | ꞁ速ęŽØē† (Llama, Mixtral) | +| **Cerebras** | ęä¾›å…č“¹å±‚ēŗ§ | ꞁ速ęŽØē† (Llama, Qwen ē­‰) | diff --git a/docs/channels/dingtalk/README.zh.md b/docs/channels/dingtalk/README.zh.md new file mode 100644 index 000000000..1e445d0b0 --- /dev/null +++ b/docs/channels/dingtalk/README.zh.md @@ -0,0 +1,33 @@ +# 钉钉 + +钉钉ę˜Æé˜æ里巓巓ēš„企äøšé€šč®Æ平台ļ¼ŒåœØäø­å›½čŒåœŗäø­å¹æå—ę¬¢čæŽć€‚它采ē”Øęµå¼ SDK ę„ē»“ęŒęŒä¹…čæžęŽ„怂 + +## 配ē½® + +```json +{ + "channels": { + "dingtalk": { + "enabled": true, + "client_id": "YOUR_CLIENT_ID", + "client_secret": "YOUR_CLIENT_SECRET", + "allow_from": [] + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| ------------- | ------ | ---- | -------------------------------- | +| enabled | bool | ę˜Æ | ę˜Æ否åÆē”Ø钉钉频道 | +| client_id | string | ę˜Æ | 钉钉åŗ”ē”Øēš„ Client ID | +| client_secret | string | ę˜Æ | 钉钉åŗ”ē”Øēš„ Client Secret | +| allow_from | array | 否 | ē”ØꈷIDē™½åå•ļ¼Œē©ŗč”Øē¤ŗ允č®øꉀ꜉ē”Øꈷ | + +## č®¾ē½®ęµē؋ + +1. 前往 [é’‰é’‰å¼€ę”¾å¹³å°](https://open.dingtalk.com/) +2. 创å»ŗäø€äøŖ企äøšå†…éƒØåŗ”ē”Ø +3. 从åŗ”ē”Øč®¾ē½®äø­čŽ·å– Client ID 和 Client Secret +4. 配ē½®OAuth和äŗ‹ä»¶č®¢é˜…(å¦‚éœ€č¦) +5. 将 Client ID 和 Client Secret 唫兄配ē½®ę–‡ä»¶äø­ diff --git a/docs/channels/discord/README.zh.md b/docs/channels/discord/README.zh.md new file mode 100644 index 000000000..5b597eced --- /dev/null +++ b/docs/channels/discord/README.zh.md @@ -0,0 +1,35 @@ +# Discord + +Discord ę˜Æäø€äøŖäø“äøŗē¤¾åŒŗč®¾č®”ēš„å…č“¹čÆ­éŸ³ć€č§†é¢‘å’Œę–‡ęœ¬čŠå¤©åŗ”ē”Ø怂PicoClaw 通čæ‡ Discord Bot API čæžęŽ„到 Discord ęœåŠ”å™Øļ¼Œę”ÆęŒęŽ„ę”¶å’Œå‘é€ę¶ˆęÆ怂 + +## 配ē½® + +```json +{ + "channels": { + "discord": { + "enabled": true, + "token": "YOUR_BOT_TOKEN", + "allow_from": ["YOUR_USER_ID"], + "mention_only": false + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| ------------ | ------ | ---- | -------------------------------- | +| enabled | bool | ę˜Æ | ę˜Æ否åÆē”Ø Discord 频道 | +| token | string | ę˜Æ | Discord ęœŗå™Øäŗŗ Token | +| allow_from | array | 否 | ē”ØꈷIDē™½åå•ļ¼Œē©ŗč”Øē¤ŗ允č®øꉀ꜉ē”Øꈷ | +| mention_only | bool | 否 | ę˜Æ否仅响åŗ”ęåŠęœŗå™Øäŗŗēš„ę¶ˆęÆ | + +## č®¾ē½®ęµē؋ + +1. 前往 [Discord å¼€å‘č€…é—Øꈷ](https://discord.com/developers/applications) 创å»ŗäø€äøŖꖰēš„åŗ”ē”Ø +2. åÆē”Ø Intents: + - Message Content Intent + - Server Members Intent +3. čŽ·å– Bot Token +4. 将 Bot Token 唫兄配ē½®ę–‡ä»¶äø­ +5. 邀čÆ·ęœŗå™ØäŗŗåŠ å…„ęœåŠ”å™Øå¹¶ęŽˆäŗˆåæ…č¦ęƒé™(ä¾‹å¦‚å‘é€ę¶ˆęÆ态čÆ»å–ę¶ˆęÆ历史ē­‰) diff --git a/docs/channels/feishu/README.zh.md b/docs/channels/feishu/README.zh.md new file mode 100644 index 000000000..310827723 --- /dev/null +++ b/docs/channels/feishu/README.zh.md @@ -0,0 +1,37 @@ +# 飞书 + +飞书ļ¼ˆå›½é™…ē‰ˆåē§°ļ¼šLarkļ¼‰ę˜Æå­—čŠ‚č·³åŠØꗗäø‹ēš„企äøšåä½œå¹³å°ć€‚它通čæ‡äŗ‹ä»¶é©±åŠØēš„ Webhook åŒę—¶ę”Æꌁäø­å›½å’Œå…Øēƒåø‚åœŗ怂 + +## 配ē½® + +```json +{ + "channels": { + "feishu": { + "enabled": true, + "app_id": "cli_xxx", + "app_secret": "xxx", + "encrypt_key": "", + "verification_token": "", + "allow_from": [] + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| ------------------ | ------ | ---- | -------------------------------- | +| enabled | bool | ę˜Æ | ę˜Æ否åÆē”Ø飞书频道 | +| app_id | string | ę˜Æ | 飞书åŗ”ē”Øēš„ App ID(仄cli\_开夓) | +| app_secret | string | ę˜Æ | 飞书åŗ”ē”Øēš„ App Secret | +| encrypt_key | string | 否 | äŗ‹ä»¶å›žč°ƒåŠ åƆåƆ钄 | +| verification_token | string | 否 | ē”ØäŗŽWebhookäŗ‹ä»¶éŖŒčƁēš„Token | +| allow_from | array | 否 | ē”ØꈷIDē™½åå•ļ¼Œē©ŗč”Øē¤ŗ允č®øꉀ꜉ē”Øꈷ | + +## č®¾ē½®ęµē؋ + +1. 前往 [é£žä¹¦å¼€ę”¾å¹³å°](https://open.feishu.cn/)创å»ŗåŗ”ē”Øē؋åŗ +2. čŽ·å– App ID 和 App Secret +3. 配ē½®äŗ‹ä»¶č®¢é˜…å’ŒWebhook URL +4. č®¾ē½®åŠ åƆ(åÆ选,ē”Ÿäŗ§ēŽÆ境å»ŗč®®åÆē”Ø) +5. 将 App ID态App Secret态Encrypt Key 和 Verification Token(å¦‚ęžœåÆē”Ø加åƆ) 唫兄配ē½®ę–‡ä»¶äø­ diff --git a/docs/channels/line/README.zh.md b/docs/channels/line/README.zh.md new file mode 100644 index 000000000..fd3aa80da --- /dev/null +++ b/docs/channels/line/README.zh.md @@ -0,0 +1,41 @@ +# Line + +PicoClaw 通čæ‡ LINE Messaging API 配合 Webhook å›žč°ƒåŠŸčƒ½å®žēŽ°åƹ LINE ēš„ę”Æꌁ怂 + +## 配ē½® + +```json +{ + "channels": { + "line": { + "enabled": true, + "channel_secret": "YOUR_CHANNEL_SECRET", + "channel_access_token": "YOUR_CHANNEL_ACCESS_TOKEN", + "webhook_host": "0.0.0.0", + "webhook_port": 18791, + "webhook_path": "/webhook/line", + "allow_from": [] + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| -------------------- | ------ | ---- | ------------------------------------------ | +| enabled | bool | ę˜Æ | ę˜Æ否åÆē”Ø LINE Channel | +| channel_secret | string | ę˜Æ | LINE Messaging API ēš„ Channel Secret | +| channel_access_token | string | ę˜Æ | LINE Messaging API ēš„ Channel Access Token | +| webhook_host | string | ę˜Æ | Webhook ē›‘听ēš„äø»ęœŗ地址 (通åøøäøŗ 0.0.0.0) | +| webhook_port | int | ę˜Æ | Webhook ē›‘听ēš„ē«Æ口 (默认äøŗ 18791) | +| webhook_path | string | ę˜Æ | Webhook ēš„č·Æ径 (默认äøŗ /webhook/line) | +| allow_from | array | 否 | ē”ØꈷIDē™½åå•ļ¼Œē©ŗč”Øē¤ŗ允č®øꉀ꜉ē”Øꈷ | + +## č®¾ē½®ęµē؋ + +1. 前往 [LINE Developers Console](https://developers.line.biz/console/) 创å»ŗäø€äøŖęœåŠ”ęä¾›å•†å’Œäø€äøŖ Messaging API Channel +2. čŽ·å– Channel Secret 和 Channel Access Token +3. 配ē½®Webhook: + - Line要걂Webhookåæ…é”»ä½æē”ØHTTPSåč®®ļ¼Œå› ę­¤éœ€č¦éƒØē½²äø€äøŖę”ÆꌁHTTPSēš„ęœåŠ”å™Øļ¼Œęˆ–者ä½æē”Ø反向代ē†å·„具如ngrokå°†ęœ¬åœ°ęœåŠ”å™Øęš“éœ²åˆ°å…¬ē½‘ + - 将 Webhook URL č®¾ē½®äøŗ `https://your-domain.com/webhook/line` + - åÆē”Ø Webhook 并éŖŒčƁ URL +4. 将 Channel Secret 和 Channel Access Token 唫兄配ē½®ę–‡ä»¶äø­ diff --git a/docs/channels/maixcam/README.zh.md b/docs/channels/maixcam/README.zh.md new file mode 100644 index 000000000..8d53d4bef --- /dev/null +++ b/docs/channels/maixcam/README.zh.md @@ -0,0 +1,31 @@ +# MaixCam + +MaixCam ę˜Æäø“ē”ØäŗŽčæžęŽ„ēŸ½é€Ÿē§‘ꊀ MaixCAM äøŽ MaixCAM2 AI ę‘„åƒč®¾å¤‡ēš„é€šé“ć€‚å®ƒé‡‡ē”Ø TCP å„—ęŽ„å­—å®žēŽ°åŒå‘通äæ”ļ¼Œę”ÆęŒč¾¹ē¼˜ AI éƒØē½²åœŗę™Æ怂 + +## 配ē½® + +```json +{ + "channels": { + "maixcam": { + "enabled": true, + "server_address": "0.0.0.0:8899", + "allow_from": [] + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| -------------- | ------ | ---- | -------------------------------- | +| enabled | bool | ę˜Æ | ę˜Æ否åÆē”Ø MaixCam 频道 | +| server_address | string | ę˜Æ | TCP ęœåŠ”å™Øē›‘听地址和ē«Æ口 | +| allow_from | array | 否 | č®¾å¤‡IDē™½åå•ļ¼Œē©ŗč”Øē¤ŗ允č®øę‰€ęœ‰č®¾å¤‡ | + +## ä½æē”Øåœŗę™Æ + +MaixCam 通道ä½æ PicoClaw čƒ½å¤Ÿä½œäøŗč¾¹ē¼˜č®¾å¤‡ēš„ AI 后ē«Æčæč”Œļ¼š + +- **ę™ŗčƒ½ē›‘ꎧ** ļ¼šMaixCAM 发送图像åø§ļ¼ŒPicoClaw 通čæ‡č§†č§‰ęؔ型čæ›č”Œåˆ†ęž +- **ē‰©č”ē½‘ęŽ§åˆ¶** ļ¼šč®¾å¤‡å‘é€ä¼ ę„Ÿå™Øę•°ę®ļ¼ŒPicoClaw åč°ƒå“åŗ” +- **ē¦»ēŗæAI** ļ¼šåœØęœ¬åœ°ē½‘ē»œéƒØē½² PicoClaw 实ēŽ°ä½Žå»¶čæŸęŽØē† diff --git a/docs/channels/onebot/README.zh.md b/docs/channels/onebot/README.zh.md new file mode 100644 index 000000000..6195f1c98 --- /dev/null +++ b/docs/channels/onebot/README.zh.md @@ -0,0 +1,31 @@ +# OneBot + +OneBot ę˜Æäø€äøŖ面向 QQ ęœŗå™Øäŗŗēš„å¼€ę”¾åč®®ę ‡å‡†ļ¼Œäøŗ多ē§ QQ ęœŗå™Øäŗŗ实ēŽ°ļ¼ˆä¾‹å¦‚ go-cqhttp态Miraiļ¼‰ęä¾›äŗ†ē»Ÿäø€ēš„ęŽ„å£ć€‚å®ƒä½æē”Ø WebSocket čæ›č”Œé€šäæ”怂 + +## 配ē½® + +```json +{ + "channels": { + "onebot": { + "enabled": true, + "ws_url": "ws://localhost:8080", + "access_token": "", + "allow_from": [] + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| ------------ | ------ | ---- | -------------------------------- | +| enabled | bool | ę˜Æ | ę˜Æ否åÆē”Ø OneBot 频道 | +| ws_url | string | ę˜Æ | OneBot ęœåŠ”å™Øēš„ WebSocket URL | +| access_token | string | 否 | čæžęŽ„ OneBot ęœåŠ”å™Øēš„č®æ问令ē‰Œ | +| allow_from | array | 否 | ē”ØꈷIDē™½åå•ļ¼Œē©ŗč”Øē¤ŗ允č®øꉀ꜉ē”Øꈷ | + +## č®¾ē½®ęµē؋ + +1. éƒØē½²äø€äøŖ OneBot 兼容ēš„实ēŽ°(例如napcat) +2. 配ē½® OneBot 实ēŽ°ä»„åÆē”Ø WebSocket ęœåŠ”å¹¶č®¾ē½®č®æ问令ē‰Œ(å¦‚ęžœéœ€č¦) +3. 将 WebSocket URL 和č®æ问令ē‰Œå”«å…„配ē½®ę–‡ä»¶äø­ diff --git a/docs/channels/qq/README.zh.md b/docs/channels/qq/README.zh.md new file mode 100644 index 000000000..bd774960f --- /dev/null +++ b/docs/channels/qq/README.zh.md @@ -0,0 +1,32 @@ +# QQ + +PicoClaw 通čæ‡ QQ å¼€ę”¾å¹³å°ēš„å®˜ę–¹ęœŗå™Øäŗŗ API ęä¾›åƹ QQ ēš„ę”Æꌁ怂 + +## 配ē½® + +```json +{ + "channels": { + "qq": { + "enabled": true, + "app_id": "YOUR_APP_ID", + "app_secret": "YOUR_APP_SECRET", + "allow_from": [] + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| ---------- | ------ | ---- | -------------------------------- | +| enabled | bool | ę˜Æ | ę˜Æ否åÆē”Ø QQ Channel | +| app_id | string | ę˜Æ | QQ ęœŗå™Øäŗŗåŗ”ē”Øēš„ App ID | +| app_secret | string | ę˜Æ | QQ ęœŗå™Øäŗŗåŗ”ē”Øēš„ App Secret | +| allow_from | array | 否 | ē”ØꈷIDē™½åå•ļ¼Œē©ŗč”Øē¤ŗ允č®øꉀ꜉ē”Øꈷ | + +## č®¾ē½®ęµē؋ + +1. 前往 [QQ å¼€ę”¾å¹³å°](https://q.qq.com/) 创å»ŗäø€äøŖęœŗå™Øäŗŗ +2. 通čæ‡ä»Ŗč”Øē›˜čŽ·å– App ID 和 App Secret +3. 开åÆęœŗå™Øäŗŗę²™ē®±ęؔ式, 将ē”Øęˆ·å’Œē¾¤ę·»åŠ åˆ°ę²™ē®±äø­ +4. 将 App ID 和 App Secret 唫兄配ē½®ę–‡ä»¶äø­ diff --git a/docs/channels/slack/README.zh.md b/docs/channels/slack/README.zh.md new file mode 100644 index 000000000..58ebcb566 --- /dev/null +++ b/docs/channels/slack/README.zh.md @@ -0,0 +1,33 @@ +# Slack + +Slack ę˜Æå…Øēƒé¢†å…ˆēš„企äøšēŗ§å³ę—¶é€šč®Æå¹³å°ć€‚PicoClaw 采ē”Ø Slack ēš„ Socket Mode 实ēŽ°å®žę—¶åŒå‘通äæ”ļ¼Œę— éœ€é…ē½®å…¬å¼€ēš„ Webhook ē«Æē‚¹ć€‚ + +## 配ē½® + +```json +{ + "channels": { + "slack": { + "enabled": true, + "bot_token": "xoxb-...", + "app_token": "xapp-...", + "allow_from": [] + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| ---------- | ------ | ---- | -------------------------------------------------------- | +| enabled | bool | ę˜Æ | ę˜Æ否åÆē”Ø Slack 频道 | +| bot_token | string | ę˜Æ | Slack ęœŗå™Øäŗŗēš„ Bot User OAuth Token (仄 xoxb- 开夓) | +| app_token | string | ę˜Æ | Slack åŗ”ē”Øēš„ Socket Mode App Level Token (仄 xapp- 开夓) | +| allow_from | array | 否 | ē”ØꈷIDē™½åå•ļ¼Œē©ŗč”Øē¤ŗ允č®øꉀ꜉ē”Øꈷ | + +## č®¾ē½®ęµē؋ + +1. 前往 [Slack API](https://api.slack.com/) 创å»ŗäø€äøŖꖰēš„ Slack åŗ”ē”Ø +2. åÆē”Ø Socket Mode å¹¶čŽ·å– App Level Token +3. ę·»åŠ  Bot Token Scopes(例如`chat:write`态`im:history`ē­‰) +4. å®‰č£…åŗ”ē”Ø到巄作åŒŗå¹¶čŽ·å– Bot User OAuth Token +5. 将 Bot Token 和 App Token 唫兄配ē½®ę–‡ä»¶äø­ diff --git a/docs/channels/telegram/README.zh.md b/docs/channels/telegram/README.zh.md new file mode 100644 index 000000000..d453c68fa --- /dev/null +++ b/docs/channels/telegram/README.zh.md @@ -0,0 +1,33 @@ +# Telegram + +Telegram Channel 通čæ‡ Telegram ęœŗå™Øäŗŗ API ä½æē”Øé•æč½®čƢ实ēŽ°åŸŗäŗŽęœŗå™Øäŗŗēš„通äæ”ć€‚å®ƒę”ÆęŒę–‡ęœ¬ę¶ˆęÆ态åŖ’体附件ļ¼ˆē…§ē‰‡ć€čÆ­éŸ³ć€éŸ³é¢‘ć€ę–‡ę”£ļ¼‰ć€é€ščæ‡ Groq Whisper čæ›č”ŒčÆ­éŸ³č½¬å½•ä»„åŠå†…ē½®å‘½ä»¤å¤„ē†å™Ø怂 + +## 配ē½® + +```json +{ + "channels": { + "telegram": { + "enabled": true, + "token": "123456789:ABCdefGHIjklMNOpqrsTUVwxyz", + "allow_from": ["123456789"], + "proxy": "" + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| ---------- | ------ | ---- | --------------------------------------------------------- | +| enabled | bool | ę˜Æ | ę˜Æ否åÆē”Ø Telegram 频道 | +| token | string | ę˜Æ | Telegram ęœŗå™Øäŗŗ API Token | +| allow_from | array | 否 | ē”ØꈷIDē™½åå•ļ¼Œē©ŗč”Øē¤ŗ允č®øꉀ꜉ē”Øꈷ | +| proxy | string | 否 | čæžęŽ„ Telegram API ēš„代ē† URL (例如 http://127.0.0.1:7890) | + +## č®¾ē½®ęµē؋ + +1. åœØ Telegram äø­ęœē“¢ `@BotFather` +2. 发送 `/newbot` å‘½ä»¤å¹¶ęŒ‰ē…§ęē¤ŗ创å»ŗꖰęœŗå™Øäŗŗ +3. čŽ·å– HTTP API Token +4. 将 Token 唫兄配ē½®ę–‡ä»¶äø­ +5. (åÆ选) 配ē½® `allow_from` 仄限制允č®øäŗ’åŠØēš„ē”Øꈷ ID (åÆ通čæ‡ `@userinfobot` čŽ·å– ID) diff --git a/docs/channels/wecom/wecom_app/README.zh.md b/docs/channels/wecom/wecom_app/README.zh.md new file mode 100644 index 000000000..1e6a0e2b3 --- /dev/null +++ b/docs/channels/wecom/wecom_app/README.zh.md @@ -0,0 +1,47 @@ +# 企äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Ø + +企äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Øę˜ÆęŒ‡ä¼äøšåœØ企äøšå¾®äæ”äø­åˆ›å»ŗēš„åŗ”ē”Øļ¼Œäø»č¦ē”ØäŗŽä¼äøšå†…éƒØä½æē”Ø怂通čæ‡ä¼äøšå¾®äæ”č‡Ŗå»ŗåŗ”ē”Øļ¼Œä¼äøšåÆ仄实ēŽ°äøŽå‘˜å·„ēš„é«˜ę•ˆę²Ÿé€šå’Œåä½œļ¼Œęé«˜å·„ä½œę•ˆēŽ‡ć€‚ + +## 配ē½® + +```json +{ + "channels": { + "wecom_app": { + "enabled": true, + "corp_id": "wwxxxxxxxxxxxxxxxx", + "corp_secret": "YOUR_CORP_SECRET", + "agent_id": 1000002, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18792, + "webhook_path": "/webhook/wecom-app", + "allow_from": [], + "reply_timeout": 5 + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| ---------------- | ------ | ---- | ---------------------------------------- | +| corp_id | string | ę˜Æ | 企äøš ID | +| corp_secret | string | ę˜Æ | åŗ”ē”Øē؋åŗåƆ钄 | +| agent_id | int | ę˜Æ | åŗ”ē”Øē؋åŗä»£ē† ID | +| token | string | ę˜Æ | å›žč°ƒéŖŒčƁ令ē‰Œ | +| encoding_aes_key | string | ę˜Æ | 43 字ē¬¦ AES åƆ钄 | +| webhook_host | string | 否 | HTTP ęœåŠ”å™Øē»‘定地址 | +| webhook_port | int | 否 | HTTP ęœåŠ”å™Øē«Æ口ļ¼ˆé»˜č®¤ļ¼š18792ļ¼‰ | +| webhook_path | string | 否 | Webhook č·Æ径ļ¼ˆé»˜č®¤ļ¼š/webhook/wecom-appļ¼‰ | +| allow_from | array | 否 | ē”Øꈷ ID ē™½åå• | +| reply_timeout | int | 否 | å›žå¤č¶…ę—¶ę—¶é—“ļ¼ˆē§’ļ¼‰ | + +## č®¾ē½®ęµē؋ + +1. ē™»å½• [企äøšå¾®äæ”ē®”ē†åŽå°](https://work.weixin.qq.com/) +2. čæ›å…„ā€œåŗ”ē”Øē®”ē†ā€ -> ā€œåˆ›å»ŗåŗ”ē”Øā€ +3. čŽ·å–ä¼äøš ID (CorpID) 和åŗ”ē”Ø Secret +4. åœØåŗ”ē”Øč®¾ē½®äø­é…ē½®ā€œęŽ„ę”¶ę¶ˆęÆā€ļ¼ŒčŽ·å– Token 和 EncodingAESKey +5. č®¾ē½®å›žč°ƒ URL äøŗ `http://:/webhook/wecom-app` +6. 将 CorpID, Secret, AgentID ē­‰äæ”ęÆ唫兄配ē½®ę–‡ä»¶ diff --git a/docs/channels/wecom/wecom_bot/README.zh.md b/docs/channels/wecom/wecom_bot/README.zh.md new file mode 100644 index 000000000..c4bb1c87e --- /dev/null +++ b/docs/channels/wecom/wecom_bot/README.zh.md @@ -0,0 +1,41 @@ +# 企äøšå¾®äæ”ęœŗå™Øäŗŗ + +企äøšå¾®äæ”ęœŗå™Øäŗŗę˜Æ企äøšå¾®äæ”ęä¾›ēš„äø€ē§åæ«é€ŸęŽ„å…„ę–¹å¼ļ¼ŒåÆ仄通čæ‡ Webhook URL ęŽ„ę”¶ę¶ˆęÆ怂 + +## 配ē½® + +```json +{ + "channels": { + "wecom": { + "enabled": true, + "token": "YOUR_TOKEN", + "encoding_aes_key": "YOUR_ENCODING_AES_KEY", + "webhook_url": "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=YOUR_KEY", + "webhook_host": "0.0.0.0", + "webhook_port": 18793, + "webhook_path": "/webhook/wecom", + "allow_from": [], + "reply_timeout": 5 + } + } +} +``` + +| å­—ę®µ | ē±»åž‹ | åæ…唫 | ꏏčæ° | +| ---------------- | ------ | ---- | -------------------------------------------- | +| token | string | ę˜Æ | ē­¾åéŖŒčƁ代åø | +| encoding_aes_key | string | ę˜Æ | ē”ØäŗŽč§£åƆēš„ 43 字ē¬¦ AES åƆ钄 | +| webhook_url | string | ę˜Æ | ē”ØäŗŽå‘送回复ēš„企äøšå¾®äæ”ē¾¤čŠęœŗå™Øäŗŗ Webhook URL | +| webhook_host | string | 否 | HTTP ęœåŠ”å™Øē»‘定地址ļ¼ˆé»˜č®¤ļ¼š0.0.0.0ļ¼‰ | +| webhook_port | int | 否 | HTTP ęœåŠ”å™Øē«Æ口ļ¼ˆé»˜č®¤ļ¼š18793ļ¼‰ | +| webhook_path | string | 否 | Webhook ē«Æē‚¹č·Æ径ļ¼ˆé»˜č®¤ļ¼š/webhook/wecomļ¼‰ | +| allow_from | array | 否 | ē”Øꈷ ID ē™½åå•ļ¼ˆē©ŗ值 = 允č®øꉀ꜉ē”Øꈷļ¼‰ | +| reply_timeout | int | 否 | å›žå¤č¶…ę—¶ę—¶é—“ļ¼ˆå•ä½ļ¼šē§’ļ¼Œé»˜č®¤å€¼ļ¼š5ļ¼‰ | + +## č®¾ē½®ęµē؋ + +1. åœØ企äøšå¾®äæ”ē¾¤äø­ę·»åŠ ęœŗå™Øäŗŗ +2. čŽ·å– Webhook URL +3. (å¦‚éœ€ęŽ„ę”¶ę¶ˆęÆ) åœØęœŗå™Øäŗŗ配ē½®é”µé¢č®¾ē½®ęŽ„ę”¶ę¶ˆęÆēš„ API 地址ļ¼ˆå›žč°ƒåœ°å€ļ¼‰ä»„及 Token 和 EncodingAESKey +4. 将ē›ø关äæ”ęÆ唫兄配ē½®ę–‡ä»¶ From aea4f25c8387aee5e16b03a126beebbd712ff26d Mon Sep 17 00:00:00 2001 From: zepan Date: Sat, 21 Feb 2026 22:45:47 +0800 Subject: [PATCH 25/88] 1. update wechat qrcode. 2. add CONTRIBUTING.md --- CONTRIBUTING.md | 302 ++++++++++++++++++++++++++++++++++++++++++++ CONTRIBUTING.zh.md | 303 +++++++++++++++++++++++++++++++++++++++++++++ assets/wechat.png | Bin 144319 -> 144045 bytes 3 files changed, 605 insertions(+) create mode 100644 CONTRIBUTING.md create mode 100644 CONTRIBUTING.zh.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000000000..88227f493 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,302 @@ +# Contributing to PicoClaw + +Thank you for your interest in contributing to PicoClaw! This project is a community-driven effort to build the lightweight and versatile personal AI assistant. We welcome contributions of all kinds: bug fixes, features, documentation, translations, and testing. + +PicoClaw itself was substantially developed with AI assistance ā€” we embrace this approach and have built our contribution process around it. + +## Table of Contents + +- [Code of Conduct](#code-of-conduct) +- [Ways to Contribute](#ways-to-contribute) +- [Getting Started](#getting-started) +- [Development Setup](#development-setup) +- [Making Changes](#making-changes) +- [AI-Assisted Contributions](#ai-assisted-contributions) +- [Pull Request Process](#pull-request-process) +- [Branch Strategy](#branch-strategy) +- [Code Review](#code-review) +- [Communication](#communication) + +--- + +## Code of Conduct + +We are committed to maintaining a welcoming and respectful community. Be kind, constructive, and assume good faith. Harassment or discrimination of any kind will not be tolerated. + +--- + +## Ways to Contribute + +- **Bug reports** ā€” Open an issue using the bug report template. +- **Feature requests** ā€” Open an issue using the feature request template; discuss before implementing. +- **Code** ā€” Fix bugs or implement features. See the workflow below. +- **Documentation** ā€” Improve READMEs, docs, inline comments, or translations. +- **Testing** ā€” Run PicoClaw on new hardware, channels, or LLM providers and report your results. + +For substantial new features, please open an issue first to discuss the design before writing code. This prevents wasted effort and ensures alignment with the project's direction. + +--- + +## Getting Started + +1. **Fork** the repository on GitHub. +2. **Clone** your fork locally: + ```bash + git clone https://github.com//picoclaw.git + cd picoclaw + ``` +3. Add the upstream remote: + ```bash + git remote add upstream https://github.com/sipeed/picoclaw.git + ``` + +--- + +## Development Setup + +### Prerequisites + +- Go 1.25 or later +- `make` + +### Build + +```bash +make build # Build binary (runs go generate first) +make generate # Run go generate only +make check # Full pre-commit check: deps + fmt + vet + test +``` + +### Running Tests + +```bash +make test # Run all tests +go test -run TestName -v ./pkg/session/ # Run a single test +go test -bench=. -benchmem -run='^$' ./... # Run benchmarks +``` + +### Code Style + +```bash +make fmt # Format code +make vet # Static analysis +make lint # Full linter run +``` + +All CI checks must pass before a PR can be merged. Run `make check` locally before pushing to catch issues early. + +--- + +## Making Changes + +### Branching + +Always branch off `main` and target `main` in your PR. Never push directly to `main` or any `release/*` branch: + +```bash +git checkout main +git pull upstream main +git checkout -b your-feature-branch +``` + +Use descriptive branch names, e.g. `fix/telegram-timeout`, `feat/ollama-provider`, `docs/contributing-guide`. + +### Commits + +- Write clear, concise commit messages in English. +- Use the imperative mood: "Add retry logic" not "Added retry logic". +- Reference the related issue when relevant: `Fix session leak (#123)`. +- Keep commits focused. One logical change per commit is preferred. +- For minor cleanups or typo fixes, squash them into a single commit before opening a PR. +- Refer toĀ https://www.conventionalcommits.org/zh-hans/v1.0.0/ + +### Keeping Up to Date + +Rebase your branch onto upstream `main` before opening a PR: + +```bash +git fetch upstream +git rebase upstream/main +``` + +--- + +## AI-Assisted Contributions + +PicoClaw was built with substantial AI assistance, and we fully embrace AI-assisted development. However, contributors must understand their responsibilities when using AI tools. + +### Disclosure Is Required + +Every PR must disclose AI involvement using the PR template's **šŸ¤– AI Code Generation** section. There are three levels: + +| Level | Description | +|---|---| +| šŸ¤– Fully AI-generated | AI wrote the code; contributor reviewed and validated it | +| šŸ› ļø Mostly AI-generated | AI produced the draft; contributor made significant modifications | +| šŸ‘Øā€šŸ’» Mostly Human-written | Contributor led; AI provided suggestions or none at all | + +Honest disclosure is expected. There is no stigma attached to any level ā€” what matters is the quality of the contribution. + +### You Are Responsible for What You Submit + +Using AI to generate code does not reduce your responsibility as the contributor. Before opening a PR with AI-generated code, you must: + +- **Read and understand** every line of the generated code. +- **Test it** in a real environment (see the Test Environment section of the PR template). +- **Check for security issues** ā€” AI models can generate subtly insecure code (e.g., path traversal, injection, credential exposure). Review carefully. +- **Verify correctness** ā€” AI-generated logic can be plausible-sounding but wrong. Validate the behavior, not just the syntax. + +PRs where it is clear the contributor has not read or tested the AI-generated code will be closed without review. + +### AI-Generated Code Quality Standards + +AI-generated contributions are held to the **same quality bar** as human-written code: + +- It must pass all CI checks (`make check`). +- It must be idiomatic Go and consistent with the existing codebase style. +- It must not introduce unnecessary abstractions, dead code, or over-engineering. +- It must include or update tests where appropriate. + +### Security Review + +AI-generated code requires extra security scrutiny. Pay special attention to: + +- File path handling and sandbox escapes (see commit `244eb0b` for a real example) +- External input validation in channel handlers and tool implementations +- Credential or secret handling +- Command execution (`exec.Command`, shell invocations) + +If you are unsure whether a piece of AI-generated code is safe, say so in the PR ā€” reviewers will help. + +--- + +## Pull Request Process + +### Before Opening a PR + +- [ ] Run `make check` and ensure it passes locally. +- [ ] Fill in the PR template completely, including the AI disclosure section. +- [ ] Link any related issue(s) in the PR description. +- [ ] Keep the PR focused. Avoid bundling unrelated changes together. + +### PR Template Sections + +The PR template asks for: + +- **Description** ā€” What does this change do and why? +- **Type of Change** ā€” Bug fix, feature, docs, or refactor. +- **AI Code Generation** ā€” Disclosure of AI involvement (required). +- **Related Issue** ā€” Link to the issue this addresses. +- **Technical Context** ā€” Reference URLs and reasoning (skip for pure docs PRs). +- **Test Environment** ā€” Hardware, OS, model/provider, and channels used for testing. +- **Evidence** ā€” Optional logs or screenshots demonstrating the change works. +- **Checklist** ā€” Self-review confirmation. + +### PR Size + +Prefer small, reviewable PRs. A PR that changes 200 lines across 5 files is much easier to review than one that changes 2000 lines across 30 files. If your feature is large, consider splitting it into a series of smaller, logically complete PRs. + +--- + +## Branch Strategy + +### Long-Lived Branches + +- **`main`** ā€” the active development branch. All feature PRs target `main`. The branch is protected: direct pushes are not permitted, and at least one maintainer approval is required before merging. +- **`release/x.y`** ā€” stable release branches, cut from `main` when a version is ready to ship. These branches are more strictly protected than `main`. + +### Requirements to Merge into `main` + +A PR can only be merged when all of the following are satisfied: + +1. **CI passes** ā€” All GitHub Actions workflows (lint, test, build) must be green. +2. **Reviewer approval** ā€” At least one maintainer has approved the PR. +3. **No unresolved review comments** ā€” All review threads must be resolved. +4. **PR template is complete** ā€” Including AI disclosure and test environment. + +### Who Can Merge + +Only maintainers can merge PRs. Contributors cannot merge their own PRs, even if they have write access. + +### Merge Strategy + +We use **squash merge** for most PRs to keep the `main` history clean and readable. Each merged PR becomes a single commit referencing the PR number, e.g.: + +``` +feat: Add Ollama provider support (#491) +``` + +If a PR consists of multiple independent, well-separated commits that tell a clear story, a regular merge may be used at the maintainer's discretion. + +### Release Branches + +When a version is ready, maintainers cut a `release/x.y` branch from `main`. After that point: + +- **New features are not backported.** The release branch receives no new functionality after it is cut. +- **Security fixes and critical bug fixes are cherry-picked.** If a fix in `main` qualifies (security vulnerability, data loss, crash), maintainers will cherry-pick the relevant commit(s) onto the affected `release/x.y` branch and issue a patch release. + +If you believe a fix in `main` should be backported to a release branch, note it in the PR description or open a separate issue. The decision rests with the maintainers. + +Release branches have stricter protections than `main` and are never directly pushed to under any circumstances. + +--- + +## Code Review + +### For Contributors + +- Respond to review comments within a reasonable time. If you need more time, say so. +- When you update a PR in response to feedback, briefly note what changed (e.g., "Updated to use `sync.RWMutex` as suggested"). +- If you disagree with feedback, engage respectfully. Explain your reasoning; reviewers can be wrong too. +- Do not force-push after a review has started ā€” it makes it harder for reviewers to see what changed. Use additional commits instead; the maintainer will squash on merge. + +### For Reviewers + +Review for: + +1. **Correctness** ā€” Does the code do what it claims? Are there edge cases? +2. **Security** ā€” Especially for AI-generated code, tool implementations, and channel handlers. +3. **Architecture** ā€” Is the approach consistent with the existing design? +4. **Simplicity** ā€” Is there a simpler solution? Does this add unnecessary complexity? +5. **Tests** ā€” Are the changes covered by tests? Are existing tests still meaningful? + +Be constructive and specific. "This could have a race condition if two goroutines call this concurrently ā€” consider using a mutex here" is better than "this looks wrong". + + +### Reviewer List +Once your PR is submitted, you can reach out to the assigned reviewers listed in the following table. + +|Function| Reviewer| +|--- |--- | +|Provider|@yinwm | +|Channel |@yinwm | +|Agent |@lxowalle| +|Tools |@lxowalle| +|SKill || +|MCP || +|Optimization|@lxowalle| +|Security|| +|AI CI |@imguoguo| +|UX || +|Document|| + +--- + +## Communication + +- **GitHub Issues** ā€” Bug reports, feature requests, design discussions. +- **GitHub Discussions** ā€” General questions, ideas, community conversation. +- **Pull Request comments** ā€” Code-specific feedback. +- **Wechat&Discord** ā€” We will invite you when you have at least one merged PR + +When in doubt, open an issue before writing code. It costs little and prevents wasted effort. + +--- + +## A Note on the Project's AI-Driven Origin + +PicoClaw's architecture was substantially designed and implemented with AI assistance, guided by human oversight. If you find something that looks odd or over-engineered, it may be an artifact of that process ā€” opening an issue to discuss it is always welcome. + +We believe AI-assisted development done responsibly produces great results. We also believe humans must remain accountable for what they ship. These two beliefs are not in conflict. + +Thank you for contributing! diff --git a/CONTRIBUTING.zh.md b/CONTRIBUTING.zh.md new file mode 100644 index 000000000..01a1abfd5 --- /dev/null +++ b/CONTRIBUTING.zh.md @@ -0,0 +1,303 @@ +# 参äøŽč“”ēŒ® PicoClaw + +ę„Ÿč°¢ä½ åƹ PicoClaw ēš„å…³ę³Øļ¼ęœ¬é”¹ē›®ę˜Æäø€äøŖē¤¾åŒŗ驱åŠØēš„å¼€ęŗé”¹ē›®ļ¼Œē›®ę ‡ę˜ÆꞄå»ŗ č½»é‡ēµę“»,äŗŗäŗŗåÆē”Ø ēš„äøŖäŗŗAIåŠ©ę‰‹ć€‚ęˆ‘ä»¬ę¬¢čæŽäø€åˆ‡å½¢å¼ēš„č“”ēŒ®ļ¼šBug äæ®å¤ć€ę–°åŠŸčƒ½ć€ę–‡ę”£ć€ēæ»čÆ‘å’Œęµ‹čÆ•ć€‚ + +PicoClaw ęœ¬čŗ«åœØ很大ē؋åŗ¦äøŠę˜Æ借助 AI č¾…åŠ©å¼€å‘ēš„ā€”ā€”ęˆ‘ä»¬ę‹„ꊱčæ™ē§ę–¹å¼ļ¼Œå¹¶å›“ē»•å®ƒęž„å»ŗäŗ†č“”ēŒ®ęµēØ‹ć€‚ + +## ē›®å½• + +- [č”Œäøŗ准则](#č”Œäøŗ准则) +- [č“”ēŒ®ę–¹å¼](#č“”ēŒ®ę–¹å¼) +- [åæ«é€Ÿå¼€å§‹](#åæ«é€Ÿå¼€å§‹) +- [开发ēŽÆ境配ē½®](#开发ēŽÆ境配ē½®) +- [ꏐäŗ¤äæ®ę”¹](#ꏐäŗ¤äæ®ę”¹) +- [AI č¾…åŠ©č“”ēŒ®](#ai-č¾…åŠ©č“”ēŒ®) +- [Pull Request 굁ē؋](#pull-request-굁ē؋) +- [分ę”Æē­–ē•„](#分ę”Æē­–ē•„) +- [代ē å®”ęŸ„](#代ē å®”ęŸ„) +- [ę²Ÿé€šęø é“](#ę²Ÿé€šęø é“) + +--- + +## č”Œäøŗ准则 + +ęˆ‘ä»¬č‡“åŠ›äŗŽē»“ꊤäø€äøŖå‹å„½ć€äŗ’ē›ø尊重ēš„ē¤¾åŒŗēŽÆå¢ƒć€‚čÆ·äæęŒå–„ę„ć€å»ŗč®¾ę€§ēš„ꀁåŗ¦ļ¼Œå¹¶å–„ę„åœ°ē†č§£ä»–äŗŗć€‚ä»»ä½•å½¢å¼ēš„éŖšę‰°ęˆ–ę­§č§†å‡äøč¢«ęŽ„å—ć€‚ + +--- + +## č“”ēŒ®ę–¹å¼ + +- **Bug 反馈** ā€” ä½æē”Ø Bug ęŠ„å‘ŠęØ”ęæꏐäŗ¤ Issue怂 +- **åŠŸčƒ½å»ŗč®®** ā€” ä½æē”ØåŠŸčƒ½čÆ·ę±‚ęØ”ęæꏐäŗ¤ Issueļ¼Œå»ŗč®®åœØ开始实ēŽ°å‰å…ˆčæ›č”Œč®Øč®ŗ怂 +- **代ē č“”ēŒ®** ā€” äæ®å¤ Bug ęˆ–å®žēŽ°ę–°åŠŸčƒ½ļ¼Œå‚见äø‹ę–¹å·„ä½œęµēØ‹ć€‚ +- **ę–‡ę”£ę”¹čæ›** ā€” 完善 READMEć€ę–‡ę”£ć€ä»£ē ę³Ø释ꈖēæ»čÆ‘ć€‚ +- **굋čƕäøŽéŖŒčƁ** ā€” åœØꖰē”¬ä»¶ć€ę–°ęø é“ęˆ–ę–° LLM ęä¾›å•†äøŠčæč”Œ PicoClaw 并反馈ē»“ęžœć€‚ + +åƹäŗŽč¾ƒå¤§ēš„ę–°åŠŸčƒ½ļ¼ŒčÆ·å…ˆęäŗ¤ Issue č®Øč®ŗč®¾č®”ę–¹ę”ˆļ¼Œå†åŠØę‰‹å†™ä»£ē ć€‚čæ™čƒ½éæå…ę— ę•ˆęŠ•å…„ļ¼Œä¹Ÿē”®äæäøŽé”¹ē›®ę–¹å‘äæęŒäø€č‡“怂 + +--- + +## åæ«é€Ÿå¼€å§‹ + +1. åœØ GitHub äøŠ **Fork** ęœ¬ä»“åŗ“怂 +2. 将你ēš„ Fork **克隆**åˆ°ęœ¬åœ°ļ¼š + ```bash + git clone https://github.com/<ä½ ēš„ē”Øęˆ·å>/picoclaw.git + cd picoclaw + ``` +3. ę·»åŠ äøŠęøøčæœē؋仓åŗ“ļ¼š + ```bash + git remote add upstream https://github.com/sipeed/picoclaw.git + ``` + +--- + +## 开发ēŽÆ境配ē½® + +### 前ē½®ä¾čµ– + +- Go 1.25 ęˆ–ę›“é«˜ē‰ˆęœ¬ +- `make` + +### Ꞅå»ŗ + +```bash +make build # Ꞅå»ŗäŗŒčæ›åˆ¶ę–‡ä»¶ļ¼ˆä¼šå…ˆę‰§č”Œ go generateļ¼‰ +make generate # ä»…ę‰§č”Œ go generate +make check # å®Œę•“ēš„ꏐäŗ¤å‰ę£€ęŸ„ļ¼šdeps + fmt + vet + test +``` + +### čæč”Œęµ‹čƕ + +```bash +make test # čæč”Œę‰€ęœ‰ęµ‹čƕ +go test -run TestName -v ./pkg/session/ # čæč”Œå•äøŖ굋čƕ +go test -bench=. -benchmem -run='^$' ./... # čæč”ŒåŸŗå‡†ęµ‹čƕ +``` + +### 代ē é£Žę ¼ + +```bash +make fmt # ę ¼å¼åŒ–ä»£ē  +make vet # é™ę€åˆ†ęž +make lint # å®Œę•“ēš„ lint ę£€ęŸ„ +``` + +ꉀ꜉ CI ę£€ęŸ„é€ščæ‡åŽ PR ę‰čƒ½č¢«åˆå¹¶ć€‚ęŽØ送代ē å‰čƷ先åœØęœ¬åœ°čæč”Œ `make check`ļ¼Œęå‰å‘ēŽ°é—®é¢˜ć€‚ + +--- + +## ꏐäŗ¤äæ®ę”¹ + +### 分ę”Æē®”ē† + +始ē»ˆä»Ž `main` 分ę”Æ切å‡ŗļ¼Œå¹¶åœØ PR äø­ä»„ `main` äøŗē›®ę ‡åˆ†ę”Æ怂äøč¦ē›“ęŽ„å‘ `main` ęˆ–ä»»ä½• `release/*` 分ę”ÆęŽØ送代ē ļ¼š + +```bash +git checkout main +git pull upstream main +git checkout -b ä½ ēš„åŠŸčƒ½åˆ†ę”Æ名 +``` + +čÆ·ä½æē”Øꏏčæ°ę€§ēš„分ę”Æ名ļ¼Œä¾‹å¦‚ļ¼š`fix/telegram-timeout`态`feat/ollama-provider`态`docs/contributing-guide`怂 + +### Commit 规范 + +- ä½æē”Øč‹±ę–‡ę’°å†™ęø…꙰态ē®€ę“ēš„ commit äæ”ęÆ怂 +- ä½æē”Øē„ˆä½æ叄ļ¼šå†™ "Add retry logic"ļ¼Œč€Œäøę˜Æ "Added retry logic"怂 +- ęœ‰å…³č” Issue ę—¶čƷ引ē”Øļ¼š`Fix session leak (#123)`怂 +- äæęŒ commit äø“ę³Øļ¼ŒęƏäøŖ commit åŖ做äø€ä»¶äŗ‹ć€‚ +- åƹäŗŽå°ēš„ęø…ē†ęˆ–ę‹¼å†™äæ®ę­£ļ¼Œę PR 前čƷ将其合并äøŗäø€äøŖ commit怂 +- ꌉē…§Ā https://www.conventionalcommits.org/zh-hans/v1.0.0/Ā č§„čŒƒę„ę’°å†™ + +### äæęŒäøŽäøŠęøøåŒę­„ + +ꏐ PR 前ļ¼ŒčƷ将你ēš„分ę”Æ变åŸŗ到äøŠęøø `main`ļ¼š + +```bash +git fetch upstream +git rebase upstream/main +``` + +--- + +## AI č¾…åŠ©č“”ēŒ® + +PicoClaw åœØ很大ē؋åŗ¦äøŠå€ŸåŠ© AI č¾…åŠ©å¼€å‘ļ¼Œęˆ‘们完å…Øꋄꊱčæ™ē§å¼€å‘ę–¹å¼ć€‚ä½†č“”ēŒ®č€…åæ…é”»ęø…ę„šåœ°äŗ†č§£č‡Ŗå·±åœØä½æē”Ø AI å·„å…·ę—¶ę‰€ę‰æꋅēš„č“£ä»»ć€‚ + +### åæ…é”»ęŠ«éœ² AI ä½æē”Øęƒ…å†µ + +ęƏäøŖ PR 都åæ…锻通čæ‡ PR ęØ”ęæäø­ēš„ **šŸ¤– AI 代ē ē”Ÿęˆ** éƒØåˆ†ęŠ«éœ² AI 参äøŽęƒ…况ļ¼Œå…±åˆ†äø‰äøŖēŗ§åˆ«ļ¼š + +| ēŗ§åˆ« | čÆ“ę˜Ž | +|---|---| +| šŸ¤– 完å…Øē”± AI ē”Ÿęˆ | AI ē¼–写代ē ļ¼Œč“”ēŒ®č€…č“Ÿč“£å®”ęŸ„å’ŒéŖŒčƁ | +| šŸ› ļø äø»č¦ē”± AI ē”Ÿęˆ | AI čµ·č‰ļ¼Œč“”ēŒ®č€…做äŗ†č¾ƒå¤§äæ®ę”¹ | +| šŸ‘Øā€šŸ’» äø»č¦ē”±äŗŗå·„ē¼–写 | č“”ēŒ®č€…äø»åƼļ¼ŒAI ä»…ęä¾›č¾…åŠ©ęˆ–ęœŖä½æē”Ø AI | + +ęˆ‘ä»¬ęœŸęœ›ä½ čÆšå®žå”«å†™ć€‚äø‰ē§ēŗ§åˆ«å‡åÆęŽ„å—ļ¼Œę²”ęœ‰ä»»ä½•ę­§č§†ā€”ā€”é‡č¦ēš„ę˜Æč“”ēŒ®ēš„č“Ø量怂 + +### ä½ åÆ¹ęäŗ¤ēš„代ē č“Ÿå…Øč“£ + +ä½æē”Ø AI ē”Ÿęˆä»£ē å¹¶äøčƒ½å‡č½»ä½ ä½œäøŗč“”ēŒ®č€…ēš„č“£ä»»ć€‚åœØꏐäŗ¤å«ęœ‰ AI ē”Ÿęˆä»£ē ēš„ PR 之前ļ¼Œä½ åæ…é”»ļ¼š + +- **é€č”Œé˜…čƻ并ē†č§£**ē”Ÿęˆēš„代ē ć€‚ +- **åœØēœŸå®žēŽÆ境äø­ęµ‹čƕ**ļ¼ˆå‚见 PR ęØ”ęæäø­ēš„굋čƕēŽÆ境éƒØ分ļ¼‰ć€‚ +- **ę£€ęŸ„å®‰å…Ø问题** ā€” AI ęؔ型åÆčƒ½ē”Ÿęˆå­˜åœØ安å…Øéšę‚£ēš„代ē ļ¼ˆå¦‚č·Æ径ē©æ越态ę³Øå…„ę”»å‡»ć€å‡­ę®ę³„éœ²ē­‰ļ¼‰ļ¼ŒčƷ仔ē»†å®”ęŸ„ć€‚ +- **éŖŒčÆę­£ē”®ę€§** ā€” AI ē”Ÿęˆēš„é€»č¾‘åÆčƒ½å¬čµ·ę„åˆē†ä½†å®žé™…äøŠę˜Æ错čÆÆēš„ļ¼ŒčÆ·éŖŒčÆč”Œäøŗļ¼Œč€Œäøä»…ä»…ę˜ÆčÆ­ę³•ć€‚ + +å¦‚ęžœę˜Žę˜¾åÆ仄ēœ‹å‡ŗč“”ēŒ®č€…ę²”꜉阅čÆ»ęˆ–ęµ‹čƕ AI ē”Ÿęˆēš„代ē ļ¼ŒčÆ„ PR å°†č¢«ē›“ęŽ„å…³é—­ļ¼Œäøäŗˆå®”ęŸ„ć€‚ + +### AI ē”Ÿęˆä»£ē ēš„č“Øé‡ę ‡å‡† + +AI ē”Ÿęˆēš„代ē äøŽäŗŗå·„ē¼–写ēš„代ē éµå¾Ŗ**ē›ø同ēš„č“Øé‡č¦ę±‚**ļ¼š + +- åæ…锻通čæ‡ę‰€ęœ‰ CI ę£€ęŸ„ļ¼ˆ`make check`ļ¼‰ć€‚ +- åæ…é”»ē¬¦åˆ Go ęƒÆē”Øå†™ę³•ļ¼Œå¹¶äøŽēŽ°ęœ‰ä»£ē åŗ“ēš„é£Žę ¼äæęŒäø€č‡“怂 +- äøå¾—引兄äøåæ…要ēš„ęŠ½č±”ć€ę­»ä»£ē ęˆ–čæ‡åŗ¦č®¾č®”怂 +- é”»åœØ适当ēš„åœ°ę–¹åŒ…å«ęˆ–ę›“ꖰ굋čÆ•ć€‚ + +### 安å…Øå®”ęŸ„ + +AI ē”Ÿęˆēš„代ē éœ€č¦ę ¼å¤–ä»”ē»†ēš„安å…Øå®”ęŸ„ć€‚čÆ·ē‰¹åˆ«å…³ę³Ø仄äø‹ę–¹é¢ļ¼š + +- ꖇ件č·Æ径处ē†äøŽę²™ē®±é€ƒé€øļ¼ˆé”¹ē›®åŽ†å²äø­ēš„ commit `244eb0b` å°±ę˜ÆēœŸå®žę”ˆä¾‹ļ¼‰ +- channel 处ē†å™Ø和 tool 实ēŽ°äø­ēš„外éƒØč¾“å…„ę ”éŖŒ +- å‡­ę®ęˆ–åƆ钄ēš„处ē† +- å‘½ä»¤ę‰§č”Œļ¼ˆ`exec.Command`态shell 调ē”Øē­‰ļ¼‰ + +å¦‚ęžœä½ äøē”®å®šęŸę®µ AI ē”Ÿęˆä»£ē ę˜Æ否安å…Øļ¼ŒčÆ·åœØ PR äø­čÆ“ę˜Žā€”ā€”å®”ęŸ„č€…ä¼šåø®åŠ©åˆ¤ę–­ć€‚ + +--- + +## Pull Request 굁ē؋ + +### ꏐ PR 前ēš„ę£€ęŸ„ + +- [ ] åœØęœ¬åœ°čæč”Œ `make check` 并ē”®č®¤é€ščæ‡ć€‚ +- [ ] å®Œę•“å”«å†™ PR ęØ”ęæļ¼ŒåŒ…ꋬ AI ęŠ«éœ²éƒØåˆ†ć€‚ +- [ ] åœØ PR ꏏčæ°äø­å…³č”ē›ø关 Issue怂 +- [ ] äæęŒ PR äø“ę³Øļ¼Œéæ免将äøē›ø关ēš„äæ®ę”¹ę··åœØäø€čµ·ć€‚ + +### PR ęØ”ęæ各éƒØ分čÆ“ę˜Ž + +PR ęØ”ęæč¦ę±‚å”«å†™ļ¼š + +- **ꏏčæ°** ā€” čæ™äøŖę”¹åŠØ做äŗ†ä»€ä¹ˆļ¼Œäøŗä»€ä¹ˆč¦åšļ¼Ÿ +- **å˜ę›“ē±»åž‹** ā€” Bug äæ®å¤ć€ę–°åŠŸčƒ½ć€ę–‡ę”£ęˆ–é‡ęž„ć€‚ +- **AI 代ē ē”Ÿęˆ** ā€” AI 参äøŽęƒ…å†µęŠ«éœ²ļ¼ˆåæ…唫ļ¼‰ć€‚ +- **å…³č” Issue** ā€” ę­¤ PR č§£å†³ēš„ Issue é“¾ęŽ„ć€‚ +- **ꊀęœÆ背ę™Æ** ā€” å‚č€ƒé“¾ęŽ„å’Œč®¾č®”ē†ē”±ļ¼ˆēŗÆę–‡ę”£ē±» PR åÆč·³čæ‡ļ¼‰ć€‚ +- **굋čƕēŽÆ境** ā€” ē”ØäŗŽęµ‹čƕēš„ē”¬ä»¶ć€ę“ä½œē³»ē»Ÿć€ęؔ型/ęä¾›å•†å’Œęø é“怂 +- **éŖŒčƁčÆę®** ā€” åÆ选ēš„ę—„åæ—ęˆ–ęˆŖ图ļ¼Œē”ØäŗŽčÆę˜Žę”¹åŠØ꜉ꕈ怂 +- **ę£€ęŸ„ęø…单** ā€” č‡Ŗęˆ‘å®”ęŸ„ē”®č®¤ć€‚ + +### PR 规ęØ” + +čÆ·å°½é‡ęäŗ¤å°č€Œę˜“äŗŽå®”ęŸ„ēš„ PR怂äø€äøŖę¶‰åŠ 5 äøŖę–‡ä»¶å…± 200 č”Œę”¹åŠØēš„ PRļ¼ŒčæœęÆ”ę¶‰åŠ 30 äøŖę–‡ä»¶å…± 2000 č”Œę”¹åŠØēš„ PR å®¹ę˜“å®”ęŸ„ć€‚å¦‚ęžœä½ ēš„åŠŸčƒ½č¾ƒå¤§ļ¼ŒåÆä»„č€ƒč™‘å°†å…¶ę‹†åˆ†äøŗäø€ē³»åˆ—é€»č¾‘å®Œę•“ēš„小 PR怂 + +--- + +## 分ę”Æē­–ē•„ + +### é•æęœŸåˆ†ę”Æ + +- **`main`** ā€” ę“»č·ƒå¼€å‘åˆ†ę”Æć€‚ę‰€ęœ‰åŠŸčƒ½ PR 均仄 `main` äøŗē›®ę ‡ć€‚čƄ分ę”Æ受äæęŠ¤ļ¼šē¦ę­¢ē›“ꎄęŽØ送ļ¼Œåˆå¹¶å‰åæ…é”»čŽ·å¾—č‡³å°‘äø€åē»“ꊤ者ēš„ę‰¹å‡†ć€‚ +- **`release/x.y`** ā€” ēس定发åøƒåˆ†ę”Æļ¼ŒåœØꟐäøŖē‰ˆęœ¬å‡†å¤‡å‘åøƒę—¶ä»Ž `main` 切å‡ŗ怂čæ™äŗ›åˆ†ę”Æēš„äæęŠ¤ēŗ§åˆ«é«˜äŗŽ `main`怂 + +### 合并到 `main` ēš„å‰ęę”件 + +PR åæ…é”»åŒę—¶ę»”č¶³ä»„äø‹ę‰€ęœ‰ę”件ļ¼Œę‰čƒ½č¢«åˆå¹¶ļ¼š + +1. **CI å…ØéƒØ通čæ‡** ā€” ꉀ꜉ GitHub Actions å·„ä½œęµļ¼ˆlint态test态buildļ¼‰å‡äøŗē»æč‰²ć€‚ +2. **čŽ·å¾—å®”ęŸ„č€…ę‰¹å‡†** ā€” č‡³å°‘äø€åē»“ęŠ¤č€…å·²ę‰¹å‡†čÆ„ PR怂 +3. **ꗠęœŖč§£å†³ēš„å®”ęŸ„ę„č§** ā€” ę‰€ęœ‰å®”ęŸ„č®Øč®ŗēŗæēØ‹å‡å·²å…³é—­ć€‚ +4. **PR ęØ”ęæå”«å†™å®Œę•“** ā€” åŒ…ę‹¬ AI ęŠ«éœ²å’Œęµ‹čƕēŽÆ境äæ”ęÆ怂 + +### 谁åÆ仄合并 + +åŖ꜉ē»“ęŠ¤č€…ę‰čƒ½åˆå¹¶ PR怂蓔ēŒ®č€…äøčƒ½åˆå¹¶č‡Ŗå·±ēš„ PRļ¼Œå³ä½æę‹„ęœ‰å†™ęƒé™ä¹Ÿäøč”Œć€‚ + +### 合并ē­–ē•„ + +äøŗäæęŒ `main` 历史ęø…ę™°åÆčÆ»ļ¼Œęˆ‘们åÆ¹å¤§å¤šę•° PR ä½æē”Ø **Squash Merge**怂ęƏäøŖ合并ēš„ PR 变äøŗäø€äøŖ包含 PR ē¼–号ēš„单ē‹¬ commitļ¼Œä¾‹å¦‚ļ¼š + +``` +feat: Add Ollama provider support (#491) +``` + +å¦‚ęžœäø€äøŖ PR 包含多äøŖē‹¬ē«‹ć€ē»“ęž„ęø…ę™°ć€čƒ½č®²čæ°å®Œę•“ꕅäŗ‹ēš„ commitļ¼Œē»“ꊤ者åÆč§†ęƒ…å†µä½æē”Øꙮ通 merge怂 + +### Release 分ę”Æ + +å½“ęŸäøŖē‰ˆęœ¬å‡†å¤‡å°±ē»Ŗę—¶ļ¼Œē»“ęŠ¤č€…ä¼šä»Ž `main` 切å‡ŗ `release/x.y` 分ę”Æć€‚ę­¤åŽļ¼š + +- **ę–°åŠŸčƒ½äøä¼šč¢«å›žęŗÆļ¼ˆbackportļ¼‰ć€‚** Release 分ę”Æ切å‡ŗ后ļ¼Œäøå†ęŽ„ę”¶ä»»ä½•ę–°åŠŸčƒ½ć€‚ +- **安å…Øäæ®å¤å’Œå…³é”® Bug äæ®å¤ä¼šč¢« cherry-pick čæ›ę„怂** č‹„ `main` äøŠēš„ęŸäøŖäæ®å¤å±žäŗŽå®‰å…Øę¼ę“žć€ę•°ę®äø¢å¤±ęˆ–å“©ęŗƒē±»é—®é¢˜ļ¼Œē»“ęŠ¤č€…ä¼šå°†ē›ø关 commit cherry-pick 到受影响ēš„ `release/x.y` 分ę”Æļ¼Œå¹¶å‘åøƒč”„äøē‰ˆęœ¬ć€‚ + +å¦‚ęžœä½ č®¤äøŗ `main` äøŠēš„ęŸäøŖäæ®å¤åŗ”čÆ„č¢«å›žęŗÆåˆ°ęŸäøŖ release 分ę”Æļ¼ŒčÆ·åœØ PR ꏏčæ°äø­ę³Ø꘎ļ¼Œęˆ–单ē‹¬å¼€äø€äøŖ Issue čÆ“ę˜Žć€‚ęœ€ē»ˆå†³å®šē”±ē»“ęŠ¤č€…åšå‡ŗ怂 + +Release 分ę”Æēš„äæęŠ¤ēŗ§åˆ«é«˜äŗŽ `main`ļ¼ŒåœØä»»ä½•ęƒ…å†µäø‹å‡äøå…č®øē›“ꎄęŽØ送怂 + +--- + +## 代ē å®”ęŸ„ + +### åÆ¹č“”ēŒ®č€…ēš„å»ŗč®® + +- åœØ合ē†ę—¶é—“å†…å›žå¤å®”ęŸ„ę„č§ć€‚å¦‚ęžœéœ€č¦ę›“å¤šę—¶é—“ļ¼ŒčƷ告ēŸ„怂 +- ꛓꖰ PR 仄响åŗ”åé¦ˆę—¶ļ¼Œē®€č¦čÆ“ę˜Žę”¹åŠØ内容ļ¼ˆä¾‹å¦‚ļ¼š"ꌉå»ŗč®®ę”¹ē”Øäŗ† `sync.RWMutex`"ļ¼‰ć€‚ +- å¦‚ęžœä½ äøåŒę„ęŸę”反馈ļ¼ŒčÆ·ē¤¼č²Œåœ°é˜čæ°ä½ ēš„ē†ē”±ā€”ā€”å®”ęŸ„č€…ä¹ŸåÆčƒ½ęœ‰åˆ¤ę–­å¤±čÆÆēš„ę—¶å€™ć€‚ +- å®”ęŸ„å¼€å§‹åŽčÆ·äøč¦ force pushā€”ā€”čæ™ä¼šč®©å®”ęŸ„č€…éš¾ä»„čæ½čøŖå˜åŒ–ć€‚čÆ·ä½æē”Ø额外ēš„ commitļ¼Œē»“ꊤ者åœØåˆå¹¶ę—¶ä¼ščæ›č”Œ squash怂 + +### åÆ¹å®”ęŸ„č€…ēš„å»ŗč®® + +å®”ęŸ„é‡ē‚¹ļ¼š + +1. **ę­£ē”®ę€§** ā€” 代ē ę˜Æ否实ēŽ°äŗ†å…¶å£°ē§°ēš„åŠŸčƒ½ļ¼Ÿę˜Æ否存åœØč¾¹ē•Œęƒ…况ļ¼Ÿ +2. **安å…Øꀧ** ā€” åƹ AI ē”Ÿęˆä»£ē ć€tool 实ēŽ°å’Œ channel 处ē†å™Øå°¤å…¶éœ€č¦å…³ę³Ø怂 +3. **ꞶꞄ** ā€” 实ēŽ°ę–¹å¼ę˜Æ否äøŽēŽ°ęœ‰č®¾č®”äø€č‡“ļ¼Ÿ +4. **ē®€ę“ę€§** ā€” ę˜Æå¦ęœ‰ę›“ē®€å•ēš„ę–¹ę”ˆļ¼Ÿę˜Æ否引兄äŗ†äøåæ…要ēš„å¤ę‚åŗ¦ļ¼Ÿ +5. **굋čƕ** ā€” ę”¹åŠØę˜Æå¦ęœ‰ęµ‹čÆ•č¦†ē›–ļ¼ŸēŽ°ęœ‰ęµ‹čƕę˜Æ否仍ē„¶ęœ‰ę„ä¹‰ļ¼Ÿ + +čÆ·ē»™å‡ŗå»ŗč®¾ę€§äø”具体ēš„åé¦ˆć€‚"å¦‚ęžœäø¤äøŖ goroutine åŒę—¶č°ƒē”Øčæ™äøŖå‡½ę•°åÆčƒ½ä¼šęœ‰ē«žę€ę”件ļ¼Œå»ŗč®®åœØčæ™é‡ŒåŠ äø€äøŖ mutex" čæœęƔ "čæ™é‡Œēœ‹čµ·ę„ęœ‰é—®é¢˜" ę›“ęœ‰åø®åŠ©ć€‚ + +### å®”ęŸ„č€…åˆ—č”Ø +ꏐäŗ¤åƹåŗ”PR后ļ¼ŒåÆä»„å‚č€ƒäø‹č”Ø联ē³»åƹåŗ”ēš„å®”ęŸ„äŗŗå‘˜ę²Ÿé€š + +|Function| Reviewer| +|--- |--- | +|Provider|@yinwm | +|Channel |@yinwm | +|Agent |@lxowalle| +|Tools |@lxowalle| +|SKill || +|MCP || +|Optimization|@lxowalle| +|Security|| +|AI CI |@imguoguo| +|UX || +|Document|| + + + +--- + +## ę²Ÿé€šęø é“ + +- **GitHub Issues** ā€” Bug ęŠ„å‘Šć€åŠŸčƒ½å»ŗč®®ć€č®¾č®”č®Øč®ŗ怂 +- **GitHub Discussions** ā€” äø€čˆ¬ę€§é—®é¢˜ć€ęƒ³ę³•äŗ¤ęµć€ē¤¾åŒŗč®Øč®ŗ怂 +- **Pull Request čƄč®ŗ** ā€” äøŽå…·ä½“代ē ē›ø关ēš„åé¦ˆć€‚ +- **Wechat&Discord** ā€” å½“ä½ ęœ‰č‡³å°‘äø€äøŖ已合并ēš„PR后ļ¼Œęˆ‘们会邀čÆ·ä½ åŠ å…„å¼€å‘č€…äŗ¤ęµē¾¤ + +꜉ē–‘问ꗶļ¼ŒčƷ先开 Issue č®Øč®ŗļ¼Œå†åŠØę‰‹å†™ä»£ē ć€‚čæ™å‡ ä¹Žę²”ęœ‰ęˆęœ¬ļ¼Œå“čƒ½éæå…å¤§é‡ę— ę•ˆęŠ•å…„ć€‚ + +--- + +## 关äŗŽęœ¬é”¹ē›®ēš„ AI 驱åŠØčµ·ęŗ + +PicoClaw ēš„ꞶꞄåœØäŗŗå·„ē›‘ē£äø‹ļ¼Œē»ē”± AI č¾…åŠ©å®Œęˆäŗ†å¤§é‡č®¾č®”和实ēŽ°å·„ä½œć€‚å¦‚ęžœä½ å‘ēŽ°ęŸå¤„ēœ‹čµ·ę„儇ę€Ŗꈖčæ‡åŗ¦č®¾č®”ļ¼Œčæ™åÆčƒ½ę˜ÆčÆ„čæ‡ē؋ē•™äø‹ēš„ē—•čæ¹ā€”ā€”ę¬¢čæŽę Issue č®Øč®ŗ怂 + +ęˆ‘ä»¬ē›øäæ”ļ¼Œč“Ÿč“£ä»»åœ°ä½æē”Ø AI č¾…åŠ©å¼€å‘čƒ½äŗ§ē”Ÿä¼˜ē§€ēš„ęˆęžœć€‚ęˆ‘ä»¬åŒę ·ē›øäæ”ļ¼Œäŗŗē±»åæ…é”»åƹč‡Ŗå·±ęäŗ¤ēš„å†…å®¹č“Ÿč“£ć€‚čæ™äø¤ē‚¹å¹¶äøēŸ›ē›¾ć€‚ + +ę„Ÿč°¢ä½ ēš„č“”ēŒ®ļ¼ diff --git a/assets/wechat.png b/assets/wechat.png index 8fc41ea7d53cfc9e0ccb7b6fe5a4fd6d079cee7c..a34217c335542a13aace2103bd15ccebf94acde2 100644 GIT binary patch literal 144045 zcmeFZcT`hdw>P@!hyv0(K{^5gQl&*enurtyq(%j#2}tjRA|Sm9NReKY`p~5#y-06L z551F61BB$p=Pl>`&iU>b=iWcQGwyqzI2Ll>R}+dGJ( zwztJ6!-*pL1DAynyxF*amA~fTFCF+x2maE5zjWX)9r#NJ{?dW}IUV>kp;AQ3j(4DJzO+;m zqs#H0<=Rd*!F!ZQ^XwCNvj%ehGjCrQI%3^+SZUG&9=7hi7y?`|fK4#kM;Qb7MaWMO zq0S=FS2RD&Q5#Xvj8P)3|JtyHLoM<=?GuaE>`M%gIR;&N9b5Aq1IXoKfYxp&`{Eb( z3dk~Nw9EGTEYu9)Kk^tjjzOPou47iwUUFIV@OOJQ1R>HV_C0O{D8ISer3i4{h5)*b_FHe=;0w-S33 z$RhdYqaptJXn*$O!jLD1GjUx=esM^5ea5%V>3Gg!yyaq2#`}haJ~k(ttSX{!q89I) zs>r3d-KcPG1TXOKR*Jn#LuHg=HffxzPe+i)kn`RnF`Tf|+`#dO*Cf2T0ly37SBT%~ zCDf?dHW~vgLW)ic`RvR$D=5FaeBG_y)jxhb?v>Sm|FQ>XnS8pX8aC5~<5kc}+jd6- zzC!!*eUSQv7GBhvv(F5jqdDo~8AG(;lgM5oq9plESwB*vs!9#_V~RydId^mXn6Nl+ zX3&=kq1}5la{IA)C1KG<>RfMPy_ZaSDpv(*`=raRo5zb5)$&PWO)`U;S9T5!8Ya@l zO>IwtTsAE6{O(gbnON3`4X9SBB|&(&q(x5GHsNKKQPC|E3CV{1SBFZY4zgb6#h#%u zZr=iP;y%FcGD|>b=Yf&&#zC@Jq(S5hq~G$i>o4;UV*PFm5B3_?&@}rJ%>0`bG!u$> zUzw^SSrnVe zDUdpNayEM8!+Wo+c0reF!!K=7Gp^*w)O(YsTpgUmsL~)?Wl~;mPnH@k0wh@ci2NC! zd6ztD)#O`Ky*=dySM`go`oaWIls5NVs?y5)DnNmjdaqhG)VWaW+nmF^uowcBlQFpn4LEWD*V_mnfb zZ_g)opaDvYlvah$+MJPoSup8b*KnS2I67P9Qr{vzp%>rWcl^SyaUIh$JlQv7&-l3s zM;6yRF~e=>k+8SKdZlx>v4x)?j9PTA1r^RfMM=>xtZ=6?PO6UsUS8LmpB3WFN@)B+ zmMh26^jGtY>&`bA{rh+$P3=k`h0eqnx59!Sd zsL4J)yRDtNkM4O&rV2CW=5dVA<03aHw@aO}chfLc+3@3L+La8Y z{GwDE|5&7lgJEtioA8g4#|K;cc@Z@a7#4Qi6ED6>+tQxZ6@xvi9+Dj*DL81lJwIB{ zx{W0;*r(Y*y=ot?H}tYJ#v7c>y*QASyH`>wcRG3Q6qYt@oth+p2&9#{G|!m%aSA z=U_hBoo%!uOYo=ZM2Xu?!!Lg=&MtP!Rnu^95IqTU7FOFV^PuG&0Lf2Hk+Q!t(3-7U zp!TyaRKw01HK6USt8M-5=3*lY4_X1?5B@PDXG)fc0oagjpbhJn#<>xExBjtq|6Q)6 zR=Zh>3F|>1kkqo93NM^Z)2(V~JY8&JMqB=Eh81(P{Ze=h;n{{JHxB39TdPj#9-j zAaXwE)ZrF2rPRC`$jVX}6;cQT{P_f5AdzM)7VZ=~oNWDFco-m};+{Ru=Icsc!5}|r zeWiYnf>~2#2Vrg|V~+TUX(>kXhL0i%R;|cqy|bzj;)K-`v|CRqQ?=6RbpjslChi(F zE`2CH315wXYowUA=Wa9`oI(2$(PNG+XObh=XSK5^eXP8-Dc4xo^()%)7T1HG=dM~t z&S>+<{F(!FI)VWzurqQaGeJ5M+vaUAa^@o;$8-jLmJ#F^y`wOCs?_@nqCD}Z33RCv zEnbvsC(+pWk-}sWY-&VWK2S#k_sv z)4q23+l*0l9$D7Mc|GpE@qI)yi(jA}{iD$BL-aNDbT^+Pw4UK977 zh_h}_93<-OZ-C##x?zC#7(fLB6lGnVVt|=kA&_+fhnT(d&y!fJ#Ad81&tjYL$Sz7q zzo?MCu8p9WeGwT` zy3`z?+N8JLN+SJ09VwUk^&VGqFMcR$t;9p$$C^!TwBk;(r9aL5skZUR+28RXGim8@ z(}wz~?5WD*Bbkw)d?k*@cdEZ|7=t7eGv*PQ-ftT+rOLyI^G3g3()1pB0 z7lJ$rbjj^Oz2!TznZ|sAvJLmx9g*}!vtIZjbwA$`u0)Z#ysp&!s`-_l3HA|BdA_4_=+aG7tq_y|f{FQ@ZW$_|~Ar){GgRnPMHk z$d|VK<-&Z|3|ib-FsC8lY`h0)PDk3;4&HiXSvk5bI)$dfuFm{)|HDiSFy8X)pBQZo zOi+mdh}C|5ZnOPZ?k81YIu2fAAzwued7msSr*?`>rdbZ~=9VfbQ)}b=8x`PR(VEeJ zz&J4+te?%yyt6?2M(*ULlZCbu#$!^tXT;R-)FR3aVl-{CGieE=S=xrb6N&{!E1R1nIOH{nt*H;Ri)`XzD}7gnvd@6R!3 zlfr1ak>laWoN`-n&b0dcL;K}SD3Ve_h^q@K5dV!da|_yEe%K?=UNf~f-Z6b7p`PJY zBz2(*9&h;aM8Y5iYIWEA9Wd)hD604P#^h6&M%J%du7+(0k;T%gOxERz<2C7BNQ_Kq zTT$^4Cv7CLa&si>3zh0gdAnKA^xzc9OwNib%19dG305KaGnGe?J`ZdP-W-snjY?U1ODv;;A*(B2pl!gLC>r@1AOM{2ewY`Eq~M zguQXQD%{X)d&)oMnsq_c{oCJ%D2KIGKUPgQHmr-pdj4-M{$1R%f5<`e`M0|d#d`Z? zjKeeF)gkZ_sBe@g+Sd_2T)W~&*+Gg+on~El4_5HJor7h_v(uLqv3gpCHSlxu&{fD2 zWTYXwCzS5!Nv;Zi^v~Yy7f^VH0|rRJLR%>Ga_W9JuTRP!Q#W_bH#_0RJs9AG47&~D z=3$qB0`|TgQHYHx2I^pdXun&sHW=V34;qaDPQNa}Q^_w7;BzcwD>J-)1Nvc5WwYmt zzyKu1Jr{iwIV0D8s%UX`Uq-~N-ynSodT|xo<0T!MO6bxFe148?rHbNKLi=i6qp;vs zyHfip>ib=-%61e592D*=w341ajD`yf)^2?$P}NJ8_TG1J^g{3-h-Y z5Xc#WnPTRI!LR*$zDq(Ku{0kqT(@ps%@-jj@nDisS?gD~Zejq(8))&9;>DblH?}r! zC|oqncW?)@V^iB;Pmv|ay_F^OPzN;HJM6pT4ck_l+9~sC_7}73t9;=!-?V>iX?>|s zNI(i$1|6IYF*@WB=HPhVm=Ckd*(oe6ysyVGFjgi@ZPRM;PM#a?caXQTTXIsZA6;jk z=)DGexSfIBi9HQ;BTLz!?O3S)s={{qQvS2t<85oS!qR; zhaCGEM_N~`Q|raLU%B(R-3`xV_-a^;q>c%4`_M|Y{;z_HecOU#VyL@j4PuFIQtBe)-4L7N#eqN>oErMFIOs2a}+ci|*aK;Ca zuNp4>s%Nygv&pU)CGRxvQ4Z~%-P3pOW=6aBlda!aO8fM@k+I0#wQeF@(D0fZ1C*z9 z;&Qc4>5J3`e|>c^eJ>r#(vvVk!QleE{hg))CiAJ>jnvrca?({5h4;EnRZiJ1lN?d~ ztTAlmUIC>Bci;FO#xORagUJ(=UC@}|(E6^b*dT7my&vessci^tX4ghB1e+M7~ciG6~BbBSZIuO8RrPluVYip?|+6lqK{N>cQ< zDtek6*}f2KSgZ3g;|UuCHP1`YY|mto3Dpcq$Q-}ZGk@PC>E<9klR58M{^G5;jHKnq zp`)fiZ)*|_u00zi0gw80TN`jw7 zt+seTs8la$!m<8zG^!-D&h&`wv_h1o>{)JBd(>dl_KFb0nt5!2i|!z23ahK==P&bL zPRo0{jIS z2Hg%vzb;44E-U#tbS;;9ffdy%lt^0Ip%me7eVeWV_Rrg$`N!T0>YX523EM63{W-)p zX2Uxb1kAF6WKy z9Vw3w+viB(SAtKs*& z_cl)@k|58Oq3_T{Yw!BqER(4r#BkjKts?}nFPd#hMakf&R4y3fF{wyocwA0Tc_r!` zSdskUp`PN#S<^C6Sd%)fR-hP_6RIYDY|zz4Y+M@2`ib@d2f=%dzULq<-?THxO{6V? zW7#%U)q zm2q?^Wh}7dlzA*X*Lp688fPtw%0oOU<=WM8-Gn%OZ%Kx{zy}mA=H<}*EtvhnKI7Z4 zUF?i3x!V`}BS*p2_TIa831xJAE*#dHT;@^ev18Rkugghp<)nsoNP%lGtNxFv1g(W?IP!g(zwW5%qQf=2bBh_b;Df68Mr3iX)W2!7Fr z|8AHUD-SN;a*So?7x`1=llNeEMfp7OB4xk=1DMBN9AbbN=;;=^7j(RYje%i3%jsHb zoW$!G@MarY1{)5`yJCipKv7t~qQYoW=iPm1WiJZrjP^n=PoRHqkM(YMjUw(5YMn`8 zc{LaSiS5)Zb`NW0_3Ws!t~!N{c3HHBHY8*k~0%&Mdc)mh^JxI#w94&HfVlG|*XG?Ki~+S9nnBNQ82pI3;Dr051@F?=K1C z>iHb4oX0foKQ(-@Kag_~p!k%KP*n_P&(#2%DepK#Vy%-B2(4~{wKR<<1AlUX{>CTB z{q`+%R_mBflE|79Nd*+a^)=ioZmwoBq)&?RihjIq+*%ii@y?YGdE(iaX)pd>&` znMQHbXuQl#N^I`)(;gO;rn*5sZ_RAeZRRvXJc zil14qj>9-IfEiTg6M`Mh%p5_qsukvYbA=<%_ROeeMv*Js ztyHJ#RdtM!@`Kg!06FOh_!82lf)E3Yigtm|S3qbP)A~+ugtSnXx*PEcmKsA?_1s4O z7bCCCxjB<*TcaN@UUP1_7I%@|8cxLkTKYiMIeqGbp6rbcs=_=6ROcE7DvTsr;A0@|&H@o$lF;==@ZZ>wJ_pEfM zj?vR0bZ4D?WWtF?BB^+Lwxunr05S{t&HfZDG&DHYRR&D{%dh@_o|=jGqg4>44zCDy zEUm!+G&XeJky;FycUWqk-Hl2@OVG=@S7i9|tX7aqNU4yQ0Yc+gfse zkId`VJfsjdMaYQE^)vLfhaK)&)W3+XyrMos+q|A@n-&=sZjpY|>W}0?s4By08&-^4 zUQg(x3985E7{3^cfMtB1`|NZc_T;?cODiLG0cs$_@=a}}1zYxR8;_iM7}qGjo>Q{0 ze?#9%c7g+2l#6{d-exPvaLPHcFBb1mrL|ei`9NfF&?@Gs^m(`PTUnV>^py0Av56xu@9mVY4;zi^dWivT#A2kNXNb+Nxgi6M>edv^hGgScF7&R^&Hb?p zvQT1F33)GCbkf%ajytD4l~WUH45ci~r%HtQ!BJtRv-SEY@`dT|N`^Caf$rw4Sx^$tgDJwX?#d zOE4q@0RN)77QnM&Zvr8W0lIZekh{t;br*{D=mJGcr4 z=z`F4Af6b_zxyRNI>dgzGEJ0TrI+R$I3>I$t{CuQ5IQ!7+yBAN`cccmEN1#dpQEQoNaZ& zViU-7^gNdKB-B2xaW?&mbf~+|cY;q=nSq6PmD43LM%ZpqP<&TTsiVKb=IF-Tg4!#S zx1Iz03nMwFCl#NdmZnmkVJq^rD}owSCPrPB1Sx3aC%r;@??A`dq>i`HLy{?H9mhS4 zsJKPV<7V2y4dIdVeDi)3nCb;u49TD(Ok;Y3jHsgj%o7V9k*&3eQQll&0+#+)NUUB<6x@`@-qIG%p8xh!E z7PjjDum1yF=IfXlAa=W0#l~uUczwwWHAPMP*EM}eyee*R5@>%8=Q+InaC1Ep@8BR=*Yb~9{VSa4q>#paFLD-R!n^mNP!uD~em=~{dL!wyzafy;c74Td%C zDq5wm==Pn5Ys{|CGNwTvnjtG-LjTd}S^t94#X;C^c*lb%SqWE$4>~WM08w>8_+>zUdGai&l>tu6&B-y z+JDsCr=slVXNe%n{o*(tARk|Dyy72L?3vg;o0*us&};S8#LMjYk=j_XeG)^}zzqgH zj=;snG+w-QC{hQCWyEaRS7F1YNi!ILsnpmpG*i40A-EK_kMb+%FE#3^8nPAFC>tn3 z|60z{e!#%cqwKBK;}|`*9fbzL#Ug#m)E1vDD9UyR#xiN&I`m%*o+dM98)dBfo=smladGr$O}nX)7{K zNw4oqUA*q+T*V%4$je2sBZJGfN0+wcr6%s}Z7`_6o^tpAz96rtH@bA}k!KqBHOMxx z@kX&5(_Qp0)bw=bh3=_hUGs8*f#HXhw0BvPrHh;iW zT}}=jR%jxX5I1{LT3HZs$!)nBZpEJdzaq5mncp8MRtr^FKn}wu-Fg({DI|(kpcKd+ zAxh7@&c>MLoT}u|8??;0?%6n6edO@-!;Fjo*GxjBP#LnRGq@{ly3X|j@v-3IhD7`< zo9KqsyV(}C)7=UDpKws;2b7B-%801TC!DL=S6bbMT~x@1n!)SY1UOTwybJXb8GDES z6?}0^r5J!z&bNZuq$>Eo)gS|NkfDxDzmP_Uo%>7-YqWIrtdEsE z97}t^UK6VQwNhoiDd+)F%*QNZG)E^))4Yegz{VpbEwrlh>h3I)6Wb!AV)0HXnY_t2skd06Bqo#;u4GXm}PYN@xX& zYsbi)^{PzO&Fgl|Z#Nk48>?De=3?j<6f1HSRzZNo?Npi)s0}Y)_A<W(d8h zMy|B|kQD>Kdkv?tZXn^W9ai3nwrV#+Mg_t8cutvz?j-IH1ny_E`q?q9wnZ1gc>;JQ z1%$BY{_{PJ`(s7DY67TKQJ+%<+gOra>vCL(FSO^>VMbt>M8 z9%UtIK=gKQm!5PleKmSg?>@FhF7lCvFL9^z=Q(bGtPCvWJJaEZG(&_|q)M zX{@kwg-A$e9MY<%Zl+Gs+s0ZK!dX9<;NEz>{tA0AgK?)d`iDxfqD$vq4Kqz{)6bd@ZmsM%WDvYtv;=b zx@!gF{Oud20aOoJgaZ7zeZ{9_UlqRC@+S$?oGgqhl~mHIiyV-7`gHvPvxU>H>D1{+ zhX(d!P{jtEtNTY;qk55@s)u|*EayzTXXNv-W~D1l1_IR=6E_>3e`Pg#e z@=i2E`uDaIN(A{e1_;A4ldx+XJ(2~-?gbqRD~Cu8FpT9&{^W}1tSGUXX>BBB!zs#s zdmp0ii3O|Qa|$O=Om47+E{3(baf>jyk4*wr*JD}P70L3%sC#409;L{%3H`>&SFxI| zFEndD6jTk9?f3n<$}5za!4fJ+Tgk0KCnh)LJ$sOPCfUh2!Wvbq;PT z13YJXmPoOW^6Ki*3v0#0J?Pu&XkQE<^y62pg=15ER#QyNPEkNJn=H=NfI9o!4H z2*W36t)%lZF2|;ZMn4-_g#y&`88pw}ioIy(_?)eT!`bviq!YC=oih>c8@4r(2Wtj0 z^1-Vu#;bzmiKVuMgWdHMoBNRxBZBw>KNsk<;)GXch{^z^d|#zWS2?@hA(-7A&)NBe zfqNvP7q|Hz4{^7H8!!5$Oe{8%trwUi0`#AaE;0{`UKvqF$dM~JT2f#5Ws9ejsPj7cV<=7y%#tL7W|QxX3|&o{TZjr zANcNUx8-vKB-(7i7o28zm&zC*f2B38;*(fKpg$Xede(HYdPPgJ^Jl~glR=u{XLd{c zY|@Ztu_{cL@M*X;P8iO9V1RyF_~vypbo)u|b`4IiuL#nwz*l~Zaqx+d zTvwOe(0l+dEWddA~WI5e{D$kmJ*i*i0oVgOZxDe5S3ZR#P8)sP}R~G|GZ1W9=G{n_5-9Yf2NrG8mu1Y|a7aIj%@+dppm@@KHNBKoEOa*g$I)GE1&Hej0g`{N@~sXHAZSnc#p#CT^G0@dHjDrx+B^J{T4m zOXVx~$Bdxh8{-z<)V09&V@d{UuYdrxfh0w*Ev7W!)DhnXZewOHjlyvrb*_h55B{oa)SZ zaICr6A>5_o2&n`+h|gbe^88@=jbWJ6UBCc7ywrh>n>4|OtYDC?pC}vHx6d_$;X^$K zk5xGmTX}kw-)8tQlPL?!*X1^6b%0rY>B@ep%!VMwh5nEo^eK=cU9t;MVA#$8y?Ozn z0$aUY$J4Cu*7*SgNc?g`u!C53@1omZsSP z9Abt5h0BuLeL+_B$QXYmKltpg|1GvAMC8b7cSIXtZ}quOYE~}r^y!xFZmsuB)?HL) z7QUgtH2;9fFO~!Ab`q^*b+b^x7HTy7Ih!VnbVq+FK77L>DFSwL>G3)vB5d}=?&y+J z+Ul?oqKAlTn0lyBeBh*|#M+EFBF5O5d{)`P_tnjjoYLfR>bV9ZAabtpkTiaY)a?2T z>Lr{kJ}>gi>F$Hv=hq9hStEB&w1W@OQrOs)I}%c2YgE4vD%_DCO8dEEASo&a=hVEd zA}qyWN2%gB;(Y>{#Q>c>raa0B&YR(amJ*4=yOn4Qa4;@-S#J|`>$JgF{YuTIu?sNsx6>AG#tNbFq%s;C2o~&a@{%8qO(nlRAppD}U5B8urM(5K zugdJ#)yAPRR6$xJeV_c**-&vs$`7X z<|`POG#iAZ@h!@ow>1-BrH8+Gb6eGSmzZJT;zwXOi@a&6%YohDF8_k_?+795Z6E7MndAn@7QwW>`_Z-U&7=r4 z7XIN(yYT{E$+s7o7#vgTb<)mh5NGFp-iFh9ue`|oRu$6x8PEAk*b@uX*ydHAm&sYL zY}%zyml^k%ucWPm_=4_ukNl!*fT+*iQ}aEXigdIv%D5V_AB$pdr5atE4C#u{-SCV} zZFUvzk$-!-wi<eswSC&)bVa|L9oR0W7iMhko#ePuoPBv9;0Sw#;vnx!Wl8tT5 zlexFHz6V}Xm^of4BR_ch!1RlC&gO0D|A@>0En0b?rC0+*{RvPSlm2&X8IR_--Rq{^ zqe@dKEDh@^DPAxKDOPZ@cE;F!Lb{aNdVp%`BVDhevFtBm-POUm1b6GvaE>18j9V5b zr{%$CP80Uc9B^0L%e;bOGqJR&qdupqI~@sr66MfkyAakU>sH{^m z%lb$8rQ%|oJ@OX7&Qr;3n&-L*rBI+%0_iX4rY;azg#F-EEEGl^0D=&T7{sJRTy!0L9FAqz-&M#M76vE@U87&>24H3Gt32b`L#rLknTIGec;G z7|sb-$mhB&E7F1}3gg+1K#mA5k}rALfGf>$+rG;e>tqR92_2g=B1o%~Kt0q-N%~Y<=K)^F^XA zVkXke6s}xEHLmRb1OPWi%=yjnRQBPa_z*HM_axYYM5i|VVOvws0;OH5>#miJ z33+N&FAt9#_UswGuOiZ?Ou3AdN2vATqd&o z5LO>pvlMp8d1)3aw{~`HB0eZSQ6l`hIG?mQk6vMJx;f>n1zvklkZ;4vRuxhh_Vk#& zk@yC0Y)zPa`&XiC*h4a;&6T`$0@8m@2a(#)IwfRoxJV)LD9l5O>#1SG+9t#Hj&rLJ zimnH>k~yroO<7|9QiAF^=fRWxDctKv1ce+kYB$p z;d{yqT=$)Uva__tt4yUnaj$@$=D6kuh>5$y>&AJ+f(PyN`@=}nmT$#~MqkamfVDqwQVy4tpM@s@W=U2hmiu5QQL7+!^DhDmZ zKIDj0r8r80tvt~O^X4vO*Zk94+2mO@TERxswFvg}E-Nm1e$y=~Ly}Rid%j-wp!4kQc|EJzSNeyAm>qQ5QgUr@VEhmI-z0 zyPQ6y#)*Z2$!*Xyqk>}gEUYp&P0>b8DI6{-vRUrpmCDqB0aLlJ1pJ_W^(L5V=l0Xt z+Pp4=^pAn;p1H)kQnE9a$^Z)%Ks}%ADi}(E$Ig1G*hhHY;cG! znEotVJucvkupo;msw4`!>&=VTSG)A4XbT&I(sd|W4)4&x%ji*&Ny28B8gf4@<)ouy<*9313-s}%t{ z`&s?1w&l3HpZ1tWiOv4ktTUn3t3b09WxyFN1qX$p9IdEX?^IHKa#?>8rK@&4b4$i` z8PV-z2D;9YCC!Hj{)k($HHLV1`w3fr-#;oYSFN^M65p-SCL*_oH+9msNxUo=yC#y}bH9fY<0sye$|GefRItWt-~m=rBsCQ8etS7RIf zYY+TM;XI)zCdYLoR3m6sQTRB%)!?$BzqiiGRE`?x&x!HO8udAr1n{hx6k)9 z(w|i<=^c%V^UlNuz&w%mCBDkl6L%)WjeXSiQs=+RzSUQG3(SQ*0ot7wTl6EaJTzCJUXz)z@RweD8 zIO~_>o&05@tE?rf29vK67Ef7}zeI(aepg)_28T94KS1!s zO|5#)7rEeV;bbW;?l`V8V@Y)(Qmzla_c%qINAThe`QP*v0h8^!sWwhRYus2=9@!KS zKL?urAXMjE|CD%gQU;0gr*1`5bY3edj<45+9>7*CeUdE|>XgkBvNMCnn~Zqzx>4d+ z@}7#MxE+E}tt*w%cpNtYxJ!G!v79>0F$|65418E)&tG*?ZfCM2zW_;Km(q1hMDTQHI3tIaqF$$ zd6h@1ge^f22~6NcSV9s$(&32zo7ja=c`jRi{kT_?+F=dQaG2pVN3&g{jmt{{=mf~< z{{N56_vb5}{u`vfzv^M_*kAMX*Btz%1OEqfz@QggW6-nzX1A+8lNnyNHtX=YXkb*! z$zh%QThdde4d&t?VPGvzT{b}8#r|2*H7p{w4UUsY(yjG z0X6x6;5jzXV;w9E{bzv)U=LFlxV4cZH}%Gv!Fk(-6I!WdMjGoL3F^1wen?0MG%S;8 zF^ottf$^Z$ECxMjsj$x0JL9FV?E2>CG+(p0-{+7aA{&a+drG{es+18xp7-T9N$_7w zMJ!6`>Nzr8ys3LkOp{wq+=3ryHe`LB7gcG1$AiC2CK{DtaS7QwMPNw@D=O7rwk|h5 z+u8dNw9T$0|G3{X7W&-s<&UR(jd2R!8Mb2{%1uWg4_{oD$f~(%rc``+By&&xh`eIDL&Do%ZAb%_0-O*FDo`OcA-sY*wuVfN5^4SQB~HQ(`$cf4a#1OKi*?5$$X zki|ZIgAAz@VZ|}y+&IPk7q{D}-D4obpBhEq9u;9DQwe4Xi&#$W!J+%=93hJ4-M^ZU zfv1^-t26lfyY0(!Uo0qdvaDdQr4n_Lxp>@?Ns^=&LUnj#Rw2YAXO)b9twD`*45tt$ z=`Lq68d@HhUo>>>WJhGqtHt?~eNbWGK-yQ}2KVr! zZ#&)Wo{KEPtnJO`YsG(F{N|qi-rRMZ-SY4wwauqSVD=PIgv~rXClC50f&hbwsoZ{q zxAP$ot6?gKf1KRDbM(N$_}6WWtJbW0IaivEG)7^KcybL10Oeu<-VP|7GpT^WIU0rA z_BSiVex3>-E5$B1zPWsaJ53eTN6dacNhcR&e{q6Aunm%bXn43%`;>z6N$DZ^xFZ!G8!ZS`o?u45j)@K z@m>vu;AfZP-|uQ_VEaFOL40{$R$ReU-nbM4pL3c~B^TJsWNDW7ScP!*sRRHaEu|p_ zeoW%yO~C7bE)e@oopV0%FlHavz45GSe@oO0&84~v0)Diw#uI%pYXZc6F@h_oDSwRc zuSn;F7xmZVrk`JVsJS`1_=!SF$nK{yN#aq3&B_ZOXOCaYdlIDj8Dfa}t0=8{{>53TmMM;^*Po{O8a`hqy+o|;LgdZm z*2$ha$w2h`>5(t6jE&9w)t$Wsyd(x#VLPwk`3JhB%aQ*aC82x(c+!FnpGK{q+#w}s z3e+Z(;L{CU3R4vaV0i3nP_aDD1RJeEV21N=4FBn#T>@K zVd2O4qw>R}cj z!b@*Zn9~wmO2P4gEB;-F=)626kWD2Z6H9*d7JD@gqh+Hxfx*ZLB)Yu-QEuPPdA(dYv?zWfhA zY3lDVdfVER1T^Ixosq2)VWjYiWzsd8P#MeySu=@?GKs6%&Iyz4R1~(Vys$E@FsCzD zGV9yZ@O>kLcU%LHDlcMkSvyo8nVlBMYuEOn*QOL-a;B9rhB##>FHcGTj_JzgM-s=U z9U||aW++N-AZQO~)zro-HU<5^3CGPmGK_pIz^Yp)SkAuOOv3pdGeV4sgR6{Gm};+T zj|$mTHB=>b3Tdb1L$f$vxcJ2!LyxWvOPG;W(K}aycHCswTen?hVMczWw_7hG7xPuzQp)n zI}|y;d34M5y;DiWNz^kXrI~HE^Q`i2>YK(-)XYX6sSO@-Xg{{&DXU6aex*%L^01A% zCm1GrL*k^@KH9vd;#-7IS|_iY>XTO?%@3)$!a4*ub|w*4-Nv#(Cd=*}M z-nu+^I8_lcj9=I@Hl}x&pp6uQv#0N?9ZW{QAbU95A z5;P0Y{^99bXkcu#aoN7TVcVPRvxd}m(=&CRrvv=epj9ELW+3{OzU)yJpbcf!y?*yO^RXjZ3qvK2^s41UMwUtVA=T2#Q4dpkxUS^u2cEEu5`=#)g?+@kO zKr!ZXq2Lt~+7Vj#GeUc<>EYW@&kwzIc2BG7>mND&{6_cUVUhj_aYvvsV3RCQ3+kU+ zT5u*Wj^0oI*euHBpDC64YiDu?ZME8lqBNU*UZr9 z!IB7?FJEhu`sgk1E{N9^+z1RY*ZKO9x(~(e{CgSfDfa8V)KvETM=}l7g#Mb7yVd6i z(pC6v(sywyMB{AA&aMOZz_zzoQ11*vArkBx3-W&;c)!MXIAM%$5EqW_he>UPrg4r} zs7Gv4_zy_gDlhSxM(6#E3ZmbWf9-e@gn4wyCcz$60H`KKM-39V?|fecYP}s zCASjiwf*$RJX`TL*m@Lo{dxZqqba`8;j&f=H#!0g^4AiH1h!fI{4?1!;0getkY5OvCcVE71wI6m(K?w<&J z6U^u#tOdc8$&Mqvhb5jSH@q<#)<$)^OpeE5BAM5pRtfrH?(Y0P*oMK5t%)0N@!LX_ zLBoaN_rEdgF#`!a)qI8kYl*sBgWtUu@!9erVF@JyAE|qx|Juz1C9(7^$Fr!dwh{z7hD}9m(|NA9D3}Y$$YGOFs5Tqp0jM1P6b5 zq&rRC5axe)Q)wnHlsI33#U>2??#IV?Ut0I@XBUDhAnnhJST!i9z$;h`0)P% z8UT_%-0#R!EPms1>Nr91DTvAlS;(pOr^s;*e2=3?5?P764s2=>+DXaq}=9&I*-(aLfl2R3|`LZxlOoKPpAW2(?fAjGg z@gez%{e1xSKo|cXhz>UUKm7~YJ0Qc7xTL|)GC z-3zez12KPzI;9&S`dtdZ!u)T+M!G+cud%RW#{Vr=VB8z%fK4&CWia7F@@bw zQIv|$s_sd|1#2w6B~BFGeu!s0{aCMo-ia~_3PBpIN6g`5g;GlE9oeokclX{>>rs{7 zRD$Xb!LJ7xo@UEyE)GDSPu&R1UAMP+daYX6ldbC~rqEI>SfLa*7TL6uFn0x;+r|c? zwm-V;{Ms)mYPmu+wxgR(<8{pkt`|JjMv!A*`|y#ve=X3MxO?c0 zs|GI%+j(QxnqtEe)qW(pC^Jq4b!Tvl!4@5jHz;#v`I6Hsa(q9>e#$wxp3Tq7n-P|A zag8#t4xld&yvgodr5#qT{hI5SIgt#UpF47(b;JXo)6k(-w^n-gJt*K*=fp85C5ezhD?C8+8U9Eux1O2t}5 zzLc~V=Fu7EF0HKb;W3WNQ2R|atVv3oba8#I4mpXzc-3G@+r3joqJ)ZQit}q??C)Am zSH591|L&gNn)?M3NC^xhNmp#5@PZ}lvWKVPgja!#BlKdjzP$SxA7euS=Ak3wiU;m} z7EtQvM+E6HPy2LPG>44DN~QR{4@Ajd;zEOcVb?{a*E?KaWg^#rlQs_Z1fU=I)ohnz zvk%$L&rE)c4$yaPG*sVoxrjgS*SWQfeQSV=E7(XiLs{5xv{!Ji$ZQjHC(jf-&gV}{ zTZM%~{M+?LxqT0MyFQr?YmgVjVtDh<6#-=Y&U=n+Y|ELyvToQp`&-C&w<{rKMO0+# zaIK(rBhK7s0S^%V777iY(PYn(9#1!n)R+@3Er{*^NIi}zc>XI}YuMTOJw@mg>AR28 zvy~bhh)a-agGSJZHiBnGP8h1Kn3~%CqPhE?*uBD`Kun#OH$Infk7Hn42V+x{TwHN_ zNr3$IWqCT8Cj*cwY!YbzFxg;krj9*Mh{f}xXYZJOtuih?N8}OI`^GTwb1XAS8g!P^ z&F=smtSC`4DEW>*iM65-w;UHED_Iu`Zkval#(pDnqELC%qffkDHX_?Xq4>+@w3^fY zjrp6MD?3f{3(jV)p>Cvi5@0o_`SlLtbd?Pe;p}|TcYS!D6=o1Anh%VhYZy3k#TDn_ z@BgTLGgegmvGIqQP_JXM29p+!O@o(qIb&6ZLx6ZSyG9!6k$j$sR=ZEOS4oTP7`jBG!xYN)RB*SIS)vBa&oK&8Ie z)S+_^a!?>p@(7K5$<{=GjN&2ZM;+%Q^%Zv+*pvO+y3jVu8;} zpcwVG;6;_f+a-4&s+&nt$%UV;@wrdzD?u3%7SA&eC>#DjP?QA5U$Cvx&+}_QoZw(F zD$G}zp}7(Ph?kYHm&CD-SF}KGkyy( zjL^qDqJ!?vVu*M05~A|PYeZ4N71T@3ij)ll>lpOiD61FG-TLBlIefOwYE1Y$2H12K zs3U*X&L&srOFbQC(R=7cY7zXMl$ZK`>@ffwM}+oK#2RZLphKW|!5!per)I-YBc+em zz~icvu{EJ#mM<(;`tN7m2k2uazlSc6sG$NH>pa8}zpBtHZNnQUv=5ig=|uoa=(+XvMUFlZexe;r=VPyslV! z&nPv^Ut#ImRN{Q45}@(#GiZXB!?I$%Lo4EZi`&cLN_?UhW*C-2#X-?~NPiUybh03_ z0g30=7pQ)en&97Y)BHbilR{7u9ttAlgN2!wf_QC5jkK^ z6W$@_q5Z+IM+NaH;Nm2#Mrim98pyTG3V^U3A6yANK6(v2^CgIWyZ>c#Yzl8d{JtIp zvXQT&ZwU$amIVuOfa&7XX+|Ag1|03sx)St@WOu;70iLS=?|=tN8Z@Lxjb+9Q&jxKM zFcIwSYnXhjA}+i#y%ds`r!ayY%RNoS^Pov^&7aKrvf<5kHY>gIZ*P=(dh2PVk2-CWs1N!m(_bRV*Z)&4*frnik*1NhE&bF!wVs4@6flFk8b#YBF7=p@ia9^ za1&1Z*0>T&!qkFp?R~{x{V*i?7v&ebFXxcS~jBnko_( z!a~K)2U4Gi;_jG5HbLp=RyDs>2kLb@I*cv&sv43!3cWee^gX(}X%%^)u>_z3F(-Kr zw7q}y(+{mvWxZ?+o+s>)B zrI5VltML(yNku5ejrj>q<}t}I>ZuFqHj?wN>zv;&X9d;(r9|w);Ds-Yy8!f7%qOJk zi&njf(zp`To1Xncu5hZ65^psc@L(6yJ~dWj;mG$Z@}qxj(|vmv`D&NX?iKiVT>}p~ z*@OMt-B64Y(|s0;sA!4pTl5OseX*sjG+fNj>WNZ+GwDp(ckb{o$llABr!HFsO+xxZ zu=0eqI32V|gvjdHLWqci6N#1(@$)VgC#c9XSx?X=#qE5_C)zDnc{Buiu*#3qA3~Ag zSVZL$~_Kmp(foCda<12(?k%+usR(GvySF(?-ChwzO``k2QYO<}irZG8-H zMlF_3M|Ow-j!1y`hy4H$*E2uBk~aT=(Aw2Xme0b~U#TZ%vAyFR>Y4yFrEz@j$CU;u zfC4};e4*0@JAjO$cIk8oR~zGZJ45lRFw0Dub*;}cC0~3!L>#vbh-|aUjayGfPHeKP-{em zhz0h{MYt28H}&e5tbnWKVFu+X{l2+Li`;LXR*AA{aHzTt?!!TGrd12CL^#{&&%Us~ zRc42&p3dY3reo)+gQt(>3Fn|r%CPg}{aeQYlhYZqw#0LS-Kggr%n!zcXy=tT{-4&Z=SdQY*CVko$0N5T%Ni6Znu@2!J;^@htO*5Qj)@NsNCB5W1jSA&VIQorB zdQn%qCegHXzf3zM2!Uu3M2j3lHs*1pXRA-(-qnxN*?OI|ZgH>1@m~MZT;KD;_e?yz z->K$mrn!@371FA)2$SB0x`2s+Yoqb_H!hqk6EI?+55jcNTzO=4vjN|hT z@0!V4c{MJ*=Jgemx8{pf0W}OPY-;uP$l-kWSa0^EmM>q<7mn}UmwsBss$FLy&R-tS zE%Dc{(tjT`*r+(7$bq9$c%&A}>RjSX*MI9n@=G_lluoQGr)a0iQ9C4n2i!$<6zpGj z@p1lq#mjB-MdwI~ZN1rIKA+6XfA#LhLGIS$|m=USCu+vjPK#jppuAh)DqN0|t z-XRr^e*PX+DaS;DZE-bE%9NWGzI~)hLP--q;jP;g>wNlxkKlPM15ZP+{edi%fZALO zAPi(7i<<{;7fJC+38aV#?s1@t6b^FKUl(bi{>{e;ifCU|kc1c`$Y$X_9NmdehOr_h ztbc)Kp@yJ0`YWjR1Q5~1z^D3l2nl|W<-e+ff``nlK#fiG1F<;;J0;Oy9u4}0LlBf? zolpJM0C5rnLBUg);n+i|lhxmVvkEdWMRbnL?_{nj(dut}0Y_tPeEA=jmIOT+8ADCkT zHLQ)Zb0E4O?K+=E6rm3M^soIp#(|t(E73&%!Y5_20H%+7=MUs=rDx^8V;sQj#{3Mr zaJEjnZ%OO5SPhH5hva(sxkQnzGxD;$*#UgY;+rUMz z2se#gZJ&dJ%-*&UnlwDz)11OCAtjCU(2yUT5B$YUqvB13Y8MX_dpg$sBlz@Y*9fPAw0 zf>#o}OFmO!M8!2v$CaUKEaAGW zd~DAh0iG=AJ+LyMsCVAytv2r6aZc{1=S)nuj*@t~y@~In1e_=TMmbBZoqQw-Pzs#c zXZ0us+g=^(`O@*ay__7Ie?C_Xy;B)YUb~xNgogA01~7G7lh}l|Mk#Fg&uH``N0*49 zl4q&XFC1C*bd`xi!D|KV6_P$R@?&kbp_o@_Q!R-ahoYkFbW8+wc~Ll{w#+jzjSg@| z3`82Kb(*Sp(_#7k^Lt|E*Ir}q5;Q-{U*{O4Thsuy}lC74gLKMRbrqXm2KX_Bz5z`?5l<@Fz z2%KgER)I{&9l3F}>|0qyrT0|<#qSBrNUIrDov{Ywkp&Kk#1S@)e&98ae7{uO%@B-A zRCUoF4p$@1aUXv@9t#P`_1|6X@Ot}tT4T}F@pE*KXiSIxL$&PlTnVmlbwVd6{dfgE z+IZIaUfqv{8X6Uv+Ss3F+UF(x3zH@!`vXt?jEvxZL+gww#Xdr|X`-jy+me zVirJ#JAoe2sE0GXyi#5?cYhi_GrnscoWVe!hzX)wxI&e`?_^Pe^f!OB)gme1T=a*K^m^?XJL9F@7&mE8H54KM}*xta35B%Iel*`;58!u#1_;Fvdv;qml_ne9 z!oK8z)Ybr2!~hqa^&HbC+T<*;{z|1yu)I&7LP>Ct=JB3vsB{-^aDc}g1REnK=<^8P zlg4hhPy0I@Sp>7Brm$D!*o`Q^T9a#Hz}EZ4$Ku=VB*rJ#H6C@b9&VcbHZYSLhqfwG zj8%TiGF6|UG*SDQmBNfoN(c5NZolKqS@BX}-!93VxiJjsXy79L2 z)E)G-0sMWT-~s$^wa#_;JwiW}#uFZ8Mp0Kc{t#LP6 zyUekWKaf}YaL{V)F^|^@j6UJRdFz2D3b{PbUe+y}+7Zi|c-E2Z-`3KDbh)p3q%Jh% z=?h|Y+V*|K7mq5DQ^uXHu2y8W*>4iVCqvIoECm~|Q`oR{_1h8`d}^cxkvIVt2eMp2 z82(%WUT{WU5Sy!Cf0|J_z&dX*tyyHJ4}JPu!(hcr^!%GVc8h*iUEc{8eQyZoshRJI zvTbT)R1l3%q}EVz>c;WoXiPXz>!eDVD`=0(dn4ZrZ1Z5*GI8%F0T@Fpnyr4sTaG#X zf!LTDcX;3OLKfQ%2PQ0c#p{b)zIf@VGxg$w=IgG(E)Ydfmv})AlqUz*H-We3jSqhy z(a3C}fQxA5ldE&KtM}5L56_&|2z8zAyy4Y9Y4A3uuSPo9#O%XxcF?H#16q)YHvwal zmWG~A3{yG(*0MWBsYbdP}*L9HNmb++Kt)`#Go5=6# zzwSkzYxMs2@n_}jun7jGr_YOh{RL_=d)f>Kvm@YTeGOYA z#zvlAss$=Ka=_)F?RN&k{3L%x5}0w`nxk1a;l|VFQ@E7{H26t5ej^hRi=P#F5QFzX zpo3t5ugrHfb2uOgzi1YgGGD# zVg8i!fT-uM(zgDFNF;zq#NbPfS0Ikbki7+`D!XSKkjMP-Q37~77>I&ULN`#D4d-72 z`^b@F{8umw3HhjbSbs1#a`Ya)5d85UbY=gdIQ~MD{~dqh3-gN+m=)-+&i%aS_W!68 zf=Zt3#}Q$|_)~WWwx_9A6THM@L&c9rfaYgaEvk{$XY=mpPa)%$);u|infifYk~Bm7_2L%6MAqJ2lA)$?x2(;IftjgX<^6*qAzp&%*xu3)rxrU zOS$!9-l(1{YDW4A716VMm{^RAA~;nESk1b@nNdq`aGiu^X2daHVex-Knvfs|efM1{ z!o8grs4X69Lb!>fHxOI`@UKZ|xe3V9$3(|cXGNvf%nE2LlG!A{U|ggEI1xOrKGH8K zZJ2~7@KEi2O@D`7;zs7U+dIUrz44?DV{bd0 z;|aHh6}dMr>xKAVNPn8!-_%u`T7Ou5zo^H#7nr^l= z&v4_SfZiV6)$pWSi8m**WhO(ZOZ?r4R#BG~FZ+BC(7`hHRYx2eZyNV@J1u1NjQ*s} z_7;*+a`C6}h2EzhBz(`L!W&v)Ewn}twTK`5@HkbJNi}pXo}<`_#^{DL&A83h5)C+< zemN6fb-);d6mdZKb)hcT)_ZV$jEOmEvXgFF?V7W253|sQwn3=tpvNx-DNvWoZg0GX zJzi71S`$i``pN9^x=THSNk#b8R|x314vgYSR8q_XE}6vpt7vE|jO`94-Me?Us@#*| zZBifmSc;n#TVbjBo$HA{JZnBkoztXxO0*-i^Vd{W<)`PDt=@QvT-coUeoOoSq60x71thwsta^T_61j!qp?AnsdvO))i$* zw&?~-jGhn4nxWc}B(%WP;tGzft(HHo64-tWIal;v$*nB-Fmaj5_p-r+qaGyj9DC-M zz^7+Z*FxYu%~s?xv9BJ;*rs5t`ZGn+eqzrjrM(7Z||cx z&e+pdD$SOBkLKew_E0J@nf|jo(#zhh?lcNKZU3A>H*V!)l9e>qVQAstt^edo$e`Do#C+Fw!>Y!c}16~DF*I=)WmH#^1{XE+B?1pZVYzy2DCc|)H zQ$22dWr0UL8S|*2@%Zgo?;*>6Oj=_OIHR2rtc;1niI3Y=9WHui^VwR2W`qfc}jI zXQp62*TQ15`qQ5mNh|$#whni9+K%891RmvlyVrKVWDldu%ObG%#l)j>P0GIZlvtV2 z?@S}#nGl9xbk^Te9*-3-sJZnrc->5nrEdxCF(%IC&3tITrZee}wg&cZnq%8|^=BFT z_kHfoa+8P^)$JA)K+Xr0cWsbiViT#8a&h*UDC;EtT||^74wrYhp}IAJEmRp$#?l8r_+cl)fsO#&8XN9*1|Je3 zCv=_)FR!NxIMI9#Id^^e&0altBpO;`Am?3xH=hR}fan8+u@_!tw_Qbj3lGS9d4BH6 z=o8TV;~EV0OVPm?f`)L?|~WwYpmpfRszr<=5A&BX5D&weUn~WB&7=+*tCal z3t-%UlK=8M+HCjb$4kK429Bva|9Q#w%nnK~oyl5Ehgh@2)Do3Y{p>f@z>QGTbn$%~ z=lk)kF_7OD1jbH~RIF)X`3aX+&!FP=&g75Qa9XSHH24NS(8yH^Fh9YEoL=dMGOYP@I=+% zZUnbz#>$F}JDUTr(G3QP;30pTgl(M&Gw#gxM&cpQ>2DUH=%X18URS!ux74Kv zq`TzVF(aTTp7EdY_x~U6brA-hh>Li*4VK5G{wq-E>a{+qPd&Q0FLM8soF9*F@i5&!h zIPwe-8;^c0)uDKP^h}i~x4y!MJI;;hSw93L)3kJi96XhsnX)??Yp;Iy%;1*=YZI}g zg@kqRrT>8VQI9tNV?7%ZgL)#kSAu#X@IQU<5Aj|}CY!@6c^haTqmKFca(rsn;iFJ0Y&TMHLVLwcV};`M@(*uIO#FRD-m%y@wn}`Qc;i4 zNWm7ZacqQ$KM-nAIp}~AuA^=NF~Be!XV`cFX!B96U^5g2X;Dlzfyp@pwdM>GA_4{A zbWa9Ij>ffp%hV06|-cC~F z23+=kC7;3f;;R^kvjkk@sCVQk-c!GQ^rTl558>baNIhf(_;29e{E@)s(}F=)Rp;3e zIKkO(f-A;R)@9Yc<952=_>^1E<%Vtf(LMr14VAp971l<5`dBfTA22B+X;Qi_|(q#37V{KiMNU{~pbq5Iz#ZqzaoKtk|&K`F`&v zWAD-ACwCSDjdpt82WRw;X?#kgPweTrsZ8P@|Kc1O((d$C05RH;ynU*wres~p$m(6G zy@YXB>NVb1pX2uOTKSajyxve^U4=gJ1|@VE&x99qa=^8qka@QX={6{%BRf0{hV-)Z zG@(J9`pE0o1$8wNVQ++$*rztueV(;TDKk1vlB|zy=Z!ZsNPJ;qOT6RJ-PBJd->G-{ zsgcJN_=hnWefMHIL)y>EL&o^FveL<+`I4ZHUbfl}r}vpR7?a3km}w6%4>nbCyP}>R zWd4Ori6P!S%?8O2DDT;V00HbAIFfI&dr`~UE2M|jv1loUzta=kQK0=AbdtE4lY94& z&`@AM^-gxv;%Yw>La-4-&;kj0~yh~*3 zP3#sZUgAmHPc@m*8C>6Xk-?P>Zao6aHDy(H78>Fe)eswwnvYbe-;i;NP!v|DnmW>1D`lFYM4jb23FhA^^XGlUhuOVLmd! zLL*nd?nxFu+y#OSUAcEAw0X}~T@VPU6`-z}^BlLrgsJ-8dmSZ+4 z2aQt8@T0F=OLr&C>VsX}NaGN#%6M%M>OKJFo-hJ88)$JNhns(d-D%CM6n5`%yiFci zkz_FL{Gs9+)nk{7v;ERt3sk|x=mc;@@PK5&+F<`+yFV2*vf9VkxOu=OtRwJ-ZMCK`%o);i+|XAqEjg*+U55i|kY-~7#tv0epC4-dV^tCeY(RFZTMs<@8ArJl?$GKB{&W=1qZhYl^(ceWiv??*LPsD0_5M)TQ7xyV*13>QUD(N9*${oJo+=Y?@_kq8l!_D74w_@(_$NV*55ec8 z@InK`h(XL>AA9fzLN4Ake;|$X2hP@_2<(&JT(!Lfe%%@fv)JyP#Re4pHdl(%*3WA6H)ljGib3Kx(m^ zNLaKy{c=^7%XG;WUm{m>t#jOm;6PjU*teAwhsyZ^;43 zx-%54Rdx~Bgv7xLT>1cV@B@KO7>;7} zSmyuYAS$`dJ5f^lqRr43l`7uS7Yynvp?VHPfGMdv3d9LzQej@}jeUvPZ1bjlS58mQ zSZ^6t>2|?j!K$=VxkKY9^>1kr*y9pVbfntR{`!?pQ>a>9m%XElF;LsUb&b*pw~8(7I2LK^vrr$b zeDY&U$n>c?raJBy{$mP&*xLTCP5F%wyfwC@0Smh~?xZq~0E^7%Lu1?b@MwaSdUe z89pa6+<0xm-l#v$HOKBaz+EE2>kCCV#&%TKTgD-yiMZc|dSc{nE@)>OIEF?#+zeh7 z%YKx>+1OB7+nBn+x@{rG!y9knCKo)xGgg;5>AqO~QbH%H%>MF9f_u)yv{AiP$(wBT zfhID!1DON7N}#jy-!#$G13N5uPV9DdOr>Q)tNt(75AQknD`UIaW4^0jpTDipc_+-Q z^5klO99At--lkwvk!v{jhofTCSX4DvcGotqb240sM@A8Yls?WlgRfyg7&JwS7VfC@ z=gX<8y0xOWx4l>y_4zp!U0-$WT%EN6si-uxP!i__B$ap_Vh7y1H(ExH9iK*Vhx5$BIx4 z8)CKumeE6L9z(ve^3-M8TG6{gM4bR8?eAe0N!!S-CSBdlDEJ<$`{t!vk^+k*?N2Jo zz-uQwKFsjl`1feRdD=^ zKs6=NQCCO#4L|Wr>M!aLD6_mK5;VxHWFfn$vV0e(#r;W;EU~@sRs!Sci6Lz=5Kb*f z;1z=)`Qe|E10+6?_sRrrAS+H@+QvqbHvnL&5TTBYSizlOuWOi&x5cqo3(-1qwVY67 zNgt2b;^{yiy_WYPBJNPjb$iE?^4#Q4^Y_^oR|r4VE-kv;ykrq9EkOjNp*+}QIT1X! zQR#JcK6Bn65>I44!gA+=eIxB|O3@s5nLSYbC8I;lcrSg-7iuW;^WIs{OtS)K>0C>H zA8@aWWtH6S0%`ROG6!Zg0JU$F-Ob1$@TK1<*>bvT@4`biEJ!(j(}YUag%oseOLpT8 z29W_;yO_4iif?%AH|zA&^;D-=%c#Vsr90&V1&d1H=y;ST5DrfLtj_)H>}};>8Ko{( zR|eq?k^!t7bqgH&vlHBH2V!$(d>mdj@WL~J6fc!A-*zi!_~#x$voa*1KkA_bTjaBQ z^a-~WllRuatqSb}?nyov)OWw2&H`}(!WzM5&nbrs1Y|>$RlNVS@p#34@;O!pZfR@c zSUhfls2$=r>XONhm(262ThwdFw(Vt`?|)UV!Q)6}k<5FYI-g8wfR%@r%D(O_<3cPx zzyW?FoC6LdjeUXPC*nSudb@~L>8-;PS9^bVPrixZDl-WyUE*V@-Zb}MRR9-@K>gEq zV4HNYShGFzQe~jX-4{AR_uY97n*-xnLUw{(1cv}4(+|fz&VT^~r)dCG4eoHepaI3p zBlv5($a_CLyY4biCRs`{M@7`hN=g!MUw@_^1)IoQ0M%j@FSj}_o;>pQwn1=AE9I_wT;!$+ ztLY6(Q1agm3I(&s1Di&w+^7ZV}~05s{o4777#vQnL4jOJ(E z0hmb|BRLLc#Rs`fx@)M&-N{t^sh6=jY8yjKEKbYVW}d`Yns&3h)gmJ@mUbIJn$;)s z%>z+-)nZBnhLKr}v@pXn6`1NnWjrMSX_pevq#(j}5{OezFaKka@Je7N)&4eJfLVyU2Sdc*u6@b}#OJIbyQG;)ifF}hU zV>T}2ENYj6sJ((x{l{7%XkdSz&7uF-J5a)@U?GXHMcUEdhr#1(qYOm*`c2f6gw0mJ zdQM(!b&4dp*R0)BhLAR`9|5t_{DbGz+}xXv_5N?16W9n$0|@-M>=v_Y!xeBU@L1b4 z9o^p3;MTSDvg5dwMT7r)IzzcT`=5MS4p8*bYycDGk4{&iX#`yS5M81=0AN`hg}CTYz7H z-KQ@rD9PoDYS&g?`cH2>tuMI;QzMKZCoM6*HIFiJx#$53yi%mV}Y!j$xJplr|B+^usYro-ZS&kPcS!dObw7WF$4I7|Xmcb7A=OEeKS{s_vn zK@;v|LEe}bu@Gg}E}2arA$1*sUm*<5GvS|R1!y%49tc0F*koftU;4`ZGqL{pQjNKr z+XPEf({bvmA|2iq+t=BaKy9!gJCYine7L0NuIv({?-0-Mb&7~WJP{!e65Q=$LGZ#% z@uOE`Jzz0L8PQoA13-end;R6P8z%J{SFDAowBhXL=G4WO0j#)g%*&nVRHn>=O}FPv z`s3vGLQ-U(pC&vACVM(DNIG=@G?k#1y}HO8=cyATJC^_1c6ftHs=r)CxQ;laf-;xa zJT&(pA7QieVorRBaLrD(u`*i&s3Lrmy7^j(>O{-V>x#clAq8E@z;^WSYuSciCWzx! zrqQ=h7CH70?T+-MlBQHBYXwY8Yjiugk~&#ogL*q#7_4)L>}oqXCAI13hXg!tXCq)?PVPc zRo^nFJTg`trehG#($yxC?mj?<{%n-Nt7NR$MMgV4qmx10koaG`y;oRMUAQ$GjDkvU z(u;ti(m|w!CelQVsPqyQkR~D^5+HQx9Rw7CfHaX3>Agq?X)3*w&}%}C5ctmI+vVTq z;@tgbU+{Q=&&p)3mAT&Wj`5D6Qjm~JR^=zOf*F^>QiP%$EU^l{3^OM+<%d|q7~51&}9X5fHM8nPvC~Ue?d5qFz?d)Ft<+u3qMr$LtjS0vq~e&BL_K7w-@mPfovU|>sECaQ0n70}mQrt|(W zaQ_hPkEX1LXOn~pBWZ;uozJ~6CJhyZQrf#Wcd}ImA~(-h@58v|ZC3BM5&8@61kDxs z8kS!iy~6I@K6F<#Q8ccMDjLW8h~h^)iHR5*{S%BRRO~*BOT48D@(XCkpZs9o4ulDU zv56LKy8}5)v4PgyOLBF64wvRPlAf*z@oqvLR;sHH)D61WExBebyfR_p$m>9#&{2nj zUs?-kOMbEA#SzEpTI#n^DD%AJ$63iZS&&G~&on1~o}X#TvTH<4iiw!WzK^QVdE*SI zemDId5JXc|z6R>!(^=KTzpa4)wF#Ly8XyB=}&OeYo<&MUZlVlQC zAyR05x*Z+r*j}+XO-g=2J#IUgZ40%GT)Z@we(}h#hni4zCM(sK$y&)j>$x-%8L@d` zubXT@oY|Khq^NY-t@)zo=~|6=rH5>ObKiF#D!h@Tm4h5#D3E4Lpk`6-HqlR*6uG)Z9jcjef#mH#HPVa?UrXDLBIj}da_Xx>Vji^cXud@VHQ zF%#pK?U@Gi42kY2Pq=rObO!ivsd>$>2URxIHboEiK9b^Nit9GR({_-k+g8i6f5K?=2eQo%hRYv(IU4!-3w&FiAjjld1*~{5KP`^IJw%6< z$Gkr!AKLT!TIjUD{ScLUvnIG^Id#e-rN(`p zA;aZDWlkl2HJFQU3;gXd>z&bP$)do)s0N{FUt4&%()C|3$~lDwn$_FuMV>=5X5E)j zJ@?*J4o|0wS}W!G519FR3#t2fPNJNNQ5Sk2gRhXTn^@BPfi^qyE6%y7`ap}#V=dA{ zf=o!g;#|j|6AL`qpi;)2;jUlh-HyA(8}ly9v;KV$@0;pAUgIQJVuX`B)h5>T)BD$) z?YFLK{^)1Du;Q@2d27CS@2AeEb0H~AaRGbh{g4@yPyd(PT2a4_pP+;YnvwN-IqMc| zr8>l{vMVkvrQhV4-QUbgK=Nm!X-?al4*n(h#c{yUE zM2%sZUhX^-^cIwPyZmw5KMVkSHs!_&vdMWWXj?GM#JY}3`GMea!dKOUYn5-c^|}`9rCqndOssdFpRl6LXyj)zB^+2G$=_PDOtC2sB20abRJ0jLNBhRbc;)#m2m?W(}^Q08!Kyj3w$4ygC_B+W6_B zttNNx|0wFr@9fQV??bqK&Rxr zxQqN|SBC?1UZ#1L+lZt-C{2yfVs`_gvBLBBJiJwA@H!7~GI#i8B8*;F{FD0)a*@q&oq+p?w?lqJ&yUk|*|uPtrEeO2cEk?s#xh}dYI_J99gZJKYLf}FexpMF%REx2=tDYyL}6ZgaroNqgteG>I( z^wsTY&uw^VN$Nx^b(V)cvlrSxQCm3!Vu0D0Cg^mqW7-|1G)CMC(llBhX~*BIbv(X& zZ--oMY!R~eL#Yk&m{^5Z?sRXWcUwQ<*8;0MnW}Qur6PPirzuh%@=T3t?x1LPd~|L( zvR;uO-)c^vNvU;AeD9L5^dS0oav1J%=B3p-LD^L^bcb?8qf87I5&CLFdc8=gzhlQ# z>sh&z$T^L6RmGp2RtZxCe?NKJ@d9jeq_k7G0lR2fAw1v6p1!B_+W3s+O~$UmkdmIc z{qu|+Z&b)ZUcG-Ktd1Ch<=7O|JRK})Y)sj?nVBxlVdZkH^^$^L7G|h-EQ`8I2mxdA z?ZwC#U3Ry$LWUa*U|nVTkC?71N+qNk(i5COwG)+q)ePNy<+ff&sU!5aa6aHy53g2g zhU`}7Ywdl(jAkyxMmMnSsU28B>n8#zaqsB;=e&x=KnLOk|X$*1)#lLV40)4h`EOlq{U zxDqvGp;HNK+Di?s2M>v1SYL*9&!t2xHMrWvBBfErDbjBZAf==}`Aw@fQoig`r(e-_O-Q`rj{xkoB1HG}!hsxs)Smm&K6_}nK#$M81+s0n(su%jx za1DpMue*OI=7H59#h*k?^D=MEdqcum*4m#Vme{m@{}CU)r>^=^wU< z`oI`HE?or(2=A(9r!XO*Tf~RrhoaFC@MTgXG zMdXz`xO=>^4DEVTS9#G~7i&}CJ?h3c#3h2pYr zQx!vcFu(WBA(z{%to~}|YW6Cwuk?V1&-y8oavSD|c?q=MzA6)IkE#yr@eeU`@R0a1 zq(6V~(boPp)s6Yc`;Tv5ZgWOYF9&E!uQNR&Gn47qrkX{z&cCk9T;(=ys@9sg=IYlW z_gJ@PL+dU@P4Ns$=e)WWuiH zgK)ycgXAx_v{9v+Z{nmJckgf}Qsly45fH4tEz@UxE49~vlJqTD5sC?$5#%ZDwctN~ z5#^%Y*!;Q$b&P5O6!vWM@k~8{B{X22^aLTWPGAr4??U^CT=NnCKqyF}gL}GW8e*Fx znu&T<7sQ0RtCTXtDW(it!T+rC0nM|?0&tyOgqi~&MPP82jhZZE5=R$qR4ng~iak9O351CDgxirg81nt!l{GPVre$kHkU*Y)&;SBe# zYU7k;VR3__T|D@z#{XK^(Gg20nvn#j-58k1&`+9oIu+Sh3E4QiF*rWU>i>zcwp=KN z!#{neV1?jkiI4t)Ff^?gf{i)%{Omc}!~|LJ)ZsC$eU$fxOs?0LRb9Fny6A2dPqrP2 zJu|Wkssmk|BMvv;<5Pzf-gdtk)SCC}aN*F)KvZ*D-_80Tc#a-Y!#UpGs&nra32 zKW4NZSW@om586p%~?+Nzr#wRBoz%Rm}!9( z=dJ|*j`SXFCp;`&@Q)8YlJU`Rj6ut>c~vxa%gb$IE;Q~SQ*MG%Mv(}W?c(L;XK6-+ zN!|}d$?%asqm=HIMY!(nVO)u;_|I)A%dMDmMz#`azFzZ_5;ibxUbUMNEkT2o-p*TEjl#p145*+wvCeC>=e-OYP(DO7)>~{I(|X*;w|RTLiEcdNXHC(E z0-=kUj$gGEo_>1h3BVGNKZv8w6BC7hWg#7LG(U72h7=41^IH=@cVYrM4-Z4B&iS4j zU!iONYQ6%f1FS&o)!2_%^YuC?Tj)MWgdG41Yt}~IAGcjF;rn-N$HW=58y?blPy{GO zd7sQv-*>cWF}a@qt|X^@Gm=G8_*oDYp@1$U-Z`N|JA*c;sF94Mor1jqbR(DRf+V$F zX@<`4%euUg#|wcbyX|&R`Za=JNIiQxcV)~Yv{vPvgtquw64xv_Mm?ZxYO}ELBaOy) zC&e%iEYBtN`JZAmYYcWET6i}n#RwU@F~+RAq2wC3mqANWM!Z1a#;&nu<9Ai!Wet*a zKEBHk+~$;%Xr30SePw-;eTju~sTxe@D@9=DTbh02~mYEHL%k))%`kRt$$xBi?;kyJ|? zt7^CfhXi+0l@no~aVVbJ)@tdk*$Uq_1Ow4QfADP|^l|dT0EZ{;LX)Ucg{@m;PFsHR zG|Q=T&!DTdpfjLD940{FLq!`fBVq? zx5Li=t>2ODA~x0VpWBu05FUOiLR$1IEa+Ud5#~lYpCP^RcaXp(%fNKS^`82h$BLwT zP7JF}6YMa9D`E2WRg%*!>+Jd6fAxMcc92s%mh$iOq}X)EZ8NNJi~oM>NNZ5{=hbO* zRphHh+jLDk0r)5XZV1480~Qjv85&|4?z0&4swu5jS}4`;$dC z*x3U0?9-F1Q)*&syE2`r8NM&lB&w*FKI_($CgZ)XbGu8D3)~rzhyAhxLinmVv6xp% zSCPJtM#{hLty5BtIbBQ9`D)b_)w+2(x>JyKHT=)X*G7J1!2@E_ky2dI%xdM8cZAYw zABrx$bEE2Ad}y=>{SNi-7K{driB3lZL9F%Np%4EMrpQTbzAR;CXMQOvUYnVg3dzd} z6rHQFDvFc`p};6uj1i?(H(D=kc_qijo6|$TIvUKtNk0&eOO~6A)$k_FqKUeAj?N?= z`rBNZX1}q2-X2p{Zws6)ZhG;%qrcwR0**UyPucdD$^~XZ%%%`Qs6EBE-CIZVcg4?5 z`Br!|Q@Fy-6s}3EHXGXRZ?sv=Gm1v%Mhes;LIO!|&`}Jf_H}lAW=f=R(4zm(RYOG; z%T}s$7k}WmE}e&Nd7gQ22w{~09d8p+)Oc&%#3v22ChwgXQApQn^9El$omqM}-6#o$ zem?kgwhY~dX0ad{|GwR)gBX(L;2;P*ZuL^=&A2$;DvE2h*5t3WJ-6NA?7b{ zQXH78o^OQcef{`pZ8+cO+N?`#4>jZ?Bk2bo-3DyVK){R?eza{<*@AFAjXTZyS%OTT zD^rmW49@z9|7C~FvLKhxI-m#v-ibhvk=(zM?v1*M&_0NG{C!9?yDr*jD>K6BV|%4! z*Ba1hS@Br3dL1B%LO3yM)cw*?lFsuhpKYFVW(%2V3OyL$xXz@}7x}tdkb8V{Kaq)y zfM{3tOIK_p24U9NuP0y0dG6~az3@cSjS9&i=N)7|v|z)XIONlhAg{Na_YHMkZ@m6J z;$eA3u)4lO=%UA`p<*VDUI>@Az&oIvN+mrb=HWDmiC7&k_*ry%rQz;)>xIPDR`zTc zNgAe|hmzWB@Lb4xlXX*Qqwvt__0Fudqv@@j=Uz@%-!>%X-ss9nj4kO&&%g!H^82Y! zjD7geHWNw${Pp9zSXP3@*NN9L+?g*AX$1@=rkf-9N~RCZThB=a#tm_2rR2U|VL1gqzyTcA+Lt4w?F`$FioTuX3_mZg zMZSo7x(UM0DIi|yc>)O*HOG9!!?uZkAd&ly9OlDY`$Eb9qMZ~QB;wrSrT-d7t6c5Z z{C?O)k&X;Ja0k7!A`5lPtoE-aVcOv!_l(}^Ntc3oD@}cX{86;S2vEyzzdyZ!*9@!B zb!xv;ViYFamuhh8a(}z#*Uv>(Kk{C;?tv;L3M?WbU17-W_!vXf-Zw=^zT~6SNe;fz zEPMGY4Fp2#Iu!5XFy3V4%R~I!#w{|ur|WA_GqkDHG8#JSa=TPxUBE8rg==|;9CwB# z=K{3P&1rlRE0UYzd?7lDJJXRPF?tCs&Dx@uc}g6ly7nE5fm~7LfC_ILeS&VG0k?P6 z_|>Z2c*9qvB`%K=p^})zZ6>|wo=_SHmvTB> zdJBj^cw$gGSS~NqU;8H}%TFqz$ILrMUt7n^Onp;v?FX2zLqkK-g>2Czd1ITvJ#mB- zxvjPREUKr|nQP;6Ddr_vs`x-A^QLl{W{WQ)QWd7{ijA->|0}lHo-O`2Ux<6LTZ5Oz zIdVC06P;z7LF>QWWaArl=di5RDO1yp>9xLK^ue@&3M~~>_8Dz8c|+B~TToLWF59My zAQ;tX&`L$GMV^QB85_STmWh8Ki8_%=r}kz6j2xx=F^r@Wyk`4lkO6!9oqmeK`kPY7 z8&>jIPVRa?Zxu|YvbAsU3@@HKBvg<9qn|Ld7dzMa>Y6c|ftb|NwM!PLeu!ehbb(NN z?fVJMAh)#pV^`DrdmKVrBlE59w(|es^OLs4^b4WG(_u9!#tQ_W>Qb%6G0k^`uL8?K zkI%(CgK!nh`r2T^d;}Yb4us1%{YLr3fsn$e&D2qkxSy=Kj>Y3YZ%9zNFGS*4Ax8n> zq**i;9drHDqA$yOW?BSYa&bhwYfAuxyZHt1W{a!0D<)!EQ>Lpzofd~U;3>-2J^EMQ zb#W%zz`kEV4)DwNLm<#uAv7^Cvk!}auBV6;#Luf0`(4h01Q4Utl7`Gx`iP zF{&|hvr|W7PbVn=a5Mb#52Q@YZy!yD z77bwJFU{q!6+r`2EwpW6Gri5pFRoB&m2@8;i!)TF;S=K(&um+!fg=7UecTnruP(A8JDm zF5f7ozzu{-(^8VI5y&xF_pdeu%f{byj!(DhW_!MM#+s;b?Y}{A!EXBE;K3%9QQ54g z(}KyuI#(w+vw|nn{ZcIjV@!xvBsgLAgy#RO;MY3@1M0zSY1&NV;bKMg%j0u1amRh> zFLJTIO%)||7`F932y%cVwcQ5r$Q9ompV5CH(W7-!Bt8P8PoD%*U8#R!&*h~2#}d_* z8AQ+Qq5CtO9LT9%YP1B~g~l}G#N6x|3sxQR_G#y~xMd}iEwSPU9#)B_vi*+ix3B82((k2B>;FR$FS z(3BvDy*^ozM0TwK)yyRe_^~drzyP1z^0#=8GQrNn)s-tVO>=-<{6#x0zUpV>KAXTZ z027mx=h2OVzJow7nQ+iVa%mWCSEfLzxgX1}DAAR98CUe(TA019dQg}X+163`hK$?& ziQl_}J``Z{C}lbkd$LH-5g-Q;ji7%h){LQF;}#}9$#9VG4HM0j*NX2dsPc$5jFjNc z<`v|$N+knr1YlPX>_bcga*u&iI5?aMJ%<=h6d&Qj@&;iZP>ZXZ4sJzuGL&x#1)JLN zZI|#q|G1@nSqi6Dqk|Q=rV4m?Ma(6VR4}gf(8-fUPYwSdMc;xy8lLW)NKj zL3RHFp*jIl_#iY1T>%0E62bAtphQm$c}%3AM^ml7oY*${m3A%uS}b3$*0Y|-F;1re z*?#5Ae+K8v?~C)wQz$t!=UQDVy72J{(9d!(nrQrrHWxsc%74&A@yLDm%dG zNv6WX76alRoOyYu$5r5bNS`CqOJc>nE(1`e54Vcvm_vjTB5_}FnR1Z7)5*Y%d#4k*oPF_}gC?LqA;xOeSN8%x{geq|( zIUeHi0jI~Ul>z-mYK0oFIvH5*E|3LYd80LV{G!nz1RE2LO%#B$tmni9LJmvCyY|n| z#aOm`L&5aVeS&mMD^JL%y#B7;s1k1(Fit4C6m@tp)BEdqPrhX8;T#o?*Uy6qgfp~t z+eFL3V6g?_Pxxmi6II|(D#17h{?Y-ard}jZDPlf~UngEYapTo|r5)2ViF=o|xQUnn z2j6fXSXFhnEeTP~5*7G0o-nOV0V`l&^`cYVMr5SZ4CRiX_`le@zmTqOC<$27W4)?Y zZ{G<4=yO|zLx0Y`n9;FZ>bzEy$p3=Jj*2q2nnNOTIpq*ExaPc+ z$8p%Fhq3KSfn4Pe=PleD&qil{(iI!|kNW9)AvSN~v)X3F0$Zh!FJ^@P-d=aLyRGDM zZ<=g|GFD;-$2PzpU43*1XleN$o}@Jjn9ZtE_lGg3GRPWM#~(~5Nlb?t3OlcmfdQtx zQzjz1V2?)apeYf1cPrZH1cGS*(BuDB_|pI9b%Yk-6NjBX*9Pm2vsNa!OFVLoIhgBR zt)$Le${n-o<)y@a;9yso687O@aja6i9p@}WBpKHJ2bbaf<_)F~DTV1`X=Xut| z-`GM|d?!NY#llFASVu7vd_%eW58?LI%B81a2@Z83Kfj;nB6jM<_`nKUl*>BX1POOO zx+#is$#>frrYz}HThV_@>s&koau8@f8?ROL@o1MH;M4`oM<=r2zCpTPg zi|*WxzdF^U%6p!bOHLY>PD9MXdGP><8N;+L!)wM@F5?~#XDr~#mXxAHo^gu2?2yBl z3Dd@Sv4}9kT5uj0ei?FAC3wev?Y@|Srnh}$~t#fmKkI?(xBqZxr9nQ}-!IVYu%ynm(pZ~mj z7bEH%ksqf_i+b?KZGe7EJ$Gyst1UT7fB$zGKkp;@Xr%)eZ=v;6fI83ev6%5r9ll|W zl1^cbe3cc1>jjn$)?Omn;>PCM=k4Qa^mg*uKy<{8&qrwH$;VSZWa%-s5uLS`a*&yC zcl6$+umoWSJHCH!D~FQd>7th#Mfw;79^M2YxqA_4Er#AI-VuSrhs3TmL|fH_i!@p$ z-_W1p%$FTd`*FYp-sSi1|*f79gWBYkUT^zUBNeaBNe+Q!3dugr-3E$!%~ z_b)FdspzUO>1lB!-qJ(dP(x?K~VaNQ}YfQ--vcV;sr)!M_i*_|%`2 zU%2;-0^;qN3I-1;HiB?yhV^vm;c{ijVQ+oC|Nk(gedm z9$l!x(f*$2>tvc7t813jL+)=n1pWnb(Ef}3Uu6Ycyd4gJ+6L=%9+~iT6!zr2!F3%q zYwE9w*W9O87Q64NK%cSpKZHMU-2(~lc%QOkS<=0-VNu78+h5%{w5CFfv+9B+ZXGxl z&xZ^i0w249V^J`WDdu0{XlY1zAU=K@PpRd2uR!SgRH502YbtXPse}P2RQcZ76R7Wf z|7F#m;=C9RT-dbhA6{VS4&1b+)v)f-PEL8XzAO&E%KOc-Wp+BkwfmX%{q$BK%^07P zWRw?H7p_7mwLi+~&we|p>i+65{&s({{tl%?HzL+~A5aVVLJDoQb|WacZ>tVB-p@?v zyb=(qd$}i+>fYgLxa>IFw#_*;)%WI9jBpNCdONbjo}t4pA@x=PBr6>Pp&8y|*%&2I zw55dj`SAWMuy`q{w8&DxW6rE6-gwC)>mut|oSK{4Ux2P%@bYbL3amX0Y2-mpJ|u9oKKI7zJh6%mDC2OW@9`fic((8} zEo0B3eh&51l_1qABh}|D7>T-z5lZG$ylXVX;MxM#GzOutKb#$32VGQ*5<5x*{dj0; z==E(%VC|=i?68A=%zGupm}J&gO)+%P0f80c0Dezq+R;d%dUC5oj}M{3+^ndvOhGXP z-9%`f0&qdS-xPAnGmLI4pkhh+@U>-_Qwx|9K#V^m3T*Y0$+9jB`0p@*BC*~XwsZef zoN&?oMcehPTcX+nmsuf-e(m1$;Mh_lNH4d*d8X}6QmYO3teZtOvh2wL7vFw zX#__@PTw!du1j}krS9lFueDkIbIwl*UF?8049O+f_)9lj{%t!~-B=}|Dd4whFc*nS zb^Zskju{vw#^Btq#YDn16Gqunn|)XG_d7R|v1vAKr;tYZ6Vm9;xWz}lly_oR?}m@P zgjET9D1N^IU4|2Fn!?a~qL@>PNf69&*mMrXGy1B@rq8Q|{lmyeZ9hg~`c|2f7RRBf z-na`5s`&mgM;#9B3%Zo&mCKgfW@b1jPG>iph>PC($8t!J7xtj($(e2{ zEAc=VzVpH~tn-puxKt{f;E;nqaTiOi*)n^nUbSGQ?4tC=#{%JIHa4FmHM9=N`u~M$ z&c1B*BJKdHc`gO!cC%ZU3pmmzY$ZkCi@m8>R>roOLKG%x5;}d^kO}xao$T`(~GZr3bqY*+}}>`Yz|C!uW3r}43LD+jFATyf$Io6{0y5; zpv&N4(r_l!&60*u(e$mIo7t7S3yafF$aHwHuiOL^h894Gh!8NrRz&FnWxTU5UJ39M z(IAKg3gh>liwUl^h$^`K@-JoItqvD{n-`N(gK?m`8@Ru{dV|cN56H#NuURM(-R^w) zavL#0_b}O6UC5DaF>&9xGnmY$M{zO=UtetvI>1;rX4aljPg4|!Csz;N(*wjD+hCq-X|bP z!cPD1-T8&4^WjIP`Mw0EpM&;rr$YN=9XnTd$j-tI*y+=l+Rh%cxad4q0G7t`3sre#? z+18`PjP3C(#x(R04U{p2|45-}U2fI8T^`T=3I4 zlqHt0>xUnB3$bx$R9-xQ8Lr6q?JGn%G|zAiJKg^b(za%nUSvVN+6u?Gf&u#$R@7t@ z6Xt5x&Y42>h`$<;Vk?(BE**C|BmhtY&yYS848C3V1?iyuJMxRAr5$t02hr(cI?;`H z{qhEBsO{rt#7+x*|L6GvMd*{7Kk+A9+#VuU5x^}O@sa4sg23h3ODP0)NXH7QV8f+OrvvYASlBPy> zN0$=J-!B}sr+R+4^6rY`t-qt!7q9Ik$O+s^J)7oyD5a$FyEr@17{`}e(NrNVNI2p+S6!)0Q1r7L8GHwxq5#+wGdiGQUp zC#x?f7)iF~!Ru;nv+0e4)340P{C*q7Vchtqu&FF*r6{|P@^+NKHyz1Xtri-2Hw*_p zrY(kT9Qj%26HKpAC*nOhK>pXGemuKq^+J_Z5X|2EG7(yEnwagF5%>-Bex9?+K75*H zRe8y|wEx}vva;%H;j!?`veJt_WW*@k4U}Uhny6jzX&A#7^`)jh-geqJAXYz&BES~9 zcPE^whXdwp(UH)5T*zs>5$M z!`h()-1kC#oY{1@q`X4VGyO2GOUo4ypMYOy+$G|Q&z~73f-br}O6~riicO7Hcu6>O zIEO;;dlZ4c#4-Cd02!-honV%!Q7i`Q9-NWT=2=jt!Sr&my?_J zku7xln-DezgiNI0EF;zx*m?Ril_pYk})Sn$ME=o4?^c{=1N+PsB~3Fq&O+_^*bCtgt7MB@h;U!a4$~%f1=yw2O-v9Yo|aXV)i~ImaUJw}o^Rft^VVJh{jHY>Ze;E*_B1YM zjr|ljAfgho2WQOcaf?96iJ=n3dG3*bjS$(@~X1Nlo3`((R3y)oJ+w@J{0ESnX=OKQjD7j*4Fk9?C1OE~g|ey(Kabn<$5O5-Iw_QBJ=yE zvO=M_-gxo><&1TNW6e@53X1LJgQD6~<6-W})OXk<%JW~m+gFr7%%Ixl^68(EuOTFr zxn@tASd2}XYr~$L}#pm&UU^hRr`LE*rP zsEUQ3BW67rAwBqR>XG!apOrsWYXDGI40#Y*VJi3ONzN0lGt10nmQbH-L_l+yHP$4w zv-j!>^u9Bl(PnZOAk)`^7*_gpao;9zm*I2~S|e@|(;7dI6^n<=d;Umjm1<-;NC;5L z;qvZ7jylfpW@cmHrh(y=sQW)lQrO{N^^D7CO*?{lRuw|el-?VKnUtjOPh&I>h-*I@-@ zB-^Qj65F&E4fN}y)coGCo>PVFFW96UH2F1A>^D&&r8*3_`BOM_Fmx&+%zS)KSM{%% zF9ZgnZ??GJb6QeCVad-T=8rT3Wmk*B`%&e3O;_Mkx?f#&pRCuZiIa^4HPUd-@;=iTWKYIc37G3kfPfp*4E9;B3}m z_rQS7Hdv5`F`J=o*&7-tP8ZD*UFQ*@Zsy#+ zWwVpbjZZUGZx|12LkOu788p~xz=O{)0Z+QtD2LVqL;A^S^NwJ_SZnv}2;L_vmsDz& z+4^b3eJ%jTBoHUAyzrVpdrFo2Z_y7Y2WO6&PtU2~sKBswvf&>m^{9#|G%SKcx_U9@ zn%^gUXF4!YSwiFcdFa6~E(?(Q_?P%bc~u7DU5(36Qum!MOifRUR($O~=oK}QO@+NK zxw4JEajwy(@GP`;HKai@iCgQiFra74aO#KD?(tzf0PS|#DjPtGb zo({8^1m!jja`=N~wl!}M;dA3lJ?7vOfjn=%>HXno%C)H^_s6Ba~k|>}Sp@8FJKSXe#I7ghCY^EuGOn6UMbd+TGR@o5wKQ(#PFvmRb=%n)8 zT#@Po3=RG}${JMl?xDVTYnijE-UCHFDh*7$Zr~4!3I`4%{$iblb5z7CHB}xe%xieB zKo@+8HauZGdzZjFula1B4-uiW6mDtoIj0bqNY1pW*;=hob|Gz7LaMm6fucnHTzd6p z%HalZV)+3+uU{Eh&HvXE;hi-{eHl(k6uLLK^hxyE_X;iUr>q9NE-H!zKH(4(0%pQ; zzOsZs+d5%L;_rjbtnQY5_As?cDTWA0%+dS3@r>M!B|9(yC(=dm0tTb+1AIbum3jdx zqN64A-u;)9V=@AlzN`n%~ynlpBk)Xk%|}-d7gd7`$-&b6vOaR7*crmiEFMmENf41E7MFsXY1Y!>8lSt}UZ_`G z?z27Xu`ZH1q5NZ!>_?ObXhLTwa2%r|(%Gd{31=TB-73VvBA9oI7XNAt16+?tw%^WB5&S?dRI8F^@9_FVvnX zfBrXqgcdN9EbS==pK*#jT7TS3>lA1=_G=|3yDX>qwfW-j&!y8*G5QY_AzudJW|>!0 z8gi!5p>C=$$pX>i3+!R=c4j4Z!hG`6m22pVY^86){9x82@t!&1C z%O$)4mst7yl;TdZ8mW*Go$10QBlU73ss4^vMvQEHg>y$cO8imfG$Ll(h z(nWs1t}y&lR9Lk2*uz@8zJrWr<3e+{Y^TM(>p>I2pdpWR_s?FRvO#@$Neo!ig61A}MT%r8{WGpg{Y0?XwKFl}56 zyIL{wosOKPms_w_Zo*HA4=bw6yvviU#ZvRz8_PHmg^r`^nT1Md2TN;r=Aq~Wk3v)> zb@`1>GfTy?lw;P^w>f8pbKOB9!97%@@s@7xgagaS$eqexteI7xzC1EklTdJuhr6a= zPicvhZG)&s_*!ary(EP+jhPYKrD{7pT)eu*1*5pZbkFE7eu@dW*=95&vJT5U8VXZX z{D4Pjauf4>Z)RGlKd^~y4(dm)X~=fB5D~`;$SQ5ZR>ZgU1S6AiyFV+ zAgpT|Qj-`(A=-m10y;F4So3wYvbOJ}BI?7VY`V$bU$?fxxWXnQ<9j{iHWUoS@HQQ% z*8{OJ!7tdCvV;u{@g{woyX9XA-FyY-SmOrw*Qg<$hn;ADr5gmNHd9bi5Is$AZeo7( z5&8r_{F2lt!8Oj^g{A}BajPX1{|Opqo=H;qwIB6PhtgE&QqUjP#a-i`Jr!~Zw8hx= z@5ZV#?c6+O0@0zw7l9+MdhS$&m>eGueG$wmXq))7EfV=y(p^FhHY_&2-C+Sv`=F`} z)9#`*#>wfPL0zWZ@^33oQ=f-%J#_^>&^sUs<>U*@8mmfhvM7r%9pbGlk9!_`16=9R z4cV5sbfevoT#&Q*94kot@x^GM2r*@1@wWtic9|ajmz)x^a*tf(GH5!n+Z%tu*@(S@ zDYSiTWNvKF@Hy5xxyN?AHj_fG6N5TfH9?S_o=4`jAm|HWYS>G{8I|9)?{`wAJKP`O z(2SmRZjxKhRao$F>O`|6qfUj9;TJ}wS)Y{y0A(34|K+Lr3gj^bM)9Eo;@~+UB-EPN zp0zs4K77&_wev8c)miF(;gw5V&ULa^KX68JPg4UzimA!QiDm6nX=LA##$0Kw^HGgg zg{01+B+HBTi*hRurP4hKgN{HdO^@}xNKz{&(1zxg2F$bz>|lf8(z!NKS)Gm<%P4}X5=XnT7J#Li7NgB*LpSWx`RPJ$m{WHgU_iLQT z^_`C%k!Ja3-0yLUgp_qq3HkyH8oXvy&L~P#Bvr5d)nGdlgGcV&6K$9yl>2WVm?r&C zcYAG(-Y&;V}dP;;5`oqU-gG*DMr<_Zl<}8tO|N zrMFN8pB_}lS%;~e8|M#s-ic^_L{8IiEJ+-fF8Gn#ojYUvx9~+;?oLF$-1+=|+DiD) zX#Qy*njEyRAjp`=pZz zsP@g-P&YN$mN}^|Im*SGSqtJtW^sJXMJ%uws#nL@r6d)&dstN>?2WbrBsXK_i&bC6 z{a8(Xn?YL$NEa^6PM=#tVm5U(1e$L)pL(MouMS$J_gp-?$Ul%{eqxzLgYT6I#9Fdp z(!s%twQDu8J&zx1sJ=?~bN&Oy3mU^o1C8KB6MLOo4K7jm@>6f5!InCkpdf^kHUpCl z9Qef;*5&JnDXscL#Tdt;5w`qwU3>Ys>XZ3pujJ`-$I7K*+k`Y zUEB5Blv($eRggGU;uUbs)=J`G+hVC!ul*Yr+0}0F=h|X=Ye?2u;~WnG0!^{`SQ$^H zcDJBX#U5hg5Oj?C@FCdShb9$$y%UO`r^dP!Jfavs=2-r;iUUy}{Fow$_Y)%}*dV&? zlzQZ?R-UPQQ$_r=we=KT=^TT?=<>Z8NrG^3|LN5cN(ljUWp}r7l()k%7cvB-it`k< z79s{blicmUvrT&OS_^C7y4jW!+9AkRA5c8fsb01G-L-#gp`7E*e=J9W4K;Eh<+pyC zq+b$q5{+urq!pr@V4|KTn(b|e@7v>iB<)9QSy}*3V{h_w)5+V(wvXu>*$o$R4X<4l zu0)qvCX|F&Bneu$a%J?UqvD3DWsh<#6YP_ zK{Tu&n$A_`+2EmOc-^HONA99;Q{LsZnYQz863j7jfBknfOrabD6r7|m;C$d4=DYG7 zI0M~*gYvrfB%Y-DjTkZiVQ1aFbf(YlYqtYa0#`pj{k`TZYg2VDE?#fX`N3#U**;@g zNQB>@b`|yw@>a#uHYYdHqR6-tzD=n~Z&cB`-FS~GNxFOoN;0}E*Sx-&u(H35D8EzU zn*n+VS2DBB8j3dTE(`oRS)_&8j_oNJ0ofPUPw`4PsS6C%HMKSEiLdhzIRuHLzec#F z2^>CMhqYPuRTPiI7mRX7e34fr`Ec%L^P$tDGk!|>#ZVkNU>oLz-#S$PBN)yxy$Z9i z{c9e({9LhY9dX|GKlZiazxTDc-T^B{v~uu%v{t1&A!&9JR9trahxX&osA*R}a?j&I z3Nla-4gjqcaurQvRc>jhGbTzGnEMQ{+XV17Rme9)=59Mb=8yZ?wFEo(2V$i1$~8I= zhVlpd=^m!M@@yDv%)c9oKS|q4ymBFSlq&Jy^P9D*cR7LV^PYp_fOv=+od2$ z$+U_6#pM7GKqFu$bkM{|Vj2c8Ws~-YK}uBF+Jyd(2C6OtxwOcftbQLek51~qv@HL0 z#ho*EyHhsw|GW_%cudP5q}cpH)co=14>jpM*BNx!6Cd|(EKnU>C`l*wQ`}!$`Ol$X zp=RG#%5?U%f&qKTx1axRB<^s~pl*VFU^EsmcaAJsWr49`=Q$g=VzLcH}YB#w1ZqQi~+ zt0}@M)a|u1c99*ooS6M!z( zwuyrntsK-uEl@T5S|n$r@WS-*B>HA0ANAp`I_4K{{mGcG^`Tl$L2D=E=fKQ*r!xN! zFg~CPb5+N3nOj8#<{w*u9O7sxM3x14Q}r;4asK4)-?n6TPq+GAS;%YmDC1}fXuK^H z=ioG+-1*zAEkX1X)q{BpHP^al1A-7MT(QuEk`h3f_0~Wzcv*G+xWMl9TO;ZMP35ik z-}K4x9-T*x=_g1G3bbap%TGR%yhNrXrhKh`KxJvgCfr|{?TkTFX@(E_(;N>JC>>{F~Q_>l8zmfb@t59c*FB}c^f9O zeMjcMIl0K)cF)(DPF@aJk*9EIi0fifz>3$cKxRE5!C9yy$tQw5c%s-=gcDem#H6 zSE2lBmcijl`t4ukpLI2ssO8@7*U_~tk|k!x=`hH_`216GKrE~D|M2#fVNtbh+wjl^ zh@yz(fFLL--3*Ad2q;}c*O1bUpmZZ32nBzU7y)xC9qb=} zg7el;Kc?~OQrwe1rtndn0fKQJ5cy&UA!u8|7~ja{*wA4WF&ok~iVjjqR-fPtWj9SR zOOiMDq+v}%=1MZH)5_@rj1|z;KA<^aDf5v+DJRvg-VBhNSL^8*H(0#0voLB4a8BQj zBsQr76JiIKI4e+^37*AJYi{j%{hX63vZk1?qQ9OL(8NVI@4{=iLS3yS7X`3t#A92?fOv(I?S z?gij5CS-_{e1ZT>TK;U5zuNfp$HwUX?w22yo^8A=pnBo9V#-uW_g+P66eR2r*upw( z+rsK$V0R8{OBVU^w34ykz${#WTt{A*h#sER{+Ii9d;ez(s}k<5A7Xs0`6UDuJj(+=s988Sg#t-K+f#o;~htd5XfO zlU%lR_HwQYQsu%Q#qyYdNg9O^EAn4V)z8=Ln) z-N-m>M4YW3*l5XMAAF$Ghr@*)zjWn)Nl_`Pso~-U5Q>%y?+@wRrZg#(%AsPUtFhya z-mnn?>d>5T4ZS~^jqV5^Wo`pA(jCZCfGz$Q9ny1MQ=PSJ9b;LbXwU7;_!d>^s!w41 zdH;BfgI#BAI_z$6=K98D&y6(J(kTQ-C`2qrUxB@-DApqD)gtnD4>o82c4D>uTYkJ zp@WjBX?^C>EVh^YNqf16&;9iPL!8+|)iEXmg6!CEH68s2pHXkLs2cxXIOk7QRvu9v{`)lM4 zo}h{@NKEbKwMUKrBOBgb-QYO>$jYiXv9Tt5X&OxblK@$#iRoWP3spq0~z5& z8a)75N|2d>POq+!X#S|@`)c*@_rAhqgJdnp7dnipZ5dJ>zl4OuECC{3|0Kj5@vN(0 zfjPxLM_-36j=1t2s*%e?{Z%{Q6gzUTi*(RIdluTv!9%&&=e!Ff256qrhcVTL^9+<^p)-n@z2m#p$h;4^-W~5W3c{&s$m1kfh$U76k zRTXOSY1RBeah+vWdwY)|ZyGVkXb*U|k=ZR7qW5p#rN~*=AL(vKV|vB^fH?WXCz3SO7d~l!?qm1pu|f9( zrd-#Dha1ycx?Pxr;Vm7S;SToq3M<$DTG)n!o#!EsV@#9P>QY6ix!vt61yeTrKfL?3 z2tVSY1#*Z=_92}jHv5L)iL=_+&f2Mpc}h^9K@K*C0fHG4ZW}SQ3cuTZWsk`sab+5@Vxe3j7c?&z=^-_<3-!vfiiW2-_!JF=^d21= zI%@mvn4vCX@+CHb9)}zN@tfC|udV@`VI->xV1TcH!A1MJBiGwXbM~~<^p_S4#5a~y zMHwyLDi^6R8RHBS87A)X|69itSV4%yhA?mXXbQcS_Sl^JK-##Nr(&;$+MshL;Z)^{|0Jt%rUH5Wt{z zetiv7xurfVT9XLoMsK}Yjx0|-XLiMcH`|4v@@_BU2Lbm$NI2SjnHH$_hC_e}5>WAV z@6VM=5JNj|APXL}=Px1EEdJFgZ{V-Ym&zDN3|e1OmoEz)8vb|1_3I;7SEGO#1+ZYl zaVMmys{iaY7hYMm!)-D3ZGoctm8`+$g=Lv=_kkbzkqhvUp~!(2vHw0~_}_;-3BQA3 z5&Vp$v!l+Z`DO)IaimXS{>EX;?qGx4u@(~#uG1g0Auhdfq^dDoOW>A*EbiOH^Nz_;l3 zidLr+e~GsQ15P-2@LWh|%>5bNooP+vvW~uIZ!+awdPZx4045{n(dpl<^K-4Y1P;J| z0R!+fTV?#n_O!fuIv^xABHs?3yq!&-#P=^6grBH1gM2dK70b~P1>U81)idPlV^@5| z8ZP`JmI?W}p7;nM%R+wc32fbTAam~7Kl%AS>(Slb;qeo^(QB;+pbJJOeZ%RonJdLH z6&ja>^Icz<-d$*R$eX2GC9okTLhSC!EsOMo9d>qgz}TwQnt;q@mg*_+_cxhNK@-!B z(?k9>`JwyiyQ;|wwVvq>~74)(l(jw(_Cq{2ZLdZ>XBsv-BE za*vE?yE@9%GTsXi-?AORNp@jbXm`c24xXef^+$W*F;L=8k=9ofzw&LaPSYi3C)~8e;#>H z2$HDy+4{P)NvTYCq07mkc<<5B;}AK$kp5r7_|E&#T*IdgsW%-|GK=F^$pFKgJtjbq zm!4_GX=0Qx{fSopa!qt=vG$%J^>_*5h~psR6(^mLe%>z5y}OJF0V-QoczdZx|2e^x zt#TCg$FXX0+>2r1!z_UlDHok5WlDs^INL1Gde)(IyI9ugs+$|{0dW(o=yw_g>Z=3C zwhhPkq@&ZjRYX3I%JGs&)+^Z3L8U^;>aBTDnm}=NJ9~%vc`5O@|WH6 zzxyF2y3NAgvw@TG4~c4zRAdiCi#aNm&4zsJX;u7jF+O$9gvyA>d9l%#mzPodW>L>3MOWcTeb2{g z5asSLcLE#_dDL9AGq)L?mAky4x1`sPpb6g&f=jpKJ4&qtO0A3%?QW8zwhwbl_Fkm`2Hv$-l|FB){3SbgF=PU9+!;v$4KeNJ&C_*ejaytru{EqvV)y`qqWFbA8=`EgFToSuw0e;dT9jH4tX! z{~p3^=Mya1p>SAa)zA~}8@6d$Y{Amg=$#KUgdx>}E;x#tiv0Ob>SuljM0Q7K{0&Z@9?l6#kiSY_H0Uf>P z@j?;-+(sXYX?}6hHN;n{{_8bHiChP}mk;DUHsaJKg4*#PW3E3-f~9>v-NMg-_Qsa~ zL$ts8cs7MoW(M_^%S>;0ko8;JK#G>vzRuk&9gx}LPF;#<7hhAu$*MS@QhKp8AQ-Q} zOKxu^Grrbw2K$*qlcfV*#h)CG^Gww=~r zW4wh8tv?H0khzF@b6+R;c6@N#N;Kd?aokD+u{?C|UV=2DC_>J~d4!HX zKt$N4fu89l`cZym4u%$W>*vj$j8=kW1*6FGVu>^L{ZCi!5!#6|!JNfD=QKG>z5h;k4)W>TR1pcw0IE(JVtx<-^YP*4#? z`1lsW8lD#Bax|lK=tO(s1?51m@N8Z)1~~T^CPLc%XSbn9_m~4QDTGa`Ub_ixc6i^0 zo4Yw%5O6QSEUk*y4!FS5EZ1s*l9-DOeX22aMysdrH2H)&SZO+5Flt1DTJ1Ak2qWS> zkBc7>c4Y1{(8u3$jRSbgOwoNzCqFB!X?l;Mz=JvzAVQYN69Ny1LxM6Jt$#oiKC-o1 z(_|b#&GRO=_fdDNtNH`b2E34^kiYT<@QnBdrabc&LRdbn{WC&7C{t0v+QC>Rb!PrC zqctUyR2u!`h94aPMGcpi?1Icz;*1Eud))oWSM>J9znm+%ZeMrxi56BM)7l~bTYI6t z-rM`JWG^?&WI&D}kgq38yt3PJg+yhcG|J}wv*R*?#KWqeYq%RZKOR=ZlRA3QWiz?3 z(1RTTZY0hLSCqd6*W*12_DMvQot`X=x;VKm=J11JJju2bKD(_DQ*=|L%dWx5!6gy` z)Ea9)h8&<1E?4QLQB|*JdFvRyKeb>lj3S;3$x9`rjn+9^K=E z(zT#sgPORKoeFKfuUW9d7tsd!@bB!lyz@aLh9X+I*by-PIV6PYBD-Y2Au+KF5OfT` zw2k1wXOGrNNqqk)07Qh4$T$b~DOj;zzaOiC;)b=za2QAM>4x}Ve9tSx`9xDA($Um& z=!f>qg)zCY+mk%FvDzJ+?=W2iSWD>xKTkjOyK< zLWKQoy2KM3FtIIvcFD4?f#IIY(+{KN(fl!f5*GIqB#cLBzj~AWzq|Qpv7wZH`yR7CTaj^yhP*ztbP z;*oWnr<2j7yu^>`4iHxi$5h^!_w73g-eUMKTMxPlm-bo-&#bGdQ#j3|a=#i%$3LPe zD)SA%4G`C?BaNoR{jtXNnfZ_HF=JJuLedt|H?qjRJNITb@aj%*da`y6Zat*R9uu;s?BUGe^r*#p03Ekb|Nks1V02P<)*-?i>VF$PJ74P22Qb;4VOb^xEF01X2rqRi)UCgLlGF~`bUxbErGK8LNu?%Qn29-H|t zpVJ#Fo7yP}qCbbWN4bIb2gYjeQrnSzHRvZTAR?m6^a5In6Iz=k?$b`a6>`oZ4YBF&)rZRB@QYH60VmWNiBJMW9 z-wx)V*Yx%2wqv+Vg2h2apcFNskT|w_e?pb0Yt*klgNL`9WlBsWHVJ2zIVD9)ES6ZB zg|`B%3b^Lvj6bv}T={d;jpJXA)0uUi>K8^D@6} zKL2_tzrUGV>+Ys-cRw- z%8o5vFOgO#k*u0WWfKol>S#nCl;b}Nyt82n=K>tN4-jh_Qzi3yQ+yt0ld*hY!~@{KUxdA*+Fj0!(6G>BVRmAu%Vm<~XDe{B9! z-N+%WSf4a?v80Mper){h3=`VRn1v4v49u{j%LJ~F(Cef0k{#Ws^yY=9zsIy4lvtk- zAC=^4M1R_NC@bP8;l2u;b?!`BdOlvp-)t(UEJB&26O}!{l*2{;(rV(9BqdAaHqkSP z;mzN8tQM}@Dp%@y2}bJ%=LLCN#s| zkD!jZ+%GC(Y_y#eU8Aogale^q_A(aGo6^2_6mAV}t&|IOfzVjZwX_ynLruoZOq=G- zPQ;>7zs#X2PeAe;+d|hHz6QWSxQd!yAuL_@ryf`XliDOb;$N_;eZ5Sf92r`WdymcR zVK)6bzN>Is2io|Ce}9fNnlIh7Q=}%z_UtPD@I%*zCsW)rp2DSY+>KA3z;U+Wd3!F7jz?j;> zJh+8dBk<8D)18L&lYG0H0H$OpxBPUp)9e0JrVS@-U07&$xgBDqtaz%1ZeLTW)gKV5 z0a!)SX`$;Mf4@8sX4zBNgE?HNO&~ZV_;xOmrpe^&yb^kxso+T(+Dxwa-aLhvmw3k_ zY^T}lW%=GkKDsDr=)!=b-SJjUh_{&>nee@EQ4r*V$_H59Z9=uuJS1{XBe8TaZVuWb z=Ki|y%KScYbUoc*X3#XE5O69*C*1JCu9u_Eqo5tvEr}N#vTI5e$%y9))V*CPe(FZ* zkK6ZS@>FDy;1%Zb6%|ULNh`HR`{B1{;M3@(`(#Hnb*x>pla8PrkT6R@H|ZbszkP3e zjPZm6KUX;2tN80Rg(Y#tHGEFzYBE_3K$Hy9`ibok`MTKJC2X5j7stU_l4HF}a?<;e zK!Glsg=pbA6|~#rbn_aW@B!sk?4PxFEv;>^Al_+mqClp>>HhFdcSoQ+kywo45nyfd zd9Jpj^|2w$3!7^yc4%*x8QhmXO)O<$(w_tVW`wga-3myj$*vF-a+8O>oV7;W@c=>vx?v7y zgQG411|sDut&(92lt)y4fL*F4MITu}YMVy9GK#Yfp|p}99-lhxOpO#!lQ`zk-rQiM zypx^OEvKSpsNjC{(Sz!KNHiO*-|CYUCE6w_y#@PN@Zh~G(r&+(lRn04_tQ-c>aCBq z#CcD;>sKGTsqJc81W1en1`EYVty|o`y-+`ZL9$-u-=TqK!+!qDoNj&SkD5c5g@bNB zVyO`A(6hTJ@GUwBP>%iq_A0Fv#5F!T28)sU2h;;wYXA~$RM0l91pcEeo&J|=q*zfo z3_momb?5OK4OuP10LV@f4v^rNLm}uxFmlrG-anvBl~BM7wiAqT zYheRW$;AKat$ozNPP7naYzgI-PnX6;6IaZ4YWVi*+{JuGgjr>hj;j!Q3`n9fGNv=A zC$gHuxVKo-#NKY>Oq|rW@9)4e5rZ*=9{Czbw^oPZ9W4%m36?kv50|U)qDrn`gbxIz zksl?-khed@w%O%Qw-w>H{y3WQ?s4FqVWLr0B59ewPQz6e`QF)>XQ&rj$<7?5b2;24 z^5Zu6_}Hw&%| z*K&M0kz%V-t(0|C6bmn@KckQJjRJWPVR-VR{CC(^M=*DQE^p-Y1mup-vn5>QgCChn zE}Z!RyhG0;U%8tMQnZY|#}P}jj8432hAJ=aU)SG8mF7}??Mc04?ppR-u)}n#a6uO5 zaM#CyIE?cyM<}%z5lbf&SKq2;I>Oqmf@7$$VUsxg0XeGoV>}O!oIZ^a)A>fp%yGv~Qb>GqwOQ^u2A zlaTqB`M@mIC>I9_jPA?lYh;8?$&+AzZm1zz zPcEioiE_-v%G^48{P20T&NCyRR}0vO=_Z~!999+@&Y?{^rUWi|x-31NxaLe`e-Hd( zP+iJ=oaQo2YAgv>P=h8t97HP9jEeTK+tSif6aO9g@4(J#SDO#JbCIXNFQ><@|5mN%^E`mz+wcPYomj`fmoKqtAV-BT5FZoZxXpRoiWZc(HkY$J_m}={cDmyRDG|xrs!w9NTZ+$Q@9PV z5%2@eS}1uKKED?kkRvV3S7;}^A)epeqqburr+r%c(w_~86H z?mspxf2~;lmp*h1Hw3Q8q&ZGQQsJwcq{40u66r<%01_D&xrL7CMcau)@sp6W}=K^&e(m!Sy4*~e9 zM)&CcIah+|g&uw_`C~vhr=eYu$a;5VaCW5H5leEL?3ymvC1P-aDBIoYo?2yzvy)Dt zwq5`&WCB3-fOo3p*Ux}Qp=y12`wCkum&vCHpy0L@y-D$7m9gd<6R&QLw0IWbQ=pyR zN&4|KJQKl-R`GTnteXmlo=E>QLin%NGp*+le1QPf?b6e*5PvHaZtl2@!VyBAZSV=f$r$N|;W^*knvj7-Xw^^%A#B_oX58TYa zdP<_8Vd3ugG3}7q8 ^kI`s$-aO)#3WkfIrZxv=LR0K&43j)LA(}m;j7DwfR=`4 z0LnSk=qm}vxdDD^l@Ez%}iaMy1g0D82j7OUQ(XMOVLp ze+P&wtvMV_7XtJis+!85uo`aNJzoBC8LwwzpM+nuvF4Bu%kMZkI!C6*1cEDXj|0V= zh(fDNO{R7a)}8D~Vr?m0Un(Wx1(eL-71D2*0&&IBf|p()U2t;#^UlgDkuONOEde*# z_=g4JAiP|c<%;MmPZ%m&uBxU!i4E47&iP#PcYiT{WLAjJYr+7DQ=pQ>+jIy8S2CBE zqDQnQtLz+9ltgcm8}7Q%$VVRNByWDWgP#Ug-1EctxzmdFU7I~$wA84skF%S*^Sp{A zvUZ7G`#}IP&OR_*4EWDWlX!S@V$yF9dKZ+BsaknA5rqHu(qi=kX{}m&^Z0RuTEd^ntMx zJHQ2WFijj_qN*zICPfy8Gq+)MV%DK#({u20Elm8P7Pf;2IM_k~LDju2zZV|wxoAAV zn#hAoQrp_{0-ab~wLg=iv0hRA^)zN?xFXZahOirX8wxMWb|~4R^)%1C{+B>*_IDbA zO{i>;Tv0jD=Jdfp%pJ(q;Sa4$Q9yMQhRBh)??H+spZ=Wr$E=AWnTt(-K@mubeT{cV zY50Pvd{O751(1&WFI8(CI9g4FYG z3&jvNE3G)- z>`Ks5Fz?J}JA8|@2Tu34vxOeInX;mPWr|!E-4hP%5>NDABo6-KSjwkuS`(Pxk~K*T z2b*ZT7canD@R`7#Oyi+?R!@OEAi0aTg2k4u1pNl>jFDNcn)(nQa<|>ll^gJI|21q) zqOoYfuXl+g!}raW0)p#n^(k!TGmm z&;ku>AowDn8|fx^@tE>C?<;Qk5|Gi%1|1H*W!AH8#+4_ZqA7KPf?}oG30snGe^xgu zZm%SFs7PG6V@E5a^?vDNZ#%hPbL|g29`Uonjf7U@hej5>Ks^mDj~C>*iUdH*9FK1W z+kOnGwW<{z?KoeAHSJ;5jdm%cCxB|G@CnL4r{T=Ca;?PyW{Y8S!ViNrKL+Nw&|goF zfvfUri}Zb%(VCUZ@AnI>e{Ufvgz93Y?WG}w1PfR`96)^W9li`5PKPEUhnOBSjW){t zg)?`Fb3WZ+%tDNFfeci9S5!zA7yHNcNAl*C*dsp~%)MZOe^SUK*}Hp>M;@%pw&^er zKxf`nC8i9Ss&D#=C_)CEiS8$H3jsZ+z*j)N!JPlFLP^>)r*YIis1i#3p3lh2L% z)!Vl55O)52CaE?wBUcKN2=a-@!S+)vU!>Pwv^3|FKn4l@D?)g_9Xkaq*uy1h!+W$s~mbY8?eYWpfv&0@X z^_PYd+n!_E*kH9jF*D*DEs7fxgAu_lvl`DFEBf-#9!e7p!KW;EHIBSz2!8ZOS8;gf z$bAKvSZwcHdX;&$Nlvk1QOAxHeT*0A76^*}x50^f|Hpvd2ZG7L*9pC+G@Sk-cGc&( zi1R5ZQV^H zPK=i9BsFAPLCgj3d1CqZQObPrat<4EWR+&JEs6q9+$foD6^bC0xr;-!-B6PI)*BJS zXUTIB(~mi&6|z1)-Fk&i)auLm2Zvj(?mLzi{?cV zqd)d&dYvza*;eD3l%b?7gxUK)a-^Yxfw^@P+eK_+T|IhWO{OkYL6b5`sH0r;$@AFk z(N7+i#o$Vk2|(;X)g(^ySb^&OSPv`UDBzPU96zqufW@kffzKJd5_@z&ZN|cne40AItY{qpIJQJdk`U)8SLZ4PY%Xs3GNWcZH_@9$tO zb`A3WqR2BqUseXc_}JV~i=NDuau6%;aHjpOLREjCHI&KdnR^Gw^9bmn>HZIElue~T zr=20%yU}BVR%1g|ZbeyQ?r3h`eYT9@hrOVuJvHTdm!FM~Y(rfW>M}I1F;yW? zTSG4>f#deA3RF^S{mh(I?a{cAk zcYXT1lq>YCGoc|gJpf}83f{D0cI+)w%hOl=k->| zr=;S9ivmz8jU^>#%6+(O`$ZXRt9p)1+&v-UlGo~yf#M_{&~EVTzAQ>tsnA2m=+AkJ zPAswB0{G&aZwGu$ZD9lOnFtPVF16O0qbqjK+ncJ;h3W}MYnwe|l{>wTCbh}_KSiH! z;SITeAIGHs0WTLeG_ZvYQ4KLcT)k*O+y(=^fj#EI?b3rS$d>SklADm0 z^Wm&Okb_!~Gf^x5IN*164Ov<;vfUo8^WlDoz1%Wf99jgVO-^ zoiE#}ftISu%yj2i>ESS%D``&P^nqzuUci%&v+{21x7k2iwYERZdifOiejxoR8Dle( z%1e<->r>iTyB+DZJ-*b+c7@1wIn>1XbvFc+9`?GnJS|$X?(a00`sH64C@TWY5ck1{ zb`Y%pA>{Z3_)fj3skd6P#F0GDXaa#`H7%_rz?8pwvTM2Bm!T{#-a>&n>RqIE5ql)L ztT#^E6P*2T(fd@qjRZ23?C*h@eNvOsMQdYSHTv!EB~N3W96lh49aj~WsR`Wi?tW2k-v@<-L<(G!4cmNP=1+H+bUG8jf$Kv%F zHm)rPX{N@s`*O9b?wv^8e%p5@+1L}Pf=e8(xP07d0SSY-ScoLL3`uV+4D|JUSj+XS zH^M9@e}=0@%6-pJAF8^JEK2)32hancYL6>`0?R`F0r|jDh@vLS%sDhy`<#6Q?YM$n z{_p3f+rN{xnKC-!J+Q7}x|3X6w@DcMlcj~mh2bz!zLIxEPv77<_fpG2rGS?P zs3fhI&mR8ILumJLL0kASqwUA~NhGzGbVjz{95rU!M!q%@-W{jiKb_~lmO@(WtzE8a zeJyifj`t2@e{LBs%RcCK&IFiYrhmLpo>Gd!GLHvtr|H!TVfLr6FMY@(x|VQ|N1yZe zDs)FOyMN6qi4f_iKF?YreBhY5;f)%h>jH3i2*tsV;;X`KkBm0CI(s(zjrA7ceZyju z|4LVWIOfr6I`e?G0O{(C=F}XliAUjSr}UN)>5oersb{nv8>X}STcq>B7h4>nzcrmk zSanBUj1Q32-)E$cux8Ba-s;Iy201@%tt9AJ_#N*tF8gvA@6JS}sd%s_|9M%WrS<9| zp33-?Z%vW_YOaUr2!}QNiM<%{iq}0%TeMuTjK}xlEaH-U{70ifP&vN|s`T@o4u`Kw z;u|NvmG5B@>0^(#K=T>hV!faaxnmk+7Nn7nb=QDU?bkDh>!2~Lu zLVTLzu4?A4dEItBbC12mEL&-gdg&$)&Qyu|sN4^J6x=qD9)ii{sKwWZAHG>KHoS4} z_NzWGfmQHBB?(0S);a(CpHlw_R`$4~wW9FXbcy{r*W-u?p%*%aFFC|&eLjIqIv+?LcpwT2GVi4Z=Nso0(aK&- zjY_;p+0?!?E#vVlusuI~ez9s)IcdwuVtW|P_Qg$TJKzCq9WnpL6TTJ=#~WajqD!V` zG7r<>VEPeCiz6!Q7uXci_ISu{9Zou6#~#~Xi!@$0DdD9jiaSsS`8uKYSB8JAL&)a# zojvmArR(Cs3}c5HNs{UJ%#-tuye@z&(~jlYW2JG7WzHVyx;M!?o%gj$FsmY_xY#2@ z_gYFkF_$v%MOR&_N`%t=0Y+)^FQSjWC%#Jp5Grg)f_#L(wzKtKpB-Bl%SCR*ku0mD zxvH$3$z7rufS+jqG$fy#lYCSek2Fs zyrq_rxFe||8g^0InBfrRHTYqKJ+7U+;cfIr=)~{HH_;u=+-*k+$NKR0h#wKq2s$!v zoz1Vy>a}61f~<;FpLO1gK9pyy19&PEPzr#Ymxx-9JQ9;OMfe87s-&Er)L^aHLksT3 zcHr4WKkzJqkoa4)qGiM^^I@qmpr#b`Yfd8MC5{wKPXLGgNPucJ45soU+--S@ z8X9iEzOMX}*Yehy9k4zFJN505mJw%0Ubd7+ux%d-^SNxXHi7$ zzDUsGb|tG~U$@m{dI4`p1#~^n70lyhzWk00HhIGpA98<(N1>;XU;4r=)yj|8!?HI? z9y1U`ePAN^O13}El@1WI3wA+fd$5loR8ZIj9m7+I-P}nBf9;PDJp90CP60xN5|90c zJKE{^D^Uc;p#(QNA+I~gYrhHdBo2`EFcNzpGP{7`1H7|!wh~J=Lb*qE^ka>@LTURn zHyGydx+LV-D451&4S@mQW`qP_V0Hk9*abRZ6-^(`=Kqq=<)spE6&Rh+R`UhWx@=wJ zIv5mFUZ+*j8y9=azTTQxW)|%2z*iEfVEfwmWCO|F(`V62r&OX&au`5UJ7hz20&^0+iG-ZH>7Dsxre(f z-hZdRur$a>?DhQIQlcM+Wfz*gbRRhkUnM2c-bsCH%whM@N~qlp%i{3iy#gW$ViNVp z-bbfw|3ScQ_#}huh-_Sp!%wQ4djV{F6iL^vU%L)Bipfix?AR*=Wi%*RPRQ2`iEne7 z#Mhuy(peHI?xqf|uY#v86v%^W{0#Pll@~>7?ozHZc}q0r&hP8;AEkKR*IklCD&n-W z_Df-1Pqzd8Enf0*QR&$tHbzvyz164m+IOWerY+VCc>LM!(Q1={8_W)=_Z$#xd_4FSm0p#wZe zDuWt{ppX(VSo$G$b;A@dUskd5IJjE?utAQS&Jez6xH?@`IoN8skIJoSEr6}7-aImO zAlB?=FMqbsS$=L$R4ZOQiP1q({5E{N)Ns^jZpVZBj^T2k$1WlvL+)87Df?|n3v~wq zt*b)5`^&#`Suuw9fM&>^bSUkC;-}fO#X~5$){;A%7W2X%e{|Oi8pc1b^DrmIIJYwI zPCJn&bQAgz9imh>?s~T~)%P~BQgP|c(wjdmgP8geA5}t)|Bht-uh980<_$6z5rv^H zM0;IZ8wH*}@hms}#M97_Mwk65GJ2gcy7~{mFMI)?Wxf>iXqX3|uPkE>yoP@uVJhQ( z_x9-U;p!>bO%SV$8!Od{U^!xn3Op*L%DYp;T0`iKvc8HP64E)QJH*68Ui;=x`N!(A z=bDtXp-hh!0H%05WHrrY`TCUz#VxWGt)2Xd^0x>}}ia=Tuffr=I79s42m zu|gy7&yiaEm(YV4u~Q69_2U7iK+*c_NYTgTIQTC|r25tZ#HO*7oTu2}9S9O12&8d6 zg8&v2gzYO_gxY|S1eXi_!U%7qgPX~q|DDynL`mHU4`<{7L ztUFhViqeUY3_6MuyOsfS7q(z@AMzR;CP9krN;*Ht4PUj-{LYM|)kxklSW+j1v!#kk*pitYuRwJN^0kMEgL3Dao z>v!R11KM=;)seYpezIb<`(Mc1{emgplQ}>n^`tdsnYhI7xz(KW;{L1bk-Xk5wy*$h zy96tvwz!erI$_MIVIh>uZ^8XzkLl`t^$d-gB&9;8FT!^Ye$tm{WidJ%T`U0hb3ZC? ze^k{w7=^VkT9bvusrL{oHCK3X9h0)uHUk!0-40*8w8EPhR_C8iQ^+b4a@*NCxmL$z zvxZA=l<8fm;Y$IlJ6%1d#%N zm|kjc9IApwS_u5~7%M~?xV1jUwygy1L-R8pCMjT8ekzN_u#aiC9W$m?az`mJT`~vo z7ySQ#LjQ|&Pry;F_$62t8%>eesTX6%hgmnGkhtxfxL^xB`^|QO7-0K?{<87{^(!bcdWgEONCzJ>% zr!4Yvj}Q|rT#~cShh57oPNd9|G;e$oH6jD*Amm*P+Xj4I*HdrJA_h;1Q8M+7NVoQ( zrga{%(tw#5i8fc1*6|O^`DnTpQid$Em(4 z`wxiw7Z0JwZVxSNSMeoYmmjYWVKq8#O^E+{^(M2qwe203QiWgffH zo~;Ca0~alHD9x1OCG<}v^ns<)*IFeoQ)SjdtKjz;O3>L>3t$??d+zJ3@TUoJ812LpoeY6Rp`Tewl&1unx{E> zz?-H*lu7d!yUn1y%xoH|RJ_VW>T1hFWp*&R4;@m8>7A>$_5dUK3tbIO8aLMeV96;c zg}-GZB$SRl0a`PiJ62{XqxS`-=2)ijrVyI$hRMVg9;r45WISe-$esw7MSEbZQnANo z%(EclK${$w@+2^)_WJ@ZZzP~4d#ff%nOf7DZ8avF+ESW7BbNDnYH#y7C(#GIN2&IS zYs#cr^)O!+opFbsh16Lo-RTjtyScq*okFbd2$wkOE8BtOYh?f{*p?p{#F zYfA3pCdL7G#1^OTG3CGJ`Zk9mObtxhr?Qi+KMl~5N06Uz|!$+P|4 zY=hyX=~rwocjKR=-9xioL}n;p`8?nwaT~8he%hP36+}4_WnKWyS-vr8RBZ>0I66=^ zg@)}>JLuJ6&DZ*LJ z6t{ET0{3S!buKOKS5)_k%~@-O_=&6V{R4XDqdDGt!n4$XdzkjJ4de|1ffW~S6StBe z(GpS)Keu|v-g!*cdkpn-n_*DOm&$WdB;T+x*h#lF(~x76aPpTf}**zLUF%HUzT#F z9MIUysu*Sd<O0y(7;lG+k z1+VGB0ez8om|2p{Ha{@*uJzO5w0ot!ZubProCkH1_K1yv8+S}LMkYr{Bw;FT7C)IN}#++84FW;%Sf z;UW&(;0k@*=d|AXNJ%V;J*q$-cUXaiOh6c+dmFi(D8Xv@HeTfSwOQ^c_gtr#2a|iZ z%C;of$VP${d6DA&qAV9-t(mO0?!&tzM_ne#$ogImAKYDPO*NHVD#w&6k!$WxV+pG+ z*?;+QM=>EBGm6q5Tky!%PV%JFF+8!bbYmY>N(17U43}@746$Mqr|5O`-&{*K%04@^ z(8;<3?0FXbGpqog~TT_gVzeJsxJr z^U0B~Vs~5b7tqgpdlh-kj`ZIhVSLu(r`d?W_n}8ZgE~K0U-SJxyuE2Wl<)sOJdBJa zlQsJ&TM@ElH&jTnW*1W-$)02|j3s0bp=3)NSti*M8L}s2mwoJOW~_rT-KWp@d;k8w z`}@Bi+z;;G|AD+bXs&Cn>%6Y_@jlMuINqlfd!BvYAo}-4!p=OeVhrkM{IljxD6fo} z7!;12U}tINd%$6$S#J!3(6mVWs1u<)CJu#QuFI<)80c(}Ozb^B=W#r}*hW{zlzE$^ zDe(E@M-6l6;(6hCk;}<>Uz5VP99hie4NUuNdoOIOUow%*8q=3IR4rtR`9a!^-NHlB z_ZDmi$D7Nqo^9po__2_8PHFZpM9=`@t)WalK80m(S*Op)P*~!!-kN1Or$I`5PSrdZ zYQu6+Il!j;$@QJ(q}VJeYew4#r^4qtS~P{owh+pPUsKQIQ1>Y!ZTBVhjyv%NJzc5dx#3ms{>OrG*%d#GX;2S>n^7D3zNiBxu;ZR5h>KZS zGa4?W>Uk7`Ht;2O>na%4a7^fPUfM$rGsk2vAP18^d|z^}0>s7pOTJI$X4K-oKU^R_ z#8N1wd$&l7zd`65#CMXIN!F)EW&v#~J+R-C%;AZTPAawr)Aq|37WN3d!ZNl=5xmSV ze{M^L{wgsyy2XOZc&YKeE|FLB_3Kz?Tk@49{zmuQiynGbQUy zK~(!w31F*-eWQ^WZ*iWV)lP>!$^0pEjoqgp9dkpt7qG$i;R(v%luq)TrZSy9imUdR z{xdSt`R9++nV257pDtP7^Gf8tlup3|C}p@jj1%_pUq~rFtZIBrG3z6*zuXzsY2B|Q zQ3JYZFZk)3w?M*_E=A0q6%3R40OY?7PmmPzN19}cnP^}+%Mek7XK0rMzr-G z5&v6SXXzhbxLj27QF#@Fq}0=B3ZxjLCPtP9lkFayzGySjBD-lMc-7v!LjWdhw!JyI zRv=$WQSF)0<9A3mHD3NeL*jh~#|g>PtX^pqU=ya9j%P@zhZ+OoJ*EgAk6>B@Y{uhB z!yMxj!!H%Dy21z!o0>|E^f$oHPz$q0)aGZrE|t+pvim!hQQuplL&AkPHy$gqr)zp2 z+Q_z}YrKqVdHdcUdc8qtWx=vfL!h^KOA=<->lXXU_5^w@PwHW_$>q45Ta0)hT%5~6 z)bZV?YWym48uV@Ym1B?;XIbVhbM9Hb)9s(R3lC=I`S!PPH*x7$57p@8j)t8M`B=JS zyS5|6!SkyePyg#}w{QXJj62>P65qY z^o9F6-rE8xkIcQtGUtU;+J%8=C%YKyn4dh)Sxrjmp#36y)+LlXT`i>LW|%I9FMwx1 z(4ailsBg`!xRF6J&&px!;p2RW z%3ZG($Wx6H4j$dS?u$R6HIGl)@z3cPd;DkYjnY!4UoQOpDg{L-9L--VqFi}1cB^gF z^c>E?&tVbbmSV$GQutwsb48;V>*4^t)SNu;6s>Z}6@nfE&??y~SG)=~3U`AxDJz#|Fmvl5w@YU5M47N7$ zsCWL1dT{0Bs>f;&ZDf1#S4wH+m$booiC7oMNOYziUs9=s4oominNGk5RnQOlKQW?( zfG^i=gr7v$?cNyJ#&g=B?`|kj+sY=`WxBa8G-&!6z2J0s79gN|!+$6g#BzyHY~Q<+ zbKbhfCHucI{48^!Z0*=5#-9sNZlzmO0$DnWYX!nl(;i7Ielk*tyy9#dVfS9J!U{%^ zXO`^G5DEkkEK8=B*Z87+*(3@YO!;nykAxug6@YJLg!c0OAKV9*SedhO{tur;36+dD zIdk)?Kgdp>F*@;JsOPtfy-1I=r*K!BByKucr@sArA*&aS!Ul3JOD-qILMGjZXUUtx z6iwGI1tysyQvG3}BFWOcK(qH)m*)wWlakPG>_iCC;HYB++j=`8WPJjb4V~O~YoONI ziQwAtG|o^u&PfW;Q@Ji|$Fv|*Nk53Hn@C0tM)IYORvVAk?xfTDB#!1MVSgleIiqiV zJ@up2t?O|?gAgC7OJ%Qn%~L*+l(xtJJ5|#CJFOnbnG9WO7bBINCa{0jCRsLgvVE2r zSUZ)fBrN}fVgJ-Mjg}Ck-qG0*yJPWX1L=trJL#vAzMz>Zd}3a$Q*m&)?Z<2LsIHn| zb4Y?u!q|LNBkK3Zj_(2&ONTru+EN8OqMNrvB{jO#e(4O}oA?a{WTqJ3)T!XGe+v;^ z$fHER?>4OoB?>`TT1WgMJ=Wh?zpJQ|DSbTWSF&Urq3RtcptbM`TfhFqo(-T^&a(I9 zO+%8xTAUln*6Kxnla-s)fzv}Bu7t6punSqs^cme4wbpwQULO_trWl4GW&qfzC5yF8 zo-FeC!9Q;Snep1VHMPG1o6{8NA-$UFexe}FKfatkdFs*RNjp^jm$V<0mY+ZM=&z28 zpZef=L*R-Rm((Ail}y zcSdWoy%c^(ex0S`UF?Efr^gQVzJM#Mb!u&Mz3>8;lJWu<^d{2lQm%3-;9S)eg z&djrA7s2-`(i3zT%Jfo^4nZ(bqzO2-TPqos@fT`u2D);^AB&DR9Yx>Pk4W0EqNTsa zrwFU+m^|&A>=_e$(Z$i9@4>E1^>9i=Y6#yB1WeK^>D#%Uah2TnL0nb5-QBB%riCz< z622@;LpcTsdRK^UZB$WMv0kR0?J1J#r@t?S%Zsj83p0Nq@SrPdTAd9A_S-*I#4Fz1 zxU`4A`&F;@+wajD7o{#{xkcAa+;sVdK1r@QUZMuSQ}Ju8RgBgG5)7dsTjm9~_O{_q z_izjg4gciU61;TLpMMeBPq}j-IpP{D+FxOy+RW;*vzr3?uzP_BwKs~An|rZIUy_xk z_eJ_vrVwCv0EdD0CM|%ytk<e z+BR5~IwV-Cd>oSty8<8K?7^Bpda4KiLXz#?VTbQYAF`+i(V&pjk;x7Ha@+wEfIWF) zx$u}p@We^1!haXeJW_dAobv=@=gp@Qr+MWLdf~y?IWDWQY`XAVHIJ#F^>3s@183;i zcmo}3MZ{NoKLxn<3i>V1PFRys-zzs(s)#nDzen>ry}i$w)15=0w}q*qwSOTu4qw;t zqwLzDuB;>OLD3?eWgqprz;H6?c&Vm9R`H}%`Ww{b*ECyOe=%{@2-D$1iB_y5nl9($ zy08DsS$zNY`T6P$ow44F_3g-)`zdyVg)=C+6&{7d5K>fB<+yD-l%xN(>Xq}i4%Y*w zz}5)anT+yw;Qm=@x$!pqaP?yAf~LTdy#h&pN+5A&{j?TN@1xz)rbhF(1f_wd#V^o1 zNbk}Xuf`7@LmD005R+e9H3n?DWqtCCltR^OX+bhm9)WTZD`BT3 zk*9>|qyX84xNW{2(XTe=pg)5dDQ8Q`cTOHO7Z?0@$^tK+^hW!p- z`;rkA?fGgkLa!eFanb7f_2i+lAk)KuoX-7ymGARdvIGB>-QJU5pFYL3K9Li(Tmpo; z22hJc#7`ye^I;VJLc*<(bgRCSOuQgx%opAOYJCk?fR{P9*sE(>$E7)hb6{7#wSI5It|kUt~#+66Tl@ z%sl0#dt`|PEeccOU&u`y)f9W+8;}#L!HV`kghXyscd&@l`WYKQJ$Tjz^pi6u~?>C&F0Dz87F{O!pS^&}Dok6@a2L;`$ zK~tui*Zr2yigx6@JiTUXwjWyIrRpy5oMvmCasdT)8-C3Y@Dv_^@0%^KE%2zvSk_vp z41p_OdwktN^8P&SF{z4p~K75(qPkm?rHmq+Kw`AlTLtI2Oy*e{Nz}$R_ihLVIb~Hazb7eX5FO z3NrfXzYF42x3-X{Fx+ZAjj-5Sb>Yt!uU_qcec`7e1fnQfjRcl2YQ#+9$q{|r%BRJX zAFka{iD;C5o_)voN5f04@d}V@6#56gupPv9aLsP4llTTG9J9RT!`!92UdW})D}{|R zO%!h`isifj_ES6QDcvx!{^B!WA>v=#`6uTEWly%TcBDb?BGf;%=I$AZyN)lva)oCOEk!j}JHDzH;7)V)7YUO6oi!dS$Htnh zrw*bN%yq2>4)kK4+W7)R!hQEh=KF=>$TEfta%i=8b2>fu7k*3zvs=lZehXg0^h5 zwLR)PW7-tf>R|*zyF~zjUXO*|T6t_-)$D%S%raH$bNR)hvdvxg=;5%SP@MJQ>tG(V zPczZQCaq#R5X)rbN{vakbc^IRj`WmfUfOhIW$<|Q8BT|h=1XLc7B*}@d+NszFD-rs zg)Pgq4-!?eY6`s9=IAr5&a2TnDl2U(A)e(Pr$`fd>#OX~e2So+U)=v*{^k;AuxW=E zOcfk8ZswC1_tIcp1MbJ7Q}XdQ8OH^VqRqwXrt2>4Cm!ccH{tb9x2v_?*`$_-&VjS;kk z-VaKHmh}mTIN%-TW9j#qtSkpFpc9IEmpeb*Cw;m_Jf7i}84TUvAWZQ38J${6Vhtx1r!7jIKh_m!yb7X2I{RIFQh1j3I^}KLDeG!}pS4>#5lE*s z32l-1^1a(c&*|P9o?7;ucZcKlvdO8Qb$fnC#UE&hp_E~CHzvc_!9=|M@ym3cSATde=uN@M+suc`ySS&w2iDwm%H(+K;U}C8TFQ(XohC&R$=?h5MCn-f?LCFUtn1UiZC6Pzu8Jqr7dS*J@9A;v;=F+?#)aHK^sE1xli=yA zuHTxb!T0SOt$$I;`&f|#Ennv4%bAZBGN)!jUlXMX$gnLqcf6}M>0M5=?+GP<(g*M3 zy=&Q}8u+94^v`wk?av?-DSk;gGq6}iIhljNxRh*q2uIn0WX*?GX=b{+(Aa17h+2(K zkm9O|jDQ3k9K{}WQ`HV%ZY8pj%S;B>6h?~`*ETAeDyf<;j$6$Qv(|^`fe;n%7RYb1 zHW985f|x9Zn2UW1CW>^?ljTUg2BK09U&`ZH$T-tMcZGv2 zbGaA+K>mHSbiB=HX08tG5z# zG`o6c7?`hsjG5W*CaE<-zHrH{LYnP;jn4yxp8K>A8Bn$ zk*3$4TJvg{H9evnFNpDhWbsbU$=de`BrEyM%qcMo*GKlRDVwEpGxdC_{nkRAM-m zPXQm5>#}?Pupl>We8-v>eq8;A`>=p4v+n!j%KM`YNG=T9G#MlZ59U_ZcvPmp)jFr{ zMWf`A^Zi;bTr2M-Q%^T*J6*J}dz<5JEsD16^72G4QuYrz*YMRluQ$K~qu_*ogX+Ub zzqVW98UHbAHS&J<@p2G5^QsZVPxNiiHVAyvv%S{uE}bTNZhpck#g#dCYN#1sQT5cf zW-@v=K;q>~mi3hQC7vI32>(Ima**u)1CxemguL%Kdxfn-;-gMTnJV8gXo1+L50+`vzAh3N zY^ogpQjc>bRcUIhiGiYZHbljfY^}kdu6BnoN#VW%0L;x=*LRD-Dr9WF)g-Fvk^X_V z*yx>?kHrg^KSy=-(io3>d3ST{6{57s_Wn_;PSf9oz1U2zB4h|R27g0`XGwqV)8L73 z>-YfJLiJ$R*YJNK0yw|kU=H%bm8mwOQ|iIEi=Rn!%NzF4+IBr=kz4#V59!&xL*r69 zF;J8bwXIie`w@19Y5Rr$&sD)rPJmn5>6|HDvOo*~_=xAAN8Jl>x7AX%SY#5OkYY2B7=zThR5 zi;Wircf?*d@CO088gTQQCmx<0`q!riI45Xul5IT0ck0-_^&6(VbV7UA%;X8j&wLabUirIn8qih7~2FLHoXMK<6V)9<#f zzGzpT@d5O2guORuw7~`*M-fayr&uOljp_1Dle}!rVJeC|&%_mS1)7k%fVi@_4PaoI zkk}K9%Ig;r_SJ#{%tF&4O84uIW0YNzjG8<7H|pK>+#5Xa9Q1V)?6*m5Q#;W!M#t{& z(~ga~EWH&Mc|yvOyL*hm{CUm`4wEjeHkeWyGRKZtJ2-_R@;HUy_XOB1*4~aJH_hgZ zOG3~X)Mxulkt@=%QX?02=4?ewb-kE3!`H*@vq*AN6VWr+pZKB7R>hIM?;A}f}GV_9%9)fL=eQ19|-QMUjegVQ^F zE+6QAeZ*b2$m{ZIXd{s3Q{vxh4B zz``beZhIhNyBy^#`yF~*h{@{w&H9FW$^x|uao$wKVY-^?yOqb5LpEJ+0#DY4-SlWH zjb@mo?P%j}HR`QriITW>k9n8_zT4TcZ;a=FRl zSzRnG%lLGeEE%o41q4@bt)75c07^1o`@PiWw2y5{jW)D~$T;9V9pco!FwmN9-py zPM`E>G|X_CIvQuII=;hQjFsIKmvt)#J_ z^N-&Snn{8sV5AA71g8?$efNmpT4E{c-`}_^H#F??py244MggJPK!X!@eYij7elLm_ zEN|C+;UIokWBUscdDD#A-oWqE4kZ50q3UBJkt=T}_s?F3?5xLvs$a*8LeB&1iZ!Vy zfc_o2P;Dns{F2qe0!@OBci+ZL%r7!Gafq;!I3rUCdW;@&lv!DHoQZJ0T2}oVWk&x! zs|57I5XYup>%DPOc=ILbTg7fK;vb7i_ZpKMdfQ-D$*czs8aG z6@fvn#Sb`5ZvAlLByehRt3Bh|(D51CF2NIE4R*YQ_wND=tS9YIlVgoL-WTf6CCFak zU{q2T{~*?vu(xe<4#ENW#I<73)z@4H#NtoX{@H;2|IOwFQWF0eK7KTS{D1w>xGV4u z_lw)#`j`-My&gXJN_}qNyL+!W9nv3+eD0bf4NdHSgq{Dgzo z)}5ZHQaYYt@~fH7E7P21E+1DocS`LWA5?bzqNRJKr}|WQX8jRIYtO&zQvXq;|KF`r zu`@;|U8om{b+2<*7}uNvLQx$Li{4&zx~=Q=<3l#HGM%Hv0H{~ihbdcfIphKb5DVnS z`b}VxU>PZI^n@oWyre|bPQc9N&$>vutA9x0UiISZ>t|YTNGrE@zaL7a_Un4qqhvWl_2~5_j{y_f?M^w>Em& zGHF&-9<874bNZ@?S749`KAq{%i^8nDBO*9ML1yAr(7x5|FE+}clH zV&(@Qv1-fT;I=cm%z*1qIq2IlzB_qLKF<(~^(F^z13%NzcJ0xRL=ySUl)B=ySVUKB zp`N^WnPijP)!_SYjWyjKsmU=RP`7wifc7y1c*;|@jP|*G5eLMa8T&a0`fxD+c(4-Z zE0B{1Oc@fA{k1gNMXl9h+tXjg_hxp6?rI1u#vF$%hl7RqH916Gm&(~1f?f3J!4pMX z303hHm>{nzVwWPB1P^4(38F*pZ*Kc zHl}SLrVv!Ghf_J@Yr^U|Sg*=;8&+(0g?_Mc;SouA^+9S>LWz}uetJ0GOnd{x9V_fT zHV96p2q}}Tr#4sK+8`)T%4vp7G^hSsgo+agnhj8lT+911w5_kMavas6Tm4+{UW=F9 zP^b+s0vuN1XB~*GhXMNFO2chiSSWpF(c+wjDAeNF(`+vJE|ECA7UQ{!mk%prUBuASvDoQe?j3|2<$aJyT_K~uZnsrrQD>gulP#L3lmg28F~ z(*9A?0Z)zgb1!edd?qBjQ7xWJ^a|L)q2I96bdd{Ns652XN)kHJy1Z}pi)oK=k>5pr zLwfXl{vwJE!;M>hw)9o^X^{u+eRn!zDHEByzKvr8wHDgi0=PpQ1M-z+21X7^dZ;Fj zU6usS!8gev8lTB~Q=X9{xaeYE1Q$AKi{BLOWua`gxA=u7Ce_X1y$;Q8Lx~T;vk~{C zl)P}Gx<~DfXhp%O-cGEmvWWS~vzQ-a;>l)lGwL-%FMbBtJ1UDdLzI4qaTN`17&ImWQOAv81~xwoytj4 zNGPw`&)OO^6pcLp`|^d5Ijc2Drhs>5z))3>CSPkb#gBkx9B+1==J)9RK5w?kdfs+k zBGVaKsYQv`Cg7h=oFYlRmtTXUN^9$!q&^7|UNC=wm8g(LHBw2QYueqdC?IVZ#ZgnV zt*}u1EDo(p{Vs!5fgE%+fysbs=LvyxpGovJ&JK^;gjue)KJNQ9#jL{P99ef3t=qJp zz7rgd8=jb0m1S`7`I5h^DU@A7(p>{|vq)o8J#!+An$l{9b?)A~Fu}3FUDHZc>ZjR8 zH6ed*Hfku4v|DPt1M`Q+Z-v~`e{5P(@8I{7nOUYU;rw3+b1($$T2B>=va9&kFYU25 z@Z^No4^G+o0=IMAO2R%X_Q1P`u1W;cc$mDA;@(o|6jehZWEHVmY>jRYM^RM zIvJm}b^CP0@Sj_8aZ}!{3a;O?Re)C0LoB>8V<7vr8l%9qY3xfgprXrk#(&x7*xMyJ zQ?GxB1D*_jaC;|eJb%kk_3hLDLhN@D`{(natCE4!p5gK*P2E+kNE{KxTS}W}9*d+1 zDJcm=mH>;o01wHniUkcuqxXwc8TY=u@i3Rj4EK=O9Gb>bp5rEuMVOnBD zIsQCYVcp@K4;4wQ0FiP+1@{#@L8KhFdAi38+qNYXTr8zdNU&3nZMGb-u5fDo)UCz+ zx$4M2&>@&x?C<{Fo5O?r{~DP3A25ae-+%v;Pvb6+V3c-DlP%CFzL3O5xqdeKA#&<^ zBN6uu!%GOVY~eYqOnf~mzw0Als9`l!Q@Z+Q5U))|kZpzwbil zwx&Wq_TT;p<;{mm<6oF%LgQFaISRYFt6@IG$1K_DWk7kY$%P>P5C9c1ccT*Y6L(?o^I3m)***@o}ds*;>6_RF0obyEInv;Wa&8(sdpG+mm|DIkLs4vs)l% zN%j}4a6r=4{1ezEjMulUiR@|__tRG^t}t_k<~-Eg6)hPGp^ju?B>&6kq`FSNH3>&9 zy7u8OfrufXzB^M>88ba-mNDVTsw?cqZFjBhwyv?RGOmMZXi<8#7dzdKc8Cl9<9Ub> zfdu$IM6gk4-T|-3Vy|ynwn&1Bnw)06ng5M`R`iXT2Uu`~rX`D`m%&nC~Q6;(CK-_THHs z-~-v!>2rVNF4|$xH?vW+O1O6BMoI-cQ?I#(w@+<%A`q_xiz^4BOsvUunzqiQdjwiP@|Bx=fh-37el+j+f!h~ z8ehOBir%sZ0hY=BBrSL$ft)9W+!On-MtIl|&v={+dB=6vKh;f#^^EF?*`Anh&YXm|Z9YkvaC`Ib7+lK$-nEg)zA>~Of@=#+P zQ`iWKZTXYS(!-yhqL_ZpX^JuCW-`TP-gXR#Y3!+!LBnhYB+J)Sn<|qhZhcAM`YoIo zm>qNC9Jg4AT)QB%0p|CSU(cWyxypi|CS=qyj#4%50vA1~u!jufcSLL>mQ~tqU7-qJ zSzDRd&i1?QW4C}F<7jFm&0SsY*`f2VgMUsi^!mmcTv<~YSgLw%r+jQ2Z@(CMrz<^y@@os|_|gPv|kgLKr7H0jvRtasX)~2X?0u3CM#JHlQt>%Y|13i(*a@tC}P|)NL(NOv>x5C*7p&-A(xha=PO+5uRimsPeU9AFZW(&kLr*DQ6!Rg%6iZLgtNf_o4fHW>525R?RvlnfS8 zI}sbV)W9=g2Wn~$t1)a*^551#gbc=lXw={^lXV@%Le4(8HYkSGSRU!wJ(oni+vIN) z={6g;+ofC*K81Kf<#3^jeXS!(;eCo95F2(qW*e{Y^2wd`cgdWk_3}>Y^FyAefH;Qa zf*I)prU~rgZpqA!A^3af-CxKMzz6L2p^Mnl!Ce|BNzzZ(E297SzEWOyl+)*bOM1GS zZ5?udI4(1#`=%{|iFzD(&E`ul6};8UA4lmSo`1IgkvMmLrTpxx_@pI6o zT7!d2XbJlvoUgT%Z=tf(teo1VvKApG|GQ9~Cdb+B^%jXdvK`U25ykAQpLIni#kjgQ zTUxBMHuYAXBP+Xj{%q)wx}fgQ6Bv)Ze{*Jri@K6 zX6CGik}{tI^cMi2CnyTNo(i_>QC~Y-N(1ML*gAYf9b;sD%B7n2^o)JNe{ADoYC&Tr z#90V#fGJqo_r6u_h#y^-kJw>O)FA>0qY93er}~T${e1!XzQOLM3^&D6QB38XD3D^s z_3#_aNXy>9@8ANNCooz#<^WZxqs*e~&0@C0`$lY2^xHCE5D%!_H$l2ECrB3tiVRS< zO@Lye0K^NQKqpdxx)|8y3Kw}mLfSgn$q3{N+k$*yDx9jI3j%9FzOW?77yb(YEesDX z_kJ!M*S3l8ht|fO4MA2+DcYQNS<-L3vOY3hG)gsB2~*`}kO`E(l4P z0(`a^n9P8dpoUEdffN!Vmh^F-{{O()88{zZoDYfBg5&f6mlZBhTZZo+}t|$msL0&I(*fGTwfnC4DePSi}+%)zS$=dGELs)jO3$U zjRqd+PQ0J{yDQF>5)W$&ciwpPynKnB#tm7S`+M5-<>R}C>`M7NA! z(2bJkMwY8d=fC#xD)aEq5qx>#_MJw-8R#*vm0`J19Q5sgXNJll32sR~Alv93(b!VC zEgKM9>?8!0P7B;9*8z-T9vVwX3_JF&9PiMxMINy(kwRSvEUT_>7yAVL#XK-z`7C$< zw7^%l6Zh9VL2r;2qJSg>U;u)7{eF~6F*pJlTGNuejgxE?CU>#t_V-7gxL#1?Tn~c- z!3QC9RkxI1JJ{870{hvMlB6z8t&>7-xf;_S1sMN7*MoJR8%3SiSKkiH5y;A2^2YRz zAvF#4#A@Uewb~^^lxe>P5b>i3svaL|hb;=MndA_a9I}1RNwCyi06f66VM!d=>G-Jd zT3h0Tb**I(E86R$y)KqL*WWQtIH{6Bc)gxWc|4A9XhFwy5zYnPey_;9Aj}cF==Yok zNjZapU>Ac1@iKoQZ3Ej;VOyPIy2O@O4uo#$gR|$@N6H`i$1F}>^cwp!p1Dxxx_K6_ zg};Z}J9`8_OO776J)qsce{`G0ngxV=)g<0(6ioAyi`-07nLaztMb|?hdK&eQ=(gx9 z;z3pQAQ7aQeFlLxZ_5r6V2be}d;G~)yZPV*-^pJ;VAI!cTfWs<5q?1W{Pp57YeOyA z7ll1*)Z4!h2JCDqT9w+snX@l)A6i`G$wAK1CZ?qyzL{3P%zHw1`i$^P)yyqph;SyY z7fjPg%T{5db*+P1*nqX2JbbMw&ix>!jk8xcihss1tO7vIwAsX}wixs(WFnBwS0{8S~>JGw<348E0 zN;cUFLl#`!pYjPr(IEo<1dCEchzm`sL6;!BA2wE7v1A80PkdtqYUFsi9ebie+G|fA$-yc#_zX{AX}%o{h1Bx ztq8PT$g#q6{t-S<80#rFW$E*>>QBn#bB6KFI$Bo$>umWx#8c0rE$i3Zvd<07lqS!z zu?L$am(ldEY2Sra*B5!hF)n26H2>XE{oYz_zVso<&*x?7!@Y9wuUh(YIgGR zioE(%Te!R2JI!h!CVUtWAKVSih!d2%L`015i$}$5O)N(F202nx8Id1cH zMu)}7+42X-?V}f8Ub7eeIDWQ(tVnIVgxUu-ovrsr8VI?T95xF7RI!c(oOQ+I_r&$= z+tGKD@0}R_6mRPh=*<0*%1W-9!g8)iyt}WmWyuqM=1~M8jdjYG(b1gAzYC^BHv<`J z&8a|8(ot;K(JE?kGoZ0-5vOZKMyaAQa1g(fKwcx@!iO{z6zvs;*0-ME&-ynAZiqC{27qSH-!eWPD>ey!{qc$@gsL;unlFTMp~=Q{6hb@(dS zJeYhkm@V|}E0MF>w`fJ?GUW6@@-+u#CWo7Rfo1g$k*!c6Kja0BHGlyh{tMBL{)1@y z-eZTpbyH&=K=vD(@Z6YVgsgirdV{rEd^{1=v{uO@E{|E|!rGoVk1BI~m`aScXC-xZ zcH$$pU#xpbK37ZPdK(><85erC;7+TsGdFjOPB1O`HF$94n(;fQYXC;?wvRm!#I`#` zQEQ#4&uMnm!FvoLin&b0)jN^i7bze)mIK^(vtGp-sM}cGeHLOR!NBLNEbIYh!pVd# zV#`XRh^>Y-10KQrE2nwB?P(|Ydp<1F<`yKFwd9-^WcBigW{_)|@EbDA`0ZV3YNYEZ z_AY);JOg(a3cz{~(HPbc z4xj)Xzsb#o=WXXCAehU83>S>>Bw<%yk9lPaRqHwPJN+J4#l2TuUlVl`K@j9$8~8w1@hgViX(dOy;m9PL4Y*qM1eD4zYpB2o&rq)&~##a$v*Fv z6)!1f3&-6WtxnM5FWShz(@$?Ej-_>dPt;AID9ps_zsfnWoP^SLI}qg+xO62h%)B1V zBIZ(3Bf4%HeG58yAb@QJ$QrrIiF{=Y!%tHD$ewosy&Jx~P4jNjx-Jubwuodi^PW!w6#ph?W}MA$vbfn;iy2c5(MrsLd9Ot2H!< zdz{XCMsRA)DK1jr2`l`;Dus7??L&O1*udWTK<|>qaq@@E;CXN_liuVqP7;4%nF7h6qzOym$>Y9V7)6p?gRJnwhQj+i z&ja;Lb-a8gk6BwmyBLlbpwytk1CBV%g#kb;X#L}Fg&d8I6QYLI34`58FgB$#ASd#X zG&4qqXj1;!skCR+rAiaX1t<~?Q9Kb0Vks)yM zePkqZOAb35G4vP0TT*6H29OSzo?R~L*#Ah<^i=x=$uQMO?m4?_i#l3dLixDP>jxip zt{_Ryg5ZS?*sB-0On9;r3JTaW%cdMM3+!lQoO$1cT4iEmeJmtZ{t$lSNm-|yWArYy`B;@x8wr{*p952q$CyM_9>uJ!*I8Kag z^;eR@VKuS#S8T*Ly-UxP_5|eGrH&K4^pH}0nTW0j`(T>Lh7%QllfAu!dErbjkXHFD zUd45N{r4lF5{n^rt7{D8P>!dCD0_mhNQeD(^S{2Kbq4k%MxJ=VTUnCnnG&FcL0FJ%(ev;(+s17?1VyL3CLsanO`_hq!|8=bwP$Z9V0@%m-3-Np~ z@~&J(i_v0EFUj%b?qj!h3`o?3^KIdN2JA~rS5Y!r8*}#e5c_ofG=Ca*LdlL+G}9)@ z-ktGne<35jJrqr%ZWL7veV13#d_v!}!`t1@S$y4SC+VrvnJB)ni$Pwx^K-!o7;va$ zZG!XxOdB-7zhIfI2NGz0VGDQtCPNy!!ds1zJ4#P^cI{+aMsM^L7rEWBk_6_@JJA7W z&wbC|fzVjo2buV-GduB92A1E`HZa=Xf>Z{Nhg8;tJZ22`I zA||*=yHVwxawZ8@lI6r>&j)Yh6W>Ed-iBRzR@kBnzfM^M*49Yuh5_aLBvs_nKP}1+ zz_dEyptj=;^64XoKXjJYn5tOZoEem6#}LuDEHG~XyLbMp?qTQ*C`#fuDg^bIJ zH*KzoBuEsb&RkGorDd9$+Fn-f4CG*^SwOM|Gm|Z+IX`&juekV~T$S0=an-xbeLDYS zs&cE+QvZR4Vg&Fj(~&)!IBmXtURJc^^bmyfHt{n!F5hR8dbK!L4y*HGz zH6+QmRE+`WK85$;E(Z*c{e@t2vf@HBd{fVkbMuABbW+a$(xBI#`6i2Eb{)z{DC1o( z4?A?UqV()qc|_BA59kDJ&}#w{{}EhX{%>#@yxRZ4%NGCO<#iM{#f0b?w#~4L(JO9s z@jvSy#u2IaLb{M)pmL$oJA2?JkT-DE!lvWz@k?AK(cPTv%#k`TIUnWEADYC@ww5{6 zmQ$e%uZVmS3WE*!rq;|fZK%t{nU(tQs{`z;kDYH#a6mlUw@C|Pwa1$B$ZMx(k8xOno(}?i3`y! zGSL*UBf+Npo~Zdw(+^gd)m7n>I79-K&FN}%pclm-dWYs{p3jDoS*9kBkt6wC4fI!D z4Vyg;{w@2prIj4QsNv>F>oYV&|IHN8QjIef(L@_8?-+;@^jI($vX@t6v6A@Y(8fe? z@ZyVee&$8fsw_)^_XIPIl1G$l*^2ER*sOX1zs6kBW<6%>-z#W?2lrcAvRn&IyXX=wR5Ax!M)mn7D z&p>3rhK?R64Iu$W-zAJ#$GfNaZQS*3tS)Mdf3rW=z8Cj^^xmglm{t=A(UIa5K;His zIOzMq0{8ovz@`+XW3`DeJbV zlflerOTwQ5@BGE2@yv1DDHLue0BFNMe1|yz&)~efnNSHy@K9s&6sF{ z+5#j0sWoAyXK+EsEnE!ds@yccCAAJ<-d~-8*j00Y!SyXbft1JZYcN6(2 zTj;3pkPmT^P!*-YYiaU?r!XXlmwab@p1mrljNqawZxChl~h0Txi?Y4F0v2_bgIP762ayAX)3~u~IP%=&fQy2RrqK^BDL#PzXX71g_vdT-SjQ4d<4?!WCjm4nAhk}>llG+xH zNNW@bheeg^<#4*5-$bMey?h=7fA&y)1CXGhmjqy+h(3u?ikCNy{D-@}=4uyGdNqH% zy?vXeoXKZWZ1YDQ{_rV&)`BE`7!10STw_2i9Xp(>%yCkm+aisQ)JN($rG|Yxx2&gr z%*Z|n^j*|zL$Sz}pWt%oYjR_Wzfepy=yc=`!S`ryprq^@vAYQe>vDGrxBBJTll%P6 zbA+)LnCiu_s7vP%j><^gNk4iZgsZ?mpMK)^&oV+jA)Nr|^$;F&%`qzf0FW@wf++n& z9!rOQ%+K4nGtYZ%xJE9k_xeI%4VI0MW(&duIraz)-HKVD3fe3xW-|@sk^(Phuze5i z->9U`7mS3J(L>^Vp2>7RqWw4Hexz^!%}Vc!d@$gafH=$o^1LDJI`|fpM3f=sd^xc> zJygD}7JlL8VxXe7Y-V{}@TP{QYWp$+-J|*z*nDSD-@zGdJ6|{z?@YZLqFz#paU#S^ zw+Qgn_9(Qetw^LcjCi#*ruwSC5YSyoO0qRGhCKnjjuaVA4fdU+Fd9)6?Goc^&rcbg zCP*v_2w4?jB%HYzSDVy4j-UAzqW7#+EJUAGhd~&jjbl9gjGRrr0_Zg*?AGyf&>z^N zQ^x=6lqbO%-*Cymhht6?=UeuF?EmQa{+KBJdp_=u4lG+H%~?!1j#Er|L17PX|9=tp z-ce0$?bdh@Bq}A+dr?4CK$IfIK)^x~5gQ^kNH5Y`fRNBps)B$h0#;CzSSTWp009Cj z9SKqsdMES%A?LR^=e_T}_Z#E8f8B5V#yDpvZU77tz1MKRpuse<#V&vEq`w{BzbsF@{e3z3g*RILgfX?|!ODfzvX>_hDn%0^ zd?10IJQWcE1E6P1b%X^p)&bX(KFu=HC-t>(m#cqicN-K^kLHG$M`jRQZ|KI(UN{?T zE0h5b&*yJt4!;uUS1z)<$nxbKlunQETxH@P(7_>a3`ZMd;tiQm>JTk7Vn=&XYWen@ zYhL_`1m*ylEGeE~TG8?0NXJFi%SP9%wxDOWP+P%yV-j;KYvgHiE%++3c0Azm2}Evl zK|<63`Vwen7}LWG&=k0N_}ma)c0d$%Q}j(|DaDvcH)VN42#^e0Hf|neT7Ck zV8g~%{*X-%M<*df2A7dB!<=-5|Q#wEi8Gghd^nrcrmNq*m=`v+@< zr%!8^WZ`e`R{jNAnp(B|!pwHUT2ni3)Uml^BzlhlXrsBb?)hR#GgG%x# zA(A;R$;Y?T_lLP@i3n_2Am8==EzFGBy2jS?e^DI$hw|uu<4+W6VZRp*Zy8uYPdO2D zt^YQ(Y-l4!2!6Kq>aQu0F)h+fJ69@))Sr2JzNuhEMTSl2&k4h#2m7lK_B)SHsiq#R zTWYjt_Jd2ksg}0GW(W}9Tim`PkHVC zDy8ujFT1}=7-d^@YRxPS2@86Dn|!sjH|NwT8$*%2VWSMcX^ztn*FyEx&4qX1D831Z zqECv*ZQU^15}=ry!>@p18srzB(UU5A{I8WlNs+3|VsFs1elx=T)I|TpK1&uU-|R)r7X`Dq26GEgMbJb5uOs57%3}cWIZ=z z)_^B|?M?~kjxaLK*ug90(hkIOZy*t*Wmd`*fS?~vz5Dp*ayFICNBu+I^~c=LXj;;K zdEaWM*^i?T6tif!0?vANL(qb6*jl3FStYtLWk=J-(RV&v(omXb_VG0+>zGec9vAI) ziCPWTd}V3lps4Um_sgu^!5zWrT6GJp`c$bDN%m!z3c-w5bNg{`p+8dHB&El(2NWUl zKo*;{a~<%i!OI%ERoEFt^90&C=H<;;?7WQ7D#&_fcrM4(VK{raGfQUQo?E}R#DBW_ zjcPMjsknGR+WC_RDB6W)n6zHB_FU+;6830Ts@4ls#n_iD2;TxZ1}Tl{#;(|)&6o_S zZ8M1*yLsUJ`bxja#Dic0g92CqM$HP%j}^B;B%dmgCX1@?TncsE5XKLtbi62N}cIZD{xLhcHdA?7>59VUWG zW4+5~mq!kQi2+)CmMKX^0Ctgw=5EetmzQ7$puDdS!(WK)ye^WF`L=Monrqpo4zKYW zY1*NVRN1=u>u@XI#WtvIRpe0WYwkfZ5g|+%FQyZi^dU4@y7Gb=S9x?+c$k)Jl z(8E-sb5MNvJvXfy*E4?!Wt-xCzO+ufs+^th+f2I=o)?y3g@j>XD8t&Y58tyATvd^9 zj8$uZ@)O6KWY-ru2j^1HZqE>_+iyOct|{|M|8REY^7|pOf3%7= zPhW3glLOMDNaCHmW6tZ>YQ0J5z-C-D1|&(eTv>MAjavlIT!6(Z zOfzET4&XU(B4C+1pxxRa%@>)lE%-U;Ez8LL(tVM#Z(~_)McTP6j8Z=6hvh(4V1uB@(+gg`5Qx*)9t01HZ!;>f)E{ z2O=*Ns6YRL(074Au_T2tH;i@2-#V%NpG-BuBVURs;r>0PF?V~wSdrV&CA#1E+9NXO zE4J`dg+dyv0VsRdy$Mv2p15CGeX9{9WP4 zEQ?`j3sBl@{dTxz&^y_5q2sMwrRhhc$KqMp!V_n!S(f>Tx;lw74Amlzta5v~l+IT{ z?H9@-H8*D(FVDW45^ANYNGt2LB&CV5I- z$r1IFd5Oyh5c~jgdg)0i%w{3Je(EV9B4=A3*fYi*gA-%9 ze?fAmgeS{9!T#(9+mf+U1Pcym-xr4%d>7pI<%MDtX5-w?69;YQ>TXMzM@`)Et6P^W+j@ZXV1oX}<#oir;uZ^F z*bgJTZeiF5YUf&IEX%E*ag_d1^cu;H);S=3IQ%e|JD@f|8OYg5+hn3VuyjFeeGU7M zZX%MS8aC17&>g6wtJ1dUe<$yQ+3jG&0}6Nj_xCHXege}d>oe%6>>XA99RTNXiO@!v z(VJ5A{mOqq_-u*vO`i3>m9TSwG|3T_kv9;$K9qNMObgd~a{JgE^9sJ3Sr2w& zLv={FD?`ndh~4G{q!)#Agkc)|G%ufuOVowlS!A=y0>2?fns_!+~cU zN5DGcwvJ%Lw+BI8bET9e16)KaxQI}X{5?-hZ^^UKV=)v7KB{FG{JM{qGc{bV_|S3U z>)eM9q+iZjj*rs)|1>MvrP;CUcwk!;yAl7IKmc$5=gtNFbLVPCn##c^k5GnQhgDe? zMrS&n^}1(#q_W>ZM$u_vb#P*Jn1Gm@PP;F);)>q~HXIx{P&!yP%>Iy>(V|Pcs~VvH ziZq^;JV*;kL9-N2|8)1#NHFI$5iGqIY9Huy7X)#J=jM{9}i9J9aGqbu!c8-GDy zZ#x24mro*($>rdiX^X2Xdc%Bf^4@0`$D~4ZihJh3OvPtRr~DlZuu6nM8oNIbTyGZj z1D5}m&oJ(%uRKqlA$M@HGEOFO`(`6khlYzRO**(f* z64YB5;iyxJ8}?Yha$l>=40Ph zNI!_uYbjG^d&#avF|O1bn9E4q)*$8cpp_}dKO(5IJ-7cXVtX1z)lz>Tl02f%Z?s=# z41f$1FW8pYUSN=x)scxcDfnVJ5oh3K>k%>D+t zn)iYK)spxB;_obDQl;VqjxJjzjEsRZq2Kg-zxR$_TAsB#)FmK!Id`lkG%dCS>smJ& zp*dh}cS-X}s8>-A*EjEBmr)Cm^)YfHaTg4Ydpm>JfTn?W$kdM26HG<|dJ8EO)GZd5sD2^osR0 zl_!AI;@)k**#wPgwgw=}fsH~(fm!<*JH0hWWFY>699hs{;z2#w5eLD%{FiHyrH;Nz zMa04biW;$_Txu<$qM?|;8>Ls~`p$M~IF@@N>PJ`^2dU5f2Q0b+vo*?F@yGH)GOt&i zzAft%1pPc&qw)`}MuGd$66*5K{%(4Qb9XV>jS_Wpc1w=*)$o$>V@=NUi|Q{%8Bz+P zs!x<$Dt6bt8S(uvx-if6u>rQ4m6tV4^7jl-Gv=enl+75p>xc5UxgUHwwGMi^%*h%-z|IoJE{^OMA_*ys z9XKURzUaP@akm;0S{o6|MQ;ip;|BxF0vIB?>M3X;t_G`_2eIrsq3u$q(?Vr}Rl9Rt z@R+|v4)nsmMGksaUw728Ej~blACwJ7`x)y=6_oCg{}oBP2T^>D+T+{h#jj7}^K+4-McD5QhC*ng=EYoiH7mDZ@FM68QVh=LpD7NRrmtgKq3N0BwRZSEw z|EQ_Yk{21%oQtvrJln*uG#y5f2)F#+vs9WRI6J{;K_?|V;E*iz$mLwuoh+~3PphcM zuvLBgPMgfVTlxIFT32(|H{>P7t1L^Y-vkCa^&~Az&}{UG53^*el;O0aHa3;%`um9> zx9EnzRrauDYbFFJX^|{uL5TR$rK6)0=Z)3U)zT`o`bECzHM2#LS-Yx0R{oD5Y@`%S z-S+AvbIcGm`7J=^gAj~&Ul>)tcKgsYh}3ScAKn-K4zB(-DRfcK^4Oz(<3njw&W4AT zQ>^b;b@m4b0F7i~q2Ug!M$q8}jZc91z66R8sy2)>99HI0Si74;*c zIcrMtUYAjqk=}IGlXM|GG;IEO0qj^0P}e4eYiDhjuq(BjT!eoMC5k$7pk>!?oLOoun7>mhS-bQrbq>9#m;;rl$pLUw{i z&7R+&FMxSI?-anC|Mcl+$;huHVsTQAi#B{YN4)aR;)JhUbv&%6K1IM?Y&H--r=(pYHc=2}l7ZCGhV>o#x;?Yp^`$`>1 zJ8ORxb{|TJ$lTxk_6zNIVn0cBE4>m-To3mSXkpFej*;&nn_hy*U5E(UAD7uUG~crS zuJVVpGioK`f`TTHK$GtNvW^eg4}MWA)MLTVh@;5XZq@YIv6 z1E@&}obQ+*DF&Oz(#KQiGs`Bm6E9cFbYRy^OOj8UCpc&qzhf9)M?PKOM9fD48Z=C5 zo0-3rxHtKQa}1DTQ5HzL7yt?awheg@S~rjx@W{NWS5sEDj|_sA(1t>$o(~1snuDbx z(AuQ95z_+TTStMLpAx*CvKfyNqRUBAUv#aV+t1S|nw%vsdouMy!#LAvQ~ftNj`>Gw z#rOy~)pHTsY>!!dn4;FyDaP(Bg3kVXWaJLraWozXj$C+ zCK)RpGiWjSF#=3?I)!aHL~Gxz!Oq+&Wik2J!h>RSZ{a@@5=F6*fy(h0%$B|0)DYsm zeq8eL5qcPEH}eHLSfYff1mybaFH{#DrO~)nOFdG zGV8aXjv2l8E)!^Jvg)8jgqAEdfka4EAmz343@d*f-?Vn3^fYF z?Dw|cFAqPLjD~IT%s$bofB=?Ip1wvo^-7gOhbaJ*hkj-rxq@LB3+1y0?*m@ zU0OHOxIGR#&*u(gc{d_8J$?QRP#gFfk9STzY^p172~kk6pJH=;v|yW%ijhD$Hf={d z&%dwMlO?9gOm%SNyLcw$y#<>xYicg+^4^XkTe_R4E8agu^nD6%>(uo9GGsK{r&Y&B zN%Kh9h(d5lf9m2JRg}xIjC&pYBDT)2eNZ}fhMYWF6OX^}Z;!btsH#3fjztCSz)LC| z9LjnG^;H%;yH7-lFB6nf@Reh|HOP&~XVh3fch*rg7wdH6GHcsmY<8RRas5B}cB1X1~;m2FjCJhuygjyo*F3#MgF)tafO0|ArQNqOU*d;XwStq_;y=z#IuD0A~A| zlV{)jk0#9j6)LoS;ov*Q>91ZVr5*?>71=#(_u_hYSKF}TE5GxRgA^yqLtk!g_|Llj z&G~Kk^|!le`uH!Et38)=3sy>bDtF!xFB3&bvi3omtTNEQgI%A!#`YaW>`JJk1PU1u zMCSHi5Ma-eUM3K6hv?Lg&ljvOi2@+AZ%rS4@>50VL-Yo)*Wfkffa|pYZb+Umj z2Cg=|9=XAj1e8++u+H~jkh88Yy}OtpkU$bTOeYyu_Ne!y>~F|AcIi-PJ-+3zP?Kt% zrnGDFLEQr$Km}E}{N)1WqvVts*-mIh7O!%a!fxp}A`{uyG6sc^+w)5ijI4YCU~U5P zq7K0im{#nHH3J+8wxCP4XS3?n)u1m^2vB-_gwVC88l7aNCMs~da#@kO%>NP*#7Y9LsEa5u;`YL1=DEMcD-P+_Mgn7l+L4X%z9@K* z0D(pxU5djW8L_o=yD?-K?w#izJ$pt>+jW07TQrLd;yRLzKE*WjIgITy0No@5^{}aV zP~ymWj4|s1u+x4W(1AVn9o1I3V}#-`{=K;N7ew`X_1P}rr{P8dqyE|p4n*HJ1HYK$ zP;&Cvso_!&wP_lu0`d7x%UT=ISe|vW17rAaIqSkS?AN%t9SW|xkW?|z6sK+n&kf}8pcVaV5dsMSj#nUn$ zxHwqEr22BBM5ZX->)=Y}&w*mg3_wY;n9uGZAm!+KRhg&Y8R}Y@rD^}bq(wFvj2vl^ z&4aMk7%4obgA!17wNYw=<2$(L;AnI9+c8D4pBTR=+R*&L+&Q(w%NI5*V(%MKtNVKz z$*p_DP3rJkX5~xXxqo7)3hpS>2B>?@(AZU_q#g6vY z3Lo{kJJaz;H3*C;2qm)81i;x34O&V7qzcS?9me({%q78P#TfN9i?`lT?zN(2ns`hG ziS;dXY9fLUG!{(fMhkcSe0F)=SbN1b@@WTTL&G}jnl8Nu2s4db05FI}Jlv4-GoRmb z})e;85xx;IKSp&|LmJ+lvz|vqJ(@TuhK{7>SYAyeQ zn16I+)@1wzNy6QrNhJqj#pxIwN8)N}`G*BDg%WZK$^32~C1y=}6ZeaXbl-b0Ov?Ua zoC)Yi02`N(s01!H$g6lSJ)8+g^?+Uy}Nk}_?i|Sas-Mn9%uc}qiLVP^^HQz(e z)ouI(8iA36O(M*n0Pfqe0ygI0UTgX`8L>1!!oc7YXt*RaM*&(c#;(ID@n?PcXY}Wy zbH7((MA*`u6#ZJXbEuF(r8oxdbSrRKHe?H@Q;-vEtlI*x*NO>lCs621@oKIP@sChpLb88t-3QoSrr=4~-0)!{?3R`}ZqhyS z58m@upY|%LmN|X@PMyaa%XZrR$df;6UE$FXd%#BmRQVDER<5P^Z-n{iZ-ja1>D2sO z74uSr&vN?SM@=o8T&H`%h+MizzJa<>YECt7p032g&2UD4d~=x^wxZdrAjTil|M7^OaAVC$+Q86V#qZBitG_&~RbL=- z>*!}drvcg%_r^%h=<GS4)*y2ul>G=;(;SsT2$k^f$1msRkX#6SwY_BOM*i2+FTuS<=8Z0 zoeFm4m%Wi^i=Ql$BCFNMo+!OoHh7XHDP;*GOM!CGXx2 zDH2<%dPH7F%QFRiUH!SvXdhdj03nC_@9mSGO*j;CyYq7MIvq%fs>Hd-Y;WE zw=JC2w#7B*h|XE`#CpjZJ7#7bZ)viPeZ+Vj6P3{nKSW`Qp$aKR%lLFP9}bW2F0Z@2 z%D;nO7q4~Th(G6|iZMi@kS(T3MayhJgL%0zdpG(ncnj0X4^c8qLsM2}JvagXPTrdY z?kboHJ!iSNo&XC%1=id_4kN#ZreAOr)rz}%c1iIEduXi)JRmuFoUXiapXQp#Fm`=8 z(D=S@aOhjAi1OVO$57bNl@H1K@==e-X_vQtZj=HL)BO%hE+a6L1c+$R2~B@RS=!+Q zTh8=a0qh+fK~JCx6efCoM2EZ>@)RAs#+Wjbv*Xu1`Q>yLeB7U<4GMR1<)dsS>K;U- z&O6ZB6O>C+Jnl8R`xRvcs)$39a$X;rD$tZ@3awi~^uJ=7WZy>&f^)A6HTRf)0YDjx zx{(bb@HIMr>PewMG>11`Nr^lj?P1=f7(uhAsI3>jo6^T z-)a*36e9HbUtU=S)}{56vMz_hodTi_d`&|D0hWorM4zJ~_Mzg|Y_IBEUfEW&cx-tw z`Lm$Np~mN-bQd(X*?18O@iaV zAAR_kd@e*a@}v(tT8ZWwy?#O+#^v_t&v3PijH;>PFaCAbUoHdr_gt#LGzJnQVCOta zqh3;`veWz3Z{@|0S6hagjt^^&eCKVeygLGk>egc80LLLllWsQ3{cYPIOL=~sE8gfO zK83HHRW4c}m@QI8zm5d*d*~HoLZFHe#`amw0f1T-2y6hrOo!l(IE7t%Y6aQ$Y$B8* zV&L+l=V}Bem2PiOc2-yB{W#vQ_RzN_>ydvg&G$4+LjR*#JW>pOVi|Vl+2yWFyLknV zwjL29cwgiggxov%OQqV0mz&$b*Kb+A5p92ZH z1}M@-63sP^VHojpP``M1(6ZU#sfnhe8!@fA(w#pY243siWFjm@Qiz`PesJcywufML zN0Zzg+{=q9xMlwSdG2A=+#un0O?vofHskS#5Vp?&fGm*Gq`XHx$;BhKY573AUjQot z_uiVic|R!W`Au`$y#I(z`Ib}aq+3k+nde1R|L|P@P@1I%f4FNyDP_jG$1@7fA!*KX0vC4R5F$x~;IU_y0P;78%+u(~DVX`_HRrSLU&6^7>@0 zBL-K^v|85M{|wmBor@%Hlc~L#XEVai$TbM%sI~~#atc>XuxQqL9~|e5#z_26mBQU# ztoz8mneT5}bA3HEezHE^F@4RWc7vzqojd=drPOf0)?h3LMiJ#Rdac^@z))R?dyL%2 zagTI_((+OF^VQo0I5%aNdBfA`8gL z9I>$-q`Sjs#@(fUR^_P=UcD+{b27~yQi7|~JwRKER&*();d3OC`4BnBBwoATbIkI; zlXj01FlQ^l54oXI{LX^qaq?jU{WpLW#m`Zsi07W=6lN275;A{&N?jRMXUok!*}M;Y zphR&oZ6uzdN?Rq8ue+58Z(q$k5MG>csx^|`a;Ps$leLm^XvXs~9Uw{BuT97e_G+-L z!Sp1Nhy_!MTVcA|r)AC`A8r|Cb?*0tUC+_4+l1^`yk=+t{|Nq=n}*QS6OTp>P7n6m zHnBaL(&R44Jdz+Ctv}Oq7@;vYhv*Ao>SIm;IMh3`&H0#R<_j7^ca=?^BAyg^;8?yf zVMt+nBBgJulaK%elgjMF{R4gd?o6q8tz+LUSucNh%{%ea+jT58pb0Xz@B8;rj0U#l z=yJ$zj0=F7Zmg49@asD|p(*+M==YP?Epu7dq&!CPiFEY<3i2=mzJeBb`&yePB!0Ah zQm0LLcjECGukmP@;^1MOgsJBd**kpL=BN^EACQGj7frK%1)53Bo@VkqiD?FU)5|~B zU>v9rV_HcHcLsGwc)pbW<+iNsN?3YBI%zQ769n;EeSCMvYW8VFW9lm(iPq=!!V~f4 zAZV)S=m+qMfVjDlctcz~VFd%~mQ)Kv+#S?~Iwa@PhjlSAPvpUVYyPJLE)&i`IGq*j zpd~Mt8j$Dt1$T1y9pb-M98z>p`MBn9^Dw}l*b#8p70;yYyF?)fF_g<~B)x1=GH9;VNc|tWpzpIS^ZjpuGX%uA@?nBX)dr z#{kb!PmUm3_35Ob&qgawnp-zcpAJb^5tEKt6%>{Y$)sY-4H@Z1h)`In1GCx=P`a3hgV2kVaOyAYK`-z1IX9nbIe!^z1y7?NYR`KvvYd~F zgqJ{M`tdBd7kC9Ms1Lxai~FZOI4qxta4i6f$ggpqq+{hO^B3fD@rdrpIRdu>-P$o= z)DvX9a@mF&)c3a@s(yZG>(23;94%Yf$smxL#iA1-h8-Wm?{Ng+P3lbyu4fUc$PG8@->%e3TI6eB|*4B{@|g zI1#e4;}ePGTv&9-LvR|{X>h+Z`T2nVVZe{l*wY)*F~cwEzyr%bbivQug*E7?uXDH` zYkdCv)6siHVmSu_`wMvTp9HbylHZem5Gs@zEy#^sFbi{yCFT{qa3kE-swE-1tjb^h z!j$c~7EbKxt>?NO1CN7bJe{2E*KnUc%Ef!$aV~QT59P5sYxeyXQ1X99W~pxnQE*#) zYOo#X0C*qE3b@`=bx)vg&^C$I;TmK-S#9&)#oHTx#m%?4Z5Ewb^lRsG^H`=NhR_do zK*`WdqNZ)HfmZDWewOKe6c{I}bs@i@|Dw=}_4vj4U&#gQA~z0- z2dZaN|ANFyvUaG4d)+jqEtCrNw&F#ur0X^{sj!|Akx12qua|86)32tPrQuJ|Z#s@z zpHr5Y*3fRlacZ?bz562N{>hSI2Uqw*mA#g0WM9-kG zXW8L?WoA!zEWbwjYCp>JMPoMrubV!B`wQ}4-DVZQZKez==RLPs2R&_>T#wne%;EMl z*XsEM!wq-x&-vt|gDlq?heD-enovjIqr^61X(7pQW6zgX7mDu;4M}_|o9B6NwEK`h zSUT?y#E-1m{!6Otzr{bWAwY`hg}oHh>02zD7D-GI)VU_nL?k`wLPd4WEuIHS)%R|R zM+Tp6zuB8ZMa1DbXjvb33#kk29455*Ga5Ovar$#9^S-DiL(S%C)8NO~plwp33|m^* z07-QKMI?sw<15(Q#aI8l?Wn0gvwAZC@-OsGU}ad+;#Zqy+$rtccGKH~wC{~dqfVNv z0Vng-X}$-iHTS^#$O6yb*c}O!JHUjNzh^>Ah}$!v{hjH({fvYx6^f~r7&Up$yCMOy z%?3DBEiZ^2MFh$X8Oz{V#MkGN03~@2P#O56wtQETZhj>^5}{i6J-S$>ugL$ZLV8~) z38Z3R|DEjck?<#gX@ZMKEP%b!7y!~Q@SC*aI^C1MM{bd;5k5ghMlbB{%09|wjjD2l zT-9uuf^gS=paXSaY_&+J&PaUV9Yya#vlA2Ci;b$!3o125AP>*va;^ygND8vZESJ;j zE-m-I5qbbu1*Oeljf|imr>bksgcCP+dVZcdef6B9yg&z=@|i&aE>%3Q z?GF3}vB{B6=1Uzi4MG4=k*F)^A$f%Gg~lBh^2*~&tq8s^$Nkj}f1YYmtvIh{yM!O9 zC7&NV{uYE^5QVVYT63LPC#fw(UvNGogPrXfw1)m{BZGD|ret`=$LFJ6i~ErWlcmwB zB6oZCb)C@Ek~n8^iAEUHh}V^wwXnh@K8*v9=GL(Jyixqcwu81Gh|vZCsW0)o%Vb9C zFleQGiX$p1@21G~Wv_Gm+WJqf84xDQQosxjjhNHlIpV9|E4lXQ=u8fm{hNLyOqiidPQb`yw zdJ=oVw#ITM=T%fUomB~B`Uo-{&aXz-57Fj!6);{ zVc+l#T$}S8@*0Ln0BI2+yZ+@&f6z|~;#%ktJR2}H)co1HPRv9xrPJKN7@>F4V+sQh zObdM3a5s99uy*qrG{c73Gt3@8c_+hcnX@_hmWf2Ez71=S_hWI%>c|MalAT(l09tu0 zpWEYU({r`n-tP|C_|)}%@PlQ~!uKnlefYuu;56vGzpdHX@B_QA<#Il=mI#2DZO8t( z5m8KgYv?&_J?w*Vj_^`kuuQ;jiv?EJ4tvKAi%N#jvTNiq8uzOZN)>WGLh6c&SvXtg zLe?n`5m_y-KjxH0Z+?&=y9L7WE;8E)D+ZX;K(7qMta)LOwW;0raPBWEDH_0OU+Y|v zz_qA)9PvD4n4kWfY9>NgxK5^~8xg2c)rU)GAi}$_3cpd(%a(}Q|1vovKb^!5#mik2=LFzBpQvx4T1F)o~LJ0``_NNb9)uK)C0p7`DG;ot>DCu5GF zbF@33wS=WBuIUu7&I0$72~ZqVF3U5k@^|;0gsc&F%u&+VUkV`G00!80N!%scW+Q@g zE)Vj3IaWhuU`8-5YpOks_x#Va$M2_P7j5iw7X`N3Jg2b<*cCTj9q?G>uK|UCDWc3G z8p^2Os|F%LVBYL{ega;-lMz8}UjMky*s8BG(P+~4%Oz>ZWBY?5b2NS0ieh@qm zTSs({fli^%?#aYRxD1oe?9UD}Rw*3t3yV*;vDDke)EdXy@6M!Xs^Ip?!fXM2Ysx{X zP+=!V?Yb7|T4=Rm?pc6h>I;~1&Gz-(En4lf1>QF>m#nKCg&l<3S=ddEdZ`uu%gR<7jJMy&3j4>b?+`aorP z%!h*9;Q}A{V)z=g7)vwVvUQPDWRuuzoVuYIy4??F!{A5 zdotR>lPhJ=(S4Gjt1#`eCpjM82kvMgIDhvv*a!3H|AK(hM6im9U6`yH8FI^#tiNy!VR%?6ai8~B!K}`6tYIgdSF>wPAa(L zkEU2gp6cy*h@axkNGnjEmeiqtq^9jh`CREOJ26#R-t*h;$GM9z+38znCpd4}v)?cV zu_$d}+Z-F2kHm>Y=ScP+Ejl>scS2JF#kOPd zfgVE~7GK_o@|67Q%Kq-n58l~*Cfu)1&ele&z#KcslU|r7Xf^PW0aWA;TR(O>vw+*1 zObH<-Sr>U9rPX{+m*+hm`X;DZOXRk{aQI>UCA-uD2t=5*fWPz_i_KMc3#B_ZQ zOpDWH?_59UWoSzK9V=AcCL3@2p;0*SZn}Y?V}I3uA1TE8blEiujJ%k;FTX6ASNlRjJWhK@>v=}p=aQJEbTV4ifN6RzXzjy-(jn4ZZg18$Y8n$0CmiI7RS z1x1;I{$*AypJzHNd-E`9LN@)~AfML2LjwbUzXAE)VxarP#Z;@lH+<)Yk^1tLkYdRj zc*F7nr?^wDlVARM!>~Cp5DwXhgfSFGe>RseF1@ru4mRXj{ggfuJ*C+!BcnApca82z zt%zZqd4K9v0Uh(BZR`3Y*GqDbCBL<3wqHqYNL>dLH1;z7z;HkJ<&pYl%Ho56=&$P2 z=d5a~-NiR~420a9&huLO>&fJWjlpjb*x*4lAjNB1?nB+IUv+z0^XtmPRyF&rCt`{F zL_YZ*T7$;vI zOm6)Td|l6r)gIW*WKjt26yC|(W`fS&XB*8?H`HZXl#rG1f_Ls%*{ zx?2Bz`#VobiO=8h`Rv9|4%q>|^Ny&^0J)%5{Ns5lD28B>gk#GAG#Dj3D)gga7(|~aipo_nqX?t&Q8TjE}&a~MG zPpU;!*~c4G*LxW1cXbwsK3O;3m{h#0W0kL5>McXdgTe@P(FVrlF8Dp9|IFl*sGnn+ zEn09VW>7~b5R+>(A$ge`HmJfISxa>mqHl;-hP~#mpHy5Liab@AF&JrPw?2dTI+Bc+ z^30h19ugI3*s-+lV*|}tm`jDVBAC+p@XhCFY*JJUE}`u3rG;kcXgM&zYA?9~$`r(W z@b%kGlSga}i$bFgY^thKA=$l8ne zHvsh|^ro#)99-cA{c4-F8Mk}ZHkz04WbVLDYqC>D%g67>Aw}vO&1yRw&jwo9ZkKlg zJ+=Ok>-vhQHAv5T8^e%|0bkZ*m7NK>!^->yL?u;4AWU0wa}x#*vyEA=t~0B=YL_r! zajWbsYqg{|;rX@70w~o6jCgfS?Nj$I`>#*b8H&@eL|s~f_xu9Y6cHev>&?2->is4mo&lxobneeA&oAgF z$*z*b!yn^r%lhBRM{h_dye^R+3t^-yg9gi4pI!DyT~F-&d^U{=hIKKh^H`8fEu=m} zkPMd@&EKa6rZn96X`E^p9e(gGtEYydxWAaM^g3MJVk$EtV~=`{!(saXNOT870n8XD z0L)uE=?+8_;2*N}8+wRQSLuqSp-4=3lU+WPbg2T1UU7Eo`#P5WGz7SgHvF zKE*s?ipbw2G*twN5nzn7G&uQ~@Y({0N!tB_FDi z#`dpow75>VKMebgftigyzX7eLE%dm^m!^wXr(T7>)b<|Ko?;bY-@{bT^0!px%yte* z?Mn7Qu=P#!BVeB$US)2XG0!1Q>9^?CBq?si_-Br6!y?rcE9q@UpAz2(KUU}~J~19B z0~A87-*+}QEWs`!L~Z}r&V2k+Pn1A=gO>oP>K%Y-VyHk6=k03 zA5k3b9=p$Tg7t)GDx~&G%%hYV&uYLtm)0RT)T&vVzVhgfe9POL;V38%z{<9~5Fs7A z+`pM7iW;c(V~CaZ1}U70pql(n9qw&WTCPrBNIp?}18*Gy@uIBZ+PAmmNwdTaI86$g za#KEaWF`Qi#bmK7h5OU?@ z!cLW6x8%^bk73|3yGbDsOM{$gZ}T&?Lea>l%R1-Z34yEh_iSDEf|h@nj@l3{Z{ zn~NO~DB#ZeCY2<`zh)L6+^hVdG00D6?sPnd^ZvvVjk9;6qB58AJn?(u1ij7ZOd57K z;5*ar8r0f#=N8={{F}ow<6f`PkVD4H}oYU7j;qCB#f?u@v`^l^nk`Xfu@mRGi^Q?K)ZK?aR7&Vq{rM*~v^-<-0bnAwY`c2yowYi;7(TKCC3uilXIhn_@ ziFkGzA%018Nxvg-L3bwOZq|YGpOII{#+M)glF~GAU|uQ`TL>U-d#zKi#k&`9HgHGg ztt-bfc&PcDLoERXZo#4v4G$)&vuJS+m2Ijsk8B10`w+pEiUt^<$~gF%tUiPcv!>mt zN_FHXH}T(8!2K8r&pQB|Z0ZBR{&yIDa8$zcdKW{Unn_#VIe*OgPEY7`A#@UXo)|L+ zW>##8BE;!&wwEh5Qb=r$Qq>;oX??$i8Fwn}U%#J8ACId2^#}-YOMwsde!{qbL}xVUsbwP za|g6v4g6yMmI6Taf#%|2}q(Ov2C;l+{PM5B{ei7ECf5>vkQef3SA3AYw!Je2}kQ_8hfIks% z_;5g)64Q?_*iA4elvZ2yokJJj&GpM|(UY>=3yWwRL@Utb8dgj-V%LJR3{JIfIE%=R zKb@{d6wKI3bTf%B+&6j!!;`jdPxFLG7N#;_KT3h6{Jp1kN_pCAq({i2e6qi9sfEho0f;d_oU zWPv%ULwFf?DZXk%K=|7_H6^xqv1itCEjDXYul6Cf*SCHcaKqU5Qkx#89il%Vv4y^V=^ODde+2;R7Tef;%lX>$=RxcT-!v5Q5E z_KB0jcTUL|+h-m!7E3NZAuOFrNlZ_KfJ%^h69r|)DM|dQ}Zs!M~yuoRQT%`RJT&6HRv1YPZwoAqqsgee?nf61aXZD;8A0tO3})gfS>79 zN@CIz@sH_V#VAh_f?LV@QnzE$`E(hNZS<$eM`Q8Hxbr$B8}gJy#P6LW3d(g={y+3Q z|1>wxsvKtp1y!6WMQWQr(1*d!zjVL9FrERU4KJ)eKYJqZxP!HM_gE}{23+xO7zkMi zD(SCAZdBg(iLnU3m1|pj^&D3Z%UC|G4F8{Bqlg}abJvxl-OhNA3YL;Fd8+h@I5EFc z&Kq}z*>Xd3ELCAu8_(R$`khVjNnqW_?ah5)-dpx)q>k0MwB)?ww9Pm;S5VOCfLX=N z=Be^x=ZU4AE3twH+gW3kGNM+tDU!q0u#GMQY+RVTxdY#w2T!7&gTc*COj%e{B%H_; zB-AT!%YDX<@K}5Ye2G+a0bRp&RBQpUbAk9h(j?rI&l~z=ELi5GfsjuYV{Hp1FSFMi z#vl^)cO+4KXTA-*TY^jS?-oO+{SjyMxWMw@Xlcv`_mGcY|~c5+e-b+5Y3a&;NWnXRY%-@0aJpESGD|?Af#V?ftv%>%Ok*ChmR(wwkkm z3vbDJa0HHiC5pl2&mnwK#k4&<;J~}p6iSd^)-Uxvh4`~+^GCO*M?R7uEXf5Y6VbpG z=y0DjjVZyD|8KF)z_TFqhYBIoP0>%nGOfE2=3=B*&mu~fkM*TuN{d?)CT`GM!k|ek zv@cO*cb$E8_QrvZG?QjFt|UVRPR%s8EV^mv9yiFNaStH3C2h9AINqKUgcOG_^$ZS` znrrwm*WXfSbN8LDN+BI3c4j&EvR9HQ`Zrrqn+EL$xnocm@$isXmpOR2gppwE?at;z zB?=~;Rm_kjGlkUtf z=BU7*jLDQp%BzxWDRqGp;>8Sl{`}Hp8EdGE=%Oj9Xazp}(#U!3+oY4Nx%N;GnzTW1 zbdT@Xg-WX5;F}%!dy|j!Sk^InZs$O(7+4A3d;z7^oG^iFA6jc#I5lv+;g7^4KoGPX z$J*ZAtXrRPZ>N*3kw9swDMpwW7WRBY20)KkgD?W~tU=MZs_3Rbe)>iguM_9f6}cr%=Mui*%=RsI5c$+KgW8> z1XEO5Q_pG|w#@(~RzD@U#F`Hc{ea~ zqaWD|blF%+(0-Y<13&Fj2f+kbm?*k4o#$2&z+INmy+wbIJ^1$uIsO%|;=xnySO{Dk<+20KA5?2h$elQFY$;^q*A|Pbgq)(6*9Aq{jLm1cPGtp{p1-%aq z*#)c-AyU!q06X6xpadJ1@!s*$P1sv4OCSoIWZb>OtD)BfhA^c6Ynh6V>-2OznLFR> znv)dHTQ^pT74VB>+x6<{86!#@H2fhcoD27UEksMNHuGxnm-MiG-1(48W{wplIMZ(G zAM_f{df_G*`zU3`_{f-iis$^9L_wAxMds>VGG~I_OWBK?=&b|GNZIKMp~XVeX_msa z0h+5(986W)f3kCb89JKI{r*YJ^)(eYuPq}Sy9nKm1f};+1Z%~a6FSnTX0AG)^!chz z&2VvDbxQLsJmIcv8|olTYs%T(^tFO6RAiGg0aIOVn6$m@*yn)e*E5kG)FA1Awug#_ zFRe)q2wp!fl#v+uws%~un@P*gil>R!!iNx?F1~|x=?i3IX{1fV#)->MV})lHOGMhH zn{+*53-HzdzCK z%m+!}#x9R3>+O*t$vP7r4={~-e*XTCuLJnbBfGgS0{^!&(yWJGGmHA;mOkc;g@YBv zfph*Rrkkdrjh(%3uP}X`_#h-pWjce z$1f7MpJfB-g6d_5H#7Q@f)uRHU(WbzKv5!mJt6pkE<~ZBz18(#Gw-!PdONj|Ui!Bz zx-ry53}QKixqoFUoKJ?jSZXdHVU4tYIs&*7Y_~PhDuT67wPdb8SW-&j?Zye%Id(MP zWI^=+fRbh!y=&TZ_JW<6WA)Ydz#vrh96(t4>87Cu3n?d2jlefSGImN&ZV!JF?hd_0 z3bi(*9>zTlKl`TJ-<*+T!g*go(Pnzp?-nD2xU0^W{k)SU6_H_J0j~L_ z_eYrXqc_rDQ0Ngn+2I>kidWh9w}8xOsC->07P?N^2p8z$tEowtQEG^K(dPdq>~asC zA;RTy$A#kk5P|ohN%q{;hioVQhbRxcmrp11nCaQ~UL7XiIs4q?5L6?n7Sw@((C2F9IcZMs55G1CviQ4d{VF+r3Zfle4pEGFyQK=>Q&!Ys~`xN^Prn(Q4wXyda;tFO0~6+#!H@p_F`^5O1W}aB zFpY)IPtriBKPY%Ge$lRjMJ4Rz|9bJDM94g8Pe z9$iZqTmoxwLKooxcfvpI$i66ZUkOOy^r@9|oTMXMf3p`AKkF);*SWu)GDJ(>V@x~c zVNyR{3bC)wuq4ro^_SI(Oz7VOJ$IH5bo@&5mu`bJJTwlN;3J8BetZk(7T!*AC8|Ya zI3;xwep{t~c_>30-F#|U(D_}(Wy^0dhX*|-MR`w0GOk@-k+x2{@d_WAmgils*z`Op zEUUEmTe%C)nn474e3EIEn3!~0^>>a3>5CA_K;kK4ISY^4U_D*a5GKPAHZ-1@t%Xpo zv%J>Ei=r_6f!B26#C;4SJ-d%RFJ#Y+G$<&5NBiH$`+vuaKFNc-8R0*Ogd;sjRU80Z z$`9!RXMzHYXQ{#_7f*N`mCr8CY((}cdsrzE9KMq{0jpO|9`|l>4Cxs zvy1TPo$^dpjSGUzZG$n2dG@OFWEQs7=H&J~*LRp$;xviFZmd1$kzGU!{w`#(Mc#yJ z7vrZVuj36DD=fafb7Wg#e1S=lwZotj8aP!mNOnzmY&*yx`^2|yyZa~XPBgvvv~i9h`g?i%KB|MXG#$Zxla1&9@@$+i|X zHG|6}&3+U}b>kzXfh9H;VMPAvOo-jRy!@kQlZ)GaMO2yI7er+9o~G=6krd}%ckJU) z!XbJxuBi_Dg^A7QamrsG2Y!4kds{iVWDK0b{?d*fZ?n`^XCQqfzw>C(R^rb$9@6DRmrd6(Qol8bfv-bye88~AziSLt6 z`BTDSmN2FPQ7WM}u5_*K!F}1tSSd@i^AJy-X|Z9$Uo$iaKbSEk13Y_sHXT@Sja8|f zrC6BS3=h~0vF66n_jLW72xC2BQR|)B)OHMJ9?#&!m2}X30sv}J|MenF6OLW}*0=Gl z?UTwyLvs^%ZqpP%AkAVG|5tQVpaA5mr_r$2@s{wU1%yG#?*IVf42lSGWD$@ft>>&sEB5X{wkzum2S?-#`n4t%$sEH z)z+5ccBDI?pgW%99y-GIw&b73ed*{6Ps9_HEM{^)c(SrYa3&~;j~mA<$X_Ifd9WlU z6{QvF58Vn3+c+}G;fM-4$d2}0jaEYYU{?aG-sA($D?^v#&oW#isMtSz;O7IO%qA`e zNxz*%N_dm)Xtrk{N$Daze!f26U;T_;x0~2G9Jgpbix^Ivy{@)}^THJR0MCAKWBHnd zd}M#qGO_UBX>^0kFo}i4xhgcbj_49KG%g?l&R5;UKTCDTbYoT1(E>Ms`HeKRq?|t2 z4Z)93{$=slaE~1Ar&FdF4Wb|De5tzJ8@y;HuIvuANB|8mbrq1Nx%F}|GSGOA-lbow zhi6j?#ZtjJ^%i#PTV`USqPeeIr5y)wzEe`5v~v_kp<*)?JwiM%g!nE@b=M~qe&4{9 z=JL`0rN~;Fz}A#2Z4t6=k`!R@(-;fP2SA8$ljUWWw1GhU51*ejX1wiXs%82nCcPwl z(v68^S@KuA*u4wuj7laKnND@&&P4PSTo#(3IdjJJV=?{6o)|)>c`Qrw*zSaWF@~MI zkB%`Z-{r}Ajsl1C0IQf3EdKWota>0G14EF^2@CELv71;VoBe=UX}i!S8Z1fg<*6^_tP2Z8)1fR{l_u<9SH}FZc^qM)D^Q&B(1SZA49T4%iPCk^Ysv-acXF~M= zSoI$uSoZ;ho-G4RYXz!tV`&V)R3NxDi2#1Y$o18J9}xaw-6aY4vGgfAjMqP`d*#49 zlO=q)y)4ooW6H^JAO?zZeoi>Sl@81tk`GtxB3Mo{cPBQQIM7pEZ4Vl`rUVEWK%I>w zoeTjVr~+w`xD0=JfSiEmqgVAsotgDEL-h3-Z;5{!8;hJQML7&p4Do9NJpvuz6Tmqf zr~x0r0s3a!c6rHt6At1Hza6-DYpgqxo2+|34@cQ^{{6@yv{nw}x^Yn@2@rTMoWg;i zAswv0ft0VTYlljy%JPEB%J@LEL4e_jtOXn$$UlW3-PAir$QC`Tba3HVE{uX!B(|gW z8aOlHG10{Nx>sFxJh}N1t`taecuM1VOjeCMqNRl0^?EGvK%mEJHdY^W84EY2``5*q zAVdN)SrJySNcoHXes0krvUxA^I9oa5iMej~?*qhID|qB62Ju-6loNJ<=i=ZVt)dZ!s;&esQY| zQ*F!~%1N(zX=$&XV8Z0Gz9`|`dgAIVHN3wTzy#}>_z7N`*-FW967W$BQ5})*d%q){ zmV>|e2W0p8`)8I5gE9+8&N55}F9x5N;M8hucoHm80WePrIXxbute$h}1MHSFVdfW%xEJe(xiKp?`qzB!UfoyOS*^6h9kW%YfICRDMRZCrMYxFBu zc~W}6b8Xz91ps1ZMz3}EWq+g#sDR-H@Q!5rTl$yck-_CB*PPU^**HD@{G6aAxso0$QJtDoTxu%yd^ zONTD`N%`Lfp_AVN@IlX#U<*CT%Y|QowN)yl0_L!QG_3ew>N@wF%kJ{%deHOj5-8~3 zqxPLq-&6awf7rknu;X$F5vUL#Agrw(<9oyaQj!F5Uj6EYDG`2bP%M&a@DUe?q4t;hqD|GJYreY zd%JHa0r|w#p zga^?5s%T*S9P|RCL3XR*KrjYBp#MKAbnsUya(7I4%UG0q!;%80H4{4eljeo zFLxev;xFfBR!)-QRV2)@;b(RhG5V%mN`V=+I(nfFNa_7$cdXqF2vHZ|o@c))8C&Z3 zYh81ihE|9l^A%i61{>qwE657bQ%S1t%Q2fN&A(bNaC}R(7493;F&Dd(@TdsLB#G5?#_iIky*dc@_ zZ?iL6b^4GzPg<=Ud7m}litm6NBm1Qa>z7HODDVcdG*~P(U)kOGkdR4*|9q3U8oVAP zeU}$J{ZE6>&@6&|>s0%+s!Yi$#h>@1+8FN9E5Zo1m=uXUadapkNx2N)B5L#&t;a6a_+F5HJ zX*FKhjXBbM-VJ!oB(NXy?$uwKG4`!-_C>~yNcPS-f!$rfvi-8b!RKdfk>kIHleHEF zn&w6aoQ5R)7J3|`X`*5Zjg&AHd$FdwVjhw!oLJ#rFrAZ|W@73L^nc<#B121ZdY>+j zO}Af!Z)EUhfs|`{Y(rb}xAb9Da-#{_PSQS4iB%HRem?a350~!#T3u*CP6C1*Arm@l zohj=!Dr@zkkvszm&(tqUE#>T58g7mCmr+C;mHwzb<&S$p2(X2(At$1C&-J~B4mXn= z3jGv!Qgg9S^31+b=Q0TFdag>zfdU?hhWN7!O>(VM{@6`gY;V_nrNS@HoY|46f9DaF zm1ad-lwsp!Wkcur(upFPoH;QJgp#0yum$2FC&o6N9*r?6v4&l-dapfuI%KViLM4$wY{#Tf?_#|9b5+L+nQ~{tW4q z)hBYpvn1sMz31%$CZyik`)7sPTnVAPMUwA-1Rum6(BIzB1MtLS8p(4I?++~RkMk=k z3F{Mc7%emTJ&)L)qTBYM)H8z?X*^F&P_r7Z0>YxV9-^vYcH(RPtn}@YL(dGm?>p#x zovqQVkqh+KfMR_QARZeQ%Ew@d%IcxzJ5%qSr$o=fk~ayn6WT?0&d%ulXvK%Tt0#}{ zl#hl^A?CQI4p!(UKKuMxOoCs*_Z>05ZZg#L7xO^U!{4JB{5@KQErilNgE#ahONvZX zK-TNN#QqjE6!5(e*BytF`e*N^6;@#&WMK-)Qqy6wIM)BZk_RPHLvS>8a+F$CdO^~; z*mv^^2%yQq&xYGU?h+uEl|WRD-9a@7UNkw>^?1f#wrH5kbD`ur(-;4dZ-bQTQ(vNP zk4@4V?=bEK4b<%}!2LvPFS!IrvSjMmHMOdkE$!(B6&Y^PsX*5_A$JqY$Y}$EV{b=? zLTZa}3xXIaoGg4GM#jzLA_xvfhJgV}a zgYqhf_2}NPIolhO4CPuLJzbC()1Kr`@tecOU!teI=;Jxw`tHz|=w5>5BP6HVmPR>Q zL7A1YhCmIza~cTtmZok2X#X&UyccigIz|dUwwYd=T)B)KiPP)feOqd%CWn9cc4VjM z63?5p!fBHFLu5t-bdoQ1fegSrXbtMgT8Aa`$^M*SO zEO1fa4{5^Y*-F5)5~iNN?BmAtkhiuaAQ%2GXz40WtDt}PORXbPW9HP!VU%z6RsB;Y zEIW|Gf!*a2X=X?c*LPJL|Ip+u;Lq@PP0Xw@5_zF$usHzfe%|<6qE>=L-h@2ITMUe#Mx1F5f+|^1a zy=F_ztZBmf(b{)c1;!+X(3nq$?+*UDp;6>KAUNQEO;U&4NpXH5T}R+g@m_aB*U62Z zukDewMUlI;yloQOaX!(#*-{gn-2_^jjsM9&mRDA(Y~Lahswn`>$9N93Fd9LCW613S zNEHH}bAZB|{8ts#fA(oXfzeZdeCLt&lVAV z8QtHl>0KI#i*TOqP}#{aA^>CQStpt>73h%JS0O*y!pwBeSXTJrhDOXdhPRptt)qTHpSWhbU0zUf&&NI&p9&PiDSNx_SHIvPWjVSU&}W?ik_AAVHmje{gSv z865%lYOJ3mP09}1yu!zK_5IIne~o+Wk;PM#Z@p-y#KMxi*WT}~j)nQl!mMuae}=ms zN0`|#BuK;x>z1&DTI$fa583VUMtORXK}ZqCDb6ZrUF9AeT%X_7NmhL8m-@^Qx=MB0 zZ4s&T6FzJy$)|j=vZ6Ngyp)rIO@_zBcCehcp}RCc~Xi2YxB6J{Jrq%`2Ciwa9%5s68E8k<%#k~273GSt8<_nV1j2qD|F!b zvg~l0swYy>Wh)6x1n6Pdmo$e}hgNeJ*SDuHpHVWjL_n2Dpjz>tG-P+F?%v)oHD=%Y z4KxS7&i-&OG~Au?XM)X@Dvy$d+1a@bJkvv_69gIRkDqc1PTp^Q(k7h$K}+8yCJv+gej)2b{GP24b=;s?cDH*ZCM|4W|0+h)(IE% zoHB^_UP|y08=AcO^8BW9uOt)hGw<==SoF7No#mS;0|$Yu-hoHI-EU{kDxY0`_}rcP zHL6q_FyVMp2>;&wrUh+z8r+LjQe6u+^V8e9@a&eX8HrQ%&3YGAz`4ce?6>&?Yijnd zwDIrjF*ZYx>}Du%g@Kw6yZBT00ZJiclLoT&E|38Z9q!3Oo%M)}S4=V z$i@JmPZvJ*>?U_llg1p~;m;RX?#r8Mm}<64i_6j#8%`P7r`JVe;q3+n z8ZMmZNMzlfa!3}9et!LNMC`r=eZQClz?@XPiojvb|9#jiAbE;J*ZY3!A*R%+xU#Wu zzyWQkEhM6uZ3OE@$78X>kQkN+5d1*u0d(Zf%|F)#bZ)_S`YT-;ZkDAn9%I z%0_Aj)4Z4FZVl{`2{fBg_@8Qbao`+XN$~n26S;eCZw$-&7Wt+$I_If4Gi@bjgCE3W z3$q#+V7PTBH8LUwI4a}`;FwrwLCC9sULxc*!)`QQ{G9$3xhWj3f}tj<{P{|Z1-26>FUm?rnQu_L zUnA*dg{y-QqD~%9`dtXp9BAT43iT*n0RZp?_7EHDfHdU~({%BiDWR6V=+OMag7-YV_#nKet||r4>UcR09yU?ooZe09$G4`tS*wK`=2(+ zwMOp&?J#<-AOON*p)LMEvAWlSIB%E?ryA!0< zI#W?q@QcU(v?!5cjahk^UXz3O#DNzX++=dQ1?j7vk|6=tHgw-%E{m{HI$E zq=6io26_$DmH^*Qj^G%qOsdQ^w{bwn=(c#0PeOG-icZ0 zOm?hUmp(DSrYN9z$^JS>eT}+K-BjW$D$4I;qsg9)-<*FX&NWdc6D_u9f7OqpCKs^} zAI*^ND0ia31;(%|$CYT-X=`jwn>7`R4`%=-9xm!FOGs4~cJTCL+ z^O7Ge%V%sYS~b_S`k9DqyH=b;X~lpT@IqsJbyP22?tITCl6))jspMePTs&wTJxey z=c3aObvoVf*R>{YJ6vzeGU@jhE72r`{eF`+W6e5y>IC=&mfjvVkrOx6FX@kQdU!?X zX7SHLljo<`r}P|5p`_*sOfosyeMNae9O{LOhRV~E=5}1sbL*sL5MmA$I~6}UPCIms zTyah+4D>tL+aK0wyQk_mwQW>kJ<|w5w8c-1WG!DS!u-f^u(1}Oz!!@AG2zpJ&o++q zJ$@!|@j951<4h@aiN-!v6z|1PkdmcK-QVg|9y)&Aoi(h{oVG56jN`ckdI=}Kmms!*L@Dj=%iQR5jXj?%|6ZZR`cRXg2 zoL>6=87iO$eGJMWOyTLa<5oBocu48H3E%L!M2sb`HA`BdQ4abR_nt?;@jmXCW|_UF zWj`tWVNU*}fPh(#k>f>nQ8K}jcH5tb~-B?tfilm0Gp{6vn%!? zS*Y^G&ep;pX2`S``8>Om?F$-J2IwZKi6(CKPc~G)*yYK$zjp6M!%h&H!&YgoD^2@R zo91HG@8GJiwvC~z$1suFQXAK$@vQ^ZxmnK>;F}lEM2Ho}Kd1iv<}B$aS?mnyidNA( z$s%kAo8j76=#PD=?gVeFr#vLG!@#7=xYVDF6kgv8r(r`NY~h=v>YBJY2sx0z@l6IW zjBn>cI!Y@w&ceTz^33znZn29PVcq~!50ZRYF_}**2@hn=+FqXxi3v8A-MiWivkx8e znUwTr<#Hm4r70O@B(A97dl!=fz0Vzo6e}3Ag0PUKckN zJF`ap(%mqVMpGPoWmFh}k-_{BsDIlX1R-XGM{i}6F1$7p*&cG@&^7Cg{5gi2dFL^5 zd|f@+EU#ecto3CxgirP#sF5>OlDgVR6+M1sb)7Yli5*q7>?Ntxh4sH{*oysUmnx}<5H^uTEma^LJ;b>bD9`ODSSFX6H@ z%6iZOSo>qFymIXtyD=YAa?#64!qh^5am&Gzig-KO2=cwX z5lI0M-3sshMfaBW01+;PL5?ESagx`1CHA%Zpo$#G>JP{q2=K%QTpiuGNK#+6X|{Q> zxi=&jT5p0tCm7FxO#VbUnkgYS#twVFZ~Y9=01}k!hsZ*}Zz(c{MDW6OSYa94=wN(F z3gPfNyHU$b2ktFRQvV@sQ{5Ylk~I|Zp7Z#1osY<+=K*WCeUUo#&B^W!bBrxthgvUp zh?EN_bH>;vJ3&4R2;nS%ntd?{;LUEh&I}y}jJ7zY<4MtRyuOh3@<+Moj!j_pKsnlC zRB7)SpYwB_pB{mqkdxY?`cA!*cq=9=V-C(W5<;4#+9-vdhM_YIq3|DAb`KGSkRJlW zfN^F9!5INRhT+hE3M7m{8u5FGJ64e`voSL$d?jOfs431lhF;nJzQ38OZ*7IU6sbC) zCk#83R3r+pGYa#!?EzE*{pTD)AonLc4RS}+0KPx|1FEeq@8B(8_U`WU^(^Cdu_;+8 z>W@f zEi@Ov;-ONhw5mW-fSqK%tlR95I1Y|AmKVRa{r%}?tEN5U^+o2D$Yp0?L&}?RfhuhQ zr1p>DCeJ27toUsuaK=96jRc%Y@tqEO>INRBA8iNKjZjCjecL7+1`fGJ=8q%iA%r1s~r zIoX%1sj>5`)7Ykbt-ZjeSFy9XplNxe9^!W%;v`W$d&TFhV0!opzmB5dImSU(`qbA<~`?q zsdT?2B45%$ryxE`w^(glo$v?ba4!M)kBqNmpEf)mdz9hyji%F zKR25s;ewE@6+k_sBB_IBVEdF#f>Y#v z3X@u2Vc7K%$d_1MtOslQZ(;Ah0CT&En)PSeseCCr)nK5sUAsb)uvYKr!=E6d$=AZ* zdts{{n%y9hzhgqX)Hv4@>yWc(Rw)NCci*PVI?64`5V1F(C!p z&?@xPiOpU~k-ut4UhhSGNgD5Cfg6a#}OasPlYz}7(BO$|R<>2I5ewR5@| z*}Y_G{2*cUxD}7$ilcJmJl0s+?;%&{ejL1m6%n}Nz=itru<9vK3$gt0Cld{4`2bnk za;F>3nQ9)Su=RrW{Irq-5dYx9Q9VZ7K+KpdRrejh9-V*D>~FVi(Nn=vYiXgms{rzs z^$81VEq*UqRzz+SL^$?woXMTV&ZC}0ZMxH=1xg#ke+_{bsV3r`9GEW}l7H#9n+l-n zikbh2`RLA+JE8DBo2ub>TyT3hlBv5XVXbKP%+Z{Hzl)vag92Sn2xrqnywLGjb!5{* zje!bFVP?nBwxvk|_lVX@x}d}#9%9nrLDGBHW^O6b6nF9Ix;u)$_VTKHH_bBTK>S+~ zD{ezk>xHsHCD3dat-w$cfDPK+AVJP9cNTy4z%^o$skz5{BJ_qj#f=F=Y|KFnJx&el z^$u&L*B=ldQy5z5j(C2PpMTV5NS2~u5KzU=o%+QBucSAWCN#y+e4|JlehduO`kA!- zU^c1Ql)QW-Q7Ssfu@$Zx_g7$ghAn)$Q7fJ8xelK9U}=t9R49^aSC5TToF4erdi|6F zNrG~t^;fOHU}w^(R$FtP2O!_U~#)x*2OhNkAG3G-x1OiBt*;VYdJ zrJ{BEC&zc$ONGcuGP9LajKG)d?hZk>VwA)7QP(6W*Vq5jX%MA8HB*tJWKB?p`sNh_ z!<2Fcxk*qcLl~9#<&}<y;tz931e)EFi%I!&I#yU$PNe0rVFJ!;vuZ zo*#D4#!hq|aT=%-e=SbUp~*dN2*<*Ta}^&_-&Z%O44AxUJZw()>Jt*3pI(V9U*a+S zMQ)Su>=n+YFAWXdgRcfw;{p@RWQcQ<7xn1*??zEggD}Os2{efst@|EMPD3kpa^*hI}iNQmz5_cDqE99>`X9J(~+=xuCa%UCNj`v1cjeVBmNRjTT z+n*6Xl%Z1x&Q2Y`az7e#12rKqt!wrEZjzTf>KKQ{Pn(+(=6LgX-p7Tr^+Ib#jzrme zcbKry3IjhZ9Hg8)6s;eEu{wk;OIK9vJmcCW1*#S_rrYsCN5mKa&Nf%)tG_243WPLD zbIVhsceS;(7+9OfZSy(nCJ&4CWo5$tG0V_O*JuqPI#b-(oS<7NjFIdq8&5^zffs=J z6AhL_2<&6wMGM^rdO#8zJ9wxwV_RV;cdI)5ITloCoNL^r@}tOwq3Gyi&erB6aY<+X z>l^SRkP^ruu?Mv)4St++l-yn4+<)Ct(-Pe<8)b~CX3CWz{|BU|NUwtyN9Sn<9M${PWT5`qpq^lm}^3g@u>`4Gghv zTR;sGp)t1g@H8LYQ47ewUqx%#yx&}?@;8Cck$?0j+KM(&o*rLCGJZ5%QSb_im#d{Y zUk38@3$$J$DU8-ZyJh#-y?J zO9}9=0xSw-x!6eM^RfxP^*C`2S8a+slVp&Rm^2)$e77$*%Y8jgs6Lw;J=l2K;l*E2 zCW_&KhXRWKO8?d*W&VeXhYJbWl#>cw#C{&}z3)T+v> zV{gmow)_fZZ14+wkbTADQfjj(^Y}2*-R=hR!LitIk-Jy=o|&YlH#rujR%T4EUR&jk zGS?uYeXsqi@0}KnM!HD5W7g&CKdO_|qa-Pqg~>|QH`W4@jac)0UAw-^Cjnaz+?8I{ z=}&FYzD!CenF&Vi2w#sk#GB~#N`D{b;DT0R$}llWBNq0?lL~GZ;`H_UnQsN#hDqL3 z{q$r7jekJdsgU!{oJR*`iMHAr7y@fAf`2unP>3Bv zBk%2iS~>e3a(|+M8TJp<{*HLv;ME>WOBjuZb{v|_lPN7ogMIh@G{1p}8~&cIP-(D2zq{9J19q7*^%6P! zD>4f~bv|YcN*pY=Lm9Gzf9yZ?8~QW(o=Ut=b>4>Hx(lJ?%6$Mbv<@M^9zRVEMm;5^?SL5$F*nCEM_pN%D*WV72CV=;3q_&y>d6+DjYqG&ja!x)*2CMMZ!-_zUQb)`=5irxF#- zwkUs-yg025*ZKQ)!Ou$H1t>C@Xkr>rK0rC2@9WQ;7Fk#EXo{1U#d+u8Q*m(GeXhzQ zUKy#A2NuI@1L%#MR$~|R=h@LZ-@0Y1#%~(8ujZFIxbL($qm?O~Do^ZgImJ6pFD_Fvb>sB)l{964~^Ug9VJP#jFP%DKC{19+Zk zoB2BZo>A`a&3Fc$htFeebA56f#|ILk71rq;Fe(rZ_z;RaBb;tFWYd~P{o;bxtCTm<4d^$f~w>f44U71l@Qn2KFQ|6 zbxF{23nGy6O+T?%scqi*KyY$3=+bl-ljc$)b^1NN-vQISIZP+<2oCU#;)N~q{;$cF zx474*pM1h$rmjOXrLPh^Rk=}B?NBs(p8BM)X^St|2cx!`_W7))&7DJ5_pYj-EY1oh z{!e?BW-lPi{BDlM*#^9F*6rX_AMll4@DwX~ZN_V+5#({BVW?nl*40AJqcnE%D9+DR zM^dPqI+nPB-+-aH>61Xo!Gtdw+|9tV5~JzMxy7j)iS756fW6P7LxGKBhv{~!!)1mh zN&-ejdLLa$DOcLDe&yh2e!#U8n#l?Iwv?+PWDxcBcm z8oimV-uYYP_HOQ1T7bhV;wjgUu7OmMUu{5Am=I^FlY0q|BWeUQdS*UaX_+)ntBVzF zbT`7^SS$+f${46)fxodyuQNTz*|C2SrHTCu`O)P^`-nU3!J!m$H%=v~3IWB%F@dP` z^r0nguB{MoJ5^Z4sHBAL*>^`?0X6T`ADB)NLhaOEGyWO6iQn5^nUYfnpV&FwlmFci zD8T3GyOM8;`|VuNwJY6(pp{%11*>o5#cvKE90%N2)SMaKd(fY-d=EUruYNx;_d57j z`f6VUGZ{m%P-}QB=6J4;+YKbHo5GppK?9Yu+FcpNgT+IKxZk#7)Kl-vMMlD4Y9-%g zP}xRV4`nEQ_lkQ3McH@+~*1@5O zQA^e&2dnI7hR&CF4`P+H;CG_Qw<66pyBh;h%(3+@x1Sn8dKY^G3%FNf22aANj%h>KKQMp4k z5~8Xyte5Do=7u4~zt3f8#SRU_BV7vnpA`tBIWpfHe)K6L(1}HMdOTpbEDPVHINk-# zQlT&zDeCz9#fY89R)TB;n)^4_YXCkPP$CfG2=SI2M=6R<2V&|S!eJ=wk%|gp$ymKr=UeSn^(mxh>gcm{<7ra^m z-qO93kEE;pkg{Abqt3NtD!R!wDZ`nIi+&=u;(lEFZdN()U5p_w z$ep6_0*r`+LAo|3(zZhxW`$y(v81c>Uqm?*qIH5k3_9fr4;@^WZ%G!gzkf#A8L^_X z(%&NGV=2pI%~B-UWn|xzW$c8I zJv$8zW*C*-7_w(3(|fwE_sje7e_j8N&UKv+=hHdYIrsVfp67m^=f11f1Y&yedatoA zUWN0*@|#Au&treIiipyO4i|{VUy65*WNg_(Dsh^my|v4HA!XxG>KyX+^E$ec4^xs9 z@s`@2x&^)*7ftwly|kRDg(24mYgWH)Cx6Gj(fkEppmI@GI_cPIY4_qzOq!GA?bdwZ zVefQBg{fKB(^jjb4{sBg5*O}?%@afAqUxX^f!Q$zTDB(T+vCwY6HA&J0^)Z9Mk~q?JBrJKc}5ue4{zn8^QSp1JFF zoBbx>877&BInHb1|EQ9mG5d*L2;@ zXFS)+_+-y6f$LeO0UPY!7BoScb3D^IX?~W7NXS)_Dh=MhFuO2hg3~7cN zxO>VaadBPh{m${!@LU*zCf?LwA0jDc!P>GXg$q?JEAy+sEQI@V3dWp9Ud4Catsg&8 zr<}-tR=avuf!fwi-7OR7&G7tilfBP-kx8~5kQmKQNzBWF{YJH~zMqcYR2$WNb}%9z z-y16H7cggmMCQ~IJNS4x`1lSS8vBd=9ED*s#52CU=#Op}1h0Fs%;>*&X%kibT9-yX zk(vq~=^ikaYLmw&YtyEI(Z%T#34kM>_xWU$@>Zr@JqV=)w=%SF^hbofUVA`yp&Y0D zx&nVgx9;Q8+WH}k84-}PLxS?tn3@dq@`SWmBzJfMK>?iD=JdsdFdud^va1?xi z7&{%0YmNr>ZE{yw0_}`_y3!o1$W!`_1VCc_L?0;oJaVv>#pGUni ziW{jcyJ(Z~NZ@6Z?m)Hz5UQ^Do`bC~rOX?s6*`^jQfER6V3C9j=jAsBHPhl7)_p+N z@i20&J?qlCbpN(31C1W}cKmbg{P_0=b9W!y{L>NCPPhMs8$>?gF*tV^;9H)vDkm6d z=dvs0gF&*Ux?4}%xa?Ooz8OBj;_+L!EE_9m%tU@43}sN@mfu_qbP@*i%JSu;x-pWK z_;d+m?9K+M@#!$g9f|v8V_9PjI}-}wpZmxj$4Rm-Y=A%eBe6f;+2L8dJr7yRj0Dre zMyo3d9#Um`xMrse{ljlY6%Z{ZXeom_lxO?h>psXX(YNxil;N z6%Wa`<4$c#sX0}6<32)sJ_+6wAmYG}{#gAN&P6j6xsxuCy0e4lYbmiCrw&VN#Q)x411a**T7F2{}{LLI#Q(g_}nUsK?yxN0VXrD)#4cS$3 zo$3t<<^F2{$$RRqLs2#74Y;pXbuj1UvScr6^d4MUvS+c;2|~AzFt^%;bn0F{qE`~7 z?jjvWu&gRN=G9U2{VF1R>L71m8a)w6jiAB$v?Bq{AL6OBP)hs}MQO|w%D)ef$GbT; zqH#azM7)wN@P#TQ$jY!AaL*h4`a|pPuI3zRhD$TN{oL5_qDKzULDZ{b@JwAoZ0vr) zl@{UNDJ|!$`_*5gLaEAvJFD@xND+nNyR#90L9mO9=zeO`i2Pp33Vn9UQ+IDS_<(}Y ztsc~2;C0gYR)v41efWWO_zl^#p~}#&7rt{0dE2;ORVj$gD$q6eMvEb;4**e4h=^6J z#@B2L?Hi8AjN7x0p1ByK4{2?E$u)u>?w)$RB~%;9b}K=pA|0rlRx8d@X+0<1mQ#j7 z%3ZH(wQ87KptK;IM|wzokb!rQo;#U2nK#d4`H=Rw843c?g#tP?)xJgn(xU4)3Gy>c zXJJr;#!^FRD<&3G*0=u)?0H^ph#8!m4$8}4HS(ynwyjFvpFcvP7^nq!;D%T=C50a% z!IC3-*PTNsbIYXhF{l{e`eNctUmvko|3|~2uuS~mi|L+l85>?VxN;4*v$0K-uC1>^ z1^~T_x-UsVgV*Z@}!DlNL=*7ScVa@nTCM1W@k#1>cdN>^=HG{6%O!IzCa z-4B<4f3{t;+RE<{D0JoFMo9C4?wP^0l)3@)Vg>E2*d&%=kXM^DP9oJrz%5DbT2#pM zH4Vqjy1@H{5U!Q|Uxg-~urY*m%$AKLH{D$tMOIzIu!*y;tP$0}E)yT=rlYE(x1^*n zaJ%AG%mOg2Sq-;9KY7?&;w#Ws+R?5a1puIY)Pdnd8hQS)!YdgLS&1%o!8Q00dhs?y zhJ5kBm{|oA*s40R4Lva58u*SlClq!Uj_+{cO?5x3lQwetaj1NYP5HG9w?yskafVm4 z@508D=>>&I_@xY2i8uor!cvkp|KLZAZ=DH~F5yCJ?ugvGpIQ-+FJjA-`|Jwc=Wysm z_?jW4zFS7Z!Cp$``T(B)?rw>TOJB@(G5;c#%pv`_v z4R2D?l83&>4hFxyu6a?BZh(X`aD{08ba?gz;HF~y%?ulTclR*Uh&YIkZU0jN2G50c zyB7zwnG;=r^NTIMZIC|)MP9I9#%1{z;~!qFpE!BZG_27lmu-$!wU1Jp#}@0iXz3%K zRuWR|m)`l!-w@%HJSO^smXqZUCv+iCM-#!(@_%IHZ---9E?r2MZbv_6Z7`4$g@bCX z>m#yydaKJ7d26ibt}u$f$mYcODlwi*=#azeWIS}7J>L(&FHJIH2FkD0WTvhx&i2ii zGraBm#M_yS_h;Tas4NqrXIiTp+H|cxn47eO&VHz=X{gb&vb-xc7wAlap8PP^QA|jy zu$I{uo}$nZo1Dp;xlQiD?(M{Bq>08O{>{Bj8@K%`Yc(S^7@5oCX4efPBPgE$v0y)i zHdJMNb?pbLP5*R>5PDbRo2_;Z^{nT5*->dsPi`ig>~i%15c{WmMml)9Znw6`3c?7P zVH4O{ycQ}t^^9DY<&_!LGf*zv^Tbl!lGj6~&Hk6GHojb_V`iW)b=j}w4QYCDg4V$SromYPvURW8;^`DaaB)<*}@f(OIRYw6OV|tX(F_0+i3!p zOxjD*D24HJ{1oxSTp%6I?szmUbzO$I$!T` zW|z1ltVq@R3v#mnTsvxfHV=OR?CfV*pmW2vn^U2Ky{K&$8HvZnF*;wj%bqb0L0?w- z^czzFM8Ns^<%tb2G0G%trA9&`6wsg&`B^qSg`f7I%AM)?RPhxTdIj?^aP;)F*R9Ih z5H*`)D=MWPj??O#kF8Zo9`Z0R(B2G~>L zj${>dM7K01>4ZGq`~_(#eKOH@VN>QBJ?oD4VtWN%7M5nXaVI?Zs=poDH<0PD;Hu_O z>}+t4?)!nH-x+3pX*Oyfdhabb@nHO2PAuHK@d160`3XCTW+YjZ(wd%9A0f_M@ik_Q z5erMav?^>GZ28?nQlmsN<i$O(-=`?p=|!z|S1Y8m zyO~3afdEB33@WtzYVQWC;Q13XOM>t1z-_KPhw(qGOkJCUUb?k5fOn5p`pdj}gvuH$ zzfOLQ)V-&wmu(v|h3R5Q&_M`*UI0+j;wfrd_+O}fOef~?)OTH`$Vj7=7fuHw3lh)4 zriGZy`NR%*9*%V42A};~rDjoaMxaLorJm)e@}w21EC&X~Pj{fG`9s7vLdc;YAXGt` z*35Fza$(~#k~1ysmmjR6N!)6vh7e{-e>$1`!x|aNWvcr>-UR?#e0+WU4vsN!jDcee u9An@Z1IHLR#=tQK{!bX7`#W8d*)0bGj*aI=$@&oCD|SfXz5iyckYp!ouembknsfesbM32NS4+UnCo1YH z03IFy;Nkv&t2y8iKtw=DL`XnHL`XzTOhiI@la%!Oby6A%${RQ7X&4yjY3S&fSh?Am zm^oSK=r{y9IPdcC@$)gV3yBKxigNSv@&4%qkC>R4l!WvaDd{a!2!O_XX)63fj?CTfuE;KAWA~Gr| z`Td8K)Q_Lia`W;F3X6(MN^8E>*3~yOHZ^y3_k8c|>mT?rJ~25pJ@ac8246<3tgfwZ zY;K_r4v&scPSI!Qf8@dg@c%9r?(y$}{SR_c;pDnTK!8s`{6{XlYd*M!Penj@Ta1YM zfex{i`>i|TZ%Jq#CVsB&yv`}1i=?%FGe%0sB?;$7{SobNlKt-q7X1H6vVREn-{pb< zH}LUrKOR0600Pbnqj+dIdXHBcy0CJ;v|LIz(UwN3^qque2H(!rO(1(_%eFu_w;m5ge$D^!Cd2@sQ-tr^? z9c7w--!#;f2!*(50G|=R&GPJ@b+Pegh7#sdcmm9EPSR%+Id?!SFQ) zT}^X>rKPi%9>4NvTZA%eu7JVYXKCwR7Z+q2jj!O1p&|@!Vs6a!Co<;~cSb%7^NH#0 ztonSY@%J}Og*c!L>fpO3T|#%xcJq>`cRtgs>~S_q)iDXzo>7UX^0z4X&=?M)Aj+tB zu?O4K(8b~_0G$@Mz8oL9v!}~<{HfhFUzwd9z3ZhVoIyLMB5;c?KwTNKlO=`n$nlzf z*?l8^UiAv-nR1S226t*?v%sV{ef=W1)*!v?a1K%2(4QQCHK+ee&n#^WUW#=qY1ov5ZP~YSg_O5lq3_(kRhhP5L>^a3G*1S8 zUv8=}rp#We-8_8xsu%B^4SZ4wu|1=}RKUtxevKgKV~0P;SJ(>uROg4M(RC76v&s+? zT-dce5sA3BStMghuDmBSdX16(w4B(crR{b7X@b;*Dc2a|*dxg&-EZQ0;&RK^4 z^p+}YrYhbQ884_a7N!+fNOqKMAllYGt$UW+N*#^d>P6H`gwkf;$h%_q=o1 z!>=`u-Ah;4L4B7OpI4#$#PXCZ#;c!Ys!UV1&$Q7QoF?&V>k%SzA#dA|bfQG6_}K@3 znuT!xf-iQ4?BFW2VO-#-yD#kIeOvp;$mNOiZ0!mOnl<%WYZ1az4x?Of18HIH0Wy9-aSF?09Wd9*xVP5#y%ZJ>}`uqgvML|=c8nugP)^8`Go8D z_n(CNS3HC0vG5yv$#)n|{0P&Qn<)w$&KsMM(u@a^ z|27NL8WCO!Xl1IM-wf?N9K#HmPSjYwc58WXBp14I?ThZ+qpD{p;!syFAp`&7hxJR1 ztZ2Z%11x^Pd)lZ3ZOL-}N*PnYq@#Hx|67GAzjUBr5)Fs za+tNY`t+J4%gu~n=zeAU@utrogYN;?4AiBUU62)9JF5xhI)tX35sq7S_mx*k|#}xB?PQ`(`~VAHP}V(bZchai ze_3)6@Q16gTkwzcY)WNHKWLe#$RR8ICUFv`VAGGMx(4EJSvuCBjL5nJ?&bWTAEt1q z1F@Q9+g6U(e7Bdh_u_3p_)zw!A&a9--y_HAwes5E%NW{{A@{<|lyw4*pPE~BJC+2{ z$!*Kyah%aFV;Q1%n(er+0Au_bEKytZl4O=`do6S`A39K0>expyAyt5JA@88ZJo$<| zX>%_evXZRnZV)a4Rv%#NlrXl{oSEV_$8OjC@7@FUpWz>zfPqm~q)=x5@-4n%_)+8!wio1efxOvbM$C%XcWZrun(0>Jxq6PzA zR^bI*0bU+YlXc=$&sryr0fRDpjnC2F4Fj|saen@*_2!}Dcp?^w`*vU zvXB-!&Ua`@d$gNXM>2JEu!!2{I8rD+&!kpth)~QxW;L)!NWKlA5h0bR*|kaj?&D{O z30cNKKUHy~rNzy_Vr+_GzGCNw75}=bK=$tPOTA1ymNCAs8*SUnoBQSeN6Sb1Magk_ zOPNgNCyij18$=f5E(6qqL1*6z1CoU2LJh^8etz)Wi*sczIpVwHD`>LD$Qq(Sxe)8o zH?a77tzL43W~dwkQ;4ZC@l_68$>t{}h;8iSiMKd1cQA1oTAm+tVQkhXxr@IBld~&# zfO(o|W=z+|iX?MY@ZDHR=mFe!`<|?wIGwW!*A}4I+z}N%Jtr{RZgqvQZLQ1&8Dj%I zL7LY_R{+>&hkvHq+}O+Io|RB(r{Im7ac|z>dnv9pyFBkaw<~&CKeM)FOLb-ovuO*r zFfA#@++V8T>7J0-%yv@Ru1j1KEJ7Za77;Rl)bq)CM;T zIAHbdWxlP`%yafpJ8C!9H$38sGoOvT&owj3j?9;*zXB8+I?&XU(5`r-J?4A?x8!K( zPxd~0I%H)v#YRZkBloM0(T#4JU0jJKF)IXBID$xR?ugskoAK|>zst_R)8>y`koYKx zpd%IgSb{o9%*{Xj%>U`fK!ZwgHNYTqFY&M+#UfZk9+N)jgIH+mIB{(>O&4-cSRoES zlXCvoOGB453=Nk$h#c7{qSh4X?k5V9evRZ7IrWIKFEW{0Ugeb$E2Ro)md8h^7tH5=U3qvB|Im;CXJEs^;c z)<5EAqi;^lX|XaWKRzsd!K&WG4ib2Dir`Uotm z*6T#(D#g}S21zkVi!2K8oR{+y-d~}xO ziEa2t_lxP?zz-`DAJ68@>fAhxUTL^gZV`^8dwFV8C9XAqDlD2%LK9|k-`zbUln_I1 zsPe`<-3|$xb|))WR=t-jNCC3;wKRGJinepx*Xs&^nqr*5$Iko5+hx_!SYKl6#Vlvu zUzB@M6;d53B)R*IyKH^M5YfrPHWWdL;6Z=;qkF6advzs-z(h zhD$JZwEEpEpvvwF7)@z*i@-RgEFSk=0d`X5S3q#TIv>NGgKcaeE@5mRK~G?3-w;bb zhc4O`^Oc@RXn7Tv3*bxMP{g{2Y(}jVvAGt;KYD37as_}q0_3}&UD%FbE;Vr|T3U!G zrKD6cYsdFqt?@FLdWX0Er1$(nZRUMtb5Tu&F^GlPI##g|ca0&h1)?-{>(;}UJ{*;Z(ngOC>;&yPVG@M z?!75BWq~eAMV9{lxD(098S>VmEF1-_g=HKw3k;x`-j7MXSQcynUianCQqAmDIFs%me(`^Du% zoHNL55&-Am!m=b)SAMYVoIM`T+K80l<3`iZMexDF=v_&5@6Rs{#Ihkil_MHgKs-qY z8|apq$h+=>cZ1U0t}OU7F*9BT(7qVoQ>KM$Age+Wp zvRIJVj&h@du5Y)0%TSKc(pAHUbbnZpufI=XQ~i0r^024*6vK&S*PMxVVHS<&Z?cow z$U|0wEZn`|V&#rWLq2!Z@acEj4g`jbK3P8Rn7vzNecE+fsv~B-Awzh-M&epU;wjF~ zB6+ZPQ#$@`XnmL)hkFoXAFtQt#Iv7NpbKU*mM8)2!<6j5pWo#3(6*OE4C?j?Dr!TA z`FmvF-?O?KA+U3w^Yf6tR`zP8hk;$4qoTn%l)pDF3jW;27GlUcUCN0wo8*2@hRWcj zuKjj)B@pSsHgw^GPyDMktv2s=b|LPsho{bdAB4-T7%!%!`b>5p_}J3Zt?cQ>YV)EX z(3C~M^YdviGzJDG$>Q#tn}>GPviDv4>X{z)fm6;${2qx@%ktg%GIcU&P4{niW4fBU zx{F7r8lrqhRl1gB{L!PEE*O!5N5#?8wJ`%pzpFeZv2~yQ^Fvmp68LHMzR56DMi0iR z>7PUL;-4_xwC*y@*lPJbm-)(9I#M#=mGgt$Dry1uLunxS?RdFnu~0!~NwZakH^WFt z<%ngy+K%xmr;k|LwRQ%23$*&5g@Cw8t*ljpr%g}uzw)D zLGmEPZ|t+g0@o`bJM52*g^XD&YKPIM*lLM1Kn!ysZzj@p#*d2gUf#It*47(nvRoTa zZu)>JHBNJPhB#`ttcZJ%$By@V(U5bd@?xY_90}qf122GQ1huiJEM922&h>&8I$NO; zz(4)F#3*ckU*SRJ);;*05V>#iGt4VrqkNi1D`7Qt(H8P!6;h9D8=8dfJnS<1^_m&~ zGiF<$J4NJLr;Us3W!g$@(nI>t^)@^3qDdlAhT^1+k+``bosE`&LDg%VU$JExv36OCP5Pdru7_zwpc&2Wi>qT;kHBTc8yI+&?qu ziH+GvXJdZ+_XakX?%%t$R%>Fzfwq-{%Y@P9PTu7)c{dSRZJK_P#WGfB6n=GjTjne& z+0_iKAHNlQsc|+Xds?X}IHgqXT4Rl^^p#P{_pM?k@+%6$dE5iLnFhM-YHL+A%pX+z zvb+CQ8=6=ux=>oFDZ8ev&-D(||A_bKIJZL1$x7y+CC^Wf@AmUarX2_#w)7BZgH1!S z6BoL}a`}nk-Nb3z815I-V!y**fB%ss=aomPd1#)p3eG5sI_8e=@!(`($d9?T!Dx79 zm*nMK7GWE|@4^w6fx<1lJ&09wvJPy?-VQaverLKNq!P1de0rU(=P1_uHt%Jg{;jT6wRg_9K@KdOr1I+fNt`bD$C1lQaBi zj^oHo>iUv;R4lzoR&2&w&z%mw%9eGBP4l=EgEO}2sU<(^g+}G#_f5C1_f)3J_8j#6 zSb^R)rcy69+Y(_RzcV0kYn5Z2Yeo%AJ^i`X`I8IF<2^BO{!nt*(bY6JitpdEIRC{^ z=l>Oo{vRRHOktV!#lDuVbzw`Yhaw+ycBL4`CE-_qur_q@T9uA^uZY3hd$moEH<|p& z3x6!)l>Mc?9dbIVPpANPYach4q%*mp3>67`)>?4QYwMSRu~s}6V|=CCOKvy#erzzk zx#Z9>XQeUrCfl?DX^u$_@kKk<)7Ae}k)V0OK3<{a?DpDch+0kcG*wE9rl(eX4T(*> zKYuUXVHZ33Vgdwb9D{Dq<2aMRQ0Fn_RIA?uSHL?Dl`9~}Jp1yTrUMy=i;|CSe8rI} z59^9Qe;2#Auu38spg8Z{ZA;+1Q4-a_qVpYFaShs{tMgF(x`TGhcT@HathrsA$~NkI|kw%C|#lbd(7HnVR-=*sJy!a?9ei7|mNM^CUSGMocCF zKQ(U@XgR$o!$n-&I#&sIsRdKn*xx$GGT*5i~Eh@zI-86Xd8QCi&*80BJ38fp`j!Q!mw zTe+)qtZx~tcAV4Dv?$6R=uIi}K>ux1qa$Wtt=S9}1AW1s@|Wx6@3!1C61SDuzAL|G zzop2(kxj9;<8s`h`NXG1B}u}ONfb|wSS~ZbISM!KjQ?@mPXvB?io{~crX;V|`9}}b zwt&|h2z-9z8k3e*^G5tMf*??pK3eDtw<`3A=2)u`{Nmz5z3{rbr{UV;4RaljZ(Hh| zZ^wfax}pw2Xp0UC=!P{e$Y##QN}EI9$(!ba`!rLvk*oW2LU%rXJMh(FW8tr6@FLC= zQMjK&4*N%S4X(9Y@A%208{f_BotDZ}Q)VdfE%- zbH)$tS{uU_ZcnYgjy_8p{DQI%mm*7cv#Q#pH^i$y)3)f{&3;NW?11kS#ou~5opLDn zeEtDVIi8;Hwd#=^Nj&TSu$~9GNCz>TX%#_L4tA&Y+@k{f`NZT8F#E=`1Qoye{^eeW z86{k5PY*XFWnT~4%=}Yn@)`!6eD6*fZSiNsUvjQHR7s&-Q1RVa_gmAti2TXbUs}<& z4c-_I$`EIJhe&EuRZx}M#C_kw5w+i|$bkgC%b9AGbF&w{Pzr-r+SngVy@h=vV(q;@ zqGK-I4W$-|Zl%oIeo>U}0UQQ<8XK;@R%pOSTL;OS@K$>CEr@(Ug2K6{>l|DQ>*5~A zRMeCy8ZEul_Ro9(hZE=|{McZWxE1Pc2>IAnR$q^DP z>$)dzDzS|y`||WzM);j}ZyqtHlPfN`FfG4scwTQjOz~9dHBHS*$jGB_eR3VQ6ggmE zXZZVeu8H+HV_~>X5gSR8I*~S_5noU>Hx1Y?uH;!-YpX0cK+-k2ViiQU-|8-9G)9lZ<87yU=GqJoRDDT)mhsOTf=YVBy zUPEKp8b};wv>Gon&rHPrvE)C!m<^x3muWXUtW~1enJGhe$kv%{(}2_it32pHvyWSOA_+aAO(RebOB;NT=6#Y-8nQAa@TW6XC*di{o>vNYbmp!G$-AP zVc7BYp7byuTX4&agJQVpf$-f6x20XRup`@`)zS?6e8D45^>uAV+;El3#hVBGUe5K9b8m!Tt@GqrjX@m79*`Infr zs5-~-wne7xGCmv{XQCB!#44a(Jz7~2Gk!)l$1QjpN8-xJ=WJcywtyl=&T=e|ckQo$ z`l$)$>;teO8!pVGy8_02H}E4bv*g)xz{y<}Ld`Rhzubg{fCJV+Tafp947;|#7{~^f z9@35IDhyYNU?antvS*)TA48e3?B{&jMVIj%E1$M3Pv}#xfXCfRZ0pL(o(yw8IEOD| z8(2N!1lAXW{49IYLCk|9v5V#|5%hjh2l!!#6cZ1ur_|nS=Xc62d(<}pcm6m^9~oB;&*V=3U_u- z$1wsIHy2PDPV3>JWN-}($+}9f`%>B)n!>isfVhcm?%ir@?921>bG{1+A(1f z!j-X>{sZ3Icy_}yY~9EA;?uLm``D6`qwD&dj_bifyT4#2jbBZMBWn400K`nh=pU#~*DY7crN!tAy)cy|3 z5!cu80&m09a4=95oxZ#uktLDZZAot7AgEmvS@E0mXAZo;Q8w4lhSfg_$SXtNLhuCd z&-3JV@4U<|XN#eYBAYcaKT1Dn)};tr`F8nv!8IojDoYShfUk6q4g$WZhzPGkti- zZseUX8vM*E$!v*0QxHEef{gE8WQ5o?DsrIiRR~pn;0hm1dSU4!AAzgi@V9@PZQ)!w z4Yl1Md@CywkuMz-Fjq{}ck&~nYQ=e@Lbz*AW5VT?ptVtjOP*0~tje|07(9bw{B^A$ zSW)~Dh~YOH)Z^Opagw}KQ)a*Lf$rRzeF#$_n?95Gey+iX0a?TNcSmH_FP{Pj>YO*OfN(Pa&*|_4j9M#M z)$~~=XF`T{sSEA)e6(o2MgL@YT#*GmXgK3V&i)J?QlMG#>)ybUx$cIj3}fFO_Ju@9 zTsX(fFWG<(_32h_wpOGM9NieAcoVF2l)hbSe}!&9b`5ubUxcw!csZ0qv_p2o)zrJ5 z%<`;FjwV6L>v{P;pBHm^c&TMU%j%5S_@by zlU2d5U+d)L$VfY24}r44r&r@2psM4wX7pR%H+mf)8m)S#iTBjA=C5zYeb`L$EaN{UJ_tLL&;Xrb2wG69sGO{0a+G)vT z4EEm{sdSLd{1&$$b6E3G%LoVF86ZlCW8Q$zf&<5~oT$LEW#?=%<6rZI(bw|RU2N9SOOX1R@^ueGB7aNtLo zO{wg#X+=7eN;W)wF`~lJ$E%+TCKJcH=;KQr)Y1}YkDoS&J?kBXz>EjtjpM@@yJ6EgmY@k^Gowx=PY>D^x+Pv|dph z`4IA=6-77`Hi|Yz%u%G(i?T?klqFNSgd~^-``$0h5=PO7$lIbQJIml8io*1lsfmw# z@Mj;94mIm-RVOjnaHav9ft=tgpx5%|QOhA9B!ONTa;#bGf%H z_Hhc%LsGGizO&tpe}b&_Bmbs(-O}}gGhugg(zh11@}Fk|_+J>m^*V2{(_vm9Q@dl$ z&`vHq+R;1JWrBVIwGU|xn1giM+-JsHIXiK*%aQplgldGmrH^xo;-_M+K^mRjFk9gb zl_fI~WY)V;;#vqJswl3m0^+E67a6sYCe`*yw7)svd*h7)eQk+qhE92}<>vhuMF3af z77I^z;c$Y^wrj%XecM$tTS&GWm{Tv#hW$MYA)@HdxftbS?fA!alP~TGFsq+5j(K!= zi`C6t6pgpQfU{IABaR*!T?Qcyapf9iLy8g*!Fsf#Tj6@oBi+_EyE#`uOlEOjD$h^X z6+mo6@x!SQk&2a4w% zCwlg7zNf~0c>$Z-k%Bwr%h%nj)qd;2)r2)(o_wpSP~N{ekwqK(|;KN_xnN-IG$oYc<G2eu(A_RQ57(=P8$>;lNMU6kdN_2_7qtaeiD6)=-;QXMl&1EG1gXLY|{>aEHb+duT1I?7B|UgucVHeb!^)mO>Kmgdhrq z2WxE}SjN=Oj-y*B%1fLRx&mUgiAHvDWglE&7ufa}I7QoDx1@vc;7AZC-0lNHWH-Au zpzVcQ^<}Evh?qve<+@DYsY*cE?+(Y0t)>;mztA4tev)Zn+2D4soV?47o@hXr)gXz> zK#UPSv52p*(e9S1sCSIVR5>FTT|xZVAK3?-=tUfuHl}3`+6lnT$%yV1@TIlm{4Ns; z8iFN2(Z?LIJ_g&H$yz4A=4>%&N|8*tXQ8M^AjY8JKHXl3ezatZ4p>?l8ycSHzQB=R66@Hv4f*D*`H1vGyA`LTS@kt zpAc4{qG-Sa63wC1{ue$2e`y~d?A8;=i#n;Zg_EmZfV5*YB?eDYL&PHWsG9J2Ql7`V zIUPB+lVePpw1n5cyAM)r)i}-E0Ntr0{#(M5-jn^0gymt7yaZhJn;eMLY5II5Lgbe2 zq{}e+b|h&x*%jc=lgiluP&D!oIAbTX57b1U+iR4Uq-}3n<4+2%fTTybX|WWAZg}FQ zBF7J0KqtD+Ee3q<6zRqCu5J3Q17D!{BXA>7b!Db&vuZ@0LQ}IZqT#nchxspd-QSml z-r0Dy=sM`^;gbnh=%j_|g6RNudqg~YbS4JFfqI%vgb64I`}a}}kbf8yeDfpcOKhqf zH-59IO+RC=f|wHf3%jQHh{JoIkc&OZM)BNB6T&xC#2Nl*?a<9GyA3I2xt>_n|*fj7~MrpVLi zX(PckuP9?$4U+ta-u=Y7F%^>@r{JpBDEr=hB8N1t25-N*_9EZf2p1QluX5hMq3`^X z(RM-d9!u8b%qIybid5@DIWg|zFR_YSxf&n(kC>H8J8GX_0WUEAV|9^J?IZQ$I~mj@ zaStgJkeLF|6FubRNy&16bMJY=i=?xJ-e2ERj2R?j6vD(d5B=R21IIxW>!_;G<@RwK zac3sG^*E_*Nqgo5zbriVhjOFDRVv$e1U?fQT_f4!b6(R5z5-awk7Dn#Q=s>E=?-S` z2n@4K6=}h9{P7>DzV#Cq$@FR!Z(A~B2n%KMuuxvJniuvP*!RHgOCNubPR0 zSQc!Kp&PnUn<=9|MhFINCFOoqlFW171h3TaQ+9cE%| z5HEf&^reeeg;qqXL?EPu!^$sWozVS2qpzN`oIMmK52aP)1uq)6G4Cuac*cHw6ZXO; zy6UM4GwNEkqFBXgcU6qZ)I##d<*8k6F9cA&F~GCT^}BmR00y!JQD$<&lNNuZ+fTW& zA$Y1%I_|_{yy7vWLHD(0d5n`f<)6c2HCsyrZ7+-r+?wK(EOQ8-A4-KH74Z=x@g_6T zcXe?^+}xA4E%e-XEIY-aOHv~kN9hjAc2Vb3S?z<|>GJ&hjFw5B{3}$y)fnF%Uu(-g zF+iT4sCHWw{|Ln;MzBB?lGwn~6}kUKBT@y*DZGWZD6U6%&9=4bMwqy=%EUh!ibxg1(`=&^_wAXeqvy8Webc zlRle#&kJ;OxO$sO?@1~hJjlOrBbH&m@ff=~4DQ6?y>8)E?VJ#m4qQH9q+S~a6`wb< zWwYwy9noRH&(>}aYaLKzMR)WX;GjXtDhd)oTMyX>B)?e11`c%Mj3`zm?mVLr8BKeLfY41`Wf%!-|_IN_NNxLsAyj--@##&|04f1@g z56qr$IUB?7bUPuv6Vq0))VSRq-!60OvTrqi5`6VExvOWzhE0zXdv+GyJe3VoIRG(0 z)R7G#o_!LUH}cIQ;=JVxh!wY@On*rMp4qi~4P_4P*O5EtiY3sZA)#Teq;dGNJ)5x% zw_5-ClpE~1$&}<`cot2z)?}3nPnt6IAi+L!$KKZgVxBDDypt~NEQ(QDB~lSJ!25Ex zl)X+BlMEupZPC-i`C&=CBZ_nzrzEoDh6sxh0{20g2W?X-N#2qPEFso0N^#DUu7i96#nXb=-oXFAZlStBVwE}RkQ9na|)g* z$I6SP6$8p|0b1Qzq^SK^L0nvKs$ul<-WLS~W%kQTSwtnFF?w@ZixM5u$A+iKI4M}A zOV+A+Vofn_8_kIMv#A;8HMkgh+Wdapxq*$Waq{MwZXE*Fnp4GW)F5xepdj!KgPSiB zWAxdw<*pW56$)pb1}gE7 z8?&$SD1nnWkL}WVY6E`=mzq%0Q<7k0+LIXXSuS1ypXXjIg}v|*J?FJK?yGQLtg(C- zm%4OOb<%9Y^`0T<=PW&`_cx<>Z6w9vku_?UCIcaopT9@ukyy+QP_|Ca>F zB8rIeBCNf9T=F77K%;hI$A-!T*7Kz&1g)|)Ml!sw45 z&-K+LcO&Px=-a1v zi>_ysPfU36h|OlQG44q3JVZPJE2pae%jS!x9(M2_l~cpMz~M-NA2|))(&EiPM({`v z8za&%T(C~VK{8s7SICQDGP8`!{p}jtfv_PSxU+LVaa)l9nUcO#MLy?n{`lo1`kx2V zi)oKeGvnVtl>inzb3z>C!~V4+NU93hZ2rlFuBSF1Vo5xsc4NSMJAyym78s%o+|#30 z*_efWE9q-{-A;nmfx8hp3za(DI~7}y6vA`lvB%MSNa#H6!hbJhV$ljwWCVM3o*z$F z=XScY9{+TsiRJp!#zTWOZ=0*=;^SoBQ9a z=6MH}_wbTnaG+Qs)OoJ`Y?`;E#uq$zjLc6}M>SWq+3$unlnOemwcpRC-doFjC z&-$u4_ytDaY48TX>+sWXc{ghEz)ssNsX5l4uXK(2a{lz{Z%Chy9bqH-(t2xZz_+ulV;s)OpCLA)n2K44MuG&;RJu;9&YX$~lLIQY%ppff{M^7ox$- z{_N1~`nE{bDtGpQt=%U98iCrE$2^l4Y2B#P?tMz|-ogUtCQLHPbbTO=k5ui`mbh#j zF|pLNjuOjAm^@W3+NUcXKB&foP=9l=+x`@Y>oq^roq%V14nxpYQH+v9RE_ zsBF(@=55x)R6f`j8L6(qOdfuD{Ark0g;?R-tL**Xwm1+EvGJkV5nA-%KHUJzp2pG8 zL51>E@z%ZSEImPEm?*_U*(hqrkNz!|5Dn_4Wc~iV%$a_$Kkb5|6uikkzdIQmus!9F zgQui@EeKe`gEj6mL!^*ZG2My{1&?Q5zA*2;XbLa-DSJtwTIVgPP5hJX_GOwEGh^&b z2<9>4=w6(_7wg2pBpxW5qzW9~eI5+CZ;t1su2Sf^UsH$a`MIq7QT)vtU#_?Sfuh_X zd4Js96532V*~n3>p_OIM6m7*Fdr~CUf}F}`clBFVIw~a=^3cr4BrOt6#kOT*gZ&;K z?)DdRJseqTHiL3LZV1MV*Z7kwpnCq7xcu`o|EUP`eA@n{_(9r@Np0ehc4{ALy09(o?_0g#tpdoe-E0gfmgc>5x7V=z&)u2|-D+>v1%IC^wy#gO zr2QXs1OH!eMSqRqKkt4|f6e`0bN`nP{9ot*di^8{JzqW#PC4w(qHRsroTxoBxxOd# zJAa0{q#M%xL0bi2NxIIHKs=lzr}q70lKKEo8xUALX8Ga0Ht|*_?U}JM5LogbzO=RV zakufJ9eRH-_q)eORZv)G^gQ@JQG3(nM@0!sG!B5rQh{iPXJjJ{l6q0?N1s*JVo|>V zHN~KiIS%$G|JVXyDFQLN%sU>rf!=;TCP~io)Y(M=JA7bK9(SOoct~EEBcepi6SJN{ zP8rNzOIM9>V>3bfSdJf|Q%>&7N0xt>%*&O??3}M5En)HLTf#ev{nvVZ+JpEW5X`1W zRwULdR^aj2QB}2(SzEDlPvVMqY}8jIu;=BeckKjB2Sv>MvCZgi^Y4hTU5 zWk#7{03kEbtAz`eEt%c0oZBXGv6Y+CDKn!=uJDwfqOo~5N`G{IOqliJ2nm*$Uok({9GV~dc^`0?7O(hvpZqpZl30A(_snmm6g$GsxR2$w+)A@+D1^;f zn)C|Wq)oi(9b4hkE$;~lb)HD2y*$(VI$X7T<$_d{LR(8~8Q#jk!*0&+cmwI-C|b(+>|(n;is)22<- z@~*bAWH%*xU-ROtM4^8`VO70EzU1w(Ib7V4%HTCS{ShFMW1tU0nN#%=t&S?Rq{Aqp zgj>ot9m&_j;l6uxV-azlBzrCR)Ov6dj^ypE*MLG{6uR9K_Ovg(JSUk>?5G|WgL+K*b4r!d6@Pm zMgwIQNQ}H!w#?^}wqbl{H}u*3-d=G|R=3BE?5D>$6zP(N-xrZnffDOjZZ=ljHXI2k z3U>Z{DK*}7S^Dkg>B6scK8^yWW-77o#d!&8>=W`uW#r>jo{1~T{k^ugk_SN_n~vk( z-imnjyBKV(8e0WR%V>$Ab?1M??Qy;AB!!gH>)_Ft$yuGjEaqoJU2^#~#p!%vY} znf?w08UZYF(_%Yz5HZomrjW?oqQIlYKgnw{v&}j4*=slPybd zFvx27?D`duB@SJ@8~<-ER5YfNcgV{P!m%3Gwm!IVY3c&I3 zzz)T{S4{iQYEt&5;Y!phs1gW%e6#mb+)`FJ0TAeK=z)~^f^LBey$iYgd=s&4CglUd zhptqjHLzWxSHOlI-nsPO6dTfs3O|XQ!SEr5G#-w6wh2}2Jn1>G$WM}Mm!`hg93-mL zr$8yc1X}9YyzkG(YAbYfB;W9gGv!XYr>ZZM-1dtqlrzSQ1`l`d61LdlUl2>w z?bezs?&c=vkBkY+YIAvf8>$2W4_F^mRLwqDn-mU|bfiy!Jw2)ClTQ`j?dqu@h{(_O zwgtQ}v3`c%p)gR7A``CEDA$3>Ajw6L>ws}zSDj6j-8ZaHoBj(+mPFQT$v_h9sO)-d zYk)m`@up+iD@VU1U-4gMpH7CcfPx;h4z{>`T+fbkNwg zYpBO&R%8S_M!~f^NUtBu$guT|H(N%4YWpH3-I%tS3?lO#mVb1uX(&7QuO_L8RU23v zC^K-e-0-YySfcN9vB%Y%r#?gxr58OM!Pg|1=HINXTDZYDcfY?^EQYOV34e7zGEEu# z2}Rs|-a+t{u84?~NbdycMS2Hm3B4vri4fv! z-|zd*oNvzjX4aZ@&aC-k{y|{L^W@okKl{G!>%Q)5(xzQK@gxJoU#ItKn@+(E&u(F-@6B{fn(oNbDWi-5yAQtmo z>VZf$#RDyoGxmMnv<$jh8|tvjJ~-Wxay0vftZz(mTf>OAiEGTj;;HGNLn;OhZUzmO zEli1hazLZfScMd*XcE@qo(`8TAjeWJn;y#Rs7@TR9LRu|B@FArc6X4Zfy!G?k(##B zkP=N$``D`KkE@#z!l1=rdg|1X58wiC78fxky;}{3yXvM77 znteYpZ{xD6x-!#uf@QQNrOYw85B^%@^-O2*rS+g7$dKQn9{H(cY^CFWOxJ0Py1tgY zF3(4n+4J6f`~FFyk8{V*qUdI>>5I;;o3ashXD{D#81^MUZmjt-m5W_FvYXk+e_k1~ zEUXy+#R$5j4*QEO)qg8v(6j>Tp zGslX^`y;ACPDh<%PhDKx%EzO`pRns*(#N>6MDWFlu4Dq`Pbg@q4^LrJ%xeJ(C#M5O z4)nFXy3ZG*8RY6(yK{ts64jS$&t0M1opR=?zMROhvlPx+PW7Cx z*qTc7_G)@_Dfw|@Hm}q={d=@b(m_5UKOx!|9%g!0NlQb5??u;79hC5aaVU)QTD?9V z(;6T+_Pq1{p(flZr$W#s-9@y{o9Q0zRieM&JjBn7h2V7ZrQRi}>Lz}kC#Wj@H)QL{ z5!*a{s~;x9ilKT$MnqoBt;p4|{=?iQxnEkR-be6r80>RWjp-&lhmjekQknXSnVSz1ZE>wRsP{GKoEI>FOv zY7^Aee#Q{F^c!;C6z4vE6F*1(qc!L#SfdX@FxV3l<~<8$A9OhRo$h&PRKmPe_9e$v zU7wEu7pxCeaish?y!jK=fAvq0^B{L|8j_Ro$#gl+VkLF;iR%=?TjI>Zr;%RYrra}g zz#ENrD!z-&i{fe`LqXcB7|*-MClm&3J11uwwrEDdUb#6WxA8C_p&IjqXF6={dS^a}-Wf zdk6W>?y{>(F=s^@*z-j)pXqf%6EgQGesvwZ#QYu7(F4Ylb%ymr0kl3I<0e&!Q@E!? zzf5Sa!&7xlbe|Sb6326wtHon7mESJR1$`QGapAA4dwG9~>P>vm1QSO|7p2p@b=IA+ zK&7dFJ|=2F{6C)3fxy;235>IYeAQybq(AqP^Tj9mtCG7S6@ucWWUt>0SPF*(dnjC> z*eVBc6F+Jt3tGVuz;y!8iz2Ha;3PT1P2%`BPIx%$#MDWpWINMzrDTbT)DJtOE0no^ z1Uu+Hx7b^~1i!Z22!SV(vHntR0ny_t;vMwAL}sr6JyA5KFHruWug*?JcyDYq$0zuz z?&jfwrAP}Xz;WztJiF$_C6B)5U`?B-90{WeI@H;un4nt`2n-1D&vg5>^ba&N_p|#y zgCWeyn}1-Tf3A{$LZM{+D#(=k~zu(=`vi| zgRdv&$|3tF_}We+N$HbMfmY3sSDkHjd4}G_KtVcc+K;j94zCb@4QIzXF*uxSr9E+^ zh-@>HOk@X$6uzDjU^>2@`#;`i8(=z8i6QLMALD+Fn2MoE{#wB7>N&+xdc##Gw%q%p z4t_4zc6~~gwP|V>ZEde!3Z%)<=^itDEBAt+Dpjd(YP@KubyD#OHE^>BxRd1($CvM; z^R1jYliSF7?t*QjE$?{s*-HcxjfFPuRqtifkBDy-Ns)u^BMwj0+T;Gy_ZV@XJ>Uuh zIng9f4XdpR+5yw6VbT*n^9}RT=Areo-6uQO)F+Ox7_sW&pY!%rs1HauzQt+$JbUd3 zUwHV?p~i+;d_(LYe`7-(2^JI=8(jkny8)2 zI5 zyZGTUn^}}-Le-45js}lz2^FvQQ*w_L&zLz*HV*lG`eRv%{$h2CUbpCzfzGI|c76Lh zLHz-N<1?VHv69ygT1%W$5G?h^2N~Bk#d=BOw@ceCZ6kF>3#mK#UJ)5I78xzYH;WdE z?8p*MzCpv+61$rf7OPXi^&Y){Ze=8CaGjk)#pwE3p1d~tDXrEiSZqZMOmn!ryli-z zcUbODee7nmY1+j%5WRUDLQz%_0tQMv97OVX%Pim5VN%`1;;vn}PIP-`^vW~)r@{N>+n%`U1tzxwf72&iAvJNha5%>)L)+h(v{VhJSUO z)$y{{1)vSBev+W9Rv_NSHX<;*ZBtfJ7H=S$@Wxa;FemflJYI!9*B^A*2Rs9Ui`gn0 z0%hxUi#2$`#l{qkaD!8YOK*ZDsrg=6p^teS6${lEz0T|St1gRNd43qOoN(^Si|4}i z`vM}*_wq?D$G3dSj0vtqb|1~0B+RCMG}Jr0Gj}dt6iL(y>f%_Nt?Qq};a=1bpl$F} zq41}h3`GSNZ8Bds1P-iMR)&#nQ*&&liVNNBV`Ip1GfL`5eV!#^=_*;iKaQra~x6 z2mM02NJ%%eRqsCga>U}ZoS>RlfyVP9!vK@TJnU#iFsv(H!`L`*tG$i2Bx)sN`bgw41{qSZ(B#8aXV;BC=@$8$YeQJlu+C0sWu^RS^J~ABD^jE_ zf>LbxXfqX4hrZNS%n$F?^^9q5xX^sR&Fwn%5eK$_?*(XjXW6Q|<`zzHLO;!4i#kE2 zg>=-)zJGXv5~Ha6wJB8Oj@za~Wd(q5*)MOS{~C-inCE>ahgMNIkojgo9+{PKj(9j{ zJdpFc}5Ng`kJJ z>6sq_RfZyoA8-e`ggRppjYscw86V%_Jj?!NCD8aUsSYH#$SV|=c)j_29Q%{0(kLfc6WO7u*TeK>Y*&Kv>)-s&WFrI80YgBv^s_qqj-|PZBh_er$X5z7 zc};9Xpn}GoIv)Oxl-Th>8OND~y`Cj60S1>jzStR&HMOA33*!PrN*s~xRt@udLhS>c zjgmYOj=SaD-nfl6k6rRerueRB7StmnhrrDFqV zYMnv0wn-DOd%W&~l{)H)8uzIe4;=Y7TrU2GOeOCbZypj@53#zhirx0j&G;J2Yh-u1 zkgrj1uJbYJEtHIa$-iApgKJOnFCy_11VfWt1ZOtmMRaLxM2~InU)1#sQKmE2NV41l zxt7m!%e&;DD$F6^o0=QPPU8104YY}HwS%Jc%Fx3*iR-7|Jj&$f*5l&QxhX3Zd&ZZ+ zxN=ba^h?YZTQ0&GaYk9+F4tV&>qQrB)CC*S?xgmupt*B}?jyL!y~xD?F`rUnN|MT$ zvX-0cTd9YasIi_QqPwEjS=JV?=0G*Y(3mf%0og+`NsR~}y06MKuDcoZ((WYrxwu`; zv4=XGNm})>>`6nwdQxol3QG^F#e}#)M()8#XOaNn1s}#xk=)#I0JJ@HhK~(S&-{v` z>S0vkc*|i2ji>Xq#f=53sj8J!7$2RP1^%32z?f?`p zRH>8#kXkUkYQ=hTGt!w*(GjRj`LbwYTG#Uh4_}C#(Brc7GfzF#H)5qW)OnVC=C&T? zJW=d#c4E6(mbz_V-dSv?2lo`UmbdRPIkS-doI`~|WX1 ziJ`R4m5;%gT1QfG0Q&I`0;u#_?tt0ym;Tpmjs1quk#vxj^F{oY&hAgg2hKj^n-1oV z*YVrELYaf^L&U;%;q{ikA&)pv838fy{{lfzE)xOp7s&he8*)Hh0pxZDh%}iaLp+MC zZ~W>vWRubPH{?S~pyE2(%iqcIp5=@NgH~HrgEB`ub z<-h-5HQ{x01o0>goX@Z>oH9;U1w;oDr3g7OX3;|YhQ!n5{DxQ!p;j-WBj2NcLx7kZ zGRz!)E#~#y?mZI7&{PUq^ zgGG9@!*CVm;UJNbfNPx@aBA$u#WVWYXi`O}(r)b?fj4wWdUe#lbfSp+82I zh9HP(GiKJCx|~h0MD%*m#y1TWv~NE!W9eM=_2N1Ie6Dom6-fiub|PhxrQ29lQWEQ( z>9imr92PPdZ~#!?yzRaUMe$o~+!iCY7uJzF_V)d^ylJzwLvhCsX7ytp(f4W;c=Xn$ z=Zc<^&JYP$1RF`K41XBzvS}auOMtQG)JsDe0hi0hmQ5l2++I*+>p&k&JM1(ug+5aC z%8P-0w%8Su>e^5}YbO?5qK>U~H}xW8$DM(nmRXy53t|EEkq1Y~V{!g2HcoEh8PfQ_ zMh)JZ!ek`@B{kbP`j54vrl`tKlxnSPR3T7#tUgR)ZA{g6+?pIsPA`q`rsfN#f4FZv zN!dKL^tRPt>*le3eML#+w*@DM@OHVf_qXM2ltrGSzpjD;DY2yuQC<~|C0x#BeM^_- zYyvGddrhfq$fwcYs1#VVxpv>OCj$iORvn^l}h?- z1nse`Bg(wnK|?Dvyh4nv_5MMT!2M6VB2iwuc$UF)EGr7LbRPdINd9RvL+XD9`?h>4 z8Ee44*W-NO<8esQ;Tx-_%9pD9n^|S>wgxvW&urNv>=hTh5N!yO3VQ|N0%PSrovf3vvZ)#u)^*r} z&)8}t1$C{wiYwd@Z}Y_fFILtunI!tDGZ_vtb4hh>@0Q;C*L-Vtj|OSq@@69gLDZz) zZQ;a1QQ|(#CVoCPC)c0lSk*_V^*RYgj5*()?CB<3;viTN?HMQb33b`D>3r~+WlAB+ zU70q+V?*Mvr5AC>m!(B-ey->nobX>i$au zz7YE&D?a+?hw z$t`>J$eO8_+^@#!^~l3&43c{OS7`T+g?>ZqtfuiBxN8N4BsKypvO zlV^yq-ioUnEv^`p#p(tT=TR+&NOdwf8Q3Fbo%jNo8WqWYWM4e+XeE08yy}#pv3^F; zP5uk9_9wIB{GTa%IXG6_?qot#Kq1hL%;}7!KP=B8QGqB}um&pP*wcrtZl_f9zf5bN z-Y=S->>h-rn0$__7suo0ZG=7ne$m(NW&aj^&fEqDs;ry0Cfo1jyG9#9i+UMs%vGsk zG%CbnB){Ci3A!?)W<|2TsnJzrF+BLjeJC5j9wQ)c*?+11>;c!$SYiiQb6bB3h~b!3 ziUQO;ch&;JmE2Q%IrlwMu=JH#SxVo_yp#q0H;?Ko+lO@Tq(4_4@0-I9BN$MaT-5xZ zK|+|2&J!x;;u?9UoE6_NYWXdz)HmMwWtjxK&Qq2NPKL{dCk2dfUdt&)@?&1r%^MT7 zks82gO3eH>1hNQ#;E`Hu01bihBwhrXek)mscn`2+3F5R$u_sV76NZ@WzXFvZd z3n7y9cq{$Rni}yeICTSFxq;x2F+fcIG$fR>vbNlBjGqj#zbyYlIo!76F1awiX5BX( zaPd2&ON|!+hNCM0)9HZ<@!vRBajXpsBhwMRjmE^RhK{6Dbwda>TD|IoH5;^XWpf(9w~X}xmG&F}PQrq+pWCjD<6NJh(|3y}W5a6v`bZ_c^#dhjEUIES|vp?VgCw@!|0Q~A9dMJ`KP6RoV zpm96mfCFHJ!5ww(jDIOm0&*PHb}5H38&hg0RPd$VfBX6N>2=aq04Cz{F>`J!i2VIu zkGw$$x{GR@>kGVu9=%B_0AK#cJ@!cj`7S8jI_$9H=jSi~0$8h*`^u*0QDk++w|M@K&CPW(Gpg$@uqg|D zirMqM4P7(zK>QmmSM>jwmIDzlnNWu7kE&NA!0rt`hnAO@ezkiI4Y70La(uj)&@tN% z%{9bJ;m}d_1_YS#07?Cz>cv~^jnfy+QZL`T#?Cmtjf0K_Dj(vi0+r1IM0`S*=US$6 zM~h~9EVN{b%DzX(3@1}jb{JKlk0pt0ZLBD^y$qw@5Y3UNg-=bqQ=RL)L)0BDFPv|3 zRr>3hO0R!~HUvpSNL$#6O2URkT#jlPg#0*zOW~#+pW6Eq)V&B=2d@a3X}B40qe0v9 zlCNLuQu^e-(}>8Ww9%wIBHdt)outgn`*@PsC`-&~n^m=hw%U(v&#triEXH1BZtcv) zynYk}iH3pGhtyTy1Emcy;aHP6ZA_T0$y*(ooSc}nGH~LypRpC{c^ndTy-%N`#V8pc_qclMTb_RMdu=+ovkngx?sH^qQyti^1=R9vSE_p^db}Wlf26u+B=1iIwLU zZf?44e+<52Slg+Y!_sBXA%Ihh0SmdzpcrD->Z^(afb&6X}R$EVp~0K}AQc z^c!*$^6O_if{tY4fNgjP#rL7FvPoX|5feyeXBA)pfGSv#^MHPm=G*M0L6Td+`cz|_ zf8OMInIf&3=0Vnk+=#&2P0Y=5YB!I@a|Iy*?ml4)9ns|{9!Fyc+6^XUkFRs5(-U(% z<4xZ%=njlm26Xb$5?B*(h6woRUR1AYtJ9Vv=l11@RGmaw3e!M=M|8$U$(_Vk2g!sV zwKG50O3fxFe-&P=I#%qq(P%pTmt7oprh*WJ4q6cKeU2Tejq7K8k}4Dt($J#q=ytIt zf=XMn_M&FC^{aXYpLTi+JjI?VfAGDaaVQIZyXe?}xVv(y3m$K~vkH|PUg&{7gk&m!kQ0NpO$U59mQC$~`6=1y175qk6o4m!Vk${>O+=2p-t}vF_iWQN$c~5qTzCuo2bNeyXyxD zsjn^_=O*Oa71~Am_Qj_V9pjuKt(A8trXJR%MADau{BoZ3W=!hvJ;<6&!ZunJ%zjzvI$if9Df(bd zoplu*;tI@wjKl9*bmJ{2G?;7bB3u}QPx;(7((f>OiAJ9M6>xb2#jtnc3u6oys2#Rq zs$%3b+yJTNo6qdH9_7QCtxjmwefqfa=?sUaO#Wd}7OUMu!~=m`&9&QmkMmq!7fRA8hI}K5th!BtxX>t2Nz^7VjUC>sE~^=H;hpW~ zO5V-XVZ2#iVEwr#C@JzNrBwM*K~)$@uxR5d!@IrXtHrI_m0=R?W>;0pq5;!>FY^>3 zSg&)IWxVPtAI|sO%`~q15bX+vhvA2 z_2)}9C;D(SzvMdWm5+;8N~41|C8ez9@M$>KiejVy0Uj<>VD6k@paJ)KelpZ2n{vB} zPGUGVhvyd`>`GN&z4cjWb1GT)MC;RU2-bNu>oxf_K~$|QFS@*IFMoc->jBS}SRSuM z?5XS}b1IKK2)2HJJOpE8PdLf3rPwPo0xyL5fji+Kk3jjY%G-DShFjrwOr0U;7E{do zpy>g|I&QEZx54m1J}n%;qu?&coWDJvBN_U$;dhz>1YxCzk$VrM^A|=dL@H}5%ilar z75?wUS9$h6AO{=?e61V#a%0Cy5=o|j=&+DZa2_+6=zsZH<;U&svenTYoWVV#`d5DN zy2m~IwL<39!it|zJ;mV9so~Lizab7;yz4NAddO5t39UZL`Ne@p7aNU)sV;pLOq_`# z_9X`n2;wrVULI>WriO)sw$L!c!L8KwqZ<*p5Y?ZrQ{}7ycvSXAYkde*lSVC25Kt%Q zYJoPD=I;UCLQTfC9A$;6GEY9-xS#mY(op&BsjFwW`E6VmMtBu@LAPD@srrJ0v;i44 zM&xBo`JjtHeQl&;F|7n`-KF%(!IAVA+^PEyuTcKfB{PV#fzVilM*ZW7BgaWl?ERBB z(uS-m!Y^g~3|{$(rP6luOMd?$ZZeTzG}vz?kIo1DmD(S-uO=9M?r3@Vd%s@}24oa5cOoxC%4E7fCxPLr;ek!XLaX zRCn2#5BXlgbk=Z4DbRh6R?2ebA7sb>kGTG?Pe%G*BQAfPA2Smc(`TmaBXVY55=7g|wIgk<&&uEc8h({fO7@3(s>jk%FTvbey~OT!wISo* - [äø­ę–‡](README.zh.md) | [ę—„ęœ¬čŖž](README.ja.md) | [PortuguĆŖs](README.pt-br.md) | [Tiįŗæng Viį»‡t](README.vi.md) | [FranƧais](README.fr.md) | **English** +[äø­ę–‡](README.zh.md) | [ę—„ęœ¬čŖž](README.ja.md) | [PortuguĆŖs](README.pt-br.md) | [Tiįŗæng Viį»‡t](README.vi.md) | [FranƧais](README.fr.md) | **English** + --- @@ -42,16 +43,17 @@ > **šŸšØ SECURITY & OFFICIAL CHANNELS / 安å…Øå£°ę˜Ž** > > * **NO CRYPTO:** PicoClaw has **NO** official token/coin. All claims on `pump.fun` or other trading platforms are **SCAMS**. +> > * **OFFICIAL DOMAIN:** The **ONLY** official website is **[picoclaw.io](https://picoclaw.io)**, and company website is **[sipeed.com](https://sipeed.com)** > * **Warning:** Many `.ai/.org/.com/.net/...` domains are registered by third parties. > * **Warning:** picoclaw is in early development now and may have unresolved network security issues. Do not deploy to production environments before the v1.0 release. > * **Note:** picoclaw has recently merged a lot of PRs, which may result in a larger memory footprint (10ā€“20MB) in the latest versions. We plan to prioritize resource optimization as soon as the current feature set reaches a stable state. - ## šŸ“¢ News + 2026-02-16 šŸŽ‰ PicoClaw hit 12K stars in one week! Thank you all for your support! PicoClaw is growing faster than we ever imagined. Given the high volume of PRs, we urgently need community maintainers. Our volunteer roles and roadmap are officially posted [here](docs/picoclaw_community_roadmap_260216.md) ā€”we canā€™t wait to have you on board! -2026-02-13 šŸŽ‰ PicoClaw hit 5000 stars in 4days! Thank you for the community! There are so many PRs&issues come in (during Chinese New Year holidays), we are finalizing the Project Roadmap and setting up the Developer Group to accelerate PicoClaw's development. +2026-02-13 šŸŽ‰ PicoClaw hit 5000 stars in 4days! Thank you for the community! There are so many PRs & issues coming in (during Chinese New Year holidays), we are finalizing the Project Roadmap and setting up the Developer Group to accelerate PicoClaw's development. šŸš€ Call to Action: Please submit your feature requests in GitHub Discussions. We will review and prioritize them during our upcoming weekly meeting. 2026-02-09 šŸŽ‰ PicoClaw Launched! Built in 1 day to bring AI Agents to $10 hardware with <10MB RAM. šŸ¦ PicoClawļ¼ŒLet's Goļ¼ @@ -100,9 +102,12 @@ ### šŸ“± Run on old Android Phones + Give your decade-old phone a second life! Turn it into a smart AI Assistant with PicoClaw. Quick Start: + 1. **Install Termux** (Available on F-Droid or Google Play). 2. **Execute cmds** + ```bash # Note: Replace v0.1.1 with the latest version from the Releases page wget https://github.com/sipeed/picoclaw/releases/download/v0.1.1/picoclaw-linux-arm64 @@ -110,6 +115,7 @@ chmod +x picoclaw-linux-arm64 pkg install proot termux-chroot ./picoclaw-linux-arm64 onboard ``` + And then follow the instructions in the "Quick Start" section to complete the configuration! PicoClaw @@ -323,7 +329,6 @@ picoclaw gateway * (Optional) Enable **SERVER MEMBERS INTENT** if you plan to use allow lists based on member data **3. Get your User ID** - * Discord Settings ā†’ Advanced ā†’ enable **Developer Mode** * Right-click your avatar ā†’ **Copy User ID** @@ -425,7 +430,6 @@ picoclaw gateway ```bash picoclaw gateway ``` -

o|y1{cAb+qC)dpBZTxJn%6>sJbxcdh?Ri##V);I)q@6=M zfUyM$et`3gMr|^B1IqJZ?bKqUII8O^A?_p??CyI8x1q~z|1S13ZTa^qtU4?Q7_LK* z3db5GC4zrPTZ{*}1wg5jWLzP>*Y3&B_mo zpEoi2vb0xbtDvb`q7*_CRJ{~-s__TlkwkF)(ZHjD9l4MPE!bua~VIO4UXN&w?UZPZfNKH=ZE4y$fN}<1J2R;M4W^vVlB_0}C zJ{N&sKdKD*yjIEjVmB=DU}pY@<;~Bxn^;w=*J6F6Pu_y(h7#ZlRned;m#G&TDic-b zm!awR*QfHbM4uUfgp6n1)P2;Qo6hwoZ@``sBZ9q=T3qt}iK0tPLr#vqpDW(gVg587 zg=?7n+T7>D{s;_=Sm)0b)R!xra+13AQdy0vCm?*U`uxvG^rPeTnzsU-gk$16G0XAf#aq@#y&eSh=CrteL>-9x8;t8K#Z`q%dLZUB1Pn{(_;acThKn z%hTLcp+mSSDD`d~U-IE^Mm(zh>+omB+-P`*M?3Cpc zUt$=fHYI4?693 zzJ3*#oUHd~RfF#U{YlNHpW1nr^D9ASE?l~O#!Yue#WFNYHWHx1C-e zAf#s_TyoA|di5Z9>Z*W)o=s^;%5@`6a6TAiov4!u4i4v|1;%}&%iTZgc3{l&a=pezSY+<{C-`-aIx3|?K7JCr(e!) zb+KT;#^$1rpYC9+;|C<2Z9d=DusuKi;xp$}x8N*#q#?9vhudkq)?&>2=(}r5%D7fn zLbxVIvhv*GUZ0AuC&GA)KCYq*DKlT>_OL4Aa%%IC!RuH}%`)Ld%2;=GSY|J{_PJIV z)F+M)7b6MwzS8k=SgAwEKAM(z=EUpx?51FSgOv99<_qzB+7_j}@MIM~cwf=67RkU~ zz$b`JD7&Pp36wcR*5)SjI*u@LBxWy9EHn4p1Gvsip7z=0;P*ko5J=1fZs0bw7*0>9 z(!dbpnt}3{Q(4pbI2_&`{?&5H5&^W-n&}P=-WR|gSoL4_=?M%7-}`arNRp}N1Nsa^ z(t3W0Go96$WR>D}l*?Z-x{ZI?E;6wZOT=L7vZzS%WAz#~RGu?am#7m>UTnW)z23p2 zE}rh5Zo{vTP1hYs1g5ofOvgUKY9xv(03bzXL7E(9QG1fM@5W*A?a9${7GEjd878UF6ep{Kx>RU(D1>ru6&=KN5JF5rEvo^oOcf1^e5ql*A4{%9*>A+L>$B83$73d5 z*F7sd9;IsYbvU2VAgM^v2JxrVM$!Pe+IfN$Ig}dI{7%gQi6k1`2=%Ew1fl1Ad4sd5 z-q?{L;pSj8)b?>5VOqWq3W_YV@Wg--UiQ&?Q+%bl<(a{qYg@%RwbylfYK6Zl=@MXR z*^38V*ap}7@q=JOW6nG*%=1aAs5{rMJOi_jZ(JEtXuY>q_0Bz`=VVAS?_Sn%Q`X|>k= zBX)iO-u{eNV=vJd8x_ZiR37v?p14$1TOa<;COk1MdGf5qE`>F+qy6XJX9;4q# z54?h|;!!8TVyHb}$7zW;hjb$v;%L;ukCwJV!#=N9a%L=!e>Jvw`V%7Hv1E4nX1qCo zbDikgRgg8g5#g!;$Gw+p%_53q0s1(H%+e2l;i@4)h6lI57e|leC-hYmOi!Re$dV9&49`BOXKb(G zcnq42iWM_Qk1pm-pCmR<{iwvz8t`t~$V2QwhxNJtZ_r+OI@1EW?Jwe=m~ZHBio1&L zTyiXSS#->esm;m%2K~YC>xnm(a1Gn_T-6vzaeKNPz2LoWnghCcvzY( zZns0(DQ7&uH9t-=Rb_m7S}{yd_h3wO+W8OWI{0YE2(1I9I{gVtUsjZ!Y4m^Y zct&6NC&Ce#u~jYfoI=X&$w!9b#s)HwIJ^RW!_5y3kO=`9<9^;_NNawTbzLMRp z&h(kd|za0uHj-`if zSu8%|ZK;`2*r;kW&fs!=q}#4&X~Ah{K;PZ>wLK5E?MJH7{3y?JBfr|_GL5EF$y z_ssgt>lAx-_eZjwGgOzU_@qmeZB!&RSnRVg=~ELwEFfniWs$r@4zR^U?Sup z$H=d2tXUcRAKyUgXCAzCshHS$7MR^_t zfn$*LA3Pu?qlv#Ex5iya#-eceLz`xkH5;=j?YG~5J-BxoATUUuf2q1kU!(|Edun|u z^i@UgW9qR7<;NV`3GDMy0#BP@u2(4SYtRv?Ds$ngFrP5}VN=e7-EOl-aF^^7t22J^ z)}H|bD5lx_UIcb^Bh4t9#}|BQJF@y3--6a&KIZ@xeC7wTK#Ee-G*<#cjoFx#@Yf%5 z!hzYbpk-BQS6x*D6>6oRYo|(2py0zT4KMNUJv^E_Fv6!)EFdTl^bBS_HZuDQnO82K zwxwo-i{>SF-Tk)0JzhC31tvm{_X3`-ruc#Og(}(m%Vt9sTVnBN+^2z!?PqkL?$&97 z5;@e36c6M!IMaRI%}HE_c?X7m2}7Xl5IZT_n3C=cQXXLBmbeXpu5?gx--Z^zp@i|4 z)UZhMg^eTC7|x#0MhVJy%3S7_z9+IkM_%(eL??7^ST4DvIFwDj=h30HvzRZqEy1z|k$$Q3v|Wr|?%h!z$2!yzh^Ta@h`=~owNsx2p0^*~Z* z>#6>SPAVnzpPZfjb7AD4C#gAB_VK=p$27p+S&k5Y{9bf(tM}ZRB+F?JK@??6(tnKiY-vPULonI_Mt74FxK#@1myM zny0FwRM~o+v!~MPdYu2-{(kmwQJa>Xk9_%8S!^D+?L5p3Ep_s~-Z`JhyzqT0Gi2%7 zdzt2k9imayTGbNQF5va1o0M&L=`|?`awHLBZV)Onu;L^(!#_mF09k_g2>asXt+GP4 zmd%RuL(4%-by@g!e2(cHZZb#fmP_KE#jv{^`O#l`ZfWiekA{RLfMhD2oL zEf}Ii*l$QAx;OHF;CdqMS)54bh2ArMM41!0do_?k*%UbusZOE*<=2dY4pASN2?gme zp{lcYUH=mhg$8_qFD1u(JUpyCNO6}QmtzvWqw`8|CKkfG7%#Ff`#-K&Q+)#VY5b{; zR^NKE0NyxdDx}4=?rVyA@cp$$SyzgEs-Pd-_<)yguQSz5H1M%s15y^pS7!im*8zyT zH1K8b%7z+|b_CV@iSQe8a!#?IOeqr(3;3sW6h6Nm1^BwyGLX9T>XL-rVBodL0X)OJ z6nu5*|E+6eux3FU`DQFSr~;TqS$@oOJl-AgfAAHGbza|@Je)5@D#cowKTHupGyc$d z{QcIg`-DWg(M}GVpp*_CD2LFLQlc7DX2F>>UF`rKrT95*#r7tB(bAds(cJBwEdEAj?yKkh!Kr)~{*Z_g zgt!Hvm_L}xwWn5Q+`PlKhPbdPQ{rmr;fYczI4oxU1&a$!bmr1|f z=E59PQe)U!o0Jrt=?+|v=LoObRWB1`Si`U?+A>^9p9QR~sA4|Ynl$CBE8?IEq$`yD z0m4W@!Z%_JRw>Gu-fDJgW)3L$4nEuJ=yO-Ej8F!vXnVs-S6bp&91)BHV=^{eItvkSplWdVc~AOJyZBmOWfiV&ioB$5(APmhxMlKey?M zeoS;v>c49haV$=P6WpTeo&7!#({5X8{+O)jR?-X~EG>;b75L2CyZk5OZFiI ztA%4hk{Urg6sb|TPQEy_G+gwtlC>naqldr7>#^qk6lC4K3nwps&7k)!TUw^_H&9*FapE$RQ|M6oCKVgaBRG$%3mFKJ59fm?e?uf(Wf5hUD>8H zs>Zi=9Vyq&brW1OWYG(j4u%zuL)hJJXP+re&CutYns}L}k3L9@MNj zrJr(A;?~F}sDivQMQ}iHA&O&t$WfJk+$)@4-+p*gsO|=G%RW}tnof!73gzRkq?frr zoHMBjbjh~2EfG$Ktb-hMY<}(Cl76%ai1WsTL+rgIG`*9 zSxn9tntHb{8)!FwRJOTFD^vL+T1;I+bF~F6SffxVA)7wkmZ*&*F50RxjdtA)zJIC( z&;JT>H=wJLc3hc%;k;?Rw(WuBoFz2!tWUgf@z4W5+r6E3UmG=fxsJJrTbsHO4=9uy-{*R^#eHH<|~F?TY|Tz>@z%C9v6;8;E`M6l6pAjq|3 zpmc{?UHrVCb}`kt&`v@*w$g1fRg=fyVgy}8ExxK{%iH{`-t2bwL>EK6owqGSZ)Yq} zl@9f~Q56cqM>vCG%Xk?a(2xDEz2cxG`OLXi*-t~;yJUmhp#Hva6KSrn$2XbdG*y## zcSz!x2>*IxahwyV$Fy(E)}IBZUU{R+s>16{1I7*&$C96om3$}6>t~73c2{%oI;{om z0{ij10tLxxz=td8q zn>`CEh;N`BEvIaJtF2s&#ypj)*AUNHu>yL79vdI{;`{Oz#6wc8-W4_THO>h1Gbmi)>4D6KQQ5vg#{)#;Pr3!} z@&WO$yTD# zHjgUk@%wALKJeM@rBEuN0_0=|@(;Lu11=tb{P#ytTxmlyX&g(f@m{O)dp_=#C+nv6 zhWeJi@XN@&m{uM7Teg{3D3^DL_cB$%htf3z45KH)4M~HaeGeYu;hC7i54xY#6O}*5 zR9{Sl$6r;=mWOiNax*EQV=xQ;NN|YupYfvnd%O<3zZo;n5_=Xx!;04n*c)r~SrMX- z%s!%dH(&I9KQV;7*vI{bREUG6$&Qo>9d8-?w7uO&R;mm#?ptNLp``0U8;Bd=CBeVK zlgLA4*-;V=ewXVvgkCRx&Jv+(f7zDqu}PwW9W)r_9jmeKNQwJ~fBP@+Lg&1_^Sbu@ zPG|tPBd6*Ye$duwT_!9$U#KtNk96R6U(2i@82?%FS$k3-vkFWBEUate1QCv-9t>!kMvk18@ANPdgmnBy^Xr9!VzB&p&~Iu~qxu$2R9VP<;rI zgpL0Jqfqk-fEyKx1KjAHF*Q8*KVTX7fZ#3o8w}Ryx&S=Ep)$a`1QOtZ z`p?TwZNbC`C=Eh*Y(NK0FX#pUz%2`(ulzS~D*;ct9QS|sDRL37Q4H*X%KQb3>7K6I z0Wkpl$si#oS=;pr1sYgm&R;gSt6auX81=Ys%*b`N1p7k-yoHqMa~=Qt8!*oO=aWAF zd@r)BHdTgoi&Pc@CCM9LZJuONPSSJpX-;Dwx?C-qUm>G6 zTM|8+s3qd=S~<)c$7HJVN)4L)M5G=}nO83)(!4f_E&gWojAGS80eF7+3^;zwKK-H5 z;3T(E#0S$d$2hG$Afr26Smc7U=F^_xR}2-5fU3S?F9t&G_Bfs&BwhScW=>I$znvfI zeENV<jJ|%=Gi9Z+sPReE z{BFjbUc+r|O`qRElp-W`uwj_?#MJJMeH;;WD`uTCb7j<Wj7mwl*Mp)#uG!;_I6K~3$m-(k5J)@OlB)d4>4tVZD)P=nnHp|huJ6|#S z$z#tg-s@$mcdN52-11Ba_78^~p8-yI^r2)CBs<{;C^gpWzRX+on43f(`d`wHeb2qA z&o2)ZU}%x&=kfO)haXELuM$Fo2*NzhRznEGlJa2n-e*nHAtRruDHJx61}KQyNY7EL+PI()NKr)6fbiQ!?QV0##8)&?dk>tyD=Ssi{T_skvW-;Ur)@yyK z%yCdD=vH3j%CY^%rPpDRzM}FOAYMKs8xSE2apI;NnP;baUy2g?UAym$PJC_G16Dp> z=$j`gs_aByE~?NlhSbV!%y6tUbp7yxYti10-;rbfslwU_eDv>r2NoPGR#ok78z*|w z>sR5t`CGmDsu;~n`BRWiq3mtvQQ+Gj(I`xCi1sq%YV}PR5li`2JeaG_!(kh9ow|cc z&x1aDt?zG5Bn1Hq4mySVj&2TY>`t~0RZfWE?r>XkLu#mS>-uQxlQ(1`pS-pJ(b4C| zOizUFRGG8Z$Lilc%Wsz`-NaAnL}x^;92D&tPoI}xdTsI1IyJg~#u$fbRoc?Qu8T7m zI&c?1aM{9XaNCp?Ysm91rXB#rwgDCqL9#5~P&AJ4qTix^T*-FFK$zl^?2<`#;F%%1 zXMS--5Fgj~cquGT#@@lkLQhn3MEBWjJKK1Atcjky>O8!P+ym-r%Ek*NSidZW36z7_ z*5~q2g$XzN#qFm4p3ddQzd(|%;ub)Syir-7O0iH-^V+prAR;*d@1Cr%$a!cyS+I~5 zK~j59>~tREH}bzf@zA_O2{|2%`L5o_w!%x|6NGbY@eFn_VWsb zTHCe;*qa44LBF%FlpOT;RUx>^m-;=WTUx6m&T?bka`KsW^+BeaShnZNI@(~&&W+TB zrP+q(sUhtlPpe)G-TKS^vO=1(OFLYG?l0v`Uu()W#Wq4?vTDP8ub*DI&k*kR@U|Gg zlRkBkz|-tX3i+-T$apiG8h5~@e(6#G1dP2nyv0hT)eAD4T;}05NGfo^hQH0iT-=UV z4R*wpq+)k4{lNZ~R1$Y@#X&;ynTx~Fr2bnFAAkp_8ZWhph9kv&rrC>^Z2552N;NDy zYNyETK54o{IIc*}tRk}g5K-ahY-XRde0NDND2rq2to!;idLF6ypCmV8lxXov>!EW^ zl*_$nip?{#$$Oa1TwJeTdo5iREaF)kgr{7_oGr_bE0Vx{^4?Ps4fpVfNf z1%jxJ{wrAL-h1dOsCSdQGoj;1js+DsnMujG#MuA2KcQ1I}nu&(| zN+Fv*3t*d@q#G-|EEwELKUugj5KrIS&ukvh3kZ+irE=M+u>z0r+vZ)D&jns=E?H&& zrOQ*p!JqEKM!Gf^KDQ@5i<-OohsMJYX|Q<_#V7}QCZEh*A6JJ;T|Xm`tX z_S0dh{?#1N^g!g%-08-P`M)6v@Y`yJStL_`r(+4CoEhG@B_Eu2an5|!3ZXI|DEm-a zqCHT}dah20Qkij%519r^YE@Xdlk;%Q;dd0t(69e>qbM=+f8*^vqnd2HZQ&paA|0ex z1x2MP(g^`XnurKWZ%Ppm>Cz++iqZ)J0)kXUQ7I8=N()HnQj`+ukkD&F2@yh`@8a3- z-s3y}&ptmG8N=bYa^F|(GS^&l&V?8&#lSAr=TC=u8#ZuXvxPdquWKrOp+6Pz8ejNV zS8E9bRbm;418vV@6T`VY#$}Lk`}+)>803WZ>ji@|OMpENP5s?01)#tfk%t;nI&+BA z0Afeba0dcYGIs8(13Ah$pESL)!PN7{TF1-JL5qA?B!T%aT+f*+*mU~Mia{td}Ky6wccScQ&CvtqOB zg`lc+`VSQ0yz3nvtr~NI6hLnleb}e|1$ZYO750r>g3~$5nkC+t#3+niJY@L3{g?LV zWwemeY`{uB&{k+5eq@p30sHiRe-Zoyq0|OK9cGC7lV9mY5h$U18T!^Uf85cRyESok zSLWn9WH$XtVgcxIf;|%WcaIi;apTZ%)*)V&Vn?Xb9<7PdL+7~|*zveIrZqmST)hz$ z)?LV&sBwI4fkQL@2l5XD(7w3R4ev-QADRFftMoTVPkJD{(yB`Zyv{gh%rh3;6{MXI z#jAVN17xx-J09IS-kBUOsO>tp7Vy2X8jU2hHZY$*J%57-%9%~m+6g(5#2z=X!L@EW z!;Vn#&@b|c0IZN5=$sg$?+fusVx|ZTX6L0 z;7dKDPfz#)5fpKh+~uH?WqR_b_mYIjElAjZyHx%cKSkujhiA@EOzfU9GcvN;qq|JFQZbM=sEGG z2Fv%R59$$em+1psHc#)09g;z}`AXZ+$wTBjx(M}XQW4n< zhvo?$?X)6{<|~|rVQTy1uZVT@Y>uhLb)D-p*0%SaMMP?_i4l>>GDSsiB=x=UIaUkb z;yz!w>hz;h;)Ak~QP{|TXv=~_10bk~jc-2RTsJobeXJOyNc_b9Gwzohr1+|z>K^aF zoNd96fyilSH93B6ZNoy3n_E$7aN0<|j{VDoKfv~DF% zE2ZNsV#~Jn*2-`6A8bpi6gGHYJEK2mAk@YLMjQq4oun;0DgvIf0gT951tI^o12-T7 z_A!7mO%ZH!OrlxLv$E|D{0?xC zEWBZCR}Y566kj!D9`d&3l8{_(iR^=fRf4WIeTN7il_3~!O3o@@eI}EB^zI=-gHDLqs$oqM-EO;8zk2V^7NLKyLXc2!iU97r{0xtsdW&M#O zONg`0vcYrV=g0|+vTXL26V@{T(sQFKxy1aUQ%va$_7o<=dkZ)ktx%Mk>3Z0J#AMwb z+^_lb^IL9Xs$A;zxd+q}5wJS&RHB_@giUUj9nF**7`F+J^E)(IHl+25LwwMZp0(f_b|U^@uq64i;iEc(OGAml+V2T zLOYzkYOvUpMKS_UVgzS!mH98Y_NU%Y)`^@U0+V^a!ECsTTns=6G-$3W8J9KT`#n`09W$<|My! z7_BZ~TlITv{%bt(<1~ITO=-F`VrEKoS7n~bNkUZQ&T$xlnNVQgo)G8VugMwW-)qyj z9xXFoh7|Op0Ig7v2^JANVNBPY3hEaP2{Hrm zib@`RO!3RhV$W>bV)jMU!!8_3!C}}&#=cT}4gHxsdKxTFvY{PrQWk%sn1Y9VJZ7Qr{^*7Z} zCodLIaY_Oy{#jzMh%h(W1vL5Y3Hr05U5RJ*4sq&74UJk4!c;vhv zY(~-eQ{ckQo9nFj&2%TvHli+09z?W=_&Ts7eoT`ifiTaj{2vISFRY3nhIw|Z7jaW< zt~}q1kke1=qEq_oS5F6=jl!HZ9R@PWzFTnCez^Sz^B<9`OIX?&Q4uW@hrGZUUaIKC zWV;+0bd!f-sj{2w_RMf>bvk!HP2VAx zxDM*X4<1Vn z$nQ*EVdf~`ou`wdbLH~ijW^AZia~?RlaBSw#IkkbN@?g5?~9?{8Dj*9?LUy9^v(+P zQ;^`P*cREiI;AgKicy}9sXwZ>Co$$%jimxBm4$yaQ{w|~COrEb>5$Kl=s?7ATafl0 z2Ge z%A8UH)DveUYfY#rvsmLQtje6}*U!7UIk!E3f`t+=AfygO+yJ`9^R^z`sSa*LcT&0N zj@SFf$k7X{2KW6sm+2ku)a)mN>^+AKZ9+l2up;qJR(Y`fZ?$>DYpznlem9rRrrKQo zfW>_LJDWl*UTC$dve6gf-L{pGuN2+MFJ^%AG~JYF zKuScdE-b{4Ot_!2oFy0!f;^_(GshHX1_H3|(cxE##u#oa^tu!GI}iU8Vpk^hIB#~H znEjhn7(L9M|F@HG0me-^Mchll$g-~Tk7jV^J$x9-JYS_gDd(&^M|z>>l%Djo-JLp& zU~e@005=R1(H})UonTZ89^>dSf8L-P^T@A6>KV-+nwI(WPWX9p3EqsHHP;Y|Vt;Hg zT9-wz>N~a2)+eARm5|&fe41Vq`TQ9`%i2e8VT?dMI>RBex5aGP{&8%&Q`pQ)EWXG& z`5u$FOMl=zdjULXshJZ_N1Teq7}1+x<-2yLU_Un1x-X`!@+pNp5qNMvP(`^D$~xG0 zcn5Akd{jU*-PZ*PqEm`(#t9dYYL~4!7Vs92{8%g(zNkUy==_Wo2p)h)=D~T#dR74Q z?<#j4w$f_g)JEISq%>tyO{ags_cM;u^wVc8Iy8=NS8jJ8KHgIoF~rJNuQ9`vO)sr~ za0~K|7k>m7dA-m@f`l#!%m%fy@@cdS(f!`Xs3srf?fn??ZVTB(Z z2hMnck1-7PJ!AI(4B|0@RpVhdM13bVyq(k}h1zZ0X1EO2#F zsfl5{Jbw0cQx^ah2I4ytg%FSMpWsOkwfP9Q8j=sQuxlQ!KGM2q;MA1;VdASqs+E$+ zs|C&dlZOu= zk^B8a4;O@b?o}&W=(W#!Vxn`#;&}1=;)4e)zywB4!Sxy9o~kOM%BNQYc?R|EWL?}7 zN*K=0Rmup{NaFz2euxTF8uCcNQm_Cz4w#Xh+2zl~{R&Ys3_j*6<{c(3@=MX2+?jSIL z&+}=+*_rlV+Pd&UwEBDSJ00CCkh{KvETOsS_IW_lp-I&Jj_*AZu^shRP`fN;JTt!5({tI+AN;NtO zY5bAei)MhE%@%M!&cP-~i+xF6&*{GeUtS23KCklR-Bn0P@cdHFfjQ7pYGc4?LyS$> z<84VHVd)#gw{BaQ*lQ-9&(|8?Fb0pF;OchL zEW-Mc4wo28Vc!o-!E)ElkMdw*){m9gtlWqW6S@md-;vuVtt_fe1u?;%TU3Sj zBF?~#XTv-I)V}Azl~Uj(?RdPBcedsCOSd9BRF_b+=wH=Iflx6?@|0Ww32B)zEt`<*WXyzT?)3UG~IrEA|8SZ@C-F zg3oq4?r6f^z6H8bs#Ngy_5p6C(W(qHr2qSD)COLsyPr$zM~bH8^1v8v2lX6Lj+|&r zq$~0Lq~|{0$5bcdoME`hq{NwqzJ#xX0b=LH|8O+sJShQ&$*e8Zb0be`!zw!OeES|7 z+_R;hohA0I>nu%!PPkVuQM=Pmzkga5tL11g5qdtQg*K9GF@pYToVbTROIEs{g5mi+ z)9v(>Z4X_nxdyVD6|4?tEB6GjGNt{VeX<8eSk z_8hz+c@SWzS=rbjcj`HP9J;r9048~NfGJDcjOhQ+H5=2cP$^#qca$Vl6y0~$@?P93gR%2T3n(VWH$ zRch5cRlSc|g6?OL4Yhn1^m}PmY16KEXm*JuK(^daeQiXwPB@U6J;bq6cnzrvB#ZTS zT$4>Zn(2H!cGGBTp?o+qDo6wx_xU-G24+U_`tYo)gm?sq^KlS@UPj=JV?YI3%uAh; z$dWQVH!k=tW+Fc#*GVG9dJAxg5s0}0*hQej1ERci5}M-Igj<{AiF-qGi~YesdW3zO zwb88iS}}9lp=V}4=mB13BA>k29D}-gR17uzM7EeSFA95WD`3+tj{I{69j@RXb0t(! zRruYqRX{T*puSO0kYn!>jemI3T8z4II`pLJNquWY$XFy@+drpk?4JYK z{kIvrjT$#@8LtBoNbM!$FsDrF=$mTp%EjB+{7D&j2b@5aB{VRqF-NUYYYiv*s|XM-^Ac?2&EY2Eb`714zvWmnP(cV z`Bg@RIC6EjthGoC@`LW$xWt@NJebP8by{ccqa*s;ukya)Um>OJK4x@#GMb&;Ln@2S zNvK>6kAEQi<*yT9+FqZpC- zOYL*xw*5p#5@#=4g=Hi*!nh{Xb>lLj0HpOrw_PVYPD}okKlFE(hxy%{qM2rVd2Jid zHy}16qHGDbBrarZH1z~mS!EQZI(Qb_U<<^HUM&O~9@0|CdKrZKddKr94Ql%rb-JEJa&3w?MP^=`inEaNU8X^~ zAC*wgk_$TOGh;sm+mA}(Jv~WQo|O4`Y+7rpAB`Y5kUOm2xzz)SFzC=8qenH-yz*L< zmS_TQ(?AR^Qr~muw0e7J=Y}VKi(^@}E_Sz%-t60u=ZBg@=M=X^6`_4D$TyX7y5N=c zexIu}3-u0QT#oRTNnO;AF0x}>kMY9Kte2{orazy*JMErm-b3{#OW?LrV&CgO=wmb3MiHAqL`K2^1f%DpPKHKH)VNY#TO?UeWc66 z3<*yHSw}QGdK+qlly>{;M9-L-xll_K{!p|gQ$*#wTTj*1Ck+s-8KkPybmLM>LDg0Y zj)+WAEPdZz@~1UGaC=gHSnkw)wdU1hfULY4(z4h*b^MB+mmRO`%$NAxe7^0yJO5(Q zhcTOR@q|nZR+>Qge5EPlQ{I6)zQfpjiZnR`f0LX%_h*5qhzdE?zN@(18WJK-tk<8j z6wgGQ<^OCWh7(-dwCt<%tZX$j9pM%LrW@*B`i9^RL~$Ad{gosq=93^)(=h_en+mNychL{Tp&)PTfm|%cqPEl_=Uo&zbge z5u;%sr+BQWH0^v(JM`&J#mOhL72AQiALl~{>FPQVkzjgIxY!y$Dt7(caG3&wQBPML z`%Ne55k9-fu1=GeT0+}&1?&3+;|>@jQ4mOIme*^`MIoa>d#_;aVb=jZbg5Xk6JHt_C!J;Y6C6|X*{ zzW?~gp}1Sh0xPR5a4zI*1uihRa6a&21Z?7~~GZ4Bdo^Lz^d8$z*f-&ZHfLjdhhTXFtR*=@Xi!{rWT#GGm*UuX+a=ev` z@+#b!fG`j(W<`)&;pf)Ik+C1zKdl_Rn6In+nRQL4?x)|vnTF^L3BKiESlh>=+-9a= zG%#V`b0Df0s|J+k%6#GjL*>SXE9g2zX@=AEp3ruSnEi|2McTdN^RFY~n#B@kFyrmH z+}NE79p?A*FLmPuUft!==WF3p?+ZeFO-X^9e1_|18H_6QX`5DluMXjptq}H0%KdZ$ zldZ3$EZ;_Ac?Y1+TI)PytM+g!+WBqqvg)$Lydy+F?Eo7O*CD^bTTuckUQ0znu%9P4=Uzj z!cL>yj&fj}!Rf8P$jGgBcAbaP6cML{N&U21)ocb`Nu&>*f9py|xW{nwm0+L@L|Q=#UK!-X;8-{Mgh+>3Q3+-d%# z*Fk)Tp!+J2ZSX!G!{T(B_ArX$QWidXVpnYSLQj-^W@VyPe!yzW#vD4ZUPI`_z)qyt zH4<-L8#fMH&=LCD_4Vrg$)L;|dTNzPO9}fu$2?0HF{Vf{eNNijq-KJYXn1*3Y*J21 z{7IYG(D?|3WmMlpL43Z-_k53ds1uGW#P&P;Do00QdOnxsDd84~nng1hXvhvX4k2K1 z@&}nEitl_2|Gb&FjI!(#^*_52It!A&GyxGY9aT!&jfZN@F?;L9n8n!L=m^zG z?YO}w=5q3o3A(1(X0ZGsk}+}3|E!-r%ZS(Mew9uUYW<2wD!HzFn(RMU7Z(tAMF)8>I@~DJ z^Ph46%%mZvP_7SPW)67n{R5%hK$923j1QH_JZ1#?wlVpm&|bsCQfyw?G(;3TV=QK9HRQN)g~dTkph$1$y2x*b9?cD3`8S z5_XO>PVeRJUljIukh{y*e~EUb2OoZwY`WAj!@P%L{bMZ16XX^n@eGGN%m6^b4aE2xqo$fR`Z6e)?$F}u6keo~z@P0- z8C_#=18Ry~2WjH4W5&P87eRnc9EZOHZnvs4Ny^K`$yZ#vGrur(H-b?F_aq3KPZ^~DY>^KS zB?K1X3u3Sby2xKgjjFafg0Uw|W7Vz?at?BKJe&2mkF~csycL{sA2|Kq98R$;Y{<-K zsv%(4V|75ifp}3lh}81}o$?ICTz>O$G4l;g7V$g|!dQ2RqH;GLy9zmP49_QTd8X-Q z^)8qdrxssfg?o2|;+nyo4mLF9|JcwsvtWWcC@F;_Kd)VXlla&Ceww37Si0(oFv2^D z?}e<||HY9K(O~8nKl(*DUmFbMWF_}4774u@VB|`@+bNb;rgHCKeZo6utb^TFfb+c)eK10u#xGKH5Mmm!)w z{t6Q=TFV?BO;I0_2|&}3gUrw_9=%gA#`tUtHyL87Aj@P9Wcd=XgCGA%wjv&T$JmP! z*ZH|-V$LBqLpi1VY~&LKxWY<&9-RvwOLA=r9XU%wFpFJZBMRe4(*nudl9uABW=o-6 ze2%8a<&0=R%Smhv^*4e6u7^8xV73i*yo6dDDm)bY!pCt@3=&Th$e5CK(iMtq#4msT zn??FTEQy0_1kG)zX^o%&V{IUF!9&HGPw3SKr2b{#Y`&^1N=sAN@I!b%n%%30F<53d z?n(K)&sW>-5ZW@ssf5x@<=qoa1*BZE3C=;l!7ZmC=3LC)#)Cug+K&72E!_`hzn{@_ zyq=#I(%Dz<-EJ&o=`bQCv30rYr#7pj8pPRk%nOLeN_97&D&c4 z>I?Jk;-*%wqIB6FJQc(y2OHvylck|1@B8yFjXrAcp%rRhPuHEzW$VI3T{VJ)Cpazk z@%{r*DPE@)_U)4uroN)t(by0nxV8&lCsy+>#k{L)h_P{rvCKD%f9t%mk320(+J%h) zonQEXz0w!rXe^>k%frRVHAraqYvS`)I7Q~_E4lM{;jup3qf&}D&Q2BwwYJZwc+4M` z(ezfoa;$%Fp+GH>OSDc4TjKShaepodW6UdyK`<9LUl^5nSa3ILTED_uJX=Uuv+PWz zSP>Lh<_E9(vDTgaj!V_0*h#mLz&i z7?Vp#uZjB!QdF78Or<*zkxRwsA*3mbb$a?T&$`^jy7@e9L>Q74Y3HH;3J@?lXjwUY6x*nH05+>M2b*}P-yn~K;`CiVOz5GR{ zygU0eppbZ6O0b#LNRnrb8#k}Qoh}Edu)O`Z`oC5uN1cF_BrU1HGWx@R3#${2O4|Ee z?^I&<)FdU(o%LyR_al6y6Zd~v?7Wb25hw$wFrw`YceQ}p0NdlN+N?C*i!qxki@K)8 z1m0Z1$gZWGLY7{XB7bvLO zZ<*l&mJaEXIOwg~QS(vuE~n%RR@OmJojZHN@6vJ@?9vLR!9E^W#IqWSfTxFprXDBM zm##;f;%(4s%?cMiP*shQ!>qr66cU%d3AHG{gUrpoUC za$9qVme1oY4pC{7XHA8oZ=JzRsHq;VzqK8;_L3HB_W z2mU4xpwT}|j&4zUHd=%;@jh9n|5C?WFzSY;T4E+W#6Lon@XWUW@t@=BC(2|W0sYy% zTRV*@b=JL}iyKo_&$yC#(t>4sh5Ah^Epg zjlI;n!oYBnPQ2&NFXUPOe)?WciY~Eu$3QAy8r#;@-rsk_%r-xmCW7{luY+-TCrkzl z*ZV-u>9rr;3^=_mJT)7d&6Fmay|{U5KpdVJ@eJI_Dzd{~L1Z+!)+y*3RQbU7qw( zbDi6}G|gM30eqdxU7h4z)IbdR1zxd#i<=ys|84jY;8|~=DiF>HP7h&m0!z_R145mW z8Pvi1{+r+SlS}1Mo$0;8)ikpb;DA#K{+=2~%sz3z+po+PMCbIywlIgbjwer*H=|1X z_q9tqX~VZ3UuXHg9b@S#P%r4emC;7=9^Im-0Ev%kMT*84NcMz(3XHm2^*N0Ouk55L za=u`!6Q|*MW%wV+#JU6C!6dwY`ou6y7_Q-|WR)o~EVDUHvcxSsoctK6gkZ-!NN?#D z%XOyc0U%G?0rcdlbr=n@98jwypo-uEMAmkCk_G5GT`ZNa@5qBod2U_!yI?t1-YFF# zb#fpEid4TuyZZPT#G5a5pqXo$PW*72Yp74=zxWdV{uspXp8RlqLS=~;6^WjE5Zp_R znPEfB_ILvYdLjXva%|=MiilJA9$-*BvhJnxiU%2VOU(V8z2&wggC!kwck>c$Z^}BJ zDCo*>_6fwD{Xv8J0zIn~wbe*ZSRK$GS%}{n*ZY>?xZorczKDoR@_Xj0JaCUtN0E}{ z1DJRM^bhy|`fs=Rr3ix&RgPZCDrAn7cv?%QR9=|VXkyQ158t=@Cn96r)4F$$F>^f2r)t~~LQ**m=< zp2JzI#fLOMXY)Dt?Y0U?fF1MbMZ2MCRvp+HX@uXrh2Ef!5@p4Z_o@w_Kb35Fn`@9; za670E4hknmMlkqYDHuGu>HL9|eb*wTS(N-5D4DoNaU+jnErwCtzZW+-7rMHd5$9s3 zoE9$XcOtAIJFH}Irg6Yg$Mo+B0K;qZPqO=5cca*>I;Yn6e6{#>PmG@d?>R%~^rW4n zT-Rn*mW;o^*a^O{;Q#o-b`247j_g=lYkf^~DHx^oSwD5kP80rJ@RWa>jAGhdXAtW= zY&I`ajcRLh!0|j^KSwycfgM$XxkZ^XES55tFa@6sSo$~srzK{AADJI9I0G_9`1=0+ zjWzh;p*a0!+F%}&nh}W_^vDSFRD0!iG5q2tpO1yOf6}7}XglKgRMuyOw2KGzt)WFV>`*^Psz2oFqbOZR}D0LQq z9}m!&{T;3!85|{jZ;bTyMPf(?`|M2;yy`17A9H z3a+vxY!=KV8Zq8$7)smQv=6Fz*|D+k*G6})OGM2FjLiD=%3`sm4&%*lW2++{E`?3( zXdPCkRD7q0esVlb5~D-wP_6|@gQisVo8C00eeP7lbF`2uQHhjKh0Iq78snjJ=4kxi zYD3^vIxUgY=Nx4dBB&c!$s~A98Jfh7O~vMhF2Fkv9fQ&KgWioQ58pnn%X!MFC%zq) zW*(mxc}A`Wq)y}CLqd>mKvb#bx8}Np?ce?VWAkQdf%SUZ!}&IDD$2V;9%Bf1@8|aC zi0#zGPh{tb$)+;8-yR`?H(Q*)_!zVb0*LOLG>=~t(!hBqmw6X`k8QV}fZh?5s{7rQ zjQm-KVPDq?9oPuM8?(C|U_tjo#G-L%!=>u*eu49=AN>p2Augh+kwfnxKGqiNL-@7w zTjK(U9%=%5FBvL~dJGmM0{^gB;_LYKggiE%Q6_#J$y zbmhRlpw!;lQm>?VjjQp)wWhpQ@d}1HJ?rg)*l9(gdI?gV?>u%-_af=inDh4#u8h}` zC(86yP7cx!BC3sBHQ2#CfR}6eLYe)R^L3Uk2|?RGT~ygZCRvO>T(fm;n;GlvuntPz zHPW^SQym8)ddW{h7k7C7J`r%cOK%HEn;h2-cidEXC(hQ|Gasbxx}19DEoi>O8{sP9 ztLB^Lqk3SG2bU(IAwNA!M_jZ+~oG%53GS8_gQZ#JQ4x(oh8?`)$ zckJYbESqb;*3`zeb2av{of^K*S;r@SaA3hj2<@1@7>!GLG3ZgBlsdU;PO8#VXwy#- zOuJH_;ixB?9}1=$9k3p&$9o-wVYFZj1Df5NqBXbjq@=c4KT%IU|K81R{!Zj!3VS`a*HO4~Kq zYlK2I(>g+J<^(cwj4!`+(J^Y;+4nDah9Wr4(kDXIh@7`Z_g17l%hq}O4nM(1Q!9aQ zNyuQJCd@_aKT?|GvJ(iWQm7Zh`}41kKtn5lF0+;=Q1!)RUEFWO1vx&!?>9=+89Mw2 z>{VIPN#SHZoHrerq>jLtj%hKM$)vV3<$K)fe;-yG!Qwyg5Q%SxT@9YW>`?9!Z@StI zJ0Y0(p7ksCPw~*T%w5(YNgPrY4M+ z1>!*fOCf8`CDedMB9NOYbYf7Pv=yr+#r#PmVzC7?f3dsRm59%p%cp>7=c`4c!XY|- zRHKpG_EfYyj6ur*&iQc>jF*xKszL}lL}SqAzDvT+dv{IiTOYLfe8EK zf+|*|^qyo~^%1Qt9g_=K`M%AvBZp;`CBEX;|5qwyCoA}$Hj zbUSiNl04EaLf4R?yIZ@b6mQ(PCZu^WLP#gv?J-Q1Xm+%V4T7B;xxMo}l{BR)W3XNr zLH`8@X2y{8h>secO-omyM`S8y>#BHs8RMDWi_bfAcQ4ZmDHpPqT|)g_n-L8Du)XP# zP0=aM{@}N1zNy0}ApsF&EkqTfUA%eL_O0oW?;1yByheZgw3`TfPZ<(?t8cRgu|kLzz!0N(qo?Ua$PQe1$ORE1qv zL#m%a_pIO<5H8|E%!<264kMm7EH}li?7mTGsPc%}xoyh3B);%f|EGH^KE+>CP`z`# z8&BT6pr2)!so+>DTHoTsN`KPXb-HN_KxV5_iqcTc_khF1z{cTeHqnSpb}1Wz;lA{u z@U;%rTq3c2AQ@`n4^211N!t~tCRQFgM~mkN_l40PDwAh0esDQ*_Jxj8U;m4VB}Wyl zo2N61Ubd@oW_F8RD{AeUB?8CT@ji7^Tya(|AtD&n)*#29;S-|W(EPnUi*-+&ovSSY zyrMl7l67$;fy+2WYN)sKwBVP?5V0#P4EO?T$ic-g@Q@;nc#1&Ta_XJhEriE~`kvlz z=Uh7Uw`@jw;rE9(cO7Dd#fP7+B=Ka9a`ZA4o-m2Z6?UVY=RV4&ibmb&e4n~TYDC;R z&;$Hd$S1feAz&)A2FhVSZ6^?e6gEFseMz8!@O@>5i*Oi>#*`Vr&W*A>`v>x&djJea zcc69&i;e`$#2%!r@eEDBF~l>;s(HDXCSbgv`IaE(IjF)0mlAV|RwsG`=*miFBm zSGO_ycIfVMM@eD-9oqS%S~{hC7M1;;oq=(Bn_;LLkdv$CC;N@o5ydYHcG1nV z%Dep;(5^{Q*E0bfr0+oY(FdSvh`R%s=O4%@%6pK?{CKpWs=s{pP2!^Y-2E2U-YR1I6xPkSQ(9c5Vv#TbyiQ@GG zTQ@J>wDnrc~;aFd_GP;dfAfd%b3>+u94} zfl~K{$^F1U3C1Mch8h9!I18}PMgqSvfWHBq$#CGQWJ;#{bX4kpRJk_c8tdvTX<&J;dD9n>HbVSqgeM4j-N2ATkk&nm}$d2U!wn@ zHV+3U&j1qrmmh!(3q@m493>D_kjH5%OnGyjW&s{AhHDrX0gYiRm3Fh-2QsNb&wkO; z&&MxB1u}=8%Wgj2aP|M$@ae1M>z`*Rw1X6$haYVWKf7NqpC*}B{_O0Vj96Nr?N@ff zdTZswG{H|?he7OKeGD2Z0)U|Ba)47#k9zNce{U8Xt_h9#-kif@b@74Rq4U#|_)kBO zq2S8S)R@bG9e9T+b1`U3mWHnn!-^f$Uv`}XcY{N! zK~6hRtXI$}Z%S8%^!aZcsUIBq+Z8Hz)o%rXHzyiW^fkH8+awS#J3eGr3te6DNE3y_2IGs3i~ln6B|Cv`1-mseO0`c>3lLb z%n0I+eI5>OUWS^1xb)?^X`!6qzDFpgmv<)Q%KX16sdrpM?rrXEFKuMwJUwnT6BY~J zuLhY1e(eGJHBw1>WpZ}-)FuJ5Ak zkBVWeYt69Xr(uR|RpX7Bng2kXGZ`j&@fV_FmehSyO6+GYxl>h$<^^G=ra*JlL|#Tn z$xf|8?{k`#a0mLFE5~dG^)QqDUZ>%Kld>h23B!+_NJ`;@+rxXf}Q^%}n%= zQo7xpT=tWftvq)NmM0lW@LvCgn~>#lx5%j>rE_J}^cah2Np_L78)$B^6w_dvBsLOp z%+@nF?z|G4Ri&$c+DnSNnM}{#UEkzGs^(q+qiw{$h%lEm%-c#namKPFM#?EB)pB5Edg8gatr9zH!C}!`$ zSq}#!Zd{R+l>E4v+bXHQQ5k&-@=-7q2n!CjGb3OgwZXp75@s`^X8^YNi!La%W{0lkIn5Yd5a9NrHuumWAzrjILYpQhetB;9@Ac&*FiuDt%n z54?Dl@Ev2VK^j|Bt2fsgselW5ReCRUFiZ70ca>O=opXW#mzDmL=$8oEsDBsa(t%$; zG$9vQY4Fx0(tzdi610RGul1OiSf34?^G&n*Ge5s81Su1VpkBmEgZu<9>3;iWMfh;QReFmZ%wJjhFWz^6m8jl<}JPe2_+SSzI1`nG7MLt}b>FVnFKw5hBVZoGJ zki+JG-Bgr4@&qm~a0`cu9}TnKcd6MO9ejJs#3@Z~&hB?3%FZ=$Y@x^yu_AezLAVyUjx9=qC#;8eJvOe`NUnXCc{w1ayS8}EvG|la zgP6)<{mj_mtQUILnBSn{_;|_!H<+$jH|X1bv7r1`Ym~ zr3`3!$CX?A!%CN*fd>~_5$cX>3N;}HR{95(0%2dkMg8noJ{Sl@6asfp+~pxGzDc#BmLbU``MCI5|+Fn2Xir%l*btR{8OPu~_T_Uu@D6 zE!bAmt6gH)1WNY^+zuyn&-5D_J?gzs|IJ@KWl1i|xR4hT3W01m+z9UwJ~y%jH$=H- ze)GOk>_coZ$R!r&rC^eb89qL4U<2n{K;QHU0Wf z%W~5Xx|!6Q&tMlzFZ9&|OFcp18-cUGBj-qm9}G`=urc1v{2q`DdDtM%RFF$VPI*jA zDq-rbTLt@@)z^llx4KJJ*3yjkJdcj<1h!rwJ8G}JqTwg=(fym5ka^t=wNEYsCzHY2 zRrYNJ?b(i!*)4i~(`qZaG8M}v?X_ublI#YLZA3R;_gZl>IjJ!4%Z4&bw z?xuyT5Nw?dFvkLm)$eRrVQx9_Ftt}neFitZFr zQGqPVpj`$8rM9Jba>T!svLU^M44DY}V;y0Vf0~)#XNRE|W)ZyZ)|>CWNdxQ?0=kEC z*&I_RZbe2aPa>Y(xvI+Ifln-8Ukl>lFosor?3ORHo2szQbm|sgs_X+uJhh+Q>m;@oF@+||k z-+RNkjsrBsd^&um>j1eDF95*+i+^Dv@I{Ii_5nyYlv`8b-t@tbctqn;2C8_brUsXhF19pQW6Wa z?T7bBH?a!p-g7RkBU=|5Jk)O)TJqn^)PHVr)pk!=X38Hc1UXBCqX&n*M4`AL$eaMC z3!t9-f-%{T!T&$n-ZLD|wrv+4L4*(?dKW~ZM(=|pT12#nZX&vg-s>nKdJRIw$Q>#;=--Qf;!(VHJG`UjLN)1kbTg~{BulgyFk5vvJC?xUq%X1c+i5h$QM z1jtZ?4eP@f7bDF`pb9}RddbzaM!sO2yziHs0DFiZ zvj}`_n-d1qQN$Rb(}XYKRlrA0X@RZiKsnxvyroPzU^eE3ncQpxe38|nL}COFSo@#j zpn=vo^4UKJ0%kvVUGCmwm>|V>g#k@KS@YcIAl0vCOOXCy1E+~IkKt$iZ!(Grzpm*MyNn~}So>rEg>X=Fb_@-Ha;k`aR| z{m;#s0^eU=#0+2B`DaZO0|ts*rdN7>eXmrRJ*cvzWNubz%YbnuP#W6;49QcnW}pQ9 z=h1APJ5Iu@ngfmKnl-))<#okA76|;<_|uk8z3TwnyjkF)nt+@4-!4iz6pX(N zcvFsglUNnBxN!5ps=3OUb#h~pm6;`Dq`hZ8G1iN2MY{mo_haBn3{lJ1*V_;@`9IIK z2=J>iY@}R~Vr)M)02D6jp{yT|GKAgYc4{zWuX$taaU7MQ(5AJNkU3L98 zqx40n3&%QxGe&-1)i=&h{G(r%hybEsALGjo^7kiHq_`OC>L~Of- zs1)bQ^1F7bHzX ziNOUXNnLyU#CNvY+b|DCPX(msh=R&x%w341*isEpI_5f_|61C3ErVV2JW`ScO^#HoM zfqGCLQIt}3St^EOAj*VsxfDSzVYal;UaM&@Fq%S(Q{U|b#~xz2Sx%IRp0SSL^`LzF z)5WdSlw5wWn)(g!7{o}Ve)^5*MwZ0X;{^*wQa=$WNwXlz{8}=$CV0Prz9M3+it~5# zyk-YYNm35_W4lUo`qb39@|RjgeXE%6%}@Og>_uv*TSeJ3Tkysb)?t;fwkFjzql_Pj zP&X*i@01hY-Hik#3YlaHKhfJ-D>eNaJe2!du2_GNZp3=-vtw85=+tH_00!x%N1H2; z!p?vlSel5yTC>ANpT*77__4IOR@fc<`3Svw#d7&_}olm@7X$$0t#iNq|~@YBrS9iwsTod(QVBF#f{1(dJCNnK>jYt;G-`J z`d|8hd*-wUk;6=;KbeYeLx7^V<=0r7E1-q3k34)o`9E%zaJV_YEuYR3+}#eCk>NV% zSa7sQrXdjD9oNW9G-`^gvt|E*Sd6Mm;tU?i)u>XUYuN4tEnM!F7 zovOZ!?4bBVVZQq=wAwDozjmEIbUp8hpV%JpEVRqc>&`O75;<4l&lUUT zu&=2{BanUmF=9N@RlaZ=1Rsc$?$pC%_}F<^6hXS3utQm3Qc+ZNQTVNwG?&EZy(kK} zO)=U@rFz2lLpfBsvXKwmGDg8!yAH?xr`iGH{;J3?B6HDj$XFGv*MYQ7bJ*|2j@ahZ z!2l`Q9+sI1hORsOf@YC@|&0GkSraGcpcp6_a!wm47 z-IwrF8_nPF6Gt75n6q{}ph(3?UgJ(Rx~*%%(J;;NA1AAdTft{( z!epR3x#Z>d_GP*xwxaA-hxfs|c;LmmmkKkLSNTT-bCPhD%1_k5*uW1Tn_Y@C z=BC7@SRNAoNT=zbduIRO2LS13xAdGVOB8s zaJdx$35Hc@hg34sSHMfO&EqbtcZqQ3Y ze>UV}O|-{-ns2coAkPZEYwM)_^&;!{%~Xxj^i}&i^b^H);zz7X)Ecj2JR|&kGigBQ zj1i20MYXr~`i-*Th>OZI8+cgX=#pf}HX7t#MMcsgwhn)LCejL-J%S+JqW8UJ;k%wD z?H}p0!+JMdV`m9I9Llw{0|aG)%TKrJj0@D2EHotnn7%KQ6i=RYghL&tMhYBp9N>#u z*nVQ{yGpw%pD=y(Q@MCuJ`6*gvz^7KPMuC9pNhgtd-h^{sNZeDe_LXYAlQ8eeIHL> zI~DHHJSfh&iB?NH3|o?n?WJv?Fl)=cgC$89ombM`0+dGjfVIs*qud&i=Gz$E?2Cu9 z0*G^GQ;F~&E1(WkYQ|d(HmcolQiwMU!!A-YO&Si}DK^&F;BsI|&{7ixVWH!cHsXN* zfZP&mz%Apn;U2GrzSIk`?E25u8fq~OC9;RqvN%o?x1#xzH3gvcA?4IfGX&4Fo|7$~ z;K^yY?|!WCSTI62=|1fpEOtC8&L3!Ev8b_$AQHPyl{1z`dH|3GOK=B*LeYWL)d zd@?mslC8W%Gl7+1ogHrhu(+KUy!~hLU(1+v>ZCMcnXq;CF_H7a&$Id{qM=Op%_Q}? z&WtIk0$!>`RKj+1MR%)|{%UuK3%!NW#3%N2sHO#(u-u|+MRuaOnPzGx2y5X4!irwk zpEy&cgi_WAopt=tFjT6ScS^;sB>n)Dd@Ue?^X8cfoe9S7`k`-s;)On^m>5(N&O-Ri zLbd9)?e|6Z(me@4LPvo9m$zsM99y&tyok(`V-7h+cUvq}-D^(WbwD9- zJ0sMZEJ{)zJK{2R40XESHqazv#=>$^2o!Q%l(%Eg_q)bcg=n9Hz|zp%6jRqXNZnVj zup>m>rmvP;dJ3WEvw0^$}yp20`_Ruu=dE8T`QVsn-MV=-AM-6xy5GUY# zdkkK4pG6Z(GKWNNB$}EVAYX@s05ze*E_4BAVHZT%Oz6C5u>0qHTKh7-vx(b{DqH8z zLHl!@_}_F$ae}kU|GjNkVz;Icj2CfDQt0lzaPxKf6^Z$LgUMY&d^%GzIp?oH9STGC zrHlRrWx|62H2oNc5r8OM-$Q#zx7%T-Jw88{XqY`rId%lCELhx&%B(aLz zT_s|nY-{XEoIEe;70Y>UE17eli`Mgg_{GI{42I_F%Q>L9BGO;w2QuXi`<-ogO{@HK zZ3bdFvb2UZ?yg6iQqhAliOB%8`wj?x#Pt>d%7#b4_$B2WY8NoA?v0(%0{`{G<=OWG zZhNu|Wntu%0`+VHwyVH0ec?Q`A7)kj_Ky-;s6_QA;8!E?Ez=@mwOTT)NMN2R7CnMD zybRn6V9Eb=FN}trkneXeSluhHCYdo~k(db{f{dqwwTNNEWYNWlKi$^oz=I^|6O_o! zwb1G0bZAuu+T^=ec7ef7?je9H4lf26j3K;I4wbl<4l;B{*Zg^rx8=@i^Yy)qzo3Ze z380TJ`FIHz4a-4$D#yBT{}7AQGI-|Z>e_OO8^X}mEDD}=0+8|}*m650ld-}z&#Um7 z5_zzc=fpNSH2Z_U$FWnxLJsG)jsWP_Z+?WKi0A%-bS4C&gP!vwyK%$kU8oLh2^DbH z`1(2pChn*^-Krh}unx|)q#1k}4X%}t;yV^+;&Pn!_D;J;oN*Z+h6seqg@M1*a z!x`0vu;GE_Kgj8Aix&F#SNdq#)xsOSUHyhxW*3i5F}Hb^OfIj~ryIwfsVSffIEGrg zYx$HMxs1V41&}>-PxZ?ZEyF{kQEcY@c$af39Qlt8ZmDr^B^;rd0QvNIc#e2AcdMhB zP*-#ie_dp0r$3L;bV5e+JE%&+M5X>){g}LB#E0@KrX% z+b>vWk^Jam(q4f7fj-VEIl-wH)WPpC&$7!o0~Yco2Sfp%CE0&k>LoO4gBktivKki( z_{k!b*j_$duGbu=OZh|d6npK;ZdSF6+v#Ebl%y1Wojt4j@8nr+$(Wx^_}!l(F2l|M z5fbb!@3l)N+IsrMM6q$*sIhR1k?p$#f_yGrU?rw?s*UMdfVoYj>)V&k3+<6REX!1| zHt>KGR!IEXiu?5ul#hRB6OJWQ)Ea6|MU|(kUrN$L6=&Dh)iUo z25L|A@XbB${FwvJ_%hb0?COO##RP`MXh%Fas6bcN#fo?~C+x&A`-u`EwN{j)LxkHd z-*6X=ZAF1q()pii%IW8Z`n7S-NM9y=a3u20oG)`{F&8seQ{9vSuotX6Bka3+jiI*g z$XY3nQ|${nsrBEr z=lA)N>rvCD^5R4V5NUaQ;$f{xRFS_&9kc%Qn4>&H?VmZyPlS{=?&P({I{EaqRKd)v zla8_lS??kL*C4VixlaM&0eA21I{6P?3*DqhzRW^z$xjL0=)b!O%|AZNXdD#T~xd9Y zP00n|n#9r>W6fok_CGp%QUsVS2Q4Ob`4G_RhdvHF8Vq*U>Fl8&zbggT=B-Sb3KZispMrJB*!8lw0 zj}=@KKY=*Uhz~a`w?h3b;x6Dd{tjKdRx`n4R%w1RbobQ}h$vgo| zN{*poTswz)8Q62q4QXn0wifD32#-so>t)hB~o?b@ob{fIw ztli&!*`pq%;%WA6;lZ;?0-E_Hsn^o9Tjy>N@GOH$O0{$aWKYxN7Z-5CB{#r->wKRs zhz$M?*MTRIFLDdV{VNIQ1P_`p+ii<6v zRrA7XIi+*`7duD`Rda*e2+U7lTfkG-I-q34-Gup-p^02x(R{Wz;B&{mZhPd=rSp!E0BBhx$@f zR*drkT0O2q$!*`!*hc}vr5^#%&gADobricxe$sqUkZ-7mrc|h?sZEsd>Tj#)%Dbah zSohM?uZ7Oje@BMlQwC5x4}`H!HcCEXanSwA`T)(KHoOHfa@SUfZpYA!Rl1vbn3PtA zO`19Y$o(m+XR7vZR!2!&IBmIjOkbb9EPX5dr?h1gOsf{nf}9^}P75xupqpM629LB+ zeWN_P2o;q=divk`Vn7lf4j@(NMkKnqKGDlLX^g~Z;R+|pGa*-!(f2PMOr`^Q0 zivGd;vj8P(S6JZ(cbZ4b}>@3{N3#OabB#p=a1~$%lea{GT>sN_MnmXKVoIIlh~8+rg;1Z~O}?PUp(jojx_zcZ_pX zrS}{_(-70H1{SSTkY?cqWFD%~2yoZJ+vhCi%xK)JpcxgxZPae%M=W*Sp!8%>AfjvU z7w7S^(ga*E^6k9ZIFD&nQ?&!Dro4Smdy{XD+JD-e2`|KVL>lK1!DfAF3(v8RnS*N$MUn-n1%#x6bif+A?W7Z6*XI~q0a;AYC4;A;jV^pD?3 zS#SQNd{uzpP_W?cD2C#GRUu=Gn&8rRz%CP|zSK^+e%e%52DplPe9DW%*Vm{CDHq0n zAFGwLEz1PB2JiAlWnj4wGrG4xFL{cgpH5`TREcIj-F-`zrRL6(&k`V>y5h9_0A_Be z{{r5|!tJre@Ft7^J{yfI3I2&xjnJX-Z# z`F%qqZik3}X-U{aG7e%~nI5To?0_=AnMm5a>7^_R5f7|*7BN-tya%Ma-{oZudC9~U zeCH69o`;Q1-E$&6*M>RVTIVUSad6^FoQjo+c{T95gNDqUK*BUm#W4ft4A>dhx`P6%%l?fJFsBa4>{@?k_3p8HHl+O2=jAhE3PEUs%*?CcORMrgl!hf5IH zs%1p%eKK^{uI*^HK?^w?RoP^xKUHK_HNJ86qT8~>NC|Hdrxe8F!5-fwvEd^j2V!}y z-iy6!Mc(er;rm4hDSe>e<>G?MGYtOi!5TL4lI-bVEX_Cd5NrTEqbC_>yDoS8*Lj1d z#yptyLn9vHe8PWNz^0ntgNG!;I=r3PTG%Lerb{$WSK3&2-Gle_vTFMWviOk&aXgR* zfg3Z5rB{yj|Ky`Zx?Mdn6-BcKY+(&@Z#4qv(9L|+LassZ2LSJ4U2ng%s?MIMBc-Dbyyc4bDBKuL zq5$wNvn){0PrB*1!YP7{kP^ETAgct8wR*;YEAjAvBq8WY#(L1rQWnahQ`N_T>)=7Q zRHKoJg{c(_uIx7G;I@OEZ#Z{tIeNf-XcjexVpk4HC@ufh%93xqOqe+W9nM^B$WNw=_hs}5BdX-!>~aNt-;bL zqR!J}Rk3COcy~sT_xYcKK;VQuSXty*pZA;Qa-~gurOF-FxQEM}{Pno3o{@tWfQg5< z<`vf-W%}a@p2|osRfve8&N z-1V|6m!mJ0AivL9_OXT3G3>6?U~--AM+r)2I@v&kmpWZ>Ao^EE zThlHAc2m{7kz@rqrw;!MdZjAENIv?1X;Wy=L&}0WDz2Y3MQL-zSdVp6Nw@uc`W+i( zE*ilZSC+X9zJh}G3)x)} zjtz&{n0tGMLLTq~=6u7Q3|wzzmpp@h8%NT69c6s)2~N5quo!-I0NdgT@+P5CIm%l$ zE4oV+^Q0;16`Cgzf-OXRN4b!)uGy}#-!=4@bv|~2BmFft4R*RJdxRgDlr>IC>;l#DJbg9F9LhF`9^^O^@ly${x1TPja(gEmi)lENO8xYK6L;_l31%}o} z;8u*JA04<63<@3xwOvFwzKCj202Ve9@Sj@&TJR1Ksz#vMdmp>SZI0CNCeDphkiWF= z%gY#A#Q4ZMATIoHUI%BmDLmr&gm?g{$~k^vRvSi5XcM{J{abS%IBpnlTn_gnfP7DU z5`Psg6+mGuQ-c!QP`4Z{7F9iD_~JQ2Vn8rX-B3c;pMEbp*ex z*U>8Ri;UK&jl3&8ONMo}m6EZf=j%S`tF1k@3>X@}ht1Nqp7iG%G)^bA&8^ADB&G;m zy(NiuxT@T{0h)aV9tAg>dDELNzTww|i24ZxDf;6sW=%OfnfvaAna#kAIX3Ir3IXV_ zaKIPrEf^2b)wylBj@HW&6L{@nC}}`*!wUgZv%;AaM17SE0&- zwPyU_V`bz9Qw5hL*(1NZ_7Vgm|8_YzCI*_#^urx{K2Hoq)PskvR4vqMK;IS_Z9PCS zE&1nrM$JI$*30bbsk`4|3$M3qE_cb<$s1*6`{XT44lL1~c!-f+JAGOz#dddpD1{K0 zydpNXbb<=x31+^ghD8%O7?Lh)KGHAnf_9UK3N&-p$^t&cI{Wf1V+k_U2my#Rd@d-S zKgtu%#Txe|<`w6b6c68hTjF=SLl6;+C;1_O_>&XzAaZjsXrD4svln;b0c)7fJd_1H zMixF1{!wq~v1bC_X(n;3bH?mTeav_@W_r4EHSfZ2_!c6iwb>e&0tjguFW1NC|FWz6 zKWc_ztw9(N_moh)2BlMiH-=nxOf?j7tlN6R5d!?NQ7_HrrOKkdZ4F8;pKGQ*v%RZ`%`SQ>bY??_MbtUjRI2GDsTRERThsvK++(-D6{A43 z*citU7Wa%Dc^4sgQ*n4myJnkVeWExux)a+=Cl@to9w(#7kY_nOq8;Nc-H<-qEsk>@ zuY}X@bB~yooQVzC2?thMFD1_^ceaD zE#cx|fzof|g-XUW>{gfYMTR9RBxrqIFT)9t+Q!~F0{j3fPB9XwoF%5Qs{H+pdH}O& z^Ce=%zPJwUutqhoQ#|`~fqd(i4hyFRw)&TAk#M$w5ipdyoV&v6bK1AVkH9 zu8T3MsE2_9){f_9{GA*KStFwP+O|$|su7j-j)~K1Z(3|S9Pf&rtsx%X{31=Y z@U}$b-)fGcO3tnzq_aD}FVu5_QJ(zys$T;{+oGCIv=9$(GjWiS=)-pXMwC<}x^!T) z)f8;*{lS(sBPsq;8-=y(a)BtJ5 zS$2Z49^>C~?seF`$m8%)z>c;C{b>$cu1J^;zjnxn&KWfjl|x8aV+~&E6t3gpdVL`F ztrBTtoSoZiH4-aFJ;*C*cjXGKRGaV6b}CP}2zR}OZID-E|CrO_4J-q#B6Gm--+lPq zRHctE71P8MXj0hj@&ur-(GWK*oxNC0tYy!{f=S+QZFC1&Wb*`F9kz zy-HVtZlIy-)I~hv{69-7ynZm>O%iVvgv{DAIAM*`@_^@%Vb!EAD7?U_Hb6VDSM@j-aug8rNQC%)6OvO>jSl=ubM(}2NbtIsmzR?0I?T{}-`% zQnmsTgp}@%V%@cJY147;;Y*d%u-AD%@-a`q>8a_npcR{y#NVdDOV8Mnhsaqp2D)bm z&L9N7z<&Y|Eo)nY_gaN#F<7hWnPj4^Lo{y^Lt{RU_Du5wz|qa3MHv6V7h~#%?jt*M z+TXEd6E(*B&!q*@=lsAx{+jA^I=L0#2E&>*@oFD$UCTv!RS=M)E3hSUWcI80U#k7Inz%Qd0!Pb zb~!uX*v{0dA)PT{@1;fak00DWo^S`MGldu>+rqyf<7C+BD{_>fPr(&Ate1NdwlBbo z2?_86`vJpw>CY>u?f@6n2a5*EHuSqsAIW1q?b+S6_l)f0mxwqPziqmB`@u{PJ~3WU zSMI~6fqoz2fjfcp7x4Wruk^c{l5?S^Xa>3I<=Zh~r9iu?JwsX4q&KvcxxMGfgJo*q;5*dc%o8mm!@J-$g27)RvSsM;m zLx-;@7n9hjRJ_)(WLKkhgLB3%s#f{hV}$5CT?+7EbSKr+luAkw5?u$#)7%LP=`|Zf^?l{ku>q7IwK!o@P zp`*Riz8IYJ1`g-30h7c+B}+q(R>Rb3$(Mo*5=3|T@faqsHl&dQZje*)ZP=e)farXl z23tw{nTOPVjTEXbTLJ^RoYHaDD=Ye**dU+7O^|EOYzGDPWp!J`OwTNI0YPZxkc`?9Gwc=7R^kvtcVe{@2hSHe6T)_|jjbpnEXF z9TIm~dx}xC4NEUkP^D}Bv56DMQ?<9E!{isfMOuN+nEiWLs(im*bJnMytmXyr*lv21 zu#FX`E76Awl!Yp>rYiwi0~6y)&VRaT=m^lS>*SVUSrEc$(=ii%)f?nsuUrg3t!y{9kk*}NUk_Erl{AZp% z&iG~ek&*lTb~h2n#_2~^)niIrU%2)^YA8wdKJgRTl?Yv}iT3Fz>qzd}`j9QHsiEDM zQA4z_$Nu?%)C#wucp&|XBA(r0XR$i!(9ycf;GXLW2!Z}EcO`1rj-^u&==f0uzo);)k_FF(eUjKK zAP%tEtW8+)!j_QNNw5N|H%1#URDuAj^Jdoi$Z{k1{?}gS_N@BG$+})ay#SA)?nyu& z&dKknr(F*PBgh^_Yo5aUzeAIY4%g}`6BXG*1G`y2X~lkd0kjmio9EviZ#F8d7HT>? ztERYX$LTTKSch9SE(!uJqBdNkEKx3sbKWAhmY}?VeOust;qg${@$a@{+JKdyG|%#xk{@|;eyNkU!UBN0|U#}R7!>;&}Syk$L|n7YK|e7H6N z^K=JUSu&!K+to{LQl+f)M3FwUWq8C>I|hAc4REGJ`$Da9g5{e1@FK%X@5(&52he23 z(q3wojt9UjjppVql4rO23L2<}fM9cJ@!(mI=@-_)Nmle9{F2-us z6D5?@M-NlW?9wm&@*lPM^+f?S4HQ}KQH)?izgPA!4O2Z(HeIA87qxmv5<3$h3)s4z zsdn21%-Mxs>oPR)h8;MI9X=-MrC%%16$W9wDL-eC^3s+<4xhuuoQG+x^uD8)+O@>J z`&|>Ot+Qs=KlH~pAq@P}r8!PubH9IE`SLBvv5raF1Ae`Qe9TyHV*Z7W>@)BV*{jjT zD}Sm}6b-AOI{osUO79c2l32<#fbRHXKWX_YqPOjDXK%8+pjOQik{9o#X7(b|9bzvg zT!EmZ{DF_-XA-mpG7B2`qcg+?*bpM$$r{aJRE18M)n**0d+`{V8=HwH0Uv?Hoq@M_ zj;fxUU_yfhy=z@$;M_15&s=Who6$NA^&BlT(fxNZ3ibfr&PP1=9adf+rZ#X7?l!^< zr|dj5kmGJn$&Dq)(xCcaqaNclXmQIO0K%lnP>E?J)(np+3qGz{t_IKdaWh@ju|@YE zK;*|jSZjV@7`o<4BAO08b<`oOhc5N%R26?_(>Pl9?kUGhLc*u(>DI(S%N1X)nU{o0 zr;n~*@CL>5%Mrd`dJmzZW{aj`kIwZW`Pb}%3?MzKHBUJ=fsKhUxn|I3hOO*r>LF*X zQlf%4(puwZkJsNeS2pmiy9b!X+j?5yMI~G;qJI7M$_O{&h9++&$7`muS<#is>mns0_b!1xMhR-MB;L6 zOELu-3T=tf!9+Gnx+nn%jeGqX6i&8#vZ%s3-s{FG2|zuQ#$%;Dqs1$-g`s9rAuqEO z*-w|sJ)?FK)SpNEI-FVWeju&`l=l^Tz{qP}AEV?7&~1&sHJ`pZJH_?>3%Y{BdU?j0 z_XQ|1A?bc#&RcGZU8@mY6Ur^jdGY=mgN3C57DCU*XBOZ-EcP8p_R@XiP{t}TkMR}8zI##<$LqV&f|5?gQGlD!9hH(`^^^2746(RM#*t_b`%cPSGuU4l9f zHVVm$8*RACMdY-o*^kNBj0kUX8l~1CG%vHj$!;cgF3*Ce&Xvdmt9=c3#Z(r>tMRGV zS-rpwx$}E^LWjwo_w|-!kgu^?Ir?NVE+<<7F!QH^yfpgO^-+zyl~-b)k@MWuT`_?% zbcalU?>M{)l7q}oGvW#(#SPnHDPAMyHxb$7};)*p+v7~(EQE-=VDk0E-N*6n? zzc^V{-T#fakIJoX&WEn6U6GjB5x(!@Dx+HHC_A&otC1?4yw*igwi!KIsy}Qnv*Ew< zhWSr_w@r9_x&l=uG1pBIg0>xw)>9?lDTQ?`zm68zryH~-9!!1k+Hv-D@c=@uz2ufb zf6WHN8QJlKgbK~;KFotJW*3<9Zu_$~%N@BMM7a|X5(0F!^t2GCpPQZhgvRsRc$1Q?c- z*OX?c`z=X;95w5lYBFd++XR>7E1iJFua(qeDJMv3!f8gR3+>cRM5CbI;Yu=mfbzm-;N>ufFb|$=CBR-T07P7?d9YC>K$&&~&@fSRm)Wb+LB-zWE5*F+=Z|_F?93xW zGpJq7dAg%IzpZ$FY!)ayr93yUt8G9tuO{1WC3?83QhCso5!8@!l&F6A1)}%6<0l2q zu1lx2WPm1{1d~x)#0LC|cJzFgu+m)Zeex3dv(q?Ham+^V>E^qS*zg1a8$0y`&AnvxMc6}dP;;d&&sFxq;DurjVx3sN9Sa9sw^!Ejkq#`*R$5)ah4 zJ+Me4HRw_O_ABmyX!q`2tQ}x-`VQ#kYi7bmoPfHpr3WB&)(%HY6LTS$&>Hu6g`CG2 zx{L+gH2gjqT<3_gy5L1A0JKrhONDjcEDw?WJ>>LYLv8%Qy~YL3sSWwAU1(bo5h^H|J_3xMd+^UvST|_&qe~{&D`j-0%MJ-RqEV znK80B0FKZeldhDzS!l-bB@Zn*WW7@P>Ntpa;XVCO{-v-liuQZ_Fgp-QRUF-sLKny7 zuqO_cc=)T(`E#5XR>~?u?E2}KwW#EunG+CI#Q5SI^=pq1t@9(oIy^Kb4ujZU%JtQI zj@E>b503XF!*00H5GSFnb~^%tMP=4$(jDPAC9VkFw1}t5e3EfW>_GH|Yt2nO&u7&4 zXo?rc3nHJ(nZveHNpBn=>f80s;^1hLpL0pV=k^MA)J};UVPvM4D_THg0h|N9hYXVr zdv5h9CEIE`5w}e&d_Z1dzLva4tS^G@a{3q0#C@iV>5a?X;PzPSS(*{$=W>-ZOp^3d zj(H%lGX2xr8vTs2Ls3xEs!%x1>8HHSWKQ^?b~tuE4*e{4>Ltpk9oV@yC5UJFX=KsG%^_?p3`*&?E7&gCE#X2G_0qQ2fMg@q%mYA{_2 z$cQ}Li#XlW&8Th~*ji%<|1{QPGyYna^l`U!g$k27b|x!FfY$*-KqIztI@Iv> z*xH;fbNVy&^+aKgo|b@nEHScxZ%H^nTC!H(c=%1-ID1)YVEMRagaq|p0UHn=-8io+;-1Xb@f=4S#!b00Z*L#9J z@$&RGn{Dtn?ZSi~3YHkF@Cd)-axLIjio^S~;`^cz)}pCow+iw)Eo%(Oj-Vf zFQ@^>r$%7wT`QpIXa>YLQnbd}n37d$<|t&Eo&B3!*VzFj%NwUbH0L>_3LqGTRSp{c z=_G}8n}{25H@bqA++NoC+VPe0W9o89Ft1a!S7d`)A;V-wH zjs?=E*n7O;%@vy&9mEviW;?iY?xHG9Zktektu{y2JNQt8uNoHJ)?7J;5i>BAPKk0& zD_(X_G?e?qrXP|S)!#D^Caa-8V2ef1H(cyPEC({*ox?!MBR598tJ}owRi%8Sd+sBa4rS9j?9AT3CM%HAAnj-P=sqP}G=Z zAp{zp`>5*4Q)+WSfBL70(f^S$aThUuCBNjSX;juz;4(ywyFcRNcmkYZN&uJrm-{33 zZ(d-obq9bf?#pVEJd!Z8OqG1G`naJp7T2YYM6)OFB$S5k68riHVQ{ahk;}o2kejAF z^w4xilB;?wnX7e3Y0~=_!_^8y?@H+bd1f*~a6!cZ1?@a?;EJo?jqjqKDI+M+l2`qZ zc?)-47|YW-My~Bf)`P8p=+?R@EqNwI#LMa_`mRmQz(rXA?AlwWKN)fUo>8$|zm#m| z;J2hTIN?xD{4$tn?dRy(B8&b>b6J%#{mb6&8&y#R}jGg%rtp3d|f_0RVcpITx z**}kIcvG+bDBt}RdAzV-y7pK>>LsBwt-)C*NZIZedU>6GHNJgX8%&0La?O(&XmhYz zuw^0rlwC5yg#JSBu#p5A*y>A6qLjBiVz4a#@_v8o)@v%dV2y=mf7Cb|s%nDA<~Y4{ z;%ME~6zClCwdAm|WavP6RKPnc2{qqtgoS!Ka&#a>+uteYf#?f)&(zLDI>7G`*a`CN z`;~w3jyN+XPB4Msb=a=_J>wX;ccVheDt3w$6Q{GUs@)v8Mnw;c_&GVdmw3mniB`X- z+3CAcj6MvfGvVb-56N7QzxEfz>OgO;u=`(Y(l*jqTTbT~Ta3rN%Dn0VYhGX>ed@;uIUrq68hUl1qpQiGybKVctdybO>T^vOkjUqghVxb2dZY8tERD&|as zH?`UHMLz)5Dc({8F{x!D1M3LfInrp6hs$=Iua}naDnRNU(?hR^fSZxgs3D}2`0k=R zaaVnCkn5UOP)+M|D$93_ z!eARo*3IYCNx*<#R)$gLw(`@KK;3VvMu;G7^H%qEasuv8sQ>QnXW=X?==SE1l9-kQ zn!G^goiO?@NV5i`0lRYXj6q9f&w5kTBBh23`1KyzKAE7xoqx(a5Tw*1^Nt=c6KwKq z@?bpBk}UNmn|i}9PLYUXlM_*p;7D8sOb8zWxEY2_x*bl@t8c(*>K?PBxyBh zSO#zh8)#ky=Jvb5_oh!3U^l}xrZ5k;;YdAVoQ2&Ay_uc9Y0muKN)N|7hhw6wM9FTf zrXSqag?7(Y|AMN?#yXLoSvAC2=OXZ#-ZP1>&f`s(y<49EFzT@?T8)7e;4U;}!Itx3 z7mpFY&>pMbdGXu@lt-NFjG)SjL$d}OJ-Xo)4!Z+yCCr-zpr?<{O>0xOR@{Oae(SQ? z$9K`lbG<0;_*ED`^Az-;1qcYuGN9}l#@RtgA|>lx%YG3(q4h{S;DyjKyAamdE8^Pk zi$`Ur96?*9ffr-=s#bsk%MX>pjyT+Z0Q85;h+nDyuoDe|X96@RcrQ8UC~q#l`~}5v zE`XV?*+yI#Ki9hj9SS9m6;;|qKghDz3LuGjlgx2XV%VXV@im$O5sfbMx@`>%w=eUr znV(p^i|2WJ_Abd1ocY0I{Ei>9DnKb|lluy5TO1iul_e9CzTg8K>Lga>g9@*C$DHpM zTW(KzQbow-8`zl2JpVG#tLBvILKi!o>rDw!@V0BJOFDN&Tm4=b!Z>EdJAXcU%yZv! zT~ZCl-gg-B$Ritq*7xK*{2S~sYP5-BUzti?=f$x!V)&v~J3bUjBWK}I zs&b6`j(HjwbSf}K!B~(?Y>FKA3QS=)PtclzHH?JUY(gE;Tw_+kCC3sJ=1!?}!dwe>Fg6xF}awPBnc_`xW}8qOB*b)lB|TWa7! z05R3c4c@tGS;Z7Lj|+sX-^Yy1f3rHQyT?if80ebVPEgS3~xE@j>jM(_KE8jc$(gBj=Ftx=?5LS+$I>j|5v{q~4BR5Wfb{8<8Rs z9sN3y(sDyNKiTjtLE3tZCHBElBn;aI`~)hjR}SU3(jI9)_aL6VK8wX-b6;vuJ5BO3XNjB?ZC*Q6*e4_Y~Kt4=j~S{xO% zKDxuBnm>sdB6!IxK86}Um}Czc+Fu`QoL~JkCX3>1gFkAtxhb?3dDhwr%tS+2)$nE* zsliyf-f}1|&rL)PPrT>oy%MbIs~5_ZpwC2mmHsgvOsH`@Q6tdJxBW)GwF42r`&5Z1 zr}`21!22DGbML;-{G>}J_V@6pwx$rFKm7PzhDo>euwT?4R{gY!eEx*b!-bBmrOWk@ zMYLyUPu&v1gIua}wQ*K`Xn7eqqVbzndFHo$HYn{^$9n8=lef~9)`Bv7*P^4CsjE(Q zwPNeX7x0)!|84#OheK#QT12qaTL*Y4vvh4~Rln%zAT4Gh6y29)x(omy1q9`G?pcod z3kuIg;g&Q!NpP_bt9d%rY^h8Aj-&Kq+O98?WaxkJ_MTBqZsFEwXo6HxdW%v-rAZUe zKoFH8B8XC?MWur@k!m0m0qFt)ic|#wDG}+tg(g)%KxzWgTSASH#Jk-4ob!G6eD}{C zVCH(Rzn)$T+ zvcdY{a}EH{#)YjURiPdXLZEe!6A&=;bnhRZ9|wSc?@N(lB*w8?NRh4cCSab0Cq(PW)ldQj`~rO zBhKagk-5};Or2QrFVo$#warl~XU?)G+tJ#b3Jfn@Njr!~-;zudD#>5FhtcRh@VR(d z!=L&=Iv;72@L*VPUhm+El8=4Js#RhCQ63BY?G}AM!w1{;vuUkh+fZ8e? zH5Q(INJO+%?W|Yh&8B`%edzb_xL`zk0qVOiN;wZS^>@fQO@au^9vbJ~V*TZx zbq3@Z=xJuk)P+EOD4qHdF;|yjZtf?3=~|fK1X-dBW#dbm#j@??_wHBo=>El}+BD7S z;ma*O@OMW^mSaT=2-yoZK!H0Rolix%WCNZXr0fNtGj9)jd999Fe^1QkKrC=o$l@Vz2j=Vw;=b1 z_UiS{XqAsBtdNSXX{Yccsk8+LKZLTwct80bwjJ^bRfw62+9rs-!p$f6%Pq(33mlxU zGXwB0kO?VVMtsb2+)=1sh?w1cXzzg0X4kp&8JGv2>A=JMy?{!-XRi9hdpE)DFfTD$ zi-Dw;<+2ACv=(;Lem`saNUrhXv1!7Wrq%9ZA|LSk91>50VPC&HI+4vip1;G z2U&=b3@^q~zW1r9p1@yC9q^mu=EFxT9;iXQ&+bl`H zTWQFP2mB^96aEG#P^1fUw4fBV$B!?9-(S>ZteK6Zluy)ZJ+ce?*u66`sp)-tv*s_1 zUe1@q5V~L{OD=&yls>~ArItD7hGAHI6;5tLXR`YA=Qt3ANHb(WUocKbsBTTuk0mjw zhSz^Sp8z6BXY%%9sMXgPw*oNKHQqd;Uh9^dzR=B&k_n_sBguk4Y<|pZF=9>#-Rb&| zvK*F0;cyFquT=QDQGSPlEXR97yI8_eQaD__ju{+mu|7~OZ?~F z2Wg4Ny+se!k*jYmQjU%C$v@q!kCE7}Ac zkgX-+9SAlBG?V%4w5fE`mxmU~yHP>Z8SBY2$%7uDp&J3WL1eQP{HNf}C>uhNoQ*3} z9yVc)en6R2w3uMyQ(@<(ooL9w(*^q(8?Df3_{o=RSv41ALxw)#%avBm3*SEJGMJvH3!5(hFM>P zfX@+%$O}-)oiJZDv&_u0$#Zczr|bJBQTwLBXE}d7o!NhAR0qfQ8znRJ#hy+CDhqp=~!MgHj^?{vcgAiPt{2y-vJn7Umg zVfV9VEbp|6gbQkN`&dt0c$&0n=097V=WwOa6C~AKbt$ijwQZ=;zV|l7I|M`RezL0! z-MfTy$*QxQKRFyk$$%OfSNyZB&%^m7%YJ+o@t(fT(ZS7&Um8 zpc&@lb8$-Gl+&s1tpMuqp324j`>Sxh;L%5<%w8x`79iFr00`c1d%P}5-{N$A9vGP`BP0a+B znf=O&A_;S;n&^IsZo2lf2%)f z8^aWKztv!?MnqJ=9uSxbL>Ih$3s>fqVc?4f1m(SqUUCPCT&Ap_)Mrxs1nv%5-d@u61KUkIHU1*XJ< zc8pJo-a)}rm-DX#SFW45B+8%4rx);yA-qP$9~33LUkI-&?rRmPGNN5}*g1uLVUt8m zTU2B1CLm4lFK%uWdpX;R-Bp$=5FyaUcLu>VDw{coDD^aDuYOP65!(bGVau5=rpx z`(9Eyo3MQFZxB2TE0^hXV{);xn11clo7O`#82XVtYDyA}pj5-}i!Q-3VJ4gqD=7Chz;scvK zYQ>f!c=@%jBv*X5@g?3Rme81Z;k#@gr{X3s&%ED5^Z3>sT2+lpKObup*2&(X?OpP* z6$^&oJqA^}c&NAAP(KfKfz@1?K(o%xmod}eTD3Ox%J_=yr9SsAk4e)RJ-1oiXk{r_e`iTz#`8kt)tg35zOdVJ0Ux}qiF_{nVUwmRPES53t z$w43UIu~oQ+}vsJLoA!$6_IEEJY8z~3#$$G(-xA%Cvx(y=fnlvzLu?t?&}tT6Hxot ze=$3X5y)$W0{f1%B1sPm*1gj<$KD_OHk&s`oxMX_{A}aoBX!ZFxSz@kkf$VJB7GhS zMv!ohFs>clHWuNa`fw`OyvFYAnVN;*2^;)fh6DF!AoML&?L3JG&p8*nZ$35n%HKQG z(@(ZGt#i#m_hWNk*HVHuZKAuD|C$+}3jpzdhu6?u#kFO03H>Ac>(*LgRv3a`~EL+9JZK^Yu-TvhK{m706w0*nyiK6ABD zI7pQ-%0^xb_C(u8M?{sE=M;+1_Q#LL+(6rDf_jG1ZJgGU1GUpPf@bq4B0{5nOtC(> zs;p9PYjgDIg5X3ZWJ^!?<9eELMPgGz!6ZWR&b|JI-t%LEaV*G($L78f=8eQGpATzi zl!u>kT`3Q~{@~n#u{5gTr=mG=Y;$?F9WxW^l@cV!y*+!%pw;oH%fRw3Rmc(<_U zn>0G71LD5PMGaqB@)j+ZRV(i6q6toioS<|4>&cqqB+)!3K-*kCtjYJfe6_6&nU_uC zh+-I+#)XeP4qacP^HwmR?}PqxeI*MNmKt2%YtJO?Ill}O(MSKgLf-3#4{r*`_qp_` zuj%ZIi;rYNO3W@mKBrX`KK?k-xP=aIer)&hMCO`pl%gos_AQuGR^+vd+N|1uiQq<= zH7eJC*@wQ&X0t=Qnq~BPpwCV8dKU+=yi2XK2UT=)sw>UNHC5ayK{;C6*X`1mai%xQ{jZMM&&K-6k!UgA4sB;vUB^i>&)SBw)svpa>JC9~xe0u*9v3 zKI1g|+8-YOd~CXYPX(uHcY&Tc1o{pBZv}LKkRZGSplVfZ0Jx5U&b3 z^62LNPNc?cqlBlJ1N5Z^|7x!abBGbxp5-_mm^p4$EFnbreBMdBC+-lcTE)@vMF(Y= z$2Q^W1o zuTI~3ocPxJUM3Z-0N(%Lfblo~0oI2yhp%&W$+CM_wH&i;<)O~*0HC};(9^BB!p(9Q!G27ENHVLronYz` zz33@_`?G}jm&xyVkRMbt=<)dCwo42Q@C^p-Jt%O!h68mb;k=`>bz5>^xv@Ok4yihr2o6t{-^)j(T|4H zR3Ki}{o-rvAkSv`C-})Js4FLE&0zPyxG}S3B=lI`K}d)ool(?VJU7RG(byOJ+;p@% z|B{XX_7v;2`No4NNE-nfO}d6Fd>oD88_UYqkxPk{wtpZ=Z%DOi^c?<5==69c$H<-= zyQ5Ea=}FVaHO6)j8>|mH4(@CxzMz>ccUP*UYvk}r4dP`kxa{Ust5yFetE=6 z!9dV-9HC416iyO8Wi&97$gvym>f5cRb!;RH7x2RCoHLw&=zKq12wx7LqzL@w%{&-2hbC0JS3Ho22baL6)X98#Apfor|=(Q>JRp2HPX{*M)DOw zFR5aRi-?NU6t_;ml6ACdFs3-tLBR$^l{FU1=*}_ z2*P++gDUDk$`iw98#X&cxpT-^%CV=cC?0`y#Gy}H^tfd^*Lml7@NN5UE}J}R1SZuc z2I59XlML}oqW%#wbiX9)=hFnjc)R*(s$*?6&>|cL6E@XgZ{--0}=>%zz|IMlryyNZrfDAJwKK7B*#ThTcYSj-V$BM!~AA|x&! z&$iBWH8NDlq3W$#-!gC4(Dk9}!uWp>hY+O6e{Tor0$+_qykTRcM#qb1QP(7k>32U_%vnwsn7@Cwc(0pv zF=E}QAe+UFnHX=1Zz>e}h$Cyvw-Ff5%|CS&in)6E;B2Tl{0z*m0I4zNqNw*|c2Z)( z#rWqeL_NvTx+cW;c!uuTza6Omm+TiO=VBk1ak<4zzrYoIp`U0%)#nSKqs5rgfIi3( zMKTejPeKVBAg~i%P(b5D;c5^SQ{LzE;CDw=LJKwk}z*w-Q_lY=zdmxq(F7~?VbbBPc09(|6wnyB{>%}p-Vfu7j< zqTTr?(3U(OaW=ELdTvatxl-@Kt!4i5v+Pedrs|$FORuk> z+3Qj5Jidsf^}??dA+IhdNPV~n4BOT%@I57mIpXQcky+=fwwW=LjX%g0SIs)bl=RQC zZz#9Bu7)PWmjqgx3|YwnPA6O$FFQSP6%*yRMl<^;FmxxIEgz11>Pt@v-vqoFwQ-#@ z+5YZGMfeXdrgi54MFVYDn>P#x>5sPl<2vKt;im-SH(p?2)t2|6LC41QD;H>1K~GeO z3XF!U*95RCx%9o!SVg~xj?4Y~%~h2nZzTBN*-*ojZq(pjJa zo)Rqe-+z<$gu%8<9s(*A1J?`6FfO0t9g^h0m?D-XjyZVSd-`ebxQi1FwvBWhF;Kj>gu1{wP zF%1T?^(yB{H90Vc(5eU<%QuJ^O;s=ZZX{Lg#^)-m!HFzyzi!T4#K=MP`p*`HzzVLg;OT!@cJO_UVnhkC)26b zG?%=vm_VbvVjWu9EvZTlx_e29?vP)*h?L|bYy3nC(F^wkllZ*IP-pu%Ih!@^uTHQ5 zb?_3e6iT}1m}f<7Mp#mt`#9v(I&z$(;=Nc|BOdfj1^oz}0C(9z;Y9Fl%ZtaN`B1#9 zI?GTX8|i%Q*wY-utM5*9i$+}0l1_HZTQ&kQdkbj?+tG9M3W!KU$C25Y8B?pDIgxgu z%zW|#!})P+XXE@-26;#%!|QZ9w9kc`@4LjgfK$XBIvk|tHv+fSXPI*1+O=Buk6o;A z<(AhV<*5%8v?;T3pXV`v*B9% zAIOf-2x@%^L=hO!uZl-C*yH9-zW10{wHnuVj(MA6x7f0#E^x^C?gR23-njO&`Rb&} zs|{%xSJsIflXK}HV~!?MVljS735u_hk_YK&1s)(DOALJ$uTP5eXQd}$qyQuSWQcyX z=R*?Y0@IK+M+Fr)MK}Ua5Pjyk8qzxUXUMUKDI&=w@3h~r)oDL+S6_%RhKHi;z((L} zj~U||Y98JG^flQ&{NhjQlN^htn~?NVtn%?@hm03!fGZ(hh=yoiNGz4o?VyOd&>Ppi zY?XV6eTtXU@7SJ4er8BcmTqa2$irap^DGt*d!dzBX zhIp(RkkrVTBzf#0$CUFIgp<t3xW}mam98)n0wkFwdKFQth3?TGd5&5w);b!(Rta&&Y4xQ4qgV*(19Embp zp)4_2ItzTqiv=&_6k#Zd5ZY1O88|1dU*baP&4&si75_lo;77V(i~BgQ|BAwfANw@v zT?>BYYrhOOX=)|2V`73>F=t74E<| z)1l-i<2#p%|^FVeZ8utTA1n0>K{4 z1L$)BESWn5A9C0>e9v?I1Em|jW10ibQ{F$2*V(Lx^W5#I(B)45qP0N9_n^6IEqdV5 zT`cUq7=AmcN2SxZA1I*84?`$ID`}m11w;vqe(4%DJ9DgP=;h8XaYo461JBUmrmKW; zQXJ(Rc-LaPD6vla%@gC4+x>&&kflG6p@nR=YKOml%U0CWW5;~reQQzehf@2dxo_fe z_c@A^z!7H)jeYUMlcI)i%#R_76gnvNf0d~DR$TAHlm4vqgr>W?@}L6M@6=nazJqN? z=+K7io*&n%HtD9tDKx?dUaF&Djey+p8ihwg)c15lHCZ5H|M8Fi77X#BX@VRhwG@go z+Dq&-6918xD2$4{c~4r4bka1CbB8+=Df5}wj;Q*+cg-$y%etqlm+#P9^^O1dN^|=* zlNnLIjn6LBW@@1#+F7UC?d@_3(laLU?gg5hzhcZ{(4Tf~@1XEB4^?`3e{E1lmsNdz z-I^S{&zw!+tOWeXD&R*x;!sDd>xkdrh>S#A;Zq|jWWv?x&H4Q(gLxAl^;G-&(#zHc zy7JXR@uk(Azo3;UC~aj7YS0-)7O0>Cqm-Faam!?uG#~Qb9L~7u+(TdU&N&w8DYMZh z2-bdvT5dvbFpoe{=urB>+2v0XyHQP%b$=j9GNAqV1w8lf{p$222~-GT&(IaMoePox zz4q8h5^zRm5NaTa6t@>mbYKi|)_rR`eLP@#n?FaiUcg!)lP=JId=5;GBfV~B4RA&6 zeKLd01F6^>q|6`4^%?N9=THRBRkOi1edaY3iwo@Z&>(B7-OZF?(TKh{#M^grzM`qf z5ZPTJdY(N#u<;>?wooS2kPlcB-3ZbxA1gH?3R@6(x*a#;imPa5b+omK`qjI8o=j~9f#b|cX8>kN^85n{ z5dS;-$dg!zMbTK2WJW4B{ee?VLSqD(W9yr=3#HPOe|;QLw!ev>Hu(->aeqxyxc)$D znvX683DUQtLhKw`iSh0~A6>TOfIi)rZwe)JwZ*d%r&^EhhN)zZjo-Ox&Rde(dox&L zVX6C(k(R|?f1vO9s!SW(Z?Qm7V1BukPl+;v>^L;r$}ox+3_F{RzG4v5iE$NrH)Rz` zV8THoV9vM<@msa#(HEY-VK?o0`Uj#Q8)o!#*XESQg=O(YfqnE%;Mn%7CMP2=3Vg4q z8z`4_YWaGGXIj3y+ahMXd~LETqJb&*{FFkdAY7g<+M7&Mj)7k`@LgD3h=rLV2C72HQ(d-F6ElR2GQ|82cJ;zTTd>5a| zVX({zah2xtb8RkX=AW2eDN_BB*Z=OZzyZeff`1`1L#KOyFM9A)fb%{Zura;n0%m)w z@1VXE4uZ+(laomzE&;UTS4+`8%&xpx?^_Qcl+#AnA;)}2bm|NcEGr#|-vZ0?|DSdo zCpiZui=Q*98%8&sU032$UFr-!>4G>+(mZ+X_6F(=m$c!&3KWR<+hWNQvl?oNlbaHg(h$)K-%)XZ?t}C4 z59A|P5c~$|F@e6Vi8*BwdV2k`X|H?U2TfydTY)oSw82~cyDLr+5rI;^{22cRKC9Sy ze&^`lJ?u9PZ%Tt!t}Tt)kDdHY&=D64_ybvQVt_&w>WBfW}V@J9}HCtS9Fmc8J?c#=j1l5S5g$YO{e??BP|zBi55{SLeC;)S|! zUfKI9cS{e=v!J_j9^;`15z1Kej+vs&(LpuX@BR`@b2|@6pptt09!>_)`THhaSqvc8 zp74O1qB8DUVfkbU^3X-J_fGUqQQdF1m`4RLd-_sk3{eM*4rN+sR0Cyk%Ax64Nl)hF z*p^;VqngV%SnhOhY>UmFxPZq37>uSxN|iZ}f9 zlTTZ9(z%;~gD-E1f|k?4s#VAT^7Q&10=B?@j={GJlX`V#`luv%W{l6a{2iy@ag!iV zi0=Ta^6FSIQiaHl)2AXvDmKcw+})xm*o2{NHQ8NhWeo}%UTZJI&RCTLugZ9Avwb|h zZ#gE_|3}|ZWo-YHUy@k*_hQ%OBHZ^^;!UioMK^HhmO(~e8U*F%i0CL<<_F`=!>=D1 zo-sVhVfQ4$8Flv`Z6&lSPk?Td~CezU(NX#EdA@cNH z?ZLp1I&@GV2hlR$`S7rbYTUK5#P9-j^W@x8_!V(6?%q2g?kAT8o)5y$lk`=Hsq=Hk zOfz7;FQYZduTj6sZh-XRG`gK+{`L7AtkHcr?d=%?@k0U&bL7!q_WNDtE5i&lvx!h zI`XJ7R(`QO26l5njOSTx%j$|mk1H4yji%9mwsR{0J=NJIe4+HorKa}hHWZujMqrYI zquMVK#VH|8qM)V+AL>?r{>t!9~FS5HmgmIw*f`-^Rppd`Dz3UW#V6J48* z*x@T__PcisEi^eB<0e{3uh2+vTjx&r%3sIZhCU>^>4kTSwXT2edjXvSKO4KN$&7%t|!7>(TJo_I3(OaN-2-bF7?L!bA2sUh?L z4Js+IV$}G*5N{rZe~F|5#Lclesp}6!WV~+L_dbq5458397|7T1FH)Do3E*m==aH?4j!`iUWVyv z&j&3AXGhM%-%*$<(xGUge(fgWUFG57M&;kT(4J+UMZTC4q-yr})U1tv)xP7JHEe-UrMvy5s$m0!}OeAhovU{wXdq4e*kj(_$h#1jK?=-obCizo}9(9zpgbgt4bzA@^qXcj`Zl4=P&8 zip|<_&0<2Wr-6I$8S-51BoSg4gKG0Bt}=Ds;?!3?d92(*x)tE};isA7q)|pnT2#sv zeD0OC{BzbuRO+go5OnWfE5P5E0o^)xzyR*YcU^TsFAl~FkW!KP)OJ;R;E&0uYI2=_ zp=2NO;vu#6`?4D3w|07`WsxtXvmg>%*X^fu%g}U(#2hi?xfb)2#CfSws^k2p>exMO z=$1r1F#-R+JrF*k&@1)OwdB4Yzf11dgnQpFQ|Z4m<@{|@sRqWTPARLhGN|ou5j4v*5;`xxqAoZPxWDrM3%dC$JYu!)oQ2^B zgXgP~I{1o>g%_hRP3GO(ak-bMCxmLcM8;~#+zW2){m#Z!BMKl!>gHjp%p&INlpbTb zH-83oh(B}YUC6KTfo9O~f3qnmmQ(8f6&B`6>dqLsu7IYX!uSnm>V!4b}YutZOuQzxHI+p@GPI#A~?tSBF)p zbyEm)tEv1q;^3iV$iFVBH9d7w)Sc~oZ8H;SFP+3wnr%Plb(RN+<%T>6+3}qeZr@7e zQWU4BN8cOJ;@q@!^iUT%d3?hcg|pnM{WRnI2Vzk_tY{LJ%n~Fc`aR^b%{_s)kfhMy z^vs%t1fmHJ72MwCf8Rmq!sx!9l?tra+lchHn1av+mBJ6U2O`(5%25ewIOEAymH(WQ1X z-L8nJJ3kjpGA}Mo&R+j+;lvy^%pGp38$5b3;eqV3vH3=Kjk@Gtp<1dr@r@`=Rq z6bWi)H{x3i957p{od^yRFLp-n`8NBy$D~!o6MeBqDRzwh_PxfP0jw;yaBR_5421A9 zaw=}q``Y`R@LOTnl+!KN*X~4RXL<$?$aw@gFSt$GQ*=`!!T1Dl4CyR&s9w6N9>q4$o_#?0>be7 zX<$SSlqObVQ4CI-dFw}e#)oUcvm7B0qiBX?V@)q^hlYl*UcRM=ZH@|LA(ZBcMTCPy zzHN3`JJSuxJ0`XKKYXm49^1E#DIZ0zT=VnD*%3jlOy>)n1TQFN^U`ms8M9$hS;8E(4di@*jG zwmwtN5!CYYoOX1UEX_?Nbojcb%euqxnDm7D!WD^Pa^`ckFk`cWJTENEvu)EKhMdMq z*pKbJ;^!4*wbHTF?h`En_E|~)P+7WvsjMxqY&}i><+48fCzr)m2)jl2hy#_XS9FGi z34y}{VSeSOb=;(5NV+|L0^@R~rY}s$83EpIcI3r{chVp6Rb_&ERV@l-zYTAGW4lrL zLr1`i7bGuaW?uUPB&-RNCU53y)i=k{PoK z&etJmi0kcvDit*~_^Lv|J@4(sZ`3f?moYI#K@+NRm)$je6@P!ySKZx4=uj|-9R=Sv ze;_02h$G%?Hgv)NrY*QwuKgOb)3+|5o%e16dqE&k|MA_@`}2dO#6cd^gwQUqb2dUe zPm@qYdycsHdE0MghQ^(X;aWND*mw`iu9q;Q55#sYz5DI{FMY=D^t~UIOMc{jLjv+G z;1w^e&`Um27aEOvBJ-Q`FJp`-1DiY;H(K&HkLAV-0L1JSXEq4tlP%#ocFAqR7kDKx zc*uTXQ6CtDClViGb#WP5`wI2TVTHPyqyTLfqMQeHFcX@hWa;O|Lb`*$87c6^Y4Suq z*RY9*vdVTyaWU00E&CdnOVjvo)Qcp@9aQ`$caV)}i=agf-N%3t6@T$2;M|}u6|!iE zu5&ks9{X+zi@nQr8NR*DpE2mIyaDFLKp0m*F;klrX@-i}htsT$&B`VS5A}(airGzC zcb$8)yGu<)^B24+m!^RZ&;K2~;ZXQ!${>7C6#!upn1~@f-aLrgj?lsyjLdE+;OasM)&Cay z<*bT=LJz|YM=X^<*|FaCvZR#Ec*mW*Q0z$*`9`G{1< z6NVM{-uJMI#hLO*CMZ+HMA_3%tI&ry7vynJVMPv%@ycg2^fC4m)7J+n*U_4U)HVR? zi0IaoOx}j7#Bu$vKM$@{27EQ&Tv(Lkc_znty;}`f3qAzFKytHrE0b`!Q=qUrgP7U8 zfKnOeA=+!?sY^w_+GJ-ZXUOoRSU6A82jLiqT98p1piALA#A*$^YZ5tc-bGV_Np4=z z&e+>qHTeOT^<0oUl`5U9NiVee!fzx;0LwOID4Wfsig<`0SX#OuLV!J9bdRzD!tU$h z0_B>VTD50c_g7cGtrW-bn%bOt1_JHBkuMV+Jn_qIjX+Umpq?>|D|*O`V-Hl<;Y;{>#yAkvt0uNDG`Bk+ufNcB zJEOHcD2&Op&BHj?q%;5fv5ad-$Av5w;-!Jvb<9z&@#SfFDtGsee7X(JfUB$NvYhIz zK>P9UP=F+l{y=C@6Ow-*iXgYVVlXa?RZ&V~_S*=i?0s|ud#7k+rkJEJuf6)mHSN-* z&e?1Dxe%$6C4y!VXVi3=_JfbzTk1XMPI0v?NX0P6WZnvNv}=kaSLlpy!HKZ3~Qav8%|NF{h z$nDqKz$`3Kaj9lNS)4v+z}+1M;s-9)!O0;aU^^Z$2{K1@^&z(7m(`&jfkS5cZR=Ad zmk_Ux-qd+#vnS5#T6Wq;tF+T;U854GjmyREI1e_k;I@O{_>@(xy9CaCGCrM0YJ2QK z*e`*CCqvomG1L>{kY#1q;6FG~|Mq|4MBo)=1N=1VFH$UM{tFZftfzu?^{mpLZ{E#j zQz0hfecGB&?O$`zGLPHhpRnGE8B1j7i%t*veIE?aDLm*@3WM8c(fT@LxXe1ft|^&Z zi4%*IUN(tQJ}y?j2S8WmhsMAt$O6ofpwvoXY>Mi|)QuXaKFfdmrP%OJYk;X{NwsQu z40a*!9)7$N0U@S7488rGbc17jH~rR`seabo72faH)k0MicOo{yD=wCA2)-&PBe^6Z zh~Qg`-ERff{Bm&9Kyq;&2gq#ji^m{Btk?-#b&9c8*Lq*<^2F&#E}D|C%7)m&9vT|8 zAl7zHB$&$En#oGwY^r>edT5e@eS7QIw^e@V0_4K)paJ=Gd*yCg{|*kSMUZV9Nbh^2 z%j&F)vytx9i{I>qCgsTnx)qP)sq@8oc=xD3;-M|^Cx|kb%j;%N2#eXa+#3fy$zxaG zosfIG)@RRTHq|Juy)mFqChlVOLmQmuc`HkFWJ=KaMyKDaq$s|QQ#$p4G|@8nC7(!x zbqgi2&C`xO&uyw{iem~LY~l(rAr3g2L!c<$CrSpsKgWnk(-bt;6n zsY~udcRR8BQs5KWbZg~7L!EN`Ha7kxk{*qEx_a@2M}efBa&AMi&5jSVtUAY|goG>& zEl;bATM&1(i^O)UK9lq5RsXqH!XXp^zXUDX@~7fu7h%KzgctXIe~(5dYYG zeZ$RNW+{%>Wmbzfqw34%csr0HglND6#;}oZl{W7=o7_8=+9d#mg>Dx4d`gg779n+m zjLqUCf(+yaJ&obD&Fa1?&r2fBKCSn6h4KaURdp2e@pIVbmrc;MowYOt6VJJZKtnyh z3$HQx+fN~olh`voEiEnLYKebk=7AR+;M7@NSBo>xjc-3ETmG8!p^NG!MCwZhn!Y_D zo+v*KGr5On(jw|P&NKaPf;#Ow`PaO>c>KsKQMpHDr~QMyGOvho%W7ue9byi6b7VT2 z54h{Wn=@z?e|#3z^CW`OVE+g5(}AXm7zsdDQ2&Ce(LVaroavg2tn>R9bP4l1Y*Ha# zY6hNZ(}(EaO`fC-)|s>wNg)j1<7Nxh@;>`rw{>n=m-JZ92u@HIWq!?e9U(~Erf9{V z0ytH3;SWSp(SLm7?_2D&OlkE*t#lXAth#tE__X(*F{&M@gtB9*y$8P=Zm6J#q6AipCtMz{7BE z0_0p@gh|xzO~O*wV#D3+y=#`&MW&femi7-xC_wp)Yf|hQmk%z2OXn2**QN8d16Ccs z{(%&^<$xG_kdO*);G);meio)Kwz$o1jwS8(P^ag&oKs&W*>Z#%oez*Bfqbh6W}pG4 z$UQ15{bB1xNw3@m=p|eN!`=L|&pdlN>09#)(I4Q}gG34eO%CbWRiN6g&Jt4Ne>l_c z0+0N-`}kS>*J0fFSu8F^j^U6tYOUeSLOiSQ?C^^$rZtbb4w{##41}+z<>X4Kx|(Fi zniW_A;K!_}?)x2c`<+vNAR385Y89V)g>UiqNPN}|Dwh|aqbWR}VR48-{1$H#2YaLC zI3>ynvaqEFN6LlxokN|;@tw%IXz#wJt^Dt2hFYRtHn`!MxgF1}WeWYst}hEpPI!a<*K$vRuF`035#lN6-UMa3@L; zP?T1H%W`*zXj6rt8d@|8{VWT7!l;D1ntlnC2?&UScFU=FM@ zhvXlcjp1-(6EMtyV08w9s_~cqkvVoh{$(-jq%C)lSX2P#yR1Qr?UWmbX?KEr@Fy5( zAtxXZljW0tGY^|V=3)MSWga&FP_=(h_FbVqL)W-2YPj>KQm;Y;V~-#z{C(g=1yU1&e0N)}~iIldVYvBSqZDzyBR{m~1N^&f8(UWht7O1O*whf9bUHXA=;lJt0fAzSOU$* z=RnHIHt98*nJoQJ8+`wE4?+LcUOb}%pn%Uc#dWsHadczTlZNOZDQYce%zj{@Rr#dE zM*08rwtNQfcqq{pJV6U)a}iv9ZcQ(8otx!Tk2x3PUt;z!sPx?$kp-1jKEiv zLDY^WQUVm!S;z7Q^f_bD7}&!c;x!%0FhM#;FgBCG<8Az`&!5hSE*`5aFt&*Nc?`M; z-Fdj?BXZIo$gLszz^n?kc5yEw!sQ-i-m+SnU0H%vjvLJ63PIoHk}mCMAr!jpOGPWeN z6=HMhdW)*MNGVXNgqsKUSy4qfWNMAsKX}wHkb0Z51^#?f-QC~)`XT3LRSN#+WV?$a zhx=4pi1K`_#^(z>jF1(`0w<`1O}Gj2xatUs$U`%8Vz^4XS*@>qwR_@ut-ji`vH3J2 zf??hOE4+Fb*w;i=)ez!+wXzMfw!~Zd;3Ia~84`ruQx>jwi-a>ZC=wV4I$55b{NOB% zj4a{NT+4lwe>S#}Rkl;POJxgKPS{7_b||Wc2=nRMAFdc_fp(9pJil63TF#2Tu&akh zqL^Tc1g>i`n=AHlFJQ$cTyY|=&#gtA4XJJYUn@%ED!oCd$ds}w5&iUkE4TlrB>jZ=NyaH0vfR;)0F)^Plg2ZfN&(p&gDe$i z%7J=kz+-g$9Z|FQ;Dy_n)en;g2hQ=zevSo^boELu$8V(N9u}rDl!z8Zi!WS2y1z|TgkP5TI^DWfxLee&h?7_N~fXEL~0P>IH-_QnUmRK z`iI|VdL2vhWZ!W-pIMLVDplT)&A{mg&7Qz_Hai!a{G3^ep#T;- zf!*i)ix^KXWJRm7;Wa;{c{hLd^XYrvCwp_}E6s@akoR)c3(p4)7YXQ=rVC@(;pdGO zqe@R|w4=gC~d*CVW=SpMRSi)5bF2 zQ^=!Qt#`NvJP-#l9Mw9n2Fr>L!LD~xPMJdVtNnjN4*)NfxIXW8 z4ED-lhax7d4=MQ%1a!0}G-W{D;zAr>pbsJO77I#P{~g3FiZ_Q6;Y9vX1@0uk+A>=BJwU zLlTRdz+5%RB$e9#bav)by6D9vAF0aQ5tKvZ{<2~T{`?4b$M>rVUJO&sx7LP4SBJ9} zh1PU5u)XIUP?^fajQ2r#!1pfpZKt%2BaRe{^2sU9zv_HF$y5JAWD<~V08DR$XKR@i z9pBo2F?FrLwREcQt-1cBM24sM+wW-i z29HenJ+wNw6-gKrIDmo`H=peq)s@$W%&+!+m8xuwRT9dTR_^(AoHj%B!DqE)LKRp#AL7W|@InuQy0n`1(% zC2qN~{=7P45ftxn?RO%rzy`Cww7Mv3F7q;t;NRlRKfh}`!rwJVHGOhQM^gG;8k3`_ zhStXmXX8COo&)7#EG}NCWC%a|LE5HDq(5@OVVdT9)fd{hpMvYV?)z{v;Bf-1Tf(jt z*ca?6KR~{&p4Nc}G2jJCb$kLXMOv0wyzXwOFlcMxu3A(=e1UIoSEH(Kj90ICG@h;} z)$SM98(*75QoXCXUJV|B-Qj^N@r9RqDIWymNVRJon!NtpvdA7(k;)70?W9H9MdpxDMsoCPxRp z*J^y9y#3AHssz6@CmlHo+dpSCDFHOAqNvb57TDvFH7q49W~Wo6hEGiGCR1eGR4q)P9_ zLhnckU1~xN5b}JR=Y7t5&Ue0l{+WN~Kc8d9VFvHy-r4us*SglVt_9nPB0oXSOS^+i zP!>m$A5e^_=9)o=d+)y+82>mK`XRb^wNNH6(31&%p(z;o;;ilh=UxN)8bt+QFHO?! z;j^xd(hS-I#L6p}hPk*~tanD!s zZs12_sk%lH;68?cKqE5)e*A#z@3)q8|L3i<)lX^>Fj&S<*+HhFJqnK%P}M&JNC~Rz zUFMr)>pF$}wb&6DRd)-$eTdvVNwb<5JH5_qA0XL%vBb%1VL%{pN$wvNu#N{TgG-zzYrhObp0-A%YBX033(56e9(#MRsRc;W|~a}dV=lz9{C#ErX!O) z=%gM?VwP!Wd9cWxfXF-<<89I0rJJ7eU<5Lt`b7?|fo%(}*K@}Jb`S8|T*NVI2=L^F zDuP*oMpRi8@!&p@xnLoBZQB2ot)9f1)!7e^)tJmQMTPO)ZKf0onEIoD>!`#^{snQx zZQX;Y^C3rue%@HR+%xMx_ZqsrciCttMX1O^u*D+?(s!TsRIRpZow(gdIlm2e3usFH zFKSA)ztxn>%bPDY1Pdq*1&XD{y_dS~t+?Zo~B z*d-?*Tf;azT-e4hejC#_`d=)%Y%k<=Ea_RoYP{6t$U%g3`ah>ql4^2WI14~luPqHd z|JsT_!#w_yX8TOsGCHMn3%RNcmSSe=FUVnVItU4)-LP+F0o`CZ)-IlT=4hz>&?V?Y zN#Z>>*ZAvGaNq6MAM`Ty&Uj*e)899IS-&MTH0KoX4kJ#zHV&g!gN4{K?WP}a3s47i z1fJ%qlW0UK&6B6bpKoW%#SAZb<%kL%Di?mOy?R)IoV6j=9s1q`2~7dS?`-%g9dUkt zhtYUDS2*65p+LSQE<kTVZxv9UDbzN_Um7Ipt-!-{(DP?P%dI0%i`uR}Rv| zHyw@$X5_33ap*7@Ad4(uX=a}ehG7@z7?c->o7v61Yj)@x)8jqn`}8q{W(|YCcf`B@ z&$G)ciqo(rG$VPt0Nq^alIHm2`F!+GH#%gaiOcncRKe{|djv#X(BAi5>DFb{_#e>l zYZVnfHXm6qZI@4s}eQT`lCx|Ybf!R#Z?5g zqLgMzjfk-gpazLD4>#(SOFHln+C!;!iAAMP(?rnJ92jNwXbAevphG4YNoik43%`9V zp8QJd^WaUUR1A$%c0!EoBAskQ9la_Wf!R$B3_KZk&b(7p4L*hJZ+a2v`kG_UKSIKk zT4@wfhsu%PFkSKV;b3D<_UyySA;aMPWN}lcqkr_!) zt^-=BB)$mw42>!$m7gQ?-s4|FClA;5mOCBIrtVI{%v$2{K{oMf9!DT{eZuJ7#QhDQ zR`(c?XgC56JPN&WkMaOSbVvLl??8XR4*<<6%3C1z_S)M)*T4VM|D>AUj6+ah8Ouh# zj|R4X_Kkjv(J2dTe;aPVr#eOSZ+VJUB^MD;h>71LzS%i->7*64Ug$cdB*!K~;o`qEn~JYL^2!zZti2X(@es zTZ$UyI93M?%P#oh4}(5}SWYy6jlMc6A*kmbAh9a_o_sGlJZvNNepj8XX=>pXEgXPB z{8+@Zi9iI;gki8iFoRUeHfcfdNw13DX=vt}wXP*uV7VwWkUiWpnrA#XGb%|G0yosZ zyN%z20-!TgoxXoO11?r`m_-#FwfIF-Tl4n2TiQc~mN=qs?wT62=L9`Kt?1{xmhTm! zF<&(u6vnkY(oC)iQGUXSFX3uR@_S7awc&>exLHP$D7C>6=m&pkoGKNM9T{FS@+liI z-oq!A%QAF{zT&H0&o1?IUik|m+BDR?eVRCMLi-%LOk%8>GPN>Zkx;(ww7OffJau9} ze+MKfZ^o#z%V(^X<^FsIS^-YMqzNXfO~xUQHFei&@v|o%sQAE6jf1K5f(oe&{br_uKD)z=z#?^s`|!zhxD%XU(>yEa+^ zo(zp6zrrbT70Bfs+`JfcbnzcbM;v%EardgC-~al63GP&>I#z*jj zxBQW?dYvL0-W0n}Hx67zp481)7G(WNGQF7Wlx=^%$8>m1C`Qbh`yOJU&i$7;=)9a# zSJa!Tpa7UoEIL+}^yoHkA+}G-S&Dywr&Hx|)&Abt&Iq^_+CR3*YLS{aRMpP3!vOp;Jr)Z_vi;5f>eP++_*@--8dD+|X48 z45-y&T_VJdMD0Ygunp9GExg6zG8F$3XS$uQVk}W0R9YM=R2FnfDKpv&Fmy*Y(}qC1 z;clryM21s5KearXHlwSI;hN+KJ1=5eJH#L8B6FD^u4y58l4kZ&KxZAxnG|LEIF|!% zg`w(KxebfjKAbi)6=c^(gm)L=&+jivvVAwc`sCwda|pLK2dxmF=IXA0{y_d5ZY-Jl zF#W(E%xm(6wDdj2*`ik&(OVYxaK6>Qd7^CMcB#%)%d2Qha6FyDfCGeh4=b2F`tpzb1n7(Q6QFtxOlBC=%;pPYqGoZz`eA7GiU4 z-1&0A1*Q_$BUb>QDB6d#oecN&dhhIWDq7^L#V4Lv+Yc=s#;B6!IX&7%_@SxpeX1J> zrtS0~shQ{tYS63IMFSHSWyR={Xx3N6tog*SX$);l1s-__7|hu(dVnNn#jOm?*D)h! zKVS@j`E2^WvKVv?_k5D4S`@&u`!8+`eyU74oY^$x(`^nri}ViAg{0{UxX9KEE2ps> zW~g#Z<5@@T2Hnu3sw{bRF;6TW#jmgh8cP1A?sXDle>u@8%4w5DT#pi}&z|H1ikkrPVx_x=z z7mI(6=B1pTQgc5LHcnY{Byq>3Jur^#70nu&dpkB* z8Z*Bkb;@q{a#%%VzURfXhxeEd2glAFo3asweGwH3@|(I}Ky;gF)rKGYW5gR!NmP6_ z)G}Ndlw|w^(ANqwy4*^zFaHJi0qWBE-_)h=Kh$NwMMoqwi}Z^UAl3ugLL6jHtvRW- z=ZLI*zN1Cg<{r{TJIkt|4qcjr6=F?P1);rjecMBUuc;H})z8(5&#UT`W`lyYQ9}IK zs-p^j-3w5`lmusBmT4t!1V~7;!_||K`!_*@vDOScmdZfHKYzOAID#*Hy2|&kwU_OT z@b1l)@Sm6YJ(LABIX@C-W)z>*3OQ{2@s$`dnEVjnaMhbN>U-Au6QP&7Q*lEuVen3B zBpd4W>?km*&gXBbCGJRS`8e_4Qp@!VM~v@+C0UesU^%ensfKFmIJ^48IdSG&iqNm+ zQhqU{X2*P~DhIKvF@T{0s0Ul)lMH{0>7AA75a)y`(G7z+_Od~LEE0jOXL?L2K2W%& zGH1X;d~9qx_4Dp2`XjN7w87V$<zXC;k0*@3CUzbdv0}ZG6|;;ZpGXHrboaya$$)GNHuXbG-R^PjZj$4;$fLUyQ*$o} z^eZU|4b2z$*BtQSI?e$M{pG{t{>2NBNl+E`JE{s_nZZr@cY#QXzeb!0{e*GUF6%8( zQCeA%9D3q<4kv>WNt>Nb>HEj4qltu%EJ>%w_%4_Ztzln?xhV0a=^#DX{E7~hMIr2p z;*G%a2)8HViW|O#I6QV8bUJ5K=>CGJmf|UNDC)(U*rt?;^y!-{T}C~HcNS1pu|Fg4 ztzBmIXAla8gTH6$q{O$NI~GSE`k(4gt{rqhEKAOS#u&^2D2tvx6xga`8*cM^_!D8n z{?XV245u_)V|Kc&Aqch$(;l&l8VbJR`h#?;vSqrBJ<$F#e|&YGuH*u{Qul*M$D%6(MC67N01llTph{ z)Ib@Ai$aGvR?W}?p15#vg42bWHsYsj8+Xw+R%M?}O=t}CTid^TSrzI&;m4atl26oz z9e%2teTxP3?-vm27T=mezI}46EB?B4{~5;d{<8>!y<}$D*3=ja?ELqb8JKX$}^O3XWWKa>XDg)`)=?pmf z>*1$rsJk~U{4oFNSAStve2HJ*h*cbcBlJY=j=YrKY+bYh=jXr&2d981h zez3Md`=>#19DTA{mbfYrR;SvfHh<&(PEmx2*yV3Lkc%$Ls%dW;+7{0G!w+mh#b%O# zKcIsja`)4$_@Y+NPYLK4mKEE}izC%F5$T@CKIoz#RrE@Nhp+(g(fo}sLrd=6F0R7oJs|dO>vU{0bui* z-jA-`jq88t;^G^*l>$;Pbuo%LakA;f3l*m)mgbfgr{kPfW{f;<#MP9`1Rkel@oCtS z|Bi9rNdjY53r7BY60mM4G}kWYdZ~RzTTPKO?s-Rj=Ox)rdR-EJ%#eCL2~-2E?CQ3# z+k^=O=y9ilTpA6mP_G0cZy!kqW>uYuV~v(d-^waT>ahZ=EtRigG$rCL8O9use)VN0 zYJo>-$x*5aM~|f=)L2j6>!Bb|D(=j_{@@q!Y1lO?)cZmD)u@<(MGpg5U_iIJ5E*4Z zEiR5i*d?3R7M}$BKjW!Rm~3#SHoH#h#@$Cn9rfc~%EZ{_Nm_JU%98*-;^6y_jxy!R z_U<{dssT1GCm-9=#A>)s^2}Ga?Er~L{6H>vCTr@bFF2d9K-d$XJvDj2G=f_M!hJN3dj!t$FC{BGilbe^uMZP+PKC#TURCy|hxrSo( zeBS5d>rcLk>?#od`YzG_A%881D`IZXrHkf_D%))gbY}gTs?)Smi9YwXig?GX*EhFrXI^h2(-=9w z;WkKwlRHs7d%Mv5Wn44ppd2ThP26Q&LH6E zrTyQx&zRrLF4oTRIn5uD^}C*}6Hd!S3KFePXTu79BUO|Ujl%II(Qd}ZS1)Fm><0a~ zz#;Ma$uVE1K%Z4G4Wb9JVTv^ZTSFW$ID?>h2)SWK0nCsEDAfMlJY*?J)|tYcT4v5$ z9%VA(4av|+QJ#BNA;8EmepS#lp%cPW%q&V>Pu1h0~*d_BS?)gBu^f5{bJvYg`K zDO;$OPFc0fU}0=QGhi8~Ypib?Sr92kTpJLPH=;@GFg>#a7(3t&orJ@XD7^3FN;S)*hb`a8(o-@ zD!)KAwt!?yy`Bz$u)Ne=q=cnj2~<01L6(FESF7PC{@l_0jMle59Wh@VrttjB zLH(&Xy@qyGPZ$sX&{bm93?fWjcyfGrF(2pX=gghlUK7ps;l|Y0)yH7KqnqZeQKKMW z1^vaMW;gmu9QAhKM4}*W`~o_@;-S@f%B;6mN5vyYMT@)5TSl#xTu_8Ru;$>Yofa%K*-P{n)UB zkwV;FpGBfjf`Q9LCig- z^Nsm7HOnHqH|)5G8{VWMv5p{A7Ewk6&ka$G4%ExO1@w|tOsigY&J{|Ectjdj%*6$C zR~Ys)XT>zuyq#jHBQC8sjTU2$HQoeGwW?#o&c`GH=u;wsVmD$N#ReHp6SGslOg{lJS$xCSTk4gg<->5*J*%Mo+P|)A% z0gt%+XkapYbdGnR5#{U=bT(FbRQHZH3k!oJ`9431X2Mx5<2j6?a6nJO*9^O#^LqN-h1i~SuPnPB}_W! z)|%JMZ6hf=fY%1(OGgIzfZC|DXW9+>gloD72*98KaH`c~kmPM&CUqpyHZp)~5);2> zH%lCP)icrJ5m;gyXzjtX*Et7aT5y{ICWw7#4U8i7#$+3AhbI=OGmHQ3p-3rqQhvEu^XX{XO z_=JwYYeAOdg3qFODeZU=1RlcognMv9TR^d504p0rL}PD%!YDR*r%aTK>)1Z|)_8Ft zE_PfCn1<8q3VvWp`HeqySXeh3J&qfiMeMU>Fr||n@KCU?r9cxL90pu23m00|FA){+ zz?qvB6ArSDQ0Mpc&s+7sQ-XM-f<>4<*b3Y8w72RkMEi40OYO-5ucqPKpaS9f_l)vq zS${7I*S{AfF`}w5B&moM*wCbI(CVgQr}B>-=N=sqrX5O;%wxUp8J`4{AI`ra8qF0hwDr@)>Vw9he_{9@)E9{~`MZ;gg#UtKZR;y1{# zf9y`Va2%>cyP*Rax{X!|7(;Fd+2M9L5c?OdgJxWZbXs!~v&)EpnX$4qE-Z z;1fAg-kQd%ESz!8^*r)rVfKtsgt{QU=|E+YuU_6?@GvW>mCxlyUqTq1gZ@s1VZ65# zjDM{GY=meq% z_`c`32LC{LJt{0|R~m%~J0ryxe*5frQ?AfLqWy_4z~^U{&QAH3ddE`yW@!F|%57vb(m8Qrq`-O{hR|NYJ8q7T~MCw@o3N%=m^c7Eojn z?-(OEepXe)xv^;9`*5LYI9NQJgbz}cpK(<2Lvz^QwrqJiHoZ4-?rM~k%n@35QJOLW zsiV)QH$-tl>)RZ&iBXJ$wCmGp-Ji*Z-`|G|U+CpTUSak~Qy_AMVV#|w;gNE$@k!(5 z&0`aaH=`)eZ6A1l-DFAwnJ_P)_l` zO5Ohpav5@Xo|GMgm7f759LJwalZUU1Lf^gNk&Ozx8xj)Kc1xV=3R!td0Dix$e`}I? zOv~>H_2C`4cwM$|?Gr27ItH!{4g8VoN2^7CPfBP)vdHt9G26>Cz8#s_tbQvN_x+qM z)7Tr04j6aWRrAR((9DaXT^?OcN){+Qa_0#?nX<$H+<74EU!{4J1XPBeQ%CAH?n@$9 zIN|>?oI-3UFCunW%fUWz^h!pFu5!|ic>Ln~*xpzvZ zg)7Y{1)Mz0qHs;4SWWC%$CgjIPw1YGG^-Fc-c39CAMXEkK!JqKUV44RidJmr&XW_b&bo zFlLM0yJ!hMuG`p=7eOJ40H-86!*IiveE?n^c~_DUGx%o|==7-`dEHW#DsqqIBd|1D z702GcxV)hWiy}H?2i4i3V3?-nq|vhf zaPSQQ8CuIoOe#3cCalsk>J!7H72k-2YA#2wxL{g!l-d_>dWC#ENz;lcCg4I;%|Pda zJvsbJc~$MOu&hrk&m#fZqA=G!(Nrt1Y>Yl3Iiy-Rw=4^cXq@QWe%ZDF^R~*);d?!k z?EorlN8TfF0TOpRWr_1e+pl2?(fpn_s&YlV>)UG3WM^Pi9Dp49 z3sO{4(*IFAa83%z$mb3X6uE!0~8f!wZk7zlWt4Itt++a-iNAZ z^Y0d*=`qko>IuJOVrwk(vt%KO!q00zVVX%IK_FlIms=*yhI4ea6HySy>EJd=M&0hm z3wp^~jC^YUgqwaO=;o>1F)HKc(~0^(?Xo;acFNPs8>XoC+V-pwi+^i+q}L?EXhNK^ zIg(Mf!Q;vuWVgQ{RAe?dsG}*%6FAU;biuUz--;6aQXQZVf}Y6pz0h4P{V@>wo$-a; z8R?FgB~vXCe~rQ}f^!R=1$*6Z*yFUHv!@+Y&)J7J>y@fApGgpp(sKG!ZJdhVP!Fz1 zloIQ^dl-V-$uod;r=&Na!zk z3}bU692H4uj$e`ZIm^UU%X`txeb>Kmta+Aj zuO6Wxona=IW027Hgk-j50DC)ug_B*qz2%!HxXLyk zxeGr@xoe(~5NZTr@r6JN-!|3q6BhzK_;R+)#N=vZ)OHOMCC2GZ-b9E@!7T@RjFbT& z(wmF~*}X;;{_tc!&Fm1e6d9CR5w8S*AnUE?E!T3LS&blvQ@jQ){`KmOH3&j@^E>GD z{Wsp88E>CC8Xb3a@(6kq>*W&@Sz-G@wp>V)`LVshvfn&FS|4dQ${b7<1$=@`}cpT5P?B1MZbdQ&vrCq}>tnEiRl zD@7r}JJ&(x`IFT%_Mct`d*wwX1R04(kU`)Qc>$7V=5(O&m7|$oJ-CMv;>SHAN5$TD zJ_4b56cHXR2aibON;$Y5J@?hi(eZ^@d$L=qTgxTifSOvtU#1-V~JdS#?N(IGamsHCw$Y0(knbqBVZgS;;`jv2HSbyr#7-l`? zf;=!-5=Xd7kypb?!Kk!dKw&bZpN}T{5n_W<2m~``_>JcxE@PiiqM^4z?tRBcRAd|I zcVnr8hz%`y-2SRF$P|(SFChte)kld!-BF@|p!indSTVZ|z+IIwmfevCuPW_xJVxI( zRz`&*R{SaE<)wOM2;0jh9(>p3{WHtd8?|8UYB)G1)IiVPn}Dv#t<%es;7jlr>I>it zX$(*xJ3gX+`@q?qVD{qyzZd@0z&*q0ik0s_`uW4mL(&{K-D;_aN#IxrB|9#IfcR0S zn=Y1o8^K(+c>g~au#VXIA_rqf_T9W$mY^jqfv_2S-gr?V5O%|gRYxdL>u3SNQlAhe z;15r9;Kss;HH#|`?w6xkJ9`#D58e8~N z+|65xHinEmW(1_bC0syo{S3VWM<22=L-cHC&?9>n-y?~^%jd%lYwt~jqNz(-eD4%MB53_KyudqCT zLO@cxOEcj2%MWuY%p#=Lecba0I#!=_%AV&P^G&^e3uZ~9KCm{Z=z<t0Wh(7*B$D``U##SZK zmfDQbzcyt8>2(68tMc|#c4mRE`QPq-Ln`WhSkdN-6tX(Pm*-NM$;NeYCMhoKR)VTJjnVdq>D;aF$HfW2$&8 z)|AB*FLOC$c*yx*)eHAp2_hcS@A#Lk?`q!7Y^xXPTi)|-<_ z2EH>QGiov_>?%X(f2{>(p;>Aa)+Bg>q}CelZkua4ZU#B$_|PDy+1B}IlPImnObV_k zJ$8bJ)D=PKE|A#f6Ym&^IycAlB#Qoe@Mjlb1sWqh_qTRL=U>{95}+N?p@0Cz2msW- z)Fb=MM^bCh)^ds}L=g^YyBu2gTvha9dEOWs-LK!$7owLNuIT4lSG2m0@l2Q2(vmj` zFdwIgr(Q z7KTiT#su&zrHOs(s}>-9lan;X$nYA6J=U6gb?I^IrQ`gz&_X(FF3F0Gq~EGc3+5n! zJvi%KIJtB4f5(YiTrY6;$P*a%X77EKVTbZ~lk4635)46#xlJ_Rf~JBmdlhtrrt?vh zNnB=c_4*3%EBHH7%Itr**mDksFSNzAnS0_RsOOKVpTm?3f!i7fwaIz>wZoTyPYG>1 z-gc}NHw)xak^dyOO7GAFR8VR3tp$UAtn35%xgT%NCEMRw@hyS`CG@8)qzn<{|49k7equJJxIq6ov~BN)^HTr?7icb1!dqlVN^RP-;zd)d}Rp1t?3 z_($MF!;XcQ%)YTJd((eGAddF=CKxU)Cw78Dmn&@?WFuoreacLTBZ>ov?Ni8FK}?$5 z!cn~Y!aEmWR1Rm>RM*2KAK+P>t09=2L+zh{m)52+$o;Zj6Z@Ul#jAZv1NofZ%5|G_ z0(*{J`W}1Zz{B^NqF4ESjBW5A4eRi%V;`byg$o@w8^DD@>oa}rtHbAD9iC-3XO|BH z=D!RN96m_&SjJfDM|V{FSYhj9C|(5|<~psQo}C7GsV`3^_n9HsQDFU~&fx4!E;o9I zs|3flgHaVlnlu!w)3^+pd6J?(*j+YBSUoji^ozrPrcWiJUAY4sBRjPbWFV&l8VgZs zRr=wv3y>`o*`ezMSQfZB<^2(a>Qz-C*);i1HdS@;h$Nrdw}^XKX=3v;PHAkz>LI)L zr%SGzCn!t!OsYUG@+&OX1yt=L-XK2~KzxrM=3~zTc%uf|zFr)S2?R;oOtk1UJS@Sq z`)4EKQj>(?#i2+InhSn{JhwE3z5FNyC^=LWV5$xOV z;F?73eE;d!TCFdOo}@6prHr@HK(Cof+1benAu+sXquK2O zH)jzqz%w2eH6V|l7UGD$#qM9LCkB-QEO}%47IX+HR!6SfdS^4;73R?uHdw3RGoO6D zs?qF>Hn!u@4=6V*us&-+6mfpxV}K`^93*oeC`J^CQr|IyBBC*4>tfK}I>JBe>b`Nb ztc440V4?!RUB|6SELBfO@!|3^aZOJi{J42ek1-_bl31HE!aJn5P911-5c#+!K{7m~ zH8-Knd8-nFA{*C1L3Bv9#7%;)s?Bjp#SG1a*{vVclqkSsReVmUUMev=DRz({#dm#% z-=ihKerPdyDH48P;0wy}(`0$#hBDhwV~W?@>9Bjx+jm6ib11$fREVlFAzvRSV4r<2 zc|y9`$K8fQ1XJ)eW^`W2+a^) zb!fp8=pSx{Ay@)fAF@TCZGp@WU%D#Po=5mJjcO6iW}Bt> zC-UkHlEywwpyzF?ubE@g(8B5|7ac+4oZD|`&bnOs(dyoHoqVn~@-V+{*6eTf2Vls$ zg)$f~Bb#G`FD(tai3UC`Fgd5q(ZO5U?51vA`=DLGHDn8qcbe0iim@~Ea1--%Hqh2Q za(B=IhYKapV{(57U^LB>Gy#!xf6rY39)$m+|I%!t+ty=uEd>UEtx+(xv|n<}X`E6N z&ZcM)m+ykgXVtNiZQol$y{JV#7NxR}n?GELXyq|BZFmpJxWD;K*i{NKn100?&SZhz>;( z5408C!IQ26mG0*nNG1!&>~s~lQ71A+!$ zX)J|74%awJ0^NMfqis}LUP4X=%fkQ52M7Zn-~bhcWG#4VlZHIy@MO`OMk38RJ@1Rq zAp<@iY1dn}I24+fv)iu}gQZ40pxDZoQ(}l?Qi< zP$!4)WCD;j?1HXs&6?kAB(4Bjdx9V^?>A zPLdypScOV(yIeBShT{d635b*8q7j~tJTEk^82~J@Aip|Ubf<{?KCi;C#BSr5YyCMp zS4!-hhTyvbfJb<~3=|eTDe=F)&tRVUJ72>3hU?3Mc7&yWs8>3Jy6j>)ht#^q0iS+8 zv-T(w*`Cfkul4d{h!p>++aV$Ctv+q_qnUEPiKDt7EgrjkZ=w}w3po z$ZG#s1m4d@mW*ichV}cVH=*g4k~b%o1i5>kURWa+`S=t3&pEz%T^%o9@k4qERpYRzF4&C~ z&i?%={L`p?(&rm}jF_@8Ay1{{`hv>rf@2zN#YgY|ogT>APlz zxjR;iRrRV0aAEbtMW7i~7ypCc$mnNz>*#6gZvA7vK^^{mWV9h%;3|{nbe*a(r}bwB zp{bD3+Kj{S#IX0%^P^sS_nVYvlz|u3S2-XFbM;1^pd5F171<=CbbKCKuS`C^9e+!& zz|Tw)RzJa8?I*6{B(75&qyKGiLgGSR;evmj%q`fr>2k-{I&OHT)Hk~k6;Y|v{Oiop`t`8sQ9nIe?^As- zhF)GTn}Qi&zpWO^aF-c`g`(KdrU6YkO?o89L=~o;dIcpBi8qKG$|Cg7(v#<3PwSnO zi3?_Ems=8phC4r-pmAy@>+5tZQ)5cAa-_nmVN>}d%&$(FGQW}%DI;D@yx<$1RjAiC z^UGtq9_xP}7ZM=B@G*Ay^%T=Cu*^@VNaCKMxAd+5g4CV?c!~uR(j+KNJobYSEh*vg z!Mo%w$}Z4&4Dyw2*O=1<)4o?*x;KP&3}}h`LB!vYU|{}yT~jz`!wL+6Q{$p?iU#5q z@AM*x{P#aq<=UZHRN=0;vz5k+l@D!LM_c+NIPcx{mZj~Z4FySb{HlYBA9XyDqHqRcB_0B&MQuru+N9Xoe={R!8o&l`VNQxxe%!>@evgJ7h zh?F1Pe;v2yX13=?nQpVY;W7JC2E*BJ6c;cM`HP4$89m-yHaq3D3EZl6sHf^0k^5(h zaFc9CwI-C?#KHuk+fYl{sjm&0E!@G3Vws~qgjB9w{W8l|b<_vffzP^_nLy?K-nQ!u zW=KdL!cofK_6=Z;pfB4d0~`hj_Z>nP9_2L7?(>z^RrV?E>A_y1S;YPcQ8rjo&lR zXhk%!^KG6T*1r6bczvzqul&BJ6T_{Slx89+jrbm^k!=%oCbGfhMC8LxhBms_-LUsY zY$Tg$g=FHGX87%a2Wj*A5!Wu6H7dW{R!xII(;Un3Z|j^|YzPRJOE9}yY^n>=TjN;3 zATNyzUsFnk`Np-P)D!z0*ZNmI3k2Kl_Wka#^*d&MrR92j%=;jr4J9@4jrlsgTDDwN zXd3H%I%E4&8Nrt{H2DY>#xs6Ro%(@*`}11w1nP6WiorM-{|ah}!d%H%NS1>xEF&GZ!7KVRcmicLRo&GN@L!b3`Q+`jGpyi1e*fnrA1V#&3YqKJEx zoR?7?Jtg+KB@7k-GxuyO^~-L-MO{WT?I~na5P%hv z(165aAVxjNGIp6?Q`X;`cpn(P)Dgm;q**+LC`E^5*942#a2S@Bd!N`$)?o`7D2utJ z29uw_T9Df^vGNJ1@|x1hx|-^%7nNZ=Wcc{hxJlTB2+hg_4EVj>LVoU-rJatTaWz|yYcKv?*t#yhx5{m0iCjbD=1)j#{A=C4A&^Yic z*-km{a~%0S2a|!@29jVx=A%CQ+dX!wR*HJA5}X77pMMP`x&Q5Ixc`TX{l{-@I>+K* zs^`4{pu0QZVR5lbyWb<<{$kGxf$ei%h`Vs!6ll@(4Oxw|TsKc{S>HRWE)6&WwMlA( z1B5bMxG?2RNn8hE=E$DPT;3bp=PVxccO4k02KfHrUP1S)a6r$#P6)-!@4aT`xC83( zHTN6mSaTA{iJEtG`I$(auC2$v5wmxKda?e~?IrZR7d?JdJ@YDm{ObBwncT;QfeP<3 zQqz>$%x&k8F{El7H`e&9_7&$@D{dR14S07*%J0J@>v&X50RKbnN6}AB+Idc>{}Sui z;t}%K1+K~JLIJ%g$WW{aF4J_e+%&G}WrN)GgA;pMVfX0tgal<gk$mRFZf?J*S^0aXx}D`$kSc7}dva z%@o`_euhQo#wt`kUkl>yn;u9J&O___vq%5PF=94TJ2Z}~s-YL%4hUX8045#uSiE(V<+NADE$NS3O+mRpC9PnznS)-AkQ|Kb;v9GoZu z9aEhtyljLcI?pI1l4P8;2N@Zo6{x>xThH_B;@OmbbJMh|vT7_zr@0dOyE|yRPLitK zT3ZD8S-M@wRpAfG?I^j^Yua_>d7B#jy_~y(l@1#1;Q0GS|)!^)g_gACkm`z z%|CzFhuHJS_VUi!m1`f{pudxr%of-^kg&s8*+ICkrRVwCoW%oTMvEV#1-+`IGs*Q0 zp3W?OJAGH0K>m!MIFeWZ1B^-d*Q`@;*CAxJ^zD5x6!oDpO`zJ$W$?ZLK7jnpkiz+yfXOOz6@^^^P@|@q-+>ssm4>r4O?ci9LB#?? z?9lTur9YKv+vvQXomZ@UC7y12Kb=QjSL7h6?cG+ZI%2Q7I97{Gi{48Ka4ou+A7IZ8 z9oODyU;u1_CsG6;6&1fjR|};OKLdHrBKk7eVjvH#3w<3%ZY77Aofiic9vQvZWPd7> zILH*&>qaPzT&-w?T1I9`y?k$ zcO*P)s5@X94==v4T)(Qy28JKMQpPe1US{yjJi)F^B|qQ9Kd+T{uPtPX!^W)`J-D5| z(v00iaDBgy9BQ_occB^-s3)2V7Gp%{W?=z*id4@kf;R%7bIZ$TS7?pw%8o6R-hPx- zq;nwGlLlS8P97g!20-`r25qs30dfaV08W=#-78dQ^(G~K+aSv z>L2{=|HjI;OjhjoSUC(#)T@E>8QQ&%0FeC4cx8Yv2MAK6Lwns>YFz;$zUPHYMXn1? z;4&AObEvZTVo}k_lFl8-eYy@a`vwEC_yW}}nyd;6w^X9$VWGY8z*-5t=#WMiR;I6P zS*pKeW-ut@%WGjk9QmAD3wJH%=P)}4(8ALYYUyQ%WLdwoevWBB3DhVz_i99uOM~1% zdBEi09;mj9oy~=bKeK0y60)mXZ5Vz@1F0%uIqI@y{ZzQr6gXra5|ao()!pL(vRKEp zg_kboimkeCgcH58(rh!wu7kkZKv8q> zChF!^t*v3E_R#2%T6{^hFv-`<-ejC^}tT|&(liZ?Wk^6EAxp^N~YQTmTWr|Q$yUU$yBKqJB#!F-*2|0Mhofc zvj?vJzK9-Rh`c{nxnhr^oaAxIafXjRj8WQK$qC(}+28y33o!q0L8lbwfss1mCgScA zU;SO10`+1BRqta#TeWpmW`{BWR!WXthrv|XIDkQKHm5YxAl0WPL z2uW@XNag?mME3x^XeePPvhGOl`Xcqxxk>5yY6LoixFoWz%wwKB(Yb zIKKcQ9;Ztlpca5|+HxKgjRzaRy ziU#u9I(8azaM+}@oG;wP@U1lH$D}G>|LH@jTp!}rv2E?llC4GnDYC%)LASYvK(n&& zQeE?$xD*iW&KWA4aX$R~D?9iD!SHJV<$qaj#VDfX94$qeFb7h<_DCUM?W#-63@1oRANdl_wdX?vUQ|2m zx2k8}JjUalP!09wox;Xl3ma#NLB_&E@ybwKzJ0vRNo+6LrayRbs??Sa`yFZjy*W!) z%2CRaLiWdWE+h11Jx!VkC6zHSnIxQud z2A`6nYI1yC<$zTP>@F%4ccuWxu;YtjZ6Tf&8i@nT};_-`|(ar z{LKqxx+tB*utzdD2{Ok3Z%f)G2vM4Kq2M4O-shtoBs>)tdRKwdK<=&KA0o${zHU+vs9c&YtOBlPq(yU9N;bk`wda}0 z?y;JqL($f7gu`|EOU)KhOyX%5ye*<|m-URr1EYY#@8P~*2f$h!x(Ya0O5&kJR2AQ# z7NSp(W9_dB5I{be^g;uVb)Rg%B^gf&^2Wwy$|^{{taytcg7fv5vP}qA9K{nFA*?;e zFQUJwYMXKAyt(bvq-5J-im?ruZ6{4(c)~we8uz_~i{O#W769K-Llko)dr;yGc5C-1 zS&5Ie**uQZwiyZ%2iib_dWgd{gG-~Kh;9>-GiAZXrp8BjPew@F1`_5iXU_d3)D5p( zLm5dSf*VpehiQg3ABe(_FEm{ExQ}z+(B$a4@_RFHCDK|sk29(uWD-iqy*P*6WT=?t zCSldTGJmWRNpeN<>?DjAeCKzPg$$g#1j!HRUZ;hO|B$dl=TYBm2q~B;-(kePP^|)& z1Aw&Y5uWuwKOH%cJabv$eFtl2vSWC5cDyCYII%v#_&Nda0zv#z3CykYskl(AzTOw} zQQ$`eZj3ilg6m*>-eJYM9-i4F&(x53%%ZH4SvvfLJNp8Rt)=MPGoyhsQwtE~jEh|8L--B%AHB*X2)>}+jhWLlHM>)m%IOBPiEbJ3(e*4+@X={zDMQGW~2(J<(`pD!&cay&vxR0`+<$U;bMK4j}}$Eu#G zr3FG}^*bgF2ibKRJTcfCLFAyAM>v@OjlHd-*GXHen!(MV#%To-=)J#f`NxzH+=Pm0 z;55zXd7u4SQg!trQNt|OQrglOK2X4AI+LLc{F!EQ)fp8;e|Bd|OBJkHrQ z^-+scRBH_%Fx~rTK4@z^1z`k(j^9{Bf$pu`_b;yZh@YGEEM1aVSpZa+Ce>|dOmx=j zm&aoB#tN;ML34|FC$m4*(tM`ABuj0DcvH}-+49}6RsFFJnE6_eS3P?K4WI?Ln=(1IM+9vOZk$t^qZ=s3sFkj zgAxjFrsM9)BV{mQI?L~q_PD#8qZ4z)8SF1J9UJdmeb z(CmcJ){Hc9Uyc>1{)|NYEi9zH4_| zGCcU3w$CFE~EiA$7Pnz8E@uu)03bttn9prwtU&`7CY?X%he9 znpiX0uDka89Hs)=JC<^E^l1&@MbdNYmL9MsNxT&MW}8ITi}6UnJrSlk+y1q(B?{HQ za z0f1`{&VlY+>e3)8)dEA2G?Ajh6%4*ltmm4{)U?sZPDwpz(wE>kv`YuX@2lk~nN2>z zAC~T<`T|@D-l-%c(vrDu$bmAD7md`hrMY{tkzBE_p%E9GTlMll;4alCK$bVo?J|%L z?QZ{4F@o=F)6^J+Z?~1h+WL$)@9N2UewONZ4eHG6LA#L^ z;q$?9ai3@HBtaAPS(5Pg3=B;ZtWzhvnu{y)Ew{2Q%xRpf%*WR{aen(z*I}E>q((>! zxPD`lQu?W(JYk*>$F{z06G|dW0@S@hWnNkm?o*T1+LsBs}lLy*VbA1EkCl+-lJ!8dQ3j~8jQilkU zw$zK*?#b7)nSfy6w2vWbB8y=nXAVoO4&fmUtwSUjwbI^ORDkP~g+{-$SgND5{ zU*JU%XL={KM715pOsm1I)}mcI>x}0JBfe@N*7s4IMR5DMYW3G=L)-P(G6UjqzWXLV zU9NH79VC}aZI3Sugjxo(pAm2DjvG9BM9XGz%v22z`l^`^qmCPIHA3h`7lWL);b>KxhH{t<&P-I_MLt+Qya+A?Y%h_5w;`)`+mrI|M0Lnwi$Ba^Fgu^imneeWteT zq<=xAe3ymd0A_kV8L6?k2*cGLJx#@{8m#gjvcU&A7CNLmSfAd;ecqkkP_tNZR5QH- zI=7h`qimI#Q&g&-THM#WUsOQuqIe2iBb!I3x;X0MReZDFMp(3{5$o{WZwdVsaD$$N zGalotEoFM2>!Yal{fmVnoR61YCXL~seWucn%bcGpLXCHjT`9qj!T!vrM&*hm-6zuCRm1^e`rsVx}`pA?8MQr(K>X8l7EP-SZ6Y%OBYy1Y+|=Z-bFd@ zxKjDXc}2;g?{|wNa4b>{e&>)7ko`(zxi3vGl6z}t*b^x3%|Md0^V2voKUw2EL;k1_ zlG`AeF1*))-7d5MQI62lo3frdx!C%h#V0nd7k%4RU-2B%lHuzOgwl&3bxxp5+?8yy zN-=h(go_ZD>4FI`*+VVA7=7dww-<6#namV@Nw1M$och?~@K~C}k+GKYJ+H9QkYaZm z^R=n1xtALp@5zvq7}4X(fub#dFJAz(P9JI5;(*e`Ir+0K2KuDFS!EvQtIwZBJKc0B zVV}YV%ts-N-0$SL`hbU1F1eL?=yxwnZ{bUvBPq;pr+qb_VS^k_p=t&8Z>_+#`G7L+ z0`0&x5CLHM~~&gw^6)mFNAdvEHpDm3u2r2@gf`x)jlhx}&wLdHzBl>rA4d zbYV7Uss*_;b!VA>7aU1y;!E1=eKn~pbiUufKS1YTkQws|J@`3L7bVTe?O;}m1MC)l z`gnIB^WG4bRHi$aS^1sv^5&ou|AC+Q9|_0h4qKqJpqVXRh<2}5?STZ=#R8d{CGH!N zkI%@hIg1Is>w`2y#V#v?^&crQg}w+g(+leHZosqOq%8>5sZTj(iL-dmQvETS-Q|7o zNaB*)B^lZ!>%FAa2IzULKl>ALNpFEra&~$f@DbCJTSq|&W45*=7BNCF$M~RC?_sT$ zs^I?g2c?-B{&`=J7ZCrJhqztGU|~dPzaZVZ6zBmUcGBfBKov-G`$Dx4nnk{;OA5{m zJqjxgG=bG6oW$Yi;#fFhA$!l+4$Xieh1}X*>~cpnFxTWKFFmnIS>&lo-oaA(Lw*T# z-R_4;(<)vy?xJ48kR{NojLY~3Nb4!Djt?|xacq@Mbq&**IZbuCBu^8Zx=Y-s82O(w zd0kbEPvL@zLjmzdpur$f?Yc%wp5LQX#L4Z#6iZ*-hhyWDC!7I9CDO58E_I;t z7ihQvaEVsDnLr8JHFtE=s}4|7P(E7HuWD$n8BDkyc#B&WOhw8G=_M>+i9%p*(J|Cr zn1y;S?Mqq4)8HPJ>yH*ie-7;(fGAzHY?(gSIbY=#rKOd42$BQX@IT#B7fM1zx7S2} zfmr6IrEps9^L-CHuQIaY-+JybOIbULKdcl$JLdqQXA=X4X!EHKQLYol`JELzN#eoZ zJz#suJfTFvB6Rr$niJzoYF%pjF8V@@<->GD@+Q6+y6+3%;89K}yVF-{RQ9`Bc|X?i zn74|_aucK3FBy_@C}f4LWz|0ZxWxe`c`DE5@KHO-eIDR;cG#|({sI-T{RQG&y#pLP z2**uYGX~!m17_6?sf%L4a&nJ{6t#5HBs!UXhX875oj)B%MVJ#1iYZLEGO?d+qEC^@ zu$9x(aScU((BZx3yNSFyqOR->MPH}d#VJrZ z^)SW1wKW=f)?I=V#pW5I7p`oeoe;hKs!1}8JD05qqYdO|i{$IT0W8^!6H=!~QpkAI zO(4_0J){8gWV%(|JvY-#{pS^!Ca}9W!ZMZlRX7H%y5%6FA%bacN{XVCcjGQKh|w># zrXcx6YfCPRMYU>eL-unZFI*m^qaNS>h>!@$`4IE%B}or3B2T)!3`+6(j#%mz(W|hf zpG_%}PL2*}1eySQK*R6wFo}Bgc65T`ArzrTuJ2J~;TvpG+S3~Zz+;P%&&>`U8H9QE z=^fX=x-%BNlC|~p1}5<`q^_yZ{>ne)Q>uSTUfcHf&#PFy7B8J1DF93t6JvKNz%(C8 zVxN5y_+E)Hla14UJGfua{Qwxx9IwqW!f!X8#I8x85A!(6#+y2;C=lz9*1qf($V-pr zLW>=V|MdHMu1IgBqk+El*mCXmQ@Cz@?8#=5#`|wIxGF^wXpi+nR_!l@&_?$G_83X; z3Uz*pQ2Vw-wXH|md6v%7h4T)z2I(o>diNsgN<9{6v6ldvCH9{AG!q0p4l|ZLvvskpW)&R2gP-wV-VOIi0Mqt>Ikj6(L*sFHjeHg^YZ9&934_l|R*N?nh1>z?KmI1llYqI- zlovJf@Q%0tzzJ(rqFKyx8myh+om^m_WqalPArF=w3*?S}u>2LXDT*OFgd8;iQo0Nf zvA5E8i_lnM6DiaqH7OlO>cyYs74#S_3Mvf@M(zpj<0=P1=n#vkR_l#`GLqHq)aHjj z60QfYtPQO3zD9I&P>s|3XQiB1^aa=-2eBc_#R{#$6@Kzs;WMYO8tVRI=#W#Pco$z* zkhU?OC2HmSxa!MjqISxwHG-@K33iM+`06o!t|6j9yEeYl-#ect-|peh&B7#E7zfzT zxnE{Lg5RW|lQH_nHum!Hn1Tp@aZit#v9_p|Q%gq+?bioWh4r{LHApO+VlhCS(Km_~ z*Z|GK*Gpin0&H2Cu1ieDexUAFpgtYNzOu|MAl&Nj6nT!ts*}FCh_{E=H83%OGoO~l zI9XB7uyLzAePRo7NiwpsaUuYWmcAhE8}D@Ue3tw#*3Ncu??y0HsVooNIJbd?qGFVk z-7i8De?%8Bf_U8#qonCl0hZy;c28w6vMhL&#c!H;D+w{0LV6TAyb!L4V45iZ7JVGT zqf)EI#2KUfpwX%N>N!24B1(8fHTt2=)$A3X^NB@zs#2a-X@mr>1Q(EC5G|I9h%Q+v zYt0`OYWPrq>&;bLMXvQrK(=b2Dx0XBxAl3>uVwK+h9Y0YPu@)_JH-459HJI>=Bk!|20ia&OfkwIK^39GgC$?iLhbGd19cDd+v)dx5^E!z`$n>p zWEQ^sQN)1@A4=8i_DMV&$knc_KD(eHyZW5@t)9~&(FnigvEI($!0XRD?Ub#+;=zxn zd_4(2^7HpZr91;FI)E#uxlzA*TnD=i=$#9C1+%#oa`$U_J$hTyAR!p%F3qTA46q1I zS<2-?CISZEEyh_E`+xLaf)j^IQYk3>J+bK}XIExPmSWr#h&>L2U%++$5ywH0-YS@* zE|fI>%|1z$h0-TLX@p-qNtrIA!`jx_+@=0X{L zS4dNuYV|DI7m5lt)I*^wqR0#E9kDW-Wo$7uq+#Bo37i!{pf&9o4Q!6Hiin!AFyQgE zMh8WzIV>*8*t;Yc_K-bd>Q=^D#V+f0@T|V>L|1U6uIhv>Er2EtTksj zgQi*@b90gqXO|Ekm$y;bo){izM_l<80(W`Nysqtdz8SP!elAZIFuyR%j@G%b*oe}H z7J;uo8K5&Fgk2dU>SJ64kShG%`d~&pD(H$>7fJeogBwJdn z3?$+LoIT+Fik_0%OSd!o1HTuWNSu}Q0j9At$uDL43t!l+-!LwW@zXx$)Nw~L#fbto z|Iv)w)hqqFthu%RgodX>_~JE#q4Jyt1Tk_1S1bv37;}y>h=$D(*9cRhG~=e)BzS9I zD3xaDNn!|#hc_MFSH?VVuMMfXyV5^WxT;27+}~&s)}Owm&W9LNi0%nUj|16u;=o4L zHvsXLzIx@!!F4t^#a zNWZDZs2P7HerEMf--K)Fz}Z9K^Jl6Jo8~1J0=I%6uSf@eNXUcifkrYT6X5v_!$A=M z7@oEwx0SkLA0=_77G6c4@8m`GQRELNEtN&-_jkC%8OVu>iSdQmv5kSXfpDhQP$R!y z0sc67&Q787VYfgT%m5nDq0~Cr*`GU*Ck%-Z4=7s7j7seIcvkQmEwXUdb5k(5e6|=K zssTQUXh4Kr5Ye%Rl?Pn|L)VQ|&M6u@vQ>C3p722Z8`Md012=VNc6N`mAgzurZP4iv_!Wo< zXqtWhNU%~HD?JW`0nWI2c9k-9dW<54JP}+l?&q%Ua`iN17XL^pzaZdS8B3KHyJk0bKl?!}fJy&|~j1)ZzR(j}X+?RVx zMXJM%0Z-n;AaiD+xFVWVZ_x+2V3-V`E+H!0sR2T^%F4g_x;zH5F_JjQN?33|kptX8 zj72cF%z7p^UT(%iQq?&9`4=w?6{z*;LUHM6=I=)#L#XFSi|F+LdvEx@T9K(~xLet? zPm$4G&%1_(=q%wC`V~o1&P(=VHS5t8Pt z#DY_l6)mtIlSeq~M|yt5T(?O5 zZAQ*5bEH=9iu-E+E<%2Ou6A z@`GkA)D(UR^F4^oB{;=jf}{~QDTyMH1}ikzi34;cT*F65kuPF9DPP2Xs`sAYz*c6EXUD~i|Ku_x5iIc<4TQY> z{~%FDuN(c4IUUhl7ixn68ltj{?~gXZ7gMmQt8EDR{Py$a10^KqC>fgJPWRY;&o4ux zA8T)g62qDN-*Gtqy|qTb)^_ptQ%V`@M6sinjb&PUv8Nu4t=NMW8I)4uo^OH!U}G>x zYezf%#U(jB*S76!<2&~^lYg7($ay`NXp6*0zNq?H^*iSgOgHw_!i6*di{cQbJq1G&Jj@G-Ec4VXo;2DWCbOSp!_ZG$v$wOFB zRuR7BaTnu`X^Y0f#5lsc$++kUk)l!WE%~Lc-aaK&bLz}|D_g7O8oN2DMd&7nu2_Xr z{~Y0}Royamx?45Fl)89=!#_e$tdkg_As{h~z8d<>q@*+ZL|G`__XlQK`j%ib00_Lhs0<;MWjaj7!p@ZhZi; zOEs35;p^9(fo?LuT;HheuGEXDZuE+gV3F2jcUaI^W!XM(Y(F)Cj1(=n4*2GShPPSaI)`1% zi%RuyaNp}$FJ6_f7E-8vVf|zwR%BHyBM?Ox{UEW z`E6%Xk!8-7_AYGG<;-zH)V!mlAi#S*f%7Acu`VlbcjyX=ZxHE2AF7)Ft3lirgSroJ znZ?J>q6E*NA1`ASRa3`YiDX^MzlDUACOY}h;<4=XI^l}aKi`dizZ<2*mc)_kyB!i}ZkDyt9SO!Y{ z!%=H%W=pw|=y4X;tRw}*A*^2#8_v)Yn5Swl5<;r(MaD~SB^|eEF1m}WK-3@(Kl4m% z)e?VK0*+LvuI$3}!ql6B)}+Q4j-MHAgvnXDZE95cI^)Km?s^3|v{CR8v;hxk64hG+ zhjvFlQ>v^96v8A`$Ql!h- zS;EnU6Z$YP_Lj`RxNB|Hd&iD7Ze;`hNslGUZt|4`9HMFeM~!FYTZ8u=i&)+V!}*%RliZOY=z`EUe4Q8$JXShHmAbmt=6$mi1a$e9lnQg8NWU8=jOBC1_5Vtp>8+$+b%g+TsoDCT3z0Jo+K z&A6Y7dhtQC6h6;j*r%u=%w#GT<_xvy%*gNC@s;CGg2mHNG$VQdwl%7{ocesm`cNb7Z#!dYC>c?YopEZ+b#-Wor_3g1? zMnBLNbr$FYahJ>DHREtpkTZQjVW`o1N`Ju3^U%nF;(W;%GfR%Hq%O4e{KeOR5)8xy zPQYF4J;ft3ftN|4WN1p$2Rvj>6BBF>WeAQLwoXwMP zU2{kxzcW>Pv#?Y!{YIAjX6R4|!Zt7l7(rYlpJO0q{U83thj5iVgLl0#Vbh`P7|r)~ zn+iU}HJq0*f`Oshdn)-&(+n$rA6YMM@GA6~zf7xCGe-?gmtRnhM z|3GBY1pFo&%vESj@SGYHh3t)GFdz|4$x?i*qivPs58}G0Sue}$hn<~v&-x^^QtIBQ zeb?&UB#5glv}UQoB$lRu@7*}LR4~A7;tDuN&_js|MN96X-QP-={ti2-Xkv)?3$@6J z^`GUg&(xxmFqNYF6){tXknMFxb?0Ws9k%bh)Co)@S#O!b^bX1vQtP~1=uh+l>2d|U`WLVx(iXv&F=BOjq;77<1VD~JPf<682Q4b z8htzH?6jT~kp3C$uF!Iizw{2&3YVO5FQlbZKxKp}1zpTTSh3&V@%^&;Aj2q&W%6HJ z`|k#1|MUMLORYJ30X-lljmnMS)knnR(na6YKfPIGHD9!*>+lTyj*n+rXV0rfAi1ep zuVv^3Wa!X?Jm2a>RWgNz5;=hURl$~c08<;>t96$Ty*_5UyKvxSM>ne-{|h7mERNe_ z8SP=H0A)bXKob=ON;?(=x~J`>PIDC(feR^X3c9NB?OQPGEszKDdr|#%Z}KYrFVJo+ z?9XIjVK!dSv=s6x8FeExm$=pc$7Y~tQ~vHpzMv|8&eJ1K|ikI{<<*=*QK&7Lk zpuJw|Z1sq}CEclqK*h)-J1hC+!1-XDIe_(AxwpIDOI7~)g2Yz@{mf|fAKmhoia5f~ zN~)H2N&k^2)5%j8jCt8PCK&V8>PGPhuy@q&Zs^t&?%mXsZ`Knop)xpwa=@y^yFYi>=jumPu!-> zX69-O(Cm>j4kijed7Cl2@egtA=K=7${~?ae?XZCo9Wp=2E+Ta~LZW%NQ;s{o$j=_IyZ|z&nA!Gp>0Q3B*>N0wM{2(o|&6 zJOw4{|Gg~lu%K*-J0@ba^=z;+Y(Or{O_D5wgDFGFHg+>rgne%nW^PADN2T74~o^=1<;EY9F z<_nd9HrDr6&x3)~AV}?euSm zWSCiwW}ma-bZ^R>6~>uxF^4(Ly)m`DRn|8-FvAj8buL&Ma(C0B#&nOV($0Ej8E>t1 z4-JVB4uOze6h|4+IdGy!Rpdz$B9dvl5Wy38zlwMG}_ zl@B35+itsSP5phGVa6-J*kx+#CHhAf2gr_5z7=BpJuC$rw}!&Qiu%~ytIU20tYR~c`VB}K5I zvjVtlavWumz|(G{I2H9o`Fdlk_2n=hk2PnSlNCI0eQhg`c$5G$L5p@nHaO&O9d4-EVoPsG z7nEop%VUs;2^{F7SBca|jAfA_{MJVU)TV-dx>xik8})h4Dja4&c=Qu> zE5(AN5=#WD&~y}(*(xjYJM2dBbsB)=;h9l$x7=4XakSGlQnnrhDi}AAVZ}L&#%zK; zs6(KawL)6Y3+kAs+@wErS=tF-6SY4KpzIru{kXP@SEgj^c^j z4VuneZI!%b<^l7Zep-#_t%pVBJ;TG&Gkbr zgVPG8+M00X6I-u1_FR)6N3TH`O;6h6@2WgU_MDNFKCHDRj^v4TNyd;8UbK02%MWa4 zlAl1M&#sDozR_%WhN785^@ACF7XExhx6N!49g}eU*)9pOZ$!9ye4pPpG}cQ?tD;Q} zNM#m^2ZPYRrh*yPKw`V`5f_KFWv@{yBkG~5(Jc|gePoWQ-Vz}43)|zO{FU;i^)l%t z)hlA_D@)1M1QqHp<`Qww2Ox}c(nM2Ghr729x~oeJjMHPVRy@@37%Sd#IgqZM5B=?mS6Xv=5N-3ZMc=r%ki0XSev9nbRJ^K( z{RNV`g8jLM_6PG$sztp_752?Ep|TSA8itr;iJbf#>W0_31#JhL zV+!lS^kz=l)Ck9)=ONt5a!M!`3>JgQNK@>6E7mvb^S9OS;p)DnH+~!T_n#cn;P$ia zkgm@z56Bf%N#`}Nn%QxfXzsJj%d7*)H(xU^69`Z(KkXVseL}N|DuD))CkCs~$4ucS zun!HDX#e+hrfFi_0 zq$dB%8Enfb@a_Zjb2k2rrVcmXW^2+mu?fS99Buf3nOPpl=v!jC=DQ;@|KzBAVO5G| zRjcNYyB@*C3&&ZjDxem5Id?CtnwK@hh1Sj=vv%^l7xUt!1*P%jWh}kuk4t?X*^am; zCWg&^DKM3X+NA-%LN-}&!lFPm^5hveCmBhtu0Ax)nWcojQYj#N&A$(C(i6fM0U*t{ z0FZ%@>!|}_rcdnT(8$V2U8uG+u!=b|4)`VWohNL6}#BTAYs#^2}($BIx@u+HqxT1h9% z$iFuF!9TLazVKl;?mFLrqS@2GJd-WMqM@1O)ifpNYXwCKMZ>6*hpb*-(CB{)fu%m9 z{KP~zvlg-m8`MHiuo6sH0t=HwVBAkuhbz6*1csgc`=@9<&Dw;vpq`#M2ab*kabu#4 zN2KYSJini%ci_+q8t=etZpxedc!2u@Ml~L>=2eQ88x9bJu5Qv$H+7+$wKz7Pa3I@i zp61SEi?jG;LzRn54f{a5wq98_nA#E)szmQlmYLa~v;H|JR9=9m%XymQ9XX&TG0dO2 z_~oiu=jizH2-8XCS`K4iU7EJasAyViep{oPMeH>$)c`qQBE=moKq7&dh1FA3o#EN> zcHj2bGN0}1#2=H8;E<4bR2u`hU4%wEp7Ca1%7=>Hhf%%YNw5Hf&w;QiP@MGDRV8Zs zS^e?oG747aNog3Ew;Zba#drIyNaz6(IYor^9W1X4ThdM7FVHE2nr`!i^9e6FeYaU_ z7tGyAh6daCB{017GSw(RKQ}=jc(_qKW7dT7)ndn!ab4&NmjSO$a|%j- zMXd)!_ccf-@B7}B9$*;3^YHcI6a9Rqh^c`i=ji;f)YPO_nZ#C14VmqEqWoOyLs zvyrtOr2Cb53(Ty$R_GTmy~MALR3GlAkfCQf96-{&J0SV50QC7eG@v0kPgV&ZVv(xeffDf<@Q`mC-YjupZ(`#cPx{+T`NM?vgw^)$d0l5(0w8 ztseGp-()@1)Kj$Ewk$gwgkL}O!NH^~yAGAcQ>=H&UIk0O$-2%jdoifGUDZ~5#zZA& z(DJTUiJ<;HC_qzD+$^42jVL}YB`{TAh`6ci9FteSD+4q|r;EU;14Gs6PTJNs!gZ$S zou1x(eivP9%N#7?6?tl1bAGX_v~2@wp>sCf3YdL^&|MnhPF@bIp(Z_j&SS!A;Txuz zsIq_KwhDbZz<53yP<4@wZAU6uvwofyb6ag``zF+VRVqbuR;c8m$XtNB|5VcworQ}@ z8xHw|-4#dvKHTW>*kr1!mVd@@+obExED(6LH&fWFGI=r&L|9g>2Z}gLj>ay>Opk;P z8$ITq2&%)0PPC%2auF!=4vshcB0qD&+MLy+`O;`m;dtneNuc76)QgHu*2LWDmjonl zJahD8K1jrZ?EV5-*u#Er;@th#5q4&L9j)4$BqpjeOKJVs50fK5FbueavU{Nj!j5$S zaM0U(-sXSNiQORPw|>OF{Pdk*6lnHr4jEk9arn8kO>41#@i=y+s!;mex|_QfgeOh_ z42IS#uF(vjbNmJwLtlNf=9i4}dhR}N(+5*6`weA3NEI;@Q{P@Vq+IbV8#H*Te~Ya1 z1`0Ilw)%NgE`G72%ho*XVTt)_+pw?kYRK#6y2y^Z*jsMf2KJF=uA6!C4yyAh1WhfjOAR z&!6uOyBvB32Hfq&(-((a5e8+#v_tP-;oYIO$Bh{{vb=y4Ya<1~oqpw)#-Q_jzUQ}Z z$iNh;XZ8QIcb;EOt=k$8AcAz*lpsZ=Y*9dv-a&fDfP@mlrX#%ulrBn7+!RR^sUi?C zR1-QIl^%Kmk*Xk_Py_@41Du=>cij62+;Kjf;TmI&wZ5)7o_CG;zVn&C+5F1UPttW& z;L-U(Q{@p|UdsK}CXyoo|Jgr7?G?N^lX*!506YgQ=b%TU|tHRr0F{O_@uy9+T=<5m&v?)~_ifPfFTSs=3FAzQStDo>|R z#f$@$>R;Usx@PNawd6EM;zgaVAlg3cK{E8Nr>-zj`kq>jhns0{L#TtPN2klJB=5vI z%Tuf8dR6v4=xNRNrIo;YLJy8a&{hFeHM!hAkJQER$6uM%?N8`DhvO( z0MPfuo)rb%XilBxx&X9JAHX!vvBUH*96>ti&D4p2iIr^Q7MGREx13M$GhG(Aeemd3 z^hjjjSH#?}sBZ~so1+ukm~8y2&vvm3dZfE}V2Om4r0Z_L%{88yGyKe{^I`w#E)CptFI z+66X>2kuvp9UQG@^YG`I%7YHVM+QEEXCI&R3z7Yxd3XU?7-x%eVyf1G>_+-3cDCZ` zgGI;98IvHf2-%)h4%rq4V(o?wJC?8|oeleZ9hN7b6YLrA-s5OZ?3Wv6{i?NDC95t_ zm_)jp3VMl**=t@a{=q${M09y!Azo7f)293=H zk6mtTk#qDRLKUvug|kS~%sn~tO{_lX$$C4L*(Lh(DdqNP22WAfPtzx_Qk?*Dao;ft z0pijLJ}@18v#4B1IzU4~hAoRT#S)t*2jMcFx>-m8_aZ_AWp=jL8k!Oz0quPwq3khs ziX{b_;p^u_@zcSaB8h*#bkz6wAA>l29bbRAxeqj|FJ}l@IHgVvze6*Vnwpe{#c9IwT-c`V5T+W@cw=@}y0L|FD=X%tj4XSaOsxAlBZYvS0mi9=p_V zv_`6&7dWJH+;FdQ*>`#}~2VBb|dtj5z(1B2S z1)XR9h4Q3|VwN-E&5=b92oP@iQc9!xX;IfqLrtyYVE1RK#wI@X>M=K-IlCNEt0POo78l|5UG~eO8ur8JssKt&Ftu8t>m=7Rsoy zWe~2Y8z5kr2S!4S3k_AJjKs$1wHZ9I@l+?lpab**Aa7efQu*!W0y)5??dw>}#+kM# zlpFLGgbBI*M&g4l5MYA_U<&M<8tb&|hkhC*C2H9h#ha3<_Uva3VB$l;#f4Vw$IE*< z{CQdh>QJSM%7rg#+s1vyC?eUmrnqHnSG>IrKI(pJUa|F1ZywodDna}FRn?3y2#I|m zPlMF!l9>Q|m2i!ILzm>Jdo*~esAyUQ-182)v~R&8k!_N&Vkl2dI-!z|pFaDA-haH= zMz{QfnuGZq-M5EG@%D2vtXft6L@Ux%m`E8O8DFZagMC@xQ7n0|gKd*+X`g-la5)D! z*Oh<&a^%x~Kjv~>CdG*);~f?BRBTEQel4~3&1})p=L-OaVGYvw-5`J?osp!{X8=mL zg^I|8ruKA4QySS)#5j!NBeu1SqTNN_TmXpj z*|8Sk6oATx0YC?piA!z!+DKdIwYrqv_r06;o4~u1CFticzWZI79q+t$W+dCZ6JhfL za84T$sfXwUdQbv`FQED^wyCc$V2PoeawlG`m*|oB7oT&-JHzp_eA@9W_;M6@eg%PB z2f>(3|Hz$_PnVXe#&j{;i)KVZGvH(NGF-miW<*Lil&CsYm~fi+aqJKwV}&SdMmorN zos_-kH5n~Fsu@WK3|QFxGO}n!8Fh{1OJo`ISJfSt4~sBU0rM@O6nKfoFSk}EKaqO+ zToWNV>X(m!{kFZx;75fLLK^7Y-YbG(r#9{0a!pYMF*ZeWWnThl~ZS@zTt-L88is@A*&TxKx! z7#ACBw?>S&=DKdOUrvyxC{lY4C1p-mCDp-=%7uU8;7%5SaYL5t5I>kExwtV={UI07 z&i|oosp^Mv9L6HNNnAVbU7dDQ86ZsFQTm^jx6eA8+oVN3%5pDD(nPPLJ9F74 znkU7~JOjrOpQsz_v>OxRO?uR{Py{Vn+X2gEEyE~fH9*QIz3v#AEFY3}_^sSw{M~uW z==d3Z9`<0*%-{qf54~9H$wFW|A#I5qPM6 zH-t;>mY8en9(YcP>c80iINMepyUD8cc?P&{=Er?uKSg=)Z4qo!^zlAr#YILs4$3 zbIOFBQ3y*U2iE5LquHv$Jn)lRS8H##*RILuN4*(&*C?Xs(I64M)^?B<)DiFF~JG=3Zm<&)?&9~^$ zxp=SH66DT?X%+jT%_PFpEXIRSLh#O#^46)h^isjI$yJmL!&VjKt}r1M0$9Ha=L+?d zb@bD&GM3Sm|6rhwyZ>rK*j{)J+^yCXNdm1tPpmxlS|t(9o8D(1O|G#RPP`Dz?gLWD zdcUq&QV)0pf_@#{+VhFHYusSq9r(QB22z%>nCW!2CNESfq_*JkO-|kRoSoRpR^Hd* zXyoeNGt@zT|JV6z^TLyF$MlJBhp)c6&rxG^{c3iC1X(TA7i_^S)WDvnEM(i^r)@Mj z?{zh~KhyScHp#Fb`FjifMF!j(2Lyrl;;b42)?)1cME3hkb3T@pBY1?e%_;ygxtR%+x?@ zwP-yY#Ioc+Zb)9ovmc;E2^hCmp3e#MVm6tBz)Sb(p{~n$r-VuVZ%M|5K4DmThNRIJ z%&}f&Uf_TufKy ZcS`}Nmr^nhTC?^iWQVnMgke}I{a<4CA~*m5 From d224397f40a798ae9ddf4e7a9f00aaf3d62620dd Mon Sep 17 00:00:00 2001 From: winterfx Date: Sat, 21 Feb 2026 23:29:40 +0800 Subject: [PATCH 26/88] fix: preserve reasoning_content for OpenAI-compatible reasoning models Models like Moonshot kimi-k2.5 and DeepSeek-R1 return a reasoning_content field in assistant messages. When thinking is enabled, the API requires this field to be echoed back in subsequent requests. PicoClaw was silently dropping it, causing 400 errors on tool-call round-trips. - Add ReasoningContent to Message and LLMResponse types - Parse reasoning_content in openai_compat parseResponse() - Carry reasoning_content through assistant tool-call messages - Add unit test for reasoning_content parsing Fixes #588 --- pkg/agent/loop.go | 5 ++- pkg/providers/openai_compat/provider.go | 14 ++++--- pkg/providers/openai_compat/provider_test.go | 44 ++++++++++++++++++++ pkg/providers/protocoltypes/types.go | 18 ++++---- 4 files changed, 65 insertions(+), 16 deletions(-) diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index b36f4a0c4..92cede616 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -622,8 +622,9 @@ func (al *AgentLoop) runLLMIteration( // Build assistant message with tool calls assistantMsg := providers.Message{ - Role: "assistant", - Content: response.Content, + Role: "assistant", + Content: response.Content, + ReasoningContent: response.ReasoningContent, } for _, tc := range normalizedToolCalls { argumentsJSON, _ := json.Marshal(tc.Arguments) diff --git a/pkg/providers/openai_compat/provider.go b/pkg/providers/openai_compat/provider.go index b8528953a..f35d89c85 100644 --- a/pkg/providers/openai_compat/provider.go +++ b/pkg/providers/openai_compat/provider.go @@ -148,8 +148,9 @@ func parseResponse(body []byte) (*LLMResponse, error) { var apiResponse struct { Choices []struct { Message struct { - Content string `json:"content"` - ToolCalls []struct { + Content string `json:"content"` + ReasoningContent string `json:"reasoning_content"` + ToolCalls []struct { ID string `json:"id"` Type string `json:"type"` Function *struct { @@ -221,10 +222,11 @@ func parseResponse(body []byte) (*LLMResponse, error) { } return &LLMResponse{ - Content: choice.Message.Content, - ToolCalls: toolCalls, - FinishReason: choice.FinishReason, - Usage: apiResponse.Usage, + Content: choice.Message.Content, + ReasoningContent: choice.Message.ReasoningContent, + ToolCalls: toolCalls, + FinishReason: choice.FinishReason, + Usage: apiResponse.Usage, }, nil } diff --git a/pkg/providers/openai_compat/provider_test.go b/pkg/providers/openai_compat/provider_test.go index 42f9d42ab..594a48213 100644 --- a/pkg/providers/openai_compat/provider_test.go +++ b/pkg/providers/openai_compat/provider_test.go @@ -101,6 +101,50 @@ func TestProviderChat_ParsesToolCalls(t *testing.T) { } } +func TestProviderChat_ParsesReasoningContent(t *testing.T) { + server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + resp := map[string]any{ + "choices": []map[string]any{ + { + "message": map[string]any{ + "content": "The answer is 2", + "reasoning_content": "Let me think step by step... 1+1=2", + "tool_calls": []map[string]any{ + { + "id": "call_1", + "type": "function", + "function": map[string]any{ + "name": "calculator", + "arguments": "{\"expr\":\"1+1\"}", + }, + }, + }, + }, + "finish_reason": "tool_calls", + }, + }, + } + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(resp) + })) + defer server.Close() + + p := NewProvider("key", server.URL, "") + out, err := p.Chat(t.Context(), []Message{{Role: "user", Content: "1+1=?"}}, nil, "kimi-k2.5", nil) + if err != nil { + t.Fatalf("Chat() error = %v", err) + } + if out.ReasoningContent != "Let me think step by step... 1+1=2" { + t.Fatalf("ReasoningContent = %q, want %q", out.ReasoningContent, "Let me think step by step... 1+1=2") + } + if out.Content != "The answer is 2" { + t.Fatalf("Content = %q, want %q", out.Content, "The answer is 2") + } + if len(out.ToolCalls) != 1 { + t.Fatalf("len(ToolCalls) = %d, want 1", len(out.ToolCalls)) + } +} + func TestProviderChat_HTTPError(t *testing.T) { server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { http.Error(w, "bad request", http.StatusBadRequest) diff --git a/pkg/providers/protocoltypes/types.go b/pkg/providers/protocoltypes/types.go index 3a089ca47..d6928e1ed 100644 --- a/pkg/providers/protocoltypes/types.go +++ b/pkg/providers/protocoltypes/types.go @@ -25,10 +25,11 @@ type FunctionCall struct { } type LLMResponse struct { - Content string `json:"content"` - ToolCalls []ToolCall `json:"tool_calls,omitempty"` - FinishReason string `json:"finish_reason"` - Usage *UsageInfo `json:"usage,omitempty"` + Content string `json:"content"` + ReasoningContent string `json:"reasoning_content,omitempty"` + ToolCalls []ToolCall `json:"tool_calls,omitempty"` + FinishReason string `json:"finish_reason"` + Usage *UsageInfo `json:"usage,omitempty"` } type UsageInfo struct { @@ -38,10 +39,11 @@ type UsageInfo struct { } type Message struct { - Role string `json:"role"` - Content string `json:"content"` - ToolCalls []ToolCall `json:"tool_calls,omitempty"` - ToolCallID string `json:"tool_call_id,omitempty"` + Role string `json:"role"` + Content string `json:"content"` + ReasoningContent string `json:"reasoning_content,omitempty"` + ToolCalls []ToolCall `json:"tool_calls,omitempty"` + ToolCallID string `json:"tool_call_id,omitempty"` } type ToolDefinition struct { From c51ceac70b66acc30d42a31e9f77d784b190890c Mon Sep 17 00:00:00 2001 From: Albert Simon <47634918+willyw0nka@users.noreply.github.com> Date: Sat, 21 Feb 2026 23:53:53 +0100 Subject: [PATCH 27/88] fix: updated model configuration links at readme (#544) Signed-off-by: Albert Simon From b9a66248d8fd88644f1fec3f8be35fbbc23d4803 Mon Sep 17 00:00:00 2001 From: kernoeb Date: Sun, 22 Feb 2026 01:32:44 +0100 Subject: [PATCH 28/88] fix: resolve Groq STT key from model_list when providers.groq is absent (#602) When users migrate from the legacy `providers` config to the new `model_list` format, voice transcription silently breaks on Telegram, Discord and Slack channels. The gateway was reading the Groq API key exclusively from `cfg.Providers.Groq.APIKey`, which is empty once the key is defined only inside a `model_list` entry. The transcriber was never initialized, so voice messages fell back to a plain `[voice]` placeholder. This fix also scans `model_list` for any entry whose `model` field starts with `groq/` and uses its `api_key` as a fallback, preserving full backward compatibility with the legacy `providers.groq` field. --- cmd/picoclaw/cmd_gateway.go | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/cmd/picoclaw/cmd_gateway.go b/cmd/picoclaw/cmd_gateway.go index 9a3b6aa19..28ef76ad3 100644 --- a/cmd/picoclaw/cmd_gateway.go +++ b/cmd/picoclaw/cmd_gateway.go @@ -10,6 +10,7 @@ import ( "os" "os/signal" "path/filepath" + "strings" "time" "github.com/sipeed/picoclaw/pkg/agent" @@ -121,8 +122,17 @@ func gatewayCmd() { agentLoop.SetChannelManager(channelManager) var transcriber *voice.GroqTranscriber - if cfg.Providers.Groq.APIKey != "" { - transcriber = voice.NewGroqTranscriber(cfg.Providers.Groq.APIKey) + groqAPIKey := cfg.Providers.Groq.APIKey + if groqAPIKey == "" { + for _, mc := range cfg.ModelList { + if strings.HasPrefix(mc.Model, "groq/") && mc.APIKey != "" { + groqAPIKey = mc.APIKey + break + } + } + } + if groqAPIKey != "" { + transcriber = voice.NewGroqTranscriber(groqAPIKey) logger.InfoC("voice", "Groq voice transcription enabled") } From cec6fd4cd4689bac068b4710aed0b26e98c77541 Mon Sep 17 00:00:00 2001 From: Yoftahe Abraham Date: Sun, 22 Feb 2026 10:27:38 +0300 Subject: [PATCH 29/88] fix: should use fmt.Printf instead of fmt.Print(fmt.Sprintf(...)) (#623) --- cmd/picoclaw/cmd_agent.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/picoclaw/cmd_agent.go b/cmd/picoclaw/cmd_agent.go index 6d6ff935f..8658c9d32 100644 --- a/cmd/picoclaw/cmd_agent.go +++ b/cmd/picoclaw/cmd_agent.go @@ -148,7 +148,7 @@ func interactiveMode(agentLoop *agent.AgentLoop, sessionKey string) { func simpleInteractiveMode(agentLoop *agent.AgentLoop, sessionKey string) { reader := bufio.NewReader(os.Stdin) for { - fmt.Print(fmt.Sprintf("%s You: ", logo)) + fmt.Printf("%s You: ", logo) line, err := reader.ReadString('\n') if err != nil { if err == io.EOF { From 65422a16a4f9a04ecc55b066b800e92859b9f376 Mon Sep 17 00:00:00 2001 From: Edouard CLAUDE Date: Fri, 20 Feb 2026 19:31:35 +0400 Subject: [PATCH 30/88] feat: add native Mistral AI provider support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add Mistral as a first-class provider alongside the 17 existing ones. Mistral uses the OpenAI-compatible API at https://api.mistral.ai/v1 with provider-specific model prefix stripping (mistral/model ā†’ model). Changes: - Add Mistral to ProvidersConfig, IsEmpty(), HasProvidersConfig() - Add mistral entry in default model_list (defaults.go) - Add mistral protocol in factory_provider.go and getDefaultAPIBase() - Add mistral prefix stripping in openai_compat normalizeModel() - Add mistral case in legacy factory.go resolveProviderSelection() - Add mistral migration entry in ConvertProvidersToModelList() - Add mistral to supported providers in migrate/config.go - Add mistral section in config.example.json - Update AllProviders test (17 ā†’ 18 providers) Tested end-to-end with mistral-small-latest model. --- config/config.example.json | 4 ++++ pkg/config/config.go | 7 +++++-- pkg/config/defaults.go | 8 ++++++++ pkg/config/migration.go | 16 ++++++++++++++++ pkg/config/migration_test.go | 7 ++++--- pkg/migrate/config.go | 1 + pkg/providers/factory.go | 16 ++++++++++++++++ pkg/providers/factory_provider.go | 4 +++- pkg/providers/openai_compat/provider.go | 2 +- 9 files changed, 58 insertions(+), 7 deletions(-) diff --git a/config/config.example.json b/config/config.example.json index 77a8c0683..e814fcbb8 100644 --- a/config/config.example.json +++ b/config/config.example.json @@ -196,6 +196,10 @@ "volcengine": { "api_key": "", "api_base": "" + }, + "mistral": { + "api_key": "", + "api_base": "https://api.mistral.ai/v1" } }, "tools": { diff --git a/pkg/config/config.go b/pkg/config/config.go index 20556011a..440ac5436 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -324,6 +324,7 @@ type ProvidersConfig struct { GitHubCopilot ProviderConfig `json:"github_copilot"` Antigravity ProviderConfig `json:"antigravity"` Qwen ProviderConfig `json:"qwen"` + Mistral ProviderConfig `json:"mistral"` } // IsEmpty checks if all provider configs are empty (no API keys or API bases set) @@ -345,7 +346,8 @@ func (p ProvidersConfig) IsEmpty() bool { p.VolcEngine.APIKey == "" && p.VolcEngine.APIBase == "" && p.GitHubCopilot.APIKey == "" && p.GitHubCopilot.APIBase == "" && p.Antigravity.APIKey == "" && p.Antigravity.APIBase == "" && - p.Qwen.APIKey == "" && p.Qwen.APIBase == "" + p.Qwen.APIKey == "" && p.Qwen.APIBase == "" && + p.Mistral.APIKey == "" && p.Mistral.APIBase == "" } // MarshalJSON implements custom JSON marshaling for ProvidersConfig @@ -636,7 +638,8 @@ func (c *Config) HasProvidersConfig() bool { v.VolcEngine.APIKey != "" || v.VolcEngine.APIBase != "" || v.GitHubCopilot.APIKey != "" || v.GitHubCopilot.APIBase != "" || v.Antigravity.APIKey != "" || v.Antigravity.APIBase != "" || - v.Qwen.APIKey != "" || v.Qwen.APIBase != "" + v.Qwen.APIKey != "" || v.Qwen.APIBase != "" || + v.Mistral.APIKey != "" || v.Mistral.APIBase != "" } // ValidateModelList validates all ModelConfig entries in the model_list. diff --git a/pkg/config/defaults.go b/pkg/config/defaults.go index 7654326e7..065273c28 100644 --- a/pkg/config/defaults.go +++ b/pkg/config/defaults.go @@ -255,6 +255,14 @@ func DefaultConfig() *Config { APIKey: "ollama", }, + // Mistral AI - https://console.mistral.ai/api-keys + { + ModelName: "mistral-small", + Model: "mistral/mistral-small-latest", + APIBase: "https://api.mistral.ai/v1", + APIKey: "", + }, + // VLLM (local) - http://localhost:8000 { ModelName: "local-model", diff --git a/pkg/config/migration.go b/pkg/config/migration.go index 689e2312f..30eaa7474 100644 --- a/pkg/config/migration.go +++ b/pkg/config/migration.go @@ -324,6 +324,22 @@ func ConvertProvidersToModelList(cfg *Config) []ModelConfig { }, true }, }, + { + providerNames: []string{"mistral"}, + protocol: "mistral", + buildConfig: func(p ProvidersConfig) (ModelConfig, bool) { + if p.Mistral.APIKey == "" && p.Mistral.APIBase == "" { + return ModelConfig{}, false + } + return ModelConfig{ + ModelName: "mistral", + Model: "mistral/mistral-small-latest", + APIKey: p.Mistral.APIKey, + APIBase: p.Mistral.APIBase, + Proxy: p.Mistral.Proxy, + }, true + }, + }, } // Process each provider migration diff --git a/pkg/config/migration_test.go b/pkg/config/migration_test.go index 1e8139e68..42165cb71 100644 --- a/pkg/config/migration_test.go +++ b/pkg/config/migration_test.go @@ -131,14 +131,15 @@ func TestConvertProvidersToModelList_AllProviders(t *testing.T) { GitHubCopilot: ProviderConfig{ConnectMode: "grpc"}, Antigravity: ProviderConfig{AuthMethod: "oauth"}, Qwen: ProviderConfig{APIKey: "key17"}, + Mistral: ProviderConfig{APIKey: "key18"}, }, } result := ConvertProvidersToModelList(cfg) - // All 17 providers should be converted - if len(result) != 17 { - t.Errorf("len(result) = %d, want 17", len(result)) + // All 18 providers should be converted + if len(result) != 18 { + t.Errorf("len(result) = %d, want 18", len(result)) } } diff --git a/pkg/migrate/config.go b/pkg/migrate/config.go index 2237a1429..24ce33e94 100644 --- a/pkg/migrate/config.go +++ b/pkg/migrate/config.go @@ -22,6 +22,7 @@ var supportedProviders = map[string]bool{ "qwen": true, "deepseek": true, "github_copilot": true, + "mistral": true, } var supportedChannels = map[string]bool{ diff --git a/pkg/providers/factory.go b/pkg/providers/factory.go index b6f1b5e21..cda4753ea 100644 --- a/pkg/providers/factory.go +++ b/pkg/providers/factory.go @@ -172,6 +172,15 @@ func resolveProviderSelection(cfg *config.Config) (providerSelection, error) { sel.model = "deepseek-chat" } } + case "mistral": + if cfg.Providers.Mistral.APIKey != "" { + sel.apiKey = cfg.Providers.Mistral.APIKey + sel.apiBase = cfg.Providers.Mistral.APIBase + sel.proxy = cfg.Providers.Mistral.Proxy + if sel.apiBase == "" { + sel.apiBase = "https://api.mistral.ai/v1" + } + } case "github_copilot", "copilot": sel.providerType = providerTypeGitHubCopilot if cfg.Providers.GitHubCopilot.APIBase != "" { @@ -275,6 +284,13 @@ func resolveProviderSelection(cfg *config.Config) (providerSelection, error) { if sel.apiBase == "" { sel.apiBase = "http://localhost:11434/v1" } + case (strings.Contains(lowerModel, "mistral") || strings.HasPrefix(model, "mistral/")) && cfg.Providers.Mistral.APIKey != "": + sel.apiKey = cfg.Providers.Mistral.APIKey + sel.apiBase = cfg.Providers.Mistral.APIBase + sel.proxy = cfg.Providers.Mistral.Proxy + if sel.apiBase == "" { + sel.apiBase = "https://api.mistral.ai/v1" + } case cfg.Providers.VLLM.APIBase != "": sel.apiKey = cfg.Providers.VLLM.APIKey sel.apiBase = cfg.Providers.VLLM.APIBase diff --git a/pkg/providers/factory_provider.go b/pkg/providers/factory_provider.go index 74fe8a36c..7d5566eef 100644 --- a/pkg/providers/factory_provider.go +++ b/pkg/providers/factory_provider.go @@ -88,7 +88,7 @@ func CreateProviderFromConfig(cfg *config.ModelConfig) (LLMProvider, string, err case "openrouter", "groq", "zhipu", "gemini", "nvidia", "ollama", "moonshot", "shengsuanyun", "deepseek", "cerebras", - "volcengine", "vllm", "qwen": + "volcengine", "vllm", "qwen", "mistral": // All other OpenAI-compatible HTTP providers if cfg.APIKey == "" && cfg.APIBase == "" { return nil, "", fmt.Errorf("api_key or api_base is required for HTTP-based protocol %q", protocol) @@ -186,6 +186,8 @@ func getDefaultAPIBase(protocol string) string { return "https://dashscope.aliyuncs.com/compatible-mode/v1" case "vllm": return "http://localhost:8000/v1" + case "mistral": + return "https://api.mistral.ai/v1" default: return "" } diff --git a/pkg/providers/openai_compat/provider.go b/pkg/providers/openai_compat/provider.go index b8528953a..236a048c4 100644 --- a/pkg/providers/openai_compat/provider.go +++ b/pkg/providers/openai_compat/provider.go @@ -240,7 +240,7 @@ func normalizeModel(model, apiBase string) string { prefix := strings.ToLower(model[:idx]) switch prefix { - case "moonshot", "nvidia", "groq", "ollama", "deepseek", "google", "openrouter", "zhipu": + case "moonshot", "nvidia", "groq", "ollama", "deepseek", "google", "openrouter", "zhipu", "mistral": return model[idx+1:] default: return model From 34a8ce5af05618057837db05828f3867e6cd4fdf Mon Sep 17 00:00:00 2001 From: Edouard CLAUDE Date: Sat, 21 Feb 2026 05:32:18 +0400 Subject: [PATCH 31/88] fix: remove extra fields from ToolCall JSON serialization Mistral's API strictly validates tool_calls in assistant messages and rejects non-standard fields. The ToolCall struct had Name and Arguments as top-level JSON fields, duplicating data already in Function.Name and Function.Arguments. OpenAI silently ignored these extras but Mistral returns 422. Change json tags to "-" so these internal fields are no longer serialized to API payloads while remaining available in Go code. --- pkg/providers/protocoltypes/types.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/providers/protocoltypes/types.go b/pkg/providers/protocoltypes/types.go index 3a089ca47..5e1c6d397 100644 --- a/pkg/providers/protocoltypes/types.go +++ b/pkg/providers/protocoltypes/types.go @@ -4,8 +4,8 @@ type ToolCall struct { ID string `json:"id"` Type string `json:"type,omitempty"` Function *FunctionCall `json:"function,omitempty"` - Name string `json:"name,omitempty"` - Arguments map[string]any `json:"arguments,omitempty"` + Name string `json:"-"` + Arguments map[string]any `json:"-"` ThoughtSignature string `json:"-"` // Internal use only ExtraContent *ExtraContent `json:"extra_content,omitempty"` } From 6b55fb5f1df3ee6852c31d579b3dc04b742cc704 Mon Sep 17 00:00:00 2001 From: Ali Zulfiqar Date: Sun, 22 Feb 2026 15:00:15 +0500 Subject: [PATCH 32/88] docs: fix typos, broken links and inconsistencies in README (#608) * docs: fix typos, broken links and inconsistencies in README * docs: revert unintentional bullet style changes * docs: fix changes * docs: fixing issues * docs: updating roadmap link * docs: removing * --- README.md | 142 ++++++++++++++++++++++++++++++------------------------ 1 file changed, 78 insertions(+), 64 deletions(-) diff --git a/README.md b/README.md index 7bc7b1089..de6fd87ea 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,8 @@ Twitter

@@ -521,7 +525,6 @@ See [WeCom App Configuration Guide](docs/wecom-app-configuration.md) for detaile * Go to WeCom Admin Console ā†’ App Management ā†’ Create App * Copy **AgentId** and **Secret** * Go to "My Company" page, copy **CorpID** - **2. Configure receive message** * In App details, click "Receive Message" ā†’ "Set API" @@ -605,23 +608,23 @@ PicoClaw runs in a sandboxed environment by default. The agent can only access f } ``` -| Option | Default | Description | -|--------|---------|-------------| -| `workspace` | `~/.picoclaw/workspace` | Working directory for the agent | -| `restrict_to_workspace` | `true` | Restrict file/command access to workspace | +| Option | Default | Description | +| ----------------------- | ----------------------- | ----------------------------------------- | +| `workspace` | `~/.picoclaw/workspace` | Working directory for the agent | +| `restrict_to_workspace` | `true` | Restrict file/command access to workspace | #### Protected Tools When `restrict_to_workspace: true`, the following tools are sandboxed: -| Tool | Function | Restriction | -|------|----------|-------------| -| `read_file` | Read files | Only files within workspace | -| `write_file` | Write files | Only files within workspace | -| `list_dir` | List directories | Only directories within workspace | -| `edit_file` | Edit files | Only files within workspace | -| `append_file` | Append to files | Only files within workspace | -| `exec` | Execute commands | Command paths must be within workspace | +| Tool | Function | Restriction | +| ------------- | ---------------- | -------------------------------------- | +| `read_file` | Read files | Only files within workspace | +| `write_file` | Write files | Only files within workspace | +| `list_dir` | List directories | Only directories within workspace | +| `edit_file` | Edit files | Only files within workspace | +| `append_file` | Append to files | Only files within workspace | +| `exec` | Execute commands | Command paths must be within workspace | #### Additional Exec Protection @@ -674,11 +677,11 @@ export PICOCLAW_AGENTS_DEFAULTS_RESTRICT_TO_WORKSPACE=false The `restrict_to_workspace` setting applies consistently across all execution paths: -| Execution Path | Security Boundary | -|----------------|-------------------| -| Main Agent | `restrict_to_workspace` āœ… | +| Execution Path | Security Boundary | +| ---------------- | ---------------------------- | +| Main Agent | `restrict_to_workspace` āœ… | | Subagent / Spawn | Inherits same restriction āœ… | -| Heartbeat tasks | Inherits same restriction āœ… | +| Heartbeat tasks | Inherits same restriction āœ… | All paths share the same workspace restriction ā€” there's no way to bypass the security boundary through subagents or scheduled tasks. @@ -704,21 +707,23 @@ For long-running tasks (web search, API calls), use the `spawn` tool to create a # Periodic Tasks ## Quick Tasks (respond directly) + - Report current time ## Long Tasks (use spawn for async) + - Search the web for AI news and summarize - Check email and report important messages ``` **Key behaviors:** -| Feature | Description | -|---------|-------------| -| **spawn** | Creates async subagent, doesn't block heartbeat | -| **Independent context** | Subagent has its own context, no session history | -| **message tool** | Subagent communicates with user directly via message tool | -| **Non-blocking** | After spawning, heartbeat continues to next task | +| Feature | Description | +| ----------------------- | --------------------------------------------------------- | +| **spawn** | Creates async subagent, doesn't block heartbeat | +| **Independent context** | Subagent has its own context, no session history | +| **message tool** | Subagent communicates with user directly via message tool | +| **Non-blocking** | After spawning, heartbeat continues to next task | #### How Subagent Communication Works @@ -749,10 +754,10 @@ The subagent has access to tools (message, web_search, etc.) and can communicate } ``` -| Option | Default | Description | -|--------|---------|-------------| -| `enabled` | `true` | Enable/disable heartbeat | -| `interval` | `30` | Check interval in minutes (min: 5) | +| Option | Default | Description | +| ---------- | ------- | ---------------------------------- | +| `enabled` | `true` | Enable/disable heartbeat | +| `interval` | `30` | Check interval in minutes (min: 5) | **Environment variables:** @@ -764,17 +769,17 @@ The subagent has access to tools (message, web_search, etc.) and can communicate > [!NOTE] > Groq provides free voice transcription via Whisper. If configured, Telegram voice messages will be automatically transcribed. -| Provider | Purpose | Get API Key | -| -------------------------- | --------------------------------------- | ------------------------------------------------------ | -| `gemini` | LLM (Gemini direct) | [aistudio.google.com](https://aistudio.google.com) | -| `zhipu` | LLM (Zhipu direct) | [bigmodel.cn](bigmodel.cn) | -| `openrouter(To be tested)` | LLM (recommended, access to all models) | [openrouter.ai](https://openrouter.ai) | -| `anthropic(To be tested)` | LLM (Claude direct) | [console.anthropic.com](https://console.anthropic.com) | -| `openai(To be tested)` | LLM (GPT direct) | [platform.openai.com](https://platform.openai.com) | -| `deepseek(To be tested)` | LLM (DeepSeek direct) | [platform.deepseek.com](https://platform.deepseek.com) | +| Provider | Purpose | Get API Key | +| -------------------------- | --------------------------------------- | -------------------------------------------------------------------- | +| `gemini` | LLM (Gemini direct) | [aistudio.google.com](https://aistudio.google.com) | +| `zhipu` | LLM (Zhipu direct) | [bigmodel.cn](https://bigmodel.cn) | +| `openrouter(To be tested)` | LLM (recommended, access to all models) | [openrouter.ai](https://openrouter.ai) | +| `anthropic(To be tested)` | LLM (Claude direct) | [console.anthropic.com](https://console.anthropic.com) | +| `openai(To be tested)` | LLM (GPT direct) | [platform.openai.com](https://platform.openai.com) | +| `deepseek(To be tested)` | LLM (DeepSeek direct) | [platform.deepseek.com](https://platform.deepseek.com) | | `qwen` | LLM (Qwen direct) | [dashscope.console.aliyun.com](https://dashscope.console.aliyun.com) | -| `groq` | LLM + **Voice transcription** (Whisper) | [console.groq.com](https://console.groq.com) | -| `cerebras` | LLM (Cerebras direct) | [cerebras.ai](https://cerebras.ai) | +| `groq` | LLM + **Voice transcription** (Whisper) | [console.groq.com](https://console.groq.com) | +| `cerebras` | LLM (Cerebras direct) | [cerebras.ai](https://cerebras.ai) | ### Model Configuration (model_list) @@ -789,25 +794,25 @@ This design also enables **multi-agent support** with flexible provider selectio #### šŸ“‹ All Supported Vendors -| Vendor | `model` Prefix | Default API Base | Protocol | API Key | -|--------|----------------|------------------|----------|---------| -| **OpenAI** | `openai/` | `https://api.openai.com/v1` | OpenAI | [Get Key](https://platform.openai.com) | -| **Anthropic** | `anthropic/` | `https://api.anthropic.com/v1` | Anthropic | [Get Key](https://console.anthropic.com) | -| **ę™ŗč°± AI (GLM)** | `zhipu/` | `https://open.bigmodel.cn/api/paas/v4` | OpenAI | [Get Key](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) | -| **DeepSeek** | `deepseek/` | `https://api.deepseek.com/v1` | OpenAI | [Get Key](https://platform.deepseek.com) | -| **Google Gemini** | `gemini/` | `https://generativelanguage.googleapis.com/v1beta` | OpenAI | [Get Key](https://aistudio.google.com/api-keys) | -| **Groq** | `groq/` | `https://api.groq.com/openai/v1` | OpenAI | [Get Key](https://console.groq.com) | -| **Moonshot** | `moonshot/` | `https://api.moonshot.cn/v1` | OpenAI | [Get Key](https://platform.moonshot.cn) | -| **通义千问 (Qwen)** | `qwen/` | `https://dashscope.aliyuncs.com/compatible-mode/v1` | OpenAI | [Get Key](https://dashscope.console.aliyun.com) | -| **NVIDIA** | `nvidia/` | `https://integrate.api.nvidia.com/v1` | OpenAI | [Get Key](https://build.nvidia.com) | -| **Ollama** | `ollama/` | `http://localhost:11434/v1` | OpenAI | Local (no key needed) | -| **OpenRouter** | `openrouter/` | `https://openrouter.ai/api/v1` | OpenAI | [Get Key](https://openrouter.ai/keys) | -| **VLLM** | `vllm/` | `http://localhost:8000/v1` | OpenAI | Local | -| **Cerebras** | `cerebras/` | `https://api.cerebras.ai/v1` | OpenAI | [Get Key](https://cerebras.ai) | -| **ē«å±±å¼•ę“Ž** | `volcengine/` | `https://ark.cn-beijing.volces.com/api/v3` | OpenAI | [Get Key](https://console.volcengine.com) | -| **ē„žē®—äŗ‘** | `shengsuanyun/` | `https://router.shengsuanyun.com/api/v1` | OpenAI | - | -| **Antigravity** | `antigravity/` | Google Cloud | Custom | OAuth only | -| **GitHub Copilot** | `github-copilot/` | `localhost:4321` | gRPC | - | +| Vendor | `model` Prefix | Default API Base | Protocol | API Key | +| ------------------- | ----------------- | --------------------------------------------------- | --------- | ---------------------------------------------------------------- | +| **OpenAI** | `openai/` | `https://api.openai.com/v1` | OpenAI | [Get Key](https://platform.openai.com) | +| **Anthropic** | `anthropic/` | `https://api.anthropic.com/v1` | Anthropic | [Get Key](https://console.anthropic.com) | +| **ę™ŗč°± AI (GLM)** | `zhipu/` | `https://open.bigmodel.cn/api/paas/v4` | OpenAI | [Get Key](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) | +| **DeepSeek** | `deepseek/` | `https://api.deepseek.com/v1` | OpenAI | [Get Key](https://platform.deepseek.com) | +| **Google Gemini** | `gemini/` | `https://generativelanguage.googleapis.com/v1beta` | OpenAI | [Get Key](https://aistudio.google.com/api-keys) | +| **Groq** | `groq/` | `https://api.groq.com/openai/v1` | OpenAI | [Get Key](https://console.groq.com) | +| **Moonshot** | `moonshot/` | `https://api.moonshot.cn/v1` | OpenAI | [Get Key](https://platform.moonshot.cn) | +| **通义千问 (Qwen)** | `qwen/` | `https://dashscope.aliyuncs.com/compatible-mode/v1` | OpenAI | [Get Key](https://dashscope.console.aliyun.com) | +| **NVIDIA** | `nvidia/` | `https://integrate.api.nvidia.com/v1` | OpenAI | [Get Key](https://build.nvidia.com) | +| **Ollama** | `ollama/` | `http://localhost:11434/v1` | OpenAI | Local (no key needed) | +| **OpenRouter** | `openrouter/` | `https://openrouter.ai/api/v1` | OpenAI | [Get Key](https://openrouter.ai/keys) | +| **VLLM** | `vllm/` | `http://localhost:8000/v1` | OpenAI | Local | +| **Cerebras** | `cerebras/` | `https://api.cerebras.ai/v1` | OpenAI | [Get Key](https://cerebras.ai) | +| **ē«å±±å¼•ę“Ž** | `volcengine/` | `https://ark.cn-beijing.volces.com/api/v3` | OpenAI | [Get Key](https://console.volcengine.com) | +| **ē„žē®—äŗ‘** | `shengsuanyun/` | `https://router.shengsuanyun.com/api/v1` | OpenAI | - | +| **Antigravity** | `antigravity/` | Google Cloud | Custom | OAuth only | +| **GitHub Copilot** | `github-copilot/` | `localhost:4321` | gRPC | - | #### Basic Configuration @@ -841,6 +846,7 @@ This design also enables **multi-agent support** with flexible provider selectio #### Vendor-Specific Examples **OpenAI** + ```json { "model_name": "gpt-5.2", @@ -850,6 +856,7 @@ This design also enables **multi-agent support** with flexible provider selectio ``` **ę™ŗč°± AI (GLM)** + ```json { "model_name": "glm-4.7", @@ -859,6 +866,7 @@ This design also enables **multi-agent support** with flexible provider selectio ``` **DeepSeek** + ```json { "model_name": "deepseek-chat", @@ -868,6 +876,7 @@ This design also enables **multi-agent support** with flexible provider selectio ``` **Anthropic (with API key)** + ```json { "model_name": "claude-sonnet-4.6", @@ -875,9 +884,11 @@ This design also enables **multi-agent support** with flexible provider selectio "api_key": "sk-ant-your-key" } ``` + > Run `picoclaw auth login --provider anthropic` to paste your API token. **Ollama (local)** + ```json { "model_name": "llama3", @@ -886,6 +897,7 @@ This design also enables **multi-agent support** with flexible provider selectio ``` **Custom Proxy/API** + ```json { "model_name": "my-custom-model", @@ -923,6 +935,7 @@ Configure multiple endpoints for the same model nameā€”PicoClaw will automatical The old `providers` configuration is **deprecated** but still supported for backward compatibility. **Old Config (deprecated):** + ```json { "providers": { @@ -941,6 +954,7 @@ The old `providers` configuration is **deprecated** but still supported for back ``` **New Config (recommended):** + ```json { "model_list": [ @@ -1105,13 +1119,13 @@ Jobs are stored in `~/.picoclaw/workspace/cron/` and processed automatically. PRs welcome! The codebase is intentionally small and readable. šŸ¤— -Roadmap coming soon... +See our full [Community Roadmap](https://github.com/sipeed/picoclaw/blob/main/ROADMAP.md). -Developer group building, Entry Requirement: At least 1 Merged PR. +Developer group building, join after your first merged PR! User Groups: -discord: +discord: PicoClaw From cb0c8703fb9d5ce373bc0c4f770177ba66508b25 Mon Sep 17 00:00:00 2001 From: King Tai <109292982+CrisisAlpha@users.noreply.github.com> Date: Sun, 22 Feb 2026 18:40:59 +0800 Subject: [PATCH 33/88] test(tools,utils): add ToolRegistry unit tests and fix Truncate panic on negative maxLen (#517) Add comprehensive unit tests for the ToolRegistry covering registration, lookup, execution, context injection, async callbacks, schema generation, provider definition conversion, and concurrent access. Fix a defensive edge case in Truncate where a negative maxLen would cause a slice bounds panic, and add table-driven tests covering boundary conditions, zero/negative lengths, and Unicode handling. Co-authored-by: Cursor --- pkg/tools/registry_test.go | 350 +++++++++++++++++++++++++++++++++++++ pkg/utils/string.go | 3 + pkg/utils/string_test.go | 106 +++++++++++ 3 files changed, 459 insertions(+) create mode 100644 pkg/tools/registry_test.go create mode 100644 pkg/utils/string_test.go diff --git a/pkg/tools/registry_test.go b/pkg/tools/registry_test.go new file mode 100644 index 000000000..33978e543 --- /dev/null +++ b/pkg/tools/registry_test.go @@ -0,0 +1,350 @@ +package tools + +import ( + "context" + "strings" + "sync" + "testing" + + "github.com/sipeed/picoclaw/pkg/providers" +) + +// --- mock types --- + +type mockRegistryTool struct { + name string + desc string + params map[string]interface{} + result *ToolResult +} + +func (m *mockRegistryTool) Name() string { return m.name } +func (m *mockRegistryTool) Description() string { return m.desc } +func (m *mockRegistryTool) Parameters() map[string]interface{} { return m.params } +func (m *mockRegistryTool) Execute(_ context.Context, _ map[string]interface{}) *ToolResult { + return m.result +} + +type mockCtxTool struct { + mockRegistryTool + channel string + chatID string +} + +func (m *mockCtxTool) SetContext(channel, chatID string) { + m.channel = channel + m.chatID = chatID +} + +type mockAsyncRegistryTool struct { + mockRegistryTool + cb AsyncCallback +} + +func (m *mockAsyncRegistryTool) SetCallback(cb AsyncCallback) { + m.cb = cb +} + +// --- helpers --- + +func newMockTool(name, desc string) *mockRegistryTool { + return &mockRegistryTool{ + name: name, + desc: desc, + params: map[string]interface{}{"type": "object"}, + result: SilentResult("ok"), + } +} + +// --- tests --- + +func TestNewToolRegistry(t *testing.T) { + r := NewToolRegistry() + if r.Count() != 0 { + t.Errorf("expected empty registry, got count %d", r.Count()) + } + if len(r.List()) != 0 { + t.Errorf("expected empty list, got %v", r.List()) + } +} + +func TestToolRegistry_RegisterAndGet(t *testing.T) { + r := NewToolRegistry() + tool := newMockTool("echo", "echoes input") + r.Register(tool) + + got, ok := r.Get("echo") + if !ok { + t.Fatal("expected to find registered tool") + } + if got.Name() != "echo" { + t.Errorf("expected name 'echo', got %q", got.Name()) + } +} + +func TestToolRegistry_Get_NotFound(t *testing.T) { + r := NewToolRegistry() + _, ok := r.Get("nonexistent") + if ok { + t.Error("expected ok=false for unregistered tool") + } +} + +func TestToolRegistry_RegisterOverwrite(t *testing.T) { + r := NewToolRegistry() + r.Register(newMockTool("dup", "first")) + r.Register(newMockTool("dup", "second")) + + if r.Count() != 1 { + t.Errorf("expected count 1 after overwrite, got %d", r.Count()) + } + tool, _ := r.Get("dup") + if tool.Description() != "second" { + t.Errorf("expected overwritten description 'second', got %q", tool.Description()) + } +} + +func TestToolRegistry_Execute_Success(t *testing.T) { + r := NewToolRegistry() + r.Register(&mockRegistryTool{ + name: "greet", + desc: "says hello", + params: map[string]interface{}{}, + result: SilentResult("hello"), + }) + + result := r.Execute(context.Background(), "greet", nil) + if result.IsError { + t.Errorf("expected success, got error: %s", result.ForLLM) + } + if result.ForLLM != "hello" { + t.Errorf("expected ForLLM 'hello', got %q", result.ForLLM) + } +} + +func TestToolRegistry_Execute_NotFound(t *testing.T) { + r := NewToolRegistry() + result := r.Execute(context.Background(), "missing", nil) + if !result.IsError { + t.Error("expected error for missing tool") + } + if !strings.Contains(result.ForLLM, "not found") { + t.Errorf("expected 'not found' in error, got %q", result.ForLLM) + } + if result.Err == nil { + t.Error("expected Err to be set via WithError") + } +} + +func TestToolRegistry_ExecuteWithContext_ContextualTool(t *testing.T) { + r := NewToolRegistry() + ct := &mockCtxTool{ + mockRegistryTool: *newMockTool("ctx_tool", "needs context"), + } + r.Register(ct) + + r.ExecuteWithContext(context.Background(), "ctx_tool", nil, "telegram", "chat-42", nil) + + if ct.channel != "telegram" { + t.Errorf("expected channel 'telegram', got %q", ct.channel) + } + if ct.chatID != "chat-42" { + t.Errorf("expected chatID 'chat-42', got %q", ct.chatID) + } +} + +func TestToolRegistry_ExecuteWithContext_SkipsEmptyContext(t *testing.T) { + r := NewToolRegistry() + ct := &mockCtxTool{ + mockRegistryTool: *newMockTool("ctx_tool", "needs context"), + } + r.Register(ct) + + r.ExecuteWithContext(context.Background(), "ctx_tool", nil, "", "", nil) + + if ct.channel != "" || ct.chatID != "" { + t.Error("SetContext should not be called with empty channel/chatID") + } +} + +func TestToolRegistry_ExecuteWithContext_AsyncCallback(t *testing.T) { + r := NewToolRegistry() + at := &mockAsyncRegistryTool{ + mockRegistryTool: *newMockTool("async_tool", "async work"), + } + at.result = AsyncResult("started") + r.Register(at) + + called := false + cb := func(_ context.Context, _ *ToolResult) { called = true } + + result := r.ExecuteWithContext(context.Background(), "async_tool", nil, "", "", cb) + if at.cb == nil { + t.Error("expected SetCallback to have been called") + } + if !result.Async { + t.Error("expected async result") + } + + at.cb(context.Background(), SilentResult("done")) + if !called { + t.Error("expected callback to be invoked") + } +} + +func TestToolRegistry_GetDefinitions(t *testing.T) { + r := NewToolRegistry() + r.Register(newMockTool("alpha", "tool A")) + + defs := r.GetDefinitions() + if len(defs) != 1 { + t.Fatalf("expected 1 definition, got %d", len(defs)) + } + if defs[0]["type"] != "function" { + t.Errorf("expected type 'function', got %v", defs[0]["type"]) + } + fn, ok := defs[0]["function"].(map[string]interface{}) + if !ok { + t.Fatal("expected 'function' key to be a map") + } + if fn["name"] != "alpha" { + t.Errorf("expected name 'alpha', got %v", fn["name"]) + } + if fn["description"] != "tool A" { + t.Errorf("expected description 'tool A', got %v", fn["description"]) + } +} + +func TestToolRegistry_ToProviderDefs(t *testing.T) { + r := NewToolRegistry() + params := map[string]interface{}{"type": "object", "properties": map[string]interface{}{}} + r.Register(&mockRegistryTool{ + name: "beta", + desc: "tool B", + params: params, + result: SilentResult("ok"), + }) + + defs := r.ToProviderDefs() + if len(defs) != 1 { + t.Fatalf("expected 1 provider def, got %d", len(defs)) + } + + want := providers.ToolDefinition{ + Type: "function", + Function: providers.ToolFunctionDefinition{ + Name: "beta", + Description: "tool B", + Parameters: params, + }, + } + got := defs[0] + if got.Type != want.Type { + t.Errorf("Type: want %q, got %q", want.Type, got.Type) + } + if got.Function.Name != want.Function.Name { + t.Errorf("Name: want %q, got %q", want.Function.Name, got.Function.Name) + } + if got.Function.Description != want.Function.Description { + t.Errorf("Description: want %q, got %q", want.Function.Description, got.Function.Description) + } +} + +func TestToolRegistry_List(t *testing.T) { + r := NewToolRegistry() + r.Register(newMockTool("x", "")) + r.Register(newMockTool("y", "")) + + names := r.List() + if len(names) != 2 { + t.Fatalf("expected 2 names, got %d", len(names)) + } + + nameSet := map[string]bool{} + for _, n := range names { + nameSet[n] = true + } + if !nameSet["x"] || !nameSet["y"] { + t.Errorf("expected names {x, y}, got %v", names) + } +} + +func TestToolRegistry_Count(t *testing.T) { + r := NewToolRegistry() + if r.Count() != 0 { + t.Errorf("expected 0, got %d", r.Count()) + } + + r.Register(newMockTool("a", "")) + r.Register(newMockTool("b", "")) + if r.Count() != 2 { + t.Errorf("expected 2, got %d", r.Count()) + } + + r.Register(newMockTool("a", "replaced")) + if r.Count() != 2 { + t.Errorf("expected 2 after overwrite, got %d", r.Count()) + } +} + +func TestToolRegistry_GetSummaries(t *testing.T) { + r := NewToolRegistry() + r.Register(newMockTool("read_file", "Reads a file")) + + summaries := r.GetSummaries() + if len(summaries) != 1 { + t.Fatalf("expected 1 summary, got %d", len(summaries)) + } + if !strings.Contains(summaries[0], "`read_file`") { + t.Errorf("expected backtick-quoted name in summary, got %q", summaries[0]) + } + if !strings.Contains(summaries[0], "Reads a file") { + t.Errorf("expected description in summary, got %q", summaries[0]) + } +} + +func TestToolToSchema(t *testing.T) { + tool := newMockTool("demo", "demo tool") + schema := ToolToSchema(tool) + + if schema["type"] != "function" { + t.Errorf("expected type 'function', got %v", schema["type"]) + } + fn, ok := schema["function"].(map[string]interface{}) + if !ok { + t.Fatal("expected 'function' to be a map") + } + if fn["name"] != "demo" { + t.Errorf("expected name 'demo', got %v", fn["name"]) + } + if fn["description"] != "demo tool" { + t.Errorf("expected description 'demo tool', got %v", fn["description"]) + } + if fn["parameters"] == nil { + t.Error("expected parameters to be set") + } +} + +func TestToolRegistry_ConcurrentAccess(t *testing.T) { + r := NewToolRegistry() + var wg sync.WaitGroup + + for i := 0; i < 50; i++ { + wg.Add(1) + go func(n int) { + defer wg.Done() + name := string(rune('A' + n%26)) + r.Register(newMockTool(name, "concurrent")) + r.Get(name) + r.Count() + r.List() + r.GetDefinitions() + }(i) + } + + wg.Wait() + + if r.Count() == 0 { + t.Error("expected tools to be registered after concurrent access") + } +} diff --git a/pkg/utils/string.go b/pkg/utils/string.go index 7a6aa37cc..62d9beee0 100644 --- a/pkg/utils/string.go +++ b/pkg/utils/string.go @@ -4,6 +4,9 @@ package utils // Handles multi-byte Unicode characters properly. // If the string is truncated, "..." is appended to indicate truncation. func Truncate(s string, maxLen int) string { + if maxLen <= 0 { + return "" + } runes := []rune(s) if len(runes) <= maxLen { return s diff --git a/pkg/utils/string_test.go b/pkg/utils/string_test.go new file mode 100644 index 000000000..a44ead228 --- /dev/null +++ b/pkg/utils/string_test.go @@ -0,0 +1,106 @@ +package utils + +import "testing" + +func TestTruncate(t *testing.T) { + tests := []struct { + name string + input string + maxLen int + want string + }{ + { + name: "short string unchanged", + input: "hi", + maxLen: 10, + want: "hi", + }, + { + name: "exact length unchanged", + input: "hello", + maxLen: 5, + want: "hello", + }, + { + name: "long string truncated with ellipsis", + input: "hello world", + maxLen: 8, + want: "hello...", + }, + { + name: "maxLen equals 4 leaves 1 char plus ellipsis", + input: "abcdef", + maxLen: 4, + want: "a...", + }, + { + name: "maxLen 3 returns first 3 chars without ellipsis", + input: "abcdef", + maxLen: 3, + want: "abc", + }, + { + name: "maxLen 2 returns first 2 chars", + input: "abcdef", + maxLen: 2, + want: "ab", + }, + { + name: "maxLen 1 returns first char", + input: "abcdef", + maxLen: 1, + want: "a", + }, + { + name: "maxLen 0 returns empty", + input: "hello", + maxLen: 0, + want: "", + }, + { + name: "negative maxLen returns empty", + input: "hello", + maxLen: -1, + want: "", + }, + { + name: "empty string unchanged", + input: "", + maxLen: 5, + want: "", + }, + { + name: "empty string with zero maxLen", + input: "", + maxLen: 0, + want: "", + }, + { + name: "unicode truncated correctly", + input: "\U0001f600\U0001f601\U0001f602\U0001f603\U0001f604", + maxLen: 4, + want: "\U0001f600...", + }, + { + name: "unicode short enough", + input: "\u00e9\u00e8", + maxLen: 5, + want: "\u00e9\u00e8", + }, + { + name: "mixed ascii and unicode", + input: "Go\U0001f680\U0001f525\U0001f4a5\U0001f30d", + maxLen: 5, + want: "Go...", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got := Truncate(tt.input, tt.maxLen) + if got != tt.want { + t.Errorf("Truncate(%q, %d) = %q, want %q", tt.input, tt.maxLen, got, tt.want) + } + }) + } +} From a849e02917e6c3c6a52a0e2c27e19552cc91f88d Mon Sep 17 00:00:00 2001 From: Lixeer <1612655510@qq.com> Date: Sun, 22 Feb 2026 22:30:53 +0800 Subject: [PATCH 34/88] fix: better session management for `github_copilot_provider` --- cmd/picoclaw/cmd_gateway.go | 3 + pkg/providers/github_copilot_provider.go | 74 ++++++++++++++++-------- pkg/providers/types.go | 5 ++ 3 files changed, 59 insertions(+), 23 deletions(-) diff --git a/cmd/picoclaw/cmd_gateway.go b/cmd/picoclaw/cmd_gateway.go index 28ef76ad3..30d61aec3 100644 --- a/cmd/picoclaw/cmd_gateway.go +++ b/cmd/picoclaw/cmd_gateway.go @@ -212,6 +212,9 @@ func gatewayCmd() { fmt.Println("\nShutting down...") cancel() + if cp, ok := provider.(providers.SessionProvider); ok { + cp.Close() + } healthServer.Stop(context.Background()) deviceService.Stop() heartbeatService.Stop() diff --git a/pkg/providers/github_copilot_provider.go b/pkg/providers/github_copilot_provider.go index 6124881f7..8131b76fc 100644 --- a/pkg/providers/github_copilot_provider.go +++ b/pkg/providers/github_copilot_provider.go @@ -4,60 +4,75 @@ import ( "context" "encoding/json" "fmt" + "sync" copilot "github.com/github/copilot-sdk/go" ) type GitHubCopilotProvider struct { uri string - connectMode string // `stdio` or `grpc`` + connectMode string // "stdio" or "grpc" + client *copilot.Client session *copilot.Session + + mu sync.Mutex } func NewGitHubCopilotProvider(uri string, connectMode string, model string) (*GitHubCopilotProvider, error) { - var session *copilot.Session if connectMode == "" { connectMode = "grpc" } - switch connectMode { + switch connectMode { case "stdio": - // todo + // TODO: + return nil, fmt.Errorf("stdio mode not implemented") case "grpc": client := copilot.NewClient(&copilot.ClientOptions{ CLIUrl: uri, }) if err := client.Start(context.Background()); err != nil { - return nil, fmt.Errorf( - "Can't connect to Github Copilot, https://github.com/github/copilot-sdk/blob/main/docs/getting-started.md#connecting-to-an-external-cli-server for details", - ) + return nil, fmt.Errorf("can't connect to Github Copilot: %w; `https://github.com/github/copilot-sdk/blob/main/docs/getting-started.md#connecting-to-an-external-cli-server` for details", err) } - defer client.Stop() - session, _ = client.CreateSession(context.Background(), &copilot.SessionConfig{ + + session, err := client.CreateSession(context.Background(), &copilot.SessionConfig{ Model: model, Hooks: &copilot.SessionHooks{}, }) + if err != nil { + client.Stop() + return nil, fmt.Errorf("create session failed: %w", err) + } + + return &GitHubCopilotProvider{ + uri: uri, + connectMode: connectMode, + client: client, + session: session, + }, nil + default: + return nil, fmt.Errorf("unknown connect mode: %s", connectMode) } - - return &GitHubCopilotProvider{ - uri: uri, - connectMode: connectMode, - session: session, - }, nil } -// Chat sends a chat request to GitHub Copilot -func (p *GitHubCopilotProvider) Chat( - ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]any, -) (*LLMResponse, error) { +func (p *GitHubCopilotProvider) Close() { + p.mu.Lock() + defer p.mu.Unlock() + if p.client != nil { + p.client.Stop() + p.client = nil + p.session = nil + } +} + +func (p *GitHubCopilotProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { type tempMessage struct { Role string `json:"role"` Content string `json:"content"` } out := make([]tempMessage, 0, len(messages)) - for _, msg := range messages { out = append(out, tempMessage{ Role: msg.Role, @@ -65,18 +80,31 @@ func (p *GitHubCopilotProvider) Chat( }) } - fullcontent, _ := json.Marshal(out) + fullcontent, err := json.Marshal(out) + if err != nil { + return nil, fmt.Errorf("marshal messages: %w", err) + } + p.mu.Lock() + defer p.mu.Unlock() - content, _ := p.session.Send(ctx, copilot.MessageOptions{ + resp, err := p.session.SendAndWait(ctx, copilot.MessageOptions{ Prompt: string(fullcontent), }) + if err != nil { + return nil, err + } + + var content string + if resp != nil && resp.Data.Content != nil { + content = *resp.Data.Content + } return &LLMResponse{ FinishReason: "stop", Content: content, }, nil } - func (p *GitHubCopilotProvider) GetDefaultModel() string { + return "gpt-4.1" } diff --git a/pkg/providers/types.go b/pkg/providers/types.go index f711e7803..40ff6f7c8 100644 --- a/pkg/providers/types.go +++ b/pkg/providers/types.go @@ -30,6 +30,11 @@ type LLMProvider interface { GetDefaultModel() string } +type SessionProvider interface { + LLMProvider + Close() +} + // FailoverReason classifies why an LLM request failed for fallback decisions. type FailoverReason string From 3d605a4f537507713706aa626b74ad8506e6e12a Mon Sep 17 00:00:00 2001 From: Lixeer <1612655510@qq.com> Date: Sun, 22 Feb 2026 23:02:29 +0800 Subject: [PATCH 35/88] fix: run fmt and lint --- pkg/providers/github_copilot_provider.go | 15 ++++++++++++--- pkg/tools/registry_test.go | 20 ++++++++++---------- 2 files changed, 22 insertions(+), 13 deletions(-) diff --git a/pkg/providers/github_copilot_provider.go b/pkg/providers/github_copilot_provider.go index 8131b76fc..c69658b44 100644 --- a/pkg/providers/github_copilot_provider.go +++ b/pkg/providers/github_copilot_provider.go @@ -33,7 +33,10 @@ func NewGitHubCopilotProvider(uri string, connectMode string, model string) (*Gi CLIUrl: uri, }) if err := client.Start(context.Background()); err != nil { - return nil, fmt.Errorf("can't connect to Github Copilot: %w; `https://github.com/github/copilot-sdk/blob/main/docs/getting-started.md#connecting-to-an-external-cli-server` for details", err) + return nil, fmt.Errorf( + "can't connect to Github Copilot: %w; `https://github.com/github/copilot-sdk/blob/main/docs/getting-started.md#connecting-to-an-external-cli-server` for details", + err, + ) } session, err := client.CreateSession(context.Background(), &copilot.SessionConfig{ @@ -67,7 +70,13 @@ func (p *GitHubCopilotProvider) Close() { } } -func (p *GitHubCopilotProvider) Chat(ctx context.Context, messages []Message, tools []ToolDefinition, model string, options map[string]interface{}) (*LLMResponse, error) { +func (p *GitHubCopilotProvider) Chat( + ctx context.Context, + messages []Message, + tools []ToolDefinition, + model string, + options map[string]any, +) (*LLMResponse, error) { type tempMessage struct { Role string `json:"role"` Content string `json:"content"` @@ -104,7 +113,7 @@ func (p *GitHubCopilotProvider) Chat(ctx context.Context, messages []Message, to Content: content, }, nil } -func (p *GitHubCopilotProvider) GetDefaultModel() string { +func (p *GitHubCopilotProvider) GetDefaultModel() string { return "gpt-4.1" } diff --git a/pkg/tools/registry_test.go b/pkg/tools/registry_test.go index 33978e543..8ae13b20c 100644 --- a/pkg/tools/registry_test.go +++ b/pkg/tools/registry_test.go @@ -14,14 +14,14 @@ import ( type mockRegistryTool struct { name string desc string - params map[string]interface{} + params map[string]any result *ToolResult } -func (m *mockRegistryTool) Name() string { return m.name } -func (m *mockRegistryTool) Description() string { return m.desc } -func (m *mockRegistryTool) Parameters() map[string]interface{} { return m.params } -func (m *mockRegistryTool) Execute(_ context.Context, _ map[string]interface{}) *ToolResult { +func (m *mockRegistryTool) Name() string { return m.name } +func (m *mockRegistryTool) Description() string { return m.desc } +func (m *mockRegistryTool) Parameters() map[string]any { return m.params } +func (m *mockRegistryTool) Execute(_ context.Context, _ map[string]any) *ToolResult { return m.result } @@ -51,7 +51,7 @@ func newMockTool(name, desc string) *mockRegistryTool { return &mockRegistryTool{ name: name, desc: desc, - params: map[string]interface{}{"type": "object"}, + params: map[string]any{"type": "object"}, result: SilentResult("ok"), } } @@ -109,7 +109,7 @@ func TestToolRegistry_Execute_Success(t *testing.T) { r.Register(&mockRegistryTool{ name: "greet", desc: "says hello", - params: map[string]interface{}{}, + params: map[string]any{}, result: SilentResult("hello"), }) @@ -203,7 +203,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { if defs[0]["type"] != "function" { t.Errorf("expected type 'function', got %v", defs[0]["type"]) } - fn, ok := defs[0]["function"].(map[string]interface{}) + fn, ok := defs[0]["function"].(map[string]any) if !ok { t.Fatal("expected 'function' key to be a map") } @@ -217,7 +217,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { func TestToolRegistry_ToProviderDefs(t *testing.T) { r := NewToolRegistry() - params := map[string]interface{}{"type": "object", "properties": map[string]interface{}{}} + params := map[string]any{"type": "object", "properties": map[string]any{}} r.Register(&mockRegistryTool{ name: "beta", desc: "tool B", @@ -310,7 +310,7 @@ func TestToolToSchema(t *testing.T) { if schema["type"] != "function" { t.Errorf("expected type 'function', got %v", schema["type"]) } - fn, ok := schema["function"].(map[string]interface{}) + fn, ok := schema["function"].(map[string]any) if !ok { t.Fatal("expected 'function' to be a map") } From c6865fe852f4e163767b78b6df72a06b5fdc6204 Mon Sep 17 00:00:00 2001 From: Vidish <57653368+ulolol@users.noreply.github.com> Date: Sun, 22 Feb 2026 22:00:14 +0530 Subject: [PATCH 36/88] feat: integrate Tavily search (#340) * feat: integrate Tavily search * fix: set include_raw_content to false in Tavily search as wealready get relevant data inside content * refactor: update Go type declarations to `any`, apply formatting fixes. --- README.ja.md | 29 ++++++++++-- README.md | 9 +++- README.zh.md | 27 ++++++----- pkg/config/config.go | 8 ++++ pkg/tools/registry_test.go | 20 ++++---- pkg/tools/web.go | 97 +++++++++++++++++++++++++++++++++++++- pkg/tools/web_test.go | 72 ++++++++++++++++++++++++++++ 7 files changed, 232 insertions(+), 30 deletions(-) diff --git a/README.ja.md b/README.ja.md index bb0bdfb28..3506c77c2 100644 --- a/README.ja.md +++ b/README.ja.md @@ -162,7 +162,7 @@ docker compose --profile gateway up -d > [!TIP] > `~/.picoclaw/config.json` 恫 API ć‚­ćƒ¼ć‚’čØ­å®šć—ć¦ćć ć•ć„ć€‚ > API ć‚­ćƒ¼ć®å–å¾—å…ˆ: [OpenRouter](https://openrouter.ai/keys) (LLM) Ā· [Zhipu](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) (LLM) -> Web ꤜē“¢ćÆ **ä»»ę„** 恧恙 - ē„”ꖙ恮 [Brave Search API](https://brave.com/search/api) (꜈ 2000 ć‚Æć‚ØćƒŖē„”ꖙ) +> Web ꤜē“¢ćÆ **ä»»ę„** 恧恙 - ē„”ꖙ恮 [Tavily API](https://tavily.com) (꜈ 1000 ć‚Æć‚ØćƒŖē„”ꖙ) ć¾ćŸćÆ [Brave Search API](https://brave.com/search/api) (꜈ 2000 ć‚Æć‚ØćƒŖē„”ꖙ) **1. åˆęœŸåŒ–** @@ -193,14 +193,34 @@ picoclaw onboard "token": "YOUR_TELEGRAM_BOT_TOKEN", "allow_from": [] } + }, + "tools": { + "web": { + "search": { + "api_key": "YOUR_BRAVE_API_KEY", + "max_results": 5 + }, + "tavily": { + "enabled": false, + "api_key": "YOUR_TAVILY_API_KEY", + "max_results": 5 + } + }, + "cron": { + "exec_timeout_minutes": 5 + } + }, + "heartbeat": { + "enabled": true, + "interval": 30 } } ``` **3. API ć‚­ćƒ¼ć®å–å¾—** -- **LLM ćƒ—ćƒ­ćƒć‚¤ćƒ€ćƒ¼**: [OpenRouter](https://openrouter.ai/keys) Ā· [Zhipu](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) Ā· [Anthropic](https://console.anthropic.com) Ā· [OpenAI](https://platform.openai.com) Ā· [Gemini](https://aistudio.google.com/api-keys) Ā· [Qwen](https://dashscope.console.aliyun.com) -- **Web ꤜē“¢**ļ¼ˆä»»ę„ļ¼‰: [Brave Search](https://brave.com/search/api) - ē„”ꖙꞠ恂悊ļ¼ˆęœˆ 2000 ćƒŖć‚Æć‚Øć‚¹ćƒˆļ¼‰ +- **LLM ćƒ—ćƒ­ćƒć‚¤ćƒ€ćƒ¼**: [OpenRouter](https://openrouter.ai/keys) Ā· [Zhipu](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) Ā· [Anthropic](https://console.anthropic.com) Ā· [OpenAI](https://platform.openai.com) Ā· [Gemini](https://aistudio.google.com/api-keys) +- **Web ꤜē“¢**ļ¼ˆä»»ę„ļ¼‰: [Tavily](https://tavily.com) - AI ć‚Øćƒ¼ć‚øć‚§ćƒ³ćƒˆå‘ć‘ć«ęœ€é©åŒ– (꜈ 1000 ćƒŖć‚Æć‚Øć‚¹ćƒˆ) Ā· [Brave Search](https://brave.com/search/api) - ē„”ꖙꞠ恂悊ļ¼ˆęœˆ 2000 ćƒŖć‚Æć‚Øć‚¹ćƒˆļ¼‰ > **ę³Øꄏ**: 完å…ØćŖčØ­å®šćƒ†ćƒ³ćƒ—ćƒ¬ćƒ¼ćƒˆćÆ `config.example.json` ć‚’å‚ē…§ć—ć¦ćć ć•ć„ć€‚ @@ -985,7 +1005,7 @@ Discord: https://discord.gg/V4sAZ9XWpN ꤜē“¢ API ć‚­ćƒ¼ć‚’ć¾ć čØ­å®šć—ć¦ć„ćŖć„å “åˆć€ć“ć‚ŒćÆę­£åøø恧恙怂PicoClaw ćÆę‰‹å‹•ę¤œē“¢ē”Ø恮ä¾æ利ćŖćƒŖćƒ³ć‚Æć‚’ęä¾›ć—ć¾ć™ć€‚ Web ꤜē“¢ć‚’ęœ‰åŠ¹ć«ć™ć‚‹ć«ćÆļ¼š -1. [https://brave.com/search/api](https://brave.com/search/api) 恧ē„”ꖙ恮 API ć‚­ćƒ¼ć‚’å–å¾—ļ¼ˆęœˆ 2000 ć‚Æć‚ØćƒŖē„”ꖙļ¼‰ +1. [https://tavily.com](https://tavily.com) (꜈ 1000 ć‚Æć‚ØćƒŖē„”ꖙ) ć¾ćŸćÆ [https://brave.com/search/api](https://brave.com/search/api) 恧ē„”ꖙ恮 API ć‚­ćƒ¼ć‚’å–å¾—ļ¼ˆęœˆ 2000 ć‚Æć‚ØćƒŖē„”ꖙļ¼‰ 2. `~/.picoclaw/config.json` 恫čæ½åŠ ļ¼š ```json { @@ -1023,5 +1043,6 @@ Web ꤜē“¢ć‚’ęœ‰åŠ¹ć«ć™ć‚‹ć«ćÆļ¼š | **Zhipu** | ꜈ 200K ćƒˆćƒ¼ć‚Æćƒ³ | äø­å›½ćƒ¦ćƒ¼ć‚¶ćƒ¼å‘ć‘ęœ€é© | | **Qwen** | ē„”ꖙꞠ恂悊 | 通ē¾©åƒå• (Qwen) | | **Brave Search** | ꜈ 2000 ć‚Æć‚ØćƒŖ | Web ꤜē“¢ę©Ÿčƒ½ | +| **Tavily** | ꜈ 1000 ć‚Æć‚ØćƒŖ | AI ć‚Øćƒ¼ć‚øć‚§ćƒ³ćƒˆę¤œē“¢ęœ€é©åŒ– | | **Groq** | ē„”ꖙꞠ恂悊 | 高速ęŽØč«–ļ¼ˆLlama, Mixtralļ¼‰ | | **Cerebras** | ē„”ꖙꞠ恂悊 | 高速ęŽØč«–ļ¼ˆLlama, Qwen ćŖ恩ļ¼‰ | diff --git a/README.md b/README.md index de6fd87ea..825f57340 100644 --- a/README.md +++ b/README.md @@ -200,7 +200,7 @@ docker compose --profile gateway up -d > [!TIP] > Set your API key in `~/.picoclaw/config.json`. > Get API keys: [OpenRouter](https://openrouter.ai/keys) (LLM) Ā· [Zhipu](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) (LLM) -> Web search is **optional** - get free [Brave Search API](https://brave.com/search/api) (2000 free queries/month) or use built-in auto fallback. +> Web Search is **optional** - get free [Tavily API](https://tavily.com) (1000 free queries/month) or [Brave Search API](https://brave.com/search/api) (2000 free queries/month) or use built-in auto fallback. **1. Initialize** @@ -240,6 +240,11 @@ picoclaw onboard "api_key": "YOUR_BRAVE_API_KEY", "max_results": 5 }, + "tavily": { + "enabled": false, + "api_key": "YOUR_TAVILY_API_KEY", + "max_results": 5 + }, "duckduckgo": { "enabled": true, "max_results": 5 @@ -254,7 +259,7 @@ picoclaw onboard **3. Get API Keys** * **LLM Provider**: [OpenRouter](https://openrouter.ai/keys) Ā· [Zhipu](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) Ā· [Anthropic](https://console.anthropic.com) Ā· [OpenAI](https://platform.openai.com) Ā· [Gemini](https://aistudio.google.com/api-keys) -* **Web Search** (optional): [Brave Search](https://brave.com/search/api) - Free tier available (2000 requests/month) +* **Web Search** (optional): [Tavily](https://tavily.com) - Optimized for AI Agents (1000 requests/month) Ā· [Brave Search](https://brave.com/search/api) - Free tier available (2000 requests/month) > **Note**: See `config.example.json` for a complete configuration template. diff --git a/README.zh.md b/README.zh.md index 4d739c5eb..fd188567d 100644 --- a/README.zh.md +++ b/README.zh.md @@ -205,7 +205,7 @@ docker compose --profile gateway up -d > [!TIP] > åœØ `~/.picoclaw/config.json` äø­č®¾ē½®ę‚Øēš„ API Key怂 > čŽ·å– API Key: [OpenRouter](https://openrouter.ai/keys) (LLM) Ā· [Zhipu (ę™ŗč°±)](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) (LLM) -> ē½‘ē»œęœē“¢ę˜Æ **åÆ选ēš„** - čŽ·å–å…č“¹ēš„ [Brave Search API](https://brave.com/search/api) (ęÆęœˆ 2000 ę¬”å…č“¹ęŸ„čÆ¢) +> ē½‘ē»œęœē“¢ę˜Æ **åÆ选ēš„** - čŽ·å–å…č“¹ēš„ [Tavily API](https://tavily.com) (ęÆęœˆ 1000 ę¬”å…č“¹ęŸ„čÆ¢) ꈖ [Brave Search API](https://brave.com/search/api) (ęÆęœˆ 2000 ę¬”å…č“¹ęŸ„čÆ¢) **1. 初始化 (Initialize)** @@ -246,8 +246,9 @@ picoclaw onboard "api_key": "YOUR_BRAVE_API_KEY", "max_results": 5 }, - "duckduckgo": { - "enabled": true, + "tavily": { + "enabled": false, + "api_key": "YOUR_TAVILY_API_KEY", "max_results": 5 } }, @@ -262,8 +263,8 @@ picoclaw onboard **3. čŽ·å– API Key** -- **LLM ęä¾›å•†**: [OpenRouter](https://openrouter.ai/keys) Ā· [Zhipu](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) Ā· [Anthropic](https://console.anthropic.com) Ā· [OpenAI](https://platform.openai.com) Ā· [Gemini](https://aistudio.google.com/api-keys) -- **ē½‘ē»œęœē“¢** (åÆ选): [Brave Search](https://brave.com/search/api) - ęä¾›å…č“¹å±‚ēŗ§ (2000 čÆ·ę±‚/꜈) +* **LLM ęä¾›å•†**: [OpenRouter](https://openrouter.ai/keys) Ā· [Zhipu](https://open.bigmodel.cn/usercenter/proj-mgmt/apikeys) Ā· [Anthropic](https://console.anthropic.com) Ā· [OpenAI](https://platform.openai.com) Ā· [Gemini](https://aistudio.google.com/api-keys) +* **ē½‘ē»œęœē“¢** (åÆ选): [Tavily](https://tavily.com) - äø“äøŗ AI Agent 优化 (1000 čÆ·ę±‚/꜈) Ā· [Brave Search](https://brave.com/search/api) - ęä¾›å…č“¹å±‚ēŗ§ (2000 čÆ·ę±‚/꜈) > **ę³Øꄏ**: å®Œę•“ēš„配ē½®ęØ”ęæčÆ·å‚č€ƒ `config.example.json`怂 @@ -771,7 +772,7 @@ Discord: [https://discord.gg/V4sAZ9XWpN](https://discord.gg/V4sAZ9XWpN) åÆē”Øē½‘ē»œęœē“¢ļ¼š -1. åœØ [https://brave.com/search/api](https://brave.com/search/api) čŽ·å–å…č“¹ API Key (ęÆęœˆ 2000 ę¬”å…č“¹ęŸ„čÆ¢) +1. åœØ [https://tavily.com](https://tavily.com) (1000 ę¬”å…č“¹) ꈖ [https://brave.com/search/api](https://brave.com/search/api) čŽ·å–å…č“¹ API Key (2000 ę¬”å…č“¹) 2. ę·»åŠ åˆ° `~/.picoclaw/config.json`: ```json @@ -804,10 +805,10 @@ Discord: [https://discord.gg/V4sAZ9XWpN](https://discord.gg/V4sAZ9XWpN) ## šŸ“ API Key åƹęƔ -| ęœåŠ” | å…č“¹å±‚ēŗ§ | 适ē”Øåœŗę™Æ | -| ---------------- | -------------- | ----------------------------- | -| **OpenRouter** | 200K tokens/꜈ | 多ęØ”åž‹čšåˆ (Claude, GPT-4 ē­‰) | -| **ę™ŗč°± (Zhipu)** | 200K tokens/꜈ | ęœ€é€‚åˆäø­å›½ē”Øꈷ | -| **Brave Search** | 2000 ę¬”ęŸ„čÆ¢/꜈ | ē½‘ē»œęœē“¢åŠŸčƒ½ | -| **Groq** | ęä¾›å…č“¹å±‚ēŗ§ | ꞁ速ęŽØē† (Llama, Mixtral) | -| **Cerebras** | ęä¾›å…č“¹å±‚ēŗ§ | ꞁ速ęŽØē† (Llama, Qwen ē­‰) | +| ęœåŠ” | å…č“¹å±‚ēŗ§ | 适ē”Øåœŗę™Æ | +| --- | --- | --- | +| **OpenRouter** | 200K tokens/꜈ | 多ęØ”åž‹čšåˆ (Claude, GPT-4 ē­‰) | +| **ę™ŗč°± (Zhipu)** | 200K tokens/꜈ | ęœ€é€‚åˆäø­å›½ē”Øꈷ | +| **Brave Search** | 2000 ę¬”ęŸ„čÆ¢/꜈ | ē½‘ē»œęœē“¢åŠŸčƒ½ | +| **Tavily** | 1000 ę¬”ęŸ„čÆ¢/꜈ | AI Agent ꐜē“¢ä¼˜åŒ– | +| **Groq** | ęä¾›å…č“¹å±‚ēŗ§ | ꞁ速ęŽØē† (Llama, Mixtral) | diff --git a/pkg/config/config.go b/pkg/config/config.go index 20556011a..036021e49 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -418,6 +418,13 @@ type BraveConfig struct { MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_BRAVE_MAX_RESULTS"` } +type TavilyConfig struct { + Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_TAVILY_ENABLED"` + APIKey string `json:"api_key" env:"PICOCLAW_TOOLS_WEB_TAVILY_API_KEY"` + BaseURL string `json:"base_url" env:"PICOCLAW_TOOLS_WEB_TAVILY_BASE_URL"` + MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_TAVILY_MAX_RESULTS"` +} + type DuckDuckGoConfig struct { Enabled bool `json:"enabled" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_ENABLED"` MaxResults int `json:"max_results" env:"PICOCLAW_TOOLS_WEB_DUCKDUCKGO_MAX_RESULTS"` @@ -431,6 +438,7 @@ type PerplexityConfig struct { type WebToolsConfig struct { Brave BraveConfig `json:"brave"` + Tavily TavilyConfig `json:"tavily"` DuckDuckGo DuckDuckGoConfig `json:"duckduckgo"` Perplexity PerplexityConfig `json:"perplexity"` } diff --git a/pkg/tools/registry_test.go b/pkg/tools/registry_test.go index 33978e543..8ae13b20c 100644 --- a/pkg/tools/registry_test.go +++ b/pkg/tools/registry_test.go @@ -14,14 +14,14 @@ import ( type mockRegistryTool struct { name string desc string - params map[string]interface{} + params map[string]any result *ToolResult } -func (m *mockRegistryTool) Name() string { return m.name } -func (m *mockRegistryTool) Description() string { return m.desc } -func (m *mockRegistryTool) Parameters() map[string]interface{} { return m.params } -func (m *mockRegistryTool) Execute(_ context.Context, _ map[string]interface{}) *ToolResult { +func (m *mockRegistryTool) Name() string { return m.name } +func (m *mockRegistryTool) Description() string { return m.desc } +func (m *mockRegistryTool) Parameters() map[string]any { return m.params } +func (m *mockRegistryTool) Execute(_ context.Context, _ map[string]any) *ToolResult { return m.result } @@ -51,7 +51,7 @@ func newMockTool(name, desc string) *mockRegistryTool { return &mockRegistryTool{ name: name, desc: desc, - params: map[string]interface{}{"type": "object"}, + params: map[string]any{"type": "object"}, result: SilentResult("ok"), } } @@ -109,7 +109,7 @@ func TestToolRegistry_Execute_Success(t *testing.T) { r.Register(&mockRegistryTool{ name: "greet", desc: "says hello", - params: map[string]interface{}{}, + params: map[string]any{}, result: SilentResult("hello"), }) @@ -203,7 +203,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { if defs[0]["type"] != "function" { t.Errorf("expected type 'function', got %v", defs[0]["type"]) } - fn, ok := defs[0]["function"].(map[string]interface{}) + fn, ok := defs[0]["function"].(map[string]any) if !ok { t.Fatal("expected 'function' key to be a map") } @@ -217,7 +217,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { func TestToolRegistry_ToProviderDefs(t *testing.T) { r := NewToolRegistry() - params := map[string]interface{}{"type": "object", "properties": map[string]interface{}{}} + params := map[string]any{"type": "object", "properties": map[string]any{}} r.Register(&mockRegistryTool{ name: "beta", desc: "tool B", @@ -310,7 +310,7 @@ func TestToolToSchema(t *testing.T) { if schema["type"] != "function" { t.Errorf("expected type 'function', got %v", schema["type"]) } - fn, ok := schema["function"].(map[string]interface{}) + fn, ok := schema["function"].(map[string]any) if !ok { t.Fatal("expected 'function' to be a map") } diff --git a/pkg/tools/web.go b/pkg/tools/web.go index 301e00daf..059437889 100644 --- a/pkg/tools/web.go +++ b/pkg/tools/web.go @@ -1,6 +1,7 @@ package tools import ( + "bytes" "context" "encoding/json" "fmt" @@ -84,6 +85,88 @@ func (p *BraveSearchProvider) Search(ctx context.Context, query string, count in return strings.Join(lines, "\n"), nil } +type TavilySearchProvider struct { + apiKey string + baseURL string +} + +func (p *TavilySearchProvider) Search(ctx context.Context, query string, count int) (string, error) { + searchURL := p.baseURL + if searchURL == "" { + searchURL = "https://api.tavily.com/search" + } + + payload := map[string]any{ + "api_key": p.apiKey, + "query": query, + "search_depth": "advanced", + "include_answer": false, + "include_images": false, + "include_raw_content": "false", + "max_results": count, + } + + bodyBytes, err := json.Marshal(payload) + if err != nil { + return "", fmt.Errorf("failed to marshal payload: %w", err) + } + + req, err := http.NewRequestWithContext(ctx, "POST", searchURL, bytes.NewBuffer(bodyBytes)) + if err != nil { + return "", fmt.Errorf("failed to create request: %w", err) + } + + req.Header.Set("Content-Type", "application/json") + req.Header.Set("User-Agent", userAgent) + + client := &http.Client{Timeout: 10 * time.Second} + resp, err := client.Do(req) + if err != nil { + return "", fmt.Errorf("request failed: %w", err) + } + defer resp.Body.Close() + + body, err := io.ReadAll(resp.Body) + if err != nil { + return "", fmt.Errorf("failed to read response: %w", err) + } + + if resp.StatusCode != http.StatusOK { + return "", fmt.Errorf("tavily api error (status %d): %s", resp.StatusCode, string(body)) + } + + var searchResp struct { + Results []struct { + Title string `json:"title"` + URL string `json:"url"` + Content string `json:"content"` + } `json:"results"` + } + + if err := json.Unmarshal(body, &searchResp); err != nil { + return "", fmt.Errorf("failed to parse response: %w", err) + } + + results := searchResp.Results + if len(results) == 0 { + return fmt.Sprintf("No results for: %s", query), nil + } + + var lines []string + lines = append(lines, fmt.Sprintf("Results for: %s (via Tavily)", query)) + for i, item := range results { + if i >= count { + break + } + lines = append(lines, fmt.Sprintf("%d. %s\n %s", i+1, item.Title, item.URL)) + if item.Content != "" { + lines = append(lines, fmt.Sprintf(" %s", item.Content)) + } + } + + return strings.Join(lines, "\n"), nil +} + type DuckDuckGoSearchProvider struct{} func (p *DuckDuckGoSearchProvider) Search(ctx context.Context, query string, count int) (string, error) { @@ -256,6 +339,10 @@ type WebSearchToolOptions struct { BraveAPIKey string BraveMaxResults int BraveEnabled bool + TavilyAPIKey string + TavilyBaseURL string + TavilyMaxResults int + TavilyEnabled bool DuckDuckGoMaxResults int DuckDuckGoEnabled bool PerplexityAPIKey string @@ -267,7 +354,7 @@ func NewWebSearchTool(opts WebSearchToolOptions) *WebSearchTool { var provider SearchProvider maxResults := 5 - // Priority: Perplexity > Brave > DuckDuckGo + // Priority: Perplexity > Brave > Tavily > DuckDuckGo if opts.PerplexityEnabled && opts.PerplexityAPIKey != "" { provider = &PerplexitySearchProvider{apiKey: opts.PerplexityAPIKey} if opts.PerplexityMaxResults > 0 { @@ -278,6 +365,14 @@ func NewWebSearchTool(opts WebSearchToolOptions) *WebSearchTool { if opts.BraveMaxResults > 0 { maxResults = opts.BraveMaxResults } + } else if opts.TavilyEnabled && opts.TavilyAPIKey != "" { + provider = &TavilySearchProvider{ + apiKey: opts.TavilyAPIKey, + baseURL: opts.TavilyBaseURL, + } + if opts.TavilyMaxResults > 0 { + maxResults = opts.TavilyMaxResults + } } else if opts.DuckDuckGoEnabled { provider = &DuckDuckGoSearchProvider{} if opts.DuckDuckGoMaxResults > 0 { diff --git a/pkg/tools/web_test.go b/pkg/tools/web_test.go index d999d8958..75e0d8d16 100644 --- a/pkg/tools/web_test.go +++ b/pkg/tools/web_test.go @@ -333,3 +333,75 @@ func TestWebTool_WebFetch_MissingDomain(t *testing.T) { t.Errorf("Expected domain error message, got ForLLM: %s", result.ForLLM) } } + +// TestWebTool_TavilySearch_Success verifies successful Tavily search +func TestWebTool_TavilySearch_Success(t *testing.T) { + server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.Method != "POST" { + t.Errorf("Expected POST request, got %s", r.Method) + } + if r.Header.Get("Content-Type") != "application/json" { + t.Errorf("Expected Content-Type application/json, got %s", r.Header.Get("Content-Type")) + } + + // Verify payload + var payload map[string]any + json.NewDecoder(r.Body).Decode(&payload) + if payload["api_key"] != "test-key" { + t.Errorf("Expected api_key test-key, got %v", payload["api_key"]) + } + if payload["query"] != "test query" { + t.Errorf("Expected query 'test query', got %v", payload["query"]) + } + + // Return mock response + response := map[string]any{ + "results": []map[string]any{ + { + "title": "Test Result 1", + "url": "https://example.com/1", + "content": "Content for result 1", + }, + { + "title": "Test Result 2", + "url": "https://example.com/2", + "content": "Content for result 2", + }, + }, + } + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(http.StatusOK) + json.NewEncoder(w).Encode(response) + })) + defer server.Close() + + tool := NewWebSearchTool(WebSearchToolOptions{ + TavilyEnabled: true, + TavilyAPIKey: "test-key", + TavilyBaseURL: server.URL, + TavilyMaxResults: 5, + }) + + ctx := context.Background() + args := map[string]any{ + "query": "test query", + } + + result := tool.Execute(ctx, args) + + // Success should not be an error + if result.IsError { + t.Errorf("Expected success, got IsError=true: %s", result.ForLLM) + } + + // ForUser should contain result titles and URLs + if !strings.Contains(result.ForUser, "Test Result 1") || + !strings.Contains(result.ForUser, "https://example.com/1") { + t.Errorf("Expected results in output, got: %s", result.ForUser) + } + + // Should mention via Tavily + if !strings.Contains(result.ForUser, "via Tavily") { + t.Errorf("Expected 'via Tavily' in output, got: %s", result.ForUser) + } +} From 4a73415e0516e0f954267c2ee797896d2ec770bb Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Mon, 23 Feb 2026 08:09:26 +1100 Subject: [PATCH 37/88] golangci-lint run --fix on master Signed-off-by: Kai Xia --- pkg/tools/registry_test.go | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/pkg/tools/registry_test.go b/pkg/tools/registry_test.go index 33978e543..8ae13b20c 100644 --- a/pkg/tools/registry_test.go +++ b/pkg/tools/registry_test.go @@ -14,14 +14,14 @@ import ( type mockRegistryTool struct { name string desc string - params map[string]interface{} + params map[string]any result *ToolResult } -func (m *mockRegistryTool) Name() string { return m.name } -func (m *mockRegistryTool) Description() string { return m.desc } -func (m *mockRegistryTool) Parameters() map[string]interface{} { return m.params } -func (m *mockRegistryTool) Execute(_ context.Context, _ map[string]interface{}) *ToolResult { +func (m *mockRegistryTool) Name() string { return m.name } +func (m *mockRegistryTool) Description() string { return m.desc } +func (m *mockRegistryTool) Parameters() map[string]any { return m.params } +func (m *mockRegistryTool) Execute(_ context.Context, _ map[string]any) *ToolResult { return m.result } @@ -51,7 +51,7 @@ func newMockTool(name, desc string) *mockRegistryTool { return &mockRegistryTool{ name: name, desc: desc, - params: map[string]interface{}{"type": "object"}, + params: map[string]any{"type": "object"}, result: SilentResult("ok"), } } @@ -109,7 +109,7 @@ func TestToolRegistry_Execute_Success(t *testing.T) { r.Register(&mockRegistryTool{ name: "greet", desc: "says hello", - params: map[string]interface{}{}, + params: map[string]any{}, result: SilentResult("hello"), }) @@ -203,7 +203,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { if defs[0]["type"] != "function" { t.Errorf("expected type 'function', got %v", defs[0]["type"]) } - fn, ok := defs[0]["function"].(map[string]interface{}) + fn, ok := defs[0]["function"].(map[string]any) if !ok { t.Fatal("expected 'function' key to be a map") } @@ -217,7 +217,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { func TestToolRegistry_ToProviderDefs(t *testing.T) { r := NewToolRegistry() - params := map[string]interface{}{"type": "object", "properties": map[string]interface{}{}} + params := map[string]any{"type": "object", "properties": map[string]any{}} r.Register(&mockRegistryTool{ name: "beta", desc: "tool B", @@ -310,7 +310,7 @@ func TestToolToSchema(t *testing.T) { if schema["type"] != "function" { t.Errorf("expected type 'function', got %v", schema["type"]) } - fn, ok := schema["function"].(map[string]interface{}) + fn, ok := schema["function"].(map[string]any) if !ok { t.Fatal("expected 'function' to be a map") } From 8928f83c7ff254ec1c74bff1d03aca20220cb702 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kai=20Xia=28=E5=A4=8F=E6=81=BA=29?= Date: Mon, 23 Feb 2026 09:45:17 +1100 Subject: [PATCH 38/88] remove old roadmap (#632) --- README.fr.md | 2 +- README.md | 2 +- README.pt-br.md | 2 +- README.vi.md | 2 +- README.zh.md | 2 +- docs/picoclaw_community_roadmap_260216.md | 112 ---------------------- 6 files changed, 5 insertions(+), 117 deletions(-) delete mode 100644 docs/picoclaw_community_roadmap_260216.md diff --git a/README.fr.md b/README.fr.md index 7199f7098..a762870ff 100644 --- a/README.fr.md +++ b/README.fr.md @@ -50,7 +50,7 @@ ## šŸ“¢ ActualitĆ©s -2026-02-16 šŸŽ‰ PicoClaw a atteint 12K Ć©toiles en une semaine ! Merci Ć  tous pour votre soutien ! PicoClaw grandit plus vite que nous ne l'avions jamais imaginĆ©. Vu le volume Ć©levĆ© de PR, nous avons un besoin urgent de mainteneurs communautaires. Nos rĆ“les de bĆ©nĆ©voles et notre feuille de route sont officiellement publiĆ©s [ici](docs/picoclaw_community_roadmap_260216.md) ā€” nous avons hĆ¢te de vous accueillir ! +2026-02-16 šŸŽ‰ PicoClaw a atteint 12K Ć©toiles en une semaine ! Merci Ć  tous pour votre soutien ! PicoClaw grandit plus vite que nous ne l'avions jamais imaginĆ©. Vu le volume Ć©levĆ© de PR, nous avons un besoin urgent de mainteneurs communautaires. Nos rĆ“les de bĆ©nĆ©voles et notre feuille de route sont officiellement publiĆ©s [ici](docs/ROADMAP.md) ā€” nous avons hĆ¢te de vous accueillir ! 2026-02-13 šŸŽ‰ PicoClaw a atteint 5000 Ć©toiles en 4 jours ! Merci Ć  la communautĆ© ! Nous finalisons la **Feuille de Route du Projet** et mettons en place le **Groupe de DĆ©veloppeurs** pour accĆ©lĆ©rer le dĆ©veloppement de PicoClaw. šŸš€ **Appel Ć  l'action :** Soumettez vos demandes de fonctionnalitĆ©s dans les GitHub Discussions. Nous les examinerons et les prioriserons lors de notre prochaine rĆ©union hebdomadaire. diff --git a/README.md b/README.md index 825f57340..955255f2e 100644 --- a/README.md +++ b/README.md @@ -51,7 +51,7 @@ ## šŸ“¢ News -2026-02-16 šŸŽ‰ PicoClaw hit 12K stars in one week! Thank you all for your support! PicoClaw is growing faster than we ever imagined. Given the high volume of PRs, we urgently need community maintainers. Our volunteer roles and roadmap are officially posted [here](docs/picoclaw_community_roadmap_260216.md) ā€”we canā€™t wait to have you on board! +2026-02-16 šŸŽ‰ PicoClaw hit 12K stars in one week! Thank you all for your support! PicoClaw is growing faster than we ever imagined. Given the high volume of PRs, we urgently need community maintainers. Our volunteer roles and roadmap are officially posted [here](docs/ROADMAP.md) ā€”we canā€™t wait to have you on board! 2026-02-13 šŸŽ‰ PicoClaw hit 5000 stars in 4days! Thank you for the community! There are so many PRs & issues coming in (during Chinese New Year holidays), we are finalizing the Project Roadmap and setting up the Developer Group to accelerate PicoClaw's development. šŸš€ Call to Action: Please submit your feature requests in GitHub Discussions. We will review and prioritize them during our upcoming weekly meeting. diff --git a/README.pt-br.md b/README.pt-br.md index ec8fe8e1c..900ee7932 100644 --- a/README.pt-br.md +++ b/README.pt-br.md @@ -50,7 +50,7 @@ ## šŸ“¢ Novidades -2026-02-16 šŸŽ‰ PicoClaw atingiu 12K stars em uma semana! Obrigado a todos pelo apoio! O PicoClaw estĆ” crescendo mais rĆ”pido do que jamais imaginamos. Dado o alto volume de PRs, precisamos urgentemente de maintainers da comunidade. Nossos papĆ©is de voluntĆ”rios e roadmap foram publicados oficialmente [aqui](docs/picoclaw_community_roadmap_260216.md) ā€” estamos ansiosos para ter vocĆŖ a bordo! +2026-02-16 šŸŽ‰ PicoClaw atingiu 12K stars em uma semana! Obrigado a todos pelo apoio! O PicoClaw estĆ” crescendo mais rĆ”pido do que jamais imaginamos. Dado o alto volume de PRs, precisamos urgentemente de maintainers da comunidade. Nossos papĆ©is de voluntĆ”rios e roadmap foram publicados oficialmente [aqui](docs/ROADMAP.md) ā€” estamos ansiosos para ter vocĆŖ a bordo! 2026-02-13 šŸŽ‰ PicoClaw atingiu 5000 stars em 4 dias! Obrigado Ć  comunidade! Estamos finalizando o **Roadmap do Projeto** e configurando o **Grupo de Desenvolvedores** para acelerar o desenvolvimento do PicoClaw. diff --git a/README.vi.md b/README.vi.md index 161842933..29ff12bb0 100644 --- a/README.vi.md +++ b/README.vi.md @@ -50,7 +50,7 @@ ## šŸ“¢ Tin tį»©c -2026-02-16 šŸŽ‰ PicoClaw đįŗ”t 12K stars chį»‰ trong mį»™t tuįŗ§n! Cįŗ£m Ę”n tįŗ„t cįŗ£ mį»i ngĘ°į»i! PicoClaw đang phĆ”t triį»ƒn nhanh hĘ”n chĆŗng tĆ“i tĘ°į»Ÿng tĘ°į»£ng. Do sį»‘ lĘ°į»£ng PR tăng cao, chĆŗng tĆ“i cįŗ„p thiįŗæt cįŗ§n maintainer tį»« cį»™ng đį»“ng. CĆ”c vai trĆ² tƬnh nguyį»‡n viĆŖn vĆ  roadmap Ä‘Ć£ đʰį»£c cĆ“ng bį»‘ [tįŗ”i Ä‘Ć¢y](docs/picoclaw_community_roadmap_260216.md) ā€” rįŗ„t mong Ä‘Ć³n nhįŗ­n sį»± tham gia cį»§a bįŗ”n! +2026-02-16 šŸŽ‰ PicoClaw đįŗ”t 12K stars chį»‰ trong mį»™t tuįŗ§n! Cįŗ£m Ę”n tįŗ„t cįŗ£ mį»i ngĘ°į»i! PicoClaw đang phĆ”t triį»ƒn nhanh hĘ”n chĆŗng tĆ“i tĘ°į»Ÿng tĘ°į»£ng. Do sį»‘ lĘ°į»£ng PR tăng cao, chĆŗng tĆ“i cįŗ„p thiįŗæt cįŗ§n maintainer tį»« cį»™ng đį»“ng. CĆ”c vai trĆ² tƬnh nguyį»‡n viĆŖn vĆ  roadmap Ä‘Ć£ đʰį»£c cĆ“ng bį»‘ [tįŗ”i Ä‘Ć¢y](docs/ROADMAP.md) ā€” rįŗ„t mong Ä‘Ć³n nhįŗ­n sį»± tham gia cį»§a bįŗ”n! 2026-02-13 šŸŽ‰ PicoClaw đįŗ”t 5000 stars trong 4 ngĆ y! Cįŗ£m Ę”n cį»™ng đį»“ng! ChĆŗng tĆ“i đang hoĆ n thiį»‡n **Lį»™ trƬnh dį»± Ć”n (Roadmap)** vĆ  thiįŗæt lįŗ­p **NhĆ³m phĆ”t triį»ƒn** đį»ƒ đįŗ©y nhanh tį»‘c đį»™ phĆ”t triį»ƒn PicoClaw. šŸš€ **KĆŖu gį»i hĆ nh đį»™ng:** Vui lĆ²ng gį»­i yĆŖu cįŗ§u tĆ­nh năng tįŗ”i GitHub Discussions. ChĆŗng tĆ“i sįŗ½ xem xĆ©t vĆ  Ę°u tiĆŖn trong cuį»™c hį»p hĆ ng tuįŗ§n. diff --git a/README.zh.md b/README.zh.md index fd188567d..17a736fec 100644 --- a/README.zh.md +++ b/README.zh.md @@ -52,7 +52,7 @@ ## šŸ“¢ ę–°é—» (News) -2026-02-16 šŸŽ‰ PicoClaw åœØäø€å‘Ø内ēŖē “äŗ†12K star! ę„Ÿč°¢å¤§å®¶ēš„å…³ę³Øļ¼PicoClaw ēš„ęˆé•æ速åŗ¦č¶…ä¹Žęˆ‘ä»¬é¢„ęœŸ. ē”±äŗŽPRꕰ量ēš„åæ«é€Ÿč†Ø胀ļ¼Œęˆ‘们äŗŸéœ€ē¤¾åŒŗå¼€å‘č€…å‚äøŽē»“ꊤ. ęˆ‘ä»¬éœ€č¦ēš„åæ—ę„æč€…č§’č‰²å’Œroadmapå·²ē»å‘åøƒåˆ°äŗ†[čæ™é‡Œ](docs/picoclaw_community_roadmap_260216.md), ęœŸå¾…ä½ ēš„参äøŽļ¼ +2026-02-16 šŸŽ‰ PicoClaw åœØäø€å‘Ø内ēŖē “äŗ†12K star! ę„Ÿč°¢å¤§å®¶ēš„å…³ę³Øļ¼PicoClaw ēš„ęˆé•æ速åŗ¦č¶…ä¹Žęˆ‘ä»¬é¢„ęœŸ. ē”±äŗŽPRꕰ量ēš„åæ«é€Ÿč†Ø胀ļ¼Œęˆ‘们äŗŸéœ€ē¤¾åŒŗå¼€å‘č€…å‚äøŽē»“ꊤ. ęˆ‘ä»¬éœ€č¦ēš„åæ—ę„æč€…č§’č‰²å’Œroadmapå·²ē»å‘åøƒåˆ°äŗ†[čæ™é‡Œ](docs/ROADMAP.md), ęœŸå¾…ä½ ēš„参äøŽļ¼ 2026-02-13 šŸŽ‰ **PicoClaw åœØ 4 天内ēŖē “ 5000 Starsļ¼** ę„Ÿč°¢ē¤¾åŒŗēš„ę”Æꌁļ¼ē”±äŗŽę­£å€¼äø­å›½ę˜„čŠ‚å‡ęœŸļ¼ŒPR 和 Issue ę¶Œå…„č¾ƒå¤šļ¼Œęˆ‘ä»¬ę­£åœØ利ē”Øčæ™ę®µę—¶é—“ę•²å®š **锹ē›®č·Æēŗæ图 (Roadmap)** 并ē»„å»ŗ **å¼€å‘č€…ē¾¤ē»„**ļ¼Œä»„ä¾æ加速 PicoClaw ēš„å¼€å‘ć€‚ šŸš€ **č”ŒåŠØ号召ļ¼š** čÆ·åœØ GitHub Discussions äø­ęäŗ¤ę‚Øēš„åŠŸčƒ½čÆ·ę±‚ (Feature Requests)ć€‚ęˆ‘ä»¬å°†åœØꎄäø‹ę„ēš„å‘Ø会äøŠčæ›č”Œå®”ęŸ„å’Œä¼˜å…ˆēŗ§ęŽ’åŗć€‚ diff --git a/docs/picoclaw_community_roadmap_260216.md b/docs/picoclaw_community_roadmap_260216.md deleted file mode 100644 index 95de768c6..000000000 --- a/docs/picoclaw_community_roadmap_260216.md +++ /dev/null @@ -1,112 +0,0 @@ -## šŸš€ Join the PicoClaw Journey: Call for Community Volunteers & Roadmap Reveal - -**Hello, PicoClaw Community!** - -First, a massive thank you to everyone for your enthusiasm and PR contributions. It is because of you that PicoClaw continues to iterate and evolve so rapidly. Thanks to the simplicity and accessibility of the **Go language**, weā€™ve seen a non-stop stream of high-quality PRs! - -PicoClaw is growing much faster than we anticipated. As we are currently in the midst of the **Chinese New Year holiday**, we are looking to recruit community volunteers to help us maintain this incredible momentum. - -This document outlines the specific volunteer roles we need right now and provides a look at our upcoming **Roadmap**. - -### šŸŽ Community Perks - -To show our appreciation, developers who officially join our community operations will receive: - -* **Exclusive AI Hardware:** Our upcoming, unreleased AI device. -* **Token Discounts:** Potential discounts on LLM tokens (currently in negotiations with major providers). - -### šŸŽ„ Calling All Content Creators! - -Not a developer? You can still help! We welcome users to post **PicoClaw reviews or tutorials**. - -* **Twitter:** Use the tag **#picoclaw** and mention **@SipeedIO**. -* **Bilibili:** Mention **@SipeedēŸ½é€Ÿē§‘ꊀ** or send us a DM. -We will be rewarding high-quality content creators with the same perks as our community developers! - ---- - -## šŸ› ļø Urgent Volunteer Roles - -We are looking for experts in the following areas: - -1. **Issue/PR Reviewers** -* **The Mission:** With PRs and Issues exploding in volume, we need help with initial triage, evaluation, and merging. -* **Focus:** Preliminary merging and community health. Efficiency optimization and security audits will be handled by specialized roles. - - -2. **Resource Optimization Experts** -* **The Mission:** Rapid growth has introduced dependencies that are making PicoClaw a bit "heavy." We want to keep it lean. -* **Focus:** Analyzing resource growth between releases and trimming redundancy. -* **Priority:** **RAM usage optimization** > Binary size reduction. - - -3. **Security Audit & Bug Fixes** -* **The Mission:** Due to the "vibe coding" nature of our early stages, we need a thorough review of network security and AI permission management. -* **Focus:** Auditing the codebase for vulnerabilities and implementing robust fixes. - - -4. **Documentation & DX (Developer Experience)** -* **The Mission:** Our current README is a bit outdated. We need "step-by-step" guides that even beginners can follow. -* **Focus:** Creating clear, user-friendly documentation for both setup and development. - - -5. **AI-Powered CI/CD Optimization** -* **The Mission:** PicoClaw started as a "vibe coding" experiment; now we want to use AI to manage it. -* **Focus:** Automating builds with AI and exploring AI-driven issue resolution. - -**How to Apply:** > If you are interested in any of the roles above, please send an email to support@sipeed.com with the subject line: [Apply: PicoClaw Expert Volunteer] + Your Desired Role. -Please include a brief introduction and any relevant experience or portfolio links. We will review all applications and grant project permissions to selected contributors! - ---- - -## šŸ“ The Roadmap - -Interested in a specific feature? You can "claim" these tasks and start building: - -### -* **Provider:** - * **Provider Refactor:** Currently being handled by **@Daming** (ETA: 5 days) - * You can still submit code; Daming will merge it into the new implementation. -* **Channels:** - * Support for OneBot, additional platforms - * attachments (images, audio, video, files). -* **Skills:** - * Implementing `find_skill` to discover tools via [ClawhHub](https://clawhub.ai) and other platforms. -* **Operations:** * MCP Support. - * Android operations (e.g., botdrop). - * Browser automation via CDP or ActionBook. - - -* **Multi-Agent Ecosystem:** - * **Basic Model-Agent** - * **Model Routing:** Small models for easy tasks, large models for hard ones (to save tokens). - * **Swarm Mode.** - * **AIEOS Integration.** - - -* **Branding:** - * **Logo**: We need a cute logo! Weā€™re leaning toward a **Mantis Shrimp**ā€”small, but packs a legendary punch! - - -We have officially created these tasks as GitHub Issues, all marked with the roadmap tag. -This list will be updated continuously as we progress. -If you would like to claim a task, please feel free to start a conversation by commenting directly on the corresponding issue! - ---- - -## šŸ¤ How to Join - -**Everything is open to your creativity!** If you have a wild idea, just PR it. - -1. **The Fast Track:** Once you have at least **one merged PR**, you are eligible to join our **Developer Discord** to help plan the future of PicoClaw. -2. **The Application Track:** If you havenā€™t submitted a PR yet but want to dive in, email **support@sipeed.com** with the subject: -> `[Apply Join PicoClaw Dev Group] + Your GitHub Account` -> Include the role you're interested in and any evidence of your development experience. - - - -### Looking Ahead - -Powered by PicoClaw, we are crafting a Swarm AI Assistant to transform your environment into a seamless network of personal stewards. By automating the friction of daily life, we empower you to transcend the ordinary and freely explore your creative potential. - -**Finally, Happy Chinese New Year to everyone!** May PicoClaw gallop forward in this **Year of the Horse!** šŸŽ From 4cc8b90da94d9695d3edad52281cefdc58db8e58 Mon Sep 17 00:00:00 2001 From: Vidish <57653368+ulolol@users.noreply.github.com> Date: Mon, 23 Feb 2026 09:42:34 +0530 Subject: [PATCH 39/88] Fix: missing Tavily config in loop.go, and the invalid config param in web_search (#660) --- pkg/agent/loop.go | 4 ++++ pkg/tools/web.go | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index b36f4a0c4..bf229ad74 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -97,6 +97,10 @@ func registerSharedTools( BraveAPIKey: cfg.Tools.Web.Brave.APIKey, BraveMaxResults: cfg.Tools.Web.Brave.MaxResults, BraveEnabled: cfg.Tools.Web.Brave.Enabled, + TavilyAPIKey: cfg.Tools.Web.Tavily.APIKey, + TavilyBaseURL: cfg.Tools.Web.Tavily.BaseURL, + TavilyMaxResults: cfg.Tools.Web.Tavily.MaxResults, + TavilyEnabled: cfg.Tools.Web.Tavily.Enabled, DuckDuckGoMaxResults: cfg.Tools.Web.DuckDuckGo.MaxResults, DuckDuckGoEnabled: cfg.Tools.Web.DuckDuckGo.Enabled, PerplexityAPIKey: cfg.Tools.Web.Perplexity.APIKey, diff --git a/pkg/tools/web.go b/pkg/tools/web.go index 059437889..452e95e0f 100644 --- a/pkg/tools/web.go +++ b/pkg/tools/web.go @@ -102,7 +102,7 @@ func (p *TavilySearchProvider) Search(ctx context.Context, query string, count i "search_depth": "advanced", "include_answer": false, "include_images": false, - "include_raw_content": "false", + "include_raw_content": false, "max_results": count, } From 712f5a8300f0ce9d9d22352a1bc92bed3a0c8b88 Mon Sep 17 00:00:00 2001 From: yinwm Date: Mon, 23 Feb 2026 16:55:06 +0800 Subject: [PATCH 40/88] refactor(config): rename model field to model_name The configuration field for specifying the model has been renamed from "model" to "model_name" for better clarity and consistency with the model_list configuration. A GetModelName() accessor method has been added to maintain backward compatibility. Existing configurations using the old "model" field will continue to work correctly. This change affects: - Configuration structure (AgentDefaults struct) - All references across the codebase - Documentation in all language variants - Example configuration files --- README.fr.md | 2 +- README.ja.md | 2 +- README.md | 2 +- README.pt-br.md | 2 +- README.vi.md | 2 +- README.zh.md | 2 +- cmd/picoclaw/cmd_agent.go | 4 +- cmd/picoclaw/cmd_auth.go | 10 +-- cmd/picoclaw/cmd_gateway.go | 2 +- cmd/picoclaw/cmd_status.go | 2 +- config/config.example.json | 2 +- pkg/agent/instance.go | 2 +- pkg/channels/telegram_commands.go | 4 +- pkg/config/config.go | 12 ++- pkg/config/migration.go | 2 +- pkg/config/model_config_test.go | 132 ++++++++++++++++++++++++++++++ pkg/migrate/config.go | 5 +- pkg/providers/factory.go | 2 +- pkg/providers/legacy_provider.go | 2 +- 19 files changed, 169 insertions(+), 24 deletions(-) diff --git a/README.fr.md b/README.fr.md index 7199f7098..04f40e022 100644 --- a/README.fr.md +++ b/README.fr.md @@ -222,7 +222,7 @@ picoclaw onboard ], "agents": { "defaults": { - "model": "gpt4" + "model_name": "gpt4" } }, "channels": { diff --git a/README.ja.md b/README.ja.md index bb0bdfb28..b379bc2a7 100644 --- a/README.ja.md +++ b/README.ja.md @@ -184,7 +184,7 @@ picoclaw onboard ], "agents": { "defaults": { - "model": "gpt4" + "model_name": "gpt4" } }, "channels": { diff --git a/README.md b/README.md index 7bc7b1089..058e16a2b 100644 --- a/README.md +++ b/README.md @@ -209,7 +209,7 @@ picoclaw onboard "agents": { "defaults": { "workspace": "~/.picoclaw/workspace", - "model": "gpt4", + "model_name": "gpt4", "max_tokens": 8192, "temperature": 0.7, "max_tool_iterations": 20 diff --git a/README.pt-br.md b/README.pt-br.md index ec8fe8e1c..cfa5b801b 100644 --- a/README.pt-br.md +++ b/README.pt-br.md @@ -223,7 +223,7 @@ picoclaw onboard ], "agents": { "defaults": { - "model": "gpt4" + "model_name": "gpt4" } }, "tools": { diff --git a/README.vi.md b/README.vi.md index 161842933..1d0084aa3 100644 --- a/README.vi.md +++ b/README.vi.md @@ -203,7 +203,7 @@ picoclaw onboard ], "agents": { "defaults": { - "model": "gpt4" + "model_name": "gpt4" } }, "channels": { diff --git a/README.zh.md b/README.zh.md index 4d739c5eb..dca149fa9 100644 --- a/README.zh.md +++ b/README.zh.md @@ -221,7 +221,7 @@ picoclaw onboard "agents": { "defaults": { "workspace": "~/.picoclaw/workspace", - "model": "gpt4", + "model_name": "gpt4", "max_tokens": 8192, "temperature": 0.7, "max_tool_iterations": 20 diff --git a/cmd/picoclaw/cmd_agent.go b/cmd/picoclaw/cmd_agent.go index 6d6ff935f..6331fdd4a 100644 --- a/cmd/picoclaw/cmd_agent.go +++ b/cmd/picoclaw/cmd_agent.go @@ -56,7 +56,7 @@ func agentCmd() { } if modelOverride != "" { - cfg.Agents.Defaults.Model = modelOverride + cfg.Agents.Defaults.ModelName = modelOverride } provider, modelID, err := providers.CreateProvider(cfg) @@ -66,7 +66,7 @@ func agentCmd() { } // Use the resolved model ID from provider creation if modelID != "" { - cfg.Agents.Defaults.Model = modelID + cfg.Agents.Defaults.ModelName = modelID } msgBus := bus.NewMessageBus() diff --git a/cmd/picoclaw/cmd_auth.go b/cmd/picoclaw/cmd_auth.go index 729c56177..55eb3cec3 100644 --- a/cmd/picoclaw/cmd_auth.go +++ b/cmd/picoclaw/cmd_auth.go @@ -144,7 +144,7 @@ func authLoginOpenAI(useDeviceCode bool) { } // Update default model to use OpenAI - appCfg.Agents.Defaults.Model = "gpt-5.2" + appCfg.Agents.Defaults.ModelName = "gpt-5.2" if err := config.SaveConfig(getConfigPath(), appCfg); err != nil { fmt.Printf("Warning: could not update config: %v\n", err) @@ -218,7 +218,7 @@ func authLoginGoogleAntigravity() { } // Update default model - appCfg.Agents.Defaults.Model = "gemini-flash" + appCfg.Agents.Defaults.ModelName = "gemini-flash" if err := config.SaveConfig(getConfigPath(), appCfg); err != nil { fmt.Printf("Warning: could not update config: %v\n", err) @@ -292,7 +292,7 @@ func authLoginPasteToken(provider string) { }) } // Update default model - appCfg.Agents.Defaults.Model = "claude-sonnet-4.6" + appCfg.Agents.Defaults.ModelName = "claude-sonnet-4.6" case "openai": appCfg.Providers.OpenAI.AuthMethod = "token" // Update ModelList @@ -312,7 +312,7 @@ func authLoginPasteToken(provider string) { }) } // Update default model - appCfg.Agents.Defaults.Model = "gpt-5.2" + appCfg.Agents.Defaults.ModelName = "gpt-5.2" } if err := config.SaveConfig(getConfigPath(), appCfg); err != nil { fmt.Printf("Warning: could not update config: %v\n", err) @@ -320,7 +320,7 @@ func authLoginPasteToken(provider string) { } fmt.Printf("Token saved for %s!\n", provider) - fmt.Printf("Default model set to: %s\n", appCfg.Agents.Defaults.Model) + fmt.Printf("Default model set to: %s\n", appCfg.Agents.Defaults.GetModelName()) } func authLogoutCmd() { diff --git a/cmd/picoclaw/cmd_gateway.go b/cmd/picoclaw/cmd_gateway.go index 9a3b6aa19..bd1cdd7a8 100644 --- a/cmd/picoclaw/cmd_gateway.go +++ b/cmd/picoclaw/cmd_gateway.go @@ -51,7 +51,7 @@ func gatewayCmd() { } // Use the resolved model ID from provider creation if modelID != "" { - cfg.Agents.Defaults.Model = modelID + cfg.Agents.Defaults.ModelName = modelID } msgBus := bus.NewMessageBus() diff --git a/cmd/picoclaw/cmd_status.go b/cmd/picoclaw/cmd_status.go index 07296784e..6a117bd17 100644 --- a/cmd/picoclaw/cmd_status.go +++ b/cmd/picoclaw/cmd_status.go @@ -41,7 +41,7 @@ func statusCmd() { } if _, err := os.Stat(configPath); err == nil { - fmt.Printf("Model: %s\n", cfg.Agents.Defaults.Model) + fmt.Printf("Model: %s\n", cfg.Agents.Defaults.GetModelName()) hasOpenRouter := cfg.Providers.OpenRouter.APIKey != "" hasAnthropic := cfg.Providers.Anthropic.APIKey != "" diff --git a/config/config.example.json b/config/config.example.json index 77a8c0683..1795fed9f 100644 --- a/config/config.example.json +++ b/config/config.example.json @@ -3,7 +3,7 @@ "defaults": { "workspace": "~/.picoclaw/workspace", "restrict_to_workspace": true, - "model": "gpt4", + "model_name": "gpt4", "max_tokens": 8192, "temperature": 0.7, "max_tool_iterations": 20 diff --git a/pkg/agent/instance.go b/pkg/agent/instance.go index dfbef9fbc..c6a54c7d2 100644 --- a/pkg/agent/instance.go +++ b/pkg/agent/instance.go @@ -133,7 +133,7 @@ func resolveAgentModel(agentCfg *config.AgentConfig, defaults *config.AgentDefau if agentCfg != nil && agentCfg.Model != nil && strings.TrimSpace(agentCfg.Model.Primary) != "" { return strings.TrimSpace(agentCfg.Model.Primary) } - return defaults.Model + return defaults.GetModelName() } // resolveAgentFallbacks resolves the fallback models for an agent. diff --git a/pkg/channels/telegram_commands.go b/pkg/channels/telegram_commands.go index a084b641b..f28434f46 100644 --- a/pkg/channels/telegram_commands.go +++ b/pkg/channels/telegram_commands.go @@ -81,7 +81,7 @@ func (c *cmd) Show(ctx context.Context, message telego.Message) error { switch args { case "model": response = fmt.Sprintf("Current Model: %s (Provider: %s)", - c.config.Agents.Defaults.Model, + c.config.Agents.Defaults.GetModelName(), c.config.Agents.Defaults.Provider) case "channel": response = "Current Channel: telegram" @@ -120,7 +120,7 @@ func (c *cmd) List(ctx context.Context, message telego.Message) error { provider = "configured default" } response = fmt.Sprintf("Configured Model: %s\nProvider: %s\n\nTo change models, update config.yaml", - c.config.Agents.Defaults.Model, provider) + c.config.Agents.Defaults.GetModelName(), provider) case "channels": var enabled []string diff --git a/pkg/config/config.go b/pkg/config/config.go index 20556011a..c103963c8 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -170,7 +170,8 @@ type AgentDefaults struct { Workspace string `json:"workspace" env:"PICOCLAW_AGENTS_DEFAULTS_WORKSPACE"` RestrictToWorkspace bool `json:"restrict_to_workspace" env:"PICOCLAW_AGENTS_DEFAULTS_RESTRICT_TO_WORKSPACE"` Provider string `json:"provider" env:"PICOCLAW_AGENTS_DEFAULTS_PROVIDER"` - Model string `json:"model" env:"PICOCLAW_AGENTS_DEFAULTS_MODEL"` + ModelName string `json:"model_name,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_MODEL_NAME"` + Model string `json:"model,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_MODEL"` // Deprecated: use model_name instead ModelFallbacks []string `json:"model_fallbacks,omitempty"` ImageModel string `json:"image_model,omitempty" env:"PICOCLAW_AGENTS_DEFAULTS_IMAGE_MODEL"` ImageModelFallbacks []string `json:"image_model_fallbacks,omitempty"` @@ -179,6 +180,15 @@ type AgentDefaults struct { MaxToolIterations int `json:"max_tool_iterations" env:"PICOCLAW_AGENTS_DEFAULTS_MAX_TOOL_ITERATIONS"` } +// GetModelName returns the effective model name for the agent defaults. +// It prefers the new "model_name" field but falls back to "model" for backward compatibility. +func (d *AgentDefaults) GetModelName() string { + if d.ModelName != "" { + return d.ModelName + } + return d.Model +} + type ChannelsConfig struct { WhatsApp WhatsAppConfig `json:"whatsapp"` Telegram TelegramConfig `json:"telegram"` diff --git a/pkg/config/migration.go b/pkg/config/migration.go index 689e2312f..e51d4efb2 100644 --- a/pkg/config/migration.go +++ b/pkg/config/migration.go @@ -41,7 +41,7 @@ func ConvertProvidersToModelList(cfg *Config) []ModelConfig { // Get user's configured provider and model userProvider := strings.ToLower(cfg.Agents.Defaults.Provider) - userModel := cfg.Agents.Defaults.Model + userModel := cfg.Agents.Defaults.GetModelName() p := cfg.Providers diff --git a/pkg/config/model_config_test.go b/pkg/config/model_config_test.go index 3c411dc0f..c89029e8c 100644 --- a/pkg/config/model_config_test.go +++ b/pkg/config/model_config_test.go @@ -6,6 +6,7 @@ package config import ( + "encoding/json" "strings" "sync" "testing" @@ -114,6 +115,137 @@ func TestGetModelConfig_Concurrent(t *testing.T) { } } +func TestAgentDefaults_GetModelName_BackwardCompat(t *testing.T) { + tests := []struct { + name string + defaults AgentDefaults + wantName string + }{ + { + name: "new model_name field only", + defaults: AgentDefaults{ModelName: "new-model"}, + wantName: "new-model", + }, + { + name: "old model field only", + defaults: AgentDefaults{Model: "legacy-model"}, + wantName: "legacy-model", + }, + { + name: "both fields - model_name takes precedence", + defaults: AgentDefaults{ModelName: "new-model", Model: "old-model"}, + wantName: "new-model", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if got := tt.defaults.GetModelName(); got != tt.wantName { + t.Errorf("GetModelName() = %q, want %q", got, tt.wantName) + } + }) + } +} + +func TestAgentDefaults_JSON_BackwardCompat(t *testing.T) { + tests := []struct { + name string + json string + wantName string + }{ + { + name: "new model_name field", + json: `{"model_name": "gpt4"}`, + wantName: "gpt4", + }, + { + name: "old model field", + json: `{"model": "gpt4"}`, + wantName: "gpt4", + }, + { + name: "both fields - model_name wins", + json: `{"model_name": "new", "model": "old"}`, + wantName: "new", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + var defaults AgentDefaults + if err := json.Unmarshal([]byte(tt.json), &defaults); err != nil { + t.Fatalf("Unmarshal error: %v", err) + } + if got := defaults.GetModelName(); got != tt.wantName { + t.Errorf("GetModelName() = %q, want %q", got, tt.wantName) + } + }) + } +} + +func TestFullConfig_JSON_BackwardCompat(t *testing.T) { + // Test complete config with both old and new formats + oldFormat := `{ + "agents": { + "defaults": { + "workspace": "~/.picoclaw/workspace", + "model": "gpt4", + "max_tokens": 4096 + } + }, + "model_list": [ + { + "model_name": "gpt4", + "model": "openai/gpt-4o", + "api_key": "test-key" + } + ] + }` + + newFormat := `{ + "agents": { + "defaults": { + "workspace": "~/.picoclaw/workspace", + "model_name": "gpt4", + "max_tokens": 4096 + } + }, + "model_list": [ + { + "model_name": "gpt4", + "model": "openai/gpt-4o", + "api_key": "test-key" + } + ] + }` + + for name, jsonStr := range map[string]string{ + "old format (model)": oldFormat, + "new format (model_name)": newFormat, + } { + t.Run(name, func(t *testing.T) { + cfg := &Config{} + if err := json.Unmarshal([]byte(jsonStr), cfg); err != nil { + t.Fatalf("Unmarshal error: %v", err) + } + + // Check that GetModelName returns correct value + if got := cfg.Agents.Defaults.GetModelName(); got != "gpt4" { + t.Errorf("GetModelName() = %q, want %q", got, "gpt4") + } + + // Check that GetModelConfig works + modelCfg, err := cfg.GetModelConfig("gpt4") + if err != nil { + t.Fatalf("GetModelConfig error: %v", err) + } + if modelCfg.Model != "openai/gpt-4o" { + t.Errorf("Model = %q, want %q", modelCfg.Model, "openai/gpt-4o") + } + }) + } +} + func TestModelConfig_Validate(t *testing.T) { tests := []struct { name string diff --git a/pkg/migrate/config.go b/pkg/migrate/config.go index 2237a1429..d9552db9f 100644 --- a/pkg/migrate/config.go +++ b/pkg/migrate/config.go @@ -72,7 +72,10 @@ func ConvertConfig(data map[string]any) (*config.Config, []string, error) { if agents, ok := getMap(data, "agents"); ok { if defaults, ok := getMap(agents, "defaults"); ok { - if v, ok := getString(defaults, "model"); ok { + // Prefer model_name, fallback to model for backward compatibility + if v, ok := getString(defaults, "model_name"); ok { + cfg.Agents.Defaults.ModelName = v + } else if v, ok := getString(defaults, "model"); ok { cfg.Agents.Defaults.Model = v } if v, ok := getFloat(defaults, "max_tokens"); ok { diff --git a/pkg/providers/factory.go b/pkg/providers/factory.go index b6f1b5e21..b9abfdc61 100644 --- a/pkg/providers/factory.go +++ b/pkg/providers/factory.go @@ -36,7 +36,7 @@ type providerSelection struct { } func resolveProviderSelection(cfg *config.Config) (providerSelection, error) { - model := cfg.Agents.Defaults.Model + model := cfg.Agents.Defaults.GetModelName() providerName := strings.ToLower(cfg.Agents.Defaults.Provider) lowerModel := strings.ToLower(model) diff --git a/pkg/providers/legacy_provider.go b/pkg/providers/legacy_provider.go index eb13cec65..23f137538 100644 --- a/pkg/providers/legacy_provider.go +++ b/pkg/providers/legacy_provider.go @@ -16,7 +16,7 @@ import ( // The old providers config is automatically converted to model_list during config loading. // Returns the provider, the model ID to use, and any error. func CreateProvider(cfg *config.Config) (LLMProvider, string, error) { - model := cfg.Agents.Defaults.Model + model := cfg.Agents.Defaults.GetModelName() // Ensure model_list is populated (should be done by LoadConfig, but handle edge cases) if len(cfg.ModelList) == 0 && cfg.HasProvidersConfig() { From 19c698356c2aef8f618a110acef671def19f5261 Mon Sep 17 00:00:00 2001 From: 0x5487 Date: Mon, 23 Feb 2026 17:09:53 +0800 Subject: [PATCH 41/88] fix(security): workspace sandbox avoid time-of-check/time-of-use (TOCTOU) races (#464) * chore: Update default host bindings from 0.0.0.0 to 127.0.0.1 for various services and examples. * config: Update default host bindings to 0.0.0.0 for improved Docker accessibility and add related documentation. * refactor: reimplement filesystem tools with `os.OpenRoot` for enhanced security and simplified path validation. * chore: revert other PR content from this branch * docs: Update Chinese README. * docs: Update Chinese README. * docs: Update Chinese README. * refactor: Reorder filesystem helper functions, extract directory entry formatting logic, and enhance `WriteFileTool`'s result message. * feat: Enhance `mkdirAllInRoot` to prevent creating directories over existing files and add tests for directory creation functionality. * Refactor filesystem tools to use a `fileReadWriter` interface for both host and sandboxed I/O, improving atomic writes and error handling. * refactor: unify filesystem read/write operations with atomic write guarantees and clearer naming. * refactor: rename `appendFileWithRW` function to `appendFile` * refactor: unify filesystem access by introducing a `fileSystem` interface and updating tools to use it directly, removing `os.Root` dependency from `sandboxFs`. * chore: run make fmt * fix: `validatePath` now returns an error when the workspace is empty. --- pkg/tools/edit.go | 118 ++++++++++-------- pkg/tools/edit_test.go | 160 +++++++++++++++++++++++- pkg/tools/filesystem.go | 234 +++++++++++++++++++++++++++++------ pkg/tools/filesystem_test.go | 227 +++++++++++++++++++++++++++++++-- 4 files changed, 630 insertions(+), 109 deletions(-) diff --git a/pkg/tools/edit.go b/pkg/tools/edit.go index c28ca6ca2..d3ab267bf 100644 --- a/pkg/tools/edit.go +++ b/pkg/tools/edit.go @@ -2,24 +2,27 @@ package tools import ( "context" + "errors" "fmt" - "os" + "io/fs" "strings" ) // EditFileTool edits a file by replacing old_text with new_text. // The old_text must exist exactly in the file. type EditFileTool struct { - allowedDir string - restrict bool + fs fileSystem } // NewEditFileTool creates a new EditFileTool with optional directory restriction. -func NewEditFileTool(allowedDir string, restrict bool) *EditFileTool { - return &EditFileTool{ - allowedDir: allowedDir, - restrict: restrict, +func NewEditFileTool(workspace string, restrict bool) *EditFileTool { + var fs fileSystem + if restrict { + fs = &sandboxFs{workspace: workspace} + } else { + fs = &hostFs{} } + return &EditFileTool{fs: fs} } func (t *EditFileTool) Name() string { @@ -67,49 +70,24 @@ func (t *EditFileTool) Execute(ctx context.Context, args map[string]any) *ToolRe return ErrorResult("new_text is required") } - resolvedPath, err := validatePath(path, t.allowedDir, t.restrict) - if err != nil { + if err := editFile(t.fs, path, oldText, newText); err != nil { return ErrorResult(err.Error()) } - - if _, err = os.Stat(resolvedPath); os.IsNotExist(err) { - return ErrorResult(fmt.Sprintf("file not found: %s", path)) - } - - content, err := os.ReadFile(resolvedPath) - if err != nil { - return ErrorResult(fmt.Sprintf("failed to read file: %v", err)) - } - - contentStr := string(content) - - if !strings.Contains(contentStr, oldText) { - return ErrorResult("old_text not found in file. Make sure it matches exactly") - } - - count := strings.Count(contentStr, oldText) - if count > 1 { - return ErrorResult( - fmt.Sprintf("old_text appears %d times. Please provide more context to make it unique", count), - ) - } - - newContent := strings.Replace(contentStr, oldText, newText, 1) - - if err := os.WriteFile(resolvedPath, []byte(newContent), 0o644); err != nil { - return ErrorResult(fmt.Sprintf("failed to write file: %v", err)) - } - return SilentResult(fmt.Sprintf("File edited: %s", path)) } type AppendFileTool struct { - workspace string - restrict bool + fs fileSystem } func NewAppendFileTool(workspace string, restrict bool) *AppendFileTool { - return &AppendFileTool{workspace: workspace, restrict: restrict} + var fs fileSystem + if restrict { + fs = &sandboxFs{workspace: workspace} + } else { + fs = &hostFs{} + } + return &AppendFileTool{fs: fs} } func (t *AppendFileTool) Name() string { @@ -148,20 +126,52 @@ func (t *AppendFileTool) Execute(ctx context.Context, args map[string]any) *Tool return ErrorResult("content is required") } - resolvedPath, err := validatePath(path, t.workspace, t.restrict) - if err != nil { + if err := appendFile(t.fs, path, content); err != nil { return ErrorResult(err.Error()) } - - f, err := os.OpenFile(resolvedPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644) - if err != nil { - return ErrorResult(fmt.Sprintf("failed to open file: %v", err)) - } - defer f.Close() - - if _, err := f.WriteString(content); err != nil { - return ErrorResult(fmt.Sprintf("failed to append to file: %v", err)) - } - return SilentResult(fmt.Sprintf("Appended to %s", path)) } + +// editFile reads the file via sysFs, performs the replacement, and writes back. +// It uses a fileSystem interface, allowing the same logic for both restricted and unrestricted modes. +func editFile(sysFs fileSystem, path, oldText, newText string) error { + content, err := sysFs.ReadFile(path) + if err != nil { + return err + } + + newContent, err := replaceEditContent(content, oldText, newText) + if err != nil { + return err + } + + return sysFs.WriteFile(path, newContent) +} + +// appendFile reads the existing content (if any) via sysFs, appends new content, and writes back. +func appendFile(sysFs fileSystem, path, appendContent string) error { + content, err := sysFs.ReadFile(path) + if err != nil && !errors.Is(err, fs.ErrNotExist) { + return err + } + + newContent := append(content, []byte(appendContent)...) + return sysFs.WriteFile(path, newContent) +} + +// replaceEditContent handles the core logic of finding and replacing a single occurrence of oldText. +func replaceEditContent(content []byte, oldText, newText string) ([]byte, error) { + contentStr := string(content) + + if !strings.Contains(contentStr, oldText) { + return nil, fmt.Errorf("old_text not found in file. Make sure it matches exactly") + } + + count := strings.Count(contentStr, oldText) + if count > 1 { + return nil, fmt.Errorf("old_text appears %d times. Please provide more context to make it unique", count) + } + + newContent := strings.Replace(contentStr, oldText, newText, 1) + return []byte(newContent), nil +} diff --git a/pkg/tools/edit_test.go b/pkg/tools/edit_test.go index 6780dd9f6..83a7e778c 100644 --- a/pkg/tools/edit_test.go +++ b/pkg/tools/edit_test.go @@ -6,6 +6,8 @@ import ( "path/filepath" "strings" "testing" + + "github.com/stretchr/testify/assert" ) // TestEditTool_EditFile_Success verifies successful file editing @@ -151,14 +153,18 @@ func TestEditTool_EditFile_OutsideAllowedDir(t *testing.T) { result := tool.Execute(ctx, args) // Should return error result - if !result.IsError { - t.Errorf("Expected error when path is outside allowed directory") - } + assert.True(t, result.IsError, "Expected error when path is outside allowed directory") // Should mention outside allowed directory - if !strings.Contains(result.ForLLM, "outside") && !strings.Contains(result.ForUser, "outside") { - t.Errorf("Expected 'outside allowed' message, got ForLLM: %s", result.ForLLM) - } + // Note: ErrorResult only sets ForLLM by default, so ForUser might be empty. + // We check ForLLM as it's the primary error channel. + assert.True( + t, + strings.Contains(result.ForLLM, "outside") || strings.Contains(result.ForLLM, "access denied") || + strings.Contains(result.ForLLM, "escapes"), + "Expected 'outside allowed' or 'access denied' message, got ForLLM: %s", + result.ForLLM, + ) } // TestEditTool_EditFile_MissingPath verifies error handling for missing path @@ -287,3 +293,145 @@ func TestEditTool_AppendFile_MissingContent(t *testing.T) { t.Errorf("Expected error when content is missing") } } + +// TestReplaceEditContent verifies the helper function replaceEditContent +func TestReplaceEditContent(t *testing.T) { + tests := []struct { + name string + content []byte + oldText string + newText string + expected []byte + expectError bool + }{ + { + name: "successful replacement", + content: []byte("hello world"), + oldText: "world", + newText: "universe", + expected: []byte("hello universe"), + expectError: false, + }, + { + name: "old text not found", + content: []byte("hello world"), + oldText: "golang", + newText: "rust", + expected: nil, + expectError: true, + }, + { + name: "multiple matches found", + content: []byte("test text test"), + oldText: "test", + newText: "done", + expected: nil, + expectError: true, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + result, err := replaceEditContent(tt.content, tt.oldText, tt.newText) + if tt.expectError { + assert.Error(t, err) + } else { + assert.NoError(t, err) + assert.Equal(t, tt.expected, result) + } + }) + } +} + +// TestAppendFileTool_AppendToNonExistent_Restricted verifies that AppendFileTool in restricted mode +// can append to a file that does not yet exist ā€” it should silently create the file. +// This exercises the errors.Is(err, fs.ErrNotExist) path in appendFileWithRW + rootRW. +func TestAppendFileTool_AppendToNonExistent_Restricted(t *testing.T) { + workspace := t.TempDir() + tool := NewAppendFileTool(workspace, true) + ctx := context.Background() + + args := map[string]any{ + "path": "brand_new_file.txt", + "content": "first content", + } + + result := tool.Execute(ctx, args) + assert.False( + t, + result.IsError, + "Expected success when appending to non-existent file in restricted mode, got: %s", + result.ForLLM, + ) + + // Verify the file was created with correct content + data, err := os.ReadFile(filepath.Join(workspace, "brand_new_file.txt")) + assert.NoError(t, err) + assert.Equal(t, "first content", string(data)) +} + +// TestAppendFileTool_Restricted_Success verifies that AppendFileTool in restricted mode +// correctly appends to an existing file within the sandbox. +func TestAppendFileTool_Restricted_Success(t *testing.T) { + workspace := t.TempDir() + testFile := "existing.txt" + err := os.WriteFile(filepath.Join(workspace, testFile), []byte("initial"), 0o644) + assert.NoError(t, err) + + tool := NewAppendFileTool(workspace, true) + ctx := context.Background() + args := map[string]any{ + "path": testFile, + "content": " appended", + } + + result := tool.Execute(ctx, args) + assert.False(t, result.IsError, "Expected success, got: %s", result.ForLLM) + assert.True(t, result.Silent) + + data, err := os.ReadFile(filepath.Join(workspace, testFile)) + assert.NoError(t, err) + assert.Equal(t, "initial appended", string(data)) +} + +// TestEditFileTool_Restricted_InPlaceEdit verifies that EditFileTool in restricted mode +// correctly edits a file using the single-open editFileInRoot path. +func TestEditFileTool_Restricted_InPlaceEdit(t *testing.T) { + workspace := t.TempDir() + testFile := "edit_target.txt" + err := os.WriteFile(filepath.Join(workspace, testFile), []byte("Hello World"), 0o644) + assert.NoError(t, err) + + tool := NewEditFileTool(workspace, true) + ctx := context.Background() + args := map[string]any{ + "path": testFile, + "old_text": "World", + "new_text": "Go", + } + + result := tool.Execute(ctx, args) + assert.False(t, result.IsError, "Expected success, got: %s", result.ForLLM) + assert.True(t, result.Silent) + + data, err := os.ReadFile(filepath.Join(workspace, testFile)) + assert.NoError(t, err) + assert.Equal(t, "Hello Go", string(data)) +} + +// TestEditFileTool_Restricted_FileNotFound verifies that editFileInRoot returns a proper +// error message when the target file does not exist. +func TestEditFileTool_Restricted_FileNotFound(t *testing.T) { + workspace := t.TempDir() + tool := NewEditFileTool(workspace, true) + ctx := context.Background() + args := map[string]any{ + "path": "no_such_file.txt", + "old_text": "old", + "new_text": "new", + } + + result := tool.Execute(ctx, args) + assert.True(t, result.IsError) + assert.Contains(t, result.ForLLM, "not found") +} diff --git a/pkg/tools/filesystem.go b/pkg/tools/filesystem.go index 1bf50906e..37db8b4ae 100644 --- a/pkg/tools/filesystem.go +++ b/pkg/tools/filesystem.go @@ -3,15 +3,17 @@ package tools import ( "context" "fmt" + "io/fs" "os" "path/filepath" "strings" + "time" ) // validatePath ensures the given path is within the workspace if restrict is true. func validatePath(path, workspace string, restrict bool) (string, error) { if workspace == "" { - return path, nil + return path, fmt.Errorf("workspace is not defined") } absWorkspace, err := filepath.Abs(workspace) @@ -76,16 +78,21 @@ func resolveExistingAncestor(path string) (string, error) { func isWithinWorkspace(candidate, workspace string) bool { rel, err := filepath.Rel(filepath.Clean(workspace), filepath.Clean(candidate)) - return err == nil && rel != ".." && !strings.HasPrefix(rel, ".."+string(os.PathSeparator)) + return err == nil && filepath.IsLocal(rel) } type ReadFileTool struct { - workspace string - restrict bool + fs fileSystem } func NewReadFileTool(workspace string, restrict bool) *ReadFileTool { - return &ReadFileTool{workspace: workspace, restrict: restrict} + var fs fileSystem + if restrict { + fs = &sandboxFs{workspace: workspace} + } else { + fs = &hostFs{} + } + return &ReadFileTool{fs: fs} } func (t *ReadFileTool) Name() string { @@ -115,26 +122,25 @@ func (t *ReadFileTool) Execute(ctx context.Context, args map[string]any) *ToolRe return ErrorResult("path is required") } - resolvedPath, err := validatePath(path, t.workspace, t.restrict) + content, err := t.fs.ReadFile(path) if err != nil { return ErrorResult(err.Error()) } - - content, err := os.ReadFile(resolvedPath) - if err != nil { - return ErrorResult(fmt.Sprintf("failed to read file: %v", err)) - } - return NewToolResult(string(content)) } type WriteFileTool struct { - workspace string - restrict bool + fs fileSystem } func NewWriteFileTool(workspace string, restrict bool) *WriteFileTool { - return &WriteFileTool{workspace: workspace, restrict: restrict} + var fs fileSystem + if restrict { + fs = &sandboxFs{workspace: workspace} + } else { + fs = &hostFs{} + } + return &WriteFileTool{fs: fs} } func (t *WriteFileTool) Name() string { @@ -173,30 +179,25 @@ func (t *WriteFileTool) Execute(ctx context.Context, args map[string]any) *ToolR return ErrorResult("content is required") } - resolvedPath, err := validatePath(path, t.workspace, t.restrict) - if err != nil { + if err := t.fs.WriteFile(path, []byte(content)); err != nil { return ErrorResult(err.Error()) } - dir := filepath.Dir(resolvedPath) - if err := os.MkdirAll(dir, 0o755); err != nil { - return ErrorResult(fmt.Sprintf("failed to create directory: %v", err)) - } - - if err := os.WriteFile(resolvedPath, []byte(content), 0o644); err != nil { - return ErrorResult(fmt.Sprintf("failed to write file: %v", err)) - } - return SilentResult(fmt.Sprintf("File written: %s", path)) } type ListDirTool struct { - workspace string - restrict bool + fs fileSystem } func NewListDirTool(workspace string, restrict bool) *ListDirTool { - return &ListDirTool{workspace: workspace, restrict: restrict} + var fs fileSystem + if restrict { + fs = &sandboxFs{workspace: workspace} + } else { + fs = &hostFs{} + } + return &ListDirTool{fs: fs} } func (t *ListDirTool) Name() string { @@ -226,24 +227,179 @@ func (t *ListDirTool) Execute(ctx context.Context, args map[string]any) *ToolRes path = "." } - resolvedPath, err := validatePath(path, t.workspace, t.restrict) - if err != nil { - return ErrorResult(err.Error()) - } - - entries, err := os.ReadDir(resolvedPath) + entries, err := t.fs.ReadDir(path) if err != nil { return ErrorResult(fmt.Sprintf("failed to read directory: %v", err)) } + return formatDirEntries(entries) +} - result := "" +func formatDirEntries(entries []os.DirEntry) *ToolResult { + var result strings.Builder for _, entry := range entries { if entry.IsDir() { - result += "DIR: " + entry.Name() + "\n" + result.WriteString("DIR: " + entry.Name() + "\n") } else { - result += "FILE: " + entry.Name() + "\n" + result.WriteString("FILE: " + entry.Name() + "\n") + } + } + return NewToolResult(result.String()) +} + +// fileSystem abstracts reading, writing, and listing files, allowing both +// unrestricted (host filesystem) and sandbox (os.Root) implementations to share the same polymorphic interface. +type fileSystem interface { + ReadFile(path string) ([]byte, error) + WriteFile(path string, data []byte) error + ReadDir(path string) ([]os.DirEntry, error) +} + +// hostFs is an unrestricted fileReadWriter that operates directly on the host filesystem. +type hostFs struct{} + +func (h *hostFs) ReadFile(path string) ([]byte, error) { + content, err := os.ReadFile(path) + if err != nil { + if os.IsNotExist(err) { + return nil, fmt.Errorf("failed to read file: file not found: %w", err) + } + if os.IsPermission(err) { + return nil, fmt.Errorf("failed to read file: access denied: %w", err) + } + return nil, fmt.Errorf("failed to read file: %w", err) + } + return content, nil +} + +func (h *hostFs) ReadDir(path string) ([]os.DirEntry, error) { + return os.ReadDir(path) +} + +func (h *hostFs) WriteFile(path string, data []byte) error { + dir := filepath.Dir(path) + if err := os.MkdirAll(dir, 0o755); err != nil { + return fmt.Errorf("failed to create parent directories: %w", err) + } + + // We use a "write-then-rename" pattern here to ensure an atomic write. + // This prevents the target file from being left in a truncated or partial state + // if the operation is interrupted, as the rename operation is atomic on Linux. + tmpPath := fmt.Sprintf("%s.%d.tmp", path, time.Now().UnixNano()) + if err := os.WriteFile(tmpPath, data, 0o644); err != nil { + os.Remove(tmpPath) // Ensure cleanup of partial/empty temp file + return fmt.Errorf("failed to write temp file: %w", err) + } + + if err := os.Rename(tmpPath, path); err != nil { + os.Remove(tmpPath) + return fmt.Errorf("failed to replace original file: %w", err) + } + return nil +} + +// sandboxFs is a sandboxed fileSystem that operates within a strictly defined workspace using os.Root. +type sandboxFs struct { + workspace string +} + +func (r *sandboxFs) execute(path string, fn func(root *os.Root, relPath string) error) error { + if r.workspace == "" { + return fmt.Errorf("workspace is not defined") + } + + root, err := os.OpenRoot(r.workspace) + if err != nil { + return fmt.Errorf("failed to open workspace: %w", err) + } + defer root.Close() + + relPath, err := getSafeRelPath(r.workspace, path) + if err != nil { + return err + } + + return fn(root, relPath) +} + +func (r *sandboxFs) ReadFile(path string) ([]byte, error) { + var content []byte + err := r.execute(path, func(root *os.Root, relPath string) error { + fileContent, err := root.ReadFile(relPath) + if err != nil { + if os.IsNotExist(err) { + return fmt.Errorf("failed to read file: file not found: %w", err) + } + // os.Root returns "escapes from parent" for paths outside the root + if os.IsPermission(err) || strings.Contains(err.Error(), "escapes from parent") || + strings.Contains(err.Error(), "permission denied") { + return fmt.Errorf("failed to read file: access denied: %w", err) + } + return fmt.Errorf("failed to read file: %w", err) + } + content = fileContent + return nil + }) + return content, err +} + +func (r *sandboxFs) WriteFile(path string, data []byte) error { + return r.execute(path, func(root *os.Root, relPath string) error { + dir := filepath.Dir(relPath) + if dir != "." && dir != "/" { + if err := root.MkdirAll(dir, 0o755); err != nil { + return fmt.Errorf("failed to create parent directories: %w", err) + } + } + + // We use a "write-then-rename" pattern here to ensure an atomic write. + // This prevents the target file from being left in a truncated or partial state + // if the operation is interrupted, as the rename operation is atomic on Linux. + tmpRelPath := fmt.Sprintf("%s.%d.tmp", relPath, time.Now().UnixNano()) + + if err := root.WriteFile(tmpRelPath, data, 0o644); err != nil { + root.Remove(tmpRelPath) // Ensure cleanup of partial/empty temp file + return fmt.Errorf("failed to write to temp file: %w", err) + } + + if err := root.Rename(tmpRelPath, relPath); err != nil { + root.Remove(tmpRelPath) + return fmt.Errorf("failed to rename temp file over target: %w", err) + } + return nil + }) +} + +func (r *sandboxFs) ReadDir(path string) ([]os.DirEntry, error) { + var entries []os.DirEntry + err := r.execute(path, func(root *os.Root, relPath string) error { + dirEntries, err := fs.ReadDir(root.FS(), relPath) + if err != nil { + return err + } + entries = dirEntries + return nil + }) + return entries, err +} + +// Helper to get a safe relative path for os.Root usage +func getSafeRelPath(workspace, path string) (string, error) { + if workspace == "" { + return "", fmt.Errorf("workspace is not defined") + } + + rel := filepath.Clean(path) + if filepath.IsAbs(rel) { + var err error + rel, err = filepath.Rel(workspace, rel) + if err != nil { + return "", fmt.Errorf("failed to calculate relative path: %w", err) } } - return NewToolResult(result) + if !filepath.IsLocal(rel) { + return "", fmt.Errorf("path escapes workspace: %s", path) + } + + return rel, nil } diff --git a/pkg/tools/filesystem_test.go b/pkg/tools/filesystem_test.go index 5daa3dcea..6f896e22d 100644 --- a/pkg/tools/filesystem_test.go +++ b/pkg/tools/filesystem_test.go @@ -2,10 +2,13 @@ package tools import ( "context" + "io" "os" "path/filepath" "strings" "testing" + + "github.com/stretchr/testify/assert" ) // TestFilesystemTool_ReadFile_Success verifies successful file reading @@ -14,7 +17,7 @@ func TestFilesystemTool_ReadFile_Success(t *testing.T) { testFile := filepath.Join(tmpDir, "test.txt") os.WriteFile(testFile, []byte("test content"), 0o644) - tool := &ReadFileTool{} + tool := NewReadFileTool("", false) ctx := context.Background() args := map[string]any{ "path": testFile, @@ -41,7 +44,7 @@ func TestFilesystemTool_ReadFile_Success(t *testing.T) { // TestFilesystemTool_ReadFile_NotFound verifies error handling for missing file func TestFilesystemTool_ReadFile_NotFound(t *testing.T) { - tool := &ReadFileTool{} + tool := NewReadFileTool("", false) ctx := context.Background() args := map[string]any{ "path": "/nonexistent_file_12345.txt", @@ -84,7 +87,7 @@ func TestFilesystemTool_WriteFile_Success(t *testing.T) { tmpDir := t.TempDir() testFile := filepath.Join(tmpDir, "newfile.txt") - tool := &WriteFileTool{} + tool := NewWriteFileTool("", false) ctx := context.Background() args := map[string]any{ "path": testFile, @@ -123,7 +126,7 @@ func TestFilesystemTool_WriteFile_CreateDir(t *testing.T) { tmpDir := t.TempDir() testFile := filepath.Join(tmpDir, "subdir", "newfile.txt") - tool := &WriteFileTool{} + tool := NewWriteFileTool("", false) ctx := context.Background() args := map[string]any{ "path": testFile, @@ -149,7 +152,7 @@ func TestFilesystemTool_WriteFile_CreateDir(t *testing.T) { // TestFilesystemTool_WriteFile_MissingPath verifies error handling for missing path func TestFilesystemTool_WriteFile_MissingPath(t *testing.T) { - tool := &WriteFileTool{} + tool := NewWriteFileTool("", false) ctx := context.Background() args := map[string]any{ "content": "test", @@ -165,7 +168,7 @@ func TestFilesystemTool_WriteFile_MissingPath(t *testing.T) { // TestFilesystemTool_WriteFile_MissingContent verifies error handling for missing content func TestFilesystemTool_WriteFile_MissingContent(t *testing.T) { - tool := &WriteFileTool{} + tool := NewWriteFileTool("", false) ctx := context.Background() args := map[string]any{ "path": "/tmp/test.txt", @@ -192,7 +195,7 @@ func TestFilesystemTool_ListDir_Success(t *testing.T) { os.WriteFile(filepath.Join(tmpDir, "file2.txt"), []byte("content"), 0o644) os.Mkdir(filepath.Join(tmpDir, "subdir"), 0o755) - tool := &ListDirTool{} + tool := NewListDirTool("", false) ctx := context.Background() args := map[string]any{ "path": tmpDir, @@ -216,7 +219,7 @@ func TestFilesystemTool_ListDir_Success(t *testing.T) { // TestFilesystemTool_ListDir_NotFound verifies error handling for non-existent directory func TestFilesystemTool_ListDir_NotFound(t *testing.T) { - tool := &ListDirTool{} + tool := NewListDirTool("", false) ctx := context.Background() args := map[string]any{ "path": "/nonexistent_directory_12345", @@ -237,7 +240,7 @@ func TestFilesystemTool_ListDir_NotFound(t *testing.T) { // TestFilesystemTool_ListDir_DefaultPath verifies default to current directory func TestFilesystemTool_ListDir_DefaultPath(t *testing.T) { - tool := &ListDirTool{} + tool := NewListDirTool("", false) ctx := context.Background() args := map[string]any{} @@ -275,7 +278,211 @@ func TestFilesystemTool_ReadFile_RejectsSymlinkEscape(t *testing.T) { if !result.IsError { t.Fatalf("expected symlink escape to be blocked") } - if !strings.Contains(result.ForLLM, "symlink resolves outside workspace") { + // os.Root might return different errors depending on platform/implementation + // but it definitely should error. + // Our wrapper returns "access denied or file not found" + if !strings.Contains(result.ForLLM, "access denied") && !strings.Contains(result.ForLLM, "file not found") && + !strings.Contains(result.ForLLM, "no such file") { t.Fatalf("expected symlink escape error, got: %s", result.ForLLM) } } + +func TestFilesystemTool_EmptyWorkspace_AccessDenied(t *testing.T) { + tool := NewReadFileTool("", true) // restrict=true but workspace="" + + // Try to read a sensitive file (simulated by a temp file outside workspace) + tmpDir := t.TempDir() + secretFile := filepath.Join(tmpDir, "shadow") + os.WriteFile(secretFile, []byte("secret data"), 0o600) + + result := tool.Execute(context.Background(), map[string]any{ + "path": secretFile, + }) + + // We EXPECT IsError=true (access blocked due to empty workspace) + assert.True(t, result.IsError, "Security Regression: Empty workspace allowed access! content: %s", result.ForLLM) + + // Verify it failed for the right reason + assert.Contains(t, result.ForLLM, "workspace is not defined", "Expected 'workspace is not defined' error") +} + +// TestRootMkdirAll verifies that root.MkdirAll (used by atomicWriteFileInRoot) handles all cases: +// single dir, deeply nested dirs, already-existing dirs, and a file blocking a directory path. +func TestRootMkdirAll(t *testing.T) { + workspace := t.TempDir() + root, err := os.OpenRoot(workspace) + if err != nil { + t.Fatalf("failed to open root: %v", err) + } + defer root.Close() + + // Case 1: Single directory + err = root.MkdirAll("dir1", 0o755) + assert.NoError(t, err) + _, err = os.Stat(filepath.Join(workspace, "dir1")) + assert.NoError(t, err) + + // Case 2: Deeply nested directory + err = root.MkdirAll("a/b/c/d", 0o755) + assert.NoError(t, err) + _, err = os.Stat(filepath.Join(workspace, "a/b/c/d")) + assert.NoError(t, err) + + // Case 3: Already exists ā€” must be idempotent + err = root.MkdirAll("a/b/c/d", 0o755) + assert.NoError(t, err) + + // Case 4: A regular file blocks directory creation ā€” must error + err = os.WriteFile(filepath.Join(workspace, "file_exists"), []byte("data"), 0o644) + assert.NoError(t, err) + err = root.MkdirAll("file_exists", 0o755) + assert.Error(t, err, "expected error when a file exists at the directory path") +} + +func TestFilesystemTool_WriteFile_Restricted_CreateDir(t *testing.T) { + workspace := t.TempDir() + tool := NewWriteFileTool(workspace, true) + ctx := context.Background() + + testFile := "deep/nested/path/to/file.txt" + content := "deep content" + args := map[string]any{ + "path": testFile, + "content": content, + } + + result := tool.Execute(ctx, args) + assert.False(t, result.IsError, "Expected success, got: %s", result.ForLLM) + + // Verify file content + actualPath := filepath.Join(workspace, testFile) + data, err := os.ReadFile(actualPath) + assert.NoError(t, err) + assert.Equal(t, content, string(data)) +} + +// TestHostRW_Read_PermissionDenied verifies that hostRW.Read surfaces access denied errors. +func TestHostRW_Read_PermissionDenied(t *testing.T) { + if os.Getuid() == 0 { + t.Skip("skipping permission test: running as root") + } + tmpDir := t.TempDir() + protected := filepath.Join(tmpDir, "protected.txt") + err := os.WriteFile(protected, []byte("secret"), 0o000) + assert.NoError(t, err) + defer os.Chmod(protected, 0o644) // ensure cleanup + + _, err = (&hostFs{}).ReadFile(protected) + assert.Error(t, err) + assert.Contains(t, err.Error(), "access denied") +} + +// TestHostRW_Read_Directory verifies that hostRW.Read returns an error when given a directory path. +func TestHostRW_Read_Directory(t *testing.T) { + tmpDir := t.TempDir() + + _, err := (&hostFs{}).ReadFile(tmpDir) + assert.Error(t, err, "expected error when reading a directory as a file") +} + +// TestRootRW_Read_Directory verifies that rootRW.Read returns an error when given a directory. +func TestRootRW_Read_Directory(t *testing.T) { + workspace := t.TempDir() + root, err := os.OpenRoot(workspace) + assert.NoError(t, err) + defer root.Close() + + // Create a subdirectory + err = root.Mkdir("subdir", 0o755) + assert.NoError(t, err) + + _, err = (&sandboxFs{workspace: workspace}).ReadFile("subdir") + assert.Error(t, err, "expected error when reading a directory as a file") +} + +// TestHostRW_Write_ParentDirMissing verifies that hostRW.Write creates parent dirs automatically. +func TestHostRW_Write_ParentDirMissing(t *testing.T) { + tmpDir := t.TempDir() + target := filepath.Join(tmpDir, "a", "b", "c", "file.txt") + + err := (&hostFs{}).WriteFile(target, []byte("hello")) + assert.NoError(t, err) + + data, err := os.ReadFile(target) + assert.NoError(t, err) + assert.Equal(t, "hello", string(data)) +} + +// TestRootRW_Write_ParentDirMissing verifies that rootRW.Write creates +// nested parent directories automatically within the sandbox. +func TestRootRW_Write_ParentDirMissing(t *testing.T) { + workspace := t.TempDir() + + relPath := "x/y/z/file.txt" + err := (&sandboxFs{workspace: workspace}).WriteFile(relPath, []byte("nested")) + assert.NoError(t, err) + + data, err := os.ReadFile(filepath.Join(workspace, relPath)) + assert.NoError(t, err) + assert.Equal(t, "nested", string(data)) +} + +// TestHostRW_Write verifies the hostRW.Write helper function +func TestHostRW_Write(t *testing.T) { + tmpDir := t.TempDir() + testFile := filepath.Join(tmpDir, "atomic_test.txt") + testData := []byte("atomic test content") + + err := (&hostFs{}).WriteFile(testFile, testData) + assert.NoError(t, err) + + content, err := os.ReadFile(testFile) + assert.NoError(t, err) + assert.Equal(t, testData, content) + + // Verify it overwrites correctly + newData := []byte("new atomic content") + err = (&hostFs{}).WriteFile(testFile, newData) + assert.NoError(t, err) + + content, err = os.ReadFile(testFile) + assert.NoError(t, err) + assert.Equal(t, newData, content) +} + +// TestRootRW_Write verifies the rootRW.Write helper function +func TestRootRW_Write(t *testing.T) { + tmpDir := t.TempDir() + + relPath := "atomic_root_test.txt" + testData := []byte("atomic root test content") + + erw := &sandboxFs{workspace: tmpDir} + err := erw.WriteFile(relPath, testData) + assert.NoError(t, err) + + root, err := os.OpenRoot(tmpDir) + assert.NoError(t, err) + defer root.Close() + + f, err := root.Open(relPath) + assert.NoError(t, err) + defer f.Close() + + content, err := io.ReadAll(f) + assert.NoError(t, err) + assert.Equal(t, testData, content) + + // Verify it overwrites correctly + newData := []byte("new root atomic content") + err = erw.WriteFile(relPath, newData) + assert.NoError(t, err) + + f2, err := root.Open(relPath) + assert.NoError(t, err) + defer f2.Close() + + content, err = io.ReadAll(f2) + assert.NoError(t, err) + assert.Equal(t, newData, content) +} From 6d487a12b26ae2131a573915ee4f55a4da424c30 Mon Sep 17 00:00:00 2001 From: Zenix Date: Mon, 23 Feb 2026 19:29:43 +0900 Subject: [PATCH 42/88] fix: make install should be aware of the textfile busy since it tries to overwrite the file with non-atomic operation (#558) --- Makefile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index a5ad4a02d..29e2fc964 100644 --- a/Makefile +++ b/Makefile @@ -24,6 +24,7 @@ GOLANGCI_LINT?=golangci-lint INSTALL_PREFIX?=$(HOME)/.local INSTALL_BIN_DIR=$(INSTALL_PREFIX)/bin INSTALL_MAN_DIR=$(INSTALL_PREFIX)/share/man/man1 +INSTALL_TMP_SUFFIX=.new # Workspace and Skills PICOCLAW_HOME?=$(HOME)/.picoclaw @@ -99,8 +100,10 @@ build-all: generate install: build @echo "Installing $(BINARY_NAME)..." @mkdir -p $(INSTALL_BIN_DIR) - @cp $(BUILD_DIR)/$(BINARY_NAME) $(INSTALL_BIN_DIR)/$(BINARY_NAME) - @chmod +x $(INSTALL_BIN_DIR)/$(BINARY_NAME) + # Copy binary with temporary suffix to ensure atomic update + @cp $(BUILD_DIR)/$(BINARY_NAME) $(INSTALL_BIN_DIR)/$(BINARY_NAME)$(INSTALL_TMP_SUFFIX) + @chmod +x $(INSTALL_BIN_DIR)/$(BINARY_NAME)$(INSTALL_TMP_SUFFIX) + @mv -f $(INSTALL_BIN_DIR)/$(BINARY_NAME)$(INSTALL_TMP_SUFFIX) $(INSTALL_BIN_DIR)/$(BINARY_NAME) @echo "Installed binary to $(INSTALL_BIN_DIR)/$(BINARY_NAME)" @echo "Installation complete!" From 8a53cb96651fad13c665417aadbedddf3e14a284 Mon Sep 17 00:00:00 2001 From: Chujiang <110hqc@gmail.com> Date: Tue, 24 Feb 2026 05:52:16 +0800 Subject: [PATCH 43/88] fix: align Docker Go version with go.mod and optimize logger (#596) - Update Dockerfile to use golang:1.25-alpine to match go.mod (go 1.25.7) - Optimize logger by avoiding string concatenation in file writes - Add explicit empty string assignment for fieldStr when no fields These changes improve build consistency and reduce memory allocations in the hot logging path, which is important for the project's goal of running on resource-constrained devices (<10MB RAM). Co-authored-by: Claude Sonnet 4.6 --- Dockerfile | 2 +- pkg/logger/logger.go | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0360cfda6..480244127 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # ============================================================ # Stage 1: Build the picoclaw binary # ============================================================ -FROM golang:1.26.0-alpine AS builder +FROM golang:1.25-alpine AS builder RUN apk add --no-cache git make diff --git a/pkg/logger/logger.go b/pkg/logger/logger.go index 54de66bf9..c14fbd464 100644 --- a/pkg/logger/logger.go +++ b/pkg/logger/logger.go @@ -119,13 +119,15 @@ func logMessage(level LogLevel, component string, message string, fields map[str if logger.file != nil { jsonData, err := json.Marshal(entry) if err == nil { - logger.file.WriteString(string(jsonData) + "\n") + logger.file.Write(append(jsonData, '\n')) } } var fieldStr string if len(fields) > 0 { fieldStr = " " + formatFields(fields) + } else { + fieldStr = "" } logLine := fmt.Sprintf("[%s] [%s]%s %s%s", From 2fa51d7b868672ab2fd054396216fa68184b3ad6 Mon Sep 17 00:00:00 2001 From: 0x5487 Date: Tue, 24 Feb 2026 05:54:10 +0800 Subject: [PATCH 44/88] fix(security): change gateway default bind to 127.0.0.1 (#393) * chore: Update default host bindings from 0.0.0.0 to 127.0.0.1 for various services and examples. * config: Update default host bindings to 0.0.0.0 for improved Docker accessibility and add related documentation. * chore: resolve conflict * chore: remove link * docs: Add a tip for Docker users regarding gateway host configuration to the French and Vietnamese READMEs. * fix: typo issue * docs: Update Chinese README.zh.md. --- README.fr.md | 4 ++++ README.ja.md | 4 ++++ README.md | 4 ++++ README.pt-br.md | 4 ++++ README.vi.md | 4 ++++ README.zh.md | 3 +++ config/config.example.json | 2 +- pkg/config/config_test.go | 4 ++-- pkg/config/defaults.go | 2 +- 9 files changed, 27 insertions(+), 4 deletions(-) diff --git a/README.fr.md b/README.fr.md index a762870ff..d09276c27 100644 --- a/README.fr.md +++ b/README.fr.md @@ -171,6 +171,10 @@ vim config/config.json # Configurez DISCORD_BOT_TOKEN, clĆ©s API, etc. # 3. Compiler & DĆ©marrer docker compose --profile gateway up -d +> [!TIP] +> **Utilisateurs Docker** : Par dĆ©faut, le Gateway Ć©coute sur `127.0.0.1`, ce qui n'est pas accessible depuis l'hĆ“te. Si vous avez besoin d'accĆ©der aux endpoints de santĆ© ou d'exposer des ports, dĆ©finissez `PICOCLAW_GATEWAY_HOST=0.0.0.0` dans votre environnement ou mettez Ć  jour `config.json`. + + # 4. Voir les logs docker compose logs -f picoclaw-gateway diff --git a/README.ja.md b/README.ja.md index 3506c77c2..67eccddc2 100644 --- a/README.ja.md +++ b/README.ja.md @@ -133,6 +133,10 @@ vim config/config.json # DISCORD_BOT_TOKEN, ćƒ—ćƒ­ćƒć‚¤ćƒ€ćƒ¼ć® API 悭 # 3. ćƒ“ćƒ«ćƒ‰ćØčµ·å‹• docker compose --profile gateway up -d +> [!TIP] +> **Docker ćƒ¦ćƒ¼ć‚¶ćƒ¼**: ćƒ‡ćƒ•ć‚©ćƒ«ćƒˆć§ćÆ态Gateway ćÆ `127.0.0.1` 恧ćƒŖćƒƒć‚¹ćƒ³ć—ć¦ćŠć‚Šć€ćƒ›ć‚¹ćƒˆć‹ć‚‰ć‚¢ć‚Æć‚»ć‚¹ć§ćć¾ć›ć‚“ć€‚ćƒ˜ćƒ«ć‚¹ćƒć‚§ćƒƒć‚Æć‚Øćƒ³ćƒ‰ćƒć‚¤ćƒ³ćƒˆć«ć‚¢ć‚Æć‚»ć‚¹ć—ćŸć‚Šć€ćƒćƒ¼ćƒˆć‚’å…¬é–‹ć—ćŸć‚Šć™ć‚‹åæ…č¦ćŒć‚ć‚‹å “合ćÆ态ē’°å¢ƒå¤‰ę•°ć§ `PICOCLAW_GATEWAY_HOST=0.0.0.0` 悒čØ­å®šć™ć‚‹ć‹ć€`config.json` ć‚’ę›“ę–°ć—ć¦ćć ć•ć„ć€‚ + + # 4. 惭悰ē¢ŗčŖ docker compose logs -f picoclaw-gateway diff --git a/README.md b/README.md index 955255f2e..84d92115b 100644 --- a/README.md +++ b/README.md @@ -171,6 +171,10 @@ vim config/config.json # Set DISCORD_BOT_TOKEN, API keys, etc. # 3. Build & Start docker compose --profile gateway up -d +> [!TIP] +> **Docker Users**: By default, the Gateway listens on `127.0.0.1` which is not accessible from the host. If you need to access the health endpoints or expose ports, set `PICOCLAW_GATEWAY_HOST=0.0.0.0` in your environment or update `config.json`. + + # 4. Check logs docker compose logs -f picoclaw-gateway diff --git a/README.pt-br.md b/README.pt-br.md index 900ee7932..8d87333bc 100644 --- a/README.pt-br.md +++ b/README.pt-br.md @@ -172,6 +172,10 @@ vim config/config.json # Configure DISCORD_BOT_TOKEN, API keys, etc. # 3. Build & Iniciar docker compose --profile gateway up -d +> [!TIP] +> **UsuĆ”rios Docker**: Por padrĆ£o, o Gateway ouve em `127.0.0.1`, o que nĆ£o Ć© acessĆ­vel a partir do host. Se vocĆŖ precisar acessar os endpoints de integridade ou expor portas, defina `PICOCLAW_GATEWAY_HOST=0.0.0.0` em seu ambiente ou atualize o `config.json`. + + # 4. Ver logs docker compose logs -f picoclaw-gateway diff --git a/README.vi.md b/README.vi.md index 29ff12bb0..1be58d9f6 100644 --- a/README.vi.md +++ b/README.vi.md @@ -152,6 +152,10 @@ vim config/config.json # Thiįŗæt lįŗ­p DISCORD_BOT_TOKEN, API keys, v.v. # 3. Build & Khį»Ÿi đį»™ng docker compose --profile gateway up -d +> [!TIP] +> **NgĘ°į»i dĆ¹ng Docker**: Theo mįŗ·c đį»‹nh, Gateway lįŗÆng nghe trĆŖn `127.0.0.1`, khĆ“ng thį»ƒ truy cįŗ­p tį»« mĆ”y chį»§. Nįŗæu bįŗ”n cįŗ§n truy cįŗ­p cĆ”c endpoint kiį»ƒm tra sį»©c khį»e hoįŗ·c mį»Ÿ cį»•ng, hĆ£y đįŗ·t `PICOCLAW_GATEWAY_HOST=0.0.0.0` trong mĆ“i trĘ°į»ng cį»§a bįŗ”n hoįŗ·c cįŗ­p nhįŗ­t `config.json`. + + # 4. Xem logs docker compose logs -f picoclaw-gateway diff --git a/README.zh.md b/README.zh.md index 17a736fec..74760b3b1 100644 --- a/README.zh.md +++ b/README.zh.md @@ -173,6 +173,9 @@ vim config/config.json # č®¾ē½® DISCORD_BOT_TOKEN, API keys ē­‰ # 3. Ꞅå»ŗ并åÆåŠØ docker compose --profile gateway up -d +> [!TIP] +**Docker ē”Øꈷ**: é»˜č®¤ęƒ…å†µäø‹, Gatewayē›‘听 `127.0.0.1`ļ¼Œčæ™ä½æ得čæ™äøŖē«Æ口ęœŖęš“éœ²åˆ°å®¹å™Øå¤–ć€‚å¦‚ęžœä½ éœ€č¦é€ščæ‡ē«Æå£ę˜ å°„č®æ问偄åŗ·ę£€ęŸ„ęŽ„å£, čÆ·åœØēŽÆ境变量äø­č®¾ē½® `PICOCLAW_GATEWAY_HOST=0.0.0.0` ꈖäæ®ę”¹ `config.json`怂 + # 4. ęŸ„ēœ‹ę—„åæ— docker compose logs -f picoclaw-gateway diff --git a/config/config.example.json b/config/config.example.json index e814fcbb8..555509732 100644 --- a/config/config.example.json +++ b/config/config.example.json @@ -247,7 +247,7 @@ "monitor_usb": true }, "gateway": { - "host": "0.0.0.0", + "host": "127.0.0.1", "port": 18790 } } diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index 0898217d6..f88c0269c 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -246,7 +246,7 @@ func TestDefaultConfig_Temperature(t *testing.T) { func TestDefaultConfig_Gateway(t *testing.T) { cfg := DefaultConfig() - if cfg.Gateway.Host != "0.0.0.0" { + if cfg.Gateway.Host != "127.0.0.1" { t.Error("Gateway host should have default value") } if cfg.Gateway.Port == 0 { @@ -343,7 +343,7 @@ func TestConfig_Complete(t *testing.T) { if cfg.Agents.Defaults.MaxToolIterations == 0 { t.Error("MaxToolIterations should not be zero") } - if cfg.Gateway.Host != "0.0.0.0" { + if cfg.Gateway.Host != "127.0.0.1" { t.Error("Gateway host should have default value") } if cfg.Gateway.Port == 0 { diff --git a/pkg/config/defaults.go b/pkg/config/defaults.go index 065273c28..b96ee4d89 100644 --- a/pkg/config/defaults.go +++ b/pkg/config/defaults.go @@ -272,7 +272,7 @@ func DefaultConfig() *Config { }, }, Gateway: GatewayConfig{ - Host: "0.0.0.0", + Host: "127.0.0.1", Port: 18790, }, Tools: ToolsConfig{ From 09b1992dd79cac46b7a48176074eabae36b9c1bc Mon Sep 17 00:00:00 2001 From: Goksu Ceylan <79890826+GoCeylan@users.noreply.github.com> Date: Mon, 23 Feb 2026 17:02:44 -0500 Subject: [PATCH 45/88] fix(security): ensure custom deny patterns extend defaults instead of replacing them (#479) * fix (security): custom deny patterns denying default patterns * fix formatting whitespace --- pkg/tools/shell.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkg/tools/shell.go b/pkg/tools/shell.go index a1ee0b6e1..6883172cd 100644 --- a/pkg/tools/shell.go +++ b/pkg/tools/shell.go @@ -81,6 +81,7 @@ func NewExecToolWithConfig(workingDir string, restrict bool, config *config.Conf execConfig := config.Tools.Exec enableDenyPatterns = execConfig.EnableDenyPatterns if enableDenyPatterns { + denyPatterns = append(denyPatterns, defaultDenyPatterns...) if len(execConfig.CustomDenyPatterns) > 0 { fmt.Printf("Using custom deny patterns: %v\n", execConfig.CustomDenyPatterns) for _, pattern := range execConfig.CustomDenyPatterns { @@ -91,8 +92,6 @@ func NewExecToolWithConfig(workingDir string, restrict bool, config *config.Conf } denyPatterns = append(denyPatterns, re) } - } else { - denyPatterns = append(denyPatterns, defaultDenyPatterns...) } } else { // If deny patterns are disabled, we won't add any patterns, allowing all commands. From 6fe3920a4d836b97c838fd39874cc6a5d07d1d40 Mon Sep 17 00:00:00 2001 From: mattn Date: Tue, 24 Feb 2026 08:07:09 +0900 Subject: [PATCH 46/88] perf: refactoring collecting skills (#688) * perf: refactoring collecting skills * Fix order to store dir.Name() * Add tests --- pkg/skills/loader.go | 140 +++++++++++--------------------------- pkg/skills/loader_test.go | 131 +++++++++++++++++++++++++++++++++++ 2 files changed, 170 insertions(+), 101 deletions(-) diff --git a/pkg/skills/loader.go b/pkg/skills/loader.go index eb0d5f322..f4f55a698 100644 --- a/pkg/skills/loader.go +++ b/pkg/skills/loader.go @@ -71,112 +71,50 @@ func NewSkillsLoader(workspace string, globalSkills string, builtinSkills string func (sl *SkillsLoader) ListSkills() []SkillInfo { skills := make([]SkillInfo, 0) + seen := make(map[string]bool) - if sl.workspaceSkills != "" { - if dirs, err := os.ReadDir(sl.workspaceSkills); err == nil { - for _, dir := range dirs { - if dir.IsDir() { - skillFile := filepath.Join(sl.workspaceSkills, dir.Name(), "SKILL.md") - if _, err := os.Stat(skillFile); err == nil { - info := SkillInfo{ - Name: dir.Name(), - Path: skillFile, - Source: "workspace", - } - metadata := sl.getSkillMetadata(skillFile) - if metadata != nil { - info.Description = metadata.Description - info.Name = metadata.Name - } - if err := info.validate(); err != nil { - slog.Warn("invalid skill from workspace", "name", info.Name, "error", err) - continue - } - skills = append(skills, info) - } - } + addSkills := func(dir, source string) { + if dir == "" { + return + } + dirs, err := os.ReadDir(dir) + if err != nil { + return + } + for _, d := range dirs { + if !d.IsDir() { + continue } + skillFile := filepath.Join(dir, d.Name(), "SKILL.md") + if _, err := os.Stat(skillFile); err != nil { + continue + } + info := SkillInfo{ + Name: d.Name(), + Path: skillFile, + Source: source, + } + metadata := sl.getSkillMetadata(skillFile) + if metadata != nil { + info.Description = metadata.Description + info.Name = metadata.Name + } + if err := info.validate(); err != nil { + slog.Warn("invalid skill from "+source, "name", info.Name, "error", err) + continue + } + if seen[info.Name] { + continue + } + seen[info.Name] = true + skills = append(skills, info) } } - // å…Ø局 skills (~/.picoclaw/skills) - č¢« workspace skills 覆ē›– - if sl.globalSkills != "" { - if dirs, err := os.ReadDir(sl.globalSkills); err == nil { - for _, dir := range dirs { - if dir.IsDir() { - skillFile := filepath.Join(sl.globalSkills, dir.Name(), "SKILL.md") - if _, err := os.Stat(skillFile); err == nil { - // ę£€ęŸ„ę˜Æå¦å·²č¢« workspace skills 覆ē›– - exists := false - for _, s := range skills { - if s.Name == dir.Name() && s.Source == "workspace" { - exists = true - break - } - } - if exists { - continue - } - - info := SkillInfo{ - Name: dir.Name(), - Path: skillFile, - Source: "global", - } - metadata := sl.getSkillMetadata(skillFile) - if metadata != nil { - info.Description = metadata.Description - info.Name = metadata.Name - } - if err := info.validate(); err != nil { - slog.Warn("invalid skill from global", "name", info.Name, "error", err) - continue - } - skills = append(skills, info) - } - } - } - } - } - - if sl.builtinSkills != "" { - if dirs, err := os.ReadDir(sl.builtinSkills); err == nil { - for _, dir := range dirs { - if dir.IsDir() { - skillFile := filepath.Join(sl.builtinSkills, dir.Name(), "SKILL.md") - if _, err := os.Stat(skillFile); err == nil { - // ę£€ęŸ„ę˜Æå¦å·²č¢« workspace ꈖ global skills 覆ē›– - exists := false - for _, s := range skills { - if s.Name == dir.Name() && (s.Source == "workspace" || s.Source == "global") { - exists = true - break - } - } - if exists { - continue - } - - info := SkillInfo{ - Name: dir.Name(), - Path: skillFile, - Source: "builtin", - } - metadata := sl.getSkillMetadata(skillFile) - if metadata != nil { - info.Description = metadata.Description - info.Name = metadata.Name - } - if err := info.validate(); err != nil { - slog.Warn("invalid skill from builtin", "name", info.Name, "error", err) - continue - } - skills = append(skills, info) - } - } - } - } - } + // Priority: workspace > global > builtin + addSkills(sl.workspaceSkills, "workspace") + addSkills(sl.globalSkills, "global") + addSkills(sl.builtinSkills, "builtin") return skills } diff --git a/pkg/skills/loader_test.go b/pkg/skills/loader_test.go index aca901d33..9428bea62 100644 --- a/pkg/skills/loader_test.go +++ b/pkg/skills/loader_test.go @@ -1,9 +1,12 @@ package skills import ( + "os" + "path/filepath" "testing" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" ) func TestSkillsInfoValidate(t *testing.T) { @@ -135,6 +138,134 @@ func TestExtractFrontmatter(t *testing.T) { } } +// createSkillDir creates a skill directory with a SKILL.md file containing the given frontmatter. +func createSkillDir(t *testing.T, base, dirName, name, description string) { + t.Helper() + dir := filepath.Join(base, dirName) + require.NoError(t, os.MkdirAll(dir, 0o755)) + content := "---\nname: " + name + "\ndescription: " + description + "\n---\n\n# " + name + require.NoError(t, os.WriteFile(filepath.Join(dir, "SKILL.md"), []byte(content), 0o644)) +} + +func TestListSkillsWorkspaceOverridesGlobal(t *testing.T) { + tmp := t.TempDir() + ws := filepath.Join(tmp, "workspace") + global := filepath.Join(tmp, "global") + + createSkillDir(t, filepath.Join(ws, "skills"), "my-skill", "my-skill", "workspace version") + createSkillDir(t, global, "my-skill", "my-skill", "global version") + + sl := NewSkillsLoader(ws, global, "") + skills := sl.ListSkills() + + assert.Len(t, skills, 1) + assert.Equal(t, "workspace", skills[0].Source) + assert.Equal(t, "workspace version", skills[0].Description) +} + +func TestListSkillsGlobalOverridesBuiltin(t *testing.T) { + tmp := t.TempDir() + ws := filepath.Join(tmp, "workspace") + global := filepath.Join(tmp, "global") + builtin := filepath.Join(tmp, "builtin") + + createSkillDir(t, global, "my-skill", "my-skill", "global version") + createSkillDir(t, builtin, "my-skill", "my-skill", "builtin version") + + sl := NewSkillsLoader(ws, global, builtin) + skills := sl.ListSkills() + + assert.Len(t, skills, 1) + assert.Equal(t, "global", skills[0].Source) + assert.Equal(t, "global version", skills[0].Description) +} + +func TestListSkillsMetadataNameDedup(t *testing.T) { + tmp := t.TempDir() + ws := filepath.Join(tmp, "workspace") + global := filepath.Join(tmp, "global") + + // Different directory names but same metadata name + createSkillDir(t, filepath.Join(ws, "skills"), "dir-a", "shared-name", "workspace version") + createSkillDir(t, global, "dir-b", "shared-name", "global version") + + sl := NewSkillsLoader(ws, global, "") + skills := sl.ListSkills() + + assert.Len(t, skills, 1) + assert.Equal(t, "shared-name", skills[0].Name) + assert.Equal(t, "workspace", skills[0].Source) +} + +func TestListSkillsMultipleDistinctSkills(t *testing.T) { + tmp := t.TempDir() + ws := filepath.Join(tmp, "workspace") + global := filepath.Join(tmp, "global") + builtin := filepath.Join(tmp, "builtin") + + createSkillDir(t, filepath.Join(ws, "skills"), "skill-a", "skill-a", "desc a") + createSkillDir(t, global, "skill-b", "skill-b", "desc b") + createSkillDir(t, builtin, "skill-c", "skill-c", "desc c") + + sl := NewSkillsLoader(ws, global, builtin) + skills := sl.ListSkills() + + assert.Len(t, skills, 3) + names := map[string]string{} + for _, s := range skills { + names[s.Name] = s.Source + } + assert.Equal(t, "workspace", names["skill-a"]) + assert.Equal(t, "global", names["skill-b"]) + assert.Equal(t, "builtin", names["skill-c"]) +} + +func TestListSkillsInvalidSkillSkipped(t *testing.T) { + tmp := t.TempDir() + ws := filepath.Join(tmp, "workspace") + global := filepath.Join(tmp, "global") + + // Invalid name (underscore) + createSkillDir(t, filepath.Join(ws, "skills"), "bad_skill", "bad_skill", "desc") + // Valid skill + createSkillDir(t, global, "good-skill", "good-skill", "desc") + + sl := NewSkillsLoader(ws, global, "") + skills := sl.ListSkills() + + assert.Len(t, skills, 1) + assert.Equal(t, "good-skill", skills[0].Name) +} + +func TestListSkillsEmptyAndNonexistentDirs(t *testing.T) { + tmp := t.TempDir() + ws := filepath.Join(tmp, "workspace") + emptyDir := filepath.Join(tmp, "empty") + require.NoError(t, os.MkdirAll(emptyDir, 0o755)) + + sl := NewSkillsLoader(ws, emptyDir, filepath.Join(tmp, "nonexistent")) + skills := sl.ListSkills() + + assert.Empty(t, skills) +} + +func TestListSkillsDirWithoutSkillMD(t *testing.T) { + tmp := t.TempDir() + ws := filepath.Join(tmp, "workspace") + global := filepath.Join(tmp, "global") + + // Directory exists but has no SKILL.md + require.NoError(t, os.MkdirAll(filepath.Join(global, "no-skillmd"), 0o755)) + // Valid skill alongside + createSkillDir(t, global, "real-skill", "real-skill", "desc") + + sl := NewSkillsLoader(ws, global, "") + skills := sl.ListSkills() + + assert.Len(t, skills, 1) + assert.Equal(t, "real-skill", skills[0].Name) +} + func TestStripFrontmatter(t *testing.T) { sl := &SkillsLoader{} From 6fb61539d779dd155ba82422fe7d0f1094f0893e Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Tue, 24 Feb 2026 10:27:49 +1100 Subject: [PATCH 47/88] translate Chinese comments Signed-off-by: Kai Xia --- cmd/picoclaw/main.go | 2 +- pkg/channels/qq.go | 46 ++++++++++++++++++++-------------------- pkg/channels/slack.go | 6 +++--- pkg/channels/telegram.go | 6 +++--- pkg/skills/loader.go | 12 +++++------ 5 files changed, 36 insertions(+), 36 deletions(-) diff --git a/cmd/picoclaw/main.go b/cmd/picoclaw/main.go index 1e4b393f8..25ad701ca 100644 --- a/cmd/picoclaw/main.go +++ b/cmd/picoclaw/main.go @@ -131,7 +131,7 @@ func main() { workspace := cfg.WorkspacePath() installer := skills.NewSkillInstaller(workspace) - // čŽ·å–å…Ø局配ē½®ē›®å½•å’Œå†…ē½® skills ē›®å½• + // get global config directory and builtin skills directory globalDir := filepath.Dir(getConfigPath()) globalSkillsDir := filepath.Join(globalDir, "skills") builtinSkillsDir := filepath.Join(globalDir, "picoclaw", "skills") diff --git a/pkg/channels/qq.go b/pkg/channels/qq.go index e66cac533..b10776db6 100644 --- a/pkg/channels/qq.go +++ b/pkg/channels/qq.go @@ -47,31 +47,31 @@ func (c *QQChannel) Start(ctx context.Context) error { logger.InfoC("qq", "Starting QQ bot (WebSocket mode)") - // 创å»ŗ token source + // create token source credentials := &token.QQBotCredentials{ AppID: c.config.AppID, AppSecret: c.config.AppSecret, } c.tokenSource = token.NewQQBotTokenSource(credentials) - // 创å»ŗ子 context + // create child context c.ctx, c.cancel = context.WithCancel(ctx) - // åÆåŠØč‡ŖåŠØåˆ·ę–° token 协ē؋ + // start auto-refresh token goroutine if err := token.StartRefreshAccessToken(c.ctx, c.tokenSource); err != nil { return fmt.Errorf("failed to start token refresh: %w", err) } - // 初始化 OpenAPI å®¢ęˆ·ē«Æ + // initialize OpenAPI client c.api = botgo.NewOpenAPI(c.config.AppID, c.tokenSource).WithTimeout(5 * time.Second) - // ę³Ø册äŗ‹ä»¶å¤„ē†å™Ø + // register event handlers intent := event.RegisterHandlers( c.handleC2CMessage(), c.handleGroupATMessage(), ) - // čŽ·å– WebSocket ęŽ„å…„ē‚¹ + // get WebSocket endpoint wsInfo, err := c.api.WS(c.ctx, nil, "") if err != nil { return fmt.Errorf("failed to get websocket info: %w", err) @@ -81,10 +81,10 @@ func (c *QQChannel) Start(ctx context.Context) error { "shards": wsInfo.Shards, }) - // 创å»ŗ并äæå­˜ sessionManager + // create and save sessionManager c.sessionManager = botgo.NewSessionManager() - // åœØ goroutine äø­åÆåŠØ WebSocket čæžęŽ„ļ¼Œéæ免阻唞 + // start WebSocket connection in goroutine to avoid blocking go func() { if err := c.sessionManager.Start(wsInfo, c.tokenSource, &intent); err != nil { logger.ErrorCF("qq", "WebSocket session error", map[string]any{ @@ -116,12 +116,12 @@ func (c *QQChannel) Send(ctx context.Context, msg bus.OutboundMessage) error { return fmt.Errorf("QQ bot not running") } - // ęž„é€ ę¶ˆęÆ + // construct message msgToCreate := &dto.MessageToCreate{ Content: msg.Content, } - // C2C 궈ęÆ发送 + // send C2C message _, err := c.api.PostC2CMessage(ctx, msg.ChatID, msgToCreate) if err != nil { logger.ErrorCF("qq", "Failed to send C2C message", map[string]any{ @@ -133,15 +133,15 @@ func (c *QQChannel) Send(ctx context.Context, msg bus.OutboundMessage) error { return nil } -// handleC2CMessage 处ē† QQ ē§čŠę¶ˆęÆ +// handleC2CMessage handles QQ private messages func (c *QQChannel) handleC2CMessage() event.C2CMessageEventHandler { return func(event *dto.WSPayload, data *dto.WSC2CMessageData) error { - // åŽ»é‡ę£€ęŸ„ + // deduplication check if c.isDuplicate(data.ID) { return nil } - // ęå–ē”Øꈷäæ”ęÆ + // extract user info var senderID string if data.Author != nil && data.Author.ID != "" { senderID = data.Author.ID @@ -150,7 +150,7 @@ func (c *QQChannel) handleC2CMessage() event.C2CMessageEventHandler { return nil } - // ęå–ę¶ˆęÆ内容 + // extract message content content := data.Content if content == "" { logger.DebugC("qq", "Received empty message, ignoring") @@ -162,7 +162,7 @@ func (c *QQChannel) handleC2CMessage() event.C2CMessageEventHandler { "length": len(content), }) - // č½¬å‘åˆ°ę¶ˆęÆꀻēŗæ + // forward to message bus metadata := map[string]string{ "message_id": data.ID, "peer_kind": "direct", @@ -175,15 +175,15 @@ func (c *QQChannel) handleC2CMessage() event.C2CMessageEventHandler { } } -// handleGroupATMessage 处ē†ē¾¤@궈ęÆ +// handleGroupATMessage handles group @messages func (c *QQChannel) handleGroupATMessage() event.GroupATMessageEventHandler { return func(event *dto.WSPayload, data *dto.WSGroupATMessageData) error { - // åŽ»é‡ę£€ęŸ„ + // deduplication check if c.isDuplicate(data.ID) { return nil } - // ęå–ē”Øꈷäæ”ęÆ + // extract user info var senderID string if data.Author != nil && data.Author.ID != "" { senderID = data.Author.ID @@ -192,7 +192,7 @@ func (c *QQChannel) handleGroupATMessage() event.GroupATMessageEventHandler { return nil } - // ęå–ę¶ˆęÆ内容ļ¼ˆåŽ»ęŽ‰ @ ęœŗå™ØäŗŗéƒØ分ļ¼‰ + // extract message content (remove @bot part) content := data.Content if content == "" { logger.DebugC("qq", "Received empty group message, ignoring") @@ -205,7 +205,7 @@ func (c *QQChannel) handleGroupATMessage() event.GroupATMessageEventHandler { "length": len(content), }) - // č½¬å‘åˆ°ę¶ˆęÆꀻēŗæļ¼ˆä½æē”Ø GroupID 作äøŗ ChatIDļ¼‰ + // forward to message bus (use GroupID as ChatID) metadata := map[string]string{ "message_id": data.ID, "group_id": data.GroupID, @@ -219,7 +219,7 @@ func (c *QQChannel) handleGroupATMessage() event.GroupATMessageEventHandler { } } -// isDuplicate ę£€ęŸ„ę¶ˆęÆę˜Æ否重复 +// isDuplicate checks if message is duplicate func (c *QQChannel) isDuplicate(messageID string) bool { c.mu.Lock() defer c.mu.Unlock() @@ -230,9 +230,9 @@ func (c *QQChannel) isDuplicate(messageID string) bool { c.processedIDs[messageID] = true - // ē®€å•ęø…ē†ļ¼šé™åˆ¶ map 大小 + // simple cleanup: limit map size if len(c.processedIDs) > 10000 { - // ęø…ē©ŗäø€åŠ + // clear half count := 0 for id := range c.processedIDs { if count >= 5000 { diff --git a/pkg/channels/slack.go b/pkg/channels/slack.go index f7359cd6d..f087aa8da 100644 --- a/pkg/channels/slack.go +++ b/pkg/channels/slack.go @@ -200,7 +200,7 @@ func (c *SlackChannel) handleMessageEvent(ev *slackevents.MessageEvent) { return } - // ę£€ęŸ„ē™½åå•ļ¼Œéæ免äøŗč¢«ę‹’ē»ēš„ē”Øꈷäø‹č½½é™„件 + // check allowlist to avoid downloading attachments for rejected users if !c.IsAllowed(ev.User) { logger.DebugCF("slack", "Message rejected by allowlist", map[string]any{ "user_id": ev.User, @@ -232,9 +232,9 @@ func (c *SlackChannel) handleMessageEvent(ev *slackevents.MessageEvent) { content = c.stripBotMention(content) var mediaPaths []string - localFiles := []string{} // č·ŸčøŖéœ€č¦ęø…ē†ēš„ęœ¬åœ°ę–‡ä»¶ + localFiles := []string{} // track local files that need cleanup - // ē”®äæäø“ꗶꖇ件åœØå‡½ę•°čæ”å›žę—¶č¢«ęø…ē† + // ensure temp files are cleaned up when function returns defer func() { for _, file := range localFiles { if err := os.Remove(file); err != nil { diff --git a/pkg/channels/telegram.go b/pkg/channels/telegram.go index a0a1c8d0a..5cd51e8bc 100644 --- a/pkg/channels/telegram.go +++ b/pkg/channels/telegram.go @@ -208,7 +208,7 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes senderID = fmt.Sprintf("%d|%s", user.ID, user.Username) } - // ę£€ęŸ„ē™½åå•ļ¼Œéæ免äøŗč¢«ę‹’ē»ēš„ē”Øꈷäø‹č½½é™„件 + // check allowlist to avoid downloading attachments for rejected users if !c.IsAllowed(senderID) { logger.DebugCF("telegram", "Message rejected by allowlist", map[string]any{ "user_id": senderID, @@ -221,9 +221,9 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes content := "" mediaPaths := []string{} - localFiles := []string{} // č·ŸčøŖéœ€č¦ęø…ē†ēš„ęœ¬åœ°ę–‡ä»¶ + localFiles := []string{} // track local files that need cleanup - // ē”®äæäø“ꗶꖇ件åœØå‡½ę•°čæ”å›žę—¶č¢«ęø…ē† + // ensure temp files are cleaned up when function returns defer func() { for _, file := range localFiles { if err := os.Remove(file); err != nil { diff --git a/pkg/skills/loader.go b/pkg/skills/loader.go index f4f55a698..5749d8983 100644 --- a/pkg/skills/loader.go +++ b/pkg/skills/loader.go @@ -55,9 +55,9 @@ func (info SkillInfo) validate() error { type SkillsLoader struct { workspace string - workspaceSkills string // workspace skills (锹ē›®ēŗ§åˆ«) - globalSkills string // å…Ø局 skills (~/.picoclaw/skills) - builtinSkills string // 内ē½® skills + workspaceSkills string // workspace skills (project-level) + globalSkills string // global skills (~/.picoclaw/skills) + builtinSkills string // builtin skills } func NewSkillsLoader(workspace string, globalSkills string, builtinSkills string) *SkillsLoader { @@ -120,7 +120,7 @@ func (sl *SkillsLoader) ListSkills() []SkillInfo { } func (sl *SkillsLoader) LoadSkill(name string) (string, bool) { - // 1. 优先从 workspace skills åŠ č½½ļ¼ˆé”¹ē›®ēŗ§åˆ«ļ¼‰ + // 1. load from workspace skills first (project-level) if sl.workspaceSkills != "" { skillFile := filepath.Join(sl.workspaceSkills, name, "SKILL.md") if content, err := os.ReadFile(skillFile); err == nil { @@ -128,7 +128,7 @@ func (sl *SkillsLoader) LoadSkill(name string) (string, bool) { } } - // 2. å…¶ę¬”ä»Žå…Ø局 skills åŠ č½½ (~/.picoclaw/skills) + // 2. then load from global skills (~/.picoclaw/skills) if sl.globalSkills != "" { skillFile := filepath.Join(sl.globalSkills, name, "SKILL.md") if content, err := os.ReadFile(skillFile); err == nil { @@ -136,7 +136,7 @@ func (sl *SkillsLoader) LoadSkill(name string) (string, bool) { } } - // 3. ęœ€åŽä»Žå†…ē½® skills åŠ č½½ + // 3. finally load from builtin skills if sl.builtinSkills != "" { skillFile := filepath.Join(sl.builtinSkills, name, "SKILL.md") if content, err := os.ReadFile(skillFile); err == nil { From 0434b49e8d9f85ae52b9b68efddd1147afd54d30 Mon Sep 17 00:00:00 2001 From: Guoguo <16666742+imguoguo@users.noreply.github.com> Date: Tue, 24 Feb 2026 13:58:54 +0800 Subject: [PATCH 48/88] docs: update wechat qrcode (#705) --- assets/wechat.png | Bin 144045 -> 150574 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/assets/wechat.png b/assets/wechat.png index a34217c335542a13aace2103bd15ccebf94acde2..e30c34e4ed81210338d63ee4486c4356d01ae30b 100644 GIT binary patch literal 150574 zcmeFZcT`hd*Do3b2~~P8p-B+|=~9D*Ceo!hl@8KDI-y9BDj*;rAYE!iy7U@~^xh#+ zI+9QWgmChF@Atj$H_jRNjC=1N_uTP}cQaPlBYW+=*36o7uKAnmxAx8a%{qYcnTom! z01poUz{C9kZk7N~0E7g$32ze+65b{R0ttyoC`m|&iAiYhP>@kF&@wVI(9+X0v)u(T zvv9N0({tSC;O6BMxF^5_5_%xS|KKja0RLYP!2<$;Bt#@MBqTKa%=FCs|BsKGP5>3r z?J@!&J{}j~78M>o72ZuR0EFx3ZM^?D0RMU5-NMK97f3`*LW-+UPYJk%hmU`Y0RQ%F z0s>s^VBB>80o844PSHn%G`g>VTpqMyVafSK+>dLz==3I#JmRlC!-+}g85o(E@AC5T z3*3{Cl#+fZBm3m3vWlvj`ZN6(28Kq)CZ^Ulws!Uoj!s_QK5u>f`~xE1MMg!(ypK&u z{g{@X@hLN_ps=X8r1Wc9`S;qo`i91)<{#ZXy?y<#fx)54sp*;7x%q{~4LIW0@6E04 zon6$?@yY4gIr`%AFS+ml`2P?K_xTUO{wKMpaB|%uAiyU8{v{XQEni&0ry{t`DN0EF zNEi6ZgN92ijEMGea(+!0F}JuLlJ2$V1PMKl#Kv9JU!whoWdHXB3;%y5**^vQmt2bg zGJHJT;NepNz<|q=SpF}!{$2k48~j@b{;dQ5)`5TPz`u3i-#YMb9r!<|1D~c;O3AtK z|0r9pt<@#!ald1`c9u^G7zb*e#Xz>|Am`(S2b4E}F^3z#VZM1AE#7o+3B|<$==y~J z>N)6m5q!06#K$wb5gkKG|sKgG4<|G8E$WvsrprveerY^Oa{cX8kR>D%*v#&1-1wAfX$;qYA65?HfR( zBePycclGn4!seYd#|Ug--why`L~#m;Igi6$(rsEHbJ4~(fS*ot*h}z+#tndYEegCX z?u@GiLY91;hS*+r>pwpk`==z4pnpE)SR1W{5ydr?{g0-AuvJFTF>^g;46VC=4*n3W<6DDPN7YIu#aC z5q!rvt(5T9M9d{~SdIlFCD|FfhA7Bn1%kXN$5S+5GJ7dvU zmCy&+IvrWv=Z`1ZKkDFg0T0D>(z7wwkf<8#JaSElv|Hn>Qz4AANDxAg1v!1c`l4j<~Q#Rg)R0 z5^o3kk+`RU0?YQX>~mF;MH%}ku72)3ENcB;@iv|h_lyotNfl&4(mFq)7Qu%a97+&s z=l%osKRxzmZwq}~3l9mFj_(Y4wgKI$to_PokByrW11rj0C(J>-dQyCkJ^(<~UfO%# zG@dY|YYr}K2Pn3n7}Oi1Y#V+=7A;+s1br7h=?;fH8$hl$x>cLXH~guzc7cZaffM|H zW&uBo*SA|X!++#O{qUdaFR7qZGc}l3HM~&qI@vMRsos6o71uRYtdXgpRSH`>;&KL` z?ye2BKffKcUM&SZuh;{FAOmrgH-Nbc$i0i<=acXzi(1~_udLKF2EVFTZ;it3?W*l8 zjXzHQN?&spBMT?jUT<-%Clz4Usj5dR1Rv|8NG@k&E#Ao6$-;u&seC%?q05~|A_)=;1e|znG5h<99#&>X z!=|>WJ@6dP*n^R2RphGRuIX{DNGxB?JKu!9f-q%&d!4kY1@+Cver!Q=>~>uT8X1Se z+C_=2(CVuF-4G~X_Fv{vM{d8DhuZ8oO#0=3Pv%_^HW~YxgyI>$0zZBPI*tIk(b&{r z!o0cgF1eh&D5q4hiA;OLJmK_DS;;oCA@8*hX;lAjJ0b=)^+9;s<0ISfp^cS7^WNQ( zCt*$D45u7MBZ~=Z@!nOI@VD*P@J-MIt|t6ysSif+r~S^^RM7^!)nod?l?Y9!_-rM# zsyfY3Am7m=J;BD%_A=Bds-t|^ntqA5CI!)|zf3frI1lAV+ZU}kv)`SrC)W%7l&{9_ zn6>cO_4Uv#%om@nu*8oy048(@e9E|KT5(M5x^PH}+PrKv+apD{#a&erb}BhG>^0%n zCY-$IzG|)|WKd|J(Llnzl9KWk5TB^xKlaMvcO@4QwIs={uOJbx#QNj8?%`k?^k%=w zFY%okaHbcFng<9Z&?(QZ1=OlPkr3ul+V!j&P^@2xE+~^O`?X2;TW@HQ95se{p9Q@R zXgq?_AY0$AJ`MNa`!pPL`I0rU{vh|^4Io+E;06FS#2Rb_kToyGo_`Zr4k;bAKB-w| z@y5bhM9$?K5J+f_gvdQ@+Qq_9s@H-vE+`IzXGwIsZC$uol8q2<0z`1^k`LzbwmH>AzWA=mXd@ zem4FRjxQ&L66_!GMxAHvbtbBX2oLkDH?)Wsa2A5nH9uJlGMX#Kj?&x9z5ND2je<@0 z4M5z#ohr(f#7)&X>rytK>KSldR_-7M&(7-X}HLCrL0g(c>~Vz znP8vL6^HGr@XP^fQ?~9lYT(q`25`R%2L!`$hPKy@@DWMVeqd zdqis9mL-DG_vtH^gia~Om$7RUbZiR`XP1<<*|xBh!B*HdvkRlqMY=0xu6;;$aWD;{ zH&+|q3ANaLG&=i}T0-w9j19o18B`#l&5(2&Kwq7wApq`fGnW#krO`8L{$*IO%hnj< zYNoFt^iWN{xtKz9OqtEut#8uI-0$t|EE5;|)0#Ako<_Rg)PBDG!V6f~ocP|EBe?rh zkRZGPBo$qiS5=p{Ve+EyvDOZgD#1bipA0N_EZc*D?}ZW`$d+cFJGcF9-h%9Yd~XeL z<$dd`2&?ykbz=p&fsbcnPNXIwk!rahR4hVPvCd=4r>+!KOx346=Bh?9Ho~!=Z77Yn;SpzqKcUx*VfYQ9Hb6mhuc^G>GIJ#4F1E?;= zMchzneakbTNTFryXQ)?SzxD1!If8|~PTs5N1~3J?zPbVIO+_cvrQQI*pz}kVleT;& zzU{aRTm6AU9}ln)f7o@E1*C`lyS!s@fH`ChAA^HB@8+JtG?K0me^obRt65DrIMle} zqu4tCSZlhf`psdLt7fKpadpOa^{dt9bFy0s*Si_<^3ElGx*wf%Ruz98<2A-S?Dtqs z^sBbtXv9R@;yO!?nXPX%Z;-}vFxy_1XVi!hT93QFR6T~$uso)9I_j}r=rT$(wp3AW z>|Y~Z7AsFs7IXLQBm|>&m+R4~8)nS}&Sfy#qII4Kg1HQI+{WhyslBhJ8yh-$hL$&g zl~)I|tynjT9-*|KmGjL>U*uC%A*BI*k0iaO6X@;+=IIT>6GY`FSo`gtuF~HZg`E3u zHftosTQW69+N3Kyb-nx6AKxAJb)_$8kAJ%I{_Bqt-^yGDp18nVS8m&>+xrLKPxPD| z@)fs-hLn_kc&}G;(utnhc>8#mz9_gg@&*8}C_zdm)IpiemPZOnL(_j7^iJ%{$iTd| zoe`OJ*>V1b&50^mb3aM%mEI0`3oQx3ccc&SNv!ZGZTTd^%(n>p^MM89#9Wj8Y*u!~ zt^bEsLYaoOpB;^A{QmPqCGc$R4Pe8@0rc0fby#DZBhcA*ZU78x(shu_TXQt`C5P`# z#(fviZ$324RhXzQ5~Nt14>iW_y8{ub7`{vCYX!(!2e!@6CDq(a3TY@G^1cwdNz>WwvoX zXyv`q;A!E~PlYVS=t)U_NoR1~;^EOb-9^+LWuMFcGGa>$WVMxCw-dIu;{>WZ2|;v= zz%H_OBV48JgiPiem1zx#{!Y{5U$XpPO_A~)@Hd2kEF5?bKjbQ=b;3#;&zajA^j&XV zm*pFb5k851%^Tm+(3VxRHvn}5CVD&a&m(K*Ed%D7f6X%UG9u_vWAWxd>?sZ*5XQ6@v~e8Bg+`9MUSqRFY^u^&q-D@ z_kLKE@u)dbM6}>#5zS|#(q3=$hC|;pw+xmOE5Y<;q_*$ww5mI74TLZ_y*T6Bb;nwN zMADMp{*_-~`ysyv^gL0}%c5?oZ(n*Y`4*~ryr+z<&#Hz#KXys}`7Ssz>>)-#((IEE zhjU!%0;_Y@k*E)w`bzHXEfR_SOuCts;=~9pT4L7$@a&Py80*}qqDaCUpSLc;wnsJ> zA5l?kIKb)!-)tY0Ua)OTH(}YLst78lc!rvQY-VzQq=d<_G+nY!?^HZJ7wAcsmi{CE zgud&Q4~-a2{d)w{N!5A##EG-F!&dAOu=^u8kidt)==0Lf)NV#NKhq<3HS6WXne1}o zWmB!8wJsPP^;@xzu4AV4HMOmiheeaZ)>J{?2|khKpDXOmwUbyX`xLH5hP`Tz|MHP< zMP7>N+8I%y`53;EY-mpvbrtqaa1XM8Jt7^sb*bUV>6WE16mRlz9l3C;)>H36mcv$v zfK#%WU-u>7e%TlXPt)_8=2^STREUCLIXbB@!3r+)^RBx%lOp2voXG~1)IYh-@N3O| z=N^%%GN?4wFtI7(UA2GoB0W2gIdc~AK{0G>L}=^XDQB7Gldo*3!&jU3rSgzx6&p7I zk{lzw#&DBGiT5#{rA)VK-^R1fZ}3T_NU*(xkqIhViHvMiOrL`8ppBl@C(6}Rk2St~ zl#bDKmu)q5X-(xx{|$cs#QpKyeNoZW@m=qw`BS%dc}M(w*S@KjM&&zT)CL0rGvW{G za_K-uCbTqMmuohk3_#5%JN{wEX999vtm1~L&;K&yl)qd0M;E?4CDvac>_nRV^){&Mef2huNK94}*4x@YMvXnN4uodj-VS{jQbCpbUf8jP$~P&7?VV0 zU~;Nj@*j3yeVXr-o<*#$(;XMiwo(Y0-jD8%c&hIu?`WpHZ0=VF7E}AuBy)F$TMU8M zB~SA9t7O&l_dckEJ=Iqpm60LG(j6P5RE;bO^}NyZ*y{^czmiaPz3($u_u_#>^6g~p zwa$>j20`A+SG>vy3#A2&X3HBS!K?OM)7YwYvjo$*UTH;(tAR>2j+`OjQ;xb5R!D3zymFF%RF9gjKYZX&Sabw<E1sZ5(=E%^lze>M2?efFr-*6@@@)K=C74|C3xm{N?H>X zsr^<(noBxE8g*{~3BlZOA?GW4BAX-mL(vAr+vSj`8t{fR5Ni%O61f4G)|;e!X(r=~ zFvyckqOV6AA;Pc?-E?Eu@~~_2XKN%u#sS7kR@W8pZUD?@5VR%(HYn-(8W)i3LAo8H zlW-CIFDq=lQ>|sc)q;n-K9){3feDQ0U#7VHlZT7i1a1IyHvqPrjtyCgJK5 zE9ko98BMW0U%5is3tDVU07MKeMxMK^?7*}Gb}K8heiN_N;U{KR+Q*z7e%>zDn6F@W zEBxQ-vy)tuv0WHqtHYz9t-o|>G^JVm<_3_y zhCZYl^h@nqBn%UL;`^1b*|J6@(``#_JE<{b5Za$%P%)p5{2j^wjtde+Ao{_y4T7hq(&n1-$`_IPIL|T>$(3!q=vE zhYQ5ohP`!_ACT}Dg#MihzRBepCP3s0alt$;nO6;gW#O`U;N&k9qUbc-8j6(F>GTcY z-o|UEKZ?9J09ZoOwGa4`++EGX(oPT^zf*`z+5eILM--4`rvhKb8Wi*UnIN3~v_S%Y zoT-D=t3H)1gEn4G8%mg-?o9ViQSm62)Rzu3?!N!LXm3WiZepuhwWH0UuROV$-ej=U zwE1yPezxTO3L8Zz45P(^!@+zvfX8&ZmwcD+!D~0$B zOV2Uwyg2EIYiy@L*_D0ey8ga;EYoNmFXhRSh;y3e2G!rf58%z=nqU2m69ark-k_7c z&6XY_9>6zkdLbe*=ati^-zEF6n9H@~avRsj7GJ{*XI|IOc~8Ag`A~8Hjme9xc7LeX zbcs5mA&dLdg1Y|h!@i)>4T^;p{TaQm}UJb<<#7>sr&bJhbyV} z$pR5{-xXb2Sh4xcRVP!a5sX5o7fzAaSE|;tNmS}wD_Uikmw4#d5!*Q3hNohTvyX-Y zbXF2$oqp9?jUv_Qz8*8t@LUGqT=nFnjhIIAv>ys>v0Xh)OiL#XUUOEyIZB@pCtJUrNISNA-$SP;PN>zk-Iga75%dJkFI4Xx{!8oU z9Rq9g#Auo7aF)72Qhg=@X~`m+%+H0^MqTB33wOT7-y6jQcv)aGa5_g7OmQr^g(Yo{ z-BVBTBc%Jo`i(6ifbc&qg@Auf*$WEA^3&=83S#;HR^`8$Ulq&c_Kg;;NV%iwO0Ltyu?{VkFy~HgT~FIJ5-y-3E=o|o0qFBxovuX3#lQKvE7y|ii)wrf`ga1XecYMr@WF2KK%9(ZX}Gqg~B$#})I6p>Wr-w`hv_UfKV z_fnDZdE=GLC~(Iz8SdfRML$fA=JZ%>1@{d=8mn1STb!wO-NDcH3W{CS$^>(3 zk->3j8RJuFYRI!w7s3CGf(6jH@#XS_%=u!|b}xc z%1VV0I_=fZ8=3rrN{QVC!ALf4<^uff>33;_507(sR3-HY&*smg%{FI)sou)h*`ARy zgtb=6@$s%s-QJ&bhU54BUKn;8Qi?hlpTf&_sntuKze+QK+4ThqH?GgN>db!cp)G6? zK^w}0C`2A{ZJy2Q1k=?TFdGW|JYKowaA@t@WM|0AaU!{s%R(c;cR)jL%h)d$F#BSS zyk6X&=fj#YjD>dF z{r=H?hoY399>(csWv)vR;<_I8Y|9gpgURb!Pn9r5m&vPj36q>HpRfYck{~LjaYu*Q z%MgEm;E19e-hAMkG(wKZCzwQesjZN;Q2354rSoKw!=gBS=T}+0L_x0eXW=MD&GW<% zTgHdg0d>oZ4u87m5~S^dYKr{`H8uLvfB3W)v!x{r-d*_d^$%c7@&wwg9YyI!Z5Edg zIopeSH*d~6L;AswNihwkfvj3GXPDS!id3QJHK!Upxtz=Q6JFCFZ=H7&xxG>bYSGjB z4c1?(^48yMY*pbcvK8#HZm$gXx_)EzM4#M5^ry?k4BNA9^R&g5x0f@YqoXj7S^}-8 zcg>_-S7^SRlXPsD$x8kLmGZ*D9 z+tZPN;J%N(loxvIsZ(??D~w_+T!zy8UOEq^r`U63L-c0G;{7q56(*1Lqe&6;j zJC*=Xr?izRiy^y@K_g=wlWjmvw9c#Pr;Qmk>dx1_1T^S5YmfCRs(ognDmtEfFEo|| z=d67n`p@)doSzj=Dj`=WHc?6|665def+`shg&BQe zEV36e-oULAas1t;QJg%t1lALMda8qW<97H%_TL4oIBUfM2C)M-fD#<$!m)Ug_QP<@ zu@2N4w#`{ri3vP^12|c_0kGl_%D8v@X&x>x#GTI8)8eIGC*$x4ZvMqp#aDx=|KseR zH?95SriuTmHTEA5H2z0hH-P_aEa?(QRKrDwr+cRV)eqdYEnG(;itH;dZUCW>|GWeP z9na%n_jLdmhj(`xu`)P#ROQ5v&vymFW~Drv{!Ym2-?IE~khI`u)D0kRU!G!P(5K3jrL4+2nOpEp`B?fxR#E&@C@!58m4$S> z#+QF`0|?>7;jTKoKi)?1xW(8yqj&W#mN2cxsrs4RKi-WAMNyRbIpN_R0uKjID)QJu zIQP~l{z$OIkt?pcFvHy&^&3pkGNO2$dc&XD1K0^=0H;3$!_b*1!l@oBvSJi(p1kLv zFG<3~&s01qWce_6LgOT5N$d5^wrX@<=UZ9W`!5YqyT8(7lp=lmCd|XNh<~B_9|VpA zU6lPnaf*t5R^3?cjtL)9awm-n8Tn>rqSyRdcf< zb$V@%9>&7#5uzq0%AFwQC&TSM6#ZuR}M)BimotIu~V|6V>k+@lT51|+t9%4jkEBw>9ho2CsR8A3f*tTX3R=an%+6gMCuAs!Yjgx| zI+@c&?jiW1F~QLG))-r8!r)pV=RhDK5XeJ)?LT4s=w3NyfFYuUI|mi;T$PJC6w7;Z3DxU6{i96^WA&bcZpnL9#5}ld26u zqW52NfP{>Axt4$&jli<=FQj=?id=sB7O2KZNywcY273Ce7dt{Y{&*~3>YLa#eie?- z0=vpSASw(50g4H**v!jEvmYIIHwLoL!Zn3AN-x}ffeAzQ?%eV5?tydS@HI-bct4o3 zmARb?x$Btj>`!att`PsA@~T9uf{8OqOy(5okFx4pBMy?98H*~J^kGb>a~jGDu6s;p z$P%jC<}o)Js%SNHN=g+GTd>E$OCT(LM zBAz@D9#B~~$Lr3Gcis_+vZ9r+iut}vwVnPWp8WOK$>3@U^TU;Rm$%rRlP?rJ*F|5Z z_ObkEdbmT?%g9X=;UXIYBV93@=0Bpj+D-%LLa&WreS~(;FXYsYw4tVt3tRUB(W02< zP(md`MAx>n^I1+!v_3j@orUz9X8m+H)8o(7Rbm2L+s=8Y^Kc1me9RkkpyS52T`bd~ z%iRy^0zr+7FMQ8v@fr*L+>~b_PTJItmnE6bUa#C7cw$$k&Ygx?0YPm;NyLZJqVmf1$2>Y4SLH>vBJp+|>_pS__)ScV(Gpcpdg zI$Q{R^2{j8uL7${p>o-C11QXD8{2?jQbmYv0P|e9J#M`RA?^{YwjP{LPo^>d(^+uYGHS{uR)P+ng%9RCV6F<9(Qn@nKwM2L(CWd2Og@R z^%s(F0wsZu)Piu~uO+UfC#HuLVQ5?ypC`I^?Q|b}BKd_PvzL?_8%V_zfQJS-VBPiHyP&|mvn9++6p&J zei@t}^J+F!F>2}{GAFYBYw|D3{+dIt^fv&pV077@V4v(kMpO_uxY8-<`{bm;L1JaV zZT4RufX&bh7s<6)Fw?1AnY^68aB|UO^!3PKIDe9jy>9ao0nJ=ZCp=WKv7lXJx&&R1 z3=a%`qC0Ifa}xD|7=QF!hZ^$k5HD3B2KI1ovOPAV|Lv?51u*tBP9sP0ZavMQv+O~d zF_OFMk8!B14;w#zc|p5M%}l#Mki)d=<~Y>q*(B$OYOW?{KW=%-$d7Kx-#q;k0?5KN z%7;%Yzxql(KKii=vqK++UmuCS|UKeBg-aKPo+7m8}Z9 zJ+3r%r58V$6g2#3Y9UhMh)EoX-Z%<*fmgU8van}?k|3=>Z<*yz!haFVrxON--vQ5x zgFc=j@*vMr`#NfKEAk)vXcIW=o3AWk_V6iqUFBe0pXtv!FXyID>hOMpYRBGV4B#SU z&vS*R{uor54M*r?O0gsla6}9W#=GJJckcu>ZU8Yk46z-1Te>*a+H5a_rnOT-1}AW~ z)9wShW_Q5f%@TZv9)bF0^sL^=I_$bMX>S`{;KBEAcTtcGOhcS0%Z(axyUUiz}~ z6?CqKOesrW>t+1JK&!`5L7JtUjdeRe{_YRKO(FuLTTei#~R#;m!;$8nCs8wK##%iqVv519V=F8WeaijJOukJO8;iJBmV^_V#J)@ZP+r5$15lG;ovot9JLvG)$Y7w=;;m?|M6-ACu1*<1ie|zIJymrl~#dd1hB8VTehw)katU z41(1oo&>N}4Yprnb)3|$7=tU^Su{>7PDieeRu%%i7>;VEWMsZ#gpfV3kb9G5u?C@fhWe#(yk1Mr#KKzgY~9-Hv;kxDCw^aJ@yj%z6R~fVa~Iy_mpq z%)bjupE61CQiy9D`7;1{57F)SP)9*GCeZIU23$BgQYOzv7R}sY4+eUzsVPeFqPh91 z)i_v7a*({_q;QLdmW>fZXEs*u*7O*dpX)@_A=4Pgalg!{Y7Y8v+ukG6E*h7RV$EbY{tL*~+e- z@lH)j`tfqbbGtVi4GBE}Yl2JEJVLbxL?INU3J<&iP;BFDg4cOTKAy#dju*CiG?snr za(EG+=v-TaZb2-WnK=uwYy^#)J`R7FuOS!yweSmozZ3cpC6$Syus{i*Tsk5|B+Ss+ zBVxu2n#A{85AXfTncr0cTrvYL!Rv=TxXpF|?eg|~IB=#9-e1lvWhLVH=G1PlWvSQ> zqlK*vI0r=Z8gF!UgN41m@*2@5jXQ1h|SI$Hawk+i?(k0$s^Hc1&6h*Dw)A|bF` zT4ZhwoF$KX`*>|>O-!;})tR=0gK2Q!Ex^5}B*5Sh81!u1TRVPn?tN9=(nj%`(zxlO z*-}4`p_>Tci~AQ_?Z*MJV`ypI3O~M|WsjaVvtQtq-KM|67i;U=oe6+nb}9ta+HTKw z+sUBO@@A+#;~(EATvX!j7NssOn49)BP?IT9M%*i6JvseCrVZM&q71V3Ds@uiMhD-! z0oWdT@R-`}bCeQ9zr0u!{TxoTm8Yv?UKh1g`U21*Ebo9o0*n`{8OO^>jce?E zat#CO@+o2u;k8&WMk%|~l0tRrS%S5W*X^=5p!;|kslbS^P`p1q@3Tg8y!x!(|t~PNy|5!2P z(?Px^Ni=>vCe4l5adz)#g+H^D0@Qx4h{@jZ<3LT8VbstDRTy5iR)Y-%C%Bm!o1wZA z)d(RRu#(6|+zHnGpd2iKY%%#h7XorH%JPmyk*XEg0(qqkNQQ#D2%Fayxy@=OL+JJ> zSJiTZF%Y}PnB*U-JT_t2fniYTWT<5O9rPHMrsLMa?&Ld-8Q#?cnlEV{DGGSE&Da{P zS6iHrkon6+2Mk{M7zYg;>;G~7K2Q!th-rF#WYrXr$$#mpAzEzIB^1O(VL*t<(zoMPpVzs+$D1a5u zN;PEMl4?%g@zutPpmJu)sM&R6x#Dj1RZC;Enl z4?`|4tH}5!b@Kq9PFlRSe2fv=Lb3K0c~U4>_^w9GB$JV5y*^7io*Bolm+Qa0EGw#3 zF%R0OH&ZQ|kQV)4qKDF;mNUO^`z`i0BN)4OEQL^Gy&>!69Nb;+RWhKMY=PsYv ziiYWzu_`Us)@N^#>Cg%*CkEN5AGH=^cYDgUDRoBsVwhq++gy$V)6qCkg=N@!52*)l z;8Mfy+-z{hb)}km_WV$@MLH-)JU$TK9)rxmrE-N17pJvnzV~m`}Ig*ewz@klLS`)Kz)&_ojAWG*L!Aq zmKj*7;qTn>+FX-{b2UDiLxn;`0oR*c?930ySz{uGs+2e=ufcBV=TeK^g|4qP_rp<- zEQF6$G#FW}D1s(|T^U_z9GE5)VeJ<%IUPGBq6s6pX_G-VQz4vaDEy75qas_DnuJ`~ zb)FAf^V1Kvs+lsEoGDcvb|Q*B*kz{_xmNv-d!%r5nDS3FKHg&r8Z>3-1U z^*PZ2-^~JbFc*CTaG;=b%4PV*Ty;9`qPWUcxz>71lJ6zc8ws12){6D18#EriNGo_l zq37|pKNZfvp z=dIi~fR}OF*VJjpkVwTle%bvYG!xaYQCv%Y0r1-&Oh+WX`@0g8H;A-MQ_CDKwpUDe zZ+j;&_h{CSE$km48k4{)$|T@NN(}tffv{DD>Un)#Y9CGM~!=j`QAGk$87R8%}A^js#bj3lCPWyahCm z_L}EZd?5anqB>5&di@P9A)aq zvUF4fUD|M3EZrRD)>PHW;k#UR4Fmkq&}B7ML*Lix;Nk7t;)tzxrKqHyz$H0G%a7_4ecdGF2lc)F2XZ>V zNj;Sm;RPxS&pV7ZHmnh7N^(EngJ6FN5c$3k-0nrwbh1s?)lkhqC#Y8db8oHJEol{m zyl(aIb5iped6eTzG#{fYK5Eqr1CX5#o=CUfcVqxlV@XM~U8FYWbcwPO+CH!Qhkay) zvJHt_cW`sC0|@6j6%@(kHu$2cS8iS47?2Jh!p?K%Yxs^~<0KR4E^ERFe& zF$a+i(iQw3>9Vh@yHpoqBNU>_Ojm2tkJSb`cX9)5ZduLm?wZKog_<@TlS!BFgLJnw->J30O>lD0j-nV)W1&MZb#ppUxHkyb!2QUmf zC+XHQat63Eo^)|!q4I9+ExJX49j$0qo#)i8oz62*?`;YAg#-js=P6}ziJu}|9CNOM zB#dvoTuvMj5Oi~)Bvk+8Lqg0-7N6QV@JC6J4!0f-Uok0GWJ10ZVRR`sv2EtqN?4LQ zQgs@>t}yTD1>ad&ea}1ot0tlFXpBsLR?G!Auw~jK&P(1mfLO?#leIgK?nX71EEy|P zQZ4ot+b987sPJ0Ak$|9{U^sbTuN8BUT)AKN^Q7m~*d@CX+OUlcTZ^jtK{uE}#WrX$ zuP1K_Og@@V8(8g~nU3J_`rSByI5osg1askj5q*XIYitt1c8oSrqneK=O;$Z)Z?b)oca1gI}Sy_tc z^e{UbtGm4b#NMhurw`k3b^&i(mqzg!1p0iV_qvmRlx>dXslhnl4`ZZJ_ygCUe$T9$ zTbY#>6%{gRLW&#B8j zm;qAUm0wclkolLm2BSj*qKPL_;f2wvBJp@3a_n7Q4)gujqYGTGWyKMjZhhY&%z&jL zpF5Fea%x>L+BzNJ2S0{&!?2AGYKuLF?^31GxsxWUVwi?qtw(QC+hFHOb4;79O9-jx zuNYx;raj`2ymw3c$EUVl=MQn5SEvTr`=KcccY<#Ri&yS3yS}%ZGwr*sN@&9MGlTja z=uvLzVtX*U5jFRC#=8P~$In?)cF8h{v$!eYovJ)}T#vYYsg}En1Aaa_6$MkPN4vQ} zHd?}jt146`mUJ`{NzrE+jUP|DhekF>Lcfs#T^@}iTkRnWYazI~*$B1dtS6k> zB2P>5T^s2cbS#v51bM`O`X}76UFb~sZDeC;{m9FP1)-|!q4Tu%7ohVgA%J@b09_mm zAB!_RjQ%nuq?KX68QG@yG@JWngu)Zs_uQrA2j+j8E1lk7894^L2}pqNj4-Fy(=>jB zOe|mjM0^Dni|j|{U#E62j>WiUI9rbW>i+}z{n`3%?Y7A$(77{c<9YzKb^tE-iyf%@ zVV9L?{V}+^K!nrX1M{?&VyqtEg6^@L<+v_w1s6XmU+XI#W>wyw+?Zv!Ycs0D${ta# z4p*?&k2@7BA^xP4$~MpuDUE{ceYCnHNVDz(9r;?~ zqA)0qI6NVS!x^%{ktI3!PhPo@*F8VrRQtejzc>9M+aS+eQpoh&B5(G(z4HiIyLnCo zGV$hj?g~#j&w%hyudTaWMAs`VZx%t;yODw=Q)0dG^@4ASRLT9S_qBm# zl0!j(NcLJd1%vaCnd{!do<++T*Q$YS9+Dft5BA?5YeA2J#Q+Zwxgtl9Eb{POmBbBz z(of!Lv7okfPH%o`uqmAfV7>)-X;c*?j7~!y8=zRfIVdtUj0@|{su#C8n+5u)W!#RC z{Tw!a>0tt@U5m$n3NYfe-{Q_&Y&p9nOJI~G0PPP{7H-s?p-uiN;9j|XewydtX(|p>(ln!BMufUnL!`dyIUX3zmqt3-B;67r5P43Y&^yReAX8Piy`Um;( z56{ZD!9RBT+#z@&l-nT6AW6vAJ?VhYG-fN=K4$9N27)zae4f%W)~lh4`N+ugD8BE3 zVBpI3ZOLAeg*vG~xVl~KS&ZKs7bp)8qvHbz^U^bz$*K*e5{NqO9t8)wO*A!@W z@|Qsm(AI@PGT2FMPxCb26(nu*x@w~4_hJ9a*N!!r(Lf^~C6M3^pgRSZIAMEihct@8 zYj`^#Y9T?^Q#zXGjo1w^O7lxqK?zqOPLXGY$D7( z4^X_N2!q_MvZ}96uT-@0zS9+o)Wb zmy(roAbh_buk&D1I4n{)=n=9-7r7M;Z;W-MCOUvy|L%`X z>7U=}Bq^m^o={>f?QWw!?txI8xPbJJuuG0q>Ol?5&CA+ARCRSMKR!c0JIhq7*_W}x zJ<-9tANx#ZSo4Rzy&5>bRgR|VGL;THS&C!3CGfg2*G-`}g+Z<%Z2Ah%;w~*fSD6-I zX#d_@LxgJEH%sMf;+c{9cLSAsY6J3AQ^k(BmJh>PSqjnI>e-s(TF9&`!jyBv;_k#F!ytd!C7+l!wom{4N3$5jYdBt^FE`+hJPgZNSr%DDZae#70Q zb8BmjtqJ-ZA0NM%RtNYQJ-0p<(P|cW_uwEtJ!3M(rl~e{*q*PMfR1mC>GZ2SC-O;G z2xEKH8H>Q-pAF8!6zn73exO`A3TB;`yWK_@2oqU9o9XQ)cAUw>?S!* zmE@N8#2S0s5~d7rH_hm_B3j#945_{heB|?zi+;zAGx1@sJ^!scvU351xc6KsvCdh(#<&5xTAQx-VOWBYL)=i$Eb1!Z z0m6w0*k?A`rO=@DLs}+YGwxz5(ZSpvBH~klgwo}8P{7G0KmKMF@GJxcj0&0NhXpn~i`8GIhr z^%J@^T_tvDI5euA6HHi_MC@m#7d7kbH!C+^TQA(mI(UrWaJ}!5s0y5H0Y&Blrm!Hi zhxe7#@t@y4D=Tzenb@38?O+Gt?5P=QJOu3pVR^)pz#$({f%p|)@ zZxULPD3#qa%yt-g9HmytXGV73$wi1uIA5xa$r0qYyH6o_!oBwq+&dD2&o~j#YsFWN z-?@iq`z|tNp_Gz3vhkS1f|SXalICaZ2fj=pR%h{{UuE>E4HBkzH2YoQ5!}vCZ5~JP zg!o9`J>?p{ehGso=i0jl%d{30U%qo{;Rf{zy!SW69z*3sroz`}<*t6DP~QLKxn(mg zyLOAT^{GzxZ;3TnWiNblbGpJ1e=UK<*rSUo;DK(+naHTLG>Xae-w*@cHBr&^og)!H zr7QR8%n>73KB|Y@x)%u9fjrpx|D5If-zg>J|D4PJUa2qt=YIa5`}x1_89;g*-9oyI zxYX+T&h?(2*8j9Tjx40wXWO_Bk9aUw|M>f70SJQ*RbmI_qTG`;(+I(|1Yq-ANn$-P zy#)!#>xU)1zDvFG{(t&4*~r+3P41q>n1NW`4=vAUO}}^;KMTBquV#z|<79ww1sK!k z&JiruJw7Knin?-b>aw^v%eLBBDa!lld) z+Bk0DK1umlZ$&IV(uN0c5T4ek(05Y_m9HWSp}BZeK_CI)K~ii&d_ z%v4`LEfBXUr$;0x$9A-u)*IiY;Geb5@q$6fN>0;Ig6B9J=95XoCPnHroPUMgb((?W zodVUPXlv>s1my7SKii4`57`1OHwaHOueCgPbHIAg=*CyN*7yZs`7TyBNw+%?oP1}S zK@PbW#w9@(ge%6z6*-PnjD9sgF1q@(S=9Nwt)|hLmW{4FDsJZVH}jNJ|1u-yJEcVA zI;QxPT8PCvU{e}0>dBskSbr` z?AL2wIqsEAb;RR5L>)|Cq)WX}-f^b5AgU|UE+tunpo##b&#eDR zKcOar7)fH~+b^y`wv zQCfX$%J0AQ-)>aweVs$r01j=Es1Jbz+G zk8cBHSNN}$YLOq7Jpzlj588z>=|A1qvt}clxMnE8b~?*PoDtpN{P0vuw55$DPw-V(_YIE(RhKFb z$X==lcJAmQVz54OZu4jxgn#g$b5v=G2lWC7P98gK_tQ;*q{1Qrjn|S_?wd+=+&|CF zt0f@B!OyeKVtj#M-zL-$KsmI#Q^9_JB1HS6&}qw`!W(;3LGI&$iiaXVQYSj~a)53{ zfo9D9f-70cY7pA?R)9#y7dxtFuujW3mi)7L>*Z0T%j)~LT*Ya)=>1Ga`;Ya1+~xU% z+~X5SCEzZ%1Mc$jbztSpvd3R;Z-3>ej&_Y3`&jOCJZ|umG!r8-2r+po!I3+H-VdzIDKbtJp4hz;V!}q6wv-3 zPpxMBKKj?RyruJL;Dtd5Wj81H+#AZcLdeBi0@2wn&7agRzu)uy4OxuN*zZISy3!JT z^zjv8&e=;9ovx0jUo-^{a6>FRxQp8_SAYrK#6KN%fD=02ayU}{4cTrpIGP__@n@kp zc>K>nvetmE*UJIjOoZiuRqU^@G2pUKmqg86jw=N#2W21<*Xsx5f~8?HpZz;Bq7%f| zrCPTw$1HVa+>1QEkCs0Epe&Muh?@(*sAfIo+`LngyfHGTc2<*+hop?F_MVNMO%J1j z1o#5Ga?`cnkfjF{hjPGOPYsU0E|lZMhC07{ zAntrQRw>tX_F3*(&Aaps`y5pM>iK*ndr2rCLWV|FWm&4WC~2%nkZ!9bROl|~Z1N2x z!8ZYUvOT&N++R+|7)2J4^EPa%loRuyu*GV>+o(>*1*vAnW{!-mau+ z&Cf3;FIZNYBxT043r)R&D3UenB(Ux4d|19S#O(+D()1#_vdL$C&+O+3#tFn0$W{l| zLCy0=6xN(`2KLa10FRF?lb2$drtK>%#2f;5h`QXNlI8A zi969&0&gxC8|z1h_xMnQ(r0k{(cxksWATDt);2IF>`DYuX0y8lh_PRz&l$F&D^9^B|FcP1h`D4^#8i5Z*G41V4*BoepG(4m4>e0Akh;0KOWs08w70du)6uF4@!+MFL?%%7(8$r>kaM2LHgGoCipp_# z>$i0unt2_$^`_z{G+RBs8&@cQ!ZU~wk3GI1p#<5C$IPi)n|jqj=Nl>gYHxp$L~sZ) zz%vVG&N=ljsd5dMM|^aAGPr)J2GKWL6+_3Q(gVJb7vWr0mlHVF?IRt2W@WW$h)@R6 zsL-Hup!Npzt5PI3V*IaVFcr0o_vrcYbXBf1Tu9Qk*gbf2W~WE%u6qO&oP(5fD7`>) z9&=SF2tBhO;koL@vjUs9|m&4z5KU|ti` zGXpdd!WcGR_AOE~R?jznD9P4_KS(i1WDWMSQn$VYZ&d2*0~eJYt#opp8a;70@?qp* zAforPYG~~^Y&^H^ljikhE1n0PbdN#oi>3LlSkmk8A z4F#NXBFonf^uZhx{S(X)Y2ov)-!zph3QBCge)UX~(dr82+?*?vL`Wnb$m|QP#bwVd z!)RZx7$us$s~Ho2bhc=Kz^aChtx~!pHS{Q!Mh1()4_nEv=OA1GYYt|7-0)6r1852B zB5*Yn!{v-391)2!Wy{Q$IEJo@ew#mW-c6@HZ&i)=g_Y@%{&Gq+y0OrSUUppXZI(l> zO|)%=VB`m~6gW z6_HilIkFUS8WuKvqHa{o`RvNF>EloZS{j~MN?8SdFMcM2+p%R72mSvnnCM((t+^P7 zfcEFCm3y}R)n(t{%X73Tv8NL3&a$q?6czYWbT&|fHe8YnEC!S{_BjlR8g%2v84qQg zRyLWI$1@~hImAK=Qk<~bujfUwN@P_c?rRliGIj$~3HVXY0M~E_6H|MssP*U~;{J%f z@~uc{*QM#@}e5VU+<6jxK1KIbepa35Lj zZRFe=L<_kv%Vfa)=LA;&bpm}eft(NbqVU1Z-kjwH6)EveYk1vjOPpHnRo?QC8|OXc zWwz}}GRA*CJ?lR|eHpPC_h1~>$ivrm=$*tq;bm$xF5){`2IS=K*5aV9qfc$ud;yXh z-@b(eq9*-A9P02S@t?PM7Y*7k&Pqg)II>qeU7Q1^Ag`Ouy_*wgdfi|7W-d-n zGyaZkjtxErLPb@3|MoCT{{un6cU3{H{rXQF^e#lWUe6tB(Q znj%f#)7qIQaQ8|o61%?DR)pTRf12r=w^SbQG0C0-gc{Do57c ze2G~TU?hk95BT#BSwp?J*$y6IxX}zdQb(}baxum0nac&Q@RCk0&qtc-JX*z6ytkf` zyHvSH%yF`DNYAda(qf(Ys#NXoqE3CO-Y=QxQZQwVJn6S+(NQLQIJvzV~pC~&1XG^F46 zsZH{uYm(2?1LOB){{Cpd1dtlXIm!>S5i@23JI+uYJrS;NVutI?%CT*-!X~d)6a?hk zIf_bWsoTZ;+S8>HH3%n@(?6__JLHsU#yMJj2$r%};C<6x2SH8{1ez6x!{U(Y^dm{n z6a1?kPhAu}U7CEKrh`9-{yBQhBXgw~sfih~8{BwO9A<#X2Iu+N$5Xg=R|xL8lOG^+ z{7KpPF}BXEU3+lnO+lfH70n1%D856ZQZS4%fp&SiCSweTbE(9Ee7k9fbpDdBH^j^q zt`@Q;0#Dw3j#!T>k9J+iflnLx{HW(9`>JeZwf>q%&d^JA!jEevuhhAj)Tx+hDm!Rdt#PZu2WbY(I%X&00Y-2xxx)niMhy!-7?B=@|h zG{xo)(1io6ou*kw%iiBvG#HYO`suQsef@j-y{Ff91o-1_&{BU!Xa0sfS*JECBZy`&B1RC3T^%-4HRO;fuaIT^%1S2XyGZMB@bW zPSneSY%(WT_D+8#$3yQZ`VY^Z#G2UnJY3@l4m9XHy_+$%jRP)#esm-H=U7hLdq}m8 z80Ezh&+&&*9`U0phj*#lQ>M8`*3kClH3P0$RWHUBm>R~6sHr^BAE99FMh_R6o8j%c z{9gIq^jMUh_iNt(n-4bMV}6nkw+GY9U!aZ*5uNDEa53o3*vW5O1KKv;4|^f6Z~z*L zj6>}iqs-7P*(1)o6H3}H1abl>FS0(fH`dSvEm(Z7XMWFZNL?m&VIck z#^uk!c~#&mu0OMG4(+T%TYW0`q$bR!>I&SH^DBQikfw;#>2hclg*};_?z@Cj+10Ya zc}}hzNly!NzFiNFX=JL9nvl<=+wCQ33~rRWLJ;rn3}Uy@;yYdM5CW6z$hdRD(Fu@F zfdqG$phdvYw5;#EgQ%xGR#f*wkf!jr*>klvxcZZRxof`&=J$wib62kxj7_NfeX2E0 z0Fg4La=2fDue6dqdKEyi!YY)BS#elh^{knXKc6pRUL~yFNF8|y-Sfd0RRz!^wT%YF zt^KVA^x&-V-dtf!-?OjC<2*k1-k!G)jw=umX-%!d16gi2#`c30y=o72ss^x{(+u9wRmb6?$03u2(oYf$zof~Rwd#}80Q zTqKcYROmGGX!h}Ir1_&%%if7{y2|SE%87_eF*iAcbJNJ{_`gtOKoKaQ;=duqmcSA^7_8N`Bf)A)J$?CxuilCQ{}HL#NSyfpsdH{^};<}uL~kFNL)vFT>N z*B@~1%SwfZnac25%C+pS@>I#sl-8fA9oyXFgZqN50EGrTJLrS$J}92kfUE$!jie(? zwYNYi+Vf}3TH(Ijo6eFgI$E};eXb}6`Y=ekgNqt+i?x;Xgb+PVN%YTyk5qJec${j9 z5QK^^KFX|6e36E$gLo&+qsqk-Q3c2gm?*unJN|8%JQeUW=F#ccJ&;^T!OkUMBWR1==*+DpyJ_c99nra=bjp^)ukiLrPSndd=cMT zzJg14au(0fDpQx>4TZZEifQZ?IC*Ln3W16I9#s{j`ZuEMtnF~wk#-TrPk+S3@mqA}*)sLYlM4KS{*v?%&xZ%?pha1CGYYkK zL1G)-|DA**g22+FMKFOJ|rkP$uV9jAF?kCp;fYumAjJ3 zFnOgnuQQXe&-E|RWAqmQO8FafO8Pr=>iTkpa+m$z{x9p_enbEDipw+iOTHy`Rn%6b z0u1&npWB}z-|N6VYsDv3HOCe8$wJTBhq55PlZ%xJSp!5FS?HLa3WKLIB152}vDJQUd~!aV$sClOL^6@4lPpW+Qj z2kQBdSBSzb@a?y61C+Rug$AwUbfCu-?FijDXZ$4=^Bcl1rbVvH2GqAcB*4;sAmQ&( ziACr+IZ_hz6aaR1y}+iO^DJqYbon=*$?HuYl=#Aa%Z80@Zny0J_b=RJ5aK zY!2p?&4Wv-*Fk^5tr>EJ6NL1$XmQq+lr%$&`l-oxe7eeMBLIxrX^Brce)$+2_cP^= z%U`O^fff$BPJuBF&RoJ$p(`Hy+U=Nfh(Cbzz$$@^AQu}w^%)#{n&!e!id!klw z1x;a#v}l{y_jQLOGYzmf-b(~ji--XuB69k>gG7RXxXHQi4yFS3z5Wd$ZSpG&h{iw8 z_XA3-{W=HsSfo95A?2e+uDQwb{ zbfr;TiuzE5TuDbEPfc|RfRr5SR7~oiq5hS!M3E`!X8jPl>|K}nl>%P2WURpX>7JJq zHB|WA+#D@j+_*-Yk(Jo+y7Zf!2|p1yNcNu(`|*frz4K{wg64CdqU}8oVn3FT7g4=^ zlfWYDax&kdRi@h4R<|UGrnAQ<;5<-5Qc2dc8Ry0jXyYJ%O2g^O``kID)vrumXp6X!RVe*cQKdeL*w%GUQaFvH*8%MmV}?>2Jh;D(=dR z28?9|Q??mnHza;(5Ig8BI@TF^D(r{D=vT4$s-szdkr9;LX0+L23y-1k0O^*i!@z|4 z-sjvGw~;QV@1ps4djjhGAjo&0iF~b`UdOHPN5gh+rBh$8GPie+Uus~|s**>ej^jxp zMPtw?mrc)_d=sG(wqltkU)%Zl*;9>6S}F=f26urE*MMMYnKrBgYB#GgjCGLgEad}T}Y+Lv}|#PA>O6#v0b|D@Nh^A^JTTkbuQuPbZS8_ zbgVeWafVl=1$|=q-i;nzt-U7`?8;}77kSG!W=geM#jLTnVrzIYCrc)m(X^(STsNa6 z-ZonO+&WxLJ9YZ%)+BJ9l&?Y8Q@i^fQjl4jP|E(hqguQ9M^d<|;>Cme+ zseF6l(zo~C(xFf})OX*8>Du_<9!1W>J0&FJd{9oIbI#VL*Zi}N6no$pA@3Qft{X=l z!O=L5#!PzM#Q*^lixmtbNiWw#)3&x|P~3Sgnn|vv<$IP;tPbne8BEzsoRzT+`TI># z-OTcy{^f*Wu(mAqX_+#_s)l`e?>#*wA-#O>cHfD7;d-oOUHAkL2x6(-7$XJoDdAa3 zIA`jI4B2^n)`>yT(}!}is9>a;>IuZ*fWGj8NZ~^sQEZa8a*O7JS#IWD?p^d3KvMkh z#>YjlM!u&s>W~L>rvkL8zTx8Y?}l^CrHYw*AoX-K(Fw7E1x6vrRuQo07gWVet%)=%HhqB z0TzBKs#LkB_Icw4?n67=qaT6x_6CEGM1+w8%__+hon+R%%C)S_mFJ92AJ|H5#nMLQ zN-SErv*72)?w%6(+%wp?xQ(_cf?_u#7x7xnh4wA7$%IJ@vx_viS93nfQRjtzviB(A zxVz3a`Q#sFQUf9#ki18;r*Xi;09$qt~nrEprz@xKOFCau(^p1oP272W0-+<~_Yo4EP%at7~yN%b4^*Czj;Evvs zm)SLP1dyAH%nV}!C6Nv=dkx?j#Ha_*Im%V@HTBXjj~CXMTQxdS6<_DLp(8K986;Bn zF^~--PX=0erzOGl_~j+C*P$FN4a1F^NB@(|o6Fxx0qGVAanz`v7lHh6ODw?Icv+%} z@!%3K!=ECJCP$h0GT(UqM4_@=S}5C6%#4avx$Nyuif%d02F;rj<(AV`M73A(#3L=JM= zy$7z!{K?ONiU$pmw1BTn{fGH}g?tXxX$ZpOLO}-q&U53dmaryQa7F0i>-Z^D6H|f_<|R3~_u%RF(iIB?HPi^1or8{Lp^~MS)PwC2(ztu)UWcF$JW&psmIc zD8ri4+Iag=xVimXQ{5NC>W$yi8D*erbF(m(ags%UIoCS1VM$5JwrwiB#y&*tx?~_7 zMPf4d=~Y!(q%Y{FBMUfHON31i^n7njX0B&V%6867z7)pe{$kk>d4{-(ojHfp94wPy zs>_*rPee3o8(oe_;%GjRl~EJT2ipB=Jz2nhxN3YSNOnX&><}>vYx)7dk>}y+<1aQO zWj0>hL8wVK{6@jiIPb+e5b#5llAw~?S|{}o)3?jTMMtyXn^RNipw)ZsW60zwTr&5W z(ea_X)D3*>^}L90szQi#lUju@Q|exyCoMH(3iE%&aVJRSO=d>VM#pB3S|5ob_*(Y( zSZ0T1c!G7%Q}pYiPoIkaD%Bom zO?ub$ETroi`66xmBeg{i6(|ruD_d2?30n@Tf^hRH@l2oCo8dS6O0K$0UgKv{-{Z%t zLk=S&iKAHPIz7&ukq4g4DP7_1&1U>;yq%-c)L`T1hbJvwg7y^zHWu$^|N3a_|g4FDro&^mg$RdTO(p&03cBOF9xJ#&v`xOW6Q2 zqYhFU{T$FSO-JBOBAniTFkEJStomJvI~l{9?me`pI_VeLQ7N=d~t8{Bs7`TQf$YHB!F8RL1Z ziS0qrtxD=pzP1bM(YaSVWvWi)7i_hC#E+0`F_R0ISvN50-}F4vDm@bBs)`ofVmE3q zY80SE>&}&<#$oL~ib+4lJuAFr<1SpAIDT)lHTYFj(*&1?Qw`1m5%X)^1fLdF<>B%e zk(PW{rHP5CDwih)qA#kh-pB&(5?-3cB29>@<&Y{j@q5#upH8hrLG9OXnhpi?@w7b6 zSNP-HVHyGLR%b_dEDc)}V@tEAmiGplk_pFO1kNdiPP!FPv|aDHZsnC1FhEwV0(i3| zy=`E4UW|p$&UkCIWJ5qGc6S|C%Gc_T!k!!{&n3P#?-u(gNU*pWBvtl4=X5ON?M1W@ z`aER+dk^7KLFF{hu$b6u>Fx0@mPcu}Z)v!X^&N)wpX?tg>D1L++i7pwS1v-zHmWXx=&J>{ff{UZlzQ)mLtAH(qH~Ve8)=#~{Uu9N2iT){N|Q6{?Di zR%o*=NO66O>z?#ZS34L@^RUwKInqVmNL?@v+GwJA-zBQ&5Y2S1Dd^c9MUQU3#kE#~ zk~uLfcl9eVT5aD9-eiOoq^+}^*-GMe|FyfB;i9He{T1o|X>wJSiopB!(U<*{YUl1U z;U6sQh_?^UK7XbqQwIoIC;eH*^UWeHpq1Mvi&g3ArN^(_hr}7@V1@zh>FgsUl}tns z&SKETbGI&C;)3|ywlyaCCwI3_nRs!J_LcpKNesc&xs#-3yW!@Mtm%4mI^t}Xoj-gp zQUm%dJeJs;HNE;9a;ElH&hp)Z(NWo)Cvp5P3e+4>-Geja0X}9Op(D+XGdo8t$bh6B z^x7PO@*y#JwyUPj_k!GrkLJ{;aOblzA6^K{Q@OMQrx`&V&lmLq?4D~5X5vQA8Irz# z)X^oPj}d;cS?P0m7sr}?^^ncC*sG)P13US?v$;vXxPq;Q|F+RN>taS3ThwPn80Z8D zFPq|>Dss)%et!X0J9jzeC!=Ax0ncjRY7DUzo1bwKDK}DnL}Q)0GAzI>8g`mv-lUn& z!u4-3iZKu~M@a}fKArj-LZ$;W02aO;Hx{QhL{h+~e;+j~OXyi~oUdZ~er+WtrY7tz zV#yc%7BiO}AOH}6ZWlmGS$`P4nptR!M6EA=rPpNmV}!)ZI9I7#O&x|r!q2qmIM|&) z%D(*XD91X=`vmqT_>m>&fL_<ZJH3flDET}mcjKoi{Aj=Xx zJ`#hrXx2B1aPGpIW0nA9nLIyX=&jJ^o*3OnZTr^}A1w1>X&Hae4zY&Z1YnBdF&DbW zAQrl1Oag`XF$d~B#BH%KAOXn_>hZnV%_Ax^P>*xa-K8TK9o7HFJi)+iVuQ}-5xdCE za+pJv)t!$R8L}t<0ECp|P*>Cr;Nh?S^SGbu`F=xQF}wqLcl}_@ix~0zf5$|3PagjN zoD2%STX|#|(*4yr)FD;nXOARJ@2X+H8sB@~i^N;F!gIz|#jbR#>_M^@>`Tjhaq%9_ zr_{7m+|y!r!AYOSwe#&)7A@uFP#N=3iSE#Mau3V zFTynfiZ_M=?+Yvk2z3jUB#}67RNp(S0f`lGOD&`Rc(D6Zw1ldlLrQgM#OGyMPTP68 zQUiY{e2{?K+ynWO5hAft(ep>gqo9efgY@t4s;K&#MAXcdF4Fo>kO$`Y>=4C4u_f?! z9f;HeJ^O1k^pMqUc#;HATSCp8#1RdEt{?7FFM++e)c6u(Aen9FDd!iVvnsZHlCcV5;8Ebf9{Co|&VQ+WznKKldh9oND3{HX>sXJH( zWuDgfY%&ue&_0HX_-L!?*6=aSwyT2Hp8CJxx zC*L`X#?K&cU?aiz>ba(loT{G?{#Y8-7Um9q-iHL^Idt?O78-G>65m$r>*|4$`5`qn z)~W20px^~;MLjefEA&2?l9U(9_i{+ui4RAl#kBN`E6Y3`C7h?}e~=&_8pQe*d6afp z_fGz$w^AJ7aL`a*`BH*aAtUKx^>7Efc$ZAh>%^9ob~oXbY~~=<_Y5=_>-_dK@X!cP z11_iW`fnd+9FsK+;1A`#N{enu$A29!px~!cfa>CEA0KHDNyLl?mJ;_W2iFqjaFJtT zPhMTj8&|czuOr{7nmtSL!YbqF8q$IQjUnCp;*fqNovSa|Zj0;1*_)l^{ih#8sQ9E5 zR<6$|Ly)^ziI94Q!QF`?WBjLbxBef^J>@0I4r%uM`CndXG7@JAR-;E3i0m!Ze9 zE@R5_K@hzkdM#o$V)bd%~)#+e;w z)nBl3N|ECX$Ypr%D3Hin;Qh7ZqE)lU1v}O3U6nB1J?K~zwl_lAHE&hXIMOz9cYT)K zZAuh=?n=k~msd_}@dpQLDf9pY1s@7vBd#=&u>%IQ@RC~byPd9&MT;wx!09zl8uy`! zL6<4%*4(icY^Z$d;`Z&z)GO;)_IPRWH7@t2Yt-ij(yS}3txWUC{TOC(FRr(1yV|0K z*{{mHJ00o5Q*)6k=PAK=5s%<|N;`#@c z8uS7gI{-_m3k8$Zde6PKi!w;QDaeg1_@coGbmVgX>qoo@4J-U`SVR#?J!i@>AGx%wyOjHRM)5&r^Oiq;H|DG2Ta5{O9N5PA8h?P0*V?uuSJW4p0Tjq(B@GPJWPbC z2Xvv%?rw%Fde>1$q>DtomzlHqradCLD)DwJ=`J-d?B43S8t<=LtclolizQx`k@BRM zcgDS5k3P9L;d9_%?&9X2W-Xsd?<6uC6*n$~yMQ3vOA;WQO36}las8#8F8^Tb=yL20 z>bxdyhQ$+gr-5q+g7`PMXCOy2jZ?_|0ZK#ld?Xdl*zkC; zAhn#zd2OgoNh2rl%|H8bEK?vOhk`;I4fW@HuoEC#M*|6bJs(~`@uy}0zC=GKVA{l< z_3rugAs^=gTMk^YcGbazewmI@&f`mkM~2`mH_pc}R!ueVWBp0cZ4gRK0h^P9=9a&| zzg(4r7>QydGTt0@nTw^1ns674Z_!a3<6rNU?^yDPGaLz2bRx|YaX^bhwa)A@ryPtf zO$9tdg1Vf5!EPSWbdi=Q!&KlqiT|A@N-sau!3UFdw1P2f%<$ikkI8|GD?|evstLtD zM$#UY5S3QZdiZr{^KxB~AD8hP3V{^iMhao|rykKbfr*VqJpejq00MCRuLwX3)P61i zaQ{{Om+v@q{~bJF{yTX1x3|J_6tbj&M{sWQrIq5yu7jvyGiTkK_&~=^F z_oR)FEFAYgjQEbsW)DVm$M64Zz_(yPZluaT1|0h{AZE@E!9@<^V?_Nm9EjnWX@i~~ zM?#0C3)vr(jCk>wjqBaiQy94wVd-63Bd!L>EL#HLGi0Fcu<-=21pG{$s zy=O*@HYL}`*{MFuKYD=okGmnelUlYVb-zt4+av8_QzbkJ&|mOq$_{|}WU zD$i3276#m8IpTx{F(u!D%s2FLu;3}j;|F>UIg&gdqKe~978lx1or3Jk$Tb+mq)QVR zTe_ug0pC4umUVz&biR2jbM#C5GdZl!0xTZQd#LeQ{$(tLohMlk3AjQimf>5j!}ByV z=a7)0WFW!p+!C8@NROG_|%^?NK0@CChm z{wTd>&w}WMt&_rfnzf-n%s5v2zdlRLd&m}8qnPwity%PWVl0F^{uSfTvb!hlkGAri zC95C~d)vp4lVkF=a(|jmcfna`9nYj`{*q(!6ikdx_ZxLQl0iNq_(UOn#UrqOOS@c- zh3OAGT)Fk>gmRPfUwQO+^jUMyQ?4ii0u`#F?1;~Am$ecd{=myVT$HjdzN(Uwop|eF z@#N|1AVw;`*f1()tC}ML1YOHGd-SfQy=DKVbl3GqBT;)DsX{)E0;nXD6KXWi{I&Pn z8NteOoDs`RQ2i`DWu>CpEzT=nm{k^}&Y3r{|DNuwdt%~H+9P+XtRo4MDZx0V);Mpe z{z`4^@!3xF#djUr?@xDx8`ESmA%AR1wL<(w{xToR7UL7!pWEen*i5qxZ`@`u>?tox zFac7yqp2nhlw8XzGKI2ng%IDVkL*sFTMf8)cA1I=baGB#h}7YGR(yd`NsY&VL)o61 z*ZK>&AI4k+(r}~1>_q4sxy!tZ#~N18?%nMPi5p7YiyQO6q9bbE3*ejvkuFc_uc?WD z{Kk}h2XpQIOa9YZfaqB5#6kFES5T*sUb#-}Y_47Bz7lZM^YchQ+B z8$K#TRP*RKIT!6{Z1(hATXO%UNoSVWh7Cah2xtL%e%4JYIPTLIx`Xb*nAQf!n=Jdr z%@?VV;s?s=_Lo0ot{B}-Iy*U`cbZL}>n#n(-auD19$Nuq+s~^cUbdYrsYb`XESxx>a5?-|5Am$ zt9mWKAAq-3af2^Kb`w;y$K^uHo$t%PMB6%weQ&!%`TEAsUJ#wFTdeGrGYL6cDt@*B`&ks3)KICCS@P_rj1L4N@n*njML zxmW(UqQw5>-z&JTyIS?<-lSa!44;eq4B^Y*hRA0!8h?z$sY)U~Z8oCly$b#GBNbf5 z?#qPh>}x1ToPVN(3vi!dp&09jK>(alN8V9U25e6P8;0ak|MmENt?L)W{@l3J^QG{a zMz_5_srTa!#RAv3Wr zqvt8xx%;U7tSpao5cUrU#!WS=Vhod0R;{8w7g>%rKI=Tns<8$_Cj$cg8Z(zk7DDy? zfZ|U887F2G{Bfez6orF@KDR0@@U=VcY87d#xfyc4XpMnFzLOGYHbi?eYep<;$$-H4 zcUo=(8fe8kgp|N%s1KCCK}Hc1v=T(;KOI=9F;+21Dshi~Fn&w!o0b_OQR5e!4Q?=t ze~@W1YZr~G(x|#F&VtvTXi&DK6^yZt zr%@;AZwJTDa@)-Ey@AeU23!U(sQVvRu8Vjbn~&inN%zaF>&oM5t997!@trmmMEo6~ zW-VwsM!iv^5yy{0B@V2Km%#MPK2ukHLr8_Bt5H4k$oli=E&fEl7;^Q z@3VPEjUYttpw};0Sw^gkD+N*|?k@gFi}iST#k8R31u65smMBXQ?eVn2`Gr7L2>=uv zaTx%?1GP4283O?P#2j0Q|6E3BJzxK>jrQicbI|SZ#-L(BoB)vXV^zxuD3UZ|%jO{m zYU{>dcVHZtut^#oSPaA=^%v>hEiXS8!K8~l4P*Q`Wn3g=MPxe>7e@k6pB?ytV2iLU zuY*Ct#yA`nZ6&G~J}w7ectts7ekPYd#n%=nFECO+Nu(vjHKo89cM63}hegZ$wR9_D z`*F2zG)si(zbthJK7({{2d{S{ZvhSpAor&4c<3<$FE1dWqG6tz6+$QOK z>z`e$7lto^*P)tz;N^}PRR8fZK76S%V2Cv0!Z3JicHp3fy#rL$vfSU^jr+&D?}4+E zYM9xPC;I({oVt!8JUl4n(O(hFcml zLl3CCVP(_}bZF+4ZDL}hs<{(8ef36@=?Pl%PsFh*>Y=mLZXS&Xzv|B-j&-P;6dMoC z6Jc4Nz>UvG5_aVSPk2@V0GCqWx}AR44i;BeR-wc*!-opsqPc^6^$9$~$EOv0$&@mD z_`F&aSSrMp0ztnUmi797-5{Q3NM2&Fmj^d9QSX7VN1$y~*S%f42EGV%KE{3~s1v`T zAmi+0QdFzu&JlI}`gQX*Z6#xV+t^d)+@9Pv8IFGoa#Ix|9^p&de89uwRi~xbSF}qf zvS^A;9X=Bk^TEykJgc(5iW6!KH|G;AJrg;unU}xh^V~lqJi*kqTI0Mz%q!u;w6C~6 z&PqZr&NyZV7E#?6|G_Cg_oqp9Q+zv!c{orP)ywC8KUFpRU5#f@zy^@uY!o64s@qh6L<}~x2C!a-38$_gEs4ngk-=$NU=oFt#?>`fM zUsIG~=W!a7U##Rc1C1kTk~kqCiEyXcY{U~DBV{m%dz08QTOyU zzaL-Xt9>Eh5UDwEBIm>|fU?g4$+=_P%Ezjzh}i1FGKPyv$5?tEad9mdU_(V5(wt+y zyIdMdOS9RITn07kHzb<(Isw|^07%o7tDncF)CEr9FG}BzG-18MUUbbPqbX1staCuR z7gt93v_Se`^XOd$s^_4yRvalyu!|tD>04X$Z+K2{!HuKK z2VOgJ5Gkkw!c;TDi{Mz-b{L--QVsNRBo-8g#Jpb{Db`>uyDi)Hi{jEy!W~K9P0QT1 zeu76US(rddm5A_S9dfoS_kB=H6LU^TnT0Yq-6MSp?DY}(2L(fGt?_>C71P4Q2~c|2 zRGW*9XZnbg;4_iy{Q3Sg`#cQv&qvqZf(dwLsq7!+w<5gz*xPajO z7ya?Y9V&i&cNtkXpe3+CW&ODrl-Y2tdQMlaxz1BDYrVK+9q#Jl3(wafUh?yVG;UwE zyd!net=b_Mak27ZTdG)7F>HBA!i6z)8$t5rx{N(bU>ZPitQ?M{VEw8#N2Vv%-ETiJ znY#1qK87C>>oKUhL$UMTc&KoE^-gu=4a)9wZFHVgK? zM4h$Zk~Pn3K*90OkCu~v%&;mOV224Zm!T zNfI*LMDe zwYat5VrSKG5XkV%4M9nDOld-v8qV%R@)fPJ5wc4i_s&gyRP`>^;<`r76Tw1JYGS1_ zP$bh!NetF0xgw4(JBo6M4x_8X*>b3aYNJCJh{ptB9m~-c=ks==%+CBxM`u3BAC3+{ zOL|*W{Mu95%F-{VE9Jjeb!f5(Z<5Lnm48%aC5u<%aiIL=t9lkeR^Z@jQv4?D=G|Zt zK;;G+QpS`TQx{*>3VgwYKTU5lKguMiOPoD<_d&ANn2OT=PVcuT-)6#}Pql}V=!@X8 zj@&7-vIz#9o%?#i2~z87Jgm=9Y|`ZPFtujhI%pDyu} zL0rb!3^(AkdfSxVG{8u{SpVVp4br0!vD(O9sVeYRTtak{zABAhx|_xwD<8rT^es_U%YvhlfJq55^ehjKHWXx zE0CgdxRlUcMmCbjXqhvIwf_wS4iP`$;K7}D;jX{-jZ=tD4t@{IDHe)@j)1cW&{c}i zG6CK#YuJ;3AN6O4NqqP=B?%_;D0tVqJn@#3C4?;DK)(KZ3tWY!+cWBXKz;i5u2av| z8MLBKd-+S;3^zcwDI|#f6lZQ`swYxY);*W;1$~5ZtSh`{h}K_LIj`UPzj%A|c&Prr ze|SWsFqUjtLs=tRb|Ym=5)~p#ku`f53?s7dgp#cg3RBtF3By>ji|ou;$~q&<#F)?h z_W54F>%Q*${`b3-Gyhdp|kidlJuvzJgFfU2BEN5jNQ#opK_%IeC<3d}O~tMI z*Ct!H=1ex@q+WLP<~=FHd$UB$IOKr{_x^c8nR>{{$Nvjh)Jp3diF2|4Mmvb5XXJc% z(@6WwQlJTs*9{SrplOJf7n5?gvWTxO53>D`1PaL;>iHx(fE0GEZ_J0cinb85IvAnW zKg?u9eA1*^E!w{r*l7IR%zbm14cU?eHHfS2nRWiFBsWG>bcNCEY%V##{ZxMLkVuSw z(h@fnwm^e~vO|f2-MW7Q%a~E3@TXpEZEQ{Ye!H6&Q!L`s3#FlK^G1vf(P5FGX8Cv7 z|EXC55F$e;ggjxs<52TsY2A2c+vWT2Z5CbddDlT71^~%4lcou3&7Cww! zdd-)dt34g|dC>_ho1ju%HJWdmkGWPScU?46@iKgXK9(jfG@&SBkM=z%>J9PRhv#dM zM+CQB&+|{hU@EXhQ_>M7@(SQgsS-iug*e$o=E=qHLhAxO?0_-peyb(`7Y+Y?ob~?a z12)_Uq>AYjc9~@KFVk@tfom8PcUjo^U2!)75`!C1^Fzqs{{PoWlgYFS$o695!SPv3 zEQR{QF%S4G{y)zzK^7qr1(EHS${liiJ#<170Y9dQfRL#C7W-|Wtni6GYwg)OOA8%A zZ?@<2!c6qLkkpyHj^CDG@Z5jrJ^gR}{Wp2PoRp8tr-zr^8dg_A9_La|p6j_3OO-mA zJL)1T>`XtzRJ5vY-?a-%nrGgqiC2q7TvuFj5z4HqPh{|6*r^C((tLRVat!(J#H$mF zMXTX)ajPV$sbiicUuVcqZ}eG(JKj!EXI5A>>QXG7W&~HI-lB0=KHm&kkFc3pSZNUQ zG&qDYXUOx#Pymt=z^n09x{_Oj2 z@mVsg`VZr&)3byV7^wD?LE9242ge=YY$8k6vd6L`6ZhJu4H?_Td93Qc(OlgCqKS|% zIw0XpoBW8F7f&>PFuZH@#7MLK+s&91A@Wh7xfCWMJyZDC=?5fEVszJ33FesR_PAo1 z%!X%9n~41T1qZfzyHjU6Ap-oNEb!_3q{0fB2-PvBgM;QeEVV81*$w+mguSJM<7s-GJt18o1d(Ep?i%aEE2oQCC z`GtxLRV3RJJEJkP0Y)Q!Wl~bloURSu@VxLMk|La9U_UdC+E^#Lby==JTpKiz^>(hl7t!*2~tFj1v68*|;KR#ADDvtS3RX|GlpgfsC6 z3X{xi@jGZNJ0v4^-QzG`3 zSG`}6OI3f7QpyFBX7afj8WpC3iUapn-A@UFWU+CX5~9LWp;%RB`c;2`s)y$4 zz!|Jbm!9GeO25F_X4?Y9t!T@M>a5Xncfk}kuWt$oYxilWRo2so>DPIN-L?Vmsrvj_Fa#J8=m{`$vuyvCD;c@PyW^ibXq?&2l*ClSef*dHj5i?x zNu3|xY)Cw7#Dh`&F5UQf^L9-bX&S#w{7}c21ddd$ zZR0$QmG%PxE5lWe4y7ybHV~?(F7Qdy|N~l!G=F?OEIH%#;UQ}hhd3bBqF(# zZmK1E{~pN&mwy&s^vOK$AC?opKNpY{m&7*ZAO@ArDDJMh&G{lHC^eM_k z3xNNYE&kqS6_pUJed@dH07jeIH-H77=>tgBed6CO>tvqgdo8CkXlM&87bOdkk{Z^6yk#%m%Sud)xgr&ju+GXwJh#z+X zX1|jHXP(ICYp4G7#EBKzIjAYI{^Ye^r5|)f4q(`1`b#hg?I<^R}fwqYwcDGtnf4vc37!>r*;~U0Iy_oE%@OU%oU; zyLQ(i?2eqS7bD`LHxY|dm|!&oW=f5*;GeZ)NmoDReRE$hZy=ur1C2uL7w0kOW<79M zbhkUkb@#_z(ixVp^3Otwp87I_gbnrGZ*(vF2!=QjpGIW6Oi(9R<%1Le-fbb2%~RusZ(WL$8CH8!+gq=mIZgMjO<3b9)o!G3KC6ON zJ`3rb?eGS}ldb&$izjlt(krI4#;znw<3uzIzwTpPd?$l%SSjQXQL_t#vK9DT->z1+ zAFxH?M$Rk_B_V~JQl{R%CdMQt=pEI&bbZMLbKHdnTapecNn`YcFZ_spntyuThJm2C zt0`2=k!7A0^*pTBnppzXpG0-Z;LyCvT#|Utx`}}8XhA+4MWAaZrxjAUIentKA*u5f z5WoB8t65~}`55%Bq7CpM)1Roh#s#XN2{p+V$g0_YFiNLZ_DBA1(oFkT$FVA%{?Z0h z;pSR^RzQM4FdvlIgqff~NmiBX*?O;JHb)d=i>%vjrxgW%S)&F{5QZghExu0nzsmr1 ztHLQA12xgXcO+1A`W{__cbE}T9S-P;6@zW}t-PV{Wi>?)9thSd&;GF&WXfwEqWfr` zOGXm9iUD^NnO&RlzAJ71OVa(sw;snyT&0>tOp?QZL>vIzsp&im^4EPd`QJ-|%wG(M z9o#@eqfVFGPN#nNG%8JBkzA4A7&Ibzyy*&_7*Slwuhxs(Gp0S6BepAU%CnNG=9iJ> zouJb8bhBwxr2v|QUNl791l5!2KL8`=1@FIuFIV;rAEamA z6G443)?T=!JRrwJkJmg6Hd=?1Ic79RA7D;4T1b$`G)Bj_a{LM!|4eMzT^G{-)pX;0 z#t?5%N#&S|smbANdHJ)D)saI+vBk6(IFsNb zd?^#vW{Q{oN>k26dg!R8!nit=u%b2(HRR>23n+71{kr9xk)|j01|QH(CrB_xFjK8R zShB65ivaf%p&T{XF^*f=8KJ0k&~7Ni2&bNTL@?f_YQsV%dgcjDp~A?a9{?9c=$$+U z(@0vfK?rU;Du|=uQ=qL!V{G#%>!z8+#vAOj&7RG4EdgM4`LDHC`~z9ZCqD?m67sd1 z!NXQTr!z)I*G^f{ywaV1B?|&2h&krgHY!IZ@X?0^^A}QE>S{h$Jho-bW=p2HQ~l); z4GRLVn4*C;^vkeqp6$t60QUHQFQ$cTee%OoTS$)ZtB_lfymHU#jE7T{ra686#(-AO z`UC-t5Gq9ticyphx_Urj|MCOzvu~7sH_SG(tQSi7*-_~=pp zd3&FHao(4+DO56BUaEWDbR*}@S3#H#MOaS)M!v-9UL8?Wm=Lj{JD0IF&qtAj=j)KX z7kD;VaXjbH%n#%H%HAbQz0^CmX@m(Y>h;aZqto!A+O1*#yGe%?h#5BG%_qFF*6d=e z!6$sO+ZFb_bznSo4woET4Lb#ATGwt&zSA(_ZZ!M-^M{A}NgO}lRz-d<86&8yr$CFH zQG-^VNwzEn^>MZ&gRNqgdiOLT_Gi2ciOmtVA*7&vBSWoG&ktw6&P?mb({Mq)p7P%8 zhuHpiI%Fj&1BX20W+|Pq*z~8QL$RST(_)C5ua5m(dTO=3GId!2v{(!^SRs!`V+{GU z&t(xACS2H}u0GO@Qh`u7zR}VBj5|L4zh0d~vth2t$WU=&R_tzzTgNp+{W$FIp8*6+Hiy0)z|kIO>a&4?-{4|I4j%yT%aW zEwxWFUV887h9ZE5CGvly2~q7JH$@5Yos`R@n8W$#>b)^{>4L;F2B{Y=>zutoCyX*l zm=GtR7Ce)sC_?a{qX)y3HhcRJ#-*x0^=H?xLJfD>V?{Q<;afaIN6~ButM}wvAp$qY zMMs~xU%@}My7##W^a+FaeyKq;deoEKZR6*Zk+GUQHLVj{+nX|;i&fd@KFlSgHNI2c z(A|hwqccg-(p(4kmwL%~3XBa%AYUimFqu$?eMr>pIu^3Cf5VJ11wsZo;iETr^$S>% z62Ta&8h}ZJnvN^HD6y~@s53QEAl5FFY?YdciteDQ`vLB70J`ajJjDr$=vwyNi(*FY zcGAtY;rO$GY*CFBXMyYG#wU!;+bv_cCE&?DrOAI*qyK5vIe>H}6?D zj!AhIUEAq+K0QIh2JE~j+Asx86*3pG_6t$T;>Ye4G1qIHTUCXfa?@)~aFbnG7b?kbQW*j-@Kf_C|)l3k3+m zktB}KHOARAl>M608k3SKQIhRrAXZW%>6yNT!(@Vf9Os2H!3TkC=e)u!$g;EpViQ)! z%MVi%B60BcQeAcO-&NkThikwPR)U-V2C{DF$hs3XjKcaC5)+SSvb>ELh^41=uT)3d z-C$VQuh^cPUsz3O)*xQPS`%rr71kxsEQ|KP;VuTy{i&CtA2z@sn@3q)GVysz$vE2> zcPYj73eAD89V=zKYR@aDbUUwWmV2ie`*zVne!(2kahftTZDJ-~H^w<|7Hzne+z zOP9f(MigWn=?IIRlOAuqtW)S_+22+CIMDN=L!(-+oVZ3G{ZD7MLKa1bz#Z zt%C6IKevaCjx&~bCrpePh+$@W(o_uJ!sR16{n1r2?Y5jGD;!PsM6AMaiRE=yqFCB} z|BU?PSK=D71Kwjm{d||M9b^QscNM;(s1HHgOHxbbIuH!QrqgZMr8nj}Ch zKoK0tFGWaBL@A=ZU9Y?KJQ2va+$Xmp0$(19QXaNA*M=5)+q$=tF4I=K(L#7iWS znjEH*VoM+D_M&_}MI`!%I7|!j2hf_^t#Syh#^yXcg*8!^O|t5*SI-wVQRTa;RKJ0i zqI*t*$Qe%;^Gsc@w5PQAb)56l{5PDT3+4fSf3IW5!_=km3!<19r_A#N{P)u3o2fG$ zHQzLJAMpx!+u%XGsRU6bx|tpS7RG#?Bj2}j`brT?^NZdmDp|qq-Ca-lnBa=Leh#EM zlec;RJujP<^3=$9H6dFbmLZjz2?@L2rB@2tQ)x{qvOyHiBCEqwOjkn0@U?%fT0*@t z?A8JFg#f*};X5GO-;8QGuNtx)Q{JD^Y%J)@!t%Xorc#&w)pHSo+v+6cD*1XI&fsll z_WPikdBp4B(xZ6IBGEqw@lFZy5k2~z^`*u-&BmqJ`kb<{^k>o*3SAVWuIIfzuYTu!i zrL5g#SoXPUnDmk$x#|*n6>&Y&Jhl1ZM{$2CZNqAYL#l85?X9`T>FVAn61rn*hF`eF z?cj4Z>~f&qwtk9=ME}gGW~V&;fvXU@fn)*?&a}5%T~^W#@6`}ZH-p&Q9o(o}xDxOU zNSZh?wZC2bLVUhnsrTB5`&1`&KXuTC9@kQCu0#~IXe1njA+CS=-FbRB_f?g)b%2;% zGppJVox!8J&MT+ZJ7G}2Sx#f;@vWVoSQg+AcVMO`%i5kncWw)0ic(nntzdi8?0W$l zWq3Z%E`FNUbc~YY4z72%jdu$M?|opkqCv301K`*J{Lao1B`J}yNWx_(MY^@@_)Rl= zIh=EGV_)-Pq#!_6)3&?K8SG6{3m9~DL$%?e;gaL)31F%=55N`4aua(M7YhxKEa=j9 zE-xeulr{0u^L&->(&`qDgKVrvlO`8~x498lCls!Tzvr9~=ea4OY$h&YP^VEjZBNQ9N^asLf=@U`Vd zw$G7X0Cd+M)U(J>zl<5lcZurrU*{Td4=eHMk49HHWUaqGjjK+n+~0Uae+T+mge@m5 zL|iA-H$NWDtb&dA3q}5}38Awms$n*dq-NoXs0TIOjz?$b&i~zi!>*LqNth4*$q#y) zks2_uQ}ksG>;girb!1n^Kqgavi}kX5t7Au6!EVoHo+KW$RrAcSUmidHfo$)Eoc0FC z#P2_h#~`1XR2nG#Wc+EI@A>*3@`xl5JdsyTwKz|BuXzbMgo06M+JH`CVltnaEQ?$K z*P)R=_ESvfabx$+$7>74%YoNc$7liUNQ$6vY-6B@JbuU{irX)DBrZA@cbui*$=VUf z8??N;(q&bXymD3~BLHQ$q$?NF1L0)`bYGy}rsP7REfxtC{!BR3yRuijW^=~6{mlc@ zn-WFD{CxEkWmGa4aNvp10v%MH`9Bc!-v0KtZB|!)Y0`rNx1bK)g9Cb@Tc8hmy$tWL zAA3oIPe>1=1NBG=Su8mgwkru#H7~9LUy|Q`N!vE#9Q?*&W#qdxcOIK5%$#SY&$~C1 z1SrA-yJ($w9#Vq`xzYzO_E5Yej)CcpluP}~xwx6v=OSG=?ZwaDp$&buqjzinEHN46 z(_WZ(sebyYXmn+NZs+FObn`D5Jci}%vPP@~ZHT;^a&xM-8@fXqXP;Tn?FR) zMOdt&arhi`X!mtN%MS&e>+0fyw({cD8&|@-LiBO1egd4Df~U?9Jy6*4rHLUJSLzv+yw|MltF7JGbc-Db)WJ)b9)s3+v$yE!A4EegA8UK|Z2KRCl zCIw?)+1l3Py06&v$T?z^GGCMt1fj(F%{bQdRt!R3f>zMO?X_3y z>gsQsRpP{=Xsq90v?lfFuGl+tD`D?-RedDy#dKLr@envy%%0$mUyG~uO9bz1)2b3ew?RruQR() z;TacQR!|yK;Jr3}Y}~=%lqAkG_IW-PiFRG5`GR{_ldGq6Q7z3?A!RF9);pYXb!7{_ z6N3C#+)q|8A$ya;3x6;po(8@p1)@Ajyg5wG)V6`YIE+6yTe`nYsNAm|{`S3v>tm!y z=!3rp?!v^g{ zfwU1vY6#ti@hcZwhjF8ume*Hi4Fjpm4aagzmy?H>T65h-kZx!J(%TM-`0%bZ-GheF zD~u`4{?)04X?jl2JFcoso$}H!5LLIwfC3@_o9$Tl6y7TOL%O-_{%h$i8|NbK<%b4s zG!8)rG`xVXHSRaPIbVL!+0jv_8S@e1aaoCU7&N2R3@P5UwWb*zKHw}P&F?%Z zl4??K-v(J?8A`q#2RRz}4^xEQ&jkH_KMdDeQuy0)c|Z4YNs;(@e_sW)I!v0p=I9^Z z2L5kQ1RlXedWRP!6&6g{kfKe{RW0>a4+~myKWJA5g<+$(Xjme;R9Vl^SrHEwN)iz| zM5TMsbI@YPA>dw z;)XfQEH|HFMFZ}=XxnGcJ<=oV6aA7q6U_}r_BLH6JhK%HaKQQU?BVnUPf|^ zA0Oz*eBEd`?p2Gi7@MBo!K4|e@Be~a0HHy~n0$_Tvc;%EqLp>)SoQJs%Leu>Z$3~@j-m3EjS{$tsgeZ!*+Bb*w7{MX2=)8pH?1O|SSOV|E_6Md-70xpswdZ- zRi!X}_U4Y{MbTxINBkJJ)Es6iD_jgN&K6MKAYhViDK(Jk3K;)RV->h!#=?Uidj z@=32NKka*w6!8M*5I2&oiHa{R{fdiNB|bgUll(qV?DhWIGpe!lq@RPzhaWRRKE^_F zJm|+==UEX3jCHY!YLaeNe=8n`4=gVxnktE*CGzSYrO#wyeS878#(+_f=SD6l8_v6hs<#gBwK)DU{hHRfB^xMttNT|k?YMnv?y4~QJk=hU z@U)FLj-#kF6CF`VEVO`&dF9rZIRAsO+sl6j=z)9oc1Bn}~8f z2+A$_d0~@rrb4o7UBqqYiwY!Kg}-B7P~ZW;Hu*1+>hLXkw&+Gpu^;Y;p4Tx~q;0qg zAqx`kb084@)iRMZHvo4zAY=G1PmrxYIS1{3@-3S@jzpPMF1a`)j_Z$}#jLt8`Dkc$ zsdUq2uc50@7&jwb+}xmU9A!#LlJC2DicoLMYsvb@yFwtk&5mS(L!Ne>8YsiXJC}!! zy6@{(ke4zBzn4FHbx8})H4wCmhv|;UP8H>KC{Pj1Kk?O(N|$^d^p50met|-2N1gL{%eHbB_(45<^)F-k4;xi!_SPYh&K9)#9%fB zWmTrbl=pro3fv~QY z0I;)-+NGDXR_aj5zPyvHs-j98J zd-dj!)5D^46`^r5 z5Rz8}d{d>ZoVy$+>DHp{+&e85FRWWu|MZQ)quj}FqRF9jJ?Ugq;?f@jNm7S3!-mDn zmeljCzU|=<{%=oOqe!QT0+>2bhadt2Kiby53oMxG@pIA`cR>6#)tq>?{7R1DzdF}Z z?FQgKP!*XIA?P*~T6U+-*jgIUc>Du-E-y_R^6AgMah#@FnptYIZDrIGgXv(Qq!5U* zKx7CDAh2Mum7%nx(R*WxbS+~FH&ZvIrIB#*yJsq}V7d>Xxey37mS-P9%I1zH3kPzq z$!rFK(94Y7gN?og4X1B5^vyLyUhnI{f&L!qFH;|3u0>M4F)+O|Lohb66sck+W)<*%&_{mnBDE)bte}G8(ue}G>^-AU`{g>+UI#yHfQ5oiKM)a%& z<>X{T{@$Z-|M?%MlAMzU!jl+Ezbsrwb6{%M=eW9U1#-?)W|{7&>9cpv<{$$2frhmN zAjl3)@*U7*I{gC?-9&;U-MI!rG)4(l<(R&34Uu z1sv3JgJ_qLB7jvXZSn!fhAYwm=QR7(v{B}o#da*#G|F}-zFKf#*Zm?a3 z#q~rxB3j@)@6__+`PFcJv+G=MC95}_1idHH?iQhLo0fj z%I`jd)aPGGR4%YbOQt8_OY!eiAb%%e;B{2KR?_j9N?FQt^Rvc)NPkGjLL$E{l%%9R zTq$DUIJ)t;CXh|-Vd|+g`Dr0A&&-rkepk;fpIkXM~DPGv@VNT#Doif5U$`^YK(Dar&Y%ADrgs!T}JnooUv=8B>#l zupMqp?*bN&>|La6o?xERDrW^{UDTqLe!04`k9zM64pxD5N{;n?)Nwxh)ODVEvrNNv zpD*EoPdK!_R0;IEw5`8~q^xcaRjOs?pPVn)M1Guc$sDx|sWhwhO>4%#;a7^E@S(^ zH>2!yQD3cFScQwv$9sui;5b+FqP3fu*P5z>s{31g_31L{#gvJ`jwo)4aNgP50I=p59)_2%huUY+~Ccs6I?1q0@-r-CV`7?^UhiGy?q6Jkqp z-17!(oZs6NX%ax zJus(_?ZgDqCr};Gmd`;d!Ol;&a@Rzg)HS|f!Lt<^pA(8)4TfCj4X6L*Lr1fdf0jZ; z+UmpczbIYLerD;BUoxi?EHdbOzF}uZS*vtu`AfnsUr6$l?#Z?jkS>EUc@kepWg$f_ z+53fnCDdb%ljMnx@P?=UY|uW(nUqd<1Ym)>!aJ5{t+F*w=Up<*sIrqD-A z-r<@Vz$6|XDo;4T^eb5r`4TKo`pMgGW0vKrgaz-iBx&yZz;Ug0@53}zN&P1~sl$ZW zKOh_@sAfdH6K{OTu_Bi6G+C^7gGpC4A^gmCiUQhcJ3LR8FoF5R7>ubk0YlU1B_STd z86TVy3(uaC?NVA59pxk8LepF z1W`mgCdb%FwUTOzf2)2#mjSNyx11sSUf%$1w~dZueQt@E3SVr&IROsJDLCGg6kV|v z#Q0J*H|m}5C7gbi?9F?@94BkjEA1AhtJInWsx5HOI$$iD>eq2@`p>5g&n$^W!B<=+ z@y>*6vfp^V8tg-O)6`e-N*FY^5@wslYKoNp;B(E_=FE{ZQXWO&iuyC9fA1y$!caZ` z1LQZ%Q6?r&vV~OfxX86}zp%{Z@TITRm-$EPN4IWn6`y0PUJmx7%lipA(gkn^G!Cc~ zPZ2k_lR>Y|b35MTb8B?B;PgJJnyA^4$aH({?<$IOi3i08;Ae?)XV+PZBBtAEbsM%g%%%# zfq;=R#ktU48x5lFC!&zGsKtaI8pq_bA>6$2704|qrDo7uuB$@Xe2Y9^YZUGm(&tF|Z zs%1P~dcH?!DtL%Fi2^`5dv@NsHTlly#j$6Y^2d!yTU?m9KsvC^z&08`I+`ToiqP)@ zXUIki$*itHt8o|Ox_g|*?@q;mc=ymZFBY7aBD*V`9$GJHEuJ27a!G_M0`KIaey z3x*Y*Cd8X84||@+da{4cc>3i0mh>&w0^hLz^rRexL_@67!2zcayv{muC8Z&0j$%>x zC@(JVo7g`4Hu7t7QnNw1XxzqLqUH9zq>(Y}Zxdgu2a>zHRzx-z5DnN5az0dhm)QTJ zk;EHVrMfImIe3#zA~=wRAHBU!&j9;_Fq4hb!3P@+_<2^>Y-pnWxT00A;nB4*>uHUR zMEOq{h{W$c=1Vs6>tNK_9=jvy?QPYGXhrKQPnqAY8@RuW40tvd>6=6vyhSE7lXCHI zo60Ihh{zaL0|%G09i@gBPTlePSpJ`;@t4446_z4`CO|RVe%7XV)3>@coc=y@O}E!J zdB0zGRFQn0l>oBHUd>Vl=2_o0WGYuHd$1}=e8q-99zxXRw!FN862d~Xe%s6wBp0?? z7Pq4**G2(cX<-Xb8=Dl7Fthh~uX0xnh>qU)R`bVCRSmS&lMKSmnmvhEOe}hYrHngfoT_nrRYg z)Wv(PJTp(*$eqF1cA1x|lw?9crzLIe{=Q{iV`VJ=qF}_bL~(B#QxM?}72gisP{=P( zQd;c?l3vqOcXWFN#UF(tcP@pf9Vx)6%?Whj9u>{n!f}-SUo(o0SCJy8&r;dxi);?^ z*R0ocldZ|My3P$>ia^>eH>EZayb#tcY+fzk+Ui5mt5f%wvOoG~L2?!xOH2&?~ zypaS=plMDrA4fyTJf(nF?#xRsuhu;-3Vvgsu*JgJHktP_X~{bWFPu);CQBg!t30%f zGbUd!KIxc-{b9`H+sLOp{oXYyRu7{d+tro4@eho9TjwWJliWX{z6Y#?xgZJ>Fp~Bp zJSAF&6}d2gq)4>JH;`g+kB>w?{$W?y z^V%#WFQ~M3#Ne|2Q8}WxhilCnh$;ae+o6Fl0Hoj+;VJ9i!B(D@jfrmY2}c zdyivELdiOeAOK1$-amQM(Bj~|q*SzY=hPX@QbhV@ z1H9EH^d6!4?!18;-Om+p!aKBv^i<%41qn;u2}}5u3N>6wQn}1RQ*vka66#zu%Z#m| zlzYV$Yd>Ye zt{?iLn*UE2`~UL)nm)%LfD%0!8!9@ohh~Tm&X@lF(8yCHT<)#)jPet&>wnH*-CO=( zU&GD!J&E&Vk!&|tuZKS;MSlHx#Pc%!Nm);OS&zCM^j;5j_B!YXFTmqKyWS6&e{tTQD$?$PiIf{F{G8>j(qs~n#Dpy^Reu=+b24>%VtS7E zaCh^OQ#&lCRYrgfAB>UO!#r-`Is`PK%>I>BSC-Wa|*(jr+&^OBO+_btiTC=I!)zv1b|D>uOuGfE7 zjjcKndjK7ChtCuMmZ>7=9r`H#I|= zS06?CByWR+uWEO72yaflmh6DukNaRKAq)UXPV?Mrw#w?aP%-MaYRAoLS-MRXG8|oIhYPX2p?9fS4R)zP zo7M-~G*2$2PAIEY8_vjVWNKjF%Hm>mBb)`u+R+ls^!T(u#o^HJd78ur+np6kx5oUA zZ&BJ0RWhAX()`{#phXKvuU^&@uGN8rd{i~Dr9#+{67ig*w>amE#LE>f?k=UqE)3VQ zd~RIO<4uUWRz|JNoA;qfVA2U2DuyN%(`J;dHzvIUGEwm~$-b!k)68Epqzvxm-)T9z zdkSHAoJaOV;`;;c4p(e?K9d3NyCmCc5r@DeTNg8x?g0&A_6FKXAc9|v;F)xJ0&y#I zJf-v5P$%oHuhr$pp}+rXQKL%_u%kdH+8L^PoJ;og#xp)yy;WD$@}<5p4gTTimac^w zN1K@njgvrR0AOE1gcciIvWv5EBGz*_#8o7OfbOR2gaD<5b*5M+XEf{a-a(gY^E4#P7mX*Q19J0~t>S!?}#O2@Q4@>mM1b*83&KjfU+{j_Sh!9Vz zSL)xg$vCzQ*JNxA=iD+7Aw>uj5FW#tNp!%y2abhbcpt3|5uD z4So+Q!EE!mS|)Zb&54iOrv*s&cm|7@R0d0kL!fq&b4dGnZc@AzQM#_!&9Y^s(6Kh( z^?HEh?e4`Na7U3B5uVKV&kV@yUefcb(+}4fWUNWj)w3S~Orr-$ z2M0Z^hm%ZZ22ZR$Z`x8>m&!LjxQ6oJ&?_MC%{sX$7%>^qxT%5OH5#8X zx!L!zoa)!;y9eK)TmT%wygmmVMwqsWq@A-$v|(}KHTnFi>z&oA2rs{FNlnP+9PNf=ZvJS^+MdAxrMaJaG=eb-4iy;JZRnd%HGD#nVT!ZZMnvbHt z493?CvizRA{B^=lGFMxTt`5!*njD!oD_f@rMG)~}#vqC-$?!;ttZQJ+dFN~DgBYf| z)Ub{*hX~;Q{Dqv%TCA)h{L%W69Fs@WGUlkuF?{VGh&c1r)33b@X712w(W!_)ohp$y zj$-dZI203<8~?JYYShEy;uAUck!w$tx4X|%4VlxqPAn61etd8Z~5f7|A566w000SyHyLX`4e9%MG{O>86s7ak^$Y7AEAxr$C3 zAa$ItY6!e`-mJ~OXBiAkCQu)#AoQ^0@Cq2=nhX(D3Uh*;az#R01$sWLCqk#UQ2a!E zY~7i!F)sq1i?XZ&Sn_Mg2`c)&88CM%Eu|!5MkQxL_4sSamDsKi0iMPQfYf-%X0U+zQ$i4h>l zy*=^ky>C_|Qe(D{MAr{zvWrGs_sxZR&td--vs9;`qynXA5~%ru0?t#dFoMK#J?^dy zSLEit3`L@4yl-KvMqmT)x6mV9p@z3Z$4KkG`qfo54fF&&;EOZ!U0VHQT84n z7L8#A_+>tA+D@ipR7+wt&ri;-XQkO#cdBRNT<%z>>QC42*>44E{Gwj5B{>PifLNz< z)!_T`6W!G^vbwMZ{;o=}VX%5@Ux5{!_6PEskY#ekTr)V+k+01WXjg8-BkmFA+k=n# zS+}gz8ZO5{RfVG;*hftTm0`WRH&3LL9bgAwl+Xhdg%(Ru+ygxe>Z~NRLL1F#-K_~PYHwx&B7VSubl&F({v|dlpq5V3}+nd$HAkRE!G<;a^_Vzc2 z#hl~O0IQRZ=-8sJaS&wp)*pc>;cu4F7+5skXt+35@tjq4OPmV)Vce&8M)U377X^3Z zAb1u2Tmb!ozL8;(C_s7PpHJf9BuzBICl*$!kVl%oG?_j()#O`@I2u-wWxvn2%*0_o zsNm?udXbGSA?p5vrXfA9q z=U>yBG@x~;?SW_TNPZC&?MTQ9+ci470^bt-QpeIGVi$QO?T-9_oOd22qBs=j|JvJ# z`NxcNLf``B%!8he4M+tjm*e-n2_Bz3KMs19t)+weAtJI1EMWi-`jbMnZz)E-$n|e#Q_P@{q)V+ynINaz zPeSV|O@6oeG(YPIG@2|~=-h>@=2PwEfvI_b;c!}SzX1ABxu?SQ@5Fv5(Z6Z2U#7#~ zlB3wSr1)q?Vf)#N3QyloZ5Td9(>DdGewS|e0nWC1yMxaS$N%=7(PCG)VT+bV-M8a}|45?qFaW6XCK{wp#iY&X@YZtN)!kw*4z896%d-eG__qG-a_hoS zIqd7M5zP1xkat^Q>E6_NY<}ca?& z+*6pVUYLa)*`#I=>NF4V>qv$9$tv9G&f{jKO#e*(fklUUw^zt3zJ2cZ(qH^EpOqEO zV!iBJqt&l^@^<ho(xi*(%w^EBz4W#NtBdKW? zeAjK*-@y+$gB+`z0$p&7w~ZM-_N_c>j^CBQglohUKtbrR3oIfCTmiD-hjkmi?BVYx za?QZ$KFONdj;K|YKWDmVL9%{eaum`r`9evI!f!=!g>@_CRrAcJZ@)`?^lcB5gLlbE zZr&23UWEZ!B{l{Ti0ixJ+3|HspJUklX?Va+@BhWydxbUCwcWx&K$NN!=>#dFR6&s5 zEEEwz5JHa%NQr>--lYnm2}l>|QX;(*kS@JTFF~n+L|UlNo<8sQUHkg~lYO$keZa-h zTA3?rX036Ld)#B#y?NQXm%c0K*4^y68w4^TS!M{eY7GAGt?DH-|)+DQ>$)r|YnfBzAx=Y2+gx35OH4KP8MAcXa5CPs+gf z(rHgDYSmO!G$J=ukq)9UNo_SDty@u6HO_EzpdS$P8&)K4(!eOP*EBCrzx^G$LXT9- z_ZRwN0r3tcLpf}jbhpE&r#eqy$bETT!(^@Mim_d;CO0HpBCGG+@}($OZf0!y-YCH4 zwrEB|(9}x$iCtN_ubsJ#17jjp(*SMII&;K~in{zDB9fqtaiCMiD}Mj$V9o=RiEb__ zA9y#)-OUqOl4lUt!inz7Zw@B!CxuwS=7IPgADjmXVtmtcE$6ZiyVy?0SLvJTCHH$Z?{re;^!w#Dttq z^mSCz!{v>)1vO~358dLKx_=vT$kV_p)E-+=jtMEaghMa9TL_*^by8y5L@XG0_ z&T;8Y-R}_5sFTB^4Y)CwfMUQcVnqPa(TNW>`c^wxP2nvoO8Ksn1k3XEQ```_$}@xX zOxvvOBan~*9&B^NLKc$;SFt<4?rPE>QSmo0@I;An7qT6ErfIs3dhc)T&+HN9V=}e9 zJb7?M$d1S0RpiwfiAO)F@8-Ij4;f`0zQxCcXRTaBm@8Blni!cKmuoR}VEHS;r^Bey z*$V&KG&_&LiO)Pic?@0Y4*#s_{5+CEBdI3zwv~0_buS2g;MS1Q^!X<_^A+ZnyBjR7 zgO$F{mOcr&xVfjJ#iXICCiZ+JV!?4r?9fh;>DkU1bWC-#@uM`YhVpS?Gpv!JPyT~# zgKXW*_ZaCl6#M1HR);{2TeujIHhYZ_>3y5CTwSg%+g}27@e-IZ)%7YCQiuHNP$?_xI8c9m=8u)3Zr1Wz|95_ki4Y0@Fk_bDSh8sH6P~-_ zNYydG|4q$wJbJo~GA9lRg0t<;o}Op;y!uKwGMx}NbU7_%fAGh+!-n@y%2T9CwwV_l zNY1oE2Irq=0ZmnMTZ_D=e}}H&L#h(txK7GU#FN21FC0D5py#&eoUi0#h!Df^8s5BX z;a1uTEaKzVOuEhG9Qh_2hW4(n5#0O%UzL`K%mPn&J!;{N1hAKPP`<9_&Q{#L3>^cv z1=EXID}%(myoN6kFn~kJTl;X}-ORgxS}c&3!WRik`|+Cn!^@(9>kq2pgv^Mr(Wu zTmHoTSVIrL8+jnFvU0fFVU(TeE_`9y*9CeUxuC~^@;OH~!OAwxxTf|8H1ryqDvU*{ z1>I?x@At67IBV3F_6I>t$|A7$@Hu`evYKK8CG7L?YsznD?vD*F%zPC^5Smw=-oSPu zZl&3aKxh~})oW-BTIe@@R4c~(M5CuiC}Egd#!(4speJwJeX6C_T)roVs%pjU&NkZr z;+De5g9Px?u8Z5v&6%4H*EYLs(tCc{&#R~pLD*=%w*;Rjp1nfNd-!)hUjX?g55D)C z8ncG(J#}J8;1f!SiSyX#ggCmxD@9^*>XM`wpQiFU(ZZ|k7KoOXqM{Buy(L@G!A9Nh zo1hqW#SX@#;dzfBBI{zv-Xn5ay@h8gD?W>j-Sb;RP@Z`}ut`dafg4}#ELdjR(-dow zkkBf{un#Wn)rzLMQ8`{OA5}QF&~AM=s(ctGCdMo`zbLv!_8Ol~=?GlFKA8ZoHwB~( zcZ5s5x&BQHMgwYDw(D`JM_JQ3%l4(XMa{|IQ#(Qfzw>c1m96eql7tAnr%8J>Oc>&X zO!@q8ew?<9GFky=>O}_Xzsw9bk|nRT49}W!z0nPBYa=d&IOr=zxwzqJ-dC40-@0}` z+fw55$Fil&*9`L@6lotdc*nMpAqEsR0<)J5dD$ zvU`z_49;~TsalT4+tbC~Ov=+BbojIV?vXQLsu;$KPtb23Zeb)O=!_O1ytlkntn;+5 zK8zK+x0njqE=2VQ0=o`cXFyd^mk;Hw{xyZTiQDR0;D%P9KS-Dto3!K=m^PP|jz>4B zVYp~k=vwIq0g$Y7eN`HUKgcG2Qe;o!uIxJ ze`=F~IM{nW%KtzzjbInRrsJS^wn{Nrrn+DoU+i&fibBg0 z?Z%i13?useZG^0}hg+^8V5yJClae2G(xfrBlX@~3lhr88A+3qWiUSC1ON~PuXR^&B zF1;(EM_yWtsR}R)=_^`qPxj!%-~|f*ugjzYj7cOa$KD6AqDZi?me9f?vapQxr*x*o zr;B|3mR&pbt;F)a>%^dh0t*F9u$=hN86|WXZgj?u%NPn$V6#3U-Nz5P+LnzrnN!rS zT5)<|+(6N_f>uB;i{SarDOtKNF8BUzsEu;m#G}Kf4%LRM^(M*~b(qj-H)M(jN=)rM` zy?rtTPn>`WM3P#$Lp_Ntoh|d3l0q3u>^$3txX|Yjj^4{GMotuNY{t8akfabEce&F@ z@JNte%a>jCxdY_L4iSp$FDJkp=Y1_u6~+((G5*)Hrggu2eVeeS(;XMNG5UM+UX408 zT#@+QDs=vq+Un9;(PwJn3+5c4ti+FkBL)3Kyxlt#gNMJax8nnob}(Ia@Rk^H*Sgj>Y2z=GvmV~*Sh%c6Pz}BZeg5GO8ccJz&0-O z7<1Tz=P1u6I4ISO9I&P_?F#em4K!|BU7;_WlP2cD(E#UBc@H#J2v@65h|6EESZBPk z<(V&+v%PorMKAe{nqQ|+d6#tWsyP`(4Jf0mbJgiOjCw3@2A;kRiz7@8XH~(Y&s4$W za%jBqX6=p9E&WS7=h&f-V`^N1VFE#yEzAQ0$B?8DN9~LLOvQMQNxji8(Vs3myJqCb zr4uDYo@%tqzz_Mt#7hMR_b%FP7*J`o_UGY@Zeot?(#QWj8I11B7%HX)zXEei88w%0)<~DBJ>vtCX zrn2oA75_OEQV$r_|7ox7zvm|l^cz86mdFZE-AOC)@cT2s7y8pkgLF)cDm$h9GGz5v zPnRq;qEB3F+PQO0zxrZ)+{N2lnJ zs2QwXAKE1(e@pFk?3Z1ucm0mz%P>@)C$xQ$eyc`7df2LZ0;R82(~%|K-&%ZEpM)*w z3XdNU5Gp_RF+DXQgc*ETd28e%6Fq)kfAV>gcIVBk*f;Ao{fC^0l9pI zj58)*AeG>7D(O+If}e~iM!;rF+>CtZV9|%3EUM0|VdO;G(wvlQF$*VI#lt_@zJoY6H3c;5xu#BFG>6mFFbe0%UJ;Mra z=LE@mn1B58rRp~JJBFvSytj8u%Sd;aMp+)o{vzjzn z?Qnn>m?wZnqakwYE4$(DCl|rq1rp7Fx`x>Ms_a<#`Cq;=<|YRfm)-@9-;miY+)xL* zh{+VnWxVQ}`CVfh7S*_KN@jZRqz8Q)V3`+VnY@#%7>;VI^8&Y|ng>juBc-44--%!g zxGYmimoOxudgz81u4e26oONqz-bU!AF3Ct!-UNnUU5DB`08F4BfNoXgR7BHrJels4 zxWK$bsYB!s{og9lao^}sx#df~>A(2EfKrz{~h4Aqxmqa*Xl6 zD}nzyIGIsM-+W9}&q%|)^4E3b({1tyt0j1=)-{iNE2IVCKFYoY;U)1}`~s>rlqKuE zz5I=w=UT6#L%&b-PajH;%%(>8cT{>oas z44o1?O^4!iWv5qd^g*+hO7rMyc}rvb231EXE9z5cWGwwY4=DIx#$X13YU=DNM%{Js z+Jb={ay~m$0A@pxys6G<4)I=-FNdoFvy#67nXH83Lvy@qcZ9^9{bDQ^g1Nxvb-bsU zWO%*l#SN#J?i z?EM^XU+(N)0+$Yz#<1SMGgbCDFt^24q=h1Qxi|0L#490}3L3SYYsdoZp1tZ7n zKH5;`UNY)-Wc}Lb&*VnC+l>GpVn4L!ZL&P>jEMbYkqV2R)>0G;;e>Wf75EKikydAg zWpa*JXI(R!ZW=R6llol!#<8kF`ps)#;Rz9)n?eKT=7#NJ#Z(m6cp2SO^r*04aMmqD zOON^Fa!Yb0#R!zad3p=gmLiRWkTIC!{gtNWN;YjCG@eZ4ep%Qca8N}QP)Uy_&P>7Z zi%vZnJ?ZePq0X5nW{rU)OX)7;5NO$20?(u5l#5LXX=bB95uf&fru;)3<)DdR;DkHn zA1NuRtu8N0i1SIzb}i=iZb6Jz%g9<4rB9J%3g(SjM_GF?Ho>g+RQ`-*Qtnaqu$TgZ&n6z?H>9ygL9dfTA)%?eP4mIc!QJ&4(HHBK53yJ;Y?@&er z9?UCAHnWtDnQm0b7(E@RU#2X4HYs=ThI>rzHPGG?EEhRwjy;C~qT~g}gY(|7U_VOu zhX17lG^s7iM~Xt*N{K#A+GHf-`NG7uf#13XejMNF^K#~QnZeG4L$AF5DBC{}qZ6&= zp$}(DSry42Tp1?HS{7e<9M;s5R`Q5`3%+Tv_YXt}N>(^T^718d96vsY0mdH9a`eR&EF>X;6m?v!!u1Xg&q#J~t;v-`RQ+Ko0fSnfjK&ak1 zJj)purv#PuZx<%)UigVCo{|6c5Fb-)%TPvJ{XC;?h(;fNRh;Pv(fVk)0PhZ$1}!7S`|W@IPc3+3;dlX z3in@5_5mY>iY$y5q(Csqin77;wQ0-(>+DpKAR!4g>VmwX!_K5f0`wJhcPxf@Xcq6Y zlIjl9=|JCH z;rT{e+i4EcVU0K&P$uDX#}2(o}EFTlRAJM zc@vzmC4sQK@^@m=Y8NsG82mY*uEIhG3zeC%#F%$;s`8#k0L-CKT<19oOty-&RqSH& zH+B|Su?lZok(isjFbMRM6^Xe#HDY-cPhAmJl3IQ8O`60+iu1ztL=v}fv8G4xUe0)M zp(`;zndTrqdX324dc0iffM=Mj2k+OHDPyCp?)rttBA{Q`Bvv;4?eFFU3}2h6YNsCw z&MzT*6Ev6K;;`SU;8j5pGRKbDZ=y7SbQ5x9P?#;|B^u9Z~ zN?|9)bXJ=3YVh(QMv9MQp9!+}34~;@HQ`I9ym%aM5Y3s$GBB@VUJd~T0tVLRtI>Hu zg$qsjym@2M7I%Q2R%#%<;c|y1sb_HPG`ovNcZlr_;jkiPyI}o0Sbv;5={_~GR+v22 z>B{ex=<@;}SQ#j4>j}2Hx^>~3H7Yy%-yiw86w{N?)iV8Cz{mr;jo(6OOEhb9hlZo) zm&X)RG+cw*dd|JXF9*rqMjnbFK{w77&T4JOSTihA`nc-@QMG{UN5dCisiq-IXTeeK zTX42nk7SeT`pA_<*f@78A6NlR;!CG1Ym?|FO+u~`N1@^$8VmM>`6@#Vp%D8wO6si` zVD^RFMq8p-dfmzA7uLVcCSOvgb$8Pn;-L!WW3LdvQm{JOm^-{>eHSVbBh~dzG&S>Y zuc<}zyz)%B*vKPBc@*nP@kvmj$Ns6Pw9+V}<(y-$6ch7C0x~~9q2dc#bRT`gBlyX< z9jZhkjZjuPr_OrZ-+FzMTA8Ecn)ei7>*$|9{-6JYb)##Lm4&L9Qs`6T-ej#9P2QOFTfNkJedh|#H4n~MYvL`D z8M-B8Ii9X#(rYrfa0Azq^kv4tf#UP`%Den}#?o_6SJ+A4DNuvliRT4`f+x+B5_Sx4 z?aF99{rUt^cV^rn**VX9Ax<8Ho*Rb$Kx*t!g)!l&ZmA-C##dbSQ#fHaA6C}A>2`X6 z`emkyTQnN48iIQG{q8#Suwop!^~?FlFz6fS0SWDueQ}}#n(m>%)Tx*=ICcGJTN#(f zrIXCr&F-3wej7Sprw5-oN13;HtTqv!-t$OP!)L~PMaa}d36|LBG`zCmsZi@=x~t71 z!4^v-y#Y7!wXp`xv=}InD~g>kz6Fvl_t(z|I?~H6R+=FY?H6Bal-ZSunRYX!hr$#q zRU^c;*sL2`YKv{4ug7+B8U?KXG$BX6S(=F3LU<_C_ff^`|N6err20u-49)CD`}n)B z2odX!>Bx@93`QPgP}+x=N9R4SxT56QEnTu30E*J<4We#*m0N+>L^`a|Hm`PI(!34%1U@giJ_xm!16#VtQtw z=OIIr_qXzFPzaHoKJCVTg;yq37EYg;sVUdKIxd+T?ziFj*~tipu1S^xg`MoEW`A=Sji#iijL?^x7|XB4*m( zaJ;ldY&{9LF!;^P^V^&%T7c_HMgS)m|aq+U8Ic9QmsIqEE&Oh@N*p|iE;W@*_~)|ZcA?+1O16e z1iI2Hyc&2DZ=Q4o7uzVBkMntdNk;KFsqA#7_`P_k#1|a5kKr?4@&{9-r3Ak2qy;Yg z<)Zwa8gVxdAFnN6E#5>4FfOF>0 zwe`)vWY@oc#H%#)7k!y`8bI8tV=jV)`=_R?#`T7HgJ11z%ZcW%V%6C=95ZET9{wFf z+gzlUdsw(7bC~l=ZV!O}>J0Xjl*DIF0T43h0iR?{w1e)1oN0;KCgT*{yt?bH z4VH)L#8oseArPWg2>BuEXRX0Fw7X&O(@}!_`&4t2D#~fNsAYs+{rbCYsjW;ea>yym z-^sJ+YWTEPr+SeI6`$bB0nuzIj4fmx@Lw_xnjtoT&+jA=rF)z&M&pltI#j1i{& z!Fst;u&1a_^mYGN=eQ_y{9265=l?{w=}91X$Ez9}`J5sgDZU#}D_L@L?-c`;Vi%)- z1uE*sre)Q{K3OfbPkxeNA^`X=xj5O(Iq70_&E`SsK z(+h9kfZpcgbUj1N)`1FJK(PW94M6BkI2AbN5kQ@9nzPy#Nz24hK`cW-66`wAn$1dy z{^V;ntylc#vBXk>iZ1m_9Gc#CprZ#r6GKG<9TK2a&aPyEV^oP;VyXz})ZT##^cd3x?)Y`ZUn%!OiJ*hwL zN2VmuETKXHn&R@mxChtv;lNq65aBLod^R!Vo#>EVO?pHkeDu0Q*prhk;Mu)(fhrXD zdC`H!yui}omlN0injyIn_Ti&OAX9dHIjJpFQ+j|GtQGpU;U7p=3VL@LHR2HDm9bL^Mq6MfdHu<-N+V*PQMSrhwO;u_ z$Xd}Z5P-!@>vkP8Pxwg2oDlxq29-Wf2_o(*S|MhvxR$uDO0^A4%51ey^rb`ROXEK$ zV&d91kjEVJk)oiyFW4@|m~KM#aZ6ACJlcyV8~cGm`P|7tg*A!fT95RP#0y&E}K@cvz+1ax(@tEzjQ-txk#Om!@+4nkvX_A&7X|MbgZQDISnSt#s z9DMi!AD1brP`*6={u_0#c>j<3)qvN`QrNfyhHWTI3xyeB?7ITpn7GiB1pySzce~gH z`xhzXD!K95;STe6HjtX$(LQ~rcD7*P%__v@)VTgtWutcrUj*wVm8i#+@`Qysmo?CF zqO&`_L+C7f&1lpemQyQC62mqo%fA*+-$4XED(gA?_4=VezRi98>-8?xft>pGB@7Q% zFZ7PX5JihKpt3`FJ5zNC^B^B3CdLK!a0a)Lyg@%b6L6N;4Hfq;{{O&34DhAPqlf)~ z*9?~WlOBaut=s=b_O2u?XRCa#3J3vR&Hy#2?iL`!^J6PqVW zRA$s1DEP%JzPlfUIDH<-YMY`Vw#(`IFPMz7SiKaQe9G@pRL$x-;hI4!dkHh>ZNuw%>1d{u zCCD!qHm!H;n~P{Dizza;WwAT&Z2r|4!Ifz8%fQ!z`zKEIGFsdEzuz4HbN^dp&#Mn) zC-G$;@>o;+D-*Pg6Klz?{;rBI@^P2amfn~xLJ{FE3cPc+l8izVT_sAfP1#>k@3-IC zIEf09xuzygbO^)J;IwoJab-3$gCT{}v-8Stg?K}871>JLZHb8nYr@JTUd~%<3OCM^ z&NS>+hg z>fArv*jsN~k2@)mB((DEjh6odv15O*qZK}5pLs+p5hdfK$;NZ`70VNt#*xb(^Svo- zxh&f~-$w~|Fq!4Z+uYg`LK2tGUb1Z9OCJ9h@1DRP`)Hh++cG+zJrC_dL~snw{J0-V z>-Rz=qk~2_FkxF>V8D-dlhMneV~A4ol_L*rOAd)(kK;#A21Bhv&bUa(InTe?p@r_e z21 zjnpJ@>RiR#)JwrfX6a zSK%9gkjZ5}YbC$FuS`xOwI)IKoo0H<6ju;ag>{EdxOCTi6B2ZsmP7tg{}<8L@vJ4Z zGOclMoB)I@5(TepX-Dn_%=-%qA}%&?e7zg`e=?a?+7`?2=lMgi&rv=Z680%za! zS`0g|6ExbSISfM{WtvK_k`8ETagz(pFeRn}S?5o-tfPQ|57nx?K2M z!@0%=G4{@pcaYZ}gU@8#Po99%6EzrvY{=LFMqr&({?0;ewdm9tc5ED*+A9C;ZOFO0 zyn0#M;j;;mw-@(p^!01SRBim(@N?e_eti@alUel^3!*V=0hKBK-<^P#^t%f-Ome3P zeV@N0Z%5oF>>9V4bB%ahBE2^Rf_ik0JfLXwkBqUT>WHv$wYr&kZBa1f?u)ohv3I^h zAW9Vk*Vy=Ijtd`Xg)7{wN7u!#IQxn@#I9mt{5k6okSITiHm7>9BN8Eb;$@;%qq{LA z7#sYjviP%pcOm6s%4aHv8y9^oJPmk`9LFyRmWLZ-Pe;GoFFg8qc{P-RmHH|-=O2ii z6)_+Ntzv?_3fiOnpHI4CRepG14V;*2qxVWkF~$Ip&oNSli5b3o6^BicvdL71z@|5$39pcp?PA zb*Fx&I4(2|Wq?X%nDb5*I*ocJWx>~Sg`^bdrt=~ku`PPlY=TG(g`TiE!9 zqR~93xQM%ME=OUy43MvcD!(5KfFb*g3RA>!Ib2ApLaq$V1KIs|8=4NDgvTm)qvk6o!MKGj|t?QcmX$%oXM%TIG-IfoGW5~K*vpa zKuku)q)1`m1zYFao-Ul<%pz@)b}Teeca$>xvIn@|qI+MWPWb}~+GInD|9_lrHnE}@ z1fPKti=!@0Z+qT%On-Q%06pLEN0So_`#mKNdB83gWBgCZJpiwIi4W{o32de)fq$l;ObHa0HO z$k^*ZTYs+ys5{@+aRBlXXk_>avll@NpdWw+#TGvGWVY3eJ?6U^&1e;qJ(&mn_l0~Zi+~C9O@!six6?Yf^m!X5- zznGOt#G*pwEeVxZb2lJ0)GbVyIMpU80higJi#WPrHIsjF>d zD_oM$v3UOF+Kt<&$9n*icnJ!!CXxGzU5ZYjC! zTqg@t+GA##A6)AmbE#LlJqc1~Wn|+x*qYcQ!?qPJDCZNNeP@lJ9o*Q-O=XZWWR}Z# ze}eJ$b0O-PzWC81jHtVDWH@YIBm4yxs-7`%Z;wHjiPACsl8UdY(J763g{I__%JPU5 zOmzr=$GQ9gSC3ZE!dPLe%Er*mQ5(+skV&KBu#gV~PD@UUSG zSAmC~7WO-IQnWv41x1PL7Qj=SrfjRz-x~FvC8nb?*L2}PaLKyOTK5+lZ za`)bWV%C#Wj{ndq|8w9t@-}fh+FB&27D_AOD+wE|HV{OWE}aUN&lCS@dX@6ANL%ft zX=QrQl?|lN*n{)LYR8i48q^BAkpXR(o$rHf!q(%l z=zjDoO$qxOREwN(d5IdBDe@eJi6tZI9M?R=efI|6j+&|1Cn&a&`;)qvT>%P1=b!zq zn);|siDRvvOxSJjEY+Oy{9QxEWhHP z`uJzU#J=gK3ok+Vn0hzTmoQ`^hZE=q#cM9!m+L-G-vY_ttS!pifAMwE-$g7h(6ls; zHNkS{H;!nHO&_~5tDD=E)W4)re4vU^g1++cBi!@^T(Z8*U}CY+^qi`_P+sKv{n4+T z;LCXC=hmYz(N2&&d^J(E$Y2ATDMJ^?XOw<_wqeWGGfTa6`Byg&QD(b5BI~?z*B-v| zEW=`~$Bt{vJn^Q`AAzd)%P-~Co*%=_Bs@YOH)Sy1YR$QE&Vt=qeM)kn)rC8=472 z`q+ttyU3eO&X?spt_#K8XBc^KDMWdxkd5O#$Fp~$7c71QEct;LJ3hlH*Ty?S;>V*{ z^GZrH^=qMzc|StxA(;il#LPV>k&%$&A&k}baiIsM8>YZDBJsi4*(>ftxP7}%S$H8i z16j~lDfzu2DP}PG~^kBfjxFTs*D*;Qv@TK092kJuG3aMYs)MCO&L!W`G z?WcEAIvFl29SJ;PAut|(X>O<|OrVsV<>DXOt#)3zXQ7f$|MvE_SjV}h&Uw0neaVFw z!O@N{o}unj`)!rhIP&-xCsBdN+GKTSrso+FT8tjM+EZ1UZ+?` z5I}>HIx6y`@*9%L3YK%XT%mF>sLT*doM9>@rUhXAw_px2rI&lBFYjXr_uc2c#2^B! zcK)SbC|XX@nqsSXF^c2Xsa;3qF{37l@hq3r)Xvuvq9KmoHDFdi5nSu zjESn8?N7rO%G?3%EzHVb@OVPu7WjgJ*2SS1VZ>2u$zGFv&r}>1*@lT5G`aLSsGbKI zMn)#pJ4N6=RahjjcHsygOee7REQ69ahNnZ@Ws4q|d}AYh)5@++#?7So7<_34)VVaJ z@u=l3Un|`r4?Tj_qh(%f}o6kjnzK=W(bV?1jk8jIyJk z+mzeb)fJ$ko(V~QxBkux)WAyY00~ZK=}-FD6mK>tH0I~!9rVq=ZCv0{aT9F+rE{fM z>af!lPSipQ_aN&`Ks0orY+SjNUIhurcla!N)W4L0+$BTRDhi*$LD&c(d!=54FW%ks z*>7GkwnV^=y!cxIJUovPvCk%yO~%ftB~9JeN%=zcrw2x=&W=xr0b0=ZE_CG$RFOxm z9(q&)DyhZ5(ZT*zl_VYd6lRAbTMAigAEI4Ac(s%w+}}<9{(I}}h(6sA zG$79U_>#u!SY+ifb}$=^aOy5<@$97?e{6~}ST-qyDnW>U!b<(RV71TBp0-pVJ#UQK z$*A*$InMN#r5VILuSefgg4&2j7La~~IzM6Jcn{4+^=GlbO*YMhC+&C3-qh8_?`V#y zb$(h7XFG+E4Z~{uI$^aMcnX7Z;|Ra56XU_*ony)mf=^0gwAsVJGs$u)=wkYawhfox z$rbxmtN1Znq>R|HP7Te0zlCqbwl{DL7b1 ztr6fpr*3jaY0xqJ3p}rHmViemN6hbnqojINL<_wZ8-Ye2w`GzBujy*MMeH`E3e!<_ ztXBcgq}2EE>U=y?V+stD2hUI0JW?I76j?Gec)Obk{jxdl`|Qby&*x;Lyx6oaI{;i6 zfnHb42K9!HKVD+Lwr!V$CTxMUa(H12>rOr({wMIgm?V#gZ_ei-K4y#*G+mWv^#GMG zDABC#*ELn~;WUoN{q+d6U;0|gbDySvAnqhlUXDsolU?|($eM{&7nCF`T!FZGIH&PO zGPS-nFZZ3_cY3H6ZPwLRt>iFddtrD~3)-@HD-Gmgu*fAR^vZVaJt)D(U$?jkTfa;S z@$f$ri;47Km;dq)WEBp?oEZf8G7nB9P#i@g)Mv^nZnt+mdT__|n=DnoBQ|nNpi>c1 zJX)!P+zToGQ1)#1Sz`D*4Oc=X{!Z0hapl31cYd?3E>x>(1 z)P8tImee^$VfnYERzVLX_;@z;oa{WUnxa{E2^Csa%^G2E|Kw??p|LZA`s!nn|Db1} zgTGD4xd?9HTN446A!dCmLqTx>ZC7Ox8`zdqZa9_pOFG}Wq3-89`_Upq0kL#R?b!1z z+bKKX_R;^jG}$ly|6bWwoMhNdTv+gaDLF-0J@PvdWBSq^=kavv^n`Ay19^m36Y=3t zbA1iLG5?{RTwJ$vVTm(;4M`-o8{{PFuR`%?VB`GP*~Y=K3H2Pu!9J>66QNrN+Cc18 zM`Jw>BUB?+d_x^Cqc7^X<&MC7z))(|f)S9P#DK^DDj{w8^vc_6rfrAqTVjvi=)8_I zfV7qO$X&WJ^Z?jvwBGJVvKxfy#wxd6Zb>@-;#&FyvlP~@sBq}c0*tligVv6=Z-xi` z16h#f*#n~sIgHyyE8P57eI9=iw21C+F~24odp|1cZR822edYxVS(wWJ*Nm#Sox-Gm z+JcUxSXUs?+m}`lH&h=X*CS7z%MJPHX5z=CBK9i^)%#)CJEfb+(5o#BB}Zcon?~>I zn@9(Rd9KaI4s9yCD}uMV|8KsdsXf#!V3Muwij{Tv^86?AUqH&lrDZzZfdM0d$vT{X#L!^B+K6eQcaAIzL zW(q3r93=+O15&&u(XZjWBG1ezOcKo$_X#vD7$E6x;6;0|3tBXnq1{G&VRrkznnJ?j z*3nh|h+jP6U!&r4WLuPH*}Y)xH}*8_9O)1L$mu?68+~L~QbMgv;=(yK3a`#D_LU5| zU~d;1FJ+kcU^1A8)cW%dsX10U3yWd zZS3UeAcaRCeW*mVhAStf^D*pKXWsasyY}4758T{?6}45Bn|}%KL(VCHwYmFp4AcSE z#$w*Qc2egTv%ZA=o5S}1;EzK9zqOQhrZKU9ZmcyC-*vb^Q_+)d z67ziNJzvH{?Uoq*>I8i}Z>51?V7{@n!IKwmI&;K3%H7!;aKq&$mL> zC=vq4%BW?QCbh7|o=%I`UA*sS>RPAjJo&aG%P?aTe3xD9LE+Fh6b&w8qBAC9zc@|$ zSI~-V;SY5>220tn2e*m0QOHH&0z%x1tUTh`Bv(Zp@~5!|8$LLAh>=sf()kr9}P$ zRjciNv__ms@IMt>u;#coDv@CfugzS1R;N+UQ1#ew;XY-sP}f{wCSe1avoS;UuTVwV z+0)MUg~{B*tM);v6j_7u3n!DmHIt_9J|*;C?_mnu>hyu0>Y16C_}ERo%Jj5|oEE}_ zFh>}S&vtd(-ln(*Es_Yq-Prj(1|+K?(Yb%VTQ;lZ{_Jp2k+M|y4908sMY^&A(6}VR z<}SPnFOifv)e|kq7##Z}TP*kbpJi3E?fP36q}Rq299X4jd)8;hVGpMFB? zoEGkn{}ViVCUj>7gMo*0WqR@;7kiMrZ+KK%p4_K*W9B(m2jT{BPiwmzs3>f5!!@NN zm7-Mk`PFriIf0!JzrZ=Onc2I>A3kxt79)u#l{&MoX{u>>T>~!gg+=%(Rm=}G5V+Y; zG=9j6y5KdA$W43=EcImR${z^Rdr>BIHyfOPD%%mdkRW(T-HMmmVX^+D_nH_LzeYB0 zK@5nN@-x_ZW>~nKYvGo@+3oUjP34whoEd7c%xft~tjY1%ISLHr1o;z%1)n+Ft+1kL zjci3MVpiKhVB|<_GM}8?n~g>2!@a5Q)8Y@PD1|$c_xdCgJw{Z2i`s=Zk#Yoh=}&E! zx;v6}Vab`SlBCM?mv23OO%f@z`jW|=C{b%1H0oFWHtLgFcrFJ0XD%cs4vcB&e;Rfc zn#g06y%b!49STH6tTCdSU22V4o~#uW7~JM}SLS>%ywvrM-52ZS(EfK6LAmwP80J>? zQ+)6qW0$~e+G1pjuy^mTj0C-gh^J8oUwKNt=Ew&?h<=g-RiVX)#!r5t)5dLb5u}|> zE7lX?hLEUOCigbTo)SkGp6<{|rZ!r__gP=3mv64*6phQvCTNpN+=p*VNU>+~M?q5Qj>aOrKS?q;7#yzQpN zRgD>IFX}@+6q(lr!Ge3G6cVR>$O+7f?OC+*TSmxohV5N@yD!KqKMM6Z%ir#0B|64< z{bd+_ff4f`N3{(X*{*p6?eL>6?+bck0Xx3qF?#ydv$U-r5tp2QDp* znLlS#V!NI*PzZ=hucm*&;J0RH3qO-|3AFm#!H;=UVdtT*|ACCqO`)d({ASR9G{jM- zlwdC53m-6IDE!y+pqXL`=;{W{SM*EphR}+QB*1v>`EvczKGcJDbdP;oJq>twAE)6g z_RxVozJHB8uIP>VHmMgXhv);WXWsTlxV7EG1`!tL-wQ7C!kM=9E;Na99XQWwT-yPNB$BX*(?A zN59B@97iriS#tM9RFFKC2fPb9y`_RT(kSvUd^vK^Vi-$lJO@4e=-ZyP@_cTU1wsgo zY%T?a07tQN{^n$b5!_fBX<)&`uex`Fq_NHU->)&>qEiO{UZDy9?Rz2@;Xy3|sA|R6 zsAJv+)Ojc<`bVy5lMOQr_^9FX(9vgfUp>5bR*Vf$*B!+@c$wKvpV2(8S5bA$R5jW_ z^n)L~#%zY-QgTE=d0o;L?N1euqIh7JIS%%j%<>Ew3inxB5;=Zi4e;kn79!9e+ z&1WRH&OdC$mWYRGb8Q+=KsY~&$zY*#=QFO-+{j88`)5nVD4s<;tWsj1M z`s^q?!$dnqXM-Z0zsF*`PgMf={oBP%{D-%)FI3ME)1@s`)7>~>I0?H&Qrh_)Q~;~o zeA^$gv%Me4<8Eoxd(T@f3Ew6F!MYr^n{GBohTJzQzDoT_QuMNZZ%{+!|&*o8i!qpmkr!2)-chp73gX zx<%}?tNo72U59D^@GsOyqLmfj7&m@c3^HR&-LbiqOqYMmR6bML^HmI#oE+Z+Ym38mXEep`9ZGZx#(#^qY~?ZNsfSiDb@2N+0m5>oEl^ zsjL!jiV=aLe*nGwX~%!v6||hVFC?}XulrFxUU3NZgW{Tzg@=3Vfuv1)w*@#Us%ry> zo~Z~dvv-eA0o#GLw4&V>27=M=KQ??|Jn@z%&+Gnf2OTXV$nlKgw5*|^Bq2?UBGb`+ z6|;vjAe7>4r#irdk(_MyEaFz@nIg+W2S=yRxe?{syIptReGZbvBRvkE92XqUHr9P; zUtq3@^we2EM5G!dh8vQ9wVRX0@Ij3rm{;eY>?!fZgfSKVexfV6HTQm6m3s4a#ss}1 z47K?&jZ_WjXh@&QL#k`ym&gpce}=nbAv+zmPIqPSJ>B1LZzD^h^gga$d#8*V9SVir zTL1|ec@wLnTF&SMe(~o0%Q_revGmR19YqfDJskf-(xfv{9{mayA zS4nz`o64`g9-PEi-eZe@g4BeV6_yF#tWi3;r%Fo~FnafS)-zk9W3s2q>ZC6$@h3N)p1Q4Y{PDX{EbQ#`|LfK`iEb;%y&H6lGgzA%J?MtKRvEMF8TG(Wy zVJjEaS7E=xosAm*@&Clc1|NfjlQ6EBRlh1WMnI>hk`4h0_6~Pkh!1^Z0#POtUNn<| zU0q(Be(`fFNzyAhqT?|3NrgK7jZEVfY9&g8z#jH!-^Y(3dg$@DRR=2LB0{BlgY-lE z`MddA5@us&qawok3uC(FnQntWSL#&F0}}$M5tyM_8PBYh==U^&(Ij3LZ{w19UsT0g z1P;>$W_?E8#4&VCwnz@&s!39_G$!1|m+L5ckUdv|8vA$?Bnv#II%*nLTkcek@Oj83 zYgFr0kgV$p)^+W89k2@|5dIf+?-|te*RBf(K>`Q_kQQ1%P*kcQ(witnq=@turHFtC zNDC0UfYOVg6sgh_h$u+!9i#|IZ=p*~s1X95<^S2whqKR__uXga?04qJe?GRkBtFM(g?{TF7{>-Wk(Qgm%9bDw~?iEIC+SvL8L`VVL> zHnN!$!a6O_29mevbQnK-XMMSpB@o8SuJ7X3XGfGcP3;Vovny~+jeXU=ZmfPKhSjMq zX9!lCV2t02IF^ZmDJvnQ(Dnq*d_pb=I@v=t45+3a(B}nj8GPx8uzlt2qVp>~dy7#74=;7w zOXOu*av$mh7uiJpMmxvXS%f}p<|Px}Jz;96vRBi2+WL!yhgq;}|7&OcintWi=n3*O z9#VGloXgnu+n&q(qa>biR?^rK4P4rx=O4&R-i~knJPl**Cnn*dtxSz?B*l_?89I5X zQH!a^Q~*p)TNrE75;4QKpOwnl*?v&S@*g~`jK~XNP`>Vk=}}*dwRAXYMg$!@hoW7{ z8#08-M+?fLiG@x~s-qq@mvLJiqt4ontIn}r;?wBI_=o12e8q1uY;Ucm3{X_!gCv87 zbDJ1fIV8tTiiK45#rMw{3=Fx|b7oaZ0@uYpy7&hA>O$xK&g9S&i#rohsL1x?{IB_h zD3i`Y?IRuP(T2w+oRPO!MHl(ztz&(r3F0^se+265iO-Sw*wa#F&jj#D8gR)2#o0eS@biv*Lrfbl0Hr}Xl^rzq$a z03i9k-unaj{2h6G$p=FC2)>i1@jU9qQTyz*VRxY$Zf?G!Q8(5if2N;YCCkk7k41^J z$^?WEC2Vu->0eeh|X~*m#K^kCe|m_Ev$z)zzCKY^LiqF?AyDC(Ql>ca=0&F{M6iSE3eocVIMFg(uF1yZ=7cBBRL3V?icfBetjLt{G!1Zu^~(%^~~D7 zsb8AYdoj}ylc~UX*6%pq$Y$nv9M&KKD`UQeYky|dOCSAR6Ja>->o!@BY|o@eU&hLB zlx}=89OmY0L7?kA$E&56Tq7X61CzbjIvLOqf52O&L5W)Xg?kFk-$&<(6HQA6LYZ2# zKk){BtKRsz79*S%a2X~fT2#bSsUNbL$vldp^GZ51z{6g-*G5a~rfU?;O_<#*SrS?j zV&5F-O+RXf*gm-XSJlS|F`CRQGa@F;7@f6>0XFd~frXlrhlijdOfdWS2QvNyc}jmC zXwuAg+C->K33JUgnc-d!mU#5;?6|p6kn9m5@>+|{P9k3FVBLKcLsU}L7YijVtjF4+B(7fO}h?5DvZ+AC%%E_dRVKUSav6%2DHJXeGyqv zya#wfCtby$<#mk z{OWr<>x;4$>P_U+eY_1m=X)9Cp+3Y>%!fLSLd(qYf!1eZZiy1VE8|kwMcDcjM&x#L zt>(GNf2>_4U2i1Zy9qm{`ISjvLJ&sNE9t;DGxV`3eX9TPgyi;d;xO02ZzNI`HSn-8 zV0^VXbm#fIfuf4?4?UgVUt4ZGa~ilVSKcH?6A9MZfD!Jw!;WcxAqjA>Rugxia+mzZ z?pK9_W2O^n^8qiMQOoX(7T?fsu`9nh$|k?m6oS}N2yGLI5?7)*v?DW|9(^BIZfZ6s z5p{TUZUG+btlPxI^EN8##ayAjuIl({cy7BEj5fcMz148K_mBPVF;3@eN> zv}y-&U!1PNkV2T{Xm$2VdVY5vPG&qM!n5vjd=V6zlYAG^CV&+alU)du$D%c}#m`$f z-WSw{usm2gt7rv>zpE|<hr)p0ULx3k4NEFR?%?5?nC{gUtM+B{yW|qc~-uFIDpl^+f3!MUZwQV~)!{?UBw?&$BeUvZb90jQm+Q-JU3%t$u3Jd`zZGhnS%-#t zytUqp3%PVrA=s>~LAtI^0pZX>@?j00T86Xz%W2y8YN{XVACe)qZ)wtxeq{(uY%KnP zOg&$*Uf7|Xg6EycjF$%stv<5mJ=f&k4WT}vg7}A@+uXI*qP%g++X4r-0;&GrhFt#_zJ7Im zvLhw8Ey3Y9`u)r2p1BswgNR;!uW8M zM1iHuDN}E=1vIeR4A#^h5ZkOu#NJc+62%X48oLzjXAU3)w@%~}^w^@#Ay3;gChp5Es39V1}#(r+$`JeG>{*FIF@8^f1_O?cvv&Ee4z@h9!u-~&1kn@QmgV?o6Xn2yvvcEr}E z@a(c$e3a?Gn5{K*g<@vFGPl5A6FblpOErNSyH_8%Ae>pEX(u+Fmz1OWMZL>QOMJEEum=(s5IIE8f~s4*a&yFPEd1?7(E|t@|uDQjBWmctEKGo#N8>PAnPqeWpKfR&>sQp{uc;t zZ5fhjX7%{?%<$43Yt@9=E&8J*5>nw`bU~q{jh8;5IS7}rC9qDz)cS&$%{pb*M^35;A=Xi!*ftvOuzQ=!WfvSrdlE8^`Y|UW97yE2yE;=gG&rGPEncsTMc*o)%v)>nKUPn<*Y0P^C`98rv z5LP+EVf9_HIhk|cwV7NX#}G(o#j~^Ci@hwJ2-pX`8ourq3D?U=#x{3v!3ukdnzu=S zi}8!~hRcKHk@0_d6}HjMx(fnng$q^%+#ENc99(`MwRkOm9OS=wdR!8gWz`&KI{l$m zJl)P-svowD%s{f0Ua2BfEF4uOYnVGEcEHEWs7eh~bsl9wWFhC>|3JRvwG9$o26H3q zc{OsYWBzF!piU+0lGoF@=D9{lj%bS({Gb{&C$~P8{PHwnSMfHIbnPI>)3Sy{q^Xa& zM?3bPb^H{RfbnzLO+06?Na>e!;)geP_|f=#p&wOeEG`s8aV^+i_V~G-3!;8QO-u}4 z_?`zaH$UJ#8bmtX)DZT`$U(;g`aZoH*5LN`xB~0z2gwPruj0);zckddLu3kRu z`pxgmDZ^FYpid}s73u^C5_8>aL1JNdqclcmSL&F1tObH`vULM`&^EgaEx&Bi83u$;UR3HEjHxzxgEuDIOe1QRG%Ne+xQ>7RlS)pHbF&-+Qs;`AL*th_ymsA~Ne=6|Vt}ukq(W_q6vqM%6K+Ju_b20vV9A zf=SHSz}fY`ABkrEPzF6TJ2v0MXMMFL zgKREzgwCnHUe|kKpo?;Vm$lR1uogo`yo5u(yrVb%bkKaRL*+v6ApaXtY3jVHhuc|3 z9!}0QCFO>PWop#)+%Zy%x*sFRfpsRxr|vo9BYNQG0?`_$uM15bjNZPA*iF;dDhq>? z3byjIf}*wfW9Z38=+J9k6UO3*;t!9);A93`7xl|W_ao(XwBBghc`@`ch7jIFMfBj0 zBKI3fQBPLQMrYc~?_BC+?d@63xhl2v2g0odakZ2pT$m4F?AW1As3h4;mJgG z_5^VIZ7hjIBB($W8+L^CxM}uY%!JC!fi7gZw?m1SUWCWDI`# zPkWJB2MEY_eQyJV`9{F*T|XflrezWt=#Mb@btn@tGu{!lu6bljDU7Y^qTnOz)dn)n;|Q}^AorEXJam6Zb~Dx8;=4AZ z`Z%e4eIY5BIbh=(*8w8a1K{=N82vGSy0ru}b4arhTk&YJ%!{<75xz;eY7#Gd4hHh? zwFzRPviQ^k2f&)2qP4do+-8vGWB^L+H~~6Nm#q+ho%m+~cMC9`XbHrxLBVA);bnmICuW#{wOup^N?< zXH+mRmlh|jlBMr2cV2UCSRo9MLZUEItHrD=@_#RX`tRir)L!meh%|9geHqHFrMFLg zc85K(n#rf^$rI~9G2=6j-`VYc2t4`WuSV+~(&yFh>t>W6qr0@%#aB)PMp`1GW4F^{B zg>>iO@fN!8#6|P!pqv0z*8)rR`$^GGN71{G_`x{%XI~qTG{|dzB2UmZE3`&1yW2FLsz?#qH`A80asTAb$cJPH+`JJfHMSoSk2dIy1jb z4^>9h$&bHX_EGs0zCysTc? zNEqfyQsLCyL(jyny&?4wagxdx^TB=nzWcvoK)&0Tl8hA0_?(0PwdCWWS!IE#yVgrL z-!0LcSwFG^2$v1D9q%untE8O@5=5GELQ3(3Lw9j^9#RE1v7~6XH+qLGY0+nk`>R`G z`iT(_7BTT;_%2@febKtY)r7Ozp~uqSVmiCT#C97M-;J{e^2aFgMy)g?wla4U{cjg9^~V2>{&uj-)_mtF4T(~H{#_|qYTA` zTBh=1|zL zG(+a+<9l$jdjV9yQ~uUKr>X5}Wt)>gn-R0vg{o)IOfP%7^CZPgm?!Cx@N%UuV&40Y z?solwz%fZPDb^L0`eaL2C(>cs8j8^_jg*%Y5D^))C>zxH`r)g436zE@%81*PP!Ml5 zn#lr$VH+Z^6t2k}e5<~a=zY`S?RBSy!Gt6dgTUEZ?Lm@tTBx>L5^m?vt_+8XEI$QN zri?XNWpO$*H72L&-XE1!pX{-7)2CD0ET-EavO@v;`U0W)M1BGVc7-8e5^VAIUQN{< zvp0^&a>1yN^v39o%4J=ORjC1vmGIVpiPGK{1(7df&cwUI`Ojk0$SCa(U00%4m`qX-S&=&X9XFI7#i){zBxx<^17Qbiy3bH6z5i36erdPnz)1`+gN1wQ%m}4WTq}np1!w! zqF3Cx>NF=n2jz78W%&!>^Nsj``GOEkots~g1^V_dTEeXmQPFGdZ}mj@yO+#%5`~`f zA~ep$wP_rL5ko25x>O zn&N$Rc)J$$tCWlrZhwl)&1eEheQEBYVXE<&)YEH>F_D5^SFy%{i~sa5T~MyS2WS;| zHx6yS;uRx3gdBD7e5qD*-^awJ>N6*A2r!t3?Xd)FyT-`72HrZOMU#9Xcr6%>2}@La zIJQT1K09AIF(lL!&gbmZ7DduUnn9~7{|&%GMhmgcBIMJAMg96JLSi1u-?v+9B$=h* zp*pZV66YxIa?#+U_A14IC|DzGEHx?ul;%H(cGe4NU61K7G~~H8MU}w zX*qYDXqdDNqQ!;689z4CiK5S`CG&;1Ugab2pa3#X&qjKG zC`uT~=1|E%yg%d)7rr9ikmrjIxOdYq&!Q67O4#rK^kSU)8PZy}_3`E9rBPIo@N!vQRRu z$@^+f^Uar#RyzD5Z-ZEX4CKV&|7a?4uA%WXwLwy)Xv&13*8a7fHkXxd+){e7@}$0<wOI8Y5Y6`TC(nEzFqPk$itER)D;tUH}zIhzO#VW5;G1Bw{WUuxpT(A zTpPRf)^PWByT?`S!5$+;-`Og}_~G%j29{~#?C+zdFN?VMr%9=Gq19ti#D@gR4}UkH z&yGV5l|JZ_G7;Vw30Ik`kZ1hcx1_qKr4SK|HRd;S9))`Fk(q11rBlq-zpA#lm-_ofL+)wi z0jo_Tt~9lJZ$4(hb2Ym3f!bN1<8lu~;6G8?neZ0>iG~xX5ct8%_{aP4>sPz2Tp$NG zE0*WVH;1M`qLpkjZ%4b+;2SGS!>ZQ+F$z{bARB~&>h}VBGh$!*uWpb$E1MHX7 zVu&OG1s1afhpO4nzeILj*2`9A;LH9Rob|ENoF18)g2^R{xJd!WNrTtR>=NgrT~?P> zGv=<#lT1$_wg7u#08Crh=VOlr0pT|bu*y@9wgj-kA+9(BG~BVU+wHLjYZY76eO66@ z$89|%9W6>c%8DXzdB=IS6U^b=1Puk+sn?wEE-$TTrEkHZqR)N6@IL8iT1C~K^ zQE4<7Kr4r^pVxtoKV`nCA?Mknsl`vOW}W=ZlPoc)9}3pW2fURf|7$3=-UY-<;hO>{ zubnDIQ!l*gxUW|zYg}~Fni$`qEX6$^Qv-Ghvokp2tiYN00qj5P2O`X9KHPL8xeyWI zQKaxb-(F?whJ$$3>Gxc3dnDhv4_&|Eq%<9(6bC*yovGWPA9z?${6dDWrtaFMPjsB< zqBQ7;t^TP}7VHYR4{&fFgt*xMKpGzXy%WbQZF5j}EjO$}=6s}CZJMJdxk>T%YlfOG zN%W=^P3DbVa%f+NsKDNOkgclg4x9`AcB|T^%PkM9y6~D3`XYp5(i0Ysxh${BtPU_vFb7PC7oH(3OZs! zx1T&Eo6os~Y`*U#dYrrUNNJ2SH$XP9NW zDbX1dDRFlyKdbtSuCcH$8SFl$gC_E!Kl%@P%R`|U70W4nCe}HuPI+F4xm9;G7kBV2 z__ed0-;4Q9M&Adw6jpR6C;~Y`;^dnNg6U&F6w9NRN9L&f=_pH|xGE&A-iLSZA-cY` zR(?YFb+4`{ltWUHO#x&&g_AA*B5OvLHiemXmAhnLmIKGb2cF$nQ+U|D=3_Ma#EHFy zi>o|h_i#*WsCXe}RN7gX`KEyZ)klk0tE6M8#CEcvW=yW41AEaj!2|cUKf^?BOJX_E zEpbIL(P>Ze@9boNe>6}byBvQMf)URCR*ts|U#(7QbG^%)cR{vHiYn`t2H!l1>2XI{ z{?p{(4bzcl`zLzMavRm7eA57tRT_ZCIuL8ff+?hU>-~66j4ke+u@M~jl2sY(2YAV? zyl!>*Td#Y|oeV;U4>RO&q01w;M*Xi33JX7R<#4@Q*s{H;eXfuuL1R{ARlQ=PhP6mH`7?~b?C_=@GD$hw;1BkpXfx{hCr+TTDvGFnE9b(8(*1>Q4dpWWU0#6B<4 zsi`18{tI#X_pJ55>0gqRQbLI8;H3yHFT>&e@#V|bj=e8mN^>ers|HXF45Qt!T6)I< z@_=&AIWt{A-+Z2^r@jius@ULY(Ag&rwTK8dJ!V-JwW!bmNJ@Tp=R6ouAh4Y_c-nVA zzVeog+!0Hs^NLZ_ZcXC!}Ki>1Fxbkx)iYJ&(w{m$jwDuL77JkiHWEE=dwwiYjP5rvA}d z>R4l#CKy@Gu)8f~5`I6h%|_o;GD=ReWR~56y^T#Z_XT5h#L%I1=F@eTVr^*-Uw5<}UHNP_rr;v2D&!2ot+ z*C=*4llqLC%?24WPTTpBVoB^Oge`Y==GYkR@5*^RY!SAt?6Ut*WNdP2jmoGBzcE}E7#gp ziR(Ami4egOu^iLuHI*^X>LmSqA_c!y>a{07y0t?xqfT~pF<<$Z(w`E28D|*2h^p}8 z?PRv(YyA3pmfcsw>U839c`cbI-{V*ND=S!M`zq;nv}5}j`(SB%X~hB!uXfFK4izt74q^ROsH3RV{N9%KAkhGO z>hH}nc+e-Hmnt#)%g&qQd+tam|G9>9gzfFWGX|5D8&)DS%KUP)!QUEft2q^$O@op^Oax%pKf zT82DBQxYD`H^K-N2PNzsxBU4>gf3mWx@8;7eA2A9Nk7F`bX~lYzo;2;18tkMM8E)< z!i|)74wV84ZcTB4iVz5JSTT+tUW^U@$(dwhmgGV!3H#dR;^z$kW`u{cWs4%zPb;JC zicyiOpKEnln?3v(^&mc+#Z7w;pITlWL@Vv)hnCovA&n>xI2hhV!oAEo5z7}&&N<83p4#*JtRl&|cV`+6mDK@r3% z^?hsfcqFpo7#^~@p!?-UZ(Ms&vz4~&lNv+_uv%~*2v^|AG+`_0C_p_HZEfITXoJm4 zk!|xseBH+6e3`ES_sam_#4@Q}y`ZJ0UyeWjGs-COCTOltq~2Of3WW($!ud|@n0}(! z35a~6#AxY({!ji9%#-j<{MYtn!Kdm%P5gXubs6veT7gN==yY;14q@`XjMQo6n9SZ$ zO1Kb7$aR+*xNgQ9e0@7~L5LlxfmHcfeyVYa$Hr0i%{v}>lIz+6duDCBav8ioEmZ|q zw)Hfm`F13>GRv$#6S6;cu)dU$ds&L&)1if}|7{xX{Vy~o!vB7T05Rxe*Ui-Uxmm$3 z7QE7LQ}wDQOn0q0Oc~Jsle8ls>vFD(AnRaGSJIz%B(Fxg=eB}z&Y?aBY;_}bh2}CC zRuuUUDAJE%=c3V5M~`zHD7fn(%o8DR5=o2nbTHK8@OE!t(080^?{RwHts2Lp1f9_aN?;F- zVQI^pIR1WXOlx##|CKE?LlpJ=y?(qBSLj_axOJ*1t}B6Ot>*=e*!ueHkfPW&DoZ;p z&m|X>of5XFT;woXB->(xZKh|+cryRUbKQ@Tc2fu9b>+hk@VPS8FjF6K5=p*tb!FBz z(UCT5eyqK*qVknT?cD1lAK`5A=u6Gkj#7+Fx49&&R!{m8TII`vl(;e4OPpS-utiB`^7LWg0B`H8FFC3V*W%+W*srxh56iB z9&Q9J=;>hxyBK}E*}-yS`AJ>CIimKDuh%ZkyeQyce;0&!#it7m2AFaJ!2{s+0RXLS z{06)eJ?qDA6Kt`X0l|`7Opy;+*f=*;*Zm&YnXCUcx)=t1s{4R~Q?zb1!T%g47cC-} zdnk%GVQB0v{3!Ar^-%ts(xJ2>kkkQ$T>}kRS2>M20du_pXYxpGG(WB(5sNtYYw~%J zr^sf+@408R9OmLL%<0sdH=)m7_+<8dJo$8};u#QoKayGO3{vfmxQ@*dFLxAP<}vhJi3t3kx=-J2yRtOOf4$M#67_#T(O zmTRD&QWG&0;wKIIBmO2}^eshj0}YZc5P=xL+IC2P1zeQla8KI^kGbMrQ&AhZy}JYn zbrBCcZxRO6oqjYQ+qY@72HR}r?Z%0>UQvDWNSH!rLw+f*PA*D99rt6-(&J(^`?1`kMk` zVWXF*Nlse3-~HXJnslLs|M`MFp7yL2N5PG4=w47@dZx$L-fo`l@Pjzpn^7hW-BF2| z3(x%DkgQ3pA~=aGS%A;}3-(&#)xLVk6%(tG%kc)6tasy@Uy+G|%x-|A%cEybo{PgM zP#!9xh7IUKImFCS7A+ehSdn(p<{{oo)y0^mNT^}u5K%8T)_}f4kk3I4H_Ir7kFG50 zXz@G{W?lSnj>BhHh#Y@A3k#OJCM&}MWe*;IPL=CjZm-bq zFo^w5ac3!gS$RO$4+IJPj)6^xXqhZZatYL-RL-p@I~4b3C|!=Bm7PDO0iFhmAvKb* zXvrM=+bd3@YrV@8nyg}*kq$+-i~XOy)Ycg29ZSsA27s(h#cATrk($s_w1JmUO_i8x zvP0BHhLY1NSqwpHUt)&nPH@8NFc5t2YB^hmx4Qna+dQlk@5#Q!MB2+UZi8hENyqt& zeKzVrR9^gChYKc`y=TE;7qxO7(l_J}MN6j{eg*cL!y+o*BM*&jgKX0H&=GfD2K&&$ zOpgyoS+`1Zf|;fm9q3u4n>a}N{Ea_-`E1K4Dow_vj2V$9OU$-!OHXv-(jk)Ro<9cC zJQ%hylxS6BnYSRqpp30ed*QTLQx#A4BD?q5y}kvpMY%$FG(WBP5u z7|U41r`>&tuBXREKjtOE^z^|$zRc(TB2NE}e_#THMx2={;cbzLgXG&vLzY9lUwSVE zHQy_S=6f0B7jASNtjbx(fempda$oKEit5d8bqn9aWh*g^~?At?Oz5x z^dAU|0_D?21_?(C?d{|3mNQm#SOOh~dSF6U(fp&YFJxA#11_9>S3vwgs}!tzvGtv< zo8G%ZCnorK!rMH~EzkwEkIDMi^}FT2g0C>|gG#m8vb3x^loLMy$J{tAF;ird zpw(d>Jv~MTS2@2dHd-hMiAcX#JP{+mdJl36%+R9H(%2$wcpKYH*!!D3mN%NARQ5VO{8i%vc+Y zV$J7evP|Qv{aV>Bd;`4Hz~Y6Nn0UJ>ZZ1kre!-hRw)MC#EC&Y}5-RUmCh4anU31*) zT}XTW7l2O(-a@mRc2oTh`#KX8@%S)N%I306-m##+DZ5I4XB$TghzYOO$@~gmKgSXW z<_G3Iw#-;&Ww=}%>#nNX*g}iPQd3^lS;VLPzm5XmwPUxdrAt6Aw>T~UF1ymYIpmZy3R6`q`qxAwZ<^c9ermwW9 z*lg;qFU`j(*(M4GC%$d&#Mt^lBc6Yy8!#OfY#IQOK_&R>^Y_N%OH_o?hLO{V#--%- z#zXj9K>7g^86`uJXgP@jLTk%$SV%E%Mbg4~KcG+xqb{b{hU*`5JPH;QZ~*6K;aT@2 zLJEKDgTm*_KF?Edk*(hpskZB=xYo54c2+Z9EUE9=8f&bHJ`l}~y4vqO@ZkZt-x7ZV z6rTp{i>)J%umTfxFl;nC_HFP*t;*`%{S&2Oa|;WN=F_1MGWSATx&z_BxWtcl$w9960#rbmYYQsW%)nbO|4P=VPG3kj& znR8GEo1g~o7BAl)$nf`al68+3qCKuLoM<#}zlAnJ-`u$1ZMf`A9Yn@JUHDuZM%xNK znXM{auY(>ATPZO8dMEGkF6ijAZJ%TXi7QgL81O?M6y*(AAbdR@ZZW-;3I0c8KWP}5 zSYX;xM9MO2;?sjrEtOL`RcDzng;=TCJg&8=QKEzgt z@TJop{BW#Ud5b+&+?t%tc6@AC#sA)w`|h+4b;iMOA8p4qkx7Y}1|~Ge^rrHVSW`wp zSH;qq-Ch=~Ae)dkZ&DD$T4$1bGePw31NXWF7pUo)$Eoi<+(BI3mZV z@+dG)3X(W*?%Ss&nbBtZ)pILf!h{`oB5&k}d6i+W`LGnP(sk^{th+oyAk zb@avSp2wak3l<6shuCj-8LH1u4cb^M%xtXu-F)vQgU$ER)5d-D0d^Jv4&y`MXM_Y+ zQC5M98gd4UinN6LQ?c~xhc&+DHf>)eg`s+o)vDq?mW9~hiaxzL?V&og$F9CEp6yiC z)T{8OE)G0W(0^iX*AQ@RH!s4@qLS-EniY4Y*ARzvl|aEBse~xtEx7sSDv6S1NS^Rj z((Z<o zv6XQ%h%Dkov1cJa8EMpFjN=seyk+{!pYMmINw`2ay7>CCFS!v%Uj z4?O=oEDQ+dyep`rq%~pU%m+{6lEiHt@M;{3buxq3y zh_oF}F0o7|9sK-!g|W((Dh4&P8gzfpv!^DFInPn2>-`5sD7#El2rLj}nw_**FP93mq=Gr({}oA`#H-jH^0Ga6YBK4Dk)`K!ndxJ+E`~^;!^N?#^)-<9Sk5 z5o7SU3b16(Yv`%cDss3PHINfv*qF4%i$y5Sww==T!?;>C#srdOa&~wVm3S-DPV~<` zuTJD|fmxw}Q!>6YkFO`ffbZvy8#t}|1NkLbPO={x-DszHfq-eNtQnqNH@rA2o&0ob z=HAVh%kQ3(MICgwnkrH^kfNNM6nNQY@_wEk>_6=$wGa!Uoi}(zMXsTzCcR-eKA`f?7oI*$-idAe@51$$aa*v zN({g{>c9zVdV|hsHb$;nCZ5|jq?XO8qviu$ftVr1-EcLk?#4%yBC`6&L9b`<_QgLC zl6be)qV0mRVwwL(S+~Ge=6J{KQw7G^?(0k%2lh5mz~F*W6A(1d86rZ_q4RSW)*D2} zw)XvKX9{ZH9iz)IUe*(8ZpfT72(BIzBFB@zc1x>4Rz0}9*7J9aw_WG61c10_|C@tX zjNl*`Y2yn*cie>@n@^e-_Nq<+ZrmrBi;^7PY(y8@pNZ@F8^fKoT>VSd>@3y2DE%5 zTmxmumDN3+GfAX!Kub9;qY; z8OyKvH#!8YfaWTc@B_O;gGy}Ln?m*PZL--glr+^cJQM8_%MQ10rH|sOnEA^!&)n5? zF9py2;@`3u)GPtGk_M`P9~#xfVepY28~Nr2-f&CkmnrY_Z^MhRcf!0c&*tgO$X3s! zug01Ze_(R_L9x3cVthXY{Y_s0Qwe4etmj4D$_fybU5T4XKwbHHl^ut zFa>v@OiW8HAONnu0ybk*9|{LbHnanSb>D?yf4xr{B|gRR2Z^9zA0`R;M<+1tAZE?SP&d;btHf)k z4&Pt6skdbNx(Uw9=}_6;__7Ak*8J$W{K)gIq0P&T@#uD#K2H#9KP~vZf-obBus@J4 zs5W>mPeD~p4@|)xp9m0cPaaYh{FI0+%ysDl9&IKNMfW6K7r*G|{)3h@IIc?CMDImE z*K+BcD;K%ti;;W5r~qfG`) zhgxycHcBxN{E+m(P8v%|0h5>F{);vl)6#;N4gIzMP6y$?Ym>gm$3~-N=evaR@Cu*E zGu{gJQn-BY*FWd-k+P|)yMtVs^)| zY-V)2^dne%s1~t&{&hc8Xe@Ovlazp%H*XLc8oQ5wo?V25hsWD{bH_;AtbbGwmF^dn zq)w-G3+X$Xv^x{dPx)76&=Rs#E*aoVPa1^R22eJ)ZF{=Y=@&Kog~b3UtxQ zBd`@91CDWEvi1ZcL9qV=xr}IOJY)uY=#OqCL{^3X3bnzel85{>(H5*&-GBoaK?n<#FVD9E=Hw$%#U^bfmC3K z$8zv1jr|*gESS0<#hT)#WSfydifF7ypr zmB576;X=Kx08WS6LuYsNQ;PHMGHj9Pe|CSa1aXZyuaA@5JOV`+l#noHR-S2CUt1xY zZPp!^qiEN1DM9U7y4!G`FVjB^2$H?n4h)pYQ;lysvJ}R1uEZ8k-$~FppSvXaXj87B zl@1E$fVlQ+o>8Jyu$%?a413KPyZ`~MMWrl+ZQ(z2!3VwV6NAX{aHi=M`UkS{Vea_SJ;-rlC-UoR2=VcPS;_NVKhvJ=we6H=D|glWcfwV< zGsHt;WDGFjh;!&`^CI+DD)TjqX68Dg;wm-^TZEdzuG6z5P;#sWJO2FjPdX0iYrJGT zk_=^S^j33BPT9$^@D51=XUsA{dn(kStWq0YpZsb6K3w>Wxf#mN>{~;15Lv>V?D&?8 z(M_UcQS%JqQBem>IF|Mp|7(QajGDgHvsj-kV1Kr)aLZmPVBkXRDI+krQ;ZC-gOQ`& zws}pqjmfm9k0rqKB1WIK*>?Ae(y-GfcCQwdG=?G1%iX~3nWX6t*^ZR%*u?gjh}f#` zzB!m=(s%1{%Sg9QKlb~d7$+nHU`kR0joLr>iocRZv#C+r`-Bzsdi_DTz@Ym+SJKj0 zz?ZS0f-3Jz^?c4jGWr8?|K;=%Jt<%{_xZY*yT7!h@Pg8HA-e&Vl~n|4)l0 z4!`5G7XXGa~HU!P4>343r=%lmfh z%OUL|CT5Ue7{reeFB!L+D1^hAqtC z)I2<-=0nC~tz;sA0|BV|ZFYWN0?u+?ppp1dqQr{8^)yg|f(G*%L}S3t#4RiGCsDrG zf*|Y4i=72eW%Sj=rWNmh)8MZamsB4423ex|Rc6U@V#9&v3!i%!4tke_Kp70dGLxop z%^pBNjTZy(OlzJj$;Y8d^~+KCY13)dFYSU()fTKaqVmn;je?(cb|&010saJdeWhS$ zI}n2SRJhE+_jN8fW{}lHc1k|!RS&+Cwsr5s6t1xT1^2?=>PE;|o|pWmCdGez@sR)F zi#G@bM@q{@9O+s3mNV$PmVAyyEC_a3MP{PhaGgZi*quuKgbqjP|H0dv$3xxrZ{s7& zkYz-+EJH|T3&|3OlqHomDcdAT$d+Uz~hj<};u3JdgMBK91uZ^iXiJr;GTD!$$+Ex;uz`hbaF= zXpB1y-+T54@@qIyU1|R`MV$Lu{*=nHtN6iGidBmfDURJSp!Jg4*EcT6>m8g$?> zLkht64qt~BTp~A5wv=T%Po?U1T?p>E{9dLnsX=Tuld?6r#<-LrSpJC;6tL%2SwX3+ zdwI1C8j$zi*>&_N&$$c%Ej!iSEu>yR4}Sf!4hMi>fLeHL(apT1$Vffpx9z zRYYoiPLpzJpGnq*489yW3d!_`9C)O1COGgj zsT6a1;~o5-^kc>xoD40qPMaw2VASiXBe9t1c%xBPy7Fsnkc6D_HC1a);(<>~M#)bND8aT-YQE+;r14yL;aYdUG zF>sid@V=icg4g29kLK{{JFyozT8JEFfe2nJP(!m#;=+9EEX*caMDMtqn7o%&l`(w9 z3vR+J`z5#o^g~CbuGBJ^;qotryB)r zj$YzMxerhVI+wS!?A!^L_r~$3m$q*Hk0&2!?Mz{t5S(b^umi$2cm@lcW-o>TS-i~_; zd_GH4aZNBzs`2OYnn8>0@%4VKoKIz5hL6{;wT>3CG9{?Dcg!VPRfpjpVHxLZ#xio| zmeg8*QNLE#W~lI%E_{-6y2ix?4$Y^^u<9GSVt|z-&bKPzNOV#4bbRMuMuyPjoX<;O7q%a%Za@YUoh1P5$achy~sXFcnxHrO- zcO!-aeW`DyQq*>B#VsqkZWSWpn!} z+k?pU$HQl)lOFJ^N`(Y#v|jSlKFTl)=M7+^m`{n}xbh3nWjO}K@0zMc=e@Ltd!y`a z+tekY8J-6_{kq-XhRK7 zxxLWh^<&0HROS_}&YCJo+|7QoJtt&)tg7430l2^2opM8U6j1_SeZTu&3&nl)$TP}G z5D30&GM#tp_(_?1hAswm0NN0h>V!5$ZcpmDi9J)%r&v}LrI@%nK~_7!hJfetK@q0H zLh1zazS>S*bvkd-!TbG)obr`MKmH?yE`%r3s>miJKNU7LX8)`hY7;qq{h`9EI^`xS zuB=2FPlvs% z=e#=orUY#}C9iKZFdHF;dPcHRyDr-B@`@6~BfbGDGSfklX~sfbs81Bo0#ocXq~%Ng z$98>;GRc}M;!1|ejgt8dGO?hGRAER>#`0kXzX1?kS%@e%r6#YjgVkyb>gm70(7vd8 zc@(_qSgoTk{R`ihy-e>=@#F`An;dp`4*L-|g1OFIx=O@H+HjIfa-_pvZhcx^JEGOh zt}l1R{IhVsw_UwTB*k;Onwks)XX4O>%fqzf13C}oya2Yg?4RAxi9Qhbg_-~)QydE* zt5SUXTWX49evJ4e8rq+A7H+?Gk2K%HbL|?JN|)vUuGus=fREx=)LF1_HP6P0Bg4uQ zdAY>)R{F@H)6p5qMl!KViCEKr5+k)XT9C(d;1ut>pMO?jju`T7mAfRXuY7oYs@3B& zcZtu8LrCLnB^5>%Xv)w?SVXWpADJ+D!e|0dlDd+)dEWYVeA|t*0M*@vY22(Jq6H?E}6Ed4nlKK1$J-pQ_%ywRa?RDzPH>#PRT^YU+5 zVb_JO=Tq5AQW|y6lLlku6I+-Su8kVNX!+puJC zB%1Cs$IbRJtnGjyWpv>on^6lZN-{zR^jD4yn;u_7mjPe@CP5M@*CsXFg1D zhvby_O({|nCjjsqQdk1Ck}Bk>01~cq%+mU*n@q&CBJW>zqB$+$M(XG9*-3ShcSHf1RE;rdc z&+ERB`rIsIFzfuG&9NZd$4Kp*SBZV3C1o+MnTnY17@uejF5t8}}>>Sfx6TrdgYZ_Vc*b508 zZ}YP~ci~%Ltl@P%NIo#_Qyc#im5bQ;Pj~j9`C_g;z0V1|MRLVCPPN9IRSQhbjjwuf zU7rO^aXO^kQ1Y^_aQi(d+4!a~`_KPCe&*#dHXtSiXc?G!Ke7ysf}vl+Wx8mcCoQAd zU37$BV;kii=d>3R=VWkiuPIB9GK^G9yd1+fBeDIPW?|Gf0a;*8fwJO#!a;Ctlj6P> zs6BS3O!t9$h8hK+#f9m{adryQ!RP%V_oYcoOE(QSp&d79LR)l-4C18Fs5=V^*L8XC z_!|96Q!l*>094KwhLo(XZf}fCc9$h9>Hv%ZHg1q-EgeegFOCim9Br^KX$a zD!@CmD|0cH+r>g)yd-yatoE~1g6Y$%;J29oF(q@Z zV96ADi}33#YRq2X^iaYnmJ1aqrsSFE`!l>>z0LmB&sY5S_>ph;|KrJ)YAHG7IMU(0 zD_WYRoMI<$TkP_<>BAog%eZR;*YMzPT0l6R@SZN$7OFwmlc9I@G0b~KO|2cBuZQ(a z+$NvM5{*eH`>@UN^>rGgAhR5PpNqv*_o|Ee4}8@eHS$2Mi2H@uw1)UHVc>KjwlYMS7n zOf>rjMCDr=ySU|^&iO0(36F_Agfr4e((!O+Fidas(D`_9O334u%ZYbgk0+Q+a9bT$ ze-vr*I=G$T_qCy*#)U>`cjS(V>|MDh#ES9=iK<}L$dlc+H;&#v2}bUmb~*_ufltLX zi!x4KP09v%ad;}Br&Hg<@pyJPY#jOK?tP*I;Aa5^*SL(ZCoqEG=}}`poVCtOrWaRq&b*hEY`qoZHycI#pEw+5Vkua>*-Ts;6q zGFNCRRCfD3%h67+5*sN6k&#iWOTRnfChva?iOb^4+Sh-K;H(tZK7k4MO&h*AKP!80 zdEMbzqx3l@bf&t7Y-5|`a~LquBdR8-v2;)tlzRMK*zwm%OezNQP*Sf(j(mMvmF3=h zGIoG=O#OuGx0#X5M(t{j&9%tA_5U{@SHn%1s!PHLeXXWSAFFsS?}D37JDuJ*0Hu(?taPQyOFkt|xCCgvMxSk$8{W=9qv#=SuM;W+K? zm~{GW2*%!%`+b*6RKK}F(f>Xjd3m~zNJX6oezRx8GyUb<8B zvhkspJZ*M_H*m&IQt~6HAM}ZL;z&;iTR9OyUQsb7)<(kLEQyOf`IFJM(^smLxs=_( zx<(I@3D_vQ{2XFo9i*<-0xEN`8M(a$P*>T%P}fm_ynNQe=_(Y)=C@y3Qwk|B)p5lm zPd>J}oUIk^E|U=25}K;e;w7s!iK*3P^fqgLv$1Lj8b9&UDAjS5v0!zl)uYunlEOO` zM*WL$fbVR;QEaH~i&zc;9~Y^(N5<|RhO7k~e+*|xZ5=LmwvnhW?HhhDcy9ZYWJ?14 zOYp}tT|VMsY?84_BXmNIVN=h~=h7u9k3=d%yt<5#xL8R1#57*? zfV`iA@3W3#<_B>1Xfc?XVk^v$f*XwsSO=a1JIBI~L-k_MJ~bx`so>XfO17`wIzmsi0up z4x-)Um~Ns!Sa;UKyMuKBU#-wL`ti%0iuAbPK%I#G01c|f&n@;SSprY1g1DzhuXin6;#Fh(Vf*};_LV8c zeP%dK@Gpj(DFh4z5>IjJTA@;}SEdkLNcXaF94;AVtf4QveecKHRFW8tDbCKhi*u7d zHk@2!3v7&^33su_C7mlf^{Yes%rzhN2FjT&Tn^@e;;s<&D(H!NVCEkMYMa6FX3P@ztnt24KtBL?vNWD zAh^oyE?o(zPz*s~juQgBj^%YI%$vM6SzP?R)MVM7fjKQu zm8Ri`DI5CrpL#0Utxc}zc8|%$moeYu($5YQ&34FZ6vF+m>EA>wH-e*LV`_&M43Og` z>+8(v`ppyN1&adWl)^hvJf-WI_cG4Tkcwx{{T7X#jvw8^J)y{FQ&p=-28Hlo1(z++ z<4>3JucCCkt+QQTYv!{atzv-O|F~*QfmQkeS;gc*_U$x+78FJgugzrN$$-<+@2t9` z%?sNi1fN8lcxK}(>jM>ku7S8^GePpZOmTK2?cWM(OgV#`_ZEAwcx#NeUaunf1jo^W z7hNonR@0}Z4F>gLv~*CzL{X7oPX?ld1+7g6>9#Pu!wnB{9fg5J4uhfTH-C9{!^LO( zW(Gf_PyY-!HbPbIvn5r27Z^W={c$Yx>o1AX`!9J`58q~9Xqaa5>Y%XHM^L~Xe`1S# zi~gya9&r{@M!{@9=Q)SISHk7X`a#?u;bF5+Dr}yBt6&1!eJ@T(9pVoXtls@oLLHu?i(AaAWpMOolKn2cWxo*6w_bH9 zPy8jcgxGK-_9=@-N$`I_q1)e}@O2(z6Q&g5fZP)XpTD67!uAJihZhi>VGV=jFQCLw76U3;h2rrBvsyE#$8>-o+VKhwE_SU!o_^gIyJ zA@(%^5}X8Vn3SWzsD^esBrso$O&#arh2w2%^9=i>Q=1W-S^|fE$k)ebI`)M3il=!Fag-}b zB?cNxWjKGpG0-ZyboduA{{){AbVW_6XW`B8Jt55c1#sDz0qoZkB*k#Lu&(BI!`?BH9yIrvsp zpy?g&Jo!TtSQk9r8y=2AmRHTJlN+Hj2&~Y)oNyn6vv6k*!mn*;B z-}ex69yz-&>#x~5-t|o?cwijhtXKcSS%*LVOA$&y^|oe+k*>Zl&p6pPRT^x*J}no$ zJXg=hU>8dfG1o`R(nlvYq%k8q^pS38(Lo@*qo?Q5Bb0Q;Z<9yAq&F!TH*}u8&#-F5 z_{I0xO{tIB@yd0sYO<%=B?s`bF#%~58T!Q)MtUO&Ghdm>`S+wgGGSQYGQ|PIl_b*= zqqjMdBUe>!v8qyIH+!=n_Ob(18l}xTs<*94ncn_|AX`$<4s_eLKM;dT$YY8**mZhQ zQP(Wpc#z|xKApcuCbFZLVlwzTFT598HiBkt;))B`%l==qfWs+Kq*_pea6ha}Z8_&U zc&8!Tn;VgGqN|pjt1toF3K-BzP<&7Cnt*{35W~Aq6iPCnJggL zF7EH#_3+tVznBxJ_c@SJTXPGSj(D=RdwLtQ%@zh8mWd6pS?`K$!uG&0Kk)zZkbpqS z+EnffG$)|g!YdIc79T3h-MIL(6nW<`m&%B?yR%|5QlyS?O5SPkGRRonx9@xs@u)gM z`q6UjYlg&;f%-?ZQp^mlnuY>pL%I1|sxm-?@sp=u~$8DLf3`&S!A9WH{lCOHIq z*?w@|t4_j{8g)0be`|+b9nl*$nuDg@@5ivB9Z70Ys-G&-CCyLl-A89}z1&h*pqG2_}d@W6B|Dd~dQSTPE!$T-yH3%4~Gx|6;yWSkMQY$uIxgPcvzI!S_9-MJsCg`!g zo5){Kx`_yKYZ|ec$+bVlncHAWxl(zn*v95k{+o!;CJd)u7*p>KXFF(g!K?<|_7Rro zlW}+Zkdve9go0ghBR92(J6ap1>LL$0rbkrCgRz(yFEWhwLIJU9XI>J}ieJCuidhy= zqlbw?{Hp=-hsHT0%B!1cw{Cx~_Y*F3_~a>h$=Tg5!g#6DV?EBcVI{~K(Tocn7ohk{ zkB*C$d)0hq5S#MekYd#sVw?ZmDDEZhklE%5>c;KdeN8l?&r3L}wXC*EMZ=S`f^KDG zYJXh^$iYPm3qedmGgxx4fC0K#x!0!}h_Q!<%$pO9R7gfthP!6Q=Y}>HW5vDPKagkL z(DreOazJ@hE7pyyT+q;(9Z$Y+3!0-lmr4bv{W52g6G+$0lK16XZUoD1h0%bqbT$9dS+n#!Z9rf)VN06$2-&`77V6$ ziZzLWC8lPO(vjX-oe#Ajpz7-?;t@Wqj35;SdfuW@tUs4mthR-irpX}S3IRjQ5D}b< zcaHg|*I9V|R6%y2%&7C*uPzpi9zARs(!l)XnxE6}069#D965y+ghOoVcSFCYJjayh z)ujp3Y?UNExL;?^y`$zvZcn@bB><$0d+Ivy;B?vsoKpv&z@0k}^~6+vZ3 zOj-j;f1TUL@ z21JEJvn}w2M`5W9si5tOyGZhme1;L6k6#=YtFx??d5{_?UdUC@unyA?844N4D;2IF z{~q<450+#EX7kEXhP6#lTJaIk7vgkN8hy)9Elp>6VS6`T6B*)z&##VEyK0O@ds=h) zn6DTDgeuztC?`ON=G?dreL+h+z&)9_oePp+mJkjka^;AXA zSwEBlRaQ&#+mL%>`OZe4k+4)^mnZfzb@~799|Q914P6W%9!}Fg5Jniqyolm_0rXz8 zek~l6FSERB@u7VhSz@e{4Z;CCPE>$E^U^x!No{!RTc#RBxC{U6k0JGC@~8RvF|*GH zWoy>)Y5*qy^ZU}_pP$H-$^m|&)oRjG^Rc$zOj6Fk8=l9>lj!gVyI15sHy3(wc0SxX zpQ_PO@(C2|GJty}koM`QMGS=>)AWViasaJF>TJ5Mz4^+~LN(74bv(v+?{r>=U0+6S zzG}aD7Z?xIMonDdr8j}MquQp$&UCoy4T^mPS$@B6g16@n86K zrKa;YOCsxSX`c`?uu0QB$|vwH-VD?}tT-$=S(k8})5%LtxAWdN$XNHGwiTlsR*C^5p$3YdQZ3A$rV~jRN!bgdZ5=R8@?_pAY-k;W zYLS@47jTH&Twr3GHR4qtZFqK550a5B@=UesF{VN$&@0BK_gW-J=^)!dC ztLrbVhvXk9#0psa(xxWh`f|uU9bdp;!vIs^cNOd_uR+NSWXW0MI$*A`shG9p7%J|X z%4kD|#nq$5yh%$HNs{6`9vN={6az8RETKiiPR}ha#&|l>9|rh0e+#PRDRTGd^NZXP z1G?T9XiUna^3t~C6w@t}A|DyIq3YdWEo%LvpXcX>{1ds%`mC6xT*%Rwu07rN#Wp3Iu1kG1c6<=iYeUO~zV^{T}P6yt1vlwXCcGWoX$)jxzs%{Z|ElQ z*V(#BO$f-DL*1i%5a&kcL{2&^2w*sHppWA>lPw^7yV5X7x*9j-TTE*_;QtSQ{-Eyb0aYnXu}|pvSzf?Xdll;-BM`a!%PvO#tRPdoE#kv_tsF zpfi`CA3!-d6mK$+baUI+gf&-x-#OQCexxhIDikK%lu?+#AekkpZGh3Ngi+{VH!LZp zE`e?)7IZUl|JBX>h3Q9h_lBNBZkd9C1?z}#2U>=u6<&E{kyGMLwQ5T03~$DB7xlkE zRX@lp*`*6bY2T%uXA$BHv8LsfzCNL@;hCQ9>yb8F598Z3Tm}a}d|VZLvAcA@c)i=$ zj-&WEd#mC{a3|K&a^G-%e25mYH}zPvjti`pM%lHU6R7s(qnxt;(bT2&A;Kg5JM0p1 zW7&Db7Z5y&V2!YoW$BH8-^u);E7s$^Z-myW{*yr2I%`5E=9IO(Z4@(;*q0#1M03K8E<+;soq#WoSpO|Ca6+zQh$7v1C zPW%FE*wc5c7b&x}eC{ck@HKsC=aE+0GqI$e9$n@;earG*S9PY^ZdAw4{+#4^`t|s4 zYt!qO?t#|FGkO=2>#0Z1nCBk|ApZ9TJ>D+_2vO{b3kgGdIggWVbKe?1@KNtn5lOad z5H%)pHPsYsAcjroMk$e)rD){AKE#Q4M1}=o+6LYQB!^L*>weZtP>{DtSH|V4`!lV1 zAXhew8n4JHtt)TAzD@e3cSg@RY}nKXlH90os$&85rvj&kIp~V@VZdeZ8(aApqA(`L zd(Sm%5*sPT7GFFpYI+f`fAnK%Bhyo}Ff%W8o%aWib^uq6w?pnqRl~QB0`#XF8>otz zObZafbe{$YjnN+1AXlbHP~ZvHM;V{}Wbm?Q_Yqe%b}e}cueG}Lb}=s#1}N&69uzlWgvoGDc2>I^pysyyk8!+OOJ_G@uYc{3knGFQ9W$Wnvmk-%}WMmOpoqy>QbH|rP# zF_{x^0K2;0gIp~a>y^0{Q}$mJeuTh}f{SN0uAjZdWnmx{6Zyqt=16rFmq!RPm2cBD z96$42OCG>a04I9}&oV3{Nk1pJ{y^rIZv25XoWtEC(aUowVFnfb&z$pCmlYDxw+x=L z&KrJY0_Z~z8jnoz0`320P(ez`G$Rh01UWamp#=l57^>xaimYCuIhnJ&y5i1}5*7%lX+X|7Z_L(*QwjluEhf#;>%-_lst_^E^1>g8PR-mL;tzxm zX@zpBsO~#2)CGE<~#t*8mx6&UzVKa>RViqQ;-R8RhN_=?KwkO3?ByaBWXa6E$XB#8EZAop}GIDhc zz?38U<%t%bV!!oGv0Faom21=$ya;c4FQm<)yDD3PO9Cqnxn;xt2jaT{Y6swO)!#Qp zpHD_jt5x@e-LD<*2`(|cwPIZzt0PHqXtdCd%`J9f+jd@c2_Wnbq`Py?FcuK=$9iYQ z-r>(J&ASad(~a?se<1rzczQ%-Cd{#lmK`8w>T%RyeNRF%bVI80eqmyC;=F7Hd94M@ zK@q-IRyXL@5W7Ry9vJm0K1~$;1~r@U?2SjJCT*Iofc@q8Tr+&1xtbot4Dr*>U6CNI z&n^n;jQPP{Pil3z+`IAABUwA_%X0)bIFIZao>$#k+G+7Ge=Qk=9`tJU4n&0I>TK [äø­ę–‡](README.zh.md) | [ę—„ęœ¬čŖž](README.ja.md) | [PortuguĆŖs](README.pt-br.md) | [Tiįŗæng Viį»‡t](README.vi.md) | [FranƧais](README.fr.md) | **English** From 76f2b42d5b88bebec2a247b180cf1f19bc69464c Mon Sep 17 00:00:00 2001 From: nayihz Date: Tue, 24 Feb 2026 17:16:16 +0800 Subject: [PATCH 50/88] feat: improve web proxy handling and coverage --- config/config.example.json | 3 +- pkg/agent/loop.go | 3 +- pkg/config/config.go | 3 + pkg/config/config_test.go | 21 +++++ pkg/tools/web.go | 101 +++++++++++++++++----- pkg/tools/web_test.go | 167 +++++++++++++++++++++++++++++++++++++ 6 files changed, 275 insertions(+), 23 deletions(-) diff --git a/config/config.example.json b/config/config.example.json index 555509732..c73d327d6 100644 --- a/config/config.example.json +++ b/config/config.example.json @@ -217,7 +217,8 @@ "enabled": false, "api_key": "pplx-xxx", "max_results": 5 - } + }, + "proxy": "" }, "cron": { "exec_timeout_minutes": 5 diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index 9a2bb1198..dbc4a9b87 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -106,10 +106,11 @@ func registerSharedTools( PerplexityAPIKey: cfg.Tools.Web.Perplexity.APIKey, PerplexityMaxResults: cfg.Tools.Web.Perplexity.MaxResults, PerplexityEnabled: cfg.Tools.Web.Perplexity.Enabled, + Proxy: cfg.Tools.Web.Proxy, }); searchTool != nil { agent.Tools.Register(searchTool) } - agent.Tools.Register(tools.NewWebFetchTool(50000)) + agent.Tools.Register(tools.NewWebFetchToolWithProxy(50000, cfg.Tools.Web.Proxy)) // Hardware tools (I2C, SPI) - Linux only, returns error on other platforms agent.Tools.Register(tools.NewI2CTool()) diff --git a/pkg/config/config.go b/pkg/config/config.go index 2595398c7..67adca5c3 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -443,6 +443,9 @@ type WebToolsConfig struct { Tavily TavilyConfig `json:"tavily"` DuckDuckGo DuckDuckGoConfig `json:"duckduckgo"` Perplexity PerplexityConfig `json:"perplexity"` + // Proxy is an optional proxy URL for web tools (http/https/socks5/socks5h). + // For authenticated proxies, prefer HTTP_PROXY/HTTPS_PROXY env vars instead of embedding credentials in config. + Proxy string `json:"proxy,omitempty" env:"PICOCLAW_TOOLS_WEB_PROXY"` } type CronToolsConfig struct { diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index f88c0269c..223ac798d 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -392,3 +392,24 @@ func TestLoadConfig_OpenAIWebSearchCanBeDisabled(t *testing.T) { t.Fatal("OpenAI codex web search should be false when disabled in config file") } } + +func TestLoadConfig_WebToolsProxy(t *testing.T) { + tmpDir := t.TempDir() + configPath := filepath.Join(tmpDir, "config.json") + configJSON := `{ + "agents": {"defaults":{"workspace":"./workspace","model":"gpt4","max_tokens":8192,"max_tool_iterations":20}}, + "model_list": [{"model_name":"gpt4","model":"openai/gpt-5.2","api_key":"x"}], + "tools": {"web":{"proxy":"http://127.0.0.1:7890"}} +}` + if err := os.WriteFile(configPath, []byte(configJSON), 0o600); err != nil { + t.Fatalf("os.WriteFile() error: %v", err) + } + + cfg, err := LoadConfig(configPath) + if err != nil { + t.Fatalf("LoadConfig() error: %v", err) + } + if cfg.Tools.Web.Proxy != "http://127.0.0.1:7890" { + t.Fatalf("Tools.Web.Proxy = %q, want %q", cfg.Tools.Web.Proxy, "http://127.0.0.1:7890") + } +} diff --git a/pkg/tools/web.go b/pkg/tools/web.go index 452e95e0f..968579dea 100644 --- a/pkg/tools/web.go +++ b/pkg/tools/web.go @@ -17,12 +17,50 @@ const ( userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ) +// createHTTPClient creates an HTTP client with optional proxy support +func createHTTPClient(proxyURL string, timeout time.Duration) (*http.Client, error) { + client := &http.Client{ + Timeout: timeout, + Transport: &http.Transport{ + MaxIdleConns: 10, + IdleConnTimeout: 30 * time.Second, + DisableCompression: false, + TLSHandshakeTimeout: 15 * time.Second, + }, + } + + if proxyURL != "" { + proxy, err := url.Parse(proxyURL) + if err != nil { + return nil, fmt.Errorf("invalid proxy URL: %w", err) + } + scheme := strings.ToLower(proxy.Scheme) + switch scheme { + case "http", "https", "socks5", "socks5h": + default: + return nil, fmt.Errorf( + "unsupported proxy scheme %q (supported: http, https, socks5, socks5h)", + proxy.Scheme, + ) + } + if proxy.Host == "" { + return nil, fmt.Errorf("invalid proxy URL: missing host") + } + client.Transport.(*http.Transport).Proxy = http.ProxyURL(proxy) + } else { + client.Transport.(*http.Transport).Proxy = http.ProxyFromEnvironment + } + + return client, nil +} + type SearchProvider interface { Search(ctx context.Context, query string, count int) (string, error) } type BraveSearchProvider struct { apiKey string + proxy string } func (p *BraveSearchProvider) Search(ctx context.Context, query string, count int) (string, error) { @@ -37,7 +75,10 @@ func (p *BraveSearchProvider) Search(ctx context.Context, query string, count in req.Header.Set("Accept", "application/json") req.Header.Set("X-Subscription-Token", p.apiKey) - client := &http.Client{Timeout: 10 * time.Second} + client, err := createHTTPClient(p.proxy, 10*time.Second) + if err != nil { + return "", fmt.Errorf("failed to create HTTP client: %w", err) + } resp, err := client.Do(req) if err != nil { return "", fmt.Errorf("request failed: %w", err) @@ -167,7 +208,9 @@ func (p *TavilySearchProvider) Search(ctx context.Context, query string, count i return strings.Join(lines, "\n"), nil } -type DuckDuckGoSearchProvider struct{} +type DuckDuckGoSearchProvider struct { + proxy string +} func (p *DuckDuckGoSearchProvider) Search(ctx context.Context, query string, count int) (string, error) { searchURL := fmt.Sprintf("https://html.duckduckgo.com/html/?q=%s", url.QueryEscape(query)) @@ -179,7 +222,10 @@ func (p *DuckDuckGoSearchProvider) Search(ctx context.Context, query string, cou req.Header.Set("User-Agent", userAgent) - client := &http.Client{Timeout: 10 * time.Second} + client, err := createHTTPClient(p.proxy, 10*time.Second) + if err != nil { + return "", fmt.Errorf("failed to create HTTP client: %w", err) + } resp, err := client.Do(req) if err != nil { return "", fmt.Errorf("request failed: %w", err) @@ -261,6 +307,7 @@ func stripTags(content string) string { type PerplexitySearchProvider struct { apiKey string + proxy string } func (p *PerplexitySearchProvider) Search(ctx context.Context, query string, count int) (string, error) { @@ -295,7 +342,10 @@ func (p *PerplexitySearchProvider) Search(ctx context.Context, query string, cou req.Header.Set("Authorization", "Bearer "+p.apiKey) req.Header.Set("User-Agent", userAgent) - client := &http.Client{Timeout: 30 * time.Second} + client, err := createHTTPClient(p.proxy, 30*time.Second) + if err != nil { + return "", fmt.Errorf("failed to create HTTP client: %w", err) + } resp, err := client.Do(req) if err != nil { return "", fmt.Errorf("request failed: %w", err) @@ -348,6 +398,7 @@ type WebSearchToolOptions struct { PerplexityAPIKey string PerplexityMaxResults int PerplexityEnabled bool + Proxy string } func NewWebSearchTool(opts WebSearchToolOptions) *WebSearchTool { @@ -356,12 +407,12 @@ func NewWebSearchTool(opts WebSearchToolOptions) *WebSearchTool { // Priority: Perplexity > Brave > Tavily > DuckDuckGo if opts.PerplexityEnabled && opts.PerplexityAPIKey != "" { - provider = &PerplexitySearchProvider{apiKey: opts.PerplexityAPIKey} + provider = &PerplexitySearchProvider{apiKey: opts.PerplexityAPIKey, proxy: opts.Proxy} if opts.PerplexityMaxResults > 0 { maxResults = opts.PerplexityMaxResults } } else if opts.BraveEnabled && opts.BraveAPIKey != "" { - provider = &BraveSearchProvider{apiKey: opts.BraveAPIKey} + provider = &BraveSearchProvider{apiKey: opts.BraveAPIKey, proxy: opts.Proxy} if opts.BraveMaxResults > 0 { maxResults = opts.BraveMaxResults } @@ -374,7 +425,7 @@ func NewWebSearchTool(opts WebSearchToolOptions) *WebSearchTool { maxResults = opts.TavilyMaxResults } } else if opts.DuckDuckGoEnabled { - provider = &DuckDuckGoSearchProvider{} + provider = &DuckDuckGoSearchProvider{proxy: opts.Proxy} if opts.DuckDuckGoMaxResults > 0 { maxResults = opts.DuckDuckGoMaxResults } @@ -441,6 +492,7 @@ func (t *WebSearchTool) Execute(ctx context.Context, args map[string]any) *ToolR type WebFetchTool struct { maxChars int + proxy string } func NewWebFetchTool(maxChars int) *WebFetchTool { @@ -452,6 +504,16 @@ func NewWebFetchTool(maxChars int) *WebFetchTool { } } +func NewWebFetchToolWithProxy(maxChars int, proxy string) *WebFetchTool { + if maxChars <= 0 { + maxChars = 50000 + } + return &WebFetchTool{ + maxChars: maxChars, + proxy: proxy, + } +} + func (t *WebFetchTool) Name() string { return "web_fetch" } @@ -511,20 +573,17 @@ func (t *WebFetchTool) Execute(ctx context.Context, args map[string]any) *ToolRe req.Header.Set("User-Agent", userAgent) - client := &http.Client{ - Timeout: 60 * time.Second, - Transport: &http.Transport{ - MaxIdleConns: 10, - IdleConnTimeout: 30 * time.Second, - DisableCompression: false, - TLSHandshakeTimeout: 15 * time.Second, - }, - CheckRedirect: func(req *http.Request, via []*http.Request) error { - if len(via) >= 5 { - return fmt.Errorf("stopped after 5 redirects") - } - return nil - }, + client, err := createHTTPClient(t.proxy, 60*time.Second) + if err != nil { + return ErrorResult(fmt.Sprintf("failed to create HTTP client: %v", err)) + } + + // Configure redirect handling + client.CheckRedirect = func(req *http.Request, via []*http.Request) error { + if len(via) >= 5 { + return fmt.Errorf("stopped after 5 redirects") + } + return nil } resp, err := client.Do(req) diff --git a/pkg/tools/web_test.go b/pkg/tools/web_test.go index 75e0d8d16..2cd79eb24 100644 --- a/pkg/tools/web_test.go +++ b/pkg/tools/web_test.go @@ -7,6 +7,7 @@ import ( "net/http/httptest" "strings" "testing" + "time" ) // TestWebTool_WebFetch_Success verifies successful URL fetching @@ -334,6 +335,172 @@ func TestWebTool_WebFetch_MissingDomain(t *testing.T) { } } +func TestCreateHTTPClient_ProxyConfigured(t *testing.T) { + client, err := createHTTPClient("http://127.0.0.1:7890", 12*time.Second) + if err != nil { + t.Fatalf("createHTTPClient() error: %v", err) + } + if client.Timeout != 12*time.Second { + t.Fatalf("client.Timeout = %v, want %v", client.Timeout, 12*time.Second) + } + + tr, ok := client.Transport.(*http.Transport) + if !ok { + t.Fatalf("client.Transport type = %T, want *http.Transport", client.Transport) + } + if tr.Proxy == nil { + t.Fatal("transport.Proxy is nil, want non-nil") + } + + req, err := http.NewRequest("GET", "https://example.com", nil) + if err != nil { + t.Fatalf("http.NewRequest() error: %v", err) + } + proxyURL, err := tr.Proxy(req) + if err != nil { + t.Fatalf("transport.Proxy(req) error: %v", err) + } + if proxyURL == nil || proxyURL.String() != "http://127.0.0.1:7890" { + t.Fatalf("proxy URL = %v, want %q", proxyURL, "http://127.0.0.1:7890") + } +} + +func TestCreateHTTPClient_InvalidProxy(t *testing.T) { + _, err := createHTTPClient("://bad-proxy", 10*time.Second) + if err == nil { + t.Fatal("createHTTPClient() expected error for invalid proxy URL, got nil") + } +} + +func TestCreateHTTPClient_Socks5ProxyConfigured(t *testing.T) { + client, err := createHTTPClient("socks5://127.0.0.1:1080", 8*time.Second) + if err != nil { + t.Fatalf("createHTTPClient() error: %v", err) + } + + tr, ok := client.Transport.(*http.Transport) + if !ok { + t.Fatalf("client.Transport type = %T, want *http.Transport", client.Transport) + } + req, err := http.NewRequest("GET", "https://example.com", nil) + if err != nil { + t.Fatalf("http.NewRequest() error: %v", err) + } + proxyURL, err := tr.Proxy(req) + if err != nil { + t.Fatalf("transport.Proxy(req) error: %v", err) + } + if proxyURL == nil || proxyURL.String() != "socks5://127.0.0.1:1080" { + t.Fatalf("proxy URL = %v, want %q", proxyURL, "socks5://127.0.0.1:1080") + } +} + +func TestCreateHTTPClient_UnsupportedProxyScheme(t *testing.T) { + _, err := createHTTPClient("ftp://127.0.0.1:21", 10*time.Second) + if err == nil { + t.Fatal("createHTTPClient() expected error for unsupported scheme, got nil") + } + if !strings.Contains(err.Error(), "unsupported proxy scheme") { + t.Fatalf("error = %q, want to contain %q", err.Error(), "unsupported proxy scheme") + } +} + +func TestCreateHTTPClient_ProxyFromEnvironmentWhenConfigEmpty(t *testing.T) { + t.Setenv("HTTP_PROXY", "http://127.0.0.1:8888") + t.Setenv("http_proxy", "http://127.0.0.1:8888") + t.Setenv("HTTPS_PROXY", "http://127.0.0.1:8888") + t.Setenv("https_proxy", "http://127.0.0.1:8888") + t.Setenv("ALL_PROXY", "") + t.Setenv("all_proxy", "") + t.Setenv("NO_PROXY", "") + t.Setenv("no_proxy", "") + + client, err := createHTTPClient("", 10*time.Second) + if err != nil { + t.Fatalf("createHTTPClient() error: %v", err) + } + + tr, ok := client.Transport.(*http.Transport) + if !ok { + t.Fatalf("client.Transport type = %T, want *http.Transport", client.Transport) + } + if tr.Proxy == nil { + t.Fatal("transport.Proxy is nil, want proxy function from environment") + } + + req, err := http.NewRequest("GET", "https://example.com", nil) + if err != nil { + t.Fatalf("http.NewRequest() error: %v", err) + } + if _, err := tr.Proxy(req); err != nil { + t.Fatalf("transport.Proxy(req) error: %v", err) + } +} + +func TestNewWebFetchToolWithProxy(t *testing.T) { + tool := NewWebFetchToolWithProxy(1024, "http://127.0.0.1:7890") + if tool.maxChars != 1024 { + t.Fatalf("maxChars = %d, want %d", tool.maxChars, 1024) + } + if tool.proxy != "http://127.0.0.1:7890" { + t.Fatalf("proxy = %q, want %q", tool.proxy, "http://127.0.0.1:7890") + } + + tool = NewWebFetchToolWithProxy(0, "http://127.0.0.1:7890") + if tool.maxChars != 50000 { + t.Fatalf("default maxChars = %d, want %d", tool.maxChars, 50000) + } +} + +func TestNewWebSearchTool_PropagatesProxy(t *testing.T) { + t.Run("perplexity", func(t *testing.T) { + tool := NewWebSearchTool(WebSearchToolOptions{ + PerplexityEnabled: true, + PerplexityAPIKey: "k", + PerplexityMaxResults: 3, + Proxy: "http://127.0.0.1:7890", + }) + p, ok := tool.provider.(*PerplexitySearchProvider) + if !ok { + t.Fatalf("provider type = %T, want *PerplexitySearchProvider", tool.provider) + } + if p.proxy != "http://127.0.0.1:7890" { + t.Fatalf("provider proxy = %q, want %q", p.proxy, "http://127.0.0.1:7890") + } + }) + + t.Run("brave", func(t *testing.T) { + tool := NewWebSearchTool(WebSearchToolOptions{ + BraveEnabled: true, + BraveAPIKey: "k", + BraveMaxResults: 3, + Proxy: "http://127.0.0.1:7890", + }) + p, ok := tool.provider.(*BraveSearchProvider) + if !ok { + t.Fatalf("provider type = %T, want *BraveSearchProvider", tool.provider) + } + if p.proxy != "http://127.0.0.1:7890" { + t.Fatalf("provider proxy = %q, want %q", p.proxy, "http://127.0.0.1:7890") + } + }) + + t.Run("duckduckgo", func(t *testing.T) { + tool := NewWebSearchTool(WebSearchToolOptions{ + DuckDuckGoEnabled: true, + DuckDuckGoMaxResults: 3, + Proxy: "http://127.0.0.1:7890", + }) + p, ok := tool.provider.(*DuckDuckGoSearchProvider) + if !ok { + t.Fatalf("provider type = %T, want *DuckDuckGoSearchProvider", tool.provider) + } + if p.proxy != "http://127.0.0.1:7890" { + t.Fatalf("provider proxy = %q, want %q", p.proxy, "http://127.0.0.1:7890") + } + }) +} + // TestWebTool_TavilySearch_Success verifies successful Tavily search func TestWebTool_TavilySearch_Success(t *testing.T) { server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { From 8405d390dfaca26fba80fd63728d5f87353e1b92 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 24 Feb 2026 04:19:18 -0500 Subject: [PATCH 51/88] fix: add CGO_ENABLED=0 for static build to fix cross-platform GLIBC errors --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 29e2fc964..111908a79 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ GO_VERSION=$(shell $(GO) version | awk '{print $$3}') LDFLAGS=-ldflags "-X main.version=$(VERSION) -X main.gitCommit=$(GIT_COMMIT) -X main.buildTime=$(BUILD_TIME) -X main.goVersion=$(GO_VERSION) -s -w" # Go variables -GO?=go +GO?=CGO_ENABLED=0 go GOFLAGS?=-v -tags stdjson # Golangci-lint From 0d761ca6084efb1344591870ce58d96b6a9be051 Mon Sep 17 00:00:00 2001 From: yangmanqing Date: Tue, 24 Feb 2026 17:57:28 +0800 Subject: [PATCH 52/88] fix: prevent DefaultConfig template values from leaking into user model_list entries --- pkg/config/config.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/pkg/config/config.go b/pkg/config/config.go index 2595398c7..a15a19b91 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -499,6 +499,20 @@ func LoadConfig(path string) (*Config, error) { return nil, err } + // Pre-scan the JSON to check how many model_list entries the user provided. + // Go's JSON decoder reuses existing slice backing-array elements rather than + // zero-initializing them, so fields absent from the user's JSON (e.g. api_base) + // would silently inherit values from the DefaultConfig template at the same + // index position. We only reset cfg.ModelList when the user actually provides + // entries; when count is 0 we keep DefaultConfig's built-in list as fallback. + var tmp Config + if err := json.Unmarshal(data, &tmp); err != nil { + return nil, err + } + if len(tmp.ModelList) > 0 { + cfg.ModelList = nil + } + if err := json.Unmarshal(data, cfg); err != nil { return nil, err } From 78e5bdad29c9c927b72b99b40b3da87d5dc28431 Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Tue, 24 Feb 2026 22:04:23 +1100 Subject: [PATCH 53/88] minor improvements in Makefile Signed-off-by: Kai Xia --- Makefile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 29e2fc964..30522e7b9 100644 --- a/Makefile +++ b/Makefile @@ -144,6 +144,10 @@ fmt: lint: @$(GOLANGCI_LINT) run +## fix: Fix linting issues +fix: + @$(GOLANGCI_LINT) run --fix + ## deps: Download dependencies deps: @$(GO) mod download @@ -169,7 +173,7 @@ help: @echo " make [target]" @echo "" @echo "Targets:" - @grep -E '^## ' $(MAKEFILE_LIST) | sed 's/## / /' + @grep -E '^## ' $(MAKEFILE_LIST) | sort | awk -F': ' '{printf " %-16s %s\n", substr($$1, 4), $$2}' @echo "" @echo "Examples:" @echo " make build # Build for current platform" From 01e2354b977d580679871379beef24f371bf521e Mon Sep 17 00:00:00 2001 From: yinwm Date: Tue, 24 Feb 2026 19:04:38 +0800 Subject: [PATCH 54/88] fix: align map values for proper formatting --- pkg/config/model_config_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/config/model_config_test.go b/pkg/config/model_config_test.go index c89029e8c..99eea2782 100644 --- a/pkg/config/model_config_test.go +++ b/pkg/config/model_config_test.go @@ -220,7 +220,7 @@ func TestFullConfig_JSON_BackwardCompat(t *testing.T) { }` for name, jsonStr := range map[string]string{ - "old format (model)": oldFormat, + "old format (model)": oldFormat, "new format (model_name)": newFormat, } { t.Run(name, func(t *testing.T) { From b47a39af9cbbdf9cdc0ebe2a9ed3607c9d260596 Mon Sep 17 00:00:00 2001 From: winterfx Date: Tue, 24 Feb 2026 21:35:15 +0800 Subject: [PATCH 55/88] fix: handle multi-tool-call orphan detection in sanitizeHistoryForProvider Walk backwards over preceding tool messages to find the nearest assistant with ToolCalls, instead of only checking the immediate predecessor. Add unit tests for sanitizeHistoryForProvider covering key edge cases. --- pkg/agent/context.go | 15 ++- pkg/agent/context_test.go | 209 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 222 insertions(+), 2 deletions(-) create mode 100644 pkg/agent/context_test.go diff --git a/pkg/agent/context.go b/pkg/agent/context.go index a9db5afdd..7bd55d4ab 100644 --- a/pkg/agent/context.go +++ b/pkg/agent/context.go @@ -229,8 +229,19 @@ func sanitizeHistoryForProvider(history []providers.Message) []providers.Message logger.DebugCF("agent", "Dropping orphaned leading tool message", map[string]any{}) continue } - last := sanitized[len(sanitized)-1] - if last.Role != "assistant" || len(last.ToolCalls) == 0 { + // Walk backwards to find the nearest assistant message, + // skipping over any preceding tool messages (multi-tool-call case). + foundAssistant := false + for i := len(sanitized) - 1; i >= 0; i-- { + if sanitized[i].Role == "tool" { + continue + } + if sanitized[i].Role == "assistant" && len(sanitized[i].ToolCalls) > 0 { + foundAssistant = true + } + break + } + if !foundAssistant { logger.DebugCF("agent", "Dropping orphaned tool message", map[string]any{}) continue } diff --git a/pkg/agent/context_test.go b/pkg/agent/context_test.go new file mode 100644 index 000000000..e023c9c30 --- /dev/null +++ b/pkg/agent/context_test.go @@ -0,0 +1,209 @@ +package agent + +import ( + "testing" + + "github.com/sipeed/picoclaw/pkg/providers" +) + +func msg(role, content string) providers.Message { + return providers.Message{Role: role, Content: content} +} + +func assistantWithTools(toolIDs ...string) providers.Message { + calls := make([]providers.ToolCall, len(toolIDs)) + for i, id := range toolIDs { + calls[i] = providers.ToolCall{ID: id, Type: "function"} + } + return providers.Message{Role: "assistant", ToolCalls: calls} +} + +func toolResult(id string) providers.Message { + return providers.Message{Role: "tool", Content: "result", ToolCallID: id} +} + +func TestSanitizeHistoryForProvider_EmptyHistory(t *testing.T) { + result := sanitizeHistoryForProvider(nil) + if len(result) != 0 { + t.Fatalf("expected empty, got %d messages", len(result)) + } + + result = sanitizeHistoryForProvider([]providers.Message{}) + if len(result) != 0 { + t.Fatalf("expected empty, got %d messages", len(result)) + } +} + +func TestSanitizeHistoryForProvider_SingleToolCall(t *testing.T) { + history := []providers.Message{ + msg("user", "hello"), + assistantWithTools("A"), + toolResult("A"), + msg("assistant", "done"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 4 { + t.Fatalf("expected 4 messages, got %d", len(result)) + } + assertRoles(t, result, "user", "assistant", "tool", "assistant") +} + +func TestSanitizeHistoryForProvider_MultiToolCalls(t *testing.T) { + history := []providers.Message{ + msg("user", "do two things"), + assistantWithTools("A", "B"), + toolResult("A"), + toolResult("B"), + msg("assistant", "both done"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 5 { + t.Fatalf("expected 5 messages, got %d: %+v", len(result), roles(result)) + } + assertRoles(t, result, "user", "assistant", "tool", "tool", "assistant") +} + +func TestSanitizeHistoryForProvider_AssistantToolCallAfterPlainAssistant(t *testing.T) { + history := []providers.Message{ + msg("user", "hi"), + msg("assistant", "thinking"), + assistantWithTools("A"), + toolResult("A"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 2 { + t.Fatalf("expected 2 messages, got %d: %+v", len(result), roles(result)) + } + assertRoles(t, result, "user", "assistant") +} + +func TestSanitizeHistoryForProvider_OrphanedLeadingTool(t *testing.T) { + history := []providers.Message{ + toolResult("A"), + msg("user", "hello"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 1 { + t.Fatalf("expected 1 message, got %d: %+v", len(result), roles(result)) + } + assertRoles(t, result, "user") +} + +func TestSanitizeHistoryForProvider_ToolAfterUserDropped(t *testing.T) { + history := []providers.Message{ + msg("user", "hello"), + toolResult("A"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 1 { + t.Fatalf("expected 1 message, got %d: %+v", len(result), roles(result)) + } + assertRoles(t, result, "user") +} + +func TestSanitizeHistoryForProvider_ToolAfterAssistantNoToolCalls(t *testing.T) { + history := []providers.Message{ + msg("user", "hello"), + msg("assistant", "hi"), + toolResult("A"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 2 { + t.Fatalf("expected 2 messages, got %d: %+v", len(result), roles(result)) + } + assertRoles(t, result, "user", "assistant") +} + +func TestSanitizeHistoryForProvider_AssistantToolCallAtStart(t *testing.T) { + history := []providers.Message{ + assistantWithTools("A"), + toolResult("A"), + msg("user", "hello"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 1 { + t.Fatalf("expected 1 message, got %d: %+v", len(result), roles(result)) + } + assertRoles(t, result, "user") +} + +func TestSanitizeHistoryForProvider_MultiToolCallsThenNewRound(t *testing.T) { + history := []providers.Message{ + msg("user", "do two things"), + assistantWithTools("A", "B"), + toolResult("A"), + toolResult("B"), + msg("assistant", "done"), + msg("user", "hi"), + assistantWithTools("C"), + toolResult("C"), + msg("assistant", "done again"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 9 { + t.Fatalf("expected 9 messages, got %d: %+v", len(result), roles(result)) + } + assertRoles(t, result, "user", "assistant", "tool", "tool", "assistant", "user", "assistant", "tool", "assistant") +} + +func TestSanitizeHistoryForProvider_ConsecutiveMultiToolRounds(t *testing.T) { + history := []providers.Message{ + msg("user", "start"), + assistantWithTools("A", "B"), + toolResult("A"), + toolResult("B"), + assistantWithTools("C", "D"), + toolResult("C"), + toolResult("D"), + msg("assistant", "all done"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 8 { + t.Fatalf("expected 8 messages, got %d: %+v", len(result), roles(result)) + } + assertRoles(t, result, "user", "assistant", "tool", "tool", "assistant", "tool", "tool", "assistant") +} + +func TestSanitizeHistoryForProvider_PlainConversation(t *testing.T) { + history := []providers.Message{ + msg("user", "hello"), + msg("assistant", "hi"), + msg("user", "how are you"), + msg("assistant", "fine"), + } + + result := sanitizeHistoryForProvider(history) + if len(result) != 4 { + t.Fatalf("expected 4 messages, got %d", len(result)) + } + assertRoles(t, result, "user", "assistant", "user", "assistant") +} + +func roles(msgs []providers.Message) []string { + r := make([]string, len(msgs)) + for i, m := range msgs { + r[i] = m.Role + } + return r +} + +func assertRoles(t *testing.T, msgs []providers.Message, expected ...string) { + t.Helper() + if len(msgs) != len(expected) { + t.Fatalf("role count mismatch: got %v, want %v", roles(msgs), expected) + } + for i, exp := range expected { + if msgs[i].Role != exp { + t.Errorf("message[%d]: got role %q, want %q", i, msgs[i].Role, exp) + } + } +} From 100356e8ec029f689a6b43363ada3556a2163365 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kai=20Xia=28=E5=A4=8F=E6=81=BA=29?= Date: Wed, 25 Feb 2026 00:52:25 +1100 Subject: [PATCH 56/88] refactor: cleanup dead code and turn on dead code detection in CI (#515) * cleanup dead code. Signed-off-by: Kai Xia * add these two back with flag. Signed-off-by: Kai Xia * fix ci Signed-off-by: Kai Xia * remove this confusing line Signed-off-by: Kai Xia * make fmt Signed-off-by: Kai Xia * remove unused method. picked up by golangci-lint run Signed-off-by: Kai Xia --------- Signed-off-by: Kai Xia --- .golangci.yaml | 4 +- pkg/agent/context.go | 19 --------- pkg/channels/wecom_app.go | 55 ------------------------- pkg/devices/sources/usb_linux.go | 5 +-- pkg/providers/antigravity_provider.go | 58 --------------------------- pkg/providers/fallback_test.go | 6 --- pkg/tools/i2c.go | 8 ++++ pkg/tools/spi.go | 4 ++ 8 files changed, 17 insertions(+), 142 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index d45d69e67..dd3cbae19 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -66,7 +66,6 @@ linters: - testifylint - thelper - unparam - - unused - usestdlibvars - usetesting - wastedassign @@ -152,6 +151,9 @@ linters: - gocognit - gocyclo path: _test\.go$ + - linters: + - nolintlint + path: 'pkg/tools/(i2c\.go|spi\.go)$' issues: max-issues-per-linter: 0 diff --git a/pkg/agent/context.go b/pkg/agent/context.go index a9db5afdd..ba07e33d3 100644 --- a/pkg/agent/context.go +++ b/pkg/agent/context.go @@ -288,25 +288,6 @@ func (cb *ContextBuilder) AddAssistantMessage( return messages } -func (cb *ContextBuilder) loadSkills() string { - allSkills := cb.skillsLoader.ListSkills() - if len(allSkills) == 0 { - return "" - } - - var skillNames []string - for _, s := range allSkills { - skillNames = append(skillNames, s.Name) - } - - content := cb.skillsLoader.LoadSkillsForContext(skillNames) - if content == "" { - return "" - } - - return "# Skill Definitions\n\n" + content -} - // GetSkillsInfo returns information about loaded skills. func (cb *ContextBuilder) GetSkillsInfo() map[string]any { allSkills := cb.skillsLoader.ListSkills() diff --git a/pkg/channels/wecom_app.go b/pkg/channels/wecom_app.go index 715c48707..302603445 100644 --- a/pkg/channels/wecom_app.go +++ b/pkg/channels/wecom_app.go @@ -571,61 +571,6 @@ func (c *WeComAppChannel) sendTextMessage(ctx context.Context, accessToken, user return nil } -// sendMarkdownMessage sends a markdown message to a user -func (c *WeComAppChannel) sendMarkdownMessage(ctx context.Context, accessToken, userID, content string) error { - apiURL := fmt.Sprintf("%s/cgi-bin/message/send?access_token=%s", wecomAPIBase, accessToken) - - msg := WeComMarkdownMessage{ - ToUser: userID, - MsgType: "markdown", - AgentID: c.config.AgentID, - } - msg.Markdown.Content = content - - jsonData, err := json.Marshal(msg) - if err != nil { - return fmt.Errorf("failed to marshal message: %w", err) - } - - // Use configurable timeout (default 5 seconds) - timeout := c.config.ReplyTimeout - if timeout <= 0 { - timeout = 5 - } - - reqCtx, cancel := context.WithTimeout(ctx, time.Duration(timeout)*time.Second) - defer cancel() - - req, err := http.NewRequestWithContext(reqCtx, http.MethodPost, apiURL, bytes.NewBuffer(jsonData)) - if err != nil { - return fmt.Errorf("failed to create request: %w", err) - } - req.Header.Set("Content-Type", "application/json") - - client := &http.Client{Timeout: time.Duration(timeout) * time.Second} - resp, err := client.Do(req) - if err != nil { - return fmt.Errorf("failed to send message: %w", err) - } - defer resp.Body.Close() - - body, err := io.ReadAll(resp.Body) - if err != nil { - return fmt.Errorf("failed to read response: %w", err) - } - - var sendResp WeComSendMessageResponse - if err := json.Unmarshal(body, &sendResp); err != nil { - return fmt.Errorf("failed to parse response: %w", err) - } - - if sendResp.ErrCode != 0 { - return fmt.Errorf("API error: %s (code: %d)", sendResp.ErrMsg, sendResp.ErrCode) - } - - return nil -} - // handleHealth handles health check requests func (c *WeComAppChannel) handleHealth(w http.ResponseWriter, r *http.Request) { status := map[string]any{ diff --git a/pkg/devices/sources/usb_linux.go b/pkg/devices/sources/usb_linux.go index be0193cfb..2bb38941f 100644 --- a/pkg/devices/sources/usb_linux.go +++ b/pkg/devices/sources/usb_linux.go @@ -35,9 +35,8 @@ var usbClassToCapability = map[string]string{ } type USBMonitor struct { - cmd *exec.Cmd - cancel context.CancelFunc - mu sync.Mutex + cmd *exec.Cmd + mu sync.Mutex } func NewUSBMonitor() *USBMonitor { diff --git a/pkg/providers/antigravity_provider.go b/pkg/providers/antigravity_provider.go index cff67c88c..d4ee528b7 100644 --- a/pkg/providers/antigravity_provider.go +++ b/pkg/providers/antigravity_provider.go @@ -404,64 +404,6 @@ type antigravityJSONResponse struct { } `json:"usageMetadata"` } -func (p *AntigravityProvider) parseJSONResponse(body []byte) (*LLMResponse, error) { - var resp antigravityJSONResponse - if err := json.Unmarshal(body, &resp); err != nil { - return nil, fmt.Errorf("parsing antigravity response: %w", err) - } - - if len(resp.Candidates) == 0 { - return nil, fmt.Errorf("antigravity: no candidates in response") - } - - candidate := resp.Candidates[0] - var contentParts []string - var toolCalls []ToolCall - - for _, part := range candidate.Content.Parts { - if part.Text != "" { - contentParts = append(contentParts, part.Text) - } - if part.FunctionCall != nil { - argumentsJSON, _ := json.Marshal(part.FunctionCall.Args) - toolCalls = append(toolCalls, ToolCall{ - ID: fmt.Sprintf("call_%s_%d", part.FunctionCall.Name, time.Now().UnixNano()), - Name: part.FunctionCall.Name, - Arguments: part.FunctionCall.Args, - Function: &FunctionCall{ - Name: part.FunctionCall.Name, - Arguments: string(argumentsJSON), - ThoughtSignature: extractPartThoughtSignature(part.ThoughtSignature, part.ThoughtSignatureSnake), - }, - }) - } - } - - finishReason := "stop" - if len(toolCalls) > 0 { - finishReason = "tool_calls" - } - if candidate.FinishReason == "MAX_TOKENS" { - finishReason = "length" - } - - var usage *UsageInfo - if resp.UsageMetadata.TotalTokenCount > 0 { - usage = &UsageInfo{ - PromptTokens: resp.UsageMetadata.PromptTokenCount, - CompletionTokens: resp.UsageMetadata.CandidatesTokenCount, - TotalTokens: resp.UsageMetadata.TotalTokenCount, - } - } - - return &LLMResponse{ - Content: strings.Join(contentParts, ""), - ToolCalls: toolCalls, - FinishReason: finishReason, - Usage: usage, - }, nil -} - func (p *AntigravityProvider) parseSSEResponse(body string) (*LLMResponse, error) { var contentParts []string var toolCalls []ToolCall diff --git a/pkg/providers/fallback_test.go b/pkg/providers/fallback_test.go index e872c672e..ebba054ef 100644 --- a/pkg/providers/fallback_test.go +++ b/pkg/providers/fallback_test.go @@ -17,12 +17,6 @@ func successRun(content string) func(ctx context.Context, provider, model string } } -func failRun(err error) func(ctx context.Context, provider, model string) (*LLMResponse, error) { - return func(ctx context.Context, provider, model string) (*LLMResponse, error) { - return nil, err - } -} - func TestFallback_SingleCandidate_Success(t *testing.T) { ct := NewCooldownTracker() fc := NewFallbackChain(ct) diff --git a/pkg/tools/i2c.go b/pkg/tools/i2c.go index 0387a26d3..779b1d5a7 100644 --- a/pkg/tools/i2c.go +++ b/pkg/tools/i2c.go @@ -117,13 +117,19 @@ func (t *I2CTool) detect() *ToolResult { return SilentResult(fmt.Sprintf("Found %d I2C bus(es):\n%s", len(buses), string(result))) } +// Helper functions for I2C operations (used by platform-specific implementations) + // isValidBusID checks that a bus identifier is a simple number (prevents path injection) +// +//nolint:unused // Used by i2c_linux.go func isValidBusID(id string) bool { matched, _ := regexp.MatchString(`^\d+$`, id) return matched } // parseI2CAddress extracts and validates an I2C address from args +// +//nolint:unused // Used by i2c_linux.go func parseI2CAddress(args map[string]any) (int, *ToolResult) { addrFloat, ok := args["address"].(float64) if !ok { @@ -137,6 +143,8 @@ func parseI2CAddress(args map[string]any) (int, *ToolResult) { } // parseI2CBus extracts and validates an I2C bus from args +// +//nolint:unused // Used by i2c_linux.go func parseI2CBus(args map[string]any) (string, *ToolResult) { bus, ok := args["bus"].(string) if !ok || bus == "" { diff --git a/pkg/tools/spi.go b/pkg/tools/spi.go index d6a88a5b0..0ca17e84f 100644 --- a/pkg/tools/spi.go +++ b/pkg/tools/spi.go @@ -119,7 +119,11 @@ func (t *SPITool) list() *ToolResult { return SilentResult(fmt.Sprintf("Found %d SPI device(s):\n%s", len(devices), string(result))) } +// Helper function for SPI operations (used by platform-specific implementations) + // parseSPIArgs extracts and validates common SPI parameters +// +//nolint:unused // Used by spi_linux.go func parseSPIArgs(args map[string]any) (device string, speed uint32, mode uint8, bits uint8, errMsg string) { dev, ok := args["device"].(string) if !ok || dev == "" { From d09c64fcee20e9eabb13ca9c8de483747aafa930 Mon Sep 17 00:00:00 2001 From: Lixeer <1612655510@qq.com> Date: Tue, 24 Feb 2026 22:33:04 +0800 Subject: [PATCH 57/88] fix: implement code review suggestions Address all feedback from PR review: - Lock granularity - Empty response handling - Shutdown race condition - Interface naming --- cmd/picoclaw/cmd_gateway.go | 4 ++-- pkg/providers/github_copilot_provider.go | 21 +++++++++++++-------- pkg/providers/types.go | 2 +- pkg/tools/registry_test.go | 20 ++++++++++---------- 4 files changed, 26 insertions(+), 21 deletions(-) diff --git a/cmd/picoclaw/cmd_gateway.go b/cmd/picoclaw/cmd_gateway.go index 30d61aec3..fea569381 100644 --- a/cmd/picoclaw/cmd_gateway.go +++ b/cmd/picoclaw/cmd_gateway.go @@ -211,10 +211,10 @@ func gatewayCmd() { <-sigChan fmt.Println("\nShutting down...") - cancel() - if cp, ok := provider.(providers.SessionProvider); ok { + if cp, ok := provider.(providers.StatefulProvider); ok { cp.Close() } + cancel() healthServer.Stop(context.Background()) deviceService.Stop() heartbeatService.Stop() diff --git a/pkg/providers/github_copilot_provider.go b/pkg/providers/github_copilot_provider.go index c69658b44..9210021e1 100644 --- a/pkg/providers/github_copilot_provider.go +++ b/pkg/providers/github_copilot_provider.go @@ -94,19 +94,24 @@ func (p *GitHubCopilotProvider) Chat( return nil, fmt.Errorf("marshal messages: %w", err) } p.mu.Lock() - defer p.mu.Unlock() + session := p.session + p.mu.Unlock() - resp, err := p.session.SendAndWait(ctx, copilot.MessageOptions{ + if session == nil { + return nil, fmt.Errorf("provider closed") + } + + resp, err := session.SendAndWait(ctx, copilot.MessageOptions{ Prompt: string(fullcontent), }) - if err != nil { - return nil, err - } - var content string - if resp != nil && resp.Data.Content != nil { - content = *resp.Data.Content + if resp == nil { + return nil, fmt.Errorf("empty response from copilot") } + if resp.Data.Content == nil { + return nil, fmt.Errorf("no content in copilot response") + } + content := *resp.Data.Content return &LLMResponse{ FinishReason: "stop", diff --git a/pkg/providers/types.go b/pkg/providers/types.go index 40ff6f7c8..b2dda04a5 100644 --- a/pkg/providers/types.go +++ b/pkg/providers/types.go @@ -30,7 +30,7 @@ type LLMProvider interface { GetDefaultModel() string } -type SessionProvider interface { +type StatefulProvider interface { LLMProvider Close() } diff --git a/pkg/tools/registry_test.go b/pkg/tools/registry_test.go index 8ae13b20c..33978e543 100644 --- a/pkg/tools/registry_test.go +++ b/pkg/tools/registry_test.go @@ -14,14 +14,14 @@ import ( type mockRegistryTool struct { name string desc string - params map[string]any + params map[string]interface{} result *ToolResult } -func (m *mockRegistryTool) Name() string { return m.name } -func (m *mockRegistryTool) Description() string { return m.desc } -func (m *mockRegistryTool) Parameters() map[string]any { return m.params } -func (m *mockRegistryTool) Execute(_ context.Context, _ map[string]any) *ToolResult { +func (m *mockRegistryTool) Name() string { return m.name } +func (m *mockRegistryTool) Description() string { return m.desc } +func (m *mockRegistryTool) Parameters() map[string]interface{} { return m.params } +func (m *mockRegistryTool) Execute(_ context.Context, _ map[string]interface{}) *ToolResult { return m.result } @@ -51,7 +51,7 @@ func newMockTool(name, desc string) *mockRegistryTool { return &mockRegistryTool{ name: name, desc: desc, - params: map[string]any{"type": "object"}, + params: map[string]interface{}{"type": "object"}, result: SilentResult("ok"), } } @@ -109,7 +109,7 @@ func TestToolRegistry_Execute_Success(t *testing.T) { r.Register(&mockRegistryTool{ name: "greet", desc: "says hello", - params: map[string]any{}, + params: map[string]interface{}{}, result: SilentResult("hello"), }) @@ -203,7 +203,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { if defs[0]["type"] != "function" { t.Errorf("expected type 'function', got %v", defs[0]["type"]) } - fn, ok := defs[0]["function"].(map[string]any) + fn, ok := defs[0]["function"].(map[string]interface{}) if !ok { t.Fatal("expected 'function' key to be a map") } @@ -217,7 +217,7 @@ func TestToolRegistry_GetDefinitions(t *testing.T) { func TestToolRegistry_ToProviderDefs(t *testing.T) { r := NewToolRegistry() - params := map[string]any{"type": "object", "properties": map[string]any{}} + params := map[string]interface{}{"type": "object", "properties": map[string]interface{}{}} r.Register(&mockRegistryTool{ name: "beta", desc: "tool B", @@ -310,7 +310,7 @@ func TestToolToSchema(t *testing.T) { if schema["type"] != "function" { t.Errorf("expected type 'function', got %v", schema["type"]) } - fn, ok := schema["function"].(map[string]any) + fn, ok := schema["function"].(map[string]interface{}) if !ok { t.Fatal("expected 'function' to be a map") } From ec6da7a530ce5da48df422b38be697afad36192b Mon Sep 17 00:00:00 2001 From: Achton Smidt Winther Date: Tue, 24 Feb 2026 21:39:49 +0100 Subject: [PATCH 58/88] fix: reject empty task in spawn tool (#740) The spawn tool accepts empty strings as valid task arguments, which causes a subagent to run with no meaningful work. The subagent's completion message is then routed back to the originating channel (e.g. Signal, Discord), where the main agent processes it and may hallucinate an unrelated response that gets sent to users. Validate that the task parameter is non-empty after trimming whitespace. Related: #545 Co-authored-by: Claude Opus 4.6 --- pkg/tools/spawn.go | 5 +-- pkg/tools/spawn_test.go | 79 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 82 insertions(+), 2 deletions(-) create mode 100644 pkg/tools/spawn_test.go diff --git a/pkg/tools/spawn.go b/pkg/tools/spawn.go index 73d385cb0..8b166b41f 100644 --- a/pkg/tools/spawn.go +++ b/pkg/tools/spawn.go @@ -3,6 +3,7 @@ package tools import ( "context" "fmt" + "strings" ) type SpawnTool struct { @@ -66,8 +67,8 @@ func (t *SpawnTool) SetAllowlistChecker(check func(targetAgentID string) bool) { func (t *SpawnTool) Execute(ctx context.Context, args map[string]any) *ToolResult { task, ok := args["task"].(string) - if !ok { - return ErrorResult("task is required") + if !ok || strings.TrimSpace(task) == "" { + return ErrorResult("task is required and must be a non-empty string") } label, _ := args["label"].(string) diff --git a/pkg/tools/spawn_test.go b/pkg/tools/spawn_test.go new file mode 100644 index 000000000..0646c82a9 --- /dev/null +++ b/pkg/tools/spawn_test.go @@ -0,0 +1,79 @@ +package tools + +import ( + "context" + "strings" + "testing" +) + +func TestSpawnTool_Execute_EmptyTask(t *testing.T) { + provider := &MockLLMProvider{} + manager := NewSubagentManager(provider, "test-model", "/tmp/test", nil) + tool := NewSpawnTool(manager) + + ctx := context.Background() + + tests := []struct { + name string + args map[string]any + }{ + {"empty string", map[string]any{"task": ""}}, + {"whitespace only", map[string]any{"task": " "}}, + {"tabs and newlines", map[string]any{"task": "\t\n "}}, + {"missing task key", map[string]any{"label": "test"}}, + {"wrong type", map[string]any{"task": 123}}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + result := tool.Execute(ctx, tt.args) + if result == nil { + t.Fatal("Result should not be nil") + } + if !result.IsError { + t.Error("Expected error for invalid task parameter") + } + if !strings.Contains(result.ForLLM, "task is required") { + t.Errorf("Error message should mention 'task is required', got: %s", result.ForLLM) + } + }) + } +} + +func TestSpawnTool_Execute_ValidTask(t *testing.T) { + provider := &MockLLMProvider{} + manager := NewSubagentManager(provider, "test-model", "/tmp/test", nil) + tool := NewSpawnTool(manager) + + ctx := context.Background() + args := map[string]any{ + "task": "Write a haiku about coding", + "label": "haiku-task", + } + + result := tool.Execute(ctx, args) + if result == nil { + t.Fatal("Result should not be nil") + } + if result.IsError { + t.Errorf("Expected success for valid task, got error: %s", result.ForLLM) + } + if !result.Async { + t.Error("SpawnTool should return async result") + } +} + +func TestSpawnTool_Execute_NilManager(t *testing.T) { + tool := NewSpawnTool(nil) + + ctx := context.Background() + args := map[string]any{"task": "test task"} + + result := tool.Execute(ctx, args) + if !result.IsError { + t.Error("Expected error for nil manager") + } + if !strings.Contains(result.ForLLM, "Subagent manager not configured") { + t.Errorf("Error message should mention manager not configured, got: %s", result.ForLLM) + } +} From 19c6890807a7d9a9d46201fcd0b6e9775bf1a37d Mon Sep 17 00:00:00 2001 From: avaksru <33891999+avaksru@users.noreply.github.com> Date: Wed, 25 Feb 2026 09:46:42 +0300 Subject: [PATCH 59/88] Add ARMv7 build target to Makefile --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 576152f40..f99c7712e 100644 --- a/Makefile +++ b/Makefile @@ -92,6 +92,7 @@ build-all: generate GOOS=linux GOARCH=arm64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-linux-arm64 ./$(CMD_DIR) GOOS=linux GOARCH=loong64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-linux-loong64 ./$(CMD_DIR) GOOS=linux GOARCH=riscv64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-linux-riscv64 ./$(CMD_DIR) + GOOS=linux GOARCH=arm GOARM=7 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-linux-armv7l ./$(CMD_DIR) GOOS=darwin GOARCH=arm64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-darwin-arm64 ./$(CMD_DIR) GOOS=windows GOARCH=amd64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-windows-amd64.exe ./$(CMD_DIR) @echo "All builds complete" From 14cb16f113702ad9420ead54a77908a0460567af Mon Sep 17 00:00:00 2001 From: avaksru <33891999+avaksru@users.noreply.github.com> Date: Wed, 25 Feb 2026 10:02:15 +0300 Subject: [PATCH 60/88] Add goarm versions for ARM architecture in config --- .goreleaser.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 2c47f7d86..2fcc43b8c 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -31,6 +31,10 @@ builds: - s390x - mips64 - arm + goarm: + - "7" + - "6" + - "5" main: ./cmd/picoclaw ignore: - goos: windows From 7de75192b81306085544ce7fe123da82732af90d Mon Sep 17 00:00:00 2001 From: avaksru <33891999+avaksru@users.noreply.github.com> Date: Wed, 25 Feb 2026 10:10:44 +0300 Subject: [PATCH 61/88] Disable Docker Hub login in release.yml Comment out Docker Hub login steps in release workflow. --- .github/workflows/release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 786c893ef..6ebd75c13 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -73,12 +73,12 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - registry: docker.io - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} +# - name: Login to Docker Hub +# uses: docker/login-action@v3 +# with: +# registry: docker.io +# username: ${{ secrets.DOCKERHUB_USERNAME }} +# password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Run GoReleaser uses: goreleaser/goreleaser-action@v6 From 1f7cbd916490ba39eda9edc6037bf13044eb4494 Mon Sep 17 00:00:00 2001 From: Zhaoyikaiii Date: Wed, 25 Feb 2026 10:34:54 +0800 Subject: [PATCH 62/88] fix: cache system prompt with mtime-based auto-invalidation (#607) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Avoid rebuilding the entire system prompt on every BuildMessages() call by caching the static portion (identity, bootstrap, skills summary, memory) and only recomputing it when workspace source files change. Key changes: - ContextBuilder caches the static prompt behind an RWMutex with double-checked locking. Source file changes are detected via cheap os.Stat mtime checks so no explicit invalidation is needed. - Track file existence at cache time (existedAtCache map) so that newly created or deleted bootstrap/memory files also trigger a rebuild ā€” the old modifiedSince() silently returned false on os.IsNotExist. - Walk the skills directory recursively with filepath.WalkDir to catch content-only edits at any nesting depth; directory mtime alone misses in-place file modifications on most filesystems. - ToolRegistry.sortedToolNames() sorts tool names before iteration, ensuring deterministic tool definition order across calls ā€” a prerequisite for LLM-side prefix/KV cache reuse. - Merge all context (static + dynamic + summary) into a single system message for provider compatibility: the Anthropic adapter extracts messages[0] as the top-level system parameter, and Codex reads only the first system message as instructions. - Fix a data race in BuildMessages() where cachedSystemPrompt was read without holding the lock in a debug log statement. - Add tests: single system message invariant, mtime auto-invalidation, new-file creation detection, skill file content change, explicit InvalidateCache, cache stability, concurrent access (20 goroutines x 50 iterations, passes go test -race), and a benchmark. --- pkg/agent/context.go | 354 ++++++++++++++-- pkg/agent/context_cache_test.go | 513 ++++++++++++++++++++++++ pkg/agent/loop.go | 20 +- pkg/providers/anthropic/provider.go | 15 +- pkg/providers/codex_provider.go | 12 + pkg/providers/openai_compat/provider.go | 36 +- pkg/providers/protocoltypes/types.go | 26 +- pkg/providers/types.go | 2 + pkg/tools/registry.go | 39 +- 9 files changed, 965 insertions(+), 52 deletions(-) create mode 100644 pkg/agent/context_cache_test.go diff --git a/pkg/agent/context.go b/pkg/agent/context.go index ba07e33d3..a727cc833 100644 --- a/pkg/agent/context.go +++ b/pkg/agent/context.go @@ -1,11 +1,14 @@ package agent import ( + "errors" "fmt" + "io/fs" "os" "path/filepath" "runtime" "strings" + "sync" "time" "github.com/sipeed/picoclaw/pkg/logger" @@ -19,6 +22,19 @@ type ContextBuilder struct { skillsLoader *skills.SkillsLoader memory *MemoryStore tools *tools.ToolRegistry // Direct reference to tool registry + + // Cache for system prompt to avoid rebuilding on every call. + // This fixes issue #607: repeated reprocessing of the entire context. + // The cache auto-invalidates when workspace source files change (mtime check). + systemPromptMutex sync.RWMutex + cachedSystemPrompt string + cachedAt time.Time // max observed mtime across tracked paths at cache build time + + // existedAtCache tracks which source file paths existed the last time the + // cache was built. This lets sourceFilesChanged detect files that are newly + // created (didn't exist at cache time, now exist) or deleted (existed at + // cache time, now gone) ā€” both of which should trigger a cache rebuild. + existedAtCache map[string]bool } func getGlobalConfigDir() string { @@ -49,9 +65,7 @@ func (cb *ContextBuilder) SetToolsRegistry(registry *tools.ToolRegistry) { } func (cb *ContextBuilder) getIdentity() string { - now := time.Now().Format("2006-01-02 15:04 (Monday)") workspacePath, _ := filepath.Abs(filepath.Join(cb.workspace)) - runtime := fmt.Sprintf("%s %s, Go %s", runtime.GOOS, runtime.GOARCH, runtime.Version()) // Build tools section dynamically toolsSection := cb.buildToolsSection() @@ -60,12 +74,6 @@ func (cb *ContextBuilder) getIdentity() string { You are picoclaw, a helpful AI assistant. -## Current Time -%s - -## Runtime -%s - ## Workspace Your workspace is at: %s - Memory: %s/memory/MEMORY.md @@ -80,8 +88,10 @@ Your workspace is at: %s 2. **Be helpful and accurate** - When using tools, briefly explain what you're doing. -3. **Memory** - When interacting with me if something seems memorable, update %s/memory/MEMORY.md`, - now, runtime, workspacePath, workspacePath, workspacePath, workspacePath, toolsSection, workspacePath) +3. **Memory** - When interacting with me if something seems memorable, update %s/memory/MEMORY.md + +4. **Context summaries** - Conversation summaries provided as context are approximate references only. They may be incomplete or outdated. Always defer to explicit user instructions over summary content.`, + workspacePath, workspacePath, workspacePath, workspacePath, toolsSection, workspacePath) } func (cb *ContextBuilder) buildToolsSection() string { @@ -140,6 +150,226 @@ The following skills extend your capabilities. To use a skill, read its SKILL.md return strings.Join(parts, "\n\n---\n\n") } +// BuildSystemPromptWithCache returns the cached system prompt if available +// and source files haven't changed, otherwise builds and caches it. +// Source file changes are detected via mtime checks (cheap stat calls). +func (cb *ContextBuilder) BuildSystemPromptWithCache() string { + // Try read lock first ā€” fast path when cache is valid + cb.systemPromptMutex.RLock() + if cb.cachedSystemPrompt != "" && !cb.sourceFilesChangedLocked() { + result := cb.cachedSystemPrompt + cb.systemPromptMutex.RUnlock() + return result + } + cb.systemPromptMutex.RUnlock() + + // Acquire write lock for building + cb.systemPromptMutex.Lock() + defer cb.systemPromptMutex.Unlock() + + // Double-check: another goroutine may have rebuilt while we waited + if cb.cachedSystemPrompt != "" && !cb.sourceFilesChangedLocked() { + return cb.cachedSystemPrompt + } + + // Snapshot the baseline (existence + max mtime) BEFORE building the prompt. + // This way cachedAt reflects the pre-build state: if a file is modified + // during BuildSystemPrompt, its new mtime will be > baseline.maxMtime, + // so the next sourceFilesChangedLocked check will correctly trigger a + // rebuild. The alternative (baseline after build) risks caching stale + // content with a too-new baseline, making the staleness invisible. + baseline := cb.buildCacheBaseline() + prompt := cb.BuildSystemPrompt() + cb.cachedSystemPrompt = prompt + cb.cachedAt = baseline.maxMtime + cb.existedAtCache = baseline.existed + + logger.DebugCF("agent", "System prompt cached", + map[string]any{ + "length": len(prompt), + }) + + return prompt +} + +// InvalidateCache clears the cached system prompt. +// Normally not needed because the cache auto-invalidates via mtime checks, +// but this is useful for tests or explicit reload commands. +func (cb *ContextBuilder) InvalidateCache() { + cb.systemPromptMutex.Lock() + defer cb.systemPromptMutex.Unlock() + + cb.cachedSystemPrompt = "" + cb.cachedAt = time.Time{} + cb.existedAtCache = nil + + logger.DebugCF("agent", "System prompt cache invalidated", nil) +} + +// sourcePaths returns the workspace source file paths tracked for cache +// invalidation (bootstrap files + memory). The skills directory is handled +// separately in sourceFilesChangedLocked because it requires both directory- +// level and recursive file-level mtime checks. +func (cb *ContextBuilder) sourcePaths() []string { + return []string{ + filepath.Join(cb.workspace, "AGENTS.md"), + filepath.Join(cb.workspace, "SOUL.md"), + filepath.Join(cb.workspace, "USER.md"), + filepath.Join(cb.workspace, "IDENTITY.md"), + filepath.Join(cb.workspace, "memory", "MEMORY.md"), + } +} + +// cacheBaseline holds the file existence snapshot and the latest observed +// mtime across all tracked paths. Used as the cache reference point. +type cacheBaseline struct { + existed map[string]bool + maxMtime time.Time +} + +// buildCacheBaseline records which tracked paths currently exist and computes +// the latest mtime across all tracked files + skills directory contents. +// Called under write lock when the cache is built. +func (cb *ContextBuilder) buildCacheBaseline() cacheBaseline { + skillsDir := filepath.Join(cb.workspace, "skills") + + // All paths whose existence we track: source files + skills dir. + allPaths := append(cb.sourcePaths(), skillsDir) + + existed := make(map[string]bool, len(allPaths)) + var maxMtime time.Time + + for _, p := range allPaths { + info, err := os.Stat(p) + existed[p] = err == nil + if err == nil && info.ModTime().After(maxMtime) { + maxMtime = info.ModTime() + } + } + + // Walk skills files to capture their mtimes too. + // Use os.Stat (not d.Info) to match the stat method used in + // fileChangedSince / skillFilesModifiedSince for consistency. + _ = filepath.WalkDir(skillsDir, func(path string, d fs.DirEntry, walkErr error) error { + if walkErr == nil && !d.IsDir() { + if info, err := os.Stat(path); err == nil && info.ModTime().After(maxMtime) { + maxMtime = info.ModTime() + } + } + return nil + }) + + // If no tracked files exist yet (empty workspace), maxMtime is zero. + // Use a very old non-zero time so that: + // 1. cachedAt.IsZero() won't trigger perpetual rebuilds. + // 2. Any real file created afterwards has mtime > cachedAt, so it + // will be detected by fileChangedSince (unlike time.Now() which + // could race with a file whose mtime <= Now). + if maxMtime.IsZero() { + maxMtime = time.Unix(1, 0) + } + + return cacheBaseline{existed: existed, maxMtime: maxMtime} +} + +// sourceFilesChangedLocked checks whether any workspace source file has been +// modified, created, or deleted since the cache was last built. +// +// IMPORTANT: The caller MUST hold at least a read lock on systemPromptMutex. +// Go's sync.RWMutex is not reentrant, so this function must NOT acquire the +// lock itself (it would deadlock when called from BuildSystemPromptWithCache +// which already holds RLock or Lock). +func (cb *ContextBuilder) sourceFilesChangedLocked() bool { + if cb.cachedAt.IsZero() { + return true + } + + // Check tracked source files (bootstrap + memory). + for _, p := range cb.sourcePaths() { + if cb.fileChangedSince(p) { + return true + } + } + + // --- Skills directory (handled separately from sourcePaths) --- + // + // 1. Creation/deletion: tracked via existedAtCache, same as bootstrap files. + skillsDir := filepath.Join(cb.workspace, "skills") + if cb.fileChangedSince(skillsDir) { + return true + } + + // 2. Structural changes (add/remove entries inside the dir) are reflected + // in the directory's own mtime, which fileChangedSince already checks. + // + // 3. Content-only edits to files inside skills/ do NOT update the parent + // directory mtime on most filesystems, so we recursively walk to check + // individual file mtimes at any nesting depth. + if skillFilesModifiedSince(skillsDir, cb.cachedAt) { + return true + } + + return false +} + +// fileChangedSince returns true if a tracked source file has been modified, +// newly created, or deleted since the cache was built. +// +// Four cases: +// - existed at cache time, exists now -> check mtime +// - existed at cache time, gone now -> changed (deleted) +// - absent at cache time, exists now -> changed (created) +// - absent at cache time, gone now -> no change +func (cb *ContextBuilder) fileChangedSince(path string) bool { + // Defensive: if existedAtCache was never initialised, treat as changed + // so the cache rebuilds rather than silently serving stale data. + if cb.existedAtCache == nil { + return true + } + + existedBefore := cb.existedAtCache[path] + info, err := os.Stat(path) + existsNow := err == nil + + if existedBefore != existsNow { + return true // file was created or deleted + } + if !existsNow { + return false // didn't exist before, doesn't exist now + } + return info.ModTime().After(cb.cachedAt) +} + +// errWalkStop is a sentinel error used to stop filepath.WalkDir early. +// Using a dedicated error (instead of fs.SkipAll) makes the early-exit +// intent explicit and avoids the nilerr linter warning that would fire +// if the callback returned nil when its err parameter is non-nil. +var errWalkStop = errors.New("walk stop") + +// skillFilesModifiedSince recursively walks the skills directory and checks +// whether any file was modified after t. This catches content-only edits at +// any nesting depth (e.g. skills/name/docs/extra.md) that don't update +// parent directory mtimes. +func skillFilesModifiedSince(skillsDir string, t time.Time) bool { + changed := false + err := filepath.WalkDir(skillsDir, func(path string, d fs.DirEntry, walkErr error) error { + if walkErr == nil && !d.IsDir() { + if info, statErr := os.Stat(path); statErr == nil && info.ModTime().After(t) { + changed = true + return errWalkStop // stop walking + } + } + return nil + }) + // errWalkStop is expected (early exit on first changed file). + // os.IsNotExist means the skills dir doesn't exist yet ā€” not an error. + // Any other error is unexpected and worth logging. + if err != nil && !errors.Is(err, errWalkStop) && !os.IsNotExist(err) { + logger.DebugCF("agent", "skills walk error", map[string]any{"error": err.Error()}) + } + return changed +} + func (cb *ContextBuilder) LoadBootstrapFiles() string { bootstrapFiles := []string{ "AGENTS.md", @@ -159,6 +389,28 @@ func (cb *ContextBuilder) LoadBootstrapFiles() string { return sb.String() } +// buildDynamicContext returns a short dynamic context string with per-request info. +// This changes every request (time, session) so it is NOT part of the cached prompt. +// LLM-side KV cache reuse is achieved by each provider adapter's native mechanism: +// - Anthropic: per-block cache_control (ephemeral) on the static SystemParts block +// - OpenAI / Codex: prompt_cache_key for prefix-based caching +// +// See: https://docs.anthropic.com/en/docs/build-with-claude/prompt-caching +// See: https://platform.openai.com/docs/guides/prompt-caching +func (cb *ContextBuilder) buildDynamicContext(channel, chatID string) string { + now := time.Now().Format("2006-01-02 15:04 (Monday)") + rt := fmt.Sprintf("%s %s, Go %s", runtime.GOOS, runtime.GOARCH, runtime.Version()) + + var sb strings.Builder + fmt.Fprintf(&sb, "## Current Time\n%s\n\n## Runtime\n%s", now, rt) + + if channel != "" && chatID != "" { + fmt.Fprintf(&sb, "\n\n## Current Session\nChannel: %s\nChat ID: %s", channel, chatID) + } + + return sb.String() +} + func (cb *ContextBuilder) BuildMessages( history []providers.Message, summary string, @@ -168,23 +420,65 @@ func (cb *ContextBuilder) BuildMessages( ) []providers.Message { messages := []providers.Message{} - systemPrompt := cb.BuildSystemPrompt() + // The static part (identity, bootstrap, skills, memory) is cached locally to + // avoid repeated file I/O and string building on every call (fixes issue #607). + // Dynamic parts (time, session, summary) are appended per request. + // Everything is sent as a single system message for provider compatibility: + // - Anthropic adapter extracts messages[0] (Role=="system") and maps its content + // to the top-level "system" parameter in the Messages API request. A single + // contiguous system block makes this extraction straightforward. + // - Codex maps only the first system message to its instructions field. + // - OpenAI-compat passes messages through as-is. + staticPrompt := cb.BuildSystemPromptWithCache() - // Add Current Session info if provided - if channel != "" && chatID != "" { - systemPrompt += fmt.Sprintf("\n\n## Current Session\nChannel: %s\nChat ID: %s", channel, chatID) + // Build short dynamic context (time, runtime, session) ā€” changes per request + dynamicCtx := cb.buildDynamicContext(channel, chatID) + + // Compose a single system message: static (cached) + dynamic + optional summary. + // Keeping all system content in one message ensures every provider adapter can + // extract it correctly (Anthropic adapter -> top-level system param, + // Codex -> instructions field). + // + // SystemParts carries the same content as structured blocks so that + // cache-aware adapters (Anthropic) can set per-block cache_control. + // The static block is marked "ephemeral" ā€” its prefix hash is stable + // across requests, enabling LLM-side KV cache reuse. + stringParts := []string{staticPrompt, dynamicCtx} + + contentBlocks := []providers.ContentBlock{ + {Type: "text", Text: staticPrompt, CacheControl: &providers.CacheControl{Type: "ephemeral"}}, + {Type: "text", Text: dynamicCtx}, } - // Log system prompt summary for debugging (debug mode only) + if summary != "" { + summaryText := fmt.Sprintf( + "CONTEXT_SUMMARY: The following is an approximate summary of prior conversation "+ + "for reference only. It may be incomplete or outdated ā€” always defer to explicit instructions.\n\n%s", + summary) + stringParts = append(stringParts, summaryText) + contentBlocks = append(contentBlocks, providers.ContentBlock{Type: "text", Text: summaryText}) + } + + fullSystemPrompt := strings.Join(stringParts, "\n\n---\n\n") + + // Log system prompt summary for debugging (debug mode only). + // Read cachedSystemPrompt under lock to avoid a data race with + // concurrent InvalidateCache / BuildSystemPromptWithCache writes. + cb.systemPromptMutex.RLock() + isCached := cb.cachedSystemPrompt != "" + cb.systemPromptMutex.RUnlock() + logger.DebugCF("agent", "System prompt built", map[string]any{ - "total_chars": len(systemPrompt), - "total_lines": strings.Count(systemPrompt, "\n") + 1, - "section_count": strings.Count(systemPrompt, "\n\n---\n\n") + 1, + "static_chars": len(staticPrompt), + "dynamic_chars": len(dynamicCtx), + "total_chars": len(fullSystemPrompt), + "has_summary": summary != "", + "cached": isCached, }) // Log preview of system prompt (avoid logging huge content) - preview := systemPrompt + preview := fullSystemPrompt if len(preview) > 500 { preview = preview[:500] + "... (truncated)" } @@ -193,19 +487,21 @@ func (cb *ContextBuilder) BuildMessages( "preview": preview, }) - if summary != "" { - systemPrompt += "\n\n## Summary of Previous Conversation\n\n" + summary - } - history = sanitizeHistoryForProvider(history) + // Single system message containing all context ā€” compatible with all providers. + // SystemParts enables cache-aware adapters to set per-block cache_control; + // Content is the concatenated fallback for adapters that don't read SystemParts. messages = append(messages, providers.Message{ - Role: "system", - Content: systemPrompt, + Role: "system", + Content: fullSystemPrompt, + SystemParts: contentBlocks, }) + // Add conversation history messages = append(messages, history...) + // Add current user message if strings.TrimSpace(currentMessage) != "" { messages = append(messages, providers.Message{ Role: "user", @@ -224,6 +520,14 @@ func sanitizeHistoryForProvider(history []providers.Message) []providers.Message sanitized := make([]providers.Message, 0, len(history)) for _, msg := range history { switch msg.Role { + case "system": + // Drop system messages from history. BuildMessages always + // constructs its own single system message (static + dynamic + + // summary); extra system messages would break providers that + // only accept one (Anthropic, Codex). + logger.DebugCF("agent", "Dropping system message from history", map[string]any{}) + continue + case "tool": if len(sanitized) == 0 { logger.DebugCF("agent", "Dropping orphaned leading tool message", map[string]any{}) diff --git a/pkg/agent/context_cache_test.go b/pkg/agent/context_cache_test.go new file mode 100644 index 000000000..ba70d4c0d --- /dev/null +++ b/pkg/agent/context_cache_test.go @@ -0,0 +1,513 @@ +package agent + +import ( + "os" + "path/filepath" + "strings" + "sync" + "testing" + "time" + + "github.com/sipeed/picoclaw/pkg/providers" +) + +// setupWorkspace creates a temporary workspace with standard directories and optional files. +// Returns the tmpDir path; caller should defer os.RemoveAll(tmpDir). +func setupWorkspace(t *testing.T, files map[string]string) string { + t.Helper() + tmpDir, err := os.MkdirTemp("", "picoclaw-test-*") + if err != nil { + t.Fatal(err) + } + os.MkdirAll(filepath.Join(tmpDir, "memory"), 0o755) + os.MkdirAll(filepath.Join(tmpDir, "skills"), 0o755) + for name, content := range files { + dir := filepath.Dir(filepath.Join(tmpDir, name)) + os.MkdirAll(dir, 0o755) + if err := os.WriteFile(filepath.Join(tmpDir, name), []byte(content), 0o644); err != nil { + t.Fatal(err) + } + } + return tmpDir +} + +// TestSingleSystemMessage verifies that BuildMessages always produces exactly one +// system message regardless of summary/history variations. +// Fix: multiple system messages break Anthropic (top-level system param) and +// Codex (only reads last system message as instructions). +func TestSingleSystemMessage(t *testing.T) { + tmpDir := setupWorkspace(t, map[string]string{ + "IDENTITY.md": "# Identity\nTest agent.", + }) + defer os.RemoveAll(tmpDir) + + cb := NewContextBuilder(tmpDir) + + tests := []struct { + name string + history []providers.Message + summary string + message string + }{ + { + name: "no summary, no history", + summary: "", + message: "hello", + }, + { + name: "with summary", + summary: "Previous conversation discussed X", + message: "hello", + }, + { + name: "with history and summary", + history: []providers.Message{ + {Role: "user", Content: "hi"}, + {Role: "assistant", Content: "hello"}, + }, + summary: strings.Repeat("Long summary text. ", 50), + message: "new message", + }, + { + name: "system message in history is filtered", + history: []providers.Message{ + {Role: "system", Content: "stale system prompt from previous session"}, + {Role: "user", Content: "hi"}, + {Role: "assistant", Content: "hello"}, + }, + summary: "", + message: "new message", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + msgs := cb.BuildMessages(tt.history, tt.summary, tt.message, nil, "test", "chat1") + + systemCount := 0 + for _, m := range msgs { + if m.Role == "system" { + systemCount++ + } + } + if systemCount != 1 { + t.Errorf("expected exactly 1 system message, got %d", systemCount) + } + if msgs[0].Role != "system" { + t.Errorf("first message should be system, got %s", msgs[0].Role) + } + if msgs[len(msgs)-1].Role != "user" { + t.Errorf("last message should be user, got %s", msgs[len(msgs)-1].Role) + } + + // System message must contain identity (static) and time (dynamic) + sys := msgs[0].Content + if !strings.Contains(sys, "picoclaw") { + t.Error("system message missing identity") + } + if !strings.Contains(sys, "Current Time") { + t.Error("system message missing dynamic time context") + } + + // Summary handling + if tt.summary != "" { + if !strings.Contains(sys, "CONTEXT_SUMMARY:") { + t.Error("summary present but CONTEXT_SUMMARY prefix missing") + } + if !strings.Contains(sys, tt.summary[:20]) { + t.Error("summary content not found in system message") + } + } else { + if strings.Contains(sys, "CONTEXT_SUMMARY:") { + t.Error("CONTEXT_SUMMARY should not appear without summary") + } + } + }) + } +} + +// TestMtimeAutoInvalidation verifies that the cache detects source file changes +// via mtime without requiring explicit InvalidateCache(). +// Fix: original implementation had no auto-invalidation ā€” edits to bootstrap files, +// memory, or skills were invisible until process restart. +func TestMtimeAutoInvalidation(t *testing.T) { + tests := []struct { + name string + file string // relative path inside workspace + contentV1 string + contentV2 string + checkField string // substring to verify in rebuilt prompt + }{ + { + name: "bootstrap file change", + file: "IDENTITY.md", + contentV1: "# Original Identity", + contentV2: "# Updated Identity", + checkField: "Updated Identity", + }, + { + name: "memory file change", + file: "memory/MEMORY.md", + contentV1: "# Memory\nUser likes Go.", + contentV2: "# Memory\nUser likes Rust.", + checkField: "User likes Rust", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + tmpDir := setupWorkspace(t, map[string]string{tt.file: tt.contentV1}) + defer os.RemoveAll(tmpDir) + + cb := NewContextBuilder(tmpDir) + + sp1 := cb.BuildSystemPromptWithCache() + + // Overwrite file and set future mtime to ensure detection. + // Use 2s offset for filesystem mtime resolution safety (some FS + // have 1s or coarser granularity, especially in CI containers). + fullPath := filepath.Join(tmpDir, tt.file) + os.WriteFile(fullPath, []byte(tt.contentV2), 0o644) + future := time.Now().Add(2 * time.Second) + os.Chtimes(fullPath, future, future) + + // Verify sourceFilesChangedLocked detects the mtime change + cb.systemPromptMutex.RLock() + changed := cb.sourceFilesChangedLocked() + cb.systemPromptMutex.RUnlock() + if !changed { + t.Fatalf("sourceFilesChangedLocked() should detect %s change", tt.file) + } + + // Should auto-rebuild without explicit InvalidateCache() + sp2 := cb.BuildSystemPromptWithCache() + if sp1 == sp2 { + t.Errorf("cache not rebuilt after %s change", tt.file) + } + if !strings.Contains(sp2, tt.checkField) { + t.Errorf("rebuilt prompt missing expected content %q", tt.checkField) + } + }) + } + + // Skills directory mtime change + t.Run("skills dir change", func(t *testing.T) { + tmpDir := setupWorkspace(t, nil) + defer os.RemoveAll(tmpDir) + + cb := NewContextBuilder(tmpDir) + _ = cb.BuildSystemPromptWithCache() // populate cache + + // Touch skills directory (simulate new skill installed) + skillsDir := filepath.Join(tmpDir, "skills") + future := time.Now().Add(2 * time.Second) + os.Chtimes(skillsDir, future, future) + + // Verify sourceFilesChangedLocked detects it (cache is rebuilt) + // We confirm by checking internal state: a second call should rebuild. + cb.systemPromptMutex.RLock() + changed := cb.sourceFilesChangedLocked() + cb.systemPromptMutex.RUnlock() + if !changed { + t.Error("sourceFilesChangedLocked() should detect skills dir mtime change") + } + }) +} + +// TestExplicitInvalidateCache verifies that InvalidateCache() forces a rebuild +// even when source files haven't changed (useful for tests and reload commands). +func TestExplicitInvalidateCache(t *testing.T) { + tmpDir := setupWorkspace(t, map[string]string{ + "IDENTITY.md": "# Test Identity", + }) + defer os.RemoveAll(tmpDir) + + cb := NewContextBuilder(tmpDir) + + sp1 := cb.BuildSystemPromptWithCache() + cb.InvalidateCache() + sp2 := cb.BuildSystemPromptWithCache() + + if sp1 != sp2 { + t.Error("prompt should be identical after invalidate+rebuild when files unchanged") + } + + // Verify cachedAt was reset + cb.InvalidateCache() + cb.systemPromptMutex.RLock() + if !cb.cachedAt.IsZero() { + t.Error("cachedAt should be zero after InvalidateCache()") + } + cb.systemPromptMutex.RUnlock() +} + +// TestCacheStability verifies that the static prompt is stable across repeated calls +// when no files change (regression test for issue #607). +func TestCacheStability(t *testing.T) { + tmpDir := setupWorkspace(t, map[string]string{ + "IDENTITY.md": "# Identity\nContent", + "SOUL.md": "# Soul\nContent", + }) + defer os.RemoveAll(tmpDir) + + cb := NewContextBuilder(tmpDir) + + results := make([]string, 5) + for i := range results { + results[i] = cb.BuildSystemPromptWithCache() + } + for i := 1; i < len(results); i++ { + if results[i] != results[0] { + t.Errorf("cached prompt changed between call 0 and %d", i) + } + } + + // Static prompt must NOT contain per-request data + if strings.Contains(results[0], "Current Time") { + t.Error("static cached prompt should not contain time (added dynamically)") + } +} + +// TestNewFileCreationInvalidatesCache verifies that creating a source file that +// did not exist when the cache was built triggers a cache rebuild. +// This catches the "from nothing to something" edge case that the old +// modifiedSince (return false on stat error) would miss. +func TestNewFileCreationInvalidatesCache(t *testing.T) { + tests := []struct { + name string + file string // relative path inside workspace + content string + checkField string // substring to verify in rebuilt prompt + }{ + { + name: "new bootstrap file", + file: "SOUL.md", + content: "# Soul\nBe kind and helpful.", + checkField: "Be kind and helpful", + }, + { + name: "new memory file", + file: "memory/MEMORY.md", + content: "# Memory\nUser prefers dark mode.", + checkField: "User prefers dark mode", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + // Start with an empty workspace (no bootstrap/memory files) + tmpDir := setupWorkspace(t, nil) + defer os.RemoveAll(tmpDir) + + cb := NewContextBuilder(tmpDir) + + // Populate cache ā€” file does not exist yet + sp1 := cb.BuildSystemPromptWithCache() + if strings.Contains(sp1, tt.checkField) { + t.Fatalf("prompt should not contain %q before file is created", tt.checkField) + } + + // Create the file after cache was built + fullPath := filepath.Join(tmpDir, tt.file) + os.MkdirAll(filepath.Dir(fullPath), 0o755) + if err := os.WriteFile(fullPath, []byte(tt.content), 0o644); err != nil { + t.Fatal(err) + } + // Set future mtime to guarantee detection + future := time.Now().Add(2 * time.Second) + os.Chtimes(fullPath, future, future) + + // Cache should auto-invalidate because file went from absent -> present + sp2 := cb.BuildSystemPromptWithCache() + if !strings.Contains(sp2, tt.checkField) { + t.Errorf("cache not invalidated on new file creation: expected %q in prompt", tt.checkField) + } + }) + } +} + +// TestSkillFileContentChange verifies that modifying a skill file's content +// (not just the directory structure) invalidates the cache. +// This is the scenario where directory mtime alone is insufficient ā€” on most +// filesystems, editing a file inside a directory does NOT update the parent +// directory's mtime. +func TestSkillFileContentChange(t *testing.T) { + skillMD := `--- +name: test-skill +description: "A test skill" +--- +# Test Skill v1 +Original content.` + + tmpDir := setupWorkspace(t, map[string]string{ + "skills/test-skill/SKILL.md": skillMD, + }) + defer os.RemoveAll(tmpDir) + + cb := NewContextBuilder(tmpDir) + + // Populate cache + sp1 := cb.BuildSystemPromptWithCache() + _ = sp1 // cache is warm + + // Modify the skill file content (without touching the skills/ directory) + updatedSkillMD := `--- +name: test-skill +description: "An updated test skill" +--- +# Test Skill v2 +Updated content.` + + skillPath := filepath.Join(tmpDir, "skills", "test-skill", "SKILL.md") + if err := os.WriteFile(skillPath, []byte(updatedSkillMD), 0o644); err != nil { + t.Fatal(err) + } + // Set future mtime on the skill file only (NOT the directory) + future := time.Now().Add(2 * time.Second) + os.Chtimes(skillPath, future, future) + + // Verify that sourceFilesChangedLocked detects the content change + cb.systemPromptMutex.RLock() + changed := cb.sourceFilesChangedLocked() + cb.systemPromptMutex.RUnlock() + if !changed { + t.Error("sourceFilesChangedLocked() should detect skill file content change") + } + + // Verify cache is actually rebuilt with new content + sp2 := cb.BuildSystemPromptWithCache() + if sp1 == sp2 && strings.Contains(sp1, "test-skill") { + // If the skill appeared in the prompt and the prompt didn't change, + // the cache was not invalidated. + t.Error("cache should be invalidated when skill file content changes") + } +} + +// TestConcurrentBuildSystemPromptWithCache verifies that multiple goroutines +// can safely call BuildSystemPromptWithCache concurrently without producing +// empty results, panics, or data races. +// Run with: go test -race ./pkg/agent/ -run TestConcurrentBuildSystemPromptWithCache +func TestConcurrentBuildSystemPromptWithCache(t *testing.T) { + tmpDir := setupWorkspace(t, map[string]string{ + "IDENTITY.md": "# Identity\nConcurrency test agent.", + "SOUL.md": "# Soul\nBe helpful.", + "memory/MEMORY.md": "# Memory\nUser prefers Go.", + "skills/demo/SKILL.md": "---\nname: demo\ndescription: \"demo skill\"\n---\n# Demo", + }) + defer os.RemoveAll(tmpDir) + + cb := NewContextBuilder(tmpDir) + + const goroutines = 20 + const iterations = 50 + + var wg sync.WaitGroup + errs := make(chan string, goroutines*iterations) + + for g := 0; g < goroutines; g++ { + wg.Add(1) + go func(id int) { + defer wg.Done() + for i := 0; i < iterations; i++ { + result := cb.BuildSystemPromptWithCache() + if result == "" { + errs <- "empty prompt returned" + return + } + if !strings.Contains(result, "picoclaw") { + errs <- "prompt missing identity" + return + } + + // Also exercise BuildMessages concurrently + msgs := cb.BuildMessages(nil, "", "hello", nil, "test", "chat") + if len(msgs) < 2 { + errs <- "BuildMessages returned fewer than 2 messages" + return + } + if msgs[0].Role != "system" { + errs <- "first message not system" + return + } + + // Occasionally invalidate to exercise the write path + if i%10 == 0 { + cb.InvalidateCache() + } + } + }(g) + } + + wg.Wait() + close(errs) + + for errMsg := range errs { + t.Errorf("concurrent access error: %s", errMsg) + } +} + +// BenchmarkBuildMessagesWithCache measures caching performance. + +// TestEmptyWorkspaceBaselineDetectsNewFiles verifies that when the cache is +// built on an empty workspace (no tracked files exist), creating a file +// afterwards still triggers cache invalidation. This validates the +// time.Unix(1, 0) fallback for maxMtime: any real file's mtime is after epoch, +// so fileChangedSince correctly detects the absent -> present transition AND +// the mtime comparison succeeds even without artificially inflated Chtimes. +func TestEmptyWorkspaceBaselineDetectsNewFiles(t *testing.T) { + // Empty workspace: no bootstrap files, no memory, no skills content. + tmpDir := setupWorkspace(t, nil) + defer os.RemoveAll(tmpDir) + + cb := NewContextBuilder(tmpDir) + + // Build cache ā€” all tracked files are absent, maxMtime falls back to epoch. + sp1 := cb.BuildSystemPromptWithCache() + + // Create a bootstrap file with natural mtime (no Chtimes manipulation). + // The file's mtime should be the current wall-clock time, which is + // strictly after time.Unix(1, 0). + soulPath := filepath.Join(tmpDir, "SOUL.md") + if err := os.WriteFile(soulPath, []byte("# Soul\nNewly created."), 0o644); err != nil { + t.Fatal(err) + } + + // Cache should detect the new file via existedAtCache (absent -> present). + cb.systemPromptMutex.RLock() + changed := cb.sourceFilesChangedLocked() + cb.systemPromptMutex.RUnlock() + if !changed { + t.Fatal("sourceFilesChangedLocked should detect newly created file on empty workspace") + } + + sp2 := cb.BuildSystemPromptWithCache() + if !strings.Contains(sp2, "Newly created") { + t.Error("rebuilt prompt should contain new file content") + } + if sp1 == sp2 { + t.Error("cache should have been invalidated after file creation") + } +} + +// BenchmarkBuildMessagesWithCache measures caching performance. +func BenchmarkBuildMessagesWithCache(b *testing.B) { + tmpDir, _ := os.MkdirTemp("", "picoclaw-bench-*") + defer os.RemoveAll(tmpDir) + + os.MkdirAll(filepath.Join(tmpDir, "memory"), 0o755) + os.MkdirAll(filepath.Join(tmpDir, "skills"), 0o755) + for _, name := range []string{"IDENTITY.md", "SOUL.md", "USER.md"} { + os.WriteFile(filepath.Join(tmpDir, name), []byte(strings.Repeat("Content.\n", 10)), 0o644) + } + + cb := NewContextBuilder(tmpDir) + history := []providers.Message{ + {Role: "user", Content: "previous message"}, + {Role: "assistant", Content: "previous response"}, + } + + b.ResetTimer() + for i := 0; i < b.N; i++ { + _ = cb.BuildMessages(history, "summary", "new message", nil, "cli", "test") + } +} diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index dbc4a9b87..c40d46ef5 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -524,8 +524,9 @@ func (al *AgentLoop) runLLMIteration( fbResult, fbErr := al.fallback.Execute(ctx, agent.Candidates, func(ctx context.Context, provider, model string) (*providers.LLMResponse, error) { return agent.Provider.Chat(ctx, messages, providerToolDefs, model, map[string]any{ - "max_tokens": agent.MaxTokens, - "temperature": agent.Temperature, + "max_tokens": agent.MaxTokens, + "temperature": agent.Temperature, + "prompt_cache_key": agent.ID, }) }, ) @@ -540,8 +541,9 @@ func (al *AgentLoop) runLLMIteration( return fbResult.Response, nil } return agent.Provider.Chat(ctx, messages, providerToolDefs, agent.Model, map[string]any{ - "max_tokens": agent.MaxTokens, - "temperature": agent.Temperature, + "max_tokens": agent.MaxTokens, + "temperature": agent.Temperature, + "prompt_cache_key": agent.ID, }) } @@ -962,8 +964,9 @@ func (al *AgentLoop) summarizeSession(agent *AgentInstance, sessionKey string) { nil, agent.Model, map[string]any{ - "max_tokens": 1024, - "temperature": 0.3, + "max_tokens": 1024, + "temperature": 0.3, + "prompt_cache_key": agent.ID, }, ) if err == nil { @@ -1012,8 +1015,9 @@ func (al *AgentLoop) summarizeBatch( nil, agent.Model, map[string]any{ - "max_tokens": 1024, - "temperature": 0.3, + "max_tokens": 1024, + "temperature": 0.3, + "prompt_cache_key": agent.ID, }, ) if err != nil { diff --git a/pkg/providers/anthropic/provider.go b/pkg/providers/anthropic/provider.go index 35f6b8f62..9162174c9 100644 --- a/pkg/providers/anthropic/provider.go +++ b/pkg/providers/anthropic/provider.go @@ -113,7 +113,20 @@ func buildParams( for _, msg := range messages { switch msg.Role { case "system": - system = append(system, anthropic.TextBlockParam{Text: msg.Content}) + // Prefer structured SystemParts for per-block cache_control. + // This enables LLM-side KV cache reuse: the static block's prefix + // hash stays stable across requests while dynamic parts change freely. + if len(msg.SystemParts) > 0 { + for _, part := range msg.SystemParts { + block := anthropic.TextBlockParam{Text: part.Text} + if part.CacheControl != nil && part.CacheControl.Type == "ephemeral" { + block.CacheControl = anthropic.NewCacheControlEphemeralParam() + } + system = append(system, block) + } + } else { + system = append(system, anthropic.TextBlockParam{Text: msg.Content}) + } case "user": if msg.ToolCallID != "" { anthropicMessages = append(anthropicMessages, diff --git a/pkg/providers/codex_provider.go b/pkg/providers/codex_provider.go index ecc983642..ae261710b 100644 --- a/pkg/providers/codex_provider.go +++ b/pkg/providers/codex_provider.go @@ -208,6 +208,11 @@ func buildCodexParams( for _, msg := range messages { switch msg.Role { case "system": + // Use the full concatenated system prompt (static + dynamic + summary) + // as instructions. This keeps behavior consistent with Anthropic and + // OpenAI-compat adapters where the complete system context lives in + // one place. Prefix caching is handled by prompt_cache_key below, + // not by splitting content across instructions vs input messages. instructions = msg.Content case "user": if msg.ToolCallID != "" { @@ -289,6 +294,13 @@ func buildCodexParams( params.Instructions = openai.Opt(defaultCodexInstructions) } + // Prompt caching: pass a stable cache key so OpenAI can bucket requests + // and reuse prefix KV cache across calls with the same key. + // See: https://platform.openai.com/docs/guides/prompt-caching + if cacheKey, ok := options["prompt_cache_key"].(string); ok && cacheKey != "" { + params.PromptCacheKey = openai.Opt(cacheKey) + } + if len(tools) > 0 || enableWebSearch { params.Tools = translateToolsForCodex(tools, enableWebSearch) } diff --git a/pkg/providers/openai_compat/provider.go b/pkg/providers/openai_compat/provider.go index d2412ae1b..a8d244d4a 100644 --- a/pkg/providers/openai_compat/provider.go +++ b/pkg/providers/openai_compat/provider.go @@ -77,7 +77,7 @@ func (p *Provider) Chat( requestBody := map[string]any{ "model": model, - "messages": messages, + "messages": stripSystemParts(messages), } if len(tools) > 0 { @@ -111,6 +111,14 @@ func (p *Provider) Chat( } } + // Prompt caching: pass a stable cache key so OpenAI can bucket requests + // with the same key and reuse prefix KV cache across calls. + // The key is typically the agent ID ā€” stable per agent, shared across requests. + // See: https://platform.openai.com/docs/guides/prompt-caching + if cacheKey, ok := options["prompt_cache_key"].(string); ok && cacheKey != "" { + requestBody["prompt_cache_key"] = cacheKey + } + jsonData, err := json.Marshal(requestBody) if err != nil { return nil, fmt.Errorf("failed to marshal request: %w", err) @@ -230,6 +238,32 @@ func parseResponse(body []byte) (*LLMResponse, error) { }, nil } +// openaiMessage is the wire-format message for OpenAI-compatible APIs. +// It mirrors protocoltypes.Message but omits SystemParts, which is an +// internal field that would be unknown to third-party endpoints. +type openaiMessage struct { + Role string `json:"role"` + Content string `json:"content"` + ToolCalls []ToolCall `json:"tool_calls,omitempty"` + ToolCallID string `json:"tool_call_id,omitempty"` +} + +// stripSystemParts converts []Message to []openaiMessage, dropping the +// SystemParts field so it doesn't leak into the JSON payload sent to +// OpenAI-compatible APIs (some strict endpoints reject unknown fields). +func stripSystemParts(messages []Message) []openaiMessage { + out := make([]openaiMessage, len(messages)) + for i, m := range messages { + out[i] = openaiMessage{ + Role: m.Role, + Content: m.Content, + ToolCalls: m.ToolCalls, + ToolCallID: m.ToolCallID, + } + } + return out +} + func normalizeModel(model, apiBase string) string { idx := strings.Index(model, "/") if idx == -1 { diff --git a/pkg/providers/protocoltypes/types.go b/pkg/providers/protocoltypes/types.go index 1d0ea6edd..4d927cde4 100644 --- a/pkg/providers/protocoltypes/types.go +++ b/pkg/providers/protocoltypes/types.go @@ -38,12 +38,28 @@ type UsageInfo struct { TotalTokens int `json:"total_tokens"` } +// CacheControl marks a content block for LLM-side prefix caching. +// Currently only "ephemeral" is supported (used by Anthropic). +type CacheControl struct { + Type string `json:"type"` // "ephemeral" +} + +// ContentBlock represents a structured segment of a system message. +// Adapters that understand SystemParts can use these blocks to set +// per-block cache control (e.g. Anthropic's cache_control: ephemeral). +type ContentBlock struct { + Type string `json:"type"` // "text" + Text string `json:"text"` + CacheControl *CacheControl `json:"cache_control,omitempty"` +} + type Message struct { - Role string `json:"role"` - Content string `json:"content"` - ReasoningContent string `json:"reasoning_content,omitempty"` - ToolCalls []ToolCall `json:"tool_calls,omitempty"` - ToolCallID string `json:"tool_call_id,omitempty"` + Role string `json:"role"` + Content string `json:"content"` + ReasoningContent string `json:"reasoning_content,omitempty"` + SystemParts []ContentBlock `json:"system_parts,omitempty"` // structured system blocks for cache-aware adapters + ToolCalls []ToolCall `json:"tool_calls,omitempty"` + ToolCallID string `json:"tool_call_id,omitempty"` } type ToolDefinition struct { diff --git a/pkg/providers/types.go b/pkg/providers/types.go index b2dda04a5..f0c168bc6 100644 --- a/pkg/providers/types.go +++ b/pkg/providers/types.go @@ -17,6 +17,8 @@ type ( ToolFunctionDefinition = protocoltypes.ToolFunctionDefinition ExtraContent = protocoltypes.ExtraContent GoogleExtra = protocoltypes.GoogleExtra + ContentBlock = protocoltypes.ContentBlock + CacheControl = protocoltypes.CacheControl ) type LLMProvider interface { diff --git a/pkg/tools/registry.go b/pkg/tools/registry.go index 6ecb8ae7c..d37a093a8 100644 --- a/pkg/tools/registry.go +++ b/pkg/tools/registry.go @@ -3,6 +3,7 @@ package tools import ( "context" "fmt" + "sort" "sync" "time" @@ -107,13 +108,27 @@ func (r *ToolRegistry) ExecuteWithContext( return result } +// sortedToolNames returns tool names in sorted order for deterministic iteration. +// This is critical for KV cache stability: non-deterministic map iteration would +// produce different system prompts and tool definitions on each call, invalidating +// the LLM's prefix cache even when no tools have changed. +func (r *ToolRegistry) sortedToolNames() []string { + names := make([]string, 0, len(r.tools)) + for name := range r.tools { + names = append(names, name) + } + sort.Strings(names) + return names +} + func (r *ToolRegistry) GetDefinitions() []map[string]any { r.mu.RLock() defer r.mu.RUnlock() - definitions := make([]map[string]any, 0, len(r.tools)) - for _, tool := range r.tools { - definitions = append(definitions, ToolToSchema(tool)) + sorted := r.sortedToolNames() + definitions := make([]map[string]any, 0, len(sorted)) + for _, name := range sorted { + definitions = append(definitions, ToolToSchema(r.tools[name])) } return definitions } @@ -124,8 +139,10 @@ func (r *ToolRegistry) ToProviderDefs() []providers.ToolDefinition { r.mu.RLock() defer r.mu.RUnlock() - definitions := make([]providers.ToolDefinition, 0, len(r.tools)) - for _, tool := range r.tools { + sorted := r.sortedToolNames() + definitions := make([]providers.ToolDefinition, 0, len(sorted)) + for _, name := range sorted { + tool := r.tools[name] schema := ToolToSchema(tool) // Safely extract nested values with type checks @@ -155,11 +172,7 @@ func (r *ToolRegistry) List() []string { r.mu.RLock() defer r.mu.RUnlock() - names := make([]string, 0, len(r.tools)) - for name := range r.tools { - names = append(names, name) - } - return names + return r.sortedToolNames() } // Count returns the number of registered tools. @@ -175,8 +188,10 @@ func (r *ToolRegistry) GetSummaries() []string { r.mu.RLock() defer r.mu.RUnlock() - summaries := make([]string, 0, len(r.tools)) - for _, tool := range r.tools { + sorted := r.sortedToolNames() + summaries := make([]string, 0, len(sorted)) + for _, name := range sorted { + tool := r.tools[name] summaries = append(summaries, fmt.Sprintf("- `%s` - %s", tool.Name(), tool.Description())) } return summaries From 85276057a0b1ef392062c74725f565bb35b4ce6b Mon Sep 17 00:00:00 2001 From: avaksru <33891999+avaksru@users.noreply.github.com> Date: Wed, 25 Feb 2026 10:32:50 +0300 Subject: [PATCH 63/88] Disable dockers_v2 section in goreleaser config Comment out dockers_v2 configuration in .goreleaser.yaml --- .goreleaser.yaml | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 2fcc43b8c..e3e64c4c8 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -40,21 +40,21 @@ builds: - goos: windows goarch: arm -dockers_v2: - - id: picoclaw - dockerfile: Dockerfile.goreleaser - ids: - - picoclaw - images: - - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/picoclaw" - - "docker.io/{{ .Env.DOCKERHUB_IMAGE_NAME }}" - tags: - - "{{ .Tag }}" - - "latest" - platforms: - - linux/amd64 - - linux/arm64 - - linux/riscv64 +#dockers_v2: +# - id: picoclaw +# dockerfile: Dockerfile.goreleaser +# ids: +# - picoclaw +# images: +# - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/picoclaw" +# - "docker.io/{{ .Env.DOCKERHUB_IMAGE_NAME }}" +# tags: +# - "{{ .Tag }}" +# - "latest" +# platforms: +# - linux/amd64 +# - linux/arm64 +# - linux/riscv64 archives: - formats: [tar.gz] From edc78191c9e5b233395d24acf3fdbda02e762eef Mon Sep 17 00:00:00 2001 From: Zhaoyikaiii Date: Wed, 25 Feb 2026 15:36:54 +0800 Subject: [PATCH 64/88] style: fix gci formatting in protocoltypes/types.go --- pkg/providers/protocoltypes/types.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/providers/protocoltypes/types.go b/pkg/providers/protocoltypes/types.go index 4d927cde4..33f052c5a 100644 --- a/pkg/providers/protocoltypes/types.go +++ b/pkg/providers/protocoltypes/types.go @@ -48,7 +48,7 @@ type CacheControl struct { // Adapters that understand SystemParts can use these blocks to set // per-block cache control (e.g. Anthropic's cache_control: ephemeral). type ContentBlock struct { - Type string `json:"type"` // "text" + Type string `json:"type"` // "text" Text string `json:"text"` CacheControl *CacheControl `json:"cache_control,omitempty"` } From 73f27803d4b573541f2df6631d4569e149a7753a Mon Sep 17 00:00:00 2001 From: Ruslan Semagin Date: Wed, 25 Feb 2026 10:47:45 +0300 Subject: [PATCH 65/88] refactor(cli): migrate to Cobra-based command structure (#429) * refactor(cli): migrate to Cobra-based command structure Refactor CLI to use Cobra instead of manual os.Args parsing. - Introduce root command and structured subcommands under cmd/picoclaw/internal - Convert agent, auth, cron, gateway, migrate, onboard, skills, status and version to Cobra commands - Replace manual flag parsing with Cobra flags - Remove direct os.Args usage from command handlers - Keep existing command behavior and output semantics This change focuses on CLI structure and maintainability. No business logic changes intended. * chore(cli): remove version2 alias and make cobra a direct dependency * test(cli): add basic command tests - Add tests for CLI command tree and flag parsing - Align LDFLAGS injection path for version info - Remove unused manual help function * test: migrate command tests to testify assertions Replace standard library testing error checks (t.Error*, t.Fatalf) with assert/require from stretchr/testify across all cobra command tests for improved readability and consistency. * fix(cli): make linter happy * test: avoid duplication in windows config path test * test: simplify allowed command checks using slices.Contains * fix(skills): register subcommands during command construction - Move subcommand registration out of PersistentPreRunE - Ensure `picoclaw skills ` resolves correctly - Minor install command and test cleanups * refactor(cli): address review feedback and improve command clarity * fix(authLogoutCmd): rm os.Exit --- .gitignore | 2 +- .goreleaser.yaml | 8 +- Makefile | 3 +- cmd/picoclaw/cmd_cron.go | 227 ------------------ cmd/picoclaw/cmd_migrate.go | 81 ------- cmd/picoclaw/internal/agent/command.go | 30 +++ cmd/picoclaw/internal/agent/command_test.go | 33 +++ .../agent/helpers.go} | 76 +++--- cmd/picoclaw/internal/auth/command.go | 22 ++ cmd/picoclaw/internal/auth/command_test.go | 55 +++++ .../{cmd_auth.go => internal/auth/helpers.go} | 223 ++++++----------- cmd/picoclaw/internal/auth/login.go | 25 ++ cmd/picoclaw/internal/auth/login_test.go | 29 +++ cmd/picoclaw/internal/auth/logout.go | 20 ++ cmd/picoclaw/internal/auth/logout_test.go | 20 ++ cmd/picoclaw/internal/auth/models.go | 15 ++ cmd/picoclaw/internal/auth/models_test.go | 19 ++ cmd/picoclaw/internal/auth/status.go | 16 ++ cmd/picoclaw/internal/auth/status_test.go | 18 ++ cmd/picoclaw/internal/cron/add.go | 64 +++++ cmd/picoclaw/internal/cron/add_test.go | 57 +++++ cmd/picoclaw/internal/cron/command.go | 44 ++++ cmd/picoclaw/internal/cron/command_test.go | 58 +++++ cmd/picoclaw/internal/cron/disable.go | 16 ++ cmd/picoclaw/internal/cron/disable_test.go | 20 ++ cmd/picoclaw/internal/cron/enable.go | 16 ++ cmd/picoclaw/internal/cron/enable_test.go | 20 ++ cmd/picoclaw/internal/cron/helpers.go | 66 +++++ cmd/picoclaw/internal/cron/list.go | 17 ++ cmd/picoclaw/internal/cron/list_test.go | 17 ++ cmd/picoclaw/internal/cron/remove.go | 18 ++ cmd/picoclaw/internal/cron/remove_test.go | 19 ++ cmd/picoclaw/internal/gateway/command.go | 23 ++ cmd/picoclaw/internal/gateway/command_test.go | 31 +++ .../gateway/helpers.go} | 36 ++- cmd/picoclaw/internal/helpers.go | 54 +++++ cmd/picoclaw/internal/helpers_test.go | 97 ++++++++ cmd/picoclaw/internal/migrate/command.go | 48 ++++ cmd/picoclaw/internal/migrate/command_test.go | 38 +++ cmd/picoclaw/internal/onboard/command.go | 24 ++ cmd/picoclaw/internal/onboard/command_test.go | 29 +++ .../onboard/helpers.go} | 29 +-- cmd/picoclaw/internal/skills/command.go | 79 ++++++ cmd/picoclaw/internal/skills/command_test.go | 28 +++ .../skills/helpers.go} | 116 ++++----- cmd/picoclaw/internal/skills/install.go | 58 +++++ cmd/picoclaw/internal/skills/install_test.go | 28 +++ .../internal/skills/installbuiltin.go | 21 ++ .../internal/skills/installbuiltin_test.go | 27 +++ cmd/picoclaw/internal/skills/list.go | 25 ++ cmd/picoclaw/internal/skills/list_test.go | 27 +++ cmd/picoclaw/internal/skills/listbuiltin.go | 16 ++ .../internal/skills/listbuiltin_test.go | 26 ++ cmd/picoclaw/internal/skills/remove.go | 27 +++ cmd/picoclaw/internal/skills/remove_test.go | 29 +++ cmd/picoclaw/internal/skills/search.go | 24 ++ cmd/picoclaw/internal/skills/search_test.go | 25 ++ cmd/picoclaw/internal/skills/show.go | 26 ++ cmd/picoclaw/internal/skills/show_test.go | 27 +++ cmd/picoclaw/internal/status/command.go | 18 ++ cmd/picoclaw/internal/status/command_test.go | 29 +++ .../status/helpers.go} | 16 +- cmd/picoclaw/internal/version/command.go | 33 +++ cmd/picoclaw/internal/version/command_test.go | 31 +++ cmd/picoclaw/main.go | 207 +++------------- cmd/picoclaw/main_test.go | 56 +++++ go.mod | 3 + go.sum | 10 + 68 files changed, 1978 insertions(+), 797 deletions(-) delete mode 100644 cmd/picoclaw/cmd_cron.go delete mode 100644 cmd/picoclaw/cmd_migrate.go create mode 100644 cmd/picoclaw/internal/agent/command.go create mode 100644 cmd/picoclaw/internal/agent/command_test.go rename cmd/picoclaw/{cmd_agent.go => internal/agent/helpers.go} (70%) create mode 100644 cmd/picoclaw/internal/auth/command.go create mode 100644 cmd/picoclaw/internal/auth/command_test.go rename cmd/picoclaw/{cmd_auth.go => internal/auth/helpers.go} (67%) create mode 100644 cmd/picoclaw/internal/auth/login.go create mode 100644 cmd/picoclaw/internal/auth/login_test.go create mode 100644 cmd/picoclaw/internal/auth/logout.go create mode 100644 cmd/picoclaw/internal/auth/logout_test.go create mode 100644 cmd/picoclaw/internal/auth/models.go create mode 100644 cmd/picoclaw/internal/auth/models_test.go create mode 100644 cmd/picoclaw/internal/auth/status.go create mode 100644 cmd/picoclaw/internal/auth/status_test.go create mode 100644 cmd/picoclaw/internal/cron/add.go create mode 100644 cmd/picoclaw/internal/cron/add_test.go create mode 100644 cmd/picoclaw/internal/cron/command.go create mode 100644 cmd/picoclaw/internal/cron/command_test.go create mode 100644 cmd/picoclaw/internal/cron/disable.go create mode 100644 cmd/picoclaw/internal/cron/disable_test.go create mode 100644 cmd/picoclaw/internal/cron/enable.go create mode 100644 cmd/picoclaw/internal/cron/enable_test.go create mode 100644 cmd/picoclaw/internal/cron/helpers.go create mode 100644 cmd/picoclaw/internal/cron/list.go create mode 100644 cmd/picoclaw/internal/cron/list_test.go create mode 100644 cmd/picoclaw/internal/cron/remove.go create mode 100644 cmd/picoclaw/internal/cron/remove_test.go create mode 100644 cmd/picoclaw/internal/gateway/command.go create mode 100644 cmd/picoclaw/internal/gateway/command_test.go rename cmd/picoclaw/{cmd_gateway.go => internal/gateway/helpers.go} (91%) create mode 100644 cmd/picoclaw/internal/helpers.go create mode 100644 cmd/picoclaw/internal/helpers_test.go create mode 100644 cmd/picoclaw/internal/migrate/command.go create mode 100644 cmd/picoclaw/internal/migrate/command_test.go create mode 100644 cmd/picoclaw/internal/onboard/command.go create mode 100644 cmd/picoclaw/internal/onboard/command_test.go rename cmd/picoclaw/{cmd_onboard.go => internal/onboard/helpers.go} (90%) create mode 100644 cmd/picoclaw/internal/skills/command.go create mode 100644 cmd/picoclaw/internal/skills/command_test.go rename cmd/picoclaw/{cmd_skills.go => internal/skills/helpers.go} (72%) create mode 100644 cmd/picoclaw/internal/skills/install.go create mode 100644 cmd/picoclaw/internal/skills/install_test.go create mode 100644 cmd/picoclaw/internal/skills/installbuiltin.go create mode 100644 cmd/picoclaw/internal/skills/installbuiltin_test.go create mode 100644 cmd/picoclaw/internal/skills/list.go create mode 100644 cmd/picoclaw/internal/skills/list_test.go create mode 100644 cmd/picoclaw/internal/skills/listbuiltin.go create mode 100644 cmd/picoclaw/internal/skills/listbuiltin_test.go create mode 100644 cmd/picoclaw/internal/skills/remove.go create mode 100644 cmd/picoclaw/internal/skills/remove_test.go create mode 100644 cmd/picoclaw/internal/skills/search.go create mode 100644 cmd/picoclaw/internal/skills/search_test.go create mode 100644 cmd/picoclaw/internal/skills/show.go create mode 100644 cmd/picoclaw/internal/skills/show_test.go create mode 100644 cmd/picoclaw/internal/status/command.go create mode 100644 cmd/picoclaw/internal/status/command_test.go rename cmd/picoclaw/{cmd_status.go => internal/status/helpers.go} (90%) create mode 100644 cmd/picoclaw/internal/version/command.go create mode 100644 cmd/picoclaw/internal/version/command_test.go create mode 100644 cmd/picoclaw/main_test.go diff --git a/.gitignore b/.gitignore index ce30d749e..3ff195fbf 100644 --- a/.gitignore +++ b/.gitignore @@ -10,7 +10,7 @@ build/ *.out /picoclaw /picoclaw-test -cmd/picoclaw/workspace +cmd/**/workspace # Picoclaw specific diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 2c47f7d86..b9357aa2e 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -15,10 +15,10 @@ builds: - stdjson ldflags: - -s -w - - -X main.version={{ .Version }} - - -X main.gitCommit={{ .ShortCommit }} - - -X main.buildTime={{ .Date }} - - -X main.goVersion={{ .Env.GOVERSION }} + - -X github.com/sipeed/picoclaw/cmd/picoclaw/internal.version={{ .Version }} + - -X github.com/sipeed/picoclaw/cmd/picoclaw/internal.gitCommit={{ .ShortCommit }} + - -X github.com/sipeed/picoclaw/cmd/picoclaw/internal.buildTime={{ .Date }} + - -X github.com/sipeed/picoclaw/cmd/picoclaw/internal.goVersion={{ .Env.GOVERSION }} goos: - linux - windows diff --git a/Makefile b/Makefile index 576152f40..7bf05a2eb 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,8 @@ VERSION?=$(shell git describe --tags --always --dirty 2>/dev/null || echo "dev") GIT_COMMIT=$(shell git rev-parse --short=8 HEAD 2>/dev/null || echo "dev") BUILD_TIME=$(shell date +%FT%T%z) GO_VERSION=$(shell $(GO) version | awk '{print $$3}') -LDFLAGS=-ldflags "-X main.version=$(VERSION) -X main.gitCommit=$(GIT_COMMIT) -X main.buildTime=$(BUILD_TIME) -X main.goVersion=$(GO_VERSION) -s -w" +INTERNAL=github.com/sipeed/picoclaw/cmd/picoclaw/internal +LDFLAGS=-ldflags "-X $(INTERNAL).version=$(VERSION) -X $(INTERNAL).gitCommit=$(GIT_COMMIT) -X $(INTERNAL).buildTime=$(BUILD_TIME) -X $(INTERNAL).goVersion=$(GO_VERSION) -s -w" # Go variables GO?=CGO_ENABLED=0 go diff --git a/cmd/picoclaw/cmd_cron.go b/cmd/picoclaw/cmd_cron.go deleted file mode 100644 index 8c42bde06..000000000 --- a/cmd/picoclaw/cmd_cron.go +++ /dev/null @@ -1,227 +0,0 @@ -// PicoClaw - Ultra-lightweight personal AI agent -// License: MIT - -package main - -import ( - "fmt" - "os" - "path/filepath" - "time" - - "github.com/sipeed/picoclaw/pkg/cron" -) - -func cronCmd() { - if len(os.Args) < 3 { - cronHelp() - return - } - - subcommand := os.Args[2] - - // Load config to get workspace path - cfg, err := loadConfig() - if err != nil { - fmt.Printf("Error loading config: %v\n", err) - return - } - - cronStorePath := filepath.Join(cfg.WorkspacePath(), "cron", "jobs.json") - - switch subcommand { - case "list": - cronListCmd(cronStorePath) - case "add": - cronAddCmd(cronStorePath) - case "remove": - if len(os.Args) < 4 { - fmt.Println("Usage: picoclaw cron remove ") - return - } - cronRemoveCmd(cronStorePath, os.Args[3]) - case "enable": - cronEnableCmd(cronStorePath, false) - case "disable": - cronEnableCmd(cronStorePath, true) - default: - fmt.Printf("Unknown cron command: %s\n", subcommand) - cronHelp() - } -} - -func cronHelp() { - fmt.Println("\nCron commands:") - fmt.Println(" list List all scheduled jobs") - fmt.Println(" add Add a new scheduled job") - fmt.Println(" remove Remove a job by ID") - fmt.Println(" enable Enable a job") - fmt.Println(" disable Disable a job") - fmt.Println() - fmt.Println("Add options:") - fmt.Println(" -n, --name Job name") - fmt.Println(" -m, --message Message for agent") - fmt.Println(" -e, --every Run every N seconds") - fmt.Println(" -c, --cron Cron expression (e.g. '0 9 * * *')") - fmt.Println(" -d, --deliver Deliver response to channel") - fmt.Println(" --to Recipient for delivery") - fmt.Println(" --channel Channel for delivery") -} - -func cronListCmd(storePath string) { - cs := cron.NewCronService(storePath, nil) - jobs := cs.ListJobs(true) // Show all jobs, including disabled - - if len(jobs) == 0 { - fmt.Println("No scheduled jobs.") - return - } - - fmt.Println("\nScheduled Jobs:") - fmt.Println("----------------") - for _, job := range jobs { - var schedule string - if job.Schedule.Kind == "every" && job.Schedule.EveryMS != nil { - schedule = fmt.Sprintf("every %ds", *job.Schedule.EveryMS/1000) - } else if job.Schedule.Kind == "cron" { - schedule = job.Schedule.Expr - } else { - schedule = "one-time" - } - - nextRun := "scheduled" - if job.State.NextRunAtMS != nil { - nextTime := time.UnixMilli(*job.State.NextRunAtMS) - nextRun = nextTime.Format("2006-01-02 15:04") - } - - status := "enabled" - if !job.Enabled { - status = "disabled" - } - - fmt.Printf(" %s (%s)\n", job.Name, job.ID) - fmt.Printf(" Schedule: %s\n", schedule) - fmt.Printf(" Status: %s\n", status) - fmt.Printf(" Next run: %s\n", nextRun) - } -} - -func cronAddCmd(storePath string) { - name := "" - message := "" - var everySec *int64 - cronExpr := "" - deliver := false - channel := "" - to := "" - - args := os.Args[3:] - for i := 0; i < len(args); i++ { - switch args[i] { - case "-n", "--name": - if i+1 < len(args) { - name = args[i+1] - i++ - } - case "-m", "--message": - if i+1 < len(args) { - message = args[i+1] - i++ - } - case "-e", "--every": - if i+1 < len(args) { - var sec int64 - fmt.Sscanf(args[i+1], "%d", &sec) - everySec = &sec - i++ - } - case "-c", "--cron": - if i+1 < len(args) { - cronExpr = args[i+1] - i++ - } - case "-d", "--deliver": - deliver = true - case "--to": - if i+1 < len(args) { - to = args[i+1] - i++ - } - case "--channel": - if i+1 < len(args) { - channel = args[i+1] - i++ - } - } - } - - if name == "" { - fmt.Println("Error: --name is required") - return - } - - if message == "" { - fmt.Println("Error: --message is required") - return - } - - if everySec == nil && cronExpr == "" { - fmt.Println("Error: Either --every or --cron must be specified") - return - } - - var schedule cron.CronSchedule - if everySec != nil { - everyMS := *everySec * 1000 - schedule = cron.CronSchedule{ - Kind: "every", - EveryMS: &everyMS, - } - } else { - schedule = cron.CronSchedule{ - Kind: "cron", - Expr: cronExpr, - } - } - - cs := cron.NewCronService(storePath, nil) - job, err := cs.AddJob(name, schedule, message, deliver, channel, to) - if err != nil { - fmt.Printf("Error adding job: %v\n", err) - return - } - - fmt.Printf("āœ“ Added job '%s' (%s)\n", job.Name, job.ID) -} - -func cronRemoveCmd(storePath, jobID string) { - cs := cron.NewCronService(storePath, nil) - if cs.RemoveJob(jobID) { - fmt.Printf("āœ“ Removed job %s\n", jobID) - } else { - fmt.Printf("āœ— Job %s not found\n", jobID) - } -} - -func cronEnableCmd(storePath string, disable bool) { - if len(os.Args) < 4 { - fmt.Println("Usage: picoclaw cron enable/disable ") - return - } - - jobID := os.Args[3] - cs := cron.NewCronService(storePath, nil) - enabled := !disable - - job := cs.EnableJob(jobID, enabled) - if job != nil { - status := "enabled" - if disable { - status = "disabled" - } - fmt.Printf("āœ“ Job '%s' %s\n", job.Name, status) - } else { - fmt.Printf("āœ— Job %s not found\n", jobID) - } -} diff --git a/cmd/picoclaw/cmd_migrate.go b/cmd/picoclaw/cmd_migrate.go deleted file mode 100644 index 86d4903ef..000000000 --- a/cmd/picoclaw/cmd_migrate.go +++ /dev/null @@ -1,81 +0,0 @@ -// PicoClaw - Ultra-lightweight personal AI agent -// License: MIT - -package main - -import ( - "fmt" - "os" - - "github.com/sipeed/picoclaw/pkg/migrate" -) - -func migrateCmd() { - if len(os.Args) > 2 && (os.Args[2] == "--help" || os.Args[2] == "-h") { - migrateHelp() - return - } - - opts := migrate.Options{} - - args := os.Args[2:] - for i := 0; i < len(args); i++ { - switch args[i] { - case "--dry-run": - opts.DryRun = true - case "--config-only": - opts.ConfigOnly = true - case "--workspace-only": - opts.WorkspaceOnly = true - case "--force": - opts.Force = true - case "--refresh": - opts.Refresh = true - case "--openclaw-home": - if i+1 < len(args) { - opts.OpenClawHome = args[i+1] - i++ - } - case "--picoclaw-home": - if i+1 < len(args) { - opts.PicoClawHome = args[i+1] - i++ - } - default: - fmt.Printf("Unknown flag: %s\n", args[i]) - migrateHelp() - os.Exit(1) - } - } - - result, err := migrate.Run(opts) - if err != nil { - fmt.Printf("Error: %v\n", err) - os.Exit(1) - } - - if !opts.DryRun { - migrate.PrintSummary(result) - } -} - -func migrateHelp() { - fmt.Println("\nMigrate from OpenClaw to PicoClaw") - fmt.Println() - fmt.Println("Usage: picoclaw migrate [options]") - fmt.Println() - fmt.Println("Options:") - fmt.Println(" --dry-run Show what would be migrated without making changes") - fmt.Println(" --refresh Re-sync workspace files from OpenClaw (repeatable)") - fmt.Println(" --config-only Only migrate config, skip workspace files") - fmt.Println(" --workspace-only Only migrate workspace files, skip config") - fmt.Println(" --force Skip confirmation prompts") - fmt.Println(" --openclaw-home Override OpenClaw home directory (default: ~/.openclaw)") - fmt.Println(" --picoclaw-home Override PicoClaw home directory (default: ~/.picoclaw)") - fmt.Println() - fmt.Println("Examples:") - fmt.Println(" picoclaw migrate Detect and migrate from OpenClaw") - fmt.Println(" picoclaw migrate --dry-run Show what would be migrated") - fmt.Println(" picoclaw migrate --refresh Re-sync workspace files") - fmt.Println(" picoclaw migrate --force Migrate without confirmation") -} diff --git a/cmd/picoclaw/internal/agent/command.go b/cmd/picoclaw/internal/agent/command.go new file mode 100644 index 000000000..47262fc85 --- /dev/null +++ b/cmd/picoclaw/internal/agent/command.go @@ -0,0 +1,30 @@ +package agent + +import ( + "github.com/spf13/cobra" +) + +func NewAgentCommand() *cobra.Command { + var ( + message string + sessionKey string + model string + debug bool + ) + + cmd := &cobra.Command{ + Use: "agent", + Short: "Interact with the agent directly", + Args: cobra.NoArgs, + RunE: func(cmd *cobra.Command, _ []string) error { + return agentCmd(message, sessionKey, model, debug) + }, + } + + cmd.Flags().BoolVarP(&debug, "debug", "d", false, "Enable debug logging") + cmd.Flags().StringVarP(&message, "message", "m", "", "Send a single message (non-interactive mode)") + cmd.Flags().StringVarP(&sessionKey, "session", "s", "cli:default", "Session key") + cmd.Flags().StringVarP(&model, "model", "", "", "Model to use") + + return cmd +} diff --git a/cmd/picoclaw/internal/agent/command_test.go b/cmd/picoclaw/internal/agent/command_test.go new file mode 100644 index 000000000..1457d6a49 --- /dev/null +++ b/cmd/picoclaw/internal/agent/command_test.go @@ -0,0 +1,33 @@ +package agent + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewAgentCommand(t *testing.T) { + cmd := NewAgentCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "agent", cmd.Use) + assert.Equal(t, "Interact with the agent directly", cmd.Short) + + assert.Len(t, cmd.Aliases, 0) + assert.False(t, cmd.HasSubCommands()) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) + + assert.True(t, cmd.HasFlags()) + + assert.NotNil(t, cmd.Flags().Lookup("debug")) + assert.NotNil(t, cmd.Flags().Lookup("message")) + assert.NotNil(t, cmd.Flags().Lookup("session")) + assert.NotNil(t, cmd.Flags().Lookup("model")) +} diff --git a/cmd/picoclaw/cmd_agent.go b/cmd/picoclaw/internal/agent/helpers.go similarity index 70% rename from cmd/picoclaw/cmd_agent.go rename to cmd/picoclaw/internal/agent/helpers.go index 98ea51103..746e9755e 100644 --- a/cmd/picoclaw/cmd_agent.go +++ b/cmd/picoclaw/internal/agent/helpers.go @@ -1,7 +1,4 @@ -// PicoClaw - Ultra-lightweight personal AI agent -// License: MIT - -package main +package agent import ( "bufio" @@ -14,56 +11,37 @@ import ( "github.com/chzyer/readline" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" "github.com/sipeed/picoclaw/pkg/agent" "github.com/sipeed/picoclaw/pkg/bus" "github.com/sipeed/picoclaw/pkg/logger" "github.com/sipeed/picoclaw/pkg/providers" ) -func agentCmd() { - message := "" - sessionKey := "cli:default" - modelOverride := "" - - args := os.Args[2:] - for i := 0; i < len(args); i++ { - switch args[i] { - case "--debug", "-d": - logger.SetLevel(logger.DEBUG) - fmt.Println("šŸ” Debug mode enabled") - case "-m", "--message": - if i+1 < len(args) { - message = args[i+1] - i++ - } - case "-s", "--session": - if i+1 < len(args) { - sessionKey = args[i+1] - i++ - } - case "--model", "-model": - if i+1 < len(args) { - modelOverride = args[i+1] - i++ - } - } +func agentCmd(message, sessionKey, model string, debug bool) error { + if sessionKey == "" { + sessionKey = "cli:default" } - cfg, err := loadConfig() + if debug { + logger.SetLevel(logger.DEBUG) + fmt.Println("šŸ” Debug mode enabled") + } + + cfg, err := internal.LoadConfig() if err != nil { - fmt.Printf("Error loading config: %v\n", err) - os.Exit(1) + return fmt.Errorf("error loading config: %w", err) } - if modelOverride != "" { - cfg.Agents.Defaults.ModelName = modelOverride + if model != "" { + cfg.Agents.Defaults.ModelName = model } provider, modelID, err := providers.CreateProvider(cfg) if err != nil { - fmt.Printf("Error creating provider: %v\n", err) - os.Exit(1) + return fmt.Errorf("error creating provider: %w", err) } + // Use the resolved model ID from provider creation if modelID != "" { cfg.Agents.Defaults.ModelName = modelID @@ -85,18 +63,20 @@ func agentCmd() { ctx := context.Background() response, err := agentLoop.ProcessDirect(ctx, message, sessionKey) if err != nil { - fmt.Printf("Error: %v\n", err) - os.Exit(1) + return fmt.Errorf("error processing message: %w", err) } - fmt.Printf("\n%s %s\n", logo, response) - } else { - fmt.Printf("%s Interactive mode (Ctrl+C to exit)\n\n", logo) - interactiveMode(agentLoop, sessionKey) + fmt.Printf("\n%s %s\n", internal.Logo, response) + return nil } + + fmt.Printf("%s Interactive mode (Ctrl+C to exit)\n\n", internal.Logo) + interactiveMode(agentLoop, sessionKey) + + return nil } func interactiveMode(agentLoop *agent.AgentLoop, sessionKey string) { - prompt := fmt.Sprintf("%s You: ", logo) + prompt := fmt.Sprintf("%s You: ", internal.Logo) rl, err := readline.NewEx(&readline.Config{ Prompt: prompt, @@ -141,14 +121,14 @@ func interactiveMode(agentLoop *agent.AgentLoop, sessionKey string) { continue } - fmt.Printf("\n%s %s\n\n", logo, response) + fmt.Printf("\n%s %s\n\n", internal.Logo, response) } } func simpleInteractiveMode(agentLoop *agent.AgentLoop, sessionKey string) { reader := bufio.NewReader(os.Stdin) for { - fmt.Printf("%s You: ", logo) + fmt.Print(fmt.Sprintf("%s You: ", internal.Logo)) line, err := reader.ReadString('\n') if err != nil { if err == io.EOF { @@ -176,6 +156,6 @@ func simpleInteractiveMode(agentLoop *agent.AgentLoop, sessionKey string) { continue } - fmt.Printf("\n%s %s\n\n", logo, response) + fmt.Printf("\n%s %s\n\n", internal.Logo, response) } } diff --git a/cmd/picoclaw/internal/auth/command.go b/cmd/picoclaw/internal/auth/command.go new file mode 100644 index 000000000..12a0a3a8c --- /dev/null +++ b/cmd/picoclaw/internal/auth/command.go @@ -0,0 +1,22 @@ +package auth + +import "github.com/spf13/cobra" + +func NewAuthCommand() *cobra.Command { + cmd := &cobra.Command{ + Use: "auth", + Short: "Manage authentication (login, logout, status)", + RunE: func(cmd *cobra.Command, _ []string) error { + return cmd.Help() + }, + } + + cmd.AddCommand( + newLoginCommand(), + newLogoutCommand(), + newStatusCommand(), + newModelsCommand(), + ) + + return cmd +} diff --git a/cmd/picoclaw/internal/auth/command_test.go b/cmd/picoclaw/internal/auth/command_test.go new file mode 100644 index 000000000..48dc704dd --- /dev/null +++ b/cmd/picoclaw/internal/auth/command_test.go @@ -0,0 +1,55 @@ +package auth + +import ( + "slices" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewAuthCommand(t *testing.T) { + cmd := NewAuthCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "auth", cmd.Use) + assert.Equal(t, "Manage authentication (login, logout, status)", cmd.Short) + + assert.Len(t, cmd.Aliases, 0) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) + + assert.False(t, cmd.HasFlags()) + assert.True(t, cmd.HasSubCommands()) + + allowedCommands := []string{ + "login", + "logout", + "status", + "models", + } + + subcommands := cmd.Commands() + assert.Len(t, subcommands, len(allowedCommands)) + + for _, subcmd := range subcommands { + found := slices.Contains(allowedCommands, subcmd.Name()) + assert.True(t, found, "unexpected subcommand %q", subcmd.Name()) + + assert.Len(t, subcmd.Aliases, 0) + assert.False(t, subcmd.Hidden) + + assert.False(t, subcmd.HasSubCommands()) + + assert.Nil(t, subcmd.Run) + assert.NotNil(t, subcmd.RunE) + + assert.Nil(t, subcmd.PersistentPreRun) + assert.Nil(t, subcmd.PersistentPostRun) + } +} diff --git a/cmd/picoclaw/cmd_auth.go b/cmd/picoclaw/internal/auth/helpers.go similarity index 67% rename from cmd/picoclaw/cmd_auth.go rename to cmd/picoclaw/internal/auth/helpers.go index 55eb3cec3..633ce8740 100644 --- a/cmd/picoclaw/cmd_auth.go +++ b/cmd/picoclaw/internal/auth/helpers.go @@ -1,7 +1,4 @@ -// PicoClaw - Ultra-lightweight personal AI agent -// License: MIT - -package main +package auth import ( "encoding/json" @@ -12,92 +9,28 @@ import ( "strings" "time" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" "github.com/sipeed/picoclaw/pkg/auth" "github.com/sipeed/picoclaw/pkg/config" "github.com/sipeed/picoclaw/pkg/providers" ) -const supportedProvidersMsg = "Supported providers: openai, anthropic, google-antigravity" - -func authCmd() { - if len(os.Args) < 3 { - authHelp() - return - } - - switch os.Args[2] { - case "login": - authLoginCmd() - case "logout": - authLogoutCmd() - case "status": - authStatusCmd() - case "models": - authModelsCmd() - default: - fmt.Printf("Unknown auth command: %s\n", os.Args[2]) - authHelp() - } -} - -func authHelp() { - fmt.Println("\nAuth commands:") - fmt.Println(" login Login via OAuth or paste token") - fmt.Println(" logout Remove stored credentials") - fmt.Println(" status Show current auth status") - fmt.Println(" models List available Antigravity models") - fmt.Println() - fmt.Println("Login options:") - fmt.Println(" --provider Provider to login with (openai, anthropic, google-antigravity)") - fmt.Println(" --device-code Use device code flow (for headless environments)") - fmt.Println() - fmt.Println("Examples:") - fmt.Println(" picoclaw auth login --provider openai") - fmt.Println(" picoclaw auth login --provider openai --device-code") - fmt.Println(" picoclaw auth login --provider anthropic") - fmt.Println(" picoclaw auth login --provider google-antigravity") - fmt.Println(" picoclaw auth models") - fmt.Println(" picoclaw auth logout --provider openai") - fmt.Println(" picoclaw auth status") -} - -func authLoginCmd() { - provider := "" - useDeviceCode := false - - args := os.Args[3:] - for i := 0; i < len(args); i++ { - switch args[i] { - case "--provider", "-p": - if i+1 < len(args) { - provider = args[i+1] - i++ - } - case "--device-code": - useDeviceCode = true - } - } - - if provider == "" { - fmt.Println("Error: --provider is required") - fmt.Println(supportedProvidersMsg) - return - } +const supportedProvidersMsg = "supported providers: openai, anthropic, google-antigravity" +func authLoginCmd(provider string, useDeviceCode bool) error { switch provider { case "openai": - authLoginOpenAI(useDeviceCode) + return authLoginOpenAI(useDeviceCode) case "anthropic": - authLoginPasteToken(provider) + return authLoginPasteToken(provider) case "google-antigravity", "antigravity": - authLoginGoogleAntigravity() + return authLoginGoogleAntigravity() default: - fmt.Printf("Unsupported provider: %s\n", provider) - fmt.Println(supportedProvidersMsg) + return fmt.Errorf("unsupported provider: %s (%s)", provider, supportedProvidersMsg) } } -func authLoginOpenAI(useDeviceCode bool) { +func authLoginOpenAI(useDeviceCode bool) error { cfg := auth.OpenAIOAuthConfig() var cred *auth.AuthCredential @@ -110,16 +43,14 @@ func authLoginOpenAI(useDeviceCode bool) { } if err != nil { - fmt.Printf("Login failed: %v\n", err) - os.Exit(1) + return fmt.Errorf("login failed: %w", err) } if err = auth.SetCredential("openai", cred); err != nil { - fmt.Printf("Failed to save credentials: %v\n", err) - os.Exit(1) + return fmt.Errorf("failed to save credentials: %w", err) } - appCfg, err := loadConfig() + appCfg, err := internal.LoadConfig() if err == nil { // Update Providers (legacy format) appCfg.Providers.OpenAI.AuthMethod = "oauth" @@ -146,8 +77,8 @@ func authLoginOpenAI(useDeviceCode bool) { // Update default model to use OpenAI appCfg.Agents.Defaults.ModelName = "gpt-5.2" - if err := config.SaveConfig(getConfigPath(), appCfg); err != nil { - fmt.Printf("Warning: could not update config: %v\n", err) + if err = config.SaveConfig(internal.GetConfigPath(), appCfg); err != nil { + return fmt.Errorf("could not update config: %w", err) } } @@ -156,15 +87,16 @@ func authLoginOpenAI(useDeviceCode bool) { fmt.Printf("Account: %s\n", cred.AccountID) } fmt.Println("Default model set to: gpt-5.2") + + return nil } -func authLoginGoogleAntigravity() { +func authLoginGoogleAntigravity() error { cfg := auth.GoogleAntigravityOAuthConfig() cred, err := auth.LoginBrowser(cfg) if err != nil { - fmt.Printf("Login failed: %v\n", err) - os.Exit(1) + return fmt.Errorf("login failed: %w", err) } cred.Provider = "google-antigravity" @@ -189,11 +121,10 @@ func authLoginGoogleAntigravity() { } if err = auth.SetCredential("google-antigravity", cred); err != nil { - fmt.Printf("Failed to save credentials: %v\n", err) - os.Exit(1) + return fmt.Errorf("failed to save credentials: %w", err) } - appCfg, err := loadConfig() + appCfg, err := internal.LoadConfig() if err == nil { // Update Providers (legacy format, for backward compatibility) appCfg.Providers.Antigravity.AuthMethod = "oauth" @@ -220,7 +151,7 @@ func authLoginGoogleAntigravity() { // Update default model appCfg.Agents.Defaults.ModelName = "gemini-flash" - if err := config.SaveConfig(getConfigPath(), appCfg); err != nil { + if err := config.SaveConfig(internal.GetConfigPath(), appCfg); err != nil { fmt.Printf("Warning: could not update config: %v\n", err) } } @@ -228,6 +159,8 @@ func authLoginGoogleAntigravity() { fmt.Println("\nāœ“ Google Antigravity login successful!") fmt.Println("Default model set to: gemini-flash") fmt.Println("Try it: picoclaw agent -m \"Hello world\"") + + return nil } func fetchGoogleUserEmail(accessToken string) (string, error) { @@ -258,19 +191,17 @@ func fetchGoogleUserEmail(accessToken string) (string, error) { return userInfo.Email, nil } -func authLoginPasteToken(provider string) { +func authLoginPasteToken(provider string) error { cred, err := auth.LoginPasteToken(provider, os.Stdin) if err != nil { - fmt.Printf("Login failed: %v\n", err) - os.Exit(1) + return fmt.Errorf("login failed: %w", err) } if err = auth.SetCredential(provider, cred); err != nil { - fmt.Printf("Failed to save credentials: %v\n", err) - os.Exit(1) + return fmt.Errorf("failed to save credentials: %w", err) } - appCfg, err := loadConfig() + appCfg, err := internal.LoadConfig() if err == nil { switch provider { case "anthropic": @@ -314,36 +245,27 @@ func authLoginPasteToken(provider string) { // Update default model appCfg.Agents.Defaults.ModelName = "gpt-5.2" } - if err := config.SaveConfig(getConfigPath(), appCfg); err != nil { - fmt.Printf("Warning: could not update config: %v\n", err) + if err := config.SaveConfig(internal.GetConfigPath(), appCfg); err != nil { + return fmt.Errorf("could not update config: %w", err) } } fmt.Printf("Token saved for %s!\n", provider) - fmt.Printf("Default model set to: %s\n", appCfg.Agents.Defaults.GetModelName()) -} -func authLogoutCmd() { - provider := "" - - args := os.Args[3:] - for i := 0; i < len(args); i++ { - switch args[i] { - case "--provider", "-p": - if i+1 < len(args) { - provider = args[i+1] - i++ - } - } + if appCfg != nil { + fmt.Printf("Default model set to: %s\n", appCfg.Agents.Defaults.GetModelName()) } + return nil +} + +func authLogoutCmd(provider string) error { if provider != "" { if err := auth.DeleteCredential(provider); err != nil { - fmt.Printf("Failed to remove credentials: %v\n", err) - os.Exit(1) + return fmt.Errorf("failed to remove credentials: %w", err) } - appCfg, err := loadConfig() + appCfg, err := internal.LoadConfig() if err == nil { // Clear AuthMethod in ModelList for i := range appCfg.ModelList { @@ -371,44 +293,46 @@ func authLogoutCmd() { case "google-antigravity", "antigravity": appCfg.Providers.Antigravity.AuthMethod = "" } - config.SaveConfig(getConfigPath(), appCfg) + config.SaveConfig(internal.GetConfigPath(), appCfg) } fmt.Printf("Logged out from %s\n", provider) - } else { - if err := auth.DeleteAllCredentials(); err != nil { - fmt.Printf("Failed to remove credentials: %v\n", err) - os.Exit(1) - } - appCfg, err := loadConfig() - if err == nil { - // Clear all AuthMethods in ModelList - for i := range appCfg.ModelList { - appCfg.ModelList[i].AuthMethod = "" - } - // Clear all AuthMethods in Providers (legacy) - appCfg.Providers.OpenAI.AuthMethod = "" - appCfg.Providers.Anthropic.AuthMethod = "" - appCfg.Providers.Antigravity.AuthMethod = "" - config.SaveConfig(getConfigPath(), appCfg) - } - - fmt.Println("Logged out from all providers") + return nil } + + if err := auth.DeleteAllCredentials(); err != nil { + return fmt.Errorf("failed to remove credentials: %w", err) + } + + appCfg, err := internal.LoadConfig() + if err == nil { + // Clear all AuthMethods in ModelList + for i := range appCfg.ModelList { + appCfg.ModelList[i].AuthMethod = "" + } + // Clear all AuthMethods in Providers (legacy) + appCfg.Providers.OpenAI.AuthMethod = "" + appCfg.Providers.Anthropic.AuthMethod = "" + appCfg.Providers.Antigravity.AuthMethod = "" + config.SaveConfig(internal.GetConfigPath(), appCfg) + } + + fmt.Println("Logged out from all providers") + + return nil } -func authStatusCmd() { +func authStatusCmd() error { store, err := auth.LoadStore() if err != nil { - fmt.Printf("Error loading auth store: %v\n", err) - return + return fmt.Errorf("failed to load auth store: %w", err) } if len(store.Credentials) == 0 { fmt.Println("No authenticated providers.") fmt.Println("Run: picoclaw auth login --provider ") - return + return nil } fmt.Println("\nAuthenticated Providers:") @@ -437,14 +361,16 @@ func authStatusCmd() { fmt.Printf(" Expires: %s\n", cred.ExpiresAt.Format("2006-01-02 15:04")) } } + + return nil } -func authModelsCmd() { +func authModelsCmd() error { cred, err := auth.GetCredential("google-antigravity") if err != nil || cred == nil { - fmt.Println("Not logged in to Google Antigravity.") - fmt.Println("Run: picoclaw auth login --provider google-antigravity") - return + return fmt.Errorf( + "not logged in to Google Antigravity.\nrun: picoclaw auth login --provider google-antigravity", + ) } // Refresh token if needed @@ -459,21 +385,18 @@ func authModelsCmd() { projectID := cred.ProjectID if projectID == "" { - fmt.Println("No project ID stored. Try logging in again.") - return + return fmt.Errorf("no project id stored. Try logging in again") } fmt.Printf("Fetching models for project: %s\n\n", projectID) models, err := providers.FetchAntigravityModels(cred.AccessToken, projectID) if err != nil { - fmt.Printf("Error fetching models: %v\n", err) - return + return fmt.Errorf("error fetching models: %w", err) } if len(models) == 0 { - fmt.Println("No models available.") - return + return fmt.Errorf("no models available") } fmt.Println("Available Antigravity Models:") @@ -489,6 +412,8 @@ func authModelsCmd() { } fmt.Printf(" %s %s\n", status, name) } + + return nil } // isAntigravityModel checks if a model string belongs to antigravity provider diff --git a/cmd/picoclaw/internal/auth/login.go b/cmd/picoclaw/internal/auth/login.go new file mode 100644 index 000000000..9a6d28d2f --- /dev/null +++ b/cmd/picoclaw/internal/auth/login.go @@ -0,0 +1,25 @@ +package auth + +import "github.com/spf13/cobra" + +func newLoginCommand() *cobra.Command { + var ( + provider string + useDeviceCode bool + ) + + cmd := &cobra.Command{ + Use: "login", + Short: "Login via OAuth or paste token", + Args: cobra.NoArgs, + RunE: func(cmd *cobra.Command, _ []string) error { + return authLoginCmd(provider, useDeviceCode) + }, + } + + cmd.Flags().StringVarP(&provider, "provider", "p", "", "Provider to login with (openai, anthropic)") + cmd.Flags().BoolVar(&useDeviceCode, "device-code", false, "Use device code flow (for headless environments)") + _ = cmd.MarkFlagRequired("provider") + + return cmd +} diff --git a/cmd/picoclaw/internal/auth/login_test.go b/cmd/picoclaw/internal/auth/login_test.go new file mode 100644 index 000000000..d6a03c25b --- /dev/null +++ b/cmd/picoclaw/internal/auth/login_test.go @@ -0,0 +1,29 @@ +package auth + +import ( + "testing" + + "github.com/spf13/cobra" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewLoginSubCommand(t *testing.T) { + cmd := newLoginCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "Login via OAuth or paste token", cmd.Short) + + assert.True(t, cmd.HasFlags()) + + assert.NotNil(t, cmd.Flags().Lookup("device-code")) + + providerFlag := cmd.Flags().Lookup("provider") + require.NotNil(t, providerFlag) + + val, found := providerFlag.Annotations[cobra.BashCompOneRequiredFlag] + require.True(t, found) + require.NotEmpty(t, val) + assert.Equal(t, "true", val[0]) +} diff --git a/cmd/picoclaw/internal/auth/logout.go b/cmd/picoclaw/internal/auth/logout.go new file mode 100644 index 000000000..384667524 --- /dev/null +++ b/cmd/picoclaw/internal/auth/logout.go @@ -0,0 +1,20 @@ +package auth + +import "github.com/spf13/cobra" + +func newLogoutCommand() *cobra.Command { + var provider string + + cmd := &cobra.Command{ + Use: "logout", + Short: "Remove stored credentials", + Args: cobra.NoArgs, + RunE: func(cmd *cobra.Command, _ []string) error { + return authLogoutCmd(provider) + }, + } + + cmd.Flags().StringVarP(&provider, "provider", "p", "", "Provider to logout from (openai, anthropic); empty = all") + + return cmd +} diff --git a/cmd/picoclaw/internal/auth/logout_test.go b/cmd/picoclaw/internal/auth/logout_test.go new file mode 100644 index 000000000..c0f3a5e92 --- /dev/null +++ b/cmd/picoclaw/internal/auth/logout_test.go @@ -0,0 +1,20 @@ +package auth + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewLogoutSubcommand(t *testing.T) { + cmd := newLogoutCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "Remove stored credentials", cmd.Short) + + assert.True(t, cmd.HasFlags()) + + assert.NotNil(t, cmd.Flags().Lookup("provider")) +} diff --git a/cmd/picoclaw/internal/auth/models.go b/cmd/picoclaw/internal/auth/models.go new file mode 100644 index 000000000..cabe6822c --- /dev/null +++ b/cmd/picoclaw/internal/auth/models.go @@ -0,0 +1,15 @@ +package auth + +import "github.com/spf13/cobra" + +func newModelsCommand() *cobra.Command { + cmd := &cobra.Command{ + Use: "models", + Short: "Show available models", + RunE: func(_ *cobra.Command, _ []string) error { + return authModelsCmd() + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/auth/models_test.go b/cmd/picoclaw/internal/auth/models_test.go new file mode 100644 index 000000000..26ca67787 --- /dev/null +++ b/cmd/picoclaw/internal/auth/models_test.go @@ -0,0 +1,19 @@ +package auth + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewModelsCommand(t *testing.T) { + cmd := newModelsCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "models", cmd.Use) + assert.Equal(t, "Show available models", cmd.Short) + + assert.False(t, cmd.HasFlags()) +} diff --git a/cmd/picoclaw/internal/auth/status.go b/cmd/picoclaw/internal/auth/status.go new file mode 100644 index 000000000..ca3007d12 --- /dev/null +++ b/cmd/picoclaw/internal/auth/status.go @@ -0,0 +1,16 @@ +package auth + +import "github.com/spf13/cobra" + +func newStatusCommand() *cobra.Command { + cmd := &cobra.Command{ + Use: "status", + Short: "Show current auth status", + Args: cobra.NoArgs, + RunE: func(cmd *cobra.Command, _ []string) error { + return authStatusCmd() + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/auth/status_test.go b/cmd/picoclaw/internal/auth/status_test.go new file mode 100644 index 000000000..7748ba502 --- /dev/null +++ b/cmd/picoclaw/internal/auth/status_test.go @@ -0,0 +1,18 @@ +package auth + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewStatusSubcommand(t *testing.T) { + cmd := newStatusCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "Show current auth status", cmd.Short) + + assert.False(t, cmd.HasFlags()) +} diff --git a/cmd/picoclaw/internal/cron/add.go b/cmd/picoclaw/internal/cron/add.go new file mode 100644 index 000000000..947557d5a --- /dev/null +++ b/cmd/picoclaw/internal/cron/add.go @@ -0,0 +1,64 @@ +package cron + +import ( + "fmt" + + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/pkg/cron" +) + +func newAddCommand(storePath func() string) *cobra.Command { + var ( + name string + message string + every int64 + cronExp string + deliver bool + channel string + to string + ) + + cmd := &cobra.Command{ + Use: "add", + Short: "Add a new scheduled job", + Args: cobra.NoArgs, + RunE: func(cmd *cobra.Command, _ []string) error { + if every <= 0 && cronExp == "" { + return fmt.Errorf("either --every or --cron must be specified") + } + + var schedule cron.CronSchedule + if every > 0 { + everyMS := every * 1000 + schedule = cron.CronSchedule{Kind: "every", EveryMS: &everyMS} + } else { + schedule = cron.CronSchedule{Kind: "cron", Expr: cronExp} + } + + cs := cron.NewCronService(storePath(), nil) + job, err := cs.AddJob(name, schedule, message, deliver, channel, to) + if err != nil { + return fmt.Errorf("error adding job: %w", err) + } + + fmt.Printf("āœ“ Added job '%s' (%s)\n", job.Name, job.ID) + + return nil + }, + } + + cmd.Flags().StringVarP(&name, "name", "n", "", "Job name") + cmd.Flags().StringVarP(&message, "message", "m", "", "Message for agent") + cmd.Flags().Int64VarP(&every, "every", "e", 0, "Run every N seconds") + cmd.Flags().StringVarP(&cronExp, "cron", "c", "", "Cron expression (e.g. '0 9 * * *')") + cmd.Flags().BoolVarP(&deliver, "deliver", "d", false, "Deliver response to channel") + cmd.Flags().StringVar(&to, "to", "", "Recipient for delivery") + cmd.Flags().StringVar(&channel, "channel", "", "Channel for delivery") + + _ = cmd.MarkFlagRequired("name") + _ = cmd.MarkFlagRequired("message") + cmd.MarkFlagsMutuallyExclusive("every", "cron") + + return cmd +} diff --git a/cmd/picoclaw/internal/cron/add_test.go b/cmd/picoclaw/internal/cron/add_test.go new file mode 100644 index 000000000..09701fab5 --- /dev/null +++ b/cmd/picoclaw/internal/cron/add_test.go @@ -0,0 +1,57 @@ +package cron + +import ( + "testing" + + "github.com/spf13/cobra" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewAddSubcommand(t *testing.T) { + fn := func() string { return "" } + cmd := newAddCommand(fn) + + require.NotNil(t, cmd) + + assert.Equal(t, "add", cmd.Use) + assert.Equal(t, "Add a new scheduled job", cmd.Short) + + assert.True(t, cmd.HasFlags()) + + assert.NotNil(t, cmd.Flags().Lookup("every")) + assert.NotNil(t, cmd.Flags().Lookup("cron")) + assert.NotNil(t, cmd.Flags().Lookup("deliver")) + assert.NotNil(t, cmd.Flags().Lookup("to")) + assert.NotNil(t, cmd.Flags().Lookup("channel")) + + nameFlag := cmd.Flags().Lookup("name") + require.NotNil(t, nameFlag) + + messageFlag := cmd.Flags().Lookup("message") + require.NotNil(t, messageFlag) + + val, found := nameFlag.Annotations[cobra.BashCompOneRequiredFlag] + require.True(t, found) + require.NotEmpty(t, val) + assert.Equal(t, "true", val[0]) + + val, found = messageFlag.Annotations[cobra.BashCompOneRequiredFlag] + require.True(t, found) + require.NotEmpty(t, val) + assert.Equal(t, "true", val[0]) +} + +func TestNewAddCommandEveryAndCronMutuallyExclusive(t *testing.T) { + cmd := newAddCommand(func() string { return "testing" }) + + cmd.SetArgs([]string{ + "--name", "job", + "--message", "hello", + "--every", "10", + "--cron", "0 9 * * *", + }) + + err := cmd.Execute() + require.Error(t, err) +} diff --git a/cmd/picoclaw/internal/cron/command.go b/cmd/picoclaw/internal/cron/command.go new file mode 100644 index 000000000..39f8ccf28 --- /dev/null +++ b/cmd/picoclaw/internal/cron/command.go @@ -0,0 +1,44 @@ +package cron + +import ( + "fmt" + "path/filepath" + + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" +) + +func NewCronCommand() *cobra.Command { + var storePath string + + cmd := &cobra.Command{ + Use: "cron", + Aliases: []string{"c"}, + Short: "Manage scheduled tasks", + Args: cobra.NoArgs, + RunE: func(cmd *cobra.Command, _ []string) error { + return cmd.Help() + }, + // Resolve storePath at execution time so it reflects the current config + // and is shared across all subcommands. + PersistentPreRunE: func(_ *cobra.Command, _ []string) error { + cfg, err := internal.LoadConfig() + if err != nil { + return fmt.Errorf("error loading config: %w", err) + } + storePath = filepath.Join(cfg.WorkspacePath(), "cron", "jobs.json") + return nil + }, + } + + cmd.AddCommand( + newListCommand(func() string { return storePath }), + newAddCommand(func() string { return storePath }), + newRemoveCommand(func() string { return storePath }), + newEnableCommand(func() string { return storePath }), + newDisableCommand(func() string { return storePath }), + ) + + return cmd +} diff --git a/cmd/picoclaw/internal/cron/command_test.go b/cmd/picoclaw/internal/cron/command_test.go new file mode 100644 index 000000000..af2ac83ae --- /dev/null +++ b/cmd/picoclaw/internal/cron/command_test.go @@ -0,0 +1,58 @@ +package cron + +import ( + "slices" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewCronCommand(t *testing.T) { + cmd := NewCronCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "Manage scheduled tasks", cmd.Short) + + assert.Len(t, cmd.Aliases, 1) + assert.True(t, cmd.HasAlias("c")) + + assert.False(t, cmd.HasFlags()) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.NotNil(t, cmd.PersistentPreRunE) + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) + + assert.True(t, cmd.HasSubCommands()) + + allowedCommands := []string{ + "list", + "add", + "remove", + "enable", + "disable", + } + + subcommands := cmd.Commands() + assert.Len(t, subcommands, len(allowedCommands)) + + for _, subcmd := range subcommands { + found := slices.Contains(allowedCommands, subcmd.Name()) + assert.True(t, found, "unexpected subcommand %q", subcmd.Name()) + + assert.Len(t, subcmd.Aliases, 0) + assert.False(t, subcmd.Hidden) + + assert.False(t, subcmd.HasSubCommands()) + + assert.Nil(t, subcmd.Run) + assert.NotNil(t, subcmd.RunE) + + assert.Nil(t, subcmd.PersistentPreRun) + assert.Nil(t, subcmd.PersistentPostRun) + } +} diff --git a/cmd/picoclaw/internal/cron/disable.go b/cmd/picoclaw/internal/cron/disable.go new file mode 100644 index 000000000..a3670fd50 --- /dev/null +++ b/cmd/picoclaw/internal/cron/disable.go @@ -0,0 +1,16 @@ +package cron + +import "github.com/spf13/cobra" + +func newDisableCommand(storePath func() string) *cobra.Command { + return &cobra.Command{ + Use: "disable", + Short: "Disable a job", + Args: cobra.ExactArgs(1), + Example: `picoclaw cron disable 1`, + RunE: func(_ *cobra.Command, args []string) error { + cronSetJobEnabled(storePath(), args[0], false) + return nil + }, + } +} diff --git a/cmd/picoclaw/internal/cron/disable_test.go b/cmd/picoclaw/internal/cron/disable_test.go new file mode 100644 index 000000000..e5d2ff844 --- /dev/null +++ b/cmd/picoclaw/internal/cron/disable_test.go @@ -0,0 +1,20 @@ +package cron + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestDisableSubcommand(t *testing.T) { + fn := func() string { return "" } + cmd := newDisableCommand(fn) + + require.NotNil(t, cmd) + + assert.Equal(t, "disable", cmd.Use) + assert.Equal(t, "Disable a job", cmd.Short) + + assert.True(t, cmd.HasExample()) +} diff --git a/cmd/picoclaw/internal/cron/enable.go b/cmd/picoclaw/internal/cron/enable.go new file mode 100644 index 000000000..7f8b05233 --- /dev/null +++ b/cmd/picoclaw/internal/cron/enable.go @@ -0,0 +1,16 @@ +package cron + +import "github.com/spf13/cobra" + +func newEnableCommand(storePath func() string) *cobra.Command { + return &cobra.Command{ + Use: "enable", + Short: "Enable a job", + Args: cobra.ExactArgs(1), + Example: `picoclaw cron enable 1`, + RunE: func(_ *cobra.Command, args []string) error { + cronSetJobEnabled(storePath(), args[0], true) + return nil + }, + } +} diff --git a/cmd/picoclaw/internal/cron/enable_test.go b/cmd/picoclaw/internal/cron/enable_test.go new file mode 100644 index 000000000..85a2e01aa --- /dev/null +++ b/cmd/picoclaw/internal/cron/enable_test.go @@ -0,0 +1,20 @@ +package cron + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestEnableSubcommand(t *testing.T) { + fn := func() string { return "" } + cmd := newEnableCommand(fn) + + require.NotNil(t, cmd) + + assert.Equal(t, "enable", cmd.Use) + assert.Equal(t, "Enable a job", cmd.Short) + + assert.True(t, cmd.HasExample()) +} diff --git a/cmd/picoclaw/internal/cron/helpers.go b/cmd/picoclaw/internal/cron/helpers.go new file mode 100644 index 000000000..88bdf1bf7 --- /dev/null +++ b/cmd/picoclaw/internal/cron/helpers.go @@ -0,0 +1,66 @@ +package cron + +import ( + "fmt" + "time" + + "github.com/sipeed/picoclaw/pkg/cron" +) + +func cronListCmd(storePath string) { + cs := cron.NewCronService(storePath, nil) + jobs := cs.ListJobs(true) // Show all jobs, including disabled + + if len(jobs) == 0 { + fmt.Println("No scheduled jobs.") + return + } + + fmt.Println("\nScheduled Jobs:") + fmt.Println("----------------") + for _, job := range jobs { + var schedule string + if job.Schedule.Kind == "every" && job.Schedule.EveryMS != nil { + schedule = fmt.Sprintf("every %ds", *job.Schedule.EveryMS/1000) + } else if job.Schedule.Kind == "cron" { + schedule = job.Schedule.Expr + } else { + schedule = "one-time" + } + + nextRun := "scheduled" + if job.State.NextRunAtMS != nil { + nextTime := time.UnixMilli(*job.State.NextRunAtMS) + nextRun = nextTime.Format("2006-01-02 15:04") + } + + status := "enabled" + if !job.Enabled { + status = "disabled" + } + + fmt.Printf(" %s (%s)\n", job.Name, job.ID) + fmt.Printf(" Schedule: %s\n", schedule) + fmt.Printf(" Status: %s\n", status) + fmt.Printf(" Next run: %s\n", nextRun) + } +} + +func cronRemoveCmd(storePath, jobID string) { + cs := cron.NewCronService(storePath, nil) + if cs.RemoveJob(jobID) { + fmt.Printf("āœ“ Removed job %s\n", jobID) + } else { + fmt.Printf("āœ— Job %s not found\n", jobID) + } +} + +func cronSetJobEnabled(storePath, jobID string, enabled bool) { + cs := cron.NewCronService(storePath, nil) + job := cs.EnableJob(jobID, enabled) + if job != nil { + fmt.Printf("āœ“ Job '%s' enabled\n", job.Name) + } else { + fmt.Printf("āœ— Job %s not found\n", jobID) + } +} diff --git a/cmd/picoclaw/internal/cron/list.go b/cmd/picoclaw/internal/cron/list.go new file mode 100644 index 000000000..854eb1a44 --- /dev/null +++ b/cmd/picoclaw/internal/cron/list.go @@ -0,0 +1,17 @@ +package cron + +import "github.com/spf13/cobra" + +func newListCommand(storePath func() string) *cobra.Command { + cmd := &cobra.Command{ + Use: "list", + Short: "List all scheduled jobs", + Args: cobra.NoArgs, + RunE: func(_ *cobra.Command, _ []string) error { + cronListCmd(storePath()) + return nil + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/cron/list_test.go b/cmd/picoclaw/internal/cron/list_test.go new file mode 100644 index 000000000..0b9d1bd59 --- /dev/null +++ b/cmd/picoclaw/internal/cron/list_test.go @@ -0,0 +1,17 @@ +package cron + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewListSubcommand(t *testing.T) { + fn := func() string { return "" } + cmd := newListCommand(fn) + + require.NotNil(t, cmd) + + assert.Equal(t, "List all scheduled jobs", cmd.Short) +} diff --git a/cmd/picoclaw/internal/cron/remove.go b/cmd/picoclaw/internal/cron/remove.go new file mode 100644 index 000000000..5f1d1a04b --- /dev/null +++ b/cmd/picoclaw/internal/cron/remove.go @@ -0,0 +1,18 @@ +package cron + +import "github.com/spf13/cobra" + +func newRemoveCommand(storePath func() string) *cobra.Command { + cmd := &cobra.Command{ + Use: "remove", + Short: "Remove a job by ID", + Args: cobra.ExactArgs(1), + Example: `picoclaw cron remove 1`, + RunE: func(_ *cobra.Command, args []string) error { + cronRemoveCmd(storePath(), args[0]) + return nil + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/cron/remove_test.go b/cmd/picoclaw/internal/cron/remove_test.go new file mode 100644 index 000000000..36121f370 --- /dev/null +++ b/cmd/picoclaw/internal/cron/remove_test.go @@ -0,0 +1,19 @@ +package cron + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewRemoveSubcommand(t *testing.T) { + fn := func() string { return "" } + cmd := newRemoveCommand(fn) + + require.NotNil(t, cmd) + + assert.Equal(t, "Remove a job by ID", cmd.Short) + + assert.True(t, cmd.HasExample()) +} diff --git a/cmd/picoclaw/internal/gateway/command.go b/cmd/picoclaw/internal/gateway/command.go new file mode 100644 index 000000000..66a56f9ce --- /dev/null +++ b/cmd/picoclaw/internal/gateway/command.go @@ -0,0 +1,23 @@ +package gateway + +import ( + "github.com/spf13/cobra" +) + +func NewGatewayCommand() *cobra.Command { + var debug bool + + cmd := &cobra.Command{ + Use: "gateway", + Aliases: []string{"g"}, + Short: "Start picoclaw gateway", + Args: cobra.NoArgs, + RunE: func(_ *cobra.Command, _ []string) error { + return gatewayCmd(debug) + }, + } + + cmd.Flags().BoolVarP(&debug, "debug", "d", false, "Enable debug logging") + + return cmd +} diff --git a/cmd/picoclaw/internal/gateway/command_test.go b/cmd/picoclaw/internal/gateway/command_test.go new file mode 100644 index 000000000..4d591ea67 --- /dev/null +++ b/cmd/picoclaw/internal/gateway/command_test.go @@ -0,0 +1,31 @@ +package gateway + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewGatewayCommand(t *testing.T) { + cmd := NewGatewayCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "gateway", cmd.Use) + assert.Equal(t, "Start picoclaw gateway", cmd.Short) + + assert.Len(t, cmd.Aliases, 1) + assert.True(t, cmd.HasAlias("g")) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) + + assert.False(t, cmd.HasSubCommands()) + + assert.True(t, cmd.HasFlags()) + assert.NotNil(t, cmd.Flags().Lookup("debug")) +} diff --git a/cmd/picoclaw/cmd_gateway.go b/cmd/picoclaw/internal/gateway/helpers.go similarity index 91% rename from cmd/picoclaw/cmd_gateway.go rename to cmd/picoclaw/internal/gateway/helpers.go index 3010c1451..a06625dc9 100644 --- a/cmd/picoclaw/cmd_gateway.go +++ b/cmd/picoclaw/internal/gateway/helpers.go @@ -1,10 +1,8 @@ -// PicoClaw - Ultra-lightweight personal AI agent -// License: MIT - -package main +package gateway import ( "context" + "errors" "fmt" "net/http" "os" @@ -13,6 +11,7 @@ import ( "strings" "time" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" "github.com/sipeed/picoclaw/pkg/agent" "github.com/sipeed/picoclaw/pkg/bus" "github.com/sipeed/picoclaw/pkg/channels" @@ -28,28 +27,22 @@ import ( "github.com/sipeed/picoclaw/pkg/voice" ) -func gatewayCmd() { - // Check for --debug flag - args := os.Args[2:] - for _, arg := range args { - if arg == "--debug" || arg == "-d" { - logger.SetLevel(logger.DEBUG) - fmt.Println("šŸ” Debug mode enabled") - break - } +func gatewayCmd(debug bool) error { + if debug { + logger.SetLevel(logger.DEBUG) + fmt.Println("šŸ” Debug mode enabled") } - cfg, err := loadConfig() + cfg, err := internal.LoadConfig() if err != nil { - fmt.Printf("Error loading config: %v\n", err) - os.Exit(1) + return fmt.Errorf("error loading config: %w", err) } provider, modelID, err := providers.CreateProvider(cfg) if err != nil { - fmt.Printf("Error creating provider: %v\n", err) - os.Exit(1) + return fmt.Errorf("error creating provider: %w", err) } + // Use the resolved model ID from provider creation if modelID != "" { cfg.Agents.Defaults.ModelName = modelID @@ -114,8 +107,7 @@ func gatewayCmd() { channelManager, err := channels.NewManager(cfg, msgBus) if err != nil { - fmt.Printf("Error creating channel manager: %v\n", err) - os.Exit(1) + return fmt.Errorf("error creating channel manager: %w", err) } // Inject channel manager into agent loop for command handling @@ -198,7 +190,7 @@ func gatewayCmd() { healthServer := health.NewServer(cfg.Gateway.Host, cfg.Gateway.Port) go func() { - if err := healthServer.Start(); err != nil && err != http.ErrServerClosed { + if err := healthServer.Start(); err != nil && !errors.Is(err, http.ErrServerClosed) { logger.ErrorCF("health", "Health server error", map[string]any{"error": err.Error()}) } }() @@ -222,6 +214,8 @@ func gatewayCmd() { agentLoop.Stop() channelManager.StopAll(ctx) fmt.Println("āœ“ Gateway stopped") + + return nil } func setupCronTool( diff --git a/cmd/picoclaw/internal/helpers.go b/cmd/picoclaw/internal/helpers.go new file mode 100644 index 000000000..a084dc1be --- /dev/null +++ b/cmd/picoclaw/internal/helpers.go @@ -0,0 +1,54 @@ +package internal + +import ( + "fmt" + "os" + "path/filepath" + "runtime" + + "github.com/sipeed/picoclaw/pkg/config" +) + +const Logo = "šŸ¦ž" + +var ( + version = "dev" + gitCommit string + buildTime string + goVersion string +) + +func GetConfigPath() string { + home, _ := os.UserHomeDir() + return filepath.Join(home, ".picoclaw", "config.json") +} + +func LoadConfig() (*config.Config, error) { + return config.LoadConfig(GetConfigPath()) +} + +// FormatVersion returns the version string with optional git commit +func FormatVersion() string { + v := version + if gitCommit != "" { + v += fmt.Sprintf(" (git: %s)", gitCommit) + } + return v +} + +// FormatBuildInfo returns build time and go version info +func FormatBuildInfo() (build string, goVer string) { + if buildTime != "" { + build = buildTime + } + goVer = goVersion + if goVer == "" { + goVer = runtime.Version() + } + return +} + +// GetVersion returns the version string +func GetVersion() string { + return version +} diff --git a/cmd/picoclaw/internal/helpers_test.go b/cmd/picoclaw/internal/helpers_test.go new file mode 100644 index 000000000..9342d141d --- /dev/null +++ b/cmd/picoclaw/internal/helpers_test.go @@ -0,0 +1,97 @@ +package internal + +import ( + "path/filepath" + "runtime" + "strings" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestGetConfigPath(t *testing.T) { + t.Setenv("HOME", "/tmp/home") + + got := GetConfigPath() + want := filepath.Join("/tmp/home", ".picoclaw", "config.json") + + assert.Equal(t, want, got) +} + +func TestFormatVersion_NoGitCommit(t *testing.T) { + oldVersion, oldGit := version, gitCommit + t.Cleanup(func() { version, gitCommit = oldVersion, oldGit }) + + version = "1.2.3" + gitCommit = "" + + assert.Equal(t, "1.2.3", FormatVersion()) +} + +func TestFormatVersion_WithGitCommit(t *testing.T) { + oldVersion, oldGit := version, gitCommit + t.Cleanup(func() { version, gitCommit = oldVersion, oldGit }) + + version = "1.2.3" + gitCommit = "abc123" + + assert.Equal(t, "1.2.3 (git: abc123)", FormatVersion()) +} + +func TestFormatBuildInfo_UsesBuildTimeAndGoVersion_WhenSet(t *testing.T) { + oldBuildTime, oldGoVersion := buildTime, goVersion + t.Cleanup(func() { buildTime, goVersion = oldBuildTime, oldGoVersion }) + + buildTime = "2026-02-20T00:00:00Z" + goVersion = "go1.23.0" + + build, goVer := FormatBuildInfo() + + assert.Equal(t, buildTime, build) + assert.Equal(t, goVersion, goVer) +} + +func TestFormatBuildInfo_EmptyBuildTime_ReturnsEmptyBuild(t *testing.T) { + oldBuildTime, oldGoVersion := buildTime, goVersion + t.Cleanup(func() { buildTime, goVersion = oldBuildTime, oldGoVersion }) + + buildTime = "" + goVersion = "go1.23.0" + + build, goVer := FormatBuildInfo() + + assert.Empty(t, build) + assert.Equal(t, goVersion, goVer) +} + +func TestFormatBuildInfo_EmptyGoVersion_FallsBackToRuntimeVersion(t *testing.T) { + oldBuildTime, oldGoVersion := buildTime, goVersion + t.Cleanup(func() { buildTime, goVersion = oldBuildTime, oldGoVersion }) + + buildTime = "x" + goVersion = "" + + build, goVer := FormatBuildInfo() + + assert.Equal(t, "x", build) + assert.Equal(t, runtime.Version(), goVer) +} + +func TestGetConfigPath_Windows(t *testing.T) { + if runtime.GOOS != "windows" { + t.Skip("windows-specific HOME behavior varies; run on windows") + } + + testUserProfilePath := `C:\Users\Test` + t.Setenv("USERPROFILE", testUserProfilePath) + + got := GetConfigPath() + want := filepath.Join(testUserProfilePath, ".picoclaw", "config.json") + + require.True(t, strings.EqualFold(got, want), "GetConfigPath() = %q, want %q", got, want) +} + +func TestGetVersion(t *testing.T) { + assert.Equal(t, "dev", GetVersion()) +} diff --git a/cmd/picoclaw/internal/migrate/command.go b/cmd/picoclaw/internal/migrate/command.go new file mode 100644 index 000000000..fb1cee164 --- /dev/null +++ b/cmd/picoclaw/internal/migrate/command.go @@ -0,0 +1,48 @@ +package migrate + +import ( + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/pkg/migrate" +) + +func NewMigrateCommand() *cobra.Command { + var opts migrate.Options + + cmd := &cobra.Command{ + Use: "migrate", + Short: "Migrate from OpenClaw to PicoClaw", + Args: cobra.NoArgs, + Example: ` picoclaw migrate + picoclaw migrate --dry-run + picoclaw migrate --refresh + picoclaw migrate --force`, + RunE: func(cmd *cobra.Command, _ []string) error { + result, err := migrate.Run(opts) + if err != nil { + return err + } + if !opts.DryRun { + migrate.PrintSummary(result) + } + return nil + }, + } + + cmd.Flags().BoolVar(&opts.DryRun, "dry-run", false, + "Show what would be migrated without making changes") + cmd.Flags().BoolVar(&opts.Refresh, "refresh", false, + "Re-sync workspace files from OpenClaw (repeatable)") + cmd.Flags().BoolVar(&opts.ConfigOnly, "config-only", false, + "Only migrate config, skip workspace files") + cmd.Flags().BoolVar(&opts.WorkspaceOnly, "workspace-only", false, + "Only migrate workspace files, skip config") + cmd.Flags().BoolVar(&opts.Force, "force", false, + "Skip confirmation prompts") + cmd.Flags().StringVar(&opts.OpenClawHome, "openclaw-home", "", + "Override OpenClaw home directory (default: ~/.openclaw)") + cmd.Flags().StringVar(&opts.PicoClawHome, "picoclaw-home", "", + "Override PicoClaw home directory (default: ~/.picoclaw)") + + return cmd +} diff --git a/cmd/picoclaw/internal/migrate/command_test.go b/cmd/picoclaw/internal/migrate/command_test.go new file mode 100644 index 000000000..1948aa327 --- /dev/null +++ b/cmd/picoclaw/internal/migrate/command_test.go @@ -0,0 +1,38 @@ +package migrate + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewMigrateCommand(t *testing.T) { + cmd := NewMigrateCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "migrate", cmd.Use) + assert.Equal(t, "Migrate from OpenClaw to PicoClaw", cmd.Short) + + assert.Len(t, cmd.Aliases, 0) + + assert.True(t, cmd.HasExample()) + assert.False(t, cmd.HasSubCommands()) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) + + assert.True(t, cmd.HasFlags()) + + assert.NotNil(t, cmd.Flags().Lookup("dry-run")) + assert.NotNil(t, cmd.Flags().Lookup("refresh")) + assert.NotNil(t, cmd.Flags().Lookup("config-only")) + assert.NotNil(t, cmd.Flags().Lookup("workspace-only")) + assert.NotNil(t, cmd.Flags().Lookup("force")) + assert.NotNil(t, cmd.Flags().Lookup("openclaw-home")) + assert.NotNil(t, cmd.Flags().Lookup("picoclaw-home")) +} diff --git a/cmd/picoclaw/internal/onboard/command.go b/cmd/picoclaw/internal/onboard/command.go new file mode 100644 index 000000000..ec1012959 --- /dev/null +++ b/cmd/picoclaw/internal/onboard/command.go @@ -0,0 +1,24 @@ +package onboard + +import ( + "embed" + + "github.com/spf13/cobra" +) + +//go:generate cp -r ../../../../workspace . +//go:embed workspace +var embeddedFiles embed.FS + +func NewOnboardCommand() *cobra.Command { + cmd := &cobra.Command{ + Use: "onboard", + Aliases: []string{"o"}, + Short: "Initialize picoclaw configuration and workspace", + Run: func(cmd *cobra.Command, args []string) { + onboard() + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/onboard/command_test.go b/cmd/picoclaw/internal/onboard/command_test.go new file mode 100644 index 000000000..bc799a079 --- /dev/null +++ b/cmd/picoclaw/internal/onboard/command_test.go @@ -0,0 +1,29 @@ +package onboard + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewOnboardCommand(t *testing.T) { + cmd := NewOnboardCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "onboard", cmd.Use) + assert.Equal(t, "Initialize picoclaw configuration and workspace", cmd.Short) + + assert.Len(t, cmd.Aliases, 1) + assert.True(t, cmd.HasAlias("o")) + + assert.NotNil(t, cmd.Run) + assert.Nil(t, cmd.RunE) + + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) + + assert.False(t, cmd.HasFlags()) + assert.False(t, cmd.HasSubCommands()) +} diff --git a/cmd/picoclaw/cmd_onboard.go b/cmd/picoclaw/internal/onboard/helpers.go similarity index 90% rename from cmd/picoclaw/cmd_onboard.go rename to cmd/picoclaw/internal/onboard/helpers.go index 1a9ebad61..4db8bdc8b 100644 --- a/cmd/picoclaw/cmd_onboard.go +++ b/cmd/picoclaw/internal/onboard/helpers.go @@ -1,24 +1,17 @@ -// PicoClaw - Ultra-lightweight personal AI agent -// License: MIT - -package main +package onboard import ( - "embed" "fmt" "io/fs" "os" "path/filepath" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" "github.com/sipeed/picoclaw/pkg/config" ) -//go:generate cp -r ../../workspace . -//go:embed workspace -var embeddedFiles embed.FS - func onboard() { - configPath := getConfigPath() + configPath := internal.GetConfigPath() if _, err := os.Stat(configPath); err == nil { fmt.Printf("Config already exists at %s\n", configPath) @@ -40,7 +33,7 @@ func onboard() { workspace := cfg.WorkspacePath() createWorkspaceTemplates(workspace) - fmt.Printf("%s picoclaw is ready!\n", logo) + fmt.Printf("%s picoclaw is ready!\n", internal.Logo) fmt.Println("\nNext steps:") fmt.Println(" 1. Add your API key to", configPath) fmt.Println("") @@ -53,6 +46,13 @@ func onboard() { fmt.Println(" 2. Chat: picoclaw agent -m \"Hello!\"") } +func createWorkspaceTemplates(workspace string) { + err := copyEmbeddedToTarget(workspace) + if err != nil { + fmt.Printf("Error copying workspace templates: %v\n", err) + } +} + func copyEmbeddedToTarget(targetDir string) error { // Ensure target directory exists if err := os.MkdirAll(targetDir, 0o755); err != nil { @@ -99,10 +99,3 @@ func copyEmbeddedToTarget(targetDir string) error { return err } - -func createWorkspaceTemplates(workspace string) { - err := copyEmbeddedToTarget(workspace) - if err != nil { - fmt.Printf("Error copying workspace templates: %v\n", err) - } -} diff --git a/cmd/picoclaw/internal/skills/command.go b/cmd/picoclaw/internal/skills/command.go new file mode 100644 index 000000000..7f8bd011d --- /dev/null +++ b/cmd/picoclaw/internal/skills/command.go @@ -0,0 +1,79 @@ +package skills + +import ( + "fmt" + "path/filepath" + + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" + "github.com/sipeed/picoclaw/pkg/skills" +) + +type deps struct { + workspace string + installer *skills.SkillInstaller + skillsLoader *skills.SkillsLoader +} + +func NewSkillsCommand() *cobra.Command { + var d deps + + cmd := &cobra.Command{ + Use: "skills", + Short: "Manage skills", + PersistentPreRunE: func(cmd *cobra.Command, _ []string) error { + cfg, err := internal.LoadConfig() + if err != nil { + return fmt.Errorf("error loading config: %w", err) + } + + d.workspace = cfg.WorkspacePath() + d.installer = skills.NewSkillInstaller(d.workspace) + + // get global config directory and builtin skills directory + globalDir := filepath.Dir(internal.GetConfigPath()) + globalSkillsDir := filepath.Join(globalDir, "skills") + builtinSkillsDir := filepath.Join(globalDir, "picoclaw", "skills") + d.skillsLoader = skills.NewSkillsLoader(d.workspace, globalSkillsDir, builtinSkillsDir) + + return nil + }, + RunE: func(cmd *cobra.Command, _ []string) error { + return cmd.Help() + }, + } + + installerFn := func() (*skills.SkillInstaller, error) { + if d.installer == nil { + return nil, fmt.Errorf("skills installer is not initialized") + } + return d.installer, nil + } + + loaderFn := func() (*skills.SkillsLoader, error) { + if d.skillsLoader == nil { + return nil, fmt.Errorf("skills loader is not initialized") + } + return d.skillsLoader, nil + } + + workspaceFn := func() (string, error) { + if d.workspace == "" { + return "", fmt.Errorf("workspace is not initialized") + } + return d.workspace, nil + } + + cmd.AddCommand( + newListCommand(loaderFn), + newInstallCommand(installerFn), + newInstallBuiltinCommand(workspaceFn), + newListBuiltinCommand(), + newRemoveCommand(installerFn), + newSearchCommand(installerFn), + newShowCommand(loaderFn), + ) + + return cmd +} diff --git a/cmd/picoclaw/internal/skills/command_test.go b/cmd/picoclaw/internal/skills/command_test.go new file mode 100644 index 000000000..0917d1384 --- /dev/null +++ b/cmd/picoclaw/internal/skills/command_test.go @@ -0,0 +1,28 @@ +package skills + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewSkillsCommand(t *testing.T) { + cmd := NewSkillsCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "skills", cmd.Use) + assert.Equal(t, "Manage skills", cmd.Short) + + assert.Len(t, cmd.Aliases, 0) + + assert.False(t, cmd.HasFlags()) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.NotNil(t, cmd.PersistentPreRunE) + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) +} diff --git a/cmd/picoclaw/cmd_skills.go b/cmd/picoclaw/internal/skills/helpers.go similarity index 72% rename from cmd/picoclaw/cmd_skills.go rename to cmd/picoclaw/internal/skills/helpers.go index 0814494b3..439b81a4f 100644 --- a/cmd/picoclaw/cmd_skills.go +++ b/cmd/picoclaw/internal/skills/helpers.go @@ -1,40 +1,20 @@ -// PicoClaw - Ultra-lightweight personal AI agent -// License: MIT - -package main +package skills import ( "context" "fmt" + "io" "os" "path/filepath" "strings" "time" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" "github.com/sipeed/picoclaw/pkg/config" "github.com/sipeed/picoclaw/pkg/skills" "github.com/sipeed/picoclaw/pkg/utils" ) -func skillsHelp() { - fmt.Println("\nSkills commands:") - fmt.Println(" list List installed skills") - fmt.Println(" install Install skill from GitHub") - fmt.Println(" install-builtin Install all builtin skills to workspace") - fmt.Println(" list-builtin List available builtin skills") - fmt.Println(" remove Remove installed skill") - fmt.Println(" search Search available skills") - fmt.Println(" show Show skill details") - fmt.Println() - fmt.Println("Examples:") - fmt.Println(" picoclaw skills list") - fmt.Println(" picoclaw skills install sipeed/picoclaw-skills/weather") - fmt.Println(" picoclaw skills install-builtin") - fmt.Println(" picoclaw skills list-builtin") - fmt.Println(" picoclaw skills remove weather") - fmt.Println(" picoclaw skills install --registry clawhub github") -} - func skillsListCmd(loader *skills.SkillsLoader) { allSkills := loader.ListSkills() @@ -53,53 +33,31 @@ func skillsListCmd(loader *skills.SkillsLoader) { } } -func skillsInstallCmd(installer *skills.SkillInstaller, cfg *config.Config) { - if len(os.Args) < 4 { - fmt.Println("Usage: picoclaw skills install ") - fmt.Println(" picoclaw skills install --registry ") - return - } - - // Check for --registry flag. - if os.Args[3] == "--registry" { - if len(os.Args) < 6 { - fmt.Println("Usage: picoclaw skills install --registry ") - fmt.Println("Example: picoclaw skills install --registry clawhub github") - return - } - registryName := os.Args[4] - slug := os.Args[5] - skillsInstallFromRegistry(cfg, registryName, slug) - return - } - - // Default: install from GitHub (backward compatible). - repo := os.Args[3] +func skillsInstallCmd(installer *skills.SkillInstaller, repo string) error { fmt.Printf("Installing skill from %s...\n", repo) ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second) defer cancel() if err := installer.InstallFromGitHub(ctx, repo); err != nil { - fmt.Printf("\u2717 Failed to install skill: %v\n", err) - os.Exit(1) + return fmt.Errorf("failed to install skill: %w", err) } fmt.Printf("\u2713 Skill '%s' installed successfully!\n", filepath.Base(repo)) + + return nil } // skillsInstallFromRegistry installs a skill from a named registry (e.g. clawhub). -func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) { +func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) error { err := utils.ValidateSkillIdentifier(registryName) if err != nil { - fmt.Printf("\u2717 Invalid registry name: %v\n", err) - os.Exit(1) + return fmt.Errorf("āœ— invalid registry name: %w", err) } err = utils.ValidateSkillIdentifier(slug) if err != nil { - fmt.Printf("\u2717 Invalid slug: %v\n", err) - os.Exit(1) + return fmt.Errorf("āœ— invalid slug: %w", err) } fmt.Printf("Installing skill '%s' from %s registry...\n", slug, registryName) @@ -111,24 +69,21 @@ func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) { registry := registryMgr.GetRegistry(registryName) if registry == nil { - fmt.Printf("\u2717 Registry '%s' not found or not enabled. Check your config.json.\n", registryName) - os.Exit(1) + return fmt.Errorf("āœ— registry '%s' not found or not enabled. check your config.json.", registryName) } workspace := cfg.WorkspacePath() targetDir := filepath.Join(workspace, "skills", slug) if _, err = os.Stat(targetDir); err == nil { - fmt.Printf("\u2717 Skill '%s' already installed at %s\n", slug, targetDir) - os.Exit(1) + return fmt.Errorf("\u2717 skill '%s' already installed at %s", slug, targetDir) } ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second) defer cancel() if err = os.MkdirAll(filepath.Join(workspace, "skills"), 0o755); err != nil { - fmt.Printf("\u2717 Failed to create skills directory: %v\n", err) - os.Exit(1) + return fmt.Errorf("\u2717 failed to create skills directory: %v", err) } result, err := registry.DownloadAndInstall(ctx, slug, "", targetDir) @@ -137,8 +92,7 @@ func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) { if rmErr != nil { fmt.Printf("\u2717 Failed to remove partial install: %v\n", rmErr) } - fmt.Printf("\u2717 Failed to install skill: %v\n", err) - os.Exit(1) + return fmt.Errorf("āœ— failed to install skill: %w", err) } if result.IsMalwareBlocked { @@ -146,8 +100,8 @@ func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) { if rmErr != nil { fmt.Printf("\u2717 Failed to remove partial install: %v\n", rmErr) } - fmt.Printf("\u2717 Skill '%s' is flagged as malicious and cannot be installed.\n", slug) - os.Exit(1) + + return fmt.Errorf("\u2717 Skill '%s' is flagged as malicious and cannot be installed.\n", slug) } if result.IsSuspicious { @@ -158,6 +112,8 @@ func skillsInstallFromRegistry(cfg *config.Config, registryName, slug string) { if result.Summary != "" { fmt.Printf(" %s\n", result.Summary) } + + return nil } func skillsRemoveCmd(installer *skills.SkillInstaller, skillName string) { @@ -208,7 +164,7 @@ func skillsInstallBuiltinCmd(workspace string) { } func skillsListBuiltinCmd() { - cfg, err := loadConfig() + cfg, err := internal.LoadConfig() if err != nil { fmt.Printf("Error loading config: %v\n", err) return @@ -303,3 +259,37 @@ func skillsShowCmd(loader *skills.SkillsLoader, skillName string) { fmt.Println("----------------------") fmt.Println(content) } + +func copyDirectory(src, dst string) error { + return filepath.Walk(src, func(path string, info os.FileInfo, err error) error { + if err != nil { + return err + } + + relPath, err := filepath.Rel(src, path) + if err != nil { + return err + } + + dstPath := filepath.Join(dst, relPath) + + if info.IsDir() { + return os.MkdirAll(dstPath, info.Mode()) + } + + srcFile, err := os.Open(path) + if err != nil { + return err + } + defer srcFile.Close() + + dstFile, err := os.OpenFile(dstPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, info.Mode()) + if err != nil { + return err + } + defer dstFile.Close() + + _, err = io.Copy(dstFile, srcFile) + return err + }) +} diff --git a/cmd/picoclaw/internal/skills/install.go b/cmd/picoclaw/internal/skills/install.go new file mode 100644 index 000000000..a30f68632 --- /dev/null +++ b/cmd/picoclaw/internal/skills/install.go @@ -0,0 +1,58 @@ +package skills + +import ( + "fmt" + + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" + "github.com/sipeed/picoclaw/pkg/skills" +) + +func newInstallCommand(installerFn func() (*skills.SkillInstaller, error)) *cobra.Command { + var registry string + + cmd := &cobra.Command{ + Use: "install", + Short: "Install skill from GitHub", + Example: ` +picoclaw skills install sipeed/picoclaw-skills/weather +picoclaw skills install --registry clawhub github +`, + Args: func(cmd *cobra.Command, args []string) error { + if registry != "" { + if len(args) != 2 { + return fmt.Errorf("when --registry is set, exactly 2 arguments are required: ") + } + return nil + } + + if len(args) != 1 { + return fmt.Errorf("exactly 1 argument is required: ") + } + + return nil + }, + RunE: func(_ *cobra.Command, args []string) error { + installer, err := installerFn() + if err != nil { + return err + } + + if registry != "" { + cfg, err := internal.LoadConfig() + if err != nil { + return err + } + + return skillsInstallFromRegistry(cfg, args[0], args[1]) + } + + return skillsInstallCmd(installer, args[0]) + }, + } + + cmd.Flags().StringVar(®istry, "registry", "", "Install from registry: --registry ") + + return cmd +} diff --git a/cmd/picoclaw/internal/skills/install_test.go b/cmd/picoclaw/internal/skills/install_test.go new file mode 100644 index 000000000..97787a986 --- /dev/null +++ b/cmd/picoclaw/internal/skills/install_test.go @@ -0,0 +1,28 @@ +package skills + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewInstallSubcommand(t *testing.T) { + cmd := newInstallCommand(nil) + + require.NotNil(t, cmd) + + assert.Equal(t, "install", cmd.Use) + assert.Equal(t, "Install skill from GitHub", cmd.Short) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.True(t, cmd.HasExample()) + assert.False(t, cmd.HasSubCommands()) + + assert.True(t, cmd.HasFlags()) + assert.NotNil(t, cmd.Flags().Lookup("registry")) + + assert.Len(t, cmd.Aliases, 0) +} diff --git a/cmd/picoclaw/internal/skills/installbuiltin.go b/cmd/picoclaw/internal/skills/installbuiltin.go new file mode 100644 index 000000000..d4b7c6a9f --- /dev/null +++ b/cmd/picoclaw/internal/skills/installbuiltin.go @@ -0,0 +1,21 @@ +package skills + +import "github.com/spf13/cobra" + +func newInstallBuiltinCommand(workspaceFn func() (string, error)) *cobra.Command { + cmd := &cobra.Command{ + Use: "install-builtin", + Short: "Install all builtin skills to workspace", + Example: `picoclaw skills install-builtin`, + RunE: func(_ *cobra.Command, _ []string) error { + workspace, err := workspaceFn() + if err != nil { + return err + } + skillsInstallBuiltinCmd(workspace) + return nil + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/skills/installbuiltin_test.go b/cmd/picoclaw/internal/skills/installbuiltin_test.go new file mode 100644 index 000000000..ea65907e3 --- /dev/null +++ b/cmd/picoclaw/internal/skills/installbuiltin_test.go @@ -0,0 +1,27 @@ +package skills + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewInstallbuiltinSubcommand(t *testing.T) { + cmd := newInstallBuiltinCommand(nil) + + require.NotNil(t, cmd) + + assert.Equal(t, "install-builtin", cmd.Use) + assert.Equal(t, "Install all builtin skills to workspace", cmd.Short) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.True(t, cmd.HasExample()) + assert.False(t, cmd.HasSubCommands()) + + assert.False(t, cmd.HasFlags()) + + assert.Len(t, cmd.Aliases, 0) +} diff --git a/cmd/picoclaw/internal/skills/list.go b/cmd/picoclaw/internal/skills/list.go new file mode 100644 index 000000000..7d89ff8ed --- /dev/null +++ b/cmd/picoclaw/internal/skills/list.go @@ -0,0 +1,25 @@ +package skills + +import ( + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/pkg/skills" +) + +func newListCommand(loaderFn func() (*skills.SkillsLoader, error)) *cobra.Command { + cmd := &cobra.Command{ + Use: "list", + Short: "List installed skills", + Example: `picoclaw skills list`, + RunE: func(_ *cobra.Command, _ []string) error { + loader, err := loaderFn() + if err != nil { + return err + } + skillsListCmd(loader) + return nil + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/skills/list_test.go b/cmd/picoclaw/internal/skills/list_test.go new file mode 100644 index 000000000..9947ce7aa --- /dev/null +++ b/cmd/picoclaw/internal/skills/list_test.go @@ -0,0 +1,27 @@ +package skills + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewListSubcommand(t *testing.T) { + cmd := newListCommand(nil) + + require.NotNil(t, cmd) + + assert.Equal(t, "list", cmd.Use) + assert.Equal(t, "List installed skills", cmd.Short) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.True(t, cmd.HasExample()) + assert.False(t, cmd.HasSubCommands()) + + assert.False(t, cmd.HasFlags()) + + assert.Len(t, cmd.Aliases, 0) +} diff --git a/cmd/picoclaw/internal/skills/listbuiltin.go b/cmd/picoclaw/internal/skills/listbuiltin.go new file mode 100644 index 000000000..a3efb8d83 --- /dev/null +++ b/cmd/picoclaw/internal/skills/listbuiltin.go @@ -0,0 +1,16 @@ +package skills + +import "github.com/spf13/cobra" + +func newListBuiltinCommand() *cobra.Command { + cmd := &cobra.Command{ + Use: "list-builtin", + Short: "List available builtin skills", + Example: `picoclaw skills list-builtin`, + Run: func(_ *cobra.Command, _ []string) { + skillsListBuiltinCmd() + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/skills/listbuiltin_test.go b/cmd/picoclaw/internal/skills/listbuiltin_test.go new file mode 100644 index 000000000..d4f45a436 --- /dev/null +++ b/cmd/picoclaw/internal/skills/listbuiltin_test.go @@ -0,0 +1,26 @@ +package skills + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewListbuiltinSubcommand(t *testing.T) { + cmd := newListBuiltinCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "list-builtin", cmd.Use) + assert.Equal(t, "List available builtin skills", cmd.Short) + + assert.NotNil(t, cmd.Run) + + assert.True(t, cmd.HasExample()) + assert.False(t, cmd.HasSubCommands()) + + assert.False(t, cmd.HasFlags()) + + assert.Len(t, cmd.Aliases, 0) +} diff --git a/cmd/picoclaw/internal/skills/remove.go b/cmd/picoclaw/internal/skills/remove.go new file mode 100644 index 000000000..cd7d3a8b4 --- /dev/null +++ b/cmd/picoclaw/internal/skills/remove.go @@ -0,0 +1,27 @@ +package skills + +import ( + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/pkg/skills" +) + +func newRemoveCommand(installerFn func() (*skills.SkillInstaller, error)) *cobra.Command { + cmd := &cobra.Command{ + Use: "remove", + Aliases: []string{"rm", "uninstall"}, + Short: "Remove installed skill", + Args: cobra.ExactArgs(1), + Example: `picoclaw skills remove weather`, + RunE: func(_ *cobra.Command, args []string) error { + installer, err := installerFn() + if err != nil { + return err + } + skillsRemoveCmd(installer, args[0]) + return nil + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/skills/remove_test.go b/cmd/picoclaw/internal/skills/remove_test.go new file mode 100644 index 000000000..b4c79760c --- /dev/null +++ b/cmd/picoclaw/internal/skills/remove_test.go @@ -0,0 +1,29 @@ +package skills + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewRemoveSubcommand(t *testing.T) { + cmd := newRemoveCommand(nil) + + require.NotNil(t, cmd) + + assert.Equal(t, "remove", cmd.Use) + assert.Equal(t, "Remove installed skill", cmd.Short) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.True(t, cmd.HasExample()) + assert.False(t, cmd.HasSubCommands()) + + assert.False(t, cmd.HasFlags()) + + assert.Len(t, cmd.Aliases, 2) + assert.True(t, cmd.HasAlias("rm")) + assert.True(t, cmd.HasAlias("uninstall")) +} diff --git a/cmd/picoclaw/internal/skills/search.go b/cmd/picoclaw/internal/skills/search.go new file mode 100644 index 000000000..53bc99109 --- /dev/null +++ b/cmd/picoclaw/internal/skills/search.go @@ -0,0 +1,24 @@ +package skills + +import ( + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/pkg/skills" +) + +func newSearchCommand(installerFn func() (*skills.SkillInstaller, error)) *cobra.Command { + cmd := &cobra.Command{ + Use: "search", + Short: "Search available skills", + RunE: func(_ *cobra.Command, _ []string) error { + installer, err := installerFn() + if err != nil { + return err + } + skillsSearchCmd(installer) + return nil + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/skills/search_test.go b/cmd/picoclaw/internal/skills/search_test.go new file mode 100644 index 000000000..19f63a9ff --- /dev/null +++ b/cmd/picoclaw/internal/skills/search_test.go @@ -0,0 +1,25 @@ +package skills + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewSearchSubcommand(t *testing.T) { + cmd := newSearchCommand(nil) + + require.NotNil(t, cmd) + + assert.Equal(t, "search", cmd.Use) + assert.Equal(t, "Search available skills", cmd.Short) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.False(t, cmd.HasSubCommands()) + assert.False(t, cmd.HasFlags()) + + assert.Len(t, cmd.Aliases, 0) +} diff --git a/cmd/picoclaw/internal/skills/show.go b/cmd/picoclaw/internal/skills/show.go new file mode 100644 index 000000000..e484f3f28 --- /dev/null +++ b/cmd/picoclaw/internal/skills/show.go @@ -0,0 +1,26 @@ +package skills + +import ( + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/pkg/skills" +) + +func newShowCommand(loaderFn func() (*skills.SkillsLoader, error)) *cobra.Command { + cmd := &cobra.Command{ + Use: "show", + Short: "Show skill details", + Args: cobra.ExactArgs(1), + Example: `picoclaw skills show weather`, + RunE: func(_ *cobra.Command, args []string) error { + loader, err := loaderFn() + if err != nil { + return err + } + skillsShowCmd(loader, args[0]) + return nil + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/skills/show_test.go b/cmd/picoclaw/internal/skills/show_test.go new file mode 100644 index 000000000..5858d2790 --- /dev/null +++ b/cmd/picoclaw/internal/skills/show_test.go @@ -0,0 +1,27 @@ +package skills + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewShowSubcommand(t *testing.T) { + cmd := newShowCommand(nil) + + require.NotNil(t, cmd) + + assert.Equal(t, "show", cmd.Use) + assert.Equal(t, "Show skill details", cmd.Short) + + assert.Nil(t, cmd.Run) + assert.NotNil(t, cmd.RunE) + + assert.True(t, cmd.HasExample()) + assert.False(t, cmd.HasSubCommands()) + + assert.False(t, cmd.HasFlags()) + + assert.Len(t, cmd.Aliases, 0) +} diff --git a/cmd/picoclaw/internal/status/command.go b/cmd/picoclaw/internal/status/command.go new file mode 100644 index 000000000..9303ae2ec --- /dev/null +++ b/cmd/picoclaw/internal/status/command.go @@ -0,0 +1,18 @@ +package status + +import ( + "github.com/spf13/cobra" +) + +func NewStatusCommand() *cobra.Command { + cmd := &cobra.Command{ + Use: "status", + Aliases: []string{"s"}, + Short: "Show picoclaw status", + Run: func(cmd *cobra.Command, args []string) { + statusCmd() + }, + } + + return cmd +} diff --git a/cmd/picoclaw/internal/status/command_test.go b/cmd/picoclaw/internal/status/command_test.go new file mode 100644 index 000000000..974b4ea3d --- /dev/null +++ b/cmd/picoclaw/internal/status/command_test.go @@ -0,0 +1,29 @@ +package status + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewStatusCommand(t *testing.T) { + cmd := NewStatusCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "status", cmd.Use) + + assert.Len(t, cmd.Aliases, 1) + assert.True(t, cmd.HasAlias("s")) + + assert.Equal(t, "Show picoclaw status", cmd.Short) + + assert.False(t, cmd.HasSubCommands()) + + assert.NotNil(t, cmd.Run) + assert.Nil(t, cmd.RunE) + + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) +} diff --git a/cmd/picoclaw/cmd_status.go b/cmd/picoclaw/internal/status/helpers.go similarity index 90% rename from cmd/picoclaw/cmd_status.go rename to cmd/picoclaw/internal/status/helpers.go index 6a117bd17..ab28f4885 100644 --- a/cmd/picoclaw/cmd_status.go +++ b/cmd/picoclaw/internal/status/helpers.go @@ -1,27 +1,25 @@ -// PicoClaw - Ultra-lightweight personal AI agent -// License: MIT - -package main +package status import ( "fmt" "os" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" "github.com/sipeed/picoclaw/pkg/auth" ) func statusCmd() { - cfg, err := loadConfig() + cfg, err := internal.LoadConfig() if err != nil { fmt.Printf("Error loading config: %v\n", err) return } - configPath := getConfigPath() + configPath := internal.GetConfigPath() - fmt.Printf("%s picoclaw Status\n", logo) - fmt.Printf("Version: %s\n", formatVersion()) - build, _ := formatBuildInfo() + fmt.Printf("%s picoclaw Status\n", internal.Logo) + fmt.Printf("Version: %s\n", internal.FormatVersion()) + build, _ := internal.FormatBuildInfo() if build != "" { fmt.Printf("Build: %s\n", build) } diff --git a/cmd/picoclaw/internal/version/command.go b/cmd/picoclaw/internal/version/command.go new file mode 100644 index 000000000..1cf686671 --- /dev/null +++ b/cmd/picoclaw/internal/version/command.go @@ -0,0 +1,33 @@ +package version + +import ( + "fmt" + + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" +) + +func NewVersionCommand() *cobra.Command { + cmd := &cobra.Command{ + Use: "version", + Aliases: []string{"v"}, + Short: "Show version information", + Run: func(_ *cobra.Command, _ []string) { + printVersion() + }, + } + + return cmd +} + +func printVersion() { + fmt.Printf("%s picoclaw %s\n", internal.Logo, internal.FormatVersion()) + build, goVer := internal.FormatBuildInfo() + if build != "" { + fmt.Printf(" Build: %s\n", build) + } + if goVer != "" { + fmt.Printf(" Go: %s\n", goVer) + } +} diff --git a/cmd/picoclaw/internal/version/command_test.go b/cmd/picoclaw/internal/version/command_test.go new file mode 100644 index 000000000..f08a4d1ea --- /dev/null +++ b/cmd/picoclaw/internal/version/command_test.go @@ -0,0 +1,31 @@ +package version + +import ( + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestNewVersionCommand(t *testing.T) { + cmd := NewVersionCommand() + + require.NotNil(t, cmd) + + assert.Equal(t, "version", cmd.Use) + + assert.Len(t, cmd.Aliases, 1) + assert.True(t, cmd.HasAlias("v")) + + assert.False(t, cmd.HasFlags()) + + assert.Equal(t, "Show version information", cmd.Short) + + assert.False(t, cmd.HasSubCommands()) + + assert.NotNil(t, cmd.Run) + assert.Nil(t, cmd.RunE) + + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) +} diff --git a/cmd/picoclaw/main.go b/cmd/picoclaw/main.go index 25ad701ca..6db69c990 100644 --- a/cmd/picoclaw/main.go +++ b/cmd/picoclaw/main.go @@ -8,192 +8,49 @@ package main import ( "fmt" - "io" "os" - "path/filepath" - "runtime" - "github.com/sipeed/picoclaw/pkg/config" - "github.com/sipeed/picoclaw/pkg/skills" + "github.com/spf13/cobra" + + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal/agent" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal/auth" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal/cron" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal/gateway" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal/migrate" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal/onboard" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal/skills" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal/status" + "github.com/sipeed/picoclaw/cmd/picoclaw/internal/version" ) -var ( - version = "dev" - gitCommit string - buildTime string - goVersion string -) +func NewPicoclawCommand() *cobra.Command { + short := fmt.Sprintf("%s picoclaw - Personal AI Assistant v%s\n\n", internal.Logo, internal.GetVersion()) -const logo = "šŸ¦ž" - -// formatVersion returns the version string with optional git commit -func formatVersion() string { - v := version - if gitCommit != "" { - v += fmt.Sprintf(" (git: %s)", gitCommit) + cmd := &cobra.Command{ + Use: "picoclaw", + Short: short, + Example: "picoclaw list", } - return v -} -// formatBuildInfo returns build time and go version info -func formatBuildInfo() (build string, goVer string) { - if buildTime != "" { - build = buildTime - } - goVer = goVersion - if goVer == "" { - goVer = runtime.Version() - } - return -} + cmd.AddCommand( + onboard.NewOnboardCommand(), + agent.NewAgentCommand(), + auth.NewAuthCommand(), + gateway.NewGatewayCommand(), + status.NewStatusCommand(), + cron.NewCronCommand(), + migrate.NewMigrateCommand(), + skills.NewSkillsCommand(), + version.NewVersionCommand(), + ) -func printVersion() { - fmt.Printf("%s picoclaw %s\n", logo, formatVersion()) - build, goVer := formatBuildInfo() - if build != "" { - fmt.Printf(" Build: %s\n", build) - } - if goVer != "" { - fmt.Printf(" Go: %s\n", goVer) - } -} - -func copyDirectory(src, dst string) error { - return filepath.Walk(src, func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - - relPath, err := filepath.Rel(src, path) - if err != nil { - return err - } - - dstPath := filepath.Join(dst, relPath) - - if info.IsDir() { - return os.MkdirAll(dstPath, info.Mode()) - } - - srcFile, err := os.Open(path) - if err != nil { - return err - } - defer srcFile.Close() - - dstFile, err := os.OpenFile(dstPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, info.Mode()) - if err != nil { - return err - } - defer dstFile.Close() - - _, err = io.Copy(dstFile, srcFile) - return err - }) + return cmd } func main() { - if len(os.Args) < 2 { - printHelp() - os.Exit(1) - } - - command := os.Args[1] - - switch command { - case "onboard": - onboard() - case "agent": - agentCmd() - case "gateway": - gatewayCmd() - case "status": - statusCmd() - case "migrate": - migrateCmd() - case "auth": - authCmd() - case "cron": - cronCmd() - case "skills": - if len(os.Args) < 3 { - skillsHelp() - return - } - - subcommand := os.Args[2] - - cfg, err := loadConfig() - if err != nil { - fmt.Printf("Error loading config: %v\n", err) - os.Exit(1) - } - - workspace := cfg.WorkspacePath() - installer := skills.NewSkillInstaller(workspace) - // get global config directory and builtin skills directory - globalDir := filepath.Dir(getConfigPath()) - globalSkillsDir := filepath.Join(globalDir, "skills") - builtinSkillsDir := filepath.Join(globalDir, "picoclaw", "skills") - skillsLoader := skills.NewSkillsLoader(workspace, globalSkillsDir, builtinSkillsDir) - - switch subcommand { - case "list": - skillsListCmd(skillsLoader) - case "install": - skillsInstallCmd(installer, cfg) - case "remove", "uninstall": - if len(os.Args) < 4 { - fmt.Println("Usage: picoclaw skills remove ") - return - } - skillsRemoveCmd(installer, os.Args[3]) - case "install-builtin": - skillsInstallBuiltinCmd(workspace) - case "list-builtin": - skillsListBuiltinCmd() - case "search": - skillsSearchCmd(installer) - case "show": - if len(os.Args) < 4 { - fmt.Println("Usage: picoclaw skills show ") - return - } - skillsShowCmd(skillsLoader, os.Args[3]) - default: - fmt.Printf("Unknown skills command: %s\n", subcommand) - skillsHelp() - } - case "version", "--version", "-v": - printVersion() - default: - fmt.Printf("Unknown command: %s\n", command) - printHelp() + cmd := NewPicoclawCommand() + if err := cmd.Execute(); err != nil { os.Exit(1) } } - -func printHelp() { - fmt.Printf("%s picoclaw - Personal AI Assistant v%s\n\n", logo, version) - fmt.Println("Usage: picoclaw ") - fmt.Println() - fmt.Println("Commands:") - fmt.Println(" onboard Initialize picoclaw configuration and workspace") - fmt.Println(" agent Interact with the agent directly") - fmt.Println(" auth Manage authentication (login, logout, status)") - fmt.Println(" gateway Start picoclaw gateway") - fmt.Println(" status Show picoclaw status") - fmt.Println(" cron Manage scheduled tasks") - fmt.Println(" migrate Migrate from OpenClaw to PicoClaw") - fmt.Println(" skills Manage skills (install, list, remove)") - fmt.Println(" version Show version information") -} - -func getConfigPath() string { - home, _ := os.UserHomeDir() - return filepath.Join(home, ".picoclaw", "config.json") -} - -func loadConfig() (*config.Config, error) { - return config.LoadConfig(getConfigPath()) -} diff --git a/cmd/picoclaw/main_test.go b/cmd/picoclaw/main_test.go new file mode 100644 index 000000000..3740ba358 --- /dev/null +++ b/cmd/picoclaw/main_test.go @@ -0,0 +1,56 @@ +package main + +import ( + "fmt" + "slices" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + + "github.com/sipeed/picoclaw/cmd/picoclaw/internal" +) + +func TestNewPicoclawCommand(t *testing.T) { + cmd := NewPicoclawCommand() + + require.NotNil(t, cmd) + + short := fmt.Sprintf("%s picoclaw - Personal AI Assistant v%s\n\n", internal.Logo, internal.GetVersion()) + + assert.Equal(t, "picoclaw", cmd.Use) + assert.Equal(t, short, cmd.Short) + + assert.True(t, cmd.HasSubCommands()) + assert.True(t, cmd.HasAvailableSubCommands()) + + assert.False(t, cmd.HasFlags()) + + assert.Nil(t, cmd.Run) + assert.Nil(t, cmd.RunE) + + assert.Nil(t, cmd.PersistentPreRun) + assert.Nil(t, cmd.PersistentPostRun) + + allowedCommands := []string{ + "agent", + "auth", + "cron", + "gateway", + "migrate", + "onboard", + "skills", + "status", + "version", + } + + subcommands := cmd.Commands() + assert.Len(t, subcommands, len(allowedCommands)) + + for _, subcmd := range subcommands { + found := slices.Contains(allowedCommands, subcmd.Name()) + assert.True(t, found, "unexpected subcommand %q", subcmd.Name()) + + assert.False(t, subcmd.Hidden) + } +} diff --git a/go.mod b/go.mod index 1f88639c8..98e20d07d 100644 --- a/go.mod +++ b/go.mod @@ -15,6 +15,7 @@ require ( github.com/open-dingtalk/dingtalk-stream-sdk-go v0.9.1 github.com/openai/openai-go/v3 v3.22.0 github.com/slack-go/slack v0.17.3 + github.com/spf13/cobra v1.10.2 github.com/stretchr/testify v1.11.1 github.com/tencent-connect/botgo v0.2.1 golang.org/x/oauth2 v0.35.0 @@ -22,7 +23,9 @@ require ( require ( github.com/davecgh/go-spew v1.1.1 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/spf13/pflag v1.0.10 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 0e95bf5cd..abbb11cd6 100644 --- a/go.sum +++ b/go.sum @@ -25,6 +25,7 @@ github.com/chzyer/test v1.0.0 h1:p3BQDXSxOhOG0P9z6/hGnII4LGiEPOYBhs8asl/fC04= github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8= github.com/cloudwego/base64x v0.1.6 h1:t11wG9AECkCDk5fMSoxmufanudBtJ+/HemLstXDLI2M= github.com/cloudwego/base64x v0.1.6/go.mod h1:OFcloc187FXDaYHvrNIjxSe8ncn0OOM8gEHfghB2IPU= +github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -72,6 +73,8 @@ github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/ad github.com/grbit/go-json v0.11.0 h1:bAbyMdYrYl/OjYsSqLH99N2DyQ291mHy726Mx+sYrnc= github.com/grbit/go-json v0.11.0/go.mod h1:IYpHsdybQ386+6g3VE6AXQ3uTGa5mquBme5/ZWmtzek= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.18.4 h1:RPhnKRAQ4Fh8zU2FY/6ZFDwTVTxgJ/EMydqSTzE9a2c= @@ -108,8 +111,14 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/slack-go/slack v0.17.3 h1:zV5qO3Q+WJAQ/XwbGfNFrRMaJ5T/naqaonyPV/1TP4g= github.com/slack-go/slack v0.17.3/go.mod h1:X+UqOufi3LYQHDnMG1vxf0J8asC6+WllXrVrhl8/Prk= +github.com/spf13/cobra v1.10.2 h1:DMTTonx5m65Ic0GOoRY2c16WCbHxOOw6xxezuLaBpcU= +github.com/spf13/cobra v1.10.2/go.mod h1:7C1pvHqHw5A4vrJfjNwvOdzYu0Gml16OCs2GRiTUUS4= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= +github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= @@ -151,6 +160,7 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.uber.org/mock v0.6.0 h1:hyF9dfmbgIX5EfOdasqLsWD6xqpNZlXblLB/Dbnwv3Y= go.uber.org/mock v0.6.0/go.mod h1:KiVJ4BqZJaMj4svdfmHM0AUx4NJYO8ZNpPnZn1Z+BBU= +go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/arch v0.24.0 h1:qlJ3M9upxvFfwRM51tTg3Yl+8CP9vCC1E7vlFpgv99Y= golang.org/x/arch v0.24.0/go.mod h1:dNHoOeKiyja7GTvF9NJS1l3Z2yntpQNzgrjh1cU103A= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= From a527976e68d17ba82f18ac4c3482e99adabbd624 Mon Sep 17 00:00:00 2001 From: avaksru <33891999+avaksru@users.noreply.github.com> Date: Wed, 25 Feb 2026 11:01:33 +0300 Subject: [PATCH 66/88] Restore dockers_v2 configuration for picoclaw Re-enable dockers_v2 configuration for picoclaw with specified details. --- .goreleaser.yaml | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/.goreleaser.yaml b/.goreleaser.yaml index e3e64c4c8..2fcc43b8c 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -40,21 +40,21 @@ builds: - goos: windows goarch: arm -#dockers_v2: -# - id: picoclaw -# dockerfile: Dockerfile.goreleaser -# ids: -# - picoclaw -# images: -# - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/picoclaw" -# - "docker.io/{{ .Env.DOCKERHUB_IMAGE_NAME }}" -# tags: -# - "{{ .Tag }}" -# - "latest" -# platforms: -# - linux/amd64 -# - linux/arm64 -# - linux/riscv64 +dockers_v2: + - id: picoclaw + dockerfile: Dockerfile.goreleaser + ids: + - picoclaw + images: + - "ghcr.io/{{ .Env.GITHUB_REPOSITORY_OWNER }}/picoclaw" + - "docker.io/{{ .Env.DOCKERHUB_IMAGE_NAME }}" + tags: + - "{{ .Tag }}" + - "latest" + platforms: + - linux/amd64 + - linux/arm64 + - linux/riscv64 archives: - formats: [tar.gz] From f7d487ea3077f362a4494802558842403cb9025a Mon Sep 17 00:00:00 2001 From: avaksru <33891999+avaksru@users.noreply.github.com> Date: Wed, 25 Feb 2026 11:02:09 +0300 Subject: [PATCH 67/88] Enable Docker Hub login in release workflow --- .github/workflows/release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6ebd75c13..786c893ef 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -73,12 +73,12 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} -# - name: Login to Docker Hub -# uses: docker/login-action@v3 -# with: -# registry: docker.io -# username: ${{ secrets.DOCKERHUB_USERNAME }} -# password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + registry: docker.io + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Run GoReleaser uses: goreleaser/goreleaser-action@v6 From 43611e2c4e4dd7a13de5c7b0aba2e1ad6768efeb Mon Sep 17 00:00:00 2001 From: Guoguo Date: Tue, 24 Feb 2026 19:09:30 -0800 Subject: [PATCH 68/88] ci: add loongarch64, remove s390x and mips64 support in goreleaser Signed-off-by: Guoguo --- .goreleaser.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.goreleaser.yaml b/.goreleaser.yaml index b9357aa2e..9b319f350 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -28,8 +28,7 @@ builds: - amd64 - arm64 - riscv64 - - s390x - - mips64 + - loong64 - arm main: ./cmd/picoclaw ignore: From 974337f4abcbb830db049671ec5c6512f8846e82 Mon Sep 17 00:00:00 2001 From: Guoguo Date: Tue, 24 Feb 2026 19:42:39 -0800 Subject: [PATCH 69/88] ci: add rpm and deb support in goreleaser Signed-off-by: Guoguo --- .goreleaser.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 9b319f350..b864485d3 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -66,6 +66,26 @@ archives: - goos: windows formats: [zip] +nfpms: + - id: picoclaw + package_name: picoclaw + file_name_template: >- + {{ .PackageName }}_ + {{- .Version }}_ + {{- if eq .Arch "amd64" }}x86_64 + {{- else if eq .Arch "arm64" }}aarch64 + {{- else if eq .Arch "arm" }}armv{{ .Arm }} + {{- else }}{{ .Arch }}{{ end }} + vendor: picoclaw + homepage: https://github.com/{{ .Env.GITHUB_REPOSITORY_OWNER }}/picoclaw + maintainer: picoclaw contributors + description: picoclaw - a tool for managing and running tasks + license: MIT + formats: + - rpm + - deb + bindir: /usr/bin + changelog: sort: asc filters: From 95f22bc07bfc26c7562bd349d5535fd41b3d7d07 Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 20:43:45 +1100 Subject: [PATCH 70/88] enable bodyclose Checks whether HTTP response body is closed successfully. Signed-off-by: Kai Xia --- .golangci.yaml | 1 - pkg/channels/onebot.go | 5 ++++- pkg/channels/whatsapp.go | 5 ++++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index dd3cbae19..36b8c2832 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -28,7 +28,6 @@ linters: - wsl_v5 # TODO: Disabled, because they are failing at the moment, we should fix them and enable (step by step) - - bodyclose - contextcheck - dogsled - embeddedstructfieldcheck diff --git a/pkg/channels/onebot.go b/pkg/channels/onebot.go index cee8ad9d3..3e26ec943 100644 --- a/pkg/channels/onebot.go +++ b/pkg/channels/onebot.go @@ -174,7 +174,10 @@ func (c *OneBotChannel) connect() error { header["Authorization"] = []string{"Bearer " + c.config.AccessToken} } - conn, _, err := dialer.Dial(c.config.WSUrl, header) + conn, resp, err := dialer.Dial(c.config.WSUrl, header) + if resp != nil { + resp.Body.Close() + } if err != nil { return err } diff --git a/pkg/channels/whatsapp.go b/pkg/channels/whatsapp.go index 958d850bb..2dc4017ac 100644 --- a/pkg/channels/whatsapp.go +++ b/pkg/channels/whatsapp.go @@ -41,7 +41,10 @@ func (c *WhatsAppChannel) Start(ctx context.Context) error { dialer := websocket.DefaultDialer dialer.HandshakeTimeout = 10 * time.Second - conn, _, err := dialer.Dial(c.url, nil) + conn, resp, err := dialer.Dial(c.url, nil) + if resp != nil { + resp.Body.Close() + } if err != nil { return fmt.Errorf("failed to connect to WhatsApp bridge: %w", err) } From 06daa30e75492badef24eaff60e2004661f470c9 Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 20:44:52 +1100 Subject: [PATCH 71/88] enable dogsled Checks assignments with too many blank identifiers (e.g. x, _, _, _, := f()). Signed-off-by: Kai Xia --- .golangci.yaml | 1 - pkg/providers/codex_cli_credentials_test.go | 16 ++++++++++------ 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index 36b8c2832..26c07200d 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -29,7 +29,6 @@ linters: # TODO: Disabled, because they are failing at the moment, we should fix them and enable (step by step) - contextcheck - - dogsled - embeddedstructfieldcheck - errcheck - errchkjson diff --git a/pkg/providers/codex_cli_credentials_test.go b/pkg/providers/codex_cli_credentials_test.go index 43b21700a..1e88c1120 100644 --- a/pkg/providers/codex_cli_credentials_test.go +++ b/pkg/providers/codex_cli_credentials_test.go @@ -43,12 +43,18 @@ func TestReadCodexCliCredentials_Valid(t *testing.T) { } } +// readCodexCliCredentialsErr calls ReadCodexCliCredentials and returns only the +// error, for tests that only need to assert on failure. +func readCodexCliCredentialsErr() error { + _, _, _, err := ReadCodexCliCredentials() //nolint:dogsled + return err +} + func TestReadCodexCliCredentials_MissingFile(t *testing.T) { tmpDir := t.TempDir() t.Setenv("CODEX_HOME", tmpDir) - _, _, _, err := ReadCodexCliCredentials() - if err == nil { + if err := readCodexCliCredentialsErr(); err == nil { t.Fatal("expected error for missing auth.json") } } @@ -64,8 +70,7 @@ func TestReadCodexCliCredentials_EmptyToken(t *testing.T) { t.Setenv("CODEX_HOME", tmpDir) - _, _, _, err := ReadCodexCliCredentials() - if err == nil { + if err := readCodexCliCredentialsErr(); err == nil { t.Fatal("expected error for empty access_token") } } @@ -80,8 +85,7 @@ func TestReadCodexCliCredentials_InvalidJSON(t *testing.T) { t.Setenv("CODEX_HOME", tmpDir) - _, _, _, err := ReadCodexCliCredentials() - if err == nil { + if err := readCodexCliCredentialsErr(); err == nil { t.Fatal("expected error for invalid JSON") } } From 1fab1967d200fd6ed9bd6b731b6192c20cb30113 Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 20:56:18 +1100 Subject: [PATCH 72/88] enable goprintffuncname Checks that printf-like functions are named with `f` at the end. Signed-off-by: Kai Xia --- .golangci.yaml | 1 - pkg/heartbeat/service.go | 46 +++++++++++++++++------------------ pkg/heartbeat/service_test.go | 2 +- 3 files changed, 24 insertions(+), 25 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index 26c07200d..0362c1a6f 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -43,7 +43,6 @@ linters: - gocritic - gocyclo - godox - - goprintffuncname - gosec - ineffassign - lll diff --git a/pkg/heartbeat/service.go b/pkg/heartbeat/service.go index 75d6248b9..e05a9fdbf 100644 --- a/pkg/heartbeat/service.go +++ b/pkg/heartbeat/service.go @@ -166,7 +166,7 @@ func (hs *HeartbeatService) executeHeartbeat() { } if handler == nil { - hs.logError("Heartbeat handler not configured") + hs.logErrorf("Heartbeat handler not configured") return } @@ -175,23 +175,23 @@ func (hs *HeartbeatService) executeHeartbeat() { channel, chatID := hs.parseLastChannel(lastChannel) // Debug log for channel resolution - hs.logInfo("Resolved channel: %s, chatID: %s (from lastChannel: %s)", channel, chatID, lastChannel) + hs.logInfof("Resolved channel: %s, chatID: %s (from lastChannel: %s)", channel, chatID, lastChannel) result := handler(prompt, channel, chatID) if result == nil { - hs.logInfo("Heartbeat handler returned nil result") + hs.logInfof("Heartbeat handler returned nil result") return } // Handle different result types if result.IsError { - hs.logError("Heartbeat error: %s", result.ForLLM) + hs.logErrorf("Heartbeat error: %s", result.ForLLM) return } if result.Async { - hs.logInfo("Async task started: %s", result.ForLLM) + hs.logInfof("Async task started: %s", result.ForLLM) logger.InfoCF("heartbeat", "Async heartbeat task started", map[string]any{ "message": result.ForLLM, @@ -201,7 +201,7 @@ func (hs *HeartbeatService) executeHeartbeat() { // Check if silent if result.Silent { - hs.logInfo("Heartbeat OK - silent") + hs.logInfof("Heartbeat OK - silent") return } @@ -212,7 +212,7 @@ func (hs *HeartbeatService) executeHeartbeat() { hs.sendResponse(result.ForLLM) } - hs.logInfo("Heartbeat completed: %s", result.ForLLM) + hs.logInfof("Heartbeat completed: %s", result.ForLLM) } // buildPrompt builds the heartbeat prompt from HEARTBEAT.md @@ -225,7 +225,7 @@ func (hs *HeartbeatService) buildPrompt() string { hs.createDefaultHeartbeatTemplate() return "" } - hs.logError("Error reading HEARTBEAT.md: %v", err) + hs.logErrorf("Error reading HEARTBEAT.md: %v", err) return "" } @@ -276,9 +276,9 @@ Add your heartbeat tasks below this line: ` if err := os.WriteFile(heartbeatPath, []byte(defaultContent), 0o644); err != nil { - hs.logError("Failed to create default HEARTBEAT.md: %v", err) + hs.logErrorf("Failed to create default HEARTBEAT.md: %v", err) } else { - hs.logInfo("Created default HEARTBEAT.md template") + hs.logInfof("Created default HEARTBEAT.md template") } } @@ -289,14 +289,14 @@ func (hs *HeartbeatService) sendResponse(response string) { hs.mu.RUnlock() if msgBus == nil { - hs.logInfo("No message bus configured, heartbeat result not sent") + hs.logInfof("No message bus configured, heartbeat result not sent") return } // Get last channel from state lastChannel := hs.state.GetLastChannel() if lastChannel == "" { - hs.logInfo("No last channel recorded, heartbeat result not sent") + hs.logInfof("No last channel recorded, heartbeat result not sent") return } @@ -313,7 +313,7 @@ func (hs *HeartbeatService) sendResponse(response string) { Content: response, }) - hs.logInfo("Heartbeat result sent to %s", platform) + hs.logInfof("Heartbeat result sent to %s", platform) } // parseLastChannel parses the last channel string into platform and userID. @@ -326,7 +326,7 @@ func (hs *HeartbeatService) parseLastChannel(lastChannel string) (platform, user // Parse channel format: "platform:user_id" (e.g., "telegram:123456") parts := strings.SplitN(lastChannel, ":", 2) if len(parts) != 2 || parts[0] == "" || parts[1] == "" { - hs.logError("Invalid last channel format: %s", lastChannel) + hs.logErrorf("Invalid last channel format: %s", lastChannel) return "", "" } @@ -334,25 +334,25 @@ func (hs *HeartbeatService) parseLastChannel(lastChannel string) (platform, user // Skip internal channels if constants.IsInternalChannel(platform) { - hs.logInfo("Skipping internal channel: %s", platform) + hs.logInfof("Skipping internal channel: %s", platform) return "", "" } return platform, userID } -// logInfo logs an informational message to the heartbeat log -func (hs *HeartbeatService) logInfo(format string, args ...any) { - hs.log("INFO", format, args...) +// logInfof logs an informational message to the heartbeat log +func (hs *HeartbeatService) logInfof(format string, args ...any) { + hs.logf("INFO", format, args...) } -// logError logs an error message to the heartbeat log -func (hs *HeartbeatService) logError(format string, args ...any) { - hs.log("ERROR", format, args...) +// logErrorf logs an error message to the heartbeat log +func (hs *HeartbeatService) logErrorf(format string, args ...any) { + hs.logf("ERROR", format, args...) } -// log writes a message to the heartbeat log file -func (hs *HeartbeatService) log(level, format string, args ...any) { +// logf writes a message to the heartbeat log file +func (hs *HeartbeatService) logf(level, format string, args ...any) { logFile := filepath.Join(hs.workspace, "heartbeat.log") f, err := os.OpenFile(logFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644) if err != nil { diff --git a/pkg/heartbeat/service_test.go b/pkg/heartbeat/service_test.go index a4dfa7a72..a7aef8c3a 100644 --- a/pkg/heartbeat/service_test.go +++ b/pkg/heartbeat/service_test.go @@ -191,7 +191,7 @@ func TestLogPath(t *testing.T) { hs := NewHeartbeatService(tmpDir, 30, true) // Write a log entry - hs.log("INFO", "Test log entry") + hs.logf("INFO", "Test log entry") // Verify log file exists at workspace root expectedLogPath := filepath.Join(tmpDir, "heartbeat.log") From c5e8e19f54843d5461a8fada9f0df477e18e6ad2 Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 20:58:49 +1100 Subject: [PATCH 73/88] enable misspell Finds commonly misspelled English words. Signed-off-by: Kai Xia --- .golangci.yaml | 1 - pkg/auth/oauth.go | 2 +- pkg/channels/onebot.go | 2 +- pkg/tools/subagent.go | 12 ++++++------ 4 files changed, 8 insertions(+), 9 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index 0362c1a6f..5fea4a994 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -47,7 +47,6 @@ linters: - ineffassign - lll - maintidx - - misspell - mnd - modernize - nakedret diff --git a/pkg/auth/oauth.go b/pkg/auth/oauth.go index cf8c1c9c4..ba757ffd4 100644 --- a/pkg/auth/oauth.go +++ b/pkg/auth/oauth.go @@ -156,7 +156,7 @@ func LoginBrowser(cfg OAuthProviderConfig) (*AuthCredential, error) { return exchangeCodeForTokens(cfg, result.code, pkce.CodeVerifier, redirectURI) case manualInput := <-manualCh: if manualInput == "" { - return nil, fmt.Errorf("manual input cancelled") + return nil, fmt.Errorf("manual input canceled") } // Extract code from URL if it's a full URL code := manualInput diff --git a/pkg/channels/onebot.go b/pkg/channels/onebot.go index 3e26ec943..7238c7fe8 100644 --- a/pkg/channels/onebot.go +++ b/pkg/channels/onebot.go @@ -313,7 +313,7 @@ func (c *OneBotChannel) sendAPIRequest(action string, params any, timeout time.D case <-time.After(timeout): return nil, fmt.Errorf("API request %s timed out after %v", action, timeout) case <-c.ctx.Done(): - return nil, fmt.Errorf("context cancelled") + return nil, fmt.Errorf("context canceled") } } diff --git a/pkg/tools/subagent.go b/pkg/tools/subagent.go index 91ebff636..ad371a649 100644 --- a/pkg/tools/subagent.go +++ b/pkg/tools/subagent.go @@ -132,12 +132,12 @@ After completing the task, provide a clear summary of what was done.` }, } - // Check if context is already cancelled before starting + // Check if context is already canceled before starting select { case <-ctx.Done(): sm.mu.Lock() - task.Status = "cancelled" - task.Result = "Task cancelled before execution" + task.Status = "canceled" + task.Result = "Task canceled before execution" sm.mu.Unlock() return default: @@ -185,10 +185,10 @@ After completing the task, provide a clear summary of what was done.` if err != nil { task.Status = "failed" task.Result = fmt.Sprintf("Error: %v", err) - // Check if it was cancelled + // Check if it was canceled if ctx.Err() != nil { - task.Status = "cancelled" - task.Result = "Task cancelled during execution" + task.Status = "canceled" + task.Result = "Task canceled during execution" } result = &ToolResult{ ForLLM: task.Result, From 09cf8efde6159f9d8daffa27a89baf898b97b4bc Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 21:00:56 +1100 Subject: [PATCH 74/88] enable nakedret Checks that functions with naked returns are not longer than a maximum size (can be zero). Signed-off-by: Kai Xia --- .golangci.yaml | 1 - pkg/channels/slack.go | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index 5fea4a994..8dca46c15 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -49,7 +49,6 @@ linters: - maintidx - mnd - modernize - - nakedret - nestif - nilnil - paralleltest diff --git a/pkg/channels/slack.go b/pkg/channels/slack.go index f087aa8da..cfb731b16 100644 --- a/pkg/channels/slack.go +++ b/pkg/channels/slack.go @@ -439,5 +439,5 @@ func parseSlackChatID(chatID string) (channelID, threadTS string) { if len(parts) > 1 { threadTS = parts[1] } - return + return channelID, threadTS } From 4e6589d51f1a4ffddc320ceb55c281c884122c7d Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 21:07:28 +1100 Subject: [PATCH 75/88] enable prealloc Find slice declarations that could potentially be pre-allocated. Signed-off-by: Kai Xia --- .golangci.yaml | 1 - pkg/agent/loop.go | 2 +- pkg/logger/logger.go | 2 +- 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index 8dca46c15..ec17cb00e 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -53,7 +53,6 @@ linters: - nilnil - paralleltest - perfsprint - - prealloc - predeclared - revive - staticcheck diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index dbc4a9b87..540563b07 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -800,7 +800,7 @@ func (al *AgentLoop) forceCompression(agent *AgentInstance, sessionKey string) { droppedCount := mid keptConversation := conversation[mid:] - newHistory := make([]providers.Message, 0) + newHistory := make([]providers.Message, 0, 1+len(keptConversation)+1) // Append compression note to the original system prompt instead of adding a new system message // This avoids having two consecutive system messages which some APIs (like Zhipu) reject diff --git a/pkg/logger/logger.go b/pkg/logger/logger.go index c14fbd464..56dc87a53 100644 --- a/pkg/logger/logger.go +++ b/pkg/logger/logger.go @@ -153,7 +153,7 @@ func formatComponent(component string) string { } func formatFields(fields map[string]any) string { - var parts []string + parts := make([]string, 0, len(fields)) for k, v := range fields { parts = append(parts, fmt.Sprintf("%s=%v", k, v)) } From 6830790692f2721703c48588b39e02ab72dbc67b Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 21:08:35 +1100 Subject: [PATCH 76/88] enable predeclared Find code that shadows one of Go's predeclared identifiers. Signed-off-by: Kai Xia --- .golangci.yaml | 1 - pkg/providers/codex_provider.go | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index ec17cb00e..efd460e92 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -53,7 +53,6 @@ linters: - nilnil - paralleltest - perfsprint - - predeclared - revive - staticcheck - tagalign diff --git a/pkg/providers/codex_provider.go b/pkg/providers/codex_provider.go index ecc983642..195374bea 100644 --- a/pkg/providers/codex_provider.go +++ b/pkg/providers/codex_provider.go @@ -106,8 +106,8 @@ func (p *CodexProvider) Chat( if evt.Type == "response.completed" || evt.Type == "response.failed" || evt.Type == "response.incomplete" { evtResp := evt.Response if evtResp.ID != "" { - copy := evtResp - resp = © + evtRespCopy := evtResp + resp = &evtRespCopy } } } From d8b164b3d43dc50cae9269d472fec7992b71f0ce Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 21:12:12 +1100 Subject: [PATCH 77/88] enable wastedassign Finds wasted assignment statements. Signed-off-by: Kai Xia --- .golangci.yaml | 1 - pkg/channels/discord.go | 2 +- pkg/channels/telegram.go | 2 +- pkg/providers/github_copilot_provider.go | 2 +- pkg/tools/shell.go | 3 +-- 5 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index efd460e92..e4c41518f 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -61,7 +61,6 @@ linters: - unparam - usestdlibvars - usetesting - - wastedassign - whitespace settings: errcheck: diff --git a/pkg/channels/discord.go b/pkg/channels/discord.go index 20f3b267c..f6faa3373 100644 --- a/pkg/channels/discord.go +++ b/pkg/channels/discord.go @@ -233,7 +233,7 @@ func (c *DiscordChannel) handleMessage(s *discordgo.Session, m *discordgo.Messag if localPath != "" { localFiles = append(localFiles, localPath) - transcribedText := "" + var transcribedText string if c.transcriber != nil && c.transcriber.IsAvailable() { ctx, cancel := context.WithTimeout(c.getContext(), transcriptionTimeout) result, err := c.transcriber.Transcribe(ctx, localPath) diff --git a/pkg/channels/telegram.go b/pkg/channels/telegram.go index 5cd51e8bc..524494849 100644 --- a/pkg/channels/telegram.go +++ b/pkg/channels/telegram.go @@ -265,7 +265,7 @@ func (c *TelegramChannel) handleMessage(ctx context.Context, message *telego.Mes localFiles = append(localFiles, voicePath) mediaPaths = append(mediaPaths, voicePath) - transcribedText := "" + var transcribedText string if c.transcriber != nil && c.transcriber.IsAvailable() { transcriberCtx, cancel := context.WithTimeout(ctx, 30*time.Second) defer cancel() diff --git a/pkg/providers/github_copilot_provider.go b/pkg/providers/github_copilot_provider.go index 9210021e1..4faa9bddb 100644 --- a/pkg/providers/github_copilot_provider.go +++ b/pkg/providers/github_copilot_provider.go @@ -101,7 +101,7 @@ func (p *GitHubCopilotProvider) Chat( return nil, fmt.Errorf("provider closed") } - resp, err := session.SendAndWait(ctx, copilot.MessageOptions{ + resp, _ := session.SendAndWait(ctx, copilot.MessageOptions{ Prompt: string(fullcontent), }) diff --git a/pkg/tools/shell.go b/pkg/tools/shell.go index 6883172cd..ad1664b5b 100644 --- a/pkg/tools/shell.go +++ b/pkg/tools/shell.go @@ -76,10 +76,9 @@ func NewExecTool(workingDir string, restrict bool) *ExecTool { func NewExecToolWithConfig(workingDir string, restrict bool, config *config.Config) *ExecTool { denyPatterns := make([]*regexp.Regexp, 0) - enableDenyPatterns := true if config != nil { execConfig := config.Tools.Exec - enableDenyPatterns = execConfig.EnableDenyPatterns + enableDenyPatterns := execConfig.EnableDenyPatterns if enableDenyPatterns { denyPatterns = append(denyPatterns, defaultDenyPatterns...) if len(execConfig.CustomDenyPatterns) > 0 { From b190e6e9107313d557220191841141c83766a548 Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 21:13:22 +1100 Subject: [PATCH 78/88] enable whitespace Whitespace is a linter that checks for unnecessary newlines at the start and end of functions, if, for, etc. Signed-off-by: Kai Xia --- .golangci.yaml | 1 - pkg/channels/onebot.go | 1 - pkg/providers/github_copilot_provider.go | 1 - 3 files changed, 3 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index e4c41518f..d0ba90716 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -61,7 +61,6 @@ linters: - unparam - usestdlibvars - usetesting - - whitespace settings: errcheck: check-type-assertions: true diff --git a/pkg/channels/onebot.go b/pkg/channels/onebot.go index 7238c7fe8..4576a11ce 100644 --- a/pkg/channels/onebot.go +++ b/pkg/channels/onebot.go @@ -698,7 +698,6 @@ func (c *OneBotChannel) parseMessageSegments(raw json.RawMessage, selfID int64) textParts = append(textParts, "[forward message]") default: - } } diff --git a/pkg/providers/github_copilot_provider.go b/pkg/providers/github_copilot_provider.go index 4faa9bddb..3fb15db2f 100644 --- a/pkg/providers/github_copilot_provider.go +++ b/pkg/providers/github_copilot_provider.go @@ -44,7 +44,6 @@ func NewGitHubCopilotProvider(uri string, connectMode string, model string) (*Gi Hooks: &copilot.SessionHooks{}, }) if err != nil { - client.Stop() return nil, fmt.Errorf("create session failed: %w", err) } From 9be1cd6277bdcce85c15cdcd692283fba2302b9e Mon Sep 17 00:00:00 2001 From: Kai Xia Date: Wed, 25 Feb 2026 21:32:57 +1100 Subject: [PATCH 79/88] a moved case of nakedret Signed-off-by: Kai Xia --- cmd/picoclaw/internal/helpers.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/cmd/picoclaw/internal/helpers.go b/cmd/picoclaw/internal/helpers.go index a084dc1be..1f52df5dd 100644 --- a/cmd/picoclaw/internal/helpers.go +++ b/cmd/picoclaw/internal/helpers.go @@ -37,15 +37,13 @@ func FormatVersion() string { } // FormatBuildInfo returns build time and go version info -func FormatBuildInfo() (build string, goVer string) { - if buildTime != "" { - build = buildTime - } - goVer = goVersion +func FormatBuildInfo() (string, string) { + build := buildTime + goVer := goVersion if goVer == "" { goVer = runtime.Version() } - return + return build, goVer } // GetVersion returns the version string From d1d19b12ce3b817524382f32b827e0bdb917f3cd Mon Sep 17 00:00:00 2001 From: Guoguo <16666742+imguoguo@users.noreply.github.com> Date: Wed, 25 Feb 2026 19:19:55 +0800 Subject: [PATCH 80/88] docs: update wechat qrcode (#767) Signed-off-by: Guoguo --- assets/wechat.png | Bin 150574 -> 143877 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/assets/wechat.png b/assets/wechat.png index e30c34e4ed81210338d63ee4486c4356d01ae30b..776c07885dc495cb25e0b43c18f4e94b23b98511 100644 GIT binary patch literal 143877 zcmeFZbyQnhyFMBU#S5jlh9ZR)cPCIbUP_SyMS>PBP}~WWBE_YJ77GqVi@UqKyA+oM z4G_XFd+&43ckda$JI0ki&KUcCi!ou5HP<9B>z(s`pXYgJ?&t2;0FPA^lobFN7ytkU z`U`Ns2#^C{V?D%vh=q;)5E};v8yEjEK0Y2EJ{b`);bTfNDk@4c3JMx}Rv-;6GaUs5 zBPS#CGq&e1o>K$4c)8elS=pbn|2YT-4h{}JEGMZnDY6COSVB^5Od>oYd?=Pv|> zghfQf#O3~wS5Q<^R?*UatD~#;PT$<(y``14jjfBTo4bdnmv_+T;E>R;FX8bCU%w?L zegBc1m7SBDmtXL+u%fc6x~8_SzM-SDtGlPSuYX`-a%y^Jc5Z%QePeU$_x8^2-ah>F z?EK>L3UPh&r(GBT%)iY-fB)OC|7I5n+O7v!SeRHif7*rdzysYdNw6M1<->j=tAS(c zM9Rb;h)eb|F0;HHk6AzyMsDUjj!(fNxXudy)3m=V`@d({r~g-${g+|?vTFfAh>3xI zc$g#r5a1>+oIT^gzuUk62mkhgfBV3{ec<0d@NXaZw-5Z=2ma@L;QORP{v#&LV|nw{ z)v9Ps=FjwZc9QYlV>oJ;VUV3F$kkZ((c^o-sP#SIB-5~&3}ebKkNElscz4cz`wDor z0J`1PWn&rZDIQw0rxrU>o8T_Fh;Xd3NnjlkV|KNVYj3}k%@7hlscOFmNNwB$TDsX5 z?C$|PO~zMq#l#ir_W;S{n7@Anh;$EOq71t40e<0+rdyF$5vW`8fXm9lV?O$pYOUc& zVFKTkuNc#Qg{vr^zj{eeJO1aW&K^l0-z^NfcrbN4J~{TH&5F_AXCc zI45XugcUL*O?H>IF&Qjclk1Z@l0TqjEftN(^LNzX|A@BfkkgwE4;dqec;443{pDkgR| zPIXx$@>iMc4iRcn(b-3DAfukGC*|tO%#gbMRk`HfHtln+X3`-UR=V=$dksMjBtxEu z)8#S`$u$0XO>5eMZ-LH3wCEeO6w;fFb{0@v1|g_~jOeS@0W z?6}S33uLe>T{Ir(yC#U{%n@T>KjxF$v?u=zzda>>w!5~s&uqTu@Dl?Ar8H$8VY1E4 zgh?r3ZsRH9Whk+vkR9lp~QAG$xE8F$|8~mzU@_! zR-!$M%+b|8Z>BiUcL`^&-WVu=!rwi>L?pu-y|_P+Q>smI+fTX8*KT8GrIyK#?&zU7 zs+(rmqBr*U?W&1#It3nm3BX##cfn)hPkntn!&X9w6+b>Kr#1#E%_PH!F18qaQ}|IX|0F<^aV7gbxU#j9)Nyz z=Mm4V=-Ze zW6bjCx;9fKs()(c-O<$t$?Vyjg?94GG)JEg7|M@%LBXa6iRv6mr%}U8v#uO2%%6mk zeT&!6seSJOG<)&5pJmI;I-;Szx-+3AzP0)9gj&O0Lzo>LnV8Xw!UdPtb^7kbuZkuI z_N+j8FGW4Vpg1F;uj%&1j{6)xN<&re0Wr9(z-=4CT6wZJ82_*aumc&Q4HUWu_(GWV zu`4e|5og9%y{Cd0A>tY`d-8k_asHkwNZC)iu)`#Z!XuXt>zi*y``Jv{rT|?i@&V%& z+hq4In0qr^1%@>u*dN2Q=@JsaDK0NMZJbBO%Z}5u`#y?1eu>J#zwXp*fQNi5TvD0M z=^uI~6W&Sxk?d2GRVhajiL7=(>8LJu>AG5xo0R3i>B^qAoS^zM42yT<;Wsq-nZ!wsJayT3k^km>PSGtUL} z_yg;!W=e%f9QjjX*!ND2o)R;R@vDe{Kf4$fVb@<9NUU&GyT%xVA8%~wKabLpsCi3r z+^;OwhGp^CYe%a2ptT~{Bt&#t`{5gD@aMpp77xTb$C7(Mhm$!=h2X*m^=-rKJ}2PS zYk~HIz{wK7M-J;#{HZ^;fEq@1wj?<#wUWghP5JNbu{}3Ye>Cf&nvEyPx)iBjff=8Tgo6eJeQ!~v8{%>35x4puERjNnbj9(O92Cr&mR>pN)0s~ z@7}exM?sYgveaU}K`ZY!_ zkN}aO+RsL*VGcSe@uN2uw(-C=@=&xgD!$^4m%=mc_IqY~2CUq5TSHO&HPu2t>dNKZ z1A0Fj$D9d`{_9+jSH6KgE4JewmdgQV{Oj)l40b34N}=kJ)d3W~-FgzUWsOPbniV(^ zIr;dFw}$MV4Bc^~1<$!pgdyLG`G@E2tSq{i_W=4*e?Mv3#SZ;d()z{FwKbO*?}JbM zfv2_lB@l;GePyNvWtSJv7vlPu{k@OOBY{16O;TCShxQ>|K9uG8>uFCGUzf*m#WCAF z#zd;{r8*&|C~qt@Ww~mqf4*B1@I9dZV%9cFXR%#(K;>3&T|Ho# z7WhKUv_i065VbL&nj3YM^9>?YIeb1kGewz?@TC&!Ml9OgB>vcZ=V)JLuR|-8#=>A! z`HkZfF~C_C<#xg_JP;MEobYx z29UtBIFg=JpLu0Q9ag+=X0|-RrzcWj)nv=S6tb$yoxnjJli`5a1FI9IbMbJVu!_}x zTTZ=mGQ5V>hWE9P3l&3Vi=pdUY@tnNbv-eqbgs+xPkZ-XcFPsg@p6B=2Je{WE_6I5vuIc|8;I{65*;L|1|g?mgHd+-?^Y9XYb(1C~KP0Ss+%*CyfYy`czO9yLeNcOn!R)~3!~SxvxMoE_8TjFsov3^rH<=m;^(Uu$E(A3 zf5I5EW;o8J{msKw6AL29iiy1E_kEH~t#}EB73|6)^<+!=+MZUtS2D5%KiPm%b--I8 zM}1#qSoP2+p=qXQO{WU=ud|7W(Dld~;r;^sN3g=L-@dvX7xOKacp(?Ch~K+BHQ_c# zG1N0&+yn4;A_eRBdcx!DFC))WZ%2yjSR~f!PW1g&RoQXjrT4iI{EC|<0enRq1*YT^ zDAxah`702DDBNp$v}w=QlX#_N-Lb`5`Jxp{C6|zDj&(zWSTSPQnAza?>K;GUMT03ko)9^)l(ZHUt9ZLnb8lQO_ z1*i%pxM&e-S>*?3+#HMTn`z=I!u9K$zY2487A2Dh|42WTiBovjTsXWPdMWo?jo?es zREYxANg!RalB-A+jS* z-7E{_Q%=`01X#>s=Vh-$4@q8*_qt*81&BmWHZ6iGB{dDZ+Tc+eWe1aoic@Ph`_3&7 zK1ulW3sA7k`9nTLbJ&5ae%bBv@G$9ECjnwzB6ol)jb>bOX3Lvam|4Fh{mJeWHdZE< zkGTz*m@dlD$ZGJ-bZ?kk#5Bxki3R=iZ8N2-1`OU$V)HC`? zzIww;c;fXB^rGlz=dU`Pt4;!{No1K$m5CF|3jblbn? zfKVCt@;r2h>=GEJQZns{$mF8F&G^bsK&nwpOYOB{r&o~G2Mw)+2yIDX@`_@WAcWmW z*8+b9-TTbnt2QKbDi5HS!Fr#z7Zi7J_Ef#rrIc(v;%p(}$ISkalX#FyNtUPHenX`2 z*=zXq2f4MowHGW?CR;a@cw&Na85_&3Vg7C@!lNSL7iw~yEu<4Ani5s~BQjmK{EFml z`{R2xr^9r=DlpC%9cUdLs{0B5cwauYSDm?k55R+LX&B!e-UB9@wa^hb*7whJb_@7W zNg98^Z?#%QS2|UTLCnEDkRkv#m3w3yb60pKIB;Us8f`oC#$Y`&b=Is_M4NB zuS6tK%2!sJAzNkGF82WYN8E$GbV~Ptmpe$iuSO~_Q{I?($Gxd)Y%za6I+G+QK`=LU zJo*74$ZAaXy0Ye<)SzUXE5|8{sotD}gW*niN>TDS zJcL@GO)Iu-lkD1xJ6w5bt}|g|f7oNS$HPb4d4Tdb-e4kRQoxxt9_vg5kU!J%_3rBq zah6?dVZmu`M8?G<6#1EaR`D!}UoNuR@=&06$5_*USfef3z3wusMOF3j6U-|ZZLK4! z`H#pK9~3uLH_hQMj;7WEfgrt^3>fQ7rQHTc4EJ5myDuXr-!YE#Ae1cMeU+!Ms9C&x ziEp;6eUzt8DCW$%zVI#79gI8s?hYjDR=P_JJH>POd^)uPNz}ILZy~9iil}q9q_>UF z5L(%_EmPqUmB0Uhe0D2Ilh&}?zHeY?FuN?Mz%~jN{cO3l35$TvesR0)>$Rya{;}a0*n|EHqJ%AB` zCVA`zT1Zu%!LmWHl%K+P{2bG+&}*D-#63X3SUyxuOF8|$osYsedhV7){{IG^cB4cP zTDov>LSAQPTY@sy&?)veEkG%b)&W=nis$P{xirZ&I%)r(7?b&=h?t|Gm6Znng@le51D8-Ed(P+jib0!4$6K~I3ewZWT~qxroUNALX) z#Vuozi#12mKZwFF}|dfqZ=50r!<^oyiH#_khAUGFfjw*F|LLG7i3&-oyC+-p-5 zuIH+lkvNe!Bv%n72!&<)I-yZaCD++Kz*qwk<+BALHHr7!Qe%Scl`7pTF{Xp&doRkA zCm!V$5hz=^mlmr0S{#U*iyZr2sNlMsphgvzMXT9i(2#%Yl8L9Xli34 z72WbR@KXe2)1a|Fw`y|zf#Q;Kos9Zya=FbKh`f+z!PP*)q*0c%2lwg#3>RE6(rKRh zOmRCdvSvknr2Pw~|Fpiph-#Hs(5IQQGs4C{Ji)7Y3md0YieuuxCb(g9+7ji=pit$B z0x+rCjYb_Aw1I^DDABAaPv9DtCu{pBCEb78@-GVNza`$i8ye_%S@AbU4vnfWUEDB6 zdd@>;bx?0Ro^Cfa>B5N$jRB3^d5y9ZqdXvCMcb)wU>wikCQdTn9OCaYWD5!Ui7y|d z7xjAgMSz>^U#W9 ~Yc+Vv0Op}Psr&&mZ4ze$F4jv?RHR79S#-qv!+adD57EDNpV(IY`96I^^R)4OTECc7f0@Z$$*VZEj3JlbW-@*; zgW#v@bB;n{+|vE_EJgUoCiQI$7gaSVGhca%qoSM|#dNYlz#&l8kTx4xZ5N?!EoidxufP15xA>go-*aYxQ+nx~gP zlde30yn8eG=_B2nMlWKW0}rI}?{Z!5balf=4JRLc8gMV}n+Mzjs=<3dUnP+&s*wyi zbN`mkj?^7UC%H?hmU?UN$Xy-bd1OrF&aFpOcQDhEMdQ7v4~AMq8_EI`sT)$ws-)eH zU25S4P01hI^?41@Q@l_&>4-jY%GV7Mv_*+%w7TVVt!p_`vDc#h z{Rhi87LVfQtXGTkbJay)PA9gj2or7m4OP7#4Z`wHEzEE-iiHM)r7we+r(v_qnIm=? zwT+4u)$Fo_9*~Q|O>T3so}S*I2M~+CUy=D!^TmKVdEu@xt@C>gTfnQ+=twA=j^d|z$9M>E2K|1_oY|BA#)LcT`(I4$UAcXgnS-Mhr&9`M98-j0?$%0na> z{gPr;T~)+z9B&cW|JkFd`f;_}95CY~R$M4?Q1tY0Z*~*&pkkj`NqZqR2G$no*aTOH zlB_cZTZtxkH=j0{hLPtzQ`xEB@ zz<&=2l%eUW2c34^1NgvYnb0LsbZl;#Y@ZQWw4IRb|9l#DC-1Ej`Es#89s8K0k(iRo z)=G0$@@!KlWH!#gxKJR)?W6Pu!c=qVUh>VA2e9Mxq=uQaf=)7zD-DV$BBGALv}}eS zz3axRh>Za*^$zdc;)(C^N>pAE?ZztTtV?^M8j4{nOj8iA9Hc-uwADgYitE^w{MKyc zOIn?xTjt)4`sedUOdWcps)?%Ce77}nskb6B9875WWI-w>tm->+Wyq;tc{``6EHz>M zXe)M7r$28i+^DG>V%?dqNa&N3y6JLpv8R6zAS~f@8x7MDp?SObx<-{H>80WO9^s&i zK}@}gD0!*Z4bk|7SL%3sA8p+ExtfdJI~2LfDH%HQW>DuKxjPOG1u~+Gq*A}#me3nr zZ^_sBX^6;sKv#Rsg=Uk^>*#)3NymXNVwb~)aG{Rg(*A_IY14ZE2KhI!Tj^}N^3%@_ z%(rt{5CZX^O6Qjq*AIG+ZnSc1HK9#vh>N^k@#dO*izvLVaNYs$AbsBt*E3B=YN-p} zsSfq|Il;%DmA4O>McaE{S8t=;F$=M$FZELQ8 z(SfZ1>2Ga_^u;%JYOyjSX)wE)YJ0Kw5N^%EUt9LY+vBE;$dmJDzkXuR=g`Nk^UYr$ zGg_V+P(2Ox&M%-A>~H!(odFe~C|^f-xqnVc8MIOS!13fo z<|_xQbZh?H{rWl&9S3xoLD_5APWt#!-H#M&Of3KEB#}-(jWT^D$Kv>BV))D^^6u_n zdW!MI7}2CRPhJjvTvgG`nduVw>7s0Wp16Y`J}*rkus%A>i}%pme61`LVQ;sVgQrF6*95UI zCPi9ga}(D|e=k$9ipnNA!cYVdO(%Hdc6vrW>vNEKzlIVT1gGW}O8lDMRGWu#?tvd9 zXuzXtpx7BTI+SAEL;kz;GUVs^9X!D>&nI?8H7z2u9?z>i>l(w?K^*78dV$zuR8`Rnnfg{wxqx@OvP z+DMYq_F|(#XWAOf?%7W7tbiP+M|@m`T8h@E&RMC0NvjIg2&-_Dl11j3y2aJda>JhW zXKxG>60tVw_a?s@&Clvoi*YbmQHDQkswGKaK6Ym;SUb}$J*GL<5`=oSs@tB^ORS59 zYCc(6Rb(wQ<{}FLMY&Tl;Ex-tdoopN$L5Xmh%sDD&3EN4Wx|qB@(@`yCfLWm&bGL0EPeh%V`Bg^!||fpeQEAL83hG?dY=dV{TdDRU1ry)dxIVy$8^tdyfCvtM#v5e~!m?O9vT+{578PUG#rl@&1o1Xmo`pt}b>_ zy}+}jd%!B_&U+>+fFD%ey7%`O*|$Jc$~|DS_3sOi|GMy#R4LN$itC)JM4bJBsHu|n z3qtL$|G-kNf0%OlPfKF|zuTjW0TSrxn&=(KRyg-A&3c^vY|5Y;P>esg}HbY$Wfvy_7>&U{Y^VFB!Q* zT}E>c2uX%H-eF3jp=ki@9spkeT#0jZpFgh9-kV}WOLJu#*}WEjfjy?`OoA~rnhDMq?IFtzpGrsTI( zinYma(*+kiI9||gdSb1)r0UH4fJ58F^KxzS=j>MOmzVmn`0k?JRu0>>Eiy1!qSeVT zcC|I+0c8K#v_*8?X9CrxyLhp8Ek4#G_iHa_lF)Uh96Yxu=%x(iF50M1zeN_+=!)*P zOghhh767seo>k{67qxs%PK&S&Yg`z59rE5-^T%?uqG-|ie-kgvZNV>Kmq|}!v}UVP z#4vgmBl(oz&al#>i_ zBY#-3+&uSeW`p`uDk*J9?{BTK|9!!oGnA}4&AhYa;j|EhSk_MJ=&QezYOtj-r{7sH zb1c92WicpFS}LV?h1jQAv7aWl_~=nbSEDY@wgP4kC z%?Zv6CGKZ-+nn1ZsJy3WX7aLr6EoG~26KMbyE&vWPqx5@(#dFkh(Eq(9%pgxmO&l> z&I(6A><7MYXB|=ew*Ex$R}>We)X5wgjOr?Jh14k)p_sx4o*}V=+3+nC4)RSaJi4gNy5-p?0x5?9OV>|AFR)C4 zE!tTUb@m|(=xW!4bKUUP?njQ=h{JSJSeH%`jeP5I8CaX8=-I2%Vq&VkR}3P=-j{`F zaXHhV(X!sot?u&@k6utzC+t9mR6}0Y&&STxVU}{1cTuL*TR8_edmrszQsfCah@_V@ z7SD6+^xxk`7uk8x<@n>P+5OK}N`mFk&$aeblhB6yI8rSWY%5X&FZx0;fv1g4-NwC! z`gSnA1*DdIw+6yHc+3;t#6eW_bH(5Xa~*1=78>9lFtjD&=+BPXhI;II){#y+BPr*y zVZ`8b>$9U!t#o9TG=Pzs8ft<=C~lQ&1oP-B!TAF*T;iF$sMbPbbpGgJNp5qKnY`sG z3?By{Tl<`?p!gmT@_FD6 z{EtfR#A(^oeT>mwTQl5o8$cRFXzxz1yFYD;QB#QFi(Yfd%dt8cav8Z;?Z+})Q(IeS z;Moo60&PcvO+(MuWcMZqmTW(D|eS6{YcYqHGm%`%%=#+~G%QH%mi2yS; zz{`SAZkkzDm89s@0^K;6C zbYS0fFtM!KqDC96y;y~hI|=Ur6d)SFMP#{f%bHgA(A}O}N%3(=a zOl(xF_1bbls8#7U>fXfVWvp0zP3YO@3dkf z(M>71QBs$^$7|SCkek7>zTO0|vVqgV>sxs2W1_8ua2U_r#E1)I!)`hButU_8$frhc z%@44%&yM+P9EE4B=W79>>@VqMjag)A*85bOs(O5lw-?w*J<8}xUFKYtCKy9$cj`YC zlc8K>R1XjWm-S?5vZ+H7@5Scb;#)V+Rn6z2kVP%N)HG z*yAF@5G3#WBg@lqleo)AXch=gQLjqH2~hW9tx#%~Roc)B9K{NRdQZY2kuA)gIK4X3 zRPeOs<4QZv_Qx)gDK0~CN@6DBvAqGHkO1k7tfrGqt1fF4J;H|V6HDE68G)h|0W^v6 z(a7pysUm$pW_0y>16!~^ukRn_YEDRbuBhfVV%)l>_+=v>e#IxT7>6GPX7e5a{Osj@ zvonx?z&;uLMjPjtbr(`pB3{R9EKzw(-!|$;F8s^GS6u@d#!f}lG4?K2J^k- z)CSi1zan|gPx2WUK~9D-reXXHH3}hhyFK|Ld}9@M zQPg;#iU5--uR7;sIA}^q?*U;iZWK2tnp&t}3f09FZ+#3bt*_`XpI*Q5=hXHW#26a~ zliYIIf?421(BcDWrWu~Hl0^CH8s#m{%z&k%n~c$!=9K_Z;wWjdS)}Q@odGd{EuYO* z`3mO=XJ!9mzRzwPU$HLUZ|0M4w8FBbpF_r0-=o8mL>WrNSZkQ`W7p}>0i890KzZ96 z@pvEIVPh(3fn~cSs}9H`!dihPQnK0^WL0_*aYm0b>PK%0z}Z`*6CG|oooG*Y98)x{K8zzjMeekA1fW{-tBHo-o(1TN{-N3 z_toxLSs12qZGKc;@=MIbCz43^;G!Gg$pvkX`J!7>Za9yaeVxAYmYA;GwwALrKNCyw z6UVqefv+e$>9gcpw*t?6qacln`2IDe?8am>79Lvc&J23;5brav`uYh8B4sT-_W?ne z+dTjqEXJqm$mnT7KlA}_o~)RV0^>zxZwh=RL$_S zKOm;w1=GXrYcFxam}}}1wFTr!c}W@RsF{!XQZ2mKW)rMeG29;U`~eqEvfucT8T2Ne zr-Glul$=h?N=9b2XDMistp#h9zJ$lX1l#AZ-iGJg zgycG%vF126kiR}2-lik!tViO}ELgQIYoSO$2o>bp4ZckA9tYNUCN}TC;Jh57qwg~R zeb7hmN!J=8#Phg!(-EP3(Mqr{%{rxgW=8o~iA;GORumK{bnH9~xY*h#)Y z3Z*M;y$oiZJbtf9jK$m5mqFy%2EpHgkHp`E1jF&Il$LrqH4Pg2sgLTsntK`1VnbOr ziW*_L*}*_uHC`q}F_j;fV_EHNWPsvGJw)T0 zy-(-D6mOAHUbb$+q2*rkAmO;2Sa96J%q%>=@3^?cv;9+nN z>26y+YGbaook5&zv|>220yKW6M7Jk8b3>Oq}Em<`cKkIG}wz8&g~faksxh;Lr&>e#m4z>ssFX05JS zU8qe>l>Mu5FP}HUYtcYaon5|($_rys&sjOR-zs{485#&%?32cD9P!UB%Mm*CX?=Xy zk;q)>fEBqZw2T_Q@)ij}Q6VC_8}d@<&TM8QA9lTAHpCrJz|W?8%-jH#_J5xTSTfi7RL2fMV5Rs+21`ew&yp`!weT0ryNll~jz-S~~V! zrX)v(r^p`@j)F%{#~(gy)W&6nFa>{;VIgG{-5k>$ht(yr#5rRIbV{FNoV9k}11OQQ zGro`lPqwziO1VeB!c<*sc@G&_eXH`r+LohnCEa$&J5j^#wK^c$<0HqdGw!vJeX$g$ z4-LNvoxRV}?GDNRP;f3RG(0xL7NNsPKmb7a*PyjfWGXbQ^#Hwj2Njh;TqtCB>&Kzm zG{s}^zB-3TvShaq50p_BbKXcy;y(tKXi7i6IIM~QL20>~gH! z18gL&ej%hvyws|9_++7$aUR6ovcM=aRDXl3PAlR2#y5nuNfQ#l_xJ&j%^Z{<#tsyX z=B)ORJejJc2zA|t`sDUkr=3hkNw%k8Ven=t-`v_x&>p(5BdJR@h8AJDF{u};Tx=7p zsVp%}i&;K;Ysd?d@tG|ZFUr)#_!{|GL6-c~_;96l4oX)&{OlPM2KjX9@)D3+Bj{L0 z>pB^5GxI;m@irM;=Cq8vu3`!p?cMnG)cZsjh~?GlCbEneeG3~{^JXBxzf8Wa-5d?5 zj(P0a3Z6OHNxH>U8CM&w5jE!J@Za@0)*SNQ#GD8ag@!VK5FYERcnf--LGAZ|g@xoK zo6?+LwMkB#N`U$iKwFtE!Who6eq6L6W;*7}haKodU!0)oeVKTgG1hB2I6&phML71lIeiNk9;Eq3pch1Dyl2~&u0nbYQxE?}!$;TQ}^2Q#`# zsRJEKaeEj27ktZ(94oI=B&%*)tVBorDwFq`thRkrj`|L+1eUTKz6@=X=J|Hr}A_+cFw7n=^j? zylPojQ!`%TkJ!TJi?Ky~qPN+lY5-%zb90>dzxVb8Ok*tnj?-RYORwBmPhJOkl=h8yU)?%ejMEA_Z-yFnep)1Vv7gy=1@ znZ3!Vna)@iE?%)AaCtIF70>+3G>F3ZE4;Vbo9&3&BMV{Np2z@z<$issUcxb9xqaU3Lg(Eoqz!?Z*fGc0 zi&qH`9wUM}7u?J2=;GS_9vCtyM-3G7WArF^mAv>HpiN$)fn_XZNbBDKEe5vJ(HgEF z6YAQyEYQs$AKYE6Wgvf7B>v&cS8}7wkG!~RuBDy-=X>V;sqO*&La?N}Ph6mLl{Yw} zI?&3|$m*gk2!&_jR9F6;RT|gScd3t5?00s%qnMuRsxafw%<*%jANHH9%S*q1yG+kr zv0*L-;5?{p%L2I)h($(Tca#mIZ5EPWY~HL zgwZ7ZaSur7Pe8RefX<^194~8OQNKHE{JAFM77vv#?ebn7M|n6zAr7g(lP-SDAkH!g z7kwH{rC}Z}gd3KPAwvatW3CWqVWGwJi9BozGja`ud0O@YMvSK4@DEymwJG}3Tvcew zm1~F+$7BVEGc;2xGH}XOD8UPU+5us(X#j>)HAY#Ec<`x8G8R?F^ZhO|XLMHnU^Rsi zkAW6bO zk`PHZF_v*7E;i>{*z6WWf_-VqeC+9apL~A7_M=6kRx3&4<>#tl zVkYYnF3tHbd(S8dA*9fe07>;r;VC8v5hC=}@-4z)VyzSuJjM=6wK~5j%i`Gd0}mP? z@Zh5R;=WG|tv#@c-}lcu;cfK{&rhLiUA^gaTdaX}zBonmc#C=zPXd!ZoeC=&e+bY< zVU6MB=?cIVQOeMW)?MW86$zvnw2*-y0=OhZ)xMVB=a7E>s(QZfK&p1fD<;g=0HrjAbSaYvr4P_4!$-P*uY z!fZ=vV{mBr#v#vnGv(#i>CzU)OkwywX@z8g5i?5yLELB`*-r-O^CKC06T}6aSX=M+ z7?PU6;1?(DVG<=qQu#xbn6rg)$os}GxrpwsMdWpNI06_X6TNV#
2JA~)ZE}P+I0<7b%`D8TU5P6?<3PC zoYesKsHq0m6*~A;sO0tNR>L8cB(~_S?$b^oXjY0xCLT(PRvmNLw}(&U}tU% zA{echKHOahW-`snN^J8_b7CQ-gy=g#3)ChdZ@W{I9X4Ueu$}-ePAuSuOv;O?64OITO=ju45Kq zIkEtAdlYxy1B!uS2k$1&LfJx2!n$%kYJphxaWutrFjvQPPL4?707UZfY#W$(7@5Sc z;9yZ}(xD^z{7GEX|j`T6yaCG`)R zq!z(Iy``(LT2k;|}O61p93HBSh zHlM$@XSszmy;UZ-V8eu$vaNxl-FO%fW+xg`=Lf1!AGQaA7eBs(Vx-lir~W#2NiZBe zvfm)dLtxJ;MwJVfeB>91S(XoRM0)lbpa^f-I*9`lMQDCJrZoUnzlym^_mVaR)-Sa~ z@X-RaC6}?*6jFUt>4Hn;@>Ep+=@Y}(6SycZ|6MbuG1v2-AgeSVz3CQ4#P*{0wBw0= z$rcBet_U%c{Ov4|oh5h;qc>OJQg*^BMh=c$?+g^V!owFJZeb>T7mCDxDP45*4xIt> zAis`=0WapzT+dDh!94)rQ0l9=(HhnO3FEe!I;40XX0W0(sZeO~l^nk-fEQF?Y)jvQ3=uF!=5CQ7~?Qd9*C z66{yx=Wa<|>HxOTr@ z22N**?&}$==1){YZ|iibU3FOGYjK=wsmxy?mSJeE3=5`y*%Rkeq~><{eSOi5^FxY( z*t)q^x|B8MSPQyvp`%b53!SxHw!;)JW9Ce66&HrfQnu}BYmax_y?2r?{kT!RTIJyf zDvdRb6(9d_F;J>dm}8;ik4LA$u(EVXyjv-RRu==|xRB4VoS|yUfzmOHUVa#(X%O4tI|krQ)NNn|7+^RLqFaKJE}KBpE1oH{&$?-=S2KCxJHuweAhYr4Jkg(;M+ zspIbp)9lt#lCJ!i>`(Aq{GD~tTbO(y&W-`dMOUfAM+uRlaEds%RSyHZY7uV6G?!KQ zaK(h6vqVqd$ahRk)4t*NzHA7Qf_I2QM+)T21|vCrQh|072rmv+Acu%c0DjCmmE>c< zRX96lpT8s$G=sGNiBR!-Y(RD1pXU=JZWKy5P7*D48wGAYLTkdh^yruu3I@WL64f`T ztiF|C7K63Bd1fD8sTeY%H`3$* zUKI7W(w>ys4L0kw&65$2Ro;y}Kw)&6_<`{Ek$AAhP6k}U8}a~yd|L3nCBKSdp1SNI zpV2om4EioU!*&)ClAK?CxkmJ|IyeQ47vx(FvxgUJMz0S?$wY4aw+YQEQ?aD8iAnBoMjHlC>0Kr(5OqBX$FHoo9M`V1gkHtA15w^IlIhuCB*B?p9Kk)WV6z~4l ze3T0HrrspVA6vU(sQyipf4H+|us0OToo_o6qL!|Q9T~$WDJ^{7?)wN&qh+f{3A9}?0uAL z8mb#>6NaM&Q@?**iw}u35`)19SWl)Bhet5fzQ*)ug6Q4VH?c}&mlAK^zLsh)StURUz*a+i)jY~`fZv zsfh`N`5E68%S>XXx!uoqgEj>Qa&C6)i!1_+uBN-PYtzZ>m|c?ZZ^aPCdREYv$$n4P zE8G<%=g>P{ouU=j+I%#9NfBBbKnz6brJuSUrMS%hV(&e}np(T9;UH*~BE6TOprACR zNGG5IBAcS9p+`ZaNtYr7f*>L-2ncKeDFV`jh%_k@IwDH%odl#yLJbhIzni_EXP@Vs z_q<=ZuJ@ep&-oEAgK}qOt$WQm=9puS6Sh%Z=+#uX)cMjl9>EZUKF$YeNjyA+%zO>ma-j-31~wSq=>)sX#hn!Ei}ZWY~pYT>Mma0 zoN(*KngT+)w4K)k*7c)9EaS^QBEJ{#zn}+Owo?VhcBKpQ{gACOdE-uUYVp@mUq>Y3 zZ?c6i(2DW4`sX#lXj+MzP3Tbx@12hMwX( zvr5q0cinb$JG&vXV{4Ol@^vhk3fq+*j1`!pXozg%SEb7ftlc9;?dnpGmv+Du{C{xJ zboq%jn!`dq{Bl95I_>mK+z^d3zn35tZU0lO!V4!zIaBC2+<+TZ5q>^-Sg4Ff9dJ9n z=!U<~SqV>5t;zF3)`Ti$s8uvm1qI@qX zv=q8eUz)$e8VnT;(VL^$OfB`1Y>7A2Q(vUrz8OjR@GcmBXA%4Dn>g*Z;s5S!r-Vdp z6n}onE8y!fxLXq8J}fks#>f z#>!e_o~oKT)bN=n+p_%@Ut9Qajj>7dRGX|O?-u785IM9ucSnr5epGPg53o2?AWRL7 zvfhYy8xL-IrPJ1}0i>Gce+qWZ>dy~m_oyisuCTZDHRp}#`;f9|(saUJ^8WIOg!H|u zznr{NM2d*}ZVnG0k~Qq<{jKG6L&hch4bIhR2C94q9vMazCP|mQ7xhhHtF_d1y4ik- z-pt2Uw4fa-x*<0Wp&b*)Mvd=$ASDs1bcsYuBBLC8?7;!@DutFD=RuNbl3V89xn+(t zx8#5NTy)RXorjYyUP+imZ_XH+`=@^PZ~qcc7#GS01)WjXN9y15mZ!Nb9?_KSL!XNq zrJEz98AFlUD62mpOlAc5KAoR0mGT2no6ckQNHM+7D_e5HeW8!Jo z_h>?iQnx>3CsG2xPIkiap?k!dal1d=sH)bZA5e~0(8nI5p1S3p_)-sl6gfD(>!`7C z^}FslnivdJ>{(n|FtgpedTAhQDk5bZ9#c~VhFqZHCRD5miIT_U*Po3cFpsys4A-P( zJbW>R`0mlg_$-RW)0ihM`hL2~!&fwG@(9p~CJqM4{{hJ~3P-PhpQiYHDFQ#^!@MEt z>yf%rbJ4j@pNh-5%IfDLkyEY{It=0)89a?@PZl6TKeSPRzX0DB`Pa7vGQxJ}6{BN* z7&x~d{N`|0Rlq~sbN#v66XO1?al@~k5*Ed2{UarQ;>OSfsoiiH+$&c1fNqwLZRQU0|xJK{2=dXo<(z%ophyRw2qXq>CGh=j}vBQ|!cFsk1Jp$Mt$$;-~sJX~Sr8lpwXQlx;Bvk0T+Jj|XahKsMWq4(57yK)-Gw zI%Bs3JFqWKyV3mjD!QYfPn0f;o<5H=SZ&!GBsfcc!1Ln9C# zB{jMgDWnAIo_u>uKYwqsMmFbuuC?RARX@Z{60GSkC{SlaVd|}&)MRl}uxJe7HW>fZ2w8+AUx#@~3?_ zb2oB~S!X~}LxvnZIch{dF;VgTcyh#9x0>Yu%*p)_l~4=hr}Wr-ONvA9x^VfM;>Wh> z7H@oJZSI9!x6JUl4_VpcJ81eBpD=8K#+jggjdQ(q&L5V{&nILbMm8<$-*x^xAFtyu zQgm73Y&6?Z1&<&y5K1aYv~BDTV50cRqP|6WkAY1|s?Xs}<7C+@oy*a-^?s23v;REK z?{Id9nxq)K;5DN`$-K(CkVj@`<4%gCh5kC(NawCa=k7dtbqxMma40S zFx}yCf9&cyDZ_-EP~epEs5;MVd~&Qs+BW68Z1(x9i5I`OD=T+B6?~x#*}W*9j}_w@ zO6Y3%7{U8hkSM3gHslsjJYPqgDt39Cx{%UmO0Xn&aR@ViAO1QPzIGQ+c&hxdPo8H@ zKjXrqNPF+!h`i4;*)cgZTUgt}w;EE*NOpF!P>YY{RdpXXCiEP5ZJ(fmuasS;<5XL~ z8H&@+9{jkn)3xkuQL8so{cKFxCSLYK^lAFIkr0Vx+(^{T`ttrdGqjhBC+Z1ZW*4nM%3Xa|_bzPH0z8kB>In@tMLK-RClq3Vo%528A#YnpRCNX#+i^Wdt>nz!IlHmQAnTQqfN=CUa3 z$AyIPMTok8H7??wqDn?Hj(udLsef`}Dfv<}+qSR6?-ye|Z*cbAvyb$C*rO&_i=)M}oFqFpX5f`r-(rR56_UYKvah}H6cSj^=uu&8O zybDdo$EHUO&%7Fcs4XmV@y=z@`|es|!}SnoL$R~_hih8mA|dpA2iJDw`qm$72s+74 znRn13l7E`=wyCwAEWEMv74XhMA7Da$5vX%BYZlf4UY?ToW%tfhuB$`3T@4^^w~$=u z<~!tRG3vP>{y!iMAPA7R1Nn*kc&7H2SUL?X+MY9aj@!slw#g{zdtq_4mguu^0k)?= zFv|Dm7MFNUF2c7F;lT=SEbWh_bIPu>wzSi{ox5XsaI7KYfu^9ioEb)S<`|lO?|{mO1?}uDdg3&d7KE1eq9t4iRVf+I9QZ_qzu5B*WYsDk*s8 z%c74gC>A-pv$yQXP)D?s!0n`PjL^zE91Jo@^|t0w*4OYA$OEr@s+&pxw;= zJLn+|$x+RGebjb;rqX`b`awrew}t2Dt(6$dE_r_Os2GgRR91ozQbGPKAmI*=)hU9x zCJ=T>%lp~0Mo~r>6f}n%ssF%5YV1<{Ic56A)tFeDJ8`SvGXlP*QlG*PH=LKyd}Jf5 z*qv*{+@huAW6Mo@*pjUA%~o24j?)ONo-xpczPjYG-FgPZT$z81xq%8K_NM(w+-l;i zgz{GB>)QVHd%u?1aB8fIW0$^v(cK^Tx-9pVM`^#SZiUd^!XNu$3TkED)+JFp9+gx6 z?2%Zfj-Ag$1IvvjAsPW7_e-Y&g~Cw^m>FKgHA-FCy+JmaO%=R7rf>1p1rpDDg7=hY zu&!;0(z5FCcO*#o;HzdLUVz*$gr=$^%_wlvS#oV-ieX*S&k>~Nxl2itALl~kre8VG zW?{RK81x2$0#f~hQ|PxrF^C13c9}g1s?;BlkI}fUU?nGioeld=oyXo|a=)oNZ;9*# z5G#{sr^Ch=$6P*JyuH~a(OEEle9qU3EK0Lcf`_cC8|pzQ2M21?|IAvre7Js zef|DFB`x@0Nh>fNy+;rOS7uuSq{b4z9IfP-fq-ZeiLKq%Ab~y#B5PtvWwOxH+%V_C zYqppW+5(Xmyfec;zmjRC2{%`dPE0yNdLdb3VZeh*ct=ghykTJP%d?%`8Nya6Q*x|Wk2Q9X%HoLKKshE zQxHT??Ez|W-xevj=J1Cn&2A_`E`8IfD=~=-bMvVp^CAM?naueP*hCFUYH#{E;zDeN z3%6GPRz=yz*W*bwF>}5igP(Xcg+?gO*Jga%*ICH@c&3c-iUTIajxT!GJ;y|JY#+wt zbWHqsb(M9z7!s)XkA@a>LASM=$@w0V9c5g_cXxTOCZ>fHcj`W=F8W&oV9bSwv#4LK zVS@?y=PA!qyubV08@esoug9x>n@q2~Y{*R8Gc?^IGiK7N0*|REmeKCt`hE3-bWS<4 zTxUa-XQaU9TK-%#K>%TP07rQZ*F7aDKapWEb6m!{_Ft2FCvQjZ&B&Xo++BHjDp(`t z@1ne3ei-M3A@#gKYXwdlRl}u>IX(1w%zDg#tiek@|O9uR~3Ewc;=17D|!4`U+HGi zg$^Kk(4{`1Mdp6V$U*7ygWn}J+N7TMWohhqwxtas66YT5E5WW$~J>C%rtZEXl=6v3H4#;7snFzj`Z-QZA$ z2c6z4MOB?|*`mR+Hu{?m>Y@~3DekorPZ*l z1jTHRA=F9G7TqRm`XPnEDsCxTnnW9^a^*!DxQQk#b$X;G?~v9Fz21xt3(P$bcI11J zK>W10?2}-g`o+-V<-NOO)^KUjNld04KlZ)9P2C;pK)Nd7kR7Pw8XV!|`M@(oD4uDd z1x?#gKzTVEsf7}}mSEOYN>CU)EYfS^p}T}-IY zs&KorxTgAr!zB5rL;hK&X!G2h%1_;DRhM(J8EtK@RH{T1qIVkCt&fAER*!()+w4IT z`HZN_*8Ps8cl*d-ZVlx?S?0AHu+{f0?cW@IFGAa`s_*+OsF!I95v+9&ZZ9eBw>R;V z%WL&qb6+@=h~9W%s*@)u(+gbA6_4oU zI^^)&$I8{r`F#77=Dh#}$5g(AcJ$^_<{yw5`3#EZ7py6{Kfsa5U`YDT_YgMb+ZUMl z!1ui9E47!%ff8FW*8q$I?f4=#0zF%x28KX1Qkbd7KsDGdvAiCpA?YT7g7>LiJNL0N zi3I!p^2&^$sKZF;;!QU77>IWw9#*jvo9_fSw z@DSVw&iVjLB_<#K0Wl(F|GRhC&O*R5UL3z&T9e#aSy!3zoBd^go$P@H`$s5}h+@#O?5X z0#|0qGS?e@3jA^bS&`a&54o={PP_HKS|)0G<0i`XXdn}J$Oaw(dyW)9)ia7l|0UEk z4~Acns3wC_=bUd7a)&h>`1qCZ)n+`yZ6HwR!0zBdZ(Rhs8juTVXV%BW8mYi4E36hf zsrzpFhl}soZpM!deG*y5a*5EIbQK^JEkiy>X=d=q>yMT@lcgjnqxMM-dTP`?-rNpj?acTQ~0zMjLEIvAPG*17bAWMbMe z?<&!DKvho;k%{)#$nwaZwiq=N-7u0TmOEu-#&NIH#G3^-Ea03DUNQpv6V45>R+%x0 z)*5(hMX}hmP@{@Z{lBbxulGLvFwaxq>3KQLo`*19>_RzCCgG9Xl&j^$-Iv9y??d)P zH|C$Iy$_4Og4&%pX=#heT!?02&KJkN(l{T~n=aE=_q4>(UsT1r0+Zn@l_FXC^utd@ zamzGJ4p=Zx-TD1tM!hmQp)Fn2inhggRG;&^G)bTC(fNoteIZ%jV<%L7_F0(e$)z*h zY+59_micmZ?W91RfR|GeK5^EHac@jH0VjvmI*hNofHg-M2HsrPtE>D}Sr#Xnq;yo&#}-n{<~01w4ekGracqBBF(8_#|Lf#(XbzWO~m)oM^d zQ2JL_%V?BcJYG&{iJ|EJiAJ^4nYMYwfyg7v3gfBn9Sh}O^uIQ;?Z?yXX_YchM^?T7brXM3j^CZ@l(MJ2? z!UKVsd6k1Le6adPBspkh=Pijaag!*W$RRnGgMK7c>ebNU3RYMj+!)YfYG=tY0$xcxw`IMEIj_U=?uJ~4e z7j3Je?ewMBRW<5}j^18s7ZzIAMyZOeDH8}HoYZf3#ljAx-Qnwn`}{i|4iA(P>5ip(t5PVP%vEm56CPB33dqacB9ZH zP$U))n2(cR27RrndC=#olP%RfetV!q^il+CmCMT8LPM1U1W=MPDUxUp#*C=P&^ve6 zl5o7}kY86xH$}vpWiQ`u?pNwkHHJ38iIINc)L@k=Dh&V@EyI06XNicHsXMwo zPb&IcEpC@pE0&q(e~(~|e>7QDpcH2a6;W4G*fxY_X7)gT%76nr^REZEa-hCg6CO@w z_VYCylCtjGmwz+G-8RoGkEw3IR`HsUzxWh;9q2#Av9e$&FAz;!Z}3=7xz5rV;N_R( zQ9kkEsjg=WnwvEaqq0x|@ps`QPE+KETbTEja?vvYRN5i$gV|Yra&5!dl`jf4fc&B|*+8 zAP0^wAjljrPN5ffv3)6&A#&MKiflvf@YaD8xvnXY`%iDEplk>D#<70f${75R4l)1Z z-@P|JzD)U83oH!_aMNxJ$b#*E!3@D?v4b}$Mc|J=2Xc;lasR7cl%j%SG~p*~w|z6; z$r(xB1D<1)McQqZd>~2MI5vP@88bSh8(hxD0?S1Pz?fql;alvQuw?mv*!OS_QovP+ z&zqS(U@}85Zk61w!954RdWQlM{(~Z!L*VkVZ}K0>gcav_GKjmPd2R5&hU%q2eZx6H zVFF9l&dMB|Z2kk1gKBpEkb-Jfc(<4PKH+#?De2Yq z(98?;Ek`in{vEGfkI)rOnCUI#S=0maA%Te-FI1M}AY*TDoA=!%(VRv?*}6pEKfO5^ zveKafhXg76VOx=Gl24dfD~bn;DV~L&uAg-<6LC~@SEf6|qfy<>BP@g@Wz4QeCF5fw z?8BRDiU+?;ZdDooaCX`hY5QenI8SE}jT=Dd9$X?bw{m50ZT&zP_f+unGo1YSG`F_O zLARUzUD(74LXrUE@YrO~>v9?*v~@i^UD_yON-Rm{v{RL_m6Ia(UkkR2Mlbt{iztbR zXCwwjjmSYa|i#$!k(&1_Grm zXC2+A+XPs+kZc*rx|qSw)-;)0 z_EP**m)@;sHd>6CA(wRhcVtFs8|%;ZQoM?sYT9A~^G2DJi?3NV^(4jRMg$u-us11+ zj8$iF2lY-V3yBT%>!*DC)}|Vc;nC>&#Bo=N_YtpHbcR<0Z6u&!QVGzP6koiH(RI>= z%8br3#W*7Y8`)YbmMqBq(4VyF*@Bx5(B8kA<$$!XFo{^`cb$FtNbk&(Tgx|JN#G5P zc9KYIZCM^t(L48&O6FRjqj8jq)!LUG`@`iy-!nM3LG3Wtiy>XrusORXMkC%aCK z8RySzb@^}jlY*IFuLlW`yZSZ)9MvR>%j1-FE}MQ^zOi*bhxL~P@cXmF(UD^fd(=Gl zlM=n}dox^ieq817!2XqFM$?EeYNh+;eomh;^k>Czb2qPrm4TaBSVgm_;jK#3Z=J8) z-LKBXdb9>A9`O4iEQyD)k*?c6WLJzZq_z0t)zNLMwwu0!c~F?j=5)r*eU-90T~H|6 zkOS@vGFrQrRwONao2&|Ik*ZQs0#8&kK9P8zd|*&LggS*+muPSvgY^kN>B7uRwddvWBVq7ttXRw;QWo*W@s(h+FK7k@*$>^Jdl zt+sRU$tR4W31GkCYxQ-98&ukvb(&A8)Lpc zpr%a>ZBcQJeLRfl%P|tTunRC!EzPn|7U2sjAMFTxIRWy0TPIkbaJ0S@GvR!h?}3UF zRj#_M!o}GzVfCry%Q;U{=4umYIf} zK;@O))KR(HwA?pwSS|Ur<^AQeij&LyP8rGAil=!L`S2FE{gYs%W<~%#Yd!BsiZVry zep_gBaenOm`QZWAuedjgg{OP~YALIFult}Cf=UJD7Ize24eo&Ym1qTeBJ4W?w5 z?Aht({@O`pPCLnVxxY7yF&6$Z^HddJZJa}NP80iJthhxHP^$%dfU+{so(ONMMxUvDzpY0B~nW{M3*uNb+$Q8S$B%N-)IQAE-N|%a(nriZvS)J26MGDFN+( zHOcqzxgGThO*3Liv56V<5SWj82v};QIb{^v=k^>1*aC3s?nfaHIm&5<5kIS1Gxjb9 z0ov%}j|FP1|KSDf54R{dfDquSJxJ|76xyQscIzLi9>nsMP%tYhrAqw*?t&ieAj{$Z z@DqqNwvz!z-cLQ;p?dFUAd|S!q;186HOk_#i-&ix-)au;{FgtDocUW#$}m;q!I2lM z%8U1a){6ZdJPWWZ7;aL?bai^ohxcAKZ_kQ+rJRsh|TiZ`Ngf+)~3ykr2lI#3DF6WU>0=gA3R zEYb@!MCH*j$amidITb4DDKUrqf`-!5u88PgnQJi{egqSPgqu)b>tMo|6(t5Y*JSO4!?Mj)lM z`od|^b0uVbY7^*)E#7TLco7w;H`kxzRz;YpVVbb)Cjd60ln=BhDkSgr))>zNBjV2@ zw4MKonw*(=hYIJ|iBp>Ho_V3&Mz>6;U2tYK3rCW(?tnLp*(oJ3CiabFzx7xhLnyy6 zoo_ZBA<|fdIUkY8+k7li?oT8qVBd}m7rLB)PsjP%&;Gba?c13x$xQz? z_=`2J=3%Cinm}mxjF!rDnPT%amnp@vufoctc|ZN_gZl|}ebW|dko7Qvac#qdC*j$+ zLM|zTfQu=QeOc3%m}%Ykeq?DQ)h@<`@cJvFs7xgxAw3iVQJs4$GrCD|i&irrNw;f~ z&P}LLso1ZdXl>(tk9HXlG<1aZGg%8lryj4r*YVSWGOl zPqeD%rX{p3iAJxyxGSQhhH0yv9@TG17w@Br>J_f=ab>?B86Q)TPp(`)@iPcw+`zTy zg?YOld2kF=#rxz4VrSb&zZEN1GSaLDqu=oeD6+M(8+xvCV%v5;tZ1A zfvQnISW(Pw+%K738W1>KxlZG2fA!c4NIJ(HCJmuLSRZ31%I55_zpba#v8!hD1-fHL{({foB{v;hC#io&kW#OCalGS*cz5yJ$vp_2;NiYa zu$ovKnt|eBkN;r~BWrsXy^^*{a@M~f7BPsKxjT46gf37;fJHk1x*9&?#h4J-lLug<_@e+|z{G%s+f-(#Nl7t((2hJkrS7Ru8|qV>B9$?~YJ&DRfprM2fy36|Yf;nZC7@s>FQD zJ!#B=(Sq^{Y=3Ql{_xLenig2v4{OayXB$56V3`#^)nsOi@SiGBz>P7ZJ0 ze}OAl8PopxhOYNqo&HnyYa$<2BThC5+{bvtekF7&Ajeek=ccl~6p{*#Czi)^VMe9S zc(5&mO?=gBFTlDSCI^X=quPB{rc&_{@9N?Q+3*sH5w`aMC=7!D6w>xo-LC=KV-pFz zDGvF7=5^d$o?;!^S~0*m)`E7LR6A`z+c((&#yATOaFb4UH^T+SyCr1+4bM{6HqX1o5!nJbta6__zT05Id%xyl2a=o z{@(j3VEc?F&tfqTQf{O+PMwvEzVo{Oz4uq8nK0p4cX#JyZ~X;Iy<~zMYVf(g zep=r8x}v!4>zBk&PJZ9L868P+sgkzxo6 z3IgK_AbtKNGAe8-h6eGIv(R=K><)6ky|=8un&BWo*|3ArX=s6wdD8RD;|troZO(xC zn9T|TsZ7-33yzMa|*cif*2%aSNkjM+EEv)9!71+mmKyngk*DbGlGB zo^A+C3f)u<1S+Sd{tmx^+_T-`L1M8xCc|62PpU7ok90tg10XXMCTEHmZ)ur%79$)XKmY+hfTr?+!y=E1o?F_@-q%Bfq8 z5^XdMkUb=ovl|0nG$4sl=@WX#UFBP4j%?QeHiV+_PV{hDpO4D zS)2cTcZdeKJYimh*nM`C-XD;VYH*+_2fjO=L~8DA#`7ATjN);H;w8sN4#@ShwMoX! zrH#CTMg0=p8tQ()_^|=Uv|iyNXruD%NmbY!FDtjwH0C)bQ%G)DB!p(sdoH5_`oi0d zgCZS2u2mK=UhACyE9GRHRqr+0ay08+&1s{@=@LJg$qsH28C$TwPt*bXOnYPr7)Tq| z9`+W;V>adm?N|@{Iz)6#PmhkK`E-HS!ZaD70YGDxTuTO7A_J(au~`%(alDo3K$7gH z6=m?W;_VgU^n_W9?^lsWX=}zBn>4cXx@rRUoZH7io-IAfvq#%W%USaTp3HvH46}ae*2y0^u)0@gHp#}-6U{#?pQVSFNGvUHOpmFyo96{u2jLDjDP- zgu2-1wdo430Nb-aPsAl%0B^5=Os^f7N9=F$@~dj_KVR$3=x%8}9wCZRTV;wrJ+T>$ zNh1vOKn;#sb?7;)-#=S*eE&zfB-|C}t<+g4B|Zb(RwHMJ zfm?Vc8+xV$O+6n=MhF3DnWgymrRxI|fScLP zxRZ6>#mhT860#dIW+n=u=s?AGpGxmCC0>Q^L zCv@f)UI@VQg8WryFo6uG+{Y7Vi^k1Y1h!K~P7}-2j#i8f$NjxvH&~D` zyZ+Dhz!>4a0a#BCtfxc{_{Vy8e@+WgFO%=}&r%C=9cpru%JP?o`pnOob$yb&xl-|V z)bj+*jJMdhDC$V&@xQWwAZqA4megM&-&XY-)3um;6}DQGWJ`t^&1%Bl9WgB^Er2Mm zkiyzqUEGZODe47IT!`;gEI;gAH%t1m+;4`yIBoENgEfy;zRLOHRDN{-*TsKB{WsRkQ`9lCSG=OS9+>_O^&`rO|;3yzE#lCCBm_Ml+ww)C>fSREvV zwo;`?b2VZS>)8V??<=3)`cda0FPWZhUZT~l+^rSu^@^c(_h?iai_Wz&ET{v zMf-ZQSV}bI0`w8$ZX*=C*@*Q%j8}u=4H!&^yTpYlfP!8}XPob2j> zPN_Ydv4;vhC<^LDvSJk^Qlq47Bp4h8%6&>l8&=qMjJv{O2U2#>qh5GyM4j6Qr+uSH zSDX4vn$qv8S#k_;ro2!g{I+Ks8=|i7~A*vESrUU65T+yYp@Ab}qS>G`wr{ZOV zbg|}s@9?S}A5aB0)vThAul+iHLzA2K5rCTVH0!T#nbnI8r0NidiVJmF5?71QRhxD+ zc)qmY-ED<9-a^t^1@(ZZgXMlsx>2Y3N~HP$o9TF>rqLw-tF+T;@qv2SESz0Ng#T^} zlblr*Nxsx_(lPdwer}AdBNtL`-p-hNeq%paF5~elX0LaVZKU+#^Ur1uy-Y*olPnl` zf5i#R$cfqoYqUf{M&H%bCG3QflltUjUN$|9=X@;nF}vrHELvqBvGaf&T1?(;s!1Tn zoBnc>l%}(pw>2HRd*9UcE{&&(JCtX=1G3{JUSf~8f9a}rVMfr)vMf^B^>J}@Y0jH5 zi(om7#}CMp!B&(b@$e5wWDxhtz6K`Ze3lpe-sQ5e({~3e=ZL4qpQSOz#j6ar5q3hz zZ$WTW20=Iw3s5W;5TlQ#1)QeT$!IB1a0n^86}wsg$h&^(XYk9}$Y2OuLx~4$LlAJo z90}=Dr%5#XjvFBQDr~_+gLsZWYBwu6D1ceSd{E{@mYcoY;{=;>s59-Z+rLz>8%-bcSK5KuzEX_f@G2Z4WHvpPnOXUdAQ~mdcWQXD< z-JOmJ;&Vu$<_dUBS&2r8$A(G9tJwvwy?xXExCiQJt$c9T4`E8OZ&teBBRRFR+(lJw z4>|Kj=(4~|AMtsNrNHS?tS$B;I3XTIehjm#{^8+MO4wi6+dm#XVV*yRnGboT1wXG$ zNP&=XRL(pMdeQJ`3%ozt0_$$i%{g~p1o4s4x`S~dH~=bTMNZJSBt&CQ%VCtTfMuP{ ztQSM~`~UF?RdUl~@|W)Qj;UB1 zmVPJbjaO6Vx>?1NaH5|r_o@tYzUc_Ai8q_|w|C6irVEI6N zFbYS(J>Sj^Ruk{;ORJXn$hIXlITOzubOG(VNMTs$h6A>H9$P z8C`Kd>hT2a@+sQS$}^OW=~HS!Iia(H_Yb8yu)Q@PRmM^|6+y+dcxwnv^^hL@ZfaWdgDW~uRuy=g(SjSQ3m<=~>_C zC)1H*Iz>eezW&}}!SQBxHCKawUePRC_H2&TbQ*4l$5<=&2Ay~2(+Mjq$#`J1La!@W z=Z2f7E0zA>={1fyZa{<*6l1*CBlhn_VV8^YO_5LIKIzdp7{45CzMw5I@6inu?9V_k z0&RxzP}%&Zj3Uy{)Rgu}Z!@TlcSz5q_cFe`ts_aZ^&pKU03&RsO<S)i=cTRv`gWdeH}R=*9ctSOpQmuc`0NY_QspIWnVJp1}|bPPso zWn@3t59@Up9|ZGDZ8qPjC?bdIry5kokC?Y5i#&|i*tWU4JqB6!=-}x(t?~9Z#Q1!jh01*Cv+hvoIowLH;g9w;*aO9?yLa^KNI%Xn`d6uXq=YK`>Y-l$a-*= z%-v$mAtdsJ#PwD>Jvrz%<5qa52*-rp_|oR-po%Rk4oF2Jep1B+*;Lb&>eQRtI{$iz zRQ^1Saq$kDrWmjKvtsj3l40)o*x4AQNr*zcg@kg+E&gnds|^A^_+Yrk0{I&07=OeW z^r_`sf=y12>OfpOqwL9D=!yE|!??OrSn{>sNSq5VS5q36Wi?+}bjC@a-Bgs5xsPgq zD$fv4oFekaf{4Lpm#)X%;=l$($p>(4Jz|Ry~u!;&?^-_~1^4hcoM|S>L+HMF}Gh zhnqi90?Ds8zBadDc^-+LHP;H;;l1iX9e}bf5Cmy^CfURgbP3 z*20Hai_#ZWNq+g{g`wDI@$R)5#b&ULj)q5A`3kIA+_amh^RkD_P{g2^iK{C`+Rs+RN3>RkygDd z+N%|10xIZDy!|0#H=uQrj%b~L_GWmLwdg=S9XYSXKXrU^c}%X(<2TarP4EmJZ_Cq) zJMA|id$m+fnOGo%i_od>2*TgSM{RP z{8_iK$?(}A)Nde2ryEh|0MSYC-bSo;69R49k<9PwNsOi4fzAQvvfdb1Sx@QRI<{APd6Pwn zZXxY{0R5j>N$luoZx6x2!Hyxzx?fblPf;ZL$|pTpkMBHulhyUxgNcv#wjK-VI&A@e zA?$_2_iAEAe$BJdmHx+ZV_27x?Ai^Q=C6f3Ea}CY_JTx@gy2APz?FmJ2-EvBWmd#e zpb9(SuyCiHgxJU?nGQAI&N{K^ihO%H9>RO>>9K@m+F*}1twxcQbufHghu+C0CY2JH zUwj<*3mTZ59G!0W>AA2sdF;k>;a{FJgdQOZ>^@fPFqh&|L}s6zKv0F^&eYe`W4{0P zRiGtT)bkrN@8Og(v>=l?7Cw8M{CA2Tt6wAQXHJprXWO1-FK2P>4~>X^i}@_UW+*q! z+b-bI=8VrEBhl>eMF&87(ttXKJQ-L<#I|r-O91=Um6VX{$;p+o^QO-jYDL{oX}qQx z9F7X=K_2hNi+U`NNtRmpMNVC2+5G)wi3r`>;$Zh?F{r?n+WlBZ5R+9(sHZ7f71i-j zV*2}a-Z69WmdK#!9Dw`6shodagj;`JgvCh^2>~NdpU@8ISMe1X`ScNS_}8iQK01~A zilBk&iEhdPJ@Z3)m3As^3iz6TArV_}+&_SDOcR!tK`c-M9M@G0;Bte10(6r8Cps|& z7s3mf{lpl$AV#@p1Os(I_6PKga`ykzQ8*%IVX>Vwpx>TUBJ1&^8rxea4$xIFtn6?& zT)|IGkKiWd&EPZX_<-YCi$OmsT1l+un69T+!~VVh4r8kNhlfQPVt(08*5ZBTNTy|| z(X-XCx%lhBUst=9LJWh9*_9xkhF)!IZdb`GB>HYdc{-9s-k8&t&qTeZB*ic zJ_SJv53d)gkC;8YTfQP;;Wu)U)%QkMR)mdKcV?SJJozpuuiY2MTBmAP;2e(}wVu9a zFVB54_vY8-=g|-?{!hxwsy)z&JBY8y^6*w1j{}k&Tdoeh>!Q-urWEp$#r0L4(_HD} zIm!r6JMFS_8d(>thk&tC;I;+Mp2$(8wKiCfwZQ6=((PslOS3W*{yQkVXWrFo9KNGU z`*mI;=M^}laDCYK4hy-O|MBe4t0d8|-_z#izY+v!wm)Qq`~l%bd7w#hSNpfE9Jd+x zSHdci_+Ji0Up_cm4^%)Ei$DTOZYH!h!T6RlIJ}EZbbE6LB;BkYMOyfnJS%6)VY{Sd zvVR9xw%%mK2W}3Itr(ZO;133!6+ZHP@ zj?y6=$Gj=l%NsSd)_3H%vY6%5Ht#DCqA&0;W4^BnXAg@Cx;(5QZtCFw>%&+~48^lZ za~x6JrjJ|8DG^HE7(oqZ}CkD3YR)e+@|cl`tkVNot${NU{5VZ zxsc1l!^Pg{GTo*O9tRkk%}~YKxvg>j8>07|U(n>(-_8`~?Jih^P>zFcE(9e*g3okg z=E-4r{$e;V9q;?K@0|ar%I@NAU1_MOK(IUD6>+Pr;9)aU0_4#1Wq76wTjNSn)-ux{ zCq>{8ao(;=UTHoh68P}848djqZLg#R)k?+WzTFxsy>?9euIWUkT8O7dLbr((cD0$L z+gdM54wH_-Gu^G=S6;KewIDpnfBtfLw0B3B*I2Mdso;Mu!OdS8j?HuMk6G0+*LQY2 zZ`>@Lcv~m%b0))JBL2q_@*4XadG-E;J{udxpc+zWu_3$Rv@d z5uGH6B!~#2jgq3@h$MO$i5{JZ!RXOP4-#b%5=0rjL>ZzJC5RejW|ZhNqD&a>efjU_ z+50_?_x-r{`@!K0YprXoxz?QL@B9_JhV&PB)Aw)V;Qg_Tw-;9+&I=a~h4;0|!5}Pe zlAJW(QHOPLR@j{5$WlgXEZb;sGr}t3>}vP6{Bv*`?_T#VkVciXz&jD`Nns(! zaAWu=*C$H!qn9)p-GA}S3eUCBQbb9Li9}4d@0$uop4ffttNrov0io{&eTg)R64lIv zF(P6$JHMErTdri9Eu`kyVwm4-(#XvGu>i-@Rj#`|TlZ)oNG`E9*GLEcYs4DTw0p`; zwUaQ5zeI0bMAYl~kQRv_HKvG?8c}B+(VP!|;R%IesNm#L3@eTq=|Ya&0L9OFZTyx1 z?&)3V=n@717dEb3>u4$B=R%~~YcZjU2BvQLtMq;CZ@9Qm%T-0V5^cbBYBjKuZfM~o zV8X;3wovYpP4SL=K>;GeQgrsEQqDHBn+vHrh8J?6{8w4Z32PG3hnfxW==8n$a7CW= z!@-QDtF?3K_G2tT?hQ)a!RY67e<=})2N|7iGu;I4V2~OD(AUECJEl#=Xz*@kW#7_Z0Mlf6iz7697N&5Q?8>={TLr^+i6xrSM6%0Al z$ZxQJWZlJ$5)Q2CzTPZ%%0O=#-H#+$6fMk$vrVJJZa+efbh}hmZiz?8h&0#v+DTHa zzBXKmr`(y3#O_L2fY@lJQ#5lwt#ycbjrR`OGV(H$ZoFXW zxN>I_)?%{xv^7DUrz#q<4&o4X_lroNBf*?=h-goHIEX*|-SOv3$l902@`eTLJ;Eo5 zpAGBZCBClh$ey)%;=8%~^lrTz(Dj{(7K$tR6W*C0rxaYHz`G{Q^T?u3E9S#Tl*_Xv z{)CK5h~V)c)S>}$_%NFCC!P@4VZWpXw)n@*+JraN?g{>pGb7D21T0`c{KnG5X#78# zJ$m7drxW+_k`!M`h{X99)hAs3pyQd`x>BaBnEDZ`kV7VrIB(@8pD@Q1Ot#fFxu-bs zzI9%;SU-Az)Fa)GSkR@K{cWhXdce6?)Yy=E`R}_(oO4v8j9H(*E)5!7$iRWIhI4upk24TQ2%jlV1PzaB`&|$4p0^#JOLx(dxr_3oB=6xjBy^qb{85IyLofG}_GS z%D>M;hH0ZuokRbB_)&B?E;?Z)7j#(&jnrT+8VgeNreb7Y80!l>EZc5ezRLKB5SkfH znq}D!Bu97^Pe1U?&A7>{EYN^PM5{LUUg*fqVO;~pGHD%wml1ZICOT2LO&#s~KTE`4zZK`p#-(~-DBIq-{hqIO{)}*kW~=RDA8AWaK_j2kkKcH zVK^NuS`mI+7{H3C>YS6T9B+~;hh(`Q^)9t8WzonU?Nj6aGgANHr3`Cp}-}{pPGbbpB{m+RtTGv*_&& zb>D(K2;Or1j-(}pcDs{DAG46-_IJ+TAw;X+$^H%qV7JcrGc4HCj43%}zdgA_g2(5M zH_3jEeK>CVJnXIKbxEhU#|s^9-tMSfsdmbJG6!KD&S%f&i;mf+6V{q^u|buK`0F& zcAnx*z$RGKo#tOyK{Y)fJ$gEURQh};&nh6HT>N|Fk9Sf0x7&JF7Kb<%#&z2;Ar`Wu z0Rq2$(N+1E6u))hT&z=#2~J_M)70Vu*?lcP{_9gKjL(k8vLfxQNV+DYuS-4F!8*J` zZaSMPaI6>bCY5TAys5sOaONhx0UmWvJh7xLk9h53DAeQf5vLvG9>$g|Bp zh5b5}*uW~b4)FJz3+)fp$DG8r78|4O?P8Ug#hvrzsm~2EyqZ1EYN1E;x6iYbNX;{@ z=4n@y$2~>%CQch5(09KuqB8(+kZx%!n88=mNT zbaMzCz$`5<0oerxpBA$Rk2c`EQ&pl{Wb}%uuTpSo&gvFRPf0{Y-@@J*mM%ACFjY7F zmVKo~3^A)HfQTFKhBua1S7Ot_AGkuL3V$ke_XXHn|~#n3fhwBtC|dMI-4CP@rcr`N z&<286lH|9#TxRb07o(X${@N-5NJKo?zL>qn^{~@JHI*398Sdawc2xR)5Cso^4cJ7* zNpCh2MGp_ZvNkOi=_TtWtoPEDX-m<8-z$;j!u;&Dzff54>2$p4CT57olwjC#N$qJv zBY3YS?GOL6)N!Tk>CJ8%y+O!gq)m_;|cNDlbSrt~eURG)KQ4s;sq$g46@&SUjr|#67aGKZqAw_p{>Zw+S!!-k! zpvr{vl=VMb2Luo%THL#$cx&v%A8WfET=L5sI&OL8JYjy_8v`W%j_J8jf_NFcHviDP zys2~0&Ps`Tlgxypi3&L7ra=P2JRrq$d2oR!^hTsFm`;EZ=%K4mrO7xAkv^>yFq zG|OC|YUK@SNdnlS7oLG_^+d3S#B($cG!D&;?UGHsM?(@Gsaw!g@jay==jHXV0 z+r_?P*-VDhXputk7pq_qo#|iFUUmpHKDQgDhwNhtl&rDbjwg4CCk@cZZIk2Ozj-@$ z?*ewCXqZc8TZOxPfWZp{f?O49b&XQr2yJJsrI)6A?-r1);4gI~ieNAYnc7m1Nupm( z%;9EH%=6#rd%iS!bZT(#Eue*`*E7f|C9??cR^F>WcelkhQw^SKv%PP8ch}+`=tDKk z>N-WK*E^LMyk^;S?Z>xvCc96;PHV>V6mj^uy3Xy$iyDfeKPz<*8LWHW8^r`3*Dl^O zEy*3yw)^|8fFCyD+-J?2@#8peoAV* zW$UvF6BJGgo_$_^&?X~E^}A+yzFO#QjS?sFUdza?iiTLK`WEvI=N8-cq@3N}O|&q9 zfozIpRQl}$hgHXA?J!x9c?M`q<7Yqn=Cn)OQoMsmR{Y==L! zAP2ZR`?-7Z6lB+la+bf;d~<1s03!%-F9b2@f5d{xKF$@X464dH!+#;zyn&)%Z}nY?LkfN_2w%`DF6K%WHr+lqB76yZ%ZXlYM~!t; z3b>1SqxOc*A(Z~%d>-akH4RdDISL6x&l^pF?)1iwVwD(Rn87r@}UcEddvoJ9jMe@c|-+h6f zHNCp>A&M^%lM^6^)Fvrr5Mx@?!&7`~*`_y}yxBZw$|lY{j;}dCIBeXo-OADR077DK zp{8ggJ%5BNdLlv9PAAPtf*d^P6&@_azd9I-$6iM2eg?Em+U3MI>0a}ZqO?oD z#=q#Nyw$tkA&~Xup8^G4h#f}{6!nP6fd401jSJySxY(xE{9WEqsHi`4`|{q@1|2?s;hTM{u@ zSjTK0a>O@1vd2*S*SG1ub3P*jA~5wgPE?+g$QAxoWnLybU@N53IVP@w8?V#g7SGu)pHp(oR4DrtQq32e5LSXi_LLqz%?*R<6Mr(NBBKW)~QRKoYe#f zx=7Ofs>3owO!Ij0qcOq=_CDv$@HnaA`}LgMZXLcfP~T%nCxsv z%(KE=T>%erfONmen{Kw7rOn&p&*Qa?%ONFh2qE5xvq4JAh5t`&ItHcW5Fe#@XY@p5 z%~vs{Y~JB(06HOG&-kC=t$Akk?_?$Mex?n`!Ju^OcC?~IV6+Ks)^?;9-H|*%JkfMh z)7Cdvl0djv#2Ka`m$xBQ2P)vP@bMwt$$SKVSG)nH1QDnmqgRf#$uht5GBS7iaxU|| z%-DvWo;KbEZ6d=$K`c^-QX@N?CHp@Gaydg1l2V0_!c z0q}15u3IE6i>e9|eO|%TA5kiIuz)M6f&cRG?ZVEexzoby#m9r0JzPAQpu`V+1- zqDoIRl8m-(9cnkC77et!mt>zPv?)$P6h$a!Nwa`7r0xB5c(+0~sV z<>9kqm2h^5@bMvF_m=Ho+mZ86-9X;w3<+l^BE( z@SqS-;*rJ+}9b-vQBgW<9x8ixI`H(>kcS!GgZ8Kf!Yll?4*^0Y?J8QGrg z?oSYR^qu2u#cM#ysQZOSUM=oqV2fA1>}6B%6&0(*oyKCCL0}jw)3bOOztKoc>$Ese zvMnk_d>oNKH`iN&j~I+I^cdk!?UR5&)8ce|FrNTz=q=zFgRNROzHL?h13xDEIKSJI zb@689two+PTtq!T24k{^o$>=a6vl#ger8J2t~Q_({7@A=Kd51TASa8=V}wkh?1U75 zkr}`iA#XpOz?6ZCLg=US<0^4R6SF2gRf(W4K?@Mbfr5rWvc-?1>l9^@bR^8Q_;>n# zsb|sD@!L6m^PZ7ju9C#htWkp_+>5^d=_I6nV(oMz$J0{)RRU(X|D(ZZ>vXC58*S$8 z;B~h#UpfB`!$RgW8JBXsJl$!vG81D|+R-aq_r1jIouD#-$8#chenr~~za1~7{d8@w zNw3(H;}ASZs*u*BV%v_D8Y>u6XlDD6XxrlLfnlxRKPZKwt?d8_U z#_2;L44Mb=Q(E014{xILzVBR-dy$&ME3s>S-S@sKU5)Knaixj3c;DLteK!wmg_)hV zg`(#lY858-<^PzQ`O-s$3v!@>>@Ct*OdZJ~Z;-^oUh7`LM7;?A=5O-Lq@5wXvJz+J zDtMm#@1Y%x^Y2%H?sdnDiIv^S=uH2vEg5@F{mz`EStjl|_sw1E7SwS9%oWeaA{JQ< zv{A3TIp4iO|1;e0v8?gDWue_&R(K~)-g8}k#vBG>63c?;Es%o{h2q&_U`q{ji;X^m>q#FkhFP*7^zKge1bo$YxB$uG*O0`dZTcC%WYW z0sg-z&q+()M}~xA_BxZ)?tGK4i+vyjyPa^^4+7b=I66|GXpy82+ToFgoTa3(GNh8V ztJ8Ah_c)_Y3FkM1#t$N`umX1Mtz9 z+-@)RZk3}ipA(D|c5HrV-!}sSr&J5sZ9Zt2WlgmT#WfKXwX^YQ@i#s!1+uN@X2me3 zRbF4rB<2J`%h@r2BxdajUMIJS%XNT)@Yn0?=yH57+ViVy3^>opa#7=jA2LYz04gA`x<^>iUue;?O>$69Qw*=3V3~oWdYVIH|)W`kl<4quKq5(eJIL8C~zvRqvdKn z_DB_A_RXJaeyuMnjxORdU=j>c<+?dNutl0xU*SJ~Cs(}V;wgiiV73nJKNVL@Dpd}} zc*V0(B$5anY^qypeTP~C^#Rt2S7d&%DRs=ta%@2cfwk`bg_~ti!ce3X106+>bQY7R zc?}yblXS~H32oiW@nVZ6Nr9xyv*!k^NNxoZbi++*WAoWhW`)v3w60Ba=Y`LpgEFmz z;!Vib6kXE%G5!C(f*)_-%*cP{E3@WW4wh=_ZI7tu5|0MZFF)f0u{9Nq7>@M;2x5pL zu?_Is!z+P10ia5co0yoVh6xrTgmLH(dFzTs*hc~*`OfvK<}uDa3yGP`GDDhV&yy>G zaeyS@2L6Gl2nPuJ)NvNDf*=>*RFezWJ&!+=Ij%ZH{>|i1p=~yWSRa5rlL8XSACZNh zlU6`F^#EO;BiV&{O(x&@qjPSsa(9rF;+6*Kw`C+01=*i*R`|iWYYqtAU zj_LZnE%u?C##$Uvu|^Bju&n~f=4SfeWI!GTY*;rE^yH%8DS31&FxY~B3}#F$P#*Ux zVm5#HI#Dpu(B%&|hW(|2y0VT;uM7?7q`_4C;xS47BrKbf4FuhUlx+(cvI?GVXo}E& z!ZbQPzHTz&a%GiZIGvO|x5S!3!#}X*Mn5-&$#v`we3i}W$jd^uyVM=AH8;4nb0V*X zmWX1y=pj29_;v|0lnacE!Ig0w;a!jEl>RC?o_acN>W0nnH4qEhj~O1dB;C4GQrh8B zZ9D_Y1iLyJOmHAzx2~T=Ffax#d^>#xyJVHJIdU4VE@IDLe?;r3_{kr+!YAL)pILB| zK#{t0E>lfR#GZ^|8TPQeWG$Wec6T**KP%7W4BJGjd&QRu9L4DpCz51_kTe_bfDu&G zks?ytPG6Dh-1#=EKfe`yr`6xdFMe80Tk?X^Qc56vbvH z%2B?z?JVBnCX{)`F~}U=1`83>1jhaRvug%K3;Q2Nrs_EBhSVLXQCcJGX|-=S_YTa# z{tq`I|DVTW-HG4yA!GyTw8Y43XBOk;QIW8aIqAvI_U4NY0*@Nrg(#o9E9c?Z-NZ*y z>%O9RYh;D@*0_suy^6idwg6h_soNudacGEtw_XTU4ukjc=MyGGaaVv?`8Y+)k(Cl? zZEF1DPtpxkvBcT_avydT>trpDgC{+#PqvNgJw@YPxk%QQi!0(*|x*|uMO5BSgBWzcc#2MNtOq-tL2 z;VH_ql3CS*#K*+hxqeBPvNog3wpWR|!#lD-h{mLX3_LPK{OOd_?XZ8H#cwtyIV0>R znfSC1w;(c<)ft^&x`nbUkXdsaI=O<>BIO4%A!WHwgvQ0d>ppziNK8xsEv>=LZ(|%e z$N&X2jN$(tM=5F_=LVc7cXwc!x520Ql5uC@)Y^HLdr^d_T*Wt<9;nt zILQozSTVd}?3eX@#?|zI?7Lrmc$aT!rSPBog3{3~YW)ulw+DQZgz@lcHM~%a(~0QX zp=}19M^~q!oJr;4eM2$og|0F!XMXp7UR@`Bcn}{G1uos`Oy76ZVe;uXYd3t(-qi*D z`t}1^s@`@RHGXtnt|ZlgAS-cula|EQIgB(I-w=VRd~w)+qf`FqQp#v+@SE`7bE-N< zJ3hbVsGgkwnm;4O)EhW0jCzSNuBFGu9(=ewJU0tl59X2)ZptdS4enI_D*P>ESbvO3@BI_I@u_LrV|wF>6LOWN-l}C|F4G;Vpub>nDPhF*;S{8b&lQ zkLvHF>KCeAGF_A;fARS^J_4pAn_Z|=G+=P3!?!f-Q%bw(BU*52(b0&WhxdGBg|b^A zQdnEp$N-TRa^0s@IW)HD)qS?rds?h}{ex$FEL4Q+vkGp?@yW*3?@<2CEVA3yVB)=Qb>4*g}#6gqL$eE1KTmg+~$loH|d)m0%o}EB4vvqQtFG=@Dw9z zH(3RZvi5xwawxu34UaTYEycW&O9@+Q3RmAQ6^SiA z&~BcupP*ptFQgTtS5f~p2~ozp#@;Sm;l%2FhAER*F7BQ%kapSXzO}ebv_rXiVK1Ag zykM+$w9oxBVwg~MOK9;WgiHQ#A_}Pj%y5h;US;nodL<@mJc|_qSJILmG2a${LM;rD zp;;fBC^+f0kS8ft5Y{*OO~$wPs_}5i6E%9(D-!@8;u}Y95tt#`Gon9NUAQDUg zbR!L>H+M~3KG5e`3*O)=+{#6179_lB41YFwPNA)h|IFe1Ml&(KW9}S@x2O#9k-Y?! z8r~=T;%Y{=Q`u8__xUgH)Tf47lU;yP zTu}(XE0m9A-u*Axhc$h{JIk2m@c&$z@an#vh zYiirtAD#CVWmUdcA|YJo8@ZTVF4k;TtJv^=3~Gh?{SeV$_#o>hls zY4Y^)QRpXQ;c6eIRgG%STPbS{vg!xv4M8B#2k-|014@iAtwIDH{^HkK(CcY^oGzWs zuZy$wvWF>a>>AGJBRKnlq=0MG;|_?p^$a+ zUkLRH{rVg)aNjal>Ttajb`T}1o%Ha+cjqy++t8P#p~-jNg#PgT6a0r~qGO)N%xpjs zeV0Vt%b)gwH&?{|yev*Xq;MZXHQju)?@Nxw`^|@EGue&p$$D|cp6!^M(nfR{)4VTm zl3+!^p0#l3HZrv3^T1Z;LZT7C3Ew6(!)0j=NE_0Yop(9kWaeN0}UEkpR>eEYu; z1~6?_38x#-eE#B9oPfB9Uyw+jW|FrZB=e$YlJZ~rz$gnDw2xpQJL0W;#Y+~w6gGjC zu!|7h)|V}jz_0fjBK-g-7QeM8s$+UodSOH>qDCL&0y% zzz0PEGG2pYrc3cUZIqD9r+e|OXInA3Efzb3;dtRJfe0ExW@^%6soE?Hq$qShfWk7rz64x zn8*?OKML+25c4&-b38JZ)q8o#R-u!_&>p*eKXSU#vf2N-c!TV7UW>;WE=WFs)OPc% zli4MgzT$1e9q-q(JDWqZy=!VxJKYqKz*Fl60k+&+EC+?uP zc5da@{#jg_eMY6lhj;Q4N*-JMqs%A#FQi=osSO$#_dufJ4CufNK?g?R_g{z)|7sCi zENT0fZs2y82fy9R8Hr!0g~TpjLw_KXU&dDRg-G!MIcA2|4~uJs59G`{FBjOq&v{WU zts)@a2D65!L-|LFdjlN+J7;Z3_yG6Bo5D?DRmCSm{OZqr2?2l~j&HdDy5?9yAW+*8akJk7402;ci%b0xxfZ2MAJ=i(#l4A!!iFOqI3E(Gt)$Gkl-q)r7bzgsA85Q{v zS*QNn7afOR=>kP{nwEp7H)Ln=ChX*S{MYV2v&6UpcF^1&P$a zL+!~3Entrk;SKX~%51!#h(IkC;njb~rW4Z!nI&07F_UzG?t5x7zLXLA4uandJaS`pky8}AT ziYpcsru|bTlbzRITow(p^eFzob=9ktM*_SB3o!%zfl+ALy838)$_qR*soabC)xEDt z^gaeJ+5H$FY=igh2p?mUmeuLr*_bvcP|UbrXYYDvvGPq+|2do`YjBTQ-!D5fP)TtL z|9LZkca3v)$we!%BZARF^dHS18Z#z%hJ%CohMZGa-+k0BowTONHG*-u|99ek;y*{K zXP1?AlvtEGpXep}8%(jPHg)qEVmACX7;svGIRCjkE zG0CB{Xl811GXM78uV;yE87K%Syc5ugxbWNlLs5X5RKs5_aY5oV|JtVO#S4A+3)0` zjZcP?oS$1xUMLXAwDfn}v=j$#)&3)OBs)nBMR7jch|8~Qj5f6iH$v-2eY6&Wiuj!2 zor{>R$42l~O~h^>y>jOr@0u7J8Jl-{iG0Kf%EX3lUMP^2>8|xORC46wB4=oklj(tY zH$6PtiZ;_jDrV6M?f);4N*?$v~wfIr(b>}*Z9@vM`Aoo_9`C`>-#cvX9uJ2kiz1{0~? z>s$$=BHApsZ?j&DS9;AI4}VokG+a+q#rZSC_=QA#q;wac9Sm2rNmdUl8%gxQ zgV^Uu*3L`*xIn0k9ghd zWO-|>7SvjSg3%GLlTk(v=Q0(RrxJK?JZ_NkfrC1zAig;>TN58>FUCi%oW~C~TG`-5 z4f+NL#@Sy~e?{mSS}HK2GAkDU0INJjMUweMC!maANoR}vZTyy1B&E}I?fXq+yrj)ia8_2Q?8@O^vk`9H3s(tRXOh90wQ$5H3pb(-2fFO zf86xoNSmO|^A9!-9|-pQu?0ai$;qoI&%{0bJN7gLY&1Y%w^4h#ktWMUxhf9+1#4_# zZ<091Z#?3^a;|}+VO8f4ybfID`KM@@f+T|wa z3dU*K(M|k>-H9g6+S)h!<#KAAnu0zb+RTsz7a+X?M-X}qUM-Rz=&9%Nu2Hy%j`Y&f z=FfQw`FE#hVK)=I`LD-*Q67W}6_sK4%}5i`VkfsuS4~nI3*nO%55zK97dP+HGFGPi z(izRxsixX@KAlFglK+`Ma{hT2s9f|Fk zaalKM)-{Fy#B}hnARP-G)9O6P1;$Z}DRKRNz1Lz@5f`GBX;#5_+5Fg24eGOfqN525y11p z#7+$@BA-|cvDTzyeLuJK)T=S}aWuoF5RZGZZ5aDwv?AmB9ODnrgkap9Vsux*nk8|=x|8F>EHz8OokEz&4`%L zCL1ffMo#tDiG?eXiA>T-xdP^kp`ppQ{(4drKrZbCa3HSusYbk{H}gk_eTnN8)Q_7{ z!l*rts|!a#{>9TLP$c^}QhI@p)1l@1*YJ^pj?}ImHAWWy4`)1b5)xX)Z#;d2a?3*_ z4(ZFA{EEze&z&V*DR|je_r}C|;JZkFJyiX}yTti~n>6^TK-=xeUXjRjuXoWU%3jT= zv%Gl%+ltZC0=q?b=+-??3mh?HVZSby!cVdYF4c8)E^_Sq zT^RA*=t6Vs3M{X9J$s6;W4b#EcA7ck zvc@vsYlnOhZ5knV<6HEkh>wfWUJirD$7tM%w4?V4H`x%+W2lzBaj;JmOS$<(^NQC~ zWtiPXdz$)>SgAmqCHXtUU#_M{px(R%93Bo?+OSN>C-arqsJ&h(W1FA5Ge4}Hy@iIZ zcMZ76TJ>7qK#H#ve1iCEo4Iz0fpT^NS6i23q|Ghut(W(BgyCJahe)t)j-WVtYDlIN zc^)WlX}aLM_sOBayXx7gG{SqM3a@S2F;ACDFmFoQU!LC4dY=9)&07DVw6uYe_-P4$ zAC&MiNHt)jXI^k}w(~@4&%4!?77koF2GH@vS}gM)c=7r%DX0d%8-bCii|7x75@Uxv z|FfPq<1Gq~P$QPP$< zPto_s5v9$>U>aa>F=xB+!&`+<&{-+_DQ%o^isu!hSF_-tqE?#Nl?T$XA+fO7-M2Vd6QDoC}ewI1ej*G<3E~du4aNt&> zVz+6dxhG9CGZF+_p4oRJM*v*5|AoyN7o3S<6@q>w=P|1KN5aCy8ACg zV&F)y$;~I@&DM0TXPkTHYs{b)JhDZyrXkwC$r!^H8(Qf1*IWY%D|&fupPv;JqYnu2 zOsgjx#H%BFrlkrs!m5o8ezF%uwwPha{t)Qkuh%&YMUJf?3T|T>w<1US^Rrx|_oQ8x6D_iezKkC(ap98_&pxCE?2S zC^bW(H99)b7x32|XfyQ>gFk7c{x({Xgu7}Dhs{;+&F*t-^hHv;N!R$RgvHPJF~Rfi zDt!RKj(wLPivJZLP5poM_g}I7E|P8YXT*@&$m>~yt-)3!(I0Vhk9b!>j&f3e2;#|I z9jIar&V(%R1P{ucXDMzX$uUM4f*!8gdx3pG=m<1Bp-g-NwVZKef~YgEBB$|Y*cDq$Pnk}2 zkvd%^9!o2Fv(#}2(O^FLOnjT?BB#&emBPO{PABJ2zh%_mu4A}<4;F01`cmy`I^_7$ z#}?7!FHLaFH04=_cFoW2(h_H9{M~j}@kr`5j;I+_lE1%jH2DD`kOfFKzO8-T`Xm4p z6wTEY18yUE-2&05PezHuXy3Rza4_hpWycaWUWpo}ho6s}IJrio)IOVm=d0wU>)rx0 z8>?>r*0+O*b(DMZ2V(rbAL&g5392?OHRU8)QvElqS6pkkDg}0x+e)#Z0IPX87Y+Gq zN{DZTvm%P|_wz9J%tk|wNPdqhjU`E^!a~EAfZwtQ-LHy?t_ut?FliEt=6KDji0H-! z`@m5Vay+pjD91gnVW`G^z8Z@{s<3q)zxp;~G6w#jL%jVWOZBTSFV$eTIAmXX_;-JkGyFBI)Ft@8S|&fSg!8gw<)Z$6F|Dnu0^WJ#I3K1lk8AEcDj zr^0XLIp=C74hC#_Za+gZkk8|>bV$`vuWd#RD^~|gUgZj{NgjJmf zYEjVqI-uoKZHke=oi){sg>b!|1D@YBet7uCI^oi@ z?)0sqkNpL+Mr&+IbNm`&@A^+?CqBP*K-3mmjy`z-+B(mIkngToKe?XX$1eKfb=*zs zKPCoV!kg7pgFYMLzd#Bsa5-Gb?#$*Sr-OhEAp>9+J90_Y4>2Mf9%~@8XmfgPkTMVn zrb)8JdXp5YX9g_x*SeMm)slpx(w`X1K9#mRW4#MXmMVK-autb|CMgWX?Hwe;$3~qu zDsFdr{P^-kT%YQB&|L`T`Edf$xNM&CsAW{@lF9y7pDFZxr>FQksG;&XQ83^b36f}f zb|i@y*JWCJ>X5WrXYf>KM@3?2>575ulAD{V``9i<^Ee~mA~~X!_vV-vhDqBNZ39SU z=lH&hf{Dfz0{adr?(b$?fCH%@4*ARvKWpLB^xzBBvFI#+17Zv^3AvpBfl#$#tdHZ6 z`ekbtu%EllYWhu070yy+$i}FD-Y42bJ))lCk9g4yZ+&w1Z1d4Q#GJy*&DT?sz^?M{ z`vQlik83_>atB8@llP?70;}xWN&{PYuaDJWnFd}ZX}xm7*9JEYv}JKOxInsE#X~dE z?^k}mx(WF&xpeWXq$WqHAyCPN~d|64dF%21|-rv>O5`= zWM)F#6hm54j!{UhlC@2|ACKYFug!IJjM|L#2|ar6>z%|`&fFx(0Htr{sV!jXURT<} ztlyJLw={!VmLV2K`U#_{cMC)x>Y)3MVx7KffF2xH6U#Mpq_iKKIgWlaZ~}iHChgoa zD3NLH@AxNVr3-zt0j=?wbfs)Wy>s%o@h8^#hiz#9knPx*DP!qs6ZfFfMy6yvi^& ziktgHTyL8&@Es#+`1!nc;gs<)3LnmK*$OZ_ky`uNMX~;gc`X)pA~056G(C4X_apt* zbLuCH7f}bxLGrhkT5ghG!a2xL<6+UVr_+9uA>AU;#*c*0a&*fGx}&EC88j&*UNMr8 z66wi0_n`&AdOHoL0xK1pzc|j*ZNZJ3(feBFnx^*oAL?XKYAit-i#wZOU<6}48Q^0K zT!~8qw5m{w@HD7GO`lbfsmc&H{yeRXH~8tIIBou<+U@K6=tBA+;MkSWIRBld zgZ<#~JwAHMRT6zco>@&PMdO0nJ*ozp0nYmp!<$w^dSjl-z-+r+0{IZ6(#ye5Xyb{P zLPaVv^8s!Reg_!p+6-Jmvt$ECxC2} z8*^$lG8IVva+II?!(Eoz#$$9FmLN78%|&^P(-CePWXNUVp4P9W4E!Wau97{LiyWsEhP@oaMk>kEjJ|KlF);oHwc~bH zM|kQ)hQc)tGh7%tyLw2w)HD&mTX!E-#c)&S)Agqdi<|s?d}2y|7;Z`|6xF1ChBUwy z>E)GlpT1x-iJQ?w1{l>KI8O-rz)^6IZiU%=c6I#E_XVnkIVoEiZhDOzhS*I&iQw(` zWY&=^d}&9uC~aDM3zkWh99NIAB?D^(6H;n0&IqaCK6N!QsqK$CNynRzV?of6V)K})jr=e*TPmEArdAp7UAM-ouM5x zt#Ns!|5pf0E%DqMY4jsy%1czn?w>ijJ>K zuB)FTUi7&xO@#J=&U)h7X`zcUTy+Mio2SW}|Mz|nY@1v}D`RpLaM{N|VgmZZ|pE zib$Z>JkIT%Ve}h@uEvi<-(px*rc*(BgPt?gppG0?;4pp|`~AMS!|J_9m%}d0H-=lq z6@QwA$vv?$sdA%~u^Q0($_on@Ze`B&?Z`V>wkhA1 zOE~M<>F=!tAPyvw%z`1G8sN{&@ivuD!ESMv&&sP>-Gs1TRfrk=X4UdACe060-^yRv6 z*$cPNM)A~}S*Kd{_WqWG2&a-o@y!9F_=0fS7K|_R%9D_BYagwWM2+jkw=N}kFf6#K zo&yq;hlQB%z*kBv>q3Mp6_!%+)m0Vh{NQk!w}l_Z{kn5cOP)Iu9h$=$L1gPVoUQB3 zzSK=$>bEp&E?E7e`ctapTV+fY@QRX@V8nu$jV$kS@cMWocv9R@%3>aym{1Mx8_TUzoUy*$!7;p^8DW;vo~2*>k9&lx}po1*9*XCn1V$$yN0 z?#gf8(-M8SwADRr4dfG(6=t+f3+S3EqQnAUB#ethJ=CFiwPm!!;FeGdYhHD@!E5U_ zK|_10sBO6Re@c8DDXo+9e{lEJQBl7An?ooPf}(T^gCHs0rP7kpHAqNz*9;-uAfTvp z*GP9shk$?#-O@2bjxfx3AK!Q1J!jAEp8aQk|Lh+g&r#3qGtcnc&vjp)D~?wCWgo{} zIDT)uPVcYeto@)HD{iDMM@=#t5gOELSyyHICJ|M*UwQho5){ml|o1 zy2oZyegDax9pD;!+pgZPDxpS(xwzVa7 zLnPZEq1&@L3^%0*?0p2pPo5yv%+Ronwhq@m(G2is{l-{2eS1+C8@3o`D>@}=@rj0D zG612uZouc``lr!x+BvFSQ|vVvJ{j!5QbSfbpI&@<_{CeA>t~lOUl<_z03uF|5z&0y z<|@wjzi2Jgi9PvBUt@Wf{~L+Lh44AW-{!P;6zSwMERFsls^ymdmAupxe zep{r65&;2&--LV!S(O9buFNkRch@%8&vZ&{Gy{r)kWa0du@|?B*p16GqpsBL^|4gh z>|Sn7DZJ2gdV@(=Eme&0r^WtRU)qGe*-4|g(kcBFa&tw17z^3V>&_+hxw+v029@>CI?2&@gdf^UR+;%2OQ5-Px`W!m&cl@Bs%lJ zr!6VV)lA%dTWJ$z@G_X?S5Ms;!0$WKt?LXNf4BvaY?Hk&LDUJ*70R_!sL7X#CTKm?~1A~ldh=VJoWz#5FjS<7p zhpTc%=JH$uQ8P=>$M9lD1xXg;%^(ALdOH2Or8!JJuTeQg@L3N&{R1)9$2eUI(6^?3 zQHEItsp=+L_GWQ{pEJQ}Gih1ZgO|?{-s*39JD=3ez>j&W4ojjJD<|3q+r=#ickoNa z_P%8AFf%Cvb8L`-G>WXZq`#AJR_JjvE%TuVWZbcqN%;Mb#=IOvpXc(i9{EXgQ zzpPoGtJa@2>C@!ZH|rKquH|5z`~bSP?eI?Dfz*rCl-kJ>NGX-tU1{0}r1aCOGm3Jg z+HE>94mv&`+OlQE#{+D@FyItO{=^60No7d&9 zwTBo*2(yb|UUv^kOJdPoH-QEK#a;y%EbwK~h(%bfOGD`agfOMSWY}e8_R_>I`%O#6 z^U@bPWdob>m)*OdT(Wxrr)`ef!C>ql=tt~-Q`sFF(1I|s!+${TYrZqi<7HAgj%P1& zp4qIxfA3Vwn7RzEo9_TmK0xM^v~5oOK~HueIW>XoNF59f(g}-)4lJ=V$mCx#du6U- z&L2T?XjpoICpHmqbTBOIpbn6pN@xWbZ>BF#VVx#LTe}j8mE}v`fcU>H-!AP}oA6NH z&L?OhGdhjd*aZ~3+Q<0rLm#bPd)8#q<7Qb^4Di{Oe|7D00l7?}WLV*=iNl@pRY%C( zAo0NRrD1QMVWD?Mq=x0{EWDaQoT1qzz>xU|3^|$&h`n;Y5(5}L=U++fOhi)b?4g}Z zc36h2-!8>9ylk7zh;5)<6oY}A9h55+`rjS3a>i9eY#H^xM-5+ zNuBcq{KrT&RY2+fm$h@a7X0pQjc}EcGTOIfu-IJPp(*o#1gpJZhAU_#t;9(NWSnp2 z{Jn+=Q3)#S9pGd*aBxV5yUYF^OZxL%PLiGBQ`VQ4D%M17)+5unyo^ZWmn$8arSZ zc%fPil6^jYZybyYIJEU+cT#_UKD=~c6W63cYo4sX!17ALMJz690$Bv?4}9q zcD!-GD{@*jOs(o6EBNkPkFC(9OSyN2R6mg3ECgN`AQEh82Wo_w6irtNN%|fbMEgs=AnI6 zr*z&3%o!^{{xdj=8J#hu836kji_P2Z*4DC^q&u^~b+dT$||lE0NV=43ZY82VWmRtIDK zl3a76!pm=;{h3?2L#j7=!a@GS1N>-2J1`BWvcAvMsi}?^e@a1cXuo5m zOpfqx8PR{ecn4>lsb03n?9GNuQ;EYhX@Sk18Ol}b47%?l5qN@;`g&GhYN%PKb0B!ad|EY z4X*(NZ@O8wko#{0ABOgY{1S5Z7}c6OId+Eg{5D8b@J#mH^<$0?Bf}>r1MsLuDLhHm z`M#r;Cd2N6vDsMT!@UZRZ(MJKW;68OZI*rK*Z~{|o*RrLz>dzx2Rf8WR+n2Vyu045zlx5Y~v+C1VDe2%cg3=*^{W~CN$WI6kbSi7M z$QP9ai4ELa;4)BVR^Q@we~-_Bw;Xew_69pfJ6`0B%6!!rdFdT?_9JpbdaE*;#Rn9A zoQr*ovoA{lt}2 zO6C?^u>z0sSOO48mRv;~oVC|w!{e#jgdQw5><<>J>q_)He#@7h%*}g{92lu3Pk+Hc zI7Hx$V!yOUF}7?b*cwb;ID_Z+sRYc9+WlEmXcf6fBNXv*{lqa`d1x}^BV#0ALM8;b zG6~JPzF~Y3MWq!}3bwd%z*-F2k*=8lkUNe7)IA6?>&^3W!#5V((UEP$I%6A3=oyg! zwo$v?;GeKyt%mIDw?6A^!kCHCu}jIVSvb|&WN98+rLw?p1AYjm7LfX6tgi z(S`8QYF)|qgqQ0Hk@eo64@@eSRW?S9kNF2`P6o$%RM^MFH{*#eX@S1U)kpTv;C`<9 zKYyp^C27@X{4CT?4SU6@%vc~?1YE9}>|xoaykN99jI>@palpS=N6AtydhN#g))6q> z+U7(wb&=GoYe*Yo7moh{X{9qNG%i`jKV8ce1Q~vvmm<@cmudK)$seFJTL+ngVQ0ko zg^}Qej$B25e#(_xomk7ORIG(}sP3(|BU`Un1KMO1_ z*^DBUSjDNOCJDx6ks~Xj0H%aT0zOt27*-IX8bpdDStSi3rcChlXINewM+mmdMgN-P z;B46ndF&xKk-G=UhB>tYcq^vsqz>Ya9hPX!E5|&A97(pgBorNHOwyQmg5|Z!cgpbG z2Leb)Lx@0^SsZYl+u{bUWv;c^CYi6EJoV$2?}ur6o%|^bZI{SpX+am9>sUebQ`cxl z-1f;M-hzf!TcbRG`8hKUIVTUCy<}2pfPg=^u^B#a7rn&@UjfOtWh?t#chBt`=sxk< zBosxMzf65dUtS#?f*T@*hoyM~Fg52C$W<)9CIHAB_hAu?k6iJBWT&Jg*@jv(e$Wqd z#&b!wNm|WOG6xbJ*a15OSD&ook*(I048@C9=b6UuH`<9)YXffPtn}4yq~+MC#P-E@ zm6;h=6`(*&{|*-V6o||G5iE$J>JI?$bgk`sxXmx#tWzw?nYV=RW;h>G|JJBA=RzfI zW;4~p1Lxwaf9Bvx6cvoT{fTRdeN(dW%ED6I$Ap2Pra!9bmN=}D?97bmNP&h~qyNtJGsBon?n>flVUo}KCDK*r!X58cBQ(Xc( z*Q-+aasb5?^Z}uO+vuf18g{aa7!G~9YwRSUciT~P`~C+D&kzvd-AzKw!KOT*L@?c{ z)Kjx+Hpnu}Ft)${l8Zb39%~+uLavUSz24D9`>w~`{K*Pzs}fkSFLJ3qBF|vo2dLW* zo4^D2ZYnp^5P3SFyfi8_CU-1%8mZX`G}#XDg&CMXM=HIqPk5vo#??g%L^Na_Qm9N@ z+o@6Dm)%aXf)bUl;BLTk%Nu^Fi%QAnm#JBwdH;=cSZHhn_|dea5j#q`00e`yoy6wo z>F+X+riFM^SGeG0-<^|JTy#GXDHf*YMY}FP+e=grOaR2d&JI_X0k#odHzqA_>)HZ8 zvB!|&Cs4<|3q*A^?@fHmC4IVh`34nd+Q-|FM5g3oO2{Z)?4vgUein`EzQ`(*-`W53 z(BSoyQzfg%o+GYY<+34X#4x7fj1=*vtG+dId-ighF4|OuK8A~n6)#yHfDS*PpV0c- zj;kbgR|cBfrkb`SwKAZkv5>UEmfZWQ9Pkfa&R>nO#3%RdCzpRPr1kUkzDS6$$04HL zECVIWlmHT?s{AfKuOGH=riFH-w2{&YhEfp&dUXH)oLYOkM>m0hpkT>yEuam(Xdgo#t{j7iDf zaQS_3q;#%2kdQKVOBUMx`P<(o(Jik)J8c?_`m(l(f7@^&Ig6@}E28@Zt4q@~NpB(` z+^$b83-T4y65m@agW~`=E3n`o!#FbCTe#||Jug2?r1#n0b$pn_U$}Uwd2}DC_6D6) zy|*wPUOKfJH_C9AxjldY%0icsGkpvTad`wfb|DqJb zH6%m7PZa=3@*=L1*-#6N=!kih@`YaT&f9b5WTiZyYw7xLl&KH;3`u2x+KJDEATLYa zKGGx~^t^v2fzJWbiJ+)UnW48xERphr-3LZ0IS=fh;y)XL1NEmm`%6rVRuR)dVbv3?DV-(uO?;YXm>WKiI{5=RJJs=$ zVPvP$a=Bzbv$)n)7n-!&+tAaM3#Ln>JPoPx4E3*}hUvKpa~xOiz_V1{_Z81H&>idW zZ%d=Dm!At8KPt|Vzv^>QWa#M@lkWbzj30XbM*1LI5OuK=EhSsFSJNL5{Vw*;GLb~7 zW~QZxJQ11Lj?tcM{2`=UT2%O7PW|xcxBO*~ z)JvCFF!r-Y$1dOuI(`z7-NESO@9{4ZR|WYo4oQd0FkdTFQtz;>JNTLRvoN%|Er8W^RUPYRpy@SHRbgMHyFQZ9F=?#@^kfasC_tn}7DkS3P_ z2q}im1HK22*TtW}BAiDg`s%E8ZO=46d+^?+&K4Z!+KVUpcXiJ1zY1^jE;yiSo(+<& zu!mXAymKs8+esB?O_|HkuA!zF9+F~oPZaQh-VFlHNKPVT>vrz7WD$2vPv3W2H(o!tj?DkBN$i!4;nu z<*5q!D_hI4X5F_TDm@db`&bZ$a8?S?1z)T_*w-g-HTmegUSsRFh(&pfG|(3#G=+3TzsgOEl= zF@aI%hk93%*6gQuJK2E36Ll$?O&;JF;A!sXsuOt$9{gDDhI;gc;LXSm0X(ldtcxE* zw~=7bbA8)clV{q{vBkb$%jflWS<@X-z=(rVFNw#n6(7tJ*K#$73k5b&=M+4VM#?jE z5rKBOKB7Obi(x$1%uIS~ml{et6cz=lj}jBB3lldz;*(yVS7*1cUdGRyc)`LM!R=GW zHVtjMk-{0Qk$V1{iakf^@BW6t1Z~5BjD4~{v1m_#o&)&OP2uyd9zGn|UN~-VfvGvq z^5zIal$`lHAvFi*r>#<=yBdTCpxEC z%oH>Xdd+)<9f2cW4;8VaVJYid zbyvV)INzGEoY|WoL2MH9B=$thu;i5(IkS>;$s#k;_Ympp_BJ3=($*Wr_kFf8z~)e- zHR1!-OV(~E_H{xfb%^q2vYb@B?+^yNB!5SPe`wI*mK7}z^DYm1j_kk8lUy>Jc>8FS zJBs@#vG7U==kyR#TarK$%LbgXYEnf7CL|w7CQIezj2R$SD1UAuuOjQKXlcxWf(gSa zeI;t%hqz(xOB?kE+pCMVIvs!|J*v|A*d})TbOTb~mk^O@@glE7jvbg)Fn$k_NzL!# ze)4H8OFY*%(Qr;eLWD+H9RJ}YV$ZcVa4|t`eJA1sUSwZ=>{Ve@oZi}2&uNr2lWK>T z4}Wr-4}ENo(U=wrFNByZ?9)09*SIv@D^wA28P-x}wcHF}=?DPC@*@+MdMHn`?xxo9 zaE2Oh@^*pO$7MMm%RhEo#jlYI?n@x%0@PFOTlK!izn);Ie1==+{X`d}*+tn_CiT@7n(g{tW*}xwHtbG_xt-}elSe9jaS5n<2ucTKegUUj$0F=VCzrG0l0)l2 z6hln1|A{j*WY77iWUW_1T#|vZ!l_q z055MN&&62Rh|0-RVE#S4LM=wAg>}GXTwVAz&bHBgl#FhX44pDfI zmH^oc!r}3|qP>v$0$sp8n{fWs)@=5$uzq^Sq$qYw+#mdc28TQM&Jg~E7&Y~{(u^)( zdhenI2#w{J16c7E6lGkc@#5#cc+;0Ybich68@CZyKh1@Yc~Zh(-W57cHa zIvfT}oMklYxqU)Mhna73GeCDHz^8tLK|rZYF4J zrwSCq8R97>xC*CVzbUyVlda1!!36KnC(9J4n2NqA+4Y2ELzqsg;hlWwk1M7sqA5O; z3LSN|!m^x6a?;WVu9v!9tqo{IzKO{M*yqaLouSWR&PdN9rTgtF$zOK!>hp8+Lb9^l z=hF9NUqZez(F+rIyac+tv#z&|78qUx`n33R!0X$Lx%-0!Jpxn^ZoFVBr zw4)ZC{;jsWmzCr1YO$d6t{4DTmQ?#K8qNwi`)bA_w3`F#D7M#Gq~eVR^xO>G#V*%& zXru|c;UNgX@0E!G(~j5JdtD;yeUS5!%ynUe9^Do=UqIsQ;?zBVayEr;XY){yemKmX z`-HO06W?Z0(n`fhTPYU=y5qB2D}DQ`tN%t#&GC~}V{6k#(^quAGaUqZfjr$JknidP z*t=j8BUCZGe2@0>D?`!6=rVrW3RuyHd-SvnA6J8{n5!IMMtQHg8M$-JW`zUQT6FM8 z9vU69Zr}8e;!NU%NC&t4aosrj{p$+gH7Ha9rP7A7zV>lWiKyl)kCaP?fN+k?<8ByM zO?yyAM=aT|8k=iB{CHs1FtS$0+9}`;0NTr2V8+M9<_Ett{dJ5{DqY%>VV+iqKNG6q zne$G6$uQ?!u7sbGf}rUhC&&fz_3)3e^o|ROHRb!Wh|D)8!KoZaf;C#Tb(GvVC#HT~EX9f5**~BoV7d!# z17=Cz#vs=$0U&hs|ILfhxo{iLYm>9Ce(up?9j>1t)`O)u&37W}|A-Yv@dTIMP{4+H ze{~%S@?oRHLS#a!Z8r?wZ=eQ4FI-6{+%880X(K*?*cceh2nkA;DpCd%6RQ;}?Qcs@p$xGf z8I}SOn)|b`ohp-$%XCS#fN=Xc-aUyU9J%4GFWG{jf5uh7sUGUVg6qz%x{$fWzPkG_ zc78OrnJ7cXBn#e;x)cjbXOi|ZzMmwR#X7+J?f+~F|1tCzmv-DskTjVYJai1^=xQNX z^5J=i=}mt>68Ag&c8Q#S*Byw-@sGRxjoJGHA6dD$8a!+X_6$baDy5$KvwNl5r58FS zS3Dug&F&^40$r4Iz#rdMpBz_0ABxpAXW+O8J|_R;WDsOynl3Yl$Jzl3RQlMp0vT`S zO8~-5qWW_1zA{R#)-1nt%k-K0HU_n<;H9^cRBiLxqGxmu|1+NkQT5yGqpk0%0hG12 z!HRoDZ8Nmv8!w+Mb8{k|Xea4_5@b(Om@iuE!o z1sUvQt3%_1NV-~Qu;l1>2U^)c{SMFFKh~CGbC!2i4!VIXfaKc`L0Zb=9r>ZFjIKa> z2E+g@`!eeL%HyeeWp@9(>7%J7HD*xf&-gE1Kb-y!psS94b%lAU+3~U^5`P|eq?i!O ztT%LjA7=+R%DwWBxxK&~jCRUm_%b(KLf_ucC}2pqeLtWaKk{0K3q&mw%IgQqf>NNf%q*AkijJtjKq!urg)PVj zK8h~%D^g+cNqqGr{li)r!#$aX^Qfa|Rr{Gtgq;+XSJSQg#%?X`cgA_a4;GUr_T_zL z6F|YRf8F6CZqP6@nK9;Dq&@Q|wul9B?Qqt-C+VR8vWVIPsWZneMY_JpbRC-{Ky+Hd{9zK_P(u?kBXyR%)YJ`{)hiU zQR#mKtA0^OcaSc!(ZbVJrV@!UGO1FTR7EB_M;l;Q=zT5KR z@RQv#mQ)zXakFbt|MYh!%kHJKRPisN!cT9xeYonU?^;M$M`-7~HD_9vY>VT2v}YjV zspjg=Fk=IbiLJ%-<^chFfq$E6LNI}7u$1@4XJ?PaKFU_>BT$$joM2>;><)i8MoIj# zTCmK6+WEE29zoP;g|!4j2hA^<+62EGncD0K|(y+sZY4K z#c}!RCJSsdOV`}x823<7YaoC`!UT5vf^@xT(oVH6qW_+<2eS7==8=BkgS3ftHXCtVk7t;U z$nNZ8_IFM!!US6Ap{AR{1xU3uF=SMtGv=l5hNQZ}p*H5D(}0Yv;tSI+sD{raLBV7b zvP{R-yq(X{xyzc|16+--EP3XnEm-wfH_eYk%LzORv@>djb zqTFcYcbXsL9Lkc*zKerD^qbb5tq+FYW1e~HSQ5L>GL|aN7Q)qInk{*j=$=-Ew7Lw= z>FyK`?~`b3pjgU?-dLft8wndPBJ@}etLdiRq5tbR<^csY0JC)u+QEc|VB^7leG&J4 zDl(r*bNF}?E2YIfR<2a{K~3|9NemI1vXclEia2gpa4b`EexyVq;@Hhgl)9BRAQ&Qf zwMnqe6rY(XnnTfUdgVDPsZ_rFB2tN4k6d3*J39mfV*Is;9YXj%53;NaquEmC?A8x#)*F1Sz&Qx1+A2i`%kPiY4Cfn=5iFlRvnt32?Vn&;e23hZxO{ z29-h+d#`y$<#2||k-hqq$&|D|S)hH4`VAMv{NU=!*dY2Sb;Li*aCVzgfWs=48cu+p zt>C+g1HJbHIc+*49Q;y0@%lK>%AQu9Mpu`+vTrBVBQ9|{;PMifcfbMhoU`j6wgrRR zNWhc+^ATc_;{S|Exh6ZwFx;~;Yz`9?DK}3)xxl7e3w89QDU?wB=jU6OLj-uP_)UUf z5tIt|xLX-*#ygpAgL3p6phYfpgU-8ILdV|cP@t+zWvk9J-an}M;~(9a(h3E{e0ZoHcpY#EA19*$N<1^e<2qaNmWs-^Zp%SWqi6=yieK#f{1#jh3;*@( zq4kSIJT4LnR_3Ia=2WPt%YdKl`lV7um#}@rIY`b7yynJSO?7@-d zTm@Fe2f+7lKf%sl0YOlpJyS$q5|IgdwMU{Ps`{9%Ar?jTNGVJ^<=4#G1>Fa0Uz#oN z>JMIkzp04N#p@qXnEBJ}fejP?OL?YGk0_ks?zG>A4)vmC`X&iN09h-)DIhF7%EKyQ z9Outr;XWBKJXZ|qLa(yx#6nT07B1mS)-vteiDf{RF5n@+kA!VPRL~}RGjA?MP*P#n zTPm(Wjgw6uJ?YhXnmJ0O0KO1bZ--lg5oDOSC2eKef(>-!kFNcw#oW*AE~{uy)lm4^ zu162Ll;tM{KB~c?*517vphfTjxJq_M z*twwnDw-4^S0PFm4y2_YLH7bQq)FWe>Eh4Eit{z*-Ga1$--Iv%&}X`>(zFv(_3_~? z*`2P^5vWjZKO4G3G0D^^+ZN^t^yxN|d787`K+KkmF|1t9Qr}`uHew+>u_rI8Rlj)C z;3YYLPMOf}By+AAykv&}79&ux3#l>v2F+E3rd-wg#H5~ffux#=o~9656}J?hSH1k_g>HCCQ-#%K4);mr|&kSA#CWmjyZvnUoL z9RN7Wu*4<~t9Q@gct-nmir3cp8^kSI4^FXXKED|r|Br>?Yru(=83x>jF5otFUHv}T zJGr|n(n*Yr{G8wKF=f1myx0EcTT#nac5kX5)_ZcJ6M9?kQWCyCp8i-+h2C>tHMP73 zSK(m`PSn2$3C6u!cnNIc7JiF`py0CT3*?4ubSG6~lSICK+PwOXl29){J*H3;`jxB- z8f-8Hqi-+)%*nQ{Q9RPW`x1OgU5J%6zed-J!U73qLpYUg_)Y6$$r8L?6o&Yeu_L!T zayFuR?Ap!N_(;((&0p3HpXC$YHfDH{*5)d_Y$u^#mmj*?%$6Y|Ac&8>9Q!0i|vVbaZ#I^_-dCi)pu;2XYSqN0~s!7NKZ@P-IM@)&?8f(1fI- zzfAhYcBT#E*Wv}k?(v@{FOu^-h$-|ywhUdm`ij4^qD@sfRtGsCk^uXWBzxbUP+J9qHn*!&dOnLa51r!D<(7!t zWq;s(pbJtl=jQ1?#3lSjsjuq zcG}BI7X8sornJ|9cmV}VgyBEhc-Qc@!o-n4qrIu=hAS%ShmzdbXlSzhXrqRP-+A?; z-kjPB!-GcAfXtZpm&vNNDvv2YGax-cmVKmhhmQLa9Jp230-KU@kvxBAhibQCe?8G) z0sr#LtjiRCkH*WaukmM%K7$nBCFx1NfIK0L(D~^xpgi1(+27iZb(+;WzJ{}?Fbzx^ z@`dE~jz3vQ_0tAaXQ*&}?Mu$po~VS_l$&m#8Tfj0bG4^KcA)cV1A+~uP#q)Lvn63x zo}T<jrDFdF%i}V$G?BR6X>2SI0&SiIf-w> z;?#&oSrsVW%NPrim!-~kA7!0EA`p*Ef>e=pi)vs2290@9#eNNv@_R#v^2|51pzDcE z(e5WGf_^LWI)rT9PAXfX-&XjKH}#+*H+g#RaYy2A**Xs7PTYBwqc)0Zk!5;EtuT`A z%|rW#;ZF@~HkoY`gDducV5%M{KXf8y^MqPugP6fk`uPeP{xL>LhZy;Y*711j_E~^&g~b?c#M58e9kY#@V3cu zlw@}09X$y{;qy(9`$d_|BPfvd`W`(s(MPp_?s9y-O>Nn98o900VrjVbHi-hTKH;2| z^i9myVaX?G9VCu(HlA2#PVA@v%h(%{t@Mz{K%DeW-ZRyWpdStRV4rj%y6V~Ll_*gP zuD?ORoWId<%h{@XPz)ZNAHuQfNNe-{JJ*ro_<~Mbn7TwBD+2#~ZTe7H?f$Fg>60p# zSSz92jwyEBC1)&Twy?Qe$SX?5dI>m4K(6qdC!U6>H0U2oCa4u`QqMBaC z68=u)iauuj^l&8RvD_gZ&WwxRUnxc@-dsEEh94*qQrcuNFrE%lX>}C zn-!BP)Uzahl&T`jF{p8I^Z}5{{>50b*oDJUYuKi8%uCe9z_T^h@tDjUA;+I;4vZ}X?NJu1rt?v0b48EFT zC3JN7EI&Zpgpv#ZXv(0Po5yx>o*O@W4ZR2s^~;Dv0)*lNgC8K~ba5bB?M>5_ynL=~ zhE>j+_BJW4oTbCE$#8O{?GfAh2|0R-f$)5^jV`e4wMbK~awS9E>52A;%igbV$`drK z^B2p!tHwX!UZa!7v!?`MTBL;fI%H??9H8l&Up~)oYEf^-dp)>hevCbG-nmieJ$=ZI zI|wiFYj7#v9_<)Pq{()@i){5k;~ox14s6+Ydy7dc{-$9V zP-1Y*X8=wMsS}53f!R`K&PmruS1fObqdHo!#D4Wo0~zj*^4B`Z+x)+~%&hPW-41_V9NiyK;Q&PdLTeHdpBW0O+aW3L=jEa>mvg~^5*0#_!v)UCd4h7J~z#H=W8{0e+(Md z8e|X-op17`TqWWzXv#KB-PDVHmQG)qB31U;@!y-m3^2Nuj>3{B;9`08*$SKU!=kJ(`9w=)E|MTf2eB~YFkT(4|Y z%E$-ufgX>GpFj8$&RXr)L%-1x+v#!J$on*@rxpL5{$ z8TgA7fEbjtd=WzuPF~G#w(SOY`Jq&=h|H2=M`C zEm;AY9>ketk`pOIp1p1KG~4XyuN4*QIzj3WsVZB*iQ91mD;p&64IPuecj8~ko8(^H z_OY6+C(h~f%e(lA8vQ*(7*F#u2p@FG;LYIMbzbbX4n&~!Ib?+~m}^c(0K+=fZnX9fh}5vLS;%_Q>PEPs ze|AZ>7i3~whyGoJKSSd zIx5oRc6i4Bx1rVl!@nnzXoMHK7 zg~Wj2k-mK~iQFzBQH%6tk}C3qM4hKAMyRZ6%da?b|EbEu*xKYxKpiqku-HWly}N)> zLpTe2&2CMdu!NWle|D9&mQyjke-K72>iGrn1PEw;hfqRM=9EGF%GKt0o*E^z`!K3_ zlyHjvNeBh7rlv;2`Bwm?bur02+yxRDC^8z#{RXCceKpCFzaMF5xP9zVpL%+4dBVJ) z1gf?^(VawWghr@zMs4tZtx~fUSSm`-8c0rd81d9>^8qe zS!RHF)gFZ|v?JDorg~89K(lSqRn?w^X!C>vDlDEA#(CD3g%zshy??pvV?uzjXRkPD zRgAZ!9jJI~@opl6x0;*>J>cF9M7*Ar)_0Nb8aMoGoNA~NxLkYYNzpK++@tg+0=$_5 z2rpzCoX4hv9A~XE>=`U#SHymOOrib5v8d}q_bE{t2p~vB3%Uyf=?eFx+oxXa=rzUH zJL#s|7?hV39i-X&S}E(?X0H_+ ziXr1=+d@7~+9N$4ca?QC1mq@~;Zd>X^^JSKGnAC|=UGYm-oJ6BbJm`-`MBl_ zzN%yjIU6MyAS0|7ka9wx@;Lg)>B7W-7f{kmIVKH^-tAZCcJECt_yZGkth#_nk*3Vk zy0ab|t=zJeW@_z0VX9uH`A!6I0H{R(Q}U;Uv;KY-YO>6(te}iDI%ZtI?xP8K*H5{- z9Q}{A?rKzRNRufw8wv;8s@Ht|ATj9amBMeDl1v>QA3jl2G$r*i|3E;6F{xtj>Qqrw zVqvMUNU4lSgX`>ObL?~}=q<`blXYk`V3)W?OdIGh2Z65jcMjoFH9_u3jJxV?8qbJw zc^`qcE331sc8l)X73eaT%o81cBRG#P>Ay~FvDz^5`qhVsQWhtwq3xS9^PAi!e+yt_*s7y2W^3zzl-I>vk& z^$$8#Opyc^GQXgmFqC%A#?=6!6h~^>+Uk9Q(Q;0vjO|VEy>94e>bPdy-c+OX`$zD^Z}VPVPWRSet43Q(Jyhf3vz z4%zU0&+*1>t8nylcFu2Vh!wMl!FL~|jnLJ44#EooS`!UW?3?gN4Bm$3q56wyo%Z%u z1|Jsko#USm(Y&J(>jAKbjV|A^mdpng+MyzAJsVd1=R+*zc3DNmO@&7L0Z#djlFb=* zg-m^g*7^oX?T{igU9YIbO5-t4{u4^E0doWChw_8$e{k*aVo`(L5Il6TsGrx|dEk_c z(fRL(BsT*xZ~ow&K%N8{qV?by(Jtb${H49rA)Q67_e{Lz0ys?H=O#viNeS_UFQdM@ z#!0aEHFTOiT{)fIn6OW!OV?6ubn7l-r8ltIP$%#0%c3|=sWd6-PgsJQrhJ=dW}OVf zA*caO68t`*m<`fGIwL|bj-_@6E^LM-L62}kxz$G+CEaIy0FQB6E^g<{Z7lHpJFH&P z06^-MJcI(VkW*uTNj);b_6h*if6*LxyEs!R^V(|SMCAf1Vj!Kw^xwdc`q$WO7hbz2 zTm96_C(5imbQEmH8^Sh!d0Jo>@XaM{!#>I(giTK80uAlonXsG%C`9C;3^SVcN-^Uw zjzJY{-O^;S8EN!z=KO8?n`5psHTD_A5>w60nL09I*4{c*tbry~7#K|*DSp4cKQ_o% zn0=1Z2kT{p%^dv$`jCTNHorkO^-y+^wKF*8&Myu7u)fPM+A=Fvp*wldBB_)+JXm&M z=KSyQU0q+nerH$iD}h0hhtK@MDPiRtG~l#ukZ&0m5W3~`?03{UZKaL`xHbM6OT_~Q zpEir@`0_7|YXFy90{iZ{E_+QY#D}2<5LUlF-+<;Fd)R}Z`)rYAW%ngksHkcn){kS- z4evT76CL?Xu)?(=Un$Nt<4;bQE=7>$2W{ay4)0c84{4xNjvJp`=$%gE>GWn4<-1KLWJ>$<}+Qb+DUS-v9 zvoY+RrN-Z7IQOW`txL0CJ?sN#g6~HMot-g;hY#-t82mbMFG5=>G$dYLE)0BMCSMVE z*)~K(d`}pY8@~g!2m`{J?(HT1I`=)Y@%5CAgwn=TKmBjKy=PRD-5M<#3{s>-dM8K` zqzH&8JzxP51w=ZZpn?J-T_8Xp6zL@bf`U{50cp}Zp?7K0q=q6OH37uX;$3{--sjxA z&%I-uG49>>hlAmdtoP0PX00{XeC9LfoBKKSrIaonja|N$Yo1DJ4^`n0CyAY{Y#!2P zlSqtu>VhFP_k+1xeH%y!ZChaCj9Q2=eG<0dt|?W##~9(+m)vx zEwtP&BFtFyHp`xNzm6*8Wt`D3do%5!&9OxzZ21@eWcAWV_ew53rJke#SJ76E@-@FH zp0F$Uvq+gq8HB?JnLtLuf9+jJWa8$J-aI5W3{C-%;=g?&b>!`-w5InW*Qk4D4=M3MYb z`R|Kqwe~}amh%Jb_dmTjoC~){NxPjpdHdJw74}a$i2?Q=YSoOLe0#!t1dJ3uq{$IF zP5ht})hPUvbMoLrbeh$WU==(0=Go^@6|Ckpo0JtI=cY_;b=smh+2Z?XvIPpfqem^T zroU0XV=ypizHeH-%+6bs!M)WXuFB=`BO2>Amt2}ONH75r9HACdm+C&`vvRZ zNn%>p?(m&J8IdVqL-Bk?`S4XIY##I7u=n2hhGPYSxfgBgC=$Q|(h z!+bn1x~tivnMEn%h+_6vA3~-v^nIy1RLnab`<=Kgo+?CV9F%KG)}Yr4k~fien03ftXg%p?oO|Dk&A+5 zs$Da@^dv2$-r&9|)b@(38>xfz@WS)~K~C>eS`({PaEr?S(&cP3>qKX;TaCFAIz(3bB|JLC+9;0GeG zWuxyf$7aHz5*0tM=I6h@U87!cbfc>$!yu%;&es4E?HWnww?WCCByH4RSft@`2TC}- zwX~-yFV72|4yv*)2{ry=4s@v`XvGB@O6x!#W&k-lq&!bQ@0I=@R))Iq9eJYYfn5o9BK={QByx`OSex zsXcsWN6zG(paWT`pcO-!rFz&xG0bk9Q7vPAQafA8u3@pPKKi*q|CJlDssmm`#r=qw zAH<=BK(R8GY6Gq?xd)s$*ozPQ*0Fa;*O4~2HZo?PJ*K}76Y7WMb}^G}!a00tkvBmi z&}^PJf$~0nbo4MH>}7G^y}q_LR*!}=&N+Xhd^5ez2`2+NqYqnWuW~NGTP#GhvyDBt z9#0n*Nu`x{V~f>D_=g}Z&ULoYowzL?hk8t~yt}a>nWFYo8`1<_g|yp~diA>Dos#qg z4r`?nJ=G8WS~rH1;Sb)xM$SQwfMr`ct+GWsiF3%2?o-(U4_v4A9K5@>AzZk5)x8WF zUXnq?+!_Z4JsT31_eYMS8XYH!VjU&jfqS~POkm_8C-7CMQ;Gw@MuA!aU5iF__xszD z#S0)SUm#=~XWi3Et%ij=Qsf_eH`KBVa-t>+Nzex0{?sJGCp#b6*{UGBZn8$=A1b&! zLSb{c_+wa;Qh>pG-WUBL3(8Cu09}8nh`Ro8=h^}GX{}~`!}qB=Te*IEnN_>p;)Q|% z$+kJx@@UXMKRIscDlL5GIm8!2Ml|~9+d15YWgB9d5SZxWP~*EMtaa0?crPJ^QFouJ@?M1 z`o#-VU}cpaUX4S>8O9n}#~1w&?{m?d^}N_nwtp!>jd0y4RFUd~M$C7aW_}x0L9eLJ zU7$pcLj8dp*#Rl;Fp%Q1kwQ}&{r(rZ#UN$-D|g$H6c!d&f-#Ux~2CaD`hWzFxM2nWno%M0N z>D2eBkN2IOMGU%h6;iX(+Q!pHdgO~DS%bHyCQ z96Zw6CIRoYU8Dx`tDQb z50lATU)mD;nQ499VhBvlN!A#Yq;tml4TAu66Gr1`-b-wmmyrVx2A!|N7rPAACW%&3nT+h&m7Oq|a7n zS|jJaGPDYaQ5eG24dhmxzdF*t)ursg;=AU4DWZRXhO;W8MwB>S0@I46YR>q%`_(l> zMn|ch+8FW1^M>Re_DOOr3IxLSwEo-rD4<_O>BaLw$uq-$~QovBJcFEs^Gm7rhB`-ozKpP%ZNF+C>s;H<&_}HL3Ti*VlXNz#>3xYwrRLC z+0i5J`Ht;M!GlkCpyF+0v8snLhWRV7sTU?}&5gWKk6t^X+TZeWF(g~*QkHcB?_s?= zdGLs1xve(Q&udPMnyZi*v)ZC;%Piw=?|kzq-W=7`DkzmwC7oAlS zmwPz6ce&Nj zgnyc+5Ik^WDFhnzp_dCILc`0$Y(154Z?6=;y%CVDby=sUex<6xs}PhK_S24prrLeT z-!)3bE{s|kCW!29OQewfxapZ=D-elW92|E&Qbk?CuY~V4a4s4XWUGQXn@*Cr@+)sL zWsn~rJ#;?&Am^DO!~NnNvJmv08ty)+nMYPt#qZmGc#iDX=d5HfFD2^Gs1gY!o zK5Y6%@oJ^zJBB6)N8z_N)Kq%x#;`Vy!7AJY6sKW!A@bu?E7K&XVrGv{T?p2{@S(T0 z7WJJxfGgbrMvjuu z90W1OV*wU_gbZk5BW7pXQ4P~hn7r3B^OK**(r&Y!V2a#Zw|H#y19hdFeCR7VhP&j; zt5SJn!BZ?%0Qx8WH+tvf1~{_9nqT=;wzm}7utVC!E5x9SjQ~u=(gU# zUBbl(Z+BdL!0h2Ao|5jCV8QXuv`VfLVnfCI_(v+-w0QX!yB5Lp-GC(zV$UOuR&Y>q zbLfL!Jqhp%paPEwDuL;m%wAhnpKMF-(x_Lx)1-Ei6QmH3rNAu0>FhkfL96~|<{F!s zmglvqk{%+D_Nd@OlNwu^6|@#bTLn zTBO!VVL+MWrYpdzZeEASc zE$aoFn$~-JNz26jNUKdlVeV+3^##~u;!LAFGR!0~faaO5wmYWmmXor)AW1d|f9bo5 z6!K2ymAG7WYD#XV0E8&yFlPbeTV)fs+slXn$}bl0Ro57>F@%zT-uTQc)k}-YP*?s8 z3&xgxdWXZZnXZ4c^Wc1&;GaZw?~ITMRnya(+&HGrB9)Mt)pXc7;=3b7+f-SC+gJmA zmGh@wcjkffe)l+4rK=fRIUvrP+j=O8lhjuOP-N|##XHmLks=9$#sLn$8@U_j667pX zso8%QI|J^GXckY;Det`L}bp?2&1nNH8kvfWX%y@q)q)WV+ zCrr?a7UzabX4t{Dck}9mr%KtfmvFXE252Lhq@Z}nxlOE9ryKFxr`PVf`@hNjl%#gL zn}01qiMo`P#PNNr;d+gQLM@ZZ@vWDvhtI2H=Qb8}OQn0?wEH(d)mD67D;WrS<6jMg z@baaZa26b%ruwT(h349R82Z%mJbkPEO**u&zZ3xA`dE_PluI zTAJ%sA)Lf6i((cf_mY)0x!al#_)?;}8 zEc{Y8X`5%4;1SM~MYvY5)t*@NLohB@d)IvGh`A0Hc3A45Xr}Qdet4w|Q@ zQ%pO-(e7yvs!wUQu4jLg8(oXjP_F;XEB_Q||Gds?kn30AHJY)}oO7)sj}+!9a?)8P z_D#58)XMklCwQ;WYj8h~)fsD~Cbr{>+1k>+ANE}vzdts-7y67cRSM~lq7PICLAS4P zWTr|BG783|Mn+O0LO(rvWHza>{Ahrg`rE4_X5Z(27YmA+?G7D-_QV=2&1%f-xb$bY zW^_LK&xGOVmqwCQYO?J##cVmFvUl3rxu^O{?Vn8G#@n$KRiSQmb78-|E@#L@@i$xA z$uYCs;FW#4a`ZK}Rk_4pmDi1c=rA%@B7DjyHs=e~zHyUEF!bYtAd4b-m8>}b;Ti?g zyO94qt;VI&t~YHvJ!>)P;{Baus%x4Xmp~_?>H1VLZHyw& zPp5T#T;R73ULFv<_7-t$@JjcEq0G;S+-6Vvi>X5gAAbrxWVmPTj(5hO7O)b)I+W(V z@Ub)|!dW1yHkR)I1NmzIMmbuCciB(n0~jm@cbep^2$J>WKtP2@6iPAcSOYIR7B4i} zowLRu*6Q|RzC(>RI*VJXi*j&$xzOj^5x-(L-hHC1>}5lWK2tJnH06paw*^o!U{2_& z5X3Xs<44|e0LxDhxmvDqQY7tY(Uryyclp}#M4OaM38pFJF_K!OwlS%>-2{E6gkq7SZD zSwZpr#-7hLzBHTqWDyQ|@hvAZam|e@NXTQO+vb!~Ly ztYzYZYm8m_+%M-Yb2*>8360K7_JOSw`mhm7ZMpW{iI%k*ibEb&adp2Ro!F2)0TB1+ zr`rg&tJb|_6+%_L-muwJ^tt_k2sG`nSmCkKaQWAVMx1of;R4b9hqmvmG=uJA>iwGh z8k)Pfe^KImL&AYYZD^7aQ5gRY72Tr6?B3nKxR3mzlea{A?#DWg!?fl(WMD|FV=>oO zXnwRyRC{!$pT-V@*$STB@IbWN=5cRAJ{key?m{$ zITL?+9j`<9{+m==6=oFAoOsl-t%_wp+m<8$)UrxW+(1n_b%6>MN+D@~R)%1yRSo0M z3+9k$i?uo#Rk3XaB>8})g|U{~N90Yl^6;JgfxE+-meFHub=3?XgSZSlYL;*w@(Wn0 zW>GagHSPeh)wD@3PbgAElyrV@qU7nA6r*N0qRtdDQ7lay!iVS(Q)^$o z<9t2owi)xxBo-lc)qeDDtb7+a_u;S2pCce1O~G*^BdZzhDDgYYVXN>#tJayx(7te( zSe<8wkF$9Y;T^6&k#Oa{!t$dVi}$gm52+Ha?iws8ZHnGm;#H%p=|^^c21jn$pNP_6 zjAP!^{aj-7+J3)0RO_Y0Yx5VF`C0BauzS%y(qoNp|9>zr>mo%adX;#@stUWT)8>6cZdb1aSbqAT;^M3bZ&OPidx ztYAm>vPhmpF%L5G06{&fLy%(eF7)_e2J#u7~MIBUWOZ6)xfYIwP%i6jml{5W#cjRM=Y= z?Jq8B6P6T4H_Ka);<3gf^Re1J@p5zStt|^3o4NrrVgSh9!it!Q2tLr}>=q>h~x&1cxTw(B0mIySO zo|2ix#=+A(1fSF z39_u8ji>3=e=D}WZRXDy#;W(3#f|;gFlcrV>u^D#>E}mw78hWi(B z6;Syc9;BRm3rI%fb}H1W7BQ>&`FOlA?AxEd6@Uh@1J-I$@D9ol5k`eyaU{Y|T#3jL;SAc~WmG&!}wO z)RDcNZfW@PLy;wALl&x%Q9}hIz8TP#`4)Rg1n^s>0 zxAZwVOTtTU6C_OUh#W(S;eN_ zKKTCZF(T!f_j+B>l(Va|=%LbU%-H84RZbEI;bO_WkDjtd>tRrP&;mn9P)Rj(C`6sN z?Yy1kf;C1K7HazSQ+|QjB6U-$GB37i$F0TLkSPUUP;778PB*&#NypYp!*9Y?sV%*LBG00Tqu_{fc1P z{bI3`+%OA&--~>>KafoH&wKi0^Kg7#BS@7R(g&i?M)1?-JhYn^4&KwDK{9E7!MD#% zl`m5ONQd2|oqk8|M7GC+P&l40u0>l(9tgZak8k{e^yyMo41t37|M2UXSGh{GXeEi^ z#rGS>GPBiz1_A)wv52% z`7)i}Oy$3B<~JhLg8rDx1E17+W5i8zqmbs_&Qe9AZS#ba>Ql{D2inYmNvwfG-2ip$9ia57b) zXf7wjh*2}ko<>K9BhgwXXzsf4_#en^U1$bT1E2T_5P>vzXG)vw8E?o8+*@uqTA*x! z!-(ISYp(?iPn)P^@e94iH|}yjxv{BO{n$W5IN8s21U_JTa*=pzs*x3`ntFIY?+>I) zOO^LJ+eSu)c&wGR?7tg3PkepcZOo&w0FgS9d4qEk6fi`aM|Rzlk%895ML1}+kN6q zeCnecV={y*G$}iu55&Ypt-9eN^0?H*;^LR~PfALw$}4m(&r*$vd=uO>V229FHEmlY z$R2v&KAJU8QVYhuFF zHS#lUOR$Bd9kH)U0{B+k=s?)3Rr`9!%lV3Z=4+beg+az0{3VgjP$vk_}$8Aq>h$Da_R+n}tz|3J71}Tw; z67vU?81MtQrBsRGvEGiIwJLKbn}V$P2hW|m{(4QBy9!fQ9G5+^{R8QKI85jwbpR2J z#(?<+Fqscvw%A|0Y^2vB&}~HcAIRA~SQuw^QFh*6v)^Z%+1^-HK06p>RK4KO%{Yy* z$aW!doFt;eKH7~bd{{Fr-2N`aB+hh2REFM2NS~J;Wsc>Q(Sf|dfmHe!g3>A0S z&LYo}u9=?Tkn38Bwp-ku?86WralR}54rczIaS_+NJSY(5;I^EB1<41*2?*Laq+BTG z0rf2psVO43#+T|urM758#qbr5rtS_GnGGLNYzU~gBid?{Y$xHN;*OFjTH;h~GLS1y zR2)q!yncs99TpX;VA#b4DCuhzDX#Ocv=;b*Xd?_P;|)2aXu$132pSkA$$7J`LZzF9 zlg5Abq&~eZhH7_>#JP7NVscT}!6}VbXrv=0V}1YnyT0r(K+%$oLwXIwK=|KN<^BrhIeBW(VktN*juT$R7v~+t#mT3R| zZXH?FoRplP__9shQsCPgUl)`k%5`UXM#*WlMRZ4)5w&r;}DFUMJBT#-DfaU9B%t; zis6}P-x>c{{g{5Q@nTTJ08KL7A)$>z#Otj|SxF963tU`^t4-EH6A8NN>Q3}>%Z0#c z)t8-M--buJnw5z{$voBV+j-d|IsZtRZf z9`^8eHCVFmtHPhy%`u@k(qF{cPIiVCNH}J6CeoCMCvr45?a6wyq{`vPBc4@9v?hK1 zlp#?Y9M5kVPwD66?QD@c$BbCYCRUMJexncN*N3oRpAy&o0~rVO8W7NwkC8->VmC*H zzg1W;8kBr7D>&n=v8MBT4_4aE=g`vo6?c;85yTj)lg+0+t#nCz6T;S z>kM;(l%CDcu|@>WH<*tqOtnq8X34Acwn@=9fn=997V6Mfu(S~k_0-z^(!on zprDeNiA#r7h&3Z#9@*v)A6g1NNVp?wll2yZd&rz02UxXd@F?$zpML>&&|?YPMIEX& zQ@UMG=SLj|&!(!|P7Ip5`swLqRN;xQ3|AtLB|j4t+t?ITY8;-_`Tc61;@@{u9@&=- z`6t;1ywblDZvOMHPuUT>*?r2E4?l%&gR(; z)2-HavR|k3=;}p=HN_)Y9;kLd1=^|p7p6Pd$;d^VQ5bd;Y{7Rwrqdya;A_GVt9Ia= za}Cs3r^fa+X%=++txN4*Hw?+%3I4vBwH|!dX5jSW=#SW|Wt$cbz8#$i>LTR| zP3#`kDpZEVq0@rh;~B%sVTnomjv=$>zbVnpdq0Ay@6y%FKaVw>9+p4q^QJwd7Xv|Z zte;;@#;0OFO|Nlg_Ze0iu39D7nw<+*Ose!U3MY-DchtAg>pQSz8|Y^M$G_rtNx=<@ zyN>vxMPR)!^73)RmsG_F%|T7(lFA=$%2cuk))u~`Ui8jQrE4;&4#>Sf5X}TXW%E2c z)5748?CBS#4b#`$udUab{ILI=DaU;jOIai9UQf9{vN-P$|37-v=Flz6L{Grzn5P_6 z5e+eIk`$|HOeg`~l-#~;O97#oimwHM7b;VVa^9#Js$^3BwD{mzJZSMf3#cw*@ty1^ z({qO^cOf|J{9BX+FzlRh+y(nZXz^WwQHuo~F=YNEMkzS z7e2`ItPk3x!%|K^CwBTd*MB~zLC9&bphxC6b2F~?0y7hC|9qEXe0Ex_rg+JmSX9qLY3=Gb+G zzM=eJo9~%qKn`+a$$GNUudFh-r=P~milLd@j@gD<(Lf!tGNC^LGJDjH)QB2QB)-z& zEtGR%3gewDo5C%ICR;L&OXYzvP4b=aD6bP#*pVXuZSC{u!#zOy-86;hz>cMe5-K&8 zjL3bv-=6V?qf7csjK~`|&d7YrEzUtbTxfu{u#W8zBMd6OeN3#cMlAzzzBc8<=quh< zUg5_*#UIi3OlfRHyR?I#l|K-ES%{BtHp&QpIX`!5!Wj8MCuwWG%~_p0V8e?nW@Oyi zBHryV@Be;w{^xA{fAN37%j(Qi1~&@Mn9SHc-=E$8u9RI}7V}_IDXyeS>hZhVjy(z3QK2IafZ5{VlWzdlfQb2P|{1>cz-Q&}wnn=JJvd=-|ezU;CNE~2~ z%;*27@ZQs-4I9AALJTU>$bT{X;@Z0wY35jyyAjL&zda}oIe4x}ZzrGY!G~aX)nk&EUoJ7-S+p{8_u1)h$Fp45*sEIF%3>E!^rh`;!O3nDy0KROExrx$Hmz7YH=cNi@wLG!i5HX3ovtiwr$UCciBh z{aw)eRk39|`#=2vKzT(k*>1s%Vw=BjQr>{Js4U0cGD2RfkMytMs?2K^Nah7ek+<*9 z!@^X~6M~Kt%(=%UwjCCAq(7cpopO!zYqHM$xo&X|^=fgEGQxA<5EWl>bQwl$Y~%oX zlHwDg1V3={KRulq^n$=;8Tb}JHcyNXK z9E-k-YQO7ngD7y%*XcArOJsvb{CYO3WR`1NMe>xHG`-6!XQfmcxP+DOS6>W_>5x)} z?)%`et&cALHfSVz7fjo+&6>6CU(nn-3$U!ja&w_qX0k<=v~k{Yvt`^r~u z#|;wzBXsn^Q@M&gQ~}C5?bG+`-H}Q=sAQW{m=<<*!tv?7gO{x^2Iad_KfLHu1L~8u z_f7Cue=};b>|y6{IY@aJt@SJzp-f0}l_`}_DxP5^dQVgYgV2LkjioSDEnx!Gcm zl>k2h#R_o3G#b3BOF1xy?@2ue9LKA`k!1TA4&3d5k@Q*gpjjLGHwmQaS*Q-F!V&0J zQKT3tU{>G{1dB%#J|lo9Aq!ak9U1;W=7( z_3=h0XX`coK+pijFBD%d}VPoi)*l%zNcX^tyAXT{G-T_;>?LEUxHh{d| zoJ1LTb-xTh`+@GQPN0BDZ*O?yDkN&@e<2_euG(IZcr~oj z%qjU5>tUaL)4Ed3r9OW@6Z9Cc{0p(?=0aPr^HfAKus7^i9biZr#n~iAn^}$_C7PUO zTv+>9goupLKw?9VWvdJ~?1KRLSmWhq*;Xwhh<2&@UD-0ZCZLIWx?0csUuM5opHet4`Vyb($?+x`p+a44^_7avZctI9;~bLYg#<*rC9uouK|g zuU=B+&136?g)sKS6o=bG<5kOj&TY1|>K8B(?4Is? z!wlRfsBy2z_gD_XEYy65=5{nmwBYvPK;C6KNIB$$awIw{5!zBk%jpEpo?VP#W_0dl zfxujx#0m)3;d=4` z`JI-jxA=FKnvV)A`J8-03lWo)t#JAZEuV|)3#^6LFrqRy?Uc*kC){3p=+M~{8K6B& z%^it5l0dm0*~5uNugE5B+raBEOs9j<5NU9-ouPZH_9%Ql2U@`m}^i+)!v|Rs-dBL6^1Z zSBE@r#lR|-%a_;Aw4yRGhZrkdUxU6ZlrU*y@Zrn!Dl^ld)s7S8#YVT&p28ek_&yZ| z5IXnG&w?oimqs@tQXsycPTLE6kaG*dK`8pM?u96GMUKmA(i%TB#iV$&M-2JAlh1YF ze|MyXkS>f#lsAaAJ?Qpvnc|Puvdy5K5avobvl30=DF=uP=)7Q1q{ULbMbU+EB2pdBKj9yEdE@XVU7NxA)avMqh}L@x!UUS z9VjHyxw)T01SzoZiMM`@(zGiy)BHR)W14~&+8Zi&##)mxxU^PkLW{1D@wVQEIH$@G zGjQ8y*QAY+ai-D3JGXYpwP@p{%-dhTm~x$x`)Y)L*N%k}t4tn=sf~ZE9^s(LlBE6e z4x0OrKi9I~Nxn&#ouX0cANIrny)p$(Q%?&J{)L!`SwLrhiM$Ci-D^~(d)9YgBpk8?huDqdO-;zrER6Dx2Sc02fYU*2)c8mx$wu{reoj7rA!w3B6QBk)OzFD2HY?9-1PPP{OPPE5Mwt%Kn$XI!|ELZQI`W^FqeP?>yO_p;J z-Q}}ig>Nk5*=#Qji4|auk$M>OM$kZ9ZV7Zn%XJMjSumrQJ|XM=&A*_n zUj~fU&k66Q_e7%tCBn`(?KIX>azxWtHe+s?$7ayZb zX+)rGNh34r@cJ@xZ1mZ-YS!Jl{9Alhz$L1)0Wr|X6~U-Z@>A3X+jk#qWdAwtRWaUL z_NM9!HuMpZEY$CL?Ko4j75t{RDR5$F}G_ z6p%8w*AS}amqYR&*(PDa__cbicYfR{{FG==7u6M{$wLpL;;Vrh1|!_?zbpeSJ|tm|UtdPA=c5&VV!ninLrsZx1@AVt%Y9hF6 zFw018hE#gQ)lSnxfql_GkeJ0b#6At;P*wyw_e&=lOaH1teYs<|EhgfFhjf=fMXCX< zf?rRN4(|RdP&=Lru6MR`b_Vq?#ic6r7|_1k+KI_-s8jA64-Gh z>Ea(qu^cd}Q-xcAUob>ZhFq`jMlOe7GUSq7Dlr0-zfQf`_i1YXruevn#ybas-K!p& z^)7^dUvPfW1dDS{bqwDSYnbi95$R3V5$&ymeKKe-x2iAjr#k4AP#ef1}qTC^v_XzCvF}cY(;cZI&W{qDTR6Q1w9+4aL`;5brk0Cet^A` zWok&37vMku;L(TYh^NFNAAsw!(?o1@D#frbL+?Bw;WtX~6_N5xS3g*Vb=-;3mVZ+s z2%%qaE?=P>$_G&JWgzBt40=Kvesbn6gzyJK1kJP7X@|VWnxMD@FiMQwPZJawZjKps z`3rs~OH(qqK0CI@%$CebDMl25kQZ-@rT5?tj1}Ac44~M_J9U+_L~GJ4dhfF-uvorONkUN7{ml!^ITpQF;m4E(JQ@LAS_S@g3-$cOL zn`MKgPWm5jr%|BQS3?0%nE?>0;AJdv<`qd1?-4?}NHi4VdC<4d$WmQdTNdwesT0Qa zIIm0a6(5+BvWG%PDrv+rbLQ<2IwvW)&_H-;RR9_JTB?9b2T~qDRM~aT%HsL7U=mZ6 zkNPr?@a;1FsvxI+Rh;PO$TE1kFeI+&V(p8As{Lv36tr5=zm9}S5$P~h3|P2YFA3^f zFo}q(auqn}`wDjYKcZ}Ngb>jS&;1>(3q1=NrBWxihILCdlC3fy=h4c^lUt^yGXMyl zg{49)#Um9-P5Wtwmu#SY^Ct;PblgLAYrGfY4g94W`Y!wh9b7ntRI;lo2qJJF*B3zM)8)8eHtc_VTdE4tDy8N|y?d|T;Q z6j6P-P?KTCq$}@YYjVbP!MT;xL~ zqAf6fKtLcsTRJXP=hn%GddlnX zsn>~N^A^yCQe>u4bcdGTy$1(+cQ+_~atl;{3$TP_f)j*C!CJzkTSyqcUEMo|w$dpb z#xmYO*YpRefx>a^s2@i!{;n}%H|W?%nAG~4t#dn4wrRh9v5|sBpnH@H7A=yrs9TNY z_2YVLVs)>isSB;B`V+ehyW}Bpn7kr%t3_F{e>t6duR)L-S6-nYV<*c<4|rWvE+( zkK|nft=`;UJS7@J^+Obns{Q`1t1@3vbw`iEoj!5=`*iZW_!`j~paX%Hw0+icu=o5e zA^O)F^9*UT2ry?PEZ56MnJV^r@3Kdmi2pD?#?@bP(qHoL@WPQzJjMEx&JZP=N&JDP zU!qBCJJU>5^@)!JERP?bg-daCxJItzl6y5Ull=e-r7tD&W~Vuyy`6#9l=lIHo>5u6 zu2%VDnKL=U>>PV%GV$;x3uI zI^Vri&e+nISu`hYk8+uG8yns?hk>-sTI9IS-1|QYGIfYn?B(p{WHj7hm&Sw)|7}vs8CCdo@t`z2t0(3i!t;whF0T8xYz2NCw-V&byY`MVI*ey} zyiDT}^wDh8jffEIp9B3rZ01Ve9NQXHuXxs#RhI-2$h?{ zG2qcWi0h`xrl+iQQlO<5DxkjJVS5?}V@f34lB7elUyiq1Z!?JyC)9QUI_7EE> ze;|B1VHW!|7AF)hAiwLd7&M)|!?OSj#th_iCi}(~k0#~6M&%v-MzriuVIeGs_&8_2 zV69Df@1Id?B49;!N1i?w;vSQlN&Xxw>um%GoifVfxVZ@IK8?-^i<>H|na$3WC3^Xv7Ks&mIvd*n$e1kv zxD*HwmgWk`LXA5elB@K3*xPtPo=PKe#2JC+qPb?0_~7xgY_u)X?m;+d!1G2=K|#SO zj?P)5&`=iJg_Zk(-;3Zwi+7G#fCx38uy) zUI0i1_=p|#W1~M1bFi-7FopC0{2M@gmUh5_1UQr?jdcByTgrB@uMknev9#B*z~=hu zV3$;Hnyy-_02Bo9I;qRa9%NhCo=y)fQ0%7F0$06|PGf=ZZ9J>&P%(E*4K5Kio{wZ} z;neUyR-})ZKXRqZdif|Z+A4m)$bG95;sb#~$R5#wZVCk9%#>O^{&^u~L=y90D${<> zTb$_9`KCV*5#=lUTlCVhq3cEU{ZKm4+#K zH|cn$I2~pA2XfIK2Ob+3BV$&V5+LUPfVQ@%hmL26ar60)kafCMDx7b#@Uv|P7Y-(e zSjZEapZHNX3-H+OHa3O;sD7Nd?FX0)QS|S%`P_NqQp( zBk-WGFr$e9GOD$Kj?iOh5s`uh!@b7P`msKy*UsCaJ!{&Fy)vJ*OIQvd+wbtyQJ}t? zJGkx`H23Q(dd~o&MHvFl5sudYY^Qc8pOczjNYvjQOe>3owHbX&>I|>HgtIs|F|)=Q z^(pP6xO1zG<=N3V2w#*gW2=J#)PLaa@faw#+DIPo!>Ogk|WLw&2-DV|$#OWBG zJ+-F7Kbl@%R?T+7h*2y_#DGgLYw(Sjk&untP zzW-a?%`Sr`WXIt$LuMSM+~f0%%4Oyeix#{@i>4vds<21-`I+$Q9D-47 zczvf7tH1i+Y8d_ZxKIpXyA4A_q@5BDbGu+K+aHPI_hcm$H88jn1!C;MV#=+BG2X=``jcQ{(*otG0gt! zN}`#>assFj zZE~tD>0OMgQ}C^Dxg^7>WQPlCP5sWP)hh83=_ofmMO}gE&jf|uh`M(>3ruF3oCzD( zulUIf1Dn$_#8SZ|dO}q4ghRp;7JyxH9Yn8_U?=S5WWRx+?EfI{%fq2;sh+gQgEvWJi*qf~a1HQU&ilzqu=5VB;(I+&T~yFAbHzVGq9 z-}mRYbR3QjW9FXwzV7?FuJd>P&foca5y(#1%Q-=5u)ACzsftyeF_d`gN4Jpa9$##O zLe6mo`zw@8*pEK&zGrS)lX%7*@g`~^$FcLakKlZR#ea2$pR0E!xHmVR9O+0cU2Qa? zGz(ulZE!)u*J*-fP)AYiYrzaFacIt&)8W-`UiA{wL(7|bvanNbh!>m?_KlfFZ8FFc zF4mzkDAVYjl#8uI0f5u}S`d4z(LfrxGX1ZhK@hos2ySE`cwyDc@=YFT`MHK(seIG% zRI@lX_>8D(tX`Ld(t?GJ8KJxgzbxkVM{5)!h2nVQ_n&TVKW zs(b+%>@Qwy_+fS8>(O)m8?Q9BUO4|r%#Mj$s5HeZv}5Urvqk|58YBKazYH&5lQm#h z6!7{((;vRXi5k_ zFiq_98~0Zgsz1*hboS{}oe9z-nR(?4xM%X)%B{f5cdJ`|mhNg3U0p>E<6qNmcyQl5 z+jUeIq@v*1tFqB&Pb_c4Ze3Z$?(R!b!W|~DR;A$4E+q$p4EF&3HdJeY5f0i7<=j0o z-&j--blqmZ#m47}o*%E&?Qrj37>e4#jBm~2p5I%I#m~E|XWwU-*z}&D^>?XjQjv*S zh*?lO;je@SnU8(M?f^Ee)Q22}Ud#hdd(c!sV>fHS?FO`@k-LsNvQ)oJ<3and)s{m) z6VH5+M6UBcm@5*`2<=&3)~PAUZNi-Lmm<*3Y*JV!f7P85NV+ESgr8bD*^=SjkQ%@v z)iaIB$1vy_KnXtWU?QeNcB41PvAB(q#UXOsAzZHKz-21=dUx+>>mW7pQoK|v`XmW4 zxXUf;r={!EtZ;X_=2b0KY>^=!q)$LeZgLb6gI>Hn`WIxa15M@}rrIjWe{!V4d~02f zQuN}+Tyf2t4kgty6K;)}S>of3^rj?PLk0)ora>+B^mXkIV_5%^q2Ti_2=D4Z=_~sU zYjeTKYm^>1VvzMBj%-Tz{F$Bxat!Z~-OMqn>uOJ7|Ekm=m$mFQYX zowx0gip1i=#$i`$!pjt^(5z0o`G#s72e#D+Pgl^$>|nPe&&GVGWP6EY!hPAfnW0*- zi-u>vG`MiZd3=GQi|v3N(P1e`eHv_!#sPd*4O->xQi-Q8=UAIu{EgJ`X9#WTCjy!j z_o%kpYUs+_S#_TzO1cwOt;YiQ?-{J>+B)oK1VzgkByz?U(TBkF=Yolac)V_Et8XIe zmDyXK?8lyap)a-wz35)|7MHT=^y6|2uo$J-WB)O61do=6k%WU$ z*??@}Tm1*MQG*@hOo>0lAKypETdE|UFh8!Qz%GUn!QzG8`E(JI{}+Ur2jq}Lx!}YT z;7i%fE4T!Ch?u#^>(ZJ9E2c4i{BHC@p&`nJ`H<}pdf*ErzA^iAjG`yeNqzzLgnr>{ zMhyNt&^e-)!*l*_L7#0uF*-o`JvKp&f%`@l9p zXeFZm5ahnWlXj@|j0%CvQ3w6Nt-zQ-KK%umcNhXo`R_*20Y^_q&fk(nlExlxVypD) znscH3W4|^6mXE{$SHeDsU2Ev1#M(plc-si6VHFte6)s+NtbMio-MNJv?be+9Rc>Fh zW|znVprn{b|9zg= z#~(2i$an1%s^$E1e--*o+V_g_;j zV{DGk=S&HD7R(56K3UasNP5(A(}dIOz0U^kv=h1?i{?0P4Z~h{w3hM1k;Q?oV=K!b z*f=C8$uC=+{--POcu9YxRr)q9cvop3{-wtw3A`0TclNU z_F)&q@#T3jJ`GyS7^*A{xz($U*5n$*A~W!_JZ4O?KSJE9ssL*?@fh?>jr%gIIIns6 zULQf=EogBH=OiKUsqy}DpMD}uTF+%T^UA$Qu@Ot=xf9GTb^YRLOBW5nP=dc5R*&e$m)Ef5&7$1kR?4J7uzIPXEO!J5AAs=$L3M`M>6*F z+dDJQs>U~Z#YmN^iT_4$qc&R_sRum{b~A{MmzJqju7^k;y{6jdpgPd#6pqshbOhcp zmChtkq>EnXoIRvHP4(viwnD5mBcsM~$TY#in4VW(?~bMz&!uB|#IDB^596ym4{c7l z(U*RkAYaGtlY%NX5BEX5sCk;|-6P{R=Wq)i;)|+?wg*nz6N@^kY(8!$)b1yYxc9=Y z4dwSa073m;>X8yjeQ1}@ugu!p&C*pUY6&eZCR{Fgx%DUBZ|w8`17;W1xp6|OWij<8 zoOMBZl~1qQ%zXA4>mqsMg8-=T>~N3UT?#x^L&hL*qC<^6jy@cnnT=+v=M2lkH?Zy; z9q5M6VoS;d*bVM^#2?Xg0dsOpLhD%KEAzEUdxJo zjVfcTbByspNPL=|ux?d-{2iJ2^2&qMZZP^7~4ki81fgea6z3ODg!&X9Gj zD%~J?_q&3z^RG51%PTobD|O|~V!^AZQm{5W2MK6t^w{<6>)Gu@HCjFm7sXz z281kmEOhMi4jcnl8u+keKu7wWHG8=RFu0Keggd704$M|$doj*D37}*I|zv%w8XhYX|Er#Eh^$t;d!8@e> zacO&wo$=7eoo_ew-5Fl$>frO$%y<;{fZ04QY> zNHXmqvMyJa6% zQU_x-U)8%lx^5*MBz<)`AHp72L%SzOaPD+I5T{6h!G3}1t-?O(JCOWaV~Qc41G@K& z`KehN1WpkPBBd0*NV#lRuL;*A+q5b97B2LD-Eyf?F*=ytpWm7DM&pSn-O3?`t;Sib zkA=67S@%I%=EB>r8|eq$3tXgRXKwUQQ;;v!uJrf|@}-ZIieMp2qIc3wA%}(S7y%M9 zF2HM97mLj@t9v@GF#cG&KyfuJ_^9=rK)itaF&e)N7<=EMbf+-TE&BR4C*PYGgR^mU zGQ)8nJUi9m)VYaeV8rx0fVp=)xRaaa*mVFhL`wl_Rq7W{K0Qpep9}&OLF7CvSP(K+ znbC0fNH@W$1oJ($s|M9ywt6+csqfw&gXcsj&ie%k>h11{`=QwCsZ4A4B>AIdg9{@& za49M|;RWK86bCewI^03Iax}*~rz@39(&m+>3*pnkaM(RiJLe0w_#ky2lyTENb3|O-+ldAuvBDcr6-_Ib<0=-K!MYpgX%=U>rzk+-nPiW2sBTDH=yjIcSrDq0BALm5 zeq^hrxHI1%w&#bzc_ghy{$zl&D9Dz;9obO<) zKCm6Vbzknk>QX#M(9bXtwO%={Pbb2DbccQ8DbAL@-sb%P%B0o_t@K2)fW#_tp0&=9 zWu_vP^QW{~Z`Pv>Lqd>m394(wcR?7DsaCjB`ZJZHv*Ar?#vB=)rCw>K|7`qF97T|JcbDb5eJnsG{ z{cP}AmXeW$!rh`GX>P&n_!|MIsTPe9<=EEzKTpysBKy03ee3iFjdyw>(@lFNoy|xX zIO30U+qe2FelAqiBYvN~`$UF`wKCdPJOuT-dsl80+*TdeBNdWTmXD~i>WX=^qkgxM zv6v!_H+7v9)E|NG3*9j*7QZ%#i|gG)*qP|0+tRXD_Sk%xO9<@*R@_EFICXlqytEZ~ zMzSQh)cvd)seetC)#Nm1Y=Zj>LQB+d%3>cbdS2vM>|qF_7)>0^;?01H`}E-Tg?#XUl5Lq+@|n^rO1eIpd?>Uy!CqRc5gla0fx$9 zVQS*hnYf1^9u?-V(ih6!hQ?vWdvLwCWa~=MzxONAP+eJx?`r|$pttye_d!^0Zkn*5o=9+tn#s>sYI;Jx#zz0a+$xZ3 z|APF!f1fG|ploqaYZF)rC($?)N)9KMTYgi*Pf34iB>l5hRa0{=4hX>UQ2=7d%KAw_^dYU~T zFi14}2;@~#WL7nZ4`u>ki#*sFLn~p41&4a|$T=(>N%8Y&v1G9$Nm5vMo$_58uGDgN zSE`i_ro@~Teyq=p2Sk2%7Lk$Cf+eMD2!be-S?c&&<)lb7hy{z_l9fgtVg~NKaHFoL zf#8Zn8(T+P0MA3W+&s0zP-J=s_Bz70??70P9V|_M%N3v$o=zN=Oby^QULHv(8EVhE z09vL>F`4NX=m~^pa85cnpoDw)J??A%WHJ2cS-I`JQ3r}rFkq0@_6*5f8Ul9%2Qe_7 zk-)J$rc5XK7)Y^mta3za#w^WG3)CN7r=7x7ljnld(fVhE1O_;k`E z5#Tfvh4B%TX0SQ~exJedDfumBgyHC1g}UqaPgV`+XizP>gNgDFz`?1A);Aj)8>=Jq zYp(0luQ#FPFXzySTI8KB6%IOi7(;O$>qk^LlM>@Y5qnVJ+zM#Ujn9-pB+IWX#UC3x zkAF(;S6CJ%4Idf1FBsCHZ0FTuZPKSJOvBRW{p@f_v~-YP0*2F%<07Cm6IgkJz*Lef zI6HTo;SucwdL=oVg>w>E%DA6syBmAfhv_-r^HewKDi#-QAHk8IVB-dIPRHEw@wG#H zeP*!w>ukMg8(^}wPi|&xTF9lYT?K@`1j05xLVoOaZ@OylfTGJ6^RCr4{<(Zb;h$qg z9nt*u33>PL1Z7+PziO=bcXLJCy%)n2?(xPXSeqZ+u+$qFGcEgvw-RzU5z%ybm7P@+Slj&oRZoC(S4~oD%-$ z8fMtvHO#-c;sW`J#+?$+DPn`x^(j-Vr$clio7Ad>sddWcKkp!eXJN9A4<_%F;n%JH zjFY<3&C)*JZhbfL=l(*eaH-sHu;83oh!3A(C$zWMgJTFcWKG}D5lYd0b7B3)Wf4E# zj{Zh^l6rrogQKAVe%;RJ`Q*Hh;$K7b0EY;VQhamy3TtWHE#zhJE^x zw>qPD@lsDwLWiN?W1X8JnoUX_u$$Z6{?em?wAk345B(l0lL96m86D(~bP17$C)Mq^ z>BNFu$2gWT07;Wlco1tXFmihREH0Py+W90v8AIUCOF#ls2XwI>0YG=tq^@RhW7)BiXSxIw$Nvur*ZTkp17Y2#eSXa(mBh{6kFA*9Fi;sIQSDTfn#3uob#EvzDs zNsw^Fm1Uj|*SHTfTh$vn0KQDN&F+C|`JwEASkvr*_&=gq(NB;ZnMS+*lDfhAA zF~4K6aJ;%QN~PICC{=5Cv7x3hO!Ku#i^#+7WjoP`A2IxXQQkr7ibO=GppXIAjl{hf z%5~dFCmd^}Yq!yvxLeY$pbdTK(RFmU9l@9!0CF0Y)_XvEl8D1OAO2RLyi5#I?;_X& z0833Qf0$%6Cd<8yeN81&)^|yTFdcH4_9!7MSs^s=G)k&DJ;z>MU_iL4@w_#=>fp_9 zF!Q>f8-020-luOv0oTGM7au%8T%sUOKigLhujFC$md~=ezpYYuIziKQYHqt(iIy21 zbXeNFhT$}T2JL+HAbZZ8lL>rO|56?QvJR`b7#yN)D8%nyM~J4}z(#{inuI5aT}*48 z#~mp8xe@BAh(iOQd<8nbPz!2;e7SmI(F%hEX<52kpl!fe{ey5Y#@}XS_PDCaJH&aZ z0Y4fo@Np{tSH%z6q{~Px$sg5fgqZ!3(J06kf-|t+f*#+C_4#1ljdpi`wsgT_6tcqa z`6z`)2p`Z~j0Vd#cl`wd^nT4yg`U& zf>`_WZ+SC-k(Gx3DTqkwNS|Fl^uL!65X;`yTHj;2j;z5VHU!}`P z{Vx)_zZTO}8ljw$;~LLr_(@NBStb&f7JWu>5KIN1e-NlZDzu#czqN!u|7gQsJ|w z>tzThXATWc&Oe*!3YArOChU1tG4O-qs!Z0EUd6uU3#IQ7*0V%FE0vN%q1*P5-L=^X z>!t_QNt5{_PPDhWms*`Z!l68OAF{y)>oDP1wt6)J+vp!8%s?T{zWGTAj#@W+=Q%Y> zQFXbjw3lUf2Rv;`e?iU|a-qlgoXIC|Kn@3UzW(F%oB|s5=y!|!T~#fT1)*us1-%X9 z0TkM9hyRBJSMZ7JkpYVC!s2z_wyq+hCvp9bF0dIMOP7Eq^^qAAY#te|>X?nRKh(lU zO|&AOo7G?6`$pyXhoR{%)tT}*m=Z1Q$M#?Y$o{#2$!S8!p)`S1;C1tUXxWdWTSPjg zw;Xb5Mh}C2+t)l^m7beB3UcW8hc2L*NjLH2AHC6MYN}2Y|0#B|p7@H3OG>Bw=Xeo zr%E8*D&aB-$PCXN<5ui}>@gbtX?O^VcM9PXp-tB)57%rd)AxXEweC#IukSV`2S!OU$zB^)ikHcJBOvU9Er|MWC{H+~!XIer4&gjy1C z_`PQYsNc1!Iznzp{XKjEkaKcvx4Pqu!%{ZRA=7SYY>oRyOx>rNN(R#OK##Ejb*{f4 zNtX#|a+o!UaYrj4Xs5tl?2h;vW`EC_fYdfVW@KWvoeOzUa+`39q+WiV-ZfVbGM%KjJ z1qBBE@8uYLblAIN@zWr7KwX=DMU(rYPM*+c35ZP2gL~;md;-)gI1m^dVJJ%GRmF3q zEUPmdhRn0SpR%*qS_|y|7}4MHx6xqsD4yqP8b0DB;#Yx^1k_YR@u%XJI%qSJrA$n~ zIY%7QWd!6;(b%G>$F*zg}Hrl2uOcipXi5{ zno@=WsnVCuXF8k`ueo|O<^uBqGk>kYPa~zbY^p>0&Y~6; zIWGxZei36?E#jdl;u9aD3bJkpPCMr(ICH~Wb?mTTEZw?BM4u+@8g}x;m<*+4!Va8&%#NX__(ol z`O!wD{y&wmPUl^g4Mhb{D_;EaIYl**MPo7eca1Ik+-4+&K_PD43f~t2>ecNZwcEMp zb9zYgL-Nx;oLtUU6zK42-a`D(L~RoB8h}5>|3TCOaWINFgmVt{cgX8R&zrNU)U_F2 zx>>Hr$g$24o9d-vtC;66ijQxaVI3K|-|s0&REI0o*aRvE}4~=_Gy~i&IJ8}{u^ft?0_ix3So$UDck+cSjriq95n7}XotEW zc4W8a{q>p*!>6&gx2`I&>wFCYo&fYb3)F_e>Su^5o(ryybEU9ZJKn`tHQ@%DX{08l zCs&^&F$WoHHmU9%`yfAyKada<2OI*}4+k6`AfAHXDPV&rNdiWC=V?|kf|Pzi7QF4t zxr7{_%KlY?=#FlP zV|L0(qsdoPii&ga8^pDRTv7_`7>!;vTsA{~Stg|-nLuOiK1yPbhF~Wlscn{asMEU) zmD8Gf*jRarb^4Lr_paa$?T)sAaMva==;uCeJ~+f*3m>=Ht{|U9+y7_B(dk*B;RdzI zvSwlrACFBl#3ndIqfh0Qx+M`XDxzi`@I6kz{|pqHBi75o3w^B^{l7_R^>jk%25hd6 zff%)^T@!88__e}W()LTZe5?rEM|$wW6bwoOAq?{l6Q2;OTd=2gBP)tUJsH(Bg|~&n z4@Iv@$Nc$e^yUewON1X(sV>YL9-ADIz^?MRa2A*xO$8pC998^la`ZGvO=`Y6vJom4 zx2sFKhKtp|KeCY2Q~PyjJW)OY^*C6Wx+#XeI&amXkemfViZF!L-EyENG9rrukC-qFt9V&t zu}p2eEof}1%-s83V-LzP0#wr?#I<%L1k+xdGfOnSH(c_)v$t+&JSW7Ka_+X6=9tnM z4KcCI#Y5ZmjS`adFiW8$e(gqvZUcAX{LD_0YC;SI7X!2;3sf~?ucR4>z5u!}{|ns_ z$IxB*zo7es2TcR3!NCqYUwn$>CWV<8ew zjwGp%I@SU`n{PIKOnNU%_v%~v+VW?Cq9DNJTIcygiOzXQLvMH7hwWu|;RA2?j=IS1 zmcp<*>ky6+qFA$_0A4F*G>dD_TS+$?9B&)&iek60_pb5Sz)yYwh%IOA}oLdZ?)WX2vn!D!p+L|n(w$0`J(yW z>?@ZY^++x`wuQhhO`TGUSpFE0e8i6K3IpWhPeai9TomGk#rI*E&?_cjfj=re23hfQ zK<@xpO?AN`kHUu)RzRP?1znrif@GJPCKj-yxV_OjAg7D-eYL;f$!@f-sGID5(xOWASqm;xP@;bRH%&u58)a`8~eZJ9OlW z9^$ff=Gd}Yz`&6ZxP1Ny3Knes9-nN82^+g8gl6FFHH^!yIhY+L(zIS6FD1S z630RKvkW94U{xQuPsNOlLfF1@Wd#XEc-w_-Sh}A1Yxm*!ip==u@Q(ra3W?4wGivzQ zkDuOIJLIk0)8XHH=N4=X$kNELL`H2ZMu=5;0I9{~Q9)vKZoin*<@+ zG7Wso;pdP!W`qM>gFs#f>*3y^1Of~V-NisS=V1VR}zLC&M?)x zHuJj<)>47RE1e>IB|I>6Jo;kDoD-8A~TN7YoUjR zVWO_FQ^~(Obkc}2od~L8(!Eax);KkNgF2JpRv%Ob4#W{*KYjXQ`2WSd(7$o-+y4~n zGFOxQ+bKkf2WX$51sJ{zk|D7Z2dJOe;_xr2`wHcq%RUe8h@ZasilF5SZ{L$F+ii)byqQ$yb*OSaOxnr)ZFqm*}xhQ*+9NMtY`wlMdVfIc&fHbqdh2|XQ zfPV)DRzMKf{_T>$(`R_YRP*<5;O@#m*l$OieD1Gr`(&YkZrNl67ok*sQ}%othq3b& znJir%#pO?beEPyHWQgbey+3K;`k0WvmD~CjC#EeV7ugiPoen&}|H!0?BWpYKpdAbk zBtZLUKfr{nls!^tK_6VSU;#VD4-6$9&^fh?%>06iT=UQo)eq>S}HUt z18T0sU-Phi2`q3r_@#ad-TeUXO%B^Y@7VW4C*Z6UWujq|`WZ*|`_cF6u(2FVX6F-L zm<3(rE-w{1h3ca#K=JLpzN&nQy;f*qJ}vOMVf}pG<~Ws(6~o3WsDQ8S5^N%# zqF?=wx8L8M4XqT(%@^o(VJ=FT2HX>c#ifSUKhFCIjASZQ{CY+-x!=@vv}<-jt(kV! z?6TO2W^-5u``L*=!G6mMEWI_mPonO9!J3&)XpD_}Ox%mHXUf1fUeVuy;N852=I?V{ zfHBY7A5O7;aPNDXadn@*^M}EAD*idVMjtmD2}ZDO;luJtljN4}k7 z`toiY358^Z2Kj6t)hGk-EmME6ULrxPpjB)_PRA|+CY4ePvZ?PyvSF^o9-s*hy@Oi% zGus}>+c2`5$6@ug=8Hl0<-TvnUq?shf@yArm4z>Pto=s1 zlXbp-i}>NsFKKu)c$Q<^xf6MCNl@}wIdN>x1$GNhd>^?1{rge{)jF1|{t4b()e{Yi zB*_I7u3fg`E6g}OQ8yM_!mn7XG#5bQ=czZ|n8qQJY{>XgNx7ylr^SnW+Z#svI-Q3M8 zex7o}ls?LNqDdYqoYK>z%sdlY&;xmTWcB1ztX`M)HXP!jyP)dX2|wq52Ry22^Rq{c zfZ$tMF1=2Eg-{fDqMy1JwABhNWd3?}!1NETr=r)S2 z^-fJ?)a0WE-ACCqRn;%s&#C0wole-Lt}_h7a*`AXqNP^-lu2jLXEfc;K5RL!5gqd7 z)H0oqj@)Dp#*x=4Ku4j90x40jachGPd7pBQ?w~k(5B*RZa+4L2-x%hqqkEDB#yo-+ zR!?{%7}dp5e)D%{Vi}w*Ybu1gPb}KUSM0b}zG2Ob`?`>Olj3Rozc*hvzI>yA8=#15 zsHD{Sm+te8_dcHzD63~f9%3x13OT-!0DYNgvLJOtV}V|Y$cDYyRJA)oR8DRD1)-NO zJ7*q8Otn%_GYag#tVTztcET^UIi3?m?M!8_5Xe|b=^WT;71{r6AUJ+@t}O9d%5<^? z%Mwmwfg296lHocyh=?ti5#&%16CPKl-Adid!(UZ7G30-Jj*Uj5UeVb#&HZ330B0CU zIZeQXR7wPLB}zzk^CPeM(a*94Cw`RyY$$YprjKh5#oZ>WCKUkp`E0Vs5gcbHc6iD5}L4-GO>NXVn03N%m#;1)>$q$%EUs@?^ z(i-f_7#V0Z&+z*rBB_#Omi!A{$whiq%8s5ar6g-<2*N;N6K0(Zct_5L1K{Rm;5QmE zUmEenpEcuNS!EpjgxO>T`?##4O*f>iCn@#PLS|-4?=5#E#JGP31myoPw)a39$F!g7 zKMy7N&!GYk_*^6WOxc`)sDF`dM0w03I#E zuYlGXhj=6VrzCS-_a|Bv27q1eK6WbKs={|B` zGwBBeTz%_(qA(@cLIiN9C_*6I6)CP#pBPa>1d9eRf_Uh3vZ_Ndh$dyPV-S{ zliWe>KVGO;Nech6wA7uX^YP)cJK~x^Q4HoV!E>cHAi3)8W9KK2X}$JR2t{|axLe)_ z2SIk)AA&$^Dex?6QWp=6;4>YYa4z?WKB+@ZmuNySaxp}smm^+;iN;(G1>GnFPhz<~ zSV_Ml56}8S5V(Tlww4-z#-CG#lYBups2OQIKQL4)-i<$feWE%-PMD`UT(K`r#*JSjaJHeH4pdUEyT{JhMxJnTRr4!QJ0N z5b#eC)WSeGn*Hw)3vrv_W#ee4;`Qwr_Frb>9VJIP4^+}Lc$(I-d_6mT9TpLjeiUtI zM(`+qz#f9uv04Da+asu_XPTWwvl{FZYp$v85qw;ii5bs7EUYkl&7KaFAUfl|eu+2Z zs^(G%s`uJ+Eo^Ki*}9*nQT6PrHYIIVfWU5^+WjYZ72Q@{eIcs1P6l=Yxz+1dLPZ~ zFF3Wo-%fokVmTM5?IN=ym>m7V{{mhsAi)&YnH@nm=33MRTucnjL2wBCB?H_U>T4g0*vi)8zX%)HnF8 zg+*ev&HuHj`hhBM3gjYqwy_hFv?_+r1>evSDY$kqDbwbZZlCp#*zgE~g(Qu)jgWg- zDZ$=4`XH4+&1M7Iep)VwEW|{uKg(vZZV#l!W22pLUkQSdc4*g=K6)Yr-n6}5i>wKm znO@zy1v7j^ySZ6r`?6J2c*J_q=E8&fZ>cV2$MD-^+Su55iFlW^L_vN5Cj?+9+IXox zYOT#w^dtGZ-mjuB)ZCKpF(J~@hD-KvW`B7+IvijO4+-jTy$5#^o*Ie17Od%3?7JD) z7Pot>Ap|;3xB|(JFx!$L#XmJp%xOtnGi|81-+$`d%oH zT980NXPD{Md#UAWxsEwOK{sgGW1%fz{wBb(rS{_-Ovt$Wo9)kF=BI%GsJ(4HUE?Ihl3N;){1@dg*<%uA6aGYisI1J|aFyHpc(0PT>ioQ@h5u+EjPExVuj+79N zaOgOo`PQ`HHLujm;${%&Z#*E6+MzcH7^*s1z-bQH3Y!|!)%5#JfvE~yheh)iSaM|wQ@n1;}qqkSaJQwsIY~ncR!rE z@#U3YI4%5R;NxTJvYwvEfy)d*EG%w=P+l64m&S~QoHjuo{ARF|7@;_Ia_8$W-4ogI zKIzv|Zp#GGPuy}--|#k?LsY#H!#zz6LXBF9P42VzL(|YL?L;_O#^<*w2Zj_CVz$C!@V@p4~XAbB(c{tmY^MOya6P7tt%OsPXjBR<5v0 z{O|NtkT@#lYV*|?-2EXxv2Vy!^jQ~kF?q!p?h%*iCE_7>{3#NWu2E3yqHfmdq3SbC z(%doeRxb7tou#LVGObxW<<*4IbkB#9pMF$EY4fBd@wn(wc}39VA>@_1OAU`xfKHbF z*b|xjPj_r7q}y}?@on+JzXO~)aleK&ZSF0p>aN!BiZAg8{|-$*+&8Qbz4N)Mq5PG; zgFD-g(?O?rxT$k7x3vOI#(qb%TI#fxGE&nE->B?D?6yCn$ti)(cebmsJ zWa#_-Ovt#VRblLp6d}tee#_~bg^PgjOrjv_!Dv7FgU!58H9AfiQD@Ei!~JQ{GXwRu zrJ^?>Ifi}zB@4izbPnUHdboHPYRsV0z|Wv+xcGi#_V#_!R{>3KVWFKvU*jdC!1qMI zSelzqO2B)N6gdHL^F_BvQQ3`E?WY8C4=sERZcF(3z_Ex$vstltlY^+EL2zuS7Ze#R z_T=99S#ROC^#T|wcJ=WHut2kmC(hG^4^r5O>^FuTH$nWw^z)jx)BM8^RFT>O^xYj= z-m?FoivMkQ4S+WOPrMG7_YVN7GI!jM2WS?QRFC=9>8k139&T557ccGHkN`beFPfSI z97Te75GmGP+o9LTMQhB5_E95mv`;S0lt2V_1C`)@@Q=N$XT&+P&N5DWYYdhCX`v^Lvjp|#d=V=bsywx7-mVrfIZ*cV>U z2k2e{*%`rsOR~S8-cD4jKf@EWNF5*^2%P4f=WT&YT|aU5LG>_+S+E@Kc%?dPr!CY! za_jTKS4E+i{mze`NQn9w6x5u+v6qTNGUi59@;qjHVuhS7NJ{wXYpn!ys`dve^XbU| z9Q8NF6EmhWS=VH&8rb(VwVh*bf62dCb?=Xmi=x0YnhF1VK&0n>jc{TwjV>V%De>VG zyR!8Aaw+DZsku`+ICDe`B6dQoE!Jx7MnzfO=f-d;H8wYH-Jqa0j^8n*(9y;-ge}=X zCBn(tWakaOIQk9*YGe&wR&a$_=GLrdG$h(h6PzZT4Xb_zkl2At2b?RA-EiJfTd$rv zz5bJx;K93CrbQPs=00`O;n)XCU!Xc35h>|uAl@PfN5WT7xJmnYkn7}|~J8t212jKBKR5HK(5jc{u}Rrx+j##G7BxLTEk zokXf2#kby0@=ZA|SD_KQ7uz460wp<>0Y*nmIrOAwza9$ni89AA2nK4SSr4Khhwt;( zl#{DsKOpUWL*J~gXZuBFUa-oGGKqtV1)&O)zxkVJC*ho9SWlM=oLz^|>5+SGLu0y+ zj8{&sv$xh}oL7a*(P{aPwV)$;joXS(23)%l?q?_QYb&??vH<4ZP7RuM-u_zpZN1 z3+>Y0e|;MYD7urWP4J!bE5O#2snWT9KTrU8KNKF6uAhkq0qwkedH5-#A|Ia}Q3*j-PSJgTnksY=Z8&}A$MpEZC8t1f~#e{|Py0Te@C>&Bjh?P47 zSUitipzvxIFCNkAS3N4b@}d9TOVbhzzfe&c&YC7$aQUOx$O6#+m;3Y9PkfmFL+zr> zJWREK0cXLA9*~Tt97Hv~#d|JCsJi2qI?UBuxbVB{g15`lPqAK2{CF}UKKXS_{LLuR zcqz!0KN)#K=Lf##YLwkCbgU$*|cbNh2vzo z?*l(ifglcGWn#=g$Zewt;7fyZYYCnadnp*#i<1(V6nNjOkY=Abml(GIHCOX#6xYUw znAwv%g9W!G&RF8_VXMT)m3>;H@CPN2AY#w&dt zCnvc(p!}}LH%7;ftvO=Nn3K@Ex$9}o+^g$a5MK^gIH$U>9h$j<+f(2H&mWtb*Vj(e z3#Y;Ebh`7{sI%f1AYReS-JLZ19uTpO$Jty|^-2XN`b6}3no8fv8r&K) z9a#4?Q2UEVuxW$F%E)1tE zZSja?h~-az6QUN!Mm+{!lqirW?h~T;<`ZnD)8E&)fuv7t&PH*yPRJKZKSF-`-01k) z<-$D?KcncxCdVd^x$SL_xrOaP5Ub^$Nl@n_3D5GC{J1i(^}*5k++^qq3Xzb_ayYqH zf?rI%B63KVfBNQ}YQ{j7q>tie{EdAzW1W8gCpi;uAGD0!A6jH|rLT#0`Q^qQNC@K`VF;NX9< zF~_zx|F?gr4vY;Wy}KeaorIpI-JL{ten)P`FKfWF0~v|pK+?M+zo)>6x~e1Yu*OsYKy)Xjb)9X7NQNW*9^0 zop!h@9Exu^XcVdzUXFZlRi=VESCQ6z?O=$)71&>E7*}sb7j&rBo8jtKWSQ`Zt*|zv z{T8stxfM{jgqV<)k6$p1Qpk~93wxXp6Uw`Fv2*=@u=iF`alBvC=n&jOAhEcfRlHyV0UT~RQG$;kazx$UjjrbWL@>|DFZtjk$Doso0H+jJ`b z$_j>eg2}m@1fQ_!pD1b;|Aj*BtnlZ(?M!V`K)y4T8@|O5R)%`3cDVab4Y_9pX!cCf z#l@lNNRIwH@4AVdC}6Stf~a*gm;HWF0|o7orW`N<{%{WX!LrZ!&~Wy&6E{Ft z&Z9JRRt0h0A4c;5N2df7KZtbt~Qp2NJ6qP8W`}Jb59<~h1k^LSmK?cpK+VQNP zp4p*>XQfaGq8!pPKa|vhdCl6Zs-X`%SEN(5obL97{?UHS>^ic5-m8L1!k=oSIL1i6(Gl_YD+?&HjyJj%i)vHT8_ui{gp^}h6kWC zxt~g0lu6643kEn|9qzA3lwqSi37`c0?7ve`ZR%I^C5@^SiVKEo%-Ve>LXj@ywB8SX zhI&HzZ;ZHDU`K2YUR!hK?pgO|;+v=Z{>*9JtoCm_RapF)=h|cQ9mUa0O&kKinc1$t z+rHICztLGOd`5k4Ech?OTy78OQJ3%YA*q3=T5Q(TgqHeTLObBq62Plh6ABKRY2MdN zx^N5L%l1VHS97VP&zxvsI9(Hiv}EZc1n>d92s>L(DB9rhh2M*w<6}=X$4Tm3ixz_l zlb2B5XkH$xnn;bwD|pVvMok#w4+=X-Jb$`LT_3_RX$P*pxv;6|3l_H|QB=9rbON1w z-5WbDibAtjpAXzQ0hM7p=VHiHg#2_ntDm{L#_*hpHFde02Uz5Hb@f-*esU6eq-f=s z0H3>`5X}Bqld7`k#Bq_F>CmQ>u;&dkCNatpH*~tQcMl052!hb{W;!HmvlOq!uc@+v znrUwC;}b@5W$rD)Z^6Xw94o{ieYT`lb*uF=oI`PBg{je^Qd^XhQFa{8Pt4Ni9NW<6 zX|hA*%@=2ox9qHNs!g95k<^H#CLC-A{Y^&A36Kg5a32Gp)o0%a9N$nlWd}kbzz0b1 z!auUWtVB5aIPy=eE5@7-8{Ra0R;|ow?LxiWZBK@lx1QWn_*Fg`^gYC7 z+|V5T78q0oqcUMzxYI(Dfi{Owg-$X|$(*eKxPr3Me-g>zXE(jx4e#&oIuR^2>_yd# z;rlKohs9_LY8)cB>VNEaV39j}1&(fAgZ7KZo)+$D5fOa2_~tzlEGl`gg$d{~@a>C3 zCyD_gI2>sB^%@j8b&v!-_lH^`tb^a&1n7<0VNUNP%6wvHdBvUDK!M5SHz4I#IevI2 zzPsviPqq}Yt06?dhbTV1J-G~)+J7ViHidwj^cB1UyFzA{l3VTe*}9Z!;Ll%3IiTeJ>%uVt7j79y3u^~}SY0tZp-0@cvH*iJ zc$t%#W2oxq6-3F!n%ZN4g5);Z;#)3=$*&zBuFayTcuy{B6&cZ+G8HBT7zI%3=aw5v zWma1|2it9vM(nZx$q)1=^vU>U-@?R5;NW#{%b|5(p_ih*SIi~_$o6*U3J^+oCs0Uo zjv%GsXFcY4K#oAjv&nDsA#3bU954FIQfkn@X6h8U?%c4%UXdjvhz-hpUDv^MAWOZI(!Ul1U0oUi;C-=r!y;qD7h?V6^Yw=vTEih4C8k48 zNQe+Z1)3SYflqp5G`V?BQc)9kT+R|j?2S`qBQX;VV5~&MnrRTBg<{AwY`PD+x54%W zuVnimh4{<+q?GNYpyCNcdDoTn2NdCKARwexJi4rS!#vyhm!6w6Ie4TmLfZCU|EpNr z!raL0MW8+UZ0T8q-<;tRnyWqqCT40^l0lUKg%Ws*TbrB>; z^VPsp@)w;bcME9~4<@OJ}$DSA} zTTNN(zI|(0N9`gBO4F_A#eQ}$n6Pq%3m{*~po-@=d>VEBkNBg_OEVs zYcwz$R@`~k$OI`18J!pr>0iSq-|{tFHSqkYF?(TZbBC8Y-UbTBJm-X^RYOA)&b&G4 z2-JTHrC#i1SG12wjvW?Q+dLNA`g$IQ-2zR3MgD?^Z!REYJn~hFOqZGJY7#1?Y;1K# zi?_`>IMN8D_zx_2f&$|WL-_s5?UJ_a+I&$yMCh)U+&z(_?FZE5wtlu*TUoKI&sL^b zn*1qr-zUKQ$=D`rKiJ&R`{oh6g~#5%GW0X(gT%yIZ7kODTQfvB$F|&yUh2LdF0GCO zou?;$Jx_dE0*!@5Q~`%lG{NJo;{9c4GG{h=079zs)96EXLhT7!a^Cut=s0lKQqpIx zZO$j8ZL%|Zm5gnesiu|fe7IaFL8D!dG}AmTapUTs7G#TOXI8du@;A~=rMxBL*_Dbh zQq=Us3;^8_&>^SwrOD6V7JYL>QfIw3!8TqsiD|t+$xwNmA5_2oMA2(Zice#$Yb|At zj!^Oyg!qmNqIcA9)4;fOg3U9b7V)-X3X>^LHFTM ztt}h&Kh}*PaF?r?hpEP^NDCf}Q@b9K)b$MNsbIAmQAkHJ6O<660JOqWq_7{yeE(f} z_CQY(XD=D4=NCt}GkuoS6={7sK^}K3dZIw@ic)~#EZJ~-3Xi{6oNT4A-f$kWddmLG zaCkXt?8S#9J_BEhas7j}9hrFO5N7Wm5NY9LEBK+@yUR>jRG=DjUk)vh^2%)iMnSiE zF__w-M3dOJz|P=Ri zP~b`l1C0ozxr6AU%_b#f3ikQcNTUl6?rc2YPqAeDlBZ6NibiFv-OnRP1uUnQI;Y_U z+8)pWm3dIQJuK<4``0oUeiA5DU$bSYFuK3~&8#^$Jw-W>-qasU3QJVN}-iPl6p584-0P@DVeYry;u z1QEQ!{#TtScPdtHS{CO z&J=3&(gror=8?x?z`HM*QlfLolG=)TBlgrT=ocy6gyqo3wB4ocZl}Y?N2L@%-j~R^iLwhU zNh;1x@+jY#h#DS0mX}JHG`~W=x4qsd?w4ZfZ^xbUx#c<)1Z*ZREtb-Ej}`RY2Rrd^ z^&~By$dT`B?rkOVQ{QhJOs>@=6^(YFBe_0;cSEJSmES<3Zc||Xo~4H&w(DM(1jeA% zbXdbX)lC@;iI>=r-zDp*3#mKQbS|G^p^+9u$L(xz&tUo0el^@Lj;}<7$B=JIBuflB zmvOeLx(2V<(_R=Gb;z zs|3(3elg~Q_e4Nnc3<$f^oVM8{K%`?hF>-B2&qZWxjepWXpqRFrl}hNVzs~ZjZ1Z5 z^)Kc8$rzl}_l`4Km}~&>*z01VJ6G~^`vXFE4?Pz=qjsj02@jzI{LE)Rgf3DBHzpc& z5k=WDE2g6NKS~>J<3p+V+1dd68l%#V0sq91v~5{`D$mZ$vHa5T0fd$-iw_F=18{P< z1D$JEijrctU4Sk4_0?WCAa2-imxKq}`hP!2g&h2P3AUNe5#sNw1v`YHI@41>1~E}T zj=W56KYU2dPvecO|8BT~mgUtJCP@Bn!~zdj&=FhG(FM9A!`L)VZv0R97VFPf&0Pit?gnrjWPfz$3G4JV}~&5<$2wR_XJbLrQJ)aM5iTw@tAt{87)LM;Pg~8zZbVj0cOc1V6in#vFowjkwUGLx1^55E$>sfM+rAf{vE$gzPLB( zoK|Fox|9%F(xmI)b$J1TRDs}M(%;&sws`yK@EoMkCf%;NNo5F4oCmW=^+ou9BrA6p zoCP0txzo7wX(-Cq z39cotVl>Qv?SM-lmk)WjqjY(Kh-5aTKa<<$9TiXc=qa9Dcl-xL6~YR)?`eNL$#X4* zLr2(E9`502?-`~zNMhLHrVk2dTnCR!HC09)?T^2D&|@YR{>H#qz%d*#?zJ zesN2!nQYfz2g0de$YK`(e(K!qCH7))m2XDxc9rhc8{XT-;yu2imEVcgz655BeJZ`+ zE$3Mp@W5~T4b=x1hv`luyGy;y7Y4&P*miGyKJs9$O-%m1-5_I4a>TIIo2A;a<7U*)C;uzs@dZd_yy%TZ!!UOfI zjs1*4QIHM%w-t1CTE%ACcGk6yMPT4b){x%2$A;DVd(2iIM}xqOOn(w{d}^sgHO|ih z=JW-eyXUaZh8$L?#0cKIgzvRBzuu!JHCa^FfqW?4PV8-k^W8}EH^j<;o@1)QEg(lmqt|T+M)rqxpKU z68)jT@-sn_IqT)OG#LS(RFM*@5B-f+IR&d_$k8e_k^b?=g8V9sz0;D>0M6cS1UOWB zdmsX_24MkT*$C$BpZ~147FG-RUYi<*7O40JO_pMyrNvXSNhk(vdur1B26z&HbP(E< zp=6CN_G29A@y(iS$Ph|RiYg**GFYN~B3w#1pR0O1zqS3;1o7tFc$_$uw9TJbJY%>X z%PObW6CWHh47*f6ALzMIz)Mqlv^>Pgk;Y_EGniKmBoHL#Y(Kt2xuGrJNWwI1A`@?q zD_UDd$6{`-P1eW379Dxyk>+<(BIri24`EXEHe=JAPHZHiQnQH-d7gLz07}G>Mm(s0 zHi&!U!TjvRxFWj9!t?}tcNwC@35ew^H8_H)WTyl*CGM$IrvYY7g4TYKJBsRGeHvYVe~C2^q@6`sYF7({)2--<^$k0gq%~8wo?p-aSwRrc{f89u#wPEw){TOZ)$|x^frhRD0P&%=#xV!q$CKnLf2_ zl9}Ue&9jeHnECVq+i#bpfXEh;N;J6s;jT$SF5Z5+scPSLrW)3#?6@K3j3MT)yLH~b zg$Gn?)YJvWR>x+sIq_SaDcRZBaPl74xyFO`?4cr2d!JQ`q5ZL3Q~dV6)0=j0G*p-? z*@UXUAHY7FeRvySTi%vk=)Z{Gsz%A9!iK|#p~80PG)s&!Hni@BJ;F4^8zab;I%H=z zy~&(D^R-<4rR(-;Kg5SPz;xj?l!bFgRKmGAt84s&qeBSr9(jql}K*jM*oM6bRb z`8bua0AsjlEG)8RE zM@Dv4)&W+d`>e4W=6M%=%#On4T&d65QRauEeR+QjR}G$GoygMO8cIu^E96EXSbo4G zbyRHXe#wre;?>mfDQI8Yp-R=5%BkoE&0ygTFt=R9Zr?kv-L%r3n0^YC)DRbM z$>domnd;q(?m4ogdvbUlcTtzXTHIEz{a%t?!}3*9Axn!j3Ps*{l1 z_7au7TQ~L}dk?byfP5pzHSj@TU`WO^bOzX`GTe~U=A|P2U>=#sp{>c{<&PFOYWA%d zmp3Gf9dy3#GQ#3sz=5I%)A?Ha$yiIsg6(hJ5SRBgy>@nhO1WiluUPP}(>FeFZFDq| zdL6)f?=Lz}SNR2(v)`JnZc3vXUwL8Qi1B>qL%wUcoZ@YjAH{$Z0#RAms$})HqdF_* z#&`_RVAprlejCV5a?Vwdn8(at28uP8&>oXNpqUKdAT5y77BBrU`}9MEpqXDb@rA{# z>)RBqs0(%#^`8xgBo^AYh1kvSvmO5i3l(<};3;|Gy&u%^e>7O6qTiUBQ58r+AG!R* z0d~I($&zGkokjWLAs8lNrCwH@16<$r_1koxLik!YsX?VZ&0I!_Y!KK^=7Ak}TBm=Wr7_B^?SQZ+JMG zFCDk%9}sN_{XX&$w3Tj2oZ~1LBH-__Fifn#I#s5YsSkRLb*m|QFcSa{`hD*%_uPS& zG@J2#7tQG51-gXZCj$qzJT_`STRj3a3^C=a0>nXfq><7bUhXi5CRbm7^RFJa8*FAt3$_+hj$7 zS>(w9Y3dMhyk2V5Go1JSXtaC|k4!?*;Kq!toBE2F^butAk*kfl z5Y$c9q;>A68nMO`jPpy{sfbcB*t=@lmC?S8SgLty-%5kZOh7rR=AX0F)qsl^vnt$@ zv;)vAB5Ar$Cx}R@Bu)TYeEcA{mLT%vnp34?JFk{oRhbI{BDHneCTn0hK4lNLM>qb#wgTNKXKF+o*c8m{oNg4Z#lv zPkc9^XHNWo;Uh$Erhe`Gk__-%ozdg|FO%-Nl0b)qo<C-E|vcD)K#-R#khPzx;eV=4c5^hT4e><9W1n>t-t*ETukYZA&Q*4?6TD(>6`uQ1SX%2j95%d;e0I8kX8i zgfq}4#!F+y=Sus<&OkQok@;`H=ZX9g=!sQVqNqXv|1u1_1ymWen|@w>kcy;YKev;%iq2`q^abk z8}dNM5mWLGX9fQJ{7&YbG$*pFbt3tT2bVfCk%Gr=DG6GY%g?Rw{^u6#LDsd6HSqGy z?Uo2bnro9!88$jasXKQ16vuJ^uRRaGXErv~JWn3>v&>j;XvqGas+*BWOiwEHOBo=N z*NCKL_M3f^gutS}oU*Pn`|51P=?ck80gFircjKVwUXc$SsGa}7oc~;EF3xSk#0+Ow zIcPgjQQzpTJp(jhTGHn*z+iZdw7h~lcRieZWCYl)3uXAss<7!Mb(#EM+cLM^Whfm>0vxvoq8LlF0__8rn{b< z{}@B=%q+HxH`xQBa*n^6;!!{&ekh9H`zrnR=P(u?Hl$HTV5>3!zO~6+1`CloCl+xZ zLhI4Wj#nu3J>L(`ojd+w8YVu`F_(N4_%!mC5_Br5a<7Xo zVcuRd9mK-}2JbkeIi5*21i7nd#ZvDzRUEDR_QTs*oel0@-HA=Rai1V(zOY?tPY9IS ztUvKQ>X&lftRy!cw*`_uS1+(Fvw3##sekHa?Mlg2x;(^}+shDMC**3@`U_6L z$uvPC1|C#Y4yHtKs>6dV1r zK724j z7S*@JDDyDBNmF3Vu(9ewqm`>H3VlQ62v}nv)O@ywU~V-^WM68J*E%G;rbYLNQLcXj zB@xAQxU+m?j!N;Q_mEv`f<#-H%c!P~3iapU5yw@^iAvXRb;*$aF$x}=WC)8niJCC6 zrTwGYBiw=dOEWlCul`(hYr|8=dBOoo_J8r)GwF~pY4^s5a+{}v+z7^`$6HlHAumYA zDIPtKgwOv7;)KszZCPN!(*Z+UyQ<(vPrZEcTv#x;lRNXb*a$n&9xq>7psP{!F)4BU zQjRL+#CxKo<-A|HSgbn327i6-m{;AD>gL^11Njh_l1m@6O{^hphyD-6?SSfJ0hx0X zLR4ZYS`R^t5kT3J!do6t+(VZLGk*?MdM9+BE#QnfvE^T}ZiJSXr|7O-C7}GG3-vRc zVz%I|l1@c28XWE)kMD148a;g9oSS4M=8E+aMU*^jWtwCD$it_Qadzyf zO6evf8R`-b$D{?oV5JkBM?FvM5P84=w@br>krkOzb%KT9J`!7-3Q?t?V1S%=M9lX@Orv0l8c4 z@d^02JZ*Itt9)I9RP;S#rP%sobae&Ln_L{fpz8_mTm)(gf>VEPl}gP!Vvc+x9D_)7 zhU3Q-$eqI!m}>wm_%nR)3M~O$4L31L0#HX3$A<2s0vpsib?Am}2t7Q$r?dUhj88%W zKX+2pvjk_NX#A#3L0NJ15tL)jAC-I$-?{Bu;S8G&n`oj#hgTffYY7|lmvy2r z+hO7?uCtj#BF0vIO)ZYJMdfo%&gu(&c)hln_ z`x6=XY_K-;tQVFe05#95JeUAjMPG_u9t>-aJ_^5M3Jn5}c*JDogy!P+vE707lo-pl z2owMMan>QNQm}Iz@bfoiSl4J;n8msV`p}i7Rx+&tNg_N+&u6w)`*Q0uwOSZ#2*w;> zz2!Xy3YajU@HiJ5MtGj@WQ9pm^SWIX&9={rFDW^)qPe=8>@m}VbOLBS%oE~oZ(vjP zIc~Ayx>Y?)0~m$noIlf;UQ>k`!YJs2)j|HhkdwxI^p!m{c!YzDFaLnH^iD0Fggjq> zn{155ZYHP;1oo6g3D=KpNSmg$9J9^mLO>2pX&g5)`nrh)tBA8~)nHs%fy%v_z?bNasW z^EREKi7E?(IzH8o_YZA5fpez`dpFH%1!sUZjyQUd*VHIi_$n%;?P7%)AP)waFefI^ zNIPm>Q)mG5H_H9V6ZfU9R1qEmy@z=V4QB|FJ;=EVY7iwUR&MNAV=+|ul82kYmk>SS zjTq1J`liA<>X?6JgtpN#N5tp=2qjHDnBrd5(EtXRHz1#WIhs-+DsbID>?z7<5w&N6_MS=`qiEPh&@cIz#Gc z5y^+JuZM?z+ZV}fHvOE~+-v8jy?v2kjZ>H@Dv9{Jqptrb@Gnx{R7_K{{P|PBFemKs zZhOi@nF}uibf72m^PIO@AV!3p4ZRZUV7sDJ%J4G4i!anXlv7k}n2ci=zU}Kw-D>9= zZrTpBrVu?zwa|fRWa(EeE9CO%8j(r4D=LH-_u!@frsh+;P-8-SDXaGU>0eGMByV54 z)tEJxI$nEfRmheJ?MVS+81MfD?eRacowo-6p*q%nyurFQP(JJunlWa8Cu8SLA`S z9^e+x(km@=f@3f*GQ8g6W+Sva<-dGgIVnplQw`{CFcw4CqJh?8wX?0WgCWF34#ll) zr=Lv5RQE~?<$ogcBj?|t4l*Q;($sLPO1TnK^yZne?=^J|I(TW4@vrHh-Y6cYFFf7@ zg@pvn|2Kt81!YTac*lhSf(a-V$UCw@AxS{T9L4;wd+H?8%y?&4c)bkrN6SQo32 zCdPt$QSkixgk}k3Ej5qeSMjuqeMV8vFvN(ev{khiwwGMM<;YbD#?xsCc7*?K~4d$LnUCKlI$^I51Npt!DN);s$%-l@sWTb2 zRuNc-Sd{?4v8SQa&Ry^5g~bnV%xhJr;mSWjKJ*fm=w6Fi0$z-=#JdmQ3mwg}I`0_d zRj3v+5gMy?$GNyjexoB`fVA$6P_sZN3r5+Z=?soY7S5tI65UR2IyfNuB? zmb>ccOrq1tg$2SB>tO~&LRYT!`C92>hJzAP?tWWsAhACnXKq7UNnW6p70!z!Iqg72 zG84q*kmSA&M78z-yMuQVg}2#I!e7smTg|sSUv`C~MeqTj_k?bter$JXW3EIHszPlb z9_MHFA)N8uq>6?1d!-FoI=R1(Q3H{4sy=r=rmle8cdjQpP4U0Up7hG{j2*@c1mKSf z1mZyh3{=b=@0AzK4nxr;)xgCjBVL|56lfmob{y&b$Fj8XWuZ7A00Y6Dxh;^^E<;BvqKaKO&^9>?L#RbLII5ktBXdivMJPtimH@1 z%BtdIC(LwhL{j=q#w8O+7$1y9Q+fskIFAbuiw9Jfjx#{}5bgB`L@cQXUgt$|qMXUJ zaExCheRh(CQ)U>Y6->r#4{5%;2!*7L?cS`n*U@|>(%6R%k5Fz$84=e6gN6iAHbSA( zM4=NY`5~bXNx>4(Fa1y8N1e@Yo6tY~B8o}M8)Trs)*++oNgb#Q0jEYr&b8k?WR{(} zgy0=u`=Y&<7!v&Piyf^%xzA)@i7`yd?vtSQ_){eT&i)>}G6AgONm;zcmPF@(8Y6%X72_3HyA^8^_ zWN@!!2)hcXCM!6|xn11}6-8(sypk7aoY(K}thaJfestYS1c_gkRWJ#&lQ-i<`J)$f zt{tQg01D|3p|zt4jG0j3n4ef|Xp!)sy6c$eA4`Buv$*Sz%Tr2SHqn*OwafQtod7-P*tv1I8Wtp%DR zF6Cg^Z`_Se%(P-R3)MTwn3}qmN=>r^shac0G;fs&Y7Emvz`Mu!;ttEUsWF+#Z`G*K z^4&Xu(cX2CL>ge*+0CcsykSPVx+$FOP?oQxNY2sChb5B)GE`>*HovXuve}t!fzG_h zLs4Mt?D{+k!4Kwv%&U>zWaSq=933ZV`$;DI+N8J`R2mHB)<0wq%^>&#=-)5CvyB=h z+j(sGr0{P2DV!3-CF3kH9SG`x_EpvJNKWJTkl`->U_!g6yc;4H=j2rc#NGDRjvk@@ z_(dNCG`*fjB|n?zIt~DFUb8NfG`yqDmwkBlNcI0Go1=fkQ~w`-ONNs|wOSvIPn7Ouyo{|5D75~FT@@Q zqL>O@Q%tEH{{xZ&9`@}?3JM@K*rz|Bz1rNH$%2#Te?a4oGG_(a+Ok9s-$QRt*dDGN zE18CpPJgGo{%i|8Jbj>iPtQZU4bir=-ko1p2nT=mJ83Bw4lRl z$kGs(aE?n&bHz*LH$LboR+*^hc?56ZCHKmQfU35?IDfyHrLZ1Gur1l(x|Ab#^A1NA zcfm)}K5^Xw&VDbq245S{U!|Gz4m1HwiP=)QOZg%D(Sw!)`FgHOK>_ENYbV&ns{oBe zE~y4vaC+?-UT3vmB;!!MX#9Uw<gp| z+<1`O`Aca$s9otMZh}8gT0i$DvE_F~W{$+1NG<{Y&Y`XYGkkx*+Gj=h(f}^EX~Hc4 zF)3}L*H?aHHnwD=FG{1*Df!p|buazi0RE*uya44C@Il-xT?i68ug6zg&n($0{mr4! zIL$1a4(aW&Nlzy?EBqQI?PQaq^t;E>ego&uq7z9uSNxEIFmZeQ#q)-2{wNUqMDw$Q zUU{4kjdHK%^-{lI9*zuj2Jjh{IahZG{g8{$3zUvM|0XdW{y8>zXUd325OyzE|89-x zl@Xz8P78J__Bd1O7>W$${B%1R6jrfTJ@Br4UZd&q^fVKO1*4ggWe!h_7f-DtPtg*P z(835s2>He(hi=Lhgs$lTtd8EX@ERqlTeuheRQ=h*cP5y9Ex`rF4ceg8TifvKLoon@ zK9QqOB!skot%4#;0kjGZB!dMHd|{brf4O)mNc%?QBc@r4oXefpRG2`=MhOCFOv%qh z-vUq4J_Dd_kk14sBTJrEm2vWd+17I3S4(ex8aMldb_WAUiqeD9^1s7eF(UN|_tIOx z)zX88YIdLaC$8GbwA4oCY6NJZ)4`npF)PsJLRA8uy+wad`N3KYEw?5$oJ{qc`0a0J zSTA@Yb8KG8#)Wpv^DAI@EyQ_62Xm@wnU= zyBD3bmzVvWb9oquf12Ju8p(aN8zxzUr0nSJxZ(w5{Wmim2)$qx=vg13-*lI;!8^-_ zK;8CtP0~t1Qg`!-j$<=4}=f7wM#2Z>o+lFbrOzX*C{gl7(K`#rGf3> zu{)3gB1;>sJX}#^i1B)c@U!u=NBnL$4+{l!3dAt29y}DUh0l)Jg^iDE|YBQD7in@AXs;vm*xv{O6aD= zg7#MyIoh3u63RCSPp+&pYr7~(z;fH}dqI!Izd}*qZ=MzA=*AN}vb@E47s(O_Aeqm1 zFJM`~>H$N)Yd)L=#TQtJs27i)807gc5?ljKyxN9DZ1^X)tA38&lTs890Qd4mF~4g7HmSz$AhG; zR!3d3j7Ss^%N%QfK%Od6rB~yf`soXPbUkyvse%UjcRsZ`{VUpYENFE37-7OMpHwQp z4<^?A0PxqsFI9-k;w#z{1%TZG%^6MAvzlIdm_zkH%h5;w=J@izpa1uq{O=n0-!<^R zYvBLn8i=84WX&;rlVNOF-KM1XTU{2NV12m+`vS>bcd>IQ7~<;D@%r1xO@0(w6x%7k5)*`&KTA9Psmd_^L@4=Fx|=x z0U=CyCAaQIg%##R<9GERi#_E2JXX4Ft|wa*S9!R)`k}Bnpdyo*Tf2ek?XTD-F(*Yb zg$?)QW9H{!{?lO48uxKSMbGgoc=J5g{V|8k2`Akxq5;sXMTBu{>&euXh3;LfA(1%M zc#|4m@>7}3Kk1`sq3(Yxbuy?vfVp`Iv?zWYl*Qf#I6Po-$n!Zsmg}iK$WyU3sJy66 zZ|~KmUkr7yG4%3*;Ne=9Qdf@?tlxcTMbb8- zqa47Iqi*(ZFN)vX#I?ou5cFUd#Zbh-MmTlADzbq$1 zYf|@Ah}^Qhp_XCQzb0DlE6Va6P7`pwbh?q8)8hRU=412 zyVlqREbDSAyJUoa%~;5|_wo3A$dh?XDsS&j&uLQD|F=|A>g z4$jh#VCzdBX60$of6r$s zFRjU-U@my}pkNN1mJ+K_8o&qVTeDPajtR!V-c_l_a3q&3?H)0xR*z+tD`$s$t0`{R zQ&z#{ib9GbFyRL`ge6De1t<8`jUb8;aq^OG^*)9Z71fV3uytdkv`J!OBG6WlA~Dfu zjYm%M(2r-{_A3%#lGugea0*?o2(kFBo(lO$7*az+IVR#?W(uXTK28*%(2)DLWu)hQ zzh60J7sW@YIw`!7tRUn=p8HyuzqB>JCHq5A$+2cR$n;x$ss9gSBNDRLg$nJbTXVny zGs<1MGe97FZYLi)ibBVaWwJqzle*m3+0vVO@wh)$6-99fSSx}1M7OFV`9kf(OYcB` zJXdPGz4-(EPZ5dLpn&vvkTJ*S!%R)j%=49(m;Ce`!l#QT2LA*I{+~#OL1jGb7P~eH zT$1<@zajdbhu~vQRA}y0jSsxS<$T-87wqE>j{zx)Bg1s--|Ejva~qy8UQ8@zGBICv z&>%lF_kY0?NjpqG^jz|&1^3GiDCFU!9e@iVLZf%t3z>GbmQe)RLnk@koAG(Z)U+AW zE&{XR178qQ0ULi#>|FZTh~%V<##3d5sjk>B7rb`Zw|_pWp0Y4-W2C27uC# zBRWXP^qZ{LYn=W`)H(8zv}8FFyUkJps~70+EzE;|qzUJ8v91j_N&FDZnBzh-=*zc6 zT0ay>C{ueunzJdmiLlWVcl~ZWUwwgk9NlVR@RWQvQm-^zdf`US<~_aDoc!tTb6us0 z@xf>2a|VP%diio0q!5MY>;6ZgFzP#`d(Ky;@z2 z{t52Co8M^2SN{PWX`xpVEi4-E`wA3g17bDM2vGz!y@v_ENy)U%!j4uqlY|Bq`2b0D zi6i7R-)?St+>+@H_EIaY49*nvWT$WEYq{^vZR+S`P*`|)3bO5Qc2$(!G%|!Y^z7yj z$hgGMctN;2SdwUT?tLzcNc+h^V(#>Hc_`5u6+Wwh{L873Q$F!i>D;lx2`gK;~Gl-^`V^1nD6T|A3*;b!2QHj$YS$p?YbC z;nf(O^{DBL#F5Xq#|^(``L_=zBDMBQBPwv$9Aqg>t5)6-)5x?KaF^%TrHnMhF}~V! z!o!=FDs+Gu+d-?hD(!cU!ir}%@26%?5f|6yf*2soUK2%3NqdO4^9n2lBJPdd#9uvlD z-YY+W(&mf5)bZfs;?z!ye5iZ?_Ay}f31;?NkOFk#Vn0!Y$jZ($R8hcl&dk$edBM!D zQd8V9@kdh62lcj;I`4p_?YE>lrs_9Z-lv*YvJ}#cjhVZfG^|6zzeRp?rrg>^0(?x) zRSxFcVB#!0>)i$}&p_QAs$Z#Z(zRN;T3aNRm`*D#IS5dI%Y=)BG+gCj`gM^iOfz|8 z1lH;hco+b(*sJl|^GM|FPg;S;lLy_biww%5j8S#SrkM7^4jCjFc6&xE|HlFSadb{o*}+Si&sN%9A6X)Pu=XVf&7$T5M%qAk~#TV$^>5T{0@&(faIS_P1@Z#Z$;b z<_Zt>lCbsyO5*4Ew=LqpBz4QPa)Z$zV)w<{;2)3tTBYpf(>~U5Zh41clfM!PQ=$+Z zcbh8rd%KG9!XF$M?4FDRZcKM4m-0w%)p3-$5OB_g0rLv7f;qT=A3K`NSqC!8;n8zs z>=p@bw|UR_{m38C99_A?p}39jSmNb!udelt0C;?^rmo|bLQuUUP{95m{PoeAYjdUq zE(`wv$F4~vf^(T50JJOY*dYG@w0B)!P3_$_6j21>fOMsXCRI8pNk9lyno2049zaT@ z2+~BlpoAWzcOisc14uhk1O%i@OCTVi^xg&W?sLDF`wx6$+y|fc82jP3=iY1Wxz?Ps zt5>iJ%4h%#YfEEhG5tMD`u_0Gf;D0wN6g6OTJ1 zVlvV(yfnY^wqxXdvR(}8EnXAw(M?y)=%4nFq&y#LKZ3SB65w<3#CdKw7Gk?LCox8&NtHi=2$7DZ|QEb&gI{b^`>b%9C zktH&g??A6D0r#axG@aRlt@^xoj|sHFUjJs2AD-KOd(4 ze6u?{_!?T=N^!B__8*=3;3UhA+p1NEYx}^j5^d1Wqi$z}H5#@|5pcP3lt-Hj_15?e z(giqCg9B2DpU?UaP7!|efp(OtqS^G$#(YMOkacabbOX16m0% zeSx(Cnd67upcnFw*A*BmCGbslh+7xgpF+2Wt?jpEPA^3QN>tw!;w~Azdg8^KzyuGeiLuLPUs^N2 z3Cw#pQtsk!Fn_3%0K<5#({`T&qIJL4=D{fIWv!qAk+=VN^|D{M?4Vz)3fAWAot%xTKd^mE@lgj9IM`6y{KQDpmpZ*OKLP)a{KY%PmEkVY5GtBUL(#(vsL#&_lbjoq9JOD@iF?IUs8 zi_l4@A-#^|hQTCaR?-&wX}Yh_u?5j;o22cwY`3h|8pq1Bg0mhgH~%Ny9hNOug!A@* zeJ|W&;W_uoqn5pKN8oE@J}o^8#r8?~i!Rh})@$VDb;6XOF617nC`>8F#@6&@0<6Np zsd*(k*q15l#kZADHaLdx9(t^kUxgW-CNHG!uMZ&m+%&^0aMqo_z*@B;?c7Hp!8(Jx zog_{^7+4>l0U12_yl``PEcuoW(wknQEZHc>o+9+j7;>eYRbSO(YSAL=ZR6Gkk%??{ zb&6{7a-Dk9bs>f5_Apq1M0wOL)4i)Ip9yYlk>Gu>_iZ=8G3H<_f49)7Ij(p&>LPOg zSaxRC@7YnA`C6TJ;x>L}d$y7S&T>JvG0a338-R1RdYUCR4Ytstef`j&FDB~%vAroS z(W++W%6Hb#=j0QzQq#VSu*xC4Bw4e|qWTO!%k#VeoZj=<7pn$s9fK=P+ec&(i(fwT zfo%aW12%aD`0?^B*b;&8A1Iqw8mNzo#gzr=G@Z*1e1Em_eF+x7Wa;oy}l!Dn1a7Yod6LPuF!9lnU5x}Da3tH=j5|i-7$YYP1N)j=vN8z zhaM~?A%rP1o5NNfv|_e9W#nRTFGlE!1F9M2=#b`AJP zfCn6MRYWSwkV@`C7lvMp*k|5M*B=i*iA7DDb=bNjAO)wV4urm*j}sHOBD)0se1E zA*o6WjM}gim;Lu80>-Kkk2?aff>BG!YGCq0u7wdQmdLVVmyEdgPh`c^rC2ys)=@6D zDDue6zF6&c$&fp)dFaVG-cWM&@aylRTTCVS_P5`g*$w$r4@2=};bJM{ek}&_@i#Z4 zPSQRrE-Wcl#6H#!e;jJtJYR$KAUq#FlikpR4h=?|6X7=*!i@dPo{&WVEA(yg7l+LN zDN|H;L2b)W$J&%MNY_ublbW|>=?ch;Plr@#@4YIgHr-Bs%jwrw^6{HcE%0h71fQ(e zyH)VCNCoCAoayuHYjx3GJXx@@F}x~Ma*7@cytmGTUX@LhCLgu24^xsW`8Iq;W)?if zYqAn06sd)^9BodvU8kqQkl3~sv}`SF@;a;XfUX=-uMi|$ALS+({);{C6p8XyHg>LH zAzF+*SZ8H*$lk9V_~_25iG8t!qOrvGsjig1yOA_LRz`G|m#;e;L26(Q4nl`z$!HnW z97Azc@0YJb_P&vmpYDEth|e_gSkki%!J&Lk#4Yw=@t)RYVV9B-tR^J{4DJ7wQ*{S@pFD%@5?Ca>}9<5blgOY>FW~T{rT3kN} z?54EjtG9qP54xAe?ss}G9?#Lc4DX)8W}fGsCUF^Dyb3P=-}cZucZS3F;?x{if5HNb z$f||TUDyaf1<{~;$wX$LojH(Ij&athyvy?STY5`iz<9ks7m}!JEY2j->5M%u!*j7h ze^d&l+Qe0+Ao|yRMX$a4D^Qd9@5O7|yiP@id(~Zcc2sW9wR&3Vl|x=nr@Jv~^*8o^ zl2lt42^7dU|K#hd4&sS$9ir3N#$BEM(Xa)Wqb^AiIum)7cr~P*>gyvX*u|GjC(>$Y zW^)e7(%%PvHZcRjAc5bJym4hc|Fqyb8#VE{v4m1s#7h>riYw)J^<--Vr_v(5FrIKN zJ2jq!ViJ{t9gvQ6l~-;rRX18E<4H}nd^arP`McW=25MP|qkphiRZ5TEz-J6hBJr{w zpt4l?lqnvXXg_SP-s&yxY?I5L@!*vn;^i+iXlS>)8=I5q?kuoXW`H3t%v(-T>|HUD zYcq#HW(^k_J1=`$2KjoSdLTe8ps6r)&|{=}Q)SFNJlEyA0s zN54VPi8Aqs*2YniR%TJGPrh=*ic)Wd9zTP&n5VMSm}Yj2rs!dbFh$Ppm%jtVA1P52 zPB0}M9UT;H$g#os1DKBMRz$`2 zaD6*wb7-!s=;a8NW8|ED%S55ZY{d%?O||Z47J5ulDLKYbQYYyRW9Ebo6nCmCqk8(# z1RHy?yX?UI84R+R#Y8n?Zk$^O^qu=jb0acSTzvk~>k=Xl;%PMWbmiigs0n-m-=fRr z3LXEB*P);`EEx_W)qkWl>I~(Dt8z{j~|7(=?pR@gQwtq122LpdF@CO5bFz^Qh{~s|x@q1=x3X=S<)JTGQPe?@kF&@wVI(9+X0v)u(T zvv9N0({tSC;O6BMxF^5_5_%xS|KKja0RLYP!2<$;Bt#@MBqTKa%=FCs|BsKGP5>3r z?J@!&J{}j~78M>o72ZuR0EFx3ZM^?D0RMU5-NMK97f3`*LW-+UPYJk%hmU`Y0RQ%F z0s>s^VBB>80o844PSHn%G`g>VTpqMyVafSK+>dLz==3I#JmRlC!-+}g85o(E@AC5T z3*3{Cl#+fZBm3m3vWlvj`ZN6(28Kq)CZ^Ulws!Uoj!s_QK5u>f`~xE1MMg!(ypK&u z{g{@X@hLN_ps=X8r1Wc9`S;qo`i91)<{#ZXy?y<#fx)54sp*;7x%q{~4LIW0@6E04 zon6$?@yY4gIr`%AFS+ml`2P?K_xTUO{wKMpaB|%uAiyU8{v{XQEni&0ry{t`DN0EF zNEi6ZgN92ijEMGea(+!0F}JuLlJ2$V1PMKl#Kv9JU!whoWdHXB3;%y5**^vQmt2bg zGJHJT;NepNz<|q=SpF}!{$2k48~j@b{;dQ5)`5TPz`u3i-#YMb9r!<|1D~c;O3AtK z|0r9pt<@#!ald1`c9u^G7zb*e#Xz>|Am`(S2b4E}F^3z#VZM1AE#7o+3B|<$==y~J z>N)6m5q!06#K$wb5gkKG|sKgG4<|G8E$WvsrprveerY^Oa{cX8kR>D%*v#&1-1wAfX$;qYA65?HfR( zBePycclGn4!seYd#|Ug--why`L~#m;Igi6$(rsEHbJ4~(fS*ot*h}z+#tndYEegCX z?u@GiLY91;hS*+r>pwpk`==z4pnpE)SR1W{5ydr?{g0-AuvJFTF>^g;46VC=4*n3W<6DDPN7YIu#aC z5q!rvt(5T9M9d{~SdIlFCD|FfhA7Bn1%kXN$5S+5GJ7dvU zmCy&+IvrWv=Z`1ZKkDFg0T0D>(z7wwkf<8#JaSElv|Hn>Qz4AANDxAg1v!1c`l4j<~Q#Rg)R0 z5^o3kk+`RU0?YQX>~mF;MH%}ku72)3ENcB;@iv|h_lyotNfl&4(mFq)7Qu%a97+&s z=l%osKRxzmZwq}~3l9mFj_(Y4wgKI$to_PokByrW11rj0C(J>-dQyCkJ^(<~UfO%# zG@dY|YYr}K2Pn3n7}Oi1Y#V+=7A;+s1br7h=?;fH8$hl$x>cLXH~guzc7cZaffM|H zW&uBo*SA|X!++#O{qUdaFR7qZGc}l3HM~&qI@vMRsos6o71uRYtdXgpRSH`>;&KL` z?ye2BKffKcUM&SZuh;{FAOmrgH-Nbc$i0i<=acXzi(1~_udLKF2EVFTZ;it3?W*l8 zjXzHQN?&spBMT?jUT<-%Clz4Usj5dR1Rv|8NG@k&E#Ao6$-;u&seC%?q05~|A_)=;1e|znG5h<99#&>X z!=|>WJ@6dP*n^R2RphGRuIX{DNGxB?JKu!9f-q%&d!4kY1@+Cver!Q=>~>uT8X1Se z+C_=2(CVuF-4G~X_Fv{vM{d8DhuZ8oO#0=3Pv%_^HW~YxgyI>$0zZBPI*tIk(b&{r z!o0cgF1eh&D5q4hiA;OLJmK_DS;;oCA@8*hX;lAjJ0b=)^+9;s<0ISfp^cS7^WNQ( zCt*$D45u7MBZ~=Z@!nOI@VD*P@J-MIt|t6ysSif+r~S^^RM7^!)nod?l?Y9!_-rM# zsyfY3Am7m=J;BD%_A=Bds-t|^ntqA5CI!)|zf3frI1lAV+ZU}kv)`SrC)W%7l&{9_ zn6>cO_4Uv#%om@nu*8oy048(@e9E|KT5(M5x^PH}+PrKv+apD{#a&erb}BhG>^0%n zCY-$IzG|)|WKd|J(Llnzl9KWk5TB^xKlaMvcO@4QwIs={uOJbx#QNj8?%`k?^k%=w zFY%okaHbcFng<9Z&?(QZ1=OlPkr3ul+V!j&P^@2xE+~^O`?X2;TW@HQ95se{p9Q@R zXgq?_AY0$AJ`MNa`!pPL`I0rU{vh|^4Io+E;06FS#2Rb_kToyGo_`Zr4k;bAKB-w| z@y5bhM9$?K5J+f_gvdQ@+Qq_9s@H-vE+`IzXGwIsZC$uol8q2<0z`1^k`LzbwmH>AzWA=mXd@ zem4FRjxQ&L66_!GMxAHvbtbBX2oLkDH?)Wsa2A5nH9uJlGMX#Kj?&x9z5ND2je<@0 z4M5z#ohr(f#7)&X>rytK>KSldR_-7M&(7-X}HLCrL0g(c>~Vz znP8vL6^HGr@XP^fQ?~9lYT(q`25`R%2L!`$hPKy@@DWMVeqd zdqis9mL-DG_vtH^gia~Om$7RUbZiR`XP1<<*|xBh!B*HdvkRlqMY=0xu6;;$aWD;{ zH&+|q3ANaLG&=i}T0-w9j19o18B`#l&5(2&Kwq7wApq`fGnW#krO`8L{$*IO%hnj< zYNoFt^iWN{xtKz9OqtEut#8uI-0$t|EE5;|)0#Ako<_Rg)PBDG!V6f~ocP|EBe?rh zkRZGPBo$qiS5=p{Ve+EyvDOZgD#1bipA0N_EZc*D?}ZW`$d+cFJGcF9-h%9Yd~XeL z<$dd`2&?ykbz=p&fsbcnPNXIwk!rahR4hVPvCd=4r>+!KOx346=Bh?9Ho~!=Z77Yn;SpzqKcUx*VfYQ9Hb6mhuc^G>GIJ#4F1E?;= zMchzneakbTNTFryXQ)?SzxD1!If8|~PTs5N1~3J?zPbVIO+_cvrQQI*pz}kVleT;& zzU{aRTm6AU9}ln)f7o@E1*C`lyS!s@fH`ChAA^HB@8+JtG?K0me^obRt65DrIMle} zqu4tCSZlhf`psdLt7fKpadpOa^{dt9bFy0s*Si_<^3ElGx*wf%Ruz98<2A-S?Dtqs z^sBbtXv9R@;yO!?nXPX%Z;-}vFxy_1XVi!hT93QFR6T~$uso)9I_j}r=rT$(wp3AW z>|Y~Z7AsFs7IXLQBm|>&m+R4~8)nS}&Sfy#qII4Kg1HQI+{WhyslBhJ8yh-$hL$&g zl~)I|tynjT9-*|KmGjL>U*uC%A*BI*k0iaO6X@;+=IIT>6GY`FSo`gtuF~HZg`E3u zHftosTQW69+N3Kyb-nx6AKxAJb)_$8kAJ%I{_Bqt-^yGDp18nVS8m&>+xrLKPxPD| z@)fs-hLn_kc&}G;(utnhc>8#mz9_gg@&*8}C_zdm)IpiemPZOnL(_j7^iJ%{$iTd| zoe`OJ*>V1b&50^mb3aM%mEI0`3oQx3ccc&SNv!ZGZTTd^%(n>p^MM89#9Wj8Y*u!~ zt^bEsLYaoOpB;^A{QmPqCGc$R4Pe8@0rc0fby#DZBhcA*ZU78x(shu_TXQt`C5P`# z#(fviZ$324RhXzQ5~Nt14>iW_y8{ub7`{vCYX!(!2e!@6CDq(a3TY@G^1cwdNz>WwvoX zXyv`q;A!E~PlYVS=t)U_NoR1~;^EOb-9^+LWuMFcGGa>$WVMxCw-dIu;{>WZ2|;v= zz%H_OBV48JgiPiem1zx#{!Y{5U$XpPO_A~)@Hd2kEF5?bKjbQ=b;3#;&zajA^j&XV zm*pFb5k851%^Tm+(3VxRHvn}5CVD&a&m(K*Ed%D7f6X%UG9u_vWAWxd>?sZ*5XQ6@v~e8Bg+`9MUSqRFY^u^&q-D@ z_kLKE@u)dbM6}>#5zS|#(q3=$hC|;pw+xmOE5Y<;q_*$ww5mI74TLZ_y*T6Bb;nwN zMADMp{*_-~`ysyv^gL0}%c5?oZ(n*Y`4*~ryr+z<&#Hz#KXys}`7Ssz>>)-#((IEE zhjU!%0;_Y@k*E)w`bzHXEfR_SOuCts;=~9pT4L7$@a&Py80*}qqDaCUpSLc;wnsJ> zA5l?kIKb)!-)tY0Ua)OTH(}YLst78lc!rvQY-VzQq=d<_G+nY!?^HZJ7wAcsmi{CE zgud&Q4~-a2{d)w{N!5A##EG-F!&dAOu=^u8kidt)==0Lf)NV#NKhq<3HS6WXne1}o zWmB!8wJsPP^;@xzu4AV4HMOmiheeaZ)>J{?2|khKpDXOmwUbyX`xLH5hP`Tz|MHP< zMP7>N+8I%y`53;EY-mpvbrtqaa1XM8Jt7^sb*bUV>6WE16mRlz9l3C;)>H36mcv$v zfK#%WU-u>7e%TlXPt)_8=2^STREUCLIXbB@!3r+)^RBx%lOp2voXG~1)IYh-@N3O| z=N^%%GN?4wFtI7(UA2GoB0W2gIdc~AK{0G>L}=^XDQB7Gldo*3!&jU3rSgzx6&p7I zk{lzw#&DBGiT5#{rA)VK-^R1fZ}3T_NU*(xkqIhViHvMiOrL`8ppBl@C(6}Rk2St~ zl#bDKmu)q5X-(xx{|$cs#QpKyeNoZW@m=qw`BS%dc}M(w*S@KjM&&zT)CL0rGvW{G za_K-uCbTqMmuohk3_#5%JN{wEX999vtm1~L&;K&yl)qd0M;E?4CDvac>_nRV^){&Mef2huNK94}*4x@YMvXnN4uodj-VS{jQbCpbUf8jP$~P&7?VV0 zU~;Nj@*j3yeVXr-o<*#$(;XMiwo(Y0-jD8%c&hIu?`WpHZ0=VF7E}AuBy)F$TMU8M zB~SA9t7O&l_dckEJ=Iqpm60LG(j6P5RE;bO^}NyZ*y{^czmiaPz3($u_u_#>^6g~p zwa$>j20`A+SG>vy3#A2&X3HBS!K?OM)7YwYvjo$*UTH;(tAR>2j+`OjQ;xb5R!D3zymFF%RF9gjKYZX&Sabw<E1sZ5(=E%^lze>M2?efFr-*6@@@)K=C74|C3xm{N?H>X zsr^<(noBxE8g*{~3BlZOA?GW4BAX-mL(vAr+vSj`8t{fR5Ni%O61f4G)|;e!X(r=~ zFvyckqOV6AA;Pc?-E?Eu@~~_2XKN%u#sS7kR@W8pZUD?@5VR%(HYn-(8W)i3LAo8H zlW-CIFDq=lQ>|sc)q;n-K9){3feDQ0U#7VHlZT7i1a1IyHvqPrjtyCgJK5 zE9ko98BMW0U%5is3tDVU07MKeMxMK^?7*}Gb}K8heiN_N;U{KR+Q*z7e%>zDn6F@W zEBxQ-vy)tuv0WHqtHYz9t-o|>G^JVm<_3_y zhCZYl^h@nqBn%UL;`^1b*|J6@(``#_JE<{b5Za$%P%)p5{2j^wjtde+Ao{_y4T7hq(&n1-$`_IPIL|T>$(3!q=vE zhYQ5ohP`!_ACT}Dg#MihzRBepCP3s0alt$;nO6;gW#O`U;N&k9qUbc-8j6(F>GTcY z-o|UEKZ?9J09ZoOwGa4`++EGX(oPT^zf*`z+5eILM--4`rvhKb8Wi*UnIN3~v_S%Y zoT-D=t3H)1gEn4G8%mg-?o9ViQSm62)Rzu3?!N!LXm3WiZepuhwWH0UuROV$-ej=U zwE1yPezxTO3L8Zz45P(^!@+zvfX8&ZmwcD+!D~0$B zOV2Uwyg2EIYiy@L*_D0ey8ga;EYoNmFXhRSh;y3e2G!rf58%z=nqU2m69ark-k_7c z&6XY_9>6zkdLbe*=ati^-zEF6n9H@~avRsj7GJ{*XI|IOc~8Ag`A~8Hjme9xc7LeX zbcs5mA&dLdg1Y|h!@i)>4T^;p{TaQm}UJb<<#7>sr&bJhbyV} z$pR5{-xXb2Sh4xcRVP!a5sX5o7fzAaSE|;tNmS}wD_Uikmw4#d5!*Q3hNohTvyX-Y zbXF2$oqp9?jUv_Qz8*8t@LUGqT=nFnjhIIAv>ys>v0Xh)OiL#XUUOEyIZB@pCtJUrNISNA-$SP;PN>zk-Iga75%dJkFI4Xx{!8oU z9Rq9g#Auo7aF)72Qhg=@X~`m+%+H0^MqTB33wOT7-y6jQcv)aGa5_g7OmQr^g(Yo{ z-BVBTBc%Jo`i(6ifbc&qg@Auf*$WEA^3&=83S#;HR^`8$Ulq&c_Kg;;NV%iwO0Ltyu?{VkFy~HgT~FIJ5-y-3E=o|o0qFBxovuX3#lQKvE7y|ii)wrf`ga1XecYMr@WF2KK%9(ZX}Gqg~B$#})I6p>Wr-w`hv_UfKV z_fnDZdE=GLC~(Iz8SdfRML$fA=JZ%>1@{d=8mn1STb!wO-NDcH3W{CS$^>(3 zk->3j8RJuFYRI!w7s3CGf(6jH@#XS_%=u!|b}xc z%1VV0I_=fZ8=3rrN{QVC!ALf4<^uff>33;_507(sR3-HY&*smg%{FI)sou)h*`ARy zgtb=6@$s%s-QJ&bhU54BUKn;8Qi?hlpTf&_sntuKze+QK+4ThqH?GgN>db!cp)G6? zK^w}0C`2A{ZJy2Q1k=?TFdGW|JYKowaA@t@WM|0AaU!{s%R(c;cR)jL%h)d$F#BSS zyk6X&=fj#YjD>dF z{r=H?hoY399>(csWv)vR;<_I8Y|9gpgURb!Pn9r5m&vPj36q>HpRfYck{~LjaYu*Q z%MgEm;E19e-hAMkG(wKZCzwQesjZN;Q2354rSoKw!=gBS=T}+0L_x0eXW=MD&GW<% zTgHdg0d>oZ4u87m5~S^dYKr{`H8uLvfB3W)v!x{r-d*_d^$%c7@&wwg9YyI!Z5Edg zIopeSH*d~6L;AswNihwkfvj3GXPDS!id3QJHK!Upxtz=Q6JFCFZ=H7&xxG>bYSGjB z4c1?(^48yMY*pbcvK8#HZm$gXx_)EzM4#M5^ry?k4BNA9^R&g5x0f@YqoXj7S^}-8 zcg>_-S7^SRlXPsD$x8kLmGZ*D9 z+tZPN;J%N(loxvIsZ(??D~w_+T!zy8UOEq^r`U63L-c0G;{7q56(*1Lqe&6;j zJC*=Xr?izRiy^y@K_g=wlWjmvw9c#Pr;Qmk>dx1_1T^S5YmfCRs(ognDmtEfFEo|| z=d67n`p@)doSzj=Dj`=WHc?6|665def+`shg&BQe zEV36e-oULAas1t;QJg%t1lALMda8qW<97H%_TL4oIBUfM2C)M-fD#<$!m)Ug_QP<@ zu@2N4w#`{ri3vP^12|c_0kGl_%D8v@X&x>x#GTI8)8eIGC*$x4ZvMqp#aDx=|KseR zH?95SriuTmHTEA5H2z0hH-P_aEa?(QRKrDwr+cRV)eqdYEnG(;itH;dZUCW>|GWeP z9na%n_jLdmhj(`xu`)P#ROQ5v&vymFW~Drv{!Ym2-?IE~khI`u)D0kRU!G!P(5K3jrL4+2nOpEp`B?fxR#E&@C@!58m4$S> z#+QF`0|?>7;jTKoKi)?1xW(8yqj&W#mN2cxsrs4RKi-WAMNyRbIpN_R0uKjID)QJu zIQP~l{z$OIkt?pcFvHy&^&3pkGNO2$dc&XD1K0^=0H;3$!_b*1!l@oBvSJi(p1kLv zFG<3~&s01qWce_6LgOT5N$d5^wrX@<=UZ9W`!5YqyT8(7lp=lmCd|XNh<~B_9|VpA zU6lPnaf*t5R^3?cjtL)9awm-n8Tn>rqSyRdcf< zb$V@%9>&7#5uzq0%AFwQC&TSM6#ZuR}M)BimotIu~V|6V>k+@lT51|+t9%4jkEBw>9ho2CsR8A3f*tTX3R=an%+6gMCuAs!Yjgx| zI+@c&?jiW1F~QLG))-r8!r)pV=RhDK5XeJ)?LT4s=w3NyfFYuUI|mi;T$PJC6w7;Z3DxU6{i96^WA&bcZpnL9#5}ld26u zqW52NfP{>Axt4$&jli<=FQj=?id=sB7O2KZNywcY273Ce7dt{Y{&*~3>YLa#eie?- z0=vpSASw(50g4H**v!jEvmYIIHwLoL!Zn3AN-x}ffeAzQ?%eV5?tydS@HI-bct4o3 zmARb?x$Btj>`!att`PsA@~T9uf{8OqOy(5okFx4pBMy?98H*~J^kGb>a~jGDu6s;p z$P%jC<}o)Js%SNHN=g+GTd>E$OCT(LM zBAz@D9#B~~$Lr3Gcis_+vZ9r+iut}vwVnPWp8WOK$>3@U^TU;Rm$%rRlP?rJ*F|5Z z_ObkEdbmT?%g9X=;UXIYBV93@=0Bpj+D-%LLa&WreS~(;FXYsYw4tVt3tRUB(W02< zP(md`MAx>n^I1+!v_3j@orUz9X8m+H)8o(7Rbm2L+s=8Y^Kc1me9RkkpyS52T`bd~ z%iRy^0zr+7FMQ8v@fr*L+>~b_PTJItmnE6bUa#C7cw$$k&Ygx?0YPm;NyLZJqVmf1$2>Y4SLH>vBJp+|>_pS__)ScV(Gpcpdg zI$Q{R^2{j8uL7${p>o-C11QXD8{2?jQbmYv0P|e9J#M`RA?^{YwjP{LPo^>d(^+uYGHS{uR)P+ng%9RCV6F<9(Qn@nKwM2L(CWd2Og@R z^%s(F0wsZu)Piu~uO+UfC#HuLVQ5?ypC`I^?Q|b}BKd_PvzL?_8%V_zfQJS-VBPiHyP&|mvn9++6p&J zei@t}^J+F!F>2}{GAFYBYw|D3{+dIt^fv&pV077@V4v(kMpO_uxY8-<`{bm;L1JaV zZT4RufX&bh7s<6)Fw?1AnY^68aB|UO^!3PKIDe9jy>9ao0nJ=ZCp=WKv7lXJx&&R1 z3=a%`qC0Ifa}xD|7=QF!hZ^$k5HD3B2KI1ovOPAV|Lv?51u*tBP9sP0ZavMQv+O~d zF_OFMk8!B14;w#zc|p5M%}l#Mki)d=<~Y>q*(B$OYOW?{KW=%-$d7Kx-#q;k0?5KN z%7;%Yzxql(KKii=vqK++UmuCS|UKeBg-aKPo+7m8}Z9 zJ+3r%r58V$6g2#3Y9UhMh)EoX-Z%<*fmgU8van}?k|3=>Z<*yz!haFVrxON--vQ5x zgFc=j@*vMr`#NfKEAk)vXcIW=o3AWk_V6iqUFBe0pXtv!FXyID>hOMpYRBGV4B#SU z&vS*R{uor54M*r?O0gsla6}9W#=GJJckcu>ZU8Yk46z-1Te>*a+H5a_rnOT-1}AW~ z)9wShW_Q5f%@TZv9)bF0^sL^=I_$bMX>S`{;KBEAcTtcGOhcS0%Z(axyUUiz}~ z6?CqKOesrW>t+1JK&!`5L7JtUjdeRe{_YRKO(FuLTTei#~R#;m!;$8nCs8wK##%iqVv519V=F8WeaijJOukJO8;iJBmV^_V#J)@ZP+r5$15lG;ovot9JLvG)$Y7w=;;m?|M6-ACu1*<1ie|zIJymrl~#dd1hB8VTehw)katU z41(1oo&>N}4Yprnb)3|$7=tU^Su{>7PDieeRu%%i7>;VEWMsZ#gpfV3kb9G5u?C@fhWe#(yk1Mr#KKzgY~9-Hv;kxDCw^aJ@yj%z6R~fVa~Iy_mpq z%)bjupE61CQiy9D`7;1{57F)SP)9*GCeZIU23$BgQYOzv7R}sY4+eUzsVPeFqPh91 z)i_v7a*({_q;QLdmW>fZXEs*u*7O*dpX)@_A=4Pgalg!{Y7Y8v+ukG6E*h7RV$EbY{tL*~+e- z@lH)j`tfqbbGtVi4GBE}Yl2JEJVLbxL?INU3J<&iP;BFDg4cOTKAy#dju*CiG?snr za(EG+=v-TaZb2-WnK=uwYy^#)J`R7FuOS!yweSmozZ3cpC6$Syus{i*Tsk5|B+Ss+ zBVxu2n#A{85AXfTncr0cTrvYL!Rv=TxXpF|?eg|~IB=#9-e1lvWhLVH=G1PlWvSQ> zqlK*vI0r=Z8gF!UgN41m@*2@5jXQ1h|SI$Hawk+i?(k0$s^Hc1&6h*Dw)A|bF` zT4ZhwoF$KX`*>|>O-!;})tR=0gK2Q!Ex^5}B*5Sh81!u1TRVPn?tN9=(nj%`(zxlO z*-}4`p_>Tci~AQ_?Z*MJV`ypI3O~M|WsjaVvtQtq-KM|67i;U=oe6+nb}9ta+HTKw z+sUBO@@A+#;~(EATvX!j7NssOn49)BP?IT9M%*i6JvseCrVZM&q71V3Ds@uiMhD-! z0oWdT@R-`}bCeQ9zr0u!{TxoTm8Yv?UKh1g`U21*Ebo9o0*n`{8OO^>jce?E zat#CO@+o2u;k8&WMk%|~l0tRrS%S5W*X^=5p!;|kslbS^P`p1q@3Tg8y!x!(|t~PNy|5!2P z(?Px^Ni=>vCe4l5adz)#g+H^D0@Qx4h{@jZ<3LT8VbstDRTy5iR)Y-%C%Bm!o1wZA z)d(RRu#(6|+zHnGpd2iKY%%#h7XorH%JPmyk*XEg0(qqkNQQ#D2%Fayxy@=OL+JJ> zSJiTZF%Y}PnB*U-JT_t2fniYTWT<5O9rPHMrsLMa?&Ld-8Q#?cnlEV{DGGSE&Da{P zS6iHrkon6+2Mk{M7zYg;>;G~7K2Q!th-rF#WYrXr$$#mpAzEzIB^1O(VL*t<(zoMPpVzs+$D1a5u zN;PEMl4?%g@zutPpmJu)sM&R6x#Dj1RZC;Enl z4?`|4tH}5!b@Kq9PFlRSe2fv=Lb3K0c~U4>_^w9GB$JV5y*^7io*Bolm+Qa0EGw#3 zF%R0OH&ZQ|kQV)4qKDF;mNUO^`z`i0BN)4OEQL^Gy&>!69Nb;+RWhKMY=PsYv ziiYWzu_`Us)@N^#>Cg%*CkEN5AGH=^cYDgUDRoBsVwhq++gy$V)6qCkg=N@!52*)l z;8Mfy+-z{hb)}km_WV$@MLH-)JU$TK9)rxmrE-N17pJvnzV~m`}Ig*ewz@klLS`)Kz)&_ojAWG*L!Aq zmKj*7;qTn>+FX-{b2UDiLxn;`0oR*c?930ySz{uGs+2e=ufcBV=TeK^g|4qP_rp<- zEQF6$G#FW}D1s(|T^U_z9GE5)VeJ<%IUPGBq6s6pX_G-VQz4vaDEy75qas_DnuJ`~ zb)FAf^V1Kvs+lsEoGDcvb|Q*B*kz{_xmNv-d!%r5nDS3FKHg&r8Z>3-1U z^*PZ2-^~JbFc*CTaG;=b%4PV*Ty;9`qPWUcxz>71lJ6zc8ws12){6D18#EriNGo_l zq37|pKNZfvp z=dIi~fR}OF*VJjpkVwTle%bvYG!xaYQCv%Y0r1-&Oh+WX`@0g8H;A-MQ_CDKwpUDe zZ+j;&_h{CSE$km48k4{)$|T@NN(}tffv{DD>Un)#Y9CGM~!=j`QAGk$87R8%}A^js#bj3lCPWyahCm z_L}EZd?5anqB>5&di@P9A)aq zvUF4fUD|M3EZrRD)>PHW;k#UR4Fmkq&}B7ML*Lix;Nk7t;)tzxrKqHyz$H0G%a7_4ecdGF2lc)F2XZ>V zNj;Sm;RPxS&pV7ZHmnh7N^(EngJ6FN5c$3k-0nrwbh1s?)lkhqC#Y8db8oHJEol{m zyl(aIb5iped6eTzG#{fYK5Eqr1CX5#o=CUfcVqxlV@XM~U8FYWbcwPO+CH!Qhkay) zvJHt_cW`sC0|@6j6%@(kHu$2cS8iS47?2Jh!p?K%Yxs^~<0KR4E^ERFe& zF$a+i(iQw3>9Vh@yHpoqBNU>_Ojm2tkJSb`cX9)5ZduLm?wZKog_<@TlS!BFgLJnw->J30O>lD0j-nV)W1&MZb#ppUxHkyb!2QUmf zC+XHQat63Eo^)|!q4I9+ExJX49j$0qo#)i8oz62*?`;YAg#-js=P6}ziJu}|9CNOM zB#dvoTuvMj5Oi~)Bvk+8Lqg0-7N6QV@JC6J4!0f-Uok0GWJ10ZVRR`sv2EtqN?4LQ zQgs@>t}yTD1>ad&ea}1ot0tlFXpBsLR?G!Auw~jK&P(1mfLO?#leIgK?nX71EEy|P zQZ4ot+b987sPJ0Ak$|9{U^sbTuN8BUT)AKN^Q7m~*d@CX+OUlcTZ^jtK{uE}#WrX$ zuP1K_Og@@V8(8g~nU3J_`rSByI5osg1askj5q*XIYitt1c8oSrqneK=O;$Z)Z?b)oca1gI}Sy_tc z^e{UbtGm4b#NMhurw`k3b^&i(mqzg!1p0iV_qvmRlx>dXslhnl4`ZZJ_ygCUe$T9$ zTbY#>6%{gRLW&#B8j zm;qAUm0wclkolLm2BSj*qKPL_;f2wvBJp@3a_n7Q4)gujqYGTGWyKMjZhhY&%z&jL zpF5Fea%x>L+BzNJ2S0{&!?2AGYKuLF?^31GxsxWUVwi?qtw(QC+hFHOb4;79O9-jx zuNYx;raj`2ymw3c$EUVl=MQn5SEvTr`=KcccY<#Ri&yS3yS}%ZGwr*sN@&9MGlTja z=uvLzVtX*U5jFRC#=8P~$In?)cF8h{v$!eYovJ)}T#vYYsg}En1Aaa_6$MkPN4vQ} zHd?}jt146`mUJ`{NzrE+jUP|DhekF>Lcfs#T^@}iTkRnWYazI~*$B1dtS6k> zB2P>5T^s2cbS#v51bM`O`X}76UFb~sZDeC;{m9FP1)-|!q4Tu%7ohVgA%J@b09_mm zAB!_RjQ%nuq?KX68QG@yG@JWngu)Zs_uQrA2j+j8E1lk7894^L2}pqNj4-Fy(=>jB zOe|mjM0^Dni|j|{U#E62j>WiUI9rbW>i+}z{n`3%?Y7A$(77{c<9YzKb^tE-iyf%@ zVV9L?{V}+^K!nrX1M{?&VyqtEg6^@L<+v_w1s6XmU+XI#W>wyw+?Zv!Ycs0D${ta# z4p*?&k2@7BA^xP4$~MpuDUE{ceYCnHNVDz(9r;?~ zqA)0qI6NVS!x^%{ktI3!PhPo@*F8VrRQtejzc>9M+aS+eQpoh&B5(G(z4HiIyLnCo zGV$hj?g~#j&w%hyudTaWMAs`VZx%t;yODw=Q)0dG^@4ASRLT9S_qBm# zl0!j(NcLJd1%vaCnd{!do<++T*Q$YS9+Dft5BA?5YeA2J#Q+Zwxgtl9Eb{POmBbBz z(of!Lv7okfPH%o`uqmAfV7>)-X;c*?j7~!y8=zRfIVdtUj0@|{su#C8n+5u)W!#RC z{Tw!a>0tt@U5m$n3NYfe-{Q_&Y&p9nOJI~G0PPP{7H-s?p-uiN;9j|XewydtX(|p>(ln!BMufUnL!`dyIUX3zmqt3-B;67r5P43Y&^yReAX8Piy`Um;( z56{ZD!9RBT+#z@&l-nT6AW6vAJ?VhYG-fN=K4$9N27)zae4f%W)~lh4`N+ugD8BE3 zVBpI3ZOLAeg*vG~xVl~KS&ZKs7bp)8qvHbz^U^bz$*K*e5{NqO9t8)wO*A!@W z@|Qsm(AI@PGT2FMPxCb26(nu*x@w~4_hJ9a*N!!r(Lf^~C6M3^pgRSZIAMEihct@8 zYj`^#Y9T?^Q#zXGjo1w^O7lxqK?zqOPLXGY$D7( z4^X_N2!q_MvZ}96uT-@0zS9+o)Wb zmy(roAbh_buk&D1I4n{)=n=9-7r7M;Z;W-MCOUvy|L%`X z>7U=}Bq^m^o={>f?QWw!?txI8xPbJJuuG0q>Ol?5&CA+ARCRSMKR!c0JIhq7*_W}x zJ<-9tANx#ZSo4Rzy&5>bRgR|VGL;THS&C!3CGfg2*G-`}g+Z<%Z2Ah%;w~*fSD6-I zX#d_@LxgJEH%sMf;+c{9cLSAsY6J3AQ^k(BmJh>PSqjnI>e-s(TF9&`!jyBv;_k#F!ytd!C7+l!wom{4N3$5jYdBt^FE`+hJPgZNSr%DDZae#70Q zb8BmjtqJ-ZA0NM%RtNYQJ-0p<(P|cW_uwEtJ!3M(rl~e{*q*PMfR1mC>GZ2SC-O;G z2xEKH8H>Q-pAF8!6zn73exO`A3TB;`yWK_@2oqU9o9XQ)cAUw>?S!* zmE@N8#2S0s5~d7rH_hm_B3j#945_{heB|?zi+;zAGx1@sJ^!scvU351xc6KsvCdh(#<&5xTAQx-VOWBYL)=i$Eb1!Z z0m6w0*k?A`rO=@DLs}+YGwxz5(ZSpvBH~klgwo}8P{7G0KmKMF@GJxcj0&0NhXpn~i`8GIhr z^%J@^T_tvDI5euA6HHi_MC@m#7d7kbH!C+^TQA(mI(UrWaJ}!5s0y5H0Y&Blrm!Hi zhxe7#@t@y4D=Tzenb@38?O+Gt?5P=QJOu3pVR^)pz#$({f%p|)@ zZxULPD3#qa%yt-g9HmytXGV73$wi1uIA5xa$r0qYyH6o_!oBwq+&dD2&o~j#YsFWN z-?@iq`z|tNp_Gz3vhkS1f|SXalICaZ2fj=pR%h{{UuE>E4HBkzH2YoQ5!}vCZ5~JP zg!o9`J>?p{ehGso=i0jl%d{30U%qo{;Rf{zy!SW69z*3sroz`}<*t6DP~QLKxn(mg zyLOAT^{GzxZ;3TnWiNblbGpJ1e=UK<*rSUo;DK(+naHTLG>Xae-w*@cHBr&^og)!H zr7QR8%n>73KB|Y@x)%u9fjrpx|D5If-zg>J|D4PJUa2qt=YIa5`}x1_89;g*-9oyI zxYX+T&h?(2*8j9Tjx40wXWO_Bk9aUw|M>f70SJQ*RbmI_qTG`;(+I(|1Yq-ANn$-P zy#)!#>xU)1zDvFG{(t&4*~r+3P41q>n1NW`4=vAUO}}^;KMTBquV#z|<79ww1sK!k z&JiruJw7Knin?-b>aw^v%eLBBDa!lld) z+Bk0DK1umlZ$&IV(uN0c5T4ek(05Y_m9HWSp}BZeK_CI)K~ii&d_ z%v4`LEfBXUr$;0x$9A-u)*IiY;Geb5@q$6fN>0;Ig6B9J=95XoCPnHroPUMgb((?W zodVUPXlv>s1my7SKii4`57`1OHwaHOueCgPbHIAg=*CyN*7yZs`7TyBNw+%?oP1}S zK@PbW#w9@(ge%6z6*-PnjD9sgF1q@(S=9Nwt)|hLmW{4FDsJZVH}jNJ|1u-yJEcVA zI;QxPT8PCvU{e}0>dBskSbr` z?AL2wIqsEAb;RR5L>)|Cq)WX}-f^b5AgU|UE+tunpo##b&#eDR zKcOar7)fH~+b^y`wv zQCfX$%J0AQ-)>aweVs$r01j=Es1Jbz+G zk8cBHSNN}$YLOq7Jpzlj588z>=|A1qvt}clxMnE8b~?*PoDtpN{P0vuw55$DPw-V(_YIE(RhKFb z$X==lcJAmQVz54OZu4jxgn#g$b5v=G2lWC7P98gK_tQ;*q{1Qrjn|S_?wd+=+&|CF zt0f@B!OyeKVtj#M-zL-$KsmI#Q^9_JB1HS6&}qw`!W(;3LGI&$iiaXVQYSj~a)53{ zfo9D9f-70cY7pA?R)9#y7dxtFuujW3mi)7L>*Z0T%j)~LT*Ya)=>1Ga`;Ya1+~xU% z+~X5SCEzZ%1Mc$jbztSpvd3R;Z-3>ej&_Y3`&jOCJZ|umG!r8-2r+po!I3+H-VdzIDKbtJp4hz;V!}q6wv-3 zPpxMBKKj?RyruJL;Dtd5Wj81H+#AZcLdeBi0@2wn&7agRzu)uy4OxuN*zZISy3!JT z^zjv8&e=;9ovx0jUo-^{a6>FRxQp8_SAYrK#6KN%fD=02ayU}{4cTrpIGP__@n@kp zc>K>nvetmE*UJIjOoZiuRqU^@G2pUKmqg86jw=N#2W21<*Xsx5f~8?HpZz;Bq7%f| zrCPTw$1HVa+>1QEkCs0Epe&Muh?@(*sAfIo+`LngyfHGTc2<*+hop?F_MVNMO%J1j z1o#5Ga?`cnkfjF{hjPGOPYsU0E|lZMhC07{ zAntrQRw>tX_F3*(&Aaps`y5pM>iK*ndr2rCLWV|FWm&4WC~2%nkZ!9bROl|~Z1N2x z!8ZYUvOT&N++R+|7)2J4^EPa%loRuyu*GV>+o(>*1*vAnW{!-mau+ z&Cf3;FIZNYBxT043r)R&D3UenB(Ux4d|19S#O(+D()1#_vdL$C&+O+3#tFn0$W{l| zLCy0=6xN(`2KLa10FRF?lb2$drtK>%#2f;5h`QXNlI8A zi969&0&gxC8|z1h_xMnQ(r0k{(cxksWATDt);2IF>`DYuX0y8lh_PRz&l$F&D^9^B|FcP1h`D4^#8i5Z*G41V4*BoepG(4m4>e0Akh;0KOWs08w70du)6uF4@!+MFL?%%7(8$r>kaM2LHgGoCipp_# z>$i0unt2_$^`_z{G+RBs8&@cQ!ZU~wk3GI1p#<5C$IPi)n|jqj=Nl>gYHxp$L~sZ) zz%vVG&N=ljsd5dMM|^aAGPr)J2GKWL6+_3Q(gVJb7vWr0mlHVF?IRt2W@WW$h)@R6 zsL-Hup!Npzt5PI3V*IaVFcr0o_vrcYbXBf1Tu9Qk*gbf2W~WE%u6qO&oP(5fD7`>) z9&=SF2tBhO;koL@vjUs9|m&4z5KU|ti` zGXpdd!WcGR_AOE~R?jznD9P4_KS(i1WDWMSQn$VYZ&d2*0~eJYt#opp8a;70@?qp* zAforPYG~~^Y&^H^ljikhE1n0PbdN#oi>3LlSkmk8A z4F#NXBFonf^uZhx{S(X)Y2ov)-!zph3QBCge)UX~(dr82+?*?vL`Wnb$m|QP#bwVd z!)RZx7$us$s~Ho2bhc=Kz^aChtx~!pHS{Q!Mh1()4_nEv=OA1GYYt|7-0)6r1852B zB5*Yn!{v-391)2!Wy{Q$IEJo@ew#mW-c6@HZ&i)=g_Y@%{&Gq+y0OrSUUppXZI(l> zO|)%=VB`m~6gW z6_HilIkFUS8WuKvqHa{o`RvNF>EloZS{j~MN?8SdFMcM2+p%R72mSvnnCM((t+^P7 zfcEFCm3y}R)n(t{%X73Tv8NL3&a$q?6czYWbT&|fHe8YnEC!S{_BjlR8g%2v84qQg zRyLWI$1@~hImAK=Qk<~bujfUwN@P_c?rRliGIj$~3HVXY0M~E_6H|MssP*U~;{J%f z@~uc{*QM#@}e5VU+<6jxK1KIbepa35Lj zZRFe=L<_kv%Vfa)=LA;&bpm}eft(NbqVU1Z-kjwH6)EveYk1vjOPpHnRo?QC8|OXc zWwz}}GRA*CJ?lR|eHpPC_h1~>$ivrm=$*tq;bm$xF5){`2IS=K*5aV9qfc$ud;yXh z-@b(eq9*-A9P02S@t?PM7Y*7k&Pqg)II>qeU7Q1^Ag`Ouy_*wgdfi|7W-d-n zGyaZkjtxErLPb@3|MoCT{{un6cU3{H{rXQF^e#lWUe6tB(Q znj%f#)7qIQaQ8|o61%?DR)pTRf12r=w^SbQG0C0-gc{Do57c ze2G~TU?hk95BT#BSwp?J*$y6IxX}zdQb(}baxum0nac&Q@RCk0&qtc-JX*z6ytkf` zyHvSH%yF`DNYAda(qf(Ys#NXoqE3CO-Y=QxQZQwVJn6S+(NQLQIJvzV~pC~&1XG^F46 zsZH{uYm(2?1LOB){{Cpd1dtlXIm!>S5i@23JI+uYJrS;NVutI?%CT*-!X~d)6a?hk zIf_bWsoTZ;+S8>HH3%n@(?6__JLHsU#yMJj2$r%};C<6x2SH8{1ez6x!{U(Y^dm{n z6a1?kPhAu}U7CEKrh`9-{yBQhBXgw~sfih~8{BwO9A<#X2Iu+N$5Xg=R|xL8lOG^+ z{7KpPF}BXEU3+lnO+lfH70n1%D856ZQZS4%fp&SiCSweTbE(9Ee7k9fbpDdBH^j^q zt`@Q;0#Dw3j#!T>k9J+iflnLx{HW(9`>JeZwf>q%&d^JA!jEevuhhAj)Tx+hDm!Rdt#PZu2WbY(I%X&00Y-2xxx)niMhy!-7?B=@|h zG{xo)(1io6ou*kw%iiBvG#HYO`suQsef@j-y{Ff91o-1_&{BU!Xa0sfS*JECBZy`&B1RC3T^%-4HRO;fuaIT^%1S2XyGZMB@bW zPSneSY%(WT_D+8#$3yQZ`VY^Z#G2UnJY3@l4m9XHy_+$%jRP)#esm-H=U7hLdq}m8 z80Ezh&+&&*9`U0phj*#lQ>M8`*3kClH3P0$RWHUBm>R~6sHr^BAE99FMh_R6o8j%c z{9gIq^jMUh_iNt(n-4bMV}6nkw+GY9U!aZ*5uNDEa53o3*vW5O1KKv;4|^f6Z~z*L zj6>}iqs-7P*(1)o6H3}H1abl>FS0(fH`dSvEm(Z7XMWFZNL?m&VIck z#^uk!c~#&mu0OMG4(+T%TYW0`q$bR!>I&SH^DBQikfw;#>2hclg*};_?z@Cj+10Ya zc}}hzNly!NzFiNFX=JL9nvl<=+wCQ33~rRWLJ;rn3}Uy@;yYdM5CW6z$hdRD(Fu@F zfdqG$phdvYw5;#EgQ%xGR#f*wkf!jr*>klvxcZZRxof`&=J$wib62kxj7_NfeX2E0 z0Fg4La=2fDue6dqdKEyi!YY)BS#elh^{knXKc6pRUL~yFNF8|y-Sfd0RRz!^wT%YF zt^KVA^x&-V-dtf!-?OjC<2*k1-k!G)jw=umX-%!d16gi2#`c30y=o72ss^x{(+u9wRmb6?$03u2(oYf$zof~Rwd#}80Q zTqKcYROmGGX!h}Ir1_&%%if7{y2|SE%87_eF*iAcbJNJ{_`gtOKoKaQ;=duqmcSA^7_8N`Bf)A)J$?CxuilCQ{}HL#NSyfpsdH{^};<}uL~kFNL)vFT>N z*B@~1%SwfZnac25%C+pS@>I#sl-8fA9oyXFgZqN50EGrTJLrS$J}92kfUE$!jie(? zwYNYi+Vf}3TH(Ijo6eFgI$E};eXb}6`Y=ekgNqt+i?x;Xgb+PVN%YTyk5qJec${j9 z5QK^^KFX|6e36E$gLo&+qsqk-Q3c2gm?*unJN|8%JQeUW=F#ccJ&;^T!OkUMBWR1==*+DpyJ_c99nra=bjp^)ukiLrPSndd=cMT zzJg14au(0fDpQx>4TZZEifQZ?IC*Ln3W16I9#s{j`ZuEMtnF~wk#-TrPk+S3@mqA}*)sLYlM4KS{*v?%&xZ%?pha1CGYYkK zL1G)-|DA**g22+FMKFOJ|rkP$uV9jAF?kCp;fYumAjJ3 zFnOgnuQQXe&-E|RWAqmQO8FafO8Pr=>iTkpa+m$z{x9p_enbEDipw+iOTHy`Rn%6b z0u1&npWB}z-|N6VYsDv3HOCe8$wJTBhq55PlZ%xJSp!5FS?HLa3WKLIB152}vDJQUd~!aV$sClOL^6@4lPpW+Qj z2kQBdSBSzb@a?y61C+Rug$AwUbfCu-?FijDXZ$4=^Bcl1rbVvH2GqAcB*4;sAmQ&( ziACr+IZ_hz6aaR1y}+iO^DJqYbon=*$?HuYl=#Aa%Z80@Zny0J_b=RJ5aK zY!2p?&4Wv-*Fk^5tr>EJ6NL1$XmQq+lr%$&`l-oxe7eeMBLIxrX^Brce)$+2_cP^= z%U`O^fff$BPJuBF&RoJ$p(`Hy+U=Nfh(Cbzz$$@^AQu}w^%)#{n&!e!id!klw z1x;a#v}l{y_jQLOGYzmf-b(~ji--XuB69k>gG7RXxXHQi4yFS3z5Wd$ZSpG&h{iw8 z_XA3-{W=HsSfo95A?2e+uDQwb{ zbfr;TiuzE5TuDbEPfc|RfRr5SR7~oiq5hS!M3E`!X8jPl>|K}nl>%P2WURpX>7JJq zHB|WA+#D@j+_*-Yk(Jo+y7Zf!2|p1yNcNu(`|*frz4K{wg64CdqU}8oVn3FT7g4=^ zlfWYDax&kdRi@h4R<|UGrnAQ<;5<-5Qc2dc8Ry0jXyYJ%O2g^O``kID)vrumXp6X!RVe*cQKdeL*w%GUQaFvH*8%MmV}?>2Jh;D(=dR z28?9|Q??mnHza;(5Ig8BI@TF^D(r{D=vT4$s-szdkr9;LX0+L23y-1k0O^*i!@z|4 z-sjvGw~;QV@1ps4djjhGAjo&0iF~b`UdOHPN5gh+rBh$8GPie+Uus~|s**>ej^jxp zMPtw?mrc)_d=sG(wqltkU)%Zl*;9>6S}F=f26urE*MMMYnKrBgYB#GgjCGLgEad}T}Y+Lv}|#PA>O6#v0b|D@Nh^A^JTTkbuQuPbZS8_ zbgVeWafVl=1$|=q-i;nzt-U7`?8;}77kSG!W=geM#jLTnVrzIYCrc)m(X^(STsNa6 z-ZonO+&WxLJ9YZ%)+BJ9l&?Y8Q@i^fQjl4jP|E(hqguQ9M^d<|;>Cme+ zseF6l(zo~C(xFf})OX*8>Du_<9!1W>J0&FJd{9oIbI#VL*Zi}N6no$pA@3Qft{X=l z!O=L5#!PzM#Q*^lixmtbNiWw#)3&x|P~3Sgnn|vv<$IP;tPbne8BEzsoRzT+`TI># z-OTcy{^f*Wu(mAqX_+#_s)l`e?>#*wA-#O>cHfD7;d-oOUHAkL2x6(-7$XJoDdAa3 zIA`jI4B2^n)`>yT(}!}is9>a;>IuZ*fWGj8NZ~^sQEZa8a*O7JS#IWD?p^d3KvMkh z#>YjlM!u&s>W~L>rvkL8zTx8Y?}l^CrHYw*AoX-K(Fw7E1x6vrRuQo07gWVet%)=%HhqB z0TzBKs#LkB_Icw4?n67=qaT6x_6CEGM1+w8%__+hon+R%%C)S_mFJ92AJ|H5#nMLQ zN-SErv*72)?w%6(+%wp?xQ(_cf?_u#7x7xnh4wA7$%IJ@vx_viS93nfQRjtzviB(A zxVz3a`Q#sFQUf9#ki18;r*Xi;09$qt~nrEprz@xKOFCau(^p1oP272W0-+<~_Yo4EP%at7~yN%b4^*Czj;Evvs zm)SLP1dyAH%nV}!C6Nv=dkx?j#Ha_*Im%V@HTBXjj~CXMTQxdS6<_DLp(8K986;Bn zF^~--PX=0erzOGl_~j+C*P$FN4a1F^NB@(|o6Fxx0qGVAanz`v7lHh6ODw?Icv+%} z@!%3K!=ECJCP$h0GT(UqM4_@=S}5C6%#4avx$Nyuif%d02F;rj<(AV`M73A(#3L=JM= zy$7z!{K?ONiU$pmw1BTn{fGH}g?tXxX$ZpOLO}-q&U53dmaryQa7F0i>-Z^D6H|f_<|R3~_u%RF(iIB?HPi^1or8{Lp^~MS)PwC2(ztu)UWcF$JW&psmIc zD8ri4+Iag=xVimXQ{5NC>W$yi8D*erbF(m(ags%UIoCS1VM$5JwrwiB#y&*tx?~_7 zMPf4d=~Y!(q%Y{FBMUfHON31i^n7njX0B&V%6867z7)pe{$kk>d4{-(ojHfp94wPy zs>_*rPee3o8(oe_;%GjRl~EJT2ipB=Jz2nhxN3YSNOnX&><}>vYx)7dk>}y+<1aQO zWj0>hL8wVK{6@jiIPb+e5b#5llAw~?S|{}o)3?jTMMtyXn^RNipw)ZsW60zwTr&5W z(ea_X)D3*>^}L90szQi#lUju@Q|exyCoMH(3iE%&aVJRSO=d>VM#pB3S|5ob_*(Y( zSZ0T1c!G7%Q}pYiPoIkaD%Bom zO?ub$ETroi`66xmBeg{i6(|ruD_d2?30n@Tf^hRH@l2oCo8dS6O0K$0UgKv{-{Z%t zLk=S&iKAHPIz7&ukq4g4DP7_1&1U>;yq%-c)L`T1hbJvwg7y^zHWu$^|N3a_|g4FDro&^mg$RdTO(p&03cBOF9xJ#&v`xOW6Q2 zqYhFU{T$FSO-JBOBAniTFkEJStomJvI~l{9?me`pI_VeLQ7N=d~t8{Bs7`TQf$YHB!F8RL1Z ziS0qrtxD=pzP1bM(YaSVWvWi)7i_hC#E+0`F_R0ISvN50-}F4vDm@bBs)`ofVmE3q zY80SE>&}&<#$oL~ib+4lJuAFr<1SpAIDT)lHTYFj(*&1?Qw`1m5%X)^1fLdF<>B%e zk(PW{rHP5CDwih)qA#kh-pB&(5?-3cB29>@<&Y{j@q5#upH8hrLG9OXnhpi?@w7b6 zSNP-HVHyGLR%b_dEDc)}V@tEAmiGplk_pFO1kNdiPP!FPv|aDHZsnC1FhEwV0(i3| zy=`E4UW|p$&UkCIWJ5qGc6S|C%Gc_T!k!!{&n3P#?-u(gNU*pWBvtl4=X5ON?M1W@ z`aER+dk^7KLFF{hu$b6u>Fx0@mPcu}Z)v!X^&N)wpX?tg>D1L++i7pwS1v-zHmWXx=&J>{ff{UZlzQ)mLtAH(qH~Ve8)=#~{Uu9N2iT){N|Q6{?Di zR%o*=NO66O>z?#ZS34L@^RUwKInqVmNL?@v+GwJA-zBQ&5Y2S1Dd^c9MUQU3#kE#~ zk~uLfcl9eVT5aD9-eiOoq^+}^*-GMe|FyfB;i9He{T1o|X>wJSiopB!(U<*{YUl1U z;U6sQh_?^UK7XbqQwIoIC;eH*^UWeHpq1Mvi&g3ArN^(_hr}7@V1@zh>FgsUl}tns z&SKETbGI&C;)3|ywlyaCCwI3_nRs!J_LcpKNesc&xs#-3yW!@Mtm%4mI^t}Xoj-gp zQUm%dJeJs;HNE;9a;ElH&hp)Z(NWo)Cvp5P3e+4>-Geja0X}9Op(D+XGdo8t$bh6B z^x7PO@*y#JwyUPj_k!GrkLJ{;aOblzA6^K{Q@OMQrx`&V&lmLq?4D~5X5vQA8Irz# z)X^oPj}d;cS?P0m7sr}?^^ncC*sG)P13US?v$;vXxPq;Q|F+RN>taS3ThwPn80Z8D zFPq|>Dss)%et!X0J9jzeC!=Ax0ncjRY7DUzo1bwKDK}DnL}Q)0GAzI>8g`mv-lUn& z!u4-3iZKu~M@a}fKArj-LZ$;W02aO;Hx{QhL{h+~e;+j~OXyi~oUdZ~er+WtrY7tz zV#yc%7BiO}AOH}6ZWlmGS$`P4nptR!M6EA=rPpNmV}!)ZI9I7#O&x|r!q2qmIM|&) z%D(*XD91X=`vmqT_>m>&fL_<ZJH3flDET}mcjKoi{Aj=Xx zJ`#hrXx2B1aPGpIW0nA9nLIyX=&jJ^o*3OnZTr^}A1w1>X&Hae4zY&Z1YnBdF&DbW zAQrl1Oag`XF$d~B#BH%KAOXn_>hZnV%_Ax^P>*xa-K8TK9o7HFJi)+iVuQ}-5xdCE za+pJv)t!$R8L}t<0ECp|P*>Cr;Nh?S^SGbu`F=xQF}wqLcl}_@ix~0zf5$|3PagjN zoD2%STX|#|(*4yr)FD;nXOARJ@2X+H8sB@~i^N;F!gIz|#jbR#>_M^@>`Tjhaq%9_ zr_{7m+|y!r!AYOSwe#&)7A@uFP#N=3iSE#Mau3V zFTynfiZ_M=?+Yvk2z3jUB#}67RNp(S0f`lGOD&`Rc(D6Zw1ldlLrQgM#OGyMPTP68 zQUiY{e2{?K+ynWO5hAft(ep>gqo9efgY@t4s;K&#MAXcdF4Fo>kO$`Y>=4C4u_f?! z9f;HeJ^O1k^pMqUc#;HATSCp8#1RdEt{?7FFM++e)c6u(Aen9FDd!iVvnsZHlCcV5;8Ebf9{Co|&VQ+WznKKldh9oND3{HX>sXJH( zWuDgfY%&ue&_0HX_-L!?*6=aSwyT2Hp8CJxx zC*L`X#?K&cU?aiz>ba(loT{G?{#Y8-7Um9q-iHL^Idt?O78-G>65m$r>*|4$`5`qn z)~W20px^~;MLjefEA&2?l9U(9_i{+ui4RAl#kBN`E6Y3`C7h?}e~=&_8pQe*d6afp z_fGz$w^AJ7aL`a*`BH*aAtUKx^>7Efc$ZAh>%^9ob~oXbY~~=<_Y5=_>-_dK@X!cP z11_iW`fnd+9FsK+;1A`#N{enu$A29!px~!cfa>CEA0KHDNyLl?mJ;_W2iFqjaFJtT zPhMTj8&|czuOr{7nmtSL!YbqF8q$IQjUnCp;*fqNovSa|Zj0;1*_)l^{ih#8sQ9E5 zR<6$|Ly)^ziI94Q!QF`?WBjLbxBef^J>@0I4r%uM`CndXG7@JAR-;E3i0m!Ze9 zE@R5_K@hzkdM#o$V)bd%~)#+e;w z)nBl3N|ECX$Ypr%D3Hin;Qh7ZqE)lU1v}O3U6nB1J?K~zwl_lAHE&hXIMOz9cYT)K zZAuh=?n=k~msd_}@dpQLDf9pY1s@7vBd#=&u>%IQ@RC~byPd9&MT;wx!09zl8uy`! zL6<4%*4(icY^Z$d;`Z&z)GO;)_IPRWH7@t2Yt-ij(yS}3txWUC{TOC(FRr(1yV|0K z*{{mHJ00o5Q*)6k=PAK=5s%<|N;`#@c z8uS7gI{-_m3k8$Zde6PKi!w;QDaeg1_@coGbmVgX>qoo@4J-U`SVR#?J!i@>AGx%wyOjHRM)5&r^Oiq;H|DG2Ta5{O9N5PA8h?P0*V?uuSJW4p0Tjq(B@GPJWPbC z2Xvv%?rw%Fde>1$q>DtomzlHqradCLD)DwJ=`J-d?B43S8t<=LtclolizQx`k@BRM zcgDS5k3P9L;d9_%?&9X2W-Xsd?<6uC6*n$~yMQ3vOA;WQO36}las8#8F8^Tb=yL20 z>bxdyhQ$+gr-5q+g7`PMXCOy2jZ?_|0ZK#ld?Xdl*zkC; zAhn#zd2OgoNh2rl%|H8bEK?vOhk`;I4fW@HuoEC#M*|6bJs(~`@uy}0zC=GKVA{l< z_3rugAs^=gTMk^YcGbazewmI@&f`mkM~2`mH_pc}R!ueVWBp0cZ4gRK0h^P9=9a&| zzg(4r7>QydGTt0@nTw^1ns674Z_!a3<6rNU?^yDPGaLz2bRx|YaX^bhwa)A@ryPtf zO$9tdg1Vf5!EPSWbdi=Q!&KlqiT|A@N-sau!3UFdw1P2f%<$ikkI8|GD?|evstLtD zM$#UY5S3QZdiZr{^KxB~AD8hP3V{^iMhao|rykKbfr*VqJpejq00MCRuLwX3)P61i zaQ{{Om+v@q{~bJF{yTX1x3|J_6tbj&M{sWQrIq5yu7jvyGiTkK_&~=^F z_oR)FEFAYgjQEbsW)DVm$M64Zz_(yPZluaT1|0h{AZE@E!9@<^V?_Nm9EjnWX@i~~ zM?#0C3)vr(jCk>wjqBaiQy94wVd-63Bd!L>EL#HLGi0Fcu<-=21pG{$s zy=O*@HYL}`*{MFuKYD=okGmnelUlYVb-zt4+av8_QzbkJ&|mOq$_{|}WU zD$i3276#m8IpTx{F(u!D%s2FLu;3}j;|F>UIg&gdqKe~978lx1or3Jk$Tb+mq)QVR zTe_ug0pC4umUVz&biR2jbM#C5GdZl!0xTZQd#LeQ{$(tLohMlk3AjQimf>5j!}ByV z=a7)0WFW!p+!C8@NROG_|%^?NK0@CChm z{wTd>&w}WMt&_rfnzf-n%s5v2zdlRLd&m}8qnPwity%PWVl0F^{uSfTvb!hlkGAri zC95C~d)vp4lVkF=a(|jmcfna`9nYj`{*q(!6ikdx_ZxLQl0iNq_(UOn#UrqOOS@c- zh3OAGT)Fk>gmRPfUwQO+^jUMyQ?4ii0u`#F?1;~Am$ecd{=myVT$HjdzN(Uwop|eF z@#N|1AVw;`*f1()tC}ML1YOHGd-SfQy=DKVbl3GqBT;)DsX{)E0;nXD6KXWi{I&Pn z8NteOoDs`RQ2i`DWu>CpEzT=nm{k^}&Y3r{|DNuwdt%~H+9P+XtRo4MDZx0V);Mpe z{z`4^@!3xF#djUr?@xDx8`ESmA%AR1wL<(w{xToR7UL7!pWEen*i5qxZ`@`u>?tox zFac7yqp2nhlw8XzGKI2ng%IDVkL*sFTMf8)cA1I=baGB#h}7YGR(yd`NsY&VL)o61 z*ZK>&AI4k+(r}~1>_q4sxy!tZ#~N18?%nMPi5p7YiyQO6q9bbE3*ejvkuFc_uc?WD z{Kk}h2XpQIOa9YZfaqB5#6kFES5T*sUb#-}Y_47Bz7lZM^YchQ+B z8$K#TRP*RKIT!6{Z1(hATXO%UNoSVWh7Cah2xtL%e%4JYIPTLIx`Xb*nAQf!n=Jdr z%@?VV;s?s=_Lo0ot{B}-Iy*U`cbZL}>n#n(-auD19$Nuq+s~^cUbdYrsYb`XESxx>a5?-|5Am$ zt9mWKAAq-3af2^Kb`w;y$K^uHo$t%PMB6%weQ&!%`TEAsUJ#wFTdeGrGYL6cDt@*B`&ks3)KICCS@P_rj1L4N@n*njML zxmW(UqQw5>-z&JTyIS?<-lSa!44;eq4B^Y*hRA0!8h?z$sY)U~Z8oCly$b#GBNbf5 z?#qPh>}x1ToPVN(3vi!dp&09jK>(alN8V9U25e6P8;0ak|MmENt?L)W{@l3J^QG{a zMz_5_srTa!#RAv3Wr zqvt8xx%;U7tSpao5cUrU#!WS=Vhod0R;{8w7g>%rKI=Tns<8$_Cj$cg8Z(zk7DDy? zfZ|U887F2G{Bfez6orF@KDR0@@U=VcY87d#xfyc4XpMnFzLOGYHbi?eYep<;$$-H4 zcUo=(8fe8kgp|N%s1KCCK}Hc1v=T(;KOI=9F;+21Dshi~Fn&w!o0b_OQR5e!4Q?=t ze~@W1YZr~G(x|#F&VtvTXi&DK6^yZt zr%@;AZwJTDa@)-Ey@AeU23!U(sQVvRu8Vjbn~&inN%zaF>&oM5t997!@trmmMEo6~ zW-VwsM!iv^5yy{0B@V2Km%#MPK2ukHLr8_Bt5H4k$oli=E&fEl7;^Q z@3VPEjUYttpw};0Sw^gkD+N*|?k@gFi}iST#k8R31u65smMBXQ?eVn2`Gr7L2>=uv zaTx%?1GP4283O?P#2j0Q|6E3BJzxK>jrQicbI|SZ#-L(BoB)vXV^zxuD3UZ|%jO{m zYU{>dcVHZtut^#oSPaA=^%v>hEiXS8!K8~l4P*Q`Wn3g=MPxe>7e@k6pB?ytV2iLU zuY*Ct#yA`nZ6&G~J}w7ectts7ekPYd#n%=nFECO+Nu(vjHKo89cM63}hegZ$wR9_D z`*F2zG)si(zbthJK7({{2d{S{ZvhSpAor&4c<3<$FE1dWqG6tz6+$QOK z>z`e$7lto^*P)tz;N^}PRR8fZK76S%V2Cv0!Z3JicHp3fy#rL$vfSU^jr+&D?}4+E zYM9xPC;I({oVt!8JUl4n(O(hFcml zLl3CCVP(_}bZF+4ZDL}hs<{(8ef36@=?Pl%PsFh*>Y=mLZXS&Xzv|B-j&-P;6dMoC z6Jc4Nz>UvG5_aVSPk2@V0GCqWx}AR44i;BeR-wc*!-opsqPc^6^$9$~$EOv0$&@mD z_`F&aSSrMp0ztnUmi797-5{Q3NM2&Fmj^d9QSX7VN1$y~*S%f42EGV%KE{3~s1v`T zAmi+0QdFzu&JlI}`gQX*Z6#xV+t^d)+@9Pv8IFGoa#Ix|9^p&de89uwRi~xbSF}qf zvS^A;9X=Bk^TEykJgc(5iW6!KH|G;AJrg;unU}xh^V~lqJi*kqTI0Mz%q!u;w6C~6 z&PqZr&NyZV7E#?6|G_Cg_oqp9Q+zv!c{orP)ywC8KUFpRU5#f@zy^@uY!o64s@qh6L<}~x2C!a-38$_gEs4ngk-=$NU=oFt#?>`fM zUsIG~=W!a7U##Rc1C1kTk~kqCiEyXcY{U~DBV{m%dz08QTOyU zzaL-Xt9>Eh5UDwEBIm>|fU?g4$+=_P%Ezjzh}i1FGKPyv$5?tEad9mdU_(V5(wt+y zyIdMdOS9RITn07kHzb<(Isw|^07%o7tDncF)CEr9FG}BzG-18MUUbbPqbX1staCuR z7gt93v_Se`^XOd$s^_4yRvalyu!|tD>04X$Z+K2{!HuKK z2VOgJ5Gkkw!c;TDi{Mz-b{L--QVsNRBo-8g#Jpb{Db`>uyDi)Hi{jEy!W~K9P0QT1 zeu76US(rddm5A_S9dfoS_kB=H6LU^TnT0Yq-6MSp?DY}(2L(fGt?_>C71P4Q2~c|2 zRGW*9XZnbg;4_iy{Q3Sg`#cQv&qvqZf(dwLsq7!+w<5gz*xPajO z7ya?Y9V&i&cNtkXpe3+CW&ODrl-Y2tdQMlaxz1BDYrVK+9q#Jl3(wafUh?yVG;UwE zyd!net=b_Mak27ZTdG)7F>HBA!i6z)8$t5rx{N(bU>ZPitQ?M{VEw8#N2Vv%-ETiJ znY#1qK87C>>oKUhL$UMTc&KoE^-gu=4a)9wZFHVgK? zM4h$Zk~Pn3K*90OkCu~v%&;mOV224Zm!T zNfI*LMDe zwYat5VrSKG5XkV%4M9nDOld-v8qV%R@)fPJ5wc4i_s&gyRP`>^;<`r76Tw1JYGS1_ zP$bh!NetF0xgw4(JBo6M4x_8X*>b3aYNJCJh{ptB9m~-c=ks==%+CBxM`u3BAC3+{ zOL|*W{Mu95%F-{VE9Jjeb!f5(Z<5Lnm48%aC5u<%aiIL=t9lkeR^Z@jQv4?D=G|Zt zK;;G+QpS`TQx{*>3VgwYKTU5lKguMiOPoD<_d&ANn2OT=PVcuT-)6#}Pql}V=!@X8 zj@&7-vIz#9o%?#i2~z87Jgm=9Y|`ZPFtujhI%pDyu} zL0rb!3^(AkdfSxVG{8u{SpVVp4br0!vD(O9sVeYRTtak{zABAhx|_xwD<8rT^es_U%YvhlfJq55^ehjKHWXx zE0CgdxRlUcMmCbjXqhvIwf_wS4iP`$;K7}D;jX{-jZ=tD4t@{IDHe)@j)1cW&{c}i zG6CK#YuJ;3AN6O4NqqP=B?%_;D0tVqJn@#3C4?;DK)(KZ3tWY!+cWBXKz;i5u2av| z8MLBKd-+S;3^zcwDI|#f6lZQ`swYxY);*W;1$~5ZtSh`{h}K_LIj`UPzj%A|c&Prr ze|SWsFqUjtLs=tRb|Ym=5)~p#ku`f53?s7dgp#cg3RBtF3By>ji|ou;$~q&<#F)?h z_W54F>%Q*${`b3-Gyhdp|kidlJuvzJgFfU2BEN5jNQ#opK_%IeC<3d}O~tMI z*Ct!H=1ex@q+WLP<~=FHd$UB$IOKr{_x^c8nR>{{$Nvjh)Jp3diF2|4Mmvb5XXJc% z(@6WwQlJTs*9{SrplOJf7n5?gvWTxO53>D`1PaL;>iHx(fE0GEZ_J0cinb85IvAnW zKg?u9eA1*^E!w{r*l7IR%zbm14cU?eHHfS2nRWiFBsWG>bcNCEY%V##{ZxMLkVuSw z(h@fnwm^e~vO|f2-MW7Q%a~E3@TXpEZEQ{Ye!H6&Q!L`s3#FlK^G1vf(P5FGX8Cv7 z|EXC55F$e;ggjxs<52TsY2A2c+vWT2Z5CbddDlT71^~%4lcou3&7Cww! zdd-)dt34g|dC>_ho1ju%HJWdmkGWPScU?46@iKgXK9(jfG@&SBkM=z%>J9PRhv#dM zM+CQB&+|{hU@EXhQ_>M7@(SQgsS-iug*e$o=E=qHLhAxO?0_-peyb(`7Y+Y?ob~?a z12)_Uq>AYjc9~@KFVk@tfom8PcUjo^U2!)75`!C1^Fzqs{{PoWlgYFS$o695!SPv3 zEQR{QF%S4G{y)zzK^7qr1(EHS${liiJ#<170Y9dQfRL#C7W-|Wtni6GYwg)OOA8%A zZ?@<2!c6qLkkpyHj^CDG@Z5jrJ^gR}{Wp2PoRp8tr-zr^8dg_A9_La|p6j_3OO-mA zJL)1T>`XtzRJ5vY-?a-%nrGgqiC2q7TvuFj5z4HqPh{|6*r^C((tLRVat!(J#H$mF zMXTX)ajPV$sbiicUuVcqZ}eG(JKj!EXI5A>>QXG7W&~HI-lB0=KHm&kkFc3pSZNUQ zG&qDYXUOx#Pymt=z^n09x{_Oj2 z@mVsg`VZr&)3byV7^wD?LE9242ge=YY$8k6vd6L`6ZhJu4H?_Td93Qc(OlgCqKS|% zIw0XpoBW8F7f&>PFuZH@#7MLK+s&91A@Wh7xfCWMJyZDC=?5fEVszJ33FesR_PAo1 z%!X%9n~41T1qZfzyHjU6Ap-oNEb!_3q{0fB2-PvBgM;QeEVV81*$w+mguSJM<7s-GJt18o1d(Ep?i%aEE2oQCC z`GtxLRV3RJJEJkP0Y)Q!Wl~bloURSu@VxLMk|La9U_UdC+E^#Lby==JTpKiz^>(hl7t!*2~tFj1v68*|;KR#ADDvtS3RX|GlpgfsC6 z3X{xi@jGZNJ0v4^-QzG`3 zSG`}6OI3f7QpyFBX7afj8WpC3iUapn-A@UFWU+CX5~9LWp;%RB`c;2`s)y$4 zz!|Jbm!9GeO25F_X4?Y9t!T@M>a5Xncfk}kuWt$oYxilWRo2so>DPIN-L?Vmsrvj_Fa#J8=m{`$vuyvCD;c@PyW^ibXq?&2l*ClSef*dHj5i?x zNu3|xY)Cw7#Dh`&F5UQf^L9-bX&S#w{7}c21ddd$ zZR0$QmG%PxE5lWe4y7ybHV~?(F7Qdy|N~l!G=F?OEIH%#;UQ}hhd3bBqF(# zZmK1E{~pN&mwy&s^vOK$AC?opKNpY{m&7*ZAO@ArDDJMh&G{lHC^eM_k z3xNNYE&kqS6_pUJed@dH07jeIH-H77=>tgBed6CO>tvqgdo8CkXlM&87bOdkk{Z^6yk#%m%Sud)xgr&ju+GXwJh#z+X zX1|jHXP(ICYp4G7#EBKzIjAYI{^Ye^r5|)f4q(`1`b#hg?I<^R}fwqYwcDGtnf4vc37!>r*;~U0Iy_oE%@OU%oU; zyLQ(i?2eqS7bD`LHxY|dm|!&oW=f5*;GeZ)NmoDReRE$hZy=ur1C2uL7w0kOW<79M zbhkUkb@#_z(ixVp^3Otwp87I_gbnrGZ*(vF2!=QjpGIW6Oi(9R<%1Le-fbb2%~RusZ(WL$8CH8!+gq=mIZgMjO<3b9)o!G3KC6ON zJ`3rb?eGS}ldb&$izjlt(krI4#;znw<3uzIzwTpPd?$l%SSjQXQL_t#vK9DT->z1+ zAFxH?M$Rk_B_V~JQl{R%CdMQt=pEI&bbZMLbKHdnTapecNn`YcFZ_spntyuThJm2C zt0`2=k!7A0^*pTBnppzXpG0-Z;LyCvT#|Utx`}}8XhA+4MWAaZrxjAUIentKA*u5f z5WoB8t65~}`55%Bq7CpM)1Roh#s#XN2{p+V$g0_YFiNLZ_DBA1(oFkT$FVA%{?Z0h z;pSR^RzQM4FdvlIgqff~NmiBX*?O;JHb)d=i>%vjrxgW%S)&F{5QZghExu0nzsmr1 ztHLQA12xgXcO+1A`W{__cbE}T9S-P;6@zW}t-PV{Wi>?)9thSd&;GF&WXfwEqWfr` zOGXm9iUD^NnO&RlzAJ71OVa(sw;snyT&0>tOp?QZL>vIzsp&im^4EPd`QJ-|%wG(M z9o#@eqfVFGPN#nNG%8JBkzA4A7&Ibzyy*&_7*Slwuhxs(Gp0S6BepAU%CnNG=9iJ> zouJb8bhBwxr2v|QUNl791l5!2KL8`=1@FIuFIV;rAEamA z6G443)?T=!JRrwJkJmg6Hd=?1Ic79RA7D;4T1b$`G)Bj_a{LM!|4eMzT^G{-)pX;0 z#t?5%N#&S|smbANdHJ)D)saI+vBk6(IFsNb zd?^#vW{Q{oN>k26dg!R8!nit=u%b2(HRR>23n+71{kr9xk)|j01|QH(CrB_xFjK8R zShB65ivaf%p&T{XF^*f=8KJ0k&~7Ni2&bNTL@?f_YQsV%dgcjDp~A?a9{?9c=$$+U z(@0vfK?rU;Du|=uQ=qL!V{G#%>!z8+#vAOj&7RG4EdgM4`LDHC`~z9ZCqD?m67sd1 z!NXQTr!z)I*G^f{ywaV1B?|&2h&krgHY!IZ@X?0^^A}QE>S{h$Jho-bW=p2HQ~l); z4GRLVn4*C;^vkeqp6$t60QUHQFQ$cTee%OoTS$)ZtB_lfymHU#jE7T{ra686#(-AO z`UC-t5Gq9ticyphx_Urj|MCOzvu~7sH_SG(tQSi7*-_~=pp zd3&FHao(4+DO56BUaEWDbR*}@S3#H#MOaS)M!v-9UL8?Wm=Lj{JD0IF&qtAj=j)KX z7kD;VaXjbH%n#%H%HAbQz0^CmX@m(Y>h;aZqto!A+O1*#yGe%?h#5BG%_qFF*6d=e z!6$sO+ZFb_bznSo4woET4Lb#ATGwt&zSA(_ZZ!M-^M{A}NgO}lRz-d<86&8yr$CFH zQG-^VNwzEn^>MZ&gRNqgdiOLT_Gi2ciOmtVA*7&vBSWoG&ktw6&P?mb({Mq)p7P%8 zhuHpiI%Fj&1BX20W+|Pq*z~8QL$RST(_)C5ua5m(dTO=3GId!2v{(!^SRs!`V+{GU z&t(xACS2H}u0GO@Qh`u7zR}VBj5|L4zh0d~vth2t$WU=&R_tzzTgNp+{W$FIp8*6+Hiy0)z|kIO>a&4?-{4|I4j%yT%aW zEwxWFUV887h9ZE5CGvly2~q7JH$@5Yos`R@n8W$#>b)^{>4L;F2B{Y=>zutoCyX*l zm=GtR7Ce)sC_?a{qX)y3HhcRJ#-*x0^=H?xLJfD>V?{Q<;afaIN6~ButM}wvAp$qY zMMs~xU%@}My7##W^a+FaeyKq;deoEKZR6*Zk+GUQHLVj{+nX|;i&fd@KFlSgHNI2c z(A|hwqccg-(p(4kmwL%~3XBa%AYUimFqu$?eMr>pIu^3Cf5VJ11wsZo;iETr^$S>% z62Ta&8h}ZJnvN^HD6y~@s53QEAl5FFY?YdciteDQ`vLB70J`ajJjDr$=vwyNi(*FY zcGAtY;rO$GY*CFBXMyYG#wU!;+bv_cCE&?DrOAI*qyK5vIe>H}6?D zj!AhIUEAq+K0QIh2JE~j+Asx86*3pG_6t$T;>Ye4G1qIHTUCXfa?@)~aFbnG7b?kbQW*j-@Kf_C|)l3k3+m zktB}KHOARAl>M608k3SKQIhRrAXZW%>6yNT!(@Vf9Os2H!3TkC=e)u!$g;EpViQ)! z%MVi%B60BcQeAcO-&NkThikwPR)U-V2C{DF$hs3XjKcaC5)+SSvb>ELh^41=uT)3d z-C$VQuh^cPUsz3O)*xQPS`%rr71kxsEQ|KP;VuTy{i&CtA2z@sn@3q)GVysz$vE2> zcPYj73eAD89V=zKYR@aDbUUwWmV2ie`*zVne!(2kahftTZDJ-~H^w<|7Hzne+z zOP9f(MigWn=?IIRlOAuqtW)S_+22+CIMDN=L!(-+oVZ3G{ZD7MLKa1bz#Z zt%C6IKevaCjx&~bCrpePh+$@W(o_uJ!sR16{n1r2?Y5jGD;!PsM6AMaiRE=yqFCB} z|BU?PSK=D71Kwjm{d||M9b^QscNM;(s1HHgOHxbbIuH!QrqgZMr8nj}Ch zKoK0tFGWaBL@A=ZU9Y?KJQ2va+$Xmp0$(19QXaNA*M=5)+q$=tF4I=K(L#7iWS znjEH*VoM+D_M&_}MI`!%I7|!j2hf_^t#Syh#^yXcg*8!^O|t5*SI-wVQRTa;RKJ0i zqI*t*$Qe%;^Gsc@w5PQAb)56l{5PDT3+4fSf3IW5!_=km3!<19r_A#N{P)u3o2fG$ zHQzLJAMpx!+u%XGsRU6bx|tpS7RG#?Bj2}j`brT?^NZdmDp|qq-Ca-lnBa=Leh#EM zlec;RJujP<^3=$9H6dFbmLZjz2?@L2rB@2tQ)x{qvOyHiBCEqwOjkn0@U?%fT0*@t z?A8JFg#f*};X5GO-;8QGuNtx)Q{JD^Y%J)@!t%Xorc#&w)pHSo+v+6cD*1XI&fsll z_WPikdBp4B(xZ6IBGEqw@lFZy5k2~z^`*u-&BmqJ`kb<{^k>o*3SAVWuIIfzuYTu!i zrL5g#SoXPUnDmk$x#|*n6>&Y&Jhl1ZM{$2CZNqAYL#l85?X9`T>FVAn61rn*hF`eF z?cj4Z>~f&qwtk9=ME}gGW~V&;fvXU@fn)*?&a}5%T~^W#@6`}ZH-p&Q9o(o}xDxOU zNSZh?wZC2bLVUhnsrTB5`&1`&KXuTC9@kQCu0#~IXe1njA+CS=-FbRB_f?g)b%2;% zGppJVox!8J&MT+ZJ7G}2Sx#f;@vWVoSQg+AcVMO`%i5kncWw)0ic(nntzdi8?0W$l zWq3Z%E`FNUbc~YY4z72%jdu$M?|opkqCv301K`*J{Lao1B`J}yNWx_(MY^@@_)Rl= zIh=EGV_)-Pq#!_6)3&?K8SG6{3m9~DL$%?e;gaL)31F%=55N`4aua(M7YhxKEa=j9 zE-xeulr{0u^L&->(&`qDgKVrvlO`8~x498lCls!Tzvr9~=ea4OY$h&YP^VEjZBNQ9N^asLf=@U`Vd zw$G7X0Cd+M)U(J>zl<5lcZurrU*{Td4=eHMk49HHWUaqGjjK+n+~0Uae+T+mge@m5 zL|iA-H$NWDtb&dA3q}5}38Awms$n*dq-NoXs0TIOjz?$b&i~zi!>*LqNth4*$q#y) zks2_uQ}ksG>;girb!1n^Kqgavi}kX5t7Au6!EVoHo+KW$RrAcSUmidHfo$)Eoc0FC z#P2_h#~`1XR2nG#Wc+EI@A>*3@`xl5JdsyTwKz|BuXzbMgo06M+JH`CVltnaEQ?$K z*P)R=_ESvfabx$+$7>74%YoNc$7liUNQ$6vY-6B@JbuU{irX)DBrZA@cbui*$=VUf z8??N;(q&bXymD3~BLHQ$q$?NF1L0)`bYGy}rsP7REfxtC{!BR3yRuijW^=~6{mlc@ zn-WFD{CxEkWmGa4aNvp10v%MH`9Bc!-v0KtZB|!)Y0`rNx1bK)g9Cb@Tc8hmy$tWL zAA3oIPe>1=1NBG=Su8mgwkru#H7~9LUy|Q`N!vE#9Q?*&W#qdxcOIK5%$#SY&$~C1 z1SrA-yJ($w9#Vq`xzYzO_E5Yej)CcpluP}~xwx6v=OSG=?ZwaDp$&buqjzinEHN46 z(_WZ(sebyYXmn+NZs+FObn`D5Jci}%vPP@~ZHT;^a&xM-8@fXqXP;Tn?FR) zMOdt&arhi`X!mtN%MS&e>+0fyw({cD8&|@-LiBO1egd4Df~U?9Jy6*4rHLUJSLzv+yw|MltF7JGbc-Db)WJ)b9)s3+v$yE!A4EegA8UK|Z2KRCl zCIw?)+1l3Py06&v$T?z^GGCMt1fj(F%{bQdRt!R3f>zMO?X_3y z>gsQsRpP{=Xsq90v?lfFuGl+tD`D?-RedDy#dKLr@envy%%0$mUyG~uO9bz1)2b3ew?RruQR() z;TacQR!|yK;Jr3}Y}~=%lqAkG_IW-PiFRG5`GR{_ldGq6Q7z3?A!RF9);pYXb!7{_ z6N3C#+)q|8A$ya;3x6;po(8@p1)@Ajyg5wG)V6`YIE+6yTe`nYsNAm|{`S3v>tm!y z=!3rp?!v^g{ zfwU1vY6#ti@hcZwhjF8ume*Hi4Fjpm4aagzmy?H>T65h-kZx!J(%TM-`0%bZ-GheF zD~u`4{?)04X?jl2JFcoso$}H!5LLIwfC3@_o9$Tl6y7TOL%O-_{%h$i8|NbK<%b4s zG!8)rG`xVXHSRaPIbVL!+0jv_8S@e1aaoCU7&N2R3@P5UwWb*zKHw}P&F?%Z zl4??K-v(J?8A`q#2RRz}4^xEQ&jkH_KMdDeQuy0)c|Z4YNs;(@e_sW)I!v0p=I9^Z z2L5kQ1RlXedWRP!6&6g{kfKe{RW0>a4+~myKWJA5g<+$(Xjme;R9Vl^SrHEwN)iz| zM5TMsbI@YPA>dw z;)XfQEH|HFMFZ}=XxnGcJ<=oV6aA7q6U_}r_BLH6JhK%HaKQQU?BVnUPf|^ zA0Oz*eBEd`?p2Gi7@MBo!K4|e@Be~a0HHy~n0$_Tvc;%EqLp>)SoQJs%Leu>Z$3~@j-m3EjS{$tsgeZ!*+Bb*w7{MX2=)8pH?1O|SSOV|E_6Md-70xpswdZ- zRi!X}_U4Y{MbTxINBkJJ)Es6iD_jgN&K6MKAYhViDK(Jk3K;)RV->h!#=?Uidj z@=32NKka*w6!8M*5I2&oiHa{R{fdiNB|bgUll(qV?DhWIGpe!lq@RPzhaWRRKE^_F zJm|+==UEX3jCHY!YLaeNe=8n`4=gVxnktE*CGzSYrO#wyeS878#(+_f=SD6l8_v6hs<#gBwK)DU{hHRfB^xMttNT|k?YMnv?y4~QJk=hU z@U)FLj-#kF6CF`VEVO`&dF9rZIRAsO+sl6j=z)9oc1Bn}~8f z2+A$_d0~@rrb4o7UBqqYiwY!Kg}-B7P~ZW;Hu*1+>hLXkw&+Gpu^;Y;p4Tx~q;0qg zAqx`kb084@)iRMZHvo4zAY=G1PmrxYIS1{3@-3S@jzpPMF1a`)j_Z$}#jLt8`Dkc$ zsdUq2uc50@7&jwb+}xmU9A!#LlJC2DicoLMYsvb@yFwtk&5mS(L!Ne>8YsiXJC}!! zy6@{(ke4zBzn4FHbx8})H4wCmhv|;UP8H>KC{Pj1Kk?O(N|$^d^p50met|-2N1gL{%eHbB_(45<^)F-k4;xi!_SPYh&K9)#9%fB zWmTrbl=pro3fv~QY z0I;)-+NGDXR_aj5zPyvHs-j98J zd-dj!)5D^46`^r5 z5Rz8}d{d>ZoVy$+>DHp{+&e85FRWWu|MZQ)quj}FqRF9jJ?Ugq;?f@jNm7S3!-mDn zmeljCzU|=<{%=oOqe!QT0+>2bhadt2Kiby53oMxG@pIA`cR>6#)tq>?{7R1DzdF}Z z?FQgKP!*XIA?P*~T6U+-*jgIUc>Du-E-y_R^6AgMah#@FnptYIZDrIGgXv(Qq!5U* zKx7CDAh2Mum7%nx(R*WxbS+~FH&ZvIrIB#*yJsq}V7d>Xxey37mS-P9%I1zH3kPzq z$!rFK(94Y7gN?og4X1B5^vyLyUhnI{f&L!qFH;|3u0>M4F)+O|Lohb66sck+W)<*%&_{mnBDE)bte}G8(ue}G>^-AU`{g>+UI#yHfQ5oiKM)a%& z<>X{T{@$Z-|M?%MlAMzU!jl+Ezbsrwb6{%M=eW9U1#-?)W|{7&>9cpv<{$$2frhmN zAjl3)@*U7*I{gC?-9&;U-MI!rG)4(l<(R&34Uu z1sv3JgJ_qLB7jvXZSn!fhAYwm=QR7(v{B}o#da*#G|F}-zFKf#*Zm?a3 z#q~rxB3j@)@6__+`PFcJv+G=MC95}_1idHH?iQhLo0fj z%I`jd)aPGGR4%YbOQt8_OY!eiAb%%e;B{2KR?_j9N?FQt^Rvc)NPkGjLL$E{l%%9R zTq$DUIJ)t;CXh|-Vd|+g`Dr0A&&-rkepk;fpIkXM~DPGv@VNT#Doif5U$`^YK(Dar&Y%ADrgs!T}JnooUv=8B>#l zupMqp?*bN&>|La6o?xERDrW^{UDTqLe!04`k9zM64pxD5N{;n?)Nwxh)ODVEvrNNv zpD*EoPdK!_R0;IEw5`8~q^xcaRjOs?pPVn)M1Guc$sDx|sWhwhO>4%#;a7^E@S(^ zH>2!yQD3cFScQwv$9sui;5b+FqP3fu*P5z>s{31g_31L{#gvJ`jwo)4aNgP50I=p59)_2%huUY+~Ccs6I?1q0@-r-CV`7?^UhiGy?q6Jkqp z-17!(oZs6NX%ax zJus(_?ZgDqCr};Gmd`;d!Ol;&a@Rzg)HS|f!Lt<^pA(8)4TfCj4X6L*Lr1fdf0jZ; z+UmpczbIYLerD;BUoxi?EHdbOzF}uZS*vtu`AfnsUr6$l?#Z?jkS>EUc@kepWg$f_ z+53fnCDdb%ljMnx@P?=UY|uW(nUqd<1Ym)>!aJ5{t+F*w=Up<*sIrqD-A z-r<@Vz$6|XDo;4T^eb5r`4TKo`pMgGW0vKrgaz-iBx&yZz;Ug0@53}zN&P1~sl$ZW zKOh_@sAfdH6K{OTu_Bi6G+C^7gGpC4A^gmCiUQhcJ3LR8FoF5R7>ubk0YlU1B_STd z86TVy3(uaC?NVA59pxk8LepF z1W`mgCdb%FwUTOzf2)2#mjSNyx11sSUf%$1w~dZueQt@E3SVr&IROsJDLCGg6kV|v z#Q0J*H|m}5C7gbi?9F?@94BkjEA1AhtJInWsx5HOI$$iD>eq2@`p>5g&n$^W!B<=+ z@y>*6vfp^V8tg-O)6`e-N*FY^5@wslYKoNp;B(E_=FE{ZQXWO&iuyC9fA1y$!caZ` z1LQZ%Q6?r&vV~OfxX86}zp%{Z@TITRm-$EPN4IWn6`y0PUJmx7%lipA(gkn^G!Cc~ zPZ2k_lR>Y|b35MTb8B?B;PgJJnyA^4$aH({?<$IOi3i08;Ae?)XV+PZBBtAEbsM%g%%%# zfq;=R#ktU48x5lFC!&zGsKtaI8pq_bA>6$2704|qrDo7uuB$@Xe2Y9^YZUGm(&tF|Z zs%1P~dcH?!DtL%Fi2^`5dv@NsHTlly#j$6Y^2d!yTU?m9KsvC^z&08`I+`ToiqP)@ zXUIki$*itHt8o|Ox_g|*?@q;mc=ymZFBY7aBD*V`9$GJHEuJ27a!G_M0`KIaey z3x*Y*Cd8X84||@+da{4cc>3i0mh>&w0^hLz^rRexL_@67!2zcayv{muC8Z&0j$%>x zC@(JVo7g`4Hu7t7QnNw1XxzqLqUH9zq>(Y}Zxdgu2a>zHRzx-z5DnN5az0dhm)QTJ zk;EHVrMfImIe3#zA~=wRAHBU!&j9;_Fq4hb!3P@+_<2^>Y-pnWxT00A;nB4*>uHUR zMEOq{h{W$c=1Vs6>tNK_9=jvy?QPYGXhrKQPnqAY8@RuW40tvd>6=6vyhSE7lXCHI zo60Ihh{zaL0|%G09i@gBPTlePSpJ`;@t4446_z4`CO|RVe%7XV)3>@coc=y@O}E!J zdB0zGRFQn0l>oBHUd>Vl=2_o0WGYuHd$1}=e8q-99zxXRw!FN862d~Xe%s6wBp0?? z7Pq4**G2(cX<-Xb8=Dl7Fthh~uX0xnh>qU)R`bVCRSmS&lMKSmnmvhEOe}hYrHngfoT_nrRYg z)Wv(PJTp(*$eqF1cA1x|lw?9crzLIe{=Q{iV`VJ=qF}_bL~(B#QxM?}72gisP{=P( zQd;c?l3vqOcXWFN#UF(tcP@pf9Vx)6%?Whj9u>{n!f}-SUo(o0SCJy8&r;dxi);?^ z*R0ocldZ|My3P$>ia^>eH>EZayb#tcY+fzk+Ui5mt5f%wvOoG~L2?!xOH2&?~ zypaS=plMDrA4fyTJf(nF?#xRsuhu;-3Vvgsu*JgJHktP_X~{bWFPu);CQBg!t30%f zGbUd!KIxc-{b9`H+sLOp{oXYyRu7{d+tro4@eho9TjwWJliWX{z6Y#?xgZJ>Fp~Bp zJSAF&6}d2gq)4>JH;`g+kB>w?{$W?y z^V%#WFQ~M3#Ne|2Q8}WxhilCnh$;ae+o6Fl0Hoj+;VJ9i!B(D@jfrmY2}c zdyivELdiOeAOK1$-amQM(Bj~|q*SzY=hPX@QbhV@ z1H9EH^d6!4?!18;-Om+p!aKBv^i<%41qn;u2}}5u3N>6wQn}1RQ*vka66#zu%Z#m| zlzYV$Yd>Ye zt{?iLn*UE2`~UL)nm)%LfD%0!8!9@ohh~Tm&X@lF(8yCHT<)#)jPet&>wnH*-CO=( zU&GD!J&E&Vk!&|tuZKS;MSlHx#Pc%!Nm);OS&zCM^j;5j_B!YXFTmqKyWS6&e{tTQD$?$PiIf{F{G8>j(qs~n#Dpy^Reu=+b24>%VtS7E zaCh^OQ#&lCRYrgfAB>UO!#r-`Is`PK%>I>BSC-Wa|*(jr+&^OBO+_btiTC=I!)zv1b|D>uOuGfE7 zjjcKndjK7ChtCuMmZ>7=9r`H#I|= zS06?CByWR+uWEO72yaflmh6DukNaRKAq)UXPV?Mrw#w?aP%-MaYRAoLS-MRXG8|oIhYPX2p?9fS4R)zP zo7M-~G*2$2PAIEY8_vjVWNKjF%Hm>mBb)`u+R+ls^!T(u#o^HJd78ur+np6kx5oUA zZ&BJ0RWhAX()`{#phXKvuU^&@uGN8rd{i~Dr9#+{67ig*w>amE#LE>f?k=UqE)3VQ zd~RIO<4uUWRz|JNoA;qfVA2U2DuyN%(`J;dHzvIUGEwm~$-b!k)68Epqzvxm-)T9z zdkSHAoJaOV;`;;c4p(e?K9d3NyCmCc5r@DeTNg8x?g0&A_6FKXAc9|v;F)xJ0&y#I zJf-v5P$%oHuhr$pp}+rXQKL%_u%kdH+8L^PoJ;og#xp)yy;WD$@}<5p4gTTimac^w zN1K@njgvrR0AOE1gcciIvWv5EBGz*_#8o7OfbOR2gaD<5b*5M+XEf{a-a(gY^E4#P7mX*Q19J0~t>S!?}#O2@Q4@>mM1b*83&KjfU+{j_Sh!9Vz zSL)xg$vCzQ*JNxA=iD+7Aw>uj5FW#tNp!%y2abhbcpt3|5uD z4So+Q!EE!mS|)Zb&54iOrv*s&cm|7@R0d0kL!fq&b4dGnZc@AzQM#_!&9Y^s(6Kh( z^?HEh?e4`Na7U3B5uVKV&kV@yUefcb(+}4fWUNWj)w3S~Orr-$ z2M0Z^hm%ZZ22ZR$Z`x8>m&!LjxQ6oJ&?_MC%{sX$7%>^qxT%5OH5#8X zx!L!zoa)!;y9eK)TmT%wygmmVMwqsWq@A-$v|(}KHTnFi>z&oA2rs{FNlnP+9PNf=ZvJS^+MdAxrMaJaG=eb-4iy;JZRnd%HGD#nVT!ZZMnvbHt z493?CvizRA{B^=lGFMxTt`5!*njD!oD_f@rMG)~}#vqC-$?!;ttZQJ+dFN~DgBYf| z)Ub{*hX~;Q{Dqv%TCA)h{L%W69Fs@WGUlkuF?{VGh&c1r)33b@X712w(W!_)ohp$y zj$-dZI203<8~?JYYShEy;uAUck!w$tx4X|%4VlxqPAn61etd8Z~5f7|A566w000SyHyLX`4e9%MG{O>86s7ak^$Y7AEAxr$C3 zAa$ItY6!e`-mJ~OXBiAkCQu)#AoQ^0@Cq2=nhX(D3Uh*;az#R01$sWLCqk#UQ2a!E zY~7i!F)sq1i?XZ&Sn_Mg2`c)&88CM%Eu|!5MkQxL_4sSamDsKi0iMPQfYf-%X0U+zQ$i4h>l zy*=^ky>C_|Qe(D{MAr{zvWrGs_sxZR&td--vs9;`qynXA5~%ru0?t#dFoMK#J?^dy zSLEit3`L@4yl-KvMqmT)x6mV9p@z3Z$4KkG`qfo54fF&&;EOZ!U0VHQT84n z7L8#A_+>tA+D@ipR7+wt&ri;-XQkO#cdBRNT<%z>>QC42*>44E{Gwj5B{>PifLNz< z)!_T`6W!G^vbwMZ{;o=}VX%5@Ux5{!_6PEskY#ekTr)V+k+01WXjg8-BkmFA+k=n# zS+}gz8ZO5{RfVG;*hftTm0`WRH&3LL9bgAwl+Xhdg%(Ru+ygxe>Z~NRLL1F#-K_~PYHwx&B7VSubl&F({v|dlpq5V3}+nd$HAkRE!G<;a^_Vzc2 z#hl~O0IQRZ=-8sJaS&wp)*pc>;cu4F7+5skXt+35@tjq4OPmV)Vce&8M)U377X^3Z zAb1u2Tmb!ozL8;(C_s7PpHJf9BuzBICl*$!kVl%oG?_j()#O`@I2u-wWxvn2%*0_o zsNm?udXbGSA?p5vrXfA9q z=U>yBG@x~;?SW_TNPZC&?MTQ9+ci470^bt-QpeIGVi$QO?T-9_oOd22qBs=j|JvJ# z`NxcNLf``B%!8he4M+tjm*e-n2_Bz3KMs19t)+weAtJI1EMWi-`jbMnZz)E-$n|e#Q_P@{q)V+ynINaz zPeSV|O@6oeG(YPIG@2|~=-h>@=2PwEfvI_b;c!}SzX1ABxu?SQ@5Fv5(Z6Z2U#7#~ zlB3wSr1)q?Vf)#N3QyloZ5Td9(>DdGewS|e0nWC1yMxaS$N%=7(PCG)VT+bV-M8a}|45?qFaW6XCK{wp#iY&X@YZtN)!kw*4z896%d-eG__qG-a_hoS zIqd7M5zP1xkat^Q>E6_NY<}ca?& z+*6pVUYLa)*`#I=>NF4V>qv$9$tv9G&f{jKO#e*(fklUUw^zt3zJ2cZ(qH^EpOqEO zV!iBJqt&l^@^<ho(xi*(%w^EBz4W#NtBdKW? zeAjK*-@y+$gB+`z0$p&7w~ZM-_N_c>j^CBQglohUKtbrR3oIfCTmiD-hjkmi?BVYx za?QZ$KFONdj;K|YKWDmVL9%{eaum`r`9evI!f!=!g>@_CRrAcJZ@)`?^lcB5gLlbE zZr&23UWEZ!B{l{Ti0ixJ+3|HspJUklX?Va+@BhWydxbUCwcWx&K$NN!=>#dFR6&s5 zEEEwz5JHa%NQr>--lYnm2}l>|QX;(*kS@JTFF~n+L|UlNo<8sQUHkg~lYO$keZa-h zTA3?rX036Ld)#B#y?NQXm%c0K*4^y68w4^TS!M{eY7GAGt?DH-|)+DQ>$)r|YnfBzAx=Y2+gx35OH4KP8MAcXa5CPs+gf z(rHgDYSmO!G$J=ukq)9UNo_SDty@u6HO_EzpdS$P8&)K4(!eOP*EBCrzx^G$LXT9- z_ZRwN0r3tcLpf}jbhpE&r#eqy$bETT!(^@Mim_d;CO0HpBCGG+@}($OZf0!y-YCH4 zwrEB|(9}x$iCtN_ubsJ#17jjp(*SMII&;K~in{zDB9fqtaiCMiD}Mj$V9o=RiEb__ zA9y#)-OUqOl4lUt!inz7Zw@B!CxuwS=7IPgADjmXVtmtcE$6ZiyVy?0SLvJTCHH$Z?{re;^!w#Dttq z^mSCz!{v>)1vO~358dLKx_=vT$kV_p)E-+=jtMEaghMa9TL_*^by8y5L@XG0_ z&T;8Y-R}_5sFTB^4Y)CwfMUQcVnqPa(TNW>`c^wxP2nvoO8Ksn1k3XEQ```_$}@xX zOxvvOBan~*9&B^NLKc$;SFt<4?rPE>QSmo0@I;An7qT6ErfIs3dhc)T&+HN9V=}e9 zJb7?M$d1S0RpiwfiAO)F@8-Ij4;f`0zQxCcXRTaBm@8Blni!cKmuoR}VEHS;r^Bey z*$V&KG&_&LiO)Pic?@0Y4*#s_{5+CEBdI3zwv~0_buS2g;MS1Q^!X<_^A+ZnyBjR7 zgO$F{mOcr&xVfjJ#iXICCiZ+JV!?4r?9fh;>DkU1bWC-#@uM`YhVpS?Gpv!JPyT~# zgKXW*_ZaCl6#M1HR);{2TeujIHhYZ_>3y5CTwSg%+g}27@e-IZ)%7YCQiuHNP$?_xI8c9m=8u)3Zr1Wz|95_ki4Y0@Fk_bDSh8sH6P~-_ zNYydG|4q$wJbJo~GA9lRg0t<;o}Op;y!uKwGMx}NbU7_%fAGh+!-n@y%2T9CwwV_l zNY1oE2Irq=0ZmnMTZ_D=e}}H&L#h(txK7GU#FN21FC0D5py#&eoUi0#h!Df^8s5BX z;a1uTEaKzVOuEhG9Qh_2hW4(n5#0O%UzL`K%mPn&J!;{N1hAKPP`<9_&Q{#L3>^cv z1=EXID}%(myoN6kFn~kJTl;X}-ORgxS}c&3!WRik`|+Cn!^@(9>kq2pgv^Mr(Wu zTmHoTSVIrL8+jnFvU0fFVU(TeE_`9y*9CeUxuC~^@;OH~!OAwxxTf|8H1ryqDvU*{ z1>I?x@At67IBV3F_6I>t$|A7$@Hu`evYKK8CG7L?YsznD?vD*F%zPC^5Smw=-oSPu zZl&3aKxh~})oW-BTIe@@R4c~(M5CuiC}Egd#!(4speJwJeX6C_T)roVs%pjU&NkZr z;+De5g9Px?u8Z5v&6%4H*EYLs(tCc{&#R~pLD*=%w*;Rjp1nfNd-!)hUjX?g55D)C z8ncG(J#}J8;1f!SiSyX#ggCmxD@9^*>XM`wpQiFU(ZZ|k7KoOXqM{Buy(L@G!A9Nh zo1hqW#SX@#;dzfBBI{zv-Xn5ay@h8gD?W>j-Sb;RP@Z`}ut`dafg4}#ELdjR(-dow zkkBf{un#Wn)rzLMQ8`{OA5}QF&~AM=s(ctGCdMo`zbLv!_8Ol~=?GlFKA8ZoHwB~( zcZ5s5x&BQHMgwYDw(D`JM_JQ3%l4(XMa{|IQ#(Qfzw>c1m96eql7tAnr%8J>Oc>&X zO!@q8ew?<9GFky=>O}_Xzsw9bk|nRT49}W!z0nPBYa=d&IOr=zxwzqJ-dC40-@0}` z+fw55$Fil&*9`L@6lotdc*nMpAqEsR0<)J5dD$ zvU`z_49;~TsalT4+tbC~Ov=+BbojIV?vXQLsu;$KPtb23Zeb)O=!_O1ytlkntn;+5 zK8zK+x0njqE=2VQ0=o`cXFyd^mk;Hw{xyZTiQDR0;D%P9KS-Dto3!K=m^PP|jz>4B zVYp~k=vwIq0g$Y7eN`HUKgcG2Qe;o!uIxJ ze`=F~IM{nW%KtzzjbInRrsJS^wn{Nrrn+DoU+i&fibBg0 z?Z%i13?useZG^0}hg+^8V5yJClae2G(xfrBlX@~3lhr88A+3qWiUSC1ON~PuXR^&B zF1;(EM_yWtsR}R)=_^`qPxj!%-~|f*ugjzYj7cOa$KD6AqDZi?me9f?vapQxr*x*o zr;B|3mR&pbt;F)a>%^dh0t*F9u$=hN86|WXZgj?u%NPn$V6#3U-Nz5P+LnzrnN!rS zT5)<|+(6N_f>uB;i{SarDOtKNF8BUzsEu;m#G}Kf4%LRM^(M*~b(qj-H)M(jN=)rM` zy?rtTPn>`WM3P#$Lp_Ntoh|d3l0q3u>^$3txX|Yjj^4{GMotuNY{t8akfabEce&F@ z@JNte%a>jCxdY_L4iSp$FDJkp=Y1_u6~+((G5*)Hrggu2eVeeS(;XMNG5UM+UX408 zT#@+QDs=vq+Un9;(PwJn3+5c4ti+FkBL)3Kyxlt#gNMJax8nnob}(Ia@Rk^H*Sgj>Y2z=GvmV~*Sh%c6Pz}BZeg5GO8ccJz&0-O z7<1Tz=P1u6I4ISO9I&P_?F#em4K!|BU7;_WlP2cD(E#UBc@H#J2v@65h|6EESZBPk z<(V&+v%PorMKAe{nqQ|+d6#tWsyP`(4Jf0mbJgiOjCw3@2A;kRiz7@8XH~(Y&s4$W za%jBqX6=p9E&WS7=h&f-V`^N1VFE#yEzAQ0$B?8DN9~LLOvQMQNxji8(Vs3myJqCb zr4uDYo@%tqzz_Mt#7hMR_b%FP7*J`o_UGY@Zeot?(#QWj8I11B7%HX)zXEei88w%0)<~DBJ>vtCX zrn2oA75_OEQV$r_|7ox7zvm|l^cz86mdFZE-AOC)@cT2s7y8pkgLF)cDm$h9GGz5v zPnRq;qEB3F+PQO0zxrZ)+{N2lnJ zs2QwXAKE1(e@pFk?3Z1ucm0mz%P>@)C$xQ$eyc`7df2LZ0;R82(~%|K-&%ZEpM)*w z3XdNU5Gp_RF+DXQgc*ETd28e%6Fq)kfAV>gcIVBk*f;Ao{fC^0l9pI zj58)*AeG>7D(O+If}e~iM!;rF+>CtZV9|%3EUM0|VdO;G(wvlQF$*VI#lt_@zJoY6H3c;5xu#BFG>6mFFbe0%UJ;Mra z=LE@mn1B58rRp~JJBFvSytj8u%Sd;aMp+)o{vzjzn z?Qnn>m?wZnqakwYE4$(DCl|rq1rp7Fx`x>Ms_a<#`Cq;=<|YRfm)-@9-;miY+)xL* zh{+VnWxVQ}`CVfh7S*_KN@jZRqz8Q)V3`+VnY@#%7>;VI^8&Y|ng>juBc-44--%!g zxGYmimoOxudgz81u4e26oONqz-bU!AF3Ct!-UNnUU5DB`08F4BfNoXgR7BHrJels4 zxWK$bsYB!s{og9lao^}sx#df~>A(2EfKrz{~h4Aqxmqa*Xl6 zD}nzyIGIsM-+W9}&q%|)^4E3b({1tyt0j1=)-{iNE2IVCKFYoY;U)1}`~s>rlqKuE zz5I=w=UT6#L%&b-PajH;%%(>8cT{>oas z44o1?O^4!iWv5qd^g*+hO7rMyc}rvb231EXE9z5cWGwwY4=DIx#$X13YU=DNM%{Js z+Jb={ay~m$0A@pxys6G<4)I=-FNdoFvy#67nXH83Lvy@qcZ9^9{bDQ^g1Nxvb-bsU zWO%*l#SN#J?i z?EM^XU+(N)0+$Yz#<1SMGgbCDFt^24q=h1Qxi|0L#490}3L3SYYsdoZp1tZ7n zKH5;`UNY)-Wc}Lb&*VnC+l>GpVn4L!ZL&P>jEMbYkqV2R)>0G;;e>Wf75EKikydAg zWpa*JXI(R!ZW=R6llol!#<8kF`ps)#;Rz9)n?eKT=7#NJ#Z(m6cp2SO^r*04aMmqD zOON^Fa!Yb0#R!zad3p=gmLiRWkTIC!{gtNWN;YjCG@eZ4ep%Qca8N}QP)Uy_&P>7Z zi%vZnJ?ZePq0X5nW{rU)OX)7;5NO$20?(u5l#5LXX=bB95uf&fru;)3<)DdR;DkHn zA1NuRtu8N0i1SIzb}i=iZb6Jz%g9<4rB9J%3g(SjM_GF?Ho>g+RQ`-*Qtnaqu$TgZ&n6z?H>9ygL9dfTA)%?eP4mIc!QJ&4(HHBK53yJ;Y?@&er z9?UCAHnWtDnQm0b7(E@RU#2X4HYs=ThI>rzHPGG?EEhRwjy;C~qT~g}gY(|7U_VOu zhX17lG^s7iM~Xt*N{K#A+GHf-`NG7uf#13XejMNF^K#~QnZeG4L$AF5DBC{}qZ6&= zp$}(DSry42Tp1?HS{7e<9M;s5R`Q5`3%+Tv_YXt}N>(^T^718d96vsY0mdH9a`eR&EF>X;6m?v!!u1Xg&q#J~t;v-`RQ+Ko0fSnfjK&ak1 zJj)purv#PuZx<%)UigVCo{|6c5Fb-)%TPvJ{XC;?h(;fNRh;Pv(fVk)0PhZ$1}!7S`|W@IPc3+3;dlX z3in@5_5mY>iY$y5q(Csqin77;wQ0-(>+DpKAR!4g>VmwX!_K5f0`wJhcPxf@Xcq6Y zlIjl9=|JCH z;rT{e+i4EcVU0K&P$uDX#}2(o}EFTlRAJM zc@vzmC4sQK@^@m=Y8NsG82mY*uEIhG3zeC%#F%$;s`8#k0L-CKT<19oOty-&RqSH& zH+B|Su?lZok(isjFbMRM6^Xe#HDY-cPhAmJl3IQ8O`60+iu1ztL=v}fv8G4xUe0)M zp(`;zndTrqdX324dc0iffM=Mj2k+OHDPyCp?)rttBA{Q`Bvv;4?eFFU3}2h6YNsCw z&MzT*6Ev6K;;`SU;8j5pGRKbDZ=y7SbQ5x9P?#;|B^u9Z~ zN?|9)bXJ=3YVh(QMv9MQp9!+}34~;@HQ`I9ym%aM5Y3s$GBB@VUJd~T0tVLRtI>Hu zg$qsjym@2M7I%Q2R%#%<;c|y1sb_HPG`ovNcZlr_;jkiPyI}o0Sbv;5={_~GR+v22 z>B{ex=<@;}SQ#j4>j}2Hx^>~3H7Yy%-yiw86w{N?)iV8Cz{mr;jo(6OOEhb9hlZo) zm&X)RG+cw*dd|JXF9*rqMjnbFK{w77&T4JOSTihA`nc-@QMG{UN5dCisiq-IXTeeK zTX42nk7SeT`pA_<*f@78A6NlR;!CG1Ym?|FO+u~`N1@^$8VmM>`6@#Vp%D8wO6si` zVD^RFMq8p-dfmzA7uLVcCSOvgb$8Pn;-L!WW3LdvQm{JOm^-{>eHSVbBh~dzG&S>Y zuc<}zyz)%B*vKPBc@*nP@kvmj$Ns6Pw9+V}<(y-$6ch7C0x~~9q2dc#bRT`gBlyX< z9jZhkjZjuPr_OrZ-+FzMTA8Ecn)ei7>*$|9{-6JYb)##Lm4&L9Qs`6T-ej#9P2QOFTfNkJedh|#H4n~MYvL`D z8M-B8Ii9X#(rYrfa0Azq^kv4tf#UP`%Den}#?o_6SJ+A4DNuvliRT4`f+x+B5_Sx4 z?aF99{rUt^cV^rn**VX9Ax<8Ho*Rb$Kx*t!g)!l&ZmA-C##dbSQ#fHaA6C}A>2`X6 z`emkyTQnN48iIQG{q8#Suwop!^~?FlFz6fS0SWDueQ}}#n(m>%)Tx*=ICcGJTN#(f zrIXCr&F-3wej7Sprw5-oN13;HtTqv!-t$OP!)L~PMaa}d36|LBG`zCmsZi@=x~t71 z!4^v-y#Y7!wXp`xv=}InD~g>kz6Fvl_t(z|I?~H6R+=FY?H6Bal-ZSunRYX!hr$#q zRU^c;*sL2`YKv{4ug7+B8U?KXG$BX6S(=F3LU<_C_ff^`|N6err20u-49)CD`}n)B z2odX!>Bx@93`QPgP}+x=N9R4SxT56QEnTu30E*J<4We#*m0N+>L^`a|Hm`PI(!34%1U@giJ_xm!16#VtQtw z=OIIr_qXzFPzaHoKJCVTg;yq37EYg;sVUdKIxd+T?ziFj*~tipu1S^xg`MoEW`A=Sji#iijL?^x7|XB4*m( zaJ;ldY&{9LF!;^P^V^&%T7c_HMgS)m|aq+U8Ic9QmsIqEE&Oh@N*p|iE;W@*_~)|ZcA?+1O16e z1iI2Hyc&2DZ=Q4o7uzVBkMntdNk;KFsqA#7_`P_k#1|a5kKr?4@&{9-r3Ak2qy;Yg z<)Zwa8gVxdAFnN6E#5>4FfOF>0 zwe`)vWY@oc#H%#)7k!y`8bI8tV=jV)`=_R?#`T7HgJ11z%ZcW%V%6C=95ZET9{wFf z+gzlUdsw(7bC~l=ZV!O}>J0Xjl*DIF0T43h0iR?{w1e)1oN0;KCgT*{yt?bH z4VH)L#8oseArPWg2>BuEXRX0Fw7X&O(@}!_`&4t2D#~fNsAYs+{rbCYsjW;ea>yym z-^sJ+YWTEPr+SeI6`$bB0nuzIj4fmx@Lw_xnjtoT&+jA=rF)z&M&pltI#j1i{& z!Fst;u&1a_^mYGN=eQ_y{9265=l?{w=}91X$Ez9}`J5sgDZU#}D_L@L?-c`;Vi%)- z1uE*sre)Q{K3OfbPkxeNA^`X=xj5O(Iq70_&E`SsK z(+h9kfZpcgbUj1N)`1FJK(PW94M6BkI2AbN5kQ@9nzPy#Nz24hK`cW-66`wAn$1dy z{^V;ntylc#vBXk>iZ1m_9Gc#CprZ#r6GKG<9TK2a&aPyEV^oP;VyXz})ZT##^cd3x?)Y`ZUn%!OiJ*hwL zN2VmuETKXHn&R@mxChtv;lNq65aBLod^R!Vo#>EVO?pHkeDu0Q*prhk;Mu)(fhrXD zdC`H!yui}omlN0injyIn_Ti&OAX9dHIjJpFQ+j|GtQGpU;U7p=3VL@LHR2HDm9bL^Mq6MfdHu<-N+V*PQMSrhwO;u_ z$Xd}Z5P-!@>vkP8Pxwg2oDlxq29-Wf2_o(*S|MhvxR$uDO0^A4%51ey^rb`ROXEK$ zV&d91kjEVJk)oiyFW4@|m~KM#aZ6ACJlcyV8~cGm`P|7tg*A!fT95RP#0y&E}K@cvz+1ax(@tEzjQ-txk#Om!@+4nkvX_A&7X|MbgZQDISnSt#s z9DMi!AD1brP`*6={u_0#c>j<3)qvN`QrNfyhHWTI3xyeB?7ITpn7GiB1pySzce~gH z`xhzXD!K95;STe6HjtX$(LQ~rcD7*P%__v@)VTgtWutcrUj*wVm8i#+@`Qysmo?CF zqO&`_L+C7f&1lpemQyQC62mqo%fA*+-$4XED(gA?_4=VezRi98>-8?xft>pGB@7Q% zFZ7PX5JihKpt3`FJ5zNC^B^B3CdLK!a0a)Lyg@%b6L6N;4Hfq;{{O&34DhAPqlf)~ z*9?~WlOBaut=s=b_O2u?XRCa#3J3vR&Hy#2?iL`!^J6PqVW zRA$s1DEP%JzPlfUIDH<-YMY`Vw#(`IFPMz7SiKaQe9G@pRL$x-;hI4!dkHh>ZNuw%>1d{u zCCD!qHm!H;n~P{Dizza;WwAT&Z2r|4!Ifz8%fQ!z`zKEIGFsdEzuz4HbN^dp&#Mn) zC-G$;@>o;+D-*Pg6Klz?{;rBI@^P2amfn~xLJ{FE3cPc+l8izVT_sAfP1#>k@3-IC zIEf09xuzygbO^)J;IwoJab-3$gCT{}v-8Stg?K}871>JLZHb8nYr@JTUd~%<3OCM^ z&NS>+hg z>fArv*jsN~k2@)mB((DEjh6odv15O*qZK}5pLs+p5hdfK$;NZ`70VNt#*xb(^Svo- zxh&f~-$w~|Fq!4Z+uYg`LK2tGUb1Z9OCJ9h@1DRP`)Hh++cG+zJrC_dL~snw{J0-V z>-Rz=qk~2_FkxF>V8D-dlhMneV~A4ol_L*rOAd)(kK;#A21Bhv&bUa(InTe?p@r_e z21 zjnpJ@>RiR#)JwrfX6a zSK%9gkjZ5}YbC$FuS`xOwI)IKoo0H<6ju;ag>{EdxOCTi6B2ZsmP7tg{}<8L@vJ4Z zGOclMoB)I@5(TepX-Dn_%=-%qA}%&?e7zg`e=?a?+7`?2=lMgi&rv=Z680%za! zS`0g|6ExbSISfM{WtvK_k`8ETagz(pFeRn}S?5o-tfPQ|57nx?K2M z!@0%=G4{@pcaYZ}gU@8#Po99%6EzrvY{=LFMqr&({?0;ewdm9tc5ED*+A9C;ZOFO0 zyn0#M;j;;mw-@(p^!01SRBim(@N?e_eti@alUel^3!*V=0hKBK-<^P#^t%f-Ome3P zeV@N0Z%5oF>>9V4bB%ahBE2^Rf_ik0JfLXwkBqUT>WHv$wYr&kZBa1f?u)ohv3I^h zAW9Vk*Vy=Ijtd`Xg)7{wN7u!#IQxn@#I9mt{5k6okSITiHm7>9BN8Eb;$@;%qq{LA z7#sYjviP%pcOm6s%4aHv8y9^oJPmk`9LFyRmWLZ-Pe;GoFFg8qc{P-RmHH|-=O2ii z6)_+Ntzv?_3fiOnpHI4CRepG14V;*2qxVWkF~$Ip&oNSli5b3o6^BicvdL71z@|5$39pcp?PA zb*Fx&I4(2|Wq?X%nDb5*I*ocJWx>~Sg`^bdrt=~ku`PPlY=TG(g`TiE!9 zqR~93xQM%ME=OUy43MvcD!(5KfFb*g3RA>!Ib2ApLaq$V1KIs|8=4NDgvTm)qvk6o!MKGj|t?QcmX$%oXM%TIG-IfoGW5~K*vpa zKuku)q)1`m1zYFao-Ul<%pz@)b}Teeca$>xvIn@|qI+MWPWb}~+GInD|9_lrHnE}@ z1fPKti=!@0Z+qT%On-Q%06pLEN0So_`#mKNdB83gWBgCZJpiwIi4W{o32de)fq$l;ObHa0HO z$k^*ZTYs+ys5{@+aRBlXXk_>avll@NpdWw+#TGvGWVY3eJ?6U^&1e;qJ(&mn_l0~Zi+~C9O@!six6?Yf^m!X5- zznGOt#G*pwEeVxZb2lJ0)GbVyIMpU80higJi#WPrHIsjF>d zD_oM$v3UOF+Kt<&$9n*icnJ!!CXxGzU5ZYjC! zTqg@t+GA##A6)AmbE#LlJqc1~Wn|+x*qYcQ!?qPJDCZNNeP@lJ9o*Q-O=XZWWR}Z# ze}eJ$b0O-PzWC81jHtVDWH@YIBm4yxs-7`%Z;wHjiPACsl8UdY(J763g{I__%JPU5 zOmzr=$GQ9gSC3ZE!dPLe%Er*mQ5(+skV&KBu#gV~PD@UUSG zSAmC~7WO-IQnWv41x1PL7Qj=SrfjRz-x~FvC8nb?*L2}PaLKyOTK5+lZ za`)bWV%C#Wj{ndq|8w9t@-}fh+FB&27D_AOD+wE|HV{OWE}aUN&lCS@dX@6ANL%ft zX=QrQl?|lN*n{)LYR8i48q^BAkpXR(o$rHf!q(%l z=zjDoO$qxOREwN(d5IdBDe@eJi6tZI9M?R=efI|6j+&|1Cn&a&`;)qvT>%P1=b!zq zn);|siDRvvOxSJjEY+Oy{9QxEWhHP z`uJzU#J=gK3ok+Vn0hzTmoQ`^hZE=q#cM9!m+L-G-vY_ttS!pifAMwE-$g7h(6ls; zHNkS{H;!nHO&_~5tDD=E)W4)re4vU^g1++cBi!@^T(Z8*U}CY+^qi`_P+sKv{n4+T z;LCXC=hmYz(N2&&d^J(E$Y2ATDMJ^?XOw<_wqeWGGfTa6`Byg&QD(b5BI~?z*B-v| zEW=`~$Bt{vJn^Q`AAzd)%P-~Co*%=_Bs@YOH)Sy1YR$QE&Vt=qeM)kn)rC8=472 z`q+ttyU3eO&X?spt_#K8XBc^KDMWdxkd5O#$Fp~$7c71QEct;LJ3hlH*Ty?S;>V*{ z^GZrH^=qMzc|StxA(;il#LPV>k&%$&A&k}baiIsM8>YZDBJsi4*(>ftxP7}%S$H8i z16j~lDfzu2DP}PG~^kBfjxFTs*D*;Qv@TK092kJuG3aMYs)MCO&L!W`G z?WcEAIvFl29SJ;PAut|(X>O<|OrVsV<>DXOt#)3zXQ7f$|MvE_SjV}h&Uw0neaVFw z!O@N{o}unj`)!rhIP&-xCsBdN+GKTSrso+FT8tjM+EZ1UZ+?` z5I}>HIx6y`@*9%L3YK%XT%mF>sLT*doM9>@rUhXAw_px2rI&lBFYjXr_uc2c#2^B! zcK)SbC|XX@nqsSXF^c2Xsa;3qF{37l@hq3r)Xvuvq9KmoHDFdi5nSu zjESn8?N7rO%G?3%EzHVb@OVPu7WjgJ*2SS1VZ>2u$zGFv&r}>1*@lT5G`aLSsGbKI zMn)#pJ4N6=RahjjcHsygOee7REQ69ahNnZ@Ws4q|d}AYh)5@++#?7So7<_34)VVaJ z@u=l3Un|`r4?Tj_qh(%f}o6kjnzK=W(bV?1jk8jIyJk z+mzeb)fJ$ko(V~QxBkux)WAyY00~ZK=}-FD6mK>tH0I~!9rVq=ZCv0{aT9F+rE{fM z>af!lPSipQ_aN&`Ks0orY+SjNUIhurcla!N)W4L0+$BTRDhi*$LD&c(d!=54FW%ks z*>7GkwnV^=y!cxIJUovPvCk%yO~%ftB~9JeN%=zcrw2x=&W=xr0b0=ZE_CG$RFOxm z9(q&)DyhZ5(ZT*zl_VYd6lRAbTMAigAEI4Ac(s%w+}}<9{(I}}h(6sA zG$79U_>#u!SY+ifb}$=^aOy5<@$97?e{6~}ST-qyDnW>U!b<(RV71TBp0-pVJ#UQK z$*A*$InMN#r5VILuSefgg4&2j7La~~IzM6Jcn{4+^=GlbO*YMhC+&C3-qh8_?`V#y zb$(h7XFG+E4Z~{uI$^aMcnX7Z;|Ra56XU_*ony)mf=^0gwAsVJGs$u)=wkYawhfox z$rbxmtN1Znq>R|HP7Te0zlCqbwl{DL7b1 ztr6fpr*3jaY0xqJ3p}rHmViemN6hbnqojINL<_wZ8-Ye2w`GzBujy*MMeH`E3e!<_ ztXBcgq}2EE>U=y?V+stD2hUI0JW?I76j?Gec)Obk{jxdl`|Qby&*x;Lyx6oaI{;i6 zfnHb42K9!HKVD+Lwr!V$CTxMUa(H12>rOr({wMIgm?V#gZ_ei-K4y#*G+mWv^#GMG zDABC#*ELn~;WUoN{q+d6U;0|gbDySvAnqhlUXDsolU?|($eM{&7nCF`T!FZGIH&PO zGPS-nFZZ3_cY3H6ZPwLRt>iFddtrD~3)-@HD-Gmgu*fAR^vZVaJt)D(U$?jkTfa;S z@$f$ri;47Km;dq)WEBp?oEZf8G7nB9P#i@g)Mv^nZnt+mdT__|n=DnoBQ|nNpi>c1 zJX)!P+zToGQ1)#1Sz`D*4Oc=X{!Z0hapl31cYd?3E>x>(1 z)P8tImee^$VfnYERzVLX_;@z;oa{WUnxa{E2^Csa%^G2E|Kw??p|LZA`s!nn|Db1} zgTGD4xd?9HTN446A!dCmLqTx>ZC7Ox8`zdqZa9_pOFG}Wq3-89`_Upq0kL#R?b!1z z+bKKX_R;^jG}$ly|6bWwoMhNdTv+gaDLF-0J@PvdWBSq^=kavv^n`Ay19^m36Y=3t zbA1iLG5?{RTwJ$vVTm(;4M`-o8{{PFuR`%?VB`GP*~Y=K3H2Pu!9J>66QNrN+Cc18 zM`Jw>BUB?+d_x^Cqc7^X<&MC7z))(|f)S9P#DK^DDj{w8^vc_6rfrAqTVjvi=)8_I zfV7qO$X&WJ^Z?jvwBGJVvKxfy#wxd6Zb>@-;#&FyvlP~@sBq}c0*tligVv6=Z-xi` z16h#f*#n~sIgHyyE8P57eI9=iw21C+F~24odp|1cZR822edYxVS(wWJ*Nm#Sox-Gm z+JcUxSXUs?+m}`lH&h=X*CS7z%MJPHX5z=CBK9i^)%#)CJEfb+(5o#BB}Zcon?~>I zn@9(Rd9KaI4s9yCD}uMV|8KsdsXf#!V3Muwij{Tv^86?AUqH&lrDZzZfdM0d$vT{X#L!^B+K6eQcaAIzL zW(q3r93=+O15&&u(XZjWBG1ezOcKo$_X#vD7$E6x;6;0|3tBXnq1{G&VRrkznnJ?j z*3nh|h+jP6U!&r4WLuPH*}Y)xH}*8_9O)1L$mu?68+~L~QbMgv;=(yK3a`#D_LU5| zU~d;1FJ+kcU^1A8)cW%dsX10U3yWd zZS3UeAcaRCeW*mVhAStf^D*pKXWsasyY}4758T{?6}45Bn|}%KL(VCHwYmFp4AcSE z#$w*Qc2egTv%ZA=o5S}1;EzK9zqOQhrZKU9ZmcyC-*vb^Q_+)d z67ziNJzvH{?Uoq*>I8i}Z>51?V7{@n!IKwmI&;K3%H7!;aKq&$mL> zC=vq4%BW?QCbh7|o=%I`UA*sS>RPAjJo&aG%P?aTe3xD9LE+Fh6b&w8qBAC9zc@|$ zSI~-V;SY5>220tn2e*m0QOHH&0z%x1tUTh`Bv(Zp@~5!|8$LLAh>=sf()kr9}P$ zRjciNv__ms@IMt>u;#coDv@CfugzS1R;N+UQ1#ew;XY-sP}f{wCSe1avoS;UuTVwV z+0)MUg~{B*tM);v6j_7u3n!DmHIt_9J|*;C?_mnu>hyu0>Y16C_}ERo%Jj5|oEE}_ zFh>}S&vtd(-ln(*Es_Yq-Prj(1|+K?(Yb%VTQ;lZ{_Jp2k+M|y4908sMY^&A(6}VR z<}SPnFOifv)e|kq7##Z}TP*kbpJi3E?fP36q}Rq299X4jd)8;hVGpMFB? zoEGkn{}ViVCUj>7gMo*0WqR@;7kiMrZ+KK%p4_K*W9B(m2jT{BPiwmzs3>f5!!@NN zm7-Mk`PFriIf0!JzrZ=Onc2I>A3kxt79)u#l{&MoX{u>>T>~!gg+=%(Rm=}G5V+Y; zG=9j6y5KdA$W43=EcImR${z^Rdr>BIHyfOPD%%mdkRW(T-HMmmVX^+D_nH_LzeYB0 zK@5nN@-x_ZW>~nKYvGo@+3oUjP34whoEd7c%xft~tjY1%ISLHr1o;z%1)n+Ft+1kL zjci3MVpiKhVB|<_GM}8?n~g>2!@a5Q)8Y@PD1|$c_xdCgJw{Z2i`s=Zk#Yoh=}&E! zx;v6}Vab`SlBCM?mv23OO%f@z`jW|=C{b%1H0oFWHtLgFcrFJ0XD%cs4vcB&e;Rfc zn#g06y%b!49STH6tTCdSU22V4o~#uW7~JM}SLS>%ywvrM-52ZS(EfK6LAmwP80J>? zQ+)6qW0$~e+G1pjuy^mTj0C-gh^J8oUwKNt=Ew&?h<=g-RiVX)#!r5t)5dLb5u}|> zE7lX?hLEUOCigbTo)SkGp6<{|rZ!r__gP=3mv64*6phQvCTNpN+=p*VNU>+~M?q5Qj>aOrKS?q;7#yzQpN zRgD>IFX}@+6q(lr!Ge3G6cVR>$O+7f?OC+*TSmxohV5N@yD!KqKMM6Z%ir#0B|64< z{bd+_ff4f`N3{(X*{*p6?eL>6?+bck0Xx3qF?#ydv$U-r5tp2QDp* znLlS#V!NI*PzZ=hucm*&;J0RH3qO-|3AFm#!H;=UVdtT*|ACCqO`)d({ASR9G{jM- zlwdC53m-6IDE!y+pqXL`=;{W{SM*EphR}+QB*1v>`EvczKGcJDbdP;oJq>twAE)6g z_RxVozJHB8uIP>VHmMgXhv);WXWsTlxV7EG1`!tL-wQ7C!kM=9E;Na99XQWwT-yPNB$BX*(?A zN59B@97iriS#tM9RFFKC2fPb9y`_RT(kSvUd^vK^Vi-$lJO@4e=-ZyP@_cTU1wsgo zY%T?a07tQN{^n$b5!_fBX<)&`uex`Fq_NHU->)&>qEiO{UZDy9?Rz2@;Xy3|sA|R6 zsAJv+)Ojc<`bVy5lMOQr_^9FX(9vgfUp>5bR*Vf$*B!+@c$wKvpV2(8S5bA$R5jW_ z^n)L~#%zY-QgTE=d0o;L?N1euqIh7JIS%%j%<>Ew3inxB5;=Zi4e;kn79!9e+ z&1WRH&OdC$mWYRGb8Q+=KsY~&$zY*#=QFO-+{j88`)5nVD4s<;tWsj1M z`s^q?!$dnqXM-Z0zsF*`PgMf={oBP%{D-%)FI3ME)1@s`)7>~>I0?H&Qrh_)Q~;~o zeA^$gv%Me4<8Eoxd(T@f3Ew6F!MYr^n{GBohTJzQzDoT_QuMNZZ%{+!|&*o8i!qpmkr!2)-chp73gX zx<%}?tNo72U59D^@GsOyqLmfj7&m@c3^HR&-LbiqOqYMmR6bML^HmI#oE+Z+Ym38mXEep`9ZGZx#(#^qY~?ZNsfSiDb@2N+0m5>oEl^ zsjL!jiV=aLe*nGwX~%!v6||hVFC?}XulrFxUU3NZgW{Tzg@=3Vfuv1)w*@#Us%ry> zo~Z~dvv-eA0o#GLw4&V>27=M=KQ??|Jn@z%&+Gnf2OTXV$nlKgw5*|^Bq2?UBGb`+ z6|;vjAe7>4r#irdk(_MyEaFz@nIg+W2S=yRxe?{syIptReGZbvBRvkE92XqUHr9P; zUtq3@^we2EM5G!dh8vQ9wVRX0@Ij3rm{;eY>?!fZgfSKVexfV6HTQm6m3s4a#ss}1 z47K?&jZ_WjXh@&QL#k`ym&gpce}=nbAv+zmPIqPSJ>B1LZzD^h^gga$d#8*V9SVir zTL1|ec@wLnTF&SMe(~o0%Q_revGmR19YqfDJskf-(xfv{9{mayA zS4nz`o64`g9-PEi-eZe@g4BeV6_yF#tWi3;r%Fo~FnafS)-zk9W3s2q>ZC6$@h3N)p1Q4Y{PDX{EbQ#`|LfK`iEb;%y&H6lGgzA%J?MtKRvEMF8TG(Wy zVJjEaS7E=xosAm*@&Clc1|NfjlQ6EBRlh1WMnI>hk`4h0_6~Pkh!1^Z0#POtUNn<| zU0q(Be(`fFNzyAhqT?|3NrgK7jZEVfY9&g8z#jH!-^Y(3dg$@DRR=2LB0{BlgY-lE z`MddA5@us&qawok3uC(FnQntWSL#&F0}}$M5tyM_8PBYh==U^&(Ij3LZ{w19UsT0g z1P;>$W_?E8#4&VCwnz@&s!39_G$!1|m+L5ckUdv|8vA$?Bnv#II%*nLTkcek@Oj83 zYgFr0kgV$p)^+W89k2@|5dIf+?-|te*RBf(K>`Q_kQQ1%P*kcQ(witnq=@turHFtC zNDC0UfYOVg6sgh_h$u+!9i#|IZ=p*~s1X95<^S2whqKR__uXga?04qJe?GRkBtFM(g?{TF7{>-Wk(Qgm%9bDw~?iEIC+SvL8L`VVL> zHnN!$!a6O_29mevbQnK-XMMSpB@o8SuJ7X3XGfGcP3;Vovny~+jeXU=ZmfPKhSjMq zX9!lCV2t02IF^ZmDJvnQ(Dnq*d_pb=I@v=t45+3a(B}nj8GPx8uzlt2qVp>~dy7#74=;7w zOXOu*av$mh7uiJpMmxvXS%f}p<|Px}Jz;96vRBi2+WL!yhgq;}|7&OcintWi=n3*O z9#VGloXgnu+n&q(qa>biR?^rK4P4rx=O4&R-i~knJPl**Cnn*dtxSz?B*l_?89I5X zQH!a^Q~*p)TNrE75;4QKpOwnl*?v&S@*g~`jK~XNP`>Vk=}}*dwRAXYMg$!@hoW7{ z8#08-M+?fLiG@x~s-qq@mvLJiqt4ontIn}r;?wBI_=o12e8q1uY;Ucm3{X_!gCv87 zbDJ1fIV8tTiiK45#rMw{3=Fx|b7oaZ0@uYpy7&hA>O$xK&g9S&i#rohsL1x?{IB_h zD3i`Y?IRuP(T2w+oRPO!MHl(ztz&(r3F0^se+265iO-Sw*wa#F&jj#D8gR)2#o0eS@biv*Lrfbl0Hr}Xl^rzq$a z03i9k-unaj{2h6G$p=FC2)>i1@jU9qQTyz*VRxY$Zf?G!Q8(5if2N;YCCkk7k41^J z$^?WEC2Vu->0eeh|X~*m#K^kCe|m_Ev$z)zzCKY^LiqF?AyDC(Ql>ca=0&F{M6iSE3eocVIMFg(uF1yZ=7cBBRL3V?icfBetjLt{G!1Zu^~(%^~~D7 zsb8AYdoj}ylc~UX*6%pq$Y$nv9M&KKD`UQeYky|dOCSAR6Ja>->o!@BY|o@eU&hLB zlx}=89OmY0L7?kA$E&56Tq7X61CzbjIvLOqf52O&L5W)Xg?kFk-$&<(6HQA6LYZ2# zKk){BtKRsz79*S%a2X~fT2#bSsUNbL$vldp^GZ51z{6g-*G5a~rfU?;O_<#*SrS?j zV&5F-O+RXf*gm-XSJlS|F`CRQGa@F;7@f6>0XFd~frXlrhlijdOfdWS2QvNyc}jmC zXwuAg+C->K33JUgnc-d!mU#5;?6|p6kn9m5@>+|{P9k3FVBLKcLsU}L7YijVtjF4+B(7fO}h?5DvZ+AC%%E_dRVKUSav6%2DHJXeGyqv zya#wfCtby$<#mk z{OWr<>x;4$>P_U+eY_1m=X)9Cp+3Y>%!fLSLd(qYf!1eZZiy1VE8|kwMcDcjM&x#L zt>(GNf2>_4U2i1Zy9qm{`ISjvLJ&sNE9t;DGxV`3eX9TPgyi;d;xO02ZzNI`HSn-8 zV0^VXbm#fIfuf4?4?UgVUt4ZGa~ilVSKcH?6A9MZfD!Jw!;WcxAqjA>Rugxia+mzZ z?pK9_W2O^n^8qiMQOoX(7T?fsu`9nh$|k?m6oS}N2yGLI5?7)*v?DW|9(^BIZfZ6s z5p{TUZUG+btlPxI^EN8##ayAjuIl({cy7BEj5fcMz148K_mBPVF;3@eN> zv}y-&U!1PNkV2T{Xm$2VdVY5vPG&qM!n5vjd=V6zlYAG^CV&+alU)du$D%c}#m`$f z-WSw{usm2gt7rv>zpE|<hr)p0ULx3k4NEFR?%?5?nC{gUtM+B{yW|qc~-uFIDpl^+f3!MUZwQV~)!{?UBw?&$BeUvZb90jQm+Q-JU3%t$u3Jd`zZGhnS%-#t zytUqp3%PVrA=s>~LAtI^0pZX>@?j00T86Xz%W2y8YN{XVACe)qZ)wtxeq{(uY%KnP zOg&$*Uf7|Xg6EycjF$%stv<5mJ=f&k4WT}vg7}A@+uXI*qP%g++X4r-0;&GrhFt#_zJ7Im zvLhw8Ey3Y9`u)r2p1BswgNR;!uW8M zM1iHuDN}E=1vIeR4A#^h5ZkOu#NJc+62%X48oLzjXAU3)w@%~}^w^@#Ay3;gChp5Es39V1}#(r+$`JeG>{*FIF@8^f1_O?cvv&Ee4z@h9!u-~&1kn@QmgV?o6Xn2yvvcEr}E z@a(c$e3a?Gn5{K*g<@vFGPl5A6FblpOErNSyH_8%Ae>pEX(u+Fmz1OWMZL>QOMJEEum=(s5IIE8f~s4*a&yFPEd1?7(E|t@|uDQjBWmctEKGo#N8>PAnPqeWpKfR&>sQp{uc;t zZ5fhjX7%{?%<$43Yt@9=E&8J*5>nw`bU~q{jh8;5IS7}rC9qDz)cS&$%{pb*M^35;A=Xi!*ftvOuzQ=!WfvSrdlE8^`Y|UW97yE2yE;=gG&rGPEncsTMc*o)%v)>nKUPn<*Y0P^C`98rv z5LP+EVf9_HIhk|cwV7NX#}G(o#j~^Ci@hwJ2-pX`8ourq3D?U=#x{3v!3ukdnzu=S zi}8!~hRcKHk@0_d6}HjMx(fnng$q^%+#ENc99(`MwRkOm9OS=wdR!8gWz`&KI{l$m zJl)P-svowD%s{f0Ua2BfEF4uOYnVGEcEHEWs7eh~bsl9wWFhC>|3JRvwG9$o26H3q zc{OsYWBzF!piU+0lGoF@=D9{lj%bS({Gb{&C$~P8{PHwnSMfHIbnPI>)3Sy{q^Xa& zM?3bPb^H{RfbnzLO+06?Na>e!;)geP_|f=#p&wOeEG`s8aV^+i_V~G-3!;8QO-u}4 z_?`zaH$UJ#8bmtX)DZT`$U(;g`aZoH*5LN`xB~0z2gwPruj0);zckddLu3kRu z`pxgmDZ^FYpid}s73u^C5_8>aL1JNdqclcmSL&F1tObH`vULM`&^EgaEx&Bi83u$;UR3HEjHxzxgEuDIOe1QRG%Ne+xQ>7RlS)pHbF&-+Qs;`AL*th_ymsA~Ne=6|Vt}ukq(W_q6vqM%6K+Ju_b20vV9A zf=SHSz}fY`ABkrEPzF6TJ2v0MXMMFL zgKREzgwCnHUe|kKpo?;Vm$lR1uogo`yo5u(yrVb%bkKaRL*+v6ApaXtY3jVHhuc|3 z9!}0QCFO>PWop#)+%Zy%x*sFRfpsRxr|vo9BYNQG0?`_$uM15bjNZPA*iF;dDhq>? z3byjIf}*wfW9Z38=+J9k6UO3*;t!9);A93`7xl|W_ao(XwBBghc`@`ch7jIFMfBj0 zBKI3fQBPLQMrYc~?_BC+?d@63xhl2v2g0odakZ2pT$m4F?AW1As3h4;mJgG z_5^VIZ7hjIBB($W8+L^CxM}uY%!JC!fi7gZw?m1SUWCWDI`# zPkWJB2MEY_eQyJV`9{F*T|XflrezWt=#Mb@btn@tGu{!lu6bljDU7Y^qTnOz)dn)n;|Q}^AorEXJam6Zb~Dx8;=4AZ z`Z%e4eIY5BIbh=(*8w8a1K{=N82vGSy0ru}b4arhTk&YJ%!{<75xz;eY7#Gd4hHh? zwFzRPviQ^k2f&)2qP4do+-8vGWB^L+H~~6Nm#q+ho%m+~cMC9`XbHrxLBVA);bnmICuW#{wOup^N?< zXH+mRmlh|jlBMr2cV2UCSRo9MLZUEItHrD=@_#RX`tRir)L!meh%|9geHqHFrMFLg zc85K(n#rf^$rI~9G2=6j-`VYc2t4`WuSV+~(&yFh>t>W6qr0@%#aB)PMp`1GW4F^{B zg>>iO@fN!8#6|P!pqv0z*8)rR`$^GGN71{G_`x{%XI~qTG{|dzB2UmZE3`&1yW2FLsz?#qH`A80asTAb$cJPH+`JJfHMSoSk2dIy1jb z4^>9h$&bHX_EGs0zCysTc? zNEqfyQsLCyL(jyny&?4wagxdx^TB=nzWcvoK)&0Tl8hA0_?(0PwdCWWS!IE#yVgrL z-!0LcSwFG^2$v1D9q%untE8O@5=5GELQ3(3Lw9j^9#RE1v7~6XH+qLGY0+nk`>R`G z`iT(_7BTT;_%2@febKtY)r7Ozp~uqSVmiCT#C97M-;J{e^2aFgMy)g?wla4U{cjg9^~V2>{&uj-)_mtF4T(~H{#_|qYTA` zTBh=1|zL zG(+a+<9l$jdjV9yQ~uUKr>X5}Wt)>gn-R0vg{o)IOfP%7^CZPgm?!Cx@N%UuV&40Y z?solwz%fZPDb^L0`eaL2C(>cs8j8^_jg*%Y5D^))C>zxH`r)g436zE@%81*PP!Ml5 zn#lr$VH+Z^6t2k}e5<~a=zY`S?RBSy!Gt6dgTUEZ?Lm@tTBx>L5^m?vt_+8XEI$QN zri?XNWpO$*H72L&-XE1!pX{-7)2CD0ET-EavO@v;`U0W)M1BGVc7-8e5^VAIUQN{< zvp0^&a>1yN^v39o%4J=ORjC1vmGIVpiPGK{1(7df&cwUI`Ojk0$SCa(U00%4m`qX-S&=&X9XFI7#i){zBxx<^17Qbiy3bH6z5i36erdPnz)1`+gN1wQ%m}4WTq}np1!w! zqF3Cx>NF=n2jz78W%&!>^Nsj``GOEkots~g1^V_dTEeXmQPFGdZ}mj@yO+#%5`~`f zA~ep$wP_rL5ko25x>O zn&N$Rc)J$$tCWlrZhwl)&1eEheQEBYVXE<&)YEH>F_D5^SFy%{i~sa5T~MyS2WS;| zHx6yS;uRx3gdBD7e5qD*-^awJ>N6*A2r!t3?Xd)FyT-`72HrZOMU#9Xcr6%>2}@La zIJQT1K09AIF(lL!&gbmZ7DduUnn9~7{|&%GMhmgcBIMJAMg96JLSi1u-?v+9B$=h* zp*pZV66YxIa?#+U_A14IC|DzGEHx?ul;%H(cGe4NU61K7G~~H8MU}w zX*qYDXqdDNqQ!;689z4CiK5S`CG&;1Ugab2pa3#X&qjKG zC`uT~=1|E%yg%d)7rr9ikmrjIxOdYq&!Q67O4#rK^kSU)8PZy}_3`E9rBPIo@N!vQRRu z$@^+f^Uar#RyzD5Z-ZEX4CKV&|7a?4uA%WXwLwy)Xv&13*8a7fHkXxd+){e7@}$0<wOI8Y5Y6`TC(nEzFqPk$itER)D;tUH}zIhzO#VW5;G1Bw{WUuxpT(A zTpPRf)^PWByT?`S!5$+;-`Og}_~G%j29{~#?C+zdFN?VMr%9=Gq19ti#D@gR4}UkH z&yGV5l|JZ_G7;Vw30Ik`kZ1hcx1_qKr4SK|HRd;S9))`Fk(q11rBlq-zpA#lm-_ofL+)wi z0jo_Tt~9lJZ$4(hb2Ym3f!bN1<8lu~;6G8?neZ0>iG~xX5ct8%_{aP4>sPz2Tp$NG zE0*WVH;1M`qLpkjZ%4b+;2SGS!>ZQ+F$z{bARB~&>h}VBGh$!*uWpb$E1MHX7 zVu&OG1s1afhpO4nzeILj*2`9A;LH9Rob|ENoF18)g2^R{xJd!WNrTtR>=NgrT~?P> zGv=<#lT1$_wg7u#08Crh=VOlr0pT|bu*y@9wgj-kA+9(BG~BVU+wHLjYZY76eO66@ z$89|%9W6>c%8DXzdB=IS6U^b=1Puk+sn?wEE-$TTrEkHZqR)N6@IL8iT1C~K^ zQE4<7Kr4r^pVxtoKV`nCA?Mknsl`vOW}W=ZlPoc)9}3pW2fURf|7$3=-UY-<;hO>{ zubnDIQ!l*gxUW|zYg}~Fni$`qEX6$^Qv-Ghvokp2tiYN00qj5P2O`X9KHPL8xeyWI zQKaxb-(F?whJ$$3>Gxc3dnDhv4_&|Eq%<9(6bC*yovGWPA9z?${6dDWrtaFMPjsB< zqBQ7;t^TP}7VHYR4{&fFgt*xMKpGzXy%WbQZF5j}EjO$}=6s}CZJMJdxk>T%YlfOG zN%W=^P3DbVa%f+NsKDNOkgclg4x9`AcB|T^%PkM9y6~D3`XYp5(i0Ysxh${BtPU_vFb7PC7oH(3OZs! zx1T&Eo6os~Y`*U#dYrrUNNJ2SH$XP9NW zDbX1dDRFlyKdbtSuCcH$8SFl$gC_E!Kl%@P%R`|U70W4nCe}HuPI+F4xm9;G7kBV2 z__ed0-;4Q9M&Adw6jpR6C;~Y`;^dnNg6U&F6w9NRN9L&f=_pH|xGE&A-iLSZA-cY` zR(?YFb+4`{ltWUHO#x&&g_AA*B5OvLHiemXmAhnLmIKGb2cF$nQ+U|D=3_Ma#EHFy zi>o|h_i#*WsCXe}RN7gX`KEyZ)klk0tE6M8#CEcvW=yW41AEaj!2|cUKf^?BOJX_E zEpbIL(P>Ze@9boNe>6}byBvQMf)URCR*ts|U#(7QbG^%)cR{vHiYn`t2H!l1>2XI{ z{?p{(4bzcl`zLzMavRm7eA57tRT_ZCIuL8ff+?hU>-~66j4ke+u@M~jl2sY(2YAV? zyl!>*Td#Y|oeV;U4>RO&q01w;M*Xi33JX7R<#4@Q*s{H;eXfuuL1R{ARlQ=PhP6mH`7?~b?C_=@GD$hw;1BkpXfx{hCr+TTDvGFnE9b(8(*1>Q4dpWWU0#6B<4 zsi`18{tI#X_pJ55>0gqRQbLI8;H3yHFT>&e@#V|bj=e8mN^>ers|HXF45Qt!T6)I< z@_=&AIWt{A-+Z2^r@jius@ULY(Ag&rwTK8dJ!V-JwW!bmNJ@Tp=R6ouAh4Y_c-nVA zzVeog+!0Hs^NLZ_ZcXC!}Ki>1Fxbkx)iYJ&(w{m$jwDuL77JkiHWEE=dwwiYjP5rvA}d z>R4l#CKy@Gu)8f~5`I6h%|_o;GD=ReWR~56y^T#Z_XT5h#L%I1=F@eTVr^*-Uw5<}UHNP_rr;v2D&!2ot+ z*C=*4llqLC%?24WPTTpBVoB^Oge`Y==GYkR@5*^RY!SAt?6Ut*WNdP2jmoGBzcE}E7#gp ziR(Ami4egOu^iLuHI*^X>LmSqA_c!y>a{07y0t?xqfT~pF<<$Z(w`E28D|*2h^p}8 z?PRv(YyA3pmfcsw>U839c`cbI-{V*ND=S!M`zq;nv}5}j`(SB%X~hB!uXfFK4izt74q^ROsH3RV{N9%KAkhGO z>hH}nc+e-Hmnt#)%g&qQd+tam|G9>9gzfFWGX|5D8&)DS%KUP)!QUEft2q^$O@op^Oax%pKf zT82DBQxYD`H^K-N2PNzsxBU4>gf3mWx@8;7eA2A9Nk7F`bX~lYzo;2;18tkMM8E)< z!i|)74wV84ZcTB4iVz5JSTT+tUW^U@$(dwhmgGV!3H#dR;^z$kW`u{cWs4%zPb;JC zicyiOpKEnln?3v(^&mc+#Z7w;pITlWL@Vv)hnCovA&n>xI2hhV!oAEo5z7}&&N<83p4#*JtRl&|cV`+6mDK@r3% z^?hsfcqFpo7#^~@p!?-UZ(Ms&vz4~&lNv+_uv%~*2v^|AG+`_0C_p_HZEfITXoJm4 zk!|xseBH+6e3`ES_sam_#4@Q}y`ZJ0UyeWjGs-COCTOltq~2Of3WW($!ud|@n0}(! z35a~6#AxY({!ji9%#-j<{MYtn!Kdm%P5gXubs6veT7gN==yY;14q@`XjMQo6n9SZ$ zO1Kb7$aR+*xNgQ9e0@7~L5LlxfmHcfeyVYa$Hr0i%{v}>lIz+6duDCBav8ioEmZ|q zw)Hfm`F13>GRv$#6S6;cu)dU$ds&L&)1if}|7{xX{Vy~o!vB7T05Rxe*Ui-Uxmm$3 z7QE7LQ}wDQOn0q0Oc~Jsle8ls>vFD(AnRaGSJIz%B(Fxg=eB}z&Y?aBY;_}bh2}CC zRuuUUDAJE%=c3V5M~`zHD7fn(%o8DR5=o2nbTHK8@OE!t(080^?{RwHts2Lp1f9_aN?;F- zVQI^pIR1WXOlx##|CKE?LlpJ=y?(qBSLj_axOJ*1t}B6Ot>*=e*!ueHkfPW&DoZ;p z&m|X>of5XFT;woXB->(xZKh|+cryRUbKQ@Tc2fu9b>+hk@VPS8FjF6K5=p*tb!FBz z(UCT5eyqK*qVknT?cD1lAK`5A=u6Gkj#7+Fx49&&R!{m8TII`vl(;e4OPpS-utiB`^7LWg0B`H8FFC3V*W%+W*srxh56iB z9&Q9J=;>hxyBK}E*}-yS`AJ>CIimKDuh%ZkyeQyce;0&!#it7m2AFaJ!2{s+0RXLS z{06)eJ?qDA6Kt`X0l|`7Opy;+*f=*;*Zm&YnXCUcx)=t1s{4R~Q?zb1!T%g47cC-} zdnk%GVQB0v{3!Ar^-%ts(xJ2>kkkQ$T>}kRS2>M20du_pXYxpGG(WB(5sNtYYw~%J zr^sf+@408R9OmLL%<0sdH=)m7_+<8dJo$8};u#QoKayGO3{vfmxQ@*dFLxAP<}vhJi3t3kx=-J2yRtOOf4$M#67_#T(O zmTRD&QWG&0;wKIIBmO2}^eshj0}YZc5P=xL+IC2P1zeQla8KI^kGbMrQ&AhZy}JYn zbrBCcZxRO6oqjYQ+qY@72HR}r?Z%0>UQvDWNSH!rLw+f*PA*D99rt6-(&J(^`?1`kMk` zVWXF*Nlse3-~HXJnslLs|M`MFp7yL2N5PG4=w47@dZx$L-fo`l@Pjzpn^7hW-BF2| z3(x%DkgQ3pA~=aGS%A;}3-(&#)xLVk6%(tG%kc)6tasy@Uy+G|%x-|A%cEybo{PgM zP#!9xh7IUKImFCS7A+ehSdn(p<{{oo)y0^mNT^}u5K%8T)_}f4kk3I4H_Ir7kFG50 zXz@G{W?lSnj>BhHh#Y@A3k#OJCM&}MWe*;IPL=CjZm-bq zFo^w5ac3!gS$RO$4+IJPj)6^xXqhZZatYL-RL-p@I~4b3C|!=Bm7PDO0iFhmAvKb* zXvrM=+bd3@YrV@8nyg}*kq$+-i~XOy)Ycg29ZSsA27s(h#cATrk($s_w1JmUO_i8x zvP0BHhLY1NSqwpHUt)&nPH@8NFc5t2YB^hmx4Qna+dQlk@5#Q!MB2+UZi8hENyqt& zeKzVrR9^gChYKc`y=TE;7qxO7(l_J}MN6j{eg*cL!y+o*BM*&jgKX0H&=GfD2K&&$ zOpgyoS+`1Zf|;fm9q3u4n>a}N{Ea_-`E1K4Dow_vj2V$9OU$-!OHXv-(jk)Ro<9cC zJQ%hylxS6BnYSRqpp30ed*QTLQx#A4BD?q5y}kvpMY%$FG(WBP5u z7|U41r`>&tuBXREKjtOE^z^|$zRc(TB2NE}e_#THMx2={;cbzLgXG&vLzY9lUwSVE zHQy_S=6f0B7jASNtjbx(fempda$oKEit5d8bqn9aWh*g^~?At?Oz5x z^dAU|0_D?21_?(C?d{|3mNQm#SOOh~dSF6U(fp&YFJxA#11_9>S3vwgs}!tzvGtv< zo8G%ZCnorK!rMH~EzkwEkIDMi^}FT2g0C>|gG#m8vb3x^loLMy$J{tAF;ird zpw(d>Jv~MTS2@2dHd-hMiAcX#JP{+mdJl36%+R9H(%2$wcpKYH*!!D3mN%NARQ5VO{8i%vc+Y zV$J7evP|Qv{aV>Bd;`4Hz~Y6Nn0UJ>ZZ1kre!-hRw)MC#EC&Y}5-RUmCh4anU31*) zT}XTW7l2O(-a@mRc2oTh`#KX8@%S)N%I306-m##+DZ5I4XB$TghzYOO$@~gmKgSXW z<_G3Iw#-;&Ww=}%>#nNX*g}iPQd3^lS;VLPzm5XmwPUxdrAt6Aw>T~UF1ymYIpmZy3R6`q`qxAwZ<^c9ermwW9 z*lg;qFU`j(*(M4GC%$d&#Mt^lBc6Yy8!#OfY#IQOK_&R>^Y_N%OH_o?hLO{V#--%- z#zXj9K>7g^86`uJXgP@jLTk%$SV%E%Mbg4~KcG+xqb{b{hU*`5JPH;QZ~*6K;aT@2 zLJEKDgTm*_KF?Edk*(hpskZB=xYo54c2+Z9EUE9=8f&bHJ`l}~y4vqO@ZkZt-x7ZV z6rTp{i>)J%umTfxFl;nC_HFP*t;*`%{S&2Oa|;WN=F_1MGWSATx&z_BxWtcl$w9960#rbmYYQsW%)nbO|4P=VPG3kj& znR8GEo1g~o7BAl)$nf`al68+3qCKuLoM<#}zlAnJ-`u$1ZMf`A9Yn@JUHDuZM%xNK znXM{auY(>ATPZO8dMEGkF6ijAZJ%TXi7QgL81O?M6y*(AAbdR@ZZW-;3I0c8KWP}5 zSYX;xM9MO2;?sjrEtOL`RcDzng;=TCJg&8=QKEzgt z@TJop{BW#Ud5b+&+?t%tc6@AC#sA)w`|h+4b;iMOA8p4qkx7Y}1|~Ge^rrHVSW`wp zSH;qq-Ch=~Ae)dkZ&DD$T4$1bGePw31NXWF7pUo)$Eoi<+(BI3mZV z@+dG)3X(W*?%Ss&nbBtZ)pILf!h{`oB5&k}d6i+W`LGnP(sk^{th+oyAk zb@avSp2wak3l<6shuCj-8LH1u4cb^M%xtXu-F)vQgU$ER)5d-D0d^Jv4&y`MXM_Y+ zQC5M98gd4UinN6LQ?c~xhc&+DHf>)eg`s+o)vDq?mW9~hiaxzL?V&og$F9CEp6yiC z)T{8OE)G0W(0^iX*AQ@RH!s4@qLS-EniY4Y*ARzvl|aEBse~xtEx7sSDv6S1NS^Rj z((Z<o zv6XQ%h%Dkov1cJa8EMpFjN=seyk+{!pYMmINw`2ay7>CCFS!v%Uj z4?O=oEDQ+dyep`rq%~pU%m+{6lEiHt@M;{3buxq3y zh_oF}F0o7|9sK-!g|W((Dh4&P8gzfpv!^DFInPn2>-`5sD7#El2rLj}nw_**FP93mq=Gr({}oA`#H-jH^0Ga6YBK4Dk)`K!ndxJ+E`~^;!^N?#^)-<9Sk5 z5o7SU3b16(Yv`%cDss3PHINfv*qF4%i$y5Sww==T!?;>C#srdOa&~wVm3S-DPV~<` zuTJD|fmxw}Q!>6YkFO`ffbZvy8#t}|1NkLbPO={x-DszHfq-eNtQnqNH@rA2o&0ob z=HAVh%kQ3(MICgwnkrH^kfNNM6nNQY@_wEk>_6=$wGa!Uoi}(zMXsTzCcR-eKA`f?7oI*$-idAe@51$$aa*v zN({g{>c9zVdV|hsHb$;nCZ5|jq?XO8qviu$ftVr1-EcLk?#4%yBC`6&L9b`<_QgLC zl6be)qV0mRVwwL(S+~Ge=6J{KQw7G^?(0k%2lh5mz~F*W6A(1d86rZ_q4RSW)*D2} zw)XvKX9{ZH9iz)IUe*(8ZpfT72(BIzBFB@zc1x>4Rz0}9*7J9aw_WG61c10_|C@tX zjNl*`Y2yn*cie>@n@^e-_Nq<+ZrmrBi;^7PY(y8@pNZ@F8^fKoT>VSd>@3y2DE%5 zTmxmumDN3+GfAX!Kub9;qY; z8OyKvH#!8YfaWTc@B_O;gGy}Ln?m*PZL--glr+^cJQM8_%MQ10rH|sOnEA^!&)n5? zF9py2;@`3u)GPtGk_M`P9~#xfVepY28~Nr2-f&CkmnrY_Z^MhRcf!0c&*tgO$X3s! zug01Ze_(R_L9x3cVthXY{Y_s0Qwe4etmj4D$_fybU5T4XKwbHHl^ut zFa>v@OiW8HAONnu0ybk*9|{LbHnanSb>D?yf4xr{B|gRR2Z^9zA0`R;M<+1tAZE?SP&d;btHf)k z4&Pt6skdbNx(Uw9=}_6;__7Ak*8J$W{K)gIq0P&T@#uD#K2H#9KP~vZf-obBus@J4 zs5W>mPeD~p4@|)xp9m0cPaaYh{FI0+%ysDl9&IKNMfW6K7r*G|{)3h@IIc?CMDImE z*K+BcD;K%ti;;W5r~qfG`) zhgxycHcBxN{E+m(P8v%|0h5>F{);vl)6#;N4gIzMP6y$?Ym>gm$3~-N=evaR@Cu*E zGu{gJQn-BY*FWd-k+P|)yMtVs^)| zY-V)2^dne%s1~t&{&hc8Xe@Ovlazp%H*XLc8oQ5wo?V25hsWD{bH_;AtbbGwmF^dn zq)w-G3+X$Xv^x{dPx)76&=Rs#E*aoVPa1^R22eJ)ZF{=Y=@&Kog~b3UtxQ zBd`@91CDWEvi1ZcL9qV=xr}IOJY)uY=#OqCL{^3X3bnzel85{>(H5*&-GBoaK?n<#FVD9E=Hw$%#U^bfmC3K z$8zv1jr|*gESS0<#hT)#WSfydifF7ypr zmB576;X=Kx08WS6LuYsNQ;PHMGHj9Pe|CSa1aXZyuaA@5JOV`+l#noHR-S2CUt1xY zZPp!^qiEN1DM9U7y4!G`FVjB^2$H?n4h)pYQ;lysvJ}R1uEZ8k-$~FppSvXaXj87B zl@1E$fVlQ+o>8Jyu$%?a413KPyZ`~MMWrl+ZQ(z2!3VwV6NAX{aHi=M`UkS{Vea_SJ;-rlC-UoR2=VcPS;_NVKhvJ=we6H=D|glWcfwV< zGsHt;WDGFjh;!&`^CI+DD)TjqX68Dg;wm-^TZEdzuG6z5P;#sWJO2FjPdX0iYrJGT zk_=^S^j33BPT9$^@D51=XUsA{dn(kStWq0YpZsb6K3w>Wxf#mN>{~;15Lv>V?D&?8 z(M_UcQS%JqQBem>IF|Mp|7(QajGDgHvsj-kV1Kr)aLZmPVBkXRDI+krQ;ZC-gOQ`& zws}pqjmfm9k0rqKB1WIK*>?Ae(y-GfcCQwdG=?G1%iX~3nWX6t*^ZR%*u?gjh}f#` zzB!m=(s%1{%Sg9QKlb~d7$+nHU`kR0joLr>iocRZv#C+r`-Bzsdi_DTz@Ym+SJKj0 zz?ZS0f-3Jz^?c4jGWr8?|K;=%Jt<%{_xZY*yT7!h@Pg8HA-e&Vl~n|4)l0 z4!`5G7XXGa~HU!P4>343r=%lmfh z%OUL|CT5Ue7{reeFB!L+D1^hAqtC z)I2<-=0nC~tz;sA0|BV|ZFYWN0?u+?ppp1dqQr{8^)yg|f(G*%L}S3t#4RiGCsDrG zf*|Y4i=72eW%Sj=rWNmh)8MZamsB4423ex|Rc6U@V#9&v3!i%!4tke_Kp70dGLxop z%^pBNjTZy(OlzJj$;Y8d^~+KCY13)dFYSU()fTKaqVmn;je?(cb|&010saJdeWhS$ zI}n2SRJhE+_jN8fW{}lHc1k|!RS&+Cwsr5s6t1xT1^2?=>PE;|o|pWmCdGez@sR)F zi#G@bM@q{@9O+s3mNV$PmVAyyEC_a3MP{PhaGgZi*quuKgbqjP|H0dv$3xxrZ{s7& zkYz-+EJH|T3&|3OlqHomDcdAT$d+Uz~hj<};u3JdgMBK91uZ^iXiJr;GTD!$$+Ex;uz`hbaF= zXpB1y-+T54@@qIyU1|R`MV$Lu{*=nHtN6iGidBmfDURJSp!Jg4*EcT6>m8g$?> zLkht64qt~BTp~A5wv=T%Po?U1T?p>E{9dLnsX=Tuld?6r#<-LrSpJC;6tL%2SwX3+ zdwI1C8j$zi*>&_N&$$c%Ej!iSEu>yR4}Sf!4hMi>fLeHL(apT1$Vffpx9z zRYYoiPLpzJpGnq*489yW3d!_`9C)O1COGgj zsT6a1;~o5-^kc>xoD40qPMaw2VASiXBe9t1c%xBPy7Fsnkc6D_HC1a);(<>~M#)bND8aT-YQE+;r14yL;aYdUG zF>sid@V=icg4g29kLK{{JFyozT8JEFfe2nJP(!m#;=+9EEX*caMDMtqn7o%&l`(w9 z3vR+J`z5#o^g~CbuGBJ^;qotryB)r zj$YzMxerhVI+wS!?A!^L_r~$3m$q*Hk0&2!?Mz{t5S(b^umi$2cm@lcW-o>TS-i~_; zd_GH4aZNBzs`2OYnn8>0@%4VKoKIz5hL6{;wT>3CG9{?Dcg!VPRfpjpVHxLZ#xio| zmeg8*QNLE#W~lI%E_{-6y2ix?4$Y^^u<9GSVt|z-&bKPzNOV#4bbRMuMuyPjoX<;O7q%a%Za@YUoh1P5$achy~sXFcnxHrO- zcO!-aeW`DyQq*>B#VsqkZWSWpn!} z+k?pU$HQl)lOFJ^N`(Y#v|jSlKFTl)=M7+^m`{n}xbh3nWjO}K@0zMc=e@Ltd!y`a z+tekY8J-6_{kq-XhRK7 zxxLWh^<&0HROS_}&YCJo+|7QoJtt&)tg7430l2^2opM8U6j1_SeZTu&3&nl)$TP}G z5D30&GM#tp_(_?1hAswm0NN0h>V!5$ZcpmDi9J)%r&v}LrI@%nK~_7!hJfetK@q0H zLh1zazS>S*bvkd-!TbG)obr`MKmH?yE`%r3s>miJKNU7LX8)`hY7;qq{h`9EI^`xS zuB=2FPlvs% z=e#=orUY#}C9iKZFdHF;dPcHRyDr-B@`@6~BfbGDGSfklX~sfbs81Bo0#ocXq~%Ng z$98>;GRc}M;!1|ejgt8dGO?hGRAER>#`0kXzX1?kS%@e%r6#YjgVkyb>gm70(7vd8 zc@(_qSgoTk{R`ihy-e>=@#F`An;dp`4*L-|g1OFIx=O@H+HjIfa-_pvZhcx^JEGOh zt}l1R{IhVsw_UwTB*k;Onwks)XX4O>%fqzf13C}oya2Yg?4RAxi9Qhbg_-~)QydE* zt5SUXTWX49evJ4e8rq+A7H+?Gk2K%HbL|?JN|)vUuGus=fREx=)LF1_HP6P0Bg4uQ zdAY>)R{F@H)6p5qMl!KViCEKr5+k)XT9C(d;1ut>pMO?jju`T7mAfRXuY7oYs@3B& zcZtu8LrCLnB^5>%Xv)w?SVXWpADJ+D!e|0dlDd+)dEWYVeA|t*0M*@vY22(Jq6H?E}6Ed4nlKK1$J-pQ_%ywRa?RDzPH>#PRT^YU+5 zVb_JO=Tq5AQW|y6lLlku6I+-Su8kVNX!+puJC zB%1Cs$IbRJtnGjyWpv>on^6lZN-{zR^jD4yn;u_7mjPe@CP5M@*CsXFg1D zhvby_O({|nCjjsqQdk1Ck}Bk>01~cq%+mU*n@q&CBJW>zqB$+$M(XG9*-3ShcSHf1RE;rdc z&+ERB`rIsIFzfuG&9NZd$4Kp*SBZV3C1o+MnTnY17@uejF5t8}}>>Sfx6TrdgYZ_Vc*b508 zZ}YP~ci~%Ltl@P%NIo#_Qyc#im5bQ;Pj~j9`C_g;z0V1|MRLVCPPN9IRSQhbjjwuf zU7rO^aXO^kQ1Y^_aQi(d+4!a~`_KPCe&*#dHXtSiXc?G!Ke7ysf}vl+Wx8mcCoQAd zU37$BV;kii=d>3R=VWkiuPIB9GK^G9yd1+fBeDIPW?|Gf0a;*8fwJO#!a;Ctlj6P> zs6BS3O!t9$h8hK+#f9m{adryQ!RP%V_oYcoOE(QSp&d79LR)l-4C18Fs5=V^*L8XC z_!|96Q!l*>094KwhLo(XZf}fCc9$h9>Hv%ZHg1q-EgeegFOCim9Br^KX$a zD!@CmD|0cH+r>g)yd-yatoE~1g6Y$%;J29oF(q@Z zV96ADi}33#YRq2X^iaYnmJ1aqrsSFE`!l>>z0LmB&sY5S_>ph;|KrJ)YAHG7IMU(0 zD_WYRoMI<$TkP_<>BAog%eZR;*YMzPT0l6R@SZN$7OFwmlc9I@G0b~KO|2cBuZQ(a z+$NvM5{*eH`>@UN^>rGgAhR5PpNqv*_o|Ee4}8@eHS$2Mi2H@uw1)UHVc>KjwlYMS7n zOf>rjMCDr=ySU|^&iO0(36F_Agfr4e((!O+Fidas(D`_9O334u%ZYbgk0+Q+a9bT$ ze-vr*I=G$T_qCy*#)U>`cjS(V>|MDh#ES9=iK<}L$dlc+H;&#v2}bUmb~*_ufltLX zi!x4KP09v%ad;}Br&Hg<@pyJPY#jOK?tP*I;Aa5^*SL(ZCoqEG=}}`poVCtOrWaRq&b*hEY`qoZHycI#pEw+5Vkua>*-Ts;6q zGFNCRRCfD3%h67+5*sN6k&#iWOTRnfChva?iOb^4+Sh-K;H(tZK7k4MO&h*AKP!80 zdEMbzqx3l@bf&t7Y-5|`a~LquBdR8-v2;)tlzRMK*zwm%OezNQP*Sf(j(mMvmF3=h zGIoG=O#OuGx0#X5M(t{j&9%tA_5U{@SHn%1s!PHLeXXWSAFFsS?}D37JDuJ*0Hu(?taPQyOFkt|xCCgvMxSk$8{W=9qv#=SuM;W+K? zm~{GW2*%!%`+b*6RKK}F(f>Xjd3m~zNJX6oezRx8GyUb<8B zvhkspJZ*M_H*m&IQt~6HAM}ZL;z&;iTR9OyUQsb7)<(kLEQyOf`IFJM(^smLxs=_( zx<(I@3D_vQ{2XFo9i*<-0xEN`8M(a$P*>T%P}fm_ynNQe=_(Y)=C@y3Qwk|B)p5lm zPd>J}oUIk^E|U=25}K;e;w7s!iK*3P^fqgLv$1Lj8b9&UDAjS5v0!zl)uYunlEOO` zM*WL$fbVR;QEaH~i&zc;9~Y^(N5<|RhO7k~e+*|xZ5=LmwvnhW?HhhDcy9ZYWJ?14 zOYp}tT|VMsY?84_BXmNIVN=h~=h7u9k3=d%yt<5#xL8R1#57*? zfV`iA@3W3#<_B>1Xfc?XVk^v$f*XwsSO=a1JIBI~L-k_MJ~bx`so>XfO17`wIzmsi0up z4x-)Um~Ns!Sa;UKyMuKBU#-wL`ti%0iuAbPK%I#G01c|f&n@;SSprY1g1DzhuXin6;#Fh(Vf*};_LV8c zeP%dK@Gpj(DFh4z5>IjJTA@;}SEdkLNcXaF94;AVtf4QveecKHRFW8tDbCKhi*u7d zHk@2!3v7&^33su_C7mlf^{Yes%rzhN2FjT&Tn^@e;;s<&D(H!NVCEkMYMa6FX3P@ztnt24KtBL?vNWD zAh^oyE?o(zPz*s~juQgBj^%YI%$vM6SzP?R)MVM7fjKQu zm8Ri`DI5CrpL#0Utxc}zc8|%$moeYu($5YQ&34FZ6vF+m>EA>wH-e*LV`_&M43Og` z>+8(v`ppyN1&adWl)^hvJf-WI_cG4Tkcwx{{T7X#jvw8^J)y{FQ&p=-28Hlo1(z++ z<4>3JucCCkt+QQTYv!{atzv-O|F~*QfmQkeS;gc*_U$x+78FJgugzrN$$-<+@2t9` z%?sNi1fN8lcxK}(>jM>ku7S8^GePpZOmTK2?cWM(OgV#`_ZEAwcx#NeUaunf1jo^W z7hNonR@0}Z4F>gLv~*CzL{X7oPX?ld1+7g6>9#Pu!wnB{9fg5J4uhfTH-C9{!^LO( zW(Gf_PyY-!HbPbIvn5r27Z^W={c$Yx>o1AX`!9J`58q~9Xqaa5>Y%XHM^L~Xe`1S# zi~gya9&r{@M!{@9=Q)SISHk7X`a#?u;bF5+Dr}yBt6&1!eJ@T(9pVoXtls@oLLHu?i(AaAWpMOolKn2cWxo*6w_bH9 zPy8jcgxGK-_9=@-N$`I_q1)e}@O2(z6Q&g5fZP)XpTD67!uAJihZhi>VGV=jFQCLw76U3;h2rrBvsyE#$8>-o+VKhwE_SU!o_^gIyJ zA@(%^5}X8Vn3SWzsD^esBrso$O&#arh2w2%^9=i>Q=1W-S^|fE$k)ebI`)M3il=!Fag-}b zB?cNxWjKGpG0-ZyboduA{{){AbVW_6XW`B8Jt55c1#sDz0qoZkB*k#Lu&(BI!`?BH9yIrvsp zpy?g&Jo!TtSQk9r8y=2AmRHTJlN+Hj2&~Y)oNyn6vv6k*!mn*;B z-}ex69yz-&>#x~5-t|o?cwijhtXKcSS%*LVOA$&y^|oe+k*>Zl&p6pPRT^x*J}no$ zJXg=hU>8dfG1o`R(nlvYq%k8q^pS38(Lo@*qo?Q5Bb0Q;Z<9yAq&F!TH*}u8&#-F5 z_{I0xO{tIB@yd0sYO<%=B?s`bF#%~58T!Q)MtUO&Ghdm>`S+wgGGSQYGQ|PIl_b*= zqqjMdBUe>!v8qyIH+!=n_Ob(18l}xTs<*94ncn_|AX`$<4s_eLKM;dT$YY8**mZhQ zQP(Wpc#z|xKApcuCbFZLVlwzTFT598HiBkt;))B`%l==qfWs+Kq*_pea6ha}Z8_&U zc&8!Tn;VgGqN|pjt1toF3K-BzP<&7Cnt*{35W~Aq6iPCnJggL zF7EH#_3+tVznBxJ_c@SJTXPGSj(D=RdwLtQ%@zh8mWd6pS?`K$!uG&0Kk)zZkbpqS z+EnffG$)|g!YdIc79T3h-MIL(6nW<`m&%B?yR%|5QlyS?O5SPkGRRonx9@xs@u)gM z`q6UjYlg&;f%-?ZQp^mlnuY>pL%I1|sxm-?@sp=u~$8DLf3`&S!A9WH{lCOHIq z*?w@|t4_j{8g)0be`|+b9nl*$nuDg@@5ivB9Z70Ys-G&-CCyLl-A89}z1&h*pqG2_}d@W6B|Dd~dQSTPE!$T-yH3%4~Gx|6;yWSkMQY$uIxgPcvzI!S_9-MJsCg`!g zo5){Kx`_yKYZ|ec$+bVlncHAWxl(zn*v95k{+o!;CJd)u7*p>KXFF(g!K?<|_7Rro zlW}+Zkdve9go0ghBR92(J6ap1>LL$0rbkrCgRz(yFEWhwLIJU9XI>J}ieJCuidhy= zqlbw?{Hp=-hsHT0%B!1cw{Cx~_Y*F3_~a>h$=Tg5!g#6DV?EBcVI{~K(Tocn7ohk{ zkB*C$d)0hq5S#MekYd#sVw?ZmDDEZhklE%5>c;KdeN8l?&r3L}wXC*EMZ=S`f^KDG zYJXh^$iYPm3qedmGgxx4fC0K#x!0!}h_Q!<%$pO9R7gfthP!6Q=Y}>HW5vDPKagkL z(DreOazJ@hE7pyyT+q;(9Z$Y+3!0-lmr4bv{W52g6G+$0lK16XZUoD1h0%bqbT$9dS+n#!Z9rf)VN06$2-&`77V6$ ziZzLWC8lPO(vjX-oe#Ajpz7-?;t@Wqj35;SdfuW@tUs4mthR-irpX}S3IRjQ5D}b< zcaHg|*I9V|R6%y2%&7C*uPzpi9zARs(!l)XnxE6}069#D965y+ghOoVcSFCYJjayh z)ujp3Y?UNExL;?^y`$zvZcn@bB><$0d+Ivy;B?vsoKpv&z@0k}^~6+vZ3 zOj-j;f1TUL@ z21JEJvn}w2M`5W9si5tOyGZhme1;L6k6#=YtFx??d5{_?UdUC@unyA?844N4D;2IF z{~q<450+#EX7kEXhP6#lTJaIk7vgkN8hy)9Elp>6VS6`T6B*)z&##VEyK0O@ds=h) zn6DTDgeuztC?`ON=G?dreL+h+z&)9_oePp+mJkjka^;AXA zSwEBlRaQ&#+mL%>`OZe4k+4)^mnZfzb@~799|Q914P6W%9!}Fg5Jniqyolm_0rXz8 zek~l6FSERB@u7VhSz@e{4Z;CCPE>$E^U^x!No{!RTc#RBxC{U6k0JGC@~8RvF|*GH zWoy>)Y5*qy^ZU}_pP$H-$^m|&)oRjG^Rc$zOj6Fk8=l9>lj!gVyI15sHy3(wc0SxX zpQ_PO@(C2|GJty}koM`QMGS=>)AWViasaJF>TJ5Mz4^+~LN(74bv(v+?{r>=U0+6S zzG}aD7Z?xIMonDdr8j}MquQp$&UCoy4T^mPS$@B6g16@n86K zrKa;YOCsxSX`c`?uu0QB$|vwH-VD?}tT-$=S(k8})5%LtxAWdN$XNHGwiTlsR*C^5p$3YdQZ3A$rV~jRN!bgdZ5=R8@?_pAY-k;W zYLS@47jTH&Twr3GHR4qtZFqK550a5B@=UesF{VN$&@0BK_gW-J=^)!dC ztLrbVhvXk9#0psa(xxWh`f|uU9bdp;!vIs^cNOd_uR+NSWXW0MI$*A`shG9p7%J|X z%4kD|#nq$5yh%$HNs{6`9vN={6az8RETKiiPR}ha#&|l>9|rh0e+#PRDRTGd^NZXP z1G?T9XiUna^3t~C6w@t}A|DyIq3YdWEo%LvpXcX>{1ds%`mC6xT*%Rwu07rN#Wp3Iu1kG1c6<=iYeUO~zV^{T}P6yt1vlwXCcGWoX$)jxzs%{Z|ElQ z*V(#BO$f-DL*1i%5a&kcL{2&^2w*sHppWA>lPw^7yV5X7x*9j-TTE*_;QtSQ{-Eyb0aYnXu}|pvSzf?Xdll;-BM`a!%PvO#tRPdoE#kv_tsF zpfi`CA3!-d6mK$+baUI+gf&-x-#OQCexxhIDikK%lu?+#AekkpZGh3Ngi+{VH!LZp zE`e?)7IZUl|JBX>h3Q9h_lBNBZkd9C1?z}#2U>=u6<&E{kyGMLwQ5T03~$DB7xlkE zRX@lp*`*6bY2T%uXA$BHv8LsfzCNL@;hCQ9>yb8F598Z3Tm}a}d|VZLvAcA@c)i=$ zj-&WEd#mC{a3|K&a^G-%e25mYH}zPvjti`pM%lHU6R7s(qnxt;(bT2&A;Kg5JM0p1 zW7&Db7Z5y&V2!YoW$BH8-^u);E7s$^Z-myW{*yr2I%`5E=9IO(Z4@(;*q0#1M03K8E<+;soq#WoSpO|Ca6+zQh$7v1C zPW%FE*wc5c7b&x}eC{ck@HKsC=aE+0GqI$e9$n@;earG*S9PY^ZdAw4{+#4^`t|s4 zYt!qO?t#|FGkO=2>#0Z1nCBk|ApZ9TJ>D+_2vO{b3kgGdIggWVbKe?1@KNtn5lOad z5H%)pHPsYsAcjroMk$e)rD){AKE#Q4M1}=o+6LYQB!^L*>weZtP>{DtSH|V4`!lV1 zAXhew8n4JHtt)TAzD@e3cSg@RY}nKXlH90os$&85rvj&kIp~V@VZdeZ8(aApqA(`L zd(Sm%5*sPT7GFFpYI+f`fAnK%Bhyo}Ff%W8o%aWib^uq6w?pnqRl~QB0`#XF8>otz zObZafbe{$YjnN+1AXlbHP~ZvHM;V{}Wbm?Q_Yqe%b}e}cueG}Lb}=s#1}N&69uzlWgvoGDc2>I^pysyyk8!+OOJ_G@uYc{3knGFQ9W$Wnvmk-%}WMmOpoqy>QbH|rP# zF_{x^0K2;0gIp~a>y^0{Q}$mJeuTh}f{SN0uAjZdWnmx{6Zyqt=16rFmq!RPm2cBD z96$42OCG>a04I9}&oV3{Nk1pJ{y^rIZv25XoWtEC(aUowVFnfb&z$pCmlYDxw+x=L z&KrJY0_Z~z8jnoz0`320P(ez`G$Rh01UWamp#=l57^>xaimYCuIhnJ&y5i1}5*7%lX+X|7Z_L(*QwjluEhf#;>%-_lst_^E^1>g8PR-mL;tzxm zX@zpBsO~#2)CGE<~#t*8mx6&UzVKa>RViqQ;-R8RhN_=?KwkO3?ByaBWXa6E$XB#8EZAop}GIDhc zz?38U<%t%bV!!oGv0Faom21=$ya;c4FQm<)yDD3PO9Cqnxn;xt2jaT{Y6swO)!#Qp zpHD_jt5x@e-LD<*2`(|cwPIZzt0PHqXtdCd%`J9f+jd@c2_Wnbq`Py?FcuK=$9iYQ z-r>(J&ASad(~a?se<1rzczQ%-Cd{#lmK`8w>T%RyeNRF%bVI80eqmyC;=F7Hd94M@ zK@q-IRyXL@5W7Ry9vJm0K1~$;1~r@U?2SjJCT*Iofc@q8Tr+&1xtbot4Dr*>U6CNI z&n^n;jQPP{Pil3z+`IAABUwA_%X0)bIFIZao>$#k+G+7Ge=Qk=9`tJU4n&0I>TK

re9`;mpr_pptpGnrgB9BdlJG$+*R5u44pUVTt9OOLcn98}EN zAMd~$)_@E02sl@xkzIj0@sw$htQXQsfW>U4rt4eB9^DvkX|FX(&EE>sP(PkY zQ7S_7rM8{xK_Lukdn-F6ZC#{y@qdx3A$I5h!?+k`5h!X@k~)C&QjHjXBp z9H>J-a36Kl*^&1fb@<54<1v2nTR+C$`*^Bm%O029x%xFsGHX*qRIeBwh7hWgo~GGY zD;i`h3U9^zFmjzb^5(Yx$_pMgFu`p){uP&w7zNZA(x$D5ZJ|1FAgx)qEdz!^8fOBk zA-{io61h>B#|S2rLyKCC_Q;}u+8wvwSGHftwwCCugW?1lvdUVFc{w3SJw=Az{?z-- z*fpy@5^+}Fn>+g3=a~1YS7ppd?YB3Khz#+G8}&QqsSs@g|q zb|T;E@me_t)E>*t<(5o!C=?R^N?C<8kOjc(4q~ex{|4tviv-v)ZxOrA3_zq|qpnzQ zA^m3nLvQ8zRHYL+J~KvkD#Hyp-uS-v0>WW<{l15u)|h6~NE;zav?6cwMpyN@*UBT- z29k-k^Tb1XR^&$Fw0b*XPTrqypBK|kD**?m3K$`l1MwRJXu<8}&QAH*D8)l-VYHoY z-PcoMYIXV(#E-#REf~!(8OLNf+B}(lLRR&&OE1rgEJCo+L27zLeP(a)7LXJ8&o!97 z9Q3|rb#=0m=iBd*&e{ys4h?lPcgQv)Umr!K!A6K=oz$QEax<@3qQ<4y{_UN_==9O5>x~Wnz z6D!E|0!ApE++&KCRo?{j0?KTcuxs8Ik^o@Lmq1T(*w?I^AO{3A_!Y2&BP zOIJ8Ar%MOvkA0xX<{9fVc%})4|O@knh)_Rp!#R_Eds8`*tpOowm{*ooQ^o2MbmQM%74t*@BETN@R?+XAF?(kvoL?^d3#Y0rt>giqrxzl zYnerZ$sGoUjM^~nI{{Aq=Ru((Ko8FV8vK3lZLq~>S%T}~%Q57=9b~u#w)r8&*xm!z z?BY2obVsqY*(v8V}1h;#&Ij< z1TG(DlHtdxRPy55u_in``S@brw>#g4M~|F2%`%mG&*=KOxmOxDM$HQjH0#xB z)DEP{8m&5$nI5E0>|&&-yoHhhQ!F>EhE} zoZeTf`{bq$nLLU$xSAPzPMQ08d@Mub6kgSNbFC4%eqtW64GRIZaWTYw01KfDTUhIR z2)yj;;0?PWJ-YfCDtWp~PpsuZO`I@_u~|p0va*`2ki<7-Q8jPm9RW5pWp0m^v}cLLhF1zTp!1jP1G+83nq>u_<sdf`mxd^bdmo?Vc7|Hp=#wo zHYP4peX9v@GCL|VQ9_VqKNC0~w3>WoGS;3sQlu9*##9t-a1DCpVKmXxMq(elavgWe z0HC{q*i*JxhcRK=7l2*+!o=VGX0RLTJ5L-g@*2||Y1@+@z!en9eUmdbf2nMs)yiY| z%H3UgsBs~~2Oe54LlGI*{Q16HODW&cw<5vkd9~W|&x>VhhtD{;3nm6WCmGF{L;v>t zKKQri_Z$VFR%w|g>^6S|KrX=Z8$cPE#JTw$>V-^Svo;r*pFBEl!zOgUEZw(5G{ht;dt1pOn6@US^cu_R6$TfDI- zCfy@hTNk7CQTd0|74uR%VTI-AT^`pdCX?`>I_V;X!pz4YOwUraBZTIq*d?_|5L z621E*Gs8E-BWUPWoiM4e(T1~M_$FyKOf-kA4^QjuR5_hdi*9wn-vH`-5NI%qiLsHQ z$ire+v&iOQid!zOQg>Hf&rbE^*<$0#XKld%9wIp?K}RR8`9KBqCgMdg0hze0kqFq2rNz zXHB&@l3C4$cpx26s7N$%dTIjn(ajD-T>t5#1FD&-@$Wu5Xt$zLiIJ3z8*wf5!hK#Y zk4_x19(DZQp7DTW_EGuJw4e;MSIeWDPIwC>%$5Y6@nH%~zqV&9UxEqq*na$Rs|o8+ z#|foI+a#Hgkc#QwZc&K!+f=|H*`^X`Vq2pD9r$&NP2AoN;7EHw?8II0af5+%SBtHj zh6!QQZ|TGkxqOeamhFNax7}6NqTlwA44aXx6tUTjEJ|hn@*B-A{in#Y?ya zG?$t?O-n1cZdFnI-i%E5Fy<=x7?74K)sTAEu`e>h3K>l&%_06 zdDUl9=XK3uTyybh{}Y=JEW;I*9TJoR1(o901JmxSF|D)cA-KR|Z=(@tUjH~@@Vloi za{tX8vs6cGnUfA7c^7Y5qfE{E6plT3SX=r$mMyhboHw)8FH~r$>#4ux_VWSyu|@vj zA~;t?enskEw$gn9fp5mn9I9Vm`>V@9&Hbsn+Mxg*+&jzz!ax3=1ES+SPoTEtZCaid zyItPsaGP_9O}4^yD@(m2kykK0$**{{+xbSQXDGNyeE2~1`h2mMi+ud|Zku=6L9A1z zNw4`9HD~NzsT1a|`t$As8n1092D8kMNChTQCq$({P|@0|d;-C`)+qZS@5o4t-7ChJ z&Kg~J-{>H4Y&We%jKe8O_C7j+uJ4k2ntr%Ek4(su{QX4s%xQN6&!NFNX@A5%p!M3# zzv8!=M!*@J5U5j;?ZuUIm*wUeJt3x>06$xMk$4aAb9u*Pc=Na4Lx$cS$AYh+%w92z zH9*drn@b6KZCILd23%DF>58~A$7Pm%5D#tzXy>FNUl zl*IzI>M_IEh8|NX$6U%w`#YzlOdbb+g655#RM#QGoi?#yItbEE%MX^Rjf=`>AGZpp zntW>N5c3RNWVtIIH z_-Gy#lE^qOTTKcJeP#-sU&^7lnZ~wu+^zrm=)w1E#*ZG{i|b3{;0nAmb`)YJ?`Brk zy_x#O)a;X`v+&*T<(C^?6`UtN4G2jzcP7vg;1D@RM$&w+G}h}-27oWkz#J52R3eD* z0rmWJ|6%|K*)XjB1VwMHg7S6zjYrM!)WE9vb~@hXaiPynL-$B98K*2GdIe44Ftt>djuN1ko+bJh?jgd9uyX%AjPFs7ax$$o)C# zUlELH2}Wzy{yxZ+OMiFz|E4Vt8vO)7kS5Xz$W2L99Q_Xj+^@8Gx271L^qbE517qjL zWWyFY`qkqxnc9AhA!bnO4ZCvmOoEX_tR9ZAxF-qZD(jEL6u~x`4f>e_fq>?D@qQcp zTv@^`*c}>3ra4_7O(MjgVeilq)nu-hcRHK4Uoji;AyBdE>)}$fH`|yJo?i3j_C#iw zZC(OyoLIo&*n*qvSpdJx-_HxP$MV0Q*C;BnwVoBsskEX*Ssn)?h}^kJngLs*^bM&*l z?^E^?uuT6fqS_ z7M#m}(+;?%f_?VpK?|4FP+QNev+_A6hbupZKF>{wOL^ST01$T_t_K%{{cpsr+DZq_Y)TiUpGOE{%^H{c@n+bw=J*&&pDLa;-Yi)GF$G6fq~H@8uqQTceq|aSP9=X zV=EVv)^RJ~-@2ErZu;tgS9^*llk_%h}d1;XYhR}*bM)p1f4~@0Z|ibYJ41i zbm0cFxYjKqs?PO|ptvUYkanxPJC`!^Gtf#;bwn@*h%9KPS7q5v<_#?VYKcFaatqif z^(+78cCY?_4JiL@M*08izo8lEo0M9hP#WZaK1}@b=}Qe#Nxta4x!0BWx>b9~!y|)Q zVzRG#0B|NSI$7jYrX>%LMRrZ<^mw@m#wz>rk4SQ>j56+;zX}+hSie;fx6jxHj<657 zLshejB7XoynGOkffxba$1Rt?emFzo=938i6n=Rt^kX8O*#4+;50AO>^#u7_i+6S#8 zMb77Zy?<5KN_vV%IMf6y@$mL~+!GAE#^N!N#^v0K2N4aYEzD^_@4zOpF&H)vUl-}c zEX^VgcG!6kmBuiM5&BX~Ni_`KGjYFo?R)z-*o`Fd_%{7}n$X5I1`5W!s{bq&X4&Zf zWaM2^PQukN!FG-ohYT+DMcD(#l<;;Su$qjWx9MH3^UoS{)_ixtI-vbE%1-M3d7p?^ zMp7IgiAHN3!%^oz(x>yroYrP+s)>D5(0MX)V3F+InxJ+VF{r~P16f)0joerp{sW<# zumghN1$GgO^xOPJ@!D#uN!Ftes zZB$Kkd^@AIMw`$#lJ|-Lk#Lj}+j*&~dO)tkP3nlgG$>nKBqq&eCAp1>9?^qc*vedL za`Ar!`lwNp5G;Tj_;;cYjx0GH7pldG;}pJq_3|q1x>mkD&zUfBJ`U@_1TJ@#Hmf_{ zA&AFuz|h$8{H=VQMJ2F6vrhUA+1(w#;GX~2bMXXJd)pUu&;D&p$5S$NKlxuSbi_;{ zAZD7jfp+6D;|eSsn0SGt56)c`QE=%X5GQg&{x2gCh{MNmZ!m#X%OS)}i*x@1>U^u1 zR8^0>M1N7qYV45B_R-tk%YpAdGHtgr#(q)Rfc{@3`y|LJ_ijRL9|089g-qB-9SN#8 z2^)mIq!5v>Utm3PA@XO`$s5Va%@W4mHtu@U+L!c+@L|R#F;%jBeV83fp}mhgEWyn- z=B9zjGPCICR#R~<%}rb~#u2xxU?T&vPGBHDGLKHcuivAd0?`_neM#_E#T-nxSEW8A z$2Go2dwIJ};W%xUj`gvAv>N?&qMt)$U1{T%Cqq!0*cp{pX5ennk*65@P4j;w8HTN$ zb#a@U{+B1+r1~XhW$6#Z7(`Q) zY26~_HtL+}pXpZ}J2bv@J>Ja5Rw_QFp<(P}pp2l97Lj4d3CF|f6@=H(w!?X1JOo=`T21rIodJ%(q z1Hp#bisao4%xcPu0MT2>e~I}%FX^MNQr``(Bo&mAX{RpK#q9Oh-#$1naEvNJf`_a6 zrQfv%5paW z3T_Cfal%m{+pkFmF~v5H6ORUP7Q_0yrp`={PS_4QIv!0EiB131K3fwPiWfwyl27cd zcV0BvcOH36oekcWHbAX2*bjeaWeW5m9It04%TS|zb7}tIOwD?`O&G$_FMj}s?0rYf zCi*DDW=SQM^su~)v6&9SQF?S=2(N`B2(hgI8T z%n43yS0l$r{zvF%ok}u{GK{%012vZcrHBD_xFw50PF)fCSQxvmI2yrt%S zV-Cl(0S4Xs&3-Z2_9H7c$J`XP=mq)e=i)Sz-Y&AgCd);#@Kw8^^P~dR+>Osv(veGX!A7d|xIf>#k(1o;iIo0S{{KJ~+&sQ!_3!0C8S^uId{7Hl8AVVDA+RR-B_({?{0>9LS zpm7CiPwf+Pn`@VTt*)Y#o;aj`kG<)5onJ=ga0z4&!u%{i5X3TTv1O07WiF5$lP{)5 z{JQr#jmt!Z#|Yv}{_)H!Zd!4dcWYvggau4gB?PraSh-4k>}nq&r=_PUnRM?#b<~qU zc%9m1E|`t3PX9cXy;TeNB@2{F{l65Q3#j*6<-;V^(TMBB&1bA@uZ<#Nv zfWf2HG*ES}e1-VmGTV}^bwOOKslz87FRzZ6eQUU%7s>X(Kai!!T=xGc1auyJA!C>6 zgNfBt@!{rKgY%Qt;iFq-`??LAf`XfTs~8rodqlQ6=DabALf`zJ&g+L6du;DVq^$Ur zjh>E_6*i8Jo)ocT+@OQxmUR3~^xqaLJIsNDYT+lnUyRl8evMmr+96&0>M+h#6$Omu zrXmZ~jMNrMg=3~nPR&)7_BIQ*)Wkh`#Vpiu_^wE-0UNM8bvfLLCoY@L_IIrJ5UvVB+RSFWx!}HtL_DVG{d(V&c-rU zBJV5bjiSNsKM*#=%phF~92|B4B^l~MsV6YyYcy7iow+}dG1av{5H6}S(F7T)Sb}l^ zpP-a0aPJ+eJptM-efQAU*Q+*j=fhNYH^%G3DBeKS5Hh{C&-MpmVgcElpg7@}Fx|2s zUJC|pNep+3i3VJwxH;S4fZ zHyBCq$vgt}CTRoca==?a_WJd8(wYl#IF9qfnI3Vi3C0T9foA17Vw%T)y& zlhq!Fz`J@6Div+* zW;AF7&R}fK;|f?`Ka~+oPM(#a6z`W$Lbbwj8D+;;gLCz>cS9uu5S=tw$m9{!+4Z`n z$VE$GzaUz9V%U>e$??rWcO$>&YRaf546?TkpC`xZBmotCxFP^1kG3jMP%CFWB)lYFIt0>tuj1Ylo&^mPJmp7x`~-7! z2i8mjU8&iS&}aO6}KI}}{;z|?`;0!gcto18T}<~DpkrEbGdS$G=)U>ydm3<~h) zO^VByHh(wJaIcRWmhtle(IUMC<|W(y4zAxkbn<*7PO~E#az+lj#=ix$aD~jL0g3EJ zJ$#uR?%(9qMH*%Htaljtjol2Q-_MhJU|IOQ< zvWuS;phVA#JY4x2zB{DJt9yA9K9K*r6gSulE|58_zc3G)-OU5t6j1(?haIN28wf1% zkwpij=`~ClFU4za2@ccV^VC*a4OO40@qtHi5KqV`x~V@xO}~}P9OaF+uIyv>d7i4J zZ4}Jm+5|L$J7U0y_biL*`=alrxs_e#rqN^tK0NJW2JT>zQ3Mr4$tHfWa=GsjUCGtf z=!Vv#uhH69wJ9(h+Goz^HNAt7y)(l6bJL~6YQ4`big$oLnNtXVg8H(XDf_lvqv zTCM}N&Y1lq|J1ZC6;=}E7$aj|FG|-lWBLJ&PwPPVZNm=9i%f{y7bu`|>XB0z+z0augsK> zIC$>&icq@6FWr|U)sl~tB^7BEv-iphsGa~05HM75z2c+|O%>xD;up(JJ4otQkV>q^ z@i}J=9>YO{YA?AiEO3%FHEW@G;XwHH$rMFea(DB*06{RB4E5_?UgissCfZ)Tl=B(Pxg%7A~C3D*%&0k zT}ELeFYAaq@v-CU<5i|7LtF2qW&n&DgpLXGot}OTB`<7v_a^66Q-n^Z^OFL%&IVO} zX8weejoEHqY8@UzU*h)o>vxciV1QlRX9coijl)!urrK#RVY zgaSWky%8$7#!k|0I=O)H&~KRhl!qPC5FYu;%)+0qtkPZ&1i0VKB%X4%Br2TN&whHz zMfv;{sdjinAi$fO3-VNnXsoja_bd~QSNEscdz3h*kTk=GpCmDf43x_goK#1AUx~ed zfR!FG0c+#SC40`(p)!I2{_8JT9=2oNAeBZTVd`%}8U$b?@-2AKiFiy0lad?~M!9?W zGiTAFr}$3hrEvO1VY2Hz*askVx|ufgNndDy&z`Mn=+E7OHOKzff(pOF*nCwqr$N?j zfb~_m`ZEk;_TdeqpW-hDb?+(gJ-gr+ZH=pdUAmPd1eokino;#(zfKZGbY-q9->((1 z>NCA|3^g%)<0&zB3qy_ablryiUem=$paWJ{cdAJ`E^qAlW4(sqo6e*d|9}hoK@HGV z_@)Q5}Wkh~BR(D^0=q@&~r~*_S+k6$n6i}P(GD% z#or&Zzacep*jUS>>$e?esYWElu$K_91$I&Ex*k zo#iO=)p8quchRJvt?b>3pActi!!B|9FtY0(j>(t%>39H$!;08OaGn?(!H&`aPP_gH z=r$R%n&a`-U|pF}b`mOAvdJR)RzsTBA@qnq;gzH~*L(eAAYA)r2+8WS2gV-84lT`l zAvM`>1wj>nbphRS6$*Y0Ivu;(6bJeO#;!zM&FwWywfwd&bXab&(BZStIi(=Q3jbwnzrN0dZA1t7?|B0{XUTDrifMKa-LJDg z6^U}@Kws_dRiaEXGoemu?G07PV>3X}tqd3m#ZgDNC7zC3HZzCl7y6KKro^Ux`JFiIB;pt6@4q;mfhfq{B;bK?0jO*Jo356H zPYi(@0LcH#?&%Sw(>yLtI?>*sp?Q*csp0UW$-=oG@(@|djEtKF!1$>OIaX2I)b^J1 z#gml0t&^X=p?6R-iR;Q-&Ow_wZo#F|rslkc8MjV^lbeBtXuV0%_1gttNc`$-&)|kO zaM?n7Gz*26c8$D@I&vir%Cgo$@w*FICB55l{^Zqs9}mTkp@b&huoiW^+~l^TH?EU= zKu&$mwOItN5q|X`>|SLkFBGi5;0L_MKwoNF!M_~RzBWM_f2mYYx_$<0_aEI3pnHT0 zO_Ym2K~_6o7Lmu32Ovk}Z-GCO3D<%47CCd6_iPDnwq|v6&w;KaRBFrkgtGq{OQ`FgIY2Co z)kX+(y(mwcqrJ`1% z1gMc7>`a)lSkGB0D&*%rwc%%1*_y#M%RpMml!#DtPg?jsWiV4*D<43#Fj%smh>Bzjdes}Mij62!s3(|e! zKu%>{wEw_9fN{F5DiU(h3iwS6d*6=`?qWxL&eiU`&M#Av^jp|cLx%1a6i}_;7-y3K za>jiIg5m#)$BfPx^fU&Lrmj{Rj9$?Ql!Is+1-98_}=#sGQk0+A<0{-PI*EK1k0^&H9D2S$2 zkj`_FuWHryU`fBwGZl{QB6zcrdv9=fD_;l61r-KLy`B15RiP3A1_#AXO9)eLZC^W+ znDGd0q$=m9I$*tquAt%Tjy-OQ19Fyr9Y8;hdPSWH!D>rhRzvG7_eXeaCtLF+7(TS{ z+Gsh_scwu4qwGUzd?>5qX#W1WPeL|$}mjbbEZ7*Hu{Z|d!1yt&$7}wRGR*&=l0WwC7W_SlHdSp6t z5#_ZRmRA{4-t6;xr8L*B?~Xl6dPT|AkZ|{y7*C}M_ZheroT_AqhOLRt#)@yjK-ynw zhjrVX?A5(+%ghdrD{#wG&fn()`DAFWX`g?9NSz2&zsEDtSyk#0mUka5wt7Cg7ZNZg zk1>84u;Gwl;b3f%5lzZd#toRS;xancWYBa(idtC_UY&O}2aX{bpdhNkE0X}1<+Fe) zX@HYoV*B!lg<6M1>sBD>YPJB%g=s6o8pxq`&Kgb4G6Vc0pt9Rzc#%{NtmFt?BnaDF7pGbnim#MZq4Qch1dbzXkd={F0t% zC!3EWvkxCy<;ZyP{V4Ve;A!q1x?QX2{Nav?mafVZPr&2%Q+<7900k z{eAdY5DITg`n?x-4hgf7LM6vxA;Bb((kVrv2?dMhu@O;!rRtAWp0wEe4=#+o#)W!xqjufxn0v{rjWiSLV*V}g+EeH6u@okGG)#HaBg%##+bq+N%<0Er-^c5$K>jM9 zAdbl5?fXuXC)O(S{R4chu{@-2^NYi$vL`-;$-h&f!`#w#gputKecXW8CKnY-s3T+=x z=m?yqp@?m?*UlG@d+3@H2 zz9GWs%+6%$(mVOFZO-%=V&5jAgZxx-Sk=wOxHze3D9j<03-=Un8>q#Xx8ebCEEAY{ z!q%H}L|F}Letpobt!apPX#RtHng?GwM!~x6-W%_|>^6N>HVDw`4+I-8DFXDW_h*u0 z>#c##x8d%-Bn?&utPkHk=yGKQjS!iba8!0WuJE_{O#gw`T}ole(f2e(yj}yjl}r+} z!0f#WS*w)hyktCuTwyczm&wqwi9k;_va*E*7N4s=CwEbI`_UP;`}ej(i*Afw=VtrS z)g2_FBNddhwHbr`TH4ZhbHJ=xf+D%TbsvHwxV5vQHUWQt>vL0?+fgz6jT`!tEI!gN zd$1EX@sl2}2i9GDbE+k9YLyjwD_+_*+UC~%jHMR7#D;}nS1ShsZ<^yzXOF`Il|ag# zU~3zeD|;TfZuz+KJH7(?)b}aBQNVkF@pBJ&ZXfY~KKC_ykWD>0vM0!~`%0XR&RZ4^ z?G|=2mE=u*{Z-;`XIIk0w1HvIM_MpI8DPuOBXFIFrTn<)Hodg)M@cZam2Ury!Z|(O zGJpcjoor7;cVXw3_fNp=P+gQ4M$=>6&GP4|0f~t)h3p&kzXo^B_w53Rpp6^oV-#>p z2+%q)mPQ9+zk>ftj@9?xR%AE4-tL-8ds6@pj;e2`0Sc9(@iOVy##;ke;|ky=yTeR`cH&%xn%tHKwe zF#-A>0?tP$CnM5nlr z@(^+Y-N>pC;+PAhAsOaLPlIQ`fZpxl6+MHt@L1X7kBb-XOzvw(f4x>X3T;Jji)Hs_ z6ZhdBd2AzvB&w4`tqbv^$hMS&+|-bCTW{CogJC0}8v$q5;Uznx8ao^OJs0OOX1Z|! z&vaRYssx81PuCZ5Amr;%W(;@tF>4Ei z+?jf@dtGP4%9jWb9i3O&#;-8@ctpRMTdF2tS%kxO@rq zzj6}>vjzmlDn80rm0wNaalD8F9iEKMSM2G=tmT*fPO3G6Dv0 zo#(JizA}QpFIwQ?E5~N7Jb-SAxg*bWdJzj~<5JuHE7HjwNHU-h_3m1}JzL#3(^%kq zKWf}4!nH!@k7rTA2)@@)$vF1T+E4tQLmy=ly~%2JKk0_dcXX0l@_eeuxSQGs=epd% zogxgRudx|0rTLcYI%s%5yh|gHhDpaK;{wX|3I`GHSi$Q8A2??~wJ2U)e4gatx}2+D zphg9cQ07Z{0_S<=4RqI00=5*rE*Fmk$7_@g8eDy)ka!$`1mZ4*sx%T08Ni~zVt6x#;JmtJDdKgF|`vT9xTqIRZV>m<_c zw9^V+Z{~~yO8-6`vCCX=Eo-5zhi&E$$79~>eG5O2R%O*0R65<7geSHO^`oJW&@O`s ziPu#=o;@VQrd&9#NSpX8POT$!IQ!!)+WwFq#1FPSYypKt=D(64@PSV%S0fbot&H$* zgbbK`+uzJv_Tp7`Kfk|+vED}Z#P|s%YtPJaPocBl{nxaz=lVK~e6RW?AB3lcTl)Nl zOgD}Lxk)%K%nE7-Y1RG#$B>^_ew2~C@G6=iI4SgkSTb;LXsjxzu~R&@offT}RO_*} z0#;jVtmWPecH%Zly~F%hG7gW2nTKU(wz1o|AFcOmI3e|p&~Oit&Mqn96U6@G%iyEi zl3M$v4@pUlwbmbz%+7}?Djv=E=*Arf94JWzdbwAdDp>9qHE%^P)FD-}5ZV|6bg~X6 zs>GG)!GxQnwIFmMw%9|OG?rK1PT{JmUuvK&G*l;%^_xzKwJtDCQ37@;zAou({$6`F z<9i_rJjP!hZ7zrpD;x5}f%e7z0df_+tC*F#(0%@`vs&Yg@WT$AGFNifAcf%-6^r(dd&!+F7eQ~NE>4D@X4t6%5#%nH!e`GK z@@->ajBkwwH?3uOl3mi;usQJbAb3{5IY%9ySRuM)t@V5ssF-w@O_r|k$mNO1u5ApB zZgN<3DI4JxqS`3JX*g4Y^|$6>iqqP7)l;FtdIfUJ7r6G$hW@o9Lh5z`BzJA&r&b!~#LWd&-L0*uPv6YOAxqVKqwb`JkD+lnhQ|Me_vWUMDJL zCj!91x@L*t!9{_=u+`?9c~V*G(YJ}pqS{GO(ftE%W*xf(t#>DnJ1d?V;hE>lqGf=N z55i@8m*2e{Uviw$l)v)h6)NMX{85qCIjT!=w_$Ij!+EYaXVv4~4D+%Ux%-9yZ_8UKsAINQ$-)3zQw5M8j7HT&; zH<$1Qo%G;)4RXR6PW+>)K6}jd^aVeEe>BCY*$vOqn7MeqOFT1lrjm}wgcXBFcbw>) zz^_g{fV|I&WgmE4J98c8UcN+4P3ojxeS)eq#{QOlI`t>M&V_`OXh5u*bQ7ti?R+)? zpX)JFd6>J)t#+LM^ih^aDGA&KvAWu`+~_z3b_OD=h}I<1Yx-@vnnhlSX*s{m|UCca|BZf?Yb_i9EU zEd?G-h?n(20OvswYe#pLLJCW!@{7A~h#w^1eV(>0sfq)YWl|w`_35o`m9_ zr+Lby5lMlGvc2BqX$6^xZ#=8(o&u>j(GPuY3BW$2#zvFPRNaTf?c^u7yG7uGrzRn2G#uj}(5PBQnQxAC1T8WG;XBRq=hM6)BAslnCy}cBp#9l((|Sr3lvN<{hroH% z=(SAs16O4$LMbM2nF7E?Yq0dV}BvLB6tE3_6z}+fb>hDZWuS>B3E&& zP}Ti~kqoP`XaVxR2&z9E=0oh-JSkIVvwloQD;8Eu^Bq}4y{;l25pu#5k&%O|=ZF!# zYekfcbSTaEgr)Bh(JAiqGy>xEBi&|9S`3{$(Sung! zAEjj$x@9c+NEPHmB9BxVv1JckNNGYNV*Utp%T5kgAR{yq--F8rv3;OtsFnVs=!VPd zw~45QM-vZ*J9bd&<^x(;?_v64RwL7@BD*N+Qs z*24ef0UmD7oW!XV{!_fEX*>@bn1UQ3fX0neyOEEZt~lV{-i`igbh>r9j-XseRQYa9 zEM$YA95!3mafw#|9)r_Bt=2Iw^gpm;{k2?!)lAF^OMQY zFIDz`U;k&_@L$&lqSV*N5=3x3+nJWp-^+FzZs%>tKIsa1^B2VH8J_-~Pe(LgBG+y< ze%9CT3eBDHUjg7LgXG!{Ai`!5VK=CV19WZtU)Ju6C2 zB)u?+9o1%U8XJXkJWu6Juo1B+3iyr4>-6QykOxRcuE--R*tb^65g@l>jQ-Kit;N=a zFFKl6O7Xz_H7vEOdZfx3a?_FK??7^ga|@UP(`fulL`hMsxPeZlwGr&U@ydkn8PV}V zm>SEN{K>{4lpS;R98K4YC>;Crv&5!O%j%7o(#Z!WzAi;GX97Y`wXKwJcuMF!HPMbf z7;{OlvBs8JvuAaQu4zV=p>ix&KA0jn0u z?L*WNU+lw<7o?`Eci*s8I!ClLjfVd9IXeE(=j0H%4vRN-T9(C4H@j7n%1hReY^#xM zy8;^+`?+FR{3ngX-#j%RTR=L`4hZ<`K_LS-aiTv%1+Krm_UWLuopa7-&c@BmKcQV5 z3f^ELUCqn4vU8N*lJ7zm9JG^R-M(S+%2#$ubw21#i56Zx7}&bl;Z=)BYjIhP80lBM z2JABoJ$xN;GO><{>lxyAO|^|HixpNQC)!%h1mm8dh0U|B@k^TDpx{)gKC6lrqD7!QBG;!s7q4E(FGxHgL+J3xIS9)?^mo3gDC6fBa zS$tsg_lmAd3aT^X&L~Jhvm?$rNPl4J{7IZG$@4>=&$t%~&o`N&Q~p55dweQc;Q~ z3300YQwOha7Ksq`kX1v{U8Xea6^zw`@6B0_L(=n5vBTw(xQ*wZoypgA zBlj!=d1@QY({tbSJ*CLS17x!HXx8IRA|JXWO@z zVg($I&;8%rv2Yx^I;5abQ`Q-}oc)R=!ep%>=rF-n_YGt0P{YoS2XeBRWuLjD43F?M zo;41tv3hsz*^&(=vn8Yo^OOVI3qqPH8e2`=km)S#HjL(>k>1|j{FFOS`MvjZ{&1A0 z477pd%rFP57N`0{lWTY11@UGrK3j}swD{J0qP^@11a}?v_kr@s4F^qC;koW@1%T zHmxbSxv4-GKW~%~$=zx|g<(8%DjdS3*)c61Pp;1zDE3OIC04`uXZYgk?UrYaeL5xZ zHF*5<#>79_2HXcUH2P8!QJo;F;%v}`%NDXU+@U$EW9`v4ZG{52u2SOBn6b*Jr{UDK zLGXuec$~`Z=}_if%jxKZW`^i@n=&(S*W2l_Z!Un;E5-0JwZD$Lp=3hp3_KJ-XXRfj z_@ZJjuk&#Nfu?^UdE}MBMtK_#-jI~DaOQ!G(~$7+AJwomg8<)ehCli#;NG}on%09?762?Q1x%E4+Cx{Q&=-Cjs$a zI+F0e-U)1>p=Q5qZcQGpoXG>}y!z3SyAc6s7R7b#`ekI2iJyw0T7B*KI1vnEqXLNC zKS`~vV8a1j+UZdcXCH*}8I-08?Q`GC%9)WSB-2`g$GWCtID!G>CZJzH0R@a}H*ozNf(srJw6^ckNJAYg4$kFIAJ-fQQI-NX2V-n(0MvVP^HDHP8&Rsl6p*Hc z-s)KpUXpv5G-;5^<9at2U7jRb0XKu6V=^ljWu(WtHW zSdx+;%<$_W>NMSOOzHQ|#$F{D1QCyR9QEvWKD>k~Ieud=(9)W5ChHa-k4`ZrK5iUqUfg1s)z zZFR67wcnG^d@wIJ7k=a$bEUnZ`T8+n?6VVrA7p-Aikl3|xSPcqw;LYIKFDD-wkbT_ z&Ifh)g=JYyWbKu(G%U+|No&RG39Z^TF|Vy5ac78mq08k1v?lXC@jn1NdV{;bQN*r+ zMaLo&g8p|ntUmH|Hx^!4MQ(=(5EMn8HH3doFj)OfOWUbSDmA`NoxU~i@LD4YKYaF&tk^)$oDTMHM&I$zb6 zBL{6i`f}de@MU-1BWd^rwJoqT2())D-|QN+-RbqwT>rn8R)uyQ46n)0LTg~?rD2m0@ z2pwpijrEVko5IK|Pmp3cVkN=QpMO-pUFgwxeUCqI-!Gu>hP#{$U+AA9&t@c3Q3w&rObmo+#MqJTB({k(|L1ICXZ8f_lZJ3Z9DziZVtMi;oF$Nz(dGh6sgMO z3b7hLsS5fnTK`jWz_?NSFQf2?PnOA7tyN~4Tw19kO8^fklwz2=E#3Cbvi+l_h4q^r zZEr;yM$4)1G7E5B3l{;^OM(CJfvxy2DtpRAv=kenj=TH^=sxJ$uo5sN!Ujo<0l_U` zDIu_AfUkouK)bf52jaLeCxYX{e{aK@I{;c6u+;-T#OFDXYmSUzvw!X~;Qz0?44I*u zB+gV5BlX*OYW(^fSQo-+@HJ!BUb(8$ONy$A zPj#@$MSy_c3^f{6xhQhkAOG2f?hEORK0rj<6{OWM5+ZqXgR}jT*OursQgx->I3G=J zyeIOjtJjGKKX^(pQ*s05dpYM_#=4iqrhN3llq2P$37^T_InD=v#Oc^o{Ap0-VHq4N ztuE~rpQjyJCyBR5U5`eJW%zm~%#1eLI$7K*e`R{Xm@ceRZV71RId z5Vi0mU(fH3 z`O-fxS#Cdbhzje-+7O=WfK>SmB#nb}l&r3vSZ=rTPWg<0$#p}Bihq*K^L8BTf6J8{ z`qMzHHlVD4Eb(0-YQJv@)t_}giTUL)f#42X)WoH2RmPH1rqy_A{Xvo_U7GcCQWs<| z4CHgiZ3^DW@Fg44rLUkE?DY(ZMOa=Za%JHJZAMdc#``|&A-If9bbUJc8$7*$yxOUN z1?16N$eQrfd#v=NZzO&D`K|3Qv03Q%@Max!+wG{*S`xW7ncNj)?P*f6dv^;(S_M7Uqa zab>mhxiXQ{M=wdoBo^QDtB@YgFb=|hP(v^WFibPqAKog-lrIkjmInlDx3;9QZZ&<2 z(|!#iHZSK7BUv-^31QOz#TDS=COcvnwGdoVOio*C&vHj~sB_P3yMRI%pnNcnMlG2D zvDecqGd)!*X`r0&=rG8k=2`amgmj{uW`k=8r(x~aMn_3$)323!=3(U21r)1z@aJYu z|D-}FSUZRVY>s!WaylrtYZvwUHZrY9vzC&Lb)TgjnHJVhv`Q5%wj}~k^zE&4T5V_i z{#J^b`2u`TVdHPD7W8QtD~mYNWnG7FSv1ryKc;hmNS*)@7A~+lrnh&e4mUY(`NVg~ zI>PFn>5`^CtGQSVr2NZKnl`i>G}{n51_T-Uz&M=d)9=g0tfQ`+C-`$5i6BeB_5~J(AV1e%M(|d$)RPJT|1(eMH=d&bq`-nxFh2P z(ra6opAi`;@aBVnpX$juS=Or`NPKf8eSC)?(&E;h0#m9j+9AX z`0TX^68bY9@MjnK>19AEBJlR_X^+FlZeMPlaW!U1Ll~YZ8H><9Q+;>Gm?6vL927(= zCl(?J(A3MeojAHwEq_$|+tDp=DQ7gTVY#BK^Yo!I5JPwo8IboYs zv+=)DU-;>bvh9;t(Bz#6$>V(OVt!yj^KsP=L>mIS8>Vuj0lZoRU-I4tUth=EK&Bn> zNE_)1XvnG);v`Ypd1k!DV#L1gb=36J^k<-32fhOY2sPV0lE}!J_POf>(bC8@lfPpW zDaDs{-!w*x$>@fo`~{V@{ya}v(m7D&r~(SsOm7wb0g5wIy&;7mSOfRIm#&m?zct+` z{9HNHzY5_oKeTtU`8dG5V+z!@JaE(yQa}hwUkw1bfBuySY$e#*sQ!t$`cASr@W^Yv9fT-4+;<Q&D_KrMq?rP6r7JtzTU&e#xV(s5-F)KH4f(fx*jI3s^O_vV#z9F89I zq;MP&d~lsk?~%h!>^0v3so3G9HMbGpf4NpL^8wUX#nl>7p%FS_t5*;1@OH2dLnaClzmNj zomEv@k6~YnJuJ**xn;-&EEz(xw2}?r7sb@U5tKI^VmL+}(8v-1^akECJ>Dp+n{18qlA(?h%LKfd-kF(_(%-w8#umG#Kx6e(dngmlJDRU* zEXJftVX#}Znjmj447gij5WyK$NAG(lFc-bs_%; z_P2!^#%@Br-(T8+R+H2JCgo{=p8c`XNJu9ezUDju@F$C-2(Bmf78!mKLHK?R%ANq! zeP4&UUd2=wzK3%Ex-+-C{MwM}r0Z(rDtvHPfz$G`f4UCAgn2c*Yo+7iQ}uwfx+w0D z!Pns>RY}G-sX>+g4hhK+*OSJzsMZ-cC6wRIpW^*9_2PML5#w?*E$RZH&SO9bavPMo z(xt-K&=eQ!LFwcLqsM}-O~@uU+8Kir-)vbZAttCEFf~JPwB>K8NMnWsHB53JL>C1 zy=j*MWY!zS2$MNV+A_R{ZoOdP@*5m0LlkqY=%H2OUHJ|&>aU}^`Fg#U9()rQ&QLU` z$-Ry3(R8#cBbQ@wB*yzhp1}u?de2Iph4|MtDNd z-@RSmW5a_kijIX)CirmL;FZ$QrkkR_`;&x|QH4H`t9j^5!#7(s_Vc$6jrETB7DZFg z8O_577y2z6Sq!K6_k2uk5+sF>yGdU*<;%Mv17D>?@H&-beMEr>$`Ml|cABlK5u~c5 z5Is=pzd_}H@bmwf-@hC~lVHPq#V^l30MR5eg(fmi9D91L5h8)9-RSB^#Cq=q2#)9D zzE|ut2C0;IJumCxYnyKQxRInOq(;IHo+uyxXDWrYZ8z*fD3l6tH~xg>D&(X-!5!|Joy+4GFg)dJUz-EEES+ z^z*1Dcgr@j|J-=}Jo86|NEAbE#oALKlWz-N1)W4UOl*#=uf#JRlG!=S2>wyyW)Ml( zsGv9{q*gn+L9345UTB17J}F-+tJ5JzAcL-XdKY)Zz*muBg+onH$lm|rf90-Aqr=zR zp6E_uWzGg)yK~HqiLRtu|B7oIrbfT_`so8F3RTudv-VCpeXwMibcd!%i?a{pRx%wC z4_7PNBSJHdwfkC}4^;Ru)rtUe9xeC&=QKDWCAbAdsfSPk`Lls;N*#@idgE)aAwetH=X?_Xyov(BhOojVvT=Cw+b^pipt= zP`Oz|os}*5{I(oE7>KTVDJ)bDI_yU9cn*-XL1WNVGr!-=2-4Le{c;(u4qypCdomlYd- zjG9JrWmqmd$~A zkjxv2EW0Q@&v^6*kC4emVxxAnB5pW$RQf;+< zw+8xE?=^BFpE38&9Q)_kFPS^33`xp~ppYD30N_1dde|^CF?Lr^BWi)&lh{SCyrM|A zc=?l{qZ1nu0dHPu9OxqS>a5ncCF^zTU4%PZ?6UqrAIGezo`;VL=Y~^5+HM&-|#FC@-Zn!%sV@KY1AagUx?`%r8z=kiN>iX|-gt zr0L3DpO`E8Y>2&1uT?1XwLs@6k@E~VxgdM5vz@!K{@rF%&Z8!v2yOji-`)7bl<|7tO z>MTU^({vD0E!U%-)wCK*zp3Dj)%ylCM*!?-ao5>(RS%GBW__O{hBwthK8NH_RXSW8 zle(*E;Qr$8bmCB_1w^gaMLy2eCGVlqze*N2E>Z_`7V=Bawc-733#**HA&_-&j61HY z=yRf29+$4$i>_Fb#ixZJ->xwNxFr_n>+qub*0)@0EmE1&fqivXFOJCd_$;mr(an6K zIMW9V!xe|Og4i4!C%MB^vMM_mT>SvQ!E#BJ4R5lCJ;9<*O_+HUOXp7)Gj?>+JP>Ld zD%1$z^U}0OS;q2HwG#6IAm0KoeBrFFdC?D}#RkAoLkQNr&AtnATSQ46)nkqhnaNQu zn9%3@`At4e1jJ)+=XfW^Na81y+*TLMHRSB44lRGitwY<#8PDNHP6TtXHG0(1HOL2!B>)tAmdm77 z1v+l)Ndoq)z+Wa*b^`J#2TIc4$70)s8c~K3r-sx^J-lcO?i5-!rdPh2Ec9+TOokIF+Bz^hT=PpZ>yX@CF7#)XUM`8?}DKl>dn{z^$=5zuXN3k zam#p0G|Mg(SQ>8!j*7zs|e-_rPzfN8g)S|bLwuk&RA zorX4G_KJE0+jV7C>357=$XS5HhvBAZU0Ff5GO&o(IF$m>3J)--B}~A!vz%DVSH26Q-Vur+f|rdF6UYOJfrJbUPHY17Ke zHDFM6g5ebizGhUmxO%qU5{F7&5E|V)S~E$TUl@_Ja!L6qr4{wo`Hx-;0KzS_4BrS4 z0Mgm$hGxL1q5{S;bK>M|YS%py@B5{ok{_afw&!?xW~av!wH1ARz;|)X^1YM8>KJc~ zqaMW`!jA^)Pu;mrQDUHPFcaiu+VhgE(_lt=)E)S-ryo5sJdddYIl+3YtYPDYBsdBH zJhLJ!(53zHU@%r>Lg}UJ=S6F=FT*u-+!;WNi6Bcd^&xisREo(tGH0ee2A@5xb=Obd(_<6$sUnX1v) z9`2}-#+rU_luB`SlPL5(mZ>3sY)w1L?QkuX3^}$BMz z)Z#+BoTem+Y1iPO5{D`z%0Lt3puHA?ufTvDKdA%IdFI4DHFi?@s-PQ%N6}e0CZiOp zGU3y7bRu70?#seC(g?@r;#v6q?#}m%S+=0rirEo(BSZ1AWq``gos_CV*Sb_-p_3xj ziwLHxuK~!JvANJ+^CEIH$BjK9+(fzz315NGPEhDEZX4QDw&A_p{(VxMd&*})e<5Vq z;D@fHJF}uWz7*y*wkb|7`)LxdGw&M)6D@tZalFOZow2ufGFJdxD@W7%MB5(!zI=}` z=@hm03rdjdw6(Tj?NpI@J-JnIS^6QF((@^fz^xIlac`Mwa^aY5>Ljx$KNtXXO?s% zb&ds9Re3$-9P&FkNO3LlcJL>4 zc|u`%UDMc<&xzMWB>3e=JmAG!V#2Qs#tH%kOn=oOz?xpfaL=9M$z zDJPlbE>cyJjec$Zs@`+Q^J=35-c=4s`LjO14v>nJCbEOZW;+!Vx}ev@xVb4;r=WF9)$VuK*bj-> zHfRPKn4WtEaCaik$hbb*{^;X1E~VHgA1EZGIYn4pCsbBDU~)nNzUs_;-I>tlEqpZn z%4eSJRM8N?$@^I+Z7S=gnd|*C7FHFlLcKWNrwy5YGcF^}9u&6*cs0V+AW?>zpr`PM zUz;+D^MTV?E0py9d0IomS*-C4X@T(@4JUfKy*^;BgXWdvX5`e3nr_=h+XYi^JeZ}+ zc#n9|r3SjfhuuCI3+KF@+}pDBsQX-(k*OhtJj$tfg>~S4G23eN&^cj{Jv{nUn6*k0 z7tH=(*~+zvZ9qh_+*FG_7E$;Q(2EMz+I1L>EqP#QuZU7I#QFColQEsLRM;Z{0`*R$i&McnJQqq>fHmy5v*KS z-nJCB^Uus}44i`jR-(IKfjhQ44 zg+$jXpnFi zx)BCZQW^<|7?f_wp%LkBkVd+jq4C}R|L45#IbYsS=Y0FI7K_CKX7+x#_ult&-B<8f z#XqOAHg}exkA`k8PBXr0N^Jvj<{~C-BG!9gzn$|O;vJILaO*CUV_c*u_Tf-^#l2^@ z2|v*xi$2FUeM$2uaa&C4t{mUIR-lLB_ugq^U>!drdb*o4Y)MIphZ#0`vCJ#3%FJ2$*nnKts-cM+!OcA6_Gw83aKK}@I_84ZE*oS8vRQvtq< zU=U}ZuD=pbOG@T_Cn@{M_+zgaAS6v;zdu*MFIEFPdO@SacjG5xBwCX5&@5a?HJxf} z;P>XMiGGUAXW|f(uH<-0r}<`?A6r9gj6}w5;78)xoks(}hQTE$8#w1Mp;L|Bk#F1j zQuxiBjTFyGdA{b}B8ERowS1Oy#%C+Q9)|x21_`gA5ni>4D~FQNS}C#C@5-qUj?c+ejDdgg2&R=H5nJ(10a7+VB3Vvxa%))_Z|&DUxWXwyfG=6 z@fK*kN~&Znk|;&uC3gp6a}UY1)E`hepz6c*zTyoFz({Q&aJ)q} zmVVwB`IlqIm&4}J0@SYCvR%^8)jl_0lyhE^mok2zqw4#4=V-T0B9INdO|1t&JcR+o z(;to&+Vhm6E+P4`CGLul>zrIQx(zpQc;tAW4_+5fqP9}~jz)o)1gAN9>=gF$uG4Ge zHe{pUuiW#~T3X7>`~`Ey`5$Zmcn5DY+y>AZ&R_5)fUgyNIEAenIV3i4T<8FpFj4Al0KYv-geux!+`%Tu7+Qc?@ArA0<`Vs&li5n zpEMY~Db=SetL#b+R?N{SpkHr16&OA`YR70rAaiRU8K6<7C45%f&9bHOEf6?^a>14> z97Fiu^a1?kfEVv%LVr(vSZPUCGf{^W1=mF2-G8`&9q#1tbo0e>6Qj_{`CgW-o7>@v z8e##DHF{Rd@QL;7mv5~+`g{pvr5;K%KmkBrfbI7F4CCz?z(1X;c_()<;q)6Bf*^@- za4&FtGZ{n+^+{omd{~Ey%a|k7Z?#HzKiQmov6Zzg3?$r_wSARHY=>Evf6DBZ39Rx4 zxVR02xDuNfebwurkOzRgnltwX8-!ia}%Y0Pjcj>GQo-th|<8Z(XUj&e4By=_ae1WBFy zV7V?~e%A)2S%x6OB4!*A zkT~#g7;)1a#b8Jw5|^R)SXaloTmnRX1v#7?^&<%lpr~vNUaCipmRKgSQCWKg%e)qQ zpumoqUH0TQvzfgOSjSPVs<1QFbQNXs+6|_cMGW)pXQF@G_&do;Gv0tXz318n7qVz} zu%D_|L$smnnw9ObXON$*6@VDgO(6G#))rd9&A20zLUD$OC+&flJ=&5<3-E$vzOj8 z-pKFE6gzYO&Bp=M8nM!2<+C4b44r`lj5D35i*jhdZDh72<7hpFhpN_eO@@kX$29Ti zdWDbyl&Uh8AooePt|4acrO5;4mum_y;-`m(eK%r4iyiiP4<1)l{GB5@$92%GrN>BP z1HSS0zf8))ZbaX~)+pc>$Ktnnwkh<{{ilP(F4Cl%i&eW?ZvnvDoA*`FxX6ihmBo7D z`O{dS_Xh?KS1sJ`JG3S0cLdy$3y{>hIYl!5r#7AvpnEN^^Z(bQ^p49v7m@!FX_Q>=i;b)E8TO-e}oEj2M^^}MOJyEC6uD#0LEMLJ7hmq-2Nixqy^Z6-kB=GtZL{FNCMcAH%H0KgH-=!v29c#&quQMfNOflUg{uAOG}#cHWz-m z$98*acdhmZbTXrHy*aLJFaQ-xsV^TNhgu5#taxx6w8QVXgj8XWa0^(Ra zWnuT%nP@IRhV(MS)J+B4Vm`_SDUDl-``Xm@ajK^7)Rs8F*6ZpLYq|*8P3Eq!f$fuV zKtCgn(~T$~j>L0{Sn@NG*IKTqfHys`sLp=p#T1MC6^#CYJNhsGhN&Yb^r!JgmX#7Y z8DNsEyj(s@7e8O==))f`{hF_q$@lQB#s_4TaMp?j{WQP~9NFC)Ju|UDjHI$}=iHgM zuRh3jStJKwQow^drqk&`(|luW&iE&B!kzcbWSFj3kwKD~6Ub@LpW6p3>cK+Qjqx4! z>wRMR-BE<fiPB0KR5oo~>6p_#kx zdXKfCj#s|6TG6q56Scm}CY}VY_J>V7On}h?WI1abq4u8VZ!K_6aJjb- zZ;cum8B5elOar_-F=a7zQKltdedruhrun$UB$`C5EGA&H%WMCOQ5&N$21i zur6xx*&;5~3b2N0M|k``Qg11^MVRd#y+J!wkzW$#jMQMxEm=oTQ*X0l?$iW5fenyS zoN)+f=;&S-;tm4=4-cyzl=sO~OXkRnK76##Q8sLuE)PEJbfLkze za+m~6(5%d<9D3Wz8+_@JdF*K}(5b}2wg`ZIJ1w})LLI<`f_;J1o2aU^mkRy*T%Ugi z^xB|CEGjkHD`2Y?H#$^2R+6SJ2nzWE+y53%8qD3vXzJ#;2OvV?<&OlC$YaM75XG$agH!LodP@ZgRudI`)^ucH(M|KfLzj|4Gj$60*1DPRdw?W(=+VbE>%7jOauALq9 zbQYhZ?=zhWoo(zY=b1vho!Y&oC@MN^y~LRpY>l}ZFhgdyF_>(pSjsa=a-b|7Gpj&6 zU2{RnTnBjg7o@38ks2e7eGms~TF3jz^EnWw#rSC2{!rP)OA^TeIGA$n>MUW*4deC? zUF%;YvpI#HItz3fncZi#P09S&vOjzo<;v^K&bg!mg7kuT24FSm96 z1OHV-^L}rrx^OF)GoI}sd+z%_9@phP^G97SfH_Nz7Q{F}+J@eFcl`mqi%68#3I>tL z{6}>%PX7k(XIg(ii_94yOhBIGqACxPN83qlM8eOzfoTZp)7XyytZ|Qn3jczVpV`hE z_=CITUhv9+^e;TG}K?LjAO%@D}^OMSjZe8iS$ND5}@tM zPKI78-wEv|+}K1*y?=PI=AJg!9nj0w7qF{Qo2$IDw)$u%T4Lw7K+_Wgch%-{06_ zj!F)Z+#JQ+U6OMH10GZOQOoi}z<%ayvAhj0PhOp>5{uPG;@*MeE)o2wv1ZBYP2iqd zqk#1CKm0bSD(1tc`bwQMyqD))?M;DBIl3=@s0rlbbt421hi_tL1-SkdJ?)x`UyM+M zABHL%`A5gwq#9TQbdV5i7E7v{Wl<&v2P^88Je3Q{<}^Uob89q(HamRzoW{T1&He<8 zvg?+UF0KF>d(c%x`yoIBjMb9OfNCkiR<7%|3TW=G+FGwxC7&LaCYQ)#$`jqz8{f}v z<*c>EoowMB7og)&76*wb&?gM0d0SLc<+7$ zpW-!hW7i7MucI&Qe_!Ll+&2#ns_`OSxVj!P=VO1eiuVCwMAr>bN#>ae-_5=NZpOhk z68=swu9_q-(of-9uH{bm$;x-}sD?^$U8L#Mq^cDfD;_7by?849?8&J zun(-^OMn{qN)eqrECg}-*g}v2#hVZ;5rLS|*HIi(!NxhQa#i?-)FQpeFbEl|L&K81 z`|lV=86LFxW_1_qiw7!;h#Y)4Ei=9tI{FH@k1-N%`>H3Q5}-%^xmbrzXZ3n0VL1AKQUoi3!3!6(tUdDYN0y6BGFYgPp}F-X)1g zZ73s2M6wr6zsArVeb!>@Z?n)!ReO$BTWgr@yEm4fvkheZ9+kJSNIx_Tn4~#u3|zQ?t3pk7*29dX z*8~PfA=F)JQ-wF)7yWmj>fx0!!Td5u50R+u=WrJmkV~-WoH9cj{Yh6FS}$SIwAKC% zVZz+t4xN_5GvJLuV(|cmGW$rSIf4;;K^e+k9nn40!?T#k`a=wF*BS2y5aI}^-4+Vz zjB}@I9xfztwSO4A7XHnoc7kI2`@U01@Db-T99ayE5a{uadU^f$!QO7w1-Q1M)&+Qv zI$NtBApLEL`b1QeQY$`=6h25kgq5jSE9k|8Z#nu0d z;D4|N@+}&I?AJn`>gId`A`6Yj$3a@Uf_t*`GOT=|+K*DEjm?8N=Kr6$xGr?|R|&&B zc+S-8ctpoKVdpe=TYqE=y=pEBEMAoqyw!ZElxdL*2*p3+o=$@6LgIN*Gm z;|X<|^#}e05!N$NY5bw_>*TVY`wRR?6;QRj=H1K~eB)~N?he0!wzxby?z^=!wShYm zAl%sowt4s*)cYk%=9NQa4hqiu7#)hYIaWXf8bDS&Kh(r7muU6=}5LULf=M&E9X`aXtunpY-)peC`xUn+V5JYUWly~XYs@AWI< z0~mQ&WOPkBaM)<%`6axw zq=Q+NrcoV8$f8!4xv|3-*S2<{5qO}EAwrjMnlHGsDMYI!QAzqS7H|xVZr8*{aHMx; z5mHW~KZ*?rJLd}oiXmn60b}$+12e!&&7iI5=QTZ@`G-4lM_{>f3*Z##(2aiTkfpDG z0k~iYE)&D&e;=o=gVVQ0fiM(Kh#YMQ6;lLnnPnv(p4=nBATa(jSG#)?|JU46M_-?B zrfc0;DK6KgE*i(~o)PEsYcBveMs7+S6h<{FW|u+QZ^&bg$uLUfwZ^I;uVfV=`nDX; zlohnDBATSJ$zT7x6YJrzl6Uv>5w9VN8QRiIPsA|*>;%~{>z-pLqT===x!c3P7&N~z}HI;8v2Xd1ofrP?MP!s(jgih|46n@o)|3UDel?jrY!iJ< zH77znR5n^7fK6=)I%6XPRp|;%aAmADOcCsq$$w;Z~1W$V<-w77eyL}CZvu)_t z(cQIbQXf>pTyiH?OWRc5#+AOP6@hf9-o!?&9rOAO^{gAIFP(2j+YM*ISPsIEJ*W0l zPvR7-K$<4DgsKvBHb&6QWcCo}7ZP(v2XNJ)bGjmUD|LQ4B?EA?0lHN5^IPm{#_MZ{ zXSol>QAgA2udiNpJ(BA=05=?Kau=yxJMQ>|>b;sCKqPmSU=ir>}i!#$0x|fb*+<3iGX#MhtE)P70-$geBeUL{BqOUrl@!KElp=bSfc7l)y62< z)fE&a{D!fT(MHMW$yBoXj7vzr-RdzJ)nVh&qR_}z(s?Xb(ACM_%ebmb8R0wKUQ@Xo zBAbra7b*AQ{C6YiwRC_-K{}0?(vpjnR9bMe&575^`-MP$p;ym(VZNQCwC-k2f~#hyB4@j`KnWEUn|+?h)Eo#zuC4Rua8oAj|t5iwPT34v0NwWp`& z%r0!$E#lNZiNePCMe(~nTxnvLk^Y*7*y%sZNv}{L1ND&x;W4>D_#p*juYavR{-}7I z_JBW{lR$gSV?cJKBsW##VL8^`90_Bv-Gw8189iv*aD3Cf4s66d`S|#OB%4h9#ly%M z_)y2eEpYqV(d8w8;7s!71sNhnAFbw|&(|I$Tm@8@Ekjl;vU@j`5E}EHxF%g=m*WWR zu(7II?mwVNqM^H^)nTkDBmbPaAk|dwHFM#hZ4&bL%X`ATQ}Xc;KLg9yXMx?d5>S;5 z>6+RMWm9P8px1+nC4GtI5@rGe*zX#@FMzvyyl{dS$kpXi6IZRC2cZie&fL14se{3Y ziUUj>sI$B~eK_qy~d*w=2zh zO55I8x!3d#Uw%w!^O9@{w((9H(+O2hJP=~d;O-@~BsV@5i;~?&X~> zTzmBKI9NZ)aD}5mG3okkbZ}Rg$FOg5WK1rR!-67LO+_}T&+CfVvfHs8X*$?sGTjW~ zm%Tov+E)K@V|F2lhMP(8!!Yw`CRHrWItg`L-?f$R6YiXBh#7C5hXUX@s_&5T{cUL0 zSn23pFKtQ%sZ1I}*H=J0?{*cLC* zk!$J59wyz%Oc6-5Q|kz*Aa{!3GtG>5XJxmSz&D!Mf=Qib6!weLouom}=hxUVMI;kP z7a%1Qm939G^r={hNj8kf^@S--Imc$z`4bK1gxhBaNvb{EF?x1rbVE|1O?gfB#(UBH z&v_O;M2sCarwSu&I`)s3QjodIq5 zL?kPu+6{8ZoA)?lOu5;-M?%TmE!aKx#%K?Np&EYu2!Q*MR8j|s!K3)@k*#kycu(s! zixp%uI+181zq=0)|Jt$wrwNkM8#&#qYUp993^uXwd`%fEi>Urxc8OsKpW-)sk)BkA z@E98?>;kJkqSU$<8A%tpT>Vby4~U7A_iCLTQ$VMtyaw>pEq?nz{EPD^e$YJ)Ow1ge z@8u&iaE>8^=0_?%cuxoz8gHtd3G{fV?>3>hCF8`6VOHMu+WrW z$8*95$<6Hd?A}S(IK8o}<~(t)B_&UD0!3qp3|U<24v|1)brv8Ci^eQLsgB?|TnU$* z4gp|@5tm?m)%FLJNh3}T92Zr~0{r&=FqZ8tNhbj+?BFY)bn<~;wVjpFE2>3bj%4_y zL_`LxzpA^M^h5z!WDMb`1IL8p9|dQNDC0i*C`8Iiq8oQ-!1g)jLZE0A0yg;ls3*U_ z#+jHwxx(b+1{|GnRP@GT-nh?k9i-yu~@H)$UfQU)EH_8SdEU1 z*MC5a7n=9Bt~{dJKMCb#`S69mXBh(9mJ%6FvAhW`eRVTgu7Ko=#6%7?=^TEsNzi%r z^0AvszeOb~`b$Bh9AWXuTz4*%(_)>9<$7>>+dptUP++BkVoED!57NEXOnXiS;_s5% z^x4ufPA!@bSQs2#qk&NMQ9ohyiN@HPvks{Cz1vD2%REnzjEzV<>*)h=CP~KvR?8=$Xp;q0x_j@zi7E9bc!hdI>zwn+BzC#IE z3T%J+A%yyONQuo3ffvf1*Su!w&E0r*pug{ORS|Co<1t3lAK>a5#?e5&$b#ow!1FE- zbQ;Ax+=vrN<$bc-Gt;G#-^r>z`*Z`~m4n{sEb$Z|4T~-F{(!$kU;2-XRw} z4(@y{17FZSJ);fRr!+DyFCw~AUzSF1lo{E6`W<8=C!4c^ag_0e>L5*r;qRTM zMEh3pssn)a&tEWPOhAo=W$h3^dzj@L(N!3q{PVW_PJi3A61Bh2X0{Aa zv)(|u=<{-M^NPz@IWdQG#}Dsf3|YPJ7D~($&Ojx1och(pcH=YuFzDnTjyyUo!P|xL zp7l`~;Y7?CCO<^Rmi2p!00zk;(_82y_|cvdneBu=axg)s{F7FNpU>6v$Dz6sVWsew zBPCMRWyfHtH;FIJL{}p3guFUlxIZ$~@V>s;{Pviy9b+*EB)LATYr?^v)et)P(t_pl z;DN?ilg))Mk>M%Srlv7S#M!e*F&;<5w*sPVLOM}=*N1ko$+_8^twg0+%@l5`mh!~G z&@xu5=ATcz99zLB(d_rkusi&3k&b^rc9GL-e?VTS^@GKo0S}=bZ?)}~>6#3UY00j} zjexz2`9U$?<@y=W&;)n!=-{$_Nv3&zzjCBohpjh_#gmYNw3M{6v6izu?<9rB_(dg@ zltddQ|J|-t!c9TawR_CNDln|NNz+Q=Lw=_e<6$OoM1_#(TGhnqmMUsG_X)1?A=Pmn zLsOAyrN`E8W~FvMQC}mO%=wp4HBB6zMD%(^OU$d|NyVl(BSk4^b5~s7GW(og5b#c^ z^p2qIlcnBSo1VQvWpsytT0_D$53J0~35;^(KYqNRND%8bR<@uVX0 zN4-Bi@Ndw>Lg0Lk-2v?Q}(MT$F$Zc1Ropb4xQ=|W>Nbe(*B#S%)4lND7a zZi6ii5ijeVPnP+#!&+B>F{QX(@eKB`v|*Srkj2~2elMT$fI=b8S`Hw96f^!d%%Fm_ zWh<`QPbMhVH3N3?K37`Qqp#<^R0~OqhMr-J7TB3h_vHbY?l@MR=!0Z}sTy|7oRNK^ z&aYlrlX{1$Fchn#QzHqgTA<@lMmUwFv4Q8Y?9uN-KikNY(ab{x)3}i0dz)k0KK9WK zH)pq=BHzVdquw(IY8gkpOM+TXKj>q`HF3E2)3YxT&Xwj-F6{RAQ;-SN65DHQ!8waz zT(E4jXVWm^i3LA8Vnw6Au|;)A-}05vYQ8n?1G(CN)wBM3c~#34SEd~er;CmC!v~r` zIRiFKBQy4sp2(v;7@6%juT;8GskZzGS9B5lvm4qzxwnro8K~chf2*nf%0~W&KXEyW zt5+`4AE{G)DS211>O#e(?DR8t9GIDu@HUV5fRj<7_c)!sU?RIsO+KYDn4T^}Y7?rj zghxm1ZGx~3tu6a+H6(BIG1KawZ~5Wm6&qb9*>{Hs_k0)$+lLlZ)rA~mBWC2|g*WA2 zMU>gTak5>%MX<*7!v;`wnS?PHN^gLN$zOlDfK6cN9b$Hc30Mj5qW~#5$$$CTj-1N4 z=^xO*qOA+8lIkRxwlV{m{8uneZ1+}gT_4Jg?_Jnk@WQpRLlf5kPR*HK6dA^V@j`WSc&Q=Gkw;ECFihXYRKw^Mi%QalYUn_1bA^Yk z7>gCPsHK9uyCqfo0J}UXU#o+w;v`akFy%k^Yor zmy4&FZ1!QVDH^TP=)_jv18 zip7MLOcO`1q-559RY5>v%=x=w-=l*q&CMDAHWT5T!Us3O&ZG*jOzgMLmh)x0V%Th}N!&#Nxx_C&Gb zW)yvw)X-2t1hSh&Nh*K4c8JBZFyCtW!SOcc!!Mzzv8UKZ+X`4-bb7%H$#1-PzqrBZ zVj|xJ8=^uuy_48k3|34dvhD@)A%!J*6~*QKDdzrwYFcg`0z7Q>#~rI?^R2I?QuAV8 z7JuLho!T;b?&)k2*3s^FgCY(EKWJ+q7XrB@-+`-YE4|&1SUbiGwH`cPiW{HI2)3K? zjB#?}ryVBU5WlC)c06FJqYEy~XDh`9muHWNyXIS)>wK7_0sS1F@F3FG8dnJkPLX?P zF;1LYV{^@gPvi7Nh>iLkhDJ3iVsb%*dl;<5SNN1?&%7Z_(T%h>a05zwit!#`@_D1w zg<~ECho7f(Gda7Y>8)o^J+%@rC=}{8{?;OE&n0zmWZwraOpS zhj>?QrID7;XT@fL-zRhcme%}y;}S~+e=PayLda(rwW_%D&Nm=KPbbnJcq%2rN4$P z6x`lR)7_OgIElZ4Qq>~nZd1~SYbLk-CVXHNizcJ*nq-%Eliw9r9L#oUZJBTy$xf-d zYWi&FU|#X&$iQ+8W;HfsU^J>j{kY=8SPwdgq6_j(UU@vYR%rVki@#^=JI+AJc*GQV zRSEDN70TxAJ)gVzpoB+yp77U&3caPu3So^V(}_~Jm;ZwdBbf5a>CRVgL)3b+TOyO1mM}o1?2L1 z2{%ON!>f;i*;OU&F1!nFdwMWfX4R+OnsDYA(U~l|t6}tTQ?If3TN`QFIy%4;CTR@j z|7($25#?ua1*tHeYVM`Vtz>mT(cHArT&-WK-5Ya0f=o-?6=}ND zx?|*>{C-H~jYM3|6RGm%6L?qG)gaJ<4yozu-zMb2hoZ`EugnfJ?P=_`EbOHABL41q zv`1}@H#orv6_!Zs8V3Pk@2m5??PGCNO;Vu|yBuC_@_y;CxA8Ti24V8iu{6oEciWZf zW#)%%j`l-&7Xm=36IILMO9NWpTZuo0S?oS(?{kh<&~4Ux?8~U7y~Q=Pz|v69gn`BB z=)??ih&{>BTheaML+`8zFjv5dDpsl_64PVQJw7ZB*v%@(ow~W!E3Tn9UR3m9c0>rx zd_1O1+hC{`jFktMcOPXbGkEgTm5pX+68p9BhwoM^t+GKERPu0fv53!{R1J42RQ)cO z?PBki6&wV3zYgV?R#pZLSVP=@f!$bK)eX+XZ=a%SC{PWOQ}_}5*(0arl z=*7{xR*$sOlaQCY2x@j3`RIYW7Hnpfp-^l9ZK?W;w&t;F|N2G@jNd3jiQ8ckURbMCw0nbs~=EztrM`jgdbKp(J2bQca;LyUa;$s+hvC zx2C^xk;|4Rzgk6?J-$+7hz=&XL_hzW?1oqWLrpm}JDCx_OtHD$~In~u6qr$3olY%x}vR4_W z80p{O-P(qKK&5>^`!m@ggI&z0Dp<}ll@j6>?<%kH-=Zo1GXm+Kum3%=^PlzjXFdL@ zfq!b?pBnh52L7pme`?^L8u Date: Wed, 25 Feb 2026 20:44:07 +0800 Subject: [PATCH 81/88] fix: remove redundant tools definitions from system prompt (#771) * fix: remove redundant tools definitions from system prompt Tools are already provided to the LLM via JSON schema through ToProviderDefs(), so the text-based tools section in the system prompt is redundant. This removes the buildToolsSection() logic and the tools field from ContextBuilder, reducing system prompt length while maintaining the "ALWAYS use tools" rule reminder. Fixes #731 Co-Authored-By: Claude Opus 4.5 * fix: correct spelling 'initialized' (was 'initialised') --------- Co-authored-by: Claude Opus 4.5 --- pkg/agent/context.go | 40 ++-------------------------------------- pkg/agent/instance.go | 1 - pkg/agent/loop.go | 3 --- 3 files changed, 2 insertions(+), 42 deletions(-) diff --git a/pkg/agent/context.go b/pkg/agent/context.go index 7d6f2762b..b7c6e1108 100644 --- a/pkg/agent/context.go +++ b/pkg/agent/context.go @@ -14,14 +14,12 @@ import ( "github.com/sipeed/picoclaw/pkg/logger" "github.com/sipeed/picoclaw/pkg/providers" "github.com/sipeed/picoclaw/pkg/skills" - "github.com/sipeed/picoclaw/pkg/tools" ) type ContextBuilder struct { workspace string skillsLoader *skills.SkillsLoader memory *MemoryStore - tools *tools.ToolRegistry // Direct reference to tool registry // Cache for system prompt to avoid rebuilding on every call. // This fixes issue #607: repeated reprocessing of the entire context. @@ -59,17 +57,9 @@ func NewContextBuilder(workspace string) *ContextBuilder { } } -// SetToolsRegistry sets the tools registry for dynamic tool summary generation. -func (cb *ContextBuilder) SetToolsRegistry(registry *tools.ToolRegistry) { - cb.tools = registry -} - func (cb *ContextBuilder) getIdentity() string { workspacePath, _ := filepath.Abs(filepath.Join(cb.workspace)) - // Build tools section dynamically - toolsSection := cb.buildToolsSection() - return fmt.Sprintf(`# picoclaw šŸ¦ž You are picoclaw, a helpful AI assistant. @@ -80,8 +70,6 @@ Your workspace is at: %s - Daily Notes: %s/memory/YYYYMM/YYYYMMDD.md - Skills: %s/skills/{skill-name}/SKILL.md -%s - ## Important Rules 1. **ALWAYS use tools** - When you need to perform an action (schedule reminders, send messages, execute commands, etc.), you MUST call the appropriate tool. Do NOT just say you'll do it or pretend to do it. @@ -91,31 +79,7 @@ Your workspace is at: %s 3. **Memory** - When interacting with me if something seems memorable, update %s/memory/MEMORY.md 4. **Context summaries** - Conversation summaries provided as context are approximate references only. They may be incomplete or outdated. Always defer to explicit user instructions over summary content.`, - workspacePath, workspacePath, workspacePath, workspacePath, toolsSection, workspacePath) -} - -func (cb *ContextBuilder) buildToolsSection() string { - if cb.tools == nil { - return "" - } - - summaries := cb.tools.GetSummaries() - if len(summaries) == 0 { - return "" - } - - var sb strings.Builder - sb.WriteString("## Available Tools\n\n") - sb.WriteString( - "**CRITICAL**: You MUST use tools to perform actions. Do NOT pretend to execute commands or schedule tasks.\n\n", - ) - sb.WriteString("You have access to the following tools:\n\n") - for _, s := range summaries { - sb.WriteString(s) - sb.WriteString("\n") - } - - return sb.String() + workspacePath, workspacePath, workspacePath, workspacePath, workspacePath) } func (cb *ContextBuilder) BuildSystemPrompt() string { @@ -321,7 +285,7 @@ func (cb *ContextBuilder) sourceFilesChangedLocked() bool { // - absent at cache time, exists now -> changed (created) // - absent at cache time, gone now -> no change func (cb *ContextBuilder) fileChangedSince(path string) bool { - // Defensive: if existedAtCache was never initialised, treat as changed + // Defensive: if existedAtCache was never initialized, treat as changed // so the cache rebuilds rather than silently serving stale data. if cb.existedAtCache == nil { return true diff --git a/pkg/agent/instance.go b/pkg/agent/instance.go index c6a54c7d2..a6fd365c7 100644 --- a/pkg/agent/instance.go +++ b/pkg/agent/instance.go @@ -59,7 +59,6 @@ func NewAgentInstance( sessionsManager := session.NewSessionManager(sessionsDir) contextBuilder := NewContextBuilder(workspace) - contextBuilder.SetToolsRegistry(toolsRegistry) agentID := routing.DefaultAgentID agentName := "" diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index dea30218e..5558f7c0e 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -149,9 +149,6 @@ func registerSharedTools( return registry.CanSpawnSubagent(currentAgentID, targetAgentID) }) agent.Tools.Register(spawnTool) - - // Update context builder with the complete tools registry - agent.ContextBuilder.SetToolsRegistry(agent.Tools) } } From 162f38cd4f544c66991202799ce3b7d5bc8c873c Mon Sep 17 00:00:00 2001 From: avaksru <33891999+avaksru@users.noreply.github.com> Date: Wed, 25 Feb 2026 16:29:04 +0300 Subject: [PATCH 82/88] fix Code Review: PR #768 --- .goreleaser.yaml | 4 +--- Makefile | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 2fcc43b8c..3b3cbbfa3 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -32,9 +32,7 @@ builds: - mips64 - arm goarm: - - "7" - - "6" - - "5" + - "7" main: ./cmd/picoclaw ignore: - goos: windows diff --git a/Makefile b/Makefile index f99c7712e..0caaf78db 100644 --- a/Makefile +++ b/Makefile @@ -92,7 +92,7 @@ build-all: generate GOOS=linux GOARCH=arm64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-linux-arm64 ./$(CMD_DIR) GOOS=linux GOARCH=loong64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-linux-loong64 ./$(CMD_DIR) GOOS=linux GOARCH=riscv64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-linux-riscv64 ./$(CMD_DIR) - GOOS=linux GOARCH=arm GOARM=7 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-linux-armv7l ./$(CMD_DIR) + GOOS=linux GOARCH=arm GOARM=7 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-linux-armv7 ./$(CMD_DIR) GOOS=darwin GOARCH=arm64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-darwin-arm64 ./$(CMD_DIR) GOOS=windows GOARCH=amd64 $(GO) build $(LDFLAGS) -o $(BUILD_DIR)/$(BINARY_NAME)-windows-amd64.exe ./$(CMD_DIR) @echo "All builds complete" From c8a553f109793bc73cef24a955ca0ef895597838 Mon Sep 17 00:00:00 2001 From: George Wang Date: Mon, 23 Feb 2026 16:23:10 +0800 Subject: [PATCH 83/88] add proxy support for TavilySearchProvider --- pkg/config/defaults.go | 1 + pkg/tools/web.go | 7 ++++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/pkg/config/defaults.go b/pkg/config/defaults.go index b96ee4d89..cc6de9399 100644 --- a/pkg/config/defaults.go +++ b/pkg/config/defaults.go @@ -277,6 +277,7 @@ func DefaultConfig() *Config { }, Tools: ToolsConfig{ Web: WebToolsConfig{ + Proxy: "", Brave: BraveConfig{ Enabled: false, APIKey: "", diff --git a/pkg/tools/web.go b/pkg/tools/web.go index 968579dea..edf9531ad 100644 --- a/pkg/tools/web.go +++ b/pkg/tools/web.go @@ -129,6 +129,7 @@ func (p *BraveSearchProvider) Search(ctx context.Context, query string, count in type TavilySearchProvider struct { apiKey string baseURL string + proxy string } func (p *TavilySearchProvider) Search(ctx context.Context, query string, count int) (string, error) { @@ -160,7 +161,10 @@ func (p *TavilySearchProvider) Search(ctx context.Context, query string, count i req.Header.Set("Content-Type", "application/json") req.Header.Set("User-Agent", userAgent) - client := &http.Client{Timeout: 10 * time.Second} + client, err := createHTTPClient(p.proxy, 10*time.Second) + if err != nil { + return "", fmt.Errorf("failed to create http client: %w", err) + } resp, err := client.Do(req) if err != nil { return "", fmt.Errorf("request failed: %w", err) @@ -420,6 +424,7 @@ func NewWebSearchTool(opts WebSearchToolOptions) *WebSearchTool { provider = &TavilySearchProvider{ apiKey: opts.TavilyAPIKey, baseURL: opts.TavilyBaseURL, + proxy: opts.Proxy, } if opts.TavilyMaxResults > 0 { maxResults = opts.TavilyMaxResults From ef1989f12eed8c9be31427d68d303dfa85820d5c Mon Sep 17 00:00:00 2001 From: George Wang Date: Wed, 25 Feb 2026 23:04:41 +0800 Subject: [PATCH 84/88] Update pkg/tools/web.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- pkg/tools/web.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/tools/web.go b/pkg/tools/web.go index edf9531ad..44df28215 100644 --- a/pkg/tools/web.go +++ b/pkg/tools/web.go @@ -163,7 +163,7 @@ func (p *TavilySearchProvider) Search(ctx context.Context, query string, count i client, err := createHTTPClient(p.proxy, 10*time.Second) if err != nil { - return "", fmt.Errorf("failed to create http client: %w", err) + return "", fmt.Errorf("failed to create HTTP client: %w", err) } resp, err := client.Do(req) if err != nil { From ea902429f2c3ce6be60e8e925a49d777527d950c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EC=9E=84=EC=B0=BD=EC=9A=B1?= Date: Wed, 25 Feb 2026 07:09:46 -0800 Subject: [PATCH 85/88] fix: exclude prompt_cache_key for Gemini API requests Gemini's OpenAI-compat endpoint rejects unknown fields. Only send prompt_cache_key to OpenAI-native endpoints. --- pkg/providers/openai_compat/provider.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pkg/providers/openai_compat/provider.go b/pkg/providers/openai_compat/provider.go index a8d244d4a..087d3506e 100644 --- a/pkg/providers/openai_compat/provider.go +++ b/pkg/providers/openai_compat/provider.go @@ -115,8 +115,12 @@ func (p *Provider) Chat( // with the same key and reuse prefix KV cache across calls. // The key is typically the agent ID ā€” stable per agent, shared across requests. // See: https://platform.openai.com/docs/guides/prompt-caching + // Prompt caching is only supported by OpenAI-native endpoints. + // Gemini and other providers reject unknown fields, so skip for non-OpenAI APIs. if cacheKey, ok := options["prompt_cache_key"].(string); ok && cacheKey != "" { - requestBody["prompt_cache_key"] = cacheKey + if !strings.Contains(p.apiBase, "generativelanguage.googleapis.com") { + requestBody["prompt_cache_key"] = cacheKey + } } jsonData, err := json.Marshal(requestBody) From 851920d4b0958d3b26771c0205cfa31881ad7427 Mon Sep 17 00:00:00 2001 From: lxowalle <83055338+lxowalle@users.noreply.github.com> Date: Thu, 26 Feb 2026 11:54:05 +0800 Subject: [PATCH 86/88] docs: fix readme typo (#798) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2b770f215..aa7b0719a 100644 --- a/README.md +++ b/README.md @@ -1143,7 +1143,7 @@ discord: ## šŸ› Troubleshooting -### Web search says "API 配ē½®é—®é¢˜" +### Web search says "API key configuration issue" This is normal if you haven't configured a search API key yet. PicoClaw will provide helpful links for manual searching. From 8f606733a2b6e208dc3fe799122774b3fa39c011 Mon Sep 17 00:00:00 2001 From: lxowalle <83055338+lxowalle@users.noreply.github.com> Date: Thu, 26 Feb 2026 12:36:19 +0800 Subject: [PATCH 87/88] fix: hide compressed historical messages notification (#799) --- pkg/agent/loop.go | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/pkg/agent/loop.go b/pkg/agent/loop.go index 5558f7c0e..693f2227b 100644 --- a/pkg/agent/loop.go +++ b/pkg/agent/loop.go @@ -759,13 +759,7 @@ func (al *AgentLoop) maybeSummarize(agent *AgentInstance, sessionKey, channel, c if _, loading := al.summarizing.LoadOrStore(summarizeKey, true); !loading { go func() { defer al.summarizing.Delete(summarizeKey) - if !constants.IsInternalChannel(channel) { - al.bus.PublishOutbound(bus.OutboundMessage{ - Channel: channel, - ChatID: chatID, - Content: "Memory threshold reached. Optimizing conversation history...", - }) - } + logger.Debug("Memory threshold reached. Optimizing conversation history...") al.summarizeSession(agent, sessionKey) }() } From a5cc4db5149e6493fe432076cbd9d46e9f4ca3f1 Mon Sep 17 00:00:00 2001 From: Guoguo <16666742+imguoguo@users.noreply.github.com> Date: Thu, 26 Feb 2026 14:53:10 +0800 Subject: [PATCH 88/88] ci: remove version from rpm and deb file name (#804) Signed-off-by: Guoguo --- .goreleaser.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 23e422ab1..69bf1fae3 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -73,7 +73,6 @@ nfpms: package_name: picoclaw file_name_template: >- {{ .PackageName }}_ - {{- .Version }}_ {{- if eq .Arch "amd64" }}x86_64 {{- else if eq .Arch "arm64" }}aarch64 {{- else if eq .Arch "arm" }}armv{{ .Arm }}

re9`;mpr_pptpGnrgB9BdlJG$+*R5u44pUVTt9OOLcn98}EN zAMd~$)_@E02sl@xkzIj0@sw$htQXQsfW>U4rt4eB9^DvkX|FX(&EE>sP(PkY zQ7S_7rM8{xK_Lukdn-F6ZC#{y@qdx3A$I5h!?+k`5h!X@k~)C&QjHjXBp z9H>J-a36Kl*^&1fb@<54<1v2nTR+C$`*^Bm%O029x%xFsGHX*qRIeBwh7hWgo~GGY zD;i`h3U9^zFmjzb^5(Yx$_pMgFu`p){uP&w7zNZA(x$D5ZJ|1FAgx)qEdz!^8fOBk zA-{io61h>B#|S2rLyKCC_Q;}u+8wvwSGHftwwCCugW?1lvdUVFc{w3SJw=Az{?z-- z*fpy@5^+}Fn>+g3=a~1YS7ppd?YB3Khz#+G8}&QqsSs@g|q zb|T;E@me_t)E>*t<(5o!C=?R^N?C<8kOjc(4q~ex{|4tviv-v)ZxOrA3_zq|qpnzQ zA^m3nLvQ8zRHYL+J~KvkD#Hyp-uS-v0>WW<{l15u)|h6~NE;zav?6cwMpyN@*UBT- z29k-k^Tb1XR^&$Fw0b*XPTrqypBK|kD**?m3K$`l1MwRJXu<8}&QAH*D8)l-VYHoY z-PcoMYIXV(#E-#REf~!(8OLNf+B}(lLRR&&OE1rgEJCo+L27zLeP(a)7LXJ8&o!97 z9Q3|rb#=0m=iBd*&e{ys4h?lPcgQv)Umr!K!A6K=oz$QEax<@3qQ<4y{_UN_==9O5>x~Wnz z6D!E|0!ApE++&KCRo?{j0?KTcuxs8Ik^o@Lmq1T(*w?I^AO{3A_!Y2&BP zOIJ8Ar%MOvkA0xX<{9fVc%})4|O@knh)_Rp!#R_Eds8`*tpOowm{*ooQ^o2MbmQM%74t*@BETN@R?+XAF?(kvoL?^d3#Y0rt>giqrxzl zYnerZ$sGoUjM^~nI{{Aq=Ru((Ko8FV8vK3lZLq~>S%T}~%Q57=9b~u#w)r8&*xm!z z?BY2obVsqY*(v8V}1h;#&Ij< z1TG(DlHtdxRPy55u_in``S@brw>#g4M~|F2%`%mG&*=KOxmOxDM$HQjH0#xB z)DEP{8m&5$nI5E0>|&&-yoHhhQ!F>EhE} zoZeTf`{bq$nLLU$xSAPzPMQ08d@Mub6kgSNbFC4%eqtW64GRIZaWTYw01KfDTUhIR z2)yj;;0?PWJ-YfCDtWp~PpsuZO`I@_u~|p0va*`2ki<7-Q8jPm9RW5pWp0m^v}cLLhF1zTp!1jP1G+83nq>u_<sdf`mxd^bdmo?Vc7|Hp=#wo zHYP4peX9v@GCL|VQ9_VqKNC0~w3>WoGS;3sQlu9*##9t-a1DCpVKmXxMq(elavgWe z0HC{q*i*JxhcRK=7l2*+!o=VGX0RLTJ5L-g@*2||Y1@+@z!en9eUmdbf2nMs)yiY| z%H3UgsBs~~2Oe54LlGI*{Q16HODW&cw<5vkd9~W|&x>VhhtD{;3nm6WCmGF{L;v>t zKKQri_Z$VFR%w|g>^6S|KrX=Z8$cPE#JTw$>V-^Svo;r*pFBEl!zOgUEZw(5G{ht;dt1pOn6@US^cu_R6$TfDI- zCfy@hTNk7CQTd0|74uR%VTI-AT^`pdCX?`>I_V;X!pz4YOwUraBZTIq*d?_|5L z621E*Gs8E-BWUPWoiM4e(T1~M_$FyKOf-kA4^QjuR5_hdi*9wn-vH`-5NI%qiLsHQ z$ire+v&iOQid!zOQg>Hf&rbE^*<$0#XKld%9wIp?K}RR8`9KBqCgMdg0hze0kqFq2rNz zXHB&@l3C4$cpx26s7N$%dTIjn(ajD-T>t5#1FD&-@$Wu5Xt$zLiIJ3z8*wf5!hK#Y zk4_x19(DZQp7DTW_EGuJw4e;MSIeWDPIwC>%$5Y6@nH%~zqV&9UxEqq*na$Rs|o8+ z#|foI+a#Hgkc#QwZc&K!+f=|H*`^X`Vq2pD9r$&NP2AoN;7EHw?8II0af5+%SBtHj zh6!QQZ|TGkxqOeamhFNax7}6NqTlwA44aXx6tUTjEJ|hn@*B-A{in#Y?ya zG?$t?O-n1cZdFnI-i%E5Fy<=x7?74K)sTAEu`e>h3K>l&%_06 zdDUl9=XK3uTyybh{}Y=JEW;I*9TJoR1(o901JmxSF|D)cA-KR|Z=(@tUjH~@@Vloi za{tX8vs6cGnUfA7c^7Y5qfE{E6plT3SX=r$mMyhboHw)8FH~r$>#4ux_VWSyu|@vj zA~;t?enskEw$gn9fp5mn9I9Vm`>V@9&Hbsn+Mxg*+&jzz!ax3=1ES+SPoTEtZCaid zyItPsaGP_9O}4^yD@(m2kykK0$**{{+xbSQXDGNyeE2~1`h2mMi+ud|Zku=6L9A1z zNw4`9HD~NzsT1a|`t$As8n1092D8kMNChTQCq$({P|@0|d;-C`)+qZS@5o4t-7ChJ z&Kg~J-{>H4Y&We%jKe8O_C7j+uJ4k2ntr%Ek4(su{QX4s%xQN6&!NFNX@A5%p!M3# zzv8!=M!*@J5U5j;?ZuUIm*wUeJt3x>06$xMk$4aAb9u*Pc=Na4Lx$cS$AYh+%w92z zH9*drn@b6KZCILd23%DF>58~A$7Pm%5D#tzXy>FNUl zl*IzI>M_IEh8|NX$6U%w`#YzlOdbb+g655#RM#QGoi?#yItbEE%MX^Rjf=`>AGZpp zntW>N5c3RNWVtIIH z_-Gy#lE^qOTTKcJeP#-sU&^7lnZ~wu+^zrm=)w1E#*ZG{i|b3{;0nAmb`)YJ?`Brk zy_x#O)a;X`v+&*T<(C^?6`UtN4G2jzcP7vg;1D@RM$&w+G}h}-27oWkz#J52R3eD* z0rmWJ|6%|K*)XjB1VwMHg7S6zjYrM!)WE9vb~@hXaiPynL-$B98K*2GdIe44Ftt>djuN1ko+bJh?jgd9uyX%AjPFs7ax$$o)C# zUlELH2}Wzy{yxZ+OMiFz|E4Vt8vO)7kS5Xz$W2L99Q_Xj+^@8Gx271L^qbE517qjL zWWyFY`qkqxnc9AhA!bnO4ZCvmOoEX_tR9ZAxF-qZD(jEL6u~x`4f>e_fq>?D@qQcp zTv@^`*c}>3ra4_7O(MjgVeilq)nu-hcRHK4Uoji;AyBdE>)}$fH`|yJo?i3j_C#iw zZC(OyoLIo&*n*qvSpdJx-_HxP$MV0Q*C;BnwVoBsskEX*Ssn)?h}^kJngLs*^bM&*l z?^E^?uuT6fqS_ z7M#m}(+;?%f_?VpK?|4FP+QNev+_A6hbupZKF>{wOL^ST01$T_t_K%{{cpsr+DZq_Y)TiUpGOE{%^H{c@n+bw=J*&&pDLa;-Yi)GF$G6fq~H@8uqQTceq|aSP9=X zV=EVv)^RJ~-@2ErZu;tgS9^*llk_%h}d1;XYhR}*bM)p1f4~@0Z|ibYJ41i zbm0cFxYjKqs?PO|ptvUYkanxPJC`!^Gtf#;bwn@*h%9KPS7q5v<_#?VYKcFaatqif z^(+78cCY?_4JiL@M*08izo8lEo0M9hP#WZaK1}@b=}Qe#Nxta4x!0BWx>b9~!y|)Q zVzRG#0B|NSI$7jYrX>%LMRrZ<^mw@m#wz>rk4SQ>j56+;zX}+hSie;fx6jxHj<657 zLshejB7XoynGOkffxba$1Rt?emFzo=938i6n=Rt^kX8O*#4+;50AO>^#u7_i+6S#8 zMb77Zy?<5KN_vV%IMf6y@$mL~+!GAE#^N!N#^v0K2N4aYEzD^_@4zOpF&H)vUl-}c zEX^VgcG!6kmBuiM5&BX~Ni_`KGjYFo?R)z-*o`Fd_%{7}n$X5I1`5W!s{bq&X4&Zf zWaM2^PQukN!FG-ohYT+DMcD(#l<;;Su$qjWx9MH3^UoS{)_ixtI-vbE%1-M3d7p?^ zMp7IgiAHN3!%^oz(x>yroYrP+s)>D5(0MX)V3F+InxJ+VF{r~P16f)0joerp{sW<# zumghN1$GgO^xOPJ@!D#uN!Ftes zZB$Kkd^@AIMw`$#lJ|-Lk#Lj}+j*&~dO)tkP3nlgG$>nKBqq&eCAp1>9?^qc*vedL za`Ar!`lwNp5G;Tj_;;cYjx0GH7pldG;}pJq_3|q1x>mkD&zUfBJ`U@_1TJ@#Hmf_{ zA&AFuz|h$8{H=VQMJ2F6vrhUA+1(w#;GX~2bMXXJd)pUu&;D&p$5S$NKlxuSbi_;{ zAZD7jfp+6D;|eSsn0SGt56)c`QE=%X5GQg&{x2gCh{MNmZ!m#X%OS)}i*x@1>U^u1 zR8^0>M1N7qYV45B_R-tk%YpAdGHtgr#(q)Rfc{@3`y|LJ_ijRL9|089g-qB-9SN#8 z2^)mIq!5v>Utm3PA@XO`$s5Va%@W4mHtu@U+L!c+@L|R#F;%jBeV83fp}mhgEWyn- z=B9zjGPCICR#R~<%}rb~#u2xxU?T&vPGBHDGLKHcuivAd0?`_neM#_E#T-nxSEW8A z$2Go2dwIJ};W%xUj`gvAv>N?&qMt)$U1{T%Cqq!0*cp{pX5ennk*65@P4j;w8HTN$ zb#a@U{+B1+r1~XhW$6#Z7(`Q) zY26~_HtL+}pXpZ}J2bv@J>Ja5Rw_QFp<(P}pp2l97Lj4d3CF|f6@=H(w!?X1JOo=`T21rIodJ%(q z1Hp#bisao4%xcPu0MT2>e~I}%FX^MNQr``(Bo&mAX{RpK#q9Oh-#$1naEvNJf`_a6 zrQfv%5paW z3T_Cfal%m{+pkFmF~v5H6ORUP7Q_0yrp`={PS_4QIv!0EiB131K3fwPiWfwyl27cd zcV0BvcOH36oekcWHbAX2*bjeaWeW5m9It04%TS|zb7}tIOwD?`O&G$_FMj}s?0rYf zCi*DDW=SQM^su~)v6&9SQF?S=2(N`B2(hgI8T z%n43yS0l$r{zvF%ok}u{GK{%012vZcrHBD_xFw50PF)fCSQxvmI2yrt%S zV-Cl(0S4Xs&3-Z2_9H7c$J`XP=mq)e=i)Sz-Y&AgCd);#@Kw8^^P~dR+>Osv(veGX!A7d|xIf>#k(1o;iIo0S{{KJ~+&sQ!_3!0C8S^uId{7Hl8AVVDA+RR-B_({?{0>9LS zpm7CiPwf+Pn`@VTt*)Y#o;aj`kG<)5onJ=ga0z4&!u%{i5X3TTv1O07WiF5$lP{)5 z{JQr#jmt!Z#|Yv}{_)H!Zd!4dcWYvggau4gB?PraSh-4k>}nq&r=_PUnRM?#b<~qU zc%9m1E|`t3PX9cXy;TeNB@2{F{l65Q3#j*6<-;V^(TMBB&1bA@uZ<#Nv zfWf2HG*ES}e1-VmGTV}^bwOOKslz87FRzZ6eQUU%7s>X(Kai!!T=xGc1auyJA!C>6 zgNfBt@!{rKgY%Qt;iFq-`??LAf`XfTs~8rodqlQ6=DabALf`zJ&g+L6du;DVq^$Ur zjh>E_6*i8Jo)ocT+@OQxmUR3~^xqaLJIsNDYT+lnUyRl8evMmr+96&0>M+h#6$Omu zrXmZ~jMNrMg=3~nPR&)7_BIQ*)Wkh`#Vpiu_^wE-0UNM8bvfLLCoY@L_IIrJ5UvVB+RSFWx!}HtL_DVG{d(V&c-rU zBJV5bjiSNsKM*#=%phF~92|B4B^l~MsV6YyYcy7iow+}dG1av{5H6}S(F7T)Sb}l^ zpP-a0aPJ+eJptM-efQAU*Q+*j=fhNYH^%G3DBeKS5Hh{C&-MpmVgcElpg7@}Fx|2s zUJC|pNep+3i3VJwxH;S4fZ zHyBCq$vgt}CTRoca==?a_WJd8(wYl#IF9qfnI3Vi3C0T9foA17Vw%T)y& zlhq!Fz`J@6Div+* zW;AF7&R}fK;|f?`Ka~+oPM(#a6z`W$Lbbwj8D+;;gLCz>cS9uu5S=tw$m9{!+4Z`n z$VE$GzaUz9V%U>e$??rWcO$>&YRaf546?TkpC`xZBmotCxFP^1kG3jMP%CFWB)lYFIt0>tuj1Ylo&^mPJmp7x`~-7! z2i8mjU8&iS&}aO6}KI}}{;z|?`;0!gcto18T}<~DpkrEbGdS$G=)U>ydm3<~h) zO^VByHh(wJaIcRWmhtle(IUMC<|W(y4zAxkbn<*7PO~E#az+lj#=ix$aD~jL0g3EJ zJ$#uR?%(9qMH*%Htaljtjol2Q-_MhJU|IOQ< zvWuS;phVA#JY4x2zB{DJt9yA9K9K*r6gSulE|58_zc3G)-OU5t6j1(?haIN28wf1% zkwpij=`~ClFU4za2@ccV^VC*a4OO40@qtHi5KqV`x~V@xO}~}P9OaF+uIyv>d7i4J zZ4}Jm+5|L$J7U0y_biL*`=alrxs_e#rqN^tK0NJW2JT>zQ3Mr4$tHfWa=GsjUCGtf z=!Vv#uhH69wJ9(h+Goz^HNAt7y)(l6bJL~6YQ4`big$oLnNtXVg8H(XDf_lvqv zTCM}N&Y1lq|J1ZC6;=}E7$aj|FG|-lWBLJ&PwPPVZNm=9i%f{y7bu`|>XB0z+z0augsK> zIC$>&icq@6FWr|U)sl~tB^7BEv-iphsGa~05HM75z2c+|O%>xD;up(JJ4otQkV>q^ z@i}J=9>YO{YA?AiEO3%FHEW@G;XwHH$rMFea(DB*06{RB4E5_?UgissCfZ)Tl=B(Pxg%7A~C3D*%&0k zT}ELeFYAaq@v-CU<5i|7LtF2qW&n&DgpLXGot}OTB`<7v_a^66Q-n^Z^OFL%&IVO} zX8weejoEHqY8@UzU*h)o>vxciV1QlRX9coijl)!urrK#RVY zgaSWky%8$7#!k|0I=O)H&~KRhl!qPC5FYu;%)+0qtkPZ&1i0VKB%X4%Br2TN&whHz zMfv;{sdjinAi$fO3-VNnXsoja_bd~QSNEscdz3h*kTk=GpCmDf43x_goK#1AUx~ed zfR!FG0c+#SC40`(p)!I2{_8JT9=2oNAeBZTVd`%}8U$b?@-2AKiFiy0lad?~M!9?W zGiTAFr}$3hrEvO1VY2Hz*askVx|ufgNndDy&z`Mn=+E7OHOKzff(pOF*nCwqr$N?j zfb~_m`ZEk;_TdeqpW-hDb?+(gJ-gr+ZH=pdUAmPd1eokino;#(zfKZGbY-q9->((1 z>NCA|3^g%)<0&zB3qy_ablryiUem=$paWJ{cdAJ`E^qAlW4(sqo6e*d|9}hoK@HGV z_@)Q5}Wkh~BR(D^0=q@&~r~*_S+k6$n6i}P(GD% z#or&Zzacep*jUS>>$e?esYWElu$K_91$I&Ex*k zo#iO=)p8quchRJvt?b>3pActi!!B|9FtY0(j>(t%>39H$!;08OaGn?(!H&`aPP_gH z=r$R%n&a`-U|pF}b`mOAvdJR)RzsTBA@qnq;gzH~*L(eAAYA)r2+8WS2gV-84lT`l zAvM`>1wj>nbphRS6$*Y0Ivu;(6bJeO#;!zM&FwWywfwd&bXab&(BZStIi(=Q3jbwnzrN0dZA1t7?|B0{XUTDrifMKa-LJDg z6^U}@Kws_dRiaEXGoemu?G07PV>3X}tqd3m#ZgDNC7zC3HZzCl7y6KKro^Ux`JFiIB;pt6@4q;mfhfq{B;bK?0jO*Jo356H zPYi(@0LcH#?&%Sw(>yLtI?>*sp?Q*csp0UW$-=oG@(@|djEtKF!1$>OIaX2I)b^J1 z#gml0t&^X=p?6R-iR;Q-&Ow_wZo#F|rslkc8MjV^lbeBtXuV0%_1gttNc`$-&)|kO zaM?n7Gz*26c8$D@I&vir%Cgo$@w*FICB55l{^Zqs9}mTkp@b&huoiW^+~l^TH?EU= zKu&$mwOItN5q|X`>|SLkFBGi5;0L_MKwoNF!M_~RzBWM_f2mYYx_$<0_aEI3pnHT0 zO_Ym2K~_6o7Lmu32Ovk}Z-GCO3D<%47CCd6_iPDnwq|v6&w;KaRBFrkgtGq{OQ`FgIY2Co z)kX+(y(mwcqrJ`1% z1gMc7>`a)lSkGB0D&*%rwc%%1*_y#M%RpMml!#DtPg?jsWiV4*D<43#Fj%smh>Bzjdes}Mij62!s3(|e! zKu%>{wEw_9fN{F5DiU(h3iwS6d*6=`?qWxL&eiU`&M#Av^jp|cLx%1a6i}_;7-y3K za>jiIg5m#)$BfPx^fU&Lrmj{Rj9$?Ql!Is+1-98_}=#sGQk0+A<0{-PI*EK1k0^&H9D2S$2 zkj`_FuWHryU`fBwGZl{QB6zcrdv9=fD_;l61r-KLy`B15RiP3A1_#AXO9)eLZC^W+ znDGd0q$=m9I$*tquAt%Tjy-OQ19Fyr9Y8;hdPSWH!D>rhRzvG7_eXeaCtLF+7(TS{ z+Gsh_scwu4qwGUzd?>5qX#W1WPeL|$}mjbbEZ7*Hu{Z|d!1yt&$7}wRGR*&=l0WwC7W_SlHdSp6t z5#_ZRmRA{4-t6;xr8L*B?~Xl6dPT|AkZ|{y7*C}M_ZheroT_AqhOLRt#)@yjK-ynw zhjrVX?A5(+%ghdrD{#wG&fn()`DAFWX`g?9NSz2&zsEDtSyk#0mUka5wt7Cg7ZNZg zk1>84u;Gwl;b3f%5lzZd#toRS;xancWYBa(idtC_UY&O}2aX{bpdhNkE0X}1<+Fe) zX@HYoV*B!lg<6M1>sBD>YPJB%g=s6o8pxq`&Kgb4G6Vc0pt9Rzc#%{NtmFt?BnaDF7pGbnim#MZq4Qch1dbzXkd={F0t% zC!3EWvkxCy<;ZyP{V4Ve;A!q1x?QX2{Nav?mafVZPr&2%Q+<7900k z{eAdY5DITg`n?x-4hgf7LM6vxA;Bb((kVrv2?dMhu@O;!rRtAWp0wEe4=#+o#)W!xqjufxn0v{rjWiSLV*V}g+EeH6u@okGG)#HaBg%##+bq+N%<0Er-^c5$K>jM9 zAdbl5?fXuXC)O(S{R4chu{@-2^NYi$vL`-;$-h&f!`#w#gputKecXW8CKnY-s3T+=x z=m?yqp@?m?*UlG@d+3@H2 zz9GWs%+6%$(mVOFZO-%=V&5jAgZxx-Sk=wOxHze3D9j<03-=Un8>q#Xx8ebCEEAY{ z!q%H}L|F}Letpobt!apPX#RtHng?GwM!~x6-W%_|>^6N>HVDw`4+I-8DFXDW_h*u0 z>#c##x8d%-Bn?&utPkHk=yGKQjS!iba8!0WuJE_{O#gw`T}ole(f2e(yj}yjl}r+} z!0f#WS*w)hyktCuTwyczm&wqwi9k;_va*E*7N4s=CwEbI`_UP;`}ej(i*Afw=VtrS z)g2_FBNddhwHbr`TH4ZhbHJ=xf+D%TbsvHwxV5vQHUWQt>vL0?+fgz6jT`!tEI!gN zd$1EX@sl2}2i9GDbE+k9YLyjwD_+_*+UC~%jHMR7#D;}nS1ShsZ<^yzXOF`Il|ag# zU~3zeD|;TfZuz+KJH7(?)b}aBQNVkF@pBJ&ZXfY~KKC_ykWD>0vM0!~`%0XR&RZ4^ z?G|=2mE=u*{Z-;`XIIk0w1HvIM_MpI8DPuOBXFIFrTn<)Hodg)M@cZam2Ury!Z|(O zGJpcjoor7;cVXw3_fNp=P+gQ4M$=>6&GP4|0f~t)h3p&kzXo^B_w53Rpp6^oV-#>p z2+%q)mPQ9+zk>ftj@9?xR%AE4-tL-8ds6@pj;e2`0Sc9(@iOVy##;ke;|ky=yTeR`cH&%xn%tHKwe zF#-A>0?tP$CnM5nlr z@(^+Y-N>pC;+PAhAsOaLPlIQ`fZpxl6+MHt@L1X7kBb-XOzvw(f4x>X3T;Jji)Hs_ z6ZhdBd2AzvB&w4`tqbv^$hMS&+|-bCTW{CogJC0}8v$q5;Uznx8ao^OJs0OOX1Z|! z&vaRYssx81PuCZ5Amr;%W(;@tF>4Ei z+?jf@dtGP4%9jWb9i3O&#;-8@ctpRMTdF2tS%kxO@rq zzj6}>vjzmlDn80rm0wNaalD8F9iEKMSM2G=tmT*fPO3G6Dv0 zo#(JizA}QpFIwQ?E5~N7Jb-SAxg*bWdJzj~<5JuHE7HjwNHU-h_3m1}JzL#3(^%kq zKWf}4!nH!@k7rTA2)@@)$vF1T+E4tQLmy=ly~%2JKk0_dcXX0l@_eeuxSQGs=epd% zogxgRudx|0rTLcYI%s%5yh|gHhDpaK;{wX|3I`GHSi$Q8A2??~wJ2U)e4gatx}2+D zphg9cQ07Z{0_S<=4RqI00=5*rE*Fmk$7_@g8eDy)ka!$`1mZ4*sx%T08Ni~zVt6x#;JmtJDdKgF|`vT9xTqIRZV>m<_c zw9^V+Z{~~yO8-6`vCCX=Eo-5zhi&E$$79~>eG5O2R%O*0R65<7geSHO^`oJW&@O`s ziPu#=o;@VQrd&9#NSpX8POT$!IQ!!)+WwFq#1FPSYypKt=D(64@PSV%S0fbot&H$* zgbbK`+uzJv_Tp7`Kfk|+vED}Z#P|s%YtPJaPocBl{nxaz=lVK~e6RW?AB3lcTl)Nl zOgD}Lxk)%K%nE7-Y1RG#$B>^_ew2~C@G6=iI4SgkSTb;LXsjxzu~R&@offT}RO_*} z0#;jVtmWPecH%Zly~F%hG7gW2nTKU(wz1o|AFcOmI3e|p&~Oit&Mqn96U6@G%iyEi zl3M$v4@pUlwbmbz%+7}?Djv=E=*Arf94JWzdbwAdDp>9qHE%^P)FD-}5ZV|6bg~X6 zs>GG)!GxQnwIFmMw%9|OG?rK1PT{JmUuvK&G*l;%^_xzKwJtDCQ37@;zAou({$6`F z<9i_rJjP!hZ7zrpD;x5}f%e7z0df_+tC*F#(0%@`vs&Yg@WT$AGFNifAcf%-6^r(dd&!+F7eQ~NE>4D@X4t6%5#%nH!e`GK z@@->ajBkwwH?3uOl3mi;usQJbAb3{5IY%9ySRuM)t@V5ssF-w@O_r|k$mNO1u5ApB zZgN<3DI4JxqS`3JX*g4Y^|$6>iqqP7)l;FtdIfUJ7r6G$hW@o9Lh5z`BzJA&r&b!~#LWd&-L0*uPv6YOAxqVKqwb`JkD+lnhQ|Me_vWUMDJL zCj!91x@L*t!9{_=u+`?9c~V*G(YJ}pqS{GO(ftE%W*xf(t#>DnJ1d?V;hE>lqGf=N z55i@8m*2e{Uviw$l)v)h6)NMX{85qCIjT!=w_$Ij!+EYaXVv4~4D+%Ux%-9yZ_8UKsAINQ$-)3zQw5M8j7HT&; zH<$1Qo%G;)4RXR6PW+>)K6}jd^aVeEe>BCY*$vOqn7MeqOFT1lrjm}wgcXBFcbw>) zz^_g{fV|I&WgmE4J98c8UcN+4P3ojxeS)eq#{QOlI`t>M&V_`OXh5u*bQ7ti?R+)? zpX)JFd6>J)t#+LM^ih^aDGA&KvAWu`+~_z3b_OD=h}I<1Yx-@vnnhlSX*s{m|UCca|BZf?Yb_i9EU zEd?G-h?n(20OvswYe#pLLJCW!@{7A~h#w^1eV(>0sfq)YWl|w`_35o`m9_ zr+Lby5lMlGvc2BqX$6^xZ#=8(o&u>j(GPuY3BW$2#zvFPRNaTf?c^u7yG7uGrzRn2G#uj}(5PBQnQxAC1T8WG;XBRq=hM6)BAslnCy}cBp#9l((|Sr3lvN<{hroH% z=(SAs16O4$LMbM2nF7E?Yq0dV}BvLB6tE3_6z}+fb>hDZWuS>B3E&& zP}Ti~kqoP`XaVxR2&z9E=0oh-JSkIVvwloQD;8Eu^Bq}4y{;l25pu#5k&%O|=ZF!# zYekfcbSTaEgr)Bh(JAiqGy>xEBi&|9S`3{$(Sung! zAEjj$x@9c+NEPHmB9BxVv1JckNNGYNV*Utp%T5kgAR{yq--F8rv3;OtsFnVs=!VPd zw~45QM-vZ*J9bd&<^x(;?_v64RwL7@BD*N+Qs z*24ef0UmD7oW!XV{!_fEX*>@bn1UQ3fX0neyOEEZt~lV{-i`igbh>r9j-XseRQYa9 zEM$YA95!3mafw#|9)r_Bt=2Iw^gpm;{k2?!)lAF^OMQY zFIDz`U;k&_@L$&lqSV*N5=3x3+nJWp-^+FzZs%>tKIsa1^B2VH8J_-~Pe(LgBG+y< ze%9CT3eBDHUjg7LgXG!{Ai`!5VK=CV19WZtU)Ju6C2 zB)u?+9o1%U8XJXkJWu6Juo1B+3iyr4>-6QykOxRcuE--R*tb^65g@l>jQ-Kit;N=a zFFKl6O7Xz_H7vEOdZfx3a?_FK??7^ga|@UP(`fulL`hMsxPeZlwGr&U@ydkn8PV}V zm>SEN{K>{4lpS;R98K4YC>;Crv&5!O%j%7o(#Z!WzAi;GX97Y`wXKwJcuMF!HPMbf z7;{OlvBs8JvuAaQu4zV=p>ix&KA0jn0u z?L*WNU+lw<7o?`Eci*s8I!ClLjfVd9IXeE(=j0H%4vRN-T9(C4H@j7n%1hReY^#xM zy8;^+`?+FR{3ngX-#j%RTR=L`4hZ<`K_LS-aiTv%1+Krm_UWLuopa7-&c@BmKcQV5 z3f^ELUCqn4vU8N*lJ7zm9JG^R-M(S+%2#$ubw21#i56Zx7}&bl;Z=)BYjIhP80lBM z2JABoJ$xN;GO><{>lxyAO|^|HixpNQC)!%h1mm8dh0U|B@k^TDpx{)gKC6lrqD7!QBG;!s7q4E(FGxHgL+J3xIS9)?^mo3gDC6fBa zS$tsg_lmAd3aT^X&L~Jhvm?$rNPl4J{7IZG$@4>=&$t%~&o`N&Q~p55dweQc;Q~ z3300YQwOha7Ksq`kX1v{U8Xea6^zw`@6B0_L(=n5vBTw(xQ*wZoypgA zBlj!=d1@QY({tbSJ*CLS17x!HXx8IRA|JXWO@z zVg($I&;8%rv2Yx^I;5abQ`Q-}oc)R=!ep%>=rF-n_YGt0P{YoS2XeBRWuLjD43F?M zo;41tv3hsz*^&(=vn8Yo^OOVI3qqPH8e2`=km)S#HjL(>k>1|j{FFOS`MvjZ{&1A0 z477pd%rFP57N`0{lWTY11@UGrK3j}swD{J0qP^@11a}?v_kr@s4F^qC;koW@1%T zHmxbSxv4-GKW~%~$=zx|g<(8%DjdS3*)c61Pp;1zDE3OIC04`uXZYgk?UrYaeL5xZ zHF*5<#>79_2HXcUH2P8!QJo;F;%v}`%NDXU+@U$EW9`v4ZG{52u2SOBn6b*Jr{UDK zLGXuec$~`Z=}_if%jxKZW`^i@n=&(S*W2l_Z!Un;E5-0JwZD$Lp=3hp3_KJ-XXRfj z_@ZJjuk&#Nfu?^UdE}MBMtK_#-jI~DaOQ!G(~$7+AJwomg8<)ehCli#;NG}on%09?762?Q1x%E4+Cx{Q&=-Cjs$a zI+F0e-U)1>p=Q5qZcQGpoXG>}y!z3SyAc6s7R7b#`ekI2iJyw0T7B*KI1vnEqXLNC zKS`~vV8a1j+UZdcXCH*}8I-08?Q`GC%9)WSB-2`g$GWCtID!G>CZJzH0R@a}H*ozNf(srJw6^ckNJAYg4$kFIAJ-fQQI-NX2V-n(0MvVP^HDHP8&Rsl6p*Hc z-s)KpUXpv5G-;5^<9at2U7jRb0XKu6V=^ljWu(WtHW zSdx+;%<$_W>NMSOOzHQ|#$F{D1QCyR9QEvWKD>k~Ieud=(9)W5ChHa-k4`ZrK5iUqUfg1s)z zZFR67wcnG^d@wIJ7k=a$bEUnZ`T8+n?6VVrA7p-Aikl3|xSPcqw;LYIKFDD-wkbT_ z&Ifh)g=JYyWbKu(G%U+|No&RG39Z^TF|Vy5ac78mq08k1v?lXC@jn1NdV{;bQN*r+ zMaLo&g8p|ntUmH|Hx^!4MQ(=(5EMn8HH3doFj)OfOWUbSDmA`NoxU~i@LD4YKYaF&tk^)$oDTMHM&I$zb6 zBL{6i`f}de@MU-1BWd^rwJoqT2())D-|QN+-RbqwT>rn8R)uyQ46n)0LTg~?rD2m0@ z2pwpijrEVko5IK|Pmp3cVkN=QpMO-pUFgwxeUCqI-!Gu>hP#{$U+AA9&t@c3Q3w&rObmo+#MqJTB({k(|L1ICXZ8f_lZJ3Z9DziZVtMi;oF$Nz(dGh6sgMO z3b7hLsS5fnTK`jWz_?NSFQf2?PnOA7tyN~4Tw19kO8^fklwz2=E#3Cbvi+l_h4q^r zZEr;yM$4)1G7E5B3l{;^OM(CJfvxy2DtpRAv=kenj=TH^=sxJ$uo5sN!Ujo<0l_U` zDIu_AfUkouK)bf52jaLeCxYX{e{aK@I{;c6u+;-T#OFDXYmSUzvw!X~;Qz0?44I*u zB+gV5BlX*OYW(^fSQo-+@HJ!BUb(8$ONy$A zPj#@$MSy_c3^f{6xhQhkAOG2f?hEORK0rj<6{OWM5+ZqXgR}jT*OursQgx->I3G=J zyeIOjtJjGKKX^(pQ*s05dpYM_#=4iqrhN3llq2P$37^T_InD=v#Oc^o{Ap0-VHq4N ztuE~rpQjyJCyBR5U5`eJW%zm~%#1eLI$7K*e`R{Xm@ceRZV71RId z5Vi0mU(fH3 z`O-fxS#Cdbhzje-+7O=WfK>SmB#nb}l&r3vSZ=rTPWg<0$#p}Bihq*K^L8BTf6J8{ z`qMzHHlVD4Eb(0-YQJv@)t_}giTUL)f#42X)WoH2RmPH1rqy_A{Xvo_U7GcCQWs<| z4CHgiZ3^DW@Fg44rLUkE?DY(ZMOa=Za%JHJZAMdc#``|&A-If9bbUJc8$7*$yxOUN z1?16N$eQrfd#v=NZzO&D`K|3Qv03Q%@Max!+wG{*S`xW7ncNj)?P*f6dv^;(S_M7Uqa zab>mhxiXQ{M=wdoBo^QDtB@YgFb=|hP(v^WFibPqAKog-lrIkjmInlDx3;9QZZ&<2 z(|!#iHZSK7BUv-^31QOz#TDS=COcvnwGdoVOio*C&vHj~sB_P3yMRI%pnNcnMlG2D zvDecqGd)!*X`r0&=rG8k=2`amgmj{uW`k=8r(x~aMn_3$)323!=3(U21r)1z@aJYu z|D-}FSUZRVY>s!WaylrtYZvwUHZrY9vzC&Lb)TgjnHJVhv`Q5%wj}~k^zE&4T5V_i z{#J^b`2u`TVdHPD7W8QtD~mYNWnG7FSv1ryKc;hmNS*)@7A~+lrnh&e4mUY(`NVg~ zI>PFn>5`^CtGQSVr2NZKnl`i>G}{n51_T-Uz&M=d)9=g0tfQ`+C-`$5i6BeB_5~J(AV1e%M(|d$)RPJT|1(eMH=d&bq`-nxFh2P z(ra6opAi`;@aBVnpX$juS=Or`NPKf8eSC)?(&E;h0#m9j+9AX z`0TX^68bY9@MjnK>19AEBJlR_X^+FlZeMPlaW!U1Ll~YZ8H><9Q+;>Gm?6vL927(= zCl(?J(A3MeojAHwEq_$|+tDp=DQ7gTVY#BK^Yo!I5JPwo8IboYs zv+=)DU-;>bvh9;t(Bz#6$>V(OVt!yj^KsP=L>mIS8>Vuj0lZoRU-I4tUth=EK&Bn> zNE_)1XvnG);v`Ypd1k!DV#L1gb=36J^k<-32fhOY2sPV0lE}!J_POf>(bC8@lfPpW zDaDs{-!w*x$>@fo`~{V@{ya}v(m7D&r~(SsOm7wb0g5wIy&;7mSOfRIm#&m?zct+` z{9HNHzY5_oKeTtU`8dG5V+z!@JaE(yQa}hwUkw1bfBuySY$e#*sQ!t$`cASr@W^Yv9fT-4+;<Q&D_KrMq?rP6r7JtzTU&e#xV(s5-F)KH4f(fx*jI3s^O_vV#z9F89I zq;MP&d~lsk?~%h!>^0v3so3G9HMbGpf4NpL^8wUX#nl>7p%FS_t5*;1@OH2dLnaClzmNj zomEv@k6~YnJuJ**xn;-&EEz(xw2}?r7sb@U5tKI^VmL+}(8v-1^akECJ>Dp+n{18qlA(?h%LKfd-kF(_(%-w8#umG#Kx6e(dngmlJDRU* zEXJftVX#}Znjmj447gij5WyK$NAG(lFc-bs_%; z_P2!^#%@Br-(T8+R+H2JCgo{=p8c`XNJu9ezUDju@F$C-2(Bmf78!mKLHK?R%ANq! zeP4&UUd2=wzK3%Ex-+-C{MwM}r0Z(rDtvHPfz$G`f4UCAgn2c*Yo+7iQ}uwfx+w0D z!Pns>RY}G-sX>+g4hhK+*OSJzsMZ-cC6wRIpW^*9_2PML5#w?*E$RZH&SO9bavPMo z(xt-K&=eQ!LFwcLqsM}-O~@uU+8Kir-)vbZAttCEFf~JPwB>K8NMnWsHB53JL>C1 zy=j*MWY!zS2$MNV+A_R{ZoOdP@*5m0LlkqY=%H2OUHJ|&>aU}^`Fg#U9()rQ&QLU` z$-Ry3(R8#cBbQ@wB*yzhp1}u?de2Iph4|MtDNd z-@RSmW5a_kijIX)CirmL;FZ$QrkkR_`;&x|QH4H`t9j^5!#7(s_Vc$6jrETB7DZFg z8O_577y2z6Sq!K6_k2uk5+sF>yGdU*<;%Mv17D>?@H&-beMEr>$`Ml|cABlK5u~c5 z5Is=pzd_}H@bmwf-@hC~lVHPq#V^l30MR5eg(fmi9D91L5h8)9-RSB^#Cq=q2#)9D zzE|ut2C0;IJumCxYnyKQxRInOq(;IHo+uyxXDWrYZ8z*fD3l6tH~xg>D&(X-!5!|Joy+4GFg)dJUz-EEES+ z^z*1Dcgr@j|J-=}Jo86|NEAbE#oALKlWz-N1)W4UOl*#=uf#JRlG!=S2>wyyW)Ml( zsGv9{q*gn+L9345UTB17J}F-+tJ5JzAcL-XdKY)Zz*muBg+onH$lm|rf90-Aqr=zR zp6E_uWzGg)yK~HqiLRtu|B7oIrbfT_`so8F3RTudv-VCpeXwMibcd!%i?a{pRx%wC z4_7PNBSJHdwfkC}4^;Ru)rtUe9xeC&=QKDWCAbAdsfSPk`Lls;N*#@idgE)aAwetH=X?_Xyov(BhOojVvT=Cw+b^pipt= zP`Oz|os}*5{I(oE7>KTVDJ)bDI_yU9cn*-XL1WNVGr!-=2-4Le{c;(u4qypCdomlYd- zjG9JrWmqmd$~A zkjxv2EW0Q@&v^6*kC4emVxxAnB5pW$RQf;+< zw+8xE?=^BFpE38&9Q)_kFPS^33`xp~ppYD30N_1dde|^CF?Lr^BWi)&lh{SCyrM|A zc=?l{qZ1nu0dHPu9OxqS>a5ncCF^zTU4%PZ?6UqrAIGezo`;VL=Y~^5+HM&-|#FC@-Zn!%sV@KY1AagUx?`%r8z=kiN>iX|-gt zr0L3DpO`E8Y>2&1uT?1XwLs@6k@E~VxgdM5vz@!K{@rF%&Z8!v2yOji-`)7bl<|7tO z>MTU^({vD0E!U%-)wCK*zp3Dj)%ylCM*!?-ao5>(RS%GBW__O{hBwthK8NH_RXSW8 zle(*E;Qr$8bmCB_1w^gaMLy2eCGVlqze*N2E>Z_`7V=Bawc-733#**HA&_-&j61HY z=yRf29+$4$i>_Fb#ixZJ->xwNxFr_n>+qub*0)@0EmE1&fqivXFOJCd_$;mr(an6K zIMW9V!xe|Og4i4!C%MB^vMM_mT>SvQ!E#BJ4R5lCJ;9<*O_+HUOXp7)Gj?>+JP>Ld zD%1$z^U}0OS;q2HwG#6IAm0KoeBrFFdC?D}#RkAoLkQNr&AtnATSQ46)nkqhnaNQu zn9%3@`At4e1jJ)+=XfW^Na81y+*TLMHRSB44lRGitwY<#8PDNHP6TtXHG0(1HOL2!B>)tAmdm77 z1v+l)Ndoq)z+Wa*b^`J#2TIc4$70)s8c~K3r-sx^J-lcO?i5-!rdPh2Ec9+TOokIF+Bz^hT=PpZ>yX@CF7#)XUM`8?}DKl>dn{z^$=5zuXN3k zam#p0G|Mg(SQ>8!j*7zs|e-_rPzfN8g)S|bLwuk&RA zorX4G_KJE0+jV7C>357=$XS5HhvBAZU0Ff5GO&o(IF$m>3J)--B}~A!vz%DVSH26Q-Vur+f|rdF6UYOJfrJbUPHY17Ke zHDFM6g5ebizGhUmxO%qU5{F7&5E|V)S~E$TUl@_Ja!L6qr4{wo`Hx-;0KzS_4BrS4 z0Mgm$hGxL1q5{S;bK>M|YS%py@B5{ok{_afw&!?xW~av!wH1ARz;|)X^1YM8>KJc~ zqaMW`!jA^)Pu;mrQDUHPFcaiu+VhgE(_lt=)E)S-ryo5sJdddYIl+3YtYPDYBsdBH zJhLJ!(53zHU@%r>Lg}UJ=S6F=FT*u-+!;WNi6Bcd^&xisREo(tGH0ee2A@5xb=Obd(_<6$sUnX1v) z9`2}-#+rU_luB`SlPL5(mZ>3sY)w1L?QkuX3^}$BMz z)Z#+BoTem+Y1iPO5{D`z%0Lt3puHA?ufTvDKdA%IdFI4DHFi?@s-PQ%N6}e0CZiOp zGU3y7bRu70?#seC(g?@r;#v6q?#}m%S+=0rirEo(BSZ1AWq``gos_CV*Sb_-p_3xj ziwLHxuK~!JvANJ+^CEIH$BjK9+(fzz315NGPEhDEZX4QDw&A_p{(VxMd&*})e<5Vq z;D@fHJF}uWz7*y*wkb|7`)LxdGw&M)6D@tZalFOZow2ufGFJdxD@W7%MB5(!zI=}` z=@hm03rdjdw6(Tj?NpI@J-JnIS^6QF((@^fz^xIlac`Mwa^aY5>Ljx$KNtXXO?s% zb&ds9Re3$-9P&FkNO3LlcJL>4 zc|u`%UDMc<&xzMWB>3e=JmAG!V#2Qs#tH%kOn=oOz?xpfaL=9M$z zDJPlbE>cyJjec$Zs@`+Q^J=35-c=4s`LjO14v>nJCbEOZW;+!Vx}ev@xVb4;r=WF9)$VuK*bj-> zHfRPKn4WtEaCaik$hbb*{^;X1E~VHgA1EZGIYn4pCsbBDU~)nNzUs_;-I>tlEqpZn z%4eSJRM8N?$@^I+Z7S=gnd|*C7FHFlLcKWNrwy5YGcF^}9u&6*cs0V+AW?>zpr`PM zUz;+D^MTV?E0py9d0IomS*-C4X@T(@4JUfKy*^;BgXWdvX5`e3nr_=h+XYi^JeZ}+ zc#n9|r3SjfhuuCI3+KF@+}pDBsQX-(k*OhtJj$tfg>~S4G23eN&^cj{Jv{nUn6*k0 z7tH=(*~+zvZ9qh_+*FG_7E$;Q(2EMz+I1L>EqP#QuZU7I#QFColQEsLRM;Z{0`*R$i&McnJQqq>fHmy5v*KS z-nJCB^Uus}44i`jR-(IKfjhQ44 zg+$jXpnFi zx)BCZQW^<|7?f_wp%LkBkVd+jq4C}R|L45#IbYsS=Y0FI7K_CKX7+x#_ult&-B<8f z#XqOAHg}exkA`k8PBXr0N^Jvj<{~C-BG!9gzn$|O;vJILaO*CUV_c*u_Tf-^#l2^@ z2|v*xi$2FUeM$2uaa&C4t{mUIR-lLB_ugq^U>!drdb*o4Y)MIphZ#0`vCJ#3%FJ2$*nnKts-cM+!OcA6_Gw83aKK}@I_84ZE*oS8vRQvtq< zU=U}ZuD=pbOG@T_Cn@{M_+zgaAS6v;zdu*MFIEFPdO@SacjG5xBwCX5&@5a?HJxf} z;P>XMiGGUAXW|f(uH<-0r}<`?A6r9gj6}w5;78)xoks(}hQTE$8#w1Mp;L|Bk#F1j zQuxiBjTFyGdA{b}B8ERowS1Oy#%C+Q9)|x21_`gA5ni>4D~FQNS}C#C@5-qUj?c+ejDdgg2&R=H5nJ(10a7+VB3Vvxa%))_Z|&DUxWXwyfG=6 z@fK*kN~&Znk|;&uC3gp6a}UY1)E`hepz6c*zTyoFz({Q&aJ)q} zmVVwB`IlqIm&4}J0@SYCvR%^8)jl_0lyhE^mok2zqw4#4=V-T0B9INdO|1t&JcR+o z(;to&+Vhm6E+P4`CGLul>zrIQx(zpQc;tAW4_+5fqP9}~jz)o)1gAN9>=gF$uG4Ge zHe{pUuiW#~T3X7>`~`Ey`5$Zmcn5DY+y>AZ&R_5)fUgyNIEAenIV3i4T<8FpFj4Al0KYv-geux!+`%Tu7+Qc?@ArA0<`Vs&li5n zpEMY~Db=SetL#b+R?N{SpkHr16&OA`YR70rAaiRU8K6<7C45%f&9bHOEf6?^a>14> z97Fiu^a1?kfEVv%LVr(vSZPUCGf{^W1=mF2-G8`&9q#1tbo0e>6Qj_{`CgW-o7>@v z8e##DHF{Rd@QL;7mv5~+`g{pvr5;K%KmkBrfbI7F4CCz?z(1X;c_()<;q)6Bf*^@- za4&FtGZ{n+^+{omd{~Ey%a|k7Z?#HzKiQmov6Zzg3?$r_wSARHY=>Evf6DBZ39Rx4 zxVR02xDuNfebwurkOzRgnltwX8-!ia}%Y0Pjcj>GQo-th|<8Z(XUj&e4By=_ae1WBFy zV7V?~e%A)2S%x6OB4!*A zkT~#g7;)1a#b8Jw5|^R)SXaloTmnRX1v#7?^&<%lpr~vNUaCipmRKgSQCWKg%e)qQ zpumoqUH0TQvzfgOSjSPVs<1QFbQNXs+6|_cMGW)pXQF@G_&do;Gv0tXz318n7qVz} zu%D_|L$smnnw9ObXON$*6@VDgO(6G#))rd9&A20zLUD$OC+&flJ=&5<3-E$vzOj8 z-pKFE6gzYO&Bp=M8nM!2<+C4b44r`lj5D35i*jhdZDh72<7hpFhpN_eO@@kX$29Ti zdWDbyl&Uh8AooePt|4acrO5;4mum_y;-`m(eK%r4iyiiP4<1)l{GB5@$92%GrN>BP z1HSS0zf8))ZbaX~)+pc>$Ktnnwkh<{{ilP(F4Cl%i&eW?ZvnvDoA*`FxX6ihmBo7D z`O{dS_Xh?KS1sJ`JG3S0cLdy$3y{>hIYl!5r#7AvpnEN^^Z(bQ^p49v7m@!FX_Q>=i;b)E8TO-e}oEj2M^^}MOJyEC6uD#0LEMLJ7hmq-2Nixqy^Z6-kB=GtZL{FNCMcAH%H0KgH-=!v29c#&quQMfNOflUg{uAOG}#cHWz-m z$98*acdhmZbTXrHy*aLJFaQ-xsV^TNhgu5#taxx6w8QVXgj8XWa0^(Ra zWnuT%nP@IRhV(MS)J+B4Vm`_SDUDl-``Xm@ajK^7)Rs8F*6ZpLYq|*8P3Eq!f$fuV zKtCgn(~T$~j>L0{Sn@NG*IKTqfHys`sLp=p#T1MC6^#CYJNhsGhN&Yb^r!JgmX#7Y z8DNsEyj(s@7e8O==))f`{hF_q$@lQB#s_4TaMp?j{WQP~9NFC)Ju|UDjHI$}=iHgM zuRh3jStJKwQow^drqk&`(|luW&iE&B!kzcbWSFj3kwKD~6Ub@LpW6p3>cK+Qjqx4! z>wRMR-BE<fiPB0KR5oo~>6p_#kx zdXKfCj#s|6TG6q56Scm}CY}VY_J>V7On}h?WI1abq4u8VZ!K_6aJjb- zZ;cum8B5elOar_-F=a7zQKltdedruhrun$UB$`C5EGA&H%WMCOQ5&N$21i zur6xx*&;5~3b2N0M|k``Qg11^MVRd#y+J!wkzW$#jMQMxEm=oTQ*X0l?$iW5fenyS zoN)+f=;&S-;tm4=4-cyzl=sO~OXkRnK76##Q8sLuE)PEJbfLkze za+m~6(5%d<9D3Wz8+_@JdF*K}(5b}2wg`ZIJ1w})LLI<`f_;J1o2aU^mkRy*T%Ugi z^xB|CEGjkHD`2Y?H#$^2R+6SJ2nzWE+y53%8qD3vXzJ#;2OvV?<&OlC$YaM75XG$agH!LodP@ZgRudI`)^ucH(M|KfLzj|4Gj$60*1DPRdw?W(=+VbE>%7jOauALq9 zbQYhZ?=zhWoo(zY=b1vho!Y&oC@MN^y~LRpY>l}ZFhgdyF_>(pSjsa=a-b|7Gpj&6 zU2{RnTnBjg7o@38ks2e7eGms~TF3jz^EnWw#rSC2{!rP)OA^TeIGA$n>MUW*4deC? zUF%;YvpI#HItz3fncZi#P09S&vOjzo<;v^K&bg!mg7kuT24FSm96 z1OHV-^L}rrx^OF)GoI}sd+z%_9@phP^G97SfH_Nz7Q{F}+J@eFcl`mqi%68#3I>tL z{6}>%PX7k(XIg(ii_94yOhBIGqACxPN83qlM8eOzfoTZp)7XyytZ|Qn3jczVpV`hE z_=CITUhv9+^e;TG}K?LjAO%@D}^OMSjZe8iS$ND5}@tM zPKI78-wEv|+}K1*y?=PI=AJg!9nj0w7qF{Qo2$IDw)$u%T4Lw7K+_Wgch%-{06_ zj!F)Z+#JQ+U6OMH10GZOQOoi}z<%ayvAhj0PhOp>5{uPG;@*MeE)o2wv1ZBYP2iqd zqk#1CKm0bSD(1tc`bwQMyqD))?M;DBIl3=@s0rlbbt421hi_tL1-SkdJ?)x`UyM+M zABHL%`A5gwq#9TQbdV5i7E7v{Wl<&v2P^88Je3Q{<}^Uob89q(HamRzoW{T1&He<8 zvg?+UF0KF>d(c%x`yoIBjMb9OfNCkiR<7%|3TW=G+FGwxC7&LaCYQ)#$`jqz8{f}v z<*c>EoowMB7og)&76*wb&?gM0d0SLc<+7$ zpW-!hW7i7MucI&Qe_!Ll+&2#ns_`OSxVj!P=VO1eiuVCwMAr>bN#>ae-_5=NZpOhk z68=swu9_q-(of-9uH{bm$;x-}sD?^$U8L#Mq^cDfD;_7by?849?8&J zun(-^OMn{qN)eqrECg}-*g}v2#hVZ;5rLS|*HIi(!NxhQa#i?-)FQpeFbEl|L&K81 z`|lV=86LFxW_1_qiw7!;h#Y)4Ei=9tI{FH@k1-N%`>H3Q5}-%^xmbrzXZ3n0VL1AKQUoi3!3!6(tUdDYN0y6BGFYgPp}F-X)1g zZ73s2M6wr6zsArVeb!>@Z?n)!ReO$BTWgr@yEm4fvkheZ9+kJSNIx_Tn4~#u3|zQ?t3pk7*29dX z*8~PfA=F)JQ-wF)7yWmj>fx0!!Td5u50R+u=WrJmkV~-WoH9cj{Yh6FS}$SIwAKC% zVZz+t4xN_5GvJLuV(|cmGW$rSIf4;;K^e+k9nn40!?T#k`a=wF*BS2y5aI}^-4+Vz zjB}@I9xfztwSO4A7XHnoc7kI2`@U01@Db-T99ayE5a{uadU^f$!QO7w1-Q1M)&+Qv zI$NtBApLEL`b1QeQY$`=6h25kgq5jSE9k|8Z#nu0d z;D4|N@+}&I?AJn`>gId`A`6Yj$3a@Uf_t*`GOT=|+K*DEjm?8N=Kr6$xGr?|R|&&B zc+S-8ctpoKVdpe=TYqE=y=pEBEMAoqyw!ZElxdL*2*p3+o=$@6LgIN*Gm z;|X<|^#}e05!N$NY5bw_>*TVY`wRR?6;QRj=H1K~eB)~N?he0!wzxby?z^=!wShYm zAl%sowt4s*)cYk%=9NQa4hqiu7#)hYIaWXf8bDS&Kh(r7muU6=}5LULf=M&E9X`aXtunpY-)peC`xUn+V5JYUWly~XYs@AWI< z0~mQ&WOPkBaM)<%`6axw zq=Q+NrcoV8$f8!4xv|3-*S2<{5qO}EAwrjMnlHGsDMYI!QAzqS7H|xVZr8*{aHMx; z5mHW~KZ*?rJLd}oiXmn60b}$+12e!&&7iI5=QTZ@`G-4lM_{>f3*Z##(2aiTkfpDG z0k~iYE)&D&e;=o=gVVQ0fiM(Kh#YMQ6;lLnnPnv(p4=nBATa(jSG#)?|JU46M_-?B zrfc0;DK6KgE*i(~o)PEsYcBveMs7+S6h<{FW|u+QZ^&bg$uLUfwZ^I;uVfV=`nDX; zlohnDBATSJ$zT7x6YJrzl6Uv>5w9VN8QRiIPsA|*>;%~{>z-pLqT===x!c3P7&N~z}HI;8v2Xd1ofrP?MP!s(jgih|46n@o)|3UDel?jrY!iJ< zH77znR5n^7fK6=)I%6XPRp|;%aAmADOcCsq$$w;Z~1W$V<-w77eyL}CZvu)_t z(cQIbQXf>pTyiH?OWRc5#+AOP6@hf9-o!?&9rOAO^{gAIFP(2j+YM*ISPsIEJ*W0l zPvR7-K$<4DgsKvBHb&6QWcCo}7ZP(v2XNJ)bGjmUD|LQ4B?EA?0lHN5^IPm{#_MZ{ zXSol>QAgA2udiNpJ(BA=05=?Kau=yxJMQ>|>b;sCKqPmSU=ir>}i!#$0x|fb*+<3iGX#MhtE)P70-$geBeUL{BqOUrl@!KElp=bSfc7l)y62< z)fE&a{D!fT(MHMW$yBoXj7vzr-RdzJ)nVh&qR_}z(s?Xb(ACM_%ebmb8R0wKUQ@Xo zBAbra7b*AQ{C6YiwRC_-K{}0?(vpjnR9bMe&575^`-MP$p;ym(VZNQCwC-k2f~#hyB4@j`KnWEUn|+?h)Eo#zuC4Rua8oAj|t5iwPT34v0NwWp`& z%r0!$E#lNZiNePCMe(~nTxnvLk^Y*7*y%sZNv}{L1ND&x;W4>D_#p*juYavR{-}7I z_JBW{lR$gSV?cJKBsW##VL8^`90_Bv-Gw8189iv*aD3Cf4s66d`S|#OB%4h9#ly%M z_)y2eEpYqV(d8w8;7s!71sNhnAFbw|&(|I$Tm@8@Ekjl;vU@j`5E}EHxF%g=m*WWR zu(7II?mwVNqM^H^)nTkDBmbPaAk|dwHFM#hZ4&bL%X`ATQ}Xc;KLg9yXMx?d5>S;5 z>6+RMWm9P8px1+nC4GtI5@rGe*zX#@FMzvyyl{dS$kpXi6IZRC2cZie&fL14se{3Y ziUUj>sI$B~eK_qy~d*w=2zh zO55I8x!3d#Uw%w!^O9@{w((9H(+O2hJP=~d;O-@~BsV@5i;~?&X~> zTzmBKI9NZ)aD}5mG3okkbZ}Rg$FOg5WK1rR!-67LO+_}T&+CfVvfHs8X*$?sGTjW~ zm%Tov+E)K@V|F2lhMP(8!!Yw`CRHrWItg`L-?f$R6YiXBh#7C5hXUX@s_&5T{cUL0 zSn23pFKtQ%sZ1I}*H=J0?{*cLC* zk!$J59wyz%Oc6-5Q|kz*Aa{!3GtG>5XJxmSz&D!Mf=Qib6!weLouom}=hxUVMI;kP z7a%1Qm939G^r={hNj8kf^@S--Imc$z`4bK1gxhBaNvb{EF?x1rbVE|1O?gfB#(UBH z&v_O;M2sCarwSu&I`)s3QjodIq5 zL?kPu+6{8ZoA)?lOu5;-M?%TmE!aKx#%K?Np&EYu2!Q*MR8j|s!K3)@k*#kycu(s! zixp%uI+181zq=0)|Jt$wrwNkM8#&#qYUp993^uXwd`%fEi>Urxc8OsKpW-)sk)BkA z@E98?>;kJkqSU$<8A%tpT>Vby4~U7A_iCLTQ$VMtyaw>pEq?nz{EPD^e$YJ)Ow1ge z@8u&iaE>8^=0_?%cuxoz8gHtd3G{fV?>3>hCF8`6VOHMu+WrW z$8*95$<6Hd?A}S(IK8o}<~(t)B_&UD0!3qp3|U<24v|1)brv8Ci^eQLsgB?|TnU$* z4gp|@5tm?m)%FLJNh3}T92Zr~0{r&=FqZ8tNhbj+?BFY)bn<~;wVjpFE2>3bj%4_y zL_`LxzpA^M^h5z!WDMb`1IL8p9|dQNDC0i*C`8Iiq8oQ-!1g)jLZE0A0yg;ls3*U_ z#+jHwxx(b+1{|GnRP@GT-nh?k9i-yu~@H)$UfQU)EH_8SdEU1 z*MC5a7n=9Bt~{dJKMCb#`S69mXBh(9mJ%6FvAhW`eRVTgu7Ko=#6%7?=^TEsNzi%r z^0AvszeOb~`b$Bh9AWXuTz4*%(_)>9<$7>>+dptUP++BkVoED!57NEXOnXiS;_s5% z^x4ufPA!@bSQs2#qk&NMQ9ohyiN@HPvks{Cz1vD2%REnzjEzV<>*)h=CP~KvR?8=$Xp;q0x_j@zi7E9bc!hdI>zwn+BzC#IE z3T%J+A%yyONQuo3ffvf1*Su!w&E0r*pug{ORS|Co<1t3lAK>a5#?e5&$b#ow!1FE- zbQ;Ax+=vrN<$bc-Gt;G#-^r>z`*Z`~m4n{sEb$Z|4T~-F{(!$kU;2-XRw} z4(@y{17FZSJ);fRr!+DyFCw~AUzSF1lo{E6`W<8=C!4c^ag_0e>L5*r;qRTM zMEh3pssn)a&tEWPOhAo=W$h3^dzj@L(N!3q{PVW_PJi3A61Bh2X0{Aa zv)(|u=<{-M^NPz@IWdQG#}Dsf3|YPJ7D~($&Ojx1och(pcH=YuFzDnTjyyUo!P|xL zp7l`~;Y7?CCO<^Rmi2p!00zk;(_82y_|cvdneBu=axg)s{F7FNpU>6v$Dz6sVWsew zBPCMRWyfHtH;FIJL{}p3guFUlxIZ$~@V>s;{Pviy9b+*EB)LATYr?^v)et)P(t_pl z;DN?ilg))Mk>M%Srlv7S#M!e*F&;<5w*sPVLOM}=*N1ko$+_8^twg0+%@l5`mh!~G z&@xu5=ATcz99zLB(d_rkusi&3k&b^rc9GL-e?VTS^@GKo0S}=bZ?)}~>6#3UY00j} zjexz2`9U$?<@y=W&;)n!=-{$_Nv3&zzjCBohpjh_#gmYNw3M{6v6izu?<9rB_(dg@ zltddQ|J|-t!c9TawR_CNDln|NNz+Q=Lw=_e<6$OoM1_#(TGhnqmMUsG_X)1?A=Pmn zLsOAyrN`E8W~FvMQC}mO%=wp4HBB6zMD%(^OU$d|NyVl(BSk4^b5~s7GW(og5b#c^ z^p2qIlcnBSo1VQvWpsytT0_D$53J0~35;^(KYqNRND%8bR<@uVX0 zN4-Bi@Ndw>Lg0Lk-2v?Q}(MT$F$Zc1Ropb4xQ=|W>Nbe(*B#S%)4lND7a zZi6ii5ijeVPnP+#!&+B>F{QX(@eKB`v|*Srkj2~2elMT$fI=b8S`Hw96f^!d%%Fm_ zWh<`QPbMhVH3N3?K37`Qqp#<^R0~OqhMr-J7TB3h_vHbY?l@MR=!0Z}sTy|7oRNK^ z&aYlrlX{1$Fchn#QzHqgTA<@lMmUwFv4Q8Y?9uN-KikNY(ab{x)3}i0dz)k0KK9WK zH)pq=BHzVdquw(IY8gkpOM+TXKj>q`HF3E2)3YxT&Xwj-F6{RAQ;-SN65DHQ!8waz zT(E4jXVWm^i3LA8Vnw6Au|;)A-}05vYQ8n?1G(CN)wBM3c~#34SEd~er;CmC!v~r` zIRiFKBQy4sp2(v;7@6%juT;8GskZzGS9B5lvm4qzxwnro8K~chf2*nf%0~W&KXEyW zt5+`4AE{G)DS211>O#e(?DR8t9GIDu@HUV5fRj<7_c)!sU?RIsO+KYDn4T^}Y7?rj zghxm1ZGx~3tu6a+H6(BIG1KawZ~5Wm6&qb9*>{Hs_k0)$+lLlZ)rA~mBWC2|g*WA2 zMU>gTak5>%MX<*7!v;`wnS?PHN^gLN$zOlDfK6cN9b$Hc30Mj5qW~#5$$$CTj-1N4 z=^xO*qOA+8lIkRxwlV{m{8uneZ1+}gT_4Jg?_Jnk@WQpRLlf5kPR*HK6dA^V@j`WSc&Q=Gkw;ECFihXYRKw^Mi%QalYUn_1bA^Yk z7>gCPsHK9uyCqfo0J}UXU#o+w;v`akFy%k^Yor zmy4&FZ1!QVDH^TP=)_jv18 zip7MLOcO`1q-559RY5>v%=x=w-=l*q&CMDAHWT5T!Us3O&ZG*jOzgMLmh)x0V%Th}N!&#Nxx_C&Gb zW)yvw)X-2t1hSh&Nh*K4c8JBZFyCtW!SOcc!!Mzzv8UKZ+X`4-bb7%H$#1-PzqrBZ zVj|xJ8=^uuy_48k3|34dvhD@)A%!J*6~*QKDdzrwYFcg`0z7Q>#~rI?^R2I?QuAV8 z7JuLho!T;b?&)k2*3s^FgCY(EKWJ+q7XrB@-+`-YE4|&1SUbiGwH`cPiW{HI2)3K? zjB#?}ryVBU5WlC)c06FJqYEy~XDh`9muHWNyXIS)>wK7_0sS1F@F3FG8dnJkPLX?P zF;1LYV{^@gPvi7Nh>iLkhDJ3iVsb%*dl;<5SNN1?&%7Z_(T%h>a05zwit!#`@_D1w zg<~ECho7f(Gda7Y>8)o^J+%@rC=}{8{?;OE&n0zmWZwraOpS zhj>?QrID7;XT@fL-zRhcme%}y;}S~+e=PayLda(rwW_%D&Nm=KPbbnJcq%2rN4$P z6x`lR)7_OgIElZ4Qq>~nZd1~SYbLk-CVXHNizcJ*nq-%Eliw9r9L#oUZJBTy$xf-d zYWi&FU|#X&$iQ+8W;HfsU^J>j{kY=8SPwdgq6_j(UU@vYR%rVki@#^=JI+AJc*GQV zRSEDN70TxAJ)gVzpoB+yp77U&3caPu3So^V(}_~Jm;ZwdBbf5a>CRVgL)3b+TOyO1mM}o1?2L1 z2{%ON!>f;i*;OU&F1!nFdwMWfX4R+OnsDYA(U~l|t6}tTQ?If3TN`QFIy%4;CTR@j z|7($25#?ua1*tHeYVM`Vtz>mT(cHArT&-WK-5Ya0f=o-?6=}ND zx?|*>{C-H~jYM3|6RGm%6L?qG)gaJ<4yozu-zMb2hoZ`EugnfJ?P=_`EbOHABL41q zv`1}@H#orv6_!Zs8V3Pk@2m5??PGCNO;Vu|yBuC_@_y;CxA8Ti24V8iu{6oEciWZf zW#)%%j`l-&7Xm=36IILMO9NWpTZuo0S?oS(?{kh<&~4Ux?8~U7y~Q=Pz|v69gn`BB z=)??ih&{>BTheaML+`8zFjv5dDpsl_64PVQJw7ZB*v%@(ow~W!E3Tn9UR3m9c0>rx zd_1O1+hC{`jFktMcOPXbGkEgTm5pX+68p9BhwoM^t+GKERPu0fv53!{R1J42RQ)cO z?PBki6&wV3zYgV?R#pZLSVP=@f!$bK)eX+XZ=a%SC{PWOQ}_}5*(0arl z=*7{xR*$sOlaQCY2x@j3`RIYW7Hnpfp-^l9ZK?W;w&t;F|N2G@jNd3jiQ8ckURbMCw0nbs~=EztrM`jgdbKp(J2bQca;LyUa;$s+hvC zx2C^xk;|4Rzgk6?J-$+7hz=&XL_hzW?1oqWLrpm}JDCx_OtHD$~In~u6qr$3olY%x}vR4_W z80p{O-P(qKK&5>^`!m@ggI&z0Dp<}ll@j6>?<%kH-=Zo1GXm+Kum3%=^PlzjXFdL@ zfq!b?pBnh52L7pme`?^L8uP@!hyv0(K{^5gQl&*enurtyq(%j#2}tjRA|Sm9NReKY`p~5#y-06L z551F61BB$p=Pl>`&iU>b=iWcQGwyqzI2Ll>R}+dGJ( zwztJ6!-*pL1DAynyxF*amA~fTFCF+x2maE5zjWX)9r#NJ{?dW}IUV>kp;AQ3j(4DJzO+;m zqs#H0<=Rd*!F!ZQ^XwCNvj%ehGjCrQI%3^+SZUG&9=7hi7y?`|fK4#kM;Qb7MaWMO zq0S=FS2RD&Q5#Xvj8P)3|JtyHLoM<=?GuaE>`M%gIR;&N9b5Aq1IXoKfYxp&`{Eb( z3dk~Nw9EGTEYu9)Kk^tjjzOPou47iwUUFIV@OOJQ1R>HV_C0O{D8ISer3i4{h5)*b_FHe=;0w-S33 z$RhdYqaptJXn*$O!jLD1GjUx=esM^5ea5%V>3Gg!yyaq2#`}haJ~k(ttSX{!q89I) zs>r3d-KcPG1TXOKR*Jn#LuHg=HffxzPe+i)kn`RnF`Tf|+`#dO*Cf2T0ly37SBT%~ zCDf?dHW~vgLW)ic`RvR$D=5FaeBG_y)jxhb?v>Sm|FQ>XnS8pX8aC5~<5kc}+jd6- zzC!!*eUSQv7GBhvv(F5jqdDo~8AG(;lgM5oq9plESwB*vs!9#_V~RydId^mXn6Nl+ zX3&=kq1}5la{IA)C1KG<>RfMPy_ZaSDpv(*`=raRo5zb5)$&PWO)`U;S9T5!8Ya@l zO>IwtTsAE6{O(gbnON3`4X9SBB|&(&q(x5GHsNKKQPC|E3CV{1SBFZY4zgb6#h#%u zZr=iP;y%FcGD|>b=Yf&&#zC@Jq(S5hq~G$i>o4;UV*PFm5B3_?&@}rJ%>0`bG!u$> zUzw^SSrnVe zDUdpNayEM8!+Wo+c0reF!!K=7Gp^*w)O(YsTpgUmsL~)?Wl~;mPnH@k0wh@ci2NC! zd6ztD)#O`Ky*=dySM`go`oaWIls5NVs?y5)DnNmjdaqhG)VWaW+nmF^uowcBlQFpn4LEWD*V_mnfb zZ_g)opaDvYlvah$+MJPoSup8b*KnS2I67P9Qr{vzp%>rWcl^SyaUIh$JlQv7&-l3s zM;6yRF~e=>k+8SKdZlx>v4x)?j9PTA1r^RfMM=>xtZ=6?PO6UsUS8LmpB3WFN@)B+ zmMh26^jGtY>&`bA{rh+$P3=k`h0eqnx59!Sd zsL4J)yRDtNkM4O&rV2CW=5dVA<03aHw@aO}chfLc+3@3L+La8Y z{GwDE|5&7lgJEtioA8g4#|K;cc@Z@a7#4Qi6ED6>+tQxZ6@xvi9+Dj*DL81lJwIB{ zx{W0;*r(Y*y=ot?H}tYJ#v7c>y*QASyH`>wcRG3Q6qYt@oth+p2&9#{G|!m%aSA z=U_hBoo%!uOYo=ZM2Xu?!!Lg=&MtP!Rnu^95IqTU7FOFV^PuG&0Lf2Hk+Q!t(3-7U zp!TyaRKw01HK6USt8M-5=3*lY4_X1?5B@PDXG)fc0oagjpbhJn#<>xExBjtq|6Q)6 zR=Zh>3F|>1kkqo93NM^Z)2(V~JY8&JMqB=Eh81(P{Ze=h;n{{JHxB39TdPj#9-j zAaXwE)ZrF2rPRC`$jVX}6;cQT{P_f5AdzM)7VZ=~oNWDFco-m};+{Ru=Icsc!5}|r zeWiYnf>~2#2Vrg|V~+TUX(>kXhL0i%R;|cqy|bzj;)K-`v|CRqQ?=6RbpjslChi(F zE`2CH315wXYowUA=Wa9`oI(2$(PNG+XObh=XSK5^eXP8-Dc4xo^()%)7T1HG=dM~t z&S>+<{F(!FI)VWzurqQaGeJ5M+vaUAa^@o;$8-jLmJ#F^y`wOCs?_@nqCD}Z33RCv zEnbvsC(+pWk-}sWY-&VWK2S#k_sv z)4q23+l*0l9$D7Mc|GpE@qI)yi(jA}{iD$BL-aNDbT^+Pw4UK977 zh_h}_93<-OZ-C##x?zC#7(fLB6lGnVVt|=kA&_+fhnT(d&y!fJ#Ad81&tjYL$Sz7q zzo?MCu8p9WeGwT` zy3`z?+N8JLN+SJ09VwUk^&VGqFMcR$t;9p$$C^!TwBk;(r9aL5skZUR+28RXGim8@ z(}wz~?5WD*Bbkw)d?k*@cdEZ|7=t7eGv*PQ-ftT+rOLyI^G3g3()1pB0 z7lJ$rbjj^Oz2!TznZ|sAvJLmx9g*}!vtIZjbwA$`u0)Z#ysp&!s`-_l3HA|BdA_4_=+aG7tq_y|f{FQ@ZW$_|~Ar){GgRnPMHk z$d|VK<-&Z|3|ib-FsC8lY`h0)PDk3;4&HiXSvk5bI)$dfuFm{)|HDiSFy8X)pBQZo zOi+mdh}C|5ZnOPZ?k81YIu2fAAzwued7msSr*?`>rdbZ~=9VfbQ)}b=8x`PR(VEeJ zz&J4+te?%yyt6?2M(*ULlZCbu#$!^tXT;R-)FR3aVl-{CGieE=S=xrb6N&{!E1R1nIOH{nt*H;Ri)`XzD}7gnvd@6R!3 zlfr1ak>laWoN`-n&b0dcL;K}SD3Ve_h^q@K5dV!da|_yEe%K?=UNf~f-Z6b7p`PJY zBz2(*9&h;aM8Y5iYIWEA9Wd)hD604P#^h6&M%J%du7+(0k;T%gOxERz<2C7BNQ_Kq zTT$^4Cv7CLa&si>3zh0gdAnKA^xzc9OwNib%19dG305KaGnGe?J`ZdP-W-snjY?U1ODv;;A*(B2pl!gLC>r@1AOM{2ewY`Eq~M zguQXQD%{X)d&)oMnsq_c{oCJ%D2KIGKUPgQHmr-pdj4-M{$1R%f5<`e`M0|d#d`Z? zjKeeF)gkZ_sBe@g+Sd_2T)W~&*+Gg+on~El4_5HJor7h_v(uLqv3gpCHSlxu&{fD2 zWTYXwCzS5!Nv;Zi^v~Yy7f^VH0|rRJLR%>Ga_W9JuTRP!Q#W_bH#_0RJs9AG47&~D z=3$qB0`|TgQHYHx2I^pdXun&sHW=V34;qaDPQNa}Q^_w7;BzcwD>J-)1Nvc5WwYmt zzyKu1Jr{iwIV0D8s%UX`Uq-~N-ynSodT|xo<0T!MO6bxFe148?rHbNKLi=i6qp;vs zyHfip>ib=-%61e592D*=w341ajD`yf)^2?$P}NJ8_TG1J^g{3-h-Y z5Xc#WnPTRI!LR*$zDq(Ku{0kqT(@ps%@-jj@nDisS?gD~Zejq(8))&9;>DblH?}r! zC|oqncW?)@V^iB;Pmv|ay_F^OPzN;HJM6pT4ck_l+9~sC_7}73t9;=!-?V>iX?>|s zNI(i$1|6IYF*@WB=HPhVm=Ckd*(oe6ysyVGFjgi@ZPRM;PM#a?caXQTTXIsZA6;jk z=)DGexSfIBi9HQ;BTLz!?O3S)s={{qQvS2t<85oS!qR; zhaCGEM_N~`Q|raLU%B(R-3`xV_-a^;q>c%4`_M|Y{;z_HecOU#VyL@j4PuFIQtBe)-4L7N#eqN>oErMFIOs2a}+ci|*aK;Ca zuNp4>s%Nygv&pU)CGRxvQ4Z~%-P3pOW=6aBlda!aO8fM@k+I0#wQeF@(D0fZ1C*z9 z;&Qc4>5J3`e|>c^eJ>r#(vvVk!QleE{hg))CiAJ>jnvrca?({5h4;EnRZiJ1lN?d~ ztTAlmUIC>Bci;FO#xORagUJ(=UC@}|(E6^b*dT7my&vessci^tX4ghB1e+M7~ciG6~BbBSZIuO8RrPluVYip?|+6lqK{N>cQ< zDtek6*}f2KSgZ3g;|UuCHP1`YY|mto3Dpcq$Q-}ZGk@PC>E<9klR58M{^G5;jHKnq zp`)fiZ)*|_u00zi0gw80TN`jw7 zt+seTs8la$!m<8zG^!-D&h&`wv_h1o>{)JBd(>dl_KFb0nt5!2i|!z23ahK==P&bL zPRo0{jIS z2Hg%vzb;44E-U#tbS;;9ffdy%lt^0Ip%me7eVeWV_Rrg$`N!T0>YX523EM63{W-)p zX2Uxb1kAF6WKy z9Vw3w+viB(SAtKs*& z_cl)@k|58Oq3_T{Yw!BqER(4r#BkjKts?}nFPd#hMakf&R4y3fF{wyocwA0Tc_r!` zSdskUp`PN#S<^C6Sd%)fR-hP_6RIYDY|zz4Y+M@2`ib@d2f=%dzULq<-?THxO{6V? zW7#%U)q zm2q?^Wh}7dlzA*X*Lp688fPtw%0oOU<=WM8-Gn%OZ%Kx{zy}mA=H<}*EtvhnKI7Z4 zUF?i3x!V`}BS*p2_TIa831xJAE*#dHT;@^ev18Rkugghp<)nsoNP%lGtNxFv1g(W?IP!g(zwW5%qQf=2bBh_b;Df68Mr3iX)W2!7Fr z|8AHUD-SN;a*So?7x`1=llNeEMfp7OB4xk=1DMBN9AbbN=;;=^7j(RYje%i3%jsHb zoW$!G@MarY1{)5`yJCipKv7t~qQYoW=iPm1WiJZrjP^n=PoRHqkM(YMjUw(5YMn`8 zc{LaSiS5)Zb`NW0_3Ws!t~!N{c3HHBHY8*k~0%&Mdc)mh^JxI#w94&HfVlG|*XG?Ki~+S9nnBNQ82pI3;Dr051@F?=K1C z>iHb4oX0foKQ(-@Kag_~p!k%KP*n_P&(#2%DepK#Vy%-B2(4~{wKR<<1AlUX{>CTB z{q`+%R_mBflE|79Nd*+a^)=ioZmwoBq)&?RihjIq+*%ii@y?YGdE(iaX)pd>&` znMQHbXuQl#N^I`)(;gO;rn*5sZ_RAeZRRvXJc zil14qj>9-IfEiTg6M`Mh%p5_qsukvYbA=<%_ROeeMv*Js ztyHJ#RdtM!@`Kg!06FOh_!82lf)E3Yigtm|S3qbP)A~+ugtSnXx*PEcmKsA?_1s4O z7bCCCxjB<*TcaN@UUP1_7I%@|8cxLkTKYiMIeqGbp6rbcs=_=6ROcE7DvTsr;A0@|&H@o$lF;==@ZZ>wJ_pEfM zj?vR0bZ4D?WWtF?BB^+Lwxunr05S{t&HfZDG&DHYRR&D{%dh@_o|=jGqg4>44zCDy zEUm!+G&XeJky;FycUWqk-Hl2@OVG=@S7i9|tX7aqNU4yQ0Yc+gfse zkId`VJfsjdMaYQE^)vLfhaK)&)W3+XyrMos+q|A@n-&=sZjpY|>W}0?s4By08&-^4 zUQg(x3985E7{3^cfMtB1`|NZc_T;?cODiLG0cs$_@=a}}1zYxR8;_iM7}qGjo>Q{0 ze?#9%c7g+2l#6{d-exPvaLPHcFBb1mrL|ei`9NfF&?@Gs^m(`PTUnV>^py0Av56xu@9mVY4;zi^dWivT#A2kNXNb+Nxgi6M>edv^hGgScF7&R^&Hb?p zvQT1F33)GCbkf%ajytD4l~WUH45ci~r%HtQ!BJtRv-SEY@`dT|N`^Caf$rw4Sx^$tgDJwX?#d zOE4q@0RN)77QnM&Zvr8W0lIZekh{t;br*{D=mJGcr4 z=z`F4Af6b_zxyRNI>dgzGEJ0TrI+R$I3>I$t{CuQ5IQ!7+yBAN`cccmEN1#dpQEQoNaZ& zViU-7^gNdKB-B2xaW?&mbf~+|cY;q=nSq6PmD43LM%ZpqP<&TTsiVKb=IF-Tg4!#S zx1Iz03nMwFCl#NdmZnmkVJq^rD}owSCPrPB1Sx3aC%r;@??A`dq>i`HLy{?H9mhS4 zsJKPV<7V2y4dIdVeDi)3nCb;u49TD(Ok;Y3jHsgj%o7V9k*&3eQQll&0+#+)NUUB<6x@`@-qIG%p8xh!E z7PjjDum1yF=IfXlAa=W0#l~uUczwwWHAPMP*EM}eyee*R5@>%8=Q+InaC1Ep@8BR=*Yb~9{VSa4q>#paFLD-R!n^mNP!uD~em=~{dL!wyzafy;c74Td%C zDq5wm==Pn5Ys{|CGNwTvnjtG-LjTd}S^t94#X;C^c*lb%SqWE$4>~WM08w>8_+>zUdGai&l>tu6&B-y z+JDsCr=slVXNe%n{o*(tARk|Dyy72L?3vg;o0*us&};S8#LMjYk=j_XeG)^}zzqgH zj=;snG+w-QC{hQCWyEaRS7F1YNi!ILsnpmpG*i40A-EK_kMb+%FE#3^8nPAFC>tn3 z|60z{e!#%cqwKBK;}|`*9fbzL#Ug#m)E1vDD9UyR#xiN&I`m%*o+dM98)dBfo=smladGr$O}nX)7{K zNw4oqUA*q+T*V%4$je2sBZJGfN0+wcr6%s}Z7`_6o^tpAz96rtH@bA}k!KqBHOMxx z@kX&5(_Qp0)bw=bh3=_hUGs8*f#HXhw0BvPrHh;iW zT}}=jR%jxX5I1{LT3HZs$!)nBZpEJdzaq5mncp8MRtr^FKn}wu-Fg({DI|(kpcKd+ zAxh7@&c>MLoT}u|8??;0?%6n6edO@-!;Fjo*GxjBP#LnRGq@{ly3X|j@v-3IhD7`< zo9KqsyV(}C)7=UDpKws;2b7B-%801TC!DL=S6bbMT~x@1n!)SY1UOTwybJXb8GDES z6?}0^r5J!z&bNZuq$>Eo)gS|NkfDxDzmP_Uo%>7-YqWIrtdEsE z97}t^UK6VQwNhoiDd+)F%*QNZG)E^))4Yegz{VpbEwrlh>h3I)6Wb!AV)0HXnY_t2skd06Bqo#;u4GXm}PYN@xX& zYsbi)^{PzO&Fgl|Z#Nk48>?De=3?j<6f1HSRzZNo?Npi)s0}Y)_A<W(d8h zMy|B|kQD>Kdkv?tZXn^W9ai3nwrV#+Mg_t8cutvz?j-IH1ny_E`q?q9wnZ1gc>;JQ z1%$BY{_{PJ`(s7DY67TKQJ+%<+gOra>vCL(FSO^>VMbt>M8 z9%UtIK=gKQm!5PleKmSg?>@FhF7lCvFL9^z=Q(bGtPCvWJJaEZG(&_|q)M zX{@kwg-A$e9MY<%Zl+Gs+s0ZK!dX9<;NEz>{tA0AgK?)d`iDxfqD$vq4Kqz{)6bd@ZmsM%WDvYtv;=b zx@!gF{Oud20aOoJgaZ7zeZ{9_UlqRC@+S$?oGgqhl~mHIiyV-7`gHvPvxU>H>D1{+ zhX(d!P{jtEtNTY;qk55@s)u|*EayzTXXNv-W~D1l1_IR=6E_>3e`Pg#e z@=i2E`uDaIN(A{e1_;A4ldx+XJ(2~-?gbqRD~Cu8FpT9&{^W}1tSGUXX>BBB!zs#s zdmp0ii3O|Qa|$O=Om47+E{3(baf>jyk4*wr*JD}P70L3%sC#409;L{%3H`>&SFxI| zFEndD6jTk9?f3n<$}5za!4fJ+Tgk0KCnh)LJ$sOPCfUh2!Wvbq;PT z13YJXmPoOW^6Ki*3v0#0J?Pu&XkQE<^y62pg=15ER#QyNPEkNJn=H=NfI9o!4H z2*W36t)%lZF2|;ZMn4-_g#y&`88pw}ioIy(_?)eT!`bviq!YC=oih>c8@4r(2Wtj0 z^1-Vu#;bzmiKVuMgWdHMoBNRxBZBw>KNsk<;)GXch{^z^d|#zWS2?@hA(-7A&)NBe zfqNvP7q|Hz4{^7H8!!5$Oe{8%trwUi0`#AaE;0{`UKvqF$dM~JT2f#5Ws9ejsPj7cV<=7y%#tL7W|QxX3|&o{TZjr zANcNUx8-vKB-(7i7o28zm&zC*f2B38;*(fKpg$Xede(HYdPPgJ^Jl~glR=u{XLd{c zY|@Ztu_{cL@M*X;P8iO9V1RyF_~vypbo)u|b`4IiuL#nwz*l~Zaqx+d zTvwOe(0l+dEWddA~WI5e{D$kmJ*i*i0oVgOZxDe5S3ZR#P8)sP}R~G|GZ1W9=G{n_5-9Yf2NrG8mu1Y|a7aIj%@+dppm@@KHNBKoEOa*g$I)GE1&Hej0g`{N@~sXHAZSnc#p#CT^G0@dHjDrx+B^J{T4m zOXVx~$Bdxh8{-z<)V09&V@d{UuYdrxfh0w*Ev7W!)DhnXZewOHjlyvrb*_h55B{oa)SZ zaICr6A>5_o2&n`+h|gbe^88@=jbWJ6UBCc7ywrh>n>4|OtYDC?pC}vHx6d_$;X^$K zk5xGmTX}kw-)8tQlPL?!*X1^6b%0rY>B@ep%!VMwh5nEo^eK=cU9t;MVA#$8y?Ozn z0$aUY$J4Cu*7*SgNc?g`u!C53@1omZsSP z9Abt5h0BuLeL+_B$QXYmKltpg|1GvAMC8b7cSIXtZ}quOYE~}r^y!xFZmsuB)?HL) z7QUgtH2;9fFO~!Ab`q^*b+b^x7HTy7Ih!VnbVq+FK77L>DFSwL>G3)vB5d}=?&y+J z+Ul?oqKAlTn0lyBeBh*|#M+EFBF5O5d{)`P_tnjjoYLfR>bV9ZAabtpkTiaY)a?2T z>Lr{kJ}>gi>F$Hv=hq9hStEB&w1W@OQrOs)I}%c2YgE4vD%_DCO8dEEASo&a=hVEd zA}qyWN2%gB;(Y>{#Q>c>raa0B&YR(amJ*4=yOn4Qa4;@-S#J|`>$JgF{YuTIu?sNsx6>AG#tNbFq%s;C2o~&a@{%8qO(nlRAppD}U5B8urM(5K zugdJ#)yAPRR6$xJeV_c**-&vs$`7X z<|`POG#iAZ@h!@ow>1-BrH8+Gb6eGSmzZJT;zwXOi@a&6%YohDF8_k_?+795Z6E7MndAn@7QwW>`_Z-U&7=r4 z7XIN(yYT{E$+s7o7#vgTb<)mh5NGFp-iFh9ue`|oRu$6x8PEAk*b@uX*ydHAm&sYL zY}%zyml^k%ucWPm_=4_ukNl!*fT+*iQ}aEXigdIv%D5V_AB$pdr5atE4C#u{-SCV} zZFUvzk$-!-wi<eswSC&)bVa|L9oR0W7iMhko#ePuoPBv9;0Sw#;vnx!Wl8tT5 zlexFHz6V}Xm^of4BR_ch!1RlC&gO0D|A@>0En0b?rC0+*{RvPSlm2&X8IR_--Rq{^ zqe@dKEDh@^DPAxKDOPZ@cE;F!Lb{aNdVp%`BVDhevFtBm-POUm1b6GvaE>18j9V5b zr{%$CP80Uc9B^0L%e;bOGqJR&qdupqI~@sr66MfkyAakU>sH{^m z%lb$8rQ%|oJ@OX7&Qr;3n&-L*rBI+%0_iX4rY;azg#F-EEEGl^0D=&T7{sJRTy!0L9FAqz-&M#M76vE@U87&>24H3Gt32b`L#rLknTIGec;G z7|sb-$mhB&E7F1}3gg+1K#mA5k}rALfGf>$+rG;e>tqR92_2g=B1o%~Kt0q-N%~Y<=K)^F^XA zVkXke6s}xEHLmRb1OPWi%=yjnRQBPa_z*HM_axYYM5i|VVOvws0;OH5>#miJ z33+N&FAt9#_UswGuOiZ?Ou3AdN2vATqd&o z5LO>pvlMp8d1)3aw{~`HB0eZSQ6l`hIG?mQk6vMJx;f>n1zvklkZ;4vRuxhh_Vk#& zk@yC0Y)zPa`&XiC*h4a;&6T`$0@8m@2a(#)IwfRoxJV)LD9l5O>#1SG+9t#Hj&rLJ zimnH>k~yroO<7|9QiAF^=fRWxDctKv1ce+kYB$p z;d{yqT=$)Uva__tt4yUnaj$@$=D6kuh>5$y>&AJ+f(PyN`@=}nmT$#~MqkamfVDqwQVy4tpM@s@W=U2hmiu5QQL7+!^DhDmZ zKIDj0r8r80tvt~O^X4vO*Zk94+2mO@TERxswFvg}E-Nm1e$y=~Ly}Rid%j-wp!4kQc|EJzSNeyAm>qQ5QgUr@VEhmI-z0 zyPQ6y#)*Z2$!*Xyqk>}gEUYp&P0>b8DI6{-vRUrpmCDqB0aLlJ1pJ_W^(L5V=l0Xt z+Pp4=^pAn;p1H)kQnE9a$^Z)%Ks}%ADi}(E$Ig1G*hhHY;cG! znEotVJucvkupo;msw4`!>&=VTSG)A4XbT&I(sd|W4)4&x%ji*&Ny28B8gf4@<)ouy<*9313-s}%t{ z`&s?1w&l3HpZ1tWiOv4ktTUn3t3b09WxyFN1qX$p9IdEX?^IHKa#?>8rK@&4b4$i` z8PV-z2D;9YCC!Hj{)k($HHLV1`w3fr-#;oYSFN^M65p-SCL*_oH+9msNxUo=yC#y}bH9fY<0sye$|GefRItWt-~m=rBsCQ8etS7RIf zYY+TM;XI)zCdYLoR3m6sQTRB%)!?$BzqiiGRE`?x&x!HO8udAr1n{hx6k)9 z(w|i<=^c%V^UlNuz&w%mCBDkl6L%)WjeXSiQs=+RzSUQG3(SQ*0ot7wTl6EaJTzCJUXz)z@RweD8 zIO~_>o&05@tE?rf29vK67Ef7}zeI(aepg)_28T94KS1!s zO|5#)7rEeV;bbW;?l`V8V@Y)(Qmzla_c%qINAThe`QP*v0h8^!sWwhRYus2=9@!KS zKL?urAXMjE|CD%gQU;0gr*1`5bY3edj<45+9>7*CeUdE|>XgkBvNMCnn~Zqzx>4d+ z@}7#MxE+E}tt*w%cpNtYxJ!G!v79>0F$|65418E)&tG*?ZfCM2zW_;Km(q1hMDTQHI3tIaqF$$ zd6h@1ge^f22~6NcSV9s$(&32zo7ja=c`jRi{kT_?+F=dQaG2pVN3&g{jmt{{=mf~< z{{N56_vb5}{u`vfzv^M_*kAMX*Btz%1OEqfz@QggW6-nzX1A+8lNnyNHtX=YXkb*! z$zh%QThdde4d&t?VPGvzT{b}8#r|2*H7p{w4UUsY(yjG z0X6x6;5jzXV;w9E{bzv)U=LFlxV4cZH}%Gv!Fk(-6I!WdMjGoL3F^1wen?0MG%S;8 zF^ottf$^Z$ECxMjsj$x0JL9FV?E2>CG+(p0-{+7aA{&a+drG{es+18xp7-T9N$_7w zMJ!6`>Nzr8ys3LkOp{wq+=3ryHe`LB7gcG1$AiC2CK{DtaS7QwMPNw@D=O7rwk|h5 z+u8dNw9T$0|G3{X7W&-s<&UR(jd2R!8Mb2{%1uWg4_{oD$f~(%rc``+By&&xh`eIDL&Do%ZAb%_0-O*FDo`OcA-sY*wuVfN5^4SQB~HQ(`$cf4a#1OKi*?5$$X zki|ZIgAAz@VZ|}y+&IPk7q{D}-D4obpBhEq9u;9DQwe4Xi&#$W!J+%=93hJ4-M^ZU zfv1^-t26lfyY0(!Uo0qdvaDdQr4n_Lxp>@?Ns^=&LUnj#Rw2YAXO)b9twD`*45tt$ z=`Lq68d@HhUo>>>WJhGqtHt?~eNbWGK-yQ}2KVr! zZ#&)Wo{KEPtnJO`YsG(F{N|qi-rRMZ-SY4wwauqSVD=PIgv~rXClC50f&hbwsoZ{q zxAP$ot6?gKf1KRDbM(N$_}6WWtJbW0IaivEG)7^KcybL10Oeu<-VP|7GpT^WIU0rA z_BSiVex3>-E5$B1zPWsaJ53eTN6dacNhcR&e{q6Aunm%bXn43%`;>z6N$DZ^xFZ!G8!ZS`o?u45j)@K z@m>vu;AfZP-|uQ_VEaFOL40{$R$ReU-nbM4pL3c~B^TJsWNDW7ScP!*sRRHaEu|p_ zeoW%yO~C7bE)e@oopV0%FlHavz45GSe@oO0&84~v0)Diw#uI%pYXZc6F@h_oDSwRc zuSn;F7xmZVrk`JVsJS`1_=!SF$nK{yN#aq3&B_ZOXOCaYdlIDj8Dfa}t0=8{{>53TmMM;^*Po{O8a`hqy+o|;LgdZm z*2$ha$w2h`>5(t6jE&9w)t$Wsyd(x#VLPwk`3JhB%aQ*aC82x(c+!FnpGK{q+#w}s z3e+Z(;L{CU3R4vaV0i3nP_aDD1RJeEV21N=4FBn#T>@K zVd2O4qw>R}cj z!b@*Zn9~wmO2P4gEB;-F=)626kWD2Z6H9*d7JD@gqh+Hxfx*ZLB)Yu-QEuPPdA(dYv?zWfhA zY3lDVdfVER1T^Ixosq2)VWjYiWzsd8P#MeySu=@?GKs6%&Iyz4R1~(Vys$E@FsCzD zGV9yZ@O>kLcU%LHDlcMkSvyo8nVlBMYuEOn*QOL-a;B9rhB##>FHcGTj_JzgM-s=U z9U||aW++N-AZQO~)zro-HU<5^3CGPmGK_pIz^Yp)SkAuOOv3pdGeV4sgR6{Gm};+T zj|$mTHB=>b3Tdb1L$f$vxcJ2!LyxWvOPG;W(K}aycHCswTen?hVMczWw_7hG7xPuzQp)n zI}|y;d34M5y;DiWNz^kXrI~HE^Q`i2>YK(-)XYX6sSO@-Xg{{&DXU6aex*%L^01A% zCm1GrL*k^@KH9vd;#-7IS|_iY>XTO?%@3)$!a4*ub|w*4-Nv#(Cd=*}M z-nu+^I8_lcj9=I@Hl}x&pp6uQv#0N?9ZW{QAbU95A z5;P0Y{^99bXkcu#aoN7TVcVPRvxd}m(=&CRrvv=epj9ELW+3{OzU)yJpbcf!y?*yO^RXjZ3qvK2^s41UMwUtVA=T2#Q4dpkxUS^u2cEEu5`=#)g?+@kO zKr!ZXq2Lt~+7Vj#GeUc<>EYW@&kwzIc2BG7>mND&{6_cUVUhj_aYvvsV3RCQ3+kU+ zT5u*Wj^0oI*euHBpDC64YiDu?ZME8lqBNU*UZr9 z!IB7?FJEhu`sgk1E{N9^+z1RY*ZKO9x(~(e{CgSfDfa8V)KvETM=}l7g#Mb7yVd6i z(pC6v(sywyMB{AA&aMOZz_zzoQ11*vArkBx3-W&;c)!MXIAM%$5EqW_he>UPrg4r} zs7Gv4_zy_gDlhSxM(6#E3ZmbWf9-e@gn4wyCcz$60H`KKM-39V?|fecYP}s zCASjiwf*$RJX`TL*m@Lo{dxZqqba`8;j&f=H#!0g^4AiH1h!fI{4?1!;0getkY5OvCcVE71wI6m(K?w<&J z6U^u#tOdc8$&Mqvhb5jSH@q<#)<$)^OpeE5BAM5pRtfrH?(Y0P*oMK5t%)0N@!LX_ zLBoaN_rEdgF#`!a)qI8kYl*sBgWtUu@!9erVF@JyAE|qx|Juz1C9(7^$Fr!dwh{z7hD}9m(|NA9D3}Y$$YGOFs5Tqp0jM1P6b5 zq&rRC5axe)Q)wnHlsI33#U>2??#IV?Ut0I@XBUDhAnnhJST!i9z$;h`0)P% z8UT_%-0#R!EPms1>Nr91DTvAlS;(pOr^s;*e2=3?5?P764s2=>+DXaq}=9&I*-(aLfl2R3|`LZxlOoKPpAW2(?fAjGg z@gez%{e1xSKo|cXhz>UUKm7~YJ0Qc7xTL|)GC z-3zez12KPzI;9&S`dtdZ!u)T+M!G+cud%RW#{Vr=VB8z%fK4&CWia7F@@bw zQIv|$s_sd|1#2w6B~BFGeu!s0{aCMo-ia~_3PBpIN6g`5g;GlE9oeokclX{>>rs{7 zRD$Xb!LJ7xo@UEyE)GDSPu&R1UAMP+daYX6ldbC~rqEI>SfLa*7TL6uFn0x;+r|c? zwm-V;{Ms)mYPmu+wxgR(<8{pkt`|JjMv!A*`|y#ve=X3MxO?c0 zs|GI%+j(QxnqtEe)qW(pC^Jq4b!Tvl!4@5jHz;#v`I6Hsa(q9>e#$wxp3Tq7n-P|A zag8#t4xld&yvgodr5#qT{hI5SIgt#UpF47(b;JXo)6k(-w^n-gJt*K*=fp85C5ezhD?C8+8U9Eux1O2t}5 zzLc~V=Fu7EF0HKb;W3WNQ2R|atVv3oba8#I4mpXzc-3G@+r3joqJ)ZQit}q??C)Am zSH591|L&gNn)?M3NC^xhNmp#5@PZ}lvWKVPgja!#BlKdjzP$SxA7euS=Ak3wiU;m} z7EtQvM+E6HPy2LPG>44DN~QR{4@Ajd;zEOcVb?{a*E?KaWg^#rlQs_Z1fU=I)ohnz zvk%$L&rE)c4$yaPG*sVoxrjgS*SWQfeQSV=E7(XiLs{5xv{!Ji$ZQjHC(jf-&gV}{ zTZM%~{M+?LxqT0MyFQr?YmgVjVtDh<6#-=Y&U=n+Y|ELyvToQp`&-C&w<{rKMO0+# zaIK(rBhK7s0S^%V777iY(PYn(9#1!n)R+@3Er{*^NIi}zc>XI}YuMTOJw@mg>AR28 zvy~bhh)a-agGSJZHiBnGP8h1Kn3~%CqPhE?*uBD`Kun#OH$Infk7Hn42V+x{TwHN_ zNr3$IWqCT8Cj*cwY!YbzFxg;krj9*Mh{f}xXYZJOtuih?N8}OI`^GTwb1XAS8g!P^ z&F=smtSC`4DEW>*iM65-w;UHED_Iu`Zkval#(pDnqELC%qffkDHX_?Xq4>+@w3^fY zjrp6MD?3f{3(jV)p>Cvi5@0o_`SlLtbd?Pe;p}|TcYS!D6=o1Anh%VhYZy3k#TDn_ z@BgTLGgegmvGIqQP_JXM29p+!O@o(qIb&6ZLx6ZSyG9!6k$j$sR=ZEOS4oTP7`jBG!xYN)RB*SIS)vBa&oK&8Ie z)S+_^a!?>p@(7K5$<{=GjN&2ZM;+%Q^%Zv+*pvO+y3jVu8;} zpcwVG;6;_f+a-4&s+&nt$%UV;@wrdzD?u3%7SA&eC>#DjP?QA5U$Cvx&+}_QoZw(F zD$G}zp}7(Ph?kYHm&CD-SF}KGkyy( zjL^qDqJ!?vVu*M05~A|PYeZ4N71T@3ij)ll>lpOiD61FG-TLBlIefOwYE1Y$2H12K zs3U*X&L&srOFbQC(R=7cY7zXMl$ZK`>@ffwM}+oK#2RZLphKW|!5!per)I-YBc+em zz~icvu{EJ#mM<(;`tN7m2k2uazlSc6sG$NH>pa8}zpBtHZNnQUv=5ig=|uoa=(+XvMUFlZexe;r=VPyslV! z&nPv^Ut#ImRN{Q45}@(#GiZXB!?I$%Lo4EZi`&cLN_?UhW*C-2#X-?~NPiUybh03_ z0g30=7pQ)en&97Y)BHbilR{7u9ttAlgN2!wf_QC5jkK^ z6W$@_q5Z+IM+NaH;Nm2#Mrim98pyTG3V^U3A6yANK6(v2^CgIWyZ>c#Yzl8d{JtIp zvXQT&ZwU$amIVuOfa&7XX+|Ag1|03sx)St@WOu;70iLS=?|=tN8Z@Lxjb+9Q&jxKM zFcIwSYnXhjA}+i#y%ds`r!ayY%RNoS^Pov^&7aKrvf<5kHY>gIZ*P=(dh2PVk2-CWs1N!m(_bRV*Z)&4*frnik*1NhE&bF!wVs4@6flFk8b#YBF7=p@ia9^ za1&1Z*0>T&!qkFp?R~{x{V*i?7v&ebFXxcS~jBnko_( z!a~K)2U4Gi;_jG5HbLp=RyDs>2kLb@I*cv&sv43!3cWee^gX(}X%%^)u>_z3F(-Kr zw7q}y(+{mvWxZ?+o+s>)B zrI5VltML(yNku5ejrj>q<}t}I>ZuFqHj?wN>zv;&X9d;(r9|w);Ds-Yy8!f7%qOJk zi&njf(zp`To1Xncu5hZ65^psc@L(6yJ~dWj;mG$Z@}qxj(|vmv`D&NX?iKiVT>}p~ z*@OMt-B64Y(|s0;sA!4pTl5OseX*sjG+fNj>WNZ+GwDp(ckb{o$llABr!HFsO+xxZ zu=0eqI32V|gvjdHLWqci6N#1(@$)VgC#c9XSx?X=#qE5_C)zDnc{Buiu*#3qA3~Ag zSVZL$~_Kmp(foCda<12(?k%+usR(GvySF(?-ChwzO``k2QYO<}irZG8-H zMlF_3M|Ow-j!1y`hy4H$*E2uBk~aT=(Aw2Xme0b~U#TZ%vAyFR>Y4yFrEz@j$CU;u zfC4};e4*0@JAjO$cIk8oR~zGZJ45lRFw0Dub*;}cC0~3!L>#vbh-|aUjayGfPHeKP-{em zhz0h{MYt28H}&e5tbnWKVFu+X{l2+Li`;LXR*AA{aHzTt?!!TGrd12CL^#{&&%Us~ zRc42&p3dY3reo)+gQt(>3Fn|r%CPg}{aeQYlhYZqw#0LS-Kggr%n!zcXy=tT{-4&Z=SdQY*CVko$0N5T%Ni6Znu@2!J;^@htO*5Qj)@NsNCB5W1jSA&VIQorB zdQn%qCegHXzf3zM2!Uu3M2j3lHs*1pXRA-(-qnxN*?OI|ZgH>1@m~MZT;KD;_e?yz z->K$mrn!@371FA)2$SB0x`2s+Yoqb_H!hqk6EI?+55jcNTzO=4vjN|hT z@0!V4c{MJ*=Jgemx8{pf0W}OPY-;uP$l-kWSa0^EmM>q<7mn}UmwsBss$FLy&R-tS zE%Dc{(tjT`*r+(7$bq9$c%&A}>RjSX*MI9n@=G_lluoQGr)a0iQ9C4n2i!$<6zpGj z@p1lq#mjB-MdwI~ZN1rIKA+6XfA#LhLGIS$|m=USCu+vjPK#jppuAh)DqN0|t z-XRr^e*PX+DaS;DZE-bE%9NWGzI~)hLP--q;jP;g>wNlxkKlPM15ZP+{edi%fZALO zAPi(7i<<{;7fJC+38aV#?s1@t6b^FKUl(bi{>{e;ifCU|kc1c`$Y$X_9NmdehOr_h ztbc)Kp@yJ0`YWjR1Q5~1z^D3l2nl|W<-e+ff``nlK#fiG1F<;;J0;Oy9u4}0LlBf? zolpJM0C5rnLBUg);n+i|lhxmVvkEdWMRbnL?_{nj(dut}0Y_tPeEA=jmIOT+8ADCkT zHLQ)Zb0E4O?K+=E6rm3M^soIp#(|t(E73&%!Y5_20H%+7=MUs=rDx^8V;sQj#{3Mr zaJEjnZ%OO5SPhH5hva(sxkQnzGxD;$*#UgY;+rUMz z2se#gZJ&dJ%-*&UnlwDz)11OCAtjCU(2yUT5B$YUqvB13Y8MX_dpg$sBlz@Y*9fPAw0 zf>#o}OFmO!M8!2v$CaUKEaAGW zd~DAh0iG=AJ+LyMsCVAytv2r6aZc{1=S)nuj*@t~y@~In1e_=TMmbBZoqQw-Pzs#c zXZ0us+g=^(`O@*ay__7Ie?C_Xy;B)YUb~xNgogA01~7G7lh}l|Mk#Fg&uH``N0*49 zl4q&XFC1C*bd`xi!D|KV6_P$R@?&kbp_o@_Q!R-ahoYkFbW8+wc~Ll{w#+jzjSg@| z3`82Kb(*Sp(_#7k^Lt|E*Ir}q5;Q-{U*{O4Thsuy}lC74gLKMRbrqXm2KX_Bz5z`?5l<@Fz z2%KgER)I{&9l3F}>|0qyrT0|<#qSBrNUIrDov{Ywkp&Kk#1S@)e&98ae7{uO%@B-A zRCUoF4p$@1aUXv@9t#P`_1|6X@Ot}tT4T}F@pE*KXiSIxL$&PlTnVmlbwVd6{dfgE z+IZIaUfqv{8X6Uv+Ss3F+UF(x3zH@!`vXt?jEvxZL+gww#Xdr|X`-jy+me zVirJ#JAoe2sE0GXyi#5?cYhi_GrnscoWVe!hzX)wxI&e`?_^Pe^f!OB)gme1T=a*K^m^?XJL9F@7&mE8H54KM}*xta35B%Iel*`;58!u#1_;Fvdv;qml_ne9 z!oK8z)Ybr2!~hqa^&HbC+T<*;{z|1yu)I&7LP>Ct=JB3vsB{-^aDc}g1REnK=<^8P zlg4hhPy0I@Sp>7Brm$D!*o`Q^T9a#Hz}EZ4$Ku=VB*rJ#H6C@b9&VcbHZYSLhqfwG zj8%TiGF6|UG*SDQmBNfoN(c5NZolKqS@BX}-!93VxiJjsXy79L2 z)E)G-0sMWT-~s$^wa#_;JwiW}#uFZ8Mp0Kc{t#LP6 zyUekWKaf}YaL{V)F^|^@j6UJRdFz2D3b{PbUe+y}+7Zi|c-E2Z-`3KDbh)p3q%Jh% z=?h|Y+V*|K7mq5DQ^uXHu2y8W*>4iVCqvIoECm~|Q`oR{_1h8`d}^cxkvIVt2eMp2 z82(%WUT{WU5Sy!Cf0|J_z&dX*tyyHJ4}JPu!(hcr^!%GVc8h*iUEc{8eQyZoshRJI zvTbT)R1l3%q}EVz>c;WoXiPXz>!eDVD`=0(dn4ZrZ1Z5*GI8%F0T@Fpnyr4sTaG#X zf!LTDcX;3OLKfQ%2PQ0c#p{b)zIf@VGxg$w=IgG(E)Ydfmv})AlqUz*H-We3jSqhy z(a3C}fQxA5ldE&KtM}5L56_&|2z8zAyy4Y9Y4A3uuSPo9#O%XxcF?H#16q)YHvwal zmWG~A3{yG(*0MWBsYbdP}*L9HNmb++Kt)`#Go5=6# zzwSkzYxMs2@n_}jun7jGr_YOh{RL_=d)f>Kvm@YTeGOYA z#zvlAss$=Ka=_)F?RN&k{3L%x5}0w`nxk1a;l|VFQ@E7{H26t5ej^hRi=P#F5QFzX zpo3t5ugrHfb2uOgzi1YgGGD# zVg8i!fT-uM(zgDFNF;zq#NbPfS0Ikbki7+`D!XSKkjMP-Q37~77>I&ULN`#D4d-72 z`^b@F{8umw3HhjbSbs1#a`Ya)5d85UbY=gdIQ~MD{~dqh3-gN+m=)-+&i%aS_W!68 zf=Zt3#}Q$|_)~WWwx_9A6THM@L&c9rfaYgaEvk{$XY=mpPa)%$);u|infifYk~Bm7_2L%6MAqJ2lA)$?x2(;IftjgX<^6*qAzp&%*xu3)rxrU zOS$!9-l(1{YDW4A716VMm{^RAA~;nESk1b@nNdq`aGiu^X2daHVex-Knvfs|efM1{ z!o8grs4X69Lb!>fHxOI`@UKZ|xe3V9$3(|cXGNvf%nE2LlG!A{U|ggEI1xOrKGH8K zZJ2~7@KEi2O@D`7;zs7U+dIUrz44?DV{bd0 z;|aHh6}dMr>xKAVNPn8!-_%u`T7Ou5zo^H#7nr^l= z&v4_SfZiV6)$pWSi8m**WhO(ZOZ?r4R#BG~FZ+BC(7`hHRYx2eZyNV@J1u1NjQ*s} z_7;*+a`C6}h2EzhBz(`L!W&v)Ewn}twTK`5@HkbJNi}pXo}<`_#^{DL&A83h5)C+< zemN6fb-);d6mdZKb)hcT)_ZV$jEOmEvXgFF?V7W253|sQwn3=tpvNx-DNvWoZg0GX zJzi71S`$i``pN9^x=THSNk#b8R|x314vgYSR8q_XE}6vpt7vE|jO`94-Me?Us@#*| zZBifmSc;n#TVbjBo$HA{JZnBkoztXxO0*-i^Vd{W<)`PDt=@QvT-coUeoOoSq60x71thwsta^T_61j!qp?AnsdvO))i$* zw&?~-jGhn4nxWc}B(%WP;tGzft(HHo64-tWIal;v$*nB-Fmaj5_p-r+qaGyj9DC-M zz^7+Z*FxYu%~s?xv9BJ;*rs5t`ZGn+eqzrjrM(7Z||cx z&e+pdD$SOBkLKew_E0J@nf|jo(#zhh?lcNKZU3A>H*V!)l9e>qVQAstt^edo$e`Do#C+Fw!>Y!c}16~DF*I=)WmH#^1{XE+B?1pZVYzy2DCc|)H zQ$22dWr0UL8S|*2@%Zgo?;*>6Oj=_OIHR2rtc;1niI3Y=9WHui^VwR2W`qfc}jI zXQp62*TQ15`qQ5mNh|$#whni9+K%891RmvlyVrKVWDldu%ObG%#l)j>P0GIZlvtV2 z?@S}#nGl9xbk^Te9*-3-sJZnrc->5nrEdxCF(%IC&3tITrZee}wg&cZnq%8|^=BFT z_kHfoa+8P^)$JA)K+Xr0cWsbiViT#8a&h*UDC;EtT||^74wrYhp}IAJEmRp$#?l8r_+cl)fsO#&8XN9*1|Je3 zCv=_)FR!NxIMI9#Id^^e&0altBpO;`Am?3xH=hR}fan8+u@_!tw_Qbj3lGS9d4BH6 z=o8TV;~EV0OVPm?f`)L?|~WwYpmpfRszr<=5A&BX5D&weUn~WB&7=+*tCal z3t-%UlK=8M+HCjb$4kK429Bva|9Q#w%nnK~oyl5Ehgh@2)Do3Y{p>f@z>QGTbn$%~ z=lk)kF_7OD1jbH~RIF)X`3aX+&!FP=&g75Qa9XSHH24NS(8yH^Fh9YEoL=dMGOYP@I=+% zZUnbz#>$F}JDUTr(G3QP;30pTgl(M&Gw#gxM&cpQ>2DUH=%X18URS!ux74Kv zq`TzVF(aTTp7EdY_x~U6brA-hh>Li*4VK5G{wq-E>a{+qPd&Q0FLM8soF9*F@i5&!h zIPwe-8;^c0)uDKP^h}i~x4y!MJI;;hSw93L)3kJi96XhsnX)??Yp;Iy%;1*=YZI}g zg@kqRrT>8VQI9tNV?7%ZgL)#kSAu#X@IQU<5Aj|}CY!@6c^haTqmKFca(rsn;iFJ0Y&TMHLVLwcV};`M@(*uIO#FRD-m%y@wn}`Qc;i4 zNWm7ZacqQ$KM-nAIp}~AuA^=NF~Be!XV`cFX!B96U^5g2X;Dlzfyp@pwdM>GA_4{A zbWa9Ij>ffp%hV06|-cC~F z23+=kC7;3f;;R^kvjkk@sCVQk-c!GQ^rTl558>baNIhf(_;29e{E@)s(}F=)Rp;3e zIKkO(f-A;R)@9Yc<952=_>^1E<%Vtf(LMr14VAp971l<5`dBfTA22B+X;Qi_|(q#37V{KiMNU{~pbq5Iz#ZqzaoKtk|&K`F`&v zWAD-ACwCSDjdpt82WRw;X?#kgPweTrsZ8P@|Kc1O((d$C05RH;ynU*wres~p$m(6G zy@YXB>NVb1pX2uOTKSajyxve^U4=gJ1|@VE&x99qa=^8qka@QX={6{%BRf0{hV-)Z zG@(J9`pE0o1$8wNVQ++$*rztueV(;TDKk1vlB|zy=Z!ZsNPJ;qOT6RJ-PBJd->G-{ zsgcJN_=hnWefMHIL)y>EL&o^FveL<+`I4ZHUbfl}r}vpR7?a3km}w6%4>nbCyP}>R zWd4Ori6P!S%?8O2DDT;V00HbAIFfI&dr`~UE2M|jv1loUzta=kQK0=AbdtE4lY94& z&`@AM^-gxv;%Yw>La-4-&;kj0~yh~*3 zP3#sZUgAmHPc@m*8C>6Xk-?P>Zao6aHDy(H78>Fe)eswwnvYbe-;i;NP!v|DnmW>1D`lFYM4jb23FhA^^XGlUhuOVLmd! zLL*nd?nxFu+y#OSUAcEAw0X}~T@VPU6`-z}^BlLrgsJ-8dmSZ+4 z2aQt8@T0F=OLr&C>VsX}NaGN#%6M%M>OKJFo-hJ88)$JNhns(d-D%CM6n5`%yiFci zkz_FL{Gs9+)nk{7v;ERt3sk|x=mc;@@PK5&+F<`+yFV2*vf9VkxOu=OtRwJ-ZMCK`%o);i+|XAqEjg*+U55i|kY-~7#tv0epC4-dV^tCeY(RFZTMs<@8ArJl?$GKB{&W=1qZhYl^(ceWiv??*LPsD0_5M)TQ7xyV*13>QUD(N9*${oJo+=Y?@_kq8l!_D74w_@(_$NV*55ec8 z@InK`h(XL>AA9fzLN4Ake;|$X2hP@_2<(&JT(!Lfe%%@fv)JyP#Re4pHdl(%*3WA6H)ljGib3Kx(m^ zNLaKy{c=^7%XG;WUm{m>t#jOm;6PjU*teAwhsyZ^;43 zx-%54Rdx~Bgv7xLT>1cV@B@KO7>;7} zSmyuYAS$`dJ5f^lqRr43l`7uS7Yynvp?VHPfGMdv3d9LzQej@}jeUvPZ1bjlS58mQ zSZ^6t>2|?j!K$=VxkKY9^>1kr*y9pVbfntR{`!?pQ>a>9m%XElF;LsUb&b*pw~8(7I2LK^vrr$b zeDY&U$n>c?raJBy{$mP&*xLTCP5F%wyfwC@0Smh~?xZq~0E^7%Lu1?b@MwaSdUe z89pa6+<0xm-l#v$HOKBaz+EE2>kCCV#&%TKTgD-yiMZc|dSc{nE@)>OIEF?#+zeh7 z%YKx>+1OB7+nBn+x@{rG!y9knCKo)xGgg;5>AqO~QbH%H%>MF9f_u)yv{AiP$(wBT zfhID!1DON7N}#jy-!#$G13N5uPV9DdOr>Q)tNt(75AQknD`UIaW4^0jpTDipc_+-Q z^5klO99At--lkwvk!v{jhofTCSX4DvcGotqb240sM@A8Yls?WlgRfyg7&JwS7VfC@ z=gX<8y0xOWx4l>y_4zp!U0-$WT%EN6si-uxP!i__B$ap_Vh7y1H(ExH9iK*Vhx5$BIx4 z8)CKumeE6L9z(ve^3-M8TG6{gM4bR8?eAe0N!!S-CSBdlDEJ<$`{t!vk^+k*?N2Jo zz-uQwKFsjl`1feRdD=^ zKs6=NQCCO#4L|Wr>M!aLD6_mK5;VxHWFfn$vV0e(#r;W;EU~@sRs!Sci6Lz=5Kb*f z;1z=)`Qe|E10+6?_sRrrAS+H@+QvqbHvnL&5TTBYSizlOuWOi&x5cqo3(-1qwVY67 zNgt2b;^{yiy_WYPBJNPjb$iE?^4#Q4^Y_^oR|r4VE-kv;ykrq9EkOjNp*+}QIT1X! zQR#JcK6Bn65>I44!gA+=eIxB|O3@s5nLSYbC8I;lcrSg-7iuW;^WIs{OtS)K>0C>H zA8@aWWtH6S0%`ROG6!Zg0JU$F-Ob1$@TK1<*>bvT@4`biEJ!(j(}YUag%oseOLpT8 z29W_;yO_4iif?%AH|zA&^;D-=%c#Vsr90&V1&d1H=y;ST5DrfLtj_)H>}};>8Ko{( zR|eq?k^!t7bqgH&vlHBH2V!$(d>mdj@WL~J6fc!A-*zi!_~#x$voa*1KkA_bTjaBQ z^a-~WllRuatqSb}?nyov)OWw2&H`}(!WzM5&nbrs1Y|>$RlNVS@p#34@;O!pZfR@c zSUhfls2$=r>XONhm(262ThwdFw(Vt`?|)UV!Q)6}k<5FYI-g8wfR%@r%D(O_<3cPx zzyW?FoC6LdjeUXPC*nSudb@~L>8-;PS9^bVPrixZDl-WyUE*V@-Zb}MRR9-@K>gEq zV4HNYShGFzQe~jX-4{AR_uY97n*-xnLUw{(1cv}4(+|fz&VT^~r)dCG4eoHepaI3p zBlv5($a_CLyY4biCRs`{M@7`hN=g!MUw@_^1)IoQ0M%j@FSj}_o;>pQwn1=AE9I_wT;!$+ ztLY6(Q1agm3I(&s1Di&w+^7ZV}~05s{o4777#vQnL4jOJ(E z0hmb|BRLLc#Rs`fx@)M&-N{t^sh6=jY8yjKEKbYVW}d`Yns&3h)gmJ@mUbIJn$;)s z%>z+-)nZBnhLKr}v@pXn6`1NnWjrMSX_pevq#(j}5{OezFaKka@Je7N)&4eJfLVyU2Sdc*u6@b}#OJIbyQG;)ifF}hU zV>T}2ENYj6sJ((x{l{7%XkdSz&7uF-J5a)@U?GXHMcUEdhr#1(qYOm*`c2f6gw0mJ zdQM(!b&4dp*R0)BhLAR`9|5t_{DbGz+}xXv_5N?16W9n$0|@-M>=v_Y!xeBU@L1b4 z9o^p3;MTSDvg5dwMT7r)IzzcT`=5MS4p8*bYycDGk4{&iX#`yS5M81=0AN`hg}CTYz7H z-KQ@rD9PoDYS&g?`cH2>tuMI;QzMKZCoM6*HIFiJx#$53yi%mV}Y!j$xJplr|B+^usYro-ZS&kPcS!dObw7WF$4I7|Xmcb7A=OEeKS{s_vn zK@;v|LEe}bu@Gg}E}2arA$1*sUm*<5GvS|R1!y%49tc0F*koftU;4`ZGqL{pQjNKr z+XPEf({bvmA|2iq+t=BaKy9!gJCYine7L0NuIv({?-0-Mb&7~WJP{!e65Q=$LGZ#% z@uOE`Jzz0L8PQoA13-end;R6P8z%J{SFDAowBhXL=G4WO0j#)g%*&nVRHn>=O}FPv z`s3vGLQ-U(pC&vACVM(DNIG=@G?k#1y}HO8=cyATJC^_1c6ftHs=r)CxQ;laf-;xa zJT&(pA7QieVorRBaLrD(u`*i&s3Lrmy7^j(>O{-V>x#clAq8E@z;^WSYuSciCWzx! zrqQ=h7CH70?T+-MlBQHBYXwY8Yjiugk~&#ogL*q#7_4)L>}oqXCAI13hXg!tXCq)?PVPc zRo^nFJTg`trehG#($yxC?mj?<{%n-Nt7NR$MMgV4qmx10koaG`y;oRMUAQ$GjDkvU z(u;ti(m|w!CelQVsPqyQkR~D^5+HQx9Rw7CfHaX3>Agq?X)3*w&}%}C5ctmI+vVTq z;@tgbU+{Q=&&p)3mAT&Wj`5D6Qjm~JR^=zOf*F^>QiP%$EU^l{3^OM+<%d|q7~51&}9X5fHM8nPvC~Ue?d5qFz?d)Ft<+u3qMr$LtjS0vq~e&BL_K7w-@mPfovU|>sECaQ0n70}mQrt|(W zaQ_hPkEX1LXOn~pBWZ;uozJ~6CJhyZQrf#Wcd}ImA~(-h@58v|ZC3BM5&8@61kDxs z8kS!iy~6I@K6F<#Q8ccMDjLW8h~h^)iHR5*{S%BRRO~*BOT48D@(XCkpZs9o4ulDU zv56LKy8}5)v4PgyOLBF64wvRPlAf*z@oqvLR;sHH)D61WExBebyfR_p$m>9#&{2nj zUs?-kOMbEA#SzEpTI#n^DD%AJ$63iZS&&G~&on1~o}X#TvTH<4iiw!WzK^QVdE*SI zemDId5JXc|z6R>!(^=KTzpa4)wF#Ly8XyB=}&OeYo<&MUZlVlQC zAyR05x*Z+r*j}+XO-g=2J#IUgZ40%GT)Z@we(}h#hni4zCM(sK$y&)j>$x-%8L@d` zubXT@oY|Khq^NY-t@)zo=~|6=rH5>ObKiF#D!h@Tm4h5#D3E4Lpk`6-HqlR*6uG)Z9jcjef#mH#HPVa?UrXDLBIj}da_Xx>Vji^cXud@VHQ zF%#pK?U@Gi42kY2Pq=rObO!ivsd>$>2URxIHboEiK9b^Nit9GR({_-k+g8i6f5K?=2eQo%hRYv(IU4!-3w&FiAjjld1*~{5KP`^IJw%6< z$Gkr!AKLT!TIjUD{ScLUvnIG^Id#e-rN(`p zA;aZDWlkl2HJFQU3;gXd>z&bP$)do)s0N{FUt4&%()C|3$~lDwn$_FuMV>=5X5E)j zJ@?*J4o|0wS}W!G519FR3#t2fPNJNNQ5Sk2gRhXTn^@BPfi^qyE6%y7`ap}#V=dA{ zf=o!g;#|j|6AL`qpi;)2;jUlh-HyA(8}ly9v;KV$@0;pAUgIQJVuX`B)h5>T)BD$) z?YFLK{^)1Du;Q@2d27CS@2AeEb0H~AaRGbh{g4@yPyd(PT2a4_pP+;YnvwN-IqMc| zr8>l{vMVkvrQhV4-QUbgK=Nm!X-?al4*n(h#c{yUE zM2%sZUhX^-^cIwPyZmw5KMVkSHs!_&vdMWWXj?GM#JY}3`GMea!dKOUYn5-c^|}`9rCqndOssdFpRl6LXyj)zB^+2G$=_PDOtC2sB20abRJ0jLNBhRbc;)#m2m?W(}^Q08!Kyj3w$4ygC_B+W6_B zttNNx|0wFr@9fQV??bqK&Rxr zxQqN|SBC?1UZ#1L+lZt-C{2yfVs`_gvBLBBJiJwA@H!7~GI#i8B8*;F{FD0)a*@q&oq+p?w?lqJ&yUk|*|uPtrEeO2cEk?s#xh}dYI_J99gZJKYLf}FexpMF%REx2=tDYyL}6ZgaroNqgteG>I( z^wsTY&uw^VN$Nx^b(V)cvlrSxQCm3!Vu0D0Cg^mqW7-|1G)CMC(llBhX~*BIbv(X& zZ--oMY!R~eL#Yk&m{^5Z?sRXWcUwQ<*8;0MnW}Qur6PPirzuh%@=T3t?x1LPd~|L( zvR;uO-)c^vNvU;AeD9L5^dS0oav1J%=B3p-LD^L^bcb?8qf87I5&CLFdc8=gzhlQ# z>sh&z$T^L6RmGp2RtZxCe?NKJ@d9jeq_k7G0lR2fAw1v6p1!B_+W3s+O~$UmkdmIc z{qu|+Z&b)ZUcG-Ktd1Ch<=7O|JRK})Y)sj?nVBxlVdZkH^^$^L7G|h-EQ`8I2mxdA z?ZwC#U3Ry$LWUa*U|nVTkC?71N+qNk(i5COwG)+q)ePNy<+ff&sU!5aa6aHy53g2g zhU`}7Ywdl(jAkyxMmMnSsU28B>n8#zaqsB;=e&x=KnLOk|X$*1)#lLV40)4h`EOlq{U zxDqvGp;HNK+Di?s2M>v1SYL*9&!t2xHMrWvBBfErDbjBZAf==}`Aw@fQoig`r(e-_O-Q`rj{xkoB1HG}!hsxs)Smm&K6_}nK#$M81+s0n(su%jx za1DpMue*OI=7H59#h*k?^D=MEdqcum*4m#Vme{m@{}CU)r>^=^wU< z`oI`HE?or(2=A(9r!XO*Tf~RrhoaFC@MTgXG zMdXz`xO=>^4DEVTS9#G~7i&}CJ?h3c#3h2pYr zQx!vcFu(WBA(z{%to~}|YW6Cwuk?V1&-y8oavSD|c?q=MzA6)IkE#yr@eeU`@R0a1 zq(6V~(boPp)s6Yc`;Tv5ZgWOYF9&E!uQNR&Gn47qrkX{z&cCk9T;(=ys@9sg=IYlW z_gJ@PL+dU@P4Ns$=e)WWuiH zgK)ycgXAx_v{9v+Z{nmJckgf}Qsly45fH4tEz@UxE49~vlJqTD5sC?$5#%ZDwctN~ z5#^%Y*!;Q$b&P5O6!vWM@k~8{B{X22^aLTWPGAr4??U^CT=NnCKqyF}gL}GW8e*Fx znu&T<7sQ0RtCTXtDW(it!T+rC0nM|?0&tyOgqi~&MPP82jhZZE5=R$qR4ng~iak9O351CDgxirg81nt!l{GPVre$kHkU*Y)&;SBe# zYU7k;VR3__T|D@z#{XK^(Gg20nvn#j-58k1&`+9oIu+Sh3E4QiF*rWU>i>zcwp=KN z!#{neV1?jkiI4t)Ff^?gf{i)%{Omc}!~|LJ)ZsC$eU$fxOs?0LRb9Fny6A2dPqrP2 zJu|Wkssmk|BMvv;<5Pzf-gdtk)SCC}aN*F)KvZ*D-_80Tc#a-Y!#UpGs&nra32 zKW4NZSW@om586p%~?+Nzr#wRBoz%Rm}!9( z=dJ|*j`SXFCp;`&@Q)8YlJU`Rj6ut>c~vxa%gb$IE;Q~SQ*MG%Mv(}W?c(L;XK6-+ zN!|}d$?%asqm=HIMY!(nVO)u;_|I)A%dMDmMz#`azFzZ_5;ibxUbUMNEkT2o-p*TEjl#p145*+wvCeC>=e-OYP(DO7)>~{I(|X*;w|RTLiEcdNXHC(E z0-=kUj$gGEo_>1h3BVGNKZv8w6BC7hWg#7LG(U72h7=41^IH=@cVYrM4-Z4B&iS4j zU!iONYQ6%f1FS&o)!2_%^YuC?Tj)MWgdG41Yt}~IAGcjF;rn-N$HW=58y?blPy{GO zd7sQv-*>cWF}a@qt|X^@Gm=G8_*oDYp@1$U-Z`N|JA*c;sF94Mor1jqbR(DRf+V$F zX@<`4%euUg#|wcbyX|&R`Za=JNIiQxcV)~Yv{vPvgtquw64xv_Mm?ZxYO}ELBaOy) zC&e%iEYBtN`JZAmYYcWET6i}n#RwU@F~+RAq2wC3mqANWM!Z1a#;&nu<9Ai!Wet*a zKEBHk+~$;%Xr30SePw-;eTju~sTxe@D@9=DTbh02~mYEHL%k))%`kRt$$xBi?;kyJ|? zt7^CfhXi+0l@no~aVVbJ)@tdk*$Uq_1Ow4QfADP|^l|dT0EZ{;LX)Ucg{@m;PFsHR zG|Q=T&!DTdpfjLD940{FLq!`fBVq? zx5Li=t>2ODA~x0VpWBu05FUOiLR$1IEa+Ud5#~lYpCP^RcaXp(%fNKS^`82h$BLwT zP7JF}6YMa9D`E2WRg%*!>+Jd6fAxMcc92s%mh$iOq}X)EZ8NNJi~oM>NNZ5{=hbO* zRphHh+jLDk0r)5XZV1480~Qjv85&|4?z0&4swu5jS}4`;$dC z*x3U0?9-F1Q)*&syE2`r8NM&lB&w*FKI_($CgZ)XbGu8D3)~rzhyAhxLinmVv6xp% zSCPJtM#{hLty5BtIbBQ9`D)b_)w+2(x>JyKHT=)X*G7J1!2@E_ky2dI%xdM8cZAYw zABrx$bEE2Ad}y=>{SNi-7K{driB3lZL9F%Np%4EMrpQTbzAR;CXMQOvUYnVg3dzd} z6rHQFDvFc`p};6uj1i?(H(D=kc_qijo6|$TIvUKtNk0&eOO~6A)$k_FqKUeAj?N?= z`rBNZX1}q2-X2p{Zws6)ZhG;%qrcwR0**UyPucdD$^~XZ%%%`Qs6EBE-CIZVcg4?5 z`Br!|Q@Fy-6s}3EHXGXRZ?sv=Gm1v%Mhes;LIO!|&`}Jf_H}lAW=f=R(4zm(RYOG; z%T}s$7k}WmE}e&Nd7gQ22w{~09d8p+)Oc&%#3v22ChwgXQApQn^9El$omqM}-6#o$ zem?kgwhY~dX0ad{|GwR)gBX(L;2;P*ZuL^=&A2$;DvE2h*5t3WJ-6NA?7b{ zQXH78o^OQcef{`pZ8+cO+N?`#4>jZ?Bk2bo-3DyVK){R?eza{<*@AFAjXTZyS%OTT zD^rmW49@z9|7C~FvLKhxI-m#v-ibhvk=(zM?v1*M&_0NG{C!9?yDr*jD>K6BV|%4! z*Ba1hS@Br3dL1B%LO3yM)cw*?lFsuhpKYFVW(%2V3OyL$xXz@}7x}tdkb8V{Kaq)y zfM{3tOIK_p24U9NuP0y0dG6~az3@cSjS9&i=N)7|v|z)XIONlhAg{Na_YHMkZ@m6J z;$eA3u)4lO=%UA`p<*VDUI>@Az&oIvN+mrb=HWDmiC7&k_*ry%rQz;)>xIPDR`zTc zNgAe|hmzWB@Lb4xlXX*Qqwvt__0Fudqv@@j=Uz@%-!>%X-ss9nj4kO&&%g!H^82Y! zjD7geHWNw${Pp9zSXP3@*NN9L+?g*AX$1@=rkf-9N~RCZThB=a#tm_2rR2U|VL1gqzyTcA+Lt4w?F`$FioTuX3_mZg zMZSo7x(UM0DIi|yc>)O*HOG9!!?uZkAd&ly9OlDY`$Eb9qMZ~QB;wrSrT-d7t6c5Z z{C?O)k&X;Ja0k7!A`5lPtoE-aVcOv!_l(}^Ntc3oD@}cX{86;S2vEyzzdyZ!*9@!B zb!xv;ViYFamuhh8a(}z#*Uv>(Kk{C;?tv;L3M?WbU17-W_!vXf-Zw=^zT~6SNe;fz zEPMGY4Fp2#Iu!5XFy3V4%R~I!#w{|ur|WA_GqkDHG8#JSa=TPxUBE8rg==|;9CwB# z=K{3P&1rlRE0UYzd?7lDJJXRPF?tCs&Dx@uc}g6ly7nE5fm~7LfC_ILeS&VG0k?P6 z_|>Z2c*9qvB`%K=p^})zZ6>|wo=_SHmvTB> zdJBj^cw$gGSS~NqU;8H}%TFqz$ILrMUt7n^Onp;v?FX2zLqkK-g>2Czd1ITvJ#mB- zxvjPREUKr|nQP;6Ddr_vs`x-A^QLl{W{WQ)QWd7{ijA->|0}lHo-O`2Ux<6LTZ5Oz zIdVC06P;z7LF>QWWaArl=di5RDO1yp>9xLK^ue@&3M~~>_8Dz8c|+B~TToLWF59My zAQ;tX&`L$GMV^QB85_STmWh8Ki8_%=r}kz6j2xx=F^r@Wyk`4lkO6!9oqmeK`kPY7 z8&>jIPVRa?Zxu|YvbAsU3@@HKBvg<9qn|Ld7dzMa>Y6c|ftb|NwM!PLeu!ehbb(NN z?fVJMAh)#pV^`DrdmKVrBlE59w(|es^OLs4^b4WG(_u9!#tQ_W>Qb%6G0k^`uL8?K zkI%(CgK!nh`r2T^d;}Yb4us1%{YLr3fsn$e&D2qkxSy=Kj>Y3YZ%9zNFGS*4Ax8n> zq**i;9drHDqA$yOW?BSYa&bhwYfAuxyZHt1W{a!0D<)!EQ>Lpzofd~U;3>-2J^EMQ zb#W%zz`kEV4)DwNLm<#uAv7^Cvk!}auBV6;#Luf0`(4h01Q4Utl7`Gx`iP zF{&|hvr|W7PbVn=a5Mb#52Q@YZy!yD z77bwJFU{q!6+r`2EwpW6Gri5pFRoB&m2@8;i!)TF;S=K(&um+!fg=7UecTnruP(A8JDm zF5f7ozzu{-(^8VI5y&xF_pdeu%f{byj!(DhW_!MM#+s;b?Y}{A!EXBE;K3%9QQ54g z(}KyuI#(w+vw|nn{ZcIjV@!xvBsgLAgy#RO;MY3@1M0zSY1&NV;bKMg%j0u1amRh> zFLJTIO%)||7`F932y%cVwcQ5r$Q9ompV5CH(W7-!Bt8P8PoD%*U8#R!&*h~2#}d_* z8AQ+Qq5CtO9LT9%YP1B~g~l}G#N6x|3sxQR_G#y~xMd}iEwSPU9#)B_vi*+ix3B82((k2B>;FR$FS z(3BvDy*^ozM0TwK)yyRe_^~drzyP1z^0#=8GQrNn)s-tVO>=-<{6#x0zUpV>KAXTZ z027mx=h2OVzJow7nQ+iVa%mWCSEfLzxgX1}DAAR98CUe(TA019dQg}X+163`hK$?& ziQl_}J``Z{C}lbkd$LH-5g-Q;ji7%h){LQF;}#}9$#9VG4HM0j*NX2dsPc$5jFjNc z<`v|$N+knr1YlPX>_bcga*u&iI5?aMJ%<=h6d&Qj@&;iZP>ZXZ4sJzuGL&x#1)JLN zZI|#q|G1@nSqi6Dqk|Q=rV4m?Ma(6VR4}gf(8-fUPYwSdMc;xy8lLW)NKj zL3RHFp*jIl_#iY1T>%0E62bAtphQm$c}%3AM^ml7oY*${m3A%uS}b3$*0Y|-F;1re z*?#5Ae+K8v?~C)wQz$t!=UQDVy72J{(9d!(nrQrrHWxsc%74&A@yLDm%dG zNv6WX76alRoOyYu$5r5bNS`CqOJc>nE(1`e54Vcvm_vjTB5_}FnR1Z7)5*Y%d#4k*oPF_}gC?LqA;xOeSN8%x{geq|( zIUeHi0jI~Ul>z-mYK0oFIvH5*E|3LYd80LV{G!nz1RE2LO%#B$tmni9LJmvCyY|n| z#aOm`L&5aVeS&mMD^JL%y#B7;s1k1(Fit4C6m@tp)BEdqPrhX8;T#o?*Uy6qgfp~t z+eFL3V6g?_Pxxmi6II|(D#17h{?Y-ard}jZDPlf~UngEYapTo|r5)2ViF=o|xQUnn z2j6fXSXFhnEeTP~5*7G0o-nOV0V`l&^`cYVMr5SZ4CRiX_`le@zmTqOC<$27W4)?Y zZ{G<4=yO|zLx0Y`n9;FZ>bzEy$p3=Jj*2q2nnNOTIpq*ExaPc+ z$8p%Fhq3KSfn4Pe=PleD&qil{(iI!|kNW9)AvSN~v)X3F0$Zh!FJ^@P-d=aLyRGDM zZ<=g|GFD;-$2PzpU43*1XleN$o}@Jjn9ZtE_lGg3GRPWM#~(~5Nlb?t3OlcmfdQtx zQzjz1V2?)apeYf1cPrZH1cGS*(BuDB_|pI9b%Yk-6NjBX*9Pm2vsNa!OFVLoIhgBR zt)$Le${n-o<)y@a;9yso687O@aja6i9p@}WBpKHJ2bbaf<_)F~DTV1`X=Xut| z-`GM|d?!NY#llFASVu7vd_%eW58?LI%B81a2@Z83Kfj;nB6jM<_`nKUl*>BX1POOO zx+#is$#>frrYz}HThV_@>s&koau8@f8?ROL@o1MH;M4`oM<=r2zCpTPg zi|*WxzdF^U%6p!bOHLY>PD9MXdGP><8N;+L!)wM@F5?~#XDr~#mXxAHo^gu2?2yBl z3Dd@Sv4}9kT5uj0ei?FAC3wev?Y@|Srnh}$~t#fmKkI?(xBqZxr9nQ}-!IVYu%ynm(pZ~mj z7bEH%ksqf_i+b?KZGe7EJ$Gyst1UT7fB$zGKkp;@Xr%)eZ=v;6fI83ev6%5r9ll|W zl1^cbe3cc1>jjn$)?Omn;>PCM=k4Qa^mg*uKy<{8&qrwH$;VSZWa%-s5uLS`a*&yC zcl6$+umoWSJHCH!D~FQd>7th#Mfw;79^M2YxqA_4Er#AI-VuSrhs3TmL|fH_i!@p$ z-_W1p%$FTd`*FYp-sSi1|*f79gWBYkUT^zUBNeaBNe+Q!3dugr-3E$!%~ z_b)FdspzUO>1lB!-qJ(dP(x?K~VaNQ}YfQ--vcV;sr)!M_i*_|%`2 zU%2;-0^;qN3I-1;HiB?yhV^vm;c{ijVQ+oC|Nk(gedm z9$l!x(f*$2>tvc7t813jL+)=n1pWnb(Ef}3Uu6Ycyd4gJ+6L=%9+~iT6!zr2!F3%q zYwE9w*W9O87Q64NK%cSpKZHMU-2(~lc%QOkS<=0-VNu78+h5%{w5CFfv+9B+ZXGxl z&xZ^i0w249V^J`WDdu0{XlY1zAU=K@PpRd2uR!SgRH502YbtXPse}P2RQcZ76R7Wf z|7F#m;=C9RT-dbhA6{VS4&1b+)v)f-PEL8XzAO&E%KOc-Wp+BkwfmX%{q$BK%^07P zWRw?H7p_7mwLi+~&we|p>i+65{&s({{tl%?HzL+~A5aVVLJDoQb|WacZ>tVB-p@?v zyb=(qd$}i+>fYgLxa>IFw#_*;)%WI9jBpNCdONbjo}t4pA@x=PBr6>Pp&8y|*%&2I zw55dj`SAWMuy`q{w8&DxW6rE6-gwC)>mut|oSK{4Ux2P%@bYbL3amX0Y2-mpJ|u9oKKI7zJh6%mDC2OW@9`fic((8} zEo0B3eh&51l_1qABh}|D7>T-z5lZG$ylXVX;MxM#GzOutKb#$32VGQ*5<5x*{dj0; z==E(%VC|=i?68A=%zGupm}J&gO)+%P0f80c0Dezq+R;d%dUC5oj}M{3+^ndvOhGXP z-9%`f0&qdS-xPAnGmLI4pkhh+@U>-_Qwx|9K#V^m3T*Y0$+9jB`0p@*BC*~XwsZef zoN&?oMcehPTcX+nmsuf-e(m1$;Mh_lNH4d*d8X}6QmYO3teZtOvh2wL7vFw zX#__@PTw!du1j}krS9lFueDkIbIwl*UF?8049O+f_)9lj{%t!~-B=}|Dd4whFc*nS zb^Zskju{vw#^Btq#YDn16Gqunn|)XG_d7R|v1vAKr;tYZ6Vm9;xWz}lly_oR?}m@P zgjET9D1N^IU4|2Fn!?a~qL@>PNf69&*mMrXGy1B@rq8Q|{lmyeZ9hg~`c|2f7RRBf z-na`5s`&mgM;#9B3%Zo&mCKgfW@b1jPG>iph>PC($8t!J7xtj($(e2{ zEAc=VzVpH~tn-puxKt{f;E;nqaTiOi*)n^nUbSGQ?4tC=#{%JIHa4FmHM9=N`u~M$ z&c1B*BJKdHc`gO!cC%ZU3pmmzY$ZkCi@m8>R>roOLKG%x5;}d^kO}xao$T`(~GZr3bqY*+}}>`Yz|C!uW3r}43LD+jFATyf$Io6{0y5; zpv&N4(r_l!&60*u(e$mIo7t7S3yafF$aHwHuiOL^h894Gh!8NrRz&FnWxTU5UJ39M z(IAKg3gh>liwUl^h$^`K@-JoItqvD{n-`N(gK?m`8@Ru{dV|cN56H#NuURM(-R^w) zavL#0_b}O6UC5DaF>&9xGnmY$M{zO=UtetvI>1;rX4aljPg4|!Csz;N(*wjD+hCq-X|bP z!cPD1-T8&4^WjIP`Mw0EpM&;rr$YN=9XnTd$j-tI*y+=l+Rh%cxad4q0G7t`3sre#? z+18`PjP3C(#x(R04U{p2|45-}U2fI8T^`T=3I4 zlqHt0>xUnB3$bx$R9-xQ8Lr6q?JGn%G|zAiJKg^b(za%nUSvVN+6u?Gf&u#$R@7t@ z6Xt5x&Y42>h`$<;Vk?(BE**C|BmhtY&yYS848C3V1?iyuJMxRAr5$t02hr(cI?;`H z{qhEBsO{rt#7+x*|L6GvMd*{7Kk+A9+#VuU5x^}O@sa4sg23h3ODP0)NXH7QV8f+OrvvYASlBPy> zN0$=J-!B}sr+R+4^6rY`t-qt!7q9Ik$O+s^J)7oyD5a$FyEr@17{`}e(NrNVNI2p+S6!)0Q1r7L8GHwxq5#+wGdiGQUp zC#x?f7)iF~!Ru;nv+0e4)340P{C*q7Vchtqu&FF*r6{|P@^+NKHyz1Xtri-2Hw*_p zrY(kT9Qj%26HKpAC*nOhK>pXGemuKq^+J_Z5X|2EG7(yEnwagF5%>-Bex9?+K75*H zRe8y|wEx}vva;%H;j!?`veJt_WW*@k4U}Uhny6jzX&A#7^`)jh-geqJAXYz&BES~9 zcPE^whXdwp(UH)5T*zs>5$M z!`h()-1kC#oY{1@q`X4VGyO2GOUo4ypMYOy+$G|Q&z~73f-br}O6~riicO7Hcu6>O zIEO;;dlZ4c#4-Cd02!-honV%!Q7i`Q9-NWT=2=jt!Sr&my?_J zku7xln-DezgiNI0EF;zx*m?Ril_pYk})Sn$ME=o4?^c{=1N+PsB~3Fq&O+_^*bCtgt7MB@h;U!a4$~%f1=yw2O-v9Yo|aXV)i~ImaUJw}o^Rft^VVJh{jHY>Ze;E*_B1YM zjr|ljAfgho2WQOcaf?96iJ=n3dG3*bjS$(@~X1Nlo3`((R3y)oJ+w@J{0ESnX=OKQjD7j*4Fk9?C1OE~g|ey(Kabn<$5O5-Iw_QBJ=yE zvO=M_-gxo><&1TNW6e@53X1LJgQD6~<6-W})OXk<%JW~m+gFr7%%Ixl^68(EuOTFr zxn@tASd2}XYr~$L}#pm&UU^hRr`LE*rP zsEUQ3BW67rAwBqR>XG!apOrsWYXDGI40#Y*VJi3ONzN0lGt10nmQbH-L_l+yHP$4w zv-j!>^u9Bl(PnZOAk)`^7*_gpao;9zm*I2~S|e@|(;7dI6^n<=d;Umjm1<-;NC;5L z;qvZ7jylfpW@cmHrh(y=sQW)lQrO{N^^D7CO*?{lRuw|el-?VKnUtjOPh&I>h-*I@-@ zB-^Qj65F&E4fN}y)coGCo>PVFFW96UH2F1A>^D&&r8*3_`BOM_Fmx&+%zS)KSM{%% zF9ZgnZ??GJb6QeCVad-T=8rT3Wmk*B`%&e3O;_Mkx?f#&pRCuZiIa^4HPUd-@;=iTWKYIc37G3kfPfp*4E9;B3}m z_rQS7Hdv5`F`J=o*&7-tP8ZD*UFQ*@Zsy#+ zWwVpbjZZUGZx|12LkOu788p~xz=O{)0Z+QtD2LVqL;A^S^NwJ_SZnv}2;L_vmsDz& z+4^b3eJ%jTBoHUAyzrVpdrFo2Z_y7Y2WO6&PtU2~sKBswvf&>m^{9#|G%SKcx_U9@ zn%^gUXF4!YSwiFcdFa6~E(?(Q_?P%bc~u7DU5(36Qum!MOifRUR($O~=oK}QO@+NK zxw4JEajwy(@GP`;HKai@iCgQiFra74aO#KD?(tzf0PS|#DjPtGb zo({8^1m!jja`=N~wl!}M;dA3lJ?7vOfjn=%>HXno%C)H^_s6Ba~k|>}Sp@8FJKSXe#I7ghCY^EuGOn6UMbd+TGR@o5wKQ(#PFvmRb=%n)8 zT#@Po3=RG}${JMl?xDVTYnijE-UCHFDh*7$Zr~4!3I`4%{$iblb5z7CHB}xe%xieB zKo@+8HauZGdzZjFula1B4-uiW6mDtoIj0bqNY1pW*;=hob|Gz7LaMm6fucnHTzd6p z%HalZV)+3+uU{Eh&HvXE;hi-{eHl(k6uLLK^hxyE_X;iUr>q9NE-H!zKH(4(0%pQ; zzOsZs+d5%L;_rjbtnQY5_As?cDTWA0%+dS3@r>M!B|9(yC(=dm0tTb+1AIbum3jdx zqN64A-u;)9V=@AlzN`n%~ynlpBk)Xk%|}-d7gd7`$-&b6vOaR7*crmiEFMmENf41E7MFsXY1Y!>8lSt}UZ_`G z?z27Xu`ZH1q5NZ!>_?ObXhLTwa2%r|(%Gd{31=TB-73VvBA9oI7XNAt16+?tw%^WB5&S?dRI8F^@9_FVvnX zfBrXqgcdN9EbS==pK*#jT7TS3>lA1=_G=|3yDX>qwfW-j&!y8*G5QY_AzudJW|>!0 z8gi!5p>C=$$pX>i3+!R=c4j4Z!hG`6m22pVY^86){9x82@t!&1C z%O$)4mst7yl;TdZ8mW*Go$10QBlU73ss4^vMvQEHg>y$cO8imfG$Ll(h z(nWs1t}y&lR9Lk2*uz@8zJrWr<3e+{Y^TM(>p>I2pdpWR_s?FRvO#@$Neo!ig61A}MT%r8{WGpg{Y0?XwKFl}56 zyIL{wosOKPms_w_Zo*HA4=bw6yvviU#ZvRz8_PHmg^r`^nT1Md2TN;r=Aq~Wk3v)> zb@`1>GfTy?lw;P^w>f8pbKOB9!97%@@s@7xgagaS$eqexteI7xzC1EklTdJuhr6a= zPicvhZG)&s_*!ary(EP+jhPYKrD{7pT)eu*1*5pZbkFE7eu@dW*=95&vJT5U8VXZX z{D4Pjauf4>Z)RGlKd^~y4(dm)X~=fB5D~`;$SQ5ZR>ZgU1S6AiyFV+ zAgpT|Qj-`(A=-m10y;F4So3wYvbOJ}BI?7VY`V$bU$?fxxWXnQ<9j{iHWUoS@HQQ% z*8{OJ!7tdCvV;u{@g{woyX9XA-FyY-SmOrw*Qg<$hn;ADr5gmNHd9bi5Is$AZeo7( z5&8r_{F2lt!8Oj^g{A}BajPX1{|Opqo=H;qwIB6PhtgE&QqUjP#a-i`Jr!~Zw8hx= z@5ZV#?c6+O0@0zw7l9+MdhS$&m>eGueG$wmXq))7EfV=y(p^FhHY_&2-C+Sv`=F`} z)9#`*#>wfPL0zWZ@^33oQ=f-%J#_^>&^sUs<>U*@8mmfhvM7r%9pbGlk9!_`16=9R z4cV5sbfevoT#&Q*94kot@x^GM2r*@1@wWtic9|ajmz)x^a*tf(GH5!n+Z%tu*@(S@ zDYSiTWNvKF@Hy5xxyN?AHj_fG6N5TfH9?S_o=4`jAm|HWYS>G{8I|9)?{`wAJKP`O z(2SmRZjxKhRao$F>O`|6qfUj9;TJ}wS)Y{y0A(34|K+Lr3gj^bM)9Eo;@~+UB-EPN zp0zs4K77&_wev8c)miF(;gw5V&ULa^KX68JPg4UzimA!QiDm6nX=LA##$0Kw^HGgg zg{01+B+HBTi*hRurP4hKgN{HdO^@}xNKz{&(1zxg2F$bz>|lf8(z!NKS)Gm<%P4}X5=XnT7J#Li7NgB*LpSWx`RPJ$m{WHgU_iLQT z^_`C%k!Ja3-0yLUgp_qq3HkyH8oXvy&L~P#Bvr5d)nGdlgGcV&6K$9yl>2WVm?r&C zcYAG(-Y&;V}dP;;5`oqU-gG*DMr<_Zl<}8tO|N zrMFN8pB_}lS%;~e8|M#s-ic^_L{8IiEJ+-fF8Gn#ojYUvx9~+;?oLF$-1+=|+DiD) zX#Qy*njEyRAjp`=pZz zsP@g-P&YN$mN}^|Im*SGSqtJtW^sJXMJ%uws#nL@r6d)&dstN>?2WbrBsXK_i&bC6 z{a8(Xn?YL$NEa^6PM=#tVm5U(1e$L)pL(MouMS$J_gp-?$Ul%{eqxzLgYT6I#9Fdp z(!s%twQDu8J&zx1sJ=?~bN&Oy3mU^o1C8KB6MLOo4K7jm@>6f5!InCkpdf^kHUpCl z9Qef;*5&JnDXscL#Tdt;5w`qwU3>Ys>XZ3pujJ`-$I7K*+k`Y zUEB5Blv($eRggGU;uUbs)=J`G+hVC!ul*Yr+0}0F=h|X=Ye?2u;~WnG0!^{`SQ$^H zcDJBX#U5hg5Oj?C@FCdShb9$$y%UO`r^dP!Jfavs=2-r;iUUy}{Fow$_Y)%}*dV&? zlzQZ?R-UPQQ$_r=we=KT=^TT?=<>Z8NrG^3|LN5cN(ljUWp}r7l()k%7cvB-it`k< z79s{blicmUvrT&OS_^C7y4jW!+9AkRA5c8fsb01G-L-#gp`7E*e=J9W4K;Eh<+pyC zq+b$q5{+urq!pr@V4|KTn(b|e@7v>iB<)9QSy}*3V{h_w)5+V(wvXu>*$o$R4X<4l zu0)qvCX|F&Bneu$a%J?UqvD3DWsh<#6YP_ zK{Tu&n$A_`+2EmOc-^HONA99;Q{LsZnYQz863j7jfBknfOrabD6r7|m;C$d4=DYG7 zI0M~*gYvrfB%Y-DjTkZiVQ1aFbf(YlYqtYa0#`pj{k`TZYg2VDE?#fX`N3#U**;@g zNQB>@b`|yw@>a#uHYYdHqR6-tzD=n~Z&cB`-FS~GNxFOoN;0}E*Sx-&u(H35D8EzU zn*n+VS2DBB8j3dTE(`oRS)_&8j_oNJ0ofPUPw`4PsS6C%HMKSEiLdhzIRuHLzec#F z2^>CMhqYPuRTPiI7mRX7e34fr`Ec%L^P$tDGk!|>#ZVkNU>oLz-#S$PBN)yxy$Z9i z{c9e({9LhY9dX|GKlZiazxTDc-T^B{v~uu%v{t1&A!&9JR9trahxX&osA*R}a?j&I z3Nla-4gjqcaurQvRc>jhGbTzGnEMQ{+XV17Rme9)=59Mb=8yZ?wFEo(2V$i1$~8I= zhVlpd=^m!M@@yDv%)c9oKS|q4ymBFSlq&Jy^P9D*cR7LV^PYp_fOv=+od2$ z$+U_6#pM7GKqFu$bkM{|Vj2c8Ws~-YK}uBF+Jyd(2C6OtxwOcftbQLek51~qv@HL0 z#ho*EyHhsw|GW_%cudP5q}cpH)co=14>jpM*BNx!6Cd|(EKnU>C`l*wQ`}!$`Ol$X zp=RG#%5?U%f&qKTx1axRB<^s~pl*VFU^EsmcaAJsWr49`=Q$g=VzLcH}YB#w1ZqQi~+ zt0}@M)a|u1c99*ooS6M!z( zwuyrntsK-uEl@T5S|n$r@WS-*B>HA0ANAp`I_4K{{mGcG^`Tl$L2D=E=fKQ*r!xN! zFg~CPb5+N3nOj8#<{w*u9O7sxM3x14Q}r;4asK4)-?n6TPq+GAS;%YmDC1}fXuK^H z=ioG+-1*zAEkX1X)q{BpHP^al1A-7MT(QuEk`h3f_0~Wzcv*G+xWMl9TO;ZMP35ik z-}K4x9-T*x=_g1G3bbap%TGR%yhNrXrhKh`KxJvgCfr|{?TkTFX@(E_(;N>JC>>{F~Q_>l8zmfb@t59c*FB}c^f9O zeMjcMIl0K)cF)(DPF@aJk*9EIi0fifz>3$cKxRE5!C9yy$tQw5c%s-=gcDem#H6 zSE2lBmcijl`t4ukpLI2ssO8@7*U_~tk|k!x=`hH_`216GKrE~D|M2#fVNtbh+wjl^ zh@yz(fFLL--3*Ad2q;}c*O1bUpmZZ32nBzU7y)xC9qb=} zg7el;Kc?~OQrwe1rtndn0fKQJ5cy&UA!u8|7~ja{*wA4WF&ok~iVjjqR-fPtWj9SR zOOiMDq+v}%=1MZH)5_@rj1|z;KA<^aDf5v+DJRvg-VBhNSL^8*H(0#0voLB4a8BQj zBsQr76JiIKI4e+^37*AJYi{j%{hX63vZk1?qQ9OL(8NVI@4{=iLS3yS7X`3t#A92?fOv(I?S z?gij5CS-_{e1ZT>TK;U5zuNfp$HwUX?w22yo^8A=pnBo9V#-uW_g+P66eR2r*upw( z+rsK$V0R8{OBVU^w34ykz${#WTt{A*h#sER{+Ii9d;ez(s}k<5A7Xs0`6UDuJj(+=s988Sg#t-K+f#o;~htd5XfO zlU%lR_HwQYQsu%Q#qyYdNg9O^EAn4V)z8=Ln) z-N-m>M4YW3*l5XMAAF$Ghr@*)zjWn)Nl_`Pso~-U5Q>%y?+@wRrZg#(%AsPUtFhya z-mnn?>d>5T4ZS~^jqV5^Wo`pA(jCZCfGz$Q9ny1MQ=PSJ9b;LbXwU7;_!d>^s!w41 zdH;BfgI#BAI_z$6=K98D&y6(J(kTQ-C`2qrUxB@-DApqD)gtnD4>o82c4D>uTYkJ zp@WjBX?^C>EVh^YNqf16&;9iPL!8+|)iEXmg6!CEH68s2pHXkLs2cxXIOk7QRvu9v{`)lM4 zo}h{@NKEbKwMUKrBOBgb-QYO>$jYiXv9Tt5X&OxblK@$#iRoWP3spq0~z5& z8a)75N|2d>POq+!X#S|@`)c*@_rAhqgJdnp7dnipZ5dJ>zl4OuECC{3|0Kj5@vN(0 zfjPxLM_-36j=1t2s*%e?{Z%{Q6gzUTi*(RIdluTv!9%&&=e!Ff256qrhcVTL^9+<^p)-n@z2m#p$h;4^-W~5W3c{&s$m1kfh$U76k zRTXOSY1RBeah+vWdwY)|ZyGVkXb*U|k=ZR7qW5p#rN~*=AL(vKV|vB^fH?WXCz3SO7d~l!?qm1pu|f9( zrd-#Dha1ycx?Pxr;Vm7S;SToq3M<$DTG)n!o#!EsV@#9P>QY6ix!vt61yeTrKfL?3 z2tVSY1#*Z=_92}jHv5L)iL=_+&f2Mpc}h^9K@K*C0fHG4ZW}SQ3cuTZWsk`sab+5@Vxe3j7c?&z=^-_<3-!vfiiW2-_!JF=^d21= zI%@mvn4vCX@+CHb9)}zN@tfC|udV@`VI->xV1TcH!A1MJBiGwXbM~~<^p_S4#5a~y zMHwyLDi^6R8RHBS87A)X|69itSV4%yhA?mXXbQcS_Sl^JK-##Nr(&;$+MshL;Z)^{|0Jt%rUH5Wt{z zetiv7xurfVT9XLoMsK}Yjx0|-XLiMcH`|4v@@_BU2Lbm$NI2SjnHH$_hC_e}5>WAV z@6VM=5JNj|APXL}=Px1EEdJFgZ{V-Ym&zDN3|e1OmoEz)8vb|1_3I;7SEGO#1+ZYl zaVMmys{iaY7hYMm!)-D3ZGoctm8`+$g=Lv=_kkbzkqhvUp~!(2vHw0~_}_;-3BQA3 z5&Vp$v!l+Z`DO)IaimXS{>EX;?qGx4u@(~#uG1g0Auhdfq^dDoOW>A*EbiOH^Nz_;l3 zidLr+e~GsQ15P-2@LWh|%>5bNooP+vvW~uIZ!+awdPZx4045{n(dpl<^K-4Y1P;J| z0R!+fTV?#n_O!fuIv^xABHs?3yq!&-#P=^6grBH1gM2dK70b~P1>U81)idPlV^@5| z8ZP`JmI?W}p7;nM%R+wc32fbTAam~7Kl%AS>(Slb;qeo^(QB;+pbJJOeZ%RonJdLH z6&ja>^Icz<-d$*R$eX2GC9okTLhSC!EsOMo9d>qgz}TwQnt;q@mg*_+_cxhNK@-!B z(?k9>`JwyiyQ;|wwVvq>~74)(l(jw(_Cq{2ZLdZ>XBsv-BE za*vE?yE@9%GTsXi-?AORNp@jbXm`c24xXef^+$W*F;L=8k=9ofzw&LaPSYi3C)~8e;#>H z2$HDy+4{P)NvTYCq07mkc<<5B;}AK$kp5r7_|E&#T*IdgsW%-|GK=F^$pFKgJtjbq zm!4_GX=0Qx{fSopa!qt=vG$%J^>_*5h~psR6(^mLe%>z5y}OJF0V-QoczdZx|2e^x zt#TCg$FXX0+>2r1!z_UlDHok5WlDs^INL1Gde)(IyI9ugs+$|{0dW(o=yw_g>Z=3C zwhhPkq@&ZjRYX3I%JGs&)+^Z3L8U^;>aBTDnm}=NJ9~%vc`5O@|WH6 zzxyF2y3NAgvw@TG4~c4zRAdiCi#aNm&4zsJX;u7jF+O$9gvyA>d9l%#mzPodW>L>3MOWcTeb2{g z5asSLcLE#_dDL9AGq)L?mAky4x1`sPpb6g&f=jpKJ4&qtO0A3%?QW8zwhwbl_Fkm`2Hv$-l|FB){3SbgF=PU9+!;v$4KeNJ&C_*ejaytru{EqvV)y`qqWFbA8=`EgFToSuw0e;dT9jH4tX! z{~p3^=Mya1p>SAa)zA~}8@6d$Y{Amg=$#KUgdx>}E;x#tiv0Ob>SuljM0Q7K{0&Z@9?l6#kiSY_H0Uf>P z@j?;-+(sXYX?}6hHN;n{{_8bHiChP}mk;DUHsaJKg4*#PW3E3-f~9>v-NMg-_Qsa~ zL$ts8cs7MoW(M_^%S>;0ko8;JK#G>vzRuk&9gx}LPF;#<7hhAu$*MS@QhKp8AQ-Q} zOKxu^Grrbw2K$*qlcfV*#h)CG^Gww=~r zW4wh8tv?H0khzF@b6+R;c6@N#N;Kd?aokD+u{?C|UV=2DC_>J~d4!HX zKt$N4fu89l`cZym4u%$W>*vj$j8=kW1*6FGVu>^L{ZCi!5!#6|!JNfD=QKG>z5h;k4)W>TR1pcw0IE(JVtx<-^YP*4#? z`1lsW8lD#Bax|lK=tO(s1?51m@N8Z)1~~T^CPLc%XSbn9_m~4QDTGa`Ub_ixc6i^0 zo4Yw%5O6QSEUk*y4!FS5EZ1s*l9-DOeX22aMysdrH2H)&SZO+5Flt1DTJ1Ak2qWS> zkBc7>c4Y1{(8u3$jRSbgOwoNzCqFB!X?l;Mz=JvzAVQYN69Ny1LxM6Jt$#oiKC-o1 z(_|b#&GRO=_fdDNtNH`b2E34^kiYT<@QnBdrabc&LRdbn{WC&7C{t0v+QC>Rb!PrC zqctUyR2u!`h94aPMGcpi?1Icz;*1Eud))oWSM>J9znm+%ZeMrxi56BM)7l~bTYI6t z-rM`JWG^?&WI&D}kgq38yt3PJg+yhcG|J}wv*R*?#KWqeYq%RZKOR=ZlRA3QWiz?3 z(1RTTZY0hLSCqd6*W*12_DMvQot`X=x;VKm=J11JJju2bKD(_DQ*=|L%dWx5!6gy` z)Ea9)h8&<1E?4QLQB|*JdFvRyKeb>lj3S;3$x9`rjn+9^K=E z(zT#sgPORKoeFKfuUW9d7tsd!@bB!lyz@aLh9X+I*by-PIV6PYBD-Y2Au+KF5OfT` zw2k1wXOGrNNqqk)07Qh4$T$b~DOj;zzaOiC;)b=za2QAM>4x}Ve9tSx`9xDA($Um& z=!f>qg)zCY+mk%FvDzJ+?=W2iSWD>xKTkjOyK< zLWKQoy2KM3FtIIvcFD4?f#IIY(+{KN(fl!f5*GIqB#cLBzj~AWzq|Qpv7wZH`yR7CTaj^yhP*ztbP z;*oWnr<2j7yu^>`4iHxi$5h^!_w73g-eUMKTMxPlm-bo-&#bGdQ#j3|a=#i%$3LPe zD)SA%4G`C?BaNoR{jtXNnfZ_HF=JJuLedt|H?qjRJNITb@aj%*da`y6Zat*R9uu;s?BUGe^r*#p03Ekb|Nks1V02P<)*-?i>VF$PJ74P22Qb;4VOb^xEF01X2rqRi)UCgLlGF~`bUxbErGK8LNu?%Qn29-H|t zpVJ#Fo7yP}qCbbWN4bIb2gYjeQrnSzHRvZTAR?m6^a5In6Iz=k?$b`a6>`oZ4YBF&)rZRB@QYH60VmWNiBJMW9 z-wx)V*Yx%2wqv+Vg2h2apcFNskT|w_e?pb0Yt*klgNL`9WlBsWHVJ2zIVD9)ES6ZB zg|`B%3b^Lvj6bv}T={d;jpJXA)0uUi>K8^D@6} zKL2_tzrUGV>+Ys-cRw- z%8o5vFOgO#k*u0WWfKol>S#nCl;b}Nyt82n=K>tN4-jh_Qzi3yQ+yt0ld*hY!~@{KUxdA*+Fj0!(6G>BVRmAu%Vm<~XDe{B9! z-N+%WSf4a?v80Mper){h3=`VRn1v4v49u{j%LJ~F(Cef0k{#Ws^yY=9zsIy4lvtk- zAC=^4M1R_NC@bP8;l2u;b?!`BdOlvp-)t(UEJB&26O}!{l*2{;(rV(9BqdAaHqkSP z;mzN8tQM}@Dp%@y2}bJ%=LLCN#s| zkD!jZ+%GC(Y_y#eU8Aogale^q_A(aGo6^2_6mAV}t&|IOfzVjZwX_ynLruoZOq=G- zPQ;>7zs#X2PeAe;+d|hHz6QWSxQd!yAuL_@ryf`XliDOb;$N_;eZ5Sf92r`WdymcR zVK)6bzN>Is2io|Ce}9fNnlIh7Q=}%z_UtPD@I%*zCsW)rp2DSY+>KA3z;U+Wd3!F7jz?j;> zJh+8dBk<8D)18L&lYG0H0H$OpxBPUp)9e0JrVS@-U07&$xgBDqtaz%1ZeLTW)gKV5 z0a!)SX`$;Mf4@8sX4zBNgE?HNO&~ZV_;xOmrpe^&yb^kxso+T(+Dxwa-aLhvmw3k_ zY^T}lW%=GkKDsDr=)!=b-SJjUh_{&>nee@EQ4r*V$_H59Z9=uuJS1{XBe8TaZVuWb z=Ki|y%KScYbUoc*X3#XE5O69*C*1JCu9u_Eqo5tvEr}N#vTI5e$%y9))V*CPe(FZ* zkK6ZS@>FDy;1%Zb6%|ULNh`HR`{B1{;M3@(`(#Hnb*x>pla8PrkT6R@H|ZbszkP3e zjPZm6KUX;2tN80Rg(Y#tHGEFzYBE_3K$Hy9`ibok`MTKJC2X5j7stU_l4HF}a?<;e zK!Glsg=pbA6|~#rbn_aW@B!sk?4PxFEv;>^Al_+mqClp>>HhFdcSoQ+kywo45nyfd zd9Jpj^|2w$3!7^yc4%*x8QhmXO)O<$(w_tVW`wga-3myj$*vF-a+8O>oV7;W@c=>vx?v7y zgQG411|sDut&(92lt)y4fL*F4MITu}YMVy9GK#Yfp|p}99-lhxOpO#!lQ`zk-rQiM zypx^OEvKSpsNjC{(Sz!KNHiO*-|CYUCE6w_y#@PN@Zh~G(r&+(lRn04_tQ-c>aCBq z#CcD;>sKGTsqJc81W1en1`EYVty|o`y-+`ZL9$-u-=TqK!+!qDoNj&SkD5c5g@bNB zVyO`A(6hTJ@GUwBP>%iq_A0Fv#5F!T28)sU2h;;wYXA~$RM0l91pcEeo&J|=q*zfo z3_momb?5OK4OuP10LV@f4v^rNLm}uxFmlrG-anvBl~BM7wiAqT zYheRW$;AKat$ozNPP7naYzgI-PnX6;6IaZ4YWVi*+{JuGgjr>hj;j!Q3`n9fGNv=A zC$gHuxVKo-#NKY>Oq|rW@9)4e5rZ*=9{Czbw^oPZ9W4%m36?kv50|U)qDrn`gbxIz zksl?-khed@w%O%Qw-w>H{y3WQ?s4FqVWLr0B59ewPQz6e`QF)>XQ&rj$<7?5b2;24 z^5Zu6_}Hw&%| z*K&M0kz%V-t(0|C6bmn@KckQJjRJWPVR-VR{CC(^M=*DQE^p-Y1mup-vn5>QgCChn zE}Z!RyhG0;U%8tMQnZY|#}P}jj8432hAJ=aU)SG8mF7}??Mc04?ppR-u)}n#a6uO5 zaM#CyIE?cyM<}%z5lbf&SKq2;I>Oqmf@7$$VUsxg0XeGoV>}O!oIZ^a)A>fp%yGv~Qb>GqwOQ^u2A zlaTqB`M@mIC>I9_jPA?lYh;8?$&+AzZm1zz zPcEioiE_-v%G^48{P20T&NCyRR}0vO=_Z~!999+@&Y?{^rUWi|x-31NxaLe`e-Hd( zP+iJ=oaQo2YAgv>P=h8t97HP9jEeTK+tSif6aO9g@4(J#SDO#JbCIXNFQ><@|5mN%^E`mz+wcPYomj`fmoKqtAV-BT5FZoZxXpRoiWZc(HkY$J_m}={cDmyRDG|xrs!w9NTZ+$Q@9PV z5%2@eS}1uKKED?kkRvV3S7;}^A)epeqqburr+r%c(w_~86H z?mspxf2~;lmp*h1Hw3Q8q&ZGQQsJwcq{40u66r<%01_D&xrL7CMcau)@sp6W}=K^&e(m!Sy4*~e9 zM)&CcIah+|g&uw_`C~vhr=eYu$a;5VaCW5H5leEL?3ymvC1P-aDBIoYo?2yzvy)Dt zwq5`&WCB3-fOo3p*Ux}Qp=y12`wCkum&vCHpy0L@y-D$7m9gd<6R&QLw0IWbQ=pyR zN&4|KJQKl-R`GTnteXmlo=E>QLin%NGp*+le1QPf?b6e*5PvHaZtl2@!VyBAZSV=f$r$N|;W^*knvj7-Xw^^%A#B_oX58TYa zdP<_8Vd3ugG3}7q8 ^kI`s$-aO)#3WkfIrZxv=LR0K&43j)LA(}m;j7DwfR=`4 z0LnSk=qm}vxdDD^l@Ez%}iaMy1g0D82j7OUQ(XMOVLp ze+P&wtvMV_7XtJis+!85uo`aNJzoBC8LwwzpM+nuvF4Bu%kMZkI!C6*1cEDXj|0V= zh(fDNO{R7a)}8D~Vr?m0Un(Wx1(eL-71D2*0&&IBf|p()U2t;#^UlgDkuONOEde*# z_=g4JAiP|c<%;MmPZ%m&uBxU!i4E47&iP#PcYiT{WLAjJYr+7DQ=pQ>+jIy8S2CBE zqDQnQtLz+9ltgcm8}7Q%$VVRNByWDWgP#Ug-1EctxzmdFU7I~$wA84skF%S*^Sp{A zvUZ7G`#}IP&OR_*4EWDWlX!S@V$yF9dKZ+BsaknA5rqHu(qi=kX{}m&^Z0RuTEd^ntMx zJHQ2WFijj_qN*zICPfy8Gq+)MV%DK#({u20Elm8P7Pf;2IM_k~LDju2zZV|wxoAAV zn#hAoQrp_{0-ab~wLg=iv0hRA^)zN?xFXZahOirX8wxMWb|~4R^)%1C{+B>*_IDbA zO{i>;Tv0jD=Jdfp%pJ(q;Sa4$Q9yMQhRBh)??H+spZ=Wr$E=AWnTt(-K@mubeT{cV zY50Pvd{O751(1&WFI8(CI9g4FYG z3&jvNE3G)- z>`Ks5Fz?J}JA8|@2Tu34vxOeInX;mPWr|!E-4hP%5>NDABo6-KSjwkuS`(Pxk~K*T z2b*ZT7canD@R`7#Oyi+?R!@OEAi0aTg2k4u1pNl>jFDNcn)(nQa<|>ll^gJI|21q) zqOoYfuXl+g!}raW0)p#n^(k!TGmm z&;ku>AowDn8|fx^@tE>C?<;Qk5|Gi%1|1H*W!AH8#+4_ZqA7KPf?}oG30snGe^xgu zZm%SFs7PG6V@E5a^?vDNZ#%hPbL|g29`Uonjf7U@hej5>Ks^mDj~C>*iUdH*9FK1W z+kOnGwW<{z?KoeAHSJ;5jdm%cCxB|G@CnL4r{T=Ca;?PyW{Y8S!ViNrKL+Nw&|goF zfvfUri}Zb%(VCUZ@AnI>e{Ufvgz93Y?WG}w1PfR`96)^W9li`5PKPEUhnOBSjW){t zg)?`Fb3WZ+%tDNFfeci9S5!zA7yHNcNAl*C*dsp~%)MZOe^SUK*}Hp>M;@%pw&^er zKxf`nC8i9Ss&D#=C_)CEiS8$H3jsZ+z*j)N!JPlFLP^>)r*YIis1i#3p3lh2L% z)!Vl55O)52CaE?wBUcKN2=a-@!S+)vU!>Pwv^3|FKn4l@D?)g_9Xkaq*uy1h!+W$s~mbY8?eYWpfv&0@X z^_PYd+n!_E*kH9jF*D*DEs7fxgAu_lvl`DFEBf-#9!e7p!KW;EHIBSz2!8ZOS8;gf z$bAKvSZwcHdX;&$Nlvk1QOAxHeT*0A76^*}x50^f|Hpvd2ZG7L*9pC+G@Sk-cGc&( zi1R5ZQV^H zPK=i9BsFAPLCgj3d1CqZQObPrat<4EWR+&JEs6q9+$foD6^bC0xr;-!-B6PI)*BJS zXUTIB(~mi&6|z1)-Fk&i)auLm2Zvj(?mLzi{?cV zqd)d&dYvza*;eD3l%b?7gxUK)a-^Yxfw^@P+eK_+T|IhWO{OkYL6b5`sH0r;$@AFk z(N7+i#o$Vk2|(;X)g(^ySb^&OSPv`UDBzPU96zqufW@kffzKJd5_@z&ZN|cne40AItY{qpIJQJdk`U)8SLZ4PY%Xs3GNWcZH_@9$tO zb`A3WqR2BqUseXc_}JV~i=NDuau6%;aHjpOLREjCHI&KdnR^Gw^9bmn>HZIElue~T zr=20%yU}BVR%1g|ZbeyQ?r3h`eYT9@hrOVuJvHTdm!FM~Y(rfW>M}I1F;yW? zTSG4>f#deA3RF^S{mh(I?a{cAk zcYXT1lq>YCGoc|gJpf}83f{D0cI+)w%hOl=k->| zr=;S9ivmz8jU^>#%6+(O`$ZXRt9p)1+&v-UlGo~yf#M_{&~EVTzAQ>tsnA2m=+AkJ zPAswB0{G&aZwGu$ZD9lOnFtPVF16O0qbqjK+ncJ;h3W}MYnwe|l{>wTCbh}_KSiH! z;SITeAIGHs0WTLeG_ZvYQ4KLcT)k*O+y(=^fj#EI?b3rS$d>SklADm0 z^Wm&Okb_!~Gf^x5IN*164Ov<;vfUo8^WlDoz1%Wf99jgVO-^ zoiE#}ftISu%yj2i>ESS%D``&P^nqzuUci%&v+{21x7k2iwYERZdifOiejxoR8Dle( z%1e<->r>iTyB+DZJ-*b+c7@1wIn>1XbvFc+9`?GnJS|$X?(a00`sH64C@TWY5ck1{ zb`Y%pA>{Z3_)fj3skd6P#F0GDXaa#`H7%_rz?8pwvTM2Bm!T{#-a>&n>RqIE5ql)L ztT#^E6P*2T(fd@qjRZ23?C*h@eNvOsMQdYSHTv!EB~N3W96lh49aj~WsR`Wi?tW2k-v@<-L<(G!4cmNP=1+H+bUG8jf$Kv%F zHm)rPX{N@s`*O9b?wv^8e%p5@+1L}Pf=e8(xP07d0SSY-ScoLL3`uV+4D|JUSj+XS zH^M9@e}=0@%6-pJAF8^JEK2)32hancYL6>`0?R`F0r|jDh@vLS%sDhy`<#6Q?YM$n z{_p3f+rN{xnKC-!J+Q7}x|3X6w@DcMlcj~mh2bz!zLIxEPv77<_fpG2rGS?P zs3fhI&mR8ILumJLL0kASqwUA~NhGzGbVjz{95rU!M!q%@-W{jiKb_~lmO@(WtzE8a zeJyifj`t2@e{LBs%RcCK&IFiYrhmLpo>Gd!GLHvtr|H!TVfLr6FMY@(x|VQ|N1yZe zDs)FOyMN6qi4f_iKF?YreBhY5;f)%h>jH3i2*tsV;;X`KkBm0CI(s(zjrA7ceZyju z|4LVWIOfr6I`e?G0O{(C=F}XliAUjSr}UN)>5oersb{nv8>X}STcq>B7h4>nzcrmk zSanBUj1Q32-)E$cux8Ba-s;Iy201@%tt9AJ_#N*tF8gvA@6JS}sd%s_|9M%WrS<9| zp33-?Z%vW_YOaUr2!}QNiM<%{iq}0%TeMuTjK}xlEaH-U{70ifP&vN|s`T@o4u`Kw z;u|NvmG5B@>0^(#K=T>hV!faaxnmk+7Nn7nb=QDU?bkDh>!2~Lu zLVTLzu4?A4dEItBbC12mEL&-gdg&$)&Qyu|sN4^J6x=qD9)ii{sKwWZAHG>KHoS4} z_NzWGfmQHBB?(0S);a(CpHlw_R`$4~wW9FXbcy{r*W-u?p%*%aFFC|&eLjIqIv+?LcpwT2GVi4Z=Nso0(aK&- zjY_;p+0?!?E#vVlusuI~ez9s)IcdwuVtW|P_Qg$TJKzCq9WnpL6TTJ=#~WajqD!V` zG7r<>VEPeCiz6!Q7uXci_ISu{9Zou6#~#~Xi!@$0DdD9jiaSsS`8uKYSB8JAL&)a# zojvmArR(Cs3}c5HNs{UJ%#-tuye@z&(~jlYW2JG7WzHVyx;M!?o%gj$FsmY_xY#2@ z_gYFkF_$v%MOR&_N`%t=0Y+)^FQSjWC%#Jp5Grg)f_#L(wzKtKpB-Bl%SCR*ku0mD zxvH$3$z7rufS+jqG$fy#lYCSek2Fs zyrq_rxFe||8g^0InBfrRHTYqKJ+7U+;cfIr=)~{HH_;u=+-*k+$NKR0h#wKq2s$!v zoz1Vy>a}61f~<;FpLO1gK9pyy19&PEPzr#Ymxx-9JQ9;OMfe87s-&Er)L^aHLksT3 zcHr4WKkzJqkoa4)qGiM^^I@qmpr#b`Yfd8MC5{wKPXLGgNPucJ45soU+--S@ z8X9iEzOMX}*Yehy9k4zFJN505mJw%0Ubd7+ux%d-^SNxXHi7$ zzDUsGb|tG~U$@m{dI4`p1#~^n70lyhzWk00HhIGpA98<(N1>;XU;4r=)yj|8!?HI? z9y1U`ePAN^O13}El@1WI3wA+fd$5loR8ZIj9m7+I-P}nBf9;PDJp90CP60xN5|90c zJKE{^D^Uc;p#(QNA+I~gYrhHdBo2`EFcNzpGP{7`1H7|!wh~J=Lb*qE^ka>@LTURn zHyGydx+LV-D451&4S@mQW`qP_V0Hk9*abRZ6-^(`=Kqq=<)spE6&Rh+R`UhWx@=wJ zIv5mFUZ+*j8y9=azTTQxW)|%2z*iEfVEfwmWCO|F(`V62r&OX&au`5UJ7hz20&^0+iG-ZH>7Dsxre(f z-hZdRur$a>?DhQIQlcM+Wfz*gbRRhkUnM2c-bsCH%whM@N~qlp%i{3iy#gW$ViNVp z-bbfw|3ScQ_#}huh-_Sp!%wQ4djV{F6iL^vU%L)Bipfix?AR*=Wi%*RPRQ2`iEne7 z#Mhuy(peHI?xqf|uY#v86v%^W{0#Pll@~>7?ozHZc}q0r&hP8;AEkKR*IklCD&n-W z_Df-1Pqzd8Enf0*QR&$tHbzvyz164m+IOWerY+VCc>LM!(Q1={8_W)=_Z$#xd_4FSm0p#wZe zDuWt{ppX(VSo$G$b;A@dUskd5IJjE?utAQS&Jez6xH?@`IoN8skIJoSEr6}7-aImO zAlB?=FMqbsS$=L$R4ZOQiP1q({5E{N)Ns^jZpVZBj^T2k$1WlvL+)87Df?|n3v~wq zt*b)5`^&#`Suuw9fM&>^bSUkC;-}fO#X~5$){;A%7W2X%e{|Oi8pc1b^DrmIIJYwI zPCJn&bQAgz9imh>?s~T~)%P~BQgP|c(wjdmgP8geA5}t)|Bht-uh980<_$6z5rv^H zM0;IZ8wH*}@hms}#M97_Mwk65GJ2gcy7~{mFMI)?Wxf>iXqX3|uPkE>yoP@uVJhQ( z_x9-U;p!>bO%SV$8!Od{U^!xn3Op*L%DYp;T0`iKvc8HP64E)QJH*68Ui;=x`N!(A z=bDtXp-hh!0H%05WHrrY`TCUz#VxWGt)2Xd^0x>}}ia=Tuffr=I79s42m zu|gy7&yiaEm(YV4u~Q69_2U7iK+*c_NYTgTIQTC|r25tZ#HO*7oTu2}9S9O12&8d6 zg8&v2gzYO_gxY|S1eXi_!U%7qgPX~q|DDynL`mHU4`<{7L ztUFhViqeUY3_6MuyOsfS7q(z@AMzR;CP9krN;*Ht4PUj-{LYM|)kxklSW+j1v!#kk*pitYuRwJN^0kMEgL3Dao z>v!R11KM=;)seYpezIb<`(Mc1{emgplQ}>n^`tdsnYhI7xz(KW;{L1bk-Xk5wy*$h zy96tvwz!erI$_MIVIh>uZ^8XzkLl`t^$d-gB&9;8FT!^Ye$tm{WidJ%T`U0hb3ZC? ze^k{w7=^VkT9bvusrL{oHCK3X9h0)uHUk!0-40*8w8EPhR_C8iQ^+b4a@*NCxmL$z zvxZA=l<8fm;Y$IlJ6%1d#%N zm|kjc9IApwS_u5~7%M~?xV1jUwygy1L-R8pCMjT8ekzN_u#aiC9W$m?az`mJT`~vo z7ySQ#LjQ|&Pry;F_$62t8%>eesTX6%hgmnGkhtxfxL^xB`^|QO7-0K?{<87{^(!bcdWgEONCzJ>% zr!4Yvj}Q|rT#~cShh57oPNd9|G;e$oH6jD*Amm*P+Xj4I*HdrJA_h;1Q8M+7NVoQ( zrga{%(tw#5i8fc1*6|O^`DnTpQid$Em(4 z`wxiw7Z0JwZVxSNSMeoYmmjYWVKq8#O^E+{^(M2qwe203QiWgffH zo~;Ca0~alHD9x1OCG<}v^ns<)*IFeoQ)SjdtKjz;O3>L>3t$??d+zJ3@TUoJ812LpoeY6Rp`Tewl&1unx{E> zz?-H*lu7d!yUn1y%xoH|RJ_VW>T1hFWp*&R4;@m8>7A>$_5dUK3tbIO8aLMeV96;c zg}-GZB$SRl0a`PiJ62{XqxS`-=2)ijrVyI$hRMVg9;r45WISe-$esw7MSEbZQnANo z%(EclK${$w@+2^)_WJ@ZZzP~4d#ff%nOf7DZ8avF+ESW7BbNDnYH#y7C(#GIN2&IS zYs#cr^)O!+opFbsh16Lo-RTjtyScq*okFbd2$wkOE8BtOYh?f{*p?p{#F zYfA3pCdL7G#1^OTG3CGJ`Zk9mObtxhr?Qi+KMl~5N06Uz|!$+P|4 zY=hyX=~rwocjKR=-9xioL}n;p`8?nwaT~8he%hP36+}4_WnKWyS-vr8RBZ>0I66=^ zg@)}>JLuJ6&DZ*LJ z6t{ET0{3S!buKOKS5)_k%~@-O_=&6V{R4XDqdDGt!n4$XdzkjJ4de|1ffW~S6StBe z(GpS)Keu|v-g!*cdkpn-n_*DOm&$WdB;T+x*h#lF(~x76aPpTf}**zLUF%HUzT#F z9MIUysu*Sd<O0y(7;lG+k z1+VGB0ez8om|2p{Ha{@*uJzO5w0ot!ZubProCkH1_K1yv8+S}LMkYr{Bw;FT7C)IN}#++84FW;%Sf z;UW&(;0k@*=d|AXNJ%V;J*q$-cUXaiOh6c+dmFi(D8Xv@HeTfSwOQ^c_gtr#2a|iZ z%C;of$VP${d6DA&qAV9-t(mO0?!&tzM_ne#$ogImAKYDPO*NHVD#w&6k!$WxV+pG+ z*?;+QM=>EBGm6q5Tky!%PV%JFF+8!bbYmY>N(17U43}@746$Mqr|5O`-&{*K%04@^ z(8;<3?0FXbGpqog~TT_gVzeJsxJr z^U0B~Vs~5b7tqgpdlh-kj`ZIhVSLu(r`d?W_n}8ZgE~K0U-SJxyuE2Wl<)sOJdBJa zlQsJ&TM@ElH&jTnW*1W-$)02|j3s0bp=3)NSti*M8L}s2mwoJOW~_rT-KWp@d;k8w z`}@Bi+z;;G|AD+bXs&Cn>%6Y_@jlMuINqlfd!BvYAo}-4!p=OeVhrkM{IljxD6fo} z7!;12U}tINd%$6$S#J!3(6mVWs1u<)CJu#QuFI<)80c(}Ozb^B=W#r}*hW{zlzE$^ zDe(E@M-6l6;(6hCk;}<>Uz5VP99hie4NUuNdoOIOUow%*8q=3IR4rtR`9a!^-NHlB z_ZDmi$D7Nqo^9po__2_8PHFZpM9=`@t)WalK80m(S*Op)P*~!!-kN1Or$I`5PSrdZ zYQu6+Il!j;$@QJ(q}VJeYew4#r^4qtS~P{owh+pPUsKQIQ1>Y!ZTBVhjyv%NJzc5dx#3ms{>OrG*%d#GX;2S>n^7D3zNiBxu;ZR5h>KZS zGa4?W>Uk7`Ht;2O>na%4a7^fPUfM$rGsk2vAP18^d|z^}0>s7pOTJI$X4K-oKU^R_ z#8N1wd$&l7zd`65#CMXIN!F)EW&v#~J+R-C%;AZTPAawr)Aq|37WN3d!ZNl=5xmSV ze{M^L{wgsyy2XOZc&YKeE|FLB_3Kz?Tk@49{zmuQiynGbQUy zK~(!w31F*-eWQ^WZ*iWV)lP>!$^0pEjoqgp9dkpt7qG$i;R(v%luq)TrZSy9imUdR z{xdSt`R9++nV257pDtP7^Gf8tlup3|C}p@jj1%_pUq~rFtZIBrG3z6*zuXzsY2B|Q zQ3JYZFZk)3w?M*_E=A0q6%3R40OY?7PmmPzN19}cnP^}+%Mek7XK0rMzr-G z5&v6SXXzhbxLj27QF#@Fq}0=B3ZxjLCPtP9lkFayzGySjBD-lMc-7v!LjWdhw!JyI zRv=$WQSF)0<9A3mHD3NeL*jh~#|g>PtX^pqU=ya9j%P@zhZ+OoJ*EgAk6>B@Y{uhB z!yMxj!!H%Dy21z!o0>|E^f$oHPz$q0)aGZrE|t+pvim!hQQuplL&AkPHy$gqr)zp2 z+Q_z}YrKqVdHdcUdc8qtWx=vfL!h^KOA=<->lXXU_5^w@PwHW_$>q45Ta0)hT%5~6 z)bZV?YWym48uV@Ym1B?;XIbVhbM9Hb)9s(R3lC=I`S!PPH*x7$57p@8j)t8M`B=JS zyS5|6!SkyePyg#}w{QXJj62>P65qY z^o9F6-rE8xkIcQtGUtU;+J%8=C%YKyn4dh)Sxrjmp#36y)+LlXT`i>LW|%I9FMwx1 z(4ailsBg`!xRF6J&&px!;p2RW z%3ZG($Wx6H4j$dS?u$R6HIGl)@z3cPd;DkYjnY!4UoQOpDg{L-9L--VqFi}1cB^gF z^c>E?&tVbbmSV$GQutwsb48;V>*4^t)SNu;6s>Z}6@nfE&??y~SG)=~3U`AxDJz#|Fmvl5w@YU5M47N7$ zsCWL1dT{0Bs>f;&ZDf1#S4wH+m$booiC7oMNOYziUs9=s4oominNGk5RnQOlKQW?( zfG^i=gr7v$?cNyJ#&g=B?`|kj+sY=`WxBa8G-&!6z2J0s79gN|!+$6g#BzyHY~Q<+ zbKbhfCHucI{48^!Z0*=5#-9sNZlzmO0$DnWYX!nl(;i7Ielk*tyy9#dVfS9J!U{%^ zXO`^G5DEkkEK8=B*Z87+*(3@YO!;nykAxug6@YJLg!c0OAKV9*SedhO{tur;36+dD zIdk)?Kgdp>F*@;JsOPtfy-1I=r*K!BByKucr@sArA*&aS!Ul3JOD-qILMGjZXUUtx z6iwGI1tysyQvG3}BFWOcK(qH)m*)wWlakPG>_iCC;HYB++j=`8WPJjb4V~O~YoONI ziQwAtG|o^u&PfW;Q@Ji|$Fv|*Nk53Hn@C0tM)IYORvVAk?xfTDB#!1MVSgleIiqiV zJ@up2t?O|?gAgC7OJ%Qn%~L*+l(xtJJ5|#CJFOnbnG9WO7bBINCa{0jCRsLgvVE2r zSUZ)fBrN}fVgJ-Mjg}Ck-qG0*yJPWX1L=trJL#vAzMz>Zd}3a$Q*m&)?Z<2LsIHn| zb4Y?u!q|LNBkK3Zj_(2&ONTru+EN8OqMNrvB{jO#e(4O}oA?a{WTqJ3)T!XGe+v;^ z$fHER?>4OoB?>`TT1WgMJ=Wh?zpJQ|DSbTWSF&Urq3RtcptbM`TfhFqo(-T^&a(I9 zO+%8xTAUln*6Kxnla-s)fzv}Bu7t6punSqs^cme4wbpwQULO_trWl4GW&qfzC5yF8 zo-FeC!9Q;Snep1VHMPG1o6{8NA-$UFexe}FKfatkdFs*RNjp^jm$V<0mY+ZM=&z28 zpZef=L*R-Rm((Ail}y zcSdWoy%c^(ex0S`UF?Efr^gQVzJM#Mb!u&Mz3>8;lJWu<^d{2lQm%3-;9S)eg z&djrA7s2-`(i3zT%Jfo^4nZ(bqzO2-TPqos@fT`u2D);^AB&DR9Yx>Pk4W0EqNTsa zrwFU+m^|&A>=_e$(Z$i9@4>E1^>9i=Y6#yB1WeK^>D#%Uah2TnL0nb5-QBB%riCz< z622@;LpcTsdRK^UZB$WMv0kR0?J1J#r@t?S%Zsj83p0Nq@SrPdTAd9A_S-*I#4Fz1 zxU`4A`&F;@+wajD7o{#{xkcAa+;sVdK1r@QUZMuSQ}Ju8RgBgG5)7dsTjm9~_O{_q z_izjg4gciU61;TLpMMeBPq}j-IpP{D+FxOy+RW;*vzr3?uzP_BwKs~An|rZIUy_xk z_eJ_vrVwCv0EdD0CM|%ytk<e z+BR5~IwV-Cd>oSty8<8K?7^Bpda4KiLXz#?VTbQYAF`+i(V&pjk;x7Ha@+wEfIWF) zx$u}p@We^1!haXeJW_dAobv=@=gp@Qr+MWLdf~y?IWDWQY`XAVHIJ#F^>3s@183;i zcmo}3MZ{NoKLxn<3i>V1PFRys-zzs(s)#nDzen>ry}i$w)15=0w}q*qwSOTu4qw;t zqwLzDuB;>OLD3?eWgqprz;H6?c&Vm9R`H}%`Ww{b*ECyOe=%{@2-D$1iB_y5nl9($ zy08DsS$zNY`T6P$ow44F_3g-)`zdyVg)=C+6&{7d5K>fB<+yD-l%xN(>Xq}i4%Y*w zz}5)anT+yw;Qm=@x$!pqaP?yAf~LTdy#h&pN+5A&{j?TN@1xz)rbhF(1f_wd#V^o1 zNbk}Xuf`7@LmD005R+e9H3n?DWqtCCltR^OX+bhm9)WTZD`BT3 zk*9>|qyX84xNW{2(XTe=pg)5dDQ8Q`cTOHO7Z?0@$^tK+^hW!p- z`;rkA?fGgkLa!eFanb7f_2i+lAk)KuoX-7ymGARdvIGB>-QJU5pFYL3K9Li(Tmpo; z22hJc#7`ye^I;VJLc*<(bgRCSOuQgx%opAOYJCk?fR{P9*sE(>$E7)hb6{7#wSI5It|kUt~#+66Tl@ z%sl0#dt`|PEeccOU&u`y)f9W+8;}#L!HV`kghXyscd&@l`WYKQJ$Tjz^pi6u~?>C&F0Dz87F{O!pS^&}Dok6@a2L;`$ zK~tui*Zr2yigx6@JiTUXwjWyIrRpy5oMvmCasdT)8-C3Y@Dv_^@0%^KE%2zvSk_vp z41p_OdwktN^8P&SF{z4p~K75(qPkm?rHmq+Kw`AlTLtI2Oy*e{Nz}$R_ihLVIb~Hazb7eX5FO z3NrfXzYF42x3-X{Fx+ZAjj-5Sb>Yt!uU_qcec`7e1fnQfjRcl2YQ#+9$q{|r%BRJX zAFka{iD;C5o_)voN5f04@d}V@6#56gupPv9aLsP4llTTG9J9RT!`!92UdW})D}{|R zO%!h`isifj_ES6QDcvx!{^B!WA>v=#`6uTEWly%TcBDb?BGf;%=I$AZyN)lva)oCOEk!j}JHDzH;7)V)7YUO6oi!dS$Htnh zrw*bN%yq2>4)kK4+W7)R!hQEh=KF=>$TEfta%i=8b2>fu7k*3zvs=lZehXg0^h5 zwLR)PW7-tf>R|*zyF~zjUXO*|T6t_-)$D%S%raH$bNR)hvdvxg=;5%SP@MJQ>tG(V zPczZQCaq#R5X)rbN{vakbc^IRj`WmfUfOhIW$<|Q8BT|h=1XLc7B*}@d+NszFD-rs zg)Pgq4-!?eY6`s9=IAr5&a2TnDl2U(A)e(Pr$`fd>#OX~e2So+U)=v*{^k;AuxW=E zOcfk8ZswC1_tIcp1MbJ7Q}XdQ8OH^VqRqwXrt2>4Cm!ccH{tb9x2v_?*`$_-&VjS;kk z-VaKHmh}mTIN%-TW9j#qtSkpFpc9IEmpeb*Cw;m_Jf7i}84TUvAWZQ38J${6Vhtx1r!7jIKh_m!yb7X2I{RIFQh1j3I^}KLDeG!}pS4>#5lE*s z32l-1^1a(c&*|P9o?7;ucZcKlvdO8Qb$fnC#UE&hp_E~CHzvc_!9=|M@ym3cSATde=uN@M+suc`ySS&w2iDwm%H(+K;U}C8TFQ(XohC&R$=?h5MCn-f?LCFUtn1UiZC6Pzu8Jqr7dS*J@9A;v;=F+?#)aHK^sE1xli=yA zuHTxb!T0SOt$$I;`&f|#Ennv4%bAZBGN)!jUlXMX$gnLqcf6}M>0M5=?+GP<(g*M3 zy=&Q}8u+94^v`wk?av?-DSk;gGq6}iIhljNxRh*q2uIn0WX*?GX=b{+(Aa17h+2(K zkm9O|jDQ3k9K{}WQ`HV%ZY8pj%S;B>6h?~`*ETAeDyf<;j$6$Qv(|^`fe;n%7RYb1 zHW985f|x9Zn2UW1CW>^?ljTUg2BK09U&`ZH$T-tMcZGv2 zbGaA+K>mHSbiB=HX08tG5z# zG`o6c7?`hsjG5W*CaE<-zHrH{LYnP;jn4yxp8K>A8Bn$ zk*3$4TJvg{H9evnFNpDhWbsbU$=de`BrEyM%qcMo*GKlRDVwEpGxdC_{nkRAM-m zPXQm5>#}?Pupl>We8-v>eq8;A`>=p4v+n!j%KM`YNG=T9G#MlZ59U_ZcvPmp)jFr{ zMWf`A^Zi;bTr2M-Q%^T*J6*J}dz<5JEsD16^72G4QuYrz*YMRluQ$K~qu_*ogX+Ub zzqVW98UHbAHS&J<@p2G5^QsZVPxNiiHVAyvv%S{uE}bTNZhpck#g#dCYN#1sQT5cf zW-@v=K;q>~mi3hQC7vI32>(Ima**u)1CxemguL%Kdxfn-;-gMTnJV8gXo1+L50+`vzAh3N zY^ogpQjc>bRcUIhiGiYZHbljfY^}kdu6BnoN#VW%0L;x=*LRD-Dr9WF)g-Fvk^X_V z*yx>?kHrg^KSy=-(io3>d3ST{6{57s_Wn_;PSf9oz1U2zB4h|R27g0`XGwqV)8L73 z>-YfJLiJ$R*YJNK0yw|kU=H%bm8mwOQ|iIEi=Rn!%NzF4+IBr=kz4#V59!&xL*r69 zF;J8bwXIie`w@19Y5Rr$&sD)rPJmn5>6|HDvOo*~_=xAAN8Jl>x7AX%SY#5OkYY2B7=zThR5 zi;Wircf?*d@CO088gTQQCmx<0`q!riI45Xul5IT0ck0-_^&6(VbV7UA%;X8j&wLabUirIn8qih7~2FLHoXMK<6V)9<#f zzGzpT@d5O2guORuw7~`*M-fayr&uOljp_1Dle}!rVJeC|&%_mS1)7k%fVi@_4PaoI zkk}K9%Ig;r_SJ#{%tF&4O84uIW0YNzjG8<7H|pK>+#5Xa9Q1V)?6*m5Q#;W!M#t{& z(~ga~EWH&Mc|yvOyL*hm{CUm`4wEjeHkeWyGRKZtJ2-_R@;HUy_XOB1*4~aJH_hgZ zOG3~X)Mxulkt@=%QX?02=4?ewb-kE3!`H*@vq*AN6VWr+pZKB7R>hIM?;A}f}GV_9%9)fL=eQ19|-QMUjegVQ^F zE+6QAeZ*b2$m{ZIXd{s3Q{vxh4B zz``beZhIhNyBy^#`yF~*h{@{w&H9FW$^x|uao$wKVY-^?yOqb5LpEJ+0#DY4-SlWH zjb@mo?P%j}HR`QriITW>k9n8_zT4TcZ;a=FRl zSzRnG%lLGeEE%o41q4@bt)75c07^1o`@PiWw2y5{jW)D~$T;9V9pco!FwmN9-py zPM`E>G|X_CIvQuII=;hQjFsIKmvt)#J_ z^N-&Snn{8sV5AA71g8?$efNmpT4E{c-`}_^H#F??py244MggJPK!X!@eYij7elLm_ zEN|C+;UIokWBUscdDD#A-oWqE4kZ50q3UBJkt=T}_s?F3?5xLvs$a*8LeB&1iZ!Vy zfc_o2P;Dns{F2qe0!@OBci+ZL%r7!Gafq;!I3rUCdW;@&lv!DHoQZJ0T2}oVWk&x! zs|57I5XYup>%DPOc=ILbTg7fK;vb7i_ZpKMdfQ-D$*czs8aG z6@fvn#Sb`5ZvAlLByehRt3Bh|(D51CF2NIE4R*YQ_wND=tS9YIlVgoL-WTf6CCFak zU{q2T{~*?vu(xe<4#ENW#I<73)z@4H#NtoX{@H;2|IOwFQWF0eK7KTS{D1w>xGV4u z_lw)#`j`-My&gXJN_}qNyL+!W9nv3+eD0bf4NdHSgq{Dgzo z)}5ZHQaYYt@~fH7E7P21E+1DocS`LWA5?bzqNRJKr}|WQX8jRIYtO&zQvXq;|KF`r zu`@;|U8om{b+2<*7}uNvLQx$Li{4&zx~=Q=<3l#HGM%Hv0H{~ihbdcfIphKb5DVnS z`b}VxU>PZI^n@oWyre|bPQc9N&$>vutA9x0UiISZ>t|YTNGrE@zaL7a_Un4qqhvWl_2~5_j{y_f?M^w>Em& zGHF&-9<874bNZ@?S749`KAq{%i^8nDBO*9ML1yAr(7x5|FE+}clH zV&(@Qv1-fT;I=cm%z*1qIq2IlzB_qLKF<(~^(F^z13%NzcJ0xRL=ySUl)B=ySVUKB zp`N^WnPijP)!_SYjWyjKsmU=RP`7wifc7y1c*;|@jP|*G5eLMa8T&a0`fxD+c(4-Z zE0B{1Oc@fA{k1gNMXl9h+tXjg_hxp6?rI1u#vF$%hl7RqH916Gm&(~1f?f3J!4pMX z303hHm>{nzVwWPB1P^4(38F*pZ*Kc zHl}SLrVv!Ghf_J@Yr^U|Sg*=;8&+(0g?_Mc;SouA^+9S>LWz}uetJ0GOnd{x9V_fT zHV96p2q}}Tr#4sK+8`)T%4vp7G^hSsgo+agnhj8lT+911w5_kMavas6Tm4+{UW=F9 zP^b+s0vuN1XB~*GhXMNFO2chiSSWpF(c+wjDAeNF(`+vJE|ECA7UQ{!mk%prUBuASvDoQe?j3|2<$aJyT_K~uZnsrrQD>gulP#L3lmg28F~ z(*9A?0Z)zgb1!edd?qBjQ7xWJ^a|L)q2I96bdd{Ns652XN)kHJy1Z}pi)oK=k>5pr zLwfXl{vwJE!;M>hw)9o^X^{u+eRn!zDHEByzKvr8wHDgi0=PpQ1M-z+21X7^dZ;Fj zU6usS!8gev8lTB~Q=X9{xaeYE1Q$AKi{BLOWua`gxA=u7Ce_X1y$;Q8Lx~T;vk~{C zl)P}Gx<~DfXhp%O-cGEmvWWS~vzQ-a;>l)lGwL-%FMbBtJ1UDdLzI4qaTN`17&ImWQOAv81~xwoytj4 zNGPw`&)OO^6pcLp`|^d5Ijc2Drhs>5z))3>CSPkb#gBkx9B+1==J)9RK5w?kdfs+k zBGVaKsYQv`Cg7h=oFYlRmtTXUN^9$!q&^7|UNC=wm8g(LHBw2QYueqdC?IVZ#ZgnV zt*}u1EDo(p{Vs!5fgE%+fysbs=LvyxpGovJ&JK^;gjue)KJNQ9#jL{P99ef3t=qJp zz7rgd8=jb0m1S`7`I5h^DU@A7(p>{|vq)o8J#!+An$l{9b?)A~Fu}3FUDHZc>ZjR8 zH6ed*Hfku4v|DPt1M`Q+Z-v~`e{5P(@8I{7nOUYU;rw3+b1($$T2B>=va9&kFYU25 z@Z^No4^G+o0=IMAO2R%X_Q1P`u1W;cc$mDA;@(o|6jehZWEHVmY>jRYM^RM zIvJm}b^CP0@Sj_8aZ}!{3a;O?Re)C0LoB>8V<7vr8l%9qY3xfgprXrk#(&x7*xMyJ zQ?GxB1D*_jaC;|eJb%kk_3hLDLhN@D`{(natCE4!p5gK*P2E+kNE{KxTS}W}9*d+1 zDJcm=mH>;o01wHniUkcuqxXwc8TY=u@i3Rj4EK=O9Gb>bp5rEuMVOnBD zIsQCYVcp@K4;4wQ0FiP+1@{#@L8KhFdAi38+qNYXTr8zdNU&3nZMGb-u5fDo)UCz+ zx$4M2&>@&x?C<{Fo5O?r{~DP3A25ae-+%v;Pvb6+V3c-DlP%CFzL3O5xqdeKA#&<^ zBN6uu!%GOVY~eYqOnf~mzw0Als9`l!Q@Z+Q5U))|kZpzwbil zwx&Wq_TT;p<;{mm<6oF%LgQFaISRYFt6@IG$1K_DWk7kY$%P>P5C9c1ccT*Y6L(?o^I3m)***@o}ds*;>6_RF0obyEInv;Wa&8(sdpG+mm|DIkLs4vs)l% zN%j}4a6r=4{1ezEjMulUiR@|__tRG^t}t_k<~-Eg6)hPGp^ju?B>&6kq`FSNH3>&9 zy7u8OfrufXzB^M>88ba-mNDVTsw?cqZFjBhwyv?RGOmMZXi<8#7dzdKc8Cl9<9Ub> zfdu$IM6gk4-T|-3Vy|ynwn&1Bnw)06ng5M`R`iXT2Uu`~rX`D`m%&nC~Q6;(CK-_THHs z-~-v!>2rVNF4|$xH?vW+O1O6BMoI-cQ?I#(w@+<%A`q_xiz^4BOsvUunzqiQdjwiP@|Bx=fh-37el+j+f!h~ z8ehOBir%sZ0hY=BBrSL$ft)9W+!On-MtIl|&v={+dB=6vKh;f#^^EF?*`Anh&YXm|Z9YkvaC`Ib7+lK$-nEg)zA>~Of@=#+P zQ`iWKZTXYS(!-yhqL_ZpX^JuCW-`TP-gXR#Y3!+!LBnhYB+J)Sn<|qhZhcAM`YoIo zm>qNC9Jg4AT)QB%0p|CSU(cWyxypi|CS=qyj#4%50vA1~u!jufcSLL>mQ~tqU7-qJ zSzDRd&i1?QW4C}F<7jFm&0SsY*`f2VgMUsi^!mmcTv<~YSgLw%r+jQ2Z@(CMrz<^y@@os|_|gPv|kgLKr7H0jvRtasX)~2X?0u3CM#JHlQt>%Y|13i(*a@tC}P|)NL(NOv>x5C*7p&-A(xha=PO+5uRimsPeU9AFZW(&kLr*DQ6!Rg%6iZLgtNf_o4fHW>525R?RvlnfS8 zI}sbV)W9=g2Wn~$t1)a*^551#gbc=lXw={^lXV@%Le4(8HYkSGSRU!wJ(oni+vIN) z={6g;+ofC*K81Kf<#3^jeXS!(;eCo95F2(qW*e{Y^2wd`cgdWk_3}>Y^FyAefH;Qa zf*I)prU~rgZpqA!A^3af-CxKMzz6L2p^Mnl!Ce|BNzzZ(E297SzEWOyl+)*bOM1GS zZ5?udI4(1#`=%{|iFzD(&E`ul6};8UA4lmSo`1IgkvMmLrTpxx_@pI6o zT7!d2XbJlvoUgT%Z=tf(teo1VvKApG|GQ9~Cdb+B^%jXdvK`U25ykAQpLIni#kjgQ zTUxBMHuYAXBP+Xj{%q)wx}fgQ6Bv)Ze{*Jri@K6 zX6CGik}{tI^cMi2CnyTNo(i_>QC~Y-N(1ML*gAYf9b;sD%B7n2^o)JNe{ADoYC&Tr z#90V#fGJqo_r6u_h#y^-kJw>O)FA>0qY93er}~T${e1!XzQOLM3^&D6QB38XD3D^s z_3#_aNXy>9@8ANNCooz#<^WZxqs*e~&0@C0`$lY2^xHCE5D%!_H$l2ECrB3tiVRS< zO@Lye0K^NQKqpdxx)|8y3Kw}mLfSgn$q3{N+k$*yDx9jI3j%9FzOW?77yb(YEesDX z_kJ!M*S3l8ht|fO4MA2+DcYQNS<-L3vOY3hG)gsB2~*`}kO`E(l4P z0(`a^n9P8dpoUEdffN!Vmh^F-{{O()88{zZoDYfBg5&f6mlZBhTZZo+}t|$msL0&I(*fGTwfnC4DePSi}+%)zS$=dGELs)jO3$U zjRqd+PQ0J{yDQF>5)W$&ciwpPynKnB#tm7S`+M5-<>R}C>`M7NA! z(2bJkMwY8d=fC#xD)aEq5qx>#_MJw-8R#*vm0`J19Q5sgXNJll32sR~Alv93(b!VC zEgKM9>?8!0P7B;9*8z-T9vVwX3_JF&9PiMxMINy(kwRSvEUT_>7yAVL#XK-z`7C$< zw7^%l6Zh9VL2r;2qJSg>U;u)7{eF~6F*pJlTGNuejgxE?CU>#t_V-7gxL#1?Tn~c- z!3QC9RkxI1JJ{870{hvMlB6z8t&>7-xf;_S1sMN7*MoJR8%3SiSKkiH5y;A2^2YRz zAvF#4#A@Uewb~^^lxe>P5b>i3svaL|hb;=MndA_a9I}1RNwCyi06f66VM!d=>G-Jd zT3h0Tb**I(E86R$y)KqL*WWQtIH{6Bc)gxWc|4A9XhFwy5zYnPey_;9Aj}cF==Yok zNjZapU>Ac1@iKoQZ3Ej;VOyPIy2O@O4uo#$gR|$@N6H`i$1F}>^cwp!p1Dxxx_K6_ zg};Z}J9`8_OO776J)qsce{`G0ngxV=)g<0(6ioAyi`-07nLaztMb|?hdK&eQ=(gx9 z;z3pQAQ7aQeFlLxZ_5r6V2be}d;G~)yZPV*-^pJ;VAI!cTfWs<5q?1W{Pp57YeOyA z7ll1*)Z4!h2JCDqT9w+snX@l)A6i`G$wAK1CZ?qyzL{3P%zHw1`i$^P)yyqph;SyY z7fjPg%T{5db*+P1*nqX2JbbMw&ix>!jk8xcihss1tO7vIwAsX}wixs(WFnBwS0{8S~>JGw<348E0 zN;cUFLl#`!pYjPr(IEo<1dCEchzm`sL6;!BA2wE7v1A80PkdtqYUFsi9ebie+G|fA$-yc#_zX{AX}%o{h1Bx ztq8PT$g#q6{t-S<80#rFW$E*>>QBn#bB6KFI$Bo$>umWx#8c0rE$i3Zvd<07lqS!z zu?L$am(ldEY2Sra*B5!hF)n26H2>XE{oYz_zVso<&*x?7!@Y9wuUh(YIgGR zioE(%Te!R2JI!h!CVUtWAKVSih!d2%L`015i$}$5O)N(F202nx8Id1cH zMu)}7+42X-?V}f8Ub7eeIDWQ(tVnIVgxUu-ovrsr8VI?T95xF7RI!c(oOQ+I_r&$= z+tGKD@0}R_6mRPh=*<0*%1W-9!g8)iyt}WmWyuqM=1~M8jdjYG(b1gAzYC^BHv<`J z&8a|8(ot;K(JE?kGoZ0-5vOZKMyaAQa1g(fKwcx@!iO{z6zvs;*0-ME&-ynAZiqC{27qSH-!eWPD>ey!{qc$@gsL;unlFTMp~=Q{6hb@(dS zJeYhkm@V|}E0MF>w`fJ?GUW6@@-+u#CWo7Rfo1g$k*!c6Kja0BHGlyh{tMBL{)1@y z-eZTpbyH&=K=vD(@Z6YVgsgirdV{rEd^{1=v{uO@E{|E|!rGoVk1BI~m`aScXC-xZ zcH$$pU#xpbK37ZPdK(><85erC;7+TsGdFjOPB1O`HF$94n(;fQYXC;?wvRm!#I`#` zQEQ#4&uMnm!FvoLin&b0)jN^i7bze)mIK^(vtGp-sM}cGeHLOR!NBLNEbIYh!pVd# zV#`XRh^>Y-10KQrE2nwB?P(|Ydp<1F<`yKFwd9-^WcBigW{_)|@EbDA`0ZV3YNYEZ z_AY);JOg(a3cz{~(HPbc z4xj)Xzsb#o=WXXCAehU83>S>>Bw<%yk9lPaRqHwPJN+J4#l2TuUlVl`K@j9$8~8w1@hgViX(dOy;m9PL4Y*qM1eD4zYpB2o&rq)&~##a$v*Fv z6)!1f3&-6WtxnM5FWShz(@$?Ej-_>dPt;AID9ps_zsfnWoP^SLI}qg+xO62h%)B1V zBIZ(3Bf4%HeG58yAb@QJ$QrrIiF{=Y!%tHD$ewosy&Jx~P4jNjx-Jubwuodi^PW!w6#ph?W}MA$vbfn;iy2c5(MrsLd9Ot2H!< zdz{XCMsRA)DK1jr2`l`;Dus7??L&O1*udWTK<|>qaq@@E;CXN_liuVqP7;4%nF7h6qzOym$>Y9V7)6p?gRJnwhQj+i z&ja;Lb-a8gk6BwmyBLlbpwytk1CBV%g#kb;X#L}Fg&d8I6QYLI34`58FgB$#ASd#X zG&4qqXj1;!skCR+rAiaX1t<~?Q9Kb0Vks)yM zePkqZOAb35G4vP0TT*6H29OSzo?R~L*#Ah<^i=x=$uQMO?m4?_i#l3dLixDP>jxip zt{_Ryg5ZS?*sB-0On9;r3JTaW%cdMM3+!lQoO$1cT4iEmeJmtZ{t$lSNm-|yWArYy`B;@x8wr{*p952q$CyM_9>uJ!*I8Kag z^;eR@VKuS#S8T*Ly-UxP_5|eGrH&K4^pH}0nTW0j`(T>Lh7%QllfAu!dErbjkXHFD zUd45N{r4lF5{n^rt7{D8P>!dCD0_mhNQeD(^S{2Kbq4k%MxJ=VTUnCnnG&FcL0FJ%(ev;(+s17?1VyL3CLsanO`_hq!|8=bwP$Z9V0@%m-3-Np~ z@~&J(i_v0EFUj%b?qj!h3`o?3^KIdN2JA~rS5Y!r8*}#e5c_ofG=Ca*LdlL+G}9)@ z-ktGne<35jJrqr%ZWL7veV13#d_v!}!`t1@S$y4SC+VrvnJB)ni$Pwx^K-!o7;va$ zZG!XxOdB-7zhIfI2NGz0VGDQtCPNy!!ds1zJ4#P^cI{+aMsM^L7rEWBk_6_@JJA7W z&wbC|fzVjo2buV-GduB92A1E`HZa=Xf>Z{Nhg8;tJZ22`I zA||*=yHVwxawZ8@lI6r>&j)Yh6W>Ed-iBRzR@kBnzfM^M*49Yuh5_aLBvs_nKP}1+ zz_dEyptj=;^64XoKXjJYn5tOZoEem6#}LuDEHG~XyLbMp?qTQ*C`#fuDg^bIJ zH*KzoBuEsb&RkGorDd9$+Fn-f4CG*^SwOM|Gm|Z+IX`&juekV~T$S0=an-xbeLDYS zs&cE+QvZR4Vg&Fj(~&)!IBmXtURJc^^bmyfHt{n!F5hR8dbK!L4y*HGz zH6+QmRE+`WK85$;E(Z*c{e@t2vf@HBd{fVkbMuABbW+a$(xBI#`6i2Eb{)z{DC1o( z4?A?UqV()qc|_BA59kDJ&}#w{{}EhX{%>#@yxRZ4%NGCO<#iM{#f0b?w#~4L(JO9s z@jvSy#u2IaLb{M)pmL$oJA2?JkT-DE!lvWz@k?AK(cPTv%#k`TIUnWEADYC@ww5{6 zmQ$e%uZVmS3WE*!rq;|fZK%t{nU(tQs{`z;kDYH#a6mlUw@C|Pwa1$B$ZMx(k8xOno(}?i3`y! zGSL*UBf+Npo~Zdw(+^gd)m7n>I79-K&FN}%pclm-dWYs{p3jDoS*9kBkt6wC4fI!D z4Vyg;{w@2prIj4QsNv>F>oYV&|IHN8QjIef(L@_8?-+;@^jI($vX@t6v6A@Y(8fe? z@ZyVee&$8fsw_)^_XIPIl1G$l*^2ER*sOX1zs6kBW<6%>-z#W?2lrcAvRn&IyXX=wR5Ax!M)mn7D z&p>3rhK?R64Iu$W-zAJ#$GfNaZQS*3tS)Mdf3rW=z8Cj^^xmglm{t=A(UIa5K;His zIOzMq0{8ovz@`+XW3`DeJbV zlflerOTwQ5@BGE2@yv1DDHLue0BFNMe1|yz&)~efnNSHy@K9s&6sF{ z+5#j0sWoAyXK+EsEnE!ds@yccCAAJ<-d~-8*j00Y!SyXbft1JZYcN6(2 zTj;3pkPmT^P!*-YYiaU?r!XXlmwab@p1mrljNqawZxChl~h0Txi?Y4F0v2_bgIP762ayAX)3~u~IP%=&fQy2RrqK^BDL#PzXX71g_vdT-SjQ4d<4?!WCjm4nAhk}>llG+xH zNNW@bheeg^<#4*5-$bMey?h=7fA&y)1CXGhmjqy+h(3u?ikCNy{D-@}=4uyGdNqH% zy?vXeoXKZWZ1YDQ{_rV&)`BE`7!10STw_2i9Xp(>%yCkm+aisQ)JN($rG|Yxx2&gr z%*Z|n^j*|zL$Sz}pWt%oYjR_Wzfepy=yc=`!S`ryprq^@vAYQe>vDGrxBBJTll%P6 zbA+)LnCiu_s7vP%j><^gNk4iZgsZ?mpMK)^&oV+jA)Nr|^$;F&%`qzf0FW@wf++n& z9!rOQ%+K4nGtYZ%xJE9k_xeI%4VI0MW(&duIraz)-HKVD3fe3xW-|@sk^(Phuze5i z->9U`7mS3J(L>^Vp2>7RqWw4Hexz^!%}Vc!d@$gafH=$o^1LDJI`|fpM3f=sd^xc> zJygD}7JlL8VxXe7Y-V{}@TP{QYWp$+-J|*z*nDSD-@zGdJ6|{z?@YZLqFz#paU#S^ zw+Qgn_9(Qetw^LcjCi#*ruwSC5YSyoO0qRGhCKnjjuaVA4fdU+Fd9)6?Goc^&rcbg zCP*v_2w4?jB%HYzSDVy4j-UAzqW7#+EJUAGhd~&jjbl9gjGRrr0_Zg*?AGyf&>z^N zQ^x=6lqbO%-*Cymhht6?=UeuF?EmQa{+KBJdp_=u4lG+H%~?!1j#Er|L17PX|9=tp z-ce0$?bdh@Bq}A+dr?4CK$IfIK)^x~5gQ^kNH5Y`fRNBps)B$h0#;CzSSTWp009Cj z9SKqsdMES%A?LR^=e_T}_Z#E8f8B5V#yDpvZU77tz1MKRpuse<#V&vEq`w{BzbsF@{e3z3g*RILgfX?|!ODfzvX>_hDn%0^ zd?10IJQWcE1E6P1b%X^p)&bX(KFu=HC-t>(m#cqicN-K^kLHG$M`jRQZ|KI(UN{?T zE0h5b&*yJt4!;uUS1z)<$nxbKlunQETxH@P(7_>a3`ZMd;tiQm>JTk7Vn=&XYWen@ zYhL_`1m*ylEGeE~TG8?0NXJFi%SP9%wxDOWP+P%yV-j;KYvgHiE%++3c0Azm2}Evl zK|<63`Vwen7}LWG&=k0N_}ma)c0d$%Q}j(|DaDvcH)VN42#^e0Hf|neT7Ck zV8g~%{*X-%M<*df2A7dB!<=-5|Q#wEi8Gghd^nrcrmNq*m=`v+@< zr%!8^WZ`e`R{jNAnp(B|!pwHUT2ni3)Uml^BzlhlXrsBb?)hR#GgG%x# zA(A;R$;Y?T_lLP@i3n_2Am8==EzFGBy2jS?e^DI$hw|uu<4+W6VZRp*Zy8uYPdO2D zt^YQ(Y-l4!2!6Kq>aQu0F)h+fJ69@))Sr2JzNuhEMTSl2&k4h#2m7lK_B)SHsiq#R zTWYjt_Jd2ksg}0GW(W}9Tim`PkHVC zDy8ujFT1}=7-d^@YRxPS2@86Dn|!sjH|NwT8$*%2VWSMcX^ztn*FyEx&4qX1D831Z zqECv*ZQU^15}=ry!>@p18srzB(UU5A{I8WlNs+3|VsFs1elx=T)I|TpK1&uU-|R)r7X`Dq26GEgMbJb5uOs57%3}cWIZ=z z)_^B|?M?~kjxaLK*ug90(hkIOZy*t*Wmd`*fS?~vz5Dp*ayFICNBu+I^~c=LXj;;K zdEaWM*^i?T6tif!0?vANL(qb6*jl3FStYtLWk=J-(RV&v(omXb_VG0+>zGec9vAI) ziCPWTd}V3lps4Um_sgu^!5zWrT6GJp`c$bDN%m!z3c-w5bNg{`p+8dHB&El(2NWUl zKo*;{a~<%i!OI%ERoEFt^90&C=H<;;?7WQ7D#&_fcrM4(VK{raGfQUQo?E}R#DBW_ zjcPMjsknGR+WC_RDB6W)n6zHB_FU+;6830Ts@4ls#n_iD2;TxZ1}Tl{#;(|)&6o_S zZ8M1*yLsUJ`bxja#Dic0g92CqM$HP%j}^B;B%dmgCX1@?TncsE5XKLtbi62N}cIZD{xLhcHdA?7>59VUWG zW4+5~mq!kQi2+)CmMKX^0Ctgw=5EetmzQ7$puDdS!(WK)ye^WF`L=Monrqpo4zKYW zY1*NVRN1=u>u@XI#WtvIRpe0WYwkfZ5g|+%FQyZi^dU4@y7Gb=S9x?+c$k)Jl z(8E-sb5MNvJvXfy*E4?!Wt-xCzO+ufs+^th+f2I=o)?y3g@j>XD8t&Y58tyATvd^9 zj8$uZ@)O6KWY-ru2j^1HZqE>_+iyOct|{|M|8REY^7|pOf3%7= zPhW3glLOMDNaCHmW6tZ>YQ0J5z-C-D1|&(eTv>MAjavlIT!6(Z zOfzET4&XU(B4C+1pxxRa%@>)lE%-U;Ez8LL(tVM#Z(~_)McTP6j8Z=6hvh(4V1uB@(+gg`5Qx*)9t01HZ!;>f)E{ z2O=*Ns6YRL(074Au_T2tH;i@2-#V%NpG-BuBVURs;r>0PF?V~wSdrV&CA#1E+9NXO zE4J`dg+dyv0VsRdy$Mv2p15CGeX9{9WP4 zEQ?`j3sBl@{dTxz&^y_5q2sMwrRhhc$KqMp!V_n!S(f>Tx;lw74Amlzta5v~l+IT{ z?H9@-H8*D(FVDW45^ANYNGt2LB&CV5I- z$r1IFd5Oyh5c~jgdg)0i%w{3Je(EV9B4=A3*fYi*gA-%9 ze?fAmgeS{9!T#(9+mf+U1Pcym-xr4%d>7pI<%MDtX5-w?69;YQ>TXMzM@`)Et6P^W+j@ZXV1oX}<#oir;uZ^F z*bgJTZeiF5YUf&IEX%E*ag_d1^cu;H);S=3IQ%e|JD@f|8OYg5+hn3VuyjFeeGU7M zZX%MS8aC17&>g6wtJ1dUe<$yQ+3jG&0}6Nj_xCHXege}d>oe%6>>XA99RTNXiO@!v z(VJ5A{mOqq_-u*vO`i3>m9TSwG|3T_kv9;$K9qNMObgd~a{JgE^9sJ3Sr2w& zLv={FD?`ndh~4G{q!)#Agkc)|G%ufuOVowlS!A=y0>2?fns_!+~cU zN5DGcwvJ%Lw+BI8bET9e16)KaxQI}X{5?-hZ^^UKV=)v7KB{FG{JM{qGc{bV_|S3U z>)eM9q+iZjj*rs)|1>MvrP;CUcwk!;yAl7IKmc$5=gtNFbLVPCn##c^k5GnQhgDe? zMrS&n^}1(#q_W>ZM$u_vb#P*Jn1Gm@PP;F);)>q~HXIx{P&!yP%>Iy>(V|Pcs~VvH ziZq^;JV*;kL9-N2|8)1#NHFI$5iGqIY9Huy7X)#J=jM{9}i9J9aGqbu!c8-GDy zZ#x24mro*($>rdiX^X2Xdc%Bf^4@0`$D~4ZihJh3OvPtRr~DlZuu6nM8oNIbTyGZj z1D5}m&oJ(%uRKqlA$M@HGEOFO`(`6khlYzRO**(f* z64YB5;iyxJ8}?Yha$l>=40Ph zNI!_uYbjG^d&#avF|O1bn9E4q)*$8cpp_}dKO(5IJ-7cXVtX1z)lz>Tl02f%Z?s=# z41f$1FW8pYUSN=x)scxcDfnVJ5oh3K>k%>D+t zn)iYK)spxB;_obDQl;VqjxJjzjEsRZq2Kg-zxR$_TAsB#)FmK!Id`lkG%dCS>smJ& zp*dh}cS-X}s8>-A*EjEBmr)Cm^)YfHaTg4Ydpm>JfTn?W$kdM26HG<|dJ8EO)GZd5sD2^osR0 zl_!AI;@)k**#wPgwgw=}fsH~(fm!<*JH0hWWFY>699hs{;z2#w5eLD%{FiHyrH;Nz zMa04biW;$_Txu<$qM?|;8>Ls~`p$M~IF@@N>PJ`^2dU5f2Q0b+vo*?F@yGH)GOt&i zzAft%1pPc&qw)`}MuGd$66*5K{%(4Qb9XV>jS_Wpc1w=*)$o$>V@=NUi|Q{%8Bz+P zs!x<$Dt6bt8S(uvx-if6u>rQ4m6tV4^7jl-Gv=enl+75p>xc5UxgUHwwGMi^%*h%-z|IoJE{^OMA_*ys z9XKURzUaP@akm;0S{o6|MQ;ip;|BxF0vIB?>M3X;t_G`_2eIrsq3u$q(?Vr}Rl9Rt z@R+|v4)nsmMGksaUw728Ej~blACwJ7`x)y=6_oCg{}oBP2T^>D+T+{h#jj7}^K+4-McD5QhC*ng=EYoiH7mDZ@FM68QVh=LpD7NRrmtgKq3N0BwRZSEw z|EQ_Yk{21%oQtvrJln*uG#y5f2)F#+vs9WRI6J{;K_?|V;E*iz$mLwuoh+~3PphcM zuvLBgPMgfVTlxIFT32(|H{>P7t1L^Y-vkCa^&~Az&}{UG53^*el;O0aHa3;%`um9> zx9EnzRrauDYbFFJX^|{uL5TR$rK6)0=Z)3U)zT`o`bECzHM2#LS-Yx0R{oD5Y@`%S z-S+AvbIcGm`7J=^gAj~&Ul>)tcKgsYh}3ScAKn-K4zB(-DRfcK^4Oz(<3njw&W4AT zQ>^b;b@m4b0F7i~q2Ug!M$q8}jZc91z66R8sy2)>99HI0Si74;*c zIcrMtUYAjqk=}IGlXM|GG;IEO0qj^0P}e4eYiDhjuq(BjT!eoMC5k$7pk>!?oLOoun7>mhS-bQrbq>9#m;;rl$pLUw{i z&7R+&FMxSI?-anC|Mcl+$;huHVsTQAi#B{YN4)aR;)JhUbv&%6K1IM?Y&H--r=(pYHc=2}l7ZCGhV>o#x;?Yp^`$`>1 zJ8ORxb{|TJ$lTxk_6zNIVn0cBE4>m-To3mSXkpFej*;&nn_hy*U5E(UAD7uUG~crS zuJVVpGioK`f`TTHK$GtNvW^eg4}MWA)MLTVh@;5XZq@YIv6 z1E@&}obQ+*DF&Oz(#KQiGs`Bm6E9cFbYRy^OOj8UCpc&qzhf9)M?PKOM9fD48Z=C5 zo0-3rxHtKQa}1DTQ5HzL7yt?awheg@S~rjx@W{NWS5sEDj|_sA(1t>$o(~1snuDbx z(AuQ95z_+TTStMLpAx*CvKfyNqRUBAUv#aV+t1S|nw%vsdouMy!#LAvQ~ftNj`>Gw z#rOy~)pHTsY>!!dn4;FyDaP(Bg3kVXWaJLraWozXj$C+ zCK)RpGiWjSF#=3?I)!aHL~Gxz!Oq+&Wik2J!h>RSZ{a@@5=F6*fy(h0%$B|0)DYsm zeq8eL5qcPEH}eHLSfYff1mybaFH{#DrO~)nOFdG zGV8aXjv2l8E)!^Jvg)8jgqAEdfka4EAmz343@d*f-?Vn3^fYF z?Dw|cFAqPLjD~IT%s$bofB=?Ip1wvo^-7gOhbaJ*hkj-rxq@LB3+1y0?*m@ zU0OHOxIGR#&*u(gc{d_8J$?QRP#gFfk9STzY^p172~kk6pJH=;v|yW%ijhD$Hf={d z&%dwMlO?9gOm%SNyLcw$y#<>xYicg+^4^XkTe_R4E8agu^nD6%>(uo9GGsK{r&Y&B zN%Kh9h(d5lf9m2JRg}xIjC&pYBDT)2eNZ}fhMYWF6OX^}Z;!btsH#3fjztCSz)LC| z9LjnG^;H%;yH7-lFB6nf@Reh|HOP&~XVh3fch*rg7wdH6GHcsmY<8RRas5B}cB1X1~;m2FjCJhuygjyo*F3#MgF)tafO0|ArQNqOU*d;XwStq_;y=z#IuD0A~A| zlV{)jk0#9j6)LoS;ov*Q>91ZVr5*?>71=#(_u_hYSKF}TE5GxRgA^yqLtk!g_|Llj z&G~Kk^|!le`uH!Et38)=3sy>bDtF!xFB3&bvi3omtTNEQgI%A!#`YaW>`JJk1PU1u zMCSHi5Ma-eUM3K6hv?Lg&ljvOi2@+AZ%rS4@>50VL-Yo)*Wfkffa|pYZb+Umj z2Cg=|9=XAj1e8++u+H~jkh88Yy}OtpkU$bTOeYyu_Ne!y>~F|AcIi-PJ-+3zP?Kt% zrnGDFLEQr$Km}E}{N)1WqvVts*-mIh7O!%a!fxp}A`{uyG6sc^+w)5ijI4YCU~U5P zq7K0im{#nHH3J+8wxCP4XS3?n)u1m^2vB-_gwVC88l7aNCMs~da#@kO%>NP*#7Y9LsEa5u;`YL1=DEMcD-P+_Mgn7l+L4X%z9@K* z0D(pxU5djW8L_o=yD?-K?w#izJ$pt>+jW07TQrLd;yRLzKE*WjIgITy0No@5^{}aV zP~ymWj4|s1u+x4W(1AVn9o1I3V}#-`{=K;N7ew`X_1P}rr{P8dqyE|p4n*HJ1HYK$ zP;&Cvso_!&wP_lu0`d7x%UT=ISe|vW17rAaIqSkS?AN%t9SW|xkW?|z6sK+n&kf}8pcVaV5dsMSj#nUn$ zxHwqEr22BBM5ZX->)=Y}&w*mg3_wY;n9uGZAm!+KRhg&Y8R}Y@rD^}bq(wFvj2vl^ z&4aMk7%4obgA!17wNYw=<2$(L;AnI9+c8D4pBTR=+R*&L+&Q(w%NI5*V(%MKtNVKz z$*p_DP3rJkX5~xXxqo7)3hpS>2B>?@(AZU_q#g6vY z3Lo{kJJaz;H3*C;2qm)81i;x34O&V7qzcS?9me({%q78P#TfN9i?`lT?zN(2ns`hG ziS;dXY9fLUG!{(fMhkcSe0F)=SbN1b@@WTTL&G}jnl8Nu2s4db05FI}Jlv4-GoRmb z})e;85xx;IKSp&|LmJ+lvz|vqJ(@TuhK{7>SYAyeQ zn16I+)@1wzNy6QrNhJqj#pxIwN8)N}`G*BDg%WZK$^32~C1y=}6ZeaXbl-b0Ov?Ua zoC)Yi02`N(s01!H$g6lSJ)8+g^?+Uy}Nk}_?i|Sas-Mn9%uc}qiLVP^^HQz(e z)ouI(8iA36O(M*n0Pfqe0ygI0UTgX`8L>1!!oc7YXt*RaM*&(c#;(ID@n?PcXY}Wy zbH7((MA*`u6#ZJXbEuF(r8oxdbSrRKHe?H@Q;-vEtlI*x*NO>lCs621@oKIP@sChpLb88t-3QoSrr=4~-0)!{?3R`}ZqhyS z58m@upY|%LmN|X@PMyaa%XZrR$df;6UE$FXd%#BmRQVDER<5P^Z-n{iZ-ja1>D2sO z74uSr&vN?SM@=o8T&H`%h+MizzJa<>YECt7p032g&2UD4d~=x^wxZdrAjTil|M7^OaAVC$+Q86V#qZBitG_&~RbL=- z>*!}drvcg%_r^%h=<GS4)*y2ul>G=;(;SsT2$k^f$1msRkX#6SwY_BOM*i2+FTuS<=8Z0 zoeFm4m%Wi^i=Ql$BCFNMo+!OoHh7XHDP;*GOM!CGXx2 zDH2<%dPH7F%QFRiUH!SvXdhdj03nC_@9mSGO*j;CyYq7MIvq%fs>Hd-Y;WE zw=JC2w#7B*h|XE`#CpjZJ7#7bZ)viPeZ+Vj6P3{nKSW`Qp$aKR%lLFP9}bW2F0Z@2 z%D;nO7q4~Th(G6|iZMi@kS(T3MayhJgL%0zdpG(ncnj0X4^c8qLsM2}JvagXPTrdY z?kboHJ!iSNo&XC%1=id_4kN#ZreAOr)rz}%c1iIEduXi)JRmuFoUXiapXQp#Fm`=8 z(D=S@aOhjAi1OVO$57bNl@H1K@==e-X_vQtZj=HL)BO%hE+a6L1c+$R2~B@RS=!+Q zTh8=a0qh+fK~JCx6efCoM2EZ>@)RAs#+Wjbv*Xu1`Q>yLeB7U<4GMR1<)dsS>K;U- z&O6ZB6O>C+Jnl8R`xRvcs)$39a$X;rD$tZ@3awi~^uJ=7WZy>&f^)A6HTRf)0YDjx zx{(bb@HIMr>PewMG>11`Nr^lj?P1=f7(uhAsI3>jo6^T z-)a*36e9HbUtU=S)}{56vMz_hodTi_d`&|D0hWorM4zJ~_Mzg|Y_IBEUfEW&cx-tw z`Lm$Np~mN-bQd(X*?18O@iaV zAAR_kd@e*a@}v(tT8ZWwy?#O+#^v_t&v3PijH;>PFaCAbUoHdr_gt#LGzJnQVCOta zqh3;`veWz3Z{@|0S6hagjt^^&eCKVeygLGk>egc80LLLllWsQ3{cYPIOL=~sE8gfO zK83HHRW4c}m@QI8zm5d*d*~HoLZFHe#`amw0f1T-2y6hrOo!l(IE7t%Y6aQ$Y$B8* zV&L+l=V}Bem2PiOc2-yB{W#vQ_RzN_>ydvg&G$4+LjR*#JW>pOVi|Vl+2yWFyLknV zwjL29cwgiggxov%OQqV0mz&$b*Kb+A5p92ZH z1}M@-63sP^VHojpP``M1(6ZU#sfnhe8!@fA(w#pY243siWFjm@Qiz`PesJcywufML zN0Zzg+{=q9xMlwSdG2A=+#un0O?vofHskS#5Vp?&fGm*Gq`XHx$;BhKY573AUjQot z_uiVic|R!W`Au`$y#I(z`Ib}aq+3k+nde1R|L|P@P@1I%f4FNyDP_jG$1@7fA!*KX0vC4R5F$x~;IU_y0P;78%+u(~DVX`_HRrSLU&6^7>@0 zBL-K^v|85M{|wmBor@%Hlc~L#XEVai$TbM%sI~~#atc>XuxQqL9~|e5#z_26mBQU# ztoz8mneT5}bA3HEezHE^F@4RWc7vzqojd=drPOf0)?h3LMiJ#Rdac^@z))R?dyL%2 zagTI_((+OF^VQo0I5%aNdBfA`8gL z9I>$-q`Sjs#@(fUR^_P=UcD+{b27~yQi7|~JwRKER&*();d3OC`4BnBBwoATbIkI; zlXj01FlQ^l54oXI{LX^qaq?jU{WpLW#m`Zsi07W=6lN275;A{&N?jRMXUok!*}M;Y zphR&oZ6uzdN?Rq8ue+58Z(q$k5MG>csx^|`a;Ps$leLm^XvXs~9Uw{BuT97e_G+-L z!Sp1Nhy_!MTVcA|r)AC`A8r|Cb?*0tUC+_4+l1^`yk=+t{|Nq=n}*QS6OTp>P7n6m zHnBaL(&R44Jdz+Ctv}Oq7@;vYhv*Ao>SIm;IMh3`&H0#R<_j7^ca=?^BAyg^;8?yf zVMt+nBBgJulaK%elgjMF{R4gd?o6q8tz+LUSucNh%{%ea+jT58pb0Xz@B8;rj0U#l z=yJ$zj0=F7Zmg49@asD|p(*+M==YP?Epu7dq&!CPiFEY<3i2=mzJeBb`&yePB!0Ah zQm0LLcjECGukmP@;^1MOgsJBd**kpL=BN^EACQGj7frK%1)53Bo@VkqiD?FU)5|~B zU>v9rV_HcHcLsGwc)pbW<+iNsN?3YBI%zQ769n;EeSCMvYW8VFW9lm(iPq=!!V~f4 zAZV)S=m+qMfVjDlctcz~VFd%~mQ)Kv+#S?~Iwa@PhjlSAPvpUVYyPJLE)&i`IGq*j zpd~Mt8j$Dt1$T1y9pb-M98z>p`MBn9^Dw}l*b#8p70;yYyF?)fF_g<~B)x1=GH9;VNc|tWpzpIS^ZjpuGX%uA@?nBX)dr z#{kb!PmUm3_35Ob&qgawnp-zcpAJb^5tEKt6%>{Y$)sY-4H@Z1h)`In1GCx=P`a3hgV2kVaOyAYK`-z1IX9nbIe!^z1y7?NYR`KvvYd~F zgqJ{M`tdBd7kC9Ms1Lxai~FZOI4qxta4i6f$ggpqq+{hO^B3fD@rdrpIRdu>-P$o= z)DvX9a@mF&)c3a@s(yZG>(23;94%Yf$smxL#iA1-h8-Wm?{Ng+P3lbyu4fUc$PG8@->%e3TI6eB|*4B{@|g zI1#e4;}ePGTv&9-LvR|{X>h+Z`T2nVVZe{l*wY)*F~cwEzyr%bbivQug*E7?uXDH` zYkdCv)6siHVmSu_`wMvTp9HbylHZem5Gs@zEy#^sFbi{yCFT{qa3kE-swE-1tjb^h z!j$c~7EbKxt>?NO1CN7bJe{2E*KnUc%Ef!$aV~QT59P5sYxeyXQ1X99W~pxnQE*#) zYOo#X0C*qE3b@`=bx)vg&^C$I;TmK-S#9&)#oHTx#m%?4Z5Ewb^lRsG^H`=NhR_do zK*`WdqNZ)HfmZDWewOKe6c{I}bs@i@|Dw=}_4vj4U&#gQA~z0- z2dZaN|ANFyvUaG4d)+jqEtCrNw&F#ur0X^{sj!|Akx12qua|86)32tPrQuJ|Z#s@z zpHr5Y*3fRlacZ?bz562N{>hSI2Uqw*mA#g0WM9-kG zXW8L?WoA!zEWbwjYCp>JMPoMrubV!B`wQ}4-DVZQZKez==RLPs2R&_>T#wne%;EMl z*XsEM!wq-x&-vt|gDlq?heD-enovjIqr^61X(7pQW6zgX7mDu;4M}_|o9B6NwEK`h zSUT?y#E-1m{!6Otzr{bWAwY`hg}oHh>02zD7D-GI)VU_nL?k`wLPd4WEuIHS)%R|R zM+Tp6zuB8ZMa1DbXjvb33#kk29455*Ga5Ovar$#9^S-DiL(S%C)8NO~plwp33|m^* z07-QKMI?sw<15(Q#aI8l?Wn0gvwAZC@-OsGU}ad+;#Zqy+$rtccGKH~wC{~dqfVNv z0Vng-X}$-iHTS^#$O6yb*c}O!JHUjNzh^>Ah}$!v{hjH({fvYx6^f~r7&Up$yCMOy z%?3DBEiZ^2MFh$X8Oz{V#MkGN03~@2P#O56wtQETZhj>^5}{i6J-S$>ugL$ZLV8~) z38Z3R|DEjck?<#gX@ZMKEP%b!7y!~Q@SC*aI^C1MM{bd;5k5ghMlbB{%09|wjjD2l zT-9uuf^gS=paXSaY_&+J&PaUV9Yya#vlA2Ci;b$!3o125AP>*va;^ygND8vZESJ;j zE-m-I5qbbu1*Oeljf|imr>bksgcCP+dVZcdef6B9yg&z=@|i&aE>%3Q z?GF3}vB{B6=1Uzi4MG4=k*F)^A$f%Gg~lBh^2*~&tq8s^$Nkj}f1YYmtvIh{yM!O9 zC7&NV{uYE^5QVVYT63LPC#fw(UvNGogPrXfw1)m{BZGD|ret`=$LFJ6i~ErWlcmwB zB6oZCb)C@Ek~n8^iAEUHh}V^wwXnh@K8*v9=GL(Jyixqcwu81Gh|vZCsW0)o%Vb9C zFleQGiX$p1@21G~Wv_Gm+WJqf84xDQQosxjjhNHlIpV9|E4lXQ=u8fm{hNLyOqiidPQb`yw zdJ=oVw#ITM=T%fUomB~B`Uo-{&aXz-57Fj!6);{ zVc+l#T$}S8@*0Ln0BI2+yZ+@&f6z|~;#%ktJR2}H)co1HPRv9xrPJKN7@>F4V+sQh zObdM3a5s99uy*qrG{c73Gt3@8c_+hcnX@_hmWf2Ez71=S_hWI%>c|MalAT(l09tu0 zpWEYU({r`n-tP|C_|)}%@PlQ~!uKnlefYuu;56vGzpdHX@B_QA<#Il=mI#2DZO8t( z5m8KgYv?&_J?w*Vj_^`kuuQ;jiv?EJ4tvKAi%N#jvTNiq8uzOZN)>WGLh6c&SvXtg zLe?n`5m_y-KjxH0Z+?&=y9L7WE;8E)D+ZX;K(7qMta)LOwW;0raPBWEDH_0OU+Y|v zz_qA)9PvD4n4kWfY9>NgxK5^~8xg2c)rU)GAi}$_3cpd(%a(}Q|1vovKb^!5#mik2=LFzBpQvx4T1F)o~LJ0``_NNb9)uK)C0p7`DG;ot>DCu5GF zbF@33wS=WBuIUu7&I0$72~ZqVF3U5k@^|;0gsc&F%u&+VUkV`G00!80N!%scW+Q@g zE)Vj3IaWhuU`8-5YpOks_x#Va$M2_P7j5iw7X`N3Jg2b<*cCTj9q?G>uK|UCDWc3G z8p^2Os|F%LVBYL{ega;-lMz8}UjMky*s8BG(P+~4%Oz>ZWBY?5b2NS0ieh@qm zTSs({fli^%?#aYRxD1oe?9UD}Rw*3t3yV*;vDDke)EdXy@6M!Xs^Ip?!fXM2Ysx{X zP+=!V?Yb7|T4=Rm?pc6h>I;~1&Gz-(En4lf1>QF>m#nKCg&l<3S=ddEdZ`uu%gR<7jJMy&3j4>b?+`aorP z%!h*9;Q}A{V)z=g7)vwVvUQPDWRuuzoVuYIy4??F!{A5 zdotR>lPhJ=(S4Gjt1#`eCpjM82kvMgIDhvv*a!3H|AK(hM6im9U6`yH8FI^#tiNy!VR%?6ai8~B!K}`6tYIgdSF>wPAa(L zkEU2gp6cy*h@axkNGnjEmeiqtq^9jh`CREOJ26#R-t*h;$GM9z+38znCpd4}v)?cV zu_$d}+Z-F2kHm>Y=ScP+Ejl>scS2JF#kOPd zfgVE~7GK_o@|67Q%Kq-n58l~*Cfu)1&ele&z#KcslU|r7Xf^PW0aWA;TR(O>vw+*1 zObH<-Sr>U9rPX{+m*+hm`X;DZOXRk{aQI>UCA-uD2t=5*fWPz_i_KMc3#B_ZQ zOpDWH?_59UWoSzK9V=AcCL3@2p;0*SZn}Y?V}I3uA1TE8blEiujJ%k;FTX6ASNlRjJWhK@>v=}p=aQJEbTV4ifN6RzXzjy-(jn4ZZg18$Y8n$0CmiI7RS z1x1;I{$*AypJzHNd-E`9LN@)~AfML2LjwbUzXAE)VxarP#Z;@lH+<)Yk^1tLkYdRj zc*F7nr?^wDlVARM!>~Cp5DwXhgfSFGe>RseF1@ru4mRXj{ggfuJ*C+!BcnApca82z zt%zZqd4K9v0Uh(BZR`3Y*GqDbCBL<3wqHqYNL>dLH1;z7z;HkJ<&pYl%Ho56=&$P2 z=d5a~-NiR~420a9&huLO>&fJWjlpjb*x*4lAjNB1?nB+IUv+z0^XtmPRyF&rCt`{F zL_YZ*T7$;vI zOm6)Td|l6r)gIW*WKjt26yC|(W`fS&XB*8?H`HZXl#rG1f_Ls%*{ zx?2Bz`#VobiO=8h`Rv9|4%q>|^Ny&^0J)%5{Ns5lD28B>gk#GAG#Dj3D)gga7(|~aipo_nqX?t&Q8TjE}&a~MG zPpU;!*~c4G*LxW1cXbwsK3O;3m{h#0W0kL5>McXdgTe@P(FVrlF8Dp9|IFl*sGnn+ zEn09VW>7~b5R+>(A$ge`HmJfISxa>mqHl;-hP~#mpHy5Liab@AF&JrPw?2dTI+Bc+ z^30h19ugI3*s-+lV*|}tm`jDVBAC+p@XhCFY*JJUE}`u3rG;kcXgM&zYA?9~$`r(W z@b%kGlSga}i$bFgY^thKA=$l8ne zHvsh|^ro#)99-cA{c4-F8Mk}ZHkz04WbVLDYqC>D%g67>Aw}vO&1yRw&jwo9ZkKlg zJ+=Ok>-vhQHAv5T8^e%|0bkZ*m7NK>!^->yL?u;4AWU0wa}x#*vyEA=t~0B=YL_r! zajWbsYqg{|;rX@70w~o6jCgfS?Nj$I`>#*b8H&@eL|s~f_xu9Y6cHev>&?2->is4mo&lxobneeA&oAgF z$*z*b!yn^r%lhBRM{h_dye^R+3t^-yg9gi4pI!DyT~F-&d^U{=hIKKh^H`8fEu=m} zkPMd@&EKa6rZn96X`E^p9e(gGtEYydxWAaM^g3MJVk$EtV~=`{!(saXNOT870n8XD z0L)uE=?+8_;2*N}8+wRQSLuqSp-4=3lU+WPbg2T1UU7Eo`#P5WGz7SgHvF zKE*s?ipbw2G*twN5nzn7G&uQ~@Y({0N!tB_FDi z#`dpow75>VKMebgftigyzX7eLE%dm^m!^wXr(T7>)b<|Ko?;bY-@{bT^0!px%yte* z?Mn7Qu=P#!BVeB$US)2XG0!1Q>9^?CBq?si_-Br6!y?rcE9q@UpAz2(KUU}~J~19B z0~A87-*+}QEWs`!L~Z}r&V2k+Pn1A=gO>oP>K%Y-VyHk6=k03 zA5k3b9=p$Tg7t)GDx~&G%%hYV&uYLtm)0RT)T&vVzVhgfe9POL;V38%z{<9~5Fs7A z+`pM7iW;c(V~CaZ1}U70pql(n9qw&WTCPrBNIp?}18*Gy@uIBZ+PAmmNwdTaI86$g za#KEaWF`Qi#bmK7h5OU?@ z!cLW6x8%^bk73|3yGbDsOM{$gZ}T&?Lea>l%R1-Z34yEh_iSDEf|h@nj@l3{Z{ zn~NO~DB#ZeCY2<`zh)L6+^hVdG00D6?sPnd^ZvvVjk9;6qB58AJn?(u1ij7ZOd57K z;5*ar8r0f#=N8={{F}ow<6f`PkVD4H}oYU7j;qCB#f?u@v`^l^nk`Xfu@mRGi^Q?K)ZK?aR7&Vq{rM*~v^-<-0bnAwY`c2yowYi;7(TKCC3uilXIhn_@ ziFkGzA%018Nxvg-L3bwOZq|YGpOII{#+M)glF~GAU|uQ`TL>U-d#zKi#k&`9HgHGg ztt-bfc&PcDLoERXZo#4v4G$)&vuJS+m2Ijsk8B10`w+pEiUt^<$~gF%tUiPcv!>mt zN_FHXH}T(8!2K8r&pQB|Z0ZBR{&yIDa8$zcdKW{Unn_#VIe*OgPEY7`A#@UXo)|L+ zW>##8BE;!&wwEh5Qb=r$Qq>;oX??$i8Fwn}U%#J8ACId2^#}-YOMwsde!{qbL}xVUsbwP za|g6v4g6yMmI6Taf#%|2}q(Ov2C;l+{PM5B{ei7ECf5>vkQef3SA3AYw!Je2}kQ_8hfIks% z_;5g)64Q?_*iA4elvZ2yokJJj&GpM|(UY>=3yWwRL@Utb8dgj-V%LJR3{JIfIE%=R zKb@{d6wKI3bTf%B+&6j!!;`jdPxFLG7N#;_KT3h6{Jp1kN_pCAq({i2e6qi9sfEho0f;d_oU zWPv%ULwFf?DZXk%K=|7_H6^xqv1itCEjDXYul6Cf*SCHcaKqU5Qkx#89il%Vv4y^V=^ODde+2;R7Tef;%lX>$=RxcT-!v5Q5E z_KB0jcTUL|+h-m!7E3NZAuOFrNlZ_KfJ%^h69r|)DM|dQ}Zs!M~yuoRQT%`RJT&6HRv1YPZwoAqqsgee?nf61aXZD;8A0tO3})gfS>79 zN@CIz@sH_V#VAh_f?LV@QnzE$`E(hNZS<$eM`Q8Hxbr$B8}gJy#P6LW3d(g={y+3Q z|1>wxsvKtp1y!6WMQWQr(1*d!zjVL9FrERU4KJ)eKYJqZxP!HM_gE}{23+xO7zkMi zD(SCAZdBg(iLnU3m1|pj^&D3Z%UC|G4F8{Bqlg}abJvxl-OhNA3YL;Fd8+h@I5EFc z&Kq}z*>Xd3ELCAu8_(R$`khVjNnqW_?ah5)-dpx)q>k0MwB)?ww9Pm;S5VOCfLX=N z=Be^x=ZU4AE3twH+gW3kGNM+tDU!q0u#GMQY+RVTxdY#w2T!7&gTc*COj%e{B%H_; zB-AT!%YDX<@K}5Ye2G+a0bRp&RBQpUbAk9h(j?rI&l~z=ELi5GfsjuYV{Hp1FSFMi z#vl^)cO+4KXTA-*TY^jS?-oO+{SjyMxWMw@Xlcv`_mGcY|~c5+e-b+5Y3a&;NWnXRY%-@0aJpESGD|?Af#V?ftv%>%Ok*ChmR(wwkkm z3vbDJa0HHiC5pl2&mnwK#k4&<;J~}p6iSd^)-Uxvh4`~+^GCO*M?R7uEXf5Y6VbpG z=y0DjjVZyD|8KF)z_TFqhYBIoP0>%nGOfE2=3=B*&mu~fkM*TuN{d?)CT`GM!k|ek zv@cO*cb$E8_QrvZG?QjFt|UVRPR%s8EV^mv9yiFNaStH3C2h9AINqKUgcOG_^$ZS` znrrwm*WXfSbN8LDN+BI3c4j&EvR9HQ`Zrrqn+EL$xnocm@$isXmpOR2gppwE?at;z zB?=~;Rm_kjGlkUtf z=BU7*jLDQp%BzxWDRqGp;>8Sl{`}Hp8EdGE=%Oj9Xazp}(#U!3+oY4Nx%N;GnzTW1 zbdT@Xg-WX5;F}%!dy|j!Sk^InZs$O(7+4A3d;z7^oG^iFA6jc#I5lv+;g7^4KoGPX z$J*ZAtXrRPZ>N*3kw9swDMpwW7WRBY20)KkgD?W~tU=MZs_3Rbe)>iguM_9f6}cr%=Mui*%=RsI5c$+KgW8> z1XEO5Q_pG|w#@(~RzD@U#F`Hc{ea~ zqaWD|blF%+(0-Y<13&Fj2f+kbm?*k4o#$2&z+INmy+wbIJ^1$uIsO%|;=xnySO{Dk<+20KA5?2h$elQFY$;^q*A|Pbgq)(6*9Aq{jLm1cPGtp{p1-%aq z*#)c-AyU!q06X6xpadJ1@!s*$P1sv4OCSoIWZb>OtD)BfhA^c6Ynh6V>-2OznLFR> znv)dHTQ^pT74VB>+x6<{86!#@H2fhcoD27UEksMNHuGxnm-MiG-1(48W{wplIMZ(G zAM_f{df_G*`zU3`_{f-iis$^9L_wAxMds>VGG~I_OWBK?=&b|GNZIKMp~XVeX_msa z0h+5(986W)f3kCb89JKI{r*YJ^)(eYuPq}Sy9nKm1f};+1Z%~a6FSnTX0AG)^!chz z&2VvDbxQLsJmIcv8|olTYs%T(^tFO6RAiGg0aIOVn6$m@*yn)e*E5kG)FA1Awug#_ zFRe)q2wp!fl#v+uws%~un@P*gil>R!!iNx?F1~|x=?i3IX{1fV#)->MV})lHOGMhH zn{+*53-HzdzCK z%m+!}#x9R3>+O*t$vP7r4={~-e*XTCuLJnbBfGgS0{^!&(yWJGGmHA;mOkc;g@YBv zfph*Rrkkdrjh(%3uP}X`_#h-pWjce z$1f7MpJfB-g6d_5H#7Q@f)uRHU(WbzKv5!mJt6pkE<~ZBz18(#Gw-!PdONj|Ui!Bz zx-ry53}QKixqoFUoKJ?jSZXdHVU4tYIs&*7Y_~PhDuT67wPdb8SW-&j?Zye%Id(MP zWI^=+fRbh!y=&TZ_JW<6WA)Ydz#vrh96(t4>87Cu3n?d2jlefSGImN&ZV!JF?hd_0 z3bi(*9>zTlKl`TJ-<*+T!g*go(Pnzp?-nD2xU0^W{k)SU6_H_J0j~L_ z_eYrXqc_rDQ0Ngn+2I>kidWh9w}8xOsC->07P?N^2p8z$tEowtQEG^K(dPdq>~asC zA;RTy$A#kk5P|ohN%q{;hioVQhbRxcmrp11nCaQ~UL7XiIs4q?5L6?n7Sw@((C2F9IcZMs55G1CviQ4d{VF+r3Zfle4pEGFyQK=>Q&!Ys~`xN^Prn(Q4wXyda;tFO0~6+#!H@p_F`^5O1W}aB zFpY)IPtriBKPY%Ge$lRjMJ4Rz|9bJDM94g8Pe z9$iZqTmoxwLKooxcfvpI$i66ZUkOOy^r@9|oTMXMf3p`AKkF);*SWu)GDJ(>V@x~c zVNyR{3bC)wuq4ro^_SI(Oz7VOJ$IH5bo@&5mu`bJJTwlN;3J8BetZk(7T!*AC8|Ya zI3;xwep{t~c_>30-F#|U(D_}(Wy^0dhX*|-MR`w0GOk@-k+x2{@d_WAmgils*z`Op zEUUEmTe%C)nn474e3EIEn3!~0^>>a3>5CA_K;kK4ISY^4U_D*a5GKPAHZ-1@t%Xpo zv%J>Ei=r_6f!B26#C;4SJ-d%RFJ#Y+G$<&5NBiH$`+vuaKFNc-8R0*Ogd;sjRU80Z z$`9!RXMzHYXQ{#_7f*N`mCr8CY((}cdsrzE9KMq{0jpO|9`|l>4Cxs zvy1TPo$^dpjSGUzZG$n2dG@OFWEQs7=H&J~*LRp$;xviFZmd1$kzGU!{w`#(Mc#yJ z7vrZVuj36DD=fafb7Wg#e1S=lwZotj8aP!mNOnzmY&*yx`^2|yyZa~XPBgvvv~i9h`g?i%KB|MXG#$Zxla1&9@@$+i|X zHG|6}&3+U}b>kzXfh9H;VMPAvOo-jRy!@kQlZ)GaMO2yI7er+9o~G=6krd}%ckJU) z!XbJxuBi_Dg^A7QamrsG2Y!4kds{iVWDK0b{?d*fZ?n`^XCQqfzw>C(R^rb$9@6DRmrd6(Qol8bfv-bye88~AziSLt6 z`BTDSmN2FPQ7WM}u5_*K!F}1tSSd@i^AJy-X|Z9$Uo$iaKbSEk13Y_sHXT@Sja8|f zrC6BS3=h~0vF66n_jLW72xC2BQR|)B)OHMJ9?#&!m2}X30sv}J|MenF6OLW}*0=Gl z?UTwyLvs^%ZqpP%AkAVG|5tQVpaA5mr_r$2@s{wU1%yG#?*IVf42lSGWD$@ft>>&sEB5X{wkzum2S?-#`n4t%$sEH z)z+5ccBDI?pgW%99y-GIw&b73ed*{6Ps9_HEM{^)c(SrYa3&~;j~mA<$X_Ifd9WlU z6{QvF58Vn3+c+}G;fM-4$d2}0jaEYYU{?aG-sA($D?^v#&oW#isMtSz;O7IO%qA`e zNxz*%N_dm)Xtrk{N$Daze!f26U;T_;x0~2G9Jgpbix^Ivy{@)}^THJR0MCAKWBHnd zd}M#qGO_UBX>^0kFo}i4xhgcbj_49KG%g?l&R5;UKTCDTbYoT1(E>Ms`HeKRq?|t2 z4Z)93{$=slaE~1Ar&FdF4Wb|De5tzJ8@y;HuIvuANB|8mbrq1Nx%F}|GSGOA-lbow zhi6j?#ZtjJ^%i#PTV`USqPeeIr5y)wzEe`5v~v_kp<*)?JwiM%g!nE@b=M~qe&4{9 z=JL`0rN~;Fz}A#2Z4t6=k`!R@(-;fP2SA8$ljUWWw1GhU51*ejX1wiXs%82nCcPwl z(v68^S@KuA*u4wuj7laKnND@&&P4PSTo#(3IdjJJV=?{6o)|)>c`Qrw*zSaWF@~MI zkB%`Z-{r}Ajsl1C0IQf3EdKWota>0G14EF^2@CELv71;VoBe=UX}i!S8Z1fg<*6^_tP2Z8)1fR{l_u<9SH}FZc^qM)D^Q&B(1SZA49T4%iPCk^Ysv-acXF~M= zSoI$uSoZ;ho-G4RYXz!tV`&V)R3NxDi2#1Y$o18J9}xaw-6aY4vGgfAjMqP`d*#49 zlO=q)y)4ooW6H^JAO?zZeoi>Sl@81tk`GtxB3Mo{cPBQQIM7pEZ4Vl`rUVEWK%I>w zoeTjVr~+w`xD0=JfSiEmqgVAsotgDEL-h3-Z;5{!8;hJQML7&p4Do9NJpvuz6Tmqf zr~x0r0s3a!c6rHt6At1Hza6-DYpgqxo2+|34@cQ^{{6@yv{nw}x^Yn@2@rTMoWg;i zAswv0ft0VTYlljy%JPEB%J@LEL4e_jtOXn$$UlW3-PAir$QC`Tba3HVE{uX!B(|gW z8aOlHG10{Nx>sFxJh}N1t`taecuM1VOjeCMqNRl0^?EGvK%mEJHdY^W84EY2``5*q zAVdN)SrJySNcoHXes0krvUxA^I9oa5iMej~?*qhID|qB62Ju-6loNJ<=i=ZVt)dZ!s;&esQY| zQ*F!~%1N(zX=$&XV8Z0Gz9`|`dgAIVHN3wTzy#}>_z7N`*-FW967W$BQ5})*d%q){ zmV>|e2W0p8`)8I5gE9+8&N55}F9x5N;M8hucoHm80WePrIXxbute$h}1MHSFVdfW%xEJe(xiKp?`qzB!UfoyOS*^6h9kW%YfICRDMRZCrMYxFBu zc~W}6b8Xz91ps1ZMz3}EWq+g#sDR-H@Q!5rTl$yck-_CB*PPU^**HD@{G6aAxso0$QJtDoTxu%yd^ zONTD`N%`Lfp_AVN@IlX#U<*CT%Y|QowN)yl0_L!QG_3ew>N@wF%kJ{%deHOj5-8~3 zqxPLq-&6awf7rknu;X$F5vUL#Agrw(<9oyaQj!F5Uj6EYDG`2bP%M&a@DUe?q4t;hqD|GJYreY zd%JHa0r|w#p zga^?5s%T*S9P|RCL3XR*KrjYBp#MKAbnsUya(7I4%UG0q!;%80H4{4eljeo zFLxev;xFfBR!)-QRV2)@;b(RhG5V%mN`V=+I(nfFNa_7$cdXqF2vHZ|o@c))8C&Z3 zYh81ihE|9l^A%i61{>qwE657bQ%S1t%Q2fN&A(bNaC}R(7493;F&Dd(@TdsLB#G5?#_iIky*dc@_ zZ?iL6b^4GzPg<=Ud7m}litm6NBm1Qa>z7HODDVcdG*~P(U)kOGkdR4*|9q3U8oVAP zeU}$J{ZE6>&@6&|>s0%+s!Yi$#h>@1+8FN9E5Zo1m=uXUadapkNx2N)B5L#&t;a6a_+F5HJ zX*FKhjXBbM-VJ!oB(NXy?$uwKG4`!-_C>~yNcPS-f!$rfvi-8b!RKdfk>kIHleHEF zn&w6aoQ5R)7J3|`X`*5Zjg&AHd$FdwVjhw!oLJ#rFrAZ|W@73L^nc<#B121ZdY>+j zO}Af!Z)EUhfs|`{Y(rb}xAb9Da-#{_PSQS4iB%HRem?a350~!#T3u*CP6C1*Arm@l zohj=!Dr@zkkvszm&(tqUE#>T58g7mCmr+C;mHwzb<&S$p2(X2(At$1C&-J~B4mXn= z3jGv!Qgg9S^31+b=Q0TFdag>zfdU?hhWN7!O>(VM{@6`gY;V_nrNS@HoY|46f9DaF zm1ad-lwsp!Wkcur(upFPoH;QJgp#0yum$2FC&o6N9*r?6v4&l-dapfuI%KViLM4$wY{#Tf?_#|9b5+L+nQ~{tW4q z)hBYpvn1sMz31%$CZyik`)7sPTnVAPMUwA-1Rum6(BIzB1MtLS8p(4I?++~RkMk=k z3F{Mc7%emTJ&)L)qTBYM)H8z?X*^F&P_r7Z0>YxV9-^vYcH(RPtn}@YL(dGm?>p#x zovqQVkqh+KfMR_QARZeQ%Ew@d%IcxzJ5%qSr$o=fk~ayn6WT?0&d%ulXvK%Tt0#}{ zl#hl^A?CQI4p!(UKKuMxOoCs*_Z>05ZZg#L7xO^U!{4JB{5@KQErilNgE#ahONvZX zK-TNN#QqjE6!5(e*BytF`e*N^6;@#&WMK-)Qqy6wIM)BZk_RPHLvS>8a+F$CdO^~; z*mv^^2%yQq&xYGU?h+uEl|WRD-9a@7UNkw>^?1f#wrH5kbD`ur(-;4dZ-bQTQ(vNP zk4@4V?=bEK4b<%}!2LvPFS!IrvSjMmHMOdkE$!(B6&Y^PsX*5_A$JqY$Y}$EV{b=? zLTZa}3xXIaoGg4GM#jzLA_xvfhJgV}a zgYqhf_2}NPIolhO4CPuLJzbC()1Kr`@tecOU!teI=;Jxw`tHz|=w5>5BP6HVmPR>Q zL7A1YhCmIza~cTtmZok2X#X&UyccigIz|dUwwYd=T)B)KiPP)feOqd%CWn9cc4VjM z63?5p!fBHFLu5t-bdoQ1fegSrXbtMgT8Aa`$^M*SO zEO1fa4{5^Y*-F5)5~iNN?BmAtkhiuaAQ%2GXz40WtDt}PORXbPW9HP!VU%z6RsB;Y zEIW|Gf!*a2X=X?c*LPJL|Ip+u;Lq@PP0Xw@5_zF$usHzfe%|<6qE>=L-h@2ITMUe#Mx1F5f+|^1a zy=F_ztZBmf(b{)c1;!+X(3nq$?+*UDp;6>KAUNQEO;U&4NpXH5T}R+g@m_aB*U62Z zukDewMUlI;yloQOaX!(#*-{gn-2_^jjsM9&mRDA(Y~Lahswn`>$9N93Fd9LCW613S zNEHH}bAZB|{8ts#fA(oXfzeZdeCLt&lVAV z8QtHl>0KI#i*TOqP}#{aA^>CQStpt>73h%JS0O*y!pwBeSXTJrhDOXdhPRptt)qTHpSWhbU0zUf&&NI&p9&PiDSNx_SHIvPWjVSU&}W?ik_AAVHmje{gSv z865%lYOJ3mP09}1yu!zK_5IIne~o+Wk;PM#Z@p-y#KMxi*WT}~j)nQl!mMuae}=ms zN0`|#BuK;x>z1&DTI$fa583VUMtORXK}ZqCDb6ZrUF9AeT%X_7NmhL8m-@^Qx=MB0 zZ4s&T6FzJy$)|j=vZ6Ngyp)rIO@_zBcCehcp}RCc~Xi2YxB6J{Jrq%`2Ciwa9%5s68E8k<%#k~273GSt8<_nV1j2qD|F!b zvg~l0swYy>Wh)6x1n6Pdmo$e}hgNeJ*SDuHpHVWjL_n2Dpjz>tG-P+F?%v)oHD=%Y z4KxS7&i-&OG~Au?XM)X@Dvy$d+1a@bJkvv_69gIRkDqc1PTp^Q(k7h$K}+8yCJv+gej)2b{GP24b=;s?cDH*ZCM|4W|0+h)(IE% zoHB^_UP|y08=AcO^8BW9uOt)hGw<==SoF7No#mS;0|$Yu-hoHI-EU{kDxY0`_}rcP zHL6q_FyVMp2>;&wrUh+z8r+LjQe6u+^V8e9@a&eX8HrQ%&3YGAz`4ce?6>&?Yijnd zwDIrjF*ZYx>}Du%g@Kw6yZBT00ZJiclLoT&E|38Z9q!3Oo%M)}S4=V z$i@JmPZvJ*>?U_llg1p~;m;RX?#r8Mm}<64i_6j#8%`P7r`JVe;q3+n z8ZMmZNMzlfa!3}9et!LNMC`r=eZQClz?@XPiojvb|9#jiAbE;J*ZY3!A*R%+xU#Wu zzyWQkEhM6uZ3OE@$78X>kQkN+5d1*u0d(Zf%|F)#bZ)_S`YT-;ZkDAn9%I z%0_Aj)4Z4FZVl{`2{fBg_@8Qbao`+XN$~n26S;eCZw$-&7Wt+$I_If4Gi@bjgCE3W z3$q#+V7PTBH8LUwI4a}`;FwrwLCC9sULxc*!)`QQ{G9$3xhWj3f}tj<{P{|Z1-26>FUm?rnQu_L zUnA*dg{y-QqD~%9`dtXp9BAT43iT*n0RZp?_7EHDfHdU~({%BiDWR6V=+OMag7-YV_#nKet||r4>UcR09yU?ooZe09$G4`tS*wK`=2(+ zwMOp&?J#<-AOON*p)LMEvAWlSIB%E?ryA!0< zI#W?q@QcU(v?!5cjahk^UXz3O#DNzX++=dQ1?j7vk|6=tHgw-%E{m{HI$E zq=6io26_$DmH^*Qj^G%qOsdQ^w{bwn=(c#0PeOG-icZ0 zOm?hUmp(DSrYN9z$^JS>eT}+K-BjW$D$4I;qsg9)-<*FX&NWdc6D_u9f7OqpCKs^} zAI*^ND0ia31;(%|$CYT-X=`jwn>7`R4`%=-9xm!FOGs4~cJTCL+ z^O7Ge%V%sYS~b_S`k9DqyH=b;X~lpT@IqsJbyP22?tITCl6))jspMePTs&wTJxey z=c3aObvoVf*R>{YJ6vzeGU@jhE72r`{eF`+W6e5y>IC=&mfjvVkrOx6FX@kQdU!?X zX7SHLljo<`r}P|5p`_*sOfosyeMNae9O{LOhRV~E=5}1sbL*sL5MmA$I~6}UPCIms zTyah+4D>tL+aK0wyQk_mwQW>kJ<|w5w8c-1WG!DS!u-f^u(1}Oz!!@AG2zpJ&o++q zJ$@!|@j951<4h@aiN-!v6z|1PkdmcK-QVg|9y)&Aoi(h{oVG56jN`ckdI=}Kmms!*L@Dj=%iQR5jXj?%|6ZZR`cRXg2 zoL>6=87iO$eGJMWOyTLa<5oBocu48H3E%L!M2sb`HA`BdQ4abR_nt?;@jmXCW|_UF zWj`tWVNU*}fPh(#k>f>nQ8K}jcH5tb~-B?tfilm0Gp{6vn%!? zS*Y^G&ep;pX2`S``8>Om?F$-J2IwZKi6(CKPc~G)*yYK$zjp6M!%h&H!&YgoD^2@R zo91HG@8GJiwvC~z$1suFQXAK$@vQ^ZxmnK>;F}lEM2Ho}Kd1iv<}B$aS?mnyidNA( z$s%kAo8j76=#PD=?gVeFr#vLG!@#7=xYVDF6kgv8r(r`NY~h=v>YBJY2sx0z@l6IW zjBn>cI!Y@w&ceTz^33znZn29PVcq~!50ZRYF_}**2@hn=+FqXxi3v8A-MiWivkx8e znUwTr<#Hm4r70O@B(A97dl!=fz0Vzo6e}3Ag0PUKckN zJF`ap(%mqVMpGPoWmFh}k-_{BsDIlX1R-XGM{i}6F1$7p*&cG@&^7Cg{5gi2dFL^5 zd|f@+EU#ecto3CxgirP#sF5>OlDgVR6+M1sb)7Yli5*q7>?Ntxh4sH{*oysUmnx}<5H^uTEma^LJ;b>bD9`ODSSFX6H@ z%6iZOSo>qFymIXtyD=YAa?#64!qh^5am&Gzig-KO2=cwX z5lI0M-3sshMfaBW01+;PL5?ESagx`1CHA%Zpo$#G>JP{q2=K%QTpiuGNK#+6X|{Q> zxi=&jT5p0tCm7FxO#VbUnkgYS#twVFZ~Y9=01}k!hsZ*}Zz(c{MDW6OSYa94=wN(F z3gPfNyHU$b2ktFRQvV@sQ{5Ylk~I|Zp7Z#1osY<+=K*WCeUUo#&B^W!bBrxthgvUp zh?EN_bH>;vJ3&4R2;nS%ntd?{;LUEh&I}y}jJ7zY<4MtRyuOh3@<+Moj!j_pKsnlC zRB7)SpYwB_pB{mqkdxY?`cA!*cq=9=V-C(W5<;4#+9-vdhM_YIq3|DAb`KGSkRJlW zfN^F9!5INRhT+hE3M7m{8u5FGJ64e`voSL$d?jOfs431lhF;nJzQ38OZ*7IU6sbC) zCk#83R3r+pGYa#!?EzE*{pTD)AonLc4RS}+0KPx|1FEeq@8B(8_U`WU^(^Cdu_;+8 z>W@f zEi@Ov;-ONhw5mW-fSqK%tlR95I1Y|AmKVRa{r%}?tEN5U^+o2D$Yp0?L&}?RfhuhQ zr1p>DCeJ27toUsuaK=96jRc%Y@tqEO>INRBA8iNKjZjCjecL7+1`fGJ=8q%iA%r1s~r zIoX%1sj>5`)7Ykbt-ZjeSFy9XplNxe9^!W%;v`W$d&TFhV0!opzmB5dImSU(`qbA<~`?q zsdT?2B45%$ryxE`w^(glo$v?ba4!M)kBqNmpEf)mdz9hyji%F zKR25s;ewE@6+k_sBB_IBVEdF#f>Y#v z3X@u2Vc7K%$d_1MtOslQZ(;Ah0CT&En)PSeseCCr)nK5sUAsb)uvYKr!=E6d$=AZ* zdts{{n%y9hzhgqX)Hv4@>yWc(Rw)NCci*PVI?64`5V1F(C!p z&?@xPiOpU~k-ut4UhhSGNgD5Cfg6a#}OasPlYz}7(BO$|R<>2I5ewR5@| z*}Y_G{2*cUxD}7$ilcJmJl0s+?;%&{ejL1m6%n}Nz=itru<9vK3$gt0Cld{4`2bnk za;F>3nQ9)Su=RrW{Irq-5dYx9Q9VZ7K+KpdRrejh9-V*D>~FVi(Nn=vYiXgms{rzs z^$81VEq*UqRzz+SL^$?woXMTV&ZC}0ZMxH=1xg#ke+_{bsV3r`9GEW}l7H#9n+l-n zikbh2`RLA+JE8DBo2ub>TyT3hlBv5XVXbKP%+Z{Hzl)vag92Sn2xrqnywLGjb!5{* zje!bFVP?nBwxvk|_lVX@x}d}#9%9nrLDGBHW^O6b6nF9Ix;u)$_VTKHH_bBTK>S+~ zD{ezk>xHsHCD3dat-w$cfDPK+AVJP9cNTy4z%^o$skz5{BJ_qj#f=F=Y|KFnJx&el z^$u&L*B=ldQy5z5j(C2PpMTV5NS2~u5KzU=o%+QBucSAWCN#y+e4|JlehduO`kA!- zU^c1Ql)QW-Q7Ssfu@$Zx_g7$ghAn)$Q7fJ8xelK9U}=t9R49^aSC5TToF4erdi|6F zNrG~t^;fOHU}w^(R$FtP2O!_U~#)x*2OhNkAG3G-x1OiBt*;VYdJ zrJ{BEC&zc$ONGcuGP9LajKG)d?hZk>VwA)7QP(6W*Vq5jX%MA8HB*tJWKB?p`sNh_ z!<2Fcxk*qcLl~9#<&}<y;tz931e)EFi%I!&I#yU$PNe0rVFJ!;vuZ zo*#D4#!hq|aT=%-e=SbUp~*dN2*<*Ta}^&_-&Z%O44AxUJZw()>Jt*3pI(V9U*a+S zMQ)Su>=n+YFAWXdgRcfw;{p@RWQcQ<7xn1*??zEggD}Os2{efst@|EMPD3kpa^*hI}iNQmz5_cDqE99>`X9J(~+=xuCa%UCNj`v1cjeVBmNRjTT z+n*6Xl%Z1x&Q2Y`az7e#12rKqt!wrEZjzTf>KKQ{Pn(+(=6LgX-p7Tr^+Ib#jzrme zcbKry3IjhZ9Hg8)6s;eEu{wk;OIK9vJmcCW1*#S_rrYsCN5mKa&Nf%)tG_243WPLD zbIVhsceS;(7+9OfZSy(nCJ&4CWo5$tG0V_O*JuqPI#b-(oS<7NjFIdq8&5^zffs=J z6AhL_2<&6wMGM^rdO#8zJ9wxwV_RV;cdI)5ITloCoNL^r@}tOwq3Gyi&erB6aY<+X z>l^SRkP^ruu?Mv)4St++l-yn4+<)Ct(-Pe<8)b~CX3CWz{|BU|NUwtyN9Sn<9M${PWT5`qpq^lm}^3g@u>`4Gghv zTR;sGp)t1g@H8LYQ47ewUqx%#yx&}?@;8Cck$?0j+KM(&o*rLCGJZ5%QSb_im#d{Y zUk38@3$$J$DU8-ZyJh#-y?J zO9}9=0xSw-x!6eM^RfxP^*C`2S8a+slVp&Rm^2)$e77$*%Y8jgs6Lw;J=l2K;l*E2 zCW_&KhXRWKO8?d*W&VeXhYJbWl#>cw#C{&}z3)T+v> zV{gmow)_fZZ14+wkbTADQfjj(^Y}2*-R=hR!LitIk-Jy=o|&YlH#rujR%T4EUR&jk zGS?uYeXsqi@0}KnM!HD5W7g&CKdO_|qa-Pqg~>|QH`W4@jac)0UAw-^Cjnaz+?8I{ z=}&FYzD!CenF&Vi2w#sk#GB~#N`D{b;DT0R$}llWBNq0?lL~GZ;`H_UnQsN#hDqL3 z{q$r7jekJdsgU!{oJR*`iMHAr7y@fAf`2unP>3Bv zBk%2iS~>e3a(|+M8TJp<{*HLv;ME>WOBjuZb{v|_lPN7ogMIh@G{1p}8~&cIP-(D2zq{9J19q7*^%6P! zD>4f~bv|YcN*pY=Lm9Gzf9yZ?8~QW(o=Ut=b>4>Hx(lJ?%6$Mbv<@M^9zRVEMm;5^?SL5$F*nCEM_pN%D*WV72CV=;3q_&y>d6+DjYqG&ja!x)*2CMMZ!-_zUQb)`=5irxF#- zwkUs-yg025*ZKQ)!Ou$H1t>C@Xkr>rK0rC2@9WQ;7Fk#EXo{1U#d+u8Q*m(GeXhzQ zUKy#A2NuI@1L%#MR$~|R=h@LZ-@0Y1#%~(8ujZFIxbL($qm?O~Do^ZgImJ6pFD_Fvb>sB)l{964~^Ug9VJP#jFP%DKC{19+Zk zoB2BZo>A`a&3Fc$htFeebA56f#|ILk71rq;Fe(rZ_z;RaBb;tFWYd~P{o;bxtCTm<4d^$f~w>f44U71l@Qn2KFQ|6 zbxF{23nGy6O+T?%scqi*KyY$3=+bl-ljc$)b^1NN-vQISIZP+<2oCU#;)N~q{;$cF zx474*pM1h$rmjOXrLPh^Rk=}B?NBs(p8BM)X^St|2cx!`_W7))&7DJ5_pYj-EY1oh z{!e?BW-lPi{BDlM*#^9F*6rX_AMll4@DwX~ZN_V+5#({BVW?nl*40AJqcnE%D9+DR zM^dPqI+nPB-+-aH>61Xo!Gtdw+|9tV5~JzMxy7j)iS756fW6P7LxGKBhv{~!!)1mh zN&-ejdLLa$DOcLDe&yh2e!#U8n#l?Iwv?+PWDxcBcm z8oimV-uYYP_HOQ1T7bhV;wjgUu7OmMUu{5Am=I^FlY0q|BWeUQdS*UaX_+)ntBVzF zbT`7^SS$+f${46)fxodyuQNTz*|C2SrHTCu`O)P^`-nU3!J!m$H%=v~3IWB%F@dP` z^r0nguB{MoJ5^Z4sHBAL*>^`?0X6T`ADB)NLhaOEGyWO6iQn5^nUYfnpV&FwlmFci zD8T3GyOM8;`|VuNwJY6(pp{%11*>o5#cvKE90%N2)SMaKd(fY-d=EUruYNx;_d57j z`f6VUGZ{m%P-}QB=6J4;+YKbHo5GppK?9Yu+FcpNgT+IKxZk#7)Kl-vMMlD4Y9-%g zP}xRV4`nEQ_lkQ3McH@+~*1@5O zQA^e&2dnI7hR&CF4`P+H;CG_Qw<66pyBh;h%(3+@x1Sn8dKY^G3%FNf22aANj%h>KKQMp4k z5~8Xyte5Do=7u4~zt3f8#SRU_BV7vnpA`tBIWpfHe)K6L(1}HMdOTpbEDPVHINk-# zQlT&zDeCz9#fY89R)TB;n)^4_YXCkPP$CfG2=SI2M=6R<2V&|S!eJ=wk%|gp$ymKr=UeSn^(mxh>gcm{<7ra^m z-qO93kEE;pkg{Abqt3NtD!R!wDZ`nIi+&=u;(lEFZdN()U5p_w z$ep6_0*r`+LAo|3(zZhxW`$y(v81c>Uqm?*qIH5k3_9fr4;@^WZ%G!gzkf#A8L^_X z(%&NGV=2pI%~B-UWn|xzW$c8I zJv$8zW*C*-7_w(3(|fwE_sje7e_j8N&UKv+=hHdYIrsVfp67m^=f11f1Y&yedatoA zUWN0*@|#Au&treIiipyO4i|{VUy65*WNg_(Dsh^my|v4HA!XxG>KyX+^E$ec4^xs9 z@s`@2x&^)*7ftwly|kRDg(24mYgWH)Cx6Gj(fkEppmI@GI_cPIY4_qzOq!GA?bdwZ zVefQBg{fKB(^jjb4{sBg5*O}?%@afAqUxX^f!Q$zTDB(T+vCwY6HA&J0^)Z9Mk~q?JBrJKc}5ue4{zn8^QSp1JFF zoBbx>877&BInHb1|EQ9mG5d*L2;@ zXFS)+_+-y6f$LeO0UPY!7BoScb3D^IX?~W7NXS)_Dh=MhFuO2hg3~7cN zxO>VaadBPh{m${!@LU*zCf?LwA0jDc!P>GXg$q?JEAy+sEQI@V3dWp9Ud4Catsg&8 zr<}-tR=avuf!fwi-7OR7&G7tilfBP-kx8~5kQmKQNzBWF{YJH~zMqcYR2$WNb}%9z z-y16H7cggmMCQ~IJNS4x`1lSS8vBd=9ED*s#52CU=#Op}1h0Fs%;>*&X%kibT9-yX zk(vq~=^ikaYLmw&YtyEI(Z%T#34kM>_xWU$@>Zr@JqV=)w=%SF^hbofUVA`yp&Y0D zx&nVgx9;Q8+WH}k84-}PLxS?tn3@dq@`SWmBzJfMK>?iD=JdsdFdud^va1?xi z7&{%0YmNr>ZE{yw0_}`_y3!o1$W!`_1VCc_L?0;oJaVv>#pGUni ziW{jcyJ(Z~NZ@6Z?m)Hz5UQ^Do`bC~rOX?s6*`^jQfER6V3C9j=jAsBHPhl7)_p+N z@i20&J?qlCbpN(31C1W}cKmbg{P_0=b9W!y{L>NCPPhMs8$>?gF*tV^;9H)vDkm6d z=dvs0gF&*Ux?4}%xa?Ooz8OBj;_+L!EE_9m%tU@43}sN@mfu_qbP@*i%JSu;x-pWK z_;d+m?9K+M@#!$g9f|v8V_9PjI}-}wpZmxj$4Rm-Y=A%eBe6f;+2L8dJr7yRj0Dre zMyo3d9#Um`xMrse{ljlY6%Z{ZXeom_lxO?h>psXX(YNxil;N z6%Wa`<4$c#sX0}6<32)sJ_+6wAmYG}{#gAN&P6j6xsxuCy0e4lYbmiCrw&VN#Q)x411a**T7F2{}{LLI#Q(g_}nUsK?yxN0VXrD)#4cS$3 zo$3t<<^F2{$$RRqLs2#74Y;pXbuj1UvScr6^d4MUvS+c;2|~AzFt^%;bn0F{qE`~7 z?jjvWu&gRN=G9U2{VF1R>L71m8a)w6jiAB$v?Bq{AL6OBP)hs}MQO|w%D)ef$GbT; zqH#azM7)wN@P#TQ$jY!AaL*h4`a|pPuI3zRhD$TN{oL5_qDKzULDZ{b@JwAoZ0vr) zl@{UNDJ|!$`_*5gLaEAvJFD@xND+nNyR#90L9mO9=zeO`i2Pp33Vn9UQ+IDS_<(}Y ztsc~2;C0gYR)v41efWWO_zl^#p~}#&7rt{0dE2;ORVj$gD$q6eMvEb;4**e4h=^6J z#@B2L?Hi8AjN7x0p1ByK4{2?E$u)u>?w)$RB~%;9b}K=pA|0rlRx8d@X+0<1mQ#j7 z%3ZH(wQ87KptK;IM|wzokb!rQo;#U2nK#d4`H=Rw843c?g#tP?)xJgn(xU4)3Gy>c zXJJr;#!^FRD<&3G*0=u)?0H^ph#8!m4$8}4HS(ynwyjFvpFcvP7^nq!;D%T=C50a% z!IC3-*PTNsbIYXhF{l{e`eNctUmvko|3|~2uuS~mi|L+l85>?VxN;4*v$0K-uC1>^ z1^~T_x-UsVgV*Z@}!DlNL=*7ScVa@nTCM1W@k#1>cdN>^=HG{6%O!IzCa z-4B<4f3{t;+RE<{D0JoFMo9C4?wP^0l)3@)Vg>E2*d&%=kXM^DP9oJrz%5DbT2#pM zH4Vqjy1@H{5U!Q|Uxg-~urY*m%$AKLH{D$tMOIzIu!*y;tP$0}E)yT=rlYE(x1^*n zaJ%AG%mOg2Sq-;9KY7?&;w#Ws+R?5a1puIY)Pdnd8hQS)!YdgLS&1%o!8Q00dhs?y zhJ5kBm{|oA*s40R4Lva58u*SlClq!Uj_+{cO?5x3lQwetaj1NYP5HG9w?yskafVm4 z@508D=>>&I_@xY2i8uor!cvkp|KLZAZ=DH~F5yCJ?ugvGpIQ-+FJjA-`|Jwc=Wysm z_?jW4zFS7Z!Cp$``T(B)?rw>TOJB@(G5;c#%pv`_v z4R2D?l83&>4hFxyu6a?BZh(X`aD{08ba?gz;HF~y%?ulTclR*Uh&YIkZU0jN2G50c zyB7zwnG;=r^NTIMZIC|)MP9I9#%1{z;~!qFpE!BZG_27lmu-$!wU1Jp#}@0iXz3%K zRuWR|m)`l!-w@%HJSO^smXqZUCv+iCM-#!(@_%IHZ---9E?r2MZbv_6Z7`4$g@bCX z>m#yydaKJ7d26ibt}u$f$mYcODlwi*=#azeWIS}7J>L(&FHJIH2FkD0WTvhx&i2ii zGraBm#M_yS_h;Tas4NqrXIiTp+H|cxn47eO&VHz=X{gb&vb-xc7wAlap8PP^QA|jy zu$I{uo}$nZo1Dp;xlQiD?(M{Bq>08O{>{Bj8@K%`Yc(S^7@5oCX4efPBPgE$v0y)i zHdJMNb?pbLP5*R>5PDbRo2_;Z^{nT5*->dsPi`ig>~i%15c{WmMml)9Znw6`3c?7P zVH4O{ycQ}t^^9DY<&_!LGf*zv^Tbl!lGj6~&Hk6GHojb_V`iW)b=j}w4QYCDg4V$SromYPvURW8;^`DaaB)<*}@f(OIRYw6OV|tX(F_0+i3!p zOxjD*D24HJ{1oxSTp%6I?szmUbzO$I$!T` zW|z1ltVq@R3v#mnTsvxfHV=OR?CfV*pmW2vn^U2Ky{K&$8HvZnF*;wj%bqb0L0?w- z^czzFM8Ns^<%tb2G0G%trA9&`6wsg&`B^qSg`f7I%AM)?RPhxTdIj?^aP;)F*R9Ih z5H*`)D=MWPj??O#kF8Zo9`Z0R(B2G~>L zj${>dM7K01>4ZGq`~_(#eKOH@VN>QBJ?oD4VtWN%7M5nXaVI?Zs=poDH<0PD;Hu_O z>}+t4?)!nH-x+3pX*Oyfdhabb@nHO2PAuHK@d160`3XCTW+YjZ(wd%9A0f_M@ik_Q z5erMav?^>GZ28?nQlmsN<i$O(-=`?p=|!z|S1Y8m zyO~3afdEB33@WtzYVQWC;Q13XOM>t1z-_KPhw(qGOkJCUUb?k5fOn5p`pdj}gvuH$ zzfOLQ)V-&wmu(v|h3R5Q&_M`*UI0+j;wfrd_+O}fOef~?)OTH`$Vj7=7fuHw3lh)4 zriGZy`NR%*9*%V42A};~rDjoaMxaLorJm)e@}w21EC&X~Pj{fG`9s7vLdc;YAXGt` z*35Fza$(~#k~1ysmmjR6N!)6vh7e{-e>$1`!x|aNWvcr>-UR?#e0+WU4vsN!jDcee u9An@Z1IHLR#=tQK{!bX7`#W8d*)0bGj*aI=$@&oCD|Sf Date: Tue, 24 Feb 2026 14:47:40 +0800 Subject: [PATCH 49/88] docs: add wechat and discord badge (#707) Signed-off-by: Guoguo --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 84d92115b..778530db5 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,9 @@
Website Twitter +
+ + Discord