From 1e1f6cb3e553729558d663c51aa09bed91fa40b2 Mon Sep 17 00:00:00 2001
From: "a.abdollahian" <itsardalan007@gmail.com>
Date: Mon, 11 May 2026 14:08:58 +0330
Subject: [PATCH 1/9] feat: add Chrome extension helper for Apps Script setup

- Generates strong AUTH_KEY
- Prepares Code.gs with relay protocol
- Builds config.json snippet
- Links to docs and Apps Script editor
- Automates manual setup steps
---
 README.md                      |   2 +
 chrome-extension/Code.gs       | 783 +++++++++++++++++++++++++++++++++
 chrome-extension/README.md     |  47 ++
 chrome-extension/manifest.json |  12 +
 chrome-extension/popup.css     | 120 +++++
 chrome-extension/popup.html    |  65 +++
 chrome-extension/popup.js      | 173 ++++++++
 7 files changed, 1202 insertions(+)
 create mode 100644 chrome-extension/Code.gs
 create mode 100644 chrome-extension/README.md
 create mode 100644 chrome-extension/manifest.json
 create mode 100644 chrome-extension/popup.css
 create mode 100644 chrome-extension/popup.html
 create mode 100644 chrome-extension/popup.js

diff --git a/README.md b/README.md
index cd065e0..f7e7beb 100644
--- a/README.md
+++ b/README.md
@@ -74,6 +74,8 @@ ISPs can't read inside encrypted HTTPS. They only see the address — `www.googl
 11. Google shows a **Deployment ID** (a long random string). **Copy it** — you'll need it in Step 3.
 
 > **Tip:** if you ever update `Code.gs` later, don't make a new deployment. Edit the code, then go to **Deploy → Manage deployments → ✏️ → Version: New version → Deploy**. The Deployment ID stays the same.
+>
+> **Optional:** use `chrome-extension/README.md` for a browser helper that generates `Code.gs` and local config automatically.
 
 ### Step 2 — Download mhrv-rs
 
diff --git a/chrome-extension/Code.gs b/chrome-extension/Code.gs
new file mode 100644
index 0000000..c90f829
--- /dev/null
+++ b/chrome-extension/Code.gs
@@ -0,0 +1,783 @@
+/**
+ * DomainFront Relay — Google Apps Script
+ *
+ * TWO modes:
+ *   1. Single:  POST { k, m, u, h, b, ct, r }       → { s, h, b }
+ *   2. Batch:   POST { k, q: [{m,u,h,b,ct,r}, ...] } → { q: [{s,h,b}, ...] }
+ *      Uses UrlFetchApp.fetchAll() — all URLs fetched IN PARALLEL.
+ *
+ * OPTIONAL SPREADSHEET-BACKED RESPONSE CACHE:
+ *   Set CACHE_SPREADSHEET_ID to a valid Google Sheet ID (must be owned by
+ *   the same account). When enabled, public GET requests are stored in the
+ *   sheet and served from there on repeat visits, reducing UrlFetchApp
+ *   quota consumption. Bodies are gzipped before base64 storage so larger
+ *   responses fit under the per-cell character limit, and persistent
+ *   4xx (404/410/451) get a short negative-cache TTL so buggy clients
+ *   that hammer dead URLs cost zero quota; 5xx is never cached so a
+ *   flapping upstream cannot poison a 24h slot with a transient outage.
+ *   The cache is Vary-aware (Accept-Encoding and Accept-Language are
+ *   hashed into the compound cache key). Leave CACHE_SPREADSHEET_ID as-is
+ *   to disable caching entirely — zero overhead.
+ *
+ * DEPLOYMENT:
+ *   1. Go to https://script.google.com → New project
+ *   2. Delete the default code, paste THIS entire file
+ *   3. Change AUTH_KEY below to your own secret
+ *   4. (Optional) Set CACHE_SPREADSHEET_ID to enable caching
+ *   5. Click Deploy → New deployment
+ *   6. Type: Web app  |  Execute as: Me  |  Who has access: Anyone
+ *   7. Copy the Deployment ID into config.json as "script_id"
+ *
+ * CHANGE THE AUTH KEY BELOW TO YOUR OWN SECRET!
+ */
+
+const AUTH_KEY = "CHANGE_ME_TO_A_STRONG_SECRET";
+
+// Active-probing defense. When false (production default), bad AUTH_KEY
+// requests get a decoy HTML page that looks like a placeholder Apps
+// Script web app instead of the JSON `{"e":"unauthorized"}` body. This
+// makes the deployment indistinguishable from a forgotten-but-public
+// Apps Script project to active scanners that POST malformed payloads
+// looking for proxy endpoints.
+//
+// Set to `true` during initial setup if a misconfigured client is
+// hitting "unauthorized" and you want the explicit JSON error to debug
+// — then flip back to false before the deployment is widely shared.
+// (Inspired by #365 Section 3, mhrv-rs v1.8.0+.)
+const DIAGNOSTIC_MODE = false;
+
+// ── Optional Spreadsheet Cache ────────────────────────────────
+// Set to a valid Spreadsheet ID to enable response caching.
+// Leave as-is to disable caching entirely (zero overhead).
+const CACHE_SPREADSHEET_ID = "CHANGE_ME_TO_CACHE_SPREADSHEET_ID";
+const CACHE_SHEET_NAME = "RelayCache";
+const CACHE_META_SHEET_NAME = "RelayMeta";
+const CACHE_META_CURSOR_CELL = "A1";
+
+// ── Cache Tuning ────────────────────────────────────────────
+const CACHE_MAX_ROWS = 5000;             // circular buffer capacity
+const CACHE_MAX_BODY_BYTES = 35000;      // skip responses larger than ~35 KB
+const CACHE_DEFAULT_TTL_SECONDS = 86400; // 24-hour fallback when no Cache-Control
+
+// ── Negative Caching ────────────────────────────────────────
+// Persistent 4xx errors get a short TTL when the upstream is silent on
+// Cache-Control. Buggy clients hammer dead URLs (favicons, telemetry
+// pixels, dev-tools probes); a 5-minute floor absorbs the storm at
+// zero quota cost while letting transient 404s self-heal quickly.
+// 5xx is never cached — see _fetchAndCache.
+const NEGATIVE_CACHE_STATUSES = { 404: 1, 410: 1, 451: 1 };
+const NEGATIVE_CACHE_TTL_SECONDS = 300;
+
+// ── Body Compression ────────────────────────────────────────
+// Bodies are gzipped before base64 storage when worthwhile. Gzip has
+// ~20 bytes of header overhead, so very small payloads can bloat;
+// skip below this threshold. Already-encoded responses (gzip/br/etc.)
+// are stored as-is to avoid double-compression.
+const GZIP_MIN_BYTES = 256;
+
+// ── Vary-Aware Cache Key ────────────────────────────────────
+// These request headers are hashed into the compound cache key
+// alongside the URL so that responses with different encodings
+// or languages never collide in the cache. Covers ~95 % of
+// real-world Vary usage without inspecting the response.
+const VARY_KEY_HEADERS = ["accept-encoding", "accept-language"];
+
+// Connection-level + IP-leak request headers we strip before forwarding
+// to the destination. Browser capability headers (sec-ch-ua*, sec-fetch-*)
+// stay intact — modern apps like Google Meet use them for browser gating.
+// We also drop the `X-Forwarded-*` / `Forwarded` / `Via` family so a
+// misconfigured upstream proxy on the user side can't leak the user's
+// real IP through the relay path. Mirrors upstream
+// `masterking32/MasterHttpRelayVPN@3094288`.
+const SKIP_HEADERS = {
+  host: 1, connection: 1, "content-length": 1,
+  "transfer-encoding": 1, "proxy-connection": 1,
+  "proxy-authorization": 1,
+  "priority": 1, te: 1,
+  "x-forwarded-for": 1, "x-forwarded-host": 1,
+  "x-forwarded-proto": 1, "x-forwarded-port": 1,
+  "x-real-ip": 1, "forwarded": 1, "via": 1,
+};
+
+// Methods we consider safe to replay if `UrlFetchApp.fetchAll()` raises.
+// GET/HEAD/OPTIONS are idempotent per RFC 9110; POST/PUT/PATCH/DELETE
+// can have side-effects so we surface the error instead of silently
+// re-firing them.
+const SAFE_REPLAY_METHODS = { GET: 1, HEAD: 1, OPTIONS: 1 };
+
+// Headers that disqualify a request from the cache path.
+const CACHE_BUSTING_HEADERS = {
+  authorization: 1, cookie: 1, "x-api-key": 1,
+  "proxy-authorization": 1, "set-cookie": 1,
+};
+
+// HTML body for the bad-auth decoy. Mimics a minimal Apps Script-style
+// placeholder page — no proxy-shaped JSON, nothing distinctive enough
+// for a probe to fingerprint as a tunnel endpoint.
+const DECOY_HTML =
+  '<!DOCTYPE html><html><head><title>Web App</title></head>' +
+  '<body><p>The script completed but did not return anything.</p>' +
+  '</body></html>';
+
+// ── Request Handlers ─────────────────────────────────────────
+
+function _decoyOrError(jsonBody) {
+  if (DIAGNOSTIC_MODE) return _json(jsonBody);
+  return ContentService
+    .createTextOutput(DECOY_HTML)
+    .setMimeType(ContentService.MimeType.HTML);
+}
+
+function doPost(e) {
+  try {
+    var req = JSON.parse(e.postData.contents);
+    if (req.k !== AUTH_KEY) return _decoyOrError({ e: "unauthorized" });
+
+    // Batch mode: { k, q: [...] }
+    if (Array.isArray(req.q)) return _doBatch(req.q);
+
+    // Single mode
+    return _doSingle(req);
+  } catch (err) {
+    // Parse failures of the request body are also probe-shaped — a real
+    // mhrv-rs client never sends invalid JSON. Decoy for the same reason.
+    return _decoyOrError({ e: String(err) });
+  }
+}
+
+// `doGet` is what active scanners hit first (HTTP GET probes are cheaper
+// than POSTs). Apps Script defaults to a "Script function not found" page
+// here which is a fine-enough decoy on its own, but explicitly returning
+// the same harmless placeholder makes the response identical to the
+// bad-auth POST decoy — one less fingerprint vector.
+function doGet(e) {
+  return ContentService
+    .createTextOutput(DECOY_HTML)
+    .setMimeType(ContentService.MimeType.HTML);
+}
+
+// ── Single Request ─────────────────────────────────────────
+
+function _doSingle(req) {
+  if (!req.u || typeof req.u !== "string" || !req.u.match(/^https?:\/\//i)) {
+    return _json({ e: "bad url" });
+  }
+
+  // ── Optional cache path ────────────────────────────────
+  // Only entered when CACHE_SPREADSHEET_ID is configured and
+  // the request qualifies as a public, cachable GET.
+  if (_canUseCache(req)) {
+    var cached = _getFromCache(req.u, req.h);
+    if (cached) {
+      return _json({
+        s: cached.status,
+        h: JSON.parse(cached.headers),
+        b: cached.body,
+        cached: true,
+      });
+    }
+
+    var fetchResult = _fetchAndCache(req.u, req.h);
+    if (fetchResult) {
+      return _json({
+        s: fetchResult.status,
+        h: JSON.parse(fetchResult.headers),
+        b: fetchResult.body,
+        cached: false,
+      });
+    }
+    // If _fetchAndCache returns null (spreadsheet unavailable),
+    // fall through to the normal relay path below.
+  }
+
+  // ── Normal relay (cache disabled or unavailable) ────────
+  var opts = _buildOpts(req);
+  var resp = UrlFetchApp.fetch(req.u, opts);
+  return _json({
+    s: resp.getResponseCode(),
+    h: _respHeaders(resp),
+    b: Utilities.base64Encode(resp.getContent()),
+  });
+}
+
+// ── Batch Request ──────────────────────────────────────────
+
+function _doBatch(items) {
+  var fetchArgs = [];
+  var fetchIndex = [];
+  var fetchMethods = [];
+  var errorMap = {};
+
+  for (var i = 0; i < items.length; i++) {
+    var item = items[i];
+    if (!item || typeof item !== "object") {
+      errorMap[i] = "bad item";
+      continue;
+    }
+    if (!item.u || typeof item.u !== "string" || !item.u.match(/^https?:\/\//i)) {
+      errorMap[i] = "bad url";
+      continue;
+    }
+    try {
+      var opts = _buildOpts(item);
+      opts.url = item.u;
+      fetchArgs.push(opts);
+      fetchIndex.push(i);
+      fetchMethods.push(String(item.m || "GET").toUpperCase());
+    } catch (buildErr) {
+      errorMap[i] = String(buildErr);
+    }
+  }
+
+  // fetchAll() processes all requests in parallel inside Google. If it
+  // throws as a whole (e.g. one URL violates UrlFetchApp limits and
+  // poisons the whole batch), degrade to per-item fetch on safe methods
+  // so a single bad request does not zero out every response in the
+  // batch. Mirrors upstream `masterking32/MasterHttpRelayVPN@3094288`.
+  var responses = [];
+  if (fetchArgs.length > 0) {
+    try {
+      responses = UrlFetchApp.fetchAll(fetchArgs);
+    } catch (fetchAllErr) {
+      responses = [];
+      for (var j = 0; j < fetchArgs.length; j++) {
+        try {
+          if (!SAFE_REPLAY_METHODS[fetchMethods[j]]) {
+            errorMap[fetchIndex[j]] =
+              "batch fetchAll failed; unsafe method not replayed";
+            responses[j] = null;
+            continue;
+          }
+          var fallbackReq = fetchArgs[j];
+          var fallbackUrl = fallbackReq.url;
+          var fallbackOpts = {};
+          for (var key in fallbackReq) {
+            if (
+              Object.prototype.hasOwnProperty.call(fallbackReq, key) &&
+              key !== "url"
+            ) {
+              fallbackOpts[key] = fallbackReq[key];
+            }
+          }
+          responses[j] = UrlFetchApp.fetch(fallbackUrl, fallbackOpts);
+        } catch (singleErr) {
+          errorMap[fetchIndex[j]] = String(singleErr);
+          responses[j] = null;
+        }
+      }
+    }
+  }
+
+  var results = [];
+  var rIdx = 0;
+  for (var i = 0; i < items.length; i++) {
+    if (Object.prototype.hasOwnProperty.call(errorMap, i)) {
+      results.push({ e: errorMap[i] });
+    } else {
+      var resp = responses[rIdx++];
+      if (!resp) {
+        results.push({ e: "fetch failed" });
+      } else {
+        results.push({
+          s: resp.getResponseCode(),
+          h: _respHeaders(resp),
+          b: Utilities.base64Encode(resp.getContent()),
+        });
+      }
+    }
+  }
+  return _json({ q: results });
+}
+
+// ── Request Building ───────────────────────────────────────
+
+function _buildOpts(req) {
+  var opts = {
+    method: (req.m || "GET").toLowerCase(),
+    muteHttpExceptions: true,
+    followRedirects: req.r !== false,
+    validateHttpsCertificates: true,
+    escaping: false,
+  };
+  if (req.h && typeof req.h === "object") {
+    var headers = {};
+    for (var k in req.h) {
+      if (req.h.hasOwnProperty(k) && !SKIP_HEADERS[k.toLowerCase()]) {
+        headers[k] = req.h[k];
+      }
+    }
+    opts.headers = headers;
+  }
+  if (req.b) {
+    opts.payload = Utilities.base64Decode(req.b);
+    if (req.ct) opts.contentType = req.ct;
+  }
+  return opts;
+}
+
+function _respHeaders(resp) {
+  try {
+    if (typeof resp.getAllHeaders === "function") {
+      return resp.getAllHeaders();
+    }
+  } catch (err) {}
+  return resp.getHeaders();
+}
+
+function _json(obj) {
+  return ContentService.createTextOutput(JSON.stringify(obj)).setMimeType(
+    ContentService.MimeType.JSON
+  );
+}
+
+// ═══════════════════════════════════════════════════════════
+//  SPREADSHEET CACHE — SHEET MANAGEMENT
+// ═══════════════════════════════════════════════════════════════════
+
+function _initCacheSheet() {
+  if (CACHE_SPREADSHEET_ID === "CHANGE_ME_TO_CACHE_SPREADSHEET_ID") {
+    return null;
+  }
+  try {
+    var ss = SpreadsheetApp.openById(CACHE_SPREADSHEET_ID);
+    var sheet = ss.getSheetByName(CACHE_SHEET_NAME);
+    if (!sheet) {
+      sheet = ss.insertSheet(CACHE_SHEET_NAME);
+      // Schema: URL_Hash | URL | Status | Headers | Body | Timestamp | Expires_At | Z
+      // Z is 1 when Body is base64(gzip(rawBytes)), 0/empty when base64(rawBytes).
+      // Legacy 7-column rows from older deployments read back as Z=undefined,
+      // which the cache hit path treats as "not gzipped" — fully compatible.
+      sheet.getRange(1, 1, 1, 8).setValues([[
+        "URL_Hash", "URL", "Status", "Headers", "Body", "Timestamp", "Expires_At", "Z"
+      ]]);
+    }
+    return sheet;
+  } catch (e) {
+    return null;
+  }
+}
+
+function _getMetaSheet() {
+  if (CACHE_SPREADSHEET_ID === "CHANGE_ME_TO_CACHE_SPREADSHEET_ID") {
+    return null;
+  }
+  try {
+    var ss = SpreadsheetApp.openById(CACHE_SPREADSHEET_ID);
+    var sheet = ss.getSheetByName(CACHE_META_SHEET_NAME);
+    if (!sheet) {
+      sheet = ss.insertSheet(CACHE_META_SHEET_NAME);
+      sheet.getRange(CACHE_META_CURSOR_CELL).setValue(2);
+      sheet.hideSheet();
+    }
+    return sheet;
+  } catch (e) {
+    return null;
+  }
+}
+
+function _getNextCursor(sheet, metaSheet) {
+  var cursorRange = metaSheet.getRange(CACHE_META_CURSOR_CELL);
+  var cursor = cursorRange.getValue();
+  if (typeof cursor !== "number" || cursor < 2) cursor = 2;
+
+  var totalRows = sheet.getDataRange().getNumRows();
+
+  if (totalRows < CACHE_MAX_ROWS + 1) {
+    return totalRows + 1;
+  }
+
+  return cursor;
+}
+
+function _advanceCursor(metaSheet, currentRow) {
+  var nextRow = currentRow + 1;
+  if (nextRow > CACHE_MAX_ROWS + 1) nextRow = 2;
+  metaSheet.getRange(CACHE_META_CURSOR_CELL).setValue(nextRow);
+}
+
+function _ensureRowsAllocated(sheet) {
+  var totalRows = sheet.getDataRange().getNumRows();
+  if (totalRows < CACHE_MAX_ROWS + 1) {
+    var needed = CACHE_MAX_ROWS + 1 - totalRows;
+    sheet.insertRowsAfter(totalRows, needed);
+  }
+}
+
+// ═══════════════════════════════════════════════════════════
+//  SPREADSHEET CACHE — VARY-AWARE COMPOUND KEY
+// ═══════════════════════════════════════════════════════════
+
+/**
+ * Case-insensitive header lookup.
+ * HTTP header names are case-insensitive per RFC 7230 § 3.2.
+ */
+function _getHeaderCaseInsensitive(headers, targetKey) {
+  var target = targetKey.toLowerCase();
+  for (var k in headers) {
+    if (headers.hasOwnProperty(k) && k.toLowerCase() === target) {
+      return headers[k];
+    }
+  }
+  return null;
+}
+
+/**
+ * Compute a compound cache key:
+ *   MD5(URL | header1:value1 | header2:value2 | ...)
+ *
+ * Instead of reading the response Vary header (which would require
+ * fetching first — circular), we preemptively include the request
+ * headers that are known to cause response variation. This handles
+ * Vary: Accept-Encoding and Vary: Accept-Language without ever
+ * inspecting the response.
+ * Values are lowercased and whitespace-stripped so semantically
+ * identical requests from different clients produce the same hash.
+ */
+function _getCacheKey(url, reqHeaders) {
+  var parts = [url];
+
+  if (reqHeaders && typeof reqHeaders === "object") {
+    for (var i = 0; i < VARY_KEY_HEADERS.length; i++) {
+      var headerName = VARY_KEY_HEADERS[i];
+      var rawValue = _getHeaderCaseInsensitive(reqHeaders, headerName);
+
+      if (rawValue && String(rawValue).trim() !== "") {
+        parts.push(headerName + ":" + rawValue.toLowerCase().replace(/\s/g, ""));
+      } else {
+        parts.push(headerName + ":<none>");
+      }
+    }
+  } else {
+    for (var j = 0; j < VARY_KEY_HEADERS.length; j++) {
+      parts.push(VARY_KEY_HEADERS[j] + ":<none>");
+    }
+  }
+
+  var compoundKey = parts.join("|");
+  return _md5Hex(compoundKey);
+}
+
+function _md5Hex(input) {
+  var rawHash = Utilities.computeDigest(Utilities.DigestAlgorithm.MD5, input);
+  return rawHash
+    .map(function (byte) {
+      var v = (byte < 0) ? 256 + byte : byte;
+      return ("0" + v.toString(16)).slice(-2);
+    })
+    .join("");
+}
+
+// ═══════════════════════════════════════════════════════════
+//  SPREADSHEET CACHE — CORE LOGIC
+// ═══════════════════════════════════════════════════════════
+
+/**
+ * Returns true if the request is eligible for the cache path:
+ * public GET, no body, no auth/cookie headers, cache configured.
+ */
+function _canUseCache(req) {
+  if ((req.m || "GET") !== "GET") return false;
+  if (req.b) return false;
+  if (!req.u || !req.u.match(/^https?:\/\//i)) return false;
+  if (CACHE_SPREADSHEET_ID === "CHANGE_ME_TO_CACHE_SPREADSHEET_ID") return false;
+
+  if (req.h && typeof req.h === "object") {
+    for (var k in req.h) {
+      if (req.h.hasOwnProperty(k) && CACHE_BUSTING_HEADERS[k.toLowerCase()]) {
+        return false;
+      }
+    }
+  }
+
+  return true;
+}
+
+/**
+ * Extract max-age (seconds) from a Cache-Control header value.
+ * Returns 0 if the directive forbids caching (no-cache / no-store /
+ * private). Falls back to CACHE_DEFAULT_TTL_SECONDS when no header
+ * is present. Clamped to [60, 2592000] (1 min – 30 days).
+ */
+function _parseMaxAge(cacheControlHeader) {
+  if (!cacheControlHeader) return CACHE_DEFAULT_TTL_SECONDS;
+
+  var lower = cacheControlHeader.toLowerCase();
+
+  if (
+    lower.indexOf("no-cache") !== -1 ||
+    lower.indexOf("no-store") !== -1 ||
+    lower.indexOf("private") !== -1
+  ) {
+    return 0;
+  }
+
+  var match = lower.match(/max-age=(\d+)/);
+  if (match) {
+    var ttl = parseInt(match[1], 10);
+    return Math.max(60, Math.min(ttl, 2592000));
+  }
+
+  return CACHE_DEFAULT_TTL_SECONDS;
+}
+
+/**
+ * Rewrite time-sensitive headers so the client sees accurate
+ * Date, Age, and Cache-Control values reflecting cache age.
+ */
+function _refreshCachedHeaders(headersJson, timestamp) {
+  var headers = JSON.parse(headersJson);
+  var cachedAt = new Date(timestamp);
+  var now = new Date();
+  var ageSeconds = Math.floor((now.getTime() - cachedAt.getTime()) / 1000);
+
+  if (ageSeconds < 0) ageSeconds = 0;
+
+  headers["Date"] = now.toUTCString();
+  headers["Age"] = String(ageSeconds);
+
+  var originalCc = headers["Cache-Control"] || headers["cache-control"];
+  if (originalCc) {
+    headers["X-Original-Cache-Control"] = originalCc;
+  }
+
+  var remainingMaxAge = Math.max(0, _parseMaxAge(originalCc) - ageSeconds);
+  headers["Cache-Control"] = "public, max-age=" + remainingMaxAge;
+
+  headers["X-Cache"] = "HIT from relay-spreadsheet";
+  headers["X-Cached-At"] = cachedAt.toUTCString();
+
+  return JSON.stringify(headers);
+}
+
+/**
+ * Retrieve a cached response by compound cache key.
+ * Uses TextFinder for O(log n) lookup. Skips expired entries.
+ * Returns null on miss, expired entry, or unavailable sheet.
+ */
+function _getFromCache(url, reqHeaders) {
+  var sheet = _initCacheSheet();
+  if (!sheet) return null;
+
+  var hash = _getCacheKey(url, reqHeaders);
+  var finder = sheet.createTextFinder(hash).matchEntireCell(true);
+  var found = finder.findNext();
+
+  if (found) {
+    // 8-column read. Legacy 7-column rows return undefined for the Z slot,
+    // which is falsy and falls through the not-gzipped branch below — fully
+    // compatible with caches written before the gzip-storage change.
+    var row = sheet.getRange(found.getRow(), 1, 1, 8).getValues()[0];
+
+    var expiresAt = row[6];
+    if (expiresAt && expiresAt instanceof Date && expiresAt < new Date()) {
+      return null;
+    }
+
+    var storedBody = row[4];
+    var body;
+    if (row[7]) {
+      // Stored as base64(gzip(rawBytes)). The relay protocol's `b` field
+      // is base64(rawBytes), so decompress and re-encode for the wire.
+      var gzipped = Utilities.base64Decode(storedBody);
+      var raw = Utilities
+        .ungzip(Utilities.newBlob(gzipped, "application/x-gzip"))
+        .getBytes();
+      body = Utilities.base64Encode(raw);
+    } else {
+      body = storedBody;
+    }
+
+    return {
+      status: row[2],
+      headers: _refreshCachedHeaders(row[3], row[5]),
+      body: body,
+    };
+  }
+  return null;
+}
+
+/**
+ * Fetch a URL and store the response in the spreadsheet cache
+ * using a circular buffer (O(1) writes). Skips storage on 5xx
+ * (transient outages must not poison a 24h slot), when Cache-Control
+ * forbids caching, or when the post-compression body exceeds
+ * CACHE_MAX_BODY_BYTES. Always returns the fetch result so the caller
+ * can serve the live response even when the cache write is skipped.
+ */
+function _fetchAndCache(url, reqHeaders) {
+  var sheet = _initCacheSheet();
+  if (!sheet) return null;
+
+  try {
+    var response = UrlFetchApp.fetch(url, { muteHttpExceptions: true });
+    var status = response.getResponseCode();
+    var headers = _respHeaders(response);
+    var bodyBytes = response.getContent();
+    var rawB64 = Utilities.base64Encode(bodyBytes);
+    var headersJson = JSON.stringify(headers);
+    var liveResult = { status: status, headers: headersJson, body: rawB64 };
+
+    // 5xx never enters the cache. A flapping upstream returning 503 once
+    // would otherwise pin that response for 24h and break the URL for
+    // every subsequent client until expiry.
+    if (status >= 500) return liveResult;
+
+    var cacheControl =
+      headers["Cache-Control"] || headers["cache-control"] || null;
+    var ttlSeconds = _parseMaxAge(cacheControl);
+
+    if (ttlSeconds === 0) return liveResult;
+
+    // Negative caching: cap TTL on persistent 4xx when upstream is silent.
+    // If they explicitly stated a max-age for the 404, we honor it instead
+    // — the origin knows best when it spoke up.
+    if (NEGATIVE_CACHE_STATUSES[status] && !cacheControl) {
+      ttlSeconds = NEGATIVE_CACHE_TTL_SECONDS;
+    }
+
+    // Decide whether to gzip-store. Skip when upstream is already encoded
+    // (avoids double-compressing gzip/br/zstd payloads) and when the body
+    // is too small to overcome gzip's header overhead.
+    var contentEncoding = String(
+      headers["Content-Encoding"] || headers["content-encoding"] || ""
+    ).toLowerCase();
+    var alreadyEncoded = contentEncoding && contentEncoding !== "identity";
+    var storedBody;
+    var storedZ;
+    if (alreadyEncoded || bodyBytes.length < GZIP_MIN_BYTES) {
+      storedBody = rawB64;
+      storedZ = 0;
+    } else {
+      storedBody = Utilities.base64Encode(
+        Utilities.gzip(Utilities.newBlob(bodyBytes)).getBytes()
+      );
+      storedZ = 1;
+    }
+
+    // Cell-size safety gate, applied after compression so that a 100 KB
+    // text body that gzips to ~15 KB now fits where it previously bailed.
+    if (storedBody.length > CACHE_MAX_BODY_BYTES) return liveResult;
+
+    var hash = _getCacheKey(url, reqHeaders);
+    var timestamp = new Date();
+    var expiresAt = new Date(timestamp.getTime() + ttlSeconds * 1000);
+
+    // Safety: fallback if Date math produces invalid result
+    if (isNaN(expiresAt.getTime())) {
+      expiresAt = new Date(timestamp.getTime() + CACHE_DEFAULT_TTL_SECONDS * 1000);
+    }
+
+    var rowData = [
+      hash,
+      url,
+      status,
+      headersJson,
+      storedBody,
+      timestamp.toISOString(),
+      expiresAt,
+      storedZ,
+    ];
+
+    // Circular buffer write (O(1))
+    var metaSheet = _getMetaSheet();
+    if (metaSheet) {
+      _ensureRowsAllocated(sheet);
+      var writeRow = _getNextCursor(sheet, metaSheet);
+      sheet.getRange(writeRow, 1, 1, 8).setValues([rowData]);
+      _advanceCursor(metaSheet, writeRow);
+    } else {
+      // Fallback: simple append if meta sheet is unavailable
+      sheet.appendRow(rowData);
+    }
+
+    return liveResult;
+  } catch (e) {
+    return null;
+  }
+}
+
+// ═══════════════════════════════════════════════════════════
+//  SPREADSHEET CACHE — DIAGNOSTICS
+// ═══════════════════════════════════════════════════════════
+
+function getCacheStats() {
+  var sheet = _initCacheSheet();
+  if (!sheet) {
+    console.log("Cache is not enabled or spreadsheet unavailable.");
+    return;
+  }
+
+  var data = sheet.getDataRange().getValues();
+  var totalEntries = data.length - 1;
+  var now = new Date();
+  var expiredCount = 0;
+
+  for (var i = 1; i < data.length; i++) {
+    var expiresAt = data[i][6];
+    if (expiresAt && expiresAt instanceof Date && expiresAt < now) {
+      expiredCount++;
+    }
+  }
+
+  var metaSheet = _getMetaSheet();
+  var cursorInfo = "N/A";
+  if (metaSheet) {
+    cursorInfo = String(metaSheet.getRange(CACHE_META_CURSOR_CELL).getValue());
+  }
+
+  console.log("=== CACHE STATS ===");
+  console.log("Total rows used: " + totalEntries + " / " + CACHE_MAX_ROWS);
+  console.log("Active entries: " + (totalEntries - expiredCount));
+  console.log("Expired entries: " + expiredCount);
+  console.log("Cursor position: " + cursorInfo);
+  console.log("Max body size: " + CACHE_MAX_BODY_BYTES + " chars");
+  console.log("Default TTL: " + CACHE_DEFAULT_TTL_SECONDS + " sec");
+  console.log("Vary key headers: " + VARY_KEY_HEADERS.join(", "));
+  if (totalEntries > 0) {
+    console.log("Oldest entry: " + data[1][5]);
+    console.log("Newest entry: " + data[data.length - 1][5]);
+  }
+}
+
+function clearExpiredCache() {
+  var sheet = _initCacheSheet();
+  if (!sheet) {
+    console.log("Cache is not enabled.");
+    return;
+  }
+
+  var data = sheet.getDataRange().getValues();
+  var now = new Date();
+  var rowsToClear = [];
+
+  for (var i = 1; i < data.length; i++) {
+    var expiresAt = data[i][6];
+    if (expiresAt && expiresAt instanceof Date && expiresAt < now) {
+      rowsToClear.push(i + 1);
+    }
+  }
+
+  for (var j = 0; j < rowsToClear.length; j++) {
+    sheet.getRange(rowsToClear[j], 1, 1, 8).clearContent();
+  }
+
+  console.log("Cleared " + rowsToClear.length + " expired entries (" +
+    (data.length - 1 - rowsToClear.length) + " remaining).");
+}
+
+function clearEntireCache() {
+  var sheet = _initCacheSheet();
+  if (sheet) {
+    var totalRows = sheet.getDataRange().getNumRows();
+    if (totalRows > 1) {
+      sheet.getRange(2, 1, totalRows - 1, 8).clearContent();
+    }
+  }
+
+  var metaSheet = _getMetaSheet();
+  if (metaSheet) {
+    metaSheet.getRange(CACHE_META_CURSOR_CELL).setValue(2);
+  }
+
+  console.log("Cache wiped. Cursor reset to row 2.");
+}
diff --git a/chrome-extension/README.md b/chrome-extension/README.md
new file mode 100644
index 0000000..c7aa7ad
--- /dev/null
+++ b/chrome-extension/README.md
@@ -0,0 +1,47 @@
+# mhrv-rs Apps Script Helper Chrome Extension
+
+This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST` project. It automates the first-time Apps Script setup by generating a strong `AUTH_KEY`, preparing the `Code.gs` source, and producing a local config snippet.
+
+## What it does
+
+- Generates a strong random `AUTH_KEY`
+- Creates a ready-to-deploy `Code.gs` file with the same relay protocol used by the repo
+- Opens Google Apps Script in a new tab
+- Builds a JSON config snippet for `config.json`
+- Links to the repo documentation for setup and troubleshooting
+
+## Installation
+
+1. Open Chrome and go to `chrome://extensions`.
+2. Enable **Developer mode**.
+3. Click **Load unpacked**.
+4. Select the `chrome-extension` folder in this repository.
+5. The extension icon should appear in your toolbar.
+
+## Usage
+
+1. Click the extension icon.
+2. Tap **Generate auth key**.
+3. Tap **Copy Code.gs** or **Download Code.gs**.
+4. In `https://script.google.com`, create a new Apps Script project and paste the generated contents.
+5. Deploy as a Web App with:
+   - **Execute as:** Me
+   - **Who has access:** Anyone
+6. Copy the deployment ID and paste it into the Deployment ID field in the extension.
+7. Tap **Copy config snippet** and paste the result into your local `config.json`.
+
+## Notes
+
+- The extension does not deploy Apps Script automatically; it only generates the code and configuration.
+- The extension stores no secret values persistently in Chrome storage.
+- If your network does not allow `script.google.com`, use the project in `direct` mode first and then follow the guide.
+
+## Recommended workflow
+
+- Use the extension to avoid manual editing mistakes.
+- Keep the generated `AUTH_KEY` secret.
+- If you need full tunnel mode later, use the repo docs to deploy `CodeFull.gs` or `Code.cfw.gs`.
+
+## Limitations
+
+This helper is intentionally minimal and does not perform OAuth on behalf of your Google account. It simplifies the code generation and setup flow but still requires a manual Apps Script deployment step inside Google.
diff --git a/chrome-extension/manifest.json b/chrome-extension/manifest.json
new file mode 100644
index 0000000..8fb4c63
--- /dev/null
+++ b/chrome-extension/manifest.json
@@ -0,0 +1,12 @@
+{
+  "manifest_version": 3,
+  "name": "mhrv-rs Apps Script Helper",
+  "description": "Generate Google Apps Script deployment code and configuration for mhrv-rs.",
+  "version": "0.1.0",
+  "action": {
+    "default_title": "mhrv-rs Apps Script Helper",
+    "default_popup": "popup.html"
+  },
+  "permissions": ["storage", "clipboardWrite"],
+  "host_permissions": ["https://script.google.com/*"]
+}
diff --git a/chrome-extension/popup.css b/chrome-extension/popup.css
new file mode 100644
index 0000000..ac4d502
--- /dev/null
+++ b/chrome-extension/popup.css
@@ -0,0 +1,120 @@
+:root {
+  color-scheme: light;
+  font-family: Inter, system-ui, -apple-system, BlinkMacSystemFont, sans-serif;
+  font-size: 13px;
+  color: #111;
+  background: #f7fafc;
+}
+
+body {
+  margin: 0;
+  min-width: 360px;
+}
+
+.container {
+  padding: 16px;
+}
+
+header h1 {
+  margin: 0 0 4px;
+  font-size: 1rem;
+}
+
+header p {
+  margin: 0 0 16px;
+  color: #475569;
+  font-size: 0.95rem;
+}
+
+.step {
+  margin-bottom: 18px;
+  background: #fff;
+  border: 1px solid #e2e8f0;
+  border-radius: 14px;
+  padding: 14px;
+}
+
+.step h2 {
+  margin: 0 0 8px;
+  font-size: 0.95rem;
+}
+
+.step p {
+  margin: 0 0 12px;
+  line-height: 1.5;
+}
+
+.row {
+  display: flex;
+  flex-wrap: wrap;
+  gap: 8px;
+  margin-bottom: 12px;
+}
+
+.row.small {
+  gap: 4px;
+}
+
+button {
+  border: none;
+  border-radius: 10px;
+  padding: 10px 14px;
+  font-size: 0.92rem;
+  cursor: pointer;
+  background: #0f172a;
+  color: #fff;
+  transition: transform 0.1s ease, background 0.2s ease;
+}
+
+button.secondary {
+  background: #e2e8f0;
+  color: #111827;
+}
+
+button:hover {
+  transform: translateY(-1px);
+}
+
+label {
+  display: block;
+  margin-bottom: 10px;
+  color: #334155;
+}
+
+input,
+textarea {
+  width: 100%;
+  border: 1px solid #cbd5e1;
+  border-radius: 10px;
+  padding: 10px 12px;
+  font-family: inherit;
+  font-size: 0.95rem;
+  background: #f8fafc;
+  color: #0f172a;
+  resize: vertical;
+}
+
+textarea {
+  min-height: 88px;
+  max-height: 220px;
+  overflow: auto;
+}
+
+.notice {
+  background: #f8fafc;
+  border-left: 4px solid #60a5fa;
+  padding: 10px 12px;
+  color: #334155;
+  font-size: 0.92rem;
+  border-radius: 0 0 10px 10px;
+}
+
+footer {
+  margin-top: 0;
+  padding-top: 4px;
+}
+
+#message {
+  color: #0f172a;
+  font-size: 0.9rem;
+}
diff --git a/chrome-extension/popup.html b/chrome-extension/popup.html
new file mode 100644
index 0000000..1ff4ae7
--- /dev/null
+++ b/chrome-extension/popup.html
@@ -0,0 +1,65 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>mhrv-rs Apps Script Helper</title>
+  <link rel="stylesheet" href="popup.css" />
+</head>
+<body>
+  <div class="container">
+    <header>
+      <h1>mhrv-rs Apps Script Helper</h1>
+      <p>Generate Google Apps Script code and config for mhrv-rs.</p>
+    </header>
+
+    <section class="step">
+      <h2>Step 1: Generate a strong auth key</h2>
+      <p>This secret is used by the Apps Script and your local config.</p>
+      <div class="row">
+        <button id="generate-key">Generate auth key</button>
+        <button id="copy-key" class="secondary">Copy key</button>
+      </div>
+      <textarea id="auth-key" readonly aria-label="Generated auth key"></textarea>
+    </section>
+
+    <section class="step">
+      <h2>Step 2: Build your Apps Script</h2>
+      <p>Open Apps Script, paste the generated code, and deploy as a Web app.</p>
+      <div class="row">
+        <button id="copy-script">Copy Code.gs</button>
+        <button id="download-script" class="secondary">Download Code.gs</button>
+        <button id="open-script" class="secondary">Open Apps Script</button>
+      </div>
+      <div class="notice">The script is loaded from the extension package and includes the same relay protocol used by mhrv-rs.</div>
+    </section>
+
+    <section class="step">
+      <h2>Step 3: Create config</h2>
+      <p>Paste your Deployment ID and the auth key into your local config.</p>
+      <label>
+        Deployment ID
+        <input id="deployment-id" type="text" placeholder="YOUR_APPS_SCRIPT_DEPLOYMENT_ID" />
+      </label>
+      <div class="row">
+        <button id="copy-config">Copy config snippet</button>
+      </div>
+      <textarea id="config-json" readonly aria-label="Generated config snippet"></textarea>
+    </section>
+
+    <section class="step note">
+      <h2>Quick links</h2>
+      <div class="row small">
+        <button id="open-readme">View app docs</button>
+        <button id="open-guide" class="secondary">Open setup guide</button>
+      </div>
+      <p>Use a local browser proxy such as Proxy SwitchyOmega for Chrome/Edge.</p>
+    </section>
+
+    <footer>
+      <span id="message" aria-live="polite"></span>
+    </footer>
+  </div>
+  <script src="popup.js"></script>
+</body>
+</html>
diff --git a/chrome-extension/popup.js b/chrome-extension/popup.js
new file mode 100644
index 0000000..ad4346a
--- /dev/null
+++ b/chrome-extension/popup.js
@@ -0,0 +1,173 @@
+const AUTH_KEY_PLACEHOLDER = 'CHANGE_ME_TO_A_STRONG_SECRET';
+const CODE_FILE = 'Code.gs';
+let codeTemplate = '';
+
+const elements = {
+  authKey: document.getElementById('auth-key'),
+  deploymentId: document.getElementById('deployment-id'),
+  configJson: document.getElementById('config-json'),
+  message: document.getElementById('message'),
+  generateKey: document.getElementById('generate-key'),
+  copyKey: document.getElementById('copy-key'),
+  copyScript: document.getElementById('copy-script'),
+  downloadScript: document.getElementById('download-script'),
+  openScript: document.getElementById('open-script'),
+  copyConfig: document.getElementById('copy-config'),
+  openReadme: document.getElementById('open-readme'),
+  openGuide: document.getElementById('open-guide'),
+};
+
+function randomHex(length = 32) {
+  const array = new Uint8Array(length);
+  crypto.getRandomValues(array);
+  return Array.from(array)
+    .map((byte) => byte.toString(16).padStart(2, '0'))
+    .join('');
+}
+
+function showMessage(text, isError = false) {
+  elements.message.textContent = text;
+  elements.message.style.color = isError ? '#b91c1c' : '#0f172a';
+}
+
+function renderConfig() {
+  const authKey = elements.authKey.value.trim();
+  const deploymentId = elements.deploymentId.value.trim();
+  const config = {
+    mode: 'apps_script',
+    script_id: deploymentId || 'YOUR_APPS_SCRIPT_DEPLOYMENT_ID',
+    auth_key: authKey || 'PASTE_YOUR_AUTH_KEY_HERE',
+    listen_port: 8085,
+  };
+  elements.configJson.value = JSON.stringify(config, null, 2);
+}
+
+function renderScript() {
+  if (!codeTemplate) {
+    return;
+  }
+  const authKey = elements.authKey.value.trim() || AUTH_KEY_PLACEHOLDER;
+  const replaced = codeTemplate.replace(
+    /const\s+AUTH_KEY\s*=\s*"[^"]*";/,
+    `const AUTH_KEY = "${authKey}";`
+  );
+  document.getElementById('code-preview')?.remove();
+  const preview = document.createElement('textarea');
+  preview.id = 'code-preview';
+  preview.readOnly = true;
+  preview.value = replaced;
+  preview.style.marginTop = '8px';
+  preview.style.height = '220px';
+  preview.style.fontFamily = 'monospace';
+  preview.style.whiteSpace = 'pre';
+  preview.style.overflow = 'auto';
+  preview.style.width = '100%';
+  preview.style.border = '1px solid #cbd5e1';
+  preview.style.borderRadius = '10px';
+  const step = elements.copyScript.closest('.step');
+  const existing = step.querySelector('#code-preview');
+  if (existing) existing.remove();
+  step.appendChild(preview);
+}
+
+function setAuthKey(key) {
+  elements.authKey.value = key;
+  renderConfig();
+  renderScript();
+}
+
+async function loadTemplate() {
+  try {
+    const response = await fetch(chrome.runtime.getURL(CODE_FILE));
+    codeTemplate = await response.text();
+    renderScript();
+  } catch (err) {
+    showMessage('Failed to load Code.gs from the extension package.', true);
+    console.error(err);
+  }
+}
+
+function copyText(text, label) {
+  return navigator.clipboard.writeText(text).then(
+    () => showMessage(`Copied ${label}.`),
+    (err) => {
+      console.error(err);
+      showMessage(`Could not copy ${label}.`, true);
+    }
+  );
+}
+
+function initListeners() {
+  elements.generateKey.addEventListener('click', () => {
+    setAuthKey(randomHex(32));
+    showMessage('Auth key generated. Paste it into Apps Script and config.');
+  });
+
+  elements.copyKey.addEventListener('click', () => {
+    const key = elements.authKey.value.trim();
+    if (!key) {
+      showMessage('Generate an auth key first.', true);
+      return;
+    }
+    copyText(key, 'auth key');
+  });
+
+  elements.copyScript.addEventListener('click', () => {
+    if (!codeTemplate) {
+      showMessage('Script template not loaded yet.', true);
+      return;
+    }
+    const authKey = elements.authKey.value.trim() || AUTH_KEY_PLACEHOLDER;
+    const scriptText = codeTemplate.replace(
+      /const\s+AUTH_KEY\s*=\s*"[^"]*";/,
+      `const AUTH_KEY = "${authKey}";`
+    );
+    copyText(scriptText, 'Apps Script');
+  });
+
+  elements.downloadScript.addEventListener('click', () => {
+    if (!codeTemplate) {
+      showMessage('Script template not loaded yet.', true);
+      return;
+    }
+    const authKey = elements.authKey.value.trim() || AUTH_KEY_PLACEHOLDER;
+    const scriptText = codeTemplate.replace(
+      /const\s+AUTH_KEY\s*=\s*"[^"]*";/,
+      `const AUTH_KEY = "${authKey}";`
+    );
+    const blob = new Blob([scriptText], { type: 'text/plain' });
+    const url = URL.createObjectURL(blob);
+    const anchor = document.createElement('a');
+    anchor.href = url;
+    anchor.download = 'Code.gs';
+    anchor.click();
+    URL.revokeObjectURL(url);
+    showMessage('Downloaded Code.gs for Apps Script deployment.');
+  });
+
+  elements.openScript.addEventListener('click', () => {
+    window.open('https://script.google.com/home/projects', '_blank');
+  });
+
+  elements.copyConfig.addEventListener('click', () => {
+    copyText(elements.configJson.value, 'config snippet');
+  });
+
+  elements.openReadme.addEventListener('click', () => {
+    window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/assets/apps_script/README.md', '_blank');
+  });
+
+  elements.openGuide.addEventListener('click', () => {
+    window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/README.md', '_blank');
+  });
+
+  elements.deploymentId.addEventListener('input', renderConfig);
+}
+
+function init() {
+  loadTemplate();
+  initListeners();
+  renderConfig();
+}
+
+init();

From 81aaf2d87004bbc6f2e1a38960eb198bd71dab91 Mon Sep 17 00:00:00 2001
From: "a.abdollahian" <itsardalan007@gmail.com>
Date: Mon, 11 May 2026 14:18:34 +0330
Subject: [PATCH 2/9] feat: make extension fetch Code.gs from repo dynamically

- Fetch latest Code.gs from GitHub on load
- Fallback to local copy if fetch fails
- Update manifest for GitHub access
- Improve README with automation details and limitations
---
 chrome-extension/README.md     | 37 ++++++++++++++++++++++++++--------
 chrome-extension/manifest.json |  2 +-
 chrome-extension/popup.js      | 14 +++++++++++--
 3 files changed, 42 insertions(+), 11 deletions(-)

diff --git a/chrome-extension/README.md b/chrome-extension/README.md
index c7aa7ad..daa27fe 100644
--- a/chrome-extension/README.md
+++ b/chrome-extension/README.md
@@ -1,10 +1,11 @@
 # mhrv-rs Apps Script Helper Chrome Extension
 
-This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST` project. It automates the first-time Apps Script setup by generating a strong `AUTH_KEY`, preparing the `Code.gs` source, and producing a local config snippet.
+This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST` project. It automates the first-time Apps Script setup by generating a strong `AUTH_KEY`, fetching the latest `Code.gs` source from the repository, and producing a local config snippet.
 
 ## What it does
 
 - Generates a strong random `AUTH_KEY`
+- Fetches the latest `Code.gs` from the GitHub repository (with local fallback)
 - Creates a ready-to-deploy `Code.gs` file with the same relay protocol used by the repo
 - Opens Google Apps Script in a new tab
 - Builds a JSON config snippet for `config.json`
@@ -22,18 +23,38 @@ This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST`
 
 1. Click the extension icon.
 2. Tap **Generate auth key**.
-3. Tap **Copy Code.gs** or **Download Code.gs**.
-4. In `https://script.google.com`, create a new Apps Script project and paste the generated contents.
-5. Deploy as a Web App with:
+3. The extension will fetch the latest `Code.gs` from GitHub.
+4. Tap **Copy Code.gs** or **Download Code.gs**.
+5. In `https://script.google.com`, create a new Apps Script project and paste the generated contents.
+6. Deploy as a Web App with:
    - **Execute as:** Me
    - **Who has access:** Anyone
-6. Copy the deployment ID and paste it into the Deployment ID field in the extension.
-7. Tap **Copy config snippet** and paste the result into your local `config.json`.
+7. Copy the deployment ID and paste it into the Deployment ID field in the extension.
+8. Tap **Copy config snippet** and paste the result into your local `config.json`.
+
+## Automation Level
+
+The extension automates as much as possible within Chrome extension limitations:
+
+- ✅ Generates secure keys
+- ✅ Fetches latest script code from repo
+- ✅ Prepares deployment-ready code
+- ✅ Generates config snippets
+- ❌ Cannot automatically deploy to Google Apps Script (requires manual paste and deploy due to OAuth/security restrictions)
+
+Full automation of Apps Script deployment would require:
+- Google OAuth integration
+- Apps Script API access
+- Publishing as a verified Chrome extension
+- User consent for Google account access
+
+This is beyond the scope of a simple helper extension.
 
 ## Notes
 
-- The extension does not deploy Apps Script automatically; it only generates the code and configuration.
-- The extension stores no secret values persistently in Chrome storage.
+- The extension fetches `Code.gs` from GitHub on load, ensuring you always get the latest version.
+- If GitHub is blocked, it falls back to the bundled local copy.
+- The extension does not store secret values persistently in Chrome storage.
 - If your network does not allow `script.google.com`, use the project in `direct` mode first and then follow the guide.
 
 ## Recommended workflow
diff --git a/chrome-extension/manifest.json b/chrome-extension/manifest.json
index 8fb4c63..290a6e7 100644
--- a/chrome-extension/manifest.json
+++ b/chrome-extension/manifest.json
@@ -8,5 +8,5 @@
     "default_popup": "popup.html"
   },
   "permissions": ["storage", "clipboardWrite"],
-  "host_permissions": ["https://script.google.com/*"]
+  "host_permissions": ["https://script.google.com/*", "https://raw.githubusercontent.com/*"]
 }
diff --git a/chrome-extension/popup.js b/chrome-extension/popup.js
index ad4346a..dc1305e 100644
--- a/chrome-extension/popup.js
+++ b/chrome-extension/popup.js
@@ -78,12 +78,22 @@ function setAuthKey(key) {
 
 async function loadTemplate() {
   try {
-    const response = await fetch(chrome.runtime.getURL(CODE_FILE));
+    const response = await fetch(CODE_FILE_URL);
+    if (!response.ok) throw new Error('Failed to fetch Code.gs');
     codeTemplate = await response.text();
     renderScript();
+    showMessage('Code.gs loaded from repository.');
   } catch (err) {
-    showMessage('Failed to load Code.gs from the extension package.', true);
+    showMessage('Failed to load Code.gs from repository. Using local fallback.', true);
     console.error(err);
+    // Fallback to local if fetch fails
+    try {
+      const localResponse = await fetch(chrome.runtime.getURL('Code.gs'));
+      codeTemplate = await localResponse.text();
+      renderScript();
+    } catch (localErr) {
+      showMessage('Could not load Code.gs at all.', true);
+    }
   }
 }
 

From d300a91aa06b5666a97a9cb436d5442d24ec8455 Mon Sep 17 00:00:00 2001
From: "a.abdollahian" <itsardalan007@gmail.com>
Date: Mon, 11 May 2026 14:58:05 +0330
Subject: [PATCH 3/9] feat: add mhrv-rs binary download to extension

- Add download button for latest mhrv-rs binary
- Detect platform and fetch from GitHub releases
- Update README with new feature
- Extend manifest permissions for GitHub API
---
 chrome-extension/README.md     | 16 +++++++++-------
 chrome-extension/manifest.json |  2 +-
 chrome-extension/popup.html    | 12 ++++++++----
 chrome-extension/popup.js      | 34 ++++++++++++++++++++++++++++++++++
 4 files changed, 52 insertions(+), 12 deletions(-)

diff --git a/chrome-extension/README.md b/chrome-extension/README.md
index daa27fe..243e91a 100644
--- a/chrome-extension/README.md
+++ b/chrome-extension/README.md
@@ -4,6 +4,7 @@ This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST`
 
 ## What it does
 
+- Downloads the latest `mhrv-rs` binary for your platform
 - Generates a strong random `AUTH_KEY`
 - Fetches the latest `Code.gs` from the GitHub repository (with local fallback)
 - Creates a ready-to-deploy `Code.gs` file with the same relay protocol used by the repo
@@ -22,15 +23,16 @@ This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST`
 ## Usage
 
 1. Click the extension icon.
-2. Tap **Generate auth key**.
-3. The extension will fetch the latest `Code.gs` from GitHub.
-4. Tap **Copy Code.gs** or **Download Code.gs**.
-5. In `https://script.google.com`, create a new Apps Script project and paste the generated contents.
-6. Deploy as a Web App with:
+2. Tap **Download mhrv-rs** to get the latest binary for your platform.
+3. Tap **Generate auth key**.
+4. The extension will fetch the latest `Code.gs` from GitHub.
+5. Tap **Copy Code.gs** or **Download Code.gs**.
+6. In `https://script.google.com`, create a new Apps Script project and paste the generated contents.
+7. Deploy as a Web App with:
    - **Execute as:** Me
    - **Who has access:** Anyone
-7. Copy the deployment ID and paste it into the Deployment ID field in the extension.
-8. Tap **Copy config snippet** and paste the result into your local `config.json`.
+8. Copy the deployment ID and paste it into the Deployment ID field in the extension.
+9. Tap **Copy config snippet** and paste the result into your local `config.json`.
 
 ## Automation Level
 
diff --git a/chrome-extension/manifest.json b/chrome-extension/manifest.json
index 290a6e7..516c052 100644
--- a/chrome-extension/manifest.json
+++ b/chrome-extension/manifest.json
@@ -8,5 +8,5 @@
     "default_popup": "popup.html"
   },
   "permissions": ["storage", "clipboardWrite"],
-  "host_permissions": ["https://script.google.com/*", "https://raw.githubusercontent.com/*"]
+  "host_permissions": ["https://script.google.com/*", "https://raw.githubusercontent.com/*", "https://api.github.com/*"]
 }
diff --git a/chrome-extension/popup.html b/chrome-extension/popup.html
index 1ff4ae7..ee083f8 100644
--- a/chrome-extension/popup.html
+++ b/chrome-extension/popup.html
@@ -8,10 +8,14 @@
 </head>
 <body>
   <div class="container">
-    <header>
-      <h1>mhrv-rs Apps Script Helper</h1>
-      <p>Generate Google Apps Script code and config for mhrv-rs.</p>
-    </header>
+    <section class="step">
+      <h2>Step 0: Download mhrv-rs</h2>
+      <p>Get the latest Rust binary for your platform.</p>
+      <div class="row">
+        <button id="download-rust">Download mhrv-rs</button>
+        <button id="open-releases" class="secondary">View all releases</button>
+      </div>
+    </section>
 
     <section class="step">
       <h2>Step 1: Generate a strong auth key</h2>
diff --git a/chrome-extension/popup.js b/chrome-extension/popup.js
index dc1305e..8062c96 100644
--- a/chrome-extension/popup.js
+++ b/chrome-extension/popup.js
@@ -15,6 +15,8 @@ const elements = {
   copyConfig: document.getElementById('copy-config'),
   openReadme: document.getElementById('open-readme'),
   openGuide: document.getElementById('open-guide'),
+  downloadRust: document.getElementById('download-rust'),
+  openReleases: document.getElementById('open-releases'),
 };
 
 function randomHex(length = 32) {
@@ -107,6 +109,35 @@ function copyText(text, label) {
   );
 }
 
+async function downloadLatestRust() {
+  try {
+    const response = await fetch('https://api.github.com/repos/therealaleph/MasterHttpRelayVPN-RUST/releases/latest');
+    if (!response.ok) throw new Error('Failed to fetch releases');
+    const release = await response.json();
+    const assets = release.assets;
+    // Detect platform
+    const platform = navigator.platform.toLowerCase();
+    let assetName;
+    if (platform.includes('win')) {
+      assetName = assets.find(a => a.name.includes('windows') && a.name.endsWith('.exe'));
+    } else if (platform.includes('mac')) {
+      assetName = assets.find(a => a.name.includes('macos') || a.name.includes('darwin'));
+    } else {
+      assetName = assets.find(a => a.name.includes('linux'));
+    }
+    if (!assetName) {
+      showMessage('No suitable binary found for your platform.', true);
+      return;
+    }
+    window.open(assetName.browser_download_url, '_blank');
+    showMessage('Opening download page for latest mhrv-rs binary.');
+  } catch (err) {
+    console.error(err);
+    showMessage('Failed to fetch latest release. Opening releases page.', true);
+    window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/releases', '_blank');
+  }
+}
+
 function initListeners() {
   elements.generateKey.addEventListener('click', () => {
     setAuthKey(randomHex(32));
@@ -171,6 +202,9 @@ function initListeners() {
     window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/README.md', '_blank');
   });
 
+  elements.downloadRust.addEventListener('click', () => downloadLatestRust());
+  elements.openReleases.addEventListener('click', () => window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/releases', '_blank'));
+
   elements.deploymentId.addEventListener('input', renderConfig);
 }
 

From d47667fb0a8868abb92c8fafe8c9a49a0b9ed381 Mon Sep 17 00:00:00 2001
From: "a.abdollahian" <itsardalan007@gmail.com>
Date: Tue, 12 May 2026 09:47:15 +0330
Subject: [PATCH 4/9] feat: major extension update v0.2.0

- Add multilingual support (English/Persian) with RTL layout
- Modern UI with icons, animations, and improved styling
- Loading indicators for better UX feedback
- Updated Code.gs to latest version from repo
- Better architecture with i18n message system
- Enhanced README with new features documentation
- Improved error handling and user feedback
---
 chrome-extension/Code.gs       |  44 ++++--
 chrome-extension/README.md     |  19 ++-
 chrome-extension/manifest.json |   3 +-
 chrome-extension/messages.json |  78 +++++++++++
 chrome-extension/popup.css     | 244 +++++++++++++++++++++++++++------
 chrome-extension/popup.html    |  62 +++++----
 chrome-extension/popup.js      | 103 +++++++++++---
 7 files changed, 448 insertions(+), 105 deletions(-)
 create mode 100644 chrome-extension/messages.json

diff --git a/chrome-extension/Code.gs b/chrome-extension/Code.gs
index c90f829..1392225 100644
--- a/chrome-extension/Code.gs
+++ b/chrome-extension/Code.gs
@@ -46,7 +46,7 @@ const AUTH_KEY = "CHANGE_ME_TO_A_STRONG_SECRET";
 // (Inspired by #365 Section 3, mhrv-rs v1.8.0+.)
 const DIAGNOSTIC_MODE = false;
 
-// ── Optional Spreadsheet Cache ────────────────────────────────
+// ── Optional Spreadsheet Cache ──────────────────────────────
 // Set to a valid Spreadsheet ID to enable response caching.
 // Leave as-is to disable caching entirely (zero overhead).
 const CACHE_SPREADSHEET_ID = "CHANGE_ME_TO_CACHE_SPREADSHEET_ID";
@@ -91,12 +91,10 @@ const VARY_KEY_HEADERS = ["accept-encoding", "accept-language"];
 // `masterking32/MasterHttpRelayVPN@3094288`.
 const SKIP_HEADERS = {
   host: 1, connection: 1, "content-length": 1,
-  "transfer-encoding": 1, "proxy-connection": 1,
-  "proxy-authorization": 1,
+  "transfer-encoding": 1, "proxy-connection": 1, "proxy-authorization": 1,
   "priority": 1, te: 1,
-  "x-forwarded-for": 1, "x-forwarded-host": 1,
-  "x-forwarded-proto": 1, "x-forwarded-port": 1,
-  "x-real-ip": 1, "forwarded": 1, "via": 1,
+  "x-forwarded-for": 1, "x-forwarded-host": 1, "x-forwarded-proto": 1,
+  "x-forwarded-port": 1, "x-real-ip": 1, "forwarded": 1, "via": 1,
 };
 
 // Methods we consider safe to replay if `UrlFetchApp.fetchAll()` raises.
@@ -119,7 +117,7 @@ const DECOY_HTML =
   '<body><p>The script completed but did not return anything.</p>' +
   '</body></html>';
 
-// ── Request Handlers ─────────────────────────────────────────
+// ── Request Handlers ────────────────────────────────────────
 
 function _decoyOrError(jsonBody) {
   if (DIAGNOSTIC_MODE) return _json(jsonBody);
@@ -191,13 +189,27 @@ function _doSingle(req) {
   }
 
   // ── Normal relay (cache disabled or unavailable) ────────
-  var opts = _buildOpts(req);
-  var resp = UrlFetchApp.fetch(req.u, opts);
-  return _json({
-    s: resp.getResponseCode(),
-    h: _respHeaders(resp),
-    b: Utilities.base64Encode(resp.getContent()),
-  });
+  // Wrap the fetch + body encode in try/catch so any failure surfaces as
+  // a JSON error envelope the Rust client can parse. Without this, throws
+  // from UrlFetchApp.fetch (URL too long, payload too large, quota
+  // exhausted, 6-minute execution timeout) or from base64Encode (response
+  // body near Apps Script's ~50 MB ceiling can blow the V8 heap during
+  // encode) propagate unhandled, and Apps Script serves its default
+  // `<title>Web App</title>` HTML error page — which the client then
+  // reports as "Relay failed: bad response: no json in: <title>Web App>..."
+  // and the user has no signal as to the actual cause. Mirrors the
+  // per-item try/catch in _doBatch below.
+  try {
+    var opts = _buildOpts(req);
+    var resp = UrlFetchApp.fetch(req.u, opts);
+    return _json({
+      s: resp.getResponseCode(),
+      h: _respHeaders(resp),
+      b: Utilities.base64Encode(resp.getContent()),
+    });
+  } catch (err) {
+    return _json({ e: "fetch failed: " + String(err) });
+  }
 }
 
 // ── Batch Request ──────────────────────────────────────────
@@ -332,7 +344,7 @@ function _json(obj) {
 
 // ═══════════════════════════════════════════════════════════
 //  SPREADSHEET CACHE — SHEET MANAGEMENT
-// ═══════════════════════════════════════════════════════════════════
+// ═══════════════════════════════════════════════════════════
 
 function _initCacheSheet() {
   if (CACHE_SPREADSHEET_ID === "CHANGE_ME_TO_CACHE_SPREADSHEET_ID") {
@@ -430,8 +442,10 @@ function _getHeaderCaseInsensitive(headers, targetKey) {
  * headers that are known to cause response variation. This handles
  * Vary: Accept-Encoding and Vary: Accept-Language without ever
  * inspecting the response.
+ *
  * Values are lowercased and whitespace-stripped so semantically
  * identical requests from different clients produce the same hash.
+ * Missing and empty headers both map to "<none>" (same semantic).
  */
 function _getCacheKey(url, reqHeaders) {
   var parts = [url];
diff --git a/chrome-extension/README.md b/chrome-extension/README.md
index 243e91a..7a8d897 100644
--- a/chrome-extension/README.md
+++ b/chrome-extension/README.md
@@ -2,6 +2,14 @@
 
 This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST` project. It automates the first-time Apps Script setup by generating a strong `AUTH_KEY`, fetching the latest `Code.gs` source from the repository, and producing a local config snippet.
 
+## ✨ New Features (v0.2.0)
+- 🌐 **Multilingual Support**: English and Persian (فارسی) interface
+- 🎨 **Modern UI**: Improved design with icons, animations, and better UX
+- 📱 **RTL Support**: Proper right-to-left layout for Persian
+- 🔄 **Loading Indicators**: Visual feedback during script fetching
+- 📦 **Auto-Updates**: Always fetches latest Code.gs from repository
+- 🏗️ **Better Architecture**: Modular code with i18n support
+
 ## What it does
 
 - Downloads the latest `mhrv-rs` binary for your platform
@@ -23,11 +31,12 @@ This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST`
 ## Usage
 
 1. Click the extension icon.
-2. Tap **Download mhrv-rs** to get the latest binary for your platform.
-3. Tap **Generate auth key**.
-4. The extension will fetch the latest `Code.gs` from GitHub.
-5. Tap **Copy Code.gs** or **Download Code.gs**.
-6. In `https://script.google.com`, create a new Apps Script project and paste the generated contents.
+2. Select your preferred language (English/Persian) from the dropdown.
+3. Tap **Download mhrv-rs** to get the latest binary for your platform.
+4. Tap **Generate auth key**.
+5. The extension will fetch the latest `Code.gs` from GitHub (shows loading indicator).
+6. Tap **Copy Code.gs** or **Download Code.gs**.
+7. In `https://script.google.com`, create a new Apps Script project and paste the generated contents.
 7. Deploy as a Web App with:
    - **Execute as:** Me
    - **Who has access:** Anyone
diff --git a/chrome-extension/manifest.json b/chrome-extension/manifest.json
index 516c052..fc7cc8d 100644
--- a/chrome-extension/manifest.json
+++ b/chrome-extension/manifest.json
@@ -2,7 +2,8 @@
   "manifest_version": 3,
   "name": "mhrv-rs Apps Script Helper",
   "description": "Generate Google Apps Script deployment code and configuration for mhrv-rs.",
-  "version": "0.1.0",
+  "version": "0.2.0",
+  "default_locale": "en",
   "action": {
     "default_title": "mhrv-rs Apps Script Helper",
     "default_popup": "popup.html"
diff --git a/chrome-extension/messages.json b/chrome-extension/messages.json
new file mode 100644
index 0000000..39f61fc
--- /dev/null
+++ b/chrome-extension/messages.json
@@ -0,0 +1,78 @@
+{
+  "en": {
+    "appName": "mhrv-rs Apps Script Helper",
+    "appDesc": "Generate Google Apps Script deployment code and configuration for mhrv-rs.",
+    "step0Title": "Step 0: Download mhrv-rs",
+    "step0Desc": "Get the latest Rust binary for your platform.",
+    "downloadRust": "Download mhrv-rs",
+    "viewReleases": "View all releases",
+    "step1Title": "Step 1: Generate a strong auth key",
+    "step1Desc": "This secret is used by the Apps Script and your local config.",
+    "generateKey": "Generate auth key",
+    "copyKey": "Copy key",
+    "step2Title": "Step 2: Build your Apps Script",
+    "step2Desc": "Open Apps Script, paste the generated code, and deploy as a Web app.",
+    "copyScript": "Copy Code.gs",
+    "downloadScript": "Download Code.gs",
+    "openScript": "Open Apps Script",
+    "scriptNotice": "The script is loaded from the extension package and includes the same relay protocol used by mhrv-rs.",
+    "step3Title": "Step 3: Create config",
+    "step3Desc": "Paste your Deployment ID and the auth key into your local config.",
+    "deploymentIdLabel": "Deployment ID",
+    "deploymentIdPlaceholder": "YOUR_APPS_SCRIPT_DEPLOYMENT_ID",
+    "copyConfig": "Copy config snippet",
+    "linksTitle": "Quick links",
+    "viewDocs": "View app docs",
+    "setupGuide": "Open setup guide",
+    "proxyNote": "Use a local browser proxy such as Proxy SwitchyOmega for Chrome/Edge.",
+    "keyGenerated": "Auth key generated. Paste it into Apps Script and config.",
+    "copied": "Copied {item}.",
+    "scriptDownloaded": "Downloaded Code.gs for Apps Script deployment.",
+    "codeLoaded": "Code.gs loaded from repository.",
+    "codeLoadedFallback": "Failed to load Code.gs from repository. Using local fallback.",
+    "downloadError": "Failed to fetch latest release. Opening releases page.",
+    "downloadSuccess": "Opening download page for latest mhrv-rs binary.",
+    "scriptNotLoaded": "Script template not loaded yet.",
+    "generateKeyFirst": "Generate an auth key first.",
+    "copyError": "Could not copy {item}.",
+    "fetchError": "Failed to load Code.gs at all."
+  },
+  "fa": {
+    "appName": "کمک‌کننده اسکریپت اپس mhrv-rs",
+    "appDesc": "تولید کد استقرار Google Apps Script و پیکربندی برای mhrv-rs.",
+    "step0Title": "مرحله ۰: دانلود mhrv-rs",
+    "step0Desc": "دریافت آخرین باینری Rust برای پلتفرم شما.",
+    "downloadRust": "دانلود mhrv-rs",
+    "viewReleases": "مشاهده همه انتشارها",
+    "step1Title": "مرحله ۱: تولید کلید احراز هویت قوی",
+    "step1Desc": "این راز توسط Apps Script و پیکربندی محلی شما استفاده می‌شود.",
+    "generateKey": "تولید کلید احراز هویت",
+    "copyKey": "کپی کلید",
+    "step2Title": "مرحله ۲: ساخت Apps Script شما",
+    "step2Desc": "Apps Script را باز کنید، کد تولید شده را جای‌گذاری کنید و به عنوان Web app مستقر کنید.",
+    "copyScript": "کپی Code.gs",
+    "downloadScript": "دانلود Code.gs",
+    "openScript": "باز کردن Apps Script",
+    "scriptNotice": "اسکریپت از بسته افزونه بارگذاری می‌شود و شامل همان پروتکل رله استفاده شده توسط mhrv-rs است.",
+    "step3Title": "مرحله ۳: ایجاد پیکربندی",
+    "step3Desc": "شناسه استقرار و کلید احراز هویت را در پیکربندی محلی خود جای‌گذاری کنید.",
+    "deploymentIdLabel": "شناسه استقرار",
+    "deploymentIdPlaceholder": "شناسه_استقرار_اپس_اسکریپت_شما",
+    "copyConfig": "کپی قطعه پیکربندی",
+    "linksTitle": "پیوندهای سریع",
+    "viewDocs": "مشاهده مستندات برنامه",
+    "setupGuide": "باز کردن راهنمای راه‌اندازی",
+    "proxyNote": "از یک پروکسی مرورگر محلی مانند Proxy SwitchyOmega برای Chrome/Edge استفاده کنید.",
+    "keyGenerated": "کلید احراز هویت تولید شد. آن را در Apps Script و پیکربندی جای‌گذاری کنید.",
+    "copied": "{item} کپی شد.",
+    "scriptDownloaded": "Code.gs برای استقرار Apps Script دانلود شد.",
+    "codeLoaded": "Code.gs از مخزن بارگذاری شد.",
+    "codeLoadedFallback": "بارگذاری Code.gs از مخزن ناموفق بود. از نسخه محلی استفاده می‌شود.",
+    "downloadError": "دریافت آخرین انتشار ناموفق بود. صفحه انتشارها باز می‌شود.",
+    "downloadSuccess": "صفحه دانلود برای آخرین باینری mhrv-rs باز می‌شود.",
+    "scriptNotLoaded": "الگوی اسکریپت هنوز بارگذاری نشده است.",
+    "generateKeyFirst": "ابتدا یک کلید احراز هویت تولید کنید.",
+    "copyError": "کپی {item} امکان‌پذیر نبود.",
+    "fetchError": "بارگذاری Code.gs به طور کامل ناموفق بود."
+  }
+}
\ No newline at end of file
diff --git a/chrome-extension/popup.css b/chrome-extension/popup.css
index ac4d502..229af46 100644
--- a/chrome-extension/popup.css
+++ b/chrome-extension/popup.css
@@ -4,117 +4,277 @@
   font-size: 13px;
   color: #111;
   background: #f7fafc;
+  --primary: #2563eb;
+  --primary-hover: #1d4ed8;
+  --secondary: #64748b;
+  --secondary-hover: #475569;
+  --success: #059669;
+  --warning: #d97706;
+  --error: #dc2626;
+  --border: #e2e8f0;
+  --bg: #ffffff;
+  --bg-secondary: #f8fafc;
 }
 
 body {
   margin: 0;
-  min-width: 360px;
+  min-width: 380px;
+  max-width: 420px;
+}
+
+body[dir="rtl"] {
+  direction: rtl;
 }
 
 .container {
-  padding: 16px;
+  padding: 20px;
+}
+
+header {
+  margin-bottom: 24px;
+  text-align: center;
+}
+
+.header-row {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  margin-bottom: 8px;
 }
 
 header h1 {
-  margin: 0 0 4px;
-  font-size: 1rem;
+  margin: 0;
+  font-size: 1.1rem;
+  font-weight: 700;
+  color: var(--primary);
 }
 
 header p {
-  margin: 0 0 16px;
-  color: #475569;
-  font-size: 0.95rem;
+  margin: 0;
+  color: #64748b;
+  font-size: 0.9rem;
+}
+
+#language-select {
+  background: var(--bg);
+  border: 1px solid var(--border);
+  border-radius: 8px;
+  padding: 6px 10px;
+  font-size: 0.85rem;
+  color: var(--secondary);
+  cursor: pointer;
+  transition: border-color 0.2s ease;
+}
+
+#language-select:focus {
+  outline: none;
+  border-color: var(--primary);
 }
 
 .step {
-  margin-bottom: 18px;
-  background: #fff;
-  border: 1px solid #e2e8f0;
-  border-radius: 14px;
-  padding: 14px;
+  margin-bottom: 20px;
+  background: var(--bg);
+  border: 1px solid var(--border);
+  border-radius: 16px;
+  padding: 18px;
+  position: relative;
+  transition: box-shadow 0.2s ease;
+}
+
+.step:hover {
+  box-shadow: 0 4px 12px rgba(0, 0, 0, 0.1);
 }
 
 .step h2 {
-  margin: 0 0 8px;
-  font-size: 0.95rem;
+  margin: 0 0 10px;
+  font-size: 1rem;
+  font-weight: 600;
+  display: flex;
+  align-items: center;
+  gap: 8px;
+}
+
+.step h2::before {
+  content: '';
+  width: 6px;
+  height: 6px;
+  background: var(--primary);
+  border-radius: 50%;
+  flex-shrink: 0;
+}
+
+.step.note h2::before {
+  background: var(--secondary);
 }
 
 .step p {
-  margin: 0 0 12px;
+  margin: 0 0 14px;
   line-height: 1.5;
+  color: #64748b;
 }
 
 .row {
   display: flex;
   flex-wrap: wrap;
-  gap: 8px;
-  margin-bottom: 12px;
+  gap: 10px;
+  margin-bottom: 14px;
 }
 
 .row.small {
-  gap: 4px;
+  gap: 6px;
 }
 
 button {
   border: none;
-  border-radius: 10px;
-  padding: 10px 14px;
-  font-size: 0.92rem;
+  border-radius: 12px;
+  padding: 12px 16px;
+  font-size: 0.9rem;
+  font-weight: 500;
   cursor: pointer;
-  background: #0f172a;
+  background: var(--primary);
   color: #fff;
-  transition: transform 0.1s ease, background 0.2s ease;
+  transition: all 0.2s ease;
+  display: flex;
+  align-items: center;
+  gap: 6px;
+  justify-content: center;
+}
+
+button::before {
+  content: '';
+  width: 16px;
+  height: 16px;
+  background-size: contain;
+  background-repeat: no-repeat;
+  background-position: center;
+  flex-shrink: 0;
+}
+
+button#generate-key::before {
+  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' fill='none' viewBox='0 0 24 24' stroke='currentColor'%3E%3Cpath stroke-linecap='round' stroke-linejoin='round' stroke-width='2' d='M15 7a2 2 0 012 2m4 0a6 6 0 01-7.743 5.743L11 17H9v2H7v2H4a1 1 0 01-1-1v-2.586a1 1 0 01.293-.707l5.964-5.964A6 6 0 1121 9z'/%3E%3C/svg%3E");
+}
+
+button#copy-key::before,
+button#copy-script::before,
+button#copy-config::before {
+  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' fill='none' viewBox='0 0 24 24' stroke='currentColor'%3E%3Cpath stroke-linecap='round' stroke-linejoin='round' stroke-width='2' d='M8 16H6a2 2 0 01-2-2V6a2 2 0 012-2h8a2 2 0 012 2v2m-6 12h8a2 2 0 002-2v-8a2 2 0 00-2-2h-8a2 2 0 00-2 2v8a2 2 0 002 2z'/%3E%3C/svg%3E");
+}
+
+button#download-script::before,
+button#download-rust::before {
+  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' fill='none' viewBox='0 0 24 24' stroke='currentColor'%3E%3Cpath stroke-linecap='round' stroke-linejoin='round' stroke-width='2' d='M12 10v6m0 0l-3-3m3 3l3-3m2 8H7a2 2 0 01-2-2V5a2 2 0 012-2h5.586a1 1 0 01.707.293l5.414 5.414a1 1 0 01.293.707V19a2 2 0 01-2 2z'/%3E%3C/svg%3E");
+}
+
+button#open-script::before,
+button#open-readme::before,
+button#open-guide::before,
+button#open-releases::before {
+  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' fill='none' viewBox='0 0 24 24' stroke='currentColor'%3E%3Cpath stroke-linecap='round' stroke-linejoin='round' stroke-width='2' d='M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14'/%3E%3C/svg%3E");
 }
 
 button.secondary {
-  background: #e2e8f0;
-  color: #111827;
+  background: var(--bg-secondary);
+  color: var(--secondary);
+  border: 1px solid var(--border);
+}
+
+button.secondary::before {
+  filter: invert(0.5);
 }
 
 button:hover {
+  background: var(--primary-hover);
   transform: translateY(-1px);
 }
 
+button.secondary:hover {
+  background: var(--secondary-hover);
+  color: white;
+}
+
+button:active {
+  transform: translateY(0);
+}
+
 label {
   display: block;
-  margin-bottom: 10px;
-  color: #334155;
+  margin-bottom: 12px;
+  color: #374151;
+  font-weight: 500;
 }
 
 input,
 textarea {
   width: 100%;
-  border: 1px solid #cbd5e1;
-  border-radius: 10px;
-  padding: 10px 12px;
+  border: 1px solid var(--border);
+  border-radius: 12px;
+  padding: 12px 14px;
   font-family: inherit;
   font-size: 0.95rem;
-  background: #f8fafc;
+  background: var(--bg-secondary);
   color: #0f172a;
   resize: vertical;
+  transition: border-color 0.2s ease;
+}
+
+input:focus,
+textarea:focus {
+  outline: none;
+  border-color: var(--primary);
+  box-shadow: 0 0 0 3px rgba(37, 99, 235, 0.1);
 }
 
 textarea {
-  min-height: 88px;
-  max-height: 220px;
+  min-height: 100px;
+  max-height: 240px;
   overflow: auto;
 }
 
 .notice {
-  background: #f8fafc;
-  border-left: 4px solid #60a5fa;
-  padding: 10px 12px;
-  color: #334155;
-  font-size: 0.92rem;
-  border-radius: 0 0 10px 10px;
+  background: linear-gradient(135deg, #f0f9ff 0%, #e0f2fe 100%);
+  border-left: 4px solid var(--primary);
+  padding: 12px 16px;
+  color: #0c4a6e;
+  font-size: 0.9rem;
+  border-radius: 0 12px 12px 12px;
+  margin-top: 12px;
 }
 
 footer {
-  margin-top: 0;
-  padding-top: 4px;
+  margin-top: 16px;
+  padding-top: 8px;
+  text-align: center;
 }
 
 #message {
-  color: #0f172a;
+  color: var(--success);
   font-size: 0.9rem;
+  font-weight: 500;
+  padding: 8px 12px;
+  border-radius: 8px;
+  background: rgba(5, 150, 105, 0.1);
+  display: inline-block;
+}
+
+#message.error {
+  color: var(--error);
+  background: rgba(220, 38, 38, 0.1);
+}
+
+.progress {
+  position: absolute;
+  top: 18px;
+  right: 18px;
+  width: 20px;
+  height: 20px;
+  border: 2px solid var(--border);
+  border-top: 2px solid var(--primary);
+  border-radius: 50%;
+  animation: spin 1s linear infinite;
+  display: none;
+}
+
+@keyframes spin {
+  0% { transform: rotate(0deg); }
+  100% { transform: rotate(360deg); }
 }
diff --git a/chrome-extension/popup.html b/chrome-extension/popup.html
index ee083f8..c6782b5 100644
--- a/chrome-extension/popup.html
+++ b/chrome-extension/popup.html
@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html lang="en">
+<html lang="en" dir="ltr">
 <head>
   <meta charset="UTF-8" />
   <meta name="viewport" content="width=device-width, initial-scale=1.0" />
@@ -8,56 +8,66 @@
 </head>
 <body>
   <div class="container">
+    <header>
+      <div class="header-row">
+        <h1>mhrv-rs Apps Script Helper</h1>
+        <select id="language-select">
+          <option value="en">English</option>
+          <option value="fa">فارسی</option>
+        </select>
+      </div>
+      <p>Generate Google Apps Script deployment code and configuration for mhrv-rs.</p>
+    </header>
+
     <section class="step">
-      <h2>Step 0: Download mhrv-rs</h2>
-      <p>Get the latest Rust binary for your platform.</p>
+      <h2 data-i18n="step0Title">Step 0: Download mhrv-rs</h2>
+      <p data-i18n="step0Desc">Get the latest Rust binary for your platform.</p>
       <div class="row">
-        <button id="download-rust">Download mhrv-rs</button>
-        <button id="open-releases" class="secondary">View all releases</button>
+        <button id="download-rust" data-i18n="downloadRust">Download mhrv-rs</button>
+        <button id="open-releases" class="secondary" data-i18n="viewReleases">View all releases</button>
       </div>
     </section>
 
     <section class="step">
-      <h2>Step 1: Generate a strong auth key</h2>
-      <p>This secret is used by the Apps Script and your local config.</p>
+      <h2 data-i18n="step1Title">Step 1: Generate a strong auth key</h2>
+      <p data-i18n="step1Desc">This secret is used by the Apps Script and your local config.</p>
       <div class="row">
-        <button id="generate-key">Generate auth key</button>
-        <button id="copy-key" class="secondary">Copy key</button>
+        <button id="generate-key" data-i18n="generateKey">Generate auth key</button>
+        <button id="copy-key" class="secondary" data-i18n="copyKey">Copy key</button>
       </div>
       <textarea id="auth-key" readonly aria-label="Generated auth key"></textarea>
     </section>
 
     <section class="step">
-      <h2>Step 2: Build your Apps Script</h2>
-      <p>Open Apps Script, paste the generated code, and deploy as a Web app.</p>
+      <h2 data-i18n="step2Title">Step 2: Build your Apps Script</h2>
+      <p data-i18n="step2Desc">Open Apps Script, paste the generated code, and deploy as a Web app.</p>
       <div class="row">
-        <button id="copy-script">Copy Code.gs</button>
-        <button id="download-script" class="secondary">Download Code.gs</button>
-        <button id="open-script" class="secondary">Open Apps Script</button>
+        <button id="copy-script" data-i18n="copyScript">Copy Code.gs</button>
+        <button id="download-script" class="secondary" data-i18n="downloadScript">Download Code.gs</button>
+        <button id="open-script" class="secondary" data-i18n="openScript">Open Apps Script</button>
       </div>
-      <div class="notice">The script is loaded from the extension package and includes the same relay protocol used by mhrv-rs.</div>
+      <div class="progress" id="script-progress"></div>
+      <div class="notice" data-i18n="scriptNotice">The script is loaded from the extension package and includes the same relay protocol used by mhrv-rs.</div>
     </section>
 
     <section class="step">
-      <h2>Step 3: Create config</h2>
-      <p>Paste your Deployment ID and the auth key into your local config.</p>
-      <label>
-        Deployment ID
-        <input id="deployment-id" type="text" placeholder="YOUR_APPS_SCRIPT_DEPLOYMENT_ID" />
-      </label>
+      <h2 data-i18n="step3Title">Step 3: Create config</h2>
+      <p data-i18n="step3Desc">Paste your Deployment ID and the auth key into your local config.</p>
+      <label data-i18n="deploymentIdLabel">Deployment ID</label>
+      <input id="deployment-id" type="text" data-i18n-placeholder="deploymentIdPlaceholder" placeholder="YOUR_APPS_SCRIPT_DEPLOYMENT_ID" />
       <div class="row">
-        <button id="copy-config">Copy config snippet</button>
+        <button id="copy-config" data-i18n="copyConfig">Copy config snippet</button>
       </div>
       <textarea id="config-json" readonly aria-label="Generated config snippet"></textarea>
     </section>
 
     <section class="step note">
-      <h2>Quick links</h2>
+      <h2 data-i18n="linksTitle">Quick links</h2>
       <div class="row small">
-        <button id="open-readme">View app docs</button>
-        <button id="open-guide" class="secondary">Open setup guide</button>
+        <button id="open-readme" data-i18n="viewDocs">View app docs</button>
+        <button id="open-guide" class="secondary" data-i18n="setupGuide">Open setup guide</button>
       </div>
-      <p>Use a local browser proxy such as Proxy SwitchyOmega for Chrome/Edge.</p>
+      <p data-i18n="proxyNote">Use a local browser proxy such as Proxy SwitchyOmega for Chrome/Edge.</p>
     </section>
 
     <footer>
diff --git a/chrome-extension/popup.js b/chrome-extension/popup.js
index 8062c96..b71322d 100644
--- a/chrome-extension/popup.js
+++ b/chrome-extension/popup.js
@@ -1,8 +1,10 @@
 const AUTH_KEY_PLACEHOLDER = 'CHANGE_ME_TO_A_STRONG_SECRET';
 const CODE_FILE = 'Code.gs';
 let codeTemplate = '';
+let messages = {};
 
 const elements = {
+  languageSelect: document.getElementById('language-select'),
   authKey: document.getElementById('auth-key'),
   deploymentId: document.getElementById('deployment-id'),
   configJson: document.getElementById('config-json'),
@@ -17,8 +19,70 @@ const elements = {
   openGuide: document.getElementById('open-guide'),
   downloadRust: document.getElementById('download-rust'),
   openReleases: document.getElementById('open-releases'),
+  scriptProgress: document.getElementById('script-progress'),
 };
 
+async function loadMessages() {
+  try {
+    const response = await fetch(chrome.runtime.getURL('messages.json'));
+    messages = await response.json();
+  } catch (err) {
+    console.error('Failed to load messages:', err);
+    // Fallback messages
+    messages = {
+      en: {
+        keyGenerated: "Auth key generated. Paste it into Apps Script and config.",
+        copied: "Copied {item}.",
+        scriptDownloaded: "Downloaded Code.gs for Apps Script deployment.",
+        codeLoaded: "Code.gs loaded from repository.",
+        codeLoadedFallback: "Failed to load Code.gs from repository. Using local fallback.",
+        downloadError: "Failed to fetch latest release. Opening releases page.",
+        downloadSuccess: "Opening download page for latest mhrv-rs binary.",
+        scriptNotLoaded: "Script template not loaded yet.",
+        generateKeyFirst: "Generate an auth key first.",
+        copyError: "Could not copy {item}.",
+        fetchError: "Failed to load Code.gs at all."
+      }
+    };
+  }
+}
+
+function getMessage(key, params = {}) {
+  const lang = elements.languageSelect.value;
+  let message = messages[lang]?.[key] || messages.en?.[key] || key;
+  
+  // Replace placeholders
+  Object.keys(params).forEach(param => {
+    message = message.replace(`{${param}}`, params[param]);
+  });
+  
+  return message;
+}
+
+function updateUILanguage() {
+  const lang = elements.languageSelect.value;
+  document.documentElement.lang = lang;
+  document.documentElement.dir = lang === 'fa' ? 'rtl' : 'ltr';
+  
+  // Update all elements with data-i18n attributes
+  document.querySelectorAll('[data-i18n]').forEach(el => {
+    const key = el.getAttribute('data-i18n');
+    el.textContent = getMessage(key);
+  });
+  
+  // Update placeholders
+  document.querySelectorAll('[data-i18n-placeholder]').forEach(el => {
+    const key = el.getAttribute('data-i18n-placeholder');
+    el.placeholder = getMessage(key);
+  });
+  
+  // Update title
+  document.title = getMessage('appName');
+  
+  // Re-render config to update any language-specific text
+  renderConfig();
+}
+
 function randomHex(length = 32) {
   const array = new Uint8Array(length);
   crypto.getRandomValues(array);
@@ -29,7 +93,7 @@ function randomHex(length = 32) {
 
 function showMessage(text, isError = false) {
   elements.message.textContent = text;
-  elements.message.style.color = isError ? '#b91c1c' : '#0f172a';
+  elements.message.className = isError ? 'error' : '';
 }
 
 function renderConfig() {
@@ -79,14 +143,15 @@ function setAuthKey(key) {
 }
 
 async function loadTemplate() {
+  elements.scriptProgress.style.display = 'block';
   try {
     const response = await fetch(CODE_FILE_URL);
     if (!response.ok) throw new Error('Failed to fetch Code.gs');
     codeTemplate = await response.text();
     renderScript();
-    showMessage('Code.gs loaded from repository.');
+    showMessage(getMessage('codeLoaded'));
   } catch (err) {
-    showMessage('Failed to load Code.gs from repository. Using local fallback.', true);
+    showMessage(getMessage('codeLoadedFallback'), true);
     console.error(err);
     // Fallback to local if fetch fails
     try {
@@ -94,17 +159,19 @@ async function loadTemplate() {
       codeTemplate = await localResponse.text();
       renderScript();
     } catch (localErr) {
-      showMessage('Could not load Code.gs at all.', true);
+      showMessage(getMessage('fetchError'), true);
     }
+  } finally {
+    elements.scriptProgress.style.display = 'none';
   }
 }
 
 function copyText(text, label) {
   return navigator.clipboard.writeText(text).then(
-    () => showMessage(`Copied ${label}.`),
+    () => showMessage(getMessage('copied', { item: label })),
     (err) => {
       console.error(err);
-      showMessage(`Could not copy ${label}.`, true);
+      showMessage(getMessage('copyError', { item: label }), true);
     }
   );
 }
@@ -130,24 +197,26 @@ async function downloadLatestRust() {
       return;
     }
     window.open(assetName.browser_download_url, '_blank');
-    showMessage('Opening download page for latest mhrv-rs binary.');
+    showMessage(getMessage('downloadSuccess'));
   } catch (err) {
     console.error(err);
-    showMessage('Failed to fetch latest release. Opening releases page.', true);
+    showMessage(getMessage('downloadError'), true);
     window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/releases', '_blank');
   }
 }
 
 function initListeners() {
+  elements.languageSelect.addEventListener('change', updateUILanguage);
+  
   elements.generateKey.addEventListener('click', () => {
     setAuthKey(randomHex(32));
-    showMessage('Auth key generated. Paste it into Apps Script and config.');
+    showMessage(getMessage('keyGenerated'));
   });
 
   elements.copyKey.addEventListener('click', () => {
     const key = elements.authKey.value.trim();
     if (!key) {
-      showMessage('Generate an auth key first.', true);
+      showMessage(getMessage('generateKeyFirst'), true);
       return;
     }
     copyText(key, 'auth key');
@@ -155,7 +224,7 @@ function initListeners() {
 
   elements.copyScript.addEventListener('click', () => {
     if (!codeTemplate) {
-      showMessage('Script template not loaded yet.', true);
+      showMessage(getMessage('scriptNotLoaded'), true);
       return;
     }
     const authKey = elements.authKey.value.trim() || AUTH_KEY_PLACEHOLDER;
@@ -168,7 +237,7 @@ function initListeners() {
 
   elements.downloadScript.addEventListener('click', () => {
     if (!codeTemplate) {
-      showMessage('Script template not loaded yet.', true);
+      showMessage(getMessage('scriptNotLoaded'), true);
       return;
     }
     const authKey = elements.authKey.value.trim() || AUTH_KEY_PLACEHOLDER;
@@ -183,7 +252,7 @@ function initListeners() {
     anchor.download = 'Code.gs';
     anchor.click();
     URL.revokeObjectURL(url);
-    showMessage('Downloaded Code.gs for Apps Script deployment.');
+    showMessage(getMessage('scriptDownloaded'));
   });
 
   elements.openScript.addEventListener('click', () => {
@@ -195,11 +264,11 @@ function initListeners() {
   });
 
   elements.openReadme.addEventListener('click', () => {
-    window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/assets/apps_script/README.md', '_blank');
+    window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/README.md', '_blank');
   });
 
   elements.openGuide.addEventListener('click', () => {
-    window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/README.md', '_blank');
+    window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/docs/guide.md', '_blank');
   });
 
   elements.downloadRust.addEventListener('click', () => downloadLatestRust());
@@ -208,10 +277,12 @@ function initListeners() {
   elements.deploymentId.addEventListener('input', renderConfig);
 }
 
-function init() {
+async function init() {
+  await loadMessages();
   loadTemplate();
   initListeners();
   renderConfig();
+  updateUILanguage();
 }
 
 init();

From e23b7f99978c5bea0ce9ab3a36e62bec29ce6132 Mon Sep 17 00:00:00 2001
From: "a.abdollahian" <itsardalan007@gmail.com>
Date: Tue, 12 May 2026 09:50:05 +0330
Subject: [PATCH 5/9] feat: add testing infrastructure and docs

- Add test.html for UI testing without extension restrictions
- Update README with comprehensive testing instructions
- Add validation commands for JSON/JS syntax checking
- Document manual and automated testing procedures
---
 chrome-extension/README.md | 66 ++++++++++++-------------
 chrome-extension/test.html | 99 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 131 insertions(+), 34 deletions(-)
 create mode 100644 chrome-extension/test.html

diff --git a/chrome-extension/README.md b/chrome-extension/README.md
index 7a8d897..e57c404 100644
--- a/chrome-extension/README.md
+++ b/chrome-extension/README.md
@@ -43,37 +43,35 @@ This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST`
 8. Copy the deployment ID and paste it into the Deployment ID field in the extension.
 9. Tap **Copy config snippet** and paste the result into your local `config.json`.
 
-## Automation Level
-
-The extension automates as much as possible within Chrome extension limitations:
-
-- ✅ Generates secure keys
-- ✅ Fetches latest script code from repo
-- ✅ Prepares deployment-ready code
-- ✅ Generates config snippets
-- ❌ Cannot automatically deploy to Google Apps Script (requires manual paste and deploy due to OAuth/security restrictions)
-
-Full automation of Apps Script deployment would require:
-- Google OAuth integration
-- Apps Script API access
-- Publishing as a verified Chrome extension
-- User consent for Google account access
-
-This is beyond the scope of a simple helper extension.
-
-## Notes
-
-- The extension fetches `Code.gs` from GitHub on load, ensuring you always get the latest version.
-- If GitHub is blocked, it falls back to the bundled local copy.
-- The extension does not store secret values persistently in Chrome storage.
-- If your network does not allow `script.google.com`, use the project in `direct` mode first and then follow the guide.
-
-## Recommended workflow
-
-- Use the extension to avoid manual editing mistakes.
-- Keep the generated `AUTH_KEY` secret.
-- If you need full tunnel mode later, use the repo docs to deploy `CodeFull.gs` or `Code.cfw.gs`.
-
-## Limitations
-
-This helper is intentionally minimal and does not perform OAuth on behalf of your Google account. It simplifies the code generation and setup flow but still requires a manual Apps Script deployment step inside Google.
+## Testing the Extension
+
+### Manual Testing
+1. Load the extension in Chrome as described in Installation
+2. Click the extension icon
+3. Test language switching (English ↔ Persian)
+4. Generate an auth key and verify it's 64 characters
+5. Test copying functionality (key, script, config)
+6. Test download buttons (should open new tabs)
+7. Verify RTL layout works in Persian mode
+
+### Automated Testing
+Open `test.html` in a browser to test the UI without Chrome extension restrictions:
+```bash
+# In chrome-extension folder
+python3 -m http.server 8000
+# Then open http://localhost:8000/test.html
+```
+
+### Validation Checks
+```bash
+# Check JSON syntax
+python3 -m json.tool manifest.json
+python3 -m json.tool messages.json
+
+# Check JavaScript syntax
+node -c popup.js
+
+# Verify file structure
+ls -la
+# Should show: Code.gs, manifest.json, messages.json, popup.css, popup.html, popup.js, README.md, test.html
+```
diff --git a/chrome-extension/test.html b/chrome-extension/test.html
new file mode 100644
index 0000000..cc16db7
--- /dev/null
+++ b/chrome-extension/test.html
@@ -0,0 +1,99 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Extension Test</title>
+  <link rel="stylesheet" href="popup.css">
+</head>
+<body>
+  <div class="container">
+    <header>
+      <div class="header-row">
+        <h1>mhrv-rs Apps Script Helper</h1>
+        <select id="language-select">
+          <option value="en">English</option>
+          <option value="fa">فارسی</option>
+        </select>
+      </div>
+      <p>Generate Google Apps Script deployment code and configuration for mhrv-rs.</p>
+    </header>
+
+    <section class="step">
+      <h2>Step 0: Download mhrv-rs</h2>
+      <p>Get the latest Rust binary for your platform.</p>
+      <div class="row">
+        <button id="download-rust">Download mhrv-rs</button>
+        <button id="open-releases" class="secondary">View all releases</button>
+      </div>
+    </section>
+
+    <section class="step">
+      <h2>Step 1: Generate a strong auth key</h2>
+      <p>This secret is used by the Apps Script and your local config.</p>
+      <div class="row">
+        <button id="generate-key">Generate auth key</button>
+        <button id="copy-key" class="secondary">Copy key</button>
+      </div>
+      <textarea id="auth-key" readonly aria-label="Generated auth key"></textarea>
+    </section>
+
+    <section class="step">
+      <h2>Step 2: Build your Apps Script</h2>
+      <p>Open Apps Script, paste the generated code, and deploy as a Web app.</p>
+      <div class="row">
+        <button id="copy-script">Copy Code.gs</button>
+        <button id="download-script" class="secondary">Download Code.gs</button>
+        <button id="open-script" class="secondary">Open Apps Script</button>
+      </div>
+      <div class="progress" id="script-progress"></div>
+      <div class="notice">The script is loaded from the extension package and includes the same relay protocol used by mhrv-rs.</div>
+    </section>
+
+    <section class="step">
+      <h2>Step 3: Create config</h2>
+      <p>Paste your Deployment ID and the auth key into your local config.</p>
+      <label>Deployment ID</label>
+      <input id="deployment-id" type="text" placeholder="YOUR_APPS_SCRIPT_DEPLOYMENT_ID" />
+      <div class="row">
+        <button id="copy-config">Copy config snippet</button>
+      </div>
+      <textarea id="config-json" readonly aria-label="Generated config snippet"></textarea>
+    </section>
+
+    <section class="step note">
+      <h2>Quick links</h2>
+      <div class="row small">
+        <button id="open-readme">View app docs</button>
+        <button id="open-guide" class="secondary">Open setup guide</button>
+      </div>
+      <p>Use a local browser proxy such as Proxy SwitchyOmega for Chrome/Edge.</p>
+    </section>
+
+    <footer>
+      <span id="message" aria-live="polite"></span>
+    </footer>
+  </div>
+
+  <script>
+    // Mock chrome.runtime.getURL for testing
+    if (typeof chrome === 'undefined') {
+      window.chrome = {
+        runtime: {
+          getURL: (path) => path
+        }
+      };
+    }
+
+    // Mock fetch for testing (use local files)
+    const originalFetch = window.fetch;
+    window.fetch = function(url) {
+      if (url === 'Code.gs') {
+        return originalFetch('Code.gs');
+      }
+      return originalFetch(url);
+    };
+  </script>
+  <script src="popup.js"></script>
+</body>
+</html>
\ No newline at end of file

From d7bfb524ab6dece4d43848dfe6c85bcb2c394f03 Mon Sep 17 00:00:00 2001
From: "a.abdollahian" <itsardalan007@gmail.com>
Date: Tue, 12 May 2026 10:25:45 +0330
Subject: [PATCH 6/9] feat: add English and Persian localization files and
 update popup.js with code file URL

Co-authored-by: Copilot <copilot@github.com>
---
 chrome-extension/_locales/en/messages.json | 8 ++++++++
 chrome-extension/_locales/fa/messages.json | 8 ++++++++
 chrome-extension/popup.js                  | 1 +
 3 files changed, 17 insertions(+)
 create mode 100644 chrome-extension/_locales/en/messages.json
 create mode 100644 chrome-extension/_locales/fa/messages.json

diff --git a/chrome-extension/_locales/en/messages.json b/chrome-extension/_locales/en/messages.json
new file mode 100644
index 0000000..0b3c14e
--- /dev/null
+++ b/chrome-extension/_locales/en/messages.json
@@ -0,0 +1,8 @@
+{
+  "extName": {
+    "message": "mhrv-rs Apps Script Helper"
+  },
+  "extDescription": {
+    "message": "Generate Google Apps Script deployment code and configuration for mhrv-rs."
+  }
+}
diff --git a/chrome-extension/_locales/fa/messages.json b/chrome-extension/_locales/fa/messages.json
new file mode 100644
index 0000000..65847b5
--- /dev/null
+++ b/chrome-extension/_locales/fa/messages.json
@@ -0,0 +1,8 @@
+{
+  "extName": {
+    "message": "کمک‌کننده اسکریپت اپس mhrv-rs"
+  },
+  "extDescription": {
+    "message": "تولید کد استقرار Google Apps Script و پیکربندی برای mhrv-rs."
+  }
+}
diff --git a/chrome-extension/popup.js b/chrome-extension/popup.js
index b71322d..d639a55 100644
--- a/chrome-extension/popup.js
+++ b/chrome-extension/popup.js
@@ -1,5 +1,6 @@
 const AUTH_KEY_PLACEHOLDER = 'CHANGE_ME_TO_A_STRONG_SECRET';
 const CODE_FILE = 'Code.gs';
+const CODE_FILE_URL = 'https://raw.githubusercontent.com/therealaleph/MasterHttpRelayVPN-RUST/main/assets/apps_script/Code.gs';
 let codeTemplate = '';
 let messages = {};
 

From 2ff89a3f50332a930b4a9068f1bb4f2292e0b225 Mon Sep 17 00:00:00 2001
From: "a.abdollahian" <itsardalan007@gmail.com>
Date: Tue, 12 May 2026 10:37:16 +0330
Subject: [PATCH 7/9] feat: update manifest.json to use localization strings
 for name and description

---
 chrome-extension/manifest.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/chrome-extension/manifest.json b/chrome-extension/manifest.json
index fc7cc8d..16d0cbc 100644
--- a/chrome-extension/manifest.json
+++ b/chrome-extension/manifest.json
@@ -1,11 +1,11 @@
 {
   "manifest_version": 3,
-  "name": "mhrv-rs Apps Script Helper",
-  "description": "Generate Google Apps Script deployment code and configuration for mhrv-rs.",
+  "name": "__MSG_extName__",
+  "description": "__MSG_extDescription__",
   "version": "0.2.0",
   "default_locale": "en",
   "action": {
-    "default_title": "mhrv-rs Apps Script Helper",
+    "default_title": "__MSG_extName__",
     "default_popup": "popup.html"
   },
   "permissions": ["storage", "clipboardWrite"],

From d0be6093b3be4cc2b7270b41f0b41ede53067e50 Mon Sep 17 00:00:00 2001
From: "a.abdollahian" <itsardalan007@gmail.com>
Date: Wed, 13 May 2026 14:11:44 +0330
Subject: [PATCH 8/9] chore(chrome-extension): CI sync, smoke tests, background
 worker

Adds Code.gs sync check workflow, release gate, Playwright AUTH_KEY smoke test, empty MV3 service worker for test discovery, and extension assets.

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 .github/workflows/chrome-extension.yml        |  61 ++++++++++++++
 .github/workflows/release.yml                 |  16 ++++
 chrome-extension/.gitignore                   |  29 +++++++
 chrome-extension/assets/logo.webp             | Bin 0 -> 61682 bytes
 chrome-extension/background.js                |   2 +
 chrome-extension/manifest.json                |   3 +
 chrome-extension/messages.json                |  12 +++
 chrome-extension/package-lock.json            |  76 ++++++++++++++++++
 chrome-extension/package.json                 |  10 +++
 chrome-extension/playwright.config.js         |  27 +++++++
 chrome-extension/popup.css                    |   4 +
 chrome-extension/popup.html                   |   1 +
 chrome-extension/popup.js                     |  54 +++++++++++++
 chrome-extension/tests/auth-key-smoke.spec.js |  74 +++++++++++++++++
 14 files changed, 369 insertions(+)
 create mode 100644 .github/workflows/chrome-extension.yml
 create mode 100644 chrome-extension/.gitignore
 create mode 100644 chrome-extension/assets/logo.webp
 create mode 100644 chrome-extension/background.js
 create mode 100644 chrome-extension/package-lock.json
 create mode 100644 chrome-extension/package.json
 create mode 100644 chrome-extension/playwright.config.js
 create mode 100644 chrome-extension/tests/auth-key-smoke.spec.js

diff --git a/.github/workflows/chrome-extension.yml b/.github/workflows/chrome-extension.yml
new file mode 100644
index 0000000..f3b7953
--- /dev/null
+++ b/.github/workflows/chrome-extension.yml
@@ -0,0 +1,61 @@
+name: chrome-extension
+
+on:
+  pull_request:
+    paths:
+      - 'assets/apps_script/Code.gs'
+      - 'chrome-extension/**'
+      - '.github/workflows/chrome-extension.yml'
+  push:
+    branches:
+      - main
+    paths:
+      - 'assets/apps_script/Code.gs'
+      - 'chrome-extension/**'
+      - '.github/workflows/chrome-extension.yml'
+
+permissions:
+  contents: read
+
+jobs:
+  bundled-code-sync:
+    name: bundled Code.gs stays in sync
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Compare Apps Script source with extension fallback
+        run: |
+          if ! cmp -s assets/apps_script/Code.gs chrome-extension/Code.gs; then
+            echo "::error file=chrome-extension/Code.gs::chrome-extension/Code.gs must match assets/apps_script/Code.gs. Update the bundled fallback whenever the canonical Apps Script changes."
+            diff -u assets/apps_script/Code.gs chrome-extension/Code.gs || true
+            exit 1
+          fi
+
+  auth-key-smoke-test:
+    name: auth key smoke test
+    runs-on: ubuntu-latest
+    needs: bundled-code-sync
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Install test dependencies
+        working-directory: chrome-extension
+        run: npm install
+
+      - name: Install Playwright browser
+        working-directory: chrome-extension
+        run: npx playwright install --with-deps chromium
+
+      - name: Run extension smoke tests
+        working-directory: chrome-extension
+        run: xvfb-run npm run test:smoke
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 51630c8..815ff15 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -46,7 +46,23 @@ permissions:
 # and more importantly keeps target/ warm via the rust-cache action.
 
 jobs:
+  verify-chrome-extension-codegs-sync:
+    name: verify chrome-extension Code.gs sync
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Compare Apps Script source with extension fallback
+        run: |
+          if ! cmp -s assets/apps_script/Code.gs chrome-extension/Code.gs; then
+            echo "::error file=chrome-extension/Code.gs::chrome-extension/Code.gs must match assets/apps_script/Code.gs. Update the bundled fallback whenever the canonical Apps Script changes."
+            diff -u assets/apps_script/Code.gs chrome-extension/Code.gs || true
+            exit 1
+          fi
+
   build:
+    needs: verify-chrome-extension-codegs-sync
     strategy:
       fail-fast: false
       matrix:
diff --git a/chrome-extension/.gitignore b/chrome-extension/.gitignore
new file mode 100644
index 0000000..3658295
--- /dev/null
+++ b/chrome-extension/.gitignore
@@ -0,0 +1,29 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+*.codex
+node_modules
+test-results
+playwright-report
+dist
+dist-ssr
+*.local
+*.env
+*.env.*.local
+!.env.example
+!.env.*.example
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
diff --git a/chrome-extension/assets/logo.webp b/chrome-extension/assets/logo.webp
new file mode 100644
index 0000000000000000000000000000000000000000..75e3ceab4a6e6aecb0ccec6ae737de8d99be6277
GIT binary patch
literal 61682
zcmaHTcRZWl+wh%;2%-%|gCaWBs1&tF(9%JRqEuDXEMk<ZEoM~}9Y$-{x2@VcwxC3<
zP&H%Lh?-SfB;I_V-{<{2&mYhGo;&x+b)WnC<i5^*&bju9@eN(wr9S|0@0zxunW2(7
z2LJ#l<~a)hzX0Hdj*ejmh<OQsI{vL8XaK;uc|S4M(?*$F+()rZ10d${U&Y4O%i}-L
z|5`J#c830gJ0ShPV*LLb+3oDTY?&xbT7k1qm=9;t#LI+v9sdK1{|i6*53Ket{LI_K
zn~7uiFZ{&BSceJQF=27X{{cVxAF!>*lYjAJnK)`V*QftJ>)-Nk@8I@srgxd&Fy?s*
z@B)khJwW^4{xh$c#r-1yC~X4(OTvG*J$erSgh&8Dj{SGr*(?A!9svMV<o|B_?|0&1
z^Tg)Aeh$K{!43`p@b?P<a9IGri9P_}u>7xk%<BI^8;W`B6q7D@=HUpq0`>q3xB<8U
zw!kGOBnzN{%YXuNg!O4_03b7qR|2@6ihVq4{(z5$%~j(lvfrKQtdqN&jn<}Jdj(gz
zf~1p9H;X}@!@flaD5S1b(|n%A*EyazcQygS)eGjgx!5()-cXmn6p%^NsBK!xu-K;u
z-g;wq<Bgr=Hz{X_HP7z_d22Oml%u1eF+$DLXZ8+Pt5d(mM7vX}gm1h#`*<}dI@;nY
zZ%R$TbRP81pQEEsQye+o&*a)#^u5WWTI_Gml3sc1VnMNamkMhg*Oq6hs%+m>;4+7*
zR!M%k4x^?)rgg=%MoK%5QuUwDDy^(=DZe%^zw13WwbY#wy{U9Yg0>@l<ITAnZ*XES
zbKmQkJUcpi-dibQb?yJs+VL?%J^ARUw{c#&Wx_-WRf?Ot?!U4&5s}eQyVUs`*Pep?
z_ss%8$vzkWuyQC%7SIT|UV4V-1fa%7{L{!+ok|=Be*`7X2z^kl{tqq_9bb-IY|pL2
zPr&iWk~ZHe<b(sV7ysN5&4X?S!USxIDm)6=aUSiS$AD~b$+Z-=%pUv+E#g6fLbxKE
z$Fxm{5X!CoIEEVnVo{2cZdW_ruOh|rLqYVV2ryT}nWfArb-cK+gjHXO1xjr%VNdXb
z4ZTo!F2e$X1HR#xHqmJ_13+CUCZ)Bty~y$NoLVWWXVy(l9<=-iSJIAe;6g4$$tBpY
zQN|nbc;(!MsG501C;{KfgBM1#pu8|yEX#0PK49Vb75G~$8q(eGDyNCNLGC$Y&Gy74
zP6)5A%B{pHqI$xLDy{+dMzTd<ZRb+od*N*`zg4=uOiqhn;b^(%?6%<oU^E^Mi~vyp
z94XETg{Qn~#zj7M0*F{BkOhJ}%AU^xm*@aUJUd9&YZ}C5H!;0naO(15S=)0z^g@Xe
zJos1&XhB(P{7sh7tZ)aL8rjjSzG`E?dt8O2;E2*DI#dZ_Q@;FxE_(Tzi_S+~$DPL!
z&14nzIAp!fq@Ura6T@Kx1~640)ul|J2d_cUgzi$*cYgEn?k!8J$0xda<Hd<+nIR##
zs^X%Yjl1OKiRnhU<>v;Oiks(!@NF29bbAH6G|N4=1E_w=b1e2S^b53Rd@m?H#>@9C
z3v)eV-)NB}@TLG@Gh%z<=7RXOb_|{cod7b2vY;muN|dkmp76meo|owMB%PN%R^qDN
zoMy+G1<GRi9#(R03Qjt1jJ+z0bvm{pHyh;gn!@qiF{^LfkosHoS-lNs6h-PrYMW2~
zEUKqfmhd#)o`CNN>%jn=fDoqwcE}!wO_5$y)J!ut2nesR^tgn*<;H=G@~+AiddM>3
z$Uayfh-)@rDeCPA*u0)H+rwl6v&!}4?}z8Pg%SuaGQxF%5^&0}%VHD+j$!)&^<MVQ
z__A9ooT?hf1rVX#=QkCf#XSwfL9qz3^hP-!r~97;;K<C(2HBHjTw?Lz)$noERvF8e
zf6Q`5J0WiD?a*{ZukQ|@_Vo)23%MpmC&h4}UVK&P`=QW@`y0nc(sFu;LyjVy@8Meq
z9#zQSatlZ0{;7J?Njj-QZHK|By>e_Mhf8u9&uyyXY;L8NyvSflWCtxm&9B7T#I<ID
zT|4N+8_U1Snjf~_>vDyA{jtP@L<+v86^>L4p#KTIWEtys?6(&Q7wesmbF_WC(68|P
z$nk3Eet!?=ENb2BM|s<NDz5p|d4)O|$KUBax0X(cQLBB|whVDu{(I$2KJO~k*Ddzy
zRokJ9NUG3cnqzs-Bh}}T<$vDxj#;V>xZIW?f9O&0oP%-`5>~kk<j8ltIx=(S91uP5
zKG(8nF9kna!|<HTf7%7~s%|X4qPD+MAbzNMP4=2gtDMsBRJN}zDqE;w?^Zc+yo5&~
z2gkXlq?%g6s?u8>bgRj?T&X(%B!ubBPb;){dCA$08#6R?OsF;(3lM(crRK3<1adFC
zwRwo|J%4-rYC%u*=vjp2O7#nN#T;DMhFWV^dXI?Xr=}rIctq+h56IHcpybB6u*-<!
zS#XU(hjoXnsYB9J^Qr`W&KBZD1h7@mDr=Ymv=bdhw1M*&qAYUZVQQ2@aR>C2+eOz+
z<b49ta&|#<dRY^`L`AyF&43rK+76^Bj64?kXyB+GP$`Ez7j2`-TL7T4F`>uK0-a8P
z6AFU@8ES{}0s;UW0J<>9v`;mq1v%cFBBS8&BgCS=0}mtCBP2<Of}Ji8_dMacd?>qj
zWsxYG#RULTFsFr3t;>gaFc*M7Cyx*Z%mquhLc!p>2;e~&h6N;t{$P2QMUzWMuwYAN
zo$DmVQN35?mTNbK;h0s^+pd&8&uw|JTRML1AO7Aq5z9+Xx6BPgA?#cLD<FK`H36js
z2C}rmp{yLdXz{-8rkv4|bIW@|zeISDmH^LjBQ1c1g=Ja*f&dWDM_CfCc$`&Pe%P4?
zQo7ZdIYB+Tvm-c8?D^yR=0$UYt9XT$K9d){pY72`>$zAo1MXo+KD??_A5%!AU_+r?
z{MQY$w8B_<^zY+>)+D#fs+PQ+KgnM#<h!euFF!6g)1ky;Sj#@Rgk6#HZ4XZ$`Z(l6
zZt;zseIcxiYzDwkRRk>IS4^_g2sptU4rW0>Foz*w?d3jqdmlk8JAOGxt6zARnu`|A
zcME&!k|Wf8eoz?a-DeyI7kZF|32m`<AYGL5xZFe8Xe`!0RuOke*h-~At?R?!5Os~0
z-~I&>2j&6ruRz+UH`55<KL1$BU3uHWjg<NRI-g$Ql~<Kr7J}vKBD3@xtU@p>8t>U5
zCgH}$qQ%rq6pA*F-X1Ni(ne<jgCA_}*t)!UuexqAO5}QfN|rC7Pb-X<U;I($t!`9v
zOY+!woK>bsCS^81LtohHVb__HmlB`6b9OPg)G%mbce<6|6P)#qYY}=D0gnNq+eX69
zbb({l)!z!T3fRC(PdlUzM^YZB9F*bG>(rCnnjVR+U|HDEXqaK?l@%rU0et^OVbDy-
zpQdt%<Cz!eki(&vr+=1uGxEG-cyBBB@JV@uvR-=En;%!0OrrW6jf=de^}8%n`IBAh
z%mz&tWB8`UjZEcOYhLJ^06wJxN<Su;lh2i_uk}V376EkkrSv;E6}XA4%L$+Gly;*w
z(*5QOGb?+p(QIcJL@o$&n&%`;ffjNUvR|z{q*{Jk*`-k3{et4z<pTJL`{E@;2&WqH
z<d>rO<Lc|jdsdq*^pY;r*qR#X`Bg-i{38|Kv)WMtu9>ztDJBb%H+p>y1&hX&3SvQ+
zGcXWf>k(ZI0%Ai2B49jP)7hV*2Y-B6mA2mQ*jcSzsdiKA&5x)4rC)eR<XS;J(s{hL
zC+C<7Jz5go!dXRfHMyJr4N<yQU74;Xgd9aR^YULuH-~@UWK0j!z2fPi%RWy;e20Af
zDz3VT8^ZLi*#oyqKu+0b$2+&sZ!uW8a%d|>N(W551P~_-+T74#Q6O=lJ}!)V_)eT#
z{!K*z6%Vzse&vIVqx}(g>JQI{TV)yaCli03NH-mRdtMR>aKci`D=<eyJua2yl{x2L
z&oR6+r{9R3C-n`?iRhaCJ$3WyLN_nK&R<Pr7df?e*i{%$v5KdEtC{_+LdfO1nDh~>
zz`_Y&QkYW?7#aD*A!U-HKGzH*;(r(bc!8%EkVp_e%XOGIw%}v#M{pMcLA(i+rhva2
zo;XH4RxjWFFrG2&zUm{rPJQLRyuV9r+jS4*@+k=gg@sy==&~InN&u>sSXkor-tPN0
zrPP{7x9)g^PxbO_Y^GAb+2n6#vJ$vt<zivyc+IE57Y0bHYsJZyBDA;G&otcT)jG#*
zL*H}(NkAF<r*{2X4g`c105Ge!`D#xrCX})|Rp*;S(R`>V6!sh9CMPRO2Pl(}Xct$(
z+oKU+7JxPN;yIP@o008qu{#RotF`kX8h>}x)>i`=bpN%D2en5nASe=r5rhKlALRbX
z{^KYvXnF3Of>ued2YE%!tM}LW8qqQ~ue#$~TE~G$Z)GB!%>e){$ZL)bW!F$*>{EK;
zDZ=ryKW#<T^Lq<>)4L>ct^%-+c37S3oEQii@vr4{cFhd$7JvTCOLY#%_n(RiI<NyQ
z2z9SV|KP`Rc*kaJpg23Ys}R%X13f7Pmz-0(`lr88qF};|?mxP-spB?WdUUW=bhL-t
zP?Bk~l4-EMCmQmL?-Z7e8x{cvyidS^Di9*P@xyMzP&{SjMY?IQ?`>801N-n+w&iC#
zEme{CQ*#7WSd2PcU(ju?Cm4csXD+G{!51{Pf6i`R(2OT*x|Ne{_s8|f241!T=aTw9
z>mpFd6$$R^0P&lcIn<~8G@pE2gvynj4_{}#4pq%7?EW7As89s}T6YQkoTZ;h_n)TR
zFNm2mpEoIxctPpTQoj)IVIpvt4uFNK68TOSy*j4*$eS|cYPrjxx2`jGDK#>~x7^8&
zO=|oPMfP}ou+<P2C=W!?8wCQ04ho0SA&7Wq&iWooBiCZ@4>Vces1T^YUqd4n&X8-y
zYjHj!pe(^RDpKVU?3eyv=QmdetYx05xn1aG88#};yCb)2o+v%jQGzp6tt~u_l)^V>
zfn+^lFJ31IM|J?yLyM;-NR{dtC);Xehpu%`?)#ERA>&>RmkM8*j`C)Oy^h^ZBv=Pn
zH)*OJ%Ae|-Ev<j-Hes6M;<#G+j`Q=!7aXNh=qRuQ^q;J;3E+x{QPw}7Mk@p4^^!C-
zAmmCMeKaIwGB`~p$V#T}=z;%!q>xf1NWKc1>Yi$s%jdfALD_mspV7=ex+wkY6R4+k
z&Cw-=Ab%%y)XinQ9E>jc6~<+J-6QnvThUC7o$8>2O(jOXObCubHS;2ymVQf0VmCa8
z0Dcn7qL5r-vd7+Q>0qD$_`)fd(N%Mo(t`$>t<6ZiqFq}mV~|HuX{IWdFY7!8xUL&O
zDttC|<VsTbmA37vqB-s}p;_uCNfzv}wOLCkx?t{R2B1;3TuxFSL-Ek7Q4=PS=WU>P
zo|sB|;FU$JTh15S{#sMhT7$JrNKnWI{eedCFW|T>i!D}+1?$N2)H3UF<HODFmWslJ
zZT({-90mLEP}O&Rp%oU4zEW4-(T6sj7jOT;9z3PZQAx*x8q)kvP1L{Y#d*KDm7RWL
z>hwEaq-~hkX=M~_JWn9(vMd&%{SuY+*~w2oF2j{N=KHWTU8ccm*lm4wmEHDMq45cF
zv(w`@FGRkBpn{eI+`{eY4BW}d{nh3CV4CKIVS3W?_8GEeof~I-gQ|OVgsB9p0ssst
zNyx_KIx6_jmGBBYe#VJ)N<f`cgDQJ$?$;h}7ETS-F_t&iDBF>{%jb4QZ|zz)a^9H*
z0J(242#X4!8o@<p#8%;IXlme0c2~<&RRSZ0CKpx2L48<u_S+sGpRfA{GM357Uo_*}
zNVs~p2SUk@zUIpdRHLEQ>`$g|yj*($Eh*2pykZf<Lj*k9#lrP$&k`QfRQ%LrlzU|+
zMDMv-FE={SLbaUXMm94DUBu~sy5S&conoiyY=$A<@4j5~`k|9SH0p|9{rbVy3sTo!
zX?$;vs$%i0TT<)*#DUk7JlWqx+KwLnz*A^!xwSAa{wdE6u<*(CCXEq&%YViUx>Hq;
zHvD_(`!Tdl`(jPfE>p4r+^%I|P%vhXO~rL>*5Tq*jO7CTwe;aPxzgb*JsaEuCl6Ub
z7kJl)(h7~dJ=^>`{!Yk-XVd0}u_z(3X3)a?vyUmH=cBmbPm}ZVaTQiEUbQ{G52(xj
z{dRuB>ot=<E?T|jKr2Dc={~cquzE|Ir)_pkHZ}a()6mGkxr%(KQ3H$fIVSVQMrt8P
zkSGr$iPs?HhgPvDczJTVq*ak3eJ7sOOI{Bi&tL>vFvgc=+kcza-2_ZvRb$iNQck*S
z%21AWRjcmoMv3%NzWV*Ff3?tSPq6*<#K4fX1A`FE&<kq36jCp8v^kqeUma*8knT0A
z7X{G5PI_=Cj%felX9vK<AGL`Zs{5iIWvusbox85nUbl=!T0{j*zP;af=4=#r<G)y~
zAI2&uh2GF9CvAk1<3$hrEok*J>8jL1hs0P)nhwlRJZt$jVdC$P#)F_<%FxTIrwt)%
z1;u*3O^hAt`tuZy?r0F+u#nqba(8))u11~T-!7(JBQ)KKw+x{Cqpt^Ql`T<Oknb8o
z_?ok#`P~v?xdEt{;I{8scm1_XFJDeIg-q=pE$3t&{hhQX^pi^W>It5SrWUL~RutNv
z@gT5^KFm4E0F`$xPwfBp8s3?%t*m)fEO9Tf!o^DnW5QjRV0%1Gq1{vDaAW7CrbggQ
z*JhV>$fX8)3)c!ZToQ3i0Pqs{CATl=h}bpw;PTc~!#3}+TvetP*!j<iKCNaB4ynJg
zpAY-On>3F0XXjrOQ}*hm9|(QUQA{3$+KJ;4f_e^mUqtD_mrjwF*QqC0g4%YjR5j0i
zBT=U;MDNVu>J^e<5T1Y*$@m3Nk-!kO_3gvF;eVGJjxx4j;$#X+6bnU3;vuWesFIfM
zQ&fIbc*dg|@N~(uZ5dOt-#$Tea)(l^dElGQs2wC*sz2kwgmFn4U9lo)b|$;icQ)&j
zL!=rTo2Cgz1Iat&DGgP3LI$mrg!2@+qA0~A^Hy^#cPB@iskcnvM9KCA24jZGpb}*K
zf<o3PnZ7JC(*Q`WU_|!30As;tbj4i5%RoV9#qxCU#FqLQZk;yP3-@CL^nb}+$jF@9
z_X}Lw)bJl~A5I@OyY(Q(2OK(4a{9DEoKYIR%Ey&@D~{B)-c%*5>A`{r_pHy6TKz1$
zrJW_unb<{snMxwK_&06s1P;(>k`Ehy4qs7r;{Yy0I(p98>Sv)aELp5jB3#0&38I4r
zu47;o(@xQCTMn13b{Hg0KiWosrl!cjM%mWWx6e(%;i#ME*7c|xdYgNsb?fAHO&ZQ|
zzCO9w`rz+w;`UAriFD^7X{Khdrfs~g((?um{N_yx)^vBgv~+fMdy!0-I^0~{UneUz
zWCmC_&ak>|T&n2%c)GrM$}zlSzq@Vd(ze`jp5B!Zw~t!#;wCYiR_$MXyVWy8_H)Rz
zP-;-%WIL6=%Qc_tI+JeF!^ta@qEVlWkou;72beM57(&t#5)%HhMD?d_T4w~FqL5kg
z`*=peX8Y%>hSu)X(+|c7q^IlFf6WFcJwgB;r?~PR0SE}F9Bb}i;d;OS<bw`}Wrr-l
z&JKow<ZYHZ=6t67jt;nXsR7LK>$fgeZW#wbU%uG+XiDAK+nis`6m9ywYS|!j++as|
zb)#!@e*Fli;!enP7Y$gWQ7J86#WkvY7kSPQ%#Gcv0@reiDJ{hWGJ`&Qw6`8_eaKkm
zoN5{#o=^RSg#Y|p7MCQ(XJ69B(fsC`NtO28!X3xuJL#Zk$1wj#@{83b=aoz~s2#)9
zXPRz=;8XsMQX!Kbt47zx?O{+CjvVfMul2#z@!+lHc+#zSnc3MF;o}C}mkX=<HxK{J
zPPy&-TWG9bw#thDot>Fe__976mux+?wK}}-ZtcCfVtC9+;3g|zl(lvJ7zr*c;hhIY
z<=U_!fa|CP;%Oa_Bnm(z7-p$(dBWoZ8A_t6Lr&|J<WzrIpRhXimX4s`^%FaR^c?CJ
z_u8Q5^i!ed&(MwL8z27t8~^=j6McjBoVu}9DcxIGu=Lq#u+ySce_Fy?Pi_5Wri{z(
z^6}u{`rq3duhz+%4;!bC9jgwDQuku;f5Uo>r12@Rsqet~7-`8q4nfM+mTXxdROCgq
z>EghHVe6y0&Bnj=>%MDg6!~X~<Cm0lqB_lW&gm87s6Uv3XLciIHs~?!(*zyo7@MV4
z=j{FPcnE{Rur5|@dbnI;V+zIq@jJbg`@VjG^R(GRck2V&U6JQb0(iR<U^pNi0bp#x
z*gZN7iH3NCuMh-k`bC0)FTe%*AdLTT)eecJTIgx|*&b4t_l67A2%{r<0zPurUuKL}
z%4oz{YOIUy9~>S~rW(FZ`G|=dJJ5{Wmm}Se?uD#nrn-w-6PS9#Ghr(coL|+Ph<3O@
zuf$-X+C!#xH@;1MezdcD$C~zc^OO70H&tJdka&WYlgGuJN2n6pk#AE%rJd*9JtcRh
z{w~T%{BcYoHiJ)S3}{qoGPd{WqVBgc3G-g@E_%u3zzbFvv)}n~*$!pWE5k2$s3)gH
z>*6)NipS>?u9P@GyD{jJ?jLyAN>1LXo~id!_I%tu@_V<x^!7NJ5O@?kzbvX!pw8>1
ztf+-BH)2n?i;B=Ok${+-GBoWixteRpbXOa4;2{Fud0Ao70S>lJPDeXqs~e%3nzz{o
zdWO2y!fpyKmF5Lb)Ka^wgBlwC>@5Fn*o{leAI;wV<>sn8_P~u^M$@EuHTf~-TQ`H9
zMRIB?Yues)Nw60f<BS4=#`!g-hJqXEf5`-y0NO_7y7e#0G;k{#CFhv&Tz;fJyR>q&
z&+WGr?)!Bi!)`HeuLk=83jgU!(<m?(htwbJHg#F_aBpwlde=*Ha&J66(aMz#p&OU&
zRNdpPd4cwHlyUf%;@87S4EQXg7-xqN^AQ@?o%#AqO+)yDXzeob$)i?%{FdrS@9gew
z>ch!Q+D_#J!RK8V8hj7d@PL&agJsJ=1J`Pmk-VSn3Qk*MBEg~I?B~^1#IjVQUlSu!
zUBNuD^D#BN!K<Fq!gt(H>WwGzW0Hi!O7fOAJLm^<RH}yAWy&L~=?C0F-`hXk57@H*
z_TFfIF}ac9=^T7mx4cucJe0ZXwpN(04>4vp`Fzn&C{spNQ=|TfOg^HKL-ym`$qmKU
zTaVtM@ud!b$`)SR;~iMsSu&pA+!uh@>{Sgmk+1tKbgi~>o>22WpsqJ<Z_f8+%5;%W
zW~L@j@W-`?Sez+Th^W4eqgKssM9uo|Gi)m|Yra1}r3K@!1yz2W{FRm}8bV+3vksm#
zJO?+8g4jbEZ%-D#eAr7EZ}O%kwj#VrZ9$>h5IZ3_$RP&L8p`yzO`ijs0Olo&C|<!(
zG#>r@4G^x4a}9{s%<xJRWlEKoZE8GWXL(N;%1N6z7gMcl3lh&X*g7iw_{ikYp~aFF
zML!<s`fSHf9BfL`cfSmUFjk*7IlA=*y?Z1f&&PY-+tf^#iW?qYR@c-#+|8764+?p>
z$zWTXjyf$hdS9jj_xpCwKEpD{?Y3>^HQ7fj`<B=f-48-Y=Oq>DnTFac@X5XD(995e
zp{DhPribnEmfZ$5`6eh7S3%$3MhDB{Rq}Ei>E1-f$+f8`@1n-=+>v>oF)U_=MZ+qG
zhs$*t?z7A77UJwbWcvoH2IIV_bh^-#$OL_flrbHZ@K;x{Ga(!W6vVi(gd%}ZL|uQ0
z%{f_!Hs}q&qAgn)1>D78fod?&@tZ&&+;yo)pG>N3xeP(VIY2x=b=Uf$Z=8U9Q23!5
z9}>7WC|y<<P<#-mWc~EUu+T4++PLEdbi<^ZpQO7*y0|!$6f;RXq@cgEvoeg??d7SE
zh86np`d0h6l1H3_q0fuXO+UT;{zO!ET)9B@vaE-$OU1_e`>sKq^>1d!I@0E{UO`T%
zRqvCV7)_a?weiDip0nlSLigW+K7CP&9;~XYQg7c~7P1a$JY?v(T?rah27bb{AG4kX
z%y-^>ne>~yCqigj?v=>rWrcml6|O#LXb72KrqvKaiiFvGqS?hyzZKJBWeLTmbivM@
zC3f6oop#g8E4Yk2#Z$$~jPG&+*TvC_`pPxSKUTZScQ@rSMfo+XJIBq%-1@Y%BO}0{
zWGi7}Wn)P?L%?;{4@1pVN_Q#9RkBDTopVsXt1KGC>%{ZXq<qPb+UT%LEvEbKm+e|x
z)0iq2tKtI(mYxS!o(@o=Of$l5CKfUVi-cVL7nX5L7e)l-6|Vn*WY!-IH!<2YHKc;a
zXX{-=%%5<E8EipLl#clnO->cpG&Id`drq!CS0MCogkA&^Oi_5guL*0t%LADqHQSz2
zz2RMMEMNGtV5Ix%BJTC{YQ_%vdoVQtgo1NUbfEISeoV#kV9+J02!8E2fCy=IJsEC@
z=o5}@7PIg$Ka02-$EC%O$2-H6#y4wen@#k<Ssy-wDhu}UEHpNk8_*um26@=e@@li&
zp%MaEwGaZtAit|dUCtNeU-D_209^h!69>O864Pv_KBMn%5P}bv2@Q0kCh2iv=w%RA
zE1@k)nE0T<tpQ(Zdf8p$Lg}a=PQ0zgb@ly|R!5t7P|7r<X|E?fq-LK)DIy=A_Z%3j
zi9Rou&EvdHQC8=7Co48KF>MNaZ%s#1QYsDxmF+b_pM`ugZW#JXB|TGj%klGdlj7uY
z%C1{=!7;V4;KnsZrKV3@hs612^z`XyEiC$a<k}1e2;YL_4Z92g?9ec75CX`$dny@b
zM1&UzqFne%d<2=~sUliPaN4V{U0^Nyg5Ou<D%GB-6o}gtL2mM8qq)F0-NQOi+A#FH
z*ie*H0>8xFTZR((hLBgA?Ihgq<y9TcwWDRy`qUAf`hzAjZX^3{>?{~wK$Mj$zB4qB
z&2aB+S?Tp08uc~tqTho)Vg@KL<GDD_`hL`;cZr73ev+OCH9hndQ4*FMbw;6HC%H9L
zX;w8fhHTP3Tj}cqvkF0@S9nD3LrmaSumnR{qjyXGg~v7BzK|PwJD<3)^@Zt?3WSGy
zhj)wp_g~A*tJkD{7}rnWLkt?=wYUHTJ4`Ek@iz9FfSqA31dh5&Fag4}%|JkVl%Ey+
zeBLWAVoawoMFAJw6U_J#Po6A#vX=eb$K8li#XXj4GCc6%ZC>I?*@Mbgx7^sw-eV(t
zfYW&Bxx2(_HgJ{+!~q^Qd0PGv=R|CUpHy(r9xYS!s4FwGad+O6u`5#@$^`*ZnEpg@
zL(s?v+k~0c^Q+IIs(luXRV3YQ*W82lbS}Y#lS_%Lmk!AE5XP)b=276p=6)Wjxw5kA
ze&vPG+wCnr8I79mwV6`~e{D&0%F29)R%}Gu+K-8RS5R1m2wv-x5_MyL|LvxEhT<^4
zIo427_e<ug($td>*QSun@nb87cf%dnOximT2!ZD?W@d$<U4b^i1CVqAz!qijmD?mN
zA^`ygz<3b<D{Nm`7?|(J+tkcwG{4`T>iZkA45iwd(HJ*kUb)=RaQo3%efm$z-LZ8S
zO^mvg##mzYJJkoZ9}T3U|5m^0VD$t%j>~ZgvEWb3JF~!nFONp4ja&6ow9W0Qqd>o9
z+I~GPbL0gQ?%EH+VA;W8oJw9IbLTxpV+TfgPxp44E+6Z{BxG0ja@@Qw)_nELg{HNp
zz2yOFNaHH4mb_rl71U~sN4lsb?QYId_B)d^t!W2A-f484JBu@HB`F4zfU?cX_lCO#
zEU8n2o=&_|tsRG*J=Nk<Btm_;LwZFM9qWe4!`Zn3U2Ozli@gj~_ZeJA0B|!4Rx~n}
zJxXhn4?v`?_CR>TP|{}5{7`UY`p4{HZM8`cwcu5%(9S&fW4q>o_hjGO2Ln|bvuPWS
z=p?1`&&gk^CoX9AQBE`n7X<w{r)E58k{lItG1oa;RseuR5VJc{Ze*dA&O$$=krq8Q
zw>D;)7_*y=vw>z?uV}R%skho`Ej!aN2=puxMdXD?SOVgyC4|?5LQ8YucdEbcl-zKx
zTKHPyx}hQ+1%scH>YE1N`RhpUEWY#X(0^k4sXJA=OfatfcKGdEo`n-d{i_?&GMd)=
zjCjV#mtBK1WzaWg&3VxPoNKVtS6#G5V@frCb(p{F%HUYy4FhL`Uk@}y+%+bjmizRF
zCjk8TK13EsDiVN%gRlVdUr`Exaf(1_A=CYj?|y842C!-M=%#V?RD>#Mh6GI2WtKaA
zeW_=!MHIskjEV)1Oy1(a*wV@3m0|$nlm3(Rr9v}W^s(maQ-h6W95|~QpKQX1B^@IL
ziNpnGZU?558w86m&-1bluAgf>cIdlIa*`)Jy`7fqzPzM9{OZ9{rH<w;c?ARtz_PGh
zLUgD5a)#Kx{j8yrOiFtzyCOR*AiH(z<6O&?w3c_b3Dy+RKzcB#cv#(fH+XHS^Bsm6
z2U|6#@0d4gHqlpyH`k6*Cf#bTy{-Vm&Vu@YSmBrzl=itc?E%p=neE!)@f@k^lA$88
z?@!SeXiW7Y-^Y<x9#qETtk`@Bu)=G{0=$2&c3`xz1Q6bh7mC6&BNFD1AkZ@y%x?vx
zfT7s!_W<H*eCR~bJ5Vb<cVl%whO+%7B>2Z-#~HP|VSjV0;)f=O_`MN)pTZ-)MRRm#
z91QS-fj6@oJJrh?xZ}G!PPhxs?xst)(!6QoCqnjG(y$!2d?5P<@LHgU(w*<EIG}rA
z{@5X>t3zRXzqClit5xG3sZu7`n-a<N@!)}QF$D}8oOr3_k6fMfh{$1^boWO6>G9aV
z%EOWH+6nwCJ}H~d<J(O;QwMv26zcLC)yj+dqziJa<9eR$aw456cQ@2`Nr^Hc)-@BA
z*MtzP@Gwjm0G$4Ampg|{`RX<CjP5g46JJ~?b>c4H#Mj@0`4qp24d35%GNUS>;|yRK
z1%|L_19&ZQBp5{mv^^A2C<$XNz)k?GRsEPB|0w6vlk3@R2*a3IZM+uu$t<yNP=$v9
zmUZ#vQ>}inmsEawBnO|3rww&+9Zb$%O67D&_$SZ%4DlEg#{0QkHCXLJV@uZiC#u~f
zHkW`b!t=LZDESTBpNzid<Hlt#;bx8bO&+1HKCXyK{9HPZkQc}<`|S5;w)N+$prl_a
zQ^S0uS{2`+jF+~n$f=TW5Eusg2S9I*^4rRKkvNL=zB_Wyz%w}TNNf~7Dhqs3rjn{a
zQwm<5o$YB_3&?zyKG+HMH~CD8qEtRfOP<V}V)DvKde_+Mwd~I^+~zINFmwt(M}jy8
zeY!faTtg{7O|Q2hv42e>VyRzaerH))CSD0jnRBp+`eBf$C4mVCf9C~YS%?(R4!m34
z%}P85V~ahG^v>_`!4nN@BQ3rsfH0>~N_NpA_*<7+?4l8UYQ|$p>a*l~6Gcr2+qH**
zuRpcmhLe6D_oQhsnq^PYKec}0&#27#T&)}?>^cpoBC(-d^04-edJozKcFby`e?TpP
z?N3hO1vBB!pjwWG<gr>a8?OO0N&r&}^l-EjU6R=)50=gtI^3s)1Z7lHJYrX#ST8-D
zzdY<ted?KB7c?&dN1=)BwPhKK-xEeaK-g%7y~{njzUc6zlfao1Ug)kb``zn7fqO)1
z*S<AD;rP%37?p70XAQa2Gb1D<c#1j8x{`m7$j$Xs#GcS*h9<Gv7%?aT)-O`HnN3~a
z)!g~yBH6XZg+*RQ%1w|@j%VH*XE4RzAE-7jmIH1liOFptwqwu<=nHC4G}z&#4J!)C
za|6MC?A!?q7;VUk(MD&nF|+kx`Zhdy^W5?MGm2~RpJtb4J72FE^DpAQ?oj^jc!xCN
zi#g&`zW<OW<EUS8C9SSgWvjtMI2$%atOp)Yg^h&bqf>Ajvlf(0w0Mb9qG;v=T47LK
z!}5zsvpnaoNhfc`$Wl!BFat5*%6C=7t8k)-`OZk9Ao>~O;9X8-;k@s|lEQqq<*3D%
zm6wFdXZJ!uU?dCxpG6~tG&<hr>FAzqeYkvkXPgadVi+m#&l9)9Zq;D=P8=zSOf9rd
zb-rt3>doS+=3kYWEW*^X{xWq7l6T!>e1bqLhD8UD(o%mTnM)$_snfHUbBAXv-1I(y
zqyvz{RrC$M-7jnHps*Gsq)Zzy<N}a=S6|ryh7nK-l|ulG;V0tTQ2@+U3es>69v!RQ
zi-bSE_Cj484j1S<0Z7XKnM0U4kQ!->Z9W1iAUN=!q{6VfsZUe4Ru@zn{b{Ot=xSHH
zDdVHkr{qp!kxGP1y`$eUE+EN0ey!SrO;rhlXLc3h1R#*EQ%%;-j#yavpD)kqG)$BR
ziV|2%B^z`CnnUL}5*Pl7G4GRrh85uP@VD>QB1t_WsxiTHB=?x_{euk?)bhCTl5GRq
zOPe(nM@zr7@uAWNs@I@mPD26?t#xC+Dkt^pY}yqlir01BR82GJ8~+-Y)aN*Ifa3A(
z?9(P(0BS~A-GRo~YowR1@2N~Es{SOF8i}EhQBvS$SrFpd_n$5k0l~G@QW=fi+G*oZ
z@eZf%ud{(0bicLLc!vFPE|3^V7I;n^ISu1L0uWeBnx-K#v>A(j)Q&ZT*@vguEs7;v
zcfjKFyjft7=2~ab7$GiLL?`S_yJFDy)iKY4alN(v%BM=T{0DpDqz@01_99=&9{hdH
z#u&GCn-~z7zwU1%w0eT#O{m1Bw%v1|3b;J!iDw3`vH0e`pfKpKQ$Zn~M=!4ap55LE
zo^Tu9@f!@T8nAgc`tbUvDx#IO8F##d*oC+!U-37xP*`I0m7igCk0*9!ZABepM{BH3
zx>74?<H(?%*XopjQ5AXMS&q<;`jg7fMBZ#WjQQPCKdFvk0kUSg`$<$yhQIRBrde;m
zkjCv&P^?^YhdRZd<ijBDJ)PMgfA@Tw06nt?J&^&_08ni-f;E-h1DdFG(VE^*(nw9c
zSEGo}@^Sg{t<po&Iwasx7B{E=KUc4v3ljjeb($jVB!CkRypIS4fQ||5wN2Y6hyxKH
zs+WN30uUm|8?us6z}^n%*TH~Jp!h;DpM}b+_QPi5?}<<Yf*YgE{7;`TU0sciBQG+X
z881L<EB^bH-qw9tyk87U@1~8XaewRNa>r)6b+>f13{eOcD!u)|zm7piLbU))7=(-I
z->zwFw4*Cxis>oVq9T+a*WIMdMU~F>JVR3)YmVY{k)WA2rf?(-BY78oP1s6N;Mz)(
znP&CwuzQeq6Zx;_T0qcY$A<5YFKmdVD4WYcT~LX_fH?TtA5_y@Htpv<E!E;1-JbGM
zte`|^S^b*7pV|fwFMkc_S=%jCkmx$WpA~iUni=M6$9LWLz~xWI5?5&bo4a+rwliaC
zrZ;uZMtgLRH9quK+nH>f6X%EogPCp#Fe)tT^m{BGae6eG1v=%ns0<)^1hc**>-4c8
zfY|6)U?Bi%``rs?g$7tqp}?)%!ryZh-Kal&D!DP?Z%z+xGeT7yG-?~sM9!1--8n}`
z`RPuxr->*|k^6$p(Y)~${V{W|dxsaRlH5ic$yL&`8*}_fVxR9>ZV}5CYWKQKBLgj~
zQh5B%qK`~))|L`Q3#YE@o({iv@sq^Qma6N{t+B@DA0wsadff!L9(zyvukI`p^Cp;i
z5#w6NB}x=Xs*WWO`+x`9VUUv{f0uXJG#=KGvTJM;yKJ#SSktfGg`Ogr?+Hz5NAW_t
z)+a@+^~jP0L91?`({_tp=v>HMIRPG|Q)$?Fna%g{R>kz~&hZJ$&Tb;AMX8R?RQ3Gt
zx}6ipU|A9BkS<8LlsFK^trLY>fp&!1Vp-wYfS5o0So1%uHt3EUXn@E3GBaa?4FN#$
zc0d3u0`l(V4M&cWv60>h#{S{z;og+y=vCPJhkRqAKj}M+y|6tNRbTsEdXTp}&PGuS
z#>#n#<&V@cNHb;@#_KCvJCPVZA}gpaBBdwepX43a{++4B`y#>ZNjfbvqrpK<!HhG=
z=l(k^{(cdwZiB5qgC}l3zGeFL^fAMCQZvVhX9uM4rd$=+$oG5;dcW!ozewRj0f8TB
z${CyGy$P0DLU>k<{b_PjJu{trb#ragBe^T|Bhwen`#$z(Tfa-d?yT9)X4&jU+G_pd
zOwM1bK2P2iPP*OXdjDIpj03VIR^eqVBb=70u{%y0UYP&Jb*gOO<DJQ()GDtj#wXF#
zNRvO1?%nks;gfdai38x0M`+~fIYTMsxxPMSdnYK?#V|x1q6>tI$qM~dHjf8`*h}S4
zKQy*n9iF}fd8>beJNo;Eh}%)@kuX@*cP1@4_^<o3SD|g!egOa~=@hsmHBuiDcBMv0
zNLjm5*Z)r56@Qy<g<|0|6ovK;Da$kXP%S)H<)fETUt|B)+XX#^CH(XZ3cgC4_{26M
zGU#*aj*e|I>ET@i9a9XZwHf%}C7w}C=^c)>j_tdZ(E=>o?AJ;0(3Say#6#|g9PSTm
z?(Gi+HTX^%&YOTv=zKNwxug9L?~4K)S)H`KNP4bG-+t`3d}~+DaXmF~Rk<-<)J5T#
zZkOF?Dtp*vdGX4`(M+ZI6J9z=oeq8BBF^&nY5TRaR}nE%f{*ahERrDJ2tckKVn!L9
zXD$x}EW#LvRB>kW=7fMCp+vD9ET+!@Krq=FE0$9r0s={fHKWfY-j45;EB2p09NsMy
zs=RXR<2A^o`24l6^w$jEnns;z?9}q^!NJeVJ0mYR@OcpMT_^a8?t45(LA3&>ULOk^
z#^9y-``8F*PK}G-*58iaMYksYU(MW*5h9?PRDJEsjm4FR){R((y8i<e!Az0u;Ae|F
zxB#Vx#(KZO$I_BgZiipKQ1z5S-w)rtK=9Cy<?S&Hz8?=!XiCq1$;E!#L6lS+SYJUN
zj-*N^_eb3XP_`EWIDRI`63<D>Pi*!@>jreQh!QmSx63MaBR#D|sjr%^%?2nIeXn-u
z_=uJ>hI}zwpg1lRE|_&jK~#rs?!G9!G$C?wlHp|Q<rIzy*Et7(E?;G>;tm}wiJF15
zI)~x=h-jzXic{LBAK^b^@Z10j4I}1u3!VWadyJu&Ts|M*sdQ1=eNj!XAwBXeWAjr;
zy;M=Eo%V4Ms4{Q;pt{O^<_^qtI#FH5#ecc#PLP{JG&5-Abi({{tAa!nFkL}Jh#TT=
z0a<M4^$vuuQJN>CnYzj2?wx+lx|5`G%B2<J$j5<tqwjcumfmIR=7Ol;nyqHp(RT8$
z`D1bCT+t>5nhySHY9dF6J1)D7aLYy4itp}AoGM=KWoUpaV>;Y=f17e5Q-&g<*kiEz
z#`9U;O@cgMi&h&RfksuPmbS0;Nolyjw$H>f0#mQKKf8pa7vQXfsjM_tAx)_pNzdhW
z(`0B=?k=#lH(Nxw(&dce@r?10Gn0=9I=zN%G4|l*!3z8UE2<-AEdqEB{su(t)jRw=
zhTw<kL-25JI7HiCtW}HY-Nvs$w8tR#II?VF3<yQRtH;TN_+ENB)zi18J1B6iTR30v
zA?IN1wGR=O85KJN^-}xam8(5_gW7P_2EMM>Uf?;1NC0idjxm%lh1)*^Ss1;J<Phi%
zyJirTn>~A-QleUMDj&D@h<|5Nq};b;PH#Kr^0CSh;Bn#^l_2N3r>Pnh-g>H8AS=F8
zf2-oAGMVb>a?P%L^{o0I;<kQXMlLGy<?)ci)mCenu3-Z&FL!Yva12`xrIF+A-A@xY
zE3aO-39+qME)xcSEGRv3ze<D_i1TbSSFLJvC=hyNl|8xOb$QCYZtXI`_))*wtZeqP
z;<hx^g9Ey&ZTLmQtd^7tw9#r+<cB!15oXfh2-hOecNtRiF<{YX9h+@=_bfyX8lL4K
z4|XED+3X~Ec3@$jF(9qNlE}0EOZV?<WMpb4GN#8w(gRcp{if&QYrDrEl%?r6$6USR
z{2jN=GV!eS<u748Hc<7M@Whmv?(<Mq<P*-XvRSFbSUg_;q9pGGP>~bs1}07$n%m`i
z!USvOcwQ@%wC6P3WxM5h>6@#N#a4Js6pb=;EdCyYv9sfYlVBqzW^t3A+G#fZVK5AK
zLw+5r>Ki$YjDFsMYrN-P)Z}={O|&e;X=ZM(_)ZgTyXr7-pfdke83w_<<m|ad>BVJS
zaDG{EpYK+$#3!s^mZhNwi?mU6=ojLmXWu}@SZ|MLrb^+tUDgkrX6jp>QW`I7&Oz|(
zSq@L<#+rZZv2yDtm~itJ#japouN?!>OLtSanH!|=I*7BC$wuP2z(^J-0%fDvjCT6t
z1c$1`@}jOj!~6n+D&LeP>kcdTP#Va`MSJO07NjA5i%)r7T<p#+4K)vdMDU{#+~?s+
z{$b?}hJ#fyx0HD^50vJX9N()W3t+I}p@y{}V-T2w7X@>M0=WX1Tp$<u5q|upv+6bc
zz4TO_Fv9|)>#5oODR)bgY^_c?PMC!h?<_C_=uJE_U)2p;)nldNEtHEkA7*IM{!TNq
zY&k*Ly8%nOuFC5|I%B!6MUo9#qh+s7sO=|GmtT-@G?L^%I~s_PRoT5FwC?T~^x%u8
z`|l}Di|xJfC#LB|4K-E9V%2t02)up;J0whgi|F+2zTCo0@jbpP`9Iq~CjREG$S_5=
zN@BWF{=`IeU4fmY^mTll-~x?cbUN$|(b`@`o<Flt2uz9o^V?|Fo9DT+O<=+o5wV55
zATI5;Pm5TiVeKcfnn6x$A<uA3H^4$;byZo!rHWgle6}b5T=lVCyzyg~uc4@KA8IW#
zSeYtgk@#E6Hq_zqQKidO!PI6476^a|*BXKp0IuAyq7g8H1M;p+XYE)QqVk-%X{?q6
zEW)hdjAzEF<@1`G;|_%B2~(0gX|=D))IGW^-|2h~W#d7EX2=qQX~YS$A>m5tdUNC5
zwcE;SI_vwNGi(*E2mWReJ=)nQ9^UZV%xl+0_1P9yk+*gjQ8d~s_oI&7<UpEUKJF-x
zzLH0w`q-@&1yz_N^~aeSfg{eL&Y!Jb9g{V#ecV@wkaNqidm!Nh0Y!Aw(p1)t4&xgL
z)SZo>di5Z2`Lf>?xNz+fDBux|1pyGG>=mVx$Fd=4@MGq_K5brrH~NG3X_k`L(rC1$
z(F5&|UyRf?4(U2nMt_a^Yg$X?(;7X~f8LeG^d*OJbD|91SSSXr4($KZu$~xBq<fh-
zE*Dw{B;CA{?2-Lg{^T;L;b>DaywnqrGv<clKU{{BM!`zF0^w3%qBzh&gm*c!{Iu*O
zRz-d`(yJGaFWBOVKiNhrdXsl5U?RS$dcrM4_2&3k75CkN)00D`^bOopW5eS1ofRx_
zdDx=qHP^(R&E)emuQG)O56_j24T6ZwEH!^2PCmvvH2dVEp{mUT+UBzR(Uw@#Rl}Rf
z^&#}mUCrU4E}f@GG}GOODjzHr3AN5Pqki6zrmw+}+}~odMhYh^<k^kRLU_gbEV#gR
zTaLrow$dvu#Z$YwnN42rsSl{9tY>}AWKyC-@mgmnNjgcfVch30mjV!=8)Z^!p&j0i
z1TfK@9mEJcI8r1TIBRb_{GpeEBi{)L8l(>4R0yA3C>y>n?02GMB>`C|=wQiU*=0c>
z-yPeKv3ZT|@;+0-(OD(mE=9XJu^M_pJ@D@^skP~tGzn~AGISTI!}d}d6I#<d*TM8>
z1K|d!@YgyJ6kgiJaz^R5O5S~T@`J^5n#D_*G;{W#ToDR&omAI2(W?6VVu6ueSz#q@
z^D}L;Zhgv=C466@PV92iXz_=xtB9yTalx}0zx0B)XM?v&lO5-c!<tc9Z)i`~Huiey
z&1Z1C-H^H4lebpec6WuE=-(3umbV*C3FOroFHOHyqX5E#ztL}Q_B%NIOh1-24Pi-v
zY?<GF4rCQn-IMOd@mg%3+S~B^$bP(_v<x|_P-a!`<P)&-YVyluVWnJA*|zav8J`FM
zhXA??FSrFE0RDm#hxxVA8AGn3s7~=}9`)y&GMOn9w#;oqVH_@}pw_t};!?6<5g!W@
zy|!jBb#Hz7P{Vp*vvTd$LBL$@_(D5hcicG{r5XK)SNta9HFs>uxcP$q^7hPm3)U|j
z7%aHN9);img~0$IOfnQuhyvKILPwGSNq^P2JI<=V8$xsJ_}b~?l;JB6Ua0>%nI5<y
z+UWk4(%S>SBF_ElJubhl;b?31-m?d=tPz0)ZA6v6N`Yj9GSzm(H6p@MgT75@qWO<{
ziQp3NLj-)kKc-aHYBv31sIBji=Bm$#pJ65A4Q>1-?KoUR==;BhH4`<|HPz7TnRPqQ
z2QJ*n$@}>*IYHtgehecX0m1`FL4K&#JG-U4u+G`*x`;3$0?Dqt^UuZ7T#@|(+oaQ7
zInR_-uTTopGgf=6GBy@i9pJ+EoH&F<cvs#z28b*^;l#qQ(dJe!y=s>~#L^~~8Lw-C
zWUb?RaW-qE`m3cLl*fsZyys6nP5n(vtL5Bu?NuzvAd{~(y>$|J`Q%Em?~8kZ>=(Wi
zAJ@xJQ6T)T+3<_K{WM?xRn4`V5)ME_cAOTn<xERLHJZqC6?@fA(lp;+{YCs^OWV}1
z5ivWw+^==fYun?Exf|Eleh#n3PgY%M!r9A3hH`U_Rhh+;G?hijDvgg&tZ;15!Bl-y
z>Gw<SRb+?~e}U4gmphg8-r*qHW~A3F4+dT`$USVQni-__u<@v-s-ZjTH!;!7+(;Pc
zHpDcoH&<62?ri!^F}Rh#EVs5&gNL_RhJ6Cvg4XO!ziaa)jeNcUx+b$L0n~xQ0KP(A
zrCaP#VO$YF)VNjic{PWd)?Y`K&SV=!Pbi3Wc-VD&J3v_50l6ZPnRK%Mmj7x7TT()H
z0&sm{Ok;nq-ls|9^54BTWqkn_eD-{XS3EwE&&H<Um-N#tGFAQR>oeUwtOu>bJ-g2F
z&b#V+gkA{FRVSQ@C*(M$e-J8?@Dj56Rz@kEGqx+k0aq0<5@BK}5P}a#C`26-xCVtx
z=YC95>!+u<kw$MnzJvSrErE;2P<j4CZLrn7^_TP_=^Dw0gyT)P%>Axo>pnM>w6AI0
zS!0IANW-GmPs^V*6T!$R<?A|T9+Q_R=dKHOBOer&eew7kN}}qC5^!W`Gwzth!pn2l
zDMKx*2SfDi9uZ?$CrYa&4D10>z>j9<UiF)q-xwbb@qhfZQRA}pT74DGD?pZ@plD4I
ze_2^t;wcvG2GYk%+V~rqeCJKe@&RE1JO&muz1D*7IEH7zN5Qp3RM~AnaPSWD<Hw>;
zF6(*bPdX3@X3e-k(G1cYG$oRE?8ick97sCPEaCU>Ki$7R^#7>s+-wVKEF-5MbjES>
zICzAyi%h?`of#OY^r!DDDT5qSBi%j0Srnrn*>Sz?=3`D6xS|aKhk%;-biOOWJw`Bn
zXrN>%dB9a~e!%rBOQn{5j8T~QkB;mQQoEZ!g42el5Wb?!JT1yj+?1QZbG`5O#}h|2
z23GxkZ|rT*-s&MRF9FomU38-Bzy(_X1mgpMH&<44DF6oQ^(U9PS%5L;Idxgln_D+q
zgaez^pHJG~-rara7E&Za_<T_v3_|{TZ;BAyfsL<<GozP&@PXNdp*_0aHbL|9`$F5J
zz?yZHwcvU+-wE`txkBGN*Hrl}`CKA=tZyp=Z<6?qwK>b|w^;5~jQbK-Yyc;gpvC_l
z*hL~aUh<t;KyX~O#U>l~eB{6!*E3W9GWLM-s~q8Z6Prjhl#p;HOw3%_xbk;<T&bym
zO#NMBc-%(502>y0XM;P$d3$sF&#aR7<hF^LsY4>CNvYM%uiBqYV4nb3sd(gzP$VB1
zg~>(nL}9_PQqA25N?((0UB6V2E5um&UZYJ5s--ZniHOCjUN64~ttYR_7L9UFSQ7{#
z#dp{BVt;vTM&xj>=8KRs8=KZO8f}SdHusB6@Yx|go64^+%)b(-9mQRjl<4sIK2ZPn
zLOe53SmS==8(^YRRVu*j|4?+6VNJem7=Jd#7%*f~5()zpanxv#8lZrL(jhfcq@+6r
zQX=V}k_H9ohS8x2NGmC=2qOeUN@DQtJ&t|cmuI_=`?;?3I?vzL<h}3HX>~6Astw+Q
zB*|w~%#bKZX%t#s;FGf`(xYX;?yvlf#gO*>e_ib7|EjO{{T^u;>eGRpS2o`T`ce$*
ze<w*fDQ`5Km8t#Si<M~VuP7Da3JhV&i8SSu4-XMcd|!DUM8)-BZ{}-9mQFc6j>_b5
zf3B>IU>0F8+=kNMFAyiCY>lgbo)*^%ZVIJo*XY@E_fYcuQ_7P+J8iwHtqyYayLoi~
zr>?m*O2i=|44cY@pkf2M`v6E??%6G~Xk=4~c9NLOU2lbo9kF>$RY#$@Y%XJR1QZ~t
zg2vkAV`YR!qQ!#CYm0W`ozR2M<*R<-I!{SWW7c0yJgY<s%Oy*{pouhXQM$$Oquzc5
zXxJzfN>sP5A%_B_dJUA_VRip8dq~h(_l(PVi_^XO$~W{_p%<$=7sW)Krd<I=7#XP(
z!cg9MZ}%F2MuK#}rC{|Y#o7_ns`NM8@rK2n3YA%xH&Ixe>euUI2Tcbxg!ev11$dp(
z6cvp==X%{i-V)T?!h+XRK)516!&jiri`AYGp9BUTsB@A57#^fJ{kE6d;&V<2U>v!N
zvkh0Y{Q7K9Jif&^ai;Ge{=V-v1;)jGwuh4GA2?4_;l;Va^0g3GV!A5n$(hnM4Ab6$
zwQs!M5SD^)C9&{?W-%A)-{dp_z)8xmfMdNgH~o2?9Z{4)qXakBK@uTy8(H&BsRllo
zU%kP1Mm!5xuG$;%`w)2K@}ggLX~7?_!K^KN(`3HNXd!Po=!(1Po{g-vR)m8hFz&pu
zA1^p8@X-Su)gq;eSd-cuBjUT7LR<%4Rzj5aVIu33$3Y|eq_b4p>QVrzgPX{adV5v~
z1DcuYaWM{51_l&Kvp}b5sZUADzTtXMj1oEX!^eBu(yPSilPjMKzrdRchDX>J6lqTc
zwdQHkb@BH94}a?3dzjU1O9#&9ssTf=VN_Vx;IKG^k=pA;`i$=0L4??d^?;lgP$bjM
zFV!(Ux!6z@yFKLHDHbB|_nO=5+w0hHdb5?6?-FUx6%zG0)(M8}fx%4AQYq8;>0!{7
zk0cQd2OtrE?RAJw?RDLh>yHYuni~D2e-rbYI%%JCXPJIYL!r9|R&WRjM`sW)j(g-i
zw)!)~Y}``!r%L<3jq~Fhd-K11u)IoE*8@af6Qs{qKO9rwv1H0V;HZm9rmyoCjD&z}
zJ>?pz$mw4dWAgGrUL9tCPUpBw5UK3p*2V6Eq|8rK`OG!+ZNW6R!2*Oa4ZsaUh$Y>_
zGWM{5k!__^C8?Q89)(NnRb@NQY~+pzp7y~e3%AgOC6YsPnM&)8c_n_zTP97m=)V5_
zI**!QFP8~}|EdP!&BYnD=g3n%^y4U<ML$K|!y%tCJcMQ1+iPKIesLPxVASLQ#my!?
z+0xv9_Z0GO5VC^hOuJ$;dj))?UQ#~(^XPo`T4?*u)k1M%hdh3lLFnA$k^du?mpxL<
zVA&DGdiXJb(YL+sz@l?a<%dBB`-FSkPQ&p!4eI#u@JD7Wn)Q7qjunJktovBY8oWDr
zQofaCI{i<j{m;w``NLqoPlk7@QYDlG5>ECO^9UT4?#foC5Y_K<-Rl97Hlv1>Pl^_}
zydji1U{~#)%{pGAE*tip`wMIaU>Tj~nTHh#{+?!pzUsHs+=ofmeWEb8!R<e0Y0DKz
z!4r=XTNr@D0UH5w*_r&c53&Im_p=fH7X;4)4M`_z21R6(Z&&bZR-CC?hDj-&KKQ1&
zck_1lw;z9BeS0+JXq4wjqYE?{m)bQrQ9YkAY;E-rDX(E7k8us>$0=`s=rg_0hK^c`
z)bf_%OI`PuguY4Q(5(DPB-_d#Tapd7o8a?rrg-dKwra4e`zwus2UIThu<({ra9yED
z|1u?ni(AFuzCrv>gsW=fEjuUq@LO}gxKvDeMF1AHWESI|-fmaZy5H~ngQLcr&J<M>
zXa`@*?>8+U@083hMG1gmwmiE+EZaj(q1HH%>HsogwADy_&&}9*7@4P01{bCUfpLyt
zQ3sh|qmT=)rL^rd1Cua29M9x`UvIb&11$fWwGBW(B*-v*1;CekWHE3Z5cdsHAR3^m
z&C&skf9UHvEv9>9n(!C8&>&lHZO88T?;hWk*n%-Y0jqa!NayXgT3Q#e0fGsOG_7pv
zJf2#5T=W?KI3@9;qg|1lMvg_rNXPn6lebKJ(<hUOa12eiq0(zEdO2)Ka@*%dx-rk6
z0ga=Q{oV<k1v)a0KS_zC9<m_!zXuclam?>m(<HLyOv%OD3A9KWWmsj6+aBk;M>2&K
zV@fk1oa$IBdNsp_f{y2wujYlfj9<|2OfxltIDN|Dz<dcWpk{1~0p7$U^eCkXi2TqI
znm#Yu4t{p^rZDD3!0*b-v-73BA}bm@TSzR!hi-P7TeSBW`2BS0(eJql0q>*NwAY`A
zbWyT2wfvdP8?9VRsB^2QQ(2UIt5Pg%DQ@pCYZOfx7EiAoW`~X9Bok&)MDze|wjvK`
zIDu~04D8w5-blwJ(>(@I7@4#9QM|i5ZE8ryW8BUL2up#0WBiZ`C}%ErK1Va9m%Y5q
z{Mp~un%7?)Eq7d<{yiKJlT1}%{4y%l%YIz=-_rsom&43z&!Aw9_AY7m`J-F;`d&Y!
zrFy_OF2Ctna$F19ofykWd>0t|Z0e4n`$r!05&)(G0T(C%R(~QQoeQ*(h1{oNLaGL;
zHl_!;O9SlYSR1Q~KW3Y3Y9Dns!)`Gui_t-30Q9lg=iuFugKwAjJ_(03E^psj-agE-
z#?v4%nHxTK*Ds5M-^=e3cLI4~1#R6o1s6HHpDtUeRXCqLmeoHf$kA|+lT`?D?&w8X
ziI`9#YVDbV{mq1?J(*-GIMpbz<QXfPVVqy!yt4qBS^Y%Y@HUQe9TO7L>bm<z0{>Qt
z*Y<%5_e@+vt(K$>fLp66I0OS!NuUTI;}um;cU`x61@FDv8PjY`M`jfLT^F1FSAT5w
z2u%$V%%*xn9{LpzESr9dPl&%F6zvDqSIuk$>+C%mIpdvLbIkiG`p<UfU~Oe}?T^h1
z%iYm<&uSxU1JhUu5gjWYDkgx8<~7$lB`39s0WN0d&s+wg3G}N{eLiM^0b~gh4J@YQ
zy;Oh;34K5VLbw37*cM~b&^DSG9?w{lcGfBp`Vg=B#IoU#EtF^~chPT{@J+3ify!Z}
z*mm&eACtTR;!xLB7<iV|8esEU0eB0@fc%cn0eo47pcHMtt;HGPw}G1;cF;OCbzha@
z(X96SmP9BHs|Gwa@S=zH;s7!yEDIeN5&?$1WB~yMR0iA0Ra0}0E)MA_pcVE~-^5Ng
zODfS{NMx9HcNG@?95lP54TyBuApzXtgEAj&F_)sV*`V{6{_Q70=54!exvVzPncTEg
zHvP@jH=PQn&RZ8|Ob;&y_bco4N1scW{b0;q`A;v8gM+w08aV_l^o^lDG*j87G=n45
z0gWUbl8O)xrvi6l$+Vrt5GuI;R(JB7R-ONAHVO1%p-78O(ro}4g7^yo_UV-vXSQ@(
z5F84s=>b&u5B*IPnEZV!WE=jKJt2k!9p=40Pm^J;qX2Y}HRA8SH6Ndtu`%&xvxG$6
z*6KzKDGp0&R*(7JsuKA($Y7lPRER^~slTyudPD>O29hR?96Pl6?y&i9pb$vJW0Ifo
z<1Ad!0{|sqc{N1<Q(KZ`xY@07Qe8Gwkpg$ay>&ZF9_r`+Tz&ksAR<~SE)`eO%|&K|
zO`*nVp`m~Xh!JK|RZhy=3RTVLWuMP2w6(irsl0ezA1+}82EIBKichWnHMacFUw#ys
zFxL_*+WwJ6cA)zH@&1p}{?4<ODFXY4?S&wNN1QqgR2cnyF#1#MO=W#7$rouVCMH3p
zXXm6P)IXcxU^$f=Gxz9`fx0dw2>1#G_yO&EREyeQtRs<RSYLfI(!*8Ef^Fzd+iOC0
zw>d;wCOXcOUmO{AvFNn0DMO4uErcpMS{i$sF3Kw?EdKc$F91hIF-A^jeT$xer~YfX
z-FvpVzWyp7^Y=%~tudPvl`?xU1YK&vM*O^cN3K}4GOI5BVn|yOavQ!(p7yT4rk3GL
z{@uVBc-m7J+V$z8LK=si<YJ7YNEI8Nudlnd7>CS9gN=c=U<e}w43c{L=3cyBha;zv
z4BpqWi?}448?^g+yUFdXdD+M;(z<bK!)a@Clke;zAlLGJ^^}IOku@c?*$Q=Vz}4!`
z=9tajS=Gdjz}<|`)IRRl2BG}dfj+2x8yJazgF%?$5?e;7qKypei|7)Yxh!8d1VtT{
zb5t=G7@z>)bk6JVoJ{YeKX}eR^4<80{_jV*foJ~SS8%2T0}H8rtru6p3P+vZZ66&G
zh9D^)V-O<gUJJhb(q}2;_s$-#gt*Q%y8y3s3pVzF;zm&S%5$^!JrncYvUu}892MlD
zU`&X6wsh=A(oh@J09d1%=>Qr)6Z1a&dNTv5OEuJci031JQ=0nC)1gByStWHayhhhx
zwPD7ut?HGAl?+^*8j;Uy4~K?l3>b@RgX|hiQDv>7k_z%yeeH{q`1^^UhX#InI3}v|
z-N!+v<U~gZcCDRNdDUMyQd7$$@VX;Hr(W3;R|}-HTEO4h6U)Gsrd`FHNCQ{lm$B3U
z@V(cNMcr2)u!TX}z$?k*jAW)Cj(k$?SIs|nnSOjDS)UZ&ZW6#o#|r=&fGLUG<N((N
z8C&7`ar`gemN3sI(A`u~>X=OA^Y?O>=5gKZ+)oevo_BfID82A0$@ytrn1#Y&w9J2H
zthEGR%sn>ez;}fhQ85}LNPhZ=u<lW_6wwHotf1>D$+CXItuNT;1>30K&Z(HPifZ{+
zPB-}-_g|xjlXyNb-WnY&d+QM7qb(3l1=ddjF*x^Oc)vfft1KFa!l=ts3qopwD?E=a
zn~=6NZ=w+*q-!4BRwR;NlFFa1X};Zg^do(GN7O0tsLt)4NB@G^XcHgku%z0g+F&};
zKiJ&dQg>N3J69=+#z>aY^I}{tahd(9rCQ#Vdd&2ML5Oq5qY_5-K&8fYH9ANF!}PWR
zhyz2%t!&HYt&U&1o7!l&j6c5hu?Er$7?KQXY`8Eig`Zl`5O_A$jLb*31~h9;8IC2-
zF5;Nks#R8C*%vs{;<)Nu+;2lSE!;|b7-sPrJuh2@W^@6&r>K;ZST%PE`+fM(I_p`t
zo72=b&o-zftZ8n;aO7-a#z8ChgO&#C($!^9I-4lg`v3g>-*d2uTfvI57NJTw0i3(7
zOn9+ASUnO@Nn7JleS+(W#NikQ9dc22H*_)Au17yCdY;pDq$Hb(*9U#fH%`nU1W+?_
zMLb9F)fc(juLYb|dY_m3S5yYyE3ddk-DGMq&hMrAX_uuVP;NOpvAUws=2AQG*e&N1
z`Q0Fu4~Yu$a>vbiLBIDGTJ_qG)r?gl?^ub1GsSA^!)pe-7NNqhhmt+0w(#dRS^q+`
z`;(W71vg;uUroX_wMaY6mo!Xb&)}J#1nWHtNi;KAn+r?$D@T*BHq?ya6@c`gdkR9|
zY^pmsKL-EPO(eRXXLa3V32c@Xqh^e6*kE_E&oXV}_bt^=bxl<duwoCDll+j8&yTE6
ze)3l4!2Zb_+YDJ(AU~sOo-{&AY4hZ}V+aW&rypT_O4yn?G?c*h=CdrI6+t-AY@ESY
z0T?1BR)W@B2&<%o!41-SKV(5g_CgHtZ#M_LZKOV`Wzaz2^Nzk@4YMN>1*YhF+3LjH
zuB!`K_P71VEdn{df|G(Sc8+*OO%e|TZ%$l)YH2jHd&Ir|tCaUAt68tjoTtpcfB$~j
zSO&8nx%V!#Fi;u^(*roFMHo3590_6OO1TaQg#AQ9zUbU-*-Iq8cP%WG{Bq1b8xL69
zbSrBN)f6W_nCuoo6uuGR3`5>U0X=^{D*;Jlc(0vO%k;mgkiapE^1!jSuAL7{_*sc)
zMyjt)))lGEOU2%|w{i?LJYQgHVi$ERo}O2F208?{Z|$(j0O6lo^V;pI0{%3>NP%iz
zbj#}fTnp3mYx)JA@i-=dwmi|5fwOR0&s<d9buQSj)NN!_Ulms3kF2JMEw!AW*<*vl
z;WNKFi67A2S{x6z7T=^%yb5w2{g17P4bj)DosY5279Tw5K0SXScXDEOB7!$hWGkP1
zT%iJ}_1S)$swD6ooK1V13x`S<G33%yo294{-dzj5xExq*I-d1^F6(RWeh;Nt3o0h(
zT?~H%N&<C*9}Ebh0akSt(OVQp9+T&p*Ph?CegTxer@<m?lrXO=bw$X48jvk7D__%1
z5i)cQ1p5TXDF7&Xh&?aFlHuq(emm8YIv}Gd>-RfP{mePeh-*s<O>}K4;;LkhR>SIM
zk}iqW3s>$*PZW|QAHqryx~X&O)3!T%S?4G1R}(SlJb$;l*deBsmQU!@f%d66o#=UO
zfwG0geCgGV8=v2nX~$B)d#v61bqdG<$hCY_Ya~T^775=86ATkB33lwbwHqH_fFCbI
z9(mbXttx4$r0z=CYA0(WfrM^Def4+^?<yacy^D*XJ&TjovH73==*l__a}vDmzb{WG
znq33ryPoBYy;aB_)F{%eIxhO_oFjky@8S=^eapQ(vBQF*Se?=iqff;wp;EuQIVMmP
zkz@vEi;T7{JfCRg*sVOp`8aZ$HUSXKN(2_JoWq5Jis%9n-<W4@IC)z2aG+PHHXNt|
zzTUt<R|nhJ>_F`qZPaQhJe9&v-jKWS30#)6DcN~{hdwi;;pbevxdJ1h7k}_`TdUQz
z!=f8<+ovdHcHVlIBippC>8#WE?bwp*nY&sABC0VbE_pb&UtmVK^_pNkUhN(vznCNV
zQ%1*X^0kIxeMLniDQB0YcmymU^5@-S0OsKkQYn?}=`~gQ&{{b>pX|BEaPG$E{Uv=$
ztadFqGD8?>HFL!`#?Ku5AnaWcNb^>kWuM)5EvW{Tw*fH<c*e9-;dZ-!$V5=+L{P$d
z>CmtrRiwiE=qGaW@@M`sm$R$2iB&n9Z%lcjsG=~hs9?!3-AHXO3K$&Z!KoQN=-4h_
zG_z{n;rc+A+~)>PFpLEQMy@&h7QulAl=`Kf61BewXM|D2!DMtg1OizST6tD^_KIpd
za%XP+%!orR9=@p#CWbr?-Dx~9_H)15>N;zx?$nR+K+<Xk{GRsd6vz$i8=L6pX`h^6
zkov~J17Z={s`#+(-hZ@D-FfvYTn^D4B|x}dc``gw#5KF}g+PerewI2nYx)T$4os-p
zkMgN{_NFNtWN-p>V7T&!U)bDAYdpV5@|SUh3M^aLHj6J2U)(`nm;6p$M6dc$g+^mv
zz++2EG7)&KQn{j%et14_`TRo2&c0CSU#Z7=Cplvs!@&)4K1x<~ZMJuvz7d*d*tXBs
zWlu)-b{IH*Fh2P#o_pUtB;?ns)J5~>gQXnPV5W3jc7jA07>gXB!o>F=Hw+-KA@o#5
z-w>sj{&|D|k;|osDyh!O80D%BcfLIfkUsnm9~Q3TgsJ(*v3;L+w{pbItLTU|mUFO-
z22$>e&Y2%(f3{KL>6>FT<x5srtGDzQzkCwil}_u4e7z_QHmA3I5x1SXdVX(*oToK7
zZ2HZA2_TFceUYnlHSv?Da=1Nu)$}Nkw(BJ&hAa;9AFZY7XnZNeB<go@-&XL~nfSw{
zQVAw0)H|3Ji!q2qP140-nIBK&mp`C_lg1k)Qq_#1F0E6Z6&bUSsSS;mj^)-Je!%!4
zJSue@{R^Jn`t&3_l-NZedd>uInhYgo%~bN23v87Ar&wudw48Wj`dnd@AbvEY*TTTp
z+)Z!!^wcl#=l<rGel1e1>N*@d<RU#6g~QDWP$#8@VK!XCIqAXgtpEE>KfhD69do>H
zz1R4<5rpR@3xt6OAY^>IIt(~0jxp7tkc%3)8^i24byPks)9Nca<SndM#&%6~i%}d#
z-Yo*~+wzy>r+Yt?6RbX|66*K6ZQ-?jvT76R-ZkGQUem|zakA>KmA%YDD09755dGIR
zXC`1bGnyM5RuDG7did;bMkU!D_$&s>3{sOg0cfxN2i&sb5^qa*GUk#(@e~Me{i4aO
zH%9YR=EzgzcnP@4g@A*=WGom!5p6_fU8E1Gf*9LBu?3Re{Z!xHDb-B@p4WzJzJ7m~
z`vwc3?wYDZUf^}(TSNR=wt0Vb=;a#iOmyQxr<>t$j)6sy4@FU{@OQ%dnN#9Lg1lwd
z<&TuKAxFzt!iw#&Ec^MzpWXxSv*wut!@MGfa`n%~fRX-PF*P*2BQ1i75i?}0bGI)<
zYHPOX$cC>&^@c&R()=B22`W&AVxqHzHa`q{tOm7-PSq~#PuRBo;Fxy4@Of_9NL4k_
z$t=DI2iwC|2;WA4;8-kW=BJQ4j`U5EzT?1@FipBqXWBYv<~q>7<8R)}{O<4>wSRGU
zzU6(tBQp?_8{=PaW;AV%1ppcDm<4wA<+k0ikn<>Lj=<O`)Ee=Z3YwNAn{jgYfcN?P
z@#ai`CMCwdc3$9+3L2LWe%oup*<EXZf@0AgU;sqEZbX}`8AF9CN%`x%6P;#!9YzO<
zn$+$v{ZC&Xpfq79OwlkOT|B^BX7}eDtOVR^@nkVDp@Y47bmXXT<L~Lw5ix7prX^&n
zA#Kpv;!kqWWC5W|_V4VIV3##nYxY{IN0lN?D5d2160QXdBXhnQ0AS%p-?OW@YvpeB
z56)Jgnms7qplTG6WFoV&r1yge=o&_(2dH_I(B3NFzdbiKCO6zX_UHB^zHS_qp?c(~
zwdHSNGTYw>=9i3sG0RNL0U?rDm0*1~|Leu&gu=z7Wo(v*rz00cU?a2lK&J1UX5Z<K
zgb4IY#65hL?CXy8?9w#UqprhE1LJ%U0DpN<`@B+>tXmsk1gLN4S;%}VYI0_SN9w3q
z1h!YjAL`U)e2EbiPr(*jlZ>U50DuG*wLzI>hHNh>fqXh7niRXseYELUs&^e8#e~Xy
z+bC5xG^8e_m*AE0P_p{bV(57QvHs}Wn9Xxn0a`E4Pr4&e+q|vvqW~+puD}k<wB_u<
z^1*uPPkerEEBoi~5^dJ@=?ER!>vqSZKDOgg=m*|3*HvLG;O>I(=aezGrsgRmI2IEa
z_gGA=qHi){OSP$rO936=Ht-dILD;~QIDq0ilTP|ecT1V6!1JfOmL(B$>`qomOiFi#
z<DLYK_)XPSJ(Yts)rvtKetDLTmY?%4vc8+=Z=a$FnW(&4Unsn#syI=&liPPd9uo4&
zuOjm0BVMU6q=)?2Yw^TNNs|)h%vg`6cTHJN6C!i~iVZZ%b8>xpJhk8PnQkQXzpQj>
z7|@4>+h%$$X6#(Hw7$SWieaOZaoswQRa`fKh8V<>1Bh=1WuR{mW(d@{0?3dqyC0wY
z2BpdOl2fWd)u}>nmK-I#Y2+>KD|hwRbK7S|Hf@@{MKoT}R_X(e`8e~B?28W4?;5In
ziTPG#%~SQ~x~$aczr%lo?Sg)G!gYV4=ef=Cu>dm|(|3*Jy@d5J8!A2cn&~f7;}ZRj
z^mU${Z-#E+!untBfF{lXgiF5FA4`n7BrpXXH@9p%Tc~X8s1~eB8COmt@B1|^#oKmQ
zRZiB!c9S~v{W&wo%Zef#003E(YA-|nUq&wDt1UPGsrVn5cWn}{wj{D;q^*s-O()J<
z=Eq2ZS;JQ2M{4Q$`pR)f?O%wy2jq*6l1Y#F7rf;%@SnCnwNx+bG_k}DC)MXZk%JG?
zj$9t?=PtC?fv`OJCQbag9JP!XUX=GUnT&NXjH*VnCOQd00=y?-WSDKxpzsm|Ivb0D
zx`~Opz;KYLI@5wlvtOG(!zs-il|@J9^VW8*a?ZWjHT;!b`Lz?^e74$zxP<$b3VAO^
z`dhY5^Gx5;JE8B5$rJzmSy}y5&@ab+zTxiX^3||Zf1C$)Qyoc<ScJwi!$Ceec243=
zFXw$G#XY5CC2G9$U4Yr}Byb87s%e4s;>lrtjg^)8ZxFq>#uVXj?j2#^*-k2JVgwI`
zSCC)Bkr&}r+uq#Yfy&1nqOFHJSLG)}SeLHh&X$iPtQ!GfET`{xjlTXHZ9Mxq{U&j7
z@1I6xr&Qv=H*HQ)n&9u-fvfFq?Rh_o)zQ6BoI9=7yw>B_hu5d4UslT78XWp~oc73)
zl<08#ce!of@vQAPjlkLqq0e{d0z5U+A|GxRe`jg^CVC+8&yZ5R;6Wb~MiW2^pd-RT
z*5l0Zx<WQ)W5l>y7=Ssv+1IN}WAf10Lr^S7@Xhp8r8iRHVyrdzY|d$s$)o=bN=Y%v
zs<HlAyJh1jzVaaQpgjGIz{KaS6<p=xnkaX9Ja8Z%cyrO;Yod10;H!k~3&u=4-bGN|
z054MN0djWKeb|hm{nk=~1>3vsZo9Ag-HxC_Iu_i#CV5Sc1PVveJZ~C)c)f^?ukLsC
zu*e;f<@{*leeh9jel7W{OVGrR8_V8q%cDPhi~9|A7l(gIoLjC4u<H1kP>Y3WQ~6<3
zD{mbT%g!jtZ7#lD#QPEro?NzxsPs|268n?+Ak<sdQk=c~H<U~d9E}o7ax5lV*9%P2
zw%P^s)|hr{F3)$|t3pO5SKhF{IsKm8hw}4>1780W2ojCkR2KDoRhRw@`~VlHT$GJs
z=!KGjRHo11ZC0GD7+irD?Tw^Z#&DF5)tXzmKD?vGPV1?bO)~>)*0)8oy|E`<$#~_N
zCNWx{f+h>bROG0S_qLOj#j>AVr~Bp2>StM~8L4vlv=7Ij7e|-<LxZb^c_$*Y{GP8|
z^l>0J7;CBZ@fLzvzmHwS=POmlPvUA5#}mBV&l+EF*@SM)Y&RTKS%Q6KSEQ3bS4-2w
z3MyX{{I0V%G)4F|w>T5?dNG!9Yr(z2w>8JZ?e9vbscY9}w`Ap_i_U}ZcN~QN{EoJK
z&o&!YUs3Mx{pB2u_3TXZ(u<9L<FS|on^sBJ%RZMYe#Bm#HjLFz%erdn)Uf(qv|{QT
z_tmCB5KGzHh{fz15Z^I@97yE1LhBa(MT1Bv&A4ItAS+ZdH`Q#d=(~4N>&b?PDKk>T
zP-?d`%AmC;;}Jb+QoACo9QP4`YT{54ZXg&04M+kKKpD(=oCa4m<@4SJPSSxvJ&-sn
z3f;4R7ytO?<eQH(8<Qj(>YU?Tg?~?*jcgb9pLUG((-3^M2-PUh{ct`Kv^Dpj`n+0Z
z)aGJAS`weEq^I5uY6zfFX`qjG({tUV6&Z*Tj}yrb|FD1W7WJB-=0ZOc2{`f;3j<a&
zWA6x}ea#H2ls<asLyBZPXXRR#e5<`(j}tm$WfWNx_G1!$<alIVE+w{~RV^kiNFDJY
zzE8bZ=Dv}2I55}c-B#psJW#ltF7@PqP5JP_lg$GWx#K_2pfQm**w3~0PPdn!bIu6J
zJ7ev=KS!(gZ=7WoLPr}UdIlZ>bd2BiHk{fjYbQjuB(8JEl${4=O}qR!s?~|hTfQ;8
zU}x;k@>V4H{qfzpLP;y-%<BUK#@mjGgTSYx<SdQEN(v?AVcsY#0#LV0n4zjMT>-z%
zB^s9v(9kK`XxeY_51nUrjdooy%`5J_Zk$<*GKZN7@J`ileQoSKBCKYOo)i(PeM&7h
zt2EO6*OL!~Xw9nY59}IT?RJgrsa(PVgl1IxckcE(%d=M><s`4&s`vOnQvq^R#=&Q+
z$}7OY3Rg25GCooqI5zzD?sZPOuSNf;&}!>vz4l>7-}<VZx1Q6D&vL21|4zN0;QoNS
znVcf%OTmrZjuCUAn-|I~P*j3|>4pSC*MP5%LHc6-oy_^A22X*B{iApb@S*1m1;MHp
zX<TU*<0k<pC-;x4lAgoF->|-!stwU599_DHXK{+?wpiODVP=nN7G`rlzqjwRh4o>v
zrD?flvQ_iq`09hMk;+)%_9T!P<4VuBS8sa8Z?3LG#6+(hC+8~lF){!o;a8coVr1Ct
zP~osZHE=v8D$~V{A?$mq#Wtzy0gc%3b44X-?_Uiha!eE+U$=L9`uL`%esA-$kKUX8
z2hkkc<b;`H-r)P}^fUh^zidy)5u#tt1pm0-I`lhst`1biXbRelP<eOY+UdVzDt}?L
zd->rlJ6RH$wH2uE4LOD+bmC}mi_-&jKn;zVu1@UVjWWK=z^=dj1!Ierjehns-n*HE
z-Qu>#=uN&!={NZO<g?Mk$Y@K??KXCQyCd>(=kJUkIZeRe0{tNyt%HH5ZRe$nXoTR-
zMwrUeug=>CCPxARvLbCxKg>f<Mrf~g!=p>8(e#x@j=_z2ABdU5-Js`;m`E%D3wS{=
zvBBZUlh6`1asqPN7PS2oSB@JGm<`Y0I{mFXtl<ZC1>TZUX&uuRm7Wd1n3e2kUg?LU
zYe*nohCgtY7}6gJ_vDMA5i|n29l(0Vq-nDw$_p_~U&dHHn6tufs1JS@TUIYvzWndt
ztdlTzd{j@I+iLl9TmFMw6UEpvN9WR<KgSri$7@{%G!E>6?4GUs8uIlcb@b)z(h*zY
zCC4wOJ-&CIy>e05n^XYA7#<=IEF!@et_HI7ih#GCSqq~SS8M*8p-WZ7M)SY*O`(Sg
z{Xfl0M%^RBzxuylP!W>8_~;_kvYnN1@sJ3;4JUDD*ub#5cZG!}yy7@U9_1&lRo9r`
z+=8D+RJD%sozGZzIlWtccJb4+Yex0bT7B+b0q$C%%wl?J=z>NaGg(--Yr`Wr4@Q@T
zsg8!=v**FF5$K`}Va{jeob>UfB+opJ#1Z7wUXr7tsCbV*z`xwKp@(V5$QiZDnCm4X
z!x(`I3|JW_rvo!f*oA*Vtw<mRz+sFSuMe?FIv^0_rRiOD#+_{zlk(<>`)b7$uXNZ9
zF)t&qvm=>rs}4ftmXBpEPcAm254Ag<e(+!K?(bSU2$FMO+Lmo?Y2ni?5yVhG_Eb{F
ztDJQDEKN%<d;AV0e(tLJaOubqe@?RA`guJlyZfpez({mMu|PLh5+`$Cx4OU+Pp283
znabZkJQDnW=H-T7ou6-C7H@~X;dniRH07=>UwF1AN87PJO}gK5r*7B+Vsp+kVT=!{
zfI@KNq^o*a!+qp{wWr#^IBM&2h+&>y&`wb9{FT01?cnR&paW8q_sei0n%&rDp!@Ou
z5piEiRpGJIm`^xJ8wUsV4j|I_`l84cglv1&@+lE|xV0*x@pl0Rhv~amIPuK0Am?q%
zCSPLXjlp4{PDY<m_rG6`S_L#fiZ0_~)$ALyfR%jogGeNn2Ze(umCk}OHo_UD1q1ZM
zlrUzKV=0JJ@$)3ZuoA)4B@}>Oohm)BQ>fzb%e@gqbbONjZ0niR{XFlhgOh%CA?fAT
zZQji~hH-3)3oYf%&wq{oh?Dqc_(sA%i8B&?PU!0Lmx91D-e+&>{D99@VcDZ?bZS^u
zv`?F}hXtnuwTHtf!y#UXaXY5g$796h9Q>G^MH(SYSe7Z#`!Mn7vdhBqQnKpeJ5k!a
z*ObF=pL8}4ByU{_OmI6}e*z<^xtVmdY8c}Js5Ds&nd;AU55o|HROIr_=Z9z&k%iNz
zB_~wre-@QvKDSMGZssgY{mt@MlX3g_UzEiNQQSgkzj|t^Fx<5SxOPueiYW?We9isU
zFI_E;`V5MQZVYct_D!|1Y2i+V<gjPKAAjb5iBcNE7Jk({IPNXer9=;iAi_6W$I8Vd
ztZY&?71>xZw#L10;5`5o1MuKDnT>0qKoTD_*&G0)%qa8zcKgt<-dT&Y)kXM$0~03-
z;$T0eVL7&U(b{=-a5uLhFM(QqRp?geh0o0C{)Rt?rSEWj<HI(4DzW0o*jE4M$^}6e
z!fF3%><-C7<okJk;WS*+wce*~DJbyj#*3?G3s5KxEA9>*0DKhinGPh2N|lc@-lsFF
zlFs$k^k#Nqn(^4J9eK5PF`}@>CSM<1*~X1u`n$oAxzJZAX0V@B2~oxspuNV)@D28v
zb|>)_)n7EX{w2=zgbDa)yeycy!O^-|)<r9h3l82D+%R6f)j4$@vb=kamy=AdZ2X={
zHLcm--aUigFtbUYDx)kBGXV6V;2x&1MNkC8$oyw*R*^o4^)q9u^8o|C?I<vSZ8ZNx
z8KvKAh7E9=ns}{i&(=+q@BJUkCwXo1J9zpGcL;)!3<drE8N{5=g#hYc6#&?_KncNv
zF`nh(e)s1(<GbT`lxp-D7?`$Xf&LpsyPw;GiASPcxke$K=X(3jkAF(LxYFizDg3#Z
ztV-X#kLGLTvT=YZZt{sw7~dRPZQ1cLZ_H^+6mnVK>NK=ik`KBdd^*ql@qMGN62DN@
ztfdfT_!0{0^)xrMh4*^0&^Byq;)|W*zX}9c9!;$!3J6Vot#Y~IxY*?Ql1cVLZr+MQ
zIqrQvH;xh*SEr3>WSyWDoDArgNk4AYU;ZxbLu?A{N*GCBTGcjY{W7pB!~UH6=nHvp
z0<hKIBf0x;{RwfmNxI45ws?-nYq3hZyk*g<(U}L$x^5yku!{2W3$$Vs9cRmJ{glH8
z(zS|7We$12?>7t<_1s(3zn3Mdp8Q)VXIG##4(Lg7m8kfQO2c5$DXyZurKm+*6bwjL
zE1bV06OJR@WS_J-8$YX)I$=(XALH?-%>|e1-Lqh+He5H{{_adVafcY#HT|>tS%_}l
ztsA-bkB;_t5AehpwrMBx!1o=!g{A7gkZ;%qeCocuJiC!A=~PPYeSG|?Q|9soM`+8f
z3qzOoFGW34)2Hu1HQ#PekmxJ`7$yKo5^hKeyGK%dWd^Mj#Z*}n8yl|9KH#rbyQ-Gu
z_0O9Qmc~{$@m66!<{Y}!qUbg#RhV#(9qb?P2|k?(>}Z*};kfg+ZBE+Juz&ZThje1s
z*pt-Z>`2thR3i5rxoYlU#DAuLAKtwx@g;UvE{>?V8tbLTF$nY?HMv{lpNOa97@xr*
zVUKY6`f%vW3cz7DtwHrWl+PRxg@Q%<o*sF<09Ip~n3-U?mR(tku53v5JuP#7;r~z=
zF&tFJDj8aHSHu-gQ~1jV?P+kg6s}WevpSeGZu=R7ZepAwhw+2rrJk&Cm$jO?gN2#N
zdKmRjzRxRE@A+F)pI<D6ri7FP3d-FgE!4U47z;3MvuN{Iy=5|0WK2U32Ol`wAfC7o
z$XAJ5^Cw?@JZxoipCnwJz28kdd$$*OL~+WK{*a}%?@fVHqamsr2rn=K{r4Pj0Mwx9
zi5e~>h#B(Dah{c9EHB{v?--%~iJ6d0)hAC?Mi#c~l#xm=Ew1(CWLo6p9;k#SAJ}CZ
zc?kX!UL$Qzp!4b++;HmG6w}hv67j+1wmTiEz>lW=u34W}ofUUonnzy(WY-GX=tN5!
ziw}luI+m87Y#|XS1kn5Ps>an0>O|kms_G*`=q57<gB3}!z*SXK*N6SLO2K0-9Ln)G
z=uo}5mv>TTWImJjXjHf$;uypYm~n5d29TOioH|ae76wkoepg0vM=7C)ucaCQaad02
zw60|x(?^V&nl4c#R(O`Nsqz>9`cFUQB@T75@6@~Lvad$lkF72prK?V>R+(0C|3#4V
ztE4SXK2T5|TgVN>_luv~_+M?Bw-Yi#u2K}1w<Wh-Z@HJ8$l1J57NC1i@gw~8hZW&8
zDhxVKq%Yzrk8R92h=tZ0;}*ulXA4&0b~+y-!NKx6I<JPdL*|c~{zzHxD&bTLWm@G_
zzHYwFsGW&Fx>Tt&y5@8C%ARTdfuzXu5v6cJ@vlV3@`KsrM;b*7QpZ(fzKypMe%UX^
zNCsc9`CbaT9;>|uW-F85o)5YNn`Z0XD$to9H>*P1Fp7f709K_kplBY!nNq~Q-69Ew
zA(&w-y0bfX2Zynr*(%_7SzBL5>(P;B6|v2F;*5N~ugCxb28~4lq=jPkH#wPMpePJ*
z!wO!JuNn3Bqm&qqtQY_l?fA>(b`d}L%Nm@QP&Yn;PEt7znpL_Vr(cd8xa1K&_J0q_
z80+o*@OXF(UyZjps4NdOYip|;;9(93fBz(Y>d<(OT{7Y1ph>93sO896MxOoZlqER(
zP=kQqP?p$rxvh~_0R?_UJwxG5plApdiZ#PcMR^H}gkMuh)i*!_kf?Qc2lw{8xfk=U
zV^<zmN1}vz5;oLF;iT_+DPZa`-C&QGw<I{FO8T2GE|<<`av4v5gJt4y;9Kaw{9}a^
zvh}-jksb+}t^tSLZG%a!UXpT$BOL!mT#`&zYTA<49fsdjb9`+PGn|0myKCa&oXk>O
z0YsJI!vLY;4YN4`t*C4ejH(%S$iUR}TX>tWXswQBR;w_+A5qw=A8lZz2Wa!9`xqHk
z&OY40v4Q~|+i=jpXIEngxaV5FQrMgkz{OzeK<B+XJUll)-72SW_2J0Fjh*@c>-tI?
zlwWL%m!=*&kO|Fsads4ZX0XPZo$~4fyY$uC(&-$5`k+sKJTex@tYIL_i`7`2i9D|+
zI9m=b>2KBUo`i-NSF8Hf??%cvQTRO2s;_9m;*p&0FMF}YSY9+<$*2?vfC3pS0LBmk
zDDsXxM}O^5;ThCD%UdSl<q!T{tTxqHWCRv}qknnh#r6~lnfBQ;J>>8=iW<wP!T1!S
zqz^&eX!YLtu`qKm(Arb`bguosAN|(?pRfyO2d$bfd;c}{|BwHnx}?}=(W%p0^Zpb6
zn#xEd-l}<&jp7F@awNtCVZ+S~?DE9DwT+Rfdd&=Q)|8p(#7c>jGm2GIbTtic7Lxy%
z{NiB{c{9}^CKAQ@8~9-l;)d{mm^n>A6+9*1%E1*N1dIwqr8#$NwV)8BT)yodyVJ2v
zSgr^qj`?Seoa^pZjYQ6y`*PoD%SrT9m`M!Dl?=K39oiBiILun@>C&;_LtOiEdT&~z
zf~K){2*b<s@b!n)LBHLY6T)udLE@FCM8cN$?aMQEdHLV8CA6tVdQ~*$5G)oGRUv$c
zCJ$r9{Dek80Sqk&#}1Q&Fay024fagkN!o2Ofd;XEvS;gk&rkPG`V|5@mjXJR^Hhf_
zdyaQG?5arhE8l*r#5JFCi3WHSxbY2B&-h@t;c#7gZ28;Cnl|Z&j}mh}_*5>4T@E^I
z$SrTxD*Wb5#BmM`m>5`c%*<>EZ*#XYMt*BO7juhOw8MmpM!?BoU`QAZE{BN?1e5__
zl=-=>|Ht6d%l}}b7uIK<KcsInJgQXul23;*(*|4p;#YkmvipgIxx*A8$Z=C3Kos(n
zR8xfmQD~11&H3@Tx6fCt11l9wuFgCUs*dWCB&!w$O4XY@1~g|5iY>=Dh(W)J-i;KC
z^}@HLqyJjEDk$U_SFg!7A8)9`VLVz6a}M#o9D7FWU9NLi#xbg0drkqT`d9M=Kl8Q5
zZJD#axp9d)s>MD^K!S-%oKJCf90%{gpi^QoRX{lqMh^zA36sIqs1UFn{;>d=?<!`c
z(yVc=Gh;UsL)|-NeHOR<_17`ydFhwum)qGy3O!Lqy|lKEyaoUzIE(#h+t6)#xf`Ok
z2t+Rq`|IE9T)&ew!h-j|y{ktq`7xDn9eUQ5lis6ut+A~pG&o457BaUCeurC)A)gAA
z9~aiWtH~lFwrc!)6BdTSp}LXA%5vnm*%-g5($fPIXEC|+_mc*2U6$)qV)hlkuj@0Q
zFlcu+1Sx&PC~_?|P7cM0o<+e6qLT;cZl=8M-@!$;hJ*x%oXe`5>dr(NIJTJAC&y38
z5uD^lIW7*K1vM$O$-9?XY%g7&1g^7H<6S#`czM~;$BStbe1xkueRf&*#=5TV`<~1A
z*!R2RuZYS=KX^H0EWS&6KiugfEe~)OPqO=u6UT|eAe2;+72it03~(S=5&|vu0ahYH
z#gAB8_O5Xp+t099ytjd__dM)kJ)ln{&bIrS%!|<463^!@3IC!<L$iF5ht63bL`<?y
zAm<dBy4L(@cptbA!IUjAJt1^6sQM(Nys_>1N8Bq{HvbXpV8X^we<I@|z({$b^&T8x
zFmk&Dco2y|rnc!I;JS)Mu4T9P!jtW%&#~{6r+z%IpLP}}cNdI=3O_F<XSIhj>NCJf
zhNWsA+JeCkBEYXGK{4cXjAdNRY9A-mAtJ$gK&Csd5xH0Dm3-*cy9NB3R)>a+dSmbI
z!042_T-WJLbv5xq_#72fM9PLw;D@gQ#1s;%WE`LErqBZgl#Tt7s|7^j9Pyl{U!kp8
zWQ+2O5KY`K2#61&w5Y7Cu`9JIgM%8`wD}{Py9dB}tu&65raTge1!#o&024?YkZ^Ej
zoBdBaAC&s=11+Oe%a$_XIR5;lyFG^aPQAg6zuR4bAwHcqJAd0hpSnA<Z+iNJ<HfSR
zNR1*J3(&1?s#H>GRI6m5Ys09YMh1p_eYcXFZo9SNr1VX@mbs8|t5LZ6`>13>^#{Lt
z6)m7fT`N+ZNk_8)hX$}{DDwc4VX>^{79|#>f`!2t)I1)v2`q5qOt)J`Pd`N=q2$=`
zb9F_C!J9Y@FlilEcKY0E5d<*nfn~YFy5T*>800%`p!MY}3dsw4&{c+ha8+w@+1j+$
z-r_sWgREiYt8ZcA7~4A!>RdnAKCB;nB>O3~aeHn3RH%Q(6mP+uxS<=BI%xbTZ)w^&
zkbgN(Xf`w_@S>yH=<wK`xK@85zny5lRJS+X)ARr^fQ09VDeKca%!0Hs_#{BrUxE;E
z5|euf**l~tr1<aA5;i$jn|On+`ild?Wkqe8Sd)HPWm^Boh1^AAfr*ysj>+KJNc&=|
zyli0mm{g&P#}_7^>nh50<~n*CENro!ZlAmLuhVle6!bS8mbs~?@QXtK6CV>_Tqa15
zu#pFN+C;<|l%>Q0sZY5M%VIwR)G;HF_vAa1D#$G-4m=ZpYJf$79Vr@)?*ZE1>yje+
zZWZ&Od%~giF;ny&8s1+v{S&{I9wL&gOiD7|BT3XjaQSoba?B>rZ3wS^zDer6b;;Nh
zLjj}O2z9b&GZKWgdZAPA%N4?Ty?p2~?I5|3`+DiNf`V^{RyE#zY2ouyj{AHXR9Z0c
z#OK_9>hhp?H8GO-)u~JFl7pk{N&msMuBlFc14qvnI<F*<>Nu~cSB}43<KS%ebWwrA
z&1m2*1fgaO(q^87)I=d++P>VuV;aF717lCdZ0`B4`mR5wfpvEa;)lvwhkaBV5wi_V
zmOC>X<E)C7oYzRwW*H7Jhye|F&CyORr8XQpF!C~{mo+wh$7n{wl^E`!+8;7HJ@ylY
z(NVds6t0xq23TLl>O;6ct?+6f?(^Q(c}~!sDN3mgb4jN{)CDrGr+vyMVL-36l|-HH
z0%Q;nWt6b2!MuX0Yt~n8>U^|XxFQ(d9S7=mRZ@xkL=|R?<zuFX*6(tceU=~3GBC+_
z9#>6hn4!M(ArADnoDlGrrBa*rGTwU^c$sO-)u7E$vJOW6*Ne<KWC{JwSJLt!9e!8d
z-;cYZ2=|DD^HXBaS;ndG8Dp?E8|tfR3QmX8!4PCPP%{U)&t1Lf83rYTp&#7oVKjw;
zNO4WX^~{@c5j_N9<~o_yKAX$6kjwt<e*?0!>~|b+jyA|$x7rdbTRM6deWrjmZx@C8
zFUSFNYYYv>11nN8Yrt0;n_^n)IH|<87=Z(xLTtj6$aVENSA6yUz7dTOeg$$R8^4v5
z&jlDGurLHWkK(juR3Ss^#2WeAl_(503YlRiF*7vnn`3GTN<w%<7NVp`jB=klp5Ze5
zGQ&t~I5MUdnUNZvk3hz_fcO-hsi_dZDje+}Q*;}O!vK1xJ2QM&fy9+Wr$hJ0oyTX+
zX=jbgotLXUN2O*Q(zHimOl}|Cd*}c89SV^q457h2`*zh=Ez?4I=2v5h)wFy^rRy3V
z`97Z$zyR79G0f1X?P*6F$W(W7=s$Yyf3{rJdY>x#K66;uLy#d1Tmb&0=JXj0j&Tjs
zhnCLGa+$DnJd?dT*#9@Vu+*}(d;C;{`r-G~@XFW+E=?^G(<*LlqrqwThcU4lkV(?4
zyO(!GM_L^yZ>=hUz2`#9^kCu0N#`uwx5>E#Ph)zF3V?kwn8ovn8J5h+8;d2`!m&||
zrd5EF0m@ZXvK0hL$-iI8TG;YqcEkyHO|JG9Oeu{IrIVGP(LmZ6E50x}2<?SOSlM{T
z7Kp%*+6}Na$5&~!`G#in)Lvct3S)a`?o%8ZPg<R}#Q$quHoI!QIum>PVl;iAuBl{p
zP`D+hlZe_IyU`ikb#|-}-$$xJ2$mLI3jUXNUcm!Fua+v!V+;U8(k(ef1xk7?j&rT*
zs2?+(2{#Jt61&mXg8;}ggl_|NEZHDBBnX6k@CM~W`^yFNX6ma>$R_Dv&3oUMUUJ1T
zDDHUG78>HWnvVW@wxkc~a80h=!ODmfeXGz7i)_L%n(8Q0=JP71upxjbTrWVz0_w)<
zr(`M(AmYLnaYyfWWS#Pzv7fb_*hD%VjD<;gwg~mMu-Bk`95gF^?xrg(ntxoLj6{7@
zR)mt0D!P=$!qAt40G=N$1|XVfl-=hu5Uh%ybZbX^lp+WE-dA0gT{T~R4ecT%uK(wu
z6PQrF>{`{8Yy85lL)bDqwdko9&CjiqXp7LDkn`h@Gu1bKUqyf9AY2iX5Aa`(m}a6g
zR2_{t(!SSR9}t01qMO+?%?SwvGuavIYv+Rw1UslLMiILEm>0342_nNSN=t;l(s}yz
z6OREDnBh{3jMeGO?4x%{6Po2PzheM`Hfz5s%4~O&krC&|8gA)UaMe^+efu0MU<BiT
z_=66(V+*HLzMdgx3!tBaZ8c#~GEv|G{H1AL0bmONIN=_YGWeG+2%-Oof#lU!!_K3J
z4H`i_7}8~)vDTOzz+4FON&>@lVXOckq0=;_q~ltK+mL`lxNjnPPz`h|Af-sG%+tDA
z`j`jfFY}ciazUP<KV)rhUtXQAhsyrl8=_4VZ0$Tg=?YQGo8DUGwH#hF?`vS#JUQOq
zc(Iq>9vt|6=&E(~a;G`u{Po!$dv@N|f#{ggTD-}d?=^D9F-m5Su;PI}*@TCL7N^E(
zG}}8*%l5mj+;^3u3jVNR-3m#SY<^?TbpXULNYebEhILwM5SW?+r?TyPYjVTLCH)wY
zr;7`shDZ7vDAc=K0vLV3!IZqF%$Cgz5o2&2ZjuxKx3?w_PKr7qA%}6wAQo#Cgf`L&
zrbP(`vkpW>fWPz9n2zUTltADxbjouY30#ZPpM|%Cw6)3sprFKf*AW2YYPG%q@2&Bi
zZXhy#Fkc-QXo4dk#}G2EVnvbo+9+|*u*2iYfT1hjkn>Q>oqiMty(jfw?JHmWANT3%
z9;dB!l)ZYJgUQ`vOTSYe;?NkO<7#Ymzn$+YG_*sW{cZK@1DezD#)9&PAXqO12xELx
zf-A4`{t@&$%cykP?An@qr|)Unmp#vAd_{X7-GlnubP%w;*%zkTFl-VZFa=mJ13)_E
zE)-)&)<+7lp|H&Z?>|UIZEm=is(5INZA6t}xkyVEA_kc0yAiNB-9Dh)52!>6vb<FM
z3pIjIL0)o!AU=AZV!KHhaTXB?0B6vb{3wc<v^2Q@O7c#3<Tl?_(N}^flhRJ{cV0AA
z?S9mcL;@sVkSIBYjWewxt5lR101W^(0Xi(uC}VC91P^e%Wr}rm1XDSXI~AT~UF{t>
zUH-o8FUv!DzRqkTTINmMJ&9f!MR~Juy?04|wwu^W^xNG&U0A(RkaG<+yxN<u?(z$X
zJ^k5Q+VoBQ-zh{i>WzTbB;yppe8%5<%50ck48O*<7P;xWc-HaaRD<K}!=@zjqu02o
zq$HMxMN^YO{xpcb31V{CU4RbkWP7jS@j}b1Swumk@aDsEFv)J%{}{7rD9u1uQVI6c
zWS|7t!l&46NWh>XIz*f>cGr^40Vbf|N?y|qz&wBrjSMU;3l7)4t1qoYtM8K$mgGi{
zrB5Ai=F-JB&!>a1#b^*>n|j_^yq1j#&<0_ki;6gHU|@j6WEud?{*R)waBJ#sp!nSw
zJ#a`kdY~YwgmjJeM@e@~y1Nk=Dcvaz(v5V;P)a(aOGUa=N<iS<`zPGz`QAF`e9i&4
zKTOg^cYy$dP!z26n5e<<B~1vIEEC?G+<Dtw@Q%=3U`wyrZ^|)}ai_cbm2<+o;m#2I
zEOid|0ArD$qt)J?zkh?K?|Rn`?iT`1H~ah#=AUlISHBZfXD<f9p;(1zN^7Cx_Kj)h
zgj36+o~V1X*Xr_y=LX}OeWU!pJNZYJ%@!~a(_>isQL9pWYi>@x5tj|MFy<Q!L@lcg
zWZ*jkOfZ5ch!>vi+>R&f8H(RvP&}MmPjUYr9**e@Uuu}(AV@1gXax{ulBT(kFoQBE
zV%F!b-40=~nHULWdLoB+goZ?gJV!jmijn<zx+MsBF<4Jq+eByDDZL~d1mv(1pyShT
z=lz@)g@?K6RB$a)07MiF7-x5l&Y`gljgyhRd=CnRqGC+wdBT!oToWZCOmSk<!x8x<
z0&9mZ_mc<Q!BVF~G*WS~nztgiL-cn*;4?1|y?Typl;+wHzsqFo;AG~>y|PeUZ~Xlv
zcei^W+iAR)?2&D8-ZNQkS^|he@h4N_1;4#+@2w9_?@JraV^7jD#jiyf?*$X@9CXdX
z$(+V{=Nq0PfhakiFlU{w7a@Kt_irjENlYqUQlef1a;a!&F%-)~L>4`Uq7-qCCl}U(
zOg#fyoo1@dv3JLDYd}qh?gx0<ahZ7=F;EPIAF5IE0nLUkiCm8p!->AY!Ns(!KUT|*
z6>2~bH%<fuP`8KLGHGe!p`lDfp^ZrOzDAIC13pRN0p6H)G85gd;hb8`*c9i0b+UAr
zxjH$mVL(M(Q7E_pLK(`Nx;FjdDdru$p%ibvGO73z9r8F0D^MI_P(0rM!c8LLX8n=h
zed)E+K;<xua!#A)+q;z8@%#I8f&1I6TZ{PK&?hEsr!H;#m)|G@Qw7^NF&09?9s%M9
zf4w*FHWD0z0~3P+KDiK|Yi_Hq-Ygo#Kxw^k5QyS;5ih(Xp64!H9cVaoJg;hePS5^a
z<adrs(1F<9f3p@}iUy|<)(T^e7$Q!*2*>o4>E`|X?z}r+`T{I#Ly4$B48xQLa2sVo
zQ~*Hhg#$of4#G{HQlz!C{w~}oUcx|mN{sdaaqGER+evGMzDyV^{B;VM&18O>)-<_9
zs@HwrmG_(VPA+~(D1F7k;C1KG_4VJD&b8v42oO98g+~eSJ3p2C0wm$022kl}0^r16
zNl;q7^AR-@6L_Hac%?_wKK+FWEeY+m+$Gqtoxvl(v31m<+V|Z{&RWe7JPxmVTvdmk
zTAH>rJmzd`0QkR1T$YST+U4&q_t>@667_M{!_uQ;O__N2#namRjq|x+qpL&%-^B;i
zYu&dCJ#U^cmbe_clObBVcqc|qBZmA2eoMWv{<koG$FtRPp*UxBVC31y3`2kc^WsPm
zjfIJhXEiMjx0;Eb8M}A+5sw{Qt`3dv?w*VO4s@UL-u*9L#pc}9gMaluz#VEaX=R!i
z7-&pasm!6?6hk8m3R|I7eg)N~oRbq-<)lsj?)l+dJ}I2vI2`ET?#Q`q@w%(0-2BYf
zxbRe1PbAlOS4=Hw<w#(a5^1s{osWMrTQC_Z#HCtSNc1Aw2>tza7(1C<ztZfHBAy7V
zc-D`)Mx>4^ZP~Vdt4x50UQEyW!At8yoAdlesc~avy9jf3IeZ3#7IQY95ONM711IIe
zI3#LU<w0NtAK1$K>`L+aAL-gqV4@~h>F$VmH)?X>Rxx;OBR^Ft`t3?f<s0SugSBgk
zYuPhvCuf}E=e|n|GTptFH?1#%dMs}4S9eP0dv;wJXGopw$Y%CsBe1BYMcu%gUdQ~d
zgRvIF0?%dv)2OzNlN`ybdHnk-K|Cf$r&qHS)#wmm*9f9;O+vOcyu|6&^*7=+JI4-s
z#FQw28pMm_Kx2~-p&%3tL*cL(ecHd{ASP6@t*xbM-K6Q!EL0YIi_cXf+K&6AGMxmE
zu4QCTp=U1T5VMS(w#ae1+-to3D$#0Z2Y44Q<`fFrjJRrW<Mn+V<P2#EIq$&)hV#zH
z0O=@6k8CCHz?{-Y+nq*L0bU$T&jTLUWylyDIxu~Oav2aUrLg9Ow-Cw8JfM7-s<D*+
zv5*Y@^l)Y~@OI_-C7Eb(8)gLYlSO->W&NMotyi%3z1HS)@!CI6|G7N)C320^fkO*k
zR6XaizP#{t`*-{G@86HY2~Gv}YpaS49k^Va8~~s96ppKp&}5*4iRk3J%>CCbisq9)
zVo5)a-)!tm2T%W;Z|F&7uxDmwT~*y2R+$w^2Wb@opl?Ze+KS?j5{WbCtRr6nU>=!a
zI68Fg3GKn>2aQ}5yAZ!W9_fl{Mz2!kZ0q&4fwHDfdHlBbR#AH9(S3;`INFNdNK1Y(
zsil`UF|}NcrQb~vDEZ1cr~)j)hyOFXcY~005DeA*h=5r%PQ|>n1I)RcBa-d4zwGCo
zaUAU>_+GlY38G=aZ8tOf;tchLArvzu`-&yuAzHUpS!jevN7eo@*LG(YR&w{kxvYp6
z)))q{l!}|(nB6AcU1Z&6|D`jbI{)wX2Io%udX8=|vaT`7uybMwtMuP@UtXLP%unAS
zd~9v1mM|<9k7E(9J3Ex?@^-wwT&*T&W|z%cG<bEpUgsHYc<h{f_(S7B;rm2L)?yd_
z;ClL-%8tLUxF-<+dQA<bBuc780WcUtH+LwOTm~~mVWQA<-x$zFwzJUoaK2?;8TyTZ
zy0|{bx7Gov!8EPsuOz~Fds{0PM=V)t-Zf3L=M||%z)E7ir{QI=URaZ2w5fj(l~oj)
zLy4l4l(FS|l@%5pnysP+qaZ!+1_SxldTy#XLYeW*7kt}Hqxf1a7ZtT`FOkXsfi;n$
zaXJ|R0U@TcYHh@_OW$HU%k<vl=<NYqZ_c||Q!awDD(Eh_{^ak6mFGTYX<BTOB6m0V
z|0*x=cabi->BnWD_a4W?=f96;S9;fJ@jc&?V(&*53lZ#<u0bxr*e|X<kE0x$pR>39
z$hI_#?<@uXPoaMu3MLm@Onry#Q*Puqd$MV7QRbFkaxj#YGu5^qb-ZkX&1_6zN@uoo
z9CpeaWFINfs!bM_Y#$HUIU-x!=v6{$j5bb=cfta7QX*BRinRFo_zc&hYe0iypE%1t
zZfQ5k%YTh28aIqslutxp1OZjOP=Uq;5l}3Cl#<$KKoh2rl%XmYE<CwPRbs9^y1Yui
zoWFnk#-PE3mX?AN4I8^k-bN??_ljb$51EU4NQ)gF)$TlcujEwzqI}}qWAuTWk-maU
zw6QgdF3*j@y>RcPOZA<|^`{RhowawHpxgQ12BM2bM1o-SoS5PS{Z-eIS$_9M*J?%B
zQ5ngi@QB7ZYZJ*XWsCQle7)Ss(z)X;;T49}u8-s7y;~(4e}0;+q>w1kDaFG%_-?ay
zJ@)w%?hMUbW^cSdZY<n$JjdGoXqh55#jcv$#|yW|W-gnj3<foeEC_5(cab(uAs<h`
z?M{cl45a4znWWjtzXB<tUbE8zS^_*oRpWb5_UGH-uXz~Y2VFKq#IC*W=NRWi)jXi1
z?`7q~LNOni5kTl3#pOn?Mi^xWw&ES>b5haZodc^7a@DBLhAM5nDQ$I5EXPpltx`7y
zI809&H}PrgH2A2f(h=E+d%gBKefjuh68jeLnF#@P@~do$gu1o*>|Z<e1io)`)BDCo
zy+EXw)^oXYZX#7jFQs?)PLy86XD)cX^wqY-S$q%eqa_Kz)|=#r`uxk0_u<FJ2Ujda
zl~5pp*{H0J3a2wC@XMz7$s2c56jO$2S$AE!%k|GTughNRBgwv>1YGDEa}}d7;Q*5l
z?WUr2jL`@Ce`g#D5{!N~4VFoR!a{@*$Z^>(N^?rO@3YJo0a-Kvo5EP*hEp0<VE$+e
z<Pv2b?)=LgfQrfqM{%+u2Pk8mt%L>8^MGn#j)=%P-6#v*l-r2v!>%P&Z!&M09*)<x
zDnj(?Z`(o%VtBRK7hxcaaM%-J9G(i_SPuK-@#EiVm0`fj{8tr`Bh7YWJ5+Oj7K{yL
zu!V&J>B8kSMaVHwCJ9`WlZ9mQ4Wm8hGBc%<G?0_^;jg~SZR5m!<MpJ@WZqBE?ZVMD
z$s2I}wz><5tLQ(6C5P^-1Shc|_+lq@X$*=<^#w5HzR=PtRnIx$;Fh1|#7&o4AKP1h
z6MT>uyf7`rY9Zrfk*qEgsr`9$f3C4^HUFM1-zCbd$Y74t>MJ(UL;wj@w(V$W#4|N(
zsGXEpS2&H7PkYaYl*O9AfKdgYpBxrrl3PWZaoPFf!`e;Hy<hG@jp&*V6W1|-3bDll
z$f@A#{)*%(;nvSyz1>50Bx`~`IU-e|B;GF%iFux0>PB%BJXAx58ohELh1K5Wk3D(E
z!&|N~0N3GANT+$rd0bIqzjQ$4G|yzQFw}ujLt$(D-+4kw2q4u&;?b}AvS1JpxI)P%
z0&8}g8eIq;6WPKj^@jW!Z#eIRBu<7zZs3w8^Wv2E7Y4!hcPgff>FuFNAb=^{smo!d
zJO?2yM%I7}AP1XUu({{_9W#&htHW*gy2WQl@z^@zg^k;mlYf`TZBrJwWFV$+rpHD3
zzgBtYeNGZxqRm!*3{{barBgqVuULbCLy}OoDtu03s*1rYN0oNz8cl*g)-JUmKA%Rc
z1R9+d!jvmIP`PowQ=Q+Gj`Yx(YfxS*`!7)Xp%#d^yTs^KcPg3~28IJ^l#VKu5CR#C
zxZltVFo2bb%Ua&jRC@^gW>iNG-~q2DVI>x5<#eun>-<!cvT)#;O~-<Wa`K10-Ooqf
z&mT~UyTh=M6E0f;n%q?q1OY%mrTyRFWyMl500NR8q4VzDzZcv1)z)&M^~N#zhV1ry
z_Sz|a^1{K^hcFI9W5CNNmVgr$l*$55;su}>D*s{{V=-*(N_=9ggXfXmq29--z>~MZ
zW{h`7qQ54SGf9L>Xycd)Bb3^F&)fpPd*8hjuZK$+Iy!7-#QmzFz>s1Pqf|A`mP>%+
zm(NF^jw+ultJyh*cFs@j*y6#Vnve(rJXjmve0$04wYXpFq^`NkA;~C3Wp&7aSVR81
z8ejtVqZeuUyLY)FHhke4cxfi9=AHP&ti#bgh`w6h#aKF(5SP3@JT2MJl|1Ok^ek&q
zM7~#K*I-$1tBA5nqtFG1`M~<{(PaKuSf7zfUKrQ6n2w{JqVgw*G-Uzh{jUU}4LQq?
zWxFF8-)5$O2_fNxVl8*|iDIpWA1&oza300A$(xh&qkH|krQe=H21g68er3+SAvG;B
zakT6QV(?@+SG@fzHo%m0x)2Bt-ovwouDYFdMYEu~<2Tma33JYCYkD{91%I8KucU0;
zjifE)n0!G5mAuK;gI>-xC-FOaj%EQT4sOFtsi+Pd?Qq;mEbxemG>p>0ldUl3mBRxN
z4RmYN<|9S#9s<ROFn|X?Ahr=#KI{`xU*9_vEyz`#4_FYC0}8_USR_q|!Nxg{7ojW^
z_g?^k@gSUfodX{@u{Ctglg86R**@Iybve`tdcmhA%(5=P%x3(~&%PW%(MTa%I)7Zf
zlhIiNhFi!EKe2G>ak6f(6Z0~Ce?Ik(f(BsX3q_-Ew+6b^KHzS$v9Ek{@$BZbcU$5J
zMPv<64C~xaUd{JDzoQOj*HsPd61h8ylFHWG=MhXrg(O9)(YG{x0aIx2W{d)ZFp08~
zreDU7Bqn=yK3IRyqouz*{%D3DoO5|Q|LUJ|8<}r~v>dd{imXsYk+bgk+|}*xZZu=+
z;sC}yS|TOeZjtiwYXAvDA_s8el^eUSS8Wa=GIhMGQ96-H6B*Te=D1K`F(afffxCRf
zO5(RTZ7-vE0iRboUK`ZYVq_)Do#wKt3flKfT_Gzv<i;_`b*O?|mcZ*1!@5JXk&jBp
zIK3JR9(iGW83d2u^FRkHRT-<t%MW~oN}rZp^Iki|h)!fg(CdLM>qjLtAGBdaatpy-
zRcGxvPVbr(CF`S9=#XT(EDiK)Eq;)vEQ5IFWDH5c<UY!_<m&8eb?w#*1qY0`ODlJR
zM>rD_p_5l;1sC|&s-5IHAy%@)$&}-JChqb$JV>lED^r<FbC$5<w}eeI8X9JLU1zkL
zod>S{8@fL09UnOW_Yp7?w&Wx!C@Ea-)AoFvTj2a>YQX7j;YdxSj`u_%0x?E}!2Xw@
z;lSY9O!=SoOSh9cTJpAdkgP`&q`HWRr*MUX2#15O8MvXA^jWwH!de;hf8T&!MN)6U
zzr}daF!D#^N8q(tsoRsX4)=|1k@#5pauUg*10TnK$(C6oMDRXDSAtSC$zt>i*8x}?
zLJaJMA|AwC>>ZR(c(%zZrt_f}e{>!y1b4|)3<ETaTgg;H4v_#N%Xc@044ehXp!=#q
z^D$3dy=FOptG3@U7oken$ld>S;p+R%&V85JyWFgSuYq@MH@71HK%ze%63HZTJDJYr
zu3HgSRRG22C~`{v8qd?!OX24|x?`i13CCs&yG8~70((x{4!#FFRDW+xm4$?=pauBr
zm4~jqYZv}-P4n{-riLI$2NCL}Lq#ziBlZBN28dPt<uH6vb761QdLhu0!H@&a^bIS8
zg}JfuIe%CNCp~)$tsyuT`18x}*&1VPwDXHiL!jG|f+Jd9fqI=r`G=7?q%8k;dkW(t
z*KhL#6hO?<P*MpUVdMZg04c}#zAYrhn35q-Q{Q38Um0+?*O;S=P|OY9NQ5duzsPWB
z>YR-yneA~u7gbrm&T^&uGfL@Fs-|;sc~TksB#nSvP}(1+EA+mo)T`D-f5pAio_OL4
z$gtdis<!Fx-s|-H;j_ug$?>nVHz#dZC4)w1MQm@A7E`H&3h3TBa*V4p3bNuL1p)>S
zI?vu5=GquMg8TjDBMv_5`e?>@ed+aQB|SL`k5`>3is>v_?bZqlAMbk%CAO^FfY(O8
z!U|{K<Cdkd0y<ba3kdnyXAV4^X=+Jbs#~Wr$%Hyp1M@taJbmGq6ng{#!Sq9-7WKvj
zoxCGSGYxrsc&bXABp>&)Vs+kVySgl8W4=ZR+W>lGedJE^oqd|!Ls=Ml?};!wVF}%_
zQ*~5y`WG31Y5&77|M<O#NdDEm3IqN$8*60~j!Wh+VsvBp`1?-|K<8Q=P1Hedp2`^v
zV6n(X=Kf`0bw8-i|9bbRWsbvKM#io?ay<P$_~ZB9(0js<Rg-~RcfYl6%J=T}7juMK
zjeI~xbRs=gO@v9<j%A%vTHLPMf&9|b?rYJ^osv25rqNJf%f|NS;Ev<J3m@WfBNMpJ
zwFfm&V=u-{FBA9PP)aSB8y!h-^J}qH*=4Vh5f!rPXj0E?jkM<iqX<|A5jQ2zVfMiJ
zkK6AD2|65TYCaek0YyP;An5;M0Sn3t(YFC1+yP#71?Ahtx^RolXsSp~wvj$lqvA@9
z(yb^9m&2Z>%c`TNOFH;~*VtW8z~wS362NhUa`5J8mW_OZg%Nr~lB1a(J4QnrLfdiS
zZUN7BwAFa?`_z19mxA7%<Snf{pwK1s8M-l|{eEFp#0!k2tv@@v@q2eWxd3*?Aqd4(
ztR^mKYv0-}(CAc>Uc$an3a$i?FWkm&1*^PC7jfTkS(3~bH(d@YPhe|Q8Pb@lam+tV
z!Ht1YV#N+nr{zi3Li)ne+-#3h?omX<g2=Dh`-{ti%HZA_`C3=m&-qboU-^r&+s!7g
zU)SdCXV;o~Q$vbm2oXBgbVP7znIDF{Kn0&%qI7Z}uDuE$!M?XWC5L(hTsHy_C(1bj
z^KuilYwOhbXQJ5X!ST3#^&?Uq6V3QallSV_2b%ZwNNK`nN(&AN8MpB4XUEU1qF6na
z-=*<Pgn$685^AcD<fu|YE16mm0rNq2k4o#)07qL(5fYt?Uv5T}xC4~W(A*E3Jc-mo
z$(Gc&h*V}>f5!06=*xyA1w45gz8~`J@*?POx5LjcT=leK%^kV(oVx|_gJA#bQg>bF
zo1>NTr!LRe&5lfXJc!Wo^H1!XzHn5n!e=<p#&{Px?s>s^kLsQtq=;TBKj*(*Z@U*P
z_&e&iA6S#{vau{bybA4hxjbccW^{8!<b|)wNryrrQD|-%?LuZeSf*xGjf@Wu5K6~G
z0wJtvc2^al{BM>awHS=;<iSP2rb-0)8IC0O1{gxPaf)abIG%nItgiC4hd6^&Gvt1B
zG(Hl+GYDk|g;T=(NhxWW*_fRrE-Sz#^myE5au{FDVLCK>MVU%Ed0Q5C{JH^69s>Pd
z$Af?_$KEV1!jZ;bl=6E%N-16o(IBF%)_#=j#%XRN$pJWTY`JNjz;C6<IP6q$Waxux
zN#(#KbC=R2B5K_R%Po=nKHB@-3j;4_mi^yHpCv96mrcoNlTD`S(a8dOj8<Pba1fm=
zi%zQAiFF4lozL1CK6JwK+|q9%+RpQPFC^}}ubrmHnck*QODpy_o64W28*h}h)CcFI
z3hZzRh#)W6kOas9I6`O7`+KqUc)P6$AvjE8y4KkSVxW=I!dMWnP299Sf6E7f4~M@i
zd6bwsR2tItg#dc+o@KTABWoEF^TOi+1~NEXcoiAP$?FtA_XjUm>lYa79FV7Vn1&P)
zJ_e)dn8}CH7?G`c0$P4+azT<_O#q`^zat&m$tx$^mACV;)6LsyGp+QE0GIm_YZh2x
z^2FhN>q?yTR4zE2J*aD+ja9}VyN+4szl(pjZ$=ADB+CMz&3W*GySqD)wg+EBmLEcO
zzo@i1S%Ywjd6AFHJ-alU9@QUIU9IvyZw%GCsd~Qf+vWD-$!&jcT*>3YRMakCcvXv_
zb=w4^Pp_Jk?!VUJyy6HVZCn%unh0(IMlKR?yxts!$Kj3?{!pTN_7!d{W7KoLaJ05F
zx_>HLxyIg#(}CS4{W&9x=hm{)d3WdgeZ|MdG5d9!$HPzT-%NMl7(&>fAO(dvuPnKj
zC2>|2Se<=&nymluzy`%vuHvQ~C6?@AJj1(sAUX)+!jaQQqJ7wOWa7E;VG6ETEFImy
zeKuD8^j3`-9okZXA9!+L<H#eXGye2<2EY%10-k)J{V~!w@mpXP(>MrAQZMWy!_u!s
z)rH^ZytY(>NB!=zE<Df5zE7@7)(j92k+e{2Sfy&r7VRamw1P7F8t|JtOZ=}o>+&Z{
z{muiaxHmdK)(@@U-~{(1+*8RpFkUECXMs_21@65(6Tu1vB_72k=W~EM0>K2JECE)1
zL3N%~LJTGbi$8D>0y1HJiwaDB^EoR{>B?**4w1qf80eex>ICgdE}r40kwvf(mrCO!
zv2d=i#N~tpc4uClh=82gBJWVc#z9l{Q~wh7HeTp26tBe7Ohsv5>hE-5OWWE0uWUn_
z&O>Ku)-gj*vXc0VRkHLB9bZ{r^^x#48&D@m?3|*cj>=0FUB^MP0Jeaj(17^2@A3S}
z&EK@-mqs`+Pt>js=piX}cbR4W4dZQ$lwJ^ei)v+Us8>Ajjd}M=e11(44wN7teG|kn
zK0*hQokBksP!M=^RpZwpDdB(7^utK<{>JN6>ilf?+Zes)WR06o<f@*6?1GVJkc+Xh
zs2&d;a_5XM0@u(Uw=h}dB^we+Vj0R=)eZsR<xodXRsLw)ad3E17cFO-hbQIo1QJhf
z0QHEeN+QzY=&M~~QOIjsZx9%TAAs{SJif=u1@vouD!kv+$Iro75rz&`QmQom!DR)C
z;(LwKS^F%_@kuOSL0+Uka(3~z>CsoZPe!qNV>CLJQGH*jabVI2<4w9On^<>o-cNm!
z8jL!x@+Az+Y)iCT3~f4-KXu5ne)~PesVKxPhZ6aeR>a%CTgH*SJi!`c5<H>z&+$#A
zap;A`%Fg5oBV9d>kb@!~Q|#W9rFLX7bhwaW3cmQXeIoFJWru$|J<!~9_4%8VS0C%U
z?k?vBZB?SNS;8*<ndW!?ne~kGSA&234Tt)PhG2+Yf6Z1N7z8&`AO_O_gF)G-6;o+s
zKS62KC`YkF0&5c0gI9yMXRGapku23fWXcg6fT0-_kgO{cgc(y4$&*fnS3yva2$_&J
z-coSWS*%(v3s>0=yN7|28U`e+<Mj;|z?6lSQ8Nf38{y3+|3>9%$lni-Lg?rJ%4mPw
z9L`svHI|;6nROQl`^=KV)%4)!Ucmz@;BjyMK4`QWUx&9QPG-w*U%t(sCHfg}Xg2=T
z9BUL&lY{pczqJkbWBgm(<{i_v<N6QnvWoUXx)cJWs*#q-p)3`|)cl8a2c17R{l0f}
z8wR#azcIPGz20R!DC(_?8-y#)SYT^g-`jPXk}X{R?Up;K7M<aRfAaoJhl7p}0g}Pv
z4S4pEk7Zp6rwY-__LDpaj%30LfRfXjF8*jW@So<RQ9M~RCjb}|S}w*TdUzB}TNg<X
z*<ngYk3b*~6$IKFs!l53zoy^bLe>DVa`6<Nifd4#h2OT_YEzmA_?`@|M}TS9no0;c
zfu-Ds<FMBRE)s6#+c34)ptAn9W5C9jcGlTnDSs@QVXRP-W6df5;G@ALPB}7rH$uQ7
z@iV2^jA$ud58=zQ>LWghdb(T8>E{_QA)XhbY6#(nYmU{-?T0S6e<r`wBRE6xu~pPA
z^+li8Lqfj1w->d<Vkw|5ew5GG{cW$S1&>QV`~2_DD>~~<7ePUXZ3oH02GmE>tv~k)
zy<d^^w4PsA9sTn!C=u4%g33=Ot@9E!Y0S~Qlt&GsqmVqS<wNnHB!o^VijaeXhhWBT
zI@L%K4+TJ!P$WpfzJ8!^2ukfq{xyw&mDN+noG1=fh5*yVs&bOk0<>1$%3SpV6VdG3
z5tWGd?j_uH{}CbEfY};XC2=6ClE0fJI+`75|4mAkh0VOHBFiVO`XWD*p2V-ITF)=_
z*ldVCA`z9ejelx~#O<rAfP`DUiu3dPbucNU2;k*F)1d$g>9FUp{;Tx5A){z>@$b>Z
z=Ho%-K~?>%jN0}0jZnweBp5>tiOzW|Glz{G`<BCe`s$AbPkYZ5@AUC|pDP9wYy)5w
z)ZFo&zFF;o*zH!@MT=S_^QI;&j3!hDV$NR#k0WSN#7*v_4lQQ3h-+O52dyN9D7GWR
z%yovHD>P$KD641rq%Q%iXlD&^zGm%bR(w$!NvXxT7O3(`3H~w)bPT8QNojusL)qg6
zRy-e#j<#tQHt#2GdY!K^B%|zJk?2PHjnut86Xux4+k#^YkQ@u>mu*J@Vg}z$ksbo|
zHgkj)zQkxz@$YWI8?@I?nL7!xDD`H3zW6nz^Fw_P?{i0wvvHg<O{^^eq7?#8Up&nX
z{`oF(f^%9ip;N$g{zruWI9p@sKvI{{Foz&E$26?f)U~7+RGYUmXD`iZ=Kn89^3UzR
zzh-sh8=v)EZC)@jY2y;a5tJ1jy89Ti;1Ix=p{J&}pt|=uuy<U^*oHT7C^8<H!}WJ~
zsr;WnrCb*VN@Rf)lAfRP2yw1d=YGW5N&rS`(?a|0Er@WM49luY2+?a3(f<ka{vPBH
znNUvmME~ZtgYfMA8fU&27GN${ceYs8i4!e#kHv*FaCK?7yojb7_=z{%?8o&(&?9%V
z18<N*yw-Ju-ttSeuY^Q@>x^EyPUqZ-&)x%um(!qw({nBWs4mVS!N33yi*7T?x~Cr{
zpN)%gf{Aee5(n?QVTa)O-k&;^{*E{Q7VqW{7&bFnn24r~j$0vIvWUIT4_!GOKirPQ
zpKmqkuGjxP`nM{T*Y<DJ!k>#a;Xi4-B8Xq73JCn|yGnI@RYka!iglLTJ`AK1`qQ>U
z6%Pn!LsN(HgLbWjsBxs#Uu$a|l?V)Vs?E0s-Y>O$=xQbbT5ulX6#o!ZekuPYLKy;J
z98p<CBa~sHtgQKcq+}3R(qo5qDTa-Oi;vy1oupNDz)xRi73mHEH|4Or@{c=bPEZwT
zI2>_tBtcf?Mz7~Y5T}P5BL5gRm{dcqweCOgbr@psy;*J4NhP(ywS4T~2V*M>GYWMj
zL&Nj6l?|5##&BYDgOP2T_~z|9B1}xaMy^ZLL8g>s;}C$Q{rPcy`xGZ`c9-h819JLr
z=Wo4Qd;M4ZGu<j4zH3BT^a;YX#TI;PN4GlyOr~x6OEc>>@)>V;b~f(KGS6#>n3q&_
zLQG-(!rJ`9Uq`fT%X%{2;qVYVcxA;C2e60AM(>QlLXZRqND|>oVSH~)@~Xq0t23kV
zUF*@UZ_TeUIF9ru1SMz=0ErM_!XcpmGLjnL#CT0Hwc}2FH~sdHjW+1R@5z5hmjWut
zriF`qKQP2iZHX8S)swo6pRLUcVk_^Wlz|2$F5}cGedV+L42S#z<2|uT4xhC$$r{X(
zS0Pc|COA669<X=!C9>&o4s|(+wd2X7lb)@Aa@1j`3*8E@-z+u)I(WJSJf5cII`oPS
zawuXL?8|ZRuats!`2jWbZe0#tj8ey<qzli8g(HxH0H9+T_S(lJaNxAV!Nl-E`^v!#
z<3UNV2zC;LalY99y&cMe1W{|KfxAQ!PAs}A89sSA=gI@YhKXFMlXy2PuxyMq4wP`1
z6aXl6_y8n1Wg+N8YS6Pch)dGvwMUorH~14bkK!rcZG&KzgzCHmkuyX{;HA!<0tkf*
z42DQT`d@-ysb()Yx?7!|ZrooD-7MecJ>$D!%lCcOv>J=Dq~Ai-gKlrT?-ayxf9WcS
z+?vWbw+xtQLy#3<2Ma`Z#Lpk#EnVTEw2shO-L$s~m!d;jTT`Cf!LKI7*(VOmw$plW
z^Qu3{Zd~rYeWjsKeS=oL{#+N|1_)Y=vcN@!esy=={Js)2q{Iw1Wh{0d;s;1YRVytd
zA9>%qEeQXdQNOT`#pYLE;{f^%0iJn!H4Zl1HE)ML^&DIt+y;xB+)Al+km)VVaz>7v
z0f!6#QoT?*M8~)JPm@~*H*|DOm->*oFbC<%$^-w7itOqE2!`P^U~OXc!l+$8WizQ|
zA!KIG_C>+OO}gn0XB^Tqju-107D?k60ihU-67~g71^A-(VL9NPP&(XKR3eGNJ7*Jh
z5_67AE0=z6dx*ck;Ea0$LyJHLzbLz3(@tQ}GP-<5=W6Yx+!^rCF|7S<c-5$f<fF5p
zPyz_lC0#ZN$CzA3|EfHJBkEA0wo_X5gVfvgoxE#lyY;Km<>re^re;cVpl|>eQAy1c
z_KD*g+tA2y@UFa6@!N(px7Ch~S06uyn^qWUvONx`fZ`GYYlk|2I(<#LPBqPFHUl;j
z&#~4g&V7)99#6QPE!3Lgi^^+ieBQ;`EHJq5a~375vuyYXB^ZOobFu`$ZIv=@%#bp`
z8C={5D^pfM;_&mI$9H~QJuqqUSsq>P6TkkKM8g9$&>)t;Gx`Fb;&w3MdE59wrXfbX
zGr|L4lIvducX$4mjn|p&b9s2Wm%nzIeS(|S9-~eQD4=WqZE&)#!i)3WAJKbWA3AlV
zOuLKjG0Z9vEQRyNfT2&D3CWH(UxVbqo}K*9MFaPuIqbx2RrD|EuTQDYMb>-O0Zaxu
zy<n))Y+JJCIT;V~`^;O<fEtNUMOEw_``};y5|{j{#I-v~2Y)ZRJ#hY$FQ`mPz5LRy
z9RDbVgw4;Cry$^uoFs3?iQZ+c)Y)z4NpM$9EQ14-9=(@s8aSS-SG1uapqhpEhvKEh
z8yi1e#ghu!BJ6Y87)%frLV%=ALLp<uzO51vkc48HN;vGl@ymmM^#>OW^vXvm?z4q5
z1jBft{==5TD&QB?%RK1^(S3cd%!1dmbS=QB0n^X_*xGW7{i8o0>n#ObI;V=H2h~5V
z@!ePIL#q{>ZEBn1CegEtjgT(kq?gP+VTV5!-+HLL=MzdZ@f`xs4!4ZZO3QkZzMJN$
zd*hS$-L9kLg^mD!nzi%A4$g)P#Z!x__2JBg8Z@4H`@tXBMf<=+L4At1m;6XoN{so=
z1BsK_BRLc5%Ye;!7oh>kF^LuhcY81_`KkTU7q33?WSgoL@Ax1oseiYfI~&h0a8-Fi
ziO}q0W0b%6^Lqx&ZDSs5twdvS+r;A3EtUt%RtbGnvP(pvL<lYr7f?Ojz|=~Fwg*Dg
zt3XZQ5*l43@!X$R@jDx5zY~`8*@{<X)2KQXD*M6wy9rio*0td?II+}dTrmVN3V0j#
zFg<(b49YB_&9XjOJAE_1-ql@yEK`H~gW40Rg07*O=lo+aI)#<ni)#0xkB^&nsUBN2
z+qPREy?q^Cc03x+D*B|_u>iAbCyc9NsL5!~%@@6$eCDGu?(7p=wf|{8$oanGfz+#f
zt!q(>;Sndbj5mI&+bj(LX5{g~EY@!_r1h80>{8O4S-Abyt(B$I!bsEh^!WL-*dl`5
z(g46L^2xP$9d*ykpN4eTD7Urz3JN^D@!IJ%bK;8Ij*`>o*7o<GjF*sFJNUQHZoC{=
z?;R>&7Y|4@lYX|)5IRer$|T-YvSx-rboP!{bi$OdTN$Ctb&lfH{Yg#&f`G9!D<6r{
z-njq0h{R=PqOR^QrMZGRw~8v;rwwA+R4HZYrXS`#1XU$iED(h<gHy&;5ZF0q`KLB|
zBs$+@HlO?=fykk)6(;-Ne!@WJ>&J`JA3Oc>rP3a89#+UCjjOretWV%V+Duc`=H%pj
zb^PP({0Oqy;j)}BW*3?|tFPPAl_%X_9d0FvHqSMk{19inc;k{^U!n6B<gmhOo=r63
z^a1XOtrvv?g2H|~ovPclH5{W{KFYJGJ<iE{&0EdAl(vAxo3nOKZ+$BE8YKkla9C(h
ztHgEFDfPnAhwBxZK(n@gTir(+dbFb!-~Lm@RjjD#_m@9U^hvDN%gS@5C)45tbfG|G
z*^0Li1v3DU7Z<C5!baqlo>8MeBO+&<M$?PP6{-L<rmBKX9$DJgT&-nBdBR52)4(8Q
zbbt4yn-Z1mq>q~!^Ii4q(Eua)#(!BLcq9MMH@y0)<)tM3HE{znwJGUDFNwe{!)`2?
zz$lJ>kGhF_DF@RRf(AnYVTH(m9jA%uc;~0ms#~U7H%Z}QudDiE?A|pwAlo<zVDG;+
z&0ygf7migNhnywq<!Hw*9<sd~rBctZ2QVW8z(y5vy<e;*EfpR16B#-=2e-7ktrdHx
zC6^XIySN>;dbI~`$%7AR{gzonhY&=*z`m_1bQ32Jn*6*^l`>jA&N`2=f1F=?O`OCV
zht%r#YAhG|r~UoT6L&ho3=W>Hp=p`sm3EgwI1(of))kht#Kuz%=2(d$GASK70YMjz
z#nkrG3YkzxK6y#N!<y6>am?P{^)+|KXh91^DJu<R6wwHUrhl9)CPAn0$`PW{`;ZV4
z=N`K793sHVkh8+VP`K9v%G#PAGDpgm`gD7!GLO{DxLU2y`FL%V#1TiuV33?lTh^EM
zCm#H}ycSPIfAd2?y@Dci;_mT|QO)v54ah`yu6pMRy(99jxAYk>s+UT;GOeJKlNLvW
zp#mtI8`}LoN~YY{9&vPy7e6WCT*%`xtsv5PFy!RE`sM#=L`#h=XBx{?xw_bT4>!{#
zJz6c(dc}`YQWwuB_uLF)ACK?(zgrp8K2^GY`iDzpgPU#O#ZAny)0BT0$!HQ#@k@Qn
z(%Qx=6vUEA82V}P3D(xfw)BScXnCzcq<QebOeW3hA)`qBNhMNm;X@b`F`%JFP{y^d
z+3(S)`5&kpz(A@23QZ93OI-o}`9FN>3a@Z(08)ktSXqzwO%nCn{n=o?M7Bv1MH2n;
ze_g#=Uviz_;YGq$!5H>$waJ9V32p;gi#0T#*c*%72GYy-|Ea14E1EpZX@WW}_)PBj
z_3lhlg9xCmxcwAxpeTX<dWBtk8!Sfg@{Z%O(_0&at7hy@#TYb^>8i1;wU*EDyhYHC
zvmM0a8me=stR}R8JLxrXc&KbKax02GDvMGk<r^6m(#oW$CbD$9G3ABpXye!=t;jMk
zbSz>le@e?M&d|ilI>K19B@n(=?r)b5;GomP!Qe-w<^TZ{JIBnPR5e4w!z#xr3#x(X
zhr}Y-)RpMnNUVyg<e_7l+K}*VxV^nz!0KeBbH>XQW@#o%PMNVR3SFhjlCwUi!o6b6
zvX&VGEl>#XqE%J+OD^y)vA?MWq#!tZ^ucF(t&H8{^^3U#_mNt(uZ8ft+N6NI)K)Y*
zJAt10J4($(ty{5){<^(lK2LkWFz=v?{i~pYjb0&%V0C>rn<h?6pe0_WS(6zWhl@tW
znS1pFdFxbaiY*hO+04$gZq)3eb?|?D+|OAm7K{K3QR4Da%YJFOsh$jI-IjTN`07os
z<i(KJ&*zz|GbuRugDT#=sPR`adSeYdvb(MFyWMq6j5S7mk%oLoTG!Z4+P4n4Q*v#z
z05Yo(27*zCL#I_gsqA@IAhEl4MD$QX{wLgmj~{=}PLQ0<^v|l)_Ilw{$CtseEyJcH
zFxSaYdHel*!Qj2;^GJfnY-3Sn@EzR3s<&-?@YuVztPM43hH)QtWhqKXlZwu3<DuV;
zf#LbwonsiSp}uzVe8T3jUC&m!*t#%&arH$%cUsp7K>Nc8z12}+A=gM)D2+QO6Z}VR
zeB*3s^)+^N(orHdXwxtF)2Vg(oOR_FqH+kJmW;><%w7&XaQ^Aa&+)>!$PeZ8YEDv3
zJ{pVrPmq{>_*<&a=P#qUUnpq)0}_h<w%_Fcdn{t%hp~Bs*||~h#qFCv1!}He9_4!O
z^1hg~!WJ%D8(lQZ;5k|IK~zJhPcbC4KiJ{LCQ2+`dcI}*s1brEKqwka2~1Ep>V(Xg
z81O_mua{L3)_hNO?RNiaSXpDK))(z|#uLGA$ocBEF7uc+N772@;W_|Vi-+s#txRq)
zOvj`-8@6^HlTy8m*x$>#J+wBnnp_RsMvII{UM%Kkmuh+`@_D8JgMqFN$WS`iwobMd
zMTn}(5=)rGuOSjHYl6#t!C@n`(bP34kqm#lrj|}$12)WD4lCVxJ~r^B27Wx|ydCIg
zcxvpM@AL1C#8mKf1v<cljJ!sgZ`{`GNH~F%1vBI^+47oFIXPNMn~Kr+BB}s&^*%wi
z(dO_I1ORGn%~|X_MIPlY{4oxcZ1GvGe;X`za=l<fJHGovh29_Y<S_3vHM?g{!WtLK
zZ2{&0&CZZ4b#)GCAV$Et#b47IwdiA(SM>1b9?Gg9>Ub2MD4kd7yeamgNazdN;-Qmy
z`dzzgh<|sbRSB0G+`_KS2g2AEuT%l3O#P<FbUJg{DDT!)qiyFz?fo*`NHjx)zXGPG
zj=(^D|Lp8=y{pSZu71-$VS{1E^+>YQU)(@=?#Fx~Dcfw&b&Y5hVZ5C#kwNs@Pu(sT
z!@aWQJ;H+l1M3EHrjJbE!Urb;%*+=vkmmk=Q|}l*f%~Str|%wdD=Nav#kqH`4zCA8
zA}Q##f#^LsT-Q>sRZ~4`%7}8w?y6Ce+6n@Fx$)ykkxNMCVvCs~qgY8z$_Vw_MLAp*
zlb)Rp@BHdHca_!p*^`CxV6pNcnK=AVu(e$ApB@kA8cCfZ4xQ2!%1C=9GA}U?ra+O^
z@x~;MB=wQKJ;SGql8Nh6lk7A$9Mv`sRjIC!{1>nKEVgiJH+@NLx<D_03Jy=)7z|)8
zm<-Zggbl#b2|n3lu&ditoG>b9B^K@<nmLxT!lA>g%}D|^n5N<?LUppJ*sJ6xP5raf
zT}@9#7Y<a7hX_g60??t0@4k+GU^6!)2y^v+Af0U+NwD!}e&2}iVcp=9+^`<{PncyI
zO)dog9h=RHoLXB+jYry%#+Lg=TcBiO&qlJ9w*k_Q`3b%giA%Q11no8ey7;<zuywp_
zLG46oyBIwZp}d)@|8DT;%h9ey<|uO?M@GpCNjp{DLFf*pK;_oTkIRGYje7EpN6b-b
z1W`(v*&-W$<JFw0f;vcqrhHpb2tp??>Sx55%cZl9bf79IZOQuJ14q=;7Ad^9(~qm3
zeq+}^IA-E=e59g-kBi&D+&~FX@(<dgapJVpfES3bN-{2>2Z44qf{W(3@M42j1qpr_
z@DNHuj-JCq)pMfdYVoC6E+B+9PV`^40((47S)Hbi))xHmhR&`J67p0{oj$d*vau7Y
zbR6f9iezuD@Ci8+hF}Uujc}09X4V{XKeM9+#_*y=`{IH(Mf8NUR6U^tFMA6N)}9|e
z=o0qgeqBm<*NEh#609ukNJDP3F%R>7*$K#bmbuPs#TBLbpP4%$d)q5JDM{x6d4#@t
z!%I+SU5m@a4@1>QZ7qL0orBF@-LhE1N7WG_Jn`LD+c_MZsz3-Jmo)OOn3n<cdhkMA
zA0it@L_&c3yj(Kpyyx5-EkdbN_@l@`fbW@xRa(VsFeqLgBoGP#qmK-t5IL0aN7#bJ
zN;H?=6qfi$b7w%q!4gPT01bqPhhtD_pLtqE!V>JZ4@9F)&MkSZo&pmbJ2FAtJVV-R
zfji$`_*h#iJdxJioL@PJk9Kq^nW-^3go7Vy!qY#oawt+o6_&V0ZhUbg^;Q}T&AXc~
zAMxmrI@u_AJ7M->ex_JW%SGXVvQ|lE{a{+=ks030;&39?Hg0WiB@TesDE2|#O>?GB
zkpF7H$@oN)*4IVKxl(*D?%>+I1x?bgC2d~!H-49l%Fh0)4KggUJ-&1N8y~X(X;?NC
zhmV}eyg6H=DlFk+!pTCan7!GQwH&11z1c?R)rFdMkv#<WA<db@1lYn6O$Q*YCVnVJ
zRJ~>(@2k>e;=#d^%p}-o<r>fh4HIJ?rdg34V4LQW!+tN=&JCsb&*m~k7nQozav;id
zwRwJ%I1QnNGqw6@)n*3G)7IoyGiMtcee269^BzvlLshCZi|Hl=1fF8jrb0*J<O}j8
z#YV3-MH5FIO-U(nqFVCTZn}Ga`F$AG3MI005B{(PQ%P=SPJNldJf9nkTS>uoe8}x@
zQB5%j86ACa(&_3%aB-7$gf9b*01v-VexGw_ROtbuK3Zs8@EVo!=@n2M<s)6?54>!t
z4sMTT5Wtg-go22u2`t32^8Ft=%U(7!zC|-YKma1cfkUQe;24cZqRw8c9Zn2g7DQ7b
zWsqntJ21LPx<C6@3<V9JYvE$yOcqfS0UFKpMumBpAsj&cWJcluNz@EJoPacM>nBeF
zn$28iLryUGHL1{IGNINKUlxs~9L?E*%hjh`qaDen%VW2P8TM{sTyPE1ZY#A{NG%{D
zw8<Jr12OEEab+{R;P$lAbE;Eta&7<8=HrG?a8Q%7`~a0JQBvHBdGkd5OTDVNe-6K_
zQEGcf$;-t**8wU#Z|^*<j9RBsQ#I!t;~sfc^H70_w8O3RJdZKCX0yMCH->)nH=4sd
z&n`{TN1Pi*2K(7yIWp8kG^b}%zlJZ;i*^;~)h2_DLnA$gh6x8#7^6M>RmtKyvX~cm
z*h<g}2}gq?)d6{?_r^#J!$=LFzb9a;7@3Y0+*)zvI;k=hxWNb|6qJ?1A?N4o2WVA=
z<Y;G{LO>g#B14M-)`_E_RI*eAYB{kB)~!mdKVr&XWPjEv8}tnumzfy3|JrzbGi!9T
zmWO|lPj^%C^MxBe3n9O(7g5ui=_O%xfPCWs*I0e_kqYlRwWxFzfll!8n{~#^j-byR
z;Mml;|Jnyn$$z`Cv)3<5Fp;JuwzA<srvW2Ln@TRLy$S~}PIzoKiv|sPj>Tib_)uQx
zByjS;|4)J9aTFkGi$ab2@GP9a<FzOoqF<!>Fu%wk--dCjQk3C@XJh0UGFPpw16zLg
zg%R#@d`?4tB7mrClJb0I2<t0K;f>;zD`mt@ilz}{Ay?O?r|xTS$}%8u8s*|69vkLL
zb2+$0I^`Xv6r!_O`Tjhd$IWNYwuNZTL3BHB_5~Io)`fX~s^)Z!BWWcl3*snIt9nZP
zrWvw+H9i%M%Cjs|&`ao7knuXL$f^<l^NEADu{iQJpA~#R{)@>nE_Dr-qRJ;YIP@)(
zW4ae}ryh4FE!o+XtdF^OL-XZ(c1{*D->e4|nAI@T@aH2v=Z0p+jAln5Fnzi{393k|
z$MH-td6~&g`{69gpNaY`P(p}#E|UdwZolvCx*L;ScYF30)7-3`b|9MWl&hGaT&hy~
zhC|75Z<}4MUDCOrteEAx26VRcsQwXJ8w4(vF^A9lD*B8Ir+q?k(i;Fe{rbbhF-l+K
z^r$$+IJ%6*Q22+hy?MJhVtuJIYIyl0Bi^Zb&e6w)kE8_MirsB~Zh2nQ6s8GAqiTh&
z{G&gPT{p;w7B+6tNuL;oF>L45`f}`uKPub7{)+y-XzEy8N{MkDQ&wKumXsKyhOjjA
zAXSz)#aHn~M2=iWp(Ku%+-?P9`Pdnbo6mFPtBp5^w))369rpV@V`Nq?FblQDIY-^Q
zmHU5w*4Fz8RIW)CZ+rBDjst=|u7AJP^GIf5^*C+5q}+2meEyO7W%1&Mk}<YnBm&oH
zl$eW{J~4#_X#6x7p6)y@GPlcV(Ye`qyW;iZ1{*2uB;-$73ux-4j`Oz5tGTgh4z%3$
z7KXaV>y$RtV$Bq&VdRW19tZeSvcapP2Y5xu^8Fhbg}J6O6$QSpl*BbA*%Cz_D8|FE
zK!+n|Z(W70WOf)8^*lVwl7NUhGz;9L`&#8m!sXkq=+|t@dudAGtQr2f-1*U(dT=BG
zVQ%zD#dAQLwUCLmEPLAXbt}itc!XEv(B_MBzZhaJ8b_aLv|+hfBqb9>y#P@r5#r4}
zqNW0M9{GqO{O~F}cr5l}_slfV@g%1qN2E`1Y>BRJ?OWVcv?Q@LYvF4_Hy_h~evCI)
zZ}xV=9wiXYaMhb|Kkr!nW?h*-`I`C>eqjh)7wT9%quRON)LMBt+sa~r0|LslPjYt>
z{8~-7=7&t@WrJ&i9DD^-f&ccNjkRI?I*w;XhiWIaNk4gdfMh^`n<bD!QfmH^r?9Kl
ziWY?f#iPQ7#uNBY%1lfQN37|IK8lJRUZ3}dOP>{z>05@y!DJ+GcnD#TG-o5rVz4c+
z%LKR&hvI#~km-l~NRolb$T7*5g?8OA*Fr!gX#C5EA#`dM%SShuk9JssE&hp3+fS9e
zr@pt6JM(+*hQ_Z%^;G#vJ}`6g9$gY`L0Y*z=nE|ziTMOS&>sd?O>E35U-&aD2WI8$
zQ012N3{c%DZ;!E#A$dn0dctq9oZ7<9-9M4vr{vEewc{-|TXz2}R8xz!l2AO4ALKwg
z_ng1f3d}vR*EjjRR%3mBVNc%q+kNfyqps<SX#zkrHr#J)`T<XB^zN6g0}mdiT}e#_
zT{Kz<iirtPM`V#gXPyuO5Sl6{P1OJs!z;sc`LPaD;`jD|)}V0F2_@PdZKA;ouK_m%
zJVr9U)2)eS?IZ~qha-j;LwL}3WT-PM0#!Gl5166{0E<XCl>G*TaeeMaIopgV<EzW!
zTU*`9=qPMUNvrs$l()gR_H3b$2`}AHc*|7NY09dn#JNLt1}_$XaC*S`Q^lR{*y>F#
z>ekxKuq#JPAA*CYrS2qVPoAKnn))53rk_ciwEew$Gj+-+4l7x(U5d87Mc8sGw|%aN
z3{5D13ZNTUMi~ST(;`;1Ruv3reh!<vS&Iw>rd#CscQM?Jvef^w&&XRRQx}Ew5`$YF
zErV2nOBO)7*hL4yN&&-3vLy?{AXcqnIEX4960`)6>7rhpr!46AOf7t+iJ($s?&@oR
zW7|fNx`kjkBz#5{7H(BR83sZR(&*FcEj%uh&vKXLc|59%EE-bTqtf0S0Rs>St>#PN
z$5G#!{Zi9pAN$LNt_+N0w&>CxseU$hPOK0i(><nK2Bo2P(^j&c*{92Ud#1EPo^17}
zp`Ge&w$2})cZRgJ>0Oz8V|h$x%<A~_$4<WQUC`_e<w++PMMKi7tNe+u=BXOLCoxts
z&E75)i^rwid^!H9iF?`t1fUOV7<7amuK53Q$_sLEFD10m7qF(%X(BYK3X!!}CTG#F
zd}e3<9qb&|h=<^jv!d;Im><7hFPclF!ySpMt447WQotakDgVC!K`p-0XMsUCAz^sZ
zzW`$bs|msYf*}DAPys+_AOJ*T$aZQ}?kx#x6hR6MuswnVmy~Hm7!-j30$?&If=Ue1
zO|#O?g)wDnK=ZA5@NUXHXJ8MnC@*F<HG`FjY{g*j``=za^MB@*ob7RDU|#9wR*PEZ
z#NL{NDOU!ZGL?XiekaK6tIRJMLDT0X*b5x7>)Lwm`RD6f|N495=RY`FrM{Kb*SH>9
ziRosE7!u~lxHSfYL5>_*ZOC%3nvG);M}{eE8KPmaaAx})GaRhk^WfWLv`63}z==wQ
zVQGE0*+xd8Xaj7GmW2yL0Wc$Io!Z%F-Bf*3=5l5)?DX{;y8i{WP@4@ZKq}ZX#`kEu
zx85$+X|3KW01%+E?%xeh*kLdpIwt1E3M(oAfPonUA`@*w8Ipwxuo>XAtV~s_wKY~i
zh>iiwDgwB`7-FhAT)<OQFqg)*kt7@E;1-B7&ADdR-sb{n7G%ZQQZbc1fA&4bbyLio
z>GKkKu6YrUcju?h#Maqbkd3T!%2JN$@F19A7dx>7YYK^ooB_D(Y}DuC=ku1o-yit-
z7YZ7}NvjXKcJ&oA+0@2D2H=p<vXFyrKpK!JETyrSfxJltC_spu<;?OD7;e{reVu-5
zsAT|Y1q_Q!QpE}~hJJIGQ3y~f1OuQ4(BtC5;zs9%%;hld?uu3oWs-h%_Y$3vNQJ6Y
zdNa-mIE6osztM}@OT{i$OBL<3P!W{OP%g`;C;;dN0Hlg;L`6kqbX$e)Xp2Eg*kB7i
zwgd!J3<j6nYP}U;_X2=Pl>krxpd9RAN`$61!Y0ryaE=Xb0Vz|!+w7d>-{=fL1+X%N
zsmFsH<kBs6HvjB>f9@==?d%(QVS7%zf(yTiNem!N*~=YhkBw|0ZrQ2G+HlGWneA1F
z^||=-x$X1*&i4x+Xoww8e$fz$6<c#x2_PV34+#N~p|sMnu?Q&b6wI*MwuTM6^JN}<
zTm7~)S{`eLDS=i+g%ts0_Y|-SWkPlf6xrT=2|PFF*~|r%C8q(Pb(h9KWlAn#UfBIH
z9pf^))1t{xFae*$PvCtt+GwlolFKNeEJzgr6<7k7%>=k@07NO<eYr3wq0JK7!o&hX
z04oZ)gdR2!RNN#qj06iW_2pn(VgUdcSTZN}=D^I<US~J~Am$nx<IX03S?3fWbAUR?
z2HEYt-f5Z>?@QC5a&=03{q1}HeO)<Md6E6!J}*4Ea1sNa(#NKJqiRe#0su_80m!ge
zd%8UHpU>>`^_{<ekN^DC2^z4h8QWxivi{_{q0Ay700c2320)O;N*l8_(neqbhUH%C
znx#UyFgX4)2mfd=a6*${rhuSktRfgXpotK=4LtyMR9^=#aIWjw3#<l{&{qot!!2P5
z&U`WaEA8;OwtyaJ0UA6N{)p<E`byj?EC3C%OaKEAX2n1NutdgSOh^b^Dh3uV+qeu!
zY)4>_LB;^E5C8ztb~)Q66AW9xE(f>*FrdO)&u|*n#;8)}x{jxShysuS$dGFOx=+bL
z4zLL#XK;sd*FU*^W--%!w+w@c?*%{#c7OM6zF2wkIWOkFcrh0~iJAU8GgGVmZKWVO
zqLa4<uu{*>=e>RYe)+$D-T(d@N7TAP#wNDc?s7j-=2k>zHq1oLG6Mqu23TUx<i_fr
zHUcXOW1?(oWpQR)DF%_JZ*%$$Yf(!81~8=a(qcuBq-m1b!(3T;LFPF%djU@KBpApT
zB4YpskO@e~u-05v+{k>MLPQ>A+zl{{;bZV5oJ*KVD2yRMp@hf~WR+@yFaX#Ejll)M
zVS*6AB>*4`9v1FZQ5Xm*m!4sLRacx*lORybEdwCHJu%H1s7T`s?sA$l>fx<5h$(;x
zoRQh&U(D;xreIit{x&-?V){O}-IU)2#&FsUio}zv1ML3Cn}5^W^E^BLkC)_Zmy(07
zNF1>QIsq%Jr=I8P=j&sCet+WgFEm7(%ZJ*?Hq4HOr<p8A2rxPyKnR0cvNG8+-KpI}
zS8Bpi(=n;xF;5<`8Zibk1OdT}!QD{Vay7&?%$M}KnmMoHqOZ(Y5CSp+hc*^u9u_Ms
zAOO_LS7rWPl)I@4FbG10@<HlD_?wtOfL0>Nat06}U?p(?z`(+=-a|L=CtyGi5RxVf
zEZ8y>00gLEMVY2@n}BwvA|fmZCP5`ub1?)lDWQb76J0bxhK6P^e^jTR({-xhj<Phq
zh1~jg9{FyLAV-I!<^C5$Or;RtF8(aK8`F1K9j}QO@(+F9P>CsUMOhnWN%q6@Tzube
z^ZWG`?|<;Xfig-}Piu-XJ43s^0p>i<G7K$y^2j;4IYS7QA|Nt?sC3=z@#s}wCytZ7
z?15ttsHe!$?TB&B078?Y-g6mqE;D6H1{!Dx0m6m?1&{#{00C2Ig@I_6xel(%JQQX(
zB9RgV7Ov%w^zmeE=Q8Lf2+#rmvIUSlJWWf6=R&K&lQ9-p#R{5QiHe0Rf_ehnpb!E$
zV?YHJ0#gEkaA6QahF~E>WZ1zjK_<anLn)v`lAgb=^SVrD;wENP+fQBk>GtuyHyhu~
zzv1XgOnPK&0kwIH4J0vLXB%<-x{WI&wOT-Jk~t+y^!D=S>)!XzxBYyTzb+1>sO<dS
zspd2H%^|?0n!Q>FpC1VUqRnLF(820Xz(Pg<Km!;RU@+$7F>Cj61QsBHjyBgy3!;T~
zA1Vwo0T01{f}dort@9)mnGqN|ED(?}04gL93;_wXB5;Gs*Ta7SfWVPV8K`piVfnrI
zt@NapKt%}~Bb(q5G6q**ZPdXw76h5k=&&(B<&??^YzTk=0T2K{naCJexV1YCGXRB@
zLMZM90JswXWIz)1Vq}P*DdtL@Kk6xc3Yi0ViyZB(IoJR3R)2PTcnX}!PTbmNC-7ZE
zHXs9%0wLf~?kk-i>^yPWBPB)^<<_&vUVh$3f4{%|^L6a`sh;TF(HK<|_O<#GFkx^O
z;92&0>1ep25kP_^=hQ80M?7Y+JF4w6L`~`LH5xg-O}}+$tZ_&^a^%U8vQ$e^3MRoJ
zKv5mn_P^PFu&zs>0V+@p94jykRm6k@wG9oX+0U)Mfw>Eh!&VunF$jwFF?bYRSl0*=
z0AvUPq=?1HVu-+;fEF&`6u=<^Fd7L1pg{;@VYvpwkrpa!qcV)TfZJ#bSa#c)+#w+L
z;uZiA2A#0GJ9BiCz*IIWf7W>-b~^$T(5KuxSZv?%c4J(bVv<D_Q#-!(tpNs|c~9J$
zd7qh0obEdQ`<$QdoT+r6u#y;N-9_K|^V#_Q{*IsDZ}Rz>=ak&h=Qo)F)l93QUt=zw
z$&Z8ZQ4kEFxn4c>$iM**EKYu#Q+r#pOaKANME8g|;*sMca^w)$W5yoGn!<82UNv*Z
zC4xa15cnzif4hFF`qIqtreFh@08{`3Ls|g_RtioCMip4f{`$(la`j-SkWhg@I1zdm
z{BU2bh73S3*VZEdI3sA_%y4%KWU?U`0H_!=HdPE!85C>jaZAEjfR^Ow5fFwI*4?J%
zlw=O~stzF_Z%Zd>h4cH$8#;eRzi@*cOjU`Yj_iT;mYAM8Da0<wDU{Owk#ovzQf#e6
zda#~9e*W=um0C6yP$Xduy6U_Ae6~N|-|_i+hv%mov#yQ>7Drie2iG(*zA7jaAOT#m
z6RTd}p;Ed5g;5Wfep?5Qw$=jEWly(*IKY6Oj9DE40aL&LCUxDky?-I|i)-69_i`O#
zqK!;O0a{dHj>Psqy#GM;WyPcdh!OzUzziWu05iskS)dz$(5(F|cwY0_VPp&e*-pz)
z&_|;_A9ZyuS_K*yM`JJuOq3y@001Y3ij`Iduo@6;gE0XhP!rXx0i=eYC}c`C7_|)s
zfuLgsF+~M7>j2xD!#V_0;tFngyG`vBz+U~GxKi2t4wtcXQ)R=t`kwb5nL7ZAg~ePL
z4v?L|H@4j^)O3hU_n-d8JHPV0NOx<ij=?RgJMOFJv;F!0lApgH_5Rl_>Zzy91CTWY
zl}Q|z&16p0HBlsM!3>OU03f;#%-7xSjFj#KI@W4qp4`{uNO-n^1skdWvf!B+pa4T;
z3S{?%I)8ZkKmJ$!>n~p0j_clCTT7QRAg~!@s-Bepi|R+ZZ!At$00QDDh7>tH%%qAa
z+l4{Kp}zQ*?w@gqAuiY;U<#^U{l}_*z0MVqfD9Ug0U!V(1VCj_V^>rLg=0t{0A$U3
z=K%m@69WPS#wA;&s5ERaB%lO<u`#g36M`vVwXQiycblCJ{?qvvHi#*1+yj89dvE65
ztY|7^kVFy0po?2nIo#=X*$&nI)awuan(k{xbZ}cRVOg7f>+?DP^ZESu&*whBSQlO7
z>8zC*>~+r58@#D05MT^Y30!gHTs>c)_3`H$BkVypA{p!C`#N$A_H3t1HdM7@BxoQr
zpn|xAg)toYvD^RktNGinK0nm+uIJuDk)g_EL)Tr{PDuY%_15l}7ps+0QPD#{6as?F
zXh#7E08R)^U%8^@wat6&5hg&xZi8V=eGY$A_44W|5Cd3g76EO51;Hv*0IUEAtOf`Z
zU=8UiSil)&n?1l_2(FHHKmY*POyUYtFhs>*%z-ITg%D0{fu|&QfDL9Ab$+okoU{86
zR@Ct*#g>-({&p|(sS&Wmb$~FD8dywgow9M7XK?aE@BHPj{!2O9@h!>QKxA=$E<InL
z{`~sV^9x-+VlO%f3P7?9I9@fUw3vg{V=JfI#HhpU83O?3jidXxtY!oN1+3MVe*8G|
zxW=C4)vK`!6M%@L5*6T5p&S`7(akLgzWes)@1B4A*N>OQ$8Fnrw5~{5MMzb2ckL<q
z1=lxJzp0p3U{uN?3L66pAp*f5Af$?wDgL_dA92lOF~SLinnI*QZ^!?(dKnDDiKAoy
zlP-V&7Qom*hA=m5Td)X(s1QmD06C%7G$?I@z>G5q1jqsdz~I6Flp)B(y~e{cu@?Z(
zv2|r%`PFA${W1G<8aI!-!@1SI>FvX}!xXokmZ=P^X;6YSQR#_FpPujh;OX;!(#-*r
zcB1U^?4sWn|N8!{_v<U(-+Y#*tVIWqaW2bAW0B?FSifFlm*cb6ftu9>SsD7mxVDXD
zt)g*64BhfP{e2yKUAzB$+tv*xvU`=<QR-Gji3_(&r9gox05CxDt+zkE@Al(2KHp-y
zJoj97ceH0#uPWVOMfmq_`zx})acTRa&2gbhxCFrfYyyOaRsN@yUGRG5ol#>1ra&@e
z2o)Y5^#`u+s<bvsDgyxQjyZ|~$Z^Fu005w6hCo0!L8?*-P?4Fal->mB3y6p)!GOvz
z+aqNZ0-yp$Wy%{^OfzH3U4k9oqEjb%%&IT1{C>9F8k5L!SC)3R`$4u$D}qx1Xkfy|
z)Yf$X5UT9r1)ZNcId!t}XR>2!#Z;KmMJ}Ju{PX_&_wN_Kf1+>H;}cdJ2suIG7_nnD
ze3WL*_9rWFcFv~AhY;kF@pwa=fBE@Q5%xs4nW%N*`#k)zp8r2@%Y%hRxK&EIWGyeT
z#d0aTH?~V}Pb^^pz=k*d#O=?wfBfY?KVNy?>s77GwGqO!NP&!0`9nwjkD<3MuDE78
zM^>u@2sU}zC8Ny~=Br^BoI)*RV1@vIY9zmRuaCRFaAmTlN2LPDHb5nYTpAt*b(n-Q
zl(%f5641${qGDj1(1cXXF0f&r*R9?#&pn}3gt6hRF&cp;%7{22QGUL&{p!Doy;+H!
z{x(lJcW&Qi+&{fMIHRde4%7w$Q$j@05vEjrzw?JRi#D5pGVw0StZ_GU^?WXV-k<yV
z`r`KwpXIs8(i$KW7=Z2aiWS;6E`F`ijMh99LKZ9Vgh$KY98<ic1XH0k8J%%H^6ff&
z@4Y`>_H-YcW$n=wtCp9ewrH~p*j;7$(Y!rbpD%j-3Mg)DeB;|6KlJwfKYzY$yY9RW
zj+S<UL?1CYG-^FG^uGq*wDQ6${hTNpf{7l44QT=Z0fMZw^0u0<%KT=?8sZW%*j2g-
z(fWU(f3~vo>_VVI#vTGI&Y%P`H1aTv9x?#54N)-w3|*yUA|sW%0nru{K%k4541hfW
zL@ZDN2--iHQ{^BB@K(4M?B_3j^MW?}XNc+;Wp!$kb2sn4|K9B!;3=knMF7rCjOr9y
z>&&L)7v*nHWO_${GLbc9M^;%q_rmA>iNAlp`28=RvKDnv>k4p%a5_=I$6mN?Vw%y8
zv=im7HS@7B7(?ZX9Q5|W`1z8(Z+W~fo_8=6ptLcQ+j;-}dhtK*WA`>l5RS#3th!*y
zsVFg3YCDy;kLK}>?|%ot*uu_RZ(slC>-&#CU%T@@UfZlUl?Y-Og&x4jIT88!Jzsk1
zs~1aiRx5?fLIuGD1Ps=_RZf>)(VPqWL*rIzqU~;hU<~_*eqa3Hwc3(FQD$nlVOVfU
zDuN-wkWj!duy9}k0V)Gk(H$8x000?8kRdUsNHEODm92sfZ;d+6mg;Lye>*~0A%Q_U
zq-6W!BmZ|#jN#T3OleHZL?EtoM4co0s+pgvd1am64}lQskZvclJvw*sysvz|zWDR?
zdB6XSXPLTVaSi}5R6vl7$J%tZBWHdZ6OFMgFa#ruC1^DK!{hy1o^Ny)OC<n%Wvm0=
zo)6uhm;ZcQ;EC=I(A#3x;$u7g_O2stvmNQhS?{_E2?_u_C}Z&E`=38||Ng_zx0uIh
z-Db5##UO<c)dE6k-ZS*`8*f^<zLFIe0fGYThDx9)VwYM;+21zTe?M#z5bE9rM32Q{
z^U1saYTMqt=qG3sSXKz#rA81|0s#;`bCr*@2y_Vv0EPkyQmGqIdPvZto>~kc2w`YL
z@FJKoFrq@r-h9T#&sNW!&T<3{EHLGEQEvU?-PU4~8QxpqFo|kANY7ApWz+n-*Kg*W
zHQl}fQ9G`1Ms&5M68*{NJ^Orp*U#?{|M@Q-C`eJ6bTS@WXN|t1(U#I&fUFqDR9C&0
z5Hg<#5vE2COL5f;<L7JQ`N6Nx=UlJ3wqT%uOm5eM-=2q#=f00So;A^o-P@LSJ`9RW
zNV!yM8?Wtix&Ph#?KSr=C@29Oan~D<Z-03F`bYES<UE$=o~5V)0{~Pg(7B?yEA(?i
zU)j7N(^aMrl{5(r3^D;xU<Hd8uDoI9y}QOm0DA}kFd0>oKiTyYSDv@LHYXt=0RS-c
zP>~3Y0hItl4;26cR}8|&03!f^4Jt!ELjV9nFaZbx3<ci;W12tHmBZ;TzMk`&-ejdr
zZ4E7$cey_D&u-q<4X2!t#JGepsDsLZIv4m6`JbF(dXpK0-R?G@!CrKbhyA(q^Eq+;
ze%tTgxB2-u9%!RgtQq5{bbCcmWU?atkEWz+jY~7!|3yG>Q=mY2u<=vd`s&AL$JMDT
zumZ-q*6!B>@7E2#Zs&X)c*ItR_pTaUp57K4V6|O)nYUkf-2UL@OTDky7Qx1f!q3~k
z{r>*zZR@sw9^2N|@~B-b8yYkW=$dL}`0e3qYTnp9KS2#Eh(alWC4!5DVztsYSAN!d
zdQV3I2(wTC0HN&u%`HE@bnZlR=o#F0LJ}GPz=bmaMj22EFh(=)oI}u(41iT2x&bIB
z08F}U0l_2zCIqOG=;XlTpWpe@PJfR&oK^q<h<f^-|K;9q7ng4WV=U^pBDCArES}eY
z@+WfE^fO=}ah3N1?2WE->+{+E{eGL@_t(C^Z+d^?STU(IebqGQUmHGUvgXPob}}X1
z+>``cQ9<ge?Z;1y_y6*I-G07FQ^6W|6n*r!=jUIaFaC8bJ~m%b`;zI=wXtA{SV*-k
zT*sZ~{Wq>p-}mx&rl1hQ)0eSy{qghN`{M`d_Q7@RIS=Pi)1h&@$qNvb4rRNz?hpS$
z__dj@&YaV%^kl1K1g_Mghpc32y!73be{)zBx(4Srpi27>{o=?^FD*?p$L)ZgGyoV3
zE&u^&Z#=Ti;AIsUxRoGPbOV400ECbkXgqW|w<_}_Vdr4?#qa#&GwL*=63B|-xb6S?
z(cf%e{03-w$AK>D6qJpcXFv0Iyu<`$r*?c>45~o2r5g3Pcm6)*{raqb{rT+opYg0Z
zQQPXeuM+Xbk=J~K@$^pTtuzc%<jKH7gN<*!e|g#M*DYV4m#+I--oQj(8mr%)NB;7>
z<@<Tl&pPjOo59ZKw)<-X8vszsQxB?k%=@oA?(e_;_WJ!FUiKIQ8J04#>-hEC+xP#q
zUVdfXx_PVDUZyLIKp1$6*)|jv;qP4kZrk2a{j$tr(}yCH&|^VBR#qy{D!yjs&o&t{
z1P3@P0l=fueK-Hw$oEdwvqRHcrKW&T2{B_ZxJWx7<<i3pz)^%@NhlydR0ISo0D!Sn
z_7q?@zz)GkI0v_;Q0u6>`}E27Gsjj$hro!q*PSqnnEm6Ezv-{7Z$KEq3TusE<;l+P
zRsP4YQ*J<wSU|Sg2vq99=U#cf4u8JB;rIJpe*TSzJKRNO0zz8D36g1!%(W!r$y0V<
zP$CRH^<W^7#6JJ+xW4A=!^!it#O1l!LobZgZ_h)&zyJMjkLUk+zvzm|vzDSHl^R0@
zvte#pFF*6V{o3*CdHWY!_6V862pW!U{lxfj>wNveygfdTZRatbTRNrGL#j%pf*@ca
z>PYB!cU`vl>dFf;&P+23372fDx>8%bW$F5vJ8xSjsS=nn01!P(=}#T?hvKa(PBN2L
zfj}7w02qf$Ov2FRBUvzv(g0*@U?p3nLI@m8fPj`D5T=Fb#BJ?FY<4d6e&5L(+AOgZ
zpu_kU9aTT%?>_UJ#Z6ERh>AN|*;P4T{*r&KUM|d$0j48CEnt?X%B}Bn>GOWe&-Zt{
zUpM~z2M?6hx`X3`CJbQ}e$$WD<Liys15lfu))599yKmor^8Wr4kC$!F4>)gq?k&RF
z;MK<S#P`Ri{^{3qKkM?R_QCF_4!)nn4mArPTu-k)??3f?{a@Sn>u$fa$v7Ems-u#(
z`GVu;Umw5z^*sLkyzibztQ*!|7hScma4-#uhMF;YWaH;{J-_m$D_12gr81*h3Xx9a
zH9v6iGdrh;!bPwQNQf%J_Ddf;{HH@-w{U3GlZ6R#fC3650FDYWDhe131{Y{pF&Nnb
z4Bhnvf{cKeDnNvl0dy6cV6gQxI$Ljl{Nt6Mb_2JyOMqYpw?p;e|LgmIbM>lVr?U)q
zN}k2ZKb-z`c^pzGB()nDp-R-c;JL%|)X&!^|Ml}r-{1Yuho?(Z?J9zd83&EBt<vu`
z_fEFW3cS}~)cVsRZ%XtUdFe}!FF$gB|L@OF<HtSDqvX!4Q7YPfdgb-;ncp9m{irX1
zn>-)BUF~RfBP1)^>{^`Lqv!p*uh;*&JzjeMp7W@+$;&{8pwh16*Z;nMdDr>*pP%<r
z=e|5|&Kj?xre_Ki#tZ<;0*Lw4$iLtH(m8KxUADx^Y6dDp7W-CyaOpq1pr+V@DAiJF
z2Lvo-{pIGr41GgpwI+-J#W0i3&Bmm<VRgxb=r#jPV2v$=0B9Kif{<%ZLT@Vc;1DuN
z;x5>e<}*KZ^1QaOu`yw22Rf4Z<JjN*q?^TtH)JDQJG-m%_^<XSC$D`{b_y{Ct#nmn
ziBk1N->c8(y3hC5f4<)N_un{hEG^Ux3zz+Nt|bz$K5^8pChBSn1YY~tLCtR_2?+x4
z`mXzzx7~jH(&J^v^L6pODN9wQjit8t^f>STr{|8z^^uE$hqucHJ!Y%{Fl%XUr=PDs
z^!)Ih_vg2d=l1OfYx4*^0c8ZLSo7ugFYmtn{K<3w%z9aR?rrN>)oBu%rdaNAE0ln0
zS@Y2w|7O>V=De=CCYiNop;6`(`hqpze(JaHHExv>+JwkJ6);+r%%4a7e&}m*w5C7;
z0Z;%Hb^}-e7zj+Egl+=>AQE6;1~A+Kh&e25D5p%EkkBc*LuIzRxANmB&q;ROQ6+1%
zYh*fG7^eIG?&p7V=xckSL%PR>lfQcWedl!*M}N7-sA6PdO55QS57)D(&*Jm`fS>O#
zJAaS8zwtl;*xP!5H4}(wd)op9NSttX!i%SnT!T*2$L`FO9U3&)_{rNJzxMpge|x;_
zKJT$^?JDPnVxg?ID#z~EXZF=O;gLrcy9*GzYqU0unZ@<L9{20^=TGjBSMEQ{B(kW`
zLk%0JE<Aqz!TrnIpCA6idYjH;aqguLSD0!&1XwATo`4!9rfEKWr(~Xe>5Z*tXU35k
zoQnFY%<E@9Ff>Y6aK<VYQADYumfP>#>X*WA&Dl{o1#CG(m<x)m0tf^Kivb_#He&z)
zp#n%S00LymVs(T7DhK1N{t*A1*|jn!_Hq&#PogS=x!iv0x_w=|_C(KX_=ondC+9wy
zeU*qM0>O^Kt*d3Xp3QSr_saR){=C2H^Ysqr-*}-pMTK@mg(>r$a6o9YsZ4QZ%8@76
z?Q}xL0iyYhXfXJ$+aJIF^5Z{W_d}1n&pYSlJZ2-T)S`hQjZFZ7kc}ZkVl2nC?L6-f
zJm0?i@%lyE`CZ$3>Gll+FS#AvkPs95eDnR=yKdkA={#;;FWatzy>Yp=nGyg}j#NL&
zJ&YPt%D(-`|Jt~6<(2RSt=(`k{Eu_~d-ztDfT}<RT=Y?Z+P$2<dDMU2>N_h}WL9g!
z$&#U|N=5*1%8Wx|S|~#j1T+SNL(BlsST2At41qoDNtu?RvU&1vo!{r2q2UZ}GKV{y
z%%+(p-TH{z$8N#C_R{z#{-bmCESP;2Y9^)uXA|Fo?38_+ReiQU+duD5`S-8Sd)^27
z7Y;;LqXIBNf&iGhLYzz{-D-<0Lq{7t$L?p7eZPZ+)^%gpBvk`+5N>hhmA9|Icl-6d
z&(}|%w;kuPa2?T=?UFG#WH5+vw*i_`p(}xvu1m_cd0?!MJ>S0V`SQwby)B+E+kV73
zxTJ6}0EaH$e*XUc^>@~9|7~uoYu}MOYVT?*PG&5p91t>l2oXhwnfq@3jl<_IUQoOW
zE`gsa{zuepH~?T!lp$cIitgp|Ls9?L^^MG{=S*uDY8IdYu^S0tgF#?TMoLDQjH3)-
zhG#Y;Bbhw{LMH?xSMsxU{^=;!o*f~a!<*XSj<ed-laK!HNBF$_zMjuN^m$b_8#l2j
z*j9il-K?SnciClb_GjqNqCXG*+^>GVANc%4@e|Z$h1HRQH>x!bSTqIHn(fdeiw3r*
zIYQ*12j`!Xh6)-adyntGbN}|guH(1Q*TwU`Fppf7Ew)1d8dRW_)dpLF4$>k}=Bk*-
z(s|FpM<1WR<MH{1ZGA(WUlMD#zeC6-k%izpk3awJ_WtkY_QAQ;e4)-(#dg67TpchQ
z6+Hl8<55!43D@85wR82Q@M8Gd%zN<1qPmh@(FmBykW^AFq$W|niC@lqRps2wYJ&<=
zT#^``j#?lCO^&$D?qs4{J<dt!fthhc0E?Ev(5W6Uzg~IqYj#g}JLI^SoH!?DV(-xH
zrXTz5-TIyR@jT8wAmxf0BS;_vz>sC9Ls@iH_saPkK3|{vet-1yCwf`MscNHApdr(L
zKLH#oyPRgZU9O>~u0Cc0&ecUm%kpOTWQzz7jYEsK_kVi(`q}HZfA&1?UH9d=$8y(O
zV#v(&j-XkFQUO#j7@AcpZCMsV3-fMWcRubv^L*VC{R*95GWsRzJ^DolV6;b%|GRy?
zH9!5Qd3<i|UGC%Bg;{pRfF4=~R~(8GOMu0qSKY1pE!Uo<W!0!e0H9kS#y}9Fsw=zu
zllVX3H!-isEHo<>N1U=4GOIwnRlynnGz|d5(&5aM5M=c%+6PtdjQSX4+5687InGIP
z5_AaS9GcCXf8KdKyXcl{<ED1pF{*%=R#YWGry#mncc`a(o)7!{{i5^t=<}CPQR^y-
ztFWV$p>e4lqQ|Nwck;N^ueJu*^EBC9B?KOhbA^SvUa)_8=k4q7%-e6x+x~T1ti9_!
zduwI100lE6OJEHfHtsY4prll0q1Wg<FzB`Z=J`?1dC}LnU*dix&+Ggi9?8$ye*Et3
z`|sw<ug~LX-o|~flohrU0{~LhHBpKZ+iU;@1jnO{#zm>1+CYF4-2eiBB-*3)Db*jy
zmnN_1etxra(wc-`Q$bd<ECLK9GHJ1rVTC(poLwpb0ZVYe^}(o*;8j%c?iooxq=p25
zSX6qmFsDtouif9{Y^o=!WCu2uvZ9{EZUi*4SI<R%-s!wQ|M}c|ezK~jQ`ANkpbjWg
z;|dpCtma9X1pT&~8-7dy*KTV>a0T|0c|aSm8}mBD9)x-8ZHv{4X1Uzg+wMP3&eva`
z+aKobU>{4hBez;K?W1;C2x2t>OklPQY=@9an&@T5Awkg~qTuH1HTxRHb+P(oqrb?x
z$+Jg~f9!8Zuit;E_dn!VL3Ob$HR*!NIDnY#plT@!f<Ojx&6ElN1py9#gph~;07QzQ
z$dl#|w%RxQMeUcud5mESDU3Jz5$8OE1)x~kTxS>b*yfvEAH+xZ8m9sx6J$>_;2Tp2
zFgRky1g?#JAx}RUDlr9-3U}$cuDa^Sxo>x#&+hj_&+qbF1?#%X)8!1u4F?1OTy5a_
z#+jSGJSKatz;e3QPH&lrBb&Kwv%Y5qAjeQVtzd7vZa;qP<=fG9{}YbCSo@v1ySJsa
zE#_9zE=Q<j*cbpEHY5;A#VvK&0;o4aINP54h)L)0`RUKUK2N>&j=5ZOqjO{F>zUv2
z^;y-sEB6=9ZB$!y#j1s6wOK-`v;|T}QBdGvaxXFjg$yJF13)1FG+}k<NYuLyFE$r5
zH}pIUE`{`fL8&l=(#;+;9SLPJxVO0*J(YP>`xFC~rV>;TD!2>OA*fJ1D@5QaD@0(1
zd%Z8&*+jNhx@yUjXBXM6^U?FXLw`Q=d>-jPaW;GMq~x+5W=UWJR0n|OPn&|T70g`j
z?Wx$Yj)%2Vt9<F2D{tWR4AKP&5MZzaKq-qT?K~dey?@K9Tk`c!Yk&XRj;tDIjaGHN
zjTVN|Hbx3y8Cn7CF<2H9Ah2uHo0*b(Snya4t^0HT<J>1&owI##HN0uOkJ^7$x<7YU
z?am`|V-_aptrxW^sD}gr!C(L&gv@5Xg$mtb!s@JP=-#0}-&`u^povwB0D(cO0&WDq
z6k0*21e;PW?ShF^1gK{N8Ljim__w!id#I2kb6i_MY*t*=xr_R)=g#`R{dqp-`P|!o
z`}4`3;jOzf%3kCl3<WTg{=BO|B5SaH_23TH+L1kJv%;T`0nsg0Ksu<v5sp@D^WyuD
z|91alC13AZ^;qlnRiDlMv8=V_S}whfN+?x4NS9m$byJnf#0sW#D+EoF7(K(V!Wu^}
z#@WXE^mu$7b57;XKHkyW$JX}bJQlBgJhzg2H^wbxIxv8-3SbR^HN&HC&FPv%P33Md
ziNRDLuyR-xP}>&3aM<GpKsbm(HKvdu4p&x)(gZ;WU`s>dw%IX_N{h50-ISG{2;}Oq
z^<4G$jpxt%_SXlTJ$e4RGn~ms^qqB;4Z?CSlCg8~7}-AAVa7?D0&fM3<QlYl<+Xmc
z+H36nGukw$0EPmz0L4RanI4z79Y0@id}qa_?0PKU?p(Ta)qP$2OUG)PH4O<G5R3tW
z3UH}W_X1RB85W!iwJsdFTz$FMW$Fv|+3rVZ05C7Oeg99lf1F+)KA87Eo!c$XEps2&
zKCT0cC|Si)mIw|pM;0rFxv+V7xX%K^O&AGu6$k(j0tk{>Lx9~u0bxdE#@%5VqGHPx
zYJe)7s<Q$aWJ%OUmLRu2hI+Q^?m3@FpZ&1+{kHX=S-;uM8h85spi}muQlK@+nbPQB
zijmE}IiYV8XiZjF((H9uva>UrHf;Q~6+>;*D(0v`3xEa|8YHm|8Y81CUcR9~fnv39
z$7(xOIw2pe9D_BOK)@K5V9~W$S!A}s5^PtNoF!j%EOuZ3R1i=haflf-+wMQU;^iMG
z9-ANkW^R9*$Nlr@b6;B3<(^%2f;KRLKqg&+s1&dzfCm5!MiFR)0{{j=5se|h0vHTw
zmr4%>0*f&O2m%921|en`l_Pt2x9oK|YrG;<i%RT86&>ep_oMU7`g70oewTCKwLaIM
z|Dd6uIB^HWURMBsMb2_?^$Dd88ta+PHM?ATg&j{g(nu6mcF(#fl53qkOUap|&+vqq
z5C#iYhG0k?GRTl}3nf-8p#UIp2mr7JKtTc^ksUp0arD5XVQdiq1XLgaP+a=*{kvcP
z^wLA?^WWC-;cL4$Yc=<>YO#yuTFOP>h^02cAg~2+w}BvrmH{9jv=B2ET}{db1O!5}
z00coP1z1p|1~3~TPz5M3#VNYPK??;q$!hH<bBFGMe(vafxAVO7`8s+2jRS!LwJ-p&
zG>5KqHff^6nr$$l%4>H1RIOP@(4NN3-)F;A!{1znR6vGcivTdN2_P^6%+bauvjQ-%
zaL66P#tj{ZM5>wSE*=8`0BoB;02u681Iz}14c>Fr+n4Wu{clJfSsy<-{h2!M&N|pf
zTN`sP?YhKLlS_s;8GxOH3bba98GyCPfB@J`N7x2L1&|>&GHjxmZ3L*p24KO4%`kO)
z13U{{b#3mG-K}$HXAkxJ!SlRJJ#St2`1y%~hJu9#kbwoN12`AJ02mY2!JP&Mv%+<!
z=ssC=dE?rrwtX-G^o|anjSies{hOqW%q9S!*dk+05MZ=RQNV)&_FVPN78|s{ga?t~
zCj1+nV{>e{-Y!01AR4DGzkUC<*RN=%^Y&1^+)~F!YQHD911qhJc9(*xD;kt0vGK6Z
z9&kW_7=l5g0W1@!*bHQkaxuvS7z|<3VRv9vMSI;HPB*eg^SP()L#J<5?>9Z)yUt%H
z>;hC#T}~V{mZNPoz9vW<*1^^G`ouyqs&SKxrkd#*e)Rt|M*Ohr*8H?_cessN{c{&U
z1uB3$l+YP&u0;%n0HDPN8Z@v31UBdZfGq>S5YRo$7h8|325^V}eGv8lAdD@c@g`OP
z<Co|4Z(ooA*5=CteY-pPTytM<`)fbeURk9=s+tPbxPr2afC>Q#A_=w$7$E=>ECL7x
z6sG_dAxZCPLvW+J%Psa`-6N-W=6U$^k@S}O?5W=<2$Zn`cAJU-wjnT0%YfxBwy1!K
zKsDJH4Q19a<H@P%eLHy8j%@S;d}qM?)`}e+NR&1#_1x?-GX#J&1PDL?z``<n0Jc~G
z7@%5T8Fw%Un?%#hz;D1*0EXci7}+e`9?!miaf%f*EA@7?kH?lCX+OaBNa;}Jc==Rs
zE0rD<h=MS607eC@LdFo#Lb3?8J1aD_w!w1uj>w*o%hXqB-fTa&wBvd9)t{)vfdD8I
k^c(5c3Mram3lcNI&(W|s{&mX=nC%O!T(biL{d7J701R{+;s5{u

literal 0
HcmV?d00001

diff --git a/chrome-extension/background.js b/chrome-extension/background.js
new file mode 100644
index 0000000..aea5906
--- /dev/null
+++ b/chrome-extension/background.js
@@ -0,0 +1,2 @@
+// Intentionally empty service worker.
+// Keeps extension runtime discoverable for automated smoke tests.
diff --git a/chrome-extension/manifest.json b/chrome-extension/manifest.json
index 16d0cbc..07ebb20 100644
--- a/chrome-extension/manifest.json
+++ b/chrome-extension/manifest.json
@@ -8,6 +8,9 @@
     "default_title": "__MSG_extName__",
     "default_popup": "popup.html"
   },
+  "background": {
+    "service_worker": "background.js"
+  },
   "permissions": ["storage", "clipboardWrite"],
   "host_permissions": ["https://script.google.com/*", "https://raw.githubusercontent.com/*", "https://api.github.com/*"]
 }
diff --git a/chrome-extension/messages.json b/chrome-extension/messages.json
index 39f61fc..28701fe 100644
--- a/chrome-extension/messages.json
+++ b/chrome-extension/messages.json
@@ -16,6 +16,7 @@
     "downloadScript": "Download Code.gs",
     "openScript": "Open Apps Script",
     "scriptNotice": "The script is loaded from the extension package and includes the same relay protocol used by mhrv-rs.",
+    "checkScriptVersion": "Check latest Code.gs",
     "step3Title": "Step 3: Create config",
     "step3Desc": "Paste your Deployment ID and the auth key into your local config.",
     "deploymentIdLabel": "Deployment ID",
@@ -36,6 +37,11 @@
     "generateKeyFirst": "Generate an auth key first.",
     "copyError": "Could not copy {item}.",
     "fetchError": "Failed to load Code.gs at all."
+    ,
+    "scriptUpToDate": "Your bundled Code.gs matches the latest upstream version.",
+    "scriptOutdated": "Update available: your bundled Code.gs differs from upstream.",
+    "scriptCheckFailed": "Could not verify Code.gs version.",
+    "scriptCheckNetworkBlocked": "Could not reach upstream to check Code.gs (network blocked/offline)."
   },
   "fa": {
     "appName": "کمک‌کننده اسکریپت اپس mhrv-rs",
@@ -54,6 +60,7 @@
     "downloadScript": "دانلود Code.gs",
     "openScript": "باز کردن Apps Script",
     "scriptNotice": "اسکریپت از بسته افزونه بارگذاری می‌شود و شامل همان پروتکل رله استفاده شده توسط mhrv-rs است.",
+    "checkScriptVersion": "بررسی آخرین نسخه Code.gs",
     "step3Title": "مرحله ۳: ایجاد پیکربندی",
     "step3Desc": "شناسه استقرار و کلید احراز هویت را در پیکربندی محلی خود جای‌گذاری کنید.",
     "deploymentIdLabel": "شناسه استقرار",
@@ -74,5 +81,10 @@
     "generateKeyFirst": "ابتدا یک کلید احراز هویت تولید کنید.",
     "copyError": "کپی {item} امکان‌پذیر نبود.",
     "fetchError": "بارگذاری Code.gs به طور کامل ناموفق بود."
+    ,
+    "scriptUpToDate": "Code.gs داخلی افزونه با آخرین نسخه upstream یکسان است.",
+    "scriptOutdated": "به‌روزرسانی موجود است: Code.gs داخلی افزونه با upstream متفاوت است.",
+    "scriptCheckFailed": "امکان بررسی نسخه Code.gs وجود ندارد.",
+    "scriptCheckNetworkBlocked": "امکان دسترسی به upstream برای بررسی Code.gs نبود (اینترنت/شبکه مسدود یا آفلاین)."
   }
 }
\ No newline at end of file
diff --git a/chrome-extension/package-lock.json b/chrome-extension/package-lock.json
new file mode 100644
index 0000000..429311d
--- /dev/null
+++ b/chrome-extension/package-lock.json
@@ -0,0 +1,76 @@
+{
+  "name": "mhrv-helper-extension-tests",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "mhrv-helper-extension-tests",
+      "devDependencies": {
+        "@playwright/test": "latest"
+      }
+    },
+    "node_modules/@playwright/test": {
+      "version": "1.60.0",
+      "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.60.0.tgz",
+      "integrity": "sha512-O71yZIbAh/PxDMNGns37GHBIfrVkEVyn+AXyIa5dOTfb4/xNvRWV+Vv/NMbNCtODB/pO7vLlF2OTmMVLhmr7Ag==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "dependencies": {
+        "playwright": "1.60.0"
+      },
+      "bin": {
+        "playwright": "cli.js"
+      },
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/fsevents": {
+      "version": "2.3.2",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz",
+      "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
+    "node_modules/playwright": {
+      "version": "1.60.0",
+      "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.60.0.tgz",
+      "integrity": "sha512-hheHdokM8cdqCb0lcE3s+zT4t4W+vvjpGxsZlDnikarzx8tSzMebh3UiFtgqwFwnTnjYQcsyMF8ei2mCO/tpeA==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "dependencies": {
+        "playwright-core": "1.60.0"
+      },
+      "bin": {
+        "playwright": "cli.js"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "optionalDependencies": {
+        "fsevents": "2.3.2"
+      }
+    },
+    "node_modules/playwright-core": {
+      "version": "1.60.0",
+      "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.60.0.tgz",
+      "integrity": "sha512-9bW6zvX/m0lEbgTKJ6YppOKx8H3VOPBMOCFh2irXFOT4BbHgrx5hPjwJYLT40Lu+4qtD36qKc/Hn56StUW57IA==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "bin": {
+        "playwright-core": "cli.js"
+      },
+      "engines": {
+        "node": ">=18"
+      }
+    }
+  }
+}
diff --git a/chrome-extension/package.json b/chrome-extension/package.json
new file mode 100644
index 0000000..aba0ca4
--- /dev/null
+++ b/chrome-extension/package.json
@@ -0,0 +1,10 @@
+{
+  "name": "mhrv-helper-extension-tests",
+  "private": true,
+  "scripts": {
+    "test:smoke": "playwright test --config=playwright.config.js"
+  },
+  "devDependencies": {
+    "@playwright/test": "latest"
+  }
+}
diff --git a/chrome-extension/playwright.config.js b/chrome-extension/playwright.config.js
new file mode 100644
index 0000000..710942a
--- /dev/null
+++ b/chrome-extension/playwright.config.js
@@ -0,0 +1,27 @@
+const { defineConfig } = require('@playwright/test');
+const path = require('path');
+
+module.exports = defineConfig({
+  testDir: './tests',
+  timeout: 60_000,
+  fullyParallel: false,
+  retries: 0,
+  reporter: 'list',
+  use: {
+    headless: false,
+  },
+  projects: [
+    {
+      name: 'chromium-extension',
+      use: {
+        channel: 'chromium',
+        launchOptions: {
+          args: [
+            `--disable-extensions-except=${path.resolve(__dirname)}`,
+            `--load-extension=${path.resolve(__dirname)}`,
+          ],
+        },
+      },
+    },
+  ],
+});
diff --git a/chrome-extension/popup.css b/chrome-extension/popup.css
index 229af46..4a93d79 100644
--- a/chrome-extension/popup.css
+++ b/chrome-extension/popup.css
@@ -172,6 +172,10 @@ button#open-releases::before {
   background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' fill='none' viewBox='0 0 24 24' stroke='currentColor'%3E%3Cpath stroke-linecap='round' stroke-linejoin='round' stroke-width='2' d='M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14'/%3E%3C/svg%3E");
 }
 
+button#check-script-version::before {
+  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' fill='none' viewBox='0 0 24 24' stroke='currentColor'%3E%3Cpath stroke-linecap='round' stroke-linejoin='round' stroke-width='2' d='M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z'/%3E%3C/svg%3E");
+}
+
 button.secondary {
   background: var(--bg-secondary);
   color: var(--secondary);
diff --git a/chrome-extension/popup.html b/chrome-extension/popup.html
index c6782b5..3ecb941 100644
--- a/chrome-extension/popup.html
+++ b/chrome-extension/popup.html
@@ -44,6 +44,7 @@ <h2 data-i18n="step2Title">Step 2: Build your Apps Script</h2>
       <div class="row">
         <button id="copy-script" data-i18n="copyScript">Copy Code.gs</button>
         <button id="download-script" class="secondary" data-i18n="downloadScript">Download Code.gs</button>
+        <button id="check-script-version" class="secondary" data-i18n="checkScriptVersion">Check latest Code.gs</button>
         <button id="open-script" class="secondary" data-i18n="openScript">Open Apps Script</button>
       </div>
       <div class="progress" id="script-progress"></div>
diff --git a/chrome-extension/popup.js b/chrome-extension/popup.js
index d639a55..5af61d0 100644
--- a/chrome-extension/popup.js
+++ b/chrome-extension/popup.js
@@ -14,6 +14,7 @@ const elements = {
   copyKey: document.getElementById('copy-key'),
   copyScript: document.getElementById('copy-script'),
   downloadScript: document.getElementById('download-script'),
+  checkScriptVersion: document.getElementById('check-script-version'),
   openScript: document.getElementById('open-script'),
   copyConfig: document.getElementById('copy-config'),
   openReadme: document.getElementById('open-readme'),
@@ -23,6 +24,18 @@ const elements = {
   scriptProgress: document.getElementById('script-progress'),
 };
 
+function toHex(bytes) {
+  return Array.from(bytes)
+    .map((b) => b.toString(16).padStart(2, '0'))
+    .join('');
+}
+
+async function sha256(text) {
+  const data = new TextEncoder().encode(text);
+  const digest = await crypto.subtle.digest('SHA-256', data);
+  return toHex(new Uint8Array(digest));
+}
+
 async function loadMessages() {
   try {
     const response = await fetch(chrome.runtime.getURL('messages.json'));
@@ -177,6 +190,45 @@ function copyText(text, label) {
   );
 }
 
+async function checkScriptVersion() {
+  elements.scriptProgress.style.display = 'block';
+  try {
+    const [remoteResp, localResp] = await Promise.all([
+      fetch(CODE_FILE_URL, { cache: 'no-store' }),
+      fetch(chrome.runtime.getURL(CODE_FILE)),
+    ]);
+
+    if (!localResp.ok) {
+      showMessage(getMessage('scriptCheckFailed'), true);
+      return;
+    }
+
+    const localText = await localResp.text();
+    const localHash = await sha256(localText);
+
+    if (!remoteResp.ok) {
+      // Network / censorship realities: just report we couldn't check.
+      showMessage(getMessage('scriptCheckNetworkBlocked'), true);
+      return;
+    }
+
+    const remoteText = await remoteResp.text();
+    const remoteHash = await sha256(remoteText);
+
+    if (remoteHash === localHash) {
+      showMessage(getMessage('scriptUpToDate'));
+      return;
+    }
+
+    showMessage(getMessage('scriptOutdated'), true);
+  } catch (err) {
+    console.error(err);
+    showMessage(getMessage('scriptCheckFailed'), true);
+  } finally {
+    elements.scriptProgress.style.display = 'none';
+  }
+}
+
 async function downloadLatestRust() {
   try {
     const response = await fetch('https://api.github.com/repos/therealaleph/MasterHttpRelayVPN-RUST/releases/latest');
@@ -272,6 +324,8 @@ function initListeners() {
     window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/docs/guide.md', '_blank');
   });
 
+  elements.checkScriptVersion.addEventListener('click', () => checkScriptVersion());
+
   elements.downloadRust.addEventListener('click', () => downloadLatestRust());
   elements.openReleases.addEventListener('click', () => window.open('https://github.com/therealaleph/MasterHttpRelayVPN-RUST/releases', '_blank'));
 
diff --git a/chrome-extension/tests/auth-key-smoke.spec.js b/chrome-extension/tests/auth-key-smoke.spec.js
new file mode 100644
index 0000000..d5fdc85
--- /dev/null
+++ b/chrome-extension/tests/auth-key-smoke.spec.js
@@ -0,0 +1,74 @@
+const { test, expect, chromium } = require('@playwright/test');
+const path = require('path');
+
+function containsSecret(value, secret) {
+  return typeof value === 'string' && value.includes(secret);
+}
+
+test('AUTH_KEY stays local to popup scope', async () => {
+  const extensionPath = path.resolve(__dirname, '..');
+  const context = await chromium.launchPersistentContext('', {
+    channel: 'chromium',
+    headless: false,
+    args: [
+      `--disable-extensions-except=${extensionPath}`,
+      `--load-extension=${extensionPath}`,
+    ],
+  });
+
+  const requestSnapshots = [];
+  const consoleMessages = [];
+  let generatedKey = '';
+
+  context.on('request', (req) => {
+    requestSnapshots.push({
+      url: req.url(),
+      postData: req.postData() || '',
+      headers: JSON.stringify(req.headers()),
+    });
+  });
+
+  try {
+    let [worker] = context.serviceWorkers();
+    if (!worker) {
+      worker = await context.waitForEvent('serviceworker');
+    }
+
+    const extensionId = worker.url().split('/')[2];
+    const page = await context.newPage();
+
+    page.on('console', (msg) => {
+      consoleMessages.push(msg.text());
+    });
+
+    await page.goto(`chrome-extension://${extensionId}/popup.html`);
+
+    await page.getByRole('button', { name: /Generate auth key|تولید کلید/ }).click();
+    generatedKey = await page.locator('#auth-key').inputValue();
+    expect(generatedKey).toMatch(/^[a-f0-9]{64}$/);
+
+    await page.getByRole('button', { name: /Copy key|کپی کلید/ }).click();
+    await page.getByRole('button', { name: /Copy Code\.gs|کپی Code\.gs/ }).click();
+    await page.getByRole('button', { name: /Copy config snippet|کپی قطعه پیکربندی/ }).click();
+
+    const [localStorageData, syncStorageData] = await Promise.all([
+      page.evaluate(() => new Promise((resolve) => chrome.storage.local.get(null, resolve))),
+      page.evaluate(() => new Promise((resolve) => chrome.storage.sync.get(null, resolve))),
+    ]);
+
+    expect(JSON.stringify(localStorageData)).not.toContain(generatedKey);
+    expect(JSON.stringify(syncStorageData)).not.toContain(generatedKey);
+
+    for (const req of requestSnapshots) {
+      expect(containsSecret(req.url, generatedKey)).toBeFalsy();
+      expect(containsSecret(req.postData, generatedKey)).toBeFalsy();
+      expect(containsSecret(req.headers, generatedKey)).toBeFalsy();
+    }
+
+    for (const line of consoleMessages) {
+      expect(containsSecret(line, generatedKey)).toBeFalsy();
+    }
+  } finally {
+    await context.close();
+  }
+});

From e27921b12bd12ba1718d044834a0b606e8015ddf Mon Sep 17 00:00:00 2001
From: "a.abdollahian" <itsardalan007@gmail.com>
Date: Wed, 13 May 2026 15:09:57 +0330
Subject: [PATCH 9/9] feat(ci sync & betterdocs):add how to use docs and  ci
 sync

---
 README.md                                     |  12 +-
 .../.github/workflows/sync-codegs.yml         |  36 +++++
 chrome-extension/HOW_TO_USE.fa.md             | 111 +++++++++++++
 chrome-extension/HOW_TO_USE.md                | 111 +++++++++++++
 chrome-extension/README.fa.md                 |  88 +++++++++++
 chrome-extension/README.md                    | 147 ++++++++++--------
 chrome-extension/messages.json                |  18 ++-
 chrome-extension/popup.css                    |   4 +
 chrome-extension/popup.js                     | 132 ++++++++++++++--
 9 files changed, 574 insertions(+), 85 deletions(-)
 create mode 100644 chrome-extension/.github/workflows/sync-codegs.yml
 create mode 100644 chrome-extension/HOW_TO_USE.fa.md
 create mode 100644 chrome-extension/HOW_TO_USE.md
 create mode 100644 chrome-extension/README.fa.md

diff --git a/README.md b/README.md
index f7e7beb..8c500f8 100644
--- a/README.md
+++ b/README.md
@@ -28,6 +28,10 @@
 - 🖥️ **Works on** Mac, Windows, Linux, Android, OpenWRT routers
 - 🦊 **Any browser or app** that supports HTTP proxy or SOCKS5
 
+## Community helpers
+
+- **[mhrv-helper-extension](https://github.com/ardalan-ab/mhrv-helper-extension)** (Chrome, maintained by [@ardalan-ab](https://github.com/ardalan-ab)) — optional helper to generate an `AUTH_KEY`, copy `Code.gs`, and a `config.json` snippet for Apps Script mode. [How to use (English)](https://github.com/ardalan-ab/mhrv-helper-extension/blob/main/HOW_TO_USE.md) · [راهنمای فارسی](https://github.com/ardalan-ab/mhrv-helper-extension/blob/main/HOW_TO_USE.fa.md).
+
 ## How it works (the simple picture)
 
 ```
@@ -75,7 +79,7 @@ ISPs can't read inside encrypted HTTPS. They only see the address — `www.googl
 
 > **Tip:** if you ever update `Code.gs` later, don't make a new deployment. Edit the code, then go to **Deploy → Manage deployments → ✏️ → Version: New version → Deploy**. The Deployment ID stays the same.
 >
-> **Optional:** use `chrome-extension/README.md` for a browser helper that generates `Code.gs` and local config automatically.
+> **Optional:** use the community [Chrome extension](https://github.com/ardalan-ab/mhrv-helper-extension) — see [How to use](https://github.com/ardalan-ab/mhrv-helper-extension/blob/main/HOW_TO_USE.md) (English) or [راهنمای فارسی](https://github.com/ardalan-ab/mhrv-helper-extension/blob/main/HOW_TO_USE.fa.md).
 
 ### Step 2 — Download mhrv-rs
 
@@ -200,6 +204,10 @@ Most of the Rust code in this port was written with [Anthropic's Claude](https:/
 - 🖥️ **روی** مک، ویندوز، لینوکس، اندروید، روتر OpenWRT کار می‌کند
 - 🦊 **هر مرورگر یا برنامه‌ای** که از HTTP proxy یا SOCKS5 پشتیبانی کند
 
+## ابزارهای جامعه
+
+- **[mhrv-helper-extension](https://github.com/ardalan-ab/mhrv-helper-extension)** (کروم، نگهداری [@ardalan-ab](https://github.com/ardalan-ab)) — افزونهٔ اختیاری برای تولید `AUTH_KEY`، کپی `Code.gs` و قطعهٔ `config.json` در حالت Apps Script. [راهنمای فارسی](https://github.com/ardalan-ab/mhrv-helper-extension/blob/main/HOW_TO_USE.fa.md) · [How to use (English)](https://github.com/ardalan-ab/mhrv-helper-extension/blob/main/HOW_TO_USE.md).
+
 ## چطور کار می‌کند (تصویر ساده)
 
 ```
@@ -246,6 +254,8 @@ ISP داخل HTTPS رمزشده را نمی‌تواند بخواند. فقط آ
 ۱۱. گوگل یک **Deployment ID** نشانت می‌دهد (یک رشتهٔ تصادفی طولانی). **کپی‌اش کن** — در مرحلهٔ ۳ لازم داری.
 
 > **نکته:** اگر بعداً `Code.gs` را به‌روزرسانی کنی، Deployment جدید نساز. کد را ویرایش کن، بعد **Deploy → Manage deployments → ✏️ → Version: New version → Deploy**. Deployment ID همان قبلی می‌ماند.
+>
+> **اختیاری:** افزونهٔ اختیاری کروم [mhrv-helper-extension](https://github.com/ardalan-ab/mhrv-helper-extension) — [راهنمای فارسی](https://github.com/ardalan-ab/mhrv-helper-extension/blob/main/HOW_TO_USE.fa.md) · [How to use (English)](https://github.com/ardalan-ab/mhrv-helper-extension/blob/main/HOW_TO_USE.md).
 
 ### مرحلهٔ ۲ — دانلود mhrv-rs
 
diff --git a/chrome-extension/.github/workflows/sync-codegs.yml b/chrome-extension/.github/workflows/sync-codegs.yml
new file mode 100644
index 0000000..c62b797
--- /dev/null
+++ b/chrome-extension/.github/workflows/sync-codegs.yml
@@ -0,0 +1,36 @@
+# Runs when this folder is the Git repository root (e.g. ardalan-ab/mhrv-helper-extension).
+# In the main monorepo, use .github/workflows/chrome-extension.yml instead (same cmp logic).
+
+name: Code.gs sync with upstream
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  bundled-matches-upstream-main:
+    name: bundled Code.gs matches upstream main
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out extension repository
+        uses: actions/checkout@v4
+
+      - name: Fetch canonical Code.gs from main project (main branch)
+        run: |
+          curl -fsSL \
+            'https://raw.githubusercontent.com/therealaleph/MasterHttpRelayVPN-RUST/main/assets/apps_script/Code.gs' \
+            -o /tmp/upstream-Code.gs
+
+      - name: Compare with bundled Code.gs
+        run: |
+          if ! cmp -s Code.gs /tmp/upstream-Code.gs; then
+            echo "::error::Bundled Code.gs differs from therealaleph/MasterHttpRelayVPN-RUST main (assets/apps_script/Code.gs). Copy the upstream file into this repo and commit."
+            diff -u /tmp/upstream-Code.gs Code.gs || true
+            exit 1
+          fi
+          echo "OK: bundled Code.gs matches upstream main."
diff --git a/chrome-extension/HOW_TO_USE.fa.md b/chrome-extension/HOW_TO_USE.fa.md
new file mode 100644
index 0000000..0a19c73
--- /dev/null
+++ b/chrome-extension/HOW_TO_USE.fa.md
@@ -0,0 +1,111 @@
+# راهنمای استفاده از افزونهٔ کمک‌کنندهٔ Apps Script برای mhrv-rs (کروم)
+
+[English](HOW_TO_USE.md)
+
+این راهنما برای **کاربر نهایی** است که می‌خواهد با این افزونه، راه‌اندازی Apps Script برای [mhrv-rs](https://github.com/therealaleph/MasterHttpRelayVPN-RUST) را ساده‌تر کند. اسکریپت را هنوز باید در **حساب گوگل خودت** دیپلوی کنی و **mhrv-rs** را روی کامپیوترت اجرا کنی؛ افزونه فقط متن آماده می‌کند و لینک باز می‌کند.
+
+---
+
+## ۱. نصب افزونه (حالت unpacked)
+
+1. پوشهٔ افزونه را بگیر (پوشه‌ای که `manifest.json` داخلش است):
+   - **پیشنهادی:** مخزن [ardalan-ab/mhrv-helper-extension](https://github.com/ardalan-ab/mhrv-helper-extension) را کلون کن و **ریشهٔ مخزن** را انتخاب کن.
+   - **جایگزین:** در مخزن اصلی [MasterHttpRelayVPN-RUST](https://github.com/therealaleph/MasterHttpRelayVPN-RUST) از پوشهٔ **`chrome-extension/`** استفاده کن.
+2. کروم را باز کن و به `chrome://extensions` برو.
+3. **Developer mode** را روشن کن (بالا سمت راست).
+4. **Load unpacked** را بزن و همان پوشه را انتخاب کن.
+5. (اختیاری) از آیکن پازل، افزونه را **Pin** کن تا همیشه در نوار ابزار باشد.
+
+---
+
+## ۲. باز کردن پاپ‌آپ و انتخاب زبان
+
+1. روی آیکن افزونه کلیک کن.
+2. در بالای پاپ‌آپ، **English** یا **فارسی** را انتخاب کن. برای فارسی، چیدمان راست‌به‌چپ است.
+
+---
+
+## ۳. دانلود mhrv-rs (اختیاری ولی مفید)
+
+در **مرحلهٔ ۰**:
+
+- **دانلود mhrv-rs** را بزن — کروم فایل ریلیز مناسب سیستم‌عاملت را از گیت‌هاب باز می‌کند.
+- یا **مشاهدهٔ همهٔ انتشارها** را بزن اگر می‌خواهی خودت بیلد دیگری (اندروید، musl و غیره) را انتخاب کنی.
+
+فایل را از حالت فشرده خارج کن و جایی نگه دار که بعداً برنامه را از همانجا اجرا کنی (طبق README اصلی پروژه).
+
+---
+
+## ۴. تولید کلید احراز هویت
+
+در **مرحلهٔ ۱**:
+
+1. **تولید کلید احراز هویت** را بزن. یک رشتهٔ hex به طول ۶۴ کاراکتر در کادر ظاهر می‌شود.
+2. در صورت نیاز **کپی کلید** را بزن.
+
+این مقدار را در **دو جا** یکسان استفاده کن:
+
+- داخل **Apps Script** به‌عنوان `AUTH_KEY` در `Code.gs` (وقتی **کپی Code.gs** می‌زنی، افزونه آن را در کد قرار می‌دهد).
+- در **mhrv-rs** در فیلد auth key هنگام ذخیرهٔ کانفیگ.
+
+مثل پسورد نگه‌اش دار. افزونه آن را در مرورگر می‌سازد و به سروری ارسال نمی‌کند.
+
+---
+
+## ۵. بردن Code.gs به Google Apps Script
+
+در **مرحلهٔ ۲**:
+
+1. تا زمانی که اسپینر تمام شود و اسکریپت بارگذاری شود صبر کن (از گیت‌هاب، یا نسخهٔ داخل بسته اگر raw مسدود باشد).
+2. (اختیاری) **بررسی آخرین نسخه Code.gs** را بزن تا ببینی نسخهٔ بسته با upstream یکی است یا نه.
+3. در صورت نیاز **باز کردن Apps Script** را بزن تا تب پروژهٔ جدید باز شود.
+4. در Apps Script: **New project** (یا پروژهٔ موجود)، محتوای پیش‌فرض `Code.gs` را پاک کن.
+5. در افزونه، **کپی Code.gs** (یا **دانلود Code.gs** و باز کردن فایل) را بزن.
+6. در ویرایشگر Apps Script پیست کن و **Save** بزن.
+
+به‌صورت **Web app** مستقر کن (مثل README سریع اصلی): معمولاً **Execute as: Me** و **Who has access: Anyone** (مگر راهنما چیز دیگری بگوید). اگر گوگل دسترسی خواست، تأیید کن.
+
+**Deployment ID** که گوگل نشان می‌دهد را کپی کن (در مرحلهٔ ۳ افزونه می‌چسبانی).
+
+---
+
+## ۶. ساخت قطعهٔ کانفیگ محلی
+
+در **مرحلهٔ ۳**:
+
+1. **شناسهٔ استقرار** را در فیلد مربوطه پیست کن.
+2. **کپی قطعهٔ پیکربندی** را بزن.
+3. JSON را در **`config.json`** مربوط به `mhrv-rs` ادغام کن (یا در UI گرافیکی برنامه اگر از آن استفاده می‌کنی).
+
+شکل معمول:
+
+```json
+{
+  "mode": "apps_script",
+  "script_id": "شناسه_استقرار_تو",
+  "auth_key": "کلید_تو",
+  "listen_port": 8085
+}
+```
+
+افزونه از همان چیزی که تولید کرده‌ای و Deployment ID که دادی پرش می‌کند.
+
+---
+
+## ۷. اجرای mhrv-rs و تنظیم پروکسی مرورگر
+
+از بخش «اجرای اول» به بعد **README اصلی پروژه** را دنبال کن: ذخیرهٔ کانفیگ، استارت پروکسی، تنظیم فایرفاکس یا کروم روی `127.0.0.1:8085` (یا SwitchyOmega طبق همان README).
+
+در پاپ‌آپ از **مشاهدهٔ مستندات** و **راهنمای راه‌اندازی** برای لینک به README و راهنمای رسمی استفاده کن.
+
+---
+
+## عیب‌یابی کوتاه
+
+| مشکل | کار پیشنهادی |
+|--------|----------------|
+| اسکریپت بارگذاری نمی‌شود | ممکن است raw گیت‌هاب مسدود باشد؛ افزونه به `Code.gs` داخل بسته برمی‌گردد. بعد از بهبود شبکه **بررسی آخرین نسخه Code.gs** را بزن. |
+| دکمه‌های کپی کار نمی‌کنند | بعضی محیط‌ها کلیپ‌بورد را مسدود می‌کنند؛ پاپ‌آپ را فوکوس کن یا از **دانلود Code.gs** استفاده کن. |
+| باینری اشتباه دانلود شد | با **مشاهدهٔ همهٔ انتشارها** دستی فایل مناسب سیستم‌عاملت را انتخاب کن. |
+
+برای موضوعات پیشرفته‌تر (CAPTCHA، تلگرام، Full Tunnel) از [راهنمای کامل](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/docs/guide.fa.md) در مخزن اصلی استفاده کن.
diff --git a/chrome-extension/HOW_TO_USE.md b/chrome-extension/HOW_TO_USE.md
new file mode 100644
index 0000000..35d431b
--- /dev/null
+++ b/chrome-extension/HOW_TO_USE.md
@@ -0,0 +1,111 @@
+# How to use the mhrv-rs Apps Script Helper (Chrome)
+
+[فارسی](HOW_TO_USE.fa.md)
+
+This guide is for **end users** who want the extension to help with Apps Script setup for [mhrv-rs](https://github.com/therealaleph/MasterHttpRelayVPN-RUST). You still deploy the script in **your** Google account and run **mhrv-rs** on your computer; the extension only prepares text and opens links.
+
+---
+
+## 1. Install the extension (unpacked)
+
+1. Get the extension folder (the directory that contains `manifest.json`):
+   - **Recommended:** clone [ardalan-ab/mhrv-helper-extension](https://github.com/ardalan-ab/mhrv-helper-extension) and use the **repo root**.
+
+2. Go to ( chrome://extensions/ )
+3. Click on **Devloper mode** 
+4. Click **Load unpacked** and select that folder.
+5. (Optional) Pin the extension from the puzzle icon so it stays in the toolbar.
+
+---
+
+## 2. Open the popup and pick a language
+
+1. Click the extension icon.
+2. In the header, choose **English** or **فارسی**. Persian uses RTL layout.
+
+---
+
+## 3. Download mhrv-rs (optional but useful)
+
+In **Step 0**:
+
+- Click **Download mhrv-rs** — Chrome opens the release asset the extension picks for your OS (from GitHub).
+- Or use **View all releases** if you want to choose another build (Android, musl, etc.).
+
+Unzip the archive and keep the folder somewhere you will run the app from (see the main project README).
+
+---
+
+## 4. Generate the auth key
+
+In **Step 1**:
+
+1. Click **Generate auth key**. A 64-character hex string appears in the box.
+2. Click **Copy key** if you want it on the clipboard.
+
+Use this same value in two places:
+
+- Inside **Apps Script** as `AUTH_KEY` in `Code.gs` (the extension’s **Copy Code.gs** step will embed it for you when you copy).
+- In **mhrv-rs** as the auth key field when you save config.
+
+Treat it like a password. The extension generates it in the browser; it is not sent to a server by the extension.
+
+---
+
+## 5. Get Code.gs into Google Apps Script
+
+In **Step 2**:
+
+1. Wait until the spinner disappears and the script has loaded (from GitHub, or bundled fallback if GitHub is blocked).
+2. (Optional) Click **Check latest Code.gs** to see if the bundled copy matches the latest file on GitHub.
+3. Click **Open Apps Script** if you need a new project tab.
+4. In Apps Script: **New project** (or open an existing project), delete the default `Code.gs` content.
+5. Back in the extension, click **Copy Code.gs** (or **Download Code.gs** and open the file).
+6. Paste into the Apps Script editor and **Save**.
+
+Deploy as a **Web app** (see the main README Quick Start): **Execute as: Me**, **Who has access: Anyone** (unless your setup requires something else). Finish authorization if Google asks.
+
+Copy the **Deployment ID** Google shows you (you will paste it in Step 3 of the extension).
+
+---
+
+## 6. Build your local config snippet
+
+In **Step 3**:
+
+1. Paste the **Deployment ID** into the **Deployment ID** field.
+2. Click **Copy config snippet**.
+3. Merge the JSON into your **`config.json`** for `mhrv-rs` (or paste into the app’s config UI if you use the graphical mode).
+
+Typical shape:
+
+```json
+{
+  "mode": "apps_script",
+  "script_id": "YOUR_DEPLOYMENT_ID",
+  "auth_key": "YOUR_AUTH_KEY",
+  "listen_port": 8085
+}
+```
+
+The extension fills `script_id` and `auth_key` from what you entered and generated.
+
+---
+
+## 7. Run mhrv-rs and point the browser at the proxy
+
+Follow the **main project README** from “First run” onward: save config, start the proxy, set Firefox or Chrome to `127.0.0.1:8085` (or use SwitchyOmega as documented there).
+
+Use **View app docs** / **Open setup guide** in the extension footer for links to the official README and guide.
+
+---
+
+## Troubleshooting (short)
+
+| Problem | What to try |
+|--------|-------------|
+| Script never loads | GitHub raw may be blocked; the extension falls back to bundled `Code.gs`. Use **Check latest Code.gs** after the network improves. |
+| Copy buttons do nothing | Some contexts block clipboard; try focusing the popup first or use **Download Code.gs** instead. |
+| Wrong binary downloaded | Use **View all releases** and pick the archive for your OS manually. |
+
+For deeper issues (CAPTCHA, Telegram, full tunnel), use [docs/guide.md](https://github.com/therealaleph/MasterHttpRelayVPN-RUST/blob/main/docs/guide.md) in the main repo.
\ No newline at end of file
diff --git a/chrome-extension/README.fa.md b/chrome-extension/README.fa.md
new file mode 100644
index 0000000..8c7001b
--- /dev/null
+++ b/chrome-extension/README.fa.md
@@ -0,0 +1,88 @@
+# کمک‌کنندهٔ Apps Script برای mhrv-rs (افزونهٔ کروم)
+
+[English](README.md) | فارسی
+
+این یک **افزونهٔ سبک کروم (Manifest V3)** است که راه‌اندازی اولیهٔ **Google Apps Script** را برای استفاده از **[mhrv-rs](https://github.com/therealaleph/MasterHttpRelayVPN-RUST)** در حالت **رلهٔ Apps Script** ساده‌تر می‌کند. خود پروکسی یا تونل نیست؛ فقط در تولید کلید، گرفتن `Code.gs` و ساختن قطعهٔ `config.json` کمک می‌کند.
+
+**نسخهٔ پیشنهادی برای کلون و توسعه:** [ardalan-ab/mhrv-helper-extension](https://github.com/ardalan-ab/mhrv-helper-extension)  
+**پروژهٔ اصلی:** [therealaleph/MasterHttpRelayVPN-RUST](https://github.com/therealaleph/MasterHttpRelayVPN-RUST)
+
+**راهنمای گام‌به‌گام برای کاربر:** [HOW_TO_USE.fa.md](HOW_TO_USE.fa.md) · [English](HOW_TO_USE.md)
+
+---
+
+## این افزونه چه کار می‌کند؟
+
+| مرحله | خروجی                                                                                                                                                                                                                  |
+| ----- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| ۰     | باز کردن آخرین نسخهٔ **mhrv-rs** متناسب با سیستم‌عامل شما (از طریق API گیت‌هاب).                                                                                                                                       |
+| ۱     | تولید **AUTH_KEY** تصادفی و قوی داخل مرورگر (`crypto.getRandomValues`).                                                                                                                                                |
+| ۲     | بارگذاری **Code.gs** از `raw.githubusercontent.com` (مسیر رسمی در مخزن اصلی)، با **نسخهٔ پشتیبان داخل بسته** اگر گیت‌هاب در دسترس نباشد. دکمهٔ **بررسی آخرین نسخه Code.gs** وضعیت هم‌خوانی با upstream را نشان می‌دهد. |
+| ۳     | ساخت **قطعهٔ JSON پیکربندی** (حالت `apps_script`) پس از وارد کردن **شناسهٔ استقرار (Deployment ID)**.                                                                                                                  |
+
+رابط کاربری به **انگلیسی** و **فارسی** است و برای فارسی چیدمان **راست‌به‌چپ (RTL)** درست شده است.
+
+---
+
+## مجوزها (چرا لازم‌اند)
+
+- **`storage`**: برای تنظیمات احتمالی آینده؛ در جریان فعلی اصلی افزونه الزامی نیست.
+- **`clipboardWrite`**: کپی کردن کلید، `Code.gs` و قطعهٔ config با کلیک روی دکمه‌های کپی.
+- **دسترسی به میزبان‌ها:** `script.google.com` (باز کردن Apps Script)، `raw.githubusercontent.com` (گرفتن `Code.gs`)، `api.github.com` (پیدا کردن آخرین ریلیز برای دانلود).
+
+**AUTH_KEY** فقط روی دستگاه شما ساخته می‌شود و توسط این افزونه به هیچ سروری ارسال نمی‌شود؛ تست‌های خودکار (Playwright) بررسی می‌کنند که در ترافیک شبکهٔ ثبت‌شده و storage افزونه دیده نشود.
+
+---
+
+## نصب (بارگذاری unpacked)
+
+[اینجا کلیک کنید](HOW_TO_USE.fa.md)
+
+## توسعه و تست
+
+### بررسی سریع syntax
+
+```bash
+python3 -m json.tool manifest.json
+python3 -m json.tool messages.json
+node --check popup.js
+```
+
+### تست دستی UI (بدون APIهای کروم)
+
+از همین پوشه:
+
+```bash
+python3 -m http.server 8000
+```
+
+در مرورگر `http://localhost:8000/test.html` را باز کنید (رفتار کلیپ‌بورد و `chrome.*` با افزونهٔ واقعی فرق دارد).
+
+### تست خودکار smoke (Playwright)
+
+```bash
+npm install
+npx playwright install chromium
+npm run test:smoke
+```
+
+روی لینوکس بدون نمایشگر: `xvfb-run npm run test:smoke` (مثل CI).
+
+### CI — هم‌خوانی `Code.gs` با upstream
+
+- **مخزن فقط افزونه** (ریشهٔ git همین پوشه است): workflow [`.github/workflows/sync-codegs.yml`](.github/workflows/sync-codegs.yml) فایل canonical را از `main` پروژهٔ `therealaleph/MasterHttpRelayVPN-RUST` می‌گیرد و با `Code.gs` داخل بسته مقایسه می‌کند.
+- **داخل مونوریپوی کامل**: workflow ریشهٔ مخزن [`.github/workflows/chrome-extension.yml`](../../.github/workflows/chrome-extension.yml) `chrome-extension/Code.gs` را با `assets/apps_script/Code.gs` همان commit مقایسه می‌کند.
+
+دکمهٔ **بررسی آخرین نسخه Code.gs** از **GitHub Contents API** برای همان مسیر استفاده می‌کند، بعد محتوا را با بسته مقایسه می‌کند و نتیجهٔ API (blob کوتاه، اندازه، یا متن خطای API) را نشان می‌دهد.
+
+---
+
+## نسخه
+
+مقدار `version` در **`manifest.json`** (مثلاً **0.2.0**).
+
+---
+
+## مجوز upstream
+
+رفتار و محتوای `Code.gs` توسط پروژهٔ **MasterHttpRelayVPN-RUST** تعیین می‌شود. انتشار در **Chrome Web Store** باید با قوانین گوگل و مجوزهای مخزن اصلی سازگار باشد.
diff --git a/chrome-extension/README.md b/chrome-extension/README.md
index e57c404..da6f96e 100644
--- a/chrome-extension/README.md
+++ b/chrome-extension/README.md
@@ -1,77 +1,94 @@
-# mhrv-rs Apps Script Helper Chrome Extension
+# mhrv-rs Apps Script Helper (Chrome extension)
 
-This Chrome extension is a lightweight helper for the `MasterHttpRelayVPN-RUST` project. It automates the first-time Apps Script setup by generating a strong `AUTH_KEY`, fetching the latest `Code.gs` source from the repository, and producing a local config snippet.
+English | [فارسی](README.fa.md)
 
-## ✨ New Features (v0.2.0)
-- 🌐 **Multilingual Support**: English and Persian (فارسی) interface
-- 🎨 **Modern UI**: Improved design with icons, animations, and better UX
-- 📱 **RTL Support**: Proper right-to-left layout for Persian
-- 🔄 **Loading Indicators**: Visual feedback during script fetching
-- 📦 **Auto-Updates**: Always fetches latest Code.gs from repository
-- 🏗️ **Better Architecture**: Modular code with i18n support
+A small **Chrome extension (Manifest V3)** that speeds up **Google Apps Script** setup for **[mhrv-rs](https://github.com/therealaleph/MasterHttpRelayVPN-RUST)** when you use **Apps Script relay mode**. It does not replace the proxy or tunnel; it only helps you generate secrets, pull the canonical `Code.gs`, and build a local `config.json` snippet.
+
+**Maintainer / standalone source:** [ardalan-ab/mhrv-helper-extension](https://github.com/ardalan-ab/mhrv-helper-extension) (recommended).  
+**Upstream project:** [therealaleph/MasterHttpRelayVPN-RUST](https://github.com/therealaleph/MasterHttpRelayVPN-RUST).
+
+**Step-by-step for users:** [HOW_TO_USE.md](HOW_TO_USE.md) · [راهنمای فارسی](HOW_TO_USE.fa.md)
+
+---
 
 ## What it does
 
-- Downloads the latest `mhrv-rs` binary for your platform
-- Generates a strong random `AUTH_KEY`
-- Fetches the latest `Code.gs` from the GitHub repository (with local fallback)
-- Creates a ready-to-deploy `Code.gs` file with the same relay protocol used by the repo
-- Opens Google Apps Script in a new tab
-- Builds a JSON config snippet for `config.json`
-- Links to the repo documentation for setup and troubleshooting
-
-## Installation
-
-1. Open Chrome and go to `chrome://extensions`.
-2. Enable **Developer mode**.
-3. Click **Load unpacked**.
-4. Select the `chrome-extension` folder in this repository.
-5. The extension icon should appear in your toolbar.
-
-## Usage
-
-1. Click the extension icon.
-2. Select your preferred language (English/Persian) from the dropdown.
-3. Tap **Download mhrv-rs** to get the latest binary for your platform.
-4. Tap **Generate auth key**.
-5. The extension will fetch the latest `Code.gs` from GitHub (shows loading indicator).
-6. Tap **Copy Code.gs** or **Download Code.gs**.
-7. In `https://script.google.com`, create a new Apps Script project and paste the generated contents.
-7. Deploy as a Web App with:
-   - **Execute as:** Me
-   - **Who has access:** Anyone
-8. Copy the deployment ID and paste it into the Deployment ID field in the extension.
-9. Tap **Copy config snippet** and paste the result into your local `config.json`.
-
-## Testing the Extension
-
-### Manual Testing
-1. Load the extension in Chrome as described in Installation
-2. Click the extension icon
-3. Test language switching (English ↔ Persian)
-4. Generate an auth key and verify it's 64 characters
-5. Test copying functionality (key, script, config)
-6. Test download buttons (should open new tabs)
-7. Verify RTL layout works in Persian mode
-
-### Automated Testing
-Open `test.html` in a browser to test the UI without Chrome extension restrictions:
-```bash
-# In chrome-extension folder
-python3 -m http.server 8000
-# Then open http://localhost:8000/test.html
-```
+| Step | What you get                                                                                                                                                                                                    |
+| ---- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| 0    | Opens the latest **mhrv-rs** release asset for your OS (via GitHub API).                                                                                                                                        |
+| 1    | Generates a strong random **AUTH_KEY** in the browser (`crypto.getRandomValues`).                                                                                                                               |
+| 2    | Loads **Code.gs** from `raw.githubusercontent.com` (canonical path in the main repo), with a **bundled fallback** if the network blocks GitHub. Optional **Check latest Code.gs** compares upstream vs bundled. |
+| 3    | Builds a **JSON config snippet** (`apps_script` mode) once you paste your **Deployment ID**.                                                                                                                    |
+
+The popup is available in **English** and **Persian (فارسی)** with **RTL** layout for Persian.
+
+---
+
+## Permissions (why they exist)
+
+- **`storage`**: reserved for future settings; the extension does not need it for core flow today.
+- **`clipboardWrite`**: copy auth key, `Code.gs`, and config snippet to the clipboard when you click the copy buttons.
+- **Host access**: `script.google.com` (open Apps Script), `raw.githubusercontent.com` (fetch `Code.gs`), `api.github.com` (resolve latest release for downloads).
+
+The **AUTH_KEY** is generated locally. It is **not** sent to any server by this extension; automated smoke tests assert it does not appear in captured network traffic or extension storage during the test run.
+
+---
+
+## Install (load unpacked)
+
+[click here](HOW_TO_USE.md)
+
+Use **View app docs** / **Open setup guide** in the popup for links to the main repository README and guide.
+
+---
+
+## Development and testing
+
+### JSON and script sanity (local)
 
-### Validation Checks
 ```bash
-# Check JSON syntax
 python3 -m json.tool manifest.json
 python3 -m json.tool messages.json
+node --check popup.js
+```
 
-# Check JavaScript syntax
-node -c popup.js
+### Manual UI (no Chrome APIs)
 
-# Verify file structure
-ls -la
-# Should show: Code.gs, manifest.json, messages.json, popup.css, popup.html, popup.js, README.md, test.html
+From this folder:
+
+```bash
+python3 -m http.server 8000
+```
+
+Open `http://localhost:8000/test.html` in a normal tab (clipboard and `chrome.*` APIs differ from the real extension).
+
+### Automated smoke test (Playwright)
+
+Requires Node.js and a one-time browser install for Playwright:
+
+```bash
+npm install
+npx playwright install chromium
+npm run test:smoke
 ```
+
+On Linux without a display, use `xvfb-run npm run test:smoke` (as in CI).
+
+### CI — bundled `Code.gs` matches upstream main
+
+- **Standalone extension repo** (this folder is the git root): workflow [`.github/workflows/sync-codegs.yml`](.github/workflows/sync-codegs.yml) downloads `assets/apps_script/Code.gs` from `therealaleph/MasterHttpRelayVPN-RUST` `main` and `cmp`s it to the bundled `Code.gs`.
+- **Inside the full monorepo**: the root workflow [`.github/workflows/chrome-extension.yml`](../../.github/workflows/chrome-extension.yml) compares `chrome-extension/Code.gs` with `assets/apps_script/Code.gs` on the same commit.
+
+The popup **Check latest Code.gs** button calls the **GitHub Contents API** for that file, then compares bytes to your bundle and shows the API result (blob short SHA, size, or the API error `message`).
+
+---
+
+## Version
+
+See **`manifest.json`** → `version` (currently aligned with extension releases, e.g. **0.2.0**).
+
+---
+
+## License and upstream
+
+Behavior and `Code.gs` content are defined by the **MasterHttpRelayVPN-RUST** project. Use and distribute this helper in line with the licenses and policies of the upstream repository and the Chrome Web Store if you publish there.
diff --git a/chrome-extension/messages.json b/chrome-extension/messages.json
index 28701fe..962cc33 100644
--- a/chrome-extension/messages.json
+++ b/chrome-extension/messages.json
@@ -38,10 +38,11 @@
     "copyError": "Could not copy {item}.",
     "fetchError": "Failed to load Code.gs at all."
     ,
-    "scriptUpToDate": "Your bundled Code.gs matches the latest upstream version.",
-    "scriptOutdated": "Update available: your bundled Code.gs differs from upstream.",
-    "scriptCheckFailed": "Could not verify Code.gs version.",
-    "scriptCheckNetworkBlocked": "Could not reach upstream to check Code.gs (network blocked/offline)."
+    "scriptUpToDateDetail": "Bundled Code.gs matches main. GitHub API: blob {sha}… ({size} bytes).",
+    "scriptOutdatedDetail": "Bundled Code.gs differs from main. Upstream blob {sha}… ({size} bytes). Update bundled Code.gs from the main repo.",
+    "scriptCheckApiError": "GitHub API ({status}): {detail}",
+    "scriptCheckRawFailed": "GitHub API OK but file body missing: {detail}",
+    "scriptCheckFailed": "Could not verify Code.gs version."
   },
   "fa": {
     "appName": "کمک‌کننده اسکریپت اپس mhrv-rs",
@@ -82,9 +83,10 @@
     "copyError": "کپی {item} امکان‌پذیر نبود.",
     "fetchError": "بارگذاری Code.gs به طور کامل ناموفق بود."
     ,
-    "scriptUpToDate": "Code.gs داخلی افزونه با آخرین نسخه upstream یکسان است.",
-    "scriptOutdated": "به‌روزرسانی موجود است: Code.gs داخلی افزونه با upstream متفاوت است.",
-    "scriptCheckFailed": "امکان بررسی نسخه Code.gs وجود ندارد.",
-    "scriptCheckNetworkBlocked": "امکان دسترسی به upstream برای بررسی Code.gs نبود (اینترنت/شبکه مسدود یا آفلاین)."
+    "scriptUpToDateDetail": "Code.gs داخل افزونه با main یکی است. API گیت‌هاب: blob {sha}… ({size} بایت).",
+    "scriptOutdatedDetail": "Code.gs داخل افزونه با main فرق دارد. blob upstream: {sha}… ({size} بایت). فایل را از مخزن اصلی به‌روز کن.",
+    "scriptCheckApiError": "خطای API گیت‌هاب ({status}): {detail}",
+    "scriptCheckRawFailed": "API گیت‌هاب OK بود اما بدنهٔ فایل نیامد: {detail}",
+    "scriptCheckFailed": "امکان بررسی نسخه Code.gs وجود ندارد."
   }
 }
\ No newline at end of file
diff --git a/chrome-extension/popup.css b/chrome-extension/popup.css
index 4a93d79..4c5dbb2 100644
--- a/chrome-extension/popup.css
+++ b/chrome-extension/popup.css
@@ -258,6 +258,10 @@ footer {
   border-radius: 8px;
   background: rgba(5, 150, 105, 0.1);
   display: inline-block;
+  max-width: 100%;
+  box-sizing: border-box;
+  word-break: break-word;
+  text-align: start;
 }
 
 #message.error {
diff --git a/chrome-extension/popup.js b/chrome-extension/popup.js
index 5af61d0..3a5c053 100644
--- a/chrome-extension/popup.js
+++ b/chrome-extension/popup.js
@@ -1,6 +1,14 @@
 const AUTH_KEY_PLACEHOLDER = 'CHANGE_ME_TO_A_STRONG_SECRET';
 const CODE_FILE = 'Code.gs';
 const CODE_FILE_URL = 'https://raw.githubusercontent.com/therealaleph/MasterHttpRelayVPN-RUST/main/assets/apps_script/Code.gs';
+const CODE_GS_API_URL =
+  'https://api.github.com/repos/therealaleph/MasterHttpRelayVPN-RUST/contents/assets/apps_script/Code.gs?ref=main';
+
+const GITHUB_API_HEADERS = {
+  Accept: 'application/vnd.github+json',
+  'X-GitHub-Api-Version': '2022-11-28',
+  'User-Agent': 'mhrv-helper-extension',
+};
 let codeTemplate = '';
 let messages = {};
 
@@ -55,7 +63,12 @@ async function loadMessages() {
         scriptNotLoaded: "Script template not loaded yet.",
         generateKeyFirst: "Generate an auth key first.",
         copyError: "Could not copy {item}.",
-        fetchError: "Failed to load Code.gs at all."
+        fetchError: "Failed to load Code.gs at all.",
+        scriptUpToDateDetail: "Bundled Code.gs matches main. GitHub API: blob {sha}… ({size} bytes).",
+        scriptOutdatedDetail: "Bundled Code.gs differs from main. Upstream blob {sha}… ({size} bytes). Update bundled Code.gs from the main repo.",
+        scriptCheckApiError: "GitHub API ({status}): {detail}",
+        scriptCheckRawFailed: "GitHub API OK but file body missing: {detail}",
+        scriptCheckFailed: "Could not verify Code.gs version.",
       }
     };
   }
@@ -190,11 +203,68 @@ function copyText(text, label) {
   );
 }
 
+async function fetchGithubCodeGsMetadata() {
+  const response = await fetch(CODE_GS_API_URL, {
+    cache: 'no-store',
+    headers: GITHUB_API_HEADERS,
+  });
+  const text = await response.text();
+  let json = null;
+  try {
+    json = JSON.parse(text);
+  } catch {
+    // non-JSON body
+  }
+  return { ok: response.ok, status: response.status, json, text };
+}
+
+function decodeGithubFileContent(json) {
+  if (json.encoding === 'base64' && typeof json.content === 'string') {
+    const b64 = json.content.replace(/\n/g, '');
+    const binary = atob(b64);
+    const bytes = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i += 1) {
+      bytes[i] = binary.charCodeAt(i);
+    }
+    return new TextDecoder('utf-8').decode(bytes);
+  }
+  return null;
+}
+
+async function getUpstreamCodeGsTextFromApi(json) {
+  const inline = decodeGithubFileContent(json);
+  if (inline != null) {
+    return inline;
+  }
+  if (json.download_url) {
+    const r = await fetch(json.download_url, { cache: 'no-store' });
+    if (!r.ok) {
+      throw new Error(`download_url HTTP ${r.status}`);
+    }
+    return r.text();
+  }
+  throw new Error('API response has no file body (content / download_url).');
+}
+
+function formatApiErrorDetail(status, json, rawText) {
+  if (json && typeof json.message === 'string') {
+    return json.message;
+  }
+  if (json && typeof json.error === 'string') {
+    return json.error;
+  }
+  const trimmed = (rawText || '').trim();
+  if (trimmed) {
+    return trimmed.slice(0, 240);
+  }
+  return `HTTP ${status}`;
+}
+
 async function checkScriptVersion() {
   elements.scriptProgress.style.display = 'block';
   try {
-    const [remoteResp, localResp] = await Promise.all([
-      fetch(CODE_FILE_URL, { cache: 'no-store' }),
+    const [apiResult, localResp] = await Promise.all([
+      fetchGithubCodeGsMetadata(),
       fetch(chrome.runtime.getURL(CODE_FILE)),
     ]);
 
@@ -206,24 +276,64 @@ async function checkScriptVersion() {
     const localText = await localResp.text();
     const localHash = await sha256(localText);
 
-    if (!remoteResp.ok) {
-      // Network / censorship realities: just report we couldn't check.
-      showMessage(getMessage('scriptCheckNetworkBlocked'), true);
+    if (!apiResult.ok) {
+      const detail = formatApiErrorDetail(apiResult.status, apiResult.json, apiResult.text);
+      showMessage(
+        getMessage('scriptCheckApiError', {
+          status: String(apiResult.status),
+          detail,
+        }),
+        true
+      );
+      return;
+    }
+
+    const meta = apiResult.json;
+    const upstreamSha = typeof meta.sha === 'string' ? meta.sha : '';
+    const shortSha = upstreamSha.length >= 7 ? upstreamSha.slice(0, 7) : upstreamSha || '—';
+    const upstreamSize =
+      meta.size != null && Number.isFinite(Number(meta.size)) ? String(meta.size) : '—';
+
+    let upstreamText;
+    try {
+      upstreamText = await getUpstreamCodeGsTextFromApi(meta);
+    } catch (err) {
+      console.error(err);
+      showMessage(
+        getMessage('scriptCheckRawFailed', { detail: err.message || String(err) }),
+        true
+      );
       return;
     }
 
-    const remoteText = await remoteResp.text();
-    const remoteHash = await sha256(remoteText);
+    const remoteHash = await sha256(upstreamText);
 
     if (remoteHash === localHash) {
-      showMessage(getMessage('scriptUpToDate'));
+      showMessage(
+        getMessage('scriptUpToDateDetail', {
+          sha: shortSha,
+          size: upstreamSize,
+        })
+      );
       return;
     }
 
-    showMessage(getMessage('scriptOutdated'), true);
+    showMessage(
+      getMessage('scriptOutdatedDetail', {
+        sha: shortSha,
+        size: upstreamSize,
+      }),
+      true
+    );
   } catch (err) {
     console.error(err);
-    showMessage(getMessage('scriptCheckFailed'), true);
+    showMessage(
+      getMessage('scriptCheckApiError', {
+        status: '—',
+        detail: err.message || String(err),
+      }),
+      true
+    );
   } finally {
     elements.scriptProgress.style.display = 'none';
   }