From bf8a4b4b5cb881dcb718a9d84b35ff0bc0759b81 Mon Sep 17 00:00:00 2001
From: secureCodeBoxBot <securecodebox@iteratec.com>
Date: Thu, 15 Jan 2026 09:25:26 +0000
Subject: [PATCH 01/48] Upgrading semgrep from 1.147.0 to 1.148.0

Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
---
 scanners/semgrep/Chart.yaml                      | 2 +-
 scanners/semgrep/README.md                       | 2 +-
 scanners/semgrep/docs/README.DockerHub-Parser.md | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/scanners/semgrep/Chart.yaml b/scanners/semgrep/Chart.yaml
index 5bc648901..dfc52b348 100644
--- a/scanners/semgrep/Chart.yaml
+++ b/scanners/semgrep/Chart.yaml
@@ -22,7 +22,7 @@ version: "v3.1.0-alpha1"
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.147.0"
+appVersion: "1.148.0"
 annotations:
   versionApi: https://api.github.com/repos/semgrep/semgrep/releases/latest
   supported-platforms: linux/amd64,linux/arm64
diff --git a/scanners/semgrep/README.md b/scanners/semgrep/README.md
index 13c9c0fa8..b8bf048fb 100644
--- a/scanners/semgrep/README.md
+++ b/scanners/semgrep/README.md
@@ -3,7 +3,7 @@ title: "Semgrep"
 category: "scanner"
 type: "Repository"
 state: "released"
-appVersion: "1.147.0"
+appVersion: "1.148.0"
 usecase: "Static Code Analysis"
 ---
 
diff --git a/scanners/semgrep/docs/README.DockerHub-Parser.md b/scanners/semgrep/docs/README.DockerHub-Parser.md
index 5b0269a1a..cf8ac3ae9 100644
--- a/scanners/semgrep/docs/README.DockerHub-Parser.md
+++ b/scanners/semgrep/docs/README.DockerHub-Parser.md
@@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht
 
 ## Supported Tags
 - `latest`  (represents the latest stable release build)
-- tagged releases, e.g. `1.147.0`
+- tagged releases, e.g. `1.148.0`
 
 ## How to use this image
 This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/semgrep.

From 695f7e6808ae2457d22fae062bc0462a7667041d Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 15 Jan 2026 22:23:08 +0000
Subject: [PATCH 02/48] Update golang Docker tag to v1.25.6

---
 auto-discovery/cloud-aws/Dockerfile                        | 2 +-
 auto-discovery/kubernetes/Dockerfile                       | 2 +-
 auto-discovery/kubernetes/pull-secret-extractor/Dockerfile | 2 +-
 lurker/Dockerfile                                          | 2 +-
 operator/Dockerfile                                        | 2 +-
 scanners/git-repo-scanner/scanner/Dockerfile               | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/auto-discovery/cloud-aws/Dockerfile b/auto-discovery/cloud-aws/Dockerfile
index 5a6264fac..02bd163c4 100644
--- a/auto-discovery/cloud-aws/Dockerfile
+++ b/auto-discovery/cloud-aws/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the service binary
-FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/auto-discovery/kubernetes/Dockerfile b/auto-discovery/kubernetes/Dockerfile
index 535b1188c..e4579e4c8 100644
--- a/auto-discovery/kubernetes/Dockerfile
+++ b/auto-discovery/kubernetes/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the manager binary
-FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile b/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile
index b34b6ad81..656591d0f 100644
--- a/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile
+++ b/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the pull-secret-extractor binary
-FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/lurker/Dockerfile b/lurker/Dockerfile
index 5f655da42..7e02b7289 100644
--- a/lurker/Dockerfile
+++ b/lurker/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the manager binary
-FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/operator/Dockerfile b/operator/Dockerfile
index 3545a7948..f92ca3747 100644
--- a/operator/Dockerfile
+++ b/operator/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the manager binary
-FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/scanners/git-repo-scanner/scanner/Dockerfile b/scanners/git-repo-scanner/scanner/Dockerfile
index 7cf2158a4..6746a554c 100644
--- a/scanners/git-repo-scanner/scanner/Dockerfile
+++ b/scanners/git-repo-scanner/scanner/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the pull-secret-extractor binary
-FROM --platform=$BUILDPLATFORM golang:1.25.5 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests

From 7f3d0f07724470879e8e390271161411449861c3 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 15 Jan 2026 02:08:58 +0000
Subject: [PATCH 03/48] Update dependency helm/helm to v4.0.5

---
 .github/workflows/ci.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index efca7e56d..c74b51b7d 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -26,7 +26,7 @@ env:
   # renovate: datasource=github-releases depName=kubernetes-sigs/kind
   KIND_BINARY_VERSION: "v0.31.0"
   # renovate: datasource=github-releases depName=helm/helm
-  HELM_VERSION: "v4.0.4"
+  HELM_VERSION: "v4.0.5"
   # renovate: datasource=github-releases depName=helm-unittest/helm-unittest
   HELM_PLUGIN_UNITTEST_VERSION: "1.0.3"
   # renovate: datasource=github-releases depName=go-task/task

From d4efe88c446ab02fdbf32fa30a0ca620c15b4e87 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 20 Jan 2026 09:05:41 +0000
Subject: [PATCH 04/48] Bump qs

Bumps the npm-security-updates group with 1 update in the /documentation directory: [qs](https://github.com/ljharb/qs).


Updates `qs` from 6.13.0 to 6.14.1
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ljharb/qs/compare/v6.13.0...v6.14.1)

---
updated-dependencies:
- dependency-name: qs
  dependency-version: 6.14.1
  dependency-type: indirect
  dependency-group: npm-security-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 documentation/package-lock.json | 117 ++++++++++++++++++++++----------
 1 file changed, 80 insertions(+), 37 deletions(-)

diff --git a/documentation/package-lock.json b/documentation/package-lock.json
index bd8df7666..40f72dd26 100644
--- a/documentation/package-lock.json
+++ b/documentation/package-lock.json
@@ -6366,23 +6366,23 @@
       }
     },
     "node_modules/body-parser": {
-      "version": "1.20.3",
-      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz",
-      "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==",
+      "version": "1.20.4",
+      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.4.tgz",
+      "integrity": "sha512-ZTgYYLMOXY9qKU/57FAo8F+HA2dGX7bqGc71txDRC1rS4frdFI5R7NhluHxH6M0YItAP0sHB4uqAOcYKxO6uGA==",
       "license": "MIT",
       "dependencies": {
-        "bytes": "3.1.2",
+        "bytes": "~3.1.2",
         "content-type": "~1.0.5",
         "debug": "2.6.9",
         "depd": "2.0.0",
-        "destroy": "1.2.0",
-        "http-errors": "2.0.0",
-        "iconv-lite": "0.4.24",
-        "on-finished": "2.4.1",
-        "qs": "6.13.0",
-        "raw-body": "2.5.2",
+        "destroy": "~1.2.0",
+        "http-errors": "~2.0.1",
+        "iconv-lite": "~0.4.24",
+        "on-finished": "~2.4.1",
+        "qs": "~6.14.0",
+        "raw-body": "~2.5.3",
         "type-is": "~1.6.18",
-        "unpipe": "1.0.0"
+        "unpipe": "~1.0.0"
       },
       "engines": {
         "node": ">= 0.8",
@@ -6407,12 +6407,41 @@
         "ms": "2.0.0"
       }
     },
+    "node_modules/body-parser/node_modules/http-errors": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+      "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+      "license": "MIT",
+      "dependencies": {
+        "depd": "~2.0.0",
+        "inherits": "~2.0.4",
+        "setprototypeof": "~1.2.0",
+        "statuses": "~2.0.2",
+        "toidentifier": "~1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.8"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
     "node_modules/body-parser/node_modules/ms": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
       "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==",
       "license": "MIT"
     },
+    "node_modules/body-parser/node_modules/statuses": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+      "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
     "node_modules/bonjour-service": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/bonjour-service/-/bonjour-service-1.3.0.tgz",
@@ -8780,21 +8809,6 @@
       "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==",
       "license": "MIT"
     },
-    "node_modules/express/node_modules/qs": {
-      "version": "6.14.1",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.1.tgz",
-      "integrity": "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==",
-      "license": "BSD-3-Clause",
-      "dependencies": {
-        "side-channel": "^1.1.0"
-      },
-      "engines": {
-        "node": ">=0.6"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/ljharb"
-      }
-    },
     "node_modules/express/node_modules/range-parser": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
@@ -15842,12 +15856,12 @@
       }
     },
     "node_modules/qs": {
-      "version": "6.13.0",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz",
-      "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==",
+      "version": "6.14.1",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.1.tgz",
+      "integrity": "sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==",
       "license": "BSD-3-Clause",
       "dependencies": {
-        "side-channel": "^1.0.6"
+        "side-channel": "^1.1.0"
       },
       "engines": {
         "node": ">=0.6"
@@ -15903,15 +15917,15 @@
       }
     },
     "node_modules/raw-body": {
-      "version": "2.5.2",
-      "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
-      "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
+      "version": "2.5.3",
+      "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.3.tgz",
+      "integrity": "sha512-s4VSOf6yN0rvbRZGxs8Om5CWj6seneMwK3oDb4lWDH0UPhWcxwOWw5+qk24bxq87szX1ydrwylIOp2uG1ojUpA==",
       "license": "MIT",
       "dependencies": {
-        "bytes": "3.1.2",
-        "http-errors": "2.0.0",
-        "iconv-lite": "0.4.24",
-        "unpipe": "1.0.0"
+        "bytes": "~3.1.2",
+        "http-errors": "~2.0.1",
+        "iconv-lite": "~0.4.24",
+        "unpipe": "~1.0.0"
       },
       "engines": {
         "node": ">= 0.8"
@@ -15926,6 +15940,35 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/raw-body/node_modules/http-errors": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.1.tgz",
+      "integrity": "sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==",
+      "license": "MIT",
+      "dependencies": {
+        "depd": "~2.0.0",
+        "inherits": "~2.0.4",
+        "setprototypeof": "~1.2.0",
+        "statuses": "~2.0.2",
+        "toidentifier": "~1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.8"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
+      }
+    },
+    "node_modules/raw-body/node_modules/statuses": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz",
+      "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.8"
+      }
+    },
     "node_modules/rc": {
       "version": "1.2.8",
       "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz",

From 46b3610ddafe3c64eb7a88aba3714333b77f7fe3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 20 Jan 2026 09:05:56 +0000
Subject: [PATCH 05/48] Bump @types/node in /documentation in the
 npm-version-updates group

Bumps the npm-version-updates group in /documentation with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 25.0.7 to 25.0.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.0.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 documentation/package-lock.json | 8 ++++----
 documentation/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/documentation/package-lock.json b/documentation/package-lock.json
index 40f72dd26..cd5925c1f 100644
--- a/documentation/package-lock.json
+++ b/documentation/package-lock.json
@@ -30,7 +30,7 @@
         "@docusaurus/module-type-aliases": "^3.6.0",
         "@docusaurus/tsconfig": "^3.9.2",
         "@docusaurus/types": "^3.6.0",
-        "@types/node": "^25.0.7",
+        "@types/node": "^25.0.9",
         "@types/react": "^19.2.8",
         "@types/react-helmet": "^6.1.11",
         "@types/react-router-dom": "^5.1.8",
@@ -5449,9 +5449,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "25.0.7",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.7.tgz",
-      "integrity": "sha512-C/er7DlIZgRJO7WtTdYovjIFzGsz0I95UlMyR9anTb4aCpBSRWe5Jc1/RvLKUfzmOxHPGjSE5+63HgLtndxU4w==",
+      "version": "25.0.9",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.9.tgz",
+      "integrity": "sha512-/rpCXHlCWeqClNBwUhDcusJxXYDjZTyE8v5oTO7WbL8eij2nKhUeU89/6xgjU7N4/Vh3He0BtyhJdQbDyhiXAw==",
       "license": "MIT",
       "dependencies": {
         "undici-types": "~7.16.0"
diff --git a/documentation/package.json b/documentation/package.json
index cf6269807..03e6da4e9 100644
--- a/documentation/package.json
+++ b/documentation/package.json
@@ -52,7 +52,7 @@
     "@docusaurus/module-type-aliases": "^3.6.0",
     "@docusaurus/tsconfig": "^3.9.2",
     "@docusaurus/types": "^3.6.0",
-    "@types/node": "^25.0.7",
+    "@types/node": "^25.0.9",
     "@types/react": "^19.2.8",
     "@types/react-helmet": "^6.1.11",
     "@types/react-router-dom": "^5.1.8",

From 2f161073c60209e261f9f6f0d04501682c736e2a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 15 Jan 2026 01:02:01 +0000
Subject: [PATCH 06/48] Bump undici from 6.21.3 to 6.23.0 in
 /hooks/persistence-elastic/hook

Bumps [undici](https://github.com/nodejs/undici) from 6.21.3 to 6.23.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v6.21.3...v6.23.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 6.23.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 hooks/persistence-elastic/hook/package-lock.json | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/hooks/persistence-elastic/hook/package-lock.json b/hooks/persistence-elastic/hook/package-lock.json
index e8d449db2..a6720d065 100644
--- a/hooks/persistence-elastic/hook/package-lock.json
+++ b/hooks/persistence-elastic/hook/package-lock.json
@@ -837,10 +837,9 @@
       }
     },
     "node_modules/undici": {
-      "version": "6.21.3",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.3.tgz",
-      "integrity": "sha512-gBLkYIlEnSp8pFbT64yFgGE6UIB9tAkhukC23PmMDCe5Nd+cRqKxSjw5y54MK2AZMgZfJWMaNE4nYUHgi1XEOw==",
-      "license": "MIT",
+      "version": "6.23.0",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
+      "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
       "engines": {
         "node": ">=18.17"
       }
@@ -1431,9 +1430,9 @@
       "integrity": "sha512-ya4mg/30vm+DOWfBg4YK3j2WD6TWtRkCbasOJr40CseYENzCUby/7rIvXA99JGsQHeNxLbnXdyLLxKSv3tauFw=="
     },
     "undici": {
-      "version": "6.21.3",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.3.tgz",
-      "integrity": "sha512-gBLkYIlEnSp8pFbT64yFgGE6UIB9tAkhukC23PmMDCe5Nd+cRqKxSjw5y54MK2AZMgZfJWMaNE4nYUHgi1XEOw=="
+      "version": "6.23.0",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
+      "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g=="
     },
     "undici-types": {
       "version": "6.19.8",

From 24b0754567c2aaf07c7bf59b3285ad518166f95c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 20 Jan 2026 09:10:07 +0000
Subject: [PATCH 07/48] Bump @types/node

Bumps the npm-version-updates group with 1 update in the /parser-sdk/nodejs directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 25.0.7 to 25.0.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.0.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 hook-sdk/nodejs/package-lock.json   |  6 +++---
 parser-sdk/nodejs/package-lock.json | 14 +++++++-------
 parser-sdk/nodejs/package.json      |  2 +-
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/hook-sdk/nodejs/package-lock.json b/hook-sdk/nodejs/package-lock.json
index a9c9877ee..7983d822f 100644
--- a/hook-sdk/nodejs/package-lock.json
+++ b/hook-sdk/nodejs/package-lock.json
@@ -66,9 +66,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "24.10.7",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.7.tgz",
-      "integrity": "sha512-+054pVMzVTmRQV8BhpGv3UyfZ2Llgl8rdpDTon+cUH9+na0ncBVXj3wTUKh14+Kiz18ziM3b4ikpP5/Pc0rQEQ==",
+      "version": "24.10.9",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.9.tgz",
+      "integrity": "sha512-ne4A0IpG3+2ETuREInjPNhUGis1SFjv1d5asp8MzEAGtOZeTeHVDOYqOgqfhvseqg/iXty2hjBf1zAOb7RNiNw==",
       "dependencies": {
         "undici-types": "~7.16.0"
       }
diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json
index d97a4c63a..b284e7c57 100644
--- a/parser-sdk/nodejs/package-lock.json
+++ b/parser-sdk/nodejs/package-lock.json
@@ -16,7 +16,7 @@
         "jsonpointer": "^5.0.1"
       },
       "devDependencies": {
-        "@types/node": "^25.0.7"
+        "@types/node": "^25.0.9"
       }
     },
     "node_modules/@jsep-plugin/assignment": {
@@ -81,9 +81,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "25.0.7",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.7.tgz",
-      "integrity": "sha512-C/er7DlIZgRJO7WtTdYovjIFzGsz0I95UlMyR9anTb4aCpBSRWe5Jc1/RvLKUfzmOxHPGjSE5+63HgLtndxU4w==",
+      "version": "25.0.9",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.9.tgz",
+      "integrity": "sha512-/rpCXHlCWeqClNBwUhDcusJxXYDjZTyE8v5oTO7WbL8eij2nKhUeU89/6xgjU7N4/Vh3He0BtyhJdQbDyhiXAw==",
       "dependencies": {
         "undici-types": "~7.16.0"
       }
@@ -885,9 +885,9 @@
       "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg=="
     },
     "@types/node": {
-      "version": "25.0.7",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.7.tgz",
-      "integrity": "sha512-C/er7DlIZgRJO7WtTdYovjIFzGsz0I95UlMyR9anTb4aCpBSRWe5Jc1/RvLKUfzmOxHPGjSE5+63HgLtndxU4w==",
+      "version": "25.0.9",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.9.tgz",
+      "integrity": "sha512-/rpCXHlCWeqClNBwUhDcusJxXYDjZTyE8v5oTO7WbL8eij2nKhUeU89/6xgjU7N4/Vh3He0BtyhJdQbDyhiXAw==",
       "requires": {
         "undici-types": "~7.16.0"
       }
diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json
index b7b6528ab..1a2b90ddc 100644
--- a/parser-sdk/nodejs/package.json
+++ b/parser-sdk/nodejs/package.json
@@ -18,6 +18,6 @@
     "jsonpointer": "^5.0.1"
   },
   "devDependencies": {
-    "@types/node": "^25.0.7"
+    "@types/node": "^25.0.9"
   }
 }

From a3dfa93d8a6e912d9109fe82071a9d4215148ce4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 20 Jan 2026 09:14:01 +0000
Subject: [PATCH 08/48] Bump the go-version-updates group across 3 directories
 with 2 updates

Bumps the go-version-updates group with 1 update in the /auto-discovery/cloud-aws directory: [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime).
Bumps the go-version-updates group with 1 update in the /auto-discovery/kubernetes directory: [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime).
Bumps the go-version-updates group with 2 updates in the /operator directory: [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) and [github.com/minio/minio-go/v7](https://github.com/minio/minio-go).


Updates `sigs.k8s.io/controller-runtime` from 0.22.4 to 0.23.0
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.22.4...v0.23.0)

Updates `sigs.k8s.io/controller-runtime` from 0.22.4 to 0.23.0
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.22.4...v0.23.0)

Updates `sigs.k8s.io/controller-runtime` from 0.22.4 to 0.23.0
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.22.4...v0.23.0)

Updates `github.com/minio/minio-go/v7` from 7.0.97 to 7.0.98
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](https://github.com/minio/minio-go/compare/v7.0.97...v7.0.98)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-version-updates
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-version-updates
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-version-updates
- dependency-name: github.com/minio/minio-go/v7
  dependency-version: 7.0.98
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 auto-discovery/cloud-aws/go.mod  |  5 +--
 auto-discovery/cloud-aws/go.sum  | 39 ++-----------------
 auto-discovery/kubernetes/go.mod |  5 +--
 auto-discovery/kubernetes/go.sum | 18 ++-------
 operator/go.mod                  | 25 ++++++------
 operator/go.sum                  | 66 ++++++++++++++------------------
 6 files changed, 52 insertions(+), 106 deletions(-)

diff --git a/auto-discovery/cloud-aws/go.mod b/auto-discovery/cloud-aws/go.mod
index afafb0cc3..4eb1badf1 100644
--- a/auto-discovery/cloud-aws/go.mod
+++ b/auto-discovery/cloud-aws/go.mod
@@ -17,7 +17,7 @@ require (
 	k8s.io/api v0.35.0
 	k8s.io/client-go v0.35.0
 	k8s.io/klog/v2 v2.130.1
-	sigs.k8s.io/controller-runtime v0.22.4
+	sigs.k8s.io/controller-runtime v0.23.0
 	sigs.k8s.io/yaml v1.6.0
 )
 
@@ -42,7 +42,6 @@ require (
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.1 // indirect
 	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
-	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/google/btree v1.1.3 // indirect
 	github.com/google/gnostic-models v0.7.0 // indirect
 	github.com/google/go-cmp v0.7.0 // indirect
@@ -92,7 +91,7 @@ require (
 	gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apiextensions-apiserver v0.34.1 // indirect
+	k8s.io/apiextensions-apiserver v0.35.0 // indirect
 	k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect
 	k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect
 	sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect
diff --git a/auto-discovery/cloud-aws/go.sum b/auto-discovery/cloud-aws/go.sum
index 0bab6a0b3..2f4cff1ac 100644
--- a/auto-discovery/cloud-aws/go.sum
+++ b/auto-discovery/cloud-aws/go.sum
@@ -55,8 +55,6 @@ github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1v
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
 github.com/goccy/go-yaml v1.18.0 h1:8W7wMFS12Pcas7KU+VVkaiCng+kG8QiFeFwzFb+rwuw=
 github.com/goccy/go-yaml v1.18.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
-github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
-github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg=
 github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4=
 github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo=
@@ -88,8 +86,6 @@ github.com/joshdk/go-junit v1.0.0 h1:S86cUKIdwBHWwA6xCmFlf3RTLfVXYQfvanM5Uh+K6GE
 github.com/joshdk/go-junit v1.0.0/go.mod h1:TiiV0PqkaNfFXjEiyjWM3XXrhVyCa1K4Zfga6W52ung=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
-github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
 github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
@@ -180,8 +176,6 @@ github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ=
 github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0=
-github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
@@ -192,52 +186,27 @@ go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0=
 go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8=
 go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
 go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
 golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
-golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
 golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
 golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
 golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
 golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
 golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
 golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
 golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
 golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
 golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
 golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
 golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
 golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gomodules.xyz/jsonpatch/v2 v2.5.0 h1:JELs8RLM12qJGXU4u/TO3V25KW8GreMKl9pdkk14RM0=
 gomodules.xyz/jsonpatch/v2 v2.5.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY=
 google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc=
@@ -259,8 +228,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY=
 k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA=
-k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJbII2CI=
-k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc=
+k8s.io/apiextensions-apiserver v0.35.0 h1:3xHk2rTOdWXXJM+RDQZJvdx0yEOgC0FgQ1PlJatA5T4=
+k8s.io/apiextensions-apiserver v0.35.0/go.mod h1:E1Ahk9SADaLQ4qtzYFkwUqusXTcaV2uw3l14aqpL2LU=
 k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8=
 k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns=
 k8s.io/cli-runtime v0.35.0 h1:PEJtYS/Zr4p20PfZSLCbY6YvaoLrfByd6THQzPworUE=
@@ -273,8 +242,8 @@ k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZ
 k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A=
-sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8=
+sigs.k8s.io/controller-runtime v0.23.0 h1:Ubi7klJWiwEWqDY+odSVZiFA0aDSevOCXpa38yCSYu8=
+sigs.k8s.io/controller-runtime v0.23.0/go.mod h1:DBOIr9NsprUqCZ1ZhsuJ0wAnQSIxY/C6VjZbmLgw0j0=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
 sigs.k8s.io/kustomize/api v0.20.1 h1:iWP1Ydh3/lmldBnH/S5RXgT98vWYMaTUL1ADcr+Sv7I=
diff --git a/auto-discovery/kubernetes/go.mod b/auto-discovery/kubernetes/go.mod
index ec8c65e0a..b6fd75fbf 100644
--- a/auto-discovery/kubernetes/go.mod
+++ b/auto-discovery/kubernetes/go.mod
@@ -17,7 +17,7 @@ require (
 	k8s.io/client-go v0.35.0
 	k8s.io/klog/v2 v2.130.1
 	k8s.io/utils v0.0.0-20251002143259-bc988d571ff4
-	sigs.k8s.io/controller-runtime v0.22.4
+	sigs.k8s.io/controller-runtime v0.23.0
 	sigs.k8s.io/yaml v1.6.0
 )
 
@@ -35,7 +35,6 @@ require (
 	github.com/go-openapi/jsonpointer v0.21.1 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.1 // indirect
-	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/google/btree v1.1.3 // indirect
 	github.com/google/gnostic-models v0.7.0 // indirect
 	github.com/google/go-cmp v0.7.0 // indirect
@@ -76,7 +75,7 @@ require (
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apiextensions-apiserver v0.34.1 // indirect
+	k8s.io/apiextensions-apiserver v0.35.0 // indirect
 	k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect
 	sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect
 	sigs.k8s.io/randfill v1.0.0 // indirect
diff --git a/auto-discovery/kubernetes/go.sum b/auto-discovery/kubernetes/go.sum
index 8b93fb164..de2118361 100644
--- a/auto-discovery/kubernetes/go.sum
+++ b/auto-discovery/kubernetes/go.sum
@@ -40,8 +40,6 @@ github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8Wd
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
-github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
-github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
@@ -74,8 +72,6 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
-github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
 github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
@@ -138,7 +134,6 @@ github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu
 github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
-github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
@@ -155,14 +150,12 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
 golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
-golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
 golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
@@ -171,7 +164,6 @@ golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
 golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
 golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
@@ -196,9 +188,7 @@ golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
 golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
 golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -232,8 +222,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY=
 k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA=
-k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJbII2CI=
-k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc=
+k8s.io/apiextensions-apiserver v0.35.0 h1:3xHk2rTOdWXXJM+RDQZJvdx0yEOgC0FgQ1PlJatA5T4=
+k8s.io/apiextensions-apiserver v0.35.0/go.mod h1:E1Ahk9SADaLQ4qtzYFkwUqusXTcaV2uw3l14aqpL2LU=
 k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8=
 k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns=
 k8s.io/client-go v0.35.0 h1:IAW0ifFbfQQwQmga0UdoH0yvdqrbwMdq9vIFEhRpxBE=
@@ -244,8 +234,8 @@ k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZ
 k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A=
-sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8=
+sigs.k8s.io/controller-runtime v0.23.0 h1:Ubi7klJWiwEWqDY+odSVZiFA0aDSevOCXpa38yCSYu8=
+sigs.k8s.io/controller-runtime v0.23.0/go.mod h1:DBOIr9NsprUqCZ1ZhsuJ0wAnQSIxY/C6VjZbmLgw0j0=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
 sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=
diff --git a/operator/go.mod b/operator/go.mod
index dab52991c..4ba2b9f47 100644
--- a/operator/go.mod
+++ b/operator/go.mod
@@ -8,14 +8,14 @@ go 1.25.0
 
 require (
 	github.com/go-logr/logr v1.4.3
-	github.com/minio/minio-go/v7 v7.0.97
+	github.com/minio/minio-go/v7 v7.0.98
 	github.com/mitchellh/hashstructure/v2 v2.0.2
 	github.com/onsi/ginkgo v1.16.5
 	github.com/onsi/gomega v1.39.0
 	k8s.io/api v0.35.0
 	k8s.io/apimachinery v0.35.0
 	k8s.io/client-go v0.35.0
-	sigs.k8s.io/controller-runtime v0.22.4
+	sigs.k8s.io/controller-runtime v0.23.0
 )
 
 require (
@@ -26,14 +26,14 @@ require (
 	github.com/google/btree v1.1.3 // indirect
 	github.com/google/gnostic-models v0.7.0 // indirect
 	github.com/klauspost/crc32 v1.3.0 // indirect
-	github.com/minio/crc64nvme v1.1.0 // indirect
+	github.com/minio/crc64nvme v1.1.1 // indirect
 	github.com/philhofer/fwd v1.2.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/tinylib/msgp v1.3.0 // indirect
+	github.com/tinylib/msgp v1.6.1 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	go.yaml.in/yaml/v2 v2.4.3 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/sync v0.18.0 // indirect
+	golang.org/x/sync v0.19.0 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
 	sigs.k8s.io/randfill v1.0.0 // indirect
 	sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect
@@ -50,12 +50,11 @@ require (
 	github.com/go-openapi/jsonpointer v0.21.1 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.1 // indirect
-	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/google/go-cmp v0.7.0 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/compress v1.18.0 // indirect
+	github.com/klauspost/compress v1.18.2 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.11 // indirect
 	github.com/mailru/easyjson v0.9.0 // indirect
 	github.com/minio/md5-simd v1.1.2 // indirect
@@ -72,19 +71,19 @@ require (
 	github.com/spf13/pflag v1.0.9 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	golang.org/x/crypto v0.45.0 // indirect
-	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/crypto v0.46.0 // indirect
+	golang.org/x/net v0.48.0 // indirect
 	golang.org/x/oauth2 v0.30.0 // indirect
-	golang.org/x/sys v0.38.0 // indirect
-	golang.org/x/term v0.37.0 // indirect
-	golang.org/x/text v0.31.0 // indirect
+	golang.org/x/sys v0.39.0 // indirect
+	golang.org/x/term v0.38.0 // indirect
+	golang.org/x/text v0.32.0 // indirect
 	golang.org/x/time v0.11.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
 	google.golang.org/protobuf v1.36.8 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apiextensions-apiserver v0.34.1 // indirect
+	k8s.io/apiextensions-apiserver v0.35.0 // indirect
 	k8s.io/klog/v2 v2.130.1
 	k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect
 	k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect
diff --git a/operator/go.sum b/operator/go.sum
index 6a60bc32b..73dca4dd9 100644
--- a/operator/go.sum
+++ b/operator/go.sum
@@ -38,8 +38,6 @@ github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8Wd
 github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
-github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
-github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
 github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
@@ -68,10 +66,8 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
-github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
-github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
+github.com/klauspost/compress v1.18.2 h1:iiPHWW0YrcFgpBYhsA6D1+fqHssJscY/Tm/y2Uqnapk=
+github.com/klauspost/compress v1.18.2/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4=
 github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.2.11 h1:0OwqZRYI2rFrjS4kvkDnqJkKHdHaRnCm68/DY4OxRzU=
 github.com/klauspost/cpuid/v2 v2.2.11/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
@@ -85,12 +81,12 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0
 github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4=
 github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU=
-github.com/minio/crc64nvme v1.1.0 h1:e/tAguZ+4cw32D+IO/8GSf5UVr9y+3eJcxZI2WOO/7Q=
-github.com/minio/crc64nvme v1.1.0/go.mod h1:eVfm2fAzLlxMdUGc0EEBGSMmPwmXD5XiNRpnu9J3bvg=
+github.com/minio/crc64nvme v1.1.1 h1:8dwx/Pz49suywbO+auHCBpCtlW1OfpcLN7wYgVR6wAI=
+github.com/minio/crc64nvme v1.1.1/go.mod h1:eVfm2fAzLlxMdUGc0EEBGSMmPwmXD5XiNRpnu9J3bvg=
 github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
 github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
-github.com/minio/minio-go/v7 v7.0.97 h1:lqhREPyfgHTB/ciX8k2r8k0D93WaFqxbJX36UZq5occ=
-github.com/minio/minio-go/v7 v7.0.97/go.mod h1:re5VXuo0pwEtoNLsNuSr0RrLfT/MBtohwdaSmPPSRSk=
+github.com/minio/minio-go/v7 v7.0.98 h1:MeAVKjLVz+XJ28zFcuYyImNSAh8Mq725uNW4beRisi0=
+github.com/minio/minio-go/v7 v7.0.98/go.mod h1:cY0Y+W7yozf0mdIclrttzo1Iiu7mEf9y7nk2uXqMOvM=
 github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4=
 github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -143,11 +139,10 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
 github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
-github.com/tinylib/msgp v1.3.0 h1:ULuf7GPooDaIlbyvgAxBV/FI7ynli6LZ1/nVUNu+0ww=
-github.com/tinylib/msgp v1.3.0/go.mod h1:ykjzy2wzgrlvpDCRc4LA8UXy6D8bzMSuAF3WD57Gok0=
+github.com/tinylib/msgp v1.6.1 h1:ESRv8eL3u+DNHUoSAAQRE50Hm162zqAnBoGv9PzScPY=
+github.com/tinylib/msgp v1.6.1/go.mod h1:RSp0LW9oSxFut3KzESt5Voq4GVWyS+PSulT77roAqEA=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
-github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
@@ -162,28 +157,25 @@ go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
-golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
-golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
+golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
-golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
+golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk=
+golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
-golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
+golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
+golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
 golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
 golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
-golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
+golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -193,23 +185,21 @@ golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
-golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
-golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
+golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
+golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
+golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
-golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
+golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
+golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
 golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
 golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
-golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
+golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ=
+golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -241,8 +231,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 k8s.io/api v0.35.0 h1:iBAU5LTyBI9vw3L5glmat1njFK34srdLmktWwLTprlY=
 k8s.io/api v0.35.0/go.mod h1:AQ0SNTzm4ZAczM03QH42c7l3bih1TbAXYo0DkF8ktnA=
-k8s.io/apiextensions-apiserver v0.34.1 h1:NNPBva8FNAPt1iSVwIE0FsdrVriRXMsaWFMqJbII2CI=
-k8s.io/apiextensions-apiserver v0.34.1/go.mod h1:hP9Rld3zF5Ay2Of3BeEpLAToP+l4s5UlxiHfqRaRcMc=
+k8s.io/apiextensions-apiserver v0.35.0 h1:3xHk2rTOdWXXJM+RDQZJvdx0yEOgC0FgQ1PlJatA5T4=
+k8s.io/apiextensions-apiserver v0.35.0/go.mod h1:E1Ahk9SADaLQ4qtzYFkwUqusXTcaV2uw3l14aqpL2LU=
 k8s.io/apimachinery v0.35.0 h1:Z2L3IHvPVv/MJ7xRxHEtk6GoJElaAqDCCU0S6ncYok8=
 k8s.io/apimachinery v0.35.0/go.mod h1:jQCgFZFR1F4Ik7hvr2g84RTJSZegBc8yHgFWKn//hns=
 k8s.io/client-go v0.35.0 h1:IAW0ifFbfQQwQmga0UdoH0yvdqrbwMdq9vIFEhRpxBE=
@@ -253,8 +243,8 @@ k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZ
 k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-sigs.k8s.io/controller-runtime v0.22.4 h1:GEjV7KV3TY8e+tJ2LCTxUTanW4z/FmNB7l327UfMq9A=
-sigs.k8s.io/controller-runtime v0.22.4/go.mod h1:+QX1XUpTXN4mLoblf4tqr5CQcyHPAki2HLXqQMY6vh8=
+sigs.k8s.io/controller-runtime v0.23.0 h1:Ubi7klJWiwEWqDY+odSVZiFA0aDSevOCXpa38yCSYu8=
+sigs.k8s.io/controller-runtime v0.23.0/go.mod h1:DBOIr9NsprUqCZ1ZhsuJ0wAnQSIxY/C6VjZbmLgw0j0=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
 sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=

From fa35b57fbbe7af68d2ad97565875f3605dbe55bd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 20 Jan 2026 09:12:00 +0000
Subject: [PATCH 09/48] Bump the github-actions-version-updates group across 1
 directory with 2 updates

Bumps the github-actions-version-updates group with 2 updates in the /.github/workflows directory: [oven-sh/setup-bun](https://github.com/oven-sh/setup-bun) and [actions/cache](https://github.com/actions/cache).


Updates `oven-sh/setup-bun` from 2.1.0 to 2.1.2
- [Release notes](https://github.com/oven-sh/setup-bun/releases)
- [Commits](https://github.com/oven-sh/setup-bun/compare/b7a1c7ccf290d58743029c4f6903da283811b979...3d267786b128fe76c2f16a390aa2448b815359f3)

Updates `actions/cache` from 5.0.1 to 5.0.2
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...8b402f58fbc84540c8b491a91e594a4576fec3d7)

---
updated-dependencies:
- dependency-name: oven-sh/setup-bun
  dependency-version: 2.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-version-updates
- dependency-name: actions/cache
  dependency-version: 5.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index c74b51b7d..a7f21b0da 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -40,7 +40,7 @@ jobs:
       - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 
       - name: Install bun
-        uses: oven-sh/setup-bun@b7a1c7ccf290d58743029c4f6903da283811b979 # v2.1.0
+        uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2.1.2
 
       - name: Install dependencies
         working-directory: tests/integration
@@ -161,13 +161,13 @@ jobs:
           java-package: jdk # (jre, jdk, or jdk+fx) - defaults to jdk
           architecture: x64 # (x64 or x86) - defaults to x64
       - name: Cache SonarCloud packages
-        uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
+        uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar
           restore-keys: ${{ runner.os }}-sonar
       - name: Cache Gradle packages
-        uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
+        uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
@@ -460,7 +460,7 @@ jobs:
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 
       - name: Install bun
-        uses: oven-sh/setup-bun@b7a1c7ccf290d58743029c4f6903da283811b979 # v2.1.0
+        uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2.1.2
 
       - name: Download Task
         uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
@@ -619,7 +619,7 @@ jobs:
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 
       - name: Install bun
-        uses: oven-sh/setup-bun@b7a1c7ccf290d58743029c4f6903da283811b979 # v2.1.0
+        uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2.1.2
 
       - name: Download Task
         uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0

From ae49734ca37c3fa3a656bc7338fce4cd9ea86878 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 20 Jan 2026 09:05:52 +0000
Subject: [PATCH 10/48] Bump the gradle-version-updates group

Bumps the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 2 updates: [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) and [io.freefair.lombok](https://github.com/freefair/gradle-plugins).


Updates `com.fasterxml.jackson:jackson-bom` from 2.20.1 to 2.21.0
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.20.1...jackson-bom-2.21.0)

Updates `io.freefair.lombok` from 9.1.0 to 9.2.0
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/9.1.0...9.2.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-version-updates
- dependency-name: io.freefair.lombok
  dependency-version: 9.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 hooks/persistence-defectdojo/hook/build.gradle | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hooks/persistence-defectdojo/hook/build.gradle b/hooks/persistence-defectdojo/hook/build.gradle
index 9c6253ef0..306060cc0 100644
--- a/hooks/persistence-defectdojo/hook/build.gradle
+++ b/hooks/persistence-defectdojo/hook/build.gradle
@@ -4,7 +4,7 @@
 
 plugins {
   id "java"
-  id "io.freefair.lombok" version "9.1.0"
+  id "io.freefair.lombok" version "9.2.0"
   // https://github.com/ben-manes/gradle-versions-plugin
   // Run: ./gradlew dependencyUpdates -Drevision=release
   id "com.github.ben-manes.versions" version "0.53.0"
@@ -28,7 +28,7 @@ dependencies {
    // so it causes issues with the version in the defectdojo client
   implementation group: "org.springframework", name: "spring-web", version: "6.2.12"
   // https://github.com/FasterXML/jackson-bom
-  implementation platform("com.fasterxml.jackson:jackson-bom:2.20.1")
+  implementation platform("com.fasterxml.jackson:jackson-bom:2.21.0")
   implementation "com.fasterxml.jackson.core:jackson-core"
   implementation "com.fasterxml.jackson.core:jackson-annotations"
   implementation "com.fasterxml.jackson.core:jackson-databind"

From d241043ffc8d02a615c23ce83102a56474123612 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 21 Jan 2026 23:25:24 +0000
Subject: [PATCH 11/48] Bump lodash

Bumps the npm-security-updates group with 1 update in the /documentation directory: [lodash](https://github.com/lodash/lodash).


Updates `lodash` from 4.17.21 to 4.17.23
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
  dependency-group: npm-security-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 documentation/package-lock.json | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/documentation/package-lock.json b/documentation/package-lock.json
index cd5925c1f..e38ab301d 100644
--- a/documentation/package-lock.json
+++ b/documentation/package-lock.json
@@ -11054,9 +11054,10 @@
       }
     },
     "node_modules/lodash": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
-      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
+      "version": "4.17.23",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
+      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
+      "license": "MIT"
     },
     "node_modules/lodash.debounce": {
       "version": "4.0.8",

From 8e544512500d390f15ca9f2bc2e4f31c748c9405 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 21 Jan 2026 23:05:03 +0000
Subject: [PATCH 12/48] Update dependency helm/helm to v4.1.0

---
 .github/workflows/ci.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index a7f21b0da..8907f27b3 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -26,7 +26,7 @@ env:
   # renovate: datasource=github-releases depName=kubernetes-sigs/kind
   KIND_BINARY_VERSION: "v0.31.0"
   # renovate: datasource=github-releases depName=helm/helm
-  HELM_VERSION: "v4.0.5"
+  HELM_VERSION: "v4.1.0"
   # renovate: datasource=github-releases depName=helm-unittest/helm-unittest
   HELM_PLUGIN_UNITTEST_VERSION: "1.0.3"
   # renovate: datasource=github-releases depName=go-task/task

From b6d81491e39aa70cb5f9b7982cf8118c4160be75 Mon Sep 17 00:00:00 2001
From: secureCodeBoxBot <securecodebox@iteratec.com>
Date: Thu, 22 Jan 2026 09:25:49 +0000
Subject: [PATCH 13/48] Upgrading semgrep from 1.148.0 to 1.149.0

Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
---
 scanners/semgrep/Chart.yaml                      | 2 +-
 scanners/semgrep/README.md                       | 2 +-
 scanners/semgrep/docs/README.DockerHub-Parser.md | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/scanners/semgrep/Chart.yaml b/scanners/semgrep/Chart.yaml
index dfc52b348..b737a4d0b 100644
--- a/scanners/semgrep/Chart.yaml
+++ b/scanners/semgrep/Chart.yaml
@@ -22,7 +22,7 @@ version: "v3.1.0-alpha1"
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.148.0"
+appVersion: "1.149.0"
 annotations:
   versionApi: https://api.github.com/repos/semgrep/semgrep/releases/latest
   supported-platforms: linux/amd64,linux/arm64
diff --git a/scanners/semgrep/README.md b/scanners/semgrep/README.md
index b8bf048fb..2b87263d1 100644
--- a/scanners/semgrep/README.md
+++ b/scanners/semgrep/README.md
@@ -3,7 +3,7 @@ title: "Semgrep"
 category: "scanner"
 type: "Repository"
 state: "released"
-appVersion: "1.148.0"
+appVersion: "1.149.0"
 usecase: "Static Code Analysis"
 ---
 
diff --git a/scanners/semgrep/docs/README.DockerHub-Parser.md b/scanners/semgrep/docs/README.DockerHub-Parser.md
index cf8ac3ae9..e4b712913 100644
--- a/scanners/semgrep/docs/README.DockerHub-Parser.md
+++ b/scanners/semgrep/docs/README.DockerHub-Parser.md
@@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht
 
 ## Supported Tags
 - `latest`  (represents the latest stable release build)
-- tagged releases, e.g. `1.148.0`
+- tagged releases, e.g. `1.149.0`
 
 ## How to use this image
 This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/semgrep.

From e197b231f6ca9947e043533c0f5da83ec300683c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 27 Jan 2026 09:08:09 +0000
Subject: [PATCH 14/48] Bump the github-actions-version-updates group across 1
 directory with 4 updates

Bumps the github-actions-version-updates group with 4 updates in the /.github/workflows directory: [actions/checkout](https://github.com/actions/checkout), [actions/setup-java](https://github.com/actions/setup-java), [github/codeql-action](https://github.com/github/codeql-action) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `actions/checkout` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd)

Updates `actions/setup-java` from 5.1.0 to 5.2.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/f2beeb24e141e01a676f977032f5a29d81c9e27e...be666c2fcd27ec809703dec50e508c2fdc7f6654)

Updates `github/codeql-action` from 4.31.10 to 4.32.0
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/cdefb33c0f6224e58673d9004f47f7cb3e328b89...b20883b0cd1f46c72ae0ba6d1090936928f9fa30)

Updates `peter-evans/create-pull-request` from 8.0.0 to 8.1.0
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/98357b18bf14b5342f975ff684046ec3b2a07725...c0f553fe549906ede9cf27b5156039d195d2ece0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-version-updates
- dependency-name: actions/setup-java
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-version-updates
- dependency-name: github/codeql-action
  dependency-version: 4.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-version-updates
- dependency-name: peter-evans/create-pull-request
  dependency-version: 8.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci.yaml                     | 26 +++++++++----------
 .github/workflows/documentation-roulette.yaml |  2 +-
 .../workflows/helm-charts-release-ghcr.yaml   |  2 +-
 .github/workflows/helm-charts-release.yaml    |  2 +-
 .github/workflows/helm-docs.yaml              |  2 +-
 .github/workflows/label-commenter.yml         |  2 +-
 .github/workflows/license-check.yaml          |  2 +-
 .github/workflows/mega-linter.yml             |  2 +-
 .github/workflows/move-bot-pr-to-review.yaml  |  2 +-
 .github/workflows/oss-scorecard.yaml          |  4 +--
 .github/workflows/release-build.yaml          | 20 +++++++-------
 .github/workflows/scb-bot.yaml                |  4 +--
 12 files changed, 35 insertions(+), 35 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 8907f27b3..1b9fb4bf4 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -37,7 +37,7 @@ jobs:
     name: "Unit Test | Node.js Scanner Test Helpers"
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Install bun
         uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2.1.2
@@ -53,7 +53,7 @@ jobs:
     name: "Setup Kind & Kubectl & Helm & Task"
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Install Kind
         run: |
@@ -111,7 +111,7 @@ jobs:
     needs:
       - k8s-setup
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Download Helm
         uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
         with:
@@ -150,11 +150,11 @@ jobs:
       matrix:
         unit: ["persistence-defectdojo"]
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
       - name: Set up JDK 17
-        uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
+        uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
         with:
           distribution: "temurin" # required Java distribution
           java-version: "17" # The JDK version to make available on the path.
@@ -191,7 +191,7 @@ jobs:
         component: ["operator", "lurker"]
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Go Setup
         uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
@@ -230,7 +230,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Go Setup
         uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
@@ -270,7 +270,7 @@ jobs:
       - k8s-setup
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Go Setup
         uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
@@ -363,7 +363,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Go Setup
         uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
@@ -407,7 +407,7 @@ jobs:
           - hook-sdk
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Build Image
         working-directory: ./${{ matrix.sdk }}/nodejs
@@ -457,7 +457,7 @@ jobs:
           - zap-automation-framework
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Install bun
         uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2.1.2
@@ -616,7 +616,7 @@ jobs:
           # - persistence-static-report (WIP)
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Install bun
         uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2.1.2
@@ -750,7 +750,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set up Go
         uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
diff --git a/.github/workflows/documentation-roulette.yaml b/.github/workflows/documentation-roulette.yaml
index 0b87dc6b5..b695a82ec 100644
--- a/.github/workflows/documentation-roulette.yaml
+++ b/.github/workflows/documentation-roulette.yaml
@@ -21,7 +21,7 @@ jobs:
     if: github.repository == 'secureCodeBox/secureCodeBox'
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       # Request team members with the GitHub API using their gh cli
       - name: Fetch core-team members
diff --git a/.github/workflows/helm-charts-release-ghcr.yaml b/.github/workflows/helm-charts-release-ghcr.yaml
index 4a6bbfd77..369d64a1d 100644
--- a/.github/workflows/helm-charts-release-ghcr.yaml
+++ b/.github/workflows/helm-charts-release-ghcr.yaml
@@ -20,7 +20,7 @@ jobs:
     name: "Publish Helm Charts to GHCR"
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Parse Release Version
         run: |
diff --git a/.github/workflows/helm-charts-release.yaml b/.github/workflows/helm-charts-release.yaml
index 667a3da4c..07d6e51f8 100644
--- a/.github/workflows/helm-charts-release.yaml
+++ b/.github/workflows/helm-charts-release.yaml
@@ -18,7 +18,7 @@ jobs:
     name: Package and Publish
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: "Install yq"
         run: |
           sudo snap install yq
diff --git a/.github/workflows/helm-docs.yaml b/.github/workflows/helm-docs.yaml
index 30074751d..ef31ac48c 100644
--- a/.github/workflows/helm-docs.yaml
+++ b/.github/workflows/helm-docs.yaml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-24.04
     if: github.repository == 'secureCodeBox/secureCodeBox'
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           ref: ${{ github.head_ref }}
           token: ${{ secrets.SCB_BOT_USER_TOKEN }}
diff --git a/.github/workflows/label-commenter.yml b/.github/workflows/label-commenter.yml
index abe871f66..ed9513323 100644
--- a/.github/workflows/label-commenter.yml
+++ b/.github/workflows/label-commenter.yml
@@ -19,7 +19,7 @@ jobs:
   comment:
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Label Commenter
         uses: peaceiris/actions-label-commenter@f0dbbef043eb1b150b566db36b0bdc8b7f505579 # v1.10.0
         with:
diff --git a/.github/workflows/license-check.yaml b/.github/workflows/license-check.yaml
index 5accc5694..eff256f09 100644
--- a/.github/workflows/license-check.yaml
+++ b/.github/workflows/license-check.yaml
@@ -19,7 +19,7 @@ jobs:
     if: github.repository == 'secureCodeBox/secureCodeBox'
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: REUSE Compliance Check
         uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6.0.0
diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
index f632e4a04..5c75d103c 100644
--- a/.github/workflows/mega-linter.yml
+++ b/.github/workflows/mega-linter.yml
@@ -36,7 +36,7 @@ jobs:
     steps:
       # Git Checkout
       - name: Checkout Code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
           fetch-depth: 0
diff --git a/.github/workflows/move-bot-pr-to-review.yaml b/.github/workflows/move-bot-pr-to-review.yaml
index 2e4bcfabc..10d9b2395 100644
--- a/.github/workflows/move-bot-pr-to-review.yaml
+++ b/.github/workflows/move-bot-pr-to-review.yaml
@@ -19,7 +19,7 @@ jobs:
     # only run if the branch starts with 'dependabot/' or 'dependencies/upgrading'
     if: startsWith(github.head_ref, 'dependabot/') || startsWith(github.head_ref, 'dependencies/upgrading')
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Add bot PR to project
         run: |
diff --git a/.github/workflows/oss-scorecard.yaml b/.github/workflows/oss-scorecard.yaml
index 2417a8a2d..ed8607416 100644
--- a/.github/workflows/oss-scorecard.yaml
+++ b/.github/workflows/oss-scorecard.yaml
@@ -20,7 +20,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -33,6 +33,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
+        uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml
index 3885bcdce..1a49c0e1c 100644
--- a/.github/workflows/release-build.yaml
+++ b/.github/workflows/release-build.yaml
@@ -31,7 +31,7 @@ jobs:
         component: ["operator", "lurker"]
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Docker Meta
         id: docker_meta
@@ -78,7 +78,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Docker Meta
         id: docker_meta
@@ -125,7 +125,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Docker Meta
         id: docker_meta
@@ -178,7 +178,7 @@ jobs:
           - hook-sdk
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Docker Meta
         id: docker_meta
@@ -231,7 +231,7 @@ jobs:
           - update-field-hook
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Docker Meta
         id: docker_meta
@@ -285,7 +285,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Docker Meta
         id: docker_meta
@@ -347,7 +347,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Docker Meta
         id: docker_meta
@@ -422,7 +422,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set ENV Var with Scanner Version
         uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
@@ -492,7 +492,7 @@ jobs:
           - test-scan
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Docker Meta
         id: docker_meta
@@ -552,7 +552,7 @@ jobs:
           - old-wordpress
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set ENV Var with Demo-Target Version
         uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
diff --git a/.github/workflows/scb-bot.yaml b/.github/workflows/scb-bot.yaml
index a7b0e597c..31c03c361 100644
--- a/.github/workflows/scb-bot.yaml
+++ b/.github/workflows/scb-bot.yaml
@@ -48,7 +48,7 @@ jobs:
           - zap-automation-framework
           # missing scanners are : nmap, nikto
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Import GPG key
         uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
@@ -189,7 +189,7 @@ jobs:
 
       - name: Create Pull Request
         if: ${{ env.release != env.local && env.prExists == 0 && env.release != null }}
-        uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0
+        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
         with:
           token: ${{ secrets.SCB_BOT_USER_TOKEN }}
           committer: secureCodeBoxBot <securecodebox@iteratec.com>

From 88f96f3367652dba437747b941b148b2ebd5281c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 27 Jan 2026 09:11:20 +0000
Subject: [PATCH 15/48] Bump the go-version-updates group across 3 directories
 with 1 update

Bumps the go-version-updates group with 1 update in the /auto-discovery/cloud-aws directory: [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime).
Bumps the go-version-updates group with 1 update in the /auto-discovery/kubernetes directory: [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime).
Bumps the go-version-updates group with 1 update in the /operator directory: [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime).


Updates `sigs.k8s.io/controller-runtime` from 0.23.0 to 0.23.1
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.23.0...v0.23.1)

Updates `sigs.k8s.io/controller-runtime` from 0.23.0 to 0.23.1
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.23.0...v0.23.1)

Updates `sigs.k8s.io/controller-runtime` from 0.23.0 to 0.23.1
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.23.0...v0.23.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.23.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-version-updates
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.23.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-version-updates
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.23.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 auto-discovery/cloud-aws/go.mod  | 4 ++--
 auto-discovery/cloud-aws/go.sum  | 8 ++++----
 auto-discovery/kubernetes/go.mod | 4 ++--
 auto-discovery/kubernetes/go.sum | 8 ++++----
 operator/go.mod                  | 4 ++--
 operator/go.sum                  | 8 ++++----
 6 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/auto-discovery/cloud-aws/go.mod b/auto-discovery/cloud-aws/go.mod
index 4eb1badf1..a8dac2a7f 100644
--- a/auto-discovery/cloud-aws/go.mod
+++ b/auto-discovery/cloud-aws/go.mod
@@ -17,7 +17,7 @@ require (
 	k8s.io/api v0.35.0
 	k8s.io/client-go v0.35.0
 	k8s.io/klog/v2 v2.130.1
-	sigs.k8s.io/controller-runtime v0.23.0
+	sigs.k8s.io/controller-runtime v0.23.1
 	sigs.k8s.io/yaml v1.6.0
 )
 
@@ -98,7 +98,7 @@ require (
 	sigs.k8s.io/kustomize/api v0.20.1 // indirect
 	sigs.k8s.io/kustomize/kyaml v0.20.1 // indirect
 	sigs.k8s.io/randfill v1.0.0 // indirect
-	sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482 // indirect
 )
 
 require (
diff --git a/auto-discovery/cloud-aws/go.sum b/auto-discovery/cloud-aws/go.sum
index 2f4cff1ac..d41acf2ed 100644
--- a/auto-discovery/cloud-aws/go.sum
+++ b/auto-discovery/cloud-aws/go.sum
@@ -242,8 +242,8 @@ k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZ
 k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-sigs.k8s.io/controller-runtime v0.23.0 h1:Ubi7klJWiwEWqDY+odSVZiFA0aDSevOCXpa38yCSYu8=
-sigs.k8s.io/controller-runtime v0.23.0/go.mod h1:DBOIr9NsprUqCZ1ZhsuJ0wAnQSIxY/C6VjZbmLgw0j0=
+sigs.k8s.io/controller-runtime v0.23.1 h1:TjJSM80Nf43Mg21+RCy3J70aj/W6KyvDtOlpKf+PupE=
+sigs.k8s.io/controller-runtime v0.23.1/go.mod h1:B6COOxKptp+YaUT5q4l6LqUJTRpizbgf9KSRNdQGns0=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
 sigs.k8s.io/kustomize/api v0.20.1 h1:iWP1Ydh3/lmldBnH/S5RXgT98vWYMaTUL1ADcr+Sv7I=
@@ -252,7 +252,7 @@ sigs.k8s.io/kustomize/kyaml v0.20.1 h1:PCMnA2mrVbRP3NIB6v9kYCAc38uvFLVs8j/CD567A
 sigs.k8s.io/kustomize/kyaml v0.20.1/go.mod h1:0EmkQHRUsJxY8Ug9Niig1pUMSCGHxQ5RklbpV/Ri6po=
 sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=
 sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY=
-sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco=
-sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482 h1:2WOzJpHUBVrrkDjU4KBT8n5LDcj824eX0I5UKcgeRUs=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
 sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs=
 sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4=
diff --git a/auto-discovery/kubernetes/go.mod b/auto-discovery/kubernetes/go.mod
index b6fd75fbf..06c18a2e0 100644
--- a/auto-discovery/kubernetes/go.mod
+++ b/auto-discovery/kubernetes/go.mod
@@ -17,7 +17,7 @@ require (
 	k8s.io/client-go v0.35.0
 	k8s.io/klog/v2 v2.130.1
 	k8s.io/utils v0.0.0-20251002143259-bc988d571ff4
-	sigs.k8s.io/controller-runtime v0.23.0
+	sigs.k8s.io/controller-runtime v0.23.1
 	sigs.k8s.io/yaml v1.6.0
 )
 
@@ -79,5 +79,5 @@ require (
 	k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect
 	sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect
 	sigs.k8s.io/randfill v1.0.0 // indirect
-	sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482 // indirect
 )
diff --git a/auto-discovery/kubernetes/go.sum b/auto-discovery/kubernetes/go.sum
index de2118361..b15f23fe5 100644
--- a/auto-discovery/kubernetes/go.sum
+++ b/auto-discovery/kubernetes/go.sum
@@ -234,13 +234,13 @@ k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZ
 k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-sigs.k8s.io/controller-runtime v0.23.0 h1:Ubi7klJWiwEWqDY+odSVZiFA0aDSevOCXpa38yCSYu8=
-sigs.k8s.io/controller-runtime v0.23.0/go.mod h1:DBOIr9NsprUqCZ1ZhsuJ0wAnQSIxY/C6VjZbmLgw0j0=
+sigs.k8s.io/controller-runtime v0.23.1 h1:TjJSM80Nf43Mg21+RCy3J70aj/W6KyvDtOlpKf+PupE=
+sigs.k8s.io/controller-runtime v0.23.1/go.mod h1:B6COOxKptp+YaUT5q4l6LqUJTRpizbgf9KSRNdQGns0=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
 sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=
 sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY=
-sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco=
-sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482 h1:2WOzJpHUBVrrkDjU4KBT8n5LDcj824eX0I5UKcgeRUs=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
 sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs=
 sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4=
diff --git a/operator/go.mod b/operator/go.mod
index 4ba2b9f47..c62ec15a7 100644
--- a/operator/go.mod
+++ b/operator/go.mod
@@ -15,7 +15,7 @@ require (
 	k8s.io/api v0.35.0
 	k8s.io/apimachinery v0.35.0
 	k8s.io/client-go v0.35.0
-	sigs.k8s.io/controller-runtime v0.23.0
+	sigs.k8s.io/controller-runtime v0.23.1
 )
 
 require (
@@ -36,7 +36,7 @@ require (
 	golang.org/x/sync v0.19.0 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
 	sigs.k8s.io/randfill v1.0.0 // indirect
-	sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482 // indirect
 )
 
 require (
diff --git a/operator/go.sum b/operator/go.sum
index 73dca4dd9..29b2f697b 100644
--- a/operator/go.sum
+++ b/operator/go.sum
@@ -243,13 +243,13 @@ k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 h1:Y3gxNAuB0OBLImH611+UDZ
 k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-sigs.k8s.io/controller-runtime v0.23.0 h1:Ubi7klJWiwEWqDY+odSVZiFA0aDSevOCXpa38yCSYu8=
-sigs.k8s.io/controller-runtime v0.23.0/go.mod h1:DBOIr9NsprUqCZ1ZhsuJ0wAnQSIxY/C6VjZbmLgw0j0=
+sigs.k8s.io/controller-runtime v0.23.1 h1:TjJSM80Nf43Mg21+RCy3J70aj/W6KyvDtOlpKf+PupE=
+sigs.k8s.io/controller-runtime v0.23.1/go.mod h1:B6COOxKptp+YaUT5q4l6LqUJTRpizbgf9KSRNdQGns0=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=
 sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
 sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=
 sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY=
-sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco=
-sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482 h1:2WOzJpHUBVrrkDjU4KBT8n5LDcj824eX0I5UKcgeRUs=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.2-0.20260122202528-d9cc6641c482/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
 sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs=
 sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4=

From 13ea10282fff4c9156c268ae2dc8b38f43306c14 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 26 Jan 2026 14:37:29 +0000
Subject: [PATCH 16/48] Update dependency go-task/task to v3.48.0

---
 .github/workflows/ci.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 1b9fb4bf4..87ef35936 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -30,7 +30,7 @@ env:
   # renovate: datasource=github-releases depName=helm-unittest/helm-unittest
   HELM_PLUGIN_UNITTEST_VERSION: "1.0.3"
   # renovate: datasource=github-releases depName=go-task/task
-  TASK_VERSION: "v3.46.4"
+  TASK_VERSION: "v3.48.0"
 
 jobs:
   test-nodejs-scanner-test-helpers:

From 77c88706a26831cf50cdaea25b4a7e73f22eec44 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 21 Jan 2026 23:04:37 +0000
Subject: [PATCH 17/48] Bump lodash-es from 4.17.21 to 4.17.23 in
 /hooks/cascading-scans/hook

Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash-es
  dependency-version: 4.17.23
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 hooks/cascading-scans/hook/package-lock.json | 9 ++++-----
 hooks/cascading-scans/hook/package.json      | 2 +-
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/hooks/cascading-scans/hook/package-lock.json b/hooks/cascading-scans/hook/package-lock.json
index 4169c86b3..0458f1041 100644
--- a/hooks/cascading-scans/hook/package-lock.json
+++ b/hooks/cascading-scans/hook/package-lock.json
@@ -11,7 +11,7 @@
       "dependencies": {
         "@kubernetes/client-node": "^1.3.0",
         "ip-address": "^10.0.1",
-        "lodash-es": "^4.17.21",
+        "lodash-es": "^4.17.23",
         "matcher": "^5.0.0",
         "mustache": "^4.2.0",
         "parse-domain": "^8.2.2"
@@ -1118,10 +1118,9 @@
       }
     },
     "node_modules/lodash-es": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz",
-      "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw==",
-      "license": "MIT"
+      "version": "4.17.23",
+      "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.23.tgz",
+      "integrity": "sha512-kVI48u3PZr38HdYz98UmfPnXl2DXrpdctLrFLCd3kOx1xUkOmpFPx7gCWWM5MPkL/fD8zb+Ph0QzjGFs4+hHWg=="
     },
     "node_modules/matcher": {
       "version": "5.0.0",
diff --git a/hooks/cascading-scans/hook/package.json b/hooks/cascading-scans/hook/package.json
index be0ccea30..3ca579273 100644
--- a/hooks/cascading-scans/hook/package.json
+++ b/hooks/cascading-scans/hook/package.json
@@ -40,7 +40,7 @@
   "dependencies": {
     "@kubernetes/client-node": "^1.3.0",
     "ip-address": "^10.0.1",
-    "lodash-es": "^4.17.21",
+    "lodash-es": "^4.17.23",
     "matcher": "^5.0.0",
     "mustache": "^4.2.0",
     "parse-domain": "^8.2.2"

From cedf24c14b81538943be35d3e862b08f6db51a9d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 27 Jan 2026 09:06:21 +0000
Subject: [PATCH 18/48] Bump @types/node

Bumps the npm-version-updates group with 1 update in the /parser-sdk/nodejs directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 25.0.9 to 25.0.10
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.0.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 parser-sdk/nodejs/package-lock.json | 14 +++++++-------
 parser-sdk/nodejs/package.json      |  2 +-
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json
index b284e7c57..d4784d5d0 100644
--- a/parser-sdk/nodejs/package-lock.json
+++ b/parser-sdk/nodejs/package-lock.json
@@ -16,7 +16,7 @@
         "jsonpointer": "^5.0.1"
       },
       "devDependencies": {
-        "@types/node": "^25.0.9"
+        "@types/node": "^25.0.10"
       }
     },
     "node_modules/@jsep-plugin/assignment": {
@@ -81,9 +81,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "25.0.9",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.9.tgz",
-      "integrity": "sha512-/rpCXHlCWeqClNBwUhDcusJxXYDjZTyE8v5oTO7WbL8eij2nKhUeU89/6xgjU7N4/Vh3He0BtyhJdQbDyhiXAw==",
+      "version": "25.0.10",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.10.tgz",
+      "integrity": "sha512-zWW5KPngR/yvakJgGOmZ5vTBemDoSqF3AcV/LrO5u5wTWyEAVVh+IT39G4gtyAkh3CtTZs8aX/yRM82OfzHJRg==",
       "dependencies": {
         "undici-types": "~7.16.0"
       }
@@ -885,9 +885,9 @@
       "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg=="
     },
     "@types/node": {
-      "version": "25.0.9",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.9.tgz",
-      "integrity": "sha512-/rpCXHlCWeqClNBwUhDcusJxXYDjZTyE8v5oTO7WbL8eij2nKhUeU89/6xgjU7N4/Vh3He0BtyhJdQbDyhiXAw==",
+      "version": "25.0.10",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.10.tgz",
+      "integrity": "sha512-zWW5KPngR/yvakJgGOmZ5vTBemDoSqF3AcV/LrO5u5wTWyEAVVh+IT39G4gtyAkh3CtTZs8aX/yRM82OfzHJRg==",
       "requires": {
         "undici-types": "~7.16.0"
       }
diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json
index 1a2b90ddc..61f8d5b99 100644
--- a/parser-sdk/nodejs/package.json
+++ b/parser-sdk/nodejs/package.json
@@ -18,6 +18,6 @@
     "jsonpointer": "^5.0.1"
   },
   "devDependencies": {
-    "@types/node": "^25.0.9"
+    "@types/node": "^25.0.10"
   }
 }

From e729d32d39eede784b65e5c57ed8cb3c996a1c86 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 27 Jan 2026 09:04:33 +0000
Subject: [PATCH 19/48] Bump the npm-version-updates group in /documentation
 with 5 updates

Bumps the npm-version-updates group in /documentation with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.3` | `19.2.4` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.8` | `19.2.9` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.3` | `19.2.4` |
| [sass](https://github.com/sass/dart-sass) | `1.97.2` | `1.97.3` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.0.9` | `25.0.10` |


Updates `react` from 19.2.3 to 19.2.4
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react)

Updates `@types/react` from 19.2.8 to 19.2.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.2.3 to 19.2.4
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react-dom)

Updates `sass` from 1.97.2 to 1.97.3
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.97.2...1.97.3)

Updates `@types/node` from 25.0.9 to 25.0.10
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/react` from 19.2.8 to 19.2.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

---
updated-dependencies:
- dependency-name: react
  dependency-version: 19.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
- dependency-name: "@types/react"
  dependency-version: 19.2.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
- dependency-name: react-dom
  dependency-version: 19.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
- dependency-name: sass
  dependency-version: 1.97.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
- dependency-name: "@types/node"
  dependency-version: 25.0.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
- dependency-name: "@types/react"
  dependency-version: 19.2.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 documentation/package-lock.json | 40 ++++++++++++++++-----------------
 documentation/package.json      |  8 +++----
 2 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/documentation/package-lock.json b/documentation/package-lock.json
index e38ab301d..fcc0e42ff 100644
--- a/documentation/package-lock.json
+++ b/documentation/package-lock.json
@@ -21,8 +21,8 @@
         "mustache": "^4.2.0",
         "node-fetch": "^3.1.1",
         "prism-react-renderer": "^2.4.1",
-        "react": "^19.2.3",
-        "react-dom": "^19.2.3",
+        "react": "^19.2.4",
+        "react-dom": "^19.2.4",
         "rimraf": "^6.1.2",
         "sass": "1.97"
       },
@@ -30,8 +30,8 @@
         "@docusaurus/module-type-aliases": "^3.6.0",
         "@docusaurus/tsconfig": "^3.9.2",
         "@docusaurus/types": "^3.6.0",
-        "@types/node": "^25.0.9",
-        "@types/react": "^19.2.8",
+        "@types/node": "^25.0.10",
+        "@types/react": "^19.2.9",
         "@types/react-helmet": "^6.1.11",
         "@types/react-router-dom": "^5.1.8",
         "sass-loader": "^16.0.6",
@@ -5449,9 +5449,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "25.0.9",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.9.tgz",
-      "integrity": "sha512-/rpCXHlCWeqClNBwUhDcusJxXYDjZTyE8v5oTO7WbL8eij2nKhUeU89/6xgjU7N4/Vh3He0BtyhJdQbDyhiXAw==",
+      "version": "25.0.10",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.10.tgz",
+      "integrity": "sha512-zWW5KPngR/yvakJgGOmZ5vTBemDoSqF3AcV/LrO5u5wTWyEAVVh+IT39G4gtyAkh3CtTZs8aX/yRM82OfzHJRg==",
       "license": "MIT",
       "dependencies": {
         "undici-types": "~7.16.0"
@@ -5490,9 +5490,9 @@
       "license": "MIT"
     },
     "node_modules/@types/react": {
-      "version": "19.2.8",
-      "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.8.tgz",
-      "integrity": "sha512-3MbSL37jEchWZz2p2mjntRZtPt837ij10ApxKfgmXCTuHWagYg7iA5bqPw6C8BMPfwidlvfPI/fxOc42HLhcyg==",
+      "version": "19.2.9",
+      "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.9.tgz",
+      "integrity": "sha512-Lpo8kgb/igvMIPeNV2rsYKTgaORYdO1XGVZ4Qz3akwOj0ySGYMPlQWa8BaLn0G63D1aSaAQ5ldR06wCpChQCjA==",
       "license": "MIT",
       "dependencies": {
         "csstype": "^3.2.2"
@@ -15993,24 +15993,24 @@
       }
     },
     "node_modules/react": {
-      "version": "19.2.3",
-      "resolved": "https://registry.npmjs.org/react/-/react-19.2.3.tgz",
-      "integrity": "sha512-Ku/hhYbVjOQnXDZFv2+RibmLFGwFdeeKHFcOTlrt7xplBnya5OGn/hIRDsqDiSUcfORsDC7MPxwork8jBwsIWA==",
+      "version": "19.2.4",
+      "resolved": "https://registry.npmjs.org/react/-/react-19.2.4.tgz",
+      "integrity": "sha512-9nfp2hYpCwOjAN+8TZFGhtWEwgvWHXqESH8qT89AT/lWklpLON22Lc8pEtnpsZz7VmawabSU0gCjnj8aC0euHQ==",
       "license": "MIT",
       "engines": {
         "node": ">=0.10.0"
       }
     },
     "node_modules/react-dom": {
-      "version": "19.2.3",
-      "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.2.3.tgz",
-      "integrity": "sha512-yELu4WmLPw5Mr/lmeEpox5rw3RETacE++JgHqQzd2dg+YbJuat3jH4ingc+WPZhxaoFzdv9y33G+F7Nl5O0GBg==",
+      "version": "19.2.4",
+      "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.2.4.tgz",
+      "integrity": "sha512-AXJdLo8kgMbimY95O2aKQqsz2iWi9jMgKJhRBAxECE4IFxfcazB2LmzloIoibJI3C12IlY20+KFaLv+71bUJeQ==",
       "license": "MIT",
       "dependencies": {
         "scheduler": "^0.27.0"
       },
       "peerDependencies": {
-        "react": "^19.2.3"
+        "react": "^19.2.4"
       }
     },
     "node_modules/react-fast-compare": {
@@ -16960,9 +16960,9 @@
       "license": "MIT"
     },
     "node_modules/sass": {
-      "version": "1.97.2",
-      "resolved": "https://registry.npmjs.org/sass/-/sass-1.97.2.tgz",
-      "integrity": "sha512-y5LWb0IlbO4e97Zr7c3mlpabcbBtS+ieiZ9iwDooShpFKWXf62zz5pEPdwrLYm+Bxn1fnbwFGzHuCLSA9tBmrw==",
+      "version": "1.97.3",
+      "resolved": "https://registry.npmjs.org/sass/-/sass-1.97.3.tgz",
+      "integrity": "sha512-fDz1zJpd5GycprAbu4Q2PV/RprsRtKC/0z82z0JLgdytmcq0+ujJbJ/09bPGDxCLkKY3Np5cRAOcWiVkLXJURg==",
       "license": "MIT",
       "dependencies": {
         "chokidar": "^4.0.0",
diff --git a/documentation/package.json b/documentation/package.json
index 03e6da4e9..632fd3082 100644
--- a/documentation/package.json
+++ b/documentation/package.json
@@ -31,8 +31,8 @@
     "mustache": "^4.2.0",
     "node-fetch": "^3.1.1",
     "prism-react-renderer": "^2.4.1",
-    "react": "^19.2.3",
-    "react-dom": "^19.2.3",
+    "react": "^19.2.4",
+    "react-dom": "^19.2.4",
     "rimraf": "^6.1.2",
     "sass": "1.97"
   },
@@ -52,8 +52,8 @@
     "@docusaurus/module-type-aliases": "^3.6.0",
     "@docusaurus/tsconfig": "^3.9.2",
     "@docusaurus/types": "^3.6.0",
-    "@types/node": "^25.0.9",
-    "@types/react": "^19.2.8",
+    "@types/node": "^25.0.10",
+    "@types/react": "^19.2.9",
     "@types/react-helmet": "^6.1.11",
     "@types/react-router-dom": "^5.1.8",
     "sass-loader": "^16.0.6",

From 4e46c63663e80f2a7eefd1f5c05fc5a78bc66aac Mon Sep 17 00:00:00 2001
From: Samreet Singh <samreet.singh@iteratec.com>
Date: Thu, 22 Jan 2026 11:50:26 +0100
Subject: [PATCH 20/48]  #3051 Add on-/off-boarding section

Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
---
 .../docs/contributing/project-management.md   | 25 ++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/documentation/docs/contributing/project-management.md b/documentation/docs/contributing/project-management.md
index d33a6c62d..cce4c567b 100644
--- a/documentation/docs/contributing/project-management.md
+++ b/documentation/docs/contributing/project-management.md
@@ -37,6 +37,29 @@ In our GitHub organization we have several teams:
 
 ## On- and Off-Boarding
 
-**TODO** Describe on-/off-boarding
+For on- and off-boarding we create an issue for each member. On- and off-boardings need to be done by a member of the _admin-team_.
+
+### On-boarding
+
+- _core-team_:
+  - Add to our GitHub organization with following roles:
+    - core-team
+    - contributer-Team
+- _admin-team_ (additionally to the _core-team_ on-boarding):
+  - Add to our GitHub organization with following roles:
+    - admin-team
+  - Register user to Sonatype
+  - Add to OWASP valut
+
+### Off-boarding
+
+- _core-team_:
+  - Remove role:
+    - core-team
+- _admin-team_:
+  - Remove role:
+    - admin-team
+  - Remove user from SonaType
+  - Remove access to OWASP vault
 
 [google-shared-drive]: https://drive.google.com/drive/folders/1cwAjEyEabdj4By-Ox6ho49NiT-vQUeDq?usp=drive_link

From ec576ce2eaf0523bb7df96f22fcd631273f02d06 Mon Sep 17 00:00:00 2001
From: Samreet Singh <samreet.singh@iteratec.com>
Date: Thu, 22 Jan 2026 13:10:18 +0100
Subject: [PATCH 21/48]  #3051 fix typos

Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
---
 documentation/docs/contributing/project-management.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/documentation/docs/contributing/project-management.md b/documentation/docs/contributing/project-management.md
index cce4c567b..fa349afec 100644
--- a/documentation/docs/contributing/project-management.md
+++ b/documentation/docs/contributing/project-management.md
@@ -12,18 +12,18 @@ Under the topic "project management" we describe how we do the organizational st
 
 - We use GitHub for source code and issue management:
   - We have an own organization named [secureCodeBox](https://github.com/secureCodeBox/).
-  - Management of issues is done with a belonging [project](https://github.com/orgs/secureCodeBox/projects/6).
+  - Management of issues is done with a corresponding [project](https://github.com/orgs/secureCodeBox/projects/6).
 - We use the OWASP Google Workspace:
   - A [shared drive][google-shared-drive] to store meeting notes.
   - And a project calendar:
-    - [internal link](https://calendar.google.com/calendar/u/0?cid=Y19mODdhNThiMGNmZjNmMWMwMTk5ZjlhNDc1MjVjMmNiMGU3NjkwZmRjMTliZTI2NDlmMGU5YjlmMDA1ZTc3Mjc4QGdyb3VwLmNhbGVuZGFyLmdvb2dsZS5jb20)
-    - [public link](https://calendar.google.com/calendar/u/0/embed?src=c_f87a58b0cff3f1c0199f9a47525c2cb0e7690fdc19be2649f0e9b9f005e77278@group.calendar.google.com&ctz=Europe/Berlin)
+    - [Internal link](https://calendar.google.com/calendar/u/0?cid=Y19mODdhNThiMGNmZjNmMWMwMTk5ZjlhNDc1MjVjMmNiMGU3NjkwZmRjMTliZTI2NDlmMGU5YjlmMDA1ZTc3Mjc4QGdyb3VwLmNhbGVuZGFyLmdvb2dsZS5jb20)
+    - [Public link](https://calendar.google.com/calendar/u/0/embed?src=c_f87a58b0cff3f1c0199f9a47525c2cb0e7690fdc19be2649f0e9b9f005e77278@group.calendar.google.com&ctz=Europe/Berlin)
 
 ## Teams
 
 In our GitHub organization we have several teams:
 
-1. _admin-team_: members are the _project leads_. 
+1. _admin-team_: Members are the _project leads_. 
 2. _core-team_: Company sponsored core team.
 3. _contributor-team_: Active contributors from the community.
 4. _bot-team_: Team containing all bots allowed to push directly to the main branch.

From 0be34395b6bd09909a6e696e5a3971278dec7597 Mon Sep 17 00:00:00 2001
From: Jannik Hollenbach <jannik@hollenbach.de>
Date: Tue, 27 Jan 2026 13:06:01 +0100
Subject: [PATCH 22/48] Update
 documentation/docs/contributing/project-management.md

Co-authored-by: Sven Strittmatter <ich@weltraumschaf.de>
Signed-off-by: Jannik Hollenbach <jannik@hollenbach.de>
---
 documentation/docs/contributing/project-management.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/documentation/docs/contributing/project-management.md b/documentation/docs/contributing/project-management.md
index fa349afec..f233a133f 100644
--- a/documentation/docs/contributing/project-management.md
+++ b/documentation/docs/contributing/project-management.md
@@ -49,7 +49,7 @@ For on- and off-boarding we create an issue for each member. On- and off-boardin
   - Add to our GitHub organization with following roles:
     - admin-team
   - Register user to Sonatype
-  - Add to OWASP valut
+  - Add to [OWASP valut](https://team-securecodebox.1password.com/)
 
 ### Off-boarding
 

From 8c2720d30eb50a4c0ea8a17fd218c97f72b1ba8f Mon Sep 17 00:00:00 2001
From: secureCodeBoxBot <securecodebox@iteratec.com>
Date: Thu, 29 Jan 2026 09:27:55 +0000
Subject: [PATCH 23/48] Upgrading nuclei from v3.6.2 to v3.7.0

Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
---
 scanners/nuclei/Chart.yaml                      | 2 +-
 scanners/nuclei/README.md                       | 2 +-
 scanners/nuclei/docs/README.DockerHub-Parser.md | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/scanners/nuclei/Chart.yaml b/scanners/nuclei/Chart.yaml
index 1b245dfcb..a4f76ad41 100644
--- a/scanners/nuclei/Chart.yaml
+++ b/scanners/nuclei/Chart.yaml
@@ -8,7 +8,7 @@ description: A Helm chart for the nuclei security scanner that integrates with t
 type: application
 # version - gets automatically set to the secureCodeBox release version when the helm charts gets published
 version: v3.1.0-alpha1
-appVersion: "v3.6.2"
+appVersion: "v3.7.0"
 kubeVersion: ">=v1.11.0-0"
 annotations:
   versionApi: https://api.github.com/repos/projectdiscovery/nuclei/releases/latest
diff --git a/scanners/nuclei/README.md b/scanners/nuclei/README.md
index 658b1b4cb..fe4b59bc7 100644
--- a/scanners/nuclei/README.md
+++ b/scanners/nuclei/README.md
@@ -3,7 +3,7 @@ title: "Nuclei"
 category: "scanner"
 type: "Website"
 state: "released"
-appVersion: "v3.6.2"
+appVersion: "v3.7.0"
 usecase: "Nuclei is a fast, template based vulnerability scanner."
 ---
 
diff --git a/scanners/nuclei/docs/README.DockerHub-Parser.md b/scanners/nuclei/docs/README.DockerHub-Parser.md
index 4419e4793..d9b96a0a1 100644
--- a/scanners/nuclei/docs/README.DockerHub-Parser.md
+++ b/scanners/nuclei/docs/README.DockerHub-Parser.md
@@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht
 
 ## Supported Tags
 - `latest`  (represents the latest stable release build)
-- tagged releases, e.g. `v3.6.2`
+- tagged releases, e.g. `v3.7.0`
 
 ## How to use this image
 This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/nuclei.

From 17246d0a6a102a98bdafdcc0c84784da46a44f8a Mon Sep 17 00:00:00 2001
From: mazmar <mazmart@gmail.com>
Date: Tue, 27 Jan 2026 11:12:43 +0100
Subject: [PATCH 24/48] feat: allow extra volumes and volume mounts for CSI
 secrets and other volumes

Signed-off-by: Matus Szepe <mazmart@gmail.com>
---
 operator/templates/manager/manager.yaml | 16 ++++++++++++---
 operator/values.yaml                    | 26 +++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/operator/templates/manager/manager.yaml b/operator/templates/manager/manager.yaml
index a0ea08895..a6661074e 100644
--- a/operator/templates/manager/manager.yaml
+++ b/operator/templates/manager/manager.yaml
@@ -19,11 +19,16 @@ spec:
       labels:
         control-plane: securecodebox-controller-manager
     spec:
-      {{- if .Values.customCACertificate.existingCertificate }}
+      {{- if or .Values.customCACertificate.existingCertificate .Values.extraVolumes }}
       volumes:
+        {{- if .Values.customCACertificate.existingCertificate }}
         - name: ca-certificate
           configMap:
             name: {{ .Values.customCACertificate.existingCertificate }}
+        {{- end }}
+        {{- range .Values.extraVolumes }}
+        - {{ toYaml . | nindent 10 }}
+        {{- end }}
       {{- end }}
       serviceAccountName: {{ .Values.serviceAccount.name }}
       securityContext:
@@ -38,11 +43,16 @@ spec:
           args:
           - --leader-elect
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}"
-          {{- if .Values.customCACertificate.existingCertificate }}
+          {{- if or .Values.customCACertificate.existingCertificate .Values.extraVolumeMounts }}
           volumeMounts:
+            {{- if .Values.customCACertificate.existingCertificate }}
             - name: ca-certificate
               mountPath: /etc/ssl/certs/{{ .Values.customCACertificate.certificate }}
               subPath: {{ .Values.customCACertificate.certificate }}
+            {{- end }}
+            {{- range .Values.extraVolumeMounts }}
+            - {{ toYaml . | nindent 14 }}
+            {{- end }}
           {{- end }}
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           name: manager
@@ -90,7 +100,7 @@ spec:
               value: {{ .Values.s3.bucket }}
             {{- if .Values.s3.port }}
             - name: S3_PORT
-              value: {{ .Values.s3.port }}
+              value: {{ .Values.s3.port | quote }}
             {{- end }}
             - name: S3_AUTH_TYPE
               value: {{ .Values.s3.authType }}
diff --git a/operator/values.yaml b/operator/values.yaml
index e77448e74..468a21c4f 100644
--- a/operator/values.yaml
+++ b/operator/values.yaml
@@ -29,6 +29,32 @@ customCACertificate:
   # -- key in the configmap holding the certificate(s)
   certificate: "public.crt"
 
+
+# -- Additional volumes to be mounted to the operator deployment
+extraVolumes: [ ]
+# Example:
+# extraVolumes:
+#   - name: ssl-certificates 
+#     secret:
+#       secretName: ssl-cert-secret
+#   - name: config-volume
+#     configMap:
+#       name: operator-config
+#   - name: cache-volume 
+#     emptyDir: {}
+
+# -- Additional volume mounts to be mounted to the operator deployment
+extraVolumeMounts: [ ]
+# Example:
+# extraVolumeMounts:
+#   - name: ssl-certificates
+#     mountPath: /etc/ssl/certs
+#     readOnly: true
+#   - name: config-volume 
+#     mountPath: /etc/config
+#   - name: cache-volume
+#     mountPath: /cache
+
 serviceAccount:
   # -- Name of the serviceAccount the operator uses to talk to the k8s api
   name: securecodebox-operator

From 87d0be9772d1a98974be9fb90e660d1533e58d67 Mon Sep 17 00:00:00 2001
From: Matus Szepe <mazmart@gmail.com>
Date: Wed, 28 Jan 2026 16:51:09 +0100
Subject: [PATCH 25/48] added to contributors

Signed-off-by: Matus Szepe <mazmart@gmail.com>
---
 CONTRIBUTORS.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md
index d6071c23b..a8a78389e 100644
--- a/CONTRIBUTORS.md
+++ b/CONTRIBUTORS.md
@@ -62,3 +62,4 @@ Committing with `git commit -s` will add the sign-off at the end of the commit m
 - Joel Saß <joel.sass@iteratec.com>
 - Patrick Weiss <patrick.weiss@iteratec.com>
 - Conleth Kennedy <conlethkennedy@gmail.com>
+- Matus Szepe <mazmart@gmail.com>

From c65bb04f124384aa83c0b47893312978364dc41f Mon Sep 17 00:00:00 2001
From: secureCodeBoxBot <securecodebox@iteratec.com>
Date: Thu, 29 Jan 2026 13:42:01 +0000
Subject: [PATCH 26/48] Updating Helm Docs

Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
---
 operator/README.md                  | 2 ++
 operator/docs/README.ArtifactHub.md | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/operator/README.md b/operator/README.md
index dbe5d527b..172c938f9 100644
--- a/operator/README.md
+++ b/operator/README.md
@@ -73,6 +73,8 @@ helm install securecodebox-operator oci://ghcr.io/securecodebox/helm/operator
 | customCACertificate | object | `{"certificate":"public.crt","existingCertificate":null}` | Setup for Custom CA certificates. These are automatically mounted into every secureCodeBox component (lurker, parser & hooks). Requires that every namespace has a configmap with the CA certificate(s) |
 | customCACertificate.certificate | string | `"public.crt"` | key in the configmap holding the certificate(s) |
 | customCACertificate.existingCertificate | string | `nil` | name of the configMap holding the ca certificate(s), needs to be the same across all namespaces |
+| extraVolumeMounts | list | `[]` | Additional volume mounts to be mounted to the operator deployment |
+| extraVolumes | list | `[]` | Additional volumes to be mounted to the operator deployment |
 | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images |
 | image.repository | string | `"docker.io/securecodebox/operator"` | The operator image repository |
 | image.tag | string | defaults to the charts version | Parser image tag |
diff --git a/operator/docs/README.ArtifactHub.md b/operator/docs/README.ArtifactHub.md
index f86b7a5fb..bec0ea13b 100644
--- a/operator/docs/README.ArtifactHub.md
+++ b/operator/docs/README.ArtifactHub.md
@@ -78,6 +78,8 @@ helm install securecodebox-operator oci://ghcr.io/securecodebox/helm/operator
 | customCACertificate | object | `{"certificate":"public.crt","existingCertificate":null}` | Setup for Custom CA certificates. These are automatically mounted into every secureCodeBox component (lurker, parser & hooks). Requires that every namespace has a configmap with the CA certificate(s) |
 | customCACertificate.certificate | string | `"public.crt"` | key in the configmap holding the certificate(s) |
 | customCACertificate.existingCertificate | string | `nil` | name of the configMap holding the ca certificate(s), needs to be the same across all namespaces |
+| extraVolumeMounts | list | `[]` | Additional volume mounts to be mounted to the operator deployment |
+| extraVolumes | list | `[]` | Additional volumes to be mounted to the operator deployment |
 | image.pullPolicy | string | `"IfNotPresent"` | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images |
 | image.repository | string | `"docker.io/securecodebox/operator"` | The operator image repository |
 | image.tag | string | defaults to the charts version | Parser image tag |

From 4c3c770f722cddd658182f4ed4687c21509097d4 Mon Sep 17 00:00:00 2001
From: Sven Strittmatter <sven.strittmatter@iteratec.com>
Date: Thu, 29 Jan 2026 17:04:33 +0100
Subject: [PATCH 27/48] Add dockerHub And SonaType To On-/Off-Boarding

Signed-off-by: Sven Strittmatter <sven.strittmatter@iteratec.com>
---
 .../docs/contributing/project-management.md   | 26 +++++++++++++++----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/documentation/docs/contributing/project-management.md b/documentation/docs/contributing/project-management.md
index f233a133f..8124179b6 100644
--- a/documentation/docs/contributing/project-management.md
+++ b/documentation/docs/contributing/project-management.md
@@ -21,13 +21,29 @@ Under the topic "project management" we describe how we do the organizational st
 
 ## Teams
 
-In our GitHub organization we have several teams:
+### GitHub
+
+In our [GitHub organization](https://github.com/secureCodeBox) we have several teams:
 
 1. _admin-team_: Members are the _project leads_. 
 2. _core-team_: Company sponsored core team.
 3. _contributor-team_: Active contributors from the community.
 4. _bot-team_: Team containing all bots allowed to push directly to the main branch.
 
+### DockerHub
+
+In our [DockerHub organization](https://hub.docker.com/u/securecodebox) we have several teams:
+
+1. _adminteam_: Members are the _project leads_.
+2. _coreteam_: Company sponsored core team.
+3. _botteam_: Team containing all bot accounts.
+
+### Sonatype (Maven Central)
+
+In our [Sonatype organization](https://central.sonatype.com/) we have the namespace "io.securecodebox" for Java Maven artifacts.
+
+Users of this namespace are the _project leads_ and a bot user for deployments.
+
 ## Organizational
 
 - The _project leads_ do a regular sync meeting:
@@ -48,8 +64,8 @@ For on- and off-boarding we create an issue for each member. On- and off-boardin
 - _admin-team_ (additionally to the _core-team_ on-boarding):
   - Add to our GitHub organization with following roles:
     - admin-team
-  - Register user to Sonatype
-  - Add to [OWASP valut](https://team-securecodebox.1password.com/)
+  - Register user at [Sonatype](https://central.sonatype.com/) & add to namespace "io.securecodebox"
+  - Add to [OWASP valut](https://team-securecodebox.1password.com/).
 
 ### Off-boarding
 
@@ -59,7 +75,7 @@ For on- and off-boarding we create an issue for each member. On- and off-boardin
 - _admin-team_:
   - Remove role:
     - admin-team
-  - Remove user from SonaType
-  - Remove access to OWASP vault
+  - Remove user from namespace "io.securecodebox" in [SonaType]((https://central.sonatype.com/)).
+  - Remove access to [OWASP valut](https://team-securecodebox.1password.com/).
 
 [google-shared-drive]: https://drive.google.com/drive/folders/1cwAjEyEabdj4By-Ox6ho49NiT-vQUeDq?usp=drive_link

From 5f67a2c1a6750715e7c759c95c78bc616f7dd899 Mon Sep 17 00:00:00 2001
From: Sven Strittmatter <sven.strittmatter@iteratec.com>
Date: Tue, 3 Feb 2026 14:22:19 +0100
Subject: [PATCH 28/48] Fix Duplicated Parens In Link

Signed-off-by: Sven Strittmatter <sven.strittmatter@iteratec.com>
---
 documentation/docs/contributing/project-management.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/documentation/docs/contributing/project-management.md b/documentation/docs/contributing/project-management.md
index 8124179b6..76b0fa94e 100644
--- a/documentation/docs/contributing/project-management.md
+++ b/documentation/docs/contributing/project-management.md
@@ -75,7 +75,7 @@ For on- and off-boarding we create an issue for each member. On- and off-boardin
 - _admin-team_:
   - Remove role:
     - admin-team
-  - Remove user from namespace "io.securecodebox" in [SonaType]((https://central.sonatype.com/)).
   - Remove access to [OWASP valut](https://team-securecodebox.1password.com/).
+  - Remove user from namespace "io.securecodebox" in [SonaType](https://central.sonatype.com/).
 
 [google-shared-drive]: https://drive.google.com/drive/folders/1cwAjEyEabdj4By-Ox6ho49NiT-vQUeDq?usp=drive_link

From 285631e50d85d1978e3bc4aeccf247c4e7eb54e3 Mon Sep 17 00:00:00 2001
From: Sven Strittmatter <sven.strittmatter@iteratec.com>
Date: Tue, 3 Feb 2026 14:22:27 +0100
Subject: [PATCH 29/48] Fix Spelling

Signed-off-by: Sven Strittmatter <sven.strittmatter@iteratec.com>
---
 documentation/docs/contributing/project-management.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/documentation/docs/contributing/project-management.md b/documentation/docs/contributing/project-management.md
index 76b0fa94e..73ec7464e 100644
--- a/documentation/docs/contributing/project-management.md
+++ b/documentation/docs/contributing/project-management.md
@@ -75,7 +75,7 @@ For on- and off-boarding we create an issue for each member. On- and off-boardin
 - _admin-team_:
   - Remove role:
     - admin-team
-  - Remove access to [OWASP valut](https://team-securecodebox.1password.com/).
   - Remove user from namespace "io.securecodebox" in [SonaType](https://central.sonatype.com/).
+  - Remove access to [OWASP vault](https://team-securecodebox.1password.com/).
 
 [google-shared-drive]: https://drive.google.com/drive/folders/1cwAjEyEabdj4By-Ox6ho49NiT-vQUeDq?usp=drive_link

From ee3e863b6d5dc8adcab735d64f66d8ebd78bff8e Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 4 Feb 2026 21:44:23 +0000
Subject: [PATCH 30/48] chore(deps): update golang docker tag to v1.25.7

---
 auto-discovery/cloud-aws/Dockerfile                        | 2 +-
 auto-discovery/kubernetes/Dockerfile                       | 2 +-
 auto-discovery/kubernetes/pull-secret-extractor/Dockerfile | 2 +-
 lurker/Dockerfile                                          | 2 +-
 operator/Dockerfile                                        | 2 +-
 scanners/git-repo-scanner/scanner/Dockerfile               | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/auto-discovery/cloud-aws/Dockerfile b/auto-discovery/cloud-aws/Dockerfile
index 02bd163c4..3c5b86e86 100644
--- a/auto-discovery/cloud-aws/Dockerfile
+++ b/auto-discovery/cloud-aws/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the service binary
-FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.7 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/auto-discovery/kubernetes/Dockerfile b/auto-discovery/kubernetes/Dockerfile
index e4579e4c8..b2373d5ed 100644
--- a/auto-discovery/kubernetes/Dockerfile
+++ b/auto-discovery/kubernetes/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the manager binary
-FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.7 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile b/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile
index 656591d0f..3d92c15bb 100644
--- a/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile
+++ b/auto-discovery/kubernetes/pull-secret-extractor/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the pull-secret-extractor binary
-FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.7 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/lurker/Dockerfile b/lurker/Dockerfile
index 7e02b7289..64550ee98 100644
--- a/lurker/Dockerfile
+++ b/lurker/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the manager binary
-FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.7 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/operator/Dockerfile b/operator/Dockerfile
index f92ca3747..8631e172d 100644
--- a/operator/Dockerfile
+++ b/operator/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the manager binary
-FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.7 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
diff --git a/scanners/git-repo-scanner/scanner/Dockerfile b/scanners/git-repo-scanner/scanner/Dockerfile
index 6746a554c..751c628ef 100644
--- a/scanners/git-repo-scanner/scanner/Dockerfile
+++ b/scanners/git-repo-scanner/scanner/Dockerfile
@@ -3,7 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 # Build the pull-secret-extractor binary
-FROM --platform=$BUILDPLATFORM golang:1.25.6 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25.7 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests

From 090185761bb32ced5712a833b0544ca074586e42 Mon Sep 17 00:00:00 2001
From: secureCodeBoxBot <securecodebox@iteratec.com>
Date: Thu, 5 Feb 2026 09:29:23 +0000
Subject: [PATCH 31/48] Upgrading semgrep from 1.149.0 to 1.151.0

Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
---
 scanners/semgrep/Chart.yaml                      | 2 +-
 scanners/semgrep/README.md                       | 2 +-
 scanners/semgrep/docs/README.DockerHub-Parser.md | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/scanners/semgrep/Chart.yaml b/scanners/semgrep/Chart.yaml
index b737a4d0b..7f11fb093 100644
--- a/scanners/semgrep/Chart.yaml
+++ b/scanners/semgrep/Chart.yaml
@@ -22,7 +22,7 @@ version: "v3.1.0-alpha1"
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.149.0"
+appVersion: "1.151.0"
 annotations:
   versionApi: https://api.github.com/repos/semgrep/semgrep/releases/latest
   supported-platforms: linux/amd64,linux/arm64
diff --git a/scanners/semgrep/README.md b/scanners/semgrep/README.md
index 2b87263d1..3de2c7989 100644
--- a/scanners/semgrep/README.md
+++ b/scanners/semgrep/README.md
@@ -3,7 +3,7 @@ title: "Semgrep"
 category: "scanner"
 type: "Repository"
 state: "released"
-appVersion: "1.149.0"
+appVersion: "1.151.0"
 usecase: "Static Code Analysis"
 ---
 
diff --git a/scanners/semgrep/docs/README.DockerHub-Parser.md b/scanners/semgrep/docs/README.DockerHub-Parser.md
index e4b712913..7ae3d87a6 100644
--- a/scanners/semgrep/docs/README.DockerHub-Parser.md
+++ b/scanners/semgrep/docs/README.DockerHub-Parser.md
@@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht
 
 ## Supported Tags
 - `latest`  (represents the latest stable release build)
-- tagged releases, e.g. `1.149.0`
+- tagged releases, e.g. `1.151.0`
 
 ## How to use this image
 This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/semgrep.

From 101a7d3ed9f5eb9f484335a7d810089d27569bcb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Feb 2026 19:45:39 +0000
Subject: [PATCH 32/48] Bump @isaacs/brace-expansion

Bumps the npm-security-updates group with 1 update in the /documentation directory: @isaacs/brace-expansion.


Updates `@isaacs/brace-expansion` from 5.0.0 to 5.0.1

---
updated-dependencies:
- dependency-name: "@isaacs/brace-expansion"
  dependency-version: 5.0.1
  dependency-type: indirect
  dependency-group: npm-security-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 documentation/package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/documentation/package-lock.json b/documentation/package-lock.json
index fcc0e42ff..0c07d264f 100644
--- a/documentation/package-lock.json
+++ b/documentation/package-lock.json
@@ -4093,9 +4093,9 @@
       }
     },
     "node_modules/@isaacs/brace-expansion": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.0.tgz",
-      "integrity": "sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==",
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.1.tgz",
+      "integrity": "sha512-WMz71T1JS624nWj2n2fnYAuPovhv7EUhk69R6i9dsVyzxt5eM3bjwvgk9L+APE1TRscGysAVMANkB0jh0LQZrQ==",
       "license": "MIT",
       "dependencies": {
         "@isaacs/balanced-match": "^4.0.1"

From 427e992b388e42d1c7a081d2f25c2a11b6443843 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Feb 2026 09:40:01 +0000
Subject: [PATCH 33/48] Bump the go-version-updates group across 3 directories
 with 2 updates

Bumps the go-version-updates group with 2 updates in the /auto-discovery/cloud-aws directory: [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) and [github.com/onsi/gomega](https://github.com/onsi/gomega).
Bumps the go-version-updates group with 1 update in the /auto-discovery/kubernetes directory: [github.com/onsi/gomega](https://github.com/onsi/gomega).
Bumps the go-version-updates group with 1 update in the /operator directory: [github.com/onsi/gomega](https://github.com/onsi/gomega).


Updates `github.com/onsi/ginkgo/v2` from 2.27.5 to 2.28.1
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v2.27.5...v2.28.1)

Updates `github.com/onsi/gomega` from 1.39.0 to 1.39.1
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.39.0...v1.39.1)

Updates `github.com/onsi/gomega` from 1.39.0 to 1.39.1
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.39.0...v1.39.1)

Updates `github.com/onsi/gomega` from 1.39.0 to 1.39.1
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.39.0...v1.39.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.28.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-version-updates
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.39.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-version-updates
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.39.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-version-updates
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.39.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 auto-discovery/cloud-aws/go.mod  | 22 ++++++++--------
 auto-discovery/cloud-aws/go.sum  | 44 ++++++++++++++++----------------
 auto-discovery/kubernetes/go.mod | 14 +++++-----
 auto-discovery/kubernetes/go.sum | 44 ++++++++++++++++----------------
 operator/go.mod                  | 12 ++++-----
 operator/go.sum                  | 40 ++++++++++++++---------------
 6 files changed, 88 insertions(+), 88 deletions(-)

diff --git a/auto-discovery/cloud-aws/go.mod b/auto-discovery/cloud-aws/go.mod
index a8dac2a7f..7e3a155a6 100644
--- a/auto-discovery/cloud-aws/go.mod
+++ b/auto-discovery/cloud-aws/go.mod
@@ -10,8 +10,8 @@ require (
 	github.com/aws/aws-sdk-go v1.55.8
 	github.com/go-logr/logr v1.4.3
 	github.com/novln/docker-parser v1.0.0
-	github.com/onsi/ginkgo/v2 v2.27.5
-	github.com/onsi/gomega v1.39.0
+	github.com/onsi/ginkgo/v2 v2.28.1
+	github.com/onsi/gomega v1.39.1
 	github.com/secureCodeBox/secureCodeBox/auto-discovery/kubernetes v0.0.0-20250811150403-217d256e71c1
 	github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589
 	k8s.io/api v0.35.0
@@ -45,7 +45,7 @@ require (
 	github.com/google/btree v1.1.3 // indirect
 	github.com/google/gnostic-models v0.7.0 // indirect
 	github.com/google/go-cmp v0.7.0 // indirect
-	github.com/google/pprof v0.0.0-20250820193118-f64d9cf942d6 // indirect
+	github.com/google/pprof v0.0.0-20260115054156-294ebfa9ad83 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
 	github.com/huandu/xstrings v1.5.0 // indirect
@@ -76,16 +76,16 @@ require (
 	go.uber.org/zap v1.27.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.3 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/crypto v0.45.0 // indirect
-	golang.org/x/mod v0.29.0 // indirect
-	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/crypto v0.47.0 // indirect
+	golang.org/x/mod v0.32.0 // indirect
+	golang.org/x/net v0.49.0 // indirect
 	golang.org/x/oauth2 v0.30.0 // indirect
-	golang.org/x/sync v0.18.0 // indirect
-	golang.org/x/sys v0.38.0 // indirect
-	golang.org/x/term v0.37.0 // indirect
-	golang.org/x/text v0.31.0 // indirect
+	golang.org/x/sync v0.19.0 // indirect
+	golang.org/x/sys v0.40.0 // indirect
+	golang.org/x/term v0.39.0 // indirect
+	golang.org/x/text v0.33.0 // indirect
 	golang.org/x/time v0.11.0 // indirect
-	golang.org/x/tools v0.38.0 // indirect
+	golang.org/x/tools v0.41.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
 	google.golang.org/protobuf v1.36.8 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
diff --git a/auto-discovery/cloud-aws/go.sum b/auto-discovery/cloud-aws/go.sum
index d41acf2ed..a0675c891 100644
--- a/auto-discovery/cloud-aws/go.sum
+++ b/auto-discovery/cloud-aws/go.sum
@@ -64,8 +64,8 @@ github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/pprof v0.0.0-20250820193118-f64d9cf942d6 h1:EEHtgt9IwisQ2AZ4pIsMjahcegHh6rmhqxzIRQIyepY=
-github.com/google/pprof v0.0.0-20250820193118-f64d9cf942d6/go.mod h1:I6V7YzU0XDpsHqbsyrghnFZLO1gwK6NPTNvmetQIk9U=
+github.com/google/pprof v0.0.0-20260115054156-294ebfa9ad83 h1:z2ogiKUYzX5Is6zr/vP9vJGqPwcdqsWjOt+V8J7+bTc=
+github.com/google/pprof v0.0.0-20260115054156-294ebfa9ad83/go.mod h1:MxpfABSjhmINe3F1It9d+8exIHFvUqtLIRCdOGNXqiI=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA=
@@ -124,10 +124,10 @@ github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
-github.com/onsi/ginkgo/v2 v2.27.5 h1:ZeVgZMx2PDMdJm/+w5fE/OyG6ILo1Y3e+QX4zSR0zTE=
-github.com/onsi/ginkgo/v2 v2.27.5/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo=
-github.com/onsi/gomega v1.39.0 h1:y2ROC3hKFmQZJNFeGAMeHZKkjBL65mIZcvrLQBF9k6Q=
-github.com/onsi/gomega v1.39.0/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4=
+github.com/onsi/ginkgo/v2 v2.28.1 h1:S4hj+HbZp40fNKuLUQOYLDgZLwNUVn19N3Atb98NCyI=
+github.com/onsi/ginkgo/v2 v2.28.1/go.mod h1:CLtbVInNckU3/+gC8LzkGUb9oF+e8W8TdUsxPwvdOgE=
+github.com/onsi/gomega v1.39.1 h1:1IJLAad4zjPn2PsnhH70V4DKRFlrCzGBNrNaru+Vf28=
+github.com/onsi/gomega v1.39.1/go.mod h1:hL6yVALoTOxeWudERyfppUcZXjMwIMLnuSfruD2lcfg=
 github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=
 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
@@ -186,27 +186,27 @@ go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0=
 go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8=
 go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
 go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
-golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
-golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
-golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
-golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
-golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
-golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
+golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
+golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
+golang.org/x/mod v0.32.0 h1:9F4d3PHLljb6x//jOyokMv3eX+YDeepZSEo3mFJy93c=
+golang.org/x/mod v0.32.0/go.mod h1:SgipZ/3h2Ci89DlEtEXWUk/HteuRin+HHhN+WbNhguU=
+golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o=
+golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8=
 golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
 golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
-golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
-golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
+golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
-golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
-golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
-golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
-golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
+golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
+golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY=
+golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww=
+golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
+golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
 golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
 golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
-golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
-golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
+golang.org/x/tools v0.41.0 h1:a9b8iMweWG+S0OBnlU36rzLp20z1Rp10w+IY2czHTQc=
+golang.org/x/tools v0.41.0/go.mod h1:XSY6eDqxVNiYgezAVqqCeihT4j1U2CCsqvH3WhQpnlg=
 gomodules.xyz/jsonpatch/v2 v2.5.0 h1:JELs8RLM12qJGXU4u/TO3V25KW8GreMKl9pdkk14RM0=
 gomodules.xyz/jsonpatch/v2 v2.5.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY=
 google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc=
diff --git a/auto-discovery/kubernetes/go.mod b/auto-discovery/kubernetes/go.mod
index 06c18a2e0..16b9e15a3 100644
--- a/auto-discovery/kubernetes/go.mod
+++ b/auto-discovery/kubernetes/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/Masterminds/sprig v2.22.0+incompatible
 	github.com/go-logr/logr v1.4.3
 	github.com/onsi/ginkgo v1.16.5
-	github.com/onsi/gomega v1.39.0
+	github.com/onsi/gomega v1.39.1
 	github.com/secureCodeBox/secureCodeBox/operator v0.0.0-20250409151104-b2c7b64c9589
 	k8s.io/api v0.35.0
 	k8s.io/apimachinery v0.35.0
@@ -61,13 +61,13 @@ require (
 	go.uber.org/zap v1.27.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.3 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/crypto v0.45.0 // indirect
-	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/crypto v0.47.0 // indirect
+	golang.org/x/net v0.49.0 // indirect
 	golang.org/x/oauth2 v0.30.0 // indirect
-	golang.org/x/sync v0.18.0 // indirect
-	golang.org/x/sys v0.38.0 // indirect
-	golang.org/x/term v0.37.0 // indirect
-	golang.org/x/text v0.31.0 // indirect
+	golang.org/x/sync v0.19.0 // indirect
+	golang.org/x/sys v0.40.0 // indirect
+	golang.org/x/term v0.39.0 // indirect
+	golang.org/x/text v0.33.0 // indirect
 	golang.org/x/time v0.11.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
 	google.golang.org/protobuf v1.36.8 // indirect
diff --git a/auto-discovery/kubernetes/go.sum b/auto-discovery/kubernetes/go.sum
index b15f23fe5..090c2a7a4 100644
--- a/auto-discovery/kubernetes/go.sum
+++ b/auto-discovery/kubernetes/go.sum
@@ -59,8 +59,8 @@ github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8=
-github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
+github.com/google/pprof v0.0.0-20260115054156-294ebfa9ad83 h1:z2ogiKUYzX5Is6zr/vP9vJGqPwcdqsWjOt+V8J7+bTc=
+github.com/google/pprof v0.0.0-20260115054156-294ebfa9ad83/go.mod h1:MxpfABSjhmINe3F1It9d+8exIHFvUqtLIRCdOGNXqiI=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
@@ -101,12 +101,12 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
-github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns=
-github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo=
+github.com/onsi/ginkgo/v2 v2.28.0 h1:Rrf+lVLmtlBIKv6KrIGJCjyY8N36vDVcutbGJkyqjJc=
+github.com/onsi/ginkgo/v2 v2.28.0/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
-github.com/onsi/gomega v1.39.0 h1:y2ROC3hKFmQZJNFeGAMeHZKkjBL65mIZcvrLQBF9k6Q=
-github.com/onsi/gomega v1.39.0/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4=
+github.com/onsi/gomega v1.39.1 h1:1IJLAad4zjPn2PsnhH70V4DKRFlrCzGBNrNaru+Vf28=
+github.com/onsi/gomega v1.39.1/go.mod h1:hL6yVALoTOxeWudERyfppUcZXjMwIMLnuSfruD2lcfg=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -148,25 +148,25 @@ go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
-golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
+golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
+golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
-golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
+golang.org/x/mod v0.32.0 h1:9F4d3PHLljb6x//jOyokMv3eX+YDeepZSEo3mFJy93c=
+golang.org/x/mod v0.32.0/go.mod h1:SgipZ/3h2Ci89DlEtEXWUk/HteuRin+HHhN+WbNhguU=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
-golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
+golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o=
+golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8=
 golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
 golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
-golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
+golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -176,21 +176,21 @@ golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
-golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
-golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
+golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
+golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY=
+golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
-golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
+golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
+golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
 golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
 golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
-golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
+golang.org/x/tools v0.41.0 h1:a9b8iMweWG+S0OBnlU36rzLp20z1Rp10w+IY2czHTQc=
+golang.org/x/tools v0.41.0/go.mod h1:XSY6eDqxVNiYgezAVqqCeihT4j1U2CCsqvH3WhQpnlg=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff --git a/operator/go.mod b/operator/go.mod
index c62ec15a7..de220eb4c 100644
--- a/operator/go.mod
+++ b/operator/go.mod
@@ -11,7 +11,7 @@ require (
 	github.com/minio/minio-go/v7 v7.0.98
 	github.com/mitchellh/hashstructure/v2 v2.0.2
 	github.com/onsi/ginkgo v1.16.5
-	github.com/onsi/gomega v1.39.0
+	github.com/onsi/gomega v1.39.1
 	k8s.io/api v0.35.0
 	k8s.io/apimachinery v0.35.0
 	k8s.io/client-go v0.35.0
@@ -71,12 +71,12 @@ require (
 	github.com/spf13/pflag v1.0.9 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	golang.org/x/crypto v0.46.0 // indirect
-	golang.org/x/net v0.48.0 // indirect
+	golang.org/x/crypto v0.47.0 // indirect
+	golang.org/x/net v0.49.0 // indirect
 	golang.org/x/oauth2 v0.30.0 // indirect
-	golang.org/x/sys v0.39.0 // indirect
-	golang.org/x/term v0.38.0 // indirect
-	golang.org/x/text v0.32.0 // indirect
+	golang.org/x/sys v0.40.0 // indirect
+	golang.org/x/term v0.39.0 // indirect
+	golang.org/x/text v0.33.0 // indirect
 	golang.org/x/time v0.11.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
 	google.golang.org/protobuf v1.36.8 // indirect
diff --git a/operator/go.sum b/operator/go.sum
index 29b2f697b..b192f3e23 100644
--- a/operator/go.sum
+++ b/operator/go.sum
@@ -57,8 +57,8 @@ github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/pprof v0.0.0-20250403155104-27863c87afa6 h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8=
-github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
+github.com/google/pprof v0.0.0-20260115054156-294ebfa9ad83 h1:z2ogiKUYzX5Is6zr/vP9vJGqPwcdqsWjOt+V8J7+bTc=
+github.com/google/pprof v0.0.0-20260115054156-294ebfa9ad83/go.mod h1:MxpfABSjhmINe3F1It9d+8exIHFvUqtLIRCdOGNXqiI=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
@@ -104,12 +104,12 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
 github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
-github.com/onsi/ginkgo/v2 v2.27.2 h1:LzwLj0b89qtIy6SSASkzlNvX6WktqurSHwkk2ipF/Ns=
-github.com/onsi/ginkgo/v2 v2.27.2/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo=
+github.com/onsi/ginkgo/v2 v2.28.0 h1:Rrf+lVLmtlBIKv6KrIGJCjyY8N36vDVcutbGJkyqjJc=
+github.com/onsi/ginkgo/v2 v2.28.0/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
-github.com/onsi/gomega v1.39.0 h1:y2ROC3hKFmQZJNFeGAMeHZKkjBL65mIZcvrLQBF9k6Q=
-github.com/onsi/gomega v1.39.0/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4=
+github.com/onsi/gomega v1.39.1 h1:1IJLAad4zjPn2PsnhH70V4DKRFlrCzGBNrNaru+Vf28=
+github.com/onsi/gomega v1.39.1/go.mod h1:hL6yVALoTOxeWudERyfppUcZXjMwIMLnuSfruD2lcfg=
 github.com/philhofer/fwd v1.2.0 h1:e6DnBTl7vGY+Gz322/ASL4Gyp1FspeMvx1RNDoToZuM=
 github.com/philhofer/fwd v1.2.0/go.mod h1:RqIHx9QI14HlwKwm98g9Re5prTQ6LdeRQn+gXJFxsJM=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
@@ -157,18 +157,18 @@ go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
-golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
+golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
+golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.30.0 h1:fDEXFVZ/fmCKProc/yAXXUijritrDzahmwwefnjoPFk=
-golang.org/x/mod v0.30.0/go.mod h1:lAsf5O2EvJeSFMiBxXDki7sCgAxEUcZHXoXMKT4GJKc=
+golang.org/x/mod v0.32.0 h1:9F4d3PHLljb6x//jOyokMv3eX+YDeepZSEo3mFJy93c=
+golang.org/x/mod v0.32.0/go.mod h1:SgipZ/3h2Ci89DlEtEXWUk/HteuRin+HHhN+WbNhguU=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
-golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
+golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o=
+golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8=
 golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
 golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -185,21 +185,21 @@ golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
-golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/term v0.38.0 h1:PQ5pkm/rLO6HnxFR7N2lJHOZX6Kez5Y1gDSJla6jo7Q=
-golang.org/x/term v0.38.0/go.mod h1:bSEAKrOT1W+VSu9TSCMtoGEOUcKxOKgl3LE5QEF/xVg=
+golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
+golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY=
+golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
-golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
+golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
+golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
 golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
 golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.39.0 h1:ik4ho21kwuQln40uelmciQPp9SipgNDdrafrYA4TmQQ=
-golang.org/x/tools v0.39.0/go.mod h1:JnefbkDPyD8UU2kI5fuf8ZX4/yUeh9W877ZeBONxUqQ=
+golang.org/x/tools v0.41.0 h1:a9b8iMweWG+S0OBnlU36rzLp20z1Rp10w+IY2czHTQc=
+golang.org/x/tools v0.41.0/go.mod h1:XSY6eDqxVNiYgezAVqqCeihT4j1U2CCsqvH3WhQpnlg=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

From cd9b44923b399ead0b410a13b73cb5b2fbc58eba Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 3 Feb 2026 09:37:16 +0000
Subject: [PATCH 34/48] Bump the github-actions-version-updates group across 1
 directory with 4 updates

Bumps the github-actions-version-updates group with 4 updates in the /.github/workflows directory: [actions/cache](https://github.com/actions/cache), [github/codeql-action](https://github.com/github/codeql-action), [docker/login-action](https://github.com/docker/login-action) and [mikefarah/yq](https://github.com/mikefarah/yq).


Updates `actions/cache` from 5.0.2 to 5.0.3
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/8b402f58fbc84540c8b491a91e594a4576fec3d7...cdf6c1fa76f9f475f3d7449005a359c84ca0f306)

Updates `github/codeql-action` from 4.32.0 to 4.32.1
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/b20883b0cd1f46c72ae0ba6d1090936928f9fa30...6bc82e05fd0ea64601dd4b465378bbcf57de0314)

Updates `docker/login-action` from 3.6.0 to 3.7.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9)

Updates `mikefarah/yq` from 4.50.1 to 4.52.2
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](https://github.com/mikefarah/yq/compare/065b200af9851db0d5132f50bc10b1406ea5c0a8...2be0094729a1006f61e8339ce9934bfb3cbb549f)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: 5.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-version-updates
- dependency-name: github/codeql-action
  dependency-version: 4.32.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-version-updates
- dependency-name: docker/login-action
  dependency-version: 3.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-version-updates
- dependency-name: mikefarah/yq
  dependency-version: 4.52.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci.yaml            |  4 ++--
 .github/workflows/oss-scorecard.yaml |  2 +-
 .github/workflows/release-build.yaml | 26 +++++++++++++-------------
 .github/workflows/scb-bot.yaml       |  6 +++---
 4 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 87ef35936..e1c56e68e 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -161,13 +161,13 @@ jobs:
           java-package: jdk # (jre, jdk, or jdk+fx) - defaults to jdk
           architecture: x64 # (x64 or x86) - defaults to x64
       - name: Cache SonarCloud packages
-        uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
+        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar
           restore-keys: ${{ runner.os }}-sonar
       - name: Cache Gradle packages
-        uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
+        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
         with:
           path: ~/.gradle/caches
           key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
diff --git a/.github/workflows/oss-scorecard.yaml b/.github/workflows/oss-scorecard.yaml
index ed8607416..8cc03fa42 100644
--- a/.github/workflows/oss-scorecard.yaml
+++ b/.github/workflows/oss-scorecard.yaml
@@ -33,6 +33,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
+        uses: github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml
index 1a49c0e1c..76f848c27 100644
--- a/.github/workflows/release-build.yaml
+++ b/.github/workflows/release-build.yaml
@@ -48,7 +48,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
@@ -95,7 +95,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
@@ -142,7 +142,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
@@ -195,7 +195,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
@@ -248,7 +248,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
@@ -300,7 +300,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
@@ -364,7 +364,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
@@ -425,7 +425,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set ENV Var with Scanner Version
-        uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
+        uses: mikefarah/yq@2be0094729a1006f61e8339ce9934bfb3cbb549f # v4.52.2
         # Notice: The current version of the scanner is provided via the Chart.yaml to ensure
         # there is only one place to edit the version of a scanner
         with:
@@ -433,7 +433,7 @@ jobs:
 
       # extract the supported cpu architectures from the Chart.yaml
       - name: Set ENV Var with Supported Platforms
-        uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
+        uses: mikefarah/yq@2be0094729a1006f61e8339ce9934bfb3cbb549f # v4.52.2
         with:
           cmd: echo supportedPlatforms=$(yq e .annotations.supported-platforms scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV
 
@@ -450,7 +450,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
@@ -507,7 +507,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
@@ -555,7 +555,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Set ENV Var with Demo-Target Version
-        uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
+        uses: mikefarah/yq@2be0094729a1006f61e8339ce9934bfb3cbb549f # v4.52.2
         # Notice: The current version of the demo-target is provided via the Chart.yaml to ensure
         # there is only one place to edit the version of a scanner
         with:
@@ -575,7 +575,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Login to DockerHub
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_TOKEN }}
diff --git a/.github/workflows/scb-bot.yaml b/.github/workflows/scb-bot.yaml
index 31c03c361..cd1da7ade 100644
--- a/.github/workflows/scb-bot.yaml
+++ b/.github/workflows/scb-bot.yaml
@@ -61,14 +61,14 @@ jobs:
       # Fetching scanner version from local chart .appVersion attribute
       # this would look like 1.1.1 or v1.1.1 depending on the corresponding Docker image tag
       - name: Fetch local scanner version
-        uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
+        uses: mikefarah/yq@2be0094729a1006f61e8339ce9934bfb3cbb549f # v4.52.2
         with:
           cmd: echo local=$(yq e .appVersion scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV
 
       # Fetching scanner version API from local chart .annotations.versionApi attribute
       # This would look like https://api.github.com/repos/projectdiscovery/nuclei/releases/latest
       - name: Fetch scanner's version API
-        uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
+        uses: mikefarah/yq@2be0094729a1006f61e8339ce9934bfb3cbb549f # v4.52.2
         with:
           cmd: echo versionApi=$(yq e .annotations.versionApi scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV
 
@@ -143,7 +143,7 @@ jobs:
 
       - name: Upgrade Scanner Helm Chart
         if: ${{ env.release != env.local && env.prExists == 0 && env.release != null}}
-        uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
+        uses: mikefarah/yq@2be0094729a1006f61e8339ce9934bfb3cbb549f # v4.52.2
         with:
           # appVersion value in chart is replaced with release value. Empty lines are deleted in the process
           cmd: yq e --inplace '.appVersion = "${{env.release}}"' ./scanners/${{ matrix.scanner }}/Chart.yaml

From 4e5092f48aeba1a9e3afa601ee7a36c42d4cfa8c Mon Sep 17 00:00:00 2001
From: secureCodeBoxBot <securecodebox@iteratec.com>
Date: Fri, 6 Feb 2026 09:29:03 +0000
Subject: [PATCH 35/48] Upgrading trivy from 0.68.2 to 0.69.1

Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
---
 scanners/trivy/Chart.yaml | 2 +-
 scanners/trivy/README.md  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/scanners/trivy/Chart.yaml b/scanners/trivy/Chart.yaml
index 1f3ba175b..1f182d156 100644
--- a/scanners/trivy/Chart.yaml
+++ b/scanners/trivy/Chart.yaml
@@ -8,7 +8,7 @@ description: A Helm chart for the trivy security scanner that integrates with th
 type: application
 # version - gets automatically set to the secureCodeBox release version when the helm charts gets published
 version: v3.1.0-alpha1
-appVersion: "0.68.2"
+appVersion: "0.69.1"
 kubeVersion: ">=v1.11.0-0"
 annotations:
   versionApi: https://api.github.com/repos/aquasecurity/trivy/releases/latest
diff --git a/scanners/trivy/README.md b/scanners/trivy/README.md
index c0a97f235..de89b47b5 100644
--- a/scanners/trivy/README.md
+++ b/scanners/trivy/README.md
@@ -3,7 +3,7 @@ title: "Trivy"
 category: "scanner"
 type: "Container"
 state: "released"
-appVersion: "0.68.2"
+appVersion: "0.69.1"
 usecase: "Container Vulnerability Scanner"
 ---
 

From 8c6424085fbc3476fe715c55d27fd68bcd557831 Mon Sep 17 00:00:00 2001
From: secureCodeBoxBot <securecodebox@iteratec.com>
Date: Fri, 6 Feb 2026 09:29:09 +0000
Subject: [PATCH 36/48] Upgrading trivy-sbom from 0.68.2 to 0.69.1

Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
---
 scanners/trivy-sbom/Chart.yaml                      | 2 +-
 scanners/trivy-sbom/README.md                       | 2 +-
 scanners/trivy-sbom/docs/README.DockerHub-Parser.md | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/scanners/trivy-sbom/Chart.yaml b/scanners/trivy-sbom/Chart.yaml
index f32391d2b..bf968e6a8 100644
--- a/scanners/trivy-sbom/Chart.yaml
+++ b/scanners/trivy-sbom/Chart.yaml
@@ -8,7 +8,7 @@ description: A Helm chart for the trivy-sbom security scanner that integrates wi
 type: application
 # version - gets automatically set to the secureCodeBox release version when the helm charts gets published
 version: v3.1.0-alpha1
-appVersion: "0.68.2"
+appVersion: "0.69.1"
 kubeVersion: ">=v1.11.0-0"
 annotations:
   versionApi: https://api.github.com/repos/aquasecurity/trivy/releases/latest
diff --git a/scanners/trivy-sbom/README.md b/scanners/trivy-sbom/README.md
index 7d14f38eb..af32e2288 100644
--- a/scanners/trivy-sbom/README.md
+++ b/scanners/trivy-sbom/README.md
@@ -3,7 +3,7 @@ title: "Trivy SBOM"
 category: "scanner"
 type: "Container"
 state: "released"
-appVersion: "0.68.2"
+appVersion: "0.69.1"
 usecase: "Container Dependency Scanner"
 ---
 
diff --git a/scanners/trivy-sbom/docs/README.DockerHub-Parser.md b/scanners/trivy-sbom/docs/README.DockerHub-Parser.md
index c0ae5020a..2695e1f1a 100644
--- a/scanners/trivy-sbom/docs/README.DockerHub-Parser.md
+++ b/scanners/trivy-sbom/docs/README.DockerHub-Parser.md
@@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht
 
 ## Supported Tags
 - `latest`  (represents the latest stable release build)
-- tagged releases, e.g. `0.68.2`
+- tagged releases, e.g. `0.69.1`
 
 ## How to use this image
 This `parser` image is intended to work in combination with the corresponding security scanner docker image to parse the `findings` results. For more information details please take a look at the documentation page: https://www.securecodebox.io/docs/scanners/trivy-sbom.

From c44dc0a7901c41341c5ec493660f28f5101075ea Mon Sep 17 00:00:00 2001
From: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
Date: Tue, 10 Feb 2026 09:57:11 +0100
Subject: [PATCH 37/48] Add test for empty result files with
 includeTargetDomain flag set to true

Signed-off-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
---
 scanners/subfinder/parser/parser.test.js | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/scanners/subfinder/parser/parser.test.js b/scanners/subfinder/parser/parser.test.js
index 90c761b12..7eda01afd 100644
--- a/scanners/subfinder/parser/parser.test.js
+++ b/scanners/subfinder/parser/parser.test.js
@@ -42,6 +42,29 @@ test("should properly parse empty json file", async () => {
   expect(findings).toMatchSnapshot();
 });
 
+test("should properly parse empty json file with includeTargetDomain=true", async () => {
+  const scan = {
+    spec: {
+      scanType: "subfinder",
+      parameters: ["-timeout", "1", "-d", "example.com"],
+    },
+    metadata: {
+      annotations: {
+        "metadata.scan.securecodebox.io/subfinder":
+          "https://github.com/secureCodeBox/secureCodeBox",
+      },
+    },
+  };
+
+  const fileContent = await readFile(__dirname + "/__testFiles__/empty.jsonl", {
+    encoding: "utf8",
+  });
+  const findings = await parse(fileContent, scan, "true");
+  // validate findings
+  expect(validateParser(findings)).toBeUndefined();
+  expect(findings).toMatchSnapshot();
+});
+
 test("should properly parse subfinder json file and add target domain to findings with param -d", async () => {
   const scan = {
     spec: {

From fb88d67714de49d5abfc612931b3442acb3699dc Mon Sep 17 00:00:00 2001
From: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
Date: Tue, 10 Feb 2026 09:57:34 +0100
Subject: [PATCH 38/48] Fix bug when the results are empty but the
 includeTargetDomain is set

Signed-off-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
---
 .../parser/__snapshots__/parser.test.js.snap  | 21 +++++++++++++++++++
 scanners/subfinder/parser/parser.js           |  8 +++----
 2 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap
index 840f42518..e35673f89 100644
--- a/scanners/subfinder/parser/__snapshots__/parser.test.js.snap
+++ b/scanners/subfinder/parser/__snapshots__/parser.test.js.snap
@@ -604,3 +604,24 @@ exports[`should properly parse subfinder json file and add target domain to find
   },
 ]
 `;
+
+exports[`should properly parse empty json file with includeTargetDomain=true 1`] = `
+[
+  {
+    "attributes": {
+      "domain": "example.com",
+      "hostname": "example.com",
+      "ip_address": null,
+      "ip_addresses": [],
+      "source": "parser",
+    },
+    "category": "Subdomain",
+    "description": "Found subdomain example.com",
+    "identified_at": null,
+    "location": "example.com",
+    "name": "example.com",
+    "osi_layer": "NETWORK",
+    "severity": "INFORMATIONAL",
+  },
+]
+`;
diff --git a/scanners/subfinder/parser/parser.js b/scanners/subfinder/parser/parser.js
index 2afdfc93c..ffde45b73 100644
--- a/scanners/subfinder/parser/parser.js
+++ b/scanners/subfinder/parser/parser.js
@@ -10,8 +10,6 @@ export async function parse(
   includeTargetDomain = process.env["INCLUDE_TARGET_DOMAIN"]?.toLowerCase() ==
     "true",
 ) {
-  if (!fileContent && !includeTargetDomain) return [];
-
   const targets = parseResultFile(fileContent);
   const findings = transformToFindings(targets);
 
@@ -92,8 +90,10 @@ function transformToFindings(targets) {
  * @param {*} fileContent
  */
 function parseResultFile(fileContent) {
-  return fileContent
-    .trim()
+  const trimmed = fileContent.trim();
+  if (!trimmed) return [];
+  
+  return trimmed
     .split("\n")
     .map((line) => JSON.parse(line));
 }

From 1535335005dd9a962aaa3a6fa03e13d65d59a6b5 Mon Sep 17 00:00:00 2001
From: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
Date: Tue, 10 Feb 2026 09:59:38 +0100
Subject: [PATCH 39/48] Move param to a named param in a object

Makes it easier to understand what this bool flag is doing from the tests

Signed-off-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
---
 scanners/subfinder/parser/parser.js      | 6 ++++--
 scanners/subfinder/parser/parser.test.js | 8 ++++----
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/scanners/subfinder/parser/parser.js b/scanners/subfinder/parser/parser.js
index ffde45b73..6c5be9b78 100644
--- a/scanners/subfinder/parser/parser.js
+++ b/scanners/subfinder/parser/parser.js
@@ -7,9 +7,11 @@ const DOMAIN_FLAGS = ["-d", "-domain", "--domain"];
 export async function parse(
   fileContent,
   scan,
-  includeTargetDomain = process.env["INCLUDE_TARGET_DOMAIN"]?.toLowerCase() ==
-    "true",
+  options = {},
 ) {
+  const includeTargetDomain = options.includeTargetDomain ??
+    (process.env["INCLUDE_TARGET_DOMAIN"]?.toLowerCase() === "true");
+
   const targets = parseResultFile(fileContent);
   const findings = transformToFindings(targets);
 
diff --git a/scanners/subfinder/parser/parser.test.js b/scanners/subfinder/parser/parser.test.js
index 7eda01afd..8fc20c91b 100644
--- a/scanners/subfinder/parser/parser.test.js
+++ b/scanners/subfinder/parser/parser.test.js
@@ -59,7 +59,7 @@ test("should properly parse empty json file with includeTargetDomain=true", asyn
   const fileContent = await readFile(__dirname + "/__testFiles__/empty.jsonl", {
     encoding: "utf8",
   });
-  const findings = await parse(fileContent, scan, "true");
+  const findings = await parse(fileContent, scan, { includeTargetDomain: true });
   // validate findings
   expect(validateParser(findings)).toBeUndefined();
   expect(findings).toMatchSnapshot();
@@ -85,7 +85,7 @@ test("should properly parse subfinder json file and add target domain to finding
       encoding: "utf8",
     },
   );
-  const findings = await parse(fileContent, scan, "true");
+  const findings = await parse(fileContent, scan, { includeTargetDomain: true });
   // validate findings
   expect(validateParser(findings)).toBeUndefined();
   expect(findings).toMatchSnapshot();
@@ -111,7 +111,7 @@ test("should properly parse subfinder json file and add target domain to finding
       encoding: "utf8",
     },
   );
-  const findings = await parse(fileContent, scan, "true");
+  const findings = await parse(fileContent, scan, { includeTargetDomain: true });
   // validate findings
   expect(validateParser(findings)).toBeUndefined();
   expect(findings).toMatchSnapshot();
@@ -137,7 +137,7 @@ test("should properly parse subfinder json file and add target domain to finding
       encoding: "utf8",
     },
   );
-  const findings = await parse(fileContent, scan, "true");
+  const findings = await parse(fileContent, scan, { includeTargetDomain: true });
   // validate findings
   expect(validateParser(findings)).toBeUndefined();
   expect(findings).toMatchSnapshot();

From 60c1d26687d238ec4ff2dad33af9b18dfcc27d36 Mon Sep 17 00:00:00 2001
From: Samreet Singh <samreet.singh@iteratec.com>
Date: Thu, 5 Feb 2026 17:14:45 +0100
Subject: [PATCH 40/48] Update supported versions in docs to match security
 policy

Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
---
 documentation/docs/10-security.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/documentation/docs/10-security.md b/documentation/docs/10-security.md
index 287bf09d4..c46fd024c 100644
--- a/documentation/docs/10-security.md
+++ b/documentation/docs/10-security.md
@@ -10,16 +10,16 @@ title: "Security Policy"
 # Security Policy
 
 ## Supported Versions
+
 Our _release cycle_ for new features (minor [semver](https://semver.org/) update)
-is roughly every two weeks (we will usually make a new release after each review). 
+is roughly every four weeks (we will usually make a new release after each sprint review).
 
 | Version | Security Fixes* | Supported** |
 | ------- | ------------------ | ------------------ |
-| 4.x.x | :white_check_mark: | :white_check_mark: |
-| 3.15.x | :white_check_mark: | :white_check_mark: |
-| \<= 2.9.x | :x: | :x: |
-| \< 2.0 | :x: | :x: |
-
+| 5.x.x | :white_check_mark: | :white_check_mark: |
+| 4.16.x | Critical issues only | :x: |
+| <= 3.15.x | :x: | :x: |
+ 
 ### Major Release (Semver)
 _Upcoming major updates_ will come with a time window in which both _major versions_ (starting with v2.x.x)
 will receive security updates and bugfixes. The concrete support intervall will be probably a couple of months

From 1a06622689c6ad5eeb905005606f21a04b4f1d8d Mon Sep 17 00:00:00 2001
From: Samreet Singh <samreet.singh@iteratec.com>
Date: Thu, 5 Feb 2026 17:31:51 +0100
Subject: [PATCH 41/48] Fix formatting in ZAP description

Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
---
 scanners/zap-automation-framework/.helm-docs.gotmpl             | 2 +-
 scanners/zap-automation-framework/README.md                     | 2 +-
 scanners/zap-automation-framework/docs/README.ArtifactHub.md    | 2 +-
 .../zap-automation-framework/docs/README.DockerHub-Parser.md    | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/scanners/zap-automation-framework/.helm-docs.gotmpl b/scanners/zap-automation-framework/.helm-docs.gotmpl
index 250c6fbf3..c53c35d3a 100644
--- a/scanners/zap-automation-framework/.helm-docs.gotmpl
+++ b/scanners/zap-automation-framework/.helm-docs.gotmpl
@@ -27,7 +27,7 @@ usecase: "WebApp & OpenAPI Vulnerability Scanner"
 {{- define "extra.chartAboutSection" -}}
 ## What is ZAP?
 
-The [Zed Attack Proxy (ZAP)[zap project] is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
+The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
 
 The Automation Framework is an add-on that provides a framework that allows ZAP to be automated in an easy and flexible way.
 To learn more about the ZAP scanner itself visit [https://www.zaproxy.org/](https://www.zaproxy.org/).
diff --git a/scanners/zap-automation-framework/README.md b/scanners/zap-automation-framework/README.md
index 80281ce28..1f3a7758e 100644
--- a/scanners/zap-automation-framework/README.md
+++ b/scanners/zap-automation-framework/README.md
@@ -37,7 +37,7 @@ Otherwise your changes will be reverted/overwritten automatically due to the bui
 
 ## What is ZAP?
 
-The [Zed Attack Proxy (ZAP)[zap project] is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
+The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
 
 The Automation Framework is an add-on that provides a framework that allows ZAP to be automated in an easy and flexible way.
 To learn more about the ZAP scanner itself visit [https://www.zaproxy.org/](https://www.zaproxy.org/).
diff --git a/scanners/zap-automation-framework/docs/README.ArtifactHub.md b/scanners/zap-automation-framework/docs/README.ArtifactHub.md
index 581cb20d4..bb20ae675 100644
--- a/scanners/zap-automation-framework/docs/README.ArtifactHub.md
+++ b/scanners/zap-automation-framework/docs/README.ArtifactHub.md
@@ -42,7 +42,7 @@ You can find resources to help you get started on our [documentation website](ht
 
 ## What is ZAP?
 
-The [Zed Attack Proxy (ZAP)[zap project] is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
+The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
 
 The Automation Framework is an add-on that provides a framework that allows ZAP to be automated in an easy and flexible way.
 To learn more about the ZAP scanner itself visit [https://www.zaproxy.org/](https://www.zaproxy.org/).
diff --git a/scanners/zap-automation-framework/docs/README.DockerHub-Parser.md b/scanners/zap-automation-framework/docs/README.DockerHub-Parser.md
index 5ecc940e3..73d9f08d8 100644
--- a/scanners/zap-automation-framework/docs/README.DockerHub-Parser.md
+++ b/scanners/zap-automation-framework/docs/README.DockerHub-Parser.md
@@ -53,7 +53,7 @@ docker pull securecodebox/parser-zap-automation-framework
 
 ## What is ZAP?
 
-The [Zed Attack Proxy (ZAP)[zap project] is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
+The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
 
 The Automation Framework is an add-on that provides a framework that allows ZAP to be automated in an easy and flexible way.
 To learn more about the ZAP scanner itself visit [https://www.zaproxy.org/](https://www.zaproxy.org/).

From 212dc286058e05b9eb1ba78fe614cc4cc22df0bf Mon Sep 17 00:00:00 2001
From: Samreet Singh <samreet.singh@iteratec.com>
Date: Fri, 6 Feb 2026 10:09:18 +0100
Subject: [PATCH 42/48] Escape operator to fix build

Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
---
 documentation/docs/10-security.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/documentation/docs/10-security.md b/documentation/docs/10-security.md
index c46fd024c..aa06c703a 100644
--- a/documentation/docs/10-security.md
+++ b/documentation/docs/10-security.md
@@ -18,7 +18,7 @@ is roughly every four weeks (we will usually make a new release after each sprin
 | ------- | ------------------ | ------------------ |
 | 5.x.x | :white_check_mark: | :white_check_mark: |
 | 4.16.x | Critical issues only | :x: |
-| <= 3.15.x | :x: | :x: |
+| \<= 3.15.x | :x: | :x: |
  
 ### Major Release (Semver)
 _Upcoming major updates_ will come with a time window in which both _major versions_ (starting with v2.x.x)

From 9aa03e148c8b2ae740e2bc5f65051c8879e9cbcf Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 6 Feb 2026 10:32:54 +0000
Subject: [PATCH 43/48] Bump webpack

Bumps the npm-security-updates group with 1 update in the /documentation directory: [webpack](https://github.com/webpack/webpack).


Updates `webpack` from 5.96.1 to 5.105.0
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack/compare/v5.96.1...v5.105.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-version: 5.105.0
  dependency-type: indirect
  dependency-group: npm-security-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 documentation/package-lock.json | 210 +++++++++++++++-----------------
 1 file changed, 101 insertions(+), 109 deletions(-)

diff --git a/documentation/package-lock.json b/documentation/package-lock.json
index 0c07d264f..f49894f38 100644
--- a/documentation/package-lock.json
+++ b/documentation/package-lock.json
@@ -5310,9 +5310,9 @@
       }
     },
     "node_modules/@types/estree": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.6.tgz",
-      "integrity": "sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw==",
+      "version": "1.0.8",
+      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz",
+      "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==",
       "license": "MIT"
     },
     "node_modules/@types/estree-jsx": {
@@ -6321,9 +6321,9 @@
       "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="
     },
     "node_modules/baseline-browser-mapping": {
-      "version": "2.8.9",
-      "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.8.9.tgz",
-      "integrity": "sha512-hY/u2lxLrbecMEWSB0IpGzGyDyeoMFQhCvZd2jGFSE5I17Fh01sYUBPCJtkWERw7zrac9+cIghxm/ytJa2X8iA==",
+      "version": "2.9.19",
+      "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.9.19.tgz",
+      "integrity": "sha512-ipDqC8FrAl/76p2SSWKSI+H9tFwm7vYqXQrItCuiVPt26Km0jS+NzSsBWAaBusvSbQcfJG+JitdMm+wZAgTYqg==",
       "license": "Apache-2.0",
       "bin": {
         "baseline-browser-mapping": "dist/cli.js"
@@ -6500,9 +6500,9 @@
       }
     },
     "node_modules/browserslist": {
-      "version": "4.26.2",
-      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.26.2.tgz",
-      "integrity": "sha512-ECFzp6uFOSB+dcZ5BK/IBaGWssbSYBHvuMeMt3MMFyhI0Z8SqGgEkBLARgpRH3hutIgPVsALcMwbDrJqPxQ65A==",
+      "version": "4.28.1",
+      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.28.1.tgz",
+      "integrity": "sha512-ZC5Bd0LgJXgwGqUknZY/vkUQ04r8NXnJZ3yYi4vDmSiZmC/pdSN0NbNRPxZpbtO4uAfDUAFffO8IZoM3Gj8IkA==",
       "funding": [
         {
           "type": "opencollective",
@@ -6519,11 +6519,11 @@
       ],
       "license": "MIT",
       "dependencies": {
-        "baseline-browser-mapping": "^2.8.3",
-        "caniuse-lite": "^1.0.30001741",
-        "electron-to-chromium": "^1.5.218",
-        "node-releases": "^2.0.21",
-        "update-browserslist-db": "^1.1.3"
+        "baseline-browser-mapping": "^2.9.0",
+        "caniuse-lite": "^1.0.30001759",
+        "electron-to-chromium": "^1.5.263",
+        "node-releases": "^2.0.27",
+        "update-browserslist-db": "^1.2.0"
       },
       "bin": {
         "browserslist": "cli.js"
@@ -6673,9 +6673,9 @@
       }
     },
     "node_modules/caniuse-lite": {
-      "version": "1.0.30001745",
-      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001745.tgz",
-      "integrity": "sha512-ywt6i8FzvdgrrrGbr1jZVObnVv6adj+0if2/omv9cmR2oiZs30zL4DIyaptKcbOrBdOIc74QTMoJvSE2QHh5UQ==",
+      "version": "1.0.30001769",
+      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001769.tgz",
+      "integrity": "sha512-BCfFL1sHijQlBGWBMuJyhZUhzo7wer5sVj9hqekB/7xn0Ypy+pER/edCYQm4exbXj4WiySGp40P8UuTh6w1srg==",
       "funding": [
         {
           "type": "opencollective",
@@ -8324,9 +8324,9 @@
       "license": "MIT"
     },
     "node_modules/electron-to-chromium": {
-      "version": "1.5.227",
-      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.227.tgz",
-      "integrity": "sha512-ITxuoPfJu3lsNWUi2lBM2PaBPYgH3uqmxut5vmBxgYvyI4AlJ6P3Cai1O76mOrkJCBzq0IxWg/NtqOrpu/0gKA==",
+      "version": "1.5.286",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.286.tgz",
+      "integrity": "sha512-9tfDXhJ4RKFNerfjdCcZfufu49vg620741MNs26a9+bhLThdB+plgMeou98CAaHu/WATj2iHOOHTp1hWtABj2A==",
       "license": "ISC"
     },
     "node_modules/emoji-regex": {
@@ -8366,13 +8366,13 @@
       }
     },
     "node_modules/enhanced-resolve": {
-      "version": "5.17.1",
-      "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.17.1.tgz",
-      "integrity": "sha512-LMHl3dXhTcfv8gM4kEzIUeTQ+7fpdA0l2tUf34BddXPkz2A5xJ5L/Pchd5BL6rdccM9QGvu0sWZzK1Z1t4wwyg==",
+      "version": "5.19.0",
+      "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.19.0.tgz",
+      "integrity": "sha512-phv3E1Xl4tQOShqSte26C7Fl84EwUdZsyOuSSk9qtAGyyQs2s3jJzComh+Abf4g187lUUAvH+H26omrqia2aGg==",
       "license": "MIT",
       "dependencies": {
         "graceful-fs": "^4.2.4",
-        "tapable": "^2.2.0"
+        "tapable": "^2.3.0"
       },
       "engines": {
         "node": ">=10.13.0"
@@ -8416,9 +8416,10 @@
       }
     },
     "node_modules/es-module-lexer": {
-      "version": "1.4.1",
-      "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.4.1.tgz",
-      "integrity": "sha512-cXLGjP0c4T3flZJKQSuziYoq7MlT+rnvfZjfp7h+I7K9BNX54kP9nyWvdbwjQ4u1iWbOL4u96fgeZLToQlZC7w=="
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-2.0.0.tgz",
+      "integrity": "sha512-5POEcUuZybH7IdmGsD8wlf0AI55wMecM9rVBTI/qEAy2c1kTOm3DjFYjrBdI2K3BaJjJYfYFeRtM0t9ssnRuxw==",
+      "license": "MIT"
     },
     "node_modules/es-object-atoms": {
       "version": "1.1.1",
@@ -11018,11 +11019,16 @@
       "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg=="
     },
     "node_modules/loader-runner": {
-      "version": "4.3.0",
-      "resolved": "https://registry.npmjs.org/loader-runner/-/loader-runner-4.3.0.tgz",
-      "integrity": "sha512-3R/1M+yS3j5ou80Me59j7F9IMs4PXs3VqRrm0TU3AbKPxlmpoY1TNscJV/oGJXo8qCatFGTfDbY6W6ipGOYXfg==",
+      "version": "4.3.1",
+      "resolved": "https://registry.npmjs.org/loader-runner/-/loader-runner-4.3.1.tgz",
+      "integrity": "sha512-IWqP2SCPhyVFTBtRcgMHdzlf9ul25NwaFx4wCEH/KjAXuuHY4yNjvPXsBokp8jCB936PyWRaPKUNh8NvylLp2Q==",
+      "license": "MIT",
       "engines": {
         "node": ">=6.11.5"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/webpack"
       }
     },
     "node_modules/loader-utils": {
@@ -13691,9 +13697,9 @@
       }
     },
     "node_modules/node-releases": {
-      "version": "2.0.21",
-      "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.21.tgz",
-      "integrity": "sha512-5b0pgg78U3hwXkCM8Z9b2FJdPZlr9Psr9V2gQPESdGHqbntyFJKFW4r5TeWGFzafGY3hzs1JC62VEQMbl1JFkw==",
+      "version": "2.0.27",
+      "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.27.tgz",
+      "integrity": "sha512-nmh3lCkYZ3grZvqcCH+fjmQ7X+H0OeZgP40OierEaAptX4XofMh5kwNbWh7lBduUzCcV/8kZ+NDLCwm2iorIlA==",
       "license": "MIT"
     },
     "node_modules/nopt": {
@@ -17064,9 +17070,9 @@
       "license": "Apache-2.0"
     },
     "node_modules/schema-utils": {
-      "version": "4.3.2",
-      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-4.3.2.tgz",
-      "integrity": "sha512-Gn/JaSk/Mt9gYubxTtSn/QCV4em9mpAPiR1rqy/Ocu19u/G9J5WWdNoUT4SiV6mFC3y6cxyFcFwdzPM3FgxGAQ==",
+      "version": "4.3.3",
+      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-4.3.3.tgz",
+      "integrity": "sha512-eflK8wEtyOE6+hsaRVPxvUKYCpRgzLqDTb8krvAsRIwOGlHoSgYLgBXoubGgLd2fT41/OUYdb48v4k4WWHQurA==",
       "license": "MIT",
       "dependencies": {
         "@types/json-schema": "^7.0.9",
@@ -18045,11 +18051,16 @@
       }
     },
     "node_modules/tapable": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.2.1.tgz",
-      "integrity": "sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==",
+      "version": "2.3.0",
+      "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.3.0.tgz",
+      "integrity": "sha512-g9ljZiwki/LfxmQADO3dEY1CbpmXT5Hm2fJ+QaGKwSXUylMybePR7/67YW7jOrrvjEgL1Fmz5kzyAjWVWLlucg==",
+      "license": "MIT",
       "engines": {
         "node": ">=6"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/webpack"
       }
     },
     "node_modules/terser": {
@@ -18071,16 +18082,16 @@
       }
     },
     "node_modules/terser-webpack-plugin": {
-      "version": "5.3.10",
-      "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.10.tgz",
-      "integrity": "sha512-BKFPWlPDndPs+NGGCr1U59t0XScL5317Y0UReNrHaw9/FwhPENlq6bfgs+4yPfyP51vqC1bQ4rp1EfXW5ZSH9w==",
+      "version": "5.3.16",
+      "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.16.tgz",
+      "integrity": "sha512-h9oBFCWrq78NyWWVcSwZarJkZ01c2AyGrzs1crmHZO3QUg9D61Wu4NPjBy69n7JqylFF5y+CsUZYmYEIZ3mR+Q==",
       "license": "MIT",
       "dependencies": {
-        "@jridgewell/trace-mapping": "^0.3.20",
+        "@jridgewell/trace-mapping": "^0.3.25",
         "jest-worker": "^27.4.5",
-        "schema-utils": "^3.1.1",
-        "serialize-javascript": "^6.0.1",
-        "terser": "^5.26.0"
+        "schema-utils": "^4.3.0",
+        "serialize-javascript": "^6.0.2",
+        "terser": "^5.31.1"
       },
       "engines": {
         "node": ">= 10.13.0"
@@ -18117,23 +18128,6 @@
         "node": ">= 10.13.0"
       }
     },
-    "node_modules/terser-webpack-plugin/node_modules/schema-utils": {
-      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-3.3.0.tgz",
-      "integrity": "sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==",
-      "dependencies": {
-        "@types/json-schema": "^7.0.8",
-        "ajv": "^6.12.5",
-        "ajv-keywords": "^3.5.2"
-      },
-      "engines": {
-        "node": ">= 10.13.0"
-      },
-      "funding": {
-        "type": "opencollective",
-        "url": "https://opencollective.com/webpack"
-      }
-    },
     "node_modules/terser-webpack-plugin/node_modules/supports-color": {
       "version": "8.1.1",
       "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz",
@@ -18645,9 +18639,9 @@
       }
     },
     "node_modules/update-browserslist-db": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.1.3.tgz",
-      "integrity": "sha512-UxhIZQ+QInVdunkDAaiazvvT/+fXL5Osr0JZlJulepYu6Jd7qJtDZjlur0emRlT71EN3ScPoE7gvsuIKKNavKw==",
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.2.3.tgz",
+      "integrity": "sha512-Js0m9cx+qOgDxo0eMiFGEueWztz+d4+M3rGlmKPT+T4IS/jP4ylw3Nwpu6cpTTP8R1MAC1kF4VbdLt3ARf209w==",
       "funding": [
         {
           "type": "opencollective",
@@ -18937,9 +18931,9 @@
       }
     },
     "node_modules/watchpack": {
-      "version": "2.4.2",
-      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.2.tgz",
-      "integrity": "sha512-TnbFSbcOCcDgjZ4piURLCbJ3nJhznVh9kw6F6iokjiFPl8ONxe9A6nMDVXDiNbrSfLILs6vB07F7wLBrwPYzJw==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.5.1.tgz",
+      "integrity": "sha512-Zn5uXdcFNIA1+1Ei5McRd+iRzfhENPCe7LeABkJtNulSxjma+l7ltNx55BWZkRlwRnpOgHqxnjyaDgJnNXnqzg==",
       "license": "MIT",
       "dependencies": {
         "glob-to-regexp": "^0.4.1",
@@ -18976,34 +18970,36 @@
       }
     },
     "node_modules/webpack": {
-      "version": "5.96.1",
-      "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.96.1.tgz",
-      "integrity": "sha512-l2LlBSvVZGhL4ZrPwyr8+37AunkcYj5qh8o6u2/2rzoPc8gxFJkLj1WxNgooi9pnoc06jh0BjuXnamM4qlujZA==",
+      "version": "5.105.0",
+      "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.105.0.tgz",
+      "integrity": "sha512-gX/dMkRQc7QOMzgTe6KsYFM7DxeIONQSui1s0n/0xht36HvrgbxtM1xBlgx596NbpHuQU8P7QpKwrZYwUX48nw==",
       "license": "MIT",
       "dependencies": {
         "@types/eslint-scope": "^3.7.7",
-        "@types/estree": "^1.0.6",
-        "@webassemblyjs/ast": "^1.12.1",
-        "@webassemblyjs/wasm-edit": "^1.12.1",
-        "@webassemblyjs/wasm-parser": "^1.12.1",
-        "acorn": "^8.14.0",
-        "browserslist": "^4.24.0",
+        "@types/estree": "^1.0.8",
+        "@types/json-schema": "^7.0.15",
+        "@webassemblyjs/ast": "^1.14.1",
+        "@webassemblyjs/wasm-edit": "^1.14.1",
+        "@webassemblyjs/wasm-parser": "^1.14.1",
+        "acorn": "^8.15.0",
+        "acorn-import-phases": "^1.0.3",
+        "browserslist": "^4.28.1",
         "chrome-trace-event": "^1.0.2",
-        "enhanced-resolve": "^5.17.1",
-        "es-module-lexer": "^1.2.1",
+        "enhanced-resolve": "^5.19.0",
+        "es-module-lexer": "^2.0.0",
         "eslint-scope": "5.1.1",
         "events": "^3.2.0",
         "glob-to-regexp": "^0.4.1",
         "graceful-fs": "^4.2.11",
         "json-parse-even-better-errors": "^2.3.1",
-        "loader-runner": "^4.2.0",
+        "loader-runner": "^4.3.1",
         "mime-types": "^2.1.27",
         "neo-async": "^2.6.2",
-        "schema-utils": "^3.2.0",
-        "tapable": "^2.1.1",
-        "terser-webpack-plugin": "^5.3.10",
-        "watchpack": "^2.4.1",
-        "webpack-sources": "^3.2.3"
+        "schema-utils": "^4.3.3",
+        "tapable": "^2.3.0",
+        "terser-webpack-plugin": "^5.3.16",
+        "watchpack": "^2.5.1",
+        "webpack-sources": "^3.3.3"
       },
       "bin": {
         "webpack": "bin/webpack.js"
@@ -19246,17 +19242,18 @@
       }
     },
     "node_modules/webpack-sources": {
-      "version": "3.2.3",
-      "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.2.3.tgz",
-      "integrity": "sha512-/DyMEOrDgLKKIG0fmvtz+4dUX/3Ghozwgm6iPp8KRhvn+eQf9+Q7GWxVNMk3+uCPWfdXYC4ExGBckIXdFEfH1w==",
+      "version": "3.3.3",
+      "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.3.3.tgz",
+      "integrity": "sha512-yd1RBzSGanHkitROoPFd6qsrxt+oFhg/129YzheDGqeustzX0vTZJZsSsQjVQC4yzBQ56K55XU8gaNCtIzOnTg==",
+      "license": "MIT",
       "engines": {
         "node": ">=10.13.0"
       }
     },
     "node_modules/webpack/node_modules/acorn": {
-      "version": "8.14.0",
-      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz",
-      "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==",
+      "version": "8.15.0",
+      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz",
+      "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==",
       "license": "MIT",
       "bin": {
         "acorn": "bin/acorn"
@@ -19265,6 +19262,18 @@
         "node": ">=0.4.0"
       }
     },
+    "node_modules/webpack/node_modules/acorn-import-phases": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/acorn-import-phases/-/acorn-import-phases-1.0.4.tgz",
+      "integrity": "sha512-wKmbr/DDiIXzEOiWrTTUcDm24kQ2vGfZQvM2fwg2vXqR5uW6aapr7ObPtj1th32b9u90/Pf4AItvdTh42fBmVQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10.13.0"
+      },
+      "peerDependencies": {
+        "acorn": "^8.14.0"
+      }
+    },
     "node_modules/webpack/node_modules/eslint-scope": {
       "version": "5.1.1",
       "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz",
@@ -19304,23 +19313,6 @@
         "node": ">= 0.6"
       }
     },
-    "node_modules/webpack/node_modules/schema-utils": {
-      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-3.3.0.tgz",
-      "integrity": "sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==",
-      "dependencies": {
-        "@types/json-schema": "^7.0.8",
-        "ajv": "^6.12.5",
-        "ajv-keywords": "^3.5.2"
-      },
-      "engines": {
-        "node": ">= 10.13.0"
-      },
-      "funding": {
-        "type": "opencollective",
-        "url": "https://opencollective.com/webpack"
-      }
-    },
     "node_modules/webpackbar": {
       "version": "6.0.1",
       "resolved": "https://registry.npmjs.org/webpackbar/-/webpackbar-6.0.1.tgz",

From 4ced5acf011fdcea3a914a878a64e35583c36777 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Feb 2026 09:07:59 +0000
Subject: [PATCH 44/48] Bump @types/node

Bumps the npm-version-updates group with 1 update in the /parser-sdk/nodejs directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 25.0.10 to 25.2.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 hook-sdk/nodejs/package-lock.json   |  6 +++---
 parser-sdk/nodejs/package-lock.json | 14 +++++++-------
 parser-sdk/nodejs/package.json      |  2 +-
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/hook-sdk/nodejs/package-lock.json b/hook-sdk/nodejs/package-lock.json
index 7983d822f..dfa6bf8f3 100644
--- a/hook-sdk/nodejs/package-lock.json
+++ b/hook-sdk/nodejs/package-lock.json
@@ -66,9 +66,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "24.10.9",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.9.tgz",
-      "integrity": "sha512-ne4A0IpG3+2ETuREInjPNhUGis1SFjv1d5asp8MzEAGtOZeTeHVDOYqOgqfhvseqg/iXty2hjBf1zAOb7RNiNw==",
+      "version": "24.10.12",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.12.tgz",
+      "integrity": "sha512-68e+T28EbdmLSTkPgs3+UacC6rzmqrcWFPQs1C8mwJhI/r5Uxr0yEuQotczNRROd1gq30NGxee+fo0rSIxpyAw==",
       "dependencies": {
         "undici-types": "~7.16.0"
       }
diff --git a/parser-sdk/nodejs/package-lock.json b/parser-sdk/nodejs/package-lock.json
index d4784d5d0..9cb9c75a0 100644
--- a/parser-sdk/nodejs/package-lock.json
+++ b/parser-sdk/nodejs/package-lock.json
@@ -16,7 +16,7 @@
         "jsonpointer": "^5.0.1"
       },
       "devDependencies": {
-        "@types/node": "^25.0.10"
+        "@types/node": "^25.2.2"
       }
     },
     "node_modules/@jsep-plugin/assignment": {
@@ -81,9 +81,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "25.0.10",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.10.tgz",
-      "integrity": "sha512-zWW5KPngR/yvakJgGOmZ5vTBemDoSqF3AcV/LrO5u5wTWyEAVVh+IT39G4gtyAkh3CtTZs8aX/yRM82OfzHJRg==",
+      "version": "25.2.2",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.2.2.tgz",
+      "integrity": "sha512-BkmoP5/FhRYek5izySdkOneRyXYN35I860MFAGupTdebyE66uZaR+bXLHq8k4DirE5DwQi3NuhvRU1jqTVwUrQ==",
       "dependencies": {
         "undici-types": "~7.16.0"
       }
@@ -885,9 +885,9 @@
       "integrity": "sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg=="
     },
     "@types/node": {
-      "version": "25.0.10",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.10.tgz",
-      "integrity": "sha512-zWW5KPngR/yvakJgGOmZ5vTBemDoSqF3AcV/LrO5u5wTWyEAVVh+IT39G4gtyAkh3CtTZs8aX/yRM82OfzHJRg==",
+      "version": "25.2.2",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.2.2.tgz",
+      "integrity": "sha512-BkmoP5/FhRYek5izySdkOneRyXYN35I860MFAGupTdebyE66uZaR+bXLHq8k4DirE5DwQi3NuhvRU1jqTVwUrQ==",
       "requires": {
         "undici-types": "~7.16.0"
       }
diff --git a/parser-sdk/nodejs/package.json b/parser-sdk/nodejs/package.json
index 61f8d5b99..12b5301a2 100644
--- a/parser-sdk/nodejs/package.json
+++ b/parser-sdk/nodejs/package.json
@@ -18,6 +18,6 @@
     "jsonpointer": "^5.0.1"
   },
   "devDependencies": {
-    "@types/node": "^25.0.10"
+    "@types/node": "^25.2.2"
   }
 }

From fa04b942e9a225680a26f28c0a4d54077ab73f9f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Feb 2026 09:09:39 +0000
Subject: [PATCH 45/48] Bump github/codeql-action

Bumps the github-actions-version-updates group with 1 update in the /.github/workflows directory: [github/codeql-action](https://github.com/github/codeql-action).


Updates `github/codeql-action` from 4.32.1 to 4.32.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/6bc82e05fd0ea64601dd4b465378bbcf57de0314...45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.32.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/oss-scorecard.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/oss-scorecard.yaml b/.github/workflows/oss-scorecard.yaml
index 8cc03fa42..e7b63b468 100644
--- a/.github/workflows/oss-scorecard.yaml
+++ b/.github/workflows/oss-scorecard.yaml
@@ -33,6 +33,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
+        uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
         with:
           sarif_file: results.sarif

From 7907a7684b00bb38fac39018b45923c33fa6a13d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 10 Feb 2026 09:06:13 +0000
Subject: [PATCH 46/48] Bump the npm-version-updates group across 1 directory
 with 3 updates

Bumps the npm-version-updates group with 3 updates in the /documentation directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) and [sass-loader](https://github.com/webpack/sass-loader).


Updates `@types/node` from 25.0.10 to 25.2.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/react` from 19.2.9 to 19.2.13
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `sass-loader` from 16.0.6 to 16.0.7
- [Release notes](https://github.com/webpack/sass-loader/releases)
- [Changelog](https://github.com/webpack/sass-loader/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webpack/sass-loader/compare/v16.0.6...v16.0.7)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.2.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-version-updates
- dependency-name: "@types/react"
  dependency-version: 19.2.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
- dependency-name: sass-loader
  dependency-version: 16.0.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 documentation/package-lock.json | 26 +++++++++++++-------------
 documentation/package.json      |  6 +++---
 2 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/documentation/package-lock.json b/documentation/package-lock.json
index f49894f38..d1d4b0c26 100644
--- a/documentation/package-lock.json
+++ b/documentation/package-lock.json
@@ -30,11 +30,11 @@
         "@docusaurus/module-type-aliases": "^3.6.0",
         "@docusaurus/tsconfig": "^3.9.2",
         "@docusaurus/types": "^3.6.0",
-        "@types/node": "^25.0.10",
-        "@types/react": "^19.2.9",
+        "@types/node": "^25.2.2",
+        "@types/react": "^19.2.13",
         "@types/react-helmet": "^6.1.11",
         "@types/react-router-dom": "^5.1.8",
-        "sass-loader": "^16.0.6",
+        "sass-loader": "^16.0.7",
         "typescript": "^5.9.3"
       },
       "engines": {
@@ -5449,9 +5449,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "25.0.10",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.10.tgz",
-      "integrity": "sha512-zWW5KPngR/yvakJgGOmZ5vTBemDoSqF3AcV/LrO5u5wTWyEAVVh+IT39G4gtyAkh3CtTZs8aX/yRM82OfzHJRg==",
+      "version": "25.2.2",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.2.2.tgz",
+      "integrity": "sha512-BkmoP5/FhRYek5izySdkOneRyXYN35I860MFAGupTdebyE66uZaR+bXLHq8k4DirE5DwQi3NuhvRU1jqTVwUrQ==",
       "license": "MIT",
       "dependencies": {
         "undici-types": "~7.16.0"
@@ -5490,9 +5490,9 @@
       "license": "MIT"
     },
     "node_modules/@types/react": {
-      "version": "19.2.9",
-      "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.9.tgz",
-      "integrity": "sha512-Lpo8kgb/igvMIPeNV2rsYKTgaORYdO1XGVZ4Qz3akwOj0ySGYMPlQWa8BaLn0G63D1aSaAQ5ldR06wCpChQCjA==",
+      "version": "19.2.13",
+      "resolved": "https://registry.npmjs.org/@types/react/-/react-19.2.13.tgz",
+      "integrity": "sha512-KkiJeU6VbYbUOp5ITMIc7kBfqlYkKA5KhEHVrGMmUUMt7NeaZg65ojdPk+FtNrBAOXNVM5QM72jnADjM+XVRAQ==",
       "license": "MIT",
       "dependencies": {
         "csstype": "^3.2.2"
@@ -16986,9 +16986,9 @@
       }
     },
     "node_modules/sass-loader": {
-      "version": "16.0.6",
-      "resolved": "https://registry.npmjs.org/sass-loader/-/sass-loader-16.0.6.tgz",
-      "integrity": "sha512-sglGzId5gmlfxNs4gK2U3h7HlVRfx278YK6Ono5lwzuvi1jxig80YiuHkaDBVsYIKFhx8wN7XSCI0M2IDS/3qA==",
+      "version": "16.0.7",
+      "resolved": "https://registry.npmjs.org/sass-loader/-/sass-loader-16.0.7.tgz",
+      "integrity": "sha512-w6q+fRHourZ+e+xA1kcsF27iGM6jdB8teexYCfdUw0sYgcDNeZESnDNT9sUmmPm3ooziwUJXGwZJSTF3kOdBfA==",
       "license": "MIT",
       "dependencies": {
         "neo-async": "^2.6.2"
@@ -17001,7 +17001,7 @@
         "url": "https://opencollective.com/webpack"
       },
       "peerDependencies": {
-        "@rspack/core": "0.x || 1.x",
+        "@rspack/core": "0.x || ^1.0.0 || ^2.0.0-0",
         "node-sass": "^4.0.0 || ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0 || ^9.0.0",
         "sass": "^1.3.0",
         "sass-embedded": "*",
diff --git a/documentation/package.json b/documentation/package.json
index 632fd3082..a4be20079 100644
--- a/documentation/package.json
+++ b/documentation/package.json
@@ -52,11 +52,11 @@
     "@docusaurus/module-type-aliases": "^3.6.0",
     "@docusaurus/tsconfig": "^3.9.2",
     "@docusaurus/types": "^3.6.0",
-    "@types/node": "^25.0.10",
-    "@types/react": "^19.2.9",
+    "@types/node": "^25.2.2",
+    "@types/react": "^19.2.13",
     "@types/react-helmet": "^6.1.11",
     "@types/react-router-dom": "^5.1.8",
-    "sass-loader": "^16.0.6",
+    "sass-loader": "^16.0.7",
     "typescript": "^5.9.3"
   },
   "engines": {

From b94c7b6189011bf7d6cadb0ead652a38d8f0510d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 27 Jan 2026 09:04:20 +0000
Subject: [PATCH 47/48] Bump gradle-wrapper

Bumps the gradle-version-updates group in /hooks/persistence-defectdojo/hook with 1 update: gradle-wrapper.


Updates `gradle-wrapper` from 8.13 to 9.3.0

---
updated-dependencies:
- dependency-name: gradle-wrapper
  dependency-version: 9.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gradle-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .../hook/gradle/wrapper/gradle-wrapper.jar    | Bin 43462 -> 46175 bytes
 .../gradle/wrapper/gradle-wrapper.properties  |   2 +-
 hooks/persistence-defectdojo/hook/gradlew     |  15 +++++++--------
 hooks/persistence-defectdojo/hook/gradlew.bat |   5 +++--
 4 files changed, 11 insertions(+), 11 deletions(-)
 mode change 100644 => 100755 hooks/persistence-defectdojo/hook/gradlew.bat

diff --git a/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.jar b/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.jar
index d64cd4917707c1f8861d8cb53dd15194d4248596..61285a659d17295f1de7c53e24fdf13ad755c379 100644
GIT binary patch
delta 38060
zcmXVWV|-nY^K=^H#<p!cX>8lJokq9O4I10F)7ZA%I5)P{G-;lGfB)yjIj_&>?9A-$
z?2Il!?w&$6IG_NTXJ!yX+0dZ({K;+-aDUA|XBbqdL#K)Z>o?o&$wm{xo}a2)*36Ex
zVSBFVt=csdy`SYTkK&r_5#wm?@gFb-SFB~^b11yyhAGYAvG}`ke$XzjCa6GbwJkfj
z&@&W5WhL%4s3Ys6%0$r9vyX|Ph)M?WNID<q8+PTSl9*7%6&UsILT}*dw{_NmS6e&j
zk!Jb+K&mRh!Q0PG>8C<KKy*MPgQba*S5V}EBv{?P({fI2KUxRXr4owD^Ym{?lI;kx
zEz>WZ(T7DMUBGg;dr+^c`%H8KP*A&b?}0%*K!|>LZ~SgYo~Fa7U8D~2`qzvpm>ZAG
z&S_n>jAa=XE!lvtKPY4{(kbE(F^(8mjb_J?%seh16lIhx6DzIhxC!!dQ6~tKcK=EN
z?U>Pjt4o$cFE|{ahu&rV;s)h-qvr!ap;YSa$8%1m0D*^Q0ESDf6l@RIsV-b0)97NB
zZ;}9Qch+LbMS(&@Z~M2D3@x9wf`PqTu^K7I@U^>|$8fh-6&DU$V*;0GMp!tRCDDuS
zirG%S-V1TUR>AoYl+e+zzu$#_QRu>u6;q|!r_YNl(|yUJ?cx3P?Za)ka<$+u@_)Yz
z^N6e>Sr|<lsIjTOq>5z}(HhnYUKB^~Ht(KK10llHrrd?!4Jx9Kaj^0A5+z9x$R;Z%
zaR|h{NBsR>e;x@CIC#DEdByCF6b#<r=*|h8*m1aOdY-87+YN%q7@`>Z^YL+V#5;+z
z<{e(kh!ovgi-k2~$EEb+PnktEvJ7sDPdIfu?WsjB(7#F>ccX62-gk14r%gyrH4C({
zr?diK^9-!x5;Q5&Z`-=wb=Je7?iSFop~Gr5+YoOrb5iwIX(w@0>lHG}VyW)@rLprI
z%uZ#mJhd`Rxr710jB~(3PQOT_vrp4AbSFS|zR(iacY+;~kK_Pc-3l8ww>x3!w0Vae
zE1X&Z6LJ~`E%53<FwDEn(JJja^$2}~WFBj_++kPsJ<b?fRU2Y@Kif~#<kWHVj<d*7
zBs!~$j^S_%liI-owa1{dHGDr@rOiiDG_%$pjrM*))NQk96UVDo0E*P_VO;Ea+46(3
zkoYB5kK`mW09-s+fs%{3N(DTd$T}wxf4T!8Mv|N1uoZq({||6gOmOlj0zunS`z2Dk
zi=KGM;JgiN;!QiCc-?TVV5<CgbWC=8>M-(_b8*gZ7IKC2#bRFu<KN&G<MD9|hA1LL
zt{mbrnT=mY{^W;tSfQPQHm%-8Wnp^a2c5GC6L~kty2os!@Sf>;QRMF{&mo*P*9&?;
zH_xa%3JKs$`C9K_wnH$yY@!Ip2a4Lgtj)bHnW?SSW3mzqN77Z{G#TjBu)r3#Co&;W
zD0MgBTO{~q+>ylm5yB$h?FeG+@7P*A+k|SaK*;1R%E7mLYrLSM=6e{6@cQ<)JMimE
zc|wD@4T11jhGcwLhUCT`YTY8d)s`qJwQ{1BrNuY<Px!FdMAzPN(f`o-*Qoe777_wt
z6Y76tX228&I;miap#`Nu%G8%)q2C$_iES(vtFcusXOKlj$w7@Wlm)PFc3ru-wyj+n
zRS%D&-toSQVWvo80>6t+@&%HUaoKe%cw5`#*;spfKfmOY_CeH8jNP8y-df#-svWHM
zCbTwM>v~bT=mzh)3X^mMbA9yVSn3R73Sk{?9TnOEuMizX9p4HYwNH%c?xly=19#ZA
zy#brXM&E8-!yBr62kUu-;{jk6-kT+D*|Ah{IvoK^Cj@MDmY=xkI%z-3nDs};*x6uv
zFt}2w^E&cO*`SWFh(?@Lu$bnU9ie;YN{z~7S=$lAvrOt`#GSY|!XpSk`1ersMru*M
zR9rDY4yqar_)s+w+ybb!xiEV67!mJMLSZxAaRA7s4Ijig*R&~jDtkW9mN$&I?-pYk
zLVooSnpNPgxhxDf<XP4|X3)Loc80~E)@4(Ai8AC%_Bn9%IPhea$9iY3(D`MK3pD#`
zOLoz+l|CT&Ex5)kOYE`Q$+R9e-LG}rS-}SAHNA(pZ9&Eh^=&b`{KM}R2*y8##jXLv
zO2~J|W0~kEFX3_^p8f5t%uc+(UQOMHv*L}Bm)jb=;&V2SGpj=V8ajY>&>H9r(Q5BM
z7;OuYlra_(*VQfq)go3OV^(A|Y`s*E@D#l!6f8%;5W6El8EYNWY_{k{WjizPjKgjX
zNK`zmYP2Xx>m~odzH&+Wt01fzZAr+5^=Ior3G6=CCW~NBMH^&ZmL(|ecjk1Br_<-@
zZf!?Qoq2lL2f7eeuS@4nt;RTj_etxuxSOGup}m1Wb4#kh41#a$`ww$pZbaw|lIO6U
z{z;-XnlP>*bToW@f=o7zGz_3M98)oJz>a{d9tB#!Z7}9ck#p^SM0<XSa$;V&{5R>$
z$@_Op8s^OTl8@EQzZGSS6N<htccss=t+T>iK6BSQE25vhfvBd4yBtEm=SwrNP0QdD
zvYF0`o|cJDQ`NOD^3Y)~_*d4ECJeX^$OiKQ&Ai%Ce&$u^;;S^JVYAk87FDxRVTa>l
zE4^2&pF62yJcYT&e7RB2tCS2;Kig9MNOzfKh6E<?j-6Km`!(Z&!=v6M#j2x~p3;@s
zU^@=EjEuIp6$jX^+FJ}~j<hrmJ(tFr`O-$N&N05d#dYPmMx2av9$;)fy{k6?7xmK<
zOxsBux)$LdXPw;I!czjSkr0Rh#6jD)pnA3n1vlsD;a;;}AYd|hM_1^Bj54g+-*@Cr
z3nusUe9%S}Yn+c-V$crcJXQv8BpRJ<=Hz%rzkA4^yxC$nfvRpG6caNBT9zNqBTAsT
z3e#R-!Fa=0r~P5WJ?|+!3IPkmPjcIo<r|wn2=o8;AS$Jd2TL)gw9Dr4(xC(FCzOK0
zz5Rwedw>M$m6*clwY05A$T#zJDPT-37k{BwiXekYPfT$`kQf`qKN1_%!NTTMvbkvN
zF%vZK4)X^%Dh<F(hmNZQI2)t3ZTjjt$MBWUNPo*TpMag!6U1772*?60&}6jeRwV+U
zuAFi!din9~=6_EFY<SPsax<I#@d;X%Vhm3P^uSG#nMIpbq$XP`^jIf_S}tQxEJvni
zoen>W9BlV8&EJ)vo4Hl}nMS|w6Ya&;XM$;>o6HzM1`SYlOBT6Ijvr(v$K;KuVEM*@
zrQQMSK96yXD#L&B<-37o79?%>7)V^Vb^;4oy<%`z==IP|U9@b*&idG35d52Mp4=mW
zc~9VgZ!yrx^xylBk)J@k_Zy^qXU=cr?aWIaKV$OO$HMfw$R{{~go0htML|3|R=Ap`
z`h^by+@?N>52T?ZI3Q&{N@1hPLSLw7W*!ZP%Hn4Gn>*ZZcdLEkx>VfF7WL1kN5X)f
zSOeg-sfZ=B-8$gzx*Jg3CG$eHAz~`9rCyX6j>`8V3`-s#<;zyNL(1d)#gFD@FjwU%
zZ74ZKDcy!#k@C_xftzkc1M=19m;Xpsytt{V2?YU>4EH}_Prz3MUYHQA;0K{F0hp2{
z$B~n4X|f5Kx=bM%AeCTZ2=vmp&`w7+iM>&#!qziqrkS8?<!*3Wc>PB<HWav8%AA^~
zlE&+6^WO@0H-QBozeM|283N~~SsYC@#QUam9`au9yVpGa-rxBHq35HhK{~7^B1=yJ
zw&F_49vVnq5lP9wLRmVyQqIo8&Q2@orL@r~XOGZol=30^l_;8WU-ylPvRu`d5_>)&
zjLDKBJ8sOCa1^DBOTNEf;qEq!q<&A-n4t}1suz#hPR*n^yE|W4M^|ued5_~PbZrQ1
zbQTfhBlM_3jiM1X{`5`~EhEeUlTRtPlsjs1`uZ=<Z^G38J@vU;@azO?H&EJ8k+W87
z_;b+v11BS^I}OFZgI_^|R)<yimQ$4R?U0NT{+BFIuaLrkm0n2D{3qIzRb&@ShddMI
ze&)P9v|Py~x+(q!4@i4I=POS!f!;OSWsH%k&GK_iHQ`lYYwhfa=NLAir?aw)7O#%S
zW$`N3X!{qiX{KX|V-(F+WQBvK_={jjLPN5dKYkz8rFDhlGk$i6?Jx=cOF=J=)-T#(
z*cNlI{1~$HVfjRIiyyk-mX0GljRKOXcA0_R4B5wJQ}er*GV`i4n*QX_%-Kp2Kh>tG
zxHN>TV5*Bf@a6piqrhJzymCnJ&6-z>V9-Ie)e#oJv^qK4VzO8o<@^-4K2!TKc98$7
zc>26p2XBSUHa)9mxuwu|xKJ(*lA@j}J57#K5>yq#J-N2>qnwzC1!nP$1DHsmaXiE2
z<ByqaKtznno@9dfha6~CPyt87^<F&**L>M0TSkNn0SeF)ST?wX@1sl)Qq9yNrnWHP
z>>LGhTP^-f6@QUJUaWnMttJw_Byy@Akc&oWEYX^L8M3<n(9HZ^bCPt&mxq=p)ItLq
zsk)nVXNwFP#uI?O{w}k?bWK-w#84+NgS}#S7nLwde^-R5wHf=Mz%mjkwwRkd=);<y
zQmz7y8DD}Q3MD+YlJy}PJjNxrV+4#faU}w8{8+Yjss_jI$VPANLbCR+F{_$36dT*0
zfR?hEE8Fx^2g-}9!uD-4bpslJt~F4HXf+{08+8CpWO-x6sB;vVghWTTFp`$%3Uq34
z*2KKi1RC?^vk#jz1DC6rOA@R`rhVeqZS4d7k!ouhkM*~X?{<a5WDnU{6Bvr@OXENU
zq|B!!>+SbcQ%=VR%FD+&Y&9p=4n{gB4GDYD*N*Yk!2tkriPsngi`t4>8h%_#Ho=7)
zN8Zqb*fh9_>L>c_zGHVlwv$ORCD=pLjHfSS#fhYCnon55GC<7sQ>a%~20vR+)20{0
zrpKSsu>UtlFU8g$h9@<0GLBvrTV|kdqS;gxe4~P|UP@%y6Mjl@*)c{qRGJwYgWE?G
z$vaK2R)ovmCRZ}?2S3XJHoGO^-L}5rK=1zJGu6kB3pfBR=qIRpNz=#<T_*F0r|*LO
znX-y~`>6F?KV{cwgy5kjhhcu=K<Ccl%MrId=;;I_NItP3q5zMTBM8Ll<qIShr4?1A
zsHxpbE%}R~1G7sAXrbSnv>vUrurho&c&+v-Js7!P6YFMHT~__@eIYD8<+&PBxZ!<u
zLW|$`!Sc^8uf<0^5!`3-BfRm$CX?N8W&g%6T8Oltb6wRB(W6eE$d#Y8r1`V>Jj~bC
z8S@Eyu8g+*N=;P-H%ZdvgaN3(AQ7znw4b^6ahCY+iTd}*f!)-h8*_Vk?R;`ds!xGb
zIefrgcl55b`3yY6;hkH^YbT@rzvGZ7lDMu7^bOyKZXoi?DEaggfQcoHr$CmRp<tq-
zoBdb9Q^%QN2a+eSWL(POf?(blC2!h%K3UyIXt3zsf@BSc(Bdsn_d-diBeGC5m7kC$
zFYy_1tH_0$;cx7`aktC`EHwO=k*HZJ&7}A*gI)x*i0z}1qo=@jtTmR6t?aQ=p+o8z
z>cJnfTkuG>j5M;ccaJv|ePJ+BD6JUZNUu<Q)kGpVVF-IXX&fC{TgYMR$W^}uN)=Om
zT@xJ?suiQaX<7XNd<m<sEQ+ODflx@XComHGW0|p!>A)wdNnM1A8(bA&O*Jnut>7!L
zK&(5=$xns3tp$`e(kQ58h+p<~pukYNv_m{hB%zn&$SDXTib?cE!Htj=*vT4lq>9Jg
z8B5K6#R$ZdFe?gV&Kgo^yUj(6@yF|3%N}|;YkOJm*J{QFe&u<;RnjyW`peOg&3ZiR
z1Ey_UHF$*?63U`z_Dco_dXCCjX)cep906Ymb|(+s5N((Y4;{%%;11CDd&F#wDar~X
z=bGQwY)dNY1iv<fxAo<l{1qIS`|(6U|4B$M+MNY9TV}C9)2e}u#SoxA#n?8|EsHic
zW(<gIA~j<LQXfwKtY9jV^Ud|{?{nP+qLpmR@EtDXprYN~+b8vJ*b7NdcG6eJV_L=d
zc|><E6(F|DZfAyPtQy>Mxb=!}^Q-jyCeRu-2-_EUvPKcSRk<97(~KZB=M|BrT(QCw
zlw}QV%Bz*1E1dlNpHaf1EkR}q2LT~~3IU<20F`_!jhlRnO`TkvPX)}?a8mi_1_ZG{
zb*3wu3ZU=KBW^T$X@EMvFVHOvLk~m_jJI_?FKTUUmR`xmB$DpC+=kK!V2Zv%y{nBb
zE#h-2pluxH`K#og@Ry(D{CQY=A%#dYWefPV3taFkZ|Ue@EGcDnIF8d^Qrx`|V2LL(
zA;@z<xQ83W7Q%XL90E!VUBY|tUVbZV?H<}zU2d*(^6hruYXn&_bK|=3A`mvizUSs$
zBvD?v9^ep%HxtuK?#X6%`%}Qv<NP*wvhK0cHCOS^hp`xUdF$!NQX$e|+q#45GK1T4
zmm2cS9j&_gW~lE_@|Xix2!EW%Zzh{WxXt$z5!{1+CrgKCRRJWP5N4yd$T8be(Zowz
zjXNZP7Ak2FfA^2`EcyfRc}j-YY{ip)Do<s`{#Nmgj;?B)B7F#t29HMgZ!0rAfh3__
zo>kx#^6mk0x<XeY{z!{ar6VWZTWEv%a<yI#%}yU0j8%xQP*EO;p-gS^fN7Q;EAV&v
z`!m{a@-HgdH6y@-CM?5}-?!9aU3HPRBF^WZ=pU|z*y-%qW7LLfZX~$-6b=9wle$0d
zx0~@GttVfzBrZDw|Gb36=!=Yai=6^%s&&+i_|lPth2+ut#agqB$n6W^dghSy?khw^
zwFm6Zt{87Fq-Mh6KoS`JYR@cbSV~JIq<YR>*Qz({<a{G^QH{qm^?4>S^8|I~+%t<~
ziz1z3uN)?Y=1M$zUl10j<qsqiw)L?U``UPieDxXr>GB5ms>~l|D<Y3yN<zX#6LbZ`
z6BesOr*$brL#AE+8~K)x$PN|%?egi#d(y<o3Ha2>{ggC7jSFQ=F|5BJNCgG-Nu{rv
zhGGUArG}-3VVWTzXay+A5a76{k1mdPo2B;;G)mNc&Q}TKbV*Fo{s@jdC$SFdZ6#};
z-iO>9!{g~2QPH3;cw<6CCkF>B(=sjnPr_h=^X4j-YI-eJfj?<8fz_w>$_r>=3T8;x
z2pre0DoZ}Vu-=nYB9+{o<5pVr^WIAS0Fx$2<RLs#!dyJcx@p5VmvqN$2$u*4%4Y03
zyAE;LDQ*N|w8diGFdNV)h~u9Rw5)<`3P@}*mpk8Yu|fh(6mcz;9fFt_JDo~#qvM8*
zEHYE>4gJKQ>o4K>ZA4xFt<=A_a1rhC)wOc#zbykfxz0c70q6I~!5rJ|6r4k<H#fS*
zpSQ%924KkNnj`(cL_^uWUVcxvQ9f#t^LWz4*X+xq>5yd6Y4BLXMYdo0*jm_|`Q9tY
zDpb#O2uA18O?Hmpgq%Fq6zhKvbWBt2aMIm<V=Y9cCUnhzcUH&p#2f*O%!J~OKzT~f
zhZ+OzjTUCGw-xSme4=z}U(dg(HoaA?)EC5q^Y|XA=j59X;n!X&8stxtT-MKOQr>OX
z@82`&G=-245Z>@NuF2?pN742{ZpEC8;YNjjmNV)0WhHNkLfbgIw4y?=!u2NVS!)kl
z-PhZG82r9`d)v2<EBqtxr=GE&aDE?1ZX^$MgFj>A0+=`iP(#5K1CYyZaUHMKQl0LG
zQ<<j75MnGSLfE@a=c{-GyOh)z;g0FY*#KKv6J4|{(P!{wUuiYFzUt%_^0OVuD~pYL
z88^Ue_XuQtEr4w_g%3{CWh)O0>mTonT1{`hkYXmcB-z?h%q!yej9Xo%-{>RvH9xie
zdIIynZnrY8BiHJk3kKu9S!EQr<n;~^4pCBQjeo;H9{&i<rnMCv_<9eRh{farj*XAv
z)9?nF+j}G^o@9KysZ>TZpPz~<_9~UkD^GZ#FY3ghGo)j_A^nH>OkwQJ)qj|mhxy-{
zb4()(R3T(XBTi<Ol_*FVtW3v_fNo@>CX<5J3X#Q5rKo`4@1I%Ebp#mSOg>AeR^3ay
z;^rjq-9o(;GmP4)wvz|kK6LXw2yp^Gg+;#flhkmwcl8Lnd_Kbpb&FwtgEQuPZ0%-K
z;vnz9uDnm?65r>RKZKPdayy8i1h^>X;oX=5$4dv8S$}+l+4Q=Ss5P%`Y`dt{IrlB2
zdeBF)QC<T}(X^Pbif|Zcykj=zO@`ar3^tua2OD2(Nbo}KMQ6Mscf%!NyDH;CbsuES
z(d5xRm#DxD=ZQ-yb;#$jP18^BqNfJVjgV5XQ)>a!P!n22ImmVF&DeCDbfk#Xm%OmR
zaOsDiun!HY;fR{}ScIZk=~{FhKEhgu#aHxyf6540H!Rsc?>HW4K@n$>YiVZDRxpJg
zNV}{m?RLU=?p*1{FXXv$dX%Eq(U7WH(JU<fj5g923Z=Gj&!UA|#tk4#TvaP#-=>H1
z&{+D&EQ$|{X=wfpL3*9rdwIB_`B$8el{XbPciPnHT+GG2b_hc;O-UI=XKx8whgd}q
zrt_rW7Vux)@>5-&3%@`>1Va9Q-|;`Of=&J`z)t3;2LNkJnRQ{XjZ`-lOBc)+zu$>r
z<fFxK;{~uUZJ&9Y^>K6^jf{WJi|$p^sA4F+fB8%Ibd9qw<3N*{!|!p^;WN8+Bib7P
z)ey%GLLD1p-Ee7P;YA6zu_w%0SR%**cLiVFjz0@;KPicIW5w+i7EFntdKI(A47u)s
zHl*VP3xT$_!KGb7^H;h<Tx$lXB&~GXt*rO{P-Em2mmVJ?#NjsUd1#BzOy==nfJ&UZ
ztCm%L1KyFuXBMQ<go{@wyU6lZN<2>!eI*6=C3K~s#%zP$3-`G#n$i<PkT}Z?tlL~J
z-KtiCbq4>QO!t}Voc*;oY8d)I>Xo!N<H>LK0a<0}vjO;`iDdu2^YWB^NZw1xIj8a}
z(Xpkqe4pc<pRT=#;>Vet;b2Vk7JMq+&qUEl(~R0x8ZWle3q8Y+>Zc!YMwAkRkyCU5
zRx*L04uskj<LZntag;T;(8BwhkL2L13~`3`r~Jo5m^KgHVPcM8xGys>dZP56F#@=|
zK+VRmBi;SFXuatX+wkCpE_=Wka~3=(fVQa6e>60`n-J(s{&zGtcoUn$OqFT~D{F~f
z{E({9{L*5O?Od%iFjW~zb^#Lc>EnYFOIt<FF{kJqUsk>1@3(?rF7g5+QL#o%{QYD9
zY2e6y(1%i`JM0zo5&1Q;+DGIhztLwh-QScH=lQ&`<wcbg1orTNRRl{}zh-qg-E-Xk
zz@yV`b3pNr^w$4pTDvlS1t!kOL$RZc(XO`Y*RI|qr;kW58sXN8tKAjQ!Ap%q!?~<)
zpYdcV$$J~1Ex_F|3n7pMK#<DkEWg3P;PO1&<-gNpcK7skL-x}!vHJ%2^40J1i=aBI
zhR?QQHs@4fp0-m`sf24g*GQCfi$w{EVQdPyh4R4i%JC}aT;Zf60JU?K4@bKX5U1dW
zW;RB(W9^kb9Dvn~)YM5lK5O)n*a+daVbOG(63MEplWS}C4qm*&c^;y$F=B<4T{Qia
z<cVTh+2cO|sMLPJSUbUS7IlNLiL>o;^EClk){`33Lv*2w+&6A2?%3bT|8m3Hk+=ig
zyTqeB<HgDhJ95I<fq1N6Ne}_jQ)8)9ke0P3(Z6fs!#K|D#*{+_#5?YW9Lk<=1ydPe
zrE32!8zEN`{%pFt@e&E{V`&*O6|csu?bW|R6<qw>>l;tf?vqE+l1=6-u(4os!ld2)
zCF3y=7{#^76gwHjZ|d#d%%aLAk(M}9Co(jgyrQ6;M>IZV$u0xyzAy>Efdkw}3BWAP
z1KB9_1d%*Gs(#;~j07nH^Oc=JtLWna|K?ygcyk_I>#}4M=1?F!9wQzm6*~bTTM=Gl
zRL6D?6H=E?c9+32-Z!-T0n#ii#dq+(v*GBvdb3y(NL0|n=9=Hb+WMw`S2PGxx1VX~
zBs3KFDBdsCz+Zght;pHwLTVfFJ?r9b9JvGx*ILkyk@t_?hbXAX4l=s_X4|MwBTm=h
zMHOpALnquru|R%Df3u+LYoTqeBg}X2?FTxvYu5u5;&4wx`Y`uWiG{#I@hYi1ce`Fq
z9>>Od;Q1Ge@ftWUtEjO$TD)txNp|9YXN8QklPt#I8xK33$TNPOLe-`E!#u#wM2kMt
z2VX16ooq>>WyS@(DAd|a0-{BFq2`(FJgkwqtm_dQ0I2Q#TZC7bh1f$lTChwr{|R-f
zAm7^g{+H7`^jXlJJg?t4nfoWFHw|C@>pQFj#|u|qVIe6lrz~YPd1$Y330sNSQ1~yx
zh568(UxXH?K9Y}N5mS?uf5fGigIM~cz+W*+qqRr=*z)I%IkEtE#H=CZbnNpY!$5M1
zmKFOe*1%Vj78x7Gqpk2Vfmn9rT>T<#EKz!5ju@i!I+;2f7RC`#%`G<lMYh=Np7vk^
zfP{^qEG6zIWvdeO)&5#l*I;zoy#WDY#spbB1+zu?4*JknCi9kSop8U2>b$RM(urkj
zIb`wPV#Yi>8cU05<7Ho?*}v{$<d&W0Pzf6T3IHa*#tmdj0B}*+?TO6a3Fn8629H*+
zf_}z0>f9?Z`oLh;8n&h?V8^*$IWP)`UpSrBEuBsDo%)yXNylUJ@Dkz$u98V1Zw2{7
zA9z6>uzw$Ll$TW%T;^{?<`#?6MZ*C84{slF^j@C-<YEl^e|s1-76d#z{J#S>c`{op
zQSv7?c5*Bm22cl61}|t7ns->2x_}GED%&0*IDtVI{XH6;5e9>*BG&e-L6C|ud%L|0
zT&&IN=eO<AoierKyQz)Tnzv#6QYKo|S6q5?eXj+dcbs!M+x;-jc_VZ)_V;d%)dk|w
zEYa-uL~_($nLGTtX#|N_)Zx^1UmrtuMlGe2IBSB+XkaDcPXlq>Eu3cEV{dtSB&*pv
zt;^SbrZuMp;`%goY-1%mmWZn7r#${m1>I_(#iygv+JtHPw{tF~aJ5AMInxYXqL;BQ
zPp;JS-@Ki?zbOpI2k{c70C0$26PBCN5=^M0eyQigeih4NbX{qab?G3oS4zfchZT~7
zcmntq3MewSB)}_w_C5_&$cORF$#pVD8}ZO_W@znb>nFs?&(D=;5gF^ZmsNabr;svi
z?w2DN*AOGN;g+;Hd=_nLvg9aIjFcL@ZN+D)Eqt+38gj7ny<yYW*|ke(w3-EK&C3Iv
z#%_~=B)zjc)bJT%Z97X1`dakh4ISai2S88)0F}D<sJJ2)LdxJN_<lvg5?R3;6;%I$
zj%anxTA9#8U<VafHE=6bWFns+q4?Oh`fP2(??@QnjkyYiu%Wc4TmhV-{L}k7bplfs
zV)c*imXGPU14Y;I2mb(S{l}@mP_Pp!xQMC@?43tR^)sd?c^ERTh@>Dl3}W=K`BQ-<
zpxpiIK1Ys%;)=zlAY4GW+zV8+9iJiRC3@qqt7Vr)kTjrEzGVI&I=d{ROq}l{fA~%%
zd0qkER&dMxQZP$nXP^a);g&lxX2wwAK_wk7s7Z_?apUdSI$ay$tBVPuIG5!(cA=1)
zwdhZ^Y=}F)AVa|Ajc=rEzl43nsAC%jw#5;yda3REjWVn-47!4Fu)$H3V1^;hG(ynX
zxS^JniDSn>$~L)&!SN_a$}IxaOI7bc@6n@woPw>{6kRj#)h@2qTuE~jry22*b$yBe
zCJ1+3Z5|f|J$M~vRbj?%SHRaDVCpOq`bS=C&6b;4vJbM|in<({ce_p^VJQRGT-<$Q
z3WfWelBKgf6<odKv`3hZQsoPTv^;V>Q(PZvo#^}O{LCo3x?QcAez2;w>`+v;3s<dE
ztyB*04Ekmp;!U{2<%hcwO5M{odaU4DF~rDi6=SjU3e3)4Yof6%on$yu9pZKopfW3D
z6e<_1eebYPXCYN`^s(~YR;B_nNa7({;}><UQL9eKKK6`9NzsPD*$P4+djP~j0RZNx
z*=?V=0?46}%;ld|+#yeE^m}cz3p6Vdy3Vo5umeni5qK!-yqd=qEy|rAIr<fZrG~W}
zluUCWH0R<NfyAMa9ZCp%L>_|FdRbdEiY_3Z?r-0vm%GpOiq{cbP$YrLBU+Ls#ie{d
zqbVoy=ii{VOyF;v%{Lq8hInKMwOuJ*pOD5EUKy#3$<9Lai;%WOGDgM=VSm<o_jKU3
zdv;$524r3e1X+{4V$?S7A&Tga&gioFS;Krx$$mzbICM9JOmlJtVVcgZ{SAn9WPfEW
z*_S25VUmnUs%PttUf2bC|MKwvHP&{SJhHF5#<*oP@{zvBNEhq<0mud8$5Gp9TD=kn
z^1Cyw^gy1>KD6|8_R+4rnC0c^kbT6$j;_vM7)4rML+Kl=%|{1f5Kt*XIM_<}XWL>>
z)6Q(l>H1nQ&5J5J?j~`m2qQz0`0ttg*NNr7#4()zQ^iGih-8XbhGY@}?Bu*6RA8)@
zfexk))?X9^Wjx3%x@dj*7>WcWdR)81BA93?xqbr1*u|*?egvrGOi$~<#T6|bolmI`
zsNQ{jtY$r@z;g+m&#$C^IN#>W{v3wLC9m+HdOTmQr@Q2TT;-blefui|p)t-W<p1_)
z{64jpmb88ZBFI6o{y8AaW^s&^RR`qDvXgu$o0M~L%Vp##kKc?Yo^gDbt}~k69LTIG
z+7!ZIIxPBDinbyN(8|rqY3Gq^)$YE|XFeC8zjUG&P_Ew^w}U-Nvp$sV8e`6OPZSa1
z;m3)u3SfOrg^LkW&Xi&ta<LPzfzQxpNo&H=I%$ll8@Xmkn^~de%+~>MivjPb+VPdI
z==|jsbz%%1105o4h!AM;l(S&e;(A`Gjv{LS<(Sw*Ma5^0*dsg24B>j9osbbHXTA%q
z2kj;-pRml4hhq|*_!+<77Gvr-HHPdeJ0+(Mw+0PNM{?p#;U`i2GxIrw02`SNNs_?+
zJp%l|y%D)rOW9k_SAAD`J|JZ=Y7nc?>A5)VY>TcM8^Vc|A(}QvXZVVNv2XR_rlt;|
zF9swB3qm}}BVyMSfMf=owx5yqRcHg^x3`k$#RytmwBiup@9GVPG(MI241tkaX=j9S
z82Xtsyc%qqnp%G4n6oXBR2-PtjCW__9n`9mO=gw^J_o9mIQuJ&0-M_n`Nwu2JL@a^
z{ZzUm4>}beIF=;q7~-j>)s(_1Qqf55Y74ZMTBixy=?UIQLSKFqo!!Dn^jO%#4oOnV
z;j}vL>yGMic;&vsduTK>kQM#v0G{Lg$f|QcAO6FUCbjaH7blg+>5NN|)YC%hv4Ilf
zb`OPJiyq6Co=s9lAK27PQ%7BBk0Bc^<N$E|71}jSK31b*<dN?%(A^%9;@WXDLXl=^
zPBJrK>11gGDd9~uFJz)+^niw#3rC81TVr>GeLnug(@*;0uMmeWJWPrI@T<gCiwNN1
zbOZimkK5R%s6v<6Y$#!-6^WqWYaBsyJjL-6DL;Mk*A2=61G&XD^53c}A%`TMUHjQ`
zzfU$ne<gk(V;tXx4YXQtoZ6eW#Y(r;;e0G1dJ`<*_At4H6gdY;e&RYO*={EsVj`8g
z`#I3o{)mRT(#t72Vd?21t5+82Ly1^Co1x5MDP+y%8(hEjIb{WhB(Nq4&6A;~xyp@;
zCDjv|Q=tci1KB|?>?(uMLk^0mY`MxL;BATNqyhbAd)2?pShaf7bM2_}z#U@#;la^|
z`x{nxs8HoOvG&Of2{>?)ZRMT{G?ikqZdoa9kWok=_v@}IKZ`(eAx7F#wM_d_o`3iz
zU_uso>2*X_*lHjDFah|4c0s6F^C>|dHd4&cd7PIH1R@jf7k^kVrNiKm8e*jB!6@QG
zrSc*?q`rvGtL)mb*!x<aacp~z(hYopH8!_+g3vjYB{EHjJB%VFE9G4?EKCv1IgcrM
zKRZ<j_-R5v9ieik$2^Y+b6()VCAlU^##w(Rtpk*{vF(G-^ZvnBUFSNPkCga{?j0lm
zyA7pH2+Hq9u#}=_ser2M``<M?<i{;q*gv6ChyR~lfGQveoRS~<iY08}u(bMCu~Pek
zNpb|Q8L>2)42Bnn0Z}}C>5zvwm&%HUKJql;6_=%?U=Qw9ZQp4iH+$;aOb6$~$HN`W
z9v&fNJu543Ev*k(D4e`_+ZC*Y&o1(!Z%y;GW|prT0mcQ0OHRQtuH-2M9R`&rzIKyD
z-pOv4SjLzMIF^^?6$W;DI4zmbTY3`|oo=xnh%50KPf3!cmXxMOug2s^^J&}>uqA2k
zPN2E=z!xv@%RZ(lP$-o%735AN#mBe5hpK&duwx3(<%+Yy@b0MR%`;jTQ!~9XRxYWx
z!uZ`YAPkckn)KC<!b@4(v`O&gLDBAW5byUdEgr!mlm1M3O>Y*}U+X>9h0&!9M9a_w
zpNGUXnvK!=$X1#Rx{^i(zrZg=v%_FfoS0wPl<W=%>!z*Ykd&r@^`ay9wAz1kG-|GT
zEIyDk%8`U{RbOHL>j+ml-8Sm~e3_bLbZz2f229jsxng#pm)4XIrWW4kb{X3eS2)Iw
zx*0qq`HTczygCWu7p^QEs;|hJU~l(iK<;!{rksLQKX0$Aiq7RPhP>nu;b?{UPPY^F
zIdJ`a@m*JPYYGN#ht2iNYhd4>p8JQs-46&;UT03l?RK}$Pkqaj3yVPpNmvR$c8vH_
z?^64WElx)uqgo?U$YC5Cj1LU`)RxkzRbhNbOEe)qo%<5@ooq`=#jX8d0$%vwb+3{C
z+xY5P{sZf(VluRICaw3PmM--W#vpqQhTK^AfjU#t3+<nzkEjs5ctf25yb%7b<J0{x
zGel6>Rf;-w1g>Ht2a^gP4zGrkda1HoeZVLfBO)7UC#TGZxPjlv`rwww(V-=uOVq>U
zsWPB0K6A)|VgriHC7NY#cmR;6<Ay`y?_(o2GiL?vr$10lK?&wz3&ZTD(8IISf&9DG
zpJ?zQ7l=<JbU{aAo`r(Y*u=!TA#75_s*TZND^61fpd$`PT|6$MV`XK-N(2R5II2;C
znp7a(#W-i_KEGe+h1-}%1akd!LnpS`{rSMdq66i(*oyhn!rn}?a!YA!NxV)&wIh@l
zN10KoAy0T#QwO+KQ$pbpbgkrzlw|G&&rT^6@ksNC7<3C=zxf8h&F$wrKdv}Y6d9Oi
zV!6qxllqdWLaOB0L9T(-yu5jPq+xMwO$a!oNbE)=lF4nzaNrEOZHhyDUZhkQOb%Dv
z<eqx?k$_N0`bV%46$)^*pqM;8K=!<chCNVVoP@9YbqqB<GZiy8{r0D)C<pEneNPBi
zX*8^btl^V5U))hH9|#j`lH$uy)#>0gH(?^1iInt4k2FB2E3<5*^+9jeTy>PR=mdBx
zZl)G(gKjmV0!IE_wRBJR(`lk4x+%rwoSI-64OH5T<f2|ECsA9!xb?>fYf!eyV8{H|
zBebAJR?+ZG&X};<dlgHSJ0o5Dc!M|lOfmNm)A+yv;9^$aB2C!L?kCqqKs>T7!y}pW
z2g%+F1B}gSRO@Mt9-E&ZI`x@a+89t3Exp9$5I;mFN4=JU$>oboGI>W}b(ayR;ml9r
zSO@oM?(0)43qxDWOGW$EVy#Lyt{(&-4s-PSqAN|lR43pMp5A$itJ-s|5$sF_+Q{g`
zYLexdb#Q^Vkj%DummI$O$ncVb<>Hg1)EDM>W%~n-I3w&hUi?9BPuM$@om^nkGa;M9
zh2iWSa@C{Wh86hIoLKD}>W$AHjR=|K-0TMCpxhD-@aGYZep|ql%&Tti5vKXS#3GFU
zpw=Bdw@;R~ATydha-d^^&fKk9M`^l^T@&gGL-F7pb#r+7*FsSu(3AU@MIFLiG0&t!
z4~*SWb!gc)pPD#qjn@Ma?H!;P9geZl*c<&j4w6fS#S&IfbU5!H(s=6zYJbwrhloy@
zYjeFC!4(aen?2#0(=+Amky_oCNY>MtvGT;KV%GfJfxLIq8;SYJyisrj-(*7R1tY+x
zK}6Z4p7T925Y;WIFmCI%XY|0A*yh;Ddp6Va2yW=)d|bt>uVnp|lLXjHRv)|j5#Ltc
z@Z0!c?bjM-drJO*ZSRSBI~%fEgxc7VT@3n*eD8-p-ET*-G^EWQ)IH@P|3lg%BmtTE
z#$(c9O-a2_cM{cksa;P<WXH!F#5j7c?FXOfosEUnWk{fzOXyF+1UcFn0XEVvCW|hV
z>r0PIJI=+#c>Q+n@6iJCk4ULt_A||8wjCy9uAk)4HHapG-!ES7%!u0t^VN)cM<!h$
z`YOKU`|tfPRXaP+Uqb-{0ipeW?aEN%KN&@Vb9AwAuyeLao-btpTB#|iV2Pmx&Rla`
z{-mrS+c|+I1R<~_A>(04JW{bo4|uq!Tsbxglb+?Re~o!Z`}}UBER8}W{93%6g)kZ#
zSaI!lvr;YpG-u-T0)cX?xi>X4^XIPIlwu|4Cm$c;GS@F;%{-iqarG0ujAM3o=ZOT*
z;X}nv)fw3tqtwnlpe;je@pggipe9aXo$&sv>Eq?^$QJMSwjh1{q3_ufuK6017`f<r
zxzsT%;{w+suf8tLyeJm>(D^!K(0(W1tgw4lLC|p?*^*JIjfJu{)a!~_wv(Ec?%X!j
zrz@!(sY^e~_Da<cw=$<K#aAT^Oh43FEG?-Rca>S>Qc2QafN3VDis`hFwO6@6M6~Cx
z1|(EW6DBVZa<jG;y5u$N>R?)1ce!W;;t9l+0mL_k4X>iVhA4yMs+L4n7ygA!U?B-V
zL3?hM6>XPh5(R;i)fl&P3V&lc^#UrC*uF-TSI%Kb3KNad<{-b~1o(h<8~irmJ5Psz
z1*oK_Enw7F)}b3;rd#Z*_%=YR-l0XZi2>7X<6|}ynb0VnBX_O-|2aozuj4X#|GFW~
z|6M8AL=}PRM*rf`Si+RyBR|OyM{eq$N^R4%e#rfEbj%eM$uJnQM3jA8+Mt%UXD*vr
zrGp~-Lduh5_p75s<$E@x3Ao&n*C&KMW_w<?GV6Cm0%03aRQ3+QVCRFLwM6h2>clp1
zxKaIaxSgnmzJ4lAkZ5eAn?#nSa=@?T4$@~jp>ZJG$JXYle6GgKlzAU3rwKNHk!{c4
zSGnAdGPkN5lxAzP8@W&Ph?HRlat?+leBz{u4xEG7mN)&Oc-zy!jBqr%w#8tCv(iPX
zd08c*VQJ~CkYFtV)hOy@S>kR^j;Zl()ei0|PC9~JPCrg1K28my6lk26BUM;^8n@fd
zCKX_z7aL^*hO(?p2_$N@fkm)<Xpx`CMO(MkkKXKROgeJH%d1{{#CG5)$|NMGidNAj
zXR!Pe>029%;dDBC1WfP)`#R2C%baw2bv1Cwh-u$ktk+Zj%*FvFt)rjy8)LDmmsUGv
ztXCt)f+0@(3sB+!RF|eUz#VLt{S!IQ;K?CI4VTxoiEJB#&guRMak`DEufQp@Cy`i5
z=+cglPUJaU&lu8&&o2(6%=bl^ZOz$5ly5W~J+0UD3_A7sV*_3%&Mh!(Q>LZ3@tNfl
zm#nub!wTgO-8{t*zv9RL+(OB_a<<KXH6Q!Gn%juU0u%Vi5e#urybqrk_++(1+~G0G
z$*7pzz8VTNT|M!2HC1Oe@{`?@2S~7Vd>;-*-77|Of`gVdEL&O8TH)s01qOV;?xCS#
zix?UAk_1K0$(c0F>=*0C9~jqE|Kx#z(O563;lSB)8#vShVctjOHT2##Esn`pFbKWu
z3#iCf0Wq6y$A1nDB$q>hJHaj=zS>xjuL#s|i$7;#t-ME%LuS{%ty8}?h@PS*$DG`a
z!KR3NXwKvu<Cd9*J0IP1`J`ay^!jM7T`n$FA&SU8B*hTJxCd_^gu+)NW@}_==qJo9
z>6~b+k`HzcUSn`;b>22>vUE#f78W-Aoz}%v24ZOoZ1Xa6xs^x3Gvg<$8p4Ik<Tmv^
zjoARbV+Qwm#<trK{dvigL#(y)CaFI@d_L$qV0k{HyeOj@O3_lW!p^b11wJ{Qz#`sR
zzeei@&pp0rG&j<Kv7Dz&c9IzEjsnPx462ekTR&lZ>Vv60Q3?A-H^og737%Rv@*90x
zu&64isY3Jr8&6BQYa`<S6^G>iieo6D3RH6W&$xy4Z@T*_M}#3k2FYt6?u0q^RovCW
zwy;nZrL58%%d!$9_cCrRyT)fGh)))trN`|w3Q4$mEH5z&twnuPBk`5?9ZI?RhDmi1
z5v^;n`$p(tx|?)vdI`7hFN!IN0zh=Dt4+VhqQ=8R!#AzbHp9tcl<mWL&h6VF@YT5E
z!XV`KYkNpU2#%l-Q#P@gGsumX3uki+c_e0`Y07AaQScrxm6b2(;T_j5_Vo1E`?3={
zjM!L2NdvqdM=QDK%TpML9)|Vf_WW|ovBfc}*UbklM$F;O%`}=ZjuFp3$W-U@yFp!r
zBTV-irr6QXzM~G2wm1_UCz7rO;KlE?U>7(F0HHD-f(kUlB48bP=L9?5-`mP6P$DBS
z`U~jGTALF(n<CE+MnNLeDjqDeeeevW{NdncBxx1`u~!9dWbeTkxQ|Fo$`2i?T0`W7
zcrHrBf=}C5MSO%Cq*>TrW`U=N%pmOrphyl5VJ9YdR$wic7)y9WVLz+^>MUfT$M3sV
zN(7?egsSTrv(zCQI+Fj!1MN1S5yT5H#Hm-X^f6aH`8C#2#>aCJ4W$edtNc64o{W7i
z?ORhFX}N`nU3u{0FgnQ>sj~9?ovS>fE2sctrr@FUHCbbGE)z%jraV^;=6O_P6wo`5
z401|2xqMeZ$gb}S37IYe78S;5V3jmHlC0uSWLe-T;Ki9#)(3ps#1j5ZrkP{KcW-@R
ze<`J`bEzjf#@5K&c9Gk^D?b}lxmr$8rAt+71LtNuW=6CiOSUN3Bk2-u7Wv4|TYtCX
z)e&V@BBpXw-QL9#0zE*tpry_rMIxuXQ-LM45O+w^rBW4%PQbbdWQyk^@7Jw-nz10_
z>xgx0jSa1IQWTP>B2AU+rVt&1_~`ffJsnDV=X8ck6cD1VJ*BVl^6>KErsy1$-`Rm=
zfxDzP)3a{JOoysQy(6jo8zEI)nH(roez|{$qHI%+n<A<<OD~wwC-wz6I=`~3>Xb@S
z{45i6J|F>*dkaP~8tx$vZK?Yku1GK15;{k!mYd8MjDu4`7bP6Q7-ckSZ=TI1--Vh^
zcZN{%3F;nG92rEi)TBFm9QQaM!G%WA7>iTSTpHdX%XfBJtX}@#_+siwK&$XCJC5;R
zsKN>ef;32jVPK%!!CiJLtc^|&@eO7${{FQckC0@%L9qG9=C(i=Ow_-OT4=mT^#TSr
zyNKO>y!xCwyA%5Y&2}#TiQq}V$u#eugOhSr2o{SZ@X_(H<8ept^bGA_%cI%0;R2lJ
z5@VWU1YGM0&5u0lah7n(cGhvdy`V)V_=hN<3Cr8tEuv2VdqMjB1O+Sg6<dUr5lOeF
zRYC(t6K<cnHxb7xOkTIF0r=QS2i~sh+s`_LGY#gSHtM03ii;QyZ$IepLIqAzOX)|Q
zWY|iCGF48f+lUg4)4Me>I0DBEe2C)>0y!7`TiNwd5C@SRli~6-=f~$;Cf9s7u*Euo
zvuo3654`VRvFMXHU|MhS1!&stj{3b9HM%`>3%?C}U+vLIl&hWm5H*j)yOSZ%v}M3*
zwu>w(g;6>+<;%hy0K9y7spxB!Rw{vvDMfxqtnG?v@=N1ek1YMXjk<l8j-oNugj?lW
z)(P#d1CybI=b&&teyD_nID^VE*U!d){2-4{gF`w$eOKr)`|-t0mg%Hc^A*bp@mEYf
z{3L;q0xf^695Y*FIGUb*PT>gfym7<Oc7PuXe5yEt-$J?gm>%fgu&BH4%_K(aZyX-X
zBhaBrUN@4!^<2J@AIO^*O*KzihDY|hRKBnVCxE<ImR%Cc1+E4xK0e$p1!@Hn=+WU(
z>8Y}Ejh=TdO;ry9?9Z>WxC{qYv^(S1Y^|SaumJ4MH}k(V<grRnk~WY*8lMS?AqHIQ
z{ZlyYM5#$GY+M9)BQ+qkm`Xh9G@9S(cTCnko`E_ePB9LA-)C?4uK$TD3m3OA?mTbk
zTkgqJ92pR^<BK$7Cseb2K?^Wi+fSs#2=|Kcw3f!*!1m_z`!9pAJ}9$eqiIGi3UQar
zih>K`xV}+&3Y~#7#IrkL^L(?zxAa!Ddb0J*G8ve35sIbn^?0*NfkUcABwXrnS+8-&
zv)P#WZh|t@*8sHZo$O&8lJ0eD5wSTEuJ=I<3dC5N_XFIGeynpANlDDsKhf{7|8*Zo
zkIH4Zf4mU;zpzn+JS$Ka!Pig=`>zXU@{0hmJZEWmAy$52uxC<cFiQrFqf=)%Q<(B1
zN3*VpwKGk9?l%|T8zr2CXe5ScBntQnI%jMcr&MLSL@Ai6_JWY;qN4p?)`}LgyRARg
zi*g*RK^v^QTRyWrCtDtKzvntmp6}AHfoS~<u%OMC%k@QfuMgn&yp5R|&p?Mj`-a{Q
z5v!wnX>A|mshHy$F52FiCPN=SC6qH|F79ECu3YiiN*ChgCKQ*tIh!JWVN&j}I8VQo
zN$hH!Mg6W)CQ;pS>nJebY{4V)(0Y`OzYUpFV#~}~uo?Hxz?{*7d4Y?xu1^}q0-mZS
zBzK=MmdQrfd>xqSJG#20M?%{86p*)h_p}<B+49&7Njel_^wvN!cWzA+G||tJ=Z?M1
zv20zd2->9D)shlR&vB##cRN`*Uh^4&4%{{1b4-*9x(|Ln1*o!GZgXr4N*Gpnj-Cq2
za8jKTY?<*jDs1Sw#yWNz%q<oDrty(s^7qM4JkTB}tpIwm<>dTSypPV#C@rXL6dziM
zYCXcfoay8|q_58&(L|$2&#}n>`G1j6I=HVD%L$YE!Zd6SO0GK7c0~-GR9YiZaOG&I
zYjo!{Z-H@RNP|WjwFA&9W~;jjOc1cNd96{Tv*giis_iF3BD3a4q!;FqbNL$&aKMHq
ztPRN+*#V!9#B!pVjtjrU0z@=^sxVyCeTA@#E0C*ku-4_9d70vg#H5c*6y?~uI<yeW
zVO|||Ls`GnN6^{xC^L>%@Y6BZf<V+>(#P1XvOyAx)bT~sFAHA4RGXJCJCTYsAh016
z$kuq`IspfuGe&Pmk6P??AQA|qxnMuDpooubbpUTIjL^h#$a+^fn?FcZbs7@Ej~1B+
zg^nH&+4Ja<5D&w3xnk2}QTx@|U@r0Zf<*dXInD8Lwao1jVSJR-)&GnQ_{g^f1vb}5
zu^ksecbRYU@&&%1X>mXMCaEMElC<Z?*wQId3(ixERh_W!F2;D&<+f(h4qy`>ebfEB
zje%3o^U^#w{n+NmsipYa#EAP^JNDZW{iQI@m|^N9oHK0k8H7&4$;F}2?5B4KD!)h9
zT?I&#$3AI}fA64W-xN{ko+S@woShdFN^1zQZq<-Yxt^=R7$9N=6V+$%(ns-}YsM~R
zIoN&M_HLK<(>%nd7!%RnO>l}mh0-(T7zd*CLt;1omZ-~)Ka!gNL+o5lr&vw?(=t{S
zi=*f<M~~XAs%!$UE-OOKPzhV-)Q5q$9YpTU)I0}WP$61h*tyJC?CpQz>jbg3@1?n3
zMkFZli0m25zr}onCRG60x|Aj#?lPPW*^c5u6YeL_qwEv2{Ag&ZD+2YBs;Sdul?6P6
z)R#RUx4lVdTqGBU+xj|L{^0L5R;WN%yMN{Rdm3=i8Iq{<g9~T_!5i&Rqz#`5eP^4R
zF~^cd{S9$S$+u0_jq}Lg;!h)PuMAVS)_cvfy4<fFGZcNX?lpzd7xq^xSFJ5Eo;yaQ
z<sWQJRUq_ER*^_SDBGb3yt>U+Zv~)=%p6VaZlO}kOkiM7)?+iz_DYtNPeWODmYIN%
zRH>YT(l?zwQ6upfY4Hu3GgW3K?gbuLL~|v@i&UdzG!KA4hIYmV8@k3FI_MTylZhxI
zT~WScH5$e6^X;IW@q5p!B=u{V*w=yW6vchjG$%vqxsrX2L&lqChGzumU20&?JN{%!
zadxu}0vh6V=_A#gLe&oxhODC7|HslfMQ0W*TR66Dn;qM>ZQJG_+w9o3jgD>GM#oNW
zpL6b0jj_hsZ~LKYt~tMI-mEu{DpVix1cG!lIDd|gRE?b1|J+iexhV@)MOXdHRXH_~
zm^423*Fcdxecm1Mpa6)Ve=x<+^caFgtcT*y2dsY1?TM@Hz?qm@vt3?EjdI^KWYbZ9
zds!g6H&}d>3*U(2#1z1VK5OGy=7^3VvRC;s|G+7XYjc(Q)mo}C(;wWRECTDKz9lPj
zi%o5=>x(mbhvV-wP;P%4732E{ySR=j@3EfT<%sS)4@2$A>h%(YFXS$I#hq)1SQ0GF
z#P<s}E7Lz~(zKZgXjn#E&8pru{^Wyuof102D{xDgm-2;ot`@-JcPC%zfrM&k`L|uc
z=TV%FHSH+Y40o-K;@;=zs}#`7UKyN5N_4Yi5e@dKC21IsYfKC~-gL9>H1*MgYsVs+
zcsG-`i6y4Pb!p5e_Il<*Qw2zme>)YY4GWp<lSG)`Z|ht!$S<>smWWgW1{#08iQF~E
z8>)x4C0b4SsU?7m?(i*iv8b%v_k7mU^-@BVKy<BeuDR&2!8x>JYgFI7-2C1UE?!N;
zAFE`*BrU(%XRsoR<vQ1PPGBYtR$WkL1^;s%CrQu`$kY5am_7{_box%P>)=!5rFOU0
zS<Q;d7`&s7v!X=KZ(#*VLO&%&DFe5{vSd=X6zAfZxDkMMrk)_$U|&QhG#eQx840T9
z?<>5~aWOi+2o|i)Oax=DK|4(mLZz^9WCe;YL}T!xOlSL9p=u*euvE9(Vd&{35_b=>
z4c(#8&1ZRjlywPfZ2iJrEZ<}(qqv|@n3k_*Cs83?p-r;&gNJs}c|ynEnoGNfg-L-H
z$$tj=%@P4earlRto323D(~$K>AX!N{a)<4l&OmxHi1}p^GA|;ZS<&>8Da8&H((T6s
z(2ta%VI&Nfrg~zww+zOo;9_vi?@@a--y~t$Hl%XXGK0PK0=hhL+aKJNhU6j|;v@U~
zWT{g{FJf`snv|nR7~@V%Jq<(cU}cj^gV@ft{V)Koe{EKf9EucyQiKL&=4nzSbQDlg
z1GO_Fdq^1K!LrL(om<idX~n1_N1#n|5KG+ZZusRe*QsPn%WszrWSCnrKgfu-7}Xpx
z6a1Z^HgDYeGAlLu*oTsdHmOv^BKmdGbB~mB^<5K7sKt2pK-}c{oI_6y<Tg4>`h(VA
zZ)bos68qbA*p`ZjmlsjQKW%xv46uHN7RZFX_(BWI1n-vrC>Va7Dq|j@&+&&%#P^qf
zOdFRmGpP<93K&;-13<;_te?Vr>CWn2Bji^?deex^*JdrXsSl(MXvQt4JHF@IqF;AN
ze&jR#ljw@CHSA$OgayzVXVoVflg7Z6jjaG$hPOwk(}|_!7QV={*Du2FE{w%4PHeSh
zK1bO1OZ3j&=pJKt@>}$yUq_fs{L)W82(b!E%jkzJp6YS4`(9k$4QIjcAne^#K-=P;
z24sd+djydeQo3<C(090z<br~0b%B5=asdJ))LA?sUuE-ZB2!aL73b(5oQskiTND5f
z93iPu)IDQ;C0LOTaspA0P`)nMv&O&n9Oi<<tWrj?k5*+n=v^e^0(mJf4n#NskU{bV
ztGaKd+*j1nO7ZABfcfq-Kq$8q<_ArFrBI$Y6tqz~1X99<%#ByugUEQ3{3c1CJY+Nd
zzjsJ9CIqE*Xds{yl>b@Dl264kk{Q$m07^)F=^)$w`I<_CpStMM1MWq`#X`nG%6kP6
zi`uApnUgoJU9Nr39&KS*Z^YlQCPDwtOVD8zzx$K!V=*(8!Nv08|MC4s8{kF<+bzIv
z&#`j>xqzc=c!}G&yt?X2`$)Q)9El4NMz}H5P7-e_i-$M1Ru5qcf4CI?1c>c@G}c}u
z9sO%&+O7q^sb44Ht9q)t{5pJFmOCoQn=k_EPVKlAAlVT(cov~L)q~}*bkP!Kv?vKE
z6M{nHF{-57aN<MJgibZ#mfj%9a7c+EQ9ij@yB;Zi7S7W);*>4or2scaJeJJNg~N0C
z*-NM<i?<34y*`;yZ+mKN18nYW*t7X;%QtOrZUT1D%A5UJxTQ+38Uk9ayzKWV6u_L9
zmo-2h0F-=kdb1R%5?Y4dF4;OG;3-kR|A++&Pb^r2u9WUC5LR+aI0^d`q=QQ%kTa@|
zJ&;L&OfEl2tIvv<{Tnz)PJYeCHkpC72HY8J<z;pZk<^+Ar+X?lnYp)W!*i_33^b_*
zc3cQ#?G9YWc$LAyhk}$kY8c*Q3$Wk%!+3og235J(+FDT+4!!t2tN;3gQU3_eQYT>4
zs?0S!09~tLfA0kHMS9~0G}4ThhdTB@L9jCV5M%wH=G6E<&B;cS15ly`>8rEc@zY!7
zR9BZuJ}i|&ogKp2U}lk6kPx7OLfM!+f=v}HnpSIvEVXJ$<^&18(cGL8hsiB`UN}f!
zGPfYg-j37>axGI((v`Bxr%zboIuGvjbE-SuYRgsJm!7x3<1_Q(ce;6ac8N*opAw-?
z%kgX5ZBedkrKhx!6oAKNO;(f|I3a0aCTBJz`#5y4FFPgsj%vQt?>!NLyWbo*edD-6
zc+O5DvA8bU$vlT0R~DN&k;?!e**c7e#+g66P@}EW247q11o5|ECm0p(<he2kR3KeP
zm%$OINxK@jU?NQ&(b6=~=&E$j5wOOq^34&SDsIbKR~=fz14QG>Mo+0~=xNa4#p1e+
zs_f?ykgBzb`QJ44Y7aIPOS_j=aD>E%ULNe5YHY{F;l@aclT#-11^Sg@t3d{leq3Y!
z844@$$taDfW*-?mZ<gjxE}I;?lFh(I0*;m|6)S4At`H-&6K$-}EN!!=n}WdXuuPIa
zX3enrE-_Ne1Wd3(L$V2Lr47ltjN&sj!XDV)pRvZ4vP@?}Nta;D9uwiRk}mvKlnu08
z7+bntM+Ym=I$E}(m^OEg-BGe)NG3J8Szl&Gr~$WpunLra7}JPZDO4s`!Je@Vk0&D<
zc?7wzwCl1&reCol)`PBc9caf<L)V%PQnA8LUTkNA1rVB4mczucU51r>=&6eM=Tuf;
zv^H`^X1E2JZ_hZE;)?6en1YJ@&8svfhGC8kgS4TwN|mRzWJ~t>?3K3ZR~~8Rb=G7A
zLZ<E4m$;m?q6hDngXT~<zX;+OJ7!n$)=r-9Sf8ROnyyI6P_|MLs_<&0(VHxWkpP2a
zu&#Gq1we_{#*v$3$eFmZTrDtImrippFJeqm@C;IuW;iKD6DcZe(iPh6hwK;Tx2(Vv
zLfSY$m0?&lgYKwoCNm>zW&BQDIaAxCHG3QyBq33;DtFb3bdhmXo&epjYWuZGP)eRI
zAsW@B@XIR)oj#3IScqXm;c|Eem}0k_4molZ34j<W%83n6vI|6PC)gLhhpdLtGsvx{
zAYoYT$ZJoqo6MWZ8c*r*7-1PW$+T4!Okx)BZvv4ilE>O6xtR@0>)Vv=_v$KOYZ`@V
zXdz#eaWt;2Ud&I#JuBa%@R!1-vrKhNqRqaTpvVu}?%{JBvHHXG22191Hp0wI4SwRV
z1b~8Y+4>!ejU5|jR3cS``pc=4BZmpa-^emnf0|V*Y24iSuG5e%cIizUYT4e@7bBnX
z7P*JNX)*nr-FNf3^}RA?qgFewk9wZgorA(VKJ-w_#HvP|V?U%kF|OFy>#JRcYjD~%
zdhcOH7$u=>wM=<mAM7t~!M3CJ-+|_KNkCU99TJ^6HrTGH!^%0?HoJcM0(4;!YvqDY
zK{qmt&fvLy#6O#sA_`qqDXurY`aabk<FOS-#5f<G9udxQo>An1R_Pyb;9}uD<)%t;
zmrcu&Lv?bXM4t0)?wrDxUtU$xgPQyw{5d!Ii-if`qfR-HUVZXyi`%j``qWq$Yyhkr
z^9h*KXIlw>gAzn$yNb?`MeQ}*5#bmW``kRl%SYmON#Y{u%@)%b)pilGws>YMrn^)o
z72(Qx80+ym5kA5)g_On7^7x7q^pZw`>kLPTM*%g?wunOMJn?T4jz#nAv9XW<!ymY9
z1NoPEP%0Uz4qe^e`|p#&+4*3Q8^FWgRnhjg!G5WVskrX&blDLi|1@XrZJ96GsNK4G
z5!r7IwBlaWtCNRB>0lBd294ABvqx}mH0Jj&$l6`ca_yqgzll&5iW!Rx?@4>5nY}R!
z2{Z1+4>x*B%gW3;fYce-v(ZGaY172!55^|2?!t16KT2tX4F*MZu&G}hi-3tAJcAMk
zqO9X}boE*Vp@Czy^gl98m<sb8Zr(|~;MQuZ#px$c9S!ao;=5teCgbH!#*j3@_!Blx
z^B(6u!Wz4ny<5zQ+yE*;{}6;#*_G2pP8AXA**ArbFD5?P_Af#-sPP&@_4{`f(>k$o
z*uw0=oJ?aYWPlRp*A|UaA3(5j#^e<dI>Z1yQ)XPj513`Q<WszCH)=tPfGHW<wc-3)
zye`_Gva><u5g^Ml8nuuRJ6u%w{Y@|o3H%o_Cl|9OQib(a3QZFrbw^1AD)l1@z##h$
z`b=c1k;Ckv!pS&2cld?j4OToH<gNFJ*lA#SlBayBXriz+mha&?4q(2W+#`$oL$*lY
z1PsRoCRk}cMSN`DI6d_O&d>@CzdLC>m*5I>Vks}KcZJ3`+*6J5($wf$shf7I8<ths
z0B&Sz5ga|aUeYv^93otBR>e5VGh!B;_#9MLNb{Gql$H@u!VD2b*ilw!26K(4qcEoI
zAx3yr4=(?nE~ke?1E9c2o;BgJ2ZGC%%OTW?rZfZ_a?fO#FoH#6%eUSDZ^4hRu!e+o
zY^y)y7^4!CI0&u$<n*X@GmoyS>TD`sdr-nXYZgP0?4vA>lgqM&7)SqIxYyYp_GP9>
z2Z2<B1jC@uaIlA<Pkb-Z$u*yR?siA>O6Y@~9Lk69)3R?o1wb)2x^D00(X~{+_XZAh
zGX7J(5E+(Fi<b_(>q}yMR1-RH95-BvXf~ZbHp0Tx-ac#1XU(=#{2-3(2z#%nv?%$J
zWDc=63TME%ZW9R7NTBx?viMAJ6j*cS6I|-Wx>>{wk*Fm%opt#F=0UjASk+6t=Ig28
z^H4je<I&9C1!%{v!RNR;*&pdpXPs$jbULY73CMhj(QiL7D*>YN!*#%HKn7cHu&~~O
zzzwcW<UKja!5}hEw|aY!h-KZHY5qsC3d=Hl+~dRg<;kd`20a|p-b&PfZiFULcz9X;
z0ZRKW0r?fgWWj)c7|yUW3+ak*C&U^|J_DPnr*{x=2@soKcewKqJsrfu0DXWKCDQ#x
zvY^LD+Mu3Bl-S2&#cw3qScrch@7W{CA|riaV(Z>G6LY>b%&{lS>2CqI+(Jbd%T=i~
zV5(w7OYD@5Y9=Uw$W#WVj0(}vjvZIIrLuu7qojt7e`E^xIy${HzugdG6jl6(o?*tZ
zHD)oU17Jbn$p=9_qEpgo4WcFU^ywSq<JOzV#8gvFL*8Om1W)d$LwDSxp5GT|<qmz6
zX38C$sCvALsqkwM0dvMRIw<=rA<li$Gacv9@P3Hn%$L?Ao7+_?jL|42DNC&TNWnXK
zhT|b?K1kH0u;pq@d-~vrX;tzQ!@ug+<n=G*9KeVN5x$}Gbh9RYYV@uVI`EWQOmzsC
zv|Kn(EMEoI;wQAdOPJK|_$>y^2qzo0$x0hXYx9u~n15ckpizus>q==AtG@tm{XeVr
zvSityp14Z&B+~E|sCs6SxKz|+2Rdq5#R6;pZ20RSHz0utoa^~&=gOe00n1mgwSa@P
z8{i;Loe7Df`|0!@q6iXI!Lo@eHUk-22?}4R?iY27&MKf+-gI`;b%|rFM?W4zj5=fy
zfR>6EAxk{Y*Pn;ZnKvk}7EK1~<EMZ6@fLHII}_cOZCQ{2TN=l1Ai^1&`IInrYUPjB
zy4GPc+IljwjRP=(EAB2kkf0xP3Gj8R28<4T7q&c;+e`<2M72Dti3T~5pv;z<j2^{0
z_>qC2w}vIpkqmerTJA;*^{X=Dwb`E>m>*Fssjc!7b3guY3MfI8ec~)`MS|MT!=y6V
z6*FMV4(F=Vklimy-=t23rJ?s0Jb?Qz+{1W<2EQw@2Atfwy=HyV=cxMQh}XnQ0OG7a
z@ikeTSfiMBhIgCp`A_2Su{uA|xS?4>pAW-VxWnSsNzpvalCh7*mF$M%nMm0(*F9BR
zAre!7;~$>Jy4Vex1*cc7N_~Z|`Hg_`MzA<a11{g=nz3ii;U*geQq!Y8S#t8w{le4W
zDCH7U&4PQThx?8UA~!y5AR_@P0G!$uWWZ^|z!I?AtuQ$oY8v^m9F<A^Zw_C2+;arV
zWN}{l=><!_^3RW;fJ4C`L(O9WLm&nG)z^4#0ZN!ohGx4!COsv#3+;9^Kg%D+PmREL
zl5Ec83v^L2?o23!E70@XPsE%&3phgDZ$kg-dl^g9qZ|>FEm_<;lvS@gz)s>-;No!@
z*0m{*Phz;Mzg9t^m#GKG)W0?nyn+m$BZeRmzZF=wffhlpfqF*RzyOFNesU5=4Ac~?
z_FCE18|kJpMFjTEAY6BX3{K!Ph#4CqZj_tVjD|Z1g?P>|6WcV}G5&Q}Jnr<ju||26
zjs`Eub;@v}Y{(T<K*?|c;5Qs)h&prO0v?vjTdgV;%bvr;)WF}2A9@jSIizFQca`pg
z+_m%{JJK`dlc-$*3>sq;Y*Y*I81S*$LA|YVd?y7C2F@D#zs{k`6}0?j1<~5oZNtK8
zpu+-vvH|o>fsLXX=Co>522@le?{r16J;{ygPJ7HH+M2ZxLB+!g0I9##s2L>g78-KC
zxyn^b(2vKCW}4OPyR@T&>!!uHU!BYEus&83(niFFCn`$^8fWVdQZiaKy5x`b;)8;e
zfOtzb=4}eF&Q`EM&_k#giVSA%;T+2xG2rG^THu_CRCqBCjA6yfMr0}GG+uK8F%WG7
z<Am&2>kdmQm0G1*z;db_Oc<Gj=uoDNRmkq3rkw0FX$1>|zdOqjen$zPflyYj-BXuu
zgQ=01>-i(SR<^!!74`4*?6C%_GZRnxf;^ONj1w}ms)e8vq4hB1gxm1po}N;$Va6D8
zhBEQ(S}MCUkQ97bH~x04*SPn%a1(5x@hbt{DnFx)0$*$u07fuSxygoeR1o71lX2>Y
zv6aEfyOWs8Gum-l;zZFEr~>K5AlxQAxsm#dR$KC%bcEG<$t`ZUiW+~!FEPF<!>G#f
zbiLiNM~hU3g4;wX%^7)4sNm&NaWW@5F(%1Ul!oH{XefazA+zNB)8q^X9nRxR*$ild
zp%@%|q)x*D0BL9|^DcGs3kAzQYSGa(Qky{f9v_Woc-_XZL+2RiSW03M7LhwF){>5s
z+G3iVD;9M}5ZWz~TAK0@rqyeFDnp@^#9wv!VzqXBuFRyOD7@+MdGrFqxU}~4lk%J9
zciAT(y(c7M{~*7k9S+H-f|UzAwx`9F%)Q2offx5r!0O4)`A%w4&llRnywD{hr{rol
z0)g#iS^XCscAP{xH(Fyy*T(gYrcWHo%|%lRL$!H>w{G<fZS|w^F`F^@kv~4rcAbEX
z16F<;+`@H1fM3E5)Z6S_m-FL}e`i%5|1U{G7;rrQx}LlnuL%BeG)M0o#CeMh`3J8$
zk?uSrfHzz*sC68K{KIHZ<%bb5g&b}%BalXZ?mwv{;ED0%jJ9kXmKA-%YoLl?W<C^;
z58v?-emnf@cI->LLBP!<&c9w9NFC@A8@74CNPuKFcWhn(Y{7}>OP1sfEXfaSsft^o
z-<@BwuRGct_;nR!ZC&Cx_;FKF;Omx4U=9cyFh|s)F*)y2X4RQbz60AW_jGCnIRU1c
z5#k-Z$|N}(-fb4X&G@)T=<>LV_oa8G7cj^5zG`)k2G+9H{>sM4&j5iJ$EF>6qUKV)
z<#JcOs#LHZ4<$v*N^LEeY}!K7h{1vh3Up@;jC6*}4atK&Jf)9TCQ5Nci#SL0%lQfk
zaBI`;{%d#xNWmVrSY@v}udLn2<%)lh#f8^rXk$s))CO^O_71&(ZDX5NZtmgl03PG|
zD#v59M%00t9eQShcnjfpmbN`$#|H6jIC1%gp@7o;mS@n-*yz~G`egw45){D$b43KW
z>}a3nqh^4zI^OL$enEEM{k8Gf6ZE$bVCgZDX$)6{ptm%yj?bcpJz^Eo>tBYx4bG8v
zhFbxhq?srQlvAJbh_Wx-1MY7vw0qeYI%Ijo+++BVMN7EH%R?_PKN$8<(5h1NK)8rq
z!hDVxD|+$Z<b?mtScB7syMIELa6zU}F7CzYjX%G4*z}4}FY?}ZCW|j#8rI$_0Pp5B
z3*zlWk(R_E!2w)K!c8FW@#VoT0I?-!zYY3*2`r57^BJ#?wpqMKhx6IAu4!PQqdq5G
z0sYx^toV7JtZq@gKzj03govg8cKS{aczVzS@h@M2U<PI#;p82qi|;PcE}}qV-MsUs
zVJJlIjJ#gTq5ru)4L{_b?t$w&;L>Pv8l<v5&pixM2&yvGOYnso#LUkTwVIbiJ%y(V
z)Xcx`gdR2JGiVOm-}W~~whBtHJa|hZ%jdD8AfqDf19y<HbdTWG1dfB&6P563H1x4S
z&LHdT-&M#rVXCvxVtpTY)pymnKKdrda<!rHKfbS$ZyRKhw+JRCJWFYZ0KzRX+RuSp
zR_J&OQ|UYS`zGQ*9hbF10px;F0mi+r1H3k;e*XTxjF~<;&sPu1K^uHL#h#19X39S9
zL8sI0X19bq*zwnQ6?o29m$)Aa{BwhX)=?{dl5PI{U*DzksFaXsYbv`pYMbxvAk>xc
z&-m|G&-~(#Ic2vRr)Zd407z}cQXmn$y1yo>gw3Kg&s2*cg2E9cY|0T6nL@*;*4G-P
zt4AqX1uGA%EhkDJ;Zk)CHMZBJkZmj3WzRxp?q`NbNG{G3pXwi^tc<2rR)mTe$0@WQ
zsU@IMgp_rEsj8eOw6D^_gV<k2+~XS&CN)fih6ftmM>Ga|vll+O00rzF-P`K$_4Jbv
zDc8a#hn}acF5u{c>;xrh8z&xIW@QrV<T1MH#dl`kL5*Sa-S0;6jhhou1ZKBTSHA?;
z!GJcwLnPMwstveY?a@Zr_Ff$W51EoeU@uXyf9IT9a^r-JYj>a&a5YC%p5c6eJ~v$?
zPq;k;e|Wuh8~!AE0=Ua~PB|5jxYD^a#!j^@1o=6*I3`ccEux!nXY*aceQ(_L8T0UG
z?BBYFy_9Q4ABrDxP`*<h_zo&os)XLQ3T~2Sx2?;3N0xMklF`7|*n`y(1Np>CVrl5f
z)Xy`CGqZmn)`{PtDptZjyYx#o)jBmwJ|grB*=W=lHT{l}03Bk%tRdo3w9v4>fP0~4
zi8pjX&c;FJkTxnCBQ5LK9LW3%{Vo-Nrn7;d?sb5AWt_M}W@fm$<yJ~V*`zUfHSDvK
zObtqpgZ}g_eiCocrW7D1%EvLyiE2#wL{8lCiTVxV{hg*MEAWG+4*8@!XPkG%=%j)t
z?eNV=%KQ?m04zui9>fJF6D=fU4gC=lRGri6Ik8M){h@yCjkOh4K(VS7%U~RHxMS>7
zGRly$FaOM*nB7$KFR0%Pkk{(Je>ecl{;5l8BzDHw?>5}$)##reBUS>d;SH*B^ft;6
z&uQ=&k}*JugUxA8R$j}Y=E90KPkijBBfT6vP#sj42CR>T)$4P?|KL93_<f>4Pps;Z
zrIS&}W607q|4zt4CJ(cqw@X(U^1iwavHTd9hcJy3V(jVn<m2?ml=VkM5IU630~!7>
z+<-)iSC~ih&Ma+|UtE*3KV~^nA}Bqd;Hp&Y75&HPvn-vKXtIqSx6zSqva_*_t4TcB
za9`ln0dP#Wky`~`#~w9pi)*a)%B8kqS`}=IM_<v<w<;9SUfXLM*A>$Ez|*(Xm6|=b
zsM^();e5CqwGkF-`-EIvQCf9;nKTdVNYGv*&e43tTef_ObxwRUY9AVEUuue8;`wXe
zYRUskz}h)p<yYZDZ=7+8XW{j@#vb~))*J#?a(l>^L7Zw^yY_}>W_u_#J%l%FZOiH`
zwau$PQClnJ71&+m70_bXL+P#mk3n9r1i25u00PpZ|8IP1(vAu6Ki|r&Y|;yJhCQ?u
zPf0Ve9kCpX6ei9DP-s#s5<GBL+OK9L0}K5m4fB)G3=TUdAu)P;s%RZ#%&n*>nBVdw
zi6q84Lf}r2N=`yT!{AEDiLZG)EYoCiByYXrUZ*=Qv;MPOF9qqhTwr^w%e9V^Y^%0f
zFYoU;>Q~Y{0Q9=}rBUz8tP2x+=YA>8+{4lVDGqxVK08WVS`(M1-H8yBFZZhnS@w*I
z_($!?m~B;oIZSzNP$LP?p~JEotsZxHtHsNxQ=g_tFihqzbx(99p5@bGTb}FU_x8?B
zc?+uO%gfAF);ieH>+L58)&evTJ$rWiCJr8G9ixIQz>UqhjLu!ib|a-7JlxuO+Oz6N
z6G~)B6<iAS)Q;J8t2T;yW!-UMPS@3Mi+tgIvYyPRY*Cphx#7n1=A3)&4bQ2KjC%Or
zyzQIPbaL%Xv`!f;3F+)jB7`nm7=LC}%TY4hlkeEMtwJ+N(%jw6hgCKgB2B`TTUQ(H
zWOxv#0m#hK*KY5PR@X|Q$N0%u3pwF-CB?i3`%gR>CA3zbrr|Ivu-jVl6L%}L#keDv
zeAw!$4%}&Vnxn_*U`&w9sZ<hnNWiM&tKCFFZ*_`DEWcEG<>8Dm%qLf+V7?)^G=hhL
zvC37biZ0LlP;t^cWMhbHVAF7n3@Zj=_&2-O07-%;MQmN3^_EshWqV6NX$3+?J6Mwp
z3eGp()yWZ?R-m!K)kt>`>u%aoK7|lo&djhyTEAQ777v0|b&0nedH3%uU<=2L(bc1y
z*;sqmdlrVY!53W~RE4q`K-3L$29l&mIpw3=^+eH<x?P#4B)KQ#3~KOww2&-JdaiOs
z0B$)kj?l&;{^z`*TCDDaGcj3X-p|8ntAs-%-ELWE7_vDi5HqKt&BjbTgE6|}*;h8d
z*@M6H&=>LawFB&wEzi2#yJ-So|5}Ht80-^+Vk&R)?t|MWA+$@PG@@e0)1vBWSn%>#
z8N%{elzG+J#8>z+wLF$r*^yWLQMauU1z<Al<KMPqi?Z7pND65B$!1)Pqns#<ifx!x
zqb2`htq+#sAcBQf57`)3juh$z;RDu<TV;-M!Z3_iznThX8aXn;+C)*O5J5gnQfE~D
zhhB8<dZ+N%Fil?%5HXXk($?r}@wT(kV8<RxHJ)c6i&||^6oV@s@lmaEFbuf41-O-X
zZt7PX7~K_H>CuT9+u>kCH%i!C_bmNW3vRkwe9D(KksVx6p-XvMCb0}BG&aV8Z!ZvX
z4e6qC=TaKQCAtY5p!VE6Nu^MAk?&kLvcrxyDOX}R_NPg1>AT5LpW(V&u%xHGMY!#(
zG9Y#c`uV9z{AmgDkS2w}lWE@&0NpBQJHuc&b@_oWzkbJAus|@dINorgZopou-t>4H
zpx2JVH{ZYdfpRbvt!49E_vj<tj=s}u#UR!<mOc)I*NbBC%brqf_3~#0$!A}IxSz>M
zcYzaDn6lcJEaQ^DU@dieHq0z#y#8LwC#cZMQ-qQmAMd9;$Bu$KSQP%I2Ka^<jaf9=
z7rRg#g}z<@*{93C;;GcIVh6tlH7Dt{2gCQfaJaU#v|(PJrWc2FyfS}{It`rnco%h1
zraIPm>KLgjY4VKI`;eDBGi=ds_=ZB~$o0%%pCxb^Rfh1JLm(1}$|E2&RL6nGz-e=u
z+HT-BLEd}ZRK0yCGY*q_0eE^xT25kmeJK!-r8eo-y0q*r%ItZDC((vho%$T#AbOOR
zF1l?U>T+5Sb!=tYdL5XphkKrv1X~p|qBbR>?3xS}p(6tw<WShRlL=t<gnV@hd^cC7
z_uVLZtL8YxH3v*4YM&*6B<}dAtw!UH)o88&0s(`sz>IJmLp+?K0EjzMr*)&x-^M1;
z9D}KO6S_`V@#qfK7%B&Md9j;o8+q<8M-qSX7OCy**^%pHI`sAGRBO3+D!#eZnNL0$
zy{st4AB`)qU(rcZ8@#XWtS}bD;8Cr&hN!+E`r!9gJ*@}ml<064XHfdmvtF8mtl94%
zJA>sX+AE+^Ka(H%0GqVUWkla}H*etI!pmE-E>S9Rk$q0K2`MsNOS>lUe8=eUEGeHJ
zyo82?pAroxr<1?8pgM02V0!KJM!Aj02^79@8PyNKKf??8+6K1=cLp(sf1fE|NQwPm
zGD13{i(8EmP@;Rhn92@w1dZQqG-ad7yhoO(H$Ul|GkjE519GCyD+@m>V@}n$zM2-L
z(1R>#M2x=Is5?a=vJXPaX~?VI-=dh*&|%llZB{d_A!5@{Y)ZCLMEstn)tVlWO3Y=z
zclpJ<t1bdy%5m<Gij$s;by705k^IdSmn%Djx#BUe+wDX`hrrVg?b7`JMAq?@%d5hI
zS_d9j@+DWM0=8Ip4wKf~A7LPtjnyc_<q1~T$5^era<Tfz^3yKPeYMQBCREGny&f<0
zLYpY0eqXCl+<A_qY~`mVw^<+2WAiNL9+-3U?5*E5Ojc$}i<dt~OS5N+b-5jeA?ll@
zfs51_2UGDr-pimuetgoPYZb}EmM=#QdX}i55vrCo0RkLTr*KCnghrk(u6o?*E~OgE
z52vNLvAx>Oi+TTER76COo6O!cznnGb<djfixw$t$TAu4PQqM|lkhf-|DxOM{@>OWc
zTzTqQT~=L^b4c&K^0&>5E9P<c(&c#KZ$|FeurG^4RL0KQ(aay;i2(}O>eX0}f02eZ
zvSe*p0m`0W2yKtE;jCCDEM^lWa0RjG1o_ukk6h$L_-}z;B@Kd6U+H#bs}oOYp)lFR
zJ+7cq@rSn1A({Hli7-MCjg87bi7?>zkGhBeE{gHwZ!Ra!6J#Dg@Uf(t7}u6~L!WqQ
z@rGi}4Hi&xIC>d_R?9V?>4VrJoHj_X&YT_sfR);@0y}|BFLMR}Y$2B|fw;uufKWHZ
zh8Gw*<Y$xmR;)eqdTwy4NOu<#&bE-X^3*Nf(10X%yx0U}0~Jn%<wQZB57KzVz5^Sr
zHtk?$mzK?qL_Reh%_K1{&8*QaeL2nu8}b9t26!Jk4pY4H%2^Y!3)n|tVn0$X&yw~r
zzyW>*!lsHpa+tV@y`38;qad{w23+{l+v8<3=%W8Dxj=9TF2i6r7UnG;k>+X?=WU~I
ztu;N7@ad<VlML;w;`<fJz9_@X;OOtVk#Fxu|5@--oiUQZ)c%a)7}iKW6}v18!XC$V
zODcNXeqw?X8X}ujrRC7v6`YeJ!b_9~;Fi|em&iEIvVxce4GL2jc}As{uD}%UECCrW
z?j`|MqKMQp0S959XBiQ3f1ddBS9qT26dnO$2J#^g_pnhau~vH>wRZE^S%rTR2K=E1
z7q80KsEIlH%XIFAMawXNueF3kT&qe;=iJAxx#iyEVoLiVExjw6x_?)A`f4T#AgZX=
zh##9G6;PFjJ0fs9BEv;dcYmxp>_37au)v-kZj&N4sCpU!BT9QStTu01-c5N?r}U?`
z5r?g*s=I}x>|{y((G|V|)!CYVk)jOaT0$Iep4vVFi<n_qLtslJj}M3WECRVD#Z|-_
zd;1L)1y4w%yihy`hiURA6ggHE@Gc^bxviI>LW?y;$&F~p4uB1rm-e56N32@OF1!Pf
zn}>mi#qS*{YR$_X^RZn_L1)Y_wUd;scwEAwQF_W*yv`uI*{j+QCTuw7`JS5S6m2}N
zTUalZ3OjbhFSjS&hRQf0@=uKG?BU~;fg?DJqQAo9E&nCvt=>PxivXJdK#~5nLcj(w
zFx8<j9fY^!4EB@Fcf|>Ox`2b9Ro7vatpt7|%T?5<@UVPkaO(-<D37=FtioCOYjdFl
zPpBrKssMa3dchPcQ1VSR=h1Tu`khfJHW&c&VgKYOd<X*GH~oSg3yb#YzAN;v_^xpj
zIt2z1-f!3aD*}5wg@FImvyYAuaG3An+ZP;6s@JC8Q&tAWzo&kTmb&?SKX)3Ix<pQZ
z7C`PE4obK}&TOL({>68+3>+QH+#88`obwGV7S$>&=Gjl}ci-fmV^M&T`W-d2=Ae=h
zR#Ekx$^w=rZiW7cE$ByzHs^%C5*wQUN~G+M>nB`I8W%obd^+<e=A5l>s-Lf@-Cmj`
zT~zffQYl4F&SbB?^gR@d9ex>AyU3+<)iOoy;YZXY`RW9k`@yskCtRt~yWR0ODEy1O
zQACu_*sY=wx;=~Pq|D!B>1;0X!5R>BvicHSdJ|l;65NCP&k<NouN3^w7{5-zu|(xw
zo`(uoTM;EIhu$8{i1<6}IMD6l&6zLSvr!u^xGU0aIn}Es+dD?$eD-{4J5j|aqcCaX
zQU^Zsw^rlUTj!~}Va4l9k=R?D?7dsznje^{r%|TaTf<&~zyyHc<lSY%;Lm>}EXhF+
z;6rf#OgmWrop>13F_X%mk|De)0jnaH`y*Xyf0x|m)v0K9pbGP$V1m+}JUU~|5y>{a
ziQkEOLorD_|HGX-uvHT^C1QCv%@QE?`tkGwog2#TKO7v?x}51r`U6j1&~*)A*LDM8
zl}%0Wl1ibU9X8ZSEVqE-;QkL7fdJ0YimT(%Mc-1=nI)!A$D)8vV6<inu(fCV%~q55
z=B{CbVJqQ{yQPd$5i(XzX51n%a<5h0wt{;}&sd!6BLG6I$feLlkq`P07(xC2zzB!f
zDQ4zxC1aP0rvr~2Mh5kf{QjkuD=C9XvU`QPTI#V$Ec3p)yFpg-zQ{xVBIUlnyG8}{
zsW&*>#5QI_qSvphcE`Mo_LED0Yo%3tDeLP$SN8<Eorx8-^*bE*3=4ypDez+qUC~6!
zxyuc!%S*u_Ufxm_k4vWnSo+abbk$(Pn)V!j&0NxXJWx3SC0C`VGyc~05wH1<$)L=S
zPkYBGQTR_#!n*U~!TO(N>h!-9i58z<08hMSH~!U+-^<ot38w4%wtqDn>zk`mKl{@X
zy`&m}wJsr(2&=CR#k)wY{@%<qve;;K!^ED0Zj_QWN9I6KQKQ>g;<TBY9Rw7}1<ob0
z`jwRw(@POTTPbfev(elBxLBxfq>@YO0KT7RI$r+8CHPJS;;UA7ehy$oT~pg70CVRb
zH@I8g9*gy9yrmW@a@%s_iKWk_#Tnz+R@3ZLwsa<?u2ZK^&9z$G7^AGTX?Tmtqt(JA
z))xfx3u!w$DY&s_&AL;D*cD4^S?u;ZU^|~H_uq-a+_BI$ve9-x6&4b))wQRwS5)Tl
zmtL?IM*cRVrExV4DgNE(J3!DvfIq}d2?`e+I97UdX6F9QF06GW3*M)m`jf|xz7~L$
z#uis?;<|it56jV(ndUV7>n#@F@Z4tfd)WK3>3JnSMoTl_xG$%Ub~!~Nvp9>z(liv;
zH{F=cZL@m)(mcsh*fb~Ii{)h5i?kM*N$dL*8(I!rEuC457S~fKES^Pkz&#ejR)@*X
zHPTJr$QaJETM+-kJMg=IewYjW&GJ<P!Q=wVpp~ry57F4-hC7jHw53!6S|w`p^-n>Y
zFuahqv>P$Z`~c4Vd?ONgd03x%2$f{ZryKTG#kii$YMlY2rRxlAC&D&H`V8xoJpWWl
zu}!$G_;hP4;#&6#{s&em;A&H8`$onljl8^|rA9a{dkdrRpC3v`2pz4GSG|COQ&hl6
zvy~j)ol4ZEf?RUi)eL<LF9*#UeTm8fwl(qQie=F%A8D)=Eefh~o`uVY1i>okV$xeu
zJ~tTW8Vy!Cg}Xm<1g<K;<x+bSK|_aB^wJ8{ra@`$K+6UOBn!tJAo_Cjkjbl3KreJ*
ztgwo+;!cV<J@qLXQR~jI6boxjo!{5M#?KSidN*8GVB;l_&{3}K6l#xDjJ1N$s~6#2
zQIh6et}u7aA$40${p&b(A4Er3Z`HU)MWxifLTgby*?eUsrn=IMvj61F^h`ax^H3Ba
zBv;u^<)1r^T1}t;Kz{ug(rJ|GP)I7svzLd=k~eR-P^H5tHonhw<4mm)VPBXPyd?e=
zwDJ{EuWTu(=yDl8pgOWvOEhfNMpS3ERU$+76mH45JrIT?T0Uz-waSk%WmuW<Q<eI>
zFBt;#(b{*d93657gm0>54{or5g)m1f4)$o5HHg(yY9%5Epl^eXf?wArs4%{U2<1m9
z-o(<gTV@}(#-71sx5(i#^ySGbhTeGF*W5pB;Wco>VY|TVa@;M>H!G(e858BAeC`03
znLFW9yx*4x>kqfTiL~45CKoKCB2OA#NDl2bQgFQymKVX<vX8mILx2#5J4v$~r`W%R
zcga3~H?qeD{F-KxhCD|I8kwYRxtu+LVHZ8q7AH<l7HPRh*tvmIj#G@mz`Ic!V>ku<
zt7<2JAb0@FbZf)6HJQLGgertn)`g@Nsw>@8&=pkj?T_JuxIKxpt${)5(Bwep5N9)(
zO?w-jZMxC?i1fv&k?QnLbyR#5>WI>)=@3CsoM%W35YXyX50&zU73UsqIVuZ&L?W%Q
z4=W-Bms-il3$(L)F#if^Iz^FGka(P(9}RkJdVJUd%HOOX6@GN;3=RH7{cTKV=5(i4
z<ClKpjvkm`kZ)kB$4^bg-UoZS?iJ;cD}L87-B>H5bE^83e#SEOfwh{+1AA5`{0K(5
z$^LEzU?<{c#AW}gPA&t0Qxoo8V7E@W{#og$4L{S+5@wN$0{;e$@gb$o;#kJZpcP(1
zhF6rTu^MkRMLnxKIU2V_z4+~}s}b(TSGA!H(GV}nV!vjBPruI3!ee~IQps1k{yM+x
zmYNkl!YVqUNZcepeJp3&OsN`j36^(kn*2KpAjiGsX3CQ41HW94wCyFYR}M|RQ)ul~
zelo%YM-lJRRz>Q?63l9N3X4%DB;y{9@7r*ln!cW=;88`7VXntzz2z!<B&%>b?`*P3
z@1h{nN@+DnjJ{ae<=9^jr-R>goxQw$UOI*_lV)GUyGY{UJmTD#sOsk(*kcmcuK^(s
zC}$-^@%f1`sWE~`(XKZnkdr$|YPTo1>9RiWbd9oJ!_fI?2L>X6{Kk1-!mftLXlzZK
zpZ{~twNo~CYOeNP>HUN&<Q>Kz&prf9*cr;jJWUMdrp?Y0yNEB%Ru72w&oc7Dz&43<
z3ymUv2g!jh<lqh8QX1PaI|8f8Z7Q7s9JN(q!18b-Vsn*geJCg7o>rHgX=Pm&<vXgS
zw~*?Loq3(RQ+WjHn|`NP9;ww+J$6B{b-TM~c=<_a&kE9zJiN5`yfOF0@TM#)tlbP;
zt>xBM*DYxL{$f)tmTBGrW}`%V2epie*ohU!F06AV>ytMS8OdlPJpH|!zWTZhDCU}m
zvKXl=@@i>D&Op{o%clhtXM>af{Qf4B1c(AAD2osuE#eA%`t^PWq_}nkbLn^r+I}$)
zL>emmsVyf1kXwqCWL0YXa7#Kg8Vs=H)|fgny>JM52Y+L1m(b-bRt0hE9J*xH`es~o
zhJAF4?HaH8<LYNz3Wk0IJK{<J)<ggNL{@DGEO@-07Injl(NYzRQIp^oGA?+DpS{pl
zo#jRezGHTSy-$G*q-3FWsKC$lIg3kxd2zjiKHdg_1>Fl6g?JIV!SqairE}pF{+vL4
zGI}E}n;@-+EUE@bE5fxp;f5mVj|NPD8UvTkgB&JSZ;m&-9Z*(n=6pZ`KFmJpLQ;Ch
zDz!GfG#IVyvX*~C_bKjqAsfDcM)$_yy>|zcgO9Xo6dwd=Mwp+0?i5C8!nv~0y`0Wt
z=*@G>WLYzlU5NTA(jmh)!Q6D$_=x>MkNwr5Nnv@NkSk$Z?zPQu)FgSqal6@unUX4E
zE%wc(!aYT;o<itza~{<X0A04o`hYw{r*OhJ{1>5a=cQ7QqOEKjMi10DBtc`Ujnq2r
z2w&o{`I*8YV~ae=*Cbsbq1+o@uF?{3EDKl&K)XgO$)M=8&3FqTcKs*m;cvn@%z6W{
zYe^P4Y&x93<tj<SMM4<{9a9+&G%<1EBQ-dScZ!yia1&1~Tno7ZNYA#PJIV1JioASI
zwa7(nk#K{Jd)B}f1;5)f1X>Y~N9l-^qP`Q>=vtQq%NSJAvkwXQruXfR{Z(}7JGCHo
zZljBtwI`0DB5iU?E+^RHZXH>y@2Y*a_8z5!YcD_c-V)BlFsZyn2{`~R&2gy_8-F4?
zk;7Dw4QWDH?EfkPe8Wk7o*u_VD3~3!zA~nW{tD{ua681IbiKlOn$lyZQq=FKwJ%mg
z^;92vJIO2)V$WG$;wgzl81mw9`sY-v507Sm&pk(j3N<L;4M7YZU~uO#9?hMEh=OF`
z(}w#F{iGr7ld&QeMW96QK6*bV^_fj0T(@jKA=f0dPCo7cv^Jf-?GC8A-kvW67``09
zsg1GNI=6rihOIEGdzo}q(;3rqc(CcH3n0amV~GC9zjz*Imf*0o-9SY!m5V_6!bF&i
z)p)&eZ(D?khHWO82aZ)$O*u67z(Ki^KiMyC)ojG&Ew2OwMDk)+(Gvk}j6sf$Jo1cJ
zxF2vTl8poc+#tw5gKfy;uNRy@enZyB;%fPM5VKUD9>XmcfKfZ9LK*;9{?Wky(UXfK
z){amLM8upoMll9i;{NNyR2xGUC#&@3rJafOyKrQzshRhkE_5@mB-Nt$*2WTD@5UCT
z&N!OT#Ew<Dm<=+z`GysIR_U~#OplO$p>(L9_9%}I@I~aD+lg{Vz41QamP@}QetWF2
zaGWT9J0jXvC%GxF^b2QX^a)bId)V~6=1lO2YlGnotzzd?N(#<%BmBZ4Cc7vH^prX`
zB6<w%I-^)22zKt7Uw^#y2c=ba=mC!$V=j6r=Iun3grGuzS4<-RirPAM;$c;EcG0eS
zPibxt5cxXU%=sSl0$myD%`Ts$(XH$ydXYqmAx%OeDB1^vN{{5R|6;GL8C1b%d(K{n
zLU;VfqDf{sNupr-xFz%mv_uip63rSWeGk$6))^bDi59_UGL`(osB^u*p?_6OTQA4~
z!;k_YehVI)#Ic<a_r=&9ZXj+@hcI|;^cN2_ptlVu#-qLrtQTj&YUqikj>WZi;~U0n
zb}2rm=<4PnMaI>qNX2xSzJL+D)6a;p>*{6*<LBS&GVBL$>^I5R8rhayp5-H>XZF{(
zIo%cg!Z^tn+Ot5&m&#+kMReUfrq90AMFiVB`?At`ugjxkA#N67=pUQG9rDZQ$BJMi
zKzxM)A@4aTN$<{#Gl9Yt!$NXdzA~#)aallX*&&P%xl{4xWh9(ekx1_|F~GL`dv#EM
zRBV=PFMqe2sHGhUmUY4G7Z>oKX=mHP+Y_sBzwDsi7pn|m52_TEa>YV)vIl%g6c|25
z<A;HRIMlMYz1nCrDxuCk<A(fv3?yzA0EHf8S2WTq(uXUu7cILahlhF|)mJ-I=EvTs
zgyW~pYwf;70&eRExokwMC|QCDR<7A+?UQa74Ge9a@t8zm6+6h?=~>6((F3oGGqCMD
zy(9k<oI8xyOX!hT`~`X@3N3@MDZEDm175B>%XsqX`J1RQCf&PmqJOx_BYNEYKhpNA
zU*KPFzJ@GBP-$ba_d%CO3+A!!Pc(Y-kDuc|;|r@4=Z-#Cygh%i9VoCwRUW779iqN#
zB>}tFH4igED`i$r*xI`}bbgd+j(3mj-wJ6rgb{niZH&#B=ROv%ryz}5NE+v<;yN^=
z$Hfy3k=jRV(mF?;Y<iTV_{}PD0H+PoQ6X-UQBqel2+9Q{4Bogz>QN9rI*IS=)cm&;
zJbb7UY{+O%);_xJcis=z<Yds?ypaS4Z>@q=uBbmtLwgyyej)`<f)QtW+DZd8-O4~G
zB{3f3eLZk-L`Nk+ap6oW^8)ET;vUAJrw=-X*QaNY7ARe$kxghPzhVe#06%Ti@5BR;
z!0JDQuT~y?j0ccT>cua5D{D%uD^s+*i!zvwSimU$M+lHSV@w=0`4=G?ui1w^@zN3r
z?P~;5W7RxJ^iepco~D6?P{M}6P+Z33%DLQUxf^jRnEOjE##TynjI_<p96q>W;!D3W
zaYWlUX*>N2HyPj5DLc`{0qPzB1>gz($x7tfC;`~NhJH}5`%^7xqn;t=otmj?xoKN5
zhS~04-qS^AsW-5nd#JpljC~F^xV@jC<<0d@&vU?RS}v%H&`aAZgdRn%>kp_n$ldj^
zpg>!bAN@S&!u%o&*A}nqY{2t9(1-Uh9ON|Q<TUKob{P_{MS^5=0H|#k!~2WP9$MFp
znc};_5}nq~48GQ{nly2y)&yU0p=rzP-h{r7tn~5phf+ONC)IPmTB=*A#0LZ26-bSb
zyXXq4TC2<(AHgm+iQv>}aS%ej8k!E`AQHpiCkui*F(Vp#NdHE9{e`Q1ItjdI+s}q@
zvUu}{9~iKZ&4hYk0C3(!$ws1L(vbJb0?V&b4)T8o2|GwI%;AUzQ&WiP#^r%4-n-Tn
zdzrrLcjom%W{x@p^GoF=v&PE;a-)(?63^4m)TAE99yR_>{yY0YQZOw2cbBh0aDg`n
zgJ9o6J5H7nMTUHubdh!#=if!w^fd}Af(!z*kN=#t0iuxq^L5Sv!GFr)0q%V+GY3>~
zT1q~*Hd8?axjZ(O#t=@NHCcf9da+Tch+p<ZgZ_ZVaZnd9$$_(!d5n2Sb;OeziiToM
z)5I{8-P4qNUHWR5MNM?&Qy2={lw0E>gDM_R4THM+B8Z3BGf!04wv^?KAFm}3O&RfO
zj{w4kZA{ZDkriM1He{tKa@A>ilPZ6Yc<!FNz>_4PjYwk~=0QN1AccvML+J|P{uA*(
zGKy4S@+k^35YQsge?_dSC<cJdf9PXjy9NEi)G5k>NQ%1Xn*)totnh3UVM8Is`o{3$
zy>cGm*8@9iup|GHhMzEOQIUlI7Nn3o1>eEZ3)iRST$w-TJanJR&P=`R8uS5c4x$Xs
z@9#g{>$J?o^6md?AFZ#-VJrW;BW3NGZ~EVk6mKfLKcqs@@B~)k01+%7r33MccLWcT
zhJ1*$lY7CYl5nfqn%XVBlC^r@iCeNb5#go14dySH*+xEM;msyVJ|rX24oODFT81<>
z6}<A>_kOGeHUVh(yD@jL!D2$~PV|3EQr<5UAOoSEDjl>)ROhCDbx$I;-#E@L<gIvw
zBGaCkVezRDqU>jM18$(e{owdMBI%7GTBqlHcAu|afkixwy4r^mXwcf2#|)|9!Pnsy
zu+Ah9otqC{F$OgYyiatZkNIhmcr-+=<<MaNQ9qgdg}p{HBd#xJsrV_R9ov%rpvyj*
z;3dPou>-@DVx<Ve#HIg%6JPv2!bX#kXB%#G{?AtoPp~rN4<O+cQH@%5&#L=%mQMVG
z#s#Z((lcJakhr~d_1p2yxm<37E8`x4t+#%D-s|928#g$K^><mV{T#I^R`sy!9O1)W
zXb5(r8h3~SN*lufDmd3g14x*^w@c%>tAe*>?jIsQws%|!On4$a?<ep<l{}_<;QMjn
z_<8jyU0MpAck7Tu(qe&wi%+K7Nx`t;(qjcUWR_@Ldh?p$qs%G6<c_Dt$K0V>l?%+q
zIjaqsl$4Ue>$E{W*F~Uvxp1NLUwkex1K{z5qB&m0^1M+wRlm7M1^`w0u%ZmkTu+ey
z`R6EWK_YejElbc&Ci=IJ7Q1SVQt^37dNIESsS=9B69p}Fr!C8>@!A~KebE!?<DXVa
z`6n20Pb3m`KDg-@;jTkphM7R$jsTD$h!31Td)CKU<ZP&JLF8M?BsigShDGQ?p=t+o
zBd_=Y1{+McYX%JF7~1hf4a;a5Yym!kS0Y#j6^Pnx#Nqhsk*lm00QYN}aYY-|u>vY?
zyih7dsCj}+l(so;hlC(@q=+h_;b0cu5biVF*N$ADHWm)SB`YKny<z0<d{m(z?oK3g
zk1Ik`hxld~MDSNhxoCN))WGH&irIP?M(|1pb7i-o<6PexbUANzTkhBYwRPU%RQ~@T
zKZLB~=yZ;GtYd_ez4s<0$;`?QS)F8sV;&-*lPw)PT2@k45h7chWOa-(BB#(P;&<os
zy^^lqxvulq{kUH5ao_Lv{a*L;863-g<grHf)xsk!5Z`ysgAGLznh@b!w-uK_<tmei
zEc?{A{Jz}HTHiMn&c=$Zx9rOjuTA%F3IOYz-oMv5Da3ISRxFsaX#W6rbfA~}6@4!s
z_fyV(Za(g4aaSMbD_1Nns6hY?0;O2kS#w$f`s!ze&S)D0ExDsiODZnzowl5|MExmh
zPCWEvnPY&ok|B+d%v>+Ku<>doWH)h3i)Z_Nd5PGi@uM^0-xbK5;Zkcd_E2&0K3iN)
zt;9@AzW<jQ%w8n$2{E0Iq-rQRK;)al1N_p;q-dv*YnVvpjisPbsnaHG^%<4#_0FKP
z^6bAUilB0{hEetxzVB4B=AHB^>%vKu=T~~4=}BYjn0-ZFK+U<Wcx>$$w|L!pao@AT
zIB?!-yh<?`eE;+?cr6T;JfBldsy<!$TERsl?giW1e9UU2a;tB4KA&IXLg4sll8~wY
z^W3=rg$TlvB|*kD!@To-$kO}x*urZj6NAHL9)M6}yxb!O>N|`Vd+g`yRbSpWF~u^F
ze4KpWdC|$p)m+(#cP{%RcQJ`?xY8Og9mp|##&(sIzI{x0uoQU%#~5KU<24~GB0c(1
zWYL3`REgoQr%fjY?gXUKh6U(%cx^~;$XoWQ!t+b3tif-X39(h*k%|cv@L!4pgEP6r
z`~@=dg#9B+coSbSm#Abwgn0+AxMW~<y_K6HLDriD@sU6ZwKGcP51LHO9cvOh0&&T%
z%6r!D?HF%l#%wKx#4X!@vQrXg$}&cZ2Ez>LFu5*^%J_3>WmfDljk#40*xIAvpMn;s
z0_d{ZLs;h+)eJW2A4v+o8l&FT)LmD9-WCF3uN*^CJPCn3iATmMT^I2R&X8u7zZ%6B
z_Abc4sGe|HCq4$k-ZrgX-l^SiH7Y{oBfUCO`I`2X_@^$3^dx~un7Q<lyt<WC?0GDp
z)!X`EwQP{}u8MquX@G(4#R`IuNd}dWN3UL0lwL)H@u!-mXd-zCox1u0ivDVw*`0ps
zMVeA438OvLo+QxriLpF9Sw7lKx-O<WmLjneLfTtYo$O*obGMXKPo4NU+k51W3c3Uq
z-ds*wByMeg&Abgo#uCHLtLN?7?tNwH!n92{)NOpt^v~9Nrs4_3de{?!iu2%pdJ8^j
z%FCYzoa=P?1I6NoTPK|*?ci_(%~aB)Ig4}IZt>pH8vHE5*(kAchaW3=^ZISIGV;{=
zO?s{w=y<u;-f+|c)x(hG<(j&}mDj^R9oFwtuhBr?XPrpw{%TOClgLez%H+BzfB~-?
z7h%m!@u~(hwZ0plzKtt8&U89OM#|=xzCHGk_>g0Iyz|uV87?=~Ez0AJ-?~}JQA8=B
zr8y3r$U<zM+K61Qn%_=N(U-LV@V6h`H#yXQJtG;o;9YN*+)XdS?(~dw`d|M<UOvAi
zqHU;+c>-2z1s9k;*t)%9bN^-KOKzWs?Gbv0TTrjoE>Rk0@U$5t@mQ&P9Pz^rtp@cM
zdD>gkx)&R?Q1={OCdNd@dvIfj`bW5&=*7@K?R@bL%k6J-v_u9=>Qksn_-XGJ;M}x3
zVMSn#VFfVQaAI(Ge^?M`Bl27t5JUI)&)OT<+ro)g@Z+{`F=0@=r!420w?U=a3|5-A
zPh?Pa)Wt-nrIkMQg**!Gn|dO^@q;&#=7Oh->nwvt6i<)hMB~Ugripovpig^wQ+LLH
zZEkm&f?l`LM4Pg*{+K+v6vr}<Eo5wbu3Dh)lwPx~xrMjL^UTU+>GsgriW|9%v2gFQ
zB)FBT%!;MCt*9Ah)J^8x!~Du&TO*>9n^IoRh1dA8*U!Q$9#twjTX}jjC7ec~I9#zs
z8JFu{G9D+i{h0Lekk7hxUgswpNSoJYa78~|&Duhrw~Q0$Jn%I=!=Gp#j%KGvUYr0s
zphOm)552GD38!i+uhSY49qn0~!kJsu?F<@grol&~Z{w6Pgk!X;bru}8!`FVSx|h74
zTM2QZOuvK4p=X)7T)qZ=B1(mwD5r-jw^rHQv!)}@pyX7JfA{gFwN@ph)IK%JSh|`F
z8W)lr##bWElYQ$2-^*Cs;D#<bn8|k73J!9aerAxQYS&tCH<|27-g*DAe~jeljKb`o
zzmHmh^r>kvZ7J%D(NdJZ{3^)1y`V`J&8pa7YTEH>H3}LZQz$PZ^7|SCbF|i)8n2|2
z^rdg-mVh4iJ;{U`pSpshqIr|G8AO4drF-ncl<PQ4BwPBr?0I`P7Tr<$JU+y<I#W+O
z=zmus7Ws|in4`u#WNM4LZ!4OsI_olWOY_z1m77}_mw~F6MWJ%D$^PGTQuyjH4%_LS
z43ZwZ2D8aLUu9ds;l8}H&vwXdBx+J7-hdq8dH!YfubW_{pcmEeb}~E0iowMR3gFfi
z#U3ZC82L<9MMdSGO#JC~CW-oMvd;O}j!)*nT!})bf8;W6)9;+nMnKQR&;}BD@Cr&(
zab5}-^&=uD#ETXfHUwI=Hj<AQ#MiNMUnM0JkQ<T*Lg(hh)xTW7=n(#rbKp6-=!80P
zHnoXF$2t%?ixb~{$9Xr9BxtksqFh~t2oFJ1r@92&hr<iPK1i`*Xf8Q6jMy|~kym5Z
z_V;&dGe)@AfMLp6n!i1raI5;vI9R3vW;^(}9&ESFu#r!fw=m;rr|@u@VQkX_RSR29
zl&=WYAPoMrTfpJ@cuHelW<pdF<ZQTxR>xDaCUu4{96mroM6PRmWhM3d4GZ`#lk)R>
zr*pQax`HpR^<LQ9`Kl5nM~)?au6AuyPSwTEZ_pB?(>K!t<)O(Xo8ek!?#4ryCn1gl
z0l5kdJ?^-X*(#sTk#<!z7nW}xZV^^iCfvy|G^xox5!I$IRO_)>`Q*MKVe#Z#t)68m
z-4&agGg?RjI;rznp{G(V*8<kC#j~Z>^{T-|)pi4Zg9s<a-4aLH;qbg7G&a$19;&3%
ze@|7)<8?fx0u=ImZY);Sp)L@k6O-jUO%ZBw=3Y&v@n<&W7bBT*LeiF!fx~q$Kk3PL
zD~m8OJrl;${r*nb=0oT^{g>t7YJ6_Po<=LSR^3u{oBasWr^V*72qtRJ;v$i;DMpm-
zrPa~YVqb~a@+ZFjpevFC5IQaGT~mMP$L*mTP9Ta&NrsdLDG-mx^~doT3bK@4xR?j6
zMHip52z56^w9H-k(a|FfbPC(mjLx%~qYI}6n?T6yl@q9^(vwaBO11G$*p{xd?74Om
zVW^E0VrE1z#mTN!%BmQUk{|dr4dG<gOsKnNPCDp4GyLWRyYhW>km5PnWX{|NnKHqu
zC>_0Y#UCe-o)YOvaf)z^(rS|VZ8obhG3~3bO0#AC1h+mf7iL3kmJE)rIb~n^%8|_Y
za?IA(?CGcte`QrBwAVr;c!(X?+`|5NW{Yy+i)y4Y>9ZM-v>Tk4j!X>kyu&?vLyI8Y
zdMuCXTixczyb%ZKy0=nd&<55#Jz)oPC|lY?XP)}grkW?Is`^YmU|N=@CpWnX%SYy)
zzV}AkI6et-sL2M-LOT;-Be?q%8;yW%{N!e<FnfM9?oJHOVZJASXw*;Pty<tYCRDtD
z9P66Z7p-MM7!iLiAUPB5%2DD~>;2Q2b?+2>TF`$_V0u9}h@^uH309t)t<cpPUi&nb
z?RVp|)mM87+x}y#7&_hr=fYyi5W8!yUg_UR?Db4N+PB18s9QRUXRwHNmO4L;x^JXk
zPrhvqjpFOa$efPmgn^y;liJ9_#9sExkK{v@5_Kpev+K1>sq7$Sp)Xg@nWp9Rv^^^F
zFw3@F>0)!43N!1AlbfPXW`c=7X$~kgNT|gYKpxxpJz88RV!Ct3zF66{jl6wV^E^H4
z;m<se3t!%@6zyt-(G2{&OgSK>yLWA6m0Ny8Dm3wD(!>kXpO+EkY%CVv^SK|Mt)qRj
z&=kjtQY)FfWxr?~ncw;5t>wxT6zV8gLoHR8idq+ab2EcL!ty*O_My4FEd`qT2D7cM
zR=dx@v-(sN&CM}2-GKs422&E|c78nSP7TeDkP6JYI;=YURn@Z#kklUU^n@<hB}LUX
zh>|5^9(93L4gEkI{Gng-^?Y=*#xa;L%jZb_;M-QU;}PT-Ewt+A*Gb|8a|OHvDMNUf
zU=h{h4RMfGx}0F|v<`P`FY!Jv6KJG-Wrlc7qoqTyavkIOONQ7Ep>%9zkGOtUmp1E?
z_Tuo>F#jPDw(>1v+}Ye5K1Ss`8gr}~LILqxx(dzD7RyX*Hy*6u7#j69?*%q*%r8rP
zOlTnX@}5dKUzCMUXjzQcyr4x=56}-&85E9A?6Cj22X;Dk5}W0*=aX7*;5zhHQQLYj
z-)J+nctIM&V&7Tx#>QnXQ-&<dol;)5N6VV`!dKpQ+vnBdm5h|Dg=e7hueK%{y7YrR
zQHI~MN>&TiZ_&7HtI6Mz-@<YuFJJH?4Gp>qlp3EK>!jce<xHKZ^0_gth~_rle)J)v
zXPdLcqP1L&Jxo+R`V;W|4RKk}NGwJ?Jid6blj$M?^Mb#hEUcez*5Q0nH3ruolC<0L
znzvv;%(LN)OKhC}b#Bz@wxQPQG@Bc@e<0f(XIX4QsLRbGR;w2k9j}jvyy+Y_mMv&D
z3ad4|roPmmAL~Rg+@Sqv%8>VE1lD}Vh~|4C9a#2J@@|}7;T3uH7ObXh;LXtMcaxFU
zwl+1*W*C9|<;}Q$!R8^i#gU+%FvQ&pf^M;Mokzwf`F?uEgeSRqmXvFEn>E0mrP6<V
z7lec*3UN$v=~$Z>HpbTJ*%U6`8vL<(oGkSGLX=RzQk%e;klfYJLIm?_rY(cE_wJt`
zn^&jA`J$^-jNegqr^xz21M7}+R%}jR^0b|AW@}WzcE0Oyzc}=|Y<Sp!^QE((d`1RK
zNDQGHPY_w6OJAH3$gFkLPnS-}pb6RC_g$fRY?fC9yvuaKxXS$VblwARY%_p~;xoWf
zMH_K^f%hH~m^cOie<=_kKlSIw48cX+Mc}Y^Bsq5-ia(|RZ^Q{epj7A(lnbbaX(K4U
zs0;s|*w+IiN0~#{<BkJC_;IGkIdLBfm=VQ*a)|{H1P55xs~!RkS@yxE0$If0-u7yT
zAZCtzNaC&>;*TLYkmTV=^LzkgjW}>`27wMoDHhm|@`7LRcb=&C?SgS<@o>u36aTwF
zgG<AUA`Yxz|1H%okw4%bUJ$WwIttWZKTrkIhcbNqBu=x?1o5{^q{bm2TYNuKZ=nL>
zFT=EdDmg|9fRKQbBxJu54-AX`y&K)~xbPw^#2=#_AWtU`C0D5e07%?+ks#v0N8;bo
zT~NcR7N0>J7!&}iw1=XsXafM}UzQWfhy!JN5J>$HOreJ>D?X1nP*(?mBn|;)2Ds=F
zI8L%e4sjq3{cn=`h5%%bI8ez2fn*Owp)&yhZXA~Z-+mqaEvCkI2)uR{0J(5wM*EdX
z^;>}p$5h5b`M`ER8+XfSaK?Z=(eJ1A;L|1$Nc2#UCHw!ul8A%TfFKa^5Y&C;H*~99
z81d)K8gN6z4ly62{$qZhAN;S094yR&K)i?8x|sjiqqtY)JcvJwX+Q(uImB_@-p?HD
zo*?4SA`+1B;fC9vxes~YJBc`$^MOF(ha#C~|AyfI@3IqasDKCY_fYwtg5~eW7q5^(
f9P~dRkno}SiunIQM{zk7{PfIV5J;)~cL(%;45I_~

delta 35217
zcmXV%V`H6N*R|WQv2EM7ZQHihU^m*aZQC|?oW^WyHn!hh_w)XN^TWC39COWMjJ16N
zHnIR#Z-=OOr|^4HUXFor4ndBAcKY{BlPdEf+s@(bZ-z0MDTOII8T#+AXF&7RgJNBp
zb}Wk0gJRkcEDB8YV$2)Y8`tmOl;xm*I5Y?f2!H$bP3T)v0XcpWEs`w25Q2%&O?CZZ
zzOr5&rTC<x470oJj}2~?d763K4^yI{wrg_l>+gQlE|};!fq_?6pMrf`Lf?!b-rx;e
z*L7}(utaO;O8kBwCO&oiwy%w$c0VG`Dv|D%3MM6vphF?;5bZ!LLGbHFr!>wxrfnpR
zbLSuvPzu8;g7opfUGJj@#E_6yi?fr5E82vew5Sa^&O)zA__1>1k*h@FeQrRF<g?Al
zGTkWRna@skN2Xv^3~1vLD6!gw%9XL7j#SMT(m4`Q94&1!STl3~M8-qG+g0bMGbmvA
zT*!jY)LJ{;%N*Ffxu4->s%&CZy6l<-ZX!14gYsDlgp7aiK~x!2Bp0h*pz{90r4YVr
zeuDC?6N=?s!d>k9{@?GCW4Q7o{r>Hnb5cVPK~gpgVUlk-2Eam9PYF#0`4bU6wUtge
z|A(PVPfLj$16GZ(ABmxKCAJ(fwvnP2(mJ@Wjc1#<*#Y2$=vpI2dUojf@71+ec@ta<
zMRzt2+i})a78_gNr{CLmV@x^ttEb0Ytu1R0$G<;T7BM-@<mhaH$Lu9jVy7LQ`x!xd
zz4eet5CWXu`2aiwlfMuQRI`|E?F8Y4%gyd#Tpl<s>35bsCasFvee=`XwtqMwgP>L>
z4`5dkYms~186q!Xg@_p<wJeV;X*+2=TiU>l;VUv%ZV_&j*MdwY?rIVb-4-w@K&d4b
zGcN6Rnh`cFI2cvL1I*o1UOwYTwHmrLPH<%EvorbLEC5nt?3$5Zn$#EbW`yjvq{Wiu
z8*RF=&Y+eRg~SPUKKe;cB(R`j1r+SwXdi6JPUIHm*B>H@saGwTc&zr!_uEOe@K;I3
zwQ>!#!Ok>&)3aHVbye7+l#q~Q#om>)kY+UIEQO}u#>rouQ%&m0Ixl6^2FS%s9q#^s
zV;m<a?g8)_%cUjS1oc%}ypy>l4n0w|M0f8x8PKia!C7xbXRNSi4!d9tcw(6<+JWab
z`ol4tlM!B!JZFpy!)iCQ(R~l165khW4pfTwHn{nhk1jLeSZ4CkcO7%m*HpMLexu@X
zDFE#+-5rZr<3h_t+H4f)QEFSEvjuMAro+)Dn*ov3YC`C`Ul6P+MyDf%z+uf{oW_iD
z2XkL))({h3tnsP>q8@W11uRY@LgRbB#w=*;?a?7C{f*JXug?^*4fAqEB2g>vuyL@>
z33wrvrvo_3NFx`kebDxH-Y@OSpsrCcoW^K-qd;S#eJf15$NVRv|7tPsZ?mW)*tc&@
zNr7lafD1)55p;nCFuAspUq7B1YKa|8Y$7w&ZRO*KhKj$FMbZF%yL)xg|DEP+(o4qn
zLCzZ>%FHLveEueweB-DGCYm&|X@2>8!|hVQ?Rff1NGRaDwq)S$!tU<mEp*XzjR1**
z*>FAXNTCU2z`}#~0o43GxZZ3pYVJ+}@i8Kj0>Dm6+t*|gDJBK#NwmS5onYZuVIjtB
z73uFh=#bY$<0WL<+K12~gl~g>PE~p|MU+~Lx4DZ+UAn`%uiG6^VZUa&{mczNlJ5k?
zU=d+eONISgm`6g&WgSgo(k;p^@XF0bi)J3KR<yuU3ok(#Z%W&{+~k)@15=3^CmA6O
z0zeGj<{W*{SbYZ48g#*CLJKbzXK*U1gni`tvHQXR4BWVT*M#C_<z<gHXO32f4aT;>
zzIzcdh{wn9m>yuxsJguMH@t6mkIYihZ;}njG9i!u+G+LO`N=#Z*R7qX*v}SPz$SP$
z`IF(v{94hF*e=~1xu^M|Mgve`CE+Q{3#c)J)jA;r?;spYTI0Xa0DZyDFfS<81M%Q>
zZUj~RG<X<{#;A+m&Wjx-YPIw=B8k*DnJdkm;o8*NBXEEbgx?UL#1hvZJD^s}uVCp4
zp~j3c-FPqe2ssvUdsu;U+Cx7l>);+DR|Eo4IZ`B@a!mLySuzo3^`$aL@M}sF?8JlY
zJC)@K$-1r)%#2U~`}am?L5=2S%A_wH=UM%SwNAOH<m0iQL+UloAq}Bzp=SCY^V1n+
zF5&i_IbXQ7UNWJM%k~A5(PSGs&#^CDW%xPW!R$&278lnr<X>R_)tlP>IgkFodTUL}
zCnreyB%w%>sUQcmXxJ$&7^4Rm3d6P#V_mJN1P-*aejgq{hg6pqXHirDMjRPDHER6S
zSwm!(1OOuf9-*xZP00;=GoFj0%g&>TrC;_kTl{C<vfXmse3St1@Ar`XKaQ{s1ponj
zcj^qz{yM7?9->QWi^-LIn#0T;PTZ}QJQ5<VTIoT)L7afejfMNh*|eU@!wNLHjeBv~
znq>AUEq1bc6@EQ@K`vF|>a3TVK6MTSRBww~gay@A3J~TX$6r(#t&sBsrbH{CWEiWi
zN_F{+Za?-xwwi~B%M>#tD1AS5o+1rPAz@j8OkiIdvn}e*{1nqmVE0imiei+a`TV8B
zwxE}(AOf)KS9~c-5$<K1(&ZsDecT&A`+N3p8baL@d@wJO1*O~x9MIu83BCz@?z#_!
z!^H)hk<VL61Ws440Xh;4$JavI+REC^-t^>^#0fYY_#)*OTBhKbHqRp@?ciBu&YY+!
zfP&{L%wp5E2-_olVj6xGJJUm4`oY@i@{0uXP!cdm0`ym$O5^$<XCIs;z^#1+X5{W0
zzChKPW8e?WY2uHt0H+z&Q5BilQ$uEE`w~t>cN1p)Wfw3Lg4Dvtxg&B3e1Jaj&Y9XS
z3+|d%Ym==_wqdSufef@KVt{`7X=cKVRfX3qUblFYx=-jn1z*PtN=TVv-HKp#s0M>j
zQUHTE*X+nL%z0L7!nd5fgFcV44b>&oR=`68;~5RU$;opUJnA&-{h}Lcl~i4ZIWeZE
z1pU_WaF{N0tIUg+k>!c^e0V+glD}Wp_0`n|tVePXjJZYhJ{Ty_p*loFX##t=WHUPV
z{EPY;9dv$z(|CGvp`MHUlqbtiW`?VU4al^#-dVsw=;x}^6lwSJ9ze$~eW94M3iEJ>
z+K=AC?GJL1e6nlijh5{EMv<V@E2YQU0`zx6dFP!I`9gjGo3buE4j$s|yyF629PqOC
z4co6kQtm6@0_^iiqH)ai%emK(C6p~G-<p^rfSi_DGM!$d-CoXPbZgK3_Q)7(MRspj
zJmgoD?{sNp+N+$va??wEg;+|EP#Wxo`EJfhuLRI#vc02~`OTWUq_H*kw|<Qn{nt!H
zhSzNj;NQL(K>xdUi6klEQUPqd&@BG-Q6{ScZy|%7j`<HThfMay@)n8ansVuR(ux`p
z{nCuK(|&WxX?fkspts(uy<Xz>s5ObhcE8(TBY{`w`)6?eQMY&UEiXzNaG2Cr3O2WG
z->bKcW5<`%Jf~jpdKe?tZr799%T_+oVB4QUTrJAJ)B@;{A@iD?WdOX&Dm_bfJDcnS
zPOkPdXI^~G9P6LyWlwxB)o8Xvst93Hq8;+=RY!%L*98u9oQBOd@$MI`g&)dW%+fpX
zRdX@-<5SU&u8!xHz+$ou&lASPwiZW6hbUV=a`$?uXp;2iThC0R61?nP)XC`~*49cK
z{#4F;?Y5Mu%2G@!B|w+@`tBnnpMu@u-zk`#Uh>mQ#x!K(RrV?u$gUUo#>0rD+WraT
zsJs%Q?fhVq-m70E_e7<=2sSGvRv{Sj-E_^UVyqRO5Zb`yKLsfeRPiz8lDT~FQTuO;
zC>*I?9%Rcl>u1{fUit;~8eAS;c%Xz*9-x44d6N`pn{(zH4ggGnFZ0cU-B<+~6_bs=
z8aXYb1YSd-*VGJovR;40r@T&rLvx~Bq{f@iND|p&Pa%P1AO8k3vEkcsWE)&LD?`)5
z^g+{xJ5Fb&9~8pU?;%)p_8AU>3Hxjr>%yPvaBYt<ht#JJ6j)w(mHX~vKZ;5)r^1=(
z(|P{3xhsg$B>)!F)>;fkLPcqSG4RJZhz5g}6FnjVXNbP)7x6AAjEJUij0H{_3+3jr
zWS0aRqYI8wcZ4`;g$BxNyC~u)2k?xxcY~!o^CbJM_Hd|6X>85ee;U(+E}-YT`&Eu<
zP+n%q-P!Cf*fDaaI?QAfL@m@klCvFRPH<O}NhUR6Hvw22V{Lm}wT&h@O$9Ab>k(+G
z<CV!*a&!l8Bd{UKcH`~1D?cc`vPVoBY`YsbaKy3p;Iq1Beo4*IUs9JI($;q7(N*#g
zppje@3`HrbJG6xnIY*E|$#}I!t@ik-=GKB76UxXz!%asN1$>AmcTw@(7{L7p_Jo<A
zjM;0Iq=1n?;#U`NktydV+@%bgQt!A2A=cvPv&;HI7b=JI+~!TRl^sc7N!h|i$_hfv
zI;tb=o+W)*gP!TwtTK&Ln<$0>hqOihk!v#pP9etnCwy809D@D^*O2nQ?r=<Fd4*{P
zyckyJ+es=<j3EpV+aQDkuF0=FIYtMD2k7Qc3dpH#Agv6gpbKnd%T{)Sm;kCptqaRk
zGV!G{iw;YSn`;}{a3@EZ<M(SL7q#ceTY_}(1HDv-59}|MU7ktH@a+@fj>DYOzWH)t
z07&?8o?vy@F3q^DMnV=T_=#^TZE}DEv#aWR_3NzgqI90A*4bg#&IE)*WbD!eAD)c+
z02UUUwA~wB{Go}xu?PAOhdXpotN50)2X5$s#|3rK#*vkPZ*D>4oPlFitpyuBjb^mh
zWNc72X#nC395s_NWLln_cSL$Vz{!+yj5~VM!yBhg8J`kHu?}>K-UD0--NJ)!!C9X;
zhAN*j?>@YH_S7Nq*6+m|LJ2GcRu1R^WRnZky0N&HRPf>UWV@9%*7@yXkaLJ4AzdMe
zP?CD3&lxDM(1Z%|BHeVE107%OWLoGdi>UGl4m|UCt)1<QYe?pZHf$H892A`%Ow)Xo
z)(*Ck9^0Rad#-Fy&9tTa@_Yf&6p7!?K@~l|Ri*U@5UC}eiY5}?U{$)5^}MWrK#n<>
zY6p0E<D7cr++{Pdflp+enWE#|YwqP}vR6pXo-hW6Bx}CtS7+PoY<bi3e)3xG05AiZ
zdEFkiYld3+;i|!LV3ls~V2hfxpV4l0o44c^PH+A;6vRnPdp;h8x{Chy!A7`sSZ!2t
zvwMB5NDCPM>P+!%lQF8<JXj?Fi3dOZj(nGaD9Mje)D8n-M$P#Z+_+hRRRd>&BDUS1
zCKYxx&hUYiab*OMG8HG~hSl!d=^yfmFZc4PxK9fEot*M>qj-;$l@fmif`FBJiGhf!
zf`M6T7lAYztg-HuJ+D%W98kDbR0%lNG7^OqhcSUNf0Z!3VaviVTU=NHL}4k!=eema
z2V_a@`_TCE6odC3O78eifEcM`lm4!ch?;%xL_#`81bh*@?}nfSDV8s6O|7x<rs3@8
z9i!+rzZfl?7A>=otu6EC?|MJSEYuI)SI4*g<F4fQdTge=+spsRW3N1lOFw~&x(U%x
zkoL}x8x<xLc0GO@z;p=!_&pyuL42{@1Y~D_$xg3Kna>SHHtr!$%_%M#DI^Bi#+le6
z2hY3XaY*N`?F-t*L(AN`*v2213m6tR_sCgzCa>+Q(GL=7M+;R5eh#X>$5`0&;Qpaq
z%kSAT&~QKJSO0+fZ}Mper6a9EefwsL`0XEo0Ea;T_T$Hoe*_|_jvVpdtx}aJ*dtoe
zm=|Sx7Iv-29ZlSz-#XdaG{`u6V63g{u~t3Fi4+r1%VsT&ympZ5tCV-lQ+AyFcDM3G
z^exqx*>80lFy~j+($PUzTvB6gDOF`tdgVcoCKbzsFw+L{0=^4N2>aR&5(90Z967Gu
zi8_>kHkB8fYaP71?YJ9&E%ppshPG&&)`%}Tx#x*w8@nT<1fk6YG~zqbS>3**KWH#t
zvK|0>52Yp%0vG;>(InfqzJWBk+_lF44$TvU*nSuZJmrny*uHCTUY0rKK@vszE#x*B
zPtMila)t!ng>fTIjcrj*Fiw!3oM18b8UYKseNEU9=?90c8tOZirs|w=))I;k_K7l4
z2k368CWK{%1qDUokBqVaWq>qseGYIzP=GnhOe+~90O-jZbU5$WT-e@Pb?5*k0YFZT
z`N<KsF!Y91m@keTC$+esJPaS{lReA>3}X69+!hr7jQ>SNw>*EN1Isw?_neq-pe4>u
z#P#qM9>821Ihj7Wk6K&K9S7%<zyX9Ya(s4uUXMepI=dMpx0z>u<R>A+SZP2W1$2u{
zNjDO)63Io86j8+(73qPPak{vE8tOqX`K)7T7a!5Nd*PJs>*Q}@U)-hVx5$>^m@|ud
z7T)sSA(T}bu{_}1uqimPKu)2ML(welWe8ddQU2u6Z8Fy>R2Y^XXev%8(JS{GP$$x=
zY7wmUm*qHah#!=#IP!+CdMrR9!L?BT6gIs;7nQAp%4iS|fXLYXue9bVT^5qE$Q=Oc
z|8^2(>;Oc(<QNwmuJ0-ZL5}to`WE^j@<Bid=<lQhOb68h$)f8C3y36=0pWcENVe_&
zc46>$m6101WW7dCo(rF?WB;v5pY?4(z&jXo5D#!>bhPSEoNeH_?;yt_jmEa-LZzYm
zBSY4k=G;<tA<2)lLCg&_^Nroy(ks9Z{~0=-T;7%`2c_aAe>Jz~UQ0;ak#rV*K~>_~
z--a(vY4%y)oWkrt%^0;d9iq~c954dN^F`VrR?t$=O_?N!i%KoV@N+GuGG}`&7I46b
zLUy*&10Vxyr-Q{&R4mBAEFxL6{XXQc-WHPUwExa6s?J>p6M6{FJVuU__acCK@$`!Z
z{%oEh5U$fj!7{U8WV@lex4?JRYY_4;&ScBG4v;Hi;(lT`>B=;`kTJ-XojC+8>N~QS
z8anJA%OWXix-NDmet<f%dinh%f|<1({lzVKZbOHi<?{QEereJbPV!K8+9H%%i??t<
z8x1UP#GZ5B(LmHL$y(8gC>Nlm_T(t)GUd7IZHP|O?}NWwM<C@)YZf$1jOah^Hc!tp
z_#i-Ajo*2o=SfLLA*9>L58#EuP$D~#AQGDtfPkFA7TsWW^swxxr*qHaMH2%Xr_MFo
zakTWJRf#WUo}@dEntZA8ySx}&mUZ;^H{qC>^<fa8k#~{yc<GI2ECFzb%R}G-9oc)c
z1A|b2x@ymNoKNKwsp7Y~saV7?(I)(nD&5Ajw48ix3M!M(M>J!s_uCocZ&ZxH3TjFb
zD)ihkrJMp5=0iC}kueX$dWrV5QpExyMU1@xWH5yrV?`L4zyyFm4U^4E3^R#2;p&Eb
zP9ckX?9n}qZXZeeo{hEG8^s-rjmDgs42M_t?i|)ni}aEfVD13Hs2OR>I2}1|{2LUf
z((KQm&qW+nJSyw=*xeX5dHeUFgQIU5(=2xnd8$}88VkN5e&;d;DT(LA#mA(QCxzLw
z|63lICXI(z{%zv2kpF|W(A3fZCo~ph0<OG}#Ae~s2=FSxMA|F|)%e2JN^v?3VhNk2
ze8Qi1mx`Q<JzFUkG4aSBB=2yF()iEc->DZ}GAlQb1)qJkvV3wg{+0VD*st&QY|oy)
zzC7=Hq5Pd97{1Vk><^uW$t4}}8<FxaHkf2LxD>9z<kRgpML3dNrP46~FXqE}<CRG?
zp~DWQY^it7%Rao2<f<^FhXqkt(%;c<{;(<(q9nEjsHRxu2p<yf^=;dDuPlt+bsom>
zxJlKsD7i2Z@K70wLE?AXrpPiV*_JjF8vLYXaJ2|$Id>Zmenj&0ZQ8-C!7)5W*TSwT
z5XZatWO~80!Dk7|gM@4V>J~n&bLB89gmRH!k&cfBx20c^zFce)f@`riP5yOgP`($_
zCwUI<OZ_BM@iepys_Ll&GQRh#Q$wAQ_@8ZNY$9)gSyEcKyFXu0G>%Xi7^?haqpW6K
zDfdYcQ~-MgL$`Ri)liq}fgKg6TZPt1@hF;}fc}Lm#ck)?SJ?noh4$9OJf4h!subuR
zn{fr}0oOkV2iH8^+Iw=NYMK$39Mqft1ISR%q8i2j0J1;W|BfyfjUtJkmI|;m52h(1
zp_Sa~{tw!*8~eo%QIU$nm-eQgUb^$u8)a-h4v&4!3hh);Dx)gAfB&T3-)tR<Tb5__
zJ^n3Vbt&NckDI&_^i#?M<EW^ZvaX^z+hRkV@brL7EVe)l?*expdhqRgFg@hj5IS%2
zlg3H1g)`W5?lYf+hNWFca)7PmNjf2tLWcEf+~1M?DbB;nBgno5Hv_OjMlL*e^j<Q5
zlH_{=(Kk_vd(7Rbm@qtr1x){af6QnSFXa1Vid;D@=JY_<v)H{>y0cWebH2c1m+dWz
z68~D#0?ntv;-g^hxutl^biO@*L$8jj#iuo?!AK5sY*l?8_~Fg%GyvHIrx+!+tn#(^
zD{H_+y=Lz3EOFW}a=lvov-W5@9_#i>vZy~g`h(fA8`QL{=KID&#@f_cr5em;nL7G!
zRrgWA+9VQ{-x~NmsV-?IF0wW$T)e6E*&u`sbLtP@uWBj-J!*uuFEJudXR0ua4GJ`G
z?0Nn8hXqxt{D$Y&Sb(p#0{P{+cE2fV4GZ&G)nNQqL4@%bRo{igjNL!#)@Be0g;PAI
zKb;@XEu}(o;}FhVDO2X3qc|x&2X?!pd5-_`z=m#XmHq_=PjkP;?LuS|`OESFJ=E0Z
zmmX35Jpx_L*}CZ|{s_$xv^TTx3!1E1`zzIZMms#m8rwZV4eDZj_9D}NBP<ZjdK}?j
zYm5DZx&%o@^uhp@DOqq9<lNOY+ZNp~B|?4v=6R1Bq{v8U2@z^qO@8mmOU1T1d)3DE
zpm4!(r(K!r9q?!6z2apdYHaD=j2FsnayF+crn+zSh;Z<PM1<3JUa>R5c<KdB7Z3_%
zXAr!OaN}wPDR}3|G>*!oO7UZuN*np10}AsIXjWb07D4<PWdt28PF;hxAz8a?%biLc
zrH>wce-aYGWTLw44hkbfMA=0p&@T#Q$}xxSs_?2fxQ1%ogutRj3JUm=av3lIyfis3
zN%=aTA(9hnzr|8TPBXnas5&CM)xL0p*^zjlIt&WLJ4cDtYV~75KcX>-kszV|+`1e#
zegiEt4!<u;C9<B{ta}Cx=y!Y;tw>+&d(mpaN9ulzcj3l!?O1+nU-`j)zAhpLv(zXy
zztXk{oydH_eWlRbJkT8~hb~4Kf#c!@%iwXJ4hd$$UCRAtRB^jC)<R6bz|V0zP(WcF
z+)c5<_HFbVpWpZYnc!TmgvBsr+*>EYiC_yxS-{1t+Q^N-)>HlG3U)YGsjE!U5;#pV
z=J!AI>`(q$QCU&~V=&+sE*&-+ISVcxb0KzkM8{?iJ>1*e#%AHjSnxCa=WMa@9uiT1
z80$2H1TMMFa}%4F<#Yy{+tcUg-5u61pWm#0f3^WSpT$}oEp%XdMzb{xJ>_}@Ms5Ox
zT_(oQ1q{@Tp;X@F)E!e~pf${8NA)K%f0HQR1nM)6(QBV6XAD4?|4MEbmr;qXj^K#X
zl0Y2T94FV&2{qU#LP)&hj<UPbSolwsZv9R*TD;cP1)-;3EauCDoy|jND`@aYqNnMx
z2dz}{lWtRovrj(8TH&XVX$kQQb-|m&eni#F$@fL8y1&g5Boj?~$=>1hxx{Ey8O18*
z6Y>!{$KrS9O|Svgf3F1`fATy3ZqZhduMj+kn9R?!bi7@4c!xL*IDv9}4;MN3wE8RW
zEO_(c0W`nV2`~^7Vzi8x)D(mA?~yi<4hF(a;LXhj8y?26-1CtJOcYU^F8ZSku?H~r
z$?P%{%i`39Bi$sfjoLE;wj?YEf63bBhKB-W<ju?Xmn;F##q0ZQt*)1nYB|g4Kt-}S
z>O`WpSZv8y-4(MHwzT2{B05KOCfoFpDZ`C^24Ddj?EF{-V5l`B-{9TWLrVL`G(b)4
zI~&eF4`@=m)N6=2U%YzpqcXnEdkHPQNTc|agDPIbOT<ufQ*B|MAweM!-RxH{1+T&!
zkBnz~{f#5%4R|mcG&Uol@gjHsvsZpZSIA_|S-?NnM(fs&&I=N)M!z*h4g=BULXS=$
z^xWaJcHwj!aPn5HT`&rZhlda?=oDWF<=Dp;a#I@U0%^>gg^J3KsGw*srl2eeBf9rL
zZTJ>#W#INt8%F;J;Immc0lsJw=mB96oCqpw$w<MWwFztN4!G+<$*D+U)T-;0B{as=
z+GSk}=Ic|AtDE02b_Yl8^1|fW?}2(4@>TqWD_h>XO4opJE6$HbBL2(a%ikGZ)7f{q
zY*(K*Gyf#xzG&q7ey*ru0Q!cfmH}2S4r#dM#al_giB1D_kZYm`sEDkAYvdb5-@s_r
zK5~?$gL9ax(b#yN<>xY(L#s<w#V}OBnGXw4z2aLElG3(vcKGs}Vjtg0^{I?29i+uc
zMUFK|8T+Zl&6p$cIItDCHIU4BIYI>N#~y_2I<nqtG=YU$@{~PI1bL_xb1X<(UC4&&
zy>k0x9>mh&Ly7<aN00$&|8RNA{7VO9fe-8>OY;#`nbcj!AAL(xb5B+_0Rh$&v+$U=
zolL8A8>!@>k9+bb{#|WQ^FD;vcp3RXk9oV_G&(PM*SK?k?dx)s9Hf$^@Tx*Ut#cdy
zK-D}rm%`f?huvJ`mCnluA<*9nVe)#K4Fc6*g^c^x5i>fVnYr2it{|TyI@mgbIH)bN
z9xDt-)QaW-7z~b=VW|MCDH6R~&!`VV`Dw}U95mXKc~0cT7UVUDIii9eMI8MxZ^0*~
zx3?Tx=cqwsE?=eT!`&n(JGG_g8G20!N-(fiy%r3fx5lDXre*0xQ4P-8tu>&D%?Bq6
zaRJLg37G|u2cMGu#64imR{Z_<z~PC|npwX4YQ=tXA9xrWK>-xY3bu70sy8PMHI#A8
zw9SMqxDtw4;8qy;=8=EyGV11pZRitK*AhRrLgR-%B9l$YO1n|CzRL`6KVmt#K@-l$
zVPaznElY`;6`sh3otO-N)&D{(J<#!Bw()~;EGQQ+ItqUivoEQjmfW7<BHI#K-<|N5
zc|ES;oM1vZ$uRk-UVCmEY~RuZx=`<^a<!W(951k7tf<nj+^A0F@qpaaQCOlTs8zu*
z=uEP;s$BT`?fD3Fj*#Vc;zK6_We}WX{wcs+S3%Jqp-P;m>x#eJ&Q=1AnMRwO04&K_
z0(byRzUqoNT#)<&v$@;N<M|4uWbM7hXQsKYvQ)~SF=t6e6i;WmXfGO*+=xbnayrD4
z?R<{yL()>FPwyWJsFHt-Ko88NF2UmD4IV8CzAVu+@z^wvnf3M<1wrw-j=P>{BtqMz
zOwH9haH#0PXJZ0cx{uDLZq!9pp02FW4DbNN`M#4!56C-os1Hony<RL49EUfRpaJCO
zv3_UfxfX%rADAYx`k~1cx@4<6h)?%ZJ&l(Wk{X7GeD3C{0bIq=jkF!Q7K+>ps_k=9
zdxf(~OyTK^xcNMkkn!{ks(PoB*R4WGv*GL+TZ~h&Z*Ihy^o(S$sL)YnlibPgFj9bk
zUw)$ARs`#@0)nj^oo%uE19f>~F(X>>-m&K3@7S9sI*?xy-!Dq8T%W4k0`ErGdO>O9
zmu4Sg16bUsaLYHlYWgvdMIRpUf)cM%<Rv%u1Q}G;uay0{J)d_Jjl(;2%8_P)+V#i;
zGPTC;IQxAL4ac4hN{*{#k;4&}7=9A1(HU6jHDb|TU(t|2D(=i;6q}nX?u?>-RRIrf
zu76+YI`++DiQ6)nc-6xddTc_9w?G2>KR0o>ok*|&;@dZ~AOE`uXS1Ls;nolXVl>u0
z(KN6>J(E1=PqnS{m4(U0W!Ld>eFta3SC>g=izNydg$3j-J?Cwx*jy~<Atxy&p|2qi
zAlrvqY{4xn^nG@3A-nG-s=ubcqb8LcnLY}A`F+^{wzpm`>WBbP%m_)l<NKptNk*Y=
zm93);0{leFx4YWfO;Hpebpa5dbx%U?_`s`uTqA8^lwc{wj!%ExZBl}ZKTk^`ZFI0i
zw7WcY4>(pZbEf9Dz%$4@Zt2%+pLyWywfKzQ<632`oy`Z-Aifgx(yx^GJUIAm&RTo-
zalP`L8H&d&jUZ;5S$-P1F-Np;r@V6<Ez^elvOIS3L8D7sok2k2h5Q+S6MI$pW;>`}
zBWlXlHp!tRN(5r*A|G+lBDCOFN!b;zgrfHaX0%sy^4YXB_cLp|wofuRH6dPwShQ0a
zBQmYM=>s6~4v++-3_M{ENhOlZ+9@3WxGYN1fG`sLqktCPE7*!LUgP{OaRXd}E=mI|
z@Z<5w=GbQ^YJ)O3pdSF*ANhSmJ=~jth32T!W88GgtWXeV3Xrm!KckM$=5s^hqoYXo
z5a3}q*5SW{_G8cf#GZH;mK^FKd<6xm=wqggU<c)FQ^+$*7iS`@6|T8IVThyP2}8I*
z^=Y`}*&jKQ#IjOd$M!3DByNlP=0L!(!KZ!6kt+Pnj;1qpI|Ks&rXHNve<>)Ule=h)
z&>yW2X{;oKNMu&1m!c%@=b*X&?2Pq6Sb;3KVxcxlb%<lqdv#c^$1c^AXv}t#G0SYT
z&7vGunQ{1YhLA9%__ffc$|;|NhITcnjiv@|L}tr=D9_7B1iw?dQ%{8nyTeJN!H{yI
zY8)QtrFlxfK`jbcD2~VU;KW|l{^lhumb=OCaly}(NYfq_{o_S?09MmNl`tnbV<aI5
zDW<bQ`R%3hZ4Ig58uA*3BeyN5P&QisV*WW8P<Egp^>iaVg4#-B(1QdVu6?`yLYHcO
zmbNXPWu!f=j9|)#RXD&NWUxoMgIuz|1g(k1a6u^W$1DQmLPsPw8{#c|Npg-WzWcNO
z>PGfTyR^faiiJlEj@_f(TuLw8Ogs4+h$C_7iRU0^j9;r{*X$&;{n4rAlAY^&|HvTm
zF#oE+o;c;G<y;uKYhM|pHb=y)I;>-oNA~6y<zEmPHHetxe~P?caRMjL>K8`AT8d+6
z+8Rms#~l)IMQ9rM4ey3`=Oj+LJ5W3GiOBdMTF5i}u%_&v+#ubYV~N_jr<N%CH<yxW
zR9mdjweK4F1?s_{Y8P!Rc4)KdoxvPPJAWW&>9I>)i<yWI7dgIS<`I4n@(hj6*jfNX
zT=6V0t^I^*U?TbYUyfIGh59LURiWF3<vOpZr2nW~AQ+MF$65X~%P{8r#LweI^9Ro0
zMI2G9Al0Cu;6~fpG1(w310<XdbTIhOv22$8=j7{=3!Y&;0Tm_2EhN4>Z+QQ$QFl&K
z9en@PW%oaO6+dZ+j}I^<3lc{DT((uSTWUR95<@I3VOb=irVT>x)>cM`h+8+$tlcEH
z;Gzj%g}!0nmlhd-zAhND8OTaA>COAFwCn>2_I|@RR@?Dl?Qjt462O6{f!RdkI_Xm2
zlHO04XH~P=8@7@DjW<uu(7+wP3<re{??9;cRLs;;Qpy+Etqq9f=a~EvH@JKw64z7u
z@zk4VHx)u4T{j$`C`}<QNrBR2#+quyvb`m=;p9savzdk(BK*QQr68Opo7AspODe?5
zx_AJs`@%J^4a;YPKS}=Ab?d>pwJ}&C@T>@5&S;YSw$3*W-5fCzY`9^OM<=l6Qh$c6
z<O9y^Kuzn<-(+J1D_WI59l|DFSG_^3niI~-D67w-SH?Bb9_qBzCO$ZF<uLS~&xXy|
z-0!1cEg76wL-aA{P(=>t?cirIVKkaT4WG^&5-m5euXxN}SnZ7Y*Z;%$6SN2-YX5*n
z_5TuaxoAj9;R37xH3PQ=Npu0cENPa~U%#5stuZj9Nlhzc^3%yfRnc_&L1{KP)J%3h
z3~=`*o+~goz;~o~@DsZ*=(NDV-X|%Kc2rPEoH|>g=S<JjhTGHD$5UUL(>MD3apsMU
zZXLkiW}j=}Vgjpin9k{JG;<lD$d1^?=2UY6k#_Wk9ocw5!>9(sNyJVdF8PGc*{ya2
zPZ`lN>Q<cukJPcb)#svUmY>Ckzn>TKC`377-PD3+u}Ly4NfA4_yMnYt$B#PSD8rs*
z6uW6OwCIBQ2`E-%tRijZMOK{Gf`c6GXO+rOd7r;t;|E5^onCUc*<qtG`q}YN6Y##5
zcN~|a{0JWayNfr{S*Q`5%1AE>LbnvEAz#1Jj>F~oj`G7lGX-(0TP9Gn@RG%vNxfUf
z)KkB=Y6>F_F#Zl<!T;uJ2#ZwCl&f)+>Kt`8?lMQWFfk%*$t%3fNH@p6<3}@MNf$}A
zB`k^DoegV<AxvYqaVDM@Mu#`rSDtoGci)&a>nqR(*xDwv!M+iEq3a05vHD5D33>5p
z5*NE?sxoDymqfB2mbkN1D*EZ)1LsLul+9LgVEqj&{Yf4qF$5`TudhFRuL5ID`!XQ;
zF`+QaQ@3^DHSg5cT`{O!Y{8<Q1F=1pe=mpH&!#&(9Ee>x{8W`7u)6I`m45h{?AhpH
zVH!FB_~Y7xK1zCU<AZ~UnsBxx6?k%7<gh~@%;hhyu%6JkAiusb4GlVCJ&~{*q_pZV
zv6{bJC|`XEoOSsaV&0lEALIaKIQ)E(x?4zCH+-70KImjZ-jq$2eEs_sJ#wX?Kg5KQ
z4XT4bgxaJ8ZYp&0YeCECjp=n0MBSo$_6vUknC1J6({@=ea!~{&zZASeHpL)nTf9QR
z#Wp-@n4*ReR(QDw6G%qBhMMjC`GVMnBJBtm`XyF)4T)>*rqIWd?NF8y%F>&U42?f|
z6yxgcKeSgp+W|d;9ejr?%$MwPj+4BAJxI;3krDu`fz}D1%unkHYxPlSBN#3fNo`{^
zipJQ2d(8ioXf@R);QPOzNA~}gHarP=fQo_AqA<Du8QgFQ?T@H!(nE{63r*!DAV;sU
zygV~5r}d*tYtK4Cx?<L;yHWHzG5}IZjx?f<@*ng|hUBo`BTpI^aGMr*`tA31b4d3~
zp_<iCkbeU~=%+s+L40Hn0~4+{1JlI3zO<uw={tMW_+BRYP0-)Nc&q^S;*)%8z{21<
zuCtEv<p06iO2V53@BKfP+pZqowM5CPy7}0y08nZ%YC(9ja)g9bG2FSuP5nnP!7EEl
zw^EZa{DY(BS-2sL47^Ec67d{=DtfZym@u`Nt_zOeEdPv5AA0Cqp^;|rl}$$u&H5iz
z{6*}er<ZW(#42*{_3g4TZa}(;b}VHvoGNg1Dn~7FENG&q=}vEpV`(Gj0j78i!ndoA
z5B@T*C72iV+pQqPXJFR)Q|xOiG>XpS_bx5yFhqW(*UmPWkz?hnv@3m7RH8TF(w#Fi
zn8NN_ZflAL6&$5!f300R*V>V}`a@{;RJiTTdWRF#JZ=yF<~Ri>qH3@)+!N`ZSJ3Lv
z*VY<o!(E;_6{ypNL%3QQgIoIdG{?Ah#rN(6du2rX9XO1}{u4>hY=eI!heb11SIX)v
z(jP`m=zl0z85bZh_)qzY{txBaNl62Q3CRP`2M1!i4S9Z<Q&5KyyTFPLqCyXq^sF1k
zvGH|f;$(r75)E=4B*IDa9DqMli?4tGj+$oU;i2I%_4|oPYvmi_we;@f%gg#enYZ{K
zoOOP|=q8tqn5N3=mV$h`tYnSpAU;m{TnlcJJae?^>G$gUo89#2V@G`~85s{iAr|3F
zQ}@@qF}Xh1a}Ci<G)lh`^{L!s>ul;D8@(UAR>u};JHcBETg2l&gaAij8uqZI-xlw(
zc$z2bwbF1>9lQ5MMV*#ux#}9%BAF}27tHZ+e{=82s%h=zZ4@g=^opG%)uu&5JVG}q
zDy!UgZ7TG=qbNniOg=(edGYB0)y;fYy4HJ&Xehd@`Skm|)clTlpEW|fA5CW1m~A{~
z-CC<%Fd5jHIzF^%_m4vNr3bjH&s57X<b$cA>Z-_<TB|l+GtHsUt2U;1U9eS5hYE9}
znIUTJ3;-Xw%Hou}0{1M{l*N`0r*>Z$`U2nfFS~ArdyEPdFS|RsN5)h{h?WrZYqbB`
zZU!-?BS}!k6`<m@po#u@IlowQoSMw3TuxjirGuIY#H7{%$E${?p{Q01jwDqu<$8?S
zUv6l!<CDnT3FRVu9D?KTC!3MBt4N3N1+#fmTA1cw<{g@~A3xr3>+|h(n?8OUHJZr<
z*Y4+nM{?XYta`U^ZEvCRTi0i;Y2~rg6=^&E$?po@2UtX~7jdEC9}pACA|Onyj;-ee
zwc};VIb4RCF8}2zVZ2JwPXP%!%;f1<qiAYw<vNY#N(I(~<nEf$d-q>OrB}SD*RWX0
z86&lh6sI&~TTimu{_&A}Nn|-WeNTY_WrSiiPx3Yam950?6|_b_n$_E$U+bfc5u9;7
zCl{~2032@B5R**=vR$|elV2oF18?1bUAAfJS~){7Y_QF-@4-e<5=|;UzX$zn)Um*B
zw1Gg3E04b;0{h&SrCu7yMfc|l2LYIaGVjTtG>d*tcl6@<4?DAeB?Q5q!&ms3Z1z+C
zm#M|U9=v9r$L7l4S39&oz{XbD5&>3!0BcYHH`It}eC*IBY{hqUbfFIea0=u|ppz~Z
zgF_W55K7_MZ5FI<6^1R8>$Ci*ihNc3Io|X8!|Q6F<VJXMH*PGOwg2U?X^VoyfnDh9
zTY6<6KP+#raKi2^;IY~ywX}#-FvXv>j|z!{3~#SY`#H7zlA=95-)9m{oHeX57F7{|
zDiiQRRt_1;JM8>SV9M}F)<)OcV-u0viG@4OEPu(ct1AViClk3+n7z~x4lBdU6+!_X
z=B!OcFwGK8Wwnv7ueX^Ldrzoc+BH~Tr>M2x)xM5;n>i8Y!&{cXN)t^JF^;DOMx~q3
zZ7!rzX+q@BG)o)yJ@VWB@DY+y!`BdilX8_4vAC7xg*?GqUgHkxoeJs{^6~(9B`_2>
zY~-?ok%=Q<rnEh^i9pHR@*;OO!uZ?Zx4HY3WLZagZyf9{Wz(q?HCB_&Emh;GLH6o^
zpQR<s2cPVpdqhPes=-n0j$1s;tl_ffTM5V4E&pih=TBObI=aTAlr(I{qf#$k=TDdi
zp3r^kJv$0f)0sV2Q?2^cRVe=yi*{*=xOw^5cp<S5$9SbLGuD{J|C#8NQU-A}{|45<
z{{|MBf(!sEo}pw+0`eb+sY(^q>(_%6uMfwnU6!-=V_w)SFxb3Y{=*>sZ&2+w%~;oq
zD?}@0{)_fnLCC{F{0SS+W!vUC&T{L`FzV~`17{9l2dytHx!<<r9*)56roYxZ(w}{F
z?qWu!PWexIm_n|gAN<cqZ_YS2{5=M@AF4$Q@P54}Z4;QQ!*Xi?V;Z4P0d<=r8WK*R
zYEriCW68BDATrIE1)IZCS@HaH(#I3LWTfM46NGU3u$4yS8;bj2ez8ChwNu!H(@bK*
zyJ#Ju@{B9!k*88HVTQ`fcTUD$xUzK<Z)(w@Q3x^NZ?m>v$s%~bU(CFqDsc}g{avjB
zSd~BBrD72p|HDyKcR#*MF^t}hV*ez4BlRT;LlzbTM<f|i##8Y`4hx?B7yiva`viOH
zw$RGNFhALWw<7Cd`%1q=ASGl-CSfp44Uv-aZdWbN6{iKSip8!KjSX>zkitkZgWnAn
zw>~lEZjR3dB${voW=V6n=YH*T>qw*mO5dpk#A;<54@ms56zNnq;R_}R5Uj9qH9*DZ
zT|hfF{7uBxjwCt$>l9Dw0iBTGS(n(|1Hqy>=fDYHx?CpM<iu7#IdAx>EE>693o1*W
zgxd$wwO>D8v3Wf;yL1}u)#5!(MTVBd&oxj+&BG-;)z+sx>2f3Cjg?EVNdrd#QL^oE
z{3PJ*L&(>g3eG>Y7RUG6CuY?pR6!i5SP#GvRUI$EH+}2?jZFrvA7t1LL(H{mXr7Jp
z&cVCalrav6kjw+Zs){V`Us9>Kj&sF+Tq(z{qO!e%%2=oVnXtQ@mk=zmU5n!aYj^A|
zK76IY>4Wk=YOK{n(~GXr1#oNu?DwL-Q($#Sh;FMHn59=_i^8H>nk)4r0UY^Ig$c`$
zjcY1$gv8iW_x_>_P`ZM`{x!5um`4O>KOnm!Q|CTW%C<nUmJ=s5NrNkM&9R?#;a0D?
z4#X-W!>yCe$qDb#4Y+=z-j<Khl108dj+gxkU*i7j2lra?7Ui=&0fSR?wGv#+eWlO)
zf;A39#W|mR5qH=wnZ#Kihnm4_LjMgL^)l}YqJJ$@^nZSQiZT;G3&sy$1Lv#HoU3Wm
zUarvrT#g2jBv8NW)FD&2K&CD}I8i}04fEXm$%1X_@;576R<NuJ3X||~QEDZ%A%=uQ
zh$Akka!Ye0bfI@);hsNHxwlFmS5uZ_BFAId%VFEL-?s1eP4Bt?)eRQmPl$fpY!hz3
z9bu(~&x!98yuVuj+7@mW?)8lYtd&%1wxSK{25^)Q*i@YZX!<NX42U$A|Atu+$dcDa
zlM{&+CW%YEbZ?+I5w=oP(%!)S;gtitdBu9-2B{PchBRGF)|sO~KdK7%7+5(R!8?eM
z<c`uq)6BVu9(|KAktJXZzg3^hS?HIQxdTt<PPT>3m8=a2;)=zUr5%nLVR$W1olQxH
zz!Li-Xd!MRPp#X1vli&jZ!1G>LM?N0!_5`m*YxX`qHjZJx*Cv>tKG)4vUHeZz}bQX
zm_1U-;HNA@RgK^4hS-H{6T9G*s2M(|+A;2ISmt21rivD0AREcaFxSpei3jSjO+2@W
z3T$D^CRze;+(u&LQswtjDh>V#O<m)^MI6R=4N03Jlf6!ot5xP$S{qW<S6jaVvC==8
z($He3Vk9!`f<Ymz(3|o99`C=+^s^ARz1bD5z9#(@g^f9*o9N7PQ;EriE=QH7`Fqb{
zW?tr3w4Ce>sXFWPah+VbX*~5^=S#YUo_`Ng+U_ktRlNu}Q1a)%g6EG9j&S0+GSedm
zGkwnCTV>6jII8GD9CsV<b30Pi(3WI1Wfp^geZ+e<-AX~?MvL}wXvjlz+Ui@1c;?%+
zsgy7pP6q0LePxEzyq~N{SJoV9p(`XPGZT`vO?YG7?k&^;L(se48fBw>4Vnlus!kJ_
z`b7q)ps+V-_a<@6_FFp|*0g^bh*B+R*$kuLR`T;;))(&(C?8pXqB=F(&stbUK1{`J
zd5b|ZAjR1{DgBi-L43ugu2<wQOPey%oBNpE=Sm&SM3goQst-3sEfq{D&cBb84xN)C
zjp!8PVj%M5X-?yA&gtAez|i?A;2D)7@CO4hjC;FVGJV;jSY0RQ7Mv*I5)KYuBEDfs
zeM3$#6qYVl7MoI;k;i>3YV)<dioZP?dP@R?o2h*&9v_hD^`M_n8=ORaRN=5!E3X+b
zmrGNNG;z()KNblpa5Sm%4TJYr$C19S7MzMQIaxHkGeag^p|_w{+KpK}1=7=D$VLG2
zpE5SC`?HrA{vIWlQV&TabyN%QqSGg-M5mZS>@Vtt`mq@e1OR76{|It@mniGV5MfN;
z;i>)G;B>S1%}|8E;b_$jq9?MJDM{~7B<a@y#Z7fhYrob$CzIo_ope5GR10k>ZjJ#C
ze2ZHpG10mG0!IwKD4q;Hhsx-)^0GHzl)x$7LxMLU#TmLHyT`Z8G}E18nBSYsK*Ehj
zcfppFQg<M$r(I4Tmm)|eiUk6WeENMk<FIVD2g3=CbW2g7pwwYE<_Z}PDI)Jdu_FSl
z#V)uL>B@cL!T{cp?>m2cnEf7CsST@%wjp)g$)h*Z<-?w0cie8PL6&dldRH4@(w~wh
z#q0j@GTGs4vI(5{+?{MPlCmmuylAoa;3RrR0%f@Ig#<0Bd(*QVzo^%y9NeaXiu|hC
zih97Z(w&({pokg&b_X0j@M~3z!Y`aQm@<QhYNF~LX<v{jc85$|eb9MR*{Sj3aVOw5
z%#9RDkkR!?aCfXooy7{Wg@PJzf+{FuA-mPmpvW7I9SqiV+1E`G`8$~VXc&CVoQ;m0
zmPfqv8R$WXPh|$jD(fB2+w7dGU|#;olwsyX=8-oDGL+v(p=D@vt->rhO+<YQS-9%r
zCdj(IJ_DQgoJmS$+TIC<i8L=F3q<#a%ELJ39d{nsaMPG77m%3V<D3U%5n%E^<BQE*
zYQn@>@xYCzT}woUSH_%x+-2<P;|scG8eaTyl)P^!{6by(>b&&o$Ajy5wbaksDN2VU
zMFTcB&p>L=ozh=U%1vl^Bcf*G;?}}TrUeX<CEEKmTSxNwd)eEC8B7x0sr$b)HPoVA
zkb0B0-z{5+VYW*!#isyuVH5FLnx3h}g#Ir)o8hE6eQ{RZ&x8T}&SJH9k+w9-+NJ!J
zx?*tXwYC$Pj^mcRDTThdwfu!K3n0<n(!MCzE2)n0Sx%Cx=~os4(n|6|o1btlbIzQj
zGPDmwd=!%9$EOE5c^0E_%8xkv15Ax67`QUI6rYhtFq`l;vWWoSYdl$FQA<p~F+HuM
z`&h70_&7-Ls2mzl2t7cH^eO)&)$&K%VS;1HGU~%9>*;jBh^7e2gRDZ^jkQwv6KkwI
zqvFx&xl1}4Fsr^P8Npykf3JG3NCn+KN9X8YU3w~C2we<!Xxdv`=gM;YC%#l3Z@yWo
zK16f!huJfhi7!A!o?p1#5m%0kAc<QjI7O{Jxu7WkwgukHjLaVbM=_rT^)z!37YNVk
zu4F<6vhmhlL7{i7XCd`kg2ZEOcU?(fqdJcjeV;3iRnW1hlI~E})WG`FWQD4=L<Bkl
znptO!EK5s$kb5o?fH>&l3fO|}sO&E#RwK?EH`-7sV*%bv?1LyIB*CAElD=dHI2-je
z!D$>_tl^wpY}oeyEJ!D99B0Ulz(kpHDZWw`{2Qus%7mYbn5wc&kiq<_j$%To>-9l~
za$vRn!<@-36$n+QCjW>hY0RKbaBKV(_CRJQ^xRQfsk0i2Pw~cxp`%$@y*Vy4Y4Kyq
z=*=3;I)H#_whl|8J*2nlN9w+ZcMn+t0Wow6vcBnL`(~;On3rUy!@B}c_a6_~rSGo^
zWiDFe?Ov!(<2%MWZctv(W025n+#CK7xv%hBn*{s_D-iw<Z`(~=!B0fMICF<b0CRBM
ztI#sZGv7yE`cO#T1}9Dgd)K=f4*%Jg`whsO7!W*~x%s&O_SGGAE#2@1XF>|K5uI8B
zpG#he4uk3B{MMH`z?IhZG=H09PEujiMYnSc(7P7QnVD>)&$5qA;Q^9a<yx0lA@Pn_
zU4vk#OlNpe^g=!kijtmT97jd)2nPi?yRn|uorB&<cgz;;qJ9WU#3=Wd-9#hg4ZCr=
z1Ky29mP9G!$2G)N7)I`#8%zsR_RF->VlGL%FXTJKiZh+RX522XkXM=9w9EPfazLFB
zkL&o$4E5W22wB2k+`*lb{DWBJ0ZMK%4PPDglV54|eAtXI?SrcQ1dofMld@+Z3stez
zFTeZ)?#~Rm3e#5x(VPE!qaED^s)w?K`Sy(i_5Ww=kdmBaek9R~(E^kw9no0O1xjVg
zWYE@-Gm)@49Trci{iRhZXbUQ<g@43PtnGJXa6j;yTY+KxBQ;3%mzA_|sr1j~m0pq}
z^w)!0$GdKIS9xK1ec$j+iLd=T-kCqoq*M*mFyG30GoRmjCl*BUcvgHci+$vO>#>p(
zG;pUdDyylk)XL`ocmW9`bG=67BD7J$S~xc@{JcETt9GM+Z6#T=bZ0f3Xl&KgljyNC
zdJ|8PWf!KS(SK>+ed5y4F9&eZ{0|nUn!=T}c;WbUa{20LgwVVidf3L@Lo5r~GOU)v
z6xD+by^QgY>M&scqdcRzwRvjDRUuAAN0>+816$7NOGp3OC16Vf8qd0Aw}4?*?odG-
zi_+`9cafco3oLk(%OiXmq#K`5kmjpp{~7mqt)5>&yE?$Bo3$#cl>g=QgD@@9wvO->
zEC$XHQPSG=>5M<H9JuQnrV>}RvxdKAa@We)JS*Zw(WgDG2iiVCyt<L!fyT{q%&@Po
zh&raf#X8?;L6rLMx_lGONCfx?&K~}=3=#vek~Vdz0skH^i_vWc<ZG+^KbFohI+Lbr
z+i@l~C$??dwr$(VHL-2mwr$(Cor&?y{k-3=TD!V`b=Ruu-upa{t?+52N&&SAS0))a
z1XkQ93|G=j#>cw2{f|iSHF0GJ$M_)pi7^5eP4*20_~%`o#~g;#H#^B{KizS@ooc<!
z?FCuuYv}7dJajvZ-bq~v1JT}Hs`l?G(ay(j&ym?;VECLPJ3;d#F+P~gkAkz7SfP;n
z(g5t@NYIzC@;brli-lw!*Ws^SBCx;XRATo&1ui|Ng@rC?m`nH{LWoSj;h2pU8PyE?
z6#Dh<FxX&U+Oz)hS0a~57VWGN2cgb)k`b5OBz|m8P!yTi%Ivd~vEqL!M++%rp(3DX
z@TM4Dcrw{bgZvV1NB}7TM|aEU+}vJ?+yUr$dzUU>xpGgt+5hZmD(7vySD%rjH;RL7
zq#U>VXY!zrEvxB6PyOINk+||^ssN+;pI1xTfS)ST8A4!yMNn#2BCKbIL;~6_aE77Y
zz;%!*xRZF)311R%plDWSxHNgCRUNR@rP2m@FlIuK)<8x8mH@94RCPyM=8m!K4E?{0
z^Hy#B6j1WQ;3rl;G=4Cx%*RUL*b$;xgSh^m%6?a$$bldLhW_<8JEsK&q4XE;C^d#*
za)WyqGd<rSo91^Y81go~?(s>eCxo^SytFZ=E;+&%(Er{yjGy0Z;=Yb1AXyX2=l5|k
zz@B9xYGlHYT8>C4;DAIVhBh-OPM8o;UovY<t_~%@$zWt*4LzPkOdNR;y``xsm<~qQ
zE4YF8%&?<4ctM1%4N;0vK$?C-=zRNHR^F?@CH3iNTB5~tl5m=S+@j~U`=$Hi^+dXs
z_mcvtI^IaeecM5JHH3W$@N_XhC`P4*QW5^VytFDZePqCsZ+>V-mBwNWv9c&OFvkqR
z2Kgkzz-1tUVD2<7BU>gfZxZ#M(f@6rgbzCc9=*1)b|Jm;1j5#xAGVt+O;Q(!H5XWU
zZ&mbuNI57ms{EzFYgEL{0dx5qo6c?xF$zoEYNrU9*>c;A4wtnBFoFWH=)}CeyOz6R
z3{`k<p@ombvJkylwd(t<9f~JUNy0qct;S!#PWGe%IIP*Rj<!%E#7N8<;#>Ue^S>MN
zb5~=iFMpOQ;Y6vVh2l+AlrVmH{=L3!$qYkeP`}({xddiqi;YE`AwAkC9Ib4~<~b(Z
z$WoEFE+ahyUpc1(DAD971D|LhHRA$oAfa>;=!xn@Q(59I4y5OyX3VMpHyAQoVWC7&
zBFkc}k96xAB5FzSMWfGo%H)i5Lubz(O=Wm@Zj|OXgW5vr=FJ;Dq!u(&s|+5Eq;KEF
zlMJP)i)2^XBG8tiVbd1E7$);!suv4{FWYbgt1-4mT{_(X7)ve$JSsHVmv3Gac)?jK
z3L(}ePDt$7pfjR7|6Tz_c_1Z%!uA6|iiJ>3Ghh)`R_2DWt4o??R2N^+v>;O&O0MG%
zy@10sfS(~YGz2dxRhFa;#q*`pQTL?@4)P~$?&%?`r4P$Jo*O6+qP>elGs-jzr<aT>
zU0ZY5lr#|l%}^kjmX)$i%JSHF8+Nt*dNqM?s~6|TRM$bEEU+cAVB&0cCMp*|`j*BF
z`H^{2=6T6*rZcpIlAOdh1=~W8>I~I9>_jOX+X3UeErXi}zra1uq&6tro*CcB!M#|J
zLZ!(Qy{OQ|CV+%SB&bpS6+zj$L9wq(1M7NnB+|qIFD3A$Q-$Tafdl*dtgr~}8D3j|
z+9B+}sQwQ8QxF=!HwA#2A%BOOoH0ROQ)ue52?v><Oz^>BpBMV|Pxon>*5#vhptsB|
zezlXR)R|i#eyd>RBm@XB2}-i#lGP2bma~NAb<tt4H&7MVFH|7QXvAYpm_(Z>U}_Z;
z%QVsgnA&Z4<}qW;<Gx}9%j}3RTY<m8V=*5xeZQ~%?C(07hVmP*Jh8t9R*w_bcXD#N
zh{zvBZ9pW~j6yLIqsWfJyq8m*!rB+HL-E;DjMTe&DRWgL5JLRGZ7eefV3eSdZqPzF
zwI!J%c7^X0%x9igFS=TC3fd%yp?UpIViz<7bmn0FX@l+t)!c5eD)AgMLyJMC3%;6z
zblj?blG`Ww;fqFWL3>B|Wk3l=*UZ3>zKPBpUzf-kwk3GGaOU<dPo|&86LsBqyK;u^
z6<a2{Z>fVJuv0p}dHyAHsYj2Q!v5RWYy<xEM#tVzKfg1r1$^e9iS4<h9C0y8d+*c^
z5X~p>qbd`Ta=p<grge)pel09xrPF0P-4til5U>GrsW2;kmIM9H;M*ioY@(kZOPrbC
zeZ~@FT74&W2EW*i_5}4#av?IIMORG@etSPxdd3I*Vp;OOx}5rTHglor;K%>TT8{7+
z+e6;m9gU~Uh6#c@w-}Pu>kr>333wnCAln4G=f+Xi7qKob78M%_*rA3CAW^93g{cJv
zfuPg<rjRX_J1VU-ThM04^HjE15+j$-V&c@D9^kDGxiM*WNk4Z8@*X+XWmX}w@pY;J
zqNlEsxkvJKutt8~q_D0mWBu*w6PzQ+MqNk!SwIN~MGu_?N?)wwlb*ADCjEp4P=L|N
zDW^Sib{?ck?tw@iQD!_`tKsv&N?N_ix1VzsQr|`G+2Tv&>ZKLP5l^%#$$+-ZDsRs^
z{jA*b3)Ms2^1}chI8bA-zJK>MsXZ=(Daabk);h#O0x%+c&CxmX3suk=fFVEy<)VHF
zN9L9gnQ3#;g4~p1f5{}xM3kiiCJK<IuUJBOo?zw`w&i+Fv=~&APIP#XQ2xHGQt<uy
zvup8`U?Hnh@FSNW0x=oE4~ix6?)@G}a4&uoTV-kQbtYdB?-~9LYn(4GphZ)$Dhw$0
z4mSHXv&6N+k-^k_g0EdW`O<et=(CB(t$TokeM5NXH!S`MjWVlPq<I1d;BgVNd;$gK
zwWDVjaBe6uB1jjMdi=pHrY%?HLUTjsO1&?!vJy;NTR$=kR*lxZLWd46py$Q7O-q3z
z+kkn_qq?IhftiI9-{+M0wNDA&u3&JxC&fN{Tw!#m1D$ur6J04<b23dupGHU?p<xJ%
z=o$qapfWPIhdCu{OAYhyyd7!KPnh(CGHz<iX4IOZE>#U?G-`8@P$u#hVrmbFkcyca
zpY#kKnZ#TizUps^_dkt#2~>{krD(&0cc}gyG2E7qF5Ex3V&Dh^De5=YL<-p`jAs}0
z<H%}U632Xh35QVYA85FLVCm`J#ZtX54F+}+0z;N8#{%}{H30nzXfakSG^mD?iL_Ds
zq6qpnp^J|m9R6~<oX>NTIE*IRqoWWQmLWcrPuKi|&-m$OH3k8GWae_r3_s-^57|<9
z3zvDazm+$DDT3b8Vr#qcduOq+y0V;gYo)QZv%1p!qb7z8fjz(Zkamk_=U-lLq`luN
zt9?0#5#|{yz&b}60R3m7^??oP_okrRMLN~(pJ>4q3EX>!HHe`rB~1>%g2Z5FS_-(-
zXdRXqLJtTiggaw3RUsyK5BZi2HwdM_%Bc61^q=yNMfqylRrQDDF8RZ5A2h82rqYn<
zZ$HN|KSi(SO&z?YS0H@k#9PK8LY#VWlJ4oKx8f4m@PT7-z$PPc28u1}%fO3hgQlh$
zwX$=PZ%MvmlH!k!!%q)~m5roYhLcJpc%t;Bo7MqvOs9X0r<o#Fky?~7lyWR(7R7DC
zaT!%qj|m&u-$JwZyBv=N22rJbHw1(SS35Q=+Y^vGFEAyURvBFb2+c_?ib>As#He;l
z*}SZ!mT0zQK)-Ekvb#*);NvWH;8xCr31b@7XUGC)NgMqQsEDTAv)0TrS&*A%V>EZV
z>p?X3ZXad^e0K7FBWB^185DhRqTRx4^d~wCQGJ^QgSWHWB!~BeFXHZ$J&KtpchpkZ
z1FZyfnttQ8oBr{>`-UjUA{sHfVTKZuS8hE!uDKQyV6b_L<DC0dSEwJe!pwBK<R<0$
zS*Wn@wxvc9Gcc*J@Go-mE+hg?H{2xy6IS=GMfA(>f+F13#AMT?q&8D+UgriXdC*Uv
zKesEdbR#rH0cwv5YHe9KWxR7&`v~`;!CCl%B*zfO5;tk9ppY4&itiKvnLOVvjg`3(
z1QxbYz{jSt=HLYIpg@FXsK;w!9_ZfBh*IA6Kq&3a;;Y_w(^)JYM(+)VEb@WRjmaX*
zC6-Dtr0576mUBcyr}b(~OA0SlZWf5;w#a=L94GYH<zXP(^WgJFTDRFCuTd>8G(CHa
zC`!A`XP7JPCTg@0FRm9fwvY^4%41~<7E<0cVDuHnu5Im5=5!W^Z&IE56HNKNDqrz}
z{TP!{fx1(jt##dtzxqD$Gs)KOQVRkt-vpL+Yx$1(lQbIjn`tYb5Q(>n=>$&w!2!0g
zJ+#-%{JwS&{P1jR@eF>7MJwX;%5@6+R94|?qPStqD^V-Z-uT9n(K$R#^`_7gbmkZz
z&~!8VSx>|Y$W4DHpE@(_ZL5E(`~+FVaoAqUWJGDNGTeL+y)209t-OCMNL5hwnn2}T
zvC44wc!m5FR<s8kk=&chJ)%S2x8hODAuG6JSQVx>(OPcXJ<Kv7mBv<l!bAh;sH(_R
zSo2DiAQHY8`id%7%DOY^ZPbALFZ`wf^iWH?477aIWdpr|+GdNwh7yzsqcTOqd}rVO
zKV|o~Z^sLgUw?U(4WsarSEdD|2c|I9!=zh>=7y5tW*XUsfXrC40mr?TpBUfX<4bks
zKp{fsgC+-4B(TN`CK0$GpZHND_o^c%MB@92cznWPx8$T$?}D1)sFDG%!L^J4JjszF
zB2JPik{FRL^<-4k8zv*ROfz)<T7(FCk`<chc;{xKc2-Fgtf6cHJw)-oMr&zfnqu-`
zr-lLooHVC(TF)X)2NFv+M<p5`?z#cOC@N4^Dd*whn%+BF!mIeM1Mfj5OFZloN??_t
zv{+cq9S7MBq*SZLf|(r<dKgkbE*Wjy%%ei)*QF2Pr2oP!F0+BQAsy{}k<>Ye3f7S?
zl3L4ki5};AC5J<~3Mi=5B!PsOPlq5je+sSPOIP32sU&p~4EVd$D+A4nf`tu=7aba|
zfV1t(`G8)93N;Pbl+calJr|rC;crP-rS3V<6Ab(G4;xV{6~;PEeKamW)YTs-$=0NN
z9|P>;ar5G6KF7v&3+29i>!L{3inx`OE$$>C%7oVtWO-ah1ma^G8fJ<aA3+@^Ey>?S
z(HTv8(EXhSMCiN=#Y6;Dq_F(9DC10oJpil~+16^ce?GBqTv^?3kBT;)cAj_jnz1Sy
z1=9Oy2u-wQFX&p+C*=^p>Om7RtK{?<EXmPkgb+Wq-L7i6tj`6t^DxVKjL1fa6uqIG
z)zjchpZgR*CDt6+<oM&>>uR+c_GC6g?H$3t1G7*>5u<mIV*`Ko)%lqmS@mLQ9z|=Q
zj}u7Opze87Jsi=G-K@A#AD#$js&E)5jNn2@F}@@H0_N`$KVt=8omH~T)ySq<3<swv
z^}GT7h>K>J;cs!`ebRm`wEJ(7@rEH966POx-s@ZGOi92}6jpa!wMDt_0oe&nl_;3?
zM<lILzWf>9KpViOU`7fuGS`|GJG<ogv07|bjX5=9{l#oyd6*gn#tfNBj78JukLWU5
zDnoX=Np1WN@jp&p@e#=|RaqFP(tT{P9??tgePw{eUp3B07IOJzPpzcV;&_J~HMQlF
z^82<2qiqV^2Si&VXawcu9>xuv^Rmgs6eO!^gxU(~9{a&wT-E)G86MZ@xg8!|(;v9l
z`R}p*z-(d{2|me=N2H2K5ggTdyY`8*8Rf2u8<O<l<;yxi22$lm1T|+B4jOfQ1tE}H
z_ddxshZKA4{3bD>XOvwynEafrXNPmp4!6+g=ox5y9P?SC_*o#r{AijGUG62J5V3cb
z{72Toi+LIz=y_a1Daz>EAzv{S{ZP>aBQ|)A0Pb(TN17G<@kQg&aYz>M3D1Gjr=#<8
z9$(fY96o0N{&TP0HG9}sd*<U)wJS&+b{_p&-m=^q_T?&y=X;I-7jzN6hJ>F#iTs~;
z)K##x8_4rf_jw_ppIGoK?2-t^cTJNZKR>EpECL}a64%O)PnCx(@^i?&kzLbp=oX<{
zAQQHN-NUCig{ee*?()m_;%DxjUYzm(ByV})GoCNN7l&tLz=loNa})x7ZAjLPt5x$w
zV257kX>%f<c{7zhF-f%=t)g&+s2VMyHS?p@F9JSRFpxoWxqdk>%EsCV<pSmhRUiv=
zOi#0W?`(MpWt!NA6;83%z(=H-vWa8QXQ<~B&+nk-^6sG(J-xJ3(RkO3Z57HhPfy33
z)SKS`zQ?Rt<l$0|3RS{rB7J3s=H@TXTpXwfVs$mq;2e+V9uysNbnF=ARs{Gq&ZDXb
zBVJ@DO`fV0dt^St-l}ANDVU(m{ptAAzXlMB%rYaG_E8?5i@)@}CcZt>U*8B?uO6K?
zDOwM!7FB44V2C*V51j@5puId#Dcoo3xJR`BjsX$BrVT{8Ry;jle!0gwfiZ=F=Qf%I
zBZzPj8ZWzsl@z$V&NKYWF>3PPco;<$#!Gx*(nm%)*aUsZ-|fdR%7O6wtE@8D4N>4<
zW9?s#zDCExi|k<T0wv6JAo)2v1nok<N}NLZh33g?_tmA^Pe0nmyH0Em)SG|kEVs-6
zg0H)LydC8OWhNM=AKG!2BTUl`z)Zy6W_Wtpi@e^x3P1ZL#^Cf1ydOTp8GA6~NNNW!
zODj|vp3>VVA3y&bYeVbt!^|R!FHZ8d#0H}p^85wM1wuPpmIBF`#d1Oz6t6QX20!O@
zC3K%FecuXDQb6SDM~GfTHY5xa%n!%_e1HM?kQXABw)o67!phLXtE*nxFUgR&RHe%9
z7Fp#U!2pg?xluvBh>PT_!nyLNZ<^HL;#?weI;vr~(mlB7;k7Zw#@q|(r}kT-m4O3k
zEHJV5nr}n=BeUXQcD}Kxy~GDGz3M|B-;_5;h(=eVkFVsC^gmB#zTJt!5%QjZh-Y-Q
zQ|?_~c3b?zT=A;CcT--DSJfPVwdZ^;QMUX%auBCQS3qy_)6;a}=LUl%x3APG!>qX9
zMUdkxPn~nxHs3LeZz&x;qYtE3oK9a|4B+_R&d?%S{U}v|DDg{C+a5|$nV-xuJ_f10
zfRBDU+$F1|{cr39K3VlneTgw3Eo(~=kntQPnH(QzD4=p&d;$N4q=n<S<Q^*(`LJ++
zG|o>&J30<r+eAgrYS2oA?B-D%+0ngVRiz(*22Nesfn}fhd|W)qNBv|*d+V|UY%^J*
zSgu-TgZ;SWSy5(;IZAEY9QC-^wRDs022I^5t<poKv9!XGA%A%<h3f{8dy?uTGZ+Ql
zVg|ZGMbtZwP$gc-QBLHjfgDvw=gc7*R~>eR!AgUao9AhQX;f`>2}7TEf|lTY_<E2$
z)|5;YKc?53H9x`_T2wvPI-5XhSL?v8I@MbBx@;d`HsaOR(bk2?xvr`E+cn_Y=k?qM
zd+8Z?Np|eSWAC(W*1rqb?@;DRo=nDFX%t?!<?T#L`+KEshbqs)sQ9@mz+F9JMl9Ks
ziPMy8!Zdd`G%hM^;cX`}_(;dX^%5smR{SLSFz3q>c~iRn#F`;IJFl}+mQYzH_0Hm1
z9BP^45>Zh+YT0AVNbB%wnQsjKhSThlV~k7d)HL@Nv)#1DC?E~Mq3r0pS9{>z5tPQ=
zEy5n%wMf6pJ8lr7KH_xA*Ab;Y1_D3wsz_d4pz`Eh9+y?2*B2FhLu4IOv`Vrsi9Cv(
zxAII|8GBhAet>CG`)1Z9>J_>?TD9nQrnGgaDTtmS2+q>BOk|cx<*F^7o`Kap;SoyZ
z-WAr)dQnWQOvqr@wJslaC2#K75x1>5wX9r_+Dy{6?0i78Qr9cOotT_MJ8?aeCK~-e
zd1>V>7r_rI5KuJb|Ed^=&Wr#UA8k{#AAsbdw|6G*M$P6zcY|GEjqOIamKbJiH7I2g
z(@J!Lt&&~h=ChroU3<GGyB-k{Q3Oc9hCfA_iVO4<9W5$mo*jdLq6(gzUcerxqKZo2
zv~v%M?uKdGx8HgD=||5a-#@+9Cg9FL6qp9765LJ4ad_i6Rn6^UpB5m-ql8rj>#n+@
z7E-NIi?xiq7y)UdHk9YO8HVjOkT;FTi}dRSbDuWcghmnTYM~ISu%)4u8*$Mal<YB#
zCX&WZV?omV`dIV5#)L%*CLE8qE=_@W$94p6knM20sbjegg(Pw%b(OYS8!rq~o0?vo
z5Uh!f+A=hnd8&+%VG+>KdD&^pi_CiQVbk5ZT6dXw2qhjXc1o|NK)~SH*rQq-dvSmB
z?##{p+fZCEzmKLp!)40CcP%0`vBh>M`<;wvk-IPiB>7kC#r&Hhb(J`KTDPSoiZ)5Q
z<ubEhf&gP~cp8*>vn5QDDdXmqOhf6)=DcD-+x}9m{-%rwsShBk$Sr+aQrk<#z)%`b
zcw@1S@`Yj^gNxV9=$nX%4_|S_i?4McDszSs#BEul`_WMIFJHtl<7L~O551Iv78t@r
z_ng9%{$kf%Nw1HdOrOYi#{Mvg%t@^#$PHBq^&k!$^e4!_75K25R1r*jXe_bf=^U-V
zpl=}5x?eTV83#DGkexv`qy2lpfm3S;Tme>sYqoykFjFm+F&}0~UACeycz|ZKS}_`R
zk6jdt(g<{srpfD>;fomi3#=lB$AiRH47FY(ij>Bd5=-CQR&kynk4x=634^@u4>k=(
zS}J>hagoF-xF+F@G_xR<WK6@=^+NscE)J~HyPNW&nsk5xonDm;eKm5L$VknVjK+MC
zan*b_9=%#=HMefw!5L-#p0NwzUxzgb1u?pUtgD*$G1zy2nh)6hC#=nZkZ_Onh$i;T
z&^pK{K5=}2v&808KXWxE=bnz-m|7K<GTBB8ISz4&0j=ju-ML<BY(;lSlZ%A9aBMup
zWnIrNTMj_(jYq1TSYnGK{F~ryNfPCBDgy?=&;px6@z|h3KbcgAo?e)eD8+256zUPo
zeE$AnTi5_*KFC!ZTJ||Z2&E@Ql&m6eJOPq%f*M@{G(^X%o9n5&R?lQrABm|`rIvPV
zPf>n7E!LwEjCK>2i*z$xWMspBkT=-Lk?g8XxFLZ0ppL_%+a$O?+Jn5SZc#1n;y5(Y
zIT0;d2|IBqD4<9n9_iAxr4<qUjl(*hXWZJv0Kdg@4SM3efTFt2<3K~H+2Qb2%Yl;4
z*fZ6<kg&a~$yT>P{SFFF-3iy>GJdSh!6X84x1#cnlFyy>xKBeDRY&-q0XJ~VLJ?UO
zw-8|KY?l4hhMr41V(x&8<#N;$FsrPj0I+3k;ned1E=4``@`;Zy)}h-9^Xzg!d1JKt
zhdCs%5bNPyB4U@^m~JZ$!}&37@M0}RC{E^2phfdT(?4cf=r=VF{c~HEg}Nn{Lm02O
zH8a{9Qkyus2u0~_INpY8pug?U&3U$4bO6ZCl-Kjg?Cdw&O0K?0mr=aKt+<G3Zm2GA
z=hQ~+ope37^NHn=Vh&hu_HACqh}H5cqGbN_i{+@DYgCE9Hx|Fn??r)){4h1Gn|A9n
zHf6dn1Zm%QZ8(TuhCSNlYb$$&S=8DU%F|c{7RBhdifOA-co~mZ?br?~Jzn20XHP&}
z)wGmu^3?^C4ROQDoN2EYM<xeWbi-xr5mbN;a;&8XD*pjAV@GDm_|=cdAl_B+QE>&T
zWq$fp<mh@DuZK_{N{kkimS@7|6CRJK<bnxlArfHA=~LI|>no|6*N+M^NtVCZWhzm4
zJ&w{NgePIHGwLs!YWlkBA@s0^{U-oq*6NkhkF#dptoBfxZA0H#j-Q<1LZwS!Bz_!<
z8jpk&kXQ|r;G`RC`?ol>Z`Y}nAxlQ_<-qiLK-weNr3Km5F#}GeOKdvD*iPFdP1y9b
z%@`Y4qImT_L~Q%;Wql{H1}Dpj<ee6H^}S`DFQHL92{4o!aR>S7X|tN(g9i8vMs=z}
zuZ+FmkUb4Wn>dbF&+k33$KL7hG||h&iq-IiLi-_*pD(*OGs~Jdi_+Q5@N(&#ZsV{V
z8a%)J!uuY6`XQ@z&A6ADQthH=_+migj0g>$x4aaVE64LfD&vqqI}Qqg!0sMruru-6
zipVUg?NS&Zg+$&zQR=v-00qR|S-jTfz3m9=?z*+voMvPo`6Z~A6@<xKxroQCsRgC#
z=4H-c>9kpTSv^OD8zqpDg^efOu1hcC+{&7Hxu490D_MaSdCtJgW^fu?%s@~wiY777
zmLKI+bcrvp$*zi|-$h$07iq}2<Dhd2qc9&gbrIAP)I_W=L3JF}^Z_Dx%G>VCUd(8W
zm1gNrknI)6K~iGJSv!bL>WI)4JZHMH7o-o(kDsXSx%5;l4>;=MGQg(USyV~Aacj%+
ziG(VfL6$=!B?cTmN7#t7Twc-N&$Wi9z<R+^bX3j;BDm0{qi_qC&k_@>G)O`r>(fe>
z2Nzb!4r8#G<#y58ya2}(#3@!rSnMsD>(C}5pY7FSyP{hXLd2x$yE1WneqL4SNc^s#
z?dqiw$C_9RhE0m{w}UuX{fx&X=EkBkTdO{HGZ4J<X80u*Gw-8eM_HWFL|Y=aX4uQ^
zB&}q|*&*FAydurh!o;|q=sDx0pBo^*yqM$kw2&9LrG>mw=K<2YqNkG#!8?nUzbeVz
zg#sEYg)`aSpxunErtM^Ex1%Ha?53VP-He|RPj(=`sRc<-iqCmACCD7z_0@O-!1Gfs
z1ZCt6_kURlE#nH8C7%_brX;g1^rFh)3`7X36gg<|V_PX%T!`b&%M|O2QUo)H%p-G|
zBc29py%ad~{RIe4(>0+aMpK?qifmL0=gYce$jR8_4ow*V$Aj|*rr|=PuawL!@`Y(A
zII>p+M~ecF>(Z)!<S#?`fK%#RJr?a<3EVT#K~;cSn0-blC~S*2z;|COi#wQ7l)>#M
zBCw-({_Z~Bc{t!^94$@pP7Mk`DOwojn-<s4wd>uWh5*2KA1nq`$amxCqDTO?2<Bpo
zKmU^Yi;s~CMnC;Pa}SleCOsqUt1&TON22yHM%gzb;CKZ*QR55=Ky!ognPR>)7zLV)
z0O{G#(^GYUdizfB@n})Y2M0u$l-30*V;bG=<Q~5&DB#8``Buoom<S<B<mx0jCmaaC
zWA*3EkpW6PlA3-G#D><<2Y(5&2ABF;DPRduf0U1n!gyN=YYHdDEab)$4!){F&!+xM
zC(F9&UsLcB!1=nmNP{H@h&6YOxhj^`pSjhS>1;dR71$h|vnw-grlSBVel`7jcn&(!
z0QM+$_x)?sZ@u?f)bB-kq`|}mCHcH3&<3%l7{Fd{{y^xR9L3S2OVCzv=mzveki{bl
zdWndjr=j>}oPtt8ni46g)O&q!v^_48DIq?s%x`2gldrHe$q!*8^maRbPA~cjpI}oX
zIR#peUs4nrN6(bDM;ir6Y2yCeb6kJMpDGQ|AJ2`g3^Y_q!4!L?(x?m#=uh6E8+z_t
zk^tfFj+zSEx{1ir8^@;Mh#a-74!2<%=m%5y$Z+1T+_<AmjsZo!Ju+EoP$bvJNZlZI
zNEl&>7SO%g1KBKtOgKYd$b2Eb$Ty|_QTve|nggqMAwl;0xKO(o0fc`wWCx&(GJ?>I
zYJ!pvM4;r+tx2Q8_3m*DF(R!=yX17}_W^JRYEbqlgUEaoc&T@e_eC5)VWq>&$ovF)
z#%CQ9uGyEqjuk<-;mI|>b=jq}2oGD^-brWT?l*PZ|BJYFUnKqwojRTWO%kr6Ae)c9
zD%Y6*7h&koOa8l7+oqSwAw06{(oO9c5{2*b-<=K>A+jo1?1dmaW}R8G%gwlUHX^{?
zE4)u4G()T^hV}swon=OTzoIQ7hOInA*~!8%$vUtZ#$DOSI#=?Cnt_XJU=&ZB7>0eR
zCbrEDE4<-K+E<M`K0sc#GK+9ps}62{{^urR*-w%ggaHETK>P1=KfzxNpl;2(?a>OI
z(?RzaNObtOAS$Y$;2qO;wq4;m=y;3X|7cIazx4hi_;YBZAz_V8eZHN@OYHFL?E={t
z$nD+l?{|5gwwO2wOP<}d32s(*3Syf}P3jbfW0Vrs+esug4Q1k5cIOHAM_-SuY+Fj(
zmfx7gV@ysd2aC6%u>o4xwWcyoW_>y<Sz%g;yCGVWM5qXvsKPa_<LiCUFQ@-b|1H5#
zn(fB-M=aAR(nXoeUm&SV${34{f@OVc6*I%a`r)W=U-G)=#z)1VHdZir(0VSaHAQ|i
zueOGMU<z5kwf>}tUbjCenk`$R|8&>1kS^{FksH^-Vq|oExU_JJ$7nUR@{lK`+Qrb&
z__n^o*K0?mpsm&6a$ryt#8QPM#>5>)w1TI?q^_{^?+5iGWoe^)oQ2I(Q_xw44r$zT
zV3@h2aet(61X^CMti+J1;We)Kj!Gxbi%oe)FP8sLnvzIz4U||Fpak$yK6T}XluYqK
zLfFJ4!V5QYh$EdmL1JKpDz}v|qQM(RtPl{YDYpIyaH;jaMcXsU-xhnmXsNO7K<@~l
z**vh3?riYCN<x3OYB1I9wA1Z0Z)MeNb*-)O=2v>>&n3}rF<r3zd_CW~{g`p@dCY#~
zkDaacy-ZvUw}3fKqXXn{yIYJV(h7T>BpI4&cW5&W(q7YIar2v<xXd<Ho9xVBr@2RE
z<#$4$i@UO?W3e)oZVBz!p5v`J*UaxQu_a7h8cQmhnB30T?X;Nw>Y9m}_}&+y3x#r5
zk+&O}s}qx%WWZU(?!U4ebaX^Nad)w~UW=c?F4fL~Mq;)MbOZE{V<Mz+23j^>N4dms
zc(Iwg<TyUnGY+0#wd%;v9tRwmYxybhSG%9MSQkC^%}Ej;f|tjX)0xLcVZtwFs6>BJ
zHn$~GCN<A$aB9yoRaXwTb#}q7ERU?q)a+%HChPI0N9}ifxJav)x~yz;nfJpXs=L=(
z{^OdIh#R-g-2qa#mbG}wybF12tdByS)^?s566sf-9nw-3oT3Ak`jS5NEwPKpqSX|H
z(*~M~azL7xWC$x#Yc~gq=8fL8;8M@6RzqYn*%+gjx|G%}xs@jjOSUOPlf@@|19J$B
z%{OV;>?s!c{0m;~hwk2;Ixd-5hc_xr%Ez+}JF;)$yaD3r1Iwcj<=}J-GZ{6fR4Ba2
zC2&g>^Ijd1<(l>AJj|=>=BG}5s16qplp`wkN26W$sLzb7YH})BOrfBMNpoe<8~quB
zQ8*ze*haRaX1m-nxJ#6${d%&@N?thP>IZ>MqJ`B5b;Bi{n=W}l*HNLC+LDvkb6T??
zEz|W&TL7Rn%GPzkm$7fVlHx{J*oAHx!NqN245&pqD_xnF`7fDR{xTW7>40&@P-v&~
zvk^6SV;1Y*c1sQ279%Y@+f4->tne)fawYq2A}?9EgMDLSyxd$iTI*$wYO@~g_h%=T
zJ@+w)f2aQSf9VZef>ejyl+z29y$zp+9ID4=&jQS%mGD0O5$ik`EQ#JF3<y}7ZQ^@Q
z2~z=P$(z@cVtmtmgc9~I;g|V1|C4r0aNr^Mm|T4_z~RR718CkR#DQvx9R1il(I$}z
zJr64*BFtqD6?%g2hkCNDG>p>Qe9kN3Ye9&B^XfRnnhBW}<SLnW?AO_}$<*-DQwk)f
zECxWt;3p=^F<kpvgN@&J5UXd8C^e1HZK<1Ug(Dln$EqXi>9>C~*jD-{w7L-)@V_d^
zJ59D+69#~;QlPJnq2et5zTFCa3XW>s#9<_n5JU7}XcdY~2L3p~Hc$Cd(1wsPUXY9y
zJ4aotu)2P)t`C4j3duoG(rXyBIhOWlWCb)>R3+fnv049)h{4w%1M*+1*YhtB2and_
zingGNGId4Zf~;TKr9YTiXtQ_#TVv+jWF2_YRYKD7g1*u$rUxUE{u^?x`((HObrZ3o
z%6>ze)?TF&e7k(s1ypPpQn>p7tIF7eQ1W;c8r4|L`-sSmTgNZJUpD`;h#=W6W)Ikl
z4ml4!|1)$KYao?pwC`ta?EC1Rism2pvJe|icPnhFy(SEE_4((@2f}oyk-DQMY+2>+
z=(+H~hhaJPElu7B)S~EkUFSKmk-(EAp3VEbl9OMGC05-c^U+3ofVqS${Gv0FA@3K-
z<JlmHHFKd>bs4V?HBiAIS6p0o<1)aidEqR?>fz|`{aKmcMi@L+2-@E#9--f!M^Wd|
zZcSRgEvz<NZ)NNi-mi=Wzbn}hVlI9K^$YnKyG+&B&;O1k!X7=YQfiP$NfZ_L#2trz
zgW^h~3s{Yx3KEJ-rd8bbw>oAB?q6~|zMeN6ogtp!E!~q!aaOfoCB%rlsp$bsBayG-
z+PZ32OLd7WyN!z#|EpSPo(p%X+WDth$d3fdpU?)KmCm(Jdps)iKTLJ`+l^wPv<tqc
zbAr354dl+9fqNkZcOB`W?qlb_{~91G-S9s-$L9adML$0}bdQg)I6FUUZIR07Pe7v~
zpB8q_ZMBk<&cjfN(H}D-K2;A;`f(C1tW3ZS2sxI-HH?_D5`WeR?%Jn#6bzNjK>kiO
zAFnimT3|Imm;L73WPCn~;wb_-$W1xfQ+B}xw#72<ei+yyNUss-mFXqA>W!G<mA~Xw
zaORQdg^xzU{!mmHc!~%bGCx~hmn{$HIneN`QSK|j-WZIbiv{miX(9y-f0Dg(s^hEW
zlQyK?yvGFKOMRpJsuixDwH}+eD7wBWmo>Cq-X<Bnz({bQkw2k_gpwA(qjptHeR#{X
zs&-mFU))+hk={$2j5IF8np%AMi|H5fi`bV)O+8WJA=j(eE~?Tocf#-S0b~F~HDAge
z#Vh`T@63JIuoEb--xvTT@b9c1Dt`HKIun4bprQ~hMu~orK621E+ItgUXWV2(Mm1&u
z;rs9LKVgu)Nw<h!xG05kKcF`qd!S?zyK!zqcu<S%q&eT=-&pI<h<M4!%Y^T%Ql83u
zTs#+R=1+wFFTKKyYb81ggHO32$v=5N6?CDH6(DbbzF0iuSTVrhWE35$M#{b`9_Lam
zh&9v@zQ|5P*8;b*XO*p-dEf^lL4PC|29RZ*F>JI_7%0&0O@#@@0YOK&cGpsX4#FCY
zUMvUM;&nae#uQ$NCu1n<ipO|XLW{wzw(5chR@TrY^=x*-6al-C?<}7ag{tfPf)O-i
z&7N6wrpNJ>Z8?Bo7b1-4O`5h|YL<XxiSxsJg}{=vcAjIvIv(VX=X_b0c~Mz_Rp5a3
z_#u6#!D%-*h*0U(tw)%~|5Tg!E}imdZUx5?uGAb1d2kCv#lVv{i@s5k758A}Uu}e(
zW$ZWM1Z$UY*}<77e2O%F4lGPdk~1`DtE0{#Cb<Fj7(c+6yA-~#Yz_QK^ajB>f%_s~
zncNC|h7zB5dOuc@dnD5{a%>G6OA3ou`{dVS%L1~}V#Qhj<1Ba3DISNjNcR5zPPr1y
zF!#KW;r))LJ#A15p}-dSUZE!1T58D&+2aBY&l}s#{Hx#1FvMc=&Wt0pF-5Q8PP9yT
zGB0ofU=k4Sfb127^v@eYFEg0HAHL;Y*{f@_W(#{6oTZM1pVf$a`tqn(e+aZV^Anm!
za4S4r*+k}X?g8FvkBY&na@yry>v0H#zvRK+i<@rK@xoEqspx#Nf=h_EbSCSC#D!E4
zAmoFZKBXvMIOvwPsI<Atyx|{mv6YvRi--?-F#({}bzh=x=fZ}$H(uCTv52W8es>JF
z=nC=iY^5E-DtWEW=gJn9ZVrJvn;w)1UnFF-D2z~J;7k<3@?6|CH;;!+EtZ*F(;q{?
znlVHY%~V7SxNC{UKDy<9wTkQgrob*C%@gc1prjR^;R&A?yZaDa9a<bEFTcmGmOzkE
zat3@-RZHm<OMIwmIcxTp=BzAqERgvjYF`LokROP4JX*xF>5<q*B!Hs0016~B7eQ;4
zwuh$ehid0nT&xmqdU_^Xw|B4fUwEn`**{u~IzdG*Is~+c0%EhpXFog-PA<d!Unif~
zN?=g`0x|;5f%QKOjO~3Q@UYv&yca2B<N*skQ16Ise}I09ty=m$ZHygvCtX~Syt4nM
z>F3Io9z>r@dVx*o<!K0I1I!PwaWTO0hhOhqF3_}6+HL?b7brcnC`YI2m9dx^?nB6|
zVayQW@_iyxrFXwWyDtq61Dk%uGUI25)bGGh^GB{jY5cgp9%nL~%HAz2hcuWLt^f>m
zd0yI|)yDztjvf(CAGPtxH_zl`=h<+R=gRpv0z>rZ+=)ASFEp%V#K8K_y74(#f11xh
zr(GlI!q<BfqFy6iY9w|8zfS7`2|3TU2rQ5ZtGT5yCe8-dpxZp`qPLRn#*eWFJ(0xU
z$C(jN--U>=<p_AZ_<w|Z=IEU0iU2Pd=j3z(#UdRNse4za%7Tni?;fqY82C@*5TMtA
zuH*e9xiPQO=w5_yAD>rn#lvtKdFg74Y+E+86OD6hpLUrot4a=F2DLB!dbRtVdK<S)
zT;BBupxb!r-%<ge0d1Cnw>`~JTV~ZBY&ja8;4#?+lNgkH-shi0XWtMU^nh*^2)c~o
zhUnJR!oxRf7uM_@NY+Tv_oBU<ki8ooKEG(-^x2}9NRu=^&7$43f?3KvpKlP_MCq@a
z`S8r#+&ts!aqB11{ZAz=9%f1X7%;N)*odcOJ3t^Hrk77>lIq*b_uynT@w_2%r|%~`
z^A<1cu!!BR3FDleesUI01W*>@ajlB3m48MRLA4=N9Wi3jS@1GPC;Bp{C#visFfZ()
zGk@p;vO>CGsWGqEfJQs#jhd{#@6GS4F`uB%@(Q{(bU}0!Q>$td)}A+k35jy8{Ir_7
z_;Gknjfzx6D#zmIoA8bP3pfP(2ao^y_!cmPkf%}vpll?QXZg-F0({+`C;#S%+{@)M
zu^(646$&at!2r%nXn&RR=BXC)Bv3TbKNm6R9IHEm%xtS6k!rtKn12wwCePpqN-XiP
zjQ>r=RkcokB6ebw+m_h*wS}udQ;CRruzZu(h6eQ3;E}WnwSlDmz)$Pg?~d*%jI!%m
zFm|o(p&Wm!)~hRe1Gs@_8QS~w745O_?Cqge*)0|YxrPQe6e(jL_7(NpBjW8*(#Eoa
z=lAWRE^^;j9vy}DW6=MZ5~u7^vVP|OniADY)}c%kQ$K?)WoTBSe#n=o+g`<ih!YV?
zT|vued)pEqS-Z|9XqD-#{ijSO<Kr0@w<96ymmu&A#<x3g2kgD0tq~%GARAS1OnF|N
znVQ_%f;PxrL3Fa+7uHcAgRryQL-~*`qlIR0Xg9d{B#7IoNc#l~fxI{)_4@Qv+Yi|*
z1c{xIAk>$i8Q<CF%v97XVC5E*dxDM#tr~sOc?m`bPrQo0r(we+-;bU*{2S^;YNP(m
zp}klA3&ii$&#kR!R7UIzfRpMKqSi;@nAB88uD6OugiN#c&69G9+bqD|cj2q}#3DIF
z`DP5JsHAC$c3c0KJCGJ8XvzK8PNV1d|4N1INpygZ|JnhL^u|vLQKmSd&`{L0w$xRL
z%3@o|z=lIf2997yeX?)!+F(2@JqIv~;RTf{6sEm~BJ2rc&CU^#G#Qd}cRHVZWZRRO
zpUm#+_X1b-qjK<Zc`1Jtu@^VX`&ZXquGI7tXy@;`@us)^$0(M?i5(-xLXmGVvC*Jy
z06ZTq#s2-Pdp_J$(26^lYCEXPc}4Dae6E$)toS!-SC%&x)KMB64NqyW4OsCA0$v<}
zGGaaQaCv#OQgyII`0MdkkU$AiNxUe%ZY<cz;22}J#0FkEKGC|JvdN0@XuiZ?Uf)m-
zPf`gv=%~-~7BTfa0}X>Oo^QX1!DNXzHb4w41YRi>8MvO9;d2UZ>!`iYz_GN6mO+8W
z);xarFD%PZ!<c~$s_@uj6b2Uv^YFXpj#$C7qViTSD+}KU)El;08kF*L`Z<A}MUR>9
z0IFnf$}rqiv=RCvh%zr2HZ+KqHh337q^OK}-5>2P6VDD@e{qb}hWP}=KzJo+8bC$z
zMK_y13PY_B9jy~o$3r)D-Ad~A)|ItJJNAX)n}8<Y(EtYfyIIZ$|0=PdCaK0rh20$`
z>e%wzoNcjRVnHjkc(8Saph41Z7ZuZPB;oh0QI>b0cw^fL+*s1?&ydJIBw4QzucwS*
zM<t~TYx{${3?A_#9DAy~!-q^;kTkchVLA1bdyp~iez*HEJr1hIv0qxRLHxjtd%Y>F
z6KDz7TH63Ry1YUcEPPf#@wZ<vN|nyYD>6fc59Ig%7S%;&-8#=d+A!Y#rw#v~iS8$b
z95AFMnk%rbOf4&18LS|R*q@k3@zk>}lW5DHS(mvI_&<Ig6rK+dzEoBiURLnitKY{o
z&Bxo{Z(tzfHRHR6^(}FE9(1R0vVCQ`Q=dN5_*AJ#DKxUNNU(72B?_DcQ!*U_<|OIX
z3EbS7U^k9EQ|zMxSe0&KPFb-;M;T4P@2}}ubuAQ!^j~5o^F<Q`TBb?`)=e=xM0jxW
zA&PN(8T=o8m@aq`$;lqoEKD3!HrOR<B-n%E)Dy_I9^@5Q3!GEN(JgRr5Far0==tbm
zaQ27b6BTf@5Y^8Anqu|u)ww^SD2Qs<^M2gEGehXr@?QoZWWzTZh6)}=^Z*f4SR_<O
z&fgnmzSFgXD#bQ=enM=o?h3%Q^nF15ms2X$hu<LiXK%Cm&)x>ikZ350j;QSE>|$!G
z;AHP$>f~Z+>YV7%hz^KWk#_zMPGol|Qez_}@e8;W)!5=9^?*#^l4}l<g@w*@4pTxD
z|4FMSMbu=RcpOTmMCJ!V(`7OxnP)G(;jAX|=Kc3OeMZh@+>ob>)~v?D+st9ksQb+=
zp!XB4j|CexQ$B|VgI!70t_r#|g{nBpiz=6C%WSg2)1W<O1>j;G;2^&i@DY#%cVjIk
zj9KZ|d0r~zYWG2uYn85**vcY3Ql?uYtD9bvP_4doU)yS%3Dn!)Oo<$9tQCWpbDS1b
z12tRP_={dnFN4O4wLayY5_%+0ZL7sREHi}`v!TWuT_$$bMp5I%qmr~s=(rv~?8J7K
zl&~&{e-u~A8vsoNJBaXxO~1Cq2qV25I`9h>mN6=Wh~sS7fsl8%v1KcO$A+wtwgq&O
zZpyK@zE7JOmK@$6S|udEGQ}7?mjSkj`Q;$&Ff9Ue$0+P&RE0sNB&AmuHhm}77_5*=
zZjWSeynD{ulaiy@NJk9&Hde(=>pBnFBY+((E58Yz46rMGV2cLTHHcWRt7pv7ZN7B6
z+vtmNdc-IhA~@*gizF_U64wVV<)O+`6DEMSu!|C4cHn`4vT*MkV*H^3%>=7RjfjV!
z6T82}xBFn71#%P@O9&HfcvPn+=r2gvLmMG3h@*@dy$>p*ED8_2)R0}~OI(tc>L|M5
zD}e<@2T+y7;kM}fr`SNkuT)Sl3VZ9!N{c$U;Cr^oq|Sq?^y};H)2|2F$f<wYPjjls
z-FHUIJ>VM5^y|Fnl{2K#<zot^XP~aOSE{w$_@~+#Q;ac&H!XjSFj1B>Ao6Y7BIag@
z1?Nl=bt)2MMvZm&%+0quv>rb;4H?RDYrh6l11L}NF^Nd)Aw%C>F*MaSUD{68jH`Bu
zU$S0$)}-p#|01V6m$)#oPCXgts(;o(-Tjo7_IBy1H3HvNN<2E?7O}YI->9dDp*r^d
zBoO9_L%{ZU4oiHG<A$5nJzd_mt*B^&39O0TCe^yA%thyN3bgAO^MpmtJ&Fy9rTD^<
z0VI6)AzJ>Kw!vWZ?Fl?29ARTj^WGV5tD$#s=!gvJNn3rgfixG+LU3dhc?T!MvNP4+
zLmpI4Iy)qW@MRpD8f!*m&$0U|o_}$m8A|n{L_S!d*9M%-h&%+*#S@8`9<Q(1x1T=F
zB9dMmRMOpC=vJMrLlS#I?gqayg3Y=rFnWu=kvgDXmL1}ddEG*p)Cp>u$K8(qer<nA
zS%#Z?goFM3pMBA*O71S}AKgU`;(wX>YzY85ViA>7nC~AYZM>>K6!KJ15tiVfgoK+r
z&t4AQZ0@TG7Ds`vSU&mT(c$!;Kz<a5Hn(!p-fLv+jod%GS2t5PwY&U&AOa9AzkE8n
zrcC+6z_obHGe~N}h7&l*(JPZP3Y3(~t;VHPjW}wVlNAFE>tv!$>Zc-3#k!5cs7V18
z*fw%i<KxiPq-Z(9T1gAi=^$2rs|HgqDk4zC(#aM%Ofsr0qRu184s8O@A!>pj*WZHQ
zY?O@P?h6rq0RwupRwJ+43z$IWE9gp1vZbh`b<djAjJ+<hO<OCpB;zl=tY`J^5P#*&
zL&%n^Br1OdGpn(5&&dnKp$;x3|N8^E`~~)`MHQW19=LTwrF4BS%fsM*x6>=*nRwf#
z{1TF33Q~Bj{Khm*LwkCO2D0-aH9axJEB(6<jlSajO}luY!Zi_Sos?lEuYyQ1(YBS8
zYfd!^59Lf>nPpgqeC~H7J~RVJq2Jwr?AAo&*2weD%(<W+x%<1*&vFdH2>2afFdFzQ
z5DFwvuKe{I7Jmy}pf122{FlZKFK`HrJSxF2!kcXj0@%SVZvlfbgOlgvg<vCf>rwXO
zK;RmAM9h@hi)xUlp#!^N9JZ~Y!g@Q~&pPgA)%h8ml`D_XXM1fh%%+*nKSYPvNP7H7
zvDwdW(a-*9^(pnlD+EFDtGL&I;T*$2VKMh1l+EMN41u$|j%VU%41<B!*dY||6H6ZL
z*A0T`(}x3?QH&w&0KEN|d{gjE_zgCLO~Os1M{RWNShg^{9hOhK0}J3r<fi$d`T6m2
zcTAXFD<Kk}QmDkO%!3^l3T&H!s8Xo;+CIQP_2iZuVhG+R=o7hFCc~xu&?$lCsIbKw
zh;O((;+s+EDdBO5IL>E2HQ)K3rMu5UKXc7%K_GqmVI+LdRfIg}E3v!JM1Nz=Yf~V<
z+h{4S54f7{UHYt>2V9QJKGIc8VC|qX2G7Obtid2$>+i@H<X+yn56J({GRuQy+S^3N
zJPp8`JBljmcaCf(;=qD}+Z-nN28-nyZ6-8$(?T>v1SN=EVyem6|5}rx_v;Ee>I>>9
zB8t*Vm7<CG-QoD%#XflK$}EuBUhHROZF$~q-_q^+-uArA_Okzg)S<Ux(Pi;%Z+bCt
z5RgK&XTaLQlPUE(Fyxy$HxQ*al!!HG0TLFwX3*%cve20mkR(k!jOND7qxVjdiZFR_
zrizI*DKX-MqmSN?GT^KsCDiR{50pJc^Pz}|MOWtHDlIjSbyAmErr{m83G`WZHyUb+
zSrd+g`<3w+Anau(FQIz0)i{I|78mE6=t$A<a94_TVlL-FW42tQ$RA2dI`@sz0NyIt
z2?Y^FC579d;+_L8g)uV6F3~Kq>AzuNxNNe!D5>Xj!ry3N8>O{k7T04+szis=ST2w=
zG7=VHWpNir7tJn@Tr-7%H>fHb-Y5nuMx?x#4=pZ?%Peg!9u3(}y!OR-32)~!e?N9v
z2y`RxO=b9N(cJY1VjWn=Bj`<`0`#RZeU2U5>Z1aVMok7;Y*xScwqhZ>G-7}p^DLAa
zP;(Fjr|uJyLov<Hb);@c(rT_((LzE-N@9?|7?o8#A`z(Tlz`Nb2&Sj;Bu^{O@3>ok
zQ7|0{qX-Q+G7DR4&ajC$SUKq?CmEfzn0pe?Ba{D#fL)U+IT8zr%5e-z0;FIoE79|L
z4uoW=*b6_rHz`Xf)V${dSYe%E^$g?ld+L?6muzuYBB^Zhz!FU-xX)lc?|uz-xfG+-
z?+ua(Duc2yPoc7KM&Xm=VV8z**v=(S*$=bz^VoKKj;N%<K31loL-E916D8p$BA>-i
zML}|xk`bW$tX-4b4XN1A0K7Vl|583^+p(s^uh^|&PMY(c8ECMKKMhqN=*E26g~+~$
zNdB;7U7=+?B~Tk{sefcCyevv`5}q0@>9i?#gDy!^4ES-LqSD?BEy*v6tv@lte=A_^
z5Z;b~?d*#<-GQQbm~)-)m5cl>+8&-Zl*Qj7H*Zg2zb4+e5yr;K2M{y2VQ&r(sli4}
zS;VgXRu=q!ZJl{k6Gt4!ms>8Oaztgrk;s)00*Inj1cRYSL=xo)ic+AUpb-VMP|*N#
zcpxGxPzBKlHb6kb<$<l(P~=$!D{4^`5a^SjNQjCeYU%7^6W2EH<)3|@_xsInW;5BD
zH~alE4)}@~Mip?&th&dx_VH_6-j%N%*yq^62ckL83HssGmy!v?{+yT{xeJpQXAP?E
zO>baXOWQ>@%=+it^r4dI@ugmu{BBZjq*fhQxwBa{bJWzXalq5Jt1c~&niEJfFF7Y2
zTg~Z7IyxEbdzW9IAF?M79{Dka8sI^v51P<7N<?~sslM>{E=>y^^x5yXPriP>u|#6l
zAZJmcVoIa9+}?!l`=Pz_%0ho{k_T008?Voge8r=8^b?;|-QT9|)=RF_h-^5*8gsdM
zp}=5FK#&cVMSNF4*_I+<7qeY!qdbg?+J%e!{TxF=0{I5u%yvjkV1P$h*o>kum#wl+
zRj>T~p|tRax70P??YMGKh1_No@B8#dYIRVJ+YWa1+phEjFVcJBhAC^PZyL1voG<YV
zdhGAq>K17x&Iw+@;airnL@yGH%3A~F<bAfb!<r_oB|lkp-f7A@^~;2IGutY=DsGQ~
zxBAaN+`gQ{?^`jWIXFY?bypg~d=z=CDTBxek3Qif1r{QYb#?jd;YZRK=GkYbivog|
zEx9(nCt^v2{z;CT`&cZS?znfdiqLhHHoVfaQ=c>|K{{o6?J-xC(EfK196K}9OYS@o
zC$KV?&29O>ae!L~I1Y_tPm)6qW{~8S9+J#9xj2)5eYI}*WayUgvgQKK^^$KKmPQNO
zn-6*Wn|km5aMJaewnb&FVf`ON{1aJPx`(nq-tM&H%s%S?H|8~tm1x|Rh%=F3arG<H
z)vX&Y_UC?o-?i-neZ_V8x+J|#qoKlk=?~IGNk%;Bg(!oW4_`WI@+zNX(EJB-Xtz6?
z^DL{<nfx_|Hombwj!l^f@{Xt5H|xo=XenF!B|Gy8qj|lnI!m=4{MM-^OdVkoN6D9+
z6V(oVB+ycJ60YV=krFr;$fWpn+$LdAhJ~y`9+q>N;XLKmeynA-V~^FmmQ$}~*3|LW
z?tO)chY2HEI!BZD?|k%^`k7oHE!w21(@iU<o#D%~3n!cV=I4q8WL4MPu=9aQCt~8X
z+tyyydGmF6oN=w2ZR8g1^_wE!nu_1YgtFp`zZD$!*&ny7huIU+<ul<J+d{rcKV9e-
zU4~S}AYYZP%JShY&TJXE2lkTr=wHn_!|o?*fiGyQ9_kCKqG}BN>kMiIi7z57Ayb=I
zyUg7aScQ5Z$At`a7EP9d^a)MXuFQlGfsq;FV_=EoRTvUajWjT}ft71LcxbbMfDnx0
z!!(>GcUM>w6?XPOCVoDSGBiRdcPy6DryGKn;;27OP>O`CtaK%Q?rG|dqjt@iru^qx
zWARXn%2l9kMIb9ap2QMDR7l<^1uG5yAP65Xjf|vLabcy690V=GCA?(=0DFWeqQD9-
zG0+eA3j6FZC`V*X#5}CPYPAD2$^{oGh&tW$F%d-rvmQb$s!i0QY13Cjs@;f6505W9
z+TRJKtdMKY23SE#J^nAr4GR$Mn&ldpj6C9BW1>2~7+fGB=nyHiv;Q+hq9qWL;yyh@
zN*!hhT868@)B{4ynLbzxP(k1$piXm8Cml!mEk}M8n;;9$FMt)=ry${S9K`U#puOT5
z2!ACVi>Oq6gdkTOJm{@}&BQJ+Do8Y~M+8AuIFRT23ABY3qBx+9_`#wEU=YR29!ra=
zsXPQw9Vmo`i)I`IKp$B7;s69uZ~%u305in1mI5n}8$l2W2i5Yhbj7uHFnT&B7Ni;i
zUwo?eWDFvJ+Y!BAl^c){WQmJbyc+|#bvCeKLkV=Q1r9oT5QEOwS;LCW6Oa=B+a({y
zps7L_OQ~FyL68$JT6r!C{@<314U9d{f{tT@i3VShFdqxwRzDy9d?vEPg`O<HAZi0e
NM_nIy9+aRn%RdGVgopqD

diff --git a/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.properties b/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.properties
index ed4c299ad..4f32b203e 100644
--- a/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.properties
+++ b/hooks/persistence-defectdojo/hook/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-9.3.0-all.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
diff --git a/hooks/persistence-defectdojo/hook/gradlew b/hooks/persistence-defectdojo/hook/gradlew
index 1aa94a426..adff685a0 100755
--- a/hooks/persistence-defectdojo/hook/gradlew
+++ b/hooks/persistence-defectdojo/hook/gradlew
@@ -1,7 +1,7 @@
 #!/bin/sh
 
 #
-# Copyright © 2015-2021 the original authors.
+# Copyright © 2015 the original authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -15,6 +15,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
+# SPDX-License-Identifier: Apache-2.0
+#
 
 ##############################################################################
 #
@@ -55,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -84,7 +86,7 @@ done
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
@@ -112,7 +114,6 @@ case "$( uname )" in                #(
   NONSTOP* )        nonstop=true ;;
 esac
 
-CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 
 
 # Determine the Java command to use to start the JVM.
@@ -170,7 +171,6 @@ fi
 # For Cygwin or MSYS, switch paths to Windows format before running java
 if "$cygwin" || "$msys" ; then
     APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
-    CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
 
     JAVACMD=$( cygpath --unix "$JAVACMD" )
 
@@ -203,15 +203,14 @@ fi
 DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Collect all arguments for the java command:
-#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
 #     and any embedded shellness will be escaped.
 #   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
 #     treated as '${Hostname}' itself on the command line.
 
 set -- \
         "-Dorg.gradle.appname=$APP_BASE_NAME" \
-        -classpath "$CLASSPATH" \
-        org.gradle.wrapper.GradleWrapperMain \
+        -jar "$APP_HOME/gradle/wrapper/gradle-wrapper.jar" \
         "$@"
 
 # Stop when "xargs" is not available.
diff --git a/hooks/persistence-defectdojo/hook/gradlew.bat b/hooks/persistence-defectdojo/hook/gradlew.bat
old mode 100644
new mode 100755
index 7101f8e46..e509b2dd8
--- a/hooks/persistence-defectdojo/hook/gradlew.bat
+++ b/hooks/persistence-defectdojo/hook/gradlew.bat
@@ -13,6 +13,8 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 @rem
+@rem SPDX-License-Identifier: Apache-2.0
+@rem
 
 @if "%DEBUG%"=="" @echo off
 @rem ##########################################################################
@@ -68,11 +70,10 @@ goto fail
 :execute
 @rem Setup the command line
 
-set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
 
 
 @rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -jar "%APP_HOME%\gradle\wrapper\gradle-wrapper.jar" %*
 
 :end
 @rem End local scope for the variables with windows NT shell

From 99367810f05f658c292b4cbe1b9db4e35a5b6007 Mon Sep 17 00:00:00 2001
From: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
Date: Mon, 9 Feb 2026 14:12:00 +0100
Subject: [PATCH 48/48] Add suspend functionality to Scan and ScheduledScan
 resources

Behaving similarly to kubernetes jobs and cronjobs which have the same functionality

Signed-off-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
---
 documentation/docs/api/crds/scan.md           |  19 +++
 documentation/docs/api/crds/scheduled-scan.md |  20 +++
 operator/apis/execution/v1/scan_types.go      |   4 +
 .../apis/execution/v1/scheduledscan_types.go  |   5 +
 .../execution/v1/zz_generated.deepcopy.go     |  10 ++
 .../execution/scans/scan_controller.go        |  10 ++
 .../execution/scans/scan_reconciler_test.go   | 116 ++++++++++++++++++
 .../execution/scheduledscan_controller.go     |   6 +
 .../scheduledscan_controller_test.go          |  68 ++++++++++
 ...ading.securecodebox.io_cascadingrules.yaml |   7 ++
 .../execution.securecodebox.io_scans.yaml     |   7 ++
 ...ution.securecodebox.io_scheduledscans.yaml |  14 +++
 12 files changed, 286 insertions(+)

diff --git a/documentation/docs/api/crds/scan.md b/documentation/docs/api/crds/scan.md
index a0574b0e5..b6a23bdf0 100644
--- a/documentation/docs/api/crds/scan.md
+++ b/documentation/docs/api/crds/scan.md
@@ -370,6 +370,24 @@ ttlSecondsAfterFinished: 30 #deletes the scan after 30 seconds after completion
 ttlSecondsAfterFinished can also be set for the scan (as part of the [jobTemplate](https://www.securecodebox.io/docs/api/crds/scan-type#jobtemplate-required)), [parser](https://www.securecodebox.io/docs/api/crds/parse-definition) and [hook](https://www.securecodebox.io/docs/api/crds/scan-completion-hook#ttlsecondsafterfinished-optional) jobs individually. Setting these will only delete the jobs, not the entire scan. 
 :::
 
+### Suspend (Optional)
+
+`suspend` specifies whether the Scan should be suspended. When a Scan is suspended, the reconciler will not process it, effectively pausing all operations until it is resumed. This behaves similar to the suspend field in Kubernetes Jobs.
+
+When set to `true`, the scan will not progress through its lifecycle states (Init, Scanning, Parsing, etc.). However, TTL-based cleanup still works on suspended scans that are in Done or Errored states to prevent accumulation of completed suspended scans.
+
+Defaults to `false` if not set.
+
+```yaml
+suspend: true  # Suspends the scan, preventing any operations
+```
+
+To resume a suspended scan, you can patch the scan resource:
+
+```bash
+kubectl patch scan my-scan --type merge -p '{"spec":{"suspend":false}}'
+```
+
 ## Metadata
 
 Metadata is a standard field on Kubernetes resources. It contains multiple relevant fields, e.g. the name of the resource, its namespace and a `creationTimestamp` of the resource. See more on the [Kubernetes Docs](https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) and the [Kubernetes API Reference](https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/).
@@ -443,4 +461,5 @@ spec:
       cpu: 4
       memory: 4Gi
   ttlSecondsAfterFinished: 300
+  suspend: false
 ```
diff --git a/documentation/docs/api/crds/scheduled-scan.md b/documentation/docs/api/crds/scheduled-scan.md
index 20bf95c96..3a6a6b72c 100644
--- a/documentation/docs/api/crds/scheduled-scan.md
+++ b/documentation/docs/api/crds/scheduled-scan.md
@@ -62,6 +62,24 @@ When `retriggerOnScanTypeChange` is enabled, it will automatically trigger a new
 
 Defaults to `false` if not set.
 
+### Suspend (Optional)
+
+`suspend` specifies whether the ScheduledScan should be suspended. When a ScheduledScan is suspended, no new Scans will be created according to the schedule. This behaves similar to the suspend field in Kubernetes CronJobs.
+
+When set to `true`, the ScheduledScan will continue to reconcile (updating status and tracking the schedule), but it will skip creating new Scan resources. Any scans that are already running will continue to completion.
+
+Defaults to `false` if not set.
+
+```yaml
+suspend: true  # Suspends the scheduled scan, preventing new scan creation
+```
+
+To resume a suspended scheduled scan:
+
+```bash
+kubectl patch scheduledscan my-scheduled-scan --type merge -p '{"spec":{"suspend":false}}'
+```
+
 ## Example with an Interval
 
 ```yaml
@@ -81,6 +99,7 @@ spec:
   failedJobsHistoryLimit: 5
   concurrencyPolicy: "Allow"
   retriggerOnScanTypeChange: false
+  suspend: false
 ```
 
 ## Example with a Cron Schedule
@@ -102,4 +121,5 @@ spec:
   failedJobsHistoryLimit: 5
   concurrencyPolicy: "Forbid"
   retriggerOnScanTypeChange: true
+  suspend: false
 ```
diff --git a/operator/apis/execution/v1/scan_types.go b/operator/apis/execution/v1/scan_types.go
index ff1869675..467428a64 100644
--- a/operator/apis/execution/v1/scan_types.go
+++ b/operator/apis/execution/v1/scan_types.go
@@ -148,6 +148,10 @@ type ScanSpec struct {
 	Resources corev1.ResourceRequirements `json:"resources,omitempty"`
 	// ttlSecondsAfterFinished limits the lifetime of a Scan that has finished execution (either Done or Errored). If this field is set ttlSecondsAfterFinished after the Scan finishes, it is eligible to be automatically deleted. When the Scan is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is unset, the Scan won't be automatically deleted. If this is set to zero, the Scan becomes eligible to be deleted immediately after it finishes.
 	TTLSecondsAfterFinished *int32 `json:"ttlSecondsAfterFinished,omitempty"`
+	// Suspend specifies whether the Scan should be suspended. When a Scan is suspended, the reconciler will not process it, effectively pausing all operations until it is resumed. This behaves similar to the suspend field in Kubernetes Jobs. TTL-based cleanup still works on suspended scans that are Done or Errored.
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:default=false
+	Suspend *bool `json:"suspend,omitempty"`
 }
 
 type ScanState string
diff --git a/operator/apis/execution/v1/scheduledscan_types.go b/operator/apis/execution/v1/scheduledscan_types.go
index 052d2048a..a8cada6a8 100644
--- a/operator/apis/execution/v1/scheduledscan_types.go
+++ b/operator/apis/execution/v1/scheduledscan_types.go
@@ -50,6 +50,11 @@ type ScheduledScanSpec struct {
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default=false
 	RetriggerOnScanTypeChange bool `json:"retriggerOnScanTypeChange,omitempty"`
+
+	// Suspend specifies whether the ScheduledScan should be suspended. When a ScheduledScan is suspended, no new Scans will be created according to the schedule. This behaves similar to the suspend field in Kubernetes CronJobs.
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:default=false
+	Suspend *bool `json:"suspend,omitempty"`
 }
 
 // ConcurrencyPolicy describes how the job will be handled.
diff --git a/operator/apis/execution/v1/zz_generated.deepcopy.go b/operator/apis/execution/v1/zz_generated.deepcopy.go
index 7669a340c..f8b3ab1cb 100644
--- a/operator/apis/execution/v1/zz_generated.deepcopy.go
+++ b/operator/apis/execution/v1/zz_generated.deepcopy.go
@@ -716,6 +716,11 @@ func (in *ScanSpec) DeepCopyInto(out *ScanSpec) {
 		*out = new(int32)
 		**out = **in
 	}
+	if in.Suspend != nil {
+		in, out := &in.Suspend, &out.Suspend
+		*out = new(bool)
+		**out = **in
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScanSpec.
@@ -939,6 +944,11 @@ func (in *ScheduledScanSpec) DeepCopyInto(out *ScheduledScanSpec) {
 		*out = new(ScanSpec)
 		(*in).DeepCopyInto(*out)
 	}
+	if in.Suspend != nil {
+		in, out := &in.Suspend, &out.Suspend
+		*out = new(bool)
+		**out = **in
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScheduledScanSpec.
diff --git a/operator/controllers/execution/scans/scan_controller.go b/operator/controllers/execution/scans/scan_controller.go
index 5a0f20211..b116c4936 100644
--- a/operator/controllers/execution/scans/scan_controller.go
+++ b/operator/controllers/execution/scans/scan_controller.go
@@ -83,6 +83,16 @@ func (r *ScanReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.
 
 	log.V(5).Info("Scan Found", "Type", scan.Spec.ScanType, "State", scan.Status.State)
 
+	// Check if the scan is suspended. If so, skip reconciliation unless the scan is in a terminal state
+	// where TTL-based cleanup should still work.
+	if scan.Spec.Suspend != nil && *scan.Spec.Suspend {
+		if scan.Status.State != executionv1.ScanStateDone && scan.Status.State != executionv1.ScanStateErrored {
+			log.V(7).Info("Scan is suspended, skipping reconciliation")
+			return ctrl.Result{}, nil
+		}
+		// For Done/Errored scans, continue to allow TTL cleanup
+	}
+
 	// Handle Finalizer if the scan is getting deleted
 	if !scan.ObjectMeta.DeletionTimestamp.IsZero() {
 		// Check if this Scan has not yet been converted to new CRD
diff --git a/operator/controllers/execution/scans/scan_reconciler_test.go b/operator/controllers/execution/scans/scan_reconciler_test.go
index b730eb5ca..f97179e88 100644
--- a/operator/controllers/execution/scans/scan_reconciler_test.go
+++ b/operator/controllers/execution/scans/scan_reconciler_test.go
@@ -232,4 +232,120 @@ var _ = Describe("ScanControllers", func() {
 		})
 
 	})
+
+	Context("Suspend Functionality", func() {
+		It("should return true for TTL cleanup on suspended Done scan", func() {
+			finishTime := time.Date(2009, 11, 17, 20, 34, 58, 651387237, time.UTC)
+			var timeout int32 = 30
+			suspend := true
+			var scan = &executionv1.Scan{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: namespace,
+					Name:      "nmap",
+				},
+				Spec: executionv1.ScanSpec{
+					ScanType:                "nmap",
+					Parameters:              []string{"scanme.nmap.org"},
+					TTLSecondsAfterFinished: &timeout,
+					Suspend:                 &suspend,
+				},
+				Status: executionv1.ScanStatus{
+					State:      executionv1.ScanStateDone,
+					FinishedAt: &metav1.Time{Time: finishTime},
+				},
+			}
+			// TTL cleanup should still work even when suspended
+			Expect(reconciler.checkIfTTLSecondsAfterFinishedIsCompleted(scan)).To(BeTrue())
+		})
+
+		It("should return true for TTL cleanup on suspended Errored scan", func() {
+			finishTime := time.Date(2009, 11, 17, 20, 34, 58, 651387237, time.UTC)
+			var timeout int32 = 30
+			suspend := true
+			var scan = &executionv1.Scan{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: namespace,
+					Name:      "nmap",
+				},
+				Spec: executionv1.ScanSpec{
+					ScanType:                "nmap",
+					Parameters:              []string{"scanme.nmap.org"},
+					TTLSecondsAfterFinished: &timeout,
+					Suspend:                 &suspend,
+				},
+				Status: executionv1.ScanStatus{
+					State:      executionv1.ScanStateErrored,
+					FinishedAt: &metav1.Time{Time: finishTime},
+				},
+			}
+			// TTL cleanup should still work even when suspended
+			Expect(reconciler.checkIfTTLSecondsAfterFinishedIsCompleted(scan)).To(BeTrue())
+		})
+
+		It("should identify a suspended scan correctly", func() {
+			suspend := true
+			var scan = &executionv1.Scan{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: namespace,
+					Name:      "nmap",
+				},
+				Spec: executionv1.ScanSpec{
+					ScanType:   "nmap",
+					Parameters: []string{"scanme.nmap.org"},
+					Suspend:    &suspend,
+				},
+				Status: executionv1.ScanStatus{
+					State: executionv1.ScanStateInit,
+				},
+			}
+			// Verify the suspend flag is properly set
+			Expect(scan.Spec.Suspend).NotTo(BeNil())
+			Expect(*scan.Spec.Suspend).To(BeTrue())
+		})
+
+		It("should identify a non-suspended scan correctly when Suspend is false", func() {
+			suspend := false
+			var scan = &executionv1.Scan{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: namespace,
+					Name:      "nmap",
+				},
+				Spec: executionv1.ScanSpec{
+					ScanType:   "nmap",
+					Parameters: []string{"scanme.nmap.org"},
+					Suspend:    &suspend,
+				},
+				Status: executionv1.ScanStatus{
+					State: executionv1.ScanStateInit,
+				},
+			}
+			// Verify the suspend flag is properly set to false
+			Expect(scan.Spec.Suspend).NotTo(BeNil())
+			Expect(*scan.Spec.Suspend).To(BeFalse())
+		})
+
+		It("should handle nil Suspend field as not suspended", func() {
+			var scan = &executionv1.Scan{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: namespace,
+					Name:      "nmap",
+				},
+				Spec: executionv1.ScanSpec{
+					ScanType:   "nmap",
+					Parameters: []string{"scanme.nmap.org"},
+					Suspend:    nil, // Not set, should default to false
+				},
+				Status: executionv1.ScanStatus{
+					State: executionv1.ScanStateInit,
+				},
+			}
+			// When Suspend is nil, the scan should not be considered suspended
+			if scan.Spec.Suspend != nil {
+				Expect(*scan.Spec.Suspend).To(BeFalse())
+			} else {
+				// nil is treated as not suspended
+				Expect(scan.Spec.Suspend).To(BeNil())
+			}
+		})
+	})
 })
diff --git a/operator/controllers/execution/scheduledscan_controller.go b/operator/controllers/execution/scheduledscan_controller.go
index 8206d97a6..3746d7f1c 100644
--- a/operator/controllers/execution/scheduledscan_controller.go
+++ b/operator/controllers/execution/scheduledscan_controller.go
@@ -124,6 +124,12 @@ func (r *ScheduledScanReconciler) Reconcile(ctx context.Context, req ctrl.Reques
 
 	InProgressScans := getScansInProgress(childScans.Items)
 
+	// Check if the ScheduledScan is suspended. If so, skip creating new scans.
+	if scheduledScan.Spec.Suspend != nil && *scheduledScan.Spec.Suspend {
+		log.V(7).Info("ScheduledScan is suspended, skipping scan creation")
+		return ctrl.Result{RequeueAfter: 1 * time.Minute}, nil
+	}
+
 	// check if it is time to start the next Scan
 	if !time.Now().Before(nextSchedule) {
 		// check concurrency policy
diff --git a/operator/controllers/execution/scheduledscan_controller_test.go b/operator/controllers/execution/scheduledscan_controller_test.go
index 62d9cefde..a620f71da 100644
--- a/operator/controllers/execution/scheduledscan_controller_test.go
+++ b/operator/controllers/execution/scheduledscan_controller_test.go
@@ -177,4 +177,72 @@ var _ = Describe("ScheduledScan controller", func() {
 			Expect(firstScanName).ShouldNot(Equal(secondScanName))
 		})
 	})
+
+	Context("Suspend Functionality", func() {
+		It("should identify a suspended ScheduledScan correctly", func() {
+			suspend := true
+			scheduledScan := &executionv1.ScheduledScan{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test-scan",
+					Namespace: "test-namespace",
+				},
+				Spec: executionv1.ScheduledScanSpec{
+					Interval: metav1.Duration{Duration: 1 * time.Hour},
+					ScanSpec: &executionv1.ScanSpec{
+						ScanType:   "nmap",
+						Parameters: []string{"scanme.nmap.org"},
+					},
+					Suspend: &suspend,
+				},
+			}
+			// Verify the suspend flag is properly set
+			Expect(scheduledScan.Spec.Suspend).NotTo(BeNil())
+			Expect(*scheduledScan.Spec.Suspend).To(BeTrue())
+		})
+
+		It("should identify a non-suspended ScheduledScan correctly when Suspend is false", func() {
+			suspend := false
+			scheduledScan := &executionv1.ScheduledScan{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test-scan",
+					Namespace: "test-namespace",
+				},
+				Spec: executionv1.ScheduledScanSpec{
+					Interval: metav1.Duration{Duration: 1 * time.Hour},
+					ScanSpec: &executionv1.ScanSpec{
+						ScanType:   "nmap",
+						Parameters: []string{"scanme.nmap.org"},
+					},
+					Suspend: &suspend,
+				},
+			}
+			// Verify the suspend flag is properly set to false
+			Expect(scheduledScan.Spec.Suspend).NotTo(BeNil())
+			Expect(*scheduledScan.Spec.Suspend).To(BeFalse())
+		})
+
+		It("should handle nil Suspend field as not suspended", func() {
+			scheduledScan := &executionv1.ScheduledScan{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test-scan",
+					Namespace: "test-namespace",
+				},
+				Spec: executionv1.ScheduledScanSpec{
+					Interval: metav1.Duration{Duration: 1 * time.Hour},
+					ScanSpec: &executionv1.ScanSpec{
+						ScanType:   "nmap",
+						Parameters: []string{"scanme.nmap.org"},
+					},
+					Suspend: nil, // Not set, should default to false
+				},
+			}
+			// When Suspend is nil, the scan should not be considered suspended
+			if scheduledScan.Spec.Suspend != nil {
+				Expect(*scheduledScan.Spec.Suspend).To(BeFalse())
+			} else {
+				// nil is treated as not suspended
+				Expect(scheduledScan.Spec.Suspend).To(BeNil())
+			}
+		})
+	})
 })
diff --git a/operator/crds/cascading.securecodebox.io_cascadingrules.yaml b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml
index c5de22357..a12a58c1a 100644
--- a/operator/crds/cascading.securecodebox.io_cascadingrules.yaml
+++ b/operator/crds/cascading.securecodebox.io_cascadingrules.yaml
@@ -2767,6 +2767,13 @@ spec:
                   scanType:
                     description: The name of the scanType which should be started.
                     type: string
+                  suspend:
+                    default: false
+                    description: Suspend specifies whether the Scan should be suspended.
+                      When a Scan is suspended, the reconciler will not process it,
+                      effectively pausing all operations until it is resumed. This
+                      behaves similar to the suspend field in Kubernetes Jobs.
+                    type: boolean
                   tolerations:
                     description: Tolerations are a different way to control on which
                       nodes your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
diff --git a/operator/crds/execution.securecodebox.io_scans.yaml b/operator/crds/execution.securecodebox.io_scans.yaml
index bf626f1e7..4030618a3 100644
--- a/operator/crds/execution.securecodebox.io_scans.yaml
+++ b/operator/crds/execution.securecodebox.io_scans.yaml
@@ -2710,6 +2710,13 @@ spec:
               scanType:
                 description: The name of the scanType which should be started.
                 type: string
+              suspend:
+                default: false
+                description: Suspend specifies whether the Scan should be suspended.
+                  When a Scan is suspended, the reconciler will not process it, effectively
+                  pausing all operations until it is resumed. This behaves similar
+                  to the suspend field in Kubernetes Jobs.
+                type: boolean
               tolerations:
                 description: Tolerations are a different way to control on which nodes
                   your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
diff --git a/operator/crds/execution.securecodebox.io_scheduledscans.yaml b/operator/crds/execution.securecodebox.io_scheduledscans.yaml
index dc0d85c7d..d60101ac5 100644
--- a/operator/crds/execution.securecodebox.io_scheduledscans.yaml
+++ b/operator/crds/execution.securecodebox.io_scheduledscans.yaml
@@ -2761,6 +2761,13 @@ spec:
                   scanType:
                     description: The name of the scanType which should be started.
                     type: string
+                  suspend:
+                    default: false
+                    description: Suspend specifies whether the Scan should be suspended.
+                      When a Scan is suspended, the reconciler will not process it,
+                      effectively pausing all operations until it is resumed. This
+                      behaves similar to the suspend field in Kubernetes Jobs.
+                    type: boolean
                   tolerations:
                     description: Tolerations are a different way to control on which
                       nodes your scan is executed. See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
@@ -4540,6 +4547,13 @@ spec:
                 format: int32
                 minimum: 0
                 type: integer
+              suspend:
+                default: false
+                description: Suspend specifies whether the ScheduledScan should be
+                  suspended. When a ScheduledScan is suspended, no new Scans will
+                  be created according to the schedule. This behaves similar to the
+                  suspend field in Kubernetes CronJobs.
+                type: boolean
             required:
             - scanSpec
             type: object