From 3a73d650d6b4c4a6ab050872da16f4c9af1ef7f8 Mon Sep 17 00:00:00 2001
From: Jan Klass <kissaki@posteo.de>
Date: Mon, 26 Jan 2026 18:11:42 +0100
Subject: [PATCH 1/5] Drop editorconfig EOL configuration (#5316)

The `.gitattributes` configures `text=auto`. This means text files will use, unless already committed differently in the repo, auto-convert line endings.

My VS created mixed line endings even when duplicating existing lines.

For now, revert the EOL configuration to restore previous behavior consistent to the gitattributes configuration.

IMO, it would be preferable to use intentional EOL configuration without depending on auto-conversion, which has complex conditions and is error-prone.
But this change does not do that (yet).
---
 .editorconfig | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/.editorconfig b/.editorconfig
index 33ef2a3bec6..857e0f57419 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -28,19 +28,16 @@ indent_size = 4
 indent_style = tab
 
 [Web.config]
-end_of_line = crlf
 charset = utf-8
 indent_style = space
 indent_size = 4
 insert_final_newline = true
 
 [packages.config]
-end_of_line = crlf
 charset = utf-8-bom
 indent_style = space
 indent_size = 2
 insert_final_newline = false
 
 [.editorconfig]
-end_of_line = crlf
 charset = utf-8

From fb4cd37e5a42ef507f4982d2d99232e74b59329e Mon Sep 17 00:00:00 2001
From: "Lars K.L." <larsklucke@gmail.com>
Date: Mon, 26 Jan 2026 18:12:43 +0100
Subject: [PATCH 2/5] Update kya.json (#5315)

add KYA

add KYA

Update kya.json

Update kya.json

removed punctuation

Update catalog.json

Update catalog.json

Update kya.json
---
 .github/CODEOWNERS        |   5 +
 src/api/json/catalog.json |  15 +
 src/schemas/json/kya.json | 954 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 974 insertions(+)
 create mode 100644 src/schemas/json/kya.json

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 1ed1c20faf5..637dbadabca 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -75,3 +75,8 @@ src/negative_test/convex/ @ianmacartney @thomasballinger @Nicolapps
 src/schemas/json/popxf-* @peterstangl @alekssmolkovic @kenmimasu
 src/test/popxf-* @peterstangl @alekssmolkovic @kenmimasu
 src/negative_test/popxf-* @peterstangl @alekssmolkovic @kenmimasu
+
+# Managed by Open-KYA Team:
+src/schemas/json/kya.json @wp-lkl
+src/test/kya/ @wp-lkl
+src/negative_test/kya/ @wp-lkl
diff --git a/src/api/json/catalog.json b/src/api/json/catalog.json
index 9edc04dc022..8431efb8e92 100644
--- a/src/api/json/catalog.json
+++ b/src/api/json/catalog.json
@@ -8317,6 +8317,21 @@
       "fileMatch": ["*.ksy"],
       "url": "https://raw.githubusercontent.com/kaitai-io/ksy_schema/master/ksy_schema.json"
     },
+    {
+      "name": "KYA Manifest",
+      "description": "Know Your Agent (KYA) Manifest for autonomous AI agents (identity, governance, and operational constraints)",
+      "fileMatch": [
+        "kya-manifest.json",
+        "kya.json",
+        "*.kya.json",
+        "kya-manifest.schema.json"
+      ],
+      "url": "https://www.schemastore.org/kya.json",
+      "versions": {
+        "development": "https://raw.githubusercontent.com/open-kya/kya-standard/main/schema/kya-manifest.schema.json",
+        "1.0": "https://raw.githubusercontent.com/open-kya/kya-standard/v1.0/schema/kya-manifest.schema.json"
+      }
+    },
     {
       "name": "Cloud Foundry Application Manifest",
       "description": "A manifest describes a Cloud Foundry application and can be used to deploy it to a Foundation",
diff --git a/src/schemas/json/kya.json b/src/schemas/json/kya.json
new file mode 100644
index 00000000000..3fcc951c292
--- /dev/null
+++ b/src/schemas/json/kya.json
@@ -0,0 +1,954 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "$id": "https://w3id.org/kya/v1/schema",
+  "$defs": {
+    "uri": {
+      "title": "URI",
+      "description": "A URI value.",
+      "type": "string",
+      "format": "uri"
+    },
+    "did": {
+      "title": "Decentralized Identifier",
+      "description": "A DID string per the DID URI scheme.",
+      "type": "string",
+      "pattern": "^did:[a-z0-9]+:.*$"
+    },
+    "hex": {
+      "title": "Hex String",
+      "description": "A hex-encoded string.",
+      "type": "string",
+      "pattern": "^[A-Fa-f0-9]+$"
+    },
+    "sha256Hex": {
+      "title": "SHA-256 Hex Digest",
+      "description": "A 32-byte SHA-256 digest encoded as 64 hex characters.",
+      "type": "string",
+      "pattern": "^[A-Fa-f0-9]{64}$"
+    },
+    "dateTime": {
+      "title": "Date-Time",
+      "description": "An RFC 3339 date-time string.",
+      "type": "string",
+      "format": "date-time"
+    },
+    "duration": {
+      "title": "Duration",
+      "description": "A compact duration string (e.g., 30d, 12h, 60m).",
+      "type": "string",
+      "pattern": "^[0-9]+[smhdwy]$"
+    },
+    "verificationMethod": {
+      "title": "Verification Method",
+      "description": "A DID verification method entry (key material and controller).",
+      "type": "object",
+      "required": ["id", "type", "controller", "publicKeyMultibase"],
+      "properties": {
+        "id": { "$ref": "#/$defs/uri" },
+        "type": { "type": "string", "minLength": 1 },
+        "controller": { "$ref": "#/$defs/did" },
+        "publicKeyMultibase": { "type": "string", "minLength": 1 }
+      },
+      "additionalProperties": true
+    },
+    "legal": {
+      "title": "Legal Metadata",
+      "description": "Legal terms reference and dispute resolution configuration.",
+      "type": "object",
+      "properties": {
+        "termsUri": { "$ref": "#/$defs/uri" },
+        "termsHash": { "$ref": "#/$defs/sha256Hex" },
+        "disputeResolution": {
+          "type": "array",
+          "items": { "$ref": "#/$defs/disputeResolutionPath" }
+        }
+      },
+      "additionalProperties": true
+    },
+    "disputeResolutionPath": {
+      "title": "Dispute Resolution Path",
+      "description": "One dispute resolution mechanism, ordered by priority.",
+      "type": "object",
+      "properties": {
+        "priority": { "type": "integer", "minimum": 1 },
+        "mechanism": {
+          "type": "string",
+          "enum": [
+            "onChain",
+            "digitalLegalFiling",
+            "analogCourt",
+            "arbitrator",
+            "ai",
+            "aiHitl"
+          ]
+        },
+        "entity": {
+          "oneOf": [{ "type": "string", "minLength": 1 }, { "type": "object" }]
+        },
+        "escalationPossible": { "type": "boolean" }
+      },
+      "additionalProperties": true
+    },
+    "operatingLimits": {
+      "title": "Operating Limits",
+      "description": "Limits expressed over rolling time windows (e.g., spend per period).",
+      "type": "object",
+      "properties": {
+        "periodSpendLimit": { "type": "integer", "minimum": 0 },
+        "periodDuration": { "$ref": "#/$defs/duration" }
+      },
+      "additionalProperties": true
+    },
+    "signingPolicy": {
+      "title": "Signing Policy",
+      "description": "Constraints describing signature thresholds by intent and conditions.",
+      "type": "object",
+      "required": ["defaultSignaturesRequired"],
+      "properties": {
+        "defaultSignaturesRequired": { "type": "integer", "minimum": 1 },
+        "constraints": {
+          "type": "array",
+          "items": { "$ref": "#/$defs/signingConstraint" }
+        }
+      },
+      "additionalProperties": true
+    },
+    "signingConstraint": {
+      "title": "Signing Constraint",
+      "description": "An intent-scoped signing rule and its signature requirement.",
+      "type": "object",
+      "required": ["intent", "requirement"],
+      "properties": {
+        "intent": { "type": "string", "minLength": 1 },
+        "condition": { "type": "object" },
+        "requirement": {
+          "type": "object",
+          "required": ["threshold", "signers"],
+          "properties": {
+            "threshold": { "type": "integer", "minimum": 1 },
+            "signers": {
+              "type": "array",
+              "minItems": 1,
+              "items": { "type": "string", "minLength": 1 },
+              "uniqueItems": true
+            }
+          },
+          "additionalProperties": true
+        }
+      },
+      "additionalProperties": true
+    },
+    "deployment": {
+      "title": "Deployment",
+      "description": "Deployment policy and confidential compute (TEE) constraints.",
+      "type": "object",
+      "properties": {
+        "info": { "type": "string" },
+        "updatePolicy": {
+          "type": "string",
+          "enum": ["immutable", "signedRelease"]
+        },
+        "authoritativeSigner": { "$ref": "#/$defs/did" },
+        "tee": { "$ref": "#/$defs/tee" }
+      },
+      "required": ["tee"],
+      "allOf": [
+        {
+          "if": {
+            "type": "object",
+            "properties": { "updatePolicy": { "const": "immutable" } },
+            "required": ["updatePolicy"]
+          },
+          "then": {
+            "type": "object",
+            "properties": {
+              "tee": {
+                "type": "object",
+                "required": ["measurementHash"],
+                "properties": {
+                  "measurementHash": { "$ref": "#/$defs/hex" }
+                }
+              }
+            }
+          }
+        },
+        {
+          "if": {
+            "type": "object",
+            "properties": { "updatePolicy": { "const": "signedRelease" } },
+            "required": ["updatePolicy"]
+          },
+          "then": {
+            "type": "object",
+            "required": ["authoritativeSigner"],
+            "properties": {
+              "authoritativeSigner": { "$ref": "#/$defs/did" },
+              "tee": {
+                "type": "object",
+                "required": ["signerHash", "minimumSvn"],
+                "properties": {
+                  "signerHash": { "$ref": "#/$defs/hex" },
+                  "minimumSvn": { "type": "integer", "minimum": 0 }
+                }
+              }
+            }
+          }
+        }
+      ],
+      "additionalProperties": true
+    },
+    "tee": {
+      "title": "Trusted Execution Environment",
+      "description": "Confidential compute parameters used to bind an agent deployment to verifiable hardware attestation.",
+      "type": "object",
+      "required": ["framework"],
+      "properties": {
+        "hardwareLabel": { "type": "string" },
+        "framework": {
+          "type": "string",
+          "enum": ["sevSnp", "tdx", "sgx", "nitro"]
+        },
+        "measurementHash": { "$ref": "#/$defs/hex" },
+        "signerHash": { "$ref": "#/$defs/hex" },
+        "minimumSvn": { "type": "integer", "minimum": 0 },
+        "allowDebug": { "type": "boolean" },
+        "attestationUri": { "$ref": "#/$defs/uri" },
+        "bindingMechanism": {
+          "type": "string",
+          "enum": ["reportData", "pubkeyHash"]
+        }
+      },
+      "additionalProperties": true
+    },
+    "governance": {
+      "title": "Governance",
+      "description": "Governance endpoints, validity interval, visibility, and oracle configuration.",
+      "type": "object",
+      "required": ["controlUri"],
+      "properties": {
+        "controlUri": { "$ref": "#/$defs/uri" },
+        "validFrom": { "$ref": "#/$defs/dateTime" },
+        "validUntil": { "$ref": "#/$defs/dateTime" },
+        "pulseInterval": { "type": "integer", "minimum": 1 },
+        "visibility": {
+          "type": "string",
+          "enum": ["public", "private", "permissioned"]
+        },
+        "statusUri": { "$ref": "#/$defs/uri" },
+        "telemetryUri": { "$ref": "#/$defs/uri" },
+        "oracles": {
+          "type": "array",
+          "items": { "$ref": "#/$defs/oracle" }
+        }
+      },
+      "additionalProperties": true
+    },
+    "oracle": {
+      "title": "Oracle",
+      "description": "A governance oracle definition used for external inputs (e.g., prices, FX rates, attestations).",
+      "type": "object",
+      "required": ["id", "serviceEndpoint", "purpose"],
+      "properties": {
+        "id": { "type": "string", "minLength": 1 },
+        "serviceEndpoint": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "$ref": "#/$defs/uri" },
+          "uniqueItems": true
+        },
+        "providerDid": { "$ref": "#/$defs/did" },
+        "purpose": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "type": "string", "minLength": 1 },
+          "uniqueItems": true
+        },
+        "role": {
+          "type": "string",
+          "enum": ["primary", "backup", "validator"]
+        },
+        "safetyBounds": {
+          "title": "Oracle Safety Bounds",
+          "description": "Optional bounds for oracle freshness, deviation, and confidence.",
+          "type": "object",
+          "properties": {
+            "maxStaleness": { "type": "integer", "minimum": 0 },
+            "maxDeviation": { "type": "number", "minimum": 0 },
+            "slippageTolerance": { "type": "number", "minimum": 0 },
+            "minConfidence": { "type": "number", "minimum": 0, "maximum": 1 }
+          },
+          "additionalProperties": true
+        }
+      },
+      "additionalProperties": true
+    },
+    "treasuryItem": {
+      "title": "Treasury Item",
+      "description": "A treasury identifier and its intended operational usage.",
+      "type": "object",
+      "required": ["id", "assetHints", "networks", "usage"],
+      "properties": {
+        "id": { "$ref": "#/$defs/uri" },
+        "assetHints": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "type": "string", "minLength": 1 },
+          "uniqueItems": true
+        },
+        "networks": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "type": "string", "minLength": 1 },
+          "uniqueItems": true
+        },
+        "usage": {
+          "type": "string",
+          "enum": ["operational", "reserve", "escrow", "receivable"]
+        }
+      },
+      "additionalProperties": true
+    },
+    "verifiableCredentialEntry": {
+      "title": "Verifiable Credential Entry",
+      "description": "Either an embedded VC payload or a referenced VC by digest.",
+      "oneOf": [
+        { "$ref": "#/$defs/embeddedVc" },
+        { "$ref": "#/$defs/referencedVc" }
+      ]
+    },
+    "embeddedVc": {
+      "title": "Embedded Verifiable Credential",
+      "description": "A VC embedded directly in the manifest.",
+      "type": "object",
+      "required": ["id", "type", "issuer", "credentialSubject", "proof"],
+      "properties": {
+        "id": { "$ref": "#/$defs/uri" },
+        "type": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "type": "string" },
+          "contains": { "const": "VerifiableCredential" }
+        },
+        "issuer": { "$ref": "#/$defs/did" },
+        "validFrom": { "$ref": "#/$defs/dateTime" },
+        "issuanceDate": { "$ref": "#/$defs/dateTime" },
+        "validUntil": { "$ref": "#/$defs/dateTime" },
+        "credentialStatus": { "type": "object" },
+        "credentialSubject": {},
+        "challengeService": {
+          "type": "array",
+          "items": { "$ref": "#/$defs/challengeService" }
+        },
+        "evidence": {
+          "type": "array",
+          "items": { "$ref": "#/$defs/evidenceItem" }
+        },
+        "proof": {}
+      },
+      "allOf": [
+        {
+          "anyOf": [
+            {
+              "type": "object",
+              "required": ["validFrom"],
+              "properties": { "validFrom": { "$ref": "#/$defs/dateTime" } }
+            },
+            {
+              "type": "object",
+              "required": ["issuanceDate"],
+              "properties": { "issuanceDate": { "$ref": "#/$defs/dateTime" } }
+            }
+          ]
+        },
+        {
+          "not": {
+            "anyOf": [
+              {
+                "type": "object",
+                "required": ["digestMultibase"],
+                "properties": { "digestMultibase": { "type": "string" } }
+              },
+              {
+                "type": "object",
+                "required": ["location"],
+                "properties": { "location": { "$ref": "#/$defs/uri" } }
+              }
+            ]
+          }
+        },
+        { "$ref": "#/$defs/vcPayloadDispatch" }
+      ],
+      "additionalProperties": true
+    },
+    "referencedVc": {
+      "title": "Referenced Verifiable Credential",
+      "description": "A VC referenced by digest (and optionally a retrievable location).",
+      "type": "object",
+      "required": ["id", "type", "issuer", "digestMultibase"],
+      "properties": {
+        "id": { "$ref": "#/$defs/uri" },
+        "type": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "type": "string" },
+          "contains": { "const": "VerifiableCredential" }
+        },
+        "issuer": { "$ref": "#/$defs/did" },
+        "digestMultibase": { "type": "string", "minLength": 1 },
+        "location": { "$ref": "#/$defs/uri" }
+      },
+      "additionalProperties": true
+    },
+    "challengeService": {
+      "title": "Challenge Service",
+      "description": "A verifier challenge protocol or endpoint used to validate an embedded claim (e.g., ZK solvency).",
+      "type": "object",
+      "required": ["type", "method", "supportedQueries"],
+      "properties": {
+        "type": { "type": "string", "minLength": 1 },
+        "challengeEndpoint": { "$ref": "#/$defs/uri" },
+        "method": {
+          "type": "string",
+          "enum": ["directQuery", "proverIntermediary"]
+        },
+        "supportedQueries": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "type": "string", "minLength": 1 },
+          "uniqueItems": true
+        },
+        "verificationKeyMultibase": { "type": "string", "minLength": 1 }
+      },
+      "allOf": [
+        {
+          "if": {
+            "type": "object",
+            "properties": { "method": { "const": "proverIntermediary" } },
+            "required": ["method"]
+          },
+          "then": {
+            "type": "object",
+            "required": ["verificationKeyMultibase"],
+            "properties": {
+              "verificationKeyMultibase": { "type": "string", "minLength": 1 }
+            }
+          }
+        }
+      ],
+      "additionalProperties": true
+    },
+    "evidenceItem": {
+      "title": "Evidence Item",
+      "description": "An evidence reference; if an id is present, a digest is required for integrity binding.",
+      "type": "object",
+      "properties": {
+        "type": { "type": "string" },
+        "id": { "$ref": "#/$defs/uri" },
+        "digestMultibase": { "type": "string", "minLength": 1 }
+      },
+      "allOf": [
+        {
+          "if": {
+            "type": "object",
+            "required": ["id"],
+            "properties": { "id": { "$ref": "#/$defs/uri" } }
+          },
+          "then": {
+            "type": "object",
+            "required": ["digestMultibase"],
+            "properties": {
+              "digestMultibase": { "type": "string", "minLength": 1 }
+            }
+          }
+        }
+      ],
+      "additionalProperties": true
+    },
+    "vcPayloadDispatch": {
+      "title": "VC Payload Dispatch",
+      "description": "Conditional typing rules mapping known VC types to credentialSubject shapes.",
+      "allOf": [
+        {
+          "if": {
+            "type": "object",
+            "properties": {
+              "type": {
+                "type": "array",
+                "items": { "type": "string" },
+                "anyOf": [
+                  { "contains": { "const": "SolvencyCredential" } },
+                  { "contains": { "const": "kya:SolvencyCredential" } }
+                ]
+              }
+            }
+          },
+          "then": {
+            "type": "object",
+            "properties": {
+              "credentialSubject": { "$ref": "#/$defs/solvencySubject" }
+            }
+          }
+        },
+        {
+          "if": {
+            "type": "object",
+            "properties": {
+              "type": {
+                "type": "array",
+                "items": { "type": "string" },
+                "anyOf": [
+                  { "contains": { "const": "InsuranceCredential" } },
+                  { "contains": { "const": "kya:InsuranceCredential" } }
+                ]
+              }
+            }
+          },
+          "then": {
+            "type": "object",
+            "properties": {
+              "credentialSubject": { "$ref": "#/$defs/insuranceSubject" }
+            }
+          }
+        },
+        {
+          "if": {
+            "type": "object",
+            "properties": {
+              "type": {
+                "type": "array",
+                "items": { "type": "string" },
+                "anyOf": [
+                  { "contains": { "const": "AuditCredential" } },
+                  { "contains": { "const": "kya:AuditCredential" } }
+                ]
+              }
+            }
+          },
+          "then": {
+            "type": "object",
+            "properties": {
+              "credentialSubject": { "$ref": "#/$defs/auditSubject" }
+            }
+          }
+        },
+        {
+          "if": {
+            "type": "object",
+            "properties": {
+              "type": {
+                "type": "array",
+                "items": { "type": "string" },
+                "anyOf": [
+                  { "contains": { "const": "LegalEntityCredential" } },
+                  { "contains": { "const": "kya:LegalEntityCredential" } }
+                ]
+              }
+            }
+          },
+          "then": {
+            "type": "object",
+            "properties": {
+              "credentialSubject": { "$ref": "#/$defs/legalEntitySubject" }
+            }
+          }
+        },
+        {
+          "if": {
+            "type": "object",
+            "properties": {
+              "type": {
+                "type": "array",
+                "items": { "type": "string" },
+                "anyOf": [
+                  { "contains": { "const": "LicenseCredential" } },
+                  { "contains": { "const": "kya:LicenseCredential" } }
+                ]
+              }
+            }
+          },
+          "then": {
+            "type": "object",
+            "properties": {
+              "credentialSubject": { "$ref": "#/$defs/licenseSubject" }
+            }
+          }
+        }
+      ]
+    },
+    "solvencySubject": {
+      "title": "Solvency Subject",
+      "description": "Credential subject shape for solvency assertions.",
+      "type": "object",
+      "required": ["accountType", "settlementScheme", "assets"],
+      "properties": {
+        "accountType": {
+          "type": "string",
+          "enum": ["custodial", "smartContract", "escrow", "wallet"]
+        },
+        "settlementScheme": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "type": "string", "minLength": 1 },
+          "uniqueItems": true
+        },
+        "assets": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "$ref": "#/$defs/assetBalance" }
+        },
+        "asOf": { "$ref": "#/$defs/dateTime" }
+      },
+      "additionalProperties": true
+    },
+    "assetBalance": {
+      "title": "Asset Balance",
+      "description": "An asset identifier and balance string.",
+      "type": "object",
+      "required": ["assetId"],
+      "properties": {
+        "assetId": { "type": "string", "minLength": 1 },
+        "balance": { "type": "string" }
+      },
+      "additionalProperties": true
+    },
+    "insuranceSubject": {
+      "title": "Insurance Subject",
+      "description": "Credential subject shape for insurance coverage assertions.",
+      "type": "object",
+      "required": ["policyNumber", "underwriter"],
+      "properties": {
+        "policyNumber": { "type": "string", "minLength": 1 },
+        "underwriter": {
+          "type": "object",
+          "required": ["id"],
+          "properties": {
+            "id": { "$ref": "#/$defs/uri" },
+            "name": { "type": "string" }
+          },
+          "additionalProperties": true
+        },
+        "coverageLimit": {
+          "type": "object",
+          "properties": {
+            "amount": { "type": "string" },
+            "currency": { "type": "string", "minLength": 3, "maxLength": 3 }
+          },
+          "additionalProperties": true
+        },
+        "coverageType": {
+          "type": "array",
+          "items": { "type": "string", "minLength": 1 },
+          "uniqueItems": true
+        },
+        "deductible": {
+          "type": "object",
+          "properties": {
+            "amount": { "type": "string" },
+            "currency": { "type": "string", "minLength": 3, "maxLength": 3 }
+          },
+          "additionalProperties": true
+        },
+        "claimsEndpoint": { "$ref": "#/$defs/uri" }
+      },
+      "additionalProperties": true
+    },
+    "auditSubject": {
+      "title": "Audit Subject",
+      "description": "Credential subject shape for audits; may be a single object or an array of objects.",
+      "oneOf": [
+        { "$ref": "#/$defs/auditSubjectObject" },
+        {
+          "type": "array",
+          "minItems": 1,
+          "items": { "$ref": "#/$defs/auditSubjectObject" }
+        }
+      ]
+    },
+    "auditSubjectObject": {
+      "title": "Audit Subject Object",
+      "description": "Audit data, including scope references and standards.",
+      "type": "object",
+      "properties": {
+        "scopes": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "source": { "$ref": "#/$defs/uri" },
+              "stateHash": { "$ref": "#/$defs/hex" }
+            },
+            "additionalProperties": true
+          }
+        },
+        "auditStandards": {
+          "type": "array",
+          "items": { "type": "string", "minLength": 1 },
+          "uniqueItems": true
+        },
+        "findings": { "type": "object" }
+      },
+      "additionalProperties": true
+    },
+    "legalEntitySubject": {
+      "title": "Legal Entity Subject",
+      "description": "Credential subject shape for a legal entity assertion.",
+      "type": "object",
+      "properties": {
+        "legalName": { "type": "string" },
+        "jurisdiction": { "type": "string" },
+        "lei": { "type": "string" },
+        "registrationNumber": { "type": "string" },
+        "officials": {
+          "type": "array",
+          "items": { "$ref": "#/$defs/did" },
+          "uniqueItems": true
+        }
+      },
+      "additionalProperties": true
+    },
+    "licenseSubject": {
+      "title": "License Subject",
+      "description": "Credential subject shape for license assertions.",
+      "type": "object",
+      "required": ["licenses"],
+      "properties": {
+        "licenses": {
+          "type": "array",
+          "minItems": 1,
+          "items": { "$ref": "#/$defs/licenseRecord" }
+        }
+      },
+      "additionalProperties": true
+    },
+    "licenseRecord": {
+      "title": "License Record",
+      "description": "A single license entry, including type and license number.",
+      "type": "object",
+      "required": ["licenseType", "licenseNumber"],
+      "properties": {
+        "licenseType": { "type": "string", "minLength": 1 },
+        "licenseNumber": { "type": "string", "minLength": 1 },
+        "grantingAuthority": { "$ref": "#/$defs/did" },
+        "permittedActivities": {
+          "type": "array",
+          "items": { "type": "string", "minLength": 1 },
+          "uniqueItems": true
+        }
+      },
+      "additionalProperties": true
+    },
+    "manifestProof": {
+      "title": "Manifest Proof",
+      "description": "A data integrity proof used to authorize capabilityInvocation for the manifest.",
+      "type": "object",
+      "required": ["type", "verificationMethod", "proofPurpose", "proofValue"],
+      "properties": {
+        "type": { "type": "string", "minLength": 1 },
+        "cryptosuite": { "type": "string" },
+        "verificationMethod": { "$ref": "#/$defs/uri" },
+        "proofPurpose": { "const": "capabilityInvocation" },
+        "proofValue": { "type": "string", "minLength": 1 }
+      },
+      "additionalProperties": true
+    }
+  },
+  "title": "KYA Manifest",
+  "description": "Know Your Agent (KYA) Manifest for autonomous AI agents (identity, governance, and operational constraints).",
+  "type": "object",
+  "required": [
+    "@context",
+    "id",
+    "type",
+    "kyaVersion",
+    "agentId",
+    "verificationMethod",
+    "authentication",
+    "assertionMethod",
+    "capabilityInvocation",
+    "proof"
+  ],
+  "properties": {
+    "@context": {
+      "title": "JSON-LD Context",
+      "description": "JSON-LD contexts used to interpret terms. Must include the KYA context.",
+      "type": "array",
+      "minItems": 1,
+      "items": { "type": "string", "format": "uri" },
+      "contains": { "const": "https://w3id.org/kya/v1" }
+    },
+    "id": {
+      "$ref": "#/$defs/uri",
+      "title": "Manifest Identifier",
+      "description": "A globally unique identifier for this manifest (URI)."
+    },
+    "type": {
+      "title": "Manifest Types",
+      "description": "JSON-LD types for the verifiable presentation. Must include VerifiablePresentation and KyaManifest.",
+      "type": "array",
+      "minItems": 1,
+      "uniqueItems": true,
+      "items": { "type": "string" },
+      "allOf": [
+        { "contains": { "const": "VerifiablePresentation" } },
+        { "contains": { "const": "KyaManifest" } }
+      ]
+    },
+    "kyaVersion": {
+      "title": "KYA Version",
+      "description": "The KYA specification version this manifest conforms to.",
+      "type": "string",
+      "minLength": 1
+    },
+    "agentId": {
+      "$ref": "#/$defs/did",
+      "title": "Agent DID",
+      "description": "The DID identifying the autonomous agent process governed by this manifest."
+    },
+    "name": {
+      "title": "Agent Name",
+      "description": "A short human-readable name for the agent.",
+      "type": "string"
+    },
+    "label": {
+      "title": "Agent Label",
+      "description": "A concise human-readable description of the agent’s purpose and constraints.",
+      "type": "string"
+    },
+    "governingAuthority": {
+      "title": "Governing Authority",
+      "description": "URIs (often DIDs or fragments) identifying authorities overseeing the agent’s operation.",
+      "type": "array",
+      "items": { "$ref": "#/$defs/uri" },
+      "uniqueItems": true
+    },
+    "verificationMethod": {
+      "title": "Verification Methods",
+      "description": "Inventory of public keys (verification methods) used by the agent and its governance.",
+      "type": "array",
+      "minItems": 1,
+      "items": { "$ref": "#/$defs/verificationMethod" }
+    },
+    "authentication": {
+      "title": "Authentication Keys",
+      "description": "Verification method URIs authorized for authentication.",
+      "type": "array",
+      "minItems": 1,
+      "items": { "$ref": "#/$defs/uri" },
+      "uniqueItems": true
+    },
+    "assertionMethod": {
+      "title": "Assertion Keys",
+      "description": "Verification method URIs authorized to assert statements (e.g., sign agent actions).",
+      "type": "array",
+      "minItems": 1,
+      "items": { "$ref": "#/$defs/uri" },
+      "uniqueItems": true
+    },
+    "capabilityInvocation": {
+      "title": "Governance Keys",
+      "description": "Verification method URIs authorized to invoke governance capabilities, including manifest updates.",
+      "type": "array",
+      "minItems": 1,
+      "items": { "$ref": "#/$defs/uri" },
+      "uniqueItems": true
+    },
+    "keyAgreement": {
+      "title": "Key Agreement Keys",
+      "description": "Verification method URIs used for key agreement (e.g., encrypted channels).",
+      "type": "array",
+      "items": { "$ref": "#/$defs/uri" },
+      "uniqueItems": true
+    },
+    "minProofsRequired": {
+      "title": "Minimum Proofs Required",
+      "description": "Minimum number of valid governance proofs expected for the manifest (policy-level threshold).",
+      "type": "integer",
+      "minimum": 1
+    },
+    "legal": {
+      "$ref": "#/$defs/legal",
+      "title": "Legal Terms",
+      "description": "Optional legal terms and dispute resolution metadata."
+    },
+    "permissionMode": {
+      "title": "Permission Mode",
+      "description": "Whether enforcement is strict (deny-by-default) or permissive (allow-by-default with exceptions).",
+      "type": "string",
+      "enum": ["strict", "permissive"]
+    },
+    "permittedDomains": {
+      "title": "Permitted Domains",
+      "description": "Hostnames or domains the agent is allowed to interact with.",
+      "type": "array",
+      "items": { "type": "string", "minLength": 1 },
+      "uniqueItems": true
+    },
+    "permittedRegions": {
+      "title": "Permitted Regions",
+      "description": "Region or jurisdiction codes in which operation is permitted (policy-defined).",
+      "type": "array",
+      "items": { "type": "string", "minLength": 1 },
+      "uniqueItems": true
+    },
+    "forbiddenRegions": {
+      "title": "Forbidden Regions",
+      "description": "Region or jurisdiction codes in which operation is forbidden (policy-defined).",
+      "type": "array",
+      "items": { "type": "string", "minLength": 1 },
+      "uniqueItems": true
+    },
+    "maxTransactionValue": {
+      "title": "Maximum Transaction Value",
+      "description": "Maximum permitted value for a single transaction (units defined by currency).",
+      "type": "integer",
+      "minimum": 0
+    },
+    "currency": {
+      "title": "Currency",
+      "description": "ISO 4217 currency code associated with value-denominated limits.",
+      "type": "string",
+      "minLength": 3,
+      "maxLength": 3
+    },
+    "operatingLimits": {
+      "$ref": "#/$defs/operatingLimits",
+      "title": "Operating Limits",
+      "description": "Rate and spend-limiting constraints, such as rolling period spend caps."
+    },
+    "signingPolicy": {
+      "$ref": "#/$defs/signingPolicy",
+      "title": "Signing Policy",
+      "description": "Policy constraints defining when multi-signature or specific signers are required."
+    },
+    "deployment": {
+      "$ref": "#/$defs/deployment",
+      "title": "Deployment",
+      "description": "Optional deployment metadata, including update policy and confidential compute constraints."
+    },
+    "governance": {
+      "$ref": "#/$defs/governance",
+      "title": "Governance",
+      "description": "Optional governance endpoints, visibility, and oracle references."
+    },
+    "treasury": {
+      "title": "Treasury",
+      "description": "Optional treasury identifiers and usage classifications for operational funds or reserves.",
+      "type": "array",
+      "items": { "$ref": "#/$defs/treasuryItem" }
+    },
+    "verifiableCredential": {
+      "title": "Verifiable Credentials",
+      "description": "Evidence credentials embedded or referenced by digest for verification workflows.",
+      "type": "array",
+      "items": { "$ref": "#/$defs/verifiableCredentialEntry" }
+    },
+    "proof": {
+      "title": "Manifest Proofs",
+      "description": "Cryptographic proofs establishing integrity and authorized governance invocation.",
+      "type": "array",
+      "minItems": 1,
+      "items": { "$ref": "#/$defs/manifestProof" }
+    }
+  },
+  "additionalProperties": true
+}

From a82a4bdcaa7b509d745a06ecd044fc900c053319 Mon Sep 17 00:00:00 2001
From: Jan Klass <kissaki@posteo.de>
Date: Mon, 26 Jan 2026 18:12:59 +0100
Subject: [PATCH 3/5] Improve sponsor image, fix dark scheme visual artifacts
 (#5318)

Source image is https://github.githubassets.com/assets/mona-e50f14d05e4b.png
from GitHub Sponsors https://github.com/sponsors/accounts

It's the same image like before.

Resized with GIMP. Results in a bit different/more vibrant coloring, and the dark scheme edge issue fixed.
---
 src/img/sponsor.png | Bin 5746 -> 13076 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/src/img/sponsor.png b/src/img/sponsor.png
index 7142483f810a63cfef8c514ec21767eea3ae1003..6db47af68e45ea3729866ac7586cc48a0af47b1f 100644
GIT binary patch
literal 13076
zcmWk#1ytK!7ccHIWVj6mD{jMGhFcl#?(W0NA7{hehYug_4r91e+@Zsr;(YyblDw0?
z<mC3+yYfr4x~d!wCOIYm0Kid@mjS`YpYWp(9Tk3-x9OOL4+tJ0IVptY5!PV%1+tB#
ziX;F~7mxL9h62B)wU7s?007?@0RV6q0PqO^3H%QL@Ztmjj!Xdnp$q_k#5Jc~Lj-;+
zKtV?GtMAHbu8(idLh3~@tlKK)TNB%I5=Fl*yC>nClp3vslsw+@2|?2IY`0^*$tX!Z
zF#9({wiG#?#9u~7`S(j<fRS0L76b|kEXOv*=8pzlDt^Z=ucUg~*)zY!W^<sK!||Wb
zJFh1LgU{QbIsRvY|NX#DtcW>MLwG}E1qg+R_Kx)?_nJ5yI|y+X@p66OmgYq6h9SX9
z1O`#5QGz~hB~smfHnyJU2B;DRT!-+7JoAdzqqX7;8a3UnR*j>_8CzPTqyFuQM-&5>
z^r}fZ)mHp^m9W0&CU+HCIk((Ob&DIB>-B27{oKJ#pEUz6O0C6<Py>cr4b?efO(~7d
z`?Fl=Ysua=Wp0n#_RiS$5QeCP4%3r=-|=(aeEY0IkB?rcz?M6=fw87*U}9nOMW6^l
zE@=ukV(NAc;R3-oPmY(ouYLziewagp^a|3_pqj*X`GQnB8}zX^h&Dm-3Fp0vJ+d@i
zG3g~)5MpapbGJ1(Js`lUsgy`o@nK&v5hp_`1}xDEMj8xp-uj7O=pnbxCyumrf_&l8
z3wwN<fCYY-$xB32lkYF!1jV6myI5Q<ovYjDN>$6&A?hBmnCK|tco>JI5YQo)nibl$
zW1XPlBCdvzZ+V$2IR&cdp!Ql&^s@D4y#_ZpVy&ujR56t>P>xDP%}bNT%FcROKK9Px
zSTNumBQ^DY@Ac^2giFHP1|Z_SCETr3gq<MYh_<N~{AbQ9SDmw|JUvc(ftL*-&-n+`
zW&tUfzE1!8UKx_$LDkEFut`34Bdjac$Jt&}Cc@}E<VNYQ3s#{Am)a4&5K<8wLxPd1
ze^uAojR6E200Hj>D&IC8htF=^<;YYMlB!(2M=eCA;C#P9nxZvDovou|l5*TK+ft>u
zT&j6=Vn*7!=}*ULL_(U^W~CnTTIb5;A;mT;&JatzI*h)d4WlK(F0gy_e0dh_jR%`7
zEJALSp@A7=ZoRjm+rot<f0)yV<$&Vhs5glpwi}h{0}^xxUJ=wyv@~9t;M%x`4c6o+
z!&^{~+3x>v7z2ut=lySYX&_Gyn6EA%qNV991Olufo|MCN%TUXzDKqoGGH1+JB-dLB
zv_X1;Smh<3e_3&*cK_PBl7A|F6b?~?6Cjdy0^Y~c`6o3>h;07(cd<@3JKzARFQ_2~
zZxAeG%JCb)x3IapR1nD&u@?ev+C@=Uj4q(Sz|)QjJJ7_$mj@<*gb)7wfxSGjuD1IH
z&*d$mgnzFGV-=@BGb7rJ=WYl~QY;oy*e?JVQ*iaZg$se2*5QI^h44^StwY85pCuze
zo?*p<)K_28ugwm%KcYsBf&I33W#usoSCD^OnC@rFD7kq&I@eB2gjt4VcmoE?Km$QH
zJpl0<F=XqhzJGZ;%tpMRy#le-Zc>OYZkJ8IWI2LRW$rJg4IwsiJh8v?_|60Mw)*>0
zu5z&vEo_pA46Gd%@!}M6?Nze&kX?b$#ym+*{4Abb`f$=zZ<q)P<oZGsZwmJK0U(90
z%#(n<_gRa0VI>C{zhupF`@PCsBIvFf<@j;!Ke&aK9@|mb2z$>a%q3c|vcwfo42YhP
ztMf6HnW{jtKp!bGtbd+k;G+KL;T-T~)UDC!yL>U)YV&MNb}9N9$%F#VKR@GikS^*M
zQ(XyvX(j|7&O%M@RfdK0+kkjq5xxrLf-uIL<fWavHBYG{+*9qE<1@uH?ehoftWq=5
z14BycXESh}<9AzLZu@%xk^R!)vKy6+^9nfn-O`DG>aFSDfc@R4ji`sf27gCd=izsV
z$cV#Ue~^veu5m)vVDHq$eIWm#1h+Uk{O!d=M&J>EmTn;M{Y*hdlJuPDrGY;Bo_C62
zgY(#m-)A-eFzH^aQmzW?&})uwL`yx$It$(*#G2B|YioPwTkvUkmq7iSZX<o3Jl^+)
zvUx>@^n5Cb8s7Eo&ZlEPw4_7NK<F>H$e^Cy?zD$^`Seq6lCXxg;?a^S`!_sLLZXDW
z)fa#1{D(?&?#KSA$!QYl*OvYO=bsJ?+sWm~q7Ze+4W0g+ml6KXf*_8mp2konB0F|Q
zAGVgo@59+}*H-nkT_JQj<D5AFb4fP=HZqUuumCMKiYAAKJ%}P{ZQGAsv78Fc;3&&9
zj*&ivSgR@xWXzpbu7mLLLDK!dXna`<1EST;Y}_9y(dH^6-tSN&^!|7nqHSGv1HU=j
zi;EF+hT2t%sSvK+oWa>t%*=d1oS02~LZYhP=zaJ5&6UN#`waTZ)cm`p&SCOLiCxB0
zv#4d;1m`#%*=I!{<*+RJWlItD9cA*>&Zr1*zfYYrCw20Y#&4Cp#vdw}^1ismZTwcm
z{*Lz|lF4KrPpzAa>5u1y@sZ`eBIPjLQ59vCrc>H(P=w1Uj^`xhsBg%H_DyTqeQnxV
zq}ZHn(#etb76_D+RUCOP6qywFLLtd(&WSr?_oi~pzr8bki@_Vg<Qu9cRV<IB&_8}{
zaPiJ`0KDHLdYR@Ok4cPsdM#t$y=qXSOiu<S<qr%UYuCFga80=^hwl3}Q1=dMhZm&f
zLfe+&V)1w0yoQA~Gm-&mBwDQ8NFnD+KuyqX8>|+JM3T?N7155*%EqxB)1WgmJEMB~
z+N>wo3{q64Pw-R<wHmri-K?=&8SW^g3RK(4!5py7dUZCM)9m*dy}Z8vTVkVn?=!_R
zzQ5_*8sieUvjczjF|oRQAPVZ&8f~86BR1XXBC*~fi1O1c!-eKBgTv6{T|w_&)eqA4
zKMT<OQR&T>Pb|z>)(cCeijevf0dNxN)iDZ`!E(XIsz<<!b8RCPRa{W!lV>y(xq0`V
zQJBvN{%@_0bqWHqRhnWO%mb((hm}V{)7M^cOObfIjf;2)u9JfZsaFszI#7E9&9_xD
z<%NEEXYHt|;CrW>raOV|*Gjpi)g@83-TH5OTsGBuQhEwvSwy<cV>L(<B3*WPXa-+&
zK7M!~Pk<fvC}IlniZb8=n4n+Ano(s4?t+PQf<Ch3yu@0b=X)9gdtM;HQrQurJ?k?9
zZ!dc+Ymciom(L>{t1Ul2jSp}7q1x04#>M!B4}5#<u3dsG^<NwKTn#+smkA&J_=T{0
zsaq>uh*068|6XcsZd(5>eqbfeLk_88PP6On^}A}``+I<Uzogh>T!Zhbf%Y{N+I%sv
z*#q8HdA{0Mfadn@+f;84R$%^D%JrX4_QgheTKYv?!{Sx8oXH;3TNjtrr-M(ONCPSn
z){NDX0yeyGE0i_z)>fUp-=yDsA{~35HW}q`dJ=tkmF@qq8o}@TFLQ+}8wG^E@v=yq
z<L^$)q^+f%l+ROh{P=W0Wf**nG+=-DH9Qx4Vhyy}`7|hqWh#3(%L?)EuWxWq@-0hJ
zfdx>{kv@e@yZ#FAdLobhVzCE>x~|pB?m?~8{@xfumZa7T_;7h!=BC&B3Yw{nD@DWh
z8JOEpv117<->Yk<Nbf&?7*)D1&oCJ*oR#YDi(X%b{hzoCHW&{700Y}eu|ot2??9U{
zp7Zy~5#ZA8T1h$IqM_^24%Yy*m0eBjh1q|_QE}6qFXTVOBVi%m+uAADg9>i#T0_3G
zL%)Uk@GAXg*DpWz?U-1%|8IvRL07i3K;PfK-DM~@y%@cf9t)_3DMu5d58)O~EDx)@
z6t)w!ru!WnA4#$4ihI3`Vzjjz4(ob;o-Yk!40GgZh59XLI`}>BpFTV7ZqVT~R$?DN
zY#eO^atK3gOTH@Z)^suiD?``o8uC#2$FIg}e*XHIkW<B4FKu?^;XX1pW-(Hd-moq4
zW3uLN6}g&GvSIK-8;~l|ta0nNqG?T47;?OA)wWab%<!)0CiDSnY;kF&laQXx&+tTV
znz6TkP=9fHZaR0|P#buG@twqVV<gp%h9m4#{{OxImFYdfJ9^Q!k>a{K6s_hIzwhY`
zFP#MxdnD=8hWfI+))UQK`$yMm<P&oJ9(qWO2TKe=QO9v&DiyE2W(WE1LXYTPH&P+A
zB}{pPuc0ap&gyCv6{O~bWeMRPWD<#rNX=eyax~s{wxzb0JB_@u&Ovmi1xb4RzhwQE
z4eOol+5xCgZm<R*)iSfP-0Q|)K;J-Ugq>OScnNH0PMkV18X^iS-aqV3pI6Q#G$Sqf
zYEU8h%?a|48x*h^`JbNxOEh^_#9ZyCB78&(W5J3BCq??VMBAL)4w$A6MBYFNE#&9O
zfAs{~Ivho<pMs^jcUxtzXA#vg*~DxRkXcE)&!{9OHr^My37={qZNe}ZXM!Y+Z0yW1
zoY*GT-X17s>g)B~_ZNureiL*s$@hL&dyKyg%!f3eSvq8Y2%b=|%=N@*3jyR=%@~^u
zpTFI3Li5~2Dphrb&d#%RGUO`iM6Uq$AYo1$1R|-MPbEo=D$FR6tL?g=w2c(z5*fy2
z&65YrP1q+^_U+d2R8Qyizh`gvjF<7j5yamSlV1&trgo!ogk9A{vMWZ1kd=8firV-+
zQ?zvDo%hXOgCHD#Cq@d*w>#YeO^m(KOF&G;_Mk`^Nb#~6lD5`Y3N7Nw(F*1Yr3&WC
zIgFhJCSGZG7oWH7#l{}-x;L|Xo0gIwnyEE^ejEc6`gR{QkVLtiI_%hF>kCs4*M0<5
zB)Xw5@&0hWM35?bfdszM+_!8qiajf6f|2guoyv`2LN!N9lWhfBQ}RGOBX_{(6j1DN
zCu&v2FJt6q(pI9B847*3O6H0dgej!>#D4_TG{p$n@wUB|r)13#s-2wVIJGBz_kjV2
z-UuC&zSp@xPm%j<1a{wM3pZ1!v$i%ze&eN`<7tFfx;n@(hr2nG3e$o^f3UBgn;fqN
z)NT4q{jGw%D2w+orI)K3Ar%yiScCjS5^pBDH?}uFWB?xD`Fz#-3X@gvGFp``^fR6f
z`Q|*9r(vWdxp*;Wx4Jli967>*t*9^%BAqNGmb+gG`~)Q9`kgnuh3dyrA?WEF&~dYq
z7MfCCW@<F2@#}P$7rZZ<s$?`J%0;!0Y>4JqQSmFNu%htsq+Qy7jb6>Pko-v9ue>xd
z!>TM$RM7lB6~|#S&P>$ENJ0m?SF-M}4+!ovcSn+RpR;8va1gRKre6FMbnQC3K_&T6
zj`WZ<?-mG~uppNxA9+b54xX%MGlcYctp{<Gox9{gZ-dFF(DLAUK#+X0J{kjPI1-DD
zRWE_3;>W*!R>IHYnjD~;*UWK6Ls7kGyGB<2`1%|XzO_fTJF#n6@%B3)ig|{LOi}7f
z<f^Ntat}zpIOWOvWOFu1c@_MWeJ9krY$Z!<Bluet=p~ZCfsaMZjD?Oq7!W=x?B3v|
zA_u|oH0t3d!nM#_OnhWOQvA-AlRj~3^1^8y<bqg!<P{r86M&MJe&3RxLbUJpt1MFD
ztT&6R&x&d5e1&gs#5=XHk>8RF$R*AbS>4l>Zk7K`Wc^8A!Gk{X?2$_f{e6Dm<OQ_{
zucG(jeY-?gdl&m*6{6`s1aNWN^ROXlX+hJg;8vUExz40XX<Lm>aZ1nN?b@y(L{JOe
zufUmf0f7e){YoUDT8Q_z&`)sf`qV*Bpw>k7C#}YESFK}h9$?z5prtdS#)0TiEc9ii
zu!)Iqy)N}PAAaAjbIoqszT()iI}(!*kN5e0Y&o*DJ%E;?a4Bh<&6l16^OwxOeGZG5
zJ8Tm~sj)8wQG;w}&zkmXEAuMqB0LTNN(Fcfe+MqzfS_)PBaFr{Pq|Y*EsGgUG*5el
zo(G++BW){*rGxFj1)=+3sOHkTgqrVGjMPJU+2vJW&xhg>F@tGMOn#Q}q>stT3zX4=
zORrCxb-mMe0XOkTdGuW!v9?NB%hv}uF*@G{kM7j#ALr{L1Da0@x`flNNTqo+MuW|@
z5q#GQ?dgz75TJ>+6!~br5=_(bg(}b9TTS$AJMh>r&p^HPAD~N*OcBT~3>8o{ZnN|>
zVMj(*`At<%9|^RdDqyQ5vdRL}R<?$X2De9t`fREe)a)Wv$BnIu`wB*I2@Z5QK*ikE
z2ZY4Q5t;aSmp?2n$XeBqUVmPW8=Io`^_I}8Du{~<NvL;T?bd0YA_uT2rIY`pMsbtO
zsvGF))$BF-_F<iarQ~sbT8ku)&zpXY*EKM{vy{C4WMYust-WFNcUqP8NE`GW>!;%F
za434YfKH9Eyx#KOY3pi7L!3GR+NiV{Hgou|ltM2UyQ)#0<@n~qxI>fUhM&Ox4aIcm
z&-?t8jr%&(pQl2VNPX&{`vCD7`!VsA2Jh$;_h`nZ;L*|1KVFnOT|-1VtZX!prhk33
z-#Fi0{YAxe%&u{YpEg#PJsfQ!su2kJIN_4yqT(!DRoafKm@Fc%N~_%Z+cn|NUENDq
z&-dGYMt7|+Idt(Y;6ursl1LE((NUis%1`{OgwrK>wup+Dat_lrxr!s|J+sh2pD9SO
ze;*}<EZgoZ-^H&Cs-sQcd0xZl;+x<F>egpe<?-Qm-U-Z%Y9-^+fC=LVIHT*_Hp}jx
zTj<cNPCc8N>MP_a8t#HG4pmMZPRM7M{9RAflJy6UpN##!X(KF6>qFGFzq*xM4b`F?
zAZXx6qS)g}oxGPiNd}!Qey;Y~ELab`mL7Vx%7V6z89~~xbWH*cmx~udxEdPtC|#rY
zo&P(@QJ_gq8g+kuiTx`n{%ieK;IJBs<1Q9Z)g`RQ_vN&wwl3V|<<aisU8Bh~b^+1b
z=N(peRv|i^>f89a+SzYHp!|zCA9()tOrV=jm9_RtJIjgwo)}DEDl8{z2aJ#KizBy+
zUfNA;-L=iFPaX3M+>~^Ga;mZSFdP-T=W-{(Rt}3baMM0ow{^c+mw*Q`!!Yq>1IK`{
zLmj-rl;EkT-9bu1;66>r+2SO|U*${UPvOKZOAQX<_R}%oc`r`hznF~11pwq9McX;_
z9CPx|qC{ZVbFTI@@Aa6Y1+Cw{TvRo3gVzF<!h1bW<Y^|JBR|KqGN@EoS;-ApR&4kn
zR~J|vu9U)7h!y2%37~F6&7Q+sy>f(MdbBLqE$b)4n`51p)1DC+G5yzL6{jCQa{p{k
zd+R6_W3HDUN4*#GyrrbZVkL!EI$Vv?Pfj@d)bTlcZ+qP|?Z3?N3cxh;t%lD+1!mC4
z(rDzI^&ar2_*dqJ$o(B}(S_TK*4&{*pGv;u1R;GvClXg1OSHg^Nw`AG6<xfYI5k@7
zEUc?V-rKWEo~wNw`!EbGA2!)uyH=BobFaO;R&(0AmCKhULBtw5!h(1lJRDDZvK8RS
z0l4J!SVe9djkTb3Me9F_^4`%Nu<U5(5Q{!x#BtF-`2?@_7BrLIp|7Z6Mwg@MQ*L&1
zAenMg)R#EJ{_B_RS=QRTpSc7G=wd>NX`8dxf;R~}kBw{y|EdP(HkoZo#$ZzwLHO2Q
z2ES(@B=bxj8kGwm7M?OnP%>=iS<9r$I<JcLYg1$u&=(KF0t&ydt7_8?tt>I~o(N43
z;++R`6}+4z=ESpt^Us!gKBsB#fd!e{wx1`kVj9H#7DreZYiJvZQl?n8bb9<lve=rw
zvSrF?tG+*MT^;%uK7Ue0zetFJKoC-WT&3&(+&kq!;F;;FJ3n){5bLc@-Z;YY_rq6p
z30jVL31{}cP7!za|Mrg9Z3)coR!ZcIvqX+aaSR|RuP-g}bzL>Yt92m8JWOQ4?anCB
zD_WK?o)tjZu4hO{*a7BU;lOSZEGfY2=Kq;jy3A9Ox~BuCWgKv+qKKvPew;-n?)P45
zZuUf0awV`r7pwu2=}QXFX?Dixt8(r4rzXW#5#Y#DmLTTjs_&QH2@D;_4NHlhx(ilV
z#`5AwkiyP5@R{eoY7(ZA1In`IWtAsnhL@uSeT6Gu@GLdQ!S6k5l5W?>n5*w;TH_|X
ziIRPOLw=ogKH^W_URSe!gtBmHEY0l1+S>GhR77_F_R@)dySfQ}Ph({e=)Xkj7a}yL
z{9eRa5tbgj`Q~i7OM&KQ$TVXs6#hDfvG2wF3@fdCIS>IGCE|WeeO;0*%ee^RF+ETw
z3Ikz|j$!#d*E!u|-Yt4v?|fgq%%wgc*(bn6Ne=xe!=Z~<TA5mf-(^PIM-qHPE6N3x
z&#q2v+=SR4@y9ZY2}7UeU6z|_pYp{$ACgPALZwClgkPE3TR9_f%OZ_j80`B8*@n`b
zR608^RW2-u4#F@ZLz5A+t^&exz#jHVk@?Hx+l%OFPB@jfkH(`+_AsIe4tDV#fu5V2
z!p>P)S-+A#_;|NCY0cEOF)rWF7;shNwf*x!$L`24gK#(9(^K~01bSZ5<z_21|7@Pi
z1L4?aE35r!u0Uq}DZ`ch4`$Ih;bBa@zl|seQ#;qaKkPX|T)ZoKDhL)YV?hs@N(3bl
zQ-ji$keZYJ%72qVznzb3=YPfq56Dkx`qW~e{E#bQ9788n4&z(v+NEvsagqeMP0=5;
z^A4Gx93GX{Fi8n~`lXA%_2X9SD;tN+#`A|OO!pa_z@OeC?q%~DE(=XmLM!b8^Gj0x
z224XkD3m?{A0x@LM%czbw)j5p^W#$5?~gllXL}y9C9csK`-qkyXK<7Z@*<IrWQXtr
z#F2v34NT^e5nMUL)HXG#xo;zj@yi&~M*h$+J1wcpjhP%rJd5rKoE)F+?3Xg$dCE<D
zNxF4^aZda4P>84q-A~R>4>voKr}NjLGh7k=AVdHD8oIBcr!iW11-klvMWFNz1m2xp
zSPV}{I_WnI<GVvEFA`R~B{osDf7`brK24L#u@n>)<yzG*OL_csK?k(*rp1?0>sF{V
z272kC_HKh8#->6`9`rWniaQbLXn*2mpYf6lwid)Kn$e#4i_Z>t#Kz7y`jm=HwUMwv
zlRPQ~gGT<_&?3NS7vufPBRRXYHVHg`_(njeF+4v}+t&SZ`dHc($nNgvW)*V&1VMU}
zn``U`lTkJ&7Mv~##{mJ^9B-i)q9#fL_Wc|$WBxBA&tk{R{v7<gev$a*Vp+<z18&M=
zr~U>4_v&mxK3A?^0)6=77tWy)H@_ydIK{__b@B!u3Ddc18P09*WwW0RlhT{#-51J&
zv#v70WCEsHAvB0S^YGICLOTnGUQT7en{~;&4X+9Z9}b}k1Rp(Mlj(hY^OQUwo4v~f
z-~hg5sG$CegeCvA<NWPY6W|HnJ(}okz`Q-`l-uApGxZj6(~<O^zK=_}5<>X!?l)D(
zA2+u2fm*8K<7n@3U)=Wm*zL#!MLA}|5Q&0|)WYFdGo?sBl0EzyUQR_x4kAtaw&1rj
zaktgle9FRy{*aS=?_r@ufQ^-n6+Hpfzg6%mm}U`9t*9i{cb0~Lk{T_=Ktx?&$sjB+
z3_t%J54sReD{?D&D>msdV+`X~Pe_Lnjo<kgp;zFg&6()X^d78)2zsNx8J!xcVJlNh
zxU(8qr9-sw$`$eNs!v1@U%=RuohV8HyV%P|R$%|7WqPhwEr%%SM16xQ4;sjQaPw~z
zc1{EeVj#kXam;tq+<Q6&P9%6fUloq-2JY)%(A|A*T<l@D2KZhp%zHhMat0UL;BOg}
z#CO8BqXm`=lST=9Zby`Qf;Y-prVMoTeHreiJ4&-ef~N$Fqq=|o=2vy3m(l?AHJ}tM
z5I7YQ)~4=6+wi$fKpu(p2$D`r&uRk>janSuC@@VgpFj3{ubH6J)nY}~qn16qy}y@%
zH>WKB3?aZ}6-<3WOyFh6*x|a-&|9VmXM#h~13U~QIQ+Jur&wMI_CZYTf<;UPUQlk_
zE^6vFyKc-#&Nmj-iI{AA0l(!XE>SSHA(f)`wP5z!C{so`tNp+W+_w>V(htl(z(VtQ
zU5CAJoH++r^x{>p8ZkRT+H~e_@WQ2~lZ;Fd*lXZDsr+{U>h2p@yF>u_JvryIt3rr2
zk;DNiJ_1#kgdV%G19nf~_$jX8)~4hd=<%<A(g9JmZb0Y1v*`TlfVVEp4bdd+ped9}
z-_7u20l%T0BC1b;QO?OSGz;o?^Rd;Obe@^C0WmT^n7-|`iZs+kz=9vn==t)Axf^OW
zmw%t0?KKRTuitixlefEBaSAZtoN~Y$I_DYQ|5xN-lnaWj`Ry7Rjxi~YG1)P^kFiE=
z)$ew)aYOj6tFO2(@@C~WglQRP4JJ>KdY{0UQ?Ls|l3}k|<{e$*qzN3I`~j3o?c|Pf
z<TC5WDhemAy-ox3lpovVhVhe&>@|-&r=4xJ#L_$tq1OLGo6uUigsw<gaUb$v38i)<
zXo!-$e)AHyA}-5kp{p=u3b0E0#+&38F1*p?|CnSrK8k3`+4Ygr!3S${GS1Bi_u{Of
zIk2mVq!kaKrEng7Y`%Q?PO`JqSCpUC56#ReLAC(v$Ee{=lB4Bc2|qDyC#;Qve|tEs
zxXb4%OObY)R*->M{eY)D@yqXM{Pz*m_Zmy%kE7X7CQ8D|O;xSjzXINRz%1eL=9q?}
zEI0<<3vtrKHFc5Sr|3<O9B&LqKx9#xsh6`s6pA&{HTVO$AJXjhaoJ5?sa?ran_`qR
z)4MG8HxuvLA`k<)Aw1Hy%<HB_wzcA$VLx|3EZ+G$zZHw$_gxbUx)7V%mj_V_u;*EM
z42P;+p8DrKc9f%ubwH=@CM+H%M`ufBFV~J!LHvL?{2dQ?46dg7K(vOn$?=UUHiW;l
z0^GaP&owl6(p9}AyfPdZn0NIs^{4FKYSrT~(xPe!A6?ue2uP#vOAVs@Od%sr@4FMw
z*ttD-RfZ`6?mZL}O#dV!FOIpESn_!j4N}HL4sD6=x|nS__dBAvRq3F~tjKh$hlM?R
zq6dKRMe2yUJb#>JA-0&A#{@b^U2UU4-!<(%x9@)R4BXpB&yX~P*`h>blNj<Mi)A_x
z2$isIOMDFNu{sj6)u))Va61412qONE1^6hRzlL>6$1De2YdsaYSRFQg9$|9ny3Q<b
z*11)f4>Ca!6GZNwd;gOpY&gKUr39^KHB%teNM20a4P!!^3D3)kjuajDFhJ0B6d!Sb
zv(D)|9&vu3_*X+-_3Lmisj{?>cg76<5v(LOKEo*+w#Oe8)Nn2Hx3`}v<bb!G$4~Jx
zY*1J@N#Mzar=YTV(w0BdMeo)%nwkOFIOX%*(y!xpfkEQT2dej<VXa)<_Xq1DB+JsA
z_`RG-{MBxh*$qfa_mJIMvK`m34N#uvO1MnDt)nJVkVAmJbE}usp8qWq<?Bu+%@avH
z8Ld0PRweQoHFmz95ik3_x@p%kFYp4v@|dn$`&KfIJbbWP;L`Vs=w`nj{MPXtD7`hu
z;tm?H=@{f!qX_`qRUZAxF|nqZ!cN3M`TbBYj=rTsX&3*^GAo;;-%yvco5{z8<*aX{
zDO(ZgVXb+G1_Og?*emK!;V((HU;pK8ZN@#J%O0pxXqzM?_j^X+2bzf+D+TDgwAy7z
zmduL^Pj*XBk^|s%I}+^__O88&nn!~WEY#J&5aN>Etdr9~CxNC@O>Ww;`u7(_6~RYd
z_@W<XY)zi0V1dpC&t}a115gF@z<;jajJV9R@d$!T-Vx`&>P=01rGUzY*p3N#5PCH%
z+yZ2qO1H4LqzDc{We6xJd6R()`Sb=f0w`o-*XXP?7EIJAi+OHnxx);2pS%A;j$W6b
zzG45FIRiVAloVAJ&ZbksIMWzXdN!T5`EIs+R>pY+*A{<3{U+LLIE-$0a75?)*d9MM
zt`TfmqtKXVd@ZLSG2})T16cgfT1q`848G>v==<A<Jx+WLnZbA2CyC6L0uFhh*tofk
zi~z-VKM!AIS&Vyfc~VVXD~e2YVBAmsK>bb9$${`DpX8KNie^KsjhDOWp<=m2c`NI;
z?p9SD$;7+HZNDlbUsK%~7OKrcXXifAkA>f0i3dsitY0!eu{zbh>(7$+)XK99fY(ST
zKP1*&+0g=J6@jmH7bj*-`QtQH0i)M-$185$&9DX0OjQi|P!84(aus=OLH}lT*lNCp
z_3|Py1A(s%F1Ra`t_Lkn3F8N7a7SYUlwpZy-yVIbxXpWOdTuK#yH4iSaP@=LIvZP&
z{3Y@bSsfQ?(~3dpT`anZ2(?9<@nF)$1<=D-lW5-;cp`#VR*?Mn`c^j^Z%W|ay7H#>
zV|7aVeeA7xesh^J4e}-mgEr@v9AT%`{#!%#{9xuRQn9Qe$NVK0G_G`F+6JWPLD1?@
z{8B61jEqoHEw_xa%LV;b>*NE2{<<m+7+#1??WLIw!TZND*Unw`Vc#vNOeJ7$dt5Ys
z*?rOzVaden1ySCituWa9pkLkX;Eu|I+cH|i?a0&U`^iEON#YVg<_6wBFO7yU$%4e}
zwxZ#Td;2J#R_pfMgsHfpC?g8psPPQfVOp^LZz<qf&?42t9HJ>4S<?vz)r3)S%<#r?
zi_$=*d~1fYuyvrz-Y4~kvtSaQh~h9XS@DKlNmmEq6pY*FmK04Lm@3K!Z#FN+?}uiU
z)`c^^miZy6oU#p``W{SD)9<uTa$2Y6qycqd0WMZC<j%k$UgfhGC)$m@3w9T(wgShi
zdXM3aP=5O4+Ly<sda5eTQWS|z7|WmQg$U;he;X{XNQ2hq`v6Bs0VjWcom6h(2=Or0
zhP95Om)aQ7iNEnotJ;T;6teUtw%z$EMjf`!E>v~-x?f7=Kx^s$ZUFzDwxfmg$~^C_
zVJ2<0FMhbq{O?+-$Eoto%s--WavK3+zP`}>`GBWed!4%|erbIy#>#}Wt^Cg9L4id$
zBVt)d)R>d`OihZk<d4IF$;xXsNtS)m3KdzV`DuFR%+Ic!hxis{EU-kSumV^nWk6^3
zZG29p7N_MoIT4sfR8Svr*v^R2D0sGKZTaS~O7Cd5nM-F%E(?@hBj2DTkUGg#1^B?b
z94n}VSGyW(-v2mmmS(Uq=1O0xzIJVRt5ATYqHr*tXeVWa>0e4F&n+!h<KWW_Grpsd
zZ?T8-;5QE$S%c)xoIBVgJZQHjAH41Sii?ie3}61?3tdMD6oGO$a~^Q@_Q%2QyQgJT
zhTe+WVSAn53gG0kR1XANVQ@JTs*X-xSiMw}Twsow8!sQDnl2T!lFAWKZ=sJckF!fh
zFx2rxOIa>?xpYtH*_xPwl$02qDlZ~58yMg%RI7$KPqR`ThR>hy?{qZrP=NgV);B^@
zdZOv=FHr`UmSkjPnWm=@LMpfL(@Q%v{Gag3G%?*E|6|YLlUSXu=Qu5H4KoM0)kQ6O
zAUQGYlwZm!*d%!+nFmn<paSW^zy_+H`cc>Erohont95fn*<3l&MMS<`6j|IG7kdsp
zXYU&G@y&ND(w%MdxBzG3ox{nXZoH)g<sv=p9Qnpb_})r9?B-|)8M-A<F=Aak3gqx^
zB=Fz-Nr?if=RVX=28!0n3&re&9ClCA`Agz9&)>=eIS}&5?7n$XX15Z<^Av*bveCm9
zOU(<g0km_`3lY4AmiUO;=jbL59(T{2Kn|+a_<Wkz<4!U(Q;x9QtWp!iwa<CUPovPk
zLJc6y)n<&*qHq#!J?><BBhhvGFP!8jeAGu9?jC*``$=SIw7nq*U6+5FUm%!tVlstX
zHyI4n@$X_~qh$OqQq@B8L;=%3l&f^(WXH*u`&KEJkxZHA`E3}$FP*!a3P2rzIN;CM
z*SYJ?Zl?NHlaJw^Ihj9xOkV!`cScSI+T4z(;-GmLM;ralqLx<&xKkaej&*txX9?G3
z2)nm2r3Y5Lp@dJO6clv5P2#YZsZUKNa4XDGosxM^otrMduZAXU>X7SyDk-g2KL6ER
zL*-cQg5r$iY@l1;+6#LjOfAIx`U_GWe}L)n)b-uvzSfz)c`N#H1tGtu!gU?|=Fsr#
z=%45J(<M7W>bxtzpMe9W6Mi%ONkdR7+YQ+K4^-Emv8}aKz7;Sp&rwuFrC0+T>9=?v
z%j%u&zkGli4qq0nf{+CoPd2128I`Wn^;|ou4pDEg%AF*yiZsMC3}5cshhRbhkBZtr
zkat4QWm-OpBc%K`#l)@GS(YTp-DB%a4TyXlqhzD9eSVk{ccxl+nK<F0_7L#0_2Q_d
zl5x<>t`>J}y1Ix0N5zzST3LeH_p1UfzbT<#YN^OGBYl+KLV{zcthTZN(Ry`_TS&g5
z`oq?>Zs-9CpE&WcBf5F%a}(;K?2v=#!+iY&QYmo5M{sSd{*jfn=4GcruuOrG9r}6w
zyokV3X*Wr@i>=T@*ut0!ewL3=$!{^tNS}J%@!PY3S~qSYF9kXoQ3Y<Z(S(-;bV~MN
zs6FtmoUTEhS^dA-yuHVfF0<VnaLdh(_oMjT<0$wtEUvB?s1NZ}#Nycx7-q>kf9J#M
z?MbzjI+;7a65Dx1*$aa6yiX^(u%KHCNTcL;|H)H@i4?npmC{O>FAsVb_TP3r9AE}4
zC+0aM4&yBk9J*Z_6Wug8VhNV;fc_}va9b^;Ul|%R6859LVixXd4hm&W_$OV;Q$j>X
zgqWy3#9cyEb8PLO2V>vb&?`VdXs+paq1=S!&wClMjI#V4eEUMzd_288H*_rebgu%#
zLh8%5{kzLW3F+e<7l%-71P)ap{PtmfEd?EoffQq|FgZQxr6K4mzgT8fG>dc5I{2=b
z9Ikv+zZ8nzcgNRIh!&Xs{@MH*t1$IGv;Kk86xsQmlnC@mjE%}EGi?4{=juV6cC*hZ
zG;I;B3|Xw?YftxIW4@@=;YJb>U2Ty!HyzANv7Z`1Spyq?YYz~CL2X-Cs!qGlC5IE9
zI@CvX1a?<@eflKUeWf$b3_#F!X)Tw;^!sdz;CbgcGc&gU@v*E?;-xOCZpcmlX8+&~
zF>%XicP!}hDhiz9$npXpRxSI^VM#^B!*IT_DmvIa<)}@>3>JBM`qT^7r?0l>XSn;%
zd7)<cV_J<X0uUCRJ0Fbc1|d%(qN}BCMZ`97&bsld?{n9UC>sqPoFOJpQjGR71m08-
zGUxY4SxtaDDc|q-J9%OhgV(l)wo3j+9(Mwi)Tc&N0;9X>PHH<!Gi9lz=3`Rkm4oV$
z>X>aV+DPc8qzA*{`0+P1Kj6AA)Go}_1cE3h#hnehuSA^b+Y9J_gw(Um6J>mKbFkIo
zr3<UHTd9OYol>WQ`)7DhyAUsDO)WbAPh8r0*7w1pr8w#FmbR9s@a}TRb=RObMB(+N
z*$HR0@eBIp_*b?em8bTl3KEwn+pIfWgwIG_-05j|+8-{L$tpAyXQ&j4hk9nazI&hk
z6SJ%I(M&vl8bIWJXTJPi`%3p@UGp<8kGYxmf)altCXfU54!2tY&WlFx=Bf4|&%}*-
zvhFLt-^W%m=j3h2?MQcC3`hU&2{D7JeBQhX$|0UFFb{Y>_L;)jJ^_@6cS3V!=j7}_
zXFoxW_Hl(GOnlGt_qyE|;Ah7P$`T^@x+CRiJ_RH23If?`(G8{_;hlOPP=dSg&yqpL
z$Z$YmUM&%oQ7-)DyWfVJ`8-8y&-p!DML(6qo#j&hxx5I>w`J|uUA3b`5GJRpGaMd(
zFSb3oqjec>Z5j@IYmL&1est4W<KA}8E(O9X9?IWFqm%3c4L*z{^@;su$Ee<Fe{P6;
z$vJ<LDNNKL#?w+X6ZS6rl_I(WwJ%A5DBt>yFE#E}A3KYWz+T=^lGriqvc4F5<4W@Q
zD)-t5^HHrENq4S(>7b&K&D4{Kq}bMc3Rd}^zxI$MWuC#<UP@m=iC6*kkN!{NP?)nL
z3?IthxOhGV5Ww$G4%`f;{3P#{V@JAYy>Ci>@Z*`P`+Sc0l#yI%Dq@|)Whd>Axcib?
zZQ$xmYBJXZI)^-6jnI;Qu&>Y`>pw2z|H3c0ep(h=AeAb33uO0VBh2W;$g@hR!J(G|
z`nk?$c0n=27Rie%{e)4g#Wim|NGkrN)!G|ebv(Am?W;O4)nU6-LLQvZD)sk$5~lim
z;t$<w4AfMFzAwdNeg2SC|JNdY;O)L=uz%Lo5Bwb-IA62No;Ij?4CemtU3}r*1$lJ#
z?sqW*B_<&*a#?Xm^Qn-Gg@*ZJYxXN;5~$m0A|ksPkV2vpkphBzDyczJrL25I5@8H$
zt%gS)Bbn|d@#S5K29WjcdDsgRc&O;5%8WD&Q4-M_V1a0M6A+(4%tRi~C8<K=qXgtI
zZrCmr9q7{2{#vIEyrtg4G+jW4O`{kiQ>TGmUrm*a)|ETThSv_(;IcAV5~hk5w9rW=
zn8P+DM~!ecy;+o3P>W@#|H`_`=se8SIGhJofky|;M<o=vB_09r;%qs{p6WM&Y`ByH
zolGT&68}HQXO-2?9=r1&#$zIkK9N1$XG|sC=i(LWgxV0*WCE4B8Qy4o0w93_S*oJt
zC~)(<I`mXk@mYg5FC{AgdX(;bVvRe(WsqmON+v#XDe`6(E(Fc!!H|0H<NV>EE%r7d
z*rIuyvHr0ePD96Ml@1y7OQ;29Hw_x%!4vdDz;Gj~$cHAI_41*UB@Q?PsY5SbHk&A1
zUU5Bit!2Z1ib6N&+bz~NzbXbElD1jupu4TF#PV+rP^Rl?721y-igz0WZ!Jt2A+J&L
zbhX9}m!-ph|DIGPHs9W?*50JP3Db%oan$N5`YmVS@OR}%x}+g4VQs@L`%Q-Ycv$lj
z5NVtYU_%iG=jPedD}ArqocP}zE#Q7hCI8w|ilp<;@fGvH{~OrY^zE%w6trx4E>PM2
zY7INU16u-oMB-x0g>x-MH~2D#yxG<6Y}ox+LP1Y9f3QR(GM@5GwF&DH2)}q)h0`1i
z4An*L6<hZHqgLY~dS0gNY-etQ?sg5IdgBd+L-FaZ{ygRzowT0Oq=4FzT_0PCc0wKa
zHl9sUtFgffR!^BdznYDp9Np(Ss#|ueB`G>p%dT@CWL4aNxKACEFAJR+#KC{BJ9!wl
zJa0jxEw%7j3bJBuV^{t9=W_@(`}l<T=Jf5;AHNE?%nkBGIEoO4ok{W@u4{$juDwd;
zfBlh0zw`k%`P2j*M#PPOvIbD*8~H9$o!2=YQ<r=dP`Q7#wfz&R(|tdp-1deICZrdh
zYP(K>zjYe+B1_*3n^ULt^jK)1x#lTKLvWR{I)8w%M#<3QwGId~DWYF4{9mlv*2VCz
zHL`d+PrFU!bcU&#cW*crcQNT|Ogb(Pgn8&w5L^{4hnIVve;f;$T!^@kT$FsKaG4yu
cXViTa|E)Yu<;jEB1AuP|vZ^vQQl|g?56c(G%>V!Z

literal 5746
zcmV-&7LDnNP)<h;3K|Lk000e1NJLTq005u>006)U0{{R3wB?vZ0006aP)t-s00018
zSz%vaXkTDyQc_$<LQPUgR99ADQczh*M^HXHML;`7J2XAVQ<>zO$JKYR&Sj;`T%OKl
zrPFe)(r2gFce37xyWWq#;g!SYr_Aui&+pI3)X>xF*5l{f-`mpI<I33K)7{$0)!@k3
z*~!(<!_CLB!LF~gp`xgelbV#3oSBrLeu0Q~cz}F<g^rGtk&~H|lbWilu(Y<ir>U=}
zrK*>gou7J?fq;mFfrxu}e|~#|ZfkR4UuRugWL8pIOh{7p&9U6OrR>qa?$W{O!>q%-
zyuXaB*mknneYM|-zTJhp<)X^tq{`;H)4006gMx@~Z+CQadTnZQVP9x%ZFZ53l%=Gp
z+=sfxPL?w+H#9CdFex-EB`_!=EhZl;Bpxav94H?eBpeqZ7!(~B6C5raEIA@INh?51
zJ3(7INm(vRZ8KMWIADf4X_Y>3qd<JEM1#0Si@-&X!bg$BN|VP;mdsC@&s3k(Rif8d
zrP*1h+Fz>NXs+IIvEh8W<AuNGkHzVj%jlP^-GHuINlR%=QE^#Ve_vjSZfBclT%ll8
znORGlQbVItL#b_DqjYGTdU2(Mc&?3sxQBJTmWIWfh|Qyp*Qt@ztCZQWnc%dW=DDBi
zzN7BKru4<A_sFXE%B}a#uK3Zg`O~uT$g1PTvGB65-Ot6%&dbr()YjtQ+34o+@bIsj
zmA9^}z`VJ}#lys@oXT#4!d!B&Rc|2Gpo;(i09$lYPE!C)Zi$z%%hloK>HYru`Sbkv
z=-SA<%)P6@yrhF^Q$;f-8xRTvG(uNNFCY&|gP4PCcZ8p{z|6?n=KcBp?fd-r{{7qF
z!@Z)7YEXcYWM8nn&ELeF`1;}G>c7>Lr2qgEq)9|URCwCVmPL9SK@^0O7z8s%Fnd7E
z%&Tn8*bKV=6_OS`GxZ2+CD#8{y?WihqEN1U+r7Q3m&2U*YZK*{W0-T|4zF&?!6pKp
zb`UpW*hyTL4^K7@u<G!s1fw|Fu54P)*%${gMxEQV=WkNL1=pA-r4Tbn5-S9oL+G8w
z2<KdCt<)Tm49_#0V_;*%I2UR>9&07}RMffHm_f|U3>+J2CFY11S<lPmf-s#oN~gmx
zo6C8tA5Oo#Fz`7cz9<#8x37Br;b=4(4*R|C^;V%&$s8Y_u66`((A>c1gv=c|L@1@F
zuS!M<az=w#t5G^z<)+N`DCYtI$6C%k6nX(YYdE7*%8TOO${5owpCt^0+-Ux)*7I_M
zD0T;pd?vSoiS!$EmM~}@vU%Cy@i#@B-c2P~{yfHJByU=%O}P9$QMZ3t3YW}xn1qCZ
zP|O_!ytgD6N?un^mYQ(M1whcO6jJif#E8==EzU*X^Ss>gQ4j=2N73xe<8!pAD@dDY
zrQm{pL4u9i`Rsod?<AY5mI_<#+itged%IPrgeUe1xA99rt&~*C%-&bUQ2Zu!lKyjk
z9qW%Agb5`CW7ip87qixYR}=tY<q7dMJgCcHC-I0dWi#aI(j>_nTMyIm37`Tx{v*k^
zze$HB&kiu3ps;52Pw}`=&*}sTpqp$YfI`Fi`w^fN93D%UVcZFA0ol|68~==BfTy(9
zi%SRXrR)Kx8Ee691bEN4eLrPe5;hwm6)heBTCbT|3+)Uv8H+bgbY>0MrnAAeHBW+l
zQ39S8F`z{gF91TsR=1gF?X^l-y^fe%2fr+J30G1}!4N`8@OI9U&;JYkh?Y>9-ncim
zfG6$f_?}<Qr6G2Tr<Mj*lTebVJcNW<qU_lL9<_+z(Gt!R<_0j9vE%b9@qetE1(TaV
z6vykmHhh9}cei?T)$zI`vFprH{S>kDK!6AkJ2DBJB$e;i4GTn|2Kmp8o&N6q-`jn=
zZ<|kQ2uWfdXN2nw`v`uu-(dzmK^pqvV2n*BlN>{Z5eJn1dS~Q&H$UWXE51k=y=5?#
z60<dBGCUUxA%yMTP(NDx0+${;tl?Q#osY|8>ylD*5VIXZzz0!Z3^+`|7r4R4LOw&8
zWR$e$v(dWwJ<Cq72Hn<tP$C<~owV1!fV<xz;DY9&kEFz`S($XyW+p;T&l9KH+*O|z
zzzCnUlt2e@yZygEur}imuwP#UQ8xP<iChG;X>kC*HrlTFO#~*OjUajmG#HLVBOwwc
z48Yp70Q84$rvsspSya1?W^@|sAVx{tx}FJ)jL=D55co7lg%LsrTwezt-gA>94jq1~
zg(jHF{z(}DAfki?U6|s8j8Rc^Sjz_3xDt-9J^G$&8*o%;MG{*)7eIhW6mN8v497UW
z`P)(vyrJjvzi>JW8tZ`NhR~T78iryLLTeb43<Yv6_~An^6p2zy%3@*SBUl|U(BU)(
zCoVxil4%0u8S41tm}UeEulaNeD9ytNo0SaX2H^VIvcpc{^gF+5SCDI>h|?8Wk*mk7
znEh{M*r3M%bj=O72QZXs{1b^-ML9fFl=5*h^Z$fG6gT>Q?Cf-#0Mm^IQzw8ANU1V>
z_W#9^1|aV6L^m=E0f{ESL`*(}l21|@8zzU_1~|Bam@Uq*$A`MAb^x<9(Kf(UGyq$z
zWJ3<cPYgi$n`i?th3J4pn*cpzLodk3s|KJ_{u5wE<SmyQA#4CX8*m0VhXhRPAkUOF
zymDEQi@)a+6ATT+i6-zUu2=E7DW_Eo0a3~fcyvhbA6M`FmXGI-Pb!tlF~yh&DJ%dF
zp5R`_DWG<Ejn@B2`kM>^kK#Mqv}FY0w^hoDa;V5B6lbau)IQ+w=;GYm+`{CPx(Cf%
z4!|-F^YzF;z$(q|?e1=Jzw`H7S<%-bs&z|b5DoDEFOG&DKXbcWu1go5&5sY%_F@R=
zCF^A@K)~ajU7($K#v1Uh$_JNoDq)J?`g@yO-PBdoqYfxB*X^f^(~oZl;Q1Bf>aj_w
zfD{DWw+56-N_{P&Tf<D@5HRrn&BD}0pV81^Ygd<_`?Uis+i+l4i)0@F0&R+xfcKQ6
zLs|Fum}&VhVgv;A-~R7*YkJm=VCrnH_6`bPbNkiHRS%iW<#Kuwmg;~zdzOH?l6<7l
zw5$QL&46N98~hPA8rJEh)u-prpYH%qVO%KT@u+tI9+Hv@KzS8XQUU2d<)Bn#N~OK+
zW5v?qG_no>aXT&l&>(m{G(EPsxG;O>>CH7y0E7^sgu;O;zzF<11UlKS0dBL_EmeFw
z9^c*FSCgSkr&?-6zkhpoX2ezxGcY<i2`2V~BZHGmYv6Zzqax&kh}pdQXH}2)(w2aU
zEj7Md6}TV?&GaG7VgIFZJ9uNW*Kgjs1)e!QJv;w+@>y*|N***SpS@Qq$;!$8_VylU
z>981A`5>Tj(wu@B8q*y1*}B;pd+NeHu!@nj+b?c{cQHXpXVYyKg<?sr95V^g+F`xK
zt2MymW`|Q@ALLudU)nLa`<6cW0`lUhKd>G<Xb~tENi3G-;%`=I9y+`eE7u%mg{J6I
zh~{v>)otsf`5aT<5}=67-2qCO2n5&z3l*edDVO~-V6BRkO7p>m3+g4}zisQ-KJ;ky
z`m=LqXP3IWdxm<tyI&Cg<bkE~k~N-g@y=!~fbw0jDS#1NfBk^HwtL^v*VnKC&98aQ
zfQ4KECSxwIDVJ+HT5j*`>};xMtMc8Z0J4ZaCh@x$Pqjm17l~x6xqO;So6-{CHgw&a
z+cA|-DK*8J4}0|h;xF`O)$tgDZh?__o@e+%Bc8}HoRBXVh^1;(hI~zVnxRlVfC1O+
z@ToS1FbY|kBvPDIs3XULrF)4&&2_C=kV`;vx!A<V1wjDK`>@l2wp+9)VkSZh4S?G_
zU|-Iu=?O?AsaO<&q+(8$UOX|>|6Y@8u3p2A@8GxtvxI0UCKPnsbbM<^1%#!Om2!Dl
zMg>)Q7+5ao(F5qe{dl-tfFm=<k{K}1hR6sf8HJPP67{q!n3Dn^W@4Bz=|tfWwoN8K
zyla((F>)gm(=*WwWk%$U0IvIQ_MU2^M!W8q|9T-A+SnjNR8q_z{F_pUPX{EfpPm`(
z8)%!!{Z@n$wE^@YLU9&|1wk-<?k)+(oV5rdmpd+Ad$QQwCdQG0&YT%SjBI@T2oOX2
zEHC96+Z~DL*rX|OrHJ2nzZvinIEGxleYJafq&<1qc_(iQBLDs8&!1mEfBN__6p1lh
zGMP%JQ^_R9vMitDQ>MUD1jIuwbiBiB@AEta;d(wl+7`n8t_QhR#9aFO4<Nw!;UfrS
zC>)MNBKvVR!GrJ23qsBs(0Bb&-^{ZP#0O8b?v?hqJlK0bo6DOCRm82&z-u)l>7*cO
z|43`Z3o#!Ayg4^IJi2hU16QA05jXx3VR&e$w^LPD|IpB|8L<!C6y=)#YF=OgpUU`)
zb8}E~9gO1m+P0ImZQHi-C2QMB%8T)}&~+Z*&V9dVJEush|Ll(1=KPM5eA?gL-G0v(
zqjFC_i^I)Tf?N*tttiMS$n$JoB6v9hn4XUH#jBayo12?!{-0traYJ~zl?y`&t@q|p
zd@yMLU0(CQx)%N@ot9<ql@Nby2#=7Ks__N1veZ<Zo#B>RHs<f|z(Y9$ALyB(1v(JL
z#0*+*!^b+>ejA_`?^&&mx-ru&%|pr}K78PBFl2KTK3o^X6Sj;Avp?8yj{UPy_&`i3
zm;qB%%m8lo<J7Xry0`B>{l0%iWVQ6I-0yfqna9d6y)YCm!7?(3>*kTLwYq{Qw5!bY
zffx$RSRy7G2{SWODtrPK5J@cPzy2}Y-`^WpD?A9J_TDOhd=Ha>9vPX!u%b@bEVS4J
zgvxkBA(X^IGb*)Ot+LE?9G1?vPgYKGeW3AB(;6A{{>v{`CxZu~*?Ws8qn=zC&w2GX
zrFIdal|{Sdmx&F|+=_UNS|dqKTNs)d$SN%!YYbXOutRZ`*!*wwi&hH1S)L#Nyq^yo
zg;%WM@dc7t@sog+g~yAH3wXR#76z%AYQMnwW%G?;X!l&qB*O=tQ6kg<;p6j1y-!hI
zI)o-?Vh+vQS<uc*i>E~d72p9N7&_Wmw%B)tcF%+l7&ZJrPDaAV2g8?!s@x1S<M|cS
zmHBqwQKa-T8Z$B0hK@GP3D@^7gz%}sBLz{c_`-kxx3dy+eoqk|OUdv-4T7!?HxV)d
zlB>i%@WBrh2o3kGoe4=P=`M^X<7h||NVcLb4>sVK6|r+EG>;m7V6&MM6EQr)Ez|jj
ze}5>%52U7K?Og7WBq2o*?Hu3mQbWnw(Dm&Mo(^!%Xo$IiJSip^vb=|+t-#AW$Jat+
zG@=w+7=9S*!b`I-g(@}(WseVZwkr{C9tnImV&vhruB^+jfea_d7sKvVV?I9NvJIka
z@A`O$<Ow$pucX=%Zh&_2gb1ETJ2gU2sTgev2%P75I}7f%VJHfBOzD_8G-f6`IA)^6
zoY*DXv1~=s82-=x;w**SkX0qhEgbCWcdqoF>G`JQVrC#OA0@2W6-#w->oEO|9>LQ^
z;Fc%cjV1T|%I%V(vW>*nX%XI!Zz=yPuxSHaq6mz(<#?aNy}12ZV=B9d{_#(4`<RID
zMqic;SO=S*aYjwN&Zy01+uZ5DI(R>M77QaI0vJ8a^AyMOwV&J5dvoy1A_r+T$`J(w
z+m7(?ZBRQekhu*fzWw|a>nGcMG66q6E~f6k(;E^axYb(wl==HNN+%f*?#`!=YpaPV
zYX{1O>IRG+qygsMX0!z09G)y-xb0BdEy#6B643oJSwOJqSxSd_yJ687xIali2tc^`
z(Qv?%tICVsmT>W80l}6Oz~gtcqztEq$ix7n7!aiZp5M?lXFcb`NfF|Z1Mpu->mqbq
zfG2~9cmUsP-BRs^U^2^G2ON9wz0oH{V&1Ql3DrorITcXvB~%@E0)#jMu{J*w0Mr!Q
zjieJI$`@`rAOc7?A|%p}BUFD=0RL%p6ZZ8GN$-MGX~*I-p9j31soEZq-(=FyW=`L;
zjQ)V-IXHn8o=yWixyl^$hQD1S(rY;VjQZ5dQpFrV=witRQotjrkEGX|g9zuKYy){N
znohngRr(X^P9V)ff<izQ?L5qp=3os-!mtBGBpV1hu8RwoOTAevy3VSkP9z>hcn)+-
z+3RJim5`+;-@dc`2+K7v+;os@KIc`55>iCdU}CLDxBaj#2e2Ljrf5fj2e5ejO(~J6
zWU)ON16FIGF4aH~T+L7M5xy!{l45mj*fju&v>r(1-Q^us%`RW3Sc?fw%MRoKqOfJ)
zoc{78Ct>0I%k`SMm~oB*N?c&z+tw%kD20=!U#<UKHY}PHSv9DK3xER3Ti{^9sOYch
z=@vKQnYXKM-CDhBwd=%nV*3<Orh$%Cv6dQ_kw17aTYR)-K{IU^$N<E!ZQ#5?``Rsm
zWT@<pU}4@100@!11qL<S)MI4?W@8GEwgRRI%c@{%VB@%@tj-I}676EwtPvv8HX!hA
z#;2(pM8@_HYzjey@YwmnTCL{$^q1?j0u_{(S%HDEr_*CU4ig-C^K)|!lU=2J3{Y$&
zH1`0G7m%R9o3qte6pE^STQ_q>V5qkEcq>F?obFM){`n~Ct0PlFl^oW|*qVz!Px1N!
zTITHwMFGO>u6P^bF*Rr3QHI2$+&f<snoivw0XPmq6u6E$EMO+Hd`d`<H-!L>-fD2L
zV5>tTdP;(T`KOy{HzcE8V9u9QVwgk$r*cm>1JEiJVLs1}F@{EMeHH~Q<{nPRgrjUk
z9Qh8#(1+z%Z8%>PCCopF2|<K}4TM3w!1{oMxK^0@UD{>@#R$ch83E53l9AcS^fT6s
z5*B*s17w7lh#9z`Fq@3QeAed|`4Ir~&pt#kp;$Geu;%ER!7jA>^HHrEEf}TnY!d_x
z69rD6J=HLnO<jbEh+btyi%(R~K1_p#iFnDUr!Kvp(u#BM8!4&08ZlpsddT)6YdB;n
zeDx4`)vDtpKUSbSl+(C#d{jQR4_kM8_}7^r2mlB?*Y~O|LetP=B{NO+)#p<xgm)iC
zpp8g)?Q1G<?Iw`bRHegrI<*Dz??Zk>g6k3JDDY;>6sk*>vHn`hw6wrJj1{IJ5>$sF
zNGRNT|K&ZU8_~?%Ig@fKEz%ELh=`Cu?!lycjPFVI#QBwL%chlZFSBO(F}D3=c*qzb
z!i4l$+Yof|ZGMuUDi%+jxcvIwXVst+ujS0`>*r4vi&Nv(vz@Jdm@pD!Oq#-o?!0cn
zO;1`Ng@YH*T)%PS`ilR}*41GwAsB|?uYuKZmmkiFSsCNkDFh}dU<;4iy2De!i}Mgh
zIgXFg@~v>LQOdr5degtn-GYJH5Pnedis4kQ=L$EI=0Cz2Q85ua^;y?AFKVW8>pU^B
z2<Mi!Be8X#`wvi2xaAy9+?3<|IMt@yYW}>OLygQDY;k;Bf-?U$7D}_`P$;!0Yx{&z
zGpNK<Z@lI(_oIItilyyzRiPNz3Do2Dv|k=Lwqphju*z6k_*^ROoBtus6O)n{v{4S`
zHlmzX3>snORQ~BR8iGdVUuHS$2%5=j^Sf^_3mNo7_C$R26*;u@&v`GL6dCly({d`r
k*v+9UPWAAyI?4RK00PvK_Gkf@#{d8T07*qoM6N<$g2ojg82|tP


From 06312859bd96d8f87316f1fee9c887b0800e1588 Mon Sep 17 00:00:00 2001
From: rosidae0 <82954131+rosidae@users.noreply.github.com>
Date: Mon, 26 Jan 2026 11:13:29 -0600
Subject: [PATCH 4/5] add Espanso schemas (#5319)

* add espanso yaml schemas

* fix match.yml description
---
 src/api/json/catalog.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/api/json/catalog.json b/src/api/json/catalog.json
index 8431efb8e92..5d88b60bd5a 100644
--- a/src/api/json/catalog.json
+++ b/src/api/json/catalog.json
@@ -9268,6 +9268,16 @@
       "description": "pgxgen configuration file",
       "fileMatch": ["pgxgen.yml", "pgxgen.yaml"],
       "url": "https://raw.githubusercontent.com/tkcrm/pgxgen/refs/heads/master/schemas/pgxgen-schema.json"
+    },
+    {
+      "name": "Espanso match.yml",
+      "description": "define WHAT Espanso does",
+      "url": "https://raw.githubusercontent.com/espanso/espanso/refs/heads/dev/schemas/match.schema.json"
+    },
+    {
+      "name": "Espanso config.yml",
+      "description": "define HOW Espanso acts",
+      "url": "https://raw.githubusercontent.com/espanso/espanso/refs/heads/dev/schemas/config.schema.json"
     }
   ]
 }

From 78e1696cfc880b9032b50d40ce23124e559ff504 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Mon, 26 Jan 2026 09:13:57 -0800
Subject: [PATCH 5/5] [pre-commit.ci] pre-commit autoupdate (#5320)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

updates:
- [github.com/rbubley/mirrors-prettier: v3.7.4 → v3.8.1](https://github.com/rbubley/mirrors-prettier/compare/v3.7.4...v3.8.1)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
---
 .pre-commit-config.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index d0c5857b234..f70a8adbc90 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,7 +1,7 @@
 ---
 repos:
   - repo: 'https://github.com/rbubley/mirrors-prettier'
-    rev: 'v3.7.4'
+    rev: 'v3.8.1'
     hooks:
       - id: 'prettier'
         types: [text]