From fb53479f000c4e2adaa2ce5c845a8dfcc9df8292 Mon Sep 17 00:00:00 2001 From: MikeNovikoff Date: Fri, 19 Jun 2026 16:38:49 +0500 Subject: [PATCH 1/2] test: first signed commit --- submissions/lab3.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 submissions/lab3.md diff --git a/submissions/lab3.md b/submissions/lab3.md new file mode 100644 index 000000000..61fa24bee --- /dev/null +++ b/submissions/lab3.md @@ -0,0 +1 @@ +lab3 signing test From 1962a4ae1a7909ef0046fb5fccd5585a6f2eb054 Mon Sep 17 00:00:00 2001 From: MikeNovikoff Date: Fri, 19 Jun 2026 17:19:05 +0500 Subject: [PATCH 2/2] feat(lab3): SSH signing + gitleaks pre-commit + history rewrite practice --- .pre-commit-config.yaml | 10 ++++ submissions/e3/verified.png | Bin 0 -> 28532 bytes submissions/lab3.md | 104 +++++++++++++++++++++++++++++++++++- 3 files changed, 113 insertions(+), 1 deletion(-) create mode 100644 .pre-commit-config.yaml create mode 100644 submissions/e3/verified.png diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 000000000..48c05ef99 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,10 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.18.2 + hooks: + - id: gitleaks + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 + hooks: + - id: detect-private-key + - id: check-added-large-files \ No newline at end of file diff --git a/submissions/e3/verified.png b/submissions/e3/verified.png new file mode 100644 index 0000000000000000000000000000000000000000..19865992a7c692c54aff8f14b76749e3ed7f5a0a GIT binary patch literal 28532 zcmX_I1ymeMvqpnU0)*feAh^4S;O-8=-Q5-l7A&~CySr{6!QEXF+?{2yeapS~f1HN1 zXSS!hrmVZZsv$yIQ3?Z<5ETXn217>riz*BZTpbJytTQqk^a_Fxx;+dGHjK;{F?BE4 zlWY|Im}R0trSFWquum{ec-d*#7y3c(lTyw4kH?LiCKv~y@D_jbMinzyhHzy04b*?}GR z;enzCK5!oYO%X+WCn~BObTQ5O4`+cTIAwy+b;<<&5#_}GWiM|GnVkF+N0T!8|JLCg zhOUz_mwAEsAOEt_P*zZS^9lc-i0&&9-DeEP|A>gv!6G2Y)|2D>bBE|G%1;pqIAmm8 z?=95-XjFWJ&d_LB{qqkeR{XH{TKdo#k#gu)|B8S-F9-n}+v;m+AN8vMrrh8zly0F{ z%5vy9zx^v%(PFB=z`PlE0`xbpLQC3|IM|?DO=Yvj3#DW`+LB8fP}lQ)Lx&9rcBr;PwBp@)^pSIxn;C0%{X;n zps4HP`<(xDEE@kxgq!f99F#X^yg*%F0@% zcWmfi@K#%O<@LT?1`6LI-=h5@!~SFoH-!cFk5t^A=E_@s)a29{axpO>z#YvoL|a>1 zs{obHS)X8ErNu=9eS#Q)Qr?njj!$7(e_w-J4P#MphJA*;WEik)7Z1K}3Q|4c(PuL2ut{2D%lfdAPKEL0`9Fr`(ID@v=bRD%41 zJAF2(4K{E-Q0s~O0`nP4TNTb6A3Lr2(d;42fR=f^141syPp>Qe2kUGTOK^XC7rZOA zpo&wm2AZlBKGso6jj+*;{jhKNvZ05O(`|iT9+=rn5lbrgclLS9b`f6jnN!nZv`*m# z>%QRG)y$jsA5~yaS;3jV#ZJ4;>X_yk+Vng<$@gE;UEpG$OQx9P;$&yH{jUl#v9~`}Jn`K>IzZawX#gZ0j)PZgv^I010$6OW0C>9 z9z+Z)qX#DR+v@DPr3=rr;`4g(xiHA5v^?sK*~DN@DK2`0^6D^ip@FjSaE(Eu9^Ojs zTc)s=$Dbhf9N8VZt4kmPPOI-9Z_hV++BIq?@y{<~Wve=Z#I^`ie<+M)F5P78ChiM= zcs~7xqIf!netVUa#BVy&`l}kO6Lj+^0CYPO8gm~|oup2(Xz%d*J2(3>>t5`T&xtC0 zy~gWl2V`C-k>qp5=X5u=S)VmO+cU)nxHq$8c&rk*3R`QmK&BJRx4ZmddpM_O2IhtW zV{1Qb%iCYauVzqbc_=Uy6iZwqsUl*FzJ-PbdK9ZlMV)Xy;LA;U3`HsH?r<*{oY;nMwcbF?pN`x?CEXslGQVFkP@+P&!T)Ji0D+L7J60%WdX~8&w8m zyl}VIiIjgHm1j)JlIFtDYjFkN-_hXeMr?*;Z?^k|t$t}G81>BQdQ8BXD_^}m&gE`T zlP$i)c=fU5(7+M6Z+B;MG)pMcqIIpuL*)Y3k5a&fxM@xS`)b049sfuy6v6)7q(h3+ zL*Ua5{J7|j;_=DjM`mgdKw!~OPecpU5JT*Fr5da{ui1t0atBBBUyNWlse z+f|46)VZs!e*$@L5(0>|7;+~clmwPN=|3s(5>r17Ir&WW3th>EL7q)IPkm2A9P10es=t*k4wycjMo~fIoLj=f~={q+rMq`z1$!-_6!CjF07+9%($(^ zs&%+3Mv8-&c^^v1r~5|2lukCkmB4(65(ckMx@e{=k}Q|P8ewmDT8$XCzni(YJ5Or1 zG@L;(b@z?Q(v`mG8~yXou6`sg$^{#=JeI%S77#(;>toVwDQdmOam;0m2Wl{pwko

zZed<@$6sLq&T$ThfNHsnE+0fO~^E&ST^el$!}$HMA#9UgQ|TVwc<1t5cD#`b}E zD5%86Yrqa!D{AdFSesUc*9wmKGjrfu{Tg#s3K`}N9`AH3qvZ)PED;LYBL+ROvUM%LSwB4$06SlPT~=(#x`bjG6K9`=MaEckik08Uy0+xZBRS%UG*94YdL9~JJP!H*NtE?c( z+SjXj?|C)NcaB5t5$`KbaWLaBsj@a2$z|@?e@IA}-h99@;<|Wc%TcXeiqy)x%rd(OlVv{Vk+ z==Ayf7Lksh^g*lFs{{S6@9iH>TZ3QT%B&Hg6l5$Yo@JtbXqTwgg#5M9I-R!%3K3~l zZ``kv0#}{&C1@(F_dD#oC)qZLO5LlOMxr|bUso$MD*47$YC~@i!xTmA(ozDXm0img z-wlRYtGu)`9A#iV0h;xcVmARFrstHO_-{_m6e>0CAM8QSGNWTt3-+fzQkn<3l}N46 zcSNZ#csZ;(bHJzKIPVLaeAFxCCL%WfoWZB8xx)AoZbq0$&EEk*G6 z%n^JMk#>)j7r&6m6sAm4?C=Ml=X`A`rH}8}XH*kH69ot5R9Hf~IxNOR6Dzz!7GL93 zY@jS09MSbd*Z$#TPS&ncq(3WBx7W1Q3kIU|NhqG_BQLtgvqLX?tq8!N=WDMzes~Mn zgwXxR(56UK!uHjhlVZg^ZD#6& zy=w1k^jdRf*KWl8%!qncH?P3@l@5 zaC#}I(i&0doYdn?YGu5gILi&dTiOu@G|l+eA@ZmXW^dM2x&488w8~0k6^irO9@?{Q z*NqIwq~Dnv^=t}A>EBfRs9EhJz)$&lz7;j6$cqfj6Th|j)+vJ$*;y5`MoBCn|59Ki zer9x&^!0q$l-qEqk(SMEe=eQ~9t^uscTC&(_-Qenw9EAjD>4~ga52|wM2={oiY`*1 z(c;b`lnIlq6aS>00^N~GU`NDZFkAm6^sg_D3!d!)r#$d+zpGseZw&KBKS0&09bg;o zhrWlQb`CEA50ocqyi--26z<$<|6|7K=nl)Ud;7qI52z3S0Sc})0D7IoDm02X*p4iY zLcY!)!XM_UB&K?SNv{Yu2Lfr3`mmVOo7h43jAivkoZ{~=vkY2?Xa^PZo4llE9eWNe zC$u7jpC4Jg-3*XpchB(#81*{$wnqxnQoG2E2knssULIj|8mLV;Q2P<~n(HGYD z?)vcA`#eRT_h%m_lWqa4;b?iZ&N(%~3X=eq3ja?Uq%%+#wU#)qkTd@$OnzUwBD1_mfkWn87Cz6kf|F_f+ljk!Q@{iVb}lM9-GprWkD&PYa`#j~ z%_xXOsJ{HC(Fd3G{oQ5_>6}>uVJkzq@cQ4jM8Fq2#Tuq(Rlwb~VA!QdYm(dHVn29D z+8piq#cJ43T2U5lp58~8+a zmJ{y*DXh0E=bI4b`tmX#R~ON>xc^}Rqr380zYUfcAPxChTe-l8HHF<835*A(E1}Ed znc>2Ff*6&={n|TWwrvsuh z2Op?lrya{O6b(8jHBZKF(E>{n*9I>|3n(c@o~;k9WUW~(aH5b-q6lKV?EGsT;9-552JY!wfY+=v06l?hhi<|Q zL?DYS90PY?ulftq&>Ll8J>~?~?4~`r7fTd1$5U;UBd4EkGyBg>_wJRy10cG%j2x8b z!;RgWw`BaYk2~W-Uc+5T!)C=agHjuvUS{i{jm1#=H!NsgQVI0x`kzOkE=Zo21&#IJ zf)~km8ma?oTpO}`Z zO(~)8Y7(?O+MYA?IpWM8&3R@O-Ooz&)#5h(mNI@5OwFRS*JZI>sKO`aw4 zs>Ur6&JZprg!QDyynVb?IxG6AwDdgusg|2-Asyi2 z84yITjQo0hwviO2hK0Qr_GXIrtlE2|D!mec{cVJId2vvz-0pz0`s8tok`X4m@P5Wf zXtdK?8N0V$AGyiast?PT@dccCWpx3Hlg>}i7{Ca@v0z>wv9S}7KRX?n{J0PAve7{N z$seS8SecyFk#!g}M>KfVWj7>)duzJdnvF=C37}=&)Ih4~8Wa8()1ju$%Loj7ei@w( zZ<-lRE9*b_1`v=gPZ#4MMeBT*x!j41`?l$P<=bW!E#O0v=Oj>de29?Z|XaVasT8!=2D^>u&}1WIHg`F!0|zJ`vC_*-`?X@ zz|*WM>2~#Fd$sV>CIFQ6ZCm6FMfwjjM&|@?gRkrcWMJr_5yKaFJp8;C#CtWA(o9H< z^|2J$cZP8FW}Joduc*e_pv~A`uH+Sb8SjyoN^Ysb>JL4Cn{j2dx0arNi#Ma#&U7&z zrhN^KUW9O+=OVJfPudivt!8A8wZh)HMEwN5-p1!)2|^2cx6e<5-H%=Oo608To~blX_xGE8-F8-L;sd{H9eu{r zJoIY{2C@y2QTAC`{U6JvupIR{{U4e%1SU`8(Q-!SO*89LW4&v$X}j!1top{9J11Tm zMenf!)z0m59}RN$tyka9;(|a-%Qu5T9E*x4nIdHxUi64%@&3MbT(?^L3faoyk z&*qH)GJYJdLCF;vVub77j&)rVukf=fyU@>WJMAR&U`01ihtlDJQ>kss7l%J13ujU`N$G53?cZPR+Fz2^}{7V zR~ka}+1aP!qEJY6-_)ZMBjaXJNH`07zUg3x^C5~3O_MR}sUKgQgwa;zf*e3{)OvCq zloK>Vm;ol?bgVQxm1s3AHO8@+%;74jZDs=-<(yeWHiqtfdAP0i#dxsmpamTV+3o}Q z$|}7vd`2dH2c>FOjLcLLa*rWG=wC_fA29Kky}jO(H`(!@%6s{C@v-T4vReYq?bPi>D#ISd{oF)?LRl87nn!y*))pnl z#c@JXj0;vj8o<>lH{?44O3+wR+A5FueS(Vs@$-QBeUf>n;+u`AXe9s@TS$G?+>T{F zzF$fJSKg{N7_y!x+IcS1q$;FuMIA6uozyV9<9UXMtq^PTC_D3Wi9{e+yhcNqp@pqP16s-@Si-( zS!yx6D*g4~(cEggs#~_yr4gH0)2-2q{8c^n@;}?CA;JhfxiSljv4Zzo@04)@!Z2*y~Z&8Y^Kapr5fhc!B+DV9k&J^~6FN68wY?-$cz{5oh*0U5Cv6Wu5lMiV=6}YaAhsVSehjPxEnwl12VZ4PA4$9}sWYz_i7f=*ZR2+)ePsRQC$YV7$JSJV}ZOvbc zTORpAM(FeN=WaELr_fBOIFpm0u(Rxn^T>FKp~DlE!I z%CXA8B(2Is!F9vSHvf zVqOaq3)>g?|4e{ENP1NzLS%_$ugJf;#U6S^{v9aW{wb?K{fHh~@Ch1l=O>2ySNlPK zp_L|OKZ~+|;wh9Sp%nB6>SNV3wAU4&!(8mOcAy-p_#eeGGbkHn8sWVk{&(R6ocRZA zD{Jfd3XRdVvAGT%j^c<&>A>Ig1MW?zuO#Rx^H$q*Z%JtesEFpk6)MlmDK^PNAK9bF zsHik{nCGl$f*Mef<>jL@x$RYJ9o9je9_jbHAP)M0}ma%=j)IGZfzEj0#N2Nf8^&XdcYe^epS&=$3nC;k&F|!mp&9qmP#{`;aar znNV)VnqIB*4CAOSE_w?aB-U*6{(a2RTn&d+;B0OuV0Ev1cb2Vi!#v9UOF>9T$kNhM z(eE#nB?`i1JSmZPPwoDBjZ`RVcok)Yxq1Io&qi_r0j}cPDj4oWM?k*RI5$@2U0GEh zuL@qe$`d_iLo~B@1d@C4@n-Y{@)n7g{j+d~^rE8uuwvsGT;t>8daVule1T-|#~N)` zI2jli*w`*lS6hdNhieVHWo2c3uJ^`gOO@2r)DD;O0MFD>_zo*|DHX~R6^7pFzg%9k z74e^SwoE>Airpzsdux@^WjCJI%jdt(wYg2t=VD>glg5Vx*%RccgNNR%%o(6iQ*mOXK3;;E<3goXx0H8>Q`T1j*zdU zF{}iJWGxl!&<%2(UlLjK@U zU2GtJbLUdP%a%ym*IO9H8riZId50#G`>7tPwKTgFzND6 zj#QwOzf0QsHwBOgOxd_)tn9v3DhTy<*C+YJU*#FCPcAh?;!<&NOJ3fKppJu`miFQJ z7>Zo+Wq*VDCSfX4Tvb(t&tf=L2n-EHG$$k?@;qLM`2qd$JX>3?Hyu2jEp2t&1RTy3 z=jG*5N&P@4;lEjR1ZIOzd5R)&Rg>A}ExJqWZk9VQkC{Icjs4=`=cngiSrm7v-Y{DD zCFn`Aa{Eh^BO?9!nRmPJN!GIa_M$($RtR}tJ(MJeNu`=oO;yvo$8CdXx883$nqnOod7^I!(~~>TJD} z#jvZ*Wp|`nueCh?kd_u&}U?IPc!QBPD$SZ3ak5hG03JDWS?#%j?0?LXqsk z`+7loey89<)m}`wi7&EdX5xGJXRcv zvN8UL1psmq-dVJ@`N|*6*2k{)g^J6SiOF!KjtA5}b|t3gJ6OoNxX@G%M130Hk)vM} zGg8uG!dS57_PWB_#Ing6Di&DGV^$ctSnP8hUo z^~9gpIj97aOV&nvny;*0ZElFprCM-BoajhF6cHAR+r+n|+$||djrwL}Wf9}yX_P8v ztCcE}hyb!^;NjrlQW$lh7?4E=w7TYVdo*uqVnWDiHPz$qo57uT4YdepAtcR3(oZl6 zH$m4sRD##>rWZ26@YdDs)Rt-_o9x~D?BUP)2C5adD&nP%i?=Mvk(BBHTtcw! z7<(b4)2SJGMgqr~XrYoqMYiicSbS8oS{L(fr-E*L2bF$xzZ$}<1PZmql90iuH5Ks~ z0p)ro7@}^+6eJ2?BAB#Ae;aBwyRR_I|?6^@B=sw%L!xVXBSDHJX! zD5$)=yriVWpu;VHRFj*VWTlm=nLRW#_j|v|Ky)WYHbu5Xss;fFxDoTgH#>`Q^pBz+ zjil3%=3L3g!HF8e*g2E1WG>GvMQOHd$G@l=-P58ZEY~p42SG z;`A)-V#tRK9nPw9rMGciw6Yw#i0W<|KaKl7W5u#$XEZMD%S!G%_`g|Q97bMl9eJEW zfsE4ruvebMhcp6a>Pm;(@$m#;4sIB?x&MW{p!cEnVgmzrA&Pbyz2ioI;RolSQy zm8kRN+Ko&gZhmmzomgn?uQ5nMg~nMrml$HkNM19}v_OwTe-2jGla=PiuAGyTlMF7~ z$S(ydg_6@SM$nxF>U}B*7tlJJR;}Um5(z$jX(hBDRTiwA9yo-<{|{ z=bD(BZUz9+%99t^hkT$zXeO*+nLbj2bk(c0A!nXenx{gg}q3-|m2!b@IZk z{816@69Wd~S?DH#`)Hy^nY0#V`M{?2T)kdT-ku6KH-r>A2O zacA+n(~sjoUF~6aG*w+T9oj?Dlp$&ii--h`x}+Qy=+(H;t>AH~-ZVGhg--&7vokI} ze!9kodg0&Hf?Kar3H7RCz3x+kME1oGO*@zc@zl4VZT?QwoC3MD{$HB z{P<7SPbwp<;iV1plcV6p&!4HlLY}cTBsau49MpXpe}o+;Yk09KEFSC!m|w&?4B|&8 zAL~iaz^xD_VIn0J^R96&e~1!KyN?BFkN#|YX{yIp`37?eAXA)$ zX;-at-!#^f;71Fm%ulgMVIh}_65&D}?yp6~->`(K;A=7<=3>^y9c0>e>^aH1@sVu(<@~-z11gh?}Y7 z+1w?G5#L9d4{$upP77i>CnfhW-jr$HTI>xl?piOQ@uwCe#ZP{)ooWkZ6#r9%i%#wH zk+6)+pcGOU&F_3^5*wjdeeYr_AE6ZB1e7 z7=bZGyoqG>;hVUN%QUci0Jvsnd16mbzrpP=%UZm;xcSO2(Z0dg4%~O{y8bTukn51! zf+hg%vXl9t#bzK~sx>8x#!zx*t-+l1j6;e~`;%KqmfeP$fm(M}n%l!5ljB=c$HG|Z z2L5JShKXUKo3iS`cR1?80EWgqPVXIDsFkKjq8!=4z|JEeXlg3#>P)S{7%bEp1weOx zMMXtUo~@IUwHkv?oB4|A1XvR5;XJY6H^E3)8(rS6`xDu%_Nxm85@?ZlpE!~rYLzK& zQ{)m7aw;49q--<|;Hh~P&HP^<_kTPvJ`WsjT8W9J=p95Xr}c9@Oh@{RoHCha3$;sx zGLr%XQe)4|G!>qn{$zg-vGZ?K#927KB&8zgbLAw3cwD|nGk?6_6!au)cSYTqlwPgJ zz#(QlCTze(ja6;9eJ#KqojorS3JZdtrD1poKP=x)L?Dm#I9V~7>_ncIkb7&$PK*yQ zW(@0*b?tJ{PKqY55^cMiEoK>?j@cZUO|J|eyV?KhNWsJb@NZpXSemX7O?;PsXBNGx zBCX{(^J=l}STxxNK!}fMrS4(=i`27U>;qV2tU{%hpQU)#Y%BT@a_mr!5Thq+X#v4t51n{3aG>P_Q)ZUEPu^s*84|QeT1FG$8fd%Lk zkd%(a<!ig$^L5zss$Q5#69S`)Xy2Hnckhki@UQ$eBa zyq1UvLH-OBY||`_+`suvAo3sQ6YZfi!Oxs`XNnlau4(MDyXZ zm6K$nkoTT)?HuF+yGAIpke+wRK5qjG9jNY&lWllA?wa4$|CS417^;p^1N4?xhJz?e z!zi7rHa}|#6Mp@1ywI^s*npp!5^ZC>xjLM0uLMeTmYOj#Hqx#HK{)w<1Y9~%F{X%&}`YRR?HL$UB#JEY3xocD&ee-eKAy=c@L*d zzMOguD!pc##%tltxn~2njf(jp4OtHFxBcSJ0Gv16v%Yv2tC6`LS#5q3kgIl_&PBUh zjO`*qERyMJhlOn_TTMG*7tK$)&3(s53Rt!nV!Aou}r;*{jpUi zM#0M7M>3RI<#}Jf6T4!f0QX12-d-H3E=@ZW`56tnIxnpfck44sq1)yJT}t~7q@*2J z9pc!(>^n!hel|LU;b+?0<7_}bufY-yrN(9=&!b|5uZnof%Z=ES;1IhBFX!<4+-o4I zEG+&u*h=Wq04UkUgL$soc&cmCtl3S%*KA?1!ZoGX(c_7~Xudx|veM--JmFVpa2b_n zz@X)OTA2Ae*CC?YQ?<#q^=uAW%s(%Q9t>Z6?s{Zh4|*B&eCpZ&(IuXTXJkw9bJwPP zIM}6&=j(J_jZ6+Fvz%jobr6MkUN(l!z`%a$HB+CKTXclXgQX0MN1d4fTw1ohwTf-H z*|}^jhv)*_jFr`tRSIeL&o*DDtHf}%IQaxMhW^Bs>p8AzKQRUui>zO(kK6r;Luvc2ZM2`IxDcDjW>DK)p=4JT-R0%hU%ntPeL}v%WuB6el|>Cj zJm1*G567Qk69e9FNLyBIJO+n2yAcDkFAm$GxpG-jr8MV&ZK9rlc*?sIu6~UM%SrPu zwF8tim>VLl96WlWTqYimh5=%mF)MyQF}B=ja{XwS@jrhQD>nUZQQh1Q7cqB}<7% z)!4`Atj+&|(2U}lhmv*OeAKHo_cfNrlcoGNF>F@wnbL|;rrq{>OYW!#`IMaV|>olP7TDvOGt`@E@sw}zav zT=pgs^X@CHwk4_Hi!rhGt18RVnth)R+F=)IYU461%@AM~)o^dDHF>3l_HQ~k355g( zaoB|I<9ww)-C-cu72smfuiZDF*c(x0m^qR1 zt{x8fySAUwl%yoNc8VcVZdVfn-DLr-A`^?%0`!^e5!HR0^jv=Kc%64Ys7KLe%%qPg z={@*htxYWZWI+n1vSq{;1=ahfYNTzwUjdo!80o%k>J#Lu&7Kno@s_5}(gf){mr zI8=D=2$iV|7NgV>BrB^@dH#0)$2%yr0Y$Q`=>o&NM@o^&Sy`Qq=E~23kQZorlELGs zXp*FKjoM^G{x0J0-@g@F`;NBW#S*-+I<6Nkl%@mg;bTQXX`6~elyG-sET1(Zq#GfZ zShFmOvShXGPbqtA==DQ)m7)NDp-6!m*PW|0=k+}!>bJ@N!veCtoW;iOXC$ss1uU{? zwZ~JV_J3=+i8~h9X*9iC`-@~7(botx@{{hr6}a7}gln7@YV+FaPc8(iS-cEC1c>l* z;nw5RLK{=Qyz5|H7*A;U;Op}k-8Z|40`X;$NsN!UaHP*p`IJ6;ZFh#~SWan5C4R@f zhl0;1)7W-iW$8RD-|6v-m^FeWXD_;qkxMAJKH4o3mDl<#k$S>HUP)wsI*J`9S88Nl zMrP8Ck;CBZP*$~+Fd{`TeXeMA>TltBX!V=E>Dly@!Dz7bucjO})5${85rWV5mrS#s zC~ALguk`hb3X6Pv2=VBK_ZwvU;wn?GRpx%?(01ojv~mYz?jz$JM;kq}p0MU@YLHLq zwahfTG7Z@9Sjmr`;VT+`m*Md~zYdkNY>R;+X8B{5I>G#5Dd)GI&X0C8S?BwZt$H(T zd{t@Gjs=R3goGGFP-{-?EkGTjhfykjp4*R4bnZ|U26 zs>LC(iYWDDlrkD}ujDv#ER`{(ds|!E*`eziSa{8bn+5C`Y&h^0g8BrAr$MN3Qun z+TrYMRMoT~tuso420Syew9-A#{${;yuJa>ITMS&&&g3b2T;=nVebBGwEVG(f{*r3x zOir$Ni4Pw&iL?L7OH_r5D&(P!tzz0siJnhnJ|m@$&|f;(j^Q7~d<_ARmyi&INc6q& zOlS_mZR{LGgLM#s;B#{Tg%>d1akH}K>CWLmVZEgEk>^Tjt$sz?km^wT2Rni#mE7XZ zi*>h3UValS#XC$zrMmNxx=lgMlLb|$K+7^Dk&qr*G8vhCnesj$E@1`2Z$F@ViH0 z-_8Kv>Cok;`U4C*y~cC4%!1#;3#V-AQO+*4IZnQRGprS$_pqI@3D|VrIpKq3)`uAC zGEYoQh)1)*KWC+W)E4B~Q~^5Ml30@r^C)z1yvKjmcG20=lKfKPK;>UjsS%iDHy^0S zqU`0DdIG=2jT+t2N9OotUvLdSuiV;# z_qrwQht<*1;T)L#s`N`_94z8>u?2-g-oAYcMS~u0W|gdC@{E80P9f22Bu+iiX6wGM z1JMMyNXpgG(dhj7pMtLF)=_&D1`~?N0k-*N5~J@aQ?$oUL-c)N<$AQe1U1Ld?G1Rm z(L`+O_WPK0zkg*CHf;21J8AyZXsG5%yzyJ%z_mHa-^9cB$t8$>p|PPL!ZQ6g>89

J$M8q|6yfzY)o*~C(mpB$=K?(98>~^FY`r7t%FM3K%4Xw%!b&Ye zIoFZrOfuydqSm3yxiZhe5^u;YYl4yKcPt;=L3BLukWP)7g3_Le=Gr<#zKndQB$Ii) zxqk+kG0J4_5Y1Ce$LdHwO)Htm_{6*dKg|#SmC=56NBFZZ7RSver$tlAG}({Kgq9*$ z`E;m!omT?m(ekr3CDp5FFJ-*-=2v56uVam4&=QS}FiDVYii3(%$0t~Wt6m??s* z##K&mZk-rF(egY6E8WHVI%ld!JT)$9EmwIAQjjI~n!e#j=D#+x zKqL`-;ay+a7~jrh3nt+`_W^l=eMSTqCq9P`;p~%^9CEqmaJ%XU)VN)gIqqZDz7!<6 zlEpqNipbVZ8=qvMh(9EH|Dsj$w4n!_bc&S0#dl-0-LWdH7M#xw7q%OE5cBvCJTmG! zERw={-?7JA^E`ePL_sJ1^IO5I`$7o!LbkO0TK*7YYs&I>nT#utz)IrpnB7(qqN_LA z;l>BSJDg74Wu;*F99M~UVNm;9pf!-7kXWX{6XJZ`bDB3=%_sfa(1_pTR)gDpR$uFf z_W6c*PtJ>d_|5l^GJK%hhnd_#Qp<%i%Ht7XDw;8{gA>Qy{Y8t~6EPvJ#u6>py+SiL zSJUk^7V^@nR_~!tw}Nf`@3d;i;)gaPx~XIP)iIrn=?f#>gT<0Slcw2E&z=3 zyKg`Co+`wS7Ro+atbJJsajn$szJ4BzT%#x*YED=Q^2rb<-wezWsZt3$%8q@(~Fe?1?IQ@l%i;Ip%`eODG_P<+P}zOkm@0jzFW9vud((z`+NiPxgE z;qO-_Ye?_S*LyBdiC4Wu8sQ)t0Rm#3D){?BWZHy9SKjh67FWQ|1<0+Vmu&UI`Y^z9 zA8XUr;+}m=^}BLVcTdlAsR)a(x4~@5peXI&%jvPO2x#@(Q;oWq`q}3gXnK0~)5<<- z!ap17&OwXeWhIx$W7sjDrTnkzoUgxs>SBEyg1wr+(e6vOjnGEtAMG0f#L##oP_}P| z&05F#&zI~Y^J`C`b(rH8(oP~;8?(txm}lP>`!w*uOhCMT|NRB+<;vdOPGMqWqW`a* zt!E-Yd)!#^&P$ij^U?e$=gv;7#;Sf{*Dj+%P}&Tg6>ueWT2pT2-9ldAxa440DS+02@bE@|WHd=Hye zaq-2fFyl>NxE$ziyxOatMw8os*dQROr+-lU>?lF=fWhMV`(73)nrkVw8=VXrK99U} zOKbgJW}VfHzDnko?`*Y@=D)`+goV8Ixt;B68~rC9$8$^H{E(yQ7vB}XlhPoc?%t3XeKFd(SoL6h_SC*Pp3CESm@!^TIz-dj zXi|H=+_7d#fj9o_@CS>bg{0#h0~rQ_L%IlPkm?DBVj92Q@pkQ8lMFRc-^B>xPo`qQ7D%{}+7bF}wf4r~6x+)*5kJ)iZu9L&SZ#6|Wz zjIiY}`5TrKc_#g*V@1f?acC#yv4{Cma*PczqUqp@4w#QdFj2xo>|uN*C7CsUCJu&Kqz?VrOsejk6bfi26t_?tt*esj@#OK-$gTu^)3e zcV&h_clLNmW0|cB$M@UOYjKSxlaOXZa_&Xf@jV>SyDw|M0Uj-aZ98$U0-B5lTg+=^ z3=8MHAZ=qFw;T&s%dSzcR2S;<40{ZFDv}f65aAO{wlz?U-AaG|U(Mh2UQGjK=t)ydRFp~x z*tIO--Ef(q9shpvOrM4`_^SE~E?j z{{4FfDpn)LBS?OwLa3Zo5G~G(qzqH zIuH$QT4{wQC5g03+}zwWhgv+P|HA@c?d|O&QLMH~M|*>jpyym17-**jw97*zI5^mR z8it9wO1JTcdi>{#P=wdcC2I1obLPtXK8!*)9y%um3MkSe0IHgeac#4z%4Eoj7|IxP zE4>*vff92Z)sA9&b5t1pH&M0~bp=sTjGky;>#xe)7S;Sw_$(Ve{sJ)%0nfKu&`rnc zWN~4kq#c&<#F{VbN7MJICTlfl$$!)c04|2sdK`;^{H&%akK2Pv(s*=VUOTmdDBpUW zU-QlOkoKQ{ay#I@-#PU}g{(+ryz(RwVXGbg;?vi<X3J55MHID`Tuki$T{PdPZZ_)Zt2-+t$wsb?-tzd&uZFvu1dZu~P#A?)1{oY6*{YzN9 zx7o*Z**A&HW`37k`C(x=uMJdXR=lx4epu+P5CvT7wpk4)UO1t`9USIT!t>{22mR31 z)qVdS>NP*)m6Vj^Wp%qfo_ESQ&cX%rBGt2#{`prDqQ&GF%-bYFHo%AHWj)Bpl4A3V zocPPKuv<&L3JuD{Ay)R-=#Of{U)eiVw?gB0<)M9JusTXOFDfd~S2g>|`1W}IudJ_t zs_Kc}B`!!vNQiVd2-1?54vC9^(ukCFgEW^=X+*jal@bt;PLWVL1qqS9G}6sG=K{a? z{_npQi?ukMGqd;1J~MmI{`PlldX9LSQ+Fm0sD*mgWw+xIol3JI_v zYXC4OOB_4K=Xgg2`nS}0vN=_txOq6%K|%^BCvg4oMdOn%|2w{dH;_zmYz-yYMJ{;| z2h|Nx!#q}ghO7lCVQlUefW=c$36J)=dva7ZBqz@Vea;k#6a>T;!r+iDUb=i}>A)3- z1psnqf~$-R0ierqYhHjX0f~Fm1`v$!!Y~;mG!-Od7*M(dfJf%lt?btTL^c`#ui8G3 zVSV+t8Y@ixTowwG7o%|q2G$f1ODPWAu_NGwkHjk&(F9dfK)CO!s4{U@> z0z>S-Mv%~1nSZ&?*RsM00B(bkT-s+yZUc}kBX0@BQ+nO{CVrz1cuQ9>-vkn!i=@Jk z0K`vd!kxX+1_diV6XVWNKb6CP^*yv#HJj=Rpz4d2O-jf{gbFOn3YC#+He+Ft zSOBU<`-2euf0LeV2~nX$3Ra*c%p%Gm$SmJ$7>wlffMH;@$P>cuz=tp)9V{#<0enOD{8^wU(2yzKRafauli zuc+|o==*=z*&?Fh0EiXN0Y$kV6i9K0%^sQ!0EHC(w2=I#ClPoR_Fh2~NmWpYf?9)x zmH@I(sEiu%-o3WSu2;Z?@>!f>&?wYVF5rQ$K&Y-MHIC<%$wIS1hLHFWid7Izjik=d zi3XnG7+Z9@ciqSifcK3}!gc|k0EtS_Q3-zl_9acj^aDBVfSiRO5_fdX_2uoWUVv#2 z1R5cN%938oJ0JiOWfUvU5?uE}2V(&{#(u(v92=mKE_tAl#Z?|%+?z(U2?1jwh0yd~ zTS}lPAUw>taq!#uGbMBFqtU4Qi=)r=zUGn}$77_-t$r?Kis;4$sazI8$Z{7fZ9jF@ z{oq&dHX{Fp>FgC7vIUO0@)n4l>65m9+&!FcW zkc|q!oQH_>5rNtLQvoHRM~>Xx56Y=hvnN~ZCi?$uMsu%GtPX{iyDhZtk3CP^Sy;!W zwP^p?$4M*PJrVKPEMEWzhec1avA|n*0C*>1Vc6PkP*|RxRz>QloQ3iis?=wn&xK{{ z@0G{LO7Lf_bNBStnlBgf?%d+0wHY3N?{%n$Q(NfTU^r!Nu@SoZGQa*)kaD7iW1$%1 z_${El5(tMVz#e1O{iW=#dlb2kvvc?7#%~WS#&2r}gKRs)zz|TVWxq#5^WRVUH8J*Z z)a-NSu;|Y^u|>Jl-Xul`iK*Scm5Qc@{zt(`1dj#FQn0VRjulIw$&!I|HS z*^?g0+Xp30lMvESd$_M53@2*Khx`p29J{1z zG<4=I;Ux<*kf%|?alxuf^75Sjf*w?4YBlyxVdE}~K4KxKUR?e*YDLpDI5?{~T|lb* zTH)2X=h16;c#Eq_E-u1hMImaNv~g{_F2eH*&C-gi@^jWomzOy~cNW?eOn!2ckyE(z zdd`m-eK=V@bvC%G5c7ML_AWW8{}$~bzLDk06jn?$PIH~t?PcX0v=0T)xb|9WWisSi zk{=C~$AHN1wAe)+X1WuLreLq_)V;FYcva`)TTaf|C*Q5OHY_3$_CokHnxo<_cN80htmt*N?$)M%o+l-mL zvd`@s(u6C*PDhrDhKdF8;ZyO2S_ej}EEDyYtBac>GDDUeyp~9cRKW=ClEZvNjmEZOcsEp<|mJ=e26v$O)F>Kk$m^a zWr=!+#hY}IK^Y!b`kD4uT9NJ6+2Z@=5-E+O_`4sm3lP|s2-QS#&)M;;I4V;A8m`r4jq*dU19m?&C0NV;u*aiFg`ZyPzV?WHP@Ff+~LVurZ;4 zzJ2-9{xQQhr2NhcO*~xb;o?yEm5Emk!F@;rv?P$&>ac zPsqp5u|Ivb5#i6fC1LkFG%2o2{>)~p%&EahO|$FWe5;zpmVonMW*QG4^Qah?(W<2_ zo4>p3QB4dD*OCQ&NC zCtN&05e>XmblDteq@;u--~55$Sgpu=y?nlvXI5>dB)K=DQIf{fXx?F8r-G?+uw&0* zHfnG{H4<&W`li-zee8EIbzc0lvCRI361ARU(a7C7iuYCFsfi-ajKoogXU{I@j@*7S zFN$l10yrK=a`?UXL zo?;9WxA8<=&>-Ki&Fr#f!POJvw0(Sfk6U z0H&?$SuI>#+^;+GeTLMAbgQ+=SvFk1gtosE)6@!)f!n!Q`A5`MEVaygNoc62-f9~C z!*Y)FnyaW&E`H&HEo_! zq_{X$d{v{Ga#?U-DVp*7b>K?UVl*yU@l^J$$XuH`kB+p%^XJ+&I{a$p9XA%JpZqqgJg; zwqbQk=+jNsJSKfvoQ^>}g-ox3o|V)Vg1eo4r6{N4Ym!6U9w@&VCT2KmWQ{s{GHaTK zv!fB}ewdT@wWY;obc0dLROnN{>$ye?!aGSVx*3+#^<8dk>Dy~8`;!N8_Dc&Y^?SCC zeY$(|MN{&}{v4NT22BkE0Kpn`1q;})wh#I$A_>6J5;qFZH8Ujm9lz_%#xZZX~zbz4=g*S zeXsD>9N4|RMo&+z9qu>wa8nrk7OmkDP4yI&2p|phI9$B-Hd4?dvoZNDbB~>(H_g7m z<_IjlS%#VU7WyVLpJv3Mu_9Rj$CSV?TEE(pZG2DZgY=oGyhuTchP{5rTVLlL6xU*! zrfdDRaZ^`oRz07@vghT_sTrt8y(b5q6ktO{56a%HW@uAw4(--&hNjvq#bqscVm<%$ zd7LKw`S{oV52U9&3k`j&my`Q-9e43_$s9zS;4`L9y@z9E_IvGblklnHwnorWW5W}U zDrF0T(3(CvCMqg&Hl?z;R|FOgG3eB?kLE4Ze__GdWjM2lOCCLcwz(zd*(J)kK3L5E z=ONEOPHP>>qJd4x)6>~B_MU-*-3_w$CC9}n&z^Grl-kZ|2ygB8?9uZUe`1bChqyTl z;3~8~JPt>n8dBH`wZ~PQ98I$OW8N8X_B$q=@*sV`XiKne@xEQ!=$N4}|Agaw;e043 zPpX_L69%{R@ns_+#0e~eM%4j5nn3DHkB;)-YO}}j+=G}vjcyfi#+y8LCh(PLteV?I z-JQ98Zg1>CHNkz_HNK6S_b;T?u;L_H&vLuhD`j)ShNyHFEm4I?io?!GA@(QxBd#2M zs>+FOx6JBZxf_V|&U`)!5Pz%cU+`rUU;p1?tCXYEvIC~`$?oK>#QIvu$HhFZth3~4 zhb+~ZP1=8tYi2_}MyWL`e>6L&K^Adhna&1Vd}n^``a+m_^Q#bB&-TxU zk8{-Rf~?0Gx4q_%UH??dV0`ALb0CB__23{wNAWTONvshNe@CCPAv0 zZ6L-eYhzTZZeVJi`CzTj=w!k*Wo7n|!%We@u0eP6f~OA??xWog5BV1@ zLM}5gO3aoQCkCZ0DB}O(fOo&R4fy61!wIBoZ@!$(s8o@)6?&a+-mj=KVe3nKO}d7v z4;F0#FC7>eYzDkEAw-Qw7Il&W<&xPr?m~t)e*YN|iT;SWy(4%PTL61UEWpnP#m7{? zj?$4elrSA1@*PVI`jfUVi_>9La^x~-yfhy3l-o(%3LT=oQD)K zp9&1@Wu?9$qjca}{xfj2YS0J7!C?SL0v#9$iy7P(NJ|9z8Uf;Zw8|}pdpBne79iuI zHF>V&^%E~pKm!>FbGms#ehH;5*(&Jqwp2V~9U80>W-x{fn(SYVatK|#L(6|R&i z1Z_;`Q_(Ejb(;$s(0AxTXN?Nj*B1f<(STcUM4WDFLUrCj7xAzPEd##UUhBq2jHdID zZeZw_APIRg;z?<#K`#B{6vBMtEG%NHj<5GFt`&TM>W+uibuT3m2)*~c8T=US-%1V_ zz9;NTeo$)sC=Iyzy;{#P7uA($BX6NPRJfJ6IyF+|xvBko5g!r>F$QXgts?t_sLUYVgc8Ywy93tQU&@i}4%iAEow*5+s{H9ER)z?AkWfQ$0dX_gM&l<*#0 z{20I!B86RKl(*R;EsH2`Q+}k_+~%&SsRJ3nEo8u!0OiY;L2D<#(jI&1{(V)@#-;oC z)b~R2OMnT0+iZvIuL;Li4*X~h>SJVVjX9+e+gyIMoS3MF(4G5GTx>8`m!HpphQQEy z8$tsP6^tGpej96OXo!!G|0j99dd9>=)!5iF&CEL@Vm3u3c1JD52Z!ksZhO0lDqF>6 zN3B0YWeeDjcjMDDR&CysX?GH(g0lkEfw1XNTlecEcc}|{FDxU?ayZuslRrRZ>`}eYW7A)Iam&PJIB(pbW4ypx=QY@uF3+++oYjw5^3D;G` zTUj@TN6*V%c6w~Zo*uHXGV;$OX3@tk>lKzQGDX)BM@HF9ewD3XdL}u)W8Rk9*+`ym z4OB2uK0oQJeyjI(axsuZvFS%R{Z%h8ddQBD{x?)qawf|8V23{+x(!!0(yGTwU8SL| zMNd(mmMm~^zk5_cYJd8hDQn%uj5({SXZ9Dj$|#Z4?EtTNzYNG+_|z+ju2@3EeJ-vz1{PnMjwqhuYYqG)ZO&tRn~b) zzLG5YRH+=NETRooZ8Ah%<4N&aeQ|%SEs|o>K40V|KVm!0l*dJyA|X63zCaVYy$D!B zVsTG`rJwLvxw4kNSdCj*x(C6%krFMU*i~ICXl{uRx$t2}Qm#FF-dUU;^}G;zSDBgs zaP|#a3>umZ2_aS~-O@h$$;z-vwcUHOKkr@o3U>HF*S_|*qw;uEH$+&a+6w1qa-%9^-=ZrFZvCrcy%7a}}aRqf> z%;+rps2vzv=g59W$}6pvtP|-kJoL@=hYR&OyjF@I*Tu2XgLf!7#*0cw4m@f)=TPuA zLU{TcD{)Nd`Y*>Hyf()T%A7X;=tH#TyHoJCgR4e~s*?;9Q5zc^CMpTHZDn2ElD!=Z z!-xB_10tq!F>ju69g9n0x&~*NZ*TIJH)$%h%}_FRwDox1{T8XOa)^x?Rqv{DpxQtW z7f2R(+*^-LqM+m zyC&2sdeCP@8{SDO2-4^%;!R0BYObI98ywskIcsyze?j|fBSii%C_;VD#=x2TUsk$b zXuy=vg}|4;7#K~M_@HH=psmVh2ce_ART|0LQbdcRX_OooD`iP9T71A1lvcO=2`{7; zV*1i@3UYzwZ~@it>U|Jji+)VbC?KBgQ6btsrLHsx9c;Y!EOsV3u`$x~Ef^ zm!E<`@tu?X!b7Gbd=Z0(OW5aIHHW8Cv|2)aD?8GP0#AtZe*{9GKCK3T`E7`hnX-U` zb2Zi~>h;J-o58RNX8+NKi#(juvyTd|J~H$FKJ&`ZK-=XacOqWz*=ZCf==E)Ko0is- zx5lk)!sUBKyjVr7aHRa}v^Mg+FU~%LB6hWFY^ZqmZ=ttZZKCU6G>_PsY8leObJD;L z;`|=`C+1L?T61dV{lggoplEs2K-lrq2PY})7ut`w(a}8CR}$NK;z+CRD486H9qer% z-(E2YOH%j_+EW#}1nScLj6vrIk<*J55FE*rq zu7&!p%uv=)dlb12lDfOb3!K)?Vy%E|tkm4yZM zQKw=$^QW_Nm96q_m5Mq9_cxDL7h$7apPZ?;@1?=Lh)ocVgO8Od8KvJi*Li-qF5!Y` znb7H$J-QtKGNQg%LW_17OFkS#fbL z^UarN=p{_7tiu*5pFH(eEDCA6B4kh+VI(TCVB!Yu!UDJl(q5wJ87U|DyQ7QB;u;2R zS>E&-LVV!rogIk{^)rPOK7qE3ivjdGt;yL9x3Ra+W)e)%VOQ=bi~&uDo9@|G`QvtS zN0m051eHgDKZq}fY^41_Re*DR@{g>rMKm;-#EgF|oZMkcB`Z_~zF36z&(#;Y^B#Uh zyYdVS(R3cr(JAbur|t`>r)Q>ft6PohK;^pF8oOCq+frT-@ABC|Yyj^SOb~Dqpy>$E z{T*!T?o+*!$70^(_x70OZho*{I{wR4b%Fk@#R~iQfBq~$6(UXE8fpV7g(Piv1%ir! z^rjHjD~qFpJqH|Gl}LQj{~9Tj1D?@YwLiM?M*$LWXe_}!b1)HyBvYrO16*3TI9~d7 zY7R;YlFNj9h))3&C15WEkZ>^Z@$aQH#kH&gae!AGwf;l|Oy&Z)J6f##RN#sZai}CH z8t{`J0{Z7}h!OIum;xFK$;N?nWdVi2LD_3hk(p{_0K*{&CZ`gdj3F$+C{71s9w;dI zv*33Gfa4kD5r1|x=(L-awy<0`&1MDY*hMaq3d9{(;&HG7W0_Df^GxvCU(N@{5-nja zgb#QGOxHo7T0rPAFp?Q+ax+jMqj@+g?t9>GWX1?O3TnN2AR&Ik!b1);%0~jSh+p*r zr3(O_*|7>Hy3vsjkW4$Jy<#9!yZfDjT64aI=$2J9N}|12<) zurI5D@u!UmE}0ukG|~LMzIZ6J#yBpG{0F&Kgc5wr^GUc`FNx$Hn$c3^so9&S)g2P-Y38`8Ok&%SqZ5 zx6iAQ^{BPu=e8pJb-+E5j#Eslh8f=!EHk5y63Lg`A!CHp2Z#yj{#lnNv4&%%LNo*< zJy^}29j9ye<6mpLW4E}1YO!&^ad5H1Up(soC=Gs=4j)@!IE!Wsk4{Fma;8NcNS6Og zYvNXwb7a^Q4_6)&vR*-KZfxZ6qIDOo@a@tz8*R!?ri_mCtLG?`yQy;7PYNax7i=u- zMx+%xKe16^Azn%QO0`t$ZtbI7+f5at9KEr+V$Lit*VdpuCiHo7$oayu)No5&yCQ9N z<3f`-V~@l|sXEaj%TdTaAw2e5z@@;qZ;!`CQo2^%T@3h#OH$>U7m6ZY&-5+kilyif zO9i}SWuP~h`8*ur?$gkzgq~5dd+yOo`Kzx7Cj8DoVi?U)#L z82ESKYo@)vSNePssd2{si{V0@w9H}r#jP0Fb0Pch1nPM5D+HIRBh$Zf0%%W{avL{4 z@qhQos_&1*&kXvoFmAdsWNl;{p{w#E)6rYd`gfs@ZIR^6dTj<1`%*K-=%Z7RPt7Z!Rf>tga;5?v;3Z(HR>C46r)Dz(|J;52+F2~a}egGV=kt62Fy zP#8e(!2%ZF-Ss?3`mJaN!GlYkoyPX<8F)}YO#s@qexGWR2Z=9DN5}PU$%GCKpjSwy zEi$I>cIL4@sl{EDsivwsiR@55}eU+ zk{m%}wH2n^rbI~2w|=hRmhjR)S1z#KaGclYFv_hfo+ar{BSl2A$ji%~UQ`+59*3DV z9>iD8G=iEIbGxnRlgKdHgT8a==PEs#hbfm%{_hB{pbx-{4nWw@gB%j^tY2EiN!*&^ z6EFT9FdF@xjy$kdt5&1>ZlYTP4H1HydU%D;(|i9cgv-`*od0*N)AQ;6-eI4ux5P;f z)6J)BzNS2k^aiuZi44Mv+eZ(jHs}GO&z?~H75Xtxtg*8PEIZ6(PqvrcURd`@tVP&0 zBWzL&vYt)!po(5UtZjAj| zry9&3y_)%kw011-vUgha$~SM|vWU1lm|4f&p`>s*_5XZU;rG@p7N&XohwneS7!Bbd z+GPmYN3<4G1S()clCnDf5oS_R@x6eR2)K%we0cdr?JrHcZPnHT^#{#wp3X#4 z{2Gb}D27)$Me{nB zS&Xp@C7G^STGP%XQ%B_st~~U-Rauloq$}cmXW&O5-O}GmLjCO0-{(bAi^hUqX_`*j zXgoh2H4+#u$zaVBSf26c<(Z3A(o}gb+pLJ8sM!AGi@I&Sk!iss9y3?bs-$qHgoendLT* z`oprnt#=*=%ymv*l(wgj?H<00W2QIFOL7mm8>trB_GyZk0?D@8r2yqeN9&00r(CO> zYq7r&MvX+opgs!Uo~d|t?0D=3>&Xn0?c`bJ6T~@WG_jw>>;7 z#yCEC?cu*hJ+-9osue9c!%4i|eSiI6|8wynd7-k z<4@*VkASxJ`7&n?Cf92XclhLbPBc1r#9p3y)g`-WkM-k7RZi^}wFqEP*MM6$_+tU# z5U1OAuHdic72ZN{kdMTZ7sz#Vjz-()jVl)})-A-h8IFszmqkSB5WA{3>+Bv(8(G>X zHAHtNEFb^hbc5=}ty%8x%<6{Gq3`kxNj0q0i!;)mx%Y%7m{Cs%&9;5kKXjg?qAOF> zmv>>WOdMl$?$Y}txP)LJD~MYzI`)mDdV1r@4o%IMgwL zFc9g)<%fg5<)hNEa*x#7bD4Y17(3EOp;?NP_xKWb%r84gJ4f5)#;*=tvunY7m1iVH z{aU5w7T4_j7*EXdGcHbmyg^j~dY#6MR!aFusg z`9U`$9%_vq)D{9Ul4wj-sKl|y20%C{eOIXjZ3ncEcv$7-eDm`rsVN5c?om8(Ao@ac z9XAy6f^CM}f5`q|R>#-u5oZrEAzrWQ_SJ{00E}NgkR!PpVbbLL@9enZ1dl?f%Faf+ z``#Ayixc}BwFRO;HX#|A2hwvzM{ih7+1VY}ewEIYy93C}4KW~fpv{ieqI6~YVC6mZ z0V+WB)|2GS(@G=JKuP7c)=~LCLl6v99ZU!bF|Tw9dkAu6+R;9d#xz2IVS*i_C79%>N>i5!3$R*BYfdx z(js`%2rsDGZ3&8NQcKi*`fN*7_(>p~`9_fcf#w7vKRQ~pMGC?NGxYN75C$O5O$H<2 zO%#Evudo4!VNhr&DqOS%o$~4w7x<0L@hIo#;NQq{56*B4La`(~1s)|JfBtt`Efz?x zjQSnjq^{^%fLE(Uvjs^J3ba{>21oOigThd#NUn@H5UK;tUE!X<+12X_1b`oR2vDU9 zwsZJyI>toZz|Rn6ynX_BU&P>iG^Gz@v&rGq4cALA{PCRud?0gmlUIXgKgZU7xpsLA o1?BQmy{3O0_;wy980?~>c#Y#2^_(#C16NR#<<;d%WS#~6AJ5dJ{Qv*} literal 0 HcmV?d00001 diff --git a/submissions/lab3.md b/submissions/lab3.md index 61fa24bee..aaab9d1b9 100644 --- a/submissions/lab3.md +++ b/submissions/lab3.md @@ -1 +1,103 @@ -lab3 signing test + +# Lab 3 — Submission + +## Task 1: SSH Commit Signing + +### Local configuration +- `git config --global gpg.format` → ssh +- `git config --global user.signingkey` → C:/Users/neoWiz/.ssh/id_ed25519.pub +- `git config --global commit.gpgsign` → true + +### Local verification +Output of `git log --show-signature -1`: +```text +commit fb53479f000c4e2adaa2ce5c845a8dfcc9df8292 (HEAD -> feature/lab3, origin/feature/lab3) +Good "git" signature for m.novikov@innopolis.university with ED25519 key SHA256:5fyly6WuuxAsyfjQs3sU+uX07wD7lgcYlFYSdOYKif8 +Author: MikeNovikoff +Date: Fri Jun 19 16:38:49 2026 +0500 + + test: first signed commit +``` + +### GitHub verification +- Direct link to your most recent commit on GitHub: [here](https://github.com/MikeNovikoff/DevSecOps-Intro-Mike/commit/fb53479f000c4e2adaa2ce5c845a8dfcc9df8292) +- Screenshot of the Verified badge: ![verified](e3/verified.png) + +### One-paragraph reflection (2-3 sentences) +If an attacker forges my author identity (Repudiation), they could push malicious code disguised as my work, bypassing trust checks. The "Verified" badge mitigates this because GitHub cryptographically proves I hold the private key; a forged commit without my key will show as "Unverified", immediately flagging it as suspicious to the team. + +--- + +## Task 2: Pre-commit + gitleaks + +### `.pre-commit-config.yaml` +```yaml +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.18.2 + hooks: + - id: gitleaks + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 + hooks: + - id: detect-private-key + - id: check-added-large-files +``` + +### `pre-commit install` output +```text +pre-commit installed at .git/hooks/pre-commit +``` + +### The blocked commit +Output of the `git commit` that gitleaks blocked (the failing hook output): +```text +Detect hardcoded secrets.................................................Failed +- hook id: gitleaks +- exit code: 1 + +Finding: GH_PAT=REDACTED +Secret: REDACTED +RuleID: github-pat +Entropy: 4.143943 +File: submissions/leak-attempt.txt +Line: 1 +Fingerprint: submissions/leak-attempt.txt:github-pat:1 +``` + +### Tune-out exercise +1. **Inline allowlist (# gitleaks:allow):** OK for isolated, obvious mock data in unit tests where the context is clear and doesn't affect the whole repo. +2. **Path exclusion (paths: [docs/]):** Risky because if someone accidentally dumps a real production .env file or stack trace containing real tokens into the docs/ folder, the scanner will completely ignore it and the secret will leak. + +--- + +## Bonus: History Rewrite + +### Before +```text +a7e2b79 (HEAD -> master) docs: add usage notes +667f4ac feat: empty log +c4daca1 feat: add config +d120eb2 init +``` +Output of `git log -p | grep -c 'ghp_'`: **2** + +### After +```text +3d40d00 (HEAD -> master) docs: add usage notes +38fe238 feat: empty log +52ab23d feat: add config +5075565 init +``` +Output of `git log -p | grep -c 'ghp_'`: **0** +Output of `git log -p | grep -c 'REDACTED'`: **2** + +### The two-step pattern in real life +1. `git filter-repo --replace-text replacements.txt` — rewrite locally +2. **Secret Rotation / Revocation.** If a token hit the remote repository even for a second, it is compromised. Rewriting history is just hygiene; the actual secret must be invalidated at the provider (e.g., GitHub, AWS) to prevent exploitation. + +### Two real-world gotchas you discovered (2 sentences each) +1. `git filter-repo` refused to run and threw an error: "Refusing to destructively overwrite repo history since this does not look like a fresh clone". Even though it was a fresh git init, I had to explicitly bypass the safety mechanism using the `--force` flag. +2. Windows line endings (CRLF). When creating files with echo in Git Bash, Git threw warnings (LF will be replaced by CRLF). In a real scenario, mixing line endings could potentially mess up exact string matching for replacement if not handled carefully. + +